Aevann1
15c7add942
fix bug
2022-11-26 22:54:17 +02:00
justcool393
19b73f8e7e
api: fix some missing imports
2022-11-26 14:46:49 -06:00
justcool393
e1f785c370
Merge branch 'docs' into 'master'
2022-11-26 14:40:32 -06:00
justcool393
ae50cc2772
const: rename constants from LIMIT to MINIMUM
...
the new name is much much clearer
2022-11-26 14:20:44 -06:00
Aevann1
bb153e541d
Revert "you posts: constantify truescore requirement"
...
This reverts commit 1b721126a2
.
2022-11-26 22:09:07 +02:00
justcool393
1b721126a2
you posts: constantify truescore requirement
2022-11-26 13:39:31 -06:00
Aevann1
d624dbe2de
fix this https://rdrama.net/post/125682
2022-11-26 08:11:00 +02:00
Aevann1
8a80616f84
insanely ghetto solution to long back-and-forth chains in notifs
2022-11-26 07:52:37 +02:00
Aevann1
4eb66e5802
fix login redir bug
2022-11-26 07:38:59 +02:00
Aevann1
a641acaf8f
use sets instead of lists in some statements
2022-11-26 06:52:47 +02:00
Nekobit
f59f641331
Merge branch 'docs' of fsdfsd.net:nekobit/rDrama into docs
2022-11-25 23:31:49 -05:00
Nekobit
dea8c3f7e3
docs: Remove unneccesary imports; @auth_desired
2022-11-25 23:30:49 -05:00
Aevann1
b3c47f5598
tell ppl how much Truescore they need to see /h/chudrama
2022-11-26 06:22:09 +02:00
Aevann1
bcbf524fbe
make sure stickied child comments are always at the top place they can be
2022-11-26 06:01:20 +02:00
justcool393
cfffbc61a0
the request is prolly boned anyway, let's help friends help me :)
2022-11-25 20:57:24 -06:00
justcool393
992e4a0d1c
don't want to crash on our precious logging code
2022-11-25 20:22:55 -06:00
justcool393
ba6e4721d3
calc users: log so we can find the root of this problem
2022-11-25 20:21:38 -06:00
justcool393
46204ea223
ranking: be site specific when boosting users or excluding users from boosts
...
otherwise we may unintentionally rank for the wrong users (since we're using literal IDs)
2022-11-25 20:04:09 -06:00
Aevann1
5523747c3a
fix 500 error
2022-11-26 04:02:41 +02:00
Aevann1
bf72234873
remove SITE url from badge urls to make them relative in the event of a future domain change
2022-11-26 03:45:20 +02:00
Aevann1
e96274308a
sneed
2022-11-26 03:31:17 +02:00
justcool393
35b1532bb4
admin: remove meme admin vestige
2022-11-25 19:15:39 -06:00
Aevann1
5e2f449df7
fix prev commit lol
2022-11-26 01:52:39 +02:00
Aevann1
c470cb7516
make shit award not give DC
2022-11-26 01:50:25 +02:00
Aevann1
642d19b861
move ratelimit_user after auth
2022-11-26 01:37:04 +02:00
Aevann1
bf4031c832
remove annoying excalmation sign in notifs
2022-11-26 01:18:24 +02:00
Nekobit
2e1d2cb774
Merge branch 'master' into docs
2022-11-25 22:27:15 +00:00
justcool393
7e403469cd
polls: constantify max poll options
2022-11-25 16:12:25 -06:00
justcool393
f86d351ac4
fix saved subscribers stuff
2022-11-25 16:06:18 -06:00
Aevann1
e4b521a63f
limit polls to 10 options to prevent spam
2022-11-25 23:33:38 +02:00
Aevann1
2938f930fd
make me not see modmail, if its important the other jannies will tell me
2022-11-25 22:56:11 +02:00
Nekobit
af4411b0d7
Documentation page
2022-11-25 15:36:29 -05:00
justcool393
0356c589a4
api: don't hit calc_users if this is the API
...
sometimes we render HTML where we probably... shouldn't. in most cases
this is fine, but if API clients hit it it can errenously set
2022-11-25 14:31:07 -06:00
justcool393
23505c68b3
errors: use abort for sign up errors
2022-11-25 12:27:18 -06:00
justcool393
816389cf28
security: fix DoS on title getter
...
the `timeout` parameter only applies to seconds per *byte* received (and time to first
byte), not the entire request
this means an attacker could theoretically send a very... slow...
stream... of... bytes... and... crash... the... worker... when... the...
timeout... is... reached...
