diff --git a/package.json b/package.json index c503019f29..e497692037 100644 --- a/package.json +++ b/package.json @@ -48,6 +48,7 @@ "express-session": "^1.0.2", "csurf": "^1.1.0", "compression": "^1.0.1", + "connect-multiparty": "^1.0.1", "morgan": "^1.0.0", @@ -62,7 +63,7 @@ "validator": "~3.4.0", "winston": "~0.7.2", "xregexp": "~2.0.0", - "templates.js": "0.0.6" + "templates.js": "0.0.7" }, "devDependencies": { "mocha": "~1.13.0" diff --git a/src/controllers/accounts.js b/src/controllers/accounts.js index 312c6fc038..ca2c6286d4 100644 --- a/src/controllers/accounts.js +++ b/src/controllers/accounts.js @@ -373,6 +373,8 @@ accountsController.accountSettings = function(req, res, next) { }; accountsController.uploadPicture = function (req, res, next) { +console.log(req.body, req.files); + var uploadSize = parseInt(meta.config.maximumProfileImageSize, 10) || 256; if (req.files.userPhoto.size > uploadSize * 1024) { fs.unlink(req.files.userPhoto.path); diff --git a/src/middleware/index.js b/src/middleware/index.js index 5131d0e449..fb7bfc24fb 100644 --- a/src/middleware/index.js +++ b/src/middleware/index.js @@ -19,6 +19,7 @@ var utils = require('./../../public/src/utils'), cookieParser = require('cookie-parser'), compression = require('compression'), favicon = require('serve-favicon'), + multipart = require('connect-multiparty'), csrf = require('csurf'), session = require('express-session'), @@ -140,52 +141,6 @@ function compileTemplates(pluginTemplates) { }); } -function handleErrors(err, req, res, next) { - // we may use properties of the error object - // here and next(err) appropriately, or if - // we possibly recovered from the error, simply next(). - console.error(err.stack); - - var status = err.status || 500; - res.status(status); - - req.flash('errorMessage', err.message); - - res.redirect('500'); -} - -function catch404(req, res, next) { - var isLanguage = new RegExp('^' + relativePath + '/language/[\\w]{2,}/.*.json'), - isClientScript = new RegExp('^' + relativePath + '\\/src\\/forum(\\/admin)?\\/.+\\.js'); - - res.status(404); - - if (isClientScript.test(req.url)) { - res.type('text/javascript').send(200, ''); - } else if (isLanguage.test(req.url)) { - res.json(200, {}); - } else if (req.accepts('html')) { - if (process.env.NODE_ENV === 'development') { - winston.warn('Route requested but not found: ' + req.url); - } - - res.redirect(relativePath + '/404'); - } else if (req.accepts('json')) { - if (process.env.NODE_ENV === 'development') { - winston.warn('Route requested but not found: ' + req.url); - } - - res.json({ - error: 'Not found' - }); - } else { - res.type('txt').send('Not found'); - } -} - - - - module.exports = function(app, data) { middleware = require('./middleware')(app); @@ -198,6 +153,7 @@ module.exports = function(app, data) { app.engine('tpl', templates.__express); app.set('view engine', 'tpl'); app.set('views', viewsPath); + app.set('json spaces', process.env.NODE_ENV === 'development' ? 4 : 0); app.use(flash()); app.enable('view cache'); @@ -207,7 +163,8 @@ module.exports = function(app, data) { app.use(favicon(path.join(__dirname, '../../', 'public', meta.config['brand:favicon'] ? meta.config['brand:favicon'] : 'favicon.ico'))); app.use(relativePath + '/apple-touch-icon', middleware.routeTouchIcon); - app.use(bodyParser()); + app.use(bodyParser.urlencoded({extended: true})); + app.use(bodyParser.json()); app.use(cookieParser()); app.use(session({ @@ -216,13 +173,16 @@ module.exports = function(app, data) { key: 'express.sid', cookie: { maxAge: 1000 * 60 * 60 * 24 * parseInt(meta.configs.loginDays || 14, 10) - } + }, + resave: true, + saveUninitialized: true })); + app.use(multipart()); app.use(csrf()); app.use(function (req, res, next) { - res.locals.csrf_token = req.session._csrf; + res.locals.csrf_token = req.csrfToken(); res.setHeader('X-Powered-By', 'NodeBB'); res.setHeader('X-Frame-Options', 'SAMEORIGIN'); @@ -248,9 +208,6 @@ module.exports = function(app, data) { maxAge: app.enabled('cache') ? 5184000000 : 0 })); - //app.use(catch404); - //app.use(handleErrors); - return middleware; }; diff --git a/src/routes/admin.js b/src/routes/admin.js index 3928298ada..8b6b06468c 100644 --- a/src/routes/admin.js +++ b/src/routes/admin.js @@ -2,7 +2,7 @@ function mainRoutes(app, middleware, controllers) { - app.get('/admin/', middleware.admin.buildHeader, controllers.admin.home); + app.get('/admin', middleware.admin.buildHeader, controllers.admin.home); app.get('/admin/index', middleware.admin.buildHeader, controllers.admin.home); app.get('/api/admin/index', controllers.admin.home); diff --git a/src/routes/index.js b/src/routes/index.js index 9c94e74054..4ecaa0859e 100644 --- a/src/routes/index.js +++ b/src/routes/index.js @@ -1,6 +1,7 @@ "use strict"; var nconf = require('nconf'), + winston = require('winston'), controllers = require('./../controllers'), meta = require('./../meta'), plugins = require('./../plugins'), @@ -184,10 +185,10 @@ module.exports = function(app, middleware) { userRoutes(app, middleware, controllers); groupRoutes(app, middleware, controllers); + app.use(nconf.get('relative_path'), router); + app.use(catch404); app.use(handleErrors); - - app.use(nconf.get('relative_path'), router); }); if (process.env.NODE_ENV === 'development') { @@ -211,6 +212,7 @@ function handleErrors(err, req, res, next) { } function catch404(req, res, next) { + var relativePath = nconf.get('relative_path'); var isLanguage = new RegExp('^' + relativePath + '/language/[\\w]{2,}/.*.json'), isClientScript = new RegExp('^' + relativePath + '\\/src\\/forum(\\/admin)?\\/.+\\.js');