diff --git a/app.py b/app.py
index 8a78623..cd55ffa 100644
--- a/app.py
+++ b/app.py
@@ -78,28 +78,32 @@ def buy():
         if stock == None:
             return apology("Symbol not found")
 
-        if shares:
-            transaction_value = float(shares) * stock["price"]
+        if not shares or shares.isalpha() or not float(shares).is_integer():
+            return apology("invalid shares")
 
-            user_id = session["user_id"]
-            user_cash_db = db.execute("SELECT cash FROM users WHERE id = ?", user_id)
-            user_cash = user_cash_db[0]["cash"]
-
-            if user_cash < transaction_value:
-                return apology("U broke, m8!")
-
-            free_cash = user_cash - transaction_value
-
-            db.execute("UPDATE users SET cash = ? WHERE id = ?", free_cash, user_id)
-
-            date = datetime.datetime.now()
-
-            db.execute("INSERT INTO transactions (user_id, symbol, shares, price, date) VALUES (?, ?, ?, ?, ?)",
-                       user_id, stock["symbol"], shares, stock["price"], date)
-
-            flash("Bought!")
         else:
-            return apology("Missing shares", 400)
+            if float(shares) > 0:
+                transaction_value = float(shares) * stock["price"]
+
+                user_id = session["user_id"]
+                user_cash_db = db.execute("SELECT cash FROM users WHERE id = ?", user_id)
+                user_cash = user_cash_db[0]["cash"]
+
+                if user_cash < transaction_value:
+                    return apology("U broke, m8!")
+
+                free_cash = user_cash - transaction_value
+
+                db.execute("UPDATE users SET cash = ? WHERE id = ?", free_cash, user_id)
+
+                date = datetime.datetime.now()
+
+                db.execute("INSERT INTO transactions (user_id, symbol, shares, price, date) VALUES (?, ?, ?, ?, ?)",
+                        user_id, stock["symbol"], shares, stock["price"], date)
+
+                flash("Bought!")
+            else:
+                return apology("Missing shares", 400)
 
         return redirect("/")
     # return apology("TODO")
diff --git a/finance.db b/finance.db
index d338736..82ffe12 100644
Binary files a/finance.db and b/finance.db differ
diff --git a/flask_session/16fa13c5890feb947b5d5c907cfedf5b b/flask_session/16fa13c5890feb947b5d5c907cfedf5b
index 7faa085..4a8ac51 100644
Binary files a/flask_session/16fa13c5890feb947b5d5c907cfedf5b and b/flask_session/16fa13c5890feb947b5d5c907cfedf5b differ
diff --git a/templates/buy.html b/templates/buy.html
index 2659c6e..b34ebb5 100644
--- a/templates/buy.html
+++ b/templates/buy.html
@@ -10,7 +10,7 @@
             <input class="form-control mx-auto w-auto" autocomplete="off" autofocus="" name="symbol" placeholder="Symbol" type="text">
         </div>
         <div class="mb-3">
-            <input class="form-control mx-auto w-auto" autocomplete="off" autofocus min="1" name="shares" placeholder="Shares" type="number">
+            <input class="form-control mx-auto w-auto" autocomplete="off" autofocus min="1" name="shares" placeholder="Shares" type="text">
         </div>
         <button class="btn btn-primary" type="submit">Buy</button>
     </form>
