all repos — honk @ 8ce871398fdbdb10493b385ed40e54ad1763b249

my fork of honk

web.go (view raw)

   1//
   2// Copyright (c) 2019 Ted Unangst <tedu@tedunangst.com>
   3//
   4// Permission to use, copy, modify, and distribute this software for any
   5// purpose with or without fee is hereby granted, provided that the above
   6// copyright notice and this permission notice appear in all copies.
   7//
   8// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
   9// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
  10// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
  11// ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
  12// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
  13// ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
  14// OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  15
  16package main
  17
  18import (
  19	"bytes"
  20	"database/sql"
  21	"fmt"
  22	"html/template"
  23	"io"
  24	"log"
  25	notrand "math/rand"
  26	"net/http"
  27	"net/url"
  28	"os"
  29	"regexp"
  30	"sort"
  31	"strconv"
  32	"strings"
  33	"time"
  34
  35	"github.com/gorilla/mux"
  36	"humungus.tedunangst.com/r/webs/cache"
  37	"humungus.tedunangst.com/r/webs/httpsig"
  38	"humungus.tedunangst.com/r/webs/image"
  39	"humungus.tedunangst.com/r/webs/junk"
  40	"humungus.tedunangst.com/r/webs/login"
  41	"humungus.tedunangst.com/r/webs/rss"
  42	"humungus.tedunangst.com/r/webs/templates"
  43)
  44
  45var readviews *templates.Template
  46
  47var userSep = "u"
  48var honkSep = "h"
  49
  50func getuserstyle(u *login.UserInfo) template.CSS {
  51	if u == nil {
  52		return ""
  53	}
  54	user, _ := butwhatabout(u.Username)
  55	if user.Options.SkinnyCSS {
  56		return "main { max-width: 700px; }"
  57	}
  58	return ""
  59}
  60
  61func getInfo(r *http.Request) map[string]interface{} {
  62	u := login.GetUserInfo(r)
  63	templinfo := make(map[string]interface{})
  64	templinfo["StyleParam"] = getassetparam(viewDir + "/views/style.css")
  65	templinfo["LocalStyleParam"] = getassetparam(viewDir + "/views/local.css")
  66	templinfo["JSParam"] = getassetparam(viewDir + "/views/honkpage.js")
  67	templinfo["UserStyle"] = getuserstyle(u)
  68	templinfo["ServerName"] = serverName
  69	templinfo["IconName"] = iconName
  70	templinfo["UserInfo"] = u
  71	templinfo["UserSep"] = userSep
  72	if u != nil {
  73		var combos []string
  74		combocache.Get(u.UserID, &combos)
  75		templinfo["Combos"] = combos
  76	}
  77	return templinfo
  78}
  79
  80func homepage(w http.ResponseWriter, r *http.Request) {
  81	templinfo := getInfo(r)
  82	u := login.GetUserInfo(r)
  83	var honks []*Honk
  84	var userid int64 = -1
  85
  86	templinfo["ServerMessage"] = serverMsg
  87	if u == nil || r.URL.Path == "/front" {
  88		switch r.URL.Path {
  89		case "/events":
  90			honks = geteventhonks(userid)
  91			templinfo["ServerMessage"] = "some recent and upcoming events"
  92		default:
  93			templinfo["ShowRSS"] = true
  94			honks = getpublichonks()
  95		}
  96	} else {
  97		userid = u.UserID
  98		switch r.URL.Path {
  99		case "/atme":
 100			templinfo["ServerMessage"] = "at me!"
 101			templinfo["PageName"] = "atme"
 102			honks = gethonksforme(userid, 0)
 103			honks = osmosis(honks, userid, false)
 104		case "/events":
 105			templinfo["ServerMessage"] = "some recent and upcoming events"
 106			templinfo["PageName"] = "events"
 107			honks = geteventhonks(userid)
 108			honks = osmosis(honks, userid, true)
 109		case "/first":
 110			templinfo["PageName"] = "first"
 111			honks = gethonksforuserfirstclass(userid, 0)
 112			honks = osmosis(honks, userid, true)
 113		case "/saved":
 114			templinfo["ServerMessage"] = "saved honks"
 115			templinfo["PageName"] = "saved"
 116			honks = getsavedhonks(userid, 0)
 117		default:
 118			templinfo["PageName"] = "home"
 119			honks = gethonksforuser(userid, 0)
 120			honks = osmosis(honks, userid, true)
 121		}
 122		templinfo["HonkCSRF"] = login.GetCSRF("honkhonk", r)
 123	}
 124
 125	honkpage(w, u, honks, templinfo)
 126}
 127
 128func showfunzone(w http.ResponseWriter, r *http.Request) {
 129	var emunames, memenames []string
 130	dir, err := os.Open(dataDir + "/emus")
 131	if err == nil {
 132		emunames, _ = dir.Readdirnames(0)
 133		dir.Close()
 134	}
 135	for i, e := range emunames {
 136		if len(e) > 4 {
 137			emunames[i] = e[:len(e)-4]
 138		}
 139	}
 140	dir, err = os.Open(dataDir + "/memes")
 141	if err == nil {
 142		memenames, _ = dir.Readdirnames(0)
 143		dir.Close()
 144	}
 145	templinfo := getInfo(r)
 146	templinfo["Emus"] = emunames
 147	templinfo["Memes"] = memenames
 148	err = readviews.Execute(w, "funzone.html", templinfo)
 149	if err != nil {
 150		log.Print(err)
 151	}
 152}
 153
 154func showrss(w http.ResponseWriter, r *http.Request) {
 155	name := mux.Vars(r)["name"]
 156
 157	var honks []*Honk
 158	if name != "" {
 159		honks = gethonksbyuser(name, false, 0)
 160	} else {
 161		honks = getpublichonks()
 162	}
 163	if len(honks) > 20 {
 164		honks = honks[0:20]
 165	}
 166	reverbolate(-1, honks)
 167
 168	home := fmt.Sprintf("https://%s/", serverName)
 169	base := home
 170	if name != "" {
 171		home += "u/" + name
 172		name += " "
 173	}
 174	feed := rss.Feed{
 175		Title:       name + "honk",
 176		Link:        home,
 177		Description: name + "honk rss",
 178		Image: &rss.Image{
 179			URL:   base + "icon.png",
 180			Title: name + "honk rss",
 181			Link:  home,
 182		},
 183	}
 184	var modtime time.Time
 185	for _, honk := range honks {
 186		if !firstclass(honk) {
 187			continue
 188		}
 189		desc := string(honk.HTML)
 190		if t := honk.Time; t != nil {
 191			desc += fmt.Sprintf(`<p>Time: %s`, t.StartTime.Local().Format("03:04PM EDT Mon Jan 02"))
 192			if t.Duration != 0 {
 193				desc += fmt.Sprintf(`<br>Duration: %s`, t.Duration)
 194			}
 195		}
 196		if p := honk.Place; p != nil {
 197			desc += string(templates.Sprintf(`<p>Location: <a href="%s">%s</a> %f %f`,
 198				p.Url, p.Name, p.Latitude, p.Longitude))
 199		}
 200		for _, d := range honk.Donks {
 201			desc += string(templates.Sprintf(`<p><a href="%s">Attachment: %s</a>`,
 202				d.URL, d.Name))
 203		}
 204
 205		feed.Items = append(feed.Items, &rss.Item{
 206			Title:       fmt.Sprintf("%s %s %s", honk.Username, honk.What, honk.XID),
 207			Description: rss.CData{Data: desc},
 208			Link:        honk.URL,
 209			PubDate:     honk.Date.Format(time.RFC1123),
 210			Guid:        &rss.Guid{IsPermaLink: true, Value: honk.URL},
 211		})
 212		if honk.Date.After(modtime) {
 213			modtime = honk.Date
 214		}
 215	}
 216	w.Header().Set("Cache-Control", "max-age=300")
 217	w.Header().Set("Last-Modified", modtime.Format(http.TimeFormat))
 218
 219	err := feed.Write(w)
 220	if err != nil {
 221		log.Printf("error writing rss: %s", err)
 222	}
 223}
 224
 225func crappola(j junk.Junk) bool {
 226	t, _ := j.GetString("type")
 227	a, _ := j.GetString("actor")
 228	o, _ := j.GetString("object")
 229	if t == "Delete" && a == o {
 230		log.Printf("crappola from %s", a)
