Fixed eval and added a public mode
This commit is contained in:
Tanner Reynolds
parent
1c24a587bd
commit
faa48935bc
|
|
@ -25,62 +25,46 @@ module.exports = {
|
|||
});
|
||||
if (evaled.length > 1000) {
|
||||
let output = clean(evaled).charLimitSplit(1000);
|
||||
return msg.channel.createMessage({
|
||||
embed: {
|
||||
color: 0x36393E,
|
||||
fields: [{
|
||||
name: "Input",
|
||||
value: `\`\`\`JS\n${code}\`\`\``
|
||||
}, {
|
||||
name: "Output",
|
||||
value: `\`\`\`JS\n${clean(output[0])} | ... |\`\`\``
|
||||
}]
|
||||
}
|
||||
});
|
||||
return success(code, output[0])
|
||||
} else {
|
||||
return msg.channel.createMessage({
|
||||
embed: {
|
||||
color: 0x36393E,
|
||||
fields: [{
|
||||
name: "Input",
|
||||
value: `\`\`\`JS\n${code}\`\`\``
|
||||
}, {
|
||||
name: "Output",
|
||||
value: `\`\`\`JS\n${clean(evaled)}\`\`\``
|
||||
}]
|
||||
}
|
||||
});
|
||||
return success(code, clean(evaled))
|
||||
}
|
||||
} catch (err) {
|
||||
if (err.length > 1000) {
|
||||
let error = err.charLimitSplit(1000);
|
||||
return msg.channel.createMessage({
|
||||
embed: {
|
||||
color: 0x36393E,
|
||||
fields: [{
|
||||
name: "Input",
|
||||
value: `\`\`\`JS\n${code}\`\`\``
|
||||
}, {
|
||||
name: "Error Output",
|
||||
value: `\`\`\`JS\n${error[0]} | ... |\`\`\``
|
||||
}]
|
||||
}
|
||||
});
|
||||
let errorSplit = err.charLimitSplit(1000);
|
||||
return error(code, errorSplit)
|
||||
} else {
|
||||
return msg.channel.createMessage({
|
||||
embed: {
|
||||
color: 0x36393E,
|
||||
fields: [{
|
||||
name: "Input",
|
||||
value: `\`\`\`JS\n${code}\`\`\``
|
||||
}, {
|
||||
name: "Error Output",
|
||||
value: `\`\`\`JS\n${clean(err)}\`\`\``
|
||||
}]
|
||||
}
|
||||
});
|
||||
return error(code, clean(err))
|
||||
}
|
||||
}
|
||||
async function success(input, output) {
|
||||
msg.channel.createMessage({
|
||||
embed: {
|
||||
color: 0x36393E,
|
||||
fields: [{
|
||||
name: "Input",
|
||||
value: `\`\`\`JS\n${input}\`\`\``
|
||||
}, {
|
||||
name: "Output",
|
||||
value: `\`\`\`JS\n${output} | ... |\`\`\``
|
||||
}]
|
||||
}
|
||||
});
|
||||
}
|
||||
async function error(input, output) {
|
||||
msg.channel.createMessage({
|
||||
embed: {
|
||||
color: 0x36393E,
|
||||
fields: [{
|
||||
name: "Input",
|
||||
value: `\`\`\`JS\n${input}\`\`\``
|
||||
}, {
|
||||
name: "Error Output",
|
||||
value: `\`\`\`JS\n${output}\`\`\``
|
||||
}]
|
||||
}
|
||||
});
|
||||
}
|
||||
function clean(text) {
|
||||
if (typeof(text) === "string") {
|
||||
text = text.replace(/`/g, "`" + String.fromCharCode(8203)).replace(/@/g, "@" + String.fromCharCode(8203));
|
||||
|
|
|
|||
|
|
@ -1,5 +1,6 @@
|
|||
{
|
||||
"key": "",
|
||||
"public": false,
|
||||
"maxUploadSize": 50,
|
||||
"markdown": true,
|
||||
"port": 80,
|
||||
|
|
|
|||
|
|
@ -14,14 +14,18 @@ async function files(req, res) {
|
|||
let form = new formidable.IncomingForm()
|
||||
form.parse(req, (err, fields, files) => {
|
||||
let userIP = req.headers["x-forwarded-for"] || req.connection.remoteAddress || req.socket.remoteAddress || req.connection.socket.remoteAddress
|
||||
usingUploader = false
|
||||
if(fields.passwordUploader && !fields.key) usingUploader = true
|
||||
if (!this.auth(this.c.key, fields.key) && usingUploader === false) {
|
||||
let usingUploader = false
|
||||
if(files.fdataUploader && !fields.key) {
|
||||
usingUploader = true
|
||||
files.fdata = files.fdataUploader
|
||||
}
|
||||
if (!this.auth(this.c.key, fields.key, this.c) && usingUploader === false) {
|
||||
res.statusCode = 401
|
||||
res.write("Unauthorized");
|
||||
res.end();
|
||||
return this.log.warning(`Unauthorized User | File Upload | ${userIP}`)
|
||||
