diff --git a/common/errors.go b/common/errors.go index 95b96bd9..8a49f561 100644 --- a/common/errors.go +++ b/common/errors.go @@ -31,15 +31,19 @@ var tList []interface{} type RouteError interface { Type() string Error() string + Cause() string JSON() bool Handled() bool + + Wrap(string) } type RouteErrorImpl struct { - text string - system bool - json bool - handled bool + userText string + sysText string + system bool + json bool + handled bool } func (err *RouteErrorImpl) Type() string { @@ -51,7 +55,14 @@ func (err *RouteErrorImpl) Type() string { } func (err *RouteErrorImpl) Error() string { - return err.text + return err.userText +} + +func (err *RouteErrorImpl) Cause() string { + if err.sysText == "" { + return err.Error() + } + return err.sysText } // Respond with JSON? @@ -64,8 +75,30 @@ func (err *RouteErrorImpl) Handled() bool { return err.handled } +// Move the current error into the system error slot and add a new one to the user error slot to show the user +func (err *RouteErrorImpl) Wrap(userErr string) { + err.sysText = err.userText + err.userText = userErr +} + func HandledRouteError() RouteError { - return &RouteErrorImpl{"", false, false, true} + return &RouteErrorImpl{"", "", false, false, true} +} + +func Error(errmsg string) RouteError { + return &RouteErrorImpl{errmsg, "", false, false, false} +} + +func FromError(err error) RouteError { + return &RouteErrorImpl{err.Error(), "", false, false, false} +} + +func ErrorJSQ(errmsg string, isJs bool) RouteError { + return &RouteErrorImpl{errmsg, "", false, isJs, false} +} + +func SysError(errmsg string) RouteError { + return &RouteErrorImpl{errmsg, errmsg, true, false, false} } // LogError logs internal handler errors which can't be handled with InternalError() as a wrapper for log.Fatal(), we might do more with it in the future. diff --git a/common/settings.go b/common/settings.go index d7452724..d4e8eb9b 100644 --- a/common/settings.go +++ b/common/settings.go @@ -78,18 +78,6 @@ func LoadSettings() error { return nil } -// nolint -var ErrNotInteger = errors.New("You were supposed to enter an integer x.x") -var ErrSettingNotInteger = errors.New("Only integers are allowed in this setting x.x") -var ErrBadConstraintNotInteger = errors.New("Invalid contraint! The constraint field wasn't an integer!") -var ErrBadSettingRange = errors.New("Only integers between a certain range are allowed in this setting") - -// To avoid leaking internal state to the user -// TODO: We need to add some sort of DualError interface -func SafeSettingError(err error) bool { - return err == ErrNotInteger || err == ErrSettingNotInteger || err == ErrBadConstraintNotInteger || err == ErrBadSettingRange || err == ErrNoRows -} - // TODO: Add better support for HTML attributes (html-attribute). E.g. Meta descriptions. func (sBox SettingMap) ParseSetting(sname string, scontent string, stype string, constraint string) (err error) { var ssBox = map[string]interface{}(sBox) @@ -99,12 +87,12 @@ func (sBox SettingMap) ParseSetting(sname string, scontent string, stype string, case "int": ssBox[sname], err = strconv.Atoi(scontent) if err != nil { - return ErrNotInteger + return errors.New("You were supposed to enter an integer x.x") } case "int64": ssBox[sname], err = strconv.ParseInt(scontent, 10, 64) if err != nil { - return ErrNotInteger + return errors.New("You were supposed to enter an integer x.x") } case "list": cons := strings.Split(constraint, "-") @@ -115,16 +103,16 @@ func (sBox SettingMap) ParseSetting(sname string, scontent string, stype string, con1, err := strconv.Atoi(cons[0]) con2, err2 := strconv.Atoi(cons[1]) if err != nil || err2 != nil { - return ErrBadConstraintNotInteger + return errors.New("Invalid contraint! The constraint field wasn't an