gaspersic/freeCodeCamp
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge branch 'master' of https://github.com/FreeCodeCamp/freecodecamp

Browse Source 
Conflicts:
	.gitignore
This commit is contained in:
Michael Q Larson
2015-03-17 15:41:52 -07:00
parent f3f6d0d16e d4f3a4e213
commit 95c249afc6
5 changed files with 34 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
controllers/story.js
View File

@ -148,7 +148,7 @@ exports.returnIndividualStory = function(req, res, next) {
upVotes: story.upVotes, upVotes: story.upVotes,
comments: story.comments, comments: story.comments,
id: story._id, id: story._id,
user: req.user, user: req.user || null,
timeAgo: moment(story.timePosted).fromNow(), timeAgo: moment(story.timePosted).fromNow(),
image: story.image, image: story.image,
page: 'show', page: 'show',
@ -227,6 +227,9 @@ exports.comments = function(req, res, next) {
}; };
exports.newStory = function(req, res) { exports.newStory = function(req, res) {
if (!req.user) {
return res.status(500);
}
var url = req.body.data.url; var url = req.body.data.url;
var cleanURL = sanitizeHtml(url, { var cleanURL = sanitizeHtml(url, {
allowedTags: [], allowedTags: [],
@ -284,6 +287,9 @@ exports.newStory = function(req, res) {
exports.storySubmission = function(req, res) { exports.storySubmission = function(req, res) {
var data = req.body.data; var data = req.body.data;
if (req.user._id.toString() !== data.author.userId.toString()) {
return res.status(500);
}
var storyLink = data.headline var storyLink = data.headline
.replace(/\'/g, '') .replace(/\'/g, '')
.replace(/\"/g, '') .replace(/\"/g, '')
@ -327,6 +333,9 @@ exports.storySubmission = function(req, res) {
exports.commentSubmit = function(req, res) { exports.commentSubmit = function(req, res) {
var data = req.body.data; var data = req.body.data;
if (req.user._id.toString() !== data.author.userId.toString()) {
return res.status(500);
}
var sanitizedBody = sanitizeHtml(data.body, var sanitizedBody = sanitizeHtml(data.body,
{ {
allowedTags: [], allowedTags: [],
@ -353,6 +362,11 @@ exports.commentSubmit = function(req, res) {
exports.commentOnCommentSubmit = function(req, res) { exports.commentOnCommentSubmit = function(req, res) {
var data = req.body.data; var data = req.body.data;
if (req.user._id.toString() !== data.author.userId.toString()) {
return res.status(500);
}
var sanitizedBody = sanitizeHtml(data.body, var sanitizedBody = sanitizeHtml(data.body,
{ {
allowedTags: [], allowedTags: [],

3
controllers/user.js
View File

@ -322,7 +322,6 @@ exports.updateProgress = function(req, res) {
exports.postUpdateProfile = function(req, res, next) { exports.postUpdateProfile = function(req, res, next) {
// What does this do?
User.findById(req.user.id, function(err, user) { User.findById(req.user.id, function(err, user) {
if (err) return next(err); if (err) return next(err);
var errors = req.validationErrors(); var errors = req.validationErrors();
@ -342,7 +341,7 @@ exports.postUpdateProfile = function(req, res, next) {
}); });
return res.redirect('/account'); return res.redirect('/account');
} }
User.findOne({ username: req.body.username }, function(err, existingUsername) { User.findOne({ 'profile.username': req.body.username }, function(err, existingUsername) {
if (err) { if (err) {
return next(err); return next(err);
} }

3
public/js/lib/bonfire/bonfireFramework_v0.1.2.js
View File

@ -33,6 +33,9 @@ editor.setOption("extraKeys", {
cm.replaceSelection(spaces); cm.replaceSelection(spaces);
} }
}, },
"Ctrl-Enter": function() { "Ctrl-Enter": function() {
bonfireExecute(); bonfireExecute();
return false; return false;

4
views/stories/comments.jade
View File

@ -21,6 +21,7 @@
success: function (data, textStatus, xhr) { success: function (data, textStatus, xhr) {
commentDetails = data; commentDetails = data;
var div = document.createElement('div'); var div = document.createElement('div');
$(div) $(div)
.html( .html(
'<div class="media media-news">' + '<div class="media media-news">' +
@ -55,6 +56,9 @@
sentinel--; sentinel--;
if (!sentinel) { if (!sentinel) {
$('.comment-a-comment').on('click', 'a', function () { $('.comment-a-comment').on('click', 'a', function () {
if (!user) {
return;
}
$(this).unbind('click'); $(this).unbind('click');
$('.comment-to-comment-formgroup').empty(); $('.comment-to-comment-formgroup').empty();
$('#initial-comment-submit').addClass('hidden-element'); $('#initial-comment-submit').addClass('hidden-element');

21
views/stories/show.jade
View File

@ -42,22 +42,23 @@
span &thinsp;by&thinsp; span &thinsp;by&thinsp;
a(href="/" + author.username) @#{author.username} a(href="/" + author.username) @#{author.username}
if (user !== null)
.col-xs-12#reply-area .col-xs-12#reply-area
.hidden-element#initial-comment-submit .hidden-element#initial-comment-submit
form.form-horizontal.control-label-story-submission form.form-horizontal.control-label-story-submission
.col-xs-12 .col-xs-12
.input-group .input-group
input#comment-box.big-text-field.field-responsive.form-control(type='text', placeholder='Enter your reply', autofocus) input#comment-box.big-text-field.field-responsive.form-control(type='text', placeholder='Enter your reply', autofocus)
span.input-group-btn span.input-group-btn
button#comment-button.btn.btn-big.btn-primary.btn-responsive(type='button') Send button#comment-button.btn.btn-big.btn-primary.btn-responsive(type='button') Send
span.spacer.pull-left#textarea_feedback span.spacer.pull-left#textarea_feedback
script. script.
if (image) { if (image) {
$('#image-display').removeClass('hidden-element') $('#image-display').removeClass('hidden-element')
} }
$('#reply-to-main-post').on('click', function() { $('#reply-to-main-post').on('click', function() {
if (!user) return;
$('#initial-comment-submit').removeClass('hidden-element'); $('#initial-comment-submit').removeClass('hidden-element');
$(this).unbind('click'); $(this).unbind('click');
$('.comment-to-comment-formgroup').empty(); $('.comment-to-comment-formgroup').empty();