From 868068d80fcef63aed62cdb4f1027f8341e306ed Mon Sep 17 00:00:00 2001 From: Akif9748 Date: Fri, 16 Sep 2022 23:12:06 +0300 Subject: [PATCH] hmm --- lib/index.js | 11 ----------- routes/api/routes/users.js | 6 +----- routes/register.js | 7 ++----- routes/threads.js | 1 - routes/users.js | 5 +---- views/register.ejs | 2 +- views/user.ejs | 12 +++++++++--- 7 files changed, 14 insertions(+), 30 deletions(-) delete mode 100644 lib/index.js diff --git a/lib/index.js b/lib/index.js deleted file mode 100644 index 4f8d09b..0000000 --- a/lib/index.js +++ /dev/null @@ -1,11 +0,0 @@ -module.exports = { - - URLRegex: /https?:\/\/(www\.)?[-a-zA-Z0-9@:%._\+~#=]{1,256}\.[a-zA-Z0-9()]{1,6}\b([-a-zA-Z0-9()@:%_\+.~#?&//=]*)/g, - clearContent: (content) => { - if (!content) return ""; - return content.replaceAll("&", "&") - .replaceAll("<", "<").replaceAll(">", ">") - .replaceAll("\"", """).replaceAll("'", "'") - .replaceAll("\n", "
"); - } -} \ No newline at end of file diff --git a/routes/api/routes/users.js b/routes/api/routes/users.js index a974924..7094ab1 100644 --- a/routes/api/routes/users.js +++ b/routes/api/routes/users.js @@ -1,6 +1,5 @@ const { UserModel, SecretModel } = require("../../../models"); const { Router } = require("express"); -const { URLRegex } = require("../../../lib"); const multer = require("multer"); const app = Router(); @@ -55,13 +54,10 @@ app.patch("/:id/", async (req, res) => { if (req.user.id !== member.id && !user.admin) return res.error(403, "You have not got permission for this."); if (!Object.values(req.body).some(Boolean)) return res.error(400, "Missing member informations in request body."); - const { avatar, name, about, theme, admin, deleted } = req.body; + const { name, about, theme, admin, deleted } = req.body; if ((admin?.length || "deleted" in req.body) && !req.user.admin) return res.error(403, "You have not got permission for edit 'admin' and 'deleted' information, or bad request."); - if (avatar && URLRegex.test(avatar)) - member.avatar = avatar; - if (name) { await SecretModel.updateOne({ id: member.id }, { username: name }); member.name = name; diff --git a/routes/register.js b/routes/register.js index 50d61ec..c7f9591 100644 --- a/routes/register.js +++ b/routes/register.js @@ -1,8 +1,7 @@ const { UserModel, SecretModel } = require("../models"); const { Router } = require("express") const bcrypt = require("bcrypt"); -const rateLimit = require('express-rate-limit') -const {URLRegex} = require("../lib") +const rateLimit = require('express-rate-limit'); const app = Router(); app.get("/", (req, res) => res.reply("register", { user: null })); @@ -14,16 +13,14 @@ app.post("/", rateLimit({ req.session.userID=null; - let { username = null, password: body_pass = null, avatar, about } = req.body; + let { username = null, password: body_pass = null, about } = req.body; if (!username || !body_pass) return res.error(res, 400, "You forgot entering some values"); const user = await SecretModel.findOne({ username }); if (user) return res.error(res, 400, `We have got an user named ${username}!`) - const user2 = new UserModel({ name: req.body.username }) - if (avatar && URLRegex.test(avatar)) user2.avatar = avatar; if (about) user2.about = about; diff --git a/routes/threads.js b/routes/threads.js index 084bb90..efc9478 100644 --- a/routes/threads.js +++ b/routes/threads.js @@ -1,6 +1,5 @@ const { Router } = require("express"); const app = Router(); -const { clearContent } = require("../lib"); const { ThreadModel, MessageModel, CategoryModel } = require("../models") app.get("/", async (req, res) => { diff --git a/routes/users.js b/routes/users.js index 195da44..9ce118a 100644 --- a/routes/users.js +++ b/routes/users.js @@ -1,7 +1,5 @@ const { Router } = require("express"); const app = Router(); -const { clearContent } = require("../lib"); - const { UserModel, MessageModel, ThreadModel } = require("../models"); app.get("/", async (req, res) => { @@ -23,13 +21,12 @@ app.get("/:id/avatar", async (req, res) => { app.get("/:id", async (req, res) => { const user = req.user const { id } = req.params; - const member = await UserModel.get(id,"+lastSeen"); + const member = await UserModel.get(id, "+lastSeen"); if (member && (user?.admin || !member.deleted)) { const message = await MessageModel.count({ authorID: id }); const thread = await ThreadModel.count({ authorID: id }); - member.about = clearContent(member.about) res.reply("user", { member, counts: { message, thread } }) } else res.error(404, `We don't have any user with id ${id}.`); diff --git a/views/register.ejs b/views/register.ejs index 1ce0f88..9eedee8 100644 --- a/views/register.ejs +++ b/views/register.ejs @@ -17,7 +17,7 @@ - + diff --git a/views/user.ejs b/views/user.ejs index 7b1aa41..1eca186 100644 --- a/views/user.ejs +++ b/views/user.ejs @@ -6,12 +6,13 @@ + <%- include("extra/navbar") %> -
+
<% if (user?.admin || user?.id === member.id) { %> Upload avatar @@ -28,7 +29,7 @@
- + <% if (user?.admin){ %> Is Admin? > @@ -93,7 +94,7 @@

Admin

<% } %> -
<%= member.about %>
+

Name: