preventing pdf from showing up in abyss
This commit is contained in:
@@ -125,6 +125,7 @@ export default {
|
|||||||
|
|
||||||
// Support multiple MIME types (comma separated)
|
// Support multiple MIME types (comma separated)
|
||||||
const mimeParts = (mime || "").split(',').filter(m => ['video', 'audio', 'image', 'flash', 'pdf'].includes(m));
|
const mimeParts = (mime || "").split(',').filter(m => ['video', 'audio', 'image', 'flash', 'pdf'].includes(m));
|
||||||
|
const excludePdfSQL = !mimeParts.includes('pdf') ? db`and items.mime != 'application/pdf'` : db``;
|
||||||
const mimeSQL = mimeParts.length > 0
|
const mimeSQL = mimeParts.length > 0
|
||||||
? db`and (${mimeParts.map(m => m === 'flash'
|
? db`and (${mimeParts.map(m => m === 'flash'
|
||||||
? (flashMimes.length > 0
|
? (flashMimes.length > 0
|
||||||
@@ -197,6 +198,7 @@ export default {
|
|||||||
${excludedTags.length > 0 ? db`and not exists (select 1 from tags_assign where item_id = items.id and tag_id = any(${excludedTags}::int[]))` : db``}
|
${excludedTags.length > 0 ? db`and not exists (select 1 from tags_assign where item_id = items.id and tag_id = any(${excludedTags}::int[]))` : db``}
|
||||||
${newerThan ? db`and items.id > ${newerThan}` : db``}
|
${newerThan ? db`and items.id > ${newerThan}` : db``}
|
||||||
${xdFilter}
|
${xdFilter}
|
||||||
|
${excludePdfSQL}
|
||||||
`;
|
`;
|
||||||
const total = Number(totalRows[0].total);
|
const total = Number(totalRows[0].total);
|
||||||
|
|
||||||
@@ -248,6 +250,7 @@ export default {
|
|||||||
${excludedTags.length > 0 ? db`and not exists (select 1 from tags_assign where item_id = items.id and tag_id = any(${excludedTags}::int[]))` : db``}
|
${excludedTags.length > 0 ? db`and not exists (select 1 from tags_assign where item_id = items.id and tag_id = any(${excludedTags}::int[]))` : db``}
|
||||||
${newerThan ? db`and items.id > ${newerThan}` : db``}
|
${newerThan ? db`and items.id > ${newerThan}` : db``}
|
||||||
${xdFilter}
|
${xdFilter}
|
||||||
|
${excludePdfSQL}
|
||||||
group by items.id
|
group by items.id
|
||||||
order by ${random ? db`random()` : db`items.is_pinned desc, items.id desc`}
|
order by ${random ? db`random()` : db`items.is_pinned desc, items.id desc`}
|
||||||
offset ${newerThan ? 0 : offset}
|
offset ${newerThan ? 0 : offset}
|
||||||
@@ -317,6 +320,7 @@ export default {
|
|||||||
const mime = (rawMime ?? "");
|
const mime = (rawMime ?? "");
|
||||||
const itemid = rawItemid ? +rawItemid : null;
|
const itemid = rawItemid ? +rawItemid : null;
|
||||||
const mimeParts = (mime || "").split(',').filter(m => ['video', 'audio', 'image', 'flash', 'pdf'].includes(m));
|
const mimeParts = (mime || "").split(',').filter(m => ['video', 'audio', 'image', 'flash', 'pdf'].includes(m));
|
||||||
|
const excludePdfSQL = !mimeParts.includes('pdf') ? db`and items.mime != 'application/pdf'` : db``;
|
||||||
const mimeSQL = mimeParts.length > 0
|
const mimeSQL = mimeParts.length > 0
|
||||||
? db`and (${mimeParts.map(m => m === 'flash'
|
? db`and (${mimeParts.map(m => m === 'flash'
|
||||||
? (flashMimes.length > 0
|
? (flashMimes.length > 0
|
||||||
@@ -386,6 +390,7 @@ export default {
|
|||||||
${mimeSQL}
|
${mimeSQL}
|
||||||
${!session && globalfilter ? db`and not exists (select 1 from tags_assign where item_id = items.id and (${db.unsafe(globalfilter)}))` : db``}
|
${!session && globalfilter ? db`and not exists (select 1 from tags_assign where item_id = items.id and (${db.unsafe(globalfilter)}))` : db``}
|
||||||
${excludedTags.length > 0 ? db`and not exists (select 1 from tags_assign where item_id = items.id and tag_id = any(${excludedTags}::int[]))` : db``}
|
