all repos — honk @ 7aa78da559b87698acd4937421e342ef70b85035

my fork of honk

web.go (view raw)

   1//
   2// Copyright (c) 2019 Ted Unangst <tedu@tedunangst.com>
   3//
   4// Permission to use, copy, modify, and distribute this software for any
   5// purpose with or without fee is hereby granted, provided that the above
   6// copyright notice and this permission notice appear in all copies.
   7//
   8// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
   9// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
  10// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
  11// ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
  12// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
  13// ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
  14// OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  15
  16package main
  17
  18import (
  19	"bytes"
  20	"database/sql"
  21	"fmt"
  22	"html/template"
  23	"io"
  24	"log"
  25	notrand "math/rand"
  26	"net/http"
  27	"net/url"
  28	"os"
  29	"regexp"
  30	"sort"
  31	"strconv"
  32	"strings"
  33	"time"
  34
  35	"github.com/gorilla/mux"
  36	"humungus.tedunangst.com/r/webs/cache"
  37	"humungus.tedunangst.com/r/webs/css"
  38	"humungus.tedunangst.com/r/webs/httpsig"
  39	"humungus.tedunangst.com/r/webs/image"
  40	"humungus.tedunangst.com/r/webs/junk"
  41	"humungus.tedunangst.com/r/webs/login"
  42	"humungus.tedunangst.com/r/webs/rss"
  43	"humungus.tedunangst.com/r/webs/templates"
  44)
  45
  46var readviews *templates.Template
  47
  48var userSep = "u"
  49var honkSep = "h"
  50
  51func getuserstyle(u *login.UserInfo) template.CSS {
  52	if u == nil {
  53		return ""
  54	}
  55	user, _ := butwhatabout(u.Username)
  56	if user.Options.SkinnyCSS {
  57		return "main { max-width: 700px; }"
  58	}
  59	return ""
  60}
  61
  62func getInfo(r *http.Request) map[string]interface{} {
  63	u := login.GetUserInfo(r)
  64	templinfo := make(map[string]interface{})
  65	templinfo["StyleParam"] = getassetparam("views/style.css")
  66	templinfo["LocalStyleParam"] = getassetparam("views/local.css")
  67	templinfo["JSParam"] = getassetparam("views/honkpage.js")
  68	templinfo["UserStyle"] = getuserstyle(u)
  69	templinfo["ServerName"] = serverName
  70	templinfo["IconName"] = iconName
  71	templinfo["UserInfo"] = u
  72	templinfo["UserSep"] = userSep
  73	if u != nil {
  74		var combos []string
  75		combocache.Get(u.UserID, &combos)
  76		templinfo["Combos"] = combos
  77	}
  78	return templinfo
  79}
  80
  81func homepage(w http.ResponseWriter, r *http.Request) {
  82	templinfo := getInfo(r)
  83	u := login.GetUserInfo(r)
  84	var honks []*Honk
  85	var userid int64 = -1
  86
  87	templinfo["ServerMessage"] = serverMsg
  88	if u == nil || r.URL.Path == "/front" {
  89		switch r.URL.Path {
  90		case "/events":
  91			honks = geteventhonks(userid)
  92			templinfo["ServerMessage"] = "some recent and upcoming events"
  93		default:
  94			templinfo["ShowRSS"] = true
  95			honks = getpublichonks()
  96		}
  97	} else {
  98		userid = u.UserID
  99		switch r.URL.Path {
 100		case "/atme":
 101			templinfo["ServerMessage"] = "at me!"
 102			templinfo["PageName"] = "atme"
 103			honks = gethonksforme(userid, 0)
 104			honks = osmosis(honks, userid, false)
 105		case "/events":
 106			templinfo["ServerMessage"] = "some recent and upcoming events"
 107			templinfo["PageName"] = "events"
 108			honks = geteventhonks(userid)
 109			honks = osmosis(honks, userid, true)
 110		case "/first":
 111			templinfo["PageName"] = "first"
 112			honks = gethonksforuser(userid, 0)
 113			honks = osmosis(honks, userid, true)
 114		case "/saved":
 115			templinfo["ServerMessage"] = "saved honks"
 116			templinfo["PageName"] = "saved"
 117			honks = getsavedhonks(userid, 0)
 118		default:
 119			templinfo["PageName"] = "home"
 120			honks = gethonksforuser(userid, 0)
 121			honks = osmosis(honks, userid, true)
 122		}
 123		templinfo["HonkCSRF"] = login.GetCSRF("honkhonk", r)
 124	}
 125
 126	honkpage(w, u, honks, templinfo)
 127}
 128
 129func showfunzone(w http.ResponseWriter, r *http.Request) {
 130	var emunames, memenames []string
 131	dir, err := os.Open("emus")
 132	if err == nil {
 133		emunames, _ = dir.Readdirnames(0)
 134		dir.Close()
 135	}
 136	for i, e := range emunames {
 137		if len(e) > 4 {
 138			emunames[i] = e[:len(e)-4]
 139		}
 140	}
 141	dir, err = os.Open("memes")
 142	if err == nil {
 143		memenames, _ = dir.Readdirnames(0)
 144		dir.Close()
 145	}
 146	templinfo := getInfo(r)
 147	templinfo["Emus"] = emunames
 148	templinfo["Memes"] = memenames
 149	err = readviews.Execute(w, "funzone.html", templinfo)
 150	if err != nil {
 151		log.Print(err)
 152	}
 153}
 154
 155func showrss(w http.ResponseWriter, r *http.Request) {
 156	name := mux.Vars(r)["name"]
 157
 158	var honks []*Honk
 159	if name != "" {
 160		honks = gethonksbyuser(name, false, 0)
 161	} else {
 162		honks = getpublichonks()
 163	}
 164	if len(honks) > 20 {
 165		honks = honks[0:20]
 166	}
 167	reverbolate(-1, honks)
 168
 169	home := fmt.Sprintf("https://%s/", serverName)
 170	base := home
 171	if name != "" {
 172		home += "u/" + name
 173		name += " "
 174	}
 175	feed := rss.Feed{
 176		Title:       name + "honk",
 177		Link:        home,
 178		Description: name + "honk rss",
 179		Image: &rss.Image{
 180			URL:   base + "icon.png",
 181			Title: name + "honk rss",
 182			Link:  home,
 183		},
 184	}
 185	var modtime time.Time
 186	for _, honk := range honks {
 187		if !firstclass(honk) {
 188			continue
 189		}
 190		desc := string(honk.HTML)
 191		if t := honk.Time; t != nil {
 192			desc += fmt.Sprintf(`<p>Time: %s`, t.StartTime.Local().Format("03:04PM EDT Mon Jan 02"))
 193			if t.Duration != 0 {
 194				desc += fmt.Sprintf(`<br>Duration: %s`, t.Duration)
 195			}
 196		}
 197		if p := honk.Place; p != nil {
 198			desc += string(templates.Sprintf(`<p>Location: <a href="%s">%s</a> %f %f`,
 199				p.Url, p.Name, p.Latitude, p.Longitude))
 200		}
 201		for _, d := range honk.Donks {
 202			desc += string(templates.Sprintf(`<p><a href="%s">Attachment: %s</a>`,
 203				d.URL, d.Name))
 204		}
 205
 206		feed.Items = append(feed.Items, &rss.Item{
 207			Title:       fmt.Sprintf("%s %s %s", honk.Username, honk.What, honk.XID),
 208			Description: rss.CData{Data: desc},
 209			Link:        honk.URL,
 210			PubDate:     honk.Date.Format(time.RFC1123),
 211			Guid:        &rss.Guid{IsPermaLink: true, Value: honk.URL},
 212		})
 213		if honk.Date.After(modtime) {
 214			modtime = honk.Date
 215		}
 216	}
 217	w.Header().Set("Cache-Control", "max-age=300")
 218	w.Header().Set("Last-Modified", modtime.Format(http.TimeFormat))
 219
 220	err := feed.Write(w)
 221	if err != nil {
 222		log.Printf("error writing rss: %s", err)
 223	}
 224}
 225
 226func crappola(j junk.Junk) bool {
 227	t, _ := j.GetString("type")
 228	a, _ := j.GetString("actor")
 229	o, _ := j.GetString("object")
 230	if t == "Delete" && a == o {
 231		log.Printf("crappola from %s", a)
 232		return true
