From cba3e827db85acd7136454305615e2a642a2bb99 Mon Sep 17 00:00:00 2001
From: joppiesaus <job@function1.nl>
Date: Sun, 30 Jun 2019 21:13:50 +0200
Subject: [PATCH] Fix being able to comment more than size limit

---
 app/event.rb | 6 ++++--
 app/site.rb  | 1 +
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/app/event.rb b/app/event.rb
index ef8c1090..72506c31 100644
--- a/app/event.rb
+++ b/app/event.rb
@@ -16,7 +16,8 @@ post '/event/:event_id/comment' do |event_id|
   if(site.is_blocking?(current_site) ||
      site.profile_comments_enabled == false ||
      current_site.commenting_allowed? == false ||
-     (current_site.is_a_jerk? && event.site_id != current_site.id && !site.is_following?(current_site)))
+     (current_site.is_a_jerk? && event.site_id != current_site.id && !site.is_following?(current_site)) ||
+     params[:message].length > Site::MAX_COMMENT_SIZE)
     return {result: 'error'}.to_json
   end
 
@@ -28,7 +29,8 @@ post '/event/:event_id/update_profile_comment' do |event_id|
   require_login
   content_type :json
   event = Event[id: event_id]
-  return {result: 'error'}.to_json unless current_site.id == event.profile_comment.actioning_site_id
+  return {result: 'error'}.to_json unless (current_site.id == event.profile_comment.actioning_site_id &&
+                                           params[:message].length <= Site::MAX_COMMENT_SIZE)
 
   event.profile_comment.update message: params[:message]
   return {result: 'success'}.to_json
diff --git a/app/site.rb b/app/site.rb
index 433455be..905130f3 100644
--- a/app/site.rb
+++ b/app/site.rb
@@ -163,6 +163,7 @@ post '/site/:username/comment' do |username|
 
   if site.profile_comments_enabled == false ||
      params[:message].empty? ||
+     params[:message].length > Site::MAX_COMMENT_SIZE ||
      site.is_blocking?(current_site) ||
      current_site.is_blocking?(site) ||
      current_site.commenting_allowed? == false ||