diff --git a/Gemfile b/Gemfile index 18434a7..0d852c0 100644 --- a/Gemfile +++ b/Gemfile @@ -10,7 +10,10 @@ gem 'jquery-rails' gem 'therubyracer' gem 'bcrypt-ruby', '~> 3.0.0' # To use ActiveModel has_secure_password gem 'simple_form' -gem 'rbbcode' +gem 'sanitize' +gem 'github-markdown' +gem 'hirb' #pretty console output +gem 'rb-readline' # Gems used only for assets and not required # in production environments by default. @@ -25,6 +28,7 @@ group :assets do end group :development do + gem 'webrick' gem 'better_errors' gem 'binding_of_caller' end diff --git a/Gemfile.lock b/Gemfile.lock index 30f44e2..da02402 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -48,7 +48,9 @@ GEM erubis (2.7.0) execjs (1.4.0) multi_json (~> 1.0) + github-markdown (0.5.5) hike (1.2.2) + hirb (0.7.1) i18n (0.6.4) journey (1.0.4) jquery-rails (2.2.1) @@ -87,15 +89,12 @@ GEM rdoc (~> 3.4) thor (>= 0.14.6, < 2.0) rake (10.0.4) - rbbcode (1.0.3) - sanitize - treetop + rb-readline (0.5.0) rdoc (3.12.2) json (~> 1.4) ref (1.0.4) sanitize (2.0.3) nokogiri (>= 1.4.4, < 1.6) - nokogiri (>= 1.4.4, < 1.6) sass (3.2.9) sass-rails (3.2.6) railties (~> 3.2.0) @@ -122,6 +121,7 @@ GEM uglifier (2.1.1) execjs (>= 0.3.0) multi_json (~> 1.0, >= 1.0.2) + webrick (1.3.1) PLATFORMS ruby @@ -131,11 +131,15 @@ DEPENDENCIES better_errors binding_of_caller coffee-rails (~> 3.2.1) + github-markdown + hirb jquery-rails rails (= 3.2.12) - rbbcode + rb-readline + sanitize sass-rails (~> 3.2.3) simple_form sqlite3 therubyracer uglifier (>= 1.0.3) + webrick diff --git a/app/assets/images/bg.png b/app/assets/images/bg.png index 46b8066..130fa4d 100644 Binary files a/app/assets/images/bg.png and b/app/assets/images/bg.png differ diff --git a/app/assets/images/bg1_noise.png b/app/assets/images/bg1_noise.png new file mode 100644 index 0000000..c80c228 Binary files /dev/null and b/app/assets/images/bg1_noise.png differ diff --git a/app/assets/images/bg2.png b/app/assets/images/bg2_black.png similarity index 100% rename from app/assets/images/bg2.png rename to app/assets/images/bg2_black.png diff --git a/app/assets/images/bg_white.png b/app/assets/images/bg_white.png new file mode 100644 index 0000000..46b8066 Binary files /dev/null and b/app/assets/images/bg_white.png differ diff --git a/app/assets/images/logo.png b/app/assets/images/logo.png index 82df6d0..f464350 100644 Binary files a/app/assets/images/logo.png and b/app/assets/images/logo.png differ diff --git a/app/assets/javascripts/app.js b/app/assets/javascripts/app.js index 5fa243f..b7bbd20 100644 --- a/app/assets/javascripts/app.js +++ b/app/assets/javascripts/app.js @@ -1,9 +1,24 @@ $(function(){ - - $('[data-confirm]').click(function(){ - var c = confirm($(this).attr('data-confirm')); - if (!c) return false; - }) - - $('#flash').delay(3000).fadeOut('slow'); + $('.flash').click(function(){ + $('.flash').animate({ + opacity: 0 + }, 'fast', function(){ + $(this).animate({ + height: 0 + }, 'slow', function(){ + $(this).hide(); + }) + }); + }); + setTimeout(function(){ + $('.flash').animate({ + opacity: 0 + }, 3000, function(){ + $(this).animate({ + height: 0 + }, 'slow', function(){ + $(this).hide(); + }) + }); + }, 4000); }) \ No newline at end of file diff --git a/app/assets/javascripts/application.js b/app/assets/javascripts/application.js index f59c271..50cd919 100644 --- a/app/assets/javascripts/application.js +++ b/app/assets/javascripts/application.js @@ -9,6 +9,6 @@ // // WARNING: THE FIRST BLANK LINE MARKS THE END OF WHAT'S TO BE PROCESSED, ANY BLANK LINE SHOULD // GO AFTER THE REQUIRES BELOW. -// //= require jquery -//= require app \ No newline at end of file +//= require jquery_ujs +//= require app diff --git a/app/assets/stylesheets/mobi.css.scss b/app/assets/stylesheets/mobi.css.scss index 154a36b..07231e3 100644 --- a/app/assets/stylesheets/mobi.css.scss +++ b/app/assets/stylesheets/mobi.css.scss @@ -2,5 +2,12 @@ @media only screen and (max-width: 999px) { - + #mobile-info { + background: none repeat scroll 0 0 #AB0000; + color: #FFFFFF; + font-weight: bold; + padding: 1em; + text-align: center; + display: block; + } } \ No newline at end of file diff --git a/app/assets/stylesheets/screen.css.scss b/app/assets/stylesheets/screen.css.scss index 9e12849..327e1ce 100644 --- a/app/assets/stylesheets/screen.css.scss +++ b/app/assets/stylesheets/screen.css.scss @@ -1,14 +1,5 @@ /* CSS for PCs only */ - -$lightgrey: #D1D1D1; -$lightergrey: #959595; -$midgrey: #787878; -$darkgrey: #434343; -$darkred: #AB0000; - - - @media only screen and (min-width: 1000px) { @@ -19,29 +10,32 @@ and (min-width: 1000px) body { background-image: url('/assets/bg.png'); + background-color: #252525; + background-attachment: fixed; + } + + #mobile-info { + display: none; } a { transition: color 0.25s; - color: $darkred; + color: #AB0000; text-decoration: none; &:hover { color: #F00; } } - #flash { + .flash { text-align: center; padding: 10px; font-weight: bold; - position: fixed; - top: 0; - left: 0; - right: 0; - &.notice { + cursor: pointer; + &#notice { background: #8e8; border-bottom: 3px dashed #8d8; } - &.alert { + &#alert { background: #ebb; border-bottom: 3px dashed #fdd; } @@ -61,7 +55,6 @@ and (min-width: 1000px) #userinfo { float: right; padding: 0 10px; - margin-top: 14px; img.avatar { border: 1px solid #000; border-radius: 16px; @@ -80,9 +73,9 @@ and (min-width: 1000px) } } a { - color: $midgrey; + color: #787878; &:hover { - color: $darkred; + color: #AB0000; } } #menu { @@ -93,7 +86,7 @@ and (min-width: 1000px) } ul { float: left; - margin-top: 0; + margin: 0; li { float: left; height: 100%; @@ -140,6 +133,10 @@ and (min-width: 1000px) } } + .user-avatar { + display: block; + } + .post { margin-bottom: 50px; .post-title { @@ -203,33 +200,37 @@ and (min-width: 1000px) } } - input { - &[type=text], &[type=email], &[type=password] { + input , select, textarea { + margin: 4px; + vertical-align: middle; + &[type=submit] { + margin: 0; + } + } + + input[type=text], input[type=email], input[type=password], textarea { border: 1px solid #aaa; border-radius: 3px; background: #eee; margin: 4px; - box-shadow: 0 0 5px $lightgrey inset; + box-shadow: 0 0 5px #959595 inset; height: 17px; width: 300px; - padding: 1px 0; + padding: 1px 3px; display: block; } + + input, select, textarea { + &.disabled, &[disabled] { + box-shadow: none; + background: #ddd; + } } textarea { - border: 1px solid #aaa; - border-radius: 3px; - background: #eee; - margin: 4px; - box-shadow: 0 0 5px $lightgrey inset; - height: 300px; - width: 300px; - max-width: 100%; - min-width: 300px; - min-height: 50px; - padding: 1px 0; - display: block; + max-width: 100% !important; + height: 200px; + padding: 5px 3px; &.vertical { resize: vertical; } @@ -276,7 +277,7 @@ and (min-width: 1000px) } .user-banned { - background: $darkred; + background: #AB0000; color: white; font-weight: bold; padding: 4px; @@ -284,6 +285,17 @@ and (min-width: 1000px) border-radius: 3px; } + .user-unconfirmed { + background: #AB0000; + color: white; + font-weight: bold; + padding: 4px 10px; + display: inline-block; + border-radius: 3px; + margin: 10px 0; + box-shadow: 0 0 10px #000; + } + .btn-blue { border: 1px solid; padding: 6px; @@ -302,14 +314,17 @@ and (min-width: 1000px) margin: 5px 0; display: table; a { - color: $midgrey; + color: #787878; display: inline-block; &:hover { - color: $darkred; + color: #AB0000; } } a.avatar_url { float: left; + height: 64px; + width: 64px; + background-color: #fff; } .user-info { margin-left: 10px; @@ -335,11 +350,11 @@ and (min-width: 1000px) transition: opacity 0.3s, margin 0.3s; } - #edit_create_post { + #edit_create_post, #edit_create_comment { float: left; } - #delete_post { + #delete_post, #delete_comment { float: right; } @@ -376,5 +391,9 @@ and (min-width: 1000px) } } + .red { + color: #AB0000; + font-weight: bold; + } } \ No newline at end of file diff --git a/app/assets/stylesheets/style.css.scss b/app/assets/stylesheets/style.css.scss index e731ee6..fed0df4 100644 --- a/app/assets/stylesheets/style.css.scss +++ b/app/assets/stylesheets/style.css.scss @@ -4,6 +4,3 @@ body { padding: 0; font: 14px/1.6 'Oswald','Calibri','Arial','DejaVu Sans', 'Open Sans','Lucida Sans','Lucida Grande','Lucida Sans Unicode',sans-serif; } - -// use screen.css -// and mobi.css \ No newline at end of file diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 10ef041..751114f 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -1,9 +1,19 @@ class ApplicationController < ActionController::Base protect_from_forgery + # force_ssl + helper :all include UsersHelper + include ApplicationHelper + helper_method :current_user + helper_method :disabled? + helper_method :banned? + helper_method :confirmed? + helper_method :unconfirmed? + helper_method :default? + helper_method :donor? helper_method :mod? helper_method :admin? helper_method :superadmin? @@ -14,16 +24,42 @@ class ApplicationController < ActionController::Base @current_user ||= User.find_by_id(session[:user_id]) end + #roles + def disabled? + !!(current_user && current_user.disabled?) + end + + def banned? + !!(current_user && current_user.banned?) + end + + def unconfirmed? + !!(current_user && current_user.unconfirmed?) + end + + #special one + def confirmed? + !!(current_user && current_user.confirmed?) + end + + def default? + !!(current_user && current_user.default?) + end + + def donor? + !!(current_user && current_user.donor?) + end + def mod? - !!(current_user && current_user.rank >= rank_to_int("mod")) + !!(current_user && current_user.mod?) end def admin? - !!(current_user && current_user.rank >= rank_to_int("admin")) + !!(current_user && current_user.admin?) end def superadmin? - !!(current_user && current_user.rank >= rank_to_int("superadmin")) + !!(current_user && current_user.superadmin?) end end \ No newline at end of file diff --git a/app/controllers/blogposts_controller.rb b/app/controllers/blogposts_controller.rb index a88d93c..d3a0bde 100644 --- a/app/controllers/blogposts_controller.rb +++ b/app/controllers/blogposts_controller.rb @@ -10,7 +10,7 @@ class BlogpostsController < ApplicationController end def new - if current_user && current_user.rank >= rank_to_int("mod") + if mod? @post = Blogpost.new else flash[:alert] = "You are not allowed to create a new post!" @@ -20,19 +20,21 @@ class BlogpostsController < ApplicationController def edit @post = Blogpost.find(params[:id]) - if current_user && ((current_user.rank >= rank_to_int("mod") && current_user.rank.to_i >= @post.user.rank.to_i) || (current_user == @edit.user)) + if mod? else - flash[:alert] = "You are not allowed to update this post!" + flash[:alert] = "You are not allowed to edit this post!" + redirect_to @post end end def create if mod? @post = Blogpost.new(params[:blogpost]) - @post.user = current_user + @post.user_author = current_user if @post.save redirect_to @post, notice: 'Post has been created.' else + flash[:alert] = @post.errors.first render action: "new" end else @@ -43,11 +45,12 @@ class BlogpostsController < ApplicationController def update @post = Blogpost.find(params[:id]) - if current_user && ((current_user.rank >= rank_to_int("mod") && current_user.rank.to_i >= @post.user.rank.to_i) || (current_user == @post.user)) + if mod? if @post.update_attributes(params[:blogpost]) redirect_to @post, notice: 'Post has been updated.' else flash[:alert] = "There was a problem while updating the post" + raise @post.errors render action: "edit" end end @@ -55,7 +58,7 @@ class BlogpostsController < ApplicationController def destroy @post = Blogpost.find(params[:id]) - if current_user && ((current_user.rank >= rank_to_int("mod") && current_user.rank.to_i >= @post.user.rank.to_i) || (current_user == @post.user)) + if mod? if @post.destroy flash[:notice] = "Post deleted!" else diff --git a/app/controllers/comments_controller.rb b/app/controllers/comments_controller.rb index 906d9c6..68a229b 100644 --- a/app/controllers/comments_controller.rb +++ b/app/controllers/comments_controller.rb @@ -2,8 +2,7 @@ class CommentsController < ApplicationController def edit @comment = Comment.find(params[:id]) - if current_user && ((current_user.rank >= rank_to_int("mod") && current_user.rank.to_i >= @comment.user.rank.to_i) || (current_user == @comment.user)) - session[:return_to] = blogpost_path(@comment.blogpost) + if mod? || @comment.author.is?(current_user) else flash[:alert] = "You are not allowed to edit this comment" redirect_to @comment.blogpost @@ -11,39 +10,43 @@ class CommentsController < ApplicationController end def create - if current_user + if confirmed? + params[:comment].slice!("content") if params[:comment] @comment = Comment.new(params[:comment]) - @comment.user_id = current_user.id + @comment.user_author = current_user @comment.blogpost = Blogpost.find(params[:blogpost_id]) if @comment.save redirect_to @comment.blogpost, notice: 'Comment created!' else - flash[:alert] = @comment.errors.full_messages.first - redirect_to blogpost_path(params[:blogpost_id]) + flash[:alert] = "Could not create comment." + redirect_to Blogpost.find(params[:blogpost_id]) end + else + flash[:alert] = "You are not allowed to create comments." + redirect_to Blogpost.find(params[:blogpost_id]) end end def update @comment = Comment.find(params[:id]) - if current_user && ((current_user.rank >= rank_to_int("mod") && current_user.rank.to_i >= @comment.user.rank.to_i) || (current_user == @comment.user)) + if mod? || @comment.author.is?(current_user) + params[:comment].slice!("content") if params[:comment] if @comment.update_attributes(params[:comment]) flash[:notice] = "Comment updated!" redirect_to @comment.blogpost else flash[:alert] = "There was a problem while updating your comment" - redirect_to session[:return_to] - session.delete(:redirect_to) + render action: "edit" end else flash[:alert] = "You are not allowed to edit this comment" - redirect_to blogpost_path(params[:blogpost_id]) + redirect_to @comment.blogpost end end def destroy @comment = Comment.find(params[:id]) - if current_user && ((current_user.rank >= rank_to_int("mod") && current_user.rank.to_i >= @comment.user.rank.to_i) || (current_user == @comment.user)) + if mod? || @comment.author.is?(current_user) if @comment.destroy flash[:notice] = "Comment deleted!" else diff --git a/app/controllers/forumgroups_controller.rb b/app/controllers/forumgroups_controller.rb index 208d408..4f41a7f 100644 --- a/app/controllers/forumgroups_controller.rb +++ b/app/controllers/forumgroups_controller.rb @@ -1,6 +1,9 @@ class ForumgroupsController < ApplicationController - def index @groups = Forumgroup.all.sort_by{|s| s[:position]} end + + def show + redirect_to forumgroups_path + "#forum-#{params[:id]}" + end end \ No newline at end of file diff --git a/app/controllers/forums_controller.rb b/app/controllers/forums_controller.rb index 82573fd..d7242cd 100644 --- a/app/controllers/forums_controller.rb +++ b/app/controllers/forums_controller.rb @@ -1,2 +1,11 @@ class ForumsController < ApplicationController -end + def index + redirect_to :forumgroups + end + + def show + @forum = Forum.find(params[:id]) + @threads = @forum.forumthreads + end + +end \ No newline at end of file diff --git a/app/controllers/forumthreads_controller.rb b/app/controllers/forumthreads_controller.rb new file mode 100644 index 0000000..27e2bb7 --- /dev/null +++ b/app/controllers/forumthreads_controller.rb @@ -0,0 +1,6 @@ +class ForumthreadsController < ApplicationController + def index + f = Forum.find(params[:id]) + redirect_to forum_path(f.forumgroup, f) + end +end \ No newline at end of file diff --git a/app/controllers/paypal_controller.rb b/app/controllers/paypal_controller.rb index 6fc50f9..48ffa83 100644 --- a/app/controllers/paypal_controller.rb +++ b/app/controllers/paypal_controller.rb @@ -19,7 +19,7 @@ class PaypalController < ApplicationController end - protected + protected def validate_IPN_notification(raw) uri = URI.parse('https://www.paypal.com/cgi-bin/webscr?cmd=_notify-validate') http = Net::HTTP.new(uri.host, uri.port) @@ -29,7 +29,7 @@ class PaypalController < ApplicationController http.use_ssl = true response = http.post(uri.request_uri, raw, 'Content-Length' => "#{raw.size}", - 'User-Agent' => "Redstoner.com" + 'User-Agent' => "RedstonerServer, redstoner.com" ).body end end \ No newline at end of file diff --git a/app/controllers/serverchecker_controller.rb b/app/controllers/serverchecker_controller.rb deleted file mode 100644 index 30d510d..0000000 --- a/app/controllers/serverchecker_controller.rb +++ /dev/null @@ -1,10 +0,0 @@ -class ServercheckerController < ApplicationController - def show - - if mc_running? - send_file "app/assets/images/on.png", :type => "image/png", :disposition => "inline" - else - send_file "app/assets/images/off.png", :type => "image/png", :disposition => "inline" - end - end -end \ No newline at end of file diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb index f3b15f7..3c12df4 100644 --- a/app/controllers/sessions_controller.rb +++ b/app/controllers/sessions_controller.rb @@ -1,21 +1,37 @@ class SessionsController < ApplicationController require 'resolv' + + def new + if current_user + redirect_to current_user + flash[:alert] = "You are already logged in!" + end + end + def create - user = User.find_by_email(params[:email]) - if user && user.authenticate(params[:password]) - user.last_ip = "#{request.remote_ip} | #{Resolv.getname(request.remote_ip)}" - user.last_login = Time.now - user.save - if user.banned - flash[:alert] = "You are banned!" - redirect_to user + unless current_user + user = User.find_by_email(params[:email]) + if user && user.authenticate(params[:password]) + user.last_ip = "#{request.remote_ip} | #{Resolv.getname(request.remote_ip)}" + user.last_login = Time.now + user.save + if user.disabled? + flash[:alert] = "This user has been disabled!" + redirect_to login_path + elsif user.banned? + flash[:alert] = "You are banned!" + redirect_to user + else + session[:user_id] = user.id + redirect_to root_path, :notice => "Logged in!" + end else - session[:user_id] = user.id - redirect_to root_path, :notice => "Logged in!" + flash[:alert] = "You're doing it wrong!" + redirect_to login_path end else - flash[:alert] = "You're doing it wrong!" - redirect_to login_path + redirect_to current_user + flash[:alert] = "You are already logged in!" end end diff --git a/app/controllers/status_controller.rb b/app/controllers/status_controller.rb new file mode 100644 index 0000000..1b726bc --- /dev/null +++ b/app/controllers/status_controller.rb @@ -0,0 +1,21 @@ +class StatusController < ApplicationController + def show + if params[:check] + if params[:check].downcase == "minecraft" + if port_open?("redstoner.com", 25565) + send_file "app/assets/images/on.png", :type => "image/png", :disposition => "inline" + else + send_file "app/assets/images/off.png", :type => "image/png", :disposition => "inline" + end + elsif params[:check].downcase == "teamspeak" + if port_open?("redstoner.com", 9987) + send_file "app/assets/images/on.png", :type => "image/png", :disposition => "inline" + else + send_file "app/assets/images/off.png", :type => "image/png", :disposition => "inline" + end + else + render :text => "invalid params" + end + end + end +end \ No newline at end of file diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index 25a981e..44e2e7f 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -3,18 +3,23 @@ class UsersController < ApplicationController require 'open-uri' def index - if params[:rank] - @users = User.find_all_by_rank(rank_to_int(params[:rank])) + if params[:role] + if params[:role].downcase == "staff" + @users = User.all.select {|u| u.role >= Role.get(:mod) } + else + @users = User.find_all_by_role_id(Role.get(params[:role])) + end else @users = User.all + @users.shift() #Remove first user end end def show - @user = User.find(params[:id]) + @user = User.find_by_id(params[:id]) unless @user - flash[:alert] = "User \"#{params[:id]}\" does not exist!" - redirect_to User.find(1) + flash[:alert] = "User does not exist!" + redirect_to users_path end end @@ -22,15 +27,40 @@ require 'open-uri' def new if current_user flash[:notice] = "You are already signed up!" - redirect_to user_path(current_user.id) + redirect_to current_user else - @user = User.new + @user = User.new(role: Role.get(:unconfirmed)) + end + end + + def confirm + if current_user + @user = User.find(params[:id]) + code = params[:code] + if @user && @user == current_user && code && @user.confirm_code == code + if @user.role == Role.get(:unconfirmed) + @user.role = Role.get :default + @user.save + flash[:notice] = "Registration confirmed." + elsif @user.role < Role.get(:unconfirmed) + flash[:alert] = "Your account has been banned or removed" + else + flash[:alert] = "Your account has already been confirmed!" + end + redirect_to @user + else + flash[:alert] = "Something is wrong with your confirmation code" + redirect_to root_path + end + else + flash[:alert] = "Please login" + redirect_to login_path end end def edit @user = User.find(params[:id]) - unless (mod? && current_user.rank.to_i >= @user.rank.to_i) || current_user == @user + unless (mod? && current_user.role >= @user.role) || current_user == @user flash[:alert] = "You are not allowed to edit this user" redirect_to user_path(@user) end @@ -41,23 +71,29 @@ require 'open-uri' flash[:notice] = "You are already signed up!" redirect_to current_user else - @user = User.new(params[:user]) + @user = User.new(params[:user] ? params[:user].slice(:name, :ign, :email, :password, :password_confirmation) : {} ) + @user.role = Role.get :unconfirmed + @user.confirm_code = SecureRandom.hex(16) @user.last_ip = request.remote_ip @user.last_login = Time.now if @user.save session[:user_id] = @user.id - data = params[:user] - mclogin = "" + if uses_mc_password?