diff options
Diffstat (limited to 'src')
| -rwxr-xr-x | src/site.clj | 33 |
1 files changed, 30 insertions, 3 deletions
diff --git a/src/site.clj b/src/site.clj index 710b45b..b3e7e70 100755 --- a/src/site.clj +++ b/src/site.clj @@ -188,7 +188,7 @@ (defn fetch-messages-by-nick ([nick image-only] (fetch-messages-by-nick nick image-only 0)) ([nick image-only offset] - (let [query (str "SELECT m.content, m.created_on, u.nick, u.avatar + (let [query (str "SELECT m.content, m.created_on, m.message_id, u.nick, u.avatar FROM messages m, users u, rooms r WHERE m.user_id = u.user_id AND u.nick = ? AND r.room_id = m.room_id AND r.admin_only = false " @@ -197,6 +197,15 @@ LIMIT ? OFFSET ?")] (do-select [query nick *dumps-per-page* offset])))) +(defn fetch-public-message-by-id [id] + (let [query (str "SELECT m.content, m.created_on, m.user_id, u.nick, u.avatar + FROM messages m, users u, rooms r + WHERE m.user_id = u.user_id + AND r.room_id = m.room_id + AND r.admin_only = false + AND m.message_id = ?")] + (first (do-select [query (maybe-parse-int id -1)])))) + (defn build-room-map-from-db [room-db] {:admin_only (room-db :admin_only) :room_id (room-db :room_id) @@ -215,6 +224,7 @@ (let [st (.getInstanceOf template-group template)] (if (session :nick) (do (.setAttribute st "user_nick" (session :nick)) + (if (non-empty-string? (session :avatar)) (.setAttribute st "user_avatar" (session :avatar))) (.setAttribute st "isadmin" (session :is_admin)))) st)) @@ -379,7 +389,7 @@ (min (count directory) (* (inc offset) *per-directory-page*))) user-ids (apply str (interpose ", " (map #(%1 :user_id) users))) - qry (str "SELECT u.user_id, u.nick, u.avatar, m.content + qry (str "SELECT u.user_id, u.nick, u.avatar, m.content, m.message_id FROM users u, messages m WHERE u.user_id in (" user-ids ") AND m.user_id = u.user_id @@ -428,7 +438,23 @@ (if (zero? (count @*directory-listing*)) (.setAttribute st "notloaded" true)) (.toString st))) - + +;; Single posts + +(defn single-message [session nick-from-url id-from-url] + (if-let [user-info (fetch-nick nick-from-url)] + (if-let [message (fetch-public-message-by-id id-from-url)] + ; error if nick in url doesn't match the nick who posted the message from the id in url + ; this prevents people from scraping all the content by incrementing the id in the url + (if (= (user-info :user_id) (message :user_id)) + (let [st (fetch-template "single_message" session)] + (.setAttribute st "message" (process-message-for-output message)) + (.toString st)) + (resp-error "NO_MESSAGE")) + (resp-error "NO_MESSAGE")) + (resp-error "NO_USER"))) + + ;; Topics (defn valid-topic? [topic] @@ -749,6 +775,7 @@ (GET "/u/:nick/:offset" (profile session (params :nick) (params :offset))) + (GET "/p/:nick/:postid" (single-message session (params :nick) (params :postid))) (GET "/login" (login session params cookies)) (GET "/logout" (logout session)) (GET "/register" (serve-static "static" "register.html")) |