Mercurial > hg > fapweb

diff register.inc.php @ 184:1b30c2107e5b

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Add function for validating input with different definable conditions. Use this functionality in register.inc.php. Define field sizes.
author Matti Hamalainen <ccr@tnsp.org>
date Fri, 08 Nov 2013 18:54:54 +0200
parents 320d6b68062b
children 1fcdc6e752f6
line wrap: on
line diff
--- a/register.inc.php	Fri Nov 08 12:08:16 2013 +0200
+++ b/register.inc.php	Fri Nov 08 18:54:54 2013 +0200
@@ -122,11 +122,11 @@
   stGetFormStart("register").
   " ".stGetFormHiddenInput("mode", "check")."\n".
   " ".stGetFormHiddenInput("hash", $botCheckHash)."\n".
-  " <table>\n";
-  stPrintFormTextInput("Handle:", "(elite)", 30, 30, "name");
-  stPrintFormTextInput("Group(s):", "(elite crew^supahmen)", 40, 64, "groups");
-  stPrintFormTextInput("E-mail:", "(to be informed of location etc)", 40, 64, "email");
-  stPrintFormTextInput("Oneliner:", "(whatever)", 64, 64, "oneliner");
+  " <table class=\"register\">\n";
+  stPrintFormTextInput("Handle:", "(elite)", 20, SET_LEN_USERNAME, "name");
+  stPrintFormTextInput("Group(s):", "(elite crew^supahmen)", 30, SET_LEN_GROUPS, "groups");
+  stPrintFormTextInput("E-mail:", "(to be informed of location etc)", 30, SET_LEN_EMAIL, "email");
+  stPrintFormTextInput("Oneliner:", "(whatever)", 30, SET_LEN_ONELINER, "oneliner");
   stPrintFormTextInput(hashToCheckStr($botCheckHash)." = ", "(I.Q. / robot check".
   //" [".hashToAnswer($botCheckHash)."]".
   ")", 20, 20, "botcheck", "autocomplete=\"off\"");
@@ -143,23 +143,31 @@
   //
   // Check the registrant's details
   //
-  if (stChkDataItem("name") || strlen(stGetRequestItem("name")) < 3)
-    stError("Handle / name not given, or too short.");
+  stChkRequestItem("name", FALSE,
+    array(CHK_ISGT, VT_STR, 0, "Handle / name not given."),
+    array(CHK_ISGT, VT_STR, 3, "Handle / name too short, should be 3 characters or more."),
+    array(CHK_ISLT, VT_STR, SET_LEN_USERNAME, "Handle / name is too long, should be less than ".SET_LEN_USERNAME." characters."));
 
-  if (stChkDataItem("hash"))
-    stError("Invalid data.");
+  stChkRequestItem("groups", FALSE,
+    array(CHK_ISLT, VT_STR, SET_LEN_GROUPS, "Groups are too long, should be less than ".SET_LEN_GROUPS." characters."));
+
+  stChkRequestItem("oneliner", FALSE,
+    array(CHK_ISLT, VT_STR, SET_LEN_ONELINER, "Oneliner is too long, should be less than ".SET_LEN_ONELINER." characters."));
+
+  stChkRequestItem("hash", $hash,
+    array(CHK_GTEQ, VT_STR, 0, "Invalid data."));
+
 
   $email = stGetRequestItem("email");
-  if (stGetSetting("requireEMail"))
-  {
-    if (stChkDataItem("email") || strlen($email) < 4)
-      stError("E-mail address not given, or it is too short.");
-  }
+  if (stGetSetting("requireEMail") && strlen($email) < 4)
+    stError("E-mail address not given, or it is too short.");
 
   if (strlen($email) > 0 && (strpos($email, "@") === FALSE || strpos($email, ".") === FALSE))
     stError("E-mail address not in proper format.");
 
-  $hash = stGetRequestItem("hash");
+  if (strlen($email) > SET_LEN_EMAIL)
+    stError("E-mail address too long, max ".SET_LEN_EMAIL." characters.");
+
   $answer = stGetRequestItem("botcheck");
   if (hashToAnswer($hash) != intval($answer))
     stError("Incorrect answer to I.Q. / bot check.");
@@ -181,7 +189,7 @@
     {
       echo stGetSetting("registerPostText");
 
-      if (stChkDataItem("email"))
+      if (strlen($email) < 4)
         echo stGetSetting("registerPostNoEmail");
     }
     else