 231		return true
 232	}
 233	return false
 234}
 235
 236func ping(user *WhatAbout, who string) {
 237	var box *Box
 238	ok := boxofboxes.Get(who, &box)
 239	if !ok {
 240		log.Printf("no inbox to ping %s", who)
 241		return
 242	}
 243	j := junk.New()
 244	j["@context"] = itiswhatitis
 245	j["type"] = "Ping"
 246	j["id"] = user.URL + "/ping/" + xfiltrate()
 247	j["actor"] = user.URL
 248	j["to"] = who
 249	ki := ziggy(user.ID)
 250	if ki == nil {
 251		return
 252	}
 253	err := PostJunk(ki.keyname, ki.seckey, box.In, j)
 254	if err != nil {
 255		log.Printf("can't send ping: %s", err)
 256		return
 257	}
 258	log.Printf("sent ping to %s: %s", who, j["id"])
 259}
 260
 261func pong(user *WhatAbout, who string, obj string) {
 262	var box *Box
 263	ok := boxofboxes.Get(who, &box)
 264	if !ok {
 265		log.Printf("no inbox to pong %s", who)
 266		return
 267	}
 268	j := junk.New()
 269	j["@context"] = itiswhatitis
 270	j["type"] = "Pong"
 271	j["id"] = user.URL + "/pong/" + xfiltrate()
 272	j["actor"] = user.URL
 273	j["to"] = who
 274	j["object"] = obj
 275	ki := ziggy(user.ID)
 276	if ki == nil {
 277		return
 278	}
 279	err := PostJunk(ki.keyname, ki.seckey, box.In, j)
 280	if err != nil {
 281		log.Printf("can't send pong: %s", err)
 282		return
 283	}
 284}
 285
 286func inbox(w http.ResponseWriter, r *http.Request) {
 287	name := mux.Vars(r)["name"]
 288	user, err := butwhatabout(name)
 289	if err != nil {
 290		http.NotFound(w, r)
 291		return
 292	}
 293	if stealthmode(user.ID, r) {
 294		http.NotFound(w, r)
 295		return
 296	}
 297	var buf bytes.Buffer
 298	io.Copy(&buf, r.Body)
 299	payload := buf.Bytes()
 300	j, err := junk.FromBytes(payload)
 301	if err != nil {
 302		log.Printf("bad payload: %s", err)
 303		io.WriteString(os.Stdout, "bad payload\n")
 304		os.Stdout.Write(payload)
 305		io.WriteString(os.Stdout, "\n")
 306		return
 307	}
 308
 309	if crappola(j) {
 310		return
 311	}
 312	what, _ := j.GetString("type")
 313	if what == "Like" {
 314		return
 315	}
 316	who, _ := j.GetString("actor")
 317	if rejectactor(user.ID, who) {
 318		return
 319	}
 320
 321	keyname, err := httpsig.VerifyRequest(r, payload, zaggy)
 322	if err != nil {
 323		log.Printf("inbox message failed signature for %s from %s", keyname, r.Header.Get("X-Forwarded-For"))
 324		if keyname != "" {
 325			log.Printf("bad signature from %s", keyname)
 326			io.WriteString(os.Stdout, "bad payload\n")
 327			os.Stdout.Write(payload)
 328			io.WriteString(os.Stdout, "\n")
 329		}
 330		http.Error(w, "what did you call me?", http.StatusTeapot)
 331		return
 332	}
 333	origin := keymatch(keyname, who)
 334	if origin == "" {
 335		log.Printf("keyname actor mismatch: %s <> %s", keyname, who)
 336		return
 337	}
 338
 339	switch what {
 340	case "Ping":
 341		obj, _ := j.GetString("id")
 342		log.Printf("ping from %s: %s", who, obj)
 343		pong(user, who, obj)
 344	case "Pong":
 345		obj, _ := j.GetString("object")
 346		log.Printf("pong from %s: %s", who, obj)
 347	case "Follow":
 348		obj, _ := j.GetString("object")
 349		if obj != user.URL {
 350			log.Printf("can't follow %s", obj)
 351			return
 352		}
 353		log.Printf("updating honker follow: %s", who)
 354
 355		db := opendatabase()
 356		row := db.QueryRow("select xid from honkers where xid = ? and userid = ? and flavor in ('dub', 'undub')", who, user.ID)
 357		var x string
 358		err = row.Scan(&x)
 359		if err != sql.ErrNoRows {
 360			log.Printf("duplicate follow request: %s", who)
 361			_, err = stmtUpdateFlavor.Exec("dub", user.ID, who, who, "undub")
 362			if err != nil {
 363				log.Printf("error updating honker: %s", err)
 364			}
 365		} else {
 366			stmtSaveDub.Exec(user.ID, who, who, "dub")
 367		}
 368		go rubadubdub(user, j)
 369	case "Accept":
 370		log.Printf("updating honker accept: %s", who)
 371		db := opendatabase()
 372		row := db.QueryRow("select name from honkers where userid = ? and xid = ? and flavor in ('presub')",
 373			user.ID, who)
 374		var name string
 375		err := row.Scan(&name)
 376		if err != nil {
 377			log.Printf("can't get honker name: %s", err)
 378			return
 379		}
 380		_, err = stmtUpdateFlavor.Exec("sub", user.ID, who, name, "presub")
 381		if err != nil {
 382			log.Printf("error updating honker: %s", err)
 383			return
 384		}
 385	case "Update":
 386		obj, ok := j.GetMap("object")
 387		if ok {
 388			what, _ := obj.GetString("type")
 389			switch what {
 390			case "Person":
 391				return
 392			case "Question":
 393				return
 394			case "Note":
 395				go xonksaver(user, j, origin)
 396				return
 397			}
 398		}
 399		log.Printf("unknown Update activity")
 400		fd, _ := os.OpenFile("savedinbox.json", os.O_CREATE|os.O_WRONLY|os.O_APPEND, 0666)
 401		j.Write(fd)
 402		io.WriteString(fd, "\n")
 403		fd.Close()
 404
 405	case "Undo":
 406		obj, ok := j.GetMap("object")
 407		if !ok {
 408			log.Printf("unknown undo no object")
 409			return
 410		}
 411		what, _ := obj.GetString("type")
 412		switch what {
 413		case "Follow":
 414			log.Printf("updating honker undo: %s", who)
 415			_, err = stmtUpdateFlavor.Exec("undub", user.ID, who, who, "dub")
 416			if err != nil {
 417				log.Printf("error updating honker: %s", err)
 418				return
 419			}
 420		case "Announce":
 421			xid, _ := obj.GetString("object")
 422			log.Printf("undo announce: %s", xid)
 423		case "Like":
 424		default:
 425			log.Printf("unknown undo: %s", what)
 426		}
 427	default:
 428		go xonksaver(user, j, origin)
 429	}
 430}
 431
 432func serverinbox(w http.ResponseWriter, r *http.Request) {
 433	if stealthmode(serverUID, r) {
 434		http.NotFound(w, r)
 435		return
 436	}
 437	var buf bytes.Buffer
 438	io.Copy(&buf, r.Body)
 439	payload := buf.Bytes()
 440	j, err := junk.FromBytes(payload)
 441	if err != nil {
 442		log.Printf("bad payload: %s", err)
 443		io.WriteString(os.Stdout, "bad payload\n")
 444		os.Stdout.Write(payload)
 445		io.WriteString(os.Stdout, "\n")
 446		return
 447	}
 448	if crappola(j) {
 449		return
 450	}
 451	keyname, err := httpsig.VerifyRequest(r, payload, zaggy)
 452	if err != nil {
 453		log.Printf("inbox message failed signature for %s from %s", keyname, r.Header.Get("X-Forwarded-For"))
 454		if keyname != "" {
 455			log.Printf("bad signature from %s", keyname)
 456			io.WriteString(os.Stdout, "bad payload\n")
 457			os.Stdout.Write(payload)
 458			io.WriteString(os.Stdout, "\n")
 459		}
 460		http.Error(w, "what did you call me?", http.StatusTeapot)
 461		return
 462	}
 463	user := getserveruser()
 464	who, _ := j.GetString("actor")
 465	origin := keymatch(keyname, who)
 466	if origin == "" {
 467		log.Printf("keyname actor mismatch: %s <> %s", keyname, who)
 468		return
 469	}
 470	if rejectactor(user.ID, who) {
 471		return
 472	}
 473	re_ont := regexp.MustCompile("https://" + serverName + "/o/([[:alnum:]]+)")
 474	what, _ := j.GetString("type")
 475	log.Printf("server got a %s", what)
 476	switch what {
 477	case "Follow":
 478		obj, _ := j.GetString("object")
 479		if obj == user.URL {
 480			log.Printf("can't follow the server!")
