From b7fd1db1f7973b473e4ebc85611a7b10e933aaf5 Mon Sep 17 00:00:00 2001
From: Aevann1 <randomname42029@gmail.com>
Date: Tue, 8 Feb 2022 16:49:49 +0200
Subject: [PATCH] bv

---
 .gitignore                            |  3 +-
 files/__main__.py                     |  6 ++--
 files/routes/admin.py                 | 52 +++++++++++++++------------
 files/routes/login.py                 | 10 +++---
 files/templates/admin/admin_home.html |  8 ++---
 5 files changed, 44 insertions(+), 35 deletions(-)

diff --git a/.gitignore b/.gitignore
index 901c3face..8912b0ea1 100644
--- a/.gitignore
+++ b/.gitignore
@@ -9,4 +9,5 @@ venv/
 .vscode/
 .sass-cache/
 flask_session/
-.DS_Store
\ No newline at end of file
+.DS_Store
+disable_signups
\ No newline at end of file
diff --git a/files/__main__.py b/files/__main__.py
index 46109b79a..c5c967b75 100644
--- a/files/__main__.py
+++ b/files/__main__.py
@@ -17,9 +17,9 @@ from sys import stdout
 import faulthandler
 from json import loads
 
-f = 'files/templates/sidebar_' + environ.get("SITE_NAME").strip() + '.html'
-if not path.exists(f):
-    with open(f, 'w', encoding="utf-8"): pass
+for f in (f'files/templates/sidebar_{environ.get("SITE_NAME").strip()}.html', 'disable_signups'):
+	if not path.exists(f):
+		with open(f, 'w', encoding="utf-8"): pass
 
 app = Flask(__name__, template_folder='templates')
 app.url_map.strict_slashes = False
diff --git a/files/routes/admin.py b/files/routes/admin.py
index bf19ef657..4586dbbfa 100644
--- a/files/routes/admin.py
+++ b/files/routes/admin.py
@@ -451,29 +451,37 @@ def reported_comments(v):
 @app.get("/admin")
 @admin_level_required(2)
 def admin_home(v):
-	return render_template("admin/admin_home.html", v=v)
+	with open('disable_signups', 'r') as f: x = f.read()
+
+	response = requests.get(f'https://api.cloudflare.com/client/v4/zones/{CF_ZONE}/settings/security_level', headers=CF_HEADERS).json()['result']['value']
+	x2 = response == 'under_attack'
+
+	return render_template("admin/admin_home.html", v=v, x=x, x2=x2)
 
 @app.post("/admin/disable_signups")
 @admin_level_required(3)
 def disable_signups(v):
-	if environ.get('disable_signups'):
-		environ["disable_signups"] = ""
-		ma = ModAction(
-			kind="enable_signups",
-			user_id=v.id,
-		)
-		g.db.add(ma)
-		g.db.commit()
-		return {"message": "Signups enabled!"}
-	else:
-		environ["disable_signups"] = "1"
-		ma = ModAction(
-			kind="disable_signups",
-			user_id=v.id,
-		)
-		g.db.add(ma)
-		g.db.commit()
-		return {"message": "Signups disabled!"}
+	with open('disable_signups', 'r') as f: content = f.read()
+
+	with open('disable_signups', 'w') as f:
+		if content == "yes":
+			f.write("no")
+			ma = ModAction(
+				kind="enable_signups",
+				user_id=v.id,
+			)
+			g.db.add(ma)
+			g.db.commit()
+			return {"message": "Signups enabled!"}
+		else:
+			f.write("yes")
+			ma = ModAction(
+				kind="disable_signups",
+				user_id=v.id,
+			)
+			g.db.add(ma)
+			g.db.commit()
+			return {"message": "Signups disabled!"}
 
 
 @app.post("/admin/purge_cache")
@@ -495,8 +503,9 @@ def purge_cache(v):
 @app.post("/admin/under_attack")
 @admin_level_required(3)
 def under_attack(v):
-	if environ.get('under_attack'):
-		environ["under_attack"] = ""
+	response = requests.get(f'https://api.cloudflare.com/client/v4/zones/{CF_ZONE}/settings/security_level', headers=CF_HEADERS).json()['result']['value']
+
+	if response == 'under_attack':
 		ma = ModAction(
 			kind="disable_under_attack",
 			user_id=v.id,
@@ -508,7 +517,6 @@ def under_attack(v):
 		if response == "<Response [200]>": return {"message": "Under attack mode disabled!"}
 		return {"error": "Failed to disable under attack mode."}
 	else:
-		environ["under_attack"] = "1"
 		ma = ModAction(
 			kind="enable_under_attack",
 			user_id=v.id,
diff --git a/files/routes/login.py b/files/routes/login.py
index cf8c13f41..dbfe167b3 100644
--- a/files/routes/login.py
+++ b/files/routes/login.py
@@ -174,8 +174,9 @@ def logout(v):
 @app.get("/signup")
 @auth_desired
 def sign_up_get(v):
-	if environ.get('disable_signups'):
-		return {"error": "New account registration is currently closed. Please come back later."}, 403
+	with open('disable_signups', 'r') as f:
+		if f.read() == "yes":
+			return {"error": "New account registration is currently closed. Please come back later."}, 403
 
 	if v: return redirect(f"{SITE_FULL}/")
 
@@ -218,8 +219,9 @@ def sign_up_get(v):
 @limiter.limit("1/minute;5/day")
 @auth_desired
 def sign_up_post(v):
-	if environ.get('disable_signups'):
-		return {"error": "New account registration is currently closed. Please come back later."}, 403
+	with open('disable_signups', 'r') as f:
+		if f.read() == "yes":
+			return {"error": "New account registration is currently closed. Please come back later."}, 403
 
 	if v: abort(403)
 
diff --git a/files/templates/admin/admin_home.html b/files/templates/admin/admin_home.html
index 969c962eb..cbd5c6c5c 100644
--- a/files/templates/admin/admin_home.html
+++ b/files/templates/admin/admin_home.html
@@ -59,14 +59,12 @@
 
 {% if v.admin_level > 2 %}
 	<div class="custom-control custom-switch">
-		<input autocomplete="off" type="checkbox" class="custom-control-input" id="disable_signups" name="disable_signups" {% if environ.get('disable_signups') %}checked{% endif %} onchange="post_toast('/admin/disable_signups');">
+		<input autocomplete="off" type="checkbox" class="custom-control-input" id="disable_signups" name="disable_signups" {% if x == "yes" %}checked{% endif %} onchange="post_toast('/admin/disable_signups');">
 		<label class="custom-control-label" for="disable_signups">Disable signups</label>
 	</div>
-{% endif %}
 
-{% if v.admin_level == 3 %}
-	<div class="custom-control custom-switch mt-3">
-		<input autocomplete="off" type="checkbox" class="custom-control-input" id="under_attack" name="under_attack" {% if environ.get('under_attack') %}checked{% endif %} onchange="post_toast('/admin/under_attack');">
+	<div class="custom-control custom-switch">
+		<input autocomplete="off" type="checkbox" class="custom-control-input" id="under_attack" name="under_attack" {% if x2 %}checked{% endif %} onchange="post_toast('/admin/under_attack');">
 		<label class="custom-control-label" for="under_attack">Under attack mode</label>
 	</div>