big one

2022-01-06 18:46:09 +02:00 · 2022-01-06 18:46:09 +02:00 · 6b7e06f461
commit 6b7e06f461
parent a297930dc7
27 changed files with 87 additions and 157 deletions
--- a/files/assets/CHRISTMAS/js/default.js
+++ b/files/assets/CHRISTMAS/js/default.js
@ -303,7 +303,7 @@ messageModal.addEventListener('show.bs.modal', function (event) {
 	// Update the modal's content.
 	const modalTitle = messageModal.querySelector('.modal-title');
 	// Set our form's action
-	form.action = `/@${recipient}/message2`
+	form.action = `/@${recipient}/message`
 	// Set our modal header text
 	modalTitle.textContent = 'New message to ' + recipient

--- a/files/assets/images/emojis/etika.webp
+++ b/files/assets/images/emojis/etika.webp
--- a/files/assets/js/emoji_modal.js
+++ b/files/assets/js/emoji_modal.js
@ -882,7 +882,7 @@ const EMOJIS_STRINGS = [
 	},
 	{
 		type: 'misc',
-		emojis: ['sneed','retardedchildren','bruh','autism','doot','kylieface','queenyes','wholesomeseal','chadyescapy','gigachadglow','gigachadorthodox','gigachad','gigachad2','gigachad3']
+		emojis: ['etika','sneed','retardedchildren','bruh','autism','doot','kylieface','queenyes','wholesomeseal','chadyescapy','gigachadglow','gigachadorthodox','gigachad','gigachad2','gigachad3']
 	},
 ]

--- a/files/assets/js/userpage_v.js
+++ b/files/assets/js/userpage_v.js
@ -124,6 +124,8 @@ function transferBux(mobile=false) {
 }

 function submitFormAjax(e) {
+	document.getElementById('message').classList.add('d-none');
+	document.getElementById('message-mobile').classList.add('d-none');
 	const form = e.target;
 	const xhr = new XMLHttpRequest();

--- a/files/classes/user.py
+++ b/files/classes/user.py
@ -491,7 +491,7 @@ class User(Base):
 	def json_core(self):

 		now = int(time.time())
-		if self.is_banned and (not self.unban_utc or now < self.unban_utc):
+		if self.is_suspended:
 			return {'username': self.username,
 					'url': self.url,
 					'is_banned': True,
@ -545,7 +545,6 @@ class User(Base):


 	@property
-	@lazy
 	def is_suspended(self):
 		if self.unban_utc and self.unban_utc < time.time():
 			self.is_banned = 0
@ -553,7 +552,8 @@ class User(Base):
 			self.ban_evade = 0
 			g.db.add(self)
 			g.db.commit()
-		return (self.is_banned and (not self.unban_utc or self.unban_utc > time.time()))
+			return False
+		return (self.is_banned and (self.unban_utc == 0 or self.unban_utc > time.time()))


 	@property
--- a/files/helpers/alerts.py
+++ b/files/helpers/alerts.py
@ -89,7 +89,7 @@ def send_admin(vid, text):
 	g.db.add(new_comment)
 	g.db.flush()

-	admins = g.db.query(User).filter(User.admin_level > 0).all()
+	admins = g.db.query(User).filter(User.admin_level > 2).all()
 	for admin in admins:
 		notif = Notification(comment_id=new_comment.id, user_id=admin.id)
 		g.db.add(notif)
--- a/files/helpers/const.py
+++ b/files/helpers/const.py
@ -9,8 +9,8 @@ SITE_NAME = environ.get("SITE_NAME", '').strip()
 import json

 with open("files/assets/js/emoji_modal.js", 'r') as file:
-	text = file.read().split('emojis: ')[1].split('cops police"},')[0] + '"}}'
-	result = loads(text)
+	marseytext = file.read().split('emojis: ')[1].split('cops police"},')[0] + '"}}'
+	result = loads(marseytext)

 marseys = {}

--- a/files/helpers/wrappers.py
+++ b/files/helpers/wrappers.py
@ -28,7 +28,7 @@ def get_logged_in_user():
 		return v

 def check_ban_evade(v):
-	if v and not v.patron and v.ban_evade and v.admin_level == 0 and not v.is_suspended:
+	if v and not v.patron and v.admin_level == 0 and v.ban_evade and not v.unban_utc:
 		if random.randint(0,30) < v.ban_evade: v.shadowbanned = "AutoJanny"
 		else: v.ban_evade +=1
 		g.db.add(v)
@ -65,7 +65,7 @@ def auth_required(f):
 	return wrapper


-def is_not_banned(f):
+def is_not_permabanned(f):

 	def wrapper(*args, **kwargs):

@ -75,7 +75,8 @@ def is_not_banned(f):
 			
 		check_ban_evade(v)

-		if v.is_suspended: return {"error": "You can't perform this action while being banned."}, 403
+		if v.is_banned and v.unban_utc == 0:
+			return {"error": "Interal server error"}, 500

 		resp = make_response(f(*args, v=v, **kwargs))
 		return resp
--- a/files/routes/awards.py
+++ b/files/routes/awards.py
@ -186,8 +186,6 @@ def award_post(pid, v):

 	if v.shadowbanned: return render_template('errors/500.html', error=True, v=v), 500
 	
-	if v.is_banned and not v.unban_utc: return {"error": "forbidden."}, 403
-
 	kind = request.values.get("kind", "").strip()
 	
 	if kind not in AWARDS:
@ -351,8 +349,6 @@ def award_comment(cid, v):

 	if v.shadowbanned: return render_template('errors/500.html', error=True, v=v), 500

-	if v.is_suspended and v.unban_utc == 0: return {"error": "forbidden"}, 403
-
 	kind = request.values.get("kind", "").strip()

 	if kind not in AWARDS:
--- a/files/routes/comments.py
+++ b/files/routes/comments.py
@ -135,9 +135,11 @@ def post_pid_comment_cid(cid, pid=None, anything=None, v=None):
@app.post("/comment")
@limiter.limit("1/second")
@limiter.limit("6/minute")
-@is_not_banned
+@auth_required
@validate_formkey
 def api_comment(v):
+	if v.is_suspended: return {"error": "You can't perform this action while banned."}, 403
+
 	if v and v.patron:
 		if request.content_length > 8 * 1024 * 1024: return {"error":"Max file size is 8 MB."}, 413
 	elif request.content_length > 4 * 1024 * 1024: return {"error":"Max file size is 4 MB."}, 413
--- a/files/routes/discord.py
+++ b/files/routes/discord.py
@ -14,14 +14,13 @@ WELCOME_CHANNEL="846509313941700618"
 SITE_NAME = environ.get("SITE_NAME", "").strip()

@app.get("/discord")
-@auth_required
+@is_not_permabanned
 def join_discord(v):
 	
-	if v.is_banned and not v.unban_utc: return {"error": "Permabanned users cannot join the discord server!"}
+	if v.shadowbanned: return {"error": "Internal server error"}
 	
-	if SITE_NAME == 'Drama' and v.admin_level == 0 and v.patron == 0 and v.truecoins < 150: return f"You must receive 150 upvotes/downvotes from other users before being able to join the Discord server."
-	
-	if v.shadowbanned or v.agendaposter: return ""
+	if SITE_NAME == 'Drama' and v.admin_level == 0 and v.patron == 0 and v.truecoins < 150:
+		return f"You must receive 150 upvotes/downvotes from other users before being able to join the Discord server."

 	now=int(time.time())

--- a/files/routes/front.py
+++ b/files/routes/front.py
@ -129,8 +129,6 @@ def front_all(v):

 	if not v and request.path == "/" and not request.headers.get("Authorization"): return redirect(f"/logged_out{request.full_path}")

-	if v and v.is_banned and not v.unban_utc: return render_template('errors/500.html', error=True, v=v), 500
-
 	if v and request.path.startswith('/logged_out'): v = None

 	try: page = max(int(request.values.get("page", 1)), 1)
--- a/files/routes/oauth.py
+++ b/files/routes/oauth.py
@ -39,7 +39,7 @@ def authorize(v):

