Albirew/nyaa-pantsu
Albirew/nyaa-pantsu
Archivé
1
0
Bifurcation 0
Code Activité

Fix a condition that didn't behave as intended (#1651)

Parcourir la source 
* Update profile.go

* Update router.go

* Update torrents.go

* Update router.go

* Update announcements.go

* Update comments.go

* Update oauth.go

* Update reports.go

* Update router.go

* Update index.jet.html

* Update torrentlist.jet.html

* Update commentlist.jet.html

* Update announcements.jet.html

* Update clientlist.jet.html

* Update torrent_report.jet.html

* Update userlist.jet.html

* Update userlist.jet.html

* Update userlist.jet.html

* Update edit.jet.html

* Update delete.go

* Update edit.jet.html

* Update index.jet.html

* Update profile.go

* Update router.go

* Update profile.go

* Update edit.jet.html

* Update userlist.jet.html

* Update index.jet.html

* remove hotfix that didn't even hit live
Cette révision appartient à :
kilo 2017-10-12 02:54:01 +02:00 révisé par GitHub
Parent 0f83b95625
révision 83540ad31c
19 fichiers modifiés avec 84 ajouts et 62 suppressions
Voir les statistiques Télécharger le patch en tant que fichier Télécharger le fichier diff Développer tous les fichiers Réduire tous les fichiers

2
controllers/moderator/announcements.go
Voir le fichier

@ -75,7 +75,7 @@ func addAnnouncement(c *gin.Context) {
func postAnnouncement(c *gin.Context) {
messages := msg.GetMessages(c)
announcement := &models.Notification{}
id, _ := strconv.Atoi(c.Query("id"))
id, _ := strconv.Atoi(c.PostForm("id"))
if id > 0 {
var err error
announcement, err = notifications.FindByID(uint(id))

2
controllers/moderator/comments.go
Voir le fichier

@ -48,7 +48,7 @@ func CommentsListPanel(c *gin.Context) {
// CommentDeleteModPanel : Controller for deleting a comment
func CommentDeleteModPanel(c *gin.Context) {
id, _ := strconv.ParseInt(c.Query("id"), 10, 32)
id, _ := strconv.ParseInt(c.PostForm("id"), 10, 32)
comment, _, err := comments.Delete(uint(id))
if err == nil {
activities.Log(&models.User{}, comment.Identifier(), "delete", "comment_deleted_by", strconv.Itoa(int(comment.ID)), comment.User.Username, router.GetUser(c).Username)

2
controllers/moderator/oauth.go
Voir le fichier

@ -148,7 +148,7 @@ func clientsListPanel(c *gin.Context) {
// clientsDeleteModPanel : Controller for deleting a comment
func clientsDeleteModPanel(c *gin.Context) {
id := c.Query("id")
id := c.PostForm("id")
sqlManager := manager.SQLManager{&fosite.BCrypt{WorkFactor: 12}}
client, err := oauth_client.FindByID(id)
if err != nil {

2
controllers/moderator/reports.go
Voir le fichier

@ -37,7 +37,7 @@ func TorrentReportListPanel(c *gin.Context) {
// TorrentReportDeleteModPanel : Controller for deleting a torrent report
func TorrentReportDeleteModPanel(c *gin.Context) {
id := c.Query("id")
id := c.PostForm("id")
fmt.Println(id)
idNum, _ := strconv.ParseUint(id, 10, 64)

