aboutsummaryrefslogtreecommitdiff
path: root/src/java/com/juick/http/www
diff options
context:
space:
mode:
authorGravatar Ugnich Anton2012-02-20 21:38:29 +0700
committerGravatar Ugnich Anton2012-02-20 21:38:29 +0700
commit34da94d887ae7be134d17c4bc9e101a8c198b300 (patch)
tree2e3d3444fdb4c4508072a39b9962965556111fe2 /src/java/com/juick/http/www
parent2acfbc4184eec216c2a394029962aa2905c6b0a2 (diff)
Bugfixes
Diffstat (limited to 'src/java/com/juick/http/www')
-rw-r--r--src/java/com/juick/http/www/Blogs.java36
-rw-r--r--src/java/com/juick/http/www/Login.java4
-rw-r--r--src/java/com/juick/http/www/Main.java2
-rw-r--r--src/java/com/juick/http/www/NewMessage.java12
-rw-r--r--src/java/com/juick/http/www/PageTemplates.java13
-rw-r--r--src/java/com/juick/http/www/UserThread.java38
6 files changed, 79 insertions, 26 deletions
diff --git a/src/java/com/juick/http/www/Blogs.java b/src/java/com/juick/http/www/Blogs.java
index 1e212b7a..a1cfdeb0 100644
--- a/src/java/com/juick/http/www/Blogs.java
+++ b/src/java/com/juick/http/www/Blogs.java
@@ -83,17 +83,37 @@ public class Blogs {
mids = MessagesQueries.getAll(sql, paramBefore);
}
} else if (paramShow.equals("my")) {
- title = rb.getString("My feed");
- mids = MessagesQueries.getMyFeed(sql, visitor.UID, paramBefore);
+ if (visitor != null) {
+ title = rb.getString("My feed");
+ mids = MessagesQueries.getMyFeed(sql, visitor.UID, paramBefore);
+ } else {
+ response.sendError(404);
+ return;
+ }
} else if (paramShow.equals("private")) {
- title = rb.getString("Private");
- mids = MessagesQueries.getPrivate(sql, visitor.UID, paramBefore);
+ if (visitor != null) {
+ title = rb.getString("Private");
+ mids = MessagesQueries.getPrivate(sql, visitor.UID, paramBefore);
+ } else {
+ response.sendError(404);
+ return;
+ }
} else if (paramShow.equals("incoming")) {
- title = rb.getString("Incoming");
- mids = MessagesQueries.getIncoming(sql, visitor.UID, paramBefore);
+ if (visitor != null) {
+ title = rb.getString("Incoming");
+ mids = MessagesQueries.getIncoming(sql, visitor.UID, paramBefore);
+ } else {
+ response.sendError(404);
+ return;
+ }
} else if (paramShow.equals("recommended")) {
- title = rb.getString("Recommended");
- mids = MessagesQueries.getRecommended(sql, visitor.UID, paramBefore);
+ if (visitor != null) {
+ title = rb.getString("Recommended");
+ mids = MessagesQueries.getRecommended(sql, visitor.UID, paramBefore);
+ } else {
+ response.sendError(404);
+ return;
+ }
} else if (paramShow.equals("top")) {
title = rb.getString("Popular");
mids = MessagesQueries.getPopular(sql, paramBefore);
diff --git a/src/java/com/juick/http/www/Login.java b/src/java/com/juick/http/www/Login.java
index 1baf6e43..0006f9d0 100644
--- a/src/java/com/juick/http/www/Login.java
+++ b/src/java/com/juick/http/www/Login.java
@@ -73,7 +73,7 @@ public class Login {
if (com.juick.server.UserQueries.getUIDbyHash(sql, hash) > 0) {
Cookie c = new Cookie("hash", hash);
c.setDomain(".juick.com");
- c.setMaxAge(0);
+ c.setMaxAge(365 * 24 * 60 * 60);
response.addCookie(c);
response.sendRedirect("/");
@@ -95,7 +95,7 @@ public class Login {
String hash = com.juick.server.UserQueries.getHashByUID(sql, uid);
Cookie c = new Cookie("hash", hash);
c.setDomain(".juick.com");
- c.setMaxAge(0);
+ c.setMaxAge(365 * 24 * 60 * 60);
response.addCookie(c);
String referer = request.getHeader("Referer");
