|
|
@ -30,7 +30,8 @@ db = SQLAlchemy(app) |
|
|
|
|
|
|
|
class Candidate(db.Model): |
|
|
|
id = db.Column(db.Integer, primary_key=True) |
|
|
|
content = db.Column(db.String(400)) |
|
|
|
content = db.Column(db.String(4000)) |
|
|
|
private = db.Column(db.String(1000)) |
|
|
|
url = db.Column(db.String(50)) |
|
|
|
time = db.Column(db.DateTime) |
|
|
|
toot = db.Column(db.BigInteger) |
|
|
@ -39,6 +40,7 @@ db.create_all() |
|
|
|
|
|
|
|
@app.route('/ordinary/') |
|
|
|
def list(): |
|
|
|
key = request.args.get('key') |
|
|
|
pag = Candidate.query.order_by(db.desc('id')).paginate(max_per_page=100) |
|
|
|
|
|
|
|
vs = [{ |
|
|
@ -48,28 +50,36 @@ def list(): |
|
|
|
} for name, ques, hint, ans in C.verify |
|
|
|
] |
|
|
|
|
|
|
|
return render_template('list.html', pagination=pag, vs=vs) |
|
|
|
return render_template('list.html', pagination=pag, vs=vs, showPrivate=(key==C.key)) |
|
|
|
|
|
|
|
@app.route('/ordinary/new', methods=['POST']) |
|
|
|
@limiter.limit("5 / hour; 1 / 2 second") |
|
|
|
def new_one(): |
|
|
|
|
|
|
|
content = request.form.get('text') |
|
|
|
private = request.form.get('privateText') |
|
|
|
url = request.form.get('url') |
|
|
|
|
|
|
|
for name, ques, hint, ans in C.verify: |
|
|
|
if request.form.get(name) != ans: abort(401) |
|
|
|
|
|
|
|
if not content or len(content)>400: abort(422) |
|
|
|
if not content or len(content)>4000: abort(422) |
|
|
|
if private and len(private)>1000: abort(422) |
|
|
|
if url and not re.match('https://(cloud\.tsinghua\.edu\.cn/f/[0-9a-z]+/(\?dl=1)?)|(closed\.social/safeShare/\d([a-zA-Z]+)?)', url): abort(422) |
|
|
|
|
|
|
|
if not Candidate.query.filter_by(content=content).first(): |
|
|
|
toot = th.status_post( |
|
|
|
f"叮~ 有新的自荐报名(大家可以直接在此处评论):\n\n{content}", |
|
|
|
visibility='unlisted' |
|
|
|
) |
|
|
|
|
|
|
|
c = Candidate(content=content, url=url, toot=toot.id, time = datetime.now()) |
|
|
|
) |
|
|
|
|
|
|
|
c = Candidate( |
|
|
|
content=content, |
|
|
|
private=private, |
|
|
|
url=url, |
|
|
|
toot=toot.id, |
|
|
|
time=datetime.now() |
|
|
|
) |
|
|
|
db.session.add(c) |
|
|
|
db.session.commit() |
|
|
|
|
|
|
|