1 files changed, 32 insertions, 22 deletions
diff --git a/cgi/formatting.py b/cgi/formatting.py
index 97f44a6..33495a3 100644
--- a/cgi/formatting.py
+++ b/cgi/formatting.py
@@ -317,12 +317,23 @@ def close_html(message):
     """
     Old retarded version of sanitize_html, it just closes open tags.
     """
-    import BeautifulSoup
+    #import BeautifulSoup
 
-    message = message.encode('utf-8')
-    soup = BeautifulSoup.BeautifulSoup(message)
+    #message = message.encode('utf-8')
+    #soup = BeautifulSoup.BeautifulSoup(message)
+
+    #return str(soup).replace('&#13;', '').encode('utf-8')
 
-    return str(soup).replace('&#13;', '').encode('utf-8')
+    try:
+      l = message.rindex('<')
+    except ValueError:
+      return message
+    test = message[l:]
+    try:
+      r = test.rindex('>')
+      return message
+    except ValueError:
+      return message[:l]
 
 
 def sanitize_html(message, decode=True):
@@ -375,27 +386,26 @@ def checkWordfilters(message, ip, board):
         if wordfilter["boards"]:
             boards = str2boards(wordfilter["boards"])
         if not wordfilter["boards"] or board in boards:
-            if wordfilter['action'] == '0':
+            if wordfilter['action'] == 0:
                 if not re.search(wordfilter['from'], message, re.DOTALL | re.IGNORECASE) is None:
                     raise UserError(wordfilter['reason'])
-            elif wordfilter['action'] == '1':
+            elif wordfilter['action'] == 1:
                 message = re.compile(wordfilter['from'], re.DOTALL | re.IGNORECASE).sub(
                     wordfilter['to'], message)
-            elif wordfilter['action'] == '2':
+            elif wordfilter['action'] == 2:
                 # Ban
                 if not re.search(wordfilter['from'], message, re.DOTALL | re.IGNORECASE) is None:
-                    if wordfilter['seconds'] != '0':
-                        until = str(timestamp() + int(wordfilter['seconds']))
+                    if wordfilter['seconds']:
+                        until = timestamp() + int(wordfilter['seconds'])
                     else:
-                        until = '0'
+                        until = 0
 
-                    InsertDb("INSERT INTO `bans` (`ip`, `boards`, `added`, `until`, `staff`, `reason`, `note`, `blind`) VALUES (" +
-                             "INET6_ATON('" + str(ip) + "'), '" + _mysql.escape_string(wordfilter['boards']) +
-                             "', " + str(timestamp()) + ", " + until + ", 'System', '" + _mysql.escape_string(wordfilter['reason']) +
-                             "', 'Word Auto-ban', '"+_mysql.escape_string(wordfilter['blind'])+"')")
+                    sql_query = "INSERT INTO `bans` (`ipstart`, `ipend`, `ipstr`, `boards`, `added`, `until`, `staff`, `reason`, `note`, `blind`) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s, %s)"
+                    sql_params = (ip, ip, ip, wordfilter['boards'], timestamp(), until, "System", wordfilter['reason'], "Filter auto-ban", wordfilter['blind'])
+                    InsertDb(sql_query, sql_params)
                     regenerateAccess()
                     raise UserError(wordfilter['reason'])
-            elif wordfilter['action'] == '3':
+            elif wordfilter['action'] == 3:
                 if not re.search(wordfilter['from'], message, re.DOTALL | re.IGNORECASE) is None:
                     raise UserError('<meta http-equiv="refresh" content="%s;url=%s" />%s' % (wordfilter['redirect_time'], wordfilter['redirect_url'], wordfilter['reason']))
     return message
@@ -426,18 +436,18 @@ def checkNamefilters(name, tripcode, ip, board):
 
         if match:
             # do action
-            if namefilter['action'] == '0':
+            if namefilter['action'] == 0:
                 raise UserError(namefilter['reason'])
-            elif namefilter['action'] == '1':
+            elif namefilter['action'] == 1:
                 name = namefilter['to']
                 tripcode = ''
                 return name, tripcode
-            elif namefilter['action'] == '2':
+            elif namefilter['action'] == 2:
                 # Ban
-                if namefilter['seconds'] != '0':
-                    until = str(timestamp() + int(namefilter['seconds']))
+                if namefilter['seconds']:
+                    until = timestamp() + int(namefilter['seconds'])
                 else:
-                    until = '0'
+                    until = 0
 
                 InsertDb("INSERT INTO `bans` (`ip`, `boards`, `added`, `until`, `staff`, `reason`, `note`, `blind`) VALUES (" +
                          "'" + _mysql.escape_string(ip) + "', '" + _mysql.escape_string(namefilter['boards']) +
@@ -445,6 +455,6 @@ def checkNamefilters(name, tripcode, ip, board):
                          "', 'Name Auto-ban', '"+_mysql.escape_string(namefilter['blind'])+"')")
                 regenerateAccess()
                 raise UserError(namefilter['reason'])
-            elif namefilter['action'] == '3':
+            elif namefilter['action'] == 3:
                 raise UserError('<meta http-equiv="refresh" content="%s;url=%s" />%s' % (namefilter['redirect_time'], namefilter['redirect_url'], namefilter['reason']))
     return name, tripcode