diff options
Diffstat (limited to 'src/main/java/com/juick/http')
18 files changed, 3875 insertions, 0 deletions
diff --git a/src/main/java/com/juick/http/www/Discover.java b/src/main/java/com/juick/http/www/Discover.java new file mode 100644 index 00000000..bdb86380 --- /dev/null +++ b/src/main/java/com/juick/http/www/Discover.java @@ -0,0 +1,120 @@ +/* + * Juick + * Copyright (C) 2008-2011, Ugnich Anton + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ +package com.juick.http.www; + +import com.juick.server.AdsQueries; +import com.juick.server.MessagesQueries; +import com.juick.server.TagQueries; +import org.springframework.jdbc.core.JdbcTemplate; + +import java.io.IOException; +import java.io.PrintWriter; +import java.net.URLDecoder; +import java.net.URLEncoder; +import java.sql.Connection; +import java.util.ArrayList; +import java.util.List; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +/** + * + * @author Ugnich Anton + */ +public class Discover { + + protected void doGet(JdbcTemplate sql, JdbcTemplate sqlSearch, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + + String paramTagStr = URLDecoder.decode(request.getRequestURI().substring(5), "UTF-8"); + com.juick.Tag paramTag = TagQueries.getTag(sql, paramTagStr, false); + if (paramTag == null) { + Errors.doGet404(sql, request, response); + return; + } else if (paramTag.SynonymID > 0 && paramTag.TID != paramTag.SynonymID) { + com.juick.Tag synTag = TagQueries.getTag(sql, paramTag.SynonymID); + String url = "/tag/" + URLEncoder.encode(synTag.Name, "UTF-8"); + if (request.getQueryString() != null) { + url += "?" + request.getQueryString(); + } + Utils.sendPermanentRedirect(response, url); + return; + } else if (!paramTag.Name.equals(paramTagStr)) { + String url = "/tag/" + URLEncoder.encode(paramTag.Name, "UTF-8"); + if (request.getQueryString() != null) { + url += "?" + request.getQueryString(); + } + Utils.sendPermanentRedirect(response, url); + return; + } + + int paramBefore = 0; + String paramBeforeStr = request.getParameter("before"); + if (paramBeforeStr != null) { + try { + paramBefore = Integer.parseInt(paramBeforeStr); + } catch (NumberFormatException e) { + } + } + + int visitor_uid = visitor != null ? visitor.getUID() : 0; + + String title = "*" + Utils.encodeHTML(paramTag.Name); + List<Integer> mids = MessagesQueries.getTag(sql, paramTag.TID, visitor_uid, paramBefore, (visitor == null) ? 40 : 20); + + response.setContentType("text/html; charset=UTF-8"); + try (PrintWriter out = response.getWriter()) { + String head = ""; + if (TagQueries.getTagNoIndex(sql, paramTag.TID)) { + head = "<meta name=\"robots\" content=\"noindex,nofollow\"/>"; + } else if (paramBefore > 0 || mids.size() < 5) { + head = "<meta name=\"robots\" content=\"noindex\"/>"; + } + PageTemplates.pageHead(out, title, head); + PageTemplates.pageNavigation(out, visitor, null); + PageTemplates.pageHomeColumn(out, sql, visitor); + + out.println("<section id=\"content\">"); + + if (mids.size() > 0) { + int vuid = visitor != null ? visitor.getUID() : 0; + int ad_mid = AdsQueries.getAdMID(sql, vuid); + if (ad_mid > 0 && mids.indexOf(ad_mid) == -1) { + mids.add(0, ad_mid); + AdsQueries.logAdMID(sql, vuid, ad_mid); + } else { + ad_mid = 0; + } + + PageTemplates.printMessages(out, sql, null, mids, visitor, visitor == null ? 2 : 3, ad_mid); + } + + if (mids.size() >= 20) { + String nextpage = "/tag/" + URLEncoder.encode(paramTag.Name, "UTF-8") + "?before=" + mids.get(mids.size() - 1); + out.println("<p class=\"page\"><a href=\"" + nextpage + "\" rel=\"prev\">Читать дальше →</a></p>"); + } + + out.println("</section>"); + + PageTemplates.pageFooter(request, out, visitor, true); + + PageTemplates.pageEnd(out); + } + } +} diff --git a/src/main/java/com/juick/http/www/Errors.java b/src/main/java/com/juick/http/www/Errors.java new file mode 100644 index 00000000..0044c209 --- /dev/null +++ b/src/main/java/com/juick/http/www/Errors.java @@ -0,0 +1,42 @@ +package com.juick.http.www; + +import org.springframework.jdbc.core.JdbcTemplate; + +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; +import java.io.PrintWriter; + +/** + * + * @author ugnich + */ +public class Errors { + + public static String tagsHTML = null; + + public static void doGet404(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + + if (tagsHTML == null) { + tagsHTML = PageTemplates.formatPopularTags(sql, 80); + } + + response.setStatus(404); + response.setContentType("text/html; charset=UTF-8"); + try (PrintWriter out = response.getWriter()) { + PageTemplates.pageHead(out, "404 Страница не найдена", null); + PageTemplates.pageNavigation(out, visitor, null); + PageTemplates.pageHomeColumn(out, sql, visitor); + + out.println("<section id=\"content\">"); + out.println("<h1>Страница не найдена</h1>"); + out.println("<p>Сожалеем, но страницу с этим адресом удалил её автор, либо её никогда не существовало.</p>"); + out.println("</section>"); + + PageTemplates.pageFooter(request, out, visitor, false); + PageTemplates.pageEnd(out); + } + } +} diff --git a/src/main/java/com/juick/http/www/FacebookLogin.java b/src/main/java/com/juick/http/www/FacebookLogin.java new file mode 100644 index 00000000..cf444abc --- /dev/null +++ b/src/main/java/com/juick/http/www/FacebookLogin.java @@ -0,0 +1,152 @@ +/* + * Juick + * Copyright (C) 2008-2013, Ugnich Anton + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ +package com.juick.http.www; + +import com.juick.server.UserQueries; +import org.json.JSONObject; +import org.springframework.dao.EmptyResultDataAccessException; +import org.springframework.jdbc.core.JdbcTemplate; + +import javax.servlet.ServletException; +import javax.servlet.http.Cookie; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; +import java.net.URLEncoder; +import java.util.UUID; +import java.util.logging.Level; +import java.util.logging.Logger; + +/** + * + * @author Ugnich Anton + */ +public class FacebookLogin { + + private static final Logger logger = Logger.getLogger(FacebookLogin.class.getName()); + + private static final String FACEBOOK_APPID = "130568668304"; + private static final String FACEBOOK_SECRET = "95813bfb6ab8f473410c50d4f971649e"; + private static final String FACEBOOK_REDIRECT = "http://juick.com/_fblogin"; + + protected void doGet(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + String fbstate; + + String code = request.getParameter("code"); + if (code == null || code.equals("")) { + fbstate = UUID.randomUUID().toString(); + + Cookie c = new Cookie("fbstate", fbstate); + response.addCookie(c); + + response.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY); + response.setHeader("Location", "https://www.facebook.com/dialog/oauth?scope=publish_stream&client_id=" + FACEBOOK_APPID + "&redirect_uri=" + URLEncoder.encode(FACEBOOK_REDIRECT, "utf-8") + "&state=" + fbstate); + return; + } + + fbstate = Utils.getCookie(request, "fbstate"); + if (fbstate == null || fbstate.isEmpty() || !fbstate.equals(request.getParameter("state"))) { + response.setStatus(HttpServletResponse.SC_BAD_REQUEST); + return; + } else { + Cookie c = new Cookie("fbstate", "-"); + c.setMaxAge(0); + response.addCookie(c); + } + + String token = Utils.fetchURL("https://graph.facebook.com/oauth/access_token?client_id=" + FACEBOOK_APPID + "&redirect_uri=" + URLEncoder.encode(FACEBOOK_REDIRECT, "utf-8") + "&client_secret=" + FACEBOOK_SECRET + "&code=" + URLEncoder.encode(code, "utf-8")); + if (token == null || token.isEmpty() || !token.startsWith("access_token=")) { + logger.log(Level.SEVERE, "FACEBOOK TOKEN ERROR: " + token); + response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + return; + } + token = token.substring(13); // access_token=... + int tokenamp = token.indexOf('&'); // &expires= + if (tokenamp > 0) { + token = token.substring(0, tokenamp); + } + + String graph = Utils.fetchURL("https://graph.facebook.com/me?access_token=" + token); + if (graph == null || graph.isEmpty()) { + System.err.println("FACEBOOK GRAPH ERROR"); + response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + return; + } + + try { + JSONObject json = new JSONObject(graph); + String fbIDStr = json.getString("id"); + String fbName = json.getString("name"); + String fbLink = json.getString("link"); + boolean fbVerified = json.getBoolean("verified"); + + long fbID = 0; + if (fbIDStr != null && !fbIDStr.isEmpty()) { + fbID = Long.parseLong(fbIDStr); + } + + if (fbID == 0 || fbName == null || fbLink == null || fbName.isEmpty() || fbLink.isEmpty()) { + throw new Exception(); + } + + int uid = getUIDbyFBID(sql, fbID); + if (uid > 0) { + if (!updateDB(sql, fbID, token, fbName, fbLink)) { + throw new Exception(); + } + Cookie c = new Cookie("hash", UserQueries.getHashByUID(sql, uid)); + c.setMaxAge(50 * 24 * 60 * 60); + response.addCookie(c); + response.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY); + response.setHeader("Location", "/"); + } else if (fbVerified) { + String loginhash = UUID.randomUUID().toString(); + if (!insertDB(sql, fbID, loginhash, token, fbName, fbLink)) { + throw new Exception(); + } + response.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY); + response.setHeader("Location", "/signup?type=fb&hash=" + loginhash); + } else { + throw new Exception(); + } + } catch (Exception e) { + logger.log(Level.WARNING, "fb error", e); + response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + return; + } + } + + private int getUIDbyFBID(JdbcTemplate sql, long fbID) { + try { + return sql.queryForObject("SELECT user_id FROM facebook WHERE fb_id=? AND user_id IS NOT NULL", + Integer.class, fbID); + } catch (EmptyResultDataAccessException e) { + return 0; + } + } + + private boolean insertDB(JdbcTemplate sql, long fbID, String loginhash, String token, String fbName, String fbLink) { + return sql.update("INSERT INTO facebook(fb_id,loginhash,access_token,fb_name,fb_link) VALUES (?,?,?,?,?)", + fbID, loginhash, token, fbName, fbLink) > 0; + } + + private boolean updateDB(JdbcTemplate sql, long fbID, String token, String fbName, String fbLink) { + return sql.update("UPDATE facebook SET access_token=?,fb_name=?,fb_link=? WHERE fb_id=?", + token, fbName, fbLink, fbID) > 0; + } +} diff --git a/src/main/java/com/juick/http/www/Help.java b/src/main/java/com/juick/http/www/Help.java new file mode 100644 index 00000000..503044e6 --- /dev/null +++ b/src/main/java/com/juick/http/www/Help.java @@ -0,0 +1,90 @@ +/* + * Juick + * Copyright (C) 2008-2011, Ugnich Anton + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ +package com.juick.http.www; + +import org.springframework.jdbc.core.JdbcTemplate; + +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.*; + +/** + * + * @author Ugnich Anton + */ +public class Help { + + protected void doRedirectToHelpIndex(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + Utils.sendTemporaryRedirect(response, "/help/ru/"); + } + + protected void doGetHelp(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + + String path[] = request.getRequestURI().split("/"); + String page; + if (path.length < 3 || path.length > 4 || path[2].length() != 2 || !path[2].matches("^[a-z]+$")) { + Errors.doGet404(sql, request, response); + return; + } + + if (path.length == 4) { + page = path[3]; + if (!page.matches("^[a-zA-Z0-9\\-]*$") || page.equals("navigation") || page.equals("index")) { + Errors.doGet404(sql, request, response); + return; + } + } else { + page = "index"; + } + + File f = new File("/var/www/juick.com/help/" + path[2] + "/" + page); + if (!f.isFile()) { + Errors.doGet404(sql, request, response); + return; + } + + response.setContentType("text/html; charset=UTF-8"); + try (PrintWriter out = response.getWriter()) { + PageTemplates.pageHead(out, "Помощь", null); + PageTemplates.pageNavigation(out, visitor, null); + + out.println("<aside id=\"column\">"); + printFile(out, new File("/var/www/juick.com/help/" + path[2] + "/navigation")); + out.println("</aside>"); + + out.println("<section id=\"content\">"); + out.println("<article>"); + printFile(out, f); + out.println("</article>"); + out.println("</section>"); + + PageTemplates.pageFooter(request, out, visitor, false); + PageTemplates.pageEnd(out); + } + } + + private void printFile(PrintWriter out, File f) throws IOException { + BufferedReader br = new BufferedReader(new FileReader(f)); + String str; + while ((str = br.readLine()) != null) { + out.println(str); + } + } +} diff --git a/src/main/java/com/juick/http/www/Home.java b/src/main/java/com/juick/http/www/Home.java new file mode 100644 index 00000000..d5c1bb7b --- /dev/null +++ b/src/main/java/com/juick/http/www/Home.java @@ -0,0 +1,175 @@ +/* + * Juick + * Copyright (C) 2008-2011, Ugnich Anton + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ +package com.juick.http.www; + +import com.juick.server.AdsQueries; +import com.juick.server.MessagesQueries; +import org.springframework.jdbc.core.JdbcTemplate; + +import java.io.IOException; +import java.io.PrintWriter; +import java.net.URLEncoder; +import java.sql.Connection; +import java.util.ArrayList; +import java.util.List; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +/** + * + * @author Ugnich Anton + */ +public class Home { + + protected void doGet(JdbcTemplate sql, JdbcTemplate sqlSearch, HttpServletRequest request, HttpServletResponse response, com.juick.User visitor) throws ServletException, IOException { + int paramBefore = 0; + String paramBeforeStr = request.getParameter("before"); + if (paramBeforeStr != null) { + try { + paramBefore = Integer.parseInt(paramBeforeStr); + } catch (NumberFormatException e) { + } + } + + String paramSearch = request.getParameter("search"); + if (paramSearch != null && paramSearch.length() > 64) { + paramSearch = null; + } + + String title; + List<Integer> mids; + + String paramShow = request.getParameter("show"); + if (paramSearch != null) { + title = "Поиск: " + Utils.encodeHTML(paramSearch); + mids = MessagesQueries.getSearch(sql, sqlSearch, Utils.encodeSphinx(paramSearch), paramBefore); + } else if (paramShow == null) { + if (visitor != null) { + title = "Популярные"; + mids = MessagesQueries.getPopular(sql, visitor.getUID(), paramBefore); + } else { + title = "Микроблоги Juick: популярные записи"; + mids = MessagesQueries.getPopular(sql, 0, paramBefore); + } + + } else if (paramShow.equals("top")) { + Utils.sendPermanentRedirect(response, "/"); + return; + } else if (paramShow.equals("my") && visitor != null) { + title = "Моя лента"; + mids = MessagesQueries.getMyFeed(sql, visitor.getUID(), paramBefore); + } else if (paramShow.equals("private") && visitor != null) { + title = "Приватные"; + mids = MessagesQueries.getPrivate(sql, visitor.getUID(), paramBefore); + } else if (paramShow.equals("discuss") && visitor != null) { + title = "Обсуждения"; + mids = MessagesQueries.getDiscussions(sql, visitor.getUID(), paramBefore); + } else if (paramShow.equals("recommended") && visitor != null) { + title = "Рекомендации"; + mids = MessagesQueries.getRecommended(sql, visitor.getUID(), paramBefore); + } else if (paramShow.equals("photos")) { + title = "Фотографии"; + if (visitor != null) { + mids = MessagesQueries.getPhotos(sql, visitor.getUID(), paramBefore); + } else { + mids = MessagesQueries.getPhotos(sql, 0, paramBefore); + } + } else if (paramShow.equals("all")) { + title = "Все сообщения"; + if (visitor != null) { + mids = MessagesQueries.getAll(sql, visitor.getUID(), paramBefore); + } else { + mids = MessagesQueries.getAll(sql, 0, paramBefore); + } + } else { + Errors.doGet404(sql, request, response); + return; + } + + response.setContentType("text/html; charset=UTF-8"); + PrintWriter out = response.getWriter(); + try { + String head = ""; + if (paramBefore > 0 || paramShow != null) { + head = "<meta name=\"robots\" content=\"noindex\"/>"; + } + PageTemplates.pageHead(out, title, head); + PageTemplates.pageNavigation(out, visitor, paramSearch); + PageTemplates.pageHomeColumn(out, sql, visitor, paramShow == null && paramBefore == 0 && paramSearch == null && visitor == null); + + out.println("<section id=\"content\">"); + + if (paramShow == null && paramBefore == 0) { + out.println("<!--noindex-->"); + } + + if (visitor != null) { + out.println("<form action=\"/post\" method=\"post\" enctype=\"multipart/form-data\" onsubmit=\"return onsubmitNewMessage()\">"); + out.println("<section id=\"newmessage\">"); + out.println(" <textarea name=\"body\" placeholder=\"Новое сообщение...\" onclick=\"$('#newmessage>div').css('display','block');$('#newmessage textarea').css('min-height','70px');\" onkeypress=\"postformListener(this.form,event)\"></textarea>"); + out.println(" <div>"); + out.println(" <input type=\"text\" class=\"img\" name=\"img\" placeholder=\"Ссылка на изображение (JPG/PNG, до 10Мб)\"/> или <a href=\"#\" onclick=\"return attachMessagePhoto(this)\">загрузить</a><br/>"); + out.println(" <input type=\"text\" class=\"tags\" name=\"tags\" placeholder=\"Теги (через пробел)\"/><br/>"); + out.println(" <input type=\"submit\" class=\"subm\" value=\"Отправить\"/>"); + out.println(" </div>"); + out.println("</section>"); + out.println("</form>"); + } + + if (mids.size() > 0) { + int ad_mid = 0; + if (paramShow == null || paramShow.equals("top") || paramShow.equals("all")) { + int vuid = visitor != null ? visitor.getUID() : 0; + ad_mid = AdsQueries.getAdMID(sql, vuid); + if (ad_mid > 0 && mids.indexOf(ad_mid) == -1) { + mids.add(0, ad_mid); + AdsQueries.logAdMID(sql, vuid, ad_mid); + } else { + ad_mid = 0; + } + } + + PageTemplates.printMessages(out, sql, null, mids, visitor, visitor == null ? 2 : 3, ad_mid); + } + + if (mids.size() >= 20) { + String nextpage = "?before=" + mids.get(mids.size() - 1); + if (paramShow != null) { + nextpage += "&show=" + paramShow; + } + if (paramSearch != null) { + nextpage += "&search=" + URLEncoder.encode(paramSearch, "UTF-8"); + } + + out.println("<p class=\"page\"><a href=\"" + nextpage + "\" rel=\"prev\">Читать дальше →</a></p>"); + } + + if (paramShow == null && paramBefore == 0) { + out.println("<!