def remove_flair():
flair = syndbb.request.args.get('file', '')
uniqid = syndbb.request.args.get('uniqid', '')
if uniqid:
userid = check_session_by_id(uniqid)
if userid:
if flair:
flair_source = syndbb.app.static_folder + "/data/flair/"+str(userid)+"/"+flair+".png"
if syndbb.os.path.isfile(flair_source):
syndbb.os.remove(flair_source)
syndbb.flash('Flair removed.', 'success')
syndbb.cache.delete_memoized(syndbb.models.users.get_flair_by_id)
return syndbb.redirect(syndbb.url_for('configure_flair'))
else:
syndbb.flash('No such flair exists.', 'danger')
return syndbb.redirect(syndbb.url_for('configure_flair'))
else:
flair_source = syndbb.app.static_folder + "/data/flair/"+str(userid)+".png"
syndbb.os.remove(flair_source)
syndbb.flash('Flair removed.', 'success')
syndbb.cache.delete_memoized(syndbb.models.users.get_flair_by_id)
return syndbb.redirect(syndbb.url_for('configure_flair'))
else:
return "Invalid Session"
else:
return "Invalid Request"
def delete_file():
ufile = syndbb.request.args.get('file', '')
uniqid = syndbb.request.args.get('uniqid', '')
uploader = syndbb.request.args.get('uploader', '')
if 'logged_in' in syndbb.session:
userid = check_session_by_id(str(uniqid))
if userid:
user = d2_user.query.filter_by(user_id=userid).first()
if uploader == "upload_anon":
uploaded_file = syndbb.app.static_folder + "/data/uploads/" + d2_hash(
user.username + user.password)[:10] + "/" + ufile
else:
uploaded_file = syndbb.app.static_folder + "/data/uploads/" + user.username + "/" + ufile
if syndbb.os.path.isfile(uploaded_file):
syndbb.os.system("shred -u " + uploaded_file)
syndbb.flash('File deleted successfully.', 'success')
syndbb.cache.delete_memoized(
syndbb.views.upload.get_user_files)
return syndbb.redirect(syndbb.url_for(uploader))
else:
syndbb.flash('No such file exists.', 'danger')
return syndbb.redirect(syndbb.url_for(uploader))
else:
return syndbb.render_template('error_not_logged_in.html',
title="Upload")
else:
return syndbb.render_template('error_not_logged_in.html',
title="Upload")
def logout():
if 'logged_in' in syndbb.session:
userid = check_session_by_id(str(syndbb.session['logged_in']))
if userid:
uniqid = syndbb.request.args.get('uniqid', '')
if str(uniqid) == str(syndbb.session['logged_in']):
check_session = d2_ip.query.filter_by(sessionid=uniqid).filter_by(ip=gdpr_check(syndbb.request.remote_addr)).first()
if check_session:
syndbb.db.session.delete(check_session)
syndbb.db.session.commit()
syndbb.session.pop('logged_in', None)
syndbb.flash('You have been logged out.', 'warning')
return syndbb.redirect(syndbb.url_for('home'))
else:
syndbb.flash('Invalid request.', 'warning')
syndbb.session.pop('logged_in', None)
return syndbb.redirect(syndbb.url_for('home'))
else:
syndbb.flash('Invalid session.', 'warning')
syndbb.session.pop('logged_in', None)
return syndbb.redirect(syndbb.url_for('home'))
else:
return syndbb.render_template('error_not_logged_in.html', title="Not logged in")
else:
return syndbb.render_template('error_not_logged_in.html', title="Not logged in")
def disapprove_quote():
quote = syndbb.request.args.get('quote', '')
uniqid = syndbb.request.args.get('uniqid', '')
if quote and uniqid:
userid = check_session_by_id(uniqid)
if userid:
user = d2_user.query.filter_by(user_id=userid).first()
if user.rank >= 100:
quote = d2_quotes.query.filter_by(id=quote).first()
if quote:
syndbb.db.session.delete(quote)
syndbb.db.session.commit()
syndbb.flash('Quote has been disapproved.', 'danger')
return syndbb.redirect(syndbb.url_for('siteadmin_quotes'))
else:
syndbb.flash('No such quote exists.', 'danger')
return syndbb.redirect(syndbb.url_for('siteadmin_quotes'))
else:
return "Insufficient permission."
else:
return "Invalid Session"
else:
return "Invalid Request"
def disapprove_channel():
channel = syndbb.request.args.get('channel', '')
uniqid = syndbb.request.args.get('uniqid', '')
if channel and uniqid:
userid = check_session_by_id(uniqid)
if userid:
user = d2_user.query.filter_by(user_id=userid).first()
if user.rank >= 500:
channel = d2_channels.query.filter_by(id=channel).first()
if channel:
syndbb.db.session.delete(channel)
syndbb.db.session.commit()
syndbb.flash('Channel has been disapproved.', 'danger')
return syndbb.redirect(syndbb.url_for('siteadmin_channels'))
else:
syndbb.flash('No such channel exists.', 'danger')
return syndbb.redirect(syndbb.url_for('siteadmin_channels'))
else:
return "Insufficient permission."