diff --git a/src/java/com/juick/http/www/Main.java b/src/java/com/juick/http/www/Main.java
index b7f95a4a..910a554f 100644
--- a/src/java/com/juick/http/www/Main.java
+++ b/src/java/com/juick/http/www/Main.java
@@ -149,7 +149,7 @@ public class Main extends HttpServlet implements XmppListener {
//TODO settings
} else if (uri.matches("^/\\d+$")) {
rootRedirects.doGetPostID(sql, request, response);
- } else if (uri.matches("^/[^/]$")) {
+ } else if (uri.matches("^/[^/]+$")) {
rootRedirects.doGetUsername(sql, request, response);
} else if (uri.matches("^/.+/.*")) {
String uriparts[] = uri.split("/");
diff --git a/src/java/com/juick/http/www/NewMessage.java b/src/java/com/juick/http/www/NewMessage.java
index 1beacf62..d35af8f3 100644
--- a/src/java/com/juick/http/www/NewMessage.java
+++ b/src/java/com/juick/http/www/NewMessage.java
@@ -54,10 +54,18 @@ public class NewMessage {
out.println("<div id=\"wrapper\"><div id=\"content\" class=\"pagetext\">");
out.println("<form action=\"/post\" method=\"post\" id=\"postmsg\" enctype=\"multipart/form-data\">");
out.println("<p style=\"text-align: left\"><b>" + rbnm.getString("Location") + ": <span id=\"location\"></span></b> <span id=\"locationclear\">&mdash; <a href=\"#\" onclick=\"clearLocation()\">" + rbnm.getString("Clear") + "</a></span></p>");
- out.println("<p style=\"text-align: left\"><b>" + rbnm.getString("Attachment") + ":</b> <span id=\"attachmentfile\"><input type=\"file\" name=\"attach\"$canmedia/> " + rbnm.getString("or") + " <a href=\"#\" onclick=\"webcamShow(); return false;\">" + rbnm.getString("from webcam") + "</a><br/>");
+ out.println("<p style=\"text-align: left\"><b>" + rbnm.getString("Attachment") + ":</b> <span id=\"attachmentfile\"><input type=\"file\" name=\"attach\"" + (com.juick.server.UserQueries.getCanMedia(sql, visitor.UID) ? "" : " disabled=\"disabled\"") + "/> " + rbnm.getString("or") + " <a href=\"#\" onclick=\"webcamShow(); return false;\">" + rbnm.getString("from webcam") + "</a><br/>");
out.println("<i>" + rbnm.getString("Photo_JPG") + "</i></span><span id=\"attachmentwebcam\">" + rbnm.getString("Webcam photo") + " &mdash; <a href=\"#\" onclick=\"clearAttachment(); return false;\">" + rbnm.getString("Clear") + "</a></span></p>");
out.println("<div id=\"webcamwrap\" style=\"width: 320px; margin: 0 auto\"><div id=\"webcam\"></div></div>");
- out.println("<p><textarea name=\"body\" rows=\"7\" cols=\"10\">" + "" + "</textarea><br/>");
+
+ String body = request.getParameter("body");
+ if (body != null && body.length() < 4096) {
+ body = Utils.encodeHTML(body);
+ } else {
+ body = "";
+ }
+ out.println("<p><textarea name=\"body\" class=\"newmessage\" rows=\"7\" cols=\"10\">" + body + "</textarea><br/>");
+
out.println("<input type=\"hidden\" name=\"place_id\"/><input type=\"hidden\" name=\"webcam\"/>" + "" + "<input type=\"submit\" class=\"subm\" value=\" " + rbnm.getString("Post") + " \"/></p>");
out.println("</form>");
out.println("<div id=\"geomap\"></div>");
diff --git a/src/java/com/juick/http/www/PageTemplates.java b/src/java/com/juick/http/www/PageTemplates.java
index 4997f778..b7b2f536 100644
--- a/src/java/com/juick/http/www/PageTemplates.java
+++ b/src/java/com/juick/http/www/PageTemplates.java
@@ -62,7 +62,7 @@ public class PageTemplates {
public static void pageNavigation(PrintWriter out, Locale loc, com.juick.User user) {
