Added the ability for admins to create forums :)

Banned users can no longer create replies or topics o.o
Fixed a bug where forums with no content threw an error.
Added report buttons. They don't do anything yet.
Is_Admin checks take into account whether the user's group has Is_Admin now.
This commit is contained in:
Azareal 2016-12-04 10:44:28 +00:00
parent 1f6e585296
commit dc77c43996
10 changed files with 175 additions and 7 deletions

View File

@ -61,6 +61,14 @@ CREATE TABLE `replies`(
primary key(`rid`) primary key(`rid`)
); );
CREATE TABLE `replies_reports` (
`rid` int not null AUTO_INCREMENT,
`reportedBy` int not null,
`reportedContent` text not null,
`resolved` tinyint DEFAULT 0 not null,
primary key(`rid`)
);
INSERT INTO users(`name`,`group`,`is_super_admin`,`createdAt`,`lastActiveAt`) INSERT INTO users(`name`,`group`,`is_super_admin`,`createdAt`,`lastActiveAt`)
VALUES ('Admin',1,1,NOW(),NOW()); VALUES ('Admin',1,1,NOW(),NOW());
INSERT INTO users_groups(`name`,`permissions`,`is_admin`) VALUES ('Administrator','{}',1); INSERT INTO users_groups(`name`,`permissions`,`is_admin`) VALUES ('Administrator','{}',1);

View File

@ -86,6 +86,30 @@ func NoPermissionsJSQ(w http.ResponseWriter, r *http.Request, user User, is_js s
} }
} }
func Banned(w http.ResponseWriter, r *http.Request, user User) {
errmsg := "You have been banned, thus you do not permission to do that."
pi := Page{"Local Error","error",user,tList,errmsg}
var b bytes.Buffer
templates.ExecuteTemplate(&b,"error.html", pi)
errpage := b.String()
w.WriteHeader(403)
fmt.Fprintln(w,errpage)
}
func BannedJSQ(w http.ResponseWriter, r *http.Request, user User, is_js string) {
errmsg := "You have been banned from this site."
if is_js == "0" {
pi := Page{"Local Error","error",user,tList,errmsg}
var b bytes.Buffer
templates.ExecuteTemplate(&b,"error.html", pi)
errpage := b.String()
w.WriteHeader(403)
fmt.Fprintln(w,errpage)
} else {
http.Error(w,"{'errmsg': '" + errmsg + "'}",403)
}
}
func LoginRequiredJSQ(w http.ResponseWriter, r *http.Request, user User, is_js string) { func LoginRequiredJSQ(w http.ResponseWriter, r *http.Request, user User, is_js string) {
errmsg := "You need to login to do that." errmsg := "You need to login to do that."
if is_js == "0" { if is_js == "0" {

View File

@ -10,3 +10,9 @@ type Forum struct
LastReplyerID int LastReplyerID int
LastTopicTime string LastTopicTime string
} }
type ForumSimple struct
{
ID int
Name string
}

View File

@ -39,6 +39,8 @@ var set_username_stmt *sql.Stmt
var register_stmt *sql.Stmt var register_stmt *sql.Stmt
var username_exists_stmt *sql.Stmt var username_exists_stmt *sql.Stmt
var create_forum_stmt *sql.Stmt
var custom_pages map[string]string = make(map[string]string) var custom_pages map[string]string = make(map[string]string)
var templates = template.Must(template.ParseGlob("templates/*")) var templates = template.Must(template.ParseGlob("templates/*"))
var no_css_tmpl = template.CSS("") var no_css_tmpl = template.CSS("")
@ -177,6 +179,12 @@ func init_database(err error) {
log.Fatal(err) log.Fatal(err)
} }
log.Print("Preparing create_forum statement.")
create_forum_stmt, err = db.Prepare("INSERT INTO forums(name) VALUES(?)")
if err != nil {
log.Fatal(err)
}
log.Print("Loading the usergroups.") log.Print("Loading the usergroups.")
rows, err := db.Query("select gid,name,permissions,is_admin,is_banned from users_groups") rows, err := db.Query("select gid,name,permissions,is_admin,is_banned from users_groups")
if err != nil { if err != nil {
@ -252,6 +260,11 @@ func main(){
http.HandleFunc("/user/edit/username/submit/", route_account_own_edit_username_submit) http.HandleFunc("/user/edit/username/submit/", route_account_own_edit_username_submit)
//http.HandleFunc("/user/:id/edit/", route_logout) //http.HandleFunc("/user/:id/edit/", route_logout)
//http.HandleFunc("/user/:id/ban/", route_logout) //http.HandleFunc("/user/:id/ban/", route_logout)
// Admin
http.HandleFunc("/panel/forums/", route_panel_forums)
http.HandleFunc("/panel/forums/create/", route_panel_forums_create_submit)
http.HandleFunc("/", default_route) http.HandleFunc("/", default_route)
defer db.Close() defer db.Close()

