diff options
5 files changed, 49 insertions, 86 deletions
diff --git a/juick-server/src/main/java/com/juick/service/CrosspostService.java b/juick-server/src/main/java/com/juick/service/CrosspostService.java index 812d798f..467d1cbe 100644 --- a/juick-server/src/main/java/com/juick/service/CrosspostService.java +++ b/juick-server/src/main/java/com/juick/service/CrosspostService.java @@ -40,8 +40,6 @@ public interface CrosspostService { boolean createVKUser(long vkID, String loginhash, String token, String vkName, String vkLink); - boolean setUserRef(int uid, int ref); - String getFacebookNameByHash(String hash); String getTelegramNameByHash(String hash); diff --git a/juick-server/src/main/java/com/juick/service/CrosspostServiceImpl.java b/juick-server/src/main/java/com/juick/service/CrosspostServiceImpl.java index 4b3bd618..965f2b51 100644 --- a/juick-server/src/main/java/com/juick/service/CrosspostServiceImpl.java +++ b/juick-server/src/main/java/com/juick/service/CrosspostServiceImpl.java @@ -173,12 +173,6 @@ public class CrosspostServiceImpl extends BaseJdbcService implements CrosspostSe vkID, loginhash, token, vkName, vkLink) > 0; } - @Transactional - @Override - public boolean setUserRef(int uid, int ref) { - return getJdbcTemplate().update("INSERT INTO users_refs(user_id,ref) VALUES (?,?)", uid, ref) > 0; - } - @Transactional(readOnly = true) @Override public String getFacebookNameByHash(String hash) { diff --git a/juick-www/src/main/java/com/juick/www/controllers/Home.java b/juick-www/src/main/java/com/juick/www/controllers/Home.java index a362901c..4e6330a8 100644 --- a/juick-www/src/main/java/com/juick/www/controllers/Home.java +++ b/juick-www/src/main/java/com/juick/www/controllers/Home.java @@ -17,6 +17,7 @@ */ package com.juick.www.controllers; +import com.juick.server.util.HttpNotFoundException; import com.juick.service.AdsService; import com.juick.service.MessagesService; import com.juick.service.UserService; @@ -57,7 +58,7 @@ public class Home { WebApp webApp; @GetMapping("/{anything}/**") - protected void parseAnyThing(HttpServletResponse response, @PathVariable String anything, + protected String parseAnyThing(@PathVariable String anything, @RequestParam(required = false, defaultValue = "0") int before) throws IOException { if (before == 0) { boolean isPostNumber = WebUtils.isPostNumber(anything); @@ -69,24 +70,21 @@ public class Home { com.juick.User author = messagesService.getMessageAuthor(messageId); if (author != null) { - Utils.sendPermanentRedirect(response, "/" + author.getName() + "/" + anything); - return; + return "redirect:/" + author.getName() + "/" + anything; } } } com.juick.User user = userService.getUserByName(anything); if (user.getUid() > 0) { - Utils.sendPermanentRedirect(response, "/" + user.getName() + "/"); - return; + return "redirect:/" + user.getName() + "/"; } - response.sendError(HttpServletResponse.SC_NOT_FOUND); - return; + throw new HttpNotFoundException(); } com.juick.User user = userService.getUserByName(anything); if (user.getUid() > 0) { - Utils.sendPermanentRedirect(response, "/" + user.getName() + "/?before=" + before); + return "redirect:/" + user.getName() + "/?before=" + before; } else { - response.sendError(HttpServletResponse.SC_NOT_FOUND); + throw new HttpNotFoundException(); } } diff --git a/juick-www/src/main/java/com/juick/www/controllers/NewMessage.java b/juick-www/src/main/java/com/juick/www/controllers/NewMessage.java index 2c92f9d8..f7279fb8 100644 --- a/juick-www/src/main/java/com/juick/www/controllers/NewMessage.java +++ b/juick-www/src/main/java/com/juick/www/controllers/NewMessage.java @@ -17,9 +17,12 @@ */ package com.juick.www.controllers; +import com.juick.Status; import com.juick.Tag; import com.juick.server.helpers.TagStats; import com.juick.server.util.HttpBadRequestException; +import com.juick.server.util.HttpForbiddenException; +import com.juick.server.util.HttpNotFoundException; import com.juick.server.util.HttpUtils; import com.juick.service.