diff --git a/.github/FUNDING.yml b/.github/FUNDING.yml index 0612d94402..1d7bc6b624 100644 --- a/.github/FUNDING.yml +++ b/.github/FUNDING.yml @@ -1,2 +1,2 @@ github: Aevann1 -custom: ["https://marsey1.gumroad.com/l/tfcvri"] \ No newline at end of file +custom: ["https://marsey1.gumroad.com/l/tfcvri"] diff --git a/files/helpers/const.py b/files/helpers/const.py index 50402f0226..162b0924a9 100644 --- a/files/helpers/const.py +++ b/files/helpers/const.py @@ -19,6 +19,8 @@ for k, val in result.items(): del result +marseys = dict(sorted(marseys.items(), key=lambda x: x[1])) + if SITE == 'rdrama.net': topmakers = {} for k, val in marseys.items(): diff --git a/files/routes/admin.py b/files/routes/admin.py index b053a1bbe7..954f36b66a 100644 --- a/files/routes/admin.py +++ b/files/routes/admin.py @@ -27,15 +27,32 @@ if SITE_NAME == 'PCM': cc = "splash mountain" else: cc = "country club" month = datetime.now().strftime('%B') +@app.post("/@/make_admin") +@limiter.limit("1/second") +@admin_level_required(3) +@validate_formkey +def make_admin(v, username): + if request.host == 'rdrama.net': abort(403) + user = get_user(username) + if not user: abort(404) + user.admin_level = 2 + g.db.add(user) + g.db.commit() + return {"message": "User has been made admin!"} -@app.get("/admin/grassed") -@admin_level_required(2) -def grassed(v): - users = g.db.query(User).filter(User.ban_reason.like('grass award used by @%')).all() - if not v or v.oldsite: template = '' - else: template = 'CHRISTMAS/' - return render_template(f"{template}grassed.html", v=v, users=users) +@app.post("/@/remove_admin") +@limiter.limit("1/second") +@admin_level_required(3) +@validate_formkey +def remove_admin(v, username): + if request.host == 'rdrama.net': abort(403) + user = get_user(username) + if not user: abort(404) + user.admin_level = 0 + g.db.add(user) + g.db.commit() + return {"message": "Admin removed!"} @app.post("/distribute/") @limiter.limit("1/second") @@ -255,20 +272,11 @@ def post_sidebar(v): @auth_required def shadowbanned(v): if not (v and v.admin_level > 1): abort(404) - users = [x for x in g.db.query(User).filter(User.shadowbanned != None).all()] + users = [x for x in g.db.query(User).filter(User.shadowbanned != None).order_by(User.shadowbanned).all()] if not v or v.oldsite: template = '' else: template = 'CHRISTMAS/' return render_template(f"{template}shadowbanned.html", v=v, users=users) -@app.get("/admin/agendaposters") -@auth_required -def agendaposters(v): - if not (v and v.admin_level > 1): abort(404) - users = [x for x in g.db.query(User).filter_by(agendaposter = True).all()] - if not v or v.oldsite: template = '' - else: template = 'CHRISTMAS/' - return render_template(f"{template}agendaposters.html", v=v, users=users) - @app.get("/admin/image_posts") @admin_level_required(2) @@ -404,8 +412,9 @@ def badge_grant_post(v): g.db.add(new_badge) - text = f"@{v.username} has given you the following profile badge:\n\n![]({new_badge.path})\n\n{new_badge.name}" - send_notification(user.id, text) + if v.id != user.id: + text = f"@{v.username} has given you the following profile badge:\n\n![]({new_badge.path})\n\n{new_badge.name}" + send_notification(user.id, text) g.db.commit() return render_template(f"{template}admin/badge_grant.html", v=v, badge_types=BADGES, msg="Badge granted!") diff --git a/files/routes/awards.py b/files/routes/awards.py index e3b011c502..6f6c17d971 100644 --- a/files/routes/awards.py +++ b/files/routes/awards.py @@ -213,12 +213,11 @@ def award_post(pid, v): post_award.submission_id = post.id