2016-12-11 16:06:17 +00:00
/* Copyright Azareal 2016 - 2017 */
2016-12-02 07:38:54 +00:00
package main
2017-05-11 13:04:43 +00:00
import (
"log"
2017-06-12 09:03:14 +00:00
//"fmt"
2017-05-11 13:04:43 +00:00
"strconv"
"bytes"
"regexp"
"strings"
"time"
"io"
"os"
"net"
"net/http"
"html"
"html/template"
"database/sql"
)
2017-04-05 14:05:37 +00:00
2016-12-02 07:38:54 +00:00
import _ "github.com/go-sql-driver/mysql"
import "golang.org/x/crypto/bcrypt"
// A blank list to fill out that parameter in Page for routes which don't use it
2016-12-18 12:56:06 +00:00
var tList [ ] interface { }
2017-01-17 07:55:46 +00:00
var nList [ ] string
2017-05-11 13:04:43 +00:00
var success_json_bytes [ ] byte = [ ] byte ( ` { "success":"1"} ` )
2016-12-02 07:38:54 +00:00
// GET functions
2016-12-05 07:21:17 +00:00
func route_static ( w http . ResponseWriter , r * http . Request ) {
2017-01-01 15:45:43 +00:00
//log.Print("Outputting static file '" + r.URL.Path + "'")
file , ok := static_files [ r . URL . Path ]
if ! ok {
w . WriteHeader ( http . StatusNotFound )
return
}
2017-05-29 14:52:37 +00:00
2017-01-01 15:45:43 +00:00
// Surely, there's a more efficient way of doing this?
if t , err := time . Parse ( http . TimeFormat , r . Header . Get ( "If-Modified-Since" ) ) ; err == nil && file . Info . ModTime ( ) . Before ( t . Add ( 1 * time . Second ) ) {
2016-12-05 07:21:17 +00:00
w . WriteHeader ( http . StatusNotModified )
return
}
h := w . Header ( )
2017-01-01 15:45:43 +00:00
h . Set ( "Last-Modified" , file . FormattedModTime )
h . Set ( "Content-Type" , file . Mimetype )
//http.ServeContent(w,r,r.URL.Path,file.Info.ModTime(),file)
//w.Write(file.Data)
2017-02-10 13:39:13 +00:00
if strings . Contains ( r . Header . Get ( "Accept-Encoding" ) , "gzip" ) {
h . Set ( "Content-Encoding" , "gzip" )
2017-02-16 06:47:55 +00:00
h . Set ( "Content-Length" , strconv . FormatInt ( file . GzipLength , 10 ) )
2017-02-10 13:39:13 +00:00
io . Copy ( w , bytes . NewReader ( file . GzipData ) ) // Use w.Write instead?
} else {
2017-02-16 06:47:55 +00:00
h . Set ( "Content-Length" , strconv . FormatInt ( file . Length , 10 ) ) // Avoid doing a type conversion every time?
2017-02-10 13:39:13 +00:00
io . Copy ( w , bytes . NewReader ( file . Data ) )
}
2017-01-01 15:45:43 +00:00
//io.CopyN(w, bytes.NewReader(file.Data), static_files[r.URL.Path].Length)
2016-12-05 07:21:17 +00:00
}
2017-06-05 11:57:27 +00:00
// Deprecated: Test route for stopping the server during a performance analysis
2017-01-17 07:55:46 +00:00
/ * func route_exit ( w http . ResponseWriter , r * http . Request ) {
db . Close ( )
os . Exit ( 0 )
2017-04-12 13:39:03 +00:00
}
2017-01-17 07:55:46 +00:00
2017-06-05 11:57:27 +00:00
// Deprecated: Test route to see which is faster
2016-12-05 07:21:17 +00:00
func route_fstatic ( w http . ResponseWriter , r * http . Request ) {
2017-01-31 05:13:38 +00:00
http . ServeFile ( w , r , r . URL . Path )
2017-04-12 13:39:03 +00:00
} * /
2016-12-05 07:21:17 +00:00
2016-12-02 07:38:54 +00:00
func route_overview ( w http . ResponseWriter , r * http . Request ) {
2016-12-16 10:37:42 +00:00
user , noticeList , ok := SessionCheck ( w , r )
if ! ok {
return
}
2017-01-17 07:55:46 +00:00
pi := Page { "Overview" , user , noticeList , tList , nil }
2017-02-04 06:19:55 +00:00
err := templates . ExecuteTemplate ( w , "overview.html" , pi )
2017-05-29 14:52:37 +00:00
if err != nil {
InternalError ( err , w , r )
}
2016-12-02 07:38:54 +00:00
}
func route_custom_page ( w http . ResponseWriter , r * http . Request ) {
2016-12-16 10:37:42 +00:00
user , noticeList , ok := SessionCheck ( w , r )
if ! ok {
return
}
2016-12-09 13:46:29 +00:00
name := r . URL . Path [ len ( "/pages/" ) : ]
2016-12-16 10:37:42 +00:00
if templates . Lookup ( "page_" + name ) == nil {
2017-02-05 16:36:54 +00:00
NotFound ( w , r )
2017-01-17 07:55:46 +00:00
return
2016-12-13 02:14:14 +00:00
}
2017-05-29 14:52:37 +00:00
2017-02-04 06:19:55 +00:00
err := templates . ExecuteTemplate ( w , "page_" + name , Page { "Page" , user , noticeList , tList , nil } )
2016-12-08 14:11:18 +00:00
if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2016-12-02 07:38:54 +00:00
}
}
2017-05-29 14:52:37 +00:00
2016-12-02 07:38:54 +00:00
func route_topics ( w http . ResponseWriter , r * http . Request ) {
2016-12-16 10:37:42 +00:00
user , noticeList , ok := SessionCheck ( w , r )
if ! ok {
return
}
2017-05-29 14:52:37 +00:00
2017-02-05 14:41:53 +00:00
var fidList [ ] string
group := groups [ user . Group ]
for _ , fid := range group . CanSee {
if forums [ fid ] . Name != "" {
fidList = append ( fidList , strconv . Itoa ( fid ) )
}
}
2017-05-29 14:52:37 +00:00
2017-02-06 04:52:19 +00:00
var topicList [ ] TopicsRow
2017-06-05 11:57:27 +00:00
rows , err := db . Query ( "select topics.tid, topics.title, topics.content, topics.createdBy, topics.is_closed, topics.sticky, topics.createdAt, topics.lastReplyAt, topics.parentID, topics.postCount, topics.likeCount, users.name, users.avatar from topics left join users ON topics.createdBy = users.uid where parentID in(" + strings . Join ( fidList , "," ) + ") order by topics.sticky DESC, topics.lastReplyAt DESC, topics.createdBy DESC" )
2017-02-05 14:41:53 +00:00
//rows, err := get_topic_list_stmt.Query()
2016-12-02 07:38:54 +00:00
if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2016-12-02 07:38:54 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-02-15 10:49:30 +00:00
topicItem := TopicsRow { ID : 0 }
2016-12-02 07:38:54 +00:00
for rows . Next ( ) {
2017-06-05 11:57:27 +00:00
err := rows . Scan ( & topicItem . ID , & topicItem . Title , & topicItem . Content , & topicItem . CreatedBy , & topicItem . Is_Closed , & topicItem . Sticky , & topicItem . CreatedAt , & topicItem . LastReplyAt , & topicItem . ParentID , & topicItem . PostCount , & topicItem . LikeCount , & topicItem . CreatedByName , & topicItem . Avatar )
2016-12-02 07:38:54 +00:00
if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2016-12-02 07:38:54 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-01-01 15:45:43 +00:00
if topicItem . Avatar != "" {
if topicItem . Avatar [ 0 ] == '.' {
topicItem . Avatar = "/uploads/avatar_" + strconv . Itoa ( topicItem . CreatedBy ) + topicItem . Avatar
2016-12-07 09:34:09 +00:00
}
} else {
2017-01-01 15:45:43 +00:00
topicItem . Avatar = strings . Replace ( noavatar , "{id}" , strconv . Itoa ( topicItem . CreatedBy ) , 1 )
2016-12-03 08:09:40 +00:00
}
2017-05-29 14:52:37 +00:00
2017-02-06 04:52:19 +00:00
if topicItem . ParentID >= 0 {
topicItem . ForumName = forums [ topicItem . ParentID ] . Name
} else {
topicItem . ForumName = ""
}
2017-05-29 14:52:37 +00:00
2017-02-06 04:52:19 +00:00
/ * topicItem . CreatedAt , err = relative_time ( topicItem . CreatedAt )
if err != nil {
2017-06-12 09:03:14 +00:00
replyItem . CreatedAt = ""
2017-02-06 04:52:19 +00:00
} * /
topicItem . LastReplyAt , err = relative_time ( topicItem . LastReplyAt )
if err != nil {
InternalError ( err , w , r )
}
2017-05-29 14:52:37 +00:00
2016-12-11 16:06:17 +00:00
if hooks [ "trow_assign" ] != nil {
2017-02-06 04:52:19 +00:00
topicItem = run_hook ( "trow_assign" , topicItem ) . ( TopicsRow )
2016-12-11 16:06:17 +00:00
}
2016-12-21 02:30:32 +00:00
topicList = append ( topicList , topicItem )
2016-12-02 07:38:54 +00:00
}
err = rows . Err ( )
if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2016-12-02 07:38:54 +00:00
return
}
2017-01-17 07:55:46 +00:00
rows . Close ( )
2017-05-29 14:52:37 +00:00
2017-01-17 07:55:46 +00:00
pi := TopicsPage { "Topic List" , user , noticeList , topicList , nil }
2016-12-21 02:30:32 +00:00
if template_topics_handle != nil {
template_topics_handle ( pi , w )
2016-12-18 12:56:06 +00:00
} else {
2017-02-04 06:19:55 +00:00
err = templates . ExecuteTemplate ( w , "topics.html" , pi )
2016-12-18 12:56:06 +00:00
if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2016-12-18 12:56:06 +00:00
}
}
2016-12-02 07:38:54 +00:00
}
2016-12-03 13:45:08 +00:00
2017-04-13 15:01:30 +00:00
func route_forum ( w http . ResponseWriter , r * http . Request , sfid string ) {
2017-01-26 13:37:50 +00:00
page , _ := strconv . Atoi ( r . FormValue ( "page" ) )
2017-04-13 15:01:30 +00:00
fid , err := strconv . Atoi ( sfid )
2016-12-03 13:45:08 +00:00
if err != nil {
2017-02-05 16:36:54 +00:00
PreError ( "The provided ForumID is not a valid number." , w , r )
2016-12-03 13:45:08 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-02-05 16:36:54 +00:00
user , noticeList , ok := ForumSessionCheck ( w , r , fid )
if ! ok {
2016-12-03 13:45:08 +00:00
return
}
2017-01-31 05:13:38 +00:00
//fmt.Printf("%+v\n", groups[user.Group].Forums)
2017-02-05 16:36:54 +00:00
if ! user . Perms . ViewTopic {
2016-12-21 02:30:32 +00:00
NoPermissions ( w , r , user )
return
}
2017-05-29 14:52:37 +00:00
2017-01-26 13:37:50 +00:00
// Calculate the offset
var offset int
last_page := int ( forums [ fid ] . TopicCount / items_per_page ) + 1
if page > 1 {
offset = ( items_per_page * page ) - items_per_page
} else if page == - 1 {
page = last_page
offset = ( items_per_page * page ) - items_per_page
} else {
page = 1
}
2017-02-04 06:19:55 +00:00
rows , err := get_forum_topics_offset_stmt . Query ( fid , offset )
2016-12-03 13:45:08 +00:00
if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2016-12-03 13:45:08 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-01-26 13:37:50 +00:00
var topicList [ ] TopicUser
2017-06-05 11:57:27 +00:00
var topicItem TopicUser = TopicUser { ID : 0 }
2016-12-03 13:45:08 +00:00
