hyperzlib
/
nodebb
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

server side checks for username/email/password, closes #41

Browse Source
v1.18.x
Baris Soner Usakli 12 years ago
parent 7d49294595
commit ea4f39ca21
3 changed files with 83 additions and 25 deletions
Show Stats Download Patch File Download Diff File

67
public/src/forum/register.js
Unescape Escape View File

@ -8,32 +8,60 @@
email_notify = document.getElementById('email-notify'), email_notify = document.getElementById('email-notify'),
password_notify = document.getElementById('password-notify'), password_notify = document.getElementById('password-notify'),
password_confirm_notify = document.getElementById('password-confirm-notify'), password_confirm_notify = document.getElementById('password-confirm-notify'),
usernamevalid = false;
emailexists = false, emailexists = false,
emailvalid = false, emailvalid = false,
userexists = false, userexists = false,
passwordsmatch = false; passwordsmatch = false,
passwordvalid = false;
$(username).on('keyup change', function() { $(username).on('keyup change', function() {
if (username.value.length > 2) socket.emit('user.exists', {username: username.value}); usernamevalid = utils.isUserNameValid(username.value);
else {
if(username.value.length < 3) {
username_notify.innerHTML = 'Username too short'; username_notify.innerHTML = 'Username too short';
username_notify.className = 'label label-important'; username_notify.className = 'label label-important';
} }
else if(!usernamevalid) {
username_notify.innerHTML = 'Invalid username';
username_notify.className = 'label label-important';
}
else {
socket.emit('user.exists', {username: username.value});
}
}); });
$(emailEl).on('keyup change', function() { $(emailEl).on('keyup change', function() {
socket.emit('user.email.exists', { email: emailEl.value }); emailvalid = utils.isEmailValid(email.value);
if(!emailvalid) {
email_notify.innerHTML = 'Invalid email address';
email_notify.className = 'label label-important';
}
else
socket.emit('user.email.exists', { email: emailEl.value });
}); });
password.addEventListener('keyup', function() { $(password).on('keyup', function() {
if (password.value.length < 5) { passwordvalid = utils.isPasswordValid(password.value);
if (password.value.length < 6) {
password_notify.innerHTML = 'Password too short'; password_notify.innerHTML = 'Password too short';
password_notify.className = 'label label-important'; password_notify.className = 'label label-important';
} else { } else if(!passwordvalid) {
password_notify.innerHTML = 'Invalid password';
password_notify.className = 'label label-important';
} else {
password_notify.innerHTML = 'OK!'; password_notify.innerHTML = 'OK!';
password_notify.className = 'label label-success'; password_notify.className = 'label label-success';
} }
}, false);
if(password.value !== password_confirm.value) {
password_confirm_notify.innerHTML = 'Passwords must match!';
password_confirm_notify.className = 'label label-important';
passwordsmatch = false;
}
});
$(password_confirm).on('keyup', function() { $(password_confirm).on('keyup', function() {
if(password.value !== password_confirm.value) { if(password.value !== password_confirm.value) {
@ -63,14 +91,10 @@
socket.on('user.email.exists', function(data) { socket.on('user.email.exists', function(data) {
emailexists = data.exists; emailexists = data.exists;
emailvalid = isEmailValid(email.value);
if (data.exists === true) { if (data.exists === true) {
email_notify.innerHTML = 'Email Address exists'; email_notify.innerHTML = 'Email Address exists';
email_notify.className = 'label label-important'; email_notify.className = 'label label-important';
} else if(!emailvalid) {
email_notify.innerHTML = 'Invalid email address';
email_notify.className = 'label label-important';
} }
else { else {
email_notify.innerHTML = 'OK!'; email_notify.innerHTML = 'OK!';
@ -78,12 +102,6 @@
} }
}); });
// from http://stackoverflow.com/questions/46155/validate-email-address-in-javascript
function isEmailValid(email) {
var re = /[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*@(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?/;
return re.test(email);
}
// Alternate Logins // Alternate Logins
var altLoginEl = document.querySelector('.alt-logins'); var altLoginEl = document.querySelector('.alt-logins');
altLoginEl.addEventListener('click', function(e) { altLoginEl.addEventListener('click', function(e) {
@ -97,10 +115,10 @@
} }
}); });
// Form Validation
function validateForm() { function validateForm() {
var validated = true; var validated = true;
if (username.value.length < 2) {
if (username.value.length < 2 || !usernamevalid) {
username_notify.innerHTML = 'Invalid username'; username_notify.innerHTML = 'Invalid username';
username_notify.className = 'label label-important'; username_notify.className = 'label label-important';
validated = false; validated = false;
@ -110,6 +128,10 @@
password_notify.innerHTML = 'Password too short'; password_notify.innerHTML = 'Password too short';
validated = false; validated = false;
} }
if(password.value !== password_confirm.value) {
password_confirm_notify.innerHTML = 'Passwords must match!';
}
if (!emailvalid) { if (!emailvalid) {
email_notify.innerHTML = 'Invalid email address'; email_notify.innerHTML = 'Invalid email address';
@ -121,10 +143,7 @@
validated = false; validated = false;
} }
if(userexists) if(userexists || !passwordsmatch || !passwordvalid)
validated = false;
if(!passwordsmatch)
validated = false; validated = false;
return validated; return validated;

