Ejemplo n.º 1
0
void Pages::registration(Document *doc){

    if(path != "/register")
        return;

    std::string name = cgi("name"), email = cgi("email"), pw = cgi("pw");

    if(Session::user())
        doc->redirect("/");

    else if(cgi.getEnvironment().getRequestMethod() != "POST")
        form(doc);

    else if(name.empty())
        form(doc, "Please specify a display name.");

    else if(email.empty())
        form(doc, "Please specify an email address.");
    else if(!validEmail(email))
        form(doc, "Invalid email address.");

    else if(pw.empty())
        form(doc, "Please specify a password.");
    else if(pw != cgi("pwconf"))
        form(doc, "Passwords mismatch.");

    else{

        if(DB::query("SELECT EXISTS (SELECT 1 FROM users WHERE lower(name) = lower($1) OR lower(email) = lower($2))", name, email)[0][0] == "t")
            return form(doc, "Sorry, name or email already in use.");

        DB::Result r = DB::query(
            "INSERT INTO users (name, password, email, registration, last_login) "
            "VALUES ($1, crypt($2, gen_salt('bf')), $3, 'now', 'now') "
            "RETURNING id", name, pw, email);

        if(r.empty())
            return form(doc, "Erm, something went wrong. Please try again.");

        User u = User(number(r[0][0]), name);
        log("New user: "******" (" + number(u.id) + ")");
        doc->addHttp("Set-Cookie: sid=" + Session::login(u) + ";Max-Age=2592000\n"); // 30 days
        doc->redirect(u.url() + "?welcome=1");

    }

}
Ejemplo n.º 2
0
Track::Track(int tid){

    id = 0;
    if(tid <= 0) return;

    DB::Result r = DB::query(
        "SELECT tracks.title, tracks.user_id, users.name, tracks.visible, tracks.date FROM tracks, users "
        "WHERE tracks.id = " + number(tid) + " AND tracks.user_id = users.id");

    if(!r.empty()){
        id = tid;
        title = r[0][0];
        artist = User(number(r[0][1]), r[0][2]);
        visible = r[0][3] == "t";
        date = r[0][4];
    }

}
Ejemplo n.º 3
0
ExtendedTrack::ExtendedTrack(int tid){

    id = 0;
    if(tid<=0) return;

    DB::Result r = DB::query(
        "SELECT tracks.title, tracks.user_id, users.name, users.email, tracks.visible, tracks.date, extract(epoch from tracks.date),"
        " tracks.notes, tracks.airable, tracks.license, array_to_string(tracks.tags, ',') FROM tracks, users "
        "WHERE tracks.id = " + number(tid) + " AND tracks.user_id = users.id");

    if(!r.empty()){

        id = tid;
        title = r[0][0];
        artist.id = number(r[0][1]);
        artist.name = r[0][2];
        artist.email = r[0][3];
        visible = r[0][4] == "t";
        date = r[0][5];
        timestamp = r[0][6];

        // Ext
        notes = r[0][7];
        airable = r[0][8] == "t";
        license = r[0][9];

        // Tags
        std::string tstr = r[0][10];
        std::string buf;
        for(std::string::const_iterator i=tstr.begin(); i!=tstr.end(); i++){
            if(*i == ','){
                if(!buf.empty()){
                    tags.push_back(buf);
                    buf.clear();
                }
            }
            else buf += *i;
        }
        if(!buf.empty()) tags.push_back(buf); // last tag