for rows . Next ( ) {
2017-06-05 11:57:27 +00:00
err := rows . Scan ( & topicItem . ID , & topicItem . Title , & topicItem . Content , & topicItem . CreatedBy , & topicItem . Is_Closed , & topicItem . Sticky , & topicItem . CreatedAt , & topicItem . LastReplyAt , & topicItem . ParentID , & topicItem . PostCount , & topicItem . LikeCount , & topicItem . CreatedByName , & topicItem . Avatar )
2016-12-03 13:45:08 +00:00
if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2016-12-03 13:45:08 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-01-01 15:45:43 +00:00
if topicItem . Avatar != "" {
if topicItem . Avatar [ 0 ] == '.' {
topicItem . Avatar = "/uploads/avatar_" + strconv . Itoa ( topicItem . CreatedBy ) + topicItem . Avatar
2016-12-07 09:34:09 +00:00
}
} else {
2017-01-01 15:45:43 +00:00
topicItem . Avatar = strings . Replace ( noavatar , "{id}" , strconv . Itoa ( topicItem . CreatedBy ) , 1 )
2016-12-03 13:45:08 +00:00
}
2017-05-29 14:52:37 +00:00
2017-02-06 04:52:19 +00:00
topicItem . LastReplyAt , err = relative_time ( topicItem . LastReplyAt )
if err != nil {
InternalError ( err , w , r )
}
2017-05-29 14:52:37 +00:00
2016-12-11 16:06:17 +00:00
if hooks [ "trow_assign" ] != nil {
2016-12-21 02:30:32 +00:00
topicItem = run_hook ( "trow_assign" , topicItem ) . ( TopicUser )
2016-12-11 16:06:17 +00:00
}
2016-12-21 02:30:32 +00:00
topicList = append ( topicList , topicItem )
2016-12-03 13:45:08 +00:00
}
err = rows . Err ( )
if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2016-12-03 13:45:08 +00:00
return
}
2017-01-17 07:55:46 +00:00
rows . Close ( )
2017-05-29 14:52:37 +00:00
2017-01-26 13:37:50 +00:00
pi := ForumPage { forums [ fid ] . Name , user , noticeList , topicList , forums [ fid ] , page , last_page , nil }
2016-12-21 02:30:32 +00:00
if template_forum_handle != nil {
template_forum_handle ( pi , w )
2016-12-18 12:56:06 +00:00
} else {
2017-02-04 06:19:55 +00:00
err = templates . ExecuteTemplate ( w , "forum.html" , pi )
2016-12-18 12:56:06 +00:00
if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2016-12-18 12:56:06 +00:00
}
}
2016-12-03 13:45:08 +00:00
}
func route_forums ( w http . ResponseWriter , r * http . Request ) {
2016-12-16 10:37:42 +00:00
user , noticeList , ok := SessionCheck ( w , r )
if ! ok {
return
}
2017-05-29 14:52:37 +00:00
2017-01-01 15:45:43 +00:00
var forumList [ ] Forum
2017-02-06 04:52:19 +00:00
var err error
2017-01-31 05:13:38 +00:00
group := groups [ user . Group ]
2017-02-04 06:19:55 +00:00
//fmt.Println(group.CanSee)
for _ , fid := range group . CanSee {
//fmt.Println(forums[fid])
2017-06-05 11:57:27 +00:00
var forum Forum = forums [ fid ]
2017-02-06 04:52:19 +00:00
if forum . Active && forum . Name != "" {
if forum . LastTopicID != 0 {
forum . LastTopicTime , err = relative_time ( forum . LastTopicTime )
if err != nil {
InternalError ( err , w , r )
}
} else {
forum . LastTopic = "None"
forum . LastTopicTime = ""
}
forumList = append ( forumList , forum )
2016-12-03 13:45:08 +00:00
}
}
2017-05-29 14:52:37 +00:00
2017-01-17 07:55:46 +00:00
pi := ForumsPage { "Forum List" , user , noticeList , forumList , nil }
2016-12-21 02:30:32 +00:00
if template_forums_handle != nil {
template_forums_handle ( pi , w )
2016-12-18 12:56:06 +00:00
} else {
2017-01-17 07:55:46 +00:00
err := templates . ExecuteTemplate ( w , "forums.html" , pi )
2016-12-18 12:56:06 +00:00
if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2016-12-18 12:56:06 +00:00
}
}
2016-12-03 13:45:08 +00:00
}
2017-05-29 14:52:37 +00:00
2016-12-02 07:38:54 +00:00
func route_topic_id ( w http . ResponseWriter , r * http . Request ) {
2017-04-06 17:37:32 +00:00
var err error
var page , offset int
var replyList [ ] Reply
2017-05-29 14:52:37 +00:00
2017-01-21 18:16:27 +00:00
page , _ = strconv . Atoi ( r . FormValue ( "page" ) )
2017-02-11 14:51:16 +00:00
tid , err := strconv . Atoi ( r . URL . Path [ len ( "/topic/" ) : ] )
2016-12-02 07:38:54 +00:00
if err != nil {
2017-02-05 16:36:54 +00:00
PreError ( "The provided TopicID is not a valid number." , w , r )
2016-12-02 07:38:54 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-04-02 13:00:40 +00:00
// Get the topic...
2017-02-11 14:51:16 +00:00
topic , err := get_topicuser ( tid )
2016-12-02 07:38:54 +00:00
if err == sql . ErrNoRows {
2017-02-05 16:36:54 +00:00
NotFound ( w , r )
2016-12-02 07:38:54 +00:00
return
} else if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2016-12-02 07:38:54 +00:00
return
}
2017-02-11 14:51:16 +00:00
topic . Css = no_css_tmpl
2017-05-29 14:52:37 +00:00
2017-02-05 16:36:54 +00:00
user , noticeList , ok := ForumSessionCheck ( w , r , topic . ParentID )
if ! ok {
2017-01-31 05:13:38 +00:00
return
}
2017-02-05 16:36:54 +00:00
if ! user . Perms . ViewTopic {
2017-02-15 10:49:30 +00:00
//fmt.Printf("%+v\n", user.Perms)
2017-01-31 05:13:38 +00:00
NoPermissions ( w , r , user )
return
}
2017-05-29 14:52:37 +00:00
2017-02-11 14:51:16 +00:00
topic . Content = parse_message ( topic . Content )
2017-02-15 10:49:30 +00:00
topic . ContentLines = strings . Count ( topic . Content , "\n" )
2017-05-29 14:52:37 +00:00
2017-01-10 06:51:28 +00:00
// We don't want users posting in locked topics...
if topic . Is_Closed && ! user . Is_Mod {
user . Perms . CreateReply = false
2016-12-03 04:50:35 +00:00
}
2017-05-29 14:52:37 +00:00
2017-03-15 09:34:07 +00:00
topic . Tag = groups [ topic . Group ] . Tag
if groups [ topic . Group ] . Is_Mod || groups [ topic . Group ] . Is_Admin {
2016-12-04 06:16:59 +00:00
topic . Css = staff_css_tmpl
}
2017-05-29 14:52:37 +00:00
2017-02-15 10:49:30 +00:00
/ * if settings [ "url_tags" ] == false {
2016-12-09 13:46:29 +00:00
topic . URLName = ""
} else {
topic . URL , ok = external_sites [ topic . URLPrefix ]
if ! ok {
topic . URL = topic . URLName
} else {
2017-01-17 07:55:46 +00:00
topic . URL = topic . URL + topic . URLName
2016-12-09 13:46:29 +00:00
}
2017-02-15 10:49:30 +00:00
} * /
2017-05-29 14:52:37 +00:00
2017-06-12 09:03:14 +00:00
topic . CreatedAt , err = relative_time ( topic . CreatedAt )
if err != nil {
topic . CreatedAt = ""
}
2017-01-21 18:16:27 +00:00
// Calculate the offset
last_page := int ( topic . PostCount / items_per_page ) + 1
if page > 1 {
offset = ( items_per_page * page ) - items_per_page
} else if page == - 1 {
page = last_page
offset = ( items_per_page * page ) - items_per_page
} else {
page = 1
}
2017-05-29 14:52:37 +00:00
2016-12-02 07:38:54 +00:00
// Get the replies..
2017-01-21 18:16:27 +00:00
rows , err := get_topic_replies_offset_stmt . Query ( topic . ID , offset )
if err == sql . ErrNoRows {
LocalError ( "Bad Page. Some of the posts may have been deleted or you got here by directly typing in the page number." , w , r , user )
return
} else if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2016-12-02 07:38:54 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-01-17 07:55:46 +00:00
replyItem := Reply { Css : no_css_tmpl }
2016-12-02 07:38:54 +00:00
for rows . Next ( ) {
2017-04-02 13:00:40 +00:00
err := rows . Scan ( & replyItem . ID , & replyItem . Content , & replyItem . CreatedBy , & replyItem . CreatedAt , & replyItem . LastEdit , & replyItem . LastEditBy , & replyItem . Avatar , & replyItem . CreatedByName , & replyItem . Group , & replyItem . URLPrefix , & replyItem . URLName , & replyItem . Level , & replyItem . IpAddress , & replyItem . LikeCount , & replyItem . ActionType )
2016-12-02 07:38:54 +00:00
if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2016-12-02 07:38:54 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-01-17 07:55:46 +00:00
replyItem . ParentID = topic . ID
2017-02-11 14:51:16 +00:00
replyItem . ContentHtml = parse_message ( replyItem . Content )
2017-01-17 07:55:46 +00:00
replyItem . ContentLines = strings . Count ( replyItem . Content , "\n" )
2017-05-29 14:52:37 +00:00
2017-02-11 14:51:16 +00:00
if groups [ replyItem . Group ] . Is_Mod || groups [ replyItem . Group ] . Is_Admin {
2017-01-17 07:55:46 +00:00
replyItem . Css = staff_css_tmpl
2016-12-04 06:16:59 +00:00
} else {
2017-01-17 07:55:46 +00:00
replyItem . Css = no_css_tmpl
2016-12-04 06:16:59 +00:00
}
2017-05-29 14:52:37 +00:00
2017-01-17 07:55:46 +00:00
if replyItem . Avatar != "" {
if replyItem . Avatar [ 0 ] == '.' {
replyItem . Avatar = "/uploads/avatar_" + strconv . Itoa ( replyItem . CreatedBy ) + replyItem . Avatar
2016-12-07 09:34:09 +00:00
}
} else {
2017-01-17 07:55:46 +00:00
replyItem . Avatar = strings . Replace ( noavatar , "{id}" , strconv . Itoa ( replyItem . CreatedBy ) , 1 )
2016-12-07 09:34:09 +00:00
}
2017-05-29 14:52:37 +00:00
2017-02-11 14:51:16 +00:00
replyItem . Tag = groups [ replyItem . Group ] . Tag
2017-05-29 14:52:37 +00:00
2017-02-10 13:39:13 +00:00
/ * if settings [ "url_tags" ] == false {
2017-01-17 07:55:46 +00:00
replyItem . URLName = ""
2016-12-09 13:46:29 +00:00
} else {
2017-01-17 07:55:46 +00:00
replyItem . URL , ok = external_sites [ replyItem . URLPrefix ]
2016-12-09 13:46:29 +00:00
if ! ok {
2017-01-17 07:55:46 +00:00
replyItem . URL = replyItem . URLName
2016-12-09 13:46:29 +00:00
} else {
2017-01-17 07:55:46 +00:00
replyItem . URL = replyItem . URL + replyItem . URLName
2016-12-09 13:46:29 +00:00
}
2017-02-10 13:39:13 +00:00
} * /
2017-05-29 14:52:37 +00:00
2017-06-12 09:03:14 +00:00
replyItem . CreatedAt , err = relative_time ( replyItem . CreatedAt )
if err != nil {
replyItem . CreatedAt = ""
}
2017-04-02 13:00:40 +00:00
// We really shouldn't have inline HTML, we should do something about this...
