BREAKING CHANGES: (for SeCuRiTy):
By default: - `ssid_sessions[socket.ssid]` is now `session_data` - `require` is no longer allowed in user scripts To access global `socket_sessions` and `ssid_sessions`, as well as `require` additional modules, you must set `privileged: true` for the specific service. See `config.json`.
This commit is contained in:
zefie
@@ -1,7 +1,7 @@
|
||||
var minisrv_service_file = true;
|
||||
ssid_sessions[socket.ssid].loadSessionData();
|
||||
session_data.loadSessionData();
|
||||
|
||||
if (ssid_sessions[socket.ssid].user_id != 0) {
|
||||
if (session_data.user_id != 0) {
|
||||
var errpage = doErrorPage(400, "You are not authorized to edit the primary account.");
|
||||
headers = errpage[0];
|
||||
data = errpage[1];
|
||||
@@ -66,9 +66,9 @@ ${minisrv_config.config.service_name} users
|
||||
<FONT COLOR="44cc55"><B>
|
||||
Subscriber:
|
||||
<P>`;
|
||||
var accounts = ssid_sessions[socket.ssid].listPrimaryAccountUsers();
|
||||
var accounts = session_data.listPrimaryAccountUsers();
|
||||
|
||||
var num_accounts = ssid_sessions[socket.ssid].getNumberOfUserAccounts();
|
||||
var num_accounts = session_data.getNumberOfUserAccounts();
|
||||
if (num_accounts > 1) data += "Additional users:</B></FONT>";
|
||||
|
||||
data += "<TD WIDTH=20><TD WIDTH=198 VALIGN=top ALIGN=left>";
|
||||
|
||||
@@ -2,8 +2,8 @@ var minisrv_service_file = true;
|
||||
var errpage;
|
||||
|
||||
|
||||
if (ssid_sessions[socket.ssid].user_id != 0) errpage = wtvshared.doErrorPage(400, "You are not authorized to add users to this account.");
|
||||
else if (ssid_sessions[socket.ssid].getNumberOfUserAccounts() > minisrv_config.config.user_accounts.max_users_per_account) errpage = wtvshared.doErrorPage(400, "You are not authorized to add more than " + minisrv_config.config.user_accounts.max_users_per_account + ` account${minisrv_config.config.user_accounts.max_users_per_account > 1 ? 's' : ''}.`);
|
||||
if (session_data.user_id != 0) errpage = wtvshared.doErrorPage(400, "You are not authorized to add users to this account.");
|
||||
else if (session_data.getNumberOfUserAccounts() > minisrv_config.config.user_accounts.max_users_per_account) errpage = wtvshared.doErrorPage(400, "You are not authorized to add more than " + minisrv_config.config.user_accounts.max_users_per_account + ` account${minisrv_config.config.user_accounts.max_users_per_account > 1 ? 's' : ''}.`);
|
||||
|
||||
|
||||
if (errpage) {
|
||||
|
||||
@@ -4,13 +4,13 @@ var errpage = null;
|
||||
const WTVRegister = require("./WTVRegister.js")
|
||||
const wtvr = new WTVRegister(minisrv_config, SessionStore);
|
||||
|
||||
if (ssid_sessions[socket.ssid].user_id != 0) errpage = wtvshared.doErrorPage(400, "You are not authorized to add users to this account.");
|
||||
if (session_data.user_id != 0) errpage = wtvshared.doErrorPage(400, "You are not authorized to add users to this account.");
|
||||
else if (!request_headers.query.user_name) errpage = doErrorPage(400, "Please enter a username.");
|
||||
else if (request_headers.query.user_name.length < minisrv_config.config.user_accounts.min_username_length) errpage = wtvshared.doErrorPage(400, "Please choose a username with <b>" + minisrv_config.config.user_accounts.min_username_length + "</b> or more characters.");
|
||||
else if (request_headers.query.user_name.length > minisrv_config.config.user_accounts.max_username_length) errpage = wtvshared.doErrorPage(400, "Please choose a username with <b>" + minisrv_config.config.user_accounts.max_username_length + "</b> or less characters.");
|
||||
else if (!wtvr.checkUsernameSanity(request_headers.query.user_name)) errpage = wtvshared.doErrorPage(400, "The username you have chosen contains invalid characters. Please choose a username with only <b>letters</b>, <b>numbers</b>, <b>_</b> or <b>-</b>. Also, please be sure your username begins with a letter.");
|
||||
else if (!wtvr.checkUsernameAvailable(request_headers.query.user_name)) errpage = wtvshared.doErrorPage(400, "The username you have selected is already in use. Please select another username.");
|
||||
