diff options
| author | Fuwn <[email protected]> | 2023-10-24 17:23:09 -0700 |
|---|---|---|
| committer | Fuwn <[email protected]> | 2023-10-24 17:23:09 -0700 |
| commit | ab00423409358eace0aa66017bfb252cdf680fd5 (patch) | |
| tree | e81298f8058c3ad1ac6648f8f9b7296b2ab57c95 /src | |
| parent | merge: branch badges into main (diff) | |
| download | due.moe-ab00423409358eace0aa66017bfb252cdf680fd5.tar.xz due.moe-ab00423409358eace0aa66017bfb252cdf680fd5.zip | |
feat(badges): add safe limits
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/userBadgesDatabase.ts | 6 | ||||
| -rw-r--r-- | src/routes/user/[user]/badges/+page.svelte | 34 |
2 files changed, 23 insertions, 17 deletions
diff --git a/src/lib/userBadgesDatabase.ts b/src/lib/userBadgesDatabase.ts index c129770e..ae1b1176 100644 --- a/src/lib/userBadgesDatabase.ts +++ b/src/lib/userBadgesDatabase.ts @@ -15,9 +15,9 @@ const database = new Database('./due_moe.sqlite3', { database.exec(`create table if not exists user_badges ( id integer primary key, user_id integer not null, - post text not null, - image text not null, - description text default null, + post text(1000) not null, + image text(1000) not null, + description text(1000) default null, time timestamp default current_timestamp )`); diff --git a/src/routes/user/[user]/badges/+page.svelte b/src/routes/user/[user]/badges/+page.svelte index 276bf1ca..8ed7b878 100644 --- a/src/routes/user/[user]/badges/+page.svelte +++ b/src/routes/user/[user]/badges/+page.svelte @@ -186,18 +186,12 @@ // } // ]; - // onMount(async () => { - // const id = (await user(data.username)).id; - - // for (const badge of badges) { - // await fetch(`/api/badges-add?id=${id}`, { - // method: 'POST', - // body: JSON.stringify(badge) - // }); - // } - // }); - onMount(async () => { + // await fetch(`/api/badges/add`, { + // method: 'POST', + // body: JSON.stringify(badges) + // }); + if (data.user) { currentUserIdentity = userIdentity(data.user); } else { @@ -258,9 +252,21 @@ </p> <p> - <input type="text" placeholder="Image URL" name="image_url" /> - <input type="text" placeholder="Activity URL" name="activity_url" /> - <input type="text" placeholder="Description (Optional)" name="description" /> + <input type="text" placeholder="Image URL" name="image_url" minlength="1" maxlength="1000" /> + <input + type="text" + placeholder="Activity URL" + name="activity_url" + minlength="1" + maxlength="1000" + /> + <input + type="text" + placeholder="Description (Optional)" + name="description" + minlength="1" + maxlength="1000" + /> <a href={`#`} on:click={submitBadge}>Add Badge</a> </p> {/if} |