if replyItem . ActionType != "" {
switch ( replyItem . ActionType ) {
case "lock" :
replyItem . ActionType = "This topic has been locked by <a href='" + build_profile_url ( replyItem . CreatedBy ) + "'>" + replyItem . CreatedByName + "</a>"
replyItem . ActionIcon = "🔒︎"
case "unlock" :
replyItem . ActionType = "This topic has been reopened by <a href='" + build_profile_url ( replyItem . CreatedBy ) + "'>" + replyItem . CreatedByName + "</a>"
replyItem . ActionIcon = "🔓︎"
2017-04-06 17:37:32 +00:00
case "stick" :
replyItem . ActionType = "This topic has been pinned by <a href='" + build_profile_url ( replyItem . CreatedBy ) + "'>" + replyItem . CreatedByName + "</a>"
replyItem . ActionIcon = "📌︎"
case "unstick" :
replyItem . ActionType = "This topic has been unpinned by <a href='" + build_profile_url ( replyItem . CreatedBy ) + "'>" + replyItem . CreatedByName + "</a>"
replyItem . ActionIcon = "📌︎"
2017-04-02 13:00:40 +00:00
default :
replyItem . ActionType = replyItem . ActionType + " has happened"
replyItem . ActionIcon = ""
}
}
2017-02-10 13:39:13 +00:00
replyItem . Liked = false
2017-05-29 14:52:37 +00:00
2016-12-11 16:06:17 +00:00
if hooks [ "rrow_assign" ] != nil {
2016-12-18 12:56:06 +00:00
replyItem = run_hook ( "rrow_assign" , replyItem ) . ( Reply )
2016-12-11 16:06:17 +00:00
}
2016-12-18 12:56:06 +00:00
replyList = append ( replyList , replyItem )
2016-12-02 07:38:54 +00:00
}
err = rows . Err ( )
if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2016-12-02 07:38:54 +00:00
return
}
2017-01-17 07:55:46 +00:00
rows . Close ( )
2017-05-29 14:52:37 +00:00
2017-01-21 18:16:27 +00:00
tpage := TopicPage { topic . Title , user , noticeList , replyList , topic , page , last_page , nil }
2017-01-01 15:45:43 +00:00
if template_topic_handle != nil {
template_topic_handle ( tpage , w )
2016-12-16 10:37:42 +00:00
} else {
2016-12-21 02:30:32 +00:00
err = templates . ExecuteTemplate ( w , "topic.html" , tpage )
2016-12-16 10:37:42 +00:00
if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2016-12-16 10:37:42 +00:00
}
}
2016-12-02 07:38:54 +00:00
}
2016-12-07 09:34:09 +00:00
func route_profile ( w http . ResponseWriter , r * http . Request ) {
2016-12-16 10:37:42 +00:00
user , noticeList , ok := SessionCheck ( w , r )
if ! ok {
return
}
2017-05-29 14:52:37 +00:00
2017-04-06 17:37:32 +00:00
var err error
var replyContent , replyCreatedByName , replyCreatedAt , replyAvatar , replyTag string
var rid , replyCreatedBy , replyLastEdit , replyLastEditBy , replyLines , replyGroup int
var replyCss template . CSS
var replyList [ ] Reply
2017-05-29 14:52:37 +00:00
2017-02-15 10:49:30 +00:00
pid , err := strconv . Atoi ( r . URL . Path [ len ( "/user/" ) : ] )
2016-12-07 09:34:09 +00:00
if err != nil {
2017-02-15 10:49:30 +00:00
LocalError ( "The provided User ID is not a valid number." , w , r , user )
2016-12-07 09:34:09 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-02-15 10:49:30 +00:00
var puser * User
if pid == user . ID {
2016-12-07 13:46:14 +00:00
user . Is_Mod = true
2017-02-15 10:49:30 +00:00
puser = & user
2016-12-07 13:46:14 +00:00
} else {
// Fetch the user data
2017-02-15 10:49:30 +00:00
puser , err = users . CascadeGet ( pid )
2016-12-07 13:46:14 +00:00
if err == sql . ErrNoRows {
2017-02-05 16:36:54 +00:00
NotFound ( w , r )
2016-12-07 13:46:14 +00:00
return
} else if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2016-12-07 13:46:14 +00:00
return
}
2016-12-07 09:34:09 +00:00
}
2017-05-29 14:52:37 +00:00
2016-12-07 09:34:09 +00:00
// Get the replies..
2017-06-06 14:41:06 +00:00
rows , err := get_profile_replies_stmt . Query ( puser . ID )
2016-12-07 09:34:09 +00:00
if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2016-12-07 09:34:09 +00:00
return
}
defer rows . Close ( )
2017-05-29 14:52:37 +00:00
2016-12-07 09:34:09 +00:00
for rows . Next ( ) {
2017-02-11 14:51:16 +00:00
err := rows . Scan ( & rid , & replyContent , & replyCreatedBy , & replyCreatedAt , & replyLastEdit , & replyLastEditBy , & replyAvatar , & replyCreatedByName , & replyGroup )
2016-12-07 09:34:09 +00:00
if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2016-12-07 09:34:09 +00:00
return
}
2017-05-29 14:52:37 +00:00
2016-12-07 09:34:09 +00:00
replyLines = strings . Count ( replyContent , "\n" )
2017-02-11 14:51:16 +00:00
if groups [ replyGroup ] . Is_Mod || groups [ replyGroup ] . Is_Admin {
2016-12-07 09:34:09 +00:00
replyCss = staff_css_tmpl
} else {
replyCss = no_css_tmpl
}
if replyAvatar != "" {
if replyAvatar [ 0 ] == '.' {
replyAvatar = "/uploads/avatar_" + strconv . Itoa ( replyCreatedBy ) + replyAvatar
}
} else {
replyAvatar = strings . Replace ( noavatar , "{id}" , strconv . Itoa ( replyCreatedBy ) , 1 )
}
2017-05-29 14:52:37 +00:00
2017-02-11 14:51:16 +00:00
if groups [ replyGroup ] . Tag != "" {
replyTag = groups [ replyGroup ] . Tag
2016-12-07 09:34:09 +00:00
} else if puser . ID == replyCreatedBy {
replyTag = "Profile Owner"
} else {
replyTag = ""
}
2017-05-29 14:52:37 +00:00
2017-02-10 13:39:13 +00:00
replyLiked := false
replyLikeCount := 0
2017-05-29 14:52:37 +00:00
2017-04-02 13:00:40 +00:00
replyList = append ( replyList , Reply { rid , puser . ID , replyContent , parse_message ( replyContent ) , replyCreatedBy , replyCreatedByName , replyGroup , replyCreatedAt , replyLastEdit , replyLastEditBy , replyAvatar , replyCss , replyLines , replyTag , "" , "" , "" , 0 , "" , replyLiked , replyLikeCount , "" , "" } )
2016-12-07 09:34:09 +00:00
}
err = rows . Err ( )
if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2016-12-07 09:34:09 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-02-15 10:49:30 +00:00
ppage := ProfilePage { puser . Name + "'s Profile" , user , noticeList , replyList , * puser , false }
2016-12-21 02:30:32 +00:00
if template_profile_handle != nil {
2016-12-26 04:44:07 +00:00
template_profile_handle ( ppage , w )
2016-12-18 12:56:06 +00:00
} else {
2017-02-05 14:41:53 +00:00
err = templates . ExecuteTemplate ( w , "profile.html" , ppage )
2016-12-18 12:56:06 +00:00
if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2016-12-18 12:56:06 +00:00
}
}
2016-12-07 09:34:09 +00:00
}
2017-04-13 09:26:40 +00:00
func route_topic_create ( w http . ResponseWriter , r * http . Request , sfid string ) {
2017-02-05 14:41:53 +00:00
var fid int
var err error
if sfid != "" {
fid , err = strconv . Atoi ( sfid )
if err != nil {
2017-02-05 16:36:54 +00:00
PreError ( "The provided ForumID is not a valid number." , w , r )
2017-02-05 14:41:53 +00:00
return
}
}
2017-05-29 14:52:37 +00:00
2017-02-05 16:36:54 +00:00
user , noticeList , ok := ForumSessionCheck ( w , r , fid )
if ! ok {
return
}
if ! user . Loggedin || ! user . Perms . CreateTopic {
NoPermissions ( w , r , user )
return
}
2017-05-29 14:52:37 +00:00
2017-02-05 14:41:53 +00:00
var forumList [ ] Forum
group := groups [ user . Group ]
for _ , fid := range group . CanSee {
if forums [ fid ] . Active && forums [ fid ] . Name != "" {
forumList = append ( forumList , forums [ fid ] )
}
}
2017-05-29 14:52:37 +00:00
2017-02-05 14:41:53 +00:00
ctpage := CreateTopicPage { "Create Topic" , user , noticeList , forumList , fid , nil }
if template_create_topic_handle != nil {
template_create_topic_handle ( ctpage , w )
} else {
err = templates . ExecuteTemplate ( w , "create-topic.html" , ctpage )
if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2017-02-05 14:41:53 +00:00
}
}
2016-12-02 07:38:54 +00:00
}
2017-05-29 14:52:37 +00:00
2016-12-02 07:38:54 +00:00
// POST functions. Authorised users only.
