From 6042c510e1785d57f8d9f56fc99bb899cbe13275 Mon Sep 17 00:00:00 2001 From: calzoneman Date: Wed, 20 Mar 2013 18:10:23 -0500 Subject: [PATCH 1/2] Fix bad channel names --- user.js | 3 +++ www/assets/js/client.js | 6 ++++++ 2 files changed, 9 insertions(+) diff --git a/user.js b/user.js index 7c821e5d..3d104c88 100644 --- a/user.js +++ b/user.js @@ -28,6 +28,7 @@ var User = function(socket, ip) { } }; + // Set up socket callbacks User.prototype.initCallbacks = function() { // What a shame @@ -37,6 +38,8 @@ User.prototype.initCallbacks = function() { }.bind(this)); this.socket.on('joinChannel', function(data) { + if(!data.name.match(/[a-zA-Z0-9]+/)) + return; // Channel already loaded if(data.name in Server.channels) { this.channel = Server.channels[data.name]; diff --git a/www/assets/js/client.js b/www/assets/js/client.js index ace79089..f80a011b 100644 --- a/www/assets/js/client.js +++ b/www/assets/js/client.js @@ -61,6 +61,12 @@ if(params['channel'] == undefined) { } }); } +else if(!params['channel'].match(/[a-zA-Z0-9]+/)) { + $('
').addClass('alert alert-error') + .insertAfter($('.row')[0])[0] + .innerHTML = "

Invalid Channel Name

Channel names must conain only numbers and letters

"; + +} else { socket.emit('joinChannel', { name: params['channel'] From b565324ec344450f4e34cc81e8af87c6012d877c Mon Sep 17 00:00:00 2001 From: calzoneman Date: Wed, 20 Mar 2013 18:15:52 -0500 Subject: [PATCH 2/2] Amend last commit, fix regex --- user.js | 2 +- www/assets/js/client.js | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/user.js b/user.js index 3d104c88..01863a7b 100644 --- a/user.js +++ b/user.js @@ -38,7 +38,7 @@ User.prototype.initCallbacks = function() { }.bind(this)); this.socket.on('joinChannel', function(data) { - if(!data.name.match(/[a-zA-Z0-9]+/)) + if(!data.name.match(/^[a-zA-Z0-9]+$/)) return; // Channel already loaded if(data.name in Server.channels) { diff --git a/www/assets/js/client.js b/www/assets/js/client.js index f80a011b..4e960f75 100644 --- a/www/assets/js/client.js +++ b/www/assets/js/client.js @@ -61,7 +61,7 @@ if(params['channel'] == undefined) { } }); } -else if(!params['channel'].match(/[a-zA-Z0-9]+/)) { +else if(!params['channel'].match(/^[a-zA-Z0-9]+$/)) { $('
').addClass('alert alert-error') .insertAfter($('.row')[0])[0] .innerHTML = "

Invalid Channel Name

Channel names must conain only numbers and letters

";