KevinMidboe/zoff
1
0
Fork 0
mirror of https://github.com/KevinMidboe/zoff.git synced 2025-10-29 18:00:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

Moved SoundCloud api-key out to different config file and fixed some list-naming issues that was caused with filter.clean was performed after list-name was encoded. Closes #362

Browse Source
This commit is contained in:
Kasper Rynning-Tønnesen
2018-08-01 16:53:26 +02:00
parent f4dfdb32df
commit 7f22ff2b1d
20 changed files with 139 additions and 100 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
server/handlers/chat.js
View File

@@ -79,7 +79,7 @@ function chat(msg, guid, offline, socket) {
}
var coll = msg.channel.toLowerCase();//.replace(/ /g,'');
coll = Functions.removeEmojis(coll).toLowerCase();
coll = filter.clean(coll);
//coll = filter.clean(coll);
Functions.getSessionAdminUser(Functions.getSession(socket), coll, function(userpass) {
if(userpass != "" || msg.pass == undefined) {
msg.pass = userpass;
@@ -132,7 +132,7 @@ function all_chat(msg, guid, offline, socket) {
var coll = msg.channel.toLowerCase();//.replace(/ /g,'');
var data = msg.data;
coll = Functions.removeEmojis(coll).toLowerCase();
coll = filter.clean(coll);
//coll = filter.clean(coll);
Functions.check_inlist(coll, guid, socket, offline);
if(data !== "" && data !== undefined && data !== null &&
data.length < 151 && data.replace(/\s/g, '').length){

4
server/handlers/functions.js
View File

@@ -11,9 +11,12 @@ var connected_db = mongojs('mongodb://' + mongo_config.host + '/user_credentials
var crypto = require('crypto');
var db = require(pathThumbnails + '/handlers/db.js');
var uniqid = require('uniqid');
var Filter = require('bad-words');
var filter = new Filter({ placeHolder: 'x'});
function encodeChannelName(str) {
var _fn = encodeURIComponent;
str = filter.clean(str);
var toReturn = _fn(str);
toReturn = toReturn.replace(/_/g, "%5F");
toReturn = toReturn.replace(/%26amp%3B/g, "%26").replace(/%26amp%3b/g, "%26");
@@ -25,6 +28,7 @@ function decodeChannelName(str) {
var _fn = decodeURIComponent;
str = str.toUpperCase();
var toReturn = _fn(str.replace(/%5F/g, "_"));
toReturn = filter.clean(toReturn);
return toReturn.toLowerCase();
}

33
server/handlers/io.js
View File

@@ -99,9 +99,12 @@ module.exports = function() {
typeof(msg.channel) == "string" && typeof(msg.socket_id) == "string" && msg.channel != "") {
db.collection("connected_users").find({"_id": msg.channel}, function(err, connected_users_channel) {
if(connected_users_channel.length > 0 && connected_users_channel[0].users.indexOf(msg.guid) > -1) {
if(msg.hasOwnProperty("channel")) {
msg.channel = Functions.encodeChannelName(msg.channel);
}
coll = msg.channel.toLowerCase();//.replace(/ /g,'');
coll = Functions.removeEmojis(coll).toLowerCase();
coll = filter.clean(coll);
//coll = filter.clean(coll);
if(coll.indexOf("?") > -1){
coll = coll.substring(0, coll.indexOf("?"));
}
@@ -111,9 +114,7 @@ module.exports = function() {
guid = msg.guid;
socketid = msg.socket_id;
socket.zoff_id = socketid;
if(msg.hasOwnProperty("channel")) {
msg.channel = Functions.encodeChannelName(msg.channel);
}
in_list = true;
chromecast_object = true;
socket.join(coll);
@@ -139,8 +140,8 @@ module.exports = function() {
}
coll = Functions.removeEmojis(_list).toLowerCase();
//coll = coll.replace(/_/g, "");
coll = filter.clean(coll);
msg.channel = Functions.encodeChannelName(msg.channel);
//coll = filter.clean(coll);
} catch(e) {
return;
}
@@ -249,7 +250,7 @@ module.exports = function() {
if(channel != "") coll = channel;
if(coll !== undefined) {
coll = Functions.removeEmojis(coll).toLowerCase();
coll = filter.clean(coll);
//coll = filter.clean(coll);
db.collection("connected_users").findAndModify({
query: {"_id": coll},
update: {$pull: {users: guid}},
@@ -397,7 +398,7 @@ module.exports = function() {
coll = Functions.removeEmojis(_list).toLowerCase();
//coll = coll.replace(/_/g, "");
//
coll = filter.clean(coll);
//coll = filter.clean(coll);
} catch(e) {
return;
}
@@ -425,7 +426,7 @@ module.exports = function() {
coll = Functions.removeEmojis(coll).toLowerCase();
//coll = coll.replace(/_/g, "");
coll = filter.clean(coll);
//coll = filter.clean(coll);
} catch(e) {
return;
}
@@ -460,7 +461,7 @@ module.exports = function() {
coll = Functions.removeEmojis(coll).toLowerCase();
//coll = coll.replace(/_/g, "");
coll = filter.clean(coll);
//coll = filter.clean(coll);
} catch(e) {
return;
}
@@ -482,7 +483,7 @@ module.exports = function() {
coll = Functions.removeEmojis(coll).toLowerCase();
//coll = coll.replace(/_/g, "");
coll = filter.clean(coll);
//coll = filter.clean(coll);
} catch(e) {
return;
}
@@ -506,7 +507,7 @@ module.exports = function() {
coll = Functions.removeEmojis(coll).toLowerCase();
//coll = coll.replace(/_/g, "");
coll = filter.clean(coll);
//coll = filter.clean(coll);
} catch(e) {
return;
}
@@ -571,7 +572,7 @@ module.exports = function() {
coll = Functions.removeEmojis(coll).toLowerCase();
//coll = coll.replace(/_/g, "");
coll = filter.clean(coll);
//coll = filter.clean(coll);
} catch(e) {
return;
}
@@ -601,7 +602,7 @@ module.exports = function() {
coll = Functions.removeEmojis(coll).toLowerCase();
//coll = coll.replace(/_/g, "");
coll = filter.clean(coll);
//coll = filter.clean(coll);
} catch(e) {
return;
}
@@ -631,7 +632,7 @@ module.exports = function() {
if(msg.hasOwnProperty("channel") && msg.channel != "" && typeof(msg.channel) == "string") {
coll = msg.channel;//.replace(/ /g,'');
coll = Functions.removeEmojis(coll).toLowerCase();
coll = filter.clean(coll);
//coll = filter.clean(coll);
List.left_channel(coll, guid, short_id, in_list, socket, false);
}
})
@@ -670,7 +671,7 @@ module.exports = function() {
coll = Functions.removeEmojis(coll).toLowerCase();
//coll = coll.replace(/_/g, "");
coll = filter.clean(coll);
//coll = filter.clean(coll);
} catch(e) {
return;
}

