Akif9748/akf-forum
Akif9748
/
akf-forum
mirror of https://github.com/Akif9748/akf-forum.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity

hmm

This commit is contained in:
Akif9748 2022-09-16 23:12:06 +03:00
parent 2db20ce132
commit 868068d80f
7 changed files with 14 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
lib/index.js
View File

@ -1,11 +0,0 @@
module.exports = {
URLRegex: /https?:\/\/(www\.)?[-a-zA-Z0-9@:%._\+~#=]{1,256}\.[a-zA-Z0-9()]{1,6}\b([-a-zA-Z0-9()@:%_\+.~#?&//=]*)/g,
clearContent: (content) => {
if (!content) return "";
return content.replaceAll("&", "&")
.replaceAll("<", "&lt;").replaceAll(">", "&gt;")
.replaceAll("\"", "&quot;").replaceAll("'", "&#39;")
.replaceAll("\n", "<br>");
}
}

6
routes/api/routes/users.js
View File

@ -1,6 +1,5 @@
const { UserModel, SecretModel } = require("../../../models");
const { Router } = require("express");
const { URLRegex } = require("../../../lib");
const multer = require("multer");
const app = Router();
@ -55,13 +54,10 @@ app.patch("/:id/", async (req, res) => {
if (req.user.id !== member.id && !user.admin) return res.error(403, "You have not got permission for this.");
if (!Object.values(req.body).some(Boolean)) return res.error(400, "Missing member informations in request body.");
const { avatar, name, about, theme, admin, deleted } = req.body;
const { name, about, theme, admin, deleted } = req.body;
if ((admin?.length || "deleted" in req.body) && !req.user.admin) return res.error(403, "You have not got permission for edit 'admin' and 'deleted' information, or bad request.");
if (avatar && URLRegex.test(avatar))
member.avatar = avatar;
if (name) {
await SecretModel.updateOne({ id: member.id }, { username: name });
member.name = name;

7
routes/register.js
View File

@ -1,8 +1,7 @@
const { UserModel, SecretModel } = require("../models");
const { Router } = require("express")
const bcrypt = require("bcrypt");
const rateLimit = require('express-rate-limit')
const {URLRegex} = require("../lib")
const rateLimit = require('express-rate-limit');
const app = Router();
app.get("/", (req, res) => res.reply("register", { user: null }));
@ -14,16 +13,14 @@ app.post("/", rateLimit({
req.session.userID=null;
let { username = null, password: body_pass = null, avatar, about } = req.body;
let { username = null, password: body_pass = null, about } = req.body;
if (!username || !body_pass) return res.error(res, 400, "You forgot entering some values");
const user = await SecretModel.findOne({ username });
if (user) return res.error(res, 400, `We have got an user named ${username}!`)
const user2 = new UserModel({ name: req.body.username })
if (avatar && URLRegex.test(avatar)) user2.avatar = avatar;
if (about) user2.about = about;

1
routes/threads.js
View File

@ -1,6 +1,5 @@
const { Router } = require("express");
const app = Router();
const { clearContent } = require("../lib");
const { ThreadModel, MessageModel, CategoryModel } = require("../models")
app.get("/", async (req, res) => {

5
routes/users.js
View File

@ -1,7 +1,5 @@
const { Router } = require("express");
const app = Router();
const { clearContent } = require("../lib");
const { UserModel, MessageModel, ThreadModel } = require("../models");
app.get("/", async (req, res) => {
@ -23,13 +21,12 @@ app.get("/:id/avatar", async (req, res) => {
app.get("/:id", async (req, res) => {
const user = req.user
const { id } = req.params;
const member = await UserModel.get(id,"+lastSeen");
const member = await UserModel.get(id, "+lastSeen");
if (member && (user?.admin || !member.deleted)) {
const message = await MessageModel.count({ authorID: id });
const thread = await ThreadModel.count({ authorID: id });
member.about = clearContent(member.about)
res.reply("user", { member, counts: { message, thread } })
}
else res.error(404, `We don't have any user with id ${id}.`);

2
views/register.ejs
View File

@ -17,7 +17,7 @@
<input type="text" name="username" placeholder="Username" class="input" required>
<input type="password" name="password" placeholder="Password" class="input" required>
<input type="url" name="avatar" placeholder="Avatar URL (not required)" class="input">
<textarea class="input" name="about" rows="4" placeholder="About you... Not required"></textarea>
<input type="submit" class="btn-primary" style="width:100%;" value="Register">
</form>

12
views/user.ejs
View File

@ -6,12 +6,13 @@
<body>
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/css/all.min.css" integrity="sha512-xh6O/CkQoPOWDdYTDqeRdPCVd1SpvCA9XXcUnZS2FmJNp1coAFzvtCN9BmamE+4aHK8yyUHUSCcJHgXloTyT2A==" crossorigin="anonymous" referrerpolicy="no-referrer" />
<script src="https://cdnjs.cloudflare.com/ajax/libs/showdown/2.1.0/showdown.min.js"></script>
<link rel="stylesheet" href="/css/user.css" />
<%- include("extra/navbar") %>
<div class="content" >
<div class="content">
<% if (user?.admin || user?.id === member.id) { %>
<a href="/users/<%=member.id%>/avatar" class="btn-outline-primary">Upload avatar</a>
@ -28,7 +29,7 @@
<div class="content">
<form id="form" class="see" style="box-shadow:none">
<input type="text" name="name" placeholder="<%=member.name%>" class="input">
<input type="url" name="avatar" placeholder="<%=member.avatar%>" class="input">
<textarea class="input" name="about" rows="4" cols="60" name="content" placeholder="<%=member.about%>"></textarea>
<% if (user?.admin){ %>
Is Admin? <input id='admin' type='checkbox' value='true' name='admin' <%=member.admin ? "checked": ""%>>
@ -93,7 +94,7 @@
<h2 class="box-value" style="align-self: center;">Admin</h2>
<% } %>
<div class="box-value" style="
<div class="box-value" id="about" style="
margin: 10px auto;
box-shadow: 0 0 5px 0 var(--second);
padding: 10px;
@ -106,6 +107,11 @@ color: var(--anti);
">
<%= member.about %>
</div>
<script>
const converter = new showdown.Converter();
const about = document.getElementById("about")
about.innerHTML=converter.makeHtml(about.innerText);
</script>
<div class="box">
<h2 class="box-title">Name:</h2>