parent
fea953fdef
commit
68e73aba3e
|
@ -45,6 +45,8 @@ end
|
||||||
--[[
|
--[[
|
||||||
Provides an iterator that loops over results in an sql statement
|
Provides an iterator that loops over results in an sql statement
|
||||||
or throws an error, then resets the statement after the loop is done.
|
or throws an error, then resets the statement after the loop is done.
|
||||||
|
Returned iterator returns varargs, so the values can be unpacked in-line in the
|
||||||
|
for loop.
|
||||||
]]
|
]]
|
||||||
function db.sql_rows(stmnt)
|
function db.sql_rows(stmnt)
|
||||||
if not stmnt then error("No statement",2) end
|
if not stmnt then error("No statement",2) end
|
||||||
|
|
|
@ -15,6 +15,10 @@ function configure(...)
|
||||||
return oldconfigure(...)
|
return oldconfigure(...)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
--[[
|
||||||
|
When a user is typing in the "tags" editbox when posting a story, suggest
|
||||||
|
tags for them to include based on what they've typed so far.
|
||||||
|
]]
|
||||||
local function suggest_tags(req,data)
|
local function suggest_tags(req,data)
|
||||||
--[[
|
--[[
|
||||||
Prevent a malicious user from injecting '%' into the string
|
Prevent a malicious user from injecting '%' into the string
|
||||||
|
|
85
src/smr.c
85
src/smr.c
|
@ -105,12 +105,18 @@ do_lua(struct http_request *req, const char *name){
|
||||||
return KORE_RESULT_OK;
|
return KORE_RESULT_OK;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#define route(method, lua_method) \
|
||||||
|
int\
|
||||||
|
method(struct http_request *req){\
|
||||||
|
return do_lua(req,#lua_method);\
|
||||||
|
}
|
||||||
|
|
||||||
/***
|
/***
|
||||||
Called at the endpoint <domain>/_paste.
|
Called at the endpoint <domain>/_paste.
|
||||||
This method doesn't need any parameters for GET requests,
|
This method doesn't need any parameters for GET requests.
|
||||||
and expects the following parametrs when POSTing:
|
This method expects the following for POST requests:
|
||||||
* title :: string
|
* title :: string - story title
|
||||||
* text :: string
|
* text :: string - text to put through markup
|
||||||
* markup :: string - a valid markup type
|
* markup :: string - a valid markup type
|
||||||
In addition to the normal assets, this page includes
|
In addition to the normal assets, this page includes
|
||||||
suggest_tags.js, which suggests tags that have been
|
suggest_tags.js, which suggests tags that have been
|
||||||
|
@ -119,26 +125,65 @@ submitted to the site before.
|
||||||
@custom http_method GET POST
|
@custom http_method GET POST
|
||||||
@param http_request req The request to service
|
@param http_request req The request to service
|
||||||
***/
|
***/
|
||||||
int
|
route(post_story,"paste");
|
||||||
post_story(struct http_request *req){
|
|
||||||
return do_lua(req,"paste");
|
|
||||||
}
|
|
||||||
|
|
||||||
int
|
/***
|
||||||
edit_story(struct http_request *req){
|
Called at the endpoint <domain>/_edit.
|
||||||
return do_lua(req,"edit");
|
This method requires the following for GET requests:
|
||||||
}
|
* story :: string - The url of the story to edit
|
||||||
|
This method requires the following for POST requests:
|
||||||
|
* title :: string - story title
|
||||||
|
* text :: string - text to put through markup
|
||||||
|
* markup :: string - a valid markup type
|
||||||
|
* story :: string - the story we're editing
|
||||||
|
In addition to normal assets, this page includes
|
||||||
|
suggest_tags.js, which suggests tags that have been
|
||||||
|
submitted to the site before.
|
||||||
|
@function _G.edit
|
||||||
|
@custom http_method GET POST
|
||||||
|
@param http_request req The request to service
|
||||||
|
***/
|
||||||
|
route(edit_story, "edit");
|
||||||
|
|
||||||
int
|
/***
|
||||||
edit_bio(struct http_request *req){
|
Called at the endpoint <domain>/_bio
|
||||||
return do_lua(req,"edit_bio");
|
This method does not need any parameters for GET requests.
|
||||||
}
|
This method requires the following for POST requests:
|
||||||
|
* text :: string - The text to use as the author bio
|
||||||
|
* author :: string - The author to modify
|
||||||
|
If the logged in user does not match the author being
|
||||||
|
modified, the user recives a 401 Unauthorized error.
|
||||||
|
@function _G.edit_bio
|
||||||
|
@custom http_method GET POST
|
||||||
|
@param http_request req The request to service
|
||||||
|
***/
|
||||||
|
route(edit_bio, "edit_bio");
|
||||||
|
|
||||||
int
|
/***
|
||||||
read_story(struct http_request *req){
|
Called at the endpoint <domain>/[^_]*
|
||||||
return do_lua(req,"read");
|
This method does not require any parameters for GET requests, but may include:
|
||||||
}
|
* load_comments :: 0 | 1 - Legacy parameter for loading comments
|
||||||
|
* pwd :: [0-9a-f]{128} - If the post is marked as "unlisted", this parameter is
|
||||||
|
needed, if it is not passed, the user receives a 401 Unauthorized error.
|
||||||
|
This method requires the following for POST requests:
|
||||||
|
* text :: string - Comment text
|
||||||
|
* postas :: string - The user to post as, if this is not "Anonymous", the
|
||||||
|
request must include a session cookie. If it does not, the user receives
|
||||||
|
a 401 Unauthorized error.
|
||||||
|
* pwd :: [0-9a-f]{128} - Currently unused, but it's intended use is to validate
|
||||||
|
the user has the password for unlisted stories.
|
||||||
|
@function _G.read
|
||||||
|
@custom http_method GET POST
|
||||||
|
@param http_request req The request to service
|
||||||
|
***/
|
||||||
|
route(read_story, "read");
|
||||||
|
|
||||||
|
/***
|
||||||
|
Called at the endpoint <domain>/_login
|
||||||
|
This method does not requirei any parameters for GET requests.
|
||||||
|
This method requiries the following for POST requests:
|
||||||
|
* user :: [a-z0-9]{1,30} - The username to log in as
|
||||||
|
* pass :: any - The passfile for this user
|
||||||
int
|
int
|
||||||
login(struct http_request *req){
|
login(struct http_request *req){
|
||||||
return do_lua(req,"login");
|
return do_lua(req,"login");
|
||||||
|
|
Loading…
Reference in New Issue