12
controllers/moderator/router.go
Voir le fichier

@ -47,26 +47,26 @@ func init() {
modRoutes.POST("/torrent", TorrentPostEditModPanel)
/* Torrent delete routes */
modRoutes.Any("/torrent/delete", TorrentDeleteModPanel)
modRoutes.POST("/torrent/delete", TorrentDeleteModPanel)
/* Announcement edit view */
modRoutes.GET("/announcement/form", addAnnouncement)
modRoutes.POST("/announcement/form", postAnnouncement)
/* Announcement delete routes */
modRoutes.Any("/announcement/delete", deleteAnnouncement)
modRoutes.POST("/announcement/delete", deleteAnnouncement)
/* Torrent lock/unlock route */
modRoutes.Any("/torrent/block", TorrentBlockModPanel)
/* Tags delete route */
modRoutes.Any("/tags/delete", DeleteTagsModPanel)
modRoutes.POST("/tags/delete", DeleteTagsModPanel)
/* Report delete route */
modRoutes.Any("/report/delete", TorrentReportDeleteModPanel)
modRoutes.POST("/report/delete", TorrentReportDeleteModPanel)
/* Comment delete route */
modRoutes.Any("/comment/delete", CommentDeleteModPanel)
modRoutes.POST("/comment/delete", CommentDeleteModPanel)
/* Reassign form routes */
modRoutes.GET("/reassign", TorrentReassignModPanel)
@ -77,7 +77,7 @@ func init() {
modRoutes.GET("/oauth_client/p/:page", clientsListPanel)
/* Oauth client delete route */
modRoutes.GET("/oauth_client/delete", clientsDeleteModPanel)
modRoutes.POST("/oauth_client/delete", clientsDeleteModPanel)
/* Oauth client edit routes */
modRoutes.GET("/oauth_client/form", formClientController)

2
controllers/moderator/torrents.go
Voir le fichier

@ -120,7 +120,7 @@ func TorrentPostEditModPanel(c *gin.Context) {
// TorrentDeleteModPanel : Controller for deleting a torrent
func TorrentDeleteModPanel(c *gin.Context) {
id, _ := strconv.ParseInt(c.Query("id"), 10, 32)
id, _ := strconv.ParseInt(c.PostForm("id"), 10, 32)
definitely := c.Request.URL.Query()["definitely"]
var returnRoute = "/mod/torrents"

3
controllers/torrent/comment.go
Voir le fichier

@ -34,9 +34,6 @@ func PostCommentHandler(c *gin.Context) {
messages.AddErrorT("errors", "bad_captcha")
}
}
if strings.Contains(c.PostForm("comment"), "mod") && strings.Contains(c.PostForm("comment"), "delete") {
messages.AddError("errors", "xxx")
}
content := sanitize.Sanitize(c.PostForm("comment"), "comment")
if strings.TrimSpace(content) == "" {

2
controllers/torrent/delete.go
Voir le fichier

@ -15,7 +15,7 @@ import (
// TorrentDeleteUserPanel : Controller for deleting a user torrent by a user
func TorrentDeleteUserPanel(c *gin.Context) {
id, _ := strconv.ParseInt(c.Query("id"), 10, 32)
id, _ := strconv.ParseInt(c.PostForm("id"), 10, 32)
currentUser := router.GetUser(c)
torrent, _ := torrents.FindByID(uint(id))
if currentUser.CurrentOrAdmin(torrent.UploaderID) && torrent.ID > 0 {

2
controllers/torrent/router.go
Voir le fichier

@ -17,7 +17,7 @@ func init() {
torrentRoutes.POST("/tag", ViewFormTag)
torrentRoutes.GET("/tag/add", AddTag)
torrentRoutes.GET("/tag/remove", DeleteTag)
torrentRoutes.GET("/delete", TorrentDeleteUserPanel)
torrentRoutes.POST("/delete", TorrentDeleteUserPanel)
}
torrentViewRoutes := router.Get().Group("/view")
{

