diff --git a/extra_modules/ensureExists.js b/extra_modules/ensureExists.js index a1a7d82..0d14170 100644 --- a/extra_modules/ensureExists.js +++ b/extra_modules/ensureExists.js @@ -8,13 +8,13 @@ import {mkdir} from "fs" * @return {undefined} see: callback */ function ensureExists(path, mask, cb) { - if (typeof mask == 'function') { // Allow the `mask` parameter to be optional + if (typeof mask === 'function') { // Allow the `mask` parameter to be optional cb = mask; mask = 0o744; } mkdir(path, mask, function (err) { if (err) { - if (err.code == 'EEXIST') + if (err.code === 'EEXIST') cb(null); // Ignore the error if the folder already exists else cb(err); // Something else went wrong diff --git a/extra_modules/getip.js b/extra_modules/getip.js index c841a01..7cf79bd 100644 --- a/extra_modules/getip.js +++ b/extra_modules/getip.js @@ -7,7 +7,7 @@ const config = JSON.parse(fs.readFileSync("server_config.json")); */ function getIP(req) { let ip = req.socket.remoteAddress; - if (req.headers[config.preferred_ip_header] != undefined && ip == config.only_prefer_when_ip) + if (req.headers[config.preferred_ip_header] !== undefined && ip === config.only_prefer_when_ip) ip = req.headers[config.preferred_ip_header]; return ip; } diff --git a/js/dms.js b/js/dms.js index b6a4fca..56b8bf5 100644 --- a/js/dms.js +++ b/js/dms.js @@ -11,29 +11,29 @@ var highest_id var currentChannel let socket = new WebSocket(wss_URI); -socket.addEventListener("message", async function (event) { +socket.addEventListener("message", async function (_event) { console.info("TODO: add websocket support to dms") - return - if(wss_server == event.origin) { - let data = event.data; - let ds = JSON.parse(data) - let message = ds.message - let item = ds.data - let username = decodeURIComponent(item.post_user_name) - if(message == "new_post") { - await createPost(decodeURIComponent(item.post_user_name),decodeURIComponent(item.post_text),item.post_time,item.post_special_text,highest_id+1,item.post_from_bot,item.post_reply_id,true) - if(user["username"]!=username)mainNoti(username) + // return + // if(wss_server === event.origin) { + // let data = event.data; + // let ds = JSON.parse(data) + // let message = ds.message + // let item = ds.data + // let username = decodeURIComponent(item.post_user_name) + // if(message === "new_post") { + // await createPost(decodeURIComponent(item.post_user_name),decodeURIComponent(item.post_text),item.post_time,item.post_special_text,highest_id+1,item.post_from_bot,item.post_reply_id,true) + // if(user["username"]!==username)mainNoti(username) - let highest_known_posts = await (await fetch(`/api/getPostsLowerThan?id=${highest_id+28}&channel=${currentChannel}`)).json() - for (let i = 0; i < highest_known_posts.length; i++) { - if(document.getElementById(highest_known_posts[i].post_id) == undefined) { - main() - return; - } - } - highest_id++; - } - } + // let highest_known_posts = await (await fetch(`/api/getPostsLowerThan?id=${highest_id+28}&channel=${currentChannel}`)).json() + // for (let i = 0; i < highest_known_posts.length; i++) { + // if(document.getElementById(highest_known_posts[i].post_id) === undefined) { + // main() + // return; + // } + // } + // highest_id++; + // } + // } }) var cd = true //inversed "cooldown" @@ -74,12 +74,12 @@ async function postMsg() { alert(`Your message cant contain more than 1000 characters! (${len})`) return } - if(cd && posting_id!=undefined) { + if(cd && posting_id!==undefined) { cd = false let text = document.getElementById("post-text").value - if(typeof encrypt == "function" && encryption_keys != "") { + if(typeof encrypt === "function" && encryption_keys !== "") { text = encrypt(text,{ packed: encryption_keys }) @@ -103,7 +103,7 @@ async function update_pid() { console.log("new pid info: ",r) if(r.error) { //an error occurred - if(r.error == "you cannot access the api without being logged in") { + if(r.error === "you cannot access the api without being logged in") { //account error, go to login page location.replace("/") return @@ -125,7 +125,7 @@ function spacerTextNode() { const user_cache = {} async function getavatar(username) { let user = user_cache[username] - if(user == undefined) { + if(user === undefined) { user = (await (await fetch("/api/getotheruser?user="+encodeURIComponent(username))).json())["avatar"] if(user) { user = "/avatars/"+user @@ -139,7 +139,7 @@ async function getavatar(username) { async function reply_link_clicked(reply_channel,reply_id) { console.log("clicked link") - if(reply_channel != currentChannel) { + if(reply_channel !