From 67e83fc2c70f03c61db6e03bf9da4262f957892b Mon Sep 17 00:00:00 2001 From: maaa Date: Mon, 10 Jul 2023 00:10:36 +0200 Subject: [PATCH] fr --- main | 21 +++++++++++++++------ 1 file changed, 15 insertions(+), 6 deletions(-) diff --git a/main b/main index 13868d1..b102bd4 100644 --- a/main +++ b/main @@ -359,6 +359,10 @@ def post(): flash("Text required :3") return redirect(url_for("post")) + if len(title) > 300: + flash("Too long title!") + return redirect(url_for("post")) + if "file" not in request.files: flash("No file selected :3") return redirect(url_for("post")) @@ -372,8 +376,13 @@ def post(): flash("File is not an image!") return redirect(url_for("post")) + if not user["banned"] == "0": + flash("Your account has been banned. Reason: " + + user["banned"]) + return redirect(url_for("post")) + filename = secure_filename(file.filename) - finalfilename = secrets.token_hex(64) + filename + finalfilename = secrets.token_hex(32) + filename file.save(os.path.join(UPLOAD_FOLDER, finalfilename)) imgurl = "/cdn/" + finalfilename @@ -381,11 +390,6 @@ def post(): userCookie = get_session(usersession) user = get_user(userCookie["id"]) - if not user["banned"] == "0": - flash("Your account has been banned. Reason: " + - user["banned"]) - return redirect(url_for("post")) - conn = get_db_connection() conn.execute("INSERT INTO posts (textstr, imageurl, creator, created) VALUES (?, ?, ?, ?)", (title, imgurl, userCookie["id"], str(time.time()))) @@ -416,6 +420,11 @@ def comment(): userCookie = get_session(usersession) user = get_user(userCookie["id"]) + if len(title) > 300: + return { + "error": "too much text" + }, 403 + if not user["banned"] == "0": return { "error": "banned",