func route_create_topic ( w http . ResponseWriter , r * http . Request ) {
err := r . ParseForm ( )
2016-12-02 11:00:07 +00:00
if err != nil {
2017-02-05 16:36:54 +00:00
PreError ( "Bad Form" , w , r )
2017-05-29 14:52:37 +00:00
return
2016-12-02 11:00:07 +00:00
}
2017-05-29 14:52:37 +00:00
2017-02-05 14:41:53 +00:00
fid , err := strconv . Atoi ( r . PostFormValue ( "topic-board" ) )
if err != nil {
2017-02-05 16:36:54 +00:00
PreError ( "The provided ForumID is not a valid number." , w , r )
2017-02-05 14:41:53 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-02-05 16:36:54 +00:00
user , ok := SimpleForumSessionCheck ( w , r , fid )
if ! ok {
return
}
if ! user . Loggedin || ! user . Perms . CreateTopic {
NoPermissions ( w , r , user )
return
}
2017-05-29 14:52:37 +00:00
2016-12-03 13:45:08 +00:00
topic_name := html . EscapeString ( r . PostFormValue ( "topic-name" ) )
2017-01-12 02:55:08 +00:00
content := html . EscapeString ( preparse_message ( r . PostFormValue ( "topic-content" ) ) )
2017-01-17 07:55:46 +00:00
ipaddress , _ , err := net . SplitHostPort ( r . RemoteAddr )
if err != nil {
LocalError ( "Bad IP" , w , r , user )
return
}
2017-05-29 14:52:37 +00:00
2017-02-10 13:39:13 +00:00
wcount := word_count ( content )
res , err := create_topic_stmt . Exec ( fid , topic_name , content , parse_message ( content ) , ipaddress , wcount , user . ID )
2016-12-02 07:38:54 +00:00
if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2017-01-12 02:55:08 +00:00
return
2016-12-02 07:38:54 +00:00
}
lastId , err := res . LastInsertId ( )
if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2017-01-12 02:55:08 +00:00
return
2016-12-02 07:38:54 +00:00
}
2017-05-29 14:52:37 +00:00
2017-02-05 14:41:53 +00:00
_ , err = add_topics_to_forum_stmt . Exec ( 1 , fid )
2017-01-26 13:37:50 +00:00
if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2017-01-26 13:37:50 +00:00
return
}
forums [ fid ] . TopicCount -= 1
2017-05-29 14:52:37 +00:00
2017-02-05 14:41:53 +00:00
_ , err = update_forum_cache_stmt . Exec ( topic_name , lastId , user . Name , user . ID , fid )
2016-12-03 13:45:08 +00:00
if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2016-12-03 13:45:08 +00:00
return
}
2017-02-05 14:41:53 +00:00
forums [ fid ] . LastTopic = topic_name
forums [ fid ] . LastTopicID = int ( lastId )
forums [ fid ] . LastReplyer = user . Name
forums [ fid ] . LastReplyerID = user . ID
forums [ fid ] . LastTopicTime = ""
2017-05-29 14:52:37 +00:00
2017-03-05 07:53:41 +00:00
_ , err = add_subscription_stmt . Exec ( user . ID , lastId , "topic" )
if err != nil {
InternalError ( err , w , r )
return
}
2017-05-29 14:52:37 +00:00
2017-03-05 07:53:41 +00:00
http . Redirect ( w , r , "/topic/" + strconv . FormatInt ( lastId , 10 ) , http . StatusSeeOther )
2017-02-05 14:41:53 +00:00
err = increase_post_user_stats ( wcount , user . ID , true , user )
2017-01-12 02:55:08 +00:00
if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2017-01-12 02:55:08 +00:00
return
2016-12-02 07:38:54 +00:00
}
}
func route_create_reply ( w http . ResponseWriter , r * http . Request ) {
err := r . ParseForm ( )
2016-12-02 11:00:07 +00:00
if err != nil {
2017-02-05 16:36:54 +00:00
PreError ( "Bad Form" , w , r )
2017-05-29 14:52:37 +00:00
return
2016-12-02 11:00:07 +00:00
}
2016-12-03 13:45:08 +00:00
tid , err := strconv . Atoi ( r . PostFormValue ( "tid" ) )
2016-12-02 07:38:54 +00:00
if err != nil {
2017-02-10 13:39:13 +00:00
PreError ( "Failed to convert the Topic ID" , w , r )
2017-02-05 16:36:54 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-06-12 09:03:14 +00:00
topic , err := topics . CascadeGet ( tid )
2017-02-05 16:36:54 +00:00
if err == sql . ErrNoRows {
PreError ( "Couldn't find the parent topic" , w , r )
return
} else if err != nil {
InternalError ( err , w , r )
return
}
2017-05-29 14:52:37 +00:00
2017-06-12 09:03:14 +00:00
user , ok := SimpleForumSessionCheck ( w , r , topic . ParentID )
2017-02-05 16:36:54 +00:00
if ! ok {
return
}
if ! user . Loggedin || ! user . Perms . CreateReply {
NoPermissions ( w , r , user )
2016-12-02 07:38:54 +00:00
return
}
2017-05-29 14:52:37 +00:00
2016-12-08 14:11:18 +00:00
content := preparse_message ( html . EscapeString ( r . PostFormValue ( "reply-content" ) ) )
2017-01-17 07:55:46 +00:00
ipaddress , _ , err := net . SplitHostPort ( r . RemoteAddr )
if err != nil {
LocalError ( "Bad IP" , w , r , user )
return
}
2017-05-29 14:52:37 +00:00
2017-02-10 13:39:13 +00:00
wcount := word_count ( content )
2017-06-07 10:07:40 +00:00
_ , err = create_reply_stmt . Exec ( tid , content , parse_message ( content ) , ipaddress , wcount , user . ID )
2016-12-02 07:38:54 +00:00
if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2016-12-03 13:45:08 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-06-10 07:58:15 +00:00
_ , err = add_replies_to_topic_stmt . Exec ( 1 , tid )
2017-01-21 18:16:27 +00:00
if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2017-01-21 18:16:27 +00:00
return
}
2017-06-12 09:03:14 +00:00
_ , err = update_forum_cache_stmt . Exec ( topic . Title , tid , user . Name , user . ID , 1 )
2016-12-03 13:45:08 +00:00
if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2016-12-03 13:45:08 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-06-12 09:03:14 +00:00
res , err := add_activity_stmt . Exec ( user . ID , topic . CreatedBy , "reply" , "topic" , tid )
2017-03-05 07:53:41 +00:00
if err != nil {
InternalError ( err , w , r )
return
}
lastId , err := res . LastInsertId ( )
if err != nil {
InternalError ( err , w , r )
return
}
2017-05-29 14:52:37 +00:00
2017-03-05 07:53:41 +00:00
_ , err = notify_watchers_stmt . Exec ( lastId )
if err != nil {
InternalError ( err , w , r )
return
}
2017-05-29 14:52:37 +00:00
2017-06-12 09:03:14 +00:00
// Alert the subscribers about this post without blocking this post from being posted
if enable_websockets {
go notify_watchers ( lastId )
}
2017-03-15 08:34:14 +00:00
// Reload the topic...
err = topics . Load ( tid )
2017-06-12 09:03:14 +00:00
if err != nil && err == sql . ErrNoRows {
2017-03-15 08:34:14 +00:00
LocalError ( "The destination no longer exists" , w , r , user )
return
} else if err != nil {
InternalError ( err , w , r )
return
}
2017-05-29 14:52:37 +00:00
2017-03-05 07:53:41 +00:00
http . Redirect ( w , r , "/topic/" + strconv . Itoa ( tid ) , http . StatusSeeOther )
2017-01-12 02:55:08 +00:00
err = increase_post_user_stats ( wcount , user . ID , false , user )
if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2017-01-12 02:55:08 +00:00
return
}
2016-12-02 07:38:54 +00:00
}
2017-02-10 13:39:13 +00:00
func route_like_topic ( w http . ResponseWriter , r * http . Request ) {
err := r . ParseForm ( )
if err != nil {
PreError ( "Bad Form" , w , r )
2017-05-29 14:52:37 +00:00
return
2017-02-10 13:39:13 +00:00
}
2017-05-29 14:52:37 +00:00
2017-02-10 13:39:13 +00:00
tid , err := strconv . Atoi ( r . URL . Path [ len ( "/topic/like/submit/" ) : ] )
if err != nil {
PreError ( "Topic IDs can only ever be numbers." , w , r )
return
}
2017-05-29 14:52:37 +00:00
2017-06-12 09:03:14 +00:00
topic , err := topics . CascadeGet ( tid )
2017-02-10 13:39:13 +00:00
if err == sql . ErrNoRows {
PreError ( "The requested topic doesn't exist." , w , r )
return
} else if err != nil {
InternalError ( err , w , r )
return
}
2017-05-29 14:52:37 +00:00
2017-06-12 09:03:14 +00:00
user , ok := SimpleForumSessionCheck ( w , r , topic . ParentID )
2017-02-10 13:39:13 +00:00
if ! ok {
return
}
if ! user . Perms . ViewTopic || ! user . Perms . LikeItem {
NoPermissions ( w , r , user )
return
}
2017-05-29 14:52:37 +00:00
2017-06-12 09:03:14 +00:00
if topic . CreatedBy == user . ID {
2017-06-10 07:58:15 +00:00
LocalError ( "You can't like your own topics" , w , r , user )
return
}
2017-06-12 09:03:14 +00:00
err = has_liked_topic_stmt . QueryRow ( user . ID , tid ) . Scan ( & tid )
2017-02-10 13:39:13 +00:00
if err != nil && err != sql . ErrNoRows {
InternalError ( err , w , r )
return
} else if err != sql . ErrNoRows {
LocalError ( "You already liked this!" , w , r , user )
return
}
2017-05-29 14:52:37 +00:00
2017-06-12 09:03:14 +00:00
_ , err = users . CascadeGet ( topic . CreatedBy )
2017-03-07 07:22:29 +00:00
if err != nil && err == sql . ErrNoRows {
2017-03-03 16:28:49 +00:00
LocalError ( "The target user doesn't exist" , w , r , user )
return
} else if err != nil {
InternalError ( err , w , r )
return
}
2017-05-29 14:52:37 +00:00
2017-02-10 13:39:13 +00:00
score := 1
_ , err = create_like_stmt . Exec ( score , tid , "topics" , user . ID )
if err != nil {
InternalError ( err , w , r )
return
}
2017-05-29 14:52:37 +00:00
2017-02-10 13:39:13 +00:00
_ , err = add_likes_to_topic_stmt . Exec ( 1 , tid )
if err != nil {
InternalError ( err , w , r )
return
}
2017-05-29 14:52:37 +00:00
2017-06-12 09:03:14 +00:00
res , err := add_activity_stmt . Exec ( user . ID , topic . CreatedBy , "like" , "topic" , tid )
2017-03-03 16:28:49 +00:00
if err != nil {
InternalError ( err , w , r )
return
}
lastId , err := res . LastInsertId ( )
if err != nil {
InternalError ( err , w , r )
return
}
2017-05-29 14:52:37 +00:00
2017-06-12 09:03:14 +00:00
_ , err = notify_one_stmt . Exec ( topic . CreatedBy , lastId )
2017-03-03 16:28:49 +00:00
if err != nil {
InternalError ( err , w , r )
return
}
2017-05-29 14:52:37 +00:00
2017-06-10 07:58:15 +00:00
// Live alerts, if the poster is online and WebSockets is enabled
2017-06-12 09:03:14 +00:00
_ = ws_hub . push_alert ( topic . CreatedBy , "like" , "topic" , user . ID , topic . CreatedBy , tid )
2017-06-10 07:58:15 +00:00
2017-03-05 07:53:41 +00:00
// Reload the topic...
