From 6cc9801fe180f4a369aaf0ee082ec7b3ad5fbdf2 Mon Sep 17 00:00:00 2001 From: Martin Gross Date: Tue, 28 Jan 2020 16:53:44 +0100 Subject: [PATCH] Only allow letters, numbers, dots and dashes for giftcard codes --- src/pretix/base/models/giftcards.py | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/src/pretix/base/models/giftcards.py b/src/pretix/base/models/giftcards.py index 58fad4e95..e21d26e28 100644 --- a/src/pretix/base/models/giftcards.py +++ b/src/pretix/base/models/giftcards.py @@ -1,6 +1,7 @@ from decimal import Decimal from django.conf import settings +from django.core.validators import RegexValidator from django.db import models from django.db.models import Sum from django.utils.crypto import get_random_string @@ -50,6 +51,12 @@ class GiftCard(LoggedModel): max_length=190, db_index=True, verbose_name=_('Gift card code'), + validators=[ + RegexValidator( + regex="^[a-zA-Z0-9][a-zA-Z0-9.-]+$", + message=_("The giftcard code may only contain letters, numbers, dots and dashes."), + ) + ], ) testmode = models.BooleanField( verbose_name=_('Test mode card'),