 233	}
 234	return false
 235}
 236
 237func ping(user *WhatAbout, who string) {
 238	var box *Box
 239	ok := boxofboxes.Get(who, &box)
 240	if !ok {
 241		log.Printf("no inbox to ping %s", who)
 242		return
 243	}
 244	j := junk.New()
 245	j["@context"] = itiswhatitis
 246	j["type"] = "Ping"
 247	j["id"] = user.URL + "/ping/" + xfiltrate()
 248	j["actor"] = user.URL
 249	j["to"] = who
 250	ki := ziggy(user.ID)
 251	if ki == nil {
 252		return
 253	}
 254	err := PostJunk(ki.keyname, ki.seckey, box.In, j)
 255	if err != nil {
 256		log.Printf("can't send ping: %s", err)
 257		return
 258	}
 259	log.Printf("sent ping to %s: %s", who, j["id"])
 260}
 261
 262func pong(user *WhatAbout, who string, obj string) {
 263	var box *Box
 264	ok := boxofboxes.Get(who, &box)
 265	if !ok {
 266		log.Printf("no inbox to pong %s", who)
 267		return
 268	}
 269	j := junk.New()
 270	j["@context"] = itiswhatitis
 271	j["type"] = "Pong"
 272	j["id"] = user.URL + "/pong/" + xfiltrate()
 273	j["actor"] = user.URL
 274	j["to"] = who
 275	j["object"] = obj
 276	ki := ziggy(user.ID)
 277	if ki == nil {
 278		return
 279	}
 280	err := PostJunk(ki.keyname, ki.seckey, box.In, j)
 281	if err != nil {
 282		log.Printf("can't send pong: %s", err)
 283		return
 284	}
 285}
 286
 287func inbox(w http.ResponseWriter, r *http.Request) {
 288	name := mux.Vars(r)["name"]
 289	user, err := butwhatabout(name)
 290	if err != nil {
 291		http.NotFound(w, r)
 292		return
 293	}
 294	if stealthmode(user.ID, r) {
 295		http.NotFound(w, r)
 296		return
 297	}
 298	var buf bytes.Buffer
 299	io.Copy(&buf, r.Body)
 300	payload := buf.Bytes()
 301	j, err := junk.FromBytes(payload)
 302	if err != nil {
 303		log.Printf("bad payload: %s", err)
 304		io.WriteString(os.Stdout, "bad payload\n")
 305		os.Stdout.Write(payload)
 306		io.WriteString(os.Stdout, "\n")
 307		return
 308	}
 309	if crappola(j) {
 310		return
 311	}
 312	keyname, err := httpsig.VerifyRequest(r, payload, zaggy)
 313	if err != nil {
 314		log.Printf("inbox message failed signature for %s from %s", keyname, r.Header.Get("X-Forwarded-For"))
 315		if keyname != "" {
 316			log.Printf("bad signature from %s", keyname)
 317			io.WriteString(os.Stdout, "bad payload\n")
 318			os.Stdout.Write(payload)
 319			io.WriteString(os.Stdout, "\n")
 320		}
 321		http.Error(w, "what did you call me?", http.StatusTeapot)
 322		return
 323	}
 324	what, _ := j.GetString("type")
 325	if what == "Like" {
 326		return
 327	}
 328	who, _ := j.GetString("actor")
 329	origin := keymatch(keyname, who)
 330	if origin == "" {
 331		log.Printf("keyname actor mismatch: %s <> %s", keyname, who)
 332		return
 333	}
 334	if rejectactor(user.ID, who) {
 335		return
 336	}
 337	switch what {
 338	case "Ping":
 339		obj, _ := j.GetString("id")
 340		log.Printf("ping from %s: %s", who, obj)
 341		pong(user, who, obj)
 342	case "Pong":
 343		obj, _ := j.GetString("object")
 344		log.Printf("pong from %s: %s", who, obj)
 345	case "Follow":
 346		obj, _ := j.GetString("object")
 347		if obj != user.URL {
 348			log.Printf("can't follow %s", obj)
 349			return
 350		}
 351		log.Printf("updating honker follow: %s", who)
 352
 353		db := opendatabase()
 354		row := db.QueryRow("select xid from honkers where xid = ? and userid = ? and flavor in ('dub', 'undub')", who, user.ID)
 355		var x string
 356		err = row.Scan(&x)
 357		if err != sql.ErrNoRows {
 358			log.Printf("duplicate follow request: %s", who)
 359			_, err = stmtUpdateFlavor.Exec("dub", user.ID, who, who, "undub")
 360			if err != nil {
 361				log.Printf("error updating honker: %s", err)
 362			}
 363		} else {
 364			stmtSaveDub.Exec(user.ID, who, who, "dub")
 365		}
 366		go rubadubdub(user, j)
 367	case "Accept":
 368		log.Printf("updating honker accept: %s", who)
 369		db := opendatabase()
 370		row := db.QueryRow("select name from honkers where userid = ? and xid = ? and flavor in ('presub')",
 371			user.ID, who)
 372		var name string
 373		err := row.Scan(&name)
 374		if err != nil {
 375			log.Printf("can't get honker name: %s", err)
 376			return
 377		}
 378		_, err = stmtUpdateFlavor.Exec("sub", user.ID, who, name, "presub")
 379		if err != nil {
 380			log.Printf("error updating honker: %s", err)
 381			return
 382		}
 383	case "Update":
 384		obj, ok := j.GetMap("object")
 385		if ok {
 386			what, _ := obj.GetString("type")
 387			switch what {
 388			case "Person":
 389				return
 390			case "Question":
 391				return
 392			case "Note":
 393				go xonksaver(user, j, origin)
 394				return
 395			}
 396		}
 397		log.Printf("unknown Update activity")
 398		fd, _ := os.OpenFile("savedinbox.json", os.O_CREATE|os.O_WRONLY|os.O_APPEND, 0666)
 399		j.Write(fd)
 400		io.WriteString(fd, "\n")
 401		fd.Close()
 402
 403	case "Undo":
 404		obj, ok := j.GetMap("object")
 405		if !ok {
 406			log.Printf("unknown undo no object")
 407			return
 408		}
 409		what, _ := obj.GetString("type")
 410		switch what {
 411		case "Follow":
 412			log.Printf("updating honker undo: %s", who)
 413			_, err = stmtUpdateFlavor.Exec("undub", user.ID, who, who, "dub")
 414			if err != nil {
 415				log.Printf("error updating honker: %s", err)
 416				return
 417			}
 418		case "Announce":
 419			xid, _ := obj.GetString("object")
 420			log.Printf("undo announce: %s", xid)
 421		case "Like":
 422		default:
 423			log.Printf("unknown undo: %s", what)
 424		}
 425	default:
 426		go xonksaver(user, j, origin)
 427	}
 428}
 429
 430func serverinbox(w http.ResponseWriter, r *http.Request) {
 431	if stealthmode(serverUID, r) {
 432		http.NotFound(w, r)
 433		return
 434	}
 435	var buf bytes.Buffer
 436	io.Copy(&buf, r.Body)
 437	payload := buf.Bytes()
 438	j, err := junk.FromBytes(payload)
 439	if err != nil {
 440		log.Printf("bad payload: %s", err)
 441		io.WriteString(os.Stdout, "bad payload\n")
 442		os.Stdout.Write(payload)
 443		io.WriteString(os.Stdout, "\n")
 444		return
 445	}
 446	if crappola(j) {
 447		return
 448	}
 449	keyname, err := httpsig.VerifyRequest(r, payload, zaggy)
 450	if err != nil {
 451		log.Printf("inbox message failed signature for %s from %s", keyname, r.Header.Get("X-Forwarded-For"))
 452		if keyname != "" {
 453			log.Printf("bad signature from %s", keyname)
 454			io.WriteString(os.Stdout, "bad payload\n")
 455			os.Stdout.Write(payload)
 456			io.WriteString(os.Stdout, "\n")
 457		}
 458		http.Error(w, "what did you call me?", http.StatusTeapot)
 459		return
 460	}
 461	user := getserveruser()
 462	who, _ := j.GetString("actor")
 463	origin := keymatch(keyname, who)
 464	if origin == "" {
 465		log.Printf("keyname actor mismatch: %s <> %s", keyname, who)
 466		return
 467	}
 468	if rejectactor(user.ID, who) {
 469		return
 470	}
 471	re_ont := regexp.MustCompile("https://" + serverName + "/o/([[:alnum:]]+)")
 472	what, _ := j.GetString("type")
 473	log.Printf("server got a %s", what)
 474	switch what {
 475	case "Follow":
 476		obj, _ := j.GetString("object")
 477		if obj == user.URL {
 478			log.Printf("can't follow the server!")
