- GameModel.getOne(gameId, (err,game) => {
- access.checkRequest(res, err, game, "Game not found", () => {
- res.json({game: game});
- });
- });
+ if (!gameId.match(/^[0-9]+$/))
+ return res.json({errmsg: "Wrong game ID"});
+ GameModel.getOne(gameId, false, (err,game) => {
+ access.checkRequest(res, err, game, "Game not found", () => {
+ res.json({game: game});
+ });
+ });