Commit Graph

397 Commits

Author SHA1 Message Date
Bobby Wibowo
d5cd5b7b5b
Updated
Uploads thumbs view (dashboard) will no longer use smooth scrolling on
page change, etc.
This used to cause all thumbs to be loaded anyway when navigating with
its bottom pagination bar.

Bumped v1 version string.

---

Updated dependency:
systeminformation: 4.14.17 -> 4.15.3
2019-11-13 13:21:36 +07:00
Bobby Wibowo
a28d862c14
Added group bypass to virus scanning
Also better-ish scan results handling again, I guess

Updated dependency knex: 0.20.0 -> 0.20.1
2019-11-06 03:35:04 +07:00
Bobby Wibowo
8f48889c90
Updated dependencies 2019-10-29 05:37:25 +07:00
Bobby Wibowo
36763c2a77
Security fix
Replaced all instances of DB .whereRaw with their much safer equivalent
methods.

All previous usages of .whereRaw were vulnerable to SQL injections,
cause we were passing the data directly.

Fortunately, they were only used in API routes that required staff
(moderators included) accounts.

---

Updated dependency:
helmet: 3.21.1 -> 3.21.2
2019-10-22 10:52:52 +07:00
Bobby Wibowo
cf8d2895f1
Updated dependencies
systeminformation: 4.14.12 -> 4.14.16
browserslist: 4.7.0 -> 4.7.1
2019-10-21 17:51:31 +07:00
Bobby Wibowo
321e4557db
Updated dependencies
systeminformation: 4.14.11 -> 4.14.12
gulp-stylelint: 9.0.0 -> 10.0.0
2019-10-15 17:46:09 +07:00
Bobby Wibowo
7855801d62
Updated
Rewritten codes for home uploader config.
All options are now defined in a single config object in home.js.
Config tab content will be dynamically generated through that config.
This should eliminate the need of modifying home.njk whenever a new
option needs to be added,
make the codes more readable, and easier to extend.

Upgrade stylelint dev dependency.

Bumped v1 version string.
2019-10-11 12:36:59 +07:00
Bobby Wibowo
b2f96360ae
Updated knex.js to 0.19.5
Renamed todo.md to TODO.md

Edited a todo task
2019-10-09 12:36:19 +07:00
Bobby Wibowo
256686f400
Updated dependencies 2019-10-06 05:24:20 +07:00
Bobby Wibowo
582440e5ef
Updated sharp to 0.23.1 2019-09-28 16:45:36 +07:00
Bobby Wibowo
a233dd6bba
Updated helmet 2019-09-22 11:40:59 +07:00
Bobby Wibowo
6133554013
Updated stylelint dev dependency 2019-09-20 12:19:28 +07:00
Bobby Wibowo
a79803cbd6
Updated
Added gulp-replace dev dependency.

Removed version strings of Fontello fonts from fontello.css

Added "build:fontello" Gulp task which will append version string to
Fontello fonts, then do the usual processing for CSS file.
It will use type 5 from versions.json, if available.
Also updated src/README.md about it.
2019-09-19 20:39:23 +07:00
Bobby Wibowo
8ab77a6464
Updated
Removed version strings from _globals.njk,
in favor of src/versions.json.
That versions in that file can be bumped with "yarn bump-versions".
v1 is automatically bumped when doing "yarn build" as well.

Added README file in src directory, explaining versions.json file.

Added README file in scripts directory, detailing usage of each scripts.

Version strings will no longer be appended when cacheControl is disabled
in config file.
After all, version strings are only needed when the static assets are
cached indefinitely in users' browsers.

Initial Cloudflare's cache purging will no longer be executed when
cloudflare -> purgeCache is disabled, even if cacheControl is enabled.
Just in case someone wants to use version strings for other use cases.

Actually use custom metaDesc variable on meta description tag.
2019-09-19 19:10:37 +07:00
Bobby Wibowo
9e9b0d4439
Updated
Updated some dev dependencies.

