mifr/subsurface
1
0
Fork 0
mirror of https://github.com/subsurface/subsurface.git synced 2025-02-19 22:16:15 +00:00
Code Issues Projects Releases Packages Wiki Activity

QML UI: enforce rules for cloud credentials

Browse source 
Email addresses are checked for a someone useful pattern, passwords are
letters, numbers, and +-_. only. Reject anything else.

Signed-off-by: Dirk Hohndel <dirk@hohndel.org>
This commit is contained in:
Dirk Hohndel 2017-07-14 22:15:31 -07:00
parent 1b8b112048
commit a0c6ceeb3d
1 changed files with 22 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

31
mobile-widgets/qmlmanager.cpp
View file

@ -278,33 +278,46 @@ void QMLManager::saveCloudCredentials()
{ {
QSettings s; QSettings s;
bool cloudCredentialsChanged = false; bool cloudCredentialsChanged = false;
// make sure we only have letters, numbers, and +-_. in password and email address
QRegularExpression regExp("^[a-zA-Z0-9@.+_-]+$");
QString cloudPwd = cloudPassword();
QString cloudUser = cloudUserName();
if (cloudPwd.isEmpty() || !reg.match(cloudPwd) || !reg.match(cloudUser) {
setStartPageText(RED_FONT + tr("Cloud storage email and password can only consist of letters, numbers, and '.', '-', '_', and '+'.") + END_FONT);
return;
}
// use the same simplistic regex as the backend to check email addresses
regExp = QRegularExpression("^[a-zA-Z0-9.+_-]+@[a-zA-Z0-9.+_-]+\\.[a-zA-Z0-9]+");
if (!regExp.match(cloudUser).hasMatch()) {
setStartPageText(RED_FONT + tr("Invalid format for email address") + END_FONT);
return;
}
s.beginGroup("CloudStorage"); s.beginGroup("CloudStorage");
s.setValue("email", cloudUserName()); s.setValue("email", cloudUser);
s.setValue("password", cloudPassword()); s.setValue("password", cloudPwd);
s.sync(); s.sync();
if (!same_string(prefs.cloud_storage_email, qPrintable(cloudUserName()))) { if (!same_string(prefs.cloud_storage_email, qPrintable(cloudUser))) {
free(prefs.cloud_storage_email); free(prefs.cloud_storage_email);
prefs.cloud_storage_email = strdup(qPrintable(cloudUserName())); prefs.cloud_storage_email = strdup(qPrintable(cloudUser));
cloudCredentialsChanged = true; cloudCredentialsChanged = true;
} }
cloudCredentialsChanged |= !same_string(prefs.cloud_storage_password, qPrintable(cloudPassword())); cloudCredentialsChanged |= !same_string(prefs.cloud_storage_password, qPrintable(cloudPwd));
if (!cloudCredentialsChanged) { if (!cloudCredentialsChanged) {
// just go back to the dive list // just go back to the dive list
setCredentialStatus(oldStatus()); setCredentialStatus(oldStatus());
} }
if (!same_string(prefs.cloud_storage_password, qPrintable(cloudPassword()))) { if (!same_string(prefs.cloud_storage_password, qPrintable(cloudPwd))) {
free(prefs.cloud_storage_password); free(prefs.cloud_storage_password);
prefs.cloud_storage_password = strdup(qPrintable(cloudPassword())); prefs.cloud_storage_password = strdup(qPrintable(cloudPwd));
} }
if (cloudUserName().isEmpty() || cloudPassword().isEmpty()) { if (cloudUser.isEmpty() || cloudPwd.isEmpty()) {
setStartPageText(RED_FONT + tr("Please enter valid cloud credentials.") + END_FONT); setStartPageText(RED_FONT + tr("Please enter valid cloud credentials.") + END_FONT);
} else if (cloudCredentialsChanged) { } else if (cloudCredentialsChanged) {
// let's make sure there are no unsaved changes // let's make sure there are no unsaved changes
saveChangesLocal(); saveChangesLocal();
free(prefs.userid); free(prefs.userid);
prefs.userid = NULL; prefs.userid = NULL;
syncLoadFromCloud(); syncLoadFromCloud();