AJAX warning if a user enters an invalid domain

2017-07-17 20:23:15 +01:00 · 2017-07-17 20:23:15 +01:00 · d3c977a5f3
parent d66b72d34e
commit d3c977a5f3
3 changed files with 18 additions and 3 deletions
--- a/lib/cyberman/API.pm
+++ b/lib/cyberman/API.pm
@ -2,6 +2,8 @@ package cyberman::API;
 use Dancer2 appname => "cyberman";
 use Dancer2::Plugin::Database;

+use cyberman::Helper;
+
 get '/api/check_availability' => sub {
  # No auth req'd
  # returns 'y' or 'n'
@ -12,6 +14,10 @@ get '/api/check_availability' => sub {
    return "n";
  }

+  if (!check_name(param "name")) {
+    return "n";
+  }
+
  my $result = database->quick_select(
    "domain",
    {
--- a/lib/cyberman/Domains.pm
+++ b/lib/cyberman/Domains.pm
@ -3,7 +3,7 @@ package cyberman::Domains;
 use Dancer2 appname => "cyberman";
 use Dancer2::Plugin::Database;

-use cyberman::Helper qw(auth_test);
+use cyberman::Helper;
 use if config->{"use_nsd"}, "NSD::Interface";

 get '/domains' => sub {
@ -33,7 +33,7 @@ post '/domains/new' => sub {
  my $name = lc param("name");

  if (scalar(keys(%errs)) == 0) {
-    if (param("name") !~ m/^[a-z0-9]([a-z0-9\-_]*[a-z0-9])?$/) {
+    if (!check_name(param "name")) {
      $errs{"e_chars"} = 1;
    }
  }
--- a/lib/cyberman/Helper.pm
+++ b/lib/cyberman/Helper.pm
@ -7,7 +7,7 @@ use Digest::Bcrypt;

 use Exporter qw(import);

-our @EXPORT = qw(auth_test randstring hash_password);
+our @EXPORT = qw(auth_test randstring hash_password check_name);

 # Helper functions

@ -60,4 +60,13 @@ sub hash_password {
  return ($b->bcrypt_b64digest, $salt);
 }

+sub check_name {
+  my $name = shift;
+  if ($name =~ m/^[a-z0-9]([a-z0-9\-_]*[a-z0-9])?$/) {
+    return 1;
+  } else {
+    return 0;
+  }
+}
+
 1;