Improved performance of /api/users/:id (admin's manage users).
Promisify fs.writeFile.
Improved performance of /api/stats.
By a lot in Linux, cause uploads size will be deferred to "du" binary.
In addition, total usage of whichever disk uploads path resides on will
also be queried using "df" binary.
Non-Linux will have to rely on manual calculation by querying DB
for each upload's size.
But logics related to uploads stats were also improved to be almost
twice as fast as before.
Improved parsing of /api/stats results on dashboard.js.
This allows ease of extending server's response by not having to update
dashboard.js by much, if at all.
Improved codes relating to item menus in dashboard's sidebar.
Finally much cleaner now 👍
No longer use /api/upload/delete API route from dashboard.
Single file deletion and bulk files deletion, both from uploads list or
by names, will now properly use a single function that will use
/api/upload/bulkdelete API route.
/api/upload/delete will still be kept indefinitely for backward support.
Fixed oddities with Select all checkbox.
Replaced all instances of modifying HTML element's style attribute with
adding/removing is-hidden CSS helper class.
Rephrased all instances of "files" to "uploads" in any display strings.
Fixed notice message when server is on private mode.
A few other improvements.
As the title says, this commit is a massive overhaul.
I've rewritten/restrucuted almost everything in the controller scripts.
Because of that, there's a considerable possibility that I've broken
something somewhere.
Notable changes:
Added temporary uploads.
Removed file name length changer from dashboard,
in favor of an equivalent in homepage config tab.
This allows non-registered users to also set file name length.
A bunch of other undocmented stuff.
I don't know, I'm too tired to remember them all.
Removed browser settings from dashboard,
in favor of config tab in homepage.
With this even non-registered users can configure the uploader.
Fixed homepage breaking when URL uploader is disabled.
Updated fontello.
Added link, cog-alt, and floppy icons.
Better tabs design in homepage.
Bumped v1 & v3 version strings.
Upgraded dependencies.
Stop adding cache-control header to album zip files unless
config.cacheControl is enabled.
Updated CSS files.
Moved thumbnail-related styling to thumbs.css.
Various other fixes & improvements.
Moved render.js from public/js to public/js/s.
Removed sharex.js in favor of public/js/s/utils.js.
Moved getPrettyDate() & getPrettyBytes() to that JS file as well.
Added lsKeys global variable wherever applicable.
Previously the idea was only used in dashboard.js.
Added No-JS version of album public pages.
You'll only have to add ?nojs to the URL.
Viewing the regular version with JS disabled will show a notice with
a link to the No-JS version of the particular album.
Overall page size of the regular version will now be lower as well,
since there'll be no need to add noscript tag for each thumbs.
No longer show Administrator section to non-admin in the dashboard.
Moderators will ONLY be able to see manage users menu as well.
Simplified FAQ wherever applicable.
Added a new FAQ about bug report or feature request.
Updated link for Firefox extension.
Also pushed Firefox link before Chrome, cause I like it more.
Added browser settings menu to dashboard.
This allows you to choose file size unit (kilobyte vs kibibyte) for that
specific browser.
The preference will be used on homepage, dashboard and album pages.
This also allows you to set chunk size and maximum parallel uploads
for the homepage uploader.
All menu links in the dashboard will now scroll to the content once
loaded.
Previously it would only do so with manage uploads/users when
switching pages.
Refactored all instances of for-in & for-of loop from browser JS files.
For the sake of uniformity, for now.
* Replaced all instances of getElementById and getElementsByClassName
with querySelector or querySelectorAll.
* Updated utilsController.js to stop disabling
no-async-promise-executor eslint rule.
* Removed unused lines in dashboard.njk.
* Refactored maxFileSize to maxSize in home.{css,js,njk}.
* Updated ClamAV codes in lolisafe.js. No more pinging.
Since querying version will also check connection anyway.
* Option "Upload to album" in homepage is now selectable.
Selecting this option will restore the uploader to not associate files
with an album.
* Fixed uploader to properly respect server's max file size.
Also updated error message of file size to use MB instead of MiB.
* Creating an album from homepage will automatically select the album.
* Updated Dropzone.js to v5.5.0.
* Bumped v1 & v3 version strings.
* Various other small fixes.
Updated fontello (added block and doc-inv icons).
Upload results will now show either doc or block icon on top of the
file name depending on the status of the upload
(unless the uploads are images, in which case they will still show
thumbnails instead).
Added support for customizable timeout and chunkSize options for ClamAV
scanning to the config file.
Bumped v1 and v3 version strings.
Updated ESLint rule: curly, again.
Mainly to also enabled "consistent" rule, which enforces curly into
else/elseif blocks, if its if block requires curly.
