10 Descriptive message about your chansssges
This commit is contained in:
parent
1a9336608d
commit
20505fc6e2
@ -53,8 +53,29 @@ export async function PUT(req:Request)
|
||||
phone : string | null = payload.phone as string | null,
|
||||
address : string | null = payload.address as string | null,
|
||||
showLogo : boolean | null = payload.showLogo as boolean | null,
|
||||
logo : string | null = payload.logo as string | null,
|
||||
currencySymbol : string | null = payload.currencySymbol as string | null;
|
||||
let logo : string | null = payload.logo as string | null;
|
||||
|
||||
// Validate logo if provided
|
||||
if (logo && typeof logo === 'string') {
|
||||
// Check if it's a valid SVG
|
||||
if (!logo.includes('<svg') || !logo.includes('</svg>')) {
|
||||
return NextResponse.json({
|
||||
success: false,
|
||||
message: "invalidSVGFile",
|
||||
}, {
|
||||
status: 400,
|
||||
headers: {
|
||||
"content-type": "application/json"
|
||||
}
|
||||
})
|
||||
}
|
||||
|
||||
// Remove any script tags for security
|
||||
const cleanLogo = logo.replace(/<script[^>]*>.*?<\/script>/gi, '');
|
||||
// Update the logo variable with cleaned content
|
||||
logo = cleanLogo;
|
||||
}
|
||||
// update the doc
|
||||
let updated_doc = await userModel.updateMany({} , {
|
||||
$set: {
|
||||
|
||||
@ -58,13 +58,32 @@ export default function GeneralSettings()
|
||||
const handleFileChange = async (event : any , setFieldValue : any) => {
|
||||
const file = event.target.files[0];
|
||||
if (file) {
|
||||
// Validate file type
|
||||
if (!file.type.includes('svg') && !file.name.toLowerCase().endsWith('.svg')) {
|
||||
alert(t('onlySVGFilesAllowed') || 'Only SVG files are allowed');
|
||||
event.target.value = ''; // Clear the input
|
||||
return;
|
||||
}
|
||||
|
||||
try {
|
||||
// get the file content
|
||||
const content = await readFile(file);
|
||||
const content = await readFile(file) as string;
|
||||
|
||||
// Validate SVG content
|
||||
if (!content.includes('<svg') || !content.includes('</svg>')) {
|
||||
alert(t('invalidSVGFile') || 'Invalid SVG file format');
|
||||
event.target.value = ''; // Clear the input
|
||||
return;
|
||||
}
|
||||
|
||||
// Additional security check - remove any script tags
|
||||
const cleanContent = content.replace(/<script[^>]*>.*?<\/script>/gi, '');
|
||||
|
||||
// set the field value with with new file content
|
||||
setFieldValue('logo' , content)
|
||||
setFieldValue('logo' , cleanContent)
|
||||
} catch (error) {
|
||||
console.error('Error reading file:', error);
|
||||
alert(t('errorReadingFile') || 'Error reading file');
|
||||
}
|
||||
}
|
||||
};
|
||||
|
||||
@ -364,7 +364,10 @@
|
||||
"edite": "التعديل",
|
||||
"save": "الحفظ",
|
||||
"ignore": "تجاهل",
|
||||
"appNameEN": "اسم التطبيق ( en )"
|
||||
"appNameEN": "اسم التطبيق ( en )",
|
||||
"onlySVGFilesAllowed": "يُسمح فقط بملفات SVG",
|
||||
"invalidSVGFile": "تنسيق ملف SVG غير صالح",
|
||||
"errorReadingFile": "خطأ في قراءة الملف"
|
||||
},
|
||||
"statistics": {
|
||||
"totalMembers": "إجمالي الأعضاء",
|
||||
|
||||
@ -368,7 +368,10 @@
|
||||
"loading": "Loading",
|
||||
"edite": "Edite",
|
||||
"save": "Save",
|
||||
"ignore": "Ignore"
|
||||
"ignore": "Ignore",
|
||||
"onlySVGFilesAllowed": "Only SVG files are allowed",
|
||||
"invalidSVGFile": "Invalid SVG file format",
|
||||
"errorReadingFile": "Error reading file"
|
||||
},
|
||||
"statistics": {
|
||||
"totalMembers": "Total Members",
|
||||
|
||||
Loading…
Reference in New Issue
Block a user