From 7985199b37c4e497bb9b245613d3eeb09c98cadb Mon Sep 17 00:00:00 2001
From: FChannel <=>
Date: Thu, 28 Jan 2021 15:17:22 -0800
Subject: max length for input fields

---
 main.go            | 9 +++++++--
 static/bottom.html | 4 ++--
 static/top.html    | 8 ++++----
 3 files changed, 13 insertions(+), 8 deletions(-)

diff --git a/main.go b/main.go
index f6ed5f0..0ff2854 100644
--- a/main.go
+++ b/main.go
@@ -287,8 +287,8 @@ func main() {
 			return
 		}
 
-		if(len(r.FormValue("subject")) > 100 || len(r.FormValue("name")) > 100) {
-			w.Write([]byte("Name or Subject limit 100 characters"))
+		if(len(r.FormValue("subject")) > 100 || len(r.FormValue("name")) > 100 || len(r.FormValue("options" > 100) {
+			w.Write([]byte("Name, Subject or Options limit 100 characters"))
 			return
 		}		
 
@@ -756,6 +756,11 @@ func main() {
 
 		var captcha = r.FormValue("captchaCode") + ":" + r.FormValue("captcha")
 
+		if len(reason) > 100 {
+			w.Write([]byte("Report comment limit 100 characters"))
+			return
+		}
+
 		if(!CheckCaptcha(db, captcha)) {
 			w.WriteHeader(http.StatusBadRequest)
 			w.Write([]byte("captcha required"))					
diff --git a/static/bottom.html b/static/bottom.html
index 25339b5..c058b14 100644
--- a/static/bottom.html
+++ b/static/bottom.html
@@ -2,8 +2,8 @@
 <div id="reply-box" class="popup-box" style="display: none; ">
   <div id="reply-header" style="display: inline-block; width: 370px; z-index: 0; cursor: move;"></div><div id="reply-close" style="display: inline-block; float: right;"><a href="javascript:closeReply()">[X]</a></div>
   <form id="reply-post" action="/post" method="post" enctype="multipart/form-data">
-    <input id="reply-name" name="name" size="43" type="text" placeholder="Name">
-    <input id="reply-options" name="options" size="43" type="text" placeholder="Options">
+    <input id="reply-name" name="name" size="43" type="text" placeholder="Name" maxlength="100">
+    <input id="reply-options" name="options" size="43" type="text" placeholder="Options" maxlength="100">
     <textarea id="reply-comment" name="comment" rows="12" cols="54" style="width: 396px;" maxlength="2000"></textarea>
     <input id="reply-file" name="file" type="file">
     <input id="reply-submit" type="submit" value="Reply" style="float: right;">
diff --git a/static/top.html b/static/top.html
index d28043f..b891e14 100644
--- a/static/top.html
+++ b/static/top.html
@@ -11,15 +11,15 @@
   <div id="newpost" style="display: none;">    
     <form id="new-post" action="/post" method="post" enctype="multipart/form-data">        
       <label for="name">Name:</label><br>
-      <input type="text" id="name" name="name" placeholder="Anonymous"><br>
+      <input type="text" id="name" name="name" placeholder="Anonymous" maxlength="100"><br>
       <label for="options">Options:</label><br>
-      <input type="text" id="options" name="options">{{ if .Board.InReplyTo }}<input type="submit" value="Post">{{ end }}<br>
+      <input type="text" id="options" name="options" maxlength="100">{{ if .Board.InReplyTo }}<input type="submit" value="Post">{{ end }}<br>
       {{ if eq .Board.InReplyTo "" }}
       <label for="subject">Subject:</label><br>      
-      <input type="text" id="subject" name="subject"><input type="submit" value="Post"><br>
+      <input type="text" id="subject" name="subject" maxlength="100"><input type="submit" value="Post"><br>
       {{ end }}
       <label for="comment">Comment:</label><br>
-      <textarea rows="10" cols="50" id="comment" name="comment"></textarea><br>
+      <textarea rows="10" cols="50" id="comment" name="comment" maxlength="2000"></textarea><br>
       <input type="hidden" id="inReplyTo" name="inReplyTo" value="{{ .Board.InReplyTo }}">
       <input type="hidden" id="sendTo" name="sendTo" value="{{ .Board.To }}">
       <input type="hidden" id="boardName" name="boardName" value="{{ .Board.Name }}">
-- 
cgit v1.2.3