-
- // TODO: get parameters and sanitize them
- sanitizeHtml(req.body["fen"]); // [/a-z0-9 ]*
- sanitizeHtml(req.body["instructions"]);
+ const timestamp = Date.now();
+ // Sanitize them
+ const fen = req.body["fen"];
+ if (!fen.match(/^[a-zA-Z0-9, /-]*$/))
+ return res.json({errmsg: "Bad characters in FEN string"});
+ const instructions = sanitizeHtml(req.body["instructions"]);
+ const solution = sanitizeHtml(req.body["solution"]);