    }

}
Ejemplo n.º 4
0
int main(int argc, char **argv){
    if(argc != 3){
        cerr << "Usage: nowplaying.json ARTIST TRACK" << endl;
        return 1;
    }
    DB::connect();
    User u(argv[1]);
    std::string tid;
    if(u){
        DB::Result r = DB::query("SELECT id FROM tracks WHERE user_id=" + number(u.id()) + " AND title=$1",argv[2]);
        if(!r.empty()) tid = r[0][0];
    }
    cout << "{";
    if(!tid.empty()) cout << field("id",tid);
    cout << field("title", jstring(argv[2]))
         << field("artist"
            , "{" + (u?field("id",number(u.id())):"") + field("name",jstring(argv[1]),true) + "}"
            , true)
         << "}";
    DB::close();
    return 0;
}
Ejemplo n.º 5
0
void Pages::track(Document *doc){

    std::string sub;
    int tid = route("track", path, sub);
    bool post = cgi.getEnvironment().getRequestMethod() == "POST";

    if(!tid) return;

    if(sub == ""){

        ExtendedTrack t(tid);
        if(!t) return;

        doc->setHtml("html/track.tpl", t.title);

        doc->rootDict()->SetValueAndShowSection("TID", number(t.id), "HAS_OEMBED");
        t.fill(doc->dict());
        t.player(doc->dict(), true);
        Audio(&t).fill(doc->dict());

        doc->dict()->ShowSection(Youtube(t.artist.id) ? "HAS_YOUTUBE" : "NO_YOUTUBE");

        Dict *embed = doc->dict()->AddIncludeDictionary("EMBED_CODE");
        embed->SetFilename("html/embed-code.tpl");
        embed->SetIntValue("WIDTH", 150);
        t.Track::fill(embed);

        Dict *uploader = doc->dict()->AddIncludeDictionary("UPLOADER");
        uploader->SetFilename("html/uploader.tpl");
        uploader->SetValue("ACTION", t.url() + "/upload");

        int hits = Stat::push("trackView", t.artist.id, tid);
        doc->dict()->SetValue("HIT_COUNT", number(hits));
        int unique_hits = Stat::get("trackView", 0, tid, true);
        doc->dict()->SetValue("UNIQUE_HIT_COUNT", number(unique_hits));
        doc->rootDict()->ShowSection("REQUIRES_STATS_JS");

        Session::fill(doc->dict());
        EventList::track(t).fill(doc->dict(), "EVENTS", false);
        doc->dict()->ShowSection(Follower(Session::user().id).favorited(tid) ? "IS_FAVORITE" : "NOT_FAVORITE");

        if(Session::user()){
            DB::Result playlists = DB::query(
                "SELECT id, name FROM playlists WHERE user_id = " + number(Session::user().id) + " ORDER BY name ASC");
            if(!playlists.empty()){
                doc->dict()->ShowSection("HAS_PLAYLISTS");
                for(DB::Result::const_iterator i=playlists.begin(); i!=playlists.end(); i++){
                    Dict *playlist = doc->dict()->AddSectionDictionary("PLAYLIST");
                    playlist->SetValue("PLAYLIST_ID", i->at(0));
                    playlist->SetValue("PLAYLIST_NAME", i->at(1));
                }
            }
        }
    }

    else if(sub == "delete"){
        Track t(tid);
        if(!t) return;
        if(!t.artist.self())
            doc->redirect(t.url());

        else if(!post || cgi("confirm") != "Delete" || Session::nonce() != cgi("nonce")){
            Session::newNonce();
            doc->setHtml("html/delete.tpl", "Track deletion");
            doc->dict()->SetValue("WHAT", t.title);
            doc->dict()->SetValue("CANCEL_URL", t.url());
        }

        else{
            log("Deleting track: " + t.title + " (" + number(t.id) + ")");

            Art art(t.id);
            if(art) art.remove();
            Audio(&t).unlink();

            Playlist::removeTrack(t.id);
            DB::query("DELETE FROM events WHERE track_id = " + number(t.id));
            DB::query("DELETE FROM featured_tracks WHERE track_id = " + number(t.id));
            DB::query("DELETE FROM favorites WHERE type = 'track' AND ref = " + number(t.id));
            DB::query("DELETE FROM user_features WHERE type = 'track' AND ref = " + number(t.id));
            DB::query("DELETE FROM tracks WHERE id = " + number(t.id));

            doc->redirect(Session::user().url());
        }

    }

    else if(sub == "publish"){
        Track t(tid);
        if(!t) return;
        if(tid != number(cgi("tid")))
            return doc->redirect(t.url());

        if(t.artist.self() && !t.visible && post){

            DB::query("UPDATE tracks SET visible = 't', date = 'now' WHERE id = " + number(t.id));