View File

@ -209,11 +209,16 @@ func route_forums(w http.ResponseWriter, r *http.Request){
return return
} }
if forum.LastTopicID != 0 {
forum.LastTopicTime, err = relative_time(forum.LastTopicTime) forum.LastTopicTime, err = relative_time(forum.LastTopicTime)
if err != nil { if err != nil {
InternalError(err,w,r,user) InternalError(err,w,r,user)
return return
} }
} else {
forum.LastTopic = "None"
forum.LastTopicTime = ""
}
forumList[currentID] = forum forumList[currentID] = forum
currentID++ currentID++
@ -334,6 +339,11 @@ func route_topic_id(w http.ResponseWriter, r *http.Request){
func route_topic_create(w http.ResponseWriter, r *http.Request){ func route_topic_create(w http.ResponseWriter, r *http.Request){
user := SessionCheck(w,r) user := SessionCheck(w,r)
if user.Is_Banned {
Banned(w,r,user)
return
}
pi := Page{"Create Topic","create-topic",user,tList,0} pi := Page{"Create Topic","create-topic",user,tList,0}
templates.ExecuteTemplate(w,"create-topic.html", pi) templates.ExecuteTemplate(w,"create-topic.html", pi)
} }
@ -345,6 +355,10 @@ func route_create_topic(w http.ResponseWriter, r *http.Request) {
LoginRequired(w,r,user) LoginRequired(w,r,user)
return return
} }
if user.Is_Banned {
Banned(w,r,user)
return
}
err := r.ParseForm() err := r.ParseForm()
if err != nil { if err != nil {
@ -392,6 +406,10 @@ func route_create_reply(w http.ResponseWriter, r *http.Request) {
LoginRequired(w,r,user) LoginRequired(w,r,user)
return return
} }
if user.Is_Banned {
Banned(w,r,user)
return
}
err := r.ParseForm() err := r.ParseForm()
if err != nil { if err != nil {
@ -468,6 +486,10 @@ func route_edit_topic(w http.ResponseWriter, r *http.Request) {
NoPermissionsJSQ(w,r,user,is_js) NoPermissionsJSQ(w,r,user,is_js)
return return
} }
if user.Is_Banned {
BannedJSQ(w,r,user,is_js)
return
}
var tid int var tid int
tid, err = strconv.Atoi(r.URL.Path[len("/topic/edit/submit/"):]) tid, err = strconv.Atoi(r.URL.Path[len("/topic/edit/submit/"):])
@ -1176,3 +1198,63 @@ func route_register_submit(w http.ResponseWriter, r *http.Request) {
http.SetCookie(w,&cookie) http.SetCookie(w,&cookie)
http.Redirect(w,r, "/", http.StatusSeeOther) http.Redirect(w,r, "/", http.StatusSeeOther)
} }
func route_panel_forums(w http.ResponseWriter, r *http.Request){
user := SessionCheck(w,r)
if !user.Is_Admin {
NoPermissions(w,r,user)
return
}
var forumList map[int]interface{}
forumList = make(map[int]interface{})
currentID := 0
rows, err := db.Query("select fid, name from forums")
if err != nil {
InternalError(err,w,r,user)
return
}
defer rows.Close()
for rows.Next() {
forum := ForumSimple{0,""}
err := rows.Scan(&forum.ID, &forum.Name)
if err != nil {
InternalError(err,w,r,user)
return
}
forumList[currentID] = forum
currentID++
}
err = rows.Err()
if err != nil {
InternalError(err,w,r,user)
return
}
pi := Page{"Forum Manager","panel-forums",user,forumList,0}
templates.ExecuteTemplate(w,"panel-forums.html", pi)
}
func route_panel_forums_create_submit(w http.ResponseWriter, r *http.Request){
user := SessionCheck(w,r)
if !user.Is_Admin {
NoPermissions(w,r,user)
return
}
err := r.ParseForm()
if err != nil {
LocalError("Bad Form", w, r, user)
return
}
_, err = create_forum_stmt.Exec(r.PostFormValue("forum-name"))
if err != nil {
InternalError(err,w,r,user)
return
}
http.Redirect(w,r, "/panel/forums/", http.StatusSeeOther)
}

View File

@ -6,6 +6,7 @@
<li class="menu_create_topic"><a href="/topics/create/">Create Topic</a></li> <li class="menu_create_topic"><a href="/topics/create/">Create Topic</a></li>
{{ if .CurrentUser.Loggedin }} {{ if .CurrentUser.Loggedin }}
<li class="menu_account"><a href="/user/edit/critical/">My Account</a></li> <li class="menu_account"><a href="/user/edit/critical/">My Account</a></li>
<li class="menu_account"><a href="/panel/forums/">Panel</a></li>
<li class="menu_logout"><a href="/accounts/logout?session={{.CurrentUser.Session}}">Logout</a></li> <li class="menu_logout"><a href="/accounts/logout?session={{.CurrentUser.Session}}">Logout</a></li>
{{ else }} {{ else }}
<li class="menu_register"><a href="/accounts/create/">Register</a></li> <li class="menu_register"><a href="/accounts/create/">Register</a></li>

