From 12a77a8e9897ab0956cf9020a00470bd310bb2a0 Mon Sep 17 00:00:00 2001
From: emkael <emkael@tlen.pl>
Date: Fri, 18 Jan 2019 21:30:04 +0100
Subject: Parameter sanitation for manual cutoff

---
 api.php | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/api.php b/api.php
index 27248ba..bccd5d3 100644
--- a/api.php
+++ b/api.php
@@ -127,6 +127,25 @@ function parse_parameters($parameters) {
     if ($return['points_cutoffs'][count($return['points_cutoffs'])-1][1] != 0.0) {
         array_push($return['points_cutoffs'], array(1.0, 0.0));
     }
+    foreach ($return['points_cutoffs'] as $cutoff) {
+        if (($cutoff[0] < 0.0) || ($cutoff[0] > 1.0)) {
+            throw new ParametersException('Cutoff points need to be between 0.0 and 1.0: ' . $cutoff[0]);
+        }
+        if (($cutoff[1] < 0.0) || ($cutoff[1] > 1.0)) {
+            throw new ParametersException('Cutoff values need to be between 1.0 and 0.0: ' . $cutoff[1]);
+        }
+    }
+    for ($prev = 0; $prev < count($return['points_cutoffs']) - 1; $prev++) {
+        $next = $prev + 1;
+        if ($return['points_cutoffs'][$prev][0] >= $return['points_cutoffs'][$next][0]) {
+            throw new ParametersException(
+            'Cutoff points need to be ascending: ' . $return['points_cutoffs'][$prev][0] . ', ' . $return['points_cutoffs'][$next][0]);
+        }
+        if ($return['points_cutoffs'][$prev][1] < $return['points_cutoffs'][$next][1]) {
+            throw new ParametersException(
+            'Cutoff values need to be non-ascending: ' . $return['points_cutoffs'][$prev][1] . ', ' . $return['points_cutoffs'][$next][1]);
+        }
+    }
     return $return;
 }
 
-- 
cgit v1.2.3