Commit Graph

742 Commits (294f2057febf053f329a62ee8dddbf9267b93f7d)

Author SHA1 Message Date
Aevann 5bc6597188 add 1/1 second ratelimiter for user ids to fix blackjack exploit 2023-04-02 08:52:26 +02:00
Aevann f834514e1a fix deleting media 2023-03-25 17:07:12 +02:00
Aevann 1bce14efcd rename remove_media to remove_media_using_link for clarity 2023-03-17 12:25:49 +02:00
Aevann 57765f0776 revert sqlalchemy changes 2023-03-16 08:27:58 +02:00
Aevann 1e832b0027 Revert "remove hidevotedon"
This reverts commit d8cf302a43.
2023-03-15 08:03:11 +02:00
Aevann c6a7051200 flush instead of committing inside requests 2023-03-15 07:19:35 +02:00
Aevann a068d22213 more fixes 2023-03-15 06:47:47 +02:00
Aevann f768d81103 keep db sessions open 2023-03-15 05:58:00 +02:00
Aevann 9f66e33061 Revert "convert IS_FISTMAS and IS_HOMOWEEN from functions to variables"
This reverts commit b45d845630.
2023-03-08 08:51:40 +02:00
Aevann b45d845630 convert IS_FISTMAS and IS_HOMOWEEN from functions to variables 2023-03-08 08:10:18 +02:00
Aevann 20993c004c for house change, pool coins and mbux together 2023-03-07 07:09:17 +02:00
Aevann 873292d60d make remove_media() to fix 500 error 2023-03-06 21:32:08 +02:00
Aevann 2112626910 increase charlimit for bio, friends, and enemies to 5k 2023-03-03 06:19:52 +02:00
Aevann d7f42ac50a dont give shekels to ppl not notified bc of blocks + dont give shekels to ppl ALSO mentioned directly + prevent group double charging on edit + do this https://stupidpol.site/h/countryclub/post/79285/-/3695711#context 2023-03-02 21:56:43 +02:00
Aevann 308bb03125 add !everyone 2023-03-02 02:32:51 +02:00
Aevann 17bb6dad48 blackjack fix exploit 2023-02-27 07:33:45 +02:00
Aevann 6ac9b32834 allow positioning of files 2023-02-26 14:08:37 +02:00
Aevann fe0b8887bc change 1/second ratelimit to 1/2 second 2023-02-26 12:26:26 +02:00
Aevann 82a73392a9 fix errors 2023-02-26 10:49:09 +02:00
Aevann 8c495c914a default ratelimit doesnt apply implicitly if theres other @limiter.limit before the function, so add it explicity before all functions 2023-02-26 10:41:04 +02:00
Aevann 4c35f0b07f remove unnecessary line 2023-02-26 08:35:59 +02:00
Aevann 7aaeedea36 better ratelimiting 2023-02-26 03:42:39 +02:00
Aevann 8418e0075f move .cookies to /cookies 2023-02-25 19:45:13 +02:00
Aevann 3e7ccb7756 add push notifs to add_notif() 2023-02-24 04:28:10 +02:00
Aevann 8158b70c20 apparently cardview toggle got removed from the settings, so might as well remove it from the code 2023-02-19 11:20:16 +02:00
Aevann c3842b8bf8 remove unnecessary song change code 2023-02-17 18:42:55 +02:00
Aevann 92b77735ae fix profile songs in localhost 2023-02-17 17:20:51 +02:00
Aevann 8537dfbf21 dont commit on error 2023-02-17 16:49:23 +02:00
Aevann d027e51faa fix 500 error 2023-02-17 16:21:12 +02:00
Aevann e5343fb7a8 dont hang workers on youtube song change 2023-02-10 16:29:09 +02:00