 479			return
 480		}
 481		m := re_ont.FindStringSubmatch(obj)
 482		if len(m) != 2 {
 483			log.Printf("not sure how to handle this")
 484			return
 485		}
 486		ont := "#" + m[1]
 487		log.Printf("%s wants to follow %s", who, ont)
 488		db := opendatabase()
 489		row := db.QueryRow("select xid from honkers where name = ? and xid = ? and userid = ? and flavor in ('dub', 'undub')", ont, who, user.ID)
 490		var x string
 491		err = row.Scan(&x)
 492		if err != sql.ErrNoRows {
 493			log.Printf("duplicate follow request: %s", who)
 494			_, err = stmtUpdateFlavor.Exec("dub", user.ID, who, ont, "undub")
 495			if err != nil {
 496				log.Printf("error updating honker: %s", err)
 497			}
 498		} else {
 499			stmtSaveDub.Exec(user.ID, ont, who, "dub")
 500		}
 501		go rubadubdub(user, j)
 502	case "Undo":
 503		obj, ok := j.GetMap("object")
 504		if !ok {
 505			log.Printf("unknown undo no object")
 506			return
 507		}
 508		what, _ := obj.GetString("type")
 509		if what != "Follow" {
 510			log.Printf("unknown undo: %s", what)
 511		}
 512		targ, _ := obj.GetString("object")
 513		m := re_ont.FindStringSubmatch(targ)
 514		if len(m) != 2 {
 515			log.Printf("not sure how to handle this")
 516			return
 517		}
 518		ont := "#" + m[1]
 519		log.Printf("updating honker undo: %s %s", who, ont)
 520		_, err = stmtUpdateFlavor.Exec("undub", user.ID, who, ont, "dub")
 521		if err != nil {
 522			log.Printf("error updating honker: %s", err)
 523			return
 524		}
 525	}
 526}
 527
 528func serveractor(w http.ResponseWriter, r *http.Request) {
 529	if stealthmode(serverUID, r) {
 530		http.NotFound(w, r)
 531		return
 532	}
 533	user := getserveruser()
 534	j := junkuser(user)
 535	w.Write(j)
 536}
 537
 538func ximport(w http.ResponseWriter, r *http.Request) {
 539	u := login.GetUserInfo(r)
 540	xid := strings.TrimSpace(r.FormValue("xid"))
 541	xonk := getxonk(u.UserID, xid)
 542	if xonk == nil {
 543		p, _ := investigate(xid)
 544		if p != nil {
 545			xid = p.XID
 546		}
 547		j, err := GetJunk(xid)
 548		if err != nil {
 549			http.Error(w, "error getting external object", http.StatusInternalServerError)
 550			log.Printf("error getting external object: %s", err)
 551			return
 552		}
 553		log.Printf("importing %s", xid)
 554		user, _ := butwhatabout(u.Username)
 555
 556		info, _ := somethingabout(j)
 557		if info == nil {
 558			xonk = xonksaver(user, j, originate(xid))
 559		} else if info.What == SomeActor {
 560			outbox, _ := j.GetString("outbox")
 561			gimmexonks(user, outbox)
 562			http.Redirect(w, r, "/h?xid="+url.QueryEscape(xid), http.StatusSeeOther)
 563			return
 564		} else if info.What == SomeCollection {
 565			gimmexonks(user, xid)
 566			http.Redirect(w, r, "/xzone", http.StatusSeeOther)
 567			return
 568		}
 569	}
 570	convoy := ""
 571	if xonk != nil {
 572		convoy = xonk.Convoy
 573	}
 574	http.Redirect(w, r, "/t?c="+url.QueryEscape(convoy), http.StatusSeeOther)
 575}
 576
 577func xzone(w http.ResponseWriter, r *http.Request) {
 578	u := login.GetUserInfo(r)
 579	rows, err := stmtRecentHonkers.Query(u.UserID, u.UserID)
 580	if err != nil {
 581		log.Printf("query err: %s", err)
 582		return
 583	}
 584	defer rows.Close()
 585	var honkers []Honker
 586	for rows.Next() {
 587		var xid string
 588		rows.Scan(&xid)
 589		honkers = append(honkers, Honker{XID: xid})
 590	}
 591	rows.Close()
 592	for i, _ := range honkers {
 593		_, honkers[i].Handle = handles(honkers[i].XID)
 594	}
 595	templinfo := getInfo(r)
 596	templinfo["XCSRF"] = login.GetCSRF("ximport", r)
 597	templinfo["Honkers"] = honkers
 598	err = readviews.Execute(w, "xzone.html", templinfo)
 599	if err != nil {
 600		log.Print(err)
 601	}
 602}
 603
 604var oldoutbox = cache.New(cache.Options{Filler: func(name string) ([]byte, bool) {
 605	user, err := butwhatabout(name)
 606	if err != nil {
 607		return nil, false
 608	}
 609	honks := gethonksbyuser(name, false, 0)
 610	if len(honks) > 20 {
 611		honks = honks[0:20]
 612	}
 613
 614	var jonks []junk.Junk
 615	for _, h := range honks {
 616		j, _ := jonkjonk(user, h)
 617		jonks = append(jonks, j)
 618	}
 619
 620	j := junk.New()
 621	j["@context"] = itiswhatitis
 622	j["id"] = user.URL + "/outbox"
 623	j["attributedTo"] = user.URL
 624	j["type"] = "OrderedCollection"
 625	j["totalItems"] = len(jonks)
 626	j["orderedItems"] = jonks
 627
 628	return j.ToBytes(), true
 629}, Duration: 1 * time.Minute})
 630
 631func outbox(w http.ResponseWriter, r *http.Request) {
 632	name := mux.Vars(r)["name"]
 633	user, err := butwhatabout(name)
 634	if err != nil {
 635		http.NotFound(w, r)
 636		return
 637	}
 638	if stealthmode(user.ID, r) {
 639		http.NotFound(w, r)
 640		return
 641	}
 642	var j []byte
 643	ok := oldoutbox.Get(name, &j)
 644	if ok {
 645		w.Header().Set("Content-Type", theonetruename)
 646		w.Write(j)
 647	} else {
 648		http.NotFound(w, r)
 649	}
 650}
 651
 652func emptiness(w http.ResponseWriter, r *http.Request) {
 653	name := mux.Vars(r)["name"]
 654	user, err := butwhatabout(name)
 655	if err != nil {
 656		http.NotFound(w, r)
 657		return
 658	}
 659	if stealthmode(user.ID, r) {
 660		http.NotFound(w, r)
 661		return
 662	}
 663	colname := "/followers"
 664	if strings.HasSuffix(r.URL.Path, "/following") {
 665		colname = "/following"
 666	}
 667	j := junk.New()
 668	j["@context"] = itiswhatitis
 669	j["id"] = user.URL + colname
 670	j["attributedTo"] = user.URL
 671	j["type"] = "OrderedCollection"
 672	j["totalItems"] = 0
 673	j["orderedItems"] = []junk.Junk{}
 674
 675	w.Header().Set("Content-Type", theonetruename)
 676	j.Write(w)
 677}
 678
 679func showuser(w http.ResponseWriter, r *http.Request) {
 680	name := mux.Vars(r)["name"]
 681	user, err := butwhatabout(name)
 682	if err != nil {
 683		log.Printf("user not found %s: %s", name, err)
 684		http.NotFound(w, r)
 685		return
 686	}
 687	if stealthmode(user.ID, r) {
 688		http.NotFound(w, r)
 689		return
 690	}
 691	if friendorfoe(r.Header.Get("Accept")) {
 692		j, ok := asjonker(name)
 693		if ok {
 694			w.Header().Set("Content-Type", theonetruename)
 695			w.Write(j)
 696		} else {
 697			http.NotFound(w, r)
 698		}
 699		return
 700	}
 701	u := login.GetUserInfo(r)
 702	honks := gethonksbyuser(name, u != nil && u.Username == name, 0)
 703	templinfo := getInfo(r)
 704	templinfo["Name"] = user.Name
 705	whatabout := user.About
 706	whatabout = markitzero(user.About)
 707	templinfo["WhatAbout"] = template.HTML(whatabout)
 708	templinfo["ServerMessage"] = ""
 709	templinfo["HonkCSRF"] = login.GetCSRF("honkhonk", r)
 710	honkpage(w, u, honks, templinfo)
 711}
 712
 713func showhonker(w http.ResponseWriter, r *http.Request) {
 714	u := login.GetUserInfo(r)
 715	name := mux.Vars(r)["name"]
 716	var honks []*Honk
 717	if name == "" {
 718		name = r.FormValue("xid")
 719		honks = gethonksbyxonker(u.UserID, name, 0)
 720	} else {
 721		honks = gethonksbyhonker(u.UserID, name, 0)
 722	}
 723	msg := templates.Sprintf(`honks by honker: <a href="%s" ref="noreferrer">%s</a>`, name, name)
 724	templinfo := getInfo(r)
 725	templinfo["PageName"] = "honker"
 726	templinfo["PageArg"] = name
 727	templinfo["ServerMessage"] = msg
 728	templinfo["HonkCSRF"] = login.GetCSRF("honkhonk", r)
 729	honkpage(w, u, honks, templinfo)
 730}
 731
 732func showcombo(w http.ResponseWriter, r *http.Request) {
 733	name := mux.Vars(r)["name"]
 734	u := login.GetUserInfo(r)
 735	honks := gethonksbycombo(u.UserID, name, 0)
 736	honks = osmosis(honks, u.UserID, true)
 737	templinfo := getInfo(r)
 738	templinfo["PageName"] = "combo"
 739	templinfo["PageArg"] = name
 740	templinfo["ServerMessage"] = "honks by combo: " + name
