func UserPasswordGET(w http.ResponseWriter, r *http.Request) {
// Display the view
v := view.New(r)
v.Name = "user_password"
v.Render(w)
}
func PhotoDeleteGET(w http.ResponseWriter, r *http.Request) {
deletePhoto(w, r)
// Display the view
v := view.New(r)
v.SendFlashes(w)
}
// Displays the default home page
func Index(w http.ResponseWriter, r *http.Request) {
// Get session
sess := session.Instance(r)
// If the user is logged in
if sess.Values["id"] != nil {
// Get the current user role
currentUID, _ := CurrentUserId(r)
role, err := model.RoleByUserId(int64(currentUID))
if err != nil {
log.Println(err)
Error500(w, r)
return
}
if role.Level_id == model.Role_level_User {
http.Redirect(w, r, "/profile", http.StatusFound)
return
} else {
http.Redirect(w, r, "/admin", http.StatusFound)
return
}
} else {
// Display the view
v := view.New(r)
v.Name = "anon_home"
v.Render(w)
}
}
func PhotoUploadGET(w http.ResponseWriter, r *http.Request) {
// Get session
sess := session.Instance(r)
// Get the user photos
photos, err := model.PhotosByUserId(uint64(sess.Values["id"].(uint32)))
if err != nil {
log.Println(err)
}
verified := false
for _, v := range photos {
if v.Status_id == 1 {
verified = true
break
}
}
// Only allow access to this page if verified
if verified {
// Display the view
v := view.New(r)
v.Name = "user_upload"
v.Render(w)
} else {
Error404(w, r)
}
}
func LoginGET(w http.ResponseWriter, r *http.Request) {
// Display the view
v := view.New(r)
v.Name = "login"
// Refill any form fields
view.Repopulate([]string{"email"}, r.Form, v.Vars)
v.Render(w)
}
func RegisterGET(w http.ResponseWriter, r *http.Request) {
// Display the view
v := view.New(r)
v.Name = "register"
// Refill any form fields
view.Repopulate([]string{"first_name", "last_name", "email"}, r.Form, v.Vars)
v.Render(w)
}
// Error404 handles 404 - Page Not Found
func Error404(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(http.StatusNotFound)
//fmt.Fprint(w, "Not Found 404")
// Display the view
v := view.New(r)
v.Name = "error_404"
v.Render(w)
}
// Error500 handles 500 - Internal Server Error
func Error500(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(http.StatusInternalServerError)
//fmt.Fprint(w, "Internal Server Error 500")
// Display the view
v := view.New(r)
v.Name = "error_500"
v.Render(w)
}
// Error401 handles 401 - Unauthorized
func Error401(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(http.StatusUnauthorized)
//fmt.Fprint(w, "Unauthorized 401")
// Display the view
v := view.New(r)
v.Name = "error_401"
v.Render(w)
}
func UserSiteGET(w http.ResponseWriter, r *http.Request) {
// Get session
sess := session.Instance(r)
// Does the user have a verified photo
verified := isVerified(r)
// Only allow access to this page if verified
if verified {
// Get database result
sites, err := model.SiteList()
if err != nil {
log.Println(err)
Error500(w, r)
return
}
user_id := uint64(sess.Values["id"].(uint32))
usernames, err := model.UsernamesByUserId(user_id)
if err != nil {
log.Println(err)
Error500(w, r)
return
}
// err == sql.ErrNoRows
// Display the view
v := view.New(r)
v.Name = "user_site"
v.Vars["first_name"] = sess.Values["first_name"]
v.Vars["sites"] = sites
// Copy the usernames into a map so they can be used in the form inputs
data := make(map[uint32]string)
for _, u := range usernames {
data[u.Site_id] = u.Name
}
v.Vars["data"] = data
v.Render(w)
} else {
Error404(w, r)
}
}
