From 61dc667705c3b113fb583856297a1954109826ef Mon Sep 17 00:00:00 2001
From: purerosefallen <78877@qq.com>
Date: Wed, 6 May 2020 21:05:55 +0800
Subject: [PATCH 1/3] fix /api/preview

---
 app.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/app.py b/app.py
index 4519357..b11d4fc 100644
--- a/app.py
+++ b/app.py
@@ -343,6 +343,7 @@ def route_api_preview():
     if not song_id or not re.match('^[0-9]+$', song_id):
         abort(400)
 
+    song_id = int(song_id)
     song = db.songs.find_one({'id': song_id})
     if not song:
         abort(400)

From 6a93ad273553b37be9cc0ac573d38ec7e7dc5445 Mon Sep 17 00:00:00 2001
From: purerosefallen <78877@qq.com>
Date: Wed, 6 May 2020 21:12:49 +0800
Subject: [PATCH 2/3] byte limit

---
 app.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app.py b/app.py
index b11d4fc..f79cd2a 100644
--- a/app.py
+++ b/app.py
@@ -340,7 +340,7 @@ def route_admin_songs_id_delete(id):
 @app.cache.cached(timeout=15, query_string=True)
 def route_api_preview():
     song_id = request.args.get('id', None)
-    if not song_id or not re.match('^[0-9]+$', song_id):
+    if not song_id or not re.match('^[0-9]{1,9}}$', song_id):
         abort(400)
 
     song_id = int(song_id)

From 992a44be3668f7d9f97382628cc74825d6277529 Mon Sep 17 00:00:00 2001
From: purerosefallen <78877@qq.com>
Date: Wed, 6 May 2020 21:13:24 +0800
Subject: [PATCH 3/3] typo

---
 app.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app.py b/app.py
index f79cd2a..bc43992 100644
--- a/app.py
+++ b/app.py
@@ -340,7 +340,7 @@ def route_admin_songs_id_delete(id):
 @app.cache.cached(timeout=15, query_string=True)
 def route_api_preview():
     song_id = request.args.get('id', None)
-    if not song_id or not re.match('^[0-9]{1,9}}$', song_id):
+    if not song_id or not re.match('^[0-9]{1,9}$', song_id):
         abort(400)
 
     song_id = int(song_id)