Verify username for special characters on signup
This commit is contained in:
		
							parent
							
								
									74c398d60c
								
							
						
					
					
						commit
						9714bafded
					
				| @ -309,7 +309,8 @@ fn delete(name: String, conn: DbConn, user: User, mut cookies: Cookies) -> Optio | ||||
|     ) | ||||
| )] | ||||
| struct NewUserForm { | ||||
|     #[validate(length(min = "1", message = "Username can't be empty"))] | ||||
|     #[validate(length(min = "1", message = "Username can't be empty"),
 | ||||
|         custom( function = "validate_username", message = "User name is not allowed to contain any of < > & @ ' or \""))] | ||||
|     username: String, | ||||
|     #[validate(email(message = "Invalid email"))] | ||||
|     email: String, | ||||
| @ -337,6 +338,14 @@ fn passwords_match(form: &NewUserForm) -> Result<(), ValidationError> { | ||||
|     } | ||||
| } | ||||
| 
 | ||||
| fn validate_username(username: &str) -> Result<(), ValidationError> { | ||||
|     if username.contains(&['<', '>', '&', '@', '\'', '"'][..]) { | ||||
|         Err(ValidationError::new("username_illegal_char")) | ||||
|     } else { | ||||
|         Ok(()) | ||||
|     } | ||||
| } | ||||
| 
 | ||||
| #[post("/users/new", data = "<data>")] | ||||
| fn create(conn: DbConn, data: LenientForm<NewUserForm>) -> Result<Redirect, Template> { | ||||
|     if !Instance::get_local(&*conn) | ||||
|  | ||||
		Loading…
	
	
			
			x
			
			
		
	
		Reference in New Issue
	
	Block a user