scriptbae
commented
7 years ago Some basic weak input validation is integrated into the rebuild of the management view client-side script which will be hooked into at a later time, once work gets underway to refine the UI some more and integrate warnings.
This precludes strong, server-side input-validation for the most part, which remains a requirement for this issue to be closed.
There's currently very little input validation being done server-side. For example, it's possible to submit an empty string when adding a course (as a professor); this will lead to an empty string being appended to the dropdown when attempting to fetch feedback (in addition to propagating to the student view). This should at the very least fail silently by being discarded by the server before a database hit.
Not immediately important or particularly high-priority, but it could add something nice to show off at the demo if there's time to implement before then.