ResourceBundle rb = ResourceBundle.getBundle("Global", loc);
out.println("<div id=\"header\">");
- out.println("<div id=\"logo\"><a href=\"/?show=my\"><img src=\"http://static.juick.com/logo3.png\" width=\"120\" height=\"40\" alt=\"Juick\"/></a></div>");
+ out.println("<div id=\"logo\"><a href=\"" + (user != null ? "/?show=my" : "/") + "\"><img src=\"http://static.juick.com/logo3.png\" width=\"120\" height=\"40\" alt=\"Juick\"/></a></div>");
out.println(" <ul id=\"nav\">");
out.println(" <li><a href=\"/\">" + rb.getString("Blogs") + "</a></li>");
// out.println(" <li><a href=\"/chats\">" + rb.getString("Chats") + "</a></li>");
@@ -324,9 +324,12 @@ public class PageTemplates {
// lat
// lon
+ boolean cancomment = true;
+
tags = (tags != null) ? formatTags(tags) : "";
if (rs.getInt(5) == 1) {
tags += " *readonly";
+ cancomment = false;
}
switch (rs.getInt(6)) {
case 2:
@@ -361,7 +364,9 @@ public class PageTemplates {
out.println(" <div class=\"msg-avatar\"><a href=\"/" + uname + "/\"><img src=\"http://i.juick.com/a/" + uid + ".png\" alt=\"" + uname + "\"/></a></div>");
out.println(" <div class=\"msg-ts\"><a href=\"/" + uname + "/" + mid + "\">" + formatDate(rs.getInt(8), rs.getString(9), locale) + "</a><div class=\"msg-menu\"><a href=\"#\" onclick=\"$('#msg-menu-" + mid + "').toggle('blind'); return false\"><img src=\"http://static.juick.com/message-menu-icon.png\"></a><ul id=\"msg-menu-" + mid + "\">");
- out.println(" <li><a href=\"#\" onclick=\"return false\">Under construction</a></li>");
+ out.println(" <li><a href=\"/post?body=%21%20%23" + mid + "\">" + rb.getString("Recommend message") + "</a></li>");
+ out.println(" <li><a href=\"/post?body=%40" + uname + "%20\">" + rb.getString("Send private message") + "</a></li>");
+ out.println(" <li><a href=\"/post?body=BL%20%40" + uname + "\">" + rb.getString("Block user") + "</a></li>");
out.println(" </ul></div></div>");
out.println(" <div class=\"msg-header\"><a href=\"/" + uname + "/\">@" + uname + "</a>:" + tags + "</div>");
out.println(" <div class=\"msg-txt\">" + txt + "</div>");
@@ -372,9 +377,9 @@ public class PageTemplates {
repliesby = "...";
}
out.println(" <div class=\"msg-comments\"><a href=\"/" + uname + "/" + mid + "\">" + formatReplies(rs.getInt(10), locale) + "</a> " + rb.getString("(replies) by") + " " + repliesby + "</div>");
- } else {
+ } else if (cancomment) {
out.println(" <form action=\"/post\" method=\"POST\" enctype=\"multipart/form-data\"><input type=\"hidden\" name=\"mid\" value=\"" + mid + "\"/>");
- out.println(" <div class=\"msg-comment\"><textarea name=\"body\" rows=\"1\" class=\"reply\" placeholder=\"Add a comment...\" onkeypress=\"postformListener(this.form,event)\"></textarea></div>");
+ out.println(" <div class=\"msg-comment\"><textarea name=\"body\" rows=\"1\" class=\"reply\" placeholder=\"Add a comment...\" onkeypress=\"postformListener(this.form,event)\"></textarea><input type=\"submit\" value=\"OK\"/></div>");
out.println(" </form>");
}
out.println(" </li>");
diff --git a/src/java/com/juick/http/www/UserThread.java b/src/java/com/juick/http/www/UserThread.java
index eb3adfad..406698bf 100644
--- a/src/java/com/juick/http/www/UserThread.java
+++ b/src/java/com/juick/http/www/UserThread.java
@@ -17,6 +17,7 @@
*/
package com.juick.http.www;
+import com.juick.server.MessagesQueries;
import com.juick.server.UserQueries;
import java.io.IOException;
