2019-08-12 06:52:56 +08:00
|
|
|
package main
|
|
|
|
|
2019-12-05 13:57:10 +08:00
|
|
|
import (
|
|
|
|
"net/http"
|
|
|
|
)
|
2019-08-12 06:52:56 +08:00
|
|
|
|
|
|
|
func commenterUpdate(commenterHex string, email string, name string, link string, photo string, provider string) error {
|
2020-02-14 08:21:19 +08:00
|
|
|
if email == "" || name == "" || photo == "" || provider == "" {
|
2019-08-12 06:52:56 +08:00
|
|
|
return errorMissingField
|
|
|
|
}
|
|
|
|
|
|
|
|
// See utils_sanitise.go's documentation on isHttpsUrl. This is not a URL
|
|
|
|
// validator, just an XSS preventor.
|
|
|
|
// TODO: reject URLs instead of malforming them.
|
2020-02-14 09:01:44 +08:00
|
|
|
if link == "" {
|
|
|
|
link = "undefined"
|
|
|
|
} else if link != "undefined" && !isHttpsUrl(link) {
|
2019-08-12 06:52:56 +08:00
|
|
|
link = "https://" + link
|
|
|
|
}
|
|
|
|
|
|
|
|
statement := `
|
|
|
|
UPDATE commenters
|
|
|
|
SET email = $3, name = $4, link = $5, photo = $6
|
|
|
|
WHERE commenterHex = $1 and provider = $2;
|
|
|
|
`
|
|
|
|
_, err := db.Exec(statement, commenterHex, provider, email, name, link, photo)
|
|
|
|
if err != nil {
|
|
|
|
logger.Errorf("cannot update commenter: %v", err)
|
|
|
|
return errorInternal
|
|
|
|
}
|
|
|
|
|
|
|
|
return nil
|
|
|
|
}
|
2019-12-05 13:57:10 +08:00
|
|
|
|
|
|
|
func commenterUpdateHandler(w http.ResponseWriter, r *http.Request) {
|
|
|
|
type request struct {
|
|
|
|
CommenterToken *string `json:"commenterToken"`
|
|
|
|
Name *string `json:"name"`
|
|
|
|
Email *string `json:"email"`
|
|
|
|
Link *string `json:"link"`
|
|
|
|
Photo *string `json:"photo"`
|
|
|
|
}
|
|
|
|
|
|
|
|
var x request
|
|
|
|
if err := bodyUnmarshal(r, &x); err != nil {
|
|
|
|
bodyMarshal(w, response{"success": false, "message": err.Error()})
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
c, err := commenterGetByCommenterToken(*x.CommenterToken)
|
|
|
|
if err != nil {
|
|
|
|
bodyMarshal(w, response{"success": false, "message": err.Error()})
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2019-12-05 14:48:44 +08:00
|
|
|
if c.Provider != "commento" {
|
2020-02-14 09:11:47 +08:00
|
|
|
bodyMarshal(w, response{"success": false, "message": errorCannotUpdateOauthProfile.Error()})
|
|
|
|
return
|
2019-12-05 13:57:10 +08:00
|
|
|
}
|
2020-02-14 09:11:47 +08:00
|
|
|
|
2019-12-05 13:57:10 +08:00
|
|
|
*x.Email = c.Email
|
|
|
|
|
|
|
|
if err = commenterUpdate(c.CommenterHex, *x.Email, *x.Name, *x.Link, *x.Photo, c.Provider); err != nil {
|
|
|
|
bodyMarshal(w, response{"success": false, "message": err.Error()})
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
bodyMarshal(w, response{"success": true})
|
|
|
|
}
|