err = topics . Load ( tid )
2017-06-12 09:03:14 +00:00
if err != nil && err == sql . ErrNoRows {
2017-03-05 07:53:41 +00:00
LocalError ( "The liked topic no longer exists" , w , r , user )
return
} else if err != nil {
InternalError ( err , w , r )
return
}
2017-05-29 14:52:37 +00:00
2017-02-10 13:39:13 +00:00
http . Redirect ( w , r , "/topic/" + strconv . Itoa ( tid ) , http . StatusSeeOther )
}
func route_reply_like_submit ( w http . ResponseWriter , r * http . Request ) {
err := r . ParseForm ( )
if err != nil {
PreError ( "Bad Form" , w , r )
2017-05-29 14:52:37 +00:00
return
2017-02-10 13:39:13 +00:00
}
2017-05-29 14:52:37 +00:00
2017-02-10 13:39:13 +00:00
rid , err := strconv . Atoi ( r . URL . Path [ len ( "/reply/like/submit/" ) : ] )
if err != nil {
PreError ( "The provided Reply ID is not a valid number." , w , r )
return
}
2017-05-29 14:52:37 +00:00
2017-06-14 07:09:44 +00:00
reply , err := get_reply ( rid )
2017-02-10 13:39:13 +00:00
if err == sql . ErrNoRows {
PreError ( "You can't like something which doesn't exist!" , w , r )
return
} else if err != nil {
InternalError ( err , w , r )
return
}
2017-05-29 14:52:37 +00:00
2017-02-10 13:39:13 +00:00
var fid int
2017-06-14 07:09:44 +00:00
err = get_topic_fid_stmt . QueryRow ( reply . ParentID ) . Scan ( & fid )
2017-02-10 13:39:13 +00:00
if err == sql . ErrNoRows {
PreError ( "The parent topic doesn't exist." , w , r )
return
} else if err != nil {
InternalError ( err , w , r )
return
}
2017-05-29 14:52:37 +00:00
2017-02-10 13:39:13 +00:00
user , ok := SimpleForumSessionCheck ( w , r , fid )
if ! ok {
return
}
if ! user . Perms . ViewTopic || ! user . Perms . LikeItem {
NoPermissions ( w , r , user )
return
}
2017-05-29 14:52:37 +00:00
2017-06-14 07:09:44 +00:00
if reply . CreatedBy == user . ID {
2017-06-10 07:58:15 +00:00
LocalError ( "You can't like your own replies" , w , r , user )
return
}
2017-06-07 10:07:40 +00:00
err = has_liked_reply_stmt . QueryRow ( user . ID , rid ) . Scan ( & rid )
2017-02-10 13:39:13 +00:00
if err != nil && err != sql . ErrNoRows {
InternalError ( err , w , r )
return
} else if err != sql . ErrNoRows {
LocalError ( "You already liked this!" , w , r , user )
return
}
2017-05-29 14:52:37 +00:00
2017-06-14 07:09:44 +00:00
_ , err = users . CascadeGet ( reply . CreatedBy )
2017-03-03 16:28:49 +00:00
if err != nil && err != sql . ErrNoRows {
LocalError ( "The target user doesn't exist" , w , r , user )
return
} else if err != nil {
InternalError ( err , w , r )
return
}
2017-05-29 14:52:37 +00:00
2017-02-10 13:39:13 +00:00
score := 1
_ , err = create_like_stmt . Exec ( score , rid , "replies" , user . ID )
if err != nil {
InternalError ( err , w , r )
return
}
2017-05-29 14:52:37 +00:00
2017-02-10 13:39:13 +00:00
_ , err = add_likes_to_reply_stmt . Exec ( 1 , rid )
if err != nil {
InternalError ( err , w , r )
return
}
2017-05-29 14:52:37 +00:00
2017-06-14 07:09:44 +00:00
res , err := add_activity_stmt . Exec ( user . ID , reply . CreatedBy , "like" , "post" , rid )
2017-03-03 16:28:49 +00:00
if err != nil {
InternalError ( err , w , r )
return
}
lastId , err := res . LastInsertId ( )
if err != nil {
InternalError ( err , w , r )
return
}
2017-05-29 14:52:37 +00:00
2017-06-14 07:09:44 +00:00
_ , err = notify_one_stmt . Exec ( reply . CreatedBy , lastId )
2017-03-03 16:28:49 +00:00
if err != nil {
InternalError ( err , w , r )
return
}
2017-05-29 14:52:37 +00:00
2017-06-10 07:58:15 +00:00
// Live alerts, if the poster is online and WebSockets is enabled
2017-06-14 07:09:44 +00:00
_ = ws_hub . push_alert ( reply . CreatedBy , "like" , "post" , user . ID , reply . CreatedBy , rid )
2017-06-10 07:58:15 +00:00
2017-06-14 07:09:44 +00:00
http . Redirect ( w , r , "/topic/" + strconv . Itoa ( reply . ParentID ) , http . StatusSeeOther )
2017-02-10 13:39:13 +00:00
}
2016-12-07 09:34:09 +00:00
func route_profile_reply_create ( w http . ResponseWriter , r * http . Request ) {
2016-12-16 10:37:42 +00:00
user , ok := SimpleSessionCheck ( w , r )
if ! ok {
return
}
2016-12-21 02:30:32 +00:00
if ! user . Loggedin || ! user . Perms . CreateReply {
NoPermissions ( w , r , user )
2016-12-03 10:25:39 +00:00
return
}
2017-05-29 14:52:37 +00:00
2016-12-02 07:38:54 +00:00
err := r . ParseForm ( )
2016-12-02 11:00:07 +00:00
if err != nil {
2017-02-05 16:36:54 +00:00
LocalError ( "Bad Form" , w , r , user )
2017-05-29 14:52:37 +00:00
return
2016-12-02 11:00:07 +00:00
}
2016-12-07 09:34:09 +00:00
uid , err := strconv . Atoi ( r . PostFormValue ( "uid" ) )
2016-12-02 11:00:07 +00:00
if err != nil {
2017-01-12 02:55:08 +00:00
LocalError ( "Invalid UID" , w , r , user )
2016-12-02 07:38:54 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-06-14 07:09:44 +00:00
ipaddress , _ , err := net . SplitHostPort ( r . RemoteAddr )
if err != nil {
LocalError ( "Bad IP" , w , r , user )
return
}
_ , err = create_profile_reply_stmt . Exec ( uid , html . EscapeString ( preparse_message ( r . PostFormValue ( "reply-content" ) ) ) , parse_message ( html . EscapeString ( preparse_message ( r . PostFormValue ( "reply-content" ) ) ) ) , user . ID , ipaddress )
2016-12-02 07:38:54 +00:00
if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2017-01-12 02:55:08 +00:00
return
2016-12-02 07:38:54 +00:00
}
2017-05-29 14:52:37 +00:00
2016-12-07 09:34:09 +00:00
var user_name string
2017-06-07 10:07:40 +00:00
err = get_user_name_stmt . QueryRow ( uid ) . Scan ( & user_name )
2016-12-02 07:38:54 +00:00
if err == sql . ErrNoRows {
2017-01-12 02:55:08 +00:00
LocalError ( "The profile you're trying to post on doesn't exist." , w , r , user )
return
2016-12-02 07:38:54 +00:00
} else if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2016-12-02 07:38:54 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-01-12 02:55:08 +00:00
http . Redirect ( w , r , "/user/" + strconv . Itoa ( uid ) , http . StatusSeeOther )
2016-12-02 07:38:54 +00:00
}
2017-05-02 17:24:33 +00:00
func route_report_submit ( w http . ResponseWriter , r * http . Request , sitem_id string ) {
2016-12-16 10:37:42 +00:00
user , ok := SimpleSessionCheck ( w , r )
if ! ok {
return
}
2016-12-11 16:06:17 +00:00
if ! user . Loggedin {
LoginRequired ( w , r , user )
return
}
if user . Is_Banned {
Banned ( w , r , user )
return
}
2017-05-29 14:52:37 +00:00
2016-12-11 16:06:17 +00:00
err := r . ParseForm ( )
if err != nil {
2017-02-15 10:49:30 +00:00
LocalError ( "Bad Form" , w , r , user )
2016-12-11 16:06:17 +00:00
return
}
if r . FormValue ( "session" ) != user . Session {
SecurityError ( w , r , user )
return
}
2017-05-29 14:52:37 +00:00
2017-05-02 17:24:33 +00:00
item_id , err := strconv . Atoi ( sitem_id )
2016-12-11 16:06:17 +00:00
if err != nil {
2017-05-02 17:24:33 +00:00
LocalError ( "Bad ID" , w , r , user )
2016-12-11 16:06:17 +00:00
return
}
2017-05-29 14:52:37 +00:00
2016-12-11 16:06:17 +00:00
item_type := r . FormValue ( "type" )
2017-05-29 14:52:37 +00:00
2017-05-02 17:24:33 +00:00
var fid int = 1
2017-06-12 09:03:14 +00:00
var title , content string
2016-12-11 16:06:17 +00:00
if item_type == "reply" {
2017-06-14 07:09:44 +00:00
reply , err := get_reply ( item_id )
2016-12-11 16:06:17 +00:00
if err == sql . ErrNoRows {
2017-01-26 13:37:50 +00:00
LocalError ( "We were unable to find the reported post" , w , r , user )
2016-12-11 16:06:17 +00:00
return
} else if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2016-12-11 16:06:17 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-06-14 07:09:44 +00:00
topic , err := topics . CascadeGet ( reply . ParentID )
2016-12-11 16:06:17 +00:00
if err == sql . ErrNoRows {
2017-06-12 09:03:14 +00:00
LocalError ( "We weren't able to find the topic the reported post is supposed to be in" , w , r , user )
2016-12-11 16:06:17 +00:00
return
} else if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2016-12-11 16:06:17 +00:00
return
}
2017-06-12 09:03:14 +00:00
title = "Reply: " + topic . Title
2017-06-14 07:09:44 +00:00
content = reply . Content + "\n\nOriginal Post: #rid-" + strconv . Itoa ( item_id )
2016-12-13 02:14:14 +00:00
} else if item_type == "user-reply" {
2017-06-14 07:09:44 +00:00
user_reply , err := get_user_reply ( item_id )
2016-12-13 02:14:14 +00:00
if err == sql . ErrNoRows {
2017-06-12 09:03:14 +00:00
LocalError ( "We weren't able to find the reported post" , w , r , user )
2016-12-13 02:14:14 +00:00
return
} else if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2016-12-13 02:14:14 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-06-14 07:09:44 +00:00
err = get_user_name_stmt . QueryRow ( user_reply . ParentID ) . Scan ( & title )
2016-12-13 02:14:14 +00:00
if err == sql . ErrNoRows {
2017-06-12 09:03:14 +00:00
LocalError ( "We weren't able to find the profile the reported post is supposed to be on" , w , r , user )
2016-12-13 02:14:14 +00:00
return
} else if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2016-12-13 02:14:14 +00:00
return
}
2017-06-07 10:07:40 +00:00
title = "Profile: " + title
2017-06-14 07:09:44 +00:00
content = user_reply . Content + "\n\nOriginal Post: @" + strconv . Itoa ( user_reply . ParentID )
2016-12-11 16:06:17 +00:00
} else if item_type == "topic" {
2017-06-07 10:07:40 +00:00
err = get_topic_basic_stmt . QueryRow ( item_id ) . Scan ( & title , & content )
2016-12-11 16:06:17 +00:00
if err == sql . ErrNoRows {
2017-02-05 16:36:54 +00:00
NotFound ( w , r )
2016-12-11 16:06:17 +00:00
return
} else if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2016-12-11 16:06:17 +00:00
return
}
2017-06-07 10:07:40 +00:00
title = "Topic: " + title
2017-03-14 10:57:40 +00:00
content = content + "\n\nOriginal Post: #tid-" + strconv . Itoa ( item_id )
2016-12-11 16:06:17 +00:00
} else {
2016-12-13 02:14:14 +00:00
if vhooks [ "report_preassign" ] != nil {
2016-12-16 10:37:42 +00:00
run_vhook_noreturn ( "report_preassign" , & item_id , & item_type )
2016-12-13 02:14:14 +00:00
return
}
2016-12-11 16:06:17 +00:00
// Don't try to guess the type
2017-01-26 13:37:50 +00:00
LocalError ( "Unknown type" , w , r , user )
2017-05-29 14:52:37 +00:00
return
2016-12-11 16:06:17 +00:00
}
2017-05-29 14:52:37 +00:00
2016-12-11 16:06:17 +00:00
var count int
2017-06-07 10:07:40 +00:00
rows , err := report_exists_stmt . Query ( item_type + "_" + strconv . Itoa ( item_id ) )
2016-12-11 16:06:17 +00:00
if err != nil && err != sql . ErrNoRows {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2016-12-11 16:06:17 +00:00
return
}
2017-05-29 14:52:37 +00:00
2016-12-11 16:06:17 +00:00
for rows . Next ( ) {
err = rows . Scan ( & count )
if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2016-12-11 16:06:17 +00:00
return
}
}
if count != 0 {
2017-05-02 17:24:33 +00:00
LocalError ( "Someone has already reported this!" , w , r , user )
2016-12-11 16:06:17 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-03-14 10:57:40 +00:00
res , err := create_report_stmt . Exec ( title , content , parse_message ( content ) , user . ID , item_type + "_" + strconv . Itoa ( item_id ) )
2016-12-11 16:06:17 +00:00
if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2017-01-26 13:37:50 +00:00
return
2016-12-11 16:06:17 +00:00
}
2017-05-29 14:52:37 +00:00
2016-12-11 16:06:17 +00:00
lastId , err := res . LastInsertId ( )
if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2017-01-26 13:37:50 +00:00
return
2016-12-11 16:06:17 +00:00
