this contains bug next commit is fix
This commit is contained in:
parent
a33bf8f665
commit
2e5fd2024f
32
app.py
32
app.py
@ -233,6 +233,8 @@ def serve_user_page(username, filename=None):
|
||||
@app.route('/<vanity>/<password>', methods=['GET', 'POST'])
|
||||
@app.route('/<vanity>/download', methods=['GET', 'POST'])
|
||||
@app.route('/<vanity>/download/<password>', methods=['GET', 'POST'])
|
||||
@app.route('/<vanity>/raw', methods=['GET', 'POST'])
|
||||
@app.route('/<vanity>/raw/<password>', methods=['GET', 'POST'])
|
||||
def redirect_vanity(vanity, password=None):
|
||||
app.logger.info(f"Accessing redirect_vanity: vanity={vanity}, password={password}")
|
||||
app.logger.info(f"Request path: {request.path}")
|
||||
@ -245,6 +247,7 @@ def redirect_vanity(vanity, password=None):
|
||||
cursor = db.cursor()
|
||||
|
||||
is_download = 'download' in request.path
|
||||
is_raw = 'raw' in request.path
|
||||
|
||||
# First, try to find the content with the full vanity (including extension)
|
||||
cursor.execute("SELECT content.*, users.username FROM content LEFT JOIN users ON content.user_id = users.id WHERE content.vanity = ?", (vanity,))
|
||||
@ -272,22 +275,28 @@ def redirect_vanity(vanity, password=None):
|
||||
elif request.method == 'POST':
|
||||
entered_password = request.form.get('password')
|
||||
if entered_password != stored_password:
|
||||
return render_template('password_prompt.html', vanity=vanity, error="Incorrect password")
|
||||
return render_template('password_prompt.html', vanity=vanity, error="Incorrect password", content_type=content_type)
|
||||
else:
|
||||
return render_template('password_prompt.html', vanity=vanity, error=None)
|
||||
return render_template('password_prompt.html', vanity=vanity, error=None, content_type=content_type)
|
||||
|
||||
if content_type == 'url':
|
||||
return render_template('og_shorturl.html', long_url=content_data, username=username, created_at=created_at)
|
||||
return render_template('og_shorturl.html', long_url=content_data, username=username, created_at=created_at, vanity=vanity, is_private=is_private)
|
||||
elif content_type == 'file':
|
||||
file_path = os.path.join(app.config['UPLOAD_FOLDER'], content_data)
|
||||
if os.path.exists(file_path):
|
||||
file_size = os.path.getsize(file_path)
|
||||
file_extension = os.path.splitext(content_data)[1].lower()
|
||||
is_embeddable = file_extension in ['.jpg', '.jpeg', '.png', '.gif', '.svg', '.pdf']
|
||||
file_url = url_for('redirect_vanity', vanity=vanity, _external=True)
|
||||
file_url = f"{request.scheme}://{request.host}/{vanity}"
|
||||
raw_url = f"{file_url}/raw"
|
||||
|
||||
if is_private and password:
|
||||
raw_url += f'/{password}'
|
||||
|
||||
if is_download:
|
||||
return send_file(file_path, as_attachment=True)
|
||||
elif is_raw:
|
||||
return send_file(file_path)
|
||||
else:
|
||||
return render_template('file_info.html',
|
||||
filename=content_data,
|
||||
@ -296,8 +305,10 @@ def redirect_vanity(vanity, password=None):
|
||||
created_at=created_at,
|
||||
is_embeddable=is_embeddable,
|
||||
file_url=file_url,
|
||||
raw_url=raw_url,
|
||||
vanity=vanity,
|
||||
user_id=user_id)
|
||||
user_id=user_id,
|
||||
is_private=is_private)
|
||||
elif content_type == 'pastebin':
|
||||
try:
|
||||
lexer = guess_lexer(content_data)
|
||||
@ -458,7 +469,7 @@ def user_files(username, subpath=''):
|
||||
uploads = []
|
||||
for upload in user_uploads:
|
||||
vanity, content_type, data, created_at, _, is_private = upload[:6]
