Cleanup

20ce2df0 · echicken · 7580c12d · 20ce2df0 · 20ce2df0 · 20ce2df0
Commit 20ce2df0 authored 9 years ago by echicken
--- a/web/root/api/attachments.ssjs
+++ b/web/root/api/attachments.ssjs
-load(system.exec_dir + "../web/lib/init.js");
+load(system.exec_dir + '../web/lib/init.js');
-load(settings.web_lib + "auth.js");
+load(settings.web_lib + 'auth.js');
-load(settings.web_lib + "mime-decode.js");
+load(settings.web_lib + 'mime-decode.js');
-var barfOut = function(err) {
+function barfOut(err) {
 	log(err);
 	exit();
 }
-if(	typeof http_request.query.sub == "undefined"
+if (typeof http_request.query.sub === 'undefined' ||
-	||
+	(	http_request.query.sub[0] !== 'mail' &&
-	(	http_request.query.sub[0] != 'mail'
+		typeof msg_area.sub[http_request.query.sub[0]] === 'undefined'
-		&&
-		typeof msg_area.sub[http_request.query.sub[0]] == "undefined"
 	)
 ) {
-	barfOut("Invalid sub.");
+	barfOut('Invalid sub.');
 }
 var sub = http_request.query.sub[0];
-if(typeof http_request.query.msg == "undefined")
+if (typeof http_request.query.msg === 'undefined') {
-	barfOut("No message number provided.");
+	barfOut('No message number provided.');
+}
 var id = parseInt(http_request.query.msg[0]);
-if(typeof http_request.query.cid != "undefined")
+if (typeof http_request.query.cid !== 'undefined') {
 	var cid = http_request.query.cid[0];
-else if(typeof http_request.query.filename != "undefined")
+} else if (typeof http_request.query.filename !== 'undefined') {
 	var filename = http_request.query.filename[0];
-else
+} else {
-	barfOut("No attachment specified.");
+	barfOut('No attachment specified.');
+}
 var msgBase = new MsgBase(sub);
-if(!msgBase.open())
+if (!msgBase.open()) barfOut('Unable to open MsgBase ' + sub);
-	barfOut("Unable to open MsgBase " + sub);
 var header = msgBase.get_msg_header(false, id);
-if(header === null)
+if (header === null) barfOut('No such message.');
-	barfOut("No such message.");
+if (typeof msgBase.cfg === 'undefined' && header.to_ext != user.number) {
-if(typeof msgBase.cfg == "undefined" && header.to_ext != user.number)
+	barfOut('Not your message.');
-	barfOut("Not your message.");
+}
 var body = msgBase.get_msg_body(false, id, header);
-if(body === null)
+if (body === null) barfOut('Cannot read message body!');
-	barfOut("Cannot read message body!");
 msgBase.close();
-if(typeof cid != "undefined")
+if (typeof cid !== 'undefined') {
 	var att = mime_get_cid_attach(header, body, cid);
-else if(typeof filename != "undefined")
+} else if (typeof filename !== 'undefined') {
 	var att = mime_get_attach(header, body, filename);
+}
-if(typeof att != "undefined") {
+if (typeof att != 'undefined') {
-	if(typeof att.content_type != "undefined")
+	if (typeof att.content_type !== 'undefined') {
-		http_reply.header["Content-Type"] = att.content_type;
+		http_reply.header['Content-Type'] = att.content_type;
-	http_reply.header["Content-Length"] = att.body.length;
+	}
+	http_reply.header['Content-Length'] = att.body.length;
 	write(att.body);
 }
\ No newline at end of file
--- a/web/root/api/auth.ssjs
+++ b/web/root/api/auth.ssjs
@@ -2,10 +2,10 @@ load(system.exec_dir + '../web/lib/init.js');
 load(settings.web_lib + 'auth.js');
 var response = JSON.stringify(
-	{ 'authenticated' : (user.alias !== settings.guest) }
+	{ authenticated : (user.alias !== settings.guest) }
 );
-http_reply.header["Content-Type"] = "application/json";
+http_reply.header['Content-Type'] = 'application/json';
-http_reply.header["Content-Length"] = response.length;
+http_reply.header['Content-Length'] = response.length;
 write(response);
--- a/web/root/api/files.ssjs
+++ b/web/root/api/files.ssjs
@@ -5,7 +5,7 @@ load('filedir.js');
 var reply = {};
-if ((http_request.method === "GET" || http_request.method === "POST") &&
+if ((http_request.method === 'GET' || http_request.method === 'POST') &&
 	typeof http_request.query.call !== 'undefined' &&
 	user.number > 0	&&
 	user.alias !== settings.guest

--- a/web/root/api/register.ssjs
+++ b/web/root/api/register.ssjs
 load('sbbsdefs.js');
-load(system.exec_dir + "../web/lib/init.js");
+load(system.exec_dir + '../web/lib/init.js');
-load(settings.web_lib + "/auth.js");
+load(settings.web_lib + '/auth.js');
-if(user.alias != settings.guest)
+if (user.alias !== settings.guest) exit();
-	exit();
+if (!settings.user_registration) exit();
-if(!settings.user_registration)
-	exit();
 var MIN_ALIAS = 1,
 	MIN_REALNAME = 3,
@@ -17,164 +14,199 @@ var MIN_ALIAS = 1,
 var reply = {
-	'errors' : [],
+	errors : [],
-	'userNumber' : 0
+	userNumber : 0
 };
 var prepUser = {
-	'alias' : "",
+	alias : '',
-	'handle' : "",
+	handle : '',
-	'realname' : "",
+	realname : '',
-	'netmail' : "",
+	netmail : '',
-	'address' : "",
+	address : '',
-	'location' : "",
+	location : '',
-	'phone' : "",
+	phone : '',
-	'birthdate' : "",
+	birthdate : '',
-	'gender' : "",
+	gender : '',
-	'password' : ""
+	password : ''
 };
-var required = function(mask) {
+function required(mask) {
 	return (system.new_user_questions&mask);
 }
-var cleanParam = function(param) {
+function cleanParam(param) {
-	if(paramExists(param))
+	if (paramExists(param)) {
-		return http_request.query[param][0].replace(/[^\x20-\x7E]/g, "");
+		return http_request.query[param][0].replace(/[^\x20-\x7E]/g, '');
+	}
 	return "";
 }
-var paramExists = function(param) {
+function paramExists(param) {
-	if(	typeof http_request.query[param] != "undefined"
+	if (typeof http_request.query[param] !== 'undefined' &&
-		&&
+		http_request.query[param][0] !== ''
-		http_request.query[param][0] != ""
 	) {
 		return true;
 	}
 	return false;
 }
-var paramLength = function(param) {
+function paramLength(param) {
-	if(typeof http_request.query[param] == "undefined")
+	if (typeof http_request.query[param] === 'undefined') {
 		return 0;
-	else if(http_request.query[param][0].replace(" ", "").length < 1)
+	} else if (http_request.query[param][0].replace(' ', '').length < 1) {
 		return 0;
-	else if(cleanParam(param).length < 1)
+	} else if (cleanParam(param).length < 1) {
 		return 0;
-	else
+	} else {
 		return http_request.query[param][0].length;
+	}
 }
-var newUser = function() {
+function newUser() {
 	var usr = system.new_user(prepUser.alias);
-	if(typeof usr == "number") {
+	if (typeof usr === 'number') {
-		reply.errors.push("Failed to create user record.");
+		reply.errors.push('Failed to create user record.');
 		return;
 	}
-	log("User #" + usr.number + " registered via HTTP.");
+	log('User #' + usr.number + ' registered via HTTP.');
 	usr.security.password = prepUser.password;
-	for(var property in prepUser) {
+	for (var property in prepUser) {
-		if(property == "alias" || property == "password")
+		if (property === 'alias' || property === 'password') continue;
-			continue;
 		usr[property] = prepUser[property];
 	}
 	reply.userNumber = usr.number;
 }
 // See if the hidden form fields were filled
-if(	(	paramExists("send-me-free-stuff")
+if ((	paramExists('send-me-free-stuff') &&
-		&&
+		http_request.query['send-me-free-stuff'][0] !== ''
-		http_request.query["send-me-free-stuff"][0] != ""
+	) ||
-	)
+	(	paramExists('subscribe-to-newsletter') &&
-	||
+		http_request.query['subscribe-to-newsletter'][0] !== ''
-	(	paramExists("subscribe-to-newsletter")
-		&&
-		http_request.query["subscribe-to-newsletter"][0] != ""
 	)
 ) {
-	log("Hidden registration form input element filled.  Likely a bot.  Cancelling user registration.");
+	log('Hidden registration form input element filled.  ' +
+		'Likely a bot.  Cancelling user registration.'
