Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Issue #297 Registration asks for an email address but does not validate the field properly #303

Open
wants to merge 3 commits into
base: develop
Choose a base branch
from
Open

Issue #297 Registration asks for an email address but does not validate the field properly #303

wants to merge 3 commits into from

Conversation

YoonjinTKim
Copy link
Contributor

Added a javascript function validateEmail(String) from: https://stackoverflow.com/a/46181

The function checks the validity of the email format in the registration process. The demo of the function is available in the link above.

However, this function only checks the format of the email, so the validity of the email should be checked on the server side. This issue relates to #298 when the user wants to reset the password through the email address.

@mitchwagner
Copy link
Collaborator

Should it be validating the user_id, or the password field?

@YoonjinTKim
Copy link
Contributor Author

validateEmail() is used for user_id field

@mitchwagner
Copy link
Collaborator

Oh, yeah, whoops. Sorry, not sure what I was thinking there...

Note that this fix in and of itself will not complete the issue: there are at least two cases in the code where the size of the email (user ID) form is hard-coded to only accept what might be unacceptably-short emails. These include the registration/login form, and the forgotten password form. We should probably incorporate those changes into this request as well.

The Python model does not appear to need a change, however.

@YoonjinTKim YoonjinTKim changed the base branch from master to develop August 16, 2017 17:19
adbharadwaj
adbharadwaj reviewed Aug 16, 2017
View reviewed changes
static/js/main.js Outdated
* Validating the actual address will be needed
*/
function validateEmail(email) {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Move this to utils.js library.

static/js/main.js
@@ -62,9 +62,9 @@ var header = {
var password = $("#password").val();
var verify_password = $("#verify_password").val();

if (!$("#user_id") || user_id.length == 0) {
if (!$("#user_id") || user_id.length == 0 || !validateEmail(user_id)) {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you add this validation to forgot password form as well?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do you want to make separate function for forgot password in main.js and use this method in js file or do you want to implement another checking method for python code? Cause for now, forgot password is under views.py python file.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@adbharadwaj adbharadwaj adbharadwaj left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@YoonjinTKim @mitchwagner @adbharadwaj