validate poll options body_html length

master
Aevann1 2022-11-12 12:27:01 +02:00
parent e3cd6c73f5
commit 3f17624de6
2 changed files with 27 additions and 9 deletions

View File

@ -242,17 +242,21 @@ def comment(v):
else: c.top_comment_id = parent.top_comment_id else: c.top_comment_id = parent.top_comment_id
for option in options: for option in options:
body_html = filter_emojis_only(option)
if len(body_html) > 500: abort(400, "Poll option too long!")
option = CommentOption( option = CommentOption(
comment_id=c.id, comment_id=c.id,
body_html=filter_emojis_only(option), body_html=body_html,
exclusive=0 exclusive=0
) )
g.db.add(option) g.db.add(option)
for choice in choices: for choice in choices:
body_html = filter_emojis_only(choice)
if len(body_html) > 500: abort(400, "Poll option too long!")
choice = CommentOption( choice = CommentOption(
comment_id=c.id, comment_id=c.id,
body_html=filter_emojis_only(choice), body_html=body_html,
exclusive=1 exclusive=1
) )
g.db.add(choice) g.db.add(choice)
@ -387,18 +391,22 @@ def edit_comment(cid, v):
for i in poll_regex.finditer(body): for i in poll_regex.finditer(body):
body = body.replace(i.group(0), "") body = body.replace(i.group(0), "")
body_html = filter_emojis_only(i.group(1))
if len(body_html) > 500: abort(400, "Poll option too long!")
option = CommentOption( option = CommentOption(
comment_id=c.id, comment_id=c.id,
body_html=filter_emojis_only(i.group(1)), body_html=body_html,
exclusive = 0 exclusive = 0
) )
g.db.add(option) g.db.add(option)
for i in choice_regex.finditer(body): for i in choice_regex.finditer(body):
body = body.replace(i.group(0), "") body = body.replace(i.group(0), "")
body_html = filter_emojis_only(i.group(1))
if len(body_html) > 500: abort(400, "Poll option too long!")
option = CommentOption( option = CommentOption(
comment_id=c.id, comment_id=c.id,
body_html=filter_emojis_only(i.group(1)), body_html=body_html,
exclusive = 1 exclusive = 1
) )
g.db.add(option) g.db.add(option)

View File

@ -345,18 +345,22 @@ def edit_post(pid, v):
if body != p.body: if body != p.body:
for i in poll_regex.finditer(body): for i in poll_regex.finditer(body):
body = body.replace(i.group(0), "") body = body.replace(i.group(0), "")
body_html = filter_emojis_only(i.group(1))
if len(body_html) > 500: abort(400, "Poll option too long!")
option = SubmissionOption( option = SubmissionOption(
submission_id=p.id, submission_id=p.id,
body_html=filter_emojis_only(i.group(1)), body_html=body_html,
exclusive = 0 exclusive = 0
) )
g.db.add(option) g.db.add(option)
for i in choice_regex.finditer(body): for i in choice_regex.finditer(body):
body = body.replace(i.group(0), "") body = body.replace(i.group(0), "")
body_html = filter_emojis_only(i.group(1))
if len(body_html) > 500: abort(400, "Poll option too long!")
option = SubmissionOption( option = SubmissionOption(
submission_id=p.id, submission_id=p.id,
body_html=filter_emojis_only(i.group(1)), body_html=body_html,
exclusive = 1 exclusive = 1
) )
g.db.add(option) g.db.add(option)
@ -806,26 +810,32 @@ def submit_post(v, sub=None):
if not execute_blackjack(v, post, text, 'submission'): break if not execute_blackjack(v, post, text, 'submission'): break
for option in options: for option in options:
body_html = filter_emojis_only(option)
if len(body_html) > 500: abort(400, "Poll option too long!")
option = SubmissionOption( option = SubmissionOption(
submission_id=post.id, submission_id=post.id,
body_html=filter_emojis_only(option), body_html=body_html,
exclusive=0 exclusive=0
) )
g.db.add(option) g.db.add(option)
for choice in choices: for choice in choices:
body_html = filter_emojis_only(choice)
if len(body_html) > 500: abort(400, "Poll option too long!")
choice = SubmissionOption( choice = SubmissionOption(
submission_id=post.id, submission_id=post.id,
body_html=filter_emojis_only(choice), body_html=body_html,
exclusive=1 exclusive=1
) )
g.db.add(choice) g.db.add(choice)
if v and v.admin_level >= PERMS['POST_BETS']: if v and v.admin_level >= PERMS['POST_BETS']:
for bet in bets: for bet in bets:
body_html = filter_emojis_only(bet)
if len(body_html) > 500: abort(400, "Bet option too long!")
bet = SubmissionOption( bet = SubmissionOption(
submission_id=post.id, submission_id=post.id,
body_html=filter_emojis_only(bet), body_html=body_html,
exclusive=2 exclusive=2
) )
g.db.add(bet) g.db.add(bet)