hyperzlib
/
nodebb
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/master' into private-groups

Browse Source
v1.18.x
Julian Lam 10 years ago
parent 635393a274 ad12886d19
commit 612b8f01b6
24 changed files with 390 additions and 312 deletions
Show Stats Download Patch File Download Diff File

3
public/src/ajaxify.js
Unescape Escape View File

@ -195,7 +195,8 @@ $(document).ready(function() {
ajaxify.getCustomTemplateMapping = function(tpl) {
if (templatesModule.config && templatesModule.config.custom_mapping && tpl !== undefined) {
for (var pattern in templatesModule.config.custom_mapping) {
if (tpl.match(pattern)) {
var match = tpl.match(pattern);
if (match && match[0] === tpl) {
return (templatesModule.config.custom_mapping[pattern]);
}
}

8
public/src/client/account/profile.js
Unescape Escape View File

@ -36,11 +36,7 @@ define('forum/account/profile', ['forum/account/header', 'forum/infinitescroll']
socket.removeListener('event:user_status_change', onUserStatusChange);
socket.on('event:user_status_change', onUserStatusChange);
if (yourid !== theirid) {
socket.emit('user.increaseViewCount', theirid);
}
infinitescroll.init(loadMoreTopics);
infinitescroll.init(loadMorePosts);
};
function processPage() {
@ -84,7 +80,7 @@ define('forum/account/profile', ['forum/account/header', 'forum/infinitescroll']
}
function loadMoreTopics(direction) {
function loadMorePosts(direction) {
if(direction < 0 || !$('.user-recent-posts').length) {
return;
}

4
public/src/client/topic/fork.js
Unescape Escape View File

@ -101,8 +101,8 @@ define('forum/topic/fork', function() {
post.css('opacity', '1.0');
}
if(pids.length) {
pids.sort();
if (pids.length) {
pids.sort(function(a,b) { return a - b; });
forkModal.find('#fork-pids').html(pids.toString());
} else {
showNoPostsSelected();

2
public/src/client/users.js
Unescape Escape View File

@ -115,7 +115,7 @@ define('forum/users', function() {
notify.html('<i class="fa fa-spinner fa-spin"></i>');
socket.emit('user.search', {query: username}, function(err, data) {
socket.emit('user.search', {query: username, by: $('.search select').val()}, function(err, data) {
if (err) {
reset();
return app.alertError(err.message);

63
public/src/modules/uploader.js
Unescape Escape View File

@ -1,16 +1,10 @@
'use strict';
/* globals define */
define('uploader', ['csrf'], function(csrf) {
var module = {},
maybeParse = function(response) {
if (typeof response == 'string') {
try {
return $.parseJSON(response);
} catch (e) {
return {error: 'Something went wrong while parsing server response'};
}
}
return response;
};
var module = {};
module.open = function(route, params, fileSize, callback) {
var uploadModal = $('#upload-picture-modal');
@ -20,9 +14,8 @@ define('uploader', ['csrf'], function(csrf) {
uploadForm[0].reset();
uploadForm.attr('action', route);
uploadForm.find('#params').val(JSON.stringify(params));
// uploadForm.find('#csrfToken').val(csrf.get());
if(fileSize) {
if (fileSize) {
uploadForm.find('#upload-file-size').html(fileSize);
uploadForm.find('#file-size-block').removeClass('hide');
} else {
@ -35,28 +28,18 @@ define('uploader', ['csrf'], function(csrf) {
uploadForm.off('submit').submit(function() {
function status(message) {
function showAlert(type, message) {
module.hideAlerts();
uploadModal.find('#alert-status').text(message).removeClass('hide');
uploadModal.find('#alert-' + type).text(message).removeClass('hide');
}
function success(message) {
module.hideAlerts();
uploadModal.find('#alert-success').text(message).removeClass('hide');
}
function error(message) {
module.hideAlerts();
uploadModal.find('#alert-error').text(message).removeClass('hide');
}
status('uploading the file ...');
showAlert('status', 'uploading the file ...');
uploadModal.find('#upload-progress-bar').css('width', '0%');
uploadModal.find('#upload-progress-box').show().removeClass('hide');
if (!$('#userPhotoInput').val()) {
error('select an image to upload!');
showAlert('error', 'select an image to upload!');
return false;
}
@ -66,7 +49,7 @@ define('uploader', ['csrf'], function(csrf) {
},
error: function(xhr) {
xhr = maybeParse(xhr);
error('Error: ' + xhr.status);
showAlert('error', 'Error: ' + xhr.status);
},
uploadProgress: function(event, position, total, percent) {
@ -77,12 +60,13 @@ define('uploader', ['csrf'], function(csrf) {
response = maybeParse(response);
if (response.error) {
error(response.error);
showAlert('error', response.error);
return;
}
callback(response.path);
success('File uploaded successfully!');
callback(response[0].url);
showAlert('success', 'File uploaded successfully!');
setTimeout(function() {
module.hideAlerts();
uploadModal.modal('hide');
@ -94,12 +78,19 @@ define('uploader', ['csrf'], function(csrf) {
});
};
function maybeParse(response) {
if (typeof response === 'string') {
try {
return $.parseJSON(response);
} catch (e) {
return {error: 'Something went wrong while parsing server response'};
}
}
return response;
}
module.hideAlerts = function() {
var uploadModal = $('#upload-picture-modal');
uploadModal.find('#alert-status').addClass('hide');
uploadModal.find('#alert-success').addClass('hide');
uploadModal.find('#alert-error').addClass('hide');
uploadModal.find('#upload-progress-box').addClass('hide');
$('#upload-picture-modal').find('#alert-status, #alert-success, #alert-error, #upload-progress-box').addClass('hide');
};
return module;