 741	templinfo["HonkCSRF"] = login.GetCSRF("honkhonk", r)
 742	honkpage(w, u, honks, templinfo)
 743}
 744func showconvoy(w http.ResponseWriter, r *http.Request) {
 745	c := r.FormValue("c")
 746	u := login.GetUserInfo(r)
 747	honks := gethonksbyconvoy(u.UserID, c, 0)
 748	templinfo := getInfo(r)
 749	if len(honks) > 0 {
 750		templinfo["TopHID"] = honks[0].ID
 751	}
 752	honks = osmosis(honks, u.UserID, false)
 753	reversehonks(honks)
 754	templinfo["PageName"] = "convoy"
 755	templinfo["PageArg"] = c
 756	templinfo["ServerMessage"] = "honks in convoy: " + c
 757	templinfo["HonkCSRF"] = login.GetCSRF("honkhonk", r)
 758	honkpage(w, u, honks, templinfo)
 759}
 760func showsearch(w http.ResponseWriter, r *http.Request) {
 761	q := r.FormValue("q")
 762	u := login.GetUserInfo(r)
 763	honks := gethonksbysearch(u.UserID, q, 0)
 764	templinfo := getInfo(r)
 765	templinfo["PageName"] = "search"
 766	templinfo["PageArg"] = q
 767	templinfo["ServerMessage"] = "honks for search: " + q
 768	templinfo["HonkCSRF"] = login.GetCSRF("honkhonk", r)
 769	honkpage(w, u, honks, templinfo)
 770}
 771func showontology(w http.ResponseWriter, r *http.Request) {
 772	name := mux.Vars(r)["name"]
 773	u := login.GetUserInfo(r)
 774	var userid int64 = -1
 775	if u != nil {
 776		userid = u.UserID
 777	}
 778	honks := gethonksbyontology(userid, "#"+name, 0)
 779	if friendorfoe(r.Header.Get("Accept")) {
 780		if len(honks) > 20 {
 781			honks = honks[0:20]
 782		}
 783
 784		var xids []string
 785		for _, h := range honks {
 786			xids = append(xids, h.XID)
 787		}
 788
 789		user := getserveruser()
 790
 791		j := junk.New()
 792		j["@context"] = itiswhatitis
 793		j["id"] = fmt.Sprintf("https://%s/o/%s", serverName, name)
 794		j["name"] = "#" + name
 795		j["attributedTo"] = user.URL
 796		j["type"] = "OrderedCollection"
 797		j["totalItems"] = len(xids)
 798		j["orderedItems"] = xids
 799
 800		j.Write(w)
 801		return
 802	}
 803
 804	templinfo := getInfo(r)
 805	templinfo["ServerMessage"] = "honks by ontology: " + name
 806	templinfo["HonkCSRF"] = login.GetCSRF("honkhonk", r)
 807	honkpage(w, u, honks, templinfo)
 808}
 809
 810type Ont struct {
 811	Name  string
 812	Count int64
 813}
 814
 815func thelistingoftheontologies(w http.ResponseWriter, r *http.Request) {
 816	u := login.GetUserInfo(r)
 817	var userid int64 = -1
 818	if u != nil {
 819		userid = u.UserID
 820	}
 821	rows, err := stmtAllOnts.Query(userid)
 822	if err != nil {
 823		log.Printf("selection error: %s", err)
 824		return
 825	}
 826	defer rows.Close()
 827	var onts []Ont
 828	for rows.Next() {
 829		var o Ont
 830		err := rows.Scan(&o.Name, &o.Count)
 831		if err != nil {
 832			log.Printf("error scanning ont: %s", err)
 833			continue
 834		}
 835		if len(o.Name) > 24 {
 836			continue
 837		}
 838		o.Name = o.Name[1:]
 839		onts = append(onts, o)
 840	}
 841	sort.Slice(onts, func(i, j int) bool {
 842		return onts[i].Name < onts[j].Name
 843	})
 844	if u == nil {
 845		w.Header().Set("Cache-Control", "max-age=300")
 846	}
 847	templinfo := getInfo(r)
 848	templinfo["Onts"] = onts
 849	err = readviews.Execute(w, "onts.html", templinfo)
 850	if err != nil {
 851		log.Print(err)
 852	}
 853}
 854
 855func showonehonk(w http.ResponseWriter, r *http.Request) {
 856	name := mux.Vars(r)["name"]
 857	user, err := butwhatabout(name)
 858	if err != nil {
 859		http.NotFound(w, r)
 860		return
 861	}
 862	if stealthmode(user.ID, r) {
 863		http.NotFound(w, r)
 864		return
 865	}
 866	xid := fmt.Sprintf("https://%s%s", serverName, r.URL.Path)
 867
 868	if friendorfoe(r.Header.Get("Accept")) {
 869		j, ok := gimmejonk(xid)
 870		if ok {
 871			w.Header().Set("Content-Type", theonetruename)
 872			w.Write(j)
 873		} else {
 874			http.NotFound(w, r)
 875		}
 876		return
 877	}
 878	honk := getxonk(user.ID, xid)
 879	if honk == nil {
 880		http.NotFound(w, r)
 881		return
 882	}
 883	u := login.GetUserInfo(r)
 884	if u != nil && u.UserID != user.ID {
 885		u = nil
 886	}
 887	if !honk.Public {
 888		if u == nil {
 889			http.NotFound(w, r)
 890			return
 891
 892		}
 893		templinfo := getInfo(r)
 894		templinfo["ServerMessage"] = "one honk maybe more"
 895		templinfo["HonkCSRF"] = login.GetCSRF("honkhonk", r)
 896		honkpage(w, u, []*Honk{honk}, templinfo)
 897		return
 898	}
 899	rawhonks := gethonksbyconvoy(honk.UserID, honk.Convoy, 0)
 900	reversehonks(rawhonks)
 901	var honks []*Honk
 902	for _, h := range rawhonks {
 903		if h.XID == xid && len(honks) != 0 {
 904			h.Style += " glow"
 905		}
 906		if h.Public && (h.Whofore == 2 || h.IsAcked()) {
 907			honks = append(honks, h)
 908		}
 909	}
 910
 911	templinfo := getInfo(r)
 912	templinfo["ServerMessage"] = "one honk maybe more"
 913	templinfo["HonkCSRF"] = login.GetCSRF("honkhonk", r)
 914	honkpage(w, u, honks, templinfo)
 915}
 916
 917func honkpage(w http.ResponseWriter, u *login.UserInfo, honks []*Honk, templinfo map[string]interface{}) {
 918	var userid int64 = -1
 919	if u != nil {
 920		userid = u.UserID
 921	}
 922	reverbolate(userid, honks)
 923	templinfo["Honks"] = honks
 924	if templinfo["TopHID"] == nil {
 925		if len(honks) > 0 {
 926			templinfo["TopHID"] = honks[0].ID
 927		} else {
 928			templinfo["TopHID"] = 0
 929		}
 930	}
 931	if u == nil {
 932		w.Header().Set("Cache-Control", "max-age=60")
 933	}
 934	err := readviews.Execute(w, "honkpage.html", templinfo)
 935	if err != nil {
 936		log.Print(err)
 937	}
 938}
 939
 940func saveuser(w http.ResponseWriter, r *http.Request) {
 941	whatabout := r.FormValue("whatabout")
 942	u := login.GetUserInfo(r)
 943	db := opendatabase()
 944	var options UserOptions
 945	if r.FormValue("skinny") == "skinny" {
 946		options.SkinnyCSS = true
 947	}
 948	j, err := jsonify(options)
 949	if err == nil {
 950		_, err = db.Exec("update users set about = ?, options = ? where username = ?", whatabout, j, u.Username)
 951	}
 952	if err != nil {
 953		log.Printf("error bouting what: %s", err)
 954	}
 955	somenamedusers.Clear(u.Username)
 956	somenumberedusers.Clear(u.UserID)
 957
 958	http.Redirect(w, r, "/account", http.StatusSeeOther)
 959}
 960
 961func submitbonk(w http.ResponseWriter, r *http.Request) {
 962	xid := r.FormValue("xid")
 963	userinfo := login.GetUserInfo(r)
 964	user, _ := butwhatabout(userinfo.Username)
 965
 966	log.Printf("bonking %s", xid)
 967
 968	xonk := getxonk(userinfo.UserID, xid)
 969	if xonk == nil {
 970		return
 971	}
 972	if !xonk.Public {
 973		return
 974	}
 975	if xonk.IsBonked() {
 976		return
 977	}
 978	donksforhonks([]*Honk{xonk})
 979
 980	_, err := stmtUpdateFlags.Exec(flagIsBonked, xonk.ID)
 981	if err != nil {
 982		log.Printf("error acking bonk: %s", err)
 983	}
 984
 985	oonker := xonk.Oonker
 986	if oonker == "" {
 987		oonker = xonk.Honker
 988	}
 989	dt := time.Now().UTC()
 990	bonk := &Honk{
 991		UserID:   userinfo.UserID,
 992		Username: userinfo.Username,
 993		What:     "bonk",
 994		Honker:   user.URL,
 995		Oonker:   oonker,
 996		XID:      xonk.XID,
 997		RID:      xonk.RID,
 998		Noise:    xonk.Noise,
 999		Precis:   xonk.Precis,
1000		URL:      xonk.URL,
1001		Date:     dt,
1002		Donks:    xonk.Donks,
1003		Whofore:  2,
1004		Convoy:   xonk.Convoy,
1005		Audience: []string{thewholeworld, oonker},
1006		Public:   true,
1007		Format:   "html",
1008		Place:    xonk.Place,
1009		Onts:     xonk.Onts,
1010		Time:     xonk.Time,
1011	}
1012
1013	err = savehonk(bonk)
1014	if err != nil {
1015		log.Printf("uh oh")
1016		return
1017	}
1018
1019	go honkworldwide(user, bonk)
1020
1021	if r.FormValue("js") != "1" {
1022		templinfo := getInfo(r)
1023		templinfo["ServerMessage"] = "Bonked!"