== currentChannel) { console.log("reply is in another channel") switchChannel(reply_channel) console.log("switched channel") @@ -186,7 +186,7 @@ async function createPost(username,text,time,specialtext,postid,isbot,reply_id,a time = time.toString() time = time.split(" ") time = time[0] + " " + time[1] + " " + time[2] + " " + time[3] + " " + time[4] - if(timedate=="Thu Jan 01 1970 01:00:00 GMT+0100 (Central European Standard Time)")time="unknown time" + if(timedate==="Thu Jan 01 1970 01:00:00 GMT+0100 (Central European Standard Time)")time="unknown time" const newTime = document.createTextNode(time) const newSpecialText = document.createTextNode(specialtext) newDiv.classList.add("post"); @@ -210,9 +210,9 @@ async function createPost(username,text,time,specialtext,postid,isbot,reply_id,a newP.appendChild(newA) newP.appendChild(spacerTextNode()) newP.appendChild(newSpan2) - if(specialtext != "")newP.appendChild(spacerTextNode()) + if(specialtext !== "")newP.appendChild(spacerTextNode()) newP.appendChild(newSpan3) - if(isbot==1){ + if(isbot===1){ newP.appendChild(spacerTextNode()) newP.appendChild(boticon) } @@ -220,7 +220,7 @@ async function createPost(username,text,time,specialtext,postid,isbot,reply_id,a // |\>.Reply to this Post` - if(reply_id != 0) { + if(reply_id !== 0) { try { const reply_obj = await (await fetch(`/api/dms/getDM?id=${reply_id}`)).json() const reply_username = decodeURIComponent(reply_obj.dms_user_name) @@ -236,7 +236,7 @@ async function createPost(username,text,time,specialtext,postid,isbot,reply_id,a replyA.appendChild(reply_username_text) replyA.appendChild(spacerTextNode()) - if(typeof decrypt == "function" && encryption_keys != "") { + if(typeof decrypt === "function" && encryption_keys !== "") { reply_text = decrypt(reply_text,{packed:encryption_keys}).msg } @@ -262,7 +262,7 @@ async function createPost(username,text,time,specialtext,postid,isbot,reply_id,a } } - if(typeof decrypt == "function" && encryption_keys != "") { + if(typeof decrypt === "function" && encryption_keys !== "") { text = decrypt(text,{packed:encryption_keys}).msg } newDiv.appendChild(newP) @@ -316,7 +316,7 @@ async function main(){ let mentions = document.getElementsByClassName("mention") for (let i = 0; i < mentions.length; i++) { - if(mentions[i]!=undefined && mentions[i].innerText == "@"+username) { + if(mentions[i]!==undefined && mentions[i].innerText === "@"+username) { mentions[i].classList.add("user-mention"); mentions[i].classList.remove("mention"); i--; @@ -336,7 +336,7 @@ async function reply(postid) { posttext = decodeURIComponent(posttext) - if(typeof decrypt == "function" && encryption_keys != "") { + if(typeof decrypt === "function" && encryption_keys !== "") { posttext = decrypt(posttext,{packed:encryption_keys}).msg } @@ -438,7 +438,7 @@ async function loadChannels() { let channels = [] for(let dm of dms) { - if(dm.dms_user_name == username) { + if(dm.dms_user_name === username) { channels[channels.length] = dm.dms_receiver } else { channels[channels.length] = dm.dms_user_name @@ -450,7 +450,7 @@ async function loadChannels() { let tab = document.getElementById("channelTab") tab.innerHTML = "" for (let i = 0; i < channels.length; i++) { - if(channels[i]=="")continue; + if(channels[i]==="")continue; createChannel(channels[i],tab) } } @@ -467,13 +467,13 @@ function init() { } async function clickPress(event) { - if (event.key == "Enter") { + if (event.key === "Enter") { user = (await (await fetch("/api/getotheruser?user="+encodeURIComponent(document.getElementById("Username_input").value))).json()) - if(user.username == undefined) { + if(user.username === undefined) { alert("invalid username entered") return } else { - if(document.getElementById(user.username) == undefined) { + if(document.getElementById(user.username) === undefined) { let tab = document.getElementById("channelTab") createChannel(encodeURIComponent(user.username),tab) } diff --git a/js/index.js b/js/index.js index 231f4e1..ab09676 100644 --- a/js/index.js +++ b/js/index.js @@ -1,6 +1,6 @@ window.addEventListener("load",async function(){ let data = await(await fetch("/api/getuser")).json() - if(data["username"] != undefined) { + if(data["username"] !