--/noindex-->"); + } + + out.println("</section>"); + + PageTemplates.pageFooter(request, out, visitor, true); + PageTemplates.pageEnd(out); + } finally { + out.close(); + } + } +} diff --git a/src/main/java/com/juick/http/www/Login.java b/src/main/java/com/juick/http/www/Login.java new file mode 100644 index 00000000..f12c7096 --- /dev/null +++ b/src/main/java/com/juick/http/www/Login.java @@ -0,0 +1,246 @@ +/* + * Juick + * Copyright (C) 2008-2011, Ugnich Anton + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ +package com.juick.http.www; + +import org.springframework.jdbc.core.JdbcTemplate; + +import java.io.IOException; +import java.io.PrintWriter; +import javax.servlet.ServletException; +import javax.servlet.http.Cookie; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +/** + * + * @author Ugnich Anton + */ +public class Login { + + protected void doGetLoginForm(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + if (visitor != null) { + Utils.sendTemporaryRedirect(response, "/"); + return; + } + + response.setContentType("text/html; charset=UTF-8"); + try (PrintWriter out = response.getWriter()) { + out.println("<!DOCTYPE html>"); + out.println("<html>"); + out.println("<head>"); + out.println("<title>Juick</title>"); + out.println("<script type=\"text/javascript\" src=\"http://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js\" defer=\"defer\"></script>"); + out.println("<style>"); + out.println("* { margin: 0; padding: 0; }"); + out.println("html { font-family: sans-serif; font-size: 12pt; }"); + out.println("html { background: #eeeee5; }"); + out.println("body { margin: 100px auto 0 auto; width: 1000px; }"); + out.println("a { color: #069; }"); + out.println("ul { float: left; width: 700px; height: 350px; list-style-type: none; background: url(/tagscloud.png) no-repeat; position: relative; }"); + out.println("ul a { position: absolute; display: block; text-indent: 100%; white-space: nowrap; overflow: hidden; }"); + + out.println("#bottom1 { position: absolute; left: 0px; bottom: 10px; width: 100%; text-align: center; color: #555; }"); + out.println("#bottom2 { position: absolute; left: 0px; bottom: -50px; width: 100%; padding-bottom: 20px; text-align: center; font-size: small; color: #777; }"); + + out.println("#signup,#signin { margin-left: 730px; width: 250px; }"); + out.println("#signup { padding-top: 25px; }"); + out.println("#signup>div { width: 100%; margin: 15px 0; }"); + out.println("#signup>div>a { display: block; width: 100%; height: 32px; line-height: 32px; text-indent: 37px; text-decoration: none; overflow: hidden; }"); + + out.println("#facebook a { color: #FFF; background: url(\"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAACAAAAAgCAMAAABEpIrGAAAAAXNSR0IArs4c6QAAADNQTFRFO1edX3ewl6bLnKrOoK3QrrrYvMXe2N7r3OLu3+Tv5urz7O/29vf6+Pn7+vv9/Pz9////ykQjsQAAAEZJREFUOMtjYBgFuAATO68ADxdOaUYuATDAqYBbAL8CFgECCjiBcqz4XMiPz3oQEKCtAgEkwEdIAQchBWyEFDAPkDdHsAIAhZkIwz/VK/UAAAAASUVORK5CYII=\") no-repeat #3A569C; }"); + out.println("#vk a { color: #FFF; background: url(\"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAACAAAAAgCAMAAABEpIrGAAAAAXNSR0IArs4c6QAAAHJQTFRFbY+zbo+zbpCzb5C0cpO1c5O2dZW3dpa4e5m6gJ29gZ69lq/In7bNo7jPrcDUs8XXvs3dv87dy9fkztnlz9rm0Nrm093o1N7o1+Dq3OTt3ubu4Ofv5Orw7fH27vL28PP38vX49Pb5+vv8+/z9/Pz9////2jSYlQAAAG5JREFUOMvtkEcOgDAMBE3vvXdIyP+/iMMRKfYHmMtcRtE6AD8f1Is8pyKgAs0RGYO2HSWqMQaoBHVRgYsS3AsrtyFlrqgdJlCLb95gxQO6IkZCqL+KCjz0TQU5ejOf2a3aJXPF7BOB2PvMhp8PDzGRFgEe7xvEAAAAAElFTkSuQmCC\") no-repeat #6d8fb3; }"); + out.println("#xmpp>a { color: #333; background: url(\"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAACAAAAAgCAMAAABEpIrGAAAAAXNSR0IArs4c6QAAAt9QTFRFBj5rCUFoFz5mDEFuDUNqGUJkGUNgAEprEkVtGkRhHURnHEZjAE+BIElmEEx/HEx0PUdTHE5wMEtfO0laJk5sFlN6Nk1cKFBuIlJ1R0pYRExTGF2KMVh1OFhxDGSQT1deNlx6TVhkIGKPUlphKWOFU1tiOmB+Vl1kmlAuNmaDQGpaIG6ba2Q2SGeBN2uUNW+LF3mGRmyLV3BAL3xWgmVJ2VAa2lEb0VYX11UafWlmam9mam5xy1km3lUea29y2VccvF8obHBz21gd4VcXS3ebPoVG1lwl5FkaU3iYYHaH2F0ejHFIx2Iv4V0aP4o+02As218g4l4bPYtFX351KZFaymU43mIrVYoz5mEfT4w0xGsrSo82eXqDw2s+z2k1OZVAT4SoPZU5RZM4NJVYbYc8VoSiWY43WItbuXBK52gYOI20TpM6YYSYfX98T5Q7foB9aYSZSZc8Ro21cYxH7GwdT46e0HFGeopO2HA8V5ZEf4s8528l1HM7UJs5UI+xXoyrWZhGY4ylyHdMwXhXQZS7XpdNU5tH4XJBYJZZcIuhbpJk0HdPU588kohqOZ2pVZS30XpX6XcxSaFrz4FIUqVWWqVCYZm23YBGxYRrZZ2QXpy/5YFC7IA+6oBRb6ZUcKZn44ZSgKJu54hHmJqXbbBNfKh3cq5nYqrMpJyVdrBjx5WCo56diamAjaWdyZeE8JFV8ZJWnqOlaK/Sd7Zh7pVdgbN6x52N8JdfwqCU8ZhgZLbXb7a5grtTmK+UxKKWtqahq6qhd7bHqauop6yvqqyp755pbbzRrK6rwamgib53qq+xra+sobSg86Jza8PJsLKujMVctrGwqLapv7Crr7Wr8ad1srSxj8R9uLOys7WyubSztLazkcZ/sre6tbe0r7m0tri1t7m2vri3uLq3v7m4ubu4nc9mpNBvos2UptJxtNWXtteFuNmbuNyQud2Rut6SwN+aweCbwuGdw+KeweKkF4OfHQAAAadJREFUOMtjeEoAMAwfBQ9vYJO68RCu4BYDq1bXmr2XHoMlnlzet2qGpTgX8y2EFWwensEdrW2FbUAlJ2zDKsqaYwo6eZHcIGzoor/s5IdPSfefPt3nf3Xn3HZpPU8xJAXWIvU88VOffcm78vTptrijJe4OfAmy1kgKzjMlaIfUPvvQcObp03U120ucTZQaGc8je1NZrd8g8cL7eUufPp0wfX2mvVydripKONzkTG1JXvL6TuXTR/Zb5gR6F+Vw30QNqNUss/pqn3/MvrTD7Wy1V9Y0jtXoIZnLv2nSnrfzF3bP3hDRu1wwHzOo1VWOTXn5yi/q7MTJuxTUscTFQyHNc5vfbU1btOCgjNBDbJH1UF5i9/XP6VVrJRUfYo/Nx3YcpS/euOo4Pn6MqeDx44f3LoY2SYnOXBlUfPPug8cwRQxQ6Qf39sda+HqZaQiwGydFlx+4eQ+qAqrg4b3bPqbmNhkrNm5cbGUUHply7d6Dh8hWPH744Oa186eOHDl06NDh46fP33zwEMUEiCMe3L13GwjuPbj38PHTx9jT5OPHj5G9MFQyDgA8riWAv9eLFAAAAABJRU5ErkJggg==\") no-repeat #BBB; }"); + out.println("#xmppinfo { background: #FFF; padding: 10px; display: none; }"); + + out.println("#signin { text-align: center; font-size: small; }"); + out.println("#signinform { background: #FFF; padding: 10px 15px; margin-top: 15px; display: none; }"); + out.println("input.txt { width: 212px; border: 1px solid #CCC; margin: 3px 0; padding: 3px; }"); + out.println("input.submit { width: 70px; border: 1px solid #CCC; margin: 3px 0; padding: 3px; }"); + out.println("</style>"); + out.println("<link rel=\"icon\" href=\"//i.juick.com/favicon.png\"/>"); + out.println("</head>"); + + out.println("<body>"); + + out.println("<ul id=\"tags\">"); + out.println(" <li><a href=\"/tag/juick\" style=\"left: 359px; top: 120px; width: 311px; height: 99px\">juick</a></li>"); + out.println(" <li><a href=\"/tag/linux\" style=\"left: 201px; top: 100px; width: 98px; height: 35px\">linux</a></li>"); + out.println(" <li><a href=\"/tag/android\" style=\"left: 314px; top: 42px; width: 45px; height: 158px\">android</a></li>"); + out.println(" <li><a href=\"/tag/работа\" style=\"left: 149px; top: 138px; width: 165px; height: 41px\">работа</a></li>"); + out.println(" <li><a href=\"/tag/music\" style=\"left: 119px; top: 249px; width: 124px; height: 32px\">music</a></li>"); + out.println(" <li><a href=\"/tag/windows\" style=\"left: 448px; top: 234px; width: 186px; height: 32px\">windows</a></li>"); + out.println(" <li><a href=\"/tag/google\" style=\"left: 244px; top: 252px; width: 134px; height: 41px\">google</a></li>"); + out.println(" <li><a href=\"/tag/кино\" style=\"left: 68px; top: 83px; width: 97px; height: 28px\">кино</a></li>"); + out.println(" <li><a href=\"/tag/фото\" style=\"left: 400px; top: 266px; width: 101px; height: 29px\">фото</a></li>"); + out.println(" <li><a href=\"/tag/жизнь\" style=\"left: 554px; top: 266px; width: 125px; height: 27px\">жизнь</a></li>"); + out.println(" <li><a href=\"/tag/еда\" style=\"left: 46px; top: 196px; width: 71px; height: 32px\">еда</a></li>"); + out.println(" <li><a href=\"/tag/музыка\" style=\"left: 61px; top: 111px; width: 139px; height: 27px\">музыка</a></li>"); + out.println(" <li><a href=\"/tag/прекрасное\" style=\"left: 152px; top: 200px; width: 205px; height: 32px\">прекрасное</a></li>"); + out.println(" <li><a href=\"/tag/книги\" style=\"left: 148px; top: 293px; width: 103px; height: 25px\">книги</a></li>"); + out.println(" <li><a href=\"/tag/цитата\" style=\"left: 325px; top: 301px; width: 126px; height: 27px\">цитата</a></li> <li><a href=\"/tag/games\" style=\"left: 117px; top: 142px; width: 30px; height: 104px\">games</a></li>"); + out.println(" <li><a href=\"/tag/ubuntu\" style=\"left: 503px; top: 2px; width: 28px; height: 102px\">ubuntu</a></li>"); + out.println(" <li><a href=\"/tag/котэ\" style=\"left: 534px; top: 27px; width: 76px; height: 28px\">котэ</a></li>"); + out.println(" <li><a href=\"/tag/ВНЕЗАПНО\" style=\"left: 501px; top: 293px; width: 146px; height: 23px\">ВНЕЗАПНО</a></li>"); + out.println(" <li><a href=\"/tag/юмор\" style=\"left: 73px; top: 53px; width: 84px; height: 28px\">юмор</a></li>"); + out.println(" <li><a href=\"/tag/мысли\" style=\"left: 202px; top: 179px; width: 102px; height: 21px\">мысли</a></li>"); + out.println(" <li><a href=\"/tag/pic\" style=\"left: 400px; top: 78px; width: 33px; height: 38px\">pic</a></li>"); + out.println(" <li><a href=\"/tag/политота\" style=\"left: 531px; top: 60px; width: 130px; height: 24px\">политота</a></li>"); + out.println(" <li><a href=\"/tag/WOT\" style=\"left: 159px; top: 63px; width: 48px; height: 20px\">WOT</a></li>"); + out.println(" <li><a href=\"/tag/fail\" style=\"left: 8px; top: 170px; width: 34px; height: 27px\">fail</a></li>"); + out.println(" <li><a href=\"/tag/погода\" style=\"left: 670px; top: 126px; width: 24px; height: 93px\">погода</a></li>"); + out.println(" <li><a href=\"/tag/apple\" style=\"left: 42px; top: 167px; width: 64px; height: 29px\">apple</a></li>"); + out.println(" <li><a href=\"/tag/jabber\" style=\"left: 436px; top: 43px; width: 25px; height: 75px\">jabber</a></li>"); + out.println(" <li><a href=\"/tag/тян\" style=\"left: 532px; top: 94px; width: 47px; height: 21px\">тян</a></li>"); + out.println(" <li><a href=\"/tag/work\" style=\"left: 359px; top: 55px; width: 58px; height: 23px\">work</a></li>"); + out.println(" <li><a href=\"/tag/Python\" style=\"left: 240px; top: 63px; width: 74px; height: 23px\">Python</a></li>"); + out.println(" <li><a href=\"/tag/Видео\" style=\"left: 266px; top: 232px; width: 76px; height: 20px\">Видео</a></li>"); + out.println(" <li><a href=\"/tag/авто\" style=\"left: 359px; top: 30px; width: 58px; height: 24px\">авто</a></li>"); + out.println(" <li><a href=\"/tag/Anime\" style=\"left: 360px; top: 328px; width: 66px; height: 21px\">Anime</a></li>"); + out.println(" <li><a href=\"/tag/игры\" style=\"left: 378px; top: 242px; width: 22px; height: 58px\">игры</a></li>"); + out.println(" <li><a href=\"/tag/вело\" style=\"left: 176px; top: 9px; width: 18px; height: 54px\">вело</a></li>"); + out.println(" <li><a href=\"/tag/web\" style=\"left: 661px; top: 219px; width: 22px; height: 47px\">web</a></li>"); + out.println(" <li><a href=\"/tag/YouTube\" style=\"left: 498px; top: 316px; width: 81px; height: 24px\">YouTube</a></li>"); + out.println(" <li><a href=\"/tag/Вопрос\" style=\"left: 208px; top: 18px; width: 22px; height: 72px\">Вопрос</a></li>"); + out.println(" <li><a href=\"/tag/железо\" style=\"left: 159px; top: 318px; width: 75px; height: 16px\">железо</a></li>"); + out.println(" <li><a href=\"/tag/Microsoft\" style=\"left: 20px; top: 146px; width: 86px; height: 21px\">Microsoft</a></li>"); + out.println(" <li><a href=\"/tag/video\" style=\"left: 616px; top: 101px; width: 51px; height: 19px\">video</a></li>"); + out.println(" <li><a href=\"/tag/Россия\" style=\"left: 32px; top: 242px; width: 68px; height: 16px\">Россия</a></li>"); + out.println(" <li><a href=\"/tag/java\" style=\"left: 409px; top: 226px; width: 39px; height: 22px\">java</a></li>"); + out.println(" <li><a href=\"/tag/новости\" style=\"left: 39px; top: 67px; width: 21px; height: 79px\">новости</a></li>"); + out.println(" <li><a href=\"/tag/интернет\" style=\"left: 100px; top: 233px; width: 17px; height: 85px\">интернет</a></li>"); + out.println(" <li><a href=\"/tag/steam\" style=\"left: 14px; top: 228px; width: 52px; height: 13px\">steam</a></li>"); + out.println(" <li><a href=\"/tag/слова\" style=\"left: 501px; top: 272px; width: 51px; height: 18px\">слова</a></li>"); + out.println(" <li><a href=\"/tag/почта\" style=\"left: 477px; top: 27px; width: 17px; height: 56px\">почта</a></li>"); + out.println(" <li><a href=\"/tag/help\" style=\"left: 123px; top: 281px; width: 21px; height: 35px\">help</a></li>"); + out.println(" <li><a href=\"/tag/skype\" style=\"left: 110px; top: 320px; width: 49px; height: 20px\">skype</a></li>"); + out.println(" <li><a href=\"/tag/debian\" style=\"left: 461px; top: 47px; width: 16px; height: 51px\">debian</a></li>"); + out.println(" <li><a href=\"/tag/win\" style=\"left: 505px; top: 104px; width: 27px; height: 16px\">win</a></li>"); + out.println(" <li><a href=\"/tag/Религия\" style=\"left: 33px; top: 281px; width: 67px; height: 17px\">Религия</a></li>"); + out.println(" <li><a href=\"/tag/soft\" style=\"left: 286px; top: 86px; width: 28px; height: 14px\">soft</a></li>"); + out.println(" <li><a href=\"/tag/Политика\" style=\"left: 144px; top: 281px; width: 75px; height: 12px\">Политика</a></li>"); + out.println(" <li><a href=\"/tag/сны\" style=\"left: 426px; top: 328px; width: 33px; height: 13px\">сны</a></li>"); + out.println(" <li><a href=\"/tag/Питер\" style=\"left: 146px; top: 233px; width: 50px; height: 16px\">Питер</a></li>"); + out.println(" <li><a href=\"/tag/bash\" style=\"left: 451px; top: 311px; width: 38px; height: 16px\">bash</a></li>"); + out.println(" <li><a href=\"/tag/code\" style=\"left: 279px; top: 310px; width: 39px; height: 16px\">code</a></li>"); + out.println(" <li><a href=\"/tag/yandex\" style=\"left: 19px; top: 263px; width: 56px; height: 18px\">yandex</a></li>"); + out.println(" <li><a href=\"/tag/firefox\" style=\"left: 452px; top: 295px; width: 48px; height: 16px\">firefox</a></li>"); + out.println(" <li><a href=\"/tag/hardware\" style=\"left: 230px; top: 40px; width: 67px; height: 18px\">hardware</a></li>"); + out.println(" <li><a href=\"/tag/git\" style=\"left: 78px; top: 258px; width: 20px; height: 19px\">git</a></li>"); + out.println(" <li><a href=\"/tag/dev\" style=\"left: 165px; top: 88px; width: 31px; height: 19px\">dev</a></li>"); + out.println(" <li><a href=\"/tag/mobile\" style=\"left: 421px; top: 24px; width: 15px; height: 47px\">mobile</a></li>"); + out.println(" <li><a href=\"/tag/люди\" style=\"left: 151px; top: 184px; width: 43px; height: 15px\">люди</a></li>"); + out.println(" <li><a href=\"/tag/php\" style=\"left: 149px; top: 24px; width: 27px; height: 18px\">php</a></li>"); + out.println(" <li><a href=\"/tag/haskell\" style=\"left: 271px; top: 293px; width: 48px; height: 16px\">haskell</a></li>"); + out.println(" <li><a href=\"/tag/стихи\" style=\"left: 135px; top: 42px; width: 41px; height: 11px\">стихи</a></li>"); + out.println(" <li><a href=\"/tag/photo\" style=\"left: 639px; top: 219px; width: 20px; height: 39px\">photo</a></li>"); + out.println(" <li><a href=\"/tag/чай\" style=\"left: 448px; top: 220px; width: 27px; height: 14px\">чай</a></li>"); + out.println(" <li><a href=\"/tag/Опрос\" style=\"left: 297px; top: 22px; width: 14px; height: 41px\">Опрос</a></li>"); + out.println(" <li><a href=\"/tag/Chrome\" style=\"left: 311px; top: 25px; width: 48px; height: 17px\">Chrome</a></li>"); + out.println(" <li><a href=\"/tag/life\" style=\"left: 255px; top: 311px; width: 23px; height: 16px\">life</a></li>"); + out.println(" <li><a href=\"/tag/opera\" style=\"left: 226px; top: 232px; width: 38px; height: 14px\">opera</a></li>"); + out.println(" <li><a href=\"/tag/programming\" style=\"left: 234px; top: 327px; width: 81px; height: 14px\">programming</a></li>"); + out.println(" <li><a href=\"/tag/дети\" style=\"left: 15px; top: 197px; width: 31px; height: 13px\">дети</a></li>"); + out.println(" <li><a href=\"/tag/сериалы\" style=\"left: 575px; top: 219px; width: 61px; height: 13px\">сериалы</a></li>"); + out.println(" <li><a href=\"/tag/учеба\" style=\"left: 616px; top: 84px; width: 43px; height: 17px\">учеба</a></li>"); + out.println("</ul>"); + + out.println("<div id=\"bottom1\">juick.com © 2008-2014 <a href=\"/help/ru/contacts\" rel=\"nofollow\">Контакты</a> · <a href=\"/help/\" rel=\"nofollow\">Помощь</a></div>"); + + out.println("<div id=\"signup\">"); + out.println(" Зарегистрироваться:"); + out.println(" <div id=\"facebook\"><a href=\"/_fblogin\" rel=\"nofollow\">Facebook</a></div>"); + out.println(" <div id=\"vk\"><a href=\"/_vklogin\" rel=\"nofollow\">ВКонтакте</a></div>"); + out.println(" <div id=\"xmpp\"><a href=\"#\" onclick=\"$('#xmppinfo').toggle(); return false\">XMPP</a>"); + out.println(" <div id=\"xmppinfo\">Отправьте <b>LOGIN</b> на <a href=\"xmpp:juick@juick.com?message;body=LOGIN\">juick@juick.com</a></div>"); + out.println(" </div>"); + out.println("</div>"); + out.println("<div id=\"signin\"><a href=\"#\" onclick=\"$('#signinform').toggle(); $('#nickinput').focus(); return false\">Уже зарегистрированы?