Adding min and max length check for password, more code cleanups in login and removing possible buffer overflows by replacing some global char[] by std::strings.

author: Yohann Ferreira <bertram@cegetel.net> 2005-08-25 21:07:28 +0000
committer: Yohann Ferreira <bertram@cegetel.net> 2005-08-25 21:07:28 +0000
commit: 941e0cfda282b2461e500fcdf5828a7e20bf6da6 (patch)
tree: 16b392cb9c57fefc621084c011ec0b724e84d128 /src/gui/login.cpp
parent: 9ba130f4628d8e52ebd50b810e761a81f69c0c4a (diff)
download: mana-client-941e0cfda282b2461e500fcdf5828a7e20bf6da6.tar.gz
mana-client-941e0cfda282b2461e500fcdf5828a7e20bf6da6.tar.bz2
mana-client-941e0cfda282b2461e500fcdf5828a7e20bf6da6.tar.xz
mana-client-941e0cfda282b2461e500fcdf5828a7e20bf6da6.zip
1 files changed, 44 insertions, 11 deletions
diff --git a/src/gui/login.cpp b/src/gui/login.cpp
index f60d0dc9..8f26cf7d 100644
--- a/src/gui/login.cpp
+++ b/src/gui/login.cpp
@@ -24,6 +24,7 @@
 #include "login.h"
 
 #include <string>
+#include <sstream>
 
 #include <guichan/sdl/sdlinput.hpp>
 
@@ -65,7 +66,7 @@ void WrongPasswordNoticeListener::action(const std::string &eventId)
 void WrongUsernameNoticeListener::action(const std::string &eventId)
 {
     // Set the focus on the username Field
-    loginDialog->userField->setCaretPosition(LEN_USERNAME - 1);
+    loginDialog->userField->setCaretPosition(LEN_MAX_USERNAME - 1);
     loginDialog->userField->requestFocus();
     wrongLoginNotice = NULL;
 }
@@ -232,13 +233,44 @@ void LoginDialog::action(const std::string& eventId)
         }
 
         // Check login
-        if (user.length() == 0) {
+        if (user.length() == 0) // No username
+        {
             wrongLoginNotice = new OkDialog("Error", "Enter your username first.", &wrongUsernameNoticeListener);
-        } else if (user.length() < 4) {
-            wrongLoginNotice = new OkDialog("Error", "The username needs to be at least 4 characters.", &wrongUsernameNoticeListener);
-        } else if (user.length() > LEN_USERNAME -1 ) {
-            wrongLoginNotice = new OkDialog("Error", "The username needs to be less than 25 characters long.", &wrongUsernameNoticeListener);
-        } else {
+        }
+        else if (user.length() < LEN_MIN_USERNAME) // Name too short
+        {
+            std::stringstream errorMessage;
+            errorMessage << "The username needs to be at least ";
+            errorMessage << LEN_MIN_USERNAME;
+            errorMessage << " characters long.";
+            wrongLoginNotice = new OkDialog("Error", errorMessage.str(), &wrongUsernameNoticeListener);
+        }
+        else if (user.length() > LEN_MAX_USERNAME - 1 ) // Name too long
+        {
+            std::stringstream errorMessage;
+            errorMessage << "The username needs to be less than ";
+            errorMessage << LEN_MAX_USERNAME;
+            errorMessage << " characters long.";
+            wrongLoginNotice = new OkDialog("Error", errorMessage.str(), &wrongUsernameNoticeListener);
+        }
+        else if (passField->getText().length() < LEN_MIN_PASSWORD) // Pass too short
+        {
+            std::stringstream errorMessage;
+            errorMessage << "The password needs to be at least ";
+            errorMessage << LEN_MIN_PASSWORD;
+            errorMessage << " characters long.";
+            wrongLoginNotice = new OkDialog("Error", errorMessage.str(), &wrongPasswordNoticeListener);
+        }
+        else if (passField->getText().length() > LEN_MAX_PASSWORD - 1 ) // Pass too long
+        {
+            std::stringstream errorMessage;
+            errorMessage << "The password needs to be less than ";
+            errorMessage << LEN_MAX_PASSWORD;
+            errorMessage << " characters long.";
+            wrongLoginNotice = new OkDialog("Error", errorMessage.str(), &wrongPasswordNoticeListener);
+        }
+        else // If no errors, register the new user.
+        {
             attemptLogin(user + "_M", passField->getText());
             close_session();
         }
@@ -283,8 +315,8 @@ void login()
 
 
 int attemptLogin(const std::string& user, const std::string& pass) {
-    strncpy(username, user.c_str(), LEN_USERNAME);
-    strncpy(password, pass.c_str(), LEN_PASSWORD);
+    username = user;
+    password = pass;
     int ret;
 
     // Connect to login server
@@ -303,8 +335,9 @@ int attemptLogin(const std::string& user, const std::string& pass) {
     WFIFOW(0) = net_w_value(0x0064);
 
     WFIFOL(2) = 0;
-    memcpy(WFIFOP(6), username, 24);
-    memcpy(WFIFOP(30), password, 24);
+
+    memcpy(WFIFOP(6), username.c_str(), LEN_MAX_USERNAME - 1);
+    memcpy(WFIFOP(30), password.c_str(), LEN_MAX_PASSWORD - 1);
     WFIFOB(54) = 0;
     WFIFOSET(55);
author	Yohann Ferreira <bertram@cegetel.net>	2005-08-25 21:07:28 +0000
committer	Yohann Ferreira <bertram@cegetel.net>	2005-08-25 21:07:28 +0000
commit	941e0cfda282b2461e500fcdf5828a7e20bf6da6 (patch)
tree	16b392cb9c57fefc621084c011ec0b724e84d128 /src/gui/login.cpp
parent	9ba130f4628d8e52ebd50b810e761a81f69c0c4a (diff)
download	mana-client-941e0cfda282b2461e500fcdf5828a7e20bf6da6.tar.gz mana-client-941e0cfda282b2461e500fcdf5828a7e20bf6da6.tar.bz2 mana-client-941e0cfda282b2461e500fcdf5828a7e20bf6da6.tar.xz mana-client-941e0cfda282b2461e500fcdf5828a7e20bf6da6.zip