Added support for GET requests to /api/delete route.
Its usage is /api/delete/identifier, where identifier is the filename.
Though just like its POST route, it needs token in the header.
No more enforced curly for if/else/for/while/do blocks w/ one statement.
With that said, auto-fixed all JS files to follow the rule.
I'd also like to apologize for the inconveniences this commit cause,
after all it was me who intentionally enforced curly rule back then.
Why the change of heart?
After doing some more non-JS codes recently, I realized it was
pretty stupid of me to enforce that.
Added description column into albums.
So yeah, now albums can have description.
It'll only be shown in the album's edit popup and public link.
HTML chars will now be escaped from album's name and description.
Removed message warning about CDN cache from album's public link.
A shortened version will be shown as the download button's tooltip.
Darkened color of textarea's placeholder.
Bumped v1 version string.
DuckDuckGo's proxy is no longer supported as it stops reporting Content-Length header, which is crucial so that the safe could predict the actual file size before downloading it.
If you have it enabled in your config file, it will now close the safe with error code 1. You can either disable url uploads completely or just disable duckduckgo's proxy (though I believe not many will choose the latter as to begin with it was implemented to hide origin IP).
Reworked unique name generator to prevent the same unique identifier from being used if it was already used with a different extension (e.i. If a file named aBcD.jpg already exists, then files such as aBcD.png or aBcD.txt may not exist).
This is mainly to deal with the fact that thumbnails are only being saved as PNG, so if the same unique name is being used by multiple image/video extensions, then only one of them will have the proper thumbnail.
If you already have existing files with matching unique name but varying extensions, unfortunately you can only deal with them manually for now (either allocating new unique names or deleting them altogether).
Added a new config option to filter files with no extension.
Files with no extensions will no longer have their original name appended to the allocated random name (e.i. A file named "textfile" used to become something like "aBcDtextfile", where "aBcD" was the allocated random name. Now it will only just become "aBcD").
In relation to that, utils.extname() function will now always return blank string if the file name does not seem to have any extension.
Though files such as '.DS_Store' (basically anything that starts with a dot) will still be accepted.
Examples:
.hiddenfile => .hiddenfile
.hiddenfile.sh => .sh
.hiddenfile.001 => .hiddenfile.001
.hiddenfile.sh.001 => .sh.001
Simplified error messages of /api/upload/finishchunks.
Most, if not all, of the error responses for /api/upload* will now have HTTP status code 400 (bad request) instead of 200 (ok).
I plan to generalize this for the other API routes in the future.
Updated home.js to properly handle formatted error message when the response's status code is not 200 (ok).
Bumped v1 version string (due to home.js).
* Added ship waifu renders to homepage. These renders are toggleable since some of them maybe a bit NSFW-ish (state saved to browser's local storage).
* Updated lazyload to v10.19.0.
* Git commit URL is now have dotted bottom border.
* Thumbnail modal (the one that appears when you click display thumbnail button in lists view) now have a "Load original" button. For images it will simply load the original images, but for videos it will show a video player (relies on the browser's support for <video> tag). Thumbs view will now also have the "display thumbnail" button.
* Small changes to "add to album" modal.
* Small changes to alignment to modals in general.
Moved page.prepareShareX() to a single JS file named sharex.js. It'll be loaded in home and dashboard pages, and both home.js and dashboard.js will rely on the function provided by it.
The generated ShareX config file will also properly support cases where the safe is being hosted in a subdir now (e.i. https://example.com/lolisafe).
* Added "ShareX user profile" menu item to administration sidebar. This do the same thing as the ShareX icon in the homepage, which is to download a ShareX config.
* Updated version string in _globals.njk. A few of the previous commits also modified some JS files, but I forgot to update the version string back then.
I can't remember why I extended the config with "eslint:recommended" instead of "standard" back then. I know I wanted to force an older ecmaversion, but even then it would still work just fine with standard.
I've fixed it now to use standard. I've also applied auto-fix to dashboard.js and home.js, which fixed some stray or missing whitespaces, as well as the indenting of case's inside switch statement.
* Downgraded ecma version of client-side scripts to v5. This change means no more backtick strings and some others.
* Massively modified auth.js, dashboard.js and home.js to support the downgrade (dashboard.js had the most changes).
* Removed enter key event handler from auth page. The previous code had some small issues. I'd rather not have the handler than let the issues persist. I'll eventually look into adding this again in the future.
* Updated uploadController.js to handle some invalid requests into /api/delete and /api/bulkdelete.
This commit is intended to downgrade codes in JS files used for browser to increase browsers compatibility.
This branch is still experimental and may require much more testing.
* Some structure updates to the homepage and the No-JS uploader form. Making them both somewhat look better, especially in terms of spacing.
