team-alpha/railsgoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

abstracted out the validation js, need to add it to signup, then basically write up broken auth for both lack of pwd complexity and username/password enumeration

Browse Source
This commit is contained in:
Ken Johnson
2013-05-22 11:47:00 -04:00
parent 46c1af43cd
commit e03fd8548c
3 changed files with 38 additions and 78 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app/assets/javascripts/validation.js
+35
View File
@@ -0,0 +1,35 @@
function validation(){
$("#account_edit").validate({
rules: {
"user[password]": {
required: false,
minlength: 5
},
"user[password_confirmation]": {
required: false,
minlength: 5,
equalTo: "#user_password"
}
},
messages: {
"user[password]": {
minlength: "Your password must be at least 6 characters long"
},
"user[password_confirmation]": {
minlength: "Your password must be at least 6 characters long",
equalTo: "Please enter the same password as above"
}
},
highlight: function(label) {
$("#submit_button").attr('disabled','disabled');
$(label).closest('.control-group').addClass('error');
},
success: function(label) {
label.closest('.control-group').addClass('success');
$("#submit_button").removeAttr('disabled');
}
});
};
$(document).ready(validation());
app/views/layouts/admin/_get_user.html.erb
+2 -37
View File
@@ -56,42 +56,9 @@
<% end %> <% end %>
<!-- End Modal --> <!-- End Modal -->
<script type="text/javascript"> <%= javascript_include_tag ('validation.js')%>
function validation(){ <script type="text/javascript">
$("#account_edit").validate({
rules: {
"user[password]": {
required: false,
minlength: 5
},
"user[password_confirmation]": {
required: false,
minlength: 5,
equalTo: "#user_password"
}
},
messages: {
"user[password]": {
minlength: "Your password must be at least 6 characters long"
},
"user[password_confirmation]": {
minlength: "Your password must be at least 6 characters long",
equalTo: "Please enter the same password as above"
}
},
highlight: function(label) {
$("#submit_button").attr('disabled','disabled');
$(label).closest('.control-group').addClass('error');
},
success: function(label) {
label.closest('.control-group').addClass('success');
$("#submit_button").removeAttr('disabled');
}
});
};
$('#submit_button').click(function() { $('#submit_button').click(function() {
var valuesToSubmit = $("#account_edit").serialize(); var valuesToSubmit = $("#account_edit").serialize();
@@ -129,6 +96,4 @@ $('#delete_button').click(function() {
}); });
$(document).ready(validation());
</script> </script>
app/views/users/account_settings.html.erb
+1 -41
View File
@@ -51,47 +51,7 @@
</div> </div>
</div> </div>
<script type="text/javascript"> <%= javascript_include_tag ('validation.js')%>
function validation(){
$("#account_edit").validate({
rules: {
"user[password]": {
required: false,
minlength: 5
},
"user[password_confirmation]": {
required: false,
minlength: 5,
equalTo: "#user_password"
}
},
messages: {
"user[password]": {
minlength: "Your password must be at least 6 characters long"
},
"user[password_confirmation]": {
minlength: "Your password must be at least 6 characters long",
equalTo: "Please enter the same password as above"
}
},
highlight: function(label) {
$("#submit_button").attr('disabled','disabled');
$(label).closest('.control-group').addClass('error');
},
success: function(label) {
label.closest('.control-group').addClass('success');
$("#submit_button").removeAttr('disabled');
}
});
};
$(document).ready(validation());
</script>