This commit is contained in:
parent
b80ae16889
commit
67e83fc2c7
21
main
21
main
|
|
@ -359,6 +359,10 @@ def post():
|
|||
flash("Text required :3")
|
||||
return redirect(url_for("post"))
|
||||
|
||||
if len(title) > 300:
|
||||
flash("Too long title!")
|
||||
return redirect(url_for("post"))
|
||||
|
||||
if "file" not in request.files:
|
||||
flash("No file selected :3")
|
||||
return redirect(url_for("post"))
|
||||
|
|
@ -372,8 +376,13 @@ def post():
|
|||
flash("File is not an image!")
|
||||
return redirect(url_for("post"))
|
||||
|
||||
if not user["banned"] == "0":
|
||||
flash("Your account has been banned. Reason: " +
|
||||
user["banned"])
|
||||
return redirect(url_for("post"))
|
||||
|
||||
filename = secure_filename(file.filename)
|
||||
finalfilename = secrets.token_hex(64) + filename
|
||||
finalfilename = secrets.token_hex(32) + filename
|
||||
|
||||
file.save(os.path.join(UPLOAD_FOLDER, finalfilename))
|
||||
imgurl = "/cdn/" + finalfilename
|
||||
|
|
@ -381,11 +390,6 @@ def post():
|
|||
userCookie = get_session(usersession)
|
||||
user = get_user(userCookie["id"])
|
||||
|
||||
if not user["banned"] == "0":
|
||||
flash("Your account has been banned. Reason: " +
|
||||
user["banned"])
|
||||
return redirect(url_for("post"))
|
||||
|
||||
conn = get_db_connection()
|
||||
conn.execute("INSERT INTO posts (textstr, imageurl, creator, created) VALUES (?, ?, ?, ?)",
|
||||
(title, imgurl, userCookie["id"], str(time.time())))
|
||||
|
|
@ -416,6 +420,11 @@ def comment():
|
|||
userCookie = get_session(usersession)
|
||||
user = get_user(userCookie["id"])
|
||||
|
||||
if len(title) > 300:
|
||||
return {
|
||||
"error": "too much text"
|
||||
}, 403
|
||||
|
||||
if not user["banned"] == "0":
|
||||
return {
|
||||
"error": "banned",
|
||||
|
|
|
|||
Reference in New Issue