From 76475411d1cde533f8814588899d63b486929805 Mon Sep 17 00:00:00 2001
From: Sahat Yalkabov <sakhat@gmail.com>
Date: Thu, 23 Jan 2014 22:19:18 -0500
Subject: [PATCH] Add contact page server side validation assertions using
 express-validator

---
 controllers/contact.js | 14 +++++++++++++-
 views/contact.jade     | 11 ++++++-----
 2 files changed, 19 insertions(+), 6 deletions(-)

diff --git a/controllers/contact.js b/controllers/contact.js
index 960b246180..833dffb941 100644
--- a/controllers/contact.js
+++ b/controllers/contact.js
@@ -10,7 +10,7 @@ exports.getContact = function(req, res) {
   res.render('contact', {
     title: 'Contact',
     success: req.flash('success'),
-    error: req.flash('error')
+    errors: req.flash('errors')
   });
 };
 
@@ -23,6 +23,18 @@ exports.getContact = function(req, res) {
  */
 
 exports.postContact = function(req, res) {
+  req.assert('name', 'Name cannot be blank').notEmpty();
+  req.assert('email', 'Email cannot be blank').notEmpty();
+  req.assert('email', 'Email is not valid').isEmail();
+  req.assert('message', 'Message cannot be blank').notEmpty();
+
+  var errors = req.validationErrors();
+
+  if (errors) {
+    req.flash('errors', errors);
+    return res.redirect('/contact');
+  }
+
   var from = req.body.email;
   var name = req.body.name;
   var body = req.body.message;
diff --git a/views/contact.jade b/views/contact.jade
index 13565f31c2..99515ff7f7 100644
--- a/views/contact.jade
+++ b/views/contact.jade
@@ -1,9 +1,10 @@
 extends layout
 
 block content
-  if error.length
+  if errors.length
     .alert.alert-danger
-      p= error
+      for error in errors
+        div= error.msg
   if success.length
     .alert.alert-success
       p= success
@@ -15,15 +16,15 @@ block content
     .form-group
       label(class='col-sm-2 control-label', for='email') Name
       .col-sm-8
-        input.form-control(type='name', name='name', id='name', required=true)
+        input.form-control(type='name', name='name', id='name', autofocus=true)
     .form-group
       label(class='col-sm-2 control-label', for='email') Email
       .col-sm-8
-        input.form-control(type='email', name='email', id='email', required=true)
+        input.form-control(type='text', name='email', id='email')
     .form-group
       label(class='col-sm-2 control-label', for='contactBody') Body
       .col-sm-8
-        textarea.form-control(type='text', name='message', id='message', rows='7', required=true)
+        textarea.form-control(type='text', name='message', id='message', rows='7')
     .form-group
       .col-sm-offset-2.col-sm-8
         button.btn.btn-default(type='submit')