From 73506fd81d8d32c9df3e715406c64a9f1b5ef4fb Mon Sep 17 00:00:00 2001
From: bytedream <bytedream@protonmail.com>
Date: Sun, 5 Nov 2023 18:19:28 +0100
Subject: [PATCH] allow only valid reported uuids or null

---
 src/routes/report/+server.ts | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/routes/report/+server.ts b/src/routes/report/+server.ts
index 3981dba..889952c 100644
--- a/src/routes/report/+server.ts
+++ b/src/routes/report/+server.ts
@@ -13,9 +13,9 @@ export const POST = (async ({ request, url }) => {
 	if (data.reporter == null || data.reason == null) return new Response(null, { status: 400 });
 
 	const reporter = await User.findOne({ where: { uuid: data.reporter } });
-	const reported = data.reported ? await User.findOne({ where: { uuid: data.reported } }) : null;
+	const reported = data.reported ? await User.findOne({ where: { uuid: data.reported } }) : undefined;
 
-	if (reporter == null) return new Response(null, { status: 400 });
+	if (reporter == null || reported === null) return new Response(null, { status: 400 });
 
 	const report = await Report.create({
 		subject: data.reason,