Albirew/nyaa-pantsu
Albirew
/
nyaa-pantsu
Archivé
1
0
Bifurcation 0
Code Demandes d'ajout Publications Activité

Some html fixes

Cette révision appartient à :
akuma06 2017-07-04 01:15:43 +02:00
Parent d16871d91a
révision e2f3507069
11 fichiers modifiés avec 151 ajouts et 35 suppressions
Voir les Statistiques Télécharger le Fichier Patch Télécharger le Fichier des Différences Développer tous les fichiers Réduire tous les fichiers

4
controllers/middlewares.go
Voir le fichier

@ -9,8 +9,8 @@ import (
func errorMiddleware() gin.HandlerFunc {
return func(c *gin.Context) {
c.Next()
if c.Writer.Status() == http.StatusNotFound && c.Writer.Size() == 0 {
NotFoundHandler(c)
if c.Writer.Status() != http.StatusOK && c.Writer.Size() <= 0 {
httpError(c, c.Writer.Status())
}
}
}

42
controllers/router.go
Voir le fichier

@ -19,6 +19,8 @@ func init() {
//Router.Use(gzip.Gzip(gzip.DefaultCompression)) // FIXME I can't make it work :/
Router.Use(gin.Logger())
Router.Use(gin.Recovery())
Router.Use(errorMiddleware())
// Static file handlers
// TODO Use config from cli
// TODO Make sure the directory exists
@ -29,13 +31,13 @@ func init() {
Router.StaticFS("/gpg/", http.Dir(GPGPublicKeyPath))
// We don't need CSRF here
Router.Any("/", SearchHandler).Use(errorMiddleware())
Router.Any("/p/:page", SearchHandler).Use(errorMiddleware())
Router.Any("/search", SearchHandler).Use(errorMiddleware())
Router.Any("/search/:page", SearchHandler).Use(errorMiddleware())
Router.Any("/verify/email/:token", UserVerifyEmailHandler).Use(errorMiddleware())
Router.Any("/faq", FaqHandler).Use(errorMiddleware())
Router.Any("/activities", ActivityListHandler).Use(errorMiddleware())
Router.Any("/", SearchHandler)
Router.Any("/p/:page", SearchHandler)
Router.Any("/search", SearchHandler)
Router.Any("/search/:page", SearchHandler)
Router.Any("/verify/email/:token", UserVerifyEmailHandler)
Router.Any("/faq", FaqHandler)
Router.Any("/activities", ActivityListHandler)
Router.Any("/feed", RSSHandler)
Router.Any("/feed/p/:page", RSSHandler)
Router.Any("/feed/magnet", RSSMagnetHandler)
@ -49,7 +51,6 @@ func init() {
// !!! This line need to have the same download location as the one define in config.TorrentStorageLink !!!
Router.Any("/download/:hash", DownloadTorrent)
// For now, no CSRF protection here, as API is not usable for uploads
Router.Any("/upload", UploadHandler)
Router.POST("/login", UserLoginPostHandler)
Router.GET("/register", UserRegisterFormHandler)
@ -58,19 +59,25 @@ func init() {
Router.POST("/logout", UserLogoutHandler)
Router.GET("/notifications", UserNotificationsHandler)
torrentViewRoutes := Router.Group("/view", errorMiddleware())
reportRoutes := Router.Group("/report")
{
//reporting a torrent
reportRoutes.GET("/:id", ReportViewTorrentHandler)
reportRoutes.POST("/:id", ReportTorrentHandler)
}
torrentViewRoutes := Router.Group("/view")
{
torrentViewRoutes.GET("/:id", ViewHandler)
torrentViewRoutes.HEAD("/:id", ViewHeadHandler)
torrentViewRoutes.POST("/:id", PostCommentHandler)
}
torrentRoutes := Router.Group("/torrent", errorMiddleware())
torrentRoutes := Router.Group("/torrent")
{
torrentRoutes.GET("/", TorrentEditUserPanel)
torrentRoutes.POST("/", TorrentPostEditUserPanel)
torrentRoutes.GET("/delete", TorrentDeleteUserPanel)
}
userRoutes := Router.Group("/user").Use(errorMiddleware())
userRoutes := Router.Group("/user")
{
userRoutes.GET("/:id/:username", UserProfileHandler)
userRoutes.GET("/:id/:username/follow", UserFollowHandler)
@ -98,7 +105,7 @@ func init() {
// INFO Everything under /mod should be wrapped by wrapModHandler. This make
// sure the page is only accessible by moderators
// We don't need CSRF here
modRoutes := Router.Group("/mod", errorMiddleware(), modMiddleware())
modRoutes := Router.Group("/mod", modMiddleware())
{
modRoutes.Any("/", IndexModPanel)
modRoutes.GET("/torrents", TorrentsListPanel)
@ -127,8 +134,6 @@ func init() {
apiMod := modRoutes.Group("/api")
apiMod.Any("/torrents", APIMassMod)
}
//reporting a torrent
Router.POST("/report/:id", ReportTorrentHandler)
Router.Any("/captcha/*hash", captcha.ServeFiles)
@ -137,11 +142,16 @@ func init() {
Router.GET("/settings", SeePublicSettingsHandler)
Router.POST("/settings", ChangePublicSettingsHandler)
Router.Use(errorMiddleware())
CSRFRouter = nosurf.New(Router)
CSRFRouter.ExemptRegexp("/api(?:/.+)*")
CSRFRouter.ExemptPath("/mod")
CSRFRouter.ExemptPath("/upload")
CSRFRouter.ExemptPath("/user/login")
CSRFRouter.SetFailureHandler(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
http.Error(w, "Invalid CSRF tokens", http.StatusBadRequest)
}))
CSRFRouter.SetBaseCookie(http.Cookie{
Path: "/",
MaxAge: nosurf.MaxAge,
})
}