1024		err = readviews.Execute(w, "msg.html", templinfo)
1025		if err != nil {
1026			log.Print(err)
1027		}
1028	}
1029}
1030
1031func sendzonkofsorts(xonk *Honk, user *WhatAbout, what string) {
1032	zonk := &Honk{
1033		What:     what,
1034		XID:      xonk.XID,
1035		Date:     time.Now().UTC(),
1036		Audience: oneofakind(xonk.Audience),
1037	}
1038	zonk.Public = loudandproud(zonk.Audience)
1039
1040	log.Printf("announcing %sed honk: %s", what, xonk.XID)
1041	go honkworldwide(user, zonk)
1042}
1043
1044func zonkit(w http.ResponseWriter, r *http.Request) {
1045	wherefore := r.FormValue("wherefore")
1046	what := r.FormValue("what")
1047	userinfo := login.GetUserInfo(r)
1048	user, _ := butwhatabout(userinfo.Username)
1049
1050	if wherefore == "save" {
1051		xonk := getxonk(userinfo.UserID, what)
1052		if xonk != nil {
1053			_, err := stmtUpdateFlags.Exec(flagIsSaved, xonk.ID)
1054			if err != nil {
1055				log.Printf("error saving: %s", err)
1056			}
1057		}
1058		return
1059	}
1060
1061	if wherefore == "unsave" {
1062		xonk := getxonk(userinfo.UserID, what)
1063		if xonk != nil {
1064			_, err := stmtClearFlags.Exec(flagIsSaved, xonk.ID)
1065			if err != nil {
1066				log.Printf("error unsaving: %s", err)
1067			}
1068		}
1069		return
1070	}
1071
1072	// my hammer is too big, oh well
1073	defer oldjonks.Flush()
1074
1075	if wherefore == "ack" {
1076		xonk := getxonk(userinfo.UserID, what)
1077		if xonk != nil && !xonk.IsAcked() {
1078			_, err := stmtUpdateFlags.Exec(flagIsAcked, xonk.ID)
1079			if err != nil {
1080				log.Printf("error acking: %s", err)
1081			}
1082			sendzonkofsorts(xonk, user, "ack")
1083		}
1084		return
1085	}
1086
1087	if wherefore == "deack" {
1088		xonk := getxonk(userinfo.UserID, what)
1089		if xonk != nil && xonk.IsAcked() {
1090			_, err := stmtClearFlags.Exec(flagIsAcked, xonk.ID)
1091			if err != nil {
1092				log.Printf("error deacking: %s", err)
1093			}
1094			sendzonkofsorts(xonk, user, "deack")
1095		}
1096		return
1097	}
1098
1099	if wherefore == "unbonk" {
1100		xonk := getbonk(userinfo.UserID, what)
1101		if xonk != nil {
1102			deletehonk(xonk.ID)
1103			xonk = getxonk(userinfo.UserID, what)
1104			_, err := stmtClearFlags.Exec(flagIsBonked, xonk.ID)
1105			if err != nil {
1106				log.Printf("error unbonking: %s", err)
1107			}
1108			sendzonkofsorts(xonk, user, "unbonk")
1109		}
1110		return
1111	}
1112
1113	if wherefore == "untag" {
1114		xonk := getxonk(userinfo.UserID, what)
1115		if xonk != nil {
1116			_, err := stmtUpdateFlags.Exec(flagIsUntagged, xonk.ID)
1117			if err != nil {
1118				log.Printf("error untagging: %s", err)
1119			}
1120		}
1121		var badparents map[string]bool
1122		untagged.GetAndLock(userinfo.UserID, &badparents)
1123		badparents[what] = true
1124		untagged.Unlock()
1125		return
1126	}
1127
1128	log.Printf("zonking %s %s", wherefore, what)
1129	if wherefore == "zonk" {
1130		xonk := getxonk(userinfo.UserID, what)
1131		if xonk != nil {
1132			deletehonk(xonk.ID)
1133			if xonk.Whofore == 2 || xonk.Whofore == 3 {
1134				sendzonkofsorts(xonk, user, "zonk")
1135			}
1136		}
1137	}
1138	_, err := stmtSaveZonker.Exec(userinfo.UserID, what, wherefore)
1139	if err != nil {
1140		log.Printf("error saving zonker: %s", err)
1141		return
1142	}
1143}
1144
1145func edithonkpage(w http.ResponseWriter, r *http.Request) {
1146	u := login.GetUserInfo(r)
1147	user, _ := butwhatabout(u.Username)
1148	xid := r.FormValue("xid")
1149	honk := getxonk(u.UserID, xid)
1150	if !canedithonk(user, honk) {
1151		http.Error(w, "no editing that please", http.StatusInternalServerError)
1152		return
1153	}
1154
1155	noise := honk.Noise
1156
1157	honks := []*Honk{honk}
1158	donksforhonks(honks)
1159	reverbolate(u.UserID, honks)
1160	templinfo := getInfo(r)
1161	templinfo["HonkCSRF"] = login.GetCSRF("honkhonk", r)
1162	templinfo["Honks"] = honks
1163	templinfo["Noise"] = noise
1164	templinfo["SavedPlace"] = honk.Place
1165	templinfo["ServerMessage"] = "honk edit"
1166	templinfo["IsPreview"] = true
1167	templinfo["UpdateXID"] = honk.XID
1168	if len(honk.Donks) > 0 {
1169		templinfo["SavedFile"] = honk.Donks[0].XID
1170	}
1171	err := readviews.Execute(w, "honkpage.html", templinfo)
1172	if err != nil {
1173		log.Print(err)
1174	}
1175}
1176
1177func newhonkpage(w http.ResponseWriter, r *http.Request) {
1178	u := login.GetUserInfo(r)
1179	rid := r.FormValue("rid")
1180	noise := ""
1181
1182	xonk := getxonk(u.UserID, rid)
1183	if xonk != nil {
1184		_, replto := handles(xonk.Honker)
1185		if replto != "" {
1186			noise = "@" + replto + " "
1187		}
1188	}
1189
1190	templinfo := getInfo(r)
1191	templinfo["HonkCSRF"] = login.GetCSRF("honkhonk", r)
1192	templinfo["InReplyTo"] = rid
1193	templinfo["Noise"] = noise
1194	templinfo["ServerMessage"] = "compose honk"
1195	templinfo["IsPreview"] = true
1196	err := readviews.Execute(w, "honkpage.html", templinfo)
1197	if err != nil {
1198		log.Print(err)
1199	}
1200}
1201
1202func canedithonk(user *WhatAbout, honk *Honk) bool {
1203	if honk == nil || honk.Honker != user.URL || honk.What == "bonk" {
1204		return false
1205	}
1206	return true
1207}
1208
1209// what a hot mess this function is
1210func submithonk(w http.ResponseWriter, r *http.Request) {
1211	rid := r.FormValue("rid")
1212	noise := r.FormValue("noise")
1213
1214	userinfo := login.GetUserInfo(r)
1215	user, _ := butwhatabout(userinfo.Username)
1216
1217	dt := time.Now().UTC()
1218	updatexid := r.FormValue("updatexid")
1219	var honk *Honk
1220	if updatexid != "" {
1221		honk = getxonk(userinfo.UserID, updatexid)
1222		if !canedithonk(user, honk) {
1223			http.Error(w, "no editing that please", http.StatusInternalServerError)
1224			return
1225		}
1226		honk.Date = dt
1227		honk.What = "update"
1228		honk.Format = "markdown"
1229	} else {
1230		xid := fmt.Sprintf("%s/%s/%s", user.URL, honkSep, xfiltrate())
1231		what := "honk"
1232		if rid != "" {
1233			what = "tonk"
1234		}
1235		honk = &Honk{
1236			UserID:   userinfo.UserID,
1237			Username: userinfo.Username,
1238			What:     what,
1239			Honker:   user.URL,
1240			XID:      xid,
1241			Date:     dt,
1242			Format:   "markdown",
1243		}
1244	}
1245
1246	noise = hooterize(noise)
1247	honk.Noise = noise
1248	translate(honk, false)
1249
1250	var convoy string
1251	if rid != "" {
1252		xonk := getxonk(userinfo.UserID, rid)
1253		if xonk != nil {
1254			if xonk.Public {
1255				honk.Audience = append(honk.Audience, xonk.Audience...)
1256			}
1257			convoy = xonk.Convoy
1258		} else {
1259			xonkaud, c := whosthere(rid)
1260			honk.Audience = append(honk.Audience, xonkaud...)
1261			convoy = c
1262		}
1263		for i, a := range honk.Audience {
1264			if a == thewholeworld {
1265				honk.Audience[0], honk.Audience[i] = honk.Audience[i], honk.Audience[0]
1266				break
1267			}
1268		}
1269		honk.RID = rid
1270	} else {
1271		honk.Audience = []string{thewholeworld}
1272	}
1273	if honk.Noise != "" && honk.Noise[0] == '@' {
1274		honk.Audience = append(grapevine(honk.Noise), honk.Audience...)
1275	} else {
1276		honk.Audience = append(honk.Audience, grapevine(honk.Noise)...)
