Beispiel #1
0
//getIDFromToken deciphers token and returns review ID. Returns empty string if error
func getIDFromToken(token string) string {
	idDigest, err := base64.URLEncoding.DecodeString(token)
	if err != nil {
		return ""
	}
	if sl := strings.Split(string(idDigest), "-"); len(sl) == 2 {
		digest := sha1.New().Sum([]byte(fmt.Sprintf("%s-%s", sl[0], system.GetConfig().Salt)))
		if fmt.Sprintf("%x", digest) == sl[1] {
			return sl[0]
		}
	}
	return ""
}
Beispiel #2
0
func notifyAdminOfComment(comment *models.Comment) {
	//closure is needed here, as r may be released by the time func finishes
	tmpl := system.GetTemplates()
	go func() {
		data := map[string]interface{}{
			"Comment": comment,
			"Token":   createTokenFromID(comment.ID),
		}
		var b bytes.Buffer
		if err := tmpl.Lookup("emails/question").Execute(&b, data); err != nil {
			log.Printf("ERROR: %s\n", err)
			return
		}

		smtp := system.GetConfig().SMTP
		msg := gomail.NewMessage()
		msg.SetHeader("From", smtp.From)
		msg.SetHeader("To", smtp.To)
		if len(comment.AuthorEmail) > 0 {
			msg.SetHeader("Reply-To", comment.AuthorEmail)
		}
		if len(smtp.Cc) > 0 {
			msg.SetHeader("Cc", smtp.Cc)
		}
		msg.SetHeader("Subject", fmt.Sprintf("Новый вопрос на сайте www.miobalans.ru: %s", comment.AuthorName))
		msg.SetBody(
			"text/html",
			b.String(),
		)

		port, _ := strconv.Atoi(smtp.Port)
		dialer := gomail.NewPlainDialer(smtp.SMTP, port, smtp.User, smtp.Password)
		sender, err := dialer.Dial()
		if err != nil {
			log.Printf("ERROR: %s\n", err)
			return
		}
		if err := gomail.Send(sender, msg); err != nil {
			log.Printf("ERROR: %s\n", err)
			return
		}
	}()
}
Beispiel #3
0
//saveFile saves file to disc and returns its relative uri
func saveFile(fh *multipart.FileHeader, f multipart.File) (string, error) {
	fileExt := strings.ToLower(filepath.Ext(fh.Filename))
	if !regexp.MustCompile("^\\.(jpe?g|bmp|gif|png)$").MatchString(fileExt) {
		return "", fmt.Errorf("File is not an image")
	}
	newName := fmt.Sprint(time.Now().Unix()) + fileExt //unique file name ;D
	uri := "/public/uploads/" + newName
	fullName := filepath.Join(system.GetConfig().Uploads, newName)

	file, err := os.OpenFile(fullName, os.O_WRONLY|os.O_CREATE, 0666)
	if err != nil {
		return "", err
	}
	defer file.Close()
	_, err = io.Copy(file, f)
	if err != nil {
		return "", err
	}
	return uri, nil
}
Beispiel #4
0
func notifyAdminOfReview(review *models.Review) {
	tmpl := system.GetTemplates()
	go func() {
		data := map[string]interface{}{
			"Review": review,
			"Token":  createTokenFromID(review.ID),
		}
		var b bytes.Buffer
		if err := tmpl.Lookup("emails/review").Execute(&b, data); err != nil {
			log.Printf("ERROR: %s\n", err)
			return
		}

		smtp := system.GetConfig().SMTP
		msg := gomail.NewMessage()
		msg.SetHeader("From", smtp.From)
		msg.SetHeader("To", smtp.To)
		if len(smtp.Cc) > 0 {
			msg.SetHeader("Cc", smtp.Cc)
		}
		msg.SetHeader("Subject", fmt.Sprintf("Новый отзыв на сайте www.miobalans.ru: %s", review.AuthorName))
		msg.SetBody(
			"text/html",
			b.String(),
		)

