Add validation to zip releases

author: rubenwardy <rw@rubenwardy.com> 2020-01-19 01:37:15 +0000
committer: rubenwardy <rw@rubenwardy.com> 2020-01-19 01:37:15 +0000
commit: facdd35b11d3a635246a6287ea33d020f64c349b (patch)
tree: 40dd555ba3a2a56c2c5ed6332e4a9b325b4064fb /app/utils.py
parent: ec8a88a7a86c99b7c54a82b67f900406ffeb965a (diff)
download: cheatdb-facdd35b11d3a635246a6287ea33d020f64c349b.tar.xz
1 files changed, 6 insertions, 5 deletions
diff --git a/app/utils.py b/app/utils.py
index 983111c..fa423cb 100644
--- a/app/utils.py
+++ b/app/utils.py
@@ -49,7 +49,7 @@ def randomString(n):
 def doFileUpload(file, fileType, fileTypeDesc):
 	if not file or file is None or file.filename == "":
 		flash("No selected file", "error")
-		return None
+		return None, None
 
 	assert os.path.isdir(app.config["UPLOAD_DIR"]), "UPLOAD_DIR must exist"
 
@@ -66,17 +66,18 @@ def doFileUpload(file, fileType, fileTypeDesc):
 	ext = getExtension(file.filename)
 	if ext is None or not ext in allowedExtensions:
 		flash("Please upload load " + fileTypeDesc, "danger")
-		return None
+		return None, None
 
 	if isImage and not isAllowedImage(file.stream.read()):
 		flash("Uploaded image isn't actually an image", "danger")
-		return None
+		return None, None
 
 	file.stream.seek(0)
 
 	filename = randomString(10) + "." + ext
-	file.save(os.path.join(app.config["UPLOAD_DIR"], filename))
-	return "/uploads/" + filename
+	filepath = os.path.join(app.config["UPLOAD_DIR"], filename)
+	file.save(filepath)
+	return "/uploads/" + filename, filepath
 
 def make_flask_user_password(plaintext_str):
 	# http://passlib.readthedocs.io/en/stable/modular_crypt_format.html
author	rubenwardy <rw@rubenwardy.com>	2020-01-19 01:37:15 +0000
committer	rubenwardy <rw@rubenwardy.com>	2020-01-19 01:37:15 +0000
commit	facdd35b11d3a635246a6287ea33d020f64c349b (patch)
tree	40dd555ba3a2a56c2c5ed6332e4a9b325b4064fb /app/utils.py
parent	ec8a88a7a86c99b7c54a82b67f900406ffeb965a (diff)
download	cheatdb-facdd35b11d3a635246a6287ea33d020f64c349b.tar.xz