Browse Source

escape form fields

master
Ben Harris 4 months ago
parent
commit
f87750af30
  1. 34
      signup/index.php

34
signup/index.php

@ -1,6 +1,10 @@
<?php
$filepath = __FILE__;
include __DIR__.'/../header.php';
function esc($v) {
return isset($_REQUEST[$v]) ? htmlspecialchars($_REQUEST[$v]) : "";
}
?>
<div class="container" id="app">
@ -19,24 +23,24 @@ include __DIR__.'/../header.php';
<form method="post">
<?php include 'signup-handler.php'; ?>
<div class="form-group">
<label>your desired username (numbers and lowercase letters only, no spaces)</label>
<input class="form-control" name="username" value="<?=$_REQUEST["username"] ?? ""?>" type="text" required>
</div>
<div>
<p>your desired username (numbers and lowercase letters only, no spaces)</p>
<input class="form-control" name="username" value="<?=esc("username")?>" type="text" required>
</div>
<div class="form-group">
<label>email to contact you with account info</label>
<input class="form-control" name="email" value="<?=$_REQUEST["email"] ?? ""?>" type="text" required>
</div>
<div>
<p>email to contact you with account info</p>
<input class="form-control" name="email" value="<?=esc("email")?>" type="text" required>
</div>
<div class="form-group">
<label>what interests you about tilde.team?</label>
<textarea class="form-control" name="interest" id="" cols="30" rows="10"><?=$_REQUEST["interest"] ?? ""?></textarea>
</div>
<div>
<p>what interests you about tilde.team? we want to make sure you're a real human being :)</p>
<textarea required class="form-control" name="interest" id="" cols="40" rows="7"><?=esc("interest")?></textarea>
</div>
<div class="form-group">
<label>SSH public key</label>
<textarea required class="form-control" name="sshkey" id="" cols="30" rows="10"><?=$_REQUEST["sshkey"] ?? ""?></textarea>
<div>
<p>SSH public key</p>
<textarea required class="form-control" name="sshkey" id="" cols="30" rows="10"><?=esc("sshkey")?></textarea>
<p>if you don't have a key, don't worry! <a href="/wiki/ssh">check out our guide to ssh keys</a> and make sure that you only put your pubkey here</p>
</div>

Loading…
Cancel
Save