From 46a14715e39a30eaee12274ee6b45b25b1123beb Mon Sep 17 00:00:00 2001
From: Baris Soner Usakli <barisusakli@gmail.com>
Date: Fri, 29 Nov 2013 23:08:42 -0500
Subject: [PATCH] fixed logout in admin site, cleaned up topics.post, anon
 users can post topics now if allowed

---
 public/src/forum/admin/index.js |  10 +-
 src/topics.js                   | 169 ++++++++++++++++----------------
 src/websockets.js               |  21 ++--
 3 files changed, 102 insertions(+), 98 deletions(-)

diff --git a/public/src/forum/admin/index.js b/public/src/forum/admin/index.js
index c5cd4c413a..96acb81c46 100644
--- a/public/src/forum/admin/index.js
+++ b/public/src/forum/admin/index.js
@@ -1,7 +1,7 @@
 define(function() {
 	var	Admin = {};
 
-		Admin.init = function() {
+	Admin.init = function() {
 		ajaxify.register_events(['api:get_all_rooms']);
 		socket.on('api:get_all_rooms', function(data) {
 
@@ -22,6 +22,14 @@ define(function() {
 
 		app.enterRoom('admin');
 		socket.emit('api:get_all_rooms');
+
+		$('#logout-link').on('click', function() {
+			$.post(RELATIVE_PATH + '/logout', {
+				_csrf: $('#csrf_token').val()
+			}, function() {
+				window.location.href = RELATIVE_PATH + '/';
+			});
+		})
 	};
 
 	return Admin;
diff --git a/src/topics.js b/src/topics.js
index 8f67ad0ade..eb24fe3e7f 100644
--- a/src/topics.js
+++ b/src/topics.js
@@ -20,105 +20,104 @@ var RDB = require('./redis'),
 
 (function(Topics) {
 
-	Topics.post = function(uid, title, content, category_id, callback) {
-		CategoryTools.privileges(category_id, uid, function(err, privileges) {
-			if (privileges.write) {
-				if (!category_id)
-					throw new Error('Attempted to post without a category_id');
-
-				if (content)
-					content = content.trim();
-				if (title)
-					title = title.trim();
-
-				if (!uid) {
-					callback(new Error('not-logged-in'), null);
-					return;
-				} else if (!title || title.length < meta.config.minimumTitleLength) {
-					callback(new Error('title-too-short'), null);
-					return;
-				} else if (!content || content.length < meta.config.miminumPostLength) {
-					callback(new Error('content-too-short'), null);
-					return;
+	Topics.post = function(uid, title, content, cid, callback) {
+
+		CategoryTools.privileges(cid, uid, function(err, privileges) {
+
+			if(err) {
+				return callback(err);
+			} else if(!privileges.write) {
+				return callback(new Error('no-privileges'));
+			} else if (!cid) {
+				return callback(new Error('invalid-cid'));
+			} else if (!title || title.length < meta.config.minimumTitleLength) {
+				return callback(new Error('title-too-short'), null);
+			} else if (!content || content.length < meta.config.miminumPostLength) {
+				return callback(new Error('content-too-short'), null);
+			}
+
+			if (content) {
+				content = content.trim();
+			}
+			if (title) {
+				title = title.trim();
+			}
+
+			user.getUserField(uid, 'lastposttime', function(err, lastposttime) {
+				if (err) {
+					return callback(err);
 				}
 
-				user.getUserField(uid, 'lastposttime', function(err, lastposttime) {
-					if (err) lastposttime = 0;
-					if (Date.now() - lastposttime < meta.config.postDelay * 1000) {
-						callback(new Error('too-many-posts'), null);
-						return;
-					}
+				if(!lastposttime) {
+					lastposttime = 0;
+				}
 
-					RDB.incr('next_topic_id', function(err, tid) {
-						RDB.handle(err);
+				if (Date.now() - lastposttime < meta.config.postDelay * 1000) {
+					return callback(new Error('too-many-posts'), null);
+				}
 
-						// Global Topics
-						if (uid == null) uid = 0;
-						if (uid !== null) {
-							RDB.sadd('topics:tid', tid);
-						} else {
-							// need to add some unique key sent by client so we can update this with the real uid later
-							RDB.lpush('topics:queued:tid', tid);
-						}
+				RDB.incr('next_topic_id', function(err, tid) {
+					if(err) {
+						return callback(err);
+					}
 
-						var slug = tid + '/' + utils.slugify(title);
-						var timestamp = Date.now();
-						RDB.hmset('topic:' + tid, {
-							'tid': tid,
-							'uid': uid,
-							'cid': category_id,
-							'title': title,
-							'slug': slug,
-							'timestamp': timestamp,
-							'lastposttime': 0,
-							'postcount': 0,
-							'viewcount': 0,
-							'locked': 0,
-							'deleted': 0,
-							'pinned': 0
-						});
+					RDB.sadd('topics:tid', tid);
+
+					var slug = tid + '/' + utils.slugify(title);
+					var timestamp = Date.now();
+					RDB.hmset('topic:' + tid, {
+						'tid': tid,
+						'uid': uid,
+						'cid': cid,
+						'title': title,
+						'slug': slug,
+						'timestamp': timestamp,
+						'lastposttime': 0,
+						'postcount': 0,
+						'viewcount': 0,
+						'locked': 0,
+						'deleted': 0,
+						'pinned': 0
+					});
 
