bbb

2022-02-24 19:48:14 +02:00 · 2022-02-24 19:48:14 +02:00 · 3636b9d69b
parent d5216dd65b
commit 3636b9d69b
9 changed files with 29 additions and 32 deletions
--- a/files/routes/admin.py
+++ b/files/routes/admin.py
@ -414,7 +414,7 @@ def admin_home(v):
 	with open('disable_signups', 'r') as f: x = f.read()
 	if CF_ZONE == '3435tdfsdudebussylmaoxxt43': response = 'high'
-	else: response = requests.get(f'https://api.cloudflare.com/client/v4/zones/{CF_ZONE}/settings/security_level', headers=CF_HEADERS).json()['result']['value']
+	else: response = requests.get(f'https://api.cloudflare.com/client/v4/zones/{CF_ZONE}/settings/security_level', headers=CF_HEADERS, timeout=5).json()['result']['value']
 	x2 = response == 'under_attack'
@ -450,7 +450,7 @@ def disable_signups(v):
@admin_level_required(3)
 def purge_cache(v):
 	cache.clear()
-	response = str(requests.post(f'https://api.cloudflare.com/client/v4/zones/{CF_ZONE}/purge_cache', headers=CF_HEADERS, data='{"purge_everything":true}'))
+	response = str(requests.post(f'https://api.cloudflare.com/client/v4/zones/{CF_ZONE}/purge_cache', headers=CF_HEADERS, data='{"purge_everything":true}', timeout=5))
 	ma = ModAction(
 		kind="purge_cache",
@ -465,7 +465,7 @@ def purge_cache(v):
@app.post("/admin/under_attack")
@admin_level_required(3)
 def under_attack(v):
-	response = requests.get(f'https://api.cloudflare.com/client/v4/zones/{CF_ZONE}/settings/security_level', headers=CF_HEADERS).json()['result']['value']
+	response = requests.get(f'https://api.cloudflare.com/client/v4/zones/{CF_ZONE}/settings/security_level', headers=CF_HEADERS, timeout=5).json()['result']['value']
 	if response == 'under_attack':
 		ma = ModAction(
@ -475,7 +475,7 @@ def under_attack(v):
 		g.db.add(ma)
 		g.db.commit()
-		response = str(requests.patch(f'https://api.cloudflare.com/client/v4/zones/{CF_ZONE}/settings/security_level', headers=CF_HEADERS, data='{"value":"medium"}'))
+		response = str(requests.patch(f'https://api.cloudflare.com/client/v4/zones/{CF_ZONE}/settings/security_level', headers=CF_HEADERS, data='{"value":"medium"}', timeout=5))
 		if response == "<Response [200]>": return {"message": "Under attack mode disabled!"}
 		return {"error": "Failed to disable under attack mode."}
 	else:
@ -486,7 +486,7 @@ def under_attack(v):
 		g.db.add(ma)
 		g.db.commit()
-		response = str(requests.patch(f'https://api.cloudflare.com/client/v4/zones/{CF_ZONE}/settings/security_level', headers=CF_HEADERS, data='{"value":"under_attack"}'))
+		response = str(requests.patch(f'https://api.cloudflare.com/client/v4/zones/{CF_ZONE}/settings/security_level', headers=CF_HEADERS, data='{"value":"under_attack"}', timeout=5))
 		if response == "<Response [200]>": return {"message": "Under attack mode enabled!"}
 		return {"error": "Failed to enable under attack mode."}
@ -1151,7 +1151,7 @@ def ban_post(post_id, v):
 	v.coins += 1
 	g.db.add(v)
-	requests.post(f'https://api.cloudflare.com/client/v4/zones/{CF_ZONE}/purge_cache', headers=CF_HEADERS, json={'files': [f"{SITE_FULL}/logged_out/"]})
+	requests.post(f'https://api.cloudflare.com/client/v4/zones/{CF_ZONE}/purge_cache', headers=CF_HEADERS, json={'files': [f"{SITE_FULL}/logged_out/"]}, timeout=5)
 	g.db.commit()
--- a/files/routes/comments.py
+++ b/files/routes/comments.py
@ -259,7 +259,7 @@ def api_comment(v):
 						filename = f'files/assets/images/badges/{badge.id}.webp'
 						copyfile(oldname, filename)
 						process_image(filename, 200)
