Skip to content

Commit

Permalink
change security features
Browse files Browse the repository at this point in the history
  • Loading branch information
@Miningmark
Miningmark committed Dec 14, 2024
1 parent 10989c3 commit c182f76
Show file tree
Hide file tree
Showing 6 changed files with 40 additions and 41 deletions.
18 changes: 10 additions & 8 deletions src/pages/api/helferRegistration.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -122,16 +122,18 @@ export default async function handler(req, res) {
const emailRegex = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;

// Helper function for string validation
const validateString = (value, fieldName, minLength, maxLength) => {
const validateString = (value, fieldName, minLength, maxLength, specialCheck = true) => {
if (!value || !value.trim()) {
errors.push({ field: fieldName, message: `${fieldName} ist ein Pflichtfeld` });
} else {
if (value.length < minLength)
errors.push({ field: fieldName, message: `${fieldName} ist zu kurz` });
if (value.length > maxLength)
errors.push({ field: fieldName, message: `${fieldName} ist zu lang` });
if (invalidCharactersRegex.test(value)) {
errors.push({ field: fieldName, message: `Ungültige Zeichen in ${fieldName}` });
if (specialCheck) {
if (invalidCharactersRegex.test(value)) {
errors.push({ field: fieldName, message: `Ungültige Zeichen in ${fieldName}` });
}
}
}
};
Expand All @@ -143,7 +145,7 @@ export default async function handler(req, res) {
if (email && !emailRegex.test(email)) {
errors.push({ field: "email", message: "E-Mail-Adresse ist ungültig" });
}
validateString(discordName, "discordName", 2, 50);
validateString(discordName, "discordName", 2, 50, false);
validateString(phone, "phone", 5, 25);
validateString(street, "street", 5, 100);
validateString(postalCode, "postalCode", 2, 10);
Expand All @@ -157,12 +159,12 @@ export default async function handler(req, res) {
if (nickname) validateString(nickname, "nickname", 2, 50);
if (occupation) validateString(occupation, "occupation", 2, 100);
if (arrival) validateString(arrival, "arrival", 2, 50);
if (foodDetails) validateString(foodDetails, "allergies", 2, 500);
if (foodDetails) validateString(foodDetails, "allergies", 2, 500, false);
if (strengths) validateString(strengths, "strengths", 2, 255);
if (desiredTeam) validateString(desiredTeam, "desiredTeam", 2, 255);
if (other) validateString(other, "other", 2, 500);
if (workTimeSaturday) validateString(workTimeSaturday, "workTimeSaturday", 0, 255);
if (workTimeSunday) validateString(workTimeSunday, "workTimeSunday", 0, 255);
if (other) validateString(other, "other", 2, 500, false);
if (workTimeSaturday) validateString(workTimeSaturday, "workTimeSaturday", 0, 255, false);
if (workTimeSunday) validateString(workTimeSunday, "workTimeSunday", 0, 255, false);

// Boolean validation
if (typeof privacyPolicy !== "boolean") {
Expand Down
12 changes: 0 additions & 12 deletions src/pages/api/presseAkreditierung.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -86,16 +86,10 @@ export default async function handler(req, res) {
errors.push({ field: "workFunction", message: "Berufsbezeichnung ist zu kurz" });
if (workFunction.length > 50)
errors.push({ field: "workFunction", message: "Berufsbezeichnung ist zu lang" });
if (invalidCharactersRegex.test(workFunction)) {
errors.push({ field: "workFunction", message: "Ungültige Zeichen in der Berufsbezeichnung" });
}

// medium Validierung
if (medium.length < 3) errors.push({ field: "medium", message: "Medium ist zu kurz" });
if (medium.length > 100) errors.push({ field: "medium", message: "Medium ist zu lang" });
if (invalidCharactersRegex.test(medium)) {
errors.push({ field: "medium", message: "Ungültige Zeichen im Medium" });
}

// address Validierung
if (address.length < 3) errors.push({ field: "address", message: "Adresse ist zu kurz" });
Expand All @@ -112,17 +106,11 @@ export default async function handler(req, res) {
errors.push({ field: "verification", message: "Nachweis ist zu kurz" });
if (verification.length > 500)
errors.push({ field: "verification", message: "Nachweis ist zu lang" });
if (invalidCharactersRegex.test(verification)) {
errors.push({ field: "verification", message: "Ungültige Zeichen im Nachweis" });
}
}

