code002lover/IPost
1
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

fix some anti pattern stuff

Browse Source
This commit is contained in:
Mystikfluu 2023-02-10 19:24:05 +01:00
parent 0a46eeee9f
commit 3254d01581
21 changed files with 130 additions and 151 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
extra_modules/ensureExists.js
View File

@ -8,13 +8,13 @@ import {mkdir} from "fs"
* @return {undefined} see: callback
*/
function ensureExists(path, mask, cb) {
if (typeof mask == 'function') { // Allow the `mask` parameter to be optional
if (typeof mask === 'function') { // Allow the `mask` parameter to be optional
cb = mask;
mask = 0o744;
}
mkdir(path, mask, function (err) {
if (err) {
if (err.code == 'EEXIST')
if (err.code === 'EEXIST')
cb(null); // Ignore the error if the folder already exists
else
cb(err); // Something else went wrong

2
extra_modules/getip.js
View File

@ -7,7 +7,7 @@ const config = JSON.parse(fs.readFileSync("server_config.json"));
*/
function getIP(req) {
let ip = req.socket.remoteAddress;
if (req.headers[config.preferred_ip_header] != undefined && ip == config.only_prefer_when_ip)
if (req.headers[config.preferred_ip_header] !== undefined && ip === config.only_prefer_when_ip)
ip = req.headers[config.preferred_ip_header];
return ip;
}

