invaliduser/knightrider
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fixed issues check pachage.json note (untested)

Browse source
This commit is contained in:
404invalid-user 2021-08-28 22:02:02 +01:00
parent f7f64473e6
commit 425c617f23
11 changed files with 119 additions and 125 deletions
Download patch file Download diff file Expand all files Collapse all files

3
.vscode/settings.json vendored
View file

@ -1,3 +0,0 @@
{
"git.ignoreLimitWarning": true
}

4
package.json
View file

@ -1,8 +1,8 @@
{
"name": "knightrider",
"version": "4.8.420",
"version": "4.8.434",
"description": "a bot for a private discord server",
"updatenote": "major update: now using a database, fixed exploit that allowed users to add the bot to their server give themself the Staff role and edit staff only options in CWH11's Hangout Crew, multiple server support, a better dashboard and now opensource.",
"updatenote": "small update (untested): fixed non staff from accessing dashboard by doing to domain/server/:server-id",
"main": "./src/knightrider.js",
"scripts": {
"start": "node ./src/knightrider.js",

2
src/express/get/dashboard/dashboard.js
View file

@ -81,7 +81,7 @@ module.exports = {
if (userGuild.owner == true) {
guilds.push({ id: userGuild.id, name: userGuild.name, icon: `https://cdn.discordapp.com/icons/${userGuild.id}/${userGuild.icon}.webp`, mutual: true, userPermission: 'owner' });
} else {
if (client.guilds.cache.get(currentServer.id).members.find(userInfo.id).roles.cache.find(r => currentServer.staffRoles.includes(r.name))) {
if (client.guilds.cache.get(currentServer.id).members.cache.get(userInfo.id).roles.cache.find(r => currentServer.staffRoles.includes(r.name))) {
guilds.push({ id: userGuild.id, name: userGuild.name, icon: `https://cdn.discordapp.com/icons/${userGuild.id}/${userGuild.icon}.webp`, mutual: true, userPermission: 'staffrole' });
} else {
currentServer.staff.forEach(userid => {

12
src/express/get/dashboard/filter.js
View file

@ -15,13 +15,9 @@ module.exports = {
let currentUser = await Userdashboard.findOne({ userId: res.locals.cookie.id })
let currentServer = await Server.findOne({ id: req.params.serverid })
if (currentServer == null) return res.render('404.ejs')
let hasAccess = false;
await currentUser.guilds.forEach(guild => {
if (guild.userPermission == 'owner' || guild.userPermission == 'MANAGE_GUILD' || currentServer.staff.includes(currentUser.userId)) {
hasAccess = true;
};
});
if (hasAccess == true) {
let guild = await currentUser.guilds[currentServer.id];
if (guild.userPermission == 'owner' || guild.userPermission == 'MANAGE_GUILD' || currentServer.staff.includes(currentUser.userId)) {
let hasAccess = false;
await currentUser.accessCodes.forEach(async(userCode) => {
if (res.locals.cookie.accesscode == userCode.code) {
@ -33,7 +29,7 @@ module.exports = {
if (hasAccess == false) return res.redirect('/login?ninvalidcode');
} else {
await res.status(401).render('error.ejs', { errorMessage: null, error: "you do not have access to the admin dashboard if you are a member of staff fill out http://knightrider.rf.gd/er/admin.php", userInfo: { id: req.query.userid, username: req.query.userame, avatar: req.query.userAvatar } })
await res.status(401).render('error.ejs', { errorMessage: null, error: "you do not have access to the admin dashboard if you are a member of staff tell the bot owner", userInfo: { id: req.query.userid, username: req.query.userame, avatar: req.query.userAvatar } })
}
} catch (error) {
console.log(error)

