+// Upload a problem (AJAX)
+router.post("/problems/:variant([a-zA-Z0-9]+)", (req,res) => {
+ if (!req.xhr)
+ return res.json({errmsg: "Unauthorized access"});
+ const vname = req.params["variant"];
+
+ // TODO: get parameters and sanitize them
+ sanitizeHtml(req.body["fen"]); // [/a-z0-9 ]*
+ sanitizeHtml(req.body["instructions"]);
+ db.serialize(function() {
+ let stmt = db.prepare("INSERT INTO Problems VALUES (?,?,?,?,?)");
+ stmt.run(timestamp, vname, fen, instructions, solution);
+ stmt.finalize();
+ });
+ res.json({});
+});
+
+