From 4c0c39281968f548d7e08291e36bd8652098a732 Mon Sep 17 00:00:00 2001
From: Tipragot <contact@tipragot.fr>
Date: Wed, 10 Jan 2024 08:30:33 +0100
Subject: [PATCH] =?UTF-8?q?Ajout=20de=20v=C3=A9rifications=20des=20informa?=
 =?UTF-8?q?tions=20donn=C3=A9es?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/main.rs | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/src/main.rs b/src/main.rs
index 7f6e5e7..716176e 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -1,6 +1,5 @@
 //! Un simple serveur http pour enregistrer des scores du jeu Ponguito.
 
-use std::collections::HashMap;
 use std::net::IpAddr;
 
 use axum::extract::{Path, Query};
@@ -138,6 +137,18 @@ async fn register_score(
     LeftmostXForwardedFor(ip): LeftmostXForwardedFor,
     Path((name, score)): Path<(String, u32)>,
 ) -> impl IntoResponse {
+    // Vérification des informations
+    let name = name.trim().to_lowercase();
+    if name.is_empty() || score == 0 {
+        return StatusCode::BAD_REQUEST;
+    }
+
+    // Vérification du nom du joueur
+    let authorized_characters = "abcdefghijklmnopqrstuvwxyz0123456789_-";
+    if name.chars().any(|c| !authorized_characters.contains(c)) {
+        return StatusCode::BAD_REQUEST;
+    }
+
     // Création du fichier de logs des scores si il n'existe pas
     let mut file = OpenOptions::new()
         .create(true)