mifr/subsurface
1
0
Fork 0
mirror of https://github.com/subsurface/subsurface.git synced 2025-02-19 22:16:15 +00:00
Code Issues Projects Releases Packages Wiki Activity

QML UI: enforce rules for cloud credentials

Browse source 
Email addresses are checked for a someone useful pattern, passwords are
letters, numbers, and +-_. only. Reject anything else.

Signed-off-by: Dirk Hohndel <dirk@hohndel.org>
This commit is contained in:
Dirk Hohndel 2017-07-14 22:15:31 -07:00
parent 1b8b112048
commit a0c6ceeb3d
1 changed files with 22 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

31
mobile-widgets/qmlmanager.cpp
View file

@ -278,33 +278,46 @@ void QMLManager::saveCloudCredentials()
{
QSettings s;
bool cloudCredentialsChanged = false;
// make sure we only have letters, numbers, and +-_. in password and email address
QRegularExpression regExp("^[a-zA-Z0-9@.+_-]+$");
QString cloudPwd = cloudPassword();
QString cloudUser = cloudUserName();
if (cloudPwd.isEmpty() || !reg.match(cloudPwd) || !reg.match(cloudUser) {
setStartPageText(RED_FONT + tr("Cloud storage email and password can only consist of letters, numbers, and '.', '-', '_', and '+'.") + END_FONT);
return;
}
// use the same simplistic regex as the backend to check email addresses
regExp = QRegularExpression("^[a-zA-Z0-9.+_-]+@[a-zA-Z0-9.+_-]+\\.[a-zA-Z0-9]+");
if (!regExp.match(cloudUser).hasMatch()) {
setStartPageText(RED_FONT + tr("Invalid format for email address") + END_FONT);
return;
}
s.beginGroup("CloudStorage");
s.setValue("email", cloudUserName());
s.setValue("password", cloudPassword());
s.setValue("email", cloudUser);
s.setValue("password", cloudPwd);
s.sync();
if (!same_string(prefs.cloud_storage_email, qPrintable(cloudUserName()))) {
if (!same_string(prefs.cloud_storage_email, qPrintable(cloudUser))) {
free(prefs.cloud_storage_email);
prefs.cloud_storage_email = strdup(qPrintable(cloudUserName()));
prefs.cloud_storage_email = strdup(qPrintable(cloudUser));
cloudCredentialsChanged = true;
}
cloudCredentialsChanged |= !same_string(prefs.cloud_storage_password, qPrintable(cloudPassword()));
cloudCredentialsChanged |= !same_string(prefs.cloud_storage_password, qPrintable(cloudPwd));
if (!cloudCredentialsChanged) {
// just go back to the dive list
setCredentialStatus(oldStatus());
}
if (!same_string(prefs.cloud_storage_password, qPrintable(cloudPassword()))) {
if (!same_string(prefs.cloud_storage_password, qPrintable(cloudPwd))) {
free(prefs.cloud_storage_password);
prefs.cloud_storage_password = strdup(qPrintable(cloudPassword()));
prefs.cloud_storage_password = strdup(qPrintable(cloudPwd));
}
if (cloudUserName().isEmpty() || cloudPassword().isEmpty()) {
if (cloudUser.isEmpty() || cloudPwd.isEmpty()) {
setStartPageText(RED_FONT + tr("Please enter valid cloud credentials.") + END_FONT);
} else if (cloudCredentialsChanged) {
// let's make sure there are no unsaved changes
saveChangesLocal();
free(prefs.userid);
prefs.userid = NULL;
syncLoadFromCloud();