78
js/dms.js
View File

@ -11,29 +11,29 @@ var highest_id
var currentChannel
let socket = new WebSocket(wss_URI);
socket.addEventListener("message", async function (event) {
socket.addEventListener("message", async function (_event) {
console.info("TODO: add websocket support to dms")
return
if(wss_server == event.origin) {
let data = event.data;
let ds = JSON.parse(data)
let message = ds.message
let item = ds.data
let username = decodeURIComponent(item.post_user_name)
if(message == "new_post") {
await createPost(decodeURIComponent(item.post_user_name),decodeURIComponent(item.post_text),item.post_time,item.post_special_text,highest_id+1,item.post_from_bot,item.post_reply_id,true)
if(user["username"]!=username)mainNoti(username)
// return
// if(wss_server === event.origin) {
// let data = event.data;
// let ds = JSON.parse(data)
// let message = ds.message
// let item = ds.data
// let username = decodeURIComponent(item.post_user_name)
// if(message === "new_post") {
// await createPost(decodeURIComponent(item.post_user_name),decodeURIComponent(item.post_text),item.post_time,item.post_special_text,highest_id+1,item.post_from_bot,item.post_reply_id,true)
// if(user["username"]!==username)mainNoti(username)
let highest_known_posts = await (await fetch(`/api/getPostsLowerThan?id=${highest_id+28}&channel=${currentChannel}`)).json()
for (let i = 0; i < highest_known_posts.length; i++) {
if(document.getElementById(highest_known_posts[i].post_id) == undefined) {
main()
return;
}
}
highest_id++;
}
}
// let highest_known_posts = await (await fetch(`/api/getPostsLowerThan?id=${highest_id+28}&channel=${currentChannel}`)).json()
// for (let i = 0; i < highest_known_posts.length; i++) {
// if(document.getElementById(highest_known_posts[i].post_id) === undefined) {
// main()
// return;
// }
// }
// highest_id++;
// }
// }
})
var cd = true //inversed "cooldown"
@ -74,12 +74,12 @@ async function postMsg() {
alert(`Your message cant contain more than 1000 characters! (${len})`)
return
}
if(cd && posting_id!=undefined) {
if(cd && posting_id!==undefined) {
cd = false
let text = document.getElementById("post-text").value
if(typeof encrypt == "function" && encryption_keys != "") {
if(typeof encrypt === "function" && encryption_keys !== "") {
text = encrypt(text,{
packed: encryption_keys
})
@ -103,7 +103,7 @@ async function update_pid() {
console.log("new pid info: ",r)
if(r.error) {
//an error occurred
if(r.error == "you cannot access the api without being logged in") {
if(r.error === "you cannot access the api without being logged in") {
//account error, go to login page
location.replace("/")
return
@ -125,7 +125,7 @@ function spacerTextNode() {
const user_cache = {}
async function getavatar(username) {
let user = user_cache[username]
if(user == undefined) {
if(user === undefined) {
user = (await (await fetch("/api/getotheruser?user="+encodeURIComponent(username))).json())["avatar"]
if(user) {
user = "/avatars/"+user
@ -139,7 +139,7 @@ async function getavatar(username) {
async function reply_link_clicked(reply_channel,reply_id) {
console.log("clicked link")
if(reply_channel != currentChannel) {
if(reply_channel !== currentChannel) {
console.log("reply is in another channel")
switchChannel(reply_channel)
console.log("switched channel")
@ -186,7 +186,7 @@ async function createPost(username,text,time,specialtext,postid,isbot,reply_id,a
time = time.toString()
time = time.split(" ")
time = time[0] + " " + time[1] + " " + time[2] + " " + time[3] + " " + time[4]
if(timedate=="Thu Jan 01 1970 01:00:00 GMT+0100 (Central European Standard Time)")time="unknown time"
if(timedate==="Thu Jan 01 1970 01:00:00 GMT+0100 (Central European Standard Time)")time="unknown time"
const newTime = document.createTextNode(time)
const newSpecialText = document.createTextNode(specialtext)
newDiv.classList.add("post");
@ -210,9 +210,9 @@ async function createPost(username,text,time,specialtext,postid,isbot,reply_id,a
newP.appendChild(newA)
newP.appendChild(spacerTextNode())
newP.appendChild(newSpan2)
if(specialtext != "")newP.appendChild(spacerTextNode())
if(specialtext !== "")newP.appendChild(spacerTextNode())
newP.appendChild(newSpan3)
if(isbot==1){
if(isbot===1){
newP.appendChild(spacerTextNode())
newP.appendChild(boticon)
}
@ -220,7 +220,7 @@ async function createPost(username,text,time,specialtext,postid,isbot,reply_id,a
// |\>.</|
newP.innerHTML += `<button onclick="reply(${postid})">Reply to this Post</button>`
if(reply_id != 0) {
if(reply_id !== 0) {
try {
const reply_obj = await (await fetch(`/api/dms/getDM?id=${reply_id}`)).json()
const reply_username = decodeURIComponent(reply_obj.dms_user_name)
@ -236,7 +236,7 @@ async function createPost(username,text,time,specialtext,postid,isbot,reply_id,a
replyA.appendChild(reply_username_text)
replyA.appendChild(spacerTextNode())
if(typeof decrypt == "function" && encryption_keys != "") {
if(typeof decrypt === "function" && encryption_keys !== "") {
reply_text = decrypt(reply_text,{packed:encryption_keys}).msg
}
@ -262,7 +262,7 @@ async function createPost(username,text,time,specialtext,postid,isbot,reply_id,a
}
}
if(typeof decrypt == "function" && encryption_keys != "") {
if(typeof decrypt === "function" && encryption_keys !== "") {
text = decrypt(text,{packed:encryption_keys}).msg
}
newDiv.appendChild(newP)
@ -316,7 +316,7 @@ async function main(){
let mentions = document.getElementsByClassName("mention")
for (let i = 0; i < mentions.length; i++) {
if(mentions[i]!=undefined && mentions[i].innerText == "@"+username) {
if(mentions[i]!==undefined && mentions[i].innerText === "@"+username) {
mentions[i].classList.add("user-mention");
mentions[i].classList.remove("mention");
i--;
@ -336,7 +336,7 @@ async function reply(postid) {
posttext = decodeURIComponent(posttext)
if(typeof decrypt == "function" && encryption_keys != "") {
if(typeof decrypt === "function" && encryption_keys !== "") {
posttext = decrypt(posttext,{packed:encryption_keys}).msg
}
@ -438,7 +438,7 @@ async function loadChannels() {
let channels = []
for(let dm of dms) {
if(dm.dms_user_name == username) {
if(dm.dms_user_name === username) {
channels[channels.length] = dm.dms_receiver
} else {
channels[channels.length] = dm.dms_user_name
@ -450,7 +450,7 @@ async function loadChannels() {
let tab = document.getElementById("channelTab")
tab.innerHTML = ""
for (let i = 0; i < channels.length; i++) {
if(channels[i]=="")continue;
if(channels[i]==="")continue;
createChannel(channels[i],tab)
}
}
@ -467,13 +467,13 @@ function init() {
}
async function clickPress(event) {
if (event.key == "Enter") {
if (event.key === "Enter") {
user = (await (await fetch("/api/getotheruser?user="+encodeURIComponent(document.getElementById("Username_input").value))).json())
if(user.username == undefined) {
if(user.username === undefined) {
alert("invalid username entered")
return
} else {
if(document.getElementById(user.username) == undefined) {
if(document.getElementById(user.username) === undefined) {
let tab = document.getElementById("channelTab")
createChannel(encodeURIComponent(user.username),tab)
}

2
js/index.js
View File

@ -1,6 +1,6 @@
window.addEventListener("load",async function(){
let data = await(await fetch("/api/getuser")).json()
if(data["username"] != undefined) {
if(data["username"] !== undefined) {
document.getElementById("HasAccount").style=""
} else {
document.getElementById("NoAccount").style=""

2
js/login.js
View File

@ -15,7 +15,7 @@ async function login() {
let passfield = document.getElementById("pass")
function passkeydown(e) {
if(e.code == "Enter") {
if(e.code === "Enter") {
login()
}
}

