Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- //Function to show an error in the "#error" element
- function throwError(err, isInternal, dafuq){
- if(!isInternal){
- err = "Error: " + err;
- }
- else{
- err = "Internal server error. Report this: " + err;
- }
- /*I don't know what the fuck went wrong over at the logIn() function. Whatever it is, I managed to fix it by checking the value
- after it had been thrown into the throwError function.*/
- if(dafuq === true){
- window.location = "accountpage/yourpage.php";
- return 1;
- }
- document.getElementById("error").innerHTML = err;
- }
- //This is for registering - there's some functions I can do on the client side, and I prefer client-side.
- function register(){
- var username = document.getElementById("username").value;
- var password = document.getElementById("password").value;
- var confirmpassword = document.getElementById("confirm-password").value;
- var emailaddress = document.getElementById("email-address").value;
- var usernameblacklist = ["thijs365", "toomuchram", "thijs", "tmr", "tristan", "wificable", "pcnerd512", "admin", "siteadmin"];
- //ALWAYS replace " and ' with \" and \' first
- //cuz, y'know, SQL injection
- username = username.replace("'", "\'");
- username = username.replace('"', '\"');
- password = password.replace("'", "\'");
- password = password.replace('"', '\"');
- emailaddress = emailaddress.replace("'", "\'");
- emailaddress = emailaddress.replace('"', '\"');
- //Check if any of the values is empty.
- if(username === null || username === "" || username === undefined){
- throwError("Users should be able to identify you. That's a bit difficult without a username, right?");
- return 1;
- }
- if(password === null || password === "" || password === undefined){
- throwError("Not going to lie, that's some strong authentication.");
- return 1;
- }
- if(emailaddress === null || emailaddress === "" || emailaddress === undefined){
- throwError("Don't worry, I'm not like Facebook.");
- return 1;
- }
- //Always check if the two passwords are the same.
- if(password !== confirmpassword){
- throwError("The two password aren't the same");
- return 1;
- }
- //Then check if the password's on a blacklist - because I'm a dickhead.
- //Create a temporary variable that holds a lowercased version of the username - I don't want someone to create tHijs365!
- var lowercaseusername = username.toLowerCase();
- //Also strip it from punctuation
- lowercaseusername = lowercaseusername.replace(/[.,\/#!$%\^&\*;:{}=\-_`~()]/g,"");
- //And fix it up
- lowercaseusername = lowercaseusername.replace(/\s{2,}/g," ");
- //source: https://stackoverflow.com/questions/4328500/how-can-i-strip-all-punctuation-from-a-string-in-javascript-using-regex#4328722
- for(var i=0; i<usernameblacklist.length; i++){
- if(lowercaseusername == usernameblacklist[i]){
- throwError("This username is on the blacklist");
- return 1;
- }
- }
- //I steal from SO all the time.
- //https://stackoverflow.com/questions/692196/post-request-javascript#25422754
- var params = "username=" + username + "&password=" + password + "&emailaddress=" + emailaddress;
- var accountrequest = new XMLHttpRequest();
- accountrequest.open("POST", "register.php", true);
- accountrequest.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
- accountrequest.onreadystatechange = function() {//Call a function when the state changes.
- if(accountrequest.readyState == 4 && accountrequest.status == 200) {
- var errorStr = this.responseText;
- errorStr = errorStr.replace(/['"]+/g, '');
- if(errorStr == "success"){
- window.location = "login.html";
- }
- else{
- throwError(errorStr);
- }
- }
- }
- accountrequest.send(params);
- }
- //Function for logging in
- //This is for error handling.
- function logIn(){
- var username = document.getElementById("username").value;
- var password = document.getElementById("password").value;
- var deletedAccounts = ["styrofoam head", "notsobot"];
- //Replace " and ' with \" and \' first
- username = username.replace("'", "\'");
- username = username.replace('"', '\"');
- password = password.replace("'", "\'");
- password = password.replace('"', '\"');
- //Create a temporary variable that holds a lowercased version of the username
- var lowercaseusername = username.toLowerCase();
- //Also strip it from punctuation
- lowercaseusername = lowercaseusername.replace(/[.,\/#!$%\^&\*;:{}=\-_`~()]/g,"");
- //And fix it up
- lowercaseusername = lowercaseusername.replace(/\s{2,}/g," ");
- //source: https://stackoverflow.com/questions/4328500/how-can-i-strip-all-punctuation-from-a-string-in-javascript-using-regex#4328722
- for(var i=0; i<deletedAccounts.length; i++){
- if(lowercaseusername == deletedAccounts[i]){
- throwError("This account has been deleted.");
- return 1;
- }
- }
- //Then check for empty variables
- if(username === null || username === "" || username === undefined){
- throwError("Please input a username");
- return 1;
- }
- if(password === null || password === "" || password === undefined){
- throwError("Please input a password");
- return 1;
- }
- //https://stackoverflow.com/questions/692196/post-request-javascript#25422754
- var params = "username=" + username + "&password=" + password;
- var accountrequest = new XMLHttpRequest();
- accountrequest.open("POST", "login.php", true);
- accountrequest.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
- accountrequest.onreadystatechange = function() {//Call a function when the state changes.
- if(accountrequest.readyState == 4 && accountrequest.status == 200) {
- var errorStr = this.responseText;
- errorStr = errorStr.replace(/['"]+/g, '');
- if(errorStr == "success"){
- window.location = "accountpage/yourpage.php";
- }
- else{
- throwError(errorStr, false, true);
- }
- }
- }
- accountrequest.send(params);
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