integer!") } value, err := strconv.Atoi(scontent) if err != nil { - return ErrSettingNotInteger + return errors.New("Only integers are allowed in this setting x.x") } if value < con1 || value > con2 { - return ErrBadSettingRange + return errors.New("Only integers between a certain range are allowed in this setting") } ssBox[sname] = value default: @@ -157,10 +145,12 @@ func (sBox SettingMap) BypassGetAll() (settingList []*Setting, err error) { return settingList, rows.Err() } -func (sBox SettingMap) Update(name string, content string) error { +func (sBox SettingMap) Update(name string, content string) RouteError { setting, err := sBox.BypassGet(name) if err == ErrNoRows { - return err + return FromError(err) + } else if err != nil { + return SysError(err.Error()) } // TODO: Why is this here and not in a common function? @@ -172,17 +162,20 @@ func (sBox SettingMap) Update(name string, content string) error { } } + err = sBox.ParseSetting(name, content, setting.Type, setting.Constraint) + if err != nil { + return FromError(err) + } + // TODO: Make this a method or function? _, err = settingStmts.update.Exec(content, name) if err != nil { - return err + return SysError(err.Error()) } - err = sBox.ParseSetting(name, content, setting.Type, setting.Constraint) + err = LoadSettings() if err != nil { - return err + return SysError(err.Error()) } - // TODO: Do a reload instead? - SettingBox.Store(sBox) return nil } diff --git a/gen_router.go b/gen_router.go index 361cb05d..bbaa0727 100644 --- a/gen_router.go +++ b/gen_router.go @@ -585,39 +585,39 @@ func NewGenRouter(uploads http.Handler) (*GenRouter, error) { }, nil } -func (router *GenRouter) handleError(err common.RouteError, w http.ResponseWriter, r *http.Request, user common.User) { +func (r *GenRouter) handleError(err common.RouteError, w http.ResponseWriter, req *http.Request, user common.User) { if err.Handled() { return } if err.Type() == "system" { - common.InternalErrorJSQ(err, w, r, err.JSON()) + common.InternalErrorJSQ(err, w, req, err.JSON()) return } - common.LocalErrorJSQ(err.Error(), w, r, user,err.JSON()) + common.LocalErrorJSQ(err.Error(), w, req, user, err.JSON()) } -func (router *GenRouter) Handle(_ string, _ http.Handler) { +func (r *GenRouter) Handle(_ string, _ http.Handler) { } -func (router *GenRouter) HandleFunc(pattern string, handle func(http.ResponseWriter, *http.Request, common.User) common.RouteError) { - router.Lock() - defer router.Unlock() - router.extraRoutes[pattern] = handle +func (r *GenRouter) HandleFunc(pattern string, handle func(http.ResponseWriter, *http.Request, common.User) common.RouteError) { + r.Lock() + defer r.Unlock() + r.extraRoutes[pattern] = handle } -func (router *GenRouter) RemoveFunc(pattern string) error { - router.Lock() - defer router.Unlock() - _, ok := router.extraRoutes[pattern] +func (r *GenRouter) RemoveFunc(pattern string) error { + r.Lock() + defer r.Unlock() + _, ok := r.extraRoutes[pattern] if !ok { return ErrNoRoute } - delete(router.extraRoutes, pattern) + delete(r.extraRoutes, pattern) return nil } -func (router *GenRouter) DumpRequest(req *http.Request, prepend string) { +func (r *GenRouter) DumpRequest(req *http.Request, prepend string) { var heads string for key, value := range req.Header { for _, vvalue := range value { @@ -625,7 +625,7 @@ func (router *GenRouter) DumpRequest(req *http.Request, prepend string) { } } - router.requestLogger.Print(prepend + + r.requestLogger.Print(prepend + "\nUA: " + common.SanitiseSingleLine(req.UserAgent()) + "\n" + "Method: " + common.SanitiseSingleLine(req.Method) + "\n" + heads + "req.Host: " + common.SanitiseSingleLine(req.Host) + "\n" + @@ -635,18 +635,18 @@ func (router *GenRouter) DumpRequest(req *http.Request, prepend