a
/
media-host
1
1
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

improve upload thing, captcha handling, and data size handling

Browse Source
main
aria 2 months ago
parent 0f4fb0a8b6
commit aa67bea218
Signed by: a
GPG Key ID: E851AE999FFCBC37
4 changed files with 152 additions and 81 deletions
Show Stats Download Patch File Download Diff File

121
server.js
Unescape View File

@ -395,7 +395,7 @@ app.post("/login", function(req, res, next) {
});
app.get("/dummy", function(req, res, next) {
res.send("test");
res.send({marco: "polo"});
});
app.get("/upload", async function (req, res, next) {
@ -494,44 +494,9 @@ app.post("/upload", async function (req, res, next) {
let db = client.db("mediahost");
let col = await db.collection("uploads");
let type = utils.getType(files.file.mimetype);
let u;
if (acc !== null && acc !== undefined) {
u = acc._id;
} else {
u = "Anonymous";
}
if (u == "Anonymous" && config["captcha"]["enabled"] && config["captcha"]["show-at-anon-upload"] == true) {
if (!fields["h-captcha-response"]) {
if (req.query["json"] !== "1") {
res.render("pages/upload", {config: config, account: acc, err: "CAPTCHA needs to be solved.", maxsize: utils.humanSize(config["max-file-size"])});
} else {
res.send({
success: false,
err: "CAPTCHA needs to be solved."
});
}
return;
} else {
let h = await hcaptcha.verify(config["captcha"]["secret"], fields["h-captcha-response"]);
if (!h.success) {
if (req.query["json"] !== "1") {
res.render("pages/upload", {config: config, account: acc, err: "CAPTCHA was invalid.", maxsize: utils.humanSize(config["max-file-size"])});
} else {
res.send({
success: false,
err: "CAPTCHA was invalid."
});
}
return;
}
}
}
let data = {
id: id,
uploader: u,
direct: `/f/${id}/raw`,
name: files.file.originalFilename,
type: type,
@ -542,7 +507,34 @@ app.post("/upload", async function (req, res, next) {
mime: files.file.mimetype
};
if (u == "Anonymous" && config["store-anon-ips"] == true) {
if (acc !== null && acc !== undefined) {
data.uploader = acc._id;
data.approved = true;
} else {
data.uploader = "Anonymous";
if (config["captcha"]["show-at-anon-upload"] == true) data.approved = false;
else data.approved = true;
}
if (data.uploader == "Anonymous" && config["captcha"]["enabled"] && config["captcha"]["show-at-anon-upload"] == true) {
col.insertOne(data);
res.send({
success: true,
requireCaptcha: true,
data
});
setTimeout(async function() {
let file = await col.findOne({id});
if (file.approved == false) await removeUpload(id);
}, 300000);
return;
}
if (data.uploader == "Anonymous" && config["store-anon-ips"] == true) {
data["ip"] = (req.headers["x-real-ip"] || req.headers["X-Real-IP"] || req.ip);
}
@ -553,7 +545,8 @@ app.post("/upload", async function (req, res, next) {
} else {
res.send({
success: true,
data: data
requireCaptcha: false,
data
});
}
} catch(e) {
@ -568,6 +561,58 @@ app.post("/upload", async function (req, res, next) {
});
});
app.post("/f/:id/confirm", async function(req, res) {
let form = formidable();
form.parse(req, async function(err, fields) {
if (err) {
let error;
if (err.httpCode && !err.message) error = `HTTP Error Code ${err.httpCode}`;
else error = (err.message || err);
res.send({
success: false,
err: error
});
return;
}
if (fields["h-captcha-response"]) {
let {success} = await hcaptcha.verify(config.captcha.secret, fields["h-captcha-response"]);
if (success) {
let db = client.db("mediahost");
let files = await db.collection("uploads");
let file = await files.findOne({id: req.params.id});
if (file.approved == false) {
file.approved = true;
await files.findOneAndReplace({id: req.params.id}, file);
res.send({
success: true
});
} else {
res.send({
success: false,
err: "File already approved."
});
}
} else {
res.send({
success: false,
err: "Invalid CAPTCHA."
});
}
} else {
res.send({
success: false,
err: "Invalid CAPTCHA."
});
}
})
});
app.get("/f/:id", async function (req, res, next) {
let acc;
let db = client.db("mediahost");

