Add validation to biodata via regex

c8450a73 · Suhendi · b7b42ade · c8450a73 · c8450a73 · c8450a73
Commit c8450a73 authored 5 years ago by Suhendi
--- a/controller/Account/RegisterController.php
+++ b/controller/Account/RegisterController.php
@@ -3,6 +3,7 @@ namespace JLAS\Book\Controller\Account;
 use \JLAS\Book\Controller\BaseController;
 use \JLAS\Book\Model as Model;
 use \JLAS\Book\Entity as Entity;
+use JLAS\Book\Controller\BiodataController as BiodataController;

 class RegisterController extends BaseController {

@@ -28,6 +29,10 @@ class RegisterController extends BaseController {
                    "address" => escapeHTML($this->getArg('address')),
                    "phone" => escapeHTML($this->getArg('phone')),
                ));
+                if (!BiodataController::validate($biodata)) {
+                    $this->setResponse(400);
+                    return;
+                }
                try {
                    // Create user.
                    $user = new Entity\AccountEntity(array(

--- a/controller/BiodataController.php
+++ b/controller/BiodataController.php
@@ -6,6 +6,22 @@ use \JLAS\Book\Entity as Entity;

 class BiodataController extends BaseController {

+    static $username_pattern = '^\w{5,20}$';
+    static $phone_pattern = '^\d{9,12}$';
+
+    public static function validate($biodata) {
+        if (!filter_var($biodata->email, FILTER_VALIDATE_EMAIL)) {
+            return false;
+        }
+        if (!preg_match($username_pattern, $biodata->username)) {
+            return false;
+        }
+        if (!preg_match($phone_pattern, $biodata->phone)) {
+            return false;
+        }
+        return true;
+    }
+
    /**
     * Get the data needed for this controller.
     * @return array data passed to the view.

--- a/controller/EditController.php
+++ b/controller/EditController.php
@@ -3,6 +3,7 @@ namespace JLAS\Book\Controller;
 use \JLAS\Book\Controller\BaseController;
 use \JLAS\Book\Model as Model;
 use \JLAS\Book\Entity as Entity;
+use JLAS\Book\Controller\BiodataController as BiodataController;

 class EditController extends BaseController {

@@ -50,6 +51,11 @@ class EditController extends BaseController {
                $biodata->name = escapeHTML($this->getArg('name'));
                $biodata->address = escapeHTML($this->getArg('address'));
                $biodata->phone = escapeHTML($this->getArg('phone'));
+
+                if (!BiodataController::validate($biodata)) {
+                    $this->setResponse(400);
+                    return;
+                }
                
                //Update profile picture
                if (isset($image_id)) {