code002lover/IPost
1
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

fix some anti pattern stuff

Browse Source
This commit is contained in:
Mystikfluu 2023-02-10 19:24:05 +01:00
parent 0a46eeee9f
commit 3254d01581
21 changed files with 130 additions and 151 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
extra_modules/ensureExists.js
View File

@ -8,13 +8,13 @@ import {mkdir} from "fs"
* @return {undefined} see: callback * @return {undefined} see: callback
*/ */
function ensureExists(path, mask, cb) { function ensureExists(path, mask, cb) {
if (typeof mask == 'function') { // Allow the `mask` parameter to be optional if (typeof mask === 'function') { // Allow the `mask` parameter to be optional
cb = mask; cb = mask;
mask = 0o744; mask = 0o744;
} }
mkdir(path, mask, function (err) { mkdir(path, mask, function (err) {
if (err) { if (err) {
if (err.code == 'EEXIST') if (err.code === 'EEXIST')
cb(null); // Ignore the error if the folder already exists cb(null); // Ignore the error if the folder already exists
else else
cb(err); // Something else went wrong cb(err); // Something else went wrong

2
extra_modules/getip.js
View File

@ -7,7 +7,7 @@ const config = JSON.parse(fs.readFileSync("server_config.json"));
*/ */
function getIP(req) { function getIP(req) {
let ip = req.socket.remoteAddress; let ip = req.socket.remoteAddress;
if (req.headers[config.preferred_ip_header] != undefined && ip == config.only_prefer_when_ip) if (req.headers[config.preferred_ip_header] !== undefined && ip === config.only_prefer_when_ip)
ip = req.headers[config.preferred_ip_header]; ip = req.headers[config.preferred_ip_header];
return ip; return ip;
} }

