From a3b7ff3f9fe244dc1be9c88d735e172f34c8c212 Mon Sep 17 00:00:00 2001 From: fram3d Date: Tue, 3 Oct 2023 21:31:56 +0200 Subject: [PATCH] add checks for ticket lenght and format --- freeriders/routes.py | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/freeriders/routes.py b/freeriders/routes.py index eac5d8d..3ec91b8 100644 --- a/freeriders/routes.py +++ b/freeriders/routes.py @@ -21,7 +21,11 @@ def submit(): elif request.method == 'POST': timenow = int(time.time()) ticket_input = request.form['ticket'] - ticket = Ticket(ticket = ticket_input, timestamp = timenow) + + if ticket_input.isdigit() and len(ticket_input) == 10: + ticket = Ticket(ticket = int(ticket_input), timestamp = timenow) + else: + return 'Ticket format is wrong. Only 10 digits allowed.' try: db.session.add(ticket)