mirror of
https://github.com/Eggbertx/gochan.git
synced 2025-09-05 11:06:23 -07:00
Make appeals work
This commit is contained in:
Eggbertx
parent
7e5a78fa8c
commit
17a326bc17
5 changed files with 91 additions and 16 deletions
|
|
@ -135,7 +135,6 @@ func initServer() {
|
|||
fmt.Println("Got error when initializing Akismet spam protection, it will be disabled:", err)
|
||||
}
|
||||
|
||||
// server.namespaces["banned"] = posting.BanHandler
|
||||
server.namespaces["captcha"] = posting.ServeCaptcha
|
||||
server.namespaces["manage"] = manage.CallManageFunction
|
||||
server.namespaces["post"] = posting.MakePost
|
||||
|
|
|
|||
|
|
@ -108,6 +108,12 @@ func GetIPBans(boardID int, limit int, onlyActive bool) ([]IPBan, error) {
|
|||
return bans, nil
|
||||
}
|
||||
|
||||
func (ipb *IPBan) Appeal(msg string) error {
|
||||
const query = `INSERT INTO DBPREFIXip_ban_appeals (ip_ban_id, appeal_text, is_denied) VALUES(?, ?, FALSE)`
|
||||
_, err := ExecSQL(query, ipb.ID, msg)
|
||||
return err
|
||||
}
|
||||
|
||||
// IsGlobalBan returns true if BoardID is a nil int, meaning they are banned on all boards, as opposed to a specific one
|
||||
func (ipb IPBan) IsGlobalBan() bool {
|
||||
return ipb.BoardID == nil
|
||||
|
|
|
|||
|
|
@ -2,13 +2,17 @@ package posting
|
|||
|
||||
import (
|
||||
"bytes"
|
||||
"fmt"
|
||||
"net/http"
|
||||
"strconv"
|
||||
"time"
|
||||
|
||||
"github.com/gochan-org/gochan/pkg/config"
|
||||
"github.com/gochan-org/gochan/pkg/gcsql"
|
||||
"github.com/gochan-org/gochan/pkg/gctemplates"
|
||||
"github.com/gochan-org/gochan/pkg/gcutil"
|
||||
"github.com/gochan-org/gochan/pkg/serverutil"
|
||||
"github.com/rs/zerolog"
|
||||
)
|
||||
|
||||
func showBanpage(ban gcsql.Ban, banType string, upload *gcsql.Upload, post *gcsql.Post, postBoard *gcsql.Board, writer http.ResponseWriter, request *http.Request) {
|
||||
|
|
@ -64,19 +68,6 @@ func showBanpage(ban gcsql.Ban, banType string, upload *gcsql.Upload, post *gcsq
|
|||
}
|
||||
}
|
||||
|
||||
// func BanHandler(writer http.ResponseWriter, request *http.Request) {
|
||||
// ip := gcutil.GetRealIP(request)
|
||||
// ipBan, err := gcsql.CheckIPBan(ip, 0)
|
||||
// if err != nil {
|
||||
// gcutil.LogError(err).
|
||||
// Str("IP", ip).
|
||||
// Msg("Error checking IP banned status (/banned request)")
|
||||
// serverutil.ServeErrorPage(writer, "Error checking banned status: "+err.Error())
|
||||
// return
|
||||
// }
|
||||
|
||||
// }
|
||||
|
||||
// checks the post for spam. It returns true if a ban page or an error page was served (causing MakePost() to return)
|
||||
func checkIpBan(post *gcsql.Post, postBoard *gcsql.Board, writer http.ResponseWriter, request *http.Request) bool {
|
||||
ipBan, err := gcsql.CheckIPBan(post.IP, postBoard.ID)
|
||||
|
|
@ -153,3 +144,74 @@ func checkChecksumBan(upload *gcsql.Upload, post *gcsql.Post, postBoard *gcsql.B
|
|||
showBanpage(fileBan, "checksum", upload, post, postBoard, writer, request)
|
||||
return true
|
||||
}
|
||||
|
||||
func handleAppeal(writer http.ResponseWriter, request *http.Request, errEv *zerolog.Event) {
|
||||
banIDstr := request.FormValue("banid")
|
||||
if banIDstr == "" {
|
||||
errEv.Caller().Msg("Appeal sent without banid field")
|
||||
serverutil.ServeErrorPage(writer, "Missing banid value")
|
||||
return
|
||||
}
|
||||
appealMsg := request.FormValue("appealmsg")
|
||||
if appealMsg == "" {
|
||||
errEv.Caller().Msg("Missing appealmsg value")
|
||||
serverutil.ServeErrorPage(writer, "Missing or empty appeal")
|
||||
return
|
||||
}
|
||||
banID, err := strconv.Atoi(banIDstr)
|
||||
if err != nil {
|
||||
errEv.Err(err).