import java.io.PrintWriter;
@@ -41,6 +42,11 @@ public class UserThread {
com.juick.User visitor = Utils.getVisitorUser(sql, request);
Locale locale = request.getLocale();
+ if (!MessagesQueries.canViewThread(sql, MID, visitor != null ? visitor.UID : 0)) {
+ response.sendError(403);
+ return;
+ }
+
boolean listview = false;
String paramView = request.getParameter("view");
if (paramView != null) {
@@ -65,6 +71,7 @@ public class UserThread {
PageTemplates.pageNavigation(out, locale, visitor);
PageTemplates.pageUserTitle(out, sql, locale, user, visitor);
+
out.println("<div id=\"wrapper\">");
out.println("<div id=\"content\" style=\"margin-left: 0; width: 100%\">");
@@ -105,9 +112,12 @@ public class UserThread {
// lat
// lon
+ boolean cancomment = true;
+
tags = (tags != null) ? PageTemplates.formatTags(tags) : "";
if (rs.getInt(5) == 1) {
tags += " *readonly";
+ cancomment = false;
}
switch (rs.getInt(6)) {
case 2:
@@ -139,14 +149,18 @@ public class UserThread {
out.println(" <div class=\"msg-avatar\"><a href=\"/" + uname + "/\"><img src=\"http://i.juick.com/a/" + uid + ".png\" alt=\"" + uname + "\"/></a></div>");
out.println(" <div class=\"msg-ts\"><a href=\"/" + uname + "/" + mid + "\">" + PageTemplates.formatDate(rs.getInt(8), rs.getString(9), locale) + "</a><div class=\"msg-menu\"><a href=\"#\" onclick=\"$('#msg-menu-" + mid + "').toggle('blind'); return false\"><img src=\"http://static.juick.com/message-menu-icon.png\"></a><ul id=\"msg-menu-" + mid + "\">");
- out.println(" <li><a href=\"#\" onclick=\"return false\">Under construction</a></li>");
+ out.println(" <li><a href=\"/post?body=%21%20%23" + mid + "\">" + rb.getString("Recommend message") + "</a></li>");
+ out.println(" <li><a href=\"/post?body=%40" + uname + "%20\">" + rb.getString("Send private message") + "</a></li>");
+ out.println(" <li><a href=\"/post?body=BL%20%40" + uname + "\">" + rb.getString("Block user") + "</a></li>");
out.println(" </ul></div></div>");
out.println(" <div class=\"msg-header\"><a href=\"/" + uname + "/\">@" + uname + "</a>:" + tags + "</div>");
out.println(" <div class=\"msg-txt\">" + txt + "</div>");
- out.println(" <form action=\"/post\" method=\"POST\" enctype=\"multipart/form-data\"><input type=\"hidden\" name=\"mid\" value=\"" + mid + "\"/>");
- out.println(" <div class=\"msg-comment\"><textarea name=\"body\" rows=\"1\" class=\"reply\" placeholder=\"Add a comment...\" onkeypress=\"postformListener(this.form,event)\"></textarea></div>");
- out.println(" </form>");
+ if (cancomment) {
+ out.println(" <form action=\"/post\" method=\"POST\" enctype=\"multipart/form-data\"><input type=\"hidden\" name=\"mid\" value=\"" + mid + "\"/>");
+ out.println(" <div class=\"msg-comment\"><textarea name=\"body\" rows=\"1\" class=\"reply\" placeholder=\"Add a comment...\" onkeypress=\"postformListener(this.form,event)\"></textarea><input type=\"submit\" value=\"OK\"/></div>");
+ out.println(" </form>");
+ }
out.println(" </li>");
out.println("</ul>");
@@ -259,8 +273,9 @@ public class UserThread {
}
}
out.println(" <div class=\"msg-avatar\"><a href=\"/" + msg.User.UName + "/\"><img src=\"http://i.juick.com/a/" + msg.User.UID + ".png\" alt=\"" + msg.User.UName + "\"/></a></div>");
