From af80956ec669cf48ea6423959b5a4d8f16385d6f Mon Sep 17 00:00:00 2001 From: Vitaly Takmazov Date: Sat, 24 Oct 2015 19:35:41 +0300 Subject: moving to Gradle --- src/main/java/com/juick/http/www/Discover.java | 120 +++++ src/main/java/com/juick/http/www/Errors.java | 44 ++ .../java/com/juick/http/www/FacebookLogin.java | 187 +++++++ src/main/java/com/juick/http/www/Help.java | 94 ++++ src/main/java/com/juick/http/www/Home.java | 163 ++++++ src/main/java/com/juick/http/www/Login.java | 259 +++++++++ src/main/java/com/juick/http/www/Main.java | 322 ++++++++++++ src/main/java/com/juick/http/www/NewMessage.java | 420 +++++++++++++++ src/main/java/com/juick/http/www/PM.java | 231 ++++++++ .../java/com/juick/http/www/PageTemplates.java | 584 +++++++++++++++++++++ src/main/java/com/juick/http/www/RSS.java | 113 ++++ src/main/java/com/juick/http/www/Settings.java | 104 ++++ src/main/java/com/juick/http/www/SignUp.java | 331 ++++++++++++ src/main/java/com/juick/http/www/User.java | 413 +++++++++++++++ src/main/java/com/juick/http/www/UserThread.java | 370 +++++++++++++ src/main/java/com/juick/http/www/Utils.java | 244 +++++++++ .../java/com/juick/http/www/VKontakteLogin.java | 155 ++++++ 17 files changed, 4154 insertions(+) create mode 100644 src/main/java/com/juick/http/www/Discover.java create mode 100644 src/main/java/com/juick/http/www/Errors.java create mode 100644 src/main/java/com/juick/http/www/FacebookLogin.java create mode 100644 src/main/java/com/juick/http/www/Help.java create mode 100644 src/main/java/com/juick/http/www/Home.java create mode 100644 src/main/java/com/juick/http/www/Login.java create mode 100644 src/main/java/com/juick/http/www/Main.java create mode 100644 src/main/java/com/juick/http/www/NewMessage.java create mode 100644 src/main/java/com/juick/http/www/PM.java create mode 100644 src/main/java/com/juick/http/www/PageTemplates.java create mode 100644 src/main/java/com/juick/http/www/RSS.java create mode 100644 src/main/java/com/juick/http/www/Settings.java create mode 100644 src/main/java/com/juick/http/www/SignUp.java create mode 100644 src/main/java/com/juick/http/www/User.java create mode 100644 src/main/java/com/juick/http/www/UserThread.java create mode 100644 src/main/java/com/juick/http/www/Utils.java create mode 100644 src/main/java/com/juick/http/www/VKontakteLogin.java (limited to 'src/main/java/com/juick/http') diff --git a/src/main/java/com/juick/http/www/Discover.java b/src/main/java/com/juick/http/www/Discover.java new file mode 100644 index 00000000..201139c4 --- /dev/null +++ b/src/main/java/com/juick/http/www/Discover.java @@ -0,0 +1,120 @@ +/* + * Juick + * Copyright (C) 2008-2011, Ugnich Anton + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + */ +package com.juick.http.www; + +import com.juick.server.AdsQueries; +import com.juick.server.MessagesQueries; +import com.juick.server.TagQueries; +import java.io.IOException; +import java.io.PrintWriter; +import java.net.URLDecoder; +import java.net.URLEncoder; +import java.sql.Connection; +import java.util.ArrayList; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +/** + * + * @author Ugnich Anton + */ +public class Discover { + + protected void doGet(Connection sql, Connection sqlSearch, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + + String paramTagStr = URLDecoder.decode(request.getRequestURI().substring(5), "UTF-8"); + com.juick.Tag paramTag = TagQueries.getTag(sql, paramTagStr, false); + if (paramTag == null) { + Errors.doGet404(sql, request, response); + return; + } else if (paramTag.SynonymID > 0 && paramTag.TID != paramTag.SynonymID) { + com.juick.Tag synTag = TagQueries.getTag(sql, paramTag.SynonymID); + String url = "/tag/" + URLEncoder.encode(synTag.Name, "UTF-8"); + if (request.getQueryString() != null) { + url += "?" + request.getQueryString(); + } + Utils.sendPermanentRedirect(response, url); + return; + } else if (!paramTag.Name.equals(paramTagStr)) { + String url = "/tag/" + URLEncoder.encode(paramTag.Name, "UTF-8"); + if (request.getQueryString() != null) { + url += "?" + request.getQueryString(); + } + Utils.sendPermanentRedirect(response, url); + return; + } + + int paramBefore = 0; + String paramBeforeStr = request.getParameter("before"); + if (paramBeforeStr != null) { + try { + paramBefore = Integer.parseInt(paramBeforeStr); + } catch (NumberFormatException e) { + } + } + + int visitor_uid = visitor != null ? visitor.UID : 0; + + String title = "*" + Utils.encodeHTML(paramTag.Name); + ArrayList mids = MessagesQueries.getTag(sql, paramTag.TID, visitor_uid, paramBefore, (visitor == null) ? 40 : 20); + + response.setContentType("text/html; charset=UTF-8"); + PrintWriter out = response.getWriter(); + try { + String head = ""; + if (TagQueries.getTagNoIndex(sql, paramTag.TID)) { + head = ""; + } else if (paramBefore > 0 || mids.size() < 5) { + head = ""; + } + PageTemplates.pageHead(out, title, head); + PageTemplates.pageNavigation(out, visitor, null); + PageTemplates.pageHomeColumn(out, sql, visitor); + + out.println("
"); + + if (mids.size() > 0) { + int vuid = visitor != null ? visitor.UID : 0; + int ad_mid = AdsQueries.getAdMID(sql, vuid); + if (ad_mid > 0 && mids.indexOf(ad_mid) == -1) { + mids.add(0, ad_mid); + AdsQueries.logAdMID(sql, vuid, ad_mid); + } else { + ad_mid = 0; + } + + PageTemplates.printMessages(out, sql, null, mids, visitor, visitor == null ? 2 : 3, ad_mid); + } + + if (mids.size() >= 20) { + String nextpage = "/tag/" + URLEncoder.encode(paramTag.Name, "UTF-8") + "?before=" + mids.get(mids.size() - 1); + out.println("

Читать дальше →

"); + } + + out.println("
"); + + PageTemplates.pageFooter(request, out, visitor, true); + + PageTemplates.pageEnd(out); + } finally { + out.close(); + } + } +} diff --git a/src/main/java/com/juick/http/www/Errors.java b/src/main/java/com/juick/http/www/Errors.java new file mode 100644 index 00000000..f65b6201 --- /dev/null +++ b/src/main/java/com/juick/http/www/Errors.java @@ -0,0 +1,44 @@ +package com.juick.http.www; + +import java.io.IOException; +import java.io.PrintWriter; +import java.sql.Connection; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +/** + * + * @author ugnich + */ +public class Errors { + + public static String tagsHTML = null; + + public static void doGet404(Connection sql, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + + if (tagsHTML == null) { + tagsHTML = PageTemplates.getPopularTags(sql, 80); + } + + response.setStatus(404); + response.setContentType("text/html; charset=UTF-8"); + PrintWriter out = response.getWriter(); + try { + PageTemplates.pageHead(out, "404 Страница не найдена", null); + PageTemplates.pageNavigation(out, visitor, null); + PageTemplates.pageHomeColumn(out, sql, visitor); + + out.println("
"); + out.println("

Страница не найдена

"); + out.println("

Сожалеем, но страницу с этим адресом удалил её автор, либо её никогда не существовало.

"); + out.println("
"); + + PageTemplates.pageFooter(request, out, visitor, false); + PageTemplates.pageEnd(out); + } finally { + out.close(); + } + } +} diff --git a/src/main/java/com/juick/http/www/FacebookLogin.java b/src/main/java/com/juick/http/www/FacebookLogin.java new file mode 100644 index 00000000..9658c0d6 --- /dev/null +++ b/src/main/java/com/juick/http/www/FacebookLogin.java @@ -0,0 +1,187 @@ +/* + * Juick + * Copyright (C) 2008-2013, Ugnich Anton + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + */ +package com.juick.http.www; + +import com.juick.server.UserQueries; +import java.io.IOException; +import java.net.URLEncoder; +import java.sql.Connection; +import java.sql.PreparedStatement; +import java.sql.ResultSet; +import java.sql.SQLException; +import java.util.UUID; +import javax.servlet.ServletException; +import javax.servlet.http.Cookie; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import org.json.JSONObject; + +/** + * + * @author Ugnich Anton + */ +public class FacebookLogin { + + private static final String FACEBOOK_APPID = "130568668304"; + private static final String FACEBOOK_SECRET = "95813bfb6ab8f473410c50d4f971649e"; + private static final String FACEBOOK_REDIRECT = "http://juick.com/_fblogin"; + + protected void doGet(Connection sql, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + String fbstate; + + String code = request.getParameter("code"); + if (code == null || code.equals("")) { + fbstate = UUID.randomUUID().toString(); + + Cookie c = new Cookie("fbstate", fbstate); + response.addCookie(c); + + response.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY); + response.setHeader("Location", "https://www.facebook.com/dialog/oauth?scope=publish_stream&client_id=" + FACEBOOK_APPID + "&redirect_uri=" + URLEncoder.encode(FACEBOOK_REDIRECT, "utf-8") + "&state=" + fbstate); + return; + } + + fbstate = Utils.getCookie(request, "fbstate"); + if (fbstate == null || fbstate.isEmpty() || !fbstate.equals(request.getParameter("state"))) { + response.setStatus(HttpServletResponse.SC_BAD_REQUEST); + return; + } else { + Cookie c = new Cookie("fbstate", "-"); + c.setMaxAge(0); + response.addCookie(c); + } + + String token = Utils.fetchURL("https://graph.facebook.com/oauth/access_token?client_id=" + FACEBOOK_APPID + "&redirect_uri=" + URLEncoder.encode(FACEBOOK_REDIRECT, "utf-8") + "&client_secret=" + FACEBOOK_SECRET + "&code=" + URLEncoder.encode(code, "utf-8")); + if (token == null || token.isEmpty() || !token.startsWith("access_token=")) { + System.err.println("FACEBOOK TOKEN ERROR: " + token); + response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + return; + } + token = token.substring(13); // access_token=... + int tokenamp = token.indexOf('&'); // &expires= + if (tokenamp > 0) { + token = token.substring(0, tokenamp); + } + + String graph = Utils.fetchURL("https://graph.facebook.com/me?access_token=" + token); + if (graph == null || graph.isEmpty()) { + System.err.println("FACEBOOK GRAPH ERROR"); + response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + return; + } + + try { + JSONObject json = new JSONObject(graph); + String fbIDStr = json.getString("id"); + String fbName = json.getString("name"); + String fbLink = json.getString("link"); + boolean fbVerified = json.getBoolean("verified"); + + long fbID = 0; + if (fbIDStr != null && !fbIDStr.isEmpty()) { + fbID = Long.parseLong(fbIDStr); + } + + if (fbID == 0 || fbName == null || fbLink == null || fbName.isEmpty() || fbLink.isEmpty()) { + throw new Exception(); + } + + int uid = getUIDbyFBID(sql, fbID); + if (uid > 0) { + if (!updateDB(sql, fbID, token, fbName, fbLink)) { + throw new Exception(); + } + Cookie c = new Cookie("hash", UserQueries.getHashByUID(sql, uid)); + c.setMaxAge(50 * 24 * 60 * 60); + response.addCookie(c); + response.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY); + response.setHeader("Location", "/"); + } else if (fbVerified) { + String loginhash = UUID.randomUUID().toString(); + if (!insertDB(sql, fbID, loginhash, token, fbName, fbLink)) { + throw new Exception(); + } + response.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY); + response.setHeader("Location", "/signup?type=fb&hash=" + loginhash); + } else { + throw new Exception(); + } + } catch (Exception e) { + response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + return; + } + } + + private int getUIDbyFBID(Connection sql, long fbID) { + int uid = 0; + PreparedStatement stmt = null; + ResultSet rs = null; + try { + stmt = sql.prepareStatement("SELECT user_id FROM facebook WHERE fb_id=? AND user_id IS NOT NULL"); + stmt.setLong(1, fbID); + rs = stmt.executeQuery(); + if (rs.first()) { + uid = rs.getInt(1); + } + } catch (SQLException e) { + System.err.println(e); + } finally { + Utils.finishSQL(rs, stmt); + } + return uid; + } + + private boolean insertDB(Connection sql, long fbID, String loginhash, String token, String fbName, String fbLink) { + boolean ret = false; + PreparedStatement stmt = null; + try { + stmt = sql.prepareStatement("INSERT INTO facebook(fb_id,loginhash,access_token,fb_name,fb_link) VALUES (?,?,?,?,?)"); + stmt.setLong(1, fbID); + stmt.setString(2, loginhash); + stmt.setString(3, token); + stmt.setString(4, fbName); + stmt.setString(5, fbLink); + stmt.executeUpdate(); + ret = true; + } catch (SQLException e) { + System.err.println(e); + } finally { + Utils.finishSQL(null, stmt); + } + return ret; + } + + private boolean updateDB(Connection sql, long fbID, String token, String fbName, String fbLink) { + boolean ret = false; + PreparedStatement stmt = null; + try { + stmt = sql.prepareStatement("UPDATE facebook SET access_token=?,fb_name=?,fb_link=? WHERE fb_id=?"); + stmt.setString(1, token); + stmt.setString(2, fbName); + stmt.setString(3, fbLink); + stmt.setLong(4, fbID); + stmt.executeUpdate(); + ret = true; + } catch (SQLException e) { + System.err.println(e); + } finally { + Utils.finishSQL(null, stmt); + } + return ret; + } +} diff --git a/src/main/java/com/juick/http/www/Help.java b/src/main/java/com/juick/http/www/Help.java new file mode 100644 index 00000000..eed62efa --- /dev/null +++ b/src/main/java/com/juick/http/www/Help.java @@ -0,0 +1,94 @@ +/* + * Juick + * Copyright (C) 2008-2011, Ugnich Anton + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + */ +package com.juick.http.www; + +import java.io.BufferedReader; +import java.io.File; +import java.io.FileReader; +import java.io.IOException; +import java.io.PrintWriter; +import java.sql.Connection; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +/** + * + * @author Ugnich Anton + */ +public class Help { + + protected void doRedirectToHelpIndex(Connection sql, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + Utils.sendTemporaryRedirect(response, "/help/ru/"); + } + + protected void doGetHelp(Connection sql, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + + String path[] = request.getRequestURI().split("/"); + String page; + if (path.length < 3 || path.length > 4 || path[2].length() != 2 || !path[2].matches("^[a-z]+$")) { + Errors.doGet404(sql, request, response); + return; + } + + if (path.length == 4) { + page = path[3]; + if (!page.matches("^[a-zA-Z0-9\\-]*$") || page.equals("navigation") || page.equals("index")) { + Errors.doGet404(sql, request, response); + return; + } + } else { + page = "index"; + } + + File f = new File("/var/www/juick.com/help/" + path[2] + "/" + page); + if (!f.isFile()) { + Errors.doGet404(sql, request, response); + return; + } + + response.setContentType("text/html; charset=UTF-8"); + PrintWriter out = response.getWriter(); + try { + PageTemplates.pageHead(out, "Помощь", null); + PageTemplates.pageNavigation(out, visitor, null); + + out.println(""); + + out.println("
"); + printFile(out, f); + out.println("
"); + + PageTemplates.pageFooter(request, out, visitor, false); + PageTemplates.pageEnd(out); + } finally { + out.close(); + } + } + + private void printFile(PrintWriter out, File f) throws IOException { + BufferedReader br = new BufferedReader(new FileReader(f)); + String str; + while ((str = br.readLine()) != null) { + out.println(str); + } + } +} diff --git a/src/main/java/com/juick/http/www/Home.java b/src/main/java/com/juick/http/www/Home.java new file mode 100644 index 00000000..52012182 --- /dev/null +++ b/src/main/java/com/juick/http/www/Home.java @@ -0,0 +1,163 @@ +/* + * Juick + * Copyright (C) 2008-2011, Ugnich Anton + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + */ +package com.juick.http.www; + +import com.juick.server.AdsQueries; +import com.juick.server.MessagesQueries; +import java.io.IOException; +import java.io.PrintWriter; +import java.net.URLEncoder; +import java.sql.Connection; +import java.util.ArrayList; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +/** + * + * @author Ugnich Anton + */ +public class Home { + + protected void doGet(Connection sql, Connection sqlSearch, HttpServletRequest request, HttpServletResponse response, com.juick.User visitor) throws ServletException, IOException { + int paramBefore = 0; + String paramBeforeStr = request.getParameter("before"); + if (paramBeforeStr != null) { + try { + paramBefore = Integer.parseInt(paramBeforeStr); + } catch (NumberFormatException e) { + } + } + + String paramSearch = request.getParameter("search"); + if (paramSearch != null && paramSearch.length() > 64) { + paramSearch = null; + } + + String title; + ArrayList mids; + + String paramShow = request.getParameter("show"); + if (paramSearch != null) { + title = "Поиск: " + Utils.encodeHTML(paramSearch); + mids = MessagesQueries.getSearch(sql, sqlSearch, Utils.encodeSphinx(paramSearch), paramBefore); + } else if (paramShow == null) { + if (visitor != null) { + title = "Популярные"; + } else { + title = "Микроблоги Juick: популярные записи"; + } + mids = MessagesQueries.getPopular(sql, paramBefore); + } else if (paramShow.equals("top")) { + Utils.sendPermanentRedirect(response, "/"); + return; + } else if (paramShow.equals("my") && visitor != null) { + title = "Моя лента"; + mids = MessagesQueries.getMyFeed(sql, visitor.UID, paramBefore); + } else if (paramShow.equals("private") && visitor != null) { + title = "Приватные"; + mids = MessagesQueries.getPrivate(sql, visitor.UID, paramBefore); + } else if (paramShow.equals("discuss") && visitor != null) { + title = "Обсуждения"; + mids = MessagesQueries.getDiscussions(sql, visitor.UID, paramBefore); + } else if (paramShow.equals("recommended") && visitor != null) { + title = "Рекомендации"; + mids = MessagesQueries.getRecommended(sql, visitor.UID, paramBefore); + } else if (paramShow.equals("all")) { + title = "Все сообщения"; + if (visitor != null) { + mids = MessagesQueries.getAll(sql, visitor.UID, paramBefore); + } else { + mids = MessagesQueries.getAll(sql, 0, paramBefore); + } + } else { + Errors.doGet404(sql, request, response); + return; + } + + response.setContentType("text/html; charset=UTF-8"); + PrintWriter out = response.getWriter(); + try { + String head = ""; + if (paramBefore > 0 || paramShow != null) { + head = ""; + } + PageTemplates.pageHead(out, title, head); + PageTemplates.pageNavigation(out, visitor, paramSearch); + PageTemplates.pageHomeColumn(out, sql, visitor, paramShow == null && paramBefore == 0 && paramSearch == null && visitor == null); + + out.println("
"); + + if (paramShow == null && paramBefore == 0) { + out.println(""); + } + + if (visitor != null) { + out.println("
"); + out.println("
"); + out.println(" "); + out.println("
"); + out.println(" или загрузить
"); + out.println("
"); + out.println(" "); + out.println("
"); + out.println("
"); + out.println("
"); + } + + if (mids.size() > 0) { + int ad_mid = 0; + if (paramShow == null || paramShow.equals("top") || paramShow.equals("all")) { + int vuid = visitor != null ? visitor.UID : 0; + ad_mid = AdsQueries.getAdMID(sql, vuid); + if (ad_mid > 0 && mids.indexOf(ad_mid) == -1) { + mids.add(0, ad_mid); + AdsQueries.logAdMID(sql, vuid, ad_mid); + } else { + ad_mid = 0; + } + } + + PageTemplates.printMessages(out, sql, null, mids, visitor, visitor == null ? 2 : 3, ad_mid); + } + + if (mids.size() >= 20) { + String nextpage = "?before=" + mids.get(mids.size() - 1); + if (paramShow != null) { + nextpage += "&show=" + paramShow; + } + if (paramSearch != null) { + nextpage += "&search=" + URLEncoder.encode(paramSearch, "UTF-8"); + } + + out.println("

