diff --git a/files/routes/awards.py b/files/routes/awards.py index 624024554..60d560705 100644 --- a/files/routes/awards.py +++ b/files/routes/awards.py @@ -196,7 +196,7 @@ def get_awards(v): return jsonify(return_value) -@app.put("/post//awards") +@app.post("/post//awards") @auth_required @validate_formkey def award_post(pid, v): @@ -258,10 +258,11 @@ def award_post(pid, v): post.author.received_award_count += 1 g.db.add(post.author) + g.db.commit() return {"message": "Award given!"} -@app.put("/comment//awards") +@app.post("/comment//awards") @auth_required @validate_formkey def award_comment(cid, v): @@ -322,6 +323,7 @@ def award_comment(cid, v): c.author.received_award_count += 1 g.db.add(c.author) + g.db.commit() return {"message": "Award given!"} @app.get("/admin/user_award") diff --git a/files/routes/discord.py b/files/routes/discord.py index 5160dbe98..5246274e9 100644 --- a/files/routes/discord.py +++ b/files/routes/discord.py @@ -149,4 +149,6 @@ def discord_redirect(v): requests.patch(url, headers=headers, json=data) + g.db.commit() + return redirect(f"https://discord.com/channels/{SERVER_ID}/{WELCOME_CHANNEL}") \ No newline at end of file diff --git a/files/routes/front.py b/files/routes/front.py index 390e998c5..a5e294fb9 100644 --- a/files/routes/front.py +++ b/files/routes/front.py @@ -92,6 +92,9 @@ def notifications(v): if c not in listing: listing.append(c) + + g.db.commit() + return render_template("notifications.html", v=v, notifications=listing, diff --git a/files/routes/login.py b/files/routes/login.py index 7041be7a1..bf221851f 100644 --- a/files/routes/login.py +++ b/files/routes/login.py @@ -154,6 +154,9 @@ def login_post(): # check for previous page redir = request.form.get("redirect", "/").replace("/logged_out", "") + + g.db.commit() + return redirect(redir) @@ -506,6 +509,8 @@ def post_reset(v): user.passhash = hash_password(password) g.db.add(user) + g.db.commit() + return render_template("message_success.html", title="Password reset successful!", message="Login normally to access your account.") @@ -590,6 +595,8 @@ def reset_2fa(): g.db.add(user) + g.db.commit() + return render_template("message_success.html", title="Two-factor authentication removed.", message="Login normally to access your account.") diff --git a/files/routes/oauth.py b/files/routes/oauth.py index cde46743d..30d315731 100644 --- a/files/routes/oauth.py +++ b/files/routes/oauth.py @@ -114,10 +114,10 @@ def admin_app_approve(v, aid): g.db.add(new_auth) - g.db.commit() - send_notification(NOTIFICATIONS_ACCOUNT, user, f"Your application `{app.app_name}` has been approved. Here's your access token: `{access_token}`\nPlease check the guide [here](/api) if you don't know what to do next.") + g.db.commit() + return {"message": f"{app.app_name} approved"} diff --git a/files/routes/posts.py b/files/routes/posts.py index b229ecb26..bab6c0318 100644 --- a/files/routes/posts.py +++ b/files/routes/posts.py @@ -1182,8 +1182,6 @@ def toggle_post_nsfw(pid, v): ) g.db.add(ma) - g.db.flush() - g.db.commit() if post.over_18: return {"message": "Post has been marked as +18!"} @@ -1200,9 +1198,6 @@ def save_post(pid, v): g.db.add(new_save) - try: g.db.flush() - except: g.db.rollback() - g.db.commit() return {"message": "Post saved!"} diff --git a/files/routes/reporting.py b/files/routes/reporting.py index c520cc504..60ecc9e64 100644 --- a/files/routes/reporting.py +++ b/files/routes/reporting.py @@ -31,7 +31,7 @@ def api_flag_post(pid, v): g.db.add(flag) - g.db.commit() + g.db.commit() return {"message": "Post reported!"} @@ -61,7 +61,7 @@ def api_flag_comment(cid, v): g.db.add(flag) - g.db.commit() + g.db.commit() return {"message": "Comment reported!"} diff --git a/files/routes/settings.py b/files/routes/settings.py index ace67c705..96744e18c 100644 --- a/files/routes/settings.py +++ b/files/routes/settings.py @@ -402,6 +402,8 @@ def settings_security_post(v): g.db.add(v) + g.db.commit() + return redirect("/settings/security?msg=" + escape("Your password has been changed.")) @@ -456,6 +458,8 @@ def settings_security_post(v): v.mfa_secret = secret g.db.add(v) + g.db.commit() + return redirect("/settings/security?msg=" + escape("Two-factor authentication enabled.")) @@ -561,6 +565,7 @@ def settings_delete_profile(v): v.highres = None v.profileurl = None g.db.add(v) + g.db.commit() return render_template("settings_profile.html", v=v, msg="Profile picture successfully removed.") @@ -582,8 +587,6 @@ def settings_delete_banner(v): def settings_blockedpage(v): - #users=[x.target for x in v.blocked] - return render_template("settings_blocks.html", v=v) diff --git a/files/routes/users.py b/files/routes/users.py index 150089b8e..9ec611b2a 100644 --- a/files/routes/users.py +++ b/files/routes/users.py @@ -53,6 +53,7 @@ def steal(v): g.db.add(u) send_notification(NOTIFICATIONS_ACCOUNT, u, f"Some [grubby little rentoid](/@{v.username}) has absconded with 700 of your hard-earned dramacoins to fuel his Funko Pop addiction. Stop being so trusting.") send_notification(NOTIFICATIONS_ACCOUNT, v, f"You have successfully shorted your heroic landlord 700 dramacoins in rent. You're slightly less materially poor, but somehow even moreso morally. Are you proud of yourself?") + g.db.commit() return {"message": "Attempt successful!"} else: @@ -135,7 +136,7 @@ def transfer_coins(v, username): send_notification(v.id, receiver, transfer_message) return {"message": f"{amount} {app.config['COINS_NAME']} transferred!"}, 200 - g.db.commit() + g.db.commit() return {"message": f"{app.config['COINS_NAME']} transferred!"} @@ -397,6 +398,7 @@ def u_username(username, v=None): viewer_id = v.id) g.db.add(view) + g.db.commit() if u.is_private and (not v or (v.id != u.id and v.admin_level < 3)): diff --git a/files/templates/award_modal.html b/files/templates/award_modal.html index 58e8a176c..9aa20d107 100644 --- a/files/templates/award_modal.html +++ b/files/templates/award_modal.html @@ -126,7 +126,7 @@ f.append("note", this.note) let response = await fetch(target, { - method: "PUT", + method: "POST", body: f });