From e8d37a791c36eb724911914ad9c54e9e40234cf4 Mon Sep 17 00:00:00 2001
From: Jeremy Zhang <jkzhang@uw.edu>
Date: Wed, 28 Mar 2018 04:51:05 +0000
Subject: [PATCH] Not 500 error when given invalid guild id or css id in embed
 page

---
 webapp/titanembeds/blueprints/embed/embed.py | 6 ++++--
 webapp/titanembeds/utils.py                  | 7 +++++++
 2 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/webapp/titanembeds/blueprints/embed/embed.py b/webapp/titanembeds/blueprints/embed/embed.py
index f5b4a6c..719e7cc 100644
--- a/webapp/titanembeds/blueprints/embed/embed.py
+++ b/webapp/titanembeds/blueprints/embed/embed.py
@@ -1,6 +1,6 @@
 from flask import Blueprint, render_template, abort, redirect, url_for, session, request
 from flask_babel import gettext
-from titanembeds.utils import check_guild_existance, guild_query_unauth_users_bool, guild_accepts_visitors, guild_unauthcaptcha_enabled
+from titanembeds.utils import check_guild_existance, guild_query_unauth_users_bool, guild_accepts_visitors, guild_unauthcaptcha_enabled, is_int
 from titanembeds.oauth import generate_guild_icon_url, generate_avatar_url
 from titanembeds.database import db, Guilds, UserCSS, list_disabled_guilds
 from config import config
@@ -25,6 +25,8 @@ def get_logingreeting():
 
 def get_custom_css():
     css = request.args.get("css", None)
+    if not is_int(css):
+        css = None
     if css:
         css = db.session.query(UserCSS).filter(UserCSS.id == css).first()
     return css
@@ -59,7 +61,7 @@ def parse_url_domain(url):
         return parsed.netloc
     return url
 
-@embed.route("/<string:guild_id>")
+@embed.route("/<int:guild_id>")
 def guild_embed(guild_id):
     if check_guild_existance(guild_id):
         guild = db.session.query(Guilds).filter(Guilds.guild_id == guild_id).first()
diff --git a/webapp/titanembeds/utils.py b/webapp/titanembeds/utils.py
index 485b82a..98b1b2c 100644
--- a/webapp/titanembeds/utils.py
+++ b/webapp/titanembeds/utils.py
@@ -322,6 +322,13 @@ def language_code_list():
         codes.append(lang["code"])
     return codes
 
+def is_int(specimen):
+    try:
+        int(specimen)
+        return True
+    except:
+        return False
+
 rate_limiter = Limiter(key_func=get_client_ipaddr) # Default limit by ip address
 socketio = SocketIO(engineio_logger=config.get("engineio-logging", False))
 babel = Babel()