From feb5d25e839fecc714bb9e85d57a058a5b1459ee Mon Sep 17 00:00:00 2001
From: TLSM <duolsm@outlook.com>
Date: Thu, 29 Sep 2022 23:38:26 -0400
Subject: [PATCH 1/5] Add "banned by" to userpage ban string.

---
 files/templates/userpage.html | 12 ++++--------
 1 file changed, 4 insertions(+), 8 deletions(-)

diff --git a/files/templates/userpage.html b/files/templates/userpage.html
index e5281f4a2..ce56d13ae 100644
--- a/files/templates/userpage.html
+++ b/files/templates/userpage.html
@@ -52,6 +52,7 @@
 									{% if u.ban_reason %}:
 										{{u.ban_reason | safe}}
 									{% endif %}
+									(by <a href="{{u.banned_by.url}}">@{{u.banned_by.username}}</a>)
 								</h5>
 								{% if u.unban_utc %}
 									<h5 class="text-primary" id="profile--unban">{{u.unban_string}}</h5>
@@ -62,6 +63,7 @@
 									{% if u.ban_reason %}:
 										{{u.ban_reason | safe}}
 									{% endif %}
+									(by <a href="/@{{u.shadowbanned}}">@{{u.shadowbanned}}</a>)
 								</h5>
 							{% endif %}
 							<div class="d-flex align-items-center mt-1 mb-2">
@@ -387,9 +389,6 @@
 								{% endfor %}
 							</ul>
 						{% endif %}
-						{% if u.is_suspended %}
-							<p id="profile--info--bannedby">Banned by: <a href="{{u.banned_by.url}}">@{{u.banned_by.username}}</a></p>
-						{% endif %}
 					</div>
 				</div>
 			</div>
@@ -437,12 +436,12 @@
 			</div>
 			<div class="mt-n3 py-3">
 				{% if u.is_suspended %}
-					<h5 class="text-primary" id="profile-mobile--banned">BANNED USER{% if u.ban_reason %}: {{u.ban_reason | safe}}{% endif %}</h5>
+					<h5 class="text-primary" id="profile-mobile--banned">BANNED USER{% if u.ban_reason %}: {{u.ban_reason | safe}}{% endif %} (by <a href="{{u.banned_by.url}}">@{{u.banned_by.username}}</a>)</h5>
 					{% if u.unban_utc %}<h5 class="text-primary" id="profile-mobile--unban">{{u.unban_string}}</h5>{% endif %}
 				{% endif %}
 
 				{% if u.shadowbanned %}
-					<h5 class="text-primary" id="profile-mobile--banned">SHADOWBANNED USER{% if u.ban_reason %}: {{u.ban_reason | safe}}{% endif %}</h5>
+					<h5 class="text-primary" id="profile-mobile--banned">SHADOWBANNED USER{% if u.ban_reason %}: {{u.ban_reason | safe}}{% endif %} (by <a href="/@{{u.shadowbanned}}">@{{u.shadowbanned}}</a>)</h5>
 				{% endif %}
 
 				<h1 class="h5 d-inline-block" id="profile-mobile--name" style="color: #{{u.name_color}}"><span {% if u.patron %}class="patron" style="background-color:#{{u.name_color}}"{% endif %}>{{u.username}}</span></h1>
@@ -750,9 +749,6 @@
 							{% endfor %}
 						</ul>
 					{% endif %}
-					{% if u.is_suspended %}
-						<p id="profile-mobile--info--bannedby">Banned by: <a href="{{u.banned_by.url}}">@{{u.banned_by.username}}</a></p>
-					{% endif %}
 				</div>
 			</div>
 		</div>

From 23123f3b6543cf6bc2977057c83bfb66ca075d3a Mon Sep 17 00:00:00 2001
From: Aevann1 <randomname42029@gmail.com>
Date: Thu, 29 Sep 2022 23:00:03 +0000
Subject: [PATCH 2/5] sneed

