From f803aaa4533d7d184eb8c2fe31e73c794f18c14b Mon Sep 17 00:00:00 2001
From: b1ek <me@blek.codes>
Date: Mon, 20 Feb 2023 15:34:26 +1000
Subject: [PATCH] add max length server side check

---
 routes/guestbook.js | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/routes/guestbook.js b/routes/guestbook.js
index 4639fe6..8169aa5 100644
--- a/routes/guestbook.js
+++ b/routes/guestbook.js
@@ -43,6 +43,11 @@ async function submit(req, res, next) {
     const { name, email, message } = req.body; 
     const hidemail = req.body.hidemail ? (req.body.hidemail == 'on' ? true : false) : false;
 
+    if (message.length >= 512) {
+        res.redirect('/guestbook?error=' + encodeURIComponent('Maximum length is 512 characters.'));
+        return;
+    }
+
     let data = await Sequelize.Guestbook.create({
         name,
         email,