1277	}
1278
1279	if convoy == "" {
1280		convoy = "data:,electrichonkytonk-" + xfiltrate()
1281	}
1282	butnottooloud(honk.Audience)
1283	honk.Audience = oneofakind(honk.Audience)
1284	if len(honk.Audience) == 0 {
1285		log.Printf("honk to nowhere")
1286		http.Error(w, "honk to nowhere...", http.StatusNotFound)
1287		return
1288	}
1289	honk.Public = loudandproud(honk.Audience)
1290	honk.Convoy = convoy
1291
1292	donkxid := r.FormValue("donkxid")
1293	if donkxid == "" {
1294		file, filehdr, err := r.FormFile("donk")
1295		if err == nil {
1296			var buf bytes.Buffer
1297			io.Copy(&buf, file)
1298			file.Close()
1299			data := buf.Bytes()
1300			xid := xfiltrate()
1301			var media, name string
1302			img, err := image.Vacuum(&buf, image.Params{MaxWidth: 2048, MaxHeight: 2048})
1303			if err == nil {
1304				data = img.Data
1305				format := img.Format
1306				media = "image/" + format
1307				if format == "jpeg" {
1308					format = "jpg"
1309				}
1310				name = xid + "." + format
1311				xid = name
1312			} else {
1313				ct := http.DetectContentType(data)
1314				switch ct {
1315				case "application/pdf":
1316					maxsize := 1000000
1317					if len(data) > maxsize {
1318						log.Printf("bad image: %s too much pdf: %d", err, len(data))
1319						http.Error(w, "didn't like your attachment", http.StatusUnsupportedMediaType)
1320						return
1321					}
1322					media = ct
1323					xid += ".pdf"
1324					name = filehdr.Filename
1325					if name == "" {
1326						name = xid
1327					}
1328				default:
1329					maxsize := 100000
1330					if len(data) > maxsize {
1331						log.Printf("bad image: %s too much text: %d", err, len(data))
1332						http.Error(w, "didn't like your attachment", http.StatusUnsupportedMediaType)
1333						return
1334					}
1335					for i := 0; i < len(data); i++ {
1336						if data[i] < 32 && data[i] != '\t' && data[i] != '\r' && data[i] != '\n' {
1337							log.Printf("bad image: %s not text: %d", err, data[i])
1338							http.Error(w, "didn't like your attachment", http.StatusUnsupportedMediaType)
1339							return
1340						}
1341					}
1342					media = "text/plain"
1343					xid += ".txt"
1344					name = filehdr.Filename
1345					if name == "" {
1346						name = xid
1347					}
1348				}
1349			}
1350			desc := strings.TrimSpace(r.FormValue("donkdesc"))
1351			if desc == "" {
1352				desc = name
1353			}
1354			url := fmt.Sprintf("https://%s/d/%s", serverName, xid)
1355			fileid, err := savefile(xid, name, desc, url, media, true, data)
1356			if err != nil {
1357				log.Printf("unable to save image: %s", err)
1358				return
1359			}
1360			d := &Donk{
1361				FileID: fileid,
1362				XID:    xid,
1363				Desc:   desc,
1364				URL:    url,
1365				Local:  true,
1366			}
1367			honk.Donks = append(honk.Donks, d)
1368			donkxid = xid
1369		}
1370	} else {
1371		xid := donkxid
1372		url := fmt.Sprintf("https://%s/d/%s", serverName, xid)
1373		donk := finddonk(url)
1374		if donk != nil {
1375			honk.Donks = append(honk.Donks, donk)
1376		} else {
1377			log.Printf("can't find file: %s", xid)
1378		}
1379	}
1380	herd := herdofemus(noise)
1381	for _, e := range herd {
1382		donk := savedonk(e.ID, e.Name, e.Name, "image/png", true)
1383		if donk != nil {
1384			donk.Name = e.Name
1385			honk.Donks = append(honk.Donks, donk)
1386		}
1387	}
1388	memetize(honk)
1389	imaginate(honk)
1390
1391	placename := strings.TrimSpace(r.FormValue("placename"))
1392	placelat := strings.TrimSpace(r.FormValue("placelat"))
1393	placelong := strings.TrimSpace(r.FormValue("placelong"))
1394	placeurl := strings.TrimSpace(r.FormValue("placeurl"))
1395	if placename != "" || placelat != "" || placelong != "" || placeurl != "" {
1396		p := new(Place)
1397		p.Name = placename
1398		p.Latitude, _ = strconv.ParseFloat(placelat, 64)
1399		p.Longitude, _ = strconv.ParseFloat(placelong, 64)
1400		p.Url = placeurl
1401		honk.Place = p
1402	}
1403	timestart := strings.TrimSpace(r.FormValue("timestart"))
1404	if timestart != "" {
1405		t := new(Time)
1406		now := time.Now().Local()
1407		for _, layout := range []string{"2006-01-02 3:04pm", "2006-01-02 15:04", "3:04pm", "15:04"} {
1408			start, err := time.ParseInLocation(layout, timestart, now.Location())
1409			if err == nil {
1410				if start.Year() == 0 {
1411					start = time.Date(now.Year(), now.Month(), now.Day(), start.Hour(), start.Minute(), 0, 0, now.Location())
1412				}
1413				t.StartTime = start
1414				break
1415			}
1416		}
1417		timeend := r.FormValue("timeend")
1418		dur := parseDuration(timeend)
1419		if dur != 0 {
1420			t.Duration = Duration(dur)
1421		}
1422		if !t.StartTime.IsZero() {
1423			honk.What = "event"
1424			honk.Time = t
1425		}
1426	}
1427
1428	if honk.Public {
1429		honk.Whofore = 2
1430	} else {
1431		honk.Whofore = 3
1432	}
1433
1434	// back to markdown
1435	honk.Noise = noise
1436
1437	if r.FormValue("preview") == "preview" {
1438		honks := []*Honk{honk}
1439		reverbolate(userinfo.UserID, honks)
1440		templinfo := getInfo(r)
1441		templinfo["HonkCSRF"] = login.GetCSRF("honkhonk", r)
1442		templinfo["Honks"] = honks
1443		templinfo["InReplyTo"] = r.FormValue("rid")
1444		templinfo["Noise"] = r.FormValue("noise")
1445		templinfo["SavedFile"] = donkxid
1446		templinfo["IsPreview"] = true
1447		templinfo["ServerMessage"] = "honk preview"
1448		err := readviews.Execute(w, "honkpage.html", templinfo)
1449		if err != nil {
1450			log.Print(err)
1451		}
1452		return
1453	}
1454
1455	if updatexid != "" {
1456		updatehonk(honk)
1457		oldjonks.Clear(honk.XID)
1458	} else {
1459		err := savehonk(honk)
1460		if err != nil {
1461			log.Printf("uh oh")
1462			return
1463		}
1464	}
1465
1466	// reload for consistency
1467	honk.Donks = nil
1468	donksforhonks([]*Honk{honk})
1469
1470	go honkworldwide(user, honk)
1471
1472	http.Redirect(w, r, honk.XID[len(serverName)+8:], http.StatusSeeOther)
1473}
1474
1475func showhonkers(w http.ResponseWriter, r *http.Request) {
1476	userinfo := login.GetUserInfo(r)
1477	templinfo := getInfo(r)
1478	templinfo["Honkers"] = gethonkers(userinfo.UserID)
1479	templinfo["HonkerCSRF"] = login.GetCSRF("submithonker", r)
1480	err := readviews.Execute(w, "honkers.html", templinfo)
1481	if err != nil {
1482		log.Print(err)
1483	}
1484}
1485
1486var combocache = cache.New(cache.Options{Filler: func(userid int64) ([]string, bool) {
1487	honkers := gethonkers(userid)
1488	var combos []string
1489	for _, h := range honkers {
1490		combos = append(combos, h.Combos...)
1491	}
1492	for i, c := range combos {
1493		if c == "-" {
1494			combos[i] = ""
1495		}
1496	}
1497	combos = oneofakind(combos)
1498	sort.Strings(combos)
1499	return combos, true
1500}, Invalidator: &honkerinvalidator})
1501
1502func showcombos(w http.ResponseWriter, r *http.Request) {
1503	userinfo := login.GetUserInfo(r)
1504	var combos []string
1505	combocache.Get(userinfo.UserID, &combos)
1506	templinfo := getInfo(r)
1507	err := readviews.Execute(w, "combos.html", templinfo)
1508	if err != nil {
1509		log.Print(err)
1510	}
1511}
1512
1513func submithonker(w http.ResponseWriter, r *http.Request) {
1514	u := login.GetUserInfo(r)
1515	name := strings.TrimSpace(r.FormValue("name"))
1516	url := strings.TrimSpace(r.FormValue("url"))
1517	peep := r.FormValue("peep")
1518	combos := strings.TrimSpace(r.FormValue("combos"))
1519	combos = " " + combos + " "
1520	honkerid, _ := strconv.ParseInt(r.FormValue("honkerid"), 10, 0)
1521
1522	defer honkerinvalidator.Clear(u.UserID)
1523
1524	if honkerid > 0 {
1525		goodbye := r.FormValue("goodbye")
1526		if goodbye == "F" {
1527			db := opendatabase()
1528			row := db.QueryRow("select xid from honkers where honkerid = ? and userid = ? and flavor in ('sub')",
1529				honkerid, u.UserID)
1530			err := row.Scan(&url)
1531			if err != nil {
1532				log.Printf("can't get honker xid: %s", err)
1533				return
1534			}
1535			log.Printf("unsubscribing from %s", url)
1536			user, _ := butwhatabout(u.Username)
1537			_, err = stmtUpdateFlavor.Exec("unsub", u.UserID, url, name, "sub")
1538			if err != nil {
1539				log.Printf("error updating honker: %s", err)
1540				return
1541			}
1542			go itakeitallback(user, url)
1543
1544			http.Redirect(w, r, "/honkers", http.StatusSeeOther)
1545			return
1546		}
1547		if goodbye == "X" {
1548			var owner string
1549			db := opendatabase()
1550			row := db.QueryRow("select xid, owner from honkers where honkerid = ? and userid = ? and flavor in ('unsub', 'peep')",
1551				honkerid, u.UserID)
1552			err := row.Scan(&url, &owner)
1553			if err != nil {
1554				log.Printf("can't get honker xid: %s", err)
1555				return
1556			}
1557			log.Printf("resubscribing to %s", url)
1558			user, _ := butwhatabout(u.Username)
1559			_, err = stmtUpdateFlavor.Exec("presub", u.UserID, url, name, "unsub")
1560			if err == nil {
1561				_, err = stmtUpdateFlavor.Exec("presub", u.UserID, url, name, "peep")
1562			}
1563			if err != nil {
1564				log.Printf("error updating honker: %s", err)
1565				return
1566			}
1567			go subsub(user, url, owner)
1568
1569			http.Redirect(w, r, "/honkers", http.StatusSeeOther)
1570			return
1571		}
1572		_, err := stmtUpdateHonker.Exec(name, combos, honkerid, u.UserID)
1573		if err != nil {
