w0bm/f0bm
4
0
Fork 1
Code Pull Requests Activity

Compare commits

base: w0bm:eins-f0bm
Branches Tags
w0bm:f0bm w0bm:eins-f0bm
..
compare: w0bm:f0bm
Branches Tags
w0bm:f0bm w0bm:eins-f0bm

26 Commits
eins-f0bm ... f0bm

Author SHA1 Message Date
x
f950726ce6 adding recreate hashes debug script 2026-01-24 08:40:42 +01:00
x
54f266ff3d adding shortcuts 2026-01-24 01:38:25 +01:00
x
a9871187ab numeric tag entry point fix potential 2026-01-24 01:35:30 +01:00
x
43da214f73 fixing upload 2026-01-24 01:28:14 +01:00
x
c822a4f4e7 possible user fav fix 2026-01-24 01:16:49 +01:00
x
a8bb3e67f5 changin rand buton style 2026-01-24 01:11:03 +01:00
x
85912f4ba1 LUPE KLEINER! 2026-01-24 00:43:46 +01:00
x
f3a1fde23d commenting out rand button in navbar 2026-01-24 00:42:33 +01:00
x
8085b0166c making search icon smaller 2026-01-24 00:41:33 +01:00
x
85578b179b clean up deleted q 2026-01-24 00:14:25 +01:00
x
1a3514effa more possible fixes for uploading 2026-01-23 23:44:50 +01:00
x
a439683caf possible upload fix 2026-01-23 23:42:23 +01:00
x
577d73af11 realizing webupload with approval functionality 2026-01-23 23:35:12 +01:00
x
42f4e19897 remove debug output for fav randoming 2026-01-23 22:09:58 +01:00
x
0a5f57b5a9 another possible fix for fav randoming 2026-01-23 22:06:57 +01:00
x
03f2630090 potential fix for mixed random results when unathenticated 2026-01-23 22:00:49 +01:00
x
6692f32c4b possible fix for random fav behaviour 2026-01-23 21:52:34 +01:00
x
8af49b6ec1 improving fav detection logic 2026-01-23 21:38:47 +01:00
x
9c25f89adc adding a better navbar 2026-01-23 21:31:06 +01:00
x
ee6fda8f06 new modal for deleting tags and items 2026-01-23 20:52:49 +01:00
x
e9c377dc87 fixing random not working for user fav view 2026-01-23 20:28:03 +01:00
x
f5e386593d fixing tag image encoding 2026-01-23 20:08:38 +01:00
x
1dd4b54b48 change how tags are displayed in tag image 2026-01-23 19:52:39 +01:00
x
4de2652ffe adding cool search 2026-01-23 19:44:17 +01:00
Kibi Kelburton
7b1e0af0cb Merge pull request 'fixing background visibility and states' (#5) from eins-f0bm into f0bm 
Reviewed-on: #5
 2026-01-23 17:38:20 +00:00
Kibi Kelburton
52533486a2 Merge pull request 'eins-f0bm' (#4) from eins-f0bm into f0bm 
Reviewed-on: #4
 2026-01-23 16:05:04 +00:00
20 changed files with 2507 additions and 320 deletions
Expand all files Collapse all files

84
debug/recreate_hashes.mjs Normal file
View File

@@ -0,0 +1,84 @@
import fs from 'fs';
import crypto from 'crypto';
import db from '../src/inc/sql.mjs';
import path from 'path';
const run = async () => {
console.log('Starting hash recreation (Production Mode - Streams)...');
try {
// Fetch only necessary columns
const items = await db`SELECT id, dest, checksum, size FROM items ORDER BY id ASC`;
console.log(`Found ${items.length} items. Processing...`);
let updated = 0;
let errors = 0;
let skipped = 0;
for (const [index, item] of items.entries()) {
const filePath = path.join('./public/b', item.dest);
try {
if (!fs.existsSync(filePath)) {
// Silent error in logs for missing files to avoid spamming "thousands" of lines if many are missing
// Use verbose logging if needed, but here we'll just count them.
// Actually, precise logs are better for "production" to know what's wrong.
console.error(`[MISSING] File not found for item ${item.id}: ${filePath}`);
errors++;
continue;
}
// Get file size without reading content
const stats = await fs.promises.stat(filePath);
const size = stats.size;
// Calculate hash using stream to ensure low memory usage
const hash = await new Promise((resolve, reject) => {
const hashStream = crypto.createHash('sha256');
const rs = fs.createReadStream(filePath);
rs.on('error', reject);
rs.on('data', chunk => hashStream.update(chunk));
rs.on('end', () => resolve(hashStream.digest('hex')));
});
if (hash !== item.checksum || size !== item.size) {
console.log(`[UPDATE] Item ${item.id} (${index + 1}/${items.length})`);
if (hash !== item.checksum) console.log(` - Hash: ${item.checksum} -> ${hash}`);
if (size !== item.size) console.log(` - Size: ${item.size} -> ${size}`);
await db`
UPDATE items
SET checksum = ${hash}, size = ${size}
WHERE id = ${item.id}
`;
updated++;
} else {
skipped++;
}
// Log progress every 100 items
if ((index + 1) % 100 === 0) {
console.log(`Progress: ${index + 1}/${items.length} (Updated: ${updated}, Errors: ${errors})`);
}
} catch (err) {
console.error(`[ERROR] Processing item ${item.id}:`, err);
errors++;
}
}
console.log('Done.');
console.log(`Total: ${items.length}`);
console.log(`Updated: ${updated}`);
console.log(`Skipped (No changes): ${skipped}`);
console.log(`Errors (Missing files): ${errors}`);
} catch (err) {
console.error('Fatal error:', err);
} finally {
process.exit(0);
}
};
run();

277
public/s/css/f0ck.css
View File

@@ -3054,16 +3054,17 @@ input#s_avatar {
50% {
opacity: 1;
}
}
/* Modern Tags Layout */
.tags-grid {
/* Modern Tags Layout */
.tags-grid {
display: grid;
grid-template-columns: repeat(auto-fill, minmax(200px, 1fr));
gap: 20px;
padding: 20px 0;
}
}
.tag-card {
.tag-card {
display: flex;
flex-direction: column;
background: var(--badge-bg, #171717);
@@ -3073,51 +3074,291 @@ input#s_avatar {
transition: transform 0.2s, box-shadow 0.2s;
border: 1px solid var(--nav-border-color, rgba(255, 255, 255, 0.1));
position: relative;
}
}
.tag-card:hover {
.tag-card:hover {
transform: translateY(-5px);
box-shadow: 0 10px 20px rgba(0, 0, 0, 0.4);
background: var(--dropdown-bg, #232323);
border-color: var(--accent, #9f0);
}
}
.tag-card-image {
.tag-card-image {
width: 100%;
height: 100px;
overflow: hidden;
position: relative;
background: #000;
}
}
.tag-card-image img {
.tag-card-image img {
width: 100%;
height: 100%;
object-fit: cover;
transition: transform 0.5s;
opacity: 0.8;
}
}
.tag-card:hover .tag-card-image img {
.tag-card:hover .tag-card-image img {
transform: scale(1.1);
opacity: 1;
}
}
.tag-card-content {
.tag-card-content {
padding: 15px;
display: flex;
flex-direction: column;
gap: 5px;
}
}
.tag-name {
.tag-name {
color: var(--white, #fff);
font-weight: bold;
font-size: 1.1em;
font-family: var(--font, monospace);
}
}
.tag-count {
.tag-count {
color: #888;
font-size: 0.9em;
}
/* Search Overlay */
#search-overlay {
position: fixed;
top: 0;
left: 0;
width: 100%;
height: 100%;
background-color: rgba(0, 0, 0, 0.9);
backdrop-filter: blur(5px);
z-index: 10000;
display: none;
align-items: center;
justify-content: center;
padding: 20px;
opacity: 0;
transition: opacity 0.2s ease-in-out;
}
#search-overlay.visible {
opacity: 1;
}
#search-input {
background: transparent;
border: none;
border-bottom: 2px solid var(--accent);
color: var(--white);
font-size: 3rem;
width: 100%;
max-width: 800px;
text-align: center;
outline: none;
font-family: var(--font);
padding: 10px;
}
#search-input::placeholder {
color: #555;
text-transform: uppercase;
}
#search-close {
position: absolute;
top: 20px;
right: 30px;
color: var(--white);
font-size: 2rem;
cursor: pointer;
font-family: sans-serif;
opacity: 0.7;
transition: opacity 0.2s;
}
#search-close:hover {
opacity: 1;
}
/* Delete Tag Modal */
.modal-overlay {
position: fixed;
top: 0;
left: 0;
width: 100%;
height: 100%;
background: rgba(0, 0, 0, 0.85);
backdrop-filter: blur(5px);
z-index: 10001;
display: flex;
align-items: center;
justify-content: center;
}
.modal-content {
background: var(--dropdown-bg);
border: 1px solid var(--nav-border-color);
padding: 30px;
border-radius: 10px;
text-align: center;
box-shadow: 0 10px 30px rgba(0, 0, 0, 0.5);
min-width: 300px;
}
.modal-content h3 {
margin-top: 0;
color: var(--white);
}
.modal-content p {
color: #ccc;
margin: 20px 0;
}
.modal-actions {
display: flex;
justify-content: center;
gap: 15px;
}
.modal-actions button {
padding: 10px 20px;
border: none;
border-radius: 5px;
cursor: pointer;
font-weight: bold;
font-family: var(--font);
}
.btn-danger {
background: #e74c3c;
color: white;
}
.btn-danger:hover {
background: #c0392b;
}
.btn-secondary {
background: #555;
color: white;
}
.btn-secondary:hover {
background: #666;
}
/* Nav User Dropdown */
.nav-user-dropdown {
position: relative;
margin-left: 15px;
}
.nav-user-btn {
background: transparent;
border: 1px solid var(--nav-border-color);
color: var(--white);
padding: 6px 12px;
border-radius: 0;
cursor: pointer;
font-family: var(--font);
font-size: 14px;
transition: all 0.2s ease;
}
.nav-user-btn:hover {
background: rgba(255, 255, 255, 0.1);
border-color: var(--nav-border-color-hover);
}
.nav-user-menu {
display: none;
position: absolute;
top: calc(100% + 5px);
left: 0;
min-width: 150px;
background: var(--dropdown-bg);
border: 1px solid var(--nav-border-color);
border-radius: 0;
box-shadow: 0 10px 30px rgba(0, 0, 0, 0.4);
z-index: 10000;
overflow: hidden;
}
.nav-user-menu.show {
display: block;
}
.nav-user-menu a {
display: block;
padding: 10px 15px;
color: var(--white);
text-decoration: none;
transition: background 0.2s;
}
.nav-user-menu a:hover {
background: rgba(255, 255, 255, 0.1);
}
.nav-user-divider {
height: 1px;
background: var(--nav-border-color);
margin: 5px 0;
}
/* Nav Left Group - Flexbox for dropdown + links */
.nav-left-group {
display: flex;
align-items: center;
gap: 15px;
flex-wrap: wrap;
}
.nav-links {
display: flex;
align-items: center;
gap: 12px;
}
.nav-links a {
color: var(--white);
text-decoration: none;
font-size: 14px;
opacity: 0.8;
transition: opacity 0.2s;
}
.nav-links a:hover {
opacity: 1;
}
.nav-links svg {
vertical-align: middle;
}
/* Mobile responsive navbar */
@media (max-width: 600px) {
.navbar {
flex-wrap: wrap;
gap: 10px;
}
.nav-left-group {
order: 2;
width: 100%;
justify-content: space-between;
}
.nav-links {
gap: 8px;
}
.nav-user-btn {
padding: 4px 8px;
font-size: 12px;
}
.nav-links a {
font-size: 12px;
}
}

11
public/s/css/w0bm.css
View File

@@ -216,7 +216,7 @@ video {
}
#main {
padding: 25px;
padding: 0px 25px 0px 25px;
}
.container {
@@ -262,7 +262,7 @@ video {
background: #0000008a !important;
}
.pagination > a {
.pagination>a {
background: #232323b2;
}
@@ -301,14 +301,15 @@ div.sbt {
width: 100%;
}
.navigation-links {
.navigation-links {
display: grid;
grid-row: 1;
grid-column: 2;
grid-template-columns: auto auto 1fr;
}
}
.navigation-links-guest, ol {
.navigation-links-guest,
ol {
margin: 5px;
margin-block-start: 0;
margin-block-end: 0;

