updated all posts to use formdata for security and also to send session information/catch session failures.
This commit is contained in:
parent
3ae20e06da
commit
261cb1ebb1
@ -53,7 +53,7 @@ daddy.controller("loginCtrlr", function($scope, $cookies, $location, $http, stat
|
|||||||
|
|
||||||
})
|
})
|
||||||
|
|
||||||
daddy.controller("signupCtrlr", function($scope, $http, $location, stateData) {
|
daddy.controller("signupCtrlr", function($scope, $http, $location, $timeout, stateData) {
|
||||||
|
|
||||||
let titles = {
|
let titles = {
|
||||||
form : "Sign up here!",
|
form : "Sign up here!",
|
||||||
@ -83,6 +83,7 @@ daddy.controller("signupCtrlr", function($scope, $http, $location, stateData) {
|
|||||||
$scope.passwordsMatch()
|
$scope.passwordsMatch()
|
||||||
$scope.emailGood()
|
$scope.emailGood()
|
||||||
|
|
||||||
|
$timeout(function() {
|
||||||
if ($scope.match && !$scope.exists && $scope.goodemail) {
|
if ($scope.match && !$scope.exists && $scope.goodemail) {
|
||||||
$scope.status = false
|
$scope.status = false
|
||||||
$scope.submit()
|
$scope.submit()
|
||||||
@ -90,6 +91,7 @@ daddy.controller("signupCtrlr", function($scope, $http, $location, stateData) {
|
|||||||
$scope.status = true
|
$scope.status = true
|
||||||
$scope.signupStatus = "Please correct errors above."
|
$scope.signupStatus = "Please correct errors above."
|
||||||
}
|
}
|
||||||
|
}, 1000)
|
||||||
}
|
}
|
||||||
|
|
||||||
$scope.emailGood = () => {
|
$scope.emailGood = () => {
|
||||||
@ -113,9 +115,16 @@ daddy.controller("signupCtrlr", function($scope, $http, $location, stateData) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
$scope.submit = () => {
|
$scope.submit = () => {
|
||||||
|
let formData = new FormData()
|
||||||
|
formData.append('userName', $scope.user.username)
|
||||||
|
formData.append('userPass', $scope.user.password)
|
||||||
|
formData.append('userEmail', $scope.user.email)
|
||||||
$http({
|
$http({
|
||||||
url : server + "/auth/signup?userName=" + $scope.user.username + "&userPass=" + $scope.user.password + "&userEmail=" + $scope.user.email,
|
url : server + "/auth/signup",
|
||||||
method : "POST"
|
method : "POST",
|
||||||
|
data : formData,
|
||||||
|
headers : { 'Content-Type' : undefined },
|
||||||
|
transformRequest : angular.identity
|
||||||
}).then((res) => {
|
}).then((res) => {
|
||||||
if (res.status == 200) {
|
if (res.status == 200) {
|
||||||
console.log("user created successfully")
|
console.log("user created successfully")
|
||||||
@ -135,9 +144,14 @@ daddy.controller("signupCtrlr", function($scope, $http, $location, stateData) {
|
|||||||
|
|
||||||
$scope.userExists = () => {
|
$scope.userExists = () => {
|
||||||
console.log("checking username is used?")
|
console.log("checking username is used?")
|
||||||
|
let formData = new FormData()
|
||||||
|
formData.append('userName', $scope.user.username)
|
||||||
$http({
|
$http({
|
||||||
url : server + "/auth/exists?userName=" + $scope.user.username,
|
url : server + "/auth/exists",
|
||||||
method : "POST"
|
method : "POST",
|
||||||
|
data : formData,
|
||||||
|
headers : { 'Content-Type' : undefined },
|
||||||
|
transformRequest : angular.identity
|
||||||
}).then((res) => {
|
}).then((res) => {
|
||||||
if (res.status == 200) {
|
if (res.status == 200) {
|
||||||
console.log(res.data)
|
console.log(res.data)
|
||||||
@ -155,5 +169,4 @@ daddy.controller("signupCtrlr", function($scope, $http, $location, stateData) {
|
|||||||
}
|
}
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
})
|
})
|
||||||
@ -148,6 +148,8 @@ daddy.controller("createTopicCtrlr", function($scope, $location, $http, stateDat
|
|||||||
$scope.createTopic = () => {
|
$scope.createTopic = () => {
|
||||||
console.log("sending new topic to server!!")
|
console.log("sending new topic to server!!")