38
src/controllers/accounts.js
Unescape Escape View File

@ -144,6 +144,10 @@ accountsController.getAccount = function(req, res, next) {
return helpers.notFound(req, res);
}
if (callerUID !== parseInt(userData.uid, 10)) {
user.incrementUserFieldBy(userData.uid, 'profileviews', 1);
}
async.parallel({
isFollowing: function(next) {
user.isFollowing(callerUID, userData.theirid, next);
@ -386,25 +390,27 @@ accountsController.accountSettings = function(req, res, next) {
};
accountsController.uploadPicture = function (req, res, next) {
var userPhoto = req.files.files[0];
var uploadSize = parseInt(meta.config.maximumProfileImageSize, 10) || 256;
if (req.files.userPhoto.size > uploadSize * 1024) {
fs.unlink(req.files.userPhoto.path);
if (userPhoto.size > uploadSize * 1024) {
fs.unlink(userPhoto.path);
return res.json({
error: 'Images must be smaller than ' + uploadSize + ' kb!'
});
}
var allowedTypes = ['image/png', 'image/jpeg', 'image/jpg', 'image/gif'];
if (allowedTypes.indexOf(req.files.userPhoto.type) === -1) {
fs.unlink(req.files.userPhoto.path);
if (allowedTypes.indexOf(userPhoto.type) === -1) {
fs.unlink(userPhoto.path);
return res.json({
error: 'Allowed image types are png, jpg and gif!'
});
}
var extension = path.extname(req.files.userPhoto.name);
var extension = path.extname(userPhoto.name);
if (!extension) {
fs.unlink(req.files.userPhoto.path);
fs.unlink(userPhoto.path);
return res.json({
error: 'Error uploading file! Error : Invalid extension!'
});
@ -415,11 +421,11 @@ accountsController.uploadPicture = function (req, res, next) {
async.waterfall([
function(next) {
image.resizeImage(req.files.userPhoto.path, extension, imageDimension, imageDimension, next);
image.resizeImage(userPhoto.path, extension, imageDimension, imageDimension, next);
},
function(next) {
if (parseInt(meta.config['profile:convertProfileImageToPNG'], 10) === 1) {
image.convertImageToPng(req.files.userPhoto.path, extension, next);
image.convertImageToPng(userPhoto.path, extension, next);
} else {
next();
}
@ -447,25 +453,23 @@ accountsController.uploadPicture = function (req, res, next) {
], function(err, result) {
function done(err, image) {
fs.unlink(req.files.userPhoto.path);
if(err) {
fs.unlink(userPhoto.path);
if (err) {
return res.json({error: err.message});
}
user.setUserFields(updateUid, {uploadedpicture: image.url, picture: image.url});
res.json({
path: image.url
});
res.json([{name: userPhoto.name, url: image.url}]);
}
if (err) {
fs.unlink(req.files.userPhoto.path);
fs.unlink(userPhoto.path);
return res.json({error:err.message});
}
if (plugins.hasListeners('filter:uploadImage')) {
return plugins.fireHook('filter:uploadImage', {image: req.files.userPhoto, uid: updateUid}, done);
return plugins.fireHook('filter:uploadImage', {image: userPhoto, uid: updateUid}, done);
}
var convertToPNG = parseInt(meta.config['profile:convertProfileImageToPNG'], 10) === 1;
@ -473,7 +477,7 @@ accountsController.uploadPicture = function (req, res, next) {
user.getUserField(updateUid, 'uploadedpicture', function (err, oldpicture) {
if (!oldpicture) {
file.saveFileToLocal(filename, 'profile', req.files.userPhoto.path, done);
file.saveFileToLocal(filename, 'profile', userPhoto.path, done);
return;
}
@ -484,7 +488,7 @@ accountsController.uploadPicture = function (req, res, next) {
winston.err(err);
}
file.saveFileToLocal(filename, 'profile', req.files.userPhoto.path, done);
file.saveFileToLocal(filename, 'profile', userPhoto.path, done);
});
});
});

