def message_list_get(): if not session.get('is_logged'): return json.dumps({ 'result': 'error', 'data': { 'message': 'Login please' } }), 403 my_uid = get_user_info(['uid'], {'id': session.get('user_id')}).get('uid') if not my_uid: return json.dumps({ 'result': 'error', 'data': { 'message': 'Something unexpected error occurred!' } }), 403 _page = re.findall(r'[0-9]+', request.form.get('page'))[:1] page = int(_page[0] if _page else 0) messages = get_messages(my_uid, page) return json.dumps({ 'result': 'ok', 'data': { 'messages': messages } }, default=json_default)
def board_read(board, no): if (board not in boards or security.check_hack(board) or not security.is_valid(r'[a-zA-Z0-9_-]+', board) or no > maxint): return abort(400, '') article = get_article(board, no) if not article: return abort(404) # Check permission on qna board if board == 'qna': if not article.get('pinned'): user_id = get_user_info(['id'], { 'uid': article.get('uid') }).get('id') is_writer = (session.get('user_id') == user_id) if not session.get('is_logged'): return abort(403, 'You are not logged in!') if (not session.get('is_admin') and request.remote_addr != '127.0.0.1' and not is_writer): return abort(403, 'You are not admin!') # Admin cannot see forum board articles if board == 'forum' and session.get('is_admin'): article['content'] = 'CANNOT LOAD CONTENT BY SECURITY ISSUE' return render_template('board_read.html', article=article, board=board)
def send_check(): if not session.get('is_logged'): return abort(403, 'Login please') title = request.form['title'] if request.form.get('title') else 'Untitled' content = request.form['content'] if session.get('user_id') != 'admin': content = content.replace('<', '<').replace('>', '>') if security.check_hack(title, content): return abort(400, '') target = request.form['to'] target_type = '' if target[:1] == '@': # If target identifier is name target = target[1:] target_type = 'name' else: target_type = 'id' cond = {target_type: target} target_info = get_user_info(['uid', 'id', 'name'], cond) target_uid = target_info.get('uid') if not target_uid: return abort(403, 'User not found!') sender_result = get_user_info(['uid'], {'id': session.get('user_id')}) sender_uid = sender_result.get('uid') ip = request.remote_addr if sender_uid == target_uid: return abort(400, 'You cannot send a message to yourself!') send_message(sender_uid, target_uid, title, content, ip) return render_template('redirect.html', script=""" <script> alert('Send success!'); location.href = '/message'; </script> """)
def message_get(): if not session.get('is_logged'): return json.dumps({ 'result': 'error', 'data': { 'message': 'Login please' } }), 403 no = request.form.get('no') message = get_message(no) if not message: return json.dumps({ 'result': 'error', 'data': { 'message': 'No message!' } }), 404 my_uid = get_user_info(['uid'], {'id': session.get('user_id')}).get('uid') if message['recv_uid'] != my_uid: return json.dumps({ 'result': 'error', 'data': { 'message': 'Not your message!' } }), 403 if not message['readed']: mark_read_message(no) return json.dumps({ 'result': 'ok', 'data': { 'message': message } }, default=json_default)
def login_check(): user_id = request.form['user_id'].strip() user_pw = request.form['user_pw'].strip() if security.check_hack(user_id, user_pw): return abort(400, '') if validate_login(user_id, user_pw): session['is_logged'] = True session['user_id'] = user_id name = get_user_info(['name'], {'id': user_id}).get('name') session['user_name'] = name if user_id == 'admin' and request.remote_addr == '127.0.0.1': session['is_admin'] = True return redirect('/', code=302) else: return render_template('redirect.html', script=""" <script>alert('ID, PW not match!');history.back();</script> """), 403
def board_write_check(board): if board not in boards: return abort(400, '') if not session.get('is_logged'): return render_template('redirect.html', script=""" <script> alert('You are not logged in!'); location = '/login'; </script> """), 403 # Notice board admin only if (board == 'notice' and (session.get('user_id') != 'admin' or not session.get('is_admin') or request.remote_addr != '127.0.0.1')): return abort(403, 'Not that easy LOL') title = request.form['title'].replace('<', '').replace('>', '') content = request.form['content'] uid = get_user_info(['uid'], {'id': session.get('user_id')}).get('uid') # Limit qna board content length if board == 'qna' and len(content) > 180: return abort(400, 'Contents length limited to 180 characters!') # Abort if input contains malicious payloads if security.check_hack(title, content): return abort(400, '') content = security.purify(content) if not uid: return abort(400, 'What the hell??') ip = request.remote_addr write_article(board, title, content, uid, ip) # Make bot check article if board == 'qna': from app import run_bot result = run_bot.delay() #result.wait() # Send flag if hacked if (board == 'notice' and title[:10].lower() == 'hacked by '): sender_uid = get_user_info(['uid'], {'id': 'admin'}).get('uid') target_id = title.lower().split()[-1] target_uid = get_user_info(['uid'], {'id': target_id}).get('uid') if sender_uid and target_uid: flag = giveme_flag() html = ''' <img src="https://i.imgur.com/GYso5uF.jpg" class="img-fluid"> <br> <p>%s</p> ''' % (flag) send_message(sender_uid, target_uid, 'HERE IS YOUR FLAG!', html, ip) return redirect('/' + board, code=302)