fatchan
/
jschan
mirror of https://gitgud.io/fatchan/jschan.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity

#356, addnews, appeal, changepassword

Browse Source
indiachan-spamvector
Thomas Lynch 3 years ago
parent b4415ab940
commit 943a1ba174
3 changed files with 24 additions and 60 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 20
      controllers/forms/addnews.js
  2. 21
      controllers/forms/appeal.js
  3. 43
      controllers/forms/changepassword.js

20
controllers/forms/addnews.js
Unescape View File

@ -15,20 +15,12 @@ module.exports = {
controller: async (req, res, next) => {
const errors = [];
if (!req.body.message || res.locals.messageLength === 0) {
errors.push('Missing message');
}
if (res.locals.messageLength > 10000) {
errors.push('Message must be 10000 characters or less');
}
if (!req.body.title || req.body.title.length === 0) {
errors.push('Missing title');
}
if (req.body.title.length > 50) {
errors.push('Title must be 50 characters or less');
}
const errors = await checkSchema([
{ result: existsBody(req.body.message), expected: true, error: 'Missing message' },
{ result: existsBody(req.body.title), expected: true, error: 'Missing title' },
{ result: lengthBody(req.body.message, 1, 10000), expected: false, error: 'Message must be 10000 characters or less' },
{ result: lengthBody(req.body.title, 1, 50), expected: false, error: 'Title must be 50 characters or less' },
]);
if (errors.length > 0) {
return dynamicResponse(req, res, 400, 'message', {

21
controllers/forms/appeal.js
Unescape View File

@ -20,16 +20,11 @@ module.exports = {
controller: async (req, res, next) => {
const { globalLimits } = config.get;
const errors = [];
if (!req.body.checkedbans || req.body.checkedbans.length === 0 || req.body.checkedbans.length > 10) {
errors.push('Must select 1-10 bans');
}
if (!req.body.message || res.locals.messageLength === 0) {
errors.push('Appeals must include a message');
}
if (res.locals.messageLength > globalLimits.fieldLength.message) {
errors.push('Appeal message must be 2000 characters or less');
}
const errors = await checkSchema([
{ result: existsBody(req.body.message), expected: true, error: 'Appeals must include a message' },
{ result: numberBody(res.locals.messageLength, 1, globalLimits.fieldLength.message), expected: true, error: `Appeal message must be ${globalLimits.fieldLength.message} characters or less` },
]); //should appeals really be based off message field length global limit? minor.
if (errors.length > 0) {
return dynamicResponse(req, res, 400, 'message', {
@ -47,10 +42,8 @@ module.exports = {
}
if (amount === 0) {
/*
this can occur if they selected invalid id, non-ip match, already appealed, or unappealable bans. prevented by databse filter, so we use
use the updatedCount return value to check if any appeals were made successfully. if not, we end up here.
*/
/* this can occur if they selected invalid id, non-ip match, already appealed, or unappealable bans. prevented by databse filter, so we use
use the updatedCount return value to check if any appeals were made successfully. if not, we end up here. */
return dynamicResponse(req, res, 400, 'message', {
'title': 'Bad request',
'error': 'Invalid bans selected',

43
controllers/forms/changepassword.js
Unescape View File

@ -14,38 +14,17 @@ module.exports = {
controller: async (req, res, next) => {
const errors = [];
//check exist
if (!req.body.username || req.body.username.length <= 0) {
errors.push('Missing username');
}
if (!req.body.password || req.body.password.length <= 0) {
errors.push('Missing password');
}
if (!req.body.newpassword || req.body.newpassword.length <= 0) {
errors.push('Missing new password');
}
if (!req.body.newpasswordconfirm || req.body.newpasswordconfirm.length <= 0) {
errors.push('Missing new password confirmation');
}
//check too long
if (req.body.username && req.body.username.length > 50) {
errors.push('Username must be 50 characters or less');
}
if (req.body.password && req.body.password.length > 100) {
errors.push('Password must be 100 characters or less');
}
if (req.body.newpassword && req.body.newpassword.length > 100) {
errors.push('Password must be 100 characters or less');
}
if (req.body.newpasswordconfirm && req.body.newpasswordconfirm.length > 100) {
errors.push('Password confirmation must be 100 characters or less');
}
if (req.body.newpassword != req.body.newpasswordconfirm) {
errors.push('New password and password confirmation must match');
}
const errors = await checkSchema([
{ result: existsBody(req.body.username), expected: true, error: 'Missing username' },
{ result: lengthBody(req.body.username, 1, 50), expected: false, error: 'Username must be 50 characters or less' },
{ result: existsBody(req.body.password), expected: true, error: 'Missing password' },
{ result: lengthBody(req.body.password, 1, 50), expected: false, error: 'Password must be 50 characters or less' },
{ result: existsBody(req.body.newpassword), expected: true, error: 'Missing new password' },
{ result: lengthBody(req.body.newpassword, 1, 100), expected: false, error: 'New pasword must be 100 characters or less' },
{ result: existsBody(req.body.newpasswordconfirm), expected: true, error: 'Missing new password confirmation' },
{ result: lengthBody(req.body.newpasswordconfirm, 1, 100), expected: false, error: 'New password confirmation must be 100 characters or less' },
{ result: (req.body.newpassword === req.body.newpasswordconfirm), expected: true, error: 'New password and password confirmation must match' },
]);
if (errors.length > 0) {
return dynamicResponse(req, res, 400, 'message', {

Write Preview
Loading…
Cancel
Save