From 2561b403bdbcbaf9f0a4da15621e804492543da4 Mon Sep 17 00:00:00 2001
From: Zachary Watts <zaxor0@gmail.com>
Date: Thu, 30 Apr 2026 15:18:38 -0400
Subject: [PATCH] checks for arguments

---
 app.py | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/app.py b/app.py
index 36e8ac6..fc7d380 100644
--- a/app.py
+++ b/app.py
@@ -16,6 +16,8 @@ Session(app)
 @app.route('/')
 def index():
     tab = request.args.get("tab", default="what", type=str)
+    if tab not in [ "what", "how", "why", "about" ]:
+        tab = "what"
     return render_template("index.html", tab=tab)
 
 @app.route('/party', methods = ["GET"])
@@ -29,6 +31,12 @@ def party():
         count = request.args.get("count", default=4, type=int)
         level = request.args.get("level", default=1, type=int)
         cache = request.args.get("cache", default='true', type=str)
+        if cache not in [ "true", "false" ]:
+            cache = 'true'
+        if level < 1 or level > 5:
+            level = 1
+        if count < 2 or count > 5:
+            count = 4
         adv_party = returnParty(count, level) 
         # check for cookies present
         if request.cookies:
@@ -78,6 +86,14 @@ def character():
         level = request.args.get("level", default=1, type=int)
         role = request.args.get("role", default="fighter", type=str)
         cache = request.args.get("cache", default='true', type=str)
+        if cache not in [ "true", "false" ]:
+            cache = 'true'
+        if not c_id.startswith('adv-'):
+            c_id = 'adv-1'
+        if level < 1 or level > 5:
+            level = 1
+        if role not in [ 'fighter','magic-user','cleric', 'thief', 'dwarf', 'elf', 'halfling']:
+            role = 'fighter'
         if request.cookies and cache != "false":
             cookie_encoded = request.cookies[c_id]
             cookie_compressed = base64.urlsafe_b64decode(cookie_encoded)