skorotkiewicz/rDrama
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

farting

Browse source
This commit is contained in:
Aevann1 2022-02-26 21:56:58 +02:00
parent 7159b8d175
commit bc401701f5
5 changed files with 12 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

4
files/helpers/const.py
View file

@ -669,4 +669,6 @@ marseys_const = [x[0] for x in db.query(Marsey.name).all()] + ['a','b','c','d','
db.close() db.close()
if SITE == 'PCM': valid_username_regex = re.compile("^[a-zA-Z0-9_\-А-я]{3,25}$") if SITE == 'PCM': valid_username_regex = re.compile("^[a-zA-Z0-9_\-А-я]{3,25}$")
else: valid_username_regex = re.compile("^[a-zA-Z0-9_\-]{3,25}$") else: valid_username_regex = re.compile("^[a-zA-Z0-9_\-]{3,25}$")
valid_password_regex = re.compile("^.{8,100}$", flags=re.A)

5
files/helpers/sanitize.py
View file

@ -11,6 +11,9 @@ from random import random, choice
import signal import signal
import time import time
if SITE == 'PCM': mention_regex = re.compile('(^|\s|\n|<p>)@(([a-zA-Z0-9_\-А-я]){3,25})', flags=re.A)
else: mention_regex = re.compile('(^|\s|\n|<p>)@(([a-zA-Z0-9_\-]){1,25})', flags=re.A)
allowed_tags = tags = ['b', allowed_tags = tags = ['b',
'blockquote', 'blockquote',
'br', 'br',
@ -125,7 +128,7 @@ def sanitize(sanitized, noimages=False, alert=False, comment=False, edit=False):
sanitized = re.sub('(^|\s|\n|<p>)\/?(s\/(\w|-){3,25})', r'\1<a href="/\2" rel="nofollow noopener noreferrer">/\2</a>', sanitized, flags=re.A) sanitized = re.sub('(^|\s|\n|<p>)\/?(s\/(\w|-){3,25})', r'\1<a href="/\2" rel="nofollow noopener noreferrer">/\2</a>', sanitized, flags=re.A)
for i in re.finditer(valid_username_regex, sanitized): for i in mention_regex.finditer(sanitized):
u = get_user(i.group(2), graceful=True) u = get_user(i.group(2), graceful=True)
if u and (not g.v.any_block_exists(u) or g.v.admin_level > 1): if u and (not g.v.any_block_exists(u) or g.v.admin_level > 1):

6
files/routes/login.py
View file

@ -4,8 +4,6 @@ from files.__main__ import app, limiter
from files.helpers.const import * from files.helpers.const import *
import requests import requests
valid_password_regex = re.compile("^.{8,100}$", flags=re.A)
@app.get("/login") @app.get("/login")
@auth_desired @auth_desired
def login_get(v): def login_get(v):
@ -270,10 +268,10 @@ def sign_up_post(v):
"password") == request.values.get("password_confirm"): "password") == request.values.get("password_confirm"):
return new_signup("Passwords did not match. Please try again.") return new_signup("Passwords did not match. Please try again.")
if not re.fullmatch(valid_username_regex, username, flags=re.A): if not valid_username_regex.fullmatch(username, flags=re.A):
return new_signup("Invalid username") return new_signup("Invalid username")
if not re.fullmatch(valid_password_regex, request.values.get("password"), flags=re.A): if not valid_password_regex.fullmatch(request.values.get("password"), flags=re.A):
return new_signup("Password must be between 8 and 100 characters.") return new_signup("Password must be between 8 and 100 characters.")
email = request.values.get("email").strip().lower() email = request.values.get("email").strip().lower()

6
files/routes/settings.py
View file

@ -14,8 +14,6 @@ from files.helpers.discord import add_role
from shutil import copyfile from shutil import copyfile
import requests import requests
valid_password_regex = re.compile("^.{8,100}$", flags=re.A)
YOUTUBE_KEY = environ.get("YOUTUBE_KEY", "").strip() YOUTUBE_KEY = environ.get("YOUTUBE_KEY", "").strip()
GUMROAD_TOKEN = environ.get("GUMROAD_TOKEN", "").strip() GUMROAD_TOKEN = environ.get("GUMROAD_TOKEN", "").strip()
IMGUR_KEY = environ.get("IMGUR_KEY").strip() IMGUR_KEY = environ.get("IMGUR_KEY").strip()
@ -534,7 +532,7 @@ def settings_security_post(v):
if request.values.get("new_password") != request.values.get("cnf_password"): if request.values.get("new_password") != request.values.get("cnf_password"):
return render_template("settings_security.html", v=v, error="Passwords do not match.") return render_template("settings_security.html", v=v, error="Passwords do not match.")
if not re.fullmatch(valid_password_regex, request.values.get("new_password"), flags=re.A): if not valid_password_regex.fullmatch(request.values.get("new_password"), flags=re.A):
return render_template("settings_security.html", v=v, error="Password must be between 8 and 100 characters.") return render_template("settings_security.html", v=v, error="Password must be between 8 and 100 characters.")
if not v.verifyPass(request.values.get("old_password")): if not v.verifyPass(request.values.get("old_password")):
@ -861,7 +859,7 @@ def settings_name_change(v):
v=v, v=v,
error="You didn't change anything") error="You didn't change anything")
if not re.fullmatch(valid_username_regex, new_name, flags=re.A): if not valid_username_regex.fullmatch(new_name, flags=re.A):
return render_template("settings_profile.html", return render_template("settings_profile.html",
v=v, v=v,
error="This isn't a valid username.") error="This isn't a valid username.")

2
files/routes/subs.py
View file

@ -273,7 +273,7 @@ def create_sub2(v):
if not name: abort(400) if not name: abort(400)
name = name.strip().lower() name = name.strip().lower()
if not re.fullmatch(valid_sub_regex, name, flags=re.A): if not valid_sub_regex.fullmatch(name, flags=re.A):
return render_template("sub/create_sub.html", v=v, error="Sub name not allowed."), 400 return render_template("sub/create_sub.html", v=v, error="Sub name not allowed."), 400
sub = g.db.query(Sub).filter_by(name=name).one_or_none() sub = g.db.query(Sub).filter_by(name=name).one_or_none()