ulysia/szurubooru
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Added upper limit for user and tag length

Browse source
This commit is contained in:
Marcin Kurczewski 2013-10-19 20:51:32 +02:00
parent 019ce6a141
commit 65df7f8752
3 changed files with 12 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
config.ini
View file

@ -30,6 +30,7 @@ staffActivation = 0
passMinLength = 5 passMinLength = 5
passRegex = "/^.+$/" passRegex = "/^.+$/"
userNameMinLength = 3 userNameMinLength = 3
userNameMaxLength = 20
userNameRegex = "/^[\w_-]+$/ui" userNameRegex = "/^[\w_-]+$/ui"
salt = "1A2/$_4xVa" salt = "1A2/$_4xVa"

7
src/Models/Model_Post.php
View file

@ -32,6 +32,13 @@ class Model_Post extends RedBean_SimpleModel
{ {
$tag = trim($tag); $tag = trim($tag);
$minLength = 1;
$maxLength = 64;
if (strlen($tag) < $minLength)
throw new SimpleException('Tag must have at least ' . $minLength . ' characters');
if (strlen($tag) > $maxLength)
throw new SimpleException('Tag must have at most ' . $maxLength . ' characters');
if (!preg_match('/^[a-zA-Z0-9_-]+$/i', $tag)) if (!preg_match('/^[a-zA-Z0-9_-]+$/i', $tag))
throw new SimpleException('Invalid tag "' . $tag . '"'); throw new SimpleException('Invalid tag "' . $tag . '"');

4
src/Models/Model_User.php
View file

@ -77,11 +77,15 @@ class Model_User extends RedBean_SimpleModel
} }
$userNameMinLength = intval(\Chibi\Registry::getConfig()->registration->userNameMinLength); $userNameMinLength = intval(\Chibi\Registry::getConfig()->registration->userNameMinLength);
$userNameMaxLength = intval(\Chibi\Registry::getConfig()->registration->userNameMaxLength);
$userNameRegex = \Chibi\Registry::getConfig()->registration->userNameRegex; $userNameRegex = \Chibi\Registry::getConfig()->registration->userNameRegex;
if (strlen($userName) < $userNameMinLength) if (strlen($userName) < $userNameMinLength)
throw new SimpleException(sprintf('User name must have at least %d characters', $userNameMinLength)); throw new SimpleException(sprintf('User name must have at least %d characters', $userNameMinLength));
if (strlen($userName) > $userNameMaxLength)
throw new SimpleException(sprintf('User name must have at most %d characters', $userNameMaxLength));
if (!preg_match($userNameRegex, $userName)) if (!preg_match($userNameRegex, $userName))
throw new SimpleException('User name contains invalid characters'); throw new SimpleException('User name contains invalid characters');