From 4575843345362927fe977daeb516046b3732551f Mon Sep 17 00:00:00 2001
From: regalijan <r@regalijan.com>
Date: Thu, 19 Oct 2023 16:51:02 -0400
Subject: [PATCH] Add non-word character check

---
 functions/api/reports/submit.ts | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/functions/api/reports/submit.ts b/functions/api/reports/submit.ts
index 04dbdad..64701c5 100644
--- a/functions/api/reports/submit.ts
+++ b/functions/api/reports/submit.ts
@@ -78,7 +78,8 @@ export async function onRequestPost(context: RequestContext) {
     if (
       username.length < 3 ||
       username.length > 20 ||
-      username.match(/_/g)?.length > 1
+      username.match(/_/g)?.length > 1 ||
+      username.match(/\W/)
     )
       return jsonError(`Username "${username}" is invalid`, 400);
   }