From 51c05abc2dcdbcc919dc3ea23125ed91c13dac15 Mon Sep 17 00:00:00 2001
From: garret <garret@airmail.cc>
Date: Tue, 2 Jul 2024 16:04:46 +0100
Subject: sanity check the user id

a
---
 fetch-status.py | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/fetch-status.py b/fetch-status.py
index 684ee9a..1426a99 100755
--- a/fetch-status.py
+++ b/fetch-status.py
@@ -8,6 +8,19 @@ import os
 
 profile_id = os.environ['QUERY_STRING'].strip()
 
+if not profile_id.isdigit():
+	print("Status: 400 Bad Request")
+	print("Content-Type: text/plain")
+	print()
+
+	current_url = "https://" if os.environ.get("HTTPS") else "http://"
+	current_url += os.environ.get("HTTP_HOST") + os.environ.get("REQUEST_URI")
+
+	if current_url.endswith("?"+profile_id):
+		current_url = current_url[:-len(profile_id)-1]
+	print(f"you have to put your user id as a query, like {current_url}?6498")
+	quit()
+
 headers = {
 	'User-Agent': f'agora status fetcher - contact forum user "garret 427738" or https://427738.xyz/hate-mail.html - requested by {os.environ.get("REMOTE_ADDR")}',
 }
-- 
cgit v1.2.3-70-g09d2