From f5c6f6b552f3023c6c49887ffed86c4636267f1f Mon Sep 17 00:00:00 2001 From: Azareal Date: Tue, 31 Jan 2017 05:13:38 +0000 Subject: [PATCH] Added Per-Forum Permissions. The admin side of this is under development. Added the Not Loggedin group. The Reports Forum is now only available to staff. Groups are now stored in a slice instead of a map for extra concurrency and speed. Testing background SVGs. You can now toggle a forum's visibility via the Forum Manager. Added the Inline Form API to global.js The reports forum can now be edited but not deleted. Tempra Simple and Tempra Conflux now support backgrounds. --- data.sql | 13 ++ group.go | 17 +- main.go | 6 +- mod_routes.go | 297 ++++++++++++++++++++------ mysql.go | 94 +++++++- public/global.js | 79 +++++-- public/test_bg2.svg | 12 ++ public/test_bg3.svg | 12 ++ routes.go | 54 +++-- template_forum.go | 2 +- template_list.go | 8 +- template_topic_alt.go | 2 +- templates/panel-forums.html | 23 +- templates/panel-menu.html | 2 +- templates/topic.html | 4 +- templates/topic_alt.html | 4 +- themes/tempra-conflux/public/main.css | 13 +- themes/tempra-simple/public/main.css | 18 +- user.go | 8 + utils.go | 9 +- 20 files changed, 522 insertions(+), 155 deletions(-) create mode 100644 public/test_bg2.svg create mode 100644 public/test_bg3.svg diff --git a/data.sql b/data.sql index 1306fcd5..adce7839 100644 --- a/data.sql +++ b/data.sql @@ -56,6 +56,12 @@ CREATE TABLE `forums`( primary key(`fid`) ) CHARSET=utf8mb4 COLLATE utf8mb4_general_ci; +CREATE TABLE `forums_permissions`( + `fid` int not null, + `gid` int not null, + `permissions` text not null +); + CREATE TABLE `topics`( `tid` int not null AUTO_INCREMENT, `title` varchar(100) not null, @@ -169,9 +175,16 @@ INSERT INTO users_groups(`name`,`permissions`,`is_mod`,`tag`) VALUES ('Moderator INSERT INTO users_groups(`name`,`permissions`) VALUES ('Member','{"BanUsers":false,"ActivateUsers":false,"EditUser":false,"EditUserEmail":false,"EditUserPassword":false,"EditUserGroup":false,"EditUserGroupSuperMod":false,"EditUserGroupAdmin":false,"ManageForums":false,"EditSettings":false,"ManageThemes":false,"ManagePlugins":false,"ViewIPs":false,"ViewTopic":true,"CreateTopic":true,"EditTopic":false,"DeleteTopic":false,"CreateReply":true,"EditReply":false,"DeleteReply":false,"PinTopic":false,"CloseTopic":false}'); INSERT INTO users_groups(`name`,`permissions`,`is_banned`) VALUES ('Banned','{"BanUsers":false,"ActivateUsers":false,"EditUser":false,"EditUserEmail":false,"EditUserPassword":false,"EditUserGroup":false,"EditUserGroupSuperMod":false,"EditUserGroupAdmin":false,"ManageForums":false,"EditSettings":false,"ManageThemes":false,"ManagePlugins":false,"ViewIPs":false,"ViewTopic":true,"CreateTopic":false,"EditTopic":false,"DeleteTopic":false,"CreateReply":false,"EditReply":false,"DeleteReply":false,"PinTopic":false,"CloseTopic":false}',1); INSERT INTO users_groups(`name`,`permissions`) VALUES ('Awaiting Activation','{"BanUsers":false,"ActivateUsers":false,"EditUser":false,"EditUserEmail":false,"EditUserPassword":false,"EditUserGroup":false,"EditUserGroupSuperMod":false,"EditUserGroupAdmin":false,"ManageForums":false,"EditSettings":false,"ManageThemes":false,"ManagePlugins":false,"ViewIPs":false,"ViewTopic":true,"CreateTopic":false,"EditTopic":false,"DeleteTopic":false,"CreateReply":false,"EditReply":false,"DeleteReply":false,"PinTopic":false,"CloseTopic":false}'); +INSERT INTO users_groups(`name`,`permissions`,`tag`) VALUES ('Not Loggedin','{"ViewTopic":true}','Guest'); INSERT INTO forums(`name`,`active`) VALUES ('Reports',0); INSERT INTO forums(`name`,`lastTopicTime`) VALUES ('General',NOW()); +INSERT INTO forums_permissions(`gid`,`fid`,`permissions`) VALUES (1,1,'{"ViewTopic":true,"CreateReply":true,"CreateTopic":true,"PinTopic":true,"CloseTopic":true}'); +INSERT INTO forums_permissions(`gid`,`fid`,`permissions`) VALUES (2,1,'{"ViewTopic":true,"CreateReply":true,"CloseTopic":true}'); +INSERT INTO forums_permissions(`gid`,`fid`,`permissions`) VALUES (3,1,'{}'); +INSERT INTO forums_permissions(`gid`,`fid`,`permissions`) VALUES (4,1,'{}'); +INSERT INTO forums_permissions(`gid`,`fid`,`permissions`) VALUES (5,1,'{}'); +INSERT INTO forums_permissions(`gid`,`fid`,`permissions`) VALUES (6,1,'{}'); INSERT INTO topics(`title`,`content`,`createdAt`,`lastReplyAt`,`createdBy`,`parentID`) VALUES ('Test Topic','A topic automatically generated by the software.',NOW(),NOW(),1,1); diff --git a/group.go b/group.go index 8cc683ec..a613b16e 100644 --- a/group.go +++ b/group.go @@ -1,6 +1,8 @@ package main import "fmt" +var BlankPerms Perms +var BlankForumPerms ForumPerms var GuestPerms Perms var AllPerms Perms @@ -8,12 +10,14 @@ type Group struct { ID int Name string - Perms Perms - PermissionsText []byte Is_Mod bool Is_Admin bool Is_Banned bool Tag string + Perms Perms + PermissionsText []byte + Forums []ForumPerms + CanSee []int // The IDs of the forums this group can see } // Permission Structure: ActionComponent[Subcomponent]Flag @@ -67,10 +71,19 @@ type ForumPerms struct CloseTopic bool //CloseOwnTopic bool + Overrides bool ExtData map[string]bool } func init() { + BlankPerms = Perms{ + ExtData: make(map[string]bool), + } + + BlankForumPerms = ForumPerms{ + ExtData: make(map[string]bool), + } + GuestPerms = Perms{ ViewTopic: true, ExtData: make(map[string]bool), diff --git a/main.go b/main.go index c4e567e4..77fa9442 100644 --- a/main.go +++ b/main.go @@ -29,8 +29,9 @@ var no_css_tmpl = template.CSS("") var staff_css_tmpl = template.CSS(staff_css) var settings map[string]interface{} = make(map[string]interface{}) var external_sites map[string]string = make(map[string]string) -var groups map[int]Group = make(map[int]Group) -var forums []Forum // The IDs for a forum tend to be low and sequential for the most part, so we can get more performance out of using a slice instead of a map AND it has better concurrency +var groups []Group +var forums []Forum // The IDs for a forum tend to be low and sequential for the most part, so we can get more performance out of using a slice instead of a map AND it has better concurrency +var forum_perms [][]ForumPerms // [gid][fid]Perms var groupCapCount int var forumCapCount int var static_files map[string]SFile = make(map[string]SFile) @@ -227,6 +228,7 @@ func main(){ router.HandleFunc("/panel/forums/create/", route_panel_forums_create_submit) router.HandleFunc("/panel/forums/delete/", route_panel_forums_delete) router.HandleFunc("/panel/forums/delete/submit/", route_panel_forums_delete_submit) + router.HandleFunc("/panel/forums/edit/", route_panel_forums_edit) router.HandleFunc("/panel/forums/edit/submit/", route_panel_forums_edit_submit) router.HandleFunc("/panel/settings/", route_panel_settings) router.HandleFunc("/panel/settings/edit/", route_panel_setting) diff --git a/mod_routes.go b/mod_routes.go index f156e624..1a58506f 100644 --- a/mod_routes.go +++ b/mod_routes.go @@ -17,25 +17,46 @@ func route_edit_topic(w http.ResponseWriter, r *http.Request) { err := r.ParseForm() if err != nil { - LocalError("Bad Form", w, r, user) + LocalError("Bad Form",w,r,user) return } is_js := r.PostFormValue("js") if is_js == "" { is_js = "0" } - if !user.Perms.ViewTopic || !user.Perms.EditTopic { - NoPermissionsJSQ(w,r,user,is_js) - return - } var tid int + var fid int tid, err = strconv.Atoi(r.URL.Path[len("/topic/edit/submit/"):]) if err != nil { LocalErrorJSQ("The provided TopicID is not a valid number.",w,r,user,is_js) return } + err = db.QueryRow("select parentID from topics where tid = ?", tid).Scan(&fid) + if err == sql.ErrNoRows { + LocalError("The topic you tried to edit doesn't exist.",w,r,user) + return + } else if err != nil { + InternalError(err,w,r,user) + return + } + + if (fid > forumCapCount) || (fid < 0) || forums[fid].Name=="" { + LocalError("The topic's parent forum doesn't exist.",w,r,user) + return + } + + if groups[user.Group].Forums[fid].Overrides { + if !groups[user.Group].Forums[fid].ViewTopic || !groups[user.Group].Forums[fid].EditTopic { + NoPermissionsJSQ(w,r,user,is_js) + return + } + } else if !user.Perms.ViewTopic || !user.Perms.EditTopic { + NoPermissionsJSQ(w,r,user,is_js) + return + } + topic_name := r.PostFormValue("topic_name") topic_status := r.PostFormValue("topic_status") is_closed := (topic_status == "closed") @@ -48,7 +69,7 @@ func route_edit_topic(w http.ResponseWriter, r *http.Request) { } if is_js == "0" { - http.Redirect(w, r, "/topic/" + strconv.Itoa(tid), http.StatusSeeOther) + http.Redirect(w,r,"/topic/" + strconv.Itoa(tid),http.StatusSeeOther) } else { fmt.Fprintf(w,"{'success': '1'}") } @@ -59,10 +80,6 @@ func route_delete_topic(w http.ResponseWriter, r *http.Request) { if !ok { return } - if !user.Perms.ViewTopic || !user.Perms.DeleteTopic { - NoPermissions(w,r,user) - return - } tid, err := strconv.Atoi(r.URL.Path[len("/topic/delete/submit/"):]) if err != nil { @@ -73,7 +90,7 @@ func route_delete_topic(w http.ResponseWriter, r *http.Request) { var content string var createdBy int var fid int - err = db.QueryRow("select tid, content, createdBy, parentID from topics where tid = ?", tid).Scan(&tid, &content, &createdBy, &fid) + err = db.QueryRow("select content, createdBy, parentID from topics where tid = ?", tid).Scan(&content, &createdBy, &fid) if err == sql.ErrNoRows { LocalError("The topic you tried to delete doesn't exist.",w,r,user) return @@ -82,6 +99,21 @@ func route_delete_topic(w http.ResponseWriter, r *http.Request) { return } + if (fid > forumCapCount) || (fid < 0) || forums[fid].Name=="" { + LocalError("The topic's parent forum doesn't exist.",w,r,user) + return + } + + if groups[user.Group].Forums[fid].Overrides { + if !groups[user.Group].Forums[fid].ViewTopic || !groups[user.Group].Forums[fid].DeleteTopic { + NoPermissions(w,r,user) + return + } + } else if !user.Perms.ViewTopic || !user.Perms.DeleteTopic { + NoPermissions(w,r,user) + return + } + _, err = delete_topic_stmt.Exec(tid) if err != nil { InternalError(err,w,r,user) @@ -97,10 +129,6 @@ func route_delete_topic(w http.ResponseWriter, r *http.Request) { return } - if (fid > forumCapCount) || (fid < 0) || forums[fid].Name=="" { - LocalError("The topic's parent forum doesn't exist.",w,r,user) - return - } _, err = remove_topics_from_forum_stmt.Exec(1, fid) if err != nil { InternalError(err,w,r,user) @@ -115,10 +143,6 @@ func route_stick_topic(w http.ResponseWriter, r *http.Request) { if !ok { return } - if !user.Perms.ViewTopic || !user.Perms.PinTopic { - NoPermissions(w,r,user) - return - } tid, err := strconv.Atoi(r.URL.Path[len("/topic/stick/submit/"):]) if err != nil { @@ -126,6 +150,31 @@ func route_stick_topic(w http.ResponseWriter, r *http.Request) { return } + var fid int + err = db.QueryRow("select parentID from topics where tid = ?", tid).Scan(&fid) + if err == sql.ErrNoRows { + LocalError("The topic you tried to pin doesn't exist.",w,r,user) + return + } else if err != nil { + InternalError(err,w,r,user) + return + } + + if (fid > forumCapCount) || (fid < 0) || forums[fid].Name=="" { + LocalError("The topic's parent forum doesn't exist.",w,r,user) + return + } + + if groups[user.Group].Forums[fid].Overrides { + if !groups[user.Group].Forums[fid].ViewTopic || !groups[user.Group].Forums[fid].PinTopic { + NoPermissions(w,r,user) + return + } + } else if !user.Perms.ViewTopic || !user.Perms.PinTopic { + NoPermissions(w,r,user) + return + } + _, err = stick_topic_stmt.Exec(tid) if err != nil { InternalError(err,w,r,user) @@ -139,10 +188,6 @@ func route_unstick_topic(w http.ResponseWriter, r *http.Request) { if !ok { return } - if !user.Perms.ViewTopic || !user.Perms.PinTopic { - NoPermissions(w,r,user) - return - } tid, err := strconv.Atoi(r.URL.Path[len("/topic/unstick/submit/"):]) if err != nil { @@ -150,6 +195,31 @@ func route_unstick_topic(w http.ResponseWriter, r *http.Request) { return } + var fid