From 5844eab6d5d15a05f825e3cfd9c5e5905b0b8a8f Mon Sep 17 00:00:00 2001 From: woodwhale Date: Fri, 21 Oct 2022 10:44:39 +0800 Subject: [PATCH] =?UTF-8?q?account=5Fservice.py:=20=E6=B7=BB=E5=8A=A0?= =?UTF-8?q?=E6=B3=A8=E5=86=8C=E6=97=B6=E7=94=A8=E6=88=B7=E5=90=8D=E7=9A=84?= =?UTF-8?q?=E9=9D=9E=E6=B3=95=E5=AD=97=E7=AC=A6=E8=BF=87=E6=BB=A4?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/account_service.py | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/app/account_service.py b/app/account_service.py index 753c51e..f97afb8 100644 --- a/app/account_service.py +++ b/app/account_service.py @@ -19,7 +19,19 @@ def signup(): # POST方法需判断是否注册成功,再根据结果返回不同的内容 username = escape(request.form['username']) password = escape(request.form['password']) - + #! 添加如下代码为了过滤注册时的非法字符 + if len(username) > 20: + return '用户名过长' + # 正则匹配非法字符 + check_useful = re.search(u'^[_a-zA-Z0-9\u4e00-\u9fa5]+$', username) + if not check_useful: + return '存在非法字符' + # 判断用户名是否和接口重名 + if username in ["signup", "login", "logout", + "reset", "mark", "back", + "unfamiliar", "familiar", 'del']: + return '请勿与接口同名' + available = check_username_availability(username) if not available: # 用户名不可用 flash('用户名 %s 已经被注册。' % (username))