Garmelon/euphoria-wtf
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Make bot less vulnerable

Browse source 
The bot still stores any number of explanations for a given word, and
prints all of them when using !wtf detail <word>. This means that it is
still vulnerable to some types of attacks.

Maybe I'll fix that sometime in the future.
This commit is contained in:
Joscha 2019-05-15 06:25:54 +00:00
parent f80a8e0b7c
commit 7d7c5a0c5f
2 changed files with 57 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

10
wtfdb.py
View file

@ -31,21 +31,23 @@ class WtfDB(yaboli.Database):
""", (acronym, explanation, author))
@yaboli.operation
def find(self, db, acronym):
def find(self, db, acronym, limit):
c = db.execute("""
SELECT acronym, explanation FROM acronyms
WHERE NOT deleted AND p_lower(acronym) = ?
ORDER BY acronym_id ASC
""", (acronym.lower(),))
LIMIT ?
""", (acronym.lower(), limit))
return c.fetchall()
@yaboli.operation
def find_full(self, db, acronym):
def find_full(self, db, acronym, limit):
c = db.execute("""
SELECT acronym_id, acronym, explanation, author FROM acronyms
WHERE NOT deleted AND p_lower(acronym) = ?
ORDER BY acronym_id ASC
""", (acronym.lower(),))
LIMIT ?
""", (acronym.lower(), limit))
return c.fetchall()
@yaboli.operation