91
static/js/upload.js
Unescape View File

@ -2,6 +2,8 @@ document.querySelectorAll(".require-script").forEach(function(e) {
e.style.display = "inline-block";
});
let oTitle = document.title;
let xhr = new XMLHttpRequest();
xhr.open("GET", "/dummy");
xhr.send();
@ -16,6 +18,7 @@ xhr.upload.addEventListener("progress", function(ev) {
let p = `${((d / t) * 100).toFixed(2)}%`;
if (p == "100.00%") {
document.getElementById("prgTxt").innerHTML = `Processing...`;
document.getElementById("prgUpload").style.width = p;
} else {
document.getElementById("prgUpload").style.width = p;
document.getElementById("prgTxt").innerHTML = `Uploading... <code>(${p})</code>`;
@ -37,6 +40,7 @@ xhr.addEventListener("progress", function(ev) {
document.getElementById("prgTxt").innerHTML = `Please wait, we're processing your file.`;
} else {
document.getElementById("prgUpload").style.width = p;
document.title = `[${p}] ${oTitle}`;
document.getElementById("prgTxt").innerHTML = `Uploading... <code>(${p})</code>`;
}
} else {
@ -56,40 +60,22 @@ function upload() {
let fd = new FormData();
fd.append("file", f);
fd.append("privacy", document.getElementById("privacy").value);
if (document.querySelector(".hc-container") && document.querySelector(".hc-container iframe")) {
if (document.querySelector("[data-hcaptcha-response]")) fd.append("h-captcha-response", document.querySelector("[data-hcaptcha-response]").getAttribute("data-hcaptcha-response"));
} else if (!document.querySelector(".hc-container iframe") && document.querySelector(".hc-container")) {
hcaptcha.render("cpt", {
sitekey: document.querySelector(".hc-container").getAttribute("data-sitekey")
});
document.getElementById("prgTxt").style.display = "none";
let er = document.createElement("div");
er.classList.add("err");
let et = document.createElement("p");
et.innerHTML = `Please solve the captcha.`;
er.append(et);
document.getElementById("progress").append(er);
return;
}
if (xhr.readyState !== 1) xhr.abort()
if (xhr.readyState != 1) xhr.abort()
xhr.send(fd);
document.getElementById("progress").style.display = "inline-block";
document.getElementById("prgUpload").style.width = "0%";
document.getElementById("prgTxt").style.display = "inline-block";
document.getElementById("prgBar").style.display = "inline-block";
document.getElementById("prgTxt").innerHTML = `Preparing to upload...`;
document.getElementById("jsFileUpload").setAttribute("disabled", "");
document.querySelectorAll(".err").forEach(function(e) {
e.remove();
});
if (document.querySelector(".hc-container")) document.querySelector(".hc-container").style.display = "none";
xhr.onload = function() {
if (document.querySelector(".hc-container")) {
document.querySelector(".hc-container").style.display = "block";
hcaptcha.reset();
}
document.getElementById("jsFileUpload").removeAttribute("disabled");
console.log(xhr.responseText);
let j = JSON.parse(xhr.responseText);
@ -104,7 +90,25 @@ function upload() {
} else {
if (j.success) {
document.getElementById("prgUpload").style.width = "100%";
document.getElementById("prgTxt").innerHTML = `Uploaded. <a href="/f/${j.data.id}">${window.location.href.split("/").slice(0, 3).join("/")}/f/${j.data.id}</a>`;
if (j.requireCaptcha == true) {
document.querySelector(".hc-container").style.display = "block";
document.getElementById("prgUpload").style.width = "0%";
document.getElementById("prgTxt").style.display = "none";
document.getElementById("prgBar").style.display = "none";
let er = document.createElement("div");
er.classList.add("err");
let et = document.createElement("p");
et.innerHTML = "Please complete the CAPTCHA to keep your upload permanent.";
er.append(et);
document.getElementById("progress").append(er);
hcaptcha.render("cpt", {
sitekey: document.querySelector(".hc-container").getAttribute("data-sitekey")
});
document.title = `[CAPTCHA] ${oTitle}`;
sessionStorage.setItem(`current-upload-id`, j.data.id);
} else document.getElementById("prgTxt").innerHTML = `Uploaded. <a href="/f/${j.data.id}">${window.location.href.split("/").slice(0, 3).join("/")}/f/${j.data.id}</a>`;
} else {
console.log(j);
document.getElementById("prgTxt").style.display = "none";
@ -119,10 +123,6 @@ function upload() {
}
xhr.onerror = function(e) {
if (document.querySelector(".hc-container")) {
document.querySelector(".hc-container").style.display = "block";
hcaptcha.reset();
}
document.getElementById("jsFileUpload").removeAttribute("disabled");
console.log(e, xhr.statusText);
document.getElementById("prgTxt").style.display = "none";
@ -133,4 +133,43 @@ function upload() {
er.append(et);
document.getElementById("progress").append(er);
}
}
function sendCaptcha(response) {
let fd = new FormData();
fd.append("h-captcha-response", response);
document.querySelector(".hc-container").style.display = "none";
hcaptcha.reset();
document.getElementById("prgBar").style.display = "inline-block";
document.getElementById("progress").style.display = "inline-block";
document.getElementById("prgUpload").style.width = "0%";
document.getElementById("prgTxt").style.display = "inline-block";
document.getElementById("prgTxt").innerHTML = `Preparing to send CAPTCHA...`;
document.querySelectorAll(".err").forEach(function(e) {
e.remove();
});
xhr.open(`POST`, `/f/${sessionStorage.getItem(`current-upload-id`)}/confirm`);
xhr.send(fd);
xhr.onload = function() {
console.log(xhr.responseText);
let j = JSON.parse(xhr.responseText);
if (j.success == true) {
document.getElementById("prgTxt").innerHTML = `Uploaded. <a href="/f/${sessionStorage.getItem("current-upload-id")}">${window.location.href.split("/").slice(0, 3).join("/")}/f/${sessionStorage.getItem("current-upload-id")}</a>`;
sessionStorage.removeItem("current-upload-id");
} else {
hcaptcha.reset();
document.getElementById("prgTxt").style.display = "none";
let er = document.createElement("div");
er.classList.add("err");
let et = document.createElement("p");
et.innerHTML = j.err;
er.append(et);
document.getElementById("progress").append(er);
}
}
}