|
||||
url = url_for('redirect_vanity', vanity=vanity, _external=True)
|
||||
url = f"{request.scheme}://{request.host}/{vanity}"
|
||||
uploads.append({
|
||||
'type': content_type,
|
||||
'vanity': vanity,
|
||||
@ -466,7 +477,7 @@ def user_files(username, subpath=''):
|
||||
'created_at': created_at,
|
||||
'is_private': is_private,
|
||||
'url': url,
|
||||
'download_url': url + '/download' if content_type == 'file' else None
|
||||
'download_url': f"{url}/download" if content_type == 'file' else None
|
||||
})
|
||||
|
||||
parent_folder = os.path.dirname(subpath.rstrip('/')) if subpath else None
|
||||
@ -680,7 +691,7 @@ def upload_pastebin():
|
||||
inserted_data = cursor.fetchone()
|
||||
print(f"Inserted data: {inserted_data}")
|
||||
|
||||
short_url = url_for('redirect_vanity', vanity=vanity, _external=True)
|
||||
short_url = f"{request.scheme}://{request.host}/{vanity}"
|
||||
deletion_url = url_for('delete_content', vanity=vanity, _external=True)
|
||||
print(f"Generated short URL: {short_url}")
|
||||
print(f"Generated deletion URL: {deletion_url}")
|
||||
@ -1172,12 +1183,11 @@ def upload_file():
|
||||
|
||||
app.logger.info("Generating URLs")
|
||||
app.logger.info("Code: short_url = url_for('redirect_vanity', vanity=vanity_with_extension, _external=True, _scheme=scheme)")
|
||||
short_url = url_for('redirect_vanity', vanity=vanity_with_extension, _external=True, _scheme=scheme)
|
||||
short_url = short_url.rstrip('/download') # Remove the '/download' suffix if present
|
||||
short_url = f"{scheme}://{request.host}/{vanity_with_extension}"
|
||||
app.logger.info(f"Generated short URL: {short_url}")
|
||||
|
||||
app.logger.info("Code: download_url = short_url + '/download'")
|
||||
download_url = short_url + '/download'
|
||||
download_url = f"{short_url}/download"
|
||||
app.logger.info(f"Generated download URL: {download_url}")
|
||||
|
||||
app.logger.info("Code: deletion_url = url_for('delete_content', vanity=vanity_with_extension, _external=True, _scheme=scheme)")
|
||||
|
@ -7,9 +7,9 @@
|
||||
<meta property="og:title" content="{{ filename }}">
|
||||
<meta property="og:type" content="website">
|
||||
<meta property="og:url" content="{{ request.url }}">
|
||||
<meta property="og:description" content="File size: {{ file_size|filesizeformat }} | Uploaded by: {{ username }} | Date: {{ created_at.strftime('%Y-%m-%d %H:%M:%S') }}">
|
||||
<meta property="og:description" content="File size: {{ file_size|filesizeformat }} | Uploaded by: {{ username }} | Date: {{ created_at.strftime('%Y-%m-%d %H:%M:%S') }}{% if is_private %} | Password Protected{% endif %}">
|
||||
{% if is_embeddable %}
|
||||
<meta property="og:image" content="{{ file_url }}">
|
||||
<meta property="og:image" content="{{ raw_url }}">
|
||||
{% endif %}
|
||||
<meta property="og:site_name" content="sxbin">
|
||||
<meta property="theme-color" content="#4CAF50">
|
||||
@ -115,21 +115,21 @@
|
||||
{% if is_embeddable %}
|
||||
<div class="embed-container">
|
||||
{% if filename.lower().endswith(('.jpg', '.jpeg', '.png', '.gif', '.svg')) %}
|
||||
<img src="{{ file_url }}" alt="{{ filename }}">
|
||||
<img src="{{ raw_url|replace('/r/', '/') }}" alt="{{ filename }}">
|
||||
{% elif filename.lower().endswith('.pdf') %}
|
||||
<embed src="{{ file_url }}" type="application/pdf" width="100%" height="600px">
|
||||
<embed src="{{ raw_url|replace('/r/', '/') }}" type="application/pdf" width="100%" height="600px">
|
||||
{% endif %}
|
||||