${excludedTags.length > 0 ? db`and not exists (select 1 from tags_assign where item_id = items.id and tag_id = any(${excludedTags}::int[]))` : db``}
|
||||||
|
${excludePdfSQL}
|
||||||
`;
|
`;
|
||||||
};
|
};
|
||||||
|
|
||||||
@@ -664,6 +669,7 @@ export default {
|
|||||||
|
|
||||||
// Support multiple MIME types (comma separated)
|
// Support multiple MIME types (comma separated)
|
||||||
const mimeParts = (mime || "").split(',').filter(m => ['video', 'audio', 'image', 'flash', 'pdf'].includes(m));
|
const mimeParts = (mime || "").split(',').filter(m => ['video', 'audio', 'image', 'flash', 'pdf'].includes(m));
|
||||||
|
const excludePdfSQL = !mimeParts.includes('pdf') ? db`and items.mime != 'application/pdf'` : db``;
|
||||||
const mimeSQL = mimeParts.length > 0
|
const mimeSQL = mimeParts.length > 0
|
||||||
? db`and (${mimeParts.map(m => m === 'flash'
|
? db`and (${mimeParts.map(m => m === 'flash'
|
||||||
? (flashMimes.length > 0
|
? (flashMimes.length > 0
|
||||||
@@ -698,6 +704,7 @@ export default {
|
|||||||
${mimeSQL}
|
${mimeSQL}
|
||||||
${!session && globalfilter ? db`and not exists (select 1 from tags_assign where item_id = items.id and (${db.unsafe(globalfilter)}))` : db``}
|
${!session && globalfilter ? db`and not exists (select 1 from tags_assign where item_id = items.id and (${db.unsafe(globalfilter)}))` : db``}
|
||||||
group by items.id
|
group by items.id
|
||||||
|
${excludePdfSQL}
|
||||||
order by random()
|
order by random()
|
||||||
limit 1
|
limit 1
|
||||||
`;
|
`;
|
||||||
@@ -741,6 +748,7 @@ export default {
|
|||||||
${!session && globalfilter ? db`and not exists (select 1 from tags_assign where item_id = items.id and (${db.unsafe(globalfilter)}))` : db``}
|
${!session && globalfilter ? db`and not exists (select 1 from tags_assign where item_id = items.id and (${db.unsafe(globalfilter)}))` : db``}
|
||||||
${excludedTags.length > 0 ? db`and not exists (select 1 from tags_assign where item_id = items.id and tag_id = any(${excludedTags}::int[]))` : db``}
|
${excludedTags.length > 0 ? db`and not exists (select 1 from tags_assign where item_id = items.id and tag_id = any(${excludedTags}::int[]))` : db``}
|
||||||
group by items.id, tags.tag
|
group by items.id, tags.tag
|
||||||
|
${excludePdfSQL}
|
||||||
order by random()
|
order by random()
|
||||||
limit 1
|
limit 1
|
||||||
`;
|
`;
|
||||||
@@ -759,6 +767,7 @@ export default {
|
|||||||
${mimeSQL}
|
${mimeSQL}
|
||||||
${!session && globalfilter ? db`and not exists (select 1 from tags_assign where item_id = items.id and (${db.unsafe(globalfilter)}))` : db``}
|
${!session && globalfilter ? db`and not exists (select 1 from tags_assign where item_id = items.id and (${db.unsafe(globalfilter)}))` : db``}
|
||||||
${excludedTags.length > 0 ? db`and not exists (select 1 from tags_assign where item_id = items.id and tag_id = any(${excludedTags}::int[]))` : db``}
|
${excludedTags.length > 0 ? db`and not exists (select 1 from tags_assign where item_id = items.id and tag_id = any(${excludedTags}::int[]))` : db``}
|
||||||
|
${excludePdfSQL}
|
||||||
order by random()
|
order by random()
|
||||||
limit 1
|
limit 1
|
||||||
`;
|
`;
|
||||||
@@ -774,6 +783,7 @@ export default {
|
|||||||
and items.active = true
|
and items.active = true
|
||||||
${mimeSQL}
|
${mimeSQL}
|
||||||
${excludedTags.length > 0 ? db`and not exists (select 1 from tags_assign where item_id = items.id and tag_id = any(${excludedTags}::int[]))` : db``}
|
${excludedTags.length > 0 ? db`and not exists (select 1 from tags_assign where item_id = items.id and tag_id = any(${excludedTags}::int[]))` : db``}
|
||||||
|
${excludePdfSQL}
|
||||||
order by random()
|
order by random()
|
||||||
limit 1
|
limit 1
|
||||||
`;
|
`;
|
||||||
@@ -799,6 +809,7 @@ export default {
|
