diff --git a/src/acp.js b/src/acp.js index fd670401..14dc37ac 100644 --- a/src/acp.js +++ b/src/acp.js @@ -91,14 +91,21 @@ function handleGlobalBanDelete(user, data) { } function handleListUsers(user, data) { - var name = data.name; - if (typeof name !== "string") { - name = ""; - } + var value = data.value; + var field = data.field; + value = (typeof value !== 'string') ? '' : value; + field = (typeof field !== 'string') ? 'name' : field; var fields = ["id", "name", "global_rank", "email", "ip", "time"]; - db.users.search(name, fields, function (err, users) { + if(!fields.includes(field)){ + user.socket.emit("errMessage", { + msg: `The field "${field}" doesn't exist or isn't searchable.` + }); + return; + } + + db.users.search(field, value, fields, function (err, users) { if (err) { user.socket.emit("errMessage", { msg: err diff --git a/src/database/accounts.js b/src/database/accounts.js index cf75a470..bd6b6b3f 100644 --- a/src/database/accounts.js +++ b/src/database/accounts.js @@ -51,29 +51,16 @@ module.exports = { }, /** - * Search for a user by name + * Search for a user by any field */ - search: function (name, fields, callback) { - /* This bit allows it to accept varargs - Function can be called as (name, callback) or - (name, fields, callback) - */ - if (typeof callback !== "function") { - if (typeof fields === "function") { - callback = fields; - fields = ["name"]; - } else { - return; - } - } - + search: function (where, like, fields, callback) { // Don't allow search to return password hashes if (fields.indexOf("password") !== -1) { fields.splice(fields.indexOf("password")); } - db.query("SELECT " + fields.join(",") + " FROM `users` WHERE name LIKE ?", - ["%"+name+"%"], + db.query(`SELECT ${fields.join(",")} FROM \`users\` WHERE ${where} LIKE ?`, + ["%"+like+"%"], function (err, rows) { if (err) { callback(err, true); diff --git a/templates/acp.pug b/templates/acp.pug index a3ca46ad..1f742e61 100644 --- a/templates/acp.pug +++ b/templates/acp.pug @@ -69,10 +69,12 @@ html(lang="en") button#acp-gban-submit.btn.btn-danger Add ban #acp-user-lookup.acp-panel.col-md-12(style="display: none") h3 Users - .input-group(style="max-width: 25%") - input#acp-ulookup-name.form-control(type="text") + .input-group(style="max-width: 50%") + input#acp-ulookup-query.form-control(type="text") span.input-group-btn - button#acp-ulookup-btn.btn.btn-default Search + button#acp-ulookup-btn-name.btn.btn-default(data-field="name") Search Name + span.input-group-btn + button#acp-ulookup-btn-email.btn.btn-default(data-field="email") Search Email table.table.table-bordered.table-striped(style="margin-top: 20px") thead tr diff --git a/www/js/acp.js b/www/js/acp.js index 20393840..e9eef7f3 100644 --- a/www/js/acp.js +++ b/www/js/acp.js @@ -135,7 +135,7 @@ socket.on("acp-gbanlist", function (bans) { /* User listing */ (function () { var doSearch = function () { - if ($("#acp-ulookup-name").val().trim() === "") { + if ($("#acp-ulookup-query").val().trim() === "") { if (!confirm("You are about to list the entire users table. " + "This table might be very large and take a long " + "time to query. Continue?")) { @@ -143,14 +143,16 @@ socket.on("acp-gbanlist", function (bans) { } } socket.emit("acp-list-users", { - name: $("#acp-ulookup-name").val() + value: $("#acp-ulookup-query").val(), + field: $(this).data()["field"] }); }; - $("#acp-ulookup-btn").click(doSearch); - $("#acp-ulookup-name").keyup(function (ev) { + $("#acp-ulookup-btn-name").click(doSearch); + $("#acp-ulookup-btn-email").click(doSearch); + $("#acp-ulookup-query").keyup(function (ev) { if (ev.keyCode === 13) { - doSearch(); + $("#acp-ulookup-btn-name").click(); } }); })();