18
controllers/template.go
Voir le fichier

@ -41,6 +41,7 @@ func init() {
}
}
func commonVars(c *gin.Context) jet.VarMap {
token := nosurf.Token(c.Request)
msg := messages.GetMessages(c)
vars.Set("Navigation", newNavigation())
vars.Set("Search", newSearchForm(c))
@ -50,7 +51,7 @@ func commonVars(c *gin.Context) jet.VarMap {
vars.Set("MascotURL", publicSettings.GetMascotUrlFromRequest(c))
vars.Set("User", getUser(c))
vars.Set("URL", c.Request.URL)
vars.Set("CsrfToken", nosurf.Token(c.Request))
vars.Set("CsrfToken", token)
vars.Set("Config", config.Conf)
vars.Set("Infos", msg.GetAllInfos())
vars.Set("Errors", msg.GetAllErrors())
@ -85,13 +86,20 @@ func renderTemplate(c *gin.Context, templateName string, vars jet.VarMap) {
}
func httpError(c *gin.Context, errorCode int) {
if errorCode == http.StatusNotFound {
c.Status(http.StatusNotFound)
switch errorCode {
case http.StatusNotFound:
staticTemplate(c, path.Join(ErrorsDir, "404.jet.html"))
c.AbortWithStatus(errorCode)
return
case http.StatusBadRequest:
staticTemplate(c, path.Join(ErrorsDir, "400.jet.html"))
c.AbortWithStatus(errorCode)
return
case http.StatusInternalServerError:
staticTemplate(c, path.Join(ErrorsDir, "500.jet.html"))
c.AbortWithStatus(errorCode)
return
}
c.AbortWithStatus(errorCode)
return
}
func staticTemplate(c *gin.Context, templateName string) {