|||||||
${checkFilter ? db`AND filter_ta.tag_id IS NULL` : db``}
|
${checkFilter ? db`AND filter_ta.tag_id IS NULL` : db``}
|
||||||
${excludedTags.length > 0 ? db`AND NOT EXISTS (SELECT 1 FROM tags_assign WHERE item_id = items.id AND tag_id = ANY(${excludedTags}::int[]))` : db``}
|
${excludedTags.length > 0 ? db`AND NOT EXISTS (SELECT 1 FROM tags_assign WHERE item_id = items.id AND tag_id = ANY(${excludedTags}::int[]))` : db``}
|
||||||
${!useTagIdOpt ? db`AND ${db.unsafe(modequery)}` : db``}
|
${!useTagIdOpt ? db`AND ${db.unsafe(modequery)}` : db``}
|
||||||
|
${excludePdfSQL}
|
||||||
ORDER BY random()
|
ORDER BY random()
|
||||||
LIMIT 1
|
LIMIT 1
|
||||||
`;
|
`;
|
||||||
|
|||||||
@@ -130,9 +130,9 @@ export default (router, tpl) => {
|
|||||||
// anchor= is a specific item ID to include first in the batch (used for hash-based deep links)
|
// anchor= is a specific item ID to include first in the batch (used for hash-based deep links)
|
||||||
const anchorId = qs.anchor ? parseInt(qs.anchor, 10) : null;
|
const anchorId = qs.anchor ? parseInt(qs.anchor, 10) : null;
|
||||||
|
|
||||||
// MIME filter — SWF excluded unless the server has enable_swf turned on
|
|
||||||
const swfMimes = ['application/x-shockwave-flash', 'application/vnd.adobe.flash.movie'];
|
const swfMimes = ['application/x-shockwave-flash', 'application/vnd.adobe.flash.movie'];
|
||||||
const excludeSwfSQL = !cfg.websrv.enable_swf ? db`AND items.mime != ALL(${swfMimes})` : db``;
|
const excludeSwfSQL = !cfg.websrv.enable_swf ? db`AND items.mime != ALL(${swfMimes})` : db``;
|
||||||
|
const excludePdfSQL = db`AND items.mime != 'application/pdf'`;
|
||||||
const mimeParts = (mime || '').split(',').filter(m => ['video', 'audio', 'image'].includes(m));
|
const mimeParts = (mime || '').split(',').filter(m => ['video', 'audio', 'image'].includes(m));
|
||||||
const mimeSQL = mimeParts.length > 0
|
const mimeSQL = mimeParts.length > 0
|
||||||
? db`AND (${mimeParts.map(m => db`items.mime ilike ${m + '/%'}`).reduce((a, b) => db`${a} OR ${b}`)})`
|
? db`AND (${mimeParts.map(m => db`items.mime ilike ${m + '/%'}`).reduce((a, b) => db`${a} OR ${b}`)})`
|
||||||
@@ -211,6 +211,7 @@ export default (router, tpl) => {
|
|||||||
WHERE items.id = ${anchorId}
|
WHERE items.id = ${anchorId}
|
||||||
AND items.active = true
|
AND items.active = true
|
||||||
AND ${db.unsafe(modeQuery)}
|
AND ${db.unsafe(modeQuery)}
|
||||||
|
${excludePdfSQL}
|
||||||
${!req.session && nsfp ? db`AND NOT EXISTS (SELECT 1 FROM tags_assign WHERE item_id = items.id AND (${db.unsafe(nsfp)}))` : db``}
|
${!req.session && nsfp ? db`AND NOT EXISTS (SELECT 1 FROM tags_assign WHERE item_id = items.id AND (${db.unsafe(nsfp)}))` : db``}
|
||||||
`;
|
`;
|
||||||
// If the anchor item doesn't pass the rating filter, it's inaccessible to this user.
|
// If the anchor item doesn't pass the rating filter, it's inaccessible to this user.
|
||||||
@@ -227,6 +228,7 @@ export default (router, tpl) => {
|
|||||||
${db.unsafe(modeQuery)}
|
${db.unsafe(modeQuery)}
|
||||||
AND items.active = true
|
AND items.active = true
|
||||||
${excludeSwfSQL}
|
${excludeSwfSQL}
|
||||||
|
${excludePdfSQL}
|
||||||
AND items.id != ${anchorId}
|
AND items.id != ${anchorId}
|
||||||
${excludeSQL}
|
${excludeSQL}
|
||||||
${mimeSQL}
|
${mimeSQL}
|
||||||
@@ -249,6 +251,7 @@ export default (router, tpl) => {
|
|||||||
${db.unsafe(modeQuery)}
|
${db.unsafe(modeQuery)}
|
||||||
AND items.active = true
|
AND items.active = true
|
||||||
${excludeSwfSQL}
|
${excludeSwfSQL}
|
||||||
|
${excludePdfSQL}
|
||||||
${cursorSQL}
|
${cursorSQL}
|
||||||
${excludeSQL}
|
${excludeSQL}
|
||||||
${mimeSQL}
|
${mimeSQL}
|
||||||
|
|||||||
Reference in New Issue
Block a user