tomasz.sowa/winix
1
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

fixed: misc: ValidateEmail() buffer overflow

Browse Source 
added: notifications for resetting a user's password
       (there is no a winix function for this yet)



git-svn-id: svn://ttmath.org/publicrep/winix/trunk@817 e52654a7-88a9-db11-a3e9-0013d4bc506e
This commit is contained in:
Tomasz Sowa
2012-03-09 22:56:54 +00:00
parent 489310ba1c
commit b7007da5a9
27 changed files with 540 additions and 145 deletions
Download Patch File Download Diff File Expand all files Collapse all files

45
functions/adduser.cpp
View File

@@ -12,7 +12,7 @@
#include "core/slog.h"
#include "core/plugin.h"
#include "core/misc.h"
#include "functions/functions.h"
namespace Fun
@@ -113,44 +113,8 @@ bool AddUser::IsEmailCorrect(const std::wstring & email, bool use_ses_log)
return true;
}
bool AddUser::IsPasswordCorrect(const std::wstring & pass, const std::wstring & conf_pass, bool use_ses_log)
{
if( pass != conf_pass )
{
log << log2 << "AddUser: passwords are different" << logend;
if( use_ses_log )
slog << logerror << T("adduser_err_passwords_different") << logend;
return false;
}
if( pass.size() < config->pass_min_size )
{
log << log2 << "AddUser: password is too small" << logend;
if( use_ses_log )
slog << logerror << T("adduser_err_password_too_small") << " "
<< config->pass_min_size << " " << T("adduser_err_password_too_small2") << logend;
return false;
}
if( pass.size() > WINIX_ACCOUNT_MAX_PASSWORD_SIZE )
{
log << log2 << "AddUser: password can't be longer than: " << WINIX_ACCOUNT_MAX_PASSWORD_SIZE << " characters" << logend;
if( use_ses_log )
slog << logerror << T("adduser_err_password_too_big") << " " << WINIX_ACCOUNT_MAX_PASSWORD_SIZE
<< " " << T("adduser_err_password_too_big2") << logend;
return false;
}
return true;
}
// !! IMPROVE ME
// may it should be moved to passwd winix function
/*
@@ -203,7 +167,8 @@ void AddUser::MakePost()
const std::wstring & email = cur->request->PostVar(L"email");
long code = 0;
if( !IsLoginCorrect(login, true) || !IsEmailCorrect(email, true) || !IsPasswordCorrect(pass, conf_pass, true) )
if( !IsLoginCorrect(login, true) || !IsEmailCorrect(email, true) ||
!functions->fun_passwd.IsPasswordCorrect(pass, conf_pass, true) )
return;
user.name = login;