diff --git a/files/routes/comments.py b/files/routes/comments.py index e9849bd81..03ad06931 100644 --- a/files/routes/comments.py +++ b/files/routes/comments.py @@ -139,8 +139,8 @@ def post_pid_comment_cid(cid, pid=None, anything=None, v=None): @validate_formkey def api_comment(v): if v and v.patron: - if request.content_length > 8 * 1024 * 1024: return "Max file size is 8 MB.", 413 - elif request.content_length > 4 * 1024 * 1024: return "Max file size is 4 MB.", 413 + if request.content_length > 8 * 1024 * 1024: return {"error":"Max file size is 8 MB."}, 413 + elif request.content_length > 4 * 1024 * 1024: return {"error":"Max file size is 4 MB."}, 413 parent_submission = request.values.get("submission").strip() parent_fullname = request.values.get("parent_fullname").strip() @@ -579,8 +579,8 @@ def api_comment(v): @validate_formkey def edit_comment(cid, v): if v and v.patron: - if request.content_length > 8 * 1024 * 1024: return "Max file size is 8 MB.", 413 - elif request.content_length > 4 * 1024 * 1024: return "Max file size is 4 MB.", 413 + if request.content_length > 8 * 1024 * 1024: return {"error":"Max file size is 8 MB."}, 413 + elif request.content_length > 4 * 1024 * 1024: return {"error":"Max file size is 4 MB."}, 413 c = get_comment(cid, v=v) diff --git a/files/routes/discord.py b/files/routes/discord.py index bc382fc06..daa019baa 100644 --- a/files/routes/discord.py +++ b/files/routes/discord.py @@ -17,7 +17,7 @@ SITE_NAME = environ.get("SITE_NAME", "").strip() @auth_required def join_discord(v): - if v.is_suspended != 0 and v.admin_level == 0: return "Banned users cannot join the discord server!" + if v.is_suspended != 0 and v.admin_level == 0: return {"error": "Banned users cannot join the discord server!"} if SITE_NAME == 'Drama' and v.admin_level == 0 and v.patron == 0 and v.truecoins < 150: return f"You must receive 150 upvotes/downvotes from other users before being able to join the Discord server." diff --git a/files/routes/login.py b/files/routes/login.py index e54a6c083..18c576bc8 100644 --- a/files/routes/login.py +++ b/files/routes/login.py @@ -171,7 +171,7 @@ def logout(v): @auth_desired def sign_up_get(v): with open('disablesignups', 'r') as f: - if f.read() == "yes": return "New account registration is currently closed. Please come back later.", 403 + if f.read() == "yes": return {"error","New account registration is currently closed. Please come back later."}, 403 if v: return redirect("/") @@ -220,7 +220,7 @@ def sign_up_get(v): @auth_desired def sign_up_post(v): with open('disablesignups', 'r') as f: - if f.read() == "yes": return "New account registration is currently closed. Please come back later.", 403 + if f.read() == "yes": return {"error","New account registration is currently closed. Please come back later."}, 403 if v: abort(403) diff --git a/files/routes/posts.py b/files/routes/posts.py index 49460f56b..573738ce4 100644 --- a/files/routes/posts.py +++ b/files/routes/posts.py @@ -388,8 +388,8 @@ def morecomments(v, cid): @validate_formkey def edit_post(pid, v): if v and v.patron: - if request.content_length > 8 * 1024 * 1024: return "Max file size is 8 MB.", 413 - elif request.content_length > 4 * 1024 * 1024: return "Max file size is 4 MB.", 413 + if request.content_length > 8 * 1024 * 1024: return {"error":"Max file size is 8 MB."}, 413 + elif request.content_length > 4 * 1024 * 1024: return {"error":"Max file size is 4 MB."}, 413 p = get_post(pid) @@ -705,8 +705,11 @@ def thumbnail_thread(pid): @validate_formkey def submit_post(v): if v and v.patron: - if request.content_length > 8 * 1024 * 1024: return "Max file size is 8 MB.", 413 - elif request.content_length > 4 * 1024 * 1024: return "Max file size is 4 MB.", 413 + if request.content_length > 8 * 1024 * 1024: return {"error": "Max file size is 8 MB."}, 413 + elif request.content_length > 4 * 1024 * 1024: return {"error": "Max file size is 4 MB."}, 413 + + if not v or v.oldsite: template = '' + else: template = 'CHRISTMAS/' title = request.values.get("title", "").strip()[:500] @@ -923,8 +926,7 @@ def submit_post(v): if file.content_type.startswith('image/'): name = f'/images/{time.time()}'.replace('.','')[:-5] + '.webp' file.save(name) - url = process_image(name) - body += f"\n\n![]({url})" + body += f"\n\n![]({process_image(name)})" elif file.content_type.startswith('video/'): file.save("video.mp4") with open("video.mp4", 'rb') as f: @@ -1012,12 +1014,6 @@ def submit_post(v): file = request.files['file'] - if not file.content_type.startswith(('image/', 'video/')): - if request.headers.get("Authorization"): return {"error": f"File type not allowed"}, 400 - if not v or v.oldsite: template = '' - else: template = 'CHRISTMAS/' - return render_template(f"{template}submit.html", v=v, error=f"File type not allowed.", title=title, body=request.values.get("body", "")), 400 - if file.content_type.startswith('image/'): name = f'/images/{time.time()}'.replace('.','')[:-5] + '.webp' file.save(name) @@ -1025,13 +1021,15 @@ def submit_post(v): name2 = name.replace('.webp', 'r.webp') copyfile(name, name2) - new_post.thumburl = process_image(name2, True) - + new_post.thumburl = process_image(name2, True) elif file.content_type.startswith('video/'): file.save("video.mp4") with open("video.mp4", 'rb') as f: url = requests.request("POST", "https://api.imgur.com/3/upload", headers={'Authorization': f'Client-ID {IMGUR_KEY}'}, files=[('video', f)]).json()['data']['link'] new_post.url = url + else: + if request.headers.get("Authorization"): return {"error": f"File type not allowed"}, 400 + return render_template(f"{template}submit.html", v=v, error=f"File type not allowed.", title=title, body=request.values.get("body", "")), 400 if not new_post.thumburl and new_post.url and request.headers.get('cf-ipcountry')!="T1": gevent.spawn( thumbnail_thread, new_post.id) diff --git a/files/routes/settings.py b/files/routes/settings.py index bbed85d0a..3af04b71f 100644 --- a/files/routes/settings.py +++ b/files/routes/settings.py @@ -49,8 +49,8 @@ def removebackground(v): @validate_formkey def settings_profile_post(v): if v and v.patron: - if request.content_length > 8 * 1024 * 1024: return "Max file size is 8 MB.", 413 - elif request.content_length > 4 * 1024 * 1024: return "Max file size is 4 MB.", 413 + if request.content_length > 8 * 1024 * 1024: return {"error":"Max file size is 8 MB."}, 413 + elif request.content_length > 4 * 1024 * 1024: return {"error":"Max file size is 4 MB."}, 413 updated = False @@ -703,10 +703,10 @@ def settings_log_out_others(v): @validate_formkey def settings_images_profile(v): if v and v.patron: - if request.content_length > 8 * 1024 * 1024: return "Max file size is 8 MB.", 413 - elif request.content_length > 4 * 1024 * 1024: return "Max file size is 4 MB.", 413 + if request.content_length > 8 * 1024 * 1024: return {"error":"Max file size is 8 MB."}, 413 + elif request.content_length > 4 * 1024 * 1024: return {"error":"Max file size is 4 MB."}, 413 - if request.headers.get("cf-ipcountry") == "T1": return "Image uploads are not allowed through TOR.", 403 + if request.headers.get("cf-ipcountry") == "T1": return {"error":"Image uploads are not allowed through TOR."}, 403 file = request.files["profile"] @@ -741,10 +741,10 @@ def settings_images_profile(v): @validate_formkey def settings_images_banner(v): if v and v.patron: - if request.content_length > 8 * 1024 * 1024: return "Max file size is 8 MB.", 413 - elif request.content_length > 4 * 1024 * 1024: return "Max file size is 4 MB.", 413 + if request.content_length > 8 * 1024 * 1024: return {"error":"Max file size is 8 MB."}, 413 + elif request.content_length > 4 * 1024 * 1024: return {"error":"Max file size is 4 MB."}, 413 - if request.headers.get("cf-ipcountry") == "T1": return "Image uploads are not allowed through TOR.", 403 + if request.headers.get("cf-ipcountry") == "T1": return {"error":"Image uploads are not allowed through TOR."}, 403 file = request.files["banner"] diff --git a/files/routes/users.py b/files/routes/users.py index 2709517a1..381f1e3e1 100644 --- a/files/routes/users.py +++ b/files/routes/users.py @@ -107,7 +107,7 @@ def downvoting(v, username): @auth_required @validate_formkey def pay_rent(v): - if v.coins < 500: return "You must have more than 500 coins." + if v.coins < 500: return {"error","You must have more than 500 coins."} v.coins -= 500 v.rent_utc = int(time.time()) g.db.add(v) @@ -125,9 +125,9 @@ def pay_rent(v): @validate_formkey def steal(v): if int(time.time()) - v.created_utc < 604800: - return "You must have an account older than 1 week in order to attempt stealing." + return {"error":"You must have an account older than 1 week in order to attempt stealing."} if v.coins < 5000: - return "You must have more than 5000 coins in order to attempt stealing." + return {"error":"You must have more than 5000 coins in order to attempt stealing."} u = get_account(253) if random.randint(1, 10) < 5: v.coins += 700 @@ -973,4 +973,4 @@ def fp(v, fp): print('\n\n' + v.username + ' + ' + u.username + '\n\n') g.db.add(v) g.db.commit() - return '' \ No newline at end of file + return '', 204 \ No newline at end of file diff --git a/files/templates/authforms.html b/files/templates/authforms.html index 0824e53ba..3f3c37b37 100644 --- a/files/templates/authforms.html +++ b/files/templates/authforms.html @@ -15,7 +15,7 @@ {% if v %} - + {% if v.agendaposter %} - + {% endif %} diff --git a/files/templates/default.html b/files/templates/default.html index d2c879e2e..f3aac9034 100644 --- a/files/templates/default.html +++ b/files/templates/default.html @@ -7,7 +7,7 @@ {% if v %} - + {% if v.agendaposter %} - + {% endif %} diff --git a/files/templates/log.html b/files/templates/log.html index 04504ef6e..24b139715 100644 --- a/files/templates/log.html +++ b/files/templates/log.html @@ -6,7 +6,7 @@ {% block content %} {% if v %} - + {% if v.agendaposter %} - + {% endif %}