-						topicSearch.index(title, tid);
+					topicSearch.index(title, tid);
 
-						user.addTopicIdToUser(uid, tid);
+					user.addTopicIdToUser(uid, tid);
 
-						// let everyone know that there is an unread topic in this category
-						RDB.del('cid:' + category_id + ':read_by_uid', function(err, data) {
-							Topics.markAsRead(tid, uid);
-						});
+					// let everyone know that there is an unread topic in this category
+					RDB.del('cid:' + cid + ':read_by_uid', function(err, data) {
+						Topics.markAsRead(tid, uid);
+					});
 
 
-						// in future it may be possible to add topics to several categories, so leaving the door open here.
-						RDB.zadd('categories:' + category_id + ':tid', timestamp, tid);
-						RDB.hincrby('category:' + category_id, 'topic_count', 1);
-						RDB.incr('totaltopiccount');
+					// in future it may be possible to add topics to several categories, so leaving the door open here.
+					RDB.zadd('categories:' + cid + ':tid', timestamp, tid);
+					RDB.hincrby('category:' + cid, 'topic_count', 1);
+					RDB.incr('totaltopiccount');
 
-						feed.updateCategory(category_id);
+					feed.updateCategory(cid);
 
-						posts.create(uid, tid, content, function(err, postData) {
-							if(err) {
-								return callback(err, null);
-							} else if(!postData) {
-								return callback(new Error('invalid-post'), null);
-							}
+					posts.create(uid, tid, content, function(err, postData) {
+						if(err) {
+							return callback(err, null);
+						} else if(!postData) {
+							return callback(new Error('invalid-post'), null);
+						}
 
-							// Auto-subscribe the post creator to the newly created topic
-							threadTools.toggleFollow(tid, uid);
+						// Auto-subscribe the post creator to the newly created topic
+						threadTools.toggleFollow(tid, uid);
 
-							Topics.getTopicForCategoryView(tid, uid, function(topicData) {
-								topicData.unreplied = 1;
+						Topics.getTopicForCategoryView(tid, uid, function(topicData) {
+							topicData.unreplied = 1;
 
-								callback(null, {
-									topicData: topicData,
-									postData: postData
-								});
+							callback(null, {
+								topicData: topicData,
+								postData: postData
 							});
 						});
 					});
 				});
-			} else {
-				callback(new Error('no-privileges'));
-			}
+			});
 		});
 	};
 
@@ -459,9 +458,9 @@ var RDB = require('./redis'),
 					topicData['deleted-class'] = topicData.deleted === '1' ? 'deleted' : '';
 
 					topicData.unreplied = topicData.postcount === '1';
-					topicData.username = topicInfo.username;
-					topicData.userslug = topicInfo.userslug;
-					topicData.picture = topicInfo.picture;
+					topicData.username = topicInfo.username || 'anonymous';
+					topicData.userslug = topicInfo.userslug || '';
+					topicData.picture = topicInfo.picture || require('gravatar').url('', {}, https = nconf.get('https'));;
 					topicData.categoryIcon = topicInfo.categoryData.icon;
 					topicData.categoryName = topicInfo.categoryData.name;
 					topicData.categorySlug = topicInfo.categoryData.slug;
@@ -644,9 +643,7 @@ var RDB = require('./redis'),
 	Topics.markAllRead = function(uid, callback) {
 		RDB.smembers('topics:tid', function(err, tids) {
 			if (err) {
-				console.log(err);
-				callback(err, null);
-				return;
+				return callback(err, null);
 			}
 
 			if (tids && tids.length) {
diff --git a/src/websockets.js b/src/websockets.js
index 7b17843100..565889b06c 100644
--- a/src/websockets.js
+++ b/src/websockets.js
@@ -346,20 +346,19 @@ module.exports.init = function(io) {
 		});
 
 		socket.on('api:topics.post', function(data) {
+			if (uid < 1 && meta.config.allowGuestPosting === '0') {
+				socket.emit('event:alert', {
+					title: 'Post Unsuccessful',
+					message: 'You don&apos;t seem to be logged in, so you cannot reply.',
+					type: 'danger',
+					timeout: 2000
+				});
+				return;
+			}
 
 			topics.post(uid, data.title, data.content, data.category_id, function(err, result) {
 				if(err) {
-					if (err.message === 'not-logged-in') {
-						socket.emit('event:alert', {
-							title: 'Thank you for posting',
-							message: 'Since you are unregistered, your post is awaiting approval. Click here to register now.',
-							type: 'warning',
-							timeout: 7500,
-							clickfn: function() {
-								ajaxify.go('register');
-							}
-						});
-					} else if (err.message === 'title-too-short') {
+				 	if (err.message === 'title-too-short') {
 						topics.emitTitleTooShortAlert(socket);
 					} else if (err.message === 'content-too-short') {
 						posts.emitContentTooShortAlert(socket);