 481			return
 482		}
 483		m := re_ont.FindStringSubmatch(obj)
 484		if len(m) != 2 {
 485			log.Printf("not sure how to handle this")
 486			return
 487		}
 488		ont := "#" + m[1]
 489		log.Printf("%s wants to follow %s", who, ont)
 490		db := opendatabase()
 491		row := db.QueryRow("select xid from honkers where name = ? and xid = ? and userid = ? and flavor in ('dub', 'undub')", ont, who, user.ID)
 492		var x string
 493		err = row.Scan(&x)
 494		if err != sql.ErrNoRows {
 495			log.Printf("duplicate follow request: %s", who)
 496			_, err = stmtUpdateFlavor.Exec("dub", user.ID, who, ont, "undub")
 497			if err != nil {
 498				log.Printf("error updating honker: %s", err)
 499			}
 500		} else {
 501			stmtSaveDub.Exec(user.ID, ont, who, "dub")
 502		}
 503		go rubadubdub(user, j)
 504	case "Undo":
 505		obj, ok := j.GetMap("object")
 506		if !ok {
 507			log.Printf("unknown undo no object")
 508			return
 509		}
 510		what, _ := obj.GetString("type")
 511		if what != "Follow" {
 512			log.Printf("unknown undo: %s", what)
 513		}
 514		targ, _ := obj.GetString("object")
 515		m := re_ont.FindStringSubmatch(targ)
 516		if len(m) != 2 {
 517			log.Printf("not sure how to handle this")
 518			return
 519		}
 520		ont := "#" + m[1]
 521		log.Printf("updating honker undo: %s %s", who, ont)
 522		_, err = stmtUpdateFlavor.Exec("undub", user.ID, who, ont, "dub")
 523		if err != nil {
 524			log.Printf("error updating honker: %s", err)
 525			return
 526		}
 527	}
 528}
 529
 530func serveractor(w http.ResponseWriter, r *http.Request) {
 531	if stealthmode(serverUID, r) {
 532		http.NotFound(w, r)
 533		return
 534	}
 535	user := getserveruser()
 536	j := junkuser(user)
 537	w.Write(j)
 538}
 539
 540func ximport(w http.ResponseWriter, r *http.Request) {
 541	u := login.GetUserInfo(r)
 542	xid := strings.TrimSpace(r.FormValue("xid"))
 543	xonk := getxonk(u.UserID, xid)
 544	if xonk == nil {
 545		p, _ := investigate(xid)
 546		if p != nil {
 547			xid = p.XID
 548		}
 549		j, err := GetJunk(xid)
 550		if err != nil {
 551			http.Error(w, "error getting external object", http.StatusInternalServerError)
 552			log.Printf("error getting external object: %s", err)
 553			return
 554		}
 555		log.Printf("importing %s", xid)
 556		user, _ := butwhatabout(u.Username)
 557
 558		info, _ := somethingabout(j)
 559		if info == nil {
 560			xonk = xonksaver(user, j, originate(xid))
 561		} else if info.What == SomeActor {
 562			outbox, _ := j.GetString("outbox")
 563			gimmexonks(user, outbox)
 564			http.Redirect(w, r, "/h?xid="+url.QueryEscape(xid), http.StatusSeeOther)
 565			return
 566		} else if info.What == SomeCollection {
 567			gimmexonks(user, xid)
 568			http.Redirect(w, r, "/xzone", http.StatusSeeOther)
 569			return
 570		}
 571	}
 572	convoy := ""
 573	if xonk != nil {
 574		convoy = xonk.Convoy
 575	}
 576	http.Redirect(w, r, "/t?c="+url.QueryEscape(convoy), http.StatusSeeOther)
 577}
 578
 579func xzone(w http.ResponseWriter, r *http.Request) {
 580	u := login.GetUserInfo(r)
 581	rows, err := stmtRecentHonkers.Query(u.UserID, u.UserID)
 582	if err != nil {
 583		log.Printf("query err: %s", err)
 584		return
 585	}
 586	defer rows.Close()
 587	var honkers []Honker
 588	for rows.Next() {
 589		var xid string
 590		rows.Scan(&xid)
 591		honkers = append(honkers, Honker{XID: xid})
 592	}
 593	rows.Close()
 594	for i, _ := range honkers {
 595		_, honkers[i].Handle = handles(honkers[i].XID)
 596	}
 597	templinfo := getInfo(r)
 598	templinfo["XCSRF"] = login.GetCSRF("ximport", r)
 599	templinfo["Honkers"] = honkers
 600	err = readviews.Execute(w, "xzone.html", templinfo)
 601	if err != nil {
 602		log.Print(err)
 603	}
 604}
 605
 606var oldoutbox = cache.New(cache.Options{Filler: func(name string) ([]byte, bool) {
 607	user, err := butwhatabout(name)
 608	if err != nil {
 609		return nil, false
 610	}
 611	honks := gethonksbyuser(name, false, 0)
 612	if len(honks) > 20 {
 613		honks = honks[0:20]
 614	}
 615
 616	var jonks []junk.Junk
 617	for _, h := range honks {
 618		j, _ := jonkjonk(user, h)
 619		jonks = append(jonks, j)
 620	}
 621
 622	j := junk.New()
 623	j["@context"] = itiswhatitis
 624	j["id"] = user.URL + "/outbox"
 625	j["attributedTo"] = user.URL
 626	j["type"] = "OrderedCollection"
 627	j["totalItems"] = len(jonks)
 628	j["orderedItems"] = jonks
 629
 630	return j.ToBytes(), true
 631}, Duration: 1 * time.Minute})
 632
 633func outbox(w http.ResponseWriter, r *http.Request) {
 634	name := mux.Vars(r)["name"]
 635	user, err := butwhatabout(name)
 636	if err != nil {
 637		http.NotFound(w, r)
 638		return
 639	}
 640	if stealthmode(user.ID, r) {
 641		http.NotFound(w, r)
 642		return
 643	}
 644	var j []byte
 645	ok := oldoutbox.Get(name, &j)
 646	if ok {
 647		w.Header().Set("Content-Type", theonetruename)
 648		w.Write(j)
 649	} else {
 650		http.NotFound(w, r)
 651	}
 652}
 653
 654func emptiness(w http.ResponseWriter, r *http.Request) {
 655	name := mux.Vars(r)["name"]
 656	user, err := butwhatabout(name)
 657	if err != nil {
 658		http.NotFound(w, r)
 659		return
 660	}
 661	if stealthmode(user.ID, r) {
 662		http.NotFound(w, r)
 663		return
 664	}
 665	colname := "/followers"
 666	if strings.HasSuffix(r.URL.Path, "/following") {
 667		colname = "/following"
 668	}
 669	j := junk.New()
 670	j["@context"] = itiswhatitis
 671	j["id"] = user.URL + colname
 672	j["attributedTo"] = user.URL
 673	j["type"] = "OrderedCollection"
 674	j["totalItems"] = 0
 675	j["orderedItems"] = []junk.Junk{}
 676
 677	w.Header().Set("Content-Type", theonetruename)
 678	j.Write(w)
 679}
 680
 681func showuser(w http.ResponseWriter, r *http.Request) {
 682	name := mux.Vars(r)["name"]
 683	user, err := butwhatabout(name)
 684	if err != nil {
 685		log.Printf("user not found %s: %s", name, err)
 686		http.NotFound(w, r)
 687		return
 688	}
 689	if stealthmode(user.ID, r) {
 690		http.NotFound(w, r)
 691		return
 692	}
 693	if friendorfoe(r.Header.Get("Accept")) {
 694		j, ok := asjonker(name)
 695		if ok {
 696			w.Header().Set("Content-Type", theonetruename)
 697			w.Write(j)
 698		} else {
 699			http.NotFound(w, r)
 700		}
 701		return
 702	}
 703	u := login.GetUserInfo(r)
 704	honks := gethonksbyuser(name, u != nil && u.Username == name, 0)
 705	templinfo := getInfo(r)
 706	templinfo["Name"] = user.Name
 707	whatabout := user.About
 708	whatabout = markitzero(user.About)
 709	templinfo["WhatAbout"] = template.HTML(whatabout)
 710	templinfo["ServerMessage"] = ""
 711	templinfo["HonkCSRF"] = login.GetCSRF("honkhonk", r)
 712	honkpage(w, u, honks, templinfo)
 713}
 714
 715func showhonker(w http.ResponseWriter, r *http.Request) {
 716	u := login.GetUserInfo(r)
 717	name := mux.Vars(r)["name"]
 718	var honks []*Honk
 719	if name == "" {
 720		name = r.FormValue("xid")