else:
return "Invalid Session"
else:
return "Invalid Request"
def remove_avatar():
avatar = syndbb.request.args.get('file', '')
uniqid = syndbb.request.args.get('uniqid', '')
if uniqid:
userid = checkSession(uniqid)
if userid:
if avatar:
avatar_original_source = syndbb.app.static_folder + "/data/avatars/"+str(userid)+"/"+avatar+"-src.png"
avatar_source = syndbb.app.static_folder + "/data/avatars/"+str(userid)+"/"+avatar+".png"
if syndbb.os.path.isfile(avatar_source):
syndbb.os.remove(avatar_source)
if syndbb.os.path.isfile(avatar_original_source):
syndbb.os.remove(avatar_original_source)
syndbb.flash('Avatar removed.', 'success')
return syndbb.redirect(syndbb.url_for('change_avatar'))
else:
syndbb.flash('No such avatar exists.', 'danger')
return syndbb.redirect(syndbb.url_for('change_avatar'))
else:
avatar_original_source = syndbb.app.static_folder + "/data/avatars/"+str(userid)+"-src.png"
avatar_source = syndbb.app.static_folder + "/data/avatars/"+str(userid)+".png"
syndbb.os.remove(avatar_source)
if syndbb.os.path.isfile(avatar_original_source):
syndbb.os.remove(avatar_original_source)
user = d2_user.query.filter_by(user_id=userid).first()
user.avatar_date = 0
syndbb.db.session.commit()
syndbb.flash('Avatar removed.', 'success')
return syndbb.redirect(syndbb.url_for('change_avatar'))
else:
return "Invalid Session"
else:
return "Invalid Request"
def approve_emoticon():
emote = syndbb.request.args.get('file', '')
uniqid = syndbb.request.args.get('uniqid', '')
if uniqid:
userid = check_session_by_id(uniqid)
if userid:
user = d2_user.query.filter_by(user_id=userid).first()
if user.rank >= 500:
emotepath = syndbb.app.static_folder + "/data/emoticons/" + emote
destpath = syndbb.app.static_folder + "/images/emots/"
if syndbb.os.path.isfile(emotepath):
shutil.copy2(emotepath, destpath)
syndbb.os.remove(emotepath)
syndbb.flash('Emoticon approved successfully.', 'success')
return syndbb.redirect(syndbb.url_for('siteadmin_emoticons'))
else:
syndbb.flash('No such emoticon exists.', 'danger')
return syndbb.redirect(syndbb.url_for('siteadmin_emoticons'))
else:
return syndbb.render_template('error_insufficient_permissions.html', title="Insufficient permission")
else:
return "Invalid Session"
else:
return "Invalid Request"
def delete_post():
post_id = syndbb.request.args.get('post_id', '')
uniqid = syndbb.request.args.get('uniqid', '')
if 'logged_in' in syndbb.session:
userid = check_session_by_id(str(uniqid))
if userid:
postcheck = d2_activity.query.filter_by(id=post_id).first()
if postcheck:
if postcheck.title:
postvars = postcheck
else:
postvars = d2_activity.query.filter_by(id=postcheck.replyto).first()
channelcheck = d2_channels.query.filter_by(id=postvars.category).first()
if not check_channel_auth(channelcheck): return "Insufficient permission"
user = d2_user.query.filter_by(user_id=userid).first()
if (user.rank >= 100) or (int(postcheck.user_id) == int(userid)):
if postcheck.title:
replies = d2_activity.query.filter_by(replyto=postcheck.id).all()
for reply in replies:
syndbb.db.session.delete(reply)
syndbb.db.session.commit()
syndbb.db.session.delete(postcheck)
syndbb.db.session.commit()
take_currency(postcheck.user_id, 5)
take_posts(userid, 1)
syndbb.flash('Thread has been deleted.', 'danger')
syndbb.cache.delete_memoized(syndbb.models.channels.get_thread_contents)
syndbb.cache.delete_memoized(syndbb.models.channels.get_thread_list)
syndbb.cache.delete_memoized(syndbb.models.activity.get_recent_posts)
syndbb.cache.delete_memoized(syndbb.models.activity.get_activity)
syndbb.cache.delete_memoized(syndbb.views.xml_feed.feed_threads_xml)
syndbb.cache.delete_memoized(syndbb.models.channels.replies_to_post)
syndbb.cache.delete_memoized(syndbb.models.channels.get_channel_list)
return syndbb.redirect("/"+channelcheck.short_name)
else:
postvars.reply_count -= 1
syndbb.db.session.commit()
syndbb.db.session.delete(postcheck)
syndbb.db.session.commit()
take_currency(postcheck.user_id, 2)
take_posts(userid, 1)
syndbb.flash('Post has been deleted.', 'danger')
syndbb.cache.delete_memoized(syndbb.models.channels.get_thread_contents)
syndbb.cache.delete_memoized(syndbb.models.activity.get_recent_posts)
syndbb.cache.delete_memoized(syndbb.models.activity.get_activity)
syndbb.cache.delete_memoized(syndbb.views.xml_feed.feed_posts_xml)
syndbb.cache.delete_memoized(syndbb.models.channels.replies_to_post)
syndbb.cache.delete_memoized(syndbb.models.channels.get_channel_list)
return syndbb.redirect("/"+channelcheck.short_name+"/"+str(postvars.id))
else:
return "Trying to delete a post which isn't yours."
