diff --git a/public/src/client/account/profile.js b/public/src/client/account/profile.js index 2c3db09a07..421fc006ef 100644 --- a/public/src/client/account/profile.js +++ b/public/src/client/account/profile.js @@ -36,11 +36,7 @@ define('forum/account/profile', ['forum/account/header', 'forum/infinitescroll'] socket.removeListener('event:user_status_change', onUserStatusChange); socket.on('event:user_status_change', onUserStatusChange); - if (yourid !== theirid) { - socket.emit('user.increaseViewCount', theirid); - } - - infinitescroll.init(loadMoreTopics); + infinitescroll.init(loadMorePosts); }; function processPage() { @@ -84,7 +80,7 @@ define('forum/account/profile', ['forum/account/header', 'forum/infinitescroll'] } - function loadMoreTopics(direction) { + function loadMorePosts(direction) { if(direction < 0 || !$('.user-recent-posts').length) { return; } diff --git a/public/src/modules/uploader.js b/public/src/modules/uploader.js index 4156507683..a510cee750 100644 --- a/public/src/modules/uploader.js +++ b/public/src/modules/uploader.js @@ -20,9 +20,8 @@ define('uploader', ['csrf'], function(csrf) { uploadForm[0].reset(); uploadForm.attr('action', route); uploadForm.find('#params').val(JSON.stringify(params)); - // uploadForm.find('#csrfToken').val(csrf.get()); - if(fileSize) { + if (fileSize) { uploadForm.find('#upload-file-size').html(fileSize); uploadForm.find('#file-size-block').removeClass('hide'); } else { diff --git a/src/controllers/accounts.js b/src/controllers/accounts.js index 804541fe42..07dd1c5790 100644 --- a/src/controllers/accounts.js +++ b/src/controllers/accounts.js @@ -144,6 +144,10 @@ accountsController.getAccount = function(req, res, next) { return helpers.notFound(req, res); } + if (callerUID !== parseInt(userData.uid, 10)) { + user.incrementUserFieldBy(userData.uid, 'profileviews', 1); + } + async.parallel({ isFollowing: function(next) { user.isFollowing(callerUID, userData.theirid, next); @@ -386,25 +390,27 @@ accountsController.accountSettings = function(req, res, next) { }; accountsController.uploadPicture = function (req, res, next) { + var userPhoto = req.files.files[0]; var uploadSize = parseInt(meta.config.maximumProfileImageSize, 10) || 256; - if (req.files.userPhoto.size > uploadSize * 1024) { - fs.unlink(req.files.userPhoto.path); + + if (userPhoto.size > uploadSize * 1024) { + fs.unlink(userPhoto.path); return res.json({ error: 'Images must be smaller than ' + uploadSize + ' kb!' }); } var allowedTypes = ['image/png', 'image/jpeg', 'image/jpg', 'image/gif']; - if (allowedTypes.indexOf(req.files.userPhoto.type) === -1) { - fs.unlink(req.files.userPhoto.path); + if (allowedTypes.indexOf(userPhoto.type) === -1) { + fs.unlink(userPhoto.path); return res.json({ error: 'Allowed image types are png, jpg and gif!' }); } - var extension = path.extname(req.files.userPhoto.name); + var extension = path.extname(userPhoto.name); if (!extension) { - fs.unlink(req.files.userPhoto.path); + fs.unlink(userPhoto.path); return res.json({ error: 'Error uploading file! Error : Invalid extension!' }); @@ -415,11 +421,11 @@ accountsController.uploadPicture = function (req, res, next) { async.waterfall([ function(next) { - image.resizeImage(req.files.userPhoto.path, extension, imageDimension, imageDimension, next); + image.resizeImage(userPhoto.path, extension, imageDimension, imageDimension, next); }, function(next) { if (parseInt(meta.config['profile:convertProfileImageToPNG'], 10) === 1) { - image.convertImageToPng(req.files.userPhoto.path, extension, next); + image.convertImageToPng(userPhoto.path, extension, next); } else { next(); } @@ -447,7 +453,7 @@ accountsController.uploadPicture = function (req, res, next) { ], function(err, result) { function done(err, image) { - fs.unlink(req.files.userPhoto.path); + fs.unlink(userPhoto.path); if(err) { return res.json({error: err.message}); } @@ -460,12 +466,12 @@ accountsController.uploadPicture = function (req, res, next) { } if (err) { - fs.unlink(req.files.userPhoto.path); + fs.unlink(userPhoto.path); return res.json({error:err.message}); } if (plugins.hasListeners('filter:uploadImage')) { - return plugins.fireHook('filter:uploadImage', {image: req.files.userPhoto, uid: updateUid}, done); + return plugins.fireHook('filter:uploadImage', {image: userPhoto, uid: updateUid}, done); } var convertToPNG = parseInt(meta.config['profile:convertProfileImageToPNG'], 10) === 1; @@ -473,7 +479,7 @@ accountsController.uploadPicture = function (req, res, next) { user.getUserField(updateUid, 'uploadedpicture', function (err, oldpicture) { if (!oldpicture) { - file.saveFileToLocal(filename, 'profile', req.files.userPhoto.path, done); + file.saveFileToLocal(filename, 'profile', userPhoto.path, done); return; } @@ -484,7 +490,7 @@ accountsController.uploadPicture = function (req, res, next) { winston.err(err); } - file.saveFileToLocal(filename, 'profile', req.files.userPhoto.path, done); + file.saveFileToLocal(filename, 'profile', userPhoto.path, done); }); }); }); diff --git a/src/controllers/admin/uploads.js b/src/controllers/admin/uploads.js index a3f5caf533..98d8e42fb2 100644 --- a/src/controllers/admin/uploads.js +++ b/src/controllers/admin/uploads.js @@ -8,37 +8,8 @@ var fs = require('fs'), var uploadsController = {}; -function validateUpload(res, req, allowedTypes) { - if (allowedTypes.indexOf(req.files.userPhoto.type) === -1) { - var err = { - error: 'Invalid image type. Allowed types are: ' + allowedTypes.join(', ') - }; - - fs.unlink(req.files.userPhoto.path); - res.send(req.xhr ? err : JSON.stringify(err)); - return false; - } - - return true; -} - -uploadsController.uploadImage = function(filename, folder, req, res) { - function done(err, image) { - fs.unlink(req.files.userPhoto.path); - - var response = err ? {error: err.message} : {path: image.url}; - - res.send(req.xhr ? response : JSON.stringify(response)); - } - - if (plugins.hasListeners('filter:uploadImage')) { - plugins.fireHook('filter:uploadImage', {image: req.files.userPhoto, uid: req.user.uid}, done); - } else { - file.saveFileToLocal(filename, folder, req.files.userPhoto.path, done); - } -}; - uploadsController.uploadCategoryPicture = function(req, res, next) { + var uploadedFile = req.files.files[0]; var allowedTypes = ['image/png', 'image/jpeg', 'image/jpg', 'image/gif', 'image/svg+xml'], params = null; @@ -48,22 +19,23 @@ uploadsController.uploadCategoryPicture = function(req, res, next) { var err = { error: 'Error uploading file! Error :' + e.message }; - fs.unlink(req.files.userPhoto.path); + fs.unlink(uploadedFile.path); return res.send(req.xhr ? err : JSON.stringify(err)); } - if (validateUpload(res, req, allowedTypes)) { - var filename = 'category-' + params.cid + path.extname(req.files.userPhoto.name); - uploadsController.uploadImage(filename, 'category', req, res); + if (validateUpload(req, res, uploadedFile, allowedTypes)) { + var filename = 'category-' + params.cid + path.extname(uploadedFile.name); + uploadImage(filename, 'category', uploadedFile, req, res); } }; uploadsController.uploadFavicon = function(req, res, next) { + var uploadedFile = req.files.files[0]; var allowedTypes = ['image/x-icon', 'image/vnd.microsoft.icon']; - if (validateUpload(res, req, allowedTypes)) { - file.saveFileToLocal('favicon.ico', 'files', req.files.userPhoto.path, function(err, image) { - fs.unlink(req.files.userPhoto.path); + if (validateUpload(res, req, uploadedFile, allowedTypes)) { + file.saveFileToLocal('favicon.ico', 'files', uploadedFile.path, function(err, image) { + fs.unlink(uploadedFile.path); var response = err ? {error: err.message} : {path: image.url}; @@ -81,11 +53,41 @@ uploadsController.uploadGravatarDefault = function(req, res, next) { }; function upload(name, req, res, next) { + var uploadedFile = req.files.files[0]; var allowedTypes = ['image/png', 