@app.post("/api_keys")
@limiter.limit("1/second")
-@is_not_banned
+@is_not_permabanned
@validate_formkey
 def request_api_keys(v):

@ -82,7 +82,7 @@ def delete_oauth_app(v, aid):

@app.post("/edit_app/<aid>")
@limiter.limit("1/second")
-@is_not_banned
+@is_not_permabanned
@validate_formkey
 def edit_oauth_app(v, aid):

--- a/files/routes/posts.py
+++ b/files/routes/posts.py
@ -715,9 +715,11 @@ def thumbnail_thread(pid):
@app.post("/submit")
@limiter.limit("1/second")
@limiter.limit("6/minute")
-@is_not_banned
+@auth_required
@validate_formkey
 def submit_post(v):
+	if v.is_suspended: return {"error": "You can't perform this action while banned."}, 403
+	
 	if v and v.patron:
 		if request.content_length > 8 * 1024 * 1024: return {"error": "Max file size is 8 MB."}, 413
 	elif request.content_length > 4 * 1024 * 1024: return {"error": "Max file size is 4 MB."}, 413
--- a/files/routes/settings.py
+++ b/files/routes/settings.py
@ -499,7 +499,8 @@ def gumroad(v):
 	if SITE_NAME == 'Drama': patron = 'Paypig'
 	else: patron = 'Patron'

-	if not (v.email and v.is_activated): return {"error": f"You must have a verified email to verify {patron} status and claim your rewards"}, 400
+	if not (v.email and v.is_activated):
+		return {"error": f"You must have a verified email to verify {patron} status and claim your rewards"}, 400

 	data = {'access_token': GUMROAD_TOKEN, 'email': v.email}
 	response = requests.get('https://api.gumroad.com/v2/sales', data=data).json()["sales"]
@ -624,7 +625,7 @@ def settings_security_post(v):
 									   v=v)
 				  )

-		return render_template("settings_security.html", v=v, error="Check your email and click the verification link to complete the email change.")
+		return render_template("settings_security.html", v=v, msg="Check your email and click the verification link to complete the email change.")

 	if request.values.get("2fa_token"):
 		if not v.verifyPass(request.values.get('password')):
@ -931,12 +932,10 @@ def settings_content_get(v):

@app.post("/settings/name_change")
@limiter.limit("1/second")
-@auth_required
+@is_not_permabanned
@validate_formkey
 def settings_name_change(v):

-	if v.is_banned and not v.unban_utc: return {"error": "forbidden."}, 403
-
 	new_name=request.values.get("name").strip()

 	if new_name==v.username:
--- a/files/routes/users.py
+++ b/files/routes/users.py
@ -140,7 +140,7 @@ def pay_rent(v):

@app.post("/steal")
@limiter.limit("1/second")
-@is_not_banned
+@auth_required
@validate_formkey
 def steal(v):
 	if int(time.time()) - v.created_utc < 604800:
@ -222,7 +222,7 @@ def get_coins(v, username):

@app.post("/@<username>/transfer_coins")
@limiter.limit("1/second")
-@is_not_banned
+@is_not_permabanned
@validate_formkey
 def transfer_coins(v, username):
 	receiver = g.db.query(User).filter_by(username=username).one_or_none()
@ -260,7 +260,7 @@ def transfer_coins(v, username):

@app.post("/@<username>/transfer_bux")
@limiter.limit("1/second")
-@is_not_banned
+@is_not_permabanned
@validate_formkey
 def transfer_bux(v, username):
 	receiver = g.db.query(User).filter_by(username=username).one_or_none()
@ -393,85 +393,16 @@ def reportbugs(v):
@app.post("/@<username>/message")
@limiter.limit("1/second")
@limiter.limit("10/hour")
-@auth_required
+@is_not_permabanned
@validate_formkey
 def message2(v, username):

 	user = get_user(username, v=v)
 	if hasattr(user, 'is_blocking') and user.is_blocking: return {"error": "You're blocking this user."}, 403

