summary refs log tree commit diff stats
path: root/src
diff options
context:
space:
mode:
authorBen Morrison <ben@gbmor.dev>2019-08-30 17:46:23 -0400
committerBen Morrison <ben@gbmor.dev>2019-08-30 17:46:23 -0400
commite276b9bfaf5795ed9e5ec4896fc9d2678ff8e51c (patch)
tree64ecbe963d5fc8e7356729572a25213951b29b0e /src
parentebc4efa5d0cc8bf552d528baa5b4e68956aea764 (diff)
downloadclinte-e276b9bfaf5795ed9e5ec4896fc9d2678ff8e51c.tar.gz
ensure submitted posts are utf8
Diffstat (limited to 'src')
-rw-r--r--src/db.rs2
-rw-r--r--src/main.rs23
2 files changed, 20 insertions, 5 deletions
diff --git a/src/db.rs b/src/db.rs
index 07655c5..b79a789 100644
--- a/src/db.rs
+++ b/src/db.rs
@@ -31,7 +31,7 @@ impl Conn {
 
         conn.execute(
             "CREATE TABLE IF NOT EXISTS posts (
-            id INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL,
+            id INTEGER PRIMARY KEY NOT NULL,
             title TEXT NOT NULL,
             author TEXT NOT NULL,
             body TEXT NOT NULL
diff --git a/src/main.rs b/src/main.rs
index ff1783a..6eb06fa 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -50,14 +50,28 @@ fn main() {
     list_matches(&db);
 }
 
+// Make sure nobody encodes narsty characters
+// into a message to negatively affect other
+// users
+fn str_to_utf8(str: &str) -> String {
+    str.chars()
+        .map(|c| {
+            let mut buf = [0; 4];
+            c.encode_utf8(&mut buf).to_string()
+        })
+        .collect::<String>()
+}
+
 fn list_matches(db: &db::Conn) {
     let mut stmt = db.conn.prepare("SELECT * FROM posts").unwrap();
     let out = stmt
         .query_map(rusqlite::NO_PARAMS, |row| {
-            let id = row.get(0)?;
-            let title = row.get(1)?;
-            let author = row.get(2)?;
-            let body = row.get(3)?;
+            let id: u32 = row.get(0)?;
+            let title: String = row.get(1)?;
+            let author: String = row.get(2)?;
+            let body: String = row.get(3)?;
+            let title = str_to_utf8(&title);
+            let body = str_to_utf8(&body);
             Ok(db::Post {
                 id,
                 title,
@@ -191,6 +205,7 @@ fn delete(db: &db::Conn) {
     let mut id_num_in = String::new();
     io::stdin().read_line(&mut id_num_in).unwrap();
     let id_num_in: u32 = id_num_in.trim().parse().unwrap();
+    println!();
 
     let del_stmt = format!("DELETE FROM posts WHERE id = {}", id_num_in);
     let get_stmt = format!("SELECT * FROM posts WHERE id = {}", id_num_in);