}
2017-05-29 14:52:37 +00:00
2017-01-26 13:37:50 +00:00
_ , err = add_topics_to_forum_stmt . Exec ( 1 , fid )
2016-12-11 16:06:17 +00:00
if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2016-12-11 16:06:17 +00:00
return
}
2017-01-26 13:37:50 +00:00
_ , err = update_forum_cache_stmt . Exec ( title , lastId , user . Name , user . ID , fid )
if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2017-01-26 13:37:50 +00:00
return
2016-12-11 16:06:17 +00:00
}
2017-05-29 14:52:37 +00:00
2017-05-02 17:24:33 +00:00
http . Redirect ( w , r , "/topic/" + strconv . FormatInt ( lastId , 10 ) , http . StatusSeeOther )
2016-12-11 16:06:17 +00:00
}
2016-12-02 07:38:54 +00:00
func route_account_own_edit_critical ( w http . ResponseWriter , r * http . Request ) {
2016-12-16 10:37:42 +00:00
user , noticeList , ok := SessionCheck ( w , r )
if ! ok {
return
}
2016-12-02 07:38:54 +00:00
if ! user . Loggedin {
2017-01-03 07:47:31 +00:00
LocalError ( "You need to login to edit your account." , w , r , user )
2016-12-02 07:38:54 +00:00
return
}
2017-02-05 16:36:54 +00:00
pi := Page { "Edit Password" , user , noticeList , tList , nil }
2016-12-02 07:38:54 +00:00
templates . ExecuteTemplate ( w , "account-own-edit.html" , pi )
}
func route_account_own_edit_critical_submit ( w http . ResponseWriter , r * http . Request ) {
2016-12-16 10:37:42 +00:00
user , noticeList , ok := SessionCheck ( w , r )
if ! ok {
return
}
2016-12-02 07:38:54 +00:00
if ! user . Loggedin {
2017-01-03 07:47:31 +00:00
LocalError ( "You need to login to edit your account." , w , r , user )
2016-12-02 07:38:54 +00:00
return
}
2017-05-29 14:52:37 +00:00
2016-12-02 07:38:54 +00:00
err := r . ParseForm ( )
2016-12-02 11:00:07 +00:00
if err != nil {
2017-02-05 16:36:54 +00:00
LocalError ( "Bad Form" , w , r , user )
2017-05-29 14:52:37 +00:00
return
2016-12-02 11:00:07 +00:00
}
2017-05-29 14:52:37 +00:00
2017-06-07 10:07:40 +00:00
var real_password , salt string
2016-12-02 11:00:07 +00:00
current_password := r . PostFormValue ( "account-current-password" )
new_password := r . PostFormValue ( "account-new-password" )
confirm_password := r . PostFormValue ( "account-confirm-password" )
2017-05-29 14:52:37 +00:00
2016-12-02 11:00:07 +00:00
err = get_password_stmt . QueryRow ( user . ID ) . Scan ( & real_password , & salt )
if err == sql . ErrNoRows {
2017-01-12 02:55:08 +00:00
LocalError ( "Your account no longer exists." , w , r , user )
2016-12-02 11:00:07 +00:00
return
} else if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2016-12-02 11:00:07 +00:00
return
}
2017-05-29 14:52:37 +00:00
2016-12-02 11:00:07 +00:00
current_password = current_password + salt
err = bcrypt . CompareHashAndPassword ( [ ] byte ( real_password ) , [ ] byte ( current_password ) )
if err == bcrypt . ErrMismatchedHashAndPassword {
2017-01-12 02:55:08 +00:00
LocalError ( "That's not the correct password." , w , r , user )
2016-12-02 11:00:07 +00:00
return
} else if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2016-12-02 11:00:07 +00:00
return
}
if new_password != confirm_password {
2017-01-12 02:55:08 +00:00
LocalError ( "The two passwords don't match." , w , r , user )
2016-12-02 11:00:07 +00:00
return
}
SetPassword ( user . ID , new_password )
2017-05-29 14:52:37 +00:00
2016-12-02 11:00:07 +00:00
// Log the user out as a safety precaution
_ , err = logout_stmt . Exec ( user . ID )
if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2016-12-02 11:00:07 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-06-07 10:07:40 +00:00
// Reload the user data
err = users . Load ( user . ID )
if err != nil {
LocalError ( "Your account no longer exists!" , w , r , user )
return
}
2017-02-05 16:36:54 +00:00
noticeList = append ( noticeList , "Your password was successfully updated" )
pi := Page { "Edit Password" , user , noticeList , tList , nil }
2017-01-03 07:47:31 +00:00
templates . ExecuteTemplate ( w , "account-own-edit.html" , pi )
2016-12-02 07:38:54 +00:00
}
2016-12-02 15:03:31 +00:00
func route_account_own_edit_avatar ( w http . ResponseWriter , r * http . Request ) {
2016-12-16 10:37:42 +00:00
user , noticeList , ok := SessionCheck ( w , r )
if ! ok {
return
}
2016-12-02 15:03:31 +00:00
if ! user . Loggedin {
2017-01-03 07:47:31 +00:00
LocalError ( "You need to login to edit your account." , w , r , user )
2016-12-02 15:03:31 +00:00
return
}
2017-02-05 16:36:54 +00:00
pi := Page { "Edit Avatar" , user , noticeList , tList , nil }
templates . ExecuteTemplate ( w , "account-own-edit-avatar.html" , pi )
2016-12-02 15:03:31 +00:00
}
func route_account_own_edit_avatar_submit ( w http . ResponseWriter , r * http . Request ) {
if r . ContentLength > int64 ( max_request_size ) {
2017-02-05 16:36:54 +00:00
http . Error ( w , "Request too large" , http . StatusExpectationFailed )
2016-12-02 15:03:31 +00:00
return
}
r . Body = http . MaxBytesReader ( w , r . Body , int64 ( max_request_size ) )
2017-05-29 14:52:37 +00:00
2016-12-16 10:37:42 +00:00
user , noticeList , ok := SessionCheck ( w , r )
if ! ok {
return
}
2016-12-02 15:03:31 +00:00
if ! user . Loggedin {
2017-01-03 07:47:31 +00:00
LocalError ( "You need to login to edit your account." , w , r , user )
2016-12-02 15:03:31 +00:00
return
}
2017-05-29 14:52:37 +00:00
2016-12-02 15:03:31 +00:00
err := r . ParseMultipartForm ( int64 ( max_request_size ) )
if err != nil {
2017-02-05 16:36:54 +00:00
LocalError ( "Upload failed" , w , r , user )
2016-12-02 15:03:31 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-01-03 07:47:31 +00:00
var filename string
2016-12-02 15:03:31 +00:00
var ext string
for _ , fheaders := range r . MultipartForm . File {
for _ , hdr := range fheaders {
infile , err := hdr . Open ( ) ;
if err != nil {
LocalError ( "Upload failed" , w , r , user )
return
}
defer infile . Close ( )
2017-05-29 14:52:37 +00:00
2016-12-02 15:03:31 +00:00
// We don't want multiple files
if filename != "" {
if filename != hdr . Filename {
os . Remove ( "./uploads/avatar_" + strconv . Itoa ( user . ID ) + "." + ext )
LocalError ( "You may only upload one avatar" , w , r , user )
return
}
} else {
filename = hdr . Filename
}
2017-05-29 14:52:37 +00:00
2016-12-02 15:03:31 +00:00
if ext == "" {
extarr := strings . Split ( hdr . Filename , "." )
if len ( extarr ) < 2 {
LocalError ( "Bad file" , w , r , user )
return
}
ext = extarr [ len ( extarr ) - 1 ]
2017-05-29 14:52:37 +00:00
2016-12-02 15:03:31 +00:00
reg , err := regexp . Compile ( "[^A-Za-z0-9]+" )
if err != nil {
LocalError ( "Bad file extension" , w , r , user )
return
}
ext = reg . ReplaceAllString ( ext , "" )
ext = strings . ToLower ( ext )
}
2017-05-29 14:52:37 +00:00
2016-12-02 15:03:31 +00:00
outfile , err := os . Create ( "./uploads/avatar_" + strconv . Itoa ( user . ID ) + "." + ext ) ;
if err != nil {
2017-02-05 16:36:54 +00:00
LocalError ( "Upload failed [File Creation Failed]" , w , r , user )
2016-12-02 15:03:31 +00:00
return
}
defer outfile . Close ( )
2017-05-29 14:52:37 +00:00
2016-12-02 15:03:31 +00:00
_ , err = io . Copy ( outfile , infile ) ;
if err != nil {
2017-02-05 16:36:54 +00:00
LocalError ( "Upload failed [Copy Failed]" , w , r , user )
2016-12-02 15:03:31 +00:00
return
}
}
}
2017-05-29 14:52:37 +00:00
2016-12-02 15:03:31 +00:00
_ , err = set_avatar_stmt . Exec ( "." + ext , strconv . Itoa ( user . ID ) )
if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2016-12-02 15:03:31 +00:00
return
}
user . Avatar = "/uploads/avatar_" + strconv . Itoa ( user . ID ) + "." + ext
2017-02-15 10:49:30 +00:00
err = users . Load ( user . ID )
if err != nil {
LocalError ( "This user no longer exists!" , w , r , user )
return
}
2017-05-29 14:52:37 +00:00
2017-06-12 09:03:14 +00:00
noticeList = append ( noticeList , "Your avatar was successfully updated" )
2017-02-05 16:36:54 +00:00
pi := Page { "Edit Avatar" , user , noticeList , tList , nil }
2016-12-16 10:37:42 +00:00
templates . ExecuteTemplate ( w , "account-own-edit-avatar.html" , pi )
2016-12-02 15:03:31 +00:00
}
2016-12-03 08:09:40 +00:00
func route_account_own_edit_username ( w http . ResponseWriter , r * http . Request ) {
2016-12-16 10:37:42 +00:00
user , noticeList , ok := SessionCheck ( w , r )
if ! ok {
return
}
2016-12-03 08:09:40 +00:00
if ! user . Loggedin {
2017-01-03 07:47:31 +00:00
LocalError ( "You need to login to edit your account." , w , r , user )
2016-12-03 08:09:40 +00:00
return
}
2017-01-17 07:55:46 +00:00
pi := Page { "Edit Username" , user , noticeList , tList , user . Name }
2017-02-05 16:36:54 +00:00
templates . ExecuteTemplate ( w , "account-own-edit-username.html" , pi )
2016-12-03 08:09:40 +00:00
}
func route_account_own_edit_username_submit ( w http . ResponseWriter , r * http . Request ) {
2016-12-16 10:37:42 +00:00
user , noticeList , ok := SessionCheck ( w , r )
if ! ok {
return
}
2016-12-03 08:09:40 +00:00
if ! user . Loggedin {
2017-01-03 07:47:31 +00:00
LocalError ( "You need to login to edit your account." , w , r , user )
2016-12-03 08:09:40 +00:00
return
}
err := r . ParseForm ( )
if err != nil {
2017-02-05 16:36:54 +00:00
LocalError ( "Bad Form" , w , r , user )
2017-05-29 14:52:37 +00:00
return
2016-12-03 08:09:40 +00:00
}
2017-05-29 14:52:37 +00:00
2016-12-03 08:09:40 +00:00
new_username := html . EscapeString ( r . PostFormValue ( "account-new-username" ) )
_ , err = set_username_stmt . Exec ( new_username , strconv . Itoa ( user . ID ) )
if err != nil {
2016-12-09 13:46:29 +00:00
LocalError ( "Unable to change the username. Does someone else already have this name?" , w , r , user )
2016-12-03 08:09:40 +00:00
return
}
2017-05-29 14:52:37 +00:00
2016-12-03 08:09:40 +00:00
user . Name = new_username
2017-02-15 10:49:30 +00:00
err = users . Load ( user . ID )
if err != nil {
LocalError ( "Your account doesn't exist!" , w , r , user )
return
}
2017-05-29 14:52:37 +00:00
2017-01-17 07:55:46 +00:00
noticeList = append ( noticeList , "Your username was successfully updated" )
2017-02-05 16:36:54 +00:00
pi := Page { "Edit Username" , user , noticeList , tList , nil }
2016-12-03 08:09:40 +00:00
templates . ExecuteTemplate ( w , "account-own-edit-username.html" , pi )
}
2017-01-03 07:47:31 +00:00
func route_account_own_edit_email ( w http . ResponseWriter , r * http . Request ) {
user , noticeList , ok := SessionCheck ( w , r )
if ! ok {
return
}
if ! user . Loggedin {
LocalError ( "You need to login to edit your account." , w , r , user )
return
}
2017-05-29 14:52:37 +00:00
2017-01-03 07:47:31 +00:00
email := Email { UserID : user . ID }
var emailList [ ] interface { }
2017-06-07 10:07:40 +00:00
rows , err := get_emails_by_user_stmt . Query ( user . ID )
2017-01-03 07:47:31 +00:00
if err != nil {
log . Fatal ( err )
}
defer rows . Close ( )
2017-05-29 14:52:37 +00:00
2017-01-03 07:47:31 +00:00
for rows . Next ( ) {
2017-06-14 07:09:44 +00:00
err := rows . Scan ( & email . Email , & email . Validated , & email . Token )
2017-01-03 07:47:31 +00:00
if err != nil {
log . Fatal ( err )
}
2017-05-29 14:52:37 +00:00
2017-01-03 07:47:31 +00:00
if email . Email == user . Email {
email . Primary = true
}
emailList = append ( emailList , email )
}
err = rows . Err ( )
if err != nil {
log . Fatal ( err )
}
2017-05-29 14:52:37 +00:00
2017-06-07 10:07:40 +00:00
// Was this site migrated from another forum software? Most of them don't have multiple emails for a single user.
