From 07be18cd1b540c42981b2aa4b0b86a7b23d25b81 Mon Sep 17 00:00:00 2001 From: Aevann1 Date: Thu, 28 Jul 2022 16:23:38 +0200 Subject: [PATCH] fix 500 errors --- files/routes/admin.py | 6 ++++-- files/routes/login.py | 7 +++++-- 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/files/routes/admin.py b/files/routes/admin.py index 66508b789..554fe4b4e 100644 --- a/files/routes/admin.py +++ b/files/routes/admin.py @@ -1042,12 +1042,14 @@ def ban_user(user_id, v): if 'reason' in request.values: if request.values["reason"].startswith("/post/"): - post = int(request.values["reason"].split("/post/")[1].split(None, 1)[0]) + try: post = int(request.values["reason"].split("/post/")[1].split(None, 1)[0]) + except: abort(400) post = get_post(post) post.bannedfor = f'{duration} by @{v.username}' g.db.add(post) elif request.values["reason"].startswith("/comment/"): - comment = int(request.values["reason"].split("/comment/")[1].split(None, 1)[0]) + try: comment = int(request.values["reason"].split("/comment/")[1].split(None, 1)[0]) + except: abort(400) comment = get_comment(comment) comment.bannedfor = f'{duration} by @{v.username}' g.db.add(comment) diff --git a/files/routes/login.py b/files/routes/login.py index b90f22337..3dd65a435 100644 --- a/files/routes/login.py +++ b/files/routes/login.py @@ -121,8 +121,11 @@ def login_post(): elif request.values.get("2fa_token", "x"): now = int(time.time()) - if now - int(request.values.get("time")) > 600: - return redirect('/login') + try: + if now - int(request.values.get("time")) > 600: + return redirect('/login') + except: + abort(400) formhash = request.values.get("hash") if not validate_hash(f"{account.id}+{request.values.get('time')}+2fachallenge", formhash):