== undefined) { document.getElementById("HasAccount").style="" } else { document.getElementById("NoAccount").style="" diff --git a/js/login.js b/js/login.js index fdd5c23..3fd05a3 100644 --- a/js/login.js +++ b/js/login.js @@ -15,7 +15,7 @@ async function login() { let passfield = document.getElementById("pass") function passkeydown(e) { - if(e.code == "Enter") { + if(e.code === "Enter") { login() } } \ No newline at end of file diff --git a/js/posts.js b/js/posts.js index d0c082b..b704b50 100644 --- a/js/posts.js +++ b/js/posts.js @@ -13,13 +13,13 @@ function getById(i){return document.getElementById(i)} let socket = new WebSocket(wss_URI); socket.addEventListener("message", async function (event) { console.log("new websocket message arrived"); - if(wss_server == event.origin) { + if(wss_server === event.origin) { let data = event.data; let ds = JSON.parse(data) let message = ds.message let item = ds.data let username = decURIComp(item.post_user_name) - if(message == "new_post" && decURIComp(item.post_receiver_name) == currentChannel) { + if(message === "new_post" && decURIComp(item.post_receiver_name) === currentChannel) { await createPost( username, decURIComp(item.post_text), @@ -37,11 +37,11 @@ socket.addEventListener("message", async function (event) { item.files[4] ) console.log("created new post"); - if(user["username"]!=username)mainNoti(username) + if(user["username"] !== username)mainNoti(username) let highest_known_posts = await (await fetch(`/api/getPostsLowerThan?id=${highest_id+28}&channel=${currentChannel}`)).json() for (let i = 0; i < highest_known_posts.length; i++) { - if(getById(highest_known_posts[i].post_id) == undefined) { + if(getById(highest_known_posts[i].post_id) === undefined) { main() return; } @@ -76,7 +76,7 @@ let last_called_postMsg = Date.now() last_called_postMsg = Date.now() let msg = getById("post-text").value let len = msg.length - if(len==0){ + if(len===0){ alert("you have to enter a message!") return; }; @@ -88,7 +88,7 @@ let last_called_postMsg = Date.now() alert("Your message is too long! (Too many special characters)") return } - if(cd && posting_id!=undefined) { + if(cd && posting_id !== undefined) { cd = false setTimeout(function(){ cd = true @@ -122,7 +122,7 @@ async function update_pid() { console.log("new pid info: ",r) if(r.error) { //an error occurred - if(r.error == "you cannot access the api without being logged in") { + if(r.error === "you cannot access the api without being logged in") { //account error, go to login page location.replace("/") return @@ -139,7 +139,7 @@ function spacerTextNode() { async function reply_link_clicked(reply_channel,reply_id) { console.log("clicked link") - if(reply_channel != currentChannel) { + if(reply_channel !== currentChannel) { console.log("reply is in another channel") switchChannel(reply_channel) console.log("switched channel") @@ -229,9 +229,9 @@ async function createPost(username,text,time,specialtext,postid,isbot,reply_id,a newP.appendChild(newA) newP.appendChild(spacerTextNode()) newP.appendChild(newSpan2) - if(specialtext != "")newP.appendChild(spacerTextNode()) + if(specialtext !== "")newP.appendChild(spacerTextNode()) newP.appendChild(newSpan3) - if(isbot==1){ + if(isbot === 1){ newP.appendChild(spacerTextNode()) newP.appendChild(boticon) } @@ -239,7 +239,7 @@ async function createPost(username,text,time,specialtext,postid,isbot,reply_id,a // |\>.Reply to this Post` - if(reply_id != 0) { + if(reply_id !== 0) { try { const reply_obj = await (await fetch(`/api/getPost?id=${reply_id}`)).json() const reply_username = decURIComp(reply_obj.post_user_name) @@ -417,7 +417,7 @@ async function main(){ let mentions = document.getElementsByClassName("mention") for (let i = 0; i < mentions.length; i++) { - if(mentions[i]!=undefined && mentions[i].innerText == "@"+username) { + if(mentions[i] !== undefined && mentions[i].innerText === "@"+username) { mentions[i].classList.add("user-mention"); mentions[i].classList.remove("mention"); i--; @@ -494,7 +494,7 @@ function switchChannel(channelname) { tab.innerHTML = "" for (let i = 0; i < channels.length; i++) { let channelname = decURIComp(channels[i]) - if(channelname == "")continue; + if(channelname === "")continue; let channelp = createElement("p") channelp.classList.add("channel") let textnode = document.createTextNode(channelname) @@ -505,8 +505,8 @@ function switchChannel(channelname) { let settings = await (await fetch("/api/settings")).json() // skipqc console.log(settings) // skipqc - if(settings != "null") { - if(settings.ACCR == false) { + if(settings !== "null") { + if(settings.ACCR === false) { unreply() } } @@ -561,7 +561,7 @@ function dropHandler(ev) { function init() { setInterval(update_pid,30000) - if(posting_id=="")update_pid() + if(posting_id==="")update_pid() main() firstAsk() loadChannels() diff --git a/js/register.js b/js/register.js index 899c4e7..71f2bcd 100644 --- a/js/register.js +++ b/js/register.js @@ -7,7 +7,7 @@ async function register() { alert("Username is too long!") return; } - if(document.getElementById("user").value.search("@") != -1) { + if(document.getElementById("user").value.search("@") !