fd

2021-09-16 19:15:07 +02:00 · 2021-09-16 19:15:07 +02:00 · 9fe06dc7fc
parent 88ca2d6206
commit 9fe06dc7fc
10 changed files with 29 additions and 15 deletions
--- a/files/routes/awards.py
+++ b/files/routes/awards.py
@ -196,7 +196,7 @@ def get_awards(v):
 	return jsonify(return_value)


-@app.put("/post/<pid>/awards")
+@app.post("/post/<pid>/awards")
@auth_required
@validate_formkey
 def award_post(pid, v):
@ -258,10 +258,11 @@ def award_post(pid, v):
 	post.author.received_award_count += 1
 	g.db.add(post.author)

+	g.db.commit()
 	return {"message": "Award given!"}


-@app.put("/comment/<cid>/awards")
+@app.post("/comment/<cid>/awards")
@auth_required
@validate_formkey
 def award_comment(cid, v):
@ -322,6 +323,7 @@ def award_comment(cid, v):
 	c.author.received_award_count += 1
 	g.db.add(c.author)

+	g.db.commit()
 	return {"message": "Award given!"}

@app.get("/admin/user_award")
--- a/files/routes/discord.py
+++ b/files/routes/discord.py
@ -149,4 +149,6 @@ def discord_redirect(v):

 		requests.patch(url, headers=headers, json=data)

+	g.db.commit()
+
 	return redirect(f"https://discord.com/channels/{SERVER_ID}/{WELCOME_CHANNEL}")
--- a/files/routes/front.py
+++ b/files/routes/front.py
@ -92,6 +92,9 @@ def notifications(v):
 				if c not in listing:
 					listing.append(c)

+
+	g.db.commit()
+
 	return render_template("notifications.html",
 						   v=v,
 						   notifications=listing,
--- a/files/routes/login.py
+++ b/files/routes/login.py
@ -154,6 +154,9 @@ def login_post():
 	# check for previous page

 	redir = request.form.get("redirect", "/").replace("/logged_out", "")
+
+	g.db.commit()
+
 	return redirect(redir)


@ -506,6 +509,8 @@ def post_reset(v):
 	user.passhash = hash_password(password)
 	g.db.add(user)

+	g.db.commit()
+
 	return render_template("message_success.html",
 						   title="Password reset successful!",
 						   message="Login normally to access your account.")
@ -590,6 +595,8 @@ def reset_2fa():

 	g.db.add(user)

+	g.db.commit()
+
 	return render_template("message_success.html",
 						   title="Two-factor authentication removed.",
 						   message="Login normally to access your account.")
--- a/files/routes/oauth.py
+++ b/files/routes/oauth.py
@ -114,10 +114,10 @@ def admin_app_approve(v, aid):

 	g.db.add(new_auth)

-	g.db.commit()
-
 	send_notification(NOTIFICATIONS_ACCOUNT, user, f"Your application `{app.app_name}` has been approved. Here's your access token: `{access_token}`\nPlease check the guide [here](/api) if you don't know what to do next.")

+	g.db.commit()
+
 	return {"message": f"{app.app_name} approved"}


--- a/files/routes/posts.py
+++ b/files/routes/posts.py
@ -1182,8 +1182,6 @@ def toggle_post_nsfw(pid, v):
 			)
 		g.db.add(ma)

-	g.db.flush()
-
 	g.db.commit()

 	if post.over_18: return {"message": "Post has been marked as +18!"}
@ -1200,9 +1198,6 @@ def save_post(pid, v):

 	g.db.add(new_save)

-	try: g.db.flush()
-	except: g.db.rollback()
-
 	g.db.commit()

 	return {"message": "Post saved!"}
--- a/files/routes/reporting.py
+++ b/files/routes/reporting.py
@ -31,7 +31,7 @@ def api_flag_post(pid, v):

 		g.db.add(flag)

-	g.db.commit()
+		g.db.commit()

 	return {"message": "Post reported!"}

@ -61,7 +61,7 @@ def api_flag_comment(cid, v):

 		g.db.add(flag)

-	g.db.commit()
+		g.db.commit()

 	return {"message": "Comment reported!"}

--- a/files/routes/settings.py
+++ b/files/routes/settings.py
@ -402,6 +402,8 @@ def settings_security_post(v):

 		g.db.add(v)

+		g.db.commit()
+
 		return redirect("/settings/security?msg=" +
 						escape("Your password has been changed."))

@ -456,6 +458,8 @@ def settings_security_post(v):
 		v.mfa_secret = secret
 		g.db.add(v)

+		g.db.commit()
+
 		return redirect("/settings/security?msg=" +
 						escape("Two-factor authentication enabled."))

@ -561,6 +565,7 @@ def settings_delete_profile(v):
 	v.highres = None
 	v.profileurl = None
 	g.db.add(v)
+	g.db.commit()
 	return render_template("settings_profile.html", v=v,
 						   msg="Profile picture successfully removed.")

@ -582,8 +587,6 @@ def settings_delete_banner(v):
 def settings_blockedpage(v):


-	#users=[x.target for x in v.blocked]
-
 	return render_template("settings_blocks.html",
 						   v=v)

--- a/files/routes/users.py
+++ b/files/routes/users.py
@ -53,6 +53,7 @@ def steal(v):
 		g.db.add(u)
 		send_notification(NOTIFICATIONS_ACCOUNT, u, f"Some [grubby little rentoid](/@{v.username}) has absconded with 700 of your hard-earned dramacoins to fuel his Funko Pop addiction. Stop being so trusting.")
 		send_notification(NOTIFICATIONS_ACCOUNT, v, f"You have successfully shorted your heroic landlord 700 dramacoins in rent. You're slightly less materially poor, but somehow even moreso morally. Are you proud of yourself?")
+		g.db.commit()
 		return {"message": "Attempt successful!"}

 	else:
@ -135,7 +136,7 @@ def transfer_coins(v, username):
 		send_notification(v.id, receiver, transfer_message)
 		return {"message": f"{amount} {app.config['COINS_NAME']} transferred!"}, 200

-	g.db.commit()
+		g.db.commit()

 	return {"message": f"{app.config['COINS_NAME']} transferred!"}

@ -397,6 +398,7 @@ def u_username(username, v=None):
 									  viewer_id = v.id)

 		g.db.add(view)
+		g.db.commit()

 		
 	if u.is_private and (not v or (v.id != u.id and v.admin_level < 3)):
--- a/files/templates/award_modal.html
+++ b/files/templates/award_modal.html
@ -126,7 +126,7 @@
 				f.append("note", this.note)

 				let response = await fetch(target, {
-					method: "PUT",
+					method: "POST",
 					body: f
 				});