32
js/posts.js
View File

@ -13,13 +13,13 @@ function getById(i){return document.getElementById(i)}
let socket = new WebSocket(wss_URI);
socket.addEventListener("message", async function (event) {
console.log("new websocket message arrived");
if(wss_server == event.origin) {
if(wss_server === event.origin) {
let data = event.data;
let ds = JSON.parse(data)
let message = ds.message
let item = ds.data
let username = decURIComp(item.post_user_name)
if(message == "new_post" && decURIComp(item.post_receiver_name) == currentChannel) {
if(message === "new_post" && decURIComp(item.post_receiver_name) === currentChannel) {
await createPost(
username,
decURIComp(item.post_text),
@ -37,11 +37,11 @@ socket.addEventListener("message", async function (event) {
item.files[4]
)
console.log("created new post");
if(user["username"]!=username)mainNoti(username)
if(user["username"] !== username)mainNoti(username)
let highest_known_posts = await (await fetch(`/api/getPostsLowerThan?id=${highest_id+28}&channel=${currentChannel}`)).json()
for (let i = 0; i < highest_known_posts.length; i++) {
if(getById(highest_known_posts[i].post_id) == undefined) {
if(getById(highest_known_posts[i].post_id) === undefined) {
main()
return;
}
@ -76,7 +76,7 @@ let last_called_postMsg = Date.now()
last_called_postMsg = Date.now()
let msg = getById("post-text").value
let len = msg.length
if(len==0){
if(len===0){
alert("you have to enter a message!")
return;
};
@ -88,7 +88,7 @@ let last_called_postMsg = Date.now()
alert("Your message is too long! (Too many special characters)")
return
}
if(cd && posting_id!=undefined) {
if(cd && posting_id !== undefined) {
cd = false
setTimeout(function(){
cd = true
@ -122,7 +122,7 @@ async function update_pid() {
console.log("new pid info: ",r)
if(r.error) {
//an error occurred
if(r.error == "you cannot access the api without being logged in") {
if(r.error === "you cannot access the api without being logged in") {
//account error, go to login page
location.replace("/")
return
@ -139,7 +139,7 @@ function spacerTextNode() {
async function reply_link_clicked(reply_channel,reply_id) {
console.log("clicked link")
if(reply_channel != currentChannel) {
if(reply_channel !== currentChannel) {
console.log("reply is in another channel")
switchChannel(reply_channel)
console.log("switched channel")
@ -229,9 +229,9 @@ async function createPost(username,text,time,specialtext,postid,isbot,reply_id,a
newP.appendChild(newA)
newP.appendChild(spacerTextNode())
newP.appendChild(newSpan2)
if(specialtext != "")newP.appendChild(spacerTextNode())
if(specialtext !== "")newP.appendChild(spacerTextNode())
newP.appendChild(newSpan3)
if(isbot==1){
if(isbot === 1){
newP.appendChild(spacerTextNode())
newP.appendChild(boticon)
}
@ -239,7 +239,7 @@ async function createPost(username,text,time,specialtext,postid,isbot,reply_id,a
// |\>.</|
newP.innerHTML += `<button onclick="reply(${postid})">Reply to this Post</button>`
if(reply_id != 0) {
if(reply_id !== 0) {
try {
const reply_obj = await (await fetch(`/api/getPost?id=${reply_id}`)).json()
const reply_username = decURIComp(reply_obj.post_user_name)
@ -417,7 +417,7 @@ async function main(){
let mentions = document.getElementsByClassName("mention")
for (let i = 0; i < mentions.length; i++) {
if(mentions[i]!=undefined && mentions[i].innerText == "@"+username) {
if(mentions[i] !== undefined && mentions[i].innerText === "@"+username) {
mentions[i].classList.add("user-mention");
mentions[i].classList.remove("mention");
i--;
@ -494,7 +494,7 @@ function switchChannel(channelname) {
tab.innerHTML = ""
for (let i = 0; i < channels.length; i++) {
let channelname = decURIComp(channels[i])
if(channelname == "")continue;
if(channelname === "")continue;
let channelp = createElement("p")
channelp.classList.add("channel")
let textnode = document.createTextNode(channelname)
@ -505,8 +505,8 @@ function switchChannel(channelname) {
let settings = await (await fetch("/api/settings")).json() // skipqc
console.log(settings) // skipqc
if(settings != "null") {
if(settings.ACCR == false) {
if(settings !== "null") {
if(settings.ACCR === false) {
unreply()
}
}
@ -561,7 +561,7 @@ function dropHandler(ev) {
function init() {
setInterval(update_pid,30000)
if(posting_id=="")update_pid()
if(posting_id==="")update_pid()
main()
firstAsk()
loadChannels()

4
js/register.js
View File

@ -7,7 +7,7 @@ async function register() {
alert("Username is too long!")
return;
}
if(document.getElementById("user").value.search("@") != -1) {
if(document.getElementById("user").value.search("@") !== -1) {
alert("User cannot contain '@' character!")
return;
}
@ -31,7 +31,7 @@ async function register() {
}
function passkeydown(e) {
if(e.code == "Enter") {
if(e.code === "Enter") {
register()
}
}