78
js/dms.js
View File

@ -11,29 +11,29 @@ var highest_id
var currentChannel var currentChannel
let socket = new WebSocket(wss_URI); let socket = new WebSocket(wss_URI);
socket.addEventListener("message", async function (event) { socket.addEventListener("message", async function (_event) {
console.info("TODO: add websocket support to dms") console.info("TODO: add websocket support to dms")
return // return
if(wss_server == event.origin) { // if(wss_server === event.origin) {
let data = event.data; // let data = event.data;
let ds = JSON.parse(data) // let ds = JSON.parse(data)
let message = ds.message // let message = ds.message
let item = ds.data // let item = ds.data
let username = decodeURIComponent(item.post_user_name) // let username = decodeURIComponent(item.post_user_name)
if(message == "new_post") { // if(message === "new_post") {
await createPost(decodeURIComponent(item.post_user_name),decodeURIComponent(item.post_text),item.post_time,item.post_special_text,highest_id+1,item.post_from_bot,item.post_reply_id,true) // await createPost(decodeURIComponent(item.post_user_name),decodeURIComponent(item.post_text),item.post_time,item.post_special_text,highest_id+1,item.post_from_bot,item.post_reply_id,true)
if(user["username"]!=username)mainNoti(username) // if(user["username"]!==username)mainNoti(username)
let highest_known_posts = await (await fetch(`/api/getPostsLowerThan?id=${highest_id+28}&channel=${currentChannel}`)).json() // let highest_known_posts = await (await fetch(`/api/getPostsLowerThan?id=${highest_id+28}&channel=${currentChannel}`)).json()
for (let i = 0; i < highest_known_posts.length; i++) { // for (let i = 0; i < highest_known_posts.length; i++) {
if(document.getElementById(highest_known_posts[i].post_id) == undefined) { // if(document.getElementById(highest_known_posts[i].post_id) === undefined) {
main() // main()
return; // return;
} // }
} // }
highest_id++; // highest_id++;
} // }
} // }
}) })
var cd = true //inversed "cooldown" var cd = true //inversed "cooldown"
@ -74,12 +74,12 @@ async function postMsg() {
alert(`Your message cant contain more than 1000 characters! (${len})`) alert(`Your message cant contain more than 1000 characters! (${len})`)
return return
} }
if(cd && posting_id!=undefined) { if(cd && posting_id!==undefined) {
cd = false cd = false
let text = document.getElementById("post-text").value let text = document.getElementById("post-text").value
if(typeof encrypt == "function" && encryption_keys != "") { if(typeof encrypt === "function" && encryption_keys !== "") {
text = encrypt(text,{ text = encrypt(text,{
packed: encryption_keys packed: encryption_keys
}) })
@ -103,7 +103,7 @@ async function update_pid() {
console.log("new pid info: ",r) console.log("new pid info: ",r)
if(r.error) { if(r.error) {
//an error occurred //an error occurred
if(r.error == "you cannot access the api without being logged in") { if(r.error === "you cannot access the api without being logged in") {
//account error, go to login page //account error, go to login page
location.replace("/") location.replace("/")
return return
@ -125,7 +125,7 @@ function spacerTextNode() {
const user_cache = {} const user_cache = {}
async function getavatar(username) { async function getavatar(username) {
let user = user_cache[username] let user = user_cache[username]
if(user == undefined) { if(user === undefined) {
user = (await (await fetch("/api/getotheruser?user="+encodeURIComponent(username))).json())["avatar"] user = (await (await fetch("/api/getotheruser?user="+encodeURIComponent(username))).json())["avatar"]
if(user) { if(user) {
user = "/avatars/"+user user = "/avatars/"+user
@ -139,7 +139,7 @@ async function getavatar(username) {
async function reply_link_clicked(reply_channel,reply_id) { async function reply_link_clicked(reply_channel,reply_id) {
console.log("clicked link") console.log("clicked link")
if(reply_channel != currentChannel) { if(reply_channel !== currentChannel) {
console.log("reply is in another channel") console.log("reply is in another channel")
switchChannel(reply_channel) switchChannel(reply_channel)
console.log("switched channel") console.log("switched channel")
@ -186,7 +186,7 @@ async function createPost(username,text,time,specialtext,postid,isbot,reply_id,a
time = time.toString() time = time.toString()
time = time.split(" ") time = time.split(" ")
time = time[0] + " " + time[1] + " " + time[2] + " " + time[3] + " " + time[4] time = time[0] + " " + time[1] + " " + time[2] + " " + time[3] + " " + time[4]
if(timedate=="Thu Jan 01 1970 01:00:00 GMT+0100 (Central European Standard Time)")time="unknown time" if(timedate==="Thu Jan 01 1970 01:00:00 GMT+0100 (Central European Standard Time)")time="unknown time"
const newTime = document.createTextNode(time) const newTime = document.createTextNode(time)
const newSpecialText = document.createTextNode(specialtext) const newSpecialText = document.createTextNode(specialtext)
newDiv.classList.add("post"); newDiv.classList.add("post");
@ -210,9 +210,9 @@ async function createPost(username,text,time,specialtext,postid,isbot,reply_id,a
newP.appendChild(newA) newP.appendChild(newA)
newP.appendChild(spacerTextNode()) newP.appendChild(spacerTextNode())
newP.appendChild(newSpan2) newP.appendChild(newSpan2)
if(specialtext != "")newP.appendChild(spacerTextNode()) if(specialtext !== "")newP.appendChild(spacerTextNode())
newP.appendChild(newSpan3) newP.appendChild(newSpan3)
if(isbot==1){ if(isbot===1){
newP.appendChild(spacerTextNode()) newP.appendChild(spacerTextNode())
newP.appendChild(boticon) newP.appendChild(boticon)
} }
@ -220,7 +220,7 @@ async function createPost(username,text,time,specialtext,postid,isbot,reply_id,a
// |\>.</| // |\>.</|
newP.innerHTML += `<button onclick="reply(${postid})">Reply to this Post</button>` newP.innerHTML += `<button onclick="reply(${postid})">Reply to this Post</button>`
if(reply_id != 0) { if(reply_id !== 0) {
try { try {
const reply_obj = await (await fetch(`/api/dms/getDM?id=${reply_id}`)).json() const reply_obj = await (await fetch(`/api/dms/getDM?id=${reply_id}`)).json()
const reply_username = decodeURIComponent(reply_obj.dms_user_name) const reply_username = decodeURIComponent(reply_obj.dms_user_name)
@ -236,7 +236,7 @@ async function createPost(username,text,time,specialtext,postid,isbot,reply_id,a
replyA.appendChild(reply_username_text) replyA.appendChild(reply_username_text)
replyA.appendChild(spacerTextNode()) replyA.appendChild(spacerTextNode())
if(typeof decrypt == "function" && encryption_keys != "") { if(typeof decrypt === "function" && encryption_keys !== "") {
reply_text = decrypt(reply_text,{packed:encryption_keys}).msg reply_text = decrypt(reply_text,{packed:encryption_keys}).msg
} }
@ -262,7 +262,7 @@ async function createPost(username,text,time,specialtext,postid,isbot,reply_id,a
} }
} }
if(typeof decrypt == "function" && encryption_keys != "") { if(typeof decrypt === "function" && encryption_keys !== "") {
text = decrypt(text,{packed:encryption_keys}).msg text = decrypt(text,{packed:encryption_keys}).msg
} }
newDiv.appendChild(newP) newDiv.appendChild(newP)
@ -316,7 +316,7 @@ async function main(){
let mentions = document.getElementsByClassName("mention") let mentions = document.getElementsByClassName("mention")
for (let i = 0; i < mentions.length; i++) { for (let i = 0; i < mentions.length; i++) {
if(mentions[i]!=undefined && mentions[i].innerText == "@"+username) { if(mentions[i]!==undefined && mentions[i].innerText === "@"+username) {
mentions[i].classList.add("user-mention"); mentions[i].classList.add("user-mention");
mentions[i].classList.remove("mention"); mentions[i].classList.remove("mention");
i--; i--;
@ -336,7 +336,7 @@ async function reply(postid) {
posttext = decodeURIComponent(posttext) posttext = decodeURIComponent(posttext)
if(typeof decrypt == "function" && encryption_keys != "") { if(typeof decrypt === "function" && encryption_keys !== "") {
posttext = decrypt(posttext,{packed:encryption_keys}).msg posttext = decrypt(posttext,{packed:encryption_keys}).msg
} }
@ -438,7 +438,7 @@ async function loadChannels() {
let channels = [] let channels = []
for(let dm of dms) { for(let dm of dms) {
if(dm.dms_user_name == username) { if(dm.dms_user_name === username) {
channels[channels.length] = dm.dms_receiver channels[channels.length] = dm.dms_receiver
} else { } else {
channels[channels.length] = dm.dms_user_name channels[channels.length] = dm.dms_user_name
@ -450,7 +450,7 @@ async function loadChannels() {
let tab = document.getElementById("channelTab") let tab = document.getElementById("channelTab")
tab.innerHTML = "" tab.innerHTML = ""
for (let i = 0; i < channels.length; i++) { for (let i = 0; i < channels.length; i++) {
if(channels[i]=="")continue; if(channels[i]==="")continue;
createChannel(channels[i],tab) createChannel(channels[i],tab)
} }
} }
@ -467,13 +467,13 @@ function init() {
} }
async function clickPress(event) { async function clickPress(event) {
if (event.key == "Enter") { if (event.key === "Enter") {
user = (await (await fetch("/api/getotheruser?user="+encodeURIComponent(document.getElementById("Username_input").value))).json()) user = (await (await fetch("/api/getotheruser?user="+encodeURIComponent(document.getElementById("Username_input").value))).json())
if(user.username == undefined) { if(user.username === undefined) {
alert("invalid username entered") alert("invalid username entered")
return return
} else { } else {
if(document.getElementById(user.username) == undefined) { if(document.getElementById(user.username) === undefined) {
let tab = document.getElementById("channelTab") let tab = document.getElementById("channelTab")
createChannel(encodeURIComponent(user.username),tab) createChannel(encodeURIComponent(user.username),tab)
} }

2
js/index.js
View File

@ -1,6 +1,6 @@
window.addEventListener("load",async function(){ window.addEventListener("load",async function(){
let data = await(await fetch("/api/getuser")).json() let data = await(await fetch("/api/getuser")).json()
if(data["username"] != undefined) { if(data["username"] !== undefined) {
document.getElementById("HasAccount").style="" document.getElementById("HasAccount").style=""
} else { } else {
document.getElementById("NoAccount").style="" document.getElementById("NoAccount").style=""

2
js/login.js
View File

@ -15,7 +15,7 @@ async function login() {
let passfield = document.getElementById("pass") let passfield = document.getElementById("pass")
function passkeydown(e) { function passkeydown(e) {
if(e.code == "Enter") { if(e.code === "Enter") {
login() login()
} }
} }

