skorotkiewicz/rDrama
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fggf

Browse source
This commit is contained in:
Aevann1 2021-08-15 05:17:45 +02:00
parent 45f09257ee
commit a086e33ed1
4 changed files with 31 additions and 22 deletions
Download patch file Download diff file Expand all files Collapse all files

6
files/helpers/sanitize.py
View file

@ -107,7 +107,7 @@ _clean_w_links = bleach.Cleaner(tags=_allowed_tags,
) )
def sanitize(text, linkgen=False, flair=False): def sanitize(text, linkgen=False):
text = text.replace("\ufeff", "").replace("m.youtube.com", "youtube.com") text = text.replace("\ufeff", "").replace("m.youtube.com", "youtube.com")
@ -181,11 +181,9 @@ def sanitize(text, linkgen=False, flair=False):
if path.isfile(f'./files/assets/images/emojis/{i.group(1)}.gif'): if path.isfile(f'./files/assets/images/emojis/{i.group(1)}.gif'):
sanitized = sanitized.replace(f'<p>:{i.group(1)}:</p>', f'<p><img data-toggle="tooltip" title="{i.group(1)}" delay="0" height=60 src="https://{site}/assets/images/emojis/{i.group(1)}.gif"</p>') sanitized = sanitized.replace(f'<p>:{i.group(1)}:</p>', f'<p><img data-toggle="tooltip" title="{i.group(1)}" delay="0" height=60 src="https://{site}/assets/images/emojis/{i.group(1)}.gif"</p>')
if flair: emojisize = 20
else: emojisize = 30
for i in re.finditer(':(.{1,30}?):', sanitized): for i in re.finditer(':(.{1,30}?):', sanitized):
if path.isfile(f'./files/assets/images/emojis/{i.group(1)}.gif'): if path.isfile(f'./files/assets/images/emojis/{i.group(1)}.gif'):
sanitized = sanitized.replace(f':{i.group(1)}:', f'<img data-toggle="tooltip" title="{i.group(1)}" delay="0" height={emojisize} src="https://{site}/assets/images/emojis/{i.group(1)}.gif"<span>') sanitized = sanitized.replace(f':{i.group(1)}:', f'<img data-toggle="tooltip" title="{i.group(1)}" delay="0" height=30 src="https://{site}/assets/images/emojis/{i.group(1)}.gif"<span>')
sanitized = sanitized.replace("https://www.", "https://").replace("https://youtu.be/", "https://youtube.com/embed/").replace("https://music.youtube.com/watch?v=", "https://youtube.com/embed/").replace("/watch?v=", "/embed/").replace("https://open.spotify.com/", "https://open.spotify.com/embed/").replace("https://streamable.com/", "https://streamable.com/e/").replace("https://youtube.com/shorts/", "https://youtube.com/embed/") sanitized = sanitized.replace("https://www.", "https://").replace("https://youtu.be/", "https://youtube.com/embed/").replace("https://music.youtube.com/watch?v=", "https://youtube.com/embed/").replace("/watch?v=", "/embed/").replace("https://open.spotify.com/", "https://open.spotify.com/embed/").replace("https://streamable.com/", "https://streamable.com/e/").replace("https://youtube.com/shorts/", "https://youtube.com/embed/")

18
files/routes/flagging.py
View file

@ -3,6 +3,7 @@ from files.helpers.get import *
from flask import g from flask import g
from files.__main__ import app from files.__main__ import app
from files.helpers.sanitize import sanitize from files.helpers.sanitize import sanitize
from os import path
@app.post("/flag/post/<pid>") @app.post("/flag/post/<pid>")
@auth_desired @auth_desired
@ -14,7 +15,12 @@ def api_flag_post(pid, v):
existing = g.db.query(Flag).filter_by(user_id=v.id, post_id=post.id).first() existing = g.db.query(Flag).filter_by(user_id=v.id, post_id=post.id).first()
if existing: return "", 409 if existing: return "", 409
reason = sanitize(request.form.get("reason", "").strip()[:100], flair=True)
reason = request.form.get("reason", "").strip()[:100]
for i in re.finditer(':(.{1,30}?):', reason):
if path.isfile(f'./files/assets/images/emojis/{i.group(1)}.gif'):
reason = reason.replace(f':{i.group(1)}:', f'<img data-toggle="tooltip" title="{i.group(1)}" delay="0" height=20 src="https://{site}/assets/images/emojis/{i.group(1)}.gif"<span>')
flag = Flag(post_id=post.id, flag = Flag(post_id=post.id,
user_id=v.id, user_id=v.id,
@ -38,11 +44,11 @@ def api_flag_comment(cid, v):
user_id=v.id, comment_id=comment.id).first() user_id=v.id, comment_id=comment.id).first()
if existing: return "", 409 if existing: return "", 409
reason = sanitize(request.form.get("reason", "")[:100].strip(), flair=True) reason = request.form.get("reason", "").strip()[:100]
flag = CommentFlag(comment_id=comment.id,
user_id=v.id, for i in re.finditer(':(.{1,30}?):', reason):
reason=reason, if path.isfile(f'./files/assets/images/emojis/{i.group(1)}.gif'):
) reason = reason.replace(f':{i.group(1)}:', f'<img data-toggle="tooltip" title="{i.group(1)}" delay="0" height=20 src="https://{site}/assets/images/emojis/{i.group(1)}.gif"<span>')
g.db.add(flag) g.db.add(flag)