8
js/search.js
View File

@ -20,7 +20,7 @@ async function submit() {
console.log(res);
for (let i = 0; i < res.length; i++) {
let obj = res[i]
if(type=="user") {
if(type === "user") {
createPost(decodeURIComponent(obj.User_Name || ""),decodeURIComponent(obj.User_Bio || "wow such empty"),0)
} else {
createPost(decodeURIComponent(obj.post_user_name),decodeURIComponent(obj.post_text),obj.post_time,obj.post_special_text,obj.post_id)
@ -53,7 +53,7 @@ function createPost(username,text,time,specialtext,postid) {
time = time.toString()
time = time.split(" ")
time = time[0] + " " + time[1] + " " + time[2] + " " + time[3] + " " + time[4]
if(timedate=="Thu Jan 01 1970 01:00:00 GMT+0100 (Central European Standard Time)")time=""
if(timedate==="Thu Jan 01 1970 01:00:00 GMT+0100 (Central European Standard Time)")time=""
const newTime = document.createTextNode(time)
const newSpecialText = document.createTextNode(specialtext)
@ -68,9 +68,9 @@ function createPost(username,text,time,specialtext,postid) {
newP.appendChild(newA)
if(time != "")newP.appendChild(spacerTextNode())
if(time !== "")newP.appendChild(spacerTextNode())
newP.appendChild(newSpan2)
if(specialtext != "" && time != "")newP.appendChild(spacerTextNode())
if(specialtext !== "" && time !== "")newP.appendChild(spacerTextNode())
newP.appendChild(newSpan3)
newDiv.appendChild(newP)

4
js/settings.js
View File

@ -129,10 +129,10 @@ async function setAllowCCR() {
let r = await(await post("/api/settings",{setting: settingname, value: ACCR})).json() // skipqc
if(r.status == "error") {
if(r.status === "error") {
alert("Couldn't change setting")
console.log(r.code)
} else if(r.status == "success") {
} else if(r.status === "success") {
//changed setting
}
}

6
js/user.js
View File

@ -4,10 +4,10 @@ function getCookie(cname) {
let ca = decodedCookie.split(';');
for(let i = 0; i <ca.length; i++) {
let c = ca[i];
while (c.charAt(0) == ' ') {
while (c.charAt(0) ===' ') {
c = c.substring(1);
}
if (c.indexOf(name) == 0) {
if (c.indexOf(name) === 0) {
return c.substring(name.length, c.length);
}
}
@ -28,7 +28,7 @@ function logout() {
}
async function setuser() {
if(getCookie("priv_key") != "") {
if(getCookie("priv_key") !== "") {
localStorage.setItem("priv_key",getCookie("priv_key"))
setCookie("priv_key","",0)
}

12
routes/api/all.js
View File

@ -10,7 +10,7 @@ export const setup = function (router, con, server) {
router.use("/*", (req, res, next) => {
res.set("Access-Control-Allow-Origin", "*"); //we'll allow it for now
let unsigned;
if (req.body.user == undefined || req.body.pass == undefined) {
if (req.body.user === undefined || req.body.pass === undefined) {
if(typeof req.get("ipost-auth-token") === "string") {
try{
req.body.auth = JSON.parse(req.get("ipost-auth-token"))
@ -18,7 +18,7 @@ export const setup = function (router, con, server) {
console.log("error parsing header",err)
}
}
if(req.body.auth !== undefined && req.originalUrl!=="/redeemauthcode") {
if(req.body.auth !== undefined && req.originalUrl !== "/redeemauthcode") {
if(typeof req.body.auth === "string") {
try{
req.body.auth = JSON.parse(req.body.auth)
@ -45,7 +45,7 @@ export const setup = function (router, con, server) {
con.query(sql,[SHA256(req.body.auth.auth_token,req.body.auth.appid, HASHES_DB),SHA256(req.body.auth.secret,req.body.auth.appid, HASHES_DB),req.body.auth.appid],(err,result) => {
if(err) throw err;
if(result.length != 1) {
if(result.length !== 1) {
res.status(420).send("invalid authentication object (or server error?)")
return;
}
@ -90,7 +90,7 @@ export const setup = function (router, con, server) {
con.query(sql, values, function (err, result) {
if (err)
throw err;
if (result[0] && result[0].User_Name && result[0].User_Name == values[0]) {
if (result[0] && result[0].User_Name && result[0].User_Name === values[0]) {
res.locals.userid = result[0].User_ID;
res.locals.username = result[0].User_Name;
@ -105,13 +105,13 @@ export const setup = function (router, con, server) {
router.use("/api/*", (req, res, next) => {
res.set("Access-Control-Allow-Origin", "*"); //we'll allow it for now
if (config["allow_getotheruser_without_cookie"] && req.originalUrl.split("\?")[0] == "/api/getotheruser") {
if (config["allow_getotheruser_without_cookie"] && req.originalUrl.split("\?")[0] === "/api/getotheruser") {
next();
return;
}
if (!server.increaseAPICall(req, res))return;
if (res.locals.username != undefined) {
if (res.locals.username !== undefined) {
next();
}
else {