else if (ssid_sessions[socket.ssid].getNumberOfUserAccounts() > minisrv_config.config.user_accounts.max_users_per_account) errpage = wtvshared.doErrorPage(400, "You are not authorized to add more than " + minisrv_config.config.user_accounts.max_users_per_account + ` account${minisrv_config.config.user_accounts.max_users_per_account > 1 ? 's' : ''}.`);
|
||||
else if (session_data.getNumberOfUserAccounts() > minisrv_config.config.user_accounts.max_users_per_account) errpage = wtvshared.doErrorPage(400, "You are not authorized to add more than " + minisrv_config.config.user_accounts.max_users_per_account + ` account${minisrv_config.config.user_accounts.max_users_per_account > 1 ? 's' : ''}.`);
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -1,10 +1,10 @@
|
||||
var minisrv_service_file = true;
|
||||
var errpage;
|
||||
|
||||
if (Object.keys(ssid_sessions[socket.ssid].listPrimaryAccountUsers()).length >= minisrv_config.config.user_accounts.max_users_per_account) {
|
||||
if (Object.keys(session_data.listPrimaryAccountUsers()).length >= minisrv_config.config.user_accounts.max_users_per_account) {
|
||||
errpage = wtvshared.doErrorPage(400, "You are not authorized to add more than " + minisrv_config.config.user_accounts.max_users_per_account + ` account${minisrv_config.config.user_accounts.max_users_per_account > 1 ? 's' : ''}.`);
|
||||
}
|
||||
else if (ssid_sessions[socket.ssid].user_id != 0) errpage = wtvshared.doErrorPage(400, "You are not authorized to add users to this account.");
|
||||
else if (session_data.user_id != 0) errpage = wtvshared.doErrorPage(400, "You are not authorized to add users to this account.");
|
||||
|
||||
|
||||
if (errpage) {
|
||||
|
||||
@@ -1,8 +1,5 @@
|
||||
var minisrv_service_file = true;
|
||||
|
||||
var WTVBGMusic = require("./WTVBGMusic.js");
|
||||
var wtvbgm = new WTVBGMusic(minisrv_config, ssid_sessions[socket.ssid])
|
||||
|
||||
var catsListed = 0;
|
||||
var categories = wtvbgm.getCategoryList();
|
||||
var divide = Math.round(categories.length / 2, 0);
|
||||
|
||||
@@ -1,11 +1,11 @@
|
||||
var minisrv_service_file = true;
|
||||
|
||||
ssid_sessions[socket.ssid].loadSessionData();
|
||||
session_data.loadSessionData();
|
||||
|
||||
var user_id = (request_headers.query.user_id) ? request_headers.query.user_id : ssid_sessions[socket.ssid].user_id;
|
||||
var user_id = (request_headers.query.user_id) ? request_headers.query.user_id : session_data.user_id;
|
||||
|
||||
// security
|
||||
if (ssid_sessions[socket.ssid].user_id != 0 && ssid_sessions[socket.ssid].user_id != user_id) {
|
||||
if (session_data.user_id != 0 && session_data.user_id != user_id) {
|
||||
user_id = null; // force unset
|
||||
var errpage = wtvshared.doErrorPage(400, "You are not authorized to change the selected user's password.");
|
||||
headers = errpage[0];
|
||||
@@ -14,7 +14,7 @@ if (ssid_sessions[socket.ssid].user_id != 0 && ssid_sessions[socket.ssid].user_i
|
||||
|
||||
if (user_id != null) {
|
||||
var userSession = null;
|
||||
if (ssid_sessions[socket.ssid].user_id == request_headers.query.user_id) userSession = ssid_sessions[socket.ssid];
|
||||
if (session_data.user_id == request_headers.query.user_id) userSession = session_data;
|
||||
else {
|
||||
userSession = new WTVClientSessionData(minisrv_config, socket.ssid);
|
||||
userSession.user_id = user_id;
|
||||
@@ -34,7 +34,7 @@ Content-Type: text/html`;
|
||||
<HTML>
|
||||
<HEAD>
|
||||
<TITLE>
|
||||
Change ${(user_id == ssid_sessions[socket.ssid].user_id) ? 'your' : 'user'} password
|
||||
Change ${(user_id == session_data.user_id) ? 'your' : 'user'} password
|
||||
</TITLE>
|
||||
<DISPLAY nosave
|
||||
noscroll>
|
||||
@@ -74,7 +74,7 @@ noscroll>
|
||||
<td abswidth=14>
|
||||
<td abswidth=416 absheight=80 valign=center>
|
||||
<font size="+2" color="E7CE4A"><blackface><shadow>
|
||||
Change ${(user_id == ssid_sessions[socket.ssid].user_id) ? 'your' : 'user'} password
|
||||
Change ${(user_id == session_data.user_id) ? 'your' : 'user'} password
|
||||
<td abswidth=20>
|
||||
<tr>
|
||||
<td>
|
||||
|
||||
@@ -1,15 +1,15 @@
|
||||
var minisrv_service_file = true;
|
||||
ssid_sessions[socket.ssid].loadSessionData();
|
||||
session_data.loadSessionData();
|
||||
|
||||
var user_id = null;
|
||||
if (request_headers.query.user_id) {
|
||||
user_id = request_headers.query.user_id;
|
||||
} else {
|
||||
user_id = ssid_sessions[socket.ssid].user_id;