== -1) { alert("User cannot contain '@' character!") return; } @@ -31,7 +31,7 @@ async function register() { } function passkeydown(e) { - if(e.code == "Enter") { + if(e.code === "Enter") { register() } } \ No newline at end of file diff --git a/js/search.js b/js/search.js index 8f3d4a4..ada5a6c 100644 --- a/js/search.js +++ b/js/search.js @@ -20,7 +20,7 @@ async function submit() { console.log(res); for (let i = 0; i < res.length; i++) { let obj = res[i] - if(type=="user") { + if(type === "user") { createPost(decodeURIComponent(obj.User_Name || ""),decodeURIComponent(obj.User_Bio || "wow such empty"),0) } else { createPost(decodeURIComponent(obj.post_user_name),decodeURIComponent(obj.post_text),obj.post_time,obj.post_special_text,obj.post_id) @@ -53,7 +53,7 @@ function createPost(username,text,time,specialtext,postid) { time = time.toString() time = time.split(" ") time = time[0] + " " + time[1] + " " + time[2] + " " + time[3] + " " + time[4] - if(timedate=="Thu Jan 01 1970 01:00:00 GMT+0100 (Central European Standard Time)")time="" + if(timedate==="Thu Jan 01 1970 01:00:00 GMT+0100 (Central European Standard Time)")time="" const newTime = document.createTextNode(time) const newSpecialText = document.createTextNode(specialtext) @@ -68,9 +68,9 @@ function createPost(username,text,time,specialtext,postid) { newP.appendChild(newA) - if(time != "")newP.appendChild(spacerTextNode()) + if(time !== "")newP.appendChild(spacerTextNode()) newP.appendChild(newSpan2) - if(specialtext != "" && time != "")newP.appendChild(spacerTextNode()) + if(specialtext !== "" && time !== "")newP.appendChild(spacerTextNode()) newP.appendChild(newSpan3) newDiv.appendChild(newP) diff --git a/js/settings.js b/js/settings.js index f08e440..11ff1c1 100644 --- a/js/settings.js +++ b/js/settings.js @@ -129,10 +129,10 @@ async function setAllowCCR() { let r = await(await post("/api/settings",{setting: settingname, value: ACCR})).json() // skipqc - if(r.status == "error") { + if(r.status === "error") { alert("Couldn't change setting") console.log(r.code) - } else if(r.status == "success") { + } else if(r.status === "success") { //changed setting } } \ No newline at end of file diff --git a/js/user.js b/js/user.js index b364379..977e30a 100644 --- a/js/user.js +++ b/js/user.js @@ -4,10 +4,10 @@ function getCookie(cname) { let ca = decodedCookie.split(';'); for(let i = 0; i { res.set("Access-Control-Allow-Origin", "*"); //we'll allow it for now let unsigned; - if (req.body.user == undefined || req.body.pass == undefined) { + if (req.body.user === undefined || req.body.pass === undefined) { if(typeof req.get("ipost-auth-token") === "string") { try{ req.body.auth = JSON.parse(req.get("ipost-auth-token")) @@ -18,7 +18,7 @@ export const setup = function (router, con, server) { console.log("error parsing header",err) } } - if(req.body.auth !== undefined && req.originalUrl!=="/redeemauthcode") { + if(req.body.auth !== undefined && req.originalUrl !== "/redeemauthcode") { if(typeof req.body.auth === "string") { try{ req.body.auth = JSON.parse(req.body.auth) @@ -45,7 +45,7 @@ export const setup = function (router, con, server) { con.query(sql,[SHA256(req.body.auth.auth_token,req.body.auth.appid, HASHES_DB),SHA256(req.body.auth.secret,req.body.auth.appid, HASHES_DB),req.body.auth.appid],(err,result) => { if(err) throw err; - if(result.length != 1) { + if(result.length !== 1) { res.status(420).send("invalid authentication object (or server error?)") return; } @@ -90,7 +90,7 @@ export const setup = function (router, con, server) { con.query(sql, values, function (err, result) { if (err) throw err; - if (result[0] && result[0].User_Name && result[0].User_Name == values[0]) { + if (result[0] && result[0].User_Name && result[0].User_Name === values[0]) { res.locals.userid = result[0].User_ID; res.locals.username = result[0].User_Name; @@ -105,13 +105,13 @@ export const setup = function (router, con, server) { router.use("/api/*", (req, res, next) => { res.set("Access-Control-Allow-Origin", "*"); //we'll allow it for now - if (config["allow_getotheruser_without_cookie"] && req.originalUrl.split("\?")[0] == "/api/getotheruser") { + if (config["allow_getotheruser_without_cookie"] && req.originalUrl.split("\?")[0] === "/api/getotheruser") { next(); return; } if (!server.increaseAPICall(req, res))return; - if (res.locals.username != undefined) { + if (res.locals.username !