41
controllers/view_torrent_handler.go
Voir le fichier

@ -35,7 +35,13 @@ func ViewHandler(c *gin.Context) {
user := getUser(c)
if c.Request.URL.Query()["success"] != nil {
messages.AddInfo("infos", "Torrent uploaded successfully!")
messages.AddInfoT("infos", "torrent_uploaded")
}
if c.Request.URL.Query()["badcaptcha"] != nil {
messages.AddErrorT("errors", "bad_captcha")
}
if c.Request.URL.Query()["reported"] != nil {
messages.AddInfoTf("infos", "report_msg", id)
}
torrent, err := torrents.FindByID(uint(id))
@ -120,12 +126,15 @@ func PostCommentHandler(c *gin.Context) {
// ReportTorrentHandler : Controller for sending a torrent report
func ReportTorrentHandler(c *gin.Context) {
fmt.Println("report")
id, _ := strconv.ParseInt(c.Param("id"), 10, 32)
messages := msg.GetMessages(c)
captchaError := "?reported"
currentUser := getUser(c)
if currentUser.NeedsCaptcha() {
userCaptcha := captcha.Extract(c)
if !captcha.Authenticate(userCaptcha) {
captchaError = "?badcaptcha"
messages.AddErrorT("errors", "bad_captcha")
}
}
@ -139,8 +148,36 @@ func ReportTorrentHandler(c *gin.Context) {
if err != nil {
messages.ImportFromError("errors", err)
}
c.Redirect(http.StatusSeeOther, "/view/"+strconv.Itoa(int(torrent.ID))+captchaError)
} else {
ReportViewTorrentHandler(c)
}
}
// ReportTorrentHandler : Controller for sending a torrent report
func ReportViewTorrentHandler(c *gin.Context) {
type Report struct {
ID uint
CaptchaID string
}
id, _ := strconv.ParseInt(c.Param("id"), 10, 32)
messages := msg.GetMessages(c)
currentUser := getUser(c)
if currentUser.ID > 0 {
torrent, err := torrents.FindByID(uint(id))
if err != nil {
messages.Error(err)
}
captchaID := ""
if currentUser.NeedsCaptcha() {
captchaID = captcha.GetID()
}
formTemplate(c, "site/torrents/report.jet.html", Report{torrent.ID, captchaID})
} else {
c.Status(404)
}
ViewHandler(c)
}
// TorrentEditUserPanel : Controller for editing a user torrent by a user, after GET request

BIN
public/img/400.png Fichier normal
Voir le fichier

Fichier binaire non affiché.
Côte à côte

Après

Largeur:  |  Hauteur:  |  Taille: 541 KiB

BIN
public/img/500.png Fichier normal
Voir le fichier

Fichier binaire non affiché.
Côte à côte

Après

Largeur:  |  Hauteur:  |  Taille: 1.3 MiB

9
templates/errors/400.jet.html Fichier normal
Voir le fichier

@ -0,0 +1,9 @@
{{ extends "layouts/index_site" }}
{{block title()}}{{ T("error_400")}}{{end}}
{{block content_body()}}
<div style="text-align: center;">
<h1>{{ T("400_bad_request")}}</h1>
<img src="/img/400.png" />
</div>
{{end}}
{{block mascot()}}<br>{{end}}

9
templates/errors/500.jet.html Fichier normal
Voir le fichier

@ -0,0 +1,9 @@
{{ extends "layouts/index_site" }}
{{block title()}}{{ T("error_500")}}{{end}}
{{block content_body()}}
<div style="text-align: center;">
<h1>{{ T("500_internal_server_error")}}</h1>
<img src="/img/500.png" />
</div>
{{end}}
{{block mascot()}}<br>{{end}}

25
templates/site/torrents/report.jet.html Fichier normal
Voir le fichier

@ -0,0 +1,25 @@
{{ extends "layouts/index_site" }}
{{ import "layouts/partials/helpers/csrf" }}
{{ import "layouts/partials/helpers/captcha" }}
{{block title()}}{{ T("report_torrent_number", Form.ID) }}{{end}}
{{block content_body()}}
<div class="box">
<div class="user-form">
<h1>{{ T("report_torrent_number", Form.ID) }}</h1>
<form role="form" method="POST">
{{ yield csrf_field() }}
<div style="text-align:left">
<h3>{{ T("report_type") }}</h3>
<input type="radio" name="report_type" value="illegal_content" id="illegal" required> <label for="illegal">{{ T("illegal_content") }}</label><br />
<input type="radio" name="report_type" value="spam_garbage" id="spam" required> <label for="spam">{{ T("spam_garbage") }}</label><br />
<input type="radio" name="report_type" value="wrong_category" id="wrongcat" required> <label for="wrongcat">{{ T("wrong_category") }}</label><br />
<input type="radio" name="report_type" value="duplicate_deprecated" id="dup" required> <label for="dup">{{ T("duplicate_deprecated") }}</label><br />
</div>
<div class="comment-captcha">
{{yield captcha(captchaid=Form.CaptchaID)}}
</div>
<input id="confirm_changes" class="form-input up-input btn-green" name="submit_report" type="submit" value="{{ T("yes")}}">
</form>
</div>
</div>
{{end}}