7
routes/api/dms/PersonalMessages.js
View File

@ -4,7 +4,7 @@ export const setup = function (router, con, server) {
router.get("/api/getPersonalPosts", function (req, res) {
res.set("Access-Control-Allow-Origin", "");
let otherperson = encodeURIComponent(req.query.otherperson || "");
if (typeof otherperson != "string" || otherperson.length > 100 || otherperson == "") {
if (typeof otherperson !== "string" || otherperson.length > 100 || otherperson === "") {
res.status(410).json({ "error": "invalid otherperson given" });
return;
}
@ -23,11 +23,8 @@ export const setup = function (router, con, server) {
});
router.get("/api/dms/conversations", function (req, res) {
res.set("Access-Control-Allow-Origin", "*");
const columns = [
"dms_user_name", "dms_receiver"
];
let uriencusername = encodeURIComponent(res.locals.username);
let sql = `select ${columns.join(",")} from ipost.dms where ((dms_receiver = ?) or (dms_user_name = ?)) group by dms_receiver,dms_user_name;`;
let sql = `select dms_user_name, dms_receiver from ipost.dms where ((dms_receiver = ?) or (dms_user_name = ?)) group by dms_receiver,dms_user_name;`;
con.query(sql, [uriencusername, uriencusername], function (err, result) {
if (err)
throw err;

32
routes/api/dms/post.js
View File

@ -4,7 +4,7 @@ export const setup = function (router, con, server) {
function createPID(){
let pid = server.genstring(10); //collision chance is low enough, but we'll check anyways
while (PIDS[pid] != undefined) {
while (PIDS[pid] !== undefined) {
pid = server.genstring(10);
console.log(5, "pid collision");
}
@ -26,17 +26,17 @@ export const setup = function (router, con, server) {
res.json({ "error": "no message to post" });
return;
}
if ((typeof req.body.message) != "string") {
if ((typeof req.body.message) !== "string") {
res.status(411)
res.json({ "error": "no message to post" });
return;
}
if ((typeof req.body.pid) != "string") {
if ((typeof req.body.pid) !== "string") {
res.status(412)
res.json({ "error": "no pid given" });
return;
}
if (req.body.pid.length != 10 || PIDS[req.body.pid] !== true) {
if (req.body.pid.length !== 10 || PIDS[req.body.pid] !== true) {
res.status(413)
res.json({ "error": "invalid pid given" });
return;
@ -49,7 +49,7 @@ export const setup = function (router, con, server) {
else {
reply_id = req.body.reply_id;
}
if ((typeof reply_id) != "number") {
if ((typeof reply_id) !== "number") {
res.status(414)
res.json({ "error": "no valid reply id given" });
return;
@ -66,7 +66,7 @@ export const setup = function (router, con, server) {
return;
}
req.body.receiver = encodeURIComponent(req.body.receiver || "");
if (req.body.receiver == "" || req.body.receiver == encodeURIComponent(res.locals.username) || req.body.receiver.length > 100) {
if (req.body.receiver === "" || req.body.receiver === encodeURIComponent(res.locals.username) || req.body.receiver.length > 100) {
res.status(417).json({ "error": "invalid receiver given" });
return;
}
@ -85,28 +85,10 @@ export const setup = function (router, con, server) {
console.error(err)
return;
}
// let post_obj = {
// post_user_name: encodeURIComponent(res.locals.username),
// post_text: req.body.message,
// post_time: Date.now(),
// post_special_text: "",
// post_receiver_name: req.body.receiver,
// post_from_bot: res.locals.isbot,
// post_reply_id: reply_id
// }
// let message = {
// message: "new_post",
// data: post_obj
// }
// let messagestr = JSON.stringify(message)
// server.wss.clients.forEach(function(ws) {
// if(ws.channel == decodeURIComponent(req.body.receiver)) {
// ws.send(messagestr)
// }
// });
res.json({ "success": "successfully posted dm" });
console.log(5, `posted new dm by ${res.locals.username} to ${otherperson} : ${xor(encodeURIComponent(res.locals.username), otherperson)}`);
});
//TODO: bring dms up-to-date with normal posts
});
return createPID
};