|
||||
user_id = session_data.user_id;
|
||||
}
|
||||
|
||||
// security
|
||||
if (ssid_sessions[socket.ssid].user_id != 0 && ssid_sessions[socket.ssid].user_id != request_headers.query.user_id) {
|
||||
if (session_data.user_id != 0 && session_data.user_id != request_headers.query.user_id) {
|
||||
user_id = null; // force unset
|
||||
var errpage = doErrorPage(400, "You are not authorized to edit the selected user.");
|
||||
headers = errpage[0];
|
||||
@@ -19,10 +19,10 @@ if (ssid_sessions[socket.ssid].user_id != 0 && ssid_sessions[socket.ssid].user_i
|
||||
if (user_id != null) {
|
||||
headers = `200 OK
|
||||
Connection: Keep-Alive
|
||||
wtv-mail-count: ${ssid_sessions[socket.ssid].mailstore.countUnreadMessages(0)}
|
||||
wtv-mail-count: ${session_data.mailstore.countUnreadMessages(0)}
|
||||
Content-Type: text/html`
|
||||
var userSession = null;
|
||||
if (ssid_sessions[socket.ssid].user_id == request_headers.query.user_id) userSession = ssid_sessions[socket.ssid];
|
||||
if (session_data.user_id == request_headers.query.user_id) userSession = session_data;
|
||||
else {
|
||||
userSession = new WTVClientSessionData(minisrv_config, socket.ssid);
|
||||
userSession.user_id = user_id;
|
||||
|
||||
@@ -1,11 +1,11 @@
|
||||
var minisrv_service_file = true;
|
||||
|
||||
ssid_sessions[socket.ssid].loadSessionData();
|
||||
session_data.loadSessionData();
|
||||
|
||||
var user_id = (request_headers.query.user_id) ? request_headers.query.user_id : ssid_sessions[socket.ssid].user_id;
|
||||
var user_id = (request_headers.query.user_id) ? request_headers.query.user_id : session_data.user_id;
|
||||
|
||||
// security
|
||||
if (ssid_sessions[socket.ssid].user_id != 0 && ssid_sessions[socket.ssid].user_id != request_headers.query.user_id) {
|
||||
if (session_data.user_id != 0 && session_data.user_id != request_headers.query.user_id) {
|
||||
user_id = null; // force unset
|
||||
var errpage = wtvshared.doErrorPage(400, "You are not authorized to change the selected user's password.");
|
||||
headers = errpage[0];
|
||||
@@ -14,7 +14,7 @@ if (ssid_sessions[socket.ssid].user_id != 0 && ssid_sessions[socket.ssid].user_i
|
||||
|
||||
if (user_id != null) {
|
||||
var userSession = null;
|
||||
if (ssid_sessions[socket.ssid].user_id == request_headers.query.user_id) userSession = ssid_sessions[socket.ssid];
|
||||
if (session_data.user_id == request_headers.query.user_id) userSession = session_data;
|
||||
else {
|
||||
userSession = new WTVClientSessionData(minisrv_config, socket.ssid);
|
||||
userSession.user_id = user_id;
|
||||
|
||||
@@ -1,7 +1,5 @@
|
||||
var minisrv_service_file = true;
|
||||
|
||||
var WTVBGMusic = require("./WTVBGMusic.js");
|
||||
var wtvbgm = new WTVBGMusic(minisrv_config, ssid_sessions[socket.ssid])
|
||||
var music_obj = wtvbgm.getMusicObj();
|
||||
|
||||
headers = `
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
var minisrv_service_file = true;
|
||||
|
||||
if (ssid_sessions[socket.ssid].lockdown) {
|
||||
if (session_data.lockdown) {
|
||||
headers = `200 OK
|
||||
wtv-printer-model: -1,-1
|
||||
wtv-printer-pen: 0,0,1,0
|
||||
@@ -10,7 +10,7 @@ Content-Type: text/html`;
|
||||
data = "";
|
||||
} else {
|
||||
|
||||
var settings_obj = ssid_sessions[socket.ssid].getSessionData("wtv-setup");
|
||||
var settings_obj = session_data.getSessionData("wtv-setup");
|
||||
if (settings_obj === null) settings_obj = {};
|
||||
|
||||
settings_obj["from-server"] = 1;
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
var minisrv_service_file = true;
|
||||
|
||||
var settings_obj = ssid_sessions[socket.ssid].getSessionData("wtv-setup");
|
||||
var settings_obj = session_data.getSessionData("wtv-setup");
|
||||
if (settings_obj === null) settings_obj = {};
|
||||
|
||||
headers = `200 OK
|
||||
|
||||
@@ -84,7 +84,7 @@ cols=45 rows=5
|
||||
autoactivate
|
||||
nosoftbreaks
|
||||
maxlength=4096
|
||||
font=proportional>${ssid_sessions[socket.ssid].getSessionData("subscriber_signature") || ""}</TEXTAREA></FORM></TD>
|
||||
font=proportional>${session_data.getSessionData("subscriber_signature") || ""}</TEXTAREA></FORM></TD>
|
||||
</FORM>
|
||||
<TR>
|
||||
<TD>
|
||||
|
||||
@@ -69,7 +69,7 @@ the next time you connect to WebTV.
