diff options
Diffstat (limited to 'cgi/weabot.py')
-rwxr-xr-x | cgi/weabot.py | 35 |
1 files changed, 20 insertions, 15 deletions
diff --git a/cgi/weabot.py b/cgi/weabot.py index 720916d..636eb02 100755 --- a/cgi/weabot.py +++ b/cgi/weabot.py @@ -23,7 +23,7 @@ from formatting import * from post import * from img import * -__version__ = "0.10.0" +__version__ = "0.10.5" # Set to True to disable weabot's exception routing and enable profiling _DEBUG = False @@ -35,7 +35,7 @@ class weabot(object): def __init__(self, environ, start_response): global _DEBUG - logging.basicConfig(filename='weabot.log', format='%(asctime)s %(levelname)s %(message)s', level=logging.DEBUG) + logging.basicConfig(filename='weabot.log', format='%(asctime)s %(levelname)s %(message)s', level=logging.INFO) self.environ = environ if self.environ["PATH_INFO"].startswith("/weabot.py/"): @@ -85,7 +85,7 @@ class weabot(object): def error(self, message): board = Settings._.BOARD if board: - if board['board_type'] == '1': + if board['board_type'] == 1: info = {} info['host'] = self.environ["REMOTE_ADDR"] info['name'] = self.formdata.get('fielda', '') @@ -265,7 +265,7 @@ class weabot(object): if Settings.ENABLE_BANS and addressIsBanned(self.environ['REMOTE_ADDR'], board["dir"], blind_only=True): raise UserError('<meta http-equiv="refresh" content="0; url=/cgi/banned/%s">' % board["dir"]) - if len(path_split) > 4 and path_split[4] and board['board_type'] == '1': + if len(path_split) > 4 and path_split[4] and board['board_type'] == 1: self.output = dynamicRead(int(path_split[3]), path_split[4], True) elif board['board_type'] == 1: self.output = threadPage(0, True, int(path_split[3])) @@ -329,12 +329,12 @@ class weabot(object): self.output += '<html xmlns="http://www.w3.org/1999/xhtml"><meta http-equiv="refresh" content="0;url=%s" /><body><p>...</p></body></html>' % url elif path_split[1] == "banned": OpenDb() - bans = FetchAll("SELECT * FROM `bans` WHERE INET6_ATON('"+self.environ["REMOTE_ADDR"]+"') BETWEEN `ipstart` AND `ipend`") + bans = FetchAll("SELECT * FROM `bans` WHERE INET6_ATON(%s) BETWEEN `ipstart` AND `ipend`", (self.environ["REMOTE_ADDR"],)) if bans: for ban in bans: if ban["boards"]: - boards = pickle.loads(ban["boards"]) - if ban["boards"] or path_split[2] in boards: + boards = str2boards(ban["boards"]) + if not ban["boards"] or path_split[2] in boards: caught = True if ban["boards"]: boards_str = '/' + '/, /'.join(boards) + '/' @@ -592,7 +592,7 @@ class weabot(object): # make ID hash if board["useid"]: post["timestamp_formatted"] += ' ID:' + iphash(ip, post, tim, board["useid"], mobile, - self.environ["HTTP_USER_AGENT"], cap_id, hide_end, (board["countrycode"] in ['1', '2'])) + self.environ["HTTP_USER_AGENT"], cap_id, hide_end, (board["countrycode"] in [1, 2])) # use for future file checks xfile = (file is not None or oek_file) @@ -793,7 +793,13 @@ class weabot(object): postid = post.insert() # delete threads that have crossed last page - trimThreads() + trimmed = trimThreads() + + # let's stop here if the thread we posted in got trimmed + if post["parentid"] and post["parentid"] in trimmed: + regenerateFrontPages() + regenerateHome() + raise UserError("El hilo en el que publicaste ya fue eliminado.") # fix null references when creating thread if board["board_type"] == 1 and not post["parentid"]: @@ -947,8 +953,8 @@ class weabot(object): raise UserError(_("You're banned.")) # check if post exists - post = FetchOne("SELECT `id`, `parentid`, `ip` FROM `posts` WHERE `id` = '%s' AND `boardid` = '%s'" % ( - _mysql.escape_string(str(postid)), _mysql.escape_string(board['id']))) + post = FetchOne("SELECT `id`, `parentid`, `ip` FROM `posts` WHERE `id` = %s AND `boardid` = %s", + (postid, board['id'])) if not post: raise UserError(_("Post doesn't exist.")) @@ -963,13 +969,12 @@ class weabot(object): # insert report t = time.time() - message = cgi.escape(self.formdata["reason"]).strip()[0:8000] + message = html.escape(self.formdata["reason"]).strip()[0:800] message = message.replace("\n", "<br />") UpdateDb("INSERT INTO `reports` (board, postid, parentid, link, ip, reason, repip, timestamp, timestamp_formatted) " + - "VALUES ('%s', '%s', '%s', '%s', '%s', '%s', INET6_ATON('%s'), '%s', '%s')" % ( - board["dir"], post['id'], post['parentid'], link, post['ip'], _mysql.escape_string(message), - _mysql.escape_string(self.environ["REMOTE_ADDR"]), str(t), formatTimestamp(t))) + "VALUES (%s, %s, %s, %s, %s, %s, INET6_ATON(%s), %s, %s)", + (board["dir"], post['id'], post['parentid'], link, post['ip'], message, self.environ["REMOTE_ADDR"], t, formatTimestamp(t))) self.output = renderTemplate("report.html", {'finished': True}) def stats(self): |