\r
var resource = require("./resources.js");\r
var config = require("./configure.js");\r
-var lazy = require("./lazy.js");\r
var security = require("./security.js");\r
+var lazy = require("lazy");\r
var fs = require("fs");\r
var async = require("async");\r
var path = require("path");\r
var room_number = 0;\r
if(typeof(req.query.rno) != "undefined")\r
room_number = req.query.rno;\r
- res.render("chat",{rno:room_number,token:info.token});\r
+ res.render("chat",{rno:room_number,token:req.session._csrf});\r
}\r
\r
function auth_proc(user, pass) {\r
}\r
\r
function admin_postproc(req,res){\r
- if(req.session.items.token != req.body.token)\r
- {\r
- res.send(resource.invaild_token_message);\r
- return;\r
- }\r
if(typeof(req.body.erase) != "undefined")\r
{\r
removeLog(req.body.file,function(){\r
}\r
if(typeof(req.body.updateroom) != "undefined")\r
{\r
- $rooms.Update(req.body.newroomlist,function(){\r
+ $rooms.Update(req.body,function(){\r
res.redirect("/admin");\r
});\r
}\r
var iplist = ipbanlist.GetText();\r
\r
fs.readdir($log_directory,function(err,list){\r
+ res.setHeader("X-FRAME-OPTIONS","DENY");\r
res.render("admin", {\r
files: list,\r
log_directory:$log_directory,\r
ipbanlist:iplist,\r
- token:info.token,\r
- roomlist:$rooms.GetString()\r
+ token:req.session._csrf,\r
+ roomlist:$rooms.GetMessage()\r
});\r
});\r
}\r
this.IsContains = function(rno){\r
return rno in collection;\r
};\r
- this.GetString = function(){\r
- var retval = "";\r
+ this.GetMessage = function(){\r
+ var retval = new Array();\r
for(var rno in collection)\r
{\r
- if($rooms.Get(rno).IsVolatile())\r
- continue;\r
- var pass = collection[rno].password;\r
- if(pass == null)\r
- pass = "";\r
- var hiddenlog = collection[rno].hiddenlog;\r
- retval += rno + ":" + pass + ":" + hiddenlog + "\r\n";\r
+ item={};\r
+ item.applyflag = !$rooms.Get(rno).IsVolatile();\r
+ item.password = collection[rno].password;\r
+ if(item.password == null)\r
+ item.password = "";\r
+ item.hiddenlog = collection[rno].hiddenlog;\r
+ retval.push(item);\r
}\r
return retval;\r
};\r
}\r
return retval;\r
}\r
- this.Update = function(text,callfunc){\r
+ this.Update = function(data,callfunc){\r
Clear();\r
async.waterfall([\r
function(next){\r
pool.query("TRUNCATE TABLE rooms",null,next);\r
},\r
function(result,next){\r
- lines = text.split("\r\n");\r
+ console.log(util.inspect(data));\r
var items = new Array();\r
- for(var i = 0; i < lines.length; i++)\r
+ var config = data.config;\r
+ for(var i = 0; i < config.length; i++)\r
{\r
- if(lines[i] == "")\r
+ var rno = Number(config[i].applyflag);\r
+ if(isNaN(rno))\r
continue;\r
- var token = lines[i].split(":");\r
- if(token.length == 1)\r
- {\r
- Add(token[0],null,false);\r
- items.push(new Array(token[0],null,false));\r
- }\r
- else if(token.length == 2)\r
- {\r
- var rno = token[0];\r
- var pass = token[1];\r
- if(pass == "")\r
- pass = null;\r
- Add(rno, pass,false);\r
- items.push(new Array(token[0],pass,false));\r
- }\r
- else if(token.length == 3)\r
- {\r
- var rno = token[0];\r
- var pass = token[1];\r
- if(pass == "")\r
- pass = null;\r
- var hiddenlog = false;\r
- if(token[2] == "true")\r
- hiddenlog = true;\r
- Add(rno, pass,hiddenlog);\r
- items.push(new Array(token[0],pass,hiddenlog));\r
- }\r
+ var password,romonly;\r
+ if(typeof(config[rno].password)=="undefined")\r
+ password = null;\r
+ else if(config[rno].password == "")\r
+ password = null;\r
+ else\r
+ password = config[rno].password;\r
+ if(typeof(config[rno].hiddenlog)=="undefined")\r
+ romonly = false;\r
+ else\r
+ romonly = config[rno].hiddenlog == "romonly";\r
+\r
+ Add(rno,password,romonly);\r
+ items.push(new Array(rno,password,romonly));\r
}\r
pool.query("INSERT INTO rooms VALUES ?",[items],callfunc);\r
}\r
result = "failed get from session store";\r
else if(err)\r
result = err;\r
- else if(handshakeData.query.token != session.items.token)\r
+ else if(handshakeData.query.token != session._csrf)\r
result = "invaild token";\r
if(typeof(session) != "undefined" && result == null)\r
handshakeData.sessionID = sessionID;\r
OSDN Git Service
