From 921ea49debc5ec5b1e89a81b93470b29cab4920d Mon Sep 17 00:00:00 2001
From: Marc Michalsky forumZFD <michalsky@forumzfd.de>
Date: Fri, 19 Feb 2021 14:44:06 +0100
Subject: [PATCH 1/2] [#43] [#44] validate campaign_id

cast numeric string to integer and test if a related campaign exists
---
 CRM/Twingle/Submission.php | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/CRM/Twingle/Submission.php b/CRM/Twingle/Submission.php
index 0daee20..b96c64e 100644
--- a/CRM/Twingle/Submission.php
+++ b/CRM/Twingle/Submission.php
@@ -117,6 +117,30 @@ class CRM_Twingle_Submission {
         );
       }
     }
+
+    // Validate campaign_id, if given.
+    if (!empty($params['campaign_id'])) {
+      // Check whether campaign_id is a numeric string and cast it to an integer.
+      if (is_numeric($params['campaign_id'])) {
+        $params['campaign_id'] = intval($params['campaign_id']);
+      }
+      else {
+        throw new CiviCRM_API3_Exception(
+          E::ts('campaign_id must be a numeric string. '),
+          'invalid_format'
+        );
+      }
+      // Check whether given campaign_id exists and if not, unset the parameter.
+      try {
+        civicrm_api3(
+          'Campaign',
+          'getsingle',
+          ['id' => $params['campaign_id']]
+        );
+      } catch (CiviCRM_API3_Exception $e) {
+        unset($params['campaign_id']);
+      }
+    }
   }
 
   /**

From c06ba098c190c2509362064927ca8e5832c31c47 Mon Sep 17 00:00:00 2001
From: Marc Michalsky forumZFD <michalsky@forumzfd.de>
Date: Fri, 19 Feb 2021 14:52:32 +0100
Subject: [PATCH 2/2] [#44] change campaign_id data type to string

---
 api/v3/TwingleDonation/Submit.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/api/v3/TwingleDonation/Submit.php b/api/v3/TwingleDonation/Submit.php
index 8d95be3..21890d4 100644
--- a/api/v3/TwingleDonation/Submit.php
+++ b/api/v3/TwingleDonation/Submit.php
@@ -234,7 +234,7 @@ function _civicrm_api3_twingle_donation_Submit_spec(&$params) {
   $params['campaign_id'] = array(
     'name' => 'campaign_id',
     'title' => E::ts('Campaign ID'),
-    'type' => CRM_Utils_Type::T_INT,
+    'type' => CRM_Utils_Type::T_STRING,
     'api.required' => 0,
     'description' => E::ts('The CiviCRM ID of a campaign to assign the contribution.'),
   );