From 71e3b22bcc79168f0bed6e2f6b7d3e34a3b641d4 Mon Sep 17 00:00:00 2001
From: jan <jan@ruken.pw>
Date: Wed, 2 Nov 2016 15:27:59 +0100
Subject: ich hasse lars


diff --git a/charakterin.go b/charakterin.go
index b1500f0..415c94b 100644
--- a/charakterin.go
+++ b/charakterin.go
@@ -38,6 +38,7 @@ type Charakterin struct {
 }
 
 var reEmail, _ = regexp.Compile(`(\w[-._\w]*\w@\w[-._\w]*\w\.\w{2,})`)
+var reUsername, _ = regexp.Compile(`^(\w+( \w+)?)+$`)
 
 // New erstellt eine neue Instanz von Charakterin.
 func New(db *sql.DB) *Charakterin {
@@ -229,6 +230,19 @@ func (c *Charakterin) SaveUserRoute(w http.ResponseWriter, r *http.Request) {
 	curPass := values.Get("current_password")
 	newPass := values.Get("new_password")
 
+	if len(displayName) < 3 || !reUsername.MatchString(displayName) {
+		data := make(map[string]interface{})
+		data["error"] = "Ich ficke deinen Usernamen, Lars"
+		c.DisplayUserSettingsWithData(w, r, data)
+		return
+	}
+	if len(newPass) < 3 {
+		data := make(map[string]interface{})
+		data["error"] = "Passwort zu kurz, du Hurensohn"
+		c.DisplayUserSettingsWithData(w, r, data)
+		return
+	}
+
 	if len(curPass) > 0 && len(newPass) > 0 {
 		var success bool
 		err = c.Database.QueryRow("SELECT login.compare_passwords($1, $2)", user.Password, curPass).Scan(&success)
@@ -305,9 +319,9 @@ func (c *Charakterin) Register(w http.ResponseWriter, r *http.Request) {
 	password := values.Get("password")
 	email := values.Get("email")
 
-	if len(username) < 3 {
+	if len(username) < 3 || !reUsername.MatchString(username) {
 		data := make(map[string]interface{})
-		data["error"] = "Username zu kurz, du Hurensohn"
+		data["error"] = "Ich ficke deinen Usernamen, Lars"
 		data["previous_email"] = email
 		c.DisplayRegistrationWithData(w, r, data)
 		return
-- 
cgit v0.10.1