From e66a96be6e019fb1d5439135ae3e8799dbc2d995 Mon Sep 17 00:00:00 2001
From: Celestora <kitsuruko@gmail.com>
Date: Mon, 18 Apr 2022 19:02:23 +0300
Subject: [PATCH] Throw error if album name is too large

Fixes #534
---
 Web/Presenters/PhotosPresenter.php | 5 +++++
 locales/en.strings                 | 1 +
 locales/ru.strings                 | 1 +
 3 files changed, 7 insertions(+)

diff --git a/Web/Presenters/PhotosPresenter.php b/Web/Presenters/PhotosPresenter.php
index 01093be7..aed5fbfd 100644
--- a/Web/Presenters/PhotosPresenter.php
+++ b/Web/Presenters/PhotosPresenter.php
@@ -72,6 +72,8 @@ final class PhotosPresenter extends OpenVKPresenter
         if($_SERVER["REQUEST_METHOD"] === "POST") {
             if(empty($this->postParam("name")))
                 $this->flashFail("err", tr("error"), tr("error_segmentation")); 
+            else if(strlen($this->postParam("name")) > 36)
+                $this->flashFail("err", tr("error"), tr("error_data_too_big", "name", 36, "bytes")); 
 
             $album = new Album;
             $album->setOwner(isset($club) ? $club->getId() * -1 : $this->user->id);
@@ -100,6 +102,9 @@ final class PhotosPresenter extends OpenVKPresenter
         $this->template->album = $album;
         
         if($_SERVER["REQUEST_METHOD"] === "POST") {
+            if(strlen($this->postParam("name")) > 36)
+                $this->flashFail("err", tr("error"), tr("error_data_too_big", "name", 36, "bytes"));
+            
             $album->setName(empty($this->postParam("name")) ? $album->getName() : $this->postParam("name"));
             $album->setDescription(empty($this->postParam("desc")) ? NULL : $this->postParam("desc"));
             $album->setEdited(time());
diff --git a/locales/en.strings b/locales/en.strings
index d7c8fba1..26588d08 100644
--- a/locales/en.strings
+++ b/locales/en.strings
@@ -776,6 +776,7 @@
 "error_new_password" = "New password does not match";
 "error_shorturl_incorrect" = "The short address has an incorrect format.";
 "error_repost_fail" = "Failed to share post";
+"error_data_too_big" = "Attribute '$1' must be at most $2 $3 long";
 
 "forbidden" = "Access error";
 "forbidden_comment" = "This user's privacy settings do not allow you to look at his page.";
diff --git a/locales/ru.strings b/locales/ru.strings
index a3957584..04d4cda4 100644
--- a/locales/ru.strings
+++ b/locales/ru.strings
@@ -819,6 +819,7 @@
 "error_new_password" = "Новые пароли не совпадает";
 "error_shorturl_incorrect" = "Короткий адрес имеет некорректный формат.";
 "error_repost_fail" = "Не удалось поделиться записью";
+"error_data_too_big" = "Аттрибут '$1' не может быть длиннее $2 $3";
 
 "forbidden" = "Ошибка доступа";
 "forbidden_comment" = "Настройки приватности этого пользователя не разрешают вам смотреть на его страницу.";