d0s3t3ch/suchwow
1
0
Fork 0
mirror of https://git.wownero.com/lza_menace/suchwow.git synced 2024-08-15 01:03:19 +00:00
Code Issues Projects Releases Wiki Activity

add randomization to filenames so users cannot overwrite each other's images

Browse source
This commit is contained in:
lza_menace 2020-09-23 21:55:00 -07:00
parent d7e74f2932
commit 783b482a0a
1 changed files with 5 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

6
suchwow/routes/post.py
View file

@ -2,6 +2,7 @@ from os import path
from flask import render_template, Blueprint, request, session, flash from flask import render_template, Blueprint, request, session, flash
from flask import send_from_directory, redirect, url_for, current_app from flask import send_from_directory, redirect, url_for, current_app
from werkzeug.utils import secure_filename from werkzeug.utils import secure_filename
from secrets import token_urlsafe
from suchwow import wownero from suchwow import wownero
from suchwow.models import Post, Comment from suchwow.models import Post, Comment
from suchwow.utils.decorators import login_required, profile_required from suchwow.utils.decorators import login_required, profile_required
@ -67,7 +68,10 @@ def create():
flash("You didn't give your meme a spicy title, bro! You're fuckin up!") flash("You didn't give your meme a spicy title, bro! You're fuckin up!")
return redirect(request.url) return redirect(request.url)
if file and allowed_file(file.filename): if file and allowed_file(file.filename):
filename = secure_filename(file.filename) filename = "{}-{}".format(
token_urlsafe(12),
secure_filename(file.filename)
)
save_path_base = path.join(current_app.config["DATA_FOLDER"], "uploads") save_path_base = path.join(current_app.config["DATA_FOLDER"], "uploads")
save_path = path.join(save_path_base, filename) save_path = path.join(save_path_base, filename)
file.save(save_path) file.save(save_path)