string) { "req.RemoteAddr: " + req.RemoteAddr + "\n") } -func (router *GenRouter) SuspiciousRequest(req *http.Request, prepend string) { +func (r *GenRouter) SuspiciousRequest(req *http.Request, prepend string) { if prepend != "" { prepend += "\n" } - router.DumpRequest(req,prepend+"Suspicious Request") + r.DumpRequest(req,prepend+"Suspicious Request") counters.AgentViewCounter.Bump(27) } // TODO: Pass the default path or config struct to the router rather than accessing it via a package global // TODO: SetDefaultPath // TODO: GetDefaultPath -func (router *GenRouter) ServeHTTP(w http.ResponseWriter, req *http.Request) { +func (r *GenRouter) ServeHTTP(w http.ResponseWriter, req *http.Request) { // Redirect www. requests to the right place if req.Host == "www." + common.Site.Host { w.Header().Set("Connection", "close") @@ -666,7 +666,7 @@ func (router *GenRouter) ServeHTTP(w http.ResponseWriter, req *http.Request) { if len(req.URL.Path) == 0 || req.URL.Path[0] != '/' || req.Host != common.Site.Host { w.WriteHeader(200) // 400 w.Write([]byte("")) - router.DumpRequest(req,"Malformed Request") + r.DumpRequest(req,"Malformed Request") counters.AgentViewCounter.Bump(26) return } @@ -674,14 +674,14 @@ func (router *GenRouter) ServeHTTP(w http.ResponseWriter, req *http.Request) { // TODO: Cover more suspicious strings and at a lower layer than this for _, char := range req.URL.Path { if char != '&' && !(char > 44 && char < 58) && char != '=' && char != '?' && !(char > 64 && char < 91) && char != '\\' && char != '_' && !(char > 96 && char < 123) { - router.SuspiciousRequest(req,"Bad char in path") + r.SuspiciousRequest(req,"Bad char in path") break } } lowerPath := strings.ToLower(req.URL.Path) // TODO: Flag any requests which has a dot with anything but a number after that if strings.Contains(req.URL.Path,"..") || strings.Contains(req.URL.Path,"--") || strings.Contains(lowerPath,".php") || strings.Contains(lowerPath,".asp") || strings.Contains(lowerPath,".cgi") || strings.Contains(lowerPath,".py") || strings.Contains(lowerPath,".sql") || strings.Contains(lowerPath,".action") { - router.SuspiciousRequest(req,"Bad snippet in path") + r.SuspiciousRequest(req,"Bad snippet in path") } // Indirect the default route onto a different one @@ -705,7 +705,7 @@ func (router *GenRouter) ServeHTTP(w http.ResponseWriter, req *http.Request) { } if common.Dev.SuperDebug { - router.DumpRequest(req,"before routes.StaticFile") + r.DumpRequest(req,"before routes.StaticFile") } // Increment the request counter counters.GlobalViewCounter.Bump() @@ -721,7 +721,7 @@ func (router *GenRouter) ServeHTTP(w http.ResponseWriter, req *http.Request) { return } if common.Dev.SuperDebug { - router.requestLogger.Print("before PreRoute") + r.requestLogger.Print("before PreRoute") } // Track the user agents. Unfortunately, everyone pretends to be Mozilla, so this'll be a little less efficient than I would like. @@ -735,7 +735,7 @@ func (router *GenRouter) ServeHTTP(w http.ResponseWriter, req *http.Request) { for _, char := range req.UserAgent() { prepend += strconv.Itoa(int(char)) + " " } - router.DumpRequest(req,"Blank UA: " + prepend) + r.DumpRequest(req,"Blank UA: " + prepend) } } else { var runeEquals = func(a []rune, b []rune) bool { @@ -767,9 +767,9 @@ func (router *GenRouter) ServeHTTP(w http.ResponseWriter, req *http.Request) { // TODO: Test this items = items[:0] indices = indices[:0] - router.SuspiciousRequest(req,"Illegal char in UA") - router.requestLogger.Print("UA Buffer: ", buffer) - router.requestLogger.Print("UA Buffer String: ", string(buffer)) + r.SuspiciousRequest(req,"Illegal char in UA") + r.requestLogger.Print("UA Buffer: ", buffer) + r.requestLogger.Print("UA Buffer String: ", string(buffer)) break } } @@ -786,7 +786,7 @@ func (router *GenRouter) ServeHTTP(w http.ResponseWriter, req *http.Request) { } } if common.Dev.SuperDebug { - router.requestLogger.Print("parsed agent: ", agent) + r.requestLogger.Print("parsed agent: ", agent) } var os string @@ -808,8 +808,8 @@ func (router *GenRouter) ServeHTTP(w http.ResponseWriter, req *http.Request) { os = "unknown" } if common.Dev.SuperDebug { - router.requestLogger.Print("os: ", os) - router.requestLogger.Printf("items: %+v\n",items) + r.requestLogger.Print("os: ", os) + r.requestLogger.Printf("items: %+v\n",items) } // Special handling @@ -828,7 +828,7 @@ func (router *GenRouter) ServeHTTP(w http.ResponseWriter, req *http.Request) { agent = "internetexplorer" } case "zgrab": - router.SuspiciousRequest(req,"Vulnerability Scanner") + r.SuspiciousRequest(req,"Vulnerability Scanner") } if agent == "" { @@ -838,7 +838,7 @@ func (router *GenRouter) ServeHTTP(w http.ResponseWriter, req *http.Request) { for _, char := range req.UserAgent() { prepend += strconv.Itoa(int(char)) + " " } - router.DumpRequest(req,"Blank UA: " + prepend) + r.DumpRequest(req,"Blank UA: " + prepend) } } else { counters.AgentViewCounter.Bump(agentMapEnum[agent]) @@ -874,7 +874,7 @@ func (router *GenRouter) ServeHTTP(w http.ResponseWriter, req *http.Request) { return } if common.Dev.SuperDebug { - router.requestLogger.Print( + r.requestLogger.Print( "after PreRoute\n" + "routeMapEnum: ", routeMapEnum) } @@ -892,14 +892,14 @@ func (router *GenRouter) ServeHTTP(w http.ResponseWriter, req *http.Request) { w = gzipResponseWriter{Writer: gz, ResponseWriter: w} } - ferr := router.routeSwitch(w, req, user, prefix, extraData) + ferr := r.routeSwitch(w, req, user, prefix, extraData) if ferr != nil { - router.handleError(ferr,w,req,user) + r.handleError(ferr,w,req,user) } //common.StoppedServer("Profile end") } -func (router *GenRouter) routeSwitch(w http.ResponseWriter, req *http.Request, user common.User, prefix string, extraData string) common.RouteError { +func (r *GenRouter) routeSwitch(w http.ResponseWriter, req *http.Request, user common.User, prefix string, extraData string) common.RouteError { var err common.RouteError switch(prefix) { case "/overview": @@ -1991,7 +1991,7 @@ func (router *GenRouter) routeSwitch(w http.ResponseWriter, req *http.Request, u counters.RouteViewCounter.Bump(123) req.URL.Path += extraData // TODO: Find a way to propagate errors up from this? - router.UploadHandler(w,req) // TODO: Count these views + r.UploadHandler(w,req) // TODO: Count these views return nil case "": // Stop the favicons, robots.txt file, etc. resolving to the topics list @@ -2006,10 +2006,10 @@ func (router *GenRouter) routeSwitch(w http.ResponseWriter, req *http.Request, u } return common.NotFound(w,req,nil) default: - // A fallback for the routes which haven't been converted to the new router yet or plugins - router.RLock() - handle, ok := router.extraRoutes[req.URL.Path] - router.RUnlock() + // A fallback for dynamic routes, e.g. ones declared by plugins + r.RLock() + handle, ok := r.extraRoutes[req.URL.Path] + r.RUnlock() if ok { counters.RouteViewCounter.Bump(122) // TODO: Be more specific about *which* dynamic route it is @@ -2019,9 +2019,9 @@ func (router *GenRouter) routeSwitch(w http.ResponseWriter, req *http.Request, u lowerPath := strings.ToLower(req.URL.Path) if strings.Contains(lowerPath,"admin") || strings.Contains(lowerPath,"sql") || strings.Contains(lowerPath,"manage") || strings.Contains(lowerPath,"//") || strings.Contains(lowerPath,"\\\\") || strings.Contains(lowerPath,"wp") || strings.Contains(lowerPath,"wordpress") || strings.Contains(lowerPath,"config") || strings.Contains(lowerPath,"setup") || strings.Contains(lowerPath,"install") || strings.Contains(lowerPath,"update") || strings.Contains(lowerPath,"php") { - router.SuspiciousRequest(req,"Bad