From b35c6feb2299e70f48c08170ddd216b6de3a0e76 Mon Sep 17 00:00:00 2001
From: Yasin <mohammed-yasin.rahman@lip6.fr>
Date: Mon, 19 Aug 2013 19:05:23 +0200
Subject: [PATCH] /portal/regiater all additional validation complete

---
 portal/forms.py | 11 +++++++----
 portal/views.py | 26 +++++++++++++++++++-------
 2 files changed, 26 insertions(+), 11 deletions(-)

diff --git a/portal/forms.py b/portal/forms.py
index ab563d9d..fb920c7a 100644
--- a/portal/forms.py
+++ b/portal/forms.py
@@ -42,15 +42,15 @@ class UserRegisterForm(forms.Form): # Not ModelForm
     """
     required_css_class = 'required'
     
-    first_name = forms.RegexField(regex=r'^[\w.@+-]+$',
+    first_name = forms.RegexField(regex=r'^[\w+\s.@+-]+$',
                                  max_length=30,
                                  label=_("First name"),
                                  error_messages={'invalid': _("This value may contain only letters, numbers and @/./+/-/_ characters.")})
-    last_name = forms.RegexField(regex=r'^[\w.@+-]+$',
+    last_name = forms.RegexField(regex=r'^[\w+\s.@+-]+$',
                                  max_length=30,
                                  label=_("Last name"),
                                  error_messages={'invalid': _("This value may contain only letters, numbers and @/./+/-/_ characters.")})
-    affiliation = forms.RegexField(regex=r'^[\w.@+-]+$',
+    affiliation = forms.RegexField(regex=r'^[\w+\s.@+-]+$',
                              max_length=30,
                              label=_("Affiliation"),
                              error_messages={'invalid': _("This value may contain only letters, numbers and @/./+/-/_ characters.")})
@@ -61,7 +61,9 @@ class UserRegisterForm(forms.Form): # Not ModelForm
     password2 = forms.CharField(widget=forms.PasswordInput,
                                 label=_("Password (again)"))
     keypair    = forms.CharField( widget=forms.FileInput )
-
+   
+    #my_keypairs = forms.ChoiceField(widget = forms.Select(), 
+    #             choices = ([('1','generate'), ('2','upload')])) 
     tos = forms.BooleanField(widget=forms.CheckboxInput,
                              label=_(u'I have read and agree to the Terms of Service'),
                              error_messages={'required': _("You must agree to the terms to register")})
@@ -130,3 +132,4 @@ class SliceRequestForm(forms.Form):
     email = forms.EmailField()
     cc_myself = forms.BooleanField(required=False)
 
+    
diff --git a/portal/views.py b/portal/views.py
index 2b2c3e54..3b8da858 100644
--- a/portal/views.py
+++ b/portal/views.py
@@ -560,7 +560,7 @@ def acc_process(request):
             get_user.save()
             return HttpResponse('Success: Publickey uploaded! Old records overwritten')
         else:
-            return HttpResponse('Please upload a valid public key.')    
+            return HttpResponse('Please upload a valid public key [.txt or .pub].')    
         
     else:
         message = 'You submitted an empty form.'
@@ -571,9 +571,21 @@ def register_4m_f4f(request):
 
 def reg_4m_f4f_process(request):
     if 'submit' in request.POST:
-        #get_email = PendingUser.objects.get(email)       
-        if PendingUser.objects.filter(email__iexact=request.POST['email']):
-            return HttpResponse("Email Already exist")
+        #get_email = PendingUser.objects.get(email)
+        reg_fname = request.POST['firstname']
+        reg_lname = request.POST['lastname']
+        reg_aff = request.POST['affiliation']
+        reg_email = request.POST['email'].lower()
+        
+        #POST value validation  
+        if (re.search(r'^[\w+\s.@+-]+$', reg_fname)==None):
+            return HttpResponse("Only Letters, Numbers, - and _ allowd in First Name")
+        if (re.search(r'^[\w+\s.@+-]+$', reg_lname) == None):
+            return HttpResponse("Only Letters, Numbers, - and _ is allowed in Last name")
+        if (re.search(r'^[\w+\s.@+-]+$', reg_aff) == None):
+            return HttpResponse("Only Letters, Numbers and _ is allowed in Affiliation")
+        if PendingUser.objects.filter(email__iexact=reg_email):
+            return HttpResponse("Email Already exists")
         if 'generate' in request.POST['question']:
             #import os
             #from M2Crypto import Rand, RSA, BIO
@@ -616,10 +628,10 @@ def reg_4m_f4f_process(request):
                 keypair = re.sub("\n", "\\n",keypair)
                 keypair = ''.join(keypair.split())
             else:
-                return HttpResponse('Please upload a valid public key.')
+                return HttpResponse('Please upload a valid public key [.txt or .pub].')
 
-        b = PendingUser(first_name=request.POST['firstname'], last_name=request.POST['lastname'], affiliation=request.POST['affiliation'], 
-                        email=request.POST['email'], password=request.POST['password'], keypair=keypair)
+        b = PendingUser(first_name=reg_fname, last_name=reg_lname, affiliation=reg_aff, 
+                        email=reg_email, password=request.POST['password'], keypair=keypair)
         b.save()
 
         return HttpResponse('Registration Successful. Please wait for account validation.')
-- 
2.43.0