* Upload URLs form will now show an error alert when there the form is empty or only filled with whitespaces.
* Upload URLs form will now automatically remove empty lines or lines that consist of only whitespaces when the upload button is pressed.
* Cache selected album the exact moment "Upload URLs" button is pressed, so that any in progress requests will not have its album id altered.
* All URLs will now be displayed in the uploads list (the thing in between upload buttons and footer links) the moment "Upload URLs" button is pressed. Previously it would only show the URLs one by one after each finished request.
Brief video: https://i.fiery.me/AByv.mp4.
* Added upload by URLs. It has its own max size (config.uploads.urlMaxSize), make sure your config matches config.sample.js.
Here's a brief video showing it in action: https://i.fiery.me/CUhQ.mp4.
* /api/upload now supports uploading by URLs. Devs will only need to POST a JSON request containing a key named "urls", which is an array of the urls to upload.
* Added file extension filter to /api/upload/finishchunks.
* Added proper total chunks size check to /api/upload/finishchunks.
* Various code improvements.
NOTICE: Please update your config.js. Use config.sample.js as the template.
There were a couple of renames and restructures.
* Album zipper API route will now internally save its state when it's generating zip files, and any subsequent requests will silently be "postponed" until the first spawned task is finished. This will guarantee that there are no multiple zipping tasks for the same album. The method may seem a bit hackish though.
* All instances of console.log(error) were replaced with console.error(error). This will guarantee that any error goes to stderr instead of stdout.
* Deleting file by names will now properly remove successful files from the textarea. There was a logic flaw.
* Failure to generate thumbnails will no longer print the full stack, but instead only the error message. It will also then symlink a template image from /public/images/unavailable.png (it's only a simple image that says that it failed to generate thumbnail).
This haven't been tested in Windows machines, but it'll probably work fine.
I thought of adding a new column to files table which will store information whether the thumbnail generation is sucessful or not, but oh well, I'll go with this method for now.
* Added "create new album" button at homepage uploader. Due to this, albums list will always be shown even when you don't have any albums (and of course the list will be empty).
Preview: https://i.fiery.me/ITQ5.mp4 (ignore the fact that the prompt says "Edit album", it's been fixed before this commit goes live)
* Refactored various bits of the codes to use async/await instead of Promise.then. This will obviously cause the browser's requirement to raise but hell, it's the modern browsers age.
* Various other code improvements.
* A bunch of refactors in public JS files (home.js, dashboard.js, etcetera).
* Added lazyload to home page (for thumbs of uploaded images), dashboard (for thumbs view) and albums' public link.
Albums' public link will silently fallback to loading all thumbs at once if JavaScript is disabled.
* A bunch of others code improvements. Honestly I'm too lazy to track all the changes.
uploadController.js:
* Fixed chunk uploads failing when "blockedExtensions" is missing from the config file.
config.sample.js:
* Renamed "blockedExtensions" to "extensionsFilter", and added a new option named "filterBlacklist". When "filterBlacklist" is set to 'true', all extensions in "extensionsFilter" array will be blacklisted, otherwise it will be a whitelist, so only files with those extensions that can be uploaded.
* Renamed "uploads.chunkedUploads.maxSize" to "uploads.chunkedUploads.chunkSize".
* Added "uploads.chunkedUploads.noJsMaxSize" which can be used to change the 'displayed' file size on the No-JS uploader page.
* Some other phrases updates.
_globals.njk:
* Updated static files' version string since there is a small update to home.js.
other files:
* Regular code improvements/tweaks.
* Added Firefox extension link. For now this will simply link my fork of the Chrome extension. You will have to build the extension by your own.
* Updated icons (added Firefox).
* Tiny refactor in home.js, thus I had to update version string in _globals.njk as well.
* Main upload button will no longer be "loading" if an error occurs with the API check request.
* It will now show a message asking user to try out the No-JS uploader when JavaScript is disabled.
* Added VSCode settings to git repo. Now you can match yours with mine, if you want.
* Added .jsbeautifyrc for js-beautify (to be used by VSCode's Beautify extension).
* Refactored all instances of require('**/*.js') with require('**/*') wherever applicable (basically gotten rid of the .js extension).
* Refactored path in all instances of require() wherever applicable.
* Sorted instances of require() wherever applicable.
* Fixed 500 HTTP error trying to load an error page for 505 HTTP error.
* Removed special treatement of NoJS page from uploadsController.processFilesForDisplay().
* Updated version string of all static files.
* Beautified all HTML, HANDLEBARS and CSS files.
* Refactored the structure of footer links in homepage and No-JS uploader. This should now fix homepage going out-of-bound in smaller screens.
* Added CSS prefixes wherever applicable.
* Improved back-end side of No-JS uploader. This will now handle errors properly.
* No-JS uploader will now show max file size.
* No-JS uploader will now show a proper message when private mode is enabled and/or registration is disabled.
* Refactored all instances of "failedIds" and "albumIds" to "failedids" and "albumids" respectively. Abandoning camel case for these ones.
* Refactored the way it looks into which albums the files are supposed to be added into.
For /api/upload/finishchunks, you can add "albumid" to each object in files[] to specify which album you want the finsihed chunks to be added into. Each object may have different album IDs.
For /api/upload, which is regular uploads, unfortunately you can only choose one album at a time (by adding "albumid" to the request headers, like usual). It uses the same function as the one used for finishchunks to add the files into album, so it shouldn't be hard to extend this ability to regular uploads, someday in the future.
* Fixed a bug in /api/upload/finishchunks. Previously you couldn't ever get it to work.
* Updated error message when successful uploads could not be added to album.
* "albumid" will no longer be added to request headers if they are chunked uploads. They'd have been ignored anyways.
* Updated eslint-plugin-import dev dependency.
* Added 2 new ESLint rules: "prefer-const" and "object-shorthand".
* Refactor all JS files to follow the new ESLint rules.
* Refactored all instances of for-i into for-of wherever applicable.
* New uploads that can NOT be added to an album, for whatever reason, will print out message that they can not be added to the said album, but their links will still also be shown underneath the message. Previously it would only print out the message but not the link.
* Improved uploadController.processFilesForDisplay(). Previously it would loop through all uploaded files and update album info for EVERY file, even though to begin with it was designed so that every call would only have to access ONE album. So yeah, this time it will only update album info ONCE no matter how many files are being processed in that session.
* Updated home. All footer links are now using icons.
* Added Chrome extension link to home.
* Updated icons (added some and replaced some).
* Home will now show a different message if private mode is on but guests are still allowed to create accounts.
* Home will no longer show message about creating account if guests are not allowed to create one.
* Updated API route: /api/check. State of whether registration is enabled or not is now exposed with key "enableUserAccounts".
* Refactored all instances of "An error occurred" by appending an exclamation mark.
* Added the ability to add/remove files to/from album (API route: /api/albums/addfiles - https://s.fiery.me/dCAqLEQ9.mp4).
* Added the ability to purge files associated with an album when deleting the said album (set "purge" key to true in the JSON POST request to /api/albums/delete).
* Updated icons.
* Some other refactors, probably.
* Small styling update to auth page.
* Changed icons used in dashboard.
* Added ClipboardJS.
* Added "copy link" button in file list (list view only) and album list. They will use ClipboardJS.
* Added "copy link" in upload result. For desktop, there will be small clipboard icons after the links, but for mobile and tablet, there will be a clickable buttons instead.
* Updated placeholder color for input elements.
* Updated "Loading..." in home page to use Bulma's loading spinner instead. It will also now be unclickable while still loading.
* Matched version string for all JS and CSS files.
* Switched standard to eslint with eslint-config-standard (and 4 more eslint plugins needed by standard).
* Added "curly" eslint rule with "all" option. I like it.
* Refactored all JS files to apply the new "curly" eslint rule.
* Renewed axios.min.js, dropzone.min.js and sweetalert.min.js. Re-minified and added a small comment stating their version and copyright statement.
* Some buttons in dashboard will now show loading icon whenever they're waiting for response from the server.
* Updated README.md and .gitignore.
* Added new dependency: rimraf. This will be used by chunked upload support to bulk delete temporary chunk files.
* Added chunked uploads support :3
* Updated Dropzone to 5.2.0.
* More improvements to thumbnail view. Delete button will now only appear on hover. Some other details, such as file name, size and album/owner will also appear on hover. Touch devices will have all of those appear always visible by default.
* Image thumbnails will now appear on home page after successful uploads (only for WEBP, JPG, JPEG, BMP, GIF and PNG files). WEBP may not work properly in Firefox though.
* Refactored home.js to use const/let and some other stuff.
* Refactored album view. It will now display properly on mobile screen. Download Album button will also no longer be located at the top right, but right below the subtitle.
* Updated some version strings.
* And maybe some others that I can't remember.
* Better auth handling.
* Deleting a file will no longer cause the dashboard to load the very first page of uploaded files list. It will instead reload the currently viewed page.
* Updated dropzone (I guess).
* Updated Bulma to 0.6.2. Text will look slightly bigger in general now. I may change that in the future.
* Updated SweetAlert to 2.1.0.
* A bunch of other updates to make it compatible with the updated Bulma and SweetAlert.