---

Gulp will now build CSS/JS files during development into dist-dev
directory, to prevent IDE's Git from unnecessarily building diff's.

Added dist-dev to ignore files.

---

The entire config fille will now be passed to Nunjuck templates for ease
of access of config values.

Root domain for use in Nunjuck templates will now be parsed from config.

Better page titles.

Updated help message for "Uploads history order" option in
homepage's config tab.

Added "Load images for preview" option to homepage's config tab.
Setting this to false will now prevent image uploads from loading
themselves for previews.

Uploads' original names in homepage's uploads history are now
selectable.

Min/max length for user/pass are now enforced in auth's front-end.

Improved performance of album public pages.
Their generated HTML pages will now be cached into memory.
Unfortunately, No-JS version of their pages will be cached separately,
so each album may take up to double the memory space.

File names in thumbnails no longer have their full URLs as tooltips.
I saw no point in that behavior.

Added video icons.
Homepage's uploads history will now display video icons for videos.

"View thumbnail" button in Dashboard is now renamed to "Show preview".
Their icons will also be changed depending on their file types.

Added max length for albums' title & description.
These will be enforced both in front-end and back-end.
Existing albums that have surpassed the limits will not be enforced.

A few other small improvements.
2019-09-17 11:13:41 +07:00
Bobby Wibowo
c9ba16e1d6
Updates (very important to read)
Client-side CSS & JS files will now be processed with Gulp.
Gulp tasks are configured in gulpfile.js file.

CSS files will be optimized with postcss-preset-env, which will
auto-add vendor prefixes and convert any parts necessary for browsers
compatibility.
Afterwards they will be minified with cssnano.

JS files will be optimized with bublé,
likewise for browsers compatibility.
Afterwards they will be minified with terser.

Unprocessed CSS & JS files will now be located at src directory, while
the processed results will be located at dist directory.

Due to bublé, the JS files should now be compatible up to IE 11
at the minimum.
Previously the safe would not work in IE 11 due to extensive usage of
template literals.
Due to that as well, JS files in src directory will now extensively use
arrow functions for my personal comfort (as they will be converted too).

The server will use the processed files at dist directory by default.
If you want to rebuild the files by your own, you can run "yarn build".
Gulp is a development dependency, so make sure you have installed all
development dependencies (e.i. NOT using "yarn install --production").

---

yarn lint -> gulp lint

yarn build -> gulp default

yarn watch -> gulp watch

yarn develop -> env NODE_ENV=development yarn watch

---

Fixed not being able to demote staff into normal users.

/api/token/verify will no longer respond with 401 HTTP error code,
unless an error occurred (which will be 500 HTTP error code).

Fixed /nojs route not displaying file's original name when a duplicate
is found on the server.

Removed is-breeze CSS class name, in favor of Bulma's is-info.

Removed custom styling from auth page, in favor of global styling.

Removed all usage of style HTML attribute in favor of CSS classes.

Renamed js/s/ to js/misc/.

Use loading spinners on dashboard's sidebar menus.

Disable all other sidebar menus when something is loading.

Changed title HTML attribute of disabled control buttons in
uploads & users list.

Hid checkboxes and WIP controls from users list.

Better error messages handling.
Especially homepage will now support CF's HTTP error codes.

Updated various icons.
Also, added fontello config file at public/libs/fontello/config.json.
This should let you edit them more easily with fontello.

Use Gatsby icon for my blog's link in homepage's footer.

A bunch of other improvements here & there.
2019-09-15 13:20:11 +07:00
Bobby Wibowo
10a464bc73
Updated
Moved authors info to AUTHORS file.

Updated Git urls in package.json file.

Added .stylelintrc.

Updated all CSS files to respect current Stylelint guidelines.

Updated dependency: knex.js.

Fixed notice message in no-js version of album public pages.

