From 45b5f655cec4ec4859abb2edb6c126c39fc0d1ac Mon Sep 17 00:00:00 2001
From: TZGyn <ca538901d@mozmail.com>
Date: Mon, 9 Sep 2024 00:54:53 +0800
Subject: [PATCH] disable special characters in custom code

---
 frontend/src/lib/utils.ts                                | 4 ++++
 .../src/routes/(app)/dashboard/links/+page.server.ts     | 9 +++++++++
 .../(app)/dashboard/links/[id]/edit/+page.server.ts      | 9 +++++++++
 .../routes/(app)/dashboard/projects/[id]/+page.server.ts | 9 +++++++++
 .../projects/[id]/links/[linkid]/edit/+page.server.ts    | 9 +++++++++
 5 files changed, 40 insertions(+)

diff --git a/frontend/src/lib/utils.ts b/frontend/src/lib/utils.ts
index 7377262..6e17922 100644
--- a/frontend/src/lib/utils.ts
+++ b/frontend/src/lib/utils.ts
@@ -87,3 +87,7 @@ Number.prototype.toDecimalPoint = function (decimal: number) {
 
 	return Math.round(this.valueOf() * value) / value
 }
+
+export const isAlphanumeric = (str: string) => {
+	return str.match('^[A-Za-z0-9]+$')
+}
diff --git a/frontend/src/routes/(app)/dashboard/links/+page.server.ts b/frontend/src/routes/(app)/dashboard/links/+page.server.ts
index 56404e7..72fbc0e 100644
--- a/frontend/src/routes/(app)/dashboard/links/+page.server.ts
+++ b/frontend/src/routes/(app)/dashboard/links/+page.server.ts
@@ -15,6 +15,7 @@ import { zod } from 'sveltekit-superforms/adapters'
 import { formSchema } from './schema'
 import type { Actions } from './$types'
 import { nanoid } from 'nanoid'
+import { isAlphanumeric } from '$lib/utils'
 
 export const load = (async (event) => {
 	const user = event.locals.user
@@ -149,6 +150,14 @@ export const actions: Actions = {
 					'Please Enter Custom Code',
 				)
 			}
+			if (!isAlphanumeric(form.data.custom_code)) {
+				return setError(
+					form,
+					'custom_code',
+					'Code cannot contain special characters',
+				)
+			}
+
 			const customCodeExist = await db.query.shortener.findFirst({
 				where: (shortener, { eq }) =>
 					eq(shortener.code, form.data.custom_code),
diff --git a/frontend/src/routes/(app)/dashboard/links/[id]/edit/+page.server.ts b/frontend/src/routes/(app)/dashboard/links/[id]/edit/+page.server.ts
index 84c7ba2..92c3a62 100644
--- a/frontend/src/routes/(app)/dashboard/links/[id]/edit/+page.server.ts
+++ b/frontend/src/routes/(app)/dashboard/links/[id]/edit/+page.server.ts
@@ -7,6 +7,7 @@ import { db } from '$lib/db'
 import { redirect } from '@sveltejs/kit'
 import { shortener } from '$lib/db/schema'
 import { eq } from 'drizzle-orm'
+import { isAlphanumeric } from '$lib/utils'
 
 export const load = (async (event) => {
 	const user = event.locals.user
@@ -79,6 +80,14 @@ export const actions: Actions = {
 					'Please Enter Custom Code',
 				)
 			}
+			if (!isAlphanumeric(form.data.custom_code)) {
+				return setError(
+					form,
+					'custom_code',
+					'Code cannot contain special characters',
+				)
+			}
+
 			const customCodeExist = await db.query.shortener.findFirst({
 				where: (shortener, { eq, and, ne }) =>
 					and(
diff --git a/frontend/src/routes/(app)/dashboard/projects/[id]/+page.server.ts b/frontend/src/routes/(app)/dashboard/projects/[id]/+page.server.ts
index 72116bc..55b99ab 100644
--- a/frontend/src/routes/(app)/dashboard/projects/[id]/+page.server.ts
+++ b/frontend/src/routes/(app)/dashboard/projects/[id]/+page.server.ts
@@ -15,6 +15,7 @@ import { zod } from 'sveltekit-superforms/adapters'
 import { formSchema } from './schema'
 import type { Actions } from './$types'
 import { nanoid } from 'nanoid'
+import { isAlphanumeric } from '$lib/utils'
 
 export const load = (async (event) => {
 	const { project: selectedProject } = await event.parent()
@@ -119,6 +120,14 @@ export const actions: Actions = {
 					'Please Enter Custom Code',
 				)
 			}
+			if (!isAlphanumeric(form.data.custom_code)) {
+				return setError(
+					form,
+					'custom_code',
+					'Code cannot contain special characters',
+				)
+			}
+
 			const customCodeExist = await db.query.shortener.findFirst({
 				where: (shortener, { eq }) =>
 					eq(shortener.code, form.data.custom_code),
diff --git a/frontend/src/routes/(app)/dashboard/projects/[id]/links/[linkid]/edit/+page.server.ts b/frontend/src/routes/(app)/dashboard/projects/[id]/links/[linkid]/edit/+page.server.ts
index 0064b93..de9c5a3 100644
--- a/frontend/src/routes/(app)/dashboard/projects/[id]/links/[linkid]/edit/+page.server.ts
+++ b/frontend/src/routes/(app)/dashboard/projects/[id]/links/[linkid]/edit/+page.server.ts
@@ -7,6 +7,7 @@ import { db } from '$lib/db'
 import { redirect } from '@sveltejs/kit'
 import { shortener } from '$lib/db/schema'
 import { eq } from 'drizzle-orm'
+import { isAlphanumeric } from '$lib/utils'
 
 export const load = (async (event) => {
 	const { project: selectedProject } = await event.parent()
@@ -63,6 +64,14 @@ export const actions: Actions = {
 					'Please Enter Custom Code',
 				)
 			}
+			if (!isAlphanumeric(form.data.custom_code)) {
+				return setError(
+					form,
+					'custom_code',
+					'Code cannot contain special characters',
+				)
+			}
+
 			const customCodeExist = await db.query.shortener.findFirst({
 				where: (shortener, { eq, and, ne }) =>
 					and(