|
||||||
let formData = new FormData()
|
let formData = new FormData()
|
||||||
|
formData.append('user', stateData.state.user.userName)
|
||||||
|
formData.append('sessionID', stateData.state.user.sessionID)
|
||||||
formData.append('topicSubject', $scope.topic.topicSubject)
|
formData.append('topicSubject', $scope.topic.topicSubject)
|
||||||
formData.append('topicCat', $scope.topic.topicCat)
|
formData.append('topicCat', $scope.topic.topicCat)
|
||||||
formData.append('userNo', stateData.state.user.userNo)
|
formData.append('userNo', stateData.state.user.userNo)
|
||||||
@ -166,6 +168,10 @@ daddy.controller("createTopicCtrlr", function($scope, $location, $http, stateDat
|
|||||||
if (res.status == 500) {
|
if (res.status == 500) {
|
||||||
console.log("something went wrong: " + res.data)
|
console.log("something went wrong: " + res.data)
|
||||||
$scope.status.text = "Something went wrong: " + res.status
|
$scope.status.text = "Something went wrong: " + res.status
|
||||||
|
} else if (res.status == 403) {
|
||||||
|
console.log("something went worng: " + res.data)
|
||||||
|
$scope.status.text = "Authentication failed. For saftey reasons, you have been logged out, please log in and try again."
|
||||||
|
stateData.logOut()
|
||||||
}
|
}
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
@ -173,6 +179,8 @@ daddy.controller("createTopicCtrlr", function($scope, $location, $http, stateDat
|
|||||||
$scope.createPost = (postContent, topicNo) => {
|
$scope.createPost = (postContent, topicNo) => {
|
||||||
console.log("sending new post to server")
|
console.log("sending new post to server")
|
||||||
let formData = new FormData()
|
let formData = new FormData()
|
||||||
|
formData.append('user', stateData.state.user.userName)
|
||||||
|
formData.append('sessionID', stateData.state.user.sessionID)
|
||||||
formData.append('postContent', postContent)
|
formData.append('postContent', postContent)
|
||||||
formData.append('topicNo', topicNo)
|
formData.append('topicNo', topicNo)
|
||||||
formData.append('userNo', stateData.state.user.userNo)
|
formData.append('userNo', stateData.state.user.userNo)
|
||||||
@ -191,6 +199,10 @@ daddy.controller("createTopicCtrlr", function($scope, $location, $http, stateDat
|
|||||||
if (res.status == 500) {
|
if (res.status == 500) {
|
||||||
console.log("something went wrong: " + res.data)
|
console.log("something went wrong: " + res.data)
|
||||||
$scope.status.text = "Something went wrong: " + res.status
|
$scope.status.text = "Something went wrong: " + res.status
|
||||||
|
} else if (res.status == 403) {
|
||||||
|
console.log("something went worng: " + res.data)
|
||||||
|
$scope.status.text = "Authentication failed. For saftey reasons, you have been logged out, please log in and try again."
|
||||||
|
stateData.logOut()
|
||||||
}
|
}
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
@ -241,6 +253,8 @@ daddy.controller("createCategoryCtrlr", function($scope, $http, $location, state
|
|||||||
$scope.status.text = "Adding category..."
|
$scope.status.text = "Adding category..."
|
||||||
|
|
||||||
let formData = new FormData()
|
let formData = new FormData()
|
||||||
|
formData.append('user', stateData.state.user.userName)
|
||||||
|
formData.append('sessionID', stateData.state.user.sessionID)
|
||||||
formData.append('catName', $scope.category.catName)
|
formData.append('catName', $scope.category.catName)
|
||||||
formData.append('catDescr', $scope.category.catDescr)
|
formData.append('catDescr', $scope.category.catDescr)
|
||||||
|
|
||||||
@ -260,10 +274,13 @@ daddy.controller("createCategoryCtrlr", function($scope, $http, $location, state
|
|||||||
if (res.status == 500) {
|
if (res.status == 500) {
|
||||||
console.log("something went wrong: " + res.data)
|
console.log("something went wrong: " + res.data)
|
||||||
$scope.status.text = "Something went wrong: " + res.status
|
$scope.status.text = "Something went wrong: " + res.status
|
||||||
|
} else if (res.status == 403) {
|
||||||
|
console.log("something went worng: " + res.data)
|
||||||
|
$scope.status.text = "Authentication failed. For saftey reasons, you have been logged out, please log in and try again."