Bumped v1 version string.
2019-09-12 14:44:31 +07:00
Bobby Wibowo
02e2e402c3
!!! MASSIVE OVERHAUL !!!
As the title says, this commit is a massive overhaul.
I've rewritten/restrucuted almost everything in the controller scripts.
Because of that, there's a considerable possibility that I've broken
something somewhere.

Notable changes:

Added temporary uploads.

Removed file name length changer from dashboard,
in favor of an equivalent in homepage config tab.
This allows non-registered users to also set file name length.

A bunch of other undocmented stuff.
I don't know, I'm too tired to remember them all.
2019-09-08 08:56:29 +07:00
Bobby Wibowo
05b905bc9b
Updated
Upgraded dependencies.

Stop adding cache-control header to album zip files unless
config.cacheControl is enabled.

Updated CSS files.
Moved thumbnail-related styling to thumbs.css.
Various other fixes & improvements.

Moved render.js from public/js to public/js/s.

Removed sharex.js in favor of public/js/s/utils.js.
Moved getPrettyDate() & getPrettyBytes() to that JS file as well.

Added lsKeys global variable wherever applicable.
Previously the idea was only used in dashboard.js.

Added No-JS version of album public pages.
You'll only have to add ?nojs to the URL.
Viewing the regular version with JS disabled will show a notice with
a link to the No-JS version of the particular album.
Overall page size of the regular version will now be lower as well,
since there'll be no need to add noscript tag for each thumbs.

No longer show Administrator section to non-admin in the dashboard.
Moderators will ONLY be able to see manage users menu as well.

Simplified FAQ wherever applicable.
Added a new FAQ about bug report or feature request.

Updated link for Firefox extension.
Also pushed Firefox link before Chrome, cause I like it more.

Added browser settings menu to dashboard.
This allows you to choose file size unit (kilobyte vs kibibyte) for that
specific browser.
The preference will be used on homepage, dashboard and album pages.
This also allows you to set chunk size and maximum parallel uploads
for the homepage uploader.

All menu links in the dashboard will now scroll to the content once
loaded.
Previously it would only do so with manage uploads/users when
switching pages.

Refactored all instances of for-in & for-of loop from browser JS files.
For the sake of uniformity, for now.
2019-09-02 02:23:16 +07:00
Bobby Wibowo
7e3d177d00
Updated
Added logger.js to format console logs (adding timestamps).

Re-ordered modules loading in lolisafe.js, and a few other minor edits.

Updated dev dependencies.

A few other minor edits.
2019-08-27 00:02:06 +07:00
Bobby Wibowo
14d69bf1c1
Updated dev dependencies 2019-08-20 06:04:27 +07:00
Bobby Wibowo
63e26462ea
Updated
Pressing Enter on the auth form will now properly make it try to login.

Slightly better error messages on auth page.

Bumped v1 version string.

Updated dependencies (knex & sqlite).
2019-08-18 16:57:56 +07:00
Bobby Wibowo
6496b03b71
Updates
Updated deps.

Re-enabled eslint rule no-async-promise-executor.
Updated some codes to follow the said rule.
Though I had to disable the rule in a line at utilsController.js
due to complexity.
I'll give it more thoughts in the future.

Bumped v1 version string.
2019-08-04 06:37:55 +07:00
Bobby Wibowo
0e64942a6f
Updated package.json
Added an "echo" at the end of yarn pull script to avoid yarn recognizing
error from "git stash pop" if there were no local changes stashed.
2019-07-21 05:29:22 +07:00
Bobby Wibowo
6adf982fb6
Updated package.json
Use --production option by default for yarn pull shortcut.
2019-07-21 05:20:02 +07:00
Bobby Wibowo
aab8058b28
Updated dependencies 2019-07-21 05:17:45 +07:00
Bobby Wibowo
1b79ee3e91
Updated dependencies 2019-07-18 06:02:45 +07:00
Bobby Wibowo
34347915ab
Updated dependencies 2019-07-14 17:04:31 +07:00
Bobby Wibowo
32604bc35e
Updated dependencies 2019-07-11 05:08:13 +07:00
dependabot-preview[bot]
1e0e4efc83 Bump eslint-plugin-promise from 4.1.1 to 4.2.1 (#20)
Bumps [eslint-plugin-promise](https://github.com/xjamundx/eslint-plugin-promise) from 4.1.1 to 4.2.1.
- [Release notes](https://github.com/xjamundx/eslint-plugin-promise/releases)
- [Changelog](https://github.com/xjamundx/eslint-plugin-promise/blob/master/CHANGELOG.md)
- [Commits](https://github.com/xjamundx/eslint-plugin-promise/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-03 22:44:53 +07:00
dependabot-preview[bot]
762a3cadb7 Bump eslint-plugin-import from 2.17.3 to 2.18.0 (#19)
Bumps [eslint-plugin-import](https://github.com/benmosher/eslint-plugin-import) from 2.17.3 to 2.18.0.
- [Release notes](https://github.com/benmosher/eslint-plugin-import/releases)
- [Changelog](https://github.com/benmosher/eslint-plugin-import/blob/master/CHANGELOG.md)
- [Commits](https://github.com/benmosher/eslint-plugin-import/compare/v2.17.3...v2.18.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-03 22:44:43 +07:00
dependabot-preview[bot]
5e42ce01e9 Bump knex from 0.17.6 to 0.18.1 (#22)
Bumps [knex](https://github.com/tgriesser/knex) from 0.17.6 to 0.18.1.
- [Release notes](https://github.com/tgriesser/knex/releases)
- [Changelog](https://github.com/tgriesser/knex/blob/master/CHANGELOG.md)
- [Commits](https://github.com/tgriesser/knex/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-03 22:44:27 +07:00
dependabot-preview[bot]
ec6069d962 Bump express-rate-limit from 4.0.4 to 5.0.0 (#18)
Bumps [express-rate-limit](https://github.com/nfriedly/express-rate-limit) from 4.0.4 to 5.0.0.
- [Release notes](https://github.com/nfriedly/express-rate-limit/releases)
- [Commits](https://github.com/nfriedly/express-rate-limit/compare/v4.0.4...v5.0.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-06-14 20:32:30 +07:00
dependabot-preview[bot]
8eb3ff9a0d Bump sqlite3 from 4.0.8 to 4.0.9 (#16)
Bumps [sqlite3](https://github.com/mapbox/node-sqlite3) from 4.0.8 to 4.0.9.
- [Release notes](https://github.com/mapbox/node-sqlite3/releases)
- [Changelog](https://github.com/mapbox/node-sqlite3/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mapbox/node-sqlite3/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-06-14 20:32:14 +07:00
dependabot-preview[bot]
9f29335214 Bump knex from 0.17.3 to 0.17.6 (#17)
Bumps [knex](https://github.com/tgriesser/knex) from 0.17.3 to 0.17.6.
- [Release notes](https://github.com/tgriesser/knex/releases)
- [Changelog](https://github.com/tgriesser/knex/blob/master/CHANGELOG.md)
- [Commits](https://github.com/tgriesser/knex/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-06-14 20:31:29 +07:00
Bobby Wibowo
5c41fc9249
Updates
utilsController.js:
+ /api/stats: Cache invalidation requests will now only store timestamp
of the request instead of purging the cache entirely.
Subsequent requests to the API will no longer attempt to generate stats
if a previous request before it is still generating, since it can
take a while in big sites.
So instead, the cached stats will be returned to them, regardless of
whether it's still valid.
This should avoid "race condition" in sites with multiple admins.

* dashboard.js:
+ Added an appendix into "Delete by names" feature in dashboard to
inform staffs that they can use the feature to delete files by other
users as well.
+ Added comments explaning the need of page.domClick() function.
+ Addition to the change regarding /api/stats route: If there is no
cached stats, but a previous request is still generating, inform
the user about it.

config.sample.js + lolisafe.js:
+ We now support configuring rate limits through config file.
No more hard-coded rate limits.
Don't forget to update your config.js accordingly.

package.json + yarn.lock:
+ Updated dependencies.
2019-06-04 02:40:24 +07:00
Bobby Wibowo
a8ae88babd
Updated dependencies 2019-05-07 19:35:56 +07:00
Bobby Wibowo
8c3fb78135
Upates
* Added Statistics menu to Administration items in dashboard.

