diff options
| author | Ferass El Hafidi <vitali64pmemail@protonmail.com> | 2023-04-11 11:05:28 +0000 |
|---|---|---|
| committer | Question Box Service <qbox@andrewyu.org> | 2023-05-15 10:34:58 +0200 |
| commit | f74c5ff27a8e12ad2c6b490fb22e5ebf031ee311 (patch) | |
| tree | ac172f4559edae66ace6ec595353e84e3634b365 | |
| parent | 26ceea84fd224cff21d9ad0e8c079414abeeb525 (diff) | |
| download | qbox-f74c5ff27a8e12ad2c6b490fb22e5ebf031ee311.tar.gz qbox-f74c5ff27a8e12ad2c6b490fb22e5ebf031ee311.zip | |
app.py: use flask correctly -- don't use Response() directlyv1.0.0
Signed-off-by: Ferass El Hafidi <vitali64pmemail@protonmail.com>
| -rwxr-xr-x | app.py | 30 |
1 files changed, 9 insertions, 21 deletions
@@ -35,7 +35,7 @@ import re import mailbox import config - +from markupsafe import Markup def load_database(user): @@ -239,17 +239,12 @@ def qboard(user): newmsg["Message-Id"] = "<qbox-system-%s@%s>" % (ts, config.MAIL_HOST) p = Popen(["/usr/sbin/sendmail", "-t", "-oi"], stdin=PIPE) p.communicate(newmsg.as_bytes()) - - return Response( - open("templates/qboard.html", "r") - .read() - .replace("{{username}}", config.MAPPING[user][3]) - .replace("{{pq}}", generate_past_questions_from_database(db)), - mimetype="text/html", - ) + return render_template('qboard.html', + username = Markup(config.MAPPING[user][3]), + pq = Markup(generate_past_questions_from_database(db))) elif request.method == "POST": if request.content_length > 1024 * 20: - return Response("Your request is too large!!!", mimetype="text/plain") + return "Your request is too large!!!" ts = str(time.time()) if "text" in request.form and request.form["text"].strip(): text = request.form["text"] @@ -266,22 +261,15 @@ def qboard(user): p = Popen(["/usr/sbin/sendmail", "-t", "-oi"], stdin=PIPE) p.communicate(msg.as_bytes()) else: - return Response("Empty submissions are forbidden.", mimetype="text/plain") - return Response( - "Submission successful.\n\nPlease press the ``back'' button of your browser or otherwise return to the previous page.", - mimetype="text/plain", - ) + return "Empty submissions are forbidden." + return "Submission successful.\n\nPlease press the ``back'' button of your browser or otherwise return to the previous page." return "Invalid request.", 400 @app.route("/", methods=["GET"]) def index(): - return Response( - open("templates/home.html", "r") - .read() - .replace("{{userlist}}", generate_user_list_from_mapping(config.MAPPING)), - mimetype="text/html", - ) + return render_template('home.html', + userlist = Markup(generate_user_list_from_mapping(config.MAPPING))) |