forked from rDrama/rDrama
replace with sanitize_settings_text with much better process_settings_plaintext
parent
dea70c715d
commit
0a3fbaeb88
|
@ -297,13 +297,6 @@ def remove_cuniform(sanitized:Optional[str]) -> str:
|
||||||
sanitized = sanitized.replace("’", "'")
|
sanitized = sanitized.replace("’", "'")
|
||||||
return sanitized.strip()
|
return sanitized.strip()
|
||||||
|
|
||||||
def sanitize_settings_text(sanitized:Optional[str], max_length:Optional[int]=None) -> str:
|
|
||||||
if not sanitized: return ""
|
|
||||||
sanitized = sanitized.replace('\u200e','').replace('\u200b','').replace("\ufeff", "").replace("\r", "").replace("\n","")
|
|
||||||
sanitized = sanitized.strip()
|
|
||||||
if max_length: sanitized = sanitized[:max_length]
|
|
||||||
return sanitized
|
|
||||||
|
|
||||||
def get_youtube_id_and_t(url):
|
def get_youtube_id_and_t(url):
|
||||||
params = parse_qs(urlparse(url).query, keep_blank_values=True)
|
params = parse_qs(urlparse(url).query, keep_blank_values=True)
|
||||||
|
|
||||||
|
|
|
@ -899,6 +899,22 @@ def settings_song_change(v):
|
||||||
|
|
||||||
return redirect("/settings/personal?msg=Profile Anthem successfully updated. Wait 5 minutes for the change to take effect.")
|
return redirect("/settings/personal?msg=Profile Anthem successfully updated. Wait 5 minutes for the change to take effect.")
|
||||||
|
|
||||||
|
|
||||||
|
def process_settings_plaintext(value, current, length):
|
||||||
|
value = request.values.get(value, "").strip()
|
||||||
|
|
||||||
|
if not value:
|
||||||
|
return redirect("/settings/personal?error=You didn't enter anything!"), 400
|
||||||
|
|
||||||
|
if len(value) > 100:
|
||||||
|
return redirect("/settings/personal?error=The value you entered exceeds the character limit (100 characters)"), 400
|
||||||
|
|
||||||
|
if value == current:
|
||||||
|
return redirect("/settings/personal?error=You didn't change anything!"), 400
|
||||||
|
|
||||||
|
return value
|
||||||
|
|
||||||
|
|
||||||
@app.post("/settings/title_change")
|
@app.post("/settings/title_change")
|
||||||
@limiter.limit('1/second', scope=rpath)
|
@limiter.limit('1/second', scope=rpath)
|
||||||
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
|
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
|
||||||
|
@ -908,21 +924,17 @@ def settings_song_change(v):
|
||||||
def settings_title_change(v):
|
def settings_title_change(v):
|
||||||
if v.flairchanged: abort(403)
|
if v.flairchanged: abort(403)
|
||||||
|
|
||||||
customtitleplain = sanitize_settings_text(request.values.get("title"), 100)
|
processed = process_settings_plaintext("title", v.customtitleplain, 100)
|
||||||
|
if isinstance(processed, tuple):
|
||||||
|
return processed
|
||||||
|
|
||||||
if len(customtitleplain) > 100:
|
customtitle = filter_emojis_only(processed)
|
||||||
return redirect("/settings/personal?error=Flair too long!")
|
|
||||||
|
|
||||||
if customtitleplain == v.customtitleplain:
|
|
||||||
return redirect("/settings/personal?error=You didn't change anything!")
|
|
||||||
|
|
||||||
customtitle = filter_emojis_only(customtitleplain)
|
|
||||||
customtitle = censor_slurs(customtitle, None)
|
customtitle = censor_slurs(customtitle, None)
|
||||||
|
|
||||||
if len(customtitle) > 1000:
|
if len(customtitle) > 1000:
|
||||||
return redirect("/settings/personal?error=Flair too long!")
|
return redirect("/settings/personal?error=Flair too long!")
|
||||||
|
|
||||||
v.customtitleplain = customtitleplain
|
v.customtitleplain = processed
|
||||||
v.customtitle = customtitle
|
v.customtitle = customtitle
|
||||||
g.db.add(v)
|
g.db.add(v)
|
||||||
|
|
||||||
|
@ -937,14 +949,11 @@ def settings_title_change(v):
|
||||||
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
|
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
|
||||||
@auth_required
|
@auth_required
|
||||||
def settings_pronouns_change(v):
|
def settings_pronouns_change(v):
|
||||||
pronouns = sanitize_settings_text(request.values.get("pronouns"))
|
processed = process_settings_plaintext("pronouns", v.pronouns, 15)
|
||||||
|
if isinstance(processed, tuple):
|
||||||
if len(pronouns) > 15:
|
return processed
|
||||||
return redirect("/settings/personal?error=Your pronouns exceed the character limit (15 characters)")
|
|
||||||
|
|
||||||
if pronouns == v.pronouns:
|
|
||||||
return redirect("/settings/personal?error=You didn't change anything!")
|
|
||||||
|
|
||||||
|
pronouns = processed
|
||||||
if not pronouns_regex.fullmatch(pronouns):
|
if not pronouns_regex.fullmatch(pronouns):
|
||||||
return redirect("/settings/personal?error=The pronouns you entered don't match the required format!")
|
return redirect("/settings/personal?error=The pronouns you entered don't match the required format!")
|
||||||
|
|
||||||
|
@ -966,9 +975,11 @@ def settings_pronouns_change(v):
|
||||||
@auth_required
|
@auth_required
|
||||||
def settings_checkmark_text(v):
|
def settings_checkmark_text(v):
|
||||||
if not v.verified: abort(403)
|
if not v.verified: abort(403)
|
||||||
new_name = sanitize_settings_text(request.values.get("checkmark-text"), 100)
|
|
||||||
if not new_name: abort(400)
|
processed = process_settings_plaintext("checkmark-text", v.verified, 100)
|
||||||
if new_name == v.verified: return redirect("/settings/personal?error=You didn't change anything!")
|
if isinstance(processed, tuple):
|
||||||
v.verified = new_name
|
return processed
|
||||||
|
|
||||||
|
v.verified = processed
|
||||||
g.db.add(v)
|
g.db.add(v)
|
||||||
return redirect("/settings/personal?msg=Checkmark Text successfully updated!")
|
return redirect("/settings/personal?msg=Checkmark Text successfully updated!")
|
||||||
|
|
Loading…
Reference in New Issue