View File

@ -0,0 +1,29 @@
{{template "header.html" . }}
<div class="colblock_left">
<div class="rowitem"><a>Control Panel</a></div>
<div class="rowitem passive"><a href="/panel/forums/">Forums</a></div>
<div class="rowitem passive"><a>Coming Soon</a></div>
<div class="rowitem passive"><a>Coming Soon</a></div>
<div class="rowitem passive"><a>Coming Soon</a></div>
<div class="rowitem passive"><a>Coming Soon</a></div>
</div>
<div class="colblock_right">
{{range .ItemList}}
<div class="rowitem"><a style="font-size: 20px;position:relative;top: -2px;font-weight: normal;text-transform: none;">{{.Name}}</a></div>
{{end}}
</div><br />
<div class="colblock_right">
<div class="rowitem"><a>Add Forum</a></div>
</div>
<div class="colblock_right">
<form action="/panel/forums/create/" method="post">
<div class="formrow">
<div class="formitem"><a>Forum Name</a></div>
<div class="formitem"><input name="forum-name" type="text" /></div>
</div>
<div class="formrow">
<div class="formitem"><button name="panel-button" class="formbutton">Add</div></div>
</div>
</form>
</div>
{{template "footer.html" . }}

View File

@ -16,6 +16,7 @@
</select> </select>
<button name="topic-button" class="formbutton show_on_edit submit_edit">Update</button> <button name="topic-button" class="formbutton show_on_edit submit_edit">Update</button>
{{end}} {{end}}
<a href='/topic/report/submit/{{.Something.ID}}' class="username" style="font-weight: normal;">Report</a>
</div> </div>
</form> </form>
</div> </div>
@ -35,8 +36,10 @@
<a class="username">{{$element.CreatedByName}}</a> <a class="username">{{$element.CreatedByName}}</a>
{{if $.CurrentUser.Is_Admin}}<a href="/reply/edit/submit/{{$element.ID}}"><button class="username edit_item">Edit</button></a> {{if $.CurrentUser.Is_Admin}}<a href="/reply/edit/submit/{{$element.ID}}"><button class="username edit_item">Edit</button></a>
<a href="/reply/delete/submit/{{$element.ID}}"><button class="username delete_item">Delete</button></a>{{end}} <a href="/reply/delete/submit/{{$element.ID}}"><button class="username delete_item">Delete</button></a>{{end}}
<a href="/reply/report/submit/{{$element.ID}}"><button class="username report_item">Report</button></a>
</div>{{ end }} </div>{{ end }}
</div> </div>
{{if not .CurrentUser.Is_Banned}}
<div class="rowblock"> <div class="rowblock">
<form action="/reply/create/" method="post"> <form action="/reply/create/" method="post">
<input name="tid" value='{{.Something.ID}}' type="hidden" /> <input name="tid" value='{{.Something.ID}}' type="hidden" />
@ -48,4 +51,5 @@
</div> </div>
</form> </form>
</div> </div>
{{end}}
{{template "footer.html" . }} {{template "footer.html" . }}

View File

@ -13,6 +13,7 @@ type User struct
Group int Group int
Is_Admin bool Is_Admin bool
Is_Super_Admin bool Is_Super_Admin bool
Is_Banned bool
Session string Session string
Loggedin bool Loggedin bool
Avatar string Avatar string
@ -38,7 +39,7 @@ func SetPassword(uid int, password string) (error) {
} }
func SessionCheck(w http.ResponseWriter, r *http.Request) (User) { func SessionCheck(w http.ResponseWriter, r *http.Request) (User) {
user := User{0,"",0,false,false,"",false,""} user := User{0,"",0,false,false,false,"",false,""}
var err error var err error
var cookie *http.Cookie var cookie *http.Cookie
@ -64,13 +65,13 @@ func SessionCheck(w http.ResponseWriter, r *http.Request) (User) {
// Is this session valid..? // Is this session valid..?
err = get_session_stmt.QueryRow(user.ID,user.Session).Scan(&user.ID, &user.Name, &user.Group, &user.Is_Super_Admin, &user.Session, &user.Avatar) err = get_session_stmt.QueryRow(user.ID,user.Session).Scan(&user.ID, &user.Name, &user.Group, &user.Is_Super_Admin, &user.Session, &user.Avatar)
if err == sql.ErrNoRows { if err == sql.ErrNoRows {
//log.Print("Couldn't find the user session")
return user return user
} else if err != nil { } else if err != nil {
log.Print(err) log.Print(err)
return user return user
} }
user.Is_Admin = user.Is_Super_Admin user.Is_Admin = (user.Is_Super_Admin || groups[user.Group].Is_Admin)
user.Is_Banned = groups[user.Group].Is_Banned
if user.Avatar != "" && user.Avatar[0] == '.' { if user.Avatar != "" && user.Avatar[0] == '.' {
user.Avatar = "/uploads/avatar_" + strconv.Itoa(user.ID) + user.Avatar user.Avatar = "/uploads/avatar_" + strconv.Itoa(user.ID) + user.Avatar
} }

Binary file not shown.

After

Width:  |  Height:  |  Size: 456 KiB