func UserEmailGET(w http.ResponseWriter, r *http.Request) {
// Get session
sess := session.Instance(r)
user_id := int64(sess.Values["id"].(uint32))
if !isVerifiedEmail(r, user_id) {
sess.AddFlash(view.Flash{"You can't change you email again until you verify your current email.", view.FlashError})
sess.Save(r, w)
http.Redirect(w, r, "/", http.StatusFound)
}
// Display the view
v := view.New(r)
v.Name = "user_email"
v.Vars["emailold"] = sess.Values["email"]
// Refill any form fields
view.Repopulate([]string{"email"}, r.Form, v.Vars)
v.Render(w)
}
func AdminRejectGET(w http.ResponseWriter, r *http.Request) {
// Get session
sess := session.Instance(r)
var params httprouter.Params
params = context.Get(r, "params").(httprouter.Params)
userid := params.ByName("userid")
picid := params.ByName("picid")
note := r.FormValue("note")
uid, _ := strconv.Atoi(userid)
err := model.PhotoReject(picid, uint64(uid), note)
if err != nil {
log.Println(err)
sess.AddFlash(view.Flash{"An error occurred on the server. Please try again later.", view.FlashError})
sess.Save(r, w)
} else {
sess.AddFlash(view.Flash{"Photo rejected!", view.FlashSuccess})
sess.Save(r, w)
user_info, err := model.UserEmailByUserId(int64(uid))
if err != nil {
log.Println()
} else {
c := view.ReadConfig()
// Email the update to the user
err := emailer.SendEmail(user_info.Email, "Photo Rejected on Verified.ninja",
"Hi "+user_info.First_name+",\n\nYour photo ("+picid+") was rejected for the following reason(s):\n"+note+"\n\nPlease upload a new private photo for verification: "+c.BaseURI)
if err != nil {
log.Println(err)
}
}
}
// Display the view
v := view.New(r)
v.SendFlashes(w)
}
func ContactGET(w http.ResponseWriter, r *http.Request) {
// Get session
sess := session.Instance(r)
// Display the view
v := view.New(r)
v.Name = "contact"
// If the user is logged in
if sess.Values["id"] != nil {
// Refill any form fields
view.Repopulate([]string{"message"}, r.Form, v.Vars)
v.Vars["email"] = sess.Values["email"]
v.Vars["fullname"] = fmt.Sprintf("%v %v", sess.Values["first_name"], sess.Values["last_name"])
v.Vars["logged_in"] = true
} else {
// Refill any form fields
view.Repopulate([]string{"email", "fullname", "message"}, r.Form, v.Vars)
}
v.Render(w)
}
func UserInformationGET(w http.ResponseWriter, r *http.Request) {
// Get session
sess := session.Instance(r)
user_id := uint64(sess.Values["id"].(uint32))
demo, err := model.DemographicByUserId(user_id)
if err != nil && err != sql.ErrNoRows {
log.Println(err)
}
ethnicity, err := model.EthnicityByUserId(user_id)
if err != nil && err != sql.ErrNoRows {
log.Println(err)
}
e := make(map[string]int)
for i := 0; i <= 9; i++ {
ee := fmt.Sprintf("%v", i)
e["E"+ee] = 0
for j := 0; j < len(ethnicity); j++ {
if int(ethnicity[j].Type_id) == i {
e["E"+ee] = 1
}
}
}
// Display the view
v := view.New(r)
v.Name = "user_info"
//v.Vars["token"] = csrfbanana.Token(w, r, sess)
v.Vars["first_name"] = sess.Values["first_name"]
v.Vars["demographic"] = demo
v.Vars["ethnicity"] = e
v.Render(w)
}
func AdminApproveGET(w http.ResponseWriter, r *http.Request) {
// Get session
sess := session.Instance(r)
var params httprouter.Params
params = context.Get(r, "params").(httprouter.Params)
userid := params.ByName("userid")
picid := params.ByName("picid")
uid, _ := strconv.Atoi(userid)
err := model.PhotoApprove(picid, uint64(uid))
if err != nil {
log.Println(err)
sess.AddFlash(view.Flash{"An error occurred on the server. Please try again later.", view.FlashError})
