From cc8c2d846348a68c30eea9e8d76496f13e433909 Mon Sep 17 00:00:00 2001 From: calzoneman Date: Mon, 27 May 2013 15:43:37 -0400 Subject: [PATCH] Fixes --- api.js | 4 +-- database.js | 41 +++++++++++++++++++++----- tests/{database-new.js => database.js} | 2 +- 3 files changed, 37 insertions(+), 10 deletions(-) rename tests/{database-new.js => database.js} (97%) diff --git a/api.js b/api.js index 24860ef7..46c27cf2 100644 --- a/api.js +++ b/api.js @@ -292,7 +292,7 @@ function handleGlobalBans(params, req, res) { }); return; } - var result = Database.addGlobalBan(ip, reason); + var result = Database.globalBanIP(ip, reason); sendJSON(res, { success: result, ip: ip, @@ -307,7 +307,7 @@ function handleGlobalBans(params, req, res) { }); return; } - var result = Database.liftGlobalBan(ip); + var result = Database.globalUnbanIP(ip); sendJSON(res, { success: result, ip: ip, diff --git a/database.js b/database.js index c3db84d8..fdc4ef50 100644 --- a/database.js +++ b/database.js @@ -137,6 +137,7 @@ function refreshGlobalBans() { global_bans[rows[i].ip] = rows[i].note; } } + return global_bans; } function globalBanIP(ip, reason) { @@ -169,8 +170,12 @@ function globalUnbanIP(ip) { /* REGION Channel Registration/Loading */ function registerChannel(name) { + if(!name.match(/^[a-zA-Z0-9-_]+$/)) { + return false; + } var db = getConnection(); - if(!db) { return false; + if(!db) { + return false; } // Library table @@ -234,6 +239,9 @@ function registerChannel(name) { } function loadChannel(chan) { + if(!name.match(/^[a-zA-Z0-9-_]+$/)) { + return false; + } var db = getConnection(); if(!db) { return; @@ -309,7 +317,7 @@ function loadChannel(chan) { } function deleteChannel(name) { - if(!/[a-zA-Z0-9-_]+/.test(name)) { + if(!name.match(/^[a-zA-Z0-9-_]+$/)) { return false; } @@ -344,6 +352,9 @@ function deleteChannel(name) { /* REGION Channel data */ function getChannelRank(chan, name) { + if(!chan.match(/^[a-zA-Z0-9-_]+$/)) { + return false; + } var db = getConnection(); if(!db) { return 0; @@ -394,6 +405,9 @@ function getChannelRank(chan, name) { } function setChannelRank(chan, name, rank) { + if(!chan.match(/^[a-zA-Z0-9-_]+$/)) { + return false; + } var db = getConnection(); if(!db) { return false; @@ -413,12 +427,11 @@ function setChannelRank(chan, name, rank) { } function listChannelRanks(chan) { - var db = getConnection(); - if(!db) { + if(!chan.match(/^[a-zA-Z0-9-_]+$/)) { return []; } - - if(!chan.registered) { + var db = getConnection(); + if(!db) { return []; } @@ -429,7 +442,6 @@ function listChannelRanks(chan) { var results = db.querySync(query); if(!results) { - Logger.errlog.log("! Failed to list ranks: " + chan); return []; } @@ -437,6 +449,9 @@ function listChannelRanks(chan) { } function addToLibrary(chan, media) { + if(!chan.match(/^[a-zA-Z0-9-_]+$/)) { + return false; + } var db = getConnection(); if(!db) { return false; @@ -454,6 +469,9 @@ function addToLibrary(chan, media) { } function removeFromLibrary(chan, id) { + if(!chan.match(/^[a-zA-Z0-9-_]+$/)) { + return false; + } var db = getConnection(); if(!db) { return false; @@ -468,6 +486,9 @@ function removeFromLibrary(chan, id) { } function channelBan(chan, ip, name, banby) { + if(!chan.match(/^[a-zA-Z0-9-_]+$/)) { + return false; + } var db = getConnection(); if(!db) { return false; @@ -485,6 +506,9 @@ function channelBan(chan, ip, name, banby) { } function channelUnbanIP(chan, ip) { + if(!chan.match(/^[a-zA-Z0-9-_]+$/)) { + return false; + } var db = getConnection(); if(!db) { return false; @@ -499,6 +523,9 @@ function channelUnbanIP(chan, ip) { } function channelUnbanName(chan, name) { + if(!chan.match(/^[a-zA-Z0-9-_]+$/)) { + return false; + } var db = getConnection(); if(!db) { return false; diff --git a/tests/database-new.js b/tests/database.js similarity index 97% rename from tests/database-new.js rename to tests/database.js index 8b9a5b17..d3ef1a39 100644 --- a/tests/database-new.js +++ b/tests/database.js @@ -1,4 +1,4 @@ -var Database = require("../database-new"); +var Database = require("../database"); Database.setup(require("../config-testing")); var assert = require("assert"); var db = Database.getConnection();