32
js/posts.js
View File

@ -13,13 +13,13 @@ function getById(i){return document.getElementById(i)}
let socket = new WebSocket(wss_URI); let socket = new WebSocket(wss_URI);
socket.addEventListener("message", async function (event) { socket.addEventListener("message", async function (event) {
console.log("new websocket message arrived"); console.log("new websocket message arrived");
if(wss_server == event.origin) { if(wss_server === event.origin) {
let data = event.data; let data = event.data;
let ds = JSON.parse(data) let ds = JSON.parse(data)
let message = ds.message let message = ds.message
let item = ds.data let item = ds.data
let username = decURIComp(item.post_user_name) let username = decURIComp(item.post_user_name)
if(message == "new_post" && decURIComp(item.post_receiver_name) == currentChannel) { if(message === "new_post" && decURIComp(item.post_receiver_name) === currentChannel) {
await createPost( await createPost(
username, username,
decURIComp(item.post_text), decURIComp(item.post_text),
@ -37,11 +37,11 @@ socket.addEventListener("message", async function (event) {
item.files[4] item.files[4]
) )
console.log("created new post"); console.log("created new post");
if(user["username"]!=username)mainNoti(username) if(user["username"] !== username)mainNoti(username)
let highest_known_posts = await (await fetch(`/api/getPostsLowerThan?id=${highest_id+28}&channel=${currentChannel}`)).json() let highest_known_posts = await (await fetch(`/api/getPostsLowerThan?id=${highest_id+28}&channel=${currentChannel}`)).json()
for (let i = 0; i < highest_known_posts.length; i++) { for (let i = 0; i < highest_known_posts.length; i++) {
if(getById(highest_known_posts[i].post_id) == undefined) { if(getById(highest_known_posts[i].post_id) === undefined) {
main() main()
return; return;
} }
@ -76,7 +76,7 @@ let last_called_postMsg = Date.now()
last_called_postMsg = Date.now() last_called_postMsg = Date.now()
let msg = getById("post-text").value let msg = getById("post-text").value
let len = msg.length let len = msg.length
if(len==0){ if(len===0){
alert("you have to enter a message!") alert("you have to enter a message!")
return; return;
}; };
@ -88,7 +88,7 @@ let last_called_postMsg = Date.now()
alert("Your message is too long! (Too many special characters)") alert("Your message is too long! (Too many special characters)")
return return
} }
if(cd && posting_id!=undefined) { if(cd && posting_id !== undefined) {
cd = false cd = false
setTimeout(function(){ setTimeout(function(){
cd = true cd = true
@ -122,7 +122,7 @@ async function update_pid() {
console.log("new pid info: ",r) console.log("new pid info: ",r)
if(r.error) { if(r.error) {
//an error occurred //an error occurred
if(r.error == "you cannot access the api without being logged in") { if(r.error === "you cannot access the api without being logged in") {
//account error, go to login page //account error, go to login page
location.replace("/") location.replace("/")
return return
@ -139,7 +139,7 @@ function spacerTextNode() {
async function reply_link_clicked(reply_channel,reply_id) { async function reply_link_clicked(reply_channel,reply_id) {
console.log("clicked link") console.log("clicked link")
if(reply_channel != currentChannel) { if(reply_channel !== currentChannel) {
console.log("reply is in another channel") console.log("reply is in another channel")
switchChannel(reply_channel) switchChannel(reply_channel)
console.log("switched channel") console.log("switched channel")
@ -229,9 +229,9 @@ async function createPost(username,text,time,specialtext,postid,isbot,reply_id,a
newP.appendChild(newA) newP.appendChild(newA)
newP.appendChild(spacerTextNode()) newP.appendChild(spacerTextNode())
newP.appendChild(newSpan2) newP.appendChild(newSpan2)
if(specialtext != "")newP.appendChild(spacerTextNode()) if(specialtext !== "")newP.appendChild(spacerTextNode())
newP.appendChild(newSpan3) newP.appendChild(newSpan3)
if(isbot==1){ if(isbot === 1){
newP.appendChild(spacerTextNode()) newP.appendChild(spacerTextNode())
newP.appendChild(boticon) newP.appendChild(boticon)
} }
@ -239,7 +239,7 @@ async function createPost(username,text,time,specialtext,postid,isbot,reply_id,a
// |\>.</| // |\>.</|
newP.innerHTML += `<button onclick="reply(${postid})">Reply to this Post</button>` newP.innerHTML += `<button onclick="reply(${postid})">Reply to this Post</button>`
if(reply_id != 0) { if(reply_id !== 0) {
try { try {
const reply_obj = await (await fetch(`/api/getPost?id=${reply_id}`)).json() const reply_obj = await (await fetch(`/api/getPost?id=${reply_id}`)).json()
const reply_username = decURIComp(reply_obj.post_user_name) const reply_username = decURIComp(reply_obj.post_user_name)
@ -417,7 +417,7 @@ async function main(){
let mentions = document.getElementsByClassName("mention") let mentions = document.getElementsByClassName("mention")
for (let i = 0; i < mentions.length; i++) { for (let i = 0; i < mentions.length; i++) {
if(mentions[i]!=undefined && mentions[i].innerText == "@"+username) { if(mentions[i] !== undefined && mentions[i].innerText === "@"+username) {
mentions[i].classList.add("user-mention"); mentions[i].classList.add("user-mention");
mentions[i].classList.remove("mention"); mentions[i].classList.remove("mention");
i--; i--;
@ -494,7 +494,7 @@ function switchChannel(channelname) {
tab.innerHTML = "" tab.innerHTML = ""
for (let i = 0; i < channels.length; i++) { for (let i = 0; i < channels.length; i++) {
let channelname = decURIComp(channels[i]) let channelname = decURIComp(channels[i])
if(channelname == "")continue; if(channelname === "")continue;
let channelp = createElement("p") let channelp = createElement("p")
channelp.classList.add("channel") channelp.classList.add("channel")
let textnode = document.createTextNode(channelname) let textnode = document.createTextNode(channelname)
@ -505,8 +505,8 @@ function switchChannel(channelname) {
let settings = await (await fetch("/api/settings")).json() // skipqc let settings = await (await fetch("/api/settings")).json() // skipqc
console.log(settings) // skipqc console.log(settings) // skipqc
if(settings != "null") { if(settings !== "null") {
if(settings.ACCR == false) { if(settings.ACCR === false) {
unreply() unreply()
} }
} }
@ -561,7 +561,7 @@ function dropHandler(ev) {
function init() { function init() {
setInterval(update_pid,30000) setInterval(update_pid,30000)
if(posting_id=="")update_pid() if(posting_id==="")update_pid()
main() main()
firstAsk() firstAsk()
loadChannels() loadChannels()

4
js/register.js
View File

@ -7,7 +7,7 @@ async function register() {
alert("Username is too long!") alert("Username is too long!")
return; return;
} }
if(document.getElementById("user").value.search("@") != -1) { if(document.getElementById("user").value.search("@") !== -1) {
alert("User cannot contain '@' character!") alert("User cannot contain '@' character!")
return; return;
} }
@ -31,7 +31,7 @@ async function register() {
} }
function passkeydown(e) { function passkeydown(e) {
if(e.code == "Enter") { if(e.code === "Enter") {
register() register()
} }
} }