4
templates/site/torrents/view.jet.html
Voir le fichier

@ -39,7 +39,9 @@
<td class="torrent-info-td torrent-info-label">{{ T("torrent_language")}}:</td>
<td class="tr-flag torrent-view-td torrent-info-data">
{{ range _, language := Torrent.Languages}}
{{ if language != "" }}
<img src="/img/blank.gif" alt="{{ LanguageName(language, T) }}" class="flag flag-{{FlagCode(language)}}" title="{{ LanguageName(language, T) }}"></img> {{ LanguageName(language, T) }}
{{end}}
{{end}}
</td>
</tr>
@ -57,7 +59,7 @@
<a href="/mod/torrent?id={{ Torrent.ID }}" class="form-input btn-orange">{{ T("edit") }}</a>
{{ else if User.CurrentUserIdentical(Torrent.UploaderID) }}
<a href="/torrent/delete?id={{ Torrent.ID }}" class="form-input btn-red" onclick="if (!confirm('{{ T("are_you_sure") }}')) return false;">{{ T("delete") }}</a>
<a href="/torrent/edit?id={{ Torrent.ID }}" class="form-input btn-orange">{{ T("edit") }}</a>
<a href="/torrent?id={{ Torrent.ID }}" class="form-input btn-orange">{{ T("edit") }}</a>
{{end}}
{{end}}
<div style="clear:both;"></div>

34
translations/en-us.all.json
Voir le fichier

@ -163,6 +163,14 @@
"id": "error_404",
"translation": "Error 404"
},
{
"id": "error_400",
"translation": "Error 400"
},
{
"id": "error_500",
"translation": "Error 500"
},
{
"id": "upload",
"translation": "Upload"
@ -187,6 +195,14 @@
"id": "404_not_found",
"translation": "404 Not Found"
},
{
"id": "500_internal_server_error",
"translation": "500 Internal Server Error"
},
{
"id": "400_bad_request",
"translation": "400 Bad Request"
},
{
"id": "no_torrents_uploaded",
"translation": "No torrents uploaded yet!"
@ -701,7 +717,7 @@
},
{
"id": "report_torrent_number",
"translation": "Report Torrent #%s"
"translation": "Report Torrent #%d"
},
{
"id": "report_type",
@ -861,19 +877,19 @@
},
{
"id": "torrent_deleted_by",
"translation": "Torrent #%s from %s has been deleted by %s."
"translation": "Torrent #%d from %s has been deleted by %s."
},
{
"id": "torrent_edited_by",
"translation": "Torrent #%s from %s has been edited by %s."
"translation": "Torrent #%d from %s has been edited by %s."
},
{
"id": "torrent_blocked_by",
"translation": "Torrent #%s from %s has been locked by %s."
"translation": "Torrent #%d from %s has been locked by %s."
},
{
"id": "torrent_blocked_by",
"translation": "Torrent #%s from %s has been unlocked by %s."
"translation": "Torrent #%d from %s has been unlocked by %s."
},
{
"id": "torrents_deleted",
@ -889,11 +905,11 @@
},
{
"id": "comment_deleted_by",
"translation": "Comment #%s from %s has been deleted by %s."
"translation": "Comment #%d from %s has been deleted by %s."
},
{
"id": "comment_edited_by",
"translation": "Comment #%s from %s has been edited by %s."
"translation": "Comment #%d from %s has been edited by %s."
},
{
"id": "no_action_exist",
@ -901,7 +917,7 @@
},
{
"id": "torrent_not_exist",
"translation": "Torrent with ID %s doesn't exist!"
"translation": "Torrent with ID %d doesn't exist!"
},
{
"id": "something_went_wrong",
@ -1253,7 +1269,7 @@
},
{
"id": "report_msg",
"translation": "The torrent #%s has been reported!"
"translation": "The torrent #%d has been reported!"
},
{
"id": "email_not_valid",