API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jun 5th, 2017
160
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Go 7.99 KB | None | 0 0
raw download clone embed print report
  1. package main
  2.  
  3. import (
  4.     "fmt"
  5.     "html/template"
  6.     "net/http"
  7.     "database/sql"
  8.     "time"
  9.  
  10.     "golang.org/x/crypto/bcrypt"
  11.     _ "github.com/go-sql-driver/mysql"
  12.  
  13.     "./models"
  14.     "./utils"
  15.     "log"
  16. )
  17.  
  18. var data        map[string]models.Session
  19. var db          *sql.DB
  20. var p           []*models.Post
  21. var err         error
  22. var databaseId          int
  23. var databaseUsername    string
  24. var databasePassword    string
  25. var res_id      int
  26. var res_title       string
  27. var res_content     string
  28. var res_id_usr      int
  29. var idForEdit       int
  30. var idFromUser      int
  31. var cookies         string
  32. var Username        string
  33.  
  34.  
  35. const COOKIE_NAME  = "sessionId"
  36.  
  37.  
  38. func MainHandler(w http.ResponseWriter, r *http.Request) {
  39.     p = []*models.Post{}
  40.  
  41.     t, err := template.ParseFiles("templates/header.html", "templates/footer.html", "templates/index.html")
  42.     if err != nil {
  43.         fmt.Fprintf(w, err.Error())
  44.         return
  45.     }
  46.  
  47.     rows, err := db.Query("SELECT id, title, content, id_user FROM posts")
  48.     if err != nil {
  49.         log.Println(err)
  50.     }
  51.  
  52.     for rows.Next() {
  53.         //err = rows.Scan(&post.ID, &post.Title, &post.Content, post.UserID)
  54.         err = rows.Scan(&res_id, &res_title, &res_content, &res_id_usr)
  55.         //log.Println("CHECKING STRUCT:", models.Post{res_id, res_title, res_content, databaseId})
  56.         if err != nil {
  57.             log.Println(err)
  58.             continue
  59.         }
  60.         data := &models.Post{ID: res_id, Title: res_title, Content: res_content, UserID: res_id_usr}
  61.         p = append(p, data)
  62.     }
  63.  
  64.     t.ExecuteTemplate(w, "index", p)
  65.  
  66. }
  67.  
  68. func GetLoginHandler(w http.ResponseWriter, r *http.Request) {
  69.     t, err := template.ParseFiles("templates/header.html", "templates/footer.html", "templates/log.html", "templates/index.html")
  70.     if err != nil {
  71.         fmt.Fprintf(w, err.Error())
  72.         return
  73.     }
  74.  
  75.     t.ExecuteTemplate(w, "login", nil)
  76. }
  77.  
  78. func PostLoginHandler(w http.ResponseWriter, r *http.Request) {
  79.     username := r.FormValue("username")
  80.     password := r.FormValue("password")
  81.  
  82.     err := db.QueryRow("SELECT id, username, password FROM users WHERE username=?", username).Scan(&databaseId, &databaseUsername, &databasePassword)
  83.  
  84.     if err != nil {
  85.         http.Redirect(w, r, "/signup", 301)
  86.         return
  87.     }
  88.  
  89.     err = bcrypt.CompareHashAndPassword([]byte(databasePassword), []byte(password))
  90.     if err != nil {
  91.         http.Redirect(w, r, "/signup", 301)
  92.         return
  93.     }
  94.  
  95.     http.Redirect(w, r, "/index", 302)
  96.  
  97. }
  98.  
  99.  
  100. func GetSignupHandler(w http.ResponseWriter, r *http.Request) {
  101.     t, err := template.ParseFiles("templates/header.html", "templates/footer.html", "templates/log.html", "templates/index.html", "templates/signup.html")
  102.     if err != nil {
  103.         fmt.Fprintf(w, err.Error())
  104.         return
  105.     }
  106.  
  107.     t.ExecuteTemplate(w, "signup", nil)
  108.  
  109. }
  110.  