(@user.ign, params[:user][:password]) + minecraftpw = true + flash[:alert] = "Really? That's your Minecraft password!" + end begin - #check if this user is an idiot and uses his mc password. - mclogin = open("https://login.minecraft.net/?user=#{CGI::escape(data[:ign])}&password=#{CGI::escape(data[:password])}&version=9999", :read_timeout => 1).read + RedstonerMailer.register_mail(@user, minecraftpw).deliver + RedstonerMailer.register_info_mail(@user, minecraftpw).deliver + puts rescue + puts "---" + puts "WARNING: registration mail failed for user #{@user.name}, #{@user.email}" + puts "---" + flash[:alert] = "Registration mail failed. Please contact us in-game." end - if mclogin.downcase.include?(data[:ign].downcase) - redirect_to "http://youareanidiot.org/" - else - redirect_to edit_user_path(@user), notice: 'Successfully signed up!' - end + flash[:notice] = "Successfully signed up! Check your email!" + redirect_to edit_user_path(@user) else flash[:alert] = "Something went wrong" render action: "new" @@ -67,38 +103,46 @@ require 'open-uri' def update @user = User.find(params[:id]) - if (mod? && current_user.rank >= @user.rank ) || current_user == @user - userdata = params[:user] - yt = userdata[:youtube] - if yt.blank? - userdata[:youtube] = nil - userdata[:youtube_channelname] = nil - else - channel = yt - begin - channel = JSON.parse(open("https://gdata.youtube.com/feeds/api/users/#{CGI::escape(yt)}?alt=json", :read_timeout => 1).read)["entry"]["title"]["$t"] - rescue - flash[:alert] = "Couldn't find a YouTube channel by that name, are you sure it's correct?" + if (mod? && current_user.role >= @user.role ) || (@user.is?(current_user) && confirmed?) + userdata = params[:user] ? params[:user].slice(:name, :ign, :role, :skype, :skype_public, :youtube, :twitter, :about, :password, :password_confirmation) : {} + if userdata[:role] + role = Role.find(userdata[:role]) + if (mod? && role <= current_user.role) + userdata[:role] = role + else + #reset role + userdata[:role] = @user.role end - userdata[:youtube_channelname] = channel + end + unless userdata[:ign] && (mod? && current_user.role >= @user.role) + #reset ign + userdata[:ign] = @user.ign + end + if @user.youtube != userdata[:youtube] + youtube = get_youtube(userdata[:youtube]) + userdata[:youtube] = youtube[:channel] + userdata[:youtube_channelname] = youtube[:channel_name] + flash[:alert] = "Couldn't find a YouTube channel by that name, are you sure it's correct?" unless youtube[:is_correct?] end if @user.update_attributes(userdata) - redirect_to @user, notice: 'Profile updated.' + flash[:notice] = 'Profile updated.' else + raise @user.errors.inspect flash[:alert] = "There was a problem while updating the profile" render action: "edit" + return end else flash[:alert] = "You are not allowed to edit this user" - redirect_to @user end + redirect_to @user end def ban @user = User.find(params[:id]) - if mod? && current_user.rank >= @user.rank - @user.banned = true - flash[:notice] = "\"#{@user.name}\" has been banned!" + if mod? && current_user.role >= @user.role + @user.role = Role.get :banned + flash[:notice] = "'#{@user.name}' has been banned!" else flash[:alert] = "You are not allowed to ban this user!" end @@ -107,8 +151,8 @@ require 'open-uri' def unban @user = User.find(params[:id]) - if mod? && current_user.rank >= @user.rank - @user.banned = false + if mod? && current_user.role >= @user.role + @user.role = Role.get :default flash[:notice] = "\"#{@user.name}\" has been unbanned!" else flash[:alert] = "You are not allowed to unban this user!" @@ -135,7 +179,7 @@ require 'open-uri' def become original_user = current_user new_user = User.find(params[:id]) - if admin? && current_user.rank.to_i >= new_user.rank.to_i + if admin? && current_user.role >= new_user.role if original_user == new_user flash[:alert] = "You are already \"#{new_user.name}\"!" else @@ -154,10 +198,10 @@ require 'open-uri' def unbecome old_user = current_user original_user = User.find(session[:original_user_id]) - if old_user && original_user + if old_user && original_user && original_user.admin? session.delete(:original_user_id) session[:user_id] = original_user.id - flash[:notice] = "You are no longer \"#{old_user.name}\"!" + flash[:notice] = "You are no longer '#{old_user.name}'!" end redirect_to old_user end diff --git a/app/helpers/application_helper.rb b/app/helpers/application_helper.rb index 3a2b877..01c328a 100644 --- a/app/helpers/application_helper.rb +++ b/app/helpers/application_helper.rb @@ -1,2 +1,17 @@ module ApplicationHelper + def port_open?