Читать дальше →

"); + } + + if (paramShow == null && paramBefore == 0) { + out.println(""); + } + + out.println("
"); + + PageTemplates.pageFooter(request, out, visitor, true); + PageTemplates.pageEnd(out); + } finally { + out.close(); + } + } +} diff --git a/src/main/java/com/juick/http/www/Login.java b/src/main/java/com/juick/http/www/Login.java new file mode 100644 index 00000000..a24eac2b --- /dev/null +++ b/src/main/java/com/juick/http/www/Login.java @@ -0,0 +1,259 @@ +/* + * Juick + * Copyright (C) 2008-2011, Ugnich Anton + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + */ +package com.juick.http.www; + +import java.io.IOException; +import java.io.PrintWriter; +import java.sql.Connection; +import java.sql.PreparedStatement; +import java.sql.SQLException; +import javax.servlet.ServletException; +import javax.servlet.http.Cookie; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +/** + * + * @author Ugnich Anton + */ +public class Login { + + protected void doGetLoginForm(Connection sql, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + if (visitor != null) { + Utils.sendTemporaryRedirect(response, "/"); + return; + } + + response.setContentType("text/html; charset=UTF-8"); + PrintWriter out = response.getWriter(); + try { + out.println(""); + out.println(""); + out.println(""); + out.println("Juick"); + out.println(""); + out.println(""); + out.println(""); + out.println(""); + + out.println(""); + + out.println(""); + + out.println("
juick.com © 2008-2014   Контакты · Помощь
"); + + out.println("
"); + out.println(" Зарегистрироваться:"); + out.println(" "); + out.println(" "); + out.println("
XMPP"); + out.println("
Отправьте LOGIN на juick@juick.com
"); + out.println("
"); + out.println("
"); + out.println("
Уже зарегистрированы?"); + out.println("
"); + out.println(""); + out.println(""); + out.println(""); + out.println("
"); + out.println("
"); + + out.println(""); + out.println(""); + } finally { + out.close(); + } + } + + protected void doGetLogin(Connection sql, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + String hash = request.getQueryString(); + if (hash.length() > 32) { + response.sendError(400); + return; + } + + if (com.juick.server.UserQueries.getUIDbyHash(sql, hash) > 0) { + Cookie c = new Cookie("hash", hash); + c.setMaxAge(365 * 24 * 60 * 60); + response.addCookie(c); + response.sendRedirect("/"); + } else { + response.sendError(403); + } + } + + protected void doPostLogin(Connection sql, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + String username = request.getParameter("username"); + String password = request.getParameter("password"); + if (username == null || password == null || username.length() > 32 || password.isEmpty()) { + response.sendError(400); + return; + } + + int uid = com.juick.server.UserQueries.checkPassword(sql, username, password); + if (uid > 0) { + String hash = com.juick.server.UserQueries.getHashByUID(sql, uid); + Cookie c = new Cookie("hash", hash); + c.setMaxAge(365 * 24 * 60 * 60); + response.addCookie(c); + + String referer = request.getHeader("Referer"); + if (referer != null && referer.startsWith("http://juick.com/") && !referer.equals("http://juick.com/login")) { + response.sendRedirect(referer); + } else { + response.sendRedirect("/"); + } + } else { + response.sendError(403); + } + } + + protected void doGetLogout(Connection sql, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + if (visitor != null) { + PreparedStatement stmt = null; + try { + stmt = sql.prepareStatement("DELETE FROM logins WHERE user_id=?"); + stmt.setInt(1, visitor.UID); + stmt.executeUpdate(); + } catch (SQLException e) { + System.err.println(e); + } finally { + Utils.finishSQL(null, stmt); + } + } + + Cookie c = new Cookie("hash", "-"); + c.setDomain(".juick.com"); + c.setMaxAge(0); + response.addCookie(c); + + Cookie c2 = new Cookie("hash", "-"); + c2.setMaxAge(0); + response.addCookie(c2); + + response.sendRedirect("/"); + } +} diff --git a/src/main/java/com/juick/http/www/Main.java b/src/main/java/com/juick/http/www/Main.java new file mode 100644 index 00000000..56aa439f --- /dev/null +++ b/src/main/java/com/juick/http/www/Main.java @@ -0,0 +1,322 @@ +/* + * Juick + * Copyright (C) 2008-2011, Ugnich Anton + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + */ +package com.juick.http.www; + +import com.juick.server.UserQueries; +import com.juick.xmpp.JID; +import com.juick.xmpp.Stream; +import com.juick.xmpp.StreamComponent; +import java.io.FileInputStream; +import java.io.IOException; +import java.net.Socket; +import java.net.URLEncoder; +import java.sql.Connection; +import java.sql.DriverManager; +import java.sql.SQLException; +import java.util.Properties; +import javax.servlet.ServletException; +import javax.servlet.annotation.MultipartConfig; +import javax.servlet.annotation.WebServlet; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import ru.sape.Sape; + +/** + * + * @author Ugnich Anton + */ +@WebServlet(name = "Main", urlPatterns = {"/"}) +@MultipartConfig(fileSizeThreshold = 1024 * 1024, maxRequestSize = 1024 * 1024 * 10) +public class Main extends HttpServlet implements Stream.StreamListener { + + Connection sql; + Connection sqlSearch; + Stream xmpp; + Home home = new Home(); + Discover discover = new Discover(); + PM pm = new PM(); + Login login = new Login(); + Help help = new Help(); + User pagesUser = new User(); + UserThread pagesUserThread = new UserThread(); + NewMessage pagesNewMessage = new NewMessage(); + FacebookLogin loginFacebook = new FacebookLogin(); + VKontakteLogin loginVK = new VKontakteLogin(); + SignUp signup = new SignUp(); + Settings settings = new Settings(); + RSS rss = new RSS(); + + @Override + public void init() throws ServletException { + super.init(); + try { + Properties conf = new Properties(); + conf.load(new FileInputStream("/etc/juick/www.conf")); + + Class.forName("com.mysql.jdbc.Driver"); + sql = DriverManager.getConnection("jdbc:mysql://localhost/juick?autoReconnect=true&user=" + conf.getProperty("mysql_username", "") + "&password=" + conf.getProperty("mysql_password", "")); + sqlSearch = DriverManager.getConnection("jdbc:mysql://127.0.0.1:9306?autoReconnect=true&characterEncoding=utf8&maxAllowedPacket=512000", "", ""); + + setupXmppComponent(conf.getProperty("xmpp_password")); + + PageTemplates.sape = new Sape(conf.getProperty("sape_user"), "juick.com", 2000, 3600); + } catch (Exception e) { + log(null, e); + } + } + + public void setupXmppComponent(final String password) { + Thread thr = new Thread(new Runnable() { + + @Override + public void run() { + try { + Socket socket = new Socket("localhost", 5347); + xmpp = new StreamComponent(new JID("", "www.juick.com", ""), socket.getInputStream(), socket.getOutputStream(), password); + xmpp.addListener(Main.this); + xmpp.startParsing(); + } catch (IOException e) { + System.err.println(e); + } + } + }); + thr.start(); + } + + @Override + public void onStreamFail(String msg) { + System.err.println("XMPP STREAM FAIL: " + msg); + } + + @Override + public void onStreamReady() { + System.err.println("XMPP STREAM READY"); + } + + @Override + public void destroy() { + super.destroy(); + if (sql != null) { + try { + sql.close(); + sql = null; + } catch (SQLException e) { + log(null, e); + } + } + if (sqlSearch != null) { + try { + sqlSearch.close(); + sqlSearch = null; + } catch (SQLException e) { + log(null, e); + } + } + } + + /** + * Handles the HTTP GET method. + * @param request servlet request + * @param response servlet response + * @throws ServletException if a servlet-specific error occurs + * @throws IOException if an I/O error occurs + */ + @Override + protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + if (request.getCharacterEncoding() == null) { + request.setCharacterEncoding("UTF-8"); + } + String uri = request.getRequestURI(); + + if (uri.equals("/")) { + String tag = request.getParameter("tag"); + if (tag != null) { + Utils.sendPermanentRedirect(response, "/tag/" + URLEncoder.encode(tag, "UTF-8")); + } else { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + home.doGet(sql, sqlSearch, request, response, visitor); + } + } else if (uri.equals("/post")) { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + if (visitor != null) { + pagesNewMessage.doGetNewMessage(sql, request, response, visitor); + } else { + Utils.sendTemporaryRedirect(response, "/login"); + } + } else if (uri.equals("/login")) { + if (request.getQueryString() == null) { + login.doGetLoginForm(sql, request, response); + } else { + login.doGetLogin(sql, request, response); + } + } else if (uri.startsWith("/pm/")) { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + if (visitor == null) { + Utils.sendTemporaryRedirect(response, "/login"); + } else { + if (uri.equals("/pm/inbox")) { + pm.doGetInbox(sql, request, response, visitor); + } else if (uri.equals("/pm/sent")) { + pm.doGetSent(sql, request, response, visitor); + } else { + Errors.doGet404(sql, request, response); + } + } + } else if (uri.startsWith("/rss/")) { + String uname = uri.substring(5); + int uid = UserQueries.getUIDbyName(sql, uname); + if (uid > 0) { + rss.doGet(sql, request, response, uid, uname); + } else { + response.sendError(404); + } + } else if (uri.equals("/logout")) { + login.doGetLogout(sql, request, response); + } else if (uri.equals("/settings")) { + settings.doGet(sql, request, response); + } else if (uri.equals("/_fblogin")) { + loginFacebook.doGet(sql, request, response); + } else if (uri.equals("/_vklogin")) { + loginVK.doGet(sql, request, response); + } else if (uri.equals("/signup")) { + signup.doGet(sql, request, response); + } else if (uri.equals("/help") || uri.equals("/help/")) { + help.doRedirectToHelpIndex(sql, request, response); + } else if (uri.startsWith("/help/")) { + help.doGetHelp(sql, request, response); + } else if (uri.startsWith("/tag/")) { + discover.doGet(sql, sqlSearch, request, response); + } else if (uri.matches("^/\\d+$")) { + String strID = request.getRequestURI().substring(1); + int mid = 0; + try { + mid = Integer.parseInt(strID); + } catch (NumberFormatException e) { + } + if (mid > 0) { + com.juick.User author = com.juick.server.MessagesQueries.getMessageAuthor(sql, mid); + if (author != null) { + Utils.sendPermanentRedirect(response, "/" + author.UName + "/" + mid); + return; + } + } + Errors.doGet404(sql, request, response); + } else if (uri.matches("^/[^/]+$")) { + com.juick.User user = com.juick.server.UserQueries.getUserByName(sql, request.getRequestURI().substring(1)); + if (user != null) { + Utils.sendPermanentRedirect(response, "/" + user.UName + "/"); + } else { + Errors.doGet404(sql, request, response); + } + } else if (uri.matches("^/.+/.*")) { + String uriparts[] = uri.split("/"); + com.juick.User user = com.juick.server.UserQueries.getUserByName(sql, uriparts[1]); + if (user != null && user.UName.equals(uriparts[1]) && user.Banned == false) { + if (uriparts.length == 2) { // http://juick.com/username/ + pagesUser.doGetBlog(sql, sqlSearch, request, response, user); + } else if (uriparts[2].equals("tags")) { + pagesUser.doGetTags(sql, request, response, user); + } else if (uriparts[2].equals("friends")) { + pagesUser.doGetFriends(sql, request, response, user); + } else if (uriparts[2].equals("readers")) { + pagesUser.doGetReaders(sql, request, response, user); + } else { + int mid = 0; + try { + mid = Integer.parseInt(uriparts[2]); + } catch (NumberFormatException e) { + } + if (mid > 0) { + com.juick.User author = com.juick.server.MessagesQueries.getMessageAuthor(sql, mid); + if (author != null) { + if (!author.UName.equals(user.UName)) { + Utils.sendPermanentRedirect(response, "/" + author.UName + "/" + mid); + } else { + pagesUserThread.doGetThread(sql, request, response, mid); + } + } else { + Errors.doGet404(sql, request, response); + } + } else { + Errors.doGet404(sql, request, response); + } + } + } else if (user != null && user.Banned == false) { + Utils.sendPermanentRedirect(response, "/" + user.UName + "/" + (uriparts.length > 2 ? uriparts[2] : "")); + } else { + Errors.doGet404(sql, request, response); + } + } else { + Errors.doGet404(sql, request, response); + } + } + + /** + * Handles the HTTP POST method. + * @param request servlet request + * @param response servlet response + * @throws ServletException if a servlet-specific error occurs + * @throws IOException if an I/O error occurs + */ + @Override + protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + if (request.getCharacterEncoding() == null) { + request.setCharacterEncoding("UTF-8"); + } + + String uri = request.getRequestURI(); + if (uri.equals("/post")) { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + if (visitor != null) { + pagesNewMessage.doPostMessage(sql, request, response, xmpp, visitor); + } else { + response.sendError(403); + } + } else if (uri.equals("/comment")) { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + if (visitor != null) { + pagesNewMessage.doPostComment(sql, request, response, xmpp, visitor); + } else { + response.sendError(403); + } + } else if (uri.equals("/like")) { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + if (visitor != null) { + pagesNewMessage.doPostRecomm(sql, request, response, xmpp, visitor); + } else { + response.sendError(403); + } + } else if (uri.equals("/pm/send")) { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + if (visitor != null) { + pm.doPostPM(sql, request, response, xmpp, visitor); + } else { + response.sendError(403); + } + } else if (uri.equals("/login")) { + login.doPostLogin(sql, request, response); + } else if (uri.equals("/signup")) { + signup.doPost(sql, request, response); + } else if (uri.equals("/settings")) { + settings.doPost(sql, request, response); + } else { + response.sendError(405); + } + } +} diff --git a/src/main/java/com/juick/http/www/NewMessage.java b/src/main/java/com/juick/http/www/NewMessage.java new file mode 100644 index 00000000..34733511 --- /dev/null +++ b/src/main/java/com/juick/http/www/NewMessage.java @@ -0,0 +1,420 @@ +/* + * Juick + * Copyright (C) 2008-2011, Ugnich Anton + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + */ +package com.juick.http.www; + +import com.juick.Tag; +import com.juick.server.CrosspostQueries; +import com.juick.server.MessagesQueries; +import com.juick.server.SubscriptionsQueries; +import com.juick.server.TagQueries; +import com.juick.server.UserQueries; +import com.juick.xmpp.JID; +import com.juick.xmpp.Message; +import com.juick.xmpp.Stream; +import com.juick.xmpp.extensions.JuickMessage; +import com.juick.xmpp.extensions.JuickUser; +import com.juick.xmpp.extensions.Nickname; +import com.juick.xmpp.extensions.XOOB; +import java.io.IOException; +import java.io.PrintWriter; +import java.io.UnsupportedEncodingException; +import java.net.URLEncoder; +import java.sql.Connection; +import java.util.ArrayList; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +/** + * + * @author Ugnich Anton + */ +public class NewMessage { + + protected void doGetNewMessage(Connection sql, HttpServletRequest request, HttpServletResponse response, com.juick.User visitor) throws ServletException, IOException { + response.setContentType("text/html; charset=UTF-8"); + PrintWriter out = response.getWriter(); + try { + PageTemplates.pageHead(out, "Написать", "" + + "" + + "" + + ""); + PageTemplates.pageNavigation(out, visitor, null); + + out.println("
"); + out.println("
"); + out.println("