|
||||
<tr>
|
||||
<td align=left>
|
||||
User Name<form action=validate-messenger-account>
|
||||
<INPUT noSubmit name="email" id="email" Value="${ssid_sessions[socket.ssid].getSessionData("messenger_email")}"
|
||||
<INPUT noSubmit name="email" id="email" Value="${session_data.getSessionData("messenger_email")}"
|
||||
bgcolor=#444444 text=#ffdd33 cursor=#cc9933
|
||||
TYPE="input" ASCIIONLY
|
||||
SIZE="16"
|
||||
|
||||
@@ -1,13 +1,13 @@
|
||||
var minisrv_service_file = true;
|
||||
|
||||
if (!ssid_sessions[socket.ssid].getSessionData("messenger_enabled") == 1) {
|
||||
ssid_sessions[socket.ssid].setSessionData("messenger_enabled", 1);
|
||||
ssid_sessions[socket.ssid].saveSessionData;
|
||||
if (!session_data.getSessionData("messenger_enabled") == 1) {
|
||||
session_data.setSessionData("messenger_enabled", 1);
|
||||
session_data.saveSessionData;
|
||||
var justenabled = "true"
|
||||
var enablestatus = "1"
|
||||
} else {
|
||||
ssid_sessions[socket.ssid].setSessionData("messenger_enabled", 0);
|
||||
ssid_sessions[socket.ssid].saveSessionData;
|
||||
session_data.setSessionData("messenger_enabled", 0);
|
||||
session_data.saveSessionData;
|
||||
var justenabled = "false"
|
||||
var enablestatus = "0"
|
||||
}
|
||||
|
||||
@@ -69,7 +69,7 @@ Messenger
|
||||
<tr>
|
||||
<td absheight=195 valign=top>
|
||||
Messenger is currently <b>`;
|
||||
if (ssid_sessions[socket.ssid].getSessionData("messenger_enabled") == 1) {
|
||||
if (session_data.getSessionData("messenger_enabled") == 1) {
|
||||
data += "on"
|
||||
} else {
|
||||
data += "off"
|
||||
@@ -81,7 +81,7 @@ if (ssid_sessions[socket.ssid].getSessionData("messenger_enabled") == 1) {
|
||||
<tr>
|
||||
<td align=left>
|
||||
<a href="messenger-enable">Turn messenger `;
|
||||
if (!ssid_sessions[socket.ssid].getSessionData("messenger_enabled") == 1) {
|
||||
if (!session_data.getSessionData("messenger_enabled") == 1) {
|
||||
data += "on"
|
||||
} else {
|
||||
data += "off"
|
||||
|
||||
@@ -82,7 +82,7 @@ Dialing options
|
||||
<A HREF="wtv-setup:/phone-call-waiting"><BLACKFACE>Call waiting</BLACKFACE></A><BR>
|
||||
<FONT SIZE="-1">Call waiting can be turned off automatically</FONT><BR>
|
||||
<spacer type=block WIDTH=1 HEIGHT=12><BR>
|
||||
<A HREF="${ssid_sessions[socket.ssid].get("wtv-open-access") ? 'file://rom/HTMLs/ConfigureBYOISP.html' : 'client:GoToBYOISPIntro'}"><BLACKFACE>Use an ISP</BLACKFACE></A><BR>
|
||||
<A HREF="${session_data.get("wtv-open-access") ? 'file://rom/HTMLs/ConfigureBYOISP.html' : 'client:GoToBYOISPIntro'}"><BLACKFACE>Use an ISP</BLACKFACE></A><BR>
|
||||
<FONT SIZE="-1">Save money if you dial long distance to WebTV</FONT><BR>
|
||||
|
||||
<TD WIDTH=20>
|
||||
|
||||
@@ -1,10 +1,10 @@
|
||||
var minisrv_service_file = true;
|
||||
var errpage;
|
||||
|
||||
if (Object.keys(ssid_sessions[socket.ssid].listPrimaryAccountUsers()).length == 1) {
|
||||
if (Object.keys(session_data.listPrimaryAccountUsers()).length == 1) {
|
||||
errpage = wtvshared.doErrorPage(400, "There are no more users to remove.");
|
||||
}
|
||||
else if (ssid_sessions[socket.ssid].user_id != 0) errpage = wtvshared.doErrorPage(400, "You are not authorized to add users to this account.");
|
||||
else if (session_data.user_id != 0) errpage = wtvshared.doErrorPage(400, "You are not authorized to add users to this account.");
|
||||
if (errpage) {
|
||||
headers = errpage[0];
|
||||
data = errpage[1];
|
||||
@@ -95,9 +95,9 @@ noscroll>
|
||||
<P><FORM ACTION="wtv-setup:/validate-remove-users" METHOD="POST">
|
||||
`;
|
||||
|
||||
var accounts = ssid_sessions[socket.ssid].listPrimaryAccountUsers();
|
||||
var accounts = session_data.listPrimaryAccountUsers();
|
||||
|
||||
var num_accounts = ssid_sessions[socket.ssid].getNumberOfUserAccounts();
|
||||
var num_accounts = session_data.getNumberOfUserAccounts();
|
||||
if (num_accounts > 1) {
|
||||
delete accounts.subscriber;
|
||||
for (const [key, value] of Object.entries(accounts)) {
|
||||
|
||||
