From 5509596df86713b22329d6bb78eb99579db5fded Mon Sep 17 00:00:00 2001
From: multipleof4 <planetrenox@protonmail.com>
Date: Fri, 21 Nov 2025 12:47:04 -0800
Subject: [PATCH] Fix: Prevent users from updating seized links

---
 functions/api/links/update.js | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/functions/api/links/update.js b/functions/api/links/update.js
index 9e8437d..962a042 100644
--- a/functions/api/links/update.js
+++ b/functions/api/links/update.js
@@ -47,6 +47,11 @@ export async function onRequestPost({ request, env }) {
     if (!Array.isArray(slugs) || !slugs.includes(slug))
       return new Response("Unauthorized",{ status:403 });
 
+    // Check if seized
+    const current = await env.KV_EV.get(slug);
+    if (current?.startsWith('🚫'))
+      return new Response("This link has been seized and cannot be updated.", { status: 403 });
+
     let url = destination_url.startsWith("http")
       ? destination_url
       : `https://${destination_url}`;
@@ -72,3 +77,4 @@ export async function onRequestPost({ request, env }) {
     return new Response(e.message,{ status:500 });
   }
 }
+