From 6b1fa94da9d63a737fc3a55213d31408a713d928 Mon Sep 17 00:00:00 2001 From: Ludovic Poujol Date: Thu, 21 Mar 2019 16:38:06 +0100 Subject: [PATCH] Ensuring that account name and db name only contain alphanumerical chars (and - _ ) With new type of form field : AlphaNumericalTextInputFormField --- evolibs/Form.php | 48 ++++++++++++++++++++++++++++++++++++++++++++++++ inc/accounts.php | 10 +++++----- 2 files changed, 53 insertions(+), 5 deletions(-) diff --git a/evolibs/Form.php b/evolibs/Form.php index 3ee2671..700a9a3 100644 --- a/evolibs/Form.php +++ b/evolibs/Form.php @@ -410,6 +410,54 @@ class TextInputFormField extends FormField { } } +class AlphaNumericalTextInputFormField extends FormField { + protected $mandatory = NULL; + protected $textsize = NULL; + + public function __construct($label, $mandatory=TRUE, $textsize=array(20, 80)) { + parent::__construct($label); + $this->mandatory = $mandatory; + $this->textsize = $textsize; + } + + public function verify($set_error) { + if($this->mandatory && (!strlen($this->value))) { + if($set_error) $this->error = 'Champ obligatoire'; + return FALSE; + } + + if (!preg_match("/^(?!-)(?!_)[[a-zA-Z0-9-_]+(?value)) { + if($set_error) $this->error = 'Seul les caractères a-z A-Z 0-9 sont autorisés (- et _ le sont excepté en début et fin)'; + return FALSE; + } + + + return TRUE; + } + + public function getInputHTML() { + $input = ''; + $input .= 'name.'" value="'.htmlspecialchars($this->value,ENT_QUOTES).'"'; + #$input .= sprintf(' name="%s" value="%s"', $this->name, htmlspecialchars($this->value, ENT_QUOTES)); + $input .= ' maxlength="'.$this->textsize[1].'" size="'.$this->textsize[0].'" '; + if($this->read_only) { $input .= 'readonly="readonly="'; } + if($this->disabled) { $input .= 'disabled="disabled="'; } + $input .= '/>'; + return $input; + } + + public function __toString() { + $out = ''; + $out .= "

\n"; + $out .= $this->getLabelHTML(); + $out .= $this->getInputHTML(); + $out .= $this->getErrorHTML(); + $out .= "

\n\n"; + return $out; + } +} + class DomainInputFormField extends FormField { protected $mandatory = NULL; protected $textsize = NULL; diff --git a/inc/accounts.php b/inc/accounts.php index 8a4c91f..e790701 100644 --- a/inc/accounts.php +++ b/inc/accounts.php @@ -250,7 +250,7 @@ function web_add_cluster($form, $admin_mail) { /* Construction du formulaire d'ajout */ $form = new FormPage("Ajout d'un compte web", FALSE); -$form->addField('username', new TextInputFormField("Nom d'utilisateur", TRUE, array(20,16))); +$form->addField('username', new AlphaNumericalTextInputFormField("Nom d'utilisateur", TRUE, array(20,16))); $form->addField('domain', new DomainInputFormField("Nom de domaine", TRUE)); $form->addField('domain_alias', new DomainListInputFormField("Alias (séparés par une virgule, sans espaces)", FALSE)); $form->addField('password_random', @@ -263,13 +263,13 @@ $form->addField('mysql_db', FALSE)); $form->getField('mysql_db')->setValue(TRUE); $form->addField('mysql_dbname', - new TextInputFormField("Nom de la base MySQL", FALSE, array(20,16))); -//$form->getField('mysql_dbname')->setDisabled(); -$form->addField('mysql_password_random', + new AlphaNumericalTextInputFormField("Nom de la base MySQL", FALSE, array(20,16))); + +$form->addField('mysql_password_random', new CheckboxInputFormField("Mot de passe MySQL aléatoire ?", FALSE)); $form->getField('mysql_password_random')->setValue(TRUE); -//$form->getField('mysql_password_random')->setDisabled(); + $form->addField('mysql_password', new PasswordInputFormField('Mot de passe MySQL', FALSE)); $form->getField('mysql_password')->setDisabled();