hyperzlib
/
nodebb
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/master' into private-groups

Browse Source
v1.18.x
Julian Lam 10 years ago
parent 635393a274 ad12886d19
commit 612b8f01b6
24 changed files with 390 additions and 312 deletions
Show Stats Download Patch File Download Diff File

3
public/src/ajaxify.js
Unescape Escape View File

@ -195,7 +195,8 @@ $(document).ready(function() {
ajaxify.getCustomTemplateMapping = function(tpl) { ajaxify.getCustomTemplateMapping = function(tpl) {
if (templatesModule.config && templatesModule.config.custom_mapping && tpl !== undefined) { if (templatesModule.config && templatesModule.config.custom_mapping && tpl !== undefined) {
for (var pattern in templatesModule.config.custom_mapping) { for (var pattern in templatesModule.config.custom_mapping) {
if (tpl.match(pattern)) { var match = tpl.match(pattern);
if (match && match[0] === tpl) {
return (templatesModule.config.custom_mapping[pattern]); return (templatesModule.config.custom_mapping[pattern]);
} }
} }

8
public/src/client/account/profile.js
Unescape Escape View File

@ -36,11 +36,7 @@ define('forum/account/profile', ['forum/account/header', 'forum/infinitescroll']
socket.removeListener('event:user_status_change', onUserStatusChange); socket.removeListener('event:user_status_change', onUserStatusChange);
socket.on('event:user_status_change', onUserStatusChange); socket.on('event:user_status_change', onUserStatusChange);
if (yourid !== theirid) { infinitescroll.init(loadMorePosts);
socket.emit('user.increaseViewCount', theirid);
}
infinitescroll.init(loadMoreTopics);
}; };
function processPage() { function processPage() {
@ -84,7 +80,7 @@ define('forum/account/profile', ['forum/account/header', 'forum/infinitescroll']
} }
function loadMoreTopics(direction) { function loadMorePosts(direction) {
if(direction < 0 || !$('.user-recent-posts').length) { if(direction < 0 || !$('.user-recent-posts').length) {
return; return;
} }

4
public/src/client/topic/fork.js
Unescape Escape View File

@ -101,8 +101,8 @@ define('forum/topic/fork', function() {
post.css('opacity', '1.0'); post.css('opacity', '1.0');
} }
if(pids.length) { if (pids.length) {
pids.sort(); pids.sort(function(a,b) { return a - b; });
forkModal.find('#fork-pids').html(pids.toString()); forkModal.find('#fork-pids').html(pids.toString());
} else { } else {
showNoPostsSelected(); showNoPostsSelected();

2
public/src/client/users.js
Unescape Escape View File

@ -115,7 +115,7 @@ define('forum/users', function() {
notify.html('<i class="fa fa-spinner fa-spin"></i>'); notify.html('<i class="fa fa-spinner fa-spin"></i>');
socket.emit('user.search', {query: username}, function(err, data) { socket.emit('user.search', {query: username, by: $('.search select').val()}, function(err, data) {
if (err) { if (err) {
reset(); reset();
return app.alertError(err.message); return app.alertError(err.message);

63
public/src/modules/uploader.js
Unescape Escape View File

@ -1,16 +1,10 @@
'use strict';
/* globals define */
define('uploader', ['csrf'], function(csrf) { define('uploader', ['csrf'], function(csrf) {
var module = {}, var module = {};
maybeParse = function(response) {
if (typeof response == 'string') {
try {
return $.parseJSON(response);
} catch (e) {
return {error: 'Something went wrong while parsing server response'};
}
}
return response;
};
module.open = function(route, params, fileSize, callback) { module.open = function(route, params, fileSize, callback) {
var uploadModal = $('#upload-picture-modal'); var uploadModal = $('#upload-picture-modal');
@ -20,9 +14,8 @@ define('uploader', ['csrf'], function(csrf) {
uploadForm[0].reset(); uploadForm[0].reset();
uploadForm.attr('action', route); uploadForm.attr('action', route);
uploadForm.find('#params').val(JSON.stringify(params)); uploadForm.find('#params').val(JSON.stringify(params));
// uploadForm.find('#csrfToken').val(csrf.get());
if(fileSize) { if (fileSize) {
uploadForm.find('#upload-file-size').html(fileSize); uploadForm.find('#upload-file-size').html(fileSize);
uploadForm.find('#file-size-block').removeClass('hide'); uploadForm.find('#file-size-block').removeClass('hide');
} else { } else {
@ -35,28 +28,18 @@ define('uploader', ['csrf'], function(csrf) {
uploadForm.off('submit').submit(function() { uploadForm.off('submit').submit(function() {
function status(message) { function showAlert(type, message) {
module.hideAlerts(); module.hideAlerts();
uploadModal.find('#alert-status').text(message).removeClass('hide'); uploadModal.find('#alert-' + type).text(message).removeClass('hide');
} }
function success(message) { showAlert('status', 'uploading the file ...');
module.hideAlerts();
uploadModal.find('#alert-success').text(message).removeClass('hide');
}
function error(message) {
module.hideAlerts();
uploadModal.find('#alert-error').text(message).removeClass('hide');
}
status('uploading the file ...');
uploadModal.find('#upload-progress-bar').css('width', '0%'); uploadModal.find('#upload-progress-bar').css('width', '0%');
uploadModal.find('#upload-progress-box').show().removeClass('hide'); uploadModal.find('#upload-progress-box').show().removeClass('hide');
if (!$('#userPhotoInput').val()) { if (!$('#userPhotoInput').val()) {
error('select an image to upload!'); showAlert('error', 'select an image to upload!');
return false; return false;
} }
@ -66,7 +49,7 @@ define('uploader', ['csrf'], function(csrf) {
}, },
error: function(xhr) { error: function(xhr) {
xhr = maybeParse(xhr); xhr = maybeParse(xhr);
error('Error: ' + xhr.status); showAlert('error', 'Error: ' + xhr.status);
}, },
uploadProgress: function(event, position, total, percent) { uploadProgress: function(event, position, total, percent) {
@ -77,12 +60,13 @@ define('uploader', ['csrf'], function(csrf) {
response = maybeParse(response); response = maybeParse(response);
if (response.error) { if (response.error) {
error(response.error); showAlert('error', response.error);
return; return;
} }
callback(response.path);
success('File uploaded successfully!'); callback(response[0].url);
showAlert('success', 'File uploaded successfully!');
setTimeout(function() { setTimeout(function() {
module.hideAlerts(); module.hideAlerts();
uploadModal.modal('hide'); uploadModal.modal('hide');
@ -94,12 +78,19 @@ define('uploader', ['csrf'], function(csrf) {
}); });
}; };
function maybeParse(response) {
if (typeof response === 'string') {
try {
return $.parseJSON(response);
} catch (e) {
return {error: 'Something went wrong while parsing server response'};
}
}
return response;
}
module.hideAlerts = function() { module.hideAlerts = function() {
var uploadModal = $('#upload-picture-modal'); $('#upload-picture-modal').find('#alert-status, #alert-success, #alert-error, #upload-progress-box').addClass('hide');
uploadModal.find('#alert-status').addClass('hide');
uploadModal.find('#alert-success').addClass('hide');
uploadModal.find('#alert-error').addClass('hide');
uploadModal.find('#upload-progress-box').addClass('hide');
}; };
return module; return module;

