Merge branch 'master' into mistletoe

2021-12-08 17:08:52 -06:00 · 2021-12-08 17:08:52 -06:00 · a78648c0c7
parent 5c38d44ab3 f51ce88c0c
commit a78648c0c7
13 changed files with 45 additions and 82 deletions
--- a/files/classes/submission.py
+++ b/files/classes/submission.py
@ -251,6 +251,7 @@ class Submission(Base):
 				'distinguish_level': self.distinguish_level,
 				'voted': self.voted if hasattr(self, 'voted') else 0,
 				'flags': flags,
+				'club': self.club,
 				}

 		if self.ban_reason:
--- a/files/helpers/sanitize.py
+++ b/files/helpers/sanitize.py
@ -169,7 +169,7 @@ def sanitize(sanitized, noimages=False):
 		old = i.group(0)
 		if 'marseylong1' in old or 'marseylong2' in old or 'marseyllama1' in old or 'marseyllama2' in old: new = old.lower().replace(">", " class='mb-0'>")
 		else: new = old.lower()
-		for i in re.finditer('(?<!"):([^ ]{1,30}?):', new):
+		for i in re.finditer('(?<!"):([!#A-Za-z0-9]{1,30}?):', new):
 			emoji = i.group(1).lower()
 			if emoji.startswith("#!") or emoji.startswith("!#"):
 				classes = 'class="mirrored" '
@ -193,7 +193,7 @@ def sanitize(sanitized, noimages=False):
 		sanitized = sanitized.replace(old, new)


-	for i in re.finditer('(?<!"):([^ ]{1,30}?):', sanitized):
+	for i in re.finditer('(?<!"):([!A-Za-z0-9]{1,30}?):', sanitized):
 		emoji = i.group(1).lower()
 		if emoji.startswith("!"):
 			emoji = emoji[1:]
@ -212,15 +212,14 @@ def sanitize(sanitized, noimages=False):

 	sanitized = sanitized.replace("https://www.", "https://").replace("https://youtu.be/", "https://youtube.com/watch?v=").replace("https://music.youtube.com/watch?v=", "https://youtube.com/watch?v=").replace("https://open.spotify.com/", "https://open.spotify.com/embed/").replace("https://streamable.com/", "https://streamable.com/e/").replace("https://youtube.com/shorts/", "https://youtube.com/watch?v=").replace("https://mobile.twitter", "https://twitter").replace("https://m.facebook", "https://facebook").replace("https://m.wikipedia", "https://wikipedia").replace("https://m.youtube", "https://youtube")

-
 	if "https://youtube.com/watch?v=" in sanitized: sanitized = sanitized.replace("?t=", "&t=")

 	for i in re.finditer('" target="_blank">(https://youtube\.com/watch\?v\=(.*?))</a>', sanitized):
 		url = i.group(1)
-		yt_id = i.group(2).split('&')[0]
+		yt_id = i.group(2).split('&')[0].split('%')[0]
 		replacing = f'<a href="{url}" rel="nofollow noopener noreferrer" target="_blank">{url}</a>'

-		params = parse_qs(urlparse(url).query)
+		params = parse_qs(urlparse(url.replace('&amp;','&')).query)
 		t = params.get('t', params.get('start', [0]))[0]
 		if isinstance(t, str): t = t.replace('s','')

@ -229,21 +228,8 @@ def sanitize(sanitized, noimages=False):
 		htmlsource += '"></lite-youtube>'