-	if v.admin_level <= 1 and hasattr(user, 'is_blocked') and user.is_blocked: return {"error": "This user is blocking you."}, 403
-
-	if v.is_banned and not v.unban_utc: return render_template('errors/500.html', error=True, v=v), 500
-
-	if v.shadowbanned: return redirect(f"/@{username}")
-
-	message = request.values.get("message", "").strip()[:1000].strip()
-
-	if 'linkedin.com' in message: return {"error": "this domain 'linkedin.com' is banned"}
-
-	message = re.sub('!\[\]\((.*?)\)', r'\1', message)
-
-	text_html = Renderer().render(mistletoe.Document(message))
-
-	text_html = sanitize(text_html, True)
-
-	existing = g.db.query(Comment.id).filter(Comment.author_id == v.id,
-															Comment.sentto == user.id,
-															Comment.body_html == text_html,
-															).first()
-	if existing: return redirect('/notifications?messages=true')
-
-	new_comment = Comment(author_id=v.id,
-						  parent_submission=None,
-						  level=1,
-						  sentto=user.id,
-						  body_html=text_html,
-						  )
-	g.db.add(new_comment)
-
-	g.db.flush()
-
-
-	notif = Notification(comment_id=new_comment.id, user_id=user.id)
-	g.db.add(notif)
-
-	
-	try:
-		beams_client.publish_to_interests(
-			interests=[str(user.id)],
-			publish_body={
-				'web': {
-					'notification': {
-						'title': f'New message from @{v.username}',
-						'body': message,
-						'deep_link': f'https://{site}/notifications',
-					},
-				},
-			},
-		)
-	except Exception as e:
-		print(e)
-
-	g.db.commit()
-
-	return redirect(f"/@{username}")
-
-@app.post("/@<username>/message2")
-@limiter.limit("1/second")
-@limiter.limit("10/hour")
-@auth_required
-@validate_formkey
-def message3(v, username):
-
-	user = get_user(username, v=v)
-	if hasattr(user, 'is_blocking') and user.is_blocking: return {"error": "You're blocking this user."}, 403
-
 	if v.admin_level <= 1 and hasattr(user, 'is_blocked') and user.is_blocked:
 		return {"error": "This user is blocking you."}, 403

-	if v.is_banned and not v.unban_utc: return {"error": "Internal server error"}, 500
-
 	if v.shadowbanned: return {"message": "Message sent!"}

 	message = request.values.get("message", "").strip()[:1000].strip()
@ -542,7 +473,9 @@ def messagereply(v):

 	id = int(request.values.get("parent_id"))
 	parent = get_comment(id, v=v)
-	user = parent.author
+	user_id = parent.author.id
+
+	if v.id == user_id: user_id = parent.sentto

 	text_html = Renderer().render(mistletoe.Document(message))
 	text_html = sanitize(text_html, True)
@ -551,13 +484,13 @@ def messagereply(v):
 							parent_submission=None,
 							parent_comment_id=id,
 							level=parent.level + 1,
-							sentto=user.id,
+							sentto=user_id,
 							body_html=text_html,
 							)
 	g.db.add(new_comment)
 	g.db.flush()

-	notif = Notification(comment_id=new_comment.id, user_id=user.id)
+	notif = Notification(comment_id=new_comment.id, user_id=user_id)
 	g.db.add(notif)

 	g.db.commit()
--- a/files/routes/votes.py
+++ b/files/routes/votes.py
@ -16,8 +16,6 @@ def admin_vote_info_get(v):
 	if not v or v.oldsite: template = ''
 	else: template = 'CHRISTMAS/'

-	if v and v.shadowbanned: return render_template('errors/500.html', error=True, v=v), 500
-
 	link = request.values.get("link")
 	if not link: return render_template(f"{template}votes.html", v=v)

@ -27,36 +25,43 @@ def admin_vote_info_get(v):
 		else: abort(400)
 	except: abort(400)

-	if thing.author.shadowbanned and not (v and v.admin_level): return render_template('errors/500.html', error=True, v=v), 500
-
 	if isinstance(thing, Submission):

