- // fen cannot be undefined
- create: function(c, cb)
- {
- db.serialize(function() {
- const query =
- "INSERT INTO Challenges " +
- "(added, uid, " + (!!c.to ? "target, " : "") +
- "vid, fen, timeControl) VALUES " +
- "(" + Date.now() + "," + c.uid + "," + (!!c.to ? c.to + "," : "") +
- c.vid + ",'" + c.fen + "','" + c.timeControl + "')";
- db.run(query, function(err) {
- return cb(err, {cid: this.lastID});
- });
- });
+ checkChallenge: function(c) {
+ return (
+ c.vid.toString().match(/^[0-9]+$/) &&
+ c.cadence.match(/^[0-9dhms +]+$/) &&
+ c.fen.match(/^[a-zA-Z0-9, /-]*$/) &&
+ (!c.to || UserModel.checkNameEmail({ name: c.to }))
+ );