Место: Отменить

"); + out.println("

Фото: (JPG, PNG, до 10Мб)

"); + + String body = request.getParameter("body"); + if (body == null) { + body = ""; + } else { + if (body.length() > 4096) { + body = body.substring(0, 4096); + } + body = Utils.encodeHTML(body); + } + out.println("


"); + + out.println("" + "" + "

"); + out.println("
"); + out.println("
"); + out.println("

Теги:

"); + printUserTags(sql, out, visitor); + out.println("
"); + + PageTemplates.pageFooter(request, out, visitor, false); + PageTemplates.pageEnd(out); + } finally { + out.close(); + } + } + + void printUserTags(Connection sql, PrintWriter out, com.juick.User visitor) { + ArrayList tags = TagQueries.getUserTagsAll(sql, visitor.UID); + + if (tags.isEmpty()) { + return; + } + + int min = tags.get(0).UsageCnt; + int max = tags.get(0).UsageCnt; + for (int i = 1; i < tags.size(); i++) { + int usagecnt = tags.get(i).UsageCnt; + if (usagecnt < min) { + min = usagecnt; + } + if (usagecnt > max) { + max = usagecnt; + } + } + max -= min; + + out.print("

"); + for (int i = 0; i < tags.size(); i++) { + if (i > 0) { + out.print(" "); + } + String taglink = ""; + try { + taglink = "" + Utils.encodeHTML(tags.get(i).Name) + ""; + } catch (UnsupportedEncodingException e) { + } + int usagecnt = tags.get(i).UsageCnt; + if (usagecnt <= max / 5 + min) { + out.print("" + taglink + ""); + } else if (usagecnt <= max / 5 * 2 + min) { + out.print(taglink); + } else if (usagecnt <= max / 5 * 3 + min) { + out.print("" + taglink + ""); + } else if (usagecnt <= max / 5 * 4 + min) { + out.print("" + taglink + ""); + } else { + out.print("" + taglink + ""); + } + } + out.println("

"); + } + + public void doPostMessage(Connection sql, HttpServletRequest request, HttpServletResponse response, Stream xmpp, com.juick.User visitor) throws ServletException, IOException { + String body = request.getParameter("body"); + if (body == null || body.length() < 1 || body.length() > 4096) { + response.sendError(400); + return; + } + body = body.replace("\r", ""); + + String tagsStr = request.getParameter("tags"); + if (tagsStr == null || tagsStr.isEmpty()) { + response.sendError(400); + return; + } + String tagsArr[] = tagsStr.split("[ \\,]"); + for (int i = 0; i < tagsArr.length; i++) { + if (tagsArr[i].startsWith("*")) { + tagsArr[i] = tagsArr[i].substring(1); + } + if (tagsArr[i].length() > 64) { + tagsArr[i] = tagsArr[i].substring(0, 64); + } + } + ArrayList tags = TagQueries.getTags(sql, tagsArr, true); + if (tags.isEmpty()) { + response.sendError(400); + return; + } + while (tags.size() > 5) { + tags.remove(5); + } + + String attachmentFName = null; + try { + attachmentFName = Utils.receiveMultiPartFile(request, "attach"); + } catch (Exception e) { + System.out.println("MULTIPART ERROR: " + e.toString()); + response.sendError(400); + return; + } + + String paramImg = request.getParameter("img"); + if (attachmentFName == null && paramImg != null && paramImg.length() > 12 && paramImg.startsWith("http://") && !paramImg.equals("http://")) { + try { + attachmentFName = Utils.downloadImage(paramImg); + } catch (Exception e) { + System.out.println("DOWNLOAD ERROR: " + e.toString()); + response.sendError(500); + return; + } + } + + String attachmentType = attachmentFName != null ? attachmentFName.substring(attachmentFName.length() - 3) : null; + int mid = MessagesQueries.createMessage(sql, visitor.UID, body, attachmentType, tags); + SubscriptionsQueries.subscribeMessage(sql, mid, visitor.UID); + + Message xmsg = new Message(); + xmsg.from = new JID("juick", "juick.com", null); + xmsg.type = Message.Type.chat; + xmsg.thread = "juick-" + mid; + + JuickMessage jmsg = new JuickMessage(MessagesQueries.getMessage(sql, mid)); + xmsg.addChild(jmsg); + + Nickname nick = new Nickname(); + nick.Nickname = "@" + jmsg.User.UName; + xmsg.addChild(nick); + + if (attachmentFName != null) { + String fname = mid + "." + attachmentType; + String attachmentURL = "http://i.juick.com/photos-1024/" + fname; + + Runtime.getRuntime().exec("/var/www/juick.com/cgi/p-convert.sh /var/www/juick.com/i/tmp/" + attachmentFName + " " + fname); + + body = attachmentURL + "\n" + body; + XOOB xoob = new XOOB(); + xoob.URL = attachmentURL; + xmsg.addChild(xoob); + } + + String tagsStr2 = ""; + for (int i = 0; i < tagsArr.length; i++) { + tagsStr2 += " *" + tagsArr[i]; + } + xmsg.body = "@" + jmsg.User.UName + ":" + tagsStr2 + "\n" + body + "\n\n#" + mid + " http://juick.com/" + mid; + + xmsg.to = new JID("juick", "s2s.juick.com", null); + xmpp.send(xmsg); + + xmsg.to.Host = "ws.juick.com"; + xmpp.send(xmsg); + + xmsg.to.Host = "push.juick.com"; + xmpp.send(xmsg); + + xmsg.to.Host = "crosspost.juick.com"; + xmsg.to.Username = "twitter"; + xmpp.send(xmsg); + xmsg.to.Username = "fb"; + xmpp.send(xmsg); + + xmsg.to.Host = "nologin.ru"; + xmsg.to.Username = "jubo"; + xmpp.send(xmsg); + + // + + response.setContentType("text/html; charset=UTF-8"); + PrintWriter out = response.getWriter(); + try { + PageTemplates.pageHead(out, "Сообщение опубликовано", null); + PageTemplates.pageNavigation(out, visitor, null); + PageTemplates.pageHomeColumn(out, sql, visitor); + + String hashtags = ""; + String tagscomma = ""; + for (int i = 0; i < tagsArr.length; i++) { + if (i > 0) { + hashtags += " "; + tagscomma += ","; + } + hashtags += "#" + tagsArr[i]; + tagscomma += tagsArr[i]; + } + + String url = URLEncoder.encode("http://juick.com/" + mid, "utf-8"); + String sharetwi = hashtags + " " + body; + if (sharetwi.length() > 115) { + sharetwi = sharetwi.substring(0, 114) + "…"; + } + sharetwi += " http://juick.com/" + mid; + String sharelj = URLEncoder.encode(body + "\n", "utf-8") + url; + + out.println("
"); + out.println("

Сообщение опубликовано

"); + out.println("

Поделитесь своим новым постом в социальных сетях:

"); + if (CrosspostQueries.getTwitterTokens(sql, visitor.UID) == null) { + out.println("

Отправить в Twitter

"); + } + out.println("

Отправить в LiveJournal

"); + out.println("

Отправить в ВКонтакте

"); + if (CrosspostQueries.getFacebookToken(sql, visitor.UID) == null) { + out.println("

Отправить в Facebook

"); + } + out.println("

Отправить в Google+

"); + out.println("

Ссылка на сообщение: http://juick.com/" + mid + "

