From d590574712d42899e88e58c33a8ad8161097b1df Mon Sep 17 00:00:00 2001 From: MrFry Date: Tue, 14 Apr 2020 17:50:59 +0200 Subject: [PATCH 1/2] Feedback logging: showing if feedback is from login page, https redirect in main module --- modules/api/api.js | 6 +++++- modules/main/views/main.ejs | 2 +- modules/qmining/qmining-page | 2 +- 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/modules/api/api.js b/modules/api/api.js index 699ffbb..14b0c50 100644 --- a/modules/api/api.js +++ b/modules/api/api.js @@ -358,7 +358,11 @@ function GetApp () { app.post('/postfeedback', function (req, res) { logger.LogReq(req) - logger.Log('New feedback message', logger.GetColor('bluebg'), true) + if (res.body.fromLogin) { + logger.Log('New feedback message from Login page', logger.GetColor('bluebg'), true) + } else { + logger.Log('New feedback message from feedback page', logger.GetColor('bluebg'), true) + } utils.AppendToFile(utils.GetDateString() + ':\n' + JSON.stringify(req.body), msgFile) res.json({ success: true }) }) diff --git a/modules/main/views/main.ejs b/modules/main/views/main.ejs index 11d8f43..e7a6c4e 100755 --- a/modules/main/views/main.ejs +++ b/modules/main/views/main.ejs @@ -27,7 +27,7 @@

- + 
    ____           __     __      
   / __/_____ __  / /__ _/ /  ___ 
diff --git a/modules/qmining/qmining-page b/modules/qmining/qmining-page
index 98ec8c4..12027fb 160000
--- a/modules/qmining/qmining-page
+++ b/modules/qmining/qmining-page
@@ -1 +1 @@
-Subproject commit 98ec8c4a89af4e986ea608946d27ed25760858f9
+Subproject commit 12027fb5d93d2ce4bcc36bd2e587df52a5e7e18e

From 658840bd846d47c5d299bd3dd73faa71e89393b0 Mon Sep 17 00:00:00 2001
From: MrFry 
Date: Wed, 15 Apr 2020 19:32:01 +0200
Subject: [PATCH 2/2] User ID logging even on exceptions, more detailed
 feedback logging/saving, stuff module fix, login screen description on
 feedback change

---
 middlewares/auth.middleware.js | 15 +++++++--------
 modules/api/api.js             | 12 ++++++++++--
 modules/qmining/qmining-page   |  2 +-
 modules/stuff/stuff.js         |  6 +++---
 sharedViews/login.ejs          |  1 +
 5 files changed, 22 insertions(+), 14 deletions(-)

diff --git a/middlewares/auth.middleware.js b/middlewares/auth.middleware.js
index 7a54f64..ee1e77b 100644
--- a/middlewares/auth.middleware.js
+++ b/middlewares/auth.middleware.js
@@ -32,14 +32,12 @@ module.exports = function (options) {
       return
     }
 
-    if (isException) {
-      req.session = { isException: true }
-      logger.DebugLog(`EXCEPTION: ${req.url}`, 'auth', 1)
-      next()
-      return
-    }
-
     if (!sessionID) {
+      if (isException) {
+        logger.DebugLog(`EXCEPTION: ${req.url}`, 'auth', 1)
+        next()
+        return
+      }
       logger.DebugLog(`No session ID: ${req.url}`, 'auth', 1)
       renderLogin(req, res)
       return
@@ -55,7 +53,8 @@ module.exports = function (options) {
 
     req.session = {
       user: user,
-      sessionID: sessionID
+      sessionID: sessionID,
+      isException: isException
     }
 
     logger.DebugLog(`ID #${user.id}: ${req.url}`, 'auth', 1)
diff --git a/modules/api/api.js b/modules/api/api.js
index 14b0c50..fc1be82 100644
--- a/modules/api/api.js
+++ b/modules/api/api.js
@@ -358,12 +358,20 @@ function GetApp () {
 
   app.post('/postfeedback', function (req, res) {
     logger.LogReq(req)
-    if (res.body.fromLogin) {
+    if (req.body.fromLogin) {
       logger.Log('New feedback message from Login page', logger.GetColor('bluebg'), true)
     } else {
       logger.Log('New feedback message from feedback page', logger.GetColor('bluebg'), true)
     }
-    utils.AppendToFile(utils.GetDateString() + ':\n' + JSON.stringify(req.body), msgFile)
+
+    const ip = req.headers['cf-connecting-ip'] || req.connection.remoteAddress
+    const user = req.session.user
+
+    utils.AppendToFile(utils.GetDateString() + ':\n' + JSON.stringify({
+      ...req.body,
+      userID: user ? user.id : 'no user',
+      ip: ip
+    }), msgFile)
     res.json({ success: true })
   })
 
diff --git a/modules/qmining/qmining-page b/modules/qmining/qmining-page
index 12027fb..e93c320 160000
--- a/modules/qmining/qmining-page
+++ b/modules/qmining/qmining-page
@@ -1 +1 @@
-Subproject commit 12027fb5d93d2ce4bcc36bd2e587df52a5e7e18e
+Subproject commit e93c320ee3cba0e8bd040fcf38bd531af3b438c2
diff --git a/modules/stuff/stuff.js b/modules/stuff/stuff.js
index e113197..66d7bc3 100644
--- a/modules/stuff/stuff.js
+++ b/modules/stuff/stuff.js
@@ -39,7 +39,7 @@ function GetApp () {
   }
 
   // files in public dirs
-  const listedFiles = p + 'files'
+  const listedFiles = './' + p + 'files'
 
   app.set('view engine', 'ejs')
   app.set('views', [
@@ -76,7 +76,7 @@ function GetApp () {
         fp.pop()
         fp = fp.join('/')
       }
-      const fpath = './public/files' + fp
+      const fpath = listedFiles + fp
       if (!fs.existsSync(fpath)) {
         res.render('nofile', {
           missingFile: fpath,
@@ -151,7 +151,7 @@ function GetApp () {
   app.get('/*', function (req, res) {
     let parsedUrl = decodeURI(req.url)
     let curr = listedFiles + '/' + parsedUrl.substring('/'.length, parsedUrl.length).split('?')[0]
-    let relPath = curr.substring('./public/files'.length, curr.length)
+    let relPath = curr.substring(listedFiles.length, curr.length)
 
     if (relPath[relPath.length - 1] !== '/') { relPath += '/' }
 
diff --git a/sharedViews/login.ejs b/sharedViews/login.ejs
index 8e0e4b3..6fadd14 100644
--- a/sharedViews/login.ejs
+++ b/sharedViews/login.ejs
@@ -155,6 +155,7 @@
     function ShowFeedback () {
       const form = document.getElementById('form').style.display = "none";
       const feedback = document.getElementById('feedback').style.display = "block";
+      document.getElementById('text').innerText = 'Ha szeretnél választ kapni kérdésedre írd be e-mailed, vagy kattints a lenti "IRC" linkre. Jelszót lehetőleg meglévő felhasználóktól kérj! E-mail esetén válasz spam-be is érkezhet!'
     }
     function HandleResp (resp) {
       document.getElementById('sendButton').innerText = 'Login'