 721		honks = gethonksbyxonker(u.UserID, name, 0)
 722	} else {
 723		honks = gethonksbyhonker(u.UserID, name, 0)
 724	}
 725	msg := templates.Sprintf(`honks by honker: <a href="%s" ref="noreferrer">%s</a>`, name, name)
 726	templinfo := getInfo(r)
 727	templinfo["PageName"] = "honker"
 728	templinfo["PageArg"] = name
 729	templinfo["ServerMessage"] = msg
 730	templinfo["HonkCSRF"] = login.GetCSRF("honkhonk", r)
 731	honkpage(w, u, honks, templinfo)
 732}
 733
 734func showcombo(w http.ResponseWriter, r *http.Request) {
 735	name := mux.Vars(r)["name"]
 736	u := login.GetUserInfo(r)
 737	honks := gethonksbycombo(u.UserID, name, 0)
 738	honks = osmosis(honks, u.UserID, true)
 739	templinfo := getInfo(r)
 740	templinfo["PageName"] = "combo"
 741	templinfo["PageArg"] = name
 742	templinfo["ServerMessage"] = "honks by combo: " + name
 743	templinfo["HonkCSRF"] = login.GetCSRF("honkhonk", r)
 744	honkpage(w, u, honks, templinfo)
 745}
 746func showconvoy(w http.ResponseWriter, r *http.Request) {
 747	c := r.FormValue("c")
 748	u := login.GetUserInfo(r)
 749	honks := gethonksbyconvoy(u.UserID, c, 0)
 750	templinfo := getInfo(r)
 751	if len(honks) > 0 {
 752		templinfo["TopHID"] = honks[0].ID
 753	}
 754	honks = osmosis(honks, u.UserID, false)
 755	reversehonks(honks)
 756	templinfo["PageName"] = "convoy"
 757	templinfo["PageArg"] = c
 758	templinfo["ServerMessage"] = "honks in convoy: " + c
 759	templinfo["HonkCSRF"] = login.GetCSRF("honkhonk", r)
 760	honkpage(w, u, honks, templinfo)
 761}
 762func showsearch(w http.ResponseWriter, r *http.Request) {
 763	q := r.FormValue("q")
 764	u := login.GetUserInfo(r)
 765	honks := gethonksbysearch(u.UserID, q, 0)
 766	templinfo := getInfo(r)
 767	templinfo["PageName"] = "search"
 768	templinfo["PageArg"] = q
 769	templinfo["ServerMessage"] = "honks for search: " + q
 770	templinfo["HonkCSRF"] = login.GetCSRF("honkhonk", r)
 771	honkpage(w, u, honks, templinfo)
 772}
 773func showontology(w http.ResponseWriter, r *http.Request) {
 774	name := mux.Vars(r)["name"]
 775	u := login.GetUserInfo(r)
 776	var userid int64 = -1
 777	if u != nil {
 778		userid = u.UserID
 779	}
 780	honks := gethonksbyontology(userid, "#"+name, 0)
 781	if friendorfoe(r.Header.Get("Accept")) {
 782		if len(honks) > 40 {
 783			honks = honks[0:40]
 784		}
 785
 786		var xids []string
 787		for _, h := range honks {
 788			xids = append(xids, h.XID)
 789		}
 790
 791		user := getserveruser()
 792
 793		j := junk.New()
 794		j["@context"] = itiswhatitis
 795		j["id"] = fmt.Sprintf("https://%s/o/%s", serverName, name)
 796		j["name"] = "#" + name
 797		j["attributedTo"] = user.URL
 798		j["type"] = "OrderedCollection"
 799		j["totalItems"] = len(xids)
 800		j["orderedItems"] = xids
 801
 802		j.Write(w)
 803		return
 804	}
 805
 806	templinfo := getInfo(r)
 807	templinfo["ServerMessage"] = "honks by ontology: " + name
 808	templinfo["HonkCSRF"] = login.GetCSRF("honkhonk", r)
 809	honkpage(w, u, honks, templinfo)
 810}
 811
 812type Ont struct {
 813	Name  string
 814	Count int64
 815}
 816
 817func thelistingoftheontologies(w http.ResponseWriter, r *http.Request) {
 818	u := login.GetUserInfo(r)
 819	var userid int64 = -1
 820	if u != nil {
 821		userid = u.UserID
 822	}
 823	rows, err := stmtAllOnts.Query(userid)
 824	if err != nil {
 825		log.Printf("selection error: %s", err)
 826		return
 827	}
 828	defer rows.Close()
 829	var onts []Ont
 830	for rows.Next() {
 831		var o Ont
 832		err := rows.Scan(&o.Name, &o.Count)
 833		if err != nil {
 834			log.Printf("error scanning ont: %s", err)
 835			continue
 836		}
 837		if len(o.Name) > 24 {
 838			continue
 839		}
 840		o.Name = o.Name[1:]
 841		onts = append(onts, o)
 842	}
 843	sort.Slice(onts, func(i, j int) bool {
 844		return onts[i].Name < onts[j].Name
 845	})
 846	if u == nil {
 847		w.Header().Set("Cache-Control", "max-age=300")
 848	}
 849	templinfo := getInfo(r)
 850	templinfo["Onts"] = onts
 851	err = readviews.Execute(w, "onts.html", templinfo)
 852	if err != nil {
 853		log.Print(err)
 854	}
 855}
 856
 857type Track struct {
 858	xid string
 859	who string
 860}
 861
 862var trackchan = make(chan Track)
 863
 864func tracker() {
 865	var track Track
 866	for {
 867
 868		select {
 869		case track = <-trackchan:
 870			log.Printf("%s fetched by %s", track.xid, track.who)
 871		}
 872	}
 873}
 874
 875var re_keyholder = regexp.MustCompile(`keyId="([^"]+)"`)
 876
 877func trackback(xid string, r *http.Request) {
 878	agent := r.UserAgent()
 879	who := originate(agent)
 880	sig := r.Header.Get("Signature")
 881	if sig != "" {
 882		m := re_keyholder.FindStringSubmatch(sig)
 883		if len(m) == 2 {
 884			who = m[1]
 885		}
 886	}
 887	trackchan <- Track{xid:xid, who: who}
 888}
 889
 890func showonehonk(w http.ResponseWriter, r *http.Request) {
 891	name := mux.Vars(r)["name"]
 892	user, err := butwhatabout(name)
 893	if err != nil {
 894		http.NotFound(w, r)
 895		return
 896	}
 897	if stealthmode(user.ID, r) {
 898		http.NotFound(w, r)
 899		return
 900	}
 901	xid := fmt.Sprintf("https://%s%s", serverName, r.URL.Path)
 902
 903	if friendorfoe(r.Header.Get("Accept")) {
 904		j, ok := gimmejonk(xid)
 905		if ok {
 906			trackback(xid, r)
 907			w.Header().Set("Content-Type", theonetruename)
 908			w.Write(j)
 909		} else {
 910			http.NotFound(w, r)
 911		}
 912		return
 913	}
 914	honk := getxonk(user.ID, xid)
 915	if honk == nil {
 916		http.NotFound(w, r)
 917		return
 918	}
 919	u := login.GetUserInfo(r)
 920	if u != nil && u.UserID != user.ID {
 921		u = nil
 922	}
 923	if !honk.Public {
 924		if u == nil {
 925			http.NotFound(w, r)
 926			return
 927
 928		}
 929		templinfo := getInfo(r)
 930		templinfo["ServerMessage"] = "one honk maybe more"
 931		templinfo["HonkCSRF"] = login.GetCSRF("honkhonk", r)
 932		honkpage(w, u, []*Honk{honk}, templinfo)
 933		return
 934	}
 935	rawhonks := gethonksbyconvoy(honk.UserID, honk.Convoy, 0)
 936	reversehonks(rawhonks)
 937	var honks []*Honk
 938	for _, h := range rawhonks {
 939		if h.XID == xid && len(honks) != 0 {
 940			h.Style += " glow"
 941		}
 942		if h.Public && (h.Whofore == 2 || h.IsAcked()) {
 943			honks = append(honks, h)
 944		}
 945	}
 946
 947	templinfo := getInfo(r)
 948	templinfo["ServerMessage"] = "one honk maybe more"
 949	templinfo["HonkCSRF"] = login.GetCSRF("honkhonk", r)
 950	honkpage(w, u, honks, templinfo)
 951}
 952
 953func honkpage(w http.ResponseWriter, u *login.UserInfo, honks []*Honk, templinfo map[string]interface{}) {
 954	var userid int64 = -1
 955	if u != nil {
 956		userid = u.UserID
 957	}
 958	reverbolate(userid, honks)
 959	templinfo["Honks"] = honks
 960	if templinfo["TopHID"] == nil {
 961		if len(honks) > 0 {
 962			templinfo["TopHID"] = honks[0].ID
 963		} else {
 964			templinfo["TopHID"] = 0
 965		}
 966	}
 967	if u == nil {