+	);
 	exit();
 }
-if(	system.newuser_password != ""
+if (system.newuser_password !== '' &&
-	&&
+	(	typeof http_request.query['newuser-password'] === 'undefined' ||
-	(	typeof http_request.query["newuser-password"] == "undefined"
+		http_request.query['newuser-password'][0] != system.newuser_password
-		||
-		http_request.query["newuser-password"][0] != system.newuser_password
 	)
 ) {
-	reply.errors.push("Incorrect registration password.");
+	reply.errors.push('Incorrect registration password.');
 }
 // More could be done to respect certain newuser question toggles
 // (UQ_DUPREAL, UQ_NOUPPRLWR, UQ_NOCOMMAS), but I don't care right now.
-if(!paramExists("alias") || paramLength("alias") < MIN_ALIAS || paramLength("alias") > LEN_ALIAS) {
+if (!paramExists('alias') ||
-	reply.errors.push("Valid username is required.");
+	paramLength('alias') < MIN_ALIAS ||
-} else if(system.matchuser(http_request.query.alias[0]) > 0) {
+	paramLength('alias') > LEN_ALIAS
-	reply.errors.push("Username already taken.");
+) {
+	reply.errors.push('Valid username is required.');
+} else if (system.matchuser(http_request.query.alias[0]) > 0) {
+	reply.errors.push('Username already taken.');
+} else {
+	prepUser.alias = cleanParam('alias');
+	prepUser.handle = cleanParam('alias');
+}
+if ((!paramExists('password1') || !paramExists('password2')) ||
+	http_request.query.password1[0] !== http_request.query.password2[0]
+) {
+	reply.errors.push('Password & confirmation are required, and must match.');
+} else if (
+	paramLength('password1') < settings.minimum_password_length ||
+	paramLength('password1') > LEN_PASS
+) {
+	reply.errors.push(
+		'Password must be between ' +
+		settings.minimum_password_length + ' and ' + LEN_PASS + ' in length.'
+	);
+} else {
+	prepUser.password = cleanParam('password1');
+}
+if (!paramExists('netmail') && !required(UQ_NONETMAIL)) {
+	reply.errors.push('Email address is required.');
+} else if (
+	(	paramLength('netmail') < MIN_NETMAIL ||
+		paramLength('netmail') > LEN_NETMAIL
+	) && !required(UQ_NONETMAIL)
+) {
+	reply.errors.push('Invalid email address.');
+} else {
+	prepUser.netmail = cleanParam('netmail');
+}
+if (required(UQ_REALNAME) &&
+	(	!paramExists('realname') ||
+		paramLength('realname') < MIN_REALNAME ||
+		paramLength('realname') > LEN_NAME
+	)
+) {
+	reply.errors.push('Valid real name is required.');
+} else {
+	prepUser.realname = cleanParam('realname');
+}
+if (required(UQ_LOCATION) &&
+	(	!paramExists('location') ||
+		paramLength('location') < MIN_LOCATION ||
+		paramLength('location') > LEN_LOCATION
+	)
+) {
+	reply.errors.push('Valid location is required.');
 } else {
-	prepUser.alias = cleanParam("alias");
+	prepUser.location = cleanParam('location');
-	prepUser.handle = cleanParam("alias");
 }
-if(	(!paramExists("password1") || !paramExists("password2"))
+if (required(UQ_ADDRESS) &&
-	||
+	(	!paramExists('address') ||
-	http_request.query.password1[0] != http_request.query.password2[0]
+		paramLength('address') < MIN_ADDRESS ||
+		paramLength('address') > LEN_ADDRESS
+	)
 ) {
-	reply.errors.push("Password & confirmation are required, and must match.");
+	reply.errors.push('Valid street address is required.');
-} else if(paramLength("password1") < settings.minimum_password_length || paramLength("password1") > LEN_PASS) {
-	reply.errors.push("Password must be between " + settings.minimum_password_length + " and " + LEN_PASS + " in length.");
 } else {
-	prepUser.password = cleanParam("password1");
+	prepUser.address = cleanParam('address');
 }
-if(!paramExists("netmail") && !required(UQ_NONETMAIL))
+if (required(UQ_PHONE) &&
