2017-09-03 04:50:31 +00:00
/ *
*
2017-09-13 15:09:13 +00:00
* Gosora Route Handlers
* Copyright Azareal 2016 - 2018
2017-09-03 04:50:31 +00:00
*
* /
2016-12-02 07:38:54 +00:00
package main
2017-05-11 13:04:43 +00:00
import (
"log"
2017-06-12 09:03:14 +00:00
//"fmt"
2017-05-11 13:04:43 +00:00
"bytes"
2017-09-03 04:50:31 +00:00
"html"
2017-05-11 13:04:43 +00:00
"io"
"net"
"net/http"
2017-09-03 04:50:31 +00:00
"os"
"regexp"
"strconv"
"strings"
"time"
2017-06-19 08:06:54 +00:00
"./query_gen/lib"
2017-05-11 13:04:43 +00:00
)
2017-04-05 14:05:37 +00:00
2016-12-02 07:38:54 +00:00
// A blank list to fill out that parameter in Page for routes which don't use it
2016-12-18 12:56:06 +00:00
var tList [ ] interface { }
2017-09-03 04:50:31 +00:00
//var nList []string
var hvars * HeaderVars // We might need to rethink this now that it's a pointer
var successJSONBytes = [ ] byte ( ` { "success":"1"} ` )
var cacheControlMaxAge = "max-age=" + strconv . Itoa ( day )
2016-12-02 07:38:54 +00:00
2017-07-17 10:23:42 +00:00
func init ( ) {
2017-09-03 04:50:31 +00:00
hvars = & HeaderVars { Site : site }
2017-07-17 10:23:42 +00:00
}
2017-09-10 16:57:22 +00:00
type HTTPSRedirect struct {
2017-08-13 11:22:34 +00:00
}
2017-09-10 16:57:22 +00:00
func ( red * HTTPSRedirect ) ServeHTTP ( w http . ResponseWriter , req * http . Request ) {
2017-08-13 11:22:34 +00:00
dest := "https://" + req . Host + req . URL . Path
if len ( req . URL . RawQuery ) > 0 {
dest += "?" + req . URL . RawQuery
}
2017-09-03 04:50:31 +00:00
http . Redirect ( w , req , dest , http . StatusTemporaryRedirect )
2017-08-13 11:22:34 +00:00
}
2016-12-02 07:38:54 +00:00
// GET functions
2017-09-11 10:24:03 +00:00
func routeStatic ( w http . ResponseWriter , r * http . Request ) {
2017-01-01 15:45:43 +00:00
//log.Print("Outputting static file '" + r.URL.Path + "'")
2017-09-03 04:50:31 +00:00
file , ok := staticFiles [ r . URL . Path ]
2017-01-01 15:45:43 +00:00
if ! ok {
w . WriteHeader ( http . StatusNotFound )
return
}
2017-09-10 16:57:22 +00:00
h := w . Header ( )
2017-05-29 14:52:37 +00:00
2017-01-01 15:45:43 +00:00
// Surely, there's a more efficient way of doing this?
2017-09-10 16:57:22 +00:00
t , err := time . Parse ( http . TimeFormat , h . Get ( "If-Modified-Since" ) )
if err == nil && file . Info . ModTime ( ) . Before ( t . Add ( 1 * time . Second ) ) {
2016-12-05 07:21:17 +00:00
w . WriteHeader ( http . StatusNotModified )
return
}
2017-01-01 15:45:43 +00:00
h . Set ( "Last-Modified" , file . FormattedModTime )
h . Set ( "Content-Type" , file . Mimetype )
2017-08-17 11:13:49 +00:00
//Cache-Control: max-age=31536000
h . Set ( "Cache-Control" , cacheControlMaxAge )
2017-09-03 04:50:31 +00:00
h . Set ( "Vary" , "Accept-Encoding" )
2017-01-01 15:45:43 +00:00
//http.ServeContent(w,r,r.URL.Path,file.Info.ModTime(),file)
//w.Write(file.Data)
2017-09-10 16:57:22 +00:00
if strings . Contains ( h . Get ( "Accept-Encoding" ) , "gzip" ) {
2017-09-03 04:50:31 +00:00
h . Set ( "Content-Encoding" , "gzip" )
2017-02-16 06:47:55 +00:00
h . Set ( "Content-Length" , strconv . FormatInt ( file . GzipLength , 10 ) )
2017-02-10 13:39:13 +00:00
io . Copy ( w , bytes . NewReader ( file . GzipData ) ) // Use w.Write instead?
} else {
2017-02-16 06:47:55 +00:00
h . Set ( "Content-Length" , strconv . FormatInt ( file . Length , 10 ) ) // Avoid doing a type conversion every time?
2017-02-10 13:39:13 +00:00
io . Copy ( w , bytes . NewReader ( file . Data ) )
}
2017-01-01 15:45:43 +00:00
//io.CopyN(w, bytes.NewReader(file.Data), static_files[r.URL.Path].Length)
2016-12-05 07:21:17 +00:00
}
2017-06-05 11:57:27 +00:00
// Deprecated: Test route for stopping the server during a performance analysis
2017-01-17 07:55:46 +00:00
/ * func route_exit ( w http . ResponseWriter , r * http . Request ) {
db . Close ( )
os . Exit ( 0 )
2017-04-12 13:39:03 +00:00
}
2017-01-17 07:55:46 +00:00
2017-06-28 12:05:26 +00:00
// Deprecated: Test route to see which file serving method is faster
2016-12-05 07:21:17 +00:00
func route_fstatic ( w http . ResponseWriter , r * http . Request ) {
2017-01-31 05:13:38 +00:00
http . ServeFile ( w , r , r . URL . Path )
2017-04-12 13:39:03 +00:00
} * /
2016-12-05 07:21:17 +00:00
2017-09-10 16:57:22 +00:00
// TODO: Make this a static file somehow? Is it possible for us to put this file somewhere else?
// TODO: Add a sitemap
// TODO: Add an API so that plugins can register disallowed areas. E.g. /groups/join for plugin_socialgroups
2017-09-11 10:24:03 +00:00
func routeRobotsTxt ( w http . ResponseWriter , r * http . Request ) {
2017-09-03 04:50:31 +00:00
_ , _ = w . Write ( [ ] byte ( ` User - agent : *
2017-08-06 15:22:18 +00:00
Disallow : / panel /
Disallow : / topics / create /
Disallow : / user / edit /
Disallow : / accounts /
` ) )
}
2017-09-11 10:24:03 +00:00
func routeOverview ( w http . ResponseWriter , r * http . Request , user User ) {
2017-09-10 17:39:16 +00:00
headerVars , ok := UserCheck ( w , r , & user )
2016-12-16 10:37:42 +00:00
if ! ok {
return
}
2017-09-03 04:50:31 +00:00
BuildWidgets ( "overview" , nil , headerVars , r )
2017-06-28 12:05:26 +00:00
2017-09-03 04:50:31 +00:00
pi := Page { "Overview" , user , headerVars , tList , nil }
if preRenderHooks [ "pre_render_overview" ] != nil {
if runPreRenderHook ( "pre_render_overview" , w , r , & user , & pi ) {
2017-07-12 11:05:18 +00:00
return
}
}
2017-09-03 04:50:31 +00:00
err := templates . ExecuteTemplate ( w , "overview.html" , pi )
2017-05-29 14:52:37 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2017-05-29 14:52:37 +00:00
}
2016-12-02 07:38:54 +00:00
}
2017-09-11 10:24:03 +00:00
func routeCustomPage ( w http . ResponseWriter , r * http . Request , user User ) {
2017-09-10 17:39:16 +00:00
headerVars , ok := UserCheck ( w , r , & user )
2016-12-16 10:37:42 +00:00
if ! ok {
return
}
2017-06-28 12:05:26 +00:00
2016-12-09 13:46:29 +00:00
name := r . URL . Path [ len ( "/pages/" ) : ]
2017-09-03 04:50:31 +00:00
if templates . Lookup ( "page_" + name ) == nil {
NotFound ( w , r )
2017-01-17 07:55:46 +00:00
return
2016-12-13 02:14:14 +00:00
}
2017-09-03 04:50:31 +00:00
BuildWidgets ( "custom_page" , name , headerVars , r )
2017-07-12 11:05:18 +00:00
2017-09-03 04:50:31 +00:00
pi := Page { "Page" , user , headerVars , tList , nil }
if preRenderHooks [ "pre_render_custom_page" ] != nil {
if runPreRenderHook ( "pre_render_custom_page" , w , r , & user , & pi ) {
2017-07-12 11:05:18 +00:00
return
}
}
2017-05-29 14:52:37 +00:00
2017-09-03 04:50:31 +00:00
err := templates . ExecuteTemplate ( w , "page_" + name , pi )
2016-12-08 14:11:18 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2016-12-02 07:38:54 +00:00
}
}
2017-05-29 14:52:37 +00:00
2017-09-10 16:57:22 +00:00
// TODO: Paginate this
2017-09-11 10:24:03 +00:00
func routeTopics ( w http . ResponseWriter , r * http . Request , user User ) {
2017-09-10 17:39:16 +00:00
headerVars , ok := UserCheck ( w , r , & user )
2016-12-16 10:37:42 +00:00
if ! ok {
return
}
2017-09-03 04:50:31 +00:00
BuildWidgets ( "topics" , nil , headerVars , r )
2017-05-29 14:52:37 +00:00
2017-06-19 08:06:54 +00:00
var qlist string
var fidList [ ] interface { }
2017-02-05 14:41:53 +00:00
group := groups [ user . Group ]
for _ , fid := range group . CanSee {
2017-06-28 12:05:26 +00:00
if fstore . DirtyGet ( fid ) . Name != "" {
2017-09-03 04:50:31 +00:00
fidList = append ( fidList , strconv . Itoa ( fid ) )
2017-06-19 08:06:54 +00:00
qlist += "?,"
2017-02-05 14:41:53 +00:00
}
}
2017-09-03 04:50:31 +00:00
qlist = qlist [ 0 : len ( qlist ) - 1 ]
2017-05-29 14:52:37 +00:00
2017-08-06 15:22:18 +00:00
var topicList [ ] * TopicsRow
//stmt, err := qgen.Builder.SimpleLeftJoin("topics","users","topics.tid, topics.title, topics.content, topics.createdBy, topics.is_closed, topics.sticky, topics.createdAt, topics.lastReplyAt, topics.parentID, topics.postCount, topics.likeCount, users.name, users.avatar","topics.createdBy = users.uid","parentID IN("+qlist+")","topics.sticky DESC, topics.lastReplyAt DESC, topics.createdBy DESC","")
2017-09-03 04:50:31 +00:00
stmt , err := qgen . Builder . SimpleSelect ( "topics" , "tid, title, content, createdBy, is_closed, sticky, createdAt, lastReplyAt, lastReplyBy, parentID, postCount, likeCount" , "parentID IN(" + qlist + ")" , "sticky DESC, lastReplyAt DESC, createdBy DESC" , "" )
2017-06-19 08:06:54 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2017-06-19 08:06:54 +00:00
return
}
rows , err := stmt . Query ( fidList ... )
2016-12-02 07:38:54 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2016-12-02 07:38:54 +00:00
return
}
2017-08-06 15:22:18 +00:00
defer rows . Close ( )
2017-05-29 14:52:37 +00:00
2017-09-03 04:50:31 +00:00
var reqUserList = make ( map [ int ] bool )
2016-12-02 07:38:54 +00:00
for rows . Next ( ) {
2017-08-06 15:22:18 +00:00
topicItem := TopicsRow { ID : 0 }
2017-09-03 04:50:31 +00:00
err := rows . Scan ( & topicItem . ID , & topicItem . Title , & topicItem . Content , & topicItem . CreatedBy , & topicItem . IsClosed , & topicItem . Sticky , & topicItem . CreatedAt , & topicItem . LastReplyAt , & topicItem . LastReplyBy , & topicItem . ParentID , & topicItem . PostCount , & topicItem . LikeCount )
2016-12-02 07:38:54 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2016-12-02 07:38:54 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-09-03 04:50:31 +00:00
topicItem . Link = buildTopicURL ( nameToSlug ( topicItem . Title ) , topicItem . ID )
2017-05-29 14:52:37 +00:00
2017-07-12 11:05:18 +00:00
forum := fstore . DirtyGet ( topicItem . ParentID )
2017-02-06 04:52:19 +00:00
if topicItem . ParentID >= 0 {
2017-07-12 11:05:18 +00:00
topicItem . ForumName = forum . Name
topicItem . ForumLink = forum . Link
2017-02-06 04:52:19 +00:00
} else {
topicItem . ForumName = ""
2017-08-13 11:22:34 +00:00
//topicItem.ForumLink = ""
2017-02-06 04:52:19 +00:00
}
2017-05-29 14:52:37 +00:00
2017-09-03 04:50:31 +00:00
/ * topicItem . CreatedAt , err = relativeTime ( topicItem . CreatedAt )
2017-02-06 04:52:19 +00:00
if err != nil {
2017-06-12 09:03:14 +00:00
replyItem . CreatedAt = ""
2017-02-06 04:52:19 +00:00
} * /
2017-09-03 04:50:31 +00:00
topicItem . LastReplyAt , err = relativeTime ( topicItem . LastReplyAt )
2017-02-06 04:52:19 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2017-02-06 04:52:19 +00:00
}
2017-05-29 14:52:37 +00:00
2017-09-03 04:50:31 +00:00
if vhooks [ "topics_topic_row_assign" ] != nil {
runVhook ( "topics_topic_row_assign" , & topicItem , & forum )
2016-12-11 16:06:17 +00:00
}
2017-08-06 15:22:18 +00:00
topicList = append ( topicList , & topicItem )
reqUserList [ topicItem . CreatedBy ] = true
reqUserList [ topicItem . LastReplyBy ] = true
2016-12-02 07:38:54 +00:00
}
err = rows . Err ( )
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2016-12-02 07:38:54 +00:00
return
}
2017-08-06 15:22:18 +00:00
// Convert the user ID map to a slice, then bulk load the users
2017-09-03 04:50:31 +00:00
var idSlice = make ( [ ] int , len ( reqUserList ) )
2017-08-06 15:22:18 +00:00
var i int
2017-09-03 04:50:31 +00:00
for userID := range reqUserList {
2017-08-06 15:22:18 +00:00
idSlice [ i ] = userID
i ++
}
2017-09-10 16:57:22 +00:00
// TODO: What if a user is deleted via the Control Panel?
