From 83105efa13d7b6f5e324992b6f8c239d80929aa0 Mon Sep 17 00:00:00 2001 From: Darshan Date: Sat, 10 Jan 2026 18:08:53 +0530 Subject: [PATCH 1/5] fix: boolean coercion. --- src/App.php | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/src/App.php b/src/App.php index aebfe23..03360e4 100755 --- a/src/App.php +++ b/src/App.php @@ -748,6 +748,14 @@ protected function getArguments(Hook $hook, array $values, array $requestParams) $paramExists ) { $this->validate($key, $param, $value); + + // Type coercion for boolean parameters after validation + if ($param['validator'] instanceof \Utopia\Validator\Boolean && $value !== null) { + $value = filter_var($value, FILTER_VALIDATE_BOOLEAN, FILTER_NULL_ON_FAILURE); + if ($value === null) { + throw new Exception('Invalid boolean value for param "' . $key . '"', 400); + } + } } $hook->setParamValue($key, $value); From ac9b76f3dc24c746d679837358b726d2b2b834d0 Mon Sep 17 00:00:00 2001 From: Darshan Date: Sat, 10 Jan 2026 19:26:24 +0530 Subject: [PATCH 2/5] add: generic comparisons. --- src/App.php | 26 +++++++++++++++++++++----- 1 file changed, 21 insertions(+), 5 deletions(-) diff --git a/src/App.php b/src/App.php index 03360e4..c56de07 100755 --- a/src/App.php +++ b/src/App.php @@ -749,11 +749,27 @@ protected function getArguments(Hook $hook, array $values, array $requestParams) ) { $this->validate($key, $param, $value); - // Type coercion for boolean parameters after validation - if ($param['validator'] instanceof \Utopia\Validator\Boolean && $value !== null) { - $value = filter_var($value, FILTER_VALIDATE_BOOLEAN, FILTER_NULL_ON_FAILURE); - if ($value === null) { - throw new Exception('Invalid boolean value for param "' . $key . '"', 400); + if ($existsInRequest && $value !== null) { + $validator = $param['validator']; + if (\is_callable($validator)) { + $validator = \call_user_func_array($validator, $this->getResources($param['injections'])); + } + + if ($validator instanceof \Utopia\Validator\Boolean) { + $value = filter_var($value, FILTER_VALIDATE_BOOLEAN, FILTER_NULL_ON_FAILURE); + if ($value === null) { + throw new Exception('Invalid boolean value for param "' . $key . '"', 400); + } + } elseif ($validator instanceof \Utopia\Validator\Integer && \is_string($value)) { + if (\is_numeric($value)) { + $value = (int)$value; + } + } elseif ($validator instanceof \Utopia\Validator\FloatValidator && \is_string($value)) { + if (\is_numeric($value)) { + $value = (float)$value; + } + } elseif ($validator instanceof \Utopia\Validator\Text && !\is_string($value)) { + $value = (string)$value; } } } From b13502c85959ff97ac3ffc541830e34662520d03 Mon Sep 17 00:00:00 2001 From: Darshan Date: Sun, 11 Jan 2026 11:58:12 +0530 Subject: [PATCH 3/5] fix: test. --- src/App.php | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/src/App.php b/src/App.php index c56de07..cf1be05 100755 --- a/src/App.php +++ b/src/App.php @@ -747,14 +747,9 @@ protected function getArguments(Hook $hook, array $values, array $requestParams) !($param['optional'] && $value === null) && $paramExists ) { - $this->validate($key, $param, $value); + $validator = $this->validate($key, $param, $value); if ($existsInRequest && $value !== null) { - $validator = $param['validator']; - if (\is_callable($validator)) { - $validator = \call_user_func_array($validator, $this->getResources($param['injections'])); - } - if ($validator instanceof \Utopia\Validator\Boolean) { $value = filter_var($value, FILTER_VALIDATE_BOOLEAN, FILTER_NULL_ON_FAILURE); if ($value === null) { @@ -957,11 +952,11 @@ private function runInternal(Request $request, Response $response): static * @param string $key * @param array $param * @param mixed $value - * @return void + * @return Validator * * @throws Exception */ - protected function validate(string $key, array $param, mixed $value): void + protected function validate(string $key, array $param, mixed $value): Validator { $validator = $param['validator']; // checking whether the class exists @@ -976,6 +971,8 @@ protected function validate(string $key, array $param, mixed $value): void if (!$validator->isValid($value)) { throw new Exception('Invalid `' . $key . '` param: ' . $validator->getDescription(), 400); } + + return $validator; } /** From 57545de0967a8d8c50bc240d55baf2ab7855d0d1 Mon Sep 17 00:00:00 2001 From: Darshan Date: Sun, 11 Jan 2026 11:58:22 +0530 Subject: [PATCH 4/5] fix: test being marked as risky. --- tests/AppTest.php | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/AppTest.php b/tests/AppTest.php index 2c9d136..317039e 100755 --- a/tests/AppTest.php +++ b/tests/AppTest.php @@ -151,6 +151,7 @@ public function testCanGetDefaultValueWithFunction(): void echo $x; }); + \ob_start(); $request = new UtopiaRequestTest(); $request::_setParams(['x' => 'count']); $this->app->execute($route, $request, new Response()); From a29e59d12a3e1a0a21ae09befd6cab059cf9191e Mon Sep 17 00:00:00 2001 From: Darshan Date: Mon, 12 Jan 2026 11:42:50 +0530 Subject: [PATCH 5/5] address comment. --- src/App.php | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/src/App.php b/src/App.php index cf1be05..404d7c2 100755 --- a/src/App.php +++ b/src/App.php @@ -6,6 +6,11 @@ use Utopia\Telemetry\Adapter\None as NoTelemetry; use Utopia\Telemetry\Histogram; use Utopia\Telemetry\UpDownCounter; +use Utopia\Validator\ArrayList; +use Utopia\Validator\Boolean; +use Utopia\Validator\FloatValidator; +use Utopia\Validator\Integer; +use Utopia\Validator\Text; class App { @@ -718,7 +723,7 @@ protected function getArguments(Hook $hook, array $values, array $requestParams) } if (\is_array($value)) { $validator = $param['validator']; - $isArrayList = $validator instanceof \Utopia\Validator\ArrayList; + $isArrayList = $validator instanceof ArrayList; if ($isArrayList) { try { @@ -750,20 +755,20 @@ protected function getArguments(Hook $hook, array $values, array $requestParams) $validator = $this->validate($key, $param, $value); if ($existsInRequest && $value !== null) { - if ($validator instanceof \Utopia\Validator\Boolean) { + if ($validator instanceof Boolean) { $value = filter_var($value, FILTER_VALIDATE_BOOLEAN, FILTER_NULL_ON_FAILURE); if ($value === null) { throw new Exception('Invalid boolean value for param "' . $key . '"', 400); } - } elseif ($validator instanceof \Utopia\Validator\Integer && \is_string($value)) { + } elseif ($validator instanceof Integer && \is_string($value)) { if (\is_numeric($value)) { $value = (int)$value; } - } elseif ($validator instanceof \Utopia\Validator\FloatValidator && \is_string($value)) { + } elseif ($validator instanceof FloatValidator && \is_string($value)) { if (\is_numeric($value)) { $value = (float)$value; } - } elseif ($validator instanceof \Utopia\Validator\Text && !\is_string($value)) { + } elseif ($validator instanceof Text && !\is_string($value)) { $value = (string)$value; } }