38
src/controllers/accounts.js
Unescape Escape View File

@ -144,6 +144,10 @@ accountsController.getAccount = function(req, res, next) {
return helpers.notFound(req, res); return helpers.notFound(req, res);
} }
if (callerUID !== parseInt(userData.uid, 10)) {
user.incrementUserFieldBy(userData.uid, 'profileviews', 1);
}
async.parallel({ async.parallel({
isFollowing: function(next) { isFollowing: function(next) {
user.isFollowing(callerUID, userData.theirid, next); user.isFollowing(callerUID, userData.theirid, next);
@ -386,25 +390,27 @@ accountsController.accountSettings = function(req, res, next) {
}; };
accountsController.uploadPicture = function (req, res, next) { accountsController.uploadPicture = function (req, res, next) {
var userPhoto = req.files.files[0];
var uploadSize = parseInt(meta.config.maximumProfileImageSize, 10) || 256; var uploadSize = parseInt(meta.config.maximumProfileImageSize, 10) || 256;
if (req.files.userPhoto.size > uploadSize * 1024) {
fs.unlink(req.files.userPhoto.path); if (userPhoto.size > uploadSize * 1024) {
fs.unlink(userPhoto.path);
return res.json({ return res.json({
error: 'Images must be smaller than ' + uploadSize + ' kb!' error: 'Images must be smaller than ' + uploadSize + ' kb!'
}); });
} }
var allowedTypes = ['image/png', 'image/jpeg', 'image/jpg', 'image/gif']; var allowedTypes = ['image/png', 'image/jpeg', 'image/jpg', 'image/gif'];
if (allowedTypes.indexOf(req.files.userPhoto.type) === -1) { if (allowedTypes.indexOf(userPhoto.type) === -1) {
fs.unlink(req.files.userPhoto.path); fs.unlink(userPhoto.path);
return res.json({ return res.json({
error: 'Allowed image types are png, jpg and gif!' error: 'Allowed image types are png, jpg and gif!'
}); });
} }
var extension = path.extname(req.files.userPhoto.name); var extension = path.extname(userPhoto.name);
if (!extension) { if (!extension) {
fs.unlink(req.files.userPhoto.path); fs.unlink(userPhoto.path);
return res.json({ return res.json({
error: 'Error uploading file! Error : Invalid extension!' error: 'Error uploading file! Error : Invalid extension!'
}); });
@ -415,11 +421,11 @@ accountsController.uploadPicture = function (req, res, next) {
async.waterfall([ async.waterfall([
function(next) { function(next) {
image.resizeImage(req.files.userPhoto.path, extension, imageDimension, imageDimension, next); image.resizeImage(userPhoto.path, extension, imageDimension, imageDimension, next);
}, },
function(next) { function(next) {
if (parseInt(meta.config['profile:convertProfileImageToPNG'], 10) === 1) { if (parseInt(meta.config['profile:convertProfileImageToPNG'], 10) === 1) {
image.convertImageToPng(req.files.userPhoto.path, extension, next); image.convertImageToPng(userPhoto.path, extension, next);
} else { } else {
next(); next();
} }
@ -447,25 +453,23 @@ accountsController.uploadPicture = function (req, res, next) {
], function(err, result) { ], function(err, result) {
function done(err, image) { function done(err, image) {
fs.unlink(req.files.userPhoto.path); fs.unlink(userPhoto.path);
if(err) { if (err) {
return res.json({error: err.message}); return res.json({error: err.message});
} }
user.setUserFields(updateUid, {uploadedpicture: image.url, picture: image.url}); user.setUserFields(updateUid, {uploadedpicture: image.url, picture: image.url});
res.json({ res.json([{name: userPhoto.name, url: image.url}]);
path: image.url
});
} }
if (err) { if (err) {
fs.unlink(req.files.userPhoto.path); fs.unlink(userPhoto.path);
return res.json({error:err.message}); return res.json({error:err.message});
} }
if (plugins.hasListeners('filter:uploadImage')) { if (plugins.hasListeners('filter:uploadImage')) {
return plugins.fireHook('filter:uploadImage', {image: req.files.userPhoto, uid: updateUid}, done); return plugins.fireHook('filter:uploadImage', {image: userPhoto, uid: updateUid}, done);
} }
var convertToPNG = parseInt(meta.config['profile:convertProfileImageToPNG'], 10) === 1; var convertToPNG = parseInt(meta.config['profile:convertProfileImageToPNG'], 10) === 1;
@ -473,7 +477,7 @@ accountsController.uploadPicture = function (req, res, next) {
user.getUserField(updateUid, 'uploadedpicture', function (err, oldpicture) { user.getUserField(updateUid, 'uploadedpicture', function (err, oldpicture) {
if (!oldpicture) { if (!oldpicture) {
file.saveFileToLocal(filename, 'profile', req.files.userPhoto.path, done); file.saveFileToLocal(filename, 'profile', userPhoto.path, done);
return; return;
} }
@ -484,7 +488,7 @@ accountsController.uploadPicture = function (req, res, next) {
winston.err(err); winston.err(err);
} }
file.saveFileToLocal(filename, 'profile', req.files.userPhoto.path, done); file.saveFileToLocal(filename, 'profile', userPhoto.path, done);
}); });
}); });
}); });