17
utils.js
Unescape View File

@ -28,21 +28,8 @@ exports.getType = function(mime) {
}
exports.humanSize = function(bytes) {
if (Math.abs(bytes) < 1024) {
return bytes + ` B`;
}
const units = ["kB", "MB", "GB", "TB", "PB", "EB", "ZB", "YB"];
let u = -1;
const r = 10**1;
do {
bytes /= 1024;
++u;
} while (Math.round(Math.abs(bytes) * r) / r >= 1024 && u < units.length - 1);
return bytes.toFixed(1) + " " + units[u];
var i = bytes == 0 ? 0 : Math.floor(Math.log(bytes) / Math.log(1024));
return (bytes / Math.pow(1024, i)).toFixed(2) * 1 + ' ' + ['B', 'kB', 'MB', 'GB', 'TB'][i];
}
exports.toMessage = function(code) {

4
views/pages/upload.ejs
Unescape View File

@ -78,14 +78,14 @@
<% if (config["captcha"]) { %>
<% if (config["captcha"]["enabled"] == true && config["captcha"]["show-at-anon-upload"] == true && account == null) { %>
<script src="https://js.hcaptcha.com/1/api.js?recaptchacompat=off" async defer></script>
<div class="hc-container" id="cpt" data-sitekey="<%= config['captcha']['sitekey'] %>"></div>
<div class="hc-container" id="cpt" data-sitekey="<%= config['captcha']['sitekey'] %>" data-callback="sendCaptcha"></div>
<% } %>
<% } %>
<button id="up" onclick="upload();">Upload</button><br>
<p><i>By clicking "Upload", you agree to the <a href="/terms">Terms of Service</a>.</i></p>
<div id="progress" style="display:none;">
<div class="prgbar">
<div class="prgbar" id="prgBar">
<div class="inner" id="prgUpload"></div>
</div><br>
<p id="prgTxt" class="nm"></p>

Write Preview
Loading…
Cancel
Save