* Added /api/stats route.

Imo, my implementation of this whole thing is rather dirty-ish, but hey
as long as it works.

I'll be using lolisafe2 for future devs tbh.
2019-04-06 00:32:52 +07:00
Bobby Wibowo
e765b8d896
Updated package.json 2019-04-05 06:46:47 +07:00
Bobby Wibowo
2b8f52ff72
Merge branch 'master' into safe.fiery.me 2019-03-28 03:42:27 +07:00
Nathan DECHER
69e3c6e5f5 updated deps to make it work with node 10.x 2019-02-18 22:46:12 +01:00
Bobby Wibowo
e5457d9dba
Updated dependencies 2019-01-10 15:56:09 +07:00
Bobby Wibowo
8780d6429b
Updates
NoJS uploader will now display the original file names in the results.

lolisafe.js will now automaticaly purge Cloudflare's cache of frontend
pages everytime it launches.
Of course this only applies when cacheControl is on in config file.
This sorta makes scripts/cfpurge.js script obsolete.
2019-01-09 17:11:45 +07:00
Bobby Wibowo
d503d65c22
Updated package.json
Added "yarn cfpurge" as a shortcut to "node ./scripts/cfpurge.js".

"yarn pm2restart" will now call "yarn cfpurge" after restarting PM2.
2019-01-06 13:28:54 +07:00
Bobby Wibowo
e55a04c156
Updates
Added cfpurge.js to scripts directory.
This can be used to purge cache of frontend pages and uploads.
Do "node scripts/cfpurge.js --help" for usage.

Removed "randver" from package.js/scripts.
I've installed randomstring globally instead and just simply do:
randomstring n
Back then I didn't know it could be used that way.
2019-01-06 13:27:17 +07:00
snyk-bot
563c839125 fix: package.json to reduce vulnerabilities
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/npm:braces:20180219
- https://snyk.io/vuln/npm:deep-extend:20180409
- https://snyk.io/vuln/npm:extend:20180424
2018-12-07 22:10:56 +00:00
Bobby Wibowo
6af52341c9
Init ids-cache branch 2018-12-03 16:18:52 +07:00
Bobby Wibowo
6f03726b9d
Updated package.json 2018-12-03 14:24:10 +07:00
Bobby Wibowo
b6bd833110
Replace graphicsmagick with sharp 2018-12-03 14:20:13 +07:00
Pascal Temel
fa8ef06764 remove npm from package.json 2018-11-30 23:01:58 +01:00
Pascal Temel
05c17f2dc9 replace graphicsmagick with sharp 2018-11-30 22:58:42 +01:00
Bobby Wibowo
6149f46831
Updated package.json 2018-11-24 16:03:12 +07:00
Bobby Wibowo
6af1f6f490
Removed chokidar resolution
I added the resolution since an issue was reported by Snyk.io.
But I recently noticed that it prevents installation on node 10.x.
I haven't checked whether the resolution is still necessary though.

Also removed .vscode settings.
I plan to add a cleaner way for this later.
2018-11-24 15:18:23 +07:00
Bobby Wibowo
30c011ce5c
Replaced snekfetch with node-fetch 2018-09-23 23:28:15 +07:00
Bobby Wibowo
65442c18c5
Reworked extension parsing
Removed "path-complete-extname" module in favor of an in-house solution, utilsController.extname().

For now the function will attempt to preserve multi-archive extensions (.001, .002, and so on), as well as some known tarballs (.tar.gz and the likes).

