skorotkiewicz/rDrama
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fsfs

Browse source
This commit is contained in:
Aevann1 2021-12-08 01:18:06 +02:00
parent c330497f34
commit 5ad255d124
6 changed files with 21 additions and 34 deletions
Download patch file Download diff file Expand all files Collapse all files

8
files/helpers/sanitize.py
View file

@ -254,11 +254,9 @@ def sanitize(sanitized, noimages=False):
return sanitized return sanitized
def filter_title(title): def filter_emojis_only(title):
title = title.strip()
title = title.replace("\n", "") title = title.replace('<','').replace('>','').replace("\n", "").replace("\r", "").replace("\t", "").strip()
title = title.replace("\r", "")
title = title.replace("\t", "")
title = bleach.clean(title, tags=[]) title = bleach.clean(title, tags=[])

6
files/routes/awards.py
View file

@ -6,7 +6,7 @@ from files.helpers.const import *
from files.classes.award import * from files.classes.award import *
from .front import frontlist from .front import frontlist
from flask import g, request from flask import g, request
from files.helpers.sanitize import filter_title from files.helpers.sanitize import filter_emojis_only
discounts = { discounts = {
69: 0.02, 69: 0.02,
@ -542,7 +542,7 @@ def award_post(pid, v):
elif kind == "flairlock": elif kind == "flairlock":
new_name = note[:100].replace("𒐪","") new_name = note[:100].replace("𒐪","")
author.customtitleplain = new_name author.customtitleplain = new_name
author.customtitle = filter_title(new_name) author.customtitle = filter_emojis_only(new_name)
if len(author.customtitle) > 1000: abort(403) if len(author.customtitle) > 1000: abort(403)
author.flairchanged = time.time() + 86400 author.flairchanged = time.time() + 86400
elif kind == "pause": elif kind == "pause":
@ -696,7 +696,7 @@ def award_comment(cid, v):
elif kind == "flairlock": elif kind == "flairlock":
new_name = note[:100].replace("𒐪","") new_name = note[:100].replace("𒐪","")
author.customtitleplain = new_name author.customtitleplain = new_name
author.customtitle = filter_title(new_name) author.customtitle = filter_emojis_only(new_name)
if len(author.customtitle) > 1000: abort(403) if len(author.customtitle) > 1000: abort(403)
author.flairchanged = time.time() + 86400 author.flairchanged = time.time() + 86400
elif kind == "pause": elif kind == "pause":

6
files/routes/comments.py
View file

@ -9,7 +9,7 @@ from files.routes.front import comment_idlist
from pusher_push_notifications import PushNotifications from pusher_push_notifications import PushNotifications
from flask import * from flask import *
from files.__main__ import app, limiter from files.__main__ import app, limiter
from files.helpers.sanitize import filter_title from files.helpers.sanitize import filter_emojis_only
site = environ.get("DOMAIN").strip() site = environ.get("DOMAIN").strip()
if site == 'pcmemes.net': cc = "SPLASH MOUNTAIN" if site == 'pcmemes.net': cc = "SPLASH MOUNTAIN"
@ -297,7 +297,7 @@ def api_comment(v):
parent_submission=parent_submission, parent_submission=parent_submission,
parent_comment_id=c.id, parent_comment_id=c.id,
level=level+1, level=level+1,
body_html=filter_title(option), body_html=filter_emojis_only(option),
upvotes=0 upvotes=0
) )
@ -657,7 +657,7 @@ def edit_comment(cid, v):
parent_submission=c.parent_submission, parent_submission=c.parent_submission,
parent_comment_id=c.id, parent_comment_id=c.id,
level=c.level+1, level=c.level+1,
body_html=filter_title(i.group(1)), body_html=filter_emojis_only(i.group(1)),
upvotes=0 upvotes=0
) )
g.db.add(c_option) g.db.add(c_option)

8
files/routes/posts.py
View file

@ -372,7 +372,7 @@ def edit_post(pid, v):
title = title.replace('I ', f'@{v.username} ') title = title.replace('I ', f'@{v.username} ')
title = censor_slurs2(title).upper().replace(' ME ', f' @{v.username} ') title = censor_slurs2(title).upper().replace(' ME ', f' @{v.username} ')
title_html = filter_title(title) title_html = filter_emojis_only(title)
if v.marseyawarded and len(list(re.finditer('>[^<\s+]|[^>\s+]<', title_html))) > 0: return {"error":"You can only type marseys!"}, 403 if v.marseyawarded and len(list(re.finditer('>[^<\s+]|[^>\s+]<', title_html))) > 0: return {"error":"You can only type marseys!"}, 403
p.title = title p.title = title
p.title_html = title_html p.title_html = title_html
@ -402,7 +402,7 @@ def edit_post(pid, v):
c = Comment(author_id=AUTOPOLLER_ID, c = Comment(author_id=AUTOPOLLER_ID,
parent_submission=p.id, parent_submission=p.id,
level=1, level=1,
body_html=filter_title(i.group(1)), body_html=filter_emojis_only(i.group(1)),
upvotes=0 upvotes=0
) )
g.db.add(c) g.db.add(c)
@ -681,7 +681,7 @@ def submit_post(v):
title = title.replace('I ', f'@{v.username} ') title = title.replace('I ', f'@{v.username} ')
title = censor_slurs2(title).upper().replace(' ME ', f' @{v.username} ') title = censor_slurs2(title).upper().replace(' ME ', f' @{v.username} ')
title_html = filter_title(title) title_html = filter_emojis_only(title)
body = request.values.get("body", "").strip() body = request.values.get("body", "").strip()
if v.marseyawarded and len(list(re.finditer('>[^<\s+]|[^>\s+]<', title_html))) > 0: return {"error":"You can only type marseys!"}, 40 if v.marseyawarded and len(list(re.finditer('>[^<\s+]|[^>\s+]<', title_html))) > 0: return {"error":"You can only type marseys!"}, 40
@ -921,7 +921,7 @@ def submit_post(v):
c = Comment(author_id=AUTOPOLLER_ID, c = Comment(author_id=AUTOPOLLER_ID,
parent_submission=new_post.id, parent_submission=new_post.id,
level=1, level=1,
body_html=filter_title(option), body_html=filter_emojis_only(option),
upvotes=0 upvotes=0
) )