-						requests.post(f'https://api.cloudflare.com/client/v4/zones/{CF_ZONE}/purge_cache', headers=CF_HEADERS, data={'files': [f"https://{request.host}/static/assets/images/badges/{badge.id}.webp"]})
+						requests.post(f'https://api.cloudflare.com/client/v4/zones/{CF_ZONE}/purge_cache', headers=CF_HEADERS, data={'files': [f"https://{request.host}/static/assets/images/badges/{badge.id}.webp"]}, timeout=5)
 					except Exception as e:
 						return {"error": str(e)}, 400
 				elif v.admin_level > 2 and parent_post.id == 37838:
@ -278,7 +278,7 @@ def api_comment(v):
 						filename = f'files/assets/images/emojis/{name}.webp'
 						copyfile(oldname, filename)
 						process_image(filename, 200)
-						requests.post(f'https://api.cloudflare.com/client/v4/zones/{CF_ZONE}/purge_cache', headers=CF_HEADERS, data={'files': [f"https://{request.host}/static/assets/images/emojis/{name}.webp"]})
+						requests.post(f'https://api.cloudflare.com/client/v4/zones/{CF_ZONE}/purge_cache', headers=CF_HEADERS, data={'files': [f"https://{request.host}/static/assets/images/emojis/{name}.webp"]}, timeout=5)
 						cache.delete_memoized(marsey_list)
 					except Exception as e:
 						return {"error": str(e)}, 400
@ -286,7 +286,7 @@ def api_comment(v):
 		elif file.content_type.startswith('video/'):
 			file.save("video.mp4")
 			with open("video.mp4", 'rb') as f:
-				try: url = requests.request("POST", "https://api.imgur.com/3/upload", headers={'Authorization': f'Client-ID {IMGUR_KEY}'}, files=[('video', f)]).json()['data']['link']
+				try: url = requests.request("POST", "https://api.imgur.com/3/upload", headers={'Authorization': f'Client-ID {IMGUR_KEY}'}, files=[('video', f)], timeout=5).json()['data']['link']
 				except: return {"error": "Imgur error"}, 400
 			if url.endswith('.'): url += 'mp4'
 			body += f"\n\n{url}"
@ -815,7 +815,7 @@ def edit_comment(cid, v):
 			elif file.content_type.startswith('video/'):
 				file.save("video.mp4")
 				with open("video.mp4", 'rb') as f:
-					try: url = requests.request("POST", "https://api.imgur.com/3/upload", headers={'Authorization': f'Client-ID {IMGUR_KEY}'}, files=[('video', f)]).json()['data']['link']
+					try: url = requests.request("POST", "https://api.imgur.com/3/upload", headers={'Authorization': f'Client-ID {IMGUR_KEY}'}, files=[('video', f)], timeout=5).json()['data']['link']
 					except: return {"error": "Imgur error"}, 400
 				if url.endswith('.'): url += 'mp4'
 				body += f"\n\n{url}"
--- a/files/routes/posts.py
+++ b/files/routes/posts.py
@ -490,7 +490,7 @@ def edit_post(pid, v):
 		elif file.content_type.startswith('video/'):
 			file.save("video.mp4")
 			with open("video.mp4", 'rb') as f:
-				try: url = requests.request("POST", "https://api.imgur.com/3/upload", headers={'Authorization': f'Client-ID {IMGUR_KEY}'}, files=[('video', f)]).json()['data']['link']
+				try: url = requests.request("POST", "https://api.imgur.com/3/upload", headers={'Authorization': f'Client-ID {IMGUR_KEY}'}, files=[('video', f)], timeout=5).json()['data']['link']
 				except: return {"error": "Imgur error"}, 400
 			if url.endswith('.'): url += 'mp4'
 			body += f"\n\n{url}"
@ -761,7 +761,7 @@ def thumbnail_thread(pid):
 			word = random.choice(('rdrama','marsey'))
 			try:
-				data = requests.get(f'https://api.pushshift.io/reddit/{t}/search?html_decode=true&q={word}&size=1')
+				data = requests.get(f'https://api.pushshift.io/reddit/{t}/search?html_decode=true&q={word}&size=1', timeout=5)
 				if str(data) == "<Response [200]>": data = data.json()["data"]
 				else: break