1574			log.Printf("update honker err: %s", err)
1575			return
1576		}
1577		http.Redirect(w, r, "/honkers", http.StatusSeeOther)
1578		return
1579	}
1580
1581	if url == "" {
1582		http.Error(w, "subscribing to nothing?", http.StatusInternalServerError)
1583		return
1584	}
1585
1586	flavor := "presub"
1587	if peep == "peep" {
1588		flavor = "peep"
1589	}
1590
1591	if url[0] == '#' {
1592		flavor = "peep"
1593		if name == "" {
1594			name = url
1595		}
1596		_, err := stmtSaveHonker.Exec(u.UserID, name, url, flavor, combos, url)
1597		if err != nil {
1598			log.Print(err)
1599			return
1600		}
1601		http.Redirect(w, r, "/honkers", http.StatusSeeOther)
1602		return
1603	}
1604
1605	info, err := investigate(url)
1606	if err != nil {
1607		http.Error(w, "error investigating: "+err.Error(), http.StatusInternalServerError)
1608		log.Printf("failed to investigate honker: %s", err)
1609		return
1610	}
1611	url = info.XID
1612
1613	db := opendatabase()
1614	row := db.QueryRow("select xid from honkers where xid = ? and userid = ? and flavor in ('sub', 'unsub', 'peep')", url, u.UserID)
1615	var x string
1616	err = row.Scan(&x)
1617	if err != sql.ErrNoRows {
1618		http.Error(w, "it seems you are already subscribed to them", http.StatusInternalServerError)
1619		if err != nil {
1620			log.Printf("honker scan err: %s", err)
1621		}
1622		return
1623	}
1624
1625	if name == "" {
1626		name = info.Name
1627	}
1628	_, err = stmtSaveHonker.Exec(u.UserID, name, url, flavor, combos, info.Owner)
1629	if err != nil {
1630		log.Print(err)
1631		return
1632	}
1633	if flavor == "presub" {
1634		user, _ := butwhatabout(u.Username)
1635		go subsub(user, url, info.Owner)
1636	}
1637	http.Redirect(w, r, "/honkers", http.StatusSeeOther)
1638}
1639
1640func hfcspage(w http.ResponseWriter, r *http.Request) {
1641	userinfo := login.GetUserInfo(r)
1642
1643	filters := getfilters(userinfo.UserID, filtAny)
1644
1645	templinfo := getInfo(r)
1646	templinfo["Filters"] = filters
1647	templinfo["FilterCSRF"] = login.GetCSRF("filter", r)
1648	err := readviews.Execute(w, "hfcs.html", templinfo)
1649	if err != nil {
1650		log.Print(err)
1651	}
1652}
1653
1654func savehfcs(w http.ResponseWriter, r *http.Request) {
1655	userinfo := login.GetUserInfo(r)
1656	itsok := r.FormValue("itsok")
1657	if itsok == "iforgiveyou" {
1658		hfcsid, _ := strconv.ParseInt(r.FormValue("hfcsid"), 10, 0)
1659		_, err := stmtDeleteFilter.Exec(userinfo.UserID, hfcsid)
1660		if err != nil {
1661			log.Printf("error deleting filter: %s", err)
1662		}
1663		filtcache.Clear(userinfo.UserID)
1664		http.Redirect(w, r, "/hfcs", http.StatusSeeOther)
1665		return
1666	}
1667
1668	filt := new(Filter)
1669	filt.Name = strings.TrimSpace(r.FormValue("name"))
1670	filt.Date = time.Now().UTC()
1671	filt.Actor = strings.TrimSpace(r.FormValue("actor"))
1672	filt.IncludeAudience = r.FormValue("incaud") == "yes"
1673	filt.Text = strings.TrimSpace(r.FormValue("filttext"))
1674	filt.IsAnnounce = r.FormValue("isannounce") == "yes"
1675	filt.AnnounceOf = strings.TrimSpace(r.FormValue("announceof"))
1676	filt.Reject = r.FormValue("doreject") == "yes"
1677	filt.SkipMedia = r.FormValue("doskipmedia") == "yes"
1678	filt.Hide = r.FormValue("dohide") == "yes"
1679	filt.Collapse = r.FormValue("docollapse") == "yes"
1680	filt.Rewrite = strings.TrimSpace(r.FormValue("filtrewrite"))
1681	filt.Replace = strings.TrimSpace(r.FormValue("filtreplace"))
1682	if dur := parseDuration(r.FormValue("filtduration")); dur > 0 {
1683		filt.Expiration = time.Now().UTC().Add(dur)
1684	}
1685
1686	if filt.Actor == "" && filt.Text == "" {
1687		log.Printf("blank filter")
1688		return
1689	}
1690
1691	j, err := jsonify(filt)
1692	if err == nil {
1693		_, err = stmtSaveFilter.Exec(userinfo.UserID, j)
1694	}
1695	if err != nil {
1696		log.Printf("error saving filter: %s", err)
1697	}
1698
1699	filtcache.Clear(userinfo.UserID)
1700	http.Redirect(w, r, "/hfcs", http.StatusSeeOther)
1701}
1702
1703func accountpage(w http.ResponseWriter, r *http.Request) {
1704	u := login.GetUserInfo(r)
1705	user, _ := butwhatabout(u.Username)
1706	templinfo := getInfo(r)
1707	templinfo["UserCSRF"] = login.GetCSRF("saveuser", r)
1708	templinfo["LogoutCSRF"] = login.GetCSRF("logout", r)
1709	templinfo["User"] = user
1710	err := readviews.Execute(w, "account.html", templinfo)
1711	if err != nil {
1712		log.Print(err)
1713	}
1714}
1715
1716func dochpass(w http.ResponseWriter, r *http.Request) {
1717	err := login.ChangePassword(w, r)
1718	if err != nil {
1719		log.Printf("error changing password: %s", err)
1720	}
1721	http.Redirect(w, r, "/account", http.StatusSeeOther)
1722}
1723
1724func fingerlicker(w http.ResponseWriter, r *http.Request) {
1725	orig := r.FormValue("resource")
1726
1727	log.Printf("finger lick: %s", orig)
1728
1729	if strings.HasPrefix(orig, "acct:") {
1730		orig = orig[5:]
1731	}
1732
1733	name := orig
1734	idx := strings.LastIndexByte(name, '/')
1735	if idx != -1 {
1736		name = name[idx+1:]
1737		if fmt.Sprintf("https://%s/%s/%s", serverName, userSep, name) != orig {
1738			log.Printf("foreign request rejected")
1739			name = ""
1740		}
1741	} else {
1742		idx = strings.IndexByte(name, '@')
1743		if idx != -1 {
1744			name = name[:idx]
1745			if name+"@"+serverName != orig {
1746				log.Printf("foreign request rejected")
1747				name = ""
1748			}
1749		}
1750	}
1751	user, err := butwhatabout(name)
1752	if err != nil {
1753		http.NotFound(w, r)
1754		return
1755	}
1756	if stealthmode(user.ID, r) {
1757		http.NotFound(w, r)
1758		return
1759	}
1760
1761	j := junk.New()
1762	j["subject"] = fmt.Sprintf("acct:%s@%s", user.Name, serverName)
1763	j["aliases"] = []string{user.URL}
1764	l := junk.New()
1765	l["rel"] = "self"
1766	l["type"] = `application/activity+json`
1767	l["href"] = user.URL
1768	j["links"] = []junk.Junk{l}
1769
1770	w.Header().Set("Content-Type", "application/jrd+json")
1771	j.Write(w)
1772}
1773
1774func somedays() string {
1775	secs := 432000 + notrand.Int63n(432000)
1776	return fmt.Sprintf("%d", secs)
1777}
1778
1779func avatate(w http.ResponseWriter, r *http.Request) {
1780	n := r.FormValue("a")
1781	a := avatar(n)
1782	w.Header().Set("Cache-Control", "max-age="+somedays())
1783	w.Write(a)
1784}
1785
1786func servecss(w http.ResponseWriter, r *http.Request) {
1787	fd, err := os.Open("views" + r.URL.Path)
1788	if err != nil {
1789		http.NotFound(w, r)
1790		return
1791	}
1792	defer fd.Close()
1793	w.Header().Set("Cache-Control", "max-age=7776000")
1794	w.Header().Set("Content-Type", "text/css; charset=utf-8")
1795	err = css.Filter(fd, w)
1796	if err != nil {
1797		log.Printf("error filtering css: %s", err)
1798	}
1799}
1800func serveasset(w http.ResponseWriter, r *http.Request) {
1801	w.Header().Set("Cache-Control", "max-age=7776000")
1802	http.ServeFile(w, r, "views"+r.URL.Path)
1803}
1804func servehelp(w http.ResponseWriter, r *http.Request) {
1805	name := mux.Vars(r)["name"]
1806	w.Header().Set("Cache-Control", "max-age=3600")
1807	http.ServeFile(w, r, "docs/"+name)
1808}
1809func servehtml(w http.ResponseWriter, r *http.Request) {
1810	u := login.GetUserInfo(r)
1811	templinfo := getInfo(r)
1812	templinfo["AboutMsg"] = aboutMsg
1813	templinfo["LoginMsg"] = loginMsg
1814	if u == nil {
1815		w.Header().Set("Cache-Control", "max-age=60")
1816	}
1817	err := readviews.Execute(w, r.URL.Path[1:]+".html", templinfo)
1818	if err != nil {
1819		log.Print(err)
1820	}
1821}
1822func serveemu(w http.ResponseWriter, r *http.Request) {
1823	xid := mux.Vars(r)["xid"]
1824	w.Header().Set("Cache-Control", "max-age="+somedays())
1825	http.ServeFile(w, r, "emus/"+xid)
1826}
1827func servememe(w http.ResponseWriter, r *http.Request) {
1828	xid := mux.Vars(r)["xid"]
1829	w.Header().Set("Cache-Control", "max-age="+somedays())
1830	http.ServeFile(w, r, "memes/"+xid)
1831}
1832
1833func servefile(w http.ResponseWriter, r *http.Request) {
1834	xid := mux.Vars(r)["xid"]
1835	row := stmtGetFileData.QueryRow(xid)
1836	var media string
1837	var data []byte
1838	err := row.Scan(&media, &data)
1839	if err != nil {
1840		log.Printf("error loading file: %s", err)
1841		http.NotFound(w, r)
1842		return
1843	}
1844	w.Header().Set("Content-Type", media)
1845	w.Header().Set("X-Content-Type-Options", "nosniff")
1846	w.Header().Set("Cache-Control", "max-age="+somedays())
1847	w.Write(data)
1848}
1849
1850func nomoroboto(w http.ResponseWriter, r *http.Request) {
1851	io.WriteString(w, "User-agent: *\n")
1852	io.WriteString(w, "Disallow: /a\n")
1853	io.WriteString(w, "Disallow: /d\n")
1854	io.WriteString(w, "Disallow: /meme\n")
1855	io.WriteString(w, "Disallow: /o\n")
1856	for _, u := range allusers() {
1857		fmt.Fprintf(w, "Disallow: /%s/%s/%s/\n", userSep, u.Username, honkSep)
1858	}
1859}
1860
1861func webhydra(w http.ResponseWriter, r *http.Request) {
1862	u := login.GetUserInfo(r)
1863	userid := u.UserID
1864	templinfo := getInfo(r)
1865	templinfo["HonkCSRF"] = login.GetCSRF("honkhonk", r)
1866	page := r.FormValue("page")
1867
1868	wanted, _ := strconv.ParseInt(r.FormValue("tophid"), 10, 0)
1869
1870	var honks []*Honk
1871	switch page {
1872	case "atme":
1873		honks = gethonksforme(userid, wanted)
1874		honks = osmosis(honks, userid, false)
1875		templinfo["ServerMessage"] = "at me!"