else:
return "Trying to delete a post which doesnt exist."
def upload_file():
if syndbb.request.method == 'POST':
image_types = [".jpg", ".jpeg", ".jpe"]
if 'logged_in' in syndbb.session:
userid = check_session_by_id(str(syndbb.session['logged_in']))
uploader = syndbb.request.form['uploader']
if 'anonymous' in syndbb.request.form:
anonymous = 1
else:
anonymous = 0
if 'timedelete' in syndbb.request.form:
timedelete = 1
else:
timedelete = 0
if userid:
user = d2_user.query.filter_by(user_id=userid).first()
if anonymous:
uploadfolder = syndbb.app.static_folder + "/data/uploads/" + d2_hash(
user.username + user.password)[:10] + "/"
else:
uploadfolder = syndbb.app.static_folder + "/data/uploads/" + user.username + "/"
if not syndbb.os.path.exists(uploadfolder):
syndbb.os.makedirs(uploadfolder)
if 'file' not in syndbb.request.files:
syndbb.flash('No file selected.', 'danger')
return syndbb.redirect(syndbb.url_for(uploader))
file = syndbb.request.files['file']
if file.filename == '':
syndbb.flash('No file selected.', 'danger')
return syndbb.redirect(syndbb.url_for(uploader))
if file:
filename = secure_filename(file.filename)
extension = syndbb.os.path.splitext(filename)[1]
newname = ''.join(
random.sample(
"-_" + string.ascii_uppercase +
string.ascii_lowercase + string.digits,
20)) + extension
file.save(syndbb.os.path.join(uploadfolder, newname))
if extension in image_types:
piexif.remove(uploadfolder + newname)
if uploader == 'upload_simple':
return "/upload/simple/?file=" + newname
else:
syndbb.flash('File uploaded successfully.', 'success')
syndbb.cache.delete_memoized(
syndbb.views.upload.get_user_files)
if anonymous:
fpath = d2_hash(user.username +
user.password)[:10] + "/" + newname
else:
fpath = user.username + "/" + newname
return syndbb.redirect('/upload/view?file=' + fpath)
def upload_avatar():
if syndbb.request.method == 'POST':
uploaded_avatar = syndbb.request.form['avatar']
uploaded_avatar = uploaded_avatar[uploaded_avatar.find(",")+1:]
userid = check_session_by_id(str(syndbb.session['logged_in']))
if userid:
user = d2_user.query.filter_by(user_id=userid).first()
avatar_original_folder = syndbb.app.static_folder + "/data/avatars/"+str(userid)+"-src.png"
avatar_original_history = syndbb.app.static_folder + "/data/avatars/"+str(userid)+"/"+str(unix_time_current())+"-src.png"
avatar_folder = syndbb.app.static_folder + "/data/avatars/"+str(userid)+".png"
avatar_history = syndbb.app.static_folder + "/data/avatars/"+str(userid)+"/"+str(unix_time_current())+".png"
if 'avatar_source' not in syndbb.request.files:
return "No avatar selected."
avatar_source = syndbb.request.files['avatar_source']
if avatar_source.filename == '':
return "No avatar selected."
if avatar_source:
filename = secure_filename(avatar_source.filename)
avatar_source.save(avatar_original_folder)
try:
im = Image.open(avatar_original_folder)
im.thumbnail((1024,1024))
im.save(avatar_original_folder, "PNG")
shutil.copy2(avatar_original_folder, avatar_original_history)
except IOError:
syndbb.flash('Problem setting avatar.', 'danger')
return syndbb.redirect(syndbb.url_for('configure_avatar'))
if 'avatar' not in syndbb.request.form:
syndbb.flash('No avatar selected.', 'danger')
return syndbb.redirect(syndbb.url_for('configure_avatar'))
else:
try:
with open(avatar_folder, "wb") as fh:
fh.write(base64.b64decode(uploaded_avatar))
im = Image.open(avatar_folder)
im.thumbnail((256,256))
im.save(avatar_folder, "PNG")
shutil.copy2(avatar_folder, avatar_history)
user.avatar_date = unix_time_current()
syndbb.db.session.commit()
syndbb.flash('Avatar uploaded successfully.', 'success')
except IOError:
syndbb.flash('Problem setting flair.', 'danger')
return syndbb.redirect(syndbb.url_for('configure_flair'))
syndbb.cache.delete_memoized(syndbb.models.users.get_avatar_by_id)
syndbb.cache.delete_memoized(syndbb.models.users.get_avatar_source_by_id)
return syndbb.redirect(syndbb.url_for('configure_avatar'))
def view_avatar_source(username):
davatar = cdn_path() + '/images/default_avatar.png'
if username:
user = d2_user.query.filter_by(username=username).first()
if user:
dynamic_js_footer = ["js/jquery.cropit.js", "js/bootbox.min.js", "js/delete.js"]
avatar_path = syndbb.app.static_folder + "/data/avatars/"+str(user.user_id)+"-src.png"
uavatar = cdn_path() + "/data/avatars/"+str(user.user_id)+"-src.png?v="+str(user.avatar_date)
if syndbb.os.path.isfile(avatar_path):
return syndbb.redirect(uavatar)
else:
return syndbb.redirect(davatar)
else:
return syndbb.redirect(davatar)
