From 04d30cfe16e11140c8efb22afd61f2386c35cd87 Mon Sep 17 00:00:00 2001 From: cflip <36554078+cflip@users.noreply.github.com> Date: Tue, 20 Jul 2021 17:25:03 -0600 Subject: Handle input validation in abstract Form class --- includes/form/RegisterForm.php | 56 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 56 insertions(+) create mode 100644 includes/form/RegisterForm.php (limited to 'includes/form/RegisterForm.php') diff --git a/includes/form/RegisterForm.php b/includes/form/RegisterForm.php new file mode 100644 index 0000000..4967048 --- /dev/null +++ b/includes/form/RegisterForm.php @@ -0,0 +1,56 @@ +report_error("You must provide a username."); + } else { + $result = filter_var($username, FILTER_SANITIZE_STRING); + + if (!preg_match(self::USERNAME_REGEX, $result)) { + $this->report_error("Username can only contain letters, numbers and underscores."); + } + + if (strlen($result) > 30) { + $this->report_error("Your username must be 30 characters or less."); + } + + if (User::username_exists($result)) { + $this->report_error("The username '" . $result . "' has already been taken by another user."); + } + } + return $result; + } + + public function validate_password($password, $password_check): ?string + { + $result = null; + + if (empty($password)) { + $this->report_error("You must provide a password."); + } else { + $result = filter_var($password, FILTER_SANITIZE_STRING); + $pass_check = filter_var($password_check, FILTER_SANITIZE_STRING); + + if (preg_match(self::PASSWORD_REGEX, $result) === false) { + $this->report_error("Password contains invalid characters!"); + } + + if ($result !== $pass_check) { + $this->report_error("The two passwords do not match."); + } + } + + return $result; + } +} -- cgit v1.2.3