From b0addb6475f30d4a93d1732625982b67361ce17f Mon Sep 17 00:00:00 2001 From: Norm Rasmussen Date: Thu, 16 Mar 2023 21:36:01 -0400 Subject: [PATCH] Figured out brackets regex. Need to make sure there are no other special characters that put this function at risk. But it now deletes upon clearing session. --- app/routes.py | 15 +++++---------- 1 file changed, 5 insertions(+), 10 deletions(-) diff --git a/app/routes.py b/app/routes.py index c513f99..afef098 100644 --- a/app/routes.py +++ b/app/routes.py @@ -32,7 +32,7 @@ ALLOWED_EXTENSIONS = {"csv"} # Global Variables socketio = SocketIO(app) -specials = '"!@#$%^&[]*()-+?_=,<>/"' +specials = "'!@#$%^&*()\[\]-+?_=,<>/'" url = "https://api.northpass.com/" @@ -56,7 +56,8 @@ def key_response(response): def correct_key(response): data = response.json() - session["school"] = data["data"]["attributes"]["properties"]["name"] + session["raw_school"] = data["data"]["attributes"]["properties"]["name"] + session["sani_school"] = session["raw_school"].replace('[','').replace(']', '') return render_template("home.html", title="Active Session") @@ -384,7 +385,7 @@ def check_templates(response, name): if "201" in response: error = ( f"Success! The {name} template was successfully uploaded for " - + session["school"] + + session["raw_school"] + "." ) button = "Undo" @@ -403,13 +404,7 @@ def check_templates(response, name): def save_templates_backup(templates): - session["client_path"] = os.path.join(TEMPLATES_FOLDER, session["school"]) - if any(char in specials for char in session["client_path"]): - for char in specials: - session["sanitized_path"] = session["client_path"].replace(char,"") - print(session["sanitized_path"]) - else: - session["sanitized_path"] = session["client_path"] + session["client_path"] = os.path.join(TEMPLATES_FOLDER, session["sani_school"]) print(session["client_path"]) today = datetime.now(timezone.utc) if os.path.exists(session["client_path"]):