230 lines
8.4 KiB
JavaScript
230 lines
8.4 KiB
JavaScript
const express = require('express');
|
|
const config = require('../../config')
|
|
const data = require('../data')
|
|
const func = require('../functions')
|
|
|
|
let users = require('../../data/users.json');
|
|
let posts = require('../../data/posts.json');
|
|
let comments = require('../../data/comments.json');
|
|
let other_data = require('../../data/data.json');
|
|
|
|
const { fromUnixTime, format, getUnixTime } = require("date-fns") // A date utility library
|
|
const fs = require('fs')
|
|
const crypto = require('crypto')
|
|
const router = express.Router();
|
|
|
|
////////////////////// Form actions /////////////////////////
|
|
router.post("/submit_comment", (req,res) => {
|
|
const unix_timestamp = getUnixTime(new Date())
|
|
const postID = parseInt(req.body.post_index)
|
|
const content = func.escape_input(req.body.content)
|
|
let name = func.escape_input(req.body.name)
|
|
// Give the user the default username if they left that bit blank
|
|
if (name == "" || typeof name == 'undefined') {
|
|
name = config.default_commenter_username
|
|
}
|
|
|
|
// Check there is actually content in the comment
|
|
if (content != '' && typeof content != 'undefined') {
|
|
let comments = data.getdata('comments')
|
|
|
|
new_comment = {
|
|
"name": name,
|
|
"content": content,
|
|
"id": comments[postID]['comments'].length,
|
|
"pubdate": unix_timestamp,
|
|
};
|
|
comments[postID]['comments'].push(new_comment);
|
|
fs.writeFileSync(`../data/comments.json`, `${JSON.stringify(comments)}`, 'utf-8');
|
|
}
|
|
|
|
res.redirect(301,`/post/${req.body.post_index}`)
|
|
}); // /submit_comment
|
|
|
|
router.post("/submit_post", (req,res) => {
|
|
const password = crypto.createHash('sha512').update(req.body.password).digest('hex');
|
|
const username = func.escape_input(req.body.username)
|
|
const title = func.escape_input(req.body.title)
|
|
const content = req.body.content
|
|
const tags = func.escape_input(req.body.tags).split(',').map(str => str.trim());
|
|
const unix_timestamp = getUnixTime(new Date())
|
|
|
|
if (func.get_userID(username) == -1) {
|
|
res.render("partials/message", {
|
|
message: locale.user_doesnt_exit,
|
|
config,
|
|
})
|
|
}
|
|
|
|
else if (users[func.get_userID(username)]['hash'] == password) { // Password matches
|
|
console.log(username, "is submitting a post titled:", title);
|
|
id = posts.length
|
|
posts.push({
|
|
"id": id,
|
|
"userID": func.get_userID(username),
|
|
"title": title,
|
|
"content": content,
|
|
"pubdate": unix_timestamp,
|
|
"editdate": unix_timestamp,
|
|
"tags": tags,
|
|
})
|
|
fs.writeFileSync(`../data/posts.json`, `${JSON.stringify(posts)}`, 'utf-8');
|
|
comments.push({'id': id, 'comments': []})
|
|
fs.writeFileSync(`../data/comments.json`, `${JSON.stringify(comments)}`)
|
|
res.redirect(302, "/");
|
|
}
|
|
else {
|
|
res.render("partials/message", {
|
|
message: locale.incorrect_password,
|
|
config,
|
|
})
|
|
}
|
|
}); // /submit_post
|
|
|
|
router.post("/submit_signup", (req,res) => {
|
|
const password = crypto.createHash('sha512').update(req.body.password).digest('hex');
|
|
const username = func.escape_input(req.body.username)
|
|
const prettyname = func.escape_input(req.body.prettyname)
|
|
const description = req.body.description
|
|
|
|
// Check that signups are allowed
|
|
if (config.allow_signup == true) {
|
|
// func.get_userID will return -1 if the user does not exist
|
|
// so this checks that the user does not exist
|
|
if (func.get_userID(username) == -1) {
|
|
users.push({
|
|
"id": users.length,
|
|
"username": username,
|
|
"prettyname": prettyname,
|
|
"hash": password,
|
|
"description": description,
|
|
})
|
|
fs.writeFileSync(`../data/users.json`, `${JSON.stringify(users)}`, 'utf-8');
|
|
res.redirect(301, `/user/${username}`)
|
|
}
|
|
// if the user does exist then
|
|
else {
|
|
res.render("partials/message", {
|
|
message: locale.user_exists,
|
|
config,
|
|
})
|
|
}
|
|
}
|
|
else if (config.allow_signup == false) {
|
|
res.render("partials/message", {