// This also applies when the admin switches enable_emails on after having it off for a while.
2017-01-03 07:47:31 +00:00
if len ( emailList ) == 0 {
email . Email = user . Email
email . Validated = false
email . Primary = true
emailList = append ( emailList , email )
}
2017-05-29 14:52:37 +00:00
2017-01-03 07:47:31 +00:00
if ! enable_emails {
2017-06-07 10:07:40 +00:00
noticeList = append ( noticeList , "The mail system is currently disabled." )
2017-01-03 07:47:31 +00:00
}
2017-02-15 10:49:30 +00:00
pi := Page { "Email Manager" , user , noticeList , emailList , nil }
2017-01-03 07:47:31 +00:00
templates . ExecuteTemplate ( w , "account-own-edit-email.html" , pi )
}
func route_account_own_edit_email_token_submit ( w http . ResponseWriter , r * http . Request ) {
user , noticeList , ok := SessionCheck ( w , r )
if ! ok {
return
}
if ! user . Loggedin {
LocalError ( "You need to login to edit your account." , w , r , user )
return
}
2017-03-18 07:23:02 +00:00
token := r . URL . Path [ len ( "/user/edit/token/" ) : ]
2017-05-29 14:52:37 +00:00
2017-01-03 07:47:31 +00:00
email := Email { UserID : user . ID }
targetEmail := Email { UserID : user . ID }
var emailList [ ] interface { }
2017-06-14 07:09:44 +00:00
rows , err := get_emails_by_user_stmt . Query ( user . ID )
2017-01-03 07:47:31 +00:00
if err != nil {
2017-03-18 07:23:02 +00:00
InternalError ( err , w , r )
return
2017-01-03 07:47:31 +00:00
}
defer rows . Close ( )
2017-05-29 14:52:37 +00:00
2017-01-03 07:47:31 +00:00
for rows . Next ( ) {
err := rows . Scan ( & email . Email , & email . Validated , & email . Token )
if err != nil {
2017-03-18 07:23:02 +00:00
InternalError ( err , w , r )
return
2017-01-03 07:47:31 +00:00
}
2017-05-29 14:52:37 +00:00
2017-01-03 07:47:31 +00:00
if email . Email == user . Email {
email . Primary = true
}
if email . Token == token {
targetEmail = email
}
emailList = append ( emailList , email )
}
err = rows . Err ( )
if err != nil {
2017-03-18 07:23:02 +00:00
InternalError ( err , w , r )
return
2017-01-03 07:47:31 +00:00
}
2017-05-29 14:52:37 +00:00
2017-01-03 07:47:31 +00:00
if len ( emailList ) == 0 {
LocalError ( "A verification email was never sent for you!" , w , r , user )
return
}
if targetEmail . Token == "" {
LocalError ( "That's not a valid token!" , w , r , user )
return
}
2017-05-29 14:52:37 +00:00
2017-01-03 07:47:31 +00:00
_ , err = verify_email_stmt . Exec ( user . Email )
if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2017-01-03 07:47:31 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-01-03 07:47:31 +00:00
// If Email Activation is on, then activate the account while we're here
if settings [ "activation_type" ] == 2 {
_ , err = activate_user_stmt . Exec ( user . ID )
if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2017-01-03 07:47:31 +00:00
return
}
}
2017-05-29 14:52:37 +00:00
2017-01-03 07:47:31 +00:00
if ! enable_emails {
2017-06-07 10:07:40 +00:00
noticeList = append ( noticeList , "The mail system is currently disabled." )
2017-01-03 07:47:31 +00:00
}
2017-01-17 07:55:46 +00:00
noticeList = append ( noticeList , "Your email was successfully verified" )
2017-02-15 10:49:30 +00:00
pi := Page { "Email Manager" , user , noticeList , emailList , nil }
2017-01-03 07:47:31 +00:00
templates . ExecuteTemplate ( w , "account-own-edit-email.html" , pi )
}
2016-12-02 07:38:54 +00:00
func route_logout ( w http . ResponseWriter , r * http . Request ) {
2016-12-16 10:37:42 +00:00
user , ok := SimpleSessionCheck ( w , r )
if ! ok {
return
}
2016-12-02 07:38:54 +00:00
if ! user . Loggedin {
2017-01-12 02:55:08 +00:00
LocalError ( "You can't logout without logging in first." , w , r , user )
2016-12-02 07:38:54 +00:00
return
}
2017-05-29 14:52:37 +00:00
2016-12-02 07:38:54 +00:00
_ , err := logout_stmt . Exec ( user . ID )
if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2016-12-02 07:38:54 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-02-15 10:49:30 +00:00
err = users . Load ( user . ID )
if err != nil {
LocalError ( "Your account doesn't exist!" , w , r , user )
return
}
2016-12-02 07:38:54 +00:00
http . Redirect ( w , r , "/" , http . StatusSeeOther )
}
2017-05-29 14:52:37 +00:00
2016-12-02 07:38:54 +00:00
func route_login ( w http . ResponseWriter , r * http . Request ) {
2016-12-16 10:37:42 +00:00
user , noticeList , ok := SessionCheck ( w , r )
if ! ok {
return
}
2016-12-02 07:38:54 +00:00
if user . Loggedin {
2017-01-12 02:55:08 +00:00
LocalError ( "You're already logged in." , w , r , user )
2016-12-02 07:38:54 +00:00
return
}
2017-02-05 16:36:54 +00:00
pi := Page { "Login" , user , noticeList , tList , nil }
2017-02-15 10:49:30 +00:00
templates . ExecuteTemplate ( w , "login.html" , pi )
2016-12-02 07:38:54 +00:00
}
func route_login_submit ( w http . ResponseWriter , r * http . Request ) {
2016-12-16 10:37:42 +00:00
user , ok := SimpleSessionCheck ( w , r )
if ! ok {
return
}
2016-12-02 07:38:54 +00:00
if user . Loggedin {
2017-01-12 02:55:08 +00:00
LocalError ( "You're already logged in." , w , r , user )
2016-12-02 07:38:54 +00:00
return
}
err := r . ParseForm ( )
2016-12-02 11:00:07 +00:00
if err != nil {
2017-02-05 16:36:54 +00:00
LocalError ( "Bad Form" , w , r , user )
2017-05-29 14:52:37 +00:00
return
2016-12-02 11:00:07 +00:00
}
2017-05-29 14:52:37 +00:00
2016-12-02 07:38:54 +00:00
var uid int
2017-06-05 11:57:27 +00:00
var real_password , salt , session string
2016-12-02 07:38:54 +00:00
username := html . EscapeString ( r . PostFormValue ( "username" ) )
password := r . PostFormValue ( "password" )
2017-05-29 14:52:37 +00:00
2016-12-02 07:38:54 +00:00
err = login_stmt . QueryRow ( username ) . Scan ( & uid , & username , & real_password , & salt )
if err == sql . ErrNoRows {
2017-01-12 02:55:08 +00:00
LocalError ( "That username doesn't exist." , w , r , user )
2016-12-02 07:38:54 +00:00
return
} else if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2016-12-02 07:38:54 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-06-12 09:03:14 +00:00
// Admin password reset mechanism...