'image/jpeg', 'image/pjpeg', 'image/jpg', 'image/gif']; + if (validateUpload(req, res, uploadedFile, allowedTypes)) { + var filename = name + path.extname(uploadedFile.name); + uploadImage(filename, 'files', uploadedFile, req, res); + } +} + +function validateUpload(req, res, uploadedFile, allowedTypes) { + if (allowedTypes.indexOf(uploadedFile.type) === -1) { + var err = { + error: 'Invalid image type. Allowed types are: ' + allowedTypes.join(', ') + }; + + fs.unlink(uploadedFile.path); + res.send(req.xhr ? err : JSON.stringify(err)); + return false; + } - if (validateUpload(res, req, allowedTypes)) { - var filename = name + path.extname(req.files.userPhoto.name); - uploadsController.uploadImage(filename, 'files', req, res); + return true; +} + +function uploadImage(filename, folder, uploadedFile, req, res) { + function done(err, uploadedImage) { + fs.unlink(uploadedFile.path); + + var response = err ? {error: err.message} : {path: uploadedImage.url}; + + res.send(req.xhr ? response : JSON.stringify(response)); + } + + if (plugins.hasListeners('filter:uploadImage')) { + plugins.fireHook('filter:uploadImage', {image: uploadedFile, uid: req.user.uid}, done); + } else { + file.saveFileToLocal(filename, folder, uploadedFile.path, done); } } diff --git a/src/middleware/middleware.js b/src/middleware/middleware.js index 57b8f20159..3d8c463805 100644 --- a/src/middleware/middleware.js +++ b/src/middleware/middleware.js @@ -106,6 +106,13 @@ middleware.addSlug = function(req, res, next) { next(); }; +middleware.validateFiles = function(req, res, next) { + if (!Array.isArray(req.files.files) || !req.files.files.length) { + return next(new Error(['[[error:invalid-files]]'])); + } + next(); +}; + middleware.prepareAPI = function(req, res, next) { res.locals.isAPI = true; next(); diff --git a/src/routes/admin.js b/src/routes/admin.js index 7d867ddbf0..1b9efcef58 100644 --- a/src/routes/admin.js +++ b/src/routes/admin.js @@ -10,7 +10,7 @@ function apiRoutes(app, middleware, controllers) { var multipart = require('connect-multiparty'); var multipartMiddleware = multipart(); - var middlewares = [multipartMiddleware, middleware.applyCSRF, middleware.authenticate]; + var middlewares = [multipartMiddleware, middleware.validateFiles, middleware.applyCSRF, middleware.authenticate]; app.post('/category/uploadpicture', middlewares, controllers.admin.uploads.uploadCategoryPicture); app.post('/uploadfavicon', middlewares, controllers.admin.uploads.uploadFavicon); diff --git a/src/routes/api.js b/src/routes/api.js index 9d216b8d02..da281280cc 100644 --- a/src/routes/api.js +++ b/src/routes/api.js @@ -28,10 +28,10 @@ module.exports = function(app, middleware, controllers) { var multipart = require('connect-multiparty'); var multipartMiddleware = multipart(); - - router.post('/post/upload', multipartMiddleware, middleware.applyCSRF, uploadsController.uploadPost); - router.post('/topic/thumb/upload', multipartMiddleware, middleware.applyCSRF, uploadsController.uploadThumb); - router.post('/user/:userslug/uploadpicture', multipartMiddleware, middleware.applyCSRF, middleware.authenticate, middleware.checkGlobalPrivacySettings, middleware.checkAccountPermissions, controllers.accounts.uploadPicture); + var middlewares = [multipartMiddleware, middleware.validateFiles, middleware.applyCSRF]; + router.post('/post/upload', middlewares, uploadsController.uploadPost); + router.post('/topic/thumb/upload', middlewares, uploadsController.uploadThumb); + router.post('/user/:userslug/uploadpicture', middlewares.concat([middleware.authenticate, middleware.checkGlobalPrivacySettings, middleware.checkAccountPermissions]), controllers.accounts.uploadPicture); }; function getModerators(req, res, next) { diff --git a/src/views/admin/footer.tpl b/src/views/admin/footer.tpl index c54c67dd3c..e81d9e6a1a 100644 --- a/src/views/admin/footer.tpl +++ b/src/views/admin/footer.tpl @@ -13,7 +13,7 @@
- +