@@ -1,8 +1,8 @@
|
||||
var minisrv_service_file = true;
|
||||
|
||||
var music_obj = {};
|
||||
ssid_sessions[socket.ssid].setSessionData("wtv-bgmusic", music_obj);
|
||||
ssid_sessions[socket.ssid].saveSessionData();
|
||||
session_data.setSessionData("wtv-bgmusic", music_obj);
|
||||
session_data.saveSessionData();
|
||||
headers = `300 OK
|
||||
Location: wtv-setup:/choose-bg-songs
|
||||
wtv-backgroundmusic-load-playlist: wtv-setup:/get-playlist`;
|
||||
|
||||
@@ -75,7 +75,7 @@ Television
|
||||
<FONT SIZE="-1">Center WebTV on your screen</FONT><BR>`;
|
||||
|
||||
// old classic apparently can do Screen Border
|
||||
if (ssid_sessions[socket.ssid].get("wtv-client-rom-type") == "bf0app") {
|
||||
if (session_data.get("wtv-client-rom-type") == "bf0app") {
|
||||
data += `<spacer type=block width=1 height=5><BR>
|
||||
<A HREF="wtv-setup:/screen-border" selected><BLACKFACE>Border</BLACKFACE></A><BR>
|
||||
<FONT SIZE="-1">Change the color of the screen border</FONT><BR>`;
|
||||
|
||||
@@ -1,7 +1,5 @@
|
||||
var minisrv_service_file = true;
|
||||
|
||||
var WTVBGMusic = require("./WTVBGMusic.js");
|
||||
var wtvbgm = new WTVBGMusic(minisrv_config, ssid_sessions[socket.ssid]);
|
||||
if (request_headers.query.category) {
|
||||
var musicList = wtvbgm.getCategorySongList(request_headers.query.category);
|
||||
var categoryName = wtvbgm.getCategoryName(request_headers.query.category);
|
||||
|
||||
@@ -1,14 +1,14 @@
|
||||
var minisrv_service_file = true;
|
||||
|
||||
if (request_headers.query && ssid_sessions[socket.ssid]) {
|
||||
var settings_obj = ssid_sessions[socket.ssid].getSessionData("wtv-setup");
|
||||
if (request_headers.query && session_data) {
|
||||
var settings_obj = session_data.getSessionData("wtv-setup");
|
||||
if (settings_obj === null) settings_obj = {};
|
||||
|
||||
Object.keys(request_headers.query).forEach(function (k) {
|
||||
settings_obj[k] = request_headers.query[k];
|
||||
});
|
||||
ssid_sessions[socket.ssid].setSessionData("wtv-setup", Object.assign({}, settings_obj));
|
||||
ssid_sessions[socket.ssid].saveSessionData();
|
||||
session_data.setSessionData("wtv-setup", Object.assign({}, settings_obj));
|
||||
session_data.saveSessionData();
|
||||
headers = `200 OK
|
||||
Content-type: text/html`;
|
||||
} else {
|
||||
|
||||
@@ -1,5 +1,4 @@
|
||||
var minisrv_service_file = true;
|
||||
var { WTVShared, clientShowAlert } = require("./WTVShared.js");
|
||||
|
||||
var notImplementedAlert = new clientShowAlert({
|
||||
'image': minisrv_config.config.service_logo,
|
||||
@@ -63,7 +62,7 @@ hspace=0 vspace=0
|
||||
<td valign=center absheight=80>
|
||||
<shadow><blackface><font color="e7ce4a" font size="+1">
|
||||
Settings
|
||||
for ${ssid_sessions[socket.ssid].getSessionData("subscriber_username") || "You"}
|
||||
for ${session_data.getSessionData("subscriber_username") || "You"}
|
||||
</font><blackface><shadow>
|
||||
</table>
|
||||
<tr>
|
||||
@@ -117,7 +116,7 @@ data += `
|
||||
<a href="wtv-setup:/keyboard">Keyboard</a><BR>
|
||||
<spacer type=block width=1 height=5><BR>`;
|
||||
|
||||
if (ssid_sessions[socket.ssid].user_id == 0) {
|
||||
if (session_data.user_id == 0) {
|
||||
data += `<img src="ROMCache/BulletArrow.gif" width=6 height=13 valign=absmiddle><spacer type=block width=6 height=1>
|
||||
<a href="wtv-setup:/accounts">Extra Users</a><BR>
|
||||
<spacer type=block width=1 height=5><BR>`;
|
||||
@@ -149,7 +148,7 @@ if (!minisrv_config.config.hide_incomplete_features) {
|
||||
<spacer type=block width=6 height=5><font size="2"><br>`;
|
||||
}
|
||||
data += `Choose an on-screen keyboard<BR>`;
|
||||
if (ssid_sessions[socket.ssid].user_id == 0) {
|
||||
if (session_data.user_id == 0) {
|
||||
data += `<spacer type=block width=6 height=5><font size="2"><br>
|
||||
Add, change, or remove users<BR>`;
|
||||
}
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
var minisrv_service_file = true;
|
||||
var canDoMuzac = ssid_sessions[socket.ssid].hasCap('client-can-do-muzac');
