sfdsdf

2021-12-20 16:56:47 +02:00 · 2021-12-20 16:56:47 +02:00 · 736f7c26d4
commit 736f7c26d4
parent b39650d5fd
10 changed files with 8 additions and 9 deletions
--- a/files/assets/images/badges/patron-1.webp
+++ b/files/assets/images/badges/patron-1.webp
--- a/files/assets/images/badges/patron-2.webp
+++ b/files/assets/images/badges/patron-2.webp
--- a/files/assets/images/badges/patron-3.webp
+++ b/files/assets/images/badges/patron-3.webp
--- a/files/assets/images/badges/patron-4.webp
+++ b/files/assets/images/badges/patron-4.webp
--- a/files/assets/images/badges/patron-5.webp
+++ b/files/assets/images/badges/patron-5.webp
--- a/files/assets/images/badges/Unpausable.webp
+++ b/files/assets/images/badges/Unpausable.webp
--- a/files/assets/images/badges/unpausable.webp
+++ b/files/assets/images/badges/unpausable.webp
--- a/files/mail/init.py
+++ b/files/mail/init.py
@ -55,7 +55,7 @@ def api_verify_email(v):
@auth_desired
 def activate(v):
-	email = request.values.get("email", "").strip()
+	email = request.values.get("email", "").strip().lower()
 	id = request.values.get("id", "").strip()
 	timestamp = int(request.values.get("time", "0"))
 	token = request.values.get("token", "").strip()
--- a/files/routes/login.py
+++ b/files/routes/login.py
@ -278,8 +278,7 @@ def sign_up_post(v):
 	if not re.fullmatch(valid_password_regex, request.values.get("password")):
 		return new_signup("Password must be between 8 and 100 characters.")
-	email = request.values.get("email")
+	email = request.values.get("email").strip().lower()
 	email = email.strip()
 	if email.endswith("@gmail.com"):
 		email=email.split('@')[0]
@ -377,7 +376,7 @@ def get_forgot():
 def post_forgot():
 	username = request.values.get("username").lstrip('@')
-	email = request.values.get("email",'').strip()
+	email = request.values.get("email",'').strip().lower()
 	email=email.replace("_","\_")
@ -514,7 +513,7 @@ def request_2fa_disable():
 						   message="If username, password, and email match, we will send you an email.")
-	email=request.values.get("email")
+	email=request.values.get("email").strip().lower()
 	if email != user.email and email.endswith("@gmail.com"):
 		email=email.split('@')[0]
 		email=email.split('+')[0]
--- a/files/routes/settings.py
+++ b/files/routes/settings.py
@ -48,7 +48,7 @@ def sex(v):
 			email=email.split('+')[0]
 			email=email.replace('.','').replace('_','')
 			email=f"{email}@gmail.com"
-		emails.append(email)
+		emails.append(email.lower())
 	users = g.db.query(User).filter(User.patron > 0, User.patron < 5, User.email != None).all()
 	for u in users:
@ -548,7 +548,7 @@ def gumroad(v):
 			email=email.split('+')[0]
 			email=email.replace('.','').replace('_','')
 			email=f"{email}@gmail.com"
-		emails.append(email)
+		emails.append(email.lower())
 	if v.email.lower() not in emails: return {"error": "Email not found"}, 404
@ -561,7 +561,7 @@ def gumroad(v):
 	if existing: return {"error": f"{patron} rewards already claimed on another account"}, 400
 	if v.patron:
-		badge = v.has_badge(20+tier)
+		badge = v.has_badge(20+v.patron)
 		if badge: g.db.delete(badge)
 	v.patron = tier
@ -655,7 +655,7 @@ def settings_security_post(v):
 			return redirect("/settings/security?error=" +
 							escape("Invalid password."))
-		new_email = request.values.get("new_email","").strip()
+		new_email = request.values.get("new_email","").strip().lower()
 		if new_email.endswith("@gmail.com"):
 			new_email=new_email.split('@')[0]