sess.Save(r, w)
} else {
sess.AddFlash(view.Flash{"Photo approved!", view.FlashSuccess})
sess.Save(r, w)
user_info, err := model.UserEmailByUserId(int64(uid))
if err != nil {
log.Println()
} else {
c := view.ReadConfig()
// Email the update to the user
err := emailer.SendEmail(user_info.Email, "Photo Approved on Verified.ninja",
"Hi "+user_info.First_name+",\n\nYour photo ("+picid+") was approved!\n\nLogin to see your updated profile: "+c.BaseURI)
if err != nil {
log.Println(err)
}
}
}
// Display the view
v := view.New(r)
v.SendFlashes(w)
}
func AdminUnverifyGET(w http.ResponseWriter, r *http.Request) {
// Get session
sess := session.Instance(r)
var params httprouter.Params
params = context.Get(r, "params").(httprouter.Params)
userid := params.ByName("userid")
picid := params.ByName("picid")
uid, _ := strconv.Atoi(userid)
err := model.PhotoUnverify(picid, uint64(uid))
if err != nil {
log.Println(err)
sess.AddFlash(view.Flash{"An error occurred on the server. Please try again later.", view.FlashError})
sess.Save(r, w)
} else {
sess.AddFlash(view.Flash{"Photo unverified!", view.FlashSuccess})
sess.Save(r, w)
}
// Display the view
v := view.New(r)
v.SendFlashes(w)
}
func PublicUsernameGET(w http.ResponseWriter, r *http.Request) {
// Get session
sess := session.Instance(r)
var params httprouter.Params
params = context.Get(r, "params").(httprouter.Params)
site := params.ByName("site")
username := params.ByName("username")
// Display the view
v := view.New(r)
v.Vars["isSelf"] = false
v.Vars["verified_email"] = false
user_info, err := model.UserByUsername(username, site)
if err == sql.ErrNoRows {
v.Vars["verified_private"] = false
v.Vars["verified_public"] = false
v.Vars["exists"] = false
} else if err != nil {
log.Println(err)
Error500(w, r)
return
} else {
v.Vars["verified_email"] = isVerifiedEmail(r, int64(user_info.Id))
v.Vars["exists"] = true
if sess.Values["id"] != nil {
if sess.Values["id"] == user_info.Id {
v.Vars["isSelf"] = true
}
}
if isVerifiedPublic(r, uint64(user_info.Id)) && isVerifiedPrivate(r, uint64(user_info.Id)) {
v.Vars["verified_public"] = true
// Get the photo information
//user_id := strconv.Itoa(int(sess.Values["id"].(uint32)))
user_id_string := strconv.Itoa(int(user_info.Id))
imagesDB, err := model.PhotosByUserId(uint64(user_info.Id))
if err != nil {
log.Println(err)
return
}
images := []Image{}
for _, val := range imagesDB {
img := Image{}
img.Name = val.Path
/*if val.Status_id == 1 {
img.Path = "image/" + user_id_string + "/" + val.Path + ".jpg"
} else {
img.Path = photoPath + user_id_string + "/" + val.Path + ".jpg"
}*/
img.Path = "image/" + user_id_string + "/" + val.Path + ".jpg"
img.Status_id = int(val.Status_id)
img.Date = val.Updated_at.Format("Jan _2, 2006")
// Only allows verified images right now
if val.Status_id == 1 && val.Initial == 0 {
images = append(images, img)
}
}
v.Vars["site"] = user_info.Site
v.Vars["profile"] = strings.Replace(user_info.Profile, ":name", user_info.Username, -1)
v.Vars["images"] = images
} else if isVerifiedPrivate(r, uint64(user_info.Id)) {
v.Vars["verified_private"] = true
} else {
v.Vars["verified_private"] = false
}
}
v.Name = "public_username"
v.Vars["username"] = username
//v.Vars["site"] = user_info.Site
//v.Vars["profile"] = user_info.Profile
v.Vars["home"] = user_info.Home
v.Render(w)
}
// Displays the default home page
func AdminGET(w http.ResponseWriter, r *http.Request) {
