const express = require('express'); const app = express(); const port = 8003 const path = require("path") //let comments = require("/srv/www/htdocs/blog/comments.js") const fs = require("fs") const validator = require('validator'); const rootPath = "/var/www/html/" const escapeHtml = (unsafe) => { return unsafe .replace(//g, ">") .replace(/"/g, """) .replace(/'/g, "'"); }; // Middleware to parse URL-encoded and JSON bodies app.use(express.urlencoded({ extended: true })); app.use(express.json()); app.post("/blog/submit-comment",(req,res) => { let jsonString = fs.readFileSync('/var/www/html/blog/comments-database.js', 'utf8'); let comments = JSON.parse(jsonString); res.redirect(302, req.get("referer")); console.log(req.get("referer")) console.log(req.body.name) if (req.body.comment !="") { if (req.body.name == "") { req.body.name = "Anonymous"; } comments[req.body.pageID].push([validator.escape(escapeHtml(req.body.name)),validator.escape(escapeHtml(req.body.comment))]) content=`comments=${JSON.stringify(comments)} if (typeof module !== "undefined" && module.exports) { module.exports = comments; }` fs.writeFile("/var/www/html/blog/comments.js", content, (err) => { if (err) { console.error('Error creating file:', err); } else { console.log('File created written: comments.js'); } }); motd_content = ` !ALERT! ${escapeHtml(req.body.name)} Commented: ${escapeHtml(req.body.comment)} on the blog: https://deadvey.com/blog/blogs/${req.body.pageID}.html ` fs.writeFile("/etc/motd", motd_content, (err) => { if (err) { console.error('Error creating file:', err); } else { console.log('File created written: Comments.js'); } }); const jsonString = JSON.stringify(comments); fs.writeFileSync('/var/www/html/blog/comments-database.js', jsonString, 'utf8'); } console.log(comments) }); app.use(express.static(rootPath)); // Start the server app.listen(port, () => { console.log(`Server is running at http://localhost:${port} in directory: ${rootPath}`); });