27
controllers/user/profile.go
Voir le fichier

@ -22,13 +22,30 @@ import (
"github.com/gin-gonic/gin"
)
// UserProfileDelete : Deleting User Profile
func UserProfileDelete(c *gin.Context) {
id, _ := strconv.ParseUint(c.Param("id"), 10, 32)
userProfile, _, errorUser := users.FindForAdmin(uint(id))
if errorUser == nil{
currentUser := router.GetUser(c)
if (currentUser.CurrentOrAdmin(userProfile.ID)) {
_, err := userProfile.Delete(currentUser)
if err == nil && currentUser.CurrentUserIdentical(userProfile.ID) {
cookies.Clear(c)
}
}
templates.Static(c, "site/static/delete_success.jet.html")
}
}
// UserProfileHandler : Getting User Profile
func UserProfileHandler(c *gin.Context) {
id, _ := strconv.ParseUint(c.Param("id"), 10, 32)
Ts, _ := publicSettings.GetTfuncAndLanguageFromRequest(c)
messages := msg.GetMessages(c)
if id == 0 && ContainsNonNumbersChars(c.Param("id")) {
if c.Param("id") != "0" && id == 0 && ContainsNonNumbersChars(c.Param("id")) {
c.Redirect(http.StatusSeeOther, fmt.Sprintf("/username/%s", c.Param("id")))
return
}
@ -40,13 +57,7 @@ func UserProfileHandler(c *gin.Context) {
unfollow := c.Request.URL.Query()["unfollowed"]
deleteVar := c.Request.URL.Query()["delete"]
if (deleteVar != nil) && (currentUser.CurrentOrAdmin(userProfile.ID)) {
_, err := userProfile.Delete(currentUser)
if err == nil && currentUser.CurrentUserIdentical(userProfile.ID) {
cookies.Clear(c)
}
templates.Static(c, "site/static/delete_success.jet.html")
} else {
if !((deleteVar != nil) && (currentUser.CurrentOrAdmin(userProfile.ID))) {
if follow != nil {
messages.AddInfof("infos", Ts("user_followed_msg"), userProfile.Username)
}

1
controllers/user/router.go
Voir le fichier

@ -36,6 +36,7 @@ func init() {
userRoutes.GET("/:id/:username/search/:page", searchController.UserSearchHandler)
userRoutes.GET("/:id/:username/feed", feedController.RSSHandler)
userRoutes.GET("/:id/:username/feed/:page", feedController.RSSHandler)
userRoutes.POST("/:id/:username/delete", UserProfileDelete)
}
router.Get().Any("/username", RedirectToUserSearch)

7
templates/admin/announcements.jet.html
Voir le fichier

@ -21,9 +21,10 @@
<a href="/mod/announcement/form?id={{ .ID }}">{{ .Expire }}</a>
</td>
<td class="tr-actions home-td">
<a href="/mod/announcement/delete?id={{ .ID }}" class="form-input btn-red" onclick="if (!confirm('{{ T(" are_you_sure ") }}')) return false;">
<i class="icon-trash"></i> {{ T("delete") }}
</a>
<form method="POST" action="/mod/announcement/delete">
<input type="hidden" name="id" value="{{ .ID }}">
<button type="submit" class="form-input btn-red"><i class="icon-trash"></i> {{ T("delete") }}</button>
</form>
</td>
</tr>
{{end}}

7
templates/admin/clientlist.jet.html
Voir le fichier

@ -17,9 +17,10 @@
<a href="/mod/oauth_client/form?id={{ .ID }}">{{ .Owner }}</a>
</td>
<td class="tr-actions home-td">
<a href="/mod/oauth_client/delete?id={{ .ID }}" class="form-input btn-red" onclick="if (!confirm('{{ T(" are_you_sure ") }}')) return false;">
<i class="icon-trash"></i> {{ T("delete") }}
</a>
<form method="POST" action="/mod/oauth_client/delete">
<input type="hidden" name="id" value="{{ .ID }}">
<button type="submit" class="form-input btn-red"><i class="icon-trash"></i> {{ T("delete") }}</button>
</form>
</td>
</tr>
{{end}}