37
public/s/js/admin.js
View File

@@ -184,13 +184,46 @@
if (!ctx) return;
const { postid, poster } = ctx;
if (!confirm(`Reason for deleting f0ckpost ${postid} by ${poster} (Weihnachten™)`))
return;
const modal = document.getElementById('delete-item-modal');
const idEl = document.getElementById('delete-item-id');
const posterEl = document.getElementById('delete-item-poster');
const confirmBtn = document.getElementById('delete-item-confirm');
const cancelBtn = document.getElementById('delete-item-cancel');
if (modal) {
idEl.textContent = postid;
posterEl.textContent = poster || 'unknown';
modal.style.display = 'flex';
const closeModal = () => {
modal.style.display = 'none';
confirmBtn.onclick = null;
cancelBtn.onclick = null;
};
cancelBtn.onclick = closeModal;
confirmBtn.onclick = async () => {
confirmBtn.textContent = 'Deleting...';
confirmBtn.disabled = true;
try {
const res = await post("/api/v2/admin/deletepost", {
postid: postid
});
if (!res.success) {
alert(res.msg);
confirmBtn.textContent = 'Delete';
confirmBtn.disabled = false;
} else {
closeModal();
window.location.href = '/';
}
} catch (e) {
alert('Error: ' + e); // Or e.message
confirmBtn.textContent = 'Delete';
confirmBtn.disabled = false;
}
};
}
};

169
public/s/js/f0ck.js
View File

@@ -9,6 +9,21 @@ window.requestAnimFrame = (function () {
(() => {
let video;
// User dropdown toggle
const userToggle = document.getElementById('nav-user-toggle');
const userMenu = document.getElementById('nav-user-menu');
if (userToggle && userMenu) {
userToggle.addEventListener('click', (e) => {
e.stopPropagation();
userMenu.classList.toggle('show');
});
document.addEventListener('click', (e) => {
if (!userMenu.contains(e.target) && !userToggle.contains(e.target)) {
userMenu.classList.remove('show');
}
});
}
// Initialize background preference
if (localStorage.getItem('background') == undefined) {
localStorage.setItem('background', 'true');
@@ -188,20 +203,22 @@ window.requestAnimFrame = (function () {
const navbar = document.querySelector("nav.navbar");
if (navbar) navbar.classList.add("pbwork");
// Extract item ID from URL. Regex now handles query params, hashes, and trailing slashes.
const match = url.match(/\/(\d+)(?:\/|#|\?|$)/);
// Extract item ID from URL. Use the last numeric segment to avoid matching context IDs (like tag/1/...)
// Split path, filter numeric, pop last.
const pathSegments = new URL(url, window.location.origin).pathname.split('/');
const numericSegments = pathSegments.filter(s => /^\d+$/.test(s));
// Hide navbar pagination for Item View (matches SSR)
const navPag = document.querySelector('.pagination-container-fluid');
if (navPag) navPag.style.display = 'none';
if (!match) {
if (numericSegments.length === 0) {
console.warn("loadItemAjax: No ID match found in URL", url);
// fallback for weird/external links
window.location.href = url;
return;
}
const itemid = match[1];
const itemid = numericSegments.pop();
// <context-preservation>
// Extract context from Target URL first
@@ -212,7 +229,7 @@ window.requestAnimFrame = (function () {
const userMatch = url.match(/\/user\/([^/]+)/);
if (userMatch) {
user = decodeURIComponent(userMatch[1]);
if (url.includes(`/user/${userMatch[1]}/favs`)) isFavs = true;
if (url.match(/\/user\/[^/]+\/favs(\/|$|\?)/)) isFavs = true;
}
// If missing and inheritContext is true, check Window Location
@@ -225,7 +242,8 @@ window.requestAnimFrame = (function () {
const wUserMatch = window.location.href.match(/\/user\/([^/]+)/);
if (wUserMatch) {
user = decodeURIComponent(wUserMatch[1]);
if (window.location.href.includes(`/user/${wUserMatch[1]}/favs`)) isFavs = true;
// Check for /favs (with or without trailing /, item id, or query params)
if (window.location.href.match(/\/user\/[^/]+\/favs(\/|$|\?)/)) isFavs = true;
}
}
}
@@ -272,6 +290,11 @@ window.requestAnimFrame = (function () {
const main = document.getElementById('main');
main.innerHTML = '<div class="container"></div>';
container = main.querySelector('.container');
} else if (!container && document.getElementById('main')) {
// Transition from User Profile or other pages without .container
const main = document.getElementById('main');
main.innerHTML = '<div class="container"></div>';
container = main.querySelector('.container');
} else if (container) {
// Check if we are on Tags Overview logic (which reuses .container)
const tagsOverview = container.querySelector('.tags');
@@ -358,7 +381,12 @@ window.requestAnimFrame = (function () {
if (wTagMatch) params.append('tag', decodeURIComponent(wTagMatch[1]));
const wUserMatch = window.location.href.match(/\/user\/([^/]+)/);
if (wUserMatch) params.append('user', decodeURIComponent(wUserMatch[1]));
if (wUserMatch) {
params.append('user', decodeURIComponent(wUserMatch[1]));
if (window.location.href.match(/\/favs(\/|$|\?)/)) {
params.append('fav', 'true');
}
}
if ([...params].length > 0) {
randomUrl += '?' + params.toString();
@@ -413,16 +441,66 @@ window.requestAnimFrame = (function () {
canvas.classList.add('fader-out');
}
}
} else if (e.target.closest('.removetag')) {
e.preventDefault();
const removeBtn = e.target.closest('.removetag');
const tagLink = removeBtn.previousElementSibling;
if (tagLink) {
const tagName = tagLink.textContent.trim();
const idLink = document.querySelector('.id-link');
const id = idLink ? idLink.textContent.trim() : null;
if (id && tagName) {
const modal = document.getElementById('delete-tag-modal');
const nameEl = document.getElementById('delete-tag-name');
const confirmBtn = document.getElementById('delete-tag-confirm');
const cancelBtn = document.getElementById('delete-tag-cancel');
if (modal) {
nameEl.textContent = tagName;
modal.style.display = 'flex';
const closeModal = () => {
modal.style.display = 'none';
confirmBtn.onclick = null;
cancelBtn.onclick = null;
};
cancelBtn.onclick = closeModal;
confirmBtn.onclick = () => {
confirmBtn.textContent = 'Deleting...';
confirmBtn.disabled = true;
fetch(`/api/v2/admin/${id}/tags/${encodeURIComponent(tagName)}`, {
method: 'DELETE'
})
.then(r => r.json())
.then(data => {
if (data.success) {
removeBtn.parentElement.remove();
closeModal();
} else {
alert('Error: ' + (data.msg || 'Unknown error'));
confirmBtn.textContent = 'Delete';
confirmBtn.disabled = false;
}
})
.catch(err => {
console.error(err);
alert('Failed to delete tag');
confirmBtn.textContent = 'Delete';
confirmBtn.disabled = false;
});
};
}
}
}
}
});
window.addEventListener('popstate', (e) => {
if (window.location.href.match(/\/p\/\d+/) || window.location.href.match(/[?&]page=\d+/) || window.location.pathname === '/') {
// Ideally we should reload page or call loadPageAjax(currentUrl) if it supports it
// But if we are going BACK to index from item, we expect grid.
// loadItemAjax fails on index.
// loadPageAjax handles /p/N logic.
// If just slash, loadPageAjax might default to page 1.
loadPageAjax(window.location.href);
} else {
loadItemAjax(window.location.href, true);
@@ -745,6 +823,73 @@ window.requestAnimFrame = (function () {
// <scroller>
// <search-overlay>
const initSearch = () => {
if (!document.getElementById('search-overlay')) {
const overlay = document.createElement('div');
overlay.id = 'search-overlay';
overlay.innerHTML = `
<div id="search-close">&times;</div>
<input type="text" id="search-input" placeholder="Search Tags..." autocomplete="off">
`;
document.body.appendChild(overlay);
const input = document.getElementById('search-input');
const close = document.getElementById('search-close');
const btns = document.querySelectorAll('#nav-search-btn, #nav-search-btn-guest');
const toggleSearch = (show) => {
if (show) {
overlay.style.display = 'flex';
// Force reflow
overlay.offsetHeight;
overlay.classList.add('visible');
input.focus();
} else {
overlay.classList.remove('visible');
setTimeout(() => {
overlay.style.display = 'none';
}, 200);
}
};
btns.forEach(btn => btn.addEventListener('click', (e) => {
e.preventDefault();
toggleSearch(true);
}));
close.addEventListener('click', () => toggleSearch(false));
// Close on click outside (background)
overlay.addEventListener('click', (e) => {
if (e.target === overlay) toggleSearch(false);
});
// ESC to close
document.addEventListener('keydown', (e) => {
if (e.key === 'Escape' && overlay.classList.contains('visible')) {
toggleSearch(false);
}
// "k" to open
if (e.key === 'k' && e.target.tagName !== 'INPUT' && e.target.tagName !== 'TEXTAREA' && !overlay.classList.contains('visible')) {
e.preventDefault();
toggleSearch(true);
}
});
input.addEventListener('keydown', (e) => {
if (e.key === 'Enter') {
const val = input.value.trim();
if (val) {
window.location.href = `/tag/${encodeURIComponent(val)}`;
}
}
});
}
};
initSearch();
// </search-overlay>
// </scroller>
})();