-	reply.errors.push("Email address is required.");
+	(	!paramExists('phone') ||
-else if((paramLength("netmail") < MIN_NETMAIL || paramLength("netmail") > LEN_NETMAIL) && !required(UQ_NONETMAIL))
+		paramLength('phone') < MIN_PHONE ||
-	reply.errors.push("Invalid email address.");
+		paramLength('phone') > LEN_PHONE
-else
+	)
-	prepUser.netmail = cleanParam("netmail");
+) {
+	reply.errors.push('Valid phone number is required.');
-if(required(UQ_REALNAME) && (!paramExists("realname") || paramLength("realname") < MIN_REALNAME || paramLength("realname") > LEN_NAME))
+} else {
-	reply.errors.push("Valid real name is required.");
+	prepUser.phone = cleanParam('phone');
-else
+}
-	prepUser.realname = cleanParam("realname");
+if (required(UQ_SEX) &&
-if(required(UQ_LOCATION) && (!paramExists("location") || paramLength("location") < MIN_LOCATION || paramLength("location") > LEN_LOCATION))
+	(!paramExists('gender') || paramLength('gender') != 1)
-	reply.errors.push("Valid location is required.");
+) {
-else
+	reply.errors.push('Sex is required. Heh heh.');
-	prepUser.location = cleanParam("location");
+} else {
+	prepUser.gender = cleanParam('gender');
-if(required(UQ_ADDRESS) && (!paramExists("address") || paramLength("address") < MIN_ADDRESS || paramLength("address") > LEN_ADDRESS))
+}
-	reply.errors.push("Valid street address is required.");
-else
+if (paramExists('birth') &&
-	prepUser.address = cleanParam("address");
-if(required(UQ_PHONE) && (!paramExists("phone") || paramLength("phone") < MIN_PHONE || paramLength("phone") > LEN_PHONE))
-	reply.errors.push("Valid phone number is required.");
-else
-	prepUser.phone = cleanParam("phone");
-if(required(UQ_SEX) && (!paramExists("gender") || paramLength("gender") != 1))
-	reply.errors.push("Sex is required. Heh heh.");
-else
-	prepUser.gender = cleanParam("gender");
-if(	paramExists("birth")
-	&&
 	http_request.query.birth[0].match(/^\d\d\/\d\d\/\d\d$/) !== null
 ) {
 	// Should really test for valid date (and date format per system config)
-	prepUser.birthdate = cleanParam("birth");
+	prepUser.birthdate = cleanParam('birth');
-} else if(required(UQ_BIRTH)) {
+} else if (required(UQ_BIRTH)) {
-	reply.errors.push("Birthdate is required.");
+	reply.errors.push('Birthdate is required.');
 }
-if(reply.errors.length < 1)
+if (reply.errors.length < 1) newUser();
-	newUser();
 reply = JSON.stringify(reply);
-http_reply.header["Content-Type"] = "application/json";
+http_reply.header['Content-Type'] = 'application/json';
-http_reply.header["Content-Length"] = reply.length;
+http_reply.header['Content-Length'] = reply.length;
 write(reply);
\ No newline at end of file
--- a/web/root/api/system.ssjs
+++ b/web/root/api/system.ssjs
-load("sbbsdefs.js");
+load('sbbsdefs.js');
-load("nodedefs.js");
+load('nodedefs.js');
-load(system.exec_dir + "../web/lib/init.js");
+load(system.exec_dir + '../web/lib/init.js');
-load(settings.web_lib + "auth.js");
+load(settings.web_lib + 'auth.js');
 var reply = {};
-if(	(http_request.method == "GET" || http_request.method == "POST")
+if ((http_request.method === 'GET' || http_request.method === 'POST') &&
-	&&
+	typeof http_request.query.call !== 'undefined' &&
-	typeof http_request.query.call != "undefined"
-	&&
 	user.number > 0
 ) {
-	switch(http_request.query.call[0]) {
+	switch (http_request.query.call[0]) {
-		case "node-list":
+		case 'node-list':
 			reply = system.node_list.map(
-				function(node) {
+				function (node) {
-					if(node.status == 3)
+					if (node.status === 3) var usr = new User(node.useron);
-						var usr = new User(node.useron);
 					return ({
-						'status' : NodeStatus[node.status],