4
routes/api/getPosts.js
View File

@ -5,7 +5,7 @@ export const setup = function (router, con, server) {
});
router.get("/api/getPosts", function (req, res) {
res.set("Access-Control-Allow-Origin", "*");
if (req.query.channel != undefined) {
if (req.query.channel !== undefined) {
let sql = `select post_user_name,post_text,post_time,post_special_text,post_id,post_from_bot,post_reply_id,User_Avatar,file_0,file_1,file_2,file_3,file_4 from ipost.posts inner join ipost.users on (User_Name = post_user_name) where post_receiver_name = ? group by post_id order by post_id desc limit 30;`;
con.query(sql, [encodeURIComponent(req.query.channel)], function (err, result) {
if (err)
@ -24,7 +24,7 @@ export const setup = function (router, con, server) {
});
router.get("/api/getPostsLowerThan", function (req, res) {
res.set("Access-Control-Allow-Origin", "*");
if (req.query.channel != undefined) {
if (req.query.channel !== undefined) {
let sql = `select post_user_name,post_text,post_time,post_special_text,post_id,post_from_bot,post_reply_id,file_0,file_1,file_2,file_3,file_4 from ipost.posts where ((post_receiver_name = ?) and (post_id < ?)) group by post_id order by post_id desc limit 30;`;
con.query(sql, [encodeURIComponent(req.query.channel), req.query.id], function (err, result) {
if (err)

4
routes/api/post.js
View File

@ -18,7 +18,7 @@ export const setup = function (router, con, server) {
function createPID(){
let pid = server.genstring(10); //collision chance is low enough, but we'll check anyways
while (PIDS[pid] != undefined) {
while (PIDS[pid] !== undefined) {
pid = server.genstring(10);
console.log(5, "pid collision");
}
@ -110,7 +110,7 @@ export const setup = function (router, con, server) {
function validateReceiver(rec) {
let receiver = encodeURIComponent(rec || "");
if (receiver == "")
if (receiver === "")
receiver = "everyone";
return receiver
}

6
routes/api/search.js
View File

@ -3,12 +3,12 @@ export const setup = function (router, con, server) {
res.set("Access-Control-Allow-Origin", "");
let type = req.query.type;
let arg = encodeURIComponent(req.query.selector);
if (type == "user") {
if (type === "user") {
let sql = `select User_Name,User_Bio,User_Avatar from ipost.users where User_Name like ? limit 10;`;
con.query(sql, [`%${arg}%`], function (err, result) {
if (err)
throw err;
if (result[0] && result[0].User_Name) {
if (result[0]) {
result["message"] = "search has been deprecated as of 11/30/2022"
res.json(result);
}
@ -17,7 +17,7 @@ export const setup = function (router, con, server) {
}
});
}
else if (type == "post") {
else if (type === "post") {
let sql = `select post_user_name,post_text,post_time,post_special_text,post_id from ipost.posts where post_text like ? and (post_receiver_name is null or post_receiver_name = 'everyone') order by post_id desc limit 20;`;
con.query(sql, [`%${arg}%`], function (err, result) {
if (err)

4
routes/api/settingshandler.js
View File

@ -11,7 +11,7 @@ export const setup = function (router, con, server) {
res.json({ "error": "no setting to change" });
return;
}
if ((typeof req.body.setting) != "string") {
if ((typeof req.body.setting) !== "string") {
res.status(411)
res.json({ "error": "no setting to change" });
return;
@ -20,7 +20,7 @@ export const setup = function (router, con, server) {
let allowed = false;
let got = typeof req.body.value;
for (let index = 0; index < types.length; index++) {
if (types[index] == got) {
if (types[index] === got) {
allowed = true;
break;
}

