forked from deadvey/blogger-nodejs
e6476dcd4e
data.getdata() excepts two parameters, if desired, the second will be the index, however if you don't specify anything, the whole array will be returned Also, comments now have a composite key of postID-commentID, with each post's comments having their own set starting at 0, this makes it easier to index and find a specific comment, and making the getcomment() function unessesary
203 lines
7.7 KiB
JavaScript
203 lines
7.7 KiB
JavaScript
const express = require('express');
|
|
const config = require('../../config')
|
|
const data = require('../data')
|
|
const func = require('../functions')
|
|
|
|
let users = require('../../data/users.json');
|
|
let posts = require('../../data/posts.json');
|
|
let comments = require('../../data/comments.json');
|
|
let other_data = require('../../data/data.json');
|
|
|
|
const { fromUnixTime, format, getUnixTime } = require("date-fns") // A date utility library
|
|
const fs = require('fs')
|
|
const crypto = require('crypto')
|
|
const router = express.Router();
|
|
|
|
////////////////////// Form actions /////////////////////////
|
|
router.post("/submit_comment", (req,res) => {
|
|
const unix_timestamp = getUnixTime(new Date())
|
|
let name = func.escape_input(req.body.name)
|
|
if (name == "") {
|
|
name = config.default_commenter_username
|
|
}
|
|
new_comment = {
|
|
"name": name,
|
|
"content": func.escape_input(req.body.content),
|
|
"id": data.getdata('other_data').comment_counter,
|
|
"pubdate": unix_timestamp,
|
|
"postID": req.body.post_index,
|
|
};
|
|
let other_data = data.getdata('other_data')
|
|
other_data.comment_counter += 1;
|
|
let comments = data.getdata('comments')
|
|
comments[req.body.post_index].push(new_comment);
|
|
fs.writeFileSync(`../data/comments.json`, `${JSON.stringify(comments)}`, 'utf-8');
|
|
fs.writeFileSync('../data/data.json', JSON.stringify(other_data), 'utf-8');
|
|
|
|
res.redirect(301,`/post/${req.body.post_index}`)
|
|
}); // /submit_comment
|
|
|
|
router.post("/submit_post", (req,res) => {
|
|
const password = crypto.createHash('sha512').update(req.body.password).digest('hex');
|
|
const username = func.escape_input(req.body.username)
|
|
const title = func.escape_input(req.body.title)
|
|
const content = req.body.content
|
|
const tags = func.escape_input(req.body.tags).split(',').map(str => str.trim());
|
|
const unix_timestamp = getUnixTime(new Date())
|
|
|
|
if (func.get_userID(username) == -1) {
|
|
res.render("partials/message", {
|
|
message: locale.user_doesnt_exit,
|
|
config,
|
|
})
|
|
}
|
|
|
|
else if (users[func.get_userID(username)]['hash'] == password) { // Password matches
|
|
console.log(username, "is submitting a post titled:", title);
|
|
posts.push({
|
|
"id": posts.length,
|
|
"userID": func.get_userID(username),
|
|
"title": title,
|
|
"content": content,
|
|
"pubdate": unix_timestamp,
|
|
"editdate": unix_timestamp,
|
|
"tags": tags,
|
|
})
|
|
fs.writeFileSync(`../data/posts.json`, `${JSON.stringify(posts)}`, 'utf-8');
|
|
comments.push([])
|
|
fs.writeFileSync(`../data/comments.json`, `${JSON.stringify(comments)}`)
|
|
res.redirect(302, "/");
|
|
}
|
|
else {
|
|
res.render("partials/message", {
|
|
message: locale.incorrect_password,
|
|
config,
|
|
})
|
|
}
|
|
}); // /submit_post
|
|
|
|
router.post("/submit_signup", (req,res) => {
|
|
const password = crypto.createHash('sha512').update(req.body.password).digest('hex');
|
|
const username = func.escape_input(req.body.username)
|
|
const prettyname = func.escape_input(req.body.prettyname)
|
|
const description = req.body.description
|
|
|
|
// Check that signups are allowed
|
|
if (config.allow_signup == true) {
|
|
// func.get_userID will return -1 if the user does not exist
|
|
// so this checks that the user does not exist
|
|
if (func.get_userID(username) == -1) {
