master
Aevann1 2021-08-15 05:17:45 +02:00
parent 5bcb542617
commit f6d7c9e29c
4 changed files with 31 additions and 22 deletions

View File

@ -107,7 +107,7 @@ _clean_w_links = bleach.Cleaner(tags=_allowed_tags,
)
def sanitize(text, linkgen=False, flair=False):
def sanitize(text, linkgen=False):
text = text.replace("\ufeff", "").replace("m.youtube.com", "youtube.com")
@ -181,11 +181,9 @@ def sanitize(text, linkgen=False, flair=False):
if path.isfile(f'./files/assets/images/emojis/{i.group(1)}.gif'):
sanitized = sanitized.replace(f'<p>:{i.group(1)}:</p>', f'<p><img data-toggle="tooltip" title="{i.group(1)}" delay="0" height=60 src="https://{site}/assets/images/emojis/{i.group(1)}.gif"</p>')
if flair: emojisize = 20
else: emojisize = 30
for i in re.finditer(':(.{1,30}?):', sanitized):
if path.isfile(f'./files/assets/images/emojis/{i.group(1)}.gif'):
sanitized = sanitized.replace(f':{i.group(1)}:', f'<img data-toggle="tooltip" title="{i.group(1)}" delay="0" height={emojisize} src="https://{site}/assets/images/emojis/{i.group(1)}.gif"<span>')
sanitized = sanitized.replace(f':{i.group(1)}:', f'<img data-toggle="tooltip" title="{i.group(1)}" delay="0" height=30 src="https://{site}/assets/images/emojis/{i.group(1)}.gif"<span>')
sanitized = sanitized.replace("https://www.", "https://").replace("https://youtu.be/", "https://youtube.com/embed/").replace("https://music.youtube.com/watch?v=", "https://youtube.com/embed/").replace("/watch?v=", "/embed/").replace("https://open.spotify.com/", "https://open.spotify.com/embed/").replace("https://streamable.com/", "https://streamable.com/e/").replace("https://youtube.com/shorts/", "https://youtube.com/embed/")

View File

@ -3,6 +3,7 @@ from files.helpers.get import *
from flask import g
from files.__main__ import app
from files.helpers.sanitize import sanitize
from os import path
@app.post("/flag/post/<pid>")
@auth_desired
@ -14,7 +15,12 @@ def api_flag_post(pid, v):
existing = g.db.query(Flag).filter_by(user_id=v.id, post_id=post.id).first()
if existing: return "", 409
reason = sanitize(request.form.get("reason", "").strip()[:100], flair=True)
reason = request.form.get("reason", "").strip()[:100]
for i in re.finditer(':(.{1,30}?):', reason):
if path.isfile(f'./files/assets/images/emojis/{i.group(1)}.gif'):
reason = reason.replace(f':{i.group(1)}:', f'<img data-toggle="tooltip" title="{i.group(1)}" delay="0" height=20 src="https://{site}/assets/images/emojis/{i.group(1)}.gif"<span>')
flag = Flag(post_id=post.id,
user_id=v.id,
@ -38,11 +44,11 @@ def api_flag_comment(cid, v):
user_id=v.id, comment_id=comment.id).first()
if existing: return "", 409
reason = sanitize(request.form.get("reason", "")[:100].strip(), flair=True)
flag = CommentFlag(comment_id=comment.id,
user_id=v.id,
reason=reason,
)
reason = request.form.get("reason", "").strip()[:100]
for i in re.finditer(':(.{1,30}?):', reason):
if path.isfile(f'./files/assets/images/emojis/{i.group(1)}.gif'):
reason = reason.replace(f':{i.group(1)}:', f'<img data-toggle="tooltip" title="{i.group(1)}" delay="0" height=20 src="https://{site}/assets/images/emojis/{i.group(1)}.gif"<span>')
g.db.add(flag)

View File

@ -288,7 +288,12 @@ def edit_post(pid, v):
p.body_html = body_html
title = request.form.get("title")
p.title = title
p.title_html = sanitize(title, flair=True)
for i in re.finditer(':(.{1,30}?):', title):
if path.isfile(f'./files/assets/images/emojis/{i.group(1)}.gif'):
title = title.replace(f':{i.group(1)}:', f'<img data-toggle="tooltip" title="{i.group(1)}" delay="0" height=30 src="https://{site}/assets/images/emojis/{i.group(1)}.gif"<span>')
p.title_html = title
if int(time.time()) - p.created_utc > 60 * 3: p.edited_utc = int(time.time())
g.db.add(p)
@ -772,7 +777,12 @@ def submit_post(v):
if url.startswith("https://streamable.com/") and not url.startswith("https://streamable.com/e/"):
url = url.replace("https://streamable.com/", "https://streamable.com/e/")
title_html = sanitize(title, linkgen=True, flair=True)
for i in re.finditer(':(.{1,30}?):', title):
if path.isfile(f'./files/assets/images/emojis/{i.group(1)}.gif'):
title = title.replace(f':{i.group(1)}:', f'<img data-toggle="tooltip" title="{i.group(1)}" delay="0" height=20 src="https://{site}/assets/images/emojis/{i.group(1)}.gif"<span>')
title_html = title
new_post_aux = SubmissionAux(id=new_post.id,
url=url,

View File

@ -10,7 +10,6 @@ import youtube_dl
from .front import frontlist
valid_username_regex = re.compile("^[a-zA-Z0-9_\-]{3,25}$")
valid_title_regex = re.compile("^((?!<).){3,100}$")
valid_password_regex = re.compile("^.{8,100}$")
YOUTUBE_KEY = environ.get("YOUTUBE_KEY", "").strip()
@ -667,13 +666,7 @@ def settings_title_change(v):
if v.flairchanged: abort(403)
new_name=request.form.get("title").strip()
#verify acceptability
if not re.match(valid_title_regex, new_name):
return render_template("settings_profile.html",
v=v,
error=f"This isn't a valid flair.")
new_name=request.form.get("title").strip()[:100]
#make sure name is different
if new_name==v.customtitle:
@ -682,9 +675,11 @@ def settings_title_change(v):
error="You didn't change anything")
v.customtitleplain = new_name
new_name = sanitize(new_name, flair=True)
v = g.db.query(User).with_for_update().options(lazyload('*')).filter_by(id=v.id).first()
for i in re.finditer(':(.{1,30}?):', new_name):
if path.isfile(f'./files/assets/images/emojis/{i.group(1)}.gif'):
new_name = new_name.replace(f':{i.group(1)}:', f'<img data-toggle="tooltip" title="{i.group(1)}" delay="0" height=20 src="https://{site}/assets/images/emojis/{i.group(1)}.gif"<span>')
v.customtitle = new_name
g.db.add(v)