|
||||
var canDoMuzac = session_data.hasCap('client-can-do-muzac');
|
||||
|
||||
headers = `200 OK
|
||||
Connection: Keep-Alive
|
||||
|
||||
@@ -2,7 +2,7 @@ var minisrv_service_file = true;
|
||||
var userSession = null;
|
||||
var errpage = null;
|
||||
|
||||
if (ssid_sessions[socket.ssid].user_id != 0) errpage = wtvshared.doErrorPage(400, "You are not authorized to add users to this account.");
|
||||
if (session_data.user_id != 0) errpage = wtvshared.doErrorPage(400, "You are not authorized to add users to this account.");
|
||||
|
||||
// seperate if statements as to not overwrite the first error if multiple occur
|
||||
|
||||
@@ -16,7 +16,7 @@ if (!errpage) {
|
||||
}
|
||||
|
||||
if (!errpage) {
|
||||
if (ssid_sessions[socket.ssid].getNumberOfUserAccounts() > minisrv_config.config.user_accounts.max_users_per_account) errpage = wtvshared.doErrorPage(400, "You are not authorized to add more than " + minisrv_config.config.user_accounts.max_users_per_account + ` account${minisrv_config.config.user_accounts.max_users_per_account > 1 ? 's' : ''}.`);
|
||||
if (session_data.getNumberOfUserAccounts() > minisrv_config.config.user_accounts.max_users_per_account) errpage = wtvshared.doErrorPage(400, "You are not authorized to add more than " + minisrv_config.config.user_accounts.max_users_per_account + ` account${minisrv_config.config.user_accounts.max_users_per_account > 1 ? 's' : ''}.`);
|
||||
}
|
||||
|
||||
if (errpage) {
|
||||
@@ -25,7 +25,7 @@ if (errpage) {
|
||||
} else {
|
||||
if (!request_headers.query.display_name) request_headers.query.display_name = request_headers.query.username;
|
||||
userSession = new WTVClientSessionData(minisrv_config, socket.ssid);
|
||||
var freeUserId = ssid_sessions[socket.ssid].findFreeUserSlot(ssid_sessions[socket.ssid]);
|
||||
var freeUserId = session_data.findFreeUserSlot(session_data);
|
||||
if (freeUserId) {
|
||||
userSession.user_id = freeUserId;
|
||||
userSession.setSessionData("subscriber_userid", freeUserId);
|
||||
|
||||
@@ -1,12 +1,12 @@
|
||||
var minisrv_service_file = true;
|
||||
var errpage = null;
|
||||
|
||||
if (ssid_sessions[socket.ssid].user_id != 0) errpage = wtvshared.doErrorPage(400, "You are not authorized to add users to this account.");
|
||||
if (session_data.user_id != 0) errpage = wtvshared.doErrorPage(400, "You are not authorized to add users to this account.");
|
||||
|
||||
// seperate if statements as to not overwrite the first error if multiple occur
|
||||
|
||||
if (!errpage) {
|
||||
if (ssid_sessions[socket.ssid].getNumberOfUserAccounts() > minisrv_config.config.user_accounts.max_users_per_account) errpage = wtvshared.doErrorPage(400, "You are not authorized to add more than " + minisrv_config.config.user_accounts.max_users_per_account + ` account${minisrv_config.config.user_accounts.max_users_per_account > 1 ? 's' : ''}.`);
|
||||
if (session_data.getNumberOfUserAccounts() > minisrv_config.config.user_accounts.max_users_per_account) errpage = wtvshared.doErrorPage(400, "You are not authorized to add more than " + minisrv_config.config.user_accounts.max_users_per_account + ` account${minisrv_config.config.user_accounts.max_users_per_account > 1 ? 's' : ''}.`);
|
||||
}
|
||||
|
||||
if (!errpage) {
|
||||
|
||||
@@ -1,11 +1,9 @@
|
||||
var minisrv_service_file = true;
|
||||
|
||||
if (request_headers.query && ssid_sessions[socket.ssid]) {
|
||||
if (request_headers.query && session_data) {
|
||||
|
||||
if (request_headers.request_url.indexOf('?') >= 0) {
|
||||
var category = (request_headers.query.category) ? request_headers.query.category : null;
|
||||
var WTVBGMusic = require("./WTVBGMusic.js");
|
||||
var wtvbgm = new WTVBGMusic(minisrv_config, ssid_sessions[socket.ssid])
|
||||
var music_obj = wtvbgm.getMusicObj();
|
||||
var old_music_obj = Object.assign({}, music_obj);
|
||||
|
||||
@@ -42,8 +40,8 @@ if (request_headers.query && ssid_sessions[socket.ssid]) {
|
||||