== undefined) { next(); } else { diff --git a/routes/api/dms/PersonalMessages.js b/routes/api/dms/PersonalMessages.js index b7b4bb2..656b035 100644 --- a/routes/api/dms/PersonalMessages.js +++ b/routes/api/dms/PersonalMessages.js @@ -4,7 +4,7 @@ export const setup = function (router, con, server) { router.get("/api/getPersonalPosts", function (req, res) { res.set("Access-Control-Allow-Origin", ""); let otherperson = encodeURIComponent(req.query.otherperson || ""); - if (typeof otherperson != "string" || otherperson.length > 100 || otherperson == "") { + if (typeof otherperson !== "string" || otherperson.length > 100 || otherperson === "") { res.status(410).json({ "error": "invalid otherperson given" }); return; } @@ -23,11 +23,8 @@ export const setup = function (router, con, server) { }); router.get("/api/dms/conversations", function (req, res) { res.set("Access-Control-Allow-Origin", "*"); - const columns = [ - "dms_user_name", "dms_receiver" - ]; let uriencusername = encodeURIComponent(res.locals.username); - let sql = `select ${columns.join(",")} from ipost.dms where ((dms_receiver = ?) or (dms_user_name = ?)) group by dms_receiver,dms_user_name;`; + let sql = `select dms_user_name, dms_receiver from ipost.dms where ((dms_receiver = ?) or (dms_user_name = ?)) group by dms_receiver,dms_user_name;`; con.query(sql, [uriencusername, uriencusername], function (err, result) { if (err) throw err; diff --git a/routes/api/dms/post.js b/routes/api/dms/post.js index 870c930..69b5639 100644 --- a/routes/api/dms/post.js +++ b/routes/api/dms/post.js @@ -4,7 +4,7 @@ export const setup = function (router, con, server) { function createPID(){ let pid = server.genstring(10); //collision chance is low enough, but we'll check anyways - while (PIDS[pid] != undefined) { + while (PIDS[pid] !== undefined) { pid = server.genstring(10); console.log(5, "pid collision"); } @@ -26,17 +26,17 @@ export const setup = function (router, con, server) { res.json({ "error": "no message to post" }); return; } - if ((typeof req.body.message) != "string") { + if ((typeof req.body.message) !== "string") { res.status(411) res.json({ "error": "no message to post" }); return; } - if ((typeof req.body.pid) != "string") { + if ((typeof req.body.pid) !== "string") { res.status(412) res.json({ "error": "no pid given" }); return; } - if (req.body.pid.length != 10 || PIDS[req.body.pid] !== true) { + if (req.body.pid.length !== 10 || PIDS[req.body.pid] !== true) { res.status(413) res.json({ "error": "invalid pid given" }); return; @@ -49,7 +49,7 @@ export const setup = function (router, con, server) { else { reply_id = req.body.reply_id; } - if ((typeof reply_id) != "number") { + if ((typeof reply_id) !== "number") { res.status(414) res.json({ "error": "no valid reply id given" }); return; @@ -66,7 +66,7 @@ export const setup = function (router, con, server) { return; } req.body.receiver = encodeURIComponent(req.body.receiver || ""); - if (req.body.receiver == "" || req.body.receiver == encodeURIComponent(res.locals.username) || req.body.receiver.length > 100) { + if (req.body.receiver === "" || req.body.receiver === encodeURIComponent(res.locals.username) || req.body.receiver.length > 100) { res.status(417).json({ "error": "invalid receiver given" }); return; } @@ -85,28 +85,10 @@ export const setup = function (router, con, server) { console.error(err) return; } - // let post_obj = { - // post_user_name: encodeURIComponent(res.locals.username), - // post_text: req.body.message, - // post_time: Date.now(), - // post_special_text: "", - // post_receiver_name: req.body.receiver, - // post_from_bot: res.locals.isbot, - // post_reply_id: reply_id - // } - // let message = { - // message: "new_post", - // data: post_obj - // } - // let messagestr = JSON.stringify(message) - // server.wss.clients.forEach(function(ws) { - // if(ws.channel == decodeURIComponent(req.body.receiver)) { - // ws.send(messagestr) - // } - // }); res.json({ "success": "successfully posted dm" }); console.log(5, `posted new dm by ${res.locals.username} to ${otherperson} : ${xor(encodeURIComponent(res.locals.username), otherperson)}`); }); + //TODO: bring dms up-to-date with normal posts }); return createPID }; diff --git a/routes/api/getPosts.js b/routes/api/getPosts.js index 514808f..ca5a4b2 100644 --- a/routes/api/getPosts.js +++ b/routes/api/getPosts.js @@ -5,7 +5,7 @@ export const setup = function (router, con, server) { }); router.get("/api/getPosts", function (req, res) { res.set("Access-Control-Allow-Origin", "*"); - if (req.query.channel != undefined) { + if (req.query.channel !