26
routes/api/userRoutes.js
View File

@ -29,7 +29,7 @@ export const setup = function (router, con, server) {
} catch(ignored){}
}
let filename = genstring(95) + ".webp";
while (existsSync(avatars + "/" + filename) || filename == ".webp") { //generate new filename until it's unique
while (existsSync(avatars + "/" + filename) || filename === ".webp") { //generate new filename until it's unique
filename = genstring(95) + ".webp";
}
sharp(avatar.data).resize({ //resize avatar to 100x100 and convert it to a webp, then store it
@ -54,7 +54,7 @@ export const setup = function (router, con, server) {
});
router.get("/api/getalluserinformation", function (req, res) {
res.set("Access-Control-Allow-Origin", ""); //we don't want that here
let unsigned = getunsigned(req, res);
let unsigned = getunsigned(req, res); //has to be asking for it via the cookie
if (!unsigned)
return;
unsigned = decodeURIComponent(unsigned);
@ -64,7 +64,7 @@ export const setup = function (router, con, server) {
con.query(sql, values, function (err, result) {
if (err)
throw err;
if (result[0] && result[0].User_Name && result[0].User_Name == values[0]) {
if (result[0]) {
res.status(200);
res.json(result[0]);
}
@ -81,7 +81,7 @@ export const setup = function (router, con, server) {
con.query(sql, [username], function (err, result) {
if (err)
throw err;
if (result[0] && result[0].User_Name && result[0].User_Name == username) {
if (result[0]) {
res.json({ "username": username, "bio": result[0].User_Bio, "avatar": result[0].User_Avatar, "publicKey": result[0].User_PublicKey });
}
else {
@ -112,11 +112,11 @@ export const setup = function (router, con, server) {
});
router.post("/api/changePW", (req, res) => {
res.set("Access-Control-Allow-Origin", "");
if ((typeof req.body.newPW) != "string") {
if ((typeof req.body.newPW) !== "string") {
res.json({ "error": "incorrect password" });
return;
}
if ((typeof req.body.currentPW) != "string") {
if ((typeof req.body.currentPW) !== "string") {
res.json({ "error": "incorrect password" });
return;
}
@ -132,7 +132,7 @@ export const setup = function (router, con, server) {
con.query(sql, values, function (err, result) {
if (err)
throw err;
if (result[0] && result[0].User_Name && result[0].User_Name == res.locals.username) {
if (result[0]) {
let sql = `update ipost.users set User_PW=? where User_Name=? and User_PW=?;`;
let values = [hashed_new_pw, res.locals.username, hashed_pw];
con.query(sql, values, (err2) => {
@ -152,12 +152,12 @@ export const setup = function (router, con, server) {
});
router.post("/api/changeUsername", function (req, res) {
res.set("Access-Control-Allow-Origin", "");
if ((typeof req.body.newUsername) != "string") {
if ((typeof req.body.newUsername) !== "string") {
res.status(410);
res.json({ "error": "incorrect username" });
return;
}
if ((typeof req.body.currentPW) != "string") {
if ((typeof req.body.currentPW) !== "string") {
res.status(411);
res.json({ "error": "incorrect password" });
return;
@ -167,19 +167,19 @@ export const setup = function (router, con, server) {
res.json({ "error": "username is too long" });
return;
}
if (req.body.newUsername == res.locals.username) {
if (req.body.newUsername === res.locals.username) {
res.status(413);
res.json({ "error": "username can't be the current one" });
return;
}
let hashed_pw = SHA256(req.body.currentPW, res.locals.username, HASHES_DB);
let hashed_new_pw = SHA256(req.body.currentPW, req.body.newUsername, HASHES_DB);
let sql = `select * from ipost.users where User_Name=?;`; //check if pw is correct
let values = [res.locals.username];
let sql = `select * from ipost.users where User_Name=? and User_PW=?;`; //check if pw is correct
let values = [res.locals.username,hashed_pw];
con.query(sql, values, function (err, result) {
if (err)
throw err;
if (result[0] && result[0].User_PW == hashed_pw) {
if (result[0]) {
let sql = `select * from ipost.users where User_Name=?;`; //check if newUsername isn't already used
let values = [req.body.newUsername];
con.query(sql, values, function (err, result) {

14
routes/user_auth.js
View File

@ -19,12 +19,12 @@ export const setup = function (router, con, server) {
return;
}
res.status(200);
if ((typeof req.body.user) != "string") {
if ((typeof req.body.user) !== "string") {
res.status(416);
res.json({ "error": "incorrect username" });
return;
}
if ((typeof req.body.pass) != "string") {
if ((typeof req.body.pass) !== "string") {
res.status(417);
res.json({ "error": "incorrect password" });
return;
@ -37,7 +37,7 @@ export const setup = function (router, con, server) {
res.redirect("/register?success=false&reason=username");
return;
}
if (username == "") {
if (username === "") {
res.status(411);
res.redirect("/register?success=false&reason=username");
return;
@ -52,7 +52,7 @@ export const setup = function (router, con, server) {
res.send("username is too long");
return;
}
if (username.search("@") != -1) {
if (username.search("@") !== -1) {
res.status(414);
res.send("username can't contain @-characters");
return;
@ -93,12 +93,12 @@ export const setup = function (router, con, server) {
router.post("/login", function (req, res) {
if (!increaseAPICall(req, res))
return;
if ((typeof req.body.user) != "string") {
if ((typeof req.body.user) !== "string") {
res.status(416);
res.json({ "error": "incorrect username" });
return;
}
if ((typeof req.body.pass) != "string") {
if ((typeof req.body.pass) !== "string") {
res.status(417);
res.json({ "error": "incorrect password" });
return;
@ -150,7 +150,7 @@ export const setup = function (router, con, server) {
let cookiesigned = signature.sign(setTo, cookiesecret + (!no_ip_lock ? ip : ""));
res.cookie('AUTH_COOKIE', cookiesigned, { maxAge: Math.pow(10, 10), httpOnly: true, secure: DID_I_FINALLY_ADD_HTTPS });
ip = SHA256(ip, setTo, HASHES_DB);
if (result[0].User_LastIP != ip) {
if (result[0].User_LastIP !== ip) {
let sql = `update ipost.users set User_LastIP = ? where User_Name = ?;`;
con.query(sql, [ip, encodeURIComponent(username)], function (error) {
if (error)