Route") + r.SuspiciousRequest(req,"Bad Route") } else { - router.DumpRequest(req,"Bad Route") + r.DumpRequest(req,"Bad Route") } counters.RouteViewCounter.Bump(127) return common.NotFound(w,req,nil) diff --git a/router_gen/main.go b/router_gen/main.go index 15cc10fd..74a63d3d 100644 --- a/router_gen/main.go +++ b/router_gen/main.go @@ -367,39 +367,39 @@ func NewGenRouter(uploads http.Handler) (*GenRouter, error) { }, nil } -func (router *GenRouter) handleError(err common.RouteError, w http.ResponseWriter, r *http.Request, user common.User) { +func (r *GenRouter) handleError(err common.RouteError, w http.ResponseWriter, req *http.Request, user common.User) { if err.Handled() { return } if err.Type() == "system" { - common.InternalErrorJSQ(err, w, r, err.JSON()) + common.InternalErrorJSQ(err, w, req, err.JSON()) return } - common.LocalErrorJSQ(err.Error(), w, r, user,err.JSON()) + common.LocalErrorJSQ(err.Error(), w, req, user, err.JSON()) } -func (router *GenRouter) Handle(_ string, _ http.Handler) { +func (r *GenRouter) Handle(_ string, _ http.Handler) { } -func (router *GenRouter) HandleFunc(pattern string, handle func(http.ResponseWriter, *http.Request, common.User) common.RouteError) { - router.Lock() - defer router.Unlock() - router.extraRoutes[pattern] = handle +func (r *GenRouter) HandleFunc(pattern string, handle func(http.ResponseWriter, *http.Request, common.User) common.RouteError) { + r.Lock() + defer r.Unlock() + r.extraRoutes[pattern] = handle } -func (router *GenRouter) RemoveFunc(pattern string) error { - router.Lock() - defer router.Unlock() - _, ok := router.extraRoutes[pattern] +func (r *GenRouter) RemoveFunc(pattern string) error { + r.Lock() + defer r.Unlock() + _, ok := r.extraRoutes[pattern] if !ok { return ErrNoRoute } - delete(router.extraRoutes, pattern) + delete(r.extraRoutes, pattern) return nil } -func (router *GenRouter) DumpRequest(req *http.Request, prepend string) { +func (r *GenRouter) DumpRequest(req *http.Request, prepend string) { var heads string for key, value := range req.Header { for _, vvalue := range value { @@ -407,7 +407,7 @@ func (router *GenRouter) DumpRequest(req *http.Request, prepend string) { } } - router.requestLogger.Print(prepend + + r.requestLogger.Print(prepend + "\nUA: " + common.SanitiseSingleLine(req.UserAgent()) + "\n" + "Method: " + common.SanitiseSingleLine(req.Method) + "\n" + heads + "req.Host: " + common.SanitiseSingleLine(req.Host) + "\n" + @@ -417,18 +417,18 @@ func (router *GenRouter) DumpRequest(req *http.Request, prepend string) { "req.RemoteAddr: " + req.RemoteAddr + "\n") } -func (router *GenRouter) SuspiciousRequest(req *http.Request, prepend string) { +func (r *GenRouter) SuspiciousRequest(req *http.Request, prepend string) { if prepend != "" { prepend += "\n" } - router.DumpRequest(req,prepend+"Suspicious Request") + r.DumpRequest(req,prepend+"Suspicious Request") counters.AgentViewCounter.Bump({{.AllAgentMap.suspicious}}) } // TODO: Pass the default path or config struct to the router rather than accessing it via a package global // TODO: SetDefaultPath // TODO: GetDefaultPath -func (router *GenRouter) ServeHTTP(w http.ResponseWriter, req *http.Request) { +func (r *GenRouter) ServeHTTP(w http.ResponseWriter, req *http.Request) { // Redirect www. requests to the right place if req.Host == "www." + common.Site.Host { w.Header().Set("Connection", "close") @@ -448,7 +448,7 @@ func (router *GenRouter) ServeHTTP(w http.ResponseWriter, req *http.Request) { if len(req.URL.Path) == 0 || req.URL.Path[0] != '/' || req.Host != common.Site.Host { w.WriteHeader(200) // 400 w.Write([]byte("")) - router.DumpRequest(req,"Malformed Request") + r.DumpRequest(req,"Malformed Request") counters.AgentViewCounter.Bump({{.AllAgentMap.malformed}}) return } @@ -456,14 +456,14 @@ func (router *GenRouter) ServeHTTP(w http.ResponseWriter, req *http.Request) { // TODO: Cover more suspicious strings and at a lower layer than this for _, char := range req.URL.Path { if char != '&' && !