 968		w.Header().Set("Cache-Control", "max-age=60")
 969	}
 970	err := readviews.Execute(w, "honkpage.html", templinfo)
 971	if err != nil {
 972		log.Print(err)
 973	}
 974}
 975
 976func saveuser(w http.ResponseWriter, r *http.Request) {
 977	whatabout := r.FormValue("whatabout")
 978	u := login.GetUserInfo(r)
 979	db := opendatabase()
 980	var options UserOptions
 981	if r.FormValue("skinny") == "skinny" {
 982		options.SkinnyCSS = true
 983	}
 984	j, err := jsonify(options)
 985	if err == nil {
 986		_, err = db.Exec("update users set about = ?, options = ? where username = ?", whatabout, j, u.Username)
 987	}
 988	if err != nil {
 989		log.Printf("error bouting what: %s", err)
 990	}
 991	somenamedusers.Clear(u.Username)
 992	somenumberedusers.Clear(u.UserID)
 993
 994	http.Redirect(w, r, "/account", http.StatusSeeOther)
 995}
 996
 997func submitbonk(w http.ResponseWriter, r *http.Request) {
 998	xid := r.FormValue("xid")
 999	userinfo := login.GetUserInfo(r)
1000	user, _ := butwhatabout(userinfo.Username)
1001
1002	log.Printf("bonking %s", xid)
1003
1004	xonk := getxonk(userinfo.UserID, xid)
1005	if xonk == nil {
1006		return
1007	}
1008	if !xonk.Public {
1009		return
1010	}
1011	if xonk.IsBonked() {
1012		return
1013	}
1014	donksforhonks([]*Honk{xonk})
1015
1016	_, err := stmtUpdateFlags.Exec(flagIsBonked, xonk.ID)
1017	if err != nil {
1018		log.Printf("error acking bonk: %s", err)
1019	}
1020
1021	oonker := xonk.Oonker
1022	if oonker == "" {
1023		oonker = xonk.Honker
1024	}
1025	dt := time.Now().UTC()
1026	bonk := &Honk{
1027		UserID:   userinfo.UserID,
1028		Username: userinfo.Username,
1029		What:     "bonk",
1030		Honker:   user.URL,
1031		Oonker:   oonker,
1032		XID:      xonk.XID,
1033		RID:      xonk.RID,
1034		Noise:    xonk.Noise,
1035		Precis:   xonk.Precis,
1036		URL:      xonk.URL,
1037		Date:     dt,
1038		Donks:    xonk.Donks,
1039		Whofore:  2,
1040		Convoy:   xonk.Convoy,
1041		Audience: []string{thewholeworld, oonker},
1042		Public:   true,
1043		Format:   "html",
1044		Place:    xonk.Place,
1045		Onts:     xonk.Onts,
1046		Time:     xonk.Time,
1047	}
1048
1049	err = savehonk(bonk)
1050	if err != nil {
1051		log.Printf("uh oh")
1052		return
1053	}
1054
1055	go honkworldwide(user, bonk)
1056
1057	if r.FormValue("js") != "1" {
1058		templinfo := getInfo(r)
1059		templinfo["ServerMessage"] = "Bonked!"
1060		err = readviews.Execute(w, "msg.html", templinfo)
1061		if err != nil {
1062			log.Print(err)
1063		}
1064	}
1065}
1066
1067func sendzonkofsorts(xonk *Honk, user *WhatAbout, what string) {
1068	zonk := &Honk{
1069		What:     what,
1070		XID:      xonk.XID,
1071		Date:     time.Now().UTC(),
1072		Audience: oneofakind(xonk.Audience),
1073	}
1074	zonk.Public = loudandproud(zonk.Audience)
1075
1076	log.Printf("announcing %sed honk: %s", what, xonk.XID)
1077	go honkworldwide(user, zonk)
1078}
1079
1080func zonkit(w http.ResponseWriter, r *http.Request) {
1081	wherefore := r.FormValue("wherefore")
1082	what := r.FormValue("what")
1083	userinfo := login.GetUserInfo(r)
1084	user, _ := butwhatabout(userinfo.Username)
1085
1086	if wherefore == "save" {
1087		xonk := getxonk(userinfo.UserID, what)
1088		if xonk != nil {
1089			_, err := stmtUpdateFlags.Exec(flagIsSaved, xonk.ID)
1090			if err != nil {
1091				log.Printf("error saving: %s", err)
1092			}
1093		}
1094		return
1095	}
1096
1097	if wherefore == "unsave" {
1098		xonk := getxonk(userinfo.UserID, what)
1099		if xonk != nil {
1100			_, err := stmtClearFlags.Exec(flagIsSaved, xonk.ID)
1101			if err != nil {
1102				log.Printf("error unsaving: %s", err)
1103			}
1104		}
1105		return
1106	}
1107
1108	// my hammer is too big, oh well
1109	defer oldjonks.Flush()
1110
1111	if wherefore == "ack" {
1112		xonk := getxonk(userinfo.UserID, what)
1113		if xonk != nil && !xonk.IsAcked() {
1114			_, err := stmtUpdateFlags.Exec(flagIsAcked, xonk.ID)
1115			if err != nil {
1116				log.Printf("error acking: %s", err)
1117			}
1118			sendzonkofsorts(xonk, user, "ack")
1119		}
1120		return
1121	}
1122
1123	if wherefore == "deack" {
1124		xonk := getxonk(userinfo.UserID, what)
1125		if xonk != nil && xonk.IsAcked() {
1126			_, err := stmtClearFlags.Exec(flagIsAcked, xonk.ID)
1127			if err != nil {
1128				log.Printf("error deacking: %s", err)
1129			}
1130			sendzonkofsorts(xonk, user, "deack")
1131		}
1132		return
1133	}
1134
1135	if wherefore == "unbonk" {
1136		xonk := getbonk(userinfo.UserID, what)
1137		if xonk != nil {
1138			deletehonk(xonk.ID)
1139			xonk = getxonk(userinfo.UserID, what)
1140			_, err := stmtClearFlags.Exec(flagIsBonked, xonk.ID)
1141			if err != nil {
1142				log.Printf("error unbonking: %s", err)
1143			}
1144			sendzonkofsorts(xonk, user, "unbonk")
1145		}
1146		return
1147	}
1148
1149	if wherefore == "untag" {
1150		xonk := getxonk(userinfo.UserID, what)
1151		if xonk != nil {
1152			_, err := stmtUpdateFlags.Exec(flagIsUntagged, xonk.ID)
1153			if err != nil {
1154				log.Printf("error untagging: %s", err)
1155			}
1156		}
1157		var badparents map[string]bool
1158		untagged.GetAndLock(userinfo.UserID, &badparents)
1159		badparents[what] = true
1160		untagged.Unlock()
1161		return
1162	}
1163
1164	log.Printf("zonking %s %s", wherefore, what)
1165	if wherefore == "zonk" {
1166		xonk := getxonk(userinfo.UserID, what)
1167		if xonk != nil {
1168			deletehonk(xonk.ID)
1169			if xonk.Whofore == 2 || xonk.Whofore == 3 {
1170				sendzonkofsorts(xonk, user, "zonk")
1171			}
1172		}
1173	}
1174	_, err := stmtSaveZonker.Exec(userinfo.UserID, what, wherefore)
1175	if err != nil {
1176		log.Printf("error saving zonker: %s", err)
1177		return
1178	}
1179}
1180
1181func edithonkpage(w http.ResponseWriter, r *http.Request) {
1182	u := login.GetUserInfo(r)
1183	user, _ := butwhatabout(u.Username)
1184	xid := r.FormValue("xid")
1185	honk := getxonk(u.UserID, xid)
1186	if !canedithonk(user, honk) {
1187		http.Error(w, "no editing that please", http.StatusInternalServerError)
1188		return
1189	}
1190
1191	noise := honk.Noise
1192
1193	honks := []*Honk{honk}
1194	donksforhonks(honks)
1195	reverbolate(u.UserID, honks)
1196	templinfo := getInfo(r)
1197	templinfo["HonkCSRF"] = login.GetCSRF("honkhonk", r)
1198	templinfo["Honks"] = honks
1199	templinfo["Noise"] = noise
1200	templinfo["SavedPlace"] = honk.Place
1201	templinfo["ServerMessage"] = "honk edit"
1202	templinfo["IsPreview"] = true
1203	templinfo["UpdateXID"] = honk.XID
1204	if len(honk.Donks) > 0 {
1205		templinfo["SavedFile"] = honk.Donks[0].XID
1206	}
1207	err := readviews.Execute(w, "honkpage.html", templinfo)
1208	if err != nil {
1209		log.Print(err)
1210	}
1211}
1212
1213func newhonkpage(w http.ResponseWriter, r *http.Request) {
1214	u := login.GetUserInfo(r)
1215	rid := r.FormValue("rid")
1216	noise := ""
1217
1218	xonk := getxonk(u.UserID, rid)
1219	if xonk != nil {