2017-08-06 15:22:18 +00:00
userList , err := users . BulkCascadeGetMap ( idSlice )
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2017-08-06 15:22:18 +00:00
return
}
// Second pass to the add the user data
2017-09-10 16:57:22 +00:00
// TODO: Use a pointer to TopicsRow instead of TopicsRow itself?
2017-08-06 15:22:18 +00:00
for _ , topicItem := range topicList {
topicItem . Creator = userList [ topicItem . CreatedBy ]
topicItem . LastUser = userList [ topicItem . LastReplyBy ]
}
2017-05-29 14:52:37 +00:00
2017-09-03 04:50:31 +00:00
pi := TopicsPage { "Topic List" , user , headerVars , topicList }
if preRenderHooks [ "pre_render_topic_list" ] != nil {
if runPreRenderHook ( "pre_render_topic_list" , w , r , & user , & pi ) {
2017-07-12 11:05:18 +00:00
return
}
}
2017-09-03 04:50:31 +00:00
RunThemeTemplate ( headerVars . ThemeName , "topics" , pi , w )
2016-12-02 07:38:54 +00:00
}
2016-12-03 13:45:08 +00:00
2017-09-11 10:24:03 +00:00
func routeForum ( w http . ResponseWriter , r * http . Request , user User , sfid string ) {
2017-01-26 13:37:50 +00:00
page , _ := strconv . Atoi ( r . FormValue ( "page" ) )
2017-06-25 09:56:39 +00:00
// SEO URLs...
2017-09-03 04:50:31 +00:00
halves := strings . Split ( sfid , "." )
2017-06-25 09:56:39 +00:00
if len ( halves ) < 2 {
2017-09-03 04:50:31 +00:00
halves = append ( halves , halves [ 0 ] )
2017-06-25 09:56:39 +00:00
}
fid , err := strconv . Atoi ( halves [ 1 ] )
2016-12-03 13:45:08 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
PreError ( "The provided ForumID is not a valid number." , w , r )
2016-12-03 13:45:08 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-09-10 17:39:16 +00:00
headerVars , ok := ForumUserCheck ( w , r , & user , fid )
2017-02-05 16:36:54 +00:00
if ! ok {
2016-12-03 13:45:08 +00:00
return
}
2017-08-13 11:22:34 +00:00
//log.Printf("groups[user.Group]: %+v\n", groups[user.Group].Forums)
2017-02-05 16:36:54 +00:00
if ! user . Perms . ViewTopic {
2017-09-03 04:50:31 +00:00
NoPermissions ( w , r , user )
2016-12-21 02:30:32 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-09-10 16:57:22 +00:00
// TODO: Fix this double-check
2017-06-28 12:05:26 +00:00
forum , err := fstore . CascadeGet ( fid )
if err == ErrNoRows {
2017-09-03 04:50:31 +00:00
NotFound ( w , r )
2017-06-28 12:05:26 +00:00
return
} else if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2017-06-28 12:05:26 +00:00
return
}
2017-09-03 04:50:31 +00:00
BuildWidgets ( "view_forum" , forum , headerVars , r )
2017-06-28 12:05:26 +00:00
2017-01-26 13:37:50 +00:00
// Calculate the offset
var offset int
2017-09-03 04:50:31 +00:00
lastPage := ( forum . TopicCount / config . ItemsPerPage ) + 1
2017-01-26 13:37:50 +00:00
if page > 1 {
2017-07-17 10:23:42 +00:00
offset = ( config . ItemsPerPage * page ) - config . ItemsPerPage
2017-01-26 13:37:50 +00:00
} else if page == - 1 {
2017-09-03 04:50:31 +00:00
page = lastPage
2017-07-17 10:23:42 +00:00
offset = ( config . ItemsPerPage * page ) - config . ItemsPerPage
2017-01-26 13:37:50 +00:00
} else {
page = 1
}
2017-09-03 04:50:31 +00:00
rows , err := get_forum_topics_offset_stmt . Query ( fid , offset , config . ItemsPerPage )
2016-12-03 13:45:08 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2016-12-03 13:45:08 +00:00
return
}
2017-08-06 15:22:18 +00:00
defer rows . Close ( )
2017-05-29 14:52:37 +00:00
2017-09-10 16:57:22 +00:00
// TODO: Use something other than TopicsRow as we don't need to store the forum name and link on each and every topic item?
2017-08-06 15:22:18 +00:00
var topicList [ ] * TopicsRow
2017-09-03 04:50:31 +00:00
var reqUserList = make ( map [ int ] bool )
2016-12-03 13:45:08 +00:00
for rows . Next ( ) {
2017-09-03 04:50:31 +00:00
var topicItem = TopicsRow { ID : 0 }
err := rows . Scan ( & topicItem . ID , & topicItem . Title , & topicItem . Content , & topicItem . CreatedBy , & topicItem . IsClosed , & topicItem . Sticky , & topicItem . CreatedAt , & topicItem . LastReplyAt , & topicItem . LastReplyBy , & topicItem . ParentID , & topicItem . PostCount , & topicItem . LikeCount )
2016-12-03 13:45:08 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2016-12-03 13:45:08 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-09-03 04:50:31 +00:00
topicItem . Link = buildTopicURL ( nameToSlug ( topicItem . Title ) , topicItem . ID )
topicItem . LastReplyAt , err = relativeTime ( topicItem . LastReplyAt )
2017-02-06 04:52:19 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2017-02-06 04:52:19 +00:00
}
2017-05-29 14:52:37 +00:00
2017-09-03 04:50:31 +00:00
if vhooks [ "forum_trow_assign" ] != nil {
runVhook ( "forum_trow_assign" , & topicItem , & forum )
2016-12-11 16:06:17 +00:00
}
2017-08-06 15:22:18 +00:00
topicList = append ( topicList , & topicItem )
reqUserList [ topicItem . CreatedBy ] = true
reqUserList [ topicItem . LastReplyBy ] = true
2016-12-03 13:45:08 +00:00
}
err = rows . Err ( )
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2016-12-03 13:45:08 +00:00
return
}
2017-08-06 15:22:18 +00:00
// Convert the user ID map to a slice, then bulk load the users
2017-09-03 04:50:31 +00:00
var idSlice = make ( [ ] int , len ( reqUserList ) )
2017-08-06 15:22:18 +00:00
var i int
2017-09-03 04:50:31 +00:00
for userID := range reqUserList {
2017-08-06 15:22:18 +00:00
idSlice [ i ] = userID
i ++
}
2017-09-10 16:57:22 +00:00
// TODO: What if a user is deleted via the Control Panel?
2017-08-06 15:22:18 +00:00
userList , err := users . BulkCascadeGetMap ( idSlice )
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2017-08-06 15:22:18 +00:00
return
}
// Second pass to the add the user data
2017-09-10 16:57:22 +00:00
// TODO: Use a pointer to TopicsRow instead of TopicsRow itself?
2017-08-06 15:22:18 +00:00
for _ , topicItem := range topicList {
topicItem . Creator = userList [ topicItem . CreatedBy ]
topicItem . LastUser = userList [ topicItem . LastReplyBy ]
}
2017-05-29 14:52:37 +00:00
2017-09-03 04:50:31 +00:00
pi := ForumPage { forum . Name , user , headerVars , topicList , * forum , page , lastPage }
if preRenderHooks [ "pre_render_view_forum" ] != nil {
if runPreRenderHook ( "pre_render_view_forum" , w , r , & user , & pi ) {
2017-07-12 11:05:18 +00:00
return
}
}
2017-09-03 04:50:31 +00:00
RunThemeTemplate ( headerVars . ThemeName , "forum" , pi , w )
2016-12-03 13:45:08 +00:00
}
2017-09-11 10:24:03 +00:00
func routeForums ( w http . ResponseWriter , r * http . Request , user User ) {
2017-09-10 17:39:16 +00:00
headerVars , ok := UserCheck ( w , r , & user )
2016-12-16 10:37:42 +00:00
if ! ok {
return
}
2017-09-03 04:50:31 +00:00
BuildWidgets ( "forums" , nil , headerVars , r )
2017-05-29 14:52:37 +00:00
2017-02-06 04:52:19 +00:00
var err error
2017-07-12 11:05:18 +00:00
var forumList [ ] Forum
var canSee [ ] int
2017-09-03 04:50:31 +00:00
if user . IsSuperAdmin {
2017-09-10 16:57:22 +00:00
canSee , err = fstore . GetAllVisibleIDs ( )
2017-07-12 11:05:18 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2017-07-12 11:05:18 +00:00
return
}
2017-08-13 11:22:34 +00:00
//log.Print("canSee",canSee)
2017-07-12 11:05:18 +00:00
} else {
group := groups [ user . Group ]
canSee = group . CanSee
2017-08-13 11:22:34 +00:00
//log.Print("group.CanSee",group.CanSee)
2017-07-12 11:05:18 +00:00
}
for _ , fid := range canSee {
2017-08-13 11:22:34 +00:00
//log.Print(forums[fid])
2017-09-03 04:50:31 +00:00
var forum = * fstore . DirtyGet ( fid )
2017-09-10 16:57:22 +00:00
if forum . ParentID == 0 {
2017-02-06 04:52:19 +00:00
if forum . LastTopicID != 0 {
2017-09-03 04:50:31 +00:00
forum . LastTopicTime , err = relativeTime ( forum . LastTopicTime )
2017-02-06 04:52:19 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2017-02-06 04:52:19 +00:00
}
} else {
forum . LastTopic = "None"
forum . LastTopicTime = ""
}
2017-07-12 11:05:18 +00:00
if hooks [ "forums_frow_assign" ] != nil {
2017-09-03 04:50:31 +00:00
runHook ( "forums_frow_assign" , & forum )
2017-07-12 11:05:18 +00:00
}
2017-02-06 04:52:19 +00:00
forumList = append ( forumList , forum )
2016-12-03 13:45:08 +00:00
}
}
2017-05-29 14:52:37 +00:00
2017-09-03 04:50:31 +00:00
pi := ForumsPage { "Forum List" , user , headerVars , forumList }
if preRenderHooks [ "pre_render_forum_list" ] != nil {
if runPreRenderHook ( "pre_render_forum_list" , w , r , & user , & pi ) {
2017-07-12 11:05:18 +00:00
return
}
}
2017-09-03 04:50:31 +00:00
RunThemeTemplate ( headerVars . ThemeName , "forums" , pi , w )
2016-12-03 13:45:08 +00:00
}
2017-05-29 14:52:37 +00:00
2017-09-11 10:24:03 +00:00
func routeTopicID ( w http . ResponseWriter , r * http . Request , user User ) {
2017-04-06 17:37:32 +00:00
var err error
var page , offset int
var replyList [ ] Reply
2017-05-29 14:52:37 +00:00
2017-01-21 18:16:27 +00:00
page , _ = strconv . Atoi ( r . FormValue ( "page" ) )
2017-06-28 12:05:26 +00:00
// SEO URLs...
2017-09-03 04:50:31 +00:00
halves := strings . Split ( r . URL . Path [ len ( "/topic/" ) : ] , "." )
2017-06-28 12:05:26 +00:00
if len ( halves ) < 2 {
2017-09-03 04:50:31 +00:00
halves = append ( halves , halves [ 0 ] )
2017-06-28 12:05:26 +00:00
}
tid , err := strconv . Atoi ( halves [ 1 ] )
2016-12-02 07:38:54 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
PreError ( "The provided TopicID is not a valid number." , w , r )
2016-12-02 07:38:54 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-04-02 13:00:40 +00:00
// Get the topic...
2017-09-03 04:50:31 +00:00
topic , err := getTopicuser ( tid )
2017-06-28 12:05:26 +00:00
if err == ErrNoRows {
2017-09-03 04:50:31 +00:00
NotFound ( w , r )
2016-12-02 07:38:54 +00:00
return
} else if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2016-12-02 07:38:54 +00:00
return
}
2017-07-17 10:23:42 +00:00
topic . ClassName = ""
2017-05-29 14:52:37 +00:00
2017-09-10 17:39:16 +00:00
headerVars , ok := ForumUserCheck ( w , r , & user , topic . ParentID )
2017-02-05 16:36:54 +00:00
if ! ok {
2017-01-31 05:13:38 +00:00
return
}
2017-02-05 16:36:54 +00:00
if ! user . Perms . ViewTopic {
2017-08-13 11:22:34 +00:00
//log.Printf("user.Perms: %+v\n", user.Perms)
2017-09-03 04:50:31 +00:00
NoPermissions ( w , r , user )
2017-01-31 05:13:38 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-09-03 04:50:31 +00:00
BuildWidgets ( "view_topic" , & topic , headerVars , r )
2017-06-28 12:05:26 +00:00
2017-09-03 04:50:31 +00:00
topic . Content = parseMessage ( topic . Content )
topic . ContentLines = strings . Count ( topic . Content , "\n" )
2017-05-29 14:52:37 +00:00
2017-01-10 06:51:28 +00:00
// We don't want users posting in locked topics...