2016-12-02 07:38:54 +00:00
if salt == "" {
if password != real_password {
2017-01-12 02:55:08 +00:00
LocalError ( "That's not the correct password." , w , r , user )
2016-12-02 07:38:54 +00:00
return
}
2017-05-29 14:52:37 +00:00
2016-12-02 07:38:54 +00:00
// Re-encrypt the password
2017-06-12 09:03:14 +00:00
SetPassword ( uid , real_password )
2017-05-29 14:52:37 +00:00
2017-06-12 09:03:14 +00:00
// Fe-fetch the user data...
err = login_stmt . QueryRow ( username ) . Scan ( & uid , & username , & real_password , & salt )
if err == sql . ErrNoRows {
LocalError ( "That username doesn't exist anymore." , w , r , user )
2016-12-02 07:38:54 +00:00
return
} else if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2016-12-02 07:38:54 +00:00
return
}
}
2017-05-29 14:52:37 +00:00
2017-06-12 09:03:14 +00:00
password = password + salt
if err != nil {
InternalError ( err , w , r )
return
}
err = bcrypt . CompareHashAndPassword ( [ ] byte ( real_password ) , [ ] byte ( password ) )
if err == bcrypt . ErrMismatchedHashAndPassword {
LocalError ( "That's not the correct password." , w , r , user )
return
} else if err != nil {
InternalError ( err , w , r )
return
}
2016-12-02 07:38:54 +00:00
session , err = GenerateSafeString ( sessionLength )
if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2016-12-02 07:38:54 +00:00
return
}
2017-05-29 14:52:37 +00:00
2016-12-02 09:29:45 +00:00
_ , err = update_session_stmt . Exec ( session , uid )
2016-12-02 07:38:54 +00:00
if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2016-12-02 07:38:54 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-06-07 10:07:40 +00:00
// Reload the user data
err = users . Load ( uid )
if err != nil {
LocalError ( "Your account no longer exists!" , w , r , user )
return
}
2017-06-05 11:57:27 +00:00
cookie := http . Cookie { Name : "uid" , Value : strconv . Itoa ( uid ) , Path : "/" , MaxAge : year }
2016-12-02 07:38:54 +00:00
http . SetCookie ( w , & cookie )
2017-06-05 11:57:27 +00:00
cookie = http . Cookie { Name : "session" , Value : session , Path : "/" , MaxAge : year }
2016-12-02 07:38:54 +00:00
http . SetCookie ( w , & cookie )
2017-06-05 11:57:27 +00:00
http . Redirect ( w , r , "/" , http . StatusSeeOther )
2016-12-02 07:38:54 +00:00
}
func route_register ( w http . ResponseWriter , r * http . Request ) {
2016-12-16 10:37:42 +00:00
user , noticeList , ok := SessionCheck ( w , r )
if ! ok {
return
}
2016-12-02 07:38:54 +00:00
if user . Loggedin {
2017-01-12 02:55:08 +00:00
LocalError ( "You're already logged in." , w , r , user )
2016-12-02 07:38:54 +00:00
return
}
2017-02-04 06:19:55 +00:00
templates . ExecuteTemplate ( w , "register.html" , Page { "Registration" , user , noticeList , tList , nil } )
2016-12-02 07:38:54 +00:00
}
func route_register_submit ( w http . ResponseWriter , r * http . Request ) {
2016-12-16 10:37:42 +00:00
user , ok := SimpleSessionCheck ( w , r )
if ! ok {
return
}
2016-12-02 07:38:54 +00:00
err := r . ParseForm ( )
2016-12-02 11:00:07 +00:00
if err != nil {
2017-02-04 06:19:55 +00:00
LocalError ( "Bad Form" , w , r , user )
2017-05-29 14:52:37 +00:00
return
2016-12-02 11:00:07 +00:00
}
2017-05-29 14:52:37 +00:00
2016-12-02 07:38:54 +00:00
username := html . EscapeString ( r . PostFormValue ( "username" ) )
2016-12-16 10:37:42 +00:00
if username == "" {
2017-02-04 06:19:55 +00:00
LocalError ( "You didn't put in a username." , w , r , user )
2017-05-29 14:52:37 +00:00
return
2016-12-16 10:37:42 +00:00
}
email := html . EscapeString ( r . PostFormValue ( "email" ) )
if email == "" {
2017-02-04 06:19:55 +00:00
LocalError ( "You didn't put in an email." , w , r , user )
2017-05-29 14:52:37 +00:00
return
2016-12-16 10:37:42 +00:00
}
2017-05-29 14:52:37 +00:00
2016-12-02 07:38:54 +00:00
password := r . PostFormValue ( "password" )
2016-12-16 10:37:42 +00:00
if password == "" {
2017-02-04 06:19:55 +00:00
LocalError ( "You didn't put in a password." , w , r , user )
2017-05-29 14:52:37 +00:00
return
2016-12-16 10:37:42 +00:00
}
if password == "test" || password == "123456" || password == "123" || password == "password" {
2017-02-04 06:19:55 +00:00
LocalError ( "Your password is too weak." , w , r , user )
2017-05-29 14:52:37 +00:00
return
2016-12-16 10:37:42 +00:00
}
2017-05-29 14:52:37 +00:00
2016-12-02 07:38:54 +00:00
confirm_password := r . PostFormValue ( "confirm_password" )
log . Print ( "Registration Attempt! Username: " + username )
2017-05-29 14:52:37 +00:00
2016-12-02 07:38:54 +00:00
// Do the two inputted passwords match..?
if password != confirm_password {
2017-01-12 02:55:08 +00:00
LocalError ( "The two passwords don't match." , w , r , user )
2016-12-02 07:38:54 +00:00
return
}
2017-05-29 14:52:37 +00:00
2016-12-02 07:38:54 +00:00
// Is this username already taken..?
err = username_exists_stmt . QueryRow ( username ) . Scan ( & username )
if err != nil && err != sql . ErrNoRows {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2016-12-02 07:38:54 +00:00
return
} else if err != sql . ErrNoRows {
2017-01-12 02:55:08 +00:00
LocalError ( "This username isn't available. Try another." , w , r , user )
2016-12-02 07:38:54 +00:00
return
}
2017-05-29 14:52:37 +00:00
2016-12-02 07:38:54 +00:00
salt , err := GenerateSafeString ( saltLength )
if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2016-12-02 07:38:54 +00:00
return
}
session , err := GenerateSafeString ( sessionLength )
if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2016-12-02 07:38:54 +00:00
return
}
2017-05-29 14:52:37 +00:00
2016-12-02 07:38:54 +00:00
password = password + salt
hashed_password , err := bcrypt . GenerateFromPassword ( [ ] byte ( password ) , bcrypt . DefaultCost )
if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2016-12-02 07:38:54 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-06-07 10:07:40 +00:00
var active , group int
2017-01-03 07:47:31 +00:00
switch settings [ "activation_type" ] {
case 1 : // Activate All
active = 1
group = default_group
default : // Anything else. E.g. Admin Activation or Email Activation.
group = activation_group
2016-12-21 02:30:32 +00:00
}
2017-05-29 14:52:37 +00:00
2016-12-21 02:30:32 +00:00
res , err := register_stmt . Exec ( username , email , string ( hashed_password ) , salt , group , session , active )
2016-12-02 07:38:54 +00:00
if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2016-12-02 07:38:54 +00:00
return
}
lastId , err := res . LastInsertId ( )
if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2016-12-02 07:38:54 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-01-03 07:47:31 +00:00
// Check if this user actually owns this email, if email activation is on, automatically flip their account to active when the email is validated. Validation is also useful for determining whether this user should receive any alerts, etc. via email
if enable_emails {
token , err := GenerateSafeString ( 80 )
if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2017-01-03 07:47:31 +00:00
return
}
_ , err = add_email_stmt . Exec ( email , lastId , 0 , token )
if err != nil {
2017-02-05 16:36:54 +00:00
InternalError ( err , w , r )
2017-01-03 07:47:31 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-01-03 07:47:31 +00:00
if ! SendValidationEmail ( username , email , token ) {
LocalError ( "We were unable to send the email for you to confirm that this email address belongs to you. You may not have access to some functionality until you do so. Please ask an administrator for assistance." , w , r , user )
return
}
}
2017-05-29 14:52:37 +00:00
2016-12-02 09:29:45 +00:00
cookie := http . Cookie { Name : "uid" , Value : strconv . FormatInt ( lastId , 10 ) , Path : "/" , MaxAge : year }
2016-12-02 07:38:54 +00:00
http . SetCookie ( w , & cookie )
2016-12-02 09:29:45 +00:00
cookie = http . Cookie { Name : "session" , Value : session , Path : "/" , MaxAge : year }
2016-12-02 07:38:54 +00:00
http . SetCookie ( w , & cookie )
http . Redirect ( w , r , "/" , http . StatusSeeOther )
}
2017-02-28 09:27:28 +00:00
2017-03-01 11:36:50 +00:00
var phrase_login_alerts [ ] byte = [ ] byte ( ` { "msgs":[ { "msg":"Login to see your alerts","path":"/accounts/login"}]} ` )
2017-02-28 09:27:28 +00:00
func route_api ( w http . ResponseWriter , r * http . Request ) {
err := r . ParseForm ( )
2017-03-01 11:36:50 +00:00
format := r . FormValue ( "format" )
var is_js string
if format == "json" {
is_js = "1"
} else { // html
2017-02-28 09:27:28 +00:00
is_js = "0"
}
if err != nil {
PreErrorJSQ ( "Bad Form" , w , r , is_js )
return
}
2017-05-29 14:52:37 +00:00
2017-02-28 09:27:28 +00:00
user , ok := SimpleSessionCheck ( w , r )
if ! ok {
return
}
2017-05-29 14:52:37 +00:00
2017-02-28 09:27:28 +00:00
action := r . FormValue ( "action" )
if action != "get" && action != "set" {
PreErrorJSQ ( "Invalid Action" , w , r , is_js )
return
}
2017-05-29 14:52:37 +00:00
2017-02-28 09:27:28 +00:00
module := r . FormValue ( "module" )
switch ( module ) {
case "alerts" : // A feed of events tailored for a specific user
2017-03-01 11:36:50 +00:00
if format != "json" {
PreError ( "You can only fetch alerts in the JSON format!" , w , r )
return
}
2017-05-29 14:52:37 +00:00
2017-02-28 09:27:28 +00:00
w . Header ( ) . Set ( "Content-Type" , "application/json" )
if ! user . Loggedin {
2017-03-01 11:36:50 +00:00
w . Write ( phrase_login_alerts )
2017-02-28 09:27:28 +00:00
return
}
2017-05-29 14:52:37 +00:00
2017-06-10 07:58:15 +00:00
var msglist , event , elementType string
var asid , actor_id , targetUser_id , elementID int
var msgCount int
err = get_activity_count_by_watcher_stmt . QueryRow ( user . ID ) . Scan ( & msgCount )
if err == sql . ErrNoRows {
PreError ( "Couldn't find the parent topic" , w , r )
return
} else if err != nil {
InternalError ( err , w , r )
return
}
2017-05-29 14:52:37 +00:00
2017-02-28 09:27:28 +00:00
rows , err := get_activity_feed_by_watcher_stmt . Query ( user . ID )
if err != nil {
InternalErrorJS ( err , w , r )
return
}
2017-05-29 14:52:37 +00:00
2017-02-28 09:27:28 +00:00
for rows . Next ( ) {
err = rows . Scan ( & asid , & actor_id , & targetUser_id , & event , & elementType , & elementID )
if err != nil {
InternalErrorJS ( err , w , r )
return
}
2017-06-10 07:58:15 +00:00
res , err := build_alert ( event , elementType , actor_id , targetUser_id , elementID , user )
2017-02-28 09:27:28 +00:00
if err != nil {
2017-06-10 07:58:15 +00:00
LocalErrorJS ( err . Error ( ) , w , r )
2017-02-28 09:27:28 +00:00
return
}
2017-06-10 07:58:15 +00:00
msglist += res + ","
2017-02-28 09:27:28 +00:00
}
2017-05-29 14:52:37 +00:00
2017-02-28 09:27:28 +00:00
err = rows . Err ( )
if err != nil {
InternalErrorJS ( err , w , r )
return
}
rows . Close ( )
2017-05-29 14:52:37 +00:00
2017-02-28 09:27:28 +00:00
if len ( msglist ) != 0 {
msglist = msglist [ 0 : len ( msglist ) - 1 ]
}
2017-06-10 07:58:15 +00:00
w . Write ( [ ] byte ( ` { "msgs":[ ` + msglist + ` ],"msgCount": ` + strconv . Itoa ( msgCount ) + ` } ` ) )
//fmt.Println(`{"msgs":[` + msglist + `],"msgCount":` + strconv.Itoa(msgCount) + `}`)
2017-02-28 09:27:28 +00:00
//case "topics":
//case "forums":
//case "users":
//case "pages":
2017-03-01 11:36:50 +00:00
// This might not be possible. We might need .xml paths for sitemaps
/ * case "sitemap" :
if format != "xml" {
PreError ( "You can only fetch sitemaps in the XML format!" , w , r )
return
} * /
2017-02-28 09:27:28 +00:00
default :
PreErrorJSQ ( "Invalid Module" , w , r , is_js )
}
}