Aevann 96b8afa617 use /temp_songs directory 2023-02-10 16:17:22 +02:00
Aevann 88814ee208 expand blackjack 2023-02-07 05:31:49 +02:00
Aevann b7e4f27f65 use transactions table in rdrama 2023-02-01 21:04:15 +02:00
Aevann b0832d9ef6 update marseybux message 2023-02-01 20:41:52 +02:00
Aevann 349fa17836 use exlamation marks instead of dots in responses to users 2023-01-27 13:57:29 +02:00
Aevann 66461e652c more redirections 2023-01-27 13:48:48 +02:00
Aevann f1877be84e make /settings/log_out_all_others redirect 2023-01-27 13:33:03 +02:00
Aevann 57f029040d remove error codes from redirect() 2023-01-27 13:28:50 +02:00
Aevann d9b0b6084d add forgetten error code 2023-01-27 13:25:32 +02:00
Aevann 7bda728287 redirect /settings/filters 2023-01-27 13:20:15 +02:00
Aevann 15a9d53ba6 use get_msg() in /profile_css 2023-01-27 12:04:30 +02:00
Aevann 4c9181e0b1 save failed profilecss 2023-01-27 12:02:11 +02:00
Aevann d00fef9faf use transactions table in rdrama (#99)
Co-authored-by: Aevann <randomname42029@gmail.com>
Reviewed-on: rDrama/rDrama#99
2023-01-26 11:25:28 +00:00
Aevann ca1b716010 fix pfp caching 2023-01-25 05:18:17 +02:00
Aevann 9ad4cf8035 add exclamation mark 2023-01-23 12:30:34 +02:00
Aevann e96f121f3f tell ppl to check their spam folder just in case 2023-01-21 07:36:27 +02:00
Aevann a40dee5bd8 improve user ratelimiting 2023-01-21 06:39:46 +02:00
Aevann 044664a25e get rid of useless tabs and spaces 2023-01-01 13:36:20 +02:00
SneedBot a56bb59aa6 sneed 2023-01-01 10:45:08 +00:00
Aevann c4c3ff95fe fix missing () 2023-01-01 07:48:15 +02:00
Aevann db6db63836 change event structure 2023-01-01 07:33:09 +02:00
Aevann 8ee189022b seething hatred 2022-12-30 21:01:47 +02:00
Aevann c4872ecb07 Revert "attempt to fix ratelimiting user"
This reverts commit 99597fc36c.
2022-12-30 20:43:13 +02:00
Aevann 99597fc36c attempt to fix ratelimiting user 2022-12-30 20:40:58 +02:00
Aevann 9a8c986f93 attempt to fix ratelimiting user 2022-12-30 20:33:07 +02:00
Aevann 93e9a42fa3 stop using inline style/script elements 2022-12-29 16:20:27 +02:00
Aevann 5fef411e0c fix 500 error 2022-12-28 11:28:00 +02:00
Aevann 47ba7f11f2 limit LLM cuck to private toggle 2022-12-27 07:31:28 +02:00
Aevann 14c521911a fix 500 error 2022-12-23 23:44:47 +02:00
Aevann1 d133ed0966 fix 500 error i think 2022-12-20 23:15:24 +02:00
Aevann1 6c4a53b333 separate 2fa error messages 2022-12-20 18:56:44 +02:00
Aevann1 2183161916 add toggle for event music 2022-12-20 03:38:19 +02:00
Aevann1 0c94ec2067 restore themecolor to default when switching from win98 theme 2022-12-14 18:59:00 +02:00
Aevann1 eaf0faeaaf do this https://stupidpol.site/post/130970/this-is-fucking-bullshit-codecels-fix 2022-12-13 19:15:07 +02:00
Aevann1 7c3b3cde30 prevent the pathetic manlet from privating his profile 2022-12-12 22:48:04 +02:00
justcool393 ab41db22b7 [DO NOT MERGE] multiple sub banners (#59)
allows multiple sub banners