1876	case "home":
1877		honks = gethonksforuser(userid, wanted)
1878		honks = osmosis(honks, userid, true)
1879		templinfo["ServerMessage"] = serverMsg
1880	case "first":
1881		honks = gethonksforuserfirstclass(userid, wanted)
1882		honks = osmosis(honks, userid, true)
1883		templinfo["ServerMessage"] = "first class only"
1884	case "saved":
1885		honks = getsavedhonks(userid, wanted)
1886		templinfo["PageName"] = "saved"
1887		templinfo["ServerMessage"] = "saved honks"
1888	case "combo":
1889		c := r.FormValue("c")
1890		honks = gethonksbycombo(userid, c, wanted)
1891		honks = osmosis(honks, userid, false)
1892		templinfo["ServerMessage"] = "honks by combo: " + c
1893	case "convoy":
1894		c := r.FormValue("c")
1895		honks = gethonksbyconvoy(userid, c, wanted)
1896		honks = osmosis(honks, userid, false)
1897		templinfo["ServerMessage"] = "honks in convoy: " + c
1898	case "honker":
1899		xid := r.FormValue("xid")
1900		if strings.IndexByte(xid, '@') != -1 {
1901			xid = gofish(xid)
1902		}
1903		honks = gethonksbyxonker(userid, xid, wanted)
1904		msg := templates.Sprintf(`honks by honker: <a href="%s" ref="noreferrer">%s</a>`, xid, xid)
1905		templinfo["ServerMessage"] = msg
1906	default:
1907		http.NotFound(w, r)
1908	}
1909	if len(honks) > 0 {
1910		templinfo["TopHID"] = honks[0].ID
1911	} else {
1912		templinfo["TopHID"] = wanted
1913	}
1914	reverbolate(userid, honks)
1915	templinfo["Honks"] = honks
1916	w.Header().Set("Content-Type", "text/html; charset=utf-8")
1917	err := readviews.Execute(w, "honkfrags.html", templinfo)
1918	if err != nil {
1919		log.Printf("frag error: %s", err)
1920	}
1921}
1922
1923func serve() {
1924	db := opendatabase()
1925	login.Init(db)
1926
1927	listener, err := openListener()
1928	if err != nil {
1929		log.Fatal(err)
1930	}
1931	go redeliverator()
1932
1933	debug := false
1934	getconfig("debug", &debug)
1935	readviews = templates.Load(debug,
1936		"views/honkpage.html",
1937		"views/honkfrags.html",
1938		"views/honkers.html",
1939		"views/hfcs.html",
1940		"views/combos.html",
1941		"views/honkform.html",
1942		"views/honk.html",
1943		"views/account.html",
1944		"views/about.html",
1945		"views/funzone.html",
1946		"views/login.html",
1947		"views/xzone.html",
1948		"views/msg.html",
1949		"views/header.html",
1950		"views/onts.html",
1951		"views/honkpage.js",
1952	)
1953	if !debug {
1954		assets := []string{"views/style.css", "views/local.css", "views/honkpage.js"}
1955		for _, s := range assets {
1956			savedassetparams[s] = getassetparam(s)
1957		}
1958	}
1959
1960	mux := mux.NewRouter()
1961	mux.Use(login.Checker)
1962
1963	posters := mux.Methods("POST").Subrouter()
1964	getters := mux.Methods("GET").Subrouter()
1965
1966	getters.HandleFunc("/", homepage)
1967	getters.HandleFunc("/home", homepage)
1968	getters.HandleFunc("/front", homepage)
1969	getters.HandleFunc("/events", homepage)
1970	getters.HandleFunc("/robots.txt", nomoroboto)
1971	getters.HandleFunc("/rss", showrss)
1972	getters.HandleFunc("/"+userSep+"/{name:[[:alnum:]]+}", showuser)
1973	getters.HandleFunc("/"+userSep+"/{name:[[:alnum:]]+}/"+honkSep+"/{xid:[[:alnum:]]+}", showonehonk)
1974	getters.HandleFunc("/"+userSep+"/{name:[[:alnum:]]+}/rss", showrss)
1975	posters.HandleFunc("/"+userSep+"/{name:[[:alnum:]]+}/inbox", inbox)
1976	getters.HandleFunc("/"+userSep+"/{name:[[:alnum:]]+}/outbox", outbox)
1977	getters.HandleFunc("/"+userSep+"/{name:[[:alnum:]]+}/followers", emptiness)
1978	getters.HandleFunc("/"+userSep+"/{name:[[:alnum:]]+}/following", emptiness)
1979	getters.HandleFunc("/a", avatate)
1980	getters.HandleFunc("/o", thelistingoftheontologies)
1981	getters.HandleFunc("/o/{name:.+}", showontology)
1982	getters.HandleFunc("/d/{xid:[[:alnum:].]+}", servefile)
1983	getters.HandleFunc("/emu/{xid:[[:alnum:]_.-]+}", serveemu)
1984	getters.HandleFunc("/meme/{xid:[[:alnum:]_.-]+}", servememe)
1985	getters.HandleFunc("/.well-known/webfinger", fingerlicker)
1986
1987	getters.HandleFunc("/server", serveractor)
1988	posters.HandleFunc("/server/inbox", serverinbox)
1989
1990	getters.HandleFunc("/style.css", servecss)
1991	getters.HandleFunc("/local.css", servecss)
1992	getters.HandleFunc("/honkpage.js", serveasset)
1993	getters.HandleFunc("/about", servehtml)
1994	getters.HandleFunc("/login", servehtml)
1995	posters.HandleFunc("/dologin", login.LoginFunc)
1996	getters.HandleFunc("/logout", login.LogoutFunc)
1997	getters.HandleFunc("/help/{name:[[:alnum:]_.-]+}", servehelp)
1998
1999	loggedin := mux.NewRoute().Subrouter()
2000	loggedin.Use(login.Required)
2001	loggedin.HandleFunc("/first", homepage)
2002	loggedin.HandleFunc("/saved", homepage)
2003	loggedin.HandleFunc("/account", accountpage)
2004	loggedin.HandleFunc("/funzone", showfunzone)
2005	loggedin.HandleFunc("/chpass", dochpass)
2006	loggedin.HandleFunc("/atme", homepage)
2007	loggedin.HandleFunc("/hfcs", hfcspage)
2008	loggedin.HandleFunc("/xzone", xzone)
2009	loggedin.HandleFunc("/newhonk", newhonkpage)
2010	loggedin.HandleFunc("/edit", edithonkpage)
2011	loggedin.Handle("/honk", login.CSRFWrap("honkhonk", http.HandlerFunc(submithonk)))
2012	loggedin.Handle("/bonk", login.CSRFWrap("honkhonk", http.HandlerFunc(submitbonk)))
2013	loggedin.Handle("/zonkit", login.CSRFWrap("honkhonk", http.HandlerFunc(zonkit)))
2014	loggedin.Handle("/savehfcs", login.CSRFWrap("filter", http.HandlerFunc(savehfcs)))
2015	loggedin.Handle("/saveuser", login.CSRFWrap("saveuser", http.HandlerFunc(saveuser)))
2016	loggedin.Handle("/ximport", login.CSRFWrap("ximport", http.HandlerFunc(ximport)))
2017	loggedin.HandleFunc("/honkers", showhonkers)
2018	loggedin.HandleFunc("/h/{name:[[:alnum:]_.-]+}", showhonker)
2019	loggedin.HandleFunc("/h", showhonker)
2020	loggedin.HandleFunc("/c/{name:[[:alnum:]_.-]+}", showcombo)
2021	loggedin.HandleFunc("/c", showcombos)
2022	loggedin.HandleFunc("/t", showconvoy)
2023	loggedin.HandleFunc("/q", showsearch)
2024	loggedin.HandleFunc("/hydra", webhydra)
2025	loggedin.Handle("/submithonker", login.CSRFWrap("submithonker", http.HandlerFunc(submithonker)))
2026
2027	err = http.Serve(listener, mux)
2028	if err != nil {
2029		log.Fatal(err)
2030	}
2031}