348
public/s/js/upload.js Normal file
View File

@@ -0,0 +1,348 @@
(() => {
const form = document.getElementById('upload-form');
if (!form) return;
const fileInput = document.getElementById('file-input');
const dropZone = document.getElementById('drop-zone');
const filePreview = document.getElementById('file-preview');
// Note: prompt is now a label, but accessible via class
const dropZonePrompt = dropZone.querySelector('.drop-zone-prompt');
const fileName = document.getElementById('file-name');
const fileSize = document.getElementById('file-size');
const removeFile = document.getElementById('remove-file');
const tagInput = document.getElementById('tag-input');
const tagsList = document.getElementById('tags-list');
const tagsHidden = document.getElementById('tags-hidden');
const tagCount = document.getElementById('tag-count');
const tagSuggestions = document.getElementById('tag-suggestions');
const submitBtn = document.getElementById('submit-btn');
const progressContainer = document.getElementById('upload-progress');
const progressFill = document.getElementById('progress-fill');
const progressText = document.getElementById('progress-text');
const statusDiv = document.getElementById('upload-status');
let tags = [];
let selectedFile = null;
// Flash Message Logic
const showFlash = (msg, type = 'success') => {
const existing = document.querySelector('.flash-message');
if (existing) existing.remove();
const flash = document.createElement('div');
flash.className = `flash-message ${type}`;
flash.textContent = msg;
Object.assign(flash.style, {
position: 'fixed',
top: '20px',
left: '50%',
transform: 'translateX(-50%)',
padding: '15px 30px',
borderRadius: '5px',
color: '#fff',
fontWeight: '600',
zIndex: '9999',
boxShadow: '0 4px 12px rgba(0,0,0,0.3)',
background: type === 'success' ? '#51cf66' : '#ff6b6b',
opacity: '0',
transition: 'opacity 0.3s'
});
document.body.appendChild(flash);
// Fade in
requestAnimationFrame(() => flash.style.opacity = '1');
// Remove after 5s
setTimeout(() => {
flash.style.opacity = '0';
setTimeout(() => flash.remove(), 300);
}, 5000);
};
const formatSize = (bytes) => {
const units = ['B', 'KB', 'MB', 'GB'];
let i = 0;
while (bytes >= 1024 && i < units.length - 1) {
bytes /= 1024;
i++;
}
return bytes.toFixed(2) + ' ' + units[i];
};
const updateSubmitButton = () => {
const rating = document.querySelector('input[name="rating"]:checked');
const hasFile = selectedFile !== null;
const hasRating = rating !== null;
const hasTags = tags.length >= 3;
submitBtn.disabled = !(hasFile && hasRating && hasTags);
if (!hasTags) {
submitBtn.querySelector('.btn-text').textContent = (3 - tags.length) + ' more tag' + (3 - tags.length !== 1 ? 's' : '') + ' required';
} else if (!hasFile) {
submitBtn.querySelector('.btn-text').textContent = 'Select a file';
} else if (!hasRating) {
submitBtn.querySelector('.btn-text').textContent = 'Select SFW or NSFW';
} else {
submitBtn.querySelector('.btn-text').textContent = 'Upload';
}
tagCount.textContent = '(' + tags.length + '/3 minimum)';
tagCount.classList.toggle('valid', tags.length >= 3);
};
const handleFile = (file) => {
if (!file) return;
const validTypes = ['video/mp4', 'video/webm'];
// Check extensions as fallback
const ext = file.name.split('.').pop().toLowerCase();
const validExts = ['mp4', 'webm'];
if (!validTypes.includes(file.type) && !validExts.includes(ext)) {
statusDiv.textContent = 'Only mp4 and webm files are allowed';
statusDiv.className = 'upload-status error';
return;
}
selectedFile = file;
fileName.textContent = file.name;
fileSize.textContent = formatSize(file.size);
dropZonePrompt.style.display = 'none';
filePreview.style.display = 'flex';
statusDiv.textContent = '';
statusDiv.className = 'upload-status';
// Video Preview
const itemPreview = filePreview.querySelector('.item-preview') || document.createElement('div');
itemPreview.className = 'item-preview';
itemPreview.style.marginRight = '15px';
// Clear previous
const existingVid = filePreview.querySelector('video');
if (existingVid) existingVid.remove();
const vid = document.createElement('video');
vid.src = URL.createObjectURL(file);
vid.controls = false;
vid.autoplay = true;
vid.muted = true;
vid.loop = true;
vid.style.maxHeight = '100px';
vid.style.maxWidth = '150px';
vid.style.borderRadius = '4px';
filePreview.prepend(vid);
updateSubmitButton();
};
const preventDefaults = (e) => {
e.preventDefault();
e.stopPropagation();
};
// Attach drag events only to dropZone now (Input is hidden)
['dragenter', 'dragover', 'dragleave', 'drop'].forEach(eventName => {
dropZone.addEventListener(eventName, preventDefaults, false);
});
['dragenter', 'dragover'].forEach(eventName => {
dropZone.addEventListener(eventName, () => dropZone.classList.add('dragover'), false);
});
['dragleave', 'drop'].forEach(eventName => {
dropZone.addEventListener(eventName, () => dropZone.classList.remove('dragover'), false);
});
dropZone.addEventListener('drop', (e) => {
const dt = e.dataTransfer;
const files = dt.files;
handleFile(files[0]);
});
// Native change listener on hidden input
fileInput.addEventListener('change', (e) => handleFile(e.target.files[0]));
removeFile.addEventListener('click', (e) => {
e.preventDefault();
e.stopPropagation();
selectedFile = null;
fileInput.value = '';
dropZonePrompt.style.display = 'block';
filePreview.style.display = 'none';
// Clear preview video
const vid = filePreview.querySelector('video');
if (vid) vid.remove();
updateSubmitButton();
});
const addTag = (tagName) => {
tagName = tagName.trim().toLowerCase();
if (!tagName || tags.includes(tagName)) return;
if (tagName === 'sfw' || tagName === 'nsfw') return;
tags.push(tagName);
const chip = document.createElement('span');
chip.className = 'tag-chip';
chip.innerHTML = tagName + '<button type="button">&times;</button>';
chip.querySelector('button').addEventListener('click', () => {
tags = tags.filter(t => t !== tagName);
chip.remove();
updateSubmitButton();
});
tagsList.appendChild(chip);
tagsHidden.value = tags.join(',');
tagInput.value = '';
tagSuggestions.innerHTML = '';
tagSuggestions.classList.remove('show');
updateSubmitButton();
};
tagInput.addEventListener('keydown', (e) => {
if (e.key === 'Enter') {
e.preventDefault();
addTag(tagInput.value);
}
});
let debounceTimer;
tagInput.addEventListener('input', () => {
clearTimeout(debounceTimer);
const query = tagInput.value.trim();
if (query.length < 2) {
tagSuggestions.classList.remove('show');
return;
}
debounceTimer = setTimeout(async () => {
try {
const res = await fetch('/api/v2/admin/tags/suggest?q=' + encodeURIComponent(query));
const data = await res.json();
if (data.success && data.suggestions && data.suggestions.length > 0) {
const filtered = data.suggestions.filter(s => !tags.includes(s.tag.toLowerCase()));
let html = '';
for (let i = 0; i < Math.min(8, filtered.length); i++) {
html += '<div class="tag-suggestion">' + filtered[i].tag + '</div>';
}
tagSuggestions.innerHTML = html;
tagSuggestions.classList.add('show');
tagSuggestions.querySelectorAll('.tag-suggestion').forEach(el => {
el.addEventListener('click', () => addTag(el.textContent));
});
} else {
tagSuggestions.classList.remove('show');
}
} catch (err) {
console.error(err);
}
}, 200);
});
document.addEventListener('click', (e) => {
if (!tagInput.contains(e.target) && !tagSuggestions.contains(e.target)) {
tagSuggestions.classList.remove('show');
}
});
document.querySelectorAll('input[name="rating"]').forEach(radio => {
radio.addEventListener('change', updateSubmitButton);
});
form.addEventListener('submit', async (e) => {
e.preventDefault();
if (!selectedFile || tags.length < 3) return;
const rating = document.querySelector('input[name="rating"]:checked');
if (!rating) return;
submitBtn.disabled = true;
submitBtn.querySelector('.btn-text').style.display = 'none';
submitBtn.querySelector('.btn-loading').style.display = 'inline';
progressContainer.style.display = 'flex';
statusDiv.textContent = '';
statusDiv.className = 'upload-status';
const formData = new FormData();
formData.append('file', selectedFile);
formData.append('rating', rating.value);
formData.append('tags', tags.join(','));
try {
const xhr = new XMLHttpRequest();
xhr.upload.addEventListener('progress', (e) => {
if (e.lengthComputable) {
const percent = Math.round((e.loaded / e.total) * 100);
progressFill.style.width = percent + '%';
progressText.textContent = percent + '%';
}
});
xhr.onload = () => {
const res = JSON.parse(xhr.responseText);
if (res.success) {
statusDiv.innerHTML = '✓ ' + res.msg;
statusDiv.className = 'upload-status success';
// Flash Message
showFlash(res.msg, 'success');
form.reset();
tags = [];
tagsList.innerHTML = '';
selectedFile = null;
dropZonePrompt.style.display = 'block'; // label is actually flex/block via CSS
filePreview.style.display = 'none';
const vid = filePreview.querySelector('video');
if (vid) vid.remove();
} else {
statusDiv.textContent = '✕ ' + res.msg;
statusDiv.className = 'upload-status error';
if (res.repost) {
statusDiv.innerHTML += ' <a href="/' + res.repost + '">View existing</a>';
}
showFlash('Upload failed: ' + res.msg, 'error');
}
submitBtn.querySelector('.btn-text').style.display = 'inline';
submitBtn.querySelector('.btn-loading').style.display = 'none';
progressContainer.style.display = 'none';
progressFill.style.width = '0%';
updateSubmitButton();
};
xhr.onerror = () => {
statusDiv.textContent = '✕ Upload failed. Please try again.';
statusDiv.className = 'upload-status error';
showFlash('Upload failed network error', 'error');
submitBtn.querySelector('.btn-text').style.display = 'inline';
submitBtn.querySelector('.btn-loading').style.display = 'none';
progressContainer.style.display = 'none';
updateSubmitButton();
};
xhr.open('POST', '/api/v2/upload');
xhr.send(formData);
} catch (err) {
console.error(err);
statusDiv.textContent = '✕ Upload failed: ' + err.message;
statusDiv.className = 'upload-status error';
showFlash('Upload failed: ' + err.message, 'error');
submitBtn.querySelector('.btn-text').style.display = 'inline';
submitBtn.querySelector('.btn-loading').style.display = 'none';
updateSubmitButton();
}
});
updateSubmitButton();
})();

68
src/inc/routeinc/f0cklib.mjs
View File

@@ -27,17 +27,17 @@ export default {
left join favorites on favorites.item_id = items.id
left join "user" on "user".id = favorites.user_id
where
${ db.unsafe(modequery) }
${db.unsafe(modequery)}
and items.active = 'true'
${ tag ? db`and tags.normalized ilike '%' || slugify(${tag}) || '%'` : db`` }
${ o.fav ? db`and "user".user ilike ${'%'+user+'%'}` : db`` }
${ !o.fav && user ? db`and items.username ilike ${'%'+user+'%'}` : db`` }
${ mime ? db`and items.mime ilike ${smime}` : db`` }
${ !o.session && globalfilter ? db`and items.id not in (select item_id from tags_assign where item_id = items.id and (${db.unsafe(globalfilter)}))` : db`` }
${tag ? db`and tags.normalized ilike '%' || slugify(${tag}) || '%'` : db``}
${o.fav ? db`and "user".user ilike ${'%' + user + '%'}` : db``}
${!o.fav && user ? db`and items.username ilike ${'%' + user + '%'}` : db``}
${mime ? db`and items.mime ilike ${smime}` : db``}
${!o.session && globalfilter ? db`and items.id not in (select item_id from tags_assign where item_id = items.id and (${db.unsafe(globalfilter)}))` : db``}
group by items.id, tags.tag
`)?.length || 0;
if(!total || total === 0) {
if (!total || total === 0) {
return {
success: false,
message: "404 - no f0cks given"
@@ -61,13 +61,13 @@ export default {
left join "user" on "user".id = favorites.user_id
left join tags_assign ta on ta.item_id = items.id and (ta.tag_id = 1 or ta.tag_id = 2)
where
${ db.unsafe(modequery) }
${db.unsafe(modequery)}
and items.active = 'true'
${ tag ? db`and tags.normalized ilike '%' || slugify(${tag}) || '%'` : db`` }
${ o.fav ? db`and "user".user ilike ${'%'+user+'%'}` : db`` }
${ !o.fav && user ? db`and items.username ilike ${'%'+user+'%'}` : db`` }
${ mime ? db`and items.mime ilike ${smime}` : db`` }
${ !o.session && globalfilter ? db`and items.id not in (select item_id from tags_assign where item_id = items.id and (${db.unsafe(globalfilter)}))` : db`` }
${tag ? db`and tags.normalized ilike '%' || slugify(${tag}) || '%'` : db``}
${o.fav ? db`and "user".user ilike ${'%' + user + '%'}` : db``}
${!o.fav && user ? db`and items.username ilike ${'%' + user + '%'}` : db``}
${mime ? db`and items.mime ilike ${smime}` : db``}
${!o.session && globalfilter ? db`and items.id not in (select item_id from tags_assign where item_id = items.id and (${db.unsafe(globalfilter)}))` : db``}
group by items.id, tags.tag, ta.tag_id
order by items.id desc
offset ${offset}
@@ -75,7 +75,7 @@ export default {
`;
const cheat = [];
for(let i = Math.max(1, act_page - 3); i <= Math.min(act_page + 3, pages); i++)
for (let i = Math.max(1, act_page - 3); i <= Math.min(act_page + 3, pages); i++)
cheat.push(i);
const link = lib.genLink({ user, tag, mime, type: o.fav ? 'favs' : 'f0cks', path: 'p/' });
@@ -106,7 +106,7 @@ export default {
const modequery = mime == "audio" ? lib.getMode(0) : lib.getMode(o.mode ?? 0);
if(itemid === 404) {
if (itemid === 404) {
return {
success: false,
message: "404 - f0ck not found"
@@ -119,25 +119,32 @@ export default {
from items
left join tags_assign on tags_assign.item_id = items.id
left join tags on tags.id = tags_assign.tag_id
left join favorites on favorites.item_id = items.id
left join "user" on "user".id = favorites.user_id
${o.fav
? db`inner join favorites on favorites.item_id = items.id inner join "user" on "user".id = favorites.user_id`
: db`left join favorites on favorites.item_id = items.id left join "user" on "user".id = favorites.user_id`
}
left join tags_assign ta on ta.item_id = items.id and (ta.tag_id = 1 or ta.tag_id = 2)
where
${ db.unsafe(modequery) }
${db.unsafe(modequery)}
and items.active = 'true'
${ tag ? db`and tags.normalized ilike '%' || slugify(${tag}) || '%'` : db`` }
${ o.fav ? db`and "user".user ilike ${'%'+user+'%'}` : db`` }
${ !o.fav && user ? db`and items.username ilike ${'%'+user+'%'}` : db`` }
${ mime ? db`and items.mime ilike ${smime}` : db`` }
${ !o.session && globalfilter ? db`and items.id not in (select item_id from tags_assign where item_id = items.id and (${db.unsafe(globalfilter)}))` : db`` }
${tag ? db`and tags.normalized ilike '%' || slugify(${tag}) || '%'` : db``}
${o.fav ? db`and "user"."user" ilike ${user}` : db``}
${!o.fav && user ? db`and items.username ilike ${'%' + user + '%'}` : db``}
${mime ? db`and items.mime ilike ${smime}` : db``}
${!o.session && globalfilter ? db`and items.id not in (select item_id from tags_assign where item_id = items.id and (${db.unsafe(globalfilter)}))` : db``}
group by items.id, tags.tag, ta.tag_id
order by items.id desc
`;
console.log('[GETF0CK DEBUG] Query params:', { user, itemid, fav: o.fav });
console.log('[GETF0CK DEBUG] Items found:', items.length, 'Item IDs:', items.slice(0, 10).map(i => i.id));
const item = items.findIndex(i => i.id === itemid);
const actitem = items[item];
if(!actitem) { // sfw-check!
console.log('[GETF0CK DEBUG] findIndex result:', item, 'actitem exists:', !!actitem);
if (!actitem) { // sfw-check!
return {
success: false,
message: "Sorry, this post is currently not visible."
@@ -158,7 +165,7 @@ export default {
let coverart = true;
try {
await fs.promises.access(`./public${cfg.websrv.paths.coverarts}/${actitem.id}.webp`);
} catch(err) {
} catch (err) {
coverart = false;
}
@@ -201,7 +208,7 @@ export default {
tmp
};
return data;
},getRandom: async (o = ({ user, tag, mime, mode, fav, session })) => {
}, getRandom: async (o = ({ user, tag, mime, mode, fav, session })) => {
const user = o.user ? decodeURI(o.user) : null;
const tag = lib.parseTag(o.tag ?? null);
const mime = (o.mime ?? "");
@@ -219,10 +226,15 @@ export default {
from favorites
inner join items on favorites.item_id = items.id
inner join "user" on "user".id = favorites.user_id
left join tags_assign on tags_assign.item_id = items.id
left join tags on tags.id = tags_assign.tag_id
where
"user".user ilike ${'%' + user + '%'}
${db.unsafe(modequery)}
and "user".user ilike ${'%' + user + '%'}
and items.active = 'true'
${mime ? db`and items.mime ilike ${smime}` : db``}
${!o.session && globalfilter ? db`and items.id not in (select item_id from tags_assign where item_id = items.id and (${db.unsafe(globalfilter)}))` : db``}
group by items.id
order by random()
limit 1
`;
@@ -262,4 +274,4 @@ export default {
itemid: item[0].id
};
}
};
};

236
src/inc/routes/admin.mjs
View File

@@ -5,7 +5,7 @@ import { promises as fs } from "fs";
export default (router, tpl) => {
router.get(/^\/login(\/)?$/, async (req, res) => {
if(req.cookies.session) {
if (req.cookies.session) {
return res.reply({
body: tpl.render('error', {
message: "you're already logged in lol",
@@ -25,9 +25,9 @@ export default (router, tpl) => {
where "login" = ${req.post.username.toLowerCase()}
limit 1
`;
if(user.length === 0)
if (user.length === 0)
return res.reply({ body: "user doesn't exist or wrong password" });
if(!(await lib.verify(req.post.password, user[0].password)))
if (!(await lib.verify(req.post.password, user[0].password)))
return res.reply({ body: "user doesn't exist or wrong password" });
const stamp = ~~(Date.now() / 1e3);
@@ -49,8 +49,7 @@ export default (router, tpl) => {
};
await db`
insert into "user_sessions" ${
db(blah, 'user_id', 'session', 'browser', 'created_at', 'last_used', 'last_action', 'kmsi')
insert into "user_sessions" ${db(blah, 'user_id', 'session', 'browser', 'created_at', 'last_used', 'last_action', 'kmsi')
}
`;
@@ -67,7 +66,7 @@ export default (router, tpl) => {
from "user_sessions"
where id = ${+req.session.sess_id}
`;
if(usersession.length === 0)
if (usersession.length === 0)
return res.reply({ body: "nope 2" });
await db`
@@ -121,79 +120,176 @@ export default (router, tpl) => {
});
});
// router.get(/^\/admin\/log(\/)?$/, lib.auth, async (req, res) => {
// // Funktioniert ohne systemd service natürlich nicht.
// exec("journalctl -qeu f0ck --no-pager", (err, stdout) => {
// res.reply({
// body: tpl.render("admin/log", {
// log: stdout.split("\n").slice(0, -1),
// tmp: null
// }, req)
// });
// });
// });
router.get(/^\/admin\/approve\/?/, lib.auth, async (req, res) => {
if (req.url.qs?.id) {
const id = +req.url.qs.id;
const f0ck = await db`
select dest, mime
from "items"
where
id = ${id} and
active = 'false'
limit 1
`;
if (f0ck.length === 0) {
return res.reply({
body: `f0ck ${id}: f0ck not found`
});
}
// router.get(/^\/admin\/recover\/?/, lib.auth, async (req, res) => {
// Gelöschte Objekte werden nicht aufgehoben.
// if(req.url.qs?.id) {
// const id = +req.url.qs.id;
// const f0ck = await db`
// select dest, mime
// from "items"
// where
// id = ${id} and
// active = 'false'
// limit 1
// `;
// if(f0ck.length === 0) {
// return res.reply({
// body: `f0ck ${id}: f0ck not found`
// });
// }
await db`update "items" set active = 'true' where id = ${id}`;
// await db`update "items" set active = 'true' where id = ${id}`;
// Check if files need moving (if they are in deleted/)
try {
await fs.access(`./public/b/${f0ck[0].dest}`);
// Exists in public, good (new upload)
} catch {
// Not in public, likely a deleted item being recovered
await fs.copyFile(`./deleted/b/${f0ck[0].dest}`, `./public/b/${f0ck[0].dest}`).catch(_ => { });
await fs.copyFile(`./deleted/t/${id}.webp`, `./public/t/${id}.webp`).catch(_ => { });
await fs.unlink(`./deleted/b/${f0ck[0].dest}`).catch(_ => { });
await fs.unlink(`./deleted/t/${id}.webp`).catch(_ => { });
// await fs.copyFile(`./deleted/b/${f0ck[0].dest}`, `./public/b/${f0ck[0].dest}`).catch(_=>{});
// await fs.copyFile(`./deleted/t/${id}.webp`, `./public/t/${id}.webp`).catch(_=>{});
// await fs.unlink(`./deleted/b/${f0ck[0].dest}`).catch(_=>{});
// await fs.unlink(`./deleted/t/${id}.webp`).catch(_=>{});
if (f0ck[0].mime.startsWith('audio')) {
await fs.copyFile(`./deleted/ca/${id}.webp`, `./public/ca/${id}.webp`).catch(_ => { });
await fs.unlink(`./deleted/ca/${id}.webp`).catch(_ => { });
}
}
// if(f0ck[0].mime.startsWith('audio')) {
// await fs.copyFile(`./deleted/ca/${id}.webp`, `./public/ca/${id}.webp`).catch(_=>{});
// await fs.unlink(`./deleted/ca/${id}.webp`).catch(_=>{});
// }
return res.writeHead(302, {
"Location": `/${id}`
}).end();
}
// return res.reply({
// body: `f0ck ${id} recovered. <a href="/admin/recover">back</a>`
// });
// }
const page = +req.url.qs.page || 1;
const limit = 50;
const offset = (page - 1) * limit;
// const _posts = await db`
// select id, mime, username
// from "items"
// where
// active = 'false'
// order by id desc
// `;
const total = (await db`select count(*) as c from "items" where active = 'false'`)[0].c;
const pages = Math.ceil(total / limit);
// if(_posts.length === 0) {
// return res.reply({
// body: 'blah'
// });
// }
const _posts = await db`
select id, mime, username, dest
from "items"
where
active = 'false'
order by id desc
limit ${limit} offset ${offset}
`;
// const posts = await Promise.all(_posts.map(async p => ({
// ...p,
// thumbnail: (await fs.readFile(`./deleted/t/${p.id}.webp`)).toString('base64')
// })));
if (_posts.length === 0 && page > 1) {
// if page empty, maybe redirect to last page or page 1?
// Just render empty for now
}
// res.reply({
// body: tpl.render('admin/recover', {
// posts,
// tmp: null
// }, req)
// });
// });
if (_posts.length === 0) {
return res.reply({
body: tpl.render('admin/approve', { posts: [], pages: 0, page: 1, tmp: null }, req)
});
}
const posts = await Promise.all(_posts.map(async p => {
// Try to get thumbnail from public or deleted
let thumb;
try {
// Try public first
thumb = (await fs.readFile(`./public/t/${p.id}.webp`)).toString('base64');
} catch {
try {
thumb = (await fs.readFile(`./deleted/t/${p.id}.webp`)).toString('base64');
} catch {
thumb = ""; // No thumbnail?
}
}
return {
...p,
thumbnail: thumb
};
}));
res.reply({
body: tpl.render('admin/approve', {
posts,
page,
pages,
stats: { total: posts.length },
tmp: null
}, req)
});
});
const deleteItem = async (id) => {
const f0ck = await db`
select dest, mime
from "items"
where
id = ${id}
limit 1
`;
if (f0ck.length > 0) {
console.log(`[ADMIN DENY] Found item, deleting files: ${f0ck[0].dest}`);
// Delete files
await fs.unlink(`./public/b/${f0ck[0].dest}`).catch(e => console.log('File error pub/b:', e.message));
await fs.unlink(`./public/t/${id}.webp`).catch(e => console.log('File error pub/t:', e.message));
await fs.unlink(`./deleted/b/${f0ck[0].dest}`).catch(e => console.log('File error del/b:', e.message));
await fs.unlink(`./deleted/t/${id}.webp`).catch(e => console.log('File error del/t:', e.message));
if (f0ck[0].mime.startsWith('audio')) {
await fs.unlink(`./public/ca/${id}.webp`).catch(() => { });
await fs.unlink(`./deleted/ca/${id}.webp`).catch(() => { });
}
// Delete DB entries
console.log('[ADMIN DENY] Deleting DB entries...');
try {
await db`delete from "tags_assign" where item_id = ${id}`;
await db`delete from "favorites" where item_id = ${id}`;
await db`delete from "comments" where item_id = ${id}`.catch(() => { });
await db`delete from "items" where id = ${id}`;
console.log('[ADMIN DENY] Deleted successfully');
return true;
} catch (dbErr) {
console.error('[ADMIN DENY DB ERROR]', dbErr);
return false;
}
} else {
console.log('[ADMIN DENY] Item not found in DB');
return false;
}
};
router.get(/^\/admin\/deny\/?/, lib.auth, async (req, res) => {
console.log('[ADMIN DENY] Logs initiated');
if (req.url.qs?.id) {
const id = +req.url.qs.id;
console.log(`[ADMIN DENY] Denying ID: ${id}`);
await deleteItem(id);
return res.writeHead(302, {
"Location": `/admin/approve`
}).end();
}
console.log('[ADMIN DENY] No ID provided');
return res.writeHead(302, { "Location": "/admin/approve" }).end();
});
router.post(/^\/admin\/deny-multi\/?/, lib.auth, async (req, res) => {
try {
const ids = req.post.ids;
if (!Array.isArray(ids)) throw new Error('ids must be an array');
console.log(`[ADMIN DENY MULTI] Denying ${ids.length} items`);
for (const id of ids) {
await deleteItem(+id);
}
return res.reply({ success: true });
} catch (err) {
console.error('[ADMIN DENY MULTI ERROR]', err);
return res.reply({ success: false, msg: err.message }, 500);
}
});
return router;
};

10
src/inc/routes/ajax.mjs
View File

@@ -14,7 +14,13 @@ export default (router, tpl) => {
let contextUrl = `/${req.params.itemid}`;
if (query.tag) contextUrl = `/tag/${query.tag}/${req.params.itemid}`;
if (query.user) contextUrl = `/user/${query.user}/${req.params.itemid}`; // User filter takes precedence if both? usually mutually exclusive
if (query.user) {
contextUrl = query.fav === 'true'
? `/user/${query.user}/favs/${req.params.itemid}`
: `/user/${query.user}/${req.params.itemid}`;
}
console.log('[AJAX DEBUG] Params:', { itemid: req.params.itemid, user: query.user, fav: query.fav, contextUrl });
const data = await f0cklib.getf0ck({
itemid: req.params.itemid,
@@ -27,6 +33,8 @@ export default (router, tpl) => {
fav: query.fav === 'true'
});
console.log('[AJAX DEBUG] getf0ck result:', { success: data.success, message: data.message });
if (!data.success) {
return res.reply({
code: 404,

