From fae6e39c65d5c315a191f6dc1c8d1b51a9ab7a85 Mon Sep 17 00:00:00 2001
From: lanjelot <lanjelot@gmail.com>
Date: Sun, 20 Dec 2020 23:05:46 +1100
Subject: [PATCH 1/2] fix now show error when flag format is invalid
---
ctfpad/forms.py | 6 ++++++
ctfpad/templates/ctfpad/challenges/create.html | 2 +-
ctfpad/templates/ctfpad/challenges/detail.html | 4 ++++
ctfpad/views/challenges.py | 4 +---
4 files changed, 12 insertions(+), 4 deletions(-)
diff --git a/ctfpad/forms.py b/ctfpad/forms.py
index 165bbdc..060bff4 100644
--- a/ctfpad/forms.py
+++ b/ctfpad/forms.py
@@ -141,6 +141,12 @@ class Meta:
"last_update_by",
]
+ def clean_flag(self):
+ flag = self.cleaned_data.get("flag")
+ prefix = self.instance.ctf.flag_prefix
+ if not flag.startswith(prefix):
+ self.add_error("flag", f"Unexpected format for flag (missing '{prefix}')")
+ return flag
class ChallengeFileCreateForm(forms.ModelForm):
class Meta:
diff --git a/ctfpad/templates/ctfpad/challenges/create.html b/ctfpad/templates/ctfpad/challenges/create.html
index 9cf0949..5f5adbe 100644
--- a/ctfpad/templates/ctfpad/challenges/create.html
+++ b/ctfpad/templates/ctfpad/challenges/create.html
@@ -18,7 +18,7 @@
<div class="card" style="width: 35rem;">
<div class="card-header">
<h5 class="card-title">
- {% if form.name.value %}
+ {% if form.instance.creation_time %}
<p class="card-header-title">Updating Challenge {{form.name.value}}</p>
{% else %}
<p class="card-header-title">New Challenge</p>
diff --git a/ctfpad/templates/ctfpad/challenges/detail.html b/ctfpad/templates/ctfpad/challenges/detail.html
index 195d5a6..75f975b 100644
--- a/ctfpad/templates/ctfpad/challenges/detail.html
+++ b/ctfpad/templates/ctfpad/challenges/detail.html
@@ -53,7 +53,11 @@
<div class="row">
<div class="col-md-3" id="challenge_info_left_menu">
+ {% for message in messages %}
+ <p id="messages">{{message}}</p>
+ {% endfor %}
+ {{ form.errors }}
<div class="card card-body">
<a class="btn btn-warning btn-sm btn-block" href="{% url 'ctfpad:challenges-edit' challenge.id %}"><strong>Edit Challenge</strong></a>
<ul class="list-group">
diff --git a/ctfpad/views/challenges.py b/ctfpad/views/challenges.py
index 012eb69..59dabb8 100644
--- a/ctfpad/views/challenges.py
+++ b/ctfpad/views/challenges.py
@@ -88,6 +88,7 @@ def get_success_url(self):
class ChallengeSetFlagView(ChallengeUpdateView):
form_class = ChallengeSetFlagForm
+ template_name = "ctfpad/challenges/detail.html"
def get_success_url(self):
return reverse("ctfpad:challenges-detail", kwargs={'pk': self.object.pk})
@@ -97,9 +98,6 @@ def form_valid(self, form):
messages.error(self.request, f"Cannot score when CTF is over")
return redirect("ctfpad:challenges-detail", self.object.id)
- if not form.instance.flag.startswith( form.instance.ctf.flag_prefix ):
- messages.warning(self.request, f"Unexpected format for flag (missing '{form.instance.ctf.flag_prefix}')")
-
return super().form_valid(form)
From 28eebf0f61f464ea2cd3560e45ba5404f91362ce Mon Sep 17 00:00:00 2001
From: lanjelot <lanjelot@gmail.com>
Date: Mon, 21 Dec 2020 01:28:26 +1100
Subject: [PATCH 2/2] validate flag format
---
ctfpad/forms.py | 19 ++++++++++---------
.../templates/ctfpad/challenges/create.html | 8 ++++----
.../templates/ctfpad/challenges/detail.html | 4 ----
3 files changed, 14 insertions(+), 17 deletions(-)