8
js/search.js
View File

@ -20,7 +20,7 @@ async function submit() {
console.log(res); console.log(res);
for (let i = 0; i < res.length; i++) { for (let i = 0; i < res.length; i++) {
let obj = res[i] let obj = res[i]
if(type=="user") { if(type === "user") {
createPost(decodeURIComponent(obj.User_Name || ""),decodeURIComponent(obj.User_Bio || "wow such empty"),0) createPost(decodeURIComponent(obj.User_Name || ""),decodeURIComponent(obj.User_Bio || "wow such empty"),0)
} else { } else {
createPost(decodeURIComponent(obj.post_user_name),decodeURIComponent(obj.post_text),obj.post_time,obj.post_special_text,obj.post_id) createPost(decodeURIComponent(obj.post_user_name),decodeURIComponent(obj.post_text),obj.post_time,obj.post_special_text,obj.post_id)
@ -53,7 +53,7 @@ function createPost(username,text,time,specialtext,postid) {
time = time.toString() time = time.toString()
time = time.split(" ") time = time.split(" ")
time = time[0] + " " + time[1] + " " + time[2] + " " + time[3] + " " + time[4] time = time[0] + " " + time[1] + " " + time[2] + " " + time[3] + " " + time[4]
if(timedate=="Thu Jan 01 1970 01:00:00 GMT+0100 (Central European Standard Time)")time="" if(timedate==="Thu Jan 01 1970 01:00:00 GMT+0100 (Central European Standard Time)")time=""
const newTime = document.createTextNode(time) const newTime = document.createTextNode(time)
const newSpecialText = document.createTextNode(specialtext) const newSpecialText = document.createTextNode(specialtext)
@ -68,9 +68,9 @@ function createPost(username,text,time,specialtext,postid) {
newP.appendChild(newA) newP.appendChild(newA)
if(time != "")newP.appendChild(spacerTextNode()) if(time !== "")newP.appendChild(spacerTextNode())
newP.appendChild(newSpan2) newP.appendChild(newSpan2)
if(specialtext != "" && time != "")newP.appendChild(spacerTextNode()) if(specialtext !== "" && time !== "")newP.appendChild(spacerTextNode())
newP.appendChild(newSpan3) newP.appendChild(newSpan3)
newDiv.appendChild(newP) newDiv.appendChild(newP)

4
js/settings.js
View File

@ -129,10 +129,10 @@ async function setAllowCCR() {
let r = await(await post("/api/settings",{setting: settingname, value: ACCR})).json() // skipqc let r = await(await post("/api/settings",{setting: settingname, value: ACCR})).json() // skipqc
if(r.status == "error") { if(r.status === "error") {
alert("Couldn't change setting") alert("Couldn't change setting")
console.log(r.code) console.log(r.code)
} else if(r.status == "success") { } else if(r.status === "success") {
//changed setting //changed setting
} }
} }

6
js/user.js
View File

@ -4,10 +4,10 @@ function getCookie(cname) {
let ca = decodedCookie.split(';'); let ca = decodedCookie.split(';');
for(let i = 0; i <ca.length; i++) { for(let i = 0; i <ca.length; i++) {
let c = ca[i]; let c = ca[i];
while (c.charAt(0) == ' ') { while (c.charAt(0) ===' ') {
c = c.substring(1); c = c.substring(1);
} }
if (c.indexOf(name) == 0) { if (c.indexOf(name) === 0) {
return c.substring(name.length, c.length); return c.substring(name.length, c.length);
} }
} }
@ -28,7 +28,7 @@ function logout() {
} }
async function setuser() { async function setuser() {
if(getCookie("priv_key") != "") { if(getCookie("priv_key") !== "") {
localStorage.setItem("priv_key",getCookie("priv_key")) localStorage.setItem("priv_key",getCookie("priv_key"))
setCookie("priv_key","",0) setCookie("priv_key","",0)
} }

10
routes/api/all.js
View File

@ -10,7 +10,7 @@ export const setup = function (router, con, server) {
router.use("/*", (req, res, next) => { router.use("/*", (req, res, next) => {
res.set("Access-Control-Allow-Origin", "*"); //we'll allow it for now res.set("Access-Control-Allow-Origin", "*"); //we'll allow it for now
let unsigned; let unsigned;
if (req.body.user == undefined || req.body.pass == undefined) { if (req.body.user === undefined || req.body.pass === undefined) {
if(typeof req.get("ipost-auth-token") === "string") { if(typeof req.get("ipost-auth-token") === "string") {
try{ try{
req.body.auth = JSON.parse(req.get("ipost-auth-token")) req.body.auth = JSON.parse(req.get("ipost-auth-token"))
@ -45,7 +45,7 @@ export const setup = function (router, con, server) {
con.query(sql,[SHA256(req.body.auth.auth_token,req.body.auth.appid, HASHES_DB),SHA256(req.body.auth.secret,req.body.auth.appid, HASHES_DB),req.body.auth.appid],(err,result) => { con.query(sql,[SHA256(req.body.auth.auth_token,req.body.auth.appid, HASHES_DB),SHA256(req.body.auth.secret,req.body.auth.appid, HASHES_DB),req.body.auth.appid],(err,result) => {
if(err) throw err; if(err) throw err;
if(result.length != 1) { if(result.length !== 1) {
res.status(420).send("invalid authentication object (or server error?)") res.status(420).send("invalid authentication object (or server error?)")
return; return;
} }
@ -90,7 +90,7 @@ export const setup = function (router, con, server) {
con.query(sql, values, function (err, result) { con.query(sql, values, function (err, result) {
if (err) if (err)
throw err; throw err;
if (result[0] && result[0].User_Name && result[0].User_Name == values[0]) { if (result[0] && result[0].User_Name && result[0].User_Name === values[0]) {
res.locals.userid = result[0].User_ID; res.locals.userid = result[0].User_ID;
res.locals.username = result[0].User_Name; res.locals.username = result[0].User_Name;
@ -105,13 +105,13 @@ export const setup = function (router, con, server) {
router.use("/api/*", (req, res, next) => { router.use("/api/*", (req, res, next) => {
res.set("Access-Control-Allow-Origin", "*"); //we'll allow it for now res.set("Access-Control-Allow-Origin", "*"); //we'll allow it for now
if (config["allow_getotheruser_without_cookie"] && req.originalUrl.split("\?")[0] == "/api/getotheruser") { if (config["allow_getotheruser_without_cookie"] && req.originalUrl.split("\?")[0] === "/api/getotheruser") {
next(); next();
return; return;
} }
if (!server.increaseAPICall(req, res))return; if (!server.increaseAPICall(req, res))return;
if (res.locals.username != undefined) { if (res.locals.username !== undefined) {
next(); next();
} }
else { else {