 		sanitized = sanitized.replace(replacing, htmlsource)
-		
-	for i in re.finditer('<a href="(https://streamable\.com/e/.*?)"', sanitized):
-		url = i.group(1)
-		replacing = f'<a href="{url}" rel="nofollow noopener noreferrer" target="_blank">{url}</a>'
-		htmlsource = f'<iframe class="embedvid" loading="lazy" src="{url}" frameborder="0" allow="accelerometer; autoplay; encrypted-media; gyroscope; picture-in-picture" allowfullscreen></iframe>'
-		sanitized = sanitized.replace(replacing, htmlsource)
-
 	for i in re.finditer('<p>(https:.*?\.mp4)</p>', sanitized):
-		sanitized = sanitized.replace(i.group(0), f'<p><video controls loop preload="metadata" class="embedvid"><source src="{i.group(1)}" type="video/mp4"></video>')
-
-	for i in re.finditer('<a href="(https://open\.spotify\.com/embed/.*?)"', sanitized):
-		url = i.group(1)
-		replacing = f'<a href="{url}" rel="nofollow noopener noreferrer" target="_blank">{url}</a>'
-		htmlsource = f'<iframe src="{url}" class="spotify" frameBorder="0" allowtransparency="true" allow="encrypted-media"></iframe>'
-		sanitized = sanitized.replace(replacing, htmlsource)
+		sanitized = sanitized.replace(i.group(0), f'<p><video controls preload="metadata" class="embedvid"><source src="{i.group(1)}" type="video/mp4"></video>')

 	for rd in ["https://reddit.com/", "https://new.reddit.com/", "https://www.reddit.com/", "https://redd.it/"]:
 		sanitized = sanitized.replace(rd, "https://old.reddit.com/")
@ -254,15 +240,13 @@ def sanitize(sanitized, noimages=False):

 	return sanitized

-def filter_title(title):
-	title = title.strip()
-	title = title.replace("\n", "")
-	title = title.replace("\r", "")
-	title = title.replace("\t", "")
+def filter_emojis_only(title):
+
+	title = title.replace('<','').replace('>','').replace("\n", "").replace("\r", "").replace("\t", "").strip()

 	title = bleach.clean(title, tags=[])

-	for i in re.finditer('(?<!"):([^ ]{1,30}?):', title):
+	for i in re.finditer('(?<!"):([!A-Za-z0-9]{1,30}?):', title):
 		emoji = i.group(1)

 		if emoji.startswith("!"):
--- a/files/routes/awards.py
+++ b/files/routes/awards.py
@ -6,7 +6,7 @@ from files.helpers.const import *
 from files.classes.award import *
 from .front import frontlist
 from flask import g, request
-from files.helpers.sanitize import filter_title
+from files.helpers.sanitize import filter_emojis_only

 discounts = {
 	69: 0.02,
@ -610,7 +610,7 @@ def award_post(pid, v):
 	elif kind == "flairlock":
 		new_name = note[:100].replace("𒐪","")
 		author.customtitleplain = new_name
-		author.customtitle = filter_title(new_name)
+		author.customtitle = filter_emojis_only(new_name)
 		if len(author.customtitle) > 1000: abort(403)
 		author.flairchanged = time.time() + 86400
 	elif kind == "pause":
@ -764,7 +764,7 @@ def award_comment(cid, v):
 	elif kind == "flairlock":
 		new_name = note[:100].replace("𒐪","")
 		author.customtitleplain = new_name
-		author.customtitle = filter_title(new_name)
+		author.customtitle = filter_emojis_only(new_name)
 		if len(author.customtitle) > 1000: abort(403)
 		author.flairchanged = time.time() + 86400
 	elif kind == "pause":
--- a/files/routes/comments.py
+++ b/files/routes/comments.py
@ -9,7 +9,7 @@ from files.routes.front import comment_idlist
 from pusher_push_notifications import PushNotifications
 from flask import *
 from files.__main__ import app, limiter
-from files.helpers.sanitize import filter_title
+from files.helpers.sanitize import filter_emojis_only

 site = environ.get("DOMAIN").strip()
 if site == 'pcmemes.net': cc = "SPLASH MOUNTAIN"
@ -297,7 +297,7 @@ def api_comment(v):
 			parent_submission=parent_submission,
 			parent_comment_id=c.id,
 			level=level+1,
-			body_html=filter_title(option),
+			body_html=filter_emojis_only(option),
 			upvotes=0
 			)