diff --git a/ctfpad/forms.py b/ctfpad/forms.py
index 060bff4..881c505 100644
--- a/ctfpad/forms.py
+++ b/ctfpad/forms.py
@@ -126,14 +126,21 @@ class Meta:
"tags",
]
- is_update = True
-
def cleaned_tags(self):
data = [x.lower() for x in self.cleaned_data['tags'].split()]
return data
+ def clean_flag(self):
+ flag = self.cleaned_data.get("flag")
+ prefix = self.instance.ctf.flag_prefix
+
+ if flag and prefix and not flag.startswith(prefix):
+ self.add_error("flag", f"Unexpected format for flag (missing '{prefix}')")
+
+ return flag
+
-class ChallengeSetFlagForm(forms.ModelForm):
+class ChallengeSetFlagForm(ChallengeUpdateForm):
class Meta:
model = Challenge
fields = [
@@ -141,12 +148,6 @@ class Meta:
"last_update_by",
]
- def clean_flag(self):
- flag = self.cleaned_data.get("flag")
- prefix = self.instance.ctf.flag_prefix
- if not flag.startswith(prefix):
- self.add_error("flag", f"Unexpected format for flag (missing '{prefix}')")
- return flag
class ChallengeFileCreateForm(forms.ModelForm):
class Meta:
diff --git a/ctfpad/templates/ctfpad/challenges/create.html b/ctfpad/templates/ctfpad/challenges/create.html
index 5f5adbe..d24d4d7 100644
--- a/ctfpad/templates/ctfpad/challenges/create.html
+++ b/ctfpad/templates/ctfpad/challenges/create.html
@@ -18,7 +18,7 @@
<div class="card" style="width: 35rem;">
<div class="card-header">
<h5 class="card-title">
- {% if form.instance.creation_time %}
+ {% if form.name.value %}
<p class="card-header-title">Updating Challenge {{form.name.value}}</p>
{% else %}
<p class="card-header-title">New Challenge</p>
@@ -80,7 +80,7 @@ <h5 class="card-title">
<textarea id="{{form.description.id_for_label}}" name="{{form.description.html_name }}" placeholder="{{form.description.label}}" value="{{form.description.value}}" class="form-control">{% if form.description %}{{form.description.value}}{%endif%}</textarea>
</div>
- {% if form.is_update %}
+ {% if form.instance.creation_time %}
<label class="label"><strong>Flag</strong></label>
<div class="input-group mb-3">
<div class="input-group-append">
@@ -108,7 +108,7 @@ <h5 class="card-title">
{% endif %}
{% endif %}
- {% if form.is_update %}
+ {% if form.instance.creation_time %}
<label class="label"><strong>HedgeDoc ID </strong></label>
<div class="input-group mb-3">
<div class="input-group-append">
@@ -138,7 +138,7 @@ <h5 class="card-title">
<div class="card-footer text-muted">
<div class="control card-footer-item">
- {% if form.is_update %}
+ {% if form.instance.creation_time %}
<button type="button" class="btn-primary btn-sm btn-block" onclick="this.form.submit();">Update Challenge</button>
{% else %}
<button type="button" class="btn-primary btn-sm btn-block" onclick="this.form.submit();">Create Challenge</button>
diff --git a/ctfpad/templates/ctfpad/challenges/detail.html b/ctfpad/templates/ctfpad/challenges/detail.html
index 75f975b..5d10db8 100644
--- a/ctfpad/templates/ctfpad/challenges/detail.html
+++ b/ctfpad/templates/ctfpad/challenges/detail.html
@@ -53,10 +53,6 @@
<div class="row">
<div class="col-md-3" id="challenge_info_left_menu">
- {% for message in messages %}
- <p id="messages">{{message}}</p>
- {% endfor %}
-
{{ form.errors }}
<div class="card card-body">
<a class="btn btn-warning btn-sm btn-block" href="{% url 'ctfpad:challenges-edit' challenge.id %}"><strong>Edit Challenge</strong></a>