ikibooru/obj.html.l
2024-06-01 17:40:11 +03:00

162 lines
6.4 KiB
Plaintext

{%
local obj, files, owner
if DB.isobjhexvalid(request:path():sub(7, 7 + 31)) then
obj = DB.getobj(DB.objshowid(request:path():sub(7, 7 + 31)))
end
if obj then
local virt = "/objd/" .. DB.objhideid(obj.id) .. "/"
local phys = DB.urltophysical(virt)
files = {}
for f in LFS.dir(phys) do
if f ~= "." and f ~= ".." then
local attribs = LFS.attributes(phys .. f)
table.insert(files, {name = f, size = attribs.size, modtime = attribs.modification, phys = phys .. f, virt = virt .. f})
end
end
table.sort(files, function(a,b)
if a.modtime == b.modtime then
return a.name < b.name
else
return a.modtime < b.modtime
end
end)
if verified and request:post() and request:post().csrf and DB.csrfverify(verified.id, Escapes.urlunescape(request:post().csrf)) then
if request:post().comment then
DB.postcomment(obj.id, verified.id, Escapes.urlspunescape(request:post().comment))
end
end
owner = DB.getuserbyid(obj.owner)
end
title = BigGlobe.cfg.sitename .. " - " .. (obj and obj.name or "Object not found")
%}
{% function content() %}
{% if obj then %}
<div style="display:inline-block;width:40%;vertical-align:top;">
<h2 style="margin-bottom:0;">{{ Escapes.htmlescape(obj.name) }}{% if verified and verified.id == obj.owner then %} <a href="/obje/{{ DB.objhideid(obj.id) }}">(edit)</a>{% end %}</h2>
<h5 style="margin-top:0;"><sup><a href="/user/{{ obj.owner }}">{{ Escapes.htmlescape(owner.displayname) }}</a> <span class="dt">{{ obj.createtime }}</span></sup></h5>
<p>Object has {{#files-1}} files:</p>
<ul id="filelist">
{% for _,f in pairs(files) do %}
{% if f.name ~= ".thumb.jpg" then %}<li><a onmouseenter="hover(this);" download href="{{ Escapes.htmlescape(f.virt) }}">{{ Escapes.htmlescape(f.name) }}</a> ({{ (f.size + 1023) // 1024 }}kB)</li>{% end %}
{% end %}
</ul>
<div>
{% for _,tag in pairs(DB.getobjtags(obj.id)) do %}
<div class="tag tc{{ tag.category }}" data-tagid="{{ tag.id }}">{{ Escapes.htmlescape(tag.name) }}</div>
{% end %}
</div>
{% if verified and verified.privs >= DB.USER_PRIVS_APPROVED then %}
<p><a href="/reportuser/{{ obj.owner }}" class="reportlink">(report)</a></p>
{% end %}
</div>
<div style="display:inline-block;width:58%;height:0;padding-bottom:58%;vertical-align:top;text-align:center;">
<div id="previewThings">
<img id="previewImg" src="" style="display:none;width:80%;margin-left:5%;" />
<audio id="previewAudio" controls style="display:none;width:80%;margin-left:5%;margin-top: 5em;"/>
</div>
<p id="previewName"></p>
</div>
{% if verified and verified.privs >= DB.USER_PRIVS_MOD then %}
{% local csrfval = Escapes.htmlescape(DB.csrf(verified.id)) %}
{% if owner.privs < verified.privs then %}
<div style="padding:1em;display:inline-block;text-align:left;vertical-align:top;background-color:#FFE0E0;">
<form action="/apprq" method="GET">
<p>Delete object?</p>
<input type="hidden" name="csrf" value="{{ csrfval }}" />
<input type="hidden" name="oid" value="{{ DB.objhideid(obj.id) }}" />
<input type="checkbox" name="banuser" id="banuserparam" /><label for="banuserparam">And ban the user</label><br /><br />
<input type="checkbox" name="delfiles" id="delfilesparam" /><label for="delfilesparam">And delete the files</label><br /><br />
<input type="checkbox" name="deliamsure" id="deliamsureparam" /><label for="deliamsureparam">I am sure</label><br /><br />
<input type="submit" value="Go" />
</form>
</div>
{% end %}
{% if not obj.approved then %}
<div style="padding:1em;float:right;text-align:right;vertical-align:top;background-color:#E0FFE0;">
<form action="/apprq" method="GET">
<p>Approve object?</p>
<input type="hidden" name="csrf" value="{{ csrfval }}" />
<input type="hidden" name="oid" value="{{ DB.objhideid(obj.id) }}" />
<input type="checkbox" name="approveuser" id="approveuserparam" /><label for="approveuserparam">And approve the user</label><br /><br />
<input type="checkbox" name="approveiamsure" id="approveiamsureparam" /><label for="approveiamsureparam">I am sure</label><br /><br />
<input type="submit" value="Go" />
</form>
</div>
{% end %}
{% end %}
<div class="comments">
{% for _, c in pairs(DB.getcomments(obj.id)) do %}
<div>
<h5><a href="/user/{{ c.authorid }}">{{ Escapes.htmlescape(c.authordisplayname) }}</a> <sub class="dt">{{ c.createtime }}</sub></h5>
<div><p>{{ Escapes.htmlescape(c.content):gsub("\n\n", "</p><p>") }}</p></div>
<a href="/reportuser/{{ c.authorid }}" class="reportlink">(report)</a>
</div>
{% end %}
{% if verified then %}
<form action="#" method="POST" style="margin-top:2em;">
<input type="hidden" name="csrf" value="{{ Escapes.htmlescape(DB.csrf(verified.id)) }}" />
<textarea class="uf" placeholder="Comment (max {{BigGlobe.MAX_COMMENT_SIZE}})..." name="comment"></textarea>
<button>Post</button>
</form>
{% end %}
</div>
<script>
var lasthover = null
var autohov = document.querySelector("ul#filelist > *")
document.getElementById("previewAudio").onloadstart = function() {
document.getElementById("previewAudio").style.display = ""
document.getElementById("previewImg").style.display = "none"
}
function hover(el) {
if(lasthover == el) return;
lasthover = el
var xhr = new XMLHttpRequest()
xhr.open("HEAD", el.getAttribute("href"), true)
xhr.responseType = "blob"
xhr.onload = function() {
var typ = xhr.getResponseHeader("Content-Type")
if(typ.startsWith("image")) {
var img = new Image()
var name = el.innerText
img.onload = function() {
document.getElementById("previewImg").style.display = ""
document.getElementById("previewAudio").style.display = "none"
document.getElementById("previewImg").setAttribute("src", img.src)
document.getElementById("previewName").innerText = name
}
img.src = el.getAttribute("href")
} else if(typ.startsWith("audio")) {
document.getElementById("previewAudio").setAttribute("src", el.getAttribute("href"))
document.getElementById("previewAudio").load()
document.getElementById("previewName").innerText = el.innerText
}
}
xhr.send()
}
hover(autohov.querySelector("a"))
</script>
{% else %}
<p>Object was not found.</p>
{% end %}
{% end %}
{# base.inc