  111. func SignupHandler(w http.ResponseWriter, r *http.Request) {
  112.     username := r.FormValue("username")
  113.     password := r.FormValue("password")
  114.  
  115.     var user string
  116.  
  117.     err := db.QueryRow("SELECT username FROM users WHERE username=?", username).Scan(&user)
  118.  
  119.     switch {
  120.     case err == sql.ErrNoRows:
  121.         hashedPassword, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
  122.  
  123.         cookies := ensureCookie(r, w) // generation cookies
  124.         if cookies == "" {
  125.             fmt.Println("COOKIES DONT WRITE")
  126.         }
  127.         fmt.Println("COOKIES:", cookies)
  128.  
  129.         if err != nil {
  130.             http.Error(w, "Server error, unable to create your account.", 500)
  131.             return
  132.         }
  133.  
  134.         _, err = db.Exec("INSERT INTO users(username, password, cookies) VALUES(?, ?, ?)", username, hashedPassword, cookies)
  135.         if err != nil {
  136.             http.Error(w, "Server error, unable to create your account.", 500)
  137.             return
  138.         }
  139.  
  140.         fmt.Println("User created: ", username, password)
  141.         http.Redirect(w, r, "/index", 302)
  142.         return
  143.     case err != nil:
  144.         http.Error(w, "Server error, unable to create your account.", 500)
  145.         return
  146.     default:
  147.         http.Redirect(w, r, "/", 301)
  148.     }
  149. }
  150.  
  151. func WriteHandler(w http.ResponseWriter, r *http.Request) {
  152.     t, err := template.ParseFiles("templates/write.html", "templates/header.html", "templates/footer.html")
  153.     if err != nil {
  154.         fmt.Fprintf(w, err.Error())
  155.         return
  156.     }
  157.  
  158.     t.ExecuteTemplate(w, "write", nil)
  159. }
  160.  
  161. func SavepostHandler(w http.ResponseWriter, r *http.Request) {
  162.     id := r.FormValue("id")
  163.     title := r.FormValue("title")
  164.     content := r.FormValue("content")
  165.  
  166.  
  167.     if id != "" {
  168.         _, err := db.Exec("UPDATE posts SET title=?, content=? WHERE id_user=?", title, content, databaseId)
  169.         if err != nil {
  170.             http.Error(w, "Server error, unable to add your post.", 500)
  171.             return
  172.         }
  173.  
  174.     } else {
  175.         _, err = db.Exec("INSERT INTO posts(title, content, id_user) VALUES (?, ?, ?)", title, content, databaseId)
  176.         if err != nil {
  177.             http.Error(w, "Server error, unable to add your post.", 500)
  178.             return
  179.         }
  180.     }
  181.  
  182.     http.Redirect(w, r, "/index", 302)
  183. }
  184.  
  185.  
  186. func EditHandler(w http.ResponseWriter, r *http.Request) {
  187.     //res := make([]int, 0)
  188.     data = make(map[string]models.Session)
  189.  
  190.  
  191.     cookie := getCookie()
  192.     user := getUsername()
  193.  
  194.  
  195.     t, err := template.ParseFiles("templates/write.html", "templates/header.html", "templates/footer.html")
  196.     if err != nil {
  197.         fmt.Fprintf(w, err.Error())
  198.         return
  199.     }
  200.  
  201.     rows, err := db.Query("SELECT id,id_user FROM posts WHERE id_user=?", &databaseId)
  202.     if err != nil {
  203.         log.Println(err)
  204.     }
  205.  
  206.     for rows.Next() {
  207.         err = rows.Scan(&idForEdit, &idFromUser)
  208.         if err != nil {
  209.             log.Println(err)
  210.             continue
  211.         }
  212.     }
  213.  
  214.     data[cookie] = models.Session{Id: idForEdit, Username: user, IdPost: idFromUser}
  215.     log.Println(data[cookie].IdPost)
  216.  
  217.     // Нужно получать еще ид поста через БД и сравнивать со значением IdPost, если всё ок, то разрешать редачить пост
  218.     // Если нет, шлём нахуй
  219.  