(char > 44 && char < 58) && char != '=' && char != '?' && !(char > 64 && char < 91) && char != '\\' && char != '_' && !(char > 96 && char < 123) { - router.SuspiciousRequest(req,"Bad char in path") + r.SuspiciousRequest(req,"Bad char in path") break } } lowerPath := strings.ToLower(req.URL.Path) // TODO: Flag any requests which has a dot with anything but a number after that if strings.Contains(req.URL.Path,"..") || strings.Contains(req.URL.Path,"--") || strings.Contains(lowerPath,".php") || strings.Contains(lowerPath,".asp") || strings.Contains(lowerPath,".cgi") || strings.Contains(lowerPath,".py") || strings.Contains(lowerPath,".sql") || strings.Contains(lowerPath,".action") { - router.SuspiciousRequest(req,"Bad snippet in path") + r.SuspiciousRequest(req,"Bad snippet in path") } // Indirect the default route onto a different one @@ -487,7 +487,7 @@ func (router *GenRouter) ServeHTTP(w http.ResponseWriter, req *http.Request) { } if common.Dev.SuperDebug { - router.DumpRequest(req,"before routes.StaticFile") + r.DumpRequest(req,"before routes.StaticFile") } // Increment the request counter counters.GlobalViewCounter.Bump() @@ -503,7 +503,7 @@ func (router *GenRouter) ServeHTTP(w http.ResponseWriter, req *http.Request) { return } if common.Dev.SuperDebug { - router.requestLogger.Print("before PreRoute") + r.requestLogger.Print("before PreRoute") } // Track the user agents. Unfortunately, everyone pretends to be Mozilla, so this'll be a little less efficient than I would like. @@ -517,7 +517,7 @@ func (router *GenRouter) ServeHTTP(w http.ResponseWriter, req *http.Request) { for _, char := range req.UserAgent() { prepend += strconv.Itoa(int(char)) + " " } - router.DumpRequest(req,"Blank UA: " + prepend) + r.DumpRequest(req,"Blank UA: " + prepend) } } else { var runeEquals = func(a []rune, b []rune) bool { @@ -549,9 +549,9 @@ func (router *GenRouter) ServeHTTP(w http.ResponseWriter, req *http.Request) { // TODO: Test this items = items[:0] indices = indices[:0] - router.SuspiciousRequest(req,"Illegal char in UA") - router.requestLogger.Print("UA Buffer: ", buffer) - router.requestLogger.Print("UA Buffer String: ", string(buffer)) + r.SuspiciousRequest(req,"Illegal char in UA") + r.requestLogger.Print("UA Buffer: ", buffer) + r.requestLogger.Print("UA Buffer String: ", string(buffer)) break } } @@ -568,7 +568,7 @@ func (router *GenRouter) ServeHTTP(w http.ResponseWriter, req *http.Request) { } } if common.Dev.SuperDebug { - router.requestLogger.Print("parsed agent: ", agent) + r.requestLogger.Print("parsed agent: ", agent) } var os string @@ -590,8 +590,8 @@ func (router *GenRouter) ServeHTTP(w http.ResponseWriter, req *http.Request) { os = "unknown" } if common.Dev.SuperDebug { - router.requestLogger.Print("os: ", os) - router.requestLogger.Printf("items: %+v\n",items) + r.requestLogger.Print("os: ", os) + r.requestLogger.Printf("items: %+v\n",items) } // Special handling @@ -610,7 +610,7 @@ func (router *GenRouter) ServeHTTP(w http.ResponseWriter, req *http.Request) { agent = "internetexplorer" } case "zgrab": - router.SuspiciousRequest(req,"Vulnerability Scanner") + r.SuspiciousRequest(req,"Vulnerability Scanner") } if agent == "" { @@ -620,7 +620,7 @@ func (router *GenRouter) ServeHTTP(w http.ResponseWriter, req *http.Request) { for _, char := range req.UserAgent() { prepend += strconv.Itoa(int(char)) + " " } - router.DumpRequest(req,"Blank UA: " + prepend) + r.DumpRequest(req,"Blank UA: " + prepend) } } else { counters.AgentViewCounter.Bump(agentMapEnum[agent]) @@ -656,7 +656,7 @@ func (router *GenRouter) ServeHTTP(w http.ResponseWriter, req *http.Request) { return } if common.Dev.SuperDebug { - router.requestLogger.Print( + r.requestLogger.Print( "after PreRoute\n" + "routeMapEnum: ", routeMapEnum) } @@ -674,14 +674,14 @@ func (router *GenRouter) ServeHTTP(w http.ResponseWriter, req *http.Request) { w = gzipResponseWriter{Writer: gz, ResponseWriter: w} } - ferr := router.routeSwitch(w, req, user, prefix, extraData) + ferr := r.routeSwitch(w, req, user, prefix, extraData) if ferr != nil { - router.handleError(ferr,w,req,user) + r.handleError(ferr,w,req,user) } //common.StoppedServer("Profile end") } -func (router *GenRouter) routeSwitch(w http.ResponseWriter, req *http.Request, user common.User, prefix string, extraData string) common.RouteError { +func (r *GenRouter) routeSwitch(w http.ResponseWriter, req *http.Request, user common.User, prefix string, extraData string) common.RouteError { var err common.RouteError switch(prefix) {` + out + ` /*case "/sitemaps": // TODO: Count these views @@ -700,7 +700,7 @@ func (router *GenRouter) routeSwitch(w http.ResponseWriter, req *http.Request, u counters.RouteViewCounter.Bump({{index .AllRouteMap "routes.UploadedFile" }}) req.URL.Path += extraData // TODO: Find a way to propagate errors up from this? - router.UploadHandler(w,req) // TODO: Count these views + r.UploadHandler(w,req) // TODO: Count these views return nil case "": // Stop the favicons, robots.txt file, etc. resolving to the topics list @@ -715,10 +715,10 @@ func (router *GenRouter) routeSwitch(w http.ResponseWriter, req *http.Request, u } return common.NotFound(w,req,nil) default: - // A fallback for the routes which haven't been converted to the new router yet or plugins - router.RLock() - handle, ok := router.extraRoutes[req.URL.Path] - router.RUnlock() + // A fallback for dynamic routes, e.g. ones declared by plugins + r.RLock() + handle, ok := r.extraRoutes[req.URL.Path] + r.RUnlock() if ok { counters.RouteViewCounter.Bump({{index .AllRouteMap "routes.DynamicRoute" }}) // TODO: Be more specific about *which* dynamic route it is @@ -728,9 +728,9 @@ func (router *GenRouter) routeSwitch(w http.ResponseWriter, req *http.Request, u lowerPath := strings.ToLower(req.URL.Path) if strings.Contains(lowerPath,"admin") || strings.Contains(lowerPath,"sql") || strings.Contains(lowerPath,"manage") || strings.Contains(lowerPath,"//") || strings.Contains(lowerPath,"\\\\") || strings.Contains(lowerPath,"wp") || strings.Contains(lowerPath,"wordpress") || strings.Contains(lowerPath,"config") || strings.Contains(lowerPath,"setup") || strings.Contains(lowerPath,"install") || strings.Contains(lowerPath,"update") || strings.Contains(lowerPath,"php") { - router.SuspiciousRequest(req,"Bad Route") + r.SuspiciousRequest(req,"Bad Route") } else { - router.DumpRequest(req,"Bad Route") + r.DumpRequest(req,"Bad Route") } counters.RouteViewCounter.Bump({{index .AllRouteMap "routes.BadRoute" }}) return common.NotFound(w,req,nil) diff --git a/routes/panel/settings.go b/routes/panel/settings.go index 7cfa1d40..97afcee4 100644 --- a/routes/panel/settings.go +++ b/routes/panel/settings.go @@ -102,12 +102,9 @@ func SettingEditSubmit(w http.ResponseWriter, r *http.Request, user common.User, } scontent := common.SanitiseBody(r.PostFormValue("setting-value")) - err := headerLite.Settings.Update(sname, scontent) - if err != nil { - if common.SafeSettingError(err) { - return common.LocalError(err.Error(), w, r, user) - } - return common.InternalError(err, w, r) + rerr := headerLite.Settings.Update(sname, scontent) + if rerr != nil { + return rerr } http.Redirect(w, r, "/panel/settings/", http.StatusSeeOther)