forked from 42CTF/website
add forbidden characters in teamname to avoir error 500
This commit is contained in:
parent
9ad64e72bc
commit
3d86f21ba2
|
@ -16,6 +16,9 @@
|
|||
{% if registered == False %}
|
||||
<span class="message error-msg">{% trans "You need to be registered to the event." %}</span>
|
||||
{% else %}
|
||||
{% if invalid == True %}
|
||||
<span class="message error-msg">{% trans "Invalid characters in name" %}</span>
|
||||
{% endif %}
|
||||
{% if exist == True %}
|
||||
<span class="message error-msg">{% trans "Name already taken." %}</span>
|
||||
{% endif %}
|
||||
|
|
|
@ -13,10 +13,13 @@ from random import randint
|
|||
def create_team(request, event_slug):
|
||||
ev = get_object_or_404(Event, slug=event_slug)
|
||||
if request.method == 'POST':
|
||||
teamname = request.POST.get('teamname')
|
||||
if request.user.is_authenticated and ev.team_size > 1:
|
||||
if Team.objects.filter(name=request.POST.get('teamname'), event=ev).exists():
|
||||
if any(c in set('./') for c in teamname):
|
||||
return render(request, 'events/create_team.html', {'event' : ev, 'logged': True, 'wrongpwd': False, 'registered' : True, 'exist' : False, 'invalid' : True})
|
||||
if Team.objects.filter(name=teamname, event=ev).exists():
|
||||
return render(request, 'events/create_team.html', {'event' : ev, 'logged': True, 'wrongpwd': False, 'registered' : True, 'exist' : True})
|
||||
new = Team(name=request.POST.get('teamname'), password=request.POST.get('password'), event=ev)
|
||||
new = Team(name=teamname, password=request.POST.get('password'), event=ev)
|
||||
new.save()
|
||||
player = EventPlayer.objects.get(user=request.user, event=ev)
|
||||
player.team = new
|
||||
|
@ -115,9 +118,10 @@ def manage_team(request, event_slug):
|
|||
pname = p_form.cleaned_data['name']
|
||||
if pname == tname:
|
||||
pass
|
||||
else:
|
||||
if Team.objects.filter(name=pname, event=event_info).exists():
|
||||
error = _("Name already taken.")
|
||||
elif any(c in set('./') for c in pname):
|
||||
error = _("Invalid characters in name")
|
||||
elif Team.objects.filter(name=pname, event=event_info).exists():
|
||||
error = _("Name already taken.")
|
||||
ppassword = p_form.cleaned_data['password']
|
||||
if error is None:
|
||||
p_form.save()
|
||||
|
@ -137,18 +141,20 @@ def leave_team(request, event_slug):
|
|||
player = EventPlayer.objects.get(user=request.user, event=event_info)
|
||||
team = Team.objects.get(event=event_info, name=player.team.name)
|
||||
|
||||
team.score -= player.score
|
||||
team.save()
|
||||
player.team = None
|
||||
player.save()
|
||||
members = EventPlayer.objects.filter(team=team, event=event_info)
|
||||
if members.count() == 0:
|
||||
team.delete()
|
||||
else:
|
||||
team.score -= player.score
|
||||
team.save()
|
||||
|
||||
solved = CTF_flags.objects.filter(user=player.user, ctf__event=event_info)
|
||||
player.score = 0
|
||||
solved.delete()
|
||||
player.save()
|
||||
|
||||
members = EventPlayer.objects.filter(team=team, event=event_info)
|
||||
if members.count() == 0:
|
||||
team.delete()
|
||||
|
||||
return redirect('events:event_info', event_slug=event_slug)
|
||||
|
||||
@login_required
|
||||
|
|
Loading…
Reference in New Issue