From a1122419e9bb2a98c62e3dbbfbe34cf36ddbe2a3 Mon Sep 17 00:00:00 2001
From: Nathan Woodburn <github@nathan.woodburn.au>
Date: Fri, 17 Nov 2023 10:55:00 +1100
Subject: [PATCH] fix: Limit link chars to letters and numbers

---
 db.py   | 2 ++
 main.py | 4 ++++
 2 files changed, 6 insertions(+)

diff --git a/db.py b/db.py
index 225bbff..e70c20a 100644
--- a/db.py
+++ b/db.py
@@ -52,6 +52,7 @@ def get_link_count():
     cursor = connection.cursor()
     cursor.execute("SELECT COUNT(*) FROM links")
     result = cursor.fetchone()
+    cursor.fetchall()
     cursor.close()
     connection.close()
 
@@ -70,6 +71,7 @@ def get_account_count():
     cursor = connection.cursor()
     cursor.execute("SELECT * FROM links")
     result = cursor.fetchone()
+    cursor.fetchall()
     cursor.close()
     connection.close()
     last_check_account = time.time()
diff --git a/main.py b/main.py
index 99149b0..0349a69 100644
--- a/main.py
+++ b/main.py
@@ -114,6 +114,10 @@ def add_link():
     if len(link) < 5:
         return error('Link too short')
     
+    regexmatch = re.match(r"^[a-zA-Z0-9]+$", link)
+    if not regexmatch:
+        return error('Invalid link')
+    
     # Verify link is not taken
     if db.get_link(link) != False:
         return error('Link already taken')