@ -657,7 +657,7 @@ def edit_comment(cid, v):
 					parent_submission=c.parent_submission,
 					parent_comment_id=c.id,
 					level=c.level+1,
-					body_html=filter_title(i.group(1)),
+					body_html=filter_emojis_only(i.group(1)),
 					upvotes=0
 					)
 				g.db.add(c_option)
--- a/files/routes/posts.py
+++ b/files/routes/posts.py
@ -372,7 +372,7 @@ def edit_post(pid, v):
 			title = title.replace('I ', f'@{v.username} ')
 			title = censor_slurs2(title).upper().replace(' ME ', f' @{v.username} ')

-		title_html = filter_title(title)
+		title_html = filter_emojis_only(title)
 		if v.marseyawarded and len(list(re.finditer('>[^<\s+]|[^>\s+]<', title_html))) > 0: return {"error":"You can only type marseys!"}, 403
 		p.title = title
 		p.title_html = title_html
@ -402,7 +402,7 @@ def edit_post(pid, v):
 				c = Comment(author_id=AUTOPOLLER_ID,
 					parent_submission=p.id,
 					level=1,
-					body_html=filter_title(i.group(1)),
+					body_html=filter_emojis_only(i.group(1)),
 					upvotes=0
 					)
 				g.db.add(c)
@ -681,7 +681,7 @@ def submit_post(v):
 		title = title.replace('I ', f'@{v.username} ')
 		title = censor_slurs2(title).upper().replace(' ME ', f' @{v.username} ')

-	title_html = filter_title(title)
+	title_html = filter_emojis_only(title)
 	body = request.values.get("body", "").strip()

 	if v.marseyawarded and len(list(re.finditer('>[^<\s+]|[^>\s+]<', title_html))) > 0: return {"error":"You can only type marseys!"}, 40
@ -698,10 +698,8 @@ def submit_post(v):

 		for rd in ["https://reddit.com/", "https://new.reddit.com/", "https://www.reddit.com/", "https://redd.it/"]:
 			url = url.replace(rd, "https://old.reddit.com/")
-		
-		url = url.replace("old.reddit.com/gallery", "new.reddit.com/gallery")

-		url = url.replace("https://mobile.twitter.com", "https://twitter.com").replace("https://m.facebook", "https://facebook").replace("https://m.wikipedia", "https://wikipedia").replace("https://m.youtube", "https://youtube")
+		url = url.replace("old.reddit.com/gallery", "new.reddit.com/gallery").replace("https://youtu.be/", "https://youtube.com/watch?v=").replace("https://music.youtube.com/watch?v=", "https://youtube.com/watch?v=").replace("https://open.spotify.com/", "https://open.spotify.com/embed/").replace("https://streamable.com/", "https://streamable.com/e/").replace("https://youtube.com/shorts/", "https://youtube.com/watch?v=").replace("https://mobile.twitter", "https://twitter").replace("https://m.facebook", "https://facebook").replace("https://m.wikipedia", "https://wikipedia").replace("https://m.youtube", "https://youtube").replace("https://www.youtube", "https://youtube")

 		if url.startswith("https://streamable.com/") and not url.startswith("https://streamable.com/e/"): url = url.replace("https://streamable.com/", "https://streamable.com/e/")

@ -735,15 +733,14 @@ def submit_post(v):
 		elif "twitter.com" == domain:
 			try: embed = requests.get("https://publish.twitter.com/oembed", timeout=5, params={"url":url, "omit_script":"t"}).json()["html"]
 			except: embed = None
-		elif "youtu" in domain:
-			yt_id = re.match(re.compile("^.*(youtu.be\/|v\/|u\/\w\/|embed\/|watch\?v=|shorts\/|\&v=)([^#\&\?]*).*"), url).group(2)
+		elif url.startswith('https://youtube.com/watch?v='):
+			yt_id = url.split('https://youtube.com/watch?v=')[1].split('&')[0].split('%')[0]
 			params = parse_qs(urlparse(url).query)
 			t = params.get('t', params.get('start', [0]))[0]
 			if isinstance(t, str): t = t.replace('s','')
 			embed = f'<lite-youtube videoid="{yt_id}" params="controls=0&modestbranding=1'
 			if t: embed += f'&start={t}'
 			embed += '"></lite-youtube>'
-
 		elif app.config['SERVER_NAME'] in domain and "/post/" in url and "context" not in url:
 			id = url.split("/post/")[1]
 			if "/" in id: id = id.split("/")[0]
@ -923,7 +920,7 @@ def submit_post(v):
 		c = Comment(author_id=AUTOPOLLER_ID,
 			parent_submission=new_post.id,
 			level=1,
-			body_html=filter_title(option),
+			body_html=filter_emojis_only(option),
 			upvotes=0
 			)

