validation, toast, modal, folder tree

2025-03-08 22:20:15 -05:00
parent 2d49d6eddf
commit 5cc20dfb39
25 changed files with 1229 additions and 525 deletions
--- a/removeUser.php
+++ b/removeUser.php
@@ -22,6 +22,12 @@ if (!$usernameToRemove) {
    exit;
 }

+// Optional: Validate the username format (allow letters, numbers, underscores, dashes, and spaces)
+if (!preg_match('/^[A-Za-z0-9_\- ]+$/', $usernameToRemove)) {
+    echo json_encode(["error" => "Invalid username format"]);
+    exit;
+}
+
 // Prevent removal of the currently logged-in user
 if (isset($_SESSION['username']) && $_SESSION['username'] === $usernameToRemove) {
    echo json_encode(["error" => "Cannot remove yourself"]);
@@ -60,4 +66,4 @@ if (!$userFound) {
 // Write the updated list back to users.txt
 file_put_contents($usersFile, implode(PHP_EOL, $newUsers) . PHP_EOL);
 echo json_encode(["success" => "User removed successfully"]);
-?>
+?>