 			except: break
@ -789,7 +789,7 @@ def thumbnail_thread(pid):
 			k,val = random.choice(tuple(REDDIT_NOTIFS.items()))
-			for i in requests.get(f'https://api.pushshift.io/reddit/{t}/search?html_decode=true&q={k}&size=1').json()["data"]:
+			for i in requests.get(f'https://api.pushshift.io/reddit/{t}/search?html_decode=true&q={k}&size=1', timeout=5).json()["data"]:
 				body_html = sanitize(f'New mention of you: https://old.reddit.com{i["permalink"]}?context=89', noimages=True)
 				existing_comment = db.query(Comment.id).filter_by(author_id=NOTIFICATIONS_ID, parent_submission=None, distinguish_level=6, body_html=body_html).one_or_none()
@ -812,7 +812,7 @@ def thumbnail_thread(pid):
 		for t in ("submission","comment"):
 			try:
-				data = requests.get(f'https://api.pushshift.io/reddit/{t}/search?html_decode=true&q=pcmemes.net&size=1').json()["data"]
+				data = requests.get(f'https://api.pushshift.io/reddit/{t}/search?html_decode=true&q=pcmemes.net&size=1', timeout=5).json()["data"]
 				if str(data) == "<Response [200]>": data = data.json()["data"]
 				else: break
 			except: break
@ -943,7 +943,7 @@ def submit_post(v, sub=None):
 			reason = f"Remove the {domain_obj.domain} link from your post and try again. {domain_obj.reason}"
 			return error(reason)
 		elif "twitter.com" == domain:
-			try: embed = requests.get("https://publish.twitter.com/oembed", timeout=5, params={"url":url, "omit_script":"t"}).json()["html"]
+			try: embed = requests.get("https://publish.twitter.com/oembed", params={"url":url, "omit_script":"t"}, timeout=5).json()["html"]
 			except: embed = None
 		elif url.startswith('https://youtube.com/watch?v='):
 			url = unquote(url).replace('?t', '&t')
@ -1071,7 +1071,7 @@ def submit_post(v, sub=None):
 		elif file.content_type.startswith('video/'):
 			file.save("video.mp4")
 			with open("video.mp4", 'rb') as f:
-				try: url = requests.request("POST", "https://api.imgur.com/3/upload", headers={'Authorization': f'Client-ID {IMGUR_KEY}'}, files=[('video', f)]).json()['data']['link']
+				try: url = requests.request("POST", "https://api.imgur.com/3/upload", headers={'Authorization': f'Client-ID {IMGUR_KEY}'}, files=[('video', f)], timeout=5).json()['data']['link']
 				except: return error( "Imgur error")
 			if url.endswith('.'): url += 'mp4'
 			body += f"\n\n{url}"
@ -1199,7 +1199,7 @@ def submit_post(v, sub=None):
 		elif file.content_type.startswith('video/'):
 			file.save("video.mp4")
 			with open("video.mp4", 'rb') as f:
-				try: url = requests.request("POST", "https://api.imgur.com/3/upload", headers={'Authorization': f'Client-ID {IMGUR_KEY}'}, files=[('video', f)]).json()['data']['link']
+				try: url = requests.request("POST", "https://api.imgur.com/3/upload", headers={'Authorization': f'Client-ID {IMGUR_KEY}'}, files=[('video', f)], timeout=5).json()['data']['link']
 				except: return error( "Imgur error")
 			if url.endswith('.'): url += 'mp4'
 			post.url = url
--- a/files/routes/settings.py
+++ b/files/routes/settings.py
@ -264,7 +264,7 @@ def settings_profile_post(v):
 			elif file.content_type.startswith('video/'):
 				file.save("video.mp4")
 				with open("video.mp4", 'rb') as f:
-					try: url = requests.request("POST", "https://api.imgur.com/3/upload", headers={'Authorization': f'Client-ID {IMGUR_KEY}'}, files=[('video', f)]).json()['data']['link']
+					try: url = requests.request("POST", "https://api.imgur.com/3/upload", headers={'Authorization': f'Client-ID {IMGUR_KEY}'}, files=[('video', f)], timeout=5).json()['data']['link']