@ -1098,7 +1095,7 @@ def submit_post(v):
 			if "Snapshots:\n\n"	 not in body: body += "Snapshots:\n\n"			

 			body += f'**[{title}]({href})**:\n\n'
-			if href.startswith('https://old.reddit.com'):
+			if href.startswith('https://old.reddit.com/'):
 				body += f'* [unddit.com](https://unddit.com/{href.replace("https://old.reddit.com/", "")})\n'
 			body += f'* [archive.org](https://web.archive.org/{href})\n'
 			body += f'* [archive.ph](https://archive.ph/?url={quote(href)}&run=1) (click to archive)\n\n'
--- a/files/routes/reporting.py
+++ b/files/routes/reporting.py
@ -3,6 +3,7 @@ from files.helpers.get import *
 from flask import g
 from files.__main__ import app, limiter
 from os import path
+from files.helpers.sanitize import filter_emojis_only

@app.post("/report/post/<pid>")
@limiter.limit("1/second")
@ -13,15 +14,12 @@ def api_flag_post(pid, v):

 	if not v.shadowbanned:
 		reason = request.values.get("reason", "").strip()[:100]
-		if "<" in reason: return {"error": f"Reasons can't contain <"}

 		if not reason.startswith('!'):
 			existing = g.db.query(Flag.id).filter_by(user_id=v.id, post_id=post.id).first()
 			if existing: return "", 409

-		for i in re.finditer(':(.{1,30}?):', reason):
-			if path.isfile(f'./files/assets/images/emojis/{i.group(1)}.webp'):
-				reason = reason.replace(f':{i.group(1)}:', f'<img loading="lazy" data-bs-toggle="tooltip" alt=":{i.group(1)}:" title=":{i.group(1)}:" delay="0" height=20 src="https://{site}/assets/images/emojis/{i.group(1)}.webp">')
+		reason = filter_emojis_only(reason)

 		if len(reason) > 350: return {"error": f"Too long."}

@ -45,26 +43,17 @@ def api_flag_comment(cid, v):
 	comment = get_comment(cid)
 	
 	if not v.shadowbanned:
-		existing = g.db.query(CommentFlag.id).filter_by(
-			user_id=v.id, comment_id=comment.id).first()
-
+		existing = g.db.query(CommentFlag.id).filter_by( user_id=v.id, comment_id=comment.id).first()
 		if existing: return "", 409
-		reason = request.values.get("reason", "").strip()[:100]
-		if "<" in reason: return {"error": f"Reasons can't contain <"}

-		for i in re.finditer(':(.{1,30}?):', reason):
-			if path.isfile(f'./files/assets/images/emojis/{i.group(1)}.webp'):
-				reason = reason.replace(f':{i.group(1)}:', f'<img loading="lazy" data-bs-toggle="tooltip" alt=":{i.group(1)}:" title=":{i.group(1)}:" delay="0" height=20 src="https://{site}/assets/images/emojis/{i.group(1)}.webp">')
+		reason = request.values.get("reason", "").strip()[:100]
+		reason = filter_emojis_only(reason)

 		if len(reason) > 350: return {"error": f"Too long."}

-		flag = CommentFlag(comment_id=comment.id,
-					user_id=v.id,
-					reason=reason,
-					)
+		flag = CommentFlag(comment_id=comment.id, user_id=v.id, reason=reason)

