No check for incorrect symbols before saving!
mikestefff - February 19, 2008 - 00:27
| Project: | Stock |
| Version: | 5.x-1.0 |
| Component: | Code |
| Category: | bug report |
| Priority: | normal |
| Assigned: | Unassigned |
| Status: | needs work |
Jump to:
Description
Hi,
I'm in the process of tearing apart this module as well as the stockapi module. I'm writing 2-3 other stock-related modules to tie into these and also modifying the others to work together. I realized that there is no check for incorrect symbols before they are saved into the db. Before I begin changing the code, have you approached this issue yet or have any suggestions for correcting this problem?
Thanks
#1
This has not been reported before.
If you have a patch for it, please see here http://drupal.org/patch on how to create one, and submit it for review and possible inclusion.
As for rewriting the module, I will consider the changes for inclusions as long as they are simple (not complicated), modular (clear separation of components/functions), maintainable (easy to understand and modify), and backward compatible (or has a reasonable upgrade path).
#2
i just finished fixing the issue...this is my first module so i am not sure how to submit patches etc...i will however show you the changes here and you can let me know what you think...i will highlight the changes.
===================
function stock_contents($format = 'block') {
global $user;
switch ($format) {
case 'block':
if ( $user->uid ) {
// get the stored tickers
$symbols = stock_get_user_quotes();
// get the quotes
$output = stock_do_quote('short', $symbols);
}
else {
$output = l('Login', 'user/login') .' or '. l('register', 'user/register') .' for portfolio.';
}
break;
case 'page':
$op = isset($_POST['op']) ? $_POST['op'] : '';
$symbols = isset($_POST['symbol']) ? strtoupper($_POST['symbol']) : '';
$saved_symbols = '';
$output = variable_get('stock_description', 'This is the default stock quote page.');
//---ADDED !!
if (!empty($symbols)) {
$symbols = stock_verify_symbols($symbols);
}
//-------------
if ($op == t('Save') && $user->uid) {
// If the user pressed the Save button, and is logged in, save their preferences
stock_save_user_quotes($symbols);
drupal_set_message(t('Your portfolio has been saved.'));
}
elseif ($op == t('Quote') && $user->uid) {
// If the user pressed the Quote button, and is logged in, show his saved portfolio also, if it exists.
$saved_symbols = stock_get_user_quotes();
}
else{
if (empty($symbols)) {
// If nothing is entered, then get those saved, if any
$symbols = stock_get_user_quotes();
}
}
if (!empty($symbols)) {
$output .= stock_do_quote('long', $symbols);
}
if (!empty($saved_symbols)) {
$output .= '<p>'. l(t('Your registered portfolio is'), 'stock') .': '. $saved_symbols .'</p>';
}
$output .= stock_form($symbols);
break;
}
return $output;
}
=====================
function stock_do_quote($format = 'long', $symbol_list) {
// Get the column headers
$headers = stock_get_headers($format);
// Convert the space separated list of symbols into an array
$symbol_list = explode(' ', trim($symbol_list));
foreach ($symbol_list as $symbol) {
if (!empty($symbol)) {
$stock = stockapi_load($symbol);
//-----REMOVED CHECK FOR BAD SYMBOLS!! (NOT NEEDED BECAUSE SYMBOLS ARE VERIFIED BEFORE CALLING THIS!)
$rows[] = array('data' => stock_process_data($stock, $headers));
}
}
if (!empty($rows)) {
return theme('table', $headers, $rows);
}
}
==============
//NEW FUNCTION
function stock_verify_symbols($symbol_list) {
// Convert the space separated list of symbols into an array
$symbol_list = explode(' ', trim($symbol_list));
$verified_symbols;
foreach ($symbol_list as $symbol) {
if (!empty($symbol)) {
$stock = stockapi_load($symbol);
if ($stock[8] != 'N/A') {
$verified_symbols .= $symbol . ' ';
}
else {
drupal_set_message(t('Invalid symbol') .': '. $symbol);
}
}
}
//Remove extra space at the end of variable
if(!empty($verified_symbols)) {
$verified_symbols = substr($verified_symbols, 0, (strlen($verified_symbols)-1));
}
return $verified_symbols;
}
===
seems to work like a charm so far..
i figured this was the best way to approach the problem without having to pull yahoo data or db queries more than once..
let me know what you think
#3
Please read the link I sent in my previous comment on how to create patches.
DO NOT post entire modules or large chunks of code.