84
src/controllers/admin/uploads.js
Unescape Escape View File

@ -8,37 +8,8 @@ var fs = require('fs'),
var uploadsController = {};
function validateUpload(res, req, allowedTypes) {
if (allowedTypes.indexOf(req.files.userPhoto.type) === -1) {
var err = {
error: 'Invalid image type. Allowed types are: ' + allowedTypes.join(', ')
};
fs.unlink(req.files.userPhoto.path);
res.send(req.xhr ? err : JSON.stringify(err));
return false;
}
return true;
}
uploadsController.uploadImage = function(filename, folder, req, res) {
function done(err, image) {
fs.unlink(req.files.userPhoto.path);
var response = err ? {error: err.message} : {path: image.url};
res.send(req.xhr ? response : JSON.stringify(response));
}
if (plugins.hasListeners('filter:uploadImage')) {
plugins.fireHook('filter:uploadImage', {image: req.files.userPhoto, uid: req.user.uid}, done);
} else {
file.saveFileToLocal(filename, folder, req.files.userPhoto.path, done);
}
};
uploadsController.uploadCategoryPicture = function(req, res, next) {
var uploadedFile = req.files.files[0];
var allowedTypes = ['image/png', 'image/jpeg', 'image/jpg', 'image/gif', 'image/svg+xml'],
params = null;
@ -48,24 +19,25 @@ uploadsController.uploadCategoryPicture = function(req, res, next) {
var err = {
error: 'Error uploading file! Error :' + e.message
};
fs.unlink(req.files.userPhoto.path);
fs.unlink(uploadedFile.path);
return res.send(req.xhr ? err : JSON.stringify(err));
}
if (validateUpload(res, req, allowedTypes)) {
var filename = 'category-' + params.cid + path.extname(req.files.userPhoto.name);
uploadsController.uploadImage(filename, 'category', req, res);
if (validateUpload(req, res, uploadedFile, allowedTypes)) {
var filename = 'category-' + params.cid + path.extname(uploadedFile.name);
uploadImage(filename, 'category', uploadedFile, req, res);
}
};
uploadsController.uploadFavicon = function(req, res, next) {
var uploadedFile = req.files.files[0];
var allowedTypes = ['image/x-icon', 'image/vnd.microsoft.icon'];
if (validateUpload(res, req, allowedTypes)) {
file.saveFileToLocal('favicon.ico', 'files', req.files.userPhoto.path, function(err, image) {
fs.unlink(req.files.userPhoto.path);
if (validateUpload(res, req, uploadedFile, allowedTypes)) {
file.saveFileToLocal('favicon.ico', 'files', uploadedFile.path, function(err, image) {
fs.unlink(uploadedFile.path);
var response = err ? {error: err.message} : {path: image.url};
var response = err ? {error: err.message} : [{name: uploadedFile.name, url: image.url}];
res.send(req.xhr ? response : JSON.stringify(response));
});
@ -81,11 +53,41 @@ uploadsController.uploadGravatarDefault = function(req, res, next) {
};
function upload(name, req, res, next) {
var uploadedFile = req.files.files[0];
var allowedTypes = ['image/png', 'image/jpeg', 'image/pjpeg', 'image/jpg', 'image/gif'];
if (validateUpload(req, res, uploadedFile, allowedTypes)) {
var filename = name + path.extname(uploadedFile.name);
uploadImage(filename, 'files', uploadedFile, req, res);
}
}
function validateUpload(req, res, uploadedFile, allowedTypes) {
if (allowedTypes.indexOf(uploadedFile.type) === -1) {
var err = {
error: 'Invalid image type. Allowed types are: ' + allowedTypes.join(', ')
};
if (validateUpload(res, req, allowedTypes)) {
var filename = name + path.extname(req.files.userPhoto.name);
uploadsController.uploadImage(filename, 'files', req, res);
fs.unlink(uploadedFile.path);
res.send(req.xhr ? err : JSON.stringify(err));
return false;
}
return true;
}
function uploadImage(filename, folder, uploadedFile, req, res) {
function done(err, image) {
fs.unlink(uploadedFile.path);
var response = err ? {error: err.message} : [{name: uploadedFile.name, url: image.url}];
res.send(req.xhr ? response : JSON.stringify(response));
}
if (plugins.hasListeners('filter:uploadImage')) {
plugins.fireHook('filter:uploadImage', {image: uploadedFile, uid: req.user.uid}, done);
} else {
file.saveFileToLocal(filename, folder, uploadedFile.path, done);
}
}

