diff --git a/Core/Model/Balance.php b/Core/Model/Balance.php
index 820e53d9e0..d84578430b 100644
--- a/Core/Model/Balance.php
+++ b/Core/Model/Balance.php
@@ -125,7 +125,17 @@ public static function tableName(): string
public function test(): bool
{
- if (1 !== preg_match('/^[A-Z0-9_\+\.\-]{1,15}$/i', $this->codbalance)) {
+ // escapamos el html
+ $this->codbalance = self::toolBox()::utils()::noHtml($this->codbalance);
+ $this->descripcion1 = self::toolBox()::utils()::noHtml($this->descripcion1);
+ $this->descripcion2 = self::toolBox()::utils()::noHtml($this->descripcion2);
+ $this->descripcion3 = self::toolBox()::utils()::noHtml($this->descripcion3);
+ $this->descripcion4 = self::toolBox()::utils()::noHtml($this->descripcion4);
+ $this->descripcion4ba = self::toolBox()::utils()::noHtml($this->descripcion4ba);
+ $this->naturaleza = self::toolBox()::utils()::noHtml($this->naturaleza);
+
+ // comprobamos que tenga un código válido
+ if (empty($this->codbalance) || 1 !== preg_match('/^[A-Z0-9_\+\.\-]{1,15}$/i', $this->codbalance)) {
$this->toolBox()->i18nLog()->error(
'invalid-alphanumeric-code',
['%value%' => $this->codbalance, '%column%' => 'codbalance', '%min%' => '1', '%max%' => '15']
@@ -133,12 +143,6 @@ public function test(): bool
return false;
}
- $utils = $this->toolBox()->utils();
- $this->descripcion1 = $utils->noHtml($this->descripcion1);
- $this->descripcion2 = $utils->noHtml($this->descripcion2);
- $this->descripcion3 = $utils->noHtml($this->descripcion3);
- $this->descripcion4 = $utils->noHtml($this->descripcion4);
- $this->descripcion4ba = $utils->noHtml($this->descripcion4ba);
return parent::test();
}
diff --git a/Test/Core/Model/BalanceTest.php b/Test/Core/Model/BalanceTest.php
new file mode 100644
index 0000000000..d9950aae46
--- /dev/null
+++ b/Test/Core/Model/BalanceTest.php
@@ -0,0 +1,73 @@
+
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program. If not, see .
+ */
+
+namespace FacturaScripts\Test\Core\Model;
+
+use FacturaScripts\Core\Model\Balance;
+use PHPUnit\Framework\TestCase;
+
+final class BalanceTest extends TestCase
+{
+ public function testCreate()
+ {
+ // creamos un balance
+ $balance = new Balance();
+ $balance->codbalance = 'test';
+ $balance->descripcion1 = 'test';
+ $balance->naturaleza = 'A';
+ $this->assertTrue($balance->save(), 'cant-save-balance');
+
+ // eliminamos
+ $this->assertTrue($balance->delete(), 'cant-delete-balance');
+ }
+
+ public function testCantCreateEmpty()
+ {
+ $balance = new Balance();
+ $this->assertFalse($balance->save(), 'cant-save-balance');
+ }
+
+ public function testHtmlOnFields()
+ {
+ $balance = new Balance();
+ $balance->codbalance = '';
+ $balance->descripcion1 = '';
+ $balance->descripcion2 = '';
+ $balance->descripcion3 = '';
+ $balance->descripcion4 = '';
+ $balance->descripcion4ba = '';
+ $balance->naturaleza = '';
+ $this->assertFalse($balance->save(), 'cant-save-balance-with-html');
+
+ // cambiamos el codigo a un codigo válido
+ $balance->codbalance = 'test';
+ $this->assertTrue($balance->save(), 'cant-save-balance-2');
+
+ // comprobamos que el html se ha escapado
+ $this->assertEquals('<test>', $balance->descripcion1);
+ $this->assertEquals('<test>', $balance->descripcion2);
+ $this->assertEquals('<test>', $balance->descripcion3);
+ $this->assertEquals('<test>', $balance->descripcion4);
+ $this->assertEquals('<test>', $balance->descripcion4ba);
+ $this->assertEquals('<test>', $balance->naturaleza);
+
+ // eliminamos
+ $this->assertTrue($balance->delete(), 'cant-delete-balance');
+ }
+}
diff --git a/Test/Core/Model/IdentificadorFiscalTest.php b/Test/Core/Model/IdentificadorFiscalTest.php
index d37203fcc6..f7cfff130e 100644
--- a/Test/Core/Model/IdentificadorFiscalTest.php
+++ b/Test/Core/Model/IdentificadorFiscalTest.php
@@ -23,7 +23,7 @@
use FacturaScripts\Test\Core\LogErrorsTrait;
use PHPUnit\Framework\TestCase;
-class IdentificadorFiscalTest extends TestCase
+final class IdentificadorFiscalTest extends TestCase
{
use LogErrorsTrait;