7
templates/admin/commentlist.jet.html
Voir le fichier

@ -30,9 +30,10 @@
{{end}}
</td>
<td class="tr-actions home-td">
<a href="/mod/comment/delete?id={{.ID}}" class="form-input btn-red" onclick="if (!confirm('{{ T(" are_you_sure ") }}')) return false;">
<i class="icon-trash"></i> {{ T("delete") }}
</a>
<form method="POST" action="/mod/comment/delete">
<input type="hidden" name="id" value="{{ .ID }}">
<button type="submit" class="form-input btn-red"><i class="icon-trash"></i> {{ T("delete") }}</button>
</form>
</td>
</tr>
{{end}}

27
templates/admin/index.jet.html
Voir le fichier

@ -22,9 +22,10 @@
<a href="/mod/torrents?userID={{.UploaderID}}">{{ .UploaderID }}</a>
</td>
<td class="tr-size home-td">
<a href="/mod/torrent/delete?id={{ .ID }}" class="form-input btn-red" onclick="if (!confirm('{{ T(" are_you_sure ") }}')) return false;">
<i class="icon-trash"></i> {{ T("delete") }}
</a>
<form method="POST" action="/mod/torrent/delete">
<input type="hidden" name="id" value="{{ .ID }}">
<button type="submit" class="form-input btn-red"onclick="if (!confirm('{{ T(" are_you_sure ") }}')) return false;"><i class="icon-trash"></i> {{ T("delete") }}</button>
</form>
</td>
</tr>
{{end}}
@ -57,8 +58,10 @@
<td class="tr-size home-td">{{.User.Username}}</td>
<td class="tr-actions home-td">{{ getReportDescription(.Description,T) }}</td>
<td class="tr-actions home-td">
<a href="/mod/report/delete?id={{ .ID }}" class="form-input btn-red">
<i class="icon-trash"></i> {{ T("delete") }}</a>
<form method="POST" action="/mod/report/delete" >
<input type="hidden" name="id" value="{{ .ID }}">
<button type="submit" class="form-input btn-red"><i class="icon-trash"></i> {{ T("delete") }}</button>
</form>
</td>
</tr>
{{end}}
@ -85,9 +88,9 @@
<a href="/user/{{.ID}}/{{.Username }}">{{ .Username }}</a>
</td>
<td class="tr-size home-td">{{if .ID > 0}}
<a href="/user/{{.ID}}/{{.Username }}?delete" class="form-input btn-red" onclick="if (!confirm('{{ T(" are_you_sure ") }}')) return false;">
<i class="icon-trash"></i> {{ T("delete") }}
</a>
<form method="POST" action="/user/{{.ID}}/{{.Username }}/delete" >
<button type="submit" class="form-input btn-red" onclick="if (!confirm('{{ T(" are_you_sure ") }}')) return false;"><i class="icon-trash"></i> {{ T("delete") }}</button>
</form>
{{end}}
</td>
</tr>
@ -121,9 +124,10 @@
</a>
</td>
<td class="tr-size home-td">
<a href="/mod/comment/delete?id={{ .ID }}" class="form-input delete-btn btn-red">
<i class="icon-trash"></i> {{ T("delete") }}
</a>
<form method="POST" action="/mod/comment/delete">
<input type="hidden" name="id" value="{{ .ID }}">
<button type="submit" class="form-input btn-red"><i class="icon-trash"></i> {{ T("delete") }}</button>
</form>
</td>
</tr>
{{end}}
@ -140,6 +144,7 @@
<script type="text/javascript">
var deleteButtons = document.getElementsByClassName("delete-btn")
for(var i = 0; i < deleteButtons.length; i++) {
break;
deleteButtons[i].addEventListener("click", function (e) {
e.preventDefault()
Query.Get(this.href, function(data) {})

