kamandprompt / car-pool Goto Github PK
View Code? Open in Web Editor NEWA Car Pool app for IIT Mandi
A Car Pool app for IIT Mandi
Banner looks unappealing and consumes a lot of space. Remove it.
The email id used currently in proj/settings.py has been blocked. Create a new one and keeps its id password out of the main files (preferably create a json file) and add the json file to gitignore, so that no one has access to that email id.. and only admins know it.
Currently, the user adds a new ride and it creates a new Pool object which is stored in DB. However the user doesn't fetch any confirmation that his/her submission was successful or not. Redirect the user to the home page, and showcase a temporary alert mentioning that the submission was successful.
As this has to be made production ready, remove all instances which shows that this was made for a hackathon
right now if a person unticks paid trip(that is when a ride is added) the search doesn't output this trip if free is not ticked on the dashboard which actually should have been shown. What is meant that free tickde should show only those rides which have amount 0(even if adder clicked paid and then kept the amount as 0). otherwise all possible options of the day should be shown.
The project used a Gmail SMTP server which needs to be updated now. We can use the free tier of some services like SendGrid.
The code for configuring the SMTP server can be found here:
Lines 123 to 128 in c68e98c
๐ Hello, @Varunvaruns9, @vsvipul, @dependabot[bot] - a potential high severity Insufficiently Protected Credentials (CWE-522) vulnerability in your repository has been disclosed to us.
1๏ธโฃ Visit https://huntr.dev/bounties/1-other-KamandPrompt/Car-Pool for more advisory information.
2๏ธโฃ Sign-up to validate or speak to the researcher for more assistance.
3๏ธโฃ Propose a patch or outsource it to our community - whoever fixes it gets paid.
โ๏ธ NOTE: If we don't hear from you in 14 days, we will proactively source a fix for this vulnerability (and open a PR) to ensure community safety.
Join us on our Discord and a member of our team will be happy to help! ๐ค
Speak to a member of our team: @JamieSlome
This issue was automatically generated by huntr.dev - a bug bounty board for securing open source code.
Currently, these are the problems with validation of pool form:
We can override the default form.clean()
method on class PoolForm()
and make a custom clean method.
def clean(self):
cleaned_data = super(PoolForm,self).clean()
if cleaned_data.get('tot') <= 0:
raise forms.ValidationError("There should be atleast 1 seats")
if datetime.strptime(cleaned_data.get('dateTime'),"%Y-%m-%d %H:%M") <= datetime.now():
raise forms.ValidationError("Selected DateTime has passed. Please select a valid date.")
if cleaned_data.get('source') == cleaned_data.get('dest'):
raise forms.ValidationError("Source and Destination should be different")
if cleaned_data.get('paid') == False:
self.cleaned_data['amount']=0
else :
if cleaned_data.get('amount') < 0:
raise forms.ValidationError("Amount should be positive")
return cleaned_data
@dipanshu231099 Please review this issue and its solution
Currently the filter UI doesn't look like any standard filter you would find online. We should either make it a single line form or hide it under the name "Filters" unless someone clicks on it.
Add Ride and Filter forms currently don't have any proper error display container. We should add required error messages and display them if they are encountered.
Currently, we only show a text message telling the user that his account has been confirmed. Add a properly styled page with a link to the original website.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.