KevinMidboe/zoff
1
0
Fork 0
mirror of https://github.com/KevinMidboe/zoff.git synced 2025-10-29 18:00:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fixed errors from security update

Browse Source
This commit is contained in:
Kasper Rynning-Tønnesen
2015-11-23 21:09:23 +01:00
parent abf77a27d6
commit 94bb7c4ceb
4 changed files with 14 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
server/server.js
View File

@@ -323,7 +323,7 @@ io.on('connection', function(socket){
else
{
var id = msg[1];
var hash = hash_pass(msg[3]);
var hash = hash_pass(decrypt_password(socket.id, msg[3]));
db.collection(coll).find({views:{$exists:true}}, function(err, docs){
if(docs !== null && docs.length != 0 && ((docs[0]["vote"] == true && (hash == docs[0]["adminpass"] || docs[0]["adminpass"] == ""))
|| docs[0]["vote"] == false))
@@ -392,7 +392,7 @@ io.on('connection', function(socket){
}
if(adminpass !== undefined && adminpass !== null && adminpass != "")
var hash = hash_pass(adminpass);
var hash = hash_pass(decrypt_password(socket.id, adminpass));
else
var hash = "";
@@ -446,7 +446,7 @@ io.on('connection', function(socket){
if(params.length == 10) description = params[9];
if(adminpass != "")
var hash = hash_pass(adminpass);
var hash = hash_pass(decrypt_password(socket.id, adminpass));
else
var hash = adminpass;
@@ -484,7 +484,7 @@ io.on('connection', function(socket){
check_inlist(coll, guid, socket, name);
if(pass == "") var hash = pass;
else var hash = hash_pass(pass);
else var hash = hash_pass(decrypt_password(socket.id, pass));
db.collection(coll).find({views:{$exists:true}}, function(err, docs){
if(docs !== null && docs.length != 0 && ((docs[0]["adminpass"] == hash || docs[0]["adminpass"] == "") || docs[0]["shuffle"] == false))
{

2
static/dist/main.min.js vendored
View File

File diff suppressed because one or more lines are too long

2
static/js/list.js
View File

@@ -123,7 +123,7 @@ var List = {
},
skip: function(){
socket.emit('skip', [chan, localStorage[chan.toLowerCase()]]);
socket.emit('skip', [chan, adminpass]);
return true;
},

13
static/js/playercontrols.js
View File

@@ -15,10 +15,11 @@ var Playercontrols = {
initSlider: function()
{
if(Crypt.getCookie("_opts"))
if(localStorage.volume)
{
//vol = localStorage.getItem("volume");
vol = (Crypt.get_volume());
}else{
vol = 100;
//localStorage.setItem("volume", vol);
@@ -31,12 +32,14 @@ var Playercontrols = {
range: "min",
animate: true,
slide: function(event, ui) {
Playercontrols.setVolume(ui.value);
Playercontrols.setVolume(ui.value);
//localStorage.setItem("volume", ui.value);
Crypt.set_volume(ui.value);
}
});
Playercontrols.choose_button(vol, false);
Playercontrols.choose_button(vol, false);
Playercontrols.setVolume(ui.value);
//$("#volume").slider("value", ytplayer.getVolume());
},
@@ -91,13 +94,13 @@ var Playercontrols = {
setVolume: function(vol)
{
ytplayer.setVolume(vol);
Playercontrols.choose_button(vol, false);
Playercontrols.choose_button(vol, false);
if(ytplayer.isMuted())
ytplayer.unMute();
},
choose_button: function(vol, mute)
{
{
if(!mute){
if(vol >= 0 && vol <= 33){
if(document.getElementById("v-full").className.split(" ").length == 1)