12
src/express/get/dashboard/reactionroles.js
View file

@ -16,13 +16,9 @@ module.exports = {
if (currentUser == null) return res.render('404.ejs')
let currentServer = await Server.findOne({ id: req.params.serverid })
if (currentServer == null) return res.render('404.ejs')
let hasAccess = false;
await currentUser.guilds.forEach(guild => {
if (guild.userPermission == 'owner' || guild.userPermission == 'MANAGE_GUILD' || currentServer.staff.includes(currentUser.userId)) {
hasAccess = true;
};
});
if (hasAccess == true) {
let guild = await currentUser.guilds[currentServer.id];
if (guild.userPermission == 'owner' || guild.userPermission == 'MANAGE_GUILD' || currentServer.staff.includes(currentUser.userId)) {
let hasAccess = false;
let listedRoles = [];
let listedChannels = [];
let server = await client.guilds.cache.get(currentServer.id);
@ -41,7 +37,7 @@ module.exports = {
});
if (hasAccess == false) return res.redirect('/login?ninvalidcode');
} else {
await res.status(401).render('error.ejs', { errorMessage: null, error: "you do not have access to the admin dashboard if you are a member of staff fill out http://knightrider.rf.gd/er/admin.php", userInfo: { id: req.query.userid, username: req.query.userame, avatar: req.query.userAvatar } })
await res.status(401).render('error.ejs', { errorMessage: null, error: "you do not have access to the admin dashboard if you are a member of staff tell the bot owner", userInfo: { id: req.query.userid, username: req.query.userame, avatar: req.query.userAvatar } })
}
} catch (error) {
console.log(error)

14
src/express/get/dashboard/server.js
View file

@ -16,13 +16,9 @@ module.exports = {
if (currentUser == null) return res.redirect('/login');
let currentServer = await Server.findOne({ id: req.params.serverid })
if (currentServer == null) return res.render('404.ejs');
let hasAccess = false;
await currentUser.guilds.forEach(guild => {
if (guild.userPermission == 'owner' || guild.userPermission == 'MANAGE_GUILD' || currentServer.staff.includes(currentUser.userId)) {
hasAccess = true;
};
});
if (hasAccess == true) {
let guild = await currentUser.guilds[currentServer.id];
if (guild.userPermission == 'owner' || guild.userPermission == 'MANAGE_GUILD' || currentServer.staff.includes(currentUser.userId)) {
let hasAccess = false;
await currentUser.accessCodes.forEach(async(userCode) => {
if (res.locals.cookie.accesscode == userCode.code) {
hasAccess = true;
@ -32,8 +28,8 @@ module.exports = {
});
if (hasAccess == false) return res.redirect('/login?ninvalidcode');
} else {
await res.status(401).render('error.ejs', { errorMessage: null, error: "you do not have access to the admin dashboard if you are a member of staff fill out http://knightrider.rf.gd/er/admin.php", userInfo: { id: req.query.userid, username: req.query.userame, avatar: req.query.userAvatar } })
};
await res.status(401).render('error.ejs', { errorMessage: null, error: "you do not have access to the admin dashboard if you are a member of staff tell the bot owner", userInfo: { id: req.query.userid, username: req.query.userame, avatar: req.query.userAvatar } })
}
} catch (error) {
console.log(error)

25
src/express/post/api/updatefilter.js
View file

@ -13,17 +13,22 @@ module.exports = {
if (currentUser == null) return res.status(404).json({ error: "404 - cant find you in the db" });
let currentServer = await Server.findOne({ id: req.body.server.id });
if (currentServer == null) return res.status(404).json({ error: "404 - cant find that server in the db" });
let guild = await currentUser.guilds[currentServer.id];
if (guild.userPermission == 'owner' || guild.userPermission == 'MANAGE_GUILD' || currentServer.staff.includes(currentUser.userId)) {
let hasAccess = false;
await currentUser.accessCodes.forEach(async(userCode) => {
if (req.body.user.accesscode == userCode.code) {
hasAccess = true;
currentServer.filter.normal = await req.body.normalFilter;
currentServer.filter.safe = await req.body.safeFilter;
currentServer.save();
return res.status(200).json({ error: "no", message: "filters have been updates" });
};
});
let hasAccess = false;
await currentUser.accessCodes.forEach(async(userCode) => {
if (req.body.user.accesscode == userCode.code) {
hasAccess = true;
currentServer.filter.normal = await req.body.normalFilter;
currentServer.filter.safe = await req.body.safeFilter;
currentServer.save();
return res.status(200).json({ error: "no", message: "filters have been updates" });
};
});
} else {
return res.status(401).json({ error: "401 - unauthorised", info: "your user does not own the server or have a staff role or pi is listed as a staff member" });
};
if (hasAccess == false) return res.status(401).json({ error: "401 - unauthorised", info: "please include your accesscode and user id to use this api more info in the docs " + conf.domain + '/docs' });