</a>"); + out.println("<div id=\"signinform\"><form action=\"/login\" method=\"POST\">"); + out.println("<input class=\"txt\" type=\"text\" name=\"username\" placeholder=\"Имя пользователя\" id=\"nickinput\"/>"); + out.println("<input class=\"txt\" type=\"password\" name=\"password\" placeholder=\"Пароль\"/>"); + out.println("<input class=\"submit\" type=\"submit\" value=\"OK\"/>"); + out.println("</form></div>"); + out.println("</div>"); + + out.println("</body>"); + out.println("</html>"); + } + } + + protected void doGetLogin(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + String hash = request.getQueryString(); + if (hash.length() > 32) { + response.sendError(400); + return; + } + + if (com.juick.server.UserQueries.getUIDbyHash(sql, hash) > 0) { + Cookie c = new Cookie("hash", hash); + c.setMaxAge(365 * 24 * 60 * 60); + response.addCookie(c); + response.sendRedirect("/"); + } else { + response.sendError(403); + } + } + + protected void doPostLogin(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + String username = request.getParameter("username"); + String password = request.getParameter("password"); + if (username == null || password == null || username.length() > 32 || password.isEmpty()) { + response.sendError(400); + return; + } + + int uid = com.juick.server.UserQueries.checkPassword(sql, username, password); + if (uid > 0) { + String hash = com.juick.server.UserQueries.getHashByUID(sql, uid); + Cookie c = new Cookie("hash", hash); + c.setMaxAge(365 * 24 * 60 * 60); + response.addCookie(c); + + String referer = request.getHeader("Referer"); + if (referer != null && referer.startsWith("http://juick.com/") && !referer.equals("http://juick.com/login")) { + response.sendRedirect(referer); + } else { + response.sendRedirect("/"); + } + } else { + response.sendError(403); + } + } + + protected void doGetLogout(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + if (visitor != null) { + sql.update("DELETE FROM logins WHERE user_id=?", visitor.getUID()); + } + + Cookie c = new Cookie("hash", "-"); + c.setDomain(".juick.com"); + c.setMaxAge(0); + response.addCookie(c); + + Cookie c2 = new Cookie("hash", "-"); + c2.setMaxAge(0); + response.addCookie(c2); + + response.sendRedirect("/"); + } +} diff --git a/src/main/java/com/juick/http/www/Main.java b/src/main/java/com/juick/http/www/Main.java new file mode 100644 index 00000000..63bf1c1f --- /dev/null +++ b/src/main/java/com/juick/http/www/Main.java @@ -0,0 +1,310 @@ +/* + * Juick + * Copyright (C) 2008-2011, Ugnich Anton + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ +package com.juick.http.www; + +import com.juick.server.UserQueries; +import com.juick.xmpp.JID; +import com.juick.xmpp.Stream; +import com.juick.xmpp.StreamComponent; +import org.springframework.jdbc.core.JdbcTemplate; +import org.springframework.jdbc.datasource.DriverManagerDataSource; +import ru.sape.Sape; + +import javax.servlet.ServletException; +import javax.servlet.annotation.MultipartConfig; +import javax.servlet.annotation.WebServlet; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; +import java.net.Socket; +import java.net.URLEncoder; +import java.util.Properties; + +/** + * + * @author Ugnich Anton + */ +@WebServlet(name = "Main", urlPatterns = {"/"}) +@MultipartConfig(fileSizeThreshold = 1024 * 1024, maxRequestSize = 1024 * 1024 * 10) +public class Main extends HttpServlet implements Stream.StreamListener { + + JdbcTemplate sql; + JdbcTemplate sqlSearch; + String sqlSearchConnStr = "jdbc:mysql://127.0.0.1:9306?autoReconnect=true&useUnicode=yes&characterEncoding=utf8&maxAllowedPacket=512000"; + Stream xmpp; + Home home = new Home(); + Discover discover = new Discover(); + PM pm = new PM(); + Login login = new Login(); + Help help = new Help(); + User pagesUser = new User(); + UserThread pagesUserThread = new UserThread(); + NewMessage pagesNewMessage = new NewMessage(); + FacebookLogin loginFacebook = new FacebookLogin(); + VKontakteLogin loginVK = new VKontakteLogin(); + TwitterAuth twitterAuth; + SignUp signup = new SignUp(); + Settings settings = new Settings(); + RSS rss = new RSS(); + + @Override + public void init() throws ServletException { + + super.init(); + try { + Properties conf = new Properties(); + conf.load(getServletContext().getResourceAsStream("/WEB-INF/juick.conf")); + + DriverManagerDataSource dataSource = new DriverManagerDataSource(); + dataSource.setDriverClassName(conf.getProperty("datasource_driver", "com.mysql.jdbc.Driver")); + dataSource.setUrl(conf.getProperty("datasource_url")); + DriverManagerDataSource dataSourceSearch = new DriverManagerDataSource(); + dataSourceSearch.setDriverClassName(conf.getProperty("datasource_driver", "com.mysql.jdbc.Driver")); + dataSourceSearch.setUrl(sqlSearchConnStr); + sql = new JdbcTemplate(dataSource); + sqlSearch = new JdbcTemplate(dataSourceSearch); + + setupXmppComponent(conf.getProperty("xmpp_password")); + twitterAuth = new TwitterAuth(conf.getProperty("twitter_consumer_key"), + conf.getProperty("twitter_consumer_secret")); + PageTemplates.sape = new Sape(conf.getProperty("sape_user"), "juick.com", 2000, 3600); + } catch (Exception e) { + log(null, e); + } + } + + public void setupXmppComponent(final String password) { + Thread thr = new Thread(() -> { + try { + Socket socket = new Socket("localhost", 5347); + xmpp = new StreamComponent(new JID("", "www.juick.com", ""), socket.getInputStream(), socket.getOutputStream(), password); + xmpp.addListener(Main.this); + xmpp.startParsing(); + } catch (IOException e) { + log("xmpp exception", e); + } + }); + thr.start(); + } + + @Override + public void onStreamFail(Exception e) {log("XMPP STREAM FAIL:" + e);} + + @Override + public void onStreamReady() { + log("XMPP STREAM READY"); + } + + + /** + * Handles the HTTP <code>GET</code> method. + * @param request servlet request + * @param response servlet response + * @throws ServletException if a servlet-specific error occurs + * @throws IOException if an I/O error occurs + */ + @Override + protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + if (request.getCharacterEncoding() == null) { + request.setCharacterEncoding("UTF-8"); + } + String uri = request.getRequestURI(); + + if (uri.equals("/")) { + String tag = request.getParameter("tag"); + if (tag != null) { + Utils.sendPermanentRedirect(response, "/tag/" + URLEncoder.encode(tag, "UTF-8")); + } else { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + home.doGet(sql, sqlSearch, request, response, visitor); + } + } else if (uri.equals("/post")) { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + if (visitor != null) { + pagesNewMessage.doGetNewMessage(sql, request, response, visitor); + } else { + Utils.sendTemporaryRedirect(response, "/login"); + } + } else if (uri.equals("/login")) { + if (request.getQueryString() == null) { + login.doGetLoginForm(sql, request, response); + } else { + login.doGetLogin(sql, request, response); + } + } else if (uri.startsWith("/pm/")) { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + if (visitor == null) { + Utils.sendTemporaryRedirect(response, "/login"); + } else { + switch (uri) { + case "/pm/inbox": + pm.doGetInbox(sql, request, response, visitor); + break; + case "/pm/sent": + pm.doGetSent(sql, request, response, visitor); + break; + default: + Errors.doGet404(sql, request, response); + break; + } + } + } else if (uri.startsWith("/rss/")) { + String uname = uri.substring(5); + int uid = UserQueries.getUIDbyName(sql, uname); + if (uid > 0) { + rss.doGet(sql, request, response, uid, uname); + } else { + response.sendError(404); + } + } else if (uri.equals("/logout")) { + login.doGetLogout(sql, request, response); + } else if (uri.equals("/settings")) { + settings.doGet(sql, request, response); + } else if (uri.equals("/_fblogin")) { + loginFacebook.doGet(sql, request, response); + } else if (uri.equals("/_vklogin")) { + loginVK.doGet(sql, request, response); + } else if (uri.startsWith("/_twitter")) { + twitterAuth.doGet(sql, request, response); + } else if (uri.equals("/signup")) { + signup.doGet(sql, request, response); + } else if (uri.equals("/help") || uri.equals("/help/")) { + help.doRedirectToHelpIndex(sql, request, response); + } else if (uri.startsWith("/help/")) { + help.doGetHelp(sql, request, response); + } else if (uri.startsWith("/tag/")) { + discover.doGet(sql, sqlSearch, request, response); + } else if (uri.matches("^/\\d+$")) { + String strID = request.getRequestURI().substring(1); + int mid = 0; + try { + mid = Integer.parseInt(strID); + } catch (NumberFormatException e) { + } + if (mid > 0) { + com.juick.User author = com.juick.server.MessagesQueries.getMessageAuthor(sql, mid); + if (author != null) { + Utils.sendPermanentRedirect(response, "/" + author.getUName() + "/" + mid); + return; + } + } + Errors.doGet404(sql, request, response); + } else if (uri.matches("^/[^/]+$")) { + com.juick.User user = com.juick.server.UserQueries.getUserByName(sql, request.getRequestURI().substring(1)); + if (user != null) { + Utils.sendPermanentRedirect(response, "/" + user.getUName() + "/"); + } else { + Errors.doGet404(sql, request, response); + } + } else if (uri.matches("^/.+/.*")) { + String uriparts[] = uri.split("/"); + com.juick.User user = com.juick.server.UserQueries.getUserByName(sql, uriparts[1]); + if (user != null && user.getUName().equals(uriparts[1]) && !user.Banned) { + if (uriparts.length == 2) { // http://juick.com/username/ + pagesUser.doGetBlog(sql, sqlSearch, request, response, user); + } else if (uriparts[2].equals("tags")) { + pagesUser.doGetTags(sql, request, response, user); + } else if (uriparts[2].equals("friends")) { + pagesUser.doGetFriends(sql, request, response, user); + } else if (uriparts[2].equals("readers")) { + pagesUser.doGetReaders(sql, request, response, user); + } else { + int mid = 0; + try { + mid = Integer.parseInt(uriparts[2]); + } catch (NumberFormatException e) { + } + if (mid > 0) { + com.juick.User author = com.juick.server.MessagesQueries.getMessageAuthor(sql, mid); + if (author != null) { + if (!author.getUName().equals(user.getUName())) { + Utils.sendPermanentRedirect(response, "/" + author.getUName() + "/" + mid); + } else { + pagesUserThread.doGetThread(sql, request, response, mid); + } + } else { + Errors.doGet404(sql, request, response); + } + } else { + Errors.doGet404(sql, request, response); + } + } + } else if (user != null && !user.Banned) { + Utils.sendPermanentRedirect(response, "/" + user.getUName() + "/" + (uriparts.length > 2 ? uriparts[2] : "")); + } else { + Errors.doGet404(sql, request, response); + } + } else { + Errors.doGet404(sql, request, response); + } + } + + /** + * Handles the HTTP <code>POST</code> method. + * @param request servlet request + * @param response servlet response + * @throws ServletException if a servlet-specific error occurs + * @throws IOException if an I/O error occurs + */ + @Override + protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + if (request.getCharacterEncoding() == null) { + request.setCharacterEncoding("UTF-8"); + } + + String uri = request.getRequestURI(); + if (uri.equals("/post")) { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + if (visitor != null && !visitor.Banned) { + pagesNewMessage.doPostMessage(sql, request, response, xmpp, visitor); + } else { + response.sendError(403); + } + } else if (uri.equals("/comment")) { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + if (visitor != null && !visitor.Banned) { + pagesNewMessage.doPostComment(sql, request, response, xmpp, visitor); + } else { + response.sendError(403); + } + } else if (uri.equals("/like")) { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + if (visitor != null && !visitor.Banned) { + pagesNewMessage.doPostRecomm(sql, request, response, xmpp, visitor); + } else { + response.sendError(403); + } + } else if (uri.equals("/pm/send")) { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + if (visitor != null && !visitor.Banned) { + pm.doPostPM(sql, request, response, xmpp, visitor); + } else { + response.sendError(403); + } + } else if (uri.equals("/login")) { + login.doPostLogin(sql, request, response); + } else if (uri.equals("/signup")) { + signup.doPost(sql, request, response); + } else if (uri.equals("/settings")) { + settings.doPost(sql, request, response); + } else { + response.sendError(405); + } + } +} diff --git a/src/main/java/com/juick/http/www/NewMessage.java b/src/main/java/com/juick/http/www/NewMessage.java new file mode 100644 index 00000000..642bd794 --- /dev/null +++ b/src/main/java/com/juick/http/www/NewMessage.java @@ -0,0 +1,413 @@ +/* + * Juick + * Copyright (C) 2008-2011, Ugnich Anton + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ +package com.juick.http.www; + +import com.juick.Tag; +import com.juick.server.*; +import com.juick.xmpp.JID; +import com.juick.xmpp.Message; +import com.juick.xmpp.Stream; +import com.juick.xmpp.extensions.JuickMessage; +import com.juick.xmpp.extensions.JuickUser; +import com.juick.xmpp.extensions.Nickname; +import com.juick.xmpp.extensions.XOOB; +import org.springframework.jdbc.core.JdbcTemplate; + +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; +import java.io.PrintWriter; +import java.io.UnsupportedEncodingException; +import java.net.URL; +import java.net.URLEncoder; +import java.util.ArrayList; +import java.util.List; + +/** + * + * @author Ugnich Anton + */ +public class NewMessage { + + protected void doGetNewMessage(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response, com.juick.User visitor) throws ServletException, IOException { + response.setContentType("text/html; charset=UTF-8"); + try (PrintWriter out = response.getWriter()) { + PageTemplates.pageHead(out, "Написать", "<script src=\"//maps.google.com/maps?file=api&v=2&sensor=false&key=ABQIAAAAVVtPtxkw4soCEHg44FsNChRB4OFYjAXt73He16Zkp6a_0tPs2RTU6i6UlcMs4QvPBYvIY8rWvcxqOg\" type=\"text/javascript\"></script>" + + "<script src=\"//static.juick.com/mc.js\" type=\"text/javascript\" defer=\"defer\"></script>" + + "<script src=\"//static.juick.com/maps.js?2010111500\" type=\"text/javascript\" defer=\"defer\"></script>" + + "<script src=\"//static.juick.com/post3.js\" type=\"text/javascript\" defer=\"defer\"></script>"); + PageTemplates.pageNavigation(out, visitor, null); + + out.println("<section id=\"content\" class=\"pagetext\">"); + out.println("<form action=\"/post2\" method=\"post\" id=\"postmsg\" enctype=\"multipart/form-data\">"); + out.println("<p style=\"text-align: left\"><b>Место: <span id=\"location\"></span></b> <span id=\"locationclear\">— <a href=\"#\" onclick=\"clearLocation()\">Отменить</a></span></p>"); + out.println("<p style=\"text-align: left\"><b>Фото:</b> <span id=\"attachmentfile\"><input type=\"file\" name=\"attach\"/> <i>(JPG, PNG, до 10Мб)</i></span></p>"); + + String body = request.getParameter("body"); + if (body == null) { + body = ""; + } else { + if (body.length() > 4096) { + body = body.substring(0, 4096); + } + body = Utils.encodeHTML(body); + } + out.println("<p><textarea name=\"body\" class=\"newmessage\" rows=\"7\" cols=\"10\">" + body + "</textarea><br/>"); + + out.println("<input type=\"hidden\" name=\"place_id\"/>" + "" + "<input type=\"submit\" class=\"subm\" value=\" Отправить \"/></p>"); + out.println("</form>"); + out.println("<div id=\"geomap\"></div>"); + out.println("<p style=\"text-align: left\"><b>Теги:</b></p>"); + printUserTags(sql, out, visitor); + out.println("</section>"); + + PageTemplates.pageFooter(request, out, visitor, false); + PageTemplates.pageEnd(out); + } + } + + void printUserTags(JdbcTemplate sql, PrintWriter out, com.juick.User visitor) { + List<Tag> tags = TagQueries.getUserTagsAll(sql, visitor.getUID()); + + if (tags.isEmpty()) { + return; + } + + int min = tags.get(0).UsageCnt; + int max = tags.get(0).UsageCnt; + for (int i = 1; i < tags.size(); i++) { + int usagecnt = tags.get(i).UsageCnt; + if (usagecnt < min) { + min = usagecnt; + } + if (usagecnt > max) { + max = usagecnt; + } + } + max -= min; + + out.print("<p style=\"text-align: justify\">"); + for (int i = 0; i < tags.size(); i++) { + if (i > 0) { + out.print(" "); + } + String taglink = ""; + try { + taglink = "<a onclick=\"return addTag('" + Utils.encodeHTML(tags.get(i).Name) + "')\" href=\"/" + visitor.getUName() + "/?tag=" + URLEncoder.encode(tags.get(i).Name, "utf-8") + "\" title=\"" + tags.get(i).UsageCnt + "\">" + Utils.encodeHTML(tags.get(i).Name) + "</a>"; + } catch (UnsupportedEncodingException e) { + } + int usagecnt = tags.get(i).UsageCnt; + if (usagecnt <= max / 5 + min) { + out.print("<span style=\"font-size: small\">" + taglink + "</span>"); + } else if (usagecnt <= max / 5 * 2 + min) { + out.print(taglink); + } else if (usagecnt <= max / 5 * 3 + min) { + out.print("<span style=\"font-size: large\">" + taglink + "</span>"); + } else if (usagecnt <= max / 5 * 4 + min) { + out.print("<span style=\"font-size: x-large\">" + taglink + "</span>"); + } else { + out.print("<span style=\"font-size: xx-large\">" + taglink + "</span>"); + } + } + out.println("</p>"); + } + + public void doPostMessage(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response, Stream xmpp, com.juick.User visitor) throws ServletException, IOException { + String body = request.getParameter("body"); + if (body == null || body.length() < 1 || body.length() > 4096) { + response.sendError(400); + return; + } + body = body.replace("\r", ""); + + String tagsStr = request.getParameter("tags"); + List<com.juick.Tag> tags = new ArrayList<Tag>(); + String tagsArr[] = new String[1]; + if (tagsStr != null && !tagsStr.isEmpty()) { + tagsArr = tagsStr.split("[ \\,]"); + for (int i = 0; i < tagsArr.length; i++) { + if (tagsArr[i].startsWith("*")) { + tagsArr[i] = tagsArr[i].substring(1); + } + if (tagsArr[i].length() > 64) { + tagsArr[i] = tagsArr[i].substring(0, 64); + } + } + tags = TagQueries.getTags(sql, tagsArr, true); + while (tags.size() > 5) { + tags.remove(5); + } + } + + String attachmentFName = null; + try { + attachmentFName = Utils.receiveMultiPartFile(request, "attach"); + } catch (Exception e) { + System.out.println("MULTIPART ERROR: " + e.toString()); + response.sendError(400); + return; + } + + String paramImg = request.getParameter("img"); + if (attachmentFName == null && paramImg != null && paramImg.length() > 10 ) { + try { + URL imgUrl = new URL(paramImg); + attachmentFName = Utils.downloadImage(imgUrl); + } catch (Exception e) { + System.out.println("DOWNLOAD ERROR: " + e.toString()); + response.sendError(500); + return; + } + } + + String attachmentType = attachmentFName != null ? attachmentFName.substring(attachmentFName.length() - 3) : null; + int mid = MessagesQueries.createMessage(sql, visitor.getUID(), body, attachmentType, tags); + SubscriptionsQueries.subscribeMessage(sql, mid, visitor.getUID()); + + Message xmsg = new Message(); + xmsg.from = new JID("juick", "juick.com", null); + xmsg.type = Message.Type.chat; + xmsg.thread = "juick-" + mid; + + JuickMessage jmsg = new JuickMessage(MessagesQueries.getMessage(sql, mid)); + xmsg.addChild(jmsg); + + Nickname nick = new Nickname(); + nick.Nickname = "@" + jmsg.getUser().getUName(); + xmsg.addChild(nick); + + if (attachmentFName != null) { + String fname = mid + "." + attachmentType; + String attachmentURL = "http://i.juick.com/photos-1024/" + fname; + + Runtime.getRuntime().exec("/var/www/juick.com/cgi/p-convert.sh /var/www/juick.com/i/tmp/" + attachmentFName + " " + fname); + + body = attachmentURL + "\n" + body; + XOOB xoob = new XOOB(); + xoob.URL = attachmentURL; + xmsg.addChild(xoob); + } + + String tagsStr2 = ""; + for (String tag : tagsArr) { + tagsStr2 += " *" + tag; + } + xmsg.body = "@" + jmsg.getUser().getUName() + ":" + tagsStr2 + "\n" + body + "\n\n#" + mid + " http://juick.com/" + mid; + + xmsg.to = new JID("juick", "s2s.juick.com", null); + xmpp.send(xmsg); + + xmsg.to.Host = "ws.juick.com"; + xmpp.send(xmsg); + + xmsg.to.Host = "push.juick.com"; + xmpp.send(xmsg); + + xmsg.to.Host = "crosspost.juick.com"; + xmsg.to.Username = "twitter"; + xmpp.send(xmsg); + xmsg.to.Username = "fb"; + xmpp.send(xmsg); + + xmsg.to.Host = "nologin.ru"; + xmsg.to.Username = "jubo"; + xmpp.send(xmsg); + + // + + response.setContentType("text/html; charset=UTF-8"); + try (PrintWriter out = response.getWriter()) { + PageTemplates.pageHead(out, "Сообщение опубликовано", null); + PageTemplates.pageNavigation(out, visitor, null); + PageTemplates.pageHomeColumn(out, sql, visitor); + + String hashtags = ""; + String tagscomma = ""; + for (int i = 0; i < tagsArr.length; i++) { + if (i > 0) { + hashtags += " "; + tagscomma += ","; + } + hashtags += "#" + tagsArr[i]; + tagscomma += tagsArr[i]; + } + + String url = URLEncoder.encode("http://juick.com/" + mid, "utf-8"); + String sharetwi = hashtags + " " + body; + if (sharetwi.length() > 115) { + sharetwi = sharetwi.substring(0, 114) + "…"; + } + sharetwi += " http://juick.com/" + mid; + String sharelj = URLEncoder.encode(body + "\n", "utf-8") + url; + + out.println("<section id=\"content\">"); + out.println("<h1>Сообщение опубликовано</h1>"); + out.println("<p>Поделитесь своим новым постом в социальных сетях:</p>"); + if (CrosspostQueries.getTwitterTokens(sql, visitor.getUID()).isPresent()) { + out.println("<p><a href=\"https://twitter.com/intent/tweet?text=" + URLEncoder.encode(sharetwi, "utf-8") + "\" onclick=\"return openSocialWindow(this)\" class=\"ico32-twi sharenew\">Отправить в Twitter</a></p>"); + } + out.println("<p><a href=\"http://www.livejournal.com/update.bml?subject=" + URLEncoder.encode(hashtags, "utf-8") + "&event=" + sharelj + "&prop_taglist=" + URLEncoder.encode(tagscomma, "utf-8") + "\" target=\"_blank\" class=\"ico32-lj sharenew\">Отправить в LiveJournal</a></p>"); + out.println("<p><a href=\"https://vk.com/share.php?url=" + url + "\" onclick=\"return openSocialWindow(this)\" class=\"ico32-vk sharenew\">Отправить в ВКонтакте</a></p>"); + if (CrosspostQueries.getFacebookToken(sql, visitor.getUID()).isPresent()) { + out.println("<p><a href=\"https://www.facebook.com/sharer/sharer.php?u=" + url + "\" onclick=\"return openSocialWindow(this)\" class=\"ico32-fb sharenew\">Отправить в Facebook</a></p>"); + } + out.println("<p><a href=\"https://plus.google.com/share?url=" + url + "\" onclick=\"return openSocialWindow(this)\" class=\"ico32-gp sharenew\">Отправить в Google+</a></p>"); + out.println("<p>Ссылка на сообщение: <a href=\"http://juick.com/" + mid + "\">http://juick.com/" + mid + "</a></p>"); + out.println("</section>"); + + PageTemplates.pageFooter(request, out, visitor, false); + PageTemplates.pageEnd(out); + } + } + + public void doPostComment(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response, Stream xmpp, com.juick.User visitor) throws ServletException, IOException { + int mid = Utils.parseInt(request.getParameter("mid"), 0); + if (mid == 0) { + response.sendError(400); + return; + } + com.juick.Message msg = MessagesQueries.getMessage(sql, mid); + if (msg == null) { + response.sendError(404); + return; + } + + int rid = Utils.parseInt(request.getParameter("rid"), 0); + com.juick.Message reply = null; + if (rid > 0) { + reply = MessagesQueries.getReply(sql, mid, rid); + if (reply == null) { + response.sendError(404); + return; + } + } + + String body = request.getParameter("body"); + if (body == null || body.length() < 1 || body.length() > 4096) { + response.sendError(400); + return; + } + body = body.replace("\r", ""); + + if ((msg.ReadOnly && msg.getUser().getUID() != visitor.getUID()) || UserQueries.isInBLAny(sql, msg.getUser().getUID(), visitor.getUID()) || (reply != null && UserQueries.isInBLAny(sql, reply.getUser().getUID(), visitor.getUID()))) { + response.sendError(403); + return; + } + + String attachmentFName = null; + try { + attachmentFName = Utils.receiveMultiPartFile(request, "attach"); + } catch (Exception e) { + System.out.println("MULTIPART ERROR: " + e.toString()); + response.sendError(400); + return; + } + + String paramImg = request.getParameter("img"); + if (attachmentFName == null && paramImg != null && paramImg.length() > 10) { + try { + attachmentFName = Utils.downloadImage(new URL(paramImg)); + } catch (Exception e) { + System.out.println("DOWNLOAD ERROR: " + e.toString()); + response.sendError(500); + return; + } + } + + String attachmentType = attachmentFName != null ? attachmentFName.substring(attachmentFName.length() - 3) : null; + int ridnew = MessagesQueries.createReply(sql, mid, rid, visitor.getUID(), body, attachmentType); + SubscriptionsQueries.subscribeMessage(sql, mid, visitor.getUID()); + + Message xmsg = new Message(); + xmsg.from = new JID("juick", "juick.com", null); + xmsg.type = Message.Type.chat; + xmsg.thread = "juick-" + mid; + + JuickMessage jmsg = new JuickMessage(MessagesQueries.getReply(sql, mid, ridnew)); + xmsg.addChild(jmsg); + + String quote = reply != null ? reply.getText() : msg.getText(); + if (quote.length() >= 50) { + quote = quote.substring(0, 47) + "..."; + } + + Nickname nick = new Nickname(); + nick.Nickname = "@" + jmsg.getUser().getUName(); + xmsg.addChild(nick); + + if (attachmentFName != null) { + String fname = mid + "-" + ridnew + "." + attachmentType; + String attachmentURL = "http://i.juick.com/photos-1024/" + fname; + + Runtime.getRuntime().exec("/var/www/juick.com/cgi/p-convert.sh /var/www/juick.com/i/tmp/" + attachmentFName + " " + fname); + + body = attachmentURL + "\n" + body; + XOOB xoob = new XOOB(); + xoob.URL = attachmentURL; + xmsg.addChild(xoob); + } + + xmsg.body = "Reply by @" + jmsg.getUser().getUName() + ":\n>" + quote + "\n" + body + "\n\n#" + mid + "/" + ridnew + " http://juick.com/" + mid + "#" + ridnew; + + xmsg.to = new JID("juick", "s2s.juick.com", null); + xmpp.send(xmsg); + + xmsg.to.Host = "ws.juick.com"; + xmpp.send(xmsg); + + xmsg.to.Host = "push.juick.com"; + xmpp.send(xmsg); + + Utils.sendTemporaryRedirect(response, "/" + msg.getUser().getUName() + "/" + mid + "#" + ridnew); + } + + public void doPostRecomm(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response, Stream xmpp, com.juick.User visitor) throws ServletException, IOException { + int mid = Utils.parseInt(request.getParameter("mid"), 0); + if (mid == 0) { + response.sendError(400); + return; + } + com.juick.Message msg = MessagesQueries.getMessage(sql, mid); + if (msg == null) { + response.sendError(404); + return; + } + if (msg.getUser().getUID() == visitor.getUID()) { + response.sendError(403); + return; + } + + boolean res = MessagesQueries.recommendMessage(sql, mid, visitor.getUID()); + + if (res) { + Message xmsg = new Message(); + xmsg.from = new JID("juick", "juick.com", null); + xmsg.to = new JID("recomm", "s2s.juick.com", null); + JuickMessage jmsg = new JuickMessage(); + jmsg.setMID(mid); + jmsg.setUser(new JuickUser(visitor)); + xmsg.addChild(jmsg); + xmpp.send(xmsg); + + Utils.replyJSON(request, response, "{\"status\":\"ok\"}"); + } else { + response.sendError(500); + } + } +} diff --git a/src/main/java/com/juick/http/www/PM.java b/src/main/java/com/juick/http/www/PM.java new file mode 100644 index 00000000..932d1baf --- /dev/null +++ b/src/main/java/com/juick/http/www/PM.java @@ -0,0 +1,224 @@ +/* + * Juick + * Copyright (C) 2008-2011, Ugnich Anton + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ +package com.juick.http.www; + +import com.juick.server.PMQueries; +import com.juick.server.UserQueries; +import com.juick.xmpp.JID; +import com.juick.xmpp.Message; +import com.juick.xmpp.Stream; +import com.juick.xmpp.extensions.JuickMessage; +import org.springframework.jdbc.core.JdbcTemplate; + +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; +import java.io.PrintWriter; +import java.util.List; + +/** + * + * @author Ugnich Anton + */ +public class PM { + + protected void doGetInbox(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response, com.juick.User visitor) throws ServletException, IOException { + /* + int paramBefore = 0; + String paramBeforeStr = request.getParameter("before"); + if (paramBeforeStr != null) { + try { + paramBefore = Integer.parseInt(paramBeforeStr); + } catch (NumberFormatException e) { + } + } + */ + + String title = "PM: Inbox"; + List<com.juick.Message> msgs = PMQueries.getLastPMInbox(sql, visitor.getUID()); + + response.setContentType("text/html; charset=UTF-8"); + try (PrintWriter out = response.getWriter()) { + PageTemplates.pageHead(out, title, null); + PageTemplates.pageNavigation(out, visitor, null); + PageTemplates.pageHomeColumn(out, sql, visitor); + + out.println("<section id=\"content\">"); + + if (!msgs.isEmpty()) { + out.println("<ul>"); + for (com.juick.Message msg : msgs) { + + String txt = PageTemplates.formatMessage(msg.getText()); + + out.println(" <li class=\"msg\">"); + out.println(" <div class=\"msg-avatar\"><a href=\"/" + msg.getUser().getUName() + "/\"><img src=\"//i.juick.com/a/" + msg.getUser().getUID() + ".png\" alt=\"" + msg.getUser().getUName() + "\"/></a></div>"); + out.println(" <div class=\"msg-cont\">"); + out.println(" <div class=\"msg-header\"><a href=\"/" + msg.getUser().getUName() + "/\">@" + msg.getUser().getUName() + "</a>:</div>"); + out.println(" <div class=\"msg-ts\"><a href=\"#\" onclick=\"return false\" title=\"" + PageTemplates.sdfSQL.format(msg.getDate()) + " GMT\">" + PageTemplates.formatDate(msg.TimeAgo, msg.getDate()) + "</a></div>"); + out.println(" <div class=\"msg-txt\">" + txt + "</div>"); + + out.println(" <form action=\"/pm/send\" method=\"POST\" enctype=\"multipart/form-data\"><input type=\"hidden\" name=\"uname\" value=\"" + msg.getUser().getUName() + "\"/>"); + out.println(" <div class=\"msg-comment\"><div class=\"ta-wrapper\"><textarea name=\"body\" rows=\"1\" class=\"replypm\" placeholder=\"Написать ответ\" onkeypress=\"postformListener(this.form,event)\"></textarea></div></div>"); + out.println(" </form>"); + + out.println(" </div>"); + out.println(" </li>"); + } + out.println("</ul>"); + } + + /* + if (msgs.size() >= 20) { + String nextpage = "?before=" + msgs.get(msgs.size() - 1); + out.println("<p class=\"page\"><a href=\"" + nextpage + "\">Читать дальше →</a></p>"); + } + */ + + out.println("</section>"); + + PageTemplates.pageFooter(request, out, visitor, false); + PageTemplates.pageEnd(out); + } + } + + protected void doGetSent(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response, com.juick.User visitor) throws ServletException, IOException { + /* + int paramBefore = 0; + String paramBeforeStr = request.getParameter("before"); + if (paramBeforeStr != null) { + try { + paramBefore = Integer.parseInt(paramBeforeStr); + } catch (NumberFormatException e) { + } + } + */ + + String title = "PM: Sent"; + List<com.juick.Message> msgs = PMQueries.getLastPMSent(sql, visitor.getUID()); + + String uname = request.getParameter("uname"); + if (!UserQueries.checkUserNameValid(uname)) { + uname = ""; + } + + response.setContentType("text/html; charset=UTF-8"); + try (PrintWriter out = response.getWriter()) { + PageTemplates.pageHead(out, title, null); + PageTemplates.pageNavigation(out, visitor, null); + PageTemplates.pageHomeColumn(out, sql, visitor); + + out.println("<section id=\"content\">"); + + out.println("<form action=\"/pm/send\" method=\"POST\" enctype=\"multipart/form-data\">"); + out.println("<div class=\"newpm\">"); + out.println(" <div class=\"newpm-to\">To: <input type=\"text\" name=\"uname\" placeholder=\"username\" value=\"" + uname + "\"/></div>"); + out.println(" <div class=\"newpm-body\"><textarea name=\"body\" rows=\"2\" onkeypress=\"postformListener(this.form,event)\"></textarea></div>"); + out.println(" <div class=\"newpm-send\"><input type=\"submit\" value=\"OK\"/></div>"); + out.println("</div>"); + out.println("</form>"); + + if (!msgs.isEmpty()) { + out.println("<ul>"); + for (com.juick.Message msg : msgs) { + + String txt = PageTemplates.formatMessage(msg.getText()); + + out.println(" <li class=\"msg\">"); + out.println(" <div class=\"msg-avatar\"><img src=\"//i.juick.com/a/" + visitor.getUID() + ".png\"/></div>"); + out.println(" <div class=\"msg-cont\">"); + out.println(" <div class=\"msg-header\">→ <a href=\"/" + msg.getUser().getUName() + "/\">@" + msg.getUser().getUName() + "</a>:</div>"); + out.println(" <div class=\"msg-ts\"><a href=\"#\" onclick=\"return false\" title=\"" + PageTemplates.sdfSQL.format(msg.getDate()) + " GMT\">" + PageTemplates.formatDate(msg.TimeAgo, msg.getDate()) + "</a></div>"); + out.println(" <div class=\"msg-txt\">" + txt + "</div>"); + out.println(" </div>"); + out.println(" </li>"); + } + out.println("</ul>"); + } + + /* + if (msgs.size() >= 20) { + String nextpage = "?before=" + msgs.get(msgs.size() - 1); + out.println("<p class=\"page\"><a href=\"" + nextpage + "\">Читать дальше →</a></p>"); + } + */ + + out.println("</section>"); + + PageTemplates.pageFooter(request, out, visitor, false); + PageTemplates.pageEnd(out); + } + } + + public void doPostPM(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response, Stream xmpp, com.juick.User visitor) throws ServletException, IOException { + String uname = request.getParameter("uname"); + if (uname.startsWith("@")) { + uname = uname.substring(1); + } + int uid = 0; + if (UserQueries.checkUserNameValid(uname)) { + uid = UserQueries.getUIDbyName(sql, uname); + } + + String body = request.getParameter("body"); + if (uid == 0 || body == null || body.length() < 1 || body.length() > 10240) { + response.sendError(400); + return; + } + + if (UserQueries.isInBLAny(sql, uid, visitor.getUID())) { + response.sendError(403); + return; + } + + if (PMQueries.createPM(sql, visitor.getUID(), uid, body)) { + Message msg = new Message(); + msg.from = new JID("juick", "juick.com", null); + msg.to = new JID(Integer.toString(uid), "push.juick.com", null); + JuickMessage jmsg = new JuickMessage(); + jmsg.setUser(visitor); + jmsg.setText(body); + msg.childs.add(jmsg); + xmpp.send(msg); + + msg.to.Host = "ws.juick.com"; + xmpp.send(msg); + + List<String> jids = UserQueries.getJIDsbyUID(sql, uid); + for (String jid : jids) { + Message mm = new Message(); + mm.to = new JID(jid); + mm.type = Message.Type.chat; + if (PMQueries.havePMinRoster(sql, visitor.getUID(), jid)) { + mm.from = new JID(jmsg.getUser().getUName(), "juick.com", "Juick"); + mm.body = body; + } else { + mm.from = new JID("juick", "juick.com", "Juick"); + mm.body = "Private message from @" + jmsg.getUser().getUName() + ":\n" + body; + } + xmpp.send(mm); + } + + Utils.sendTemporaryRedirect(response, "/pm/sent"); + + } else { + response.sendError(500); + } + } +} diff --git a/src/main/java/com/juick/http/www/PageTemplates.java b/src/main/java/com/juick/http/www/PageTemplates.java new file mode 100644 index 00000000..7021ccba --- /dev/null +++ b/src/main/java/com/juick/http/www/PageTemplates.java @@ -0,0 +1,483 @@ +/* + * Juick + * Copyright (C) 2008-2011, Ugnich Anton + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ +package com.juick.http.www; + +import com.juick.Message; +import com.juick.Tag; +import com.juick.server.MessagesQueries; +import com.juick.server.TagQueries; +import com.juick.server.UserQueries; +import java.io.PrintWriter; +import java.io.UnsupportedEncodingException; +import java.net.URLEncoder; +import java.sql.Connection; +import java.sql.PreparedStatement; +import java.sql.ResultSet; +import java.sql.SQLException; +import java.text.SimpleDateFormat; +import java.util.ArrayList; +import java.util.Calendar; +import java.util.Date; +import java.util.List; +import java.util.regex.Matcher; +import java.util.regex.Pattern; +import java.util.stream.Collectors; +import javax.servlet.http.HttpServletRequest; + +import org.springframework.jdbc.core.JdbcTemplate; +import org.springframework.util.StringUtils; +import ru.sape.Sape; + +/** + * + * @author Ugnich Anton + */ +public class PageTemplates { + + public static Sape sape = null; + protected static final SimpleDateFormat sdfSQL = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss"); + private static SimpleDateFormat sdfSimple = new SimpleDateFormat("d MMM"); + private static SimpleDateFormat sdfFull = new SimpleDateFormat("d MMM yyyy"); + private static String tagsHTML = null; + + public static void pageHead(PrintWriter out, String title, String headers) { + out.println("<!DOCTYPE html>"); + out.print("<html>"); + out.print("<head>"); + out.println("<meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\">"); + out.print("<link rel=\"stylesheet\" href=\"/style.css\"/>"); + out.print("<script type=\"text/javascript\" src=\"//cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js\"></script>"); + out.print("<script type=\"text/javascript\" src=\"/scripts.js\"></script>"); + if (headers != null) { + out.print(headers); + } + out.print("<title>" + title + "</title>"); + out.println("<meta name=\"viewport\" content=\"width=device-width,initial-scale=1,user-scalable=no\"/>"); + out.println("<link rel=\"icon\" href=\"//i.juick.com/favicon.png\"/>"); + out.println("<!--[if lt IE 9 & (!IEMobile 7)]>"); + out.println("<script src=\"//cdnjs.cloudflare.com/ajax/libs/html5shiv/3.7.3/html5shiv.min.js\"></script>"); + out.println("<![endif]-->"); + out.println("</head>"); + out.flush(); + out.println("<body>"); + } + + public static void pageNavigation(PrintWriter out, com.juick.User visitor, String search) { + out.println("<header>"); + out.println(" <div id=\"logo\"><a href=\"/\">Juick</a></div>"); + out.print(" <nav id=\"global\"><ul>"); + out.print("<li><a href=\"/\">Популярные</a></li>"); + out.print("<li><a href=\"/?show=all\" rel=\"nofollow\">Все сообщения</a></li>"); + out.print("<li><a href=\"/?show=photos\" rel=\"nofollow\">Фотографии</a></li>"); + out.println("</ul></nav>"); + out.print(" <div id=\"search\"><form action=\"/\"><input type=\"text\" name=\"search\" class=\"text\" placeholder=\"Поиск\""); + if (search != null) { + out.print(" value=\"" + Utils.encodeHTML(search) + "\""); + } + out.println("/></form></div>"); + out.println(" <section id=\"headdiv\">"); + if (visitor != null) { + out.print(" <nav id=\"user\"><ul>"); + out.print("<li><a href=\"/?show=my\">Моя лента</a></li>"); + out.print("<li><a href=\"/pm/inbox\">Приватные</a></li>"); + out.print("<li><a href=\"/?show=discuss\">Обсуждения</a></li>"); + out.print("<li><a href=\"/?show=recommended\">Рекомендации</a></li>"); + out.println("</ul></nav>"); + out.print(" <nav id=\"actions\"><ul>"); + out.print("<li><a href=\"/#post\">Написать</a></li>"); + out.print("<li><a href=\"/" + visitor.getUName() + "\">@" + visitor.getUName() + "</a></li>"); + out.print("<li><a href=\"/logout\">Выйти</a></li>"); + out.println("</ul></nav>"); + } else { + out.println("<p>Чтобы добавлять сообщения и комментарии, <a href=\"#\" onclick=\"return openDialogLogin()\">представьтесь</a>.