125
src/controllers/uploads.js
Unescape Escape View File

@ -0,0 +1,125 @@
"use strict";
var uploadsController = {},
fs = require('fs'),
path = require('path'),
async = require('async'),
meta = require('../meta'),
plugins = require('../plugins'),
utils = require('../../public/src/utils'),
image = require('../image');
uploadsController.upload = function(req, res, filesIterator, next) {
var files = req.files.files;
if (!req.user) {
deleteTempFiles(files);
return res.status(403).json('not allowed');
}
if (!Array.isArray(files)) {
return res.status(500).json('invalid files');
}
if (Array.isArray(files[0])) {
files = files[0];
}
async.map(files, filesIterator, function(err, images) {
deleteTempFiles(files);
if (err) {
return res.status(500).send(err.message);
}
// IE8 - send it as text/html so browser won't trigger a file download for the json response
// malsup.com/jquery/form/#file-upload
res.status(200).send(req.xhr ? images : JSON.stringify(images));
});
};
uploadsController.uploadPost = function(req, res, next) {
uploadsController.upload(req, res, function(file, next) {
if (file.type.match(/image./)) {
uploadImage(req.user.uid, file, next);
} else {
uploadFile(req.user.uid, file, next);
}
}, next);
};
uploadsController.uploadThumb = function(req, res, next) {
if (parseInt(meta.config.allowTopicsThumbnail, 10) !== 1) {
deleteTempFiles(req.files.files);
return next(new Error('[[error:topic-thumbnails-are-disabled]]'));
}
uploadsController.upload(req, res, function(file, next) {
if(file.type.match(/image./)) {
var size = meta.config.topicThumbSize || 120;
image.resizeImage(file.path, path.extname(file.name), size, size, function(err) {
if (err) {
return next(err);
}
uploadImage(req.user.uid, file, next);
});
} else {
next(new Error('[[error:invalid-file]]'));
}
}, next);
};
function uploadImage(uid, image, callback) {
if (plugins.hasListeners('filter:uploadImage')) {
return plugins.fireHook('filter:uploadImage', {image: image, uid: uid}, callback);
}
if (parseInt(meta.config.allowFileUploads, 10)) {
uploadFile(uid, image, callback);
} else {
callback(new Error('[[error:uploads-are-disabled]]'));
}
}
function uploadFile(uid, file, callback) {
if (plugins.hasListeners('filter:uploadFile')) {
return plugins.fireHook('filter:uploadFile', {file: file, uid: uid}, callback);
}
if (parseInt(meta.config.allowFileUploads, 10) !== 1) {
return callback(new Error('[[error:uploads-are-disabled]]'));
}
if (!file) {
return callback(new Error('[[error:invalid-file]]'));
}
if (file.size > parseInt(meta.config.maximumFileSize, 10) * 1024) {
return callback(new Error('[[error:file-too-big, ' + meta.config.maximumFileSize + ']]'));
}
var filename = 'upload-' + utils.generateUUID() + path.extname(file.name);
require('../file').saveFileToLocal(filename, 'files', file.path, function(err, upload) {
if (err) {
return callback(err);
}
callback(null, {
url: upload.url,
name: file.name
});
});
}
function deleteTempFiles(files) {
for(var i=0; i<files.length; ++i) {
fs.unlink(files[i].path);
}
}
module.exports = uploadsController;