|
|
users.push({
|
|
"id": users.length,
|
|
"username": username,
|
|
"prettyname": prettyname,
|
|
"hash": password,
|
|
"description": description,
|
|
})
|
|
fs.writeFileSync(`../data/users.json`, `${JSON.stringify(users)}`, 'utf-8');
|
|
res.redirect(301, `/user/${username}`)
|
|
}
|
|
// if the user does exist then
|
|
else {
|
|
res.render("partials/message", {
|
|
message: locale.user_exists,
|
|
config,
|
|
})
|
|
}
|
|
}
|
|
else if (config.allow_signup == false) {
|
|
res.render("partials/message", {
|
|
message: locale.signups_unavailable,
|
|
config,
|
|
})
|
|
}
|
|
// If allow_signup is undefined or not a boolean, error
|
|
else {
|
|
res.redirect(301,"/")
|
|
console.log("Error, invalid value for allow_signup (bool)")
|
|
}
|
|
}); // /submit_signup
|
|
|
|
router.post("/submit_edit_user", (req,res) => {
|
|
// Get the form info
|
|
const password = crypto.createHash("sha512").update(req.body.password).digest("hex");
|
|
const userID = func.escape_input(req.body.userID)
|
|
const description = req.body.description
|
|
const prettyname = func.escape_input(req.body.prettyname)
|
|
const delete_bool = req.body.delete
|
|
|
|
if (userID >= 0) { // The user exists
|
|
if (password == users[userID]['hash']) { // password matches
|
|
console.log(userID, " (userID) is modifying their account")
|
|
users[userID]["prettyname"] = prettyname;
|
|
users[userID]["description"] = description;
|
|
|
|
if (delete_bool == true) {
|
|
// Delete the user
|
|
users[userID] = {"id": userID,"deleted": true}
|
|
// Delete all their posts
|
|
for (let postid = 0; postid < posts.length; postid++) { // loop over all posts
|
|
if (posts[postid]['userID'] == userID) { // if userID matches
|
|
posts[postid] = {"id": postid, "deleted": true} // delete the post
|
|
comments[postid] = [] // the comments for this post should also be deleted
|
|
}
|
|
};
|
|
}
|
|
// Write these changes
|
|
fs.writeFileSync(`../data/users.json`, `${JSON.stringify(users)}`, 'utf-8');
|
|
fs.writeFileSync(`../data/posts.json`, `${JSON.stringify(posts)}`, 'utf-8');
|
|
fs.writeFileSync(`../data/comments.json`, `${JSON.stringify(comments)}`, 'utf-8');
|
|
res.redirect(301,`/user/${users[userID]["username"]}`)
|
|
}
|
|
else { // password does not match
|
|
res.render("partials/message", {
|
|
message: locale.incorrect_password,
|
|
config
|
|
}
|
|
)
|
|
};
|
|
}
|
|
else {
|
|
res.render("partials/message", {
|
|
message: locale.user_doesnt_exist,
|
|
config,
|
|
})
|
|
}
|
|
}); // /submit_delete_account
|
|
|
|
router.post("/submit_edit_post", (req,res) => {
|
|
const password = crypto.createHash('sha512').update(req.body.password).digest('hex');
|
|
const postID = req.body.postID
|
|
const userID = req.body.userID
|
|
const title = func.escape_input(req.body.title)
|
|
const content = req.body.content
|
|
const tags = func.escape_input(req.body.tags).split(",").map(str => str.trim());
|
|
const delete_bool = req.body.delete
|
|
const unix_timestamp = getUnixTime(new Date())
|
|
console.log(users[userID]['prettyname'], "is editting the post titled:", title);
|
|
|
|
if (users[userID]['hash'] == password) { // password matches
|
|
let post = posts[postID]
|
|
post['title'] = title
|
|
post['content'] = content
|
|
post['tags'] = tags
|
|
post['editdate'] = unix_timestamp
|
|
if (typeof delete_bool != "undefined") {
|
|
console.log("Deleting post!")
|
|
posts[postID] = {"id": post["id"], "deleted": true}
|
|
comments[postID] = [];
|
|
fs.writeFileSync(`../data/comments.json`, `${JSON.stringify(comments)}`, 'utf-8');
|
|
}
|
|
fs.writeFileSync(`../data/posts.json`, `${JSON.stringify(posts)}`, 'utf-8');
|
|
res.redirect(302, "/");
|
|
}
|
|
else {
|
|
res.render("partials/message", {
|
|
message: locale.incorrect_password,
|
|
config,
|
|
})
|
|
}
|
|
}); // /submit_edit
|
|
|
|
module.exports = router;
|