From 37789979c42907fbe43996b6d5e7097b3bb4fa5d Mon Sep 17 00:00:00 2001 From: Flummi Date: Mon, 20 Dec 2021 17:55:47 +0100 Subject: [PATCH] itemroute fix --- src/inc/lib.mjs | 10 +++ src/inc/routes/index.mjs | 169 ++++++++++++++++----------------------- 2 files changed, 79 insertions(+), 100 deletions(-) diff --git a/src/inc/lib.mjs b/src/inc/lib.mjs index 85fa2b8..2169813 100644 --- a/src/inc/lib.mjs +++ b/src/inc/lib.mjs @@ -66,6 +66,8 @@ export default new class { return link.join("/"); }; parseTag(tag) { + if(!tag) + return null; return tag .replace(/%20/g, " "); } @@ -95,5 +97,13 @@ export default new class { const derivedKey = await scrypt(str, salt, 64); return crypto.timingSafeEqual(keyBuffer, derivedKey); }; + async getTags(itemid) { + const tags = await sql("tags_assign") + .leftJoin("tags", "tags.id", "tags_assign.tag_id") + .where("tags_assign.item_id", itemid); + for(let t = 0; t < tags.length; t++) + tags[t].tag = tags[t].tag.replace(/[\u00A0-\u9999<>\&]/g, i => '&#'+i.charCodeAt(0)+';'); + return tags; + }; }; diff --git a/src/inc/routes/index.mjs b/src/inc/routes/index.mjs index 38ecc84..34313e1 100644 --- a/src/inc/routes/index.mjs +++ b/src/inc/routes/index.mjs @@ -12,18 +12,14 @@ const auth = async (req, res, next) => { }; export default (router, tpl) => { - //router.get(/^\/?(?:user\/(?[a-zA-Z0-9\[\]\-\_\{\}\\`\|]+))?(?:\/(?image|audio|video))?(?:\/p\/(?\d+))?(?:\/(?\d+))?$/, async (req, res) => { router.get(/^\/?(?:tag\/(?.+?))?(?:user\/(?.+?))?(?:\/(?image|audio|video))?(?:\/p\/(?\d+))?(?:\/(?\d+))?$/, async (req, res) => { const user = req.params.user ?? null; - let tag = req.params.tag ?? null; + const tag = lib.parseTag(req.params.tag ?? null); const mime = (req.params.mime ?? ""); const smime = allowedMimes.includes(mime) ? mime + "/%" : mime === "" ? "%" : "%"; const page = +(req.params.page ?? 1); const itemid = +(req.params.itemid ?? null); - if(tag) - tag = lib.parseTag(tag); - const output = { user, tag, mime, smime, page, itemid }; @@ -36,104 +32,65 @@ export default (router, tpl) => { return res.end("200 - user not found lol"); if(mode === "item") { // item! - if(itemid == 404) + if(itemid === 404) return res.end("404 - lol"); - let query = (await sql("items") - .whereRaw(modequery) - .andWhere("id", itemid) - .andWhere("mime", "like", smime) - .andWhere("username", "like", user ? user : "%") - .limit(1))[0]; - - if(!query?.id) { // same query with sfw-mode - query = (await sql("items") - .whereRaw(lib.getMode(0)) - .andWhere("id", itemid) - .andWhere("mime", "like", smime) - .andWhere("username", "like", user ? user : "%") - .limit(1) - )[0]; - - if(!query?.id) - return res.end("Sorry, this f0ck either doesn't exist (yet) or hasn't been tagged yet, please remain patient, a support assistant will be shortly with you."); + let items = sql("items").select("*").orderBy("items.id", "desc").whereRaw(modequery); + if(tag) { + items = items.innerJoin( + sql("tags") + .select("tags_assign.item_id", "tags.tag") + .leftJoin("tags_assign", "tags_assign.tag_id", "tags.id") + .where("tags.tag", "like", "%"+tag+"%") + .groupBy("tags_assign.item_id") + .as("st"), + "st.item_id", "items.id" + ); } - - const tags = await sql("tags_assign") - .leftJoin("tags", "tags.id", "tags_assign.tag_id") - .where("tags_assign.item_id", itemid); - - const qmin = await sql("items") - .select("id") - .whereRaw(modequery) - .andWhere("mime", "like", smime) - .andWhere("username", "like", user ? user : "%") - .orderBy("id") - .limit(1); + if(user) + items = items.andWhere("username", "like", "%" + user + "%"); + if(mime) + items = items.andWhere("mime", "like", mime + "/%"); + + items = await items; - const qmax = await sql("items") - .select("id") - .whereRaw(modequery) - .andWhere("mime", "like", smime) - .andWhere("username", "like", user ? user : "%") - .orderBy("id", "desc") - .limit(1); - - const qnext = (await sql("items") - .select("id") - .whereRaw(modequery) - .andWhere("id", ">", itemid) - .andWhere("mime", "like", smime) - .andWhere("username", "like", user ? user : "%") - .orderBy("id") - .limit(3) - ).reverse(); + const item = items.findIndex(i => i.id === itemid); + const actitem = items[item]; - const qprev = await sql("items") - .select("id") - .whereRaw(modequery) - .andWhere("id", "<", itemid) - .andWhere("mime", "like", smime) - .andWhere("username", "like", user ? user : "%") - .orderBy("id", "desc") - .limit(3); + if(!actitem) // sfw-check! + return res.end("Sorry, this f0ck either doesn't exist (yet) or hasn't been tagged yet, please remain patient, a support assistant will be shortly with you."); - const cheat = qnext.concat([{ id: itemid }].concat(qprev)).map(e => +e.id); - const next = qnext[qnext.length - 1] ? qnext[qnext.length - 1].id : false; - const prev = qprev[0] ? qprev[0].id : false; + const tags = await lib.getTags(itemid); + const cheat = items.slice(Math.max(0, item - 3), item + 4).map(i => i.id); + const link = lib.genLink({ user, tag, mime, act_page: itemid }); - const link = lib.genLink({ user, mime, act_page: query.id }); - - for(let t = 0; t < tags.length; t++) - tags[t].tag = tags[t].tag.replace(/[\u00A0-\u9999<>\&]/g, i => '&#'+i.charCodeAt(0)+';'); - data = { user: { - name: query.username, - channel: query.usernetwork == "Telegram" && query.userchannel !== "f0ck.me" ? "anonymous" : query.userchannel, - network: query.usernetwork + name: actitem.username, + channel: actitem.usernetwork == "Telegram" && actitem.userchannel !== "f0ck.me" ? "anonymous" : actitem.userchannel, + network: actitem.usernetwork }, item: { - id: query.id, + id: actitem.id, src: { - long: query.src, - short: url.parse(query.src).hostname, + long: actitem.src, + short: url.parse(actitem.src).hostname, }, - thumbnail: `${cfg.websrv.paths.thumbnails}/${query.id}.png`, - coverart: `${cfg.websrv.paths.coverarts}/${query.id}.png`, - dest: `${cfg.websrv.paths.images}/${query.dest}`, - mime: query.mime, - size: lib.formatSize(query.size), - timestamp: lib.timeAgo(new Date(query.stamp * 1e3).toISOString()), + thumbnail: `${cfg.websrv.paths.thumbnails}/${actitem.id}.png`, + coverart: `${cfg.websrv.paths.coverarts}/${actitem.id}.png`, + dest: `${cfg.websrv.paths.images}/${actitem.dest}`, + mime: actitem.mime, + size: lib.formatSize(actitem.size), + timestamp: lib.timeAgo(new Date(actitem.stamp * 1e3).toISOString()), tags: tags }, - title: `${query.id} - f0ck.me`, + title: `${actitem.id} - f0ck.me`, pagination: { - start: qmax[0].id, - end: qmin[0].id, - prev: next, - next: prev, - page: query.id, + end: items[items.length - 1]?.id, + start: items[0]?.id, + next: items[item + 1]?.id, + prev: items[item - 1]?.id, + page: actitem.id, cheat: cheat, link: link, uff: true @@ -146,13 +103,20 @@ export default (router, tpl) => { let total, rows; if(tag) { - total = (await sql("tags") - .leftJoin("tags_assign", "tags_assign.tag_id", "tags.id") - .leftJoin("items", "items.id", "tags_assign.item_id") + if(tag.match(/sfw/) || tag.length <= 2) + return res.end("f0ck you!"); + total = (await sql("items") + .select("items.id", "items.mime", "st.tag") + .innerJoin( + sql("tags") + .select("tags_assign.item_id", "tags.tag") + .leftJoin("tags_assign", "tags_assign.tag_id", "tags.id") + .where("tags.tag", "like", "%"+tag+"%") + .groupBy("tags_assign.item_id") + .as("st"), + "st.item_id", "items.id" + ) .whereRaw(modequery) - .andWhere("items.mime", "like", smime) - .andWhere("tags.tag", "like", '%'+tag+'%') - .groupBy("items.id") .count("* as total") )[0]?.total; } @@ -173,15 +137,20 @@ export default (router, tpl) => { const offset = Math.max(0, (act_page - 1) * cfg.websrv.eps); if(tag) { - rows = await sql("tags") - .select("items.id", "items.mime", "tags_assign.tag_id") - .leftJoin("tags_assign", "tags_assign.tag_id", "tags.id") - .leftJoin("items", "items.id", "tags_assign.item_id") + rows = await sql("items") + .select("items.id", "items.mime", "st.tag", "tags_assign.tag_id") + .joinRaw("left join tags_assign on tags_assign.item_id = items.id and (tags_assign.tag_id = 1 or tags_assign.tag_id = 2)") + .innerJoin( + sql("tags") + .select("tags_assign.item_id", "tags.tag") + .leftJoin("tags_assign", "tags_assign.tag_id", "tags.id") + .where("tags.tag", "like", "%"+tag+"%") + .groupBy("tags_assign.item_id") + .as("st"), + "st.item_id", "items.id" + ) .whereRaw(modequery) - .andWhere("items.mime", "like", smime) - .andWhere("tags.tag", "like", '%'+tag+'%') .orderBy("items.id", "desc") - .groupBy("items.id") .offset(offset) .limit(cfg.websrv.eps); }