84
src/controllers/admin/uploads.js
Unescape Escape View File

@ -8,37 +8,8 @@ var fs = require('fs'),
var uploadsController = {}; var uploadsController = {};
function validateUpload(res, req, allowedTypes) {
if (allowedTypes.indexOf(req.files.userPhoto.type) === -1) {
var err = {
error: 'Invalid image type. Allowed types are: ' + allowedTypes.join(', ')
};
fs.unlink(req.files.userPhoto.path);
res.send(req.xhr ? err : JSON.stringify(err));
return false;
}
return true;
}
uploadsController.uploadImage = function(filename, folder, req, res) {
function done(err, image) {
fs.unlink(req.files.userPhoto.path);
var response = err ? {error: err.message} : {path: image.url};
res.send(req.xhr ? response : JSON.stringify(response));
}
if (plugins.hasListeners('filter:uploadImage')) {
plugins.fireHook('filter:uploadImage', {image: req.files.userPhoto, uid: req.user.uid}, done);
} else {
file.saveFileToLocal(filename, folder, req.files.userPhoto.path, done);
}
};
uploadsController.uploadCategoryPicture = function(req, res, next) { uploadsController.uploadCategoryPicture = function(req, res, next) {
var uploadedFile = req.files.files[0];
var allowedTypes = ['image/png', 'image/jpeg', 'image/jpg', 'image/gif', 'image/svg+xml'], var allowedTypes = ['image/png', 'image/jpeg', 'image/jpg', 'image/gif', 'image/svg+xml'],
params = null; params = null;
@ -48,24 +19,25 @@ uploadsController.uploadCategoryPicture = function(req, res, next) {
var err = { var err = {
error: 'Error uploading file! Error :' + e.message error: 'Error uploading file! Error :' + e.message
}; };
fs.unlink(req.files.userPhoto.path); fs.unlink(uploadedFile.path);
return res.send(req.xhr ? err : JSON.stringify(err)); return res.send(req.xhr ? err : JSON.stringify(err));
} }
if (validateUpload(res, req, allowedTypes)) { if (validateUpload(req, res, uploadedFile, allowedTypes)) {
var filename = 'category-' + params.cid + path.extname(req.files.userPhoto.name); var filename = 'category-' + params.cid + path.extname(uploadedFile.name);
uploadsController.uploadImage(filename, 'category', req, res); uploadImage(filename, 'category', uploadedFile, req, res);
} }
}; };
uploadsController.uploadFavicon = function(req, res, next) { uploadsController.uploadFavicon = function(req, res, next) {
var uploadedFile = req.files.files[0];
var allowedTypes = ['image/x-icon', 'image/vnd.microsoft.icon']; var allowedTypes = ['image/x-icon', 'image/vnd.microsoft.icon'];
if (validateUpload(res, req, allowedTypes)) { if (validateUpload(res, req, uploadedFile, allowedTypes)) {
file.saveFileToLocal('favicon.ico', 'files', req.files.userPhoto.path, function(err, image) { file.saveFileToLocal('favicon.ico', 'files', uploadedFile.path, function(err, image) {
fs.unlink(req.files.userPhoto.path); fs.unlink(uploadedFile.path);
var response = err ? {error: err.message} : {path: image.url}; var response = err ? {error: err.message} : [{name: uploadedFile.name, url: image.url}];
res.send(req.xhr ? response : JSON.stringify(response)); res.send(req.xhr ? response : JSON.stringify(response));
}); });
@ -81,11 +53,41 @@ uploadsController.uploadGravatarDefault = function(req, res, next) {
}; };
function upload(name, req, res, next) { function upload(name, req, res, next) {
var uploadedFile = req.files.files[0];
var allowedTypes = ['image/png', 'image/jpeg', 'image/pjpeg', 'image/jpg', 'image/gif']; var allowedTypes = ['image/png', 'image/jpeg', 'image/pjpeg', 'image/jpg', 'image/gif'];
if (validateUpload(req, res, uploadedFile, allowedTypes)) {
var filename = name + path.extname(uploadedFile.name);
uploadImage(filename, 'files', uploadedFile, req, res);
}
}
function validateUpload(req, res, uploadedFile, allowedTypes) {
if (allowedTypes.indexOf(uploadedFile.type) === -1) {
var err = {
error: 'Invalid image type. Allowed types are: ' + allowedTypes.join(', ')
};
if (validateUpload(res, req, allowedTypes)) { fs.unlink(uploadedFile.path);
var filename = name + path.extname(req.files.userPhoto.name); res.send(req.xhr ? err : JSON.stringify(err));
uploadsController.uploadImage(filename, 'files', req, res); return false;
}
return true;
}
function uploadImage(filename, folder, uploadedFile, req, res) {
function done(err, image) {
fs.unlink(uploadedFile.path);
var response = err ? {error: err.message} : [{name: uploadedFile.name, url: image.url}];
res.send(req.xhr ? response : JSON.stringify(response));
}
if (plugins.hasListeners('filter:uploadImage')) {
plugins.fireHook('filter:uploadImage', {image: uploadedFile, uid: req.user.uid}, done);
} else {
file.saveFileToLocal(filename, folder, uploadedFile.path, done);
} }
} }