		port, _ := strconv.Atoi(smtp.Port)
		dialer := gomail.NewPlainDialer(smtp.SMTP, port, smtp.User, smtp.Password)
		sender, err := dialer.Dial()
		if err != nil {
			log.Printf("ERROR: %s\n", err)
			return
		}
		if err := gomail.Send(sender, msg); err != nil {
			log.Printf("ERROR: %s\n", err)
			return
		}
	}()
}
Beispiel #5
0
func notifyAdminOfRequest(request *models.Request) {
	//closure is needed here, as r may be released by the time func finishes
	tmpl := system.GetTemplates()
	go func() {
		data := map[string]interface{}{
			"Request": request,
		}
		var b bytes.Buffer
		if err := tmpl.Lookup("requests/request").Execute(&b, data); err != nil {
			log.Printf("ERROR: %s\n", err)
			return
		}

		smtp := system.GetConfig().SMTP
		msg := gomail.NewMessage()
		msg.SetHeader("From", smtp.From)
		msg.SetHeader("To", smtp.To)
		if len(smtp.Cc) > 0 {
			msg.SetHeader("Cc", smtp.Cc)
		}
		msg.SetHeader("Subject", fmt.Sprintf("Заявка на приём www.miobalans.ru: %s", request.Name))
		msg.SetBody(
			"text/html",
			b.String(),
		)

		port, _ := strconv.Atoi(smtp.Port)
		dialer := gomail.NewPlainDialer(smtp.SMTP, port, smtp.User, smtp.Password)
		sender, err := dialer.Dial()
		if err != nil {
			log.Printf("ERROR: %s\n", err)
			return
		}
		if err := gomail.Send(sender, msg); err != nil {
			log.Printf("ERROR: %s\n", err)
			return
		}
	}()
}
Beispiel #6
0
//notifyClientOfComment sends notification email to comment(question) author
func notifyClientOfComment(comment *models.Comment) {
	if len(comment.AuthorEmail) == 0 {
		return
	}
	tmpl := system.GetTemplates()
	go func() {
		data := map[string]interface{}{
			"Comment": comment,
		}
		var b bytes.Buffer
		if err := tmpl.Lookup("emails/answer").Execute(&b, data); err != nil {
			log.Printf("ERROR: %s\n", err)
			return
		}

		smtp := system.GetConfig().SMTP
		msg := gomail.NewMessage()
		msg.SetHeader("From", smtp.From)
		msg.SetHeader("To", comment.AuthorEmail)
		msg.SetHeader("Subject", "Врач ответил на ваш вопрос на сайте www.miobalans.ru")
		msg.SetBody(
			"text/html",
			b.String(),
		)

		port, _ := strconv.Atoi(smtp.Port)
		dialer := gomail.NewPlainDialer(smtp.SMTP, port, smtp.User, smtp.Password)
		sender, err := dialer.Dial()
		if err != nil {
			log.Printf("ERROR: %s\n", err)
			return
		}
		if err := gomail.Send(sender, msg); err != nil {
			log.Printf("ERROR: %s\n", err)
			return
		}
	}()
}
Beispiel #7
0
//createTokenFromId creates secure token for id
func createTokenFromID(ID uint) string {
	digest := sha1.New().Sum([]byte(fmt.Sprintf("%d-%s", ID, system.GetConfig().Salt)))
	return base64.URLEncoding.EncodeToString(
		[]byte(fmt.Sprintf("%d-%x", ID, digest)),
	)
}
Beispiel #8
0
func main() {
	mode := flag.String("mode", "debug", "Application mode: debug, release, test")
	flag.Parse()

	system.SetMode(mode)
	system.Init()

