mirror of
https://github.com/Adam-Ant/QuotesDB
synced 2024-12-20 11:34:35 +00:00
Strip unneeded whitespace
This commit is contained in:
parent
7763ce90cf
commit
60421dcdfb
22
main.py
22
main.py
@ -14,7 +14,7 @@ app = Flask(__name__)
|
|||||||
# Remove Trailing and leading whitespace, strip unicode
|
# Remove Trailing and leading whitespace, strip unicode
|
||||||
def cleanup_string(text):
|
def cleanup_string(text):
|
||||||
text = text.encode("ascii", "replace").decode()
|
text = text.encode("ascii", "replace").decode()
|
||||||
return text.strip()
|
return text.strip()
|
||||||
|
|
||||||
def get_userdb():
|
def get_userdb():
|
||||||
global userdb
|
global userdb
|
||||||
@ -78,7 +78,7 @@ def do_user_login(user, password):
|
|||||||
if pass_ctx.verify(password, userdata[3]):
|
if pass_ctx.verify(password, userdata[3]):
|
||||||
session['username'] = user
|
session['username'] = user
|
||||||
session['uid'] = userdata[0]
|
session['uid'] = userdata[0]
|
||||||
session['isAdmin'] = bool(ord(userdata[4]))
|
session['isAdmin'] = bool(ord(userdata[4]))
|
||||||
return redirect(url_for('index'))
|
return redirect(url_for('index'))
|
||||||
|
|
||||||
else:
|
else:
|
||||||
@ -156,8 +156,8 @@ def addquote():
|
|||||||
quotein = pymysql.escape_string(request.form['quote'])
|
quotein = pymysql.escape_string(request.form['quote'])
|
||||||
contextin = pymysql.escape_string(request.form['context'])
|
contextin = pymysql.escape_string(request.form['context'])
|
||||||
userin = pymysql.escape_string(request.form['user'])
|
userin = pymysql.escape_string(request.form['user'])
|
||||||
|
|
||||||
|
|
||||||
#Remove Trailing and leading whitespace, strip unicode
|
#Remove Trailing and leading whitespace, strip unicode
|
||||||
quotein = cleanup_string(quotein)
|
quotein = cleanup_string(quotein)
|
||||||
contextin = cleanup_string(contextin)
|
contextin = cleanup_string(contextin)
|
||||||
@ -170,27 +170,27 @@ def addquote():
|
|||||||
if (len(quotein) > 500) or (len(contextin) > 500):
|
if (len(quotein) > 500) or (len(contextin) > 500):
|
||||||
flash("Error: Quote too long. Stop fucking with the code :P","danger")
|
flash("Error: Quote too long. Stop fucking with the code :P","danger")
|
||||||
return redirect(url_for("addquote"))
|
return redirect(url_for("addquote"))
|
||||||
|
|
||||||
# This checks if the user value has been changed to a non integer
|
# This checks if the user value has been changed to a non integer
|
||||||
try:
|
try:
|
||||||
userin = int(userin)
|
userin = int(userin)
|
||||||
except:
|
except:
|
||||||
flash("Error: Invalid userID. Stop fucking with the code :P","danger")
|
flash("Error: Invalid userID. Stop fucking with the code :P","danger")
|
||||||
return redirect(url_for("addquote"))
|
return redirect(url_for("addquote"))
|
||||||
|
|
||||||
# Check if the value is out of range of the valid uid's
|
# Check if the value is out of range of the valid uid's
|
||||||
if (userin > int(userdb[-1][0]) or (userin <= 0)):
|
if (userin > int(userdb[-1][0]) or (userin <= 0)):
|
||||||
flash("Error: Invalid userID. Stop fucking with the code :P","danger")
|
flash("Error: Invalid userID. Stop fucking with the code :P","danger")
|
||||||
return redirect(url_for("addquote"))
|
return redirect(url_for("addquote"))
|
||||||
|
|
||||||
|
|
||||||
if not contextin:
|
if not contextin:
|
||||||
contextin = "NULL"
|
contextin = "NULL"
|
||||||
else:
|
else:
|
||||||
contextin = "\'" + contextin + "\'"
|
contextin = "\'" + contextin + "\'"
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
sql = "INSERT INTO `Quotes` (`id`, `quote`, `date`, `user`, `context`, `addedby`) VALUES (NULL, '%s', CURRENT_TIMESTAMP, %d, %s, %s);" % (quotein, userin, contextin, session['uid'])
|
sql = "INSERT INTO `Quotes` (`id`, `quote`, `date`, `user`, `context`, `addedby`) VALUES (NULL, '%s', CURRENT_TIMESTAMP, %d, %s, %s);" % (quotein, userin, contextin, session['uid'])
|
||||||
print(sql)
|
print(sql)
|
||||||
mysql_do(sql)
|
mysql_do(sql)
|
||||||
|
Loading…
Reference in New Issue
Block a user