 					except: return {"error": "Imgur error"}, 400
 				if url.endswith('.'): url += 'mp4'
 				bio += f"\n\n{url}"
@ -458,7 +458,7 @@ def gumroad(v):
 		return {"error": f"You must have a verified email to verify {patron} status and claim your rewards"}, 400
 	data = {'access_token': GUMROAD_TOKEN, 'email': v.email}
-	response = requests.get('https://api.gumroad.com/v2/sales', data=data).json()["sales"]
+	response = requests.get('https://api.gumroad.com/v2/sales', data=data, timeout=5).json()["sales"]
 	if len(response) == 0: return {"error": "Email not found"}, 404
--- a/files/routes/static.py
+++ b/files/routes/static.py
@ -298,7 +298,7 @@ def submit_contact(v):
 		elif file.content_type.startswith('video/'):
 			file.save("video.mp4")
 			with open("video.mp4", 'rb') as f:
-				try: url = requests.request("POST", "https://api.imgur.com/3/upload", headers={'Authorization': f'Client-ID {IMGUR_KEY}'}, files=[('video', f)]).json()['data']['link']
+				try: url = requests.request("POST", "https://api.imgur.com/3/upload", headers={'Authorization': f'Client-ID {IMGUR_KEY}'}, files=[('video', f)], timeout=5).json()['data']['link']
 				except: return {"error": "Imgur error"}, 400
 			if url.endswith('.'): url += 'mp4'
 			body_html += f"<p>{url}</p>"
--- a/files/templates/comments.html
+++ b/files/templates/comments.html
@ -487,8 +487,8 @@
 								<button id="undelete-{{c.id}}" class="btn caction py-0 nobackground px-1 text-muted {% if not c.deleted_utc %}d-none{% endif %}" onclick="post_toast2(this,'/undelete/comment/{{c.id}}','delete-{{c.id}}','undelete-{{c.id}}');document.getElementById('comment-{{c.id}}').classList.remove('deleted')"><i class="fas fa-trash-alt fa-fw"></i>Undelete</button>
 								<button id="delete-{{c.id}}" class="btn caction py-0 nobackground px-1 text-muted {% if c.deleted_utc %}d-none{% endif %}" data-bs-toggle="modal" data-bs-target="#deleteCommentModal" onclick="delete_commentModal('{{c.id}}')"><i class="fas fa-trash-alt fa-fw"></i>Delete</button>
-							{% elif c.body %}
+							{% elif v and c.body %}
-								<button class="btn caction py-0 nobackground px-1 text-muted" onclick="expandMarkdown('{{c.id}}')"><i class="fas text-expand-icon-{{c.id}} fa-expand-alt"></i>View source</button>
+								<button class="btn caction py-0 nobackground px-1 text-muted" onclick="expandMarkdown(this,'{{c.id}}')"><i class="fas text-expand-icon-{{c.id}} fa-expand-alt"></i><span>View source</span></button>
 							{% endif %}
 						{% endif %}
@ -691,8 +691,7 @@
 							<a id="unmark2-{{c.id}}" class="{% if not c.over_18 %}d-none{% endif %} list-group-item text-danger" role="button" onclick="post_toast2(this,'/toggle_comment_nsfw/{{c.id}}','mark2-{{c.id}}','unmark2-{{c.id}}')" data-bs-dismiss="modal"><i class="fas fa-eye-evil text-danger mr-2"></i>Unmark +18</a>
 						{% else %}
 							{% if c.body %}
-								<a id="view-{{c.id}}" role="button" data-bs-dismiss="modal" onclick="expandMarkdown('{{c.id}}')" class="list-group-item"><i class="fas text-expand-icon-{{c.id}} fa-expand-alt mr-2"></i>View source</a>
+								<a role="button" data-bs-dismiss="modal" onclick="expandMarkdown(this,'{{c.id}}')" class="list-group-item"><i class="fas text-expand-icon-{{c.id}} fa-expand-alt mr-2"></i><span>View source</span></a>
 								<a id="hide-{{c.id}}" role="button" data-bs-dismiss="modal" onclick="expandMarkdown('{{c.id}}')" class="list-group-item d-none"><i class="fas text-expand-icon-{{c.id}} fa-compress-alt mr-2"></i>Hide source</a>
