From 64b16fb188f968d2d4c0efac3c5ee3f695f3d2f7 Mon Sep 17 00:00:00 2001 From: Andrew Pamment Date: Sat, 6 Jan 2018 16:48:33 +1000 Subject: [PATCH] Strict full name checking --- magicka.strings | 2 + src/users.c | 99 ++++++++++++++++++++++++++++++++++++++++++------- 2 files changed, 88 insertions(+), 13 deletions(-) diff --git a/magicka.strings b/magicka.strings index e062dec..fb33f5f 100644 --- a/magicka.strings +++ b/magicka.strings @@ -239,3 +239,5 @@ File exists!\r\n \r\n\e[1;31mPlease enter at least one keyword.\e[0m\r\n \r\n\e[1;37mKeywords:\e[0m \r\nUsername may not begin or end with a space\r\n +\r\nFirstname may not begin or end with a space\r\n +\r\nLastname may not begin or end with a space\r\n diff --git a/src/users.c b/src/users.c index cbb56b4..c8a5599 100644 --- a/src/users.c +++ b/src/users.c @@ -494,6 +494,46 @@ void list_users(struct user_record *user) { s_getc(); } +int check_fullname(char *firstname, char *lastname) { + char buffer[256]; + sqlite3 *db; + sqlite3_stmt *res; + int rc; + char *sql = "SELECT * FROM users WHERE firstname = ? AND lastname = ?"; + + sprintf(buffer, "%s/users.sq3", conf.bbs_path); + + rc = sqlite3_open(buffer, &db); + + if (rc != SQLITE_OK) { + dolog("Cannot open database: %s", sqlite3_errmsg(db)); + sqlite3_close(db); + + exit(1); + } + sqlite3_busy_timeout(db, 5000); + rc = sqlite3_prepare_v2(db, sql, -1, &res, 0); + + if (rc == SQLITE_OK) { + sqlite3_bind_text(res, 1, firstname, -1, 0); + sqlite3_bind_text(res, 2, lastname, -1, 0); + } else { + dolog("Failed to execute statement: %s", sqlite3_errmsg(db)); + } + + int step = sqlite3_step(res); + + if (step == SQLITE_ROW) { + sqlite3_finalize(res); + sqlite3_close(db); + return 0; + } + + sqlite3_finalize(res); + sqlite3_close(db); + return 1; +} + int check_user(char *loginname) { char buffer[256]; sqlite3 *db; @@ -541,7 +581,8 @@ struct user_record *new_user() { int nameok = 0; int passok = 0; int i; - + int fullnameok = 0; + user = (struct user_record *)malloc(sizeof(struct user_record)); s_printf("\r\n\r\n"); s_displayansi("newuser"); @@ -600,18 +641,50 @@ struct user_record *new_user() { memset(buffer, 0, 256); } } while (!nameok); - s_printf(get_string(171)); - memset(buffer, 0, 256); - s_readstring(buffer, 32); - s_printf("\r\n"); - user->firstname = strdup(buffer); - - s_printf(get_string(172)); - memset(buffer, 0, 256); - s_readstring(buffer, 32); - s_printf("\r\n"); - user->lastname = strdup(buffer); - + do { + nameok = 0; + do { + s_printf(get_string(171)); + memset(buffer, 0, 256); + s_readstring(buffer, 32); + if (buffer[0] == ' ' || buffer[strlen(buffer) - 1] == ' ') { + s_printf(get_string(241)); + continue; + } + if (strlen(buffer) == 0) { + s_printf(get_string(167)); + continue; + } + + s_printf("\r\n"); + user->firstname = strdup(buffer); + nameok = 1; + } while (!nameok); + nameok = 0; + + do { + s_printf(get_string(172)); + memset(buffer, 0, 256); + s_readstring(buffer, 32); + if (buffer[0] == ' ' || buffer[strlen(buffer) - 1] == ' ') { + s_printf(get_string(242)); + continue; + } + if (strlen(buffer) == 0) { + s_printf(get_string(167)); + continue; + } + + s_printf("\r\n"); + nameok = 1; + user->lastname = strdup(buffer); + } while (!nameok); + fullnameok = check_fullname(user->firstname, user->lastname); + if (!fullnameok) { + free(user->firstname); + free(user->lastname); + } + } while (!fullnameok); s_printf(get_string(173)); memset(buffer, 0, 256); s_readstring(buffer, 64);