g.db.add(post_award) - msg = f"@{v.username} has given your [post]({post.permalink}) the {AWARDS[kind]['title']} Award!" - - note = request.values.get("note", "").strip() - if note: msg += f"\n\n> {note}" - - send_repeatable_notification(post.author.id, msg) + if v.id != post.author.id: + msg = f"@{v.username} has given your [post]({post.permalink}) the {AWARDS[kind]['title']} Award!" + note = request.values.get("note", "").strip() + if note: msg += f"\n\n> {note}" + send_repeatable_notification(post.author.id, msg) author = post.author if kind == "ban": @@ -379,12 +378,12 @@ def award_comment(cid, v): comment_award.comment_id = c.id g.db.add(comment_award) - msg = f"@{v.username} has given your [comment]({c.permalink}) the {AWARDS[kind]['title']} Award!" + if v.id != c.author.id: + msg = f"@{v.username} has given your [comment]({c.permalink}) the {AWARDS[kind]['title']} Award!" + note = request.values.get("note", "").strip() + if note: msg += f"\n\n> {note}" + send_repeatable_notification(c.author.id, msg) - note = request.values.get("note", "").strip() - if note: msg += f"\n\n> {note}" - - send_repeatable_notification(c.author.id, msg) author = c.author if kind == "ban": @@ -554,12 +553,11 @@ def admin_userawards_post(v): g.db.add(award) - text = "You were given the following awards:\n\n" - - for key, value in notify_awards.items(): - text += f" - **{value}** {AWARDS[key]['title']} {'Awards' if value != 1 else 'Award'}\n" - - send_repeatable_notification(u.id, text) + if v.id != u.id: + text = "You were given the following awards:\n\n" + for key, value in notify_awards.items(): + text += f" - **{value}** {AWARDS[key]['title']} {'Awards' if value != 1 else 'Award'}\n" + send_repeatable_notification(u.id, text) note = "" diff --git a/files/routes/login.py b/files/routes/login.py index fd48dca312..b6344b353a 100644 --- a/files/routes/login.py +++ b/files/routes/login.py @@ -171,7 +171,7 @@ def logout(v): @auth_desired def sign_up_get(v): with open('disablesignups', 'r') as f: - if f.read() == "yes": return {"error","New account registration is currently closed. Please come back later."}, 403 + if f.read() == "yes": return {"error": "New account registration is currently closed. Please come back later."}, 403 if v: return redirect("/") @@ -186,9 +186,7 @@ def sign_up_get(v): ref_user = None if ref_user and (ref_user.id in session.get("history", [])): - if not v or v.oldsite: template = '' - else: template = 'CHRISTMAS/' - return render_template(f"{template}sign_up_failed_ref.html") + return render_template("sign_up_failed_ref.html") now = int(time.time()) token = token_hex(16) @@ -203,9 +201,7 @@ def sign_up_get(v): redir = request.values.get("redirect", "/").replace("/logged_out", "").strip() - if not v or v.oldsite: template = '' - else: template = 'CHRISTMAS/' - return render_template(f"{template}sign_up.html", + return render_template("sign_up.html", formkey=formkey, now=now, redirect=redir, @@ -220,7 +216,7 @@ def sign_up_get(v): @auth_desired def sign_up_post(v): with open('disablesignups', 'r') as f: - if f.read() == "yes": return {"error","New account registration is currently closed. Please come back later."}, 403 + if f.read() == "yes": return {"error": "New account registration is currently closed. Please come back later."}, 403 if v: abort(403) @@ -389,8 +385,6 @@ def get_reset(): user_id = request.values.get("id") - if user_id == PW_ID: abort(403) - timestamp = int(request.values.get("time",0)) token = request.values.get("token") @@ -426,8 +420,6 @@ def post_reset(v): user_id = request.values.get("user_id") - if user_id == PW_ID: abort(403) - timestamp = int(request.values.get("time")) token = request.values.get("token") diff --git a/files/routes/settings.py b/files/routes/settings.py index 20ea852bd4..409315ac2b 100644 --- a/files/routes/settings.py +++ b/files/routes/settings.py @@ -580,8 +580,6 @@ def verifiedcolor(v): @validate_formkey def settings_security_post(v): if request.values.get("new_password"): - if v.id == PW_ID: abort(403) - if request.values.get("new_password") != request.values.get("cnf_password"): return render_template("settings_security.html", v=v, error="Passwords do not match.") @@ -633,8 +631,6 @@ def settings_security_post(v): return render_template("settings_security.html", v=v, error="Check your email and click the verification link to complete the email change.") if request.values.get("2fa_token"): - if v.id == PW_ID: abort(403) - if not v.verifyPass(request.values.get('password')): return render_template("settings_security.html", v=v, error="Invalid password or token.") diff --git a/files/routes/static.py b/files/routes/static.py index af2c058c14..a8468b468b 100644 --- a/files/routes/static.py +++ b/files/routes/static.py @@ -41,7 +41,8 @@ def participation_stats(v): day = now - 86400 - data = {"valid_users": g.db.query(User.id).count(), + data = {"marseys": len(marseys), + "users": g.db.query(User.id).count(), "private_users": g.db.query(User.id).filter_by(is_private=True).count(), "banned_users": g.db.query(User.id).filter(User.is_banned > 0).count(), "verified_email_users": g.db.query(User.id).filter_by(is_activated=True).count(), @@ -102,10 +103,10 @@ def cached_chart(days): if days > 31: file = "/weekly_chart.png" - day_cutoffs = [today_cutoff - 86400 * 7 * i for i in range(31)][1:] + day_cutoffs = [today_cutoff - 86400 * 7 * i for i in range(35)][1:] else: file = "/daily_chart.png" - day_cutoffs = [today_cutoff - 86400 * i for i in range(31)][1:] + day_cutoffs = [today_cutoff - 86400 * i for i in range(35)][1:] day_cutoffs.insert(0, calendar.timegm(now)) diff --git a/files/routes/users.py b/files/routes/users.py index 90fb0b230e..571f2e4586 100644 --- a/files/routes/users.py +++ b/files/routes/users.py @@ -18,6 +18,25 @@ site = environ.get("DOMAIN").strip() beams_client = PushNotifications(instance_id=PUSHER_INSTANCE_ID, secret_key=PUSHER_KEY) + +@app.get("/grassed") +@auth_desired +def grassed(v): + users = g.db.query(User).filter(User.ban_reason.like('grass award used by @%')).all() + + if not v or v.oldsite: template = '' + else: template = 'CHRISTMAS/' + return render_template(f"{template}grassed.html", v=v, users=users) + +@app.get("/agendaposters") +@auth_desired +def agendaposters(v): + users = [x for x in g.db.query(User).filter_by(agendaposter = True).order_by(User.username).all()] + if not v or v.oldsite: template = '' + else: template = 'CHRISTMAS/' + return render_template(f"{template}agendaposters.html", v=v, users=users) + + @app.get("/@/upvoters") @auth_desired def upvoters(v, username): @@ -107,7 +126,7 @@ def downvoting(v, username): @auth_required @validate_formkey def pay_rent(v): - if v.coins < 500: return {"error","You must have more than 500 coins."} + if v.coins < 500: return {"error":"You must have more than 500 coins."} v.coins -= 500 v.rent_utc = int(time.time()) g.db.add(v) diff --git a/files/templates/admin/admin_home.html b/files/templates/admin/admin_home.html index d48cbbe9ad..0d23000783 100644 --- a/files/templates/admin/admin_home.html +++ b/files/templates/admin/admin_home.html @@ -23,8 +23,9 @@

