From fc9b30bbeeb0769974da7428862add2f4a9ed665 Mon Sep 17 00:00:00 2001
From: Arc <33088785+arcbtc@users.noreply.github.com>
Date: Wed, 29 Jan 2020 12:24:33 +0000
Subject: [PATCH] Form validation to withdrawmaker

---
 lnbits/__init__.py | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/lnbits/__init__.py b/lnbits/__init__.py
index 690c99af6..5c534cba0 100644
--- a/lnbits/__init__.py
+++ b/lnbits/__init__.py
@@ -630,6 +630,10 @@ def withdrawmaker():
     uniq = data["uniq"]
     usr = data["usr"]
     wall = wal.split("-")
+    
+    #Form validation 
+    if int(amt) < 0 or not tit.isalpha() or wal == "" or int(minamt) < 0 or int(maxamt) < 0 or int(minamt) > int(maxamt) or int(tme) < 0:
+        return jsonify({"ERROR": "FORM ERROR"}), 401
    
     #If id that means its a link being edited, delet the record first
     if "id" in data: