farting

files/helpers/const.py

@@ -669,4 +669,6 @@ marseys_const = [x[0] for x in db.query(Marsey.name).all()] + ['a','b','c','d','
 db.close()
 
 if SITE == 'PCM': valid_username_regex = re.compile("^[a-zA-Z0-9_\-А-я]{3,25}$")
-else: valid_username_regex = re.compile("^[a-zA-Z0-9_\-]{3,25}$")
+else: valid_username_regex = re.compile("^[a-zA-Z0-9_\-]{3,25}$")
+
+valid_password_regex = re.compile("^.{8,100}$", flags=re.A)

files/helpers/sanitize.py

@@ -11,6 +11,9 @@ from random import random, choice
 import signal
 import time
 
+if SITE == 'PCM': mention_regex = re.compile('(^|\s|\n|<p>)@(([a-zA-Z0-9_\-А-я]){3,25})', flags=re.A)
+else: mention_regex = re.compile('(^|\s|\n|<p>)@(([a-zA-Z0-9_\-]){1,25})', flags=re.A)
+
 allowed_tags = tags = ['b',
 						'blockquote',
 						'br',
@@ -125,7 +128,7 @@ def sanitize(sanitized, noimages=False, alert=False, comment=False, edit=False):
 
 		sanitized = re.sub('(^|\s|\n|<p>)\/?(s\/(\w|-){3,25})', r'\1<a href="/\2" rel="nofollow noopener noreferrer">/\2</a>', sanitized, flags=re.A)
 
-		for i in re.finditer(valid_username_regex, sanitized):
+		for i in mention_regex.finditer(sanitized):
 			u = get_user(i.group(2), graceful=True)
 
 			if u and (not g.v.any_block_exists(u) or g.v.admin_level > 1):

files/routes/login.py

@@ -4,8 +4,6 @@ from files.__main__ import app, limiter
 from files.helpers.const import *
 import requests
 
-valid_password_regex = re.compile("^.{8,100}$", flags=re.A)
-
 @app.get("/login")
 @auth_desired
 def login_get(v):
@@ -270,10 +268,10 @@ def sign_up_post(v):
 			"password") == request.values.get("password_confirm"):
 		return new_signup("Passwords did not match. Please try again.")
 
-	if not re.fullmatch(valid_username_regex, username, flags=re.A):
+	if not valid_username_regex.fullmatch(username, flags=re.A):
 		return new_signup("Invalid username")
 
-	if not re.fullmatch(valid_password_regex, request.values.get("password"), flags=re.A):
+	if not valid_password_regex.fullmatch(request.values.get("password"), flags=re.A):
 		return new_signup("Password must be between 8 and 100 characters.")
 
 	email = request.values.get("email").strip().lower()

files/routes/settings.py

@@ -14,8 +14,6 @@ from files.helpers.discord import add_role
 from shutil import copyfile
 import requests
 
-valid_password_regex = re.compile("^.{8,100}$", flags=re.A)
-
 YOUTUBE_KEY = environ.get("YOUTUBE_KEY", "").strip()
 GUMROAD_TOKEN = environ.get("GUMROAD_TOKEN", "").strip()
 IMGUR_KEY = environ.get("IMGUR_KEY").strip()
@@ -534,7 +532,7 @@ def settings_security_post(v):
 		if request.values.get("new_password") != request.values.get("cnf_password"):
 			return render_template("settings_security.html", v=v, error="Passwords do not match.")
 
-		if not re.fullmatch(valid_password_regex, request.values.get("new_password"), flags=re.A):
+		if not valid_password_regex.fullmatch(request.values.get("new_password"), flags=re.A):
 			return render_template("settings_security.html", v=v, error="Password must be between 8 and 100 characters.")
 
 		if not v.verifyPass(request.values.get("old_password")):
@@ -861,7 +859,7 @@ def settings_name_change(v):
 						   v=v,
 						   error="You didn't change anything")
 
-	if not re.fullmatch(valid_username_regex, new_name, flags=re.A):
+	if not valid_username_regex.fullmatch(new_name, flags=re.A):
 		return render_template("settings_profile.html",
 						   v=v,
 						   error="This isn't a valid username.")

files/routes/subs.py

@@ -273,7 +273,7 @@ def create_sub2(v):
 	if not name: abort(400)
 	name = name.strip().lower()
 
-	if not re.fullmatch(valid_sub_regex, name, flags=re.A):
+	if not valid_sub_regex.fullmatch(name, flags=re.A):
 		return render_template("sub/create_sub.html", v=v, error="Sub name not allowed."), 400
 
 	sub = g.db.query(Sub).filter_by(name=name).one_or_none()