1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71
| from flask import Flask, request, render_template,render_template_string, redirect, url_for, session import time import os
app = Flask(__name__) app.secret_key = 'Ciallo~(∠・ω <)⌒★' FILTER_KEYWORDS = ['.','/','Ciallo~(∠・ω <)⌒★'] TIME_LIMIT = 1 def contains_forbidden_keywords(complaint): for keyword in FILTER_KEYWORDS: if keyword.lower() in complaint: return True return False
@app.route('/', methods=['GET']) def index(): session['user'] = 'test' return render_template('index.html')
@app.route('/mod', methods=['GET', 'POST']) def complaint_form(): if request.method == 'POST': current_dir = os.path.dirname(os.path.abspath(__file__)) con = request.form.get('mod') if contains_forbidden_keywords(con): return render_template('forbidden.html') conn = os.path.join(current_dir, con) if not os.path.exists(conn): return render_template('None.html') with open(conn, 'r', encoding='utf-8') as file: content = file.read() return render_template('contents.html', content=content) return render_template('submit.html')
@app.route('/test', methods=['GET', 'POST']) def shell(): if session.get('user') != 'test': return render_template('Auth.html') cmd = request.args.get('cmd', '试一试') if request.method == 'POST': css_url = url_for('static', filename='style.css') command = request.form.get('cmd') if contains_forbidden_keywords(command): return render_template('forbidden.html') return render_template_string(f''' <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>Loving Music</title> <link rel="stylesheet" href="{css_url}"> <link href="https://fonts.googleapis.com/css2?family=Poppins:wght@400;600&display=swap" rel="stylesheet"> </head> <body> <div class="container"> <h1>Loving Music</h1> <p class="emoji">🎵</p> <p>{command}</p> <a href="#" class="button">点击我</a> </div> </body> </html> ''', command=command,css_url=css_url) return render_template('shell.html', command=cmd) @app.route('/robots.txt', methods=['GET', 'POST']) def robots(): return render_template('robots.txt')
if __name__ == '__main__': app.run(host="0.0.0.0", port=8449, debug=True)
|