125
src/controllers/uploads.js
Unescape Escape View File

@ -0,0 +1,125 @@
"use strict";
var uploadsController = {},
fs = require('fs'),
path = require('path'),
async = require('async'),
meta = require('../meta'),
plugins = require('../plugins'),
utils = require('../../public/src/utils'),
image = require('../image');
uploadsController.upload = function(req, res, filesIterator, next) {
var files = req.files.files;
if (!req.user) {
deleteTempFiles(files);
return res.status(403).json('not allowed');
}
if (!Array.isArray(files)) {
return res.status(500).json('invalid files');
}
if (Array.isArray(files[0])) {
files = files[0];
}
async.map(files, filesIterator, function(err, images) {
deleteTempFiles(files);
if (err) {
return res.status(500).send(err.message);
}
// IE8 - send it as text/html so browser won't trigger a file download for the json response
// malsup.com/jquery/form/#file-upload
res.status(200).send(req.xhr ? images : JSON.stringify(images));
});
};
uploadsController.uploadPost = function(req, res, next) {
uploadsController.upload(req, res, function(file, next) {
if (file.type.match(/image./)) {
uploadImage(req.user.uid, file, next);
} else {
uploadFile(req.user.uid, file, next);
}
}, next);
};
uploadsController.uploadThumb = function(req, res, next) {
if (parseInt(meta.config.allowTopicsThumbnail, 10) !== 1) {
deleteTempFiles(req.files.files);
return next(new Error('[[error:topic-thumbnails-are-disabled]]'));
}
uploadsController.upload(req, res, function(file, next) {
if(file.type.match(/image./)) {
var size = meta.config.topicThumbSize || 120;
image.resizeImage(file.path, path.extname(file.name), size, size, function(err) {
if (err) {
return next(err);
}
uploadImage(req.user.uid, file, next);
});
} else {
next(new Error('[[error:invalid-file]]'));
}
}, next);
};
function uploadImage(uid, image, callback) {
if (plugins.hasListeners('filter:uploadImage')) {
return plugins.fireHook('filter:uploadImage', {image: image, uid: uid}, callback);
}
if (parseInt(meta.config.allowFileUploads, 10)) {
uploadFile(uid, image, callback);
} else {
callback(new Error('[[error:uploads-are-disabled]]'));
}
}
function uploadFile(uid, file, callback) {
if (plugins.hasListeners('filter:uploadFile')) {
return plugins.fireHook('filter:uploadFile', {file: file, uid: uid}, callback);
}
if (parseInt(meta.config.allowFileUploads, 10) !== 1) {
return callback(new Error('[[error:uploads-are-disabled]]'));
}
if (!file) {
return callback(new Error('[[error:invalid-file]]'));
}
if (file.size > parseInt(meta.config.maximumFileSize, 10) * 1024) {
return callback(new Error('[[error:file-too-big, ' + meta.config.maximumFileSize + ']]'));
}
var filename = 'upload-' + utils.generateUUID() + path.extname(file.name);
require('../file').saveFileToLocal(filename, 'files', file.path, function(err, upload) {
if (err) {
return callback(err);
}
callback(null, {
url: upload.url,
name: file.name
});
});
}
function deleteTempFiles(files) {
for(var i=0; i<files.length; ++i) {
fs.unlink(files[i].path);
}
}
module.exports = uploadsController;