+		if thing.author.shadowbanned and not (v and v.admin_level):
+			thing_id = g.db.query(Submission.id).filter_by(upvotes=thing.upvotes, downvotes=thing.downvotes).first()[0]
+		else: thing_id = thing.id
+
 		ups = g.db.query(Vote
 						 ).options(joinedload(Vote.user)
-								   ).filter_by(submission_id=thing.id, vote_type=1
+								   ).filter_by(submission_id=thing_id, vote_type=1
 											   ).order_by(Vote.id).all()

 		downs = g.db.query(Vote
 						   ).options(joinedload(Vote.user)
-									 ).filter_by(submission_id=thing.id, vote_type=-1
+									 ).filter_by(submission_id=thing_id, vote_type=-1
 												 ).order_by(Vote.id).all()

 	elif isinstance(thing, Comment):

+		if thing.author.shadowbanned and not (v and v.admin_level):
+			thing_id = g.db.query(Comment.id).filter_by(upvotes=thing.upvotes, downvotes=thing.downvotes).first()[0]
+		else: thing_id = thing.id
+
 		ups = g.db.query(CommentVote
 						 ).options(joinedload(CommentVote.user)
-								   ).filter_by(comment_id=thing.id, vote_type=1
+								   ).filter_by(comment_id=thing_id, vote_type=1
 											   ).order_by(CommentVote.id).all()

 		downs = g.db.query(CommentVote
 						   ).options(joinedload(CommentVote.user)
-									 ).filter_by(comment_id=thing.id, vote_type=-1
+									 ).filter_by(comment_id=thing_id, vote_type=-1
 												 ).order_by(CommentVote.id).all()

 	else: abort(400)

 	if not v or v.oldsite: template = ''
 	else: template = 'CHRISTMAS/'
+
 	return render_template(f"{template}votes.html",
 						   v=v,
 						   thing=thing,
@ -71,7 +76,7 @@ def admin_vote_info_get(v):
@validate_formkey
 def api_vote_post(post_id, new, v):

-	if v.is_banned and not v.unban_utc or new == "-1" and environ.get('DISABLE_DOWNVOTES') == '1': return {"error": "forbidden."}, 403
+	if new == "-1" and environ.get('DISABLE_DOWNVOTES') == '1': return {"error": "forbidden."}, 403

 	if new not in ["-1", "0", "1"]: abort(400)

@ -130,7 +135,7 @@ def api_vote_post(post_id, new, v):
@validate_formkey
 def api_vote_comment(comment_id, new, v):

-	if v.is_banned and not v.unban_utc or new == "-1" and environ.get('DISABLE_DOWNVOTES') == '1': return {"error": "forbidden."}, 403
+	if new == "-1" and environ.get('DISABLE_DOWNVOTES') == '1': return {"error": "forbidden."}, 403

 	if new not in ["-1", "0", "1"]: abort(400)

--- a/files/templates/CHRISTMAS/contact.html
+++ b/files/templates/CHRISTMAS/contact.html
@ -9,22 +9,22 @@

 <div class="col-span-full">

-	{% if request.values.get('error') or error %}
+	{% if error %}
 	<div class="alert alert-danger alert-dismissible fade show my-3" role="alert">
 		<i class="fas fa-exclamation-circle my-auto"></i>
 		<span>
-			{{error if error else request.values.get('error')}}
+			{{error}}
 		</span>
 		<button type="button" class="close" data-bs-dismiss="alert" aria-label="Close">
 			<span aria-hidden="true"><i class="far fa-times"></i></span>
 		</button>
 	</div>
 	{% endif %}
-	{% if request.values.get('msg') or msg %}
+	{% if msg %}
 	<div class="alert alert-success alert-dismissible fade show my-3" role="alert">
 		<i class="fas fa-check-circle my-auto" aria-hidden="true"></i>
 		<span>
-			{{msg if msg else request.values.get('msg')}}
+			{{msg}}
 		</span>
 		<button type="button" class="close" data-bs-dismiss="alert" aria-label="Close">
 			<span aria-hidden="true"><i class="far fa-times"></i></span>
--- a/files/templates/CHRISTMAS/default.html
+++ b/files/templates/CHRISTMAS/default.html
@ -357,7 +357,7 @@
 		}
 	</script>
 {% endif %}
-	<script src="/static/assets/CHRISTMAS/js/default.js?a=40"></script>
+	<script src="/static/assets/CHRISTMAS/js/default.js?a=41"></script>

