mirrors/Plume
1
0
Fork 0
mirror of https://git.joinplu.me/Plume/Plume.git synced 2024-11-25 21:11:01 +00:00
Code Issues Projects Releases Packages Wiki Activity

Verify username for special characters on signup

Browse source
This commit is contained in:
Trinity Pointard 2018-12-02 12:43:03 +01:00
parent 74c398d60c
commit 9714bafded
1 changed files with 10 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
src/routes/user.rs
View file

@ -309,7 +309,8 @@ fn delete(name: String, conn: DbConn, user: User, mut cookies: Cookies) -> Optio
)
)]
struct NewUserForm {
#[validate(length(min = "1", message = "Username can't be empty"))]
#[validate(length(min = "1", message = "Username can't be empty"),
custom( function = "validate_username", message = "User name is not allowed to contain any of < > & @ ' or \""))]
username: String,
#[validate(email(message = "Invalid email"))]
email: String,
@ -337,6 +338,14 @@ fn passwords_match(form: &NewUserForm) -> Result<(), ValidationError> {
}
}
fn validate_username(username: &str) -> Result<(), ValidationError> {
if username.contains(&['<', '>', '&', '@', '\'', '"'][..]) {
Err(ValidationError::new("username_illegal_char"))
} else {
Ok(())
}
}
#[post("/users/new", data = "<data>")]
fn create(conn: DbConn, data: LenientForm<NewUserForm>) -> Result<Redirect, Template> {
if !Instance::get_local(&*conn)