diff --git a/db-models/posts.js b/db-models/posts.js index 573a130a..661b3bdd 100644 --- a/db-models/posts.js +++ b/db-models/posts.js @@ -80,13 +80,13 @@ module.exports = { }, - getPost: async (board, id) => { + getPost: async (board, id, salt) => { // get a post return db.collection(board).findOne({ '_id': id }, { - 'projection': { 'salt': 0 } //projection to hide salts + 'projection': { 'salt': salt || false } //projection to hide salts }); }, diff --git a/models/api/delete-post.js b/models/api/delete-post.js index 4c80c574..bb4f1f32 100644 --- a/models/api/delete-post.js +++ b/models/api/delete-post.js @@ -14,7 +14,7 @@ module.exports = async (req, res) => { posts = await Posts.getPosts(req.params.board, req.body.checked); } catch (err) { console.error(err); - return res.status(500).json({ 'message': 'Error fetching from DB' }); + return res.status(500).render('error'); } //filter it to ones that match the password @@ -42,7 +42,7 @@ module.exports = async (req, res) => { deletedPosts = result.deletedCount; } catch (err) { console.error(err); - return res.status(500).json({ 'message': 'Error deleting posts from DB' }); + return res.status(500).render('error'); } //get filenames from all the posts @@ -61,9 +61,16 @@ module.exports = async (req, res) => { })); //hooray! - return res.json({ 'message': `deleted ${threadIds.length} threads and ${deletedPosts} posts` }) + return res.render('message', { + 'message': `deleted ${threadIds.length} threads and ${deletedPosts} posts`, + 'redirect': `/${req.params.board}` + }); } - return res.status(403).json({ 'message': 'Password did not match any selected posts' }) + return res.render('message', { + 'message': 'Password did not match any selected posts', + 'redirect': `/${req.params.board}` + }); + } diff --git a/models/api/make-post.js b/models/api/make-post.js index 3a2ecc66..84c9e0af 100644 --- a/models/api/make-post.js +++ b/models/api/make-post.js @@ -19,13 +19,16 @@ module.exports = async (req, res, numFiles) => { if (req.body.thread) { let thread; try { - thread = await Posts.getPost(req.params.board, req.body.thread); + thread = await Posts.getPost(req.params.board, req.body.thread, true); } catch (err) { console.error(err); - return res.status(500).json({ 'message': 'Error fetching from DB' }); + return res.status(500).render('error'); } if (!thread || thread.thread != null) { - return res.status(400).json({ 'message': 'thread does not exist' }) + return res.status(400).render('message', { + 'message': 'Thread does not exist.', + 'redirect': `/${req.params.board}` + }) } salt = thread.salt; } @@ -36,7 +39,10 @@ module.exports = async (req, res, numFiles) => { // check all mime types befoer we try saving anything for (let i = 0; i < numFiles; i++) { if (!fileCheckMimeType(req.files.file[i].mimetype)) { - return res.status(400).json({ 'message': 'Invalid file type' }); + return res.status(400).render('message', { + 'message': 'Invalid file type', + 'redirect': `/${req.params.board}` + }); } } // then upload, thumb, get metadata, etc. @@ -71,7 +77,7 @@ module.exports = async (req, res, numFiles) => { } catch (err) { console.error(err); //TODO: DELETE FAILED FILES - return res.status(500).json({ 'message': 'Error uploading file' }); + return res.status(500).render('error'); } } } diff --git a/views/pages/message.pug b/views/pages/message.pug new file mode 100644 index 00000000..87835bde --- /dev/null +++ b/views/pages/message.pug @@ -0,0 +1,9 @@ +extends ../layout.pug + +block head + meta(http-equiv="refresh" content=`5;url=${redirect}`) + +block content + h1 Success + p #{message} + p You will be redirected shortly. If you are not redirected automatically, you can #[a(href=redirect) click here].