dirs, err := filepath.Glob(photoPath + "*")
if err != nil {
log.Println(err)
}
users := []User{}
ds := string(os.PathSeparator)
for _, v := range dirs {
u := User{}
idRaw := v[strings.LastIndex(v, ds)+1:]
u.Id, err = strconv.Atoi(idRaw)
if err != nil {
log.Println(err)
continue
}
info, err := model.UserNameById(u.Id)
if err == sql.ErrNoRows {
log.Println("User is not found in database:", u.Id)
continue
} else if err != nil {
log.Println(err)
continue
}
u.FirstName = info.First_name
u.LastName = info.Last_name
privateVerifiedCount := 0
publicVerifiedCount := 0
// Get the photo information
user_id := strconv.Itoa(u.Id)
imagesDB, err := model.PhotosByUserId(uint64(u.Id))
if err != nil {
log.Println(err)
return
}
//images := []Image{}
for _, val := range imagesDB {
img := Image{}
img.Name = val.Path
if val.Status_id == 1 {
u.VerifiedCount += 1
if val.Initial == 1 {
privateVerifiedCount += 1
} else if val.Initial == 0 {
publicVerifiedCount += 1
}
} else if val.Status_id == 2 {
u.UnverifiedCount += 1
}
img.Path = "image/" + user_id + "/" + val.Path + ".jpg"
img.Status_id = int(val.Status_id)
img.Date = val.Updated_at.Format("Jan _2, 2006")
img.Initial = int(val.Initial)
u.Images = append(u.Images, img)
}
// Get the user verification code
token_info, err := model.UserTokenByUserId(uint64(u.Id))
if err == sql.ErrNoRows {
log.Println(err)
token_info.Token = "TOKEN IS MISSING"
} else if err != nil {
log.Println(err)
token_info.Token = "TOKEN IS MISSING"
}
u.Token = token_info.Token
// Get the username information
sites, err := model.UserinfoByUserId(uint64(u.Id))
if err != nil {
log.Println(err)
return
}
u.SiteCount = len(sites)
u.Email = isVerifiedEmail(r, int64(u.Id))
if u.SiteCount > 0 && privateVerifiedCount > 0 && publicVerifiedCount > 0 && u.Email {
u.Ninja = true
}
users = append(users, u)
}
// Display the view
v := view.New(r)
v.Name = "admin"
v.Vars["users"] = users
v.Render(w)
}
// Displays the default home page
func AdminAllGET(w http.ResponseWriter, r *http.Request) {
dirs, err := filepath.Glob(photoPath + "*")
if err != nil {
log.Println(err)
}
users := []User{}
ds := string(os.PathSeparator)
for _, v := range dirs {
u := User{}
idRaw := v[strings.LastIndex(v, ds)+1:]
u.Id, err = strconv.Atoi(idRaw)
if err != nil {
log.Println(err)
continue
}
info, err := model.UserNameById(u.Id)
if err == sql.ErrNoRows {
log.Println("User is not found in database:", u.Id)
continue
} else if err != nil {
log.Println(err)
continue
}
u.FirstName = info.First_name
u.LastName = info.Last_name
/*files, err := filepath.Glob(photoPath + idRaw + "/*")
if err != nil {
log.Println(err)
continue
}
for _, v := range files {
i := Image{}
i.Name = v[strings.LastIndex(v, ds)+1:]
iid, _ := strconv.Atoi(strings.Replace(i.Name, `.jpg`, ``, -1))
i.Id = iid
i.Path = strings.Replace(v, `\`, `/`, -1)
u.Images = append(u.Images, i)
}*/
// Get the photo information
user_id := strconv.Itoa(u.Id)
imagesDB, err := model.PhotosByUserId(uint64(u.Id))
if err != nil {
log.Println(err)
return
}
//images := []Image{}
for _, val := range imagesDB {
img := Image{}
img.Name = val.Path
/*if val.Status_id == 1 {
img.Path = "image/" + user_id + "/" + val.Path + ".jpg"
} else {
img.Path = photoPath + user_id + "/" + val.Path + ".jpg"
}*/
img.Path = "image/" + user_id + "/" + val.Path + ".jpg"
img.Status_id = int(val.Status_id)
img.Date = val.Updated_at.Format("Jan _2, 2006")
img.Initial = int(val.Initial)
