mirror of https://gitgud.io/fatchan/jschan.git
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
48 lines
1.3 KiB
48 lines
1.3 KiB
'use strict';
|
|
|
|
const Mongo = require(__dirname+'/../db/db.js')
|
|
, allowedArrays = new Set(['checkedposts', 'globalcheckedposts', 'checkedbans', 'checkedbanners'])
|
|
, numberFields = ['p'. 'reply_limit', 'max_files', 'thread_limit', 'id', 'thread']
|
|
|
|
module.exports = (req, res, next) => {
|
|
|
|
const bodyfields = Object.keys(req.body);
|
|
for (let i = 0; i < bodyfields.length; i++) {
|
|
const key = bodyfields[i];
|
|
const val = req.body[key];
|
|
if (!allowedArrays.has(key) && Array.isArray(val)) {
|
|
//this is an array from malformed input, deny it.
|
|
return res.status(400).render('message', {
|
|
'title': 'Bad request',
|
|
'message': 'Malformed input'
|
|
});
|
|
}
|
|
}
|
|
|
|
//convert to numbers of mongoIds for action routes
|
|
if (req.body.checkedposts) {
|
|
req.body.checkedposts = req.body.checkedposts.map(Number);
|
|
}
|
|
if (req.body.globalcheckedposts) {
|
|
req.body.globalcheckedposts = req.body.globalcheckedposts.map(Mongo.ObjectId)
|
|
}
|
|
|
|
for (let i = 0; i < numberFields.length; i++) {
|
|
const field = numberFields[i];
|
|
if (req.query[field]) {
|
|
const num = parseInt(req.query[field]);
|
|
if (Number.isSafeInteger(num)) {
|
|
req.query[field] = num;
|
|
} else {
|
|
req.query[field] = null;
|
|
}
|
|
}
|
|
}
|
|
|
|
if (req.params.page) {
|
|
req.params.page = req.params.page === 'index' ? 'index' : +req.params.page;
|
|
}
|
|
|
|
next();
|
|
|
|
}
|
|
|