</p>"); + } + out.println(" </section>"); + out.println("</header>"); + } + + public static void pageHomeColumn(PrintWriter out, JdbcTemplate sql, com.juick.User visitor) { + pageHomeColumn(out, sql, visitor, false); + } + + public static void pageHomeColumn(PrintWriter out, JdbcTemplate sql, com.juick.User visitor, boolean showAdv) { + if (tagsHTML == null) { + tagsHTML = PageTemplates.formatPopularTags(sql, 80); + } + + out.println("<aside id=\"column\">"); + out.print(" <p class=\"tags\">" + tagsHTML); + if (showAdv) { + out.print(" <a href=\"http://ru.wix.com/\">конструктор сайтов</a>"); + } + out.println("</p>"); +// if (visitor != null) { +// printContestRating(out, sql); +// } + out.println("</aside>"); + } + + public static String formatPopularTags(JdbcTemplate sql, int cnt) { + List<String> popularTags = TagQueries.getPopularTags(sql).stream() + .map(t -> "<a href=\"/tag/" + URLEncoder.encode(t) + "\">" + Utils.encodeHTML(t) + "</a>").collect(Collectors.toList()); + return StringUtils.collectionToDelimitedString(popularTags, " "); + } + + public static void pageFooter(HttpServletRequest request, PrintWriter out, com.juick.User visitor, boolean sapeon) { + out.println("<div id=\"footer\">"); + out.println(" <div id=\"footer-right\"><a href=\"/settings\" rel=\"nofollow\">Настройки</a> · <a href=\"/help/ru/contacts\" rel=\"nofollow\">Контакты</a> · <a href=\"/help/\" rel=\"nofollow\">Справка</a> · <a href=\"/help/ru/adv\" rel=\"nofollow\">Реклама</a></div>"); + out.print(" <div id=\"footer-social\">"); + out.print("<a href=\"https://twitter.com/Juick\" rel=\"nofollow\" class=\"ico32-twi\">Twitter</a>"); + out.print("<a href=\"https://vk.com/juick\" rel=\"nofollow\" class=\"ico32-vk\">ВКонтакте</a>"); + out.print("<a href=\"https://www.facebook.com/JuickCom\" rel=\"nofollow\" class=\"ico32-fb\">Facebook</a>"); + out.println("</div>"); + out.print(" <div id=\"footer-left\">juick.com © 2008-2016"); + + String queryString = request.getQueryString(); + String requestURI = request.getRequestURI(); + if (sapeon && sape != null && (visitor == null || visitor.getUID() == 1) && queryString == null) { + String links = sape.getPageLinks(requestURI, request.getCookies()).render(); + if (links != null && !links.isEmpty()) { + out.print("<br/>Спонсоры: " + links); + } + } + + out.println("</div>"); + out.println("</div>"); + + if (visitor != null) { + out.println("<script type=\"text/javascript\">"); + out.println("var hash=\"" + visitor.getAuthHash() + "\";"); + out.println("</script>"); + } + + out.println("<script>"); + out.println("(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){"); + out.println("(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),"); + out.println("m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)"); + out.println("})(window,document,'script','//www.google-analytics.com/analytics.js','ga');"); + out.println("ga('create','UA-385578-4','juick.com');"); + out.println("ga('require','displayfeatures');"); + out.println("ga('send','pageview');"); + + if (sapeon) { + out.println("var _acic={dataProvider:10};"); + out.println("(function(){"); + out.println("var e=document.createElement('script');e.type='text/javascript';e.async=true;e.src='//www2.aci'+'nt.net/aci.js';"); + out.println("var t=document.getElementsByTagName('script')[0];t.parentNode.insertBefore(e,t);"); + out.println("})();"); + } + + out.println("</script>"); + } + + public static void pageEnd(PrintWriter out) { + out.println("</body></html>"); + } + + public static String formatTags(List<Tag> tags) { + String ret = ""; + for (Tag tag : tags) { + String tagName = tag.Name.replaceAll("<", "<").replaceAll(">", ">"); + try { + ret += " *<a href=\"/tag/" + URLEncoder.encode(tag.Name, "utf-8") + "\""; + if (tag.UsageCnt < 2) { + ret += " rel=\"nofollow\""; + } + ret += ">" + tagName + "</a>"; + } catch (UnsupportedEncodingException e) { + } + } + + return ret; + } + + public static String formatTags(List<String> tags, com.juick.User user) { + String ret = ""; + for (String tag : tags) { + tag = tag.replaceAll("<", "<"); + tag = tag.replaceAll(">", ">"); + try { + ret += " *<a href=\""; + if (user == null) { + ret += "/tag/"; + } else { + ret += "/" + user.getUName() + "/?tag="; + } + ret += URLEncoder.encode(tag, "utf-8") + "\">" + tag + "</a>"; + } catch (UnsupportedEncodingException e) { + } + } + + return ret; + } + + public static String formatDate(int minutes, Date fulldate) { + if (minutes < 1) { + return "сейчас"; + } else if (minutes < 60) { + String unit; + int ld = minutes % 10; + if ((minutes < 10 || minutes > 20) && ld == 1) { + unit = "минуту"; + } else if ((minutes < 10 || minutes > 20) && ld > 1 && ld < 5) { + unit = "минуты"; + } else { + unit = "минут"; + } + return minutes + " " + unit + " назад"; + } else if (minutes < 1440) { + int hours = (minutes / 60); + String unit; + int ld = hours % 10; + if ((hours < 10 || hours > 20) && ld == 1) { + unit = "час"; + } else if ((hours < 10 || hours > 20) && ld > 1 && ld < 5) { + unit = "часа"; + } else { + unit = "часов"; + } + return hours + " " + unit + " назад"; + } else if (minutes < 20160) { + int days = (minutes / 1440); + String unit; + int ld = days % 10; + if ((days < 10 || days > 20) && ld == 1) { + unit = "день"; + } else if ((days < 10 || days > 20) && ld > 1 && ld < 5) { + unit = "дня"; + } else { + unit = "дней"; + } + return days + " " + unit + " назад"; + } else { + String ret = sdfFull.format(fulldate); + synchronized (sdfSQL) { + try { + Calendar c = Calendar.getInstance(); + int curyear = c.get(Calendar.YEAR); + c.setTime(fulldate); + if (c.get(Calendar.YEAR) == curyear) { + ret = sdfSimple.format(fulldate); + } else { + ret = sdfFull.format(fulldate); + } + } catch (Exception e) { + System.err.println("PARSE EXCEPTION: " + fulldate); + } + } + return ret; + } + } + + public static String formatJSLocalTime(Date ts) { + return "<script type=\"text/javascript\">" + + "var d=new Date(" + ts.getTime() + ");" + + "document.write((d.getDate()<10?'0':'')+d.getDate()+'.'+(d.getMonth()<9?'0':'')+(d.getMonth()+1)+'.'+d.getFullYear()+' '+(d.getHours()<10?'0':'')+d.getHours()+':'+(d.getMinutes()<10?'0':'')+d.getMinutes());" + + "</script>"; + } + + public static String formatReplies(int replies) { + int ld = replies % 10; + int lh = replies % 100; + if ((lh < 10 || lh > 20) && ld == 1) { + return replies + " ответ"; + } else if ((lh < 10 || lh > 20) && ld > 1 && ld < 5) { + return replies + " ответа"; + } else { + return replies + " ответов"; + } + } + private static Pattern regexLinks2 = Pattern.compile("((?<=\\s)|(?<=\\A))([\\[\\{]|<)((?:ht|f)tps?://(?:www\\.)?([^\\/\\s\\\"\\)\\!]+)/?(?:[^\\]\\}](?<!>))*)([\\]\\}]|>)"); + + public static String formatMessageCode(String msg) { + msg = msg.replaceAll("&", "&"); + msg = msg.replaceAll("<", "<"); + msg = msg.replaceAll(">", ">"); + + // http://juick.com/last?page=2 + // <a href="http://juick.com/last?page=2" rel="nofollow">http://juick.com/last?page=2</a> + msg = msg.replaceAll("((?<=\\s)|(?<=\\A))((?:ht|f)tps?://(?:www\\.)?([^\\/\\s\\n\\\"]+)/?[^\\s\\n\\\"]*)", "$1<a href=\"$2\" rel=\"nofollow\">$2</a>"); + + // (http://juick.com/last?page=2) + // (<a href="http://juick.com/last?page=2" rel="nofollow">http://juick.com/last?page=2</a>) + Matcher m = regexLinks2.matcher(msg); + StringBuffer sb = new StringBuffer(); + while (m.find()) { + String url = m.group(3).replace(" ", "%20").replaceAll("\\s+", ""); + m.appendReplacement(sb, "$1$2<a href=\"" + url + "\" rel=\"nofollow\">" + url + "</a>$5"); + } + m.appendTail(sb); + msg = sb.toString(); + + return "<pre>" + msg + "</pre>"; + } + + public static String formatMessage(String msg) { + msg = msg.replaceAll("&", "&"); + msg = msg.replaceAll("<", "<"); + msg = msg.replaceAll(">", ">"); + + // -- + // — + msg = msg.replaceAll("((?<=\\s)|(?<=\\A))\\-\\-?((?=\\s)|(?=\\Z))", "$1—$2"); + + // http://juick.com/last?page=2 + // <a href="http://juick.com/last?page=2" rel="nofollow">juick.com</a> + msg = msg.replaceAll("((?<=\\s)|(?<=\\A))((?:ht|f)tps?://(?:www\\.)?([^\\/\\s\\n\\\"]+)/?[^\\s\\n\\\"]*)", "$1<a href=\"$2\" rel=\"nofollow\">$3</a>"); + + // [link text][http://juick.com/last?page=2] + // <a href="http://juick.com/last?page=2" rel="nofollow">link text</a> + msg = msg.replaceAll("\\[([^\\]]+)\\]\\[((?:ht|f)tps?://[^\\]]+)\\]", "<a href=\"$2\" rel=\"nofollow\">$1</a>"); + msg = msg.replaceAll("\\[([^\\]]+)\\]\\(((?:ht|f)tps?://[^\\)]+)\\)", "<a href=\"$2\" rel=\"nofollow\">$1</a>"); + + // #12345 + // <a href="http://juick.com/12345">#12345</a> + msg = msg.replaceAll("((?<=\\s)|(?<=\\A)|(?<=\\p{Punct}))#(\\d+)((?=\\s)|(?=\\Z)|(?=\\))|(?=\\.)|(?=\\,))", "$1<a href=\"http://juick.com/$2\">#$2</a>$3"); + + // #12345/65 + // <a href="http://juick.com/12345#65">#12345/65</a> + msg = msg.replaceAll("((?<=\\s)|(?<=\\A)|(?<=\\p{Punct}))#(\\d+)/(\\d+)((?=\\s)|(?=\\Z)|(?=\\p{Punct}))", "$1<a href=\"http://juick.com/$2#$3\">#$2/$3</a>$4"); + + // *bold* + // <b>bold</b> + msg = msg.replaceAll("((?<=\\s)|(?<=\\A)|(?<=\\p{Punct}))\\*([^\\*\\n<>]+)\\*((?=\\s)|(?=\\Z)|(?=\\p{Punct}))", "$1<b>$2</b>$3"); + + // /italic/ + // <i>italic</i> + msg = msg.replaceAll("((?<=\\s)|(?<=\\A))/([^\\/\\n<>]+)/((?=\\s)|(?=\\Z)|(?=\\p{Punct}))", "$1<i>$2</i>$3"); + + // _underline_ + // <span class="u">underline</span> + msg = msg.replaceAll("((?<=\\s)|(?<=\\A))_([^\\_\\n<>]+)_((?=\\s)|(?=\\Z)|(?=\\p{Punct}))", "$1<span class=\"u\">$2</span>$3"); + + // /12 + // <a href="#12">/12</a> + msg = msg.replaceAll("((?<=\\s)|(?<=\\A))\\/(\\d+)((?=\\s)|(?=\\Z)|(?=\\p{Punct}))", "$1<a href=\"#$2\">/$2</a>$3"); + + // @username@jabber.org + // <a href="http://juick.com/username@jabber.org/">@username@jabber.org</a> + msg = msg.replaceAll("((?<=\\s)|(?<=\\A))@([\\w\\-\\.]+@[\\w\\-\\.]+)((?=\\s)|(?=\\Z)|(?=\\p{Punct}))", "$1<a href=\"http://juick.com/$2/\">@$2</a>$3"); + + // @username + // <a href="http://juick.com/username/">@username</a> + msg = msg.replaceAll("((?<=\\s)|(?<=\\A))@([\\w\\-]{2,16})((?=\\s)|(?=\\Z)|(?=\\p{Punct}))", "$1<a href=\"http://juick.com/$2/\">@$2</a>$3"); + + // (http://juick.com/last?page=2) + // (<a href="http://juick.com/last?page=2" rel="nofollow">juick.com</a>) + Matcher m = regexLinks2.matcher(msg); + StringBuffer sb = new StringBuffer(); + while (m.find()) { + String url = m.group(3).replace(" ", "%20").replaceAll("\\s+", ""); + m.appendReplacement(sb, "$1$2<a href=\"" + url + "\" rel=\"nofollow\">$4</a>$5"); + } + m.appendTail(sb); + msg = sb.toString(); + + // > citate + msg = msg.replaceAll("(?:(?<=\\n)|(?<=\\A))> *(.*)?(\\n|(?=\\Z))", "<q>$1</q>"); + msg = msg.replaceAll("</q><q>", "\n"); + + msg = msg.replaceAll("\n", "<br/>\n"); + return msg; + } + + public static void printMessages(PrintWriter out, JdbcTemplate sql, com.juick.User user, List<Integer> mids, com.juick.User visitor, int YandexID, int ad_mid) { + List<com.juick.Message> msgs = MessagesQueries.getMessages(sql, mids); + + for (int i = 0; i < msgs.size(); i++) { + com.juick.Message msg = msgs.get(i); + if (msg.getMID() == ad_mid) { + msgs.remove(i); + msgs.add(0, msg); + break; + } + } + + List<Integer> blUIDs = new ArrayList<Integer>(20); + if (visitor != null) { + for (Message msg : msgs) { + blUIDs.add(msg.getUser().getUID()); + } + blUIDs = UserQueries.checkBL(sql, visitor.getUID(), blUIDs); + } + + for (int i = 0; i < msgs.size(); i++) { + + com.juick.Message msg = msgs.get(i); + + List<com.juick.Tag> tags = MessagesQueries.getMessageTags(sql, msg.getMID()); + String tagsStr = formatTags(tags); + if (msg.ReadOnly) { + tagsStr += " *readonly"; + } + if (msg.Privacy < 0) { + tagsStr += " *friends"; + } + if (msg.getMID() == ad_mid) { + tagsStr += " *реклама"; + } + + String txt; + if (!msg.Tags.isEmpty() && msg.Tags.contains("code")) { + txt = formatMessageCode(msg.getText()); + } else { + txt = formatMessage(msg.getText()); + } + + out.println("<article data-mid=\"" + msg.getMID() + "\">"); + out.println(" <aside><a href=\"/" + msg.getUser().getUName() + "/\"><img src=\"//i.juick.com/a/" + msg.getUser().getUID() + ".png\" alt=\"" + msg.getUser().getUName() + "\"/></a></aside>"); + out.println(" <header class=\"u\">@<a href=\"/" + msg.getUser().getUName() + "/\">" + msg.getUser().getUName() + "</a>:" + tagsStr + "</header>"); + out.println(" <header class=\"t\"><a href=\"/" + msg.getUser().getUName() + "/" + msg.getMID() + "\"><time datetime=\"" + sdfSQL.format(msg.getDate()) + "Z\" title=\"" + sdfSQL.format(msg.getDate()) + " GMT\">" + formatDate(msg.TimeAgo, msg.getDate()) + "</time></a></header>"); + if (msg.AttachmentType != null) { + String fname = msg.getMID() + "." + msg.AttachmentType; + out.println(" <p class=\"ir\"><a href=\"//i.juick.com/photos-512/" + fname + "\" onclick=\"return showPhotoDialog('" + fname + "')\"><img src=\"//i.juick.com/photos-512/" + fname + "\" alt=\"\"/></a></p>"); + } + out.println(" <p>" + txt + "</p>"); + if (msg.AttachmentType != null) { + out.println(" <div class=\"irbr\"></div>"); + } + out.print(" <nav class=\"l\">"); + msg.ReadOnly |= blUIDs.contains(msg.getUser().getUID()); + out.print("<a href=\"#\" onclick=\"return likeMessage(this," + msg.getMID() + ")\">Мне нравится</a>"); + if (visitor == null && !msg.ReadOnly) { + out.print("<a href=\"#\" onclick=\"return openDialogLogin()\">Комментировать</a> "); + } else if (visitor != null && (!msg.ReadOnly || visitor.getUID() == msg.getUser().getUID())) { + out.print("<a href=\"#\" onclick=\"return showCommentFooter(this)\">Комментировать</a> "); + } + if (visitor != null && msg.Privacy < 0 && msg.getUser().getUID() == visitor.getUID()) { + out.print(" <a href=\"#\" onclick=\"return setPrivacy(this," + msg.getMID() + ")\">Открыть доступ</a>"); + } + if (visitor != null && visitor.getUID() == 3694) { + out.print(" <a href=\"#\" onclick=\"return setPopular(this," + msg.getMID() + ",2)\">+</a>"); + out.print(" <a href=\"#\" onclick=\"return setPopular(this," + msg.getMID() + ",-1)\">-</a>"); + out.print(" <a href=\"#\" onclick=\"return setPopular(this," + msg.getMID() + ",-2)\">x</a>"); + } + out.println("</nav>"); + + out.print(" <nav class=\"s\">"); + if (msg.Likes > 0) { + out.print("<a href=\"/" + msg.getUser().getUName() + "/" + msg.getMID() + "\" class=\"likes\">" + msg.Likes + "</a>"); + } + if (msg.Replies > 0) { + out.print("<a href=\"/" + msg.getUser().getUName() + "/" + msg.getMID() + "\" class=\"replies\">" + msg.Replies + "</a>"); + } + out.println("</nav>"); + out.print("</article>"); + } + } +} diff --git a/src/main/java/com/juick/http/www/RSS.java b/src/main/java/com/juick/http/www/RSS.java new file mode 100644 index 00000000..349743b5 --- /dev/null +++ b/src/main/java/com/juick/http/www/RSS.java @@ -0,0 +1,101 @@ +/* + * Juick + * Copyright (C) 2008-2013, ugnich + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ +package com.juick.http.www; + +import com.juick.Message; +import com.juick.server.MessagesQueries; +import org.springframework.jdbc.core.JdbcTemplate; + +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; +import java.io.PrintWriter; +import java.text.SimpleDateFormat; +import java.util.Date; +import java.util.List; + +/** + * + * @author ugnich + */ +public class RSS { + + private static final SimpleDateFormat sdfRSS = new SimpleDateFormat("EEE, d MMM yyyy HH:mm:ss Z"); + + protected void doGet(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response, int uid, String uname) throws ServletException, IOException { + List<Integer> mids = MessagesQueries.getUserBlog(sql, uid, 0, 0); + if (mids.isEmpty()) { + response.sendError(404); + return; + } + + List<Message> msgs = MessagesQueries.getMessages(sql, mids); + + response.setContentType("application/rss+xml; charset=UTF-8"); + try (PrintWriter out = response.getWriter()) { + out.println("<?xml version='1.0' encoding='utf-8'?