37
src/express/post/api/updateoverview.js
View file

@ -13,23 +13,28 @@ module.exports = {
if (currentUser == null) return res.status(404).json({ error: "404 - cant find you in the db", message: "that user id cant be found" });
let currentServer = await Server.findOne({ id: req.body.server.id });
if (currentServer == null) return res.status(404).json({ error: "404 - cant find that server in the db", message: "that server id cant be found" });
let guild = await currentUser.guilds[currentServer.id];
if (guild.userPermission == 'owner' || guild.userPermission == 'MANAGE_GUILD' || currentServer.staff.includes(currentUser.userId)) {
let hasAccess = false;
await currentUser.accessCodes.forEach(async(userCode) => {
if (req.body.user.accesscode == userCode.code) {
hasAccess = true;
//apply all data from the req to the db (probabbly a better way to do this)
currentServer.prefix = req.body.prefix || prefix;
currentServer.staff = req.body.staffids || [];
currentServer.staffRoles = req.body.staffRoles || [];
currentServer.channels.modLogs = req.body.channels.modlogs || ' ';
currentServer.channels.announcments = req.body.channels.announcments || ' ';
currentServer.channels.townhall = req.body.channels.townhall || ' ';
currentServer.channels.townhallLogs = req.body.channels.townhallLogs || ' ';
currentServer.save();
return res.status(200);
};
});
let hasAccess = false;
await currentUser.accessCodes.forEach(async(userCode) => {
if (req.body.user.accesscode == userCode.code) {
hasAccess = true;
//apply all data from the req to the db (probabbly a better way to do this)
currentServer.prefix = req.body.prefix || prefix;
currentServer.staff = req.body.staffids || [];
currentServer.staffRoles = req.body.staffRoles || [];
currentServer.channels.modLogs = req.body.channels.modlogs || ' ';
currentServer.channels.announcments = req.body.channels.announcments || ' ';
currentServer.channels.townhall = req.body.channels.townhall || ' ';
currentServer.channels.townhallLogs = req.body.channels.townhallLogs || ' ';
currentServer.save();
return res.status(200);
};
});
} else {
return res.status(401).json({ error: "401 - unauthorised", info: "your user does not own the server or have a staff role or pi is listed as a staff member" });
};
if (hasAccess == false) return res.status(401).JSON({ error: "401 - unauthorised", info: "please include your accesscode and user id to use this api more info in the docs " + conf.domain + '/docs' });

110
src/express/post/api/updatereactionroles.js
View file

@ -12,63 +12,67 @@ module.exports = {
if (currentUser == null) return res.status(404).json({ error: "404 - cant find you in the db" });
let currentServer = await Server.findOne({ id: req.body.server.id });
if (currentServer == null) return res.status(404).json({ error: "404 - cant find that server in the db" });
let hasAccess = false;
await currentUser.accessCodes.forEach(async(userCode) => {
if (req.body.user.accesscode == userCode.code) {
hasAccess = true;
currentServer.reactionRoles = await req.body.reactionRoles;
currentServer.save();
let eachChannelRoles = {};
await currentServer.reactionRoles.forEach(role => {
if (!eachChannelRoles[role.channelID]) {
eachChannelRoles[role.channelID] = [{
roleID: role.roleID,
emoji: role.emoji
}];
} else {
eachChannelRoles[role.channelID].push({
roleID: role.roleID,
emoji: role.emoji
});
};
});
for (let i in eachChannelRoles) {
let rolesEmbed = {
color: conf.colour.ok,
title: 'ReactionRoles',
url: conf.domain,
author: {
name: conf.bot.name,
icon_url: conf.bot.logo,
url: conf.bot.url,
},
description: 'react with the appropriate emoji to get your role',
fields: [],
timestamp: new Date(),
footer: {
text: currentServer.name,
},
};
await eachChannelRoles[i].forEach(role => {
rolesEmbed.fields.push({
name: '\u200B',
value: '<@&' + role.roleID + '> - ' + role.emoji,
});
let guild = await currentUser.guilds[currentServer.id];
if (guild.userPermission == 'owner' || guild.userPermission == 'MANAGE_GUILD' || currentServer.staff.includes(currentUser.userId)) {
let hasAccess = false;
await currentUser.accessCodes.forEach(async(userCode) => {
if (req.body.user.accesscode == userCode.code) {
hasAccess = true;
currentServer.reactionRoles = await req.body.reactionRoles;
currentServer.save();
let eachChannelRoles = {};
await currentServer.reactionRoles.forEach(role => {
if (!eachChannelRoles[role.channelID]) {
eachChannelRoles[role.channelID] = [{
roleID: role.roleID,
emoji: role.emoji
}];
} else {
eachChannelRoles[role.channelID].push({
roleID: role.roleID,
emoji: role.emoji
});
};
});
const channel = client.guilds.cache.get(currentServer.id).channels.cache.get(i)
if (channel !== undefined) {
const msg = await channel.send({ embed: rolesEmbed });
eachChannelRoles[i].forEach(role => {
msg.react(role.emoji);
for (let i in eachChannelRoles) {
let rolesEmbed = {
color: conf.colour.ok,
title: 'ReactionRoles',
url: conf.domain,
author: {
name: conf.bot.name,
icon_url: conf.bot.logo,
url: conf.bot.url,
},
description: 'react with the appropriate emoji to get your role',
fields: [],
timestamp: new Date(),
footer: {
text: currentServer.name,
},
};
await eachChannelRoles[i].forEach(role => {
rolesEmbed.fields.push({
name: '\u200B',
value: '<@&' + role.roleID + '> - ' + role.emoji,
});
});
const channel = client.guilds.cache.get(currentServer.id).channels.cache.get(i)
if (channel !== undefined) {
const msg = await channel.send({ embed: rolesEmbed });
eachChannelRoles[i].forEach(role => {
msg.react(role.emoji);
});
};
};
return res.status(200).json({ error: "no", message: "reactionroles have been updates" });
};
return res.status(200).json({ error: "no", message: "reactionroles have been updates" });
};
});
});
} else {
return res.status(401).json({ error: "401 - unauthorised", info: "your user does not own the server or have a staff role or pi is listed as a staff member" });
}
if (hasAccess == false) return res.status(401).json({ error: "401 - unauthorised", info: "please include your accesscode and user id to use this api more info in the docs " + conf.domain + '/docs' });
} catch (error) {
console.log(error);