 		g.db.add(flag)
-
 		g.db.commit()

 	return {"message": "Comment reported!"}
--- a/files/routes/settings.py
+++ b/files/routes/settings.py
@ -10,7 +10,7 @@ from files.__main__ import app, cache, limiter
 import youtube_dl
 from .front import frontlist
 import os
-from files.helpers.sanitize import filter_title
+from files.helpers.sanitize import filter_emojis_only
 from files.helpers.discord import add_role
 from shutil import copyfile
 import requests
@ -1074,7 +1074,7 @@ def settings_title_change(v):

 	v.customtitleplain = new_name

-	v.customtitle = filter_title(new_name)
+	v.customtitle = filter_emojis_only(new_name)

 	if len(v.customtitle) < 1000:
 		g.db.add(v)
--- a/files/templates/authforms.html
+++ b/files/templates/authforms.html
@ -10,16 +10,14 @@

 		<title>{% block pagetitle %}{{'SITE_NAME' | app_config}}{% endblock %}</title>

-		<link href="/assets/css/opensans.css?v=1" rel="stylesheet">
-

 		{% if v %}
 			<style>:root{--primary:#{{v.themecolor}}}</style>
-			<link rel="stylesheet" href="/assets/css/main.css?v=136"><link rel="stylesheet" href="/assets/css/{{v.theme}}.css?v=124">
-			{% if v.agendaposter %}<link rel="stylesheet" href="/assets/css/agendaposter.css?v=124">{% elif v.css %}<link rel="stylesheet" href="/@{{v.username}}/css">{% endif %}
+			<link rel="stylesheet" href="/assets/css/main.css?v=137"><link rel="stylesheet" href="/assets/css/{{v.theme}}.css?v=125">
+			{% if v.agendaposter %}<link rel="stylesheet" href="/assets/css/agendaposter.css?v=125">{% elif v.css %}<link rel="stylesheet" href="/@{{v.username}}/css">{% endif %}
 		{% else %}
 			<style>:root{--primary:#{{'DEFAULT_COLOR' | app_config}}</style>
-			<link rel="stylesheet" href="/assets/css/main.css?v=136"><link rel="stylesheet" href="/assets/css/{{'DEFAULT_THEME' | app_config}}.css?v=124">
+			<link rel="stylesheet" href="/assets/css/main.css?v=137"><link rel="stylesheet" href="/assets/css/{{'DEFAULT_THEME' | app_config}}.css?v=125">
 		{% endif %}

 </head>
--- a/files/templates/email/default.html
+++ b/files/templates/email/default.html
@ -7,9 +7,7 @@
 		<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
 		<title></title>
 		<style type="text/css" rel="stylesheet" media="all">
-		
-		@import url('https://rdrama.net/assets/css/roboto.css');
-
+	
 		html {
 				font-size: 14px;
 		}
@ -44,7 +42,7 @@
 		body,
 		td,
 		th {
-			font-family: "Roboto", Helvetica, Arial, sans-serif;
+			font-family: Helvetica, Arial, sans-serif;
 		}
 		h1 {
 			margin-top: 0;
--- a/files/templates/log.html
+++ b/files/templates/log.html
@ -6,11 +6,11 @@
 {% block content %}
 {% if v %}
 	<style>:root{--primary:#{{v.themecolor}}}</style>
-	<link rel="stylesheet" href="/assets/css/main.css?v=136"><link rel="stylesheet" href="/assets/css/{{v.theme}}.css?v=124">
-	{% if v.agendaposter %}<link rel="stylesheet" href="/assets/css/agendaposter.css?v=124">{% elif v.css %}<link rel="stylesheet" href="/@{{v.username}}/css">{% endif %}
+	<link rel="stylesheet" href="/assets/css/main.css?v=137"><link rel="stylesheet" href="/assets/css/{{v.theme}}.css?v=125">
+	{% if v.agendaposter %}<link rel="stylesheet" href="/assets/css/agendaposter.css?v=125">{% elif v.css %}<link rel="stylesheet" href="/@{{v.username}}/css">{% endif %}
 {% else %}
 	<style>:root{--primary:#{{'DEFAULT_COLOR' | app_config}}</style>
-	<link rel="stylesheet" href="/assets/css/main.css?v=136"><link rel="stylesheet" href="/assets/css/{{'DEFAULT_THEME' | app_config}}.css?v=124">
+	<link rel="stylesheet" href="/assets/css/main.css?v=137"><link rel="stylesheet" href="/assets/css/{{'DEFAULT_THEME' | app_config}}.css?v=125">
 {% endif %}