22
src/inc/routes/apiv2/index.mjs
View File

@@ -1,9 +1,12 @@
import { promises as fs } from "fs";
import db from '../../sql.mjs';
import lib from '../../lib.mjs';
import cfg from '../../config.mjs';
import search from '../../routeinc/search.mjs';
const allowedMimes = ["audio", "image", "video", "%"];
const globalfilter = cfg.nsfp?.length ? cfg.nsfp.map(n => `tag_id = ${n}`).join(' or ') : null;
export default router => {
router.group(/^\/api\/v2/, group => {
group.get(/$/, (req, res) => {
@@ -11,20 +14,33 @@ export default router => {
});
group.get(/\/random(\/user\/.+|\/image|\/video|\/audio)?$/, async (req, res) => {
const user = req.url.split[3] === "user" ? req.url.split[4] : "%";
const mime = (allowedMimes.filter(n => req.url.split[3]?.startsWith(n))[0] ? req.url.split[3] : "") + "%";
const pathUser = req.url.split[3] === "user" ? req.url.split[4] : null;
const user = req.url.qs.user || pathUser || "%";
const pathMime = allowedMimes.filter(n => req.url.split[3]?.startsWith(n))[0] ? req.url.split[3] : "";
const mime = (req.url.qs.mime || pathMime) + "%";
const tag = req.url.qs.tag || null;
const isFav = req.url.qs.fav === 'true';
const hasSession = !!req.session;
const modequery = mime.startsWith("audio") ? lib.getMode(0) : lib.getMode(req.session?.mode ?? 0);
const rows = await db`
select "items".*
from "items"
${isFav
? db`join "favorites" on "favorites".item_id = "items".id join "user" as fu on fu.id = "favorites".user_id`
: db``
}
left join tags_assign on tags_assign.item_id = items.id
left join tags on tags.id = tags_assign.tag_id
where
${db.unsafe(modequery)} and
mime ilike ${mime} and
username ilike ${user} and
active = 'true'
${isFav ? db`and fu."user" = ${user}` : db`and items.username ilike ${user}`}
${tag ? db`and tags.normalized ilike ${'%' + tag + '%'}` : db``}
${!hasSession && globalfilter ? db`and items.id not in (select item_id from tags_assign where item_id = items.id and (${db.unsafe(globalfilter)}))` : db``}
order by random()
limit 1
`;

260
src/inc/routes/apiv2/upload.mjs Normal file
View File

@@ -0,0 +1,260 @@
import { promises as fs } from "fs";
import db from '../../sql.mjs';
import lib from '../../lib.mjs';
import cfg from '../../config.mjs';
import queue from '../../queue.mjs';
import path from "path";
// Native multipart form data parser
const parseMultipart = (buffer, boundary) => {
const parts = {};
const boundaryBuffer = Buffer.from(`--${boundary}`);
const segments = [];
let start = 0;
let idx;
while ((idx = buffer.indexOf(boundaryBuffer, start)) !== -1) {
if (start !== 0) {
segments.push(buffer.slice(start, idx - 2)); // -2 for \r\n before boundary
}
start = idx + boundaryBuffer.length + 2; // +2 for \r\n after boundary
}
for (const segment of segments) {
const headerEnd = segment.indexOf('\r\n\r\n');
if (headerEnd === -1) continue;
const headers = segment.slice(0, headerEnd).toString();
const body = segment.slice(headerEnd + 4);
const nameMatch = headers.match(/name="([^"]+)"/);
const filenameMatch = headers.match(/filename="([^"]+)"/);
const contentTypeMatch = headers.match(/Content-Type:\s*([^\r\n]+)/i);
if (nameMatch) {
const name = nameMatch[1];
if (filenameMatch) {
parts[name] = {
filename: filenameMatch[1],
contentType: contentTypeMatch ? contentTypeMatch[1] : 'application/octet-stream',
data: body
};
} else {
parts[name] = body.toString().trim();
}
}
}
return parts;
};
// Collect request body as buffer with debug logging
const collectBody = (req) => {
return new Promise((resolve, reject) => {
console.log('[UPLOAD DEBUG] collectBody started');
const chunks = [];
req.on('data', chunk => {
// console.log(`[UPLOAD DEBUG] chunk received: ${chunk.length} bytes`);
chunks.push(chunk);
});
req.on('end', () => {
console.log(`[UPLOAD DEBUG] Stream ended. Total size: ${chunks.reduce((acc, c) => acc + c.length, 0)}`);
resolve(Buffer.concat(chunks));
});
req.on('error', err => {
console.error('[UPLOAD DEBUG] Stream error:', err);
reject(err);
});
// Ensure stream is flowing
if (req.isPaused()) {
console.log('[UPLOAD DEBUG] Stream was paused, resuming...');
req.resume();
}
});
};
export default router => {
router.group(/^\/api\/v2/, group => {
group.post(/\/upload$/, lib.loggedin, async (req, res) => {
try {
console.log('[UPLOAD DEBUG] Request received');
// Use stored content type if available (from middleware bypass), otherwise use header
const contentType = req._multipartContentType || req.headers['content-type'] || '';
const boundaryMatch = contentType.match(/boundary=(.+)$/);
if (!boundaryMatch) {
console.log('[UPLOAD DEBUG] No boundary found');
return res.json({ success: false, msg: 'Invalid content type' }, 400);
}
let body;
if (req.bodyPromise) {
console.log('[UPLOAD DEBUG] Waiting for buffered body from middleware promise...');
body = await req.bodyPromise;
console.log('[UPLOAD DEBUG] Received body from promise');
} else if (req.rawBody) {
console.log('[UPLOAD DEBUG] Using buffered body from middleware');
body = req.rawBody;
} else {
console.log('[UPLOAD DEBUG] Collecting body via collectBody...');
body = await collectBody(req);
}
if (!body) {
return res.json({ success: false, msg: 'Failed to receive file body' }, 400);
}
console.log('[UPLOAD DEBUG] Body size:', body.length);
const parts = parseMultipart(body, boundaryMatch[1]);
console.log('[UPLOAD DEBUG] Parsed parts:', Object.keys(parts));
// Validate required fields
const file = parts.file;
const rating = parts.rating; // 'sfw' or 'nsfw'
const tagsRaw = parts.tags; // comma-separated tags
if (!file || !file.data) {
return res.json({ success: false, msg: 'No file provided' }, 400);
}
if (!rating || !['sfw', 'nsfw'].includes(rating)) {
return res.json({ success: false, msg: 'Rating (sfw/nsfw) is required' }, 400);
}
const tags = tagsRaw ? tagsRaw.split(',').map(t => t.trim()).filter(t => t.length > 0) : [];
if (tags.length < 3) {
return res.json({ success: false, msg: 'At least 3 tags are required' }, 400);
}
// Validate MIME type
const allowedMimes = ['video/mp4', 'video/webm'];
let mime = file.contentType;
if (!allowedMimes.includes(mime)) {
return res.json({ success: false, msg: `Invalid file type. Only mp4 and webm allowed. Got: ${mime}` }, 400);
}
// Validate file size
const maxfilesize = cfg.main.maxfilesize;
const size = file.data.length;
if (size > maxfilesize) {
return res.json({
success: false,
msg: `File too large. Max: ${lib.formatSize(maxfilesize)}, Got: ${lib.formatSize(size)}`
}, 400);
}
// Generate UUID for filename
const uuid = await queue.genuuid();
const ext = mime === 'video/mp4' ? 'mp4' : 'webm';
const filename = `${uuid}.${ext}`;
const tmpPath = `./tmp/${filename}`;
const destPath = `./public/b/${filename}`;
// Save file temporarily
await fs.writeFile(tmpPath, file.data);
// Verify MIME with file command
const actualMime = (await queue.exec(`file --mime-type -b ${tmpPath}`)).stdout.trim();
if (!allowedMimes.includes(actualMime)) {
await fs.unlink(tmpPath).catch(() => { });
return res.json({ success: false, msg: `Invalid file type detected: ${actualMime}` }, 400);
}
// Generate checksum
const checksum = (await queue.exec(`sha256sum ${tmpPath}`)).stdout.trim().split(" ")[0];
// Check for repost
const repost = await queue.checkrepostsum(checksum);
if (repost) {
await fs.unlink(tmpPath).catch(() => { });
return res.json({
success: false,
msg: `This file already exists`,
repost: repost
}, 409);
}
// Move to public folder
await fs.copyFile(tmpPath, destPath);
await fs.unlink(tmpPath).catch(() => { });
// Insert into database (active=false for admin approval)
await db`
insert into items ${db({
src: '',
dest: filename,
mime: actualMime,
size: size,
checksum: checksum,
username: req.session.user,
userchannel: 'web',
usernetwork: 'web',
stamp: ~~(Date.now() / 1000),
active: false
}, 'src', 'dest', 'mime', 'size', 'checksum', 'username', 'userchannel', 'usernetwork', 'stamp', 'active')
}
`;
// Get the new item ID
const itemid = await queue.getItemID(filename);
// Generate thumbnail
try {
await queue.genThumbnail(filename, actualMime, itemid, '');
} catch (err) {
await queue.exec(`magick ./mugge.png ./public/t/${itemid}.webp`);
}
// Assign rating tag (sfw=1, nsfw=2)
const ratingTagId = rating === 'sfw' ? 1 : 2;
await db`
insert into tags_assign ${db({ item_id: itemid, tag_id: ratingTagId, user_id: req.session.id })}
`;
// Assign user tags
for (const tagName of tags) {
// Check if tag exists, create if not
let tagRow = await db`
select id from tags where normalized = slugify(${tagName}) limit 1
`;
let tagId;
if (tagRow.length === 0) {
// Create new tag
await db`
insert into tags ${db({ tag: tagName }, 'tag')}
`;
tagRow = await db`
select id from tags where normalized = slugify(${tagName}) limit 1
`;
}
tagId = tagRow[0].id;
// Assign tag to item
await db`
insert into tags_assign ${db({ item_id: itemid, tag_id: tagId, user_id: req.session.id })}
on conflict do nothing
`;
}
return res.json({
success: true,
msg: 'Upload successful! Your upload is pending admin approval.',
itemid: itemid
});
} catch (err) {
console.error('[UPLOAD ERROR]', err);
return res.json({ success: false, msg: 'Upload failed: ' + err.message }, 500);
}
});
});
return router;
};

19
src/inc/routes/tag_image.mjs
View File

@@ -2,11 +2,26 @@ import crypto from 'crypto';
export default (router, tpl) => {
router.get(/^\/tag_image\/(?<tag>.+)$/, async (req, res) => {
const tag = req.params.tag;
const tag = decodeURIComponent(req.params.tag);
// Create a deterministic hash from the tag
const hash = crypto.createHash('md5').update(tag).digest('hex');
// Escape character for SVG
const escapeXml = (unsafe) => {
return unsafe.replace(/[<>&'"]/g, (c) => {
switch (c) {
case '<': return '&lt;';
case '>': return '&gt;';
case '&': return '&amp;';
case '\'': return '&apos;';
case '"': return '&quot;';
}
});
};
const displayTag = escapeXml(tag);
// Generate colors from hash
const c1 = '#' + hash.substring(0, 6);
const c2 = '#' + hash.substring(6, 12);
@@ -27,7 +42,7 @@ export default (router, tpl) => {
<rect width="300" height="150" fill="url(#grad)" />
<circle cx="${n1}%" cy="${n2}%" r="${(n1 + n2) / 4}" fill="${c3}" fill-opacity="0.3" />
<circle cx="${100 - n1}%" cy="${100 - n2}%" r="${(n1 + n2) / 3}" fill="${c3}" fill-opacity="0.2" />
<text x="50%" y="50%" dominant-baseline="middle" text-anchor="middle" font-family="sans-serif" font-size="24" fill="#fff" fill-opacity="0.9" font-weight="bold">${tag}</text>
<text x="50%" y="50%" dominant-baseline="middle" text-anchor="middle" font-family="sans-serif" font-size="24" fill="#fff" fill-opacity="0.9" font-weight="bold">${displayTag}</text>
</svg>
`.trim();

