From 92a4ff638f51f57f24e2e5065d0cdea7e3d2b129 Mon Sep 17 00:00:00 2001 From: Joshua Merrell Date: Thu, 28 Dec 2017 11:34:26 -0800 Subject: [PATCH] move getCountryCode() to util.go and remove now unnecessary geoip.go --- src/geoip.go | 16 ---------------- src/util.go | 40 +++++++++++++++++++++++++++------------- 2 files changed, 27 insertions(+), 29 deletions(-) delete mode 100644 src/geoip.go diff --git a/src/geoip.go b/src/geoip.go deleted file mode 100644 index 34d7c4ba..00000000 --- a/src/geoip.go +++ /dev/null @@ -1,16 +0,0 @@ -package main - -import ( - "github.com/nranchev/go-libGeoIP" -) - -func getCountryCode(ip string) (string, error) { - if config.EnableGeoIP && config.GeoIPDBlocation != "" { - gi, err := libgeo.Load(config.GeoIPDBlocation) - if err != nil { - return "", err - } - return gi.GetLocationByIP(ip).CountryCode, nil - } - return "", nil -} diff --git a/src/util.go b/src/util.go index 3c05392d..2e7260cd 100644 --- a/src/util.go +++ b/src/util.go @@ -4,6 +4,7 @@ import ( "crypto/md5" "crypto/sha1" "fmt" + "html" "io" "io/ioutil" "math/rand" @@ -15,6 +16,7 @@ import ( "strings" "time" + "github.com/nranchev/go-libGeoIP" "golang.org/x/crypto/bcrypt" ) @@ -111,7 +113,7 @@ func getBoardArr(parameterList map[string]interface{}, extra string) (boards []B } queryString += fmt.Sprintf(" %s ORDER BY `order`", extra) - printf(1, "queryString@getBoardArr: %s\n", queryString) + printf(2, "queryString@getBoardArr: %s\n", queryString) stmt, err := db.Prepare(queryString) defer func() { @@ -188,7 +190,7 @@ func getPostArr(parameterList map[string]interface{}, extra string) (posts []int } queryString += " " + extra // " ORDER BY `order`" - printf(1, "queryString@getPostArr queryString: %s\n", queryString) + printf(2, "queryString@getPostArr queryString: %s\n", queryString) stmt, err := db.Prepare(queryString) defer func() { @@ -262,6 +264,17 @@ func getCookie(name string) *http.Cookie { return nil } +func getCountryCode(ip string) (string, error) { + if config.EnableGeoIP && config.GeoIPDBlocation != "" { + gi, err := libgeo.Load(config.GeoIPDBlocation) + if err != nil { + return "", err + } + return gi.GetLocationByIP(ip).CountryCode, nil + } + return "", nil +} + func generateSalt() string { salt := make([]byte, 3) salt[0] = chars[rand.Intn(86)] @@ -290,15 +303,6 @@ func getFormattedFilesize(size float32) string { return fmt.Sprintf("%0.2fGB", size/1024/1024/1024) } -func getSQLDateTime() string { - now := time.Now() - return now.Format(mysql_datetime_format) -} - -func getSpecificSQLDateTime(t time.Time) string { - return t.Format(mysql_datetime_format) -} - func humanReadableTime(t time.Time) string { return t.Format(config.DateTimeFormat) } @@ -363,6 +367,16 @@ func reverse(arr []interface{}) (reversed []interface{}) { return } +// sanitize/escape HTML strings in a post. This should be run immediately before +// the post is inserted into the database +func sanitizeHTML(post PostTable) PostTable { + sanitized := post + html.EscapeString(sanitized.Name) + html.EscapeString(sanitized.Email) + html.EscapeString(sanitized.Subject) + return sanitized +} + func searchStrings(item string, arr []string, permissive bool) int { for i, str := range arr { if item == str { @@ -373,14 +387,14 @@ func searchStrings(item string, arr []string, permissive bool) int { } func bToI(b bool) int { - if b == true { + if b { return 1 } return 0 } func bToA(b bool) string { - if b == true { + if b { return "1" } return "0"