ds

2021-08-19 18:09:48 +02:00 · 2021-08-19 18:09:48 +02:00 · eca9c8e741
commit eca9c8e741
parent 021977b47c
2 changed files with 10 additions and 1 deletions
--- a/files/routes/posts.py
+++ b/files/routes/posts.py
@ -227,6 +227,9 @@ def post_id(pid, anything=None, v=None):
@validate_formkey
 def edit_post(pid, v):
 	title = request.form.get("title")
 	if "<" in title: return {"error": f"Titles can't contain <"}
 	p = get_post(pid)
 	if not p.author_id == v.id:
@ -286,7 +289,6 @@ def edit_post(pid, v):
 	p.body = body
 	p.body_html = body_html
 	title = request.form.get("title")
 	p.title = title
 	p.title_html = filter_title(title)
@ -542,6 +544,8 @@ def submit_post(v):
 		if request.headers.get("Authorization"): return {"error": "500 character limit for titles"}, 400
 		else: render_template("submit.html", v=v, error="500 character limit for titles.", title=title[:500], url=url, body=request.form.get("body", "")), 400
 	elif "<" in title:
 		render_template("submit.html", v=v, error="Titles can't contain <", title=title[:500], url=url, body=request.form.get("body", "")), 400
 	parsed_url = urlparse(url)
 	if not (parsed_url.scheme and parsed_url.netloc) and not request.form.get(
--- a/files/routes/settings.py
+++ b/files/routes/settings.py
@ -677,6 +677,11 @@ def settings_title_change(v):
 	new_name=request.form.get("title").strip()[:100]
 	if "<" in new_name:
 		return render_template("settings_profile.html",
 						   v=v,
 						   error=f"Flairs can't contain <")
 	#make sure name is different
 	if new_name==v.customtitle:
 		return render_template("settings_profile.html",