>"); + out.println("<rss version='2.0' xmlns:atom='http://www.w3.org/2005/Atom' xmlns:slash='http://purl.org/rss/1.0/modules/slash/' xmlns:rdf='http://www.w3.org/1999/02/22-rdf-syntax-ns#' xmlns:media='http://search.yahoo.com/mrss/' xmlns:juick='http://juick.com/'>"); + out.println("<channel>"); + out.println("<atom:link href='http://rss.juick.com/" + uname + "/blog' rel='self' type='application/rss+xml'/>"); + out.println("<title>" + uname + " - Juick</title>"); + out.println("<link>http://juick.com/" + uname + "/</link>"); + out.println("<description>The latest messages by @" + uname + " at Juick</description>"); + out.println("<image><url>http://i.juick.com/a/" + uid + ".png</url><title>" + uname + " - Juick</title><link>http://juick.com/" + uname + "/</link></image>"); + + for (Message msg : msgs) { + out.println("<item>"); + out.println("<link>http://juick.com/" + msg.getUser().getUName() + "/" + msg.getMID() + "</link>"); + out.println("<guid>http://juick.com/" + msg.getUser().getUName() + "/" + msg.getMID() + "</guid>"); + + out.print("<title><![CDATA[@" + msg.getUser().getUName() + ":"); + if (!msg.Tags.isEmpty()) { + for (int n = 0; n < msg.Tags.size(); n++) { + out.print(" *" + msg.Tags.get(n)); + } + } + out.println("]]></title>"); + out.println("<description><![CDATA[" + PageTemplates.formatMessage(msg.getText()) + "]]></description>"); + + Date date = msg.getDate(); + out.println("<pubDate>" + sdfRSS.format(date) + "</pubDate>"); + + + out.println("<comments>http://juick.com/" + msg.getUser().getUName() + "/" + msg.getMID() + "</comments>"); + if (!msg.Tags.isEmpty()) { + for (int n = 0; n < msg.Tags.size(); n++) { + out.println("<category>" + msg.Tags.get(n) + "</category>"); + } + } + if (msg.AttachmentType != null) { + if (msg.AttachmentType.equals("jpg")) { + out.println("<media:content url='http://i.juick.com/photos-1024/" + msg.getMID() + ".jpg' type='image/jpeg'/>"); + out.println("<media:thumbnail url='http://i.juick.com/ps/" + msg.getMID() + ".jpg'/>"); + } else if (msg.AttachmentType.equals("png")) { + out.println("<media:content url='http://i.juick.com/photos-1024/" + msg.getMID() + ".png' type='image/png'/>"); + out.println("<media:thumbnail url='http://i.juick.com/ps/" + msg.getMID() + ".png'/>"); + } + } + out.println("<juick:user uid='" + msg.getUser().getUID() + "'/>"); + out.println("</item>"); + } + + out.println("</channel></rss>"); + } + } +} diff --git a/src/main/java/com/juick/http/www/Settings.java b/src/main/java/com/juick/http/www/Settings.java new file mode 100644 index 00000000..54ee0ee9 --- /dev/null +++ b/src/main/java/com/juick/http/www/Settings.java @@ -0,0 +1,91 @@ +/* + * Juick + * Copyright (C) 2008-2013, Ugnich Anton + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ +package com.juick.http.www; + +import org.springframework.jdbc.core.JdbcTemplate; + +import javax.servlet.ServletException; +import javax.servlet.http.Cookie; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; +import java.io.PrintWriter; + +/** + * + * @author Ugnich Anton + */ +public class Settings { + + protected void doGet(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + + response.setContentType("text/html; charset=UTF-8"); + try (PrintWriter out = response.getWriter()) { + PageTemplates.pageHead(out, "Логин", ""); + PageTemplates.pageNavigation(out, visitor, null); + + out.println("<div id=\"topwrapper\">"); + out.println("<div id=\"wrapper\">"); + out.println("<div id=\"content\">"); + out.println("<form action=\"/login\" method=\"post\">"); + out.println("<p>Имя пользователя: <input type=\"text\" name=\"username\"/></p>"); + out.println("<p>Пароль: <input type=\"password\" name=\"password\"/></p>"); + out.println("<p><input type=\"submit\" value=\" OK \"/></p>"); + out.println("</form>"); + out.println("</div>"); + out.println("</div>"); + out.println("</div>"); // topwrapper + + PageTemplates.pageFooter(request, out, visitor, false); + PageTemplates.pageEnd(out); + } + } + + protected void doPost(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + String username = request.getParameter("username"); + String password = request.getParameter("password"); + if (username == null || password == null || username.length() > 32 || password.isEmpty()) { + response.sendError(400); + return; + } + + int uid = com.juick.server.UserQueries.checkPassword(sql, username, password); + if (uid > 0) { + String hash = com.juick.server.UserQueries.getHashByUID(sql, uid); + Cookie c = new Cookie("hash", hash); + c.setDomain(".juick.com"); + c.setMaxAge(365 * 24 * 60 * 60); + response.addCookie(c); + + + if (uid > 0) { + throw new IOException("Settings"); + } + + String referer = request.getHeader("Referer"); + if (referer != null && referer.startsWith("http://juick.com/") && !referer.equals("http://juick.com/login")) { + response.sendRedirect(referer); + } else { + response.sendRedirect("/"); + } + } else { + response.sendError(403); + } + } +} diff --git a/src/main/java/com/juick/http/www/SignUp.java b/src/main/java/com/juick/http/www/SignUp.java new file mode 100644 index 00000000..1ee23386 --- /dev/null +++ b/src/main/java/com/juick/http/www/SignUp.java @@ -0,0 +1,258 @@ +/* + * Juick + * Copyright (C) 2008-2013, Ugnich Anton + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ +package com.juick.http.www; + +import com.juick.server.UserQueries; +import org.apache.commons.lang3.tuple.Pair; +import org.springframework.dao.EmptyResultDataAccessException; +import org.springframework.jdbc.core.JdbcTemplate; + +import javax.servlet.ServletException; +import javax.servlet.http.Cookie; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; +import java.io.PrintWriter; +import java.util.List; + +/** + * + * @author Ugnich Anton + */ +public class SignUp { + + protected void doGet(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + + String type = request.getParameter("type"); + String hash = request.getParameter("hash"); + if (type == null || type.isEmpty() || hash == null || hash.isEmpty() || hash.length() > 36 || !type.matches("^[a-zA-Z0-9\\-]+$") || !hash.matches("^[a-zA-Z0-9\\-]+$")) { + response.sendError(HttpServletResponse.SC_BAD_REQUEST); + return; + } + + String account = null; + if (type.equals("fb")) { + account = getFacebookNameByHash(sql, hash); + } else if (type.equals("vk")) { + account = getVKNameByHash(sql, hash); + } else if (type.equals("xmpp")) { + account = getJIDByHash(sql, hash); + } else if (type.equals("durov")) { + account = getTelegramNameByHash(sql, hash); + } + if (account == null) { + response.sendError(HttpServletResponse.SC_BAD_REQUEST); + return; + } + + response.setContentType("text/html; charset=UTF-8"); + try (PrintWriter out = response.getWriter()) { + PageTemplates.pageHead(out, "Новый пользователь", null); + PageTemplates.pageNavigation(out, visitor, null); + + out.println("<section id=\"content\">"); + + out.print("<h1 class=\"signup-h1\">"); + if (type.charAt(0) == 'f') { + out.print("<img src=\"//static.juick.com/settings/facebook.png\" alt=\"Facebook\"/>"); + } else if (type.charAt(0) == 'v') { + out.print("<img src=\"//static.juick.com/settings/vk.png\" alt=\"VKontakte\"/>"); + } else if (type.charAt(0) == 'x') { + out.print("<img src=\"//static.juick.com/settings/xmpp.png\" alt=\"XMPP\"/>"); + } else if (type.charAt(0) == 'd') { + out.print("<img src=\"//telegram.org/favicon.ico?3\" alt=\"Telegram\"/>"); + } + out.println(account + "</h1>"); + + out.println("<h2 class=\"signup-h2\">Связать с существующим аккаунтом Juick</h2>"); + out.println("<form action=\"/signup\" method=\"post\">"); + out.println("<input type=\"hidden\" name=\"action\" value=\"link\"/>"); + out.println("<input type=\"hidden\" name=\"type\" value=\"" + type + "\"/>"); + out.println("<input type=\"hidden\" name=\"hash\" value=\"" + hash + "\"/>"); + if (visitor != null) { + out.println("<input type=\"submit\" value=\"Связать с этим аккаунтом\"/>"); + } else { + out.println("<p>Имя пользователя: <input type=\"text\" name=\"username\"/></p>"); + out.println("<p>Пароль: <input type=\"password\" name=\"password\"/></p>"); + out.println("<p><input type=\"submit\" value=\" OK \"/></p>"); + } + out.println("</form>"); + + out.println("<hr class=\"signup-hr\"/>"); + + out.println("<h2 class=\"signup-h2\">Создать новый аккаунт Juick</h2>"); + out.println("<form action=\"/signup\" method=\"post\">"); + out.println("<input type=\"hidden\" name=\"action\" value=\"new\"/>"); + out.println("<input type=\"hidden\" name=\"type\" value=\"" + type + "\"/>"); + out.println("<input type=\"hidden\" name=\"hash\" value=\"" + hash + "\"/>"); + out.println("<p>Имя пользователя: <input type=\"text\" name=\"username\" id=\"username\" onblur=\"checkUsername()\"/><br/><i>(От 2-х до 16-и латинских символов и/или цифр, дефис)</i></p>"); + out.println("<p>Пароль: <input type=\"password\" name=\"password\"/><br/><i>(от 6-и до 32-х символов)</i></p>"); + out.println("<p><input type=\"submit\" value=\" OK \"/></p>"); + out.println("</form>"); + + out.println("</section>"); + + PageTemplates.pageFooter(request, out, visitor, false); + PageTemplates.pageEnd(out); + } + } + + protected void doPost(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + int uid = 0; + + String type = request.getParameter("type"); + String hash = request.getParameter("hash"); + if (type == null || type.isEmpty() || hash == null || hash.isEmpty() || hash.length() > 36 || !type.matches("^[a-zA-Z0-9\\-]+$") || !hash.matches("^[a-zA-Z0-9\\-]+$")) { + response.sendError(HttpServletResponse.SC_BAD_REQUEST); + return; + } + + String action = request.getParameter("action"); + if (action.charAt(0) == 'l') { + + if (visitor == null) { + String username = request.getParameter("username"); + String password = request.getParameter("password"); + if (username == null || password == null || username.length() > 32 || password.isEmpty()) { + response.sendError(HttpServletResponse.SC_BAD_REQUEST); + return; + } + uid = com.juick.server.UserQueries.checkPassword(sql, username, password); + } else { + uid = visitor.getUID(); + } + + if (uid <= 0) { + response.sendError(HttpServletResponse.SC_FORBIDDEN); + return; + } + + if (!(type.charAt(0) == 'f' && setFacebookUser(sql, hash, uid)) + && !(type.charAt(0) == 'v' && setVKUser(sql, hash, uid)) + && !(type.charAt(0) == 'd' && setTelegramUser(sql, hash, uid)) + && !(type.charAt(0) == 'x' && setJIDUser(sql, hash, uid))) { + response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + return; + } + + } else { // Create new account + String username = request.getParameter("username"); + String password = request.getParameter("password"); + if (username == null || password == null || username.length() < 2 || username.length() > 16 || !username.matches("^[a-zA-Z0-9\\-]+$") || password.length() < 6 || password.length() > 32) { + response.sendError(HttpServletResponse.SC_BAD_REQUEST); + return; + } + + // CHECK USERNAME + + uid = UserQueries.createUser(sql, username, password); + if (uid <= 0) { + response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + return; + } + + if (!(type.charAt(0) == 'f' && setFacebookUser(sql, hash, uid)) + && !(type.charAt(0) == 'v' && setVKUser(sql, hash, uid)) + && !(type.charAt(0) == 'd' && setTelegramUser(sql, hash, uid)) + && !(type.charAt(0) == 'x' && setJIDUser(sql, hash, uid))) { + response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + return; + } + + int ref = 0; + String sRef = Utils.getCookie(request, "ref"); + if (sRef != null) { + try { + ref = Integer.parseInt(sRef); + } catch (Exception e) { + } + } + + if (ref > 0) { + setUserRef(sql, uid, ref); + } + + visitor = null; + } + + if (visitor == null) { + hash = com.juick.server.UserQueries.getHashByUID(sql, uid); + Cookie c = new Cookie("hash", hash); + c.setMaxAge(365 * 24 * 60 * 60); + response.addCookie(c); + } + + response.sendRedirect("/"); + } + + private boolean setUserRef(JdbcTemplate sql, int uid, int ref) { + return sql.update("INSERT INTO users_refs(user_id,ref) VALUES (?,?)", uid, ref) > 0; + } + + private String getFacebookNameByHash(JdbcTemplate sql, String hash) { + try { + return sql.queryForObject("SELECT fb_name,fb_link FROM facebook WHERE loginhash=?", String.class, hash); + } catch (EmptyResultDataAccessException e) { + return null; + } + } + private String getTelegramNameByHash(JdbcTemplate sql, String hash) { + try { + String name = sql.queryForObject("SELECT tg_name FROM telegram WHERE loginhash=?", String.class, hash); + return "<a href=\"https://telegram.me/" + name + "\" rel=\"nofollow\">" + name + "</a>"; + } catch (EmptyResultDataAccessException e) { + return null; + } + } + + private boolean setFacebookUser(JdbcTemplate sql, String hash, int uid) { + return sql.update("UPDATE facebook SET user_id=?,loginhash=NULL WHERE loginhash=?", uid, hash) > 0; + } + + private String getVKNameByHash(JdbcTemplate sql, String hash) { + List<Pair<String, String>> logins = sql.query("SELECT vk_name,vk_link FROM vk WHERE loginhash=?", + (rs, num) -> { + return Pair.of(rs.getString(1), rs.getString(2)); + }, hash); + if (logins.size() > 0) { + return "<a href=\"http://vk.com/" + logins.get(0).getRight() + "\" rel=\"nofollow\">" + logins.get(0).getLeft() + "</a>"; + } + return null; + } + + private boolean setVKUser(JdbcTemplate sql, String hash, int uid) { + return sql.update("UPDATE vk SET user_id=?,loginhash=NULL WHERE loginhash=?", uid, hash) > 0; + } + private boolean setTelegramUser(JdbcTemplate sql, String hash, int uid) { + return sql.update("UPDATE telegram SET user_id=?,loginhash=NULL WHERE loginhash=?", uid, hash) > 0; + } + + private String getJIDByHash(JdbcTemplate sql, String hash) { + try { + return sql.queryForObject("SELECT jid FROM jids WHERE loginhash=?", String.class, hash); + } catch (EmptyResultDataAccessException e) { + return null; + } + } + + private boolean setJIDUser(JdbcTemplate sql, String hash, int uid) { + return sql.update("UPDATE jids SET user_id=?,loginhash=NULL WHERE loginhash=?", uid, hash) > 0; + } +} diff --git a/src/main/java/com/juick/http/www/TwitterAuth.java b/src/main/java/com/juick/http/www/TwitterAuth.java new file mode 100644 index 00000000..bbad4d83 --- /dev/null +++ b/src/main/java/com/juick/http/www/TwitterAuth.java @@ -0,0 +1,86 @@ +package com.juick.http.www; + +import com.github.scribejava.apis.TwitterApi; +import com.github.scribejava.core.builder.ServiceBuilder; +import com.github.scribejava.core.model.*; +import com.github.scribejava.core.oauth.OAuth10aService; +import com.github.scribejava.core.oauth.OAuthService; +import com.juick.server.UserQueries; +import org.json.JSONObject; +import org.springframework.jdbc.core.JdbcTemplate; + +import javax.servlet.ServletException; +import javax.servlet.http.Cookie; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; +import java.sql.Connection; + +/** + * Created by vt on 01.12.2015. + */ +public class TwitterAuth { + + private final static String VERIFY_URL = "https://api.twitter.com/1.1/account/verify_credentials.json"; + + private String consumerKey, consumerSecret; + + public TwitterAuth(String consumerKey, String consumerSecret) { + this.consumerKey = consumerKey; + this.consumerSecret = consumerSecret; + } + + protected void doGet(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response) + throws ServletException, IOException { + String hash = "", request_token = "", request_token_secret = ""; + String verifier = request.getParameter("oauth_verifier"); + Cookie[] cookies = request.getCookies(); + for (Cookie cookie : cookies) { + if (cookie.getName().equals("hash")) { + hash = cookie.getValue(); + } + if (cookie.getName().equals("request_token")) { + request_token = cookie.getValue(); + } + if (cookie.getName().equals("request_token_secret")) { + request_token_secret = cookie.getValue(); + } + } + com.juick.User user = UserQueries.getUserByHash(sql, hash); + if ( user == null || user.getUID() == 0) { + response.sendError(403); + return; + } + OAuth10aService oAuthService = new ServiceBuilder() + .apiKey(consumerKey) + .apiSecret(consumerSecret) + .callback("http://juick.com/_twitter") + .build(TwitterApi.instance()); + + if (request_token.isEmpty() && request_token_secret.isEmpty() + && (verifier == null || verifier.isEmpty())) { + OAuth1RequestToken requestToken = oAuthService.getRequestToken(); + String authUrl = oAuthService.getAuthorizationUrl(requestToken); + response.addCookie(new Cookie("request_token", requestToken.getToken())); + response.addCookie(new Cookie("request_token_secret", requestToken.getTokenSecret())); + response.setStatus(HttpServletResponse.SC_FOUND); + response.setHeader("Location", authUrl); + } else { + if (verifier != null && verifier.length() > 0) { + OAuth1RequestToken requestToken = new OAuth1RequestToken(request_token, request_token_secret); + OAuth1AccessToken accessToken = oAuthService.getAccessToken(requestToken, verifier); + OAuthRequest oAuthRequest = new OAuthRequest(Verb.GET, VERIFY_URL, oAuthService); + oAuthService.signRequest(accessToken, oAuthRequest); + JSONObject jsonResponse = new JSONObject(oAuthRequest.send().getBody()); + String screenName = jsonResponse.getString("screen_name"); + if (UserQueries.linkTwitterAccount(sql, user, accessToken.getToken(), accessToken.getTokenSecret(), + screenName)) { + response.setStatus(HttpServletResponse.SC_FOUND); + response.setHeader("Location", "http://juick.com/settings"); + } else { + response.sendError(500); + } + } + } + } +} diff --git a/src/main/java/com/juick/http/www/User.java b/src/main/java/com/juick/http/www/User.java new file mode 100644 index 00000000..0bdd910e --- /dev/null +++ b/src/main/java/com/juick/http/www/User.java @@ -0,0 +1,344 @@ +/* + * Juick + * Copyright (C) 2008-2011, Ugnich Anton + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ +package com.juick.http.www; + +import com.juick.Tag; +import com.juick.server.MessagesQueries; +import com.juick.server.TagQueries; +import com.juick.server.UserQueries; +import org.springframework.jdbc.core.JdbcTemplate; + +import javax.servlet.ServletException; +import javax.servlet.http.Cookie; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; +import java.io.PrintWriter; +import java.io.UnsupportedEncodingException; +import java.net.URLEncoder; +import java.util.Arrays; +import java.util.List; + +/** + * + * @author Ugnich Anton + */ +public class User { + + protected void doGetBlog(JdbcTemplate sql, JdbcTemplate sqlSearch, HttpServletRequest request, HttpServletResponse response, com.juick.User user) throws ServletException, IOException { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + + List<Integer> mids; + + String paramShow = request.getParameter("show"); + + com.juick.Tag paramTag = null; + String paramTagStr = request.getParameter("tag"); + if (paramTagStr != null) { + if (paramTagStr.length() < 64) { + paramTag = TagQueries.getTag(sql, paramTagStr, false); + } + if (paramTag == null) { + Errors.doGet404(sql, request, response); + return; + } else if (!paramTag.Name.equals(paramTagStr)) { + String url = "/" + user.getUName() + "/?tag=" + URLEncoder.encode(paramTag.Name, "UTF-8"); + Utils.sendPermanentRedirect(response, url); + return; + } + } + + int paramBefore = 0; + String paramBeforeStr = request.getParameter("before"); + if (paramBeforeStr != null) { + try { + paramBefore = Integer.parseInt(paramBeforeStr); + } catch (NumberFormatException e) { + } + } + + String paramSearch = request.getParameter("search"); + if (paramSearch != null && paramSearch.length() > 64) { + paramSearch = null; + } + + int privacy = 0; + if (visitor != null) { + if (user.getUID() == visitor.getUID() || visitor.getUID() == 1) { + privacy = -3; + } else if (UserQueries.isInWL(sql, user.getUID(), visitor.getUID())) { + privacy = -2; + } + } + + String title; + if (paramShow == null) { + if (paramTag != null) { + title = "Блог " + user.getUName() + ": *" + Utils.encodeHTML(paramTag.Name); + mids = MessagesQueries.getUserTag(sql, user.getUID(), paramTag.TID, privacy, paramBefore); + } else if (paramSearch != null) { + title = "Блог " + user.getUName() + ": " + Utils.encodeHTML(paramSearch); + mids = MessagesQueries.getUserSearch(sql, sqlSearch, user.getUID(), Utils.encodeSphinx(paramSearch), privacy, paramBefore); + } else { + title = "Блог " + user.getUName(); + mids = MessagesQueries.getUserBlog(sql, user.getUID(), privacy, paramBefore); + } + } else if (paramShow.equals("recomm")) { + title = "Рекомендации " + user.getUName(); + mids = MessagesQueries.getUserRecommendations(sql, user.getUID(), paramBefore); + } else if (paramShow.equals("photos")) { + title = "Фотографии " + user.getUName(); + mids = MessagesQueries.getUserPhotos(sql, user.getUID(), privacy, paramBefore); + } else { + Errors.doGet404(sql, request, response); + return; + } + + if (visitor == null) { + pageUserRefCookie(request, response, user.getUID()); + } + + response.setContentType("text/html; charset=UTF-8"); + try (PrintWriter out = response.getWriter()) { + String head = "<link rel=\"alternate\" type=\"application/rss+xml\" title=\"@" + user.getUName() + "\" href=\"//rss.juick.com/" + user.getUName() + "/blog\"/>"; + if (paramTag != null && TagQueries.getTagNoIndex(sql, paramTag.TID)) { + head += "<meta name=\"robots\" content=\"noindex,nofollow\"/>"; + } else if (paramBefore > 0 || paramShow != null) { + head += "<meta name=\"robots\" content=\"noindex\"/>"; + } + PageTemplates.pageHead(out, title, head); + PageTemplates.pageNavigation(out, visitor, null); + pageUserColumn(out, sql, user, visitor); + + if (mids.size() > 0) { + out.println("<section id=\"content\">"); + + if (paramTag != null) { + out.println("<p class=\"page\"><a href=\"/tag/" + URLEncoder.encode(paramTag.Name, "UTF-8") + "\">← Все записи с тегом <b>" + Utils.encodeHTML(paramTag.Name) + "</b></a></p>"); + } + + PageTemplates.printMessages(out, sql, user, mids, visitor, visitor == null ? 