22
src/favourites.js
Unescape Escape View File

@ -17,15 +17,11 @@ var async = require('async'),
return callback(new Error('[[error:not-logged-in]]')); return callback(new Error('[[error:not-logged-in]]'));
} }
posts.getPostFields(pid, ['pid', 'uid', 'timestamp'], function (err, postData) { posts.getPostFields(pid, ['pid', 'uid'], function (err, postData) {
if (err) { if (err) {
return callback(err); return callback(err);
} }
if (uid === parseInt(postData.uid, 10)) {
return callback(new Error('[[error:cant-vote-self-post]]'));
}
var now = Date.now(); var now = Date.now();
if(type === 'upvote' && !unvote) { if(type === 'upvote' && !unvote) {
@ -167,12 +163,24 @@ var async = require('async'),
}; };
function unvote(pid, uid, command, callback) { function unvote(pid, uid, command, callback) {
Favourites.hasVoted(pid, uid, function(err, voteStatus) { async.parallel({
owner: function(next) {
posts.getPostField(pid, 'uid', next);
},
voteStatus: function(next) {
Favourites.hasVoted(pid, uid, next);
}
}, function(err, results) {
if (err) { if (err) {
return callback(err); return callback(err);
} }
var hook, if (parseInt(uid, 10) === parseInt(results.owner, 10)) {
return callback(new Error('[[error:cant-vote-self-post]]'));
}
var voteStatus = results.voteStatus,
hook,
current = voteStatus.upvoted ? 'upvote' : 'downvote'; current = voteStatus.upvoted ? 'upvote' : 'downvote';
if (voteStatus.upvoted && command === 'downvote' || voteStatus.downvoted && command === 'upvote') { if (voteStatus.upvoted && command === 'downvote' || voteStatus.downvoted && command === 'upvote') {

37
src/middleware/middleware.js
Unescape Escape View File

@ -106,6 +106,13 @@ middleware.addSlug = function(req, res, next) {
next(); next();
}; };
middleware.validateFiles = function(req, res, next) {
if (!Array.isArray(req.files.files) || !req.files.files.length) {
return next(new Error(['[[error:invalid-files]]']));
}
next();
};
middleware.prepareAPI = function(req, res, next) { middleware.prepareAPI = function(req, res, next) {
res.locals.isAPI = true; res.locals.isAPI = true;
next(); next();
@ -438,7 +445,7 @@ middleware.addExpiresHeaders = function(req, res, next) {
}; };
middleware.maintenanceMode = function(req, res, next) { middleware.maintenanceMode = function(req, res, next) {
if (meta.config.maintenanceMode !== '1') { if (parseInt(meta.config.maintenanceMode, 10) !== 1) {
return next(); return next();
} }
@ -473,35 +480,35 @@ middleware.maintenanceMode = function(req, res, next) {
return true; return true;
} }
} }
return false;
}, },
isApiRoute = /^\/api/; isApiRoute = /^\/api/;
if (!isAllowed(req.url)) { if (isAllowed(req.url)) {
return next();
}
if (!req.user) { if (!req.user) {
return render(); return render();
} else { }
user.isAdministrator(req.user.uid, function(err, isAdmin) { user.isAdministrator(req.user.uid, function(err, isAdmin) {
if (err) {
return next(err);
}
if (!isAdmin) { if (!isAdmin) {
return render(); render();
} else { } else {
return next(); next();
} }
}); });
}
} else {
return next();
}
}; };
middleware.publicTagListing = function(req, res, next) { middleware.publicTagListing = function(req, res, next) {
if ((!meta.config.hasOwnProperty('publicTagListing') || parseInt(meta.config.publicTagListing, 10) === 1)) { if (req.user || (!meta.config.hasOwnProperty('publicTagListing') || parseInt(meta.config.publicTagListing, 10) === 1)) {
next(); next();
} else { } else {
if (res.locals.isAPI) { controllers.helpers.notAllowed(req, res);
res.sendStatus(401);
} else {
middleware.ensureLoggedIn(req, res, next);
}
} }
}; };

2
src/routes/admin.js
Unescape Escape View File

@ -10,7 +10,7 @@ function apiRoutes(app, middleware, controllers) {
var multipart = require('connect-multiparty'); var multipart = require('connect-multiparty');
var multipartMiddleware = multipart(); var multipartMiddleware = multipart();
var middlewares = [multipartMiddleware, middleware.applyCSRF, middleware.authenticate]; var middlewares = [multipartMiddleware, middleware.validateFiles, middleware.applyCSRF, middleware.authenticate];
app.post('/category/uploadpicture', middlewares, controllers.admin.uploads.uploadCategoryPicture); app.post('/category/uploadpicture', middlewares, controllers.admin.uploads.uploadCategoryPicture);
app.post('/uploadfavicon', middlewares, controllers.admin.uploads.uploadFavicon); app.post('/uploadfavicon', middlewares, controllers.admin.uploads.uploadFavicon);