u.Images = append(u.Images, img)
}
//uid := sess.Values["id"].(uint32)
// Get the user verification code
token_info, err := model.UserTokenByUserId(uint64(u.Id))
if err == sql.ErrNoRows {
log.Println(err)
token_info.Token = "TOKEN IS MISSING"
} else if err != nil {
log.Println(err)
token_info.Token = "TOKEN IS MISSING"
}
u.Token = token_info.Token
users = append(users, u)
}
// Display the view
v := view.New(r)
v.Name = "admin_all"
v.Vars["users"] = users
v.Render(w)
}
// Displays the default home page
func VerifyUsernameGET(w http.ResponseWriter, r *http.Request) {
// Display the view
v := view.New(r)
v.Name = "verify_username"
v.Render(w)
}
func UserProfileGET(w http.ResponseWriter, r *http.Request) {
// Get session
sess := session.Instance(r)
// Get the user photos
photos, err := model.PhotosByUserId(uint64(sess.Values["id"].(uint32)))
if err != nil {
log.Println(err)
}
note := ""
photo := ""
status := uint8(0)
date := time.Now()
verified_private := false
unverified_private := false
rejected_private := false
verified_public := false
for _, v := range photos {
if v.Initial == 1 {
if v.Status_id == 1 {
verified_private = true
} else if v.Status_id == 2 {
unverified_private = true
note = v.Note
photo = v.Path
status = v.Status_id
date = v.Updated_at
} else if v.Status_id == 3 {
rejected_private = true
note = v.Note
photo = v.Path
status = v.Status_id
date = v.Updated_at
}
} else {
if v.Status_id == 1 {
verified_public = true
}
}
}
user_id := strconv.Itoa(int(sess.Values["id"].(uint32)))
// Display the view
v := view.New(r)
v.Vars["isNinja"] = false
// If a private photo is verified, show the page
if verified_private {
v.Name = "user_profile"
// Get the photo information
imagesDB, err := model.PhotosByUserId(uint64(sess.Values["id"].(uint32)))
if err != nil {
log.Println(err)
return
}
images := []Image{}
for _, val := range imagesDB {
img := Image{}
img.Name = val.Path
/*if val.Status_id == 1 {
img.Path = "image/" + user_id + "/" + val.Path + ".jpg"
} else {
img.Path = photoPath + user_id + "/" + val.Path + ".jpg"
}*/
img.Path = "image/" + user_id + "/" + val.Path + ".jpg"
img.Status_id = int(val.Status_id)
img.Date = val.Updated_at.Format("Jan _2, 2006")
img.Initial = int(val.Initial)
img.Note = val.Note
images = append(images, img)
}
v.Vars["images"] = images
// Get the username information
sites, err := model.UserinfoByUserId(uint64(sess.Values["id"].(uint32)))
if err != nil {
log.Println(err)
return
}
for i, val := range sites {
sites[i].Profile = strings.Replace(val.Profile, ":name", val.Username, -1)
}
v.Vars["sites"] = sites
if len(sites) > 0 && verified_public {
v.Vars["isNinja"] = true
}
} else {
if unverified_private {
// THIS NOTE MAY NOT BE FOR THE CORRECT PICTURE
v.Vars["note"] = note
//v.Vars["photo"] = photoPath + user_id + "/" + photo + ".jpg"
v.Vars["photo"] = "image/" + user_id + "/" + photo + ".jpg"
v.Vars["status_id"] = status
v.Vars["date"] = date.Format("Jan _2, 2006")
v.Vars["photo_id"] = photo
v.Name = "user_unverified"
} else if rejected_private {
// THIS NOTE MAY NOT BE FOR THE CORRECT PICTURE
v.Vars["note"] = note
//v.Vars["photo"] = photoPath + user_id + "/" + photo + ".jpg"
v.Vars["photo"] = "image/" + user_id + "/" + photo + ".jpg"
v.Vars["status_id"] = status
v.Vars["date"] = date.Format("Jan _2, 2006")
v.Vars["photo_id"] = photo
v.Name = "user_rejected"
} else {
http.Redirect(w, r, "/profile/initial", http.StatusFound)
return
}
}
