-const ProblemModel =
-{
- create: function(uid, vid, fen, instructions, solution, cb)
- {
- db.serialize(function() {
- const insertQuery =
- "INSERT INTO Problems (added, uid, vid, fen, instructions, solution) " +
- "VALUES (" + Date.now() + "," + uid + "," + vid + ",'" + fen + "',?,?)";
- db.run(insertQuery, [instructions, solution], err => {
- if (!!err)
- return cb(err);
- db.get("SELECT last_insert_rowid() AS rowid", cb);
- });
- });
- },
+const ProblemModel = {
+ checkProblem: function(p) {
+ return (
+ p.id.toString().match(/^[0-9]+$/) &&
+ p.vid.toString().match(/^[0-9]+$/) &&
+ p.fen.match(/^[a-zA-Z0-9, /-]*$/)
+ );
+ },