def do_unban_user():
banuser = syndbb.request.form['user_id']
uniqid = syndbb.request.form['uniqid']
if banuser and uniqid:
userid = check_session_by_id(uniqid)
if userid:
user = d2_user.query.filter_by(user_id=userid).first()
if user.rank >= 500:
ban = d2_bans.query.filter_by(banned_id=banuser).order_by(d2_bans.time.desc()).first()
if ban.length == 0:
ban.length = "-1"
ban.expires = unix_time_current()
syndbb.db.session.commit()
syndbb.cache.delete_memoized(syndbb.models.users.get_title_by_id)
syndbb.cache.delete_memoized(syndbb.models.users.get_group_style_by_id)
syndbb.cache.delete_memoized(syndbb.models.activity.ban_list)
syndbb.flash('User unbanned successfully.', 'success')
return syndbb.redirect(syndbb.url_for('siteadmin_ban'))
else:
return syndbb.render_template('error_insufficient_permissions.html', title="Insufficient permission")
else:
return "Invalid Session"
else:
return "Invalid Request"
def do_rank_user():
rankuser = syndbb.request.form['user_id']
rank = syndbb.request.form['rank']
uniqid = syndbb.request.form['uniqid']
if rankuser and rank and uniqid:
userid = check_session_by_id(uniqid)
if userid:
user = d2_user.query.filter_by(user_id=userid).first()
if user.rank >= 500:
changeuser = d2_user.query.filter_by(user_id=rankuser).first()
changeuser.rank = rank
syndbb.db.session.commit()
syndbb.cache.delete_memoized(syndbb.models.users.get_title_by_id)
syndbb.cache.delete_memoized(syndbb.models.users.get_group_style_by_id)
syndbb.flash('User rank changed successfully.', 'success')
return syndbb.redirect(syndbb.url_for('siteadmin_users'))
else:
return syndbb.render_template('error_insufficient_permissions.html', title="Insufficient permission")
else:
return "Invalid Session"
else:
return "Invalid Request"
def do_ban_user():
banuser = syndbb.request.form['user_id']
bantime = syndbb.request.form['time']
if 'reason' in syndbb.request.form:
banreason = syndbb.request.form['reason']
else:
banreason = ""
if 'post_id' in syndbb.request.form and syndbb.request.form['post_id'] != "":
banpost = syndbb.request.form['post_id']
else:
banpost = 0
if 'display' in syndbb.request.form:
display = 1
else:
display = 0
uniqid = syndbb.request.form['uniqid']
if banuser and bantime and uniqid:
userid = check_session_by_id(uniqid)
if userid:
user = d2_user.query.filter_by(user_id=userid).first()
if user.rank >= 500:
if banreason != "":
banmessage = "\n\n[ban](User was banned for this post. Reason: " + banreason + ")[/ban]"
else:
banmessage = "\n\n[ban](User was banned for this post.)[/ban]"
if bantime == 0:
banexpire = 0
else:
banexpire = int(bantime) + unix_time_current()
if banpost and banpost != 0:
post = d2_activity.query.filter_by(id=banpost).first()
post.content += banmessage
syndbb.db.session.commit()
new_ban = d2_bans(banned_id=banuser, reason=banreason, length=bantime, time=unix_time_current(), expires=banexpire, post=banpost, banner=userid, display=display)
syndbb.db.session.add(new_ban)
syndbb.db.session.commit()
syndbb.cache.delete_memoized(syndbb.models.users.get_title_by_id)
syndbb.cache.delete_memoized(syndbb.models.users.get_group_style_by_id)
syndbb.cache.delete_memoized(syndbb.models.activity.ban_list)
syndbb.flash('User banned successfully.', 'success')
return syndbb.redirect(syndbb.url_for('siteadmin_ban'))
else:
return syndbb.render_template('error_insufficient_permissions.html', title="Insufficient permission")
else:
return "Invalid Session"
else:
return "Invalid Request"
def delete_emoticon():
emote = syndbb.request.args.get('file', '')
uniqid = syndbb.request.args.get('uniqid', '')
if uniqid:
userid = checkSession(uniqid)
if userid:
user = d2_user.query.filter_by(user_id=userid).first()
emotepath = syndbb.app.static_folder + "/data/emoticons/" + user.username + "/" + emote
if syndbb.os.path.isfile(emotepath):
syndbb.os.remove(emotepath)
syndbb.flash('Emoticon deleted successfully.', 'success')
return syndbb.redirect(syndbb.url_for('submit_emoticon'))
else:
syndbb.flash('No such emoticon exists.', 'danger')
return syndbb.redirect(syndbb.url_for('submit_emoticon'))
else:
return "Invalid Session"
else:
return "Invalid Request"
def generate_invite():
uniqid = syndbb.request.args.get('uniqid', '')
userid = check_session_by_id(str(uniqid))
code = str(syndbb.uuid.uuid4().hex)
if userid:
user = d2_user.query.filter_by(user_id=userid).first()
if user.rank >= 10:
create_invite = d2_invites(code, userid, 0)
syndbb.db.session.add(create_invite)
syndbb.db.session.commit()
