Form Checking

[JamesBream]

Forms should all be checked, both for SQL injection issues as well as for usability. A user can currently register with any username but this should be restricted to valid email addresses only. There may need to be other restrictions i.e. length of all fields.

[JamesBream]

• Possible to upload anything through blueimp atm, any file straight to the server. This needs restricting.

[JamesBream]

Backend:

http://flask.pocoo.org/docs/0.10/patterns/wtforms/ https://flask-wtf.readthedocs.org/en/latest/

Frontend:

http://formvalidation.io

[JamesBream]

Basic implementation in a4d4e7d