The function will always return lower case extension. It should be fine, but do keep it in mind.
2018-09-18 02:32:27 +07:00
Bobby Wibowo
715132a0d6
Updated package.json
Added a new yarn script/shortcut, "yarn randver". It's a shortcut to a one-liner node script to generate 10 characters long of a random string using "randomstring" module.
This will be used for version strings in _globals.njk.
2018-09-07 22:26:29 +07:00
Bobby Wibowo
a207c4a806
Init 'clamdjs' branch (#8)
Use clamdjs module instead of clam-engine. This module connects to clam daemon server.
2018-09-04 22:48:24 +07:00
Bobby Wibowo
36da76357e
Updates
* Added an experimental virus scanning feature using ClamAV. This has only been tested with an Ubuntu machine.

* File extensions will now be parsed with path-complete-extname module. This will ensure extensions such as .tar.gz are properly parsed.

Notice: It may take a minute or so to start the safe with virus scanning, as apparently the module takes a while to create the engine. I'm guessing since it'll be loaded to memory? Either way, once the engine is created, everything should work fine. Virus scanning should also not have that much of an impact to the upload time.
2018-09-02 03:37:26 +07:00
Bobby Wibowo
e204187efc
Updates
* Updated README.md to include information about the thumbnails generation script.

* Added .markdownlint.json to disable 2 rules from markdownlint.
2018-08-21 06:24:50 +07:00
Bobby Wibowo
f043f65ca1
Updates
* Added Cloudflare purge cache support. Check configuration sample at config.sample.js.
When it's enabled, whenever files are being deleted, it will send a POST request to Cloudflare's API to purge cache of the deleted files.
This adds a new dependency called "snekfetch". It's lightweight though.

* uploadsController.delete() will now wrap uploadsController.bulkDelete() instead.
2018-05-09 16:53:27 +07:00
Bobby Wibowo
715c821c14
Updates
* Bumped node requirement to >= 8.0.0 (due to async/await).

* Moved ESLint config to .eslintrc.json.

* Moved ESLint ignore to .eslintignore.

* Bumped ESLint's ecmaVersion to 8, although it was probably already automatically set to that before.

* Bugfix line 110 of albumsController.js.
2018-05-01 00:32:50 +07:00
Shumatsu
44ca2dd53d De loli-safe (#77)
* Change all occurences of loli-safe to lolisafe

Saw that repository was renamed, links were changed, but a lot of files of lolisafe were unchanged. So I followed the links and changed what seemed safe to change. Which turned out to be all occurences. 

Also, bumped the copyright.

* Change year in LICENSE

This seems to be the proper format.

* Image fix

It was out of focus.

* Relative image path

Heard on StackOverflow it can be done like this.
2018-04-26 08:54:07 +02:00
Bobby Wibowo
6a25eaac05
Updates
* Updated yarn.lock.

* Added resolution for chokidar. This is going to be used by nunjucks if "watch" is set to true. Although we don't really use it, chokidar 1.x has a vulnerability.
2018-04-25 18:39:54 +07:00
Bobby Wibowo
c2db094e62
Updated dependencies
I forgot to remove handlebars completely, lmao.
Also updated vscode's settings. Temporarily only using "michelemelluso.code-beautifier" extension to beautify CSS until I find a better alternative.
2018-04-19 04:19:05 +07:00
Bobby Wibowo
09f51c8448
Updates~ 😉
Thanks to Zephyrrus for the hints about nunjucks, sort of (he did not really give out any specific hints to me, I stalked his fork, lmao).

* Replaced Handlebars with Nunjucks.

* Replaced all static HTML files with their NJK-equivalent (excluding error pages).

* Renamed "albumDomain" to "homeDomain" in config.sample.js (make sure you update your config.js too).

* Updated dependencies: knex and eslint-plugin-import (dev).

* Updated vscode's settings.json (I may update this again very soon).
2018-04-19 04:00:36 +07:00
Bobby Wibowo
7978325cd6
Updates
* Removed rimraf from dependency. Although really it'll still need to be used by other dependencies, such as eslint and bcrypt, so it'll still have to be downloaded by yarn either way.