|
||||
Str("banIDstr", banIDstr).Caller().Send()
|
||||
serverutil.ServeErrorPage(writer, fmt.Sprintf("Invalid banid value %q", banIDstr))
|
||||
return
|
||||
}
|
||||
errEv.Int("banID", banID)
|
||||
ban, err := gcsql.GetIPBanByID(banID)
|
||||
if err != nil {
|
||||
errEv.Err(err).
|
||||
Caller().Send()
|
||||
serverutil.ServeErrorPage(writer, "Error getting ban info: "+err.Error())
|
||||
return
|
||||
}
|
||||
if ban == nil {
|
||||
errEv.Caller().Msg("GetIPBanByID returned a nil ban (presumably not banned)")
|
||||
serverutil.ServeErrorPage(writer, fmt.Sprintf("Invalid banid %d", banID))
|
||||
return
|
||||
}
|
||||
if ban.IP != gcutil.GetRealIP(request) {
|
||||
errEv.Caller().
|
||||
Str("banIP", ban.IP).
|
||||
Msg("User tried to appeal a ban from a different IP")
|
||||
serverutil.ServeErrorPage(writer, fmt.Sprintf("Invalid banid %d", banID))
|
||||
return
|
||||
}
|
||||
if !ban.IsActive {
|
||||
errEv.Caller().Msg("Requested ban is not active")
|
||||
serverutil.ServeErrorPage(writer, "Requested ban is not active")
|
||||
return
|
||||
}
|
||||
if !ban.CanAppeal {
|
||||
errEv.Caller().Msg("Rejected appeal submission, appeals denied for this ban")
|
||||
serverutil.ServeErrorPage(writer, "You can not appeal this ban")
|
||||
}
|
||||
if ban.AppealAt.After(time.Now()) {
|
||||
errEv.Caller().
|
||||
Time("appealAt", ban.AppealAt).
|
||||
Msg("Rejected appeal submission, can't appeal yet")
|
||||
serverutil.ServeErrorPage(writer, "You are not able to appeal this ban until "+ban.AppealAt.Format(config.GetBoardConfig("").DateTimeFormat))
|
||||
}
|
||||
if err = ban.Appeal(appealMsg); err != nil {
|
||||
errEv.Err(err).
|
||||
Str("appealMsg", appealMsg).
|
||||
Caller().Msg("Unable to submit appeal")
|
||||
serverutil.ServeErrorPage(writer, "Unable to submit appeal")
|
||||
return
|
||||
}
|
||||
board := request.FormValue("board")
|
||||
gcutil.LogInfo().
|
||||
Str("IP", gcutil.GetRealIP(request)).
|
||||
Int("banID", banID).
|
||||
Str("board", board).
|
||||
Msg("Appeal submitted")
|
||||
http.Redirect(writer, request, config.WebPath(request.FormValue("board")), http.StatusFound)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -59,6 +59,12 @@ func MakePost(writer http.ResponseWriter, request *http.Request) {
|
|||
http.Redirect(writer, request, systemCritical.WebRoot, http.StatusFound)
|
||||
return
|
||||
}
|
||||
|
||||
if request.FormValue("doappeal") != "" {
|
||||
handleAppeal(writer, request, errEv)
|
||||
return
|
||||
}
|
||||
|
||||
wantsJSON := serverutil.IsRequestingJSON(request)
|
||||
post.IP = gcutil.GetRealIP(request)
|
||||
var err error
|
||||
|
|
|
|||
|
|
@ -28,9 +28,11 @@
|
|||
{{if .ban.Permanent}}<b>not expire</b>{{else}}expire on <b>{{$expires_timestamp}}</b>{{end}}.<br />
|
||||
Your IP address is <b>{{.ban.IP}}</b>.<br /><br />
|
||||
{{if .ban.CanAppeal}}You may appeal this ban:<br />
|
||||
<form id="appeal-form" action="/banned" method="POST">
|
||||
<form id="appeal-form" action="/post" method="POST">
|
||||
<input type="hidden" name="board" value="{{.board.Dir}}">
|
||||
<input type="hidden" name="banid" value="{{.ban.ID}}">
|
||||
<textarea rows="4" cols="48" name="appealmsg" id="postmsg" placeholder="Appeal message"></textarea><br />
|
||||
<input type="submit" value="Submit" /><br />
|
||||
<input type="submit" name="doappeal" value="Submit" /><br />
|
||||
</form>{{else}}You may <b>not</b> appeal this ban.<br />{{end}}
|
||||
</div>{{if bannedForever .ban}}
|
||||
<img id="banpage-image" src="{{webPath "permabanned.jpg"}}" style="float:right; margin: 4px 8px 8px 4px"/><br />
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue