The confetti button in the awardModal had a conflicting ID to the
newly-reimplemented confetti award. This resulted in an amusing bug
where the awardModal was filled with confetti. Conflict has been
resolved by renaming the confetti overlay.
This is what I deserve for writing code at 3AM.
To replace the implementation of the confetti award, we now use an
animated WebP tiled as a background image on a fixed overlay. This
should alleviate the previous performance concerns (no runtime
calculation of confetti mechanics & rendering) and maintainable
concerns.
Fixes https://rdrama.net/post/18459/-/1969386
The appropriate internal links--viz. profile, settings, changelogs,
bug reporting, discord, archives, and contact--in the header menu
respect the User.newtab setting to open internal links in new tabs.
Removes temporary changes for the Birthgay 2022 event, ending
approximately at 2022-05-23 0600Z. Changes:
- Double XP disabled.
- Lootboxes disabled.
- Three event awards given real descriptions and colors.
- Partyhats: restored to cakeday-only condition and tooltip.
- Header UI: balloons removed, text visibility outline removed,
journoid banner reverted, marseyjam as header icon.
- Birthgay banners: removed from template, moved to new storage dir.
Confetti, though remaining as a permanent award, has been temporarily
removed pending a less performance-intensive implementation and one
that doesn't require maintaining a third-party package in the codebase.
Recently, caa81452f4 relaxed the condition for Snappy pinning a post
from `body.startswith(':#marseypin:')` to the same sans trailing colon.
I believe this was intended to allow :marseypin2: to also lead to post
pinning. However, the amusing, though incorrect, side effect is that
:marseypinkcat: and :marseypinochet: can now also lead to Snappy pins.
This has been remedied by explicitly defining the two conditions we
want rather than hoping all :marseypin [sic] are about pinning.
cb1bb4e43b40: Server cleaned out schema.sql for some reason and
it was autocommitted by the sneed cron. This is why the tests fail.
2737a6ca479b: Originally pulled from themotte/rDrama @ 309bf44f12ba.
In light of the fact this is breaking comment previews right now and
the actual XSS threat is unclear, given we sanitize serverside,
this is reverted until I find time to look at it.
Comments of the style e.g. "@TLSM / @TLSM2" would mistakenly be
`sanitize`d to have identical links only on "@TLSM", the latter
instance having a dangling 2 on the end. It seems this is purely an
issue with text formatting; alerts.py @ NOTIF_USERS had no such
issues. The root cause appears to be partly an optimization and
partly the use of str.replace without a count limit.
The award modal note field had a maxLength of 200 characters.
This was retained when repurposing the field for the new flair to be
applied by a flairlock award. However, flairs have a maxLength of 100
characters. award_modal.js now makes this clearer in the UI by
changing the maxLength of note when a flairlock award is picked.
The shop discount from Big Spender badges was incorrectly implemented:
intended behavior was for 2pp per badge. However, the values in
const.py were set as if a user could only have one Spender badge at
once, while user.py @ discount was implemented as if they were
additive. Since users factually do have multiple big spender badges,
the values in const were adjusted to reflect this fact.
Also, lootbox Roller badges now each offer a 1pp discount.
users.py @ discount was improved to check against the `discounts`
keys for appropriate badges, rather than a hardcoded list.
Very strange bug, and I hope this fixes it. User popovers, e.g. on
comments pages when names are clicked, spontaneously stopped working
on my local instance. This parallels occasional reports from others
that their popovers stop working for seemingly no reason.
The primary symptom appeared to be in comments+submission_listing.js
@ popclick(...), which became unable to find any `.popover` elements
in the document, resulting in a console error. Running `bs_trigger(
document)` manually in console after page load always fixed this.
As such, I am assuming this is (hopefully) a timing bug from the
bs_trigger call in header.js running before document ready. The call
now runs on a standard document ready callback boilerplate.
May God have mercy on our souls if this doesn't fix it.
I discovered that running `bs_trigger(document)`
Double XP now has a constant for unixtime to start. Logic around
DXP is designed to only apply to votes made after DOUBLE_XP_ENABLED.
This prevents an exploit in the old implementation where spam voting/
unvoting a post made prior to the DXP start could farm 300 DC/hr/alt.
Also it's more maintainable and comports with the coin_delta changes
to prevent self-vote coin changes.
Re-enable lootboxes in const.py, and update their contents in
awards.py. Additionally, improve appearance in shop.
Upon purchasing a lootbox, users now receive a message informing
them of the contents thereof.
Lootbox backend now properly uses CARP_ID (and checks for the
existence thereof correctly).
Also, minor changes to how const.py whitelists awards.