* Updated dashboard.css. Added "overflow: hidden" to thumbnail container. Previously potrait thumbnails will be visible outside of their container.

* Removed notice about having "chunks" folder from config.sample.js. Added a line in lolisafe.js to create the folder if it doesn't exist instead.

* Updated bcrypt to v2.0.0. I'm not really sure whatever has changed, but I've tested that it didn't require any additional changes for our current usage.

* Chunks will no longer be saved with their original file's extension. Instead they'll only be saved as plain files named 0, 1, ..., n, without any extension whatsoever. Extension for joined chunks will be read from the original file's name in /api/upload/finishchunks. If the user doesn't pass that data when calling the API, the joined chunks will not have any extension.

* Since rimraf has been removed, uploadsController.actuallyFinishChunks() will now use a combination of fs.unlink() and fs.rmdir(). Promise.all() will be used when running fs.unlink() so that all chunks will be deleted at the same time through multiple instances of async tasks (probably).

* Some other small changes and tweaks in uploadController.js.
2018-04-09 01:30:25 +07:00
Bobby Wibowo
b1dbb931c1
Updates
* Updated eslint-plugin-import dev dependency.

* Added 2 new ESLint rules: "prefer-const" and "object-shorthand".

* Refactor all JS files to follow the new ESLint rules.

* Refactored all instances of for-i into for-of wherever applicable.
2018-04-05 17:52:57 +07:00
Bobby Wibowo
b31f28ddcf
Updates
* De loli-safe wherever it's safe to do so.

* Removed bulma tooltip. Sigh, it came from an impulsive decision out of boredom to begin with.

* Chrome extension and GitHub links in home page will now open in new tab.

* File's link in the dashboard's list will still show the full URL in its tooltip, but it will no longer use bulma tooltip extension.
2018-04-04 23:47:20 +07:00
Bobby Wibowo
8f41cd6f8c
Updates
* Fixed information of selected files being cleared when canceling either add to album or bulk delete prompt.

* Add to album prompt will now show how many files are going to be moved.

* Fixed bulk delete failing to reload file list properly when being used while listing an album.

* Added new ESLint rule "quotes" with option "single". I'm pretty sure Standard used to have this as default. I actually liked that back then.
2018-03-31 23:34:16 +07:00
Bobby Wibowo
2dd724f88f
Updates
* Switched standard to eslint with eslint-config-standard (and 4 more eslint plugins needed by standard).

* Added "curly" eslint rule with "all" option. I like it.

* Refactored all JS files to apply the new "curly" eslint rule.

* Renewed axios.min.js, dropzone.min.js and sweetalert.min.js. Re-minified and added a small comment stating their version and copyright statement.

* Some buttons in dashboard will now show loading icon whenever they're waiting for response from the server.

* Updated README.md and .gitignore.
2018-03-29 00:40:50 +07:00
Bobby Wibowo
66a63ca6d6
Updates (YAY, CHUNKED UPLOADS!)
* Added new dependency: rimraf. This will be used by chunked upload support to bulk delete temporary chunk files.

* Added chunked uploads support :3

* Updated Dropzone to 5.2.0.

* More improvements to thumbnail view. Delete button will now only appear on hover. Some other details, such as file name, size and album/owner will also appear on hover. Touch devices will have all of those appear always visible by default.

* Image thumbnails will now appear on home page after successful uploads (only for WEBP, JPG, JPEG, BMP, GIF and PNG files). WEBP may not work properly in Firefox though.

* Refactored home.js to use const/let and some other stuff.

* Refactored album view. It will now display properly on mobile screen. Download Album button will also no longer be located at the top right, but right below the subtitle.

* Updated some version strings.

* And maybe some others that I can't remember.
2018-03-28 18:36:28 +07:00
Bobby Wibowo
076be2cfec
Updated dependencies and yarn.lock file 2018-03-17 03:17:32 +07:00
snyk-bot
d5600909be fix: package.json to reduce vulnerabilities
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/npm:hoek:20180212

Latest report for bobbywibowo/lolisafe:package.json:
https://snyk.io/test/github/bobbywibowo/lolisafe?targetFile=package.json
2018-03-16 20:08:55 +00:00
Bobby Wibowo
c2b2f5b14b
Updates
* Properly merged changes from master.