  220.     //
  221.     //for _, br := range res {
  222.     //  if br == databaseId {
  223.     //      log.Println(true)
  224.     //      log.Println("br:", br)
  225.     //      log.Println("databaseID", databaseId)
  226.     //      //t.ExecuteTemplate(w, "write", nil)
  227.     //  } else {
  228.     //      log.Println("br:", br)
  229.     //      log.Println("databaseID", databaseId)
  230.     //      log.Println(false)
  231.     //  }
  232.     //  //http.Redirect(w, r, "/index", 302)
  233.     //
  234.     //}
  235.  
  236.     t.ExecuteTemplate(w, "write", nil)
  237.  
  238.     //http.Redirect(w, r, "/index", 302)
  239.  
  240. }
  241.  
  242.  
  243. func getCookie() string {
  244.     rows, err := db.Query("SELECT cookies FROM users WHERE id=?", &databaseId)
  245.     if err != nil {
  246.         log.Println(err)
  247.     }
  248.  
  249.     for rows.Next() {
  250.         err = rows.Scan(&cookies)
  251.         if err != nil {
  252.             log.Println(err)
  253.             continue
  254.         }
  255.     }
  256.     return cookies
  257.  
  258. }
  259.  
  260. func getUsername() string {
  261.     rows, err := db.Query("SELECT username FROM users WHERE id=?", &databaseId)
  262.     if err != nil {
  263.         log.Println(err)
  264.     }
  265.  
  266.     for rows.Next() {
  267.         err = rows.Scan(&Username)
  268.         if err != nil {
  269.             log.Println(err)
  270.             continue
  271.         }
  272.     }
  273.     return Username
  274. }
  275.  
  276. //func DeleteHandler(w http.ResponseWriter, r *http.Request) {
  277. //  id := r.FormValue("id")
  278. //  if id == "" {
  279. //      http.NotFound(w, r)
  280. //      return
  281. //  }
  282. //  delete(posts, id)
  283. //
  284. //  http.Redirect(w, r, "/index", 302)
  285. //}
  286.  
  287.  
  288. func ensureCookie(r *http.Request, w http.ResponseWriter) string {
  289.     cookie, _ := r.Cookie(COOKIE_NAME)
  290.     if cookie != nil {
  291.         return  cookie.Value
  292.     }
  293.     sessionId := utils.GenerateId()
  294.  
  295.     cookie = &http.Cookie{
  296.         Name: COOKIE_NAME,
  297.         Value: sessionId,
  298.         Expires: time.Now().Add(5 * time.Minute),
  299.     }
  300.     http.SetCookie(w, cookie)
  301.  
  302.     return sessionId
  303. }
  304.  
  305. func main () {
  306.     fmt.Println("[+]Listen on port :3000")
  307.  
  308.     db, err = sql.Open("mysql", "root@/test")
  309.     if err != nil {
  310.         fmt.Println(err)
  311.     }
  312.  
  313.     defer db.Close()
  314.  
  315.     // Check connect db
  316.     err = db.Ping()
  317.     if err != nil {
  318.         fmt.Println("[-]Database is not connect")
  319.         panic(err.Error())
  320.     } else {
  321.         fmt.Println("[+]Database is connect")
  322.     }
  323.  
  324.     http.Handle("./assets", http.StripPrefix("/assets/", http.FileServer(http.Dir("/assets"))))
  325.     http.HandleFunc("/", GetLoginHandler)
  326.     http.HandleFunc("/index", MainHandler)
  327.     http.HandleFunc("/login", PostLoginHandler)
  328.     http.HandleFunc("/write", WriteHandler)
  329.     http.HandleFunc("/SavePost", SavepostHandler)
  330.     //http.HandleFunc("/delete", DeleteHandler)
  331.     http.HandleFunc("/edit", EditHandler)
  332.     http.HandleFunc("/signup", GetSignupHandler)
  333.     http.HandleFunc("/Signup", SignupHandler)
  334.  
  335.     http.ListenAndServe(":3000", nil)
  336. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!