From c725313525466d0f1ed50dc15e91ba15f7c7bf9c Mon Sep 17 00:00:00 2001
From: Xodrium <118943715+malloc62@users.noreply.github.com>
Date: Fri, 10 Feb 2023 19:12:57 -0500
Subject: [PATCH] Added more file extensions

---
 src/lib/db/db.js | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/lib/db/db.js b/src/lib/db/db.js
index 322ea28..407a757 100644
--- a/src/lib/db/db.js
+++ b/src/lib/db/db.js
@@ -6,6 +6,8 @@ const AUTH_ACTIONS = [
     'vote'
 ];
 
+const fileSizeLimit = 1024*1024*5;
+
 import sqlite3 from 'sqlite3'
 import { open } from 'sqlite'
 import { hash, compare } from 'bcrypt'
@@ -248,14 +250,14 @@ backend.token = async ({cookies}) => {
 backend.fileCreate = async({img, extension}) => {
     const imgHash = createHash('md5').update(img).digest('hex');
 
-    let lengthCheck = checkLength(img,'Image',0,1024*1024*5);
+    let lengthCheck = checkLength(img,'Image',fileSizeLimit);
 
     if (lengthCheck)
         return lengthCheck;
 
     const extensionSafe = extension.replace(/(\s+)/g, '\\$1');
 
-    if (extensionSafe != 'png' && extensionSafe != 'jpg' && extensionSafe != 'svg' )
+    if (extensionSafe != 'png' && extensionSafe != 'jpg' && extensionSafe != 'svg' || extensionSafe != 'gif')
         return { success: 'Illegal file extension.' };
 
     writeFile(`${process.cwd()}/db/post-${imgHash}.${extensionSafe}`,img,{encoding: 'base64'});