28
src/index.mjs
View File

@@ -4,8 +4,10 @@ import lib from "./inc/lib.mjs";
import cuffeo from "cuffeo";
import { promises as fs } from "fs";
import flummpress from "flummpress";
import { handleUpload } from "./upload_handler.mjs";
process.on('unhandledRejection', err => {
if (err.code === 'ERR_HTTP_HEADERS_SENT') return;
console.error(err);
throw err;
});
@@ -19,7 +21,7 @@ process.on('unhandledRejection', err => {
this.level = args.level || 0;
this.name = args.name;
this.active = args.hasOwnProperty("active") ? args.active : true;
this.clients = args.clients || [ "irc", "tg", "slack" ];
this.clients = args.clients || ["irc", "tg", "slack"];
this.f = args.f;
},
bot: await new cuffeo(cfg.clients)
@@ -41,7 +43,7 @@ process.on('unhandledRejection', err => {
console.timeLog("loading", `${dir}/${mod}`);
return res;
}))).flat(2)
})))).reduce((a, b) => ({...a, ...b}));
})))).reduce((a, b) => ({ ...a, ...b }));
blah.events.forEach(event => {
console.timeLog("loading", `registering event > ${event.name}`);
@@ -61,15 +63,16 @@ process.on('unhandledRejection', err => {
const router = app.router;
const tpl = app.tpl;
app.use(async (req, res) => {
// sessionhandler
req.session = false;
if(req.url.pathname.match(/^\/(s|b|t|ca)\//))
if (req.url.pathname.match(/^\/(s|b|t|ca)\//))
return;
req.theme = req.cookies.theme || 'amoled';
req.fullscreen = req.cookies.fullscreen || 0;
if(req.cookies.session) {
if (req.cookies.session) {
const user = await db`
select "user".id, "user".login, "user".user, "user".admin, "user_sessions".id as sess_id, "user_options".*
from "user_sessions"
@@ -79,7 +82,7 @@ process.on('unhandledRejection', err => {
limit 1
`;
if(user.length === 0) {
if (user.length === 0) {
return res.writeHead(307, { // delete session
"Cache-Control": "no-cache, public",
"Set-Cookie": "session=; Path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT",
@@ -91,8 +94,7 @@ process.on('unhandledRejection', err => {
// log last action
await db`
update "user_sessions" set ${
db({
update "user_sessions" set ${db({
last_used: ~~(Date.now() / 1e3),
last_action: req.url.pathname,
browser: req.headers['user-agent']
@@ -106,8 +108,7 @@ process.on('unhandledRejection', err => {
// update userprofile
await db`
insert into "user_options" ${
db({
insert into "user_options" ${db({
user_id: +user[0].id,
mode: user[0].mode ?? 0,
theme: req.session.theme ?? 'amoled',
@@ -123,6 +124,15 @@ process.on('unhandledRejection', err => {
}
});
// Bypass middleware for direct upload handling
app.use(async (req, res) => {
if (req.method === 'POST' && req.url.pathname === '/api/v2/upload') {
await handleUpload(req, res);
// Modify URL to prevent router matching and double execution
req.url.pathname = '/handled_upload_bypass';
}
});
tpl.views = "views";
tpl.debug = true;
tpl.cache = false;

254
src/upload_handler.mjs Normal file
View File

@@ -0,0 +1,254 @@
import { promises as fs } from "fs";
import db from "./inc/sql.mjs";
import lib from "./inc/lib.mjs";
import cfg from "./inc/config.mjs";
import queue from "./inc/queue.mjs";
import path from "path";
// Native multipart form data parser
const parseMultipart = (buffer, boundary) => {
const parts = {};
const boundaryBuffer = Buffer.from(`--${boundary}`);
const segments = [];
let start = 0;
let idx;
while ((idx = buffer.indexOf(boundaryBuffer, start)) !== -1) {
if (start !== 0) {
segments.push(buffer.slice(start, idx - 2)); // -2 for \r\n before boundary
}
start = idx + boundaryBuffer.length + 2; // +2 for \r\n after boundary
}
for (const segment of segments) {
const headerEnd = segment.indexOf('\r\n\r\n');
if (headerEnd === -1) continue;
const headers = segment.slice(0, headerEnd).toString();
const body = segment.slice(headerEnd + 4);
const nameMatch = headers.match(/name="([^"]+)"/);
const filenameMatch = headers.match(/filename="([^"]+)"/);
const contentTypeMatch = headers.match(/Content-Type:\s*([^\r\n]+)/i);
if (nameMatch) {
const name = nameMatch[1];
if (filenameMatch) {
parts[name] = {
filename: filenameMatch[1],
contentType: contentTypeMatch ? contentTypeMatch[1] : 'application/octet-stream',
data: body
};
} else {
parts[name] = body.toString().trim();
}
}
}
return parts;
};
// Collect request body as buffer
const collectBody = (req) => {
return new Promise((resolve, reject) => {
const chunks = [];
req.on('data', chunk => chunks.push(chunk));
req.on('end', () => resolve(Buffer.concat(chunks)));
req.on('error', reject);
// Ensure stream flows
if (req.isPaused()) req.resume();
});
};
// Helper for JSON response
const sendJson = (res, data, code = 200) => {
res.writeHead(code, { 'Content-Type': 'application/json' });
res.end(JSON.stringify(data));
};
export const handleUpload = async (req, res) => {
console.log('[UPLOAD HANDLER] Started');
// Manual Session Lookup (because flummpress middleware might not have finished)
// We assume req.cookies is populated by framework or we need to parse it?
// index.mjs accesses req.cookies directly, so we assume it works.
let user = [];
if (req.cookies && req.cookies.session) {
user = await db`
select "user".id, "user".login, "user".user, "user".admin, "user_sessions".id as sess_id, "user_options".*
from "user_sessions"
left join "user" on "user".id = "user_sessions".user_id
left join "user_options" on "user_options".user_id = "user_sessions".user_id
where "user_sessions".session = ${lib.md5(req.cookies.session)}
limit 1
`;
}
if (user.length === 0) {
console.log('[UPLOAD HANDLER] Unauthorized - No valid session found');
return sendJson(res, { success: false, msg: 'Unauthorized' }, 401);
}
// Mock req.session for consistency if needed by other logic, though we use 'user[0]' here
req.session = user[0];
console.log('[UPLOAD HANDLER] Authorized:', req.session.user);
try {
const contentType = req.headers['content-type'] || '';
const boundaryMatch = contentType.match(/boundary=(.+)$/);
if (!boundaryMatch) {
console.log('[UPLOAD HANDLER] No boundary');
return sendJson(res, { success: false, msg: 'Invalid content type' }, 400);
}
console.log('[UPLOAD HANDLER] Collecting body...');
const body = await collectBody(req);
console.log('[UPLOAD HANDLER] Body collected, size:', body.length);
const parts = parseMultipart(body, boundaryMatch[1]);
// Validate required fields
const file = parts.file;
const rating = parts.rating;
const tagsRaw = parts.tags;
if (!file || !file.data) {
return sendJson(res, { success: false, msg: 'No file provided' }, 400);
}
if (!rating || !['sfw', 'nsfw'].includes(rating)) {
return sendJson(res, { success: false, msg: 'Rating (sfw/nsfw) is required' }, 400);
}
const tags = tagsRaw ? tagsRaw.split(',').map(t => t.trim()).filter(t => t.length > 0) : [];
if (tags.length < 3) {
return sendJson(res, { success: false, msg: 'At least 3 tags are required' }, 400);
}
// Validate MIME type
const allowedMimes = ['video/mp4', 'video/webm'];
let mime = file.contentType;
if (!allowedMimes.includes(mime)) {
return sendJson(res, { success: false, msg: `Invalid file type. Only mp4 and webm allowed. Got: ${mime}` }, 400);
}
// Validate file size
const maxfilesize = cfg.main.maxfilesize;
const size = file.data.length;
if (size > maxfilesize) {
return sendJson(res, {
success: false,
msg: `File too large. Max: ${lib.formatSize(maxfilesize)}, Got: ${lib.formatSize(size)}`
}, 400);
}
// Generate UUID
const uuid = await queue.genuuid();
const ext = mime === 'video/mp4' ? 'mp4' : 'webm';
const filename = `${uuid}.${ext}`;
const tmpPath = `./tmp/${filename}`;
const destPath = `./public/b/${filename}`;
// Ensure directories exist
await fs.mkdir('./tmp', { recursive: true });
await fs.mkdir('./public/b', { recursive: true });
// Save temporarily
await fs.writeFile(tmpPath, file.data);
// Verify MIME
const actualMime = (await queue.exec(`file --mime-type -b ${tmpPath}`)).stdout.trim();
if (!allowedMimes.includes(actualMime)) {
await fs.unlink(tmpPath).catch(() => { });
return sendJson(res, { success: false, msg: `Invalid file type detected: ${actualMime}` }, 400);
}
// Constants
const checksum = (await queue.exec(`sha256sum ${tmpPath}`)).stdout.trim().split(" ")[0];
// Check repost
const repost = await queue.checkrepostsum(checksum);
if (repost) {
await fs.unlink(tmpPath).catch(() => { });
return sendJson(res, {
success: false,
msg: `This file already exists`,
repost: repost
}, 409);
}
// Move to public
await fs.copyFile(tmpPath, destPath);
await fs.unlink(tmpPath).catch(() => { });
// Insert
await db`
insert into items ${db({
src: '',
dest: filename,
mime: actualMime,
size: size,
checksum: checksum,
username: req.session.user,
userchannel: 'web',
usernetwork: 'web',
stamp: ~~(Date.now() / 1000),
active: false
}, 'src', 'dest', 'mime', 'size', 'checksum', 'username', 'userchannel', 'usernetwork', 'stamp', 'active')
}
`;
const itemid = await queue.getItemID(filename);
// Thumbnail
try {
await queue.genThumbnail(filename, actualMime, itemid, '');
} catch (err) {
await queue.exec(`magick ./mugge.png ./public/t/${itemid}.webp`);
}
// Tags
const ratingTagId = rating === 'sfw' ? 1 : 2;
await db`
insert into tags_assign ${db({ item_id: itemid, tag_id: ratingTagId, user_id: req.session.id })}
`;
for (const tagName of tags) {
let tagRow = await db`
select id from tags where normalized = slugify(${tagName}) limit 1
`;
let tagId;
if (tagRow.length === 0) {
await db`
insert into tags ${db({ tag: tagName }, 'tag')}
`;
tagRow = await db`
select id from tags where normalized = slugify(${tagName}) limit 1
`;
}
tagId = tagRow[0].id;
await db`
insert into tags_assign ${db({ item_id: itemid, tag_id: tagId, user_id: req.session.id })}
on conflict do nothing
`;
}
return sendJson(res, {
success: true,
msg: 'Upload successful! Your upload is pending admin approval.',
itemid: itemid
});
} catch (err) {
console.error('[UPLOAD HANDLER ERROR]', err);
return sendJson(res, { success: false, msg: 'Upload failed: ' + err.message }, 500);
}
};

17
views/about.html
View File

@@ -1,13 +1,22 @@
@include(snippets/header)
<div id="main">
<div class="about">
<div class="about">
<p>Welcome stranger!</p>
<p>bringing you some of the greatest webms from the past, the present and the future!</p>
<p>Enjoy your stay.</p>
<img style="width: 200px" src="/s/img/cockfag.png" alt="cockfag">
<p>How to use it?</p>
<p>shortcuts</p>
<ul>
<li>k = search</li>
<li>r = random</li>
<li>p = toggle safe for rating</li>
<li>i = open tag input</li>
<li>x = del</li>
<li>scroll up/down inside video or inside the controls triggers next or prev</li>
<li>Arrow keys trigger next or prev</li>
</ul>
<p>If you have any questions you can reach out via Mail.</p>
<p>mail: admin@w0bm.com</p>
<p>Please also make yourself familiar with the <a href="/terms">Terms Of Service</a></p>
</div>
</div>
</div>
@include(snippets/footer)

7
views/admin.html
View File

@@ -6,14 +6,15 @@
<span>Hier entsteht eine Internetpräsenz!</span><br>
<hr>
<p>f0ck stats: @if(typeof totals !== "undefined")
total: {{ totals.total }} | tagged: {{ totals.tagged }} | untagged: {{ totals.untagged }} | sfw: {{ totals.sfw }} | nsfw: {{ totals.nsfw }}
total: {{ totals.total }} | tagged: {{ totals.tagged }} | untagged: {{ totals.untagged }} | sfw: {{ totals.sfw }}
| nsfw: {{ totals.nsfw }}
@endif</p>
<hr>
<div class="admintools">
<p>Adminwerkzeuge</p>
<ul>
<!-- <li><a href="/admin/log">Logs</a></li>
<li><a href="/admin/recover">Recover f0cks</a></li> -->
<!-- <li><a href="/admin/log">Logs</a></li> -->
<li><a href="/admin/approve">Approval Queue</a></li>
<li><a href="/admin/sessions">Sessions</a></li>
</ul>
</div>