|
||||||
|
stateData.logOut()
|
||||||
}
|
}
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
})
|
})
|
||||||
|
|
||||||
daddy.controller("topicsCtrlr", function($scope, $routeParams, $timeout, $http, $location, stateData) {
|
daddy.controller("topicsCtrlr", function($scope, $routeParams, $timeout, $http, $location, stateData) {
|
||||||
@ -325,6 +342,8 @@ daddy.controller("topicsCtrlr", function($scope, $routeParams, $timeout, $http,
|
|||||||
$scope.makeReply = (topicNo) => {
|
$scope.makeReply = (topicNo) => {
|
||||||
console.log("sending new post to server")
|
console.log("sending new post to server")
|
||||||
let formData = new FormData()
|
let formData = new FormData()
|
||||||
|
formData.append('user', stateData.state.user.userName)
|
||||||
|
formData.append('sessionID', stateData.state.user.sessionID)
|
||||||
formData.append('postContent', $scope.reply.postContent)
|
formData.append('postContent', $scope.reply.postContent)
|
||||||
formData.append('topicNo', topicNo)
|
formData.append('topicNo', topicNo)
|
||||||
formData.append('userNo', stateData.state.user.userNo)
|
formData.append('userNo', stateData.state.user.userNo)
|
||||||
@ -345,6 +364,10 @@ daddy.controller("topicsCtrlr", function($scope, $routeParams, $timeout, $http,
|
|||||||
console.log("something went wrong: ")
|
console.log("something went wrong: ")
|
||||||
console.log(res.data)
|
console.log(res.data)
|
||||||
$scope.status.text = "Something went wrong: " + res.status
|
$scope.status.text = "Something went wrong: " + res.status
|
||||||
|
} else if (res.status == 403) {
|
||||||
|
console.log("something went worng: " + res.data)
|
||||||
|
$scope.status.text = "Authentication failed. For saftey reasons, you have been logged out, please log in and try again."
|
||||||
|
stateData.logOut()
|
||||||
}
|
}
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
@ -361,9 +384,16 @@ daddy.controller("topicsCtrlr", function($scope, $routeParams, $timeout, $http,
|
|||||||
if (!window.confirm("Are you sure you want to delete this post?")) {
|
if (!window.confirm("Are you sure you want to delete this post?")) {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
let formData = new FormData()
|
||||||
|
formData.append('user', stateData.state.user.userName)
|
||||||
|
formData.append('sessionID', stateData.state.user.sessionID)
|
||||||
|
formData.append("postNo", postNo)
|
||||||
$http({
|
$http({
|
||||||
url : server + "/forum/topic/post/delete?postNo=" + postNo,
|
url : server + "/forum/topic/post/delete",
|
||||||
method : "POST"
|
method : "POST",
|
||||||
|
data : formData,
|
||||||
|
headers : { 'Content-Type' : undefined },
|
||||||
|
transformRequest : angular.identity
|
||||||
}).then((res) => {
|
}).then((res) => {
|
||||||
if (res.status == 200) {
|
if (res.status == 200) {
|
||||||
console.log("post deleted")
|
console.log("post deleted")
|
||||||
@ -378,6 +408,10 @@ daddy.controller("topicsCtrlr", function($scope, $routeParams, $timeout, $http,
|
|||||||
console.log("something went wrong: ")
|
console.log("something went wrong: ")
|
||||||
console.log(res.data)
|
console.log(res.data)
|
||||||
$scope.status.text = "Something went wrong: " + res.status
|
$scope.status.text = "Something went wrong: " + res.status
|
||||||
|
} else if (res.status == 403) {
|
||||||
|
console.log("something went worng: " + res.data)
|
||||||
|
$scope.status.text = "Authentication failed. For saftey reasons, you have been logged out, please log in and try again."
|
||||||
|
stateData.logOut()
|
||||||
}
|
}
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
@ -386,6 +420,8 @@ daddy.controller("topicsCtrlr", function($scope, $routeParams, $timeout, $http,
|
|||||||
/* This is incomplete, need to figure out hiding the edit box after edit. Would rather not use timeout. */
|
/* This is incomplete, need to figure out hiding the edit box after edit. Would rather not use timeout. */
|
||||||
console.log("submitting edited post")
|
console.log("submitting edited post")
|
||||||
let formData = new FormData()
|
let formData = new FormData()
|
||||||
|
formData.append('user', stateData.state.user.userName)
|
||||||
|
formData.append('sessionID', stateData.state.user.sessionID)
|
||||||
formData.append("postNo", postNo)
|
formData.append("postNo", postNo)
|
||||||
formData.append("postContent", postContent)
|
formData.append("postContent", postContent)
|
||||||
$http({
|
$http({
|
||||||
@ -408,10 +444,13 @@ daddy.controller("topicsCtrlr", function($scope, $routeParams, $timeout, $http,
|
|||||||
console.log("something went wrong: ")
|
console.log("something went wrong: ")
|
||||||
console.log(res.data)
|
console.log(res.data)
|
||||||
$scope.status.text = "Something went wrong: " + res.status
|
$scope.status.text = "Something went wrong: " + res.status
|
||||||
|
} else if (res.status == 403) {
|
||||||
|
console.log("something went worng: " + res.data)
|
||||||
|
$scope.status.text = "Authentication failed. For saftey reasons, you have been logged out, please log in and try again."
