aboutsummaryrefslogtreecommitdiff
path: root/pyaggr3g470r/forms.py
diff options
context:
space:
mode:
authorCédric Bonhomme <cedric@cedricbonhomme.org>2014-05-05 13:40:39 +0200
committerCédric Bonhomme <cedric@cedricbonhomme.org>2014-05-05 13:40:39 +0200
commit9fd38b735abb6d5485a9e34c8c330a0a7d9cbeea (patch)
tree7de83599fb3a24632f1fc78735b573ec49bf31c4 /pyaggr3g470r/forms.py
parentFixed a security problem. (diff)
downloadnewspipe-9fd38b735abb6d5485a9e34c8c330a0a7d9cbeea.tar.gz
newspipe-9fd38b735abb6d5485a9e34c8c330a0a7d9cbeea.tar.bz2
newspipe-9fd38b735abb6d5485a9e34c8c330a0a7d9cbeea.zip
Improved forms validation.
Diffstat (limited to 'pyaggr3g470r/forms.py')
-rw-r--r--pyaggr3g470r/forms.py25
1 files changed, 19 insertions, 6 deletions
diff --git a/pyaggr3g470r/forms.py b/pyaggr3g470r/forms.py
index 6a11362c..61cd4c2a 100644
--- a/pyaggr3g470r/forms.py
+++ b/pyaggr3g470r/forms.py
@@ -30,6 +30,7 @@ from flask import flash
from flask.ext.wtf import Form
from flask.ext.babel import lazy_gettext
from wtforms import TextField, TextAreaField, PasswordField, BooleanField, SubmitField, validators
+from flask.ext.wtf.html5 import EmailField
from flask_wtf import RecaptchaField
from pyaggr3g470r.models import User
@@ -37,8 +38,8 @@ from pyaggr3g470r.models import User
class SignupForm(Form):
firstname = TextField(lazy_gettext("First name"), [validators.Required(lazy_gettext("Please enter your first name."))])
lastname = TextField(lazy_gettext("Last name"), [validators.Required(lazy_gettext("Please enter your last name."))])
- email = TextField(lazy_gettext("Email"), [validators.Required(lazy_gettext("Please enter your email."))])
- password = PasswordField(lazy_gettext("Password"))
+ email = EmailField(lazy_gettext("Email"), [validators.Length(min=6, max=35), validators.Required(lazy_gettext("Please enter your email."))])
+ password = PasswordField(lazy_gettext("Password"), [validators.Required(lazy_gettext("Please enter a password.")), validators.Length(min=6, max=100)])
recaptcha = RecaptchaField()
submit = SubmitField(lazy_gettext("Sign up"))
@@ -48,14 +49,20 @@ class SignupForm(Form):
def validate(self):
if not Form.validate(self):
return False
+ if self.firstname.data != User.make_valid_nickname(self.firstname.data):
+ self.firstname.errors.append(lazy_gettext('This firstname has invalid characters. Please use letters, numbers, dots and underscores only.'))
+ return False
+ if self.lastname.data != User.make_valid_nickname(self.lastname.data):
+ self.lastname.errors.append(lazy_gettext('This lastname has invalid characters. Please use letters, numbers, dots and underscores only.'))
+ return False
return True
class SigninForm(Form):
"""
Sign in form.
"""
- email = TextField("Email", [validators.Required(lazy_gettext("Please enter your email address."))])
- password = PasswordField(lazy_gettext('Password'), [validators.Required(lazy_gettext("Please enter a password."))])
+ email = EmailField("Email", [validators.Length(min=6, max=35), validators.Required(lazy_gettext("Please enter your email address."))])
+ password = PasswordField(lazy_gettext('Password'), [validators.Required(lazy_gettext("Please enter a password.")), validators.Length(min=6, max=100)])
submit = SubmitField(lazy_gettext("Log In"))
def __init__(self, *args, **kwargs):
@@ -92,8 +99,8 @@ class AddFeedForm(Form):
class ProfileForm(Form):
firstname = TextField(lazy_gettext("First name"), [validators.Required(lazy_gettext("Please enter your first name."))])
lastname = TextField(lazy_gettext("Last name"), [validators.Required(lazy_gettext("Please enter your last name."))])
- email = TextField(lazy_gettext("Email"), [validators.Required(lazy_gettext("Please enter your email."))])
- password = PasswordField(lazy_gettext("Password"))
+ email = EmailField(lazy_gettext("Email"), [validators.Length(min=6, max=35), validators.Required(lazy_gettext("Please enter your email."))])
+ password = PasswordField(lazy_gettext("Password"), [validators.Length(min=6, max=100)])
submit = SubmitField(lazy_gettext("Save"))
def __init__(self, *args, **kwargs):
@@ -102,4 +109,10 @@ class ProfileForm(Form):
def validate(self):
if not Form.validate(self):
return False
+ if self.firstname.data != User.make_valid_nickname(self.firstname.data):
+ self.firstname.errors.append(lazy_gettext('This firstname has invalid characters. Please use letters, numbers, dots and underscores only.'))
+ return False
+ if self.lastname.data != User.make_valid_nickname(self.lastname.data):
+ self.lastname.errors.append(lazy_gettext('This lastname has invalid characters. Please use letters, numbers, dots and underscores only.'))
+ return False
return True
bgstack15