7
routes/api/dms/PersonalMessages.js
View File

@ -4,7 +4,7 @@ export const setup = function (router, con, server) {
router.get("/api/getPersonalPosts", function (req, res) { router.get("/api/getPersonalPosts", function (req, res) {
res.set("Access-Control-Allow-Origin", ""); res.set("Access-Control-Allow-Origin", "");
let otherperson = encodeURIComponent(req.query.otherperson || ""); let otherperson = encodeURIComponent(req.query.otherperson || "");
if (typeof otherperson != "string" || otherperson.length > 100 || otherperson == "") { if (typeof otherperson !== "string" || otherperson.length > 100 || otherperson === "") {
res.status(410).json({ "error": "invalid otherperson given" }); res.status(410).json({ "error": "invalid otherperson given" });
return; return;
} }
@ -23,11 +23,8 @@ export const setup = function (router, con, server) {
}); });
router.get("/api/dms/conversations", function (req, res) { router.get("/api/dms/conversations", function (req, res) {
res.set("Access-Control-Allow-Origin", "*"); res.set("Access-Control-Allow-Origin", "*");
const columns = [
"dms_user_name", "dms_receiver"
];
let uriencusername = encodeURIComponent(res.locals.username); let uriencusername = encodeURIComponent(res.locals.username);
let sql = `select ${columns.join(",")} from ipost.dms where ((dms_receiver = ?) or (dms_user_name = ?)) group by dms_receiver,dms_user_name;`; let sql = `select dms_user_name, dms_receiver from ipost.dms where ((dms_receiver = ?) or (dms_user_name = ?)) group by dms_receiver,dms_user_name;`;
con.query(sql, [uriencusername, uriencusername], function (err, result) { con.query(sql, [uriencusername, uriencusername], function (err, result) {
if (err) if (err)
throw err; throw err;

32
routes/api/dms/post.js
View File

@ -4,7 +4,7 @@ export const setup = function (router, con, server) {
function createPID(){ function createPID(){
let pid = server.genstring(10); //collision chance is low enough, but we'll check anyways let pid = server.genstring(10); //collision chance is low enough, but we'll check anyways
while (PIDS[pid] != undefined) { while (PIDS[pid] !== undefined) {
pid = server.genstring(10); pid = server.genstring(10);
console.log(5, "pid collision"); console.log(5, "pid collision");
} }
@ -26,17 +26,17 @@ export const setup = function (router, con, server) {
res.json({ "error": "no message to post" }); res.json({ "error": "no message to post" });
return; return;
} }
if ((typeof req.body.message) != "string") { if ((typeof req.body.message) !== "string") {
res.status(411) res.status(411)
res.json({ "error": "no message to post" }); res.json({ "error": "no message to post" });
return; return;
} }
if ((typeof req.body.pid) != "string") { if ((typeof req.body.pid) !== "string") {
res.status(412) res.status(412)
res.json({ "error": "no pid given" }); res.json({ "error": "no pid given" });
return; return;
} }
if (req.body.pid.length != 10 || PIDS[req.body.pid] !== true) { if (req.body.pid.length !== 10 || PIDS[req.body.pid] !== true) {
res.status(413) res.status(413)
res.json({ "error": "invalid pid given" }); res.json({ "error": "invalid pid given" });
return; return;
@ -49,7 +49,7 @@ export const setup = function (router, con, server) {
else { else {
reply_id = req.body.reply_id; reply_id = req.body.reply_id;
} }
if ((typeof reply_id) != "number") { if ((typeof reply_id) !== "number") {
res.status(414) res.status(414)
res.json({ "error": "no valid reply id given" }); res.json({ "error": "no valid reply id given" });
return; return;
@ -66,7 +66,7 @@ export const setup = function (router, con, server) {
return; return;
} }
req.body.receiver = encodeURIComponent(req.body.receiver || ""); req.body.receiver = encodeURIComponent(req.body.receiver || "");
if (req.body.receiver == "" || req.body.receiver == encodeURIComponent(res.locals.username) || req.body.receiver.length > 100) { if (req.body.receiver === "" || req.body.receiver === encodeURIComponent(res.locals.username) || req.body.receiver.length > 100) {
res.status(417).json({ "error": "invalid receiver given" }); res.status(417).json({ "error": "invalid receiver given" });
return; return;
} }
@ -85,28 +85,10 @@ export const setup = function (router, con, server) {
console.error(err) console.error(err)
return; return;
} }
// let post_obj = {
// post_user_name: encodeURIComponent(res.locals.username),
// post_text: req.body.message,
// post_time: Date.now(),
// post_special_text: "",
// post_receiver_name: req.body.receiver,
// post_from_bot: res.locals.isbot,
// post_reply_id: reply_id
// }
// let message = {
// message: "new_post",
// data: post_obj
// }
// let messagestr = JSON.stringify(message)
// server.wss.clients.forEach(function(ws) {
// if(ws.channel == decodeURIComponent(req.body.receiver)) {
// ws.send(messagestr)
// }
// });
res.json({ "success": "successfully posted dm" }); res.json({ "success": "successfully posted dm" });
console.log(5, `posted new dm by ${res.locals.username} to ${otherperson} : ${xor(encodeURIComponent(res.locals.username), otherperson)}`); console.log(5, `posted new dm by ${res.locals.username} to ${otherperson} : ${xor(encodeURIComponent(res.locals.username), otherperson)}`);
}); });
//TODO: bring dms up-to-date with normal posts
}); });
return createPID return createPID
}; };

4
routes/api/getPosts.js
View File

@ -5,7 +5,7 @@ export const setup = function (router, con, server) {
}); });
router.get("/api/getPosts", function (req, res) { router.get("/api/getPosts", function (req, res) {
res.set("Access-Control-Allow-Origin", "*"); res.set("Access-Control-Allow-Origin", "*");
if (req.query.channel != undefined) { if (req.query.channel !== undefined) {
let sql = `select post_user_name,post_text,post_time,post_special_text,post_id,post_from_bot,post_reply_id,User_Avatar,file_0,file_1,file_2,file_3,file_4 from ipost.posts inner join ipost.users on (User_Name = post_user_name) where post_receiver_name = ? group by post_id order by post_id desc limit 30;`; let sql = `select post_user_name,post_text,post_time,post_special_text,post_id,post_from_bot,post_reply_id,User_Avatar,file_0,file_1,file_2,file_3,file_4 from ipost.posts inner join ipost.users on (User_Name = post_user_name) where post_receiver_name = ? group by post_id order by post_id desc limit 30;`;
con.query(sql, [encodeURIComponent(req.query.channel)], function (err, result) { con.query(sql, [encodeURIComponent(req.query.channel)], function (err, result) {
if (err) if (err)
@ -24,7 +24,7 @@ export const setup = function (router, con, server) {
}); });
router.get("/api/getPostsLowerThan", function (req, res) { router.get("/api/getPostsLowerThan", function (req, res) {
res.set("Access-Control-Allow-Origin", "*"); res.set("Access-Control-Allow-Origin", "*");
if (req.query.channel != undefined) { if (req.query.channel !== undefined) {
let sql = `select post_user_name,post_text,post_time,post_special_text,post_id,post_from_bot,post_reply_id,file_0,file_1,file_2,file_3,file_4 from ipost.posts where ((post_receiver_name = ?) and (post_id < ?)) group by post_id order by post_id desc limit 30;`; let sql = `select post_user_name,post_text,post_time,post_special_text,post_id,post_from_bot,post_reply_id,file_0,file_1,file_2,file_3,file_4 from ipost.posts where ((post_receiver_name = ?) and (post_id < ?)) group by post_id order by post_id desc limit 30;`;
con.query(sql, [encodeURIComponent(req.query.channel), req.query.id], function (err, result) { con.query(sql, [encodeURIComponent(req.query.channel), req.query.id], function (err, result) {
if (err) if (err)

