From 0d053add5e93669b71d13d97a08108ce9a5a9ef4 Mon Sep 17 00:00:00 2001
From: Imbus <>
Date: Sun, 17 Mar 2024 04:16:26 +0100
Subject: [PATCH] Add some sanity checking in SubmitWeeklyReport route

---
 backend/internal/handlers/global_state.go | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/backend/internal/handlers/global_state.go b/backend/internal/handlers/global_state.go
index 415b215..2378f7b 100644
--- a/backend/internal/handlers/global_state.go
+++ b/backend/internal/handlers/global_state.go
@@ -267,6 +267,14 @@ func (gs *GState) SubmitWeeklyReport(c *fiber.Ctx) error {
 		return c.Status(400).SendString(err.Error())
 	}
 
+	// Make sure all the fields of the report are valid
+	if report.Week < 1 || report.Week > 52 {
+		return c.Status(400).SendString("Invalid week number")
+	}
+	if report.DevelopmentTime < 0 || report.MeetingTime < 0 || report.AdminTime < 0 || report.OwnWorkTime < 0 || report.StudyTime < 0 || report.TestingTime < 0 {
+		return c.Status(400).SendString("Invalid time report")
+	}
+
 	if err := gs.Db.AddWeeklyReport(report.ProjectName, username, report.Week, report.DevelopmentTime, report.MeetingTime, report.AdminTime, report.OwnWorkTime, report.StudyTime, report.TestingTime); err != nil {
 		return c.Status(500).SendString(err.Error())
 	}