@@ -1,2 +1,14 @@ | |||||
export const truncateWallet: (wallet: string, preDigits: number, postDigits: number | undefined) => string = (wallet: string, preDigits: number, postDigits = preDigits) => `${wallet.slice(0, preDigits)}...${wallet.slice(-(postDigits + 1), -1)}`; | export const truncateWallet: (wallet: string, preDigits: number, postDigits: number | undefined) => string = (wallet: string, preDigits: number, postDigits = preDigits) => `${wallet.slice(0, preDigits)}...${wallet.slice(-(postDigits + 1), -1)}`; | ||||
export const isNumber = (s: string) => /^[0-9]+$/.test(s); | export const isNumber = (s: string) => /^[0-9]+$/.test(s); | ||||
export const sanitize = (s: string) => { | |||||
const chars = { | |||||
'&': '&', | |||||
'<': '<', | |||||
'>': '>', | |||||
'"': '"', | |||||
"'": ''', | |||||
'/': '/', | |||||
} as {[key: string]: string}; | |||||
return s.replace(/[&<>"'/]/ig, (match) => chars[match]); | |||||
}; |
@@ -73,6 +73,7 @@ import { ref } from 'vue'; | |||||
import store from '@/store'; | import store from '@/store'; | ||||
import { useRouter } from 'vue-router'; | import { useRouter } from 'vue-router'; | ||||
import FundTierInput from '@/components/FundTierInput.vue'; | import FundTierInput from '@/components/FundTierInput.vue'; | ||||
import { sanitize } from '@/lib/helpers'; | |||||
const router = useRouter(); | const router = useRouter(); | ||||
@@ -89,7 +90,6 @@ const issuerWallet = ref(''); | |||||
const asset = ref(''); | const asset = ref(''); | ||||
const memo = ref(''); | const memo = ref(''); | ||||
const minContribution = ref(undefined as number | undefined); | const minContribution = ref(undefined as number | undefined); | ||||
// const amtGoal = ref(undefined as number | undefined); | |||||
const bonuses = ref([] as Bonus[]); | const bonuses = ref([] as Bonus[]); | ||||
const saveBonuses = (evt: Bonus[]) => { | const saveBonuses = (evt: Bonus[]) => { | ||||
@@ -98,18 +98,19 @@ const saveBonuses = (evt: Bonus[]) => { | |||||
const requesting = ref(false); | const requesting = ref(false); | ||||
const submit = async () => { | const submit = async () => { | ||||
if (!minContribution.value) return; | |||||
if (!/^[0-9]+$/.test(minContribution.value.toString())) return; | |||||
if (!requesting.value) { | if (!requesting.value) { | ||||
requesting.value = true; | requesting.value = true; | ||||
const resp = await controller.post<SuccessResponse, Partial<FundInfo>>('CreateRewardFund', { | const resp = await controller.post<SuccessResponse, Partial<FundInfo>>('CreateRewardFund', { | ||||
asset: asset.value, | asset: asset.value, | ||||
fundWallet: fundWallet.value, | |||||
sellingWallet: sellWallet.value, | |||||
issuerWallet: issuerWallet.value, | |||||
memo: memo.value, | |||||
// amountGoal: amtGoal.value as number, | |||||
minContribution: minContribution.value as number, | |||||
title: title.value, | |||||
description: description.value, | |||||
fundWallet: sanitize(fundWallet.value), | |||||
sellingWallet: sanitize(sellWallet.value), | |||||
issuerWallet: sanitize(issuerWallet.value), | |||||
memo: sanitize(memo.value), | |||||
minContribution: minContribution.value, | |||||
title: sanitize(title.value), | |||||
description: sanitize(description.value), | |||||
bonuses: bonuses.value, | bonuses: bonuses.value, | ||||
}); | }); | ||||
requesting.value = false; | requesting.value = false; | ||||
@@ -204,7 +204,10 @@ import { | |||||
import { useWebSocket } from '@vueuse/core'; | import { useWebSocket } from '@vueuse/core'; | ||||
import SignetRequestController from '@/api/requests'; | import SignetRequestController from '@/api/requests'; | ||||
import store from '@/store'; | import store from '@/store'; | ||||
import { truncateWallet } from '@/lib/helpers'; | |||||
import { | |||||
sanitize, | |||||
truncateWallet, | |||||
} from '@/lib/helpers'; | |||||
import * as luxon from 'luxon'; | import * as luxon from 'luxon'; | ||||
import hasPermission from '@/lib/auth'; | import hasPermission from '@/lib/auth'; | ||||
@@ -381,10 +384,14 @@ const { | |||||
const makeContribution = async () => { | const makeContribution = async () => { | ||||
if (!fund.value) throw new Error('Fund not found'); | if (!fund.value) throw new Error('Fund not found'); | ||||
if (!amt.value) return; | |||||
if (!/[^[0-9]+$/.test(amt.value.toString())) { | |||||
return; | |||||
} | |||||
if (!requesting.value && pk.value && amt.value && amt.value <= amountAvailable.value) { | if (!requesting.value && pk.value && amt.value && amt.value <= amountAvailable.value) { | ||||
requesting.value = true; | requesting.value = true; | ||||
await controller.post<SuccessResponse, ContributeRequest>('Contribute', { | await controller.post<SuccessResponse, ContributeRequest>('Contribute', { | ||||
privateKey: pk.value, | |||||
privateKey: sanitize(pk.value), | |||||
amount: amt.value, | amount: amt.value, | ||||
rewardFund: fund.value.fundInfo.id, | rewardFund: fund.value.fundInfo.id, | ||||
}); | }); | ||||