mirror of https://github.com/jlelse/GoBlog
Trim spaces from comment values
This commit is contained in:
parent
5b080e36a2
commit
478d1dcaac
14
comments.go
14
comments.go
|
@ -56,22 +56,18 @@ func createComment(blog, commentsPath string) func(http.ResponseWriter, *http.Re
|
||||||
if target == "" {
|
if target == "" {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
// Check comment
|
// Check and clean comment
|
||||||
comment := r.FormValue("comment")
|
strict := bluemonday.StrictPolicy()
|
||||||
|
comment := strings.TrimSpace(strict.Sanitize(r.FormValue("comment")))
|
||||||
if comment == "" {
|
if comment == "" {
|
||||||
serveError(w, r, "Comment is empty", http.StatusBadRequest)
|
serveError(w, r, "Comment is empty", http.StatusBadRequest)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
name := r.FormValue("name")
|
name := strings.TrimSpace(strict.Sanitize(r.FormValue("name")))
|
||||||
if name == "" {
|
if name == "" {
|
||||||
name = "Anonymous"
|
name = "Anonymous"
|
||||||
}
|
}
|
||||||
website := r.FormValue("website")
|
website := strings.TrimSpace(strict.Sanitize(r.FormValue("website")))
|
||||||
// Clean
|
|
||||||
strict := bluemonday.StrictPolicy()
|
|
||||||
name = strict.Sanitize(name)
|
|
||||||
website = strict.Sanitize(website)
|
|
||||||
comment = strict.Sanitize(comment)
|
|
||||||
// Insert
|
// Insert
|
||||||
result, err := appDbExec("insert into comments (target, comment, name, website) values (@target, @comment, @name, @website)", sql.Named("target", target), sql.Named("comment", comment), sql.Named("name", name), sql.Named("website", website))
|
result, err := appDbExec("insert into comments (target, comment, name, website) values (@target, @comment, @name, @website)", sql.Named("target", target), sql.Named("comment", comment), sql.Named("name", name), sql.Named("website", website))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|
Loading…
Reference in New Issue