f351c2b047
Use this instead of joining with forward-slashes because it's possible that a torrent uses "foo/bar" as a filename or part of the directory list.
107 lignes
3 Kio
Go
107 lignes
3 Kio
Go
package router
|
|
|
|
import (
|
|
"fmt"
|
|
"net/http"
|
|
"strconv"
|
|
"time"
|
|
|
|
"github.com/ewhal/nyaa/config"
|
|
"github.com/ewhal/nyaa/db"
|
|
"github.com/ewhal/nyaa/model"
|
|
"github.com/ewhal/nyaa/service/captcha"
|
|
"github.com/ewhal/nyaa/service/user/permission"
|
|
"github.com/ewhal/nyaa/util/languages"
|
|
"github.com/gorilla/mux"
|
|
)
|
|
|
|
func UploadHandler(w http.ResponseWriter, r *http.Request) {
|
|
if config.UploadsDisabled {
|
|
http.Error(w, "Error uploads are disabled", http.StatusInternalServerError)
|
|
return
|
|
}
|
|
var uploadForm UploadForm
|
|
if r.Method == "POST" {
|
|
defer r.Body.Close()
|
|
user := GetUser(r)
|
|
if userPermission.NeedsCaptcha(user) {
|
|
userCaptcha := captcha.Extract(r)
|
|
if !captcha.Authenticate(userCaptcha) {
|
|
http.Error(w, captcha.ErrInvalidCaptcha.Error(), http.StatusInternalServerError)
|
|
return
|
|
}
|
|
}
|
|
|
|
// validation is done in ExtractInfo()
|
|
err := uploadForm.ExtractInfo(r)
|
|
if err != nil {
|
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
|
return
|
|
}
|
|
status := 1 // normal
|
|
if uploadForm.Remake { // overrides trusted
|
|
status = 2
|
|
} else if user.Status == 1 {
|
|
status = 3 // mark as trusted if user is trusted
|
|
}
|
|
|
|
var sameTorrents int
|
|
db.ORM.Model(&model.Torrent{}).Where("torrent_hash = ?", uploadForm.Infohash).Count(&sameTorrents)
|
|
if (sameTorrents == 0) {
|
|
// add to db and redirect
|
|
torrent := model.Torrent{
|
|
Name: uploadForm.Name,
|
|
Category: uploadForm.CategoryID,
|
|
SubCategory: uploadForm.SubCategoryID,
|
|
Status: status,
|
|
Hash: uploadForm.Infohash,
|
|
Date: time.Now(),
|
|
Filesize: uploadForm.Filesize,
|
|
Description: uploadForm.Description,
|
|
UploaderID: user.ID}
|
|
db.ORM.Create(&torrent)
|
|
|
|
// add filelist to files db, if we have one
|
|
if len(uploadForm.FileList) > 0 {
|
|
for _, uploadedFile := range uploadForm.FileList {
|
|
file := model.File{TorrentID: torrent.ID, Filesize: uploadedFile.Filesize}
|
|
err := file.SetPath(uploadedFile.Path)
|
|
if err != nil {
|
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
|
return
|
|
}
|
|
db.ORM.Create(&file)
|
|
}
|
|
}
|
|
|
|
url, err := Router.Get("view_torrent").URL("id", strconv.FormatUint(uint64(torrent.ID), 10))
|
|
if err != nil {
|
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
|
return
|
|
}
|
|
http.Redirect(w, r, url.String(), 302)
|
|
} else {
|
|
http.Error(w, fmt.Errorf("Torrent already in database!").Error(), http.StatusInternalServerError)
|
|
return
|
|
}
|
|
} else if r.Method == "GET" {
|
|
user := GetUser(r)
|
|
if userPermission.NeedsCaptcha(user) {
|
|
uploadForm.CaptchaID = captcha.GetID()
|
|
} else {
|
|
uploadForm.CaptchaID = ""
|
|
}
|
|
|
|
|
|
htv := UploadTemplateVariables{uploadForm, NewSearchForm(), NewNavigation(), GetUser(r), r.URL, mux.CurrentRoute(r)}
|
|
languages.SetTranslationFromRequest(uploadTemplate, r)
|
|
err := uploadTemplate.ExecuteTemplate(w, "index.html", htv)
|
|
if err != nil {
|
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
|
return
|
|
}
|
|
} else {
|
|
w.WriteHeader(http.StatusMethodNotAllowed)
|
|
return
|
|
}
|
|
}
|