151
src/routes/api.js
Unescape Escape View File

@ -6,128 +6,33 @@ var path = require('path'),
nconf = require('nconf'), nconf = require('nconf'),
express = require('express'), express = require('express'),
user = require('../user'),
topics = require('../topics'),
posts = require('../posts'), posts = require('../posts'),
categories = require('../categories'), categories = require('../categories'),
meta = require('../meta'),
plugins = require('../plugins'), plugins = require('../plugins'),
utils = require('../../public/src/utils'), utils = require('../../public/src/utils'),
image = require('../image'), uploadsController = require('../controllers/uploads');
pkg = require('../../package.json');
function deleteTempFiles(files) { module.exports = function(app, middleware, controllers) {
for(var i=0; i<files.length; ++i) {
fs.unlink(files[i].path);
}
}
function upload(req, res, filesIterator, next) {
var files = req.files.files;
if (!req.user) {
deleteTempFiles(files);
return res.status(403).json('not allowed');
}
if (!Array.isArray(files)) {
return res.status(500).json('invalid files');
}
if (Array.isArray(files[0])) {
files = files[0];
}
async.map(files, filesIterator, function(err, images) {
deleteTempFiles(files);
if (err) {
return res.status(500).send(err.message);
}
// IE8 - send it as text/html so browser won't trigger a file download for the json response
// malsup.com/jquery/form/#file-upload
res.status(200).send(req.xhr ? images : JSON.stringify(images));
});
}
function uploadPost(req, res, next) {
upload(req, res, function(file, next) {
if(file.type.match(/image./)) {
uploadImage(req.user.uid, file, next);
} else {
uploadFile(req.user.uid, file, next);
}
}, next);
}
function uploadThumb(req, res, next) {
if (parseInt(meta.config.allowTopicsThumbnail, 10) !== 1) {
deleteTempFiles(req.files.files);
return next(new Error('[[error:topic-thumbnails-are-disabled]]'));
}
upload(req, res, function(file, next) {
if(file.type.match(/image./)) {
var size = meta.config.topicThumbSize || 120;
image.resizeImage(file.path, path.extname(file.name), size, size, function(err) {
if (err) {
return next(err);
}
uploadImage(req.user.uid, file, next);
});
} else {
next(new Error('[[error:invalid-file]]'));
}
}, next);
}
function uploadImage(uid, image, callback) {
if (plugins.hasListeners('filter:uploadImage')) {
plugins.fireHook('filter:uploadImage', {image: image, uid: uid}, callback);
} else {
if (parseInt(meta.config.allowFileUploads, 10)) {
uploadFile(uid, image, callback);
} else {
callback(new Error('[[error:uploads-are-disabled]]'));
}
}
}
function uploadFile(uid, file, callback) {
if (plugins.hasListeners('filter:uploadFile')) {
plugins.fireHook('filter:uploadFile', {file: file, uid: uid}, callback);
} else {
if(parseInt(meta.config.allowFileUploads, 10) !== 1) {
return callback(new Error('[[error:uploads-are-disabled]]'));
}
if(!file) {
return callback(new Error('[[error:invalid-file]]'));
}
if(file.size > parseInt(meta.config.maximumFileSize, 10) * 1024) { var router = express.Router();
return callback(new Error('[[error:file-too-big, ' + meta.config.maximumFileSize + ']]')); app.use('/api', router);
}
var filename = 'upload-' + utils.generateUUID() + path.extname(file.name); router.get('/config', middleware.applyCSRF, controllers.api.getConfig);
require('../file').saveFileToLocal(filename, 'files', file.path, function(err, upload) { router.get('/widgets/render', controllers.api.renderWidgets);
if(err) {
return callback(err);
}
callback(null, { router.get('/user/uid/:uid', middleware.checkGlobalPrivacySettings, controllers.accounts.getUserByUID);
url: upload.url, router.get('/get_templates_listing', getTemplatesListing);
name: file.name router.get('/categories/:cid/moderators', getModerators);
}); router.get('/recent/posts/:term?', getRecentPosts);
});
}
}
var multipart = require('connect-multiparty');
var multipartMiddleware = multipart();
var middlewares = [multipartMiddleware, middleware.validateFiles, middleware.applyCSRF];
router.post('/post/upload', middlewares, uploadsController.uploadPost);
router.post('/topic/thumb/upload', middlewares, uploadsController.uploadThumb);
router.post('/user/:userslug/uploadpicture', middlewares.concat([middleware.authenticate, middleware.checkGlobalPrivacySettings, middleware.checkAccountPermissions]), controllers.accounts.uploadPicture);
};
function getModerators(req, res, next) { function getModerators(req, res, next) {
categories.getModerators(req.params.cid, function(err, moderators) { categories.getModerators(req.params.cid, function(err, moderators) {
@ -197,25 +102,3 @@ function getRecentPosts(req, res, next) {
res.json(data); res.json(data);
}); });
} }
module.exports = function(app, middleware, controllers) {
var router = express.Router();
app.use('/api', router);
router.get('/config', middleware.applyCSRF, controllers.api.getConfig);
router.get('/widgets/render', controllers.api.renderWidgets);
router.get('/user/uid/:uid', middleware.checkGlobalPrivacySettings, controllers.accounts.getUserByUID);
router.get('/get_templates_listing', getTemplatesListing);
router.get('/categories/:cid/moderators', getModerators);
router.get('/recent/posts/:term?', getRecentPosts);
var multipart = require('connect-multiparty');
var multipartMiddleware = multipart();
router.post('/post/upload', multipartMiddleware, middleware.applyCSRF, uploadPost);
router.post('/topic/thumb/upload', multipartMiddleware, middleware.applyCSRF, uploadThumb);
router.post('/user/:userslug/uploadpicture', multipartMiddleware, middleware.applyCSRF, middleware.authenticate, middleware.checkGlobalPrivacySettings, middleware.checkAccountPermissions, controllers.accounts.uploadPicture);
};

4
src/routes/index.js
Unescape Escape View File

@ -211,6 +211,10 @@ function handleErrors(app, middleware) {
return res.sendStatus(403); return res.sendStatus(403);
} }
if (parseInt(err.status, 10) === 302 && err.path) {
return res.locals.isAPI ? res.status(302).json(err) : res.redirect(err.path);
}
res.status(err.status || 500); res.status(err.status || 500);
if (res.locals.isAPI) { if (res.locals.isAPI) {