int + err = db.QueryRow("select parentID from topics where tid = ?", tid).Scan(&fid) + if err == sql.ErrNoRows { + LocalError("The topic you tried to unpin doesn't exist.",w,r,user) + return + } else if err != nil { + InternalError(err,w,r,user) + return + } + + if (fid > forumCapCount) || (fid < 0) || forums[fid].Name=="" { + LocalError("The topic's parent forum doesn't exist.",w,r,user) + return + } + + if groups[user.Group].Forums[fid].Overrides { + if !groups[user.Group].Forums[fid].ViewTopic || !groups[user.Group].Forums[fid].PinTopic { + NoPermissions(w,r,user) + return + } + } else if !user.Perms.ViewTopic || !user.Perms.PinTopic { + NoPermissions(w,r,user) + return + } + _, err = unstick_topic_stmt.Exec(tid) if err != nil { InternalError(err,w,r,user) @@ -173,10 +243,6 @@ func route_reply_edit_submit(w http.ResponseWriter, r *http.Request) { if is_js == "" { is_js = "0" } - if !user.Perms.ViewTopic || !user.Perms.EditReply { - NoPermissionsJSQ(w,r,user,is_js) - return - } rid, err := strconv.Atoi(r.URL.Path[len("/reply/edit/submit/"):]) if err != nil { @@ -199,6 +265,31 @@ func route_reply_edit_submit(w http.ResponseWriter, r *http.Request) { return } + var fid int + err = db.QueryRow("select parentID from topics where tid = ?", tid).Scan(&fid) + if err == sql.ErrNoRows { + LocalError("The parent topic doesn't exist.",w,r,user) + return + } else if err != nil { + InternalError(err,w,r,user) + return + } + + if (fid > forumCapCount) || (fid < 0) || forums[fid].Name=="" { + LocalError("The topic's parent forum doesn't exist.",w,r,user) + return + } + + if groups[user.Group].Forums[fid].Overrides { + if !groups[user.Group].Forums[fid].ViewTopic || !groups[user.Group].Forums[fid].EditReply { + NoPermissions(w,r,user) + return + } + } else if !user.Perms.ViewTopic || !user.Perms.EditReply { + NoPermissions(w,r,user) + return + } + if is_js == "0" { http.Redirect(w,r, "/topic/" + strconv.Itoa(tid) + "#reply-" + strconv.Itoa(rid), http.StatusSeeOther) } else { @@ -236,7 +327,7 @@ func route_reply_delete_submit(w http.ResponseWriter, r *http.Request) { var tid int var content string var createdBy int - err = db.QueryRow("SELECT tid, content, createdBy from replies where rid = ?", rid).Scan(&tid, &content, &createdBy) + err = db.QueryRow("select tid, content, createdBy from replies where rid = ?", rid).Scan(&tid, &content, &createdBy) if err == sql.ErrNoRows { LocalErrorJSQ("The reply you tried to delete doesn't exist.",w,r,user,is_js) return @@ -245,6 +336,31 @@ func route_reply_delete_submit(w http.ResponseWriter, r *http.Request) { return } + var fid int + err = db.QueryRow("select parentID from topics where tid = ?", tid).Scan(&fid) + if err == sql.ErrNoRows { + LocalError("The parent topic doesn't exist.",w,r,user) + return + } else if err != nil { + InternalError(err,w,r,user) + return + } + + if (fid > forumCapCount) || (fid < 0) || forums[fid].Name=="" { + LocalError("The topic's parent forum doesn't exist.",w,r,user) + return + } + + if groups[user.Group].Forums[fid].Overrides { + if !groups[user.Group].Forums[fid].ViewTopic || !groups[user.Group].Forums[fid].DeleteReply { + NoPermissions(w,r,user) + return + } + } else if !user.Perms.ViewTopic || !user.Perms.DeleteReply { + NoPermissions(w,r,user) + return + } + _, err = delete_reply_stmt.Exec(rid) if err != nil { InternalErrorJSQ(err,w,r,user,is_js) @@ -389,7 +505,7 @@ func route_ban(w http.ResponseWriter, r *http.Request) { } var uname string - err = db.QueryRow("SELECT name from users where uid = ?", uid).Scan(&uname) + err = db.QueryRow("select name from users where uid = ?", uid).Scan(&uname) if err == sql.ErrNoRows { LocalError("The user you're trying to ban no longer exists.",w,r,user) return @@ -428,7 +544,7 @@ func route_ban_submit(w http.ResponseWriter, r *http.Request) { var group int var is_super_admin bool - err = db.QueryRow("SELECT `group`, `is_super_admin` from `users` where `uid` = ?", uid).Scan(&group, &is_super_admin) + err = db.QueryRow("select `group`, `is_super_admin` from `users` where `uid` = ?", uid).Scan(&group, &is_super_admin) if err == sql.ErrNoRows { LocalError("The user you're trying to ban no longer exists.",w,r,user) return @@ -486,7 +602,7 @@ func route_unban(w http.ResponseWriter, r *http.Request) { var uname string var group int - err = db.QueryRow("SELECT `name`, `group` from users where `uid` = ?", uid).Scan(&uname, &group) + err = db.QueryRow("select `name`, `group` from users where `uid` = ?", uid).Scan(&uname, &group) if err == sql.ErrNoRows { LocalError("The user you're trying to unban no longer exists.",w,r,user) return @@ -530,7 +646,7 @@ func route_activate(w http.ResponseWriter, r *http.Request) { var uname string var active bool - err = db.QueryRow("SELECT `name`, `active` from users where `uid` = ?", uid).Scan(&uname, &active) + err = db.QueryRow("select `name`, `active` from users where `uid` = ?", uid).Scan(&uname, &active) if err == sql.ErrNoRows { LocalError("The account you're trying to activate no longer exists.",w,r,user) return @@ -567,8 +683,7 @@ func route_panel(w http.ResponseWriter, r *http.Request){ NoPermissions(w,r,user) return } - - pi := Page{"Control Panel Dashboard",user,noticeList,tList,0} + pi := Page{"Control Panel Dashboard",user,noticeList,tList,nil} templates.ExecuteTemplate(w,"panel-dashboard.html", pi) } @@ -585,10 +700,9 @@ func route_panel_forums(w http.ResponseWriter, r *http.Request){ var forumList []interface{} for _, forum := range forums { if forum.Name != "" { - forumList = append(forumList, forum) + forumList = append(forumList,forum) } } - pi := Page{"Forum Manager",user,noticeList,forumList,nil} templates.ExecuteTemplate(w,"panel-forums.html", pi) } @@ -671,7 +785,6 @@ func route_panel_forums_delete_submit(w http.ResponseWriter, r *http.Request) { NoPermissions(w,r,user) return } - if r.FormValue("session") != user.Session { SecurityError(w,r,user) return @@ -682,7 +795,6 @@ func route_panel_forums_delete_submit(w http.ResponseWriter, r *http.Request) { LocalError("The provided Forum ID is not a valid number.",w,r,user) return } - if (fid > forumCapCount) || (fid < 0) || forums[fid].Name=="" { LocalError("The forum you're trying to delete doesn't exist.",w,r,user) return @@ -693,10 +805,33 @@ func route_panel_forums_delete_submit(w http.ResponseWriter, r *http.Request) { InternalError(err,w,r,user) return } - http.Redirect(w,r,"/panel/forums/",http.StatusSeeOther) } +func route_panel_forums_edit(w http.ResponseWriter, r *http.Request) { + user, noticeList, ok := SessionCheck(w,r) + if !ok { + return + } + if !user.Is_Super_Mod || !user.Perms.ManageForums { + NoPermissions(w,r,user) + return + } + + fid, err := strconv.Atoi(r.URL.Path[len("/panel/forums/edit/"):]) + if err != nil { + LocalError("The provided Forum ID is not a valid number.",w,r,user) + return + } + if (fid > forumCapCount) || (fid < 0) || forums[fid].Name=="" { + LocalError("The forum you're trying to edit doesn't exist.",w,r,user) + return + } + + pi := Page{"Forum Editor",user,noticeList,tList,nil} + templates.ExecuteTemplate(w,"panel-forum-edit.html", pi) +} + func route_panel_forums_edit_submit(w http.ResponseWriter, r *http.Request) { user, ok := SimpleSessionCheck(w,r) if !ok { @@ -709,34 +844,67 @@ func route_panel_forums_edit_submit(w http.ResponseWriter, r *http.Request) { err := r.ParseForm() if err != nil { - LocalError("Bad Form", w, r, user) + LocalError("Bad Form",w,r,user) return } if r.FormValue("session") != user.Session { SecurityError(w,r,user) return } + is_js := r.PostFormValue("js") + if is_js == "" { + is_js = "0" + } fid, err := strconv.Atoi(r.URL.Path[len("/panel/forums/edit/submit/"):]) if err != nil { - LocalError("The provided Forum ID is not a valid number.",w,r,user) + LocalErrorJSQ("The provided Forum ID is not a valid number.",w,r,user,is_js) return } - forum_name := r.PostFormValue("edit_item") + forum_name := r.PostFormValue("forum-name") + forum_active := r.PostFormValue("forum-active") if (fid > forumCapCount) || (fid < 0) || forums[fid].Name=="" { - LocalError("The forum you're trying to edit doesn't exist.",w,r,user) + LocalErrorJSQ("The forum you're trying to edit doesn't exist.",w,r,user,is_js) return } - _, err = update_forum_stmt.Exec(forum_name, fid) + if forum_name == "" && forum_active == "" { + LocalErrorJSQ("You haven't changed anything!",w,r,user,is_js) + return + } + + if forum_name == "" { + forum_name = forums[fid].Name + } + + var active bool + if forum_active == "" { + active = forums[fid].Active + } else if forum_active == "1" || forum_active == "Show" { + active = true + } else { + active = false + } + + _, err = update_forum_stmt.Exec(forum_name, active, fid) if err != nil { - InternalError(err,w,r,user) + InternalErrorJSQ(err,w,r,user,is_js) return } - forums[fid].Name = forum_name - http.Redirect(w,r,"/panel/forums/",http.StatusSeeOther) + if forums[fid].Name != forum_name { + forums[fid].Name = forum_name + } + if forums[fid].Active != active { + forums[fid].Active = active + } + + if is_js == "0" { + http.Redirect(w,r,"/panel/forums/",http.StatusSeeOther) + } else { + fmt.Fprintf(w,"{'success': '1'}") + } } func route_panel_settings(w http.ResponseWriter, r *http.Request){ @@ -750,7 +918,7 @@ func route_panel_settings(w http.ResponseWriter, r *http.Request){ } var settingList map[string]interface{} = make(map[string]interface{}) - rows, err := db.Query("SELECT name, content, type FROM settings") + rows, err := db.Query("select name, content, type from settings") if err != nil { InternalError(err,w,r,user) return @@ -791,7 +959,7 @@ func route_panel_settings(w http.ResponseWriter, r *http.Request){ return } - pi := Page{"Setting Manager",user, noticeList,tList,settingList} + pi := Page{"Setting Manager",user,noticeList,tList,settingList} templates.ExecuteTemplate(w,"panel-settings.html", pi) } @@ -808,7 +976,7 @@ func route_panel_setting(w http.ResponseWriter, r *http.Request){ setting := Setting{"","","",""} setting.Name = r.URL.Path[len("/panel/settings/edit/"):] - err := db.QueryRow("SELECT content, type from settings where name = ?", setting.Name).Scan(&setting.Content, &setting.Type) + err := db.QueryRow("select content, type from settings where name = ?", setting.Name).Scan(&setting.Content,&setting.Type) if err == sql.ErrNoRows { LocalError("The setting you want to edit doesn't exist.",w,r,user) return @@ -916,7 +1084,7 @@ func route_panel_plugins(w http.ResponseWriter, r *http.Request){ pluginList = append(pluginList, plugin) } - pi := Page{"Plugin Manager",user,noticeList,pluginList,0} + pi := Page{"Plugin Manager",user,noticeList,pluginList,nil} templates.ExecuteTemplate(w,"panel-plugins.html", pi) } @@ -942,7 +1110,7 @@ func route_panel_plugins_activate(w http.ResponseWriter, r *http.Request){ } var active bool - err := db.QueryRow("SELECT active from plugins where uname = ?", uname).Scan(&active) + err := db.QueryRow("select active from plugins where uname = ?", uname).Scan(&active) if err != nil && err != sql.ErrNoRows { InternalError(err,w,r,user) return @@ -1005,7 +1173,7 @@ func route_panel_plugins_deactivate(w http.ResponseWriter, r *http.Request){ } var active bool - err := db.QueryRow("SELECT active from plugins where uname = ?", uname).Scan(&active) + err := db.QueryRow("select active from plugins where uname = ?", uname).Scan(&active) if err == sql.ErrNoRows { LocalError("The plugin you're trying to deactivate isn't active",w,r,user) return @@ -1018,7 +1186,7 @@ func route_panel_plugins_deactivate(w http.ResponseWriter, r *http.Request){ LocalError("The plugin you're trying to deactivate isn't active",w,r,user) return } - _, err = update_plugin_stmt.Exec(0, uname) + _, err = update_plugin_stmt.Exec(0,uname) if err != nil { InternalError(err,w,r,user) return @@ -1042,7 +1210,7 @@ func route_panel_users(w http.ResponseWriter, r *http.Request){ } var userList []interface{} - rows, err := db.Query("SELECT `uid`,`name`,`group`,`active`,`is_super_admin`,`avatar` FROM users") + rows, err := db.Query("select `uid`,`name`,`group`,`active`,`is_super_admin`,`avatar` from users") if err != nil { InternalError(err,w,r,user) return @@ -1087,10 +1255,10 @@ func route_panel_users(w http.ResponseWriter, r *http.Request){ return } - pi := Page{"User Manager",user,noticeList,userList,0} + pi := Page{"User Manager",user,noticeList,userList,nil} err = templates.ExecuteTemplate(w,"panel-users.html", pi) if err != nil { - InternalError(err, w, r, user) + InternalError(err,w,r,user) } } @@ -1114,7 +1282,7 @@ func route_panel_users_edit(w http.ResponseWriter, r *http.Request){ return } - err = db.QueryRow("SELECT `name`, `email`, `group` from `users` where `uid` = ?", targetUser.ID).Scan(&targetUser.Name, &targetUser.Email, &targetUser.Group) + err = db.QueryRow("select `name`,`email`,`group` from `users` where `uid` = ?", targetUser.ID).Scan(&targetUser.Name, &targetUser.Email, &targetUser.Group) if err == sql.ErrNoRows { LocalError("The user you're trying to edit doesn't exist.",w,r,user) return @@ -1131,7 +1299,7 @@ func route_panel_users_edit(w http.ResponseWriter, r *http.Request){ } var groupList []interface{} - for _, group := range groups { + for _, group := range groups[1:] { if !user.Perms.EditUserGroupAdmin && group.Is_Admin { continue } @@ -1171,7 +1339,7 @@ func route_panel_users_edit_submit(w http.ResponseWriter, r *http.Request){ return } - err = db.QueryRow("SELECT `name`, `email`, `group` from `users` where `uid` = ?", targetUser.ID).Scan(&targetUser.Name, &targetUser.Email, &targetUser.Group) + err = db.QueryRow("select `name`, `email`, `group` from `users` where `uid` = ?", targetUser.ID).Scan(&targetUser.Name, &targetUser.Email, &targetUser.Group) if err == sql.ErrNoRows { LocalError("The user you're trying to edit doesn't exist.",w,r,user) return @@ -1215,8 +1383,7 @@ func route_panel_users_edit_submit(w http.ResponseWriter, r *http.Request){ return } - _, ok = groups[newgroup] - if !ok { + if (newgroup > groupCapCount) || (newgroup < 0) || groups[newgroup].Name=="" { LocalError("The group you're trying to place this user in doesn't exist.",w,r,user) return } @@ -1254,11 +1421,11 @@ func route_panel_groups(w http.ResponseWriter, r *http.Request){ } var groupList []interface{} - for _, group := range groups { + for _, group := range groups[1:] { groupList = append(groupList, group) } - pi := Page{"Group Manager",user,noticeList,groupList,0} + pi := Page{"Group Manager",user,noticeList,groupList,nil} templates.ExecuteTemplate(w,"panel-groups.html", pi) } @@ -1310,7 +1477,7 @@ func route_panel_themes_default(w http.ResponseWriter, r *http.Request){ } var isDefault bool - err := db.QueryRow("SELECT `default` from `themes` where `uname` = ?", uname).Scan(&isDefault) + err := db.QueryRow("select `default` from `themes` where `uname` = ?", uname).Scan(&isDefault) if err != nil && err != sql.ErrNoRows { InternalError(err,w,r,user) return diff --git a/mysql.go b/mysql.go index dd63dd2c..e56e5e03 100644 --- a/mysql.go +++ b/mysql.go @@ -410,25 +410,34 @@ func init_database(err error) { } log.Print("Preparing update_user statement.") - update_user_stmt, err = db.Prepare("UPDATE `users` SET `name` = ?, `email` = ?, `group` = ? WHERE `uid` = ?") + update_user_stmt, err = db.Prepare("update `users` set `name` = ?, `email` = ?, `group` = ? where `uid` = ?") if err != nil { log.Fatal(err) } log.Print("Loading the usergroups.") - rows, err := db.Query("SELECT gid,name,permissions,is_mod,is_admin,is_banned,tag FROM users_groups") + groups = append(groups, Group{ID:0,Name:"System"}) + + rows, err := db.Query("select gid,name,permissions,is_mod,is_admin,is_banned,tag from users_groups") if err != nil { log.Fatal(err) } defer rows.Close() - for rows.Next() { + i := 1 + for ;rows.Next();i++ { group := Group{ID: 0,} err := rows.Scan(&group.ID, &group.Name, &group.PermissionsText, &group.Is_Mod, &group.Is_Admin, &group.Is_Banned, &group.Tag) if err != nil { log.Fatal(err) } + // Ugh, you really shouldn't physically delete these items, it makes a big mess of things + if group.ID != i { + fmt.Println("Stop physically deleting groups. You are messing up the IDs. Use the Group Manager or delete_group() instead x.x") + fill_group_id_gap(i, group.ID) + } + err = json.Unmarshal(group.PermissionsText, &group.Perms) if err != nil { log.Fatal(err) @@ -439,25 +448,28 @@ func init_database(err error) { } group.Perms.ExtData = make(map[string]bool) - groups[group.ID] = group + groups = append(groups, group) } err = rows.Err() if err != nil { log.Fatal(err) } + log.Print("Binding the Not Loggedin Group") + GuestPerms = groups[6].Perms + log.Print("Loading the forums.") log.Print("Adding the uncategorised forum") forums = append(forums, Forum{0,"Uncategorised",uncategorised_forum_visible,0,"",0,"",0,""}) //rows, err = db.Query("SELECT fid, name, active, lastTopic, lastTopicID, lastReplyer, lastReplyerID, lastTopicTime FROM forums") - rows, err = db.Query("SELECT fid, name, active, topicCount, lastTopic, lastTopicID, lastReplyer, lastReplyerID, lastTopicTime FROM forums ORDER BY fid ASC") + rows, err = db.Query("select fid, name, active, topicCount, lastTopic, lastTopicID, lastReplyer, lastReplyerID, lastTopicTime from forums order by fid asc") if err != nil { log.Fatal(err) } defer rows.Close() - i := 1 + i = 1 for ;rows.Next();i++ { forum := Forum{0,"",true,0,"",0,"",0,""} err := rows.Scan(&forum.ID, &forum.Name, &forum.Active, &forum.TopicCount, &forum.LastTopic, &forum.LastTopicID, &forum.LastReplyer, &forum.LastReplyerID, &forum.LastTopicTime) @@ -467,9 +479,9 @@ func init_database(err error) { // Ugh, you really shouldn't physically delete these items, it makes a big mess of things if forum.ID != i { - fmt.Println("Stop physically deleting forums. You are messing