15
templates/admin/torrent_report.jet.html
Voir le fichier

@ -22,13 +22,14 @@
<td class="tr-size home-td">{{.User.Username}}</td>
<td class="tr-actions home-td">{{ getReportDescription(.Description, T) }}</td>
<td class="tr-actions home-td">
<a href="/mod/torrent/delete?id={{ .Torrent.ID }}" class="form-input btn-red" onclick="if (!confirm('{{ T(" are_you_sure ") }}')) return false;">
<i class="icon-trash"></i>{{ T("delete_torrent") }}
</a>
<br/>
<a href="/mod/report/delete?id={{ .ID }}" class="form-input btn-red">
<i class="icon-trash"></i>{{ T("delete_report") }}
</a>
<form method="POST" action="/mod/torrent/delete">
<input type="hidden" name="id" value="{{ .Torrent }}">
<button type="submit" class="form-input btn-red" onclick="if (!confirm('{{ T(" are_you_sure ") }}')) return false;"><i class="icon-trash"></i> {{ T("delete_torrent") }}</button>
</form>
<form method="POST" action="/mod/report/delete">
<input type="hidden" name="id" value="{{ .ID }}">
<button type="submit" class="form-input btn-red"><i class="icon-trash"></i> {{ T("delete_report") }}</button>
</form>
</td>
</tr>
{{end}}

16
templates/admin/torrentlist.jet.html
Voir le fichier

@ -64,14 +64,16 @@
</a>
{{ if .IsDeleted }}
<br/>
<a href="/mod/torrent/delete?definitely&id={{ .ID }}" class="form-input btn-red" onclick="if (!confirm('{{ T(" are_you_sure ")}} {{ T("delete_definitely_torrent_warning ")}}')) return false;">
<i class="icon-trash"></i>
{{ T("delete_definitely") }}
</a>
<form method="POST" action="/mod/torrent/delete">
<input type="hidden" name="id" value="{{ .ID }}">
<input type="hidden" name="definitely" value="true">
<button type="submit" class="form-input btn-red"onclick="if (!confirm('{{ T(" are_you_sure ") }} {{ T("delete_definitely_torrent_warning ")}}')) return false;"><i class="icon-trash"></i> {{ T("delete_definitely") }}</button>
</form>
{{ else }}
<a href="/mod/torrent/delete?id={{ .ID }}" class="form-input btn-red" onclick="if (!confirm('{{ T(" are_you_sure ")}}')) return false;">
<i class="icon-trash"></i> {{ T("delete") }}
</a>
<form method="POST" action="/mod/torrent/delete">
<input type="hidden" name="id" value="{{ .ID }}">
<button type="submit" class="form-input btn-red"onclick="if (!confirm('{{ T(" are_you_sure ") }}')) return false;"><i class="icon-trash"></i> {{ T("delete") }}</button>
</form>
{{ end }}
</td>
</tr>

6
templates/admin/userlist.jet.html
Voir le fichier

@ -18,9 +18,9 @@
</td>
<td class="tr-actions home-td">
{{if .ID > 0}}
<a href="/user/{{.ID}}/{{.Username }}?delete" class="form-input btn-red" onclick="if (!confirm('{{ T(" are_you_sure ") }}')) return false;">
<i class="icon-trash"></i> {{ T("delete") }}
</a>
<form method="POST" action="/user/{{.ID}}/{{.Username }}/delete">
<button type="submit" class="form-input btn-red"onclick="if (!confirm('{{ T(" are_you_sure ") }}')) return false;"><i class="icon-trash"></i> {{ T("delete") }}</button>
</form>
{{end}}
</td>
</tr>

4
templates/site/user/edit.jet.html
Voir le fichier

@ -261,6 +261,8 @@
</form>
{{ if User.CurrentOrAdmin(UserProfile.ID) }}
<hr/>
<a href="/user/{{UserProfile.ID}}/{{UserProfile.Username}}?delete" onclick="if (!confirm('{{ T("delete_account_confirm") }}')) return false;" class="form-input btn-red" style="float:right">{{ T("delete_account")}}</a>
<form method="POST" action="/user/{{UserProfile.ID}}/{{UserProfile.Username}}/delete" >
<button type="submit" class="form-input btn-red"onclick="if (!confirm('{{ T(" delete_account_confirm ") }}')) return false;" style="float:right">{{ T("delete_account") }}</button>
</form>
{{end}}
{{end}}