From a2d6376e81098657bb48738ae01e565d7c1d441c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?P=C5=91cze=20Bence?= <bence@pocze.ch>
Date: Mon, 25 Sep 2023 20:55:21 +0200
Subject: [PATCH 1/3] check if username is empty in usercontroller

---
 src/Controller/UserController.php | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/Controller/UserController.php b/src/Controller/UserController.php
index ea0f86c..7fb5044 100644
--- a/src/Controller/UserController.php
+++ b/src/Controller/UserController.php
@@ -290,7 +290,11 @@ class UserController implements IAuthenticationRequired
         }
 
         $newUsername = \Container::$request->post('username');
-        if (strlen($newUsername) > 0 && $newUsername !== $user->getUsername()) {
+        if ($newUsername !== $user->getUsername()) {
+            if (strlen($newUsername) == 0) {
+                return new JsonContent(['error' => ['errorText' => 'Username cannot be empty.']]);
+            }
+
             if (preg_match('/^[a-zA-Z0-9_\-\.]+$/', $newUsername) !== 1) {
                 return new JsonContent(['error' => ['errorText' => 'Username can contain only english letters, digits, - (hyphen), . (dot), _ (underscore).']]);
             }
-- 
2.45.2


From 5d367d5b357227924702e948cdee3878e661235b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?P=C5=91cze=20Bence?= <bence@pocze.ch>
Date: Mon, 25 Sep 2023 21:08:34 +0200
Subject: [PATCH 2/3] check if username is used during signup

---
 src/Controller/LoginController.php | 19 ++++++++++++++++---
 1 file changed, 16 insertions(+), 3 deletions(-)

diff --git a/src/Controller/LoginController.php b/src/Controller/LoginController.php
index e4e2c64..68bc888 100644
--- a/src/Controller/LoginController.php
+++ b/src/Controller/LoginController.php
@@ -364,11 +364,24 @@ class LoginController
             $newUser->setPlainPassword(\Container::$request->post('password'));
         }
 
-        if (strlen(\Container::$request->post('username')) > 0 && preg_match('/^[a-zA-Z0-9_\-\.]+$/', \Container::$request->post('username')) !== 1) {
-            return new JsonContent(['error' => ['errorText' => 'Username can contain only english letters, digits, - (hyphen), . (dot), _ (underscore).']]);
+        if (strlen(\Container::$request->post('username')) > 0) {
+            $username = \Container::$request->post('username');
+
+            if (preg_match('/^[a-zA-Z0-9_\-\.]+$/', $username) !== 1) {
+                return new JsonContent(['error' => ['errorText' => 'Username can contain only english letters, digits, - (hyphen), . (dot), _ (underscore).']]);
+            }
+
+            if ($this->userRepository->getByUsername($username) !== null) {
+                return new JsonContent(['error' => ['errorText' => 'The given username is already taken.']]);
+            }
+        } else {
+            $usernameGenerator = new UsernameGenerator();
+            do {
+                $username = $usernameGenerator->generate();
+            } while ($this->userRepository->getByUsername($username));
         }
 
-        $newUser->setUsername(strlen(\Container::$request->post('username')) > 0 ? \Container::$request->post('username') : (new UsernameGenerator())->generate());
+        $newUser->setUsername($username);
         $newUser->setCreatedDate(new DateTime());
 
         \Container::$persistentDataManager->saveToDb($newUser);
-- 
2.45.2


From 7fb75c9f25724520043856b3408f47bf3cd052bb Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?P=C5=91cze=20Bence?= <bence@pocze.ch>
Date: Mon, 25 Sep 2023 21:19:32 +0200
Subject: [PATCH 3/3] reset grecaptcha in case of error

---
 public/static/js/mapguesser.js | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/public/static/js/mapguesser.js b/public/static/js/mapguesser.js
index 6e665c1..c0c6f76 100644
--- a/public/static/js/mapguesser.js
+++ b/public/static/js/mapguesser.js
@@ -89,6 +89,9 @@ var MapGuesser = {
 
                     formError.style.display = 'block';
                     formError.innerHTML = this.response.error.errorText;
+                    if (typeof grecaptcha !== 'undefined') {
+                        grecaptcha.reset();
+                    }
 
                     return;
                 }
-- 
2.45.2