diff --git a/lib/user.js b/lib/user.js index 0fe5872d..800dd699 100644 --- a/lib/user.js +++ b/lib/user.js @@ -34,8 +34,6 @@ var User = function (socket) { afk: false, icon: false }; - this.throttle = {}; - this.flooded = {}; this.queueLimiter = $util.newRateLimiter(); this.chatLimiter = $util.newRateLimiter(); this.profile = { @@ -59,38 +57,6 @@ User.prototype.inPendingChannel = function () { return this.pendingChannel != null && !this.pendingChannel.dead; }; -// Throttling/cooldown -User.prototype.noflood = function (name, hz) { - var time = new Date().getTime(); - if (!(name in this.throttle)) { - this.throttle[name] = [time]; - return false; - } else if (name in this.flooded && time < this.flooded[name]) { - this.socket.emit("noflood", { - action: name, - msg: "You're still on cooldown!" - }); - return true; - } else { - this.throttle[name].push(time); - var diff = (time - this.throttle[name][0]) / 1000.0; - // Twice might be an accident, more than that is probably spam - if (this.throttle[name].length > 2) { - var rate = this.throttle[name].length / diff; - this.throttle[name] = [time]; - if (rate > hz) { - this.flooded[name] = time + 5000; - this.socket.emit("noflood", { - action: name, - msg: "Stop doing that so fast! Cooldown: 5s" - }); - return true; - } - return false; - } - } -}; - User.prototype.setAFK = function (afk) { if (!this.inChannel()) return; @@ -149,8 +115,9 @@ User.prototype.initCallbacks = function () { self.socket.on("joinChannel", function (data) { data = (typeof data !== "object") ? {} : data; - if (self.inChannel() || self.inPendingChannel()) + if (self.inChannel() || self.inPendingChannel()) { return; + } if (typeof data.name != "string") { return; } @@ -166,6 +133,7 @@ User.prototype.initCallbacks = function () { self.pendingChannel = self.server.getChannel(data.name); if (self.loggedIn) { // TODO fix + // I'm not sure what I meant by "fix", but I suppose I'll find out soon self.pendingChannel.getRank(self.name, function (err, rank) { if (!err && rank > self.rank) self.rank = rank; @@ -187,6 +155,8 @@ User.prototype.initCallbacks = function () { var session = (typeof data.session === "string") ? data.session : ""; if (pw.length > 100) pw = pw.substring(0, 100); + if (session.length > 64) + session = session.substring(0, 64); if (self.loggedIn) return; @@ -342,6 +312,10 @@ User.prototype.initCallbacks = function () { if (typeof data.query !== "string") { return; } + // Soft limit to prevent someone from making a massive query + if (data.query.length > 255) { + return; + } if (data.source === "yt") { var searchfn = InfoGetter.Getters.ytSearch; searchfn(data.query.split(" "), function (e, vids) { @@ -526,6 +500,10 @@ User.prototype.initCallbacks = function () { if (typeof data.name !== "string") { return; } + // Soft limit to prevent someone from saving a list with a massive name + if (data.name.length > 200) { + data.name = data.name.substring(0, 200); + } if (self.rank < 1) { self.socket.emit("savePlaylist", { success: false,