up the IDs. Use the Forum Manager or delete_forums() instead x.x") + fmt.Println("Stop physically deleting forums. You are messing up the IDs. Use the Forum Manager or delete_forum() instead x.x") fill_forum_id_gap(i, forum.ID) - } + } if forum.LastTopicID != 0 { forum.LastTopicTime, err = relative_time(forum.LastTopicTime) @@ -493,8 +505,68 @@ func init_database(err error) { //log.Print("Adding the reports forum") //forums[-1] = Forum{-1,"Reports",false,0,"",0,"",0,""} + log.Print("Loading the forum permissions") + rows, err = db.Query("select gid, fid, permissions from forums_permissions order by gid asc, fid asc") + if err != nil { + log.Fatal(err) + } + defer rows.Close() + + // Temporarily store the forum perms in a map before transferring it to a much faster slice + log.Print("Adding the forum permissions") + forum_perms := make(map[int]map[int]ForumPerms) + for ;rows.Next();i++ { + var gid int + var fid int + var perms []byte + var pperms ForumPerms + err := rows.Scan(&gid, &fid, &perms) + if err != nil { + log.Fatal(err) + } + err = json.Unmarshal(perms, &pperms) + if err != nil { + log.Fatal(err) + } + pperms.ExtData = make(map[string]bool) + pperms.Overrides = true + _, ok := forum_perms[gid] + if !ok { + forum_perms[gid] = make(map[int]ForumPerms) + } + forum_perms[gid][fid] = pperms + } + for gid, _ := range groups { + log.Print("Adding the forum permissions for Group #" + strconv.Itoa(gid)) + //groups[gid].Forums = append(groups[gid].Forums,BlankForumPerms) // GID 0. I sometimes wish MySQL's AUTO_INCREMENT would start at zero + for fid, _ := range forums { + forum_perm, ok := forum_perms[gid][fid] + if ok { + // Override group perms + //log.Print("Overriding permissions for forum #" + strconv.Itoa(fid)) + groups[gid].Forums = append(groups[gid].Forums,forum_perm) + } else { + // Inherit from Group + //log.Print("Inheriting from default for forum #" + strconv.Itoa(fid)) + forum_perm = BlankForumPerms + groups[gid].Forums = append(groups[gid].Forums,forum_perm) + } + + if forum_perm.Overrides { + if forum_perm.ViewTopic { + groups[gid].CanSee = append(groups[gid].CanSee, fid) + } + } else if groups[gid].Perms.ViewTopic { + groups[gid].CanSee = append(groups[gid].CanSee, fid) + } + } + //fmt.Printf("%+v\n", groups[gid].CanSee) + //fmt.Printf("%+v\n", groups[gid].Forums) + //fmt.Println(len(groups[gid].Forums)) + } + log.Print("Loading the settings.") - rows, err = db.Query("SELECT name, content, type, constraints FROM settings") + rows, err = db.Query("select name, content, type, constraints from settings") if err != nil { log.Fatal(err) } @@ -520,7 +592,7 @@ func init_database(err error) { } log.Print("Loading the plugins.") - rows, err = db.Query("SELECT uname, active FROM plugins") + rows, err = db.Query("select uname, active from plugins") if err != nil { log.Fatal(err) } @@ -548,7 +620,7 @@ func init_database(err error) { } log.Print("Loading the themes.") - rows, err = db.Query("SELECT `uname`, `default` FROM `themes`") + rows, err = db.Query("select `uname`, `default` from `themes`") if err != nil { log.Fatal(err) } diff --git a/public/global.js b/public/global.js index 49e904d5..b59ab523 100644 --- a/public/global.js +++ b/public/global.js @@ -1,14 +1,11 @@ +var form_vars = {}; + function post_link(event) { event.preventDefault(); var form_action = $(event.target).closest('a').attr("href"); console.log("Form Action: " + form_action); - $.ajax({ - url: form_action, - type: "POST", - dataType: "json", - data: {js: "1"} - }); + $.ajax({ url: form_action, type: "POST", dataType: "json", data: { js: "1" } }); } $(document).ready(function(){ @@ -19,9 +16,8 @@ $(document).ready(function(){ $(".show_on_edit").show(); }); - $(".submit_edit").click(function(event){ + $(".topic_item .submit_edit").click(function(event){ event.preventDefault(); - $(".topic_name").html($(".topic_name_input").val()); $(".topic_content").html($(".topic_content_input").val()); $(".topic_status_e:not(.open_edit)").html($(".topic_status_input").val()); @@ -74,11 +70,7 @@ $(document).ready(function(){ var form_action = $(this).closest('a').attr("href"); console.log("Form Action: " + form_action); - $.ajax({ - url: form_action, - type: "POST", - dataType: "json", - data: {is_js: "1",edit_item: newContent} + $.ajax({ url: form_action, type: "POST", dataType: "json", data: { is_js: "1", edit_item: newContent } }); }); }); @@ -109,25 +101,70 @@ $(document).ready(function(){ }); }); + $(".edit_fields").click(function(event) + { + event.preventDefault(); + var block_parent = $(this).closest('.editable_parent'); + block_parent.find('.hide_on_edit').hide(); + block_parent.find('.editable_block').show(); + block_parent.find('.editable_block').each(function(){ + var field_name = $(this).data("field"); + var field_type = $(this).data("type"); + if(field_type=="list") { + var field_value = $(this).data("value"); + if(field_name in form_vars) var it = form_vars[field_name]; + else var it = ['No','Yes']; + var itLen = it.length; + var out = ""; + for (var i = 0; i < itLen; i++){ + if(field_value==i) sel = "selected "; + else sel = ""; + out += ""; + } + $(this).html(""); + } + else $(this).html(""); + }); + block_parent.find('.show_on_edit').eq(0).show(); + + $(".submit_edit").click(function(event) + { + event.preventDefault(); + var out_data = {is_js: "1"} + var block_parent = $(this).closest('.editable_parent'); + var block = block_parent.find('.editable_block').each(function(){ + var field_name = $(this).data("field"); + var field_type = $(this).data("type"); + if(field_type == "list") var newContent = $(this).find('select :selected').text(); + else var newContent = $(this).find('input').eq(0).val(); + + $(this).html(newContent); + out_data[field_name] = newContent + }); + + var form_action = $(this).closest('a').attr("href"); + console.log("Form Action: " + form_action); + console.log(out_data); + $.ajax({ url: form_action + "?session=" + session, type:"POST", dataType:"json", data: out_data }); + block_parent.find('.hide_on_edit').show(); + block_parent.find('.show_on_edit').hide(); + }); + }); + $(this).find(".ip_item").each(function(){ var ip = $(this).text(); - //var ip_width = $(this).width(); console.log("IP: " + ip); if(ip.length > 10){ $(this).html("Show IP"); $(this).click(function(event){ event.preventDefault(); - $(this).text(ip);/*.animate({width: ip.width},{duration: 1000, easing: 'easeOutBounce'});*/ + $(this).text(ip); }); } }); $(this).keyup(function(event){ - if(event.which == 37) { - $("#prevFloat a")[0].click(); - } - if(event.which == 39) { - $("#nextFloat a")[0].click(); - } + if(event.which == 37) $("#prevFloat a")[0].click(); + if(event.which == 39) $("#nextFloat a")[0].click(); }); }); \ No newline at end of file diff --git a/public/test_bg2.svg b/public/test_bg2.svg new file mode 100644 index 00000000..ce7769a0 --- /dev/null +++ b/public/test_bg2.svg @@ -0,0 +1,12 @@ + + + + + + + + + + + + \ No newline at end of file diff --git a/public/test_bg3.svg b/public/test_bg3.svg new file mode 100644 index 00000000..5c2ab9f9 --- /dev/null +++ b/public/test_bg3.svg @@ -0,0 +1,12 @@ + + + + + + + + + + + + \ No newline at end of file diff --git a/routes.go b/routes.go index 56782e2d..e70114c3 100644 --- a/routes.go +++ b/routes.go @@ -54,7 +54,7 @@ func route_static(w http.ResponseWriter, r *http.Request){ }*/ func route_fstatic(w http.ResponseWriter, r *http.Request){ - http.ServeFile(w, r, r.URL.Path) + http.ServeFile(w,r,r.URL.Path) } func route_overview(w http.ResponseWriter, r *http.Request){ @@ -65,7 +65,7 @@ func route_overview(w http.ResponseWriter, r *http.Request){ pi := Page{"Overview",user,noticeList,tList,nil} err := templates.ExecuteTemplate(w,"overview.html", pi) if err != nil { - InternalError(err, w, r, user) + InternalError(err,w,r,user) } } @@ -80,10 +80,10 @@ func route_custom_page(w http.ResponseWriter, r *http.Request){ NotFound(w,r,user) return } - pi := Page{"Page",user,noticeList,tList,0} + pi := Page{"Page",user,noticeList,tList,nil} err := templates.ExecuteTemplate(w,"page_" + name,pi) if err != nil { - InternalError(err, w, r, user) + InternalError(err,w,r,user) } } @@ -92,11 +92,6 @@ func route_topics(w http.ResponseWriter, r *http.Request){ if !ok { return } - // I'll have to find a solution which doesn't involve shutting down all of the routes for a user, if they don't have ANY permissions - /*if !user.Perms.ViewTopic { - NoPermissions(w,r,user) - return - }*/ var topicList []TopicUser rows, err := get_topic_list_stmt.Query() @@ -139,7 +134,7 @@ func route_topics(w http.ResponseWriter, r *http.Request){ } else { err = templates.ExecuteTemplate(w,"topics.html", pi) if err != nil { - InternalError(err, w, r, user) + InternalError(err,w,r,user) } } } @@ -161,7 +156,14 @@ func route_forum(w http.ResponseWriter, r *http.Request){ NotFound(w,r,user) return } - if !user.Perms.ViewTopic { + + //fmt.Printf("%+v\n", groups[user.Group].Forums) + if groups[user.Group].Forums[fid].Overrides { + if !groups[user.Group].Forums[fid].ViewTopic { + NoPermissions(w,r,user) + return + } + } else if !user.Perms.ViewTopic { NoPermissions(w,r,user) return } @@ -218,7 +220,7 @@ func route_forum(w http.ResponseWriter, r *http.Request){ } else { err = templates.ExecuteTemplate(w,"forum.html", pi) if err != nil { - InternalError(err, w, r, user) + InternalError(err,w,r,user) } } } @@ -230,9 +232,10 @@ func route_forums(w http.ResponseWriter, r *http.Request){ } var forumList []Forum - for _, forum := range forums { - if forum.Active { - forumList = append(forumList, forum) + group := groups[user.Group] + for fid, _ := range group.CanSee { + if forums[fid].Active && forums[fid].Name != "" { + forumList = append(forumList, forums[fid]) } } @@ -268,12 +271,6 @@ func route_topic_id(w http.ResponseWriter, r *http.Request){ LocalError("The provided TopicID is not a valid number.",w,r,user) return } - if !user.Perms.ViewTopic { - //fmt.Printf("%+v\n", user) - //fmt.Printf("%+v\n", user.Perms) - NoPermissions(w,r,user) - return - } // Get the topic.. err = get_topic_user_stmt.QueryRow(topic.ID).Scan(&topic.Title, &content, &topic.CreatedBy, &topic.CreatedAt, &topic.Is_Closed, &topic.Sticky, &topic.ParentID, &topic.IpAddress, &topic.PostCount, &topic.CreatedByName, &topic.Avatar, &group, &topic.URLPrefix, &topic.URLName, &topic.Level) @@ -285,6 +282,21 @@ func route_topic_id(w http.ResponseWriter, r *http.Request){ return } + if (topic.ParentID > forumCapCount) || (topic.ParentID < 0) || forums[topic.ParentID].Name=="" { + LocalError("The topic's parent forum doesn't exist.",w,r,user) + return + } + + if groups[user.Group].Forums[topic.ParentID].Overrides { + if !groups[user.Group].Forums[topic.ParentID].ViewTopic { + NoPermissions(w,r,user) + return + } + } else if !user.Perms.ViewTopic { + NoPermissions(w,r,user) + return + } + topic.Content = template.HTML(parse_message(content)) topic.ContentLines = strings.Count(content,"\n") diff --git a/template_forum.go b/template_forum.go index be038155..ec8eb3aa 100644 --- a/template_forum.go +++ b/template_forum.go @@ -1,7 +1,7 @@ /* This file was automatically generated by the software. Please don't edit it as your changes may be overwritten at any moment. */ package main -import "io" import "strconv" +import "io" func init() { template_forum_handle = template_forum diff --git a/template_list.go b/template_list.go index 1855f388..edc18c40 100644 --- a/template_list.go +++ b/template_list.go @@ -60,10 +60,10 @@ var topic_5 []byte = []byte(`" /> var topic_6 []byte = []byte(`?page=`) var topic_7 []byte = []byte(`">>`) var topic_8 []byte = []byte(` -
+
-
@@ -176,10 +176,10 @@ var topic_alt_5 []byte = []byte(`" /> var topic_alt_6 []byte = []byte(`?page=`) var topic_alt_7 []byte = []byte(`">>
`) var topic_alt_8 []byte = []byte(` -
+
-
