From 6231a743ea1f1dcd572358b966b33d3e7613a676 Mon Sep 17 00:00:00 2001
From: Yaman Qalieh <ybq987@gmail.com>
Date: Wed, 17 Aug 2016 18:52:38 -0400
Subject: [PATCH] upped security on joinPrivateClass

---
 hourglass/server/main.js | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/hourglass/server/main.js b/hourglass/server/main.js
index 267c81f..eed02a4 100644
--- a/hourglass/server/main.js
+++ b/hourglass/server/main.js
@@ -415,9 +415,13 @@ Meteor.methods({
         }
     },
     'joinPrivateClass': function(input) {
+        input.status = true;
+        input.privacy = true;
         var found = classes.findOne(input);
-        if (found !== undefined && input.code !== undefined) {
-            current = Meteor.user().profile;
+        current = Meteor.user().profile;
+        if (found !== undefined && input.code !== undefined &&
+            current.classes.indexOf(found._id) === -1) {
+            classes.update({_id: found._id}, {$set: {subscribers: found.subscribers + 1}});
             current.concat(found._id);
             Meteor.users.update({_id: Meteor.userId()}, {$set: {profile: current}});
         }