Changeset 52

Show
Ignore:
Timestamp:
05/24/08 19:36:04
Author:
nperriault
Message:

Enhanced registration form, added CSRF protection by default

Files:

Legend:

Unmodified
Added
Removed
Modified
Copied
Moved

  • trunk/lib/form/BaseFormPropel.class.php

    r50 r52  
    1010  public function setup() 
    1111  { 
    12     sfWidgetFormSchema::setDefaultFormFormatterName('list'); 
     12    sfWidgetFormSchema::setDefaultFormFormatterName('div'); 
     13    self::enableCSRFProtection('symf0n14n5'); 
    1314  } 
    1415} 

  • trunk/lib/form/RegisterForm.class.php

    r50 r52  
    33 * Member registration form 
    44 * 
     5 * @see sfGuardUserForm 
    56 */ 
    67class RegisterForm extends BasesfGuardUserForm  
    78{ 
     9 
     10  static protected $forbidden_names = array('admin', 'niko', 'contact', 'info', 'infos', 'commercial', 'tech', 'support', 'sales', 'partnership', 'webmaster', 'business', 'owner'); 
    811   
    912  public function configure() 
    1013  { 
     14    // widgets 
    1115    $this->setWidgets(array( 
    1216      'username'  => new sfWidgetFormInput(), 
     
    1620    )); 
    1721     
     22    // helps 
     23    $this->widgetSchema->setHelps(array( 
     24      'username'  => 'Your username should contains only alphanumeric, dash, dot or underscore characters, and begin with a letter.', 
     25      'email'     => 'Please enter a valid email address. An activation link will be sent to this adress.', 
     26      'password'  => 'Your password must be 6 characters length minimum.', 
     27      'password2' => 'Please confirm your password for avoiding typos.' 
     28    )); 
     29     
     30    // validators 
    1831    $this->setValidators(array( 
    19       'username'  => new sfValidatorString(array('min_length' => 3, 'max_length' => 20)), 
     32      'username'  => new sfValidatorAnd(array( 
     33        new sfValidatorString(array('min_length' => 3, 'max_length' => 20)), 
     34        new sfValidatorRegex(array('pattern' => '/^[a-zA-Z]([a-zA-Z0-9._-]+)$/'), array('invalid' => 'Name "%value%" contains forbidden characters')), 
     35        new sfValidatorBlacklist(array('choices' => self::$forbidden_names), array('invalid' => 'Name "%value%" is blacklisted')), 
     36      )), 
    2037      'email'     => new sfValidatorAnd(array( 
    2138        new sfValidatorString(array('max_length' => 100)), 
     
    2643    )); 
    2744     
     45    // post validator 
    2846    $this->validatorSchema->setPostValidator(new sfValidatorAnd(array( 
    2947      new sfValidatorSchemaCompare('password', 'equal', 'password2', array('throw_global_error' => true)), 

  • trunk/web/css/style.css

    r2 r52  
    725725    padding-left: 12px; 
    726726  } 
    727    
    728 .form_error { 
    729   color: red; 
    730   font-size: .8em; 
    731 
     727 
     728.form-row.field_error input, 
     729.form-row.field_error select, 
     730.form-row.field_error textarea { 
     731  color: red;   
     732
     733 
     734ul.error_list { 
     735  margin: 0; 
     736  padding: 0; 
     737
     738 
     739  ul.error_list li { 
     740    margin: 0; 
     741    padding: 0; 
     742    color: red; 
     743    font-size: .8em; 
     744  } 
    732745 
    733746.form_help { 
     
    737750 
    738751.form-errors { 
    739   background: #d00 url(/sf/sf_default/images/icons/cancel48.png) no-repeat 
    740     2px 4px; 
     752  background: #d00 url(/sf/sf_default/images/icons/cancel48.png) no-repeat 2px 4px; 
    741753  color: #fff; 
    742754  padding: .5em .5em .5em 55px;