 </body>
 </html>
--- a/files/templates/CHRISTMAS/settings.html
+++ b/files/templates/CHRISTMAS/settings.html
@ -237,6 +237,6 @@

 	{% endif %}

-	<script src="/assets/CHRISTMAS/js/default.js?a=40"></script>
+	<script src="/assets/CHRISTMAS/js/default.js?a=41"></script>
 </body>
 </html>
--- a/files/templates/contact.html
+++ b/files/templates/contact.html
@ -6,51 +6,44 @@
 {% endblock %}

 {% block content %}
-		{% if msg %}
+	
+	{% if msg %}
 		<div class="alert alert-success alert-dismissible fade show my-3" role="alert">
 			<i class="fas fa-check-circle my-auto" aria-hidden="true"></i>
 			<span>
-				{{msg if msg else request.values.get('msg')}}
+				{{msg}}
 			</span>
 			<button role="button" class="close" data-bs-dismiss="alert" aria-label="Close">
 				<span aria-hidden="true"><i class="far fa-times"></i></span>
 			</button>
 		</div>
-		{% endif %}
+	{% endif %}

-<h1 class="article-title">Contact {{'SITE_NAME' | app_config}} Admins</h1>
-{% if v and v.is_activated and not v.is_suspended %}
+	<h1 class="article-title">Contact {{'SITE_NAME' | app_config}} Admins</h1>

-<p>Use this form to contact {{'SITE_NAME' | app_config}} Admins.</p>
+	<p>Use this form to contact {{'SITE_NAME' | app_config}} Admins.</p>

-<label class="mt-3">Your Email</label>
-<input autocomplete="off" class="form-control" value="{{v.email}}" readonly="readonly" disabled>
+	<label class="mt-3">Your Email</label>
+	<input autocomplete="off" class="form-control" value="{{v.email}}" readonly="readonly" disabled>

-<form id="contactform" action="/contact" method="post">
+	<form id="contactform" action="/contact" method="post">

-<label for="input-message" class="mt-3">Your message</label>
-<textarea autocomplete="off" maxlength="10000" id="input-message" form="contactform" name="message" class="form-control" required></textarea>
+		<label for="input-message" class="mt-3">Your message</label>
+		<textarea autocomplete="off" maxlength="10000" id="input-message" form="contactform" name="message" class="form-control" required></textarea>
+		<input autocomplete="off" type="submit" value="Submit" class="btn btn-primary mt-3">

-<input autocomplete="off" type="submit" value="Submit" class="btn btn-primary mt-3">
+	</form>

-</form>
+	<pre>


-{% elif v %}
+	</pre>

-<p>Please <a {% if v and v.newtab and not g.webview %}target="_blank"{% endif %} href="/settings/security">verify your email address</a> in order to ensure we can respond to your message if needed. Then, refresh this page.</p>
+	<p>If you can see this line, we haven't been contacted by any law enforcement or governmental organizations in 2022 yet.</p>

-{% else %}
-
-<p>In order to ensure that we can respond to your message, please first <a href="/signup" {% if v and v.newtab and not g.webview %}target="_blank"{% endif %}>sign up</a> or <a href="/login" {% if v and v.newtab and not g.webview %}target="_blank"{% endif %}>log in</a> and make sure you have <a {% if v and v.newtab and not g.webview %}target="_blank"{% endif %} href="/settings/security">verified your email address</a>. Then, refresh this page.</p>
-
-{% endif %}
-
-<pre>
+	<pre>


-</pre>
-
-<p>If you can see this line, we haven't been contacted by any law enforcement or governmental organizations in 2022 yet.</p>
+	</pre>

 {% endblock %}
--- a/files/templates/default.html
+++ b/files/templates/default.html
@ -325,7 +325,7 @@
 {% if v %}
 	<script src="/static/assets/js/post_toast2.js?a=7"></script>
 	<script src="/static/assets/js/formatting.js?a=3"></script>
-	<script src="/static/assets/js/default.js?a=3"></script>
+	<script src="/static/assets/js/default.js?a=4"></script>
 {% endif %}

