Skip to content

Commit

Permalink
Bugs fixed
Browse files Browse the repository at this point in the history 
- Artist/designer name search not working
- Mass grant currency not working for users with spaces in their usernames
- Could not create a character with the same character code after deleting an old one with the same code
- Redirect after deleting a character caused an error

Misc
- Restricted name length to 25 characters max at registration time
- Prevented names from containing anything besides alphanumeric/dash/underscore characters
- Prevented character codes from containing anything besides alphanumeric/dash/underscore characters
- Changed label for name field on registration form to say "username"
- Allowed name attribute to be used in text pages
  • Loading branch information
@corowne
corowne committed Apr 19, 2020
1 parent ac24236 commit f0c8dfc
Show file tree
Hide file tree
Showing 8 changed files with 31 additions and 12 deletions.
7 changes: 7 additions & 0 deletions app/Helpers/Helpers.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -94,6 +94,13 @@ function parse($text, &$pings = null) {
require_once(base_path().'/vendor/ezyang/htmlpurifier/library/HTMLPurifier.auto.php');

$config = HTMLPurifier_Config::createDefault();
$config->set('Attr.EnableID', true);
$config->set('HTML.DefinitionID', 'include');
$config->set('HTML.DefinitionRev', 2);
if ($def = $config->maybeGetRawHTMLDefinition()) {
$def->addElement('include', 'Block', 'Empty', 'Common', array('file*' => 'URI', 'height' => 'Text', 'width' => 'Text'));
}

$purifier = new HTMLPurifier($config);
$text = $purifier->purify($text);

Expand Down
2 changes: 1 addition & 1 deletion app/Http/Controllers/Admin/Characters/CharacterController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -419,7 +419,7 @@ public function postCharacterDelete(Request $request, CharacterManager $service,

if ($service->deleteCharacter($this->character, Auth::user())) {
flash('Character deleted successfully.')->success();
return redirect()->to($character->url);
return redirect()->to('masterlist');
}
else {
foreach($service->errors()->getMessages()['error'] as $error) flash($error)->error();
Expand Down
2 changes: 1 addition & 1 deletion app/Http/Controllers/Auth/RegisterController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -66,7 +66,7 @@ public function showRegistrationForm()
protected function validator(array $data)
{
return Validator::make($data, [
'name' => ['required', 'string', 'min:3', 'max:255'],
'name' => ['required', 'string', 'min:3', 'max:25', 'alpha_dash'],
'email' => ['required', 'string', 'email', 'max:255', 'unique:users'],
'agreement' => ['required', 'accepted'],
'password' => ['required', 'string', 'min:8', 'confirmed'],
Expand Down
22 changes: 16 additions & 6 deletions app/Http/Controllers/BrowseController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -116,6 +116,10 @@ public function getCharacters(Request $request)

if($request->get('username')) {
$name = $request->get('username');

// Usernames are prevented from containing spaces, but this is to deal with previously made accounts with spaces in names
$name = str_replace('%20', ' ', $name);

$owners = User::where('name', 'LIKE', '%' . $name . '%')->orWhere('alias', 'LIKE', '%' . $name . '%')->pluck('id')->toArray();
$query->where(function($query) use ($owners, $name) {
$query->whereIn('user_id', $owners)->orWhere('owner_alias', 'LIKE', '%' . $name . '%');
Expand All @@ -138,16 +142,16 @@ public function getCharacters(Request $request)
});
}
}
if($request->get('artists')) {
$artistName = $request->get('artists');
if($request->get('artist')) {
$artistName = $request->get('artist');
$imageQuery->whereHas('artists', function($query) use ($artistName) {
$query->where('alias', $artistName);
$query->where('alias', 'LIKE', '%'.$artistName.'%');
});
}
if($request->get('designers')) {
$designerName = $request->get('designers');
if($request->get('designer')) {
$designerName = $request->get('designer');
$imageQuery->whereHas('designers', function($query) use ($designerName) {
$query->where('alias', $designerName);
$query->where('alias', 'LIKE', '%'.$designerName.'%');
});
}

Expand All @@ -166,6 +170,8 @@ public function getCharacters(Request $request)
case 'sale_value_asc':
$query->orderBy('characters.sale_value', 'ASC');
break;
default:
$query->orderBy('characters.id', 'DESC');
}

return view('browse.masterlist', [
Expand Down Expand Up @@ -210,6 +216,10 @@ public function getMyos(Request $request)

if($request->get('username')) {
$name = $request->get('username');

// Usernames are prevented from containing spaces, but this is to deal with previously made accounts with spaces in names
$name = str_replace('%20', ' ', $name);

$owners = User::where('name', 'LIKE', '%' . $name . '%')->orWhere('alias', 'LIKE', '%' . $name . '%')->pluck('id')->toArray();
$query->where(function($query) use ($owners, $name) {
$query->whereIn('user_id', $owners)->orWhere('owner_alias', 'LIKE', '%' . $name . '%');
Expand Down
2 changes: 1 addition & 1 deletion app/Models/Character/Character.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -77,7 +77,7 @@ class Character extends Model
'rarity_id' => 'required',
'user_id' => 'nullable',
'number' => 'required',
'slug' => 'required|unique:characters,slug',
'slug' => 'required|alpha_dash',
'description' => 'nullable',
'sale_value' => 'nullable',
'image' => 'required|mimes:jpeg,gif,png|max:20000',
Expand Down
2 changes: 2 additions & 0 deletions app/Services/CharacterManager.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -86,6 +86,8 @@ public function createCharacter($data, $user, $isMyo = false)
DB::beginTransaction();

try {
if(!$isMyo && Character::where('slug', $data['slug'])->exists()) throw new \Exception("Please enter a unique character code.");

if(!(isset($data['user_id']) && $data['user_id']) && !(isset($data['owner_alias']) && $data['owner_alias']))
throw new \Exception("Please select an owner.");
if(!$isMyo)
Expand Down
2 changes: 1 addition & 1 deletion app/Services/CurrencyManager.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ public function grantUserCurrencies($data, $staff)
if($data['quantity'] == 0) throw new \Exception("Please enter a non-zero quantity.");

// Process names
$users = User::whereIn('name', explode(',', str_replace(' ', '', $data['names'])))->get();
$users = User::whereIn('name', array_map('trim', explode(',', $data['names'])))->get();
if(!count($users)) throw new \Exception("No valid users found.");

// Process currency
Expand Down
4 changes: 2 additions & 2 deletions resources/views/auth/register.blade.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@
@csrf

<div class="form-group row">
<label for="name" class="col-md-4 col-form-label text-md-right">{{ __('Name') }}</label>
<label for="name" class="col-md-4 col-form-label text-md-right">Username</label>

<div class="col-md-6">
<input id="name" type="text" class="form-control{{ $errors->has('name') ? ' is-invalid' : '' }}" name="name" value="{{ old('name') }}" required autofocus>
Expand All @@ -27,7 +27,7 @@
</div>

<div class="form-group row">
<label for="email" class="col-md-4 col-form-label text-md-right">{{ __('E-Mail Address') }}</label>
<label for="email" class="col-md-4 col-form-label text-md-right">E-mail Address</label>

<div class="col-md-6">
<input id="email" type="email" class="form-control{{ $errors->has('email') ? ' is-invalid' : '' }}" name="email" value="{{ old('email') }}" required>
Expand Down

0 comments on commit f0c8dfc

Please sign in to comment.