v.Vars["first_name"] = sess.Values["first_name"]
v.Render(w)
}
func InitialPhotoGET(w http.ResponseWriter, r *http.Request) {
// Get session
sess := session.Instance(r)
user_id := uint64(sess.Values["id"].(uint32))
demo, err := model.DemographicByUserId(user_id)
if err != sql.ErrNoRows {
//log.Println(err)
}
// Force the user to enter in demographic information
if len(demo.Gender) < 1 {
UserInformationGET(w, r)
return
}
// If the user has no photos, show this page
// If the user has only unverified photos, show the waiting screen
// Get the user photos
photos, err := model.PhotosByUserId(uint64(sess.Values["id"].(uint32)))
if err != nil {
log.Println(err)
}
verified_private := false
unverified_private := false
//rejected_private := false
any_private := false
for _, v := range photos {
if v.Initial == 1 {
if v.Status_id == 1 {
verified_private = true
} else if v.Status_id == 2 {
unverified_private = true
} else if v.Status_id == 3 {
//rejected_private = true
}
any_private = true
}
}
// Redirect to profile to handle caess where all private photos are rejected
if len(photos) < 1 || verified_private || !any_private {
// Get the user verification code
token_info, err := model.UserTokenByUserId(user_id)
if err == sql.ErrNoRows {
token_info.Token = random.Generate(6)
token_info.User_id = uint32(user_id)
err = model.UserTokenCreate(user_id, token_info.Token)
} else if err != nil {
log.Println(err)
Error500(w, r)
return
}
// Display the view
v := view.New(r)
v.Name = "user_step1"
v.Vars["user_token"] = token_info.Token
v.Vars["first_name"] = sess.Values["first_name"]
v.Render(w)
} else if unverified_private {
http.Redirect(w, r, "/profile", http.StatusFound)
} else {
//Error404(w, r)
http.Redirect(w, r, "/profile", http.StatusFound)
}
}
// Displays the default home page
func TermsGET(w http.ResponseWriter, r *http.Request) {
// Display the view
v := view.New(r)
v.Name = "terms"
v.Render(w)
}
// Displays the default home page
func AdminUserGET(w http.ResponseWriter, r *http.Request) {
var params = context.Get(r, "params").(httprouter.Params)
userid := params.ByName("userid")
user_id, _ := strconv.Atoi(userid)
users := []User{}
for _, v := range []int{user_id} {
u := User{}
u.Id = v
info, err := model.UserNameById(u.Id)
if err == sql.ErrNoRows {
log.Println("User is not found in database:", u.Id)
continue
} else if err != nil {
log.Println(err)
continue
}
u.FirstName = info.First_name
u.LastName = info.Last_name
// Get the photo information
user_id := strconv.Itoa(u.Id)
imagesDB, err := model.PhotosByUserId(uint64(u.Id))
if err != nil {
log.Println(err)
return
}
//images := []Image{}
for _, val := range imagesDB {
img := Image{}
img.Name = val.Path
img.Path = "image/" + user_id + "/" + val.Path + ".jpg"
img.Status_id = int(val.Status_id)
img.Date = val.Updated_at.Format("Jan _2, 2006")
img.Initial = int(val.Initial)
u.Images = append(u.Images, img)
}
// Get the user verification code
token_info, err := model.UserTokenByUserId(uint64(u.Id))
if err == sql.ErrNoRows {
log.Println(err)
token_info.Token = "TOKEN IS MISSING"
} else if err != nil {
log.Println(err)
token_info.Token = "TOKEN IS MISSING"
}
u.Token = token_info.Token
users = append(users, u)
}
// Display the view
v := view.New(r)
v.Name = "admin_all"
v.Vars["users"] = users
v.Render(w)
}
// Displays the default home page
func AboutGET(w http.ResponseWriter, r *http.Request) {
// Display the view
v := view.New(r)
v.Name = "about"
v.Render(w)
}