} else if(!this.auth(this.c.key, fields.passwordUploader) && usingUploader === true) {
|
||||
} else if(!this.auth(this.c.key, fields.password, this.c) && usingUploader === true) {
|
||||
this.log.warning(this.auth(this.c.key, fields.password, this.c))
|
||||
res.statusCode = 401
|
||||
res.redirect("/upload?error=Incorrect_Password")
|
||||
res.end()
|
||||
|
|
|
|||
|
|
@ -8,7 +8,7 @@ async function post(req, res) {
|
|||
let userIP = req.headers["x-forwarded-for"] || req.connection.remoteAddress || req.socket.remoteAddress || req.connection.socket.remoteAddress
|
||||
res.setHeader("Content-Type", "text/html");
|
||||
let password = this.c.admin.key
|
||||
if (!this.auth(password, req.body.password)) {
|
||||
if (!this.auth(password, req.body.password, {public: false, admin: {key: this.c.admin.key}})) {
|
||||
res.statusCode = 401
|
||||
res.render("unauthorized")
|
||||
res.end();
|
||||
|
|
|
|||
|
|
@ -8,7 +8,7 @@ async function paste(req, res) {
|
|||
let form = new formidable.IncomingForm()
|
||||
form.parse(req, (err, fields, files) => {
|
||||
let userIP = req.headers["x-forwarded-for"] || req.connection.remoteAddress || req.socket.remoteAddress || req.connection.socket.remoteAddress
|
||||
if (!this.auth(this.c.key, fields.key)) {
|
||||
if (!this.auth(this.c.key, fields.key, this.c)) {
|
||||
res.statusCode = 401
|
||||
res.write("Unauthorized");
|
||||
res.end();
|
||||
|
|
|
|||
|
|
@ -5,7 +5,7 @@ async function shortener(req, res) {
|
|||
let form = new formidable.IncomingForm()
|
||||
form.parse(req, (err, fields, files) => {
|
||||
let userIP = req.headers["x-forwarded-for"] || req.connection.remoteAddress || req.socket.remoteAddress || req.connection.socket.remoteAddress
|
||||
if (!this.auth(this.c.key, fields.key)) {
|
||||
if (!this.auth(this.c.key, fields.key, this.c)) {
|
||||
res.statusCode = 401
|
||||
res.write("Unauthorized");
|
||||
res.end();
|
||||
|
|
|
|||
|
|
@ -1,7 +1,6 @@
|
|||
async function upload(req, res) {
|
||||
res.setHeader("Content-Type", "text/html")
|
||||
res.statusCode = 200
|
||||
res.render("upload")
|
||||
res.end()
|
||||
res.render("upload", {public: this.c.public})
|
||||
}
|
||||
module.exports = upload
|
||||
|
|
@ -51,8 +51,10 @@
|
|||
<form action="/api/files" method="post" style="background-color: rgb(51,51,51);" enctype="multipart/form-data" name="fdataForm">
|
||||
<h2 class="sr-only">Upload Form</h2>
|
||||
<div class="illustration"><i class="fa fa-photo" style="color: rgb(230,94,94);"></i></div>
|
||||
<div class="form-group"><input class="form-control" type="password" name="passwordUploader" placeholder="Password" id="passwordUploader" style="background-color: rgb(51,51,51);"></div>
|
||||
<div class = "form-group"><input type="file" id="fdata" name="fdata" required/></div>
|
||||
<% if(!public) { %>
|
||||
<div class="form-group"><input class="form-control" type="password" name="password" placeholder="Password" id="password" style="background-color: rgb(51,51,51);"></div>
|
||||
<% } %>
|
||||
<div class = "form-group"><input type="file" id="fdataUploader" name="fdataUploader" required/></div>
|
||||
<div class="form-group"><button class="btn btn-primary btn-block" type="submit" style="background-color: rgb(230,94,94);">Upload</button></div>
|
||||
</form>
|
||||
</div>
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
const c = require(`${__dirname}/../config.json`)
|
||||
function auth(myKey, givenKey) {
|
||||
function auth(myKey, givenKey, c) {
|
||||
if(c.public === true) return true
|
||||
if (myKey !== null && myKey && myKey !== undefined && givenKey !== myKey && givenKey !== c.admin.key) {
|
||||
return false
|
||||
} else {
|
||||
|
|
|
|||
Loading…
Reference in New Issue