M src/lib.rs => src/lib.rs +15 -0
@@ 91,6 91,12 @@ impl BeetClient {
} else if command.len() != 3 {
(strings::REGISTER_WRONG_NUMBER_OF_ARGS.to_owned() + strings::PROMPT).to_string()
} else {
+ if !command[1].chars().all(char::is_alphanumeric)
+ || command[1].len() < 3
+ || command.len() > 16
+ {
+ return strings::REGISTER_BAD.to_owned() + strings::PROMPT;
+ }
let hashed_password = Self::hash_password(command[2]);
let new_user = user::ActiveModel {
username: ActiveValue::Set(command[1].to_string()),
@@ 115,6 121,11 @@ impl BeetClient {
{
return strings::POST_HELP.to_owned() + strings::PROMPT;
}
+
+ if command[1].len() > 128 || command[1].len() < 3 {
+ return strings::POST_BAD.to_owned() + strings::PROMPT;
+ }
+
let body = if command.get(2).is_none() {
None
} else {
@@ 149,6 160,10 @@ impl BeetClient {
return strings::COMMENT_HELP.to_owned() + strings::PROMPT;
}
+ if command[1].len() > 512 || command[1].len() < 3 {
+ return strings::COMMENT_BAD.to_owned() + strings::PROMPT;
+ }
+
let id = command[1].parse::<i32>();
if id.is_err() {
return strings::COMMENT_HELP.to_owned() + strings::PROMPT;
M src/strings.rs => src/strings.rs +6 -0
@@ 40,6 40,8 @@ pub const REGISTER_WRONG_NUMBER_OF_ARGS: &str =
pub const REGISTER_HELP: &str = "Usage: register username password\n";
+pub const REGISTER_BAD: &str = "Username must be alphanumeric and 3-16 characters\n";
+
pub const LOGIN_COMMANDS: [&str; 2] = ["login", "l"];
pub const LOGIN_WRONG_NUMBER_OF_ARGS: &str =
@@ 68,6 70,8 @@ pub const POST_HELP: &str = "Usage: post title [body (optional)]\n";
pub const POST_RESULT: &str = "Posted as #";
+pub const POST_BAD: &str = "Post title must be 3-128 characters\n";
+
pub const SHOW_COMMANDS: [&str; 2] = ["show", "s"];
pub const SHOW_HELP: &str =
@@ 83,6 87,8 @@ pub const COMMENT_COMMANDS: [&str; 2] = ["comment", "c"];
pub const COMMENT_HELP: &str = "Usage: comment id message\n";
+pub const COMMENT_BAD: &str = "Comment must be 3-512 characters\n";
+
pub const UNAUTHED: &str = "You can't do that right now. Try logging in\n";
pub const OK: &str = "Ok\n";