4 : 5, 0); + + if (mids.size() >= 20) { + String nextpage = "?before=" + mids.get(mids.size() - 1); + if (paramShow != null) { + nextpage += "&show=" + paramShow; + } + if (paramTag != null) { + nextpage += "&tag=" + URLEncoder.encode(paramTag.Name, "UTF-8"); + } + if (paramSearch != null) { + nextpage += "&search=" + URLEncoder.encode(paramSearch, "UTF-8"); + } + out.println("<p class=\"page\"><a href=\"" + nextpage + "\" rel=\"prev\">Читать дальше →</a></p>"); + } + + out.println("</section>"); + } + + PageTemplates.pageFooter(request, out, visitor, true); + PageTemplates.pageEnd(out); + } + } + + protected void doGetTags(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response, com.juick.User user) throws ServletException, IOException { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + + if (visitor == null) { + pageUserRefCookie(request, response, user.getUID()); + } + + response.setContentType("text/html; charset=UTF-8"); + try (PrintWriter out = response.getWriter()) { + String head = "<meta name=\"robots\" content=\"noindex,nofollow\"/>"; + PageTemplates.pageHead(out, "Теги " + user.getUName(), head); + PageTemplates.pageNavigation(out, visitor, null); + pageUserColumn(out, sql, user, visitor); + + out.println("<section id=\"content\">"); + out.println("<p>" + pageUserTags(sql, user, visitor, 0) + "</p>"); + out.println("</section>"); + + PageTemplates.pageFooter(request, out, visitor, false); + PageTemplates.pageEnd(out); + } + } + + protected void doGetFriends(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response, com.juick.User user) throws ServletException, IOException { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + + if (visitor == null) { + pageUserRefCookie(request, response, user.getUID()); + } + + response.setContentType("text/html; charset=UTF-8"); + try (PrintWriter out = response.getWriter()) { + String head = "<meta name=\"robots\" content=\"noindex\"/>"; + PageTemplates.pageHead(out, "Подписки " + user.getUName(), head); + PageTemplates.pageNavigation(out, visitor, null); + pageUserColumn(out, sql, user, visitor); + + out.println("<section id=\"content\">"); + out.println("<table class=\"users\"><tr>"); + + List<com.juick.User> friends = UserQueries.getUserFriends(sql, user.getUID()); + for (int i = 0; i < friends.size(); i++) { + if (i % 3 == 0 && i > 0) { + out.print("</tr><tr>"); + } + out.print("<td><a href=\"/" + friends.get(i).getUName() + + "/\"><img src=\"//i.juick.com/as/" + friends.get(i).getUID() + ".png\"/>" + + friends.get(i).getUName() + "</a></td>"); + } + + out.println("</tr></table>"); + out.println("</section>"); + + PageTemplates.pageFooter(request, out, visitor, false); + PageTemplates.pageEnd(out); + } + } + + protected void doGetReaders(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response, com.juick.User user) throws ServletException, IOException { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + + if (visitor == null) { + pageUserRefCookie(request, response, user.getUID()); + } + + response.setContentType("text/html; charset=UTF-8"); + try (PrintWriter out = response.getWriter()) { + String head = "<meta name=\"robots\" content=\"noindex\"/>"; + PageTemplates.pageHead(out, "Читатели " + user.getUName(), head); + PageTemplates.pageNavigation(out, visitor, null); + pageUserColumn(out, sql, user, visitor); + + out.println("<section id=\"content\">"); + out.println("<table class=\"users\"><tr>"); + + List<com.juick.User> readers = UserQueries.getUserReaders(sql, user.getUID()); + for (int i = 0; i < readers.size(); i++) { + if (i % 3 == 0 && i > 0) { + out.print("</tr><tr>"); + } + out.print("<td><a href=\"/" + readers.get(i).getUName() + + "/\"><img src=\"//i.juick.com/as/" + readers.get(i).getUID() + ".png\"/>" + + readers.get(i).getUName() + "</a></td>"); + } + + out.println("</tr></table>"); + out.println("</section>"); + + PageTemplates.pageFooter(request, out, visitor, false); + PageTemplates.pageEnd(out); + } + } + + public static void pageUserRefCookie(HttpServletRequest request, HttpServletResponse response, int uid) { + String hReferer = request.getHeader("Referer"); + String ref = Utils.getCookie(request, "ref"); + + if (ref == null && (hReferer == null || !(hReferer.startsWith("http://juick.com/") || hReferer.startsWith("https://juick.com/")))) { + Cookie c = new Cookie("ref", Integer.toString(uid)); + c.setMaxAge(7 * 24 * 60 * 60); + c.setPath("/"); + response.addCookie(c); + } + } + + public static void pageUserColumn(PrintWriter out, JdbcTemplate sql, com.juick.User user, com.juick.User visitor) { + out.println("<aside id=\"column\">"); + out.println(" <div id=\"ctitle\"><a href=\"./\"><img src=\"//i.juick.com/as/" + user.getUID() + ".png\" alt=\"\"/>" + user.getUName() + "</a></div>"); + if (visitor != null && visitor.getUID() > 0 && visitor.getUID() != user.getUID()) { + out.println(" <ul id=\"ctoolbar\">"); + if (UserQueries.isSubscribed(sql, visitor.getUID(), user.getUID())) { + out.println(" <li><a href=\"/post?body=U+%40" + user.getUName() + "\" title=\"Подписан\"><div style=\"background-position: -48px 0\"></div></a></li>"); + } else { + out.println(" <li><a href=\"/post?body=S+%40" + user.getUName() + "\" title=\"Подписаться\"><div style=\"background-position: -16px 0\"></div></a></li>"); + } + if (UserQueries.isInBL(sql, visitor.getUID(), user.getUID())) { + out.println(" <li><a href=\"/post?body=BL+%40" + user.getUName() + "\" title=\"Разблокировать\"><div style=\"background-position: -96px 0\"></div></a></li>"); + } else { + out.println(" <li><a href=\"/post?body=BL+%40" + user.getUName() + "\" title=\"Заблокировать\"><div style=\"background-position: -80px 0\"></div></a></li>"); + } + if (!UserQueries.isInBLAny(sql, user.getUID(), visitor.getUID())) { + out.println(" <li><a href=\"/pm/sent?uname=" + user.getUName() + "\" title=\"Написать приватное сообщение\"><div style=\"background-position: -112px 0\"></div></a></li>"); + } + out.println(" </ul>"); + } else { + out.println(" <hr/>"); + } + out.println(" <ul>"); + out.println(" <li><a href=\"./\">Блог</a></li>"); + out.println(" <li><a href=\"./?show=recomm\" rel=\"nofollow\">Рекомендации</a></li>"); + out.println(" <li><a href=\"./?show=photos\" rel=\"nofollow\">Фотографии</a></li>"); + out.println(" </ul>"); + out.println(" <hr/>"); + out.println(" <form action=\"./\">"); + out.println(" <p><input type=\"text\" name=\"search\" class=\"inp\" placeholder=\"Поиск\"/></p>"); + out.println(" </form>"); + out.println(" <p class=\"tags\">" + pageUserTags(sql, user, visitor, 20) + "<a href=\"./tags\" rel=\"nofollow\">...</a></p>"); + out.println(" <hr/>"); + out.println(" <div id=\"ustats\"><ul>"); + out.println(" <li><a href=\"./friends\">Я читаю: " + UserQueries.getStatsIRead(sql, user.getUID()) + "</a></li>"); + out.println(" <li><a href=\"./readers\">Мои подписчики: " + UserQueries.getStatsMyReaders(sql, user.getUID()) + "</a></li>"); + out.println(" <li>Сообщений: " + UserQueries.getStatsMessages(sql, user.getUID()) + "</li>"); + out.println(" <li>Комментариев: " + UserQueries.getStatsReplies(sql, user.getUID()) + "</li>"); + out.println(" </ul>"); + + List<com.juick.User> iread = UserQueries.getUserReadLeastPopular(sql, user.getUID(), 8); + if (!iread.isEmpty()) { + out.println("<table class=\"iread\"><tr>"); + for (int i = 0; i < iread.size(); i++) { + if (i == 4) { + out.println("</tr><tr>"); + } + com.juick.User u = iread.get(i); + out.println("<td><a href=\"/" + u.getUName() + "/\"><img src=\"//i.juick.com/a/" + u.getUID() + ".png\" alt=\"" + u.getUName() + "\"/></a></td>"); + } + out.println("</tr></table>"); + } + + out.println(" </div>"); + out.println("</aside>"); + } + + public static String pageUserTags(JdbcTemplate sql, com.juick.User user, com.juick.User visitor, int cnt) { + List<Tag> tags = TagQueries.getUserTagsAll(sql, user.getUID()); + int maxUsageCnt = tags.stream().map(t -> t.UsageCnt).max(Integer::max).orElse(0); + String ret = ""; + int count = Math.min(tags.size(), cnt); + for (int i = 0; i < count; i++) { + String tag = Utils.encodeHTML(tags.get(i).Name); + try { + tag = "<a href=\"./?tag=" + URLEncoder.encode(tags.get(i).Name, "UTF-8") + "\" title=\"" + + tags.get(i).UsageCnt + "\" rel=\"nofollow\">" + tag + "</a>"; + } catch (UnsupportedEncodingException e) { + } + + if (tags.get(i).UsageCnt > maxUsageCnt / 3 * 2) { + ret += "<big>" + tag + "</big> "; + } else if (tags.get(i).UsageCnt > maxUsageCnt / 3) { + ret += "<small>" + tag + "</small> "; + } else { + ret += tag + " "; + } + } + return ret; + } +} diff --git a/src/main/java/com/juick/http/www/UserThread.java b/src/main/java/com/juick/http/www/UserThread.java new file mode 100644 index 00000000..638e3a3b --- /dev/null +++ b/src/main/java/com/juick/http/www/UserThread.java @@ -0,0 +1,364 @@ +/* + * Juick + * Copyright (C) 2008-2011, Ugnich Anton + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ +package com.juick.http.www; + +import com.juick.Message; +import com.juick.Tag; +import com.juick.server.MessagesQueries; +import com.juick.server.UserQueries; +import org.springframework.jdbc.core.JdbcTemplate; + +import java.io.IOException; +import java.io.PrintWriter; +import java.util.ArrayList; +import java.util.List; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +/** + * + * @author Ugnich Anton + */ +public class UserThread { + + protected void doGetThread(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response, int MID) throws ServletException, IOException { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + + if (!MessagesQueries.canViewThread(sql, MID, visitor != null ? visitor.getUID() : 0)) { + response.sendError(403); + return; + } + + com.juick.Message msg = MessagesQueries.getMessage(sql, MID); + + boolean listview = false; + String paramView = request.getParameter("view"); + if (paramView != null) { + if (paramView.equals("list")) { + listview = true; + if (visitor != null) { + UserQueries.setUserOptionInt(sql, visitor.getUID(), "repliesview", 1); + } + } else if (paramView.equals("tree") && visitor != null) { + UserQueries.setUserOptionInt(sql, visitor.getUID(), "repliesview", 0); + } + } else if (visitor != null && UserQueries.getUserOptionInt(sql, visitor.getUID(), "repliesview", 0) == 1) { + listview = true; + } + + String title = msg.getUser().getUName() + ": " + msg.getTagsString(); + + if (visitor == null) { + User.pageUserRefCookie(request, response, msg.getUser().getUID()); + } + + response.setContentType("text/html; charset=UTF-8"); + PrintWriter out = response.getWriter(); + try { + String headers = "<link rel=\"alternate\" type=\"application/rss+xml\" title=\"@" + msg.getUser().getUName() + "\" href=\"//rss.juick.com/" + msg.getUser().getUName() + "/blog\"/>"; + if (paramView != null) { + headers += "<link rel=\"canonical\" href=\"http://juick.com/" + msg.getUser().getUName() + "/" + msg.getMID() + "\"/>"; + } + if (msg.Hidden) { + headers += "<meta name=\"robots\" content=\"noindex\"/>"; + } + PageTemplates.pageHead(out, title, headers); + PageTemplates.pageNavigation(out, visitor, null); + + out.println("<section id=\"content\" style=\"margin-left: 0; width: 100%\">"); + printMessage(out, sql, msg, visitor); + printReplies(out, sql, msg, visitor, listview); + out.println("</section>"); + + PageTemplates.pageFooter(request, out, visitor, false); + + out.println("<script type='text/javascript'>"); + out.println("var pageMID=" + msg.getMID() + ";"); + out.println("initWS();"); + out.println("</script>"); + + PageTemplates.pageEnd(out); + } finally { + out.close(); + } + } + + public static com.juick.Message printMessage(PrintWriter out, JdbcTemplate sql, com.juick.Message msg, com.juick.User visitor) { + msg.VisitorCanComment = visitor != null; + + List<Tag> tags = MessagesQueries.getMessageTags(sql, msg.getMID()); + String tagsStr = PageTemplates.formatTags(tags); + if (msg.ReadOnly) { + tagsStr += " *readonly"; + msg.VisitorCanComment = false; + } + if (msg.Privacy < 0) { + tagsStr += " *friends"; + } + + String txt; + if (!msg.Tags.isEmpty() && msg.Tags.contains("code")) { + txt = PageTemplates.formatMessageCode(msg.getText()); + } else { + txt = PageTemplates.formatMessage(msg.getText()); + } + + if (!tags.isEmpty()) { + tagsStr = "<span class=\"msg-tags\">" + tagsStr + "</span>"; + } + + out.println("<ul>"); + out.println(" <li id=\"msg-" + msg.getMID() + "\" class=\"msg msgthread\">"); + out.println(" <div class=\"msg-avatar\"><a href=\"/" + msg.getUser().getUName() + "/\"><img src=\"//i.juick.com/a/" + msg.getUser().getUID() + ".png\" alt=\"" + msg.getUser().getUName() + "\"/></a></div>"); + out.println(" <div class=\"msg-cont\">"); + out.println(" <div class=\"msg-menu\"><a href=\"#\" onclick=\"showMessageLinksDialog(" + msg.getMID() + "); return false\"></a></div>"); + out.println(" <div class=\"msg-header\"><a href=\"/" + msg.getUser().getUName() + "/\">@" + msg.getUser().getUName() + "</a>:" + tagsStr + "</div>"); + out.println(" <div class=\"msg-ts\">" + PageTemplates.formatJSLocalTime(msg.getDate()) + "</div>"); + out.println(" <div class=\"msg-txt\">" + txt + "</div>"); + + if (msg.AttachmentType != null) { + out.println(" <div class=\"msg-media\"><a href=\"//i.juick.com/p/" + msg.getMID() + "." + msg.AttachmentType + "\"><img src=\"//i.juick.com/photos-512/" + msg.getMID() + "." + msg.AttachmentType + "\" alt=\"\"/></a></div>"); + } + + boolean visitorInBL = false; + if (visitor != null) { + if (visitor.getUID() == msg.getUser().getUID()) { + msg.VisitorCanComment = true; + } else { + visitorInBL = UserQueries.isInBL(sql, msg.getUser().getUID(), visitor.getUID()); + if (visitorInBL) { + msg.VisitorCanComment = false; + } + } + } + + if (msg.VisitorCanComment) { + out.println(" <form action=\"/comment\" method=\"POST\" enctype=\"multipart/form-data\"><input type=\"hidden\" name=\"mid\" value=\"" + msg.getMID() + "\"/>"); + out.println(" <div class=\"msg-comment\"><div class=\"ta-wrapper\"><textarea name=\"body\" rows=\"1\" class=\"reply\" placeholder=\"Написать комментарий\" onkeypress=\"postformListener(this.form,event)\"></textarea></div></div>"); + out.println(" </form>"); + } + + List<String> recomm = MessagesQueries.getMessageRecommendations(sql, msg.getMID()); + if (!recomm.isEmpty()) { + out.print(" <div class=\"" + (msg.VisitorCanComment ? "msg-recomms" : "msg-comments") + "\">Рекомендовали (" + recomm.size() + "): "); + for (int i = 0; i < recomm.size(); i++) { + if (i > 0) { + out.print(", "); + } + out.print("<a href=\"/" + recomm.get(i) + "/\">@" + recomm.get(i) + "</a>"); + } + out.println("</div>"); + } + out.println(" </div>"); + out.println(" </li>"); + + out.println(" <li id=\"mtoolbar\"><ul>"); + out.println(" <li><a href=\"/" + msg.getMID() + "\"><div style=\"background-position: -64px 0\"></div>" + msg.getMID() + "</a></li>"); + if (visitor != null) { + if (visitor.getUID() != msg.getUser().getUID()) { + if (MessagesQueries.isSubscribed(sql, visitor.getUID(), msg.getMID())) { + out.println(" <li><a href=\"/post?body=U+%23" + msg.getMID() + "\"><div style=\"background-position: -48px 0\"></div>Подписан</a></li>"); + } else { + out.println(" <li><a href=\"/post?body=S+%23" + msg.getMID() + "\"><div style=\"background-position: -16px 0\"></div>Подписаться</a></li>"); + } + if (!visitorInBL) { + out.println(" <li><a href=\"/post?body=%21+%23" + msg.getMID() + "\"><div style=\"background-position: -32px 0\"></div>Рекомендовать</a></li>"); + } + } else { + out.println(" <li><a href=\"/post?body=D+%23" + msg.getMID() + "\"><div style=\"background-position: 0\"></div>Удалить</a></li>"); + } + } + out.println(" </ul></li>"); + out.println("</ul>"); + + return msg; + } + + public static void printReplies(PrintWriter out, JdbcTemplate sql, com.juick.Message msg, com.juick.User visitor, boolean listview) { + List<com.juick.Message> replies = MessagesQueries.getReplies(sql, msg.getMID()); + + List<Integer> blUIDs = new ArrayList<Integer>(); + for (int i = 0; i < replies.size(); i++) { + com.juick.Message reply = replies.get(i); + if (reply.getUser().getUID() != msg.getUser().getUID() && !blUIDs.contains(reply.getUser().getUID())) { + blUIDs.add(reply.getUser().getUID()); + } + if (reply.ReplyTo > 0) { + boolean added = false; + for (int n = 0; n < replies.size(); n++) { + if (replies.get(n).getRID() == reply.ReplyTo) { + replies.get(n).childs.add(reply); + added = true; + break; + } + } + if (!added) { + reply.ReplyTo = 0; + } + } + } + + if (!replies.isEmpty()) { + if (visitor != null && msg.getUser().getUID() == visitor.getUID()) { + for (Message reply : replies) { + reply.VisitorCanComment = true; + } + } else if (visitor != null && msg.VisitorCanComment) { + blUIDs = UserQueries.checkBL(sql, visitor.getUID(), blUIDs); + for (Message reply : replies) { + reply.VisitorCanComment = reply.getUser().getUID() == visitor.getUID() || !blUIDs.contains(reply.getUser().getUID()); + } + } else { + for (Message reply : replies) { + reply.VisitorCanComment = false; + } + } + + boolean foldable = false; + if (replies.size() > 10) { + for (int i = 0; i < replies.size() - 1; i++) { + if (replies.get(i).getChildsCount() > 1) { + foldable = true; + break; + } + } + } + + out.println("<div class=\"title2\">"); + out.print(" <div class=\"title2-right\">"); + if (listview) { + out.print("<a href=\"?view=tree\" rel=\"nofollow\">Показать деревом</a>"); + } else { + if (foldable) { + out.print("<span id=\"unfoldall\"><a href=\"#\" onclick=\"$('#replies>li').show(); $('#replies .msg-comments').hide(); $('#unfoldall').hide(); return false\">Раскрыть все</a> · </span>"); + } + out.print("<a href=\"?view=list\" rel=\"nofollow\">Показать списком</a>"); + } + out.print("</div>"); + out.println(" <h2>Ответы (" + replies.size() + ")</h2>"); + out.println("</div>"); + + out.println("<ul id=\"replies\">"); + if (listview) { + printList(out, replies, visitor); + } else { + printTree(out, replies, visitor, 0, 0, false); + } + out.println("</ul>"); + + for (Message reply : replies) { + reply.cleanupChilds(); + } + replies.clear(); + } + } + + public static void printTree(PrintWriter out, List<com.juick.Message> replies, com.juick.User visitor, int ReplyTo, int margin, boolean hidden) { + if (margin > 240) { + margin = 240; + } + + for (int i = 0; i < replies.size(); i++) { + com.juick.Message msg = replies.get(i); + if (msg.ReplyTo == ReplyTo) { + + out.print(" <li id=\"" + msg.getRID() + "\" class=\"msg\" style=\""); + if (margin > 0) { + out.print("margin-left: " + margin + "px;"); + } + if (hidden) { + out.print("display:none;"); + } + out.println("\">"); + if (!msg.getUser().Banned) { + out.println(" <div class=\"msg-avatar\"><a href=\"/" + msg.getUser().getUName() + "/\"><img src=\"//i.juick.com/a/" + msg.getUser().getUID() + ".png\" alt=\"" + msg.getUser().getUName() + "\"/></a></div>"); + } else { + out.println(" <div class=\"msg-avatar\"><img src=\"//i.juick.com/av-96.png\"/></div>"); + } + out.println(" <div class=\"msg-cont\">"); + out.println(" <div class=\"msg-menu\"><a href=\"#\" onclick=\"showMessageLinksDialog(" + msg.getMID() + "," + msg.getRID() + "); return false\"></a></div>"); + if (!msg.getUser().Banned) { + out.println(" <div class=\"msg-header\"><a href=\"/" + msg.getUser().getUName() + "/\">@" + msg.getUser().getUName() + "</a>:</div>"); + } else { + out.println(" <div class=\"msg-header\">[удалено]:</div>"); + } + out.println(" <div class=\"msg-ts\"><a href=\"/" + msg.getMID() + "#" + msg.getRID() + "\" title=\"" + PageTemplates.sdfSQL.format(msg.getDate()) + " GMT\">" + PageTemplates.formatDate(msg.TimeAgo, msg.getDate()) + "</a></div>"); + out.println(" <div class=\"msg-txt\">" + PageTemplates.formatMessage(msg.getText()) + "</div>"); + if (msg.AttachmentType != null) { + out.println(" <div class=\"msg-media\"><a href=\"//i.juick.com/p/" + msg.getMID() + "-" + msg.getRID() + "." + msg.AttachmentType + "\"><img src=\"//i.juick.com/photos-512/" + msg.getMID() + "-" + msg.getRID() + "." + msg.AttachmentType + "\" alt=\"\"/></a></div>"); + } + if (msg.VisitorCanComment) { + out.println(" <div class=\"msg-links\"><a href=\"#\" onclick=\"return showCommentForm(" + msg.getMID() + "," + msg.getRID() + ")\">Ответить</a></div>"); + out.println(" <div class=\"msg-comment\" style=\"display: none\"></div>"); + } else if (visitor == null) { + out.println(" <div class=\"msg-links\"><a href=\"#\" onclick=\"return openDialogLogin()\">Ответить</a></div>"); + } + + int childs = msg.getChildsCount(); + if (ReplyTo == 0 && childs > 1 && replies.size() > 10) { + out.println(" <div class=\"msg-comments\"><a href=\"#\" onclick=\"return showMoreReplies(" + msg.getRID() + ")\">" + PageTemplates.formatReplies(childs) + "</a></div>"); + + } + out.println(" </div>"); + out.println(" </li>"); + + if (ReplyTo == 0 && childs > 1 && replies.size() > 10) { + printTree(out, msg.childs, visitor, msg.getRID(), margin + 20, true); + } else if (childs > 0) { + printTree(out, msg.childs, visitor, msg.getRID(), margin + 20, hidden); + } + } + } + } + + public static void printList(PrintWriter out, List<com.juick.Message> replies, com.juick.User visitor) { + for (Message msg : replies) { + out.print(" <li id=\"" + msg.getRID() + "\" class=\"msg\">"); + if (!msg.getUser().Banned) { + out.println(" <div class=\"msg-avatar\"><a href=\"/" + msg.getUser().getUName() + "/\"><img src=\"//i.juick.com/a/" + msg.getUser().getUID() + ".png\" alt=\"" + msg.getUser().getUName() + "\"/></a></div>"); + } else { + out.println(" <div class=\"msg-avatar\"><img src=\"//i.juick.com/av-96.png\"/></div>"); + } + out.println(" <div class=\"msg-cont\">"); + out.println(" <div class=\"msg-menu\"><a href=\"#\" onclick=\"showMessageLinksDialog(" + msg.getMID() + "," + msg.getRID() + "); return false\"></a></div>"); + if (!msg.getUser().Banned) { + out.println(" <div class=\"msg-header\"><a href=\"/" + msg.getUser().getUName() + "/\">@" + msg.getUser().getUName() + "</a>:</div>"); + } else { + out.println(" <div class=\"msg-header\">[удалено]:</div>"); + } + out.println(" <div class=\"msg-ts\"><a href=\"/" + msg.getMID() + "#" + msg.getRID() + "\" title=\"" + PageTemplates.sdfSQL.format(msg.getDate()) + " GMT\">" + PageTemplates.formatDate(msg.TimeAgo, msg.getDate()) + "</a></div>"); + out.println(" <div class=\"msg-txt\">" + PageTemplates.formatMessage(msg.getText()) + "</div>"); + if (msg.AttachmentType != null) { + out.println(" <div class=\"msg-media\"><a href=\"//i.juick.com/p/" + msg.getMID() + "-" + msg.getRID() + "." + msg.AttachmentType + "\"><img src=\"//i.juick.com/photos-512/" + msg.getMID() + "-" + msg.getRID() + "." + msg.AttachmentType + "\" alt=\"\"/></a></div>"); + } + out.print(" <div class=\"msg-links\">/" + msg.getRID()); + if (msg.ReplyTo > 0) { + out.print(" в ответ на <a href=\"#" + msg.ReplyTo + "\">/" + msg.ReplyTo + "</a>"); + } + if (msg.VisitorCanComment) { + out.println(" · <a href=\"#\" onclick=\"return showCommentForm(" + msg.getMID() + "," + msg.getRID() + ")\">Ответить</a></div>"); + out.println(" <div class=\"msg-comment\" style=\"display: none\"></div>"); + } else if (visitor == null) { + out.println(" <div class=\"msg-links\"><a href=\"#\" onclick=\"return openDialogLogin()\">Ответить</a></div>"); + } + out.println(" </div>"); + out.println(" </li>"); + } + } +} diff --git a/src/main/java/com/juick/http/www/Utils.java b/src/main/java/com/juick/http/www/Utils.java new file mode 100644 index 00000000..ab721020 --- /dev/null +++ b/src/main/java/com/juick/http/www/Utils.java @@ -0,0 +1,248 @@ +/* + * Juick + * Copyright (C) 2008-2011, Ugnich Anton + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ +package com.juick.http.www; + +import org.springframework.jdbc.core.JdbcTemplate; + +import java.io.BufferedReader; +import java.io.FileOutputStream; +import java.io.IOException; +import java.io.InputStream; +import java.io.InputStreamReader; +import java.io.PrintWriter; +import java.net.URL; +import java.net.URLConnection; +import java.sql.Connection; +import java.sql.ResultSet; +import java.sql.SQLException; +import java.sql.Statement; +import java.util.ArrayList; +import java.util.UUID; +import javax.servlet.http.Cookie; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.Part; + +/** + * + * @author Ugnich Anton + */ +public class Utils { + + public static String getCookie(HttpServletRequest request, String name) { + Cookie cookies[] = request.getCookies(); + if (cookies != null) { + for (int i = 0; i < cookies.length; i++) { + if (cookies[i].getName().equals(name)) { + return cookies[i].getValue(); + } + } + } + return null; + } + + public static String receiveMultiPartFile(HttpServletRequest request, String name) throws Exception { + String attachmentFName = null; + + Part filePart = request.getPart("attach"); + if (filePart != null) { + String partname = Utils.getPartFilename(filePart); + if (partname != null && partname.length() > 0) { + String attachmentType = partname.substring(partname.length() - 3).toLowerCase(); + if (attachmentType.equals("jpg") || attachmentType.equals("peg") || attachmentType.equals("png")) { + if (attachmentType.equals("peg")) { + attachmentType = "jpg"; + } + attachmentFName = UUID.randomUUID().toString() + "." + attachmentType; + filePart.write("/var/www/juick.com/i/tmp/" + attachmentFName); + } else { + throw new Exception("Wrong file type"); + } + } + } + + return attachmentFName; + } + + public static com.juick.User getVisitorUser(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response) { + String hash = getCookie(request, "hash"); + if (hash != null) { + com.juick.User visitor = com.juick.server.UserQueries.getUserByHash(sql, hash); + if (response != null && visitor != null) { + response.setHeader("X-Username", visitor.getUName()); + } + return visitor; + } else { + return null; + } + } + + public static void sendTemporaryRedirect(HttpServletResponse response, String location) { + response.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY); + response.setHeader("Location", location); + } + + public static void sendPermanentRedirect(HttpServletResponse response, String location) { + response.setStatus(HttpServletResponse.SC_MOVED_PERMANENTLY); + response.setHeader("Location", location); + } + + public static String getPartFilename(Part part) { + for (String cd : part.getHeader("content-disposition").split(";")) { + if (cd.trim().startsWith("filename")) { + String filename = cd.substring(cd.indexOf('=') + 1).trim().replace("\"", ""); + return filename.substring(filename.lastIndexOf('/') + 1).substring(filename.lastIndexOf('\\') + 1); // MSIE fix. + } + } + return null; + } + + public static void finishSQL(ResultSet rs, Statement stmt) { + if (rs != null) { + try { + rs.close(); + } catch (SQLException e) { + } + } + if (stmt != null) { + try { + stmt.close(); + } catch (SQLException e) { + } + } + } + + public static void replyJSON(HttpServletRequest request, HttpServletResponse response, String json) throws IOException { + response.setContentType("application/json; charset=UTF-8"); + response.setHeader("Access-Control-Allow-Origin", "*"); + + String callback = request.getParameter("callback"); + if (callback != null && (callback.length() > 64 || !callback.matches("[a-zA-Z0-9\\-\\_]+"))) { + callback = null; + } + + PrintWriter out = response.getWriter(); + try { + if (callback != null) { + out.print(callback + "("); + out.print(json); + out.print(")"); + } else { + out.print(json); + } + } finally { + out.close(); + } + } + + public static String convertArray2String(ArrayList<Integer> mids) { + String q = ""; + for (int i = 0; i < mids.size(); i++) { + if (i > 0) { + q += ","; + } + q += mids.get(i); + } + return q; + } + + public static String encodeHTML(String str) { + return str.replaceAll("&", "&").replaceAll("<", "<").replaceAll(">", ">").replaceAll("'", "'").replaceAll("\"", """).replaceAll("\n", " "); + } + + public static String encodeSphinx(String str) { + return str.replaceAll("@", "\\\\@"); + } + + public static int parseInt(String str, int def) { + int ret = def; + if (str != null) { + try { + ret = Integer.parseInt(str); + } catch (Exception e) { + } + } + return ret; + } + + public static String fetchURL(String url) { + try { + URLConnection c = new URL(url).openConnection(); + BufferedReader in = new BufferedReader(new InputStreamReader(c.getInputStream())); + String inputLine; + StringBuilder b = new StringBuilder(); + while ((inputLine = in.readLine()) != null) { + b.append(inputLine).append("\n"); + } + in.close(); + return b.toString(); + } catch (Exception e) { + System.err.println("fetchURL: "+e.toString()); + return null; + } + } + + public static String downloadImage(URL url) throws Exception { + String attachmentFName = null; + Exception ex = null; + + InputStream is = null; + FileOutputStream fos = null; + try { + URLConnection urlConn = url.openConnection(); + is = urlConn.getInputStream(); + String mime = urlConn.getContentType(); + + String attachmentType; + if (mime != null && mime.equals("image/jpeg")) { + attachmentType = "jpg"; + } else if (mime != null && mime.equals("image/png")) { + attachmentType = "png"; + } else { + throw new Exception("Wrong file type"); + } + + attachmentFName = UUID.randomUUID().toString() + "." + attachmentType; + fos = new FileOutputStream("/var/www/juick.com/i/tmp/" + attachmentFName); + byte[] buffer = new byte[10240]; + int len; + while ((len = is.read(buffer)) > 0) { + fos.write(buffer, 0, len); + } + } catch (Exception e) { + ex = e; + attachmentFName = null; + } finally { + try { + if (is != null) { + is.close(); + } + } finally { + if (fos != null) { + fos.close(); + } + } + } + + if (ex != null) { + throw ex; + } else { + return attachmentFName; + } + } +} diff --git a/src/main/java/com/juick/http/www/VKontakteLogin.java b/src/main/java/com/juick/http/www/VKontakteLogin.java new file mode 100644 index 00000000..8fad3b7a --- /dev/null +++ b/src/main/java/com/juick/http/www/VKontakteLogin.java @@ -0,0 +1,128 @@ +/* + * Juick + * Copyright (C) 2008-2013, Ugnich Anton + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ +package com.juick.http.www; + +import com.juick.server.UserQueries; +import org.json.JSONException; +import org.json.JSONObject; +import org.springframework.dao.EmptyResultDataAccessException; +import org.springframework.jdbc.core.JdbcTemplate; + +import javax.servlet.ServletException; +import javax.servlet.http.Cookie; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; +import java.net.URLEncoder; +import java.util.UUID; + +/** + * + * @author Ugnich Anton + */ +public class VKontakteLogin { + + private static final String VK_APPID = "3544101"; + private static final String VK_SECRET = "z2afNI8jA5lIpZ2jsTm1"; + private static final String VK_REDIRECT = "http://juick.com/_vklogin"; + + protected void doGet(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + String code = request.getParameter("code"); + if (code == null || code.equals("")) { + response.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY); + response.setHeader("Location", "https://oauth.vk.com/authorize?client_id=" + VK_APPID + "&redirect_uri=" + URLEncoder.encode(VK_REDIRECT, "utf-8") + "&scope=friends,wall,offline&response_type=code"); + return; + } + + + String tokenjson = Utils.fetchURL("https://oauth.vk.com/access_token?client_id=" + VK_APPID + "&redirect_uri=" + URLEncoder.encode(VK_REDIRECT, "utf-8") + "&client_secret=" + VK_SECRET + "&code=" + URLEncoder.encode(code, "utf-8")); + if (tokenjson == null || tokenjson.isEmpty()) { + System.err.println("VK TOKEN EMPTY"); + response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + return; + } + String token = null; + long vkID = 0; + try { + JSONObject json = new JSONObject(tokenjson); + token = json.getString("access_token"); + vkID = json.getLong("user_id"); + } catch (JSONException e) { + System.err.println("VK TOKEN EXCEPTION: " + e); + response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + return; + } + if (token == null || vkID == 0) { + System.err.println("VK TOKEN EMPTY: " + tokenjson); + response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + return; + } + + + + String graph = Utils.fetchURL("https://api.vk.com/method/users.get?uids=" + vkID + "&fields=screen_name&access_token=" + token); + if (graph == null || graph.isEmpty()) { + System.err.println("VK GRAPH ERROR"); + response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + return; + } + + try { + JSONObject json = new JSONObject(graph).getJSONArray("response").getJSONObject(0); + String vkName = json.getString("first_name") + " " + json.getString("last_name"); + String vkLink = json.getString("screen_name"); + + if (vkName == null || vkLink == null || vkName.isEmpty() || vkName.length() == 1 || vkLink.isEmpty()) { + throw new Exception(); + } + + int uid = getUIDbyVKID(sql, vkID); + if (uid > 0) { + Cookie c = new Cookie("hash", UserQueries.getHashByUID(sql, uid)); + c.setMaxAge(50 * 24 * 60 * 60); + response.addCookie(c); + response.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY); + response.setHeader("Location", "/"); + } else { + String loginhash = UUID.randomUUID().toString(); + if (!insertDB(sql, vkID, loginhash, token, vkName, vkLink)) { + throw new Exception(); + } + response.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY); + response.setHeader("Location", "/signup?type=vk&hash=" + loginhash); + } + } catch (Exception e) { + System.err.println("JSON ERROR: " + e); + response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + return; + } + } + + private int getUIDbyVKID(JdbcTemplate sql, long vkID) { + try { + return sql.queryForObject("SELECT user_id FROM vk WHERE vk_id=? AND user_id IS NOT NULL", Integer.class, vkID); + } catch (EmptyResultDataAccessException e) { + return 0; + } + } + + private boolean insertDB(JdbcTemplate sql, long vkID, String loginhash, String token, String vkName, String vkLink) { + return sql.update("INSERT INTO vk(vk_id,loginhash,access_token,vk_name,vk_link) VALUES (?,?,?,?,?)", + vkID, loginhash, token, vkName, vkLink) > 0; + } +} |