add more user input santitation

This commit is contained in:
fram3d 2024-02-14 00:04:00 +01:00
parent 6739e997bc
commit 48e98cbfc3
Signed by: fram3d
GPG Key ID: 938920E709EEA32A

View File

@ -29,7 +29,7 @@ def addtask():
username = request.form['username'] username = request.form['username']
# Input sanitation # Input sanitation
# Task name # Task name
if not taskname.isprintable(): if not taskname.printable() or ("<" in taskname and ">" in taskname):
return render_template('pages/response.html', response = "Task name has to be made only of letters or numbers.") return render_template('pages/response.html', response = "Task name has to be made only of letters or numbers.")
if len(taskname) < 1 or len(taskname) > 40: if len(taskname) < 1 or len(taskname) > 40:
return render_template('pages/response.html', response = "Task name lenght invalid, only smaller then 40 charachters allowed") return render_template('pages/response.html', response = "Task name lenght invalid, only smaller then 40 charachters allowed")
@ -47,7 +47,7 @@ def addtask():
# Task descripton # Task descripton
if taskdesc != '': if taskdesc != '':
if not taskdesc.isprintable(): if not taskdesc.isprintable() or ("<" in taskdesc and ">" in taskdesc):
return render_template('pages/response.html', response = "Task description has to be made of printable characters.") return render_template('pages/response.html', response = "Task description has to be made of printable characters.")
if len(taskdesc) > 2000: if len(taskdesc) > 2000:
return render_template('pages/response.html', response = "Task description lenght invalid, only smaller then 2000 charachters allowed") return render_template('pages/response.html', response = "Task description lenght invalid, only smaller then 2000 charachters allowed")
@ -76,7 +76,7 @@ def register():
# Contact # Contact
if contact != '': if contact != '':
if not contact.isprintable(): if not contact.isprintable() or ("<" in contact and ">" in contact):
return render_template('pages/response.html', response = "Contact information has to be made of printable characters.") return render_template('pages/response.html', response = "Contact information has to be made of printable characters.")
if len(contact) > 100: if len(contact) > 100:
return render_template('pages/response.html', response = "Contact lenght invalid, only smaller then 100 charachters allowed") return render_template('pages/response.html', response = "Contact lenght invalid, only smaller then 100 charachters allowed")