From 508892ad3b35fafad439083da9484e073ae34252 Mon Sep 17 00:00:00 2001
From: Joonas <qwerty@kalli.st>
Date: Sat, 11 Feb 2023 22:14:59 +0200
Subject: [PATCH] input validation

---
 app/routes/index.jsx | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/app/routes/index.jsx b/app/routes/index.jsx
index 951a61b..c502af5 100644
--- a/app/routes/index.jsx
+++ b/app/routes/index.jsx
@@ -12,6 +12,9 @@ import {
 } from "remix-utils";
 import { useState } from "react";
 
+const sortingFields = ["rank", "score", "SSranks", "Sranks", "Aranks"];
+const sortingMethods = ["desc", "asc"];
+
 const countys = [
   "Ahvenanmaa",
   "Etelä-Karjala",
@@ -114,11 +117,21 @@ export async function loader({ request }) {
   const toSort = url.searchParams.get("toSort");
   const type = url.searchParams.get("type");
 
+  if (toSort)
+    if (!sortingFields.includes(toSort)) throw new Error("Bad sorting field");
+
+  if (type)
+    if (!sortingMethods.includes(type)) throw new Error("Bad sorting method");
+
   const countyData = await prisma.county.findMany({
     include: {
       players: {
         orderBy: {
-          [toSort ? toSort : "rank"]: type ? type : "asc",
+          [toSort ? toSort : "rank"]: type
+            ? type
+            : toSort === "rank"
+            ? "desc"
+            : "asc",
         },
       },
     },