From 347604c4332a038416f21efa75da4e01450950eb Mon Sep 17 00:00:00 2001 From: Aevann1 Date: Fri, 29 Jul 2022 15:23:34 +0200 Subject: [PATCH] make non-jannies unable to ping more than 3 ppl --- files/helpers/sanitize.py | 6 ++++-- files/routes/errors.py | 5 +++++ files/templates/errors/406.html | 21 +++++++++++++++++++++ files/templates/errors/413.html | 2 +- files/templates/errors/500.html | 2 +- 5 files changed, 32 insertions(+), 4 deletions(-) create mode 100644 files/templates/errors/406.html diff --git a/files/helpers/sanitize.py b/files/helpers/sanitize.py index ec33d6656..3def8839b 100644 --- a/files/helpers/sanitize.py +++ b/files/helpers/sanitize.py @@ -242,11 +242,13 @@ def sanitize(sanitized, edit=False): sanitized = reddit_regex.sub(r'\1/\2', sanitized) sanitized = sub_regex.sub(r'\1/\2', sanitized) + v = getattr(g, 'v', None) + matches = [ m for m in mention_regex.finditer(sanitized) if m ] names = set( m.group(2) for m in matches ) - users = get_users(names,graceful=True) + if len(names) > 3 and not v.admin_level: abort(406) + users = get_users(names, graceful=True) - v = getattr(g, 'v', None) for u in users: if not u: continue m = [ m for m in matches if u.username.lower() == m.group(2).lower() or u.original_username.lower() == m.group(2).lower() ] diff --git a/files/routes/errors.py b/files/routes/errors.py index a0d5191a6..0180f9eaa 100644 --- a/files/routes/errors.py +++ b/files/routes/errors.py @@ -21,6 +21,11 @@ def error_401(e): argval = quote(f"{path}?{qs}", safe='') return redirect(f"/login?redirect={argval}") +@app.errorhandler(406) +def error_406(e): + if request.headers.get("Authorization") or request.headers.get("xhr"): return {"error": "You can't ping more than 3 people!"}, 406 + else: return render_template('errors/406.html', err=True), 406 + @app.errorhandler(403) def error_403(e): diff --git a/files/templates/errors/406.html b/files/templates/errors/406.html new file mode 100644 index 000000000..7bfa166cd --- /dev/null +++ b/files/templates/errors/406.html @@ -0,0 +1,21 @@ +{% extends "default.html" %} + +{% block title %} +Too many pings +{% endblock %} + +{% block pagetype %}Too many pings{% endblock %} + +{% block content %} +
+
+
+ :#marseyrage + 

+		
Too many pings

+			
You can't ping more than 3 people!

+			
Go to frontpage

+		

+	

+

+{% endblock %}
diff --git a/files/templates/errors/413.html b/files/templates/errors/413.html
index aaa3b43ee..86f3b9806 100644
--- a/files/templates/errors/413.html
+++ b/files/templates/errors/413.html
@@ -10,7 +10,7 @@
 

 	

 	

-		:#marseyretard:
+		:#marseyretard:
 		

 		
Max file size is 8 MB (16 MB for paypigs)

 		
Go to frontpage

diff --git a/files/templates/errors/500.html b/files/templates/errors/500.html
index de4ffcc26..42db88e68 100644
--- a/files/templates/errors/500.html
+++ b/files/templates/errors/500.html
@@ -10,7 +10,7 @@
 

 	

 		

-			:#marseydead:
+			:#marseydead:
 			

 			
500 Internal Server Error

 			
Hiiiii it's carp! I think this error means that there's a timeout error. And I think that means something took too long to load so it decided not to work at all. If you keep seeing this on the same page but not other pages, then something is probably wrong with that specific function. It may not be called a function, but that sounds right to me. Anyway, ping me and I'll whine to someone smarter to fix it. Don't bother them. Thanks ily <3