syndbb.flash('An invite has been generated.', 'success')
return syndbb.redirect(syndbb.url_for('my_invites'))
else:
syndbb.flash('You don\'t have the permission to do this.',
'danger')
return syndbb.redirect(syndbb.url_for('my_invites'))
else:
return syndbb.render_template('error_not_logged_in.html',
title="Not logged in")
def do_request_invite():
username = syndbb.request.form['username']
email = syndbb.request.form['email']
reason = syndbb.request.form['reason']
if username and email and reason:
if not syndbb.re.match(r"[^@]+@[^@]+\.[^@]+", email):
syndbb.flash('The email you entered was invalid.', 'danger')
return syndbb.redirect(syndbb.url_for('request_invite'))
invitecheck = d2_requests.query.filter_by(email=email).first()
if invitecheck:
syndbb.flash(
'An invite for this email has already been requested.',
'danger')
return syndbb.redirect(syndbb.url_for('request_invite'))
create_request = d2_requests(username, email, reason)
syndbb.db.session.add(create_request)
syndbb.db.session.commit()
syndbb.flash('Your invite request has been submitted.', 'success')
return syndbb.redirect(syndbb.url_for('request_invite'))
else:
syndbb.flash('Invalid Request.', 'danger')
return syndbb.redirect(syndbb.url_for('request_invite'))
def upload_flair():
if syndbb.request.method == 'POST':
uploaded_flair = syndbb.request.form['flair']
uploaded_flair = uploaded_flair[uploaded_flair.find(",")+1:]
userid = check_session_by_id(str(syndbb.session['logged_in']))
if userid:
user = d2_user.query.filter_by(user_id=userid).first()
if 'flair' not in syndbb.request.form:
syndbb.flash('No flair selected.', 'danger')
return syndbb.redirect(syndbb.url_for('configure_flair'))
else:
try:
if 'flair_source' not in syndbb.request.files:
return "No flair selected."
flair_source = syndbb.request.files['flair_source']
if not flair_source or flair_source.filename == '':
return "No flair selected."
flair_folder = syndbb.app.static_folder + "/data/flair/"+str(userid)+".png"
flair_history = syndbb.app.static_folder + "/data/flair/"+str(userid)+"/"+syndbb.os.path.splitext(secure_filename(flair_source.filename))[0]+".png"
with open(flair_folder, "wb") as fh:
fh.write(base64.b64decode(uploaded_flair))
im = Image.open(flair_folder)
im.thumbnail((16,16))
im.save(flair_folder, "PNG")
shutil.copy2(flair_folder, flair_history)
except IOError:
syndbb.flash('Problem setting flair.', 'danger')
return syndbb.redirect(syndbb.url_for('configure_flair'))
syndbb.flash('Flair uploaded successfully.', 'success')
syndbb.cache.delete_memoized(syndbb.models.users.get_flair_by_id)
return syndbb.redirect(syndbb.url_for('configure_flair'))
def set_avatar():
avatar = syndbb.request.args.get('file', '')
uniqid = syndbb.request.args.get('uniqid', '')
if uniqid:
userid = check_session_by_id(uniqid)
if userid:
avatar_original_source = syndbb.app.static_folder + "/data/avatars/"+str(userid)+"/"+avatar+"-src.png"
avatar_original_destination = syndbb.app.static_folder + "/data/avatars/"+str(userid)+"-src.png"
avatar_source = syndbb.app.static_folder + "/data/avatars/"+str(userid)+"/"+avatar+".png"
avatar_destination = syndbb.app.static_folder + "/data/avatars/"+str(userid)+".png"
if syndbb.os.path.isfile(avatar_source):
shutil.copy2(avatar_source, avatar_destination)
if syndbb.os.path.isfile(avatar_original_source):
shutil.copy2(avatar_original_source, avatar_original_destination)
else:
if syndbb.os.path.isfile(avatar_original_destination):
syndbb.os.remove(avatar_original_destination)
user = d2_user.query.filter_by(user_id=userid).first()
user.avatar_date = unix_time_current()
syndbb.db.session.commit()
syndbb.flash('Avatar updated successfully.', 'success')
syndbb.cache.delete_memoized(syndbb.models.users.get_avatar_by_id)
syndbb.cache.delete_memoized(syndbb.models.users.get_avatar_source_by_id)
return syndbb.redirect(syndbb.url_for('configure_avatar'))
else:
syndbb.flash('No such avatar exists.', 'danger')
return syndbb.redirect(syndbb.url_for('configure_avatar'))
else:
return "Invalid Session"
else:
return "Invalid Request"
def change_user():
switch_to = syndbb.request.args.get('userid', '')
uniqid = syndbb.request.args.get('uniqid', '')
if uniqid:
userid = check_session_by_id(uniqid)
if userid:
session = d2_ip.query.filter_by(sessionid=uniqid).first()
session.user_id = switch_to
syndbb.db.session.commit()
return syndbb.redirect(syndbb.url_for('home'))
else:
return "Invalid Session"
else:
return "Invalid Request"
def undopastes():
paste_id = syndbb.request.args.get('paste_id')
uniqid = syndbb.request.args.get('uniqid')