2017-09-03 04:50:31 +00:00
if topic . IsClosed && ! user . IsMod {
2017-01-10 06:51:28 +00:00
user . Perms . CreateReply = false
2016-12-03 04:50:35 +00:00
}
2017-05-29 14:52:37 +00:00
2017-03-15 09:34:07 +00:00
topic . Tag = groups [ topic . Group ] . Tag
2017-09-03 04:50:31 +00:00
if groups [ topic . Group ] . IsMod || groups [ topic . Group ] . IsAdmin {
2017-07-17 10:23:42 +00:00
topic . ClassName = config . StaffCss
2016-12-04 06:16:59 +00:00
}
2017-05-29 14:52:37 +00:00
2017-08-20 09:39:02 +00:00
/ * if headerVars . Settings [ "url_tags" ] == false {
2016-12-09 13:46:29 +00:00
topic . URLName = ""
} else {
topic . URL , ok = external_sites [ topic . URLPrefix ]
if ! ok {
topic . URL = topic . URLName
} else {
2017-01-17 07:55:46 +00:00
topic . URL = topic . URL + topic . URLName
2016-12-09 13:46:29 +00:00
}
2017-02-15 10:49:30 +00:00
} * /
2017-05-29 14:52:37 +00:00
2017-09-03 04:50:31 +00:00
topic . CreatedAt , err = relativeTime ( topic . CreatedAt )
2017-06-12 09:03:14 +00:00
if err != nil {
topic . CreatedAt = ""
}
2017-01-21 18:16:27 +00:00
// Calculate the offset
2017-09-03 04:50:31 +00:00
lastPage := ( topic . PostCount / config . ItemsPerPage ) + 1
2017-01-21 18:16:27 +00:00
if page > 1 {
2017-07-17 10:23:42 +00:00
offset = ( config . ItemsPerPage * page ) - config . ItemsPerPage
2017-01-21 18:16:27 +00:00
} else if page == - 1 {
2017-09-03 04:50:31 +00:00
page = lastPage
2017-07-17 10:23:42 +00:00
offset = ( config . ItemsPerPage * page ) - config . ItemsPerPage
2017-01-21 18:16:27 +00:00
} else {
page = 1
}
2017-05-29 14:52:37 +00:00
2016-12-02 07:38:54 +00:00
// Get the replies..
2017-07-17 10:23:42 +00:00
rows , err := get_topic_replies_offset_stmt . Query ( topic . ID , offset , config . ItemsPerPage )
2017-06-28 12:05:26 +00:00
if err == ErrNoRows {
2017-09-03 04:50:31 +00:00
LocalError ( "Bad Page. Some of the posts may have been deleted or you got here by directly typing in the page number." , w , r , user )
2017-01-21 18:16:27 +00:00
return
} else if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2016-12-02 07:38:54 +00:00
return
}
2017-08-06 15:22:18 +00:00
defer rows . Close ( )
2017-05-29 14:52:37 +00:00
2017-09-03 04:50:31 +00:00
replyItem := Reply { ClassName : "" }
2016-12-02 07:38:54 +00:00
for rows . Next ( ) {
2017-09-03 04:50:31 +00:00
err := rows . Scan ( & replyItem . ID , & replyItem . Content , & replyItem . CreatedBy , & replyItem . CreatedAt , & replyItem . LastEdit , & replyItem . LastEditBy , & replyItem . Avatar , & replyItem . CreatedByName , & replyItem . Group , & replyItem . URLPrefix , & replyItem . URLName , & replyItem . Level , & replyItem . IPAddress , & replyItem . LikeCount , & replyItem . ActionType )
2016-12-02 07:38:54 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2016-12-02 07:38:54 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-09-03 04:50:31 +00:00
replyItem . UserLink = buildProfileURL ( nameToSlug ( replyItem . CreatedByName ) , replyItem . CreatedBy )
2017-01-17 07:55:46 +00:00
replyItem . ParentID = topic . ID
2017-09-03 04:50:31 +00:00
replyItem . ContentHtml = parseMessage ( replyItem . Content )
replyItem . ContentLines = strings . Count ( replyItem . Content , "\n" )
2017-05-29 14:52:37 +00:00
2017-09-03 04:50:31 +00:00
if groups [ replyItem . Group ] . IsMod || groups [ replyItem . Group ] . IsAdmin {
2017-07-17 10:23:42 +00:00
replyItem . ClassName = config . StaffCss
2016-12-04 06:16:59 +00:00
} else {
2017-07-17 10:23:42 +00:00
replyItem . ClassName = ""
2016-12-04 06:16:59 +00:00
}
2017-05-29 14:52:37 +00:00
2017-01-17 07:55:46 +00:00
if replyItem . Avatar != "" {
if replyItem . Avatar [ 0 ] == '.' {
replyItem . Avatar = "/uploads/avatar_" + strconv . Itoa ( replyItem . CreatedBy ) + replyItem . Avatar
2016-12-07 09:34:09 +00:00
}
} else {
2017-09-03 04:50:31 +00:00
replyItem . Avatar = strings . Replace ( config . Noavatar , "{id}" , strconv . Itoa ( replyItem . CreatedBy ) , 1 )
2016-12-07 09:34:09 +00:00
}
2017-05-29 14:52:37 +00:00
2017-02-11 14:51:16 +00:00
replyItem . Tag = groups [ replyItem . Group ] . Tag
2017-05-29 14:52:37 +00:00
2017-08-20 09:39:02 +00:00
/ * if headerVars . Settings [ "url_tags" ] == false {
2017-01-17 07:55:46 +00:00
replyItem . URLName = ""
2016-12-09 13:46:29 +00:00
} else {
2017-01-17 07:55:46 +00:00
replyItem . URL , ok = external_sites [ replyItem . URLPrefix ]
2016-12-09 13:46:29 +00:00
if ! ok {
2017-01-17 07:55:46 +00:00
replyItem . URL = replyItem . URLName
2016-12-09 13:46:29 +00:00
} else {
2017-01-17 07:55:46 +00:00
replyItem . URL = replyItem . URL + replyItem . URLName
2016-12-09 13:46:29 +00:00
}
2017-02-10 13:39:13 +00:00
} * /
2017-05-29 14:52:37 +00:00
2017-09-03 04:50:31 +00:00
replyItem . CreatedAt , err = relativeTime ( replyItem . CreatedAt )
2017-06-12 09:03:14 +00:00
if err != nil {
replyItem . CreatedAt = ""
}
2017-04-02 13:00:40 +00:00
// We really shouldn't have inline HTML, we should do something about this...
if replyItem . ActionType != "" {
2017-09-03 04:50:31 +00:00
switch replyItem . ActionType {
case "lock" :
replyItem . ActionType = "This topic has been locked by <a href='" + replyItem . UserLink + "'>" + replyItem . CreatedByName + "</a>"
replyItem . ActionIcon = "🔒︎"
case "unlock" :
replyItem . ActionType = "This topic has been reopened by <a href='" + replyItem . UserLink + "'>" + replyItem . CreatedByName + "</a>"
replyItem . ActionIcon = "🔓︎"
case "stick" :
replyItem . ActionType = "This topic has been pinned by <a href='" + replyItem . UserLink + "'>" + replyItem . CreatedByName + "</a>"
replyItem . ActionIcon = "📌︎"
case "unstick" :
replyItem . ActionType = "This topic has been unpinned by <a href='" + replyItem . UserLink + "'>" + replyItem . CreatedByName + "</a>"
replyItem . ActionIcon = "📌︎"
default :
replyItem . ActionType = replyItem . ActionType + " has happened"
replyItem . ActionIcon = ""
2017-04-02 13:00:40 +00:00
}
}
2017-02-10 13:39:13 +00:00
replyItem . Liked = false
2017-05-29 14:52:37 +00:00
2017-09-10 16:57:22 +00:00
// TODO: Rename this to topic_rrow_assign
2016-12-11 16:06:17 +00:00
if hooks [ "rrow_assign" ] != nil {
2017-09-03 04:50:31 +00:00
runHook ( "rrow_assign" , & replyItem )
2016-12-11 16:06:17 +00:00
}
2016-12-18 12:56:06 +00:00
replyList = append ( replyList , replyItem )
2016-12-02 07:38:54 +00:00
}
err = rows . Err ( )
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2016-12-02 07:38:54 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-09-03 04:50:31 +00:00
tpage := TopicPage { topic . Title , user , headerVars , replyList , topic , page , lastPage }
if preRenderHooks [ "pre_render_view_topic" ] != nil {
if runPreRenderHook ( "pre_render_view_topic" , w , r , & user , & tpage ) {
2017-07-12 11:05:18 +00:00
return
}
}
2017-09-03 04:50:31 +00:00
RunThemeTemplate ( headerVars . ThemeName , "topic" , tpage , w )
2016-12-02 07:38:54 +00:00
}
2016-12-07 09:34:09 +00:00
2017-09-11 10:24:03 +00:00
func routeProfile ( w http . ResponseWriter , r * http . Request , user User ) {
2017-09-10 17:39:16 +00:00
headerVars , ok := UserCheck ( w , r , & user )
2016-12-16 10:37:42 +00:00
if ! ok {
return
}
2017-05-29 14:52:37 +00:00
2017-04-06 17:37:32 +00:00
var err error
2017-07-17 10:23:42 +00:00
var replyContent , replyCreatedByName , replyCreatedAt , replyAvatar , replyTag , replyClassName string
2017-04-06 17:37:32 +00:00
var rid , replyCreatedBy , replyLastEdit , replyLastEditBy , replyLines , replyGroup int
var replyList [ ] Reply
2017-05-29 14:52:37 +00:00
2017-06-28 12:05:26 +00:00
// SEO URLs...
2017-09-03 04:50:31 +00:00
halves := strings . Split ( r . URL . Path [ len ( "/user/" ) : ] , "." )
2017-06-28 12:05:26 +00:00
if len ( halves ) < 2 {
2017-09-03 04:50:31 +00:00
halves = append ( halves , halves [ 0 ] )
2017-06-28 12:05:26 +00:00
}
pid , err := strconv . Atoi ( halves [ 1 ] )
2016-12-07 09:34:09 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
LocalError ( "The provided User ID is not a valid number." , w , r , user )
2016-12-07 09:34:09 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-02-15 10:49:30 +00:00
var puser * User
if pid == user . ID {
2017-09-03 04:50:31 +00:00
user . IsMod = true
2017-02-15 10:49:30 +00:00
puser = & user
2016-12-07 13:46:14 +00:00
} else {
// Fetch the user data
2017-02-15 10:49:30 +00:00
puser , err = users . CascadeGet ( pid )
2017-06-28 12:05:26 +00:00
if err == ErrNoRows {
2017-09-03 04:50:31 +00:00
NotFound ( w , r )
2016-12-07 13:46:14 +00:00
return
} else if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2016-12-07 13:46:14 +00:00
return
}
2016-12-07 09:34:09 +00:00
}
2017-05-29 14:52:37 +00:00
2016-12-07 09:34:09 +00:00
// Get the replies..
2017-06-06 14:41:06 +00:00
rows , err := get_profile_replies_stmt . Query ( puser . ID )
2016-12-07 09:34:09 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2016-12-07 09:34:09 +00:00
return
}
defer rows . Close ( )
2017-05-29 14:52:37 +00:00
2016-12-07 09:34:09 +00:00
for rows . Next ( ) {
2017-02-11 14:51:16 +00:00
err := rows . Scan ( & rid , & replyContent , & replyCreatedBy , & replyCreatedAt , & replyLastEdit , & replyLastEditBy , & replyAvatar , & replyCreatedByName , & replyGroup )
2016-12-07 09:34:09 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2016-12-07 09:34:09 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-09-03 04:50:31 +00:00
replyLines = strings . Count ( replyContent , "\n" )
if groups [ replyGroup ] . IsMod || groups [ replyGroup ] . IsAdmin {
2017-07-17 10:23:42 +00:00
replyClassName = config . StaffCss
2016-12-07 09:34:09 +00:00
} else {
2017-07-17 10:23:42 +00:00
replyClassName = ""
2016-12-07 09:34:09 +00:00
}
if replyAvatar != "" {
if replyAvatar [ 0 ] == '.' {
replyAvatar = "/uploads/avatar_" + strconv . Itoa ( replyCreatedBy ) + replyAvatar
}
} else {
2017-09-03 04:50:31 +00:00
replyAvatar = strings . Replace ( config . Noavatar , "{id}" , strconv . Itoa ( replyCreatedBy ) , 1 )
2016-12-07 09:34:09 +00:00
}
2017-05-29 14:52:37 +00:00
2017-02-11 14:51:16 +00:00
if groups [ replyGroup ] . Tag != "" {
replyTag = groups [ replyGroup ] . Tag
2016-12-07 09:34:09 +00:00
} else if puser . ID == replyCreatedBy {
replyTag = "Profile Owner"
} else {
replyTag = ""
}
2017-05-29 14:52:37 +00:00
2017-02-10 13:39:13 +00:00
replyLiked := false
replyLikeCount := 0
2017-05-29 14:52:37 +00:00
2017-09-10 16:57:22 +00:00
// TODO: Add a hook here
2017-07-12 11:05:18 +00:00
2017-09-03 04:50:31 +00:00
replyList = append ( replyList , Reply { rid , puser . ID , replyContent , parseMessage ( replyContent ) , replyCreatedBy , buildProfileURL ( nameToSlug ( replyCreatedByName ) , replyCreatedBy ) , replyCreatedByName , replyGroup , replyCreatedAt , replyLastEdit , replyLastEditBy , replyAvatar , replyClassName , replyLines , replyTag , "" , "" , "" , 0 , "" , replyLiked , replyLikeCount , "" , "" } )
2016-12-07 09:34:09 +00:00
}
err = rows . Err ( )
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2016-12-07 09:34:09 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-09-03 04:50:31 +00:00
ppage := ProfilePage { puser . Name + "'s Profile" , user , headerVars , replyList , * puser }
if preRenderHooks [ "pre_render_profile" ] != nil {
if runPreRenderHook ( "pre_render_profile" , w , r , & user , & ppage ) {
2017-07-12 11:05:18 +00:00
return
}
}
2017-09-03 04:50:31 +00:00
template_profile_handle ( ppage , w )
2016-12-07 09:34:09 +00:00
}
2017-09-11 10:24:03 +00:00
func routeTopicCreate ( w http . ResponseWriter , r * http . Request , user User , sfid string ) {
2017-02-05 14:41:53 +00:00
var fid int
var err error
if sfid != "" {
fid , err = strconv . Atoi ( sfid )
if err != nil {
2017-09-03 04:50:31 +00:00
PreError ( "The provided ForumID is not a valid number." , w , r )
2017-02-05 14:41:53 +00:00
return
}
}
2017-05-29 14:52:37 +00:00
2017-09-10 17:39:16 +00:00
headerVars , ok := ForumUserCheck ( w , r , & user , fid )
2017-02-05 16:36:54 +00:00
if ! ok {
return
}
if ! user . Loggedin || ! user . Perms . CreateTopic {
2017-09-03 04:50:31 +00:00
NoPermissions ( w , r , user )
2017-02-05 16:36:54 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-09-03 04:50:31 +00:00
BuildWidgets ( "create_topic" , nil , headerVars , r )
2017-07-12 11:05:18 +00:00
// Lock this to the forum being linked?