diff --git a/template_topic_alt.go b/template_topic_alt.go index 0ee3cff5..4e14c0a2 100644 --- a/template_topic_alt.go +++ b/template_topic_alt.go @@ -1,8 +1,8 @@ /* This file was automatically generated by the software. Please don't edit it as your changes may be overwritten at any moment. */ package main -import "io" import "strconv" import "html/template" +import "io" func init() { template_topic_alt_handle = template_topic_alt diff --git a/templates/panel-forums.html b/templates/panel-forums.html index a89dac93..2ecabf62 100644 --- a/templates/panel-forums.html +++ b/templates/panel-forums.html @@ -1,18 +1,18 @@ {{template "header.html" . }} {{template "panel-menu.html" . }} +
Forums
{{range .ItemList}}
- {{.Name}} + {{.Name}} - {{if not .Active}}Hidden{{end}} - {{if gt .ID 1}} - Edit - Delete - {{end}} + Hidden + {{if gt .ID 0}}Edit + {{end}} + {{if gt .ID 1}}Delete{{end}}
{{end}} @@ -33,6 +33,17 @@
+
diff --git a/templates/panel-menu.html b/templates/panel-menu.html index 2d7f5ad2..27e7a294 100644 --- a/templates/panel-menu.html +++ b/templates/panel-menu.html @@ -6,5 +6,5 @@ {{if .CurrentUser.Perms.EditSettings}}
Settings
{{end}} {{if .CurrentUser.Perms.ManageThemes}}
Themes
{{end}} {{if .CurrentUser.Perms.ManagePlugins}}
Plugins
{{end}} -
Reported Content
+
Reports
\ No newline at end of file diff --git a/templates/topic.html b/templates/topic.html index 83d0f11d..c5e70ef4 100644 --- a/templates/topic.html +++ b/templates/topic.html @@ -2,9 +2,9 @@ {{if gt .Page 1}}{{end}} {{if ne .LastPage .Page}} {{end}} -
+
-
+
{{.Topic.Title}} {{if .Topic.Is_Closed}}🔒︎{{end}} {{if .CurrentUser.Is_Mod}} diff --git a/templates/topic_alt.html b/templates/topic_alt.html index 5b9a6267..8775b098 100644 --- a/templates/topic_alt.html +++ b/templates/topic_alt.html @@ -2,9 +2,9 @@ {{if gt .Page 1}}{{end}} {{if ne .LastPage .Page}} {{end}} -
+
-
+
{{.Topic.Title}} {{if .Topic.Is_Closed}}🔒︎{{end}} {{if .CurrentUser.Is_Mod}} diff --git a/themes/tempra-conflux/public/main.css b/themes/tempra-conflux/public/main.css index a4b2c535..b51db5e4 100644 --- a/themes/tempra-conflux/public/main.css +++ b/themes/tempra-conflux/public/main.css @@ -8,6 +8,8 @@ body { font-family: arial; padding-bottom: 8px; + background-image: url('/static/test_bg2.svg'); + background-size: cover; } /* Patch for Edge */ @@ -24,6 +26,7 @@ ul height: 28px; list-style-type: none; border: 1px solid #ccc; + background-color: white; } li { @@ -110,6 +113,7 @@ li a padding-bottom: 12px; font-weight: bold; text-transform: uppercase; + background-color: white; } .rowitem.passive { @@ -167,15 +171,14 @@ li a .formrow { width: 100%; + background-color: white; } /* Clearfix */ .formrow:before, .formrow:after { - content: " "; - display: table; -} -.formrow:after { - clear: both; + content: " "; + display: table; } +.formrow:after { clear: both; } .formrow:not(:last-child) { border-bottom: 1px dotted #ccc; diff --git a/themes/tempra-simple/public/main.css b/themes/tempra-simple/public/main.css index 778546b7..15f74567 100644 --- a/themes/tempra-simple/public/main.css +++ b/themes/tempra-simple/public/main.css @@ -12,7 +12,7 @@ body /* Patch for Edge */ @supports (-ms-ime-align:auto) { -.user_content { font-family: Segoe UI Emoji, arial; } + .user_content { font-family: Segoe UI Emoji, arial; } } /*.move_left{float: left;position: relative;left: 50%;} @@ -24,6 +24,7 @@ ul height: 28px; list-style-type: none; border: 1px solid #ccc; + background-color: white; } li { @@ -101,6 +102,7 @@ li a padding-bottom: 12px; font-weight: bold; text-transform: uppercase; + background-color: white; } .rowitem.passive { @@ -151,20 +153,16 @@ li a .formrow { - /*height: 40px;*/ width: 100%; + background-color: white; } /*Clearfix*/ -.formrow:before, -.formrow:after { - content: " "; - display: table; -} - -.formrow:after { - clear: both; +.formrow:before, .formrow:after { + content: " "; + display: table; } +.formrow:after { clear: both; } .formrow:not(:last-child) { diff --git a/user.go b/user.go index 693666f8..c979d440 100644 --- a/user.go +++ b/user.go @@ -77,16 +77,19 @@ func SessionCheck(w http.ResponseWriter, r *http.Request) (user User, noticeList // Are there any session cookies..? cookie, err := r.Cookie("uid") if err != nil { + user.Group = 6 user.Perms = GuestPerms return user, noticeList, true } user.ID, err = strconv.Atoi(cookie.Value) if err != nil { + user.Group = 6 user.Perms = GuestPerms return user, noticeList, true } cookie, err = r.Cookie("session") if err != nil { + user.Group = 6 user.Perms = GuestPerms return user, noticeList, true } @@ -96,6 +99,7 @@ func SessionCheck(w http.ResponseWriter, r *http.Request) (user User, noticeList if err == sql.ErrNoRows { user.ID = 0 user.Session = "" + user.Group = 6 user.Perms = GuestPerms return user, noticeList, true } else if err != nil { @@ -145,16 +149,19 @@ func SimpleSessionCheck(w http.ResponseWriter, r *http.Request) (user User, succ // Are there any session cookies..? cookie, err := r.Cookie("uid") if err != nil { + user.Group = 6 user.Perms = GuestPerms return user, true } user.ID, err = strconv.Atoi(cookie.Value) if err != nil { + user.Group = 6 user.Perms = GuestPerms return user, true } cookie, err = r.Cookie("session") if err != nil { + user.Group = 6 user.Perms = GuestPerms return user, true } @@ -164,6 +171,7 @@ func SimpleSessionCheck(w http.ResponseWriter, r *http.Request) (user User, succ if err == sql.ErrNoRows { user.ID = 0 user.Session = "" + user.Group = 6 user.Perms = GuestPerms return user, true } else if err != nil { diff --git a/utils.go b/utils.go index 5ac7cf71..74ba8364 100644 --- a/utils.go +++ b/utils.go @@ -192,4 +192,11 @@ func fill_forum_id_gap(biggerID int, smallerID int) { for i := smallerID; i > biggerID;i++ { forums = append(forums, dummy) } -} \ No newline at end of file +} + +func fill_group_id_gap(biggerID int, smallerID int) { + dummy := Group{ID:0, Name:""} + for i := smallerID; i > biggerID;i++ { + groups = append(groups, dummy) + } +}