if paste_id and uniqid:
userid = checkSession(uniqid)
if userid:
deletePaste = d2_paste.query.filter(d2_paste.user_id == userid).filter(d2_paste.paste_id == paste_id).order_by(syndbb.db.desc(d2_paste.time)).first()
syndbb.db.session.delete(deletePaste)
syndbb.db.session.commit()
syndbb.flash('Paste deleted.', 'success')
return syndbb.redirect(syndbb.url_for('pastebin'))
else:
return "Invalid Session"
else:
return "Invalid Request"
def update_status():
status = syndbb.request.form['status']
uniqid = syndbb.request.form['uniqid']
if uniqid:
userid = checkSession(uniqid)
if userid:
user = d2_user.query.filter_by(user_id=userid).first()
user.status = status
user.status_time = unix_time_current()
syndbb.db.session.commit()
syndbb.cache.delete_memoized(syndbb.models.users.get_all_status_updates)
return syndbb.redirect(syndbb.url_for('home'))
else:
return "Invalid Session"
else:
return "Invalid Request"
def dopaste():
paste_title = syndbb.request.form['paste_title']
paste_content = syndbb.request.form['paste_content']
uniqid = syndbb.request.form['uniqid']
if paste_title and paste_content and uniqid:
userid = checkSession(uniqid)
if userid:
pasteid = str(syndbb.uuid.uuid4().hex)
new_paste = d2_paste(userid, pasteid, unix_time_current(), html_escape(paste_content), html_escape(paste_title))
syndbb.db.session.add(new_paste)
syndbb.db.session.commit()
syndbb.flash('Paste created successfully.', 'success')
return syndbb.redirect(syndbb.url_for('pastebin'))
else:
return "Invalid Session"
else:
return "Invalid Request"
def do_drop_session():
dropuser = syndbb.request.args.get('user', '')
uniqid = syndbb.request.args.get('uniqid', '')
if uniqid:
userid = check_session_by_id(uniqid)
if userid:
user = d2_user.query.filter_by(user_id=userid).first()
if user.rank >= 100:
check_session = d2_ip.query.filter_by(user_id=dropuser).filter_by(login=1).all()
for usession in check_session:
syndbb.db.session.delete(usession)
syndbb.db.session.commit()
syndbb.flash('User has been logged out.', 'success')
return syndbb.redirect(syndbb.url_for('siteadmin_users'))
else:
return "Invalid Session"
else:
return "Invalid Request"
def create_quotes():
uniqid = syndbb.request.form['uniqid']
tpost = syndbb.request.form['post_content']
if tpost and uniqid:
userid = checkSession(uniqid)
if userid:
lastquote = d2_quotes.query.filter_by(user_id=userid).order_by(
d2_quotes.time.desc()).first()
if lastquote and (unix_time_current() - lastquote.time) <= 1:
return "Trying to submit quotes too quickly, wait a while before trying again."
else:
create_quote = d2_quotes(userid, unix_time_current(), tpost, 0,
0)
syndbb.db.session.add(create_quote)
syndbb.db.session.commit()
syndbb.flash('Quote has been submitted.', 'success')
return syndbb.redirect(syndbb.url_for('view_qdb'))
else:
return "Invalid Session"
else:
return "Invalid Request"
def upload_emoticon():
if syndbb.request.method == 'POST':
if 'logged_in' in syndbb.session:
userid = checkSession(str(syndbb.session['logged_in']))
if userid:
user = d2_user.query.filter_by(user_id=userid).first()
uploadfolder = syndbb.app.static_folder + "/data/emoticons/" + user.username + "/"
if 'file' not in syndbb.request.files:
syndbb.flash('No emoticon selected.', 'danger')
return syndbb.redirect(syndbb.url_for('submit_emoticon'))
file = syndbb.request.files['file']
file.seek(0, syndbb.os.SEEK_END)
file_length = file.tell()
extension = syndbb.os.path.splitext(file.filename)[1].lower()
image_types = [".jpg", ".jpeg", ".jpe", ".gif", ".png"]
if extension not in image_types:
syndbb.flash('Uploaded file is not an image.', 'danger')
return syndbb.redirect(syndbb.url_for('submit_emoticon'))
if file_length > 65536:
syndbb.flash('Image is over 64kb.', 'danger')
return syndbb.redirect(syndbb.url_for('submit_emoticon'))
img_res = Image.open(file)
if img_res.size[0] > 100:
syndbb.flash('Image width is over 100px.', 'danger')
return syndbb.redirect(syndbb.url_for('submit_emoticon'))
if img_res.size[1] > 32:
syndbb.flash('Image height is over 32px.', 'danger')
return syndbb.redirect(syndbb.url_for('submit_emoticon'))
if file.filename == '':
syndbb.flash('No emoticon selected.', 'danger')
return syndbb.redirect(syndbb.url_for('submit_emoticon'))
if file:
file.seek(0)
filename = secure_filename(file.filename)
file.save(syndbb.os.path.join(uploadfolder, filename))
syndbb.flash('Emoticon uploaded successfully.', 'success')
return syndbb.redirect(syndbb.url_for('submit_emoticon'))
else:
return "What are you doing?"
