1 files changed, 16 insertions, 2 deletions

diff --git a/charakterin.go b/charakterin.go
index b1500f0..415c94b 100644
--- a/charakterin.go
+++ b/charakterin.go
@@ -38,6 +38,7 @@ type Charakterin struct {
 }
 
 var reEmail, _ = regexp.Compile(`(\w[-._\w]*\w@\w[-._\w]*\w\.\w{2,})`)
+var reUsername, _ = regexp.Compile(`^(\w+( \w+)?)+$`)
 
 // New erstellt eine neue Instanz von Charakterin.
 func New(db *sql.DB) *Charakterin {
@@ -229,6 +230,19 @@ func (c *Charakterin) SaveUserRoute(w http.ResponseWriter, r *http.Request) {
         curPass := values.Get("current_password")
         newPass := values.Get("new_password")
 
+        if len(displayName) < 3 || !reUsername.MatchString(displayName) {
+                data := make(map[string]interface{})
+                data["error"] = "Ich ficke deinen Usernamen, Lars"
+                c.DisplayUserSettingsWithData(w, r, data)
+                return
+        }
+        if len(newPass) < 3 {
+                data := make(map[string]interface{})
+                data["error"] = "Passwort zu kurz, du Hurensohn"
+                c.DisplayUserSettingsWithData(w, r, data)
+                return
+        }
+
         if len(curPass) > 0 && len(newPass) > 0 {
                 var success bool
                 err = c.Database.QueryRow("SELECT login.compare_passwords($1, $2)", user.Password, curPass).Scan(&success)
@@ -305,9 +319,9 @@ func (c *Charakterin) Register(w http.ResponseWriter, r *http.Request) {
         password := values.Get("password")
         email := values.Get("email")
 
-        if len(username) < 3 {
+        if len(username) < 3 || !reUsername.MatchString(username) {
                 data := make(map[string]interface{})
-                data["error"] = "Username zu kurz, du Hurensohn"
+                data["error"] = "Ich ficke deinen Usernamen, Lars"
                 data["previous_email"] = email
                 c.DisplayRegistrationWithData(w, r, data)
                 return