192
views/admin/approve.html Normal file
View File

@@ -0,0 +1,192 @@
@include(snippets/header)
<div id="main">
<div class="container">
<h1>APPROVAL QUEUE</h1>
<p>Items here are pending approval.</p>
<table class="table" style="width: 100%">
<thead>
<tr>
<td>Preview</td>
<td>ID</td>
<td>Uploader</td>
<td>Type</td>
<td>Action</td>
</tr>
</thead>
<tbody>
@each(posts as post)
<tr>
<td>
<video controls loop muted preload="metadata" style="max-height: 200px; max-width: 300px;">
<source src="/b/{{ post.dest }}" type="{{ post.mime }}">
</video>
</td>
<td>{{ post.id }}</td>
<td>{{ post.username }}</td>
<td>{{ post.mime }}</td>
<td>
<a href="/admin/approve/?id={{ post.id }}" class="badge badge-success">Approve</a>
<a href="/admin/deny/?id={{ post.id }}" class="badge badge-danger btn-deny-async">Deny /
Delete</a>
</td>
</tr>
@endeach
@if(posts.length === 0)
<tr>
<td colspan="5">No pending items.</td>
</tr>
@endif
</tbody>
</table>
<br>
@if(typeof pages !== 'undefined' && pages > 1)
<div class="pagination" style="display: flex; gap: 10px; align-items: center; justify-content: center;">
@if(page > 1)
<a href="/admin/approve?page={{ page - 1 }}" class="badge badge-secondary">&laquo; Prev</a>
@endif
<span>Page {{ page }} of {{ pages }}</span>
@if(page < pages) <a href="/admin/approve?page={{ page + 1 }}" class="badge badge-secondary">Next
&raquo;</a>
@endif
</div>
<br>
@endif
<div style="text-align: center; margin-bottom: 20px;">
<button id="btn-deny-all" class="badge badge-danger" onclick="window.handleDenyAll(event)"
style="font-size: 1.2em; padding: 10px 20px; border: none; cursor: pointer;">Deny All</button>
</div>
<a href="/admin">Back to Admin</a>
</div>
</div>
<!-- Custom Modal -->
<div id="custom-modal"
style="display: none; position: fixed; top: 0; left: 0; width: 100%; height: 100%; background: rgba(0,0,0,0.7); justify-content: center; align-items: center; z-index: 1000;">
<div
style="background: #222; color: #fff; padding: 20px; border-radius: 8px; max-width: 400px; text-align: center; border: 1px solid #444;">
<h3 id="modal-title" style="margin-top: 0;">Confirm Action</h3>
<p id="modal-text">Are you sure?</p>
<div style="display: flex; justify-content: space-around; margin-top: 20px;">
<button id="modal-cancel" class="badge badge-secondary"
style="border: none; padding: 10px 20px; cursor: pointer;">Cancel</button>
<button id="modal-confirm" class="badge badge-danger"
style="border: none; padding: 10px 20px; cursor: pointer;">Confirm</button>
</div>
</div>
</div>
<script>
document.addEventListener('DOMContentLoaded', () => {
// Dynamic Button Text
const btnDenyAllInit = document.getElementById('btn-deny-all');
if (btnDenyAllInit) {
const count = document.querySelectorAll('.btn-deny-async').length;
btnDenyAllInit.innerText = 'Deny All (' + count + ' visible)';
}
const modal = document.getElementById('custom-modal');
const modalTitle = document.getElementById('modal-title');
const modalText = document.getElementById('modal-text');
const btnConfirm = document.getElementById('modal-confirm');
const btnCancel = document.getElementById('modal-cancel');
let pendingAction = null;
const showModal = (title, text, action) => {
modalTitle.innerText = title;
modalText.innerText = text;
pendingAction = action;
modal.style.display = 'flex';
btnConfirm.onclick = async () => {
if (!pendingAction) return;
btnConfirm.disabled = true;
btnConfirm.innerText = 'Processing...';
try {
await pendingAction();
closeModal();
} catch (e) {
alert('Error: ' + e.message);
} finally {
btnConfirm.disabled = false;
btnConfirm.innerText = 'Confirm';
}
};
};
const closeModal = () => {
modal.style.display = 'none';
pendingAction = null;
};
if (btnCancel) btnCancel.onclick = closeModal;
// Single Deny
document.querySelectorAll('.btn-deny-async').forEach(btn => {
btn.addEventListener('click', e => {
e.preventDefault();
const url = btn.getAttribute('href');
const row = btn.closest('tr');
showModal('Deny Item', 'Permanently delete this item?', async () => {
const res = await fetch(url);
if (res.ok) {
row.style.opacity = '0';
setTimeout(() => row.remove(), 300);
} else {
throw new Error('Request failed');
}
});
});
});
// Global handler for Deny All
window.handleDenyAll = (e) => {
e.preventDefault();
console.log('Deny All clicked (Inline)');
const allBtn = [...document.querySelectorAll('.btn-deny-async')];
// Map to {id, element}
const targets = allBtn.map(b => {
const href = b.getAttribute('href');
const match = href ? href.match(/[?&]id=([^&]+)/) : null;
if (!match && href) console.log('No ID match for href:', href);
return match ? { id: match[1], btn: b } : null;
}).filter(item => item);
const ids = targets.map(t => t.id);
console.log('Deny List:', ids);
if (ids.length === 0) return alert('No items to deny');
showModal('Deny ALL', 'Permanently delete ' + ids.length + ' visible items?', async () => {
const res = await fetch('/admin/deny-multi', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ ids })
});
const json = await res.json();
if (json.success) {
closeModal(); // UX Polish: Close modal immediately
// Visual Removal
targets.forEach(t => {
const row = t.btn.closest('tr');
if (row) {
row.style.opacity = '0';
}
});
// Allow transition then reload
setTimeout(() => {
window.location.reload();
}, 500);
} else {
throw new Error(json.msg || 'Failed');
}
});
};
});
</script>
@include(snippets/footer)

38
views/snippets/footer.html
View File

@@ -1,10 +1,32 @@
<script async src="/s/js/theme.js?v=@mtime(/public/s/js/theme.js)"></script>
<script src="/s/js/v0ck.js?v=@mtime(/public/s/js/v0ck.js)"></script>
<script src="/s/js/f0ck.js?v=@mtime(/public/s/js/f0ck.js)"></script>
@if(session && session.admin)
<script src="/s/js/admin.js?v=@mtime(/public/s/js/admin.js)"></script>
@elseif(session && !session.admin)
<script src="/s/js/user.js?v=@mtime(/public/s/js/user.js)"></script>
@endif
<div id="delete-tag-modal" class="modal-overlay" style="display:none;">
<div class="modal-content">
<h3>Delete Tag?</h3>
<p>Are you sure you want to delete the tag <strong id="delete-tag-name"></strong>?</p>
<div class="modal-actions">
<button id="delete-tag-confirm" class="btn-danger">Delete</button>
<button id="delete-tag-cancel" class="btn-secondary">Cancel</button>
</div>
</div>
</div>
<div id="delete-item-modal" class="modal-overlay" style="display:none;">
<div class="modal-content">
<h3>Delete Item?</h3>
<p>Are you sure you want to delete item <strong id="delete-item-id"></strong> by <strong
id="delete-item-poster"></strong>?</p>
<div class="modal-actions">
<button id="delete-item-confirm" class="btn-danger">Delete</button>
<button id="delete-item-cancel" class="btn-secondary">Cancel</button>
</div>
</div>
</div>
<script async src="/s/js/theme.js?v=@mtime(/public/s/js/theme.js)"></script>
<script src="/s/js/v0ck.js?v=@mtime(/public/s/js/v0ck.js)"></script>
<script src="/s/js/f0ck.js?v=@mtime(/public/s/js/f0ck.js)"></script>
@if(session && session.admin)
<script src="/s/js/admin.js?v=@mtime(/public/s/js/admin.js)"></script>
@elseif(session && !session.admin)
<script src="/s/js/user.js?v=@mtime(/public/s/js/user.js)"></script>
@endif
</body>
</html>

48
views/snippets/navbar.html
View File

@@ -2,14 +2,41 @@
<!-- logged in -->
<nav class="navbar navbar-expand-lg">
<a class="navbar-brand" href="/"><span class="f0ck" width="" height="">w0bm.com</span></a>
<div class="navigation-links-guest">
<ol>
<div class="nav-left-group">
<div class="nav-user-dropdown">
<button class="nav-user-btn" id="nav-user-toggle">
{{ session.user }} ▾
</button>
<div class="nav-user-menu" id="nav-user-menu">
<a href="/user/{{ session.user.toLowerCase() }}">profile</a>
<a href="/user/{{ session.user.toLowerCase() }}/favs">favs</a>
<a href="/upload">upload</a>
@if(session.admin)
<a href="/admin">admin</a>
@endif
<a href="/settings">settings</a>
<div class="nav-user-divider"></div>
<a href="/logout">logout</a>
</div>
</div>
<div class="nav-links">
<a href="/tags">tags</a>
<a href="/about">about</a>
@if(!/^\/\d$/.test(url.pathname))
<a href="/random" id="nav-random">rand</a>
<a href="/random" id="nav-random" title="Random"><svg xmlns="http://www.w3.org/2000/svg" width="13" height="13"
fill="currentColor" viewBox="0 0 16 16">
<path fill-rule="evenodd"
d="M0 3.5A.5.5 0 0 1 .5 3H1c2.202 0 3.827 1.24 4.874 2.418.49.552.865 1.102 1.126 1.532.26-.43.636-.98 1.126-1.532C9.173 4.24 10.798 3 13 3v1c-1.798 0-3.173 1.01-4.126 2.082A9.624 9.624 0 0 0 7.556 8a9.624 9.624 0 0 0 1.317 1.918C9.828 10.99 11.204 12 13 12v1c-2.202 0-3.827-1.24-4.874-2.418A10.595 10.595 0 0 1 7 9.05c-.26.43-.636.98-1.126 1.532C4.827 11.76 3.202 13 1 13H.5a.5.5 0 0 1 0-1H1c1.798 0 3.173-1.01 4.126-2.082A9.624 9.624 0 0 0 6.444 8a9.624 9.624 0 0 0-1.317-1.918C4.172 5.01 2.796 4 1 4H.5a.5.5 0 0 1-.5-.5z" />
<path
d="M13 5.466V1.534a.25.25 0 0 1 .41-.192l2.36 1.966c.12.1.12.284 0 .384l-2.36 1.966a.25.25 0 0 1-.41-.192zm0 9v-3.932a.25.25 0 0 1 .41-.192l2.36 1.966c.12.1.12.284 0 .384l-2.36 1.966a.25.25 0 0 1-.41-.192z" />
</svg></a>
@endif
</ol>
<a href="#" id="nav-search-btn" title="Search"><svg xmlns="http://www.w3.org/2000/svg" width="13" height="13"
fill="currentColor" viewBox="0 0 16 16">
<path
d="M11.742 10.344a6.5 6.5 0 1 0-1.397 1.398h-.001c.03.04.062.078.098.115l3.85 3.85a1 1 0 0 0 1.415-1.414l-3.85-3.85a1.007 1.007 0 0 0-.115-.1zM12 6.5a5.5 5.5 0 1 1-11 0 5.5 5.5 0 0 1 11 0z" />
</svg></a>
</div>
</div>
<!-- show pagination only for tags and main page -->
@if(!/^\/\d+$/.test(url.pathname))
@@ -31,8 +58,19 @@
<a href="/tags">tags</a>
<a href="/about">about</a>
@if(!/^\/\d$/.test(url.pathname))
<a href="/random" id="nav-random">rand</a>
<a href="/random" id="nav-random" title="Random"><svg xmlns="http://www.w3.org/2000/svg" width="13" height="13"
fill="currentColor" viewBox="0 0 16 16">
<path fill-rule="evenodd"
d="M0 3.5A.5.5 0 0 1 .5 3H1c2.202 0 3.827 1.24 4.874 2.418.49.552.865 1.102 1.126 1.532.26-.43.636-.98 1.126-1.532C9.173 4.24 10.798 3 13 3v1c-1.798 0-3.173 1.01-4.126 2.082A9.624 9.624 0 0 0 7.556 8a9.624 9.624 0 0 0 1.317 1.918C9.828 10.99 11.204 12 13 12v1c-2.202 0-3.827-1.24-4.874-2.418A10.595 10.595 0 0 1 7 9.05c-.26.43-.636.98-1.126 1.532C4.827 11.76 3.202 13 1 13H.5a.5.5 0 0 1 0-1H1c1.798 0 3.173-1.01 4.126-2.082A9.624 9.624 0 0 0 6.444 8a9.624 9.624 0 0 0-1.317-1.918C4.172 5.01 2.796 4 1 4H.5a.5.5 0 0 1-.5-.5z" />
<path
d="M13 5.466V1.534a.25.25 0 0 1 .41-.192l2.36 1.966c.12.1.12.284 0 .384l-2.36 1.966a.25.25 0 0 1-.41-.192zm0 9v-3.932a.25.25 0 0 1 .41-.192l2.36 1.966c.12.1.12.284 0 .384l-2.36 1.966a.25.25 0 0 1-.41-.192z" />
</svg></a>
@endif
<a href="#" id="nav-search-btn-guest" title="Search"><svg xmlns="http://www.w3.org/2000/svg" width="13"
height="13" fill="currentColor" viewBox="0 0 16 16">
<path
d="M11.742 10.344a6.5 6.5 0 1 0-1.397 1.398h-.001c.03.04.062.078.098.115l3.85 3.85a1 1 0 0 0 1.415-1.414l-3.85-3.85a1.007 1.007 0 0 0-.115-.1zM12 6.5a5.5 5.5 0 1 1-11 0 5.5 5.5 0 0 1 11 0z" />
</svg></a>
</ol>
</div>
<!-- show pagination only for tags and main page -->

