c9ddaa704337ecd2bd64ae279c75b755d257b9bc
Gitcub / server.js
'use strict'
const express = require('express')
const fs = require('fs')
const path = require('path')
const sqlite3 = require('sqlite3').verbose()
const app = express()
const port = 3000
const repositoryDirectory = './user-content-access/'
const dbFile = './gitcub.db'
app.set('view engine', 'pug')
app.set('views', './views')
const directoryExists = (path) => fs.existsSync(path) ? fs.statSync(path).isDirectory() : false
const repositoryExists = (name, rows) => {
return directoryExists(repositoryDirectory + name) &&
rows.some(x => x.name == name)
}
var db = new sqlite3.Database(dbFile, sqlite3.OPEN_READWRITE)
app.get('*', (req, res) => {
db.all('select name from repositories', (err, rows) => {
if (req.originalUrl.indexOf('\0') == -1) {
let pathNormalized = path.normalize(req.path)
let pathArray = pathNormalized.split('/').filter((x) => x.length > 0)
let pathIsValid = (pathArray) => {
if (pathArray.length > 0) {
if (repositoryExists(pathArray[0], rows)) {
if (directoryExists(repositoryDirectory + pathArray.join('/'))) {
return true
}
else return false
}
else return false
}
else return false
}
if (pathIsValid(pathArray)) {
var dirList = fs.readdirSync(repositoryDirectory + pathArray.join('/'), (err, files) => {
if (err)
console.log(err)
else
return files
})
res.render('index', {
dirList: dirList
})
}
else res.send('Repository does not exist.')
}
else res.send('Null byte found in url. Nice try :)')
})
})
app.listen(port, () => {
console.log(`Example app listening on port ${port}`)
})
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74