 <div class="row justify-content-around">
--- a/files/templates/login_2fa.html
+++ b/files/templates/login_2fa.html
@ -12,7 +12,7 @@
 		<title>2-Step Login - {{'SITE_NAME' | app_config}}</title>

 		<style>:root{--primary:#{{'DEFAULT_COLOR' | app_config}}</style>
-		<link rel="stylesheet" href="/assets/css/main.css?v=136"><link rel="stylesheet" href="/assets/css/{{'DEFAULT_THEME' | app_config}}.css?v=124">
+		<link rel="stylesheet" href="/assets/css/main.css?v=137"><link rel="stylesheet" href="/assets/css/{{'DEFAULT_THEME' | app_config}}.css?v=125">

 </head>

--- a/files/templates/settings2.html
+++ b/files/templates/settings2.html
@ -33,18 +33,16 @@

 	<title>{% block pagetitle %}{{'SITE_NAME' | app_config}}{% endblock %}</title>

-	<link href="/assets/css/opensans.css?v=1" rel="stylesheet">
-
 	
 	{% if v %}
 		<style>:root{--primary:#{{v.themecolor}}}</style>
-		<link rel="stylesheet" href="/assets/css/main.css?v=136"><link rel="stylesheet" href="/assets/css/{{v.theme}}.css?v=124">
+		<link rel="stylesheet" href="/assets/css/main.css?v=137"><link rel="stylesheet" href="/assets/css/{{v.theme}}.css?v=125">
 	{% else %}
 		<style>:root{--primary:#{{'DEFAULT_COLOR' | app_config}}</style>
-		<link rel="stylesheet" href="/assets/css/main.css?v=136"><link rel="stylesheet" href="/assets/css/{{'DEFAULT_THEME' | app_config}}.css?v=124">
+		<link rel="stylesheet" href="/assets/css/main.css?v=137"><link rel="stylesheet" href="/assets/css/{{'DEFAULT_THEME' | app_config}}.css?v=125">
 	{% endif %}

-		<link href="/assets/css/fa.css?v=53" rel="stylesheet"> 
+		<link href="/assets/css/fa.css?v=54" rel="stylesheet"> 
 </head>

 <body id="settings2" style="overflow-x: hidden; {% if v and v.background %} background:url(/assets/images/backgrounds/{{v.background}}) no-repeat center center fixed !important; background-size: cover!important; background-color: #000!important;{% endif %}">
--- a/files/templates/sign_up_failed_ref.html
+++ b/files/templates/sign_up_failed_ref.html
@ -28,10 +28,8 @@

 		<title>{% if ref_user %}{{ref_user.username}} invites you to {{'SITE_NAME' | app_config}}{% else %}{{'SITE_NAME' | app_config}}{% endif %}</title>

-		<link href="/assets/css/opensans.css?v=1" rel="stylesheet">
-
 		<style>:root{--primary:#{{'DEFAULT_COLOR' | app_config}}</style>
-		<link rel="stylesheet" href="/assets/css/main.css?v=136"><link rel="stylesheet" href="/assets/css/{{'DEFAULT_THEME' | app_config}}.css?v=124">
+		<link rel="stylesheet" href="/assets/css/main.css?v=137"><link rel="stylesheet" href="/assets/css/{{'DEFAULT_THEME' | app_config}}.css?v=125">

 </head>