== undefined) { let sql = `select post_user_name,post_text,post_time,post_special_text,post_id,post_from_bot,post_reply_id,User_Avatar,file_0,file_1,file_2,file_3,file_4 from ipost.posts inner join ipost.users on (User_Name = post_user_name) where post_receiver_name = ? group by post_id order by post_id desc limit 30;`; con.query(sql, [encodeURIComponent(req.query.channel)], function (err, result) { if (err) @@ -24,7 +24,7 @@ export const setup = function (router, con, server) { }); router.get("/api/getPostsLowerThan", function (req, res) { res.set("Access-Control-Allow-Origin", "*"); - if (req.query.channel != undefined) { + if (req.query.channel !== undefined) { let sql = `select post_user_name,post_text,post_time,post_special_text,post_id,post_from_bot,post_reply_id,file_0,file_1,file_2,file_3,file_4 from ipost.posts where ((post_receiver_name = ?) and (post_id < ?)) group by post_id order by post_id desc limit 30;`; con.query(sql, [encodeURIComponent(req.query.channel), req.query.id], function (err, result) { if (err) diff --git a/routes/api/post.js b/routes/api/post.js index e9418f4..0dda472 100644 --- a/routes/api/post.js +++ b/routes/api/post.js @@ -18,7 +18,7 @@ export const setup = function (router, con, server) { function createPID(){ let pid = server.genstring(10); //collision chance is low enough, but we'll check anyways - while (PIDS[pid] != undefined) { + while (PIDS[pid] !== undefined) { pid = server.genstring(10); console.log(5, "pid collision"); } @@ -110,7 +110,7 @@ export const setup = function (router, con, server) { function validateReceiver(rec) { let receiver = encodeURIComponent(rec || ""); - if (receiver == "") + if (receiver === "") receiver = "everyone"; return receiver } diff --git a/routes/api/search.js b/routes/api/search.js index dc683f7..6223953 100644 --- a/routes/api/search.js +++ b/routes/api/search.js @@ -3,12 +3,12 @@ export const setup = function (router, con, server) { res.set("Access-Control-Allow-Origin", ""); let type = req.query.type; let arg = encodeURIComponent(req.query.selector); - if (type == "user") { + if (type === "user") { let sql = `select User_Name,User_Bio,User_Avatar from ipost.users where User_Name like ? limit 10;`; con.query(sql, [`%${arg}%`], function (err, result) { if (err) throw err; - if (result[0] && result[0].User_Name) { + if (result[0]) { result["message"] = "search has been deprecated as of 11/30/2022" res.json(result); } @@ -17,7 +17,7 @@ export const setup = function (router, con, server) { } }); } - else if (type == "post") { + else if (type === "post") { let sql = `select post_user_name,post_text,post_time,post_special_text,post_id from ipost.posts where post_text like ? and (post_receiver_name is null or post_receiver_name = 'everyone') order by post_id desc limit 20;`; con.query(sql, [`%${arg}%`], function (err, result) { if (err) diff --git a/routes/api/settingshandler.js b/routes/api/settingshandler.js index 764f1f0..984a621 100644 --- a/routes/api/settingshandler.js +++ b/routes/api/settingshandler.js @@ -11,7 +11,7 @@ export const setup = function (router, con, server) { res.json({ "error": "no setting to change" }); return; } - if ((typeof req.body.setting) != "string") { + if ((typeof req.body.setting) !== "string") { res.status(411) res.json({ "error": "no setting to change" }); return; @@ -20,7 +20,7 @@ export const setup = function (router, con, server) { let allowed = false; let got = typeof req.body.value; for (let index = 0; index < types.length; index++) { - if (types[index] == got) { + if (types[index] === got) { allowed = true; break; } diff --git a/routes/api/userRoutes.js b/routes/api/userRoutes.js index 5c29119..852521d 100644 --- a/routes/api/userRoutes.js +++ b/routes/api/userRoutes.js @@ -29,7 +29,7 @@ export const setup = function (router, con, server) { } catch(ignored){} } let filename = genstring(95) + ".webp"; - while (existsSync(avatars + "/" + filename) || filename == ".webp") { //generate new filename until it's unique + while (existsSync(avatars + "/" + filename) || filename === ".webp") { //generate new filename until it's unique filename = genstring(95) + ".webp"; } sharp(avatar.data).resize({ //resize avatar to 100x100 and convert it to a webp, then store it @@ -54,7 +54,7 @@ export const setup = function (router, con, server) { }); router.get("/api/getalluserinformation", function (req, res) { res.set("Access-Control-Allow-Origin", ""); //we don't want that here - let unsigned = getunsigned(req, res); + let unsigned = getunsigned(req, res); //has to be asking for it via the cookie if (!unsigned) return; unsigned = decodeURIComponent(unsigned); @@ -64,7 +64,7 @@ export const setup = function (router, con, server) { con.query(sql, values, function (err, result) { if (err) throw err; - if (result[0] && result[0].User_Name && result[0].User_Name == values[0]) { + if (result[0]) { res.status(200); res.json(result[0]); } @@ -81,7 +81,7 @@ export const setup = function (router, con, server) { con.query(sql, [username], function (err, result) { if (err) throw err; - if (result[0] && result[0].User_Name && result[0].User_Name == username) { + if (result[0]) { res.json({ "username": username, "bio": result[0].User_Bio, "avatar": result[0].User_Avatar, "publicKey": result[0].User_PublicKey }); } else { @@ -112,11 +112,11 @@ export const setup = function (router, con, server) { }); router.post("/api/changePW", (req, res) => { res.set("Access-Control-Allow-Origin", ""); - if ((typeof req.body.newPW) != "string") { + if ((typeof req.body.newPW) !