Improved detection of invalid email addresses (#1831) upon registering

This commit is contained in:
Ozzie Isaacs 2021-01-27 19:18:40 +01:00
parent 0f83f9992c
commit e6799e7a04
2 changed files with 11 additions and 5 deletions

View File

@ -82,7 +82,6 @@ $(".container-fluid").bind('drop', function (e) {
var files = e.originalEvent.dataTransfer.files; var files = e.originalEvent.dataTransfer.files;
var test = $("#btn-upload")[0].accept; var test = $("#btn-upload")[0].accept;
$(this).css('background', ''); $(this).css('background', '');
// var final = [];
const dt = new DataTransfer() const dt = new DataTransfer()
jQuery.each(files, function (index, item) { jQuery.each(files, function (index, item) {
if (test.indexOf(item.name.substr(item.name.lastIndexOf('.'))) !== -1) { if (test.indexOf(item.name.substr(item.name.lastIndexOf('.'))) !== -1) {

View File

@ -24,6 +24,7 @@ from __future__ import division, print_function, unicode_literals
import os import os
from datetime import datetime from datetime import datetime
import json import json
import re
import mimetypes import mimetypes
import chardet # dependency of requests import chardet # dependency of requests
@ -1273,11 +1274,17 @@ def register():
if config.config_register_email: if config.config_register_email:
nickname = to_save["email"] nickname = to_save["email"]
else: else:
nickname = to_save["nickname"] nickname = to_save.get('nickname', None)
if not nickname or not to_save["email"]: if not nickname or not to_save.get("email", None):
flash(_(u"Please fill out all fields!"), category="error") flash(_(u"Please fill out all fields!"), category="error")
return render_title_template('register.html', title=_(u"register"), page="register") return render_title_template('register.html', title=_(u"register"), page="register")
#if to_save["email"].count("@") != 1 or not \
# Regex according to https://developer.mozilla.org/en-US/docs/Web/HTML/Element/input/email#validation
if not re.search(r"^[\w.!#$%&'*+\\/=?^_`{|}~-]+@[\w](?:[\w-]{0,61}[\w])?(?:\.[\w](?:[\w-]{0,61}[\w])?)*$",
to_save["email"]):
flash(_(u"Invalid e-mail address format"), category="error")
log.warning('Registering failed for user "%s" e-mail address: %s', nickname, to_save["email"])
return render_title_template('register.html', title=_(u"register"), page="register")
existing_user = ub.session.query(ub.User).filter(func.lower(ub.User.nickname) == nickname existing_user = ub.session.query(ub.User).filter(func.lower(ub.User.nickname) == nickname
.lower()).first() .lower()).first()
@ -1303,7 +1310,7 @@ def register():
return render_title_template('register.html', title=_(u"register"), page="register") return render_title_template('register.html', title=_(u"register"), page="register")
else: else:
flash(_(u"Your e-mail is not allowed to register"), category="error") flash(_(u"Your e-mail is not allowed to register"), category="error")
log.warning('Registering failed for user "%s" e-mail address: %s', to_save['nickname'], to_save["email"]) log.warning('Registering failed for user "%s" e-mail address: %s', nickname, to_save["email"])
return render_title_template('register.html', title=_(u"register"), page="register") return render_title_template('register.html', title=_(u"register"), page="register")
flash(_(u"Confirmation e-mail was send to your e-mail account."), category="success") flash(_(u"Confirmation e-mail was send to your e-mail account."), category="success")
return redirect(url_for('web.login')) return redirect(url_for('web.login'))