22
src/favourites.js
Unescape Escape View File

@ -17,15 +17,11 @@ var async = require('async'),
return callback(new Error('[[error:not-logged-in]]'));
}
posts.getPostFields(pid, ['pid', 'uid', 'timestamp'], function (err, postData) {
posts.getPostFields(pid, ['pid', 'uid'], function (err, postData) {
if (err) {
return callback(err);
}
if (uid === parseInt(postData.uid, 10)) {
return callback(new Error('[[error:cant-vote-self-post]]'));
}
var now = Date.now();
if(type === 'upvote' && !unvote) {
@ -167,12 +163,24 @@ var async = require('async'),
};
function unvote(pid, uid, command, callback) {
Favourites.hasVoted(pid, uid, function(err, voteStatus) {
async.parallel({
owner: function(next) {
posts.getPostField(pid, 'uid', next);
},
voteStatus: function(next) {
Favourites.hasVoted(pid, uid, next);
}
}, function(err, results) {
if (err) {
return callback(err);
}
var hook,
if (parseInt(uid, 10) === parseInt(results.owner, 10)) {
return callback(new Error('[[error:cant-vote-self-post]]'));
}
var voteStatus = results.voteStatus,
hook,
current = voteStatus.upvoted ? 'upvote' : 'downvote';
if (voteStatus.upvoted && command === 'downvote' || voteStatus.downvoted && command === 'upvote') {

47
src/middleware/middleware.js
Unescape Escape View File

@ -106,6 +106,13 @@ middleware.addSlug = function(req, res, next) {
next();
};
middleware.validateFiles = function(req, res, next) {
if (!Array.isArray(req.files.files) || !req.files.files.length) {
return next(new Error(['[[error:invalid-files]]']));
}
next();
};
middleware.prepareAPI = function(req, res, next) {
res.locals.isAPI = true;
next();
@ -438,7 +445,7 @@ middleware.addExpiresHeaders = function(req, res, next) {
};
middleware.maintenanceMode = function(req, res, next) {
if (meta.config.maintenanceMode !== '1') {
if (parseInt(meta.config.maintenanceMode, 10) !== 1) {
return next();
}
@ -473,35 +480,35 @@ middleware.maintenanceMode = function(req, res, next) {
return true;
}
}
return false;
},
isApiRoute = /^\/api/;
if (!isAllowed(req.url)) {
if (!req.user) {
return render();
} else {
user.isAdministrator(req.user.uid, function(err, isAdmin) {
if (!isAdmin) {
return render();
} else {
return next();
}
});
}
} else {
if (isAllowed(req.url)) {
return next();
}
if (!req.user) {
return render();
}
user.isAdministrator(req.user.uid, function(err, isAdmin) {
if (err) {
return next(err);
}
if (!isAdmin) {
render();
} else {
next();
}
});
};
middleware.publicTagListing = function(req, res, next) {
if ((!meta.config.hasOwnProperty('publicTagListing') || parseInt(meta.config.publicTagListing, 10) === 1)) {
if (req.user || (!meta.config.hasOwnProperty('publicTagListing') || parseInt(meta.config.publicTagListing, 10) === 1)) {
next();
} else {
if (res.locals.isAPI) {
res.sendStatus(401);
} else {
middleware.ensureLoggedIn(req, res, next);
}
controllers.helpers.notAllowed(req, res);
}
};

2
src/routes/admin.js
Unescape Escape View File

@ -10,7 +10,7 @@ function apiRoutes(app, middleware, controllers) {
var multipart = require('connect-multiparty');
var multipartMiddleware = multipart();
var middlewares = [multipartMiddleware, middleware.applyCSRF, middleware.authenticate];
var middlewares = [multipartMiddleware, middleware.validateFiles, middleware.applyCSRF, middleware.authenticate];
app.post('/category/uploadpicture', middlewares, controllers.admin.uploads.uploadCategoryPicture);
app.post('/uploadfavicon', middlewares, controllers.admin.uploads.uploadFavicon);