// Should we always put it in strictmode when it's linked from another forum? Well, the user might end up changing their mind on what forum they want to post in and it would be a hassle, if they had to switch pages, even if it is a single click for many (exc. mobile)
var strictmode bool
if vhooks [ "topic_create_pre_loop" ] != nil {
2017-09-03 04:50:31 +00:00
runVhook ( "topic_create_pre_loop" , w , r , fid , & headerVars , & user , & strictmode )
2017-07-12 11:05:18 +00:00
}
2017-09-10 16:57:22 +00:00
// TODO: Re-add support for plugin_socialgroups
2017-02-05 14:41:53 +00:00
var forumList [ ] Forum
2017-07-12 11:05:18 +00:00
var canSee [ ] int
2017-09-03 04:50:31 +00:00
if user . IsSuperAdmin {
2017-09-10 16:57:22 +00:00
canSee , err = fstore . GetAllVisibleIDs ( )
2017-07-12 11:05:18 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2017-07-12 11:05:18 +00:00
return
}
} else {
group := groups [ user . Group ]
canSee = group . CanSee
}
2017-09-10 16:57:22 +00:00
// TODO: plugin_superadmin needs to be able to override this loop. Skip flag on topic_create_pre_loop?
2017-07-12 11:05:18 +00:00
for _ , ffid := range canSee {
2017-09-10 16:57:22 +00:00
// TODO: Surely, there's a better way of doing this. I've added it in for now to support plugin_socialgroups, but we really need to clean this up
2017-07-12 11:05:18 +00:00
if strictmode && ffid != fid {
continue
}
// Do a bulk forum fetch, just in case it's the SqlForumStore?
forum := fstore . DirtyGet ( ffid )
2017-09-10 16:57:22 +00:00
fcopy := * forum
if hooks [ "topic_create_frow_assign" ] != nil {
// TODO: Add the skip feature to all the other row based hooks?
if runHook ( "topic_create_frow_assign" , & fcopy ) . ( bool ) {
continue
2017-07-12 11:05:18 +00:00
}
2017-02-05 14:41:53 +00:00
}
2017-09-10 16:57:22 +00:00
forumList = append ( forumList , fcopy )
2017-02-05 14:41:53 +00:00
}
2017-05-29 14:52:37 +00:00
2017-09-03 04:50:31 +00:00
ctpage := CreateTopicPage { "Create Topic" , user , headerVars , forumList , fid }
if preRenderHooks [ "pre_render_create_topic" ] != nil {
if runPreRenderHook ( "pre_render_create_topic" , w , r , & user , & ctpage ) {
2017-07-12 11:05:18 +00:00
return
}
}
2017-09-03 04:50:31 +00:00
template_create_topic_handle ( ctpage , w )
2016-12-02 07:38:54 +00:00
}
2017-05-29 14:52:37 +00:00
2016-12-02 07:38:54 +00:00
// POST functions. Authorised users only.
2017-09-11 10:24:03 +00:00
func routeTopicCreateSubmit ( w http . ResponseWriter , r * http . Request , user User ) {
2016-12-02 07:38:54 +00:00
err := r . ParseForm ( )
2016-12-02 11:00:07 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
PreError ( "Bad Form" , w , r )
2017-05-29 14:52:37 +00:00
return
2016-12-02 11:00:07 +00:00
}
2017-05-29 14:52:37 +00:00
2017-02-05 14:41:53 +00:00
fid , err := strconv . Atoi ( r . PostFormValue ( "topic-board" ) )
if err != nil {
2017-09-03 04:50:31 +00:00
PreError ( "The provided ForumID is not a valid number." , w , r )
2017-02-05 14:41:53 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-09-10 16:57:22 +00:00
// TODO: Add hooks to make use of headerLite
2017-09-10 17:39:16 +00:00
_ , ok := SimpleForumUserCheck ( w , r , & user , fid )
2017-02-05 16:36:54 +00:00
if ! ok {
return
}
if ! user . Loggedin || ! user . Perms . CreateTopic {
2017-09-03 04:50:31 +00:00
NoPermissions ( w , r , user )
2017-02-05 16:36:54 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-09-10 16:57:22 +00:00
topicName := html . EscapeString ( r . PostFormValue ( "topic-name" ) )
2017-09-03 04:50:31 +00:00
content := html . EscapeString ( preparseMessage ( r . PostFormValue ( "topic-content" ) ) )
2017-01-17 07:55:46 +00:00
ipaddress , _ , err := net . SplitHostPort ( r . RemoteAddr )
if err != nil {
2017-09-03 04:50:31 +00:00
LocalError ( "Bad IP" , w , r , user )
2017-01-17 07:55:46 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-09-03 04:50:31 +00:00
wcount := wordCount ( content )
2017-09-10 16:57:22 +00:00
res , err := create_topic_stmt . Exec ( fid , topicName , content , parseMessage ( content ) , user . ID , ipaddress , wcount , user . ID )
2016-12-02 07:38:54 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2017-01-12 02:55:08 +00:00
return
2016-12-02 07:38:54 +00:00
}
2017-09-03 04:50:31 +00:00
lastID , err := res . LastInsertId ( )
2016-12-02 07:38:54 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2017-01-12 02:55:08 +00:00
return
2016-12-02 07:38:54 +00:00
}
2017-05-29 14:52:37 +00:00
2017-06-28 12:05:26 +00:00
err = fstore . IncrementTopicCount ( fid )
2017-01-26 13:37:50 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2017-01-26 13:37:50 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-09-03 04:50:31 +00:00
_ , err = add_subscription_stmt . Exec ( user . ID , lastID , "topic" )
2017-03-05 07:53:41 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2017-03-05 07:53:41 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-09-03 04:50:31 +00:00
http . Redirect ( w , r , "/topic/" + strconv . FormatInt ( lastID , 10 ) , http . StatusSeeOther )
2017-09-10 16:57:22 +00:00
err = user . increasePostStats ( wcount , true )
2017-01-12 02:55:08 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2017-01-12 02:55:08 +00:00
return
2016-12-02 07:38:54 +00:00
}
2017-06-28 12:05:26 +00:00
2017-09-10 16:57:22 +00:00
err = fstore . UpdateLastTopic ( topicName , int ( lastID ) , user . Name , user . ID , time . Now ( ) . Format ( "2006-01-02 15:04:05" ) , fid )
2017-06-28 12:05:26 +00:00
if err != nil && err != ErrNoRows {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2017-06-28 12:05:26 +00:00
}
2016-12-02 07:38:54 +00:00
}
2017-09-11 10:24:03 +00:00
func routeCreateReply ( w http . ResponseWriter , r * http . Request , user User ) {
2016-12-02 07:38:54 +00:00
err := r . ParseForm ( )
2016-12-02 11:00:07 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
PreError ( "Bad Form" , w , r )
2017-05-29 14:52:37 +00:00
return
2016-12-02 11:00:07 +00:00
}
2016-12-03 13:45:08 +00:00
tid , err := strconv . Atoi ( r . PostFormValue ( "tid" ) )
2016-12-02 07:38:54 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
PreError ( "Failed to convert the Topic ID" , w , r )
2017-02-05 16:36:54 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-06-12 09:03:14 +00:00
topic , err := topics . CascadeGet ( tid )
2017-06-28 12:05:26 +00:00
if err == ErrNoRows {
2017-09-03 04:50:31 +00:00
PreError ( "Couldn't find the parent topic" , w , r )
2017-02-05 16:36:54 +00:00
return
} else if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2017-02-05 16:36:54 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-09-10 16:57:22 +00:00
// TODO: Add hooks to make use of headerLite
2017-09-10 17:39:16 +00:00
_ , ok := SimpleForumUserCheck ( w , r , & user , topic . ParentID )
2017-02-05 16:36:54 +00:00
if ! ok {
return
}
if ! user . Loggedin || ! user . Perms . CreateReply {
2017-09-03 04:50:31 +00:00
NoPermissions ( w , r , user )
2016-12-02 07:38:54 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-09-03 04:50:31 +00:00
content := preparseMessage ( html . EscapeString ( r . PostFormValue ( "reply-content" ) ) )
2017-01-17 07:55:46 +00:00
ipaddress , _ , err := net . SplitHostPort ( r . RemoteAddr )
if err != nil {
2017-09-03 04:50:31 +00:00
LocalError ( "Bad IP" , w , r , user )
2017-01-17 07:55:46 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-09-03 04:50:31 +00:00
wcount := wordCount ( content )
_ , err = create_reply_stmt . Exec ( tid , content , parseMessage ( content ) , ipaddress , wcount , user . ID )
2016-12-02 07:38:54 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2016-12-03 13:45:08 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-09-03 04:50:31 +00:00
_ , err = add_replies_to_topic_stmt . Exec ( 1 , user . ID , tid )
2017-01-21 18:16:27 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2017-01-21 18:16:27 +00:00
return
}
2017-09-03 04:50:31 +00:00
err = fstore . UpdateLastTopic ( topic . Title , tid , user . Name , user . ID , time . Now ( ) . Format ( "2006-01-02 15:04:05" ) , topic . ParentID )
2017-08-18 12:16:56 +00:00
if err != nil && err != ErrNoRows {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2016-12-03 13:45:08 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-09-03 04:50:31 +00:00
res , err := add_activity_stmt . Exec ( user . ID , topic . CreatedBy , "reply" , "topic" , tid )
2017-03-05 07:53:41 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2017-03-05 07:53:41 +00:00
return
}
2017-09-03 04:50:31 +00:00
lastID , err := res . LastInsertId ( )
2017-03-05 07:53:41 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2017-03-05 07:53:41 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-09-03 04:50:31 +00:00
_ , err = notify_watchers_stmt . Exec ( lastID )
2017-03-05 07:53:41 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2017-03-05 07:53:41 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-06-12 09:03:14 +00:00
// Alert the subscribers about this post without blocking this post from being posted
2017-09-03 04:50:31 +00:00
if enableWebsockets {
go notifyWatchers ( lastID )
2017-06-12 09:03:14 +00:00
}
2017-03-15 08:34:14 +00:00
// Reload the topic...
