From d8697a98ad8364d343bc61b7a225e20d9b594395 Mon Sep 17 00:00:00 2001
From: Dario Rekowski on RockPI <dario.rekowski@gmx.de>
Date: Tue, 18 May 2021 09:15:24 +0000
Subject: [PATCH 1/5] require memo between 5 and 150 character by send
 transaction

---
 community_server/src/Controller/AppRequestsController.php | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/community_server/src/Controller/AppRequestsController.php b/community_server/src/Controller/AppRequestsController.php
index 12ea77d0b..41552f6dc 100644
--- a/community_server/src/Controller/AppRequestsController.php
+++ b/community_server/src/Controller/AppRequestsController.php
@@ -156,6 +156,9 @@ class AppRequestsController extends AppController
         if($required_fields !== true) {
             return $this->returnJson($required_fields);
         }
+        if(!isset($params['memo']) || count($params['memo']) < 5 || count($params['memo']) > 150) {
+            return $this->returnJson(['state' => 'error', 'msg' => 'memo is not set or not in expected range [5;150]']);
+        }
         $params['transaction_type'] = 'transfer';
         
         $requestAnswear = $this->JsonRequestClient->sendRequest(json_encode($params), '/createTransaction');

From 5a79d993305fac78dd0468d3fcc2327fc873fd96 Mon Sep 17 00:00:00 2001
From: Dario Rekowski on RockPI <dario.rekowski@gmx.de>
Date: Tue, 18 May 2021 09:32:25 +0000
Subject: [PATCH 2/5] add to old frontend

---
 .../src/Controller/TransactionSendCoinsController.php        | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/community_server/src/Controller/TransactionSendCoinsController.php b/community_server/src/Controller/TransactionSendCoinsController.php
index 033e2343f..1018309cc 100644
--- a/community_server/src/Controller/TransactionSendCoinsController.php
+++ b/community_server/src/Controller/TransactionSendCoinsController.php
@@ -237,6 +237,11 @@ class TransactionSendCoinsController extends AppController
                    $this->set('timeUsed', microtime(true) - $startTime);
                    return;
                  }
+                 if($answear_data['msg'] === 'memo is not set or not in expected range [5;150]') {
+                    $this->Flash->error(__('Ein Verwendungszweck zwischen 5 und 150 Zeichen wird benötig!'));
+                    $this->set('timeUsed', microtime(true) - $startTime);
+                    return;
+                 }
                } else if($answear_data['state'] === 'not found' && $answear_data['msg'] === 'receiver not found') {
                   $this->Flash->error(__('Der Empfänger wurde nicht auf dem Login-Server gefunden, hat er sein Konto schon angelegt?'));
                   $this->set('timeUsed', microtime(true) - $startTime);

From 4ecbea80b59f0707dd7389abeede725d6cca340d Mon Sep 17 00:00:00 2001
From: einhornimmond <dario.rekowski@gmx.de>
Date: Tue, 18 May 2021 11:32:54 +0200
Subject: [PATCH 3/5] add check for memo also in login-server

---
 login_server/src/cpp/JSONInterface/JsonCreateTransaction.cpp | 3 +++
 login_server/src/cpp/model/gradido/TransactionBase.h         | 3 ++-
 login_server/src/cpp/model/gradido/TransactionTransfer.cpp   | 4 ++++
 3 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/login_server/src/cpp/JSONInterface/JsonCreateTransaction.cpp b/login_server/src/cpp/JSONInterface/JsonCreateTransaction.cpp
index 786af9d71..7fb40913e 100644
--- a/login_server/src/cpp/JSONInterface/JsonCreateTransaction.cpp
+++ b/login_server/src/cpp/JSONInterface/JsonCreateTransaction.cpp
@@ -108,6 +108,9 @@ Poco::JSON::Object* JsonCreateTransaction::transfer(Poco::Dynamic::Var params)
 	else {
 		result = stateError("parameter format unknown");
 	}
+	if (mMemo.size() < 5 || mMemo.size() > 150) {
+		result = stateError("memo is not set or not in expected range [5;150]");
+	}
 	if (result) {
 		mm->releaseMemory(target_pubkey);
 		return result;
diff --git a/login_server/src/cpp/model/gradido/TransactionBase.h b/login_server/src/cpp/model/gradido/TransactionBase.h
index 6a82b2a28..9f5a87d85 100644
--- a/login_server/src/cpp/model/gradido/TransactionBase.h
+++ b/login_server/src/cpp/model/gradido/TransactionBase.h
@@ -31,7 +31,8 @@ namespace model {
 			TRANSACTION_VALID_INVALID_AMOUNT,
 			TRANSACTION_VALID_INVALID_PUBKEY,
 			TRANSACTION_VALID_INVALID_GROUP_ALIAS,
-			TRANSACTION_VALID_INVALID_SIGN
+			TRANSACTION_VALID_INVALID_SIGN,
+			TRANSACTION_VALID_INVALID_MEMO
 		};
 		const char* TransactionValidationToString(TransactionValidation result);
 
