forked from crunk/distribusi-verse
implemented 100MB size restriction on file upload
This commit is contained in:
parent
23d43fc3e1
commit
a32238e128
@ -19,6 +19,7 @@ def create_app():
|
||||
APP.secret_key = 'secret-key'
|
||||
APP.config['SQLALCHEMY_DATABASE_URI'] = "sqlite:///data/login.db"
|
||||
APP.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = True
|
||||
APP.config['MAX_CONTENT_LENGTH'] = 150 * 1024 * 1024
|
||||
|
||||
login_manager.session_protection = "strong"
|
||||
login_manager.login_view = "index"
|
||||
|
@ -1,7 +1,7 @@
|
||||
from flask_wtf import FlaskForm
|
||||
from flask_wtf.file import FileField, FileAllowed
|
||||
from wtforms import validators
|
||||
from wtforms.validators import Length
|
||||
from wtforms.validators import Length, ValidationError
|
||||
from wtforms import (
|
||||
SubmitField,
|
||||
StringField,
|
||||
@ -11,13 +11,27 @@ from wtforms import (
|
||||
class UploadForm(FlaskForm):
|
||||
"""File upload class for a new site in distribusi-verse"""
|
||||
|
||||
def FileSizeLimit(max_size_in_mb):
|
||||
max_bytes = max_size_in_mb * 1024 * 1024
|
||||
|
||||
def file_length_check(form, field):
|
||||
if len(field.data.read()) > max_bytes:
|
||||
raise ValidationError(
|
||||
"File size must be less than {}MB".format(max_size_in_mb)
|
||||
)
|
||||
|
||||
return file_length_check
|
||||
|
||||
sitename = StringField(
|
||||
"Name of your website:",
|
||||
validators=[validators.InputRequired(), Length(2, 100)],
|
||||
)
|
||||
zipfile = FileField(
|
||||
"Upload your zip file with content here:",
|
||||
validators=[FileAllowed(["zip"], "Zip archives only!")],
|
||||
validators=[
|
||||
FileAllowed(["zip"], "Zip archives only!"),
|
||||
FileSizeLimit(max_size_in_mb=100),
|
||||
],
|
||||
)
|
||||
|
||||
submit = SubmitField("Upload")
|
||||
|
@ -45,6 +45,7 @@ from forms.themeform import ThemeForm
|
||||
from forms.editorform import EditorForm
|
||||
|
||||
from statuspengguna.helper import AreFilesUploaded
|
||||
|
||||
# Tada!
|
||||
from distribusi.cli import build_argparser
|
||||
from distribusi.distribusi import distribusify
|
||||
@ -55,7 +56,7 @@ APP = create_app()
|
||||
@APP.before_request
|
||||
def session_handler():
|
||||
session.permanent = True
|
||||
APP.permanent_session_lifetime = timedelta(minutes=1)
|
||||
APP.permanent_session_lifetime = timedelta(minutes=30)
|
||||
|
||||
|
||||
@APP.route("/")
|
||||
@ -125,15 +126,19 @@ def register():
|
||||
flash("Invalid Entry", "warning")
|
||||
except InterfaceError:
|
||||
db.session.rollback()
|
||||
registerform.email.errors.append("Error connecting to the database")
|
||||
registerform.email.errors.append(
|
||||
"Error connecting to the database"
|
||||
)
|
||||
flash("Error connecting to the database", "danger")
|
||||
except DatabaseError:
|
||||
db.session.rollback()
|
||||
registerform.email.errors.append("Error connecting to the database")
|
||||
registerform.email.errors.append(
|
||||
"Error connecting to the database"
|
||||
)
|
||||
flash("Error connecting to the database", "danger")
|
||||
except BuildError:
|
||||
db.session.rollback()
|
||||
egisterform.email.errors.append("Unknown error occured!")
|
||||
registerform.email.errors.append("Unknown error occured!")
|
||||
flash("An error occured !", "danger")
|
||||
return render_template("register.html", registerform=registerform)
|
||||
|
||||
@ -244,7 +249,7 @@ def editor():
|
||||
if editorform.validate_on_submit():
|
||||
userfolder = os.path.join("stash", user.distribusiname)
|
||||
cssfilename = "{}.css".format(editorform.cssname.data)
|
||||
with open(os.path.join(userfolder, cssfilename), 'w') as cssfile:
|
||||
with open(os.path.join(userfolder, cssfilename), "w") as cssfile:
|
||||
cssfile.write(editorform.css.data)
|
||||
cssfile.close
|
||||
|
||||
|
@ -92,6 +92,7 @@ input[type="submit"]:disabled:focus {
|
||||
background-color: #2D3039;
|
||||
color: #d28cff;
|
||||
}
|
||||
|
||||
.error {
|
||||
color: #ff5a5a;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user