460
views/upload.html
View File

@@ -1,37 +1,439 @@
@include(snippets/header)
<div class="upload">
<h5>Upload</h5>
<p>To add videos to the w0bm catalogue you must join our <a href="https://t.me/+w97TCd988ehkNWEy">Telegram</a> group</p>
<h5>Content Guideline</h5>
<div class="upload-container">
<h2>Upload</h2>
<div class="content-guidelines">
<h4>Content Guideline</h4>
<p>w0bm follows strict principles when it comes to content, please keep this in mind.</p>
<p>We do not want content that</p>
<div class="guidelines-grid">
<div class="guidelines-dont">
<h5>We do not want</h5>
<ul>
<li>glorifies Nazis</li>
<li>sexualizes children and minors</li>
<li>is political</li>
<li>glorifies military</li>
<li>depicts gore</li>
<li>depicts acts of terrorism</li>
<li>depicts violence and cruelty against animals</li>
<li>Content glorifying Nazis</li>
<li>Sexualization of children/minors</li>
<li>Political content</li>
<li>Military glorification</li>
<li>Gore</li>
<li>Acts of terrorism</li>
<li>Violence against animals</li>
</ul>
<p>We want content that</p>
</div>
<div class="guidelines-do">
<h5>We want</h5>
<ul>
<li>is cool</li>
<li>has deeper value</li>
<li>is fun to watch</li>
<li>has a vibe to it</li>
<li>can be looped for 5000 times and doesnt get boring</li>
</ul>
<p>but in general we welcome content that has been curated beforehand by the uploader and believe that they understand the vibe.</p>
<p>Content that is deemed NSFW (Not Safe For Work) MUST be tagged with "nsfw"</p>
<p>This list is subject to change, please review it periodically.</p>
<br>
<h5>How it works</h5>
<ul>
<li>The maximum filesize for direct file upload is 20MB and cannot be exceeded.</li>
<li>There is a much higher limit for non-direct uploads via sending a URL.</li>
<li>You can send a link to the group and put a !f behind it and the bot will pick it up and add it to w0bm.</li>
<li>In the menu below the bots message you can select the rating and additional tags.</li>
<li>Cool content</li>
<li>Deeper value</li>
<li>Fun to watch</li>
<li>Has a vibe to it</li>
<li>Can be looped 5000 times</li>
</ul>
</div>
</div>
</div>
@if(session)
<form id="upload-form" class="upload-form" enctype="multipart/form-data">
<div class="form-section">
<label>Video File <span class="required">*</span></label>
<div class="drop-zone" id="drop-zone">
<input type="file" id="file-input" name="file" accept="video/mp4,video/webm" style="display: none;">
<label for="file-input" class="drop-zone-prompt"
style="cursor: pointer; display: block; width: 100%; height: 100%;">
<svg width="48" height="48" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2">
<path d="M21 15v4a2 2 0 0 1-2 2H5a2 2 0 0 1-2-2v-4"></path>
<polyline points="17 8 12 3 7 8"></polyline>
<line x1="12" y1="3" x2="12" y2="15"></line>
</svg>
<p>Drop your mp4 or webm here<br>or click to browse</p>
</label>
<div class="file-preview" id="file-preview" style="display: none;">
<span class="file-name" id="file-name"></span>
<span class="file-size" id="file-size"></span>
<button type="button" class="btn-remove" id="remove-file"></button>
</div>
</div>
</div>
<div class="form-section">
<label>Rating <span class="required">*</span></label>
<div class="rating-options">
<label class="rating-option">
<input type="radio" name="rating" value="sfw" required>
<span class="rating-label sfw">SFW</span>
</label>
<label class="rating-option">
<input type="radio" name="rating" value="nsfw">
<span class="rating-label nsfw">NSFW</span>
</label>
</div>
</div>
<div class="form-section">
<label>Tags <span class="required">*</span> <span class="tag-count" id="tag-count">(0/3
minimum)</span></label>
<div class="tag-input-container">
<div class="tags-list" id="tags-list"></div>
<input type="text" id="tag-input" placeholder="Type a tag and press Enter" autocomplete="off">
<div class="tag-suggestions" id="tag-suggestions"></div>
</div>
<input type="hidden" name="tags" id="tags-hidden">
</div>
<div class="form-actions">
<button type="submit" id="submit-btn" class="btn-upload" disabled>
<span class="btn-text">3 tags required</span>
<span class="btn-loading" style="display: none;">Uploading...</span>
</button>
</div>
<div class="upload-progress" id="upload-progress" style="display: none;">
<div class="progress-bar">
<div class="progress-fill" id="progress-fill"></div>
</div>
<span class="progress-text" id="progress-text">0%</span>
</div>
<div class="upload-status" id="upload-status"></div>
</form>
@else
<div class="login-required">
<p>You must be logged in to upload content.</p>
<a href="/login" class="btn-login">Login</a>
</div>
@endif
</div>
<style>
.upload-container {
margin: 0px 25px 0px 25px
}
.upload-container h2 {
margin-bottom: 1.5rem;
color: var(--accent);
}
.content-guidelines {
background: rgba(255, 255, 255, 0.03);
border: 1px solid rgba(255, 255, 255, 0.1);
border-radius: 8px;
padding: 1.5rem;
margin-bottom: 2rem;
}
.content-guidelines h4 {
margin-bottom: 0.5rem;
color: var(--accent);
}
.guidelines-grid {
display: grid;
grid-template-columns: 1fr 1fr;
gap: 1.5rem;
margin-top: 1rem;
}
.guidelines-dont h5 {
color: #ff6b6b;
}
.guidelines-do h5 {
color: #51cf66;
}
.guidelines-grid ul {
list-style: none;
padding: 0;
margin: 0.5rem 0 0 0;
}
.guidelines-grid li {
padding: 0.3rem 0;
font-size: 0.9rem;
opacity: 0.8;
}
.upload-form {
display: flex;
flex-direction: column;
gap: 1.5rem;
}
.form-section label {
display: block;
margin-bottom: 0.5rem;
font-weight: 500;
}
.required {
color: #ff6b6b;
}
.drop-zone {
border: 2px dashed rgba(255, 255, 255, 0.2);
border-radius: 8px;
padding: 2rem;
text-align: center;
cursor: pointer;
transition: all 0.2s;
position: relative;
}
.drop-zone:hover,
.drop-zone.dragover {
border-color: var(--accent);
background: rgba(255, 255, 255, 0.02);
}
.drop-zone input[type="file"] {
position: absolute;
top: 0;
left: 0;
width: 100%;
height: 100%;
opacity: 0;
cursor: pointer;
}
.drop-zone-prompt {
color: rgba(255, 255, 255, 0.5);
}
.drop-zone-prompt svg {
margin-bottom: 0.5rem;
}
.file-preview {
display: flex;
align-items: center;
gap: 1rem;
padding: 1rem;
background: rgba(255, 255, 255, 0.05);
border-radius: 4px;
}
.file-name {
font-weight: 500;
flex: 1;
}
.file-size {
opacity: 0.6;
font-size: 0.9rem;
}
.btn-remove {
background: rgba(255, 107, 107, 0.2);
border: none;
color: #ff6b6b;
width: 28px;
height: 28px;
border-radius: 4px;
cursor: pointer;
}
.rating-options {
display: flex;
gap: 1rem;
}
.rating-option {
cursor: pointer;
}
.rating-option input {
display: none;
}
.rating-label {
display: inline-block;
padding: 0.75rem 1.5rem;
border-radius: 4px;
border: 2px solid transparent;
transition: all 0.2s;
}
.rating-label.sfw {
background: rgba(81, 207, 102, 0.1);
border-color: rgba(81, 207, 102, 0.3);
}
.rating-label.nsfw {
background: rgba(255, 107, 107, 0.1);
border-color: rgba(255, 107, 107, 0.3);
}
.rating-option input:checked+.rating-label.sfw {
background: rgba(81, 207, 102, 0.3);
border-color: #51cf66;
}
.rating-option input:checked+.rating-label.nsfw {
background: rgba(255, 107, 107, 0.3);
border-color: #ff6b6b;
}
.tag-input-container {
position: relative;
background: rgba(255, 255, 255, 0.05);
border: 1px solid rgba(255, 255, 255, 0.1);
border-radius: 4px;
padding: 0.5rem;
display: flex;
flex-wrap: wrap;
gap: 0.5rem;
align-items: center;
}
.tags-list {
display: flex;
flex-wrap: wrap;
gap: 0.5rem;
}
.tag-chip {
display: inline-flex;
align-items: center;
gap: 0.3rem;
background: var(--accent);
color: #000;
padding: 0.3rem 0.6rem;
border-radius: 3px;
font-size: 0.9rem;
}
.tag-chip button {
background: none;
border: none;
color: inherit;
cursor: pointer;
padding: 0;
font-size: 1rem;
line-height: 1;
}
#tag-input {
flex: 1;
min-width: 120px;
background: transparent;
border: none;
color: inherit;
padding: 0.5rem;
outline: none;
}
.tag-count {
font-weight: normal;
font-size: 0.85rem;
opacity: 0.7;
}
.tag-count.valid {
color: #51cf66;
}
.tag-suggestions {
position: absolute;
top: 100%;
left: 0;
right: 0;
background: var(--background, #1a1a1a);
border: 1px solid rgba(255, 255, 255, 0.1);
border-radius: 0 0 4px 4px;
max-height: 200px;
overflow-y: auto;
display: none;
z-index: 100;
}
.tag-suggestions.show {
display: block;
}
.tag-suggestion {
padding: 0.5rem 1rem;
cursor: pointer;
}
.tag-suggestion:hover {
background: rgba(255, 255, 255, 0.05);
}
.btn-upload {
background: var(--accent);
color: #000;
border: none;
padding: 1rem 2rem;
border-radius: 4px;
font-size: 1rem;
font-weight: 600;
cursor: pointer;
transition: all 0.2s;
}
.btn-upload:disabled {
background: rgba(255, 255, 255, 0.1);
color: rgba(255, 255, 255, 0.4);
cursor: not-allowed;
}
.btn-upload:not(:disabled):hover {
transform: translateY(-1px);
box-shadow: 0 4px 12px rgba(0, 0, 0, 0.3);
}
.upload-progress {
display: flex;
align-items: center;
gap: 1rem;
}
.progress-bar {
flex: 1;
height: 8px;
background: rgba(255, 255, 255, 0.1);
border-radius: 4px;
overflow: hidden;
}
.progress-fill {
height: 100%;
background: var(--accent);
width: 0%;
transition: width 0.2s;
}
.upload-status {
text-align: center;
padding: 1rem;
}
.upload-status.success {
color: #51cf66;
}
.upload-status.error {
color: #ff6b6b;
}
.login-required {
text-align: center;
padding: 3rem;
background: rgba(255, 255, 255, 0.03);
border-radius: 8px;
}
.btn-login {
display: inline-block;
margin-top: 1rem;
padding: 0.75rem 2rem;
background: var(--accent);
color: #000;
text-decoration: none;
border-radius: 4px;
font-weight: 600;
}
</style>
<script src="/s/js/upload.js"></script>
@include(snippets/footer)