From 41a3c1bc16b3336fa2d54f05d0ce478f7e9ec9fb Mon Sep 17 00:00:00 2001
From: Yaman Qalieh <ybq987@gmail.com>
Date: Sat, 13 Aug 2016 17:33:12 -0400
Subject: [PATCH] description security and bug fixes

---
 hourglass/client/main/main.js |  4 ++--
 hourglass/server/main.js      | 15 ++++++---------
 2 files changed, 8 insertions(+), 11 deletions(-)

diff --git a/hourglass/client/main/main.js b/hourglass/client/main/main.js
index 0b59892..4742ad1 100644
--- a/hourglass/client/main/main.js
+++ b/hourglass/client/main/main.js
@@ -68,7 +68,7 @@ Template.registerHelper('myClasses', () => {
     		}
     		return array;
     	}
-})
+});
 
 Template.main.helpers({
     schoolName() {
@@ -402,4 +402,4 @@ function getHomeworkFormData() {
 
 function clearHomeworkForm() {
 	
-}
\ No newline at end of file
+}
diff --git a/hourglass/server/main.js b/hourglass/server/main.js
index d98afd7..0bfdaa4 100644
--- a/hourglass/server/main.js
+++ b/hourglass/server/main.js
@@ -160,9 +160,7 @@ Meteor.methods({
         }
     },
     'createWork': function(input) {
-        var ref = new Date();
-        var month = ref.getMonth + 1;
-        ref = new Date(ref.getFullYear() + "-" + month.toString() + "-" + ref.getDate()).getTime();
+        var ref = new Date().getTime();
         input.creator = Meteor.userId();
         work.schema.validate(input);
         var found = Meteor.findOne({
@@ -175,7 +173,7 @@ Meteor.methods({
             found.banned.indexOf(Meteor.userId()) === -1 &&
             found.blockEdit.indexOf(Meteor.userId()) === -1 &&
             input.dueDate.getTime() >= ref && worktype.indexOf(type) != -1 &&
-            input.name.length <= 50) {
+            input.name.length <= 50 && input.description.length <= 150) {
 
             input.confirmations = [Meteor.userId()];
             input.reports = [];
@@ -187,9 +185,7 @@ Meteor.methods({
 
     },
     'editWork': function(change) {
-        var ref = new Date();
-        var month = ref.getMonth + 1;
-        ref = new Date(ref.getFullYear() + "-" + month.toString() + "-" + ref.getDate()).getTime();
+        var ref = new Date().getTime();
 
         var currentclass = classes.findOne({
             _id: work.findOne({
@@ -204,7 +200,7 @@ Meteor.methods({
                 $set: change
             });
         } else if (authorized.indexOf(Meteor.userId()) != -1) {
-            if (change.name.length <= 50 && worktype.indexOf(type) != -1) {
+            if (change.name.length <= 50 && change.description.length <= 150 && worktype.indexOf(type) != -1) {
                 Meteor.update({
                     _id: change._id
                 }, {
@@ -213,7 +209,8 @@ Meteor.methods({
                         dueDate: change.dueDate,
                         comments: change.comments,
                         attachments: change.attachments,
-                        type: change.type
+                        type: change.type,
+                        description: change.description
                     }
                 });
             }