Yolo, allowing all files is now possible

This commit is contained in:
Dominik V. Salonen 2015-12-24 17:00:59 +01:00
parent 5e718a4dc1
commit 94d5ce2818
3 changed files with 8 additions and 3 deletions

View File

@ -17,6 +17,7 @@ config["KEY"] = ""
# File settings
config["UPLOAD_FOLDER"] = './data'
config["ALLOW_ALL_FILES"] = True
config["ALLOWED_EXTENSIONS"] = set(['txt', 'pdf', 'png', 'jpg', 'jpeg', 'gif'])
# If this is set to true, old files will be deleted. TIME is how far behind (in seconds) the last accessed time can be before files get deleted
config["DELETE_FILES"] = True

8
run.py
View File

@ -58,13 +58,16 @@ def auth(key):
def allowed_file(filename):
if config["ALLOW_ALL_FILES"]:
return True
else:
return '.' in filename and filename.rsplit('.', 1)[1] in config["ALLOWED_EXTENSIONS"]
@app.route('/', methods=['GET', 'POST'])
def upload_file():
if request.method == 'POST':
print_log('Web', 'New file Received')
print_log('Web', 'New file received')
if not auth(request.headers.get('X-Hyozan-Auth')):
abort(403)
data = dict()
@ -92,7 +95,8 @@ def upload_file():
except Exception:
return json.dumps(data)
else:
return render_template('error.html')
print_log('Notice', 'Forbidden file received')
return render_template('error.html', page=config["SITE_DATA"], error="This file isn't allowed, sorry!")
# Return Web UI if we have a GET request
elif request.method == 'GET':

View File

@ -3,5 +3,5 @@
<h1 class="title">
Error
</h1>
<p>Oops, we won't allow you to upload that file at the moment - Sorry</p>
<p style="text-align: center;">{{ error }}</p>
{% endblock %}