limit comment name and content length

diff --git a/comments.sh b/comments.sh
index 90fdbb9d74f6a76a439fc85b2e8046b7b2912a2e..88791da65b39efae18c782d3746e20cd1cae070e 100755 (executable)
--- a/comments.sh
+++ b/comments.sh
@@ -61,12 +61,12 @@ comments_updatecomment() {
 [ "$REQUEST_METHOD" = POST ] && case "$(POST action)" in
   postcomment)   comments_postcomment \
                    "$(POST cuid |checkid)" \
 [ "$REQUEST_METHOD" = POST ] && case "$(POST action)" in
   postcomment)   comments_postcomment \
                    "$(POST cuid |checkid)" \

-                   "$(POST username |grep -m1 -oE '[^[:space:]].*[^[:space:]]')" \
-                   "$(POST text)";;
+                   "$(POST username |grep -m1 -oE '[^[:space:]].{0,126}[^[:space:]]')" \
+                   "$(POST text |dd status=none bs=2048 count=1)";;

   updatecomment) comments_updatecomment \
                    "$(POST cuid |checkid)" "$(POST updatekey)" \
   updatecomment) comments_updatecomment \
                    "$(POST cuid |checkid)" "$(POST updatekey)" \

-                   "$(POST username |grep -m1 -oE '[^[:space:]].*[^[:space:]]')" \
-                   "$(POST text)";;
+                   "$(POST username |grep -m1 -oE '[^[:space:]].{0,126}[^[:space:]]')" \
+                   "$(POST text |dd status=none bs=2048 count=1)";;

   cancelcommentpost) REDIRECT "${_BASE}${PATH_INFO}#comments";;
   cancelcommentedit) REDIRECT "${_BASE}${PATH_INFO}#comment_$(POST cuid |checkid)";;
 esac
   cancelcommentpost) REDIRECT "${_BASE}${PATH_INFO}#comments";;
   cancelcommentedit) REDIRECT "${_BASE}${PATH_INFO}#comment_$(POST cuid |checkid)";;
 esac