31
public/src/utils.js
Unescape Escape View File

@ -83,6 +83,20 @@
return str; return str;
}, },
// from http://stackoverflow.com/questions/46155/validate-email-address-in-javascript
isEmailValid: function(email) {
var re = /[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*@(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?/;
return re.test(email);
},
isUserNameValid: function(name) {
return (name && name !== "" && !(/^\s*$/.test(name)));
},
isPasswordValid: function(password) {
return password && password.indexOf(' ') === -1 && password.length > 5;
},
// Blatently stolen from: http://phpjs.org/functions/strip_tags/ // Blatently stolen from: http://phpjs.org/functions/strip_tags/
'strip_tags': function(input, allowed) { 'strip_tags': function(input, allowed) {
allowed = (((allowed || "") + "").toLowerCase().match(/<[a-z][a-z0-9]*>/g) || []).join(''); // making sure the allowed arg is a string containing only tags in lowercase (<a><b><c>) allowed = (((allowed || "") + "").toLowerCase().match(/<[a-z][a-z0-9]*>/g) || []).join(''); // making sure the allowed arg is a string containing only tags in lowercase (<a><b><c>)
@ -95,6 +109,23 @@
} }
} }
if (!String.prototype.trim) {
String.prototype.trim=function(){return this.replace(/^\s+|\s+$/g, '');};
}
if (!String.prototype.ltrim) {
String.prototype.ltrim=function(){return this.replace(/^\s+/,'');};
}
if (!String.prototype.rtrim) {
String.prototype.rtrim=function(){return this.replace(/\s+$/,'');};
}
if (!String.prototype.fulltrim) {
String.prototype.fulltrim=function(){return this.replace(/(?:(?:^|\n)\s+|\s+(?:$|\n))/g,'').replace(/\s+/g,' ');};
}
if ('undefined' !== typeof window) { if ('undefined' !== typeof window) {
window.utils = module.exports; window.utils = module.exports;

10
src/user.js
Unescape Escape View File

@ -163,12 +163,20 @@ var utils = require('./../public/src/utils.js'),
User.create = function(username, password, email, callback) { User.create = function(username, password, email, callback) {
username = username.trim();
email = email.trim();
if(!utils.isEmailValid(email) || !utils.isUserNameValid(username) || !utils.isPasswordValid(password)) {
console.log('Invalid email/username/password!');
callback(null, 0);
return;
}
var userslug = utils.slugify(username); var userslug = utils.slugify(username);
User.exists(userslug, function(exists) { User.exists(userslug, function(exists) {
if(exists) { if(exists) {
console.log("user name taken");
callback(null, 0); callback(null, 0);
return; return;
} }

Write Preview
Loading…
Cancel
Save