14
files/routes/posts.py
View file

@ -288,7 +288,12 @@ def edit_post(pid, v):
p.body_html = body_html p.body_html = body_html
title = request.form.get("title") title = request.form.get("title")
p.title = title p.title = title
p.title_html = sanitize(title, flair=True)
for i in re.finditer(':(.{1,30}?):', title):
if path.isfile(f'./files/assets/images/emojis/{i.group(1)}.gif'):
title = title.replace(f':{i.group(1)}:', f'<img data-toggle="tooltip" title="{i.group(1)}" delay="0" height=30 src="https://{site}/assets/images/emojis/{i.group(1)}.gif"<span>')
p.title_html = title
if int(time.time()) - p.created_utc > 60 * 3: p.edited_utc = int(time.time()) if int(time.time()) - p.created_utc > 60 * 3: p.edited_utc = int(time.time())
g.db.add(p) g.db.add(p)
@ -772,7 +777,12 @@ def submit_post(v):
if url.startswith("https://streamable.com/") and not url.startswith("https://streamable.com/e/"): if url.startswith("https://streamable.com/") and not url.startswith("https://streamable.com/e/"):
url = url.replace("https://streamable.com/", "https://streamable.com/e/") url = url.replace("https://streamable.com/", "https://streamable.com/e/")
title_html = sanitize(title, linkgen=True, flair=True)
for i in re.finditer(':(.{1,30}?):', title):
if path.isfile(f'./files/assets/images/emojis/{i.group(1)}.gif'):
title = title.replace(f':{i.group(1)}:', f'<img data-toggle="tooltip" title="{i.group(1)}" delay="0" height=20 src="https://{site}/assets/images/emojis/{i.group(1)}.gif"<span>')
title_html = title
new_post_aux = SubmissionAux(id=new_post.id, new_post_aux = SubmissionAux(id=new_post.id,
url=url, url=url,

15
files/routes/settings.py
View file

@ -10,7 +10,6 @@ import youtube_dl
from .front import frontlist from .front import frontlist
valid_username_regex = re.compile("^[a-zA-Z0-9_\-]{3,25}$") valid_username_regex = re.compile("^[a-zA-Z0-9_\-]{3,25}$")
valid_title_regex = re.compile("^((?!<).){3,100}$")
valid_password_regex = re.compile("^.{8,100}$") valid_password_regex = re.compile("^.{8,100}$")
YOUTUBE_KEY = environ.get("YOUTUBE_KEY", "").strip() YOUTUBE_KEY = environ.get("YOUTUBE_KEY", "").strip()
@ -667,13 +666,7 @@ def settings_title_change(v):
if v.flairchanged: abort(403) if v.flairchanged: abort(403)
new_name=request.form.get("title").strip() new_name=request.form.get("title").strip()[:100]
#verify acceptability
if not re.match(valid_title_regex, new_name):
return render_template("settings_profile.html",
v=v,
error=f"This isn't a valid flair.")
#make sure name is different #make sure name is different
if new_name==v.customtitle: if new_name==v.customtitle:
@ -682,9 +675,11 @@ def settings_title_change(v):
error="You didn't change anything") error="You didn't change anything")
v.customtitleplain = new_name v.customtitleplain = new_name
new_name = sanitize(new_name, flair=True)
v = g.db.query(User).with_for_update().options(lazyload('*')).filter_by(id=v.id).first() for i in re.finditer(':(.{1,30}?):', new_name):
if path.isfile(f'./files/assets/images/emojis/{i.group(1)}.gif'):
new_name = new_name.replace(f':{i.group(1)}:', f'<img data-toggle="tooltip" title="{i.group(1)}" delay="0" height=20 src="https://{site}/assets/images/emojis/{i.group(1)}.gif"<span>')
v.customtitle = new_name v.customtitle = new_name
g.db.add(v) g.db.add(v)