music_obj = Object.assign({}, music_obj)
|
||||
if ((Object.keys(music_obj.enableCategories).length != Object.keys(old_music_obj.enableCategories).length) || (Object.keys(music_obj.enableSongs).length != Object.keys(old_music_obj.enableSongs).length)) {
|
||||
// something changed
|
||||
ssid_sessions[socket.ssid].setSessionData("wtv-bgmusic", music_obj);
|
||||
ssid_sessions[socket.ssid].saveSessionData();
|
||||
session_data.setSessionData("wtv-bgmusic", music_obj);
|
||||
session_data.saveSessionData();
|
||||
headers = `200 OK
|
||||
Content-type: text/html
|
||||
wtv-backgroundmusic-load-playlist: wtv-setup:/get-playlist`;
|
||||
|
||||
@@ -1,11 +1,11 @@
|
||||
var minisrv_service_file = true;
|
||||
|
||||
ssid_sessions[socket.ssid].loadSessionData();
|
||||
session_data.loadSessionData();
|
||||
|
||||
var user_id = (request_headers.query.user_id) ? request_headers.query.user_id : ssid_sessions[socket.ssid].user_id;
|
||||
var user_id = (request_headers.query.user_id) ? request_headers.query.user_id : session_data.user_id;
|
||||
|
||||
// security
|
||||
if (ssid_sessions[socket.ssid].user_id != 0 && ssid_sessions[socket.ssid].user_id != request_headers.query.user_id) {
|
||||
if (session_data.user_id != 0 && session_data.user_id != request_headers.query.user_id) {
|
||||
user_id = null; // force unset
|
||||
var errpage = wtvshared.doErrorPage(400, "You are not authorized to change the selected user's password.");
|
||||
headers = errpage[0];
|
||||
@@ -14,7 +14,7 @@ if (ssid_sessions[socket.ssid].user_id != 0 && ssid_sessions[socket.ssid].user_i
|
||||
|
||||
if (user_id != null) {
|
||||
var userSession;
|
||||
if (ssid_sessions[socket.ssid].user_id == request_headers.query.user_id) userSession = ssid_sessions[socket.ssid];
|
||||
if (session_data.user_id == request_headers.query.user_id) userSession = session_data;
|
||||
else {
|
||||
userSession = new WTVClientSessionData(minisrv_config, socket.ssid);
|
||||
userSession.user_id = user_id;
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
var minisrv_service_file = true;
|
||||
var userSession = null;
|
||||
|
||||
ssid_sessions[socket.ssid].loadSessionData();
|
||||
session_data.loadSessionData();
|
||||
|
||||
var user_id = null;
|
||||
if (request_headers.query.user_id) {
|
||||
@@ -12,7 +12,7 @@ if (request_headers.query.user_id) {
|
||||
data = errpage[1];
|
||||
}
|
||||
|
||||
if (ssid_sessions[socket.ssid].user_id != 0 && ssid_sessions[socket.ssid].user_id != request_headers.query.user_id) {
|
||||
if (session_data.user_id != 0 && session_data.user_id != request_headers.query.user_id) {
|
||||
user_id = null; // force unset
|
||||
var errpage = doErrorPage(400, "You are not authorized to edit the selected user.");
|
||||
headers = errpage[0];
|
||||
@@ -22,10 +22,10 @@ if (ssid_sessions[socket.ssid].user_id != 0 && ssid_sessions[socket.ssid].user_i
|
||||
if (user_id && !errpage) {
|
||||
headers = `200 OK
|
||||
Connection: Keep-Alive
|
||||
wtv-mail-count: ${ssid_sessions[socket.ssid].mailstore.countUnreadMessages(0)}
|
||||
wtv-mail-count: ${session_data.mailstore.countUnreadMessages(0)}
|
||||
Content-Type: text/html`
|
||||
var userSession = null;
|
||||
if (ssid_sessions[socket.ssid].user_id == request_headers.query.user_id) userSession = ssid_sessions[socket.ssid];
|
||||
if (session_data.user_id == request_headers.query.user_id) userSession = session_data;
|
||||
else {
|
||||
userSession = new WTVClientSessionData(minisrv_config, socket.ssid);
|
||||
userSession.user_id = user_id;
|
||||
@@ -47,7 +47,7 @@ wtv-expire: wtv-setup:/setup
|
||||
headers += `wtv-expire: ${request_headers.query.return_to}
|
||||
Location: ${request_headers.query.return_to}`;
|
||||
}
|
||||
else headers += "Location: " + (ssid_sessions[socket.ssid].user_id === user_id) ? 'wtv-setup:/setup' : 'wtv-setup:/accounts';
|
||||
else headers += "Location: " + (session_data.user_id === user_id) ? 'wtv-setup:/setup' : 'wtv-setup:/accounts';
|
||||
}
|
||||