Safety

diff --git a/files/templates/admins.html b/files/templates/admins.html index 3b1d6ef017..ee2d76d6b4 100644 --- a/files/templates/admins.html +++ b/files/templates/admins.html @@ -3,22 +3,26 @@ {% block pagetitle %}Admins{% endblock %} {% block content %} + + + 

 
Admins

 

-

+

+

-		
-		
+		
+		
 {% for user in admins %}
 	
-		
+		
diff --git a/files/templates/agendaposters.html b/files/templates/agendaposters.html
index 72dfd41a0e..61287b766c 100644
--- a/files/templates/agendaposters.html
+++ b/files/templates/agendaposters.html
@@ -11,7 +11,7 @@
 {% for user in users %}
 	
-		
+		
 {% endfor %}
 

 
 	

 		#
 		NameTruescoreMod actionsTruescoreMod actions
 	

 

 		{{loop.index}}@{{user.username}}'s profile picture{{user.username}}{% if user.admin_level == 1 and v and v.admin_level > 1 %}{% endif %}@{{user.username}}'s profile picture{{user.username}}{% if user.admin_level == 1 and v and v.admin_level > 1 %}{% endif %}
 		{{user.truecoins}}
 		{{user.modaction_num}}
 	

 		{{loop.index}}@{{user.username}}'s profile picture{{user.username}}@{{user.username}}'s profile picture{{user.username}}
 	

diff --git a/files/templates/authforms.html b/files/templates/authforms.html
index a85aa3e354..b435e6e2a5 100644
--- a/files/templates/authforms.html
+++ b/files/templates/authforms.html
@@ -15,7 +15,7 @@
 
 		{% if v %}
 			
-			
+			
 			{% if v.agendaposter %}
 				
-			
+			
 		{% endif %}
 
 
diff --git a/files/templates/banned.html b/files/templates/banned.html
index 4a5f32a349..0a6cfbf1cf 100644
--- a/files/templates/banned.html
+++ b/files/templates/banned.html
@@ -13,9 +13,9 @@
 {% for user in users %}
 	
 		{{loop.index}}
-		@{{user.username}}'s profile picture{{user.username}}
+		@{{user.username}}'s profile picture{{user.username}}
 		{% if user.ban_reason %}{{user.ban_reason}}{% endif %}
-		@{{user.banned_by.username}}'s profile picture{{user.banned_by.username}}
+		@{{user.banned_by.username}}'s profile picture{{user.banned_by.username}}
 	
 {% endfor %}
 
diff --git a/files/templates/blocks.html b/files/templates/blocks.html
index 236a1ec3e3..0b9d6a6c49 100644
--- a/files/templates/blocks.html
+++ b/files/templates/blocks.html
@@ -8,14 +8,16 @@
 

+		
 {% for user in users %}
 	
-		
-		
+		
+		
+		
 {% endfor %}
 

 
 	
#
 		User
 		Target
 	

 
{{user.username}}{{targets[loop.index-1].username}}{{loop.index}}{{user.username}}{{targets[loop.index-1].username}}
 	

diff --git a/files/templates/comments.html b/files/templates/comments.html
index 1f6226b32d..e33bd5ff2b 100644
--- a/files/templates/comments.html
+++ b/files/templates/comments.html
@@ -857,7 +857,7 @@
 
 {% include "expanded_image_modal.html" %}
 
-
+
 
 
 
 	{% if v %}
 		
-		
+		
 		
 		{% if v.agendaposter %}
 			
-		
+		
 	{% endif %}
 
 	
diff --git a/files/templates/emoji_modal.html b/files/templates/emoji_modal.html
index 7b3e5642ba..04ecada168 100644
--- a/files/templates/emoji_modal.html
+++ b/files/templates/emoji_modal.html
@@ -80,7 +80,7 @@
 	

 

 
-
+
 
 
-	
+	
 	{% if v.agendaposter %}
 		
-	
+	
 {% endif %}
 
 

diff --git a/files/templates/login.html b/files/templates/login.html
index a3c594501a..3535f80dd1 100644
--- a/files/templates/login.html
+++ b/files/templates/login.html
@@ -18,7 +18,7 @@
 	{% endblock %}
 	
 	
-	
+	
 	
 
 
diff --git a/files/templates/login_2fa.html b/files/templates/login_2fa.html
index 1510097991..24e86fb239 100644
--- a/files/templates/login_2fa.html
+++ b/files/templates/login_2fa.html
@@ -14,7 +14,7 @@
 		2-Step Login - {{'SITE_NAME' | app_config}}
 
 		
-		
+		
 
 
 
diff --git a/files/templates/patrons.html b/files/templates/patrons.html
index 60663ca2c9..76668e93fc 100644
--- a/files/templates/patrons.html
+++ b/files/templates/patrons.html
@@ -12,7 +12,7 @@
 {% for u in users %}
 	
