From ee81ffec09312f142335ef89fe4da989cdefb61d Mon Sep 17 00:00:00 2001
From: ghost <localhost>
Date: Sat, 9 Dec 2023 22:43:29 +0200
Subject: [PATCH] update validation rules

---
 .env                              |  6 +++---
 src/Controller/RoomController.php | 25 +++++++++++++++++++++++++
 2 files changed, 28 insertions(+), 3 deletions(-)

diff --git a/.env b/.env
index 02fd25d..e4aae1a 100644
--- a/.env
+++ b/.env
@@ -73,7 +73,7 @@ APP_ADD_ROOM_REMOTE_IP_DELAY=86400
 # Skip access limits for banned IPs separated by |
 APP_ADD_ROOM_REMOTE_IP_DENIED=
 
-# Room name rules (for kevacoin _KEVA_NS_, max length 520)
+# Room name rules (for kevacoin _KEVA_NS_, max length is 520)
 APP_ADD_ROOM_KEVA_NS_VALUE_REGEX=/^[\w\s_-]{2,64}$/ui
 
 # Allow remotes to create new posts (submit key/values)
@@ -88,5 +88,5 @@ APP_ADD_POST_REMOTE_IP_DENIED=
 # Post ID rules (for kevacoin key) do not change to keep external KevaChat nodes compatibility
 APP_ADD_POST_KEY_REGEX=/^([\d]+)@([A-z0-9\.\:\[\]]+)$/
 
-# Post content rules (for kevacoin value, max length 3072)
-APP_ADD_POST_VALUE_REGEX=/^[\w\s\:\.\,\'\"\/\!\?\@\#\%\(\)\[\]\+\-\*\$\%\=]{2,3072}$/ui
\ No newline at end of file
+# Post content rules (for kevacoin value, max length is 3072)
+APP_ADD_POST_VALUE_REGEX=/.*/ui
\ No newline at end of file
diff --git a/src/Controller/RoomController.php b/src/Controller/RoomController.php
index 6fbe9d3..f1da17a 100644
--- a/src/Controller/RoomController.php
+++ b/src/Controller/RoomController.php
@@ -427,6 +427,19 @@ class RoomController extends AbstractController
             );
         }
 
+        // Validate kevacoin value requirements
+        if (mb_strlen($request->get('message')) < 1 || mb_strlen($request->get('message')) > 3072)
+        {
+            return $this->redirectToRoute(
+                'room_namespace',
+                [
+                    'namespace' => $request->get('namespace'),
+                    'message'   => $request->get('message'),
+                    'error'     => $translator->trans('Message length out of KevaCoin protocol limits')
+                ]
+            );
+        }
+
         // Validate message regex
         if (!preg_match($this->getParameter('app.add.post.value.regex'), $request->get('message')))
         {
@@ -573,6 +586,18 @@ class RoomController extends AbstractController
             $request->get('name')
         );
 
+        // Validate kevacoin key requirements
+        if (mb_strlen($name) < 1 || mb_strlen($name) > 520)
+        {
+            return $this->redirectToRoute(
+                'room_namespace',
+                [
+                    'name'  => $name,
+                    'error'     => $translator->trans('Name length out of KevaCoin protocol limits')
+                ]
+            );
+        }
+
         // Validate room name regex
         if (!preg_match($this->getParameter('app.add.room.keva.ns.value.regex'), $name))
         {