diff --git a/login_server/src/cpp/model/gradido/TransactionTransfer.cpp b/login_server/src/cpp/model/gradido/TransactionTransfer.cpp
index 759d79690..ef0d3a3f6 100644
--- a/login_server/src/cpp/model/gradido/TransactionTransfer.cpp
+++ b/login_server/src/cpp/model/gradido/TransactionTransfer.cpp
@@ -186,6 +186,10 @@ namespace model {
 				addError(new Error(function_name, "sender and receiver are the same"));
 				return TRANSACTION_VALID_INVALID_PUBKEY;
 			}
+			if (mMemo.size() < 5 || mMemo.size() > 150) {
+				addError(new Error(function_name, "memo is not set or not in expected range [5;150]"));
+				return TRANSACTION_VALID_INVALID_MEMO;
+			}
 			return TRANSACTION_VALID_OK;
 		}
 

From 8b29556ba56a0fb34642918b83426f635a8c132c Mon Sep 17 00:00:00 2001
From: Moriz Wahl <moriz.wahl@gmx.de>
Date: Tue, 18 May 2021 22:53:01 +0200
Subject: [PATCH 4/5] add memo valiadation to frontend

---
 .../AccountOverview/GddSend/TransactionForm.vue | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

diff --git a/frontend/src/views/Pages/AccountOverview/GddSend/TransactionForm.vue b/frontend/src/views/Pages/AccountOverview/GddSend/TransactionForm.vue
index 3967bbec0..777ba2394 100644
--- a/frontend/src/views/Pages/AccountOverview/GddSend/TransactionForm.vue
+++ b/frontend/src/views/Pages/AccountOverview/GddSend/TransactionForm.vue
@@ -87,7 +87,22 @@
                     style="font-size: xx-large; padding-left: 20px"
                   ></b-form-input>
                 </b-input-group>
-                <b-col class="text-left p-3 p-sm-1">{{ $t('form.memo') }}</b-col>
+              </validation-provider>
+              <validation-provider
+                :rules="{
+                  required: true,
+                  min: 5,
+                  max: 150,
+                }"
+                :name="$t('form.memo')"
+                v-slot="{ errors }"
+              >
+                <b-row>
+                  <b-col class="text-left p-3 p-sm-1">{{ $t('form.memo') }}</b-col>
+                  <b-col v-if="errors" class="text-right p-3 p-sm-1">
+                    <span v-for="error in errors" class="errors" :key="error">{{ error }}</span>
+                  </b-col>
+                </b-row>
                 <b-input-group id="input-group-3">
                   <b-input-group-prepend class="p-3 d-none d-md-block">
                     <b-icon icon="chat-right-text" class="display-3"></b-icon>

From 6b48f580051977d75a306efd1a45d9ff0ab98058 Mon Sep 17 00:00:00 2001
From: Dario Rekowski on RockPI <dario.rekowski@gmx.de>
Date: Wed, 19 May 2021 10:35:37 +0000
Subject: [PATCH 5/5] change to strlen in php strings cannot be counted

---
 community_server/src/Controller/AppRequestsController.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/community_server/src/Controller/AppRequestsController.php b/community_server/src/Controller/AppRequestsController.php
index 41552f6dc..4d70a68b1 100644
--- a/community_server/src/Controller/AppRequestsController.php
+++ b/community_server/src/Controller/AppRequestsController.php
@@ -156,7 +156,7 @@ class AppRequestsController extends AppController
         if($required_fields !== true) {
             return $this->returnJson($required_fields);
         }
-        if(!isset($params['memo']) || count($params['memo']) < 5 || count($params['memo']) > 150) {
+        if(!isset($params['memo']) || strlen($params['memo']) < 5 || strlen($params['memo']) > 150) {
             return $this->returnJson(['state' => 'error', 'msg' => 'memo is not set or not in expected range [5;150]']);
         }
         $params['transaction_type'] = 'transfer';