mirror of
https://github.com/minetest/contentdb.git
synced 2025-01-06 13:17:29 +01:00
Fix crash on invalid username in forums import
This commit is contained in:
parent
fe2d08c395
commit
80d534a53f
@ -26,7 +26,8 @@ from wtforms.validators import *
|
|||||||
|
|
||||||
from app.models import *
|
from app.models import *
|
||||||
from app.tasks.emails import send_verify_email, send_anon_email, send_unsubscribe_verify, send_user_email
|
from app.tasks.emails import send_verify_email, send_anon_email, send_unsubscribe_verify, send_user_email
|
||||||
from app.utils import randomString, make_flask_login_password, is_safe_url, check_password_hash, addAuditLog, nonEmptyOrNone, post_login
|
from app.utils import randomString, make_flask_login_password, is_safe_url, check_password_hash, addAuditLog, \
|
||||||
|
nonEmptyOrNone, post_login, is_username_valid
|
||||||
from passlib.pwd import genphrase
|
from passlib.pwd import genphrase
|
||||||
|
|
||||||
from . import bp
|
from . import bp
|
||||||
@ -114,6 +115,10 @@ def handle_register(form):
|
|||||||
flash(gettext("Incorrect captcha answer"), "danger")
|
flash(gettext("Incorrect captcha answer"), "danger")
|
||||||
return
|
return
|
||||||
|
|
||||||
|
if not is_username_valid(form.username.data):
|
||||||
|
flash(gettext("Username is invalid"))
|
||||||
|
return
|
||||||
|
|
||||||
user_by_name = User.query.filter(or_(
|
user_by_name = User.query.filter(or_(
|
||||||
User.username == form.username.data,
|
User.username == form.username.data,
|
||||||
User.username == form.display_name.data,
|
User.username == form.display_name.data,
|
||||||
|
@ -18,15 +18,9 @@ from flask_babel import gettext
|
|||||||
from . import bp
|
from . import bp
|
||||||
from flask import redirect, render_template, session, request, flash, url_for
|
from flask import redirect, render_template, session, request, flash, url_for
|
||||||
from app.models import db, User, UserRank
|
from app.models import db, User, UserRank
|
||||||
from app.utils import randomString, login_user_set_active
|
from app.utils import randomString, login_user_set_active, is_username_valid
|
||||||
from app.tasks.forumtasks import checkForumAccount
|
from app.tasks.forumtasks import checkForumAccount
|
||||||
from app.utils.phpbbparser import getProfile
|
from app.utils.phpbbparser import getProfile
|
||||||
import re
|
|
||||||
|
|
||||||
|
|
||||||
def check_username(username):
|
|
||||||
return username is not None and len(username) >= 2 and re.match("^[A-Za-z0-9._-]*$", username)
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
@bp.route("/user/claim/", methods=["GET", "POST"])
|
@bp.route("/user/claim/", methods=["GET", "POST"])
|
||||||
@ -42,7 +36,7 @@ def claim_forums():
|
|||||||
else:
|
else:
|
||||||
method = request.args.get("method")
|
method = request.args.get("method")
|
||||||
|
|
||||||
if not check_username(username):
|
if not is_username_valid(username):
|
||||||
flash(gettext("Invalid username - must only contain A-Za-z0-9._. Consider contacting an admin"), "danger")
|
flash(gettext("Invalid username - must only contain A-Za-z0-9._. Consider contacting an admin"), "danger")
|
||||||
return redirect(url_for("users.claim_forums"))
|
return redirect(url_for("users.claim_forums"))
|
||||||
|
|
||||||
@ -67,7 +61,7 @@ def claim_forums():
|
|||||||
ctype = request.form.get("claim_type")
|
ctype = request.form.get("claim_type")
|
||||||
username = request.form.get("username")
|
username = request.form.get("username")
|
||||||
|
|
||||||
if not check_username(username):
|
if not is_username_valid(username):
|
||||||
flash(gettext("Invalid username - must only contain A-Za-z0-9._. Consider contacting an admin"), "danger")
|
flash(gettext("Invalid username - must only contain A-Za-z0-9._. Consider contacting an admin"), "danger")
|
||||||
elif ctype == "github":
|
elif ctype == "github":
|
||||||
task = checkForumAccount.delay(username)
|
task = checkForumAccount.delay(username)
|
||||||
|
@ -18,6 +18,7 @@
|
|||||||
import json, re, sys
|
import json, re, sys
|
||||||
from app.models import *
|
from app.models import *
|
||||||
from app.tasks import celery
|
from app.tasks import celery
|
||||||
|
from app.utils import is_username_valid
|
||||||
from app.utils.phpbbparser import getProfile, getTopicsFromForum
|
from app.utils.phpbbparser import getProfile, getTopicsFromForum
|
||||||
import urllib.request
|
import urllib.request
|
||||||
|
|
||||||
@ -137,6 +138,9 @@ def importTopicList():
|
|||||||
if user:
|
if user:
|
||||||
return user
|
return user
|
||||||
|
|
||||||
|
if not is_username_valid(username):
|
||||||
|
return None
|
||||||
|
|
||||||
user = User.query.filter_by(forums_username=username).first()
|
user = User.query.filter_by(forums_username=username).first()
|
||||||
if user is None:
|
if user is None:
|
||||||
user = User.query.filter_by(username=username).first()
|
user = User.query.filter_by(username=username).first()
|
||||||
|
@ -19,11 +19,16 @@ import secrets
|
|||||||
from .flask import *
|
from .flask import *
|
||||||
from .models import *
|
from .models import *
|
||||||
from .user import *
|
from .user import *
|
||||||
|
import re
|
||||||
|
|
||||||
|
|
||||||
YESES = ["yes", "true", "1", "on"]
|
YESES = ["yes", "true", "1", "on"]
|
||||||
|
|
||||||
|
|
||||||
|
def is_username_valid(username):
|
||||||
|
return username is not None and len(username) >= 2 and re.match(r"^[A-Za-z0-9._-]*$", username)
|
||||||
|
|
||||||
|
|
||||||
def isYes(val):
|
def isYes(val):
|
||||||
return val and val.lower() in YESES
|
return val and val.lower() in YESES
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user