2
src/socket.io/user.js
Unescape Escape View File

@ -69,7 +69,7 @@ SocketUser.search = function(socket, data, callback) {
if (!socket.uid) { if (!socket.uid) {
return callback(new Error('[[error:not-logged-in]]')); return callback(new Error('[[error:not-logged-in]]'));
} }
user.search({query: data.query}, callback); user.search({query: data.query, by: data.by}, callback);
}; };
// Password Reset // Password Reset

39
src/threadTools.js
Unescape Escape View File

@ -73,31 +73,28 @@ var winston = require('winston'),
} }
ThreadTools.purge = function(tid, uid, callback) { ThreadTools.purge = function(tid, uid, callback) {
ThreadTools.exists(tid, function(err, exists) { async.waterfall([
if (err || !exists) { function(next) {
return callback(err); ThreadTools.exists(tid, next);
},
function(exists, next) {
if (!exists) {
return callback();
} }
batch.processSortedSet('tid:' + tid + ':posts', function(pids, next) { batch.processSortedSet('tid:' + tid + ':posts', function(pids, next) {
async.eachLimit(pids, 10, posts.purge, next); async.eachLimit(pids, 10, posts.purge, next);
}, {alwaysStartAt: 0}, function(err) { }, {alwaysStartAt: 0}, next);
if (err) { },
return callback(err); function(next) {
} topics.getTopicField(tid, 'mainPid', next);
},
topics.getTopicField(tid, 'mainPid', function(err, mainPid) { function(mainPid, next) {
if (err) { posts.purge(mainPid, next);
return callback(err); },
} function(next) {
posts.purge(mainPid, function(err) { topics.purge(tid, next);
if (err) {
return callback(err);
} }
topics.purge(tid, callback); ], callback);
});
});
});
});
}; };
ThreadTools.lock = function(tid, uid, callback) { ThreadTools.lock = function(tid, uid, callback) {

6
src/topics/delete.js
Unescape Escape View File

@ -45,7 +45,11 @@ module.exports = function(Topics) {
Topics.purge = function(tid, callback) { Topics.purge = function(tid, callback) {
async.parallel([ async.parallel([
function(next) { function(next) {
db.deleteAll(['tid:' + tid + ':followers', 'tid:' + tid + ':read_by_uid'], next); db.deleteAll([
'tid:' + tid + ':followers',
'tid:' + tid + ':posts',
'tid:' + tid + ':posts:votes'
], next);
}, },
function(next) { function(next) {
db.sortedSetsRemove(['topics:tid', 'topics:recent', 'topics:posts', 'topics:views'], tid, next); db.sortedSetsRemove(['topics:tid', 'topics:recent', 'topics:posts', 'topics:views'], tid, next);

4
src/topics/fork.js
Unescape Escape View File

@ -28,7 +28,9 @@ module.exports = function(Topics) {
return callback(new Error('[[error:invalid-pid]]')); return callback(new Error('[[error:invalid-pid]]'));
} }
pids.sort(); pids.sort(function(a, b) {
return a - b;
});
var mainPid = pids[0]; var mainPid = pids[0];
async.parallel({ async.parallel({

9
src/topics/posts.js
Unescape Escape View File

@ -218,14 +218,7 @@ module.exports = function(Topics) {
}; };
Topics.removePostFromTopic = function(tid, pid, callback) { Topics.removePostFromTopic = function(tid, pid, callback) {
async.parallel([ db.sortedSetsRemove(['tid:' + tid + ':posts', 'tid:' + tid + ':posts:votes'], pid, function(err) {
function (next) {
db.sortedSetRemove('tid:' + tid + ':posts', pid, next);
},
function (next) {
db.sortedSetRemove('tid:' + tid + ':posts:votes', pid, next);
}
], function(err, results) {
if (err) { if (err) {
return callback(err); return callback(err);
} }

39
src/upgrade.js
Unescape Escape View File

@ -21,7 +21,7 @@ var db = require('./database'),
schemaDate, thisSchemaDate, schemaDate, thisSchemaDate,
// IMPORTANT: REMEMBER TO UPDATE VALUE OF latestSchema // IMPORTANT: REMEMBER TO UPDATE VALUE OF latestSchema
latestSchema = Date.UTC(2015, 0, 8); latestSchema = Date.UTC(2015, 0, 9);
Upgrade.check = function(callback) { Upgrade.check = function(callback) {
db.get('schemaDate', function(err, value) { db.get('schemaDate', function(err, value) {
@ -459,7 +459,7 @@ Upgrade.upgrade = function(callback) {
db.getSortedSetRange('topics:tid', 0, -1, function(err, tids) { db.getSortedSetRange('topics:tid', 0, -1, function(err, tids) {
if (err) { if (err) {
winston.error('[2014/12/20] Error encountered while updating digest settings'); winston.error('[2015/01/08] Error encountered while Updating category topics sorted sets');
return next(err); return next(err);
} }
@ -490,6 +490,41 @@ Upgrade.upgrade = function(callback) {
winston.info('[2015/01/08] Updating category topics sorted sets skipped'); winston.info('[2015/01/08] Updating category topics sorted sets skipped');
next(); next();
} }
},
function(next) {
thisSchemaDate = Date.UTC(2015, 0, 9);
if (schemaDate < thisSchemaDate) {
winston.info('[2015/01/09] Creating fullname:uid hash');
db.getSortedSetRange('users:joindate', 0, -1, function(err, uids) {
if (err) {
winston.error('[2014/01/09] Error encountered while Creating fullname:uid hash');
return next(err);
}
var now = Date.now();
async.eachLimit(uids, 50, function(uid, next) {
db.getObjectFields('user:' + uid, ['fullname'], function(err, userData) {
if (err || !userData || !userData.fullname) {
return next(err);
}
db.setObjectField('fullname:uid', userData.fullname, uid, next);
});
}, function(err) {
if (err) {
winston.error('[2015/01/09] Error encountered while Creating fullname:uid hash');
return next(err);
}
winston.info('[2015/01/09] Creating fullname:uid hash done');
Upgrade.update(thisSchemaDate, next);
});
});
} else {
winston.info('[2015/01/09] Creating fullname:uid hash skipped');
next();
}
} }