"); + out.println("
"); + + PageTemplates.pageFooter(request, out, visitor, false); + PageTemplates.pageEnd(out); + } finally { + out.close(); + } + } + + public void doPostComment(Connection sql, HttpServletRequest request, HttpServletResponse response, Stream xmpp, com.juick.User visitor) throws ServletException, IOException { + int mid = Utils.parseInt(request.getParameter("mid"), 0); + if (mid == 0) { + response.sendError(400); + return; + } + com.juick.Message msg = MessagesQueries.getMessage(sql, mid); + if (msg == null) { + response.sendError(404); + return; + } + + int rid = Utils.parseInt(request.getParameter("rid"), 0); + com.juick.Message reply = null; + if (rid > 0) { + reply = MessagesQueries.getReply(sql, mid, rid); + if (reply == null) { + response.sendError(404); + return; + } + } + + String body = request.getParameter("body"); + if (body == null || body.length() < 1 || body.length() > 4096) { + response.sendError(400); + return; + } + body = body.replace("\r", ""); + + if ((msg.ReadOnly && msg.User.UID != visitor.UID) || UserQueries.isInBLAny(sql, msg.User.UID, visitor.UID) || (reply != null && UserQueries.isInBLAny(sql, reply.User.UID, visitor.UID))) { + response.sendError(403); + return; + } + + String attachmentFName = null; + try { + attachmentFName = Utils.receiveMultiPartFile(request, "attach"); + } catch (Exception e) { + System.out.println("MULTIPART ERROR: " + e.toString()); + response.sendError(400); + return; + } + + String paramImg = request.getParameter("img"); + if (attachmentFName == null && paramImg != null && paramImg.length() > 12 && paramImg.startsWith("http://") && !paramImg.equals("http://")) { + try { + attachmentFName = Utils.downloadImage(paramImg); + } catch (Exception e) { + System.out.println("DOWNLOAD ERROR: " + e.toString()); + response.sendError(500); + return; + } + } + + String attachmentType = attachmentFName != null ? attachmentFName.substring(attachmentFName.length() - 3) : null; + int ridnew = MessagesQueries.createReply(sql, mid, rid, visitor.UID, body, attachmentType); + SubscriptionsQueries.subscribeMessage(sql, mid, visitor.UID); + + Message xmsg = new Message(); + xmsg.from = new JID("juick", "juick.com", null); + xmsg.type = Message.Type.chat; + xmsg.thread = "juick-" + mid; + + JuickMessage jmsg = new JuickMessage(MessagesQueries.getReply(sql, mid, ridnew)); + xmsg.addChild(jmsg); + + String quote = reply != null ? reply.Text : msg.Text; + if (quote.length() >= 50) { + quote = quote.substring(0, 47) + "..."; + } + + Nickname nick = new Nickname(); + nick.Nickname = "@" + jmsg.User.UName; + xmsg.addChild(nick); + + if (attachmentFName != null) { + String fname = mid + "-" + ridnew + "." + attachmentType; + String attachmentURL = "http://i.juick.com/photos-1024/" + fname; + + Runtime.getRuntime().exec("/var/www/juick.com/cgi/p-convert.sh /var/www/juick.com/i/tmp/" + attachmentFName + " " + fname); + + body = attachmentURL + "\n" + body; + XOOB xoob = new XOOB(); + xoob.URL = attachmentURL; + xmsg.addChild(xoob); + } + + xmsg.body = "Reply by @" + jmsg.User.UName + ":\n>" + quote + "\n" + body + "\n\n#" + mid + "/" + ridnew + " http://juick.com/" + mid + "#" + ridnew; + + xmsg.to = new JID("juick", "s2s.juick.com", null); + xmpp.send(xmsg); + + xmsg.to.Host = "ws.juick.com"; + xmpp.send(xmsg); + + Utils.sendTemporaryRedirect(response, "/" + msg.User.UName + "/" + mid + "#" + ridnew); + } + + public void doPostRecomm(Connection sql, HttpServletRequest request, HttpServletResponse response, Stream xmpp, com.juick.User visitor) throws ServletException, IOException { + int mid = Utils.parseInt(request.getParameter("mid"), 0); + if (mid == 0) { + response.sendError(400); + return; + } + com.juick.Message msg = MessagesQueries.getMessage(sql, mid); + if (msg == null) { + response.sendError(404); + return; + } + if (msg.User.UID == visitor.UID) { + response.sendError(403); + return; + } + + boolean res = MessagesQueries.recommendMessage(sql, mid, visitor.UID); + + if (res) { + Message xmsg = new Message(); + xmsg.from = new JID("juick", "juick.com", null); + xmsg.to = new JID("recomm", "s2s.juick.com", null); + JuickMessage jmsg = new JuickMessage(); + jmsg.MID = mid; + jmsg.User = new JuickUser(visitor); + xmsg.addChild(jmsg); + xmpp.send(xmsg); + + Utils.replyJSON(request, response, "{\"status\":\"ok\"}"); + } else { + response.sendError(500); + } + } +} diff --git a/src/main/java/com/juick/http/www/PM.java b/src/main/java/com/juick/http/www/PM.java new file mode 100644 index 00000000..d0d2f514 --- /dev/null +++ b/src/main/java/com/juick/http/www/PM.java @@ -0,0 +1,231 @@ +/* + * Juick + * Copyright (C) 2008-2011, Ugnich Anton + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + */ +package com.juick.http.www; + +import com.juick.server.PMQueries; +import com.juick.server.UserQueries; +import com.juick.xmpp.JID; +import com.juick.xmpp.Message; +import com.juick.xmpp.Stream; +import com.juick.xmpp.extensions.JuickMessage; +import java.io.IOException; +import java.io.PrintWriter; +import java.sql.Connection; +import java.util.ArrayList; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +/** + * + * @author Ugnich Anton + */ +public class PM { + + protected void doGetInbox(Connection sql, HttpServletRequest request, HttpServletResponse response, com.juick.User visitor) throws ServletException, IOException { + /* + int paramBefore = 0; + String paramBeforeStr = request.getParameter("before"); + if (paramBeforeStr != null) { + try { + paramBefore = Integer.parseInt(paramBeforeStr); + } catch (NumberFormatException e) { + } + } + */ + + String title = "PM: Inbox"; + ArrayList msgs = PMQueries.getLastPMInbox(sql, visitor.UID); + + response.setContentType("text/html; charset=UTF-8"); + PrintWriter out = response.getWriter(); + try { + PageTemplates.pageHead(out, title, null); + PageTemplates.pageNavigation(out, visitor, null); + PageTemplates.pageHomeColumn(out, sql, visitor); + + out.println("
"); + + if (!msgs.isEmpty()) { + out.println("
    "); + for (int i = msgs.size() - 1; i >= 0; i--) { + com.juick.Message msg = msgs.get(i); + + String txt = PageTemplates.formatMessage(msg.Text); + + out.println("
  • "); + out.println("
    \""
    "); + out.println("
    "); + out.println(" "); + out.println(" "); + out.println("
    " + txt + "
    "); + + out.println("
    "); + out.println("
    "); + out.println("
    "); + + out.println("
    "); + out.println("
  • "); + } + out.println("
"); + } + + /* + if (msgs.size() >= 20) { + String nextpage = "?before=" + msgs.get(msgs.size() - 1); + out.println("

Читать дальше →

"); + } + */ + + out.println("
"); + + PageTemplates.pageFooter(request, out, visitor, false); + PageTemplates.pageEnd(out); + } finally { + out.close(); + } + } + + protected void doGetSent(Connection sql, HttpServletRequest request, HttpServletResponse response, com.juick.User visitor) throws ServletException, IOException { + /* + int paramBefore = 0; + String paramBeforeStr = request.getParameter("before"); + if (paramBeforeStr != null) { + try { + paramBefore = Integer.parseInt(paramBeforeStr); + } catch (NumberFormatException e) { + } + } + */ + + String title = "PM: Sent"; + ArrayList msgs = PMQueries.getLastPMSent(sql, visitor.UID); + + String uname = request.getParameter("uname"); + if (!UserQueries.checkUserNameValid(uname)) { + uname = ""; + } + + response.setContentType("text/html; charset=UTF-8"); + PrintWriter out = response.getWriter(); + try { + PageTemplates.pageHead(out, title, null); + PageTemplates.pageNavigation(out, visitor, null); + PageTemplates.pageHomeColumn(out, sql, visitor); + + out.println("
"); + + out.println("
"); + out.println("
"); + out.println("
To:
"); + out.println("
"); + out.println("
"); + out.println("
"); + out.println("
"); + + if (!msgs.isEmpty()) { + out.println(""); + } + + /* + if (msgs.size() >= 20) { + String nextpage = "?before=" + msgs.get(msgs.size() - 1); + out.println("

Читать дальше →

"); + } + */ + + out.println("
"); + + PageTemplates.pageFooter(request, out, visitor, false); + PageTemplates.pageEnd(out); + } finally { + out.close(); + } + } + + public void doPostPM(Connection sql, HttpServletRequest request, HttpServletResponse response, Stream xmpp, com.juick.User visitor) throws ServletException, IOException { + String uname = request.getParameter("uname"); + if (uname.startsWith("@")) { + uname = uname.substring(1); + } + int uid = 0; + if (UserQueries.checkUserNameValid(uname)) { + uid = UserQueries.getUIDbyName(sql, uname); + } + + String body = request.getParameter("body"); + if (uid == 0 || body == null || body.length() < 1 || body.length() > 10240) { + response.sendError(400); + return; + } + + if (UserQueries.isInBLAny(sql, uid, visitor.UID)) { + response.sendError(403); + return; + } + + if (PMQueries.createPM(sql, visitor.UID, uid, body)) { + Message msg = new Message(); + msg.from = new JID("juick", "juick.com", null); + msg.to = new JID(Integer.toString(uid), "push.juick.com", null); + JuickMessage jmsg = new JuickMessage(); + jmsg.User = UserQueries.getUserByUID(sql, visitor.UID); + jmsg.Text = body; + msg.childs.add(jmsg); + xmpp.send(msg); + + msg.to.Host = "ws.juick.com"; + xmpp.send(msg); + + String jid = UserQueries.getJIDbyUID(sql, uid); + if (jid != null) { + Message mm = new Message(); + mm.to = new JID(jid); + mm.type = Message.Type.chat; + if (PMQueries.havePMinRoster(sql, visitor.UID, jid)) { + mm.from = new JID(jmsg.User.UName, "juick.com", "Juick"); + mm.body = body; + } else { + mm.from = new JID("juick", "juick.com", "Juick"); + mm.body = "Private message from @" + jmsg.User.UName + ":\n" + body; + } + xmpp.send(mm); + } + + Utils.sendTemporaryRedirect(response, "/pm/sent"); + + } else { + response.sendError(500); + } + } +} diff --git a/src/main/java/com/juick/http/www/PageTemplates.java b/src/main/java/com/juick/http/www/PageTemplates.java new file mode 100644 index 00000000..7d6bd1c8 --- /dev/null +++ b/src/main/java/com/juick/http/www/PageTemplates.java @@ -0,0 +1,584 @@ +/* + * Juick + * Copyright (C) 2008-2011, Ugnich Anton + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + */ +package com.juick.http.www; + +import com.juick.server.MessagesQueries; +import com.juick.server.UserQueries; +import java.io.PrintWriter; +import java.io.UnsupportedEncodingException; +import java.net.URLEncoder; +import java.sql.Connection; +import java.sql.PreparedStatement; +import java.sql.ResultSet; +import java.sql.SQLException; +import java.text.SimpleDateFormat; +import java.util.ArrayList; +import java.util.Calendar; +import java.util.Date; +import java.util.regex.Matcher; +import java.util.regex.Pattern; +import javax.servlet.http.HttpServletRequest; +import ru.sape.Sape; + +/** + * + * @author Ugnich Anton + */ +public class PageTemplates { + + public static Sape sape = null; + private static final SimpleDateFormat sdfSQL = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss"); + private static SimpleDateFormat sdfSimple = new SimpleDateFormat("d MMM"); + private static SimpleDateFormat sdfFull = new SimpleDateFormat("d MMM yyyy"); + private static String tagsHTML = null; + + public static void pageHead(PrintWriter out, String title, String headers) { + out.println(""); + out.print(""); + out.print(""); + out.print(""); + out.print(""); + out.print(""); + if (headers != null) { + out.print(headers); + } + out.print("" + title + ""); + out.print(""); + out.println(""); + out.println(""); + out.println(""); + out.flush(); + out.println(""); + } + + public static void pageNavigation(PrintWriter out, com.juick.User visitor, String search) { + out.println("
"); + out.println(" "); + out.print(" "); + out.print("
"); + out.println("
"); + if (visitor != null) { + out.print(" "); + out.print(" "); + } else { + out.println("

Чтобы добавлять сообщения и комментарии, представьтесь.

"); + } + out.println("
"); + out.println("
"); + } + + public static void pageYandexAd728(PrintWriter out, int YandexID) { + /* + out.println("
"); + out.println(""); + */ + out.println(""); + out.println(""); + out.println(""); + } + + public static void pageHomeColumn(PrintWriter out, Connection sql, com.juick.User visitor) { + pageHomeColumn(out, sql, visitor, false); + } + + public static void pageHomeColumn(PrintWriter out, Connection sql, com.juick.User visitor, boolean showAdv) { + if (tagsHTML == null) { + tagsHTML = PageTemplates.getPopularTags(sql, 80); + } + + out.println(""); + } + + public static String getPopularTags(Connection sql, int cnt) { + String ret = ""; + + PreparedStatement stmt = null; + ResultSet rs = null; + try { + stmt = sql.prepareStatement("SELECT name FROM tags WHERE top=1 ORDER BY name ASC"); + rs = stmt.executeQuery(); + rs.beforeFirst(); + while (rs.next()) { + if (!ret.isEmpty()) { + ret += " "; + } + try { + ret += "" + Utils.encodeHTML(rs.getString(1)) + ""; + } catch (UnsupportedEncodingException e) { + } + + } + } catch (SQLException e) { + System.err.println(e); + } finally { + Utils.finishSQL(rs, stmt); + } + + return ret; + } + + public static void printContestRating(PrintWriter out, Connection sql) { + out.println("
"); + out.println(""); + out.println("

Кто выиграет iPod?

