diff --git a/user.js b/user.js index 7c821e5d..01863a7b 100644 --- a/user.js +++ b/user.js @@ -28,6 +28,7 @@ var User = function(socket, ip) { } }; + // Set up socket callbacks User.prototype.initCallbacks = function() { // What a shame @@ -37,6 +38,8 @@ User.prototype.initCallbacks = function() { }.bind(this)); this.socket.on('joinChannel', function(data) { + if(!data.name.match(/^[a-zA-Z0-9]+$/)) + return; // Channel already loaded if(data.name in Server.channels) { this.channel = Server.channels[data.name]; diff --git a/www/assets/js/client.js b/www/assets/js/client.js index ace79089..4e960f75 100644 --- a/www/assets/js/client.js +++ b/www/assets/js/client.js @@ -61,6 +61,12 @@ if(params['channel'] == undefined) { } }); } +else if(!params['channel'].match(/^[a-zA-Z0-9]+$/)) { + $('
').addClass('alert alert-error') + .insertAfter($('.row')[0])[0] + .innerHTML = "

Invalid Channel Name

Channel names must conain only numbers and letters

"; + +} else { socket.emit('joinChannel', { name: params['channel']