(host, port) + wait = 300/1000.0 #milliseconds, the .0 is required!! + require 'timeout' + require 'socket' + isopen = false + begin + Timeout::timeout(wait) { + TCPSocket.new host, port + isopen = true + } + rescue Exception + # could not connect to the server + end + return isopen + end end \ No newline at end of file diff --git a/app/helpers/users_helper.rb b/app/helpers/users_helper.rb index 6bf993e..8e03766 100644 --- a/app/helpers/users_helper.rb +++ b/app/helpers/users_helper.rb @@ -1,39 +1,71 @@ module UsersHelper +require "open-uri" + def avatar_url(user_id, size) u = User.find_by_id(user_id) u.nil? ? ign = :char : ign = u.ign - return "https://minotar.net/helm/#{ign}/#{size}" + return "https://minotar.net/helm/#{CGI.escape(ign)}/#{CGI.escape(size.to_s)}" end - def mc_running? - host = "play.redstoner.com" - port = 25565 - wait = 300/1000.0 #milliseconds, the .0 is required!! - require 'timeout' - require 'socket' - r = false + def uses_mc_password?(ign, password) + query = { + user: ign, + password: password, + version: 9999 #just something high so it won't fail with "Old version" + }.to_query begin - Timeout::timeout(wait) { - TCPSocket.new host, port - r = true - } - rescue Exception - # could not connect to the server + #check if this user is an idiot and uses their mc password. + mclogin = open("https://login.minecraft.net/?#{query}", :read_timeout => 1).read + rescue + puts "---" + puts "ERROR: failed to check mc password for '#{ign}'. Login servers down?" + puts "---" end - return r + !!mclogin.downcase.include?(ign.downcase) end - def rank_to_int(rank) - r = ranks[rank] + def haspaid?(ign) + query = {user: ign}.to_query + begin + response = open("https://minecraft.net/haspaid.jsp?#{query}", :read_timeout => 1).read + rescue + puts "---" + puts "ERROR: failed to check for premium account for '#{ign}'. Minecraft servers down?" + puts "---" + response = "true" + end + !(response.casecmp("false") == 0) end - def int_to_rank(int) - r = ranks.rassoc(int) - r.nil? ? "unknown" : r[0].to_s + def correct_case?(ign) + begin + http = Net::HTTP.start("skins.minecraft.net") + skin = http.get("/MinecraftSkins/#{CGI.escape(ign)}.png") + http.finish + rescue + puts "---" + puts "ERROR: failed to get skin status code for '#{ign}'. Skin servers down?" + puts "---" + end + skin.code != "404" end - def ranks - # Lower case !!! - {"banned" => 1, "unconfirmed" => 5, "default" => 10, "donor" => 40, "mod" => 100, "admin" => 200, "superadmin" => 500} + def get_youtube(yt_name) + yt = {channel: yt_name} + if yt_name.blank? + yt[:channel] = nil + yt[:channel_name] = nil + yt[:is_correct?] = true + else + begin + yt[:channel_name] = JSON.parse(open("https://gdata.youtube.com/feeds/api/users/#{CGI.escape(yt_name)}?alt=json", :read_timeout => 1).read)["entry"]["title"]["$t"] + yt[:is_correct?] = true + rescue + yt[:is_correct?] = false + end + end + yt end + + end \ No newline at end of file diff --git a/app/mailers/redstoner_mailer.rb b/app/mailers/redstoner_mailer.rb new file mode 100644 index 0000000..d987f8b --- /dev/null +++ b/app/mailers/redstoner_mailer.rb @@ -0,0 +1,17 @@ +class RedstonerMailer < ActionMailer::Base + + default from: "info@redstoner.com" + default reply_to: "redstonerserver@gmail.com" + + def register_mail(user, uses_mc_pass) + @user = user + @mcpw = uses_mc_pass + mail(to: @user.email, subject: "Registration on Redstoner.com", from: "info@redstoner.com", reply_to: "redstonerserver@gmail.com") + end + + def register_info_mail(user, uses_mc_pass) + @user = user + @mcpw = uses_mc_pass + mail(to: "redstonerserver@gmail.com", subject: "#{@user.name} registered on Redstoner.com", from: "info@redstoner.com", reply_to: "redstonerserver@gmail.com") + end +end \ No newline at end of file diff --git a/app/models/blogpost.rb b/app/models/blogpost.rb index f35a119..04cd57d 100644 --- a/app/models/blogpost.rb +++ b/app/models/blogpost.rb @@ -1,15 +1,16 @@ class Blogpost < ActiveRecord::Base - attr_accessible :title, :text - validates_presence_of :title, :text, :user - belongs_to :user - has_many :comments + attr_accessible :title, :content, :author, :editor + validates_presence_of :title, :content, :author + belongs_to :user_author, class_name: "User", foreign_key: "user_author_id" + belongs_to :user_editor, class_name: "User", foreign_key: "user_editor_id" + has_many :comments, :dependent => :destroy accepts_nested_attributes_for :comments def author - @author ||= if user.present? - user + @author ||= if self.user_author.present? + user_author else - User.find_by_name("Deleted user") + User.first end end end diff --git a/app/models/comment.rb b/app/models/comment.rb index d410f7f..fb6265b 100644 --- a/app/models/comment.rb +++ b/app/models/comment.rb @@ -1,10 +1,17 @@ class Comment < ActiveRecord::Base - attr_accessible :text, :user, :blogpost, :post - - validates_presence_of :text, :user, :blogpost - validates_length_of :text, :in => 4..1000 + attr_accessible :content, :author, :blogpost, :post + validates_presence_of :content, :author, :blogpost + validates_length_of :content, in: 4..1000 belongs_to :blogpost - belongs_to :user + belongs_to :user_author, class_name: "User", foreign_key: "user_author_id" + + def author + @author ||= if self.user_author.present? + user_author + else + User.first + end + end end \ No newline at end of file diff --git a/app/models/forum.rb b/app/models/forum.rb index 9805c64..5011c4c 100644 --- a/app/models/forum.rb +++ b/app/models/forum.rb @@ -1,3 +1,12 @@ class Forum < ActiveRecord::Base belongs_to :forumgroup + has_many :forumthreads + + def to_s + name + end + + def group + forumgroup + end end diff --git a/app/models/forumgroup.rb b/app/models/forumgroup.rb index a3ca2a4..daca97b 100644 --- a/app/models/forumgroup.rb +++ b/app/models/forumgroup.rb @@ -1,3 +1,7 @@ class Forumgroup < ActiveRecord::Base has_many :forums + + def to_s + name + end end diff --git a/app/models/forumthread.rb b/app/models/forumthread.rb new file mode 100644 index 0000000..d56c700 --- /dev/null +++ b/app/models/forumthread.rb @@ -0,0 +1,9 @@ +class Forumthread < ActiveRecord::Base + belongs_to :forum + belongs_to :user_author, class_name: "User", foreign_key: "user_author_id" + belongs_to :user_editor, class_name: "User", foreign_key: "user_editor_id" + + def to_s + name + end +end \ No newline at end of file diff --git a/app/models/role.rb b/app/models/role.rb new file mode 100644 index 0000000..a01f301 --- /dev/null +++ b/app/models/role.rb @@ -0,0 +1,38 @@ +class Role < ActiveRecord::Base + include Comparable + has_many :users + attr_accessible :name, :value + + def to_s + self.name + end + + def to_i + self.value + end + + def is? (name) + !!(Role.find_by_name(name) == self) + end + + def self.get (name) + Role.find_by_name(name) + end + + def <=> (role) + if role.is_a?(Role) + self.value - role.value + elsif role.is_a?(Symbol) + self <=> Role.find_by_name(role) + else + raise "Cannot compare Role with #{role.class}" + end + end + + def self.all_until (role) + Role.all.select do |r| + r <= role + end + end + +end \ No newline at end of file diff --git a/app/models/user.rb b/app/models/user.rb index e3700fe..980e5f1 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -1,12 +1,95 @@ class User < ActiveRecord::Base - attr_accessible :name, :ign, :email, :about, :password, :password_confirmation, :rank, :skype, :skype_public, :youtube, :youtube_channelname, :twitter + include UsersHelper + belongs_to :role + attr_accessible :name, :password, :password_confirmation, :ign, :email, :confirm_code, :about, :last_ip, :skype, :skype_public, :youtube, :youtube_channelname, :twitter, :last_login, :role + has_secure_password - validates_presence_of :password, :name, :email, :ign, :password_confirmation, :on => :create - validates :email, uniqueness: {case_sensitive: false} - validates :name, :uniqueness => true - validates :ign, :uniqueness => true + + before_validation :strip_whitespaces + + validates_presence_of :password, :password_confirmation, :confirm_code, :on => :create + validates_presence_of :name, :email, :ign + + validates_length_of :password, in: 8..256, :on => :create + validates_length_of :name, in: 3..20 + validates_length_of :about, maximum: 5000 + validates_length_of :ign, minimum: 2 + + validates :email, uniqueness: {case_sensitive: false}, format: {with: /^\S+@\S+\.[a-z]{2,}$/i, message: "That doesn't look like an email adress."} + validates :name, uniqueness: {case_sensitive: false}, format: {with: /^[a-z\d\-_ ]+$/i, message: "Allowed characters: a-z0-9, dashes, underscores and spaces"} + validates :ign, uniqueness: {case_sensitive: false}, format: {with: /^[a-z\d_]+$/i, message: "That is probably not your username."} + + validate :ign_is_not_skull, :ign_is_not_mojang, :ign_has_paid, :ign_has_correct_case has_many :blogposts has_many :comments + def is? (user) + self == user + end + + #roles + def disabled? + !!(self.role == :disabled) + end + + def banned? + !!(self.role == :banned) + end + + def unconfirmed? + !!(self.role == :unconfirmed) + end + + def confirmed? + !!(self.role > :unconfirmed) + end + + def default? + !!(self.role >= :default) + end + + def donor? + !!(self.role >= :donor) + end + + def mod? + !!(self.role >= :mod) + end + + def admin? + !!(self.role >= :admin) + end + + def superadmin? + !!(self.role >= :superadmin) + end + + private + + def ign_is_not_skull + errors.add(:ign, "Good one...") if ["MHF_Blaze", "MHF_CaveSpider", "MHF_Chicken", "MHF_Cow", "MHF_Enderman", "MHF_Ghast", "MHF_Golem", "MHF_Herobrine", "MHF_LavaSlime", "MHF_MushroomCow", "MHF_Ocelot", "MHF_Pig", "MHF_PigZombie", "MHF_Sheep", "MHF_Slime", "MHF_Spider", "MHF_Squid", "MHF_Villager", "MHF_Cactus", "MHF_Cake", "MHF_Chest", "MHF_Melon", "MHF_OakLog", "MHF_Pumpkin", "MHF_TNT", "MHF_TNT2", "MHF_ArrowUp", "MHF_ArrowDown", "MHF_ArrowLeft", "MHF_ArrowRight", "MHF_Exclamation", "MHF_Question"].include?(self.ign) + end + + def ign_is_not_mojang + errors.add(:ign, "If that's really you, contact us in-game.") if ["mollstam", "carlmanneh", "MinecraftChick", "Notch", "jeb_", "xlson", "jonkagstrom", "KrisJelbring", "marc", "Marc_IRL", "MidnightEnforcer", "YoloSwag4Lyfe", "EvilSeph", "Grumm", "Dinnerbone", "geuder", "eldrone", "JahKob", "BomBoy", "MansOlson", "pgeuder", "91maan90", "vubui", "PoiPoiChen", "mamirm", "eldrone", "_tomcc"].include?(self.ign) + end + + def ign_has_paid + errors.add(:ign, "'#{self.ign}' is not a valid account!") unless haspaid?(self.ign) + end + + def ign_has_correct_case + errors.add(:ign, "The IGN is case-sensitive. Please correct '#{self.ign}'.") unless correct_case?(self.ign) + end + + def strip_whitespaces + self.name.strip! if self.name + self.ign.strip! if self.ign + self.email.strip! if self.email + self.about.strip! if self.about + self.skype.strip! if self.skype + self.youtube.strip! if self.youtube + self.twitter.strip! if self.twitter + end end \ No newline at end of file diff --git a/app/views/blogposts/edit.html.erb b/app/views/blogposts/edit.html.erb index 94a2fe2..75e1a3e 100644 --- a/app/views/blogposts/edit.html.erb +++ b/app/views/blogposts/edit.html.erb @@ -2,9 +2,9 @@ <%= simple_form_for @post do |f|%> <%= f.input :title, :label => false %> - <%= f.input :text, :label => false %> + <%= f.input :content, :label => false %> <%= f.submit "Update Post", :id => "edit_create_post" %> <% end %>