4
routes/api/post.js
View File

@ -18,7 +18,7 @@ export const setup = function (router, con, server) {
function createPID(){ function createPID(){
let pid = server.genstring(10); //collision chance is low enough, but we'll check anyways let pid = server.genstring(10); //collision chance is low enough, but we'll check anyways
while (PIDS[pid] != undefined) { while (PIDS[pid] !== undefined) {
pid = server.genstring(10); pid = server.genstring(10);
console.log(5, "pid collision"); console.log(5, "pid collision");
} }
@ -110,7 +110,7 @@ export const setup = function (router, con, server) {
function validateReceiver(rec) { function validateReceiver(rec) {
let receiver = encodeURIComponent(rec || ""); let receiver = encodeURIComponent(rec || "");
if (receiver == "") if (receiver === "")
receiver = "everyone"; receiver = "everyone";
return receiver return receiver
} }

6
routes/api/search.js
View File

@ -3,12 +3,12 @@ export const setup = function (router, con, server) {
res.set("Access-Control-Allow-Origin", ""); res.set("Access-Control-Allow-Origin", "");
let type = req.query.type; let type = req.query.type;
let arg = encodeURIComponent(req.query.selector); let arg = encodeURIComponent(req.query.selector);
if (type == "user") { if (type === "user") {
let sql = `select User_Name,User_Bio,User_Avatar from ipost.users where User_Name like ? limit 10;`; let sql = `select User_Name,User_Bio,User_Avatar from ipost.users where User_Name like ? limit 10;`;
con.query(sql, [`%${arg}%`], function (err, result) { con.query(sql, [`%${arg}%`], function (err, result) {
if (err) if (err)
throw err; throw err;
if (result[0] && result[0].User_Name) { if (result[0]) {
result["message"] = "search has been deprecated as of 11/30/2022" result["message"] = "search has been deprecated as of 11/30/2022"
res.json(result); res.json(result);
} }
@ -17,7 +17,7 @@ export const setup = function (router, con, server) {
} }
}); });
} }
else if (type == "post") { else if (type === "post") {
let sql = `select post_user_name,post_text,post_time,post_special_text,post_id from ipost.posts where post_text like ? and (post_receiver_name is null or post_receiver_name = 'everyone') order by post_id desc limit 20;`; let sql = `select post_user_name,post_text,post_time,post_special_text,post_id from ipost.posts where post_text like ? and (post_receiver_name is null or post_receiver_name = 'everyone') order by post_id desc limit 20;`;
con.query(sql, [`%${arg}%`], function (err, result) { con.query(sql, [`%${arg}%`], function (err, result) {
if (err) if (err)

4
routes/api/settingshandler.js
View File

@ -11,7 +11,7 @@ export const setup = function (router, con, server) {
res.json({ "error": "no setting to change" }); res.json({ "error": "no setting to change" });
return; return;
} }
if ((typeof req.body.setting) != "string") { if ((typeof req.body.setting) !== "string") {
res.status(411) res.status(411)
res.json({ "error": "no setting to change" }); res.json({ "error": "no setting to change" });
return; return;
@ -20,7 +20,7 @@ export const setup = function (router, con, server) {
let allowed = false; let allowed = false;
let got = typeof req.body.value; let got = typeof req.body.value;
for (let index = 0; index < types.length; index++) { for (let index = 0; index < types.length; index++) {
if (types[index] == got) { if (types[index] === got) {
allowed = true; allowed = true;
break; break;
} }

