Merge branch 'frost' of https://github.com/Aevann1/rDrama into frost

master
Aevann1 2022-09-13 11:00:56 +00:00
commit 429cf81c71
4 changed files with 17 additions and 16 deletions

View File

@ -240,7 +240,6 @@ function post_comment(fullname, hide){
if (data && data["comment"]) { if (data && data["comment"]) {
if (hide) document.getElementById(hide).classList.add('d-none'); if (hide) document.getElementById(hide).classList.add('d-none');
let id = fullname.split('_')[1];
let name = 'comment-form-space-' + fullname; let name = 'comment-form-space-' + fullname;
commentForm = document.getElementById(name); commentForm = document.getElementById(name);

View File

@ -49,22 +49,25 @@ def submit_marseys(v):
@auth_required @auth_required
def submit_marsey(v): def submit_marsey(v):
file = request.files["image"]
name = request.values.get('name').lower().strip()
tags = request.values.get('tags').lower().strip()
username = request.values.get('author').lower().strip()
def error(error): def error(error):
if v.admin_level > 2: marseys = g.db.query(Marsey).filter(Marsey.submitter_id != None).all() if v.admin_level > 2: marseys = g.db.query(Marsey).filter(Marsey.submitter_id != None).all()
else: marseys = g.db.query(Marsey).filter(Marsey.submitter_id == v.id).all() else: marseys = g.db.query(Marsey).filter(Marsey.submitter_id == v.id).all()
for marsey in marseys: for marsey in marseys:
marsey.author = g.db.query(User.username).filter_by(id=marsey.author_id).one()[0] marsey.author = g.db.query(User.username).filter_by(id=marsey.author_id).one()[0]
marsey.submitter = g.db.query(User.username).filter_by(id=marsey.submitter_id).one()[0] marsey.submitter = g.db.query(User.username).filter_by(id=marsey.submitter_id).one()[0]
return render_template("submit_marseys.html", v=v, marseys=marseys, error=error), 400 return render_template("submit_marseys.html", v=v, marseys=marseys, error=error, name=name, tags=tags, username=username, file=file), 400
if request.headers.get("cf-ipcountry") == "T1": if request.headers.get("cf-ipcountry") == "T1":
return error("Image uploads are not allowed through TOR.") return error("Image uploads are not allowed through TOR.")
file = request.files["image"]
if not file or not file.content_type.startswith('image/'): if not file or not file.content_type.startswith('image/'):
return error("You need to submit an image!") return error("You need to submit an image!")
name = request.values.get('name').lower().strip()
if not marsey_regex.fullmatch(name): if not marsey_regex.fullmatch(name):
return error("Invalid name!") return error("Invalid name!")
@ -72,11 +75,9 @@ def submit_marsey(v):
if existing: if existing:
return error("A marsey with this name already exists!") return error("A marsey with this name already exists!")
tags = request.values.get('tags').lower().strip()
if not tags_regex.fullmatch(tags): if not tags_regex.fullmatch(tags):
return error("Invalid tags!") return error("Invalid tags!")
username = request.values.get('author').strip()
author = get_user(username, graceful=True) author = get_user(username, graceful=True)
if not author: if not author:
return error(f"A user with the name '{username}' was not found!") return error(f"A user with the name '{username}' was not found!")
@ -199,10 +200,14 @@ def submit_hats(v):
@auth_required @auth_required
def submit_hat(v): def submit_hat(v):
name = request.values.get('name').strip()
description = request.values.get('description').strip()
username = request.values.get('author').strip()
def error(error): def error(error):
if v.admin_level > 2: hats = g.db.query(HatDef).filter(HatDef.submitter_id != None).all() if v.admin_level > 2: hats = g.db.query(HatDef).filter(HatDef.submitter_id != None).all()
else: hats = g.db.query(HatDef).filter(HatDef.submitter_id == v.id).all() else: hats = g.db.query(HatDef).filter(HatDef.submitter_id == v.id).all()
return render_template("submit_hats.html", v=v, hats=hats, error=error), 400 return render_template("submit_hats.html", v=v, hats=hats, error=error, name=name, description=description, username=username), 400
if request.headers.get("cf-ipcountry") == "T1": if request.headers.get("cf-ipcountry") == "T1":
return error("Image uploads are not allowed through TOR.") return error("Image uploads are not allowed through TOR.")
@ -211,7 +216,6 @@ def submit_hat(v):
if not file or not file.content_type.startswith('image/'): if not file or not file.content_type.startswith('image/'):
return error("You need to submit an image!") return error("You need to submit an image!")
name = request.values.get('name').strip()
if not hat_regex.fullmatch(name): if not hat_regex.fullmatch(name):
return error("Invalid name!") return error("Invalid name!")
@ -219,11 +223,9 @@ def submit_hat(v):
if existing: if existing:
return error("A hat with this name already exists!") return error("A hat with this name already exists!")
description = request.values.get('description').strip()
if not description_regex.fullmatch(description): if not description_regex.fullmatch(description):
return error("Invalid description!") return error("Invalid description!")
username = request.values.get('author').strip()
author = get_user(username, graceful=True) author = get_user(username, graceful=True)
if not author: if not author:
return error(f"A user with the name '{username}' was not found!") return error(f"A user with the name '{username}' was not found!")