def save_preferences():
possibleurls = ["local", "i.d2k5.com", "i.hardcats.net", "i.lulzsec.co.uk"]
status = syndbb.request.form['status']
location = syndbb.request.form['location']
gender = syndbb.request.form['gender']
occupation = syndbb.request.form['occupation']
url = syndbb.request.form['url']
ircauth = syndbb.request.form['ircauth']
uploadauth = syndbb.request.form['uploadauth']
upload_url = syndbb.request.form['upload_url']
bio = syndbb.request.form['bio']
uniqid = syndbb.request.form['uniqid']
if uniqid:
userid = checkSession(uniqid)
if userid:
user = d2_user.query.filter_by(user_id=userid).first()
if status is not user.status:
user.status = status
user.status_time = unix_time_current()
user.location = location
user.gender = gender
user.occupation = occupation
user.site = url
user.ircauth = ircauth
user.uploadauth = uploadauth
if upload_url in possibleurls:
user.upload_url = upload_url
else:
user.upload_url = "i.d2k5.com"
user.bio = bio
syndbb.db.session.commit()
syndbb.cache.delete_memoized(syndbb.models.users.get_all_status_updates)
syndbb.flash('Preferences updated successfully.', 'success')
if ircauth is not user.ircauth:
# try:
# udata = {'username': user.username, 'password': ircauth}
# reqheader = {'Accept': 'application/json', 'Content-Type': 'application/json', 'Authorization': syndbb.xmpp_key}
# req = requests.get("https://" + syndbb.xmpp_address + ":" + syndbb.xmpp_port + "/plugins/restapi/v1/users", data=json.dumps(udata), headers=reqheader, verify=False, timeout=5)
# print(req.request.headers)
# except requests.exceptions.RequestException:
# syndbb.flash('Couldn\'t create an XMPP user.', 'danger')
try:
requests.get("https://" + syndbb.znc_address + ":" + syndbb.znc_port + "/mods/global/httpadmin/adduser?username="******"&password="******"https://" + syndbb.znc_address + ":" + syndbb.znc_port + "/mods/global/httpadmin/userpassword?username="******"&password="******"https://" + syndbb.znc_address + ":" + syndbb.znc_port + "/mods/global/httpadmin/addnetwork?username="******"&net_name=" + syndbb.irc_network_name + "&net_addr=" + syndbb.irc_network_address + "&net_port=" + syndbb.irc_network_port, auth=(syndbb.znc_user, syndbb.znc_password), verify=False, timeout=5)
except requests.exceptions.RequestException:
syndbb.flash('Couldn\'t assign an IRC network.', 'danger')
return syndbb.redirect(syndbb.url_for('preferences'))
else:
return "Invalid Session"
else:
return "Invalid Request"
def no_avatar():
davatar = cdn_path() + '/images/default_avatar.png'
return syndbb.redirect(davatar)
def save_preferences():
possibleurls = ["local", "i.d2k5.com", "i.hardcats.net", "i.hard.cat", "i.lulzsec.co.uk", "i.hurr.ca"]
display_name = syndbb.request.form['display_name']
status = syndbb.request.form['status']
irc_auth = 0 #syndbb.request.form['irc_auth']
upload_auth = syndbb.request.form['upload_auth']
user_auth = syndbb.request.form['user_auth']
upload_url = syndbb.request.form['upload_url']
bio = syndbb.request.form['bio']
tags = syndbb.request.form['tags']
uniqid = syndbb.request.form['uniqid']
nsfw = 1 if 'nsfw_toggle' in syndbb.request.form else 0
full_avatar = 1 if 'full_avatar' in syndbb.request.form else 0
if uniqid:
userid = check_session_by_id(uniqid)
if userid:
user = d2_user.query.filter_by(user_id=userid).first()
user.display_name = display_name
if syndbb.core_config['ldap']['enabled'] :
is_ldap_user = ldap_user.query.filter(syndbb.core_config['ldap']['attribute_cn'] + ': '+user.username).first()
if is_ldap_user:
is_ldap_user.display_name = display_name
is_ldap_user.save()
if status != user.status:
user.status = status
user.status_time = unix_time_current()
user.irc_auth = irc_auth
user.upload_auth = upload_auth
user.user_auth = user_auth
user.nsfw_toggle = nsfw
user.full_avatar = full_avatar
user.tags = tags
if upload_url in possibleurls:
user.upload_url = upload_url
else:
user.upload_url = "i.d2k5.com"
user.bio = bio
syndbb.db.session.commit()
syndbb.cache.delete_memoized(syndbb.views.profile.get_user_profile)
syndbb.cache.delete_memoized(syndbb.models.users.get_linked_by_id)
syndbb.cache.delete_memoized(syndbb.models.users.get_all_status_updates)
syndbb.cache.delete_memoized(syndbb.models.users.get_displayed_name_by_id)