26
routes/api/userRoutes.js
View File

@ -29,7 +29,7 @@ export const setup = function (router, con, server) {
} catch(ignored){} } catch(ignored){}
} }
let filename = genstring(95) + ".webp"; let filename = genstring(95) + ".webp";
while (existsSync(avatars + "/" + filename) || filename == ".webp") { //generate new filename until it's unique while (existsSync(avatars + "/" + filename) || filename === ".webp") { //generate new filename until it's unique
filename = genstring(95) + ".webp"; filename = genstring(95) + ".webp";
} }
sharp(avatar.data).resize({ //resize avatar to 100x100 and convert it to a webp, then store it sharp(avatar.data).resize({ //resize avatar to 100x100 and convert it to a webp, then store it
@ -54,7 +54,7 @@ export const setup = function (router, con, server) {
}); });
router.get("/api/getalluserinformation", function (req, res) { router.get("/api/getalluserinformation", function (req, res) {
res.set("Access-Control-Allow-Origin", ""); //we don't want that here res.set("Access-Control-Allow-Origin", ""); //we don't want that here
let unsigned = getunsigned(req, res); let unsigned = getunsigned(req, res); //has to be asking for it via the cookie
if (!unsigned) if (!unsigned)
return; return;
unsigned = decodeURIComponent(unsigned); unsigned = decodeURIComponent(unsigned);
@ -64,7 +64,7 @@ export const setup = function (router, con, server) {
con.query(sql, values, function (err, result) { con.query(sql, values, function (err, result) {
if (err) if (err)
throw err; throw err;
if (result[0] && result[0].User_Name && result[0].User_Name == values[0]) { if (result[0]) {
res.status(200); res.status(200);
res.json(result[0]); res.json(result[0]);
} }
@ -81,7 +81,7 @@ export const setup = function (router, con, server) {
con.query(sql, [username], function (err, result) { con.query(sql, [username], function (err, result) {
if (err) if (err)
throw err; throw err;
if (result[0] && result[0].User_Name && result[0].User_Name == username) { if (result[0]) {
res.json({ "username": username, "bio": result[0].User_Bio, "avatar": result[0].User_Avatar, "publicKey": result[0].User_PublicKey }); res.json({ "username": username, "bio": result[0].User_Bio, "avatar": result[0].User_Avatar, "publicKey": result[0].User_PublicKey });
} }
else { else {
@ -112,11 +112,11 @@ export const setup = function (router, con, server) {
}); });
router.post("/api/changePW", (req, res) => { router.post("/api/changePW", (req, res) => {
res.set("Access-Control-Allow-Origin", ""); res.set("Access-Control-Allow-Origin", "");
if ((typeof req.body.newPW) != "string") { if ((typeof req.body.newPW) !== "string") {
res.json({ "error": "incorrect password" }); res.json({ "error": "incorrect password" });
return; return;
} }
if ((typeof req.body.currentPW) != "string") { if ((typeof req.body.currentPW) !== "string") {
res.json({ "error": "incorrect password" }); res.json({ "error": "incorrect password" });
return; return;
} }
@ -132,7 +132,7 @@ export const setup = function (router, con, server) {
con.query(sql, values, function (err, result) { con.query(sql, values, function (err, result) {
if (err) if (err)
throw err; throw err;
if (result[0] && result[0].User_Name && result[0].User_Name == res.locals.username) { if (result[0]) {
let sql = `update ipost.users set User_PW=? where User_Name=? and User_PW=?;`; let sql = `update ipost.users set User_PW=? where User_Name=? and User_PW=?;`;
let values = [hashed_new_pw, res.locals.username, hashed_pw]; let values = [hashed_new_pw, res.locals.username, hashed_pw];
con.query(sql, values, (err2) => { con.query(sql, values, (err2) => {
@ -152,12 +152,12 @@ export const setup = function (router, con, server) {
}); });
router.post("/api/changeUsername", function (req, res) { router.post("/api/changeUsername", function (req, res) {
res.set("Access-Control-Allow-Origin", ""); res.set("Access-Control-Allow-Origin", "");
if ((typeof req.body.newUsername) != "string") { if ((typeof req.body.newUsername) !== "string") {
res.status(410); res.status(410);
res.json({ "error": "incorrect username" }); res.json({ "error": "incorrect username" });
return; return;
} }
if ((typeof req.body.currentPW) != "string") { if ((typeof req.body.currentPW) !== "string") {
res.status(411); res.status(411);
res.json({ "error": "incorrect password" }); res.json({ "error": "incorrect password" });
return; return;
@ -167,19 +167,19 @@ export const setup = function (router, con, server) {
res.json({ "error": "username is too long" }); res.json({ "error": "username is too long" });
return; return;
} }
if (req.body.newUsername == res.locals.username) { if (req.body.newUsername === res.locals.username) {
res.status(413); res.status(413);
res.json({ "error": "username can't be the current one" }); res.json({ "error": "username can't be the current one" });
return; return;
} }
let hashed_pw = SHA256(req.body.currentPW, res.locals.username, HASHES_DB); let hashed_pw = SHA256(req.body.currentPW, res.locals.username, HASHES_DB);
let hashed_new_pw = SHA256(req.body.currentPW, req.body.newUsername, HASHES_DB); let hashed_new_pw = SHA256(req.body.currentPW, req.body.newUsername, HASHES_DB);
let sql = `select * from ipost.users where User_Name=?;`; //check if pw is correct let sql = `select * from ipost.users where User_Name=? and User_PW=?;`; //check if pw is correct
let values = [res.locals.username]; let values = [res.locals.username,hashed_pw];
con.query(sql, values, function (err, result) { con.query(sql, values, function (err, result) {
if (err) if (err)
throw err; throw err;
if (result[0] && result[0].User_PW == hashed_pw) { if (result[0]) {
let sql = `select * from ipost.users where User_Name=?;`; //check if newUsername isn't already used let sql = `select * from ipost.users where User_Name=?;`; //check if newUsername isn't already used
let values = [req.body.newUsername]; let values = [req.body.newUsername];
con.query(sql, values, function (err, result) { con.query(sql, values, function (err, result) {

14
routes/user_auth.js
View File

@ -19,12 +19,12 @@ export const setup = function (router, con, server) {
return; return;
} }
res.status(200); res.status(200);
if ((typeof req.body.user) != "string") { if ((typeof req.body.user) !== "string") {
res.status(416); res.status(416);
res.json({ "error": "incorrect username" }); res.json({ "error": "incorrect username" });
return; return;
} }
if ((typeof req.body.pass) != "string") { if ((typeof req.body.pass) !== "string") {
res.status(417); res.status(417);
res.json({ "error": "incorrect password" }); res.json({ "error": "incorrect password" });
return; return;
@ -37,7 +37,7 @@ export const setup = function (router, con, server) {
res.redirect("/register?success=false&reason=username"); res.redirect("/register?success=false&reason=username");
return; return;
} }
if (username == "") { if (username === "") {
res.status(411); res.status(411);
res.redirect("/register?success=false&reason=username"); res.redirect("/register?success=false&reason=username");
return; return;
@ -52,7 +52,7 @@ export const setup = function (router, con, server) {
res.send("username is too long"); res.send("username is too long");
return; return;
} }
if (username.search("@") != -1) { if (username.search("@") !== -1) {
res.status(414); res.status(414);
res.send("username can't contain @-characters"); res.send("username can't contain @-characters");
return; return;
@ -93,12 +93,12 @@ export const setup = function (router, con, server) {
router.post("/login", function (req, res) { router.post("/login", function (req, res) {
if (!increaseAPICall(req, res)) if (!increaseAPICall(req, res))
return; return;
if ((typeof req.body.user) != "string") { if ((typeof req.body.user) !== "string") {
res.status(416); res.status(416);
res.json({ "error": "incorrect username" }); res.json({ "error": "incorrect username" });
return; return;
} }
if ((typeof req.body.pass) != "string") { if ((typeof req.body.pass) !== "string") {
res.status(417); res.status(417);
res.json({ "error": "incorrect password" }); res.json({ "error": "incorrect password" });
return; return;
@ -150,7 +150,7 @@ export const setup = function (router, con, server) {
let cookiesigned = signature.sign(setTo, cookiesecret + (!no_ip_lock ? ip : "")); let cookiesigned = signature.sign(setTo, cookiesecret + (!no_ip_lock ? ip : ""));
res.cookie('AUTH_COOKIE', cookiesigned, { maxAge: Math.pow(10, 10), httpOnly: true, secure: DID_I_FINALLY_ADD_HTTPS }); res.cookie('AUTH_COOKIE', cookiesigned, { maxAge: Math.pow(10, 10), httpOnly: true, secure: DID_I_FINALLY_ADD_HTTPS });
ip = SHA256(ip, setTo, HASHES_DB); ip = SHA256(ip, setTo, HASHES_DB);
if (result[0].User_LastIP != ip) { if (result[0].User_LastIP !== ip) {
let sql = `update ipost.users set User_LastIP = ? where User_Name = ?;`; let sql = `update ipost.users set User_LastIP = ? where User_Name = ?;`;
con.query(sql, [ip, encodeURIComponent(username)], function (error) { con.query(sql, [ip, encodeURIComponent(username)], function (error) {
if (error) if (error)