8
routes/userfiles.js
View File

@ -57,7 +57,7 @@ export const setup = function (router, con, server) {
let out = []
for(let channel of result){
if(channel.post_receiver_name == "")continue;
if(channel.post_receiver_name === "")continue;
out[out.length] = channel.post_receiver_name
}
@ -109,7 +109,7 @@ export const setup = function (router, con, server) {
async function handleUserFiles(request, response, overrideurl) {
if (!increaseUSERCall(request, response))return;
if(typeof overrideurl != "string")overrideurl = undefined;
if(typeof overrideurl !== "string")overrideurl = undefined;
let originalUrl = overrideurl || request.originalUrl.split("?").shift();
@ -177,13 +177,13 @@ export const setup = function (router, con, server) {
return;
}
if(originalUrl == "/favicon.ico") {
if(originalUrl === "/favicon.ico") {
response.set('Cache-Control', 'public, max-age=2592000');
response.sendFile(dir + "/views/favicon.ico")
return
}
if(originalUrl == "/api/documentation/") {
if(originalUrl === "/api/documentation/") {
readFile(path,function(_err,res){
response.send(res.toString())
})

22
server.js
View File

@ -36,7 +36,7 @@ const original_log = console.log;
*/
function log_info(level, ...info) {
let text = info;
if (text == undefined || text.length == 0) {
if (text === undefined || text.length === 0) {
text = level;
level = 5;
}
@ -162,11 +162,11 @@ function increaseIndividualCall(url, req) {
if (!conf["enabled"])
return true;
let ip = getIP(req);
if (INDIVIDUAL_CALLS[ip] == undefined)
if (INDIVIDUAL_CALLS[ip] === undefined)
INDIVIDUAL_CALLS[ip] = {};
if (INDIVIDUAL_CALLS[ip][url] == undefined)
if (INDIVIDUAL_CALLS[ip][url] === undefined)
INDIVIDUAL_CALLS[ip][url] = 0;
if (INDIVIDUAL_CALLS[ip][url] == 0) {
if (INDIVIDUAL_CALLS[ip][url] === 0) {
setTimeout(function () {
INDIVIDUAL_CALLS[ip][url] = 0;
}, conf["reset_time"]);
@ -192,7 +192,7 @@ function increaseAccountAPICall(req, res) {
return false;
let values = unsigned.split(" ");
let username = values[0];
if (API_CALLS_ACCOUNT[username] == undefined)
if (API_CALLS_ACCOUNT[username] === undefined)
API_CALLS_ACCOUNT[username] = 0;
if (API_CALLS_ACCOUNT[username] >= config.rate_limits.api.max_per_account) {
res.status(429);
@ -203,7 +203,7 @@ function increaseAccountAPICall(req, res) {
}
function increaseAPICall(req, res, next) {
let ip = getIP(req);
if (API_CALLS[ip] == undefined)
if (API_CALLS[ip] === undefined)
API_CALLS[ip] = 0;
if (API_CALLS[ip] >= config.rate_limits.api.max_without_session) {
if (REVERSE_SESSIONS[ip] && req.cookies.session !== REVERSE_SESSIONS[ip]) { //expected a session, but didn't get one
@ -215,7 +215,7 @@ function increaseAPICall(req, res, next) {
let session;
do {
session = genstring(300);
} while (SESSIONS[session] != undefined);
} while (SESSIONS[session] !== undefined);
SESSIONS[session] = ip;
REVERSE_SESSIONS[ip] = session;
setTimeout(function () {
@ -241,7 +241,7 @@ function increaseAPICall(req, res, next) {
}
function increaseUSERCall(req, res, next) {
let ip = getIP(req);
if (USER_CALLS[ip] == undefined)
if (USER_CALLS[ip] === undefined)
USER_CALLS[ip] = 0;
if (USER_CALLS[ip] >= config.rate_limits.user.max) {
res.status(429);
@ -307,13 +307,13 @@ if (DID_I_FINALLY_ADD_HTTPS) {
app.use("/*", function (req, res, next) {
res.set("x-powered-by", "ipost");
for (let i = 0; i < blocked_headers.length; i++) {
if (req.header(blocked_headers[i]) != undefined) {
if (req.header(blocked_headers[i]) !== undefined) {
res.json({ "error": "we don't allow proxies on our website." });
return;
}
}
let fullurl = req.baseUrl + req.path;
if (fullurl != "/") {
if (fullurl !== "/") {
fullurl = fullurl.substring(0, fullurl.length - 1);
}
if (!increaseIndividualCall(fullurl, req)) {
@ -418,7 +418,7 @@ wss.on("connection", function connection(ws) {
console.log(5,"new connection");
ws.on("message", function incoming(message) {
message = JSON.parse(message);
if (message.id == "switchChannel") {
if (message.id === "switchChannel") {
ws.channel = decodeURIComponent(message.data);
}
});