22
src/express/www/static/js/reactionroles.js
View file

@ -16,18 +16,13 @@ function loadroles() {
document.getElementById("ReactionRoles").innerHTML = rrstr;
}
async function addReactionRole() {
document.getElementById("info").innerHTML = ''
var channel = document.getElementById('ReactionRoleChannel').value.toLowerCase().replace(' ', '')
var role = document.getElementById('ReactionRole').value.toLowerCase().replace(' ', '');
var emoji = document.getElementById('ReactionRoleEmoji').value;
await reactionRoles.push({ channelID: channel, roleID: role, emoji: emoji });
loadroles()
document.getElementById('ReactionRoleChannel').value = '';
document.getElementById('ReactionRole').value = '';
document.getElementById('ReactionRoleEmoji').value = '';
}
@ -35,18 +30,17 @@ async function addReactionRole() {
async function removeReactionRole() {
document.getElementById("info").innerHTML = ''
var role = document.getElementById('ReactionRole').value.toLowerCase().replace(' ', '');
var channel = document.getElementById('ReactionRoleChannel').value.toLowerCase().replace(' ', '')
var channel = document.getElementById('ReactionRoleChannel').value.toLowerCase().replace(' ', '');
var emoji = document.getElementById('ReactionRoleEmoji').value;
for (let i = 0; i < reactionRoles.length; i++) {
if (reactionRoles[i].channelID == channel) {
if (reactionRoles[i].roleID == role) {
reactionRoles.splice(i, 1);
loadroles()
document.getElementById('ReactionRoleChannel').value = '';
document.getElementById('ReactionRole').value = '';
document.getElementById('ReactionRoleEmoji').value = '';
if (reactionRoles[i].emoji == emoji) {
reactionRoles.splice(i, 1);
loadroles()
document.getElementById('ReactionRole').value = '';
document.getElementById('ReactionRoleEmoji').value = '';
};
};
};
};

3
src/funcs/otr.js
View file

@ -2,8 +2,9 @@
* licence https://github.com/404invalid-user/knightrider/blob/main/LICENCE
*/
const getServer = require('../funcs/getserver');
const conf = require('../conf/conf.json')
module.exports = {
otrCommand: async function(message, args, Discord, client) {
otrCommand: async function(message, args, Discord, server, messageUser, client) {
if (message.author.id == conf.cwh11) {
let server = getServer(message);
if (server == null) return message.channel.send("this server isnt in the db");