diff --git a/database.js b/database.js index f2e33158..861b9d04 100644 --- a/database.js +++ b/database.js @@ -178,7 +178,7 @@ exports.loadChannel = function(chan) { chan.registered = true; // Load library - var query = "SELECT * FROM chan_{}_library" + var query = "SELECT * FROM `chan_{}_library`" .replace("{}", sqlEscape(chan.name)); var results = db.querySync(query); if(!results) { @@ -191,7 +191,7 @@ exports.loadChannel = function(chan) { } // Load bans - var query = "SELECT * FROM chan_{}_bans" + var query = "SELECT * FROM `chan_{}_bans`" .replace("{}", sqlEscape(chan.name)); var results = db.querySync(query); if(!results) { @@ -264,7 +264,7 @@ exports.lookupChannelRank = function(channame, username) { Logger.errlog.log("database.lookupChannelRank: DB connection failed"); return Rank.Guest; } - var query = "SELECT * FROM chan_{1}_ranks WHERE name='{2}'" + var query = "SELECT * FROM `chan_{1}_ranks` WHERE name='{2}'" .replace("{1}", sqlEscape(channame)) .replace("{2}", sqlEscape(username)); var results = db.querySync(query); @@ -286,14 +286,14 @@ exports.saveChannelRank = function(channame, user) { Logger.errlog.log("database.saveChannelRank: DB connection failed"); return false; } - var query = "UPDATE chan_{1}_ranks SET rank='{2}' WHERE name='{3}'" + var query = "UPDATE `chan_{1}_ranks` SET rank='{2}' WHERE name='{3}'" .replace("{1}", sqlEscape(channame)) .replace("{2}", sqlEscape(user.rank)) .replace("{3}", sqlEscape(user.name)); var results = db.querySync(query); // Gonna have to insert a new one, bugger if(!results.fetchAllSync) { - var query = "INSERT INTO chan_{1}_ranks (`name`, `rank`) VALUES ('{2}', '{3}')" + var query = "INSERT INTO `chan_{1}_ranks` (`name`, `rank`) VALUES ('{2}', '{3}')" .replace("{1}", sqlEscape(channame)) .replace("{2}", sqlEscape(user.name)) .replace("{3}", sqlEscape(user.rank)); @@ -309,7 +309,7 @@ exports.cacheMedia = function(channame, media) { Logger.errlog.log("database.cacheMedia: DB connection failed"); return false; } - var query = "INSERT INTO chan_{1}_library VALUES ('{2}', '{3}', {4}, '{5}', '{6}')" + var query = "INSERT INTO `chan_{1}_library` VALUES ('{2}', '{3}', {4}, '{5}', '{6}')" .replace("{1}", sqlEscape(channame)) .replace("{2}", sqlEscape(media.id)) .replace("{3}", sqlEscape(media.title)) @@ -327,7 +327,7 @@ exports.uncacheMedia = function(channame, id) { Logger.errlog.log("database.uncacheMedia: DB connection failed"); return false; } - var query = "DELETE FROM chan_{1}_library WHERE id='{2}'" + var query = "DELETE FROM `chan_{1}_library` WHERE id='{2}'" .replace("{1}", sqlEscape(channame)) .replace("{2}", sqlEscape(id)) var results = db.querySync(query); @@ -341,7 +341,7 @@ exports.addChannelBan = function(channame, actor, receiver) { Logger.errlog.log("exports.addChannelBan: DB connection failed"); return false; } - var query = "INSERT INTO chan_{1}_bans (`ip`, `name`, `banner`) VALUES ('{2}', '{3}', '{4}')" + var query = "INSERT INTO `chan_{1}_bans` (`ip`, `name`, `banner`) VALUES ('{2}', '{3}', '{4}')" .replace("{1}", sqlEscape(channame)) .replace("{2}", sqlEscape(receiver.ip)) .replace("{3}", sqlEscape(receiver.name)) @@ -357,7 +357,7 @@ exports.removeChannelBan = function(channame, ip) { Logger.errlog.log("exports.removeChannelBan: DB connection failed"); return false; } - var query = "DELETE FROM chan_{1}_bans WHERE `ip` = '{2}'" + var query = "DELETE FROM `chan_{1}_bans` WHERE `ip` = '{2}'" .replace("{1}", sqlEscape(channame)) .replace("{2}", sqlEscape(ip)); results = db.querySync(query); @@ -371,7 +371,7 @@ exports.getChannelRanks = function(channame) { return false; } - var query = "SELECT * FROM chan_{}_ranks WHERE 1" + var query = "SELECT * FROM `chan_{}_ranks` WHERE 1" .replace("{}", sqlEscape(channame)); var results = db.querySync(query); diff --git a/server.js b/server.js index aa5f2b31..86fe85f1 100644 --- a/server.js +++ b/server.js @@ -9,7 +9,7 @@ The above copyright notice and this permission notice shall be included in all c THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. */ -const VERSION = "1.6.2"; +const VERSION = "1.6.3"; var fs = require("fs"); var Logger = require("./logger.js"); @@ -22,7 +22,7 @@ var API = require("./api.js"); var app = express(); app.get("/r/:channel(*)", function(req, res, next) { var param = req.params.channel; - if(!param.match(/^[a-zA-Z0-9]+$/)) { + if(!param.match(/^[a-zA-Z0-9-_]+$/)) { res.redirect("/" + param); } else { diff --git a/user.js b/user.js index f052ee96..1e0afb3a 100644 --- a/user.js +++ b/user.js @@ -81,7 +81,7 @@ User.prototype.initCallbacks = function() { this.socket.on("joinChannel", function(data) { if(data.name == undefined) return; - if(!data.name.match(/^[a-zA-Z0-9]+$/)) + if(!data.name.match(/^[a-zA-Z0-9-_]+$/)) return; if(data.name.length > 100) return; diff --git a/www/assets/js/client.js b/www/assets/js/client.js index e4fa77d1..538f714e 100644 --- a/www/assets/js/client.js +++ b/www/assets/js/client.js @@ -101,7 +101,7 @@ $(window).resize(function() { // Match URLs of the form http://site.tld/r/channel var loc = document.location+""; -var m = loc.match(/\/r\/([a-zA-Z0-9]+)$/); +var m = loc.match(/\/r\/([a-zA-Z0-9-_]+)$/); if(m) { CHANNEL = m[1]; }