2022-11-25 07:10:05 -06:00
Snakes
af7df7f62d
Ensure all entry points get sessions.
...
Somewhat speculative, but the change in f62a9769fd
, while fixing
certain errors where logged-out users sometimes didn't have sessions
come calc_users, also opened the possibility of certain request
sequences that wouldn't give a user a session.
In the interest of conservatism, we create a session if not exists
in both the new location in calc_users and the previous spot in
before_request.
2022-11-22 18:37:55 -05:00
Aevann1
755cfbf335
temp fix to shitting up console
2022-11-23 00:23:04 +02:00
Aevann1
9e89166e2f
restore reload icon for legacy app users
2022-11-22 23:34:33 +02:00
Aevann1
e198102383
repurpose "upvoted" to "voted"
2022-11-22 23:28:30 +02:00
Aevann1
4640abed4b
remove hole nerf
2022-11-22 22:25:48 +02:00
justcool393
6acd896967
sbs: since propagation isn't optional anyway, let's propagate on a ban to get their alts
2022-11-22 09:51:44 -06:00
Aevann1
0b1f166211
remove "alts" checkbox for shadowbanning since shadowbans propagate anway via check_for_alts()
2022-11-22 17:44:16 +02:00
justcool393
b0ff8916a5
win loss stats to casino games ( #475 )
...
* casino: add stats to casino
* casino: stats should target the right thing
casino: properly style
* pluralize properly
* refactor casino leaderboards :marseytroublemarker:
* fsfsdsd
* fsdsdsdsd
* i'm r-slurred
* -
2022-11-22 07:11:01 -08:00
justcool393
007e41e7d0
security: validate YouTube link IDs
2022-11-22 06:13:44 -06:00
Snakes
9eab252e5b
Fix reply/mention notifications from muted users.
...
Consider the case of the current /notifications filter condition:
WHERE ... NOT ((comments.sentto = 2) AND (users.is_muted))
SELECT 1 WHERE NOT ((null = 2) AND (true)); ⇒ 0 rows
SELECT 1 WHERE NOT ((1 = 2) AND (true)); ⇒ 1 row
SELECT 1 WHERE NOT ((2 = 2) AND (true)); ⇒ 0 rows
We want the first expression, where comments.sentto = null, to evaluate
to false, not to null, so it negates to true. Behavior as written is:
SELECT 1 WHERE NOT ((null = 2) AND (true)); →
SELECT 1 WHERE NOT (null AND true); →
SELECT 1 WHERE NOT null; →
SELECT 1 WHERE null;
Which guarantees a null return set. If we check first for non-nullity:
SELECT 1 WHERE NOT ((null IS NOT null) AND (null = 2) AND (true)); ⇒ 1
SELECT 1 WHERE NOT ((1 IS NOT null) AND (1 = 2) AND (true)); ⇒ 1
SELECT 1 WHERE NOT ((2 IS NOT null) AND (2 = 2) AND (true)); ⇒ 0
2022-11-21 23:08:31 -05:00
justcool393
272e2ee936
sneed (rename procoins to marseybux) ( #472 )
...
* sneed (rename procoins to marseybux)
* literally unusable
Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-21 18:08:29 -05:00
Aevann1
f272989735
Revert "stop adding target="_blank" in the backend and move it to the frontend (to accomodate PWA users) - THANK YOU GEESE I LOVE YOU SO MUCH ( #473 )"
...
This reverts commit 88f3cd519d
.
2022-11-21 19:37:38 +02:00
Aevann1
0d6b26d404
sneed
2022-11-21 19:09:04 +02:00
Aevann1
2f31fdfdd7
Revert "remove User.newtab and see if anyone complains"
...
This reverts commit 787c89961f
.
2022-11-21 18:55:13 +02:00
justcool393
79b2b5cff8
cookies: set SameSite Lax to get rid of annoying console warning
2022-11-21 09:36:34 -06:00