remove the need for alert flag on sanitize()
parent
26273d0997
commit
0e1177843e
|
@ -55,7 +55,7 @@ def notif_comment(text, autojanny=False):
|
||||||
author_id = NOTIFICATIONS_ID
|
author_id = NOTIFICATIONS_ID
|
||||||
alert = False
|
alert = False
|
||||||
|
|
||||||
text_html = sanitize(text, alert=alert)
|
text_html = sanitize(text)
|
||||||
|
|
||||||
try: existing = g.db.query(Comment.id).filter_by(author_id=author_id, parent_submission=None, body_html=text_html).one_or_none()
|
try: existing = g.db.query(Comment.id).filter_by(author_id=author_id, parent_submission=None, body_html=text_html).one_or_none()
|
||||||
except:
|
except:
|
||||||
|
@ -85,7 +85,7 @@ def notif_comment2(p):
|
||||||
else:
|
else:
|
||||||
text = f"@{p.author.username} has mentioned you: [{p.title}](/post/{p.id})"
|
text = f"@{p.author.username} has mentioned you: [{p.title}](/post/{p.id})"
|
||||||
if p.sub: text += f" in <a href='/h/{p.sub}'>/h/{p.sub}"
|
if p.sub: text += f" in <a href='/h/{p.sub}'>/h/{p.sub}"
|
||||||
text_html = sanitize(text, alert=True)
|
text_html = sanitize(text)
|
||||||
return create_comment(text_html)
|
return create_comment(text_html)
|
||||||
|
|
||||||
|
|
||||||
|
@ -117,7 +117,7 @@ def NOTIFY_USERS(text, v):
|
||||||
return notify_users - bots
|
return notify_users - bots
|
||||||
|
|
||||||
def notify_mod_action(by_id, msg):
|
def notify_mod_action(by_id, msg):
|
||||||
body_html = sanitize(NOTIF_MODACTION_PREFIX + msg, alert=True)
|
body_html = sanitize(NOTIF_MODACTION_PREFIX + msg)
|
||||||
new_comment = Comment(
|
new_comment = Comment(
|
||||||
author_id=NOTIFICATIONS_ID,
|
author_id=NOTIFICATIONS_ID,
|
||||||
parent_submission=None,
|
parent_submission=None,
|
||||||
|
|
|
@ -829,13 +829,11 @@ db.close()
|
||||||
if SITE_NAME == 'PCM':
|
if SITE_NAME == 'PCM':
|
||||||
valid_username_chars = 'a-zA-Z0-9_\-А-я'
|
valid_username_chars = 'a-zA-Z0-9_\-А-я'
|
||||||
valid_username_regex = re.compile("^[a-zA-Z0-9_\-А-я]{3,25}$", flags=re.A)
|
valid_username_regex = re.compile("^[a-zA-Z0-9_\-А-я]{3,25}$", flags=re.A)
|
||||||
mention_regex = re.compile('(^|\s|<p>)@(([a-zA-Z0-9_\-А-я]){3,25})', flags=re.A)
|
mention_regex = re.compile('(^|\s|<p>)@(([a-zA-Z0-9_\-А-я]){3,25})(?![^<]*<\/(code|pre|a)>)', flags=re.A)
|
||||||
mention_regex2 = re.compile('<p>@(([a-zA-Z0-9_\-А-я]){3,25})', flags=re.A)
|
|
||||||
else:
|
else:
|
||||||
valid_username_chars = 'a-zA-Z0-9_\-'
|
valid_username_chars = 'a-zA-Z0-9_\-'
|
||||||
valid_username_regex = re.compile("^[a-zA-Z0-9_\-]{3,25}$", flags=re.A)
|
valid_username_regex = re.compile("^[a-zA-Z0-9_\-]{3,25}$", flags=re.A)
|
||||||
mention_regex = re.compile('(^|\s|<p>)@(([a-zA-Z0-9_\-]){1,25})', flags=re.A)
|
mention_regex = re.compile('(^|\s|<p>)@(([a-zA-Z0-9_\-]){1,25})(?![^<]*<\/(code|pre|a)>)', flags=re.A)
|
||||||
mention_regex2 = re.compile('<p>@(([a-zA-Z0-9_\-]){1,25})', flags=re.A)
|
|
||||||
|
|
||||||
valid_password_regex = re.compile("^.{8,100}$", flags=re.A)
|
valid_password_regex = re.compile("^.{8,100}$", flags=re.A)
|
||||||
|
|
||||||
|
@ -865,7 +863,7 @@ fishylinks_regex = re.compile("https?://\S+", flags=re.A)
|
||||||
|
|
||||||
spoiler_regex = re.compile('''\|\|(.+)\|\|''', flags=re.A)
|
spoiler_regex = re.compile('''\|\|(.+)\|\|''', flags=re.A)
|
||||||
reddit_regex = re.compile('(^|\s|<p>)\/?((r|u)\/(\w|-){3,25})(?![^<]*<\/(code|pre|a)>)', flags=re.A)
|
reddit_regex = re.compile('(^|\s|<p>)\/?((r|u)\/(\w|-){3,25})(?![^<]*<\/(code|pre|a)>)', flags=re.A)
