mirror of
https://github.com/minetest/contentdb.git
synced 2024-12-31 18:27:30 +01:00
Fix crash on invalid username in forums import
This commit is contained in:
parent
fe2d08c395
commit
80d534a53f
@ -26,7 +26,8 @@ from wtforms.validators import *
|
||||
|
||||
from app.models import *
|
||||
from app.tasks.emails import send_verify_email, send_anon_email, send_unsubscribe_verify, send_user_email
|
||||
from app.utils import randomString, make_flask_login_password, is_safe_url, check_password_hash, addAuditLog, nonEmptyOrNone, post_login
|
||||
from app.utils import randomString, make_flask_login_password, is_safe_url, check_password_hash, addAuditLog, \
|
||||
nonEmptyOrNone, post_login, is_username_valid
|
||||
from passlib.pwd import genphrase
|
||||
|
||||
from . import bp
|
||||
@ -114,6 +115,10 @@ def handle_register(form):
|
||||
flash(gettext("Incorrect captcha answer"), "danger")
|
||||
return
|
||||
|
||||
if not is_username_valid(form.username.data):
|
||||
flash(gettext("Username is invalid"))
|
||||
return
|
||||
|
||||
user_by_name = User.query.filter(or_(
|
||||
User.username == form.username.data,
|
||||
User.username == form.display_name.data,
|
||||
|
@ -18,15 +18,9 @@ from flask_babel import gettext
|
||||
from . import bp
|
||||
from flask import redirect, render_template, session, request, flash, url_for
|
||||
from app.models import db, User, UserRank
|
||||
from app.utils import randomString, login_user_set_active
|
||||
from app.utils import randomString, login_user_set_active, is_username_valid
|
||||
from app.tasks.forumtasks import checkForumAccount
|
||||
from app.utils.phpbbparser import getProfile
|
||||
import re
|
||||
|
||||
|
||||
def check_username(username):
|
||||
return username is not None and len(username) >= 2 and re.match("^[A-Za-z0-9._-]*$", username)
|
||||
|
||||
|
||||
|
||||
@bp.route("/user/claim/", methods=["GET", "POST"])
|
||||
@ -42,7 +36,7 @@ def claim_forums():
|
||||
else:
|
||||
method = request.args.get("method")
|
||||
|
||||
if not check_username(username):
|
||||
if not is_username_valid(username):
|
||||
flash(gettext("Invalid username - must only contain A-Za-z0-9._. Consider contacting an admin"), "danger")
|
||||
return redirect(url_for("users.claim_forums"))
|
||||
|
||||
@ -67,7 +61,7 @@ def claim_forums():
|
||||
ctype = request.form.get("claim_type")
|
||||
username = request.form.get("username")
|
||||
|
||||
if not check_username(username):
|
||||
if not is_username_valid(username):
|
||||
flash(gettext("Invalid username - must only contain A-Za-z0-9._. Consider contacting an admin"), "danger")
|
||||
elif ctype == "github":
|
||||
task = checkForumAccount.delay(username)
|
||||
|
@ -18,6 +18,7 @@
|
||||
import json, re, sys
|
||||
from app.models import *
|
||||
from app.tasks import celery
|
||||
from app.utils import is_username_valid
|
||||
from app.utils.phpbbparser import getProfile, getTopicsFromForum
|
||||
import urllib.request
|
||||
|
||||
@ -137,6 +138,9 @@ def importTopicList():
|
||||
if user:
|
||||
return user
|
||||
|
||||
if not is_username_valid(username):
|
||||
return None
|
||||
|
||||
user = User.query.filter_by(forums_username=username).first()
|
||||
if user is None:
|
||||
user = User.query.filter_by(username=username).first()
|
||||
|
@ -19,11 +19,16 @@ import secrets
|
||||
from .flask import *
|
||||
from .models import *
|
||||
from .user import *
|
||||
import re
|
||||
|
||||
|
||||
YESES = ["yes", "true", "1", "on"]
|
||||
|
||||
|
||||
def is_username_valid(username):
|
||||
return username is not None and len(username) >= 2 and re.match(r"^[A-Za-z0-9._-]*$", username)
|
||||
|
||||
|
||||
def isYes(val):
|
||||
return val and val.lower() in YESES
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user