add more user input santitation
This commit is contained in:
parent
6739e997bc
commit
48e98cbfc3
@ -29,7 +29,7 @@ def addtask():
|
|||||||
username = request.form['username']
|
username = request.form['username']
|
||||||
# Input sanitation
|
# Input sanitation
|
||||||
# Task name
|
# Task name
|
||||||
if not taskname.isprintable():
|
if not taskname.printable() or ("<" in taskname and ">" in taskname):
|
||||||
return render_template('pages/response.html', response = "Task name has to be made only of letters or numbers.")
|
return render_template('pages/response.html', response = "Task name has to be made only of letters or numbers.")
|
||||||
if len(taskname) < 1 or len(taskname) > 40:
|
if len(taskname) < 1 or len(taskname) > 40:
|
||||||
return render_template('pages/response.html', response = "Task name lenght invalid, only smaller then 40 charachters allowed")
|
return render_template('pages/response.html', response = "Task name lenght invalid, only smaller then 40 charachters allowed")
|
||||||
@ -47,7 +47,7 @@ def addtask():
|
|||||||
|
|
||||||
# Task descripton
|
# Task descripton
|
||||||
if taskdesc != '':
|
if taskdesc != '':
|
||||||
if not taskdesc.isprintable():
|
if not taskdesc.isprintable() or ("<" in taskdesc and ">" in taskdesc):
|
||||||
return render_template('pages/response.html', response = "Task description has to be made of printable characters.")
|
return render_template('pages/response.html', response = "Task description has to be made of printable characters.")
|
||||||
if len(taskdesc) > 2000:
|
if len(taskdesc) > 2000:
|
||||||
return render_template('pages/response.html', response = "Task description lenght invalid, only smaller then 2000 charachters allowed")
|
return render_template('pages/response.html', response = "Task description lenght invalid, only smaller then 2000 charachters allowed")
|
||||||
@ -76,7 +76,7 @@ def register():
|
|||||||
|
|
||||||
# Contact
|
# Contact
|
||||||
if contact != '':
|
if contact != '':
|
||||||
if not contact.isprintable():
|
if not contact.isprintable() or ("<" in contact and ">" in contact):
|
||||||
return render_template('pages/response.html', response = "Contact information has to be made of printable characters.")
|
return render_template('pages/response.html', response = "Contact information has to be made of printable characters.")
|
||||||
if len(contact) > 100:
|
if len(contact) > 100:
|
||||||
return render_template('pages/response.html', response = "Contact lenght invalid, only smaller then 100 charachters allowed")
|
return render_template('pages/response.html', response = "Contact lenght invalid, only smaller then 100 charachters allowed")
|
||||||
|
Loading…
Reference in New Issue
Block a user