23
files/routes/reporting.py
View file

@ -3,6 +3,7 @@ from files.helpers.get import *
from flask import g from flask import g
from files.__main__ import app, limiter from files.__main__ import app, limiter
from os import path from os import path
from files.helpers.sanitize import filter_emojis_only
@app.post("/report/post/<pid>") @app.post("/report/post/<pid>")
@limiter.limit("1/second") @limiter.limit("1/second")
@ -13,15 +14,12 @@ def api_flag_post(pid, v):
if not v.shadowbanned: if not v.shadowbanned:
reason = request.values.get("reason", "").strip()[:100] reason = request.values.get("reason", "").strip()[:100]
if "<" in reason: return {"error": f"Reasons can't contain <"}
if not reason.startswith('!'): if not reason.startswith('!'):
existing = g.db.query(Flag.id).filter_by(user_id=v.id, post_id=post.id).first() existing = g.db.query(Flag.id).filter_by(user_id=v.id, post_id=post.id).first()
if existing: return "", 409 if existing: return "", 409
for i in re.finditer(':(.{1,30}?):', reason): reason = filter_emojis_only(reason)
if path.isfile(f'./files/assets/images/emojis/{i.group(1)}.webp'):
reason = reason.replace(f':{i.group(1)}:', f'<img loading="lazy" data-bs-toggle="tooltip" alt=":{i.group(1)}:" title=":{i.group(1)}:" delay="0" height=20 src="https://{site}/assets/images/emojis/{i.group(1)}.webp">')
if len(reason) > 350: return {"error": f"Too long."} if len(reason) > 350: return {"error": f"Too long."}
@ -45,26 +43,17 @@ def api_flag_comment(cid, v):
comment = get_comment(cid) comment = get_comment(cid)
if not v.shadowbanned: if not v.shadowbanned:
existing = g.db.query(CommentFlag.id).filter_by( existing = g.db.query(CommentFlag.id).filter_by( user_id=v.id, comment_id=comment.id).first()
user_id=v.id, comment_id=comment.id).first()
if existing: return "", 409 if existing: return "", 409
reason = request.values.get("reason", "").strip()[:100]
if "<" in reason: return {"error": f"Reasons can't contain <"}
for i in re.finditer(':(.{1,30}?):', reason): reason = request.values.get("reason", "").strip()[:100]
if path.isfile(f'./files/assets/images/emojis/{i.group(1)}.webp'): reason = filter_emojis_only(reason)
reason = reason.replace(f':{i.group(1)}:', f'<img loading="lazy" data-bs-toggle="tooltip" alt=":{i.group(1)}:" title=":{i.group(1)}:" delay="0" height=20 src="https://{site}/assets/images/emojis/{i.group(1)}.webp">')
if len(reason) > 350: return {"error": f"Too long."} if len(reason) > 350: return {"error": f"Too long."}
flag = CommentFlag(comment_id=comment.id, flag = CommentFlag(comment_id=comment.id, user_id=v.id, reason=reason)
user_id=v.id,
reason=reason,
)
g.db.add(flag) g.db.add(flag)
g.db.commit() g.db.commit()
return {"message": "Comment reported!"} return {"message": "Comment reported!"}

4
files/routes/settings.py
View file

@ -10,7 +10,7 @@ from files.__main__ import app, cache, limiter
import youtube_dl import youtube_dl
from .front import frontlist from .front import frontlist
import os import os
from files.helpers.sanitize import filter_title from files.helpers.sanitize import filter_emojis_only
from files.helpers.discord import add_role from files.helpers.discord import add_role
from shutil import copyfile from shutil import copyfile
import requests import requests
@ -1074,7 +1074,7 @@ def settings_title_change(v):
v.customtitleplain = new_name v.customtitleplain = new_name
v.customtitle = filter_title(new_name) v.customtitle = filter_emojis_only(new_name)
if len(v.customtitle) < 1000: if len(v.customtitle) < 1000:
g.db.add(v) g.db.add(v)