153
src/routes/api.js
Unescape Escape View File

@ -6,128 +6,33 @@ var path = require('path'),
nconf = require('nconf'),
express = require('express'),
user = require('../user'),
topics = require('../topics'),
posts = require('../posts'),
categories = require('../categories'),
meta = require('../meta'),
plugins = require('../plugins'),
utils = require('../../public/src/utils'),
image = require('../image'),
pkg = require('../../package.json');
uploadsController = require('../controllers/uploads');
function deleteTempFiles(files) {
for(var i=0; i<files.length; ++i) {
fs.unlink(files[i].path);
}
}
function upload(req, res, filesIterator, next) {
var files = req.files.files;
if (!req.user) {
deleteTempFiles(files);
return res.status(403).json('not allowed');
}
if (!Array.isArray(files)) {
return res.status(500).json('invalid files');
}
if (Array.isArray(files[0])) {
files = files[0];
}
async.map(files, filesIterator, function(err, images) {
deleteTempFiles(files);
if (err) {
return res.status(500).send(err.message);
}
// IE8 - send it as text/html so browser won't trigger a file download for the json response
// malsup.com/jquery/form/#file-upload
res.status(200).send(req.xhr ? images : JSON.stringify(images));
});
}
function uploadPost(req, res, next) {
upload(req, res, function(file, next) {
if(file.type.match(/image./)) {
uploadImage(req.user.uid, file, next);
} else {
uploadFile(req.user.uid, file, next);
}
}, next);
}
function uploadThumb(req, res, next) {
if (parseInt(meta.config.allowTopicsThumbnail, 10) !== 1) {
deleteTempFiles(req.files.files);
return next(new Error('[[error:topic-thumbnails-are-disabled]]'));
}
upload(req, res, function(file, next) {
if(file.type.match(/image./)) {
var size = meta.config.topicThumbSize || 120;
image.resizeImage(file.path, path.extname(file.name), size, size, function(err) {
if (err) {
return next(err);
}
uploadImage(req.user.uid, file, next);
});
} else {
next(new Error('[[error:invalid-file]]'));
}
}, next);
}
function uploadImage(uid, image, callback) {
if (plugins.hasListeners('filter:uploadImage')) {
plugins.fireHook('filter:uploadImage', {image: image, uid: uid}, callback);
} else {
if (parseInt(meta.config.allowFileUploads, 10)) {
uploadFile(uid, image, callback);
} else {
callback(new Error('[[error:uploads-are-disabled]]'));
}
}
}
function uploadFile(uid, file, callback) {
if (plugins.hasListeners('filter:uploadFile')) {
plugins.fireHook('filter:uploadFile', {file: file, uid: uid}, callback);
} else {
if(parseInt(meta.config.allowFileUploads, 10) !== 1) {
return callback(new Error('[[error:uploads-are-disabled]]'));
}
if(!file) {
return callback(new Error('[[error:invalid-file]]'));
}
module.exports = function(app, middleware, controllers) {
if(file.size > parseInt(meta.config.maximumFileSize, 10) * 1024) {
return callback(new Error('[[error:file-too-big, ' + meta.config.maximumFileSize + ']]'));
}
var router = express.Router();
app.use('/api', router);
var filename = 'upload-' + utils.generateUUID() + path.extname(file.name);
require('../file').saveFileToLocal(filename, 'files', file.path, function(err, upload) {
if(err) {
return callback(err);
}
router.get('/config', middleware.applyCSRF, controllers.api.getConfig);
router.get('/widgets/render', controllers.api.renderWidgets);
callback(null, {
url: upload.url,
name: file.name
});
});
}
}
router.get('/user/uid/:uid', middleware.checkGlobalPrivacySettings, controllers.accounts.getUserByUID);
router.get('/get_templates_listing', getTemplatesListing);
router.get('/categories/:cid/moderators', getModerators);
router.get('/recent/posts/:term?', getRecentPosts);
var multipart = require('connect-multiparty');
var multipartMiddleware = multipart();
var middlewares = [multipartMiddleware, middleware.validateFiles, middleware.applyCSRF];
router.post('/post/upload', middlewares, uploadsController.uploadPost);
router.post('/topic/thumb/upload', middlewares, uploadsController.uploadThumb);
router.post('/user/:userslug/uploadpicture', middlewares.concat([middleware.authenticate, middleware.checkGlobalPrivacySettings, middleware.checkAccountPermissions]), controllers.accounts.uploadPicture);
};
function getModerators(req, res, next) {
categories.getModerators(req.params.cid, function(err, moderators) {
@ -196,26 +101,4 @@ function getRecentPosts(req, res, next) {
res.json(data);
});
}
module.exports = function(app, middleware, controllers) {
var router = express.Router();
app.use('/api', router);
router.get('/config', middleware.applyCSRF, controllers.api.getConfig);
router.get('/widgets/render', controllers.api.renderWidgets);
router.get('/user/uid/:uid', middleware.checkGlobalPrivacySettings, controllers.accounts.getUserByUID);
router.get('/get_templates_listing', getTemplatesListing);
router.get('/categories/:cid/moderators', getModerators);
router.get('/recent/posts/:term?', getRecentPosts);
var multipart = require('connect-multiparty');
var multipartMiddleware = multipart();
router.post('/post/upload', multipartMiddleware, middleware.applyCSRF, uploadPost);
router.post('/topic/thumb/upload', multipartMiddleware, middleware.applyCSRF, uploadThumb);
router.post('/user/:userslug/uploadpicture', multipartMiddleware, middleware.applyCSRF, middleware.authenticate, middleware.checkGlobalPrivacySettings, middleware.checkAccountPermissions, controllers.accounts.uploadPicture);
};
}

