skorotkiewicz/rDrama
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
15735 commits 2 branches 0 tags 829 MiB
Commit graph

1387 commits

Author SHA1 Message Date
justcool393
56087f889e
remove backgrounds (fixes #379) (#536) 
* remove backgrounds (fixes #379)

* remove UI elements

* remove gif modals lol

* .

* remove unused gif modal.

* add alembic migration
 2023-03-28 13:47:53 -05:00
justcool393
e61e35226d disallow url() 2023-03-14 13:32:02 -05:00
justcool393
71406da834 security: disallow import statements in CSS 2023-03-14 13:32:02 -05:00
justcool393
92bd7d50fa
performance: add performance monitor 2023-03-14 13:31:04 -05:00
justcool393
8e62f1440b make this also work for not logged in users 2023-03-14 12:15:52 -05:00
justcool393
d09e1d4eb8 let users see their own content 2023-03-14 12:11:12 -05:00
justcool393
24af1b4433 fix leak of deleted content 2023-03-14 12:05:25 -05:00
justcool393
fb65cf0416
privatize user CSS (fixes #273) 
implements issue comment: https://github.com/themotte/rDrama/issues/273#issuecomment-1240543608
 2023-02-25 04:51:06 -06:00
justcool393
bfe8fb70f6
support infinite length posts and comments (fixes #229) 2023-02-25 04:18:30 -06:00
justcool393
44919507e9
leaderboard refactor (#526) 2023-02-24 06:31:17 -06:00
justcool393
22ad4f5d23
sanitize: sanitize raw content (fixes #214) 2023-02-24 06:00:19 -06:00
justcool393
ff09ba4209 SQLA migration: fix RemovedIn20Warnings 2023-02-24 05:54:56 -06:00
justcool393
872d9c613b
videos: remove video uploads lol 2023-02-17 21:26:40 -06:00
justcool393
1574c46d0a modmail: constantify user ID and fix bug where users can bypass modmail route checks 
the random c.sentto == 2 magic numbers in the code is... pretty
unmaintainable and unless you were aware of who "2" was, it's hard to
know what's going on.

in addition, we force modmail to go through the modmail path instead of
letting users bypass validation checks.
 2023-02-17 14:41:41 -06:00
justcool393
340644a3ae default 2023-02-17 00:49:04 -06:00
justcool393
c5cea4f8fa add SORTS_COMMENTS 2023-02-16 23:43:08 -06:00
justcool393
31f273ca32 Pins: fix infinite recursion 2023-02-16 18:46:43 -06:00
justcool393
ba96decb9b Jinja2: add SORTS_COMMON and SORTS_ALL 2023-02-16 18:27:16 -06:00
justcool393
09308f17d1 Add keyword argument pins to sort_comment_results 2023-02-16 18:17:21 -06:00
justcool393
9ba4f1a8af Remove unnecessary DESC constant 2023-02-16 18:02:26 -06:00
justcool393
5f73302b28 Sorting: add comments sort for comments and constantify sorts 2023-02-16 17:52:43 -06:00
Snakes
84e5c7c651
Merge branch 'frost' into feature-award-feature-flag 2023-02-11 23:41:41 -05:00
justcool393
1e9ca62892 sanitize: prevent worker crash during timeouts 
because themotte is ~~webscale~~ async, there is some window of time
where code in the sanitize fn will cause the entire worker to crash and
not in a fun way. anyway this uses gevent to handle timeouts instead of
a signal based system which is non-portable and is very fragile,
especially if themotte adds more async functionality in (something that
would probably further improve the performance of the site)

essentially... we don't want the failure of one request taking down the
entire worker!
 2023-02-10 14:09:25 -06:00
justcool393
f8f55be8b0
constantify render depth limit 2023-02-10 13:54:49 -06:00
justcool393
4cecdef35a
captcha: add captcha to contact page (fixes #482) 2023-02-09 10:41:15 -06:00
justcool393
379c7d5144 add features to templates 🤤 2023-02-09 10:37:57 -06:00
justcool393
f4445fd58e award feature: use feature flag in more places 2023-02-09 10:12:49 -06:00
justcool393
026a9efe2b user/submission/comment: avoid queries if awards are disabled 2023-02-08 17:54:12 -06:00
TLSM
007f0a3f02 Optimize comment pagination in post_id, viewmore 
Against a clean seeded DB, reduces `GET /post/1/` from 63 queries to
26 by removing redundancies and slow lazy-loaded queries during
top comment pagination.

Also applies eager loading to /viewmore/ with the expected reduction
from 5*(N comments) queries to ~12/request.

For testing locally, use a newly seeded DB to ensure
Comment.descendant_count is populated.