 <script src="/static/assets/js/lite-youtube.js?a=3"></script>
--- a/files/templates/emoji_modal.html
+++ b/files/templates/emoji_modal.html
@ -80,7 +80,7 @@
 	</div>
 </div>

-<script src="/static/assets/js/emoji_modal.js?a=21"></script>
+<script src="/static/assets/js/emoji_modal.js?a=22"></script>

 <style>
 	a.emojitab {
--- a/files/templates/message_success.html
+++ b/files/templates/message_success.html
@ -1,7 +1,7 @@
 {% extends "default.html" %}

 {% block title %}
-<title>{{title}}</title>
+	<title>{{title}}</title>
 {% endblock %}

 {% block pagetype %}message-success{% endblock %}
@ -11,7 +11,7 @@

 	<img loading="lazy" src="/static/assets/images/ruckus.webp" class="empty-state-img mb-3" alt="success state">
 	<div class="font-weight-bold text-muted mb-4">{{title}}</div>
-	<p class="text-muted">{{text}}</p>
+	<p class="text-muted">{{message}}</p>

 </div>
 {% endblock %}
--- a/files/templates/userpage.html
+++ b/files/templates/userpage.html
@ -172,7 +172,7 @@
 							{% endif %}
 						{% endif %}

-						<form class="d-none profile-toggleable" id="message" action="/@{{u.username}}/message2" onsubmit="submitFormAjax(event)">
+						<form class="d-none profile-toggleable" id="message" action="/@{{u.username}}/message" onsubmit="submitFormAjax(event)">
 							<input autocomplete="off" type="hidden" name="formkey" value="{{v.formkey}}"> 
 							<pre></pre>
 							<textarea autocomplete="off" id="input-message" form="message" name="message" rows="3" maxlength="1000" class="form-control b2" oninput="markdown('input-message', 'message-preview')" required></textarea>
@ -461,7 +461,7 @@
 						{% endif %}
 					{% endif %}

-					<form class="d-none profile-toggleable-mobile" id='message-mobile' action="/@{{u.username}}/message2" onsubmit="submitFormAjax(event)">
+					<form class="d-none profile-toggleable-mobile" id='message-mobile' action="/@{{u.username}}/message" onsubmit="submitFormAjax(event)">
 						<pre></pre>
 						<input autocomplete="off" type="hidden" name="formkey" value="{{v.formkey}}"> 
 						<textarea autocomplete="off" id="input-message-mobile" form="message-mobile" name="message" rows="3" maxlength="1000" class="form-control" oninput="markdown('input-message-mobile', 'message-preview-mobile')" required></textarea>
@ -692,7 +692,7 @@

 {% if v %}
 <div id='tax' class="d-none">{% if v.patron or u.patron or v.alts_patron or u.alts_patron %}0{% else %}0.03{% endif %}</div>
-<script src="/static/assets/js/userpage_v.js?a=6"></script>
+<script src="/static/assets/js/userpage_v.js?a=7"></script>
 <div id="username" class="d-none">{{u.username}}</div>
 {% endif %}

--- a/files/templates/userpage_comments.html
+++ b/files/templates/userpage_comments.html
@ -110,7 +110,7 @@

 {% if v %}
 <div id='tax' class="d-none">{% if v.patron or u.patron %}0{% else %}0.03{% endif %}</div>
-<script src="/static/assets/js/userpage_v.js?a=6"></script>
+<script src="/static/assets/js/userpage_v.js?a=7"></script>
 <div id="username" class="d-none">{{u.username}}</div>
 {% endif %}

--- a/files/templates/userpage_private.html
+++ b/files/templates/userpage_private.html
@ -44,7 +44,7 @@

 {% if v %}
 <div id='tax' class="d-none">{% if v.patron or u.patron %}0{% else %}0.03{% endif %}</div>
-<script src="/static/assets/js/userpage_v.js?a=6"></script>
+<script src="/static/assets/js/userpage_v.js?a=7"></script>
 <div id="username" class="d-none">{{u.username}}</div>
 {% endif %}