4
src/routes/index.js
Unescape Escape View File

@ -211,6 +211,10 @@ function handleErrors(app, middleware) {
return res.sendStatus(403);
}
if (parseInt(err.status, 10) === 302 && err.path) {
return res.locals.isAPI ? res.status(302).json(err) : res.redirect(err.path);
}
res.status(err.status || 500);
if (res.locals.isAPI) {

2
src/socket.io/user.js
Unescape Escape View File

@ -69,7 +69,7 @@ SocketUser.search = function(socket, data, callback) {
if (!socket.uid) {
return callback(new Error('[[error:not-logged-in]]'));
}
user.search({query: data.query}, callback);
user.search({query: data.query, by: data.by}, callback);
};
// Password Reset

45
src/threadTools.js
Unescape Escape View File

@ -73,31 +73,28 @@ var winston = require('winston'),
}
ThreadTools.purge = function(tid, uid, callback) {
ThreadTools.exists(tid, function(err, exists) {
if (err || !exists) {
return callback(err);
}
batch.processSortedSet('tid:' + tid + ':posts', function(pids, next) {
async.eachLimit(pids, 10, posts.purge, next);
}, {alwaysStartAt: 0}, function(err) {
if (err) {
return callback(err);
async.waterfall([
function(next) {
ThreadTools.exists(tid, next);
},
function(exists, next) {
if (!exists) {
return callback();
}
topics.getTopicField(tid, 'mainPid', function(err, mainPid) {
if (err) {
return callback(err);
}
posts.purge(mainPid, function(err) {
if (err) {
return callback(err);
}
topics.purge(tid, callback);
});
});
});
});
batch.processSortedSet('tid:' + tid + ':posts', function(pids, next) {
async.eachLimit(pids, 10, posts.purge, next);
}, {alwaysStartAt: 0}, next);
},
function(next) {
topics.getTopicField(tid, 'mainPid', next);
},
function(mainPid, next) {
posts.purge(mainPid, next);
},
function(next) {
topics.purge(tid, next);
}
], callback);
};
ThreadTools.lock = function(tid, uid, callback) {

6
src/topics/delete.js
Unescape Escape View File

@ -45,7 +45,11 @@ module.exports = function(Topics) {
Topics.purge = function(tid, callback) {
async.parallel([
function(next) {
db.deleteAll(['tid:' + tid + ':followers', 'tid:' + tid + ':read_by_uid'], next);
db.deleteAll([
'tid:' + tid + ':followers',
'tid:' + tid + ':posts',
'tid:' + tid + ':posts:votes'
], next);
},
function(next) {
db.sortedSetsRemove(['topics:tid', 'topics:recent', 'topics:posts', 'topics:views'], tid, next);

4
src/topics/fork.js
Unescape Escape View File

@ -28,7 +28,9 @@ module.exports = function(Topics) {
return callback(new Error('[[error:invalid-pid]]'));
}
pids.sort();
pids.sort(function(a, b) {
return a - b;
});
var mainPid = pids[0];
async.parallel({

9
src/topics/posts.js
Unescape Escape View File

@ -218,14 +218,7 @@ module.exports = function(Topics) {
};
Topics.removePostFromTopic = function(tid, pid, callback) {
async.parallel([
function (next) {
db.sortedSetRemove('tid:' + tid + ':posts', pid, next);
},
function (next) {
db.sortedSetRemove('tid:' + tid + ':posts:votes', pid, next);
}
], function(err, results) {
db.sortedSetsRemove(['tid:' + tid + ':posts', 'tid:' + tid + ':posts:votes'], pid, function(err) {
if (err) {
return callback(err);
}

