hbbs

bbs.hlirc.net
Log | Files | Refs | README | LICENSE

commit 7a625f9a4a9610e72455ce127ead78358b5447f8
parent 9f64a4cb7de9d397aa39f4e2dd0d284d5ca8b59e
Author: hhvn <hayden@haydenvh.com>
Date:   Tue,  2 Feb 2021 23:31:51 +0000

bin/interface.sh bin/login.sh include/userinfo.sh: tighten mail security

Diffstat:
Mbin/interface.sh | 2+-
Mbin/login.sh | 3+--
Minclude/userinfo.sh | 8++++++++
3 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/bin/interface.sh b/bin/interface.sh @@ -295,7 +295,7 @@ menu_users(){ ok "password updated" } || error "passwords do not match" } - [ "$email" != "" ] && userset "$user" email "$email" + [ "$email" != "" ] && checknmail "$user" && userset "$user" email "$email" [ "$nick" != "" ] && userset "$user" nick "$nick" [ "$realname" != "" ] && userset "$user" realname "$realname" prompt "Edit bio (${k}y${s}es/${k}n${s}o/from ${k}u${s}ri)" edit diff --git a/bin/login.sh b/bin/login.sh @@ -42,8 +42,7 @@ login(){ return 1 } prompt "email" email - echo "$email" | grep '[a-zA-Z0-9+.]*@[A-Za-z0-9.]*.[A-Za-z0-9.]*' >/dev/null || { - error "doesn't look like an email" + checknmail "$email" || { anykey return 1 } diff --git a/include/userinfo.sh b/include/userinfo.sh @@ -37,6 +37,14 @@ checknuser(){ return 0 } +checknmail(){ + echo "$1" | grep -Ev '^..*@.*' >/dev/null && error "doesn't like like an email addr" && return 1 + for u in $datadir/users/* + do + [ "$(userget "$u" email)" = "$1" ] && error "addr already in use" && return 1 + done +} + check(){ [ ! -f $datadir/users/$1 ] && { error "no such account"