err = topics . Load ( tid )
2017-06-28 12:05:26 +00:00
if err != nil && err == ErrNoRows {
2017-09-03 04:50:31 +00:00
LocalError ( "The destination no longer exists" , w , r , user )
2017-03-15 08:34:14 +00:00
return
} else if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2017-03-15 08:34:14 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-09-03 04:50:31 +00:00
http . Redirect ( w , r , "/topic/" + strconv . Itoa ( tid ) , http . StatusSeeOther )
2017-09-10 16:57:22 +00:00
err = user . increasePostStats ( wcount , false )
2017-01-12 02:55:08 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2017-01-12 02:55:08 +00:00
return
}
2016-12-02 07:38:54 +00:00
}
2017-09-11 10:24:03 +00:00
func routeLikeTopic ( w http . ResponseWriter , r * http . Request , user User ) {
2017-02-10 13:39:13 +00:00
err := r . ParseForm ( )
if err != nil {
2017-09-03 04:50:31 +00:00
PreError ( "Bad Form" , w , r )
2017-05-29 14:52:37 +00:00
return
2017-02-10 13:39:13 +00:00
}
2017-05-29 14:52:37 +00:00
2017-02-10 13:39:13 +00:00
tid , err := strconv . Atoi ( r . URL . Path [ len ( "/topic/like/submit/" ) : ] )
if err != nil {
2017-09-03 04:50:31 +00:00
PreError ( "Topic IDs can only ever be numbers." , w , r )
2017-02-10 13:39:13 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-06-12 09:03:14 +00:00
topic , err := topics . CascadeGet ( tid )
2017-06-28 12:05:26 +00:00
if err == ErrNoRows {
2017-09-03 04:50:31 +00:00
PreError ( "The requested topic doesn't exist." , w , r )
2017-02-10 13:39:13 +00:00
return
} else if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2017-02-10 13:39:13 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-09-10 16:57:22 +00:00
// TODO: Add hooks to make use of headerLite
2017-09-10 17:39:16 +00:00
_ , ok := SimpleForumUserCheck ( w , r , & user , topic . ParentID )
2017-02-10 13:39:13 +00:00
if ! ok {
return
}
if ! user . Perms . ViewTopic || ! user . Perms . LikeItem {
2017-09-03 04:50:31 +00:00
NoPermissions ( w , r , user )
2017-02-10 13:39:13 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-06-12 09:03:14 +00:00
if topic . CreatedBy == user . ID {
2017-09-03 04:50:31 +00:00
LocalError ( "You can't like your own topics" , w , r , user )
2017-06-10 07:58:15 +00:00
return
}
2017-09-03 04:50:31 +00:00
err = has_liked_topic_stmt . QueryRow ( user . ID , tid ) . Scan ( & tid )
2017-06-28 12:05:26 +00:00
if err != nil && err != ErrNoRows {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2017-02-10 13:39:13 +00:00
return
2017-06-28 12:05:26 +00:00
} else if err != ErrNoRows {
2017-09-03 04:50:31 +00:00
LocalError ( "You already liked this!" , w , r , user )
2017-02-10 13:39:13 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-06-12 09:03:14 +00:00
_ , err = users . CascadeGet ( topic . CreatedBy )
2017-06-28 12:05:26 +00:00
if err != nil && err == ErrNoRows {
2017-09-03 04:50:31 +00:00
LocalError ( "The target user doesn't exist" , w , r , user )
2017-03-03 16:28:49 +00:00
return
} else if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2017-03-03 16:28:49 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-02-10 13:39:13 +00:00
score := 1
2017-09-03 04:50:31 +00:00
_ , err = create_like_stmt . Exec ( score , tid , "topics" , user . ID )
2017-02-10 13:39:13 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2017-02-10 13:39:13 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-09-03 04:50:31 +00:00
_ , err = add_likes_to_topic_stmt . Exec ( 1 , tid )
2017-02-10 13:39:13 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2017-02-10 13:39:13 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-09-03 04:50:31 +00:00
res , err := add_activity_stmt . Exec ( user . ID , topic . CreatedBy , "like" , "topic" , tid )
2017-03-03 16:28:49 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2017-03-03 16:28:49 +00:00
return
}
2017-09-03 04:50:31 +00:00
lastID , err := res . LastInsertId ( )
2017-03-03 16:28:49 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2017-03-03 16:28:49 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-09-03 04:50:31 +00:00
_ , err = notify_one_stmt . Exec ( topic . CreatedBy , lastID )
2017-03-03 16:28:49 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2017-03-03 16:28:49 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-06-10 07:58:15 +00:00
// Live alerts, if the poster is online and WebSockets is enabled
2017-09-03 04:50:31 +00:00
_ = wsHub . pushAlert ( topic . CreatedBy , int ( lastID ) , "like" , "topic" , user . ID , topic . CreatedBy , tid )
2017-06-10 07:58:15 +00:00
2017-03-05 07:53:41 +00:00
// Reload the topic...
err = topics . Load ( tid )
2017-06-28 12:05:26 +00:00
if err != nil && err == ErrNoRows {
2017-09-03 04:50:31 +00:00
LocalError ( "The liked topic no longer exists" , w , r , user )
2017-03-05 07:53:41 +00:00
return
} else if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2017-03-05 07:53:41 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-09-03 04:50:31 +00:00
http . Redirect ( w , r , "/topic/" + strconv . Itoa ( tid ) , http . StatusSeeOther )
2017-02-10 13:39:13 +00:00
}
2017-09-11 10:24:03 +00:00
func routeReplyLikeSubmit ( w http . ResponseWriter , r * http . Request , user User ) {
2017-02-10 13:39:13 +00:00
err := r . ParseForm ( )
if err != nil {
2017-09-03 04:50:31 +00:00
PreError ( "Bad Form" , w , r )
2017-05-29 14:52:37 +00:00
return
2017-02-10 13:39:13 +00:00
}
2017-05-29 14:52:37 +00:00
2017-02-10 13:39:13 +00:00
rid , err := strconv . Atoi ( r . URL . Path [ len ( "/reply/like/submit/" ) : ] )
if err != nil {
2017-09-03 04:50:31 +00:00
PreError ( "The provided Reply ID is not a valid number." , w , r )
2017-02-10 13:39:13 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-09-03 04:50:31 +00:00
reply , err := getReply ( rid )
2017-06-28 12:05:26 +00:00
if err == ErrNoRows {
2017-09-03 04:50:31 +00:00
PreError ( "You can't like something which doesn't exist!" , w , r )
2017-02-10 13:39:13 +00:00
return
} else if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2017-02-10 13:39:13 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-02-10 13:39:13 +00:00
var fid int
2017-06-14 07:09:44 +00:00
err = get_topic_fid_stmt . QueryRow ( reply . ParentID ) . Scan ( & fid )
2017-06-28 12:05:26 +00:00
if err == ErrNoRows {
2017-09-03 04:50:31 +00:00
PreError ( "The parent topic doesn't exist." , w , r )
2017-02-10 13:39:13 +00:00
return
} else if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2017-02-10 13:39:13 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-09-10 16:57:22 +00:00
// TODO: Add hooks to make use of headerLite
2017-09-10 17:39:16 +00:00
_ , ok := SimpleForumUserCheck ( w , r , & user , fid )
2017-02-10 13:39:13 +00:00
if ! ok {
return
}
if ! user . Perms . ViewTopic || ! user . Perms . LikeItem {
2017-09-03 04:50:31 +00:00
NoPermissions ( w , r , user )
2017-02-10 13:39:13 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-06-14 07:09:44 +00:00
if reply . CreatedBy == user . ID {
2017-09-03 04:50:31 +00:00
LocalError ( "You can't like your own replies" , w , r , user )
2017-06-10 07:58:15 +00:00
return
}
2017-06-07 10:07:40 +00:00
err = has_liked_reply_stmt . QueryRow ( user . ID , rid ) . Scan ( & rid )
2017-06-28 12:05:26 +00:00
if err != nil && err != ErrNoRows {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2017-02-10 13:39:13 +00:00
return
2017-06-28 12:05:26 +00:00
} else if err != ErrNoRows {
2017-09-03 04:50:31 +00:00
LocalError ( "You already liked this!" , w , r , user )
2017-02-10 13:39:13 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-06-14 07:09:44 +00:00
_ , err = users . CascadeGet ( reply . CreatedBy )
2017-06-28 12:05:26 +00:00
if err != nil && err != ErrNoRows {
2017-09-03 04:50:31 +00:00
LocalError ( "The target user doesn't exist" , w , r , user )
2017-03-03 16:28:49 +00:00
return
} else if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2017-03-03 16:28:49 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-02-10 13:39:13 +00:00
score := 1
2017-09-03 04:50:31 +00:00
_ , err = create_like_stmt . Exec ( score , rid , "replies" , user . ID )
2017-02-10 13:39:13 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2017-02-10 13:39:13 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-09-03 04:50:31 +00:00
_ , err = add_likes_to_reply_stmt . Exec ( 1 , rid )
2017-02-10 13:39:13 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2017-02-10 13:39:13 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-09-03 04:50:31 +00:00
res , err := add_activity_stmt . Exec ( user . ID , reply . CreatedBy , "like" , "post" , rid )
2017-03-03 16:28:49 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2017-03-03 16:28:49 +00:00
return
}
2017-09-03 04:50:31 +00:00
lastID , err := res . LastInsertId ( )
2017-03-03 16:28:49 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2017-03-03 16:28:49 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-09-03 04:50:31 +00:00
_ , err = notify_one_stmt . Exec ( reply . CreatedBy , lastID )
2017-03-03 16:28:49 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2017-03-03 16:28:49 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-06-10 07:58:15 +00:00
// Live alerts, if the poster is online and WebSockets is enabled
2017-09-03 04:50:31 +00:00
_ = wsHub . pushAlert ( reply . CreatedBy , int ( lastID ) , "like" , "post" , user . ID , reply . CreatedBy , rid )
2017-06-10 07:58:15 +00:00
2017-09-03 04:50:31 +00:00
http . Redirect ( w , r , "/topic/" + strconv . Itoa ( reply . ParentID ) , http . StatusSeeOther )
2017-02-10 13:39:13 +00:00
}
2017-09-11 10:24:03 +00:00
func routeProfileReplyCreate ( w http . ResponseWriter , r * http . Request , user User ) {
2016-12-21 02:30:32 +00:00
if ! user . Loggedin || ! user . Perms . CreateReply {
2017-09-03 04:50:31 +00:00
NoPermissions ( w , r , user )
2016-12-03 10:25:39 +00:00
return
}
2017-05-29 14:52:37 +00:00
2016-12-02 07:38:54 +00:00
err := r . ParseForm ( )
2016-12-02 11:00:07 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
LocalError ( "Bad Form" , w , r , user )
2017-05-29 14:52:37 +00:00
return
2016-12-02 11:00:07 +00:00
}
2016-12-07 09:34:09 +00:00
uid , err := strconv . Atoi ( r . PostFormValue ( "uid" ) )
2016-12-02 11:00:07 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
LocalError ( "Invalid UID" , w , r , user )
2016-12-02 07:38:54 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-06-14 07:09:44 +00:00
ipaddress , _ , err := net . SplitHostPort ( r . RemoteAddr )
if err != nil {
2017-09-03 04:50:31 +00:00
LocalError ( "Bad IP" , w , r , user )
2017-06-14 07:09:44 +00:00
return
}
2017-09-03 04:50:31 +00:00
_ , err = create_profile_reply_stmt . Exec ( uid , html . EscapeString ( preparseMessage ( r . PostFormValue ( "reply-content" ) ) ) , parseMessage ( html . EscapeString ( preparseMessage ( r . PostFormValue ( "reply-content" ) ) ) ) , user . ID , ipaddress )
2016-12-02 07:38:54 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2017-01-12 02:55:08 +00:00
return
2016-12-02 07:38:54 +00:00
}
2017-05-29 14:52:37 +00:00
2017-09-10 16:57:22 +00:00
var userName string
err = get_user_name_stmt . QueryRow ( uid ) . Scan ( & userName )
2017-06-28 12:05:26 +00:00
if err == ErrNoRows {
2017-09-03 04:50:31 +00:00
LocalError ( "The profile you're trying to post on doesn't exist." , w , r , user )
2017-01-12 02:55:08 +00:00
return
2016-12-02 07:38:54 +00:00
} else if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2016-12-02 07:38:54 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-09-03 04:50:31 +00:00
http . Redirect ( w , r , "/user/" + strconv . Itoa ( uid ) , http . StatusSeeOther )
2016-12-02 07:38:54 +00:00
}
2017-09-11 10:24:03 +00:00
func routeReportSubmit ( w http . ResponseWriter , r * http . Request , user User , sitemID string ) {
2016-12-11 16:06:17 +00:00
if ! user . Loggedin {
2017-09-03 04:50:31 +00:00
LoginRequired ( w , r , user )
2016-12-11 16:06:17 +00:00
return
}
2017-09-03 04:50:31 +00:00
if user . IsBanned {
Banned ( w , r , user )
2016-12-11 16:06:17 +00:00
return
}
2017-05-29 14:52:37 +00:00
2016-12-11 16:06:17 +00:00
err := r . ParseForm ( )
if err != nil {
2017-09-03 04:50:31 +00:00
LocalError ( "Bad Form" , w , r , user )
2016-12-11 16:06:17 +00:00
return
}
if r . FormValue ( "session" ) != user . Session {
2017-09-03 04:50:31 +00:00
SecurityError ( w , r , user )
2016-12-11 16:06:17 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-09-10 16:57:22 +00:00
itemID , err := strconv . Atoi ( sitemID )
2016-12-11 16:06:17 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
LocalError ( "Bad ID" , w , r , user )
2016-12-11 16:06:17 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-09-10 16:57:22 +00:00
itemType := r . FormValue ( "type" )
2017-05-29 14:52:37 +00:00
2017-09-10 16:57:22 +00:00
var fid = 1
2017-06-12 09:03:14 +00:00
var title , content string
2017-09-10 16:57:22 +00:00
if itemType == "reply" {
reply , err := getReply ( itemID )
2017-06-28 12:05:26 +00:00
if err == ErrNoRows {
2017-09-03 04:50:31 +00:00
LocalError ( "We were unable to find the reported post" , w , r , user )
2016-12-11 16:06:17 +00:00
return
} else if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2016-12-11 16:06:17 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-06-14 07:09:44 +00:00
topic , err := topics . CascadeGet ( reply . ParentID )
2017-06-28 12:05:26 +00:00
if err == ErrNoRows {
2017-09-03 04:50:31 +00:00
LocalError ( "We weren't able to find the topic the reported post is supposed to be in" , w , r , user )
2016-12-11 16:06:17 +00:00
return
} else if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2016-12-11 16:06:17 +00:00
return
}
2017-06-12 09:03:14 +00:00
title = "Reply: " + topic . Title
2017-09-10 16:57:22 +00:00
content = reply . Content + "\n\nOriginal Post: #rid-" + strconv . Itoa ( itemID )
} else if itemType == "user-reply" {
userReply , err := getUserReply ( itemID )
2017-06-28 12:05:26 +00:00
if err == ErrNoRows {
2017-09-03 04:50:31 +00:00
LocalError ( "We weren't able to find the reported post" , w , r , user )
2016-12-13 02:14:14 +00:00
return