+						status : NodeStatus[node.status],
-						'action' : NodeAction[node.action],
+						action : NodeAction[node.action],
-						'user' : (typeof usr == "undefined" ? "" : usr.alias)
+						user : (typeof usr === 'undefined' ? '' : usr.alias)
 					});
 				}
 			);
 			var usr = new User(1);
-			for(var un = 1; un < system.lastuser; un++) {
+			for (var un = 1; un < system.lastuser; un++) {
 				usr.number = un;
-				if(usr.connection != "HTTP")
+				if (usr.connection !== 'HTTP') continue;
-					continue;
+				if (usr.alias === settings.guest) continue;
-				if(usr.alias == settings.guest)
+				if (usr.settings&USER_QUIET) continue;
-					continue;
+				if (usr.logontime < time() - settings.inactivity) continue;
-				if(usr.settings&USER_QUIET)
+				var webAction = getSessionValue(usr.number, 'action');
-					continue;
+				if (webAction === null) continue;
-				if(usr.logontime < time() - settings.inactivity)
-					continue;
-				var webAction = getSessionValue(usr.number, "action");
-				if(webAction === null)
-					continue;
 				reply.push(
-					{	'status' : "",
+					{	status : '',
-						'action' : "viewing " + webAction,
+						action : 'viewing ' + webAction,
-						'user' : usr.alias
+						user : usr.alias
 					}
 				);
 			}
 			break;
-		case "send-telegram":
+		case 'send-telegram':
-			if(user.alias == settings.guest)
+			if (user.alias === settings.guest) break;
+			if (typeof http_request.query.user === 'undefined') break;
+			if (typeof http_request.query.telegram === 'undefined' ||
+				http_request.query.telegram[0] === ''
+			) {
 				break;
-			if(typeof http_request.query.user == "undefined")
+			}
-				break;
+			if (http_request.query.telegram[0].length >
-			if(typeof http_request.query.telegram == "undefined" || http_request.query.telegram[0] == "")
+				settings.maximum_telegram_length
-				break;
+			) {
-			if(http_request.query.telegram[0].length > settings.maximum_telegram_length)
 				break;
+			}
 			var un = system.matchuser(http_request.query.user[0]);
-			if(un < 1)
+			if (un < 1) break;
-				break;
 			system.put_telegram(
 				un,
-				"Telegram from " +
+				'Telegram from ' +
-				user.alias + " via WWW on " + system.timestr() + "\r\n" +
+				user.alias + ' via WWW on ' + system.timestr() + '\r\n' +
-				http_request.query.telegram[0] +
+				http_request.query.telegram[0] + '\r\n'
-				"\r\n"
 			);
 			break;
-		case "get-telegram":
+		case 'get-telegram':
-			if(user.alias == settings.guest)
+			if (user.alias === settings.guest) break;
-				break;
 			reply.telegram = system.get_telegram(user.number);
 			break;
-		case "set-xtrn-intent":
+		case 'set-xtrn-intent':
-			if(user.alias == settings.guest)
+			if (user.alias === settings.guest) break;
-				break;
+			if (typeof http_request.query.code === 'undefined') break;
-			if(typeof http_request.query.code == "undefined")
+			if (http_request.query.code[0].length > 8) break;
-				break;
+			if (typeof xtrn_area.prog[http_request.query.code[0]] === 'undefined') {
-			if(http_request.query.code[0].length > 8)
-				break;
-			if(typeof xtrn_area.prog[http_request.query.code[0]] == "undefined")
 				break;
+			}
 			setSessionValue(user.number, 'xtrn', http_request.query.code[0]);
 			break;
@@ -96,6 +87,6 @@ if(	(http_request.method == "GET" || http_request.method == "POST")
 }
 reply = JSON.stringify(reply);
-http_reply.header["Content-Type"] = "application/json";
+http_reply.header['Content-Type'] = 'application/json';
-http_reply.header["Content-Length"] = reply.length;
+http_reply.header['Content-Length'] = reply.length;
 write(reply);
\ No newline at end of file