1220		_, replto := handles(xonk.Honker)
1221		if replto != "" {
1222			noise = "@" + replto + " "
1223		}
1224	}
1225
1226	templinfo := getInfo(r)
1227	templinfo["HonkCSRF"] = login.GetCSRF("honkhonk", r)
1228	templinfo["InReplyTo"] = rid
1229	templinfo["Noise"] = noise
1230	templinfo["ServerMessage"] = "compose honk"
1231	templinfo["IsPreview"] = true
1232	err := readviews.Execute(w, "honkpage.html", templinfo)
1233	if err != nil {
1234		log.Print(err)
1235	}
1236}
1237
1238func canedithonk(user *WhatAbout, honk *Honk) bool {
1239	if honk == nil || honk.Honker != user.URL || honk.What == "bonk" {
1240		return false
1241	}
1242	return true
1243}
1244
1245// what a hot mess this function is
1246func submithonk(w http.ResponseWriter, r *http.Request) {
1247	rid := r.FormValue("rid")
1248	noise := r.FormValue("noise")
1249
1250	userinfo := login.GetUserInfo(r)
1251	user, _ := butwhatabout(userinfo.Username)
1252
1253	dt := time.Now().UTC()
1254	updatexid := r.FormValue("updatexid")
1255	var honk *Honk
1256	if updatexid != "" {
1257		honk = getxonk(userinfo.UserID, updatexid)
1258		if !canedithonk(user, honk) {
1259			http.Error(w, "no editing that please", http.StatusInternalServerError)
1260			return
1261		}
1262		honk.Date = dt
1263		honk.What = "update"
1264		honk.Format = "markdown"
1265	} else {
1266		xid := fmt.Sprintf("%s/%s/%s", user.URL, honkSep, xfiltrate())
1267		what := "honk"
1268		if rid != "" {
1269			what = "tonk"
1270		}
1271		honk = &Honk{
1272			UserID:   userinfo.UserID,
1273			Username: userinfo.Username,
1274			What:     what,
1275			Honker:   user.URL,
1276			XID:      xid,
1277			Date:     dt,
1278			Format:   "markdown",
1279		}
1280	}
1281
1282	noise = hooterize(noise)
1283	honk.Noise = noise
1284	translate(honk, false)
1285
1286	var convoy string
1287	if rid != "" {
1288		xonk := getxonk(userinfo.UserID, rid)
1289		if xonk != nil {
1290			if xonk.Public {
1291				honk.Audience = append(honk.Audience, xonk.Audience...)
1292			}
1293			convoy = xonk.Convoy
1294		} else {
1295			xonkaud, c := whosthere(rid)
1296			honk.Audience = append(honk.Audience, xonkaud...)
1297			convoy = c
1298		}
1299		for i, a := range honk.Audience {
1300			if a == thewholeworld {
1301				honk.Audience[0], honk.Audience[i] = honk.Audience[i], honk.Audience[0]
1302				break
1303			}
1304		}
1305		honk.RID = rid
1306	} else {
1307		honk.Audience = []string{thewholeworld}
1308	}
1309	if honk.Noise != "" && honk.Noise[0] == '@' {
1310		honk.Audience = append(grapevine(honk.Noise), honk.Audience...)
1311	} else {
1312		honk.Audience = append(honk.Audience, grapevine(honk.Noise)...)
1313	}
1314
1315	if convoy == "" {
1316		convoy = "data:,electrichonkytonk-" + xfiltrate()
1317	}
1318	butnottooloud(honk.Audience)
1319	honk.Audience = oneofakind(honk.Audience)
1320	if len(honk.Audience) == 0 {
1321		log.Printf("honk to nowhere")
1322		http.Error(w, "honk to nowhere...", http.StatusNotFound)
1323		return
1324	}
1325	honk.Public = loudandproud(honk.Audience)
1326	honk.Convoy = convoy
1327
1328	donkxid := r.FormValue("donkxid")
1329	if donkxid == "" {
1330		file, filehdr, err := r.FormFile("donk")
1331		if err == nil {
1332			var buf bytes.Buffer
1333			io.Copy(&buf, file)
1334			file.Close()
1335			data := buf.Bytes()
1336			xid := xfiltrate()
1337			var media, name string
1338			img, err := image.Vacuum(&buf, image.Params{MaxWidth: 2048, MaxHeight: 2048})
1339			if err == nil {
1340				data = img.Data
1341				format := img.Format
1342				media = "image/" + format
1343				if format == "jpeg" {
1344					format = "jpg"
1345				}
1346				name = xid + "." + format
1347				xid = name
1348			} else {
1349				ct := http.DetectContentType(data)
1350				switch ct {
1351				case "application/pdf":
1352					maxsize := 1000000
1353					if len(data) > maxsize {
1354						log.Printf("bad image: %s too much pdf: %d", err, len(data))
1355						http.Error(w, "didn't like your attachment", http.StatusUnsupportedMediaType)
1356						return
1357					}
1358					media = ct
1359					xid += ".pdf"
1360					name = filehdr.Filename
1361					if name == "" {
1362						name = xid
1363					}
1364				default:
1365					maxsize := 100000
1366					if len(data) > maxsize {
1367						log.Printf("bad image: %s too much text: %d", err, len(data))
1368						http.Error(w, "didn't like your attachment", http.StatusUnsupportedMediaType)
1369						return
1370					}
1371					for i := 0; i < len(data); i++ {
1372						if data[i] < 32 && data[i] != '\t' && data[i] != '\r' && data[i] != '\n' {
1373							log.Printf("bad image: %s not text: %d", err, data[i])
1374							http.Error(w, "didn't like your attachment", http.StatusUnsupportedMediaType)
1375							return
1376						}
1377					}
1378					media = "text/plain"
1379					xid += ".txt"
1380					name = filehdr.Filename
1381					if name == "" {
1382						name = xid
1383					}
1384				}
1385			}
1386			desc := strings.TrimSpace(r.FormValue("donkdesc"))
1387			if desc == "" {
1388				desc = name
1389			}
1390			url := fmt.Sprintf("https://%s/d/%s", serverName, xid)
1391			fileid, err := savefile(xid, name, desc, url, media, true, data)
1392			if err != nil {
1393				log.Printf("unable to save image: %s", err)
1394				return
1395			}
1396			d := &Donk{
1397				FileID: fileid,
1398				XID:    xid,
1399				Desc:   desc,
1400				URL:    url,
1401				Local:  true,
1402			}
1403			honk.Donks = append(honk.Donks, d)
1404			donkxid = xid
1405		}
1406	} else {
1407		xid := donkxid
1408		url := fmt.Sprintf("https://%s/d/%s", serverName, xid)
1409		donk := finddonk(url)
1410		if donk != nil {
1411			honk.Donks = append(honk.Donks, donk)
1412		} else {
1413			log.Printf("can't find file: %s", xid)
1414		}
1415	}
1416	herd := herdofemus(noise)
1417	for _, e := range herd {
1418		donk := savedonk(e.ID, e.Name, e.Name, "image/png", true)
1419		if donk != nil {
1420			donk.Name = e.Name
1421			honk.Donks = append(honk.Donks, donk)
1422		}
1423	}
1424	memetize(honk)
1425	imaginate(honk)
1426
1427	placename := strings.TrimSpace(r.FormValue("placename"))
1428	placelat := strings.TrimSpace(r.FormValue("placelat"))
1429	placelong := strings.TrimSpace(r.FormValue("placelong"))
1430	placeurl := strings.TrimSpace(r.FormValue("placeurl"))
1431	if placename != "" || placelat != "" || placelong != "" || placeurl != "" {
1432		p := new(Place)
1433		p.Name = placename
1434		p.Latitude, _ = strconv.ParseFloat(placelat, 64)
1435		p.Longitude, _ = strconv.ParseFloat(placelong, 64)
1436		p.Url = placeurl
1437		honk.Place = p
1438	}
1439	timestart := strings.TrimSpace(r.FormValue("timestart"))
1440	if timestart != "" {
1441		t := new(Time)
1442		now := time.Now().Local()
1443		for _, layout := range []string{"2006-01-02 3:04pm", "2006-01-02 15:04", "3:04pm", "15:04"} {