"); + out.println(""); + + int i = 0; + PreparedStatement stmt = null; + ResultSet rs = null; + try { + stmt = sql.prepareStatement("SELECT users.id,users.nick,COUNT(users_refs.user_id) AS cnt FROM users INNER JOIN users_refs ON users.id=users_refs.ref WHERE users.id>2 GROUP BY users_refs.ref ORDER BY cnt DESC LIMIT 10"); + rs = stmt.executeQuery(); + rs.beforeFirst(); + while (rs.next()) { + String uname = rs.getString(2); + if (i == 0) { + out.println(" "); + } else { + out.println(" "); + } + i++; + } + } catch (SQLException e) { + System.err.println(e); + } finally { + Utils.finishSQL(rs, stmt); + } + + out.println("
" + uname + "" + rs.getInt(3) + "
" + uname + "" + rs.getInt(3) + "
"); + out.println(""); + } + + public static void pageFooter(HttpServletRequest request, PrintWriter out, com.juick.User visitor, boolean sapeon) { + out.println("
"); + out.println(" "); + out.print("
"); + out.print("Twitter"); + out.print("ВКонтакте"); + out.print("Facebook"); + out.println("
"); + out.print("
juick.com © 2008-2014"); + + String queryString = request.getQueryString(); + String requestURI = request.getRequestURI(); + if (sapeon && sape != null && (visitor == null || visitor.UID == 1) && queryString == null) { + String links = sape.getPageLinks(requestURI, request.getCookies()).render(); + if (links != null && !links.isEmpty()) { + out.print("
Спонсоры: " + links); + } + } + if ((visitor == null || visitor.UID == 1) && queryString != null && requestURI != null && requestURI.equals("/")) { + out.print("
сиам"); + } + + out.println("
"); + out.println("
"); + + if (visitor != null) { + out.println(""); + } + + out.println(""); + } + + public static void pageEnd(PrintWriter out) { + out.println(""); + } + + public static String formatTags(ArrayList tags) { + String ret = ""; + for (int i = 0; i < tags.size(); i++) { + com.juick.Tag tag = tags.get(i); + String tagName = tag.Name.replaceAll("<", "<").replaceAll(">", ">"); + try { + ret += " *"; + } catch (UnsupportedEncodingException e) { + } + } + + return ret; + } + + public static String formatTags(ArrayList tags, com.juick.User user) { + String ret = ""; + for (int i = 0; i < tags.size(); i++) { + String tag = tags.get(i); + tag = tag.replaceAll("<", "<"); + tag = tag.replaceAll(">", ">"); + try { + ret += " *" + tag + ""; + } catch (UnsupportedEncodingException e) { + } + } + + return ret; + } + + public static String formatDate(int minutes, String fulldate) { + if (minutes < 1) { + return "сейчас"; + } else if (minutes < 60) { + String unit; + int ld = minutes % 10; + if ((minutes < 10 || minutes > 20) && ld == 1) { + unit = "минуту"; + } else if ((minutes < 10 || minutes > 20) && ld > 1 && ld < 5) { + unit = "минуты"; + } else { + unit = "минут"; + } + return minutes + " " + unit + " назад"; + } else if (minutes < 1440) { + int hours = (minutes / 60); + String unit; + int ld = hours % 10; + if ((hours < 10 || hours > 20) && ld == 1) { + unit = "час"; + } else if ((hours < 10 || hours > 20) && ld > 1 && ld < 5) { + unit = "часа"; + } else { + unit = "часов"; + } + return hours + " " + unit + " назад"; + } else if (minutes < 20160) { + int days = (minutes / 1440); + String unit; + int ld = days % 10; + if ((days < 10 || days > 20) && ld == 1) { + unit = "день"; + } else if ((days < 10 || days > 20) && ld > 1 && ld < 5) { + unit = "дня"; + } else { + unit = "дней"; + } + return days + " " + unit + " назад"; + } else { + String ret = fulldate; + synchronized (sdfSQL) { + try { + Date pDate = sdfSQL.parse(fulldate); + Calendar c = Calendar.getInstance(); + int curyear = c.get(Calendar.YEAR); + c.setTime(pDate); + if (c.get(Calendar.YEAR) == curyear) { + ret = sdfSimple.format(pDate); + } else { + ret = sdfFull.format(pDate); + } + } catch (Exception e) { + System.err.println("PARSE EXCEPTION: " + fulldate); + } + } + return ret; + } + } + + public static String formatJSLocalTime(String ts) { + String ret = ""; + synchronized (sdfSQL) { + try { + Date date = sdfSQL.parse(ts); + ret = ""; + } catch (Exception e) { + System.err.println("PARSE EXCEPTION: " + ts); + } + } + return ret; + } + + public static String formatReplies(int replies) { + int ld = replies % 10; + int lh = replies % 100; + if ((lh < 10 || lh > 20) && ld == 1) { + return replies + " ответ"; + } else if ((lh < 10 || lh > 20) && ld > 1 && ld < 5) { + return replies + " ответа"; + } else { + return replies + " ответов"; + } + } + private static Pattern regexLinks2 = Pattern.compile("((?<=\\s)|(?<=\\A))([\\[\\{]|<)((?:ht|f)tps?://(?:www\\.)?([^\\/\\s\\\"\\)\\!]+)/?(?:[^\\]\\}](?", ">"); + + // http://juick.com/last?page=2 + // http://juick.com/last?page=2 + msg = msg.replaceAll("((?<=\\s)|(?<=\\A))((?:ht|f)tps?://(?:www\\.)?([^\\/\\s\\n\\\"]+)/?[^\\s\\n\\\"]*)", "$1$2"); + + // (http://juick.com/last?page=2) + // (http://juick.com/last?page=2) + Matcher m = regexLinks2.matcher(msg); + StringBuffer sb = new StringBuffer(); + while (m.find()) { + String url = m.group(3).replace(" ", "%20").replaceAll("\\s+", ""); + m.appendReplacement(sb, "$1$2" + url + "$5"); + } + m.appendTail(sb); + msg = sb.toString(); + + return "
" + msg + "
"; + } + + public static String formatMessage(String msg) { + msg = msg.replaceAll("&", "&"); + msg = msg.replaceAll("<", "<"); + msg = msg.replaceAll(">", ">"); + + // -- + // — + msg = msg.replaceAll("((?<=\\s)|(?<=\\A))\\-\\-?((?=\\s)|(?=\\Z))", "$1—$2"); + + // http://juick.com/last?page=2 + // juick.com + msg = msg.replaceAll("((?<=\\s)|(?<=\\A))((?:ht|f)tps?://(?:www\\.)?([^\\/\\s\\n\\\"]+)/?[^\\s\\n\\\"]*)", "$1$3"); + + // [link text][http://juick.com/last?page=2] + // link text + msg = msg.replaceAll("\\[([^\\]]+)\\]\\[((?:ht|f)tps?://[^\\]]+)\\]", "$1"); + msg = msg.replaceAll("\\[([^\\]]+)\\]\\(((?:ht|f)tps?://[^\\)]+)\\)", "$1"); + + // #12345 + // #12345 + msg = msg.replaceAll("((?<=\\s)|(?<=\\A)|(?<=\\p{Punct}))#(\\d+)((?=\\s)|(?=\\Z)|(?=\\))|(?=\\.)|(?=\\,))", "$1#$2$3"); + + // #12345/65 + // #12345/65 + msg = msg.replaceAll("((?<=\\s)|(?<=\\A)|(?<=\\p{Punct}))#(\\d+)/(\\d+)((?=\\s)|(?=\\Z)|(?=\\p{Punct}))", "$1#$2/$3$4"); + + // *bold* + // bold + msg = msg.replaceAll("((?<=\\s)|(?<=\\A)|(?<=\\p{Punct}))\\*([^\\*\\n<>]+)\\*((?=\\s)|(?=\\Z)|(?=\\p{Punct}))", "$1$2$3"); + + // /italic/ + // italic + msg = msg.replaceAll("((?<=\\s)|(?<=\\A))/([^\\/\\n<>]+)/((?=\\s)|(?=\\Z)|(?=\\p{Punct}))", "$1$2$3"); + + // _underline_ + // underline + msg = msg.replaceAll("((?<=\\s)|(?<=\\A))_([^\\_\\n<>]+)_((?=\\s)|(?=\\Z)|(?=\\p{Punct}))", "$1$2$3"); + + // /12 + // /12 + msg = msg.replaceAll("((?<=\\s)|(?<=\\A))\\/(\\d+)((?=\\s)|(?=\\Z)|(?=\\p{Punct}))", "$1/$2$3"); + + // @username@jabber.org + // @username@jabber.org + msg = msg.replaceAll("((?<=\\s)|(?<=\\A))@([\\w\\-\\.]+@[\\w\\-\\.]+)((?=\\s)|(?=\\Z)|(?=\\p{Punct}))", "$1@$2$3"); + + // @username + // @username + msg = msg.replaceAll("((?<=\\s)|(?<=\\A))@([\\w\\-]{2,16})((?=\\s)|(?=\\Z)|(?=\\p{Punct}))", "$1@$2$3"); + + // (http://juick.com/last?page=2) + // (juick.com) + Matcher m = regexLinks2.matcher(msg); + StringBuffer sb = new StringBuffer(); + while (m.find()) { + String url = m.group(3).replace(" ", "%20").replaceAll("\\s+", ""); + m.appendReplacement(sb, "$1$2$4$5"); + } + m.appendTail(sb); + msg = sb.toString(); + + // > citate + msg = msg.replaceAll("(?:(?<=\\n)|(?<=\\A))> *(.*)?(\\n|(?=\\Z))", "
$1
"); + msg = msg.replaceAll("
", "\n"); + + msg = msg.replaceAll("\n", "
\n"); + return msg; + } + + public static void printMessages(PrintWriter out, Connection sql, com.juick.User user, ArrayList mids, com.juick.User visitor, int YandexID, int ad_mid) { + ArrayList msgs = MessagesQueries.getMessages(sql, mids); + + for (int i = 0; i < msgs.size(); i++) { + com.juick.Message msg = msgs.get(i); + if (msg.MID == ad_mid) { + msgs.remove(i); + msgs.add(0, msg); + break; + } + } + + ArrayList blUIDs = new ArrayList(20); + if (visitor != null) { + for (int i = 0; i < msgs.size(); i++) { + blUIDs.add(msgs.get(i).User.UID); + } + blUIDs = UserQueries.checkBL(sql, visitor.UID, blUIDs); + } + + for (int i = 0; i < msgs.size(); i++) { + + if (i == 0 && YandexID > 0 && ad_mid == 0) { + pageYandexAd728(out, YandexID); + } + + com.juick.Message msg = msgs.get(i); + + ArrayList tags = MessagesQueries.getMessageTags(sql, msg.MID); + String tagsStr = formatTags(tags); + if (msg.ReadOnly) { + tagsStr += " *readonly"; + } + if (msg.Privacy < 0) { + tagsStr += " *friends"; + } + if (msg.MID == ad_mid) { + tagsStr += " *реклама"; + } + + String txt; + if (!msg.Tags.isEmpty() && msg.Tags.contains("code")) { + txt = formatMessageCode(msg.Text); + } else { + txt = formatMessage(msg.Text); + } + + out.println("
"); + out.println(" "); + out.println("
@" + msg.User.UName + ":" + tagsStr + "
"); + out.println("
"); + if (msg.AttachmentType != null) { + String fname = msg.MID + "." + msg.AttachmentType; + out.println("

\"\"/

"); + } + out.println("

" + txt + "

"); + if (msg.AttachmentType != null) { + out.println("
"); + } + out.print(" "); + + out.print(" "); + out.print("
"); + } + } +} diff --git a/src/main/java/com/juick/http/www/RSS.java b/src/main/java/com/juick/http/www/RSS.java new file mode 100644 index 00000000..ab96221e --- /dev/null +++ b/src/main/java/com/juick/http/www/RSS.java @@ -0,0 +1,113 @@ +/* + * Juick + * Copyright (C) 2008-2013, ugnich + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + */ +package com.juick.http.www; + +import com.juick.Message; +import com.juick.server.MessagesQueries; +import java.io.IOException; +import java.io.PrintWriter; +import java.sql.Connection; +import java.text.SimpleDateFormat; +import java.util.ArrayList; +import java.util.Date; +import java.util.Iterator; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +/** + * + * @author ugnich + */ +public class RSS { + + private static final SimpleDateFormat sdfSQL = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss"); + private static final SimpleDateFormat sdfRSS = new SimpleDateFormat("EEE, d MMM yyyy HH:mm:ss Z"); + + protected void doGet(Connection sql, HttpServletRequest request, HttpServletResponse response, int uid, String uname) throws ServletException, IOException { + ArrayList mids = MessagesQueries.getUserBlog(sql, uid, 0, 0); + if (mids.isEmpty()) { + response.sendError(404); + return; + } + + ArrayList msgs = MessagesQueries.getMessages(sql, mids); + + response.setContentType("application/rss+xml; charset=UTF-8"); + PrintWriter out = response.getWriter(); + try { + out.println(""); + out.println(""); + out.println(""); + out.println(""); + out.println("" + uname + " - Juick"); + out.println("http://juick.com/" + uname + "/"); + out.println("The latest messages by @" + uname + " at Juick"); + out.println("http://i.juick.com/a/" + uid + ".png" + uname + " - Juickhttp://juick.com/" + uname + "/"); + + Iterator i = msgs.iterator(); + while (i.hasNext()) { + Message msg = i.next(); + + out.println(""); + out.println("http://juick.com/" + msg.User.UName + "/" + msg.MID + ""); + out.println("http://juick.com/" + msg.User.UName + "/" + msg.MID + ""); + + out.print("<![CDATA[@" + msg.User.UName + ":"); + if (!msg.Tags.isEmpty()) { + for (int n = 0; n < msg.Tags.size(); n++) { + out.print(" *" + msg.Tags.get(n)); + } + } + out.println("]]>"); + out.println(""); + + synchronized (sdfSQL) { + try { + Date date = sdfSQL.parse(msg.TimestampString); + out.println("" + sdfRSS.format(date) + ""); + } catch (Exception e) { + System.err.println("PARSE EXCEPTION: " + msg.TimestampString); + } + } + + out.println("http://juick.com/" + msg.User.UName + "/" + msg.MID + ""); + if (!msg.Tags.isEmpty()) { + for (int n = 0; n < msg.Tags.size(); n++) { + out.println("" + msg.Tags.get(n) + ""); + } + } + if (msg.AttachmentType != null) { + if (msg.AttachmentType.equals("jpg")) { + out.println(""); + out.println(""); + } else if (msg.AttachmentType.equals("png")) { + out.println(""); + out.println(""); + } + } + out.println(""); + out.println(""); + } + + out.println(""); + } finally { + out.close(); + } + } +} diff --git a/src/main/java/com/juick/http/www/Settings.java b/src/main/java/com/juick/http/www/Settings.java new file mode 100644 index 00000000..de37bdd0 --- /dev/null +++ b/src/main/java/com/juick/http/www/Settings.java @@ -0,0 +1,104 @@ +/* + * Juick + * Copyright (C) 2008-2013, Ugnich Anton + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + */ +package com.juick.http.www; + +import java.io.IOException; +import java.io.PrintWriter; +import java.sql.Connection; +import java.sql.PreparedStatement; +import java.sql.SQLException; +import javax.servlet.ServletException; +import javax.servlet.http.Cookie; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +/** + * + * @author Ugnich Anton + */ +public class Settings { + + protected void doGet(Connection sql, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + + response.setContentType("text/html; charset=UTF-8"); + PrintWriter out = response.getWriter(); + try { + PageTemplates.pageHead(out, "Логин", ""); + PageTemplates.pageNavigation(out, visitor, null); + + out.println("
"); + out.println("
"); + out.println("
"); + out.println("
"); + out.println("

