implemented 100MB size restriction on file upload

This commit is contained in:
crunk 2022-02-12 19:44:44 +01:00
parent 23d43fc3e1
commit a32238e128
4 changed files with 28 additions and 7 deletions

View File

@ -19,6 +19,7 @@ def create_app():
APP.secret_key = 'secret-key' APP.secret_key = 'secret-key'
APP.config['SQLALCHEMY_DATABASE_URI'] = "sqlite:///data/login.db" APP.config['SQLALCHEMY_DATABASE_URI'] = "sqlite:///data/login.db"
APP.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = True APP.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = True
APP.config['MAX_CONTENT_LENGTH'] = 150 * 1024 * 1024
login_manager.session_protection = "strong" login_manager.session_protection = "strong"
login_manager.login_view = "index" login_manager.login_view = "index"

View File

@ -1,7 +1,7 @@
from flask_wtf import FlaskForm from flask_wtf import FlaskForm
from flask_wtf.file import FileField, FileAllowed from flask_wtf.file import FileField, FileAllowed
from wtforms import validators from wtforms import validators
from wtforms.validators import Length from wtforms.validators import Length, ValidationError
from wtforms import ( from wtforms import (
SubmitField, SubmitField,
StringField, StringField,
@ -11,13 +11,27 @@ from wtforms import (
class UploadForm(FlaskForm): class UploadForm(FlaskForm):
"""File upload class for a new site in distribusi-verse""" """File upload class for a new site in distribusi-verse"""
def FileSizeLimit(max_size_in_mb):
max_bytes = max_size_in_mb * 1024 * 1024
def file_length_check(form, field):
if len(field.data.read()) > max_bytes:
raise ValidationError(
"File size must be less than {}MB".format(max_size_in_mb)
)
return file_length_check
sitename = StringField( sitename = StringField(
"Name of your website:", "Name of your website:",
validators=[validators.InputRequired(), Length(2, 100)], validators=[validators.InputRequired(), Length(2, 100)],
) )
zipfile = FileField( zipfile = FileField(
"Upload your zip file with content here:", "Upload your zip file with content here:",
validators=[FileAllowed(["zip"], "Zip archives only!")], validators=[
FileAllowed(["zip"], "Zip archives only!"),
FileSizeLimit(max_size_in_mb=100),
],
) )
submit = SubmitField("Upload") submit = SubmitField("Upload")

View File

@ -45,6 +45,7 @@ from forms.themeform import ThemeForm
from forms.editorform import EditorForm from forms.editorform import EditorForm
from statuspengguna.helper import AreFilesUploaded from statuspengguna.helper import AreFilesUploaded
# Tada! # Tada!
from distribusi.cli import build_argparser from distribusi.cli import build_argparser
from distribusi.distribusi import distribusify from distribusi.distribusi import distribusify
@ -55,7 +56,7 @@ APP = create_app()
@APP.before_request @APP.before_request
def session_handler(): def session_handler():
session.permanent = True session.permanent = True
APP.permanent_session_lifetime = timedelta(minutes=1) APP.permanent_session_lifetime = timedelta(minutes=30)
@APP.route("/") @APP.route("/")
@ -125,15 +126,19 @@ def register():
flash("Invalid Entry", "warning") flash("Invalid Entry", "warning")
except InterfaceError: except InterfaceError:
db.session.rollback() db.session.rollback()
registerform.email.errors.append("Error connecting to the database") registerform.email.errors.append(
"Error connecting to the database"
)
flash("Error connecting to the database", "danger") flash("Error connecting to the database", "danger")
except DatabaseError: except DatabaseError:
db.session.rollback() db.session.rollback()
registerform.email.errors.append("Error connecting to the database") registerform.email.errors.append(
"Error connecting to the database"
)
flash("Error connecting to the database", "danger") flash("Error connecting to the database", "danger")
except BuildError: except BuildError:
db.session.rollback() db.session.rollback()
egisterform.email.errors.append("Unknown error occured!") registerform.email.errors.append("Unknown error occured!")
flash("An error occured !", "danger") flash("An error occured !", "danger")
return render_template("register.html", registerform=registerform) return render_template("register.html", registerform=registerform)
@ -244,7 +249,7 @@ def editor():
if editorform.validate_on_submit(): if editorform.validate_on_submit():
userfolder = os.path.join("stash", user.distribusiname) userfolder = os.path.join("stash", user.distribusiname)
cssfilename = "{}.css".format(editorform.cssname.data) cssfilename = "{}.css".format(editorform.cssname.data)
with open(os.path.join(userfolder, cssfilename), 'w') as cssfile: with open(os.path.join(userfolder, cssfilename), "w") as cssfile:
cssfile.write(editorform.css.data) cssfile.write(editorform.css.data)
cssfile.close cssfile.close

View File

@ -92,6 +92,7 @@ input[type="submit"]:disabled:focus {
background-color: #2D3039; background-color: #2D3039;
color: #d28cff; color: #d28cff;
} }
.error { .error {
color: #ff5a5a; color: #ff5a5a;
} }