diff --git a/verse/app.py b/verse/app.py index 61e4d19..7ba576c 100644 --- a/verse/app.py +++ b/verse/app.py @@ -19,6 +19,7 @@ def create_app(): APP.secret_key = 'secret-key' APP.config['SQLALCHEMY_DATABASE_URI'] = "sqlite:///data/login.db" APP.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = True + APP.config['MAX_CONTENT_LENGTH'] = 150 * 1024 * 1024 login_manager.session_protection = "strong" login_manager.login_view = "index" diff --git a/verse/forms/uploadform.py b/verse/forms/uploadform.py index cdee18c..767d20a 100644 --- a/verse/forms/uploadform.py +++ b/verse/forms/uploadform.py @@ -1,7 +1,7 @@ from flask_wtf import FlaskForm from flask_wtf.file import FileField, FileAllowed from wtforms import validators -from wtforms.validators import Length +from wtforms.validators import Length, ValidationError from wtforms import ( SubmitField, StringField, @@ -11,13 +11,27 @@ from wtforms import ( class UploadForm(FlaskForm): """File upload class for a new site in distribusi-verse""" + def FileSizeLimit(max_size_in_mb): + max_bytes = max_size_in_mb * 1024 * 1024 + + def file_length_check(form, field): + if len(field.data.read()) > max_bytes: + raise ValidationError( + "File size must be less than {}MB".format(max_size_in_mb) + ) + + return file_length_check + sitename = StringField( "Name of your website:", validators=[validators.InputRequired(), Length(2, 100)], ) zipfile = FileField( "Upload your zip file with content here:", - validators=[FileAllowed(["zip"], "Zip archives only!")], + validators=[ + FileAllowed(["zip"], "Zip archives only!"), + FileSizeLimit(max_size_in_mb=100), + ], ) submit = SubmitField("Upload") diff --git a/verse/start.py b/verse/start.py index 5bb529a..9d8e77d 100644 --- a/verse/start.py +++ b/verse/start.py @@ -45,6 +45,7 @@ from forms.themeform import ThemeForm from forms.editorform import EditorForm from statuspengguna.helper import AreFilesUploaded + # Tada! from distribusi.cli import build_argparser from distribusi.distribusi import distribusify @@ -55,7 +56,7 @@ APP = create_app() @APP.before_request def session_handler(): session.permanent = True - APP.permanent_session_lifetime = timedelta(minutes=1) + APP.permanent_session_lifetime = timedelta(minutes=30) @APP.route("/") @@ -125,15 +126,19 @@ def register(): flash("Invalid Entry", "warning") except InterfaceError: db.session.rollback() - registerform.email.errors.append("Error connecting to the database") + registerform.email.errors.append( + "Error connecting to the database" + ) flash("Error connecting to the database", "danger") except DatabaseError: db.session.rollback() - registerform.email.errors.append("Error connecting to the database") + registerform.email.errors.append( + "Error connecting to the database" + ) flash("Error connecting to the database", "danger") except BuildError: db.session.rollback() - egisterform.email.errors.append("Unknown error occured!") + registerform.email.errors.append("Unknown error occured!") flash("An error occured !", "danger") return render_template("register.html", registerform=registerform) @@ -244,7 +249,7 @@ def editor(): if editorform.validate_on_submit(): userfolder = os.path.join("stash", user.distribusiname) cssfilename = "{}.css".format(editorform.cssname.data) - with open(os.path.join(userfolder, cssfilename), 'w') as cssfile: + with open(os.path.join(userfolder, cssfilename), "w") as cssfile: cssfile.write(editorform.css.data) cssfile.close diff --git a/verse/static/css/style.css b/verse/static/css/style.css index 7ace5b1..e5cbb7f 100644 --- a/verse/static/css/style.css +++ b/verse/static/css/style.css @@ -92,6 +92,7 @@ input[type="submit"]:disabled:focus { background-color: #2D3039; color: #d28cff; } + .error { color: #ff5a5a; }