AdamAnt/QuotesDB
1
0
Fork 0
mirror of https://github.com/Adam-Ant/QuotesDB synced 2024-10-04 23:23:52 +00:00
Code Issues Releases Wiki Activity

Strip unneeded whitespace

Browse Source
This commit is contained in:
Adam Dodman 2017-10-05 15:43:56 +01:00
parent 7763ce90cf
commit 60421dcdfb
1 changed files with 11 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
main.py
View File

@ -14,7 +14,7 @@ app = Flask(__name__)
# Remove Trailing and leading whitespace, strip unicode # Remove Trailing and leading whitespace, strip unicode
def cleanup_string(text): def cleanup_string(text):
text = text.encode("ascii", "replace").decode() text = text.encode("ascii", "replace").decode()
return text.strip() return text.strip()
def get_userdb(): def get_userdb():
global userdb global userdb
@ -78,7 +78,7 @@ def do_user_login(user, password):
if pass_ctx.verify(password, userdata[3]): if pass_ctx.verify(password, userdata[3]):
session['username'] = user session['username'] = user
session['uid'] = userdata[0] session['uid'] = userdata[0]
session['isAdmin'] = bool(ord(userdata[4])) session['isAdmin'] = bool(ord(userdata[4]))
return redirect(url_for('index')) return redirect(url_for('index'))
else: else:
@ -156,8 +156,8 @@ def addquote():
quotein = pymysql.escape_string(request.form['quote']) quotein = pymysql.escape_string(request.form['quote'])
contextin = pymysql.escape_string(request.form['context']) contextin = pymysql.escape_string(request.form['context'])
userin = pymysql.escape_string(request.form['user']) userin = pymysql.escape_string(request.form['user'])
#Remove Trailing and leading whitespace, strip unicode #Remove Trailing and leading whitespace, strip unicode
quotein = cleanup_string(quotein) quotein = cleanup_string(quotein)
contextin = cleanup_string(contextin) contextin = cleanup_string(contextin)
@ -170,27 +170,27 @@ def addquote():
if (len(quotein) > 500) or (len(contextin) > 500): if (len(quotein) > 500) or (len(contextin) > 500):
flash("Error: Quote too long. Stop fucking with the code :P","danger") flash("Error: Quote too long. Stop fucking with the code :P","danger")
return redirect(url_for("addquote")) return redirect(url_for("addquote"))
# This checks if the user value has been changed to a non integer # This checks if the user value has been changed to a non integer
try: try:
userin = int(userin) userin = int(userin)
except: except:
flash("Error: Invalid userID. Stop fucking with the code :P","danger") flash("Error: Invalid userID. Stop fucking with the code :P","danger")
return redirect(url_for("addquote")) return redirect(url_for("addquote"))
# Check if the value is out of range of the valid uid's # Check if the value is out of range of the valid uid's
if (userin > int(userdb[-1][0]) or (userin <= 0)): if (userin > int(userdb[-1][0]) or (userin <= 0)):
flash("Error: Invalid userID. Stop fucking with the code :P","danger") flash("Error: Invalid userID. Stop fucking with the code :P","danger")
return redirect(url_for("addquote")) return redirect(url_for("addquote"))
if not contextin: if not contextin:
contextin = "NULL" contextin = "NULL"
else: else:
contextin = "\'" + contextin + "\'" contextin = "\'" + contextin + "\'"
sql = "INSERT INTO `Quotes` (`id`, `quote`, `date`, `user`, `context`, `addedby`) VALUES (NULL, '%s', CURRENT_TIMESTAMP, %d, %s, %s);" % (quotein, userin, contextin, session['uid']) sql = "INSERT INTO `Quotes` (`id`, `quote`, `date`, `user`, `context`, `addedby`) VALUES (NULL, '%s', CURRENT_TIMESTAMP, %d, %s, %s);" % (quotein, userin, contextin, session['uid'])
print(sql) print(sql)
mysql_do(sql) mysql_do(sql)