do length checks in badge_grant

master
Aevann 2023-01-01 02:38:41 +02:00
parent 6933adb185
commit 9f73e7bb34
1 changed files with 6 additions and 0 deletions

View File

@ -8,6 +8,12 @@ def badge_grant(user, badge_id, description=None, url=None, notify=True):
if user.has_badge(badge_id): if user.has_badge(badge_id):
return return
if len(description) > 256:
abort(400, "Custom description is too long, max 256 characters!")
if len(url) > 256:
abort(400, "URL is too long, max 256 characters!")
badge = Badge( badge = Badge(
badge_id=int(badge_id), badge_id=int(badge_id),
user_id=user.id, user_id=user.id,