From 7eee6a4ec763b69bd99b1b619ddc438d71863ebc Mon Sep 17 00:00:00 2001
From: allan <allan@xfiles.dk>
Date: Mon, 3 Nov 2025 12:59:07 +0100
Subject: [PATCH] extended input validation

---
 certbotinstall | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

diff --git a/certbotinstall b/certbotinstall
index a5bc93f..0b8f2e1 100755
--- a/certbotinstall
+++ b/certbotinstall
@@ -33,6 +33,7 @@ printf -- "sudo ./certbotinstall -p 1234AkkbdceewEFJK\n\n"
 #
 clear
 
+
 #
 # Check if no arguments were given
 #
@@ -52,10 +53,17 @@ while [[ $# -gt 0 ]]; do
             fi
             apitoken="$1"
 
-            # Validate token at least 20 chars alphanum + - _
-            if [[ ! "$apitoken" =~ ^[A-Za-z0-9_-]{20,}$ ]]; then
-                echo "ERROR: API token format seems invalid."
-                echo "Cloudflare API tokens are usually long strings with letters, numbers, - and _."
+            #
+            # Validate Cloudflare API token format
+            #
+            if [[ "$apitoken" =~ [[:space:]] ]]; then
+                printf "\nERROR: API token cannot contain spaces or line breaks.\n\n"
+                exit 1
+            fi
+
+            if [[ ! "$apitoken" =~ ^[A-Za-z0-9_-]{20,120}$ ]]; then
+                printf "\nERROR: Invalid API token format.\n"
+                printf "Expected 20–120 characters (A–Z, a–z, 0–9, - or _).\n\n"
                 exit 1
             fi