} else if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2016-12-13 02:14:14 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-09-03 04:50:31 +00:00
err = get_user_name_stmt . QueryRow ( userReply . ParentID ) . Scan ( & title )
2017-06-28 12:05:26 +00:00
if err == ErrNoRows {
2017-09-03 04:50:31 +00:00
LocalError ( "We weren't able to find the profile the reported post is supposed to be on" , w , r , user )
2016-12-13 02:14:14 +00:00
return
} else if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2016-12-13 02:14:14 +00:00
return
}
2017-06-07 10:07:40 +00:00
title = "Profile: " + title
2017-09-03 04:50:31 +00:00
content = userReply . Content + "\n\nOriginal Post: @" + strconv . Itoa ( userReply . ParentID )
2017-09-10 16:57:22 +00:00
} else if itemType == "topic" {
err = get_topic_basic_stmt . QueryRow ( itemID ) . Scan ( & title , & content )
2017-06-28 12:05:26 +00:00
if err == ErrNoRows {
2017-09-03 04:50:31 +00:00
NotFound ( w , r )
2016-12-11 16:06:17 +00:00
return
} else if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2016-12-11 16:06:17 +00:00
return
}
2017-06-07 10:07:40 +00:00
title = "Topic: " + title
2017-09-10 16:57:22 +00:00
content = content + "\n\nOriginal Post: #tid-" + strconv . Itoa ( itemID )
2016-12-11 16:06:17 +00:00
} else {
2016-12-13 02:14:14 +00:00
if vhooks [ "report_preassign" ] != nil {
2017-09-10 16:57:22 +00:00
runVhookNoreturn ( "report_preassign" , & itemID , & itemType )
2016-12-13 02:14:14 +00:00
return
}
2016-12-11 16:06:17 +00:00
// Don't try to guess the type
2017-09-03 04:50:31 +00:00
LocalError ( "Unknown type" , w , r , user )
2017-05-29 14:52:37 +00:00
return
2016-12-11 16:06:17 +00:00
}
2017-05-29 14:52:37 +00:00
2016-12-11 16:06:17 +00:00
var count int
2017-09-10 16:57:22 +00:00
rows , err := report_exists_stmt . Query ( itemType + "_" + strconv . Itoa ( itemID ) )
2017-06-28 12:05:26 +00:00
if err != nil && err != ErrNoRows {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2016-12-11 16:06:17 +00:00
return
}
2017-05-29 14:52:37 +00:00
2016-12-11 16:06:17 +00:00
for rows . Next ( ) {
err = rows . Scan ( & count )
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2016-12-11 16:06:17 +00:00
return
}
}
if count != 0 {
2017-09-03 04:50:31 +00:00
LocalError ( "Someone has already reported this!" , w , r , user )
2016-12-11 16:06:17 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-09-10 16:57:22 +00:00
res , err := create_report_stmt . Exec ( title , content , parseMessage ( content ) , user . ID , itemType + "_" + strconv . Itoa ( itemID ) )
2016-12-11 16:06:17 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2017-01-26 13:37:50 +00:00
return
2016-12-11 16:06:17 +00:00
}
2017-05-29 14:52:37 +00:00
2017-09-03 04:50:31 +00:00
lastID , err := res . LastInsertId ( )
2016-12-11 16:06:17 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2017-01-26 13:37:50 +00:00
return
2016-12-11 16:06:17 +00:00
}
2017-05-29 14:52:37 +00:00
2017-01-26 13:37:50 +00:00
_ , err = add_topics_to_forum_stmt . Exec ( 1 , fid )
2016-12-11 16:06:17 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2016-12-11 16:06:17 +00:00
return
}
2017-09-03 04:50:31 +00:00
err = fstore . UpdateLastTopic ( title , int ( lastID ) , user . Name , user . ID , time . Now ( ) . Format ( "2006-01-02 15:04:05" ) , fid )
2017-08-18 15:56:36 +00:00
if err != nil && err != ErrNoRows {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2017-01-26 13:37:50 +00:00
return
2016-12-11 16:06:17 +00:00
}
2017-05-29 14:52:37 +00:00
2017-09-03 04:50:31 +00:00
http . Redirect ( w , r , "/topic/" + strconv . FormatInt ( lastID , 10 ) , http . StatusSeeOther )
2016-12-11 16:06:17 +00:00
}
2017-09-11 10:24:03 +00:00
func routeAccountOwnEditCritical ( w http . ResponseWriter , r * http . Request , user User ) {
2017-09-10 17:39:16 +00:00
headerVars , ok := UserCheck ( w , r , & user )
2016-12-16 10:37:42 +00:00
if ! ok {
return
}
2016-12-02 07:38:54 +00:00
if ! user . Loggedin {
2017-09-03 04:50:31 +00:00
LocalError ( "You need to login to edit your account." , w , r , user )
2016-12-02 07:38:54 +00:00
return
}
2017-07-12 11:05:18 +00:00
2017-09-03 04:50:31 +00:00
pi := Page { "Edit Password" , user , headerVars , tList , nil }
if preRenderHooks [ "pre_render_account_own_edit_critical" ] != nil {
if runPreRenderHook ( "pre_render_account_own_edit_critical" , w , r , & user , & pi ) {
2017-07-12 11:05:18 +00:00
return
}
}
2017-09-03 04:50:31 +00:00
templates . ExecuteTemplate ( w , "account-own-edit.html" , pi )
2016-12-02 07:38:54 +00:00
}
2017-09-11 10:24:03 +00:00
func routeAccountOwnEditCriticalSubmit ( w http . ResponseWriter , r * http . Request , user User ) {
2017-09-10 17:39:16 +00:00
headerVars , ok := UserCheck ( w , r , & user )
2016-12-16 10:37:42 +00:00
if ! ok {
return
}
2016-12-02 07:38:54 +00:00
if ! user . Loggedin {
2017-09-03 04:50:31 +00:00
LocalError ( "You need to login to edit your account." , w , r , user )
2016-12-02 07:38:54 +00:00
return
}
2017-05-29 14:52:37 +00:00
2016-12-02 07:38:54 +00:00
err := r . ParseForm ( )
2016-12-02 11:00:07 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
LocalError ( "Bad Form" , w , r , user )
2017-05-29 14:52:37 +00:00
return
2016-12-02 11:00:07 +00:00
}
2017-05-29 14:52:37 +00:00
2017-09-03 04:50:31 +00:00
var realPassword , salt string
currentPassword := r . PostFormValue ( "account-current-password" )
newPassword := r . PostFormValue ( "account-new-password" )
confirmPassword := r . PostFormValue ( "account-confirm-password" )
2017-05-29 14:52:37 +00:00
2017-09-03 04:50:31 +00:00
err = get_password_stmt . QueryRow ( user . ID ) . Scan ( & realPassword , & salt )
2017-06-28 12:05:26 +00:00
if err == ErrNoRows {
2017-09-03 04:50:31 +00:00
LocalError ( "Your account no longer exists." , w , r , user )
2016-12-02 11:00:07 +00:00
return
} else if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2016-12-02 11:00:07 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-09-03 04:50:31 +00:00
err = CheckPassword ( realPassword , currentPassword , salt )
2017-07-12 11:05:18 +00:00
if err == ErrMismatchedHashAndPassword {
2017-09-03 04:50:31 +00:00
LocalError ( "That's not the correct password." , w , r , user )
2016-12-02 11:00:07 +00:00
return
} else if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2016-12-02 11:00:07 +00:00
return
}
2017-09-03 04:50:31 +00:00
if newPassword != confirmPassword {
LocalError ( "The two passwords don't match." , w , r , user )
2016-12-02 11:00:07 +00:00
return
}
2017-09-03 04:50:31 +00:00
SetPassword ( user . ID , newPassword )
2017-05-29 14:52:37 +00:00
2016-12-02 11:00:07 +00:00
// Log the user out as a safety precaution
2017-06-25 09:56:39 +00:00
auth . ForceLogout ( user . ID )
2017-06-07 10:07:40 +00:00
2017-09-03 04:50:31 +00:00
headerVars . NoticeList = append ( headerVars . NoticeList , "Your password was successfully updated" )
pi := Page { "Edit Password" , user , headerVars , tList , nil }
if preRenderHooks [ "pre_render_account_own_edit_critical" ] != nil {
if runPreRenderHook ( "pre_render_account_own_edit_critical" , w , r , & user , & pi ) {
2017-07-12 11:05:18 +00:00
return
}
}
2017-09-03 04:50:31 +00:00
templates . ExecuteTemplate ( w , "account-own-edit.html" , pi )
2016-12-02 07:38:54 +00:00
}
2016-12-02 15:03:31 +00:00
2017-09-11 10:24:03 +00:00
func routeAccountOwnEditAvatar ( w http . ResponseWriter , r * http . Request , user User ) {
2017-09-10 17:39:16 +00:00
headerVars , ok := UserCheck ( w , r , & user )
2016-12-16 10:37:42 +00:00
if ! ok {
return
}
2016-12-02 15:03:31 +00:00
if ! user . Loggedin {
2017-09-03 04:50:31 +00:00
LocalError ( "You need to login to edit your account." , w , r , user )
2016-12-02 15:03:31 +00:00
return
}
2017-09-03 04:50:31 +00:00
pi := Page { "Edit Avatar" , user , headerVars , tList , nil }
if preRenderHooks [ "pre_render_account_own_edit_avatar" ] != nil {
if runPreRenderHook ( "pre_render_account_own_edit_avatar" , w , r , & user , & pi ) {
2017-07-12 11:05:18 +00:00
return
}
}
2017-09-03 04:50:31 +00:00
templates . ExecuteTemplate ( w , "account-own-edit-avatar.html" , pi )
2016-12-02 15:03:31 +00:00
}
2017-09-11 10:24:03 +00:00
func routeAccountOwnEditAvatarSubmit ( w http . ResponseWriter , r * http . Request , user User ) {
2017-07-17 10:23:42 +00:00
if r . ContentLength > int64 ( config . MaxRequestSize ) {
2017-09-03 04:50:31 +00:00
http . Error ( w , "Request too large" , http . StatusExpectationFailed )
2016-12-02 15:03:31 +00:00
return
}
2017-07-17 10:23:42 +00:00
r . Body = http . MaxBytesReader ( w , r . Body , int64 ( config . MaxRequestSize ) )
2017-05-29 14:52:37 +00:00
2017-09-10 17:39:16 +00:00
headerVars , ok := UserCheck ( w , r , & user )
2016-12-16 10:37:42 +00:00
if ! ok {
return
}
2016-12-02 15:03:31 +00:00
if ! user . Loggedin {
2017-09-03 04:50:31 +00:00
LocalError ( "You need to login to edit your account." , w , r , user )
2016-12-02 15:03:31 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-07-17 10:23:42 +00:00
err := r . ParseMultipartForm ( int64 ( config . MaxRequestSize ) )
2017-09-03 04:50:31 +00:00
if err != nil {
LocalError ( "Upload failed" , w , r , user )
2016-12-02 15:03:31 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-01-03 07:47:31 +00:00
var filename string
2016-12-02 15:03:31 +00:00
var ext string
for _ , fheaders := range r . MultipartForm . File {
for _ , hdr := range fheaders {
2017-09-03 04:50:31 +00:00
infile , err := hdr . Open ( )
2016-12-02 15:03:31 +00:00
if err != nil {
LocalError ( "Upload failed" , w , r , user )
return
}
defer infile . Close ( )
2017-05-29 14:52:37 +00:00
2016-12-02 15:03:31 +00:00
// We don't want multiple files
if filename != "" {
if filename != hdr . Filename {
os . Remove ( "./uploads/avatar_" + strconv . Itoa ( user . ID ) + "." + ext )
LocalError ( "You may only upload one avatar" , w , r , user )
return
}
} else {
filename = hdr . Filename
}
2017-05-29 14:52:37 +00:00
2016-12-02 15:03:31 +00:00
if ext == "" {
2017-09-03 04:50:31 +00:00
extarr := strings . Split ( hdr . Filename , "." )
2016-12-02 15:03:31 +00:00
if len ( extarr ) < 2 {
LocalError ( "Bad file" , w , r , user )
return
}
2017-09-03 04:50:31 +00:00
ext = extarr [ len ( extarr ) - 1 ]
2017-05-29 14:52:37 +00:00
2016-12-02 15:03:31 +00:00
reg , err := regexp . Compile ( "[^A-Za-z0-9]+" )
if err != nil {
LocalError ( "Bad file extension" , w , r , user )
return
}
2017-09-03 04:50:31 +00:00
ext = reg . ReplaceAllString ( ext , "" )
2016-12-02 15:03:31 +00:00
ext = strings . ToLower ( ext )
}
2017-05-29 14:52:37 +00:00
2017-09-03 04:50:31 +00:00
outfile , err := os . Create ( "./uploads/avatar_" + strconv . Itoa ( user . ID ) + "." + ext )
if err != nil {
LocalError ( "Upload failed [File Creation Failed]" , w , r , user )
2016-12-02 15:03:31 +00:00
return
}
defer outfile . Close ( )
2017-05-29 14:52:37 +00:00
2017-09-03 04:50:31 +00:00
_ , err = io . Copy ( outfile , infile )
if err != nil {
LocalError ( "Upload failed [Copy Failed]" , w , r , user )
2016-12-02 15:03:31 +00:00
return
}
}
}
2017-05-29 14:52:37 +00:00
2017-09-03 04:50:31 +00:00
_ , err = set_avatar_stmt . Exec ( "." + ext , strconv . Itoa ( user . ID ) )
2016-12-02 15:03:31 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2016-12-02 15:03:31 +00:00
return
}
user . Avatar = "/uploads/avatar_" + strconv . Itoa ( user . ID ) + "." + ext
2017-02-15 10:49:30 +00:00
err = users . Load ( user . ID )
if err != nil {
2017-09-03 04:50:31 +00:00
LocalError ( "This user no longer exists!" , w , r , user )
2017-02-15 10:49:30 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-06-16 10:41:30 +00:00
headerVars . NoticeList = append ( headerVars . NoticeList , "Your avatar was successfully updated" )
2017-09-03 04:50:31 +00:00
pi := Page { "Edit Avatar" , user , headerVars , tList , nil }
if preRenderHooks [ "pre_render_account_own_edit_avatar" ] != nil {
if runPreRenderHook ( "pre_render_account_own_edit_avatar" , w , r , & user , & pi ) {
2017-07-12 11:05:18 +00:00
return
}
}
2017-09-03 04:50:31 +00:00
templates . ExecuteTemplate ( w , "account-own-edit-avatar.html" , pi )
2016-12-02 15:03:31 +00:00
}
2016-12-03 08:09:40 +00:00
2017-09-11 10:24:03 +00:00
func routeAccountOwnEditUsername ( w http . ResponseWriter , r * http . Request , user User ) {
2017-09-10 17:39:16 +00:00
headerVars , ok := UserCheck ( w , r , & user )
2016-12-16 10:37:42 +00:00
if ! ok {
return
}
2016-12-03 08:09:40 +00:00
if ! user . Loggedin {
2017-09-03 04:50:31 +00:00
LocalError ( "You need to login to edit your account." , w , r , user )
2016-12-03 08:09:40 +00:00
return
}
2017-09-03 04:50:31 +00:00
pi := Page { "Edit Username" , user , headerVars , tList , user . Name }
if preRenderHooks [ "pre_render_account_own_edit_username" ] != nil {
if runPreRenderHook ( "pre_render_account_own_edit_username" , w , r , & user , & pi ) {
2017-07-12 11:05:18 +00:00
return
}
}
2017-09-03 04:50:31 +00:00
templates . ExecuteTemplate ( w , "account-own-edit-username.html" , pi )
2016-12-03 08:09:40 +00:00
}
2017-09-11 10:24:03 +00:00
func routeAccountOwnEditUsernameSubmit ( w http . ResponseWriter , r * http . Request , user User ) {
2017-09-10 17:39:16 +00:00
headerVars , ok := UserCheck ( w , r , & user )
2016-12-16 10:37:42 +00:00
if ! ok {
return
}
2016-12-03 08:09:40 +00:00
if ! user . Loggedin {
2017-09-03 04:50:31 +00:00
LocalError ( "You need to login to edit your account." , w , r , user )
2016-12-03 08:09:40 +00:00
return
}
err := r . ParseForm ( )
if err != nil {
2017-09-03 04:50:31 +00:00
LocalError ( "Bad Form" , w , r , user )
2017-05-29 14:52:37 +00:00
return
2016-12-03 08:09:40 +00:00
}
2017-05-29 14:52:37 +00:00
2017-09-10 16:57:22 +00:00
newUsername := html . EscapeString ( r . PostFormValue ( "account-new-username" ) )
_ , err = set_username_stmt . Exec ( newUsername , strconv . Itoa ( user . ID ) )
2016-12-03 08:09:40 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
LocalError ( "Unable to change the username. Does someone else already have this name?" , w , r , user )
2016-12-03 08:09:40 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-09-10 16:57:22 +00:00
// TODO: Use the reloaded data instead for the name?
