From 213e75467383dd29a693fcb0e5b736f8f7cd4b2d Mon Sep 17 00:00:00 2001
From: Cal Corum <calcorum@users.noreply.github.com>
Date: Thu, 11 Dec 2025 19:10:21 -0600
Subject: [PATCH] Add input validation for help command name and category
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The help command creation modal was accepting names with spaces and
special characters (e.g., "scorecard links"), which passed to the API
but caused Pydantic validation errors when reading the records back.

Changes:
- Add regex validation in modal on_submit for topic name and category
- Only allow lowercase letters, numbers, dashes, and underscores
- Show clear error messages with valid examples when validation fails
- Normalize name/category to lowercase before storing

This prevents invalid records from being created in the database.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
---
 views/help_commands.py | 36 ++++++++++++++++++++++++++++++++++--
 1 file changed, 34 insertions(+), 2 deletions(-)

diff --git a/views/help_commands.py b/views/help_commands.py
index b4c6493..b836319 100644
--- a/views/help_commands.py
+++ b/views/help_commands.py
@@ -59,12 +59,44 @@ class HelpCommandCreateModal(BaseModal):
 
     async def on_submit(self, interaction: discord.Interaction):
         """Handle form submission."""
+        import re
+
+        # Validate topic name format
+        name = self.topic_name.value.strip().lower()
+        if not re.match(r'^[a-z0-9_-]+$', name):
+            embed = EmbedTemplate.error(
+                title="Invalid Topic Name",
+                description=(
+                    f"Topic name `{self.topic_name.value}` contains invalid characters.\n\n"
+                    "**Allowed:** lowercase letters, numbers, dashes, and underscores only.\n"
+                    "**Examples:** `trading-rules`, `how_to_draft`, `faq1`\n\n"
+                    "Please try again with a valid name."
+                )
+            )
+            await interaction.response.send_message(embed=embed, ephemeral=True)
+            return
+
+        # Validate category format if provided
+        category = self.topic_category.value.strip().lower() if self.topic_category.value else None
+        if category and not re.match(r'^[a-z0-9_-]+$', category):
+            embed = EmbedTemplate.error(
+                title="Invalid Category",
+                description=(
+                    f"Category `{self.topic_category.value}` contains invalid characters.\n\n"
+                    "**Allowed:** lowercase letters, numbers, dashes, and underscores only.\n"
+                    "**Examples:** `rules`, `guides`, `faq`\n\n"
+                    "Please try again with a valid category."
+                )
+            )
+            await interaction.response.send_message(embed=embed, ephemeral=True)
+            return
+
         # Store results
         self.result = {
-            'name': self.topic_name.value.strip(),
+            'name': name,
             'title': self.topic_title.value.strip(),
             'content': self.topic_content.value.strip(),
-            'category': self.topic_category.value.strip() if self.topic_category.value else None
+            'category': category
         }
 
         self.is_submitted = True