 							{% endif %}
 							{% if not c.ghost %}
@ -887,7 +886,7 @@
 	{% include "expanded_image_modal.html" %}
 	<script src="/static/assets/js/comments+submission_listing.js?a=252"></script>
-	<script src="/static/assets/js/comments.js?a=251"></script>
+	<script src="/static/assets/js/comments.js?a=252"></script>
 	<script>
 		{% if p and (not v or v.highlightcomments) %}
--- a/files/templates/default.html
+++ b/files/templates/default.html
@ -333,7 +333,6 @@
 {% if v %}
 	<script src="/static/assets/js/post_toast2.js?a=243"></script>
 	<script src="/static/assets/js/formatting.js?a=240"></script>
 	<script src="/static/assets/js/default.js?a=240"></script>
 {% endif %}
 <script src="/static/assets/js/lite-youtube.js?a=240"></script>
--- a/files/templates/header.html
+++ b/files/templates/header.html
@ -256,7 +256,7 @@
 	</div>
 </nav>
-<script src="/static/assets/js/header.js?a=247"></script>
+<script src="/static/assets/js/header.js?a=248"></script>
 {% if v and not err %}
 	<div id="formkey" class="d-none">{{v.formkey}}</div>
--- a/files/templates/submission.html
+++ b/files/templates/submission.html
@ -592,8 +592,7 @@
 							<button id="unmark3-{{p.id}}" class="{% if not p.over_18 %}d-none{% endif %} nobackground btn btn-link btn-block btn-lg text-left text-success" onclick="post_toast2(this,'/toggle_post_nsfw/{{p.id}}','mark3-{{p.id}}','unmark3-{{p.id}}')" data-bs-dismiss="modal"><i class="far fa-eye-evil text-center mr-3"></i>Unmark +18</button>
 						{% else %}
 							{% if p.body %}
-								<button id="view-{{p.id}}" class="nobackground btn btn-link btn-block btn-lg text-left text-muted" data-bs-dismiss="modal" onclick="expandMarkdown('{{p.id}}')"><i class="fas text-expand-icon-{{p.id}} fa-expand-alt text-center mr-3"></i>View source</button>
+								<button class="nobackground btn btn-link btn-block btn-lg text-left text-muted" data-bs-dismiss="modal" onclick="expandMarkdown(this,'{{p.id}}')"><i class="fas text-expand-icon-{{p.id}} fa-expand-alt text-center mr-3"></i><span>View source</span></button>
 								<button id="hide-{{p.id}}" class="nobackground btn btn-link btn-block btn-lg text-left text-muted d-none" data-bs-dismiss="modal" onclick="expandMarkdown('{{p.id}}')"><i class="fas text-expand-icon-{{p.id}} fa-compress-alt text-center mr-3"></i>Hide source</button>
 							{% endif %}
 							{% if not p.ghost %}
@ -888,8 +887,8 @@
 							<a class="list-inline-item" role="button" onclick="togglePostEdit('{{p.id}}')"><i class="fas fa-edit"></i>Edit</a>
 						{% endif %}
-						{% if not (v and v.id == p.author_id) and p.body %}
+						{% if v and v.id != p.author_id and p.body %}
-							<a class="list-inline-item" role="button" onclick="expandMarkdown('{{p.id}}')"><i class="fas text-expand-icon-{{p.id}} fa-expand-alt"></i>View source</a>
+							<a class="list-inline-item" role="button" onclick="expandMarkdown(this,'{{p.id}}')"><i class="fas text-expand-icon-{{p.id}} fa-expand-alt"></i><span>View source</span></a>
 						{% endif %}
 						{% if v and v.id==p.author_id %}
@ -1088,7 +1087,7 @@
 </div>
 {% if p.body and not (v and v.id == p.author_id) %}
-	<div class="d-none card rounded border my-2 p-3" style="white-space:pre-wrap" id="markdown-{{p.id}}">{{p.body.strip()}}</div>
+	<textarea autocomplete="off" class="d-none card border my-2 p-3 comment-box form-control rounded" id="markdown-{{p.id}}" readonly>{{p.body.strip()}}</textarea> 
 {% endif %}
 <div class="row border-md-0 comment-section pb-3">