View File

@ -53,13 +53,13 @@
</div> </div>
<label class="mt-3" for="name">Name</label> <label class="mt-3" for="name">Name</label>
<input autocomplete="off" type="text" id="name" class="form-control" name="name" maxlength="50" pattern='[a-zA-Z0-9\-() ,_]{1,50}' placeholder="Required" required> <input autocomplete="off" type="text" id="name" class="form-control" name="name" maxlength="50" pattern='[a-zA-Z0-9\-() ,_]{1,50}' placeholder="Required" value="{{name}}" required>
<label class="mt-3" for="author">Author</label> <label class="mt-3" for="author">Author</label>
<input autocomplete="off" type="text" id="author" class="form-control" name="author" maxlength="30" pattern='[a-zA-Z0-9_\-]{3,30}' placeholder="Required" required> <input autocomplete="off" type="text" id="author" class="form-control" name="author" maxlength="30" pattern='[a-zA-Z0-9_\-]{3,30}' placeholder="Required" value="{{username}}" required>
<label class="mt-3" for="description">Description</label> <label class="mt-3" for="description">Description</label>
<input autocomplete="off" type="text" id="description" class="form-control" name="description" maxlength="300" pattern='[^<>&\n\t]{1,300}' placeholder="Required" required> <input autocomplete="off" type="text" id="description" class="form-control" name="description" maxlength="300" pattern='[^<>&\n\t]{1,300}' placeholder="Required" value="{{description}}" required>
<div class="footer mt-5"> <div class="footer mt-5">
<div class="d-flex"> <div class="d-flex">

View File

@ -55,13 +55,13 @@
</div> </div>
<label class="mt-3" for="name">Name</label> <label class="mt-3" for="name">Name</label>
<input autocomplete="off" type="text" id="name" class="form-control" name="name" maxlength="30" pattern='[Mm][Aa][Rr][Ss][Ee][Yy][a-zA-Z0-9]{1,24}' placeholder="Required" required> <input autocomplete="off" type="text" id="name" class="form-control" name="name" maxlength="30" pattern='[Mm][Aa][Rr][Ss][Ee][Yy][a-zA-Z0-9]{1,24}' placeholder="Required" value="{{name}}" required>
<label class="mt-3" for="author">Author</label> <label class="mt-3" for="author">Author</label>
<input autocomplete="off" type="text" id="author" class="form-control" name="author" maxlength="30" pattern='[a-zA-Z0-9_\-]{3,30}' placeholder="Required" required> <input autocomplete="off" type="text" id="author" class="form-control" name="author" maxlength="30" pattern='[a-zA-Z0-9_\-]{3,30}' placeholder="Required" value="{{username}}" required>
<label class="mt-3" for="tags">Tags (must be separated by spaces)</label> <label class="mt-3" for="tags">Tags (must be separated by spaces)</label>
<input autocomplete="off" type="text" id="tags" class="form-control" name="tags" maxlength="200" pattern='[a-zA-Z0-9: ]{1,200}' placeholder="Required" required> <input autocomplete="off" type="text" id="tags" class="form-control" name="tags" maxlength="200" pattern='[a-zA-Z0-9: ]{1,200}' placeholder="Required" value="{{tags}}" required>
<div class="footer mt-5"> <div class="footer mt-5">
<div class="d-flex"> <div class="d-flex">