// message Validierung
if (message.length < 10) errors.push({ field: "message", message: "Nachricht ist zu kurz" });
if (message.length > 500) errors.push({ field: "message", message: "Nachricht ist zu lang" });
if (invalidCharactersRegex.test(message)) {
errors.push({ field: "message", message: "Ungültige Zeichen in der Nachricht" });
}

// privacyPolicy Validierung
if (typeof privacyPolicy !== "boolean") {
Expand Down
14 changes: 8 additions & 6 deletions src/pages/api/registrationAsArtist.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -113,16 +113,18 @@ export default async function handler(req, res) {
const emailRegex = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;

// Helper function for string validation
const validateString = (value, fieldName, minLength, maxLength) => {
const validateString = (value, fieldName, minLength, maxLength, specialCheck = true) => {
if (!value || !value.trim()) {
errors.push({ field: fieldName, message: `${fieldName} ist ein Pflichtfeld` });
} else {
if (value.length < minLength)
errors.push({ field: fieldName, message: `${fieldName} ist zu kurz` });
if (value.length > maxLength)
errors.push({ field: fieldName, message: `${fieldName} ist zu lang` });
if (invalidCharactersRegex.test(value)) {
errors.push({ field: fieldName, message: `Ungültige Zeichen in ${fieldName}` });
if (specialCheck) {
if (invalidCharactersRegex.test(value)) {
errors.push({ field: fieldName, message: `Ungültige Zeichen in ${fieldName}` });
}
}
}
};
Expand All @@ -139,16 +141,16 @@ export default async function handler(req, res) {
validateString(postalCode, "postalCode", 2, 10);
validateString(city, "city", 2, 50);
validateString(country, "country", 2, 50);
validateString(typeOfArt, "typeOfArt", 3, 2500);
validateString(descriptionOfStand, "descriptionOfStand", 3, 2500);
validateString(typeOfArt, "typeOfArt", 3, 2500, false);
validateString(descriptionOfStand, "descriptionOfStand", 3, 2500, false);
validateString(standSize, "standSize", 3, 50);
validateString(programmBooklet, "programmBooklet", 3, 50);

// Optional fields
if (vendorName) validateString(vendorName, "vendorName", 3, 50);
if (website) validateString(website, "website", 3, 100);
if (instagram) validateString(instagram, "instagram", 3, 100);
if (message) validateString(message, "message", 3, 2500);
if (message) validateString(message, "message", 3, 2500, false);

// Boolean validation
if (typeof additionalExhibitorTicket !== "boolean") {
Expand Down
10 changes: 6 additions & 4 deletions src/pages/api/registrationAsShowact.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -109,16 +109,18 @@ export default async function handler(req, res) {
const emailRegex = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;

// Helper function for string validation
const validateString = (value, fieldName, minLength, maxLength) => {
const validateString = (value, fieldName, minLength, maxLength, specialCheck = true) => {
if (!value || !value.trim()) {
errors.push({ field: fieldName, message: `${fieldName} ist ein Pflichtfeld` });
} else {
if (value.length < minLength)
errors.push({ field: fieldName, message: `${fieldName} ist zu kurz` });
if (value.length > maxLength)
errors.push({ field: fieldName, message: `${fieldName} ist zu lang` });
if (invalidCharactersRegex.test(value)) {
errors.push({ field: fieldName, message: `Ungültige Zeichen in ${fieldName}` });
if (specialCheck) {
if (invalidCharactersRegex.test(value)) {
errors.push({ field: fieldName, message: `Ungültige Zeichen in ${fieldName}` });
}
}
}
};
Expand Down Expand Up @@ -164,7 +166,7 @@ export default async function handler(req, res) {
// Optional fields
if (website) validateString(website, "website", 3, 100);
if (instagram) validateString(instagram, "instagram", 3, 100);
if (message) validateString(message, "message", 3, 2500);
if (message) validateString(message, "message", 3, 2500, false);

