yusur/coinstorge
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix input limits, use redis SCAN, move interval to hooks

Browse source
This commit is contained in:
Face 2025-06-24 13:10:36 +03:00
parent 6e93a2905b
commit a352314d42
4 changed files with 40 additions and 16 deletions
Download patch file Download diff file Expand all files Collapse all files

5
website/src/routes/api/gambling/mines/reveal/+server.ts
View file

@ -19,6 +19,11 @@ export const POST: RequestHandler = async ({ request }) => {
try {
const { sessionToken, tileIndex } = await request.json();
if (!Number.isInteger(tileIndex) || tileIndex < 0 || tileIndex > 24) {
return json({ error: 'Invalid tileIndex' }, { status: 400 });
}
const sessionRaw = await redis.get(getSessionKey(sessionToken));
const game = sessionRaw ? JSON.parse(sessionRaw) : null;

2
website/src/routes/api/gambling/mines/start/+server.ts
View file

@ -20,7 +20,7 @@ export const POST: RequestHandler = async ({ request }) => {
const { betAmount, mineCount } = await request.json();
const userId = Number(session.user.id);
if (!betAmount || !mineCount || mineCount < 3 || mineCount > 24) {
if (!betAmount || betAmount <= 0 || !mineCount || mineCount < 3 || mineCount > 24) {
return json({ error: 'Invalid bet amount or mine count' }, { status: 400 });
}