Skip to content

Commit

Permalink
afup#1395 Registration antispam
Browse files Browse the repository at this point in the history
  • Loading branch information
@stakovicz
stakovicz committed Jan 4, 2024
1 parent 83acb57 commit 408484b
Showing 1 changed file with 19 additions and 0 deletions.
19 changes: 19 additions & 0 deletions sources/AppBundle/Controller/LegacyController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpFoundation\Session\SessionInterface;

class LegacyController extends Controller
{
Expand Down Expand Up @@ -130,10 +131,28 @@ public function registerAction(Request $request)

$formulaire->addElement('password', 'mot_de_passe', 'Mot de passe', ['size' => 30, 'maxlength' => 30]);
$formulaire->addElement('password', 'confirmation_mot_de_passe', '', ['size' => 30, 'maxlength' => 30]);
$formulaire->addElement('hidden', 'csrf'); // CSRF token
$formulaire->addElement('text', 'lastname', '', ['style' => 'display:none']); // Pot de miel, doit être vide
$formulaire->addElement('header', 'boutons', '');
$formulaire->addElement('submit', 'soumettre', 'Ajouter');

$formulaire->addRule('nom', 'Nom manquant', 'required');

// CSRF validation
$lastCsrf = $this->get('session')->get('csrf');
$formulaire->addRule('csrf', 'csrf validation', 'callback', static function ($value) use ($lastCsrf) {
return $lastCsrf === $value;
});

// CSRF generation
$csrf = md5(uniqid(mt_rand(), true));
$this->get('session')->set('csrf', $csrf);
$formulaire->getElement('csrf')->setValue($csrf);

$formulaire->addRule('lastname', 'Lastname manquant', 'callback', static function ($value) {
return empty($value);
});

$formulaire->addRule('prenom', 'Prénom manquant', 'required');
$formulaire->addRule('login', 'Login manquant', 'required');
$formulaire->addRule('login', 'Login déjà existant', 'callback', static function ($value) use ($userRepository) {
Expand Down

0 comments on commit 408484b

Please sign in to comment.