== "string") { res.json({ "error": "incorrect password" }); return; } - if ((typeof req.body.currentPW) != "string") { + if ((typeof req.body.currentPW) !== "string") { res.json({ "error": "incorrect password" }); return; } @@ -132,7 +132,7 @@ export const setup = function (router, con, server) { con.query(sql, values, function (err, result) { if (err) throw err; - if (result[0] && result[0].User_Name && result[0].User_Name == res.locals.username) { + if (result[0]) { let sql = `update ipost.users set User_PW=? where User_Name=? and User_PW=?;`; let values = [hashed_new_pw, res.locals.username, hashed_pw]; con.query(sql, values, (err2) => { @@ -152,12 +152,12 @@ export const setup = function (router, con, server) { }); router.post("/api/changeUsername", function (req, res) { res.set("Access-Control-Allow-Origin", ""); - if ((typeof req.body.newUsername) != "string") { + if ((typeof req.body.newUsername) !== "string") { res.status(410); res.json({ "error": "incorrect username" }); return; } - if ((typeof req.body.currentPW) != "string") { + if ((typeof req.body.currentPW) !== "string") { res.status(411); res.json({ "error": "incorrect password" }); return; @@ -167,19 +167,19 @@ export const setup = function (router, con, server) { res.json({ "error": "username is too long" }); return; } - if (req.body.newUsername == res.locals.username) { + if (req.body.newUsername === res.locals.username) { res.status(413); res.json({ "error": "username can't be the current one" }); return; } let hashed_pw = SHA256(req.body.currentPW, res.locals.username, HASHES_DB); let hashed_new_pw = SHA256(req.body.currentPW, req.body.newUsername, HASHES_DB); - let sql = `select * from ipost.users where User_Name=?;`; //check if pw is correct - let values = [res.locals.username]; + let sql = `select * from ipost.users where User_Name=? and User_PW=?;`; //check if pw is correct + let values = [res.locals.username,hashed_pw]; con.query(sql, values, function (err, result) { if (err) throw err; - if (result[0] && result[0].User_PW == hashed_pw) { + if (result[0]) { let sql = `select * from ipost.users where User_Name=?;`; //check if newUsername isn't already used let values = [req.body.newUsername]; con.query(sql, values, function (err, result) { diff --git a/routes/user_auth.js b/routes/user_auth.js index f317fc9..6838082 100644 --- a/routes/user_auth.js +++ b/routes/user_auth.js @@ -19,12 +19,12 @@ export const setup = function (router, con, server) { return; } res.status(200); - if ((typeof req.body.user) != "string") { + if ((typeof req.body.user) !== "string") { res.status(416); res.json({ "error": "incorrect username" }); return; } - if ((typeof req.body.pass) != "string") { + if ((typeof req.body.pass) !== "string") { res.status(417); res.json({ "error": "incorrect password" }); return; @@ -37,7 +37,7 @@ export const setup = function (router, con, server) { res.redirect("/register?success=false&reason=username"); return; } - if (username == "") { + if (username === "") { res.status(411); res.redirect("/register?success=false&reason=username"); return; @@ -52,7 +52,7 @@ export const setup = function (router, con, server) { res.send("username is too long"); return; } - if (username.search("@") != -1) { + if (username.search("@") !== -1) { res.status(414); res.send("username can't contain @-characters"); return; @@ -93,12 +93,12 @@ export const setup = function (router, con, server) { router.post("/login", function (req, res) { if (!increaseAPICall(req, res)) return; - if ((typeof req.body.user) != "string") { + if ((typeof req.body.user) !== "string") { res.status(416); res.json({ "error": "incorrect username" }); return; } - if ((typeof req.body.pass) != "string") { + if ((typeof req.body.pass) !== "string") { res.status(417); res.json({ "error": "incorrect password" }); return; @@ -150,7 +150,7 @@ export const setup = function (router, con, server) { let cookiesigned = signature.sign(setTo, cookiesecret + (!no_ip_lock ? ip : "")); res.cookie('AUTH_COOKIE', cookiesigned, { maxAge: Math.pow(10, 10), httpOnly: true, secure: DID_I_FINALLY_ADD_HTTPS }); ip = SHA256(ip, setTo, HASHES_DB); - if (result[0].User_LastIP != ip) { + if (result[0].User_LastIP !