user . Name = newUsername
2017-02-15 10:49:30 +00:00
err = users . Load ( user . ID )
if err != nil {
2017-09-03 04:50:31 +00:00
LocalError ( "Your account doesn't exist!" , w , r , user )
2017-02-15 10:49:30 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-09-03 04:50:31 +00:00
headerVars . NoticeList = append ( headerVars . NoticeList , "Your username was successfully updated" )
pi := Page { "Edit Username" , user , headerVars , tList , nil }
if preRenderHooks [ "pre_render_account_own_edit_username" ] != nil {
if runPreRenderHook ( "pre_render_account_own_edit_username" , w , r , & user , & pi ) {
2017-07-12 11:05:18 +00:00
return
}
}
2017-09-03 04:50:31 +00:00
templates . ExecuteTemplate ( w , "account-own-edit-username.html" , pi )
2016-12-03 08:09:40 +00:00
}
2017-09-11 10:24:03 +00:00
func routeAccountOwnEditEmail ( w http . ResponseWriter , r * http . Request , user User ) {
2017-09-10 17:39:16 +00:00
headerVars , ok := UserCheck ( w , r , & user )
2017-01-03 07:47:31 +00:00
if ! ok {
return
}
if ! user . Loggedin {
2017-09-03 04:50:31 +00:00
LocalError ( "You need to login to edit your account." , w , r , user )
2017-01-03 07:47:31 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-01-03 07:47:31 +00:00
email := Email { UserID : user . ID }
var emailList [ ] interface { }
2017-06-07 10:07:40 +00:00
rows , err := get_emails_by_user_stmt . Query ( user . ID )
2017-01-03 07:47:31 +00:00
if err != nil {
log . Fatal ( err )
}
defer rows . Close ( )
2017-05-29 14:52:37 +00:00
2017-01-03 07:47:31 +00:00
for rows . Next ( ) {
2017-06-14 07:09:44 +00:00
err := rows . Scan ( & email . Email , & email . Validated , & email . Token )
2017-01-03 07:47:31 +00:00
if err != nil {
log . Fatal ( err )
}
2017-05-29 14:52:37 +00:00
2017-01-03 07:47:31 +00:00
if email . Email == user . Email {
email . Primary = true
}
emailList = append ( emailList , email )
}
err = rows . Err ( )
if err != nil {
log . Fatal ( err )
}
2017-05-29 14:52:37 +00:00
2017-06-07 10:07:40 +00:00
// Was this site migrated from another forum software? Most of them don't have multiple emails for a single user.
2017-07-17 10:23:42 +00:00
// This also applies when the admin switches site.EnableEmails on after having it off for a while.
2017-01-03 07:47:31 +00:00
if len ( emailList ) == 0 {
email . Email = user . Email
email . Validated = false
email . Primary = true
emailList = append ( emailList , email )
}
2017-05-29 14:52:37 +00:00
2017-07-17 10:23:42 +00:00
if ! site . EnableEmails {
2017-09-03 04:50:31 +00:00
headerVars . NoticeList = append ( headerVars . NoticeList , "The mail system is currently disabled." )
2017-01-03 07:47:31 +00:00
}
2017-09-03 04:50:31 +00:00
pi := Page { "Email Manager" , user , headerVars , emailList , nil }
if preRenderHooks [ "pre_render_account_own_edit_email" ] != nil {
if runPreRenderHook ( "pre_render_account_own_edit_email" , w , r , & user , & pi ) {
2017-07-12 11:05:18 +00:00
return
}
}
2017-09-03 04:50:31 +00:00
templates . ExecuteTemplate ( w , "account-own-edit-email.html" , pi )
2017-01-03 07:47:31 +00:00
}
2017-09-11 10:24:03 +00:00
func routeAccountOwnEditEmailTokenSubmit ( w http . ResponseWriter , r * http . Request , user User ) {
2017-09-10 17:39:16 +00:00
headerVars , ok := UserCheck ( w , r , & user )
2017-01-03 07:47:31 +00:00
if ! ok {
return
}
if ! user . Loggedin {
2017-09-03 04:50:31 +00:00
LocalError ( "You need to login to edit your account." , w , r , user )
2017-01-03 07:47:31 +00:00
return
}
2017-03-18 07:23:02 +00:00
token := r . URL . Path [ len ( "/user/edit/token/" ) : ]
2017-05-29 14:52:37 +00:00
2017-01-03 07:47:31 +00:00
email := Email { UserID : user . ID }
targetEmail := Email { UserID : user . ID }
var emailList [ ] interface { }
2017-06-14 07:09:44 +00:00
rows , err := get_emails_by_user_stmt . Query ( user . ID )
2017-01-03 07:47:31 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2017-03-18 07:23:02 +00:00
return
2017-01-03 07:47:31 +00:00
}
defer rows . Close ( )
2017-05-29 14:52:37 +00:00
2017-01-03 07:47:31 +00:00
for rows . Next ( ) {
err := rows . Scan ( & email . Email , & email . Validated , & email . Token )
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2017-03-18 07:23:02 +00:00
return
2017-01-03 07:47:31 +00:00
}
2017-05-29 14:52:37 +00:00
2017-01-03 07:47:31 +00:00
if email . Email == user . Email {
email . Primary = true
}
if email . Token == token {
targetEmail = email
}
emailList = append ( emailList , email )
}
err = rows . Err ( )
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2017-03-18 07:23:02 +00:00
return
2017-01-03 07:47:31 +00:00
}
2017-05-29 14:52:37 +00:00
2017-01-03 07:47:31 +00:00
if len ( emailList ) == 0 {
2017-09-03 04:50:31 +00:00
LocalError ( "A verification email was never sent for you!" , w , r , user )
2017-01-03 07:47:31 +00:00
return
}
if targetEmail . Token == "" {
2017-09-03 04:50:31 +00:00
LocalError ( "That's not a valid token!" , w , r , user )
2017-01-03 07:47:31 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-01-03 07:47:31 +00:00
_ , err = verify_email_stmt . Exec ( user . Email )
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2017-01-03 07:47:31 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-01-03 07:47:31 +00:00
// If Email Activation is on, then activate the account while we're here
2017-08-20 09:39:02 +00:00
if headerVars . Settings [ "activation_type" ] == 2 {
2017-01-03 07:47:31 +00:00
_ , err = activate_user_stmt . Exec ( user . ID )
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2017-01-03 07:47:31 +00:00
return
}
}
2017-05-29 14:52:37 +00:00
2017-07-17 10:23:42 +00:00
if ! site . EnableEmails {
2017-09-03 04:50:31 +00:00
headerVars . NoticeList = append ( headerVars . NoticeList , "The mail system is currently disabled." )
2017-01-03 07:47:31 +00:00
}
2017-09-03 04:50:31 +00:00
headerVars . NoticeList = append ( headerVars . NoticeList , "Your email was successfully verified" )
pi := Page { "Email Manager" , user , headerVars , emailList , nil }
if preRenderHooks [ "pre_render_account_own_edit_email" ] != nil {
if runPreRenderHook ( "pre_render_account_own_edit_email" , w , r , & user , & pi ) {
2017-07-12 11:05:18 +00:00
return
}
}
2017-09-03 04:50:31 +00:00
templates . ExecuteTemplate ( w , "account-own-edit-email.html" , pi )
2017-01-03 07:47:31 +00:00
}
2017-09-10 16:57:22 +00:00
// TODO: Move this into member_routes.go
2017-09-11 10:24:03 +00:00
func routeLogout ( w http . ResponseWriter , r * http . Request , user User ) {
2016-12-02 07:38:54 +00:00
if ! user . Loggedin {
2017-09-03 04:50:31 +00:00
LocalError ( "You can't logout without logging in first." , w , r , user )
2016-12-02 07:38:54 +00:00
return
}
2017-06-25 09:56:39 +00:00
auth . Logout ( w , user . ID )
2017-09-03 04:50:31 +00:00
http . Redirect ( w , r , "/" , http . StatusSeeOther )
2016-12-02 07:38:54 +00:00
}
2017-05-29 14:52:37 +00:00
2017-09-11 10:24:03 +00:00
func routeLogin ( w http . ResponseWriter , r * http . Request , user User ) {
2017-09-10 17:39:16 +00:00
headerVars , ok := UserCheck ( w , r , & user )
2016-12-16 10:37:42 +00:00
if ! ok {
return
}
2016-12-02 07:38:54 +00:00
if user . Loggedin {
2017-09-03 04:50:31 +00:00
LocalError ( "You're already logged in." , w , r , user )
2016-12-02 07:38:54 +00:00
return
}
2017-09-03 04:50:31 +00:00
pi := Page { "Login" , user , headerVars , tList , nil }
if preRenderHooks [ "pre_render_login" ] != nil {
if runPreRenderHook ( "pre_render_login" , w , r , & user , & pi ) {
2017-07-12 11:05:18 +00:00
return
}
}
2017-09-03 04:50:31 +00:00
templates . ExecuteTemplate ( w , "login.html" , pi )
2016-12-02 07:38:54 +00:00
}
2017-09-10 16:57:22 +00:00
// TODO: Log failed attempted logins?
// TODO: Lock IPS out if they have too many failed attempts?
// TODO: Log unusual countries in comparison to the country a user usually logs in from? Alert the user about this?
