More bounds checking in answeringHEADmaster

1 files changed, 12 insertions, 6 deletions

diff --git a/framed.py b/framed.py
index 89f5e03..9a519d2 100644
--- a/framed.py
+++ b/framed.py
@@ -41,30 +41,36 @@ class AnswerQuestion(webapp.RequestHandler):
 		try:
 			frame = int(frame)
 		except:
+			self.response.out.write("Frame must be an integer.")
 			return
-		if code == "" or answer == "":
+		if code == "" or answer == "" or frame < 0:
+			self.response.out.write("Not enough correct info supplied.")
 			return
 		answers = answer.split(",")
 		for i in range(len(answers)):
 			try:
 				answers[i] = int(answers[i])
-				if (answers[i] > 9):
-					return
 			except:
+				self.response.out.write("Answers must be integers.")
 				return
 		titleQuery = Title.all().filter('code = ', code).fetch(1)
 		if len(titleQuery) != 1 or len(answers) == 0 or (-1 in answers and len(answers) > 1):
+			self.response.out.write("Invalid answers")
 			return
 		maxAnswer = len(titleQuery[0].characters)
 		for ans in answers:
-			if ans >= maxAnswer:
+			if ans < -1 or ans >= maxAnswer:
+				self.response.out.write("Answer to big or too small")
 				return
+		if frame > titleQuery[0].lastThumb:
+			self.response.out.write("Frame is too big")
+			return
 		answer = Answer()
 		answer.title = titleQuery[0]
 		answer.answer = answers;
 		answer.frame = frame
 		answer.put()
-		self.response.out.write(str(answers) + "<br>" + code + "<br>" + str(frame));
+		self.response.out.write("Success<br>" + str(answers) + "<br>" + code + "<br>" + str(frame));
 
 class LoadNewTitles(webapp.RequestHandler):
 	def __init__(self):
@@ -198,4 +204,4 @@ def main():
 	run_wsgi_app(application)
 
 if __name__ == "__main__":
-	main()
\ No newline at end of file
+	main()