diff --git a/Pages/Dashboard.cshtml b/Pages/Dashboard.cshtml index 7e0aeeb..efb9cbb 100644 --- a/Pages/Dashboard.cshtml +++ b/Pages/Dashboard.cshtml @@ -51,7 +51,7 @@ else {
Profile URL
- +
diff --git a/Pages/Index.cshtml b/Pages/Index.cshtml index 13a11af..f091798 100644 --- a/Pages/Index.cshtml +++ b/Pages/Index.cshtml @@ -15,11 +15,11 @@

The following users are currently live:

@foreach (var user in liveUsers) { - @user + @user }
} else {

At the moment, no users are live. Please check back later!

} - \ No newline at end of file + diff --git a/Pages/profile.cshtml b/Pages/Profile.cshtml similarity index 99% rename from Pages/profile.cshtml rename to Pages/Profile.cshtml index 10205ef..21fade3 100644 --- a/Pages/profile.cshtml +++ b/Pages/Profile.cshtml @@ -1,4 +1,4 @@ -@page "{user}" +@page "/{user}" @using RTMPDash.DataModels @model ProfileModel @{ @@ -54,4 +54,4 @@

@user.PronounSubject.FirstCharToUpper() @pronounAdditional not currently live. @user.PronounSubject.FirstCharToUpper() have not specified an announcement URL, so check back later!

} } - \ No newline at end of file + diff --git a/Pages/profile.cshtml.cs b/Pages/Profile.cshtml.cs similarity index 100% rename from Pages/profile.cshtml.cs rename to Pages/Profile.cshtml.cs diff --git a/Pages/Register.cshtml.cs b/Pages/Register.cshtml.cs index ca8d3e4..58a52ec 100644 --- a/Pages/Register.cshtml.cs +++ b/Pages/Register.cshtml.cs @@ -11,28 +11,35 @@ namespace RTMPDash.Pages; public class RegisterModel : PageModel { public void OnPost() { if (!Request.HasFormContentType - || string.IsNullOrWhiteSpace(Request.Form["user"]) - || string.IsNullOrWhiteSpace(Request.Form["pass"]) - || string.IsNullOrWhiteSpace(Request.Form["code"])) + || string.IsNullOrWhiteSpace(Request.Form["user"]) + || string.IsNullOrWhiteSpace(Request.Form["pass"]) + || string.IsNullOrWhiteSpace(Request.Form["code"])) return; using var db = new AppDb.DbConn(); if (!db.Invites.Any(p => p.Code == Request.Form["code"])) return; - var user = db.Users.FirstOrDefault(p => p.Username == Request.Form["user"].ToString()); + var newUser = Request.Form["user"].ToString().ToLowerInvariant(); + var user = db.Users.FirstOrDefault(p => p.Username == newUser); if (user != null) { //user already exists Response.Redirect("/Register?e=user_exists"); return; } - if (db.Users.Any(p => p.StreamKey == Request.Form["user"] || p.PrivateAccessKey == Request.Form["user"])) { + if (db.Users.Any(p => p.StreamKey == newUser || p.PrivateAccessKey == newUser)) { //user invalid Response.Redirect("/Register?e=user_invalid"); return; } + if (newUser is "register" or "login" or "logout" or "privacy" or "stats" or "index" or "error" or "dashboard" or "credits" or "admin" or "content") { + // user invalid + Response.Redirect("/Register?e=user_invalid"); + return; + } + user = new User { Username = Request.Form["user"].ToString(), Password = Request.Form["pass"].ToString().Sha256(), @@ -49,4 +56,4 @@ public class RegisterModel : PageModel { HttpContext.Session.SetString("authenticatedUser", user.Username); } -} \ No newline at end of file +} diff --git a/README.md b/README.md index 4a7df5d..6db08ea 100644 --- a/README.md +++ b/README.md @@ -166,7 +166,7 @@ WantedBy=multi-user.target player.on("ended", function(){ console.log('Stream ended. Redirecting to profile.'); - document.location = 'https://chaos.stream/profile/' + window.location.pathname.substring(1); + document.location = 'https://chaos.stream/' + window.location.pathname.substring(1); }); });