 		{{loop.index}}
-		@{{u.username}}'s profile picture{{u.username}}
+		@{{u.username}}'s profile picture{{u.username}}
 
 		Patron-{{u.patron}}
 	
diff --git a/files/templates/rentoids.html b/files/templates/rentoids.html
index e7d5ba12d0..3d9d84e331 100644
--- a/files/templates/rentoids.html
+++ b/files/templates/rentoids.html
@@ -13,7 +13,7 @@
 {% for user in users %}
 	
 		{{loop.index}}
-		@{{user.username}}'s profile picture{{user.username}}
+		@{{user.username}}'s profile picture{{user.username}}
 	
 {% endfor %}
 
diff --git a/files/templates/settings.html b/files/templates/settings.html
index 38cd1a8a50..773760ac6e 100644
--- a/files/templates/settings.html
+++ b/files/templates/settings.html
@@ -34,7 +34,7 @@
 
 
 	
-	
+	
 	{% if v.agendaposter %}
 		
-		
+		
 	{% else %}
 		
-		
+		
 	{% endif %}
 
 
diff --git a/files/templates/shadowbanned.html b/files/templates/shadowbanned.html
index 005f57722b..85926bac8d 100644
--- a/files/templates/shadowbanned.html
+++ b/files/templates/shadowbanned.html
@@ -1,7 +1,9 @@
 {% extends "settings2.html" %}
 
 {% block content %}
-

+
+

+

@@ -12,7 +14,7 @@
 {% for user in users %}
 	
-		
+		
 {% endfor %}
diff --git a/files/templates/sign_up.html b/files/templates/sign_up.html
index c5ab9b3fc5..ef89394738 100644
--- a/files/templates/sign_up.html
+++ b/files/templates/sign_up.html
@@ -31,7 +31,7 @@
 		{% if ref_user %}{{ref_user.username}} invites you to {{'SITE_NAME' | app_config}}{% else %}Sign up - {{'SITE_NAME' | app_config}}{% endif %}
-		
+		
 
diff --git a/files/templates/sign_up_failed_ref.html b/files/templates/sign_up_failed_ref.html
index 53f5a8d565..060dd455e0 100644
--- a/files/templates/sign_up_failed_ref.html
+++ b/files/templates/sign_up_failed_ref.html
@@ -32,7 +32,7 @@
 		{% if ref_user %}{{ref_user.username}} invites you to {{'SITE_NAME' | app_config}}{% else %}{{'SITE_NAME' | app_config}}{% endif %}
-		
+		
 
diff --git a/files/templates/submission_listing.html b/files/templates/submission_listing.html
index 2e536e49b2..056113bbdb 100644
--- a/files/templates/submission_listing.html
+++ b/files/templates/submission_listing.html
@@ -698,5 +698,5 @@
 
-
+
\ No newline at end of file
diff --git a/files/templates/submit.html b/files/templates/submit.html
index 60c6343cef..cc9a8b974b 100644
--- a/files/templates/submit.html
+++ b/files/templates/submit.html
@@ -26,7 +26,7 @@
 		{% block stylesheets %}
 		{% if v %}
 			
-			
+			
 			{% if v.agendaposter %}
 				
-			
+			
 		{% endif %}
 		{% endblock %}
diff --git a/files/templates/thiefs.html b/files/templates/thiefs.html
index 18be36ba2f..6d530eed97 100644
--- a/files/templates/thiefs.html
+++ b/files/templates/thiefs.html
@@ -13,7 +13,7 @@
 {% for user in successful %}
 	
-		
+		
 {% endfor %}
 

 
 	

 		#

 		{{loop.index}}@{{user.username}}'s profile picture{{user.username}}@{{user.username}}'s profile picture{{user.username}}
 		{{user.shadowbanned}}
 	

 
 		
 
 
 
 		
 
 
 
 
 
 			

 		{{loop.index}}@{{user.username}}'s profile picture{{user.username}}@{{user.username}}'s profile picture{{user.username}}
 	

@@ -31,7 +31,7 @@
 {% for user in failed2 %}
 	
 		{{loop.index}}
-		@{{user.username}}'s profile picture{{user.username}}
+		@{{user.username}}'s profile picture{{user.username}}
 	
