added client and server validation on registration

public/templates/register.tpl

@@ -2,9 +2,9 @@
 <div class="row-fluid">
 	<div class="well {register_window:spansize}">
 		<form method="post" action="/register">
-			<label for="email">Email Address</label><input type="email" name="email" placeholder="Enter Email Address" id="email" /> <span id="email-notify" class="label label-important"></span> <br />
+			<label for="email">Email Address</label><input type="email" name="email" placeholder="Enter Email Address" id="email" /> <span id="email-notify" class="label label-important"></span><br />
 			<label for="username">Username</label><input type="text" name="username" placeholder="Enter Username" id="username" /> <span id="username-notify" class="label label-success"></span> <br />
-			<label for="password">Password</label><input type="password" name="password" placeholder="Enter Password" id="password" /><br />
+			<label for="password">Password</label><input type="password" name="password" placeholder="Enter Password" id="password" /> <span id="password-notify" class="label label-important"></span> <br />
 			<button class="btn btn-primary" id="register" type="submit">Register Now</button>
 		</form>
 	</div>
@@ -24,7 +24,8 @@
 		register = document.getElementById('register'),
 		emailEl = document.getElementById('email'),
 		username_notify = document.getElementById('username-notify'),
-		email_notify = document.getElementById('email-notify');
+		email_notify = document.getElementById('email-notify'),
+		password_notify = document.getElementById('password-notify');
 
 	username.onkeyup = function() {
 		if (username.value.length > 2) socket.emit('user.exists', {username: username.value});
@@ -36,6 +37,13 @@
 	emailEl.addEventListener('change', function() {
 		socket.emit('user.email.exists', { email: emailEl.value });
 	}, false);
+	password.addEventListener('keyup', function() {
+		if (password.value.length < 5) {
+			password_notify.innerHTML = 'Password too short';
+		} else {
+			password_notify.innerHTML = '';
+		}
+	}, false);
 
 	ajaxify.register_events(['user.exists', 'user.email.exists']);
 
@@ -63,5 +71,34 @@
 			document.location.href = e.target.getAttribute('data-url');
 		}
 	});
+
+	// Form Validation
+	function validateForm() {
+		var validated = true;
+		if (username.value.length < 2) {
+			username_notify.innerHTML = 'Invalid username';
+			username_notify.className = 'label label-important';
+			validated = false;
+		}
+
+		if (password.value.length < 5) {
+			password_notify.innerHTML = 'Password too short';
+			validated = false;
+		} else {
+			password_notify.innerHTML = '';
+		}
+
+		if (email.value.indexOf('@') === -1) {
+			email_notify.innerHTML = 'Invalid email address';
+			validated = false;
+		} else {
+			email_notify.innerHTML = '';
+		}
+
+		return validated;
+	}
+	register.addEventListener('click', function(e) {
+		if (!validateForm()) e.preventDefault();
+	}, false);
 }());
 </script>

src/routes/authentication.js

@@ -138,9 +138,8 @@
 		}));
 		
 		app.post('/register', function(req, res) {
-			console.log('wtf');
 			user_module.create(req.body.username, req.body.password, req.body.email, function(err, uid) {
-				if (err === null) {
+				if (err === null && uid > 0) {
 					req.login({
 						uid: uid
 					}, function() {

src/user.js

@@ -237,60 +237,49 @@ var	config = require('../config.js'),
 
 	User.create = function(username, password, email, callback) {
 
-		if(!username) {
-			console.log("invalid registration data! username ["+username+"], password ["+password+"], email ["+email+"]");
-			return;
-		}
-	
-		// TODO : check if username email is unique!! -baris
-	
+		User.exists(username, function(exists) {
+			if (exists || email.indexOf('@') === -1 || password.length < 5) return callback(null, -1);
 
-		RDB.incr('global:next_user_id', function(err, uid) {
-			RDB.handle(err);
-			
-			console.log("Registering uid : " + uid);
-
-			User.hashPassword(password, function(hash) {
-
-				var gravatar = User.createGravatarURLFromEmail(email);
-
-				RDB.hmset('user:'+uid, {
-					'username' : username,
-					'fullname': '',
-					'location':'',
-					'birthday':'',
-					'website':'',
-					'email' : email,
-					'joindate' : new Date().getTime(),
-					'password' : hash,
-					'picture': gravatar,
-					'gravatarpicture' : gravatar,
-					'uploadedpicture': '',
-					'reputation': 0,
-					'postcount': 0
-				});
+			RDB.incr('global:next_user_id', function(err, uid) {
+				RDB.handle(err);
+				User.hashPassword(password, function(hash) {
+					var gravatar = User.createGravatarURLFromEmail(email);
+
+					RDB.hmset('user:'+uid, {
+						'username' : username,
+						'fullname': '',
+						'location':'',
+						'birthday':'',
+						'website':'',
+						'email' : email,
+						'joindate' : new Date().getTime(),
+						'password' : hash,
+						'picture': gravatar,
+						'gravatarpicture' : gravatar,
+						'uploadedpicture': '',
+						'reputation': 0,
+						'postcount': 0
+					});
+					
+					RDB.set('username:' + username + ':uid', uid);
+					RDB.set('email:' + email +':uid', uid);			
+					
+					if(email)
+						User.sendConfirmationEmail(email);
 				
-				RDB.set('username:' + username + ':uid', uid);
-				RDB.set('email:' + email +':uid', uid);			
+					RDB.incr('usercount', function(err, count) {
+						RDB.handle(err);
 				
-				if(email)
-					User.sendConfirmationEmail(email);
-			
-				RDB.incr('usercount', function(err, count) {
-					RDB.handle(err);
-			
-					io.sockets.emit('user.count', {count: count});
-				});
+						io.sockets.emit('user.count', {count: count});
+					});
 
-				RDB.lpush('userlist', username);
-				io.sockets.emit('user.latest', {username: username});
+					RDB.lpush('userlist', username);
+					io.sockets.emit('user.latest', {username: username});
 
-				callback(null, uid);
-				
+					callback(null, uid);
+				});
 			});
-
 		});
-
 	};
 
 	User.createGravatarURLFromEmail = function(email) {