---
 seed-db.sql | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/seed-db.sql b/seed-db.sql
index 24ea9a53b..e7604ee4c 100644
--- a/seed-db.sql
+++ b/seed-db.sql
@@ -1070,6 +1070,7 @@ INSERT INTO public.marseys (name, author_id, tags, created_utc) VALUES
 ('marseybiden2',2,'biden ddd dementia daddy president sleepy joe gas petrol ididthat',NULL),
 ('marseybigbrain',2,'high iq highiq smart genius brain',NULL),
 ('marseybigdog',2,'bussy big dog poster',NULL),
+('marseybigfoot',2,'bigfoot monkey footage ape cryptid',1664490937),
 ('marseybikecuck',2,'owlturd bicycle cuckold webcomic happiness',NULL),
 ('marseybiker',2,'motorcycle harley bicycle helmet',NULL),
 ('marseybingus',2,'floppa shaved hairless',NULL),
@@ -1420,6 +1421,7 @@ INSERT INTO public.marseys (name, author_id, tags, created_utc) VALUES
 ('marseydragon',2,'smaug rich hoard gold treasure',NULL),
 ('marseydrama',2,'agendapost where drama seriouspost drama where',NULL),
 ('marseydramautist',2,'dramautist drama autist trains trans glue retard autism dramatard',NULL),
+('marseydrawing1',2,'drawing art canvas painting',1664490986),
 ('marseydream',2,'spirals trippy swirls rainbow',NULL),
 ('marseydrone',2,'obama rotors',NULL),
 ('marseydrunk',2,'drinking shitfaced alcoholic liquor happy beer dizzy',NULL),
@@ -1435,6 +1437,7 @@ INSERT INTO public.marseys (name, author_id, tags, created_utc) VALUES
 ('marseydylan',2,'columbine school shooter psycho gun pistol klebold',NULL),
 ('marseydynamite',2,'dynomite black afro gun',NULL),
 ('marseyearrape',2,'breakcore goreshit headphones noisecore',NULL),
+('marseyecstatic',2,'ecstatic happy creepy smile',1664490819),
 ('marseyedelgard',2,'fireemblem anime weeb fantasy nintendo princess',NULL),
 ('marseyedelgard2',2,'princess fireemblem nintendo anime weeb videogame',1663283895),
 ('marseyeerie1',2,'eerie excited calico',NULL),
@@ -1517,6 +1520,7 @@ INSERT INTO public.marseys (name, author_id, tags, created_utc) VALUES
 ('marseyfingergoodjob',2,'cute encourage positive respect k-pop thumbs up congrats gif animated congratulations nice ok great',NULL),
 ('marseyfingerhearts',2,'cute love k-pop',NULL),
 ('marseyfingerwords',2,'cute long tldr didnt read',NULL),
+('marseyflagperu',2,'peru soccer south america latinx flag',1664491371),
 ('marseyflakes',2,'parsley seasoning salt pepper spice food seasoning',NULL),
 ('marseyflamethrower',2,'vietname soldier fire',NULL),
 ('marseyflamewar',2,'troll fight fire reaction gasoline',NULL),
@@ -1524,6 +1528,7 @@ INSERT INTO public.marseys (name, author_id, tags, created_utc) VALUES
 ('marseyfloyd',2,'dead blm chauvin fentanyl george',NULL),
 ('marseyfluffy',2,'poofy cute shaggy happy smile excited scruffy',NULL),
 ('marseyflushzoom',2,'flushed eyes bulging shocked surprised flustered waytoodank',NULL),
+('marseyflyingspaghettimonster',2,'spaghetti monster atheism flying religon science',1664491405),
 ('marseyfocault',2,'philosophy history',NULL),
 ('marseyfoidretard',2,'woman blonde stupid dumb idiot froyo frozenchosen',1663161600),
 ('marseyforevertiedup',2,'fetish bondage autism rope',NULL),
@@ -1565,6 +1570,7 @@ INSERT INTO public.marseys (name, author_id, tags, created_utc) VALUES
 ('marseygarfieldpipe',2,'marfield pipe smoking john yelling comic smoke',NULL),
 ('marseygasp',2,'wow woah what how why whoa reaction appalled',NULL),
 ('marseygeisha',2,'foid birthing person girl woman girl lady slut thot noodlewhore chink jap gook asian azn blow kiss blowing kiss blowkiss love heart stockings nylons fishnets',NULL),
+('marseygenetakovic',2,'bcs better call saul breaking bad disguise cinnabon gene',1664491944),
 ('marseyghost',2,'spooky halloween costume holiday scary sheet',NULL),
 ('marseygift',2,'present christmas wrapping paper holiday',NULL),
 ('marseygigachad',2,'reaction hunter eyes canthal tilt jawline',NULL),