Имя пользователя:

"); + out.println("

Пароль:

"); + out.println("

"); + out.println("
"); + out.println("
"); + out.println("
"); + out.println("
"); // topwrapper + + PageTemplates.pageFooter(request, out, visitor, false); + PageTemplates.pageEnd(out); + } finally { + out.close(); + } + } + + protected void doPost(Connection sql, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + String username = request.getParameter("username"); + String password = request.getParameter("password"); + if (username == null || password == null || username.length() > 32 || password.isEmpty()) { + response.sendError(400); + return; + } + + int uid = com.juick.server.UserQueries.checkPassword(sql, username, password); + if (uid > 0) { + String hash = com.juick.server.UserQueries.getHashByUID(sql, uid); + Cookie c = new Cookie("hash", hash); + c.setDomain(".juick.com"); + c.setMaxAge(365 * 24 * 60 * 60); + response.addCookie(c); + + + if (uid > 0) { + PreparedStatement stmt = null; + try { + stmt = sql.prepareStatement("DELETE FROM logins WHERE user_id=?"); + stmt.setInt(1, uid); + stmt.executeUpdate(); + } catch (SQLException e) { + System.err.println(e); + } finally { + Utils.finishSQL(null, stmt); + } + } + + String referer = request.getHeader("Referer"); + if (referer != null && referer.startsWith("http://juick.com/") && !referer.equals("http://juick.com/login")) { + response.sendRedirect(referer); + } else { + response.sendRedirect("/"); + } + } else { + response.sendError(403); + } + } +} diff --git a/src/main/java/com/juick/http/www/SignUp.java b/src/main/java/com/juick/http/www/SignUp.java new file mode 100644 index 00000000..395232a6 --- /dev/null +++ b/src/main/java/com/juick/http/www/SignUp.java @@ -0,0 +1,331 @@ +/* + * Juick + * Copyright (C) 2008-2013, Ugnich Anton + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + */ +package com.juick.http.www; + +import com.juick.server.UserQueries; +import java.io.IOException; +import java.io.PrintWriter; +import java.sql.Connection; +import java.sql.PreparedStatement; +import java.sql.ResultSet; +import java.sql.SQLException; +import javax.servlet.ServletException; +import javax.servlet.http.Cookie; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +/** + * + * @author Ugnich Anton + */ +public class SignUp { + + protected void doGet(Connection sql, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + + String type = request.getParameter("type"); + String hash = request.getParameter("hash"); + if (type == null || type.isEmpty() || hash == null || hash.isEmpty() || hash.length() > 36 || !type.matches("^[a-zA-Z0-9\\-]+$") || !hash.matches("^[a-zA-Z0-9\\-]+$")) { + response.sendError(HttpServletResponse.SC_BAD_REQUEST); + return; + } + + String account = null; + if (type.equals("fb")) { + account = getFacebookNameByHash(sql, hash); + } else if (type.equals("vk")) { + account = getVKNameByHash(sql, hash); + } else if (type.equals("xmpp")) { + account = getJIDByHash(sql, hash); + } + if (account == null) { + response.sendError(HttpServletResponse.SC_BAD_REQUEST); + return; + } + + response.setContentType("text/html; charset=UTF-8"); + PrintWriter out = response.getWriter(); + try { + PageTemplates.pageHead(out, "Новый пользователь", null); + PageTemplates.pageNavigation(out, visitor, null); + + out.println("
"); + + out.print("

"); + if (type.charAt(0) == 'f') { + out.print("\"Facebook\"/"); + } else if (type.charAt(0) == 'v') { + out.print("\"VKontakte\"/"); + } else if (type.charAt(0) == 'x') { + out.print("\"XMPP\"/"); + } + out.println(account + "

"); + + out.println("

Связать с существующим аккаунтом Juick

"); + out.println("
"); + out.println(""); + out.println(""); + out.println(""); + if (visitor != null) { + out.println(""); + } else { + out.println("

Имя пользователя:

"); + out.println("

Пароль:

"); + out.println("

"); + } + out.println("
"); + + out.println("
"); + + out.println("

Создать новый аккаунт Juick

"); + out.println("
"); + out.println(""); + out.println(""); + out.println(""); + out.println("

Имя пользователя:
(От 2-х до 16-и латинских символов и/или цифр, дефис)

"); + out.println("

Пароль:
(от 6-и до 32-х символов)

"); + out.println("

"); + out.println("
"); + + out.println("
"); + + PageTemplates.pageFooter(request, out, visitor, false); + PageTemplates.pageEnd(out); + } finally { + out.close(); + } + } + + protected void doPost(Connection sql, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + int uid = 0; + + String type = request.getParameter("type"); + String hash = request.getParameter("hash"); + if (type == null || type.isEmpty() || hash == null || hash.isEmpty() || hash.length() > 36 || !type.matches("^[a-zA-Z0-9\\-]+$") || !hash.matches("^[a-zA-Z0-9\\-]+$")) { + response.sendError(HttpServletResponse.SC_BAD_REQUEST); + return; + } + + String action = request.getParameter("action"); + if (action.charAt(0) == 'l') { + + if (visitor == null) { + String username = request.getParameter("username"); + String password = request.getParameter("password"); + if (username == null || password == null || username.length() > 32 || password.isEmpty()) { + response.sendError(HttpServletResponse.SC_BAD_REQUEST); + return; + } + uid = com.juick.server.UserQueries.checkPassword(sql, username, password); + } else { + uid = visitor.UID; + } + + if (uid <= 0) { + response.sendError(HttpServletResponse.SC_FORBIDDEN); + return; + } + + if (!(type.charAt(0) == 'f' && setFacebookUser(sql, hash, uid)) + && !(type.charAt(0) == 'v' && setVKUser(sql, hash, uid)) + && !(type.charAt(0) == 'x' && setJIDUser(sql, hash, uid))) { + response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + return; + } + + } else { // Create new account + String username = request.getParameter("username"); + String password = request.getParameter("password"); + if (username == null || password == null || username.length() < 2 || username.length() > 16 || !username.matches("^[a-zA-Z0-9\\-]+$") || password.length() < 6 || password.length() > 32) { + response.sendError(HttpServletResponse.SC_BAD_REQUEST); + return; + } + + // CHECK USERNAME + + uid = UserQueries.createUser(sql, username, password); + if (uid <= 0) { + response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + return; + } + + if (!(type.charAt(0) == 'f' && setFacebookUser(sql, hash, uid)) + && !(type.charAt(0) == 'v' && setVKUser(sql, hash, uid)) + && !(type.charAt(0) == 'x' && setJIDUser(sql, hash, uid))) { + response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + return; + } + + int ref = 0; + String sRef = Utils.getCookie(request, "ref"); + if (sRef != null) { + try { + ref = Integer.parseInt(sRef); + } catch (Exception e) { + } + } + + if (ref > 0) { + setUserRef(sql, uid, ref); + } + + visitor = null; + } + + if (visitor == null) { + hash = com.juick.server.UserQueries.getHashByUID(sql, uid); + Cookie c = new Cookie("hash", hash); + c.setMaxAge(365 * 24 * 60 * 60); + response.addCookie(c); + } + + response.sendRedirect("/"); + } + + private boolean setUserRef(Connection sql, int uid, int ref) { + boolean ret = false; + PreparedStatement stmt = null; + try { + stmt = sql.prepareStatement("INSERT INTO users_refs(user_id,ref) VALUES (?,?)"); + stmt.setInt(1, uid); + stmt.setInt(2, ref); + stmt.executeUpdate(); + ret = true; + } catch (SQLException e) { + System.err.println(e); + } finally { + Utils.finishSQL(null, stmt); + } + return ret; + } + + private String getFacebookNameByHash(Connection sql, String hash) { + String ret = null; + + PreparedStatement stmt = null; + ResultSet rs = null; + try { + stmt = sql.prepareStatement("SELECT fb_name,fb_link FROM facebook WHERE loginhash=?"); + stmt.setString(1, hash); + rs = stmt.executeQuery(); + if (rs.first()) { + ret = "" + rs.getString(1) + ""; + } + } catch (SQLException e) { + System.err.println(e); + } finally { + Utils.finishSQL(rs, stmt); + } + + return ret; + } + + private boolean setFacebookUser(Connection sql, String hash, int uid) { + boolean ret = false; + PreparedStatement stmt = null; + try { + stmt = sql.prepareStatement("UPDATE facebook SET user_id=?,loginhash=NULL WHERE loginhash=?"); + stmt.setInt(1, uid); + stmt.setString(2, hash); + stmt.executeUpdate(); + ret = true; + } catch (SQLException e) { + System.err.println(e); + } finally { + Utils.finishSQL(null, stmt); + } + return ret; + } + + private String getVKNameByHash(Connection sql, String hash) { + String ret = null; + + PreparedStatement stmt = null; + ResultSet rs = null; + try { + stmt = sql.prepareStatement("SELECT vk_name,vk_link FROM vk WHERE loginhash=?"); + stmt.setString(1, hash); + rs = stmt.executeQuery(); + if (rs.first()) { + ret = "" + rs.getString(1) + ""; + } + } catch (SQLException e) { + System.err.println(e); + } finally { + Utils.finishSQL(rs, stmt); + } + + return ret; + } + + private boolean setVKUser(Connection sql, String hash, int uid) { + boolean ret = false; + PreparedStatement stmt = null; + try { + stmt = sql.prepareStatement("UPDATE vk SET user_id=?,loginhash=NULL WHERE loginhash=?"); + stmt.setInt(1, uid); + stmt.setString(2, hash); + stmt.executeUpdate(); + ret = true; + } catch (SQLException e) { + System.err.println(e); + } finally { + Utils.finishSQL(null, stmt); + } + return ret; + } + + private String getJIDByHash(Connection sql, String hash) { + String ret = null; + + PreparedStatement stmt = null; + ResultSet rs = null; + try { + stmt = sql.prepareStatement("SELECT jid FROM jids WHERE loginhash=?"); + stmt.setString(1, hash); + rs = stmt.executeQuery(); + if (rs.first()) { + ret = rs.getString(1); + } + } catch (SQLException e) { + System.err.println(e); + } finally { + Utils.finishSQL(rs, stmt); + } + + return ret; + } + + private boolean setJIDUser(Connection sql, String hash, int uid) { + boolean ret = false; + PreparedStatement stmt = null; + try { + stmt = sql.prepareStatement("UPDATE jids SET user_id=?,loginhash=NULL WHERE loginhash=?"); + stmt.setInt(1, uid); + stmt.setString(2, hash); + stmt.executeUpdate(); + ret = true; + } catch (SQLException e) { + System.err.println(e); + } finally { + Utils.finishSQL(null, stmt); + } + return ret; + } +} diff --git a/src/main/java/com/juick/http/www/User.java b/src/main/java/com/juick/http/www/User.java new file mode 100644 index 00000000..83601ade --- /dev/null +++ b/src/main/java/com/juick/http/www/User.java @@ -0,0 +1,413 @@ +/* + * Juick + * Copyright (C) 2008-2011, Ugnich Anton + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + */ +package com.juick.http.www; + +import com.juick.server.MessagesQueries; +import com.juick.server.TagQueries; +import com.juick.server.UserQueries; +import java.io.IOException; +import java.io.PrintWriter; +import java.io.UnsupportedEncodingException; +import java.net.URLEncoder; +import java.sql.Connection; +import java.sql.PreparedStatement; +import java.sql.ResultSet; +import java.sql.SQLException; +import java.util.ArrayList; +import java.util.Arrays; +import javax.servlet.ServletException; +import javax.servlet.http.Cookie; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +/** + * + * @author Ugnich Anton + */ +public class User { + + protected void doGetBlog(Connection sql, Connection sqlSearch, HttpServletRequest request, HttpServletResponse response, com.juick.User user) throws ServletException, IOException { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + + ArrayList mids; + + String paramShow = request.getParameter("show"); + + com.juick.Tag paramTag = null; + String paramTagStr = request.getParameter("tag"); + if (paramTagStr != null) { + if (paramTagStr.length() < 64) { + paramTag = TagQueries.getTag(sql, paramTagStr, false); + } + if (paramTag == null) { + Errors.doGet404(sql, request, response); + return; + } else if (!paramTag.Name.equals(paramTagStr)) { + String url = "/" + user.UName + "/?tag=" + URLEncoder.encode(paramTag.Name, "UTF-8"); + Utils.sendPermanentRedirect(response, url); + return; + } + } + + int paramBefore = 0; + String paramBeforeStr = request.getParameter("before"); + if (paramBeforeStr != null) { + try { + paramBefore = Integer.parseInt(paramBeforeStr); + } catch (NumberFormatException e) { + } + } + + String paramSearch = request.getParameter("search"); + if (paramSearch != null && paramSearch.length() > 64) { + paramSearch = null; + } + + int privacy = 0; + if (visitor != null) { + if (user.UID == visitor.UID || visitor.UID == 1) { + privacy = -3; + } else if (UserQueries.isInWL(sql, user.UID, visitor.UID)) { + privacy = -2; + } + } + + String title; + if (paramShow == null) { + if (paramTag != null) { + title = "Блог " + user.UName + ": *" + Utils.encodeHTML(paramTag.Name); + mids = MessagesQueries.getUserTag(sql, user.UID, paramTag.TID, privacy, paramBefore); + } else if (paramSearch != null) { + title = "Блог " + user.UName + ": " + Utils.encodeHTML(paramSearch); + mids = MessagesQueries.getUserSearch(sql, sqlSearch, user.UID, Utils.encodeSphinx(paramSearch), privacy, paramBefore); + } else { + title = "Блог " + user.UName; + mids = MessagesQueries.getUserBlog(sql, user.UID, privacy, paramBefore); + } + } else if (paramShow.equals("recomm")) { + title = "Рекомендации " + user.UName; + mids = MessagesQueries.getUserRecommendations(sql, user.UID, paramBefore); + } else if (paramShow.equals("photos")) { + title = "Фотографии " + user.UName; + mids = MessagesQueries.getUserPhotos(sql, user.UID, privacy, paramBefore); + } else { + Errors.doGet404(sql, request, response); + return; + } + + if (visitor == null) { + pageUserRefCookie(request, response, user.UID); + } + + response.setContentType("text/html; charset=UTF-8"); + PrintWriter out = response.getWriter(); + try { + String head = ""; + if (paramTag != null && TagQueries.getTagNoIndex(sql, paramTag.TID)) { + head += ""; + } else if (paramBefore > 0 || paramShow != null) { + head += ""; + } + PageTemplates.pageHead(out, title, head); + PageTemplates.pageNavigation(out, visitor, null); + pageUserColumn(out, sql, user, visitor); + + if (mids.size() > 0) { + out.println("
"); + + if (paramTag != null) { + out.println("

