diff options
| author | Evan Prodromou <evan@prodromou.name> | 2008-05-21 07:27:07 -0400 |
|---|---|---|
| committer | Evan Prodromou <evan@prodromou.name> | 2008-05-21 07:27:07 -0400 |
| commit | 764a391d196287a9400ee597019c3e5207c5a5f0 (patch) | |
| tree | 159f2cc26f3c415f67a4da821076865ec9cf6396 /actions/register.php | |
| parent | 46b3f1c3a746044ae868c06bf3027e0a3ea27433 (diff) | |
validation in form handlers
Moved validation code from classes to form handlers. Probably better
in the classes, but I can't quite grok the validate() method in
DB_DataObject, so for now I'm going to do it the old-fashioned way.
darcs-hash:20080521112707-84dde-38e27199b977ae81171b8391fbdb93ebb54494f9.gz
Diffstat (limited to 'actions/register.php')
| -rw-r--r-- | actions/register.php | 30 |
1 files changed, 13 insertions, 17 deletions
diff --git a/actions/register.php b/actions/register.php index 5da867b0f..c67235f9d 100644 --- a/actions/register.php +++ b/actions/register.php @@ -34,18 +34,27 @@ class RegisterAction extends Action { } function try_register() { - $nickname = $this->arg('nickname'); + $nickname = $this->trimmed('nickname'); + $email = $this->trimmed('email'); + + # We don't trim these... whitespace is OK in a password! + $password = $this->arg('password'); $confirm = $this->arg('confirm'); - $email = $this->arg('email'); # Input scrubbing $nickname = common_canonical_nickname($nickname); $email = common_canonical_email($email); - if ($this->nickname_exists($nickname)) { - $this->show_form(_t('Username already exists.')); + if (!Validate::email($email, true)) { + $this->show_form(_t('Not a valid email address.')); + } else if (!Validate::string($nickname, array('min_length' => 1, + 'max_length' => 64, + 'format' => VALIDATE_NUM . VALIDATE_ALPHA_LOWER))) { + $this->show_form(_t('Nickname must have only letters and numbers and no spaces.')); + } else if ($this->nickname_exists($nickname)) { + $this->show_form(_t('Nickname already exists.')); } else if ($this->email_exists($email)) { $this->show_form(_t('Email address already exists.')); } else if ($password != $confirm) { @@ -84,11 +93,6 @@ class RegisterAction extends Action { $profile->profileurl = common_profile_url($nickname); $profile->created = DB_DataObject_Cast::dateTime(); # current time - $val = $profile->validate(); - if ($val !== TRUE) { - # XXX: some feedback here, please! - return FALSE; - } $id = $profile->insert(); if (!$id) { return FALSE; @@ -100,14 +104,6 @@ class RegisterAction extends Action { $user->email = $email; $user->created = DB_DataObject_Cast::dateTime(); # current time - $val = $user->validate(); - if ($val !== TRUE) { - # XXX: some feedback here, please! - # Try to clean up... - $profile->delete(); - return FALSE; - } - $result = $user->insert(); if (!$result) { # Try to clean up... |