else if (request_headers.query.password.length < minisrv_config.config.passwords.min_length) errpage = wtvshared.doErrorPage(400, "Your password must contain at least " + minisrv_config.config.passwords.min_length + " characters.");
|
||||
else if (request_headers.query.password.length > minisrv_config.config.passwords.max_length) errpage = wtvshared.doErrorPage(400, "Your password must contain no more than than " + minisrv_config.config.passwords.max_length + " characters.");
|
||||
@@ -67,7 +67,7 @@ wtv-expire: wtv-setup:/setup
|
||||
headers += `wtv-expire: ${request_headers.query.return_to}
|
||||
Location: ${request_headers.query.return_to}`;
|
||||
}
|
||||
else headers += "Location: "+ (ssid_sessions[socket.ssid].user_id === user_id) ? 'wtv-setup:/setup' : 'wtv-setup:/accounts';
|
||||
else headers += "Location: "+ (session_data.user_id === user_id) ? 'wtv-setup:/setup' : 'wtv-setup:/accounts';
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,8 +1,8 @@
|
||||
var minisrv_service_file = true;
|
||||
|
||||
if (request_headers.query && ssid_sessions[socket.ssid]) {
|
||||
ssid_sessions[socket.ssid].setSessionData("subscriber_signature", (request_headers.query.mail_signature) ? request_headers.query.mail_signature : "");
|
||||
ssid_sessions[socket.ssid].saveSessionData();
|
||||
if (request_headers.query && session_data) {
|
||||
session_data.setSessionData("subscriber_signature", (request_headers.query.mail_signature) ? request_headers.query.mail_signature : "");
|
||||
session_data.saveSessionData();
|
||||
headers = `200 OK
|
||||
Content-type: text/html`
|
||||
} else {
|
||||
|
||||
@@ -10,12 +10,12 @@ if (errpage) {
|
||||
headers = errpage[0];
|
||||
data = errpage[1];
|
||||
} else {
|
||||
var encryptedpass = ssid_sessions[socket.ssid].encryptPassword(request_headers.query.password);
|
||||
var encryptedpass = session_data.encryptPassword(request_headers.query.password);
|
||||
|
||||
ssid_sessions[socket.ssid].setSessionData("messenger_password", encryptedpass);
|
||||
ssid_sessions[socket.ssid].setSessionData("messenger_email", request_headers.query.email);
|
||||
ssid_sessions[socket.ssid].setSessionData("messenger_domain", request_headers.query.domain);
|
||||
ssid_sessions[socket.ssid].saveSessionData();
|
||||
session_data.setSessionData("messenger_password", encryptedpass);
|
||||
session_data.setSessionData("messenger_email", request_headers.query.email);
|
||||
session_data.setSessionData("messenger_domain", request_headers.query.domain);
|
||||
session_data.saveSessionData();
|
||||
|
||||
headers = `300 OK
|
||||
wtv-expire-all: wtv-setup:/messenger-account
|
||||
|
||||
@@ -1,10 +1,10 @@
|
||||
var minisrv_service_file = true;
|
||||
var errpage;
|
||||
|
||||
if (Object.keys(ssid_sessions[socket.ssid].listPrimaryAccountUsers()).length == 1) {
|
||||
if (Object.keys(session_data.listPrimaryAccountUsers()).length == 1) {
|
||||
errpage = wtvshared.doErrorPage(400, "There are no more users to remove.");
|
||||
}
|
||||
else if (ssid_sessions[socket.ssid].user_id != 0) errpage = wtvshared.doErrorPage(400, "You are not authorized to remove users from this account.");
|
||||
else if (session_data.user_id != 0) errpage = wtvshared.doErrorPage(400, "You are not authorized to remove users from this account.");
|
||||
|
||||
var usersToRemove = [];
|
||||
Object.keys(request_headers.query).forEach(function (k) {
|
||||
@@ -58,9 +58,9 @@ wtv-visit: ${confirmAlert}
|
||||
Location: ${confirmAlert}`
|
||||
} else {
|
||||
Object.keys(usersToRemove).forEach(function (k) {
|
||||
ssid_sessions[socket.ssid].removeUser(usersToRemove[k]);
|
||||
session_data.removeUser(usersToRemove[k]);
|
||||
})
|
||||
var num_accounts = ssid_sessions[socket.ssid].getNumberOfUserAccounts();
|
||||
var num_accounts = session_data.getNumberOfUserAccounts();
|
||||
var gourl = "wtv-setup:/remove-users?";
|
||||
if (num_accounts == 1) gourl = "wtv-setup:/accounts?";
|
||||
|
||||
|
||||
Reference in New Issue
Block a user