</div>
|
||||
{% endif %}
|
||||
|
||||
<div class="btn-container">
|
||||
<a href="{{ file_url }}/download" class="btn">Download</a>
|
||||
<a href="{{ file_url }}" class="btn">View Raw</a>
|
||||
<a href="{{ file_url|replace('/r/', '/') }}/download" class="btn">Download</a>
|
||||
<a href="{{ raw_url|replace('/r/', '/') }}" class="btn">View Raw</a>
|
||||
{% if current_user.is_authenticated and current_user.id == user_id %}
|
||||
{% if filename.lower().endswith(('.txt', '.html', '.css', '.js', '.py', '.md')) or '.' not in filename %}
|
||||
<a href="{{ url_for('edit_content', vanity=vanity) }}" class="btn edit-btn">Edit</a>
|
||||
<a href="{{ url_for('edit_content', vanity=vanity)|replace('/r/', '/') }}" class="btn edit-btn">Edit</a>
|
||||
{% endif %}
|
||||
<form action="{{ url_for('delete_content', vanity=vanity) }}" method="post" style="display: inline;">
|
||||
<form action="{{ url_for('delete_content', vanity=vanity)|replace('/r/', '/') }}" method="post" style="display: inline;">
|
||||
<button type="submit" class="btn delete-btn" onclick="return confirm('Are you sure you want to delete this file?')">Delete</button>
|
||||
</form>
|
||||
{% endif %}
|
||||
|
@ -4,20 +4,21 @@
|
||||
<meta charset="UTF-8">
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
||||
<title>Shortened URL - sxbin</title>
|
||||
<meta property="og:title" content="Shortened URL">
|
||||
<meta property="og:title" content="Shortened URL - sxbin">
|
||||
<meta property="og:type" content="website">
|
||||
<meta property="og:url" content="{{ request.url }}">
|
||||
<meta property="og:description" content="Shortened link created by {{ username }} on {{ created_at.strftime('%Y-%m-%d %H:%M:%S') }}">
|
||||
<meta property="og:description" content="Shortened URL {% if is_private %}(Password Protected){% endif %} | Created by: {{ username }} | Date: {{ created_at.strftime('%Y-%m-%d %H:%M:%S') }}">
|
||||
<meta property="og:site_name" content="sxbin">
|
||||
<meta property="theme-color" content="#4CAF50">
|
||||
<meta http-equiv="refresh" content="0;url={{ long_url }}">
|
||||
</head>
|
||||
<body>
|
||||
<h1>Shortened URL</h1>
|
||||
<p>Redirecting to: {{ long_url }}</p>
|
||||
<p>Original URL: {{ long_url }}</p>
|
||||
<p>Created by: {{ username }}</p>
|
||||
<p>Date: {{ created_at.strftime('%Y-%m-
|
||||
|
||||
%d %H:%M:%S') }}</p>
|
||||
<p>Date: {{ created_at.strftime('%Y-%m-%d %H:%M:%S') }}</p>
|
||||
{% if is_private %}
|
||||
<p>This URL is password protected.</p>
|
||||
{% endif %}
|
||||
<a href="{{ url_for('redirect_vanity', vanity=vanity) }}">Access the URL</a>
|
||||
</body>
|
||||
</html>
|
@ -3,104 +3,26 @@
|
||||
<head>
|
||||
<meta charset="UTF-8">
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
||||
<title>Enter Password</title>
|
||||
<title>Password Protected Content - sxbin</title>
|
||||
<meta property="og:title" content="Password Protected Content - sxbin">
|
||||
<meta property="og:type" content="website">
|
||||
<meta property="og:url" content="{{ request.url }}">
|
||||
<meta property="og:description" content="This {{ content_type }} is password protected. Enter the password to view.">
|
||||
<meta property="og:site_name" content="sxbin">
|
||||
<meta property="theme-color" content="#4CAF50">
|
||||
<style>
|
||||
body {
|
||||
font-family: Arial, sans-serif;
|
||||
background-color: #1a1a1a;
|
||||
color: #f0f0f0;
|
||||
display: flex;
|
||||
justify-content: center;
|
||||
align-items: center;
|
||||
height: 100vh;
|
||||
