Beispiel #1
0
func (s *mathCaptcha) ValidateCaptchaResult() error {
	if s.CaptchaResult == "" {
		return i18n.Errorfc("formutil", "please, enter the result of the operation")
	}
	r := -1
	p, err := strconv.Atoi(s.CaptchaResult)
	if err == nil {
		r = p
	}
	if r != s.MathCaptchaA+s.MathCaptchaB {
		return i18n.Errorfc("formutil", "incorrect result")
	}
	return nil
}
Beispiel #2
0
func (c *csrf) error(ctx *app.Context, err error) error {
	c.failed = true
	if _, err := c.generate(ctx); err != nil {
		panic(err)
	}
	return i18n.Errorfc("form", "invalid CSRF token - please, submit the form again").Err(ctx)
}
Beispiel #3
0
// InputNamed takes a (generally) user-provided input string and parses it into the out
// parameter, which must be settable (this usually means you'll have to pass a pointer
// to this function). See the documentation on Parse() for a list of the supported types.
// If name is provided, it will be included in any error returned by this function.
// Additional constraints might be specified with the tag parameter, the ones currently
// supported are:
//  - required: Marks the field as required, will return an error if it's empty.
//  - optional: Marks the field as optional, will accept empty values.
//  - max_length: Sets the maximum length for the input.
//  - min_length: Sets the minimum length for the input.
//  - alphanumeric: Requires the input to be only letters and numbers
//
// Finally, the required parameter indicates if the value should be considered required
// or optional in absence of the "required" and "optional" tag fields.
func InputNamed(name string, input string, out interface{}, tag *structs.Tag, required bool) error {
	v, err := types.SettableValue(out)
	if err != nil {
		return err
	}
	if err := parse(input, v); err != nil {
		return err
	}
	if v.Type().Kind() != reflect.Bool && tag != nil {
		if ((required && !tag.Optional()) || tag.Required()) && input == "" {
			return RequiredInputError(name)
		}
		if maxlen, ok := tag.MaxLength(); ok && len(input) > maxlen {
			if name != "" {
				return i18n.Errorfc("form", "%s is too long (maximum length is %d)", name, maxlen)
			}
			return i18n.Errorfc("form", "too long (maximum length is %d)", maxlen)
		}
		if minlen, ok := tag.MinLength(); ok && len(input) < minlen {
			if name != "" {
				return i18n.Errorfc("form", "%s is too short (minimum length is %d)", name, minlen)
			}
			return i18n.Errorfc("form", "too short (minimum length is %d)", minlen)
		}
		if tag.Alphanumeric() && len(input) > 0 && !alphanumericRe.MatchString(input) {
			if name != "" {
				return i18n.Errorfc("form", "%s must be alphanumeric", name)
			}
			return i18n.Errorfc("form", "must be alphanumeric")
		}
	}
	return nil
}
Beispiel #4
0
func (f *Form) validate() {
	if err := f.addCSRF(); err != nil {
		panic(err)
	}
	for _, v := range f.fields {
		inp := f.ctx.FormValue(v.HTMLName)
		label := v.Label.TranslatedString(f.ctx)
		if f.NamelessErrors {
			label = ""
		}
		if v.Type.HasChoices() {
			if inp == NotChosen {
				v.err = i18n.Errorfc("form", "You must choose a value").Err(f.ctx)
				continue
			}
			// Verify that the input mathces one of the available choices
			choices := f.fieldChoices(v)
			found := false
			for _, c := range choices {
				if inp == toHTMLValue(c.Value) {
					found = true
					break
				}
			}
			if !found {
				v.err = i18n.Errorfc("form", "%v is not a valid choice", inp).Err(f.ctx)
				continue
			}
		}
		if v.Type == FILE {
			file, header, err := f.ctx.R.FormFile(v.HTMLName)
			if err != nil && !v.Tag().Optional() {
				v.err = input.RequiredInputError(label)
				continue
			}
			if file != nil && header != nil {
				value := &formFile{
					file:   file,
					header: header,
				}
				v.value.Set(reflect.ValueOf(value))
			}
		} else {
			if err := input.InputNamed(label, inp, v.SettableValue(), v.Tag(), true); err != nil {
				v.err = i18n.TranslatedError(err, f.ctx)
				continue
			}
			if v.Type == EMAIL && !v.Tag().Has("novalidate") {
				// Don't validate empty emails. If we reached this point
				// with an empty one, the field is optional.
				if email, ok := v.Value().(string); ok && email != "" {
					if _, err := mail.Validate(email, true); err != nil {
						v.err = i18n.Errorfc("form", "%q is not a valid email address", email).Err(f.ctx)
						continue
					}
				}
			}
		}
		if err := structs.Validate(v.sval.Addr().Interface(), v.Name, f.ctx); err != nil {
			v.err = i18n.TranslatedError(err, f.ctx)
			continue
		}
	}
}
Beispiel #5
0
// RequiredInputError returns an error indicating that the parameter
// with the given name is required but it's missing. Note that this function
// is only exported to avoid user-visible string duplication and users should
// not use it.
func RequiredInputError(name string) error {
	if name != "" {
		return i18n.Errorfc("form", "%s is required", name)
	}
	return i18n.Errorfc("form", "required")
}