@@ -1602,6 +1608,7 @@ INSERT INTO public.marseys (name, author_id, tags, created_utc) VALUES
 ('marseygrad',2,'graduate graduation school degree diploma hat tassel animated college university',NULL),
 ('marseygras',2,'mardi gras fat tuesday nola new orleans neworleans holiday louisiana mardigras carnival beads mask',NULL),
 ('marseygrass',2,'reaction outside touchgrass touch grass',NULL),
+('marseygregfloyd2',2,'greg floyd blm racism black biboc',1664491698),
 ('marseygrilling',2,'barbecue bbq centrist boomer barbeque',NULL),
 ('marseygrilling2',2,'bbq boomer barbecue barbeque',NULL),
 ('marseygrin',2,'seethe pain rage beard angry',NULL),
@@ -1640,6 +1647,7 @@ INSERT INTO public.marseys (name, author_id, tags, created_utc) VALUES
 ('marseyhehe',2,'hehe nothehe happy laughing angry questioning',NULL),
 ('marseyhellraiser',2,'pinhead halloween holiday evil monster',NULL),
 ('marseyhelp',2,'wtf nervous anxious anxiety worried concerned helpme help me uncomfortable awkward',NULL),
+('marseyhesklennyyouknow',2,'klenny corgi morgan freeman right you know correct point',1664490676),
 ('marseyhesright',2,'batman lucius fox nolan hes right you know reaction agree thumbs up based morgan freeman correct',NULL),
 ('marseyhibernian',2,'hibernian irish leprechaun blarney guinness shamrock clover luck merchant papist ira hat',NULL),
 ('marseyhijab',2,'hijab reading islam jihad muslim allah quran koran',NULL),
@@ -1705,6 +1713,7 @@ INSERT INTO public.marseys (name, author_id, tags, created_utc) VALUES
 ('marseyjesus2',2,'crucify crucifixion christianity easter persecuted religion saint martyr religious cross',NULL),
 ('marseyjetbombing',2,'obama bush animated usa animated american pilot bomber plane war usaf air force',NULL),
 ('marseyjetfighter',2,'pilot plane airforce air force usaf bomber dogfight war',NULL),
+('marseyjewishkkk',2,'jewish kkk israel racism hood blue',1664491568),
 ('marseyjewoftheorient',2,'china chinese greedy jew jewish merchant',NULL),
 ('marseyjewoftheorientglow',2,'animated glow rice china chinese chink commie mao xi',NULL),
 ('marseyjfk',2,'john fitzgerald kennedy jfk president american history sniper car death kill usa assassination',NULL),
@@ -1818,6 +1827,7 @@ INSERT INTO public.marseys (name, author_id, tags, created_utc) VALUES
 ('marseylovecraft2',2,'eldritch horror niggerman cat hp tentacle insane halloween',NULL),
 ('marseylovecraftian',2,'cosmic horror eldritch galaxy space hp spooky scary halloween animated',NULL),
 ('marseylovedrama',2,'hearts rdrama reaction happy animated',NULL),
+('marseylovegigaorgy',2,'cuddle hug love blush wholesome infinity orgy',1664491045),
 ('marseyloveyou',2,'hearts ilu reaction adoration loving ily love adore animated',NULL),
 ('marseylowpoly',2,'polygonal spinning 3d lopoly animated',NULL),
 ('marseyluckycat',2,'lucky fortune gambling gambler goombler goombling animated weeb azn asian slots japanese money cash coin rich',NULL),
@@ -2306,10 +2316,12 @@ INSERT INTO public.marseys (name, author_id, tags, created_utc) VALUES
 ('marseysmug',2,'reaction superior haha',NULL),
 ('marseysmug2',2,'snicker scoff mock reaction guffaw ridicule judgment',NULL),
 ('marseysmug3',2,'reaction yikes judgment oof cringe',NULL),
+('marseysmug4',2,'smug confident emoticon plain simple smile',1664490741),
 ('marseysmugautist',2,'autism retard brainlet drool hat',NULL),
 ('marseysmugretard',2,'srdine drooling brainlet idiot fool buffoon idiot',NULL),
 ('marseysnap',2,'mad angry furious anger animated snap',NULL),
 ('marseysnappyautism',2,'snapshillbot hat neurodivergent robot autistic marppy',NULL),
+('marseysnappyhug',2,'hug love robot snappy sentient wholesome',1664490893),
 ('marseysneed',2,'feed farmer reaction chuck simpsons buck',NULL),
 ('marseysneedboat',2,'animated ship flag capybara',NULL),
 ('marseysnek',2,'snake serpent',NULL),