margin: 0;
|
||||
}
|
||||
.container {
|
||||
background-color: #2a2a2a;
|
||||
padding: 20px;
|
||||
border-radius: 8px;
|
||||
box-shadow: 0 0 10px rgba(0,0,0,0.1);
|
||||
width: 300px;
|
||||
}
|
||||
h2 {
|
||||
text-align: center;
|
||||
color: #4CAF50;
|
||||
}
|
||||
form {
|
||||
display: flex;
|
||||
flex-direction: column;
|
||||
}
|
||||
input[type="password"] {
|
||||
padding: 10px;
|
||||
margin-bottom: 10px;
|
||||
border: 1px solid #4CAF50;
|
||||
border-radius: 4px;
|
||||
background-color: #333;
|
||||
color: #f0f0f0;
|
||||
}
|
||||
.button-container {
|
||||
display: flex;
|
||||
justify-content: space-between;
|
||||
}
|
||||
button {
|
||||
padding: 10px 20px;
|
||||
border: none;
|
||||
border-radius: 4px;
|
||||
cursor: pointer;
|
||||
font-size: 16px;
|
||||
}
|
||||
button[type="submit"] {
|
||||
background-color: #4CAF50;
|
||||
color: white;
|
||||
}
|
||||
button[type="button"] {
|
||||
background-color: #888;
|
||||
color: white;
|
||||
}
|
||||
.error {
|
||||
color: #ff6b6b;
|
||||
text-align: center;
|
||||
margin-bottom: 10px;
|
||||
}
|
||||
.alert {
|
||||
background-color: #ff6b6b;
|
||||
color: white;
|
||||
padding: 10px;
|
||||
border-radius: 4px;
|
||||
margin-bottom: 10px;
|
||||
display: none;
|
||||
}
|
||||
/* Add your styles here */
|
||||
</style>
|
||||
</head>
|
||||
<body>
|
||||
<div class="container">
|
||||
<h2>This content is password protected</h2>
|
||||
<div id="errorAlert" class="alert">
|
||||
Incorrect password. Please try again.
|
||||
</div>
|
||||
<form method="POST" action="{{ url_for('redirect_vanity', vanity=vanity) }}">
|
||||
<input type="password" name="password" placeholder="Enter password">
|
||||
<h1>Password Protected Content</h1>
|
||||
<p>This {{ content_type }} is password protected. Please enter the password to view.</p>
|
||||
{% if error %}
|
||||
<p style="color: red;">{{ error }}</p>
|
||||
{% endif %}
|
||||
<form method="POST">
|
||||
<input type="password" name="password" required>
|
||||
<button type="submit">Submit</button>
|
||||
</form>
|
||||
</div>
|
||||
|
||||
<script>
|
||||
function validatePassword() {
|
||||
var password = document.getElementById('password').value;
|
||||
if (password.trim() === '') {
|
||||
document.getElementById('errorAlert').style.display = 'block';
|
||||
document.getElementById('errorAlert').textContent = 'Please enter a password.';
|
||||
return false;
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
{% if error %}
|
||||
document.addEventListener('DOMContentLoaded', function() {
|
||||
document.getElementById('errorAlert').style.display = 'block';
|
||||
document.getElementById('errorAlert').textContent = '{{ error }}';
|
||||
});
|
||||
{% endif %}
|
||||
</script>
|
||||
</body>
|
||||
</html>
|
@ -7,7 +7,7 @@
|
||||
<meta property="og:title" content="Pastebin {{ vanity }} - sxbin">
|
||||
<meta property="og:type" content="website">
|
||||
<meta property="og:url" content="{{ request.url }}">
|
||||
<meta property="og:description" content="Uploaded by: {{ content.username }} | Date: {{ created_at.strftime('%Y-%m-%d %H:%M:%S') }}">
|
||||
<meta property="og:description" content="Pastebin{% if is_private %} (Password Protected){% endif %} | Uploaded by: {{ content.username }} | Date: {{ created_at.strftime('%Y-%m-%d %H:%M:%S') }}">
|
||||
<meta property="og:site_name" content="sxbin">
|
||||
<meta property="theme-color" content="#4CAF50">
|
||||
<style>
|
||||
|
Loading…
Reference in New Issue
Block a user