From c2208335a538350791c3b36f2fb24f29195278f9 Mon Sep 17 00:00:00 2001 From: Face <69168154+face-hh@users.noreply.github.com> Date: Sat, 31 May 2025 12:58:24 +0300 Subject: [PATCH] make username and coin name alphanumerical only --- website/src/routes/api/coin/create/+server.ts | 9 +++++++++ website/src/routes/api/settings/+server.ts | 7 +++++++ 2 files changed, 16 insertions(+) diff --git a/website/src/routes/api/coin/create/+server.ts b/website/src/routes/api/coin/create/+server.ts index e8ce27c..00172b2 100644 --- a/website/src/routes/api/coin/create/+server.ts +++ b/website/src/routes/api/coin/create/+server.ts @@ -16,6 +16,15 @@ async function validateInputs(name: string, symbol: string, iconFile: File | nul throw error(400, 'Symbol must be between 2 and 10 characters'); } + const alphanumericRegex = /^[a-zA-Z0-9]+$/; + if (!alphanumericRegex.test(name)) { + throw error(400, 'Coin name must contain only letters and numbers'); + } + + if (!alphanumericRegex.test(symbol)) { + throw error(400, 'Coin symbol must contain only letters and numbers'); + } + const nameAppropriate = await isNameAppropriate(name); if (!nameAppropriate) { throw error(400, 'Coin name contains inappropriate content'); diff --git a/website/src/routes/api/settings/+server.ts b/website/src/routes/api/settings/+server.ts index c28e4ed..07d771b 100644 --- a/website/src/routes/api/settings/+server.ts +++ b/website/src/routes/api/settings/+server.ts @@ -24,6 +24,13 @@ async function validateInputs(name: string, bio: string, username: string, avata throw error(400, 'Username must be between 3 and 30 characters'); } + if (username) { + const alphanumericRegex = /^[a-zA-Z0-9]+$/; + if (!alphanumericRegex.test(username)) { + throw error(400, 'Username must contain only letters and numbers'); + } + } + if (username && !(await isNameAppropriate(username))) { throw error(400, 'Username contains inappropriate content'); }