diff --git a/WEB-INF/src/controleur/Authent.java b/WEB-INF/src/controleur/Authent.java
index 6d308e71594c1f7d52002128c6d808a7fe23a9aa..e3a7973101e71b272a5a1a3089f2fec15cff637f 100644
--- a/WEB-INF/src/controleur/Authent.java
+++ b/WEB-INF/src/controleur/Authent.java
@@ -4,6 +4,9 @@ import java.io.IOException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
+import org.apache.commons.text.StringEscapeUtils;
+import org.apache.commons.text.translate.CharSequenceTranslator;
+
import jakarta.servlet.ServletException;
import jakarta.servlet.annotation.WebServlet;
import jakarta.servlet.http.HttpServlet;
@@ -20,6 +23,9 @@ public class Authent extends HttpServlet {
String action = req.getParameter("action");
String username = req.getParameter("username");
String password = req.getParameter("password");
+
+ CharSequenceTranslator cst = StringEscapeUtils.ESCAPE_HTML4;
+
if(username == null || password == null){
req.setAttribute("error", "Vous ne pouvez pas avoir un pseudo ou mot de passe vide !");
req.getRequestDispatcher("/WEB-INF/vue/error.jsp").forward(req, resp);
@@ -27,6 +33,7 @@ public class Authent extends HttpServlet {
}
String hashedPassword;
username = username.toLowerCase();
+ username = cst.translate(username);
MessageDigest md;
this.getServletContext();
@@ -69,7 +76,7 @@ public class Authent extends HttpServlet {
resp.sendRedirect("navigation?page=accueil");
return;
} catch (Exception e) {
- req.setAttribute("error", "Nom d'utilisateur déjà pris");
+ req.setAttribute("error", "Pseudonyme invalide / Nom d'utilisateur déjà pris");
vue = "WEB-INF/vue/signin.jsp";
}
break;
diff --git a/WEB-INF/src/controleur/MessageController.java b/WEB-INF/src/controleur/MessageController.java
index e21947d3d2fe56971f3f005e28aa204487d0034c..a6502b590f19ff563f574bf7fee16340d094594a 100644
--- a/WEB-INF/src/controleur/MessageController.java
+++ b/WEB-INF/src/controleur/MessageController.java
@@ -9,6 +9,9 @@ import modele.dao.DaoLike;
import modele.dao.DaoMessage;
import modele.dto.Like;
import modele.dto.Message;
+import org.apache.commons.text.StringEscapeUtils;
+import org.apache.commons.text.translate.CharSequenceTranslator;
+
import java.io.IOException;
import java.time.LocalDateTime;
@@ -17,6 +20,7 @@ import java.time.LocalDateTime;
public class MessageController extends HttpServlet {
DaoMessage daoMessage = new DaoMessage();
DaoLike daoLike = new DaoLike();
+
@Override
protected void service(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
String username;
@@ -30,12 +34,13 @@ public class MessageController extends HttpServlet {
switch (action){
case "send":
- String contenue = req.getParameter("message");
+ CharSequenceTranslator cst = StringEscapeUtils.ESCAPE_HTML4;
+ String contenu = cst.translate(req.getParameter("message"));
try {
int idThread = Integer.parseInt(req.getParameter("thread"));
- if (contenue != null && !contenue.isEmpty()) {
- Message message = new Message(0, username, idThread, contenue, LocalDateTime.now());
+ if (contenu != null && !contenu.isEmpty()) {
+ Message message = new Message(0, username, idThread, contenu, LocalDateTime.now());
daoMessage.create(message);
}
vue = "thread?action=open&id=" + idThread;
diff --git a/WEB-INF/src/controleur/ThreadController.java b/WEB-INF/src/controleur/ThreadController.java
index c595c92c41b9735b3ff1737d288b81003890cdb4..4c79a529e78a5c4f2e9dc915845856a1c01f2874 100644
--- a/WEB-INF/src/controleur/ThreadController.java
+++ b/WEB-INF/src/controleur/ThreadController.java
@@ -51,7 +51,6 @@ public class ThreadController extends HttpServlet {
Follower follow = new Follower(username, idThread);
- System.out.println("action : " + action);
switch (action){
case "follow":
diff --git a/WEB-INF/vue/signin.jsp b/WEB-INF/vue/signin.jsp
index 77998178e20416a82137efb03489a70412941b32..a4a21d92d1ade80526c6af03e9b83b2a36b655d0 100644
--- a/WEB-INF/vue/signin.jsp
+++ b/WEB-INF/vue/signin.jsp
@@ -30,7 +30,11 @@
<div>
<div class="mt-2 mb-3">
<p class="mb-1">Pseudonyme</p>
+<<<<<<< HEAD
<input class="form-control" name="username" pattern="[a-zA-Z0-9_.]{3,24}" type="text" placeholder="pmathieu" maxlength="24" required>
+=======
+ <input class="form-control" name="username" type="text" placeholder="pmathieu" maxlength="24" pattern="\w{3,24}" required>
+>>>>>>> refs/remotes/origin/main
</div>
<div class="mb-3">
<p class="mb-1">Mot de passe</p>
diff --git a/lib/commons-lang3-3.17.0.jar b/lib/commons-lang3-3.17.0.jar
new file mode 100644
index 0000000000000000000000000000000000000000..f6486b4d7039f22ccf160c8d24ebac26f05bf0de
Binary files /dev/null and b/lib/commons-lang3-3.17.0.jar differ
diff --git a/lib/commons-text.jar b/lib/commons-text.jar
new file mode 100644
index 0000000000000000000000000000000000000000..a8231464949d5e7fb71a14e044767ad1bfa4c27d
Binary files /dev/null and b/lib/commons-text.jar differ