AC comments

Repositories
Issues
Comments

Results 4 comments of

AC

TODO：一些需要继续推进的进度

发现一个越权漏洞，解决方案：authorId需根据article_id查询出来，因为前端的数据除了token，都不可信。 ```python json_data = request.json current_user_id = json_data.get('authorId') if g.user.id != current_user_id: # or g.current_user.can(Permission.ADMINISTER): return forbidden('Insufficient permissions') ```

FileNotFoundError: [Errno 2] No such file or directory: 'ffmpeg': 'ffmpeg'

On Windows， you must set environment variable `PATH`. * set it temporarily in python code. ``` import os os.environ['path'] = 'C:\\data\\ffmpeg.exe' # do someting ``` * set it permanently in...

Update fundInfo.json

Hi, @justincavery, is this project depreciated ? and the [NFTX APP V2.33.1 ](https://nftx.io/)online is NOT open-source ?

缺少classifier.py文件

this is the file: [🗄️ classifier.txt](https://github.com/youzan/YZSpamFilter/files/4461667/classifier.txt)