            Event e;
            e.type = Event::Publish;
            e.source = t.artist;
            e.track = t;
            e.push();

            std::vector<std::string> emails = Follower(t.artist.id).followers();
            std::string maildata =
                "From: EqBeats notification <*****@*****.**>\n"
                "Message-ID: notify-t" + number(t.id) + "\n"
                "Subject: " + filter("EqBeats notification: " + t.artist.name + " - " + t.title) + "\n"
                "Precedence: bulk\n\n" +
                t.artist.name + " just published a new track : " + t.title + "\n"
                "Listen to it here : " + eqbeatsUrl() + t.url() + "\n\n"
                "You're receiving this email because you're following " + t.artist.name + " on EqBeats.\n"
                "If you don't want to receive these notifications anymore, go to " + eqbeatsUrl() + t.artist.url() + " and click \"Stop following\".";
            for(std::vector<std::string>::const_iterator i = emails.begin(); i!=emails.end(); i++)
                sendMail(i->c_str(), maildata.c_str());

        }
        doc->redirect(t.url());

    }

}
Ejemplo n.º 6
0
void Pages::passwordReset(Document *doc){

    if(path != "/account/reset")
        return;

    if(Session::user())
        doc->redirect("/account");

    // Coming from an email

    if(!cgi("token").empty()){
        DB::Result r = DB::query("SELECT user_id FROM resets WHERE token = $1", cgi("token"));

        if(r.empty())
            form(doc, "Sorry, looks like your token has expired. You could always try again.");

        else{
            DB::query("DELETE FROM resets WHERE token = $1", cgi("token"));
            std::string pw = randomString(16);
            int uid = number(r[0][0]);

            Account a(uid);
            DB::query("UPDATE users SET password = crypt($1, gen_salt('bf')) WHERE id = " + number(a.id), pw);
            std::string sid = Session::login(a);

            doc->setHtml("html/account.tpl", "Your account");
            doc->addHttp("Set-Cookie: sid=" + sid + ";Max-Age=2592000;Path=/\n"); // 30 days
            doc->dict()->SetValueAndShowSection("MESSAGE", "Your password has been reset to " + pw + ". You can now change it below.", "MESSAGE");
            doc->dict()->SetValue("OLD_PASSWORD", pw);
            a.fill(doc->dict());
        }

    }

    // Sending the token

    else if(cgi.getEnvironment().getRequestMethod() == "POST" && !cgi("email").empty()){
        DB::Result r = DB::query("SELECT id FROM users WHERE lower(email) = lower($1)", cgi("email"));

        if(r.empty())
            form(doc, "Sorry, we couldn't find any account with this email address. Try again?");

        else{
            std::string token = randomString(32);
            while(DB::query("INSERT INTO resets (user_id, token) VALUES ($1, $2) RETURNING 1", r[0][0], token).empty())
                token = randomString(32);

            sendMail(cgi("email").c_str(),
                ((std::string)"From: EqBeats <*****@*****.**>\n"
                "Subject: Resetting your password on EqBeats\n\n"
                "Hi.\n\n"
                "Someone, hopefully you, requested a password reset on your account at EqBeats. "
                "If you want to reset your password, please click this link : " + eqbeatsUrl() + "/account/reset?token=" + token + "\n"
                "If you didn't request it, please ignore this email.\n\n"
                "Cheers.").c_str());

            doc->setHtml("html/password-reset.tpl", "Password reset");
            doc->dict()->SetValueAndShowSection("MESSAGE",
                "A reset link has been sent to your email address. "
                "If there's any more problems (can't access your email, etc...), "
                "feel free to drop us a line at [email protected].", "MESSAGE");
        }

    }

    // Not coming from a form nor an email
    else
        form(doc);

}