1444			start, err := time.ParseInLocation(layout, timestart, now.Location())
1445			if err == nil {
1446				if start.Year() == 0 {
1447					start = time.Date(now.Year(), now.Month(), now.Day(), start.Hour(), start.Minute(), 0, 0, now.Location())
1448				}
1449				t.StartTime = start
1450				break
1451			}
1452		}
1453		timeend := r.FormValue("timeend")
1454		dur := parseDuration(timeend)
1455		if dur != 0 {
1456			t.Duration = Duration(dur)
1457		}
1458		if !t.StartTime.IsZero() {
1459			honk.What = "event"
1460			honk.Time = t
1461		}
1462	}
1463
1464	if honk.Public {
1465		honk.Whofore = 2
1466	} else {
1467		honk.Whofore = 3
1468	}
1469
1470	// back to markdown
1471	honk.Noise = noise
1472
1473	if r.FormValue("preview") == "preview" {
1474		honks := []*Honk{honk}
1475		reverbolate(userinfo.UserID, honks)
1476		templinfo := getInfo(r)
1477		templinfo["HonkCSRF"] = login.GetCSRF("honkhonk", r)
1478		templinfo["Honks"] = honks
1479		templinfo["InReplyTo"] = r.FormValue("rid")
1480		templinfo["Noise"] = r.FormValue("noise")
1481		templinfo["SavedFile"] = donkxid
1482		templinfo["IsPreview"] = true
1483		templinfo["ServerMessage"] = "honk preview"
1484		err := readviews.Execute(w, "honkpage.html", templinfo)
1485		if err != nil {
1486			log.Print(err)
1487		}
1488		return
1489	}
1490
1491	if updatexid != "" {
1492		updatehonk(honk)
1493		oldjonks.Clear(honk.XID)
1494	} else {
1495		err := savehonk(honk)
1496		if err != nil {
1497			log.Printf("uh oh")
1498			return
1499		}
1500	}
1501
1502	// reload for consistency
1503	honk.Donks = nil
1504	donksforhonks([]*Honk{honk})
1505
1506	go honkworldwide(user, honk)
1507
1508	http.Redirect(w, r, honk.XID[len(serverName)+8:], http.StatusSeeOther)
1509}
1510
1511func showhonkers(w http.ResponseWriter, r *http.Request) {
1512	userinfo := login.GetUserInfo(r)
1513	templinfo := getInfo(r)
1514	templinfo["Honkers"] = gethonkers(userinfo.UserID)
1515	templinfo["HonkerCSRF"] = login.GetCSRF("submithonker", r)
1516	err := readviews.Execute(w, "honkers.html", templinfo)
1517	if err != nil {
1518		log.Print(err)
1519	}
1520}
1521
1522var combocache = cache.New(cache.Options{Filler: func(userid int64) ([]string, bool) {
1523	honkers := gethonkers(userid)
1524	var combos []string
1525	for _, h := range honkers {
1526		combos = append(combos, h.Combos...)
1527	}
1528	for i, c := range combos {
1529		if c == "-" {
1530			combos[i] = ""
1531		}
1532	}
1533	combos = oneofakind(combos)
1534	sort.Strings(combos)
1535	return combos, true
1536}, Invalidator: &honkerinvalidator})
1537
1538func showcombos(w http.ResponseWriter, r *http.Request) {
1539	userinfo := login.GetUserInfo(r)
1540	var combos []string
1541	combocache.Get(userinfo.UserID, &combos)
1542	templinfo := getInfo(r)
1543	err := readviews.Execute(w, "combos.html", templinfo)
1544	if err != nil {
1545		log.Print(err)
1546	}
1547}
1548
1549func submithonker(w http.ResponseWriter, r *http.Request) {
1550	u := login.GetUserInfo(r)
1551	name := strings.TrimSpace(r.FormValue("name"))
1552	url := strings.TrimSpace(r.FormValue("url"))
1553	peep := r.FormValue("peep")
1554	combos := strings.TrimSpace(r.FormValue("combos"))
1555	combos = " " + combos + " "
1556	honkerid, _ := strconv.ParseInt(r.FormValue("honkerid"), 10, 0)
1557
1558	defer honkerinvalidator.Clear(u.UserID)
1559
1560	if honkerid > 0 {
1561		goodbye := r.FormValue("goodbye")
1562		if goodbye == "F" {
1563			db := opendatabase()
1564			row := db.QueryRow("select xid from honkers where honkerid = ? and userid = ? and flavor in ('sub')",
1565				honkerid, u.UserID)
1566			err := row.Scan(&url)
1567			if err != nil {
1568				log.Printf("can't get honker xid: %s", err)
1569				return
1570			}
1571			log.Printf("unsubscribing from %s", url)
1572			user, _ := butwhatabout(u.Username)
1573			_, err = stmtUpdateFlavor.Exec("unsub", u.UserID, url, name, "sub")
1574			if err != nil {
1575				log.Printf("error updating honker: %s", err)
1576				return
1577			}
1578			go itakeitallback(user, url)
1579
1580			http.Redirect(w, r, "/honkers", http.StatusSeeOther)
1581			return
1582		}
1583		if goodbye == "X" {
1584			var owner string
1585			db := opendatabase()
1586			row := db.QueryRow("select xid, owner from honkers where honkerid = ? and userid = ? and flavor in ('unsub', 'peep')",
1587				honkerid, u.UserID)
1588			err := row.Scan(&url, &owner)
1589			if err != nil {
1590				log.Printf("can't get honker xid: %s", err)
1591				return
1592			}
1593			log.Printf("resubscribing to %s", url)
1594			user, _ := butwhatabout(u.Username)
1595			_, err = stmtUpdateFlavor.Exec("presub", u.UserID, url, name, "unsub")
1596			if err == nil {
1597				_, err = stmtUpdateFlavor.Exec("presub", u.UserID, url, name, "peep")
1598			}
1599			if err != nil {
1600				log.Printf("error updating honker: %s", err)
1601				return
1602			}
1603			go subsub(user, url, owner)
1604
1605			http.Redirect(w, r, "/honkers", http.StatusSeeOther)
1606			return
1607		}
1608		_, err := stmtUpdateHonker.Exec(name, combos, honkerid, u.UserID)
1609		if err != nil {
1610			log.Printf("update honker err: %s", err)
1611			return
1612		}
1613		http.Redirect(w, r, "/honkers", http.StatusSeeOther)
1614		return
1615	}
1616
1617	if url == "" {
1618		http.Error(w, "subscribing to nothing?", http.StatusInternalServerError)
1619		return
1620	}
1621
1622	flavor := "presub"
1623	if peep == "peep" {
1624		flavor = "peep"
1625	}
1626
1627	if url[0] == '#' {
1628		flavor = "peep"
1629		if name == "" {
1630			name = url
1631		}
1632		_, err := stmtSaveHonker.Exec(u.UserID, name, url, flavor, combos, url)
1633		if err != nil {
1634			log.Print(err)
1635			return
1636		}
1637		http.Redirect(w, r, "/honkers", http.StatusSeeOther)
1638		return
1639	}
1640
1641	info, err := investigate(url)
1642	if err != nil {
1643		http.Error(w, "error investigating: "+err.Error(), http.StatusInternalServerError)
1644		log.Printf("failed to investigate honker: %s", err)
1645		return
1646	}
1647	url = info.XID
1648
1649	db := opendatabase()
1650	row := db.QueryRow("select xid from honkers where xid = ? and userid = ? and flavor in ('sub', 'unsub', 'peep')", url, u.UserID)
1651	var x string
1652	err = row.Scan(&x)
1653	if err != sql.ErrNoRows {
1654		http.Error(w, "it seems you are already subscribed to them", http.StatusInternalServerError)
1655		if err != nil {
1656			log.Printf("honker scan err: %s", err)
1657		}
1658		return
1659	}
1660
1661	if name == "" {
1662		name = info.Name
1663	}
1664	_, err = stmtSaveHonker.Exec(u.UserID, name, url, flavor, combos, info.Owner)
1665	if err != nil {
1666		log.Print(err)
1667		return
1668	}
1669	if flavor == "presub" {
1670		user, _ := butwhatabout(u.Username)
1671		go subsub(user, url, info.Owner)
1672	}
1673	http.Redirect(w, r, "/honkers", http.StatusSeeOther)
1674}
1675
1676func hfcspage(w http.ResponseWriter, r *http.Request) {