|
|
message: locale.signups_unavailable,
|
|
config,
|
|
})
|
|
}
|
|
// If allow_signup is undefined or not a boolean, error
|
|
else {
|
|
res.redirect(301,"/")
|
|
console.log("Error, invalid value for allow_signup (bool)")
|
|
}
|
|
}); // /submit_signup
|
|
|
|
router.post("/submit_edit_user", (req,res) => {
|
|
// Get the form info
|
|
const password = crypto.createHash("sha512").update(req.body.password).digest("hex");
|
|
const userID = func.escape_input(req.body.userID)
|
|
const description = req.body.description
|
|
const prettyname = func.escape_input(req.body.prettyname)
|
|
const delete_bool = req.body.delete
|
|
|
|
if (userID >= 0) { // The user exists
|
|
if (password == users[userID]['hash']) { // password matches
|
|
console.log(userID, " (userID) is modifying their account")
|
|
users[userID]["prettyname"] = prettyname;
|
|
users[userID]["description"] = description;
|
|
|
|
if (delete_bool == true) {
|
|
// Delete the user
|
|
users[userID] = {"id": userID,"deleted": true}
|
|
// Delete all their posts
|
|
for (let postid = 0; postid < posts.length; postid++) { // loop over all posts
|
|
if (posts[postid]['userID'] == userID) { // if userID matches
|
|
posts[postid] = {"id": postid, "deleted": true} // delete the post
|
|
comments[postid] = [] // the comments for this post should also be deleted
|
|
}
|
|
};
|
|
}
|
|
// Write these changes
|
|
fs.writeFileSync(`../data/users.json`, `${JSON.stringify(users)}`, 'utf-8');
|
|
fs.writeFileSync(`../data/posts.json`, `${JSON.stringify(posts)}`, 'utf-8');
|
|
fs.writeFileSync(`../data/comments.json`, `${JSON.stringify(comments)}`, 'utf-8');
|
|
res.redirect(301,`/user/${users[userID]["username"]}`)
|
|
}
|
|
else { // password does not match
|
|
res.render("partials/message", {
|
|
message: locale.incorrect_password,
|
|
config
|
|
}
|
|
)
|
|
};
|
|
}
|
|
else {
|
|
res.render("partials/message", {
|
|
message: locale.user_doesnt_exist,
|
|
config,
|
|
})
|
|
}
|
|
}); // /submit_delete_account
|
|
|
|
router.post("/submit_edit_post", (req,res) => {
|
|
const password = crypto.createHash('sha512').update(req.body.password).digest('hex');
|
|
const postID = req.body.postID
|
|
const userID = req.body.userID
|
|
const title = func.escape_input(req.body.title)
|
|
const content = req.body.content
|
|
const tags = func.escape_input(req.body.tags).split(",").map(str => str.trim());
|
|
const delete_bool = req.body.delete
|
|
const unix_timestamp = getUnixTime(new Date())
|
|
console.log(users[userID]['prettyname'], "is editting the post titled:", title);
|
|
|
|
if (users[userID]['hash'] == password) { // password matches
|
|
let post = posts[postID]
|
|
post['title'] = title
|
|
post['content'] = content
|
|
post['tags'] = tags
|
|
post['editdate'] = unix_timestamp
|
|
if (typeof delete_bool != "undefined") {
|
|
console.log("Deleting post!")
|
|
posts[postID] = {"id": post["id"], "deleted": true}
|
|
comments[postID] = [];
|
|
fs.writeFileSync(`../data/comments.json`, `${JSON.stringify(comments)}`, 'utf-8');
|
|
}
|
|
fs.writeFileSync(`../data/posts.json`, `${JSON.stringify(posts)}`, 'utf-8');
|
|
res.redirect(302, "/");
|
|
}
|
|
else {
|
|
res.render("partials/message", {
|
|
message: locale.incorrect_password,
|
|
config,
|
|
})
|
|
}
|
|
}); // /submit_edit
|
|
|
|
router.get('/search', (req, res) => {
|
|
const search_term = func.escape_input(req.query.q); // 'q' is the parameter name
|
|
let search_type = req.query.type; // eg 'post', 'user'
|
|
if (typeof search_type == 'string') { // Make the search_term an array
|
|
search_type = [ search_type ]
|
|
}
|
|
if (typeof search_type == 'undefined') { // Default to all of the types
|
|
search_type = ['user', 'post'];
|
|
}
|
|
console.log('searching for: ', search_term);
|
|
const search_results = data.searchdata(search_term, search_type); // data.searchdata returns an array of search results
|
|
|
|
res.render('pages/search', {
|
|
config,
|
|
locale,
|
|
search_results,
|
|
search_term,
|
|
search_type,
|
|
})
|
|
|
|
}); // /search
|
|
|
|
module.exports = router;
|