* database/migration.js will now exit after migartion.

* Replaced all instances of createTableIfNotExists() into a combination of hasTable() and createTable() in db.js.
2018-03-14 13:57:09 +07:00
iCrawl
8a75ab91a6
update deps and add dockerfile 2018-03-01 22:03:47 +01:00
Bobby Wibowo
fc71601074
Updates
* Show horizontal scrollbar for table only when needed.

* Cache-Control for static files.
2018-01-24 23:04:21 +07:00
Bobby Wibowo
32dd070e49
Yet another bunch of updates
* Self-host all libs (including but not limited to Font Awesome icons). LICENSE files were properly included as well.

* Temporarily disabling error pages.

* Added "start" and "pm2" scripts. To be used with "yarn SCRIPT_NAME" or "npm run SCRIPT_NAME".

* Added container for the tables in dashboard. On narrow screens, such as phones, users will then have the ability to use horizontal scroll on the tables.

* Fixed various resource paths. This should now work properly when not being hosted in root domain (e.i. https://fiery.me/lolisafe/).

* Before checking API, the "Running in ..." button will now say "Loading..." instead.
2018-01-24 22:31:23 +07:00
Bobby Wibowo
bcdfcd7064
Various updates
* Switched ESLint + Aqua to Standard. I'm a big fan of Standard. Updated yarn.lock file too.

* Lots of refactors to follow the rules of Standard.

* Fixed issue with uploading as a not logged in user.
2018-01-24 03:06:30 +07:00
Bobby Wibowo
883a601358
Breaking changes
All of these changes are for safe.fiery.me.
2018-01-24 00:15:32 +07:00
Pitu
992b632d1a Added album downloading through front-end 2017-10-04 02:05:38 -03:00
Pitu
4b0b015c41 Renaming and version bump 2017-10-03 23:45:01 -03:00
Pitu
6aa57285d4 Removed eslint file, enforced it on package.json 2017-10-03 17:34:57 -03:00
Pitu
e6bd937879 Added handlebars dependency and yarn.lock 2017-09-20 03:02:14 -03:00
Caroline
ce23b0f19d Keep the bad guys out >:c (#36) 2017-04-27 09:04:19 +02:00
Pitu
dfcbac0c31 Version v2.2.0 bump 2017-02-07 05:14:01 -03:00
Pascal Temel
facf4a29fc support thumbnails for .webm and .mp4 files 2017-02-07 00:53:22 +01:00
Pitu
67411d7fa9 Added rate limiting 2017-02-01 19:46:10 -03:00
Pitu
fbb8271658 Version bump 2017-01-31 03:44:19 -03:00
Pitu
6ba17a66d6 Bumped version 2017-01-30 05:11:25 -03:00
Pitu
1d45d6d881 Unfucked my latest commit to this file 2017-01-30 04:42:02 -03:00
Pitu
a7201c4b96 Added eslint because I don't know what im doing 2017-01-29 22:51:48 -03:00
Pitu
c242bf7757 Included bcrypt on package.json 2017-01-29 04:19:30 -03:00
Pitu
56e24c9203 Removed unused dependency 2017-01-22 18:21:47 -03:00
Pitu
3f4b879144 List and thumb view on uploads 2017-01-22 18:01:39 -03:00
Pitu
83aaef0f82 Changed request system and post data
Changed from XMLHttpRequest to Axiios and made every POST call to look for params or json and not pass the values as headers. Token is still a header though
2017-01-19 02:37:35 -03:00
kanadeko
b81cf72ac4 Changed from ip whitelist to token based auth 2017-01-14 18:13:58 -03:00
Pitu
376cf10663 First version 2017-01-13 04:34:21 -03:00