mirror of
https://codeberg.org/metamuffin/abrechenbarkeit.git
synced 2024-12-29 16:14:36 +00:00
move username validation to dedicated function; unify error messages into boxes
This commit is contained in:
parent
373242c40a
commit
e93520702a
1 changed files with 15 additions and 8 deletions
|
@ -112,9 +112,13 @@ local function respond(status, title, body)
|
|||
))
|
||||
end
|
||||
|
||||
local function error_box(message)
|
||||
return string.format([[<div class="notif error"><p>Error: %s</p></div>]], message)
|
||||
end
|
||||
|
||||
local function respond_error(message)
|
||||
respond(400, "Error", function()
|
||||
print(string.format("<p>Error: %s</p>", escape(message)))
|
||||
print(error_box(message))
|
||||
end)
|
||||
end
|
||||
|
||||
|
@ -213,10 +217,6 @@ local function get_active_users()
|
|||
return users
|
||||
end
|
||||
|
||||
local function error_box(message)
|
||||
return string.format([[<div class="notif error"><p>Error: %s</p></div>]], message)
|
||||
end
|
||||
|
||||
local function r_user_post(username)
|
||||
local data = form_data()
|
||||
local amount = tonumber(data.amount)
|
||||
|
@ -425,10 +425,17 @@ local function r_index()
|
|||
end)
|
||||
end
|
||||
|
||||
local function validate_username(username)
|
||||
-- disallow leading or traling whitespace
|
||||
return username ~= nil
|
||||
and username:match("^([%w_ -]+)$") ~= nil
|
||||
and username:match("^%s") == nil
|
||||
and username:match("%s$") == nil
|
||||
end
|
||||
|
||||
local function r_create_user()
|
||||
local username = query.create_user
|
||||
-- gsub to remove whitespace. disallows username made up entirely of whitespace
|
||||
if username:gsub("%s+", ""):match("^([%w_ -]+)$") == nil then
|
||||
if not validate_username(username) then
|
||||
return respond_error("invalid username " .. username)
|
||||
end
|
||||
return redirect(string.format("/%s", urlencode(username)))
|
||||
|
@ -550,7 +557,7 @@ if path == "/" then
|
|||
end
|
||||
else
|
||||
local username = extract_username()
|
||||
if username == nil then
|
||||
if username == nil or not validate_username(username) then
|
||||
return respond_error("username invalid")
|
||||
elseif query.log then
|
||||
return r_log(username)
|
||||
|
|
Loading…
Reference in a new issue