From 19cde8ae99c23b32fad2264569b461de66587867 Mon Sep 17 00:00:00 2001
From: Aevann1 <randomname42029@gmail.com>
Date: Fri, 30 Sep 2022 01:00:03 +0000
Subject: [PATCH 3/5] sneed

---
 seed-db.sql | 1 +
 1 file changed, 1 insertion(+)

diff --git a/seed-db.sql b/seed-db.sql
index e7604ee4c..11cb229d7 100644
--- a/seed-db.sql
+++ b/seed-db.sql
@@ -1762,6 +1762,7 @@ INSERT INTO public.marseys (name, author_id, tags, created_utc) VALUES
 ('marseyklennyclap',2,'klenny klenvastergan animated corgi dog clap clapping',NULL),
 ('marseyklennywinner',2,'medal award dog klenvastergan corgi',NULL),
 ('marseykneel',2,'blm bow black lives matter chauvin supremacy respect supreme',NULL),
+('marseykoalalove',2,'eucalyptus',1664497197),
 ('marseykoolaid',2,'oh yeah juice cult ice pitcher drink',NULL),
 ('marseykrampus',2,'demon monster christmas',NULL),
 ('marseykrampus2',2,'demon monster christmas',NULL),

From 0617bb154cdadc4506c44ab0d83fe2c0c25a632a Mon Sep 17 00:00:00 2001
From: justcool393 <justcool393@gmail.com>
Date: Thu, 29 Sep 2022 22:44:32 -0700
Subject: [PATCH 4/5] use get_post to handle getting a post (#381)

why did we ever catch an exception throw it away, then catch an exception (something get_post already does) and then finally get the post
---
 files/routes/posts.py | 9 ---------
 1 file changed, 9 deletions(-)

diff --git a/files/routes/posts.py b/files/routes/posts.py
index b3606298a..3ab4cf17c 100644
--- a/files/routes/posts.py
+++ b/files/routes/posts.py
@@ -105,16 +105,7 @@ def submit_get(v, sub=None):
 @app.get("/logged_out/h/<sub>/post/<pid>/<anything>")
 @auth_desired_with_logingate
 def post_id(pid, anything=None, v=None, sub=None):
-
-	try: pid = int(pid)
-	except Exception as e: pass
-
-
-	try: pid = int(pid)
-	except: abort(404)
-
 	post = get_post(pid, v=v)
-
 	if not post.can_see(v): abort(403)
 
 	if post.over_18 and not (v and v.over_18) and session.get('over_18', 0) < int(time.time()):

From c1ca1a02ac0c89430a8f237958d5acfffcc20297 Mon Sep 17 00:00:00 2001
From: justcool393 <justcool393@gmail.com>
Date: Fri, 30 Sep 2022 05:13:06 -0700
Subject: [PATCH 5/5] only attempt to parse HTML content types for titles
 (#382)

* only attempt to parse HTML content types for titles

also don't try to get submission titles for .gifv, .tif, .tiff

* ratelimit to 3 per minute instead of 6 minutes

no one will ever need more than 3 requests to this endpoint per minute - justcool393

6 per minute is already kinda a lot for this endpoint, i think aggressively ratelimiting this one is fine, especially since it's a minute ratelimit
---
 files/routes/posts.py | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/files/routes/posts.py b/files/routes/posts.py
index 3ab4cf17c..29dee0f55 100644
--- a/files/routes/posts.py
+++ b/files/routes/posts.py
@@ -1197,14 +1197,14 @@ def pin_post(post_id, v):
 
 
 extensions = (
-	'.webp','.jpg','.png','.jpeg','.gif',
+	'.webp','.jpg','.png','.jpeg','.gif','.gifv','.tif', '.tiff',
 	'.mp4','.webm','.mov',
 	'.mp3','.wav','.ogg','.aac','.m4a','.flac'
 )
 
 @app.get("/submit/title")
-@limiter.limit("6/minute")
-@limiter.limit("6/minute", key_func=lambda:f'{SITE}-{session.get("lo_user")}')
+@limiter.limit("3/minute")
+@limiter.limit("3/minute", key_func=lambda:f'{SITE}-{session.get("lo_user")}')
 @auth_required
 def get_post_title(v):
 
@@ -1217,6 +1217,9 @@ def get_post_title(v):
 
 	try: x = requests.get(url, headers=titleheaders, timeout=5, proxies=proxies)
 	except: abort(400)
+		
+	content_type = x.headers.get("Content-Type")
+	if not content_type or "text/html" not in content_type: abort(400)
 
 	soup = BeautifulSoup(x.content, 'lxml')