39
src/upgrade.js
Unescape Escape View File

@ -21,7 +21,7 @@ var db = require('./database'),
schemaDate, thisSchemaDate,
// IMPORTANT: REMEMBER TO UPDATE VALUE OF latestSchema
latestSchema = Date.UTC(2015, 0, 8);
latestSchema = Date.UTC(2015, 0, 9);
Upgrade.check = function(callback) {
db.get('schemaDate', function(err, value) {
@ -459,7 +459,7 @@ Upgrade.upgrade = function(callback) {
db.getSortedSetRange('topics:tid', 0, -1, function(err, tids) {
if (err) {
winston.error('[2014/12/20] Error encountered while updating digest settings');
winston.error('[2015/01/08] Error encountered while Updating category topics sorted sets');
return next(err);
}
@ -490,6 +490,41 @@ Upgrade.upgrade = function(callback) {
winston.info('[2015/01/08] Updating category topics sorted sets skipped');
next();
}
},
function(next) {
thisSchemaDate = Date.UTC(2015, 0, 9);
if (schemaDate < thisSchemaDate) {
winston.info('[2015/01/09] Creating fullname:uid hash');
db.getSortedSetRange('users:joindate', 0, -1, function(err, uids) {
if (err) {
winston.error('[2014/01/09] Error encountered while Creating fullname:uid hash');
return next(err);
}
var now = Date.now();
async.eachLimit(uids, 50, function(uid, next) {
db.getObjectFields('user:' + uid, ['fullname'], function(err, userData) {
if (err || !userData || !userData.fullname) {
return next(err);
}
db.setObjectField('fullname:uid', userData.fullname, uid, next);
});
}, function(err) {
if (err) {
winston.error('[2015/01/09] Error encountered while Creating fullname:uid hash');
return next(err);
}
winston.info('[2015/01/09] Creating fullname:uid hash done');
Upgrade.update(thisSchemaDate, next);
});
});
} else {
winston.info('[2015/01/09] Creating fullname:uid hash skipped');
next();
}
}

5
src/user/delete.js
Unescape Escape View File

@ -42,7 +42,7 @@ module.exports = function(User) {
}
User.deleteAccount = function(uid, callback) {
User.getUserFields(uid, ['username', 'userslug', 'email'], function(err, userData) {
User.getUserFields(uid, ['username', 'userslug', 'fullname', 'email'], function(err, userData) {
if (err) {
return callback(err);
}
@ -54,6 +54,9 @@ module.exports = function(User) {
function(next) {
db.deleteObjectField('userslug:uid', userData.userslug, next);
},
function(next) {
db.deleteObjectField('fullname:uid', userData.fullname, next);
},
function(next) {
if (userData.email) {
db.deleteObjectField('email:uid', userData.email.toLowerCase(), next);

26
src/user/profile.js
Unescape Escape View File

@ -113,6 +113,8 @@ module.exports = function(User) {
return updateEmail(uid, data.email, next);
} else if (field === 'username') {
return updateUsername(uid, data.username, next);
} else if (field === 'fullname') {
return updateFullname(uid, data.fullname, next);
} else if (field === 'signature') {
data[field] = S(data[field]).stripTags().s;
} else if (field === 'website') {
@ -222,6 +224,30 @@ module.exports = function(User) {
});
}
function updateFullname(uid, newFullname, callback) {
async.waterfall([
function(next) {
User.getUserField(uid, 'fullname', next);
},
function(fullname, next) {
if (newFullname === fullname) {
return callback();
}
db.deleteObjectField('fullname:uid', fullname, next);
},
function(next) {
User.setUserField(uid, 'fullname', newFullname, next);
},
function(next) {
if (newFullname) {
db.setObjectField('fullname:uid', newFullname, uid, next);
} else {
next();
}
}
], callback);
}
User.changePassword = function(uid, data, callback) {
if (!uid || !data || !data.uid) {
return callback(new Error('[[error:invalid-uid]]'));

7
src/user/search.js
Unescape Escape View File

@ -20,13 +20,10 @@ module.exports = function(User) {
}
var start = process.hrtime();
var key = 'username:uid';
if (by === 'email') {
key = 'email:uid';
}
var key = by + ':uid';
db.getObject(key, function(err, hash) {
if (err) {
if (err || !hash) {
return callback(null, {timing: 0, users:[]});
}

2
src/views/admin/footer.tpl
Unescape Escape View File

@ -13,7 +13,7 @@
<form id="uploadForm" action="" method="post" enctype="multipart/form-data">
<div class="form-group">
<label for="userPhoto">Upload a picture</label>
<input type="file" id="userPhotoInput" name="userPhoto">
<input type="file" id="userPhotoInput" name="files[]">
<p class="help-block"></p>
</div>
<input type="hidden" id="params" name="params">

2
src/views/config.json
Unescape Escape View File

@ -13,7 +13,7 @@
"^user/.*/favourites": "account/favourites",
"^user/.*/posts": "account/posts",
"^user/.*/topics": "account/topics",
"^user/.*": "account/profile",
"^user/[^\/]+": "account/profile",
"^reset/.*": "reset_code",
"^tags/.*": "tag",
"^groups/?$": "groups/list",

Write Preview
Loading…
Cancel
Save