4
server/handlers/list.js
View File

@@ -60,7 +60,7 @@ function list(msg, guid, coll, offline, socket) {
}
coll = msg.channel.toLowerCase(); //.replace(/ /g,'');
coll = Functions.removeEmojis(coll).toLowerCase();
coll = filter.clean(coll);
//coll = filter.clean(coll);
var pass = crypto.createHash('sha256').update(Functions.decrypt_string(msg.pass)).digest("base64");
db.collection('frontpage_lists').find({"_id": coll}, function(err, frontpage_lists){
if(frontpage_lists.length == 1) {
@@ -129,7 +129,7 @@ function skip(list, guid, coll, offline, socket) {
coll = Functions.removeEmojis(coll).toLowerCase();
//coll = coll.replace(/_/g, "");
coll = filter.clean(coll);
//coll = filter.clean(coll);
} catch(e) {
return;
}

8
server/handlers/list_change.js
View File

@@ -537,7 +537,7 @@ function add_function(arr, coll, guid, offline, socket) {
}
coll = msg.channel.toLowerCase();//.replace(/ /g,'');
coll = Functions.removeEmojis(coll).toLowerCase();
coll = filter.clean(coll);
//coll = filter.clean(coll);
Functions.getSessionAdminUser(Functions.getSession(socket), coll, function(userpass, adminpass) {
if(adminpass != "" || msg.adminpass == undefined) {
msg.adminpass = adminpass;
@@ -601,7 +601,7 @@ function add_function(arr, coll, guid, offline, socket) {
}
coll = msg.channel.toLowerCase();//.replace(/ /g,'');
coll = Functions.removeEmojis(coll).toLowerCase();
coll = filter.clean(coll);
//coll = filter.clean(coll);
Functions.getSessionAdminUser(Functions.getSession(socket), coll, function(userpass, adminpass) {
if(adminpass != "" || msg.adminpass == undefined) {
msg.adminpass = adminpass;
@@ -674,7 +674,7 @@ function add_function(arr, coll, guid, offline, socket) {
var coll = Functions.removeEmojis(params.channel).toLowerCase();
//coll = coll.replace(/_/g, "").replace(/ /g,'');
coll = filter.clean(coll);
//coll = filter.clean(coll);
db.collection(coll + "_settings").find(function(err, docs){
if(docs !== null && docs.length !== 0 && docs[0].adminpass == Functions.hash_pass(Functions.hash_pass(Functions.decrypt_string(params.adminpass),true)))
{
@@ -723,7 +723,7 @@ function add_function(arr, coll, guid, offline, socket) {
}
//coll = coll.replace(/ /g,'');
coll = Functions.removeEmojis(coll).toLowerCase();
coll = filter.clean(coll);
//coll = filter.clean(coll);
Functions.getSessionAdminUser(Functions.getSession(socket), coll, function(userpass, adminpass, gotten) {
if(adminpass != "" || msg.adminpass == undefined) {
msg.adminpass = adminpass;

4
server/handlers/list_settings.js
View File

@@ -36,7 +36,7 @@ function password(inp, coll, guid, offline, socket) {
coll = Functions.removeEmojis(coll).toLowerCase();
//coll = coll.replace(/_/g, "");
coll = filter.clean(coll);
//coll = filter.clean(coll);
} catch(e) {
return;
}
@@ -100,7 +100,7 @@ function conf_function(params, coll, guid, offline, socket) {
coll = Functions.removeEmojis(coll).toLowerCase();
//coll = coll.replace(/_/g, "");
coll = filter.clean(coll);
//coll = filter.clean(coll);
} catch(e) {
return;
}

3
server/handlers/search.js
View File

@@ -1,7 +1,8 @@
var path = require('path');
var time_regex = /P((([0-9]*\.?[0-9]*)Y)?(([0-9]*\.?[0-9]*)M)?(([0-9]*\.?[0-9]*)W)?(([0-9]*\.?[0-9]*)D)?)?(T(([0-9]*\.?[0-9]*)H)?(([0-9]*\.?[0-9]*)M)?(([0-9]*\.?[0-9]*)S)?)?/;
try {
var key = require(path.join(__dirname, '../config/api_key.js'));
var keys = require(path.join(__dirname, '../config/api_key.js'));
var key = keys.youtube;
} catch(e) {
console.log("Error - missing file");
console.log("Seems you forgot to create the file api_key.js in /server/config/. Have a look at api_key.example.js.");