5
src/user/delete.js
Unescape Escape View File

@ -42,7 +42,7 @@ module.exports = function(User) {
} }
User.deleteAccount = function(uid, callback) { User.deleteAccount = function(uid, callback) {
User.getUserFields(uid, ['username', 'userslug', 'email'], function(err, userData) { User.getUserFields(uid, ['username', 'userslug', 'fullname', 'email'], function(err, userData) {
if (err) { if (err) {
return callback(err); return callback(err);
} }
@ -54,6 +54,9 @@ module.exports = function(User) {
function(next) { function(next) {
db.deleteObjectField('userslug:uid', userData.userslug, next); db.deleteObjectField('userslug:uid', userData.userslug, next);
}, },
function(next) {
db.deleteObjectField('fullname:uid', userData.fullname, next);
},
function(next) { function(next) {
if (userData.email) { if (userData.email) {
db.deleteObjectField('email:uid', userData.email.toLowerCase(), next); db.deleteObjectField('email:uid', userData.email.toLowerCase(), next);

26
src/user/profile.js
Unescape Escape View File

@ -113,6 +113,8 @@ module.exports = function(User) {
return updateEmail(uid, data.email, next); return updateEmail(uid, data.email, next);
} else if (field === 'username') { } else if (field === 'username') {
return updateUsername(uid, data.username, next); return updateUsername(uid, data.username, next);
} else if (field === 'fullname') {
return updateFullname(uid, data.fullname, next);
} else if (field === 'signature') { } else if (field === 'signature') {
data[field] = S(data[field]).stripTags().s; data[field] = S(data[field]).stripTags().s;
} else if (field === 'website') { } else if (field === 'website') {
@ -222,6 +224,30 @@ module.exports = function(User) {
}); });
} }
function updateFullname(uid, newFullname, callback) {
async.waterfall([
function(next) {
User.getUserField(uid, 'fullname', next);
},
function(fullname, next) {
if (newFullname === fullname) {
return callback();
}
db.deleteObjectField('fullname:uid', fullname, next);
},
function(next) {
User.setUserField(uid, 'fullname', newFullname, next);
},
function(next) {
if (newFullname) {
db.setObjectField('fullname:uid', newFullname, uid, next);
} else {
next();
}
}
], callback);
}
User.changePassword = function(uid, data, callback) { User.changePassword = function(uid, data, callback) {
if (!uid || !data || !data.uid) { if (!uid || !data || !data.uid) {
return callback(new Error('[[error:invalid-uid]]')); return callback(new Error('[[error:invalid-uid]]'));

7
src/user/search.js
Unescape Escape View File

@ -20,13 +20,10 @@ module.exports = function(User) {
} }
var start = process.hrtime(); var start = process.hrtime();
var key = 'username:uid'; var key = by + ':uid';
if (by === 'email') {
key = 'email:uid';
}
db.getObject(key, function(err, hash) { db.getObject(key, function(err, hash) {
if (err) { if (err || !hash) {
return callback(null, {timing: 0, users:[]}); return callback(null, {timing: 0, users:[]});
} }

2
src/views/admin/footer.tpl
Unescape Escape View File

@ -13,7 +13,7 @@
<form id="uploadForm" action="" method="post" enctype="multipart/form-data"> <form id="uploadForm" action="" method="post" enctype="multipart/form-data">
<div class="form-group"> <div class="form-group">
<label for="userPhoto">Upload a picture</label> <label for="userPhoto">Upload a picture</label>
<input type="file" id="userPhotoInput" name="userPhoto"> <input type="file" id="userPhotoInput" name="files[]">
<p class="help-block"></p> <p class="help-block"></p>
</div> </div>
<input type="hidden" id="params" name="params"> <input type="hidden" id="params" name="params">

2
src/views/config.json
Unescape Escape View File

@ -13,7 +13,7 @@
"^user/.*/favourites": "account/favourites", "^user/.*/favourites": "account/favourites",
"^user/.*/posts": "account/posts", "^user/.*/posts": "account/posts",
"^user/.*/topics": "account/topics", "^user/.*/topics": "account/topics",
"^user/.*": "account/profile", "^user/[^\/]+": "account/profile",
"^reset/.*": "reset_code", "^reset/.*": "reset_code",
"^tags/.*": "tag", "^tags/.*": "tag",
"^groups/?$": "groups/list", "^groups/?$": "groups/list",

Write Preview
Loading…
Cancel
Save