From d2532456e1b2cc53281735812b4cc23ea28c7381 Mon Sep 17 00:00:00 2001
From: Aevann <randomname42029@gmail.com>
Date: Wed, 7 Feb 2024 05:33:23 +0200
Subject: [PATCH] retrofix all posts and comments with iframe in them

---
 files/helpers/config/const.py |  3 ++-
 files/routes/comments.py      | 15 +++++++------
 files/routes/posts.py         | 40 ++++++++++++++++++++++++++++-------
 3 files changed, 42 insertions(+), 16 deletions(-)

diff --git a/files/helpers/config/const.py b/files/helpers/config/const.py
index 5dbc1b083..11383f988 100644
--- a/files/helpers/config/const.py
+++ b/files/helpers/config/const.py
@@ -933,6 +933,7 @@ approved_embed_hosts = [
 	'thumbs.gfycat.com',
 	'i.postimg.cc', # WPD chat seems to like it
 	'files.catbox.moe',
+	'i.ibb.co',
 
 	### Third-Party Media
 	# DO NOT ADD: wordpress.com, wp.com (maybe) | Or frankly anything. No more.
@@ -1144,7 +1145,7 @@ GIRL_NAMES = {
 from sqlalchemy.engine.create import create_engine
 from sqlalchemy.orm import scoped_session, sessionmaker
 
-engine = create_engine(environ.get("DATABASE_URL").strip(), connect_args={"options": "-c statement_timeout=10000 -c idle_in_transaction_session_timeout=40000"})
+engine = create_engine(environ.get("DATABASE_URL").strip(), connect_args={"options": "-c statement_timeout=100000000 -c idle_in_transaction_session_timeout=40000"})
 db_session = scoped_session(sessionmaker(bind=engine, autoflush=False))
 
 approved_embed_hosts_for_csp = ' '.join(set(x.split('/')[0] for x in approved_embed_hosts))
diff --git a/files/routes/comments.py b/files/routes/comments.py
index d3c224d62..1a690d389 100644
--- a/files/routes/comments.py
+++ b/files/routes/comments.py
@@ -643,12 +643,12 @@ def toggle_comment_nsfw(cid, v):
 	else: return {"message": "Comment has been unmarked as NSFW!"}
 
 @app.post("/edit_comment/<int:cid>")
-@limiter.limit('1/second', scope=rpath)
-@limiter.limit('1/second', scope=rpath, key_func=get_ID)
-@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
-@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
+# @limiter.limit('1/second', scope=rpath)
+# @limiter.limit('1/second', scope=rpath, key_func=get_ID)
+# @limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
+# @limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
 @auth_required
-def edit_comment(cid, v):
+def edit_comment(cid, v, body=None):
 	c = get_comment(cid, v=v)
 
 	if time.time() - c.created_utc > 31*24*60*60 and not (c.post and c.post.private) \
@@ -661,13 +661,14 @@ def edit_comment(cid, v):
 	if not c.parent_post and not c.wall_user_id:
 		abort(403)
 
-	body = request.values.get("body", "")
+	if not body:
+		body = request.values.get("body", "")
 	body = body[:COMMENT_BODY_LENGTH_LIMIT].strip()
 
 	if len(body) < 1 and not (request.files.get("file") and not g.is_tor):
 		abort(400, "You have to actually type something!")
 
-	if body != c.body or request.files.get("file") and not g.is_tor:
+	if True or body != c.body or request.files.get("file") and not g.is_tor:
 		if c.author.longpost and (len(body) < 280 or ' [](' in body or body.startswith('[](')):
 			abort(403, "You have to type more than 280 characters!")
 		elif c.author.bird and len(body) > 140:
diff --git a/files/routes/posts.py b/files/routes/posts.py
index 34b1e5074..a565da3c9 100644
--- a/files/routes/posts.py
+++ b/files/routes/posts.py
@@ -981,12 +981,12 @@ def get_post_title(v):
 	return {"url": url, "title": title}
 
 @app.post("/edit_post/<int:pid>")
-@limiter.limit('1/second', scope=rpath)
-@limiter.limit('1/second', scope=rpath, key_func=get_ID)
-@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
-@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
+# @limiter.limit('1/second', scope=rpath)
+# @limiter.limit('1/second', scope=rpath, key_func=get_ID)
+# @limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
+# @limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
 @auth_required
-def edit_post(pid, v):
+def edit_post(pid, v, title=None, body=None):
 	p = get_post(pid)
 	if not v.can_edit(p): abort(403)
 
@@ -995,10 +995,14 @@ def edit_post(pid, v):
 	and v.admin_level < PERMS["IGNORE_1MONTH_EDITING_LIMIT"] and v.id not in EXEMPT_FROM_1MONTH_EDITING_LIMIT:
 		abort(403, "You can't edit posts older than 1 month!")
 
-	title = request.values.get("title", "")
+	if not title:
+		title = request.values.get("title", "")
+
 	title = title[:POST_TITLE_LENGTH_LIMIT].strip()
 
-	body = request.values.get("body", "")
+	if not body:
+		body = request.values.get("body", "")
+
 	body = body[:POST_BODY_LENGTH_LIMIT(g.v)].strip()
 
 	if p.author.longpost and (len(body) < 280 or ' [](' in body or body.startswith('[](')):
@@ -1036,7 +1040,7 @@ def edit_post(pid, v):
 	body = process_files(request.files, v, body)
 	body = body[:POST_BODY_LENGTH_LIMIT(v)].strip() # process_files() may be adding stuff to the body
 
-	if body != p.body or p.chudded:
+	if body != p.body or p.chudded or True:
 		body_html = sanitize(body, golden=False, limit_pings=100, obj=p, author=p.author)
 
 		if p.author.hieroglyphs and marseyaward_body_regex.search(body_html):
@@ -1074,3 +1078,23 @@ def edit_post(pid, v):
 		g.db.add(ma)
 
 	return {"message": "Post edited successfully!"}
+
+
+from .comments import edit_comment
+
+@app.get("/retrofix")
+@admin_level_required(5)
+def retrofix(v):
+	posts = g.db.query(Post).filter(Post.body_html.ilike('%<iframe%'), Post.body != None, Post.body != '').all()
+
+	for p in posts:
+		print(p.permalink, flush=True)
+		edit_post(p.id, title=p.title, body=p.body)
+
+	comments = g.db.query(Comment).filter(Comment.body_html.ilike('%<iframe%'), Comment.parent_post != None, Comment.body != None, Comment.body != '').all()
+
+	for c in comments:
+		print(c.id, flush=True)
+		edit_comment(c.id, body=c.body)
+
+	return 'nig'