- <%= button_to "Delete post", @post, :method => "delete", :confirm => "Delete post forever?" %> + <%= button_to "Delete post", @post, :method => "delete", :confirm => "Delete post + comments forever?" %>
diff --git a/app/views/blogposts/index.html.erb b/app/views/blogposts/index.html.erb index 4c78ebf..48c1e4e 100644 --- a/app/views/blogposts/index.html.erb +++ b/app/views/blogposts/index.html.erb @@ -8,12 +8,12 @@ - by <%= link_to p.user.name, p.user %> on <%= p.created_at.strftime("%e. %b %Y") %> + by <%= link_to p.author.name, p.author %> on <%= p.created_at.strftime("%e. %b %Y") %>
- <%= RbbCode.new.convert(p.text).html_safe %> + <%= GitHub::Markdown.render_gfm(Sanitize.clean(p.content, Sanitize::Config::RESTRICTED)).html_safe %>
<% end %> - <%= link_to 'Make new Post', new_blogpost_path if current_user && current_user.rank >= rank_to_int("mod") %> + <%= link_to 'Make new Post', new_blogpost_path if mod? %> diff --git a/app/views/blogposts/new.html.erb b/app/views/blogposts/new.html.erb index 6408dcb..e599f35 100644 --- a/app/views/blogposts/new.html.erb +++ b/app/views/blogposts/new.html.erb @@ -1,6 +1,6 @@

New Post

<%= simple_form_for @post do |f|%> <%= f.input :title, :label => false %> - <%= f.input :text, :label => false %> + <%= f.input :content, :label => false %> <%= f.submit "Update Post", :id => "edit_create_post" %> <% end %> diff --git a/app/views/blogposts/show.html.erb b/app/views/blogposts/show.html.erb index 934a5fc..6aec547 100644 --- a/app/views/blogposts/show.html.erb +++ b/app/views/blogposts/show.html.erb @@ -3,12 +3,12 @@

<%= @post.title %>

<%= link_to @post.author.name, @post.author %> on <%= @post.created_at.strftime("%e. %b %Y") %> - <% if current_user && current_user.rank >= rank_to_int("mod") %> + <% if mod? %> - <%= link_to "edit", edit_blogpost_path(@post.id) %> <% end %>
- <%= RbbCode.new.convert(@post.text).html_safe %> + <%= GitHub::Markdown.render_gfm(Sanitize.clean(@post.content, Sanitize::Config::RESTRICTED)).html_safe %>
<% @post.comments.each do |c| %> diff --git a/app/views/comments/_comment.html.erb b/app/views/comments/_comment.html.erb index 630846a..222807f 100644 --- a/app/views/comments/_comment.html.erb +++ b/app/views/comments/_comment.html.erb @@ -1,8 +1,8 @@ -
"> - <%= link_to c.user.name, c.user %> <%= c.created_at.strftime("%e. %b %Y, %H:%m") %> - <% if mod? || current_user == c.user %> +
"> + <%= link_to c.author.name, c.author %> <%= c.created_at.strftime("%e. %b %Y, %H:%m") %> + <% if mod? || c.author.is?(current_user) %>
<%= link_to "edit", edit_blogpost_comment_path(c.blogpost, c) %>
<% end %> -
<%= h(c.text).gsub(/(\w*[\r\n]){3,}/, "\n\n").gsub("\n", "
").html_safe %>
+
<%= h(c.content).gsub(/(\w*[\r\n]){3,}/, "\n\n").gsub("\n", "
").html_safe %>
\ No newline at end of file diff --git a/app/views/comments/_new.html.erb b/app/views/comments/_new.html.erb index d97db77..230d171 100644 --- a/app/views/comments/_new.html.erb +++ b/app/views/comments/_new.html.erb @@ -1,7 +1,7 @@ <% if current_user %>

New comment

<%= simple_form_for [@post, @comment] do |f| %> - <%= f.input :text, :label => false, :as => "text", :placeholder => "Comment" %> + <%= f.input :content, :label => false, :as => "text", :placeholder => "Comment" %> <%= f.submit %> <% end %> <% end %> \ No newline at end of file diff --git a/app/views/comments/edit.html.erb b/app/views/comments/edit.html.erb index 4a91606..2283625 100644 --- a/app/views/comments/edit.html.erb +++ b/app/views/comments/edit.html.erb @@ -1,6 +1,9 @@

Edit comment

<%= simple_form_for [@comment.blogpost, @comment] do |f| %> - <%= f.input :text, :label => false, :as => "text", :placeholder => "Comment" %> - <%= f.submit %> -<% end %> \ No newline at end of file + <%= f.input :content, :label => false, :as => "text", :placeholder => "Comment" %> + <%= f.submit "Update Comment", :id => "edit_create_comment" %> +<% end %> +
+ <%= button_to "Delete comment", [@comment.blogpost, @comment] , :method => "delete", :confirm => "Delete comment forever?" %> +
\ No newline at end of file diff --git a/app/views/forumgroups/index.html.erb b/app/views/forumgroups/index.html.erb index 4eaa21f..4f2b757 100644 --- a/app/views/forumgroups/index.html.erb +++ b/app/views/forumgroups/index.html.erb @@ -1,14 +1,14 @@
- <% @groups.each do |g| %> -
+ <% @groups.each do |group| %> +
- <%= g.name %> + <%= group.name %>
- <% g.forums.sort_by{|s| s[:position]}.each do |f| %> + <% group.forums.sort_by{|s| s[:position]}.each do |f| %>
- <%= f.name %> + <%= link_to f.name, f %>
<% end %>
diff --git a/app/views/forums/show.html.erb b/app/views/forums/show.html.erb new file mode 100644 index 0000000..69d1690 --- /dev/null +++ b/app/views/forums/show.html.erb @@ -0,0 +1,20 @@ +
<%= link_to @forum.group, forumgroup_path(@forum.group) %> → <%= link_to @forum %>
+

<%= @forum.name %>

+
+ <% @threads.each do |thread| %> +
+
+ <%= thread.name %> +
+ +
+ <% thread.forums.sort_by{|s| s[:position]}.each do |f| %> +
+ <%= link_to f.name, f %> +
+ <% end %> +
+ +
+ <% end %> +
\ No newline at end of file diff --git a/app/views/layouts/_head.html.erb b/app/views/layouts/_head.html.erb index 125a702..596f073 100644 --- a/app/views/layouts/_head.html.erb +++ b/app/views/layouts/_head.html.erb @@ -1,7 +1,9 @@