- out.println(" <div class=\"msg-ts\"><a href=\"/" + msg.User.UName + "/" + msg.MID + "#" + msg.RID + "\">" + PageTemplates.formatDate(msg.MinutesAgo, msg.TimestampString, locale) + "</a><div class=\"msg-menu\"><a href=\"#\" onclick=\"$('#msg-menu-" + msg.MID + "-" + msg.RID + "').toggle('blind'); return false\"><img src=\"http://static.juick.com/message-menu-icon.png\"/></a><ul id=\"msg-menu-" + msg.MID + "-" + msg.RID + "\">");
- out.println(" <li><a href=\"#\" onclick=\"return false\">Under construction</a></li>");
+ out.println(" <div class=\"msg-ts\"><a href=\"/" + msg.MID + "#" + msg.RID + "\">" + PageTemplates.formatDate(msg.MinutesAgo, msg.TimestampString, locale) + "</a><div class=\"msg-menu\"><a href=\"#\" onclick=\"$('#msg-menu-" + msg.MID + "-" + msg.RID + "').toggle('blind'); return false\"><img src=\"http://static.juick.com/message-menu-icon.png\"/></a><ul id=\"msg-menu-" + msg.MID + "-" + msg.RID + "\">");
+ out.println(" <li><a href=\"/post?body=%40" + msg.User.UName + "%20\">" + rb.getString("Send private message") + "</a></li>");
+ out.println(" <li><a href=\"/post?body=BL%20%40" + msg.User.UName + "\">" + rb.getString("Block user") + "</a></li>");
out.println(" </ul></div></div>");
out.println(" <div class=\"msg-header\"><a href=\"/" + msg.User.UName + "/\">@" + msg.User.UName + "</a>:</div>");
out.println(" <div class=\"msg-txt\">" + msg.Text + "</div>");
@@ -297,12 +312,17 @@ public class UserThread {
}
}
out.println(" <div class=\"msg-avatar\"><a href=\"/" + msg.User.UName + "/\"><img src=\"http://i.juick.com/a/" + msg.User.UID + ".png\"></a></div>");
- out.println(" <div class=\"msg-ts\"><a href=\"/" + msg.User.UName + "/" + msg.MID + "#" + msg.RID + "\">" + PageTemplates.formatDate(msg.MinutesAgo, msg.TimestampString, locale) + "</a><div class=\"msg-menu\"><a href=\"#\" onclick=\"return msgMenu(" + msg.MID + ")\"><img src=\"http://static.juick.com/message-menu-icon.png\"></a><ul id=\"msg-menu-" + msg.MID + "\">");
- out.println(" <li><a href=\"#\" onclick=\"return false\">Under construction</a></li>");
+ out.println(" <div class=\"msg-ts\"><a href=\"/" + msg.MID + "#" + msg.RID + "\">" + PageTemplates.formatDate(msg.MinutesAgo, msg.TimestampString, locale) + "</a><div class=\"msg-menu\"><a href=\"#\" onclick=\"$('#msg-menu-" + msg.MID + "-" + msg.RID + "').toggle('blind'); return false\"><img src=\"http://static.juick.com/message-menu-icon.png\"></a><ul id=\"msg-menu-" + msg.MID + "\">");
+ out.println(" <li><a href=\"/post?body=%40" + msg.User.UName + "%20\">" + rb.getString("Send private message") + "</a></li>");
+ out.println(" <li><a href=\"/post?body=BL%20%40" + msg.User.UName + "\">" + rb.getString("Block user") + "</a></li>");
out.println(" </ul></div></div>");
out.println(" <div class=\"msg-header\"><a href=\"/" + msg.User.UName + "/\">@" + msg.User.UName + "</a>:</div>");
out.println(" <div class=\"msg-txt\">" + msg.Text + "</div>");
- out.println(" <div class=\"msg-links\"><a href=\"#\" onclick=\"return showCommentForm(" + msg.MID + "," + msg.RID + ")\">" + rb.getString("Comment") + "</a></div>");
+ out.print(" <div class=\"msg-links\">/" + msg.RID);
+ if (msg.ReplyTo > 0) {
+ out.print(" " + rb.getString("in reply to") + " <a href=\"#" + msg.ReplyTo + "\">/" + msg.ReplyTo + "</a>");
+ }
+ out.println(" &#183; <a href=\"#\" onclick=\"return showCommentForm(" + msg.MID + "," + msg.RID + ")\">" + rb.getString("Comment") + "</a></div>");
out.println(" <div class=\"msg-comment\" style=\"display: none\"></div>");
out.println(" </li>");
}