2017-09-11 10:24:03 +00:00
func routeLoginSubmit ( w http . ResponseWriter , r * http . Request , user User ) {
2016-12-02 07:38:54 +00:00
if user . Loggedin {
2017-09-03 04:50:31 +00:00
LocalError ( "You're already logged in." , w , r , user )
2016-12-02 07:38:54 +00:00
return
}
err := r . ParseForm ( )
2016-12-02 11:00:07 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
LocalError ( "Bad Form" , w , r , user )
2017-05-29 14:52:37 +00:00
return
2016-12-02 11:00:07 +00:00
}
2017-05-29 14:52:37 +00:00
2017-06-25 09:56:39 +00:00
uid , err := auth . Authenticate ( html . EscapeString ( r . PostFormValue ( "username" ) ) , r . PostFormValue ( "password" ) )
if err != nil {
2017-09-03 04:50:31 +00:00
LocalError ( err . Error ( ) , w , r , user )
2016-12-02 07:38:54 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-08-15 13:47:56 +00:00
userPtr , err := users . CascadeGet ( uid )
if err != nil {
2017-09-03 04:50:31 +00:00
LocalError ( "Bad account" , w , r , user )
2017-08-15 13:47:56 +00:00
return
}
user = * userPtr
2017-06-25 09:56:39 +00:00
var session string
if user . Session == "" {
session , err = auth . CreateSession ( uid )
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2016-12-02 07:38:54 +00:00
return
}
2017-06-25 09:56:39 +00:00
} else {
session = user . Session
2016-12-02 07:38:54 +00:00
}
2017-05-29 14:52:37 +00:00
2017-09-03 04:50:31 +00:00
auth . SetCookies ( w , uid , session )
if user . IsAdmin {
2017-08-15 13:47:56 +00:00
// Is this error check reundant? We already check for the error in PreRoute for the same IP
host , _ , err := net . SplitHostPort ( r . RemoteAddr )
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2017-08-15 13:47:56 +00:00
return
}
log . Print ( "#" + strconv . Itoa ( uid ) + " has logged in with IP " + host )
}
2017-09-03 04:50:31 +00:00
http . Redirect ( w , r , "/" , http . StatusSeeOther )
2016-12-02 07:38:54 +00:00
}
2017-09-11 10:24:03 +00:00
func routeRegister ( w http . ResponseWriter , r * http . Request , user User ) {
2017-09-10 17:39:16 +00:00
headerVars , ok := UserCheck ( w , r , & user )
2016-12-16 10:37:42 +00:00
if ! ok {
return
}
2016-12-02 07:38:54 +00:00
if user . Loggedin {
2017-09-03 04:50:31 +00:00
LocalError ( "You're already logged in." , w , r , user )
2016-12-02 07:38:54 +00:00
return
}
2017-09-03 04:50:31 +00:00
pi := Page { "Registration" , user , headerVars , tList , nil }
if preRenderHooks [ "pre_render_register" ] != nil {
if runPreRenderHook ( "pre_render_register" , w , r , & user , & pi ) {
2017-07-12 11:05:18 +00:00
return
}
}
2017-09-03 04:50:31 +00:00
templates . ExecuteTemplate ( w , "register.html" , pi )
2016-12-02 07:38:54 +00:00
}
2017-09-11 10:24:03 +00:00
func routeRegisterSubmit ( w http . ResponseWriter , r * http . Request , user User ) {
2017-09-10 17:39:16 +00:00
headerLite , _ := SimpleUserCheck ( w , r , & user )
2017-08-20 09:39:02 +00:00
2016-12-02 07:38:54 +00:00
err := r . ParseForm ( )
2016-12-02 11:00:07 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
LocalError ( "Bad Form" , w , r , user )
2017-05-29 14:52:37 +00:00
return
2016-12-02 11:00:07 +00:00
}
2017-05-29 14:52:37 +00:00
2016-12-02 07:38:54 +00:00
username := html . EscapeString ( r . PostFormValue ( "username" ) )
2016-12-16 10:37:42 +00:00
if username == "" {
2017-09-03 04:50:31 +00:00
LocalError ( "You didn't put in a username." , w , r , user )
2017-05-29 14:52:37 +00:00
return
2016-12-16 10:37:42 +00:00
}
email := html . EscapeString ( r . PostFormValue ( "email" ) )
if email == "" {
2017-09-03 04:50:31 +00:00
LocalError ( "You didn't put in an email." , w , r , user )
2017-05-29 14:52:37 +00:00
return
2016-12-16 10:37:42 +00:00
}
2017-05-29 14:52:37 +00:00
2016-12-02 07:38:54 +00:00
password := r . PostFormValue ( "password" )
2016-12-16 10:37:42 +00:00
if password == "" {
2017-09-03 04:50:31 +00:00
LocalError ( "You didn't put in a password." , w , r , user )
2017-05-29 14:52:37 +00:00
return
2016-12-16 10:37:42 +00:00
}
2017-06-19 08:06:54 +00:00
if password == username {
2017-09-03 04:50:31 +00:00
LocalError ( "You can't use your username as your password." , w , r , user )
2017-06-19 08:06:54 +00:00
return
}
if password == email {
2017-09-03 04:50:31 +00:00
LocalError ( "You can't use your email as your password." , w , r , user )
2017-06-19 08:06:54 +00:00
return
}
2017-09-03 04:50:31 +00:00
err = weakPassword ( password )
2017-06-19 08:06:54 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
LocalError ( err . Error ( ) , w , r , user )
2017-05-29 14:52:37 +00:00
return
2016-12-16 10:37:42 +00:00
}
2017-05-29 14:52:37 +00:00
2017-09-10 16:57:22 +00:00
confirmPassword := r . PostFormValue ( "confirm_password" )
log . Print ( "Registration Attempt! Username: " + username ) // TODO: Add controls over what is logged when?
2017-05-29 14:52:37 +00:00
2016-12-02 07:38:54 +00:00
// Do the two inputted passwords match..?
2017-09-10 16:57:22 +00:00
if password != confirmPassword {
2017-09-03 04:50:31 +00:00
LocalError ( "The two passwords don't match." , w , r , user )
2016-12-02 07:38:54 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-06-07 10:07:40 +00:00
var active , group int
2017-08-20 09:39:02 +00:00
switch headerLite . Settings [ "activation_type" ] {
2017-09-03 04:50:31 +00:00
case 1 : // Activate All
active = 1
group = config . DefaultGroup
default : // Anything else. E.g. Admin Activation or Email Activation.
group = config . ActivationGroup
2016-12-21 02:30:32 +00:00
}
2017-05-29 14:52:37 +00:00
2017-06-25 09:56:39 +00:00
uid , err := users . CreateUser ( username , password , email , group , active )
2017-09-03 04:50:31 +00:00
if err == errAccountExists {
LocalError ( "This username isn't available. Try another." , w , r , user )
2016-12-02 07:38:54 +00:00
return
2017-06-25 09:56:39 +00:00
} else if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2016-12-02 07:38:54 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-01-03 07:47:31 +00:00
// Check if this user actually owns this email, if email activation is on, automatically flip their account to active when the email is validated. Validation is also useful for determining whether this user should receive any alerts, etc. via email
2017-07-17 10:23:42 +00:00
if site . EnableEmails {
2017-01-03 07:47:31 +00:00
token , err := GenerateSafeString ( 80 )
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2017-01-03 07:47:31 +00:00
return
}
2017-06-25 09:56:39 +00:00
_ , err = add_email_stmt . Exec ( email , uid , 0 , token )
2017-01-03 07:47:31 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2017-01-03 07:47:31 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-01-03 07:47:31 +00:00
if ! SendValidationEmail ( username , email , token ) {
2017-09-03 04:50:31 +00:00
LocalError ( "We were unable to send the email for you to confirm that this email address belongs to you. You may not have access to some functionality until you do so. Please ask an administrator for assistance." , w , r , user )
2017-01-03 07:47:31 +00:00
return
}
}
2017-05-29 14:52:37 +00:00
2017-06-25 09:56:39 +00:00
session , err := auth . CreateSession ( uid )
if err != nil {
2017-09-03 04:50:31 +00:00
InternalError ( err , w )
2017-06-25 09:56:39 +00:00
return
}
2017-09-03 04:50:31 +00:00
auth . SetCookies ( w , uid , session )
http . Redirect ( w , r , "/" , http . StatusSeeOther )
2016-12-02 07:38:54 +00:00
}
2017-02-28 09:27:28 +00:00
2017-09-10 16:57:22 +00:00
// TODO: Set the cookie domain
2017-09-11 10:24:03 +00:00
func routeChangeTheme ( w http . ResponseWriter , r * http . Request , user User ) {
2017-09-10 17:39:16 +00:00
//headerLite, _ := SimpleUserCheck(w, r, &user)
2017-09-10 16:57:22 +00:00
err := r . ParseForm ( )
if err != nil {
PreError ( "Bad Form" , w , r )
return
}
// TODO: Rename isJs to something else, just in case we rewrite the JS side in WebAssembly?
isJs := ( r . PostFormValue ( "isJs" ) == "1" )
newTheme := html . EscapeString ( r . PostFormValue ( "newTheme" ) )
theme , ok := themes [ newTheme ]
if ! ok || theme . HideFromThemes {
log . Print ( "Bad Theme: " , newTheme )
LocalErrorJSQ ( "That theme doesn't exist" , w , r , user , isJs )
return
}
// TODO: Store the current theme in the user's account?
/ * if user . Loggedin {
_ , err = change_theme_stmt . Exec ( newTheme , user . ID )
if err != nil {
InternalError ( err , w )
return
}
} * /
cookie := http . Cookie { Name : "current_theme" , Value : newTheme , Path : "/" , MaxAge : year }
http . SetCookie ( w , & cookie )
if ! isJs {
http . Redirect ( w , r , "/" , http . StatusSeeOther )
} else {
_ , _ = w . Write ( successJSONBytes )
}
}
// TODO: We don't need support XML here to support sitemaps, we could handle those elsewhere
var phraseLoginAlerts = [ ] byte ( ` { "msgs":[ { "msg":"Login to see your alerts","path":"/accounts/login"}]} ` )
2017-09-03 04:50:31 +00:00
2017-09-11 10:24:03 +00:00
func routeAPI ( w http . ResponseWriter , r * http . Request , user User ) {
2017-09-03 04:50:31 +00:00
w . Header ( ) . Set ( "Content-Type" , "application/json" )
2017-02-28 09:27:28 +00:00
err := r . ParseForm ( )
if err != nil {
2017-09-03 04:50:31 +00:00
PreErrorJS ( "Bad Form" , w , r )
2017-02-28 09:27:28 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-02-28 09:27:28 +00:00
action := r . FormValue ( "action" )
if action != "get" && action != "set" {
2017-09-03 04:50:31 +00:00
PreErrorJS ( "Invalid Action" , w , r )
2017-02-28 09:27:28 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-02-28 09:27:28 +00:00
module := r . FormValue ( "module" )
2017-09-03 04:50:31 +00:00
switch module {
case "dismiss-alert" :
asid , err := strconv . Atoi ( r . FormValue ( "asid" ) )
if err != nil {
PreErrorJS ( "Invalid asid" , w , r )
return
}
2017-05-29 14:52:37 +00:00
2017-09-03 04:50:31 +00:00
_ , err = delete_activity_stream_match_stmt . Exec ( user . ID , asid )
if err != nil {
InternalError ( err , w )
return
}
case "alerts" : // A feed of events tailored for a specific user
if ! user . Loggedin {
2017-09-10 16:57:22 +00:00
w . Write ( phraseLoginAlerts )
2017-09-03 04:50:31 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-09-03 04:50:31 +00:00
var msglist , event , elementType string
var asid , actorID , targetUserID , elementID int
var msgCount int
2017-06-10 07:58:15 +00:00
2017-09-03 04:50:31 +00:00
err = get_activity_count_by_watcher_stmt . QueryRow ( user . ID ) . Scan ( & msgCount )
if err == ErrNoRows {
PreErrorJS ( "Couldn't find the parent topic" , w , r )
return
} else if err != nil {
InternalErrorJS ( err , w , r )
return
}
rows , err := get_activity_feed_by_watcher_stmt . Query ( user . ID )
if err != nil {
InternalErrorJS ( err , w , r )
return
}
defer rows . Close ( )
2017-05-29 14:52:37 +00:00
2017-09-03 04:50:31 +00:00
for rows . Next ( ) {
err = rows . Scan ( & asid , & actorID , & targetUserID , & event , & elementType , & elementID )
2017-02-28 09:27:28 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
InternalErrorJS ( err , w , r )
2017-02-28 09:27:28 +00:00
return
}
2017-09-03 04:50:31 +00:00
res , err := buildAlert ( asid , event , elementType , actorID , targetUserID , elementID , user )
2017-02-28 09:27:28 +00:00
if err != nil {
2017-09-03 04:50:31 +00:00
LocalErrorJS ( err . Error ( ) , w , r )
2017-02-28 09:27:28 +00:00
return
}
2017-09-03 04:50:31 +00:00
msglist += res + ","
}
2017-05-29 14:52:37 +00:00
2017-09-03 04:50:31 +00:00
err = rows . Err ( )
if err != nil {
InternalErrorJS ( err , w , r )
return
}
if len ( msglist ) != 0 {
msglist = msglist [ 0 : len ( msglist ) - 1 ]
}
_ , _ = w . Write ( [ ] byte ( ` { "msgs":[ ` + msglist + ` ],"msgCount": ` + strconv . Itoa ( msgCount ) + ` } ` ) )
//log.Print(`{"msgs":[` + msglist + `],"msgCount":` + strconv.Itoa(msgCount) + `}`)
//case "topics":
//case "forums":
//case "users":
//case "pages":
// This might not be possible. We might need .xml paths for sitemaps
/ * case "sitemap" :
if format != "xml" {
PreError ( "You can only fetch sitemaps in the XML format!" , w , r )
return
} * /
default :
PreErrorJS ( "Invalid Module" , w , r )
2017-02-28 09:27:28 +00:00
}
}