Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
def validate_email(self, field):
if User.query.filter_by(email=field.data).first():
raise ValidationError('Email already registered.')
def validate_password(self, field):
u = User.query.filter_by(login_name=self.username.data).first()
if u is None or not u.verify_password(field.data):
raise ValidationError('Username or password is invalid.')
def validate_email(self, field):
if User.query.filter_by(email=field.data).first():
raise ValidationError('Email already registered.')
def __call__(self, form, field):
try:
other = form[self.field_name]
except KeyError:
raise ValidationError(
field.gettext("Invalid field name '%s'.") % self.field_name)
# make sure both values are of the same type
if not isinstance(field.data, type(other.data)):
raise ValidationError(
'Cannot compare the two fields: they are of different types.')
if field.data > other.data:
raise ValidationError(
'Please make sure %s is not greater than %s.' %
(field.label.text, other.label.text))
"""
get_logger(__name__).debug("Importing new plugin report in server...")
# Authorization code copy-pasted from server/api/base.py
ws = Workspace.query.filter_by(name=workspace).one()
if not (ws.active
):
# Don't raise a 403 to prevent workspace name enumeration
abort(404, "Workspace disabled: %s" % workspace)
if 'file' not in request.files:
abort(400)
try:
validate_csrf(request.form.get('csrf_token'))
except ValidationError:
abort(403)
report_file = request.files['file']
if report_file:
chars = string.ascii_uppercase + string.digits
random_prefix = ''.join(random.choice(chars) for x in range(12))
raw_report_filename = '{0}{1}'.format(random_prefix, secure_filename(report_file.filename))
try:
file_path = os.path.join(
CONF.getConfigPath(),
'uploaded_reports/{0}'.format(raw_report_filename))
except AttributeError:
get_logger().warning(
def validate_email(self, field):
if User.query.filter_by(email=field.data).first():
raise ValidationError('邮箱已经存在')
raise ValidationError('The CSRF token is missing.')
if field_name not in session:
raise ValidationError('The CSRF session token is missing.')
s = URLSafeTimedSerializer(secret_key, salt='wtf-csrf-token')
try:
token = s.loads(data, max_age=time_limit)
except SignatureExpired:
raise ValidationError('The CSRF token has expired.')
except BadData:
raise ValidationError('The CSRF token is invalid.')
if not safe_str_cmp(session[field_name], token):
raise ValidationError('The CSRF tokens do not match.')
def no_wiki_or_html(form, field):
if '[/url]' in field.data:
raise wtforms.ValidationError('Cannot search with wiki markup')
if '' in field.data:
raise wtforms.ValidationError('Cannot search with html markup')
def validate_email(self, field):
if User.query.filter_by(email=field.data).first():
raise ValidationError('Email already exists.')