← Все записи с тегом " + Utils.encodeHTML(paramTag.Name) + "

"); + } + + PageTemplates.printMessages(out, sql, user, mids, visitor, visitor == null ? 4 : 5, 0); + + if (mids.size() >= 20) { + String nextpage = "?before=" + mids.get(mids.size() - 1); + if (paramShow != null) { + nextpage += "&show=" + paramShow; + } + if (paramTag != null) { + nextpage += "&tag=" + URLEncoder.encode(paramTag.Name, "UTF-8"); + } + if (paramSearch != null) { + nextpage += "&search=" + URLEncoder.encode(paramSearch, "UTF-8"); + } + out.println("

Читать дальше →

"); + } + + out.println("
"); + } + + PageTemplates.pageFooter(request, out, visitor, true); + PageTemplates.pageEnd(out); + } finally { + out.close(); + } + } + + protected void doGetTags(Connection sql, HttpServletRequest request, HttpServletResponse response, com.juick.User user) throws ServletException, IOException { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + + if (visitor == null) { + pageUserRefCookie(request, response, user.UID); + } + + response.setContentType("text/html; charset=UTF-8"); + PrintWriter out = response.getWriter(); + try { + String head = ""; + PageTemplates.pageHead(out, "Теги " + user.UName, head); + PageTemplates.pageNavigation(out, visitor, null); + pageUserColumn(out, sql, user, visitor); + + out.println("
"); + out.println("

" + pageUserTags(sql, user, visitor, 0) + "

"); + out.println("
"); + + PageTemplates.pageFooter(request, out, visitor, false); + PageTemplates.pageEnd(out); + } finally { + out.close(); + } + } + + protected void doGetFriends(Connection sql, HttpServletRequest request, HttpServletResponse response, com.juick.User user) throws ServletException, IOException { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + + if (visitor == null) { + pageUserRefCookie(request, response, user.UID); + } + + response.setContentType("text/html; charset=UTF-8"); + PrintWriter out = response.getWriter(); + try { + String head = ""; + PageTemplates.pageHead(out, "Подписки " + user.UName, head); + PageTemplates.pageNavigation(out, visitor, null); + pageUserColumn(out, sql, user, visitor); + + out.println("
"); + out.println(""); + + PreparedStatement stmt = null; + ResultSet rs = null; + try { + stmt = sql.prepareStatement("SELECT users.id,users.nick FROM subscr_users INNER JOIN users ON subscr_users.user_id=users.id WHERE subscr_users.suser_id=? ORDER BY users.nick"); + stmt.setInt(1, user.UID); + rs = stmt.executeQuery(); + rs.beforeFirst(); + int cnt = 0; + while (rs.next()) { + if (cnt % 3 == 0 && cnt > 0) { + out.print(""); + } + out.print(""); + cnt++; + } + } catch (SQLException e) { + System.err.println(e); + } finally { + Utils.finishSQL(rs, stmt); + } + + out.println("
" + rs.getString(2) + "
"); + out.println("
"); + + PageTemplates.pageFooter(request, out, visitor, false); + PageTemplates.pageEnd(out); + } finally { + out.close(); + } + } + + protected void doGetReaders(Connection sql, HttpServletRequest request, HttpServletResponse response, com.juick.User user) throws ServletException, IOException { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + + if (visitor == null) { + pageUserRefCookie(request, response, user.UID); + } + + response.setContentType("text/html; charset=UTF-8"); + PrintWriter out = response.getWriter(); + try { + String head = ""; + PageTemplates.pageHead(out, "Читатели " + user.UName, head); + PageTemplates.pageNavigation(out, visitor, null); + pageUserColumn(out, sql, user, visitor); + + out.println("
"); + out.println(""); + + PreparedStatement stmt = null; + ResultSet rs = null; + try { + stmt = sql.prepareStatement("SELECT users.id,users.nick FROM subscr_users INNER JOIN users ON subscr_users.suser_id=users.id WHERE subscr_users.user_id=? ORDER BY users.nick"); + stmt.setInt(1, user.UID); + rs = stmt.executeQuery(); + rs.beforeFirst(); + int cnt = 0; + while (rs.next()) { + if (cnt % 3 == 0 && cnt > 0) { + out.print(""); + } + out.print(""); + cnt++; + } + } catch (SQLException e) { + System.err.println(e); + } finally { + Utils.finishSQL(rs, stmt); + } + + out.println("
" + rs.getString(2) + "
"); + out.println("
"); + + PageTemplates.pageFooter(request, out, visitor, false); + PageTemplates.pageEnd(out); + } finally { + out.close(); + } + } + + public static void pageUserRefCookie(HttpServletRequest request, HttpServletResponse response, int uid) { + String hReferer = request.getHeader("Referer"); + String ref = Utils.getCookie(request, "ref"); + + if (ref == null && (hReferer == null || !(hReferer.startsWith("http://juick.com/") || hReferer.startsWith("https://juick.com/")))) { + Cookie c = new Cookie("ref", Integer.toString(uid)); + c.setMaxAge(7 * 24 * 60 * 60); + c.setPath("/"); + response.addCookie(c); + } + } + + public static void pageUserColumn(PrintWriter out, Connection sql, com.juick.User user, com.juick.User visitor) { + out.println(""); + } + + public static String pageUserTags(Connection sql, com.juick.User user, com.juick.User visitor, int cnt) { + com.juick.Tag tags[] = null; + + int maxUsageCnt = 0; + PreparedStatement stmt = null; + ResultSet rs = null; + try { + if (cnt > 0) { + stmt = sql.prepareStatement("SELECT tags.name AS name,COUNT(DISTINCT messages_tags.message_id) AS cnt FROM (messages INNER JOIN messages_tags ON (messages.message_id=messages_tags.message_id)) INNER JOIN tags ON messages_tags.tag_id=tags.tag_id WHERE messages.user_id=? GROUP BY messages_tags.tag_id ORDER BY cnt DESC LIMIT ?", ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY); + stmt.setInt(1, user.UID); + stmt.setInt(2, cnt); + } else { + stmt = sql.prepareStatement("SELECT tags.name AS name,COUNT(DISTINCT messages_tags.message_id) AS cnt FROM (messages INNER JOIN messages_tags ON (messages.message_id=messages_tags.message_id)) INNER JOIN tags ON messages_tags.tag_id=tags.tag_id WHERE messages.user_id=? GROUP BY messages_tags.tag_id ORDER BY cnt DESC", ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY); + stmt.setInt(1, user.UID); + } + rs = stmt.executeQuery(); + rs.last(); + tags = new com.juick.Tag[rs.getRow()]; + rs.beforeFirst(); + cnt = 0; + while (rs.next()) { + tags[cnt] = new com.juick.Tag(); + tags[cnt].Name = rs.getString(1); + tags[cnt].UsageCnt = rs.getInt(2); + if (tags[cnt].UsageCnt > maxUsageCnt) { + maxUsageCnt = tags[cnt].UsageCnt; + } + cnt++; + } + } catch (SQLException e) { + System.err.println(e); + } finally { + Utils.finishSQL(rs, stmt); + } + + if (tags != null && cnt > 0) { + Arrays.sort(tags, 0, cnt); + } + + String ret = ""; + for (int i = 0; i < cnt; i++) { + String tag = Utils.encodeHTML(tags[i].Name); + try { + tag = "" + tag + ""; + } catch (UnsupportedEncodingException e) { + } + + if (tags[i].UsageCnt > maxUsageCnt / 3 * 2) { + ret += "" + tag + " "; + } else if (tags[i].UsageCnt > maxUsageCnt / 3) { + ret += "" + tag + " "; + } else { + ret += tag + " "; + } + } + return ret; + } +} diff --git a/src/main/java/com/juick/http/www/UserThread.java b/src/main/java/com/juick/http/www/UserThread.java new file mode 100644 index 00000000..73809f6c --- /dev/null +++ b/src/main/java/com/juick/http/www/UserThread.java @@ -0,0 +1,370 @@ +/* + * Juick + * Copyright (C) 2008-2011, Ugnich Anton + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + */ +package com.juick.http.www; + +import com.juick.server.MessagesQueries; +import com.juick.server.UserQueries; +import java.io.IOException; +import java.io.PrintWriter; +import java.sql.Connection; +import java.util.ArrayList; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +/** + * + * @author Ugnich Anton + */ +public class UserThread { + + protected void doGetThread(Connection sql, HttpServletRequest request, HttpServletResponse response, int MID) throws ServletException, IOException { + com.juick.User visitor = Utils.getVisitorUser(sql, request, response); + + if (!MessagesQueries.canViewThread(sql, MID, visitor != null ? visitor.UID : 0)) { + response.sendError(403); + return; + } + + com.juick.Message msg = MessagesQueries.getMessage(sql, MID); + + boolean listview = false; + String paramView = request.getParameter("view"); + if (paramView != null) { + if (paramView.equals("list")) { + listview = true; + if (visitor != null) { + UserQueries.setUserOptionInt(sql, visitor.UID, "repliesview", 1); + } + } else if (paramView.equals("tree") && visitor != null) { + UserQueries.setUserOptionInt(sql, visitor.UID, "repliesview", 0); + } + } else if (visitor != null && UserQueries.getUserOptionInt(sql, visitor.UID, "repliesview", 0) == 1) { + listview = true; + } + + String title = msg.User.UName + ": " + msg.getTagsString(); + + if (visitor == null) { + User.pageUserRefCookie(request, response, msg.User.UID); + } + + response.setContentType("text/html; charset=UTF-8"); + PrintWriter out = response.getWriter(); + try { + String headers = ""; + if (paramView != null) { + headers += ""; + } + if (msg.Hidden) { + headers += ""; + } + PageTemplates.pageHead(out, title, headers); + PageTemplates.pageNavigation(out, visitor, null); + + out.println("
"); + printMessage(out, sql, msg, visitor); + printReplies(out, sql, msg, visitor, listview); + out.println("
"); + + PageTemplates.pageFooter(request, out, visitor, false); + + out.println(""); + + PageTemplates.pageEnd(out); + } finally { + out.close(); + } + } + + public static com.juick.Message printMessage(PrintWriter out, Connection sql, com.juick.Message msg, com.juick.User visitor) { + msg.VisitorCanComment = visitor != null; + + ArrayList tags = MessagesQueries.getMessageTags(sql, msg.MID); + String tagsStr = PageTemplates.formatTags(tags); + if (msg.ReadOnly) { + tagsStr += " *readonly"; + msg.VisitorCanComment = false; + } + if (msg.Privacy < 0) { + tagsStr += " *friends"; + } + + String txt; + if (!msg.Tags.isEmpty() && msg.Tags.contains("code")) { + txt = PageTemplates.formatMessageCode(msg.Text); + } else { + txt = PageTemplates.formatMessage(msg.Text); + } + + if (!tags.isEmpty()) { + tagsStr = "" + tagsStr + ""; + } + + out.println("
    "); + out.println("
  • "); + out.println("
    \""
    "); + out.println("
    "); + out.println("
    "); + out.println("
    @" + msg.User.UName + ":" + tagsStr + "
    "); + out.println("
    " + PageTemplates.formatJSLocalTime(msg.TimestampString) + "
    "); + out.println("
    " + txt + "
    "); + + if (msg.AttachmentType != null) { + out.println("
    \"\"/
    "); + } + + boolean visitorInBL = false; + if (visitor != null) { + if (visitor.UID == msg.User.UID) { + msg.VisitorCanComment = true; + } else { + visitorInBL = UserQueries.isInBL(sql, msg.User.UID, visitor.UID); + if (visitorInBL) { + msg.VisitorCanComment = false; + } + } + } + + if (msg.VisitorCanComment) { + out.println("
    "); + out.println("
    "); + out.println("
    "); + } + + ArrayList recomm = MessagesQueries.getMessageRecommendations(sql, msg.MID); + if (!recomm.isEmpty()) { + out.print("
    Рекомендовали (" + recomm.size() + "): "); + for (int i = 0; i < recomm.size(); i++) { + if (i > 0) { + out.print(", "); + } + out.print("@" + recomm.get(i) + ""); + } + out.println("
    "); + } + out.println("
    "); + out.println("
  • "); + + out.println("
  • "); + out.println("
"); + + return msg; + } + + public static void printReplies(PrintWriter out, Connection sql, com.juick.Message msg, com.juick.User visitor, boolean listview) { + ArrayList replies = MessagesQueries.getReplies(sql, msg.MID); + + ArrayList blUIDs = new ArrayList(); + for (int i = 0; i < replies.size(); i++) { + com.juick.Message reply = replies.get(i); + if (reply.User.UID != msg.User.UID && !blUIDs.contains(reply.User.UID)) { + blUIDs.add(reply.User.UID); + } + if (reply.ReplyTo > 0) { + boolean added = false; + for (int n = 0; n < replies.size(); n++) { + if (replies.get(n).RID == reply.ReplyTo) { + replies.get(n).childs.add(reply); + added = true; + break; + } + } + if (!added) { + reply.ReplyTo = 0; + } + } + } + + if (!replies.isEmpty()) { + if (visitor != null && msg.User.UID == visitor.UID) { + for (int i = 0; i < replies.size(); i++) { + replies.get(i).VisitorCanComment = true; + } + } else if (visitor != null && msg.VisitorCanComment) { + blUIDs = UserQueries.checkBL(sql, visitor.UID, blUIDs); + for (int i = 0; i < replies.size(); i++) { + com.juick.Message reply = replies.get(i); + reply.VisitorCanComment = reply.User.UID == visitor.UID || !blUIDs.contains(reply.User.UID); + } + } else { + for (int i = 0; i < replies.size(); i++) { + replies.get(i).VisitorCanComment = false; + } + } + + boolean foldable = false; + if (replies.size() > 10) { + for (int i = 0; i < replies.size() - 1; i++) { + if (replies.get(i).getChildsCount() > 1) { + foldable = true; + break; + } + } + } + + out.println("
"); + out.print("
"); + if (listview) { + out.print("Показать деревом"); + } else { + if (foldable) { + out.print("li').show(); $('#replies .msg-comments').hide(); $('#unfoldall').hide(); return false\">Раскрыть все · "); + } + out.print("Показать списком"); + } + out.print("
"); + out.println("

