From abb5d5343132da9cb95f248577f7449da7de751f Mon Sep 17 00:00:00 2001
From: mantikoros <sgrugett@gmail.com>
Date: Sat, 8 Jan 2022 11:51:31 -0600
Subject: [PATCH] ensure bet amounts are positive

---
 functions/src/create-contract.ts | 5 ++++-
 functions/src/place-bet.ts       | 3 +++
 web/components/bet-panel.tsx     | 2 +-
 web/pages/create.tsx             | 2 +-
 4 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/functions/src/create-contract.ts b/functions/src/create-contract.ts
index d37919ab..dd0bbce3 100644
--- a/functions/src/create-contract.ts
+++ b/functions/src/create-contract.ts
@@ -32,7 +32,10 @@ export const createContract = functions
       if (!question || !initialProb)
         return { status: 'error', message: 'Missing contract attributes' }
 
-      if (ante !== undefined && (ante < 0 || ante > creator.balance))
+      if (
+        ante !== undefined &&
+        (ante < 0 || ante > creator.balance || isNaN(ante) || !isFinite(ante))
+      )
         return { status: 'error', message: 'Invalid ante' }
 
       console.log(
diff --git a/functions/src/place-bet.ts b/functions/src/place-bet.ts
index 8cb88b3a..11ae425d 100644
--- a/functions/src/place-bet.ts
+++ b/functions/src/place-bet.ts
@@ -19,6 +19,9 @@ export const placeBet = functions.runWith({ minInstances: 1 }).https.onCall(
 
     const { amount, outcome, contractId } = data
 
+    if (amount <= 0 || isNaN(amount) || !isFinite(amount))
+      return { status: 'error', message: 'Invalid amount' }
+
     if (outcome !== 'YES' && outcome !== 'NO')
       return { status: 'error', message: 'Invalid outcome' }
 
diff --git a/web/components/bet-panel.tsx b/web/components/bet-panel.tsx
index a8d52e1b..347e398f 100644
--- a/web/components/bet-panel.tsx
+++ b/web/components/bet-panel.tsx
@@ -52,7 +52,7 @@ export function BetPanel(props: { contract: Contract; className?: string }) {
   function onBetChange(str: string) {
     setWasSubmitted(false)
 
-    const amount = parseInt(str)
+    const amount = parseInt(str.replace(/[^\d]/, ''))
 
     if (str && isNaN(amount)) return
 
diff --git a/web/pages/create.tsx b/web/pages/create.tsx
index 683bb360..1d53ccd6 100644
--- a/web/pages/create.tsx
+++ b/web/pages/create.tsx
@@ -76,7 +76,7 @@ export default function NewContract() {
   }
 
   function onAnteChange(str: string) {
-    const amount = parseInt(str)
+    const amount = parseInt(str.replace(/[^\d]/, ''))
 
     if (str && isNaN(amount)) return