greatbody
/
freeCodeCamp
mirror of https://github.com/freeCodeCamp/freeCodeCamp.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Fix display of comments if user is not logged in, disable reply button if no user, reject attempted comments if no user and no author

pull/215/head
Nathan Leniz 2015-03-17 17:44:52 +09:00
parent 8306662531
commit 8b491ed27e
3 changed files with 30 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
controllers/story.js
View File

@ -148,7 +148,7 @@ exports.returnIndividualStory = function(req, res, next) {
upVotes: story.upVotes,
comments: story.comments,
id: story._id,
user: req.user,
user: req.user || null,
timeAgo: moment(story.timePosted).fromNow(),
image: story.image,
page: 'show',
@ -227,6 +227,9 @@ exports.comments = function(req, res, next) {
};
exports.newStory = function(req, res) {
if (!req.user) {
res.status(500);
}
var url = req.body.data.url;
var cleanURL = sanitizeHtml(url, {
allowedTags: [],
@ -284,6 +287,9 @@ exports.newStory = function(req, res) {
exports.storySubmission = function(req, res) {
var data = req.body.data;
if (!req.user && !data.author) {
res.status(500);
}
var storyLink = data.headline
.replace(/\'/g, '')
.replace(/\"/g, '')
@ -327,6 +333,9 @@ exports.storySubmission = function(req, res) {
exports.commentSubmit = function(req, res) {
var data = req.body.data;
if (!req.user && !data.author) {
res.status(500);
}
var sanitizedBody = sanitizeHtml(data.body,
{
allowedTags: [],
@ -353,6 +362,9 @@ exports.commentSubmit = function(req, res) {
exports.commentOnCommentSubmit = function(req, res) {
var data = req.body.data;
if (!req.user && !data.author) {
res.status(500);
}
var sanitizedBody = sanitizeHtml(data.body,
{
allowedTags: [],

7
views/stories/comments.jade
View File

@ -21,6 +21,8 @@
success: function (data, textStatus, xhr) {
commentDetails = data;
var div = document.createElement('div');
var disabledReply = !!user;
$(div)
.html(
'<div class="media media-news">' +
@ -34,7 +36,7 @@
'<p>' + commentDetails.body + '</p>' +
'<h6>' +
'<div class="clearfix comment-a-comment negative-15">' +
"<a class='btn btn-no-shadow btn-primary btn-xs btn-primary-ghost' id='" + commentDetails._id + "'>Reply</a> · " +
"<a class='btn btn-no-shadow btn-primary btn-xs btn-primary-ghost' id='" + commentDetails._id + " disabled='" + disabledReply + "'>Reply</a> · " +
"commented " + moment(commentDetails.commentOn).fromNow() + " by " +
"<a href='/" + commentDetails.author.username + "'>@" + commentDetails.author.username + "</a>" +
'</div>' +
@ -55,6 +57,9 @@
sentinel--;
if (!sentinel) {
$('.comment-a-comment').on('click', 'a', function () {
if (!user) {
return;
}
$(this).unbind('click');
$('.comment-to-comment-formgroup').empty();
$('#initial-comment-submit').addClass('hidden-element');

21
views/stories/show.jade
View File

@ -42,22 +42,23 @@
span &thinsp;by&thinsp;
a(href="/" + author.username) @#{author.username}
.col-xs-12#reply-area
.hidden-element#initial-comment-submit
form.form-horizontal.control-label-story-submission
.col-xs-12
.input-group
input#comment-box.big-text-field.field-responsive.form-control(type='text', placeholder='Enter your reply', autofocus)
span.input-group-btn
button#comment-button.btn.btn-big.btn-primary.btn-responsive(type='button') Send
span.spacer.pull-left#textarea_feedback
if (user !== null)
.col-xs-12#reply-area
.hidden-element#initial-comment-submit
form.form-horizontal.control-label-story-submission
.col-xs-12
.input-group
input#comment-box.big-text-field.field-responsive.form-control(type='text', placeholder='Enter your reply', autofocus)
span.input-group-btn
button#comment-button.btn.btn-big.btn-primary.btn-responsive(type='button') Send
span.spacer.pull-left#textarea_feedback
script.
if (image) {
$('#image-display').removeClass('hidden-element')
}
$('#reply-to-main-post').on('click', function() {
if (!user) return;
$('#initial-comment-submit').removeClass('hidden-element');
$(this).unbind('click');
$('.comment-to-comment-formgroup').empty();