Ref: #485
 2023-02-08 15:50:24 -06:00
justcool393
86ea70dfd3 awards: remove all award definitions 2023-02-07 07:03:36 -06:00
TLSM
7a9a3f7c99 Randomize sidebar recommendation order (#483) 
Fixes #483. Implement a Jinja template filter to shuffle a sequence
(which surprisingly doesn't already exist) and shuffle the relevant
lists in the sidebar.
 2023-02-04 04:13:18 -06:00
faul_sname
c0a546d779 [themotte/rDrama#451] Passing in the db connection as an optional param makes things easier 2023-01-13 19:33:56 -08:00
faul_sname
e14d1b809c [themotte/rDrama#451] Extract the recomputation of descendant counts to its own function 2023-01-13 19:12:16 -08:00
faul_sname
b75c93e600 Merge remote-tracking branch 'origin/frost' into themotte-issue-451 2023-01-12 22:09:07 -08:00
faul_sname
4a6ed37166 [themotte/rDrama#451] Move the pusher_thread() function from files/routes/comment.py to files/helpers/comment.py 2023-01-09 00:07:49 -08:00
justcool393
712a0ad631 awards: remove tilt award 2023-01-08 19:38:20 -06:00
virtual256
da03335cb5 Replace sql_ilike_clean with func.lower for non-pattern uses; also fixes #398 2023-01-08 19:37:26 -06:00
justcool393
0ea72e3778
Debug: Add button in admin panel to login to other accounts (#437) 2023-01-08 03:16:02 -06:00
faul_sname
2e29b468ec [themotte/rDrama#451] Add a test for comment.descendant_count accuracy 2023-01-03 01:45:37 -08:00
faul_sname
7d12ddc89e [themotte/rDrama#451] With tests in place, extract out logic for updating the counters 2023-01-03 01:24:20 -08:00
faul_sname
f8c27f3620 [themotte/rDrama#451] define comment_on_unpublish() function 2023-01-03 01:17:00 -08:00
faul_sname
28f4807a9b [themotte/rDrama#451] Move comment_on_publish() to files/helpers/comments.py 2023-01-03 01:11:50 -08:00
faul_sname
9468e217f0 [themotte/rDrama#451] Allow explicitly setting the scheme to http or https in env 2022-12-30 23:39:46 -08:00
Ben Rog-Wilhelm
b4efd75753 Merge branch 'frost' into pr-eager-content 2022-12-17 17:17:32 -06:00
justcool393
1ae3dc85c2
Fix: Redirect loop on formkey or nonce mismatch. 
* fix 401-302-401-302-429 loop

* don't logout users on bad form key, just treat the request as unauthenticated

* Handle None/empty case in validate_formkey.

A supplied empty formkey, or the lack of a supplied formkey (None) is not a valid formkey. Handle this inside the function rather than at the call-site.

* Validate as false if no hashstr or string

Co-authored-by: Snakes <104547575+TLSM@users.noreply.github.com>
 2022-12-17 11:20:27 -06:00
Ben Rog-Wilhelm
b7a8297669 Improve error output for util function. 2022-12-05 00:49:19 -08:00
justcool393
0c632d73b7
Rework error system a bit to remove a bunch of duplicated code (#434) 2022-12-01 20:58:27 -06:00
Ben Rog-Wilhelm
e43db0535d Volunteer Janitor: Initial hooks. 2022-12-01 18:53:24 -08:00
TLSM
afe209d5d8
Eager load comments for post rendering. 
GET /post/1/clever-unique-post-title-number-0
|----------|--------|--------|--------|--------|--------|------------|
| Database | SELECT | INSERT | UPDATE | DELETE | Totals | Duplicates |
|----------|--------|--------|--------|--------|--------|------------|
| default  |  942   |   0    |   1    |   0    |  943   |    921     |
|----------|--------|--------|--------|--------|--------|------------|
Total queries: 943 in 0.377s # request time in browser 17249ms

GET /post/1/clever-unique-post-title-number-0
|----------|--------|--------|--------|--------|--------|------------|
| Database | SELECT | INSERT | UPDATE | DELETE | Totals | Duplicates |
|----------|--------|--------|--------|--------|--------|------------|
| default  |   58   |   0    |   1    |   0    |   59   |     35     |
|----------|--------|--------|--------|--------|--------|------------|
Total queries: 59 in 0.0423s # request time in browser 544ms

Also, fixes seed_db not populating top_comment_id on generated
comments. If you want to test locally with seed_db test data, you need
to reseed.
 2022-11-28 17:47:54 -05:00
TLSM
5aaef144cf
Deduplicate post/comment sorting & time filtering. 
Ported in from upstream with adjustments for TheMotte, most notably
universal default to 'new' and fixes to 'hot'. Lumped into this PR
because eager comment loading uses it.
 2022-11-28 14:33:24 -05:00