	//Periodic tasks
	if system.GetMode() == system.ReleaseMode {
		system.CreateXMLSitemap() //refresh sitemap now
	}
	gocron.Every(1).Day().Do(system.CreateXMLSitemap) //refresh daily
	gocron.Start()

	gin.SetMode(system.GetMode())
	router := gin.Default()
	store := sessions.NewCookieStore([]byte(system.GetConfig().SessionSecret))
	router.Use(sessions.Sessions("gin-session", store))
	router.SetHTMLTemplate(system.GetTemplates())
	router.GET("/", controllers.Home)
	router.StaticFS("/public", http.Dir("public"))
	router.GET("/signin", controllers.SignInGet)
	router.POST("/signin", controllers.SignInPost)
	router.GET("/logout", controllers.LogOut)
	if system.GetConfig().SignupEnabled {
		router.GET("/signup", controllers.SignUpGet)
		router.POST("/signup", controllers.SignUpPost)
	}

	router.GET("/pages/:idslug", controllers.PageShow)
	router.GET("/articles", controllers.ArticlesIndex)
	router.GET("/articles/:idslug", controllers.ArticleShow)
	router.GET("/reviews", controllers.ReviewsIndex)
	router.GET("/reviews/:id", controllers.ReviewShow)
	router.POST("/new_request", controllers.RequestCreatePost)
	router.POST("/new_comment", controllers.CommentCreatePost)
	//http.Handle("/edit_comment", Default(controllers.CommentPublicUpdate))
	router.GET("/new_review", controllers.ReviewCreateGet)
	router.POST("/new_review", controllers.ReviewCreatePost)
	router.GET("/edit_review", controllers.ReviewUpdateGet)
	router.POST("/edit_review", controllers.ReviewUpdatePost)

	router.Use(system.Authenticated())
	{
		router.GET("/admin", controllers.Dashboard)
		router.GET("/admin/users", controllers.UsersAdminIndex)
		router.GET("/admin/new_user", controllers.UserAdminCreateGet)
		router.POST("/admin/new_user", controllers.UserAdminCreatePost)
		router.GET("/admin/edit_user/:id", controllers.UserAdminUpdateGet)
		router.POST("/admin/edit_user/:id", controllers.UserAdminUpdatePost)
		router.POST("/admin/delete_user", controllers.UserAdminDelete)

		router.GET("/admin/pages", controllers.PagesAdminIndex)
		router.GET("/admin/new_page", controllers.PageAdminCreateGet)
		router.POST("/admin/new_page", controllers.PageAdminCreatePost)
		router.GET("/admin/edit_page/:id", controllers.PageAdminUpdateGet)
		router.POST("/admin/edit_page/:id", controllers.PageAdminUpdatePost)
		router.POST("/admin/delete_page", controllers.PageAdminDelete)

		router.GET("/admin/articles", controllers.ArticlesAdminIndex)
		router.GET("/admin/new_article", controllers.ArticleAdminCreateGet)
		router.POST("/admin/new_article", controllers.ArticleAdminCreatePost)
		router.GET("/admin/edit_article/:id", controllers.ArticleAdminUpdateGet)
		router.POST("/admin/edit_article/:id", controllers.ArticleAdminUpdatePost)
		router.POST("/admin/delete_article", controllers.ArticleAdminDelete)

		router.GET("/admin/comments", controllers.CommentsAdminIndex)
		router.GET("/admin/edit_comment/:id", controllers.CommentAdminUpdateGet)
		router.POST("/admin/edit_comment/:id", controllers.CommentAdminUpdatePost)
		router.POST("/admin/delete_comment", controllers.CommentAdminDelete)

		router.GET("/admin/reviews", controllers.ReviewsAdminIndex)
		router.GET("/admin/new_review", controllers.ReviewAdminCreateGet)
		router.POST("/admin/new_review", controllers.ReviewAdminCreatePost)
		router.GET("/admin/edit_review/:id", controllers.ReviewAdminUpdateGet)
		router.POST("/admin/edit_review/:id", controllers.ReviewAdminUpdatePost)
		router.POST("/admin/delete_review", controllers.ReviewAdminDelete)

		router.POST("/admin/ckupload", controllers.CkUpload)
	}

	log.Fatal(router.Run(":8010"))
}