Mercurial Hosting > freedit
changeset 14:7d0c96408abf
restrict name
author | Franklin Schmidt <fschmidt@gmail.com> |
---|---|
date | Mon, 04 Jul 2022 17:04:14 -0600 |
parents | 24668255cede |
children | 0edde02b908c |
files | src/login.html.luan |
diffstat | 1 files changed, 3 insertions(+), 2 deletions(-) [+] |
line wrap: on
line diff
diff -r 24668255cede -r 7d0c96408abf src/login.html.luan --- a/src/login.html.luan Sun Jul 03 23:59:41 2022 -0600 +++ b/src/login.html.luan Mon Jul 04 17:04:14 2022 -0600 @@ -2,6 +2,7 @@ local error = Luan.error local String = require "luan:String.luan" local trim = String.trim or error() +local matches = String.matches or error() local Html = require "luan:Html.luan" local url_encode = Html.url_encode or error() local Io = require "luan:Io.luan" @@ -42,7 +43,7 @@ <input type="hidden" name="email" value="<%= user.email %>" > <input type="hidden" name="password" value="<%= user.password %>" > <label>User name for <%= user.email %></label> - <input type="text" name="name" value="<%= name or "" %>" autofocus required> + <input type="text" name="name" value="<%= name or "" %>" autofocus required pattern="[a-zA-Z0-9_-]+"> <input type="submit" value="Register"> </form> <% @@ -115,7 +116,7 @@ end else name = trim(name) - #name > 0 or error "empty name" + matches( name, "^[a-zA-Z0-9_-]+$" ) or error "invalid name" local error_message = nil local user run_in_transaction( function()