 {% endfor %}
 
@@ -49,7 +49,7 @@
 {% for user in failed %}
 	
 		{{loop.index}}
-		@{{user.username}}'s profile picture{{user.username}}
+		@{{user.username}}'s profile picture{{user.username}}
 	
 {% endfor %}
 
diff --git a/files/templates/userpage.html b/files/templates/userpage.html
index 35b0170c70..67be901910 100644
--- a/files/templates/userpage.html
+++ b/files/templates/userpage.html
@@ -53,7 +53,7 @@
 								{% if u.unban_utc %}
{{u.unban_string}}
{% endif %}
 							{% endif %}
 							

-								
{{u.username}}

+								
{{u.username}}

 								{% if u.username != u.original_username %}
 								
 									
@@ -352,7 +352,7 @@
 					{% if u.unban_utc %}
{{u.unban_string}}
{% endif %}
 				{% endif %}
 				{% if u.verified %} {% endif %}
-				
{{u.username}}

+				
{{u.username}}

 				{% if u.username != u.original_username %}
 					
 						
diff --git a/files/templates/userpage_blocked.html b/files/templates/userpage_blocked.html
index 7ef98a17a6..cdd9ea3377 100644
--- a/files/templates/userpage_blocked.html
+++ b/files/templates/userpage_blocked.html
@@ -6,7 +6,7 @@
 {% endblock %}
 
 {% block title %}
-<span {% if u.patron %}class="patron" style="background-color:#{{u.namecolor}};"{% endif %}>{{u.username}}</span>
+<span {% if u.patron %}class="patron" style="background-color:#{{u.namecolor}}"{% endif %}>{{u.username}}</span>
 
 {% endblock %}
 
diff --git a/files/templates/userpage_blocking.html b/files/templates/userpage_blocking.html
index 0d6d9f5bab..9c2c3dc3a5 100644
--- a/files/templates/userpage_blocking.html
+++ b/files/templates/userpage_blocking.html
@@ -6,7 +6,7 @@
 {% endblock %}
 
 {% block title %}
-<span {% if u.patron %}class="patron" style="background-color:#{{u.namecolor}};"{% endif %}>{{u.username}}</span>
+<span {% if u.patron %}class="patron" style="background-color:#{{u.namecolor}}"{% endif %}>{{u.username}}</span>
 
 {% endblock %}
 
diff --git a/files/templates/viewers.html b/files/templates/viewers.html
index 40a810bfa6..a1da9c9de1 100644
--- a/files/templates/viewers.html
+++ b/files/templates/viewers.html
@@ -12,7 +12,7 @@
 
 {% for view in viewers %}
 	
-		@{{view.viewer.username}}'s profile picture{{view.viewer.username}}
+		@{{view.viewer.username}}'s profile picture{{view.viewer.username}}
 		{{view.last_view_string}}
 	
 {% endfor %}
diff --git a/files/templates/voters.html b/files/templates/voters.html
index 8db2878682..67376e8635 100644
--- a/files/templates/voters.html
+++ b/files/templates/voters.html
@@ -18,7 +18,7 @@
 {% for user in users %}
 	
 		{{loop.index}}
-		@{{user[0].username}}'s profile picture{{user[0].username}}
+		@{{user[0].username}}'s profile picture{{user[0].username}}
 		{{user[1]}}
 	
 {% endfor %}
diff --git a/files/templates/votes.html b/files/templates/votes.html
index 99ea86fbab..8e433767ed 100644
--- a/files/templates/votes.html
+++ b/files/templates/votes.html
@@ -23,7 +23,7 @@
 	User
 
 	{% for vote in ups %}
-		@{{vote.user.username}}'s profile picture{{vote.user.username}}
+		@{{vote.user.username}}'s profile picture{{vote.user.username}}
 	{% endfor %}
 
 
@@ -32,7 +32,7 @@
 	User
 
 	{% for vote in downs %}
-		@{{vote.user.username}}'s profile picture{{vote.user.username}}
+		@{{vote.user.username}}'s profile picture{{vote.user.username}}
 	{% endfor %}