|
||||||
|
stateData.logOut()
|
||||||
}
|
}
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
})
|
})
|
||||||
|
|
||||||
daddy.controller("topicCtrlr", function($scope, $http, $location, stateData) {
|
daddy.controller("topicCtrlr", function($scope, $http, $location, stateData) {
|
||||||
|
|||||||
@ -83,7 +83,6 @@ daddy.controller("navCtrlr", function($scope, $location, $cookies, stateData){
|
|||||||
}
|
}
|
||||||
|
|
||||||
$scope.logOut = () => {
|
$scope.logOut = () => {
|
||||||
$cookies.remove('user')
|
|
||||||
stateData.logOut()
|
stateData.logOut()
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -106,7 +105,7 @@ daddy.config(function ($routeProvider) {
|
|||||||
$routeProvider.otherwise({template : "<article><section class='item border'><h1>404 ... no clue fam ... try something else?</h1></section></article>"})
|
$routeProvider.otherwise({template : "<article><section class='item border'><h1>404 ... no clue fam ... try something else?</h1></section></article>"})
|
||||||
})
|
})
|
||||||
|
|
||||||
daddy.factory('stateData', function(){
|
daddy.factory('stateData', function($cookies){
|
||||||
let state = {
|
let state = {
|
||||||
page : "forum",
|
page : "forum",
|
||||||
title : "Forum;",
|
title : "Forum;",
|
||||||
@ -136,12 +135,14 @@ daddy.factory('stateData', function(){
|
|||||||
}
|
}
|
||||||
|
|
||||||
logOut = () => {
|
logOut = () => {
|
||||||
|
$cookies.remove('user')
|
||||||
state.user.userNo = null
|
state.user.userNo = null
|
||||||
state.user.userName = null
|
state.user.userName = null
|
||||||
state.user.userLevel = 0
|
state.user.userLevel = 0
|
||||||
}
|
}
|
||||||
|
|
||||||
setUser = (user) => {
|
setUser = (user) => {
|
||||||
|
state.user.sessionID = user.sessionID
|
||||||
state.user.userNo = user.userNo
|
state.user.userNo = user.userNo
|
||||||
state.user.userName = user.userName
|
state.user.userName = user.userName
|
||||||
state.user.userLevel = user.userLevel
|
state.user.userLevel = user.userLevel
|
||||||
|
|||||||
@ -1,4 +1,8 @@
|
|||||||
<article ng-controller="signupCtrlr">
|
<article ng-controller="signupCtrlr">
|
||||||
|
<section class="item center border" ng-show="success" style="min-width: 30%;">
|
||||||
|
<h3>{{titles.success}}</h3>
|
||||||
|
<p>{{message.start}} <br /> {{message.line2}} <span class="link" ng-click="setLogin()">{{message.link}}</span> {{message.end}}</p>
|
||||||
|
</section>
|
||||||
<section class="item center border">
|
<section class="item center border">
|
||||||
<h3>{{titles.form}}</h3> <br />
|
<h3>{{titles.form}}</h3> <br />
|
||||||
<form id="signupForm" name="signupForm" ng-submit="signup()" enctype="application/x-www-form-urlencoded">
|
<form id="signupForm" name="signupForm" ng-submit="signup()" enctype="application/x-www-form-urlencoded">
|
||||||
@ -16,8 +20,4 @@
|
|||||||
</form>
|
</form>
|
||||||
<p class="status" ng-show="status">{{signupStatus}}</p>
|
<p class="status" ng-show="status">{{signupStatus}}</p>
|
||||||
</section>
|
</section>
|
||||||
<section class="item center border" ng-show="success">
|
|
||||||
<h3>{{titles.success}}</h3>
|
|
||||||
<p>{{message.start}} <br /> {{message.line2}} <span class="link" ng-click="setLogin()">{{message.link}}</span> {{message.end}}</p>
|
|
||||||
</section>
|
|
||||||
</article>
|
</article>
|
||||||
Reference in New Issue
Block a user