|
||||||
sub_regex = re.compile('(^|\s|<p>)\/?(h\/(\w|-){3,25})', flags=re.A)
|
sub_regex = re.compile('(^|\s|<p>)\/?(h\/(\w|-){3,25})(?![^<]*<\/(code|pre|a)>)', flags=re.A)
|
||||||
|
|
||||||
strikethrough_regex = re.compile('''~{1,2}([^~]+)~{1,2}''', flags=re.A)
|
strikethrough_regex = re.compile('''~{1,2}([^~]+)~{1,2}''', flags=re.A)
|
||||||
|
|
||||||
|
|
|
@ -162,7 +162,7 @@ def render_emoji(html, regexp, edit, marseys_used, b=False):
|
||||||
return html
|
return html
|
||||||
|
|
||||||
|
|
||||||
def sanitize(sanitized, alert=False, edit=False):
|
def sanitize(sanitized, edit=False):
|
||||||
|
|
||||||
signal.signal(signal.SIGALRM, handler)
|
signal.signal(signal.SIGALRM, handler)
|
||||||
signal.alarm(1)
|
signal.alarm(1)
|
||||||
|
@ -186,32 +186,20 @@ def sanitize(sanitized, alert=False, edit=False):
|
||||||
|
|
||||||
sanitized = sanitized.replace('','').replace('','').replace("\ufeff", "").replace("𒐪","")
|
sanitized = sanitized.replace('','').replace('','').replace("\ufeff", "").replace("𒐪","")
|
||||||
|
|
||||||
if alert:
|
sanitized = reddit_regex.sub(r'\1<a href="https://old.reddit.com/\2" rel="nofollow noopener noreferrer">/\2</a>', sanitized)
|
||||||
matches = { g.group(1):g for g in mention_regex2.finditer(sanitized) if g }
|
sanitized = sub_regex.sub(r'\1<a href="/\2">/\2</a>', sanitized)
|
||||||
users = get_users(matches.keys(),graceful=True)
|
|
||||||
|
|
||||||
captured = []
|
matches = [ m for m in mention_regex.finditer(sanitized) if m ]
|
||||||
for u in users:
|
names = set( m.group(2) for m in matches )
|
||||||
if u:
|
users = get_users(names,graceful=True)
|
||||||
i = matches.get(u.username) or matches.get(u.original_username)
|
|
||||||
if i.group(0) not in captured:
|
|
||||||
captured.append(i.group(0))
|
|
||||||
sanitized = sanitized.replace(i.group(0), f'''<p><a href="/id/{u.id}"><img loading="lazy" src="/pp/{u.id}">@{u.username}</a>''')
|
|
||||||
else:
|
|
||||||
sanitized = reddit_regex.sub(r'\1<a href="https://old.reddit.com/\2" rel="nofollow noopener noreferrer">/\2</a>', sanitized)
|
|
||||||
sanitized = sub_regex.sub(r'\1<a href="/\2">/\2</a>', sanitized)
|
|
||||||
|
|
||||||
matches = [ m for m in mention_regex.finditer(sanitized) if m ]
|
v = getattr(g, 'v', None)
|
||||||
names = set( m.group(2) for m in matches )
|
for u in users:
|
||||||
users = get_users(names,graceful=True)
|
if not u: continue
|
||||||
|
m = [ m for m in matches if u.username.lower() == m.group(2).lower() or u.original_username.lower() == m.group(2).lower() ]
|
||||||
v = getattr(g, 'v', None)
|
for i in m:
|
||||||
for u in users:
|
if not (v and v.any_block_exists(u)) or (v and v.admin_level >= 2):
|
||||||
if not u: continue
|
sanitized = sanitized.replace(i.group(0), f'''{i.group(1)}<a href="/id/{u.id}"><img loading="lazy" src="/pp/{u.id}">@{u.username}</a>''', 1)
|
||||||
m = [ m for m in matches if u.username.lower() == m.group(2).lower() or u.original_username.lower() == m.group(2).lower() ]
|
|
||||||
for i in m:
|
|
||||||
if not (v and v.any_block_exists(u)) or (v and v.admin_level >= 2):
|
|
||||||
sanitized = sanitized.replace(i.group(0), f'''{i.group(1)}<a href="/id/{u.id}"><img loading="lazy" src="/pp/{u.id}">@{u.username}</a>''', 1)
|
|
||||||
|
|
||||||
|
|
||||||
sanitized = normalize_url(sanitized)
|
sanitized = normalize_url(sanitized)
|
||||||
|
|
Loading…
Reference in New Issue