Merge pull request #9 from Antoninop/inputCheck

Security input check
2024-11-18 05:40:31 +00:00 · 2024-07-12 11:34:26 +02:00 · 2024-07-12 11:34:26 +02:00 · beb4d09868
commit beb4d09868
parent 0a1487b806 cec35f3b6d
2 changed files with 13 additions and 6 deletions
--- a/src/components/CreateServer/CreateServer.jsx
+++ b/src/components/CreateServer/CreateServer.jsx
@ -46,6 +46,10 @@ const CreateServer = ({ user, onCreateServer, onSubdomainUpdate, onCancel, noSer
    }
  };
  const validateInput = (input) => {
    return input.replace(/[^a-zA-Z]/g, '');
  };
  return (
    <div className={styles.container}>
      {noServers ? (
@ -68,7 +72,7 @@ const CreateServer = ({ user, onCreateServer, onSubdomainUpdate, onCancel, noSer
                className={styles.inputsubdomain}
                type="text"
                value={subdomainInput}
-                onChange={(e) => setSubdomainInput(e.target.value)}
+                onChange={(e) => setSubdomainInput(validateInput(e.target.value))}
                placeholder='Nom du sous domaine'
              />
              <button className={styles.btnSubCreate} onClick={handleSaveSubdomain}>
@ -86,7 +90,7 @@ const CreateServer = ({ user, onCreateServer, onSubdomainUpdate, onCancel, noSer
                type="text"
                placeholder="Nom du serveur"
                value={serverName}
-                onChange={(e) => setServerName(e.target.value)}
+                onChange={(e) => setServerName(validateInput(e.target.value))}
              />
              <select
                className={styles.select}
--- a/src/pages/ServerDetails/ServerDetails.jsx
+++ b/src/pages/ServerDetails/ServerDetails.jsx
@ -37,9 +37,14 @@ const ServerDetails = ({ user }) => {
    fetchServer();
  }, [serverName]);
  const validateInput = (input) => {
    return input.replace(/[^a-zA-Z]/g, '');
  };
  const handleChange = (e) => {
    const { name, value } = e.target;
-    setServer({ ...server, [name]: value });
+    const validatedValue = name === 'motd' ? validateInput(value) : value;
    setServer({ ...server, [name]: validatedValue });
  };
  const handleSave = async () => {
@ -55,14 +60,12 @@ const ServerDetails = ({ user }) => {
        ['pvp', server.pvp.toString()]
      ];
      await serviiApi.updateProperties(server.name, props); 
    } catch (error) {
      console.error('Error updating server:', error);
      alert('Error updating server');
    }
-    handleQuit()
+    handleQuit();
  };
  const handleQuit = () => {