syndbb.cache.delete_memoized(syndbb.models.users.get_displayed_name_by_username)
syndbb.flash('Preferences updated successfully.', 'success')
#if irc_auth is not user.irc_auth:
# try:
# udata = {'username': user.username, 'password': irc_auth}
# reqheader = {'Accept': 'application/json', 'Content-Type': 'application/json', 'Authorization': syndbb.xmpp_key}
# req = requests.get("https://" + syndbb.xmpp_address + ":" + syndbb.xmpp_port + "/plugins/restapi/v1/users", data=json.dumps(udata), headers=reqheader, verify=False, timeout=5)
# syndbb.logger.debug(req.request.headers)
# except requests.exceptions.RequestException:
# syndbb.flash('Couldn\'t create an XMPP user.', 'danger')
# try:
# requests.get("https://" + syndbb.core_config['znc']['host'] + ":" + syndbb.core_config['znc']['port'] + "/mods/global/httpadmin/adduser?username="******"&password="******"https://" + syndbb.core_config['znc']['host'] + ":" + syndbb.core_config['znc']['port'] + "/mods/global/httpadmin/userpassword?username="******"&password="******"https://" + syndbb.core_config['znc']['host'] + ":" + syndbb.core_config['znc']['port'] + "/mods/global/httpadmin/addnetwork?username="******"&net_name=" + syndbb.core_config['irc']['network'] + "&net_addr=" + syndbb.core_config['irc']['host'] + "&net_port=" + syndbb.core_config['irc']['port'] , auth=(syndbb.core_config['znc']['user'] , syndbb.core_config['znc']['password'] ), verify=False, timeout=5)
# except requests.exceptions.RequestException:
# syndbb.flash('Couldn\'t assign an IRC network.', 'danger')
return syndbb.redirect(syndbb.url_for('preferences'))
else:
return "Invalid Session"
else:
return "Invalid Request"
def request_custom_forum():
uniqid = syndbb.request.form['uniqid']
fname = syndbb.request.form['forum-name']
fdesc = syndbb.request.form['forum-description']
facrn = syndbb.request.form['forum-acronym']
if 'forum-nsfw' in syndbb.request.form:
fnsfw = 1
else:
fnsfw = 0
if 'forum-auth' in syndbb.request.form:
fauth = 1
else:
fauth = 0
if 'forum-anon' in syndbb.request.form:
fanon = 1
else:
fanon = 0
if uniqid and fname and fdesc:
userid = checkSession(uniqid)
if userid:
if not syndbb.re.match('^[\w-]+$', facrn):
syndbb.flash(
'Short name contains non-alphanumeric characters.',
'danger')
return syndbb.redirect(syndbb.url_for('request_forum'))
if len(fname) < 5:
syndbb.flash('Channel name is under 5 characters.', 'danger')
return syndbb.redirect(syndbb.url_for('request_forum'))
elif len(fname) > 25:
syndbb.flash('Channel name is over 25 characters.', 'danger')
return syndbb.redirect(syndbb.url_for('request_forum'))
if len(facrn) < 1:
syndbb.flash('Short name is under 1 character.', 'danger')
return syndbb.redirect(syndbb.url_for('request_forum'))
elif len(facrn) > 5:
syndbb.flash('Short name is over 5 characters.', 'danger')
return syndbb.redirect(syndbb.url_for('request_forum'))
invalid_shortcodes = all_pages()
if facrn in invalid_shortcodes:
syndbb.flash('Attempting to use a restricted short name.',
'danger')
return syndbb.redirect(syndbb.url_for('request_forum'))
forumcheck = d2_forums.query.filter_by(name=fname).first()
if forumcheck:
syndbb.flash('A forum with that name already exists.',
'danger')
return syndbb.redirect(syndbb.url_for('request_forum'))
else:
acronymcheck = d2_forums.query.filter_by(
short_name=facrn).first()
if acronymcheck:
syndbb.flash(
'A forum with this short name already exists.',
'danger')
return syndbb.redirect(syndbb.url_for('request_forum'))
else:
requestcheck = d2_forums.query.filter_by(
approved='0', owned_by=userid).first()
if requestcheck:
syndbb.flash(
'You\'ve already requested a forum, wait for it to be approved.',
'danger')
return syndbb.redirect(syndbb.url_for('request_forum'))
else:
new_forum = d2_forums(fname, facrn, fdesc, userid,
fnsfw, 0, fauth, fanon)
syndbb.db.session.add(new_forum)
syndbb.db.session.commit()
syndbb.flash('Your request has been submitted.',
'success')
return syndbb.redirect(syndbb.url_for('request_forum'))
else:
syndbb.flash('Invalid session.', 'danger')
return syndbb.redirect(syndbb.url_for('request_forum'))
else:
syndbb.flash('Invalid request.', 'danger')
return syndbb.redirect(syndbb.url_for('request_forum'))