// Boolean validation
if (typeof privacyPolicy !== "boolean" || privacyPolicy === false) {
Expand Down
12 changes: 7 additions & 5 deletions src/pages/api/registrationAsVendor.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -115,16 +115,18 @@ export default async function handler(req, res) {
const emailRegex = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;

// Helper function for string validation
const validateString = (value, fieldName, minLength, maxLength) => {
const validateString = (value, fieldName, minLength, maxLength, specialCheck = true) => {
if (!value || !value.trim()) {
errors.push({ field: fieldName, message: `${fieldName} ist ein Pflichtfeld` });
} else {
if (value.length < minLength)
errors.push({ field: fieldName, message: `${fieldName} ist zu kurz` });
if (value.length > maxLength)
errors.push({ field: fieldName, message: `${fieldName} ist zu lang` });
if (invalidCharactersRegex.test(value)) {
errors.push({ field: fieldName, message: `Ungültige Zeichen in ${fieldName}` });
if (specialCheck) {
if (invalidCharactersRegex.test(value)) {
errors.push({ field: fieldName, message: `Ungültige Zeichen in ${fieldName}` });
}
}
}
};
Expand All @@ -141,14 +143,14 @@ export default async function handler(req, res) {
validateString(city, "city", 2, 50);
validateString(country, "country", 2, 50);
validateString(typeOfAssortment, "typeOfAssortment", 3, 2500);
validateString(descriptionOfStand, "descriptionOfStand", 3, 2500);
validateString(descriptionOfStand, "descriptionOfStand", 3, 2500, false);
validateString(standSize, "standSize", 3, 50);
validateString(programmBooklet, "programmBooklet", 3, 50);

// Optional fields
if (website) validateString(website, "website", 3, 100);
if (instagram) validateString(instagram, "instagram", 3, 100);
if (message) validateString(message, "message", 3, 2500);
if (message) validateString(message, "message", 3, 2500, false);

// Boolean validation
if (typeof strom !== "boolean") {
Expand Down
15 changes: 9 additions & 6 deletions src/pages/api/registrationAsWorkshop.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -113,16 +113,18 @@ export default async function handler(req, res) {
const emailRegex = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;

// Helper function for string validation
const validateString = (value, fieldName, minLength, maxLength) => {
const validateString = (value, fieldName, minLength, maxLength, specialCheck = true) => {
if (!value || !value.trim()) {
errors.push({ field: fieldName, message: `${fieldName} ist ein Pflichtfeld` });
} else {
if (value.length < minLength)
errors.push({ field: fieldName, message: `${fieldName} ist zu kurz` });
if (value.length > maxLength)
errors.push({ field: fieldName, message: `${fieldName} ist zu lang` });
if (invalidCharactersRegex.test(value)) {
errors.push({ field: fieldName, message: `Ungültige Zeichen in ${fieldName}` });
if (specialCheck) {
if (invalidCharactersRegex.test(value)) {
errors.push({ field: fieldName, message: `Ungültige Zeichen in ${fieldName}` });
}
}
}
};
Expand All @@ -138,7 +140,7 @@ export default async function handler(req, res) {
validateString(city, "city", 2, 50);
validateString(country, "country", 2, 50);
validateString(workshopTitle, "workshopTitle", 3, 50);
validateString(workshopDescription, "workshopDescription", 3, 50);
validateString(workshopDescription, "workshopDescription", 3, 50, false);
if (leaders < 1) {
errors.push({ field: "leaders", message: "Mindestens ein Leiter muss angegeben werden" });
}
Expand Down Expand Up @@ -179,10 +181,11 @@ export default async function handler(req, res) {
}

// Optional fields
if (workshopRequirements) validateString(workshopRequirements, "workshopRequirements", 3, 2500);
if (workshopRequirements)
validateString(workshopRequirements, "workshopRequirements", 3, 2500, false);
if (website) validateString(website, "website", 3, 100);
if (instagram) validateString(instagram, "instagram", 3, 100);
if (message) validateString(message, "message", 3, 2500);
if (message) validateString(message, "message", 3, 2500, false);

// Boolean validation
if (typeof privacyPolicy !== "boolean" || privacyPolicy === false) {
Expand Down

0 comments on commit c182f76

Please sign in to comment.