Merge master into dev

This commit is contained in:
calzoneman 2013-07-03 16:06:13 -04:00
commit 860d81afbc
5 changed files with 10 additions and 5 deletions

View File

@ -26,6 +26,7 @@ var ChatCommand = require("./chatcommand.js");
var Filter = require("./filter.js").Filter;
var ActionLog = require("./actionlog");
var Playlist = require("./playlist");
var sanitize = require("validator").sanitize;
var Channel = function(name) {
Logger.syslog.log("Opening channel " + name);
@ -1574,6 +1575,7 @@ Channel.prototype.tryUpdateFilter = function(user, f) {
var re = f.source;
var flags = f.flags;
f.replace = sanitize(f.replace).xss();
try {
new RegExp(re, flags);
}
@ -1676,6 +1678,7 @@ Channel.prototype.trySetJS = function(user, data) {
Channel.prototype.updateMotd = function(motd) {
var html = motd.replace(/\n/g, "<br>");
html = sanitize(html).xss();
//html = this.filterMessage(html);
this.motd = {
motd: motd,
@ -1762,8 +1765,7 @@ Channel.prototype.filterMessage = function(msg) {
Channel.prototype.sendMessage = function(username, msg, msgclass, data) {
// I don't want HTML from strangers
msg = msg.replace(/&/g, "&amp;");
msg = msg.replace(/</g, "&lt;").replace(/>/g, "&gt;");
msg = sanitize(msg).escape();
msg = this.filterMessage(msg);
var msgobj = {
username: username,

View File

@ -12,6 +12,7 @@
"mysql-libmysqlclient": "*",
"node_hash": "*",
"bcrypt": "*",
"nodemailer": "*"
"nodemailer": "*",
"validator": "*"
}
}

View File

@ -106,8 +106,9 @@ Callbacks = {
setMotd: function(data) {
CHANNEL.motd = data.html;
CHANNEL.motd_text = data.motd;
$("#motd").html(data.html);
$("#motdtext").val(CHANNEL.motd);
$("#motdtext").val(CHANNEL.motd_text);
if(data.motd != "")
$("#motd").show();
else

View File

@ -29,6 +29,7 @@ var CHANNEL = {
css: "",
js: "",
motd: "",
motd_text: "",
name: false
};

View File

@ -788,7 +788,7 @@ function handleModPermissions() {
$("#opt_voteskip_ratio").val(CHANNEL.opts.voteskip_ratio);
$("#csstext").val(CHANNEL.css);
$("#jstext").val(CHANNEL.js);
$("#motdtext").val(CHANNEL.motd);
$("#motdtext").val(CHANNEL.motd_text);
setVisible("#permedit_tab", CLIENT.rank >= 3);
setVisible("#banlist_tab", hasPermission("ban"));
setVisible("#motdedit_tab", hasPermission("motdedit"));