Snakes note: By request of Carp, especially for WPD.

Co-authored-by: justcool393 <justcool393@gmail.com>
Co-authored-by: Snakes <duolsm@outlook.com>
Reviewed-on: rDrama/rDrama#59
Co-authored-by: justcool393 <justcool393@noreply.fsdfsd.net>
Co-committed-by: justcool393 <justcool393@noreply.fsdfsd.net>
2022-12-11 23:44:34 +00:00
Aevann1 b2d457c028 increase css limit from 4000 to 10000 2022-12-10 20:30:19 +02:00
Aevann1 5e52a86500 cleanup user ids in const.py 2022-12-10 16:00:03 +02:00
Aevann1 16cd5f2e17 profile anthem - allow downloading age-restricted videos 2022-12-09 09:30:27 +02:00
Aevann1 77429369d7 ratelimit 2022-12-09 07:56:34 +02:00
Aevann1 07eb8bdebc fix 500 error 2022-12-09 07:54:56 +02:00
Aevann1 0d812f1294 check for profile background existence before atttempting to delete 2022-12-08 07:20:34 +02:00
Aevann1 93063516ce tie transparent theme to backgrounds 2022-12-07 19:53:29 +02:00
Aevann1 7d6b5862e4 uncomment commented line lol 2022-12-07 09:53:46 +02:00
Aevann1 15088e5eef add button to remove current profile background 2022-12-05 17:14:53 +02:00
Aevann1 84ec5f5b46 truncate unnecessary logic 2022-12-05 17:10:15 +02:00
Aevann f8aa67fb9a add button on profile to upload profile background (#48)
Co-authored-by: Aevann1 <randomname42029@gmail.com>
Reviewed-on: rDrama/rDrama#48
Co-authored-by: Aevann <aevann@noreply.fsdfsd.net>
Co-committed-by: Aevann <aevann@noreply.fsdfsd.net>
2022-12-05 04:16:45 +00:00
Aevann 5850bb26fa add custom backgrounds paypig feature to compensate for profile views (#44)
Co-authored-by: Aevann1 <randomname42029@gmail.com>
Reviewed-on: rDrama/rDrama#44
Co-authored-by: Aevann <aevann@noreply.fsdfsd.net>
Co-committed-by: Aevann <aevann@noreply.fsdfsd.net>
2022-12-05 00:02:29 +00:00
Aevann1 c0676e198c convert "var" to "let" and "const" 2022-12-04 17:40:32 +02:00
Aevann1 49263fdd86 Revert "stop using background css property and use its parts instead"
This reverts commit e4e67a4424.
2022-12-04 00:17:35 +02:00
Aevann1 e4e67a4424 stop using background css property and use its parts instead 2022-12-04 00:11:02 +02:00
Aevann1 fa0bb57253 fix this https://stupidpol.site/post/18459/marseycapywalking-megathread-for-bugs-and-suggestions/3175605?context=8#context 2022-12-03 04:14:01 +02:00
Aevann1 3e42918afb minor background dedup 2022-11-29 05:37:56 +02:00
Aevann1 3183e0a28e dont allow ppl to use transparent theme without background 2022-11-28 08:11:07 +02:00
justcool393 0ff034b01b add typing to a bunch of routes 2022-11-26 15:00:16 -06:00
Aevann1 642d19b861 move ratelimit_user after auth 2022-11-26 01:37:04 +02:00
justcool393 007e41e7d0 security: validate YouTube link IDs 2022-11-22 06:13:44 -06:00
justcool393 272e2ee936
sneed (rename procoins to marseybux) (#472)
* sneed (rename procoins to marseybux)

* literally unusable

Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-21 18:08:29 -05:00
Aevann1 2f31fdfdd7 Revert "remove User.newtab and see if anyone complains"
This reverts commit 787c89961f.
2022-11-21 18:55:13 +02:00
justcool393 427d8f643d ratelimiting: use ratelimit_user everywhere 2022-11-21 09:30:27 -06:00
Aevann1 787c89961f remove User.newtab and see if anyone complains 2022-11-21 16:36:17 +02:00
Snakes db329f487f
User.pay_account everywhere, fix lottery payout. 2022-11-20 05:50:02 -05:00
Aevann1 785fb28bb2 fix bug when 2fa toggle looked like it didnt apply 2022-11-18 22:07:07 +02:00
Aevann1 6d607a6f59 give ppl a message when they change their settings sucessfully 2022-11-15 16:33:21 +02:00
justcool393 8f2f48d6d1
[DO NOT MERGE] import detanglation (#442)
* move Base definition to files.classes.__init__.py

* fix ImportError

* move userpage listing to users.py

* don't import the app from classes

* consts: set default values to avoid crashes
consts: warn if the secret key is the default config value

* card view: sneed (user db schema)

* cloudflare: use DEFAULT_CONFIG_VALUE

* const: set default values

* decouple media.py from __main__

* pass database to avoid imports

* import cleanup and import request not in const, but in the requests mega import

* move asset_submissions site check to __init__

* asset submissions feature flag

* flag

* g.is_tor

* don't import request where it's not needed

* i think this is fine

* mail: move to own routes and helper

* wrappers

* required wrappers move

* unfuck wrappers a bit

* move snappy quotes and marseys to stateful consts

* marsify

* :pepodrool:

* fix missing import

* import cache

* ...and settings.py

* and static.py

* static needs cache

* route

* lmao all of the jinja shit was in feeds.py amazing

* classes should only import what they need from flask

* import Response

* hdjbjdhbhjf

* ...

* dfdfdfdf

* make get a non-required import

* isort imports (mostly)

* but actually

* configs

* reload config on import

* fgfgfgfg

* config

* config

* initialize snappy and test

* cookie of doom debug

* edfjnkf

* xikscdfd

* debug config

* set session cookie domain, i think this fixes the can't login bug

* sdfbgnhvfdsghbnjfbdvvfghnn

* hrsfxgf

* dump the entire config on a request

* kyskyskyskyskyskyskyskyskys

* duifhdskfjdfd

* dfdfdfdfdfdfdfdfdfdfdfdf

* dfdfdfdf

* imoprt all of the consts beacuse fuck it

* 😭

* dfdfdfdfdfdfsdasdf

* print the entire session

* rffdfdfjkfksj

* fgbhffh

* not the secret keys

* minor bug fixes

* be helpful in the warning

* gfgfgfg

* move warning lower

* isort main imports (i hope this doesn't fuck something up)

* test

* session cookie domain redux

* dfdfdfd

* try only importing Flask

* formkeys fix

* y

* :pepodrool:

* route helper

* remove before flight

* dfdfdfdfdf

* isort classes

* isort helpers

* move check_for_alts to routehelpers and also sort imports and get rid of unused ones

* that previous commit but actkally

* readd the cache in a dozen places they were implicitly imported

* use g.is_tor instead of request.headers. bla bla bla

* upgrade streamers to their own route file

* get rid of unused imports in __main__

* fgfgf

* don't pull in the entire ORM where we don't need it

* features

* explicit imports for the get helper

* explicit imports for the get helper redux

* testing allroutes

* remove unused import

* decouple flask from classes

* syntax fix also remember these have side fx for some reason (why?)

* move side effects out of the class

* posts

* testing on devrama

* settings

* reloading

* settingssdsdsds

* streamer features

* site settings

* testing settings on devrama

* import

* fix modlog

* remove debug stuff

* revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6

* archiveorg to _archiveorg

* skhudkfkjfd

* fix cron for PCM

* fix bugs that snekky wants me to

* Fix call to realbody passing db, standardize kwarg

* test

* import check_for_alts from the right place

* cloudflare

* testing on devrama

* fix cron i think

* shadow properly

* tasks

* Remove print which will surely be annoying in prod.

* v and create new session

* use files.classes

* make errors import little and fix rare 500 in /allow_nsfw

* Revert "use files.classes"

This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6.

* pass v to media functions rather than using g

* fix

* dfdfdfdfd

* cleanup, py type checking is dumb so don't use it where it causes issues

* Fix some merge bugs, add DEFAULT_RATELIMIT to main.

* Fix imports on sqlalchemy expressions.

* `from random import random` is an error.

* Fix replies db param.

* errors: fix missing import

* fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text

* Fix signup formkey.

* fix 2 500s

* propagate db to submissions

* fix replies

* dfdfdfdf

* Fix verifiedcolor.

* is_manual

* can't use getters outside of an app context

* don't attempt to do gumroad on sites where it's not enabled

* don't attempt to do gumraod on sites's where it's unnecessary

* Revert "don't attempt to do gumroad on sites where it's not enabled"

This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3.

* fix 500

* validate media type

Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 03:19:08 -06:00
Aevann1 41ab1f313c move feature_required wrappers up 2022-11-14 18:14:47 +02:00
Snakes d3f25739f0 Fix ratelimit_user on 3 routes, make proper dec. 2022-11-13 07:25:57 -05:00
Snakes 8fee66c894
Reorder decorators to support f63237a9a2.
Ultimately necessary because otherwise all bots share rate limits
with each other. The somewhat haphazard ordering of decorators bothers
me, but it's functionally required.

Approaches using request context (like reading the Authorization
header in ratelimit_user) likely produce bugs all their own.
2022-11-13 05:18:52 -05:00
justcool393 aa272729f1 default ratelimit and default ratelimit slower 2022-11-13 00:43:47 -06:00
justcool393 80d7d5281d ratelimit_user() wrapper 2022-11-13 00:07:15 -06:00
Aevann1 27a8fd4657 same as last commit 2022-11-12 12:11:46 +02:00
Aevann1 780e0f85f1 fix 500 error 2022-11-09 19:58:32 +02:00
Snakes e0f43c3668
Remove is_nofollow from backend. 2022-11-09 10:05:36 -05:00
geese-suck 462e3421b5
organize templates (#435)
dude file management lmao
2022-11-09 01:11:46 -05:00
Aevann1 23a241f026 fix https://rdrama.net/post/18459/marseycapywalking-megathread-for-bugs-and-suggestions/3040826?context=8#context 2022-11-08 10:08:09 +02:00
justcool393 2c043d20e7 css fix 2022-11-07 21:40:11 -06:00
justcool393 7a0fe8015e css: redirect 2022-11-07 20:53:57 -06:00
Snakes 61957ba9ef
Fix /settings/namecolor data key to match frontend. 2022-11-07 16:15:25 -05:00
justcool393 c6e3df3340 settings: fix NSFW toggle 2022-11-06 23:45:21 -06:00
Aevann1 14b19ac950 add two words to the message 2022-11-07 07:15:46 +02:00
justcool393 771f1972aa fix custom filters 2022-11-06 22:50:45 -06:00
justcool393 af696a2f9c verified fixes again 2022-11-06 22:31:38 -06:00
justcool393 0c7d8f0da1 fkjdhfkjdhfdkjfhdkf 2022-11-06 20:06:37 -08:00
justcool393 424e9bc0ae sanity check 2022-11-06 20:06:37 -08:00
justcool393 54fecd99e5 fix poor, fix 500, sanitize fun stuff 2022-11-06 20:06:37 -08:00
justcool393 7de3bb064c make API message better
also make unchecking the box hide the permalink
2022-11-06 20:06:37 -08:00
justcool393 57df202cfa don't disable flags 2022-11-06 20:06:37 -08:00
justcool393 657c00244a sanitize, fix bug with update_flag, and update copy for low tsfriends 2022-11-06 20:06:37 -08:00
justcool393 502314ad3c colors: filter properly 2022-11-06 20:06:37 -08:00
justcool393 c2350d36bf add patronage message and message for when it's enabled permanently 2022-11-06 20:06:37 -08:00
justcool393 06736dfb75 fix badge id 2022-11-06 20:06:37 -08:00
justcool393 4d2f429954 enable permanence code and fix some bugs with setting frontsize and some other things 2022-11-06 20:06:37 -08:00
justcool393 d26294de5c don't attempt to set the filter if not in the request 2022-11-06 20:06:37 -08:00
justcool393 edc969e2cd use /settings/personal instead of /settings/profile 2022-11-06 20:06:37 -08:00
justcool393 78c53c1954 debug 2022-11-06 20:06:37 -08:00
justcool393 c10b3e4262 fix prev commit 2022-11-06 20:06:37 -08:00
justcool393 83fe77c039 settings: implement backend logic for permanent filters 2022-11-06 20:06:37 -08:00
justcool393 72da55fd61 settings: implement front end for perma-filters 2022-11-06 20:06:37 -08:00
justcool393 511ed26574 settings: add new settings pages to API
settings: remove old settings pages from API
settings: delete unused settings template
2022-11-06 20:06:37 -08:00
justcool393 c6675ff037 houses: make price a constant
houses: warn founders that switching houses will delete their founder status
2022-11-05 01:00:02 -05:00
justcool393 1008c3b71f houses: don't allow users to pick the same house 2022-11-05 00:49:12 -05:00
justcool393 339d5fe8f1 users: add profanity filter to censor our gosh darned potty mouthes 2022-11-03 17:59:18 -05:00
Aevann1 111c9ab208 fix this https://rdrama.life/post/18459/marseycapywalking-megathread-for-bugs-and-suggestions/3007141?context=8#context 2022-11-02 05:22:16 +02:00
justcool393 6caebac946 actions: move user-only actions to useractions, which gets rid of a circular dependency 2022-11-01 18:46:56 -05:00
justcool393 6d636e4e42 use charge_account everywhere 2022-11-01 00:25:19 -05:00
Aevann1 fbeac461ca refactor poorcel mode 2022-10-25 18:07:44 +02:00
justcool393 aa508fc076 remove discord 2022-10-16 05:42:52 -07:00
Aevann1 cdff11424f use charge_account everywhere 2022-10-12 18:33:00 +02:00
Aevann1 cdfbbd0217 fix wrong name for feature 2022-10-12 06:06:11 +02:00
Aevann1 466867afd1 Merge branch 'frost' of https://github.com/Aevann1/rDrama into frost 2022-10-11 18:41:12 +02:00
Aevann1 e3a3cbd358 add "hot" comment sorting 2022-10-11 18:41:09 +02:00
justcool393 39e49a508f add 409 to errors
* also move check for AUTOJANNY_ID to before has_blocked
2022-10-11 08:40:19 -07:00
justcool393 c0acb1722b abort a bunch of stuff where we manually returned JSON 2022-10-11 08:40:19 -07:00
justcool393 b398420246 i'm gonna hit sneks with a giant foam s 2022-10-11 00:52:01 -07:00
justcool393 456dd43bba replace "if not FEATURES" with wrapper 2022-10-11 00:33:23 -07:00
justcool393 75e593da00 Revert "feature required wrapper"
This reverts commit 8700bcc5ee.
2022-10-10 02:54:47 -07:00
justcool393 8700bcc5ee feature required wrapper 2022-10-09 23:16:05 -07:00
Aevann1 9d6dcca07a remove duplicate function 2022-10-07 00:59:50 +02:00
Aevann1 96f4f8499f fix 500 errors 2022-10-06 09:30:38 +02:00
Aevann1 37e1f25624 make using proxies only happen in 3 circumstances again 2022-09-26 06:01:25 +02:00