Ответы (" + replies.size() + ")

"); + out.println("
"); + + out.println("
    "); + if (listview) { + printList(out, replies, visitor); + } else { + printTree(out, replies, visitor, 0, 0, false); + } + out.println("
"); + + if (replies.size() > 0) { + PageTemplates.pageYandexAd728(out, 1); + } + + for (int i = 0; i < replies.size(); i++) { + replies.get(i).cleanupChilds(); + } + replies.clear(); + } + } + + public static void printTree(PrintWriter out, ArrayList replies, com.juick.User visitor, int ReplyTo, int margin, boolean hidden) { + if (margin > 240) { + margin = 240; + } + + for (int i = 0; i < replies.size(); i++) { + com.juick.Message msg = replies.get(i); + if (msg.ReplyTo == ReplyTo) { + + out.print("
  • 0) { + out.print("margin-left: " + margin + "px;"); + } + if (hidden) { + out.print("display:none;"); + } + out.println("\">"); + if (msg.User.Banned == false) { + out.println("
    \""
    "); + } else { + out.println("
    "); + } + out.println("
    "); + out.println("
    "); + if (msg.User.Banned == false) { + out.println(" "); + } else { + out.println("
    [удалено]:
    "); + } + out.println(" "); + out.println("
    " + PageTemplates.formatMessage(msg.Text) + "
    "); + if (msg.AttachmentType != null) { + out.println("
    \"\"/
    "); + } + if (msg.VisitorCanComment) { + out.println(" "); + out.println("
    "); + } else if (visitor == null) { + out.println(" "); + } + + int childs = msg.getChildsCount(); + if (ReplyTo == 0 && childs > 1 && replies.size() > 10) { + out.println(" "); + + } + out.println("
    "); + out.println("
  • "); + + if (ReplyTo == 0 && childs > 1 && replies.size() > 10) { + printTree(out, msg.childs, visitor, msg.RID, margin + 20, true); + } else if (childs > 0) { + printTree(out, msg.childs, visitor, msg.RID, margin + 20, hidden); + } + } + } + } + + public static void printList(PrintWriter out, ArrayList replies, com.juick.User visitor) { + for (int i = 0; i < replies.size(); i++) { + com.juick.Message msg = replies.get(i); + + out.print("
  • "); + if (msg.User.Banned == false) { + out.println("
    \""
    "); + } else { + out.println("
    "); + } + out.println("
    "); + out.println("
    "); + if (msg.User.Banned == false) { + out.println(" "); + } else { + out.println("
    [удалено]:
    "); + } + out.println(" "); + out.println("
    " + PageTemplates.formatMessage(msg.Text) + "
    "); + if (msg.AttachmentType != null) { + out.println("
    \"\"/
    "); + } + out.print("
    /" + msg.RID); + if (msg.ReplyTo > 0) { + out.print(" в ответ на /" + msg.ReplyTo + ""); + } + if (msg.VisitorCanComment) { + out.println(" · Ответить
    "); + out.println("
    "); + } else if (visitor == null) { + out.println(" "); + } + out.println("
    "); + out.println("
  • "); + } + } +} diff --git a/src/main/java/com/juick/http/www/Utils.java b/src/main/java/com/juick/http/www/Utils.java new file mode 100644 index 00000000..afaf131e --- /dev/null +++ b/src/main/java/com/juick/http/www/Utils.java @@ -0,0 +1,244 @@ +/* + * Juick + * Copyright (C) 2008-2011, Ugnich Anton + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + */ +package com.juick.http.www; + +import java.io.BufferedReader; +import java.io.FileOutputStream; +import java.io.IOException; +import java.io.InputStream; +import java.io.InputStreamReader; +import java.io.PrintWriter; +import java.net.URL; +import java.net.URLConnection; +import java.sql.Connection; +import java.sql.ResultSet; +import java.sql.SQLException; +import java.sql.Statement; +import java.util.ArrayList; +import java.util.UUID; +import javax.servlet.http.Cookie; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.Part; + +/** + * + * @author Ugnich Anton + */ +public class Utils { + + public static String getCookie(HttpServletRequest request, String name) { + Cookie cookies[] = request.getCookies(); + if (cookies != null) { + for (int i = 0; i < cookies.length; i++) { + if (cookies[i].getName().equals(name)) { + return cookies[i].getValue(); + } + } + } + return null; + } + + public static String receiveMultiPartFile(HttpServletRequest request, String name) throws Exception { + String attachmentFName = null; + + Part filePart = request.getPart("attach"); + if (filePart != null) { + String partname = Utils.getPartFilename(filePart); + String attachmentType = partname.substring(partname.length() - 3).toLowerCase(); + if (attachmentType.equals("jpg") || attachmentType.equals("peg") || attachmentType.equals("png")) { + if (attachmentType.equals("peg")) { + attachmentType = "jpg"; + } + attachmentFName = UUID.randomUUID().toString() + "." + attachmentType; + filePart.write("/var/www/juick.com/i/tmp/" + attachmentFName); + } else { + throw new Exception("Wrong file type"); + } + } + + return attachmentFName; + } + + public static com.juick.User getVisitorUser(Connection sql, HttpServletRequest request, HttpServletResponse response) { + String hash = getCookie(request, "hash"); + if (hash != null) { + com.juick.User visitor = com.juick.server.UserQueries.getUserByHash(sql, hash); + if (response != null && visitor != null) { + response.setHeader("X-Username", visitor.UName); + } + return visitor; + } else { + return null; + } + } + + public static void sendTemporaryRedirect(HttpServletResponse response, String location) { + response.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY); + response.setHeader("Location", location); + } + + public static void sendPermanentRedirect(HttpServletResponse response, String location) { + response.setStatus(HttpServletResponse.SC_MOVED_PERMANENTLY); + response.setHeader("Location", location); + } + + public static String getPartFilename(Part part) { + for (String cd : part.getHeader("content-disposition").split(";")) { + if (cd.trim().startsWith("filename")) { + String filename = cd.substring(cd.indexOf('=') + 1).trim().replace("\"", ""); + return filename.substring(filename.lastIndexOf('/') + 1).substring(filename.lastIndexOf('\\') + 1); // MSIE fix. + } + } + return null; + } + + public static void finishSQL(ResultSet rs, Statement stmt) { + if (rs != null) { + try { + rs.close(); + } catch (SQLException e) { + } + } + if (stmt != null) { + try { + stmt.close(); + } catch (SQLException e) { + } + } + } + + public static void replyJSON(HttpServletRequest request, HttpServletResponse response, String json) throws IOException { + response.setContentType("application/json; charset=UTF-8"); + response.setHeader("Access-Control-Allow-Origin", "*"); + + String callback = request.getParameter("callback"); + if (callback != null && (callback.length() > 64 || !callback.matches("[a-zA-Z0-9\\-\\_]+"))) { + callback = null; + } + + PrintWriter out = response.getWriter(); + try { + if (callback != null) { + out.print(callback + "("); + out.print(json); + out.print(")"); + } else { + out.print(json); + } + } finally { + out.close(); + } + } + + public static String convertArray2String(ArrayList mids) { + String q = ""; + for (int i = 0; i < mids.size(); i++) { + if (i > 0) { + q += ","; + } + q += mids.get(i); + } + return q; + } + + public static String encodeHTML(String str) { + return str.replaceAll("&", "&").replaceAll("<", "<").replaceAll(">", ">").replaceAll("'", "'").replaceAll("\"", """).replaceAll("\n", " "); + } + + public static String encodeSphinx(String str) { + return str.replaceAll("@", "\\\\@"); + } + + public static int parseInt(String str, int def) { + int ret = def; + if (str != null) { + try { + ret = Integer.parseInt(str); + } catch (Exception e) { + } + } + return ret; + } + + public static String fetchURL(String url) { + try { + URLConnection c = new URL(url).openConnection(); + BufferedReader in = new BufferedReader(new InputStreamReader(c.getInputStream())); + String inputLine; + StringBuilder b = new StringBuilder(); + while ((inputLine = in.readLine()) != null) { + b.append(inputLine).append("\n"); + } + in.close(); + return b.toString(); + } catch (Exception e) { + System.err.println("fetchURL: "+e.toString()); + return null; + } + } + + public static String downloadImage(String url) throws Exception { + String attachmentFName = null; + Exception ex = null; + + InputStream is = null; + FileOutputStream fos = null; + try { + URLConnection urlConn = new URL(url).openConnection(); + is = urlConn.getInputStream(); + String mime = urlConn.getContentType(); + + String attachmentType; + if (mime != null && mime.equals("image/jpeg")) { + attachmentType = "jpg"; + } else if (mime != null && mime.equals("image/png")) { + attachmentType = "png"; + } else { + throw new Exception("Wrong file type"); + } + + attachmentFName = UUID.randomUUID().toString() + "." + attachmentType; + fos = new FileOutputStream("/var/www/juick.com/i/tmp/" + attachmentFName); + byte[] buffer = new byte[10240]; + int len; + while ((len = is.read(buffer)) > 0) { + fos.write(buffer, 0, len); + } + } catch (Exception e) { + ex = e; + attachmentFName = null; + } finally { + try { + if (is != null) { + is.close(); + } + } finally { + if (fos != null) { + fos.close(); + } + } + } + + if (ex != null) { + throw ex; + } else { + return attachmentFName; + } + } +} diff --git a/src/main/java/com/juick/http/www/VKontakteLogin.java b/src/main/java/com/juick/http/www/VKontakteLogin.java new file mode 100644 index 00000000..5f26fef1 --- /dev/null +++ b/src/main/java/com/juick/http/www/VKontakteLogin.java @@ -0,0 +1,155 @@ +/* + * Juick + * Copyright (C) 2008-2013, Ugnich Anton + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + */ +package com.juick.http.www; + +import com.juick.server.UserQueries; +import java.io.IOException; +import java.net.URLEncoder; +import java.sql.Connection; +import java.sql.PreparedStatement; +import java.sql.ResultSet; +import java.sql.SQLException; +import java.util.UUID; +import javax.servlet.ServletException; +import javax.servlet.http.Cookie; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import org.json.JSONException; +import org.json.JSONObject; + +/** + * + * @author Ugnich Anton + */ +public class VKontakteLogin { + + private static final String VK_APPID = "3544101"; + private static final String VK_SECRET = "z2afNI8jA5lIpZ2jsTm1"; + private static final String VK_REDIRECT = "http://juick.com/_vklogin"; + + protected void doGet(Connection sql, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + String code = request.getParameter("code"); + if (code == null || code.equals("")) { + response.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY); + response.setHeader("Location", "https://oauth.vk.com/authorize?client_id=" + VK_APPID + "&redirect_uri=" + URLEncoder.encode(VK_REDIRECT, "utf-8") + "&scope=friends,wall,offline&response_type=code"); + return; + } + + + String tokenjson = Utils.fetchURL("https://oauth.vk.com/access_token?client_id=" + VK_APPID + "&redirect_uri=" + URLEncoder.encode(VK_REDIRECT, "utf-8") + "&client_secret=" + VK_SECRET + "&code=" + URLEncoder.encode(code, "utf-8")); + if (tokenjson == null || tokenjson.isEmpty()) { + System.err.println("VK TOKEN EMPTY"); + response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + return; + } + String token = null; + long vkID = 0; + try { + JSONObject json = new JSONObject(tokenjson); + token = json.getString("access_token"); + vkID = json.getLong("user_id"); + } catch (JSONException e) { + System.err.println("VK TOKEN EXCEPTION: " + e); + response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + return; + } + if (token == null || vkID == 0) { + System.err.println("VK TOKEN EMPTY: " + tokenjson); + response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + return; + } + + + + String graph = Utils.fetchURL("https://api.vk.com/method/users.get?uids=" + vkID + "&fields=screen_name&access_token=" + token); + if (graph == null || graph.isEmpty()) { + System.err.println("VK GRAPH ERROR"); + response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + return; + } + + try { + JSONObject json = new JSONObject(graph).getJSONArray("response").getJSONObject(0); + String vkName = json.getString("first_name") + " " + json.getString("last_name"); + String vkLink = json.getString("screen_name"); + + if (vkName == null || vkLink == null || vkName.isEmpty() || vkName.length() == 1 || vkLink.isEmpty()) { + throw new Exception(); + } + + int uid = getUIDbyVKID(sql, vkID); + if (uid > 0) { + Cookie c = new Cookie("hash", UserQueries.getHashByUID(sql, uid)); + c.setMaxAge(50 * 24 * 60 * 60); + response.addCookie(c); + response.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY); + response.setHeader("Location", "/"); + } else { + String loginhash = UUID.randomUUID().toString(); + if (!insertDB(sql, vkID, loginhash, token, vkName, vkLink)) { + throw new Exception(); + } + response.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY); + response.setHeader("Location", "/signup?type=vk&hash=" + loginhash); + } + } catch (Exception e) { + System.err.println("JSON ERROR: " + e); + response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + return; + } + } + + private int getUIDbyVKID(Connection sql, long vkID) { + int uid = 0; + PreparedStatement stmt = null; + ResultSet rs = null; + try { + stmt = sql.prepareStatement("SELECT user_id FROM vk WHERE vk_id=? AND user_id IS NOT NULL"); + stmt.setLong(1, vkID); + rs = stmt.executeQuery(); + if (rs.first()) { + uid = rs.getInt(1); + } + } catch (SQLException e) { + System.err.println(e); + } finally { + Utils.finishSQL(rs, stmt); + } + return uid; + } + + private boolean insertDB(Connection sql, long vkID, String loginhash, String token, String vkName, String vkLink) { + boolean ret = false; + PreparedStatement stmt = null; + try { + stmt = sql.prepareStatement("INSERT INTO vk(vk_id,loginhash,access_token,vk_name,vk_link) VALUES (?,?,?,?,?)"); + stmt.setLong(1, vkID); + stmt.setString(2, loginhash); + stmt.setString(3, token); + stmt.setString(4, vkName); + stmt.setString(5, vkLink); + stmt.executeUpdate(); + ret = true; + } catch (SQLException e) { + System.err.println(e); + } finally { + Utils.finishSQL(null, stmt); + } + return ret; + } +} -- cgit v1.2.3