8
routes/userfiles.js
View File

@ -57,7 +57,7 @@ export const setup = function (router, con, server) {
let out = [] let out = []
for(let channel of result){ for(let channel of result){
if(channel.post_receiver_name == "")continue; if(channel.post_receiver_name === "")continue;
out[out.length] = channel.post_receiver_name out[out.length] = channel.post_receiver_name
} }
@ -109,7 +109,7 @@ export const setup = function (router, con, server) {
async function handleUserFiles(request, response, overrideurl) { async function handleUserFiles(request, response, overrideurl) {
if (!increaseUSERCall(request, response))return; if (!increaseUSERCall(request, response))return;
if(typeof overrideurl != "string")overrideurl = undefined; if(typeof overrideurl !== "string")overrideurl = undefined;
let originalUrl = overrideurl || request.originalUrl.split("?").shift(); let originalUrl = overrideurl || request.originalUrl.split("?").shift();
@ -177,13 +177,13 @@ export const setup = function (router, con, server) {
return; return;
} }
if(originalUrl == "/favicon.ico") { if(originalUrl === "/favicon.ico") {
response.set('Cache-Control', 'public, max-age=2592000'); response.set('Cache-Control', 'public, max-age=2592000');
response.sendFile(dir + "/views/favicon.ico") response.sendFile(dir + "/views/favicon.ico")
return return
} }
if(originalUrl == "/api/documentation/") { if(originalUrl === "/api/documentation/") {
readFile(path,function(_err,res){ readFile(path,function(_err,res){
response.send(res.toString()) response.send(res.toString())
}) })

22
server.js
View File

@ -36,7 +36,7 @@ const original_log = console.log;
*/ */
function log_info(level, ...info) { function log_info(level, ...info) {
let text = info; let text = info;
if (text == undefined || text.length == 0) { if (text === undefined || text.length === 0) {
text = level; text = level;
level = 5; level = 5;
} }
@ -162,11 +162,11 @@ function increaseIndividualCall(url, req) {
if (!conf["enabled"]) if (!conf["enabled"])
return true; return true;
let ip = getIP(req); let ip = getIP(req);
if (INDIVIDUAL_CALLS[ip] == undefined) if (INDIVIDUAL_CALLS[ip] === undefined)
INDIVIDUAL_CALLS[ip] = {}; INDIVIDUAL_CALLS[ip] = {};
if (INDIVIDUAL_CALLS[ip][url] == undefined) if (INDIVIDUAL_CALLS[ip][url] === undefined)
INDIVIDUAL_CALLS[ip][url] = 0; INDIVIDUAL_CALLS[ip][url] = 0;
if (INDIVIDUAL_CALLS[ip][url] == 0) { if (INDIVIDUAL_CALLS[ip][url] === 0) {
setTimeout(function () { setTimeout(function () {
INDIVIDUAL_CALLS[ip][url] = 0; INDIVIDUAL_CALLS[ip][url] = 0;
}, conf["reset_time"]); }, conf["reset_time"]);
@ -192,7 +192,7 @@ function increaseAccountAPICall(req, res) {
return false; return false;
let values = unsigned.split(" "); let values = unsigned.split(" ");
let username = values[0]; let username = values[0];
if (API_CALLS_ACCOUNT[username] == undefined) if (API_CALLS_ACCOUNT[username] === undefined)
API_CALLS_ACCOUNT[username] = 0; API_CALLS_ACCOUNT[username] = 0;
if (API_CALLS_ACCOUNT[username] >= config.rate_limits.api.max_per_account) { if (API_CALLS_ACCOUNT[username] >= config.rate_limits.api.max_per_account) {
res.status(429); res.status(429);
@ -203,7 +203,7 @@ function increaseAccountAPICall(req, res) {
} }
function increaseAPICall(req, res, next) { function increaseAPICall(req, res, next) {
let ip = getIP(req); let ip = getIP(req);
if (API_CALLS[ip] == undefined) if (API_CALLS[ip] === undefined)
API_CALLS[ip] = 0; API_CALLS[ip] = 0;
if (API_CALLS[ip] >= config.rate_limits.api.max_without_session) { if (API_CALLS[ip] >= config.rate_limits.api.max_without_session) {
if (REVERSE_SESSIONS[ip] && req.cookies.session !== REVERSE_SESSIONS[ip]) { //expected a session, but didn't get one if (REVERSE_SESSIONS[ip] && req.cookies.session !== REVERSE_SESSIONS[ip]) { //expected a session, but didn't get one
@ -215,7 +215,7 @@ function increaseAPICall(req, res, next) {
let session; let session;
do { do {
session = genstring(300); session = genstring(300);
} while (SESSIONS[session] != undefined); } while (SESSIONS[session] !== undefined);
SESSIONS[session] = ip; SESSIONS[session] = ip;
REVERSE_SESSIONS[ip] = session; REVERSE_SESSIONS[ip] = session;
setTimeout(function () { setTimeout(function () {
@ -241,7 +241,7 @@ function increaseAPICall(req, res, next) {
} }
function increaseUSERCall(req, res, next) { function increaseUSERCall(req, res, next) {
let ip = getIP(req); let ip = getIP(req);
if (USER_CALLS[ip] == undefined) if (USER_CALLS[ip] === undefined)
USER_CALLS[ip] = 0; USER_CALLS[ip] = 0;
if (USER_CALLS[ip] >= config.rate_limits.user.max) { if (USER_CALLS[ip] >= config.rate_limits.user.max) {
res.status(429); res.status(429);
@ -307,13 +307,13 @@ if (DID_I_FINALLY_ADD_HTTPS) {
app.use("/*", function (req, res, next) { app.use("/*", function (req, res, next) {
res.set("x-powered-by", "ipost"); res.set("x-powered-by", "ipost");
for (let i = 0; i < blocked_headers.length; i++) { for (let i = 0; i < blocked_headers.length; i++) {
if (req.header(blocked_headers[i]) != undefined) { if (req.header(blocked_headers[i]) !== undefined) {
res.json({ "error": "we don't allow proxies on our website." }); res.json({ "error": "we don't allow proxies on our website." });
return; return;
} }
} }
let fullurl = req.baseUrl + req.path; let fullurl = req.baseUrl + req.path;
if (fullurl != "/") { if (fullurl !== "/") {
fullurl = fullurl.substring(0, fullurl.length - 1); fullurl = fullurl.substring(0, fullurl.length - 1);
} }
if (!increaseIndividualCall(fullurl, req)) { if (!increaseIndividualCall(fullurl, req)) {
@ -418,7 +418,7 @@ wss.on("connection", function connection(ws) {
console.log(5,"new connection"); console.log(5,"new connection");
ws.on("message", function incoming(message) { ws.on("message", function incoming(message) {
message = JSON.parse(message); message = JSON.parse(message);
if (message.id == "switchChannel") { if (message.id === "switchChannel") {
ws.channel = decodeURIComponent(message.data); ws.channel = decodeURIComponent(message.data);
} }
}); });