== ip) { let sql = `update ipost.users set User_LastIP = ? where User_Name = ?;`; con.query(sql, [ip, encodeURIComponent(username)], function (error) { if (error) diff --git a/routes/userfiles.js b/routes/userfiles.js index fdbff68..0108970 100644 --- a/routes/userfiles.js +++ b/routes/userfiles.js @@ -57,7 +57,7 @@ export const setup = function (router, con, server) { let out = [] for(let channel of result){ - if(channel.post_receiver_name == "")continue; + if(channel.post_receiver_name === "")continue; out[out.length] = channel.post_receiver_name } @@ -109,7 +109,7 @@ export const setup = function (router, con, server) { async function handleUserFiles(request, response, overrideurl) { if (!increaseUSERCall(request, response))return; - if(typeof overrideurl != "string")overrideurl = undefined; + if(typeof overrideurl !== "string")overrideurl = undefined; let originalUrl = overrideurl || request.originalUrl.split("?").shift(); @@ -177,13 +177,13 @@ export const setup = function (router, con, server) { return; } - if(originalUrl == "/favicon.ico") { + if(originalUrl === "/favicon.ico") { response.set('Cache-Control', 'public, max-age=2592000'); response.sendFile(dir + "/views/favicon.ico") return } - if(originalUrl == "/api/documentation/") { + if(originalUrl === "/api/documentation/") { readFile(path,function(_err,res){ response.send(res.toString()) }) diff --git a/server.js b/server.js index 3d6c764..19c424f 100644 --- a/server.js +++ b/server.js @@ -36,7 +36,7 @@ const original_log = console.log; */ function log_info(level, ...info) { let text = info; - if (text == undefined || text.length == 0) { + if (text === undefined || text.length === 0) { text = level; level = 5; } @@ -162,11 +162,11 @@ function increaseIndividualCall(url, req) { if (!conf["enabled"]) return true; let ip = getIP(req); - if (INDIVIDUAL_CALLS[ip] == undefined) + if (INDIVIDUAL_CALLS[ip] === undefined) INDIVIDUAL_CALLS[ip] = {}; - if (INDIVIDUAL_CALLS[ip][url] == undefined) + if (INDIVIDUAL_CALLS[ip][url] === undefined) INDIVIDUAL_CALLS[ip][url] = 0; - if (INDIVIDUAL_CALLS[ip][url] == 0) { + if (INDIVIDUAL_CALLS[ip][url] === 0) { setTimeout(function () { INDIVIDUAL_CALLS[ip][url] = 0; }, conf["reset_time"]); @@ -192,7 +192,7 @@ function increaseAccountAPICall(req, res) { return false; let values = unsigned.split(" "); let username = values[0]; - if (API_CALLS_ACCOUNT[username] == undefined) + if (API_CALLS_ACCOUNT[username] === undefined) API_CALLS_ACCOUNT[username] = 0; if (API_CALLS_ACCOUNT[username] >= config.rate_limits.api.max_per_account) { res.status(429); @@ -203,7 +203,7 @@ function increaseAccountAPICall(req, res) { } function increaseAPICall(req, res, next) { let ip = getIP(req); - if (API_CALLS[ip] == undefined) + if (API_CALLS[ip] === undefined) API_CALLS[ip] = 0; if (API_CALLS[ip] >= config.rate_limits.api.max_without_session) { if (REVERSE_SESSIONS[ip] && req.cookies.session !== REVERSE_SESSIONS[ip]) { //expected a session, but didn't get one @@ -215,7 +215,7 @@ function increaseAPICall(req, res, next) { let session; do { session = genstring(300); - } while (SESSIONS[session] != undefined); + } while (SESSIONS[session] !== undefined); SESSIONS[session] = ip; REVERSE_SESSIONS[ip] = session; setTimeout(function () { @@ -241,7 +241,7 @@ function increaseAPICall(req, res, next) { } function increaseUSERCall(req, res, next) { let ip = getIP(req); - if (USER_CALLS[ip] == undefined) + if (USER_CALLS[ip] === undefined) USER_CALLS[ip] = 0; if (USER_CALLS[ip] >= config.rate_limits.user.max) { res.status(429); @@ -307,13 +307,13 @@ if (DID_I_FINALLY_ADD_HTTPS) { app.use("/*", function (req, res, next) { res.set("x-powered-by", "ipost"); for (let i = 0; i < blocked_headers.length; i++) { - if (req.header(blocked_headers[i]) != undefined) { + if (req.header(blocked_headers[i]) !== undefined) { res.json({ "error": "we don't allow proxies on our website." }); return; } } let fullurl = req.baseUrl + req.path; - if (fullurl != "/") { + if (fullurl !== "/") { fullurl = fullurl.substring(0, fullurl.length - 1); } if (!increaseIndividualCall(fullurl, req)) { @@ -418,7 +418,7 @@ wss.on("connection", function connection(ws) { console.log(5,"new connection"); ws.on("message", function incoming(message) { message = JSON.parse(message); - if (message.id == "switchChannel") { + if (message.id === "switchChannel") { ws.channel = decodeURIComponent(message.data); } });