carpathianflorist
/
MarseyWorld
forked from MarseyWorld/MarseyWorld
1
0
Fork 0
Code Pull Requests Activity

css fix

master
justcool393 2022-11-07 21:40:11 -06:00
parent 3f4a568d32
commit 2c043d20e7
1 changed files with 2 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
files/routes/settings.py
View File

@ -540,10 +540,9 @@ def settings_css_get(v):
@auth_required @auth_required
def settings_css(v): def settings_css(v):
if v.agendaposter: abort(400, "Agendapostered users can't edit CSS!") if v.agendaposter: abort(400, "Agendapostered users can't edit CSS!")
css = request.values.get("css").strip().replace('\\', '').strip()[:4000] css = request.values.get("css", v.css).strip().replace('\\', '').strip()[:4000]
if '</style' in css.lower(): if '</style' in css.lower():
abort(400, "Please message @Aevann if you get this error") abort(400, "Please message @Aevann if you get this error")
v.css = css v.css = css
g.db.add(v) g.db.add(v)
@ -554,11 +553,10 @@ def settings_css(v):
@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{SITE}-{session.get("lo_user")}') @limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{SITE}-{session.get("lo_user")}')
@auth_required @auth_required
def settings_profilecss(v): def settings_profilecss(v):
profilecss = request.values.get("profilecss").strip().replace('\\', '').strip()[:4000] profilecss = request.values.get("profilecss", v.profilecss).strip().replace('\\', '').strip()[:4000]
valid, error = validate_css(profilecss) valid, error = validate_css(profilecss)
if not valid: if not valid:
return render_template("settings_css.html", error=error, v=v) return render_template("settings_css.html", error=error, v=v)
v.profilecss = profilecss v.profilecss = profilecss
g.db.add(v) g.db.add(v)
return redirect('/settings/css') return redirect('/settings/css')