*; import com.juick.util.UserUtils; @@ -29,13 +32,15 @@ import org.apache.commons.io.FilenameUtils; import org.apache.commons.lang3.CharEncoding; import org.apache.commons.lang3.StringEscapeUtils; import org.apache.commons.lang3.StringUtils; -import org.apache.commons.lang3.math.NumberUtils; import org.imgscalr.Scalr; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.core.env.Environment; import org.springframework.stereotype.Controller; -import org.springframework.web.bind.annotation.*; +import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.PostMapping; +import org.springframework.web.bind.annotation.RequestParam; +import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.multipart.MultipartFile; import rocks.xmpp.addr.Jid; import rocks.xmpp.core.stanza.model.Message; @@ -313,47 +318,41 @@ public class NewMessage { } @PostMapping("/comment") - public void doPostComment(HttpServletRequest request, HttpServletResponse response, - @RequestParam(required = false) String img, - @RequestParam(required = false) MultipartFile attach) throws IOException { + public String doPostComment( + @RequestParam(required = false, defaultValue = "0") Integer mid, + @RequestParam(required = false, defaultValue = "0") Integer rid, + @RequestParam String body, + @RequestParam(required = false) String img, + @RequestParam(required = false) MultipartFile attach) throws IOException { com.juick.User visitor = UserUtils.getCurrentUser(); if (visitor.getUid() == 0) { - response.sendError(HttpServletResponse.SC_FORBIDDEN); - return; + throw new HttpForbiddenException(); } - int mid = NumberUtils.toInt(request.getParameter("mid"), 0); if (mid == 0) { - response.sendError(HttpServletResponse.SC_BAD_REQUEST); - return; + throw new HttpBadRequestException(); } com.juick.Message msg = messagesService.getMessage(mid); if (msg == null) { - response.sendError(HttpServletResponse.SC_NOT_FOUND); - return; + throw new HttpNotFoundException(); } - int rid = NumberUtils.toInt(request.getParameter("rid"), 0); com.juick.Message reply = null; if (rid > 0) { reply = messagesService.getReply(mid, rid); if (reply == null) { - response.sendError(HttpServletResponse.SC_NOT_FOUND); - return; + throw new HttpNotFoundException(); } } - String body = request.getParameter("body"); - if (body == null || body.length() < 1 || body.length() > 4096) { - response.sendError(HttpServletResponse.SC_BAD_REQUEST); - return; + if (body.length() < 1 || body.length() > 4096) { + throw new HttpBadRequestException(); } body = body.replace("\r", StringUtils.EMPTY); if ((msg.ReadOnly && msg.getUser().getUid() != visitor.getUid()) || userService.isInBLAny(msg.getUser().getUid(), visitor.getUid()) || (reply != null && userService.isInBLAny(reply.getUser().getUid(), visitor.getUid()))) { - response.sendError(HttpServletResponse.SC_FORBIDDEN); - return; + throw new HttpForbiddenException(); } String attachmentFName = HttpUtils.receiveMultiPartFile(attach, webApp.getTmpDir()); @@ -427,29 +426,22 @@ public class NewMessage { logger.warn("XMPP unavailable"); } - Utils.sendTemporaryRedirect(response, "/" + msg.getUser().getName() + "/" + mid + "#" + ridnew); + return "redirect:/" + msg.getUser().getName() + "/" + mid + "#" + ridnew; } @PostMapping("/like") - public void doPostRecomm(HttpServletRequest request, HttpServletResponse response) throws IOException { + @ResponseBody + public Status doPostRecomm(@RequestParam Integer mid) throws IOException { com.juick.User visitor = UserUtils.getCurrentUser(); if (visitor.getUid() == 0) { - response.sendError(HttpServletResponse.SC_FORBIDDEN); - return; - } - int mid = NumberUtils.toInt(request.getParameter("mid"), 0); - if (mid == 0) { - response.sendError(HttpServletResponse.SC_BAD_REQUEST); - return; + throw new HttpForbiddenException(); } com.juick.Message msg = messagesService.getMessage(mid); if (msg == null) { - response.sendError(HttpServletResponse.SC_NOT_FOUND); - return; + throw new HttpNotFoundException(); } if (msg.getUser().getUid() == visitor.getUid()) { - response.sendError(HttpServletResponse.SC_FORBIDDEN); - return; + throw new HttpForbiddenException(); } boolean res = messagesService.recommendMessage(mid, visitor.getUid()); @@ -468,9 +460,9 @@ public class NewMessage { logger.warn("XMPP unavailable"); } - Utils.replyJSON(request, response, "{\"status\":\"ok\"}"); + return Status.OK; } else { - response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + throw new HttpBadRequestException(); } } } diff --git a/juick-www/src/main/java/com/juick/www/controllers/SignUp.java b/juick-www/src/main/java/com/juick/www/controllers/SignUp.java index d07c3227..4746292b 100644 --- a/juick-www/src/main/java/com/juick/www/controllers/SignUp.java +++ b/juick-www/src/main/java/com/juick/www/controllers/SignUp.java @@ -23,16 +23,15 @@ import com.juick.service.CrosspostService; import com.juick.service.MessagesService; import com.juick.service.UserService; import com.juick.util.UserUtils; -import com.juick.www.Utils; import com.juick.www.WebApp; import org.springframework.stereotype.Controller; import org.springframework.ui.ModelMap; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.PostMapping; +import org.springframework.web.bind.annotation.RequestParam; import javax.inject.Inject; import javax.servlet.http.Cookie; -import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; /** @@ -53,13 +52,11 @@ public class SignUp { @GetMapping("/signup") - protected String doGet(HttpServletRequest request, HttpServletResponse response, ModelMap model) { + protected String doGet(@RequestParam String type, @RequestParam String hash, ModelMap model) { com.juick.User visitor = UserUtils.getCurrentUser(); - String type = request.getParameter("type"); - String hash = request.getParameter("hash"); - if (type == null || type.isEmpty() || hash == null || hash.isEmpty() || hash.length() > 36 - || !type.matches("^[a-zA-Z0-9\\-]+$") || !hash.matches("^[a-zA-Z0-9\\-]+$")) { + if (hash.length() > 36 || !type.matches("^[a-zA-Z0-9\\-]+$") + || !hash.matches("^[a-zA-Z0-9\\-]+$")) { throw new HttpBadRequestException(); } @@ -92,23 +89,24 @@ public class SignUp { } @PostMapping("/signup") - protected String doPost(HttpServletRequest request, HttpServletResponse response) { + protected String doPost( + HttpServletResponse response, + @RequestParam String type, + @RequestParam String hash, + @RequestParam String action, + @RequestParam String username, + @RequestParam String password) { com.juick.User visitor = UserUtils.getCurrentUser(); int uid = 0; - String type = request.getParameter("type"); - String hash = request.getParameter("hash"); - if (type == null || type.isEmpty() || hash == null || hash.isEmpty() || hash.length() > 36 || !type.matches("^[a-zA-Z0-9\\-]+$") || !hash.matches("^[a-zA-Z0-9\\-]+$")) { + if (hash.length() > 36 || !type.matches("^[a-zA-Z0-9\\-]+$") || !hash.matches("^[a-zA-Z0-9\\-]+$")) { throw new HttpBadRequestException(); } - String action = request.getParameter("action"); if (action.charAt(0) == 'l') { if (visitor.getUid() == 0) { - String username = request.getParameter("username"); - String password = request.getParameter("password"); - if (username == null || password == null || username.length() > 32 || password.isEmpty()) { + if (username.length() > 32) { throw new HttpBadRequestException(); } uid = userService.checkPassword(username, password); @@ -128,9 +126,7 @@ public class SignUp { } } else { // Create new account - String username = request.getParameter("username"); - String password = request.getParameter("password"); - if (username == null || password == null || username.length() < 2 || username.length() > 16 || !username.matches("^[a-zA-Z0-9\\-]+$") || password.length() < 6 || password.length() > 32) { + if (username.length() < 2 || username.length() > 16 || !username.matches("^[a-zA-Z0-9\\-]+$") || password.length() < 6 || password.length() > 32) { throw new HttpBadRequestException(); } @@ -147,21 +143,6 @@ public class SignUp { && !(type.charAt(0) == 'x' && crosspostService.setJIDUser(hash, uid))) { throw new HttpBadRequestException(); } - - int ref = 0; - String sRef = Utils.getCookie(request, "ref"); - if (sRef != null) { - try { - ref = Integer.parseInt(sRef); - } catch (Exception e) { - } - } - - if (ref > 0) { - crosspostService.setUserRef(uid, ref); - } - - visitor = null; } if (visitor == null) { |