external/aurweb
0
0
Fork 0
mirror of https://gitlab.archlinux.org/archlinux/aurweb.git synced 2025-02-03 10:43:03 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Only allow valid HTTP(s) URLs as home page

Browse source 
The home page specified in the account settings is converted to a
clickable link on the user's profile. Make sure it is a valid URL which
uses the http or https scheme.

Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
This commit is contained in:
Lukas Fleischer 2017-11-05 08:48:25 +01:00
parent c859e371b0
commit 4efba18f86
2 changed files with 24 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

4
web/lib/acctfuncs.inc.php
View file

@ -162,6 +162,10 @@ function process_account_form($TYPE,$A,$U="",$T="",$S="",$E="",$H="",$P="",$C=""
$error = __("The email address is invalid.");
}
if (!$error && !valid_homepage($HP)) {
$error = __("The home page is invalid, please specify the full HTTP(s) URL.");
}
if (!$error && $K != '' && !valid_pgp_fingerprint($K)) {
$error = __("The PGP key fingerprint is invalid.");
}