fd

files/routes/awards.py

@@ -196,7 +196,7 @@ def get_awards(v):
 	return jsonify(return_value)
 
 
-@app.put("/post/<pid>/awards")
+@app.post("/post/<pid>/awards")
 @auth_required
 @validate_formkey
 def award_post(pid, v):
@@ -258,10 +258,11 @@ def award_post(pid, v):
 	post.author.received_award_count += 1
 	g.db.add(post.author)
 
+	g.db.commit()
 	return {"message": "Award given!"}
 
 
-@app.put("/comment/<cid>/awards")
+@app.post("/comment/<cid>/awards")
 @auth_required
 @validate_formkey
 def award_comment(cid, v):
@@ -322,6 +323,7 @@ def award_comment(cid, v):
 	c.author.received_award_count += 1
 	g.db.add(c.author)
 
+	g.db.commit()
 	return {"message": "Award given!"}
 
 @app.get("/admin/user_award")

files/routes/discord.py

@@ -149,4 +149,6 @@ def discord_redirect(v):
 
 		requests.patch(url, headers=headers, json=data)
 
+	g.db.commit()
+
 	return redirect(f"https://discord.com/channels/{SERVER_ID}/{WELCOME_CHANNEL}")

files/routes/front.py

@@ -92,6 +92,9 @@ def notifications(v):
 				if c not in listing:
 					listing.append(c)
 
+
+	g.db.commit()
+
 	return render_template("notifications.html",
 						   v=v,
 						   notifications=listing,

files/routes/login.py

@@ -154,6 +154,9 @@ def login_post():
 	# check for previous page
 
 	redir = request.form.get("redirect", "/").replace("/logged_out", "")
+
+	g.db.commit()
+
 	return redirect(redir)
 
 
@@ -506,6 +509,8 @@ def post_reset(v):
 	user.passhash = hash_password(password)
 	g.db.add(user)
 
+	g.db.commit()
+
 	return render_template("message_success.html",
 						   title="Password reset successful!",
 						   message="Login normally to access your account.")
@@ -590,6 +595,8 @@ def reset_2fa():
 
 	g.db.add(user)
 
+	g.db.commit()
+
 	return render_template("message_success.html",
 						   title="Two-factor authentication removed.",
 						   message="Login normally to access your account.")

files/routes/oauth.py

@@ -114,10 +114,10 @@ def admin_app_approve(v, aid):
 
 	g.db.add(new_auth)
 
-	g.db.commit()
-
 	send_notification(NOTIFICATIONS_ACCOUNT, user, f"Your application `{app.app_name}` has been approved. Here's your access token: `{access_token}`\nPlease check the guide [here](/api) if you don't know what to do next.")
 
+	g.db.commit()
+
 	return {"message": f"{app.app_name} approved"}
 
 

files/routes/posts.py

@@ -1182,8 +1182,6 @@ def toggle_post_nsfw(pid, v):
 			)
 		g.db.add(ma)
 
-	g.db.flush()
-
 	g.db.commit()
 
 	if post.over_18: return {"message": "Post has been marked as +18!"}
@@ -1200,9 +1198,6 @@ def save_post(pid, v):
 
 	g.db.add(new_save)
 
-	try: g.db.flush()
-	except: g.db.rollback()
-
 	g.db.commit()
 
 	return {"message": "Post saved!"}

files/routes/reporting.py

@@ -31,7 +31,7 @@ def api_flag_post(pid, v):
 
 		g.db.add(flag)
 
-	g.db.commit()
+		g.db.commit()
 
 	return {"message": "Post reported!"}
 
@@ -61,7 +61,7 @@ def api_flag_comment(cid, v):
 
 		g.db.add(flag)
 
-	g.db.commit()
+		g.db.commit()
 
 	return {"message": "Comment reported!"}
 

files/routes/settings.py

@@ -402,6 +402,8 @@ def settings_security_post(v):
 
 		g.db.add(v)
 
+		g.db.commit()
+
 		return redirect("/settings/security?msg=" +
 						escape("Your password has been changed."))
 
@@ -456,6 +458,8 @@ def settings_security_post(v):
 		v.mfa_secret = secret
 		g.db.add(v)
 
+		g.db.commit()
+
 		return redirect("/settings/security?msg=" +
 						escape("Two-factor authentication enabled."))
 
@@ -561,6 +565,7 @@ def settings_delete_profile(v):
 	v.highres = None
 	v.profileurl = None
 	g.db.add(v)
+	g.db.commit()
 	return render_template("settings_profile.html", v=v,
 						   msg="Profile picture successfully removed.")
 
@@ -582,8 +587,6 @@ def settings_delete_banner(v):
 def settings_blockedpage(v):
 
 
-	#users=[x.target for x in v.blocked]
-
 	return render_template("settings_blocks.html",
 						   v=v)
 

files/routes/users.py

@@ -53,6 +53,7 @@ def steal(v):
 		g.db.add(u)
 		send_notification(NOTIFICATIONS_ACCOUNT, u, f"Some [grubby little rentoid](/@{v.username}) has absconded with 700 of your hard-earned dramacoins to fuel his Funko Pop addiction. Stop being so trusting.")
 		send_notification(NOTIFICATIONS_ACCOUNT, v, f"You have successfully shorted your heroic landlord 700 dramacoins in rent. You're slightly less materially poor, but somehow even moreso morally. Are you proud of yourself?")
+		g.db.commit()
 		return {"message": "Attempt successful!"}
 
 	else:
@@ -135,7 +136,7 @@ def transfer_coins(v, username):
 		send_notification(v.id, receiver, transfer_message)
 		return {"message": f"{amount} {app.config['COINS_NAME']} transferred!"}, 200
 
-	g.db.commit()
+		g.db.commit()
 
 	return {"message": f"{app.config['COINS_NAME']} transferred!"}
 
@@ -397,6 +398,7 @@ def u_username(username, v=None):
 									  viewer_id = v.id)
 
 		g.db.add(view)
+		g.db.commit()
 
 		
 	if u.is_private and (not v or (v.id != u.id and v.admin_level < 3)):

files/templates/award_modal.html

@@ -126,7 +126,7 @@
 				f.append("note", this.note)
 
 				let response = await fetch(target, {
-					method: "PUT",
+					method: "POST",
 					body: f
 				});