1677	userinfo := login.GetUserInfo(r)
1678
1679	filters := getfilters(userinfo.UserID, filtAny)
1680
1681	templinfo := getInfo(r)
1682	templinfo["Filters"] = filters
1683	templinfo["FilterCSRF"] = login.GetCSRF("filter", r)
1684	err := readviews.Execute(w, "hfcs.html", templinfo)
1685	if err != nil {
1686		log.Print(err)
1687	}
1688}
1689
1690func savehfcs(w http.ResponseWriter, r *http.Request) {
1691	userinfo := login.GetUserInfo(r)
1692	itsok := r.FormValue("itsok")
1693	if itsok == "iforgiveyou" {
1694		hfcsid, _ := strconv.ParseInt(r.FormValue("hfcsid"), 10, 0)
1695		_, err := stmtDeleteFilter.Exec(userinfo.UserID, hfcsid)
1696		if err != nil {
1697			log.Printf("error deleting filter: %s", err)
1698		}
1699		filtcache.Clear(userinfo.UserID)
1700		http.Redirect(w, r, "/hfcs", http.StatusSeeOther)
1701		return
1702	}
1703
1704	filt := new(Filter)
1705	filt.Name = strings.TrimSpace(r.FormValue("name"))
1706	filt.Date = time.Now().UTC()
1707	filt.Actor = strings.TrimSpace(r.FormValue("actor"))
1708	filt.IncludeAudience = r.FormValue("incaud") == "yes"
1709	filt.Text = strings.TrimSpace(r.FormValue("filttext"))
1710	filt.IsAnnounce = r.FormValue("isannounce") == "yes"
1711	filt.AnnounceOf = strings.TrimSpace(r.FormValue("announceof"))
1712	filt.Reject = r.FormValue("doreject") == "yes"
1713	filt.SkipMedia = r.FormValue("doskipmedia") == "yes"
1714	filt.Hide = r.FormValue("dohide") == "yes"
1715	filt.Collapse = r.FormValue("docollapse") == "yes"
1716	filt.Rewrite = strings.TrimSpace(r.FormValue("filtrewrite"))
1717	filt.Replace = strings.TrimSpace(r.FormValue("filtreplace"))
1718	if dur := parseDuration(r.FormValue("filtduration")); dur > 0 {
1719		filt.Expiration = time.Now().UTC().Add(dur)
1720	}
1721
1722	if filt.Actor == "" && filt.Text == "" {
1723		log.Printf("blank filter")
1724		return
1725	}
1726
1727	j, err := jsonify(filt)
1728	if err == nil {
1729		_, err = stmtSaveFilter.Exec(userinfo.UserID, j)
1730	}
1731	if err != nil {
1732		log.Printf("error saving filter: %s", err)
1733	}
1734
1735	filtcache.Clear(userinfo.UserID)
1736	http.Redirect(w, r, "/hfcs", http.StatusSeeOther)
1737}
1738
1739func accountpage(w http.ResponseWriter, r *http.Request) {
1740	u := login.GetUserInfo(r)
1741	user, _ := butwhatabout(u.Username)
1742	templinfo := getInfo(r)
1743	templinfo["UserCSRF"] = login.GetCSRF("saveuser", r)
1744	templinfo["LogoutCSRF"] = login.GetCSRF("logout", r)
1745	templinfo["User"] = user
1746	err := readviews.Execute(w, "account.html", templinfo)
1747	if err != nil {
1748		log.Print(err)
1749	}
1750}
1751
1752func dochpass(w http.ResponseWriter, r *http.Request) {
1753	err := login.ChangePassword(w, r)
1754	if err != nil {
1755		log.Printf("error changing password: %s", err)
1756	}
1757	http.Redirect(w, r, "/account", http.StatusSeeOther)
1758}
1759
1760func fingerlicker(w http.ResponseWriter, r *http.Request) {
1761	orig := r.FormValue("resource")
1762
1763	log.Printf("finger lick: %s", orig)
1764
1765	if strings.HasPrefix(orig, "acct:") {
1766		orig = orig[5:]
1767	}
1768
1769	name := orig
1770	idx := strings.LastIndexByte(name, '/')
1771	if idx != -1 {
1772		name = name[idx+1:]
1773		if fmt.Sprintf("https://%s/%s/%s", serverName, userSep, name) != orig {
1774			log.Printf("foreign request rejected")
1775			name = ""
1776		}
1777	} else {
1778		idx = strings.IndexByte(name, '@')
1779		if idx != -1 {
1780			name = name[:idx]
1781			if name+"@"+serverName != orig {
1782				log.Printf("foreign request rejected")
1783				name = ""
1784			}
1785		}
1786	}
1787	user, err := butwhatabout(name)
1788	if err != nil {
1789		http.NotFound(w, r)
1790		return
1791	}
1792	if stealthmode(user.ID, r) {
1793		http.NotFound(w, r)
1794		return
1795	}
1796
1797	j := junk.New()
1798	j["subject"] = fmt.Sprintf("acct:%s@%s", user.Name, serverName)
1799	j["aliases"] = []string{user.URL}
1800	l := junk.New()
1801	l["rel"] = "self"
1802	l["type"] = `application/activity+json`
1803	l["href"] = user.URL
1804	j["links"] = []junk.Junk{l}
1805
1806	w.Header().Set("Content-Type", "application/jrd+json")
1807	j.Write(w)
1808}
1809
1810func somedays() string {
1811	secs := 432000 + notrand.Int63n(432000)
1812	return fmt.Sprintf("%d", secs)
1813}
1814
1815func avatate(w http.ResponseWriter, r *http.Request) {
1816	n := r.FormValue("a")
1817	a := avatar(n)
1818	w.Header().Set("Cache-Control", "max-age="+somedays())
1819	w.Write(a)
1820}
1821
1822func serveasset(w http.ResponseWriter, r *http.Request) {
1823	w.Header().Set("Cache-Control", "max-age=7776000")
1824	dir := viewDir
1825	if r.URL.Path == "/local.css" {
1826		dir = dataDir
1827	}
1828	http.ServeFile(w, r, dir+"/views"+r.URL.Path)
1829}
1830func servehelp(w http.ResponseWriter, r *http.Request) {
1831	name := mux.Vars(r)["name"]
1832	w.Header().Set("Cache-Control", "max-age=3600")
1833	http.ServeFile(w, r, viewDir+"/docs/"+name)
1834}
1835func servehtml(w http.ResponseWriter, r *http.Request) {
1836	u := login.GetUserInfo(r)
1837	templinfo := getInfo(r)
1838	templinfo["AboutMsg"] = aboutMsg
1839	templinfo["LoginMsg"] = loginMsg
1840	templinfo["HonkVersion"] = honkVersion
1841	if u == nil {
1842		w.Header().Set("Cache-Control", "max-age=60")
1843	}
1844	err := readviews.Execute(w, r.URL.Path[1:]+".html", templinfo)
1845	if err != nil {
1846		log.Print(err)
1847	}
1848}
1849func serveemu(w http.ResponseWriter, r *http.Request) {
1850	xid := mux.Vars(r)["xid"]
1851	w.Header().Set("Cache-Control", "max-age="+somedays())
1852	http.ServeFile(w, r, dataDir+"/emus/"+xid)
1853}
1854func servememe(w http.ResponseWriter, r *http.Request) {
1855	xid := mux.Vars(r)["xid"]
1856	w.Header().Set("Cache-Control", "max-age="+somedays())
1857	http.ServeFile(w, r, dataDir+"/memes/"+xid)
1858}
1859
1860func servefile(w http.ResponseWriter, r *http.Request) {
1861	xid := mux.Vars(r)["xid"]
1862	row := stmtGetFileData.QueryRow(xid)
1863	var media string
1864	var data []byte
1865	err := row.Scan(&media, &data)
1866	if err != nil {
1867		log.Printf("error loading file: %s", err)
1868		http.NotFound(w, r)
1869		return
1870	}
1871	w.Header().Set("Content-Type", media)
1872	w.Header().Set("X-Content-Type-Options", "nosniff")
1873	w.Header().Set("Cache-Control", "max-age="+somedays())
1874	w.Write(data)
1875}
1876
1877func nomoroboto(w http.ResponseWriter, r *http.Request) {
1878	io.WriteString(w, "User-agent: *\n")
1879	io.WriteString(w, "Disallow: /a\n")
1880	io.WriteString(w, "Disallow: /d\n")
1881	io.WriteString(w, "Disallow: /meme\n")
1882	io.WriteString(w, "Disallow: /o\n")
1883	for _, u := range allusers() {
1884		fmt.Fprintf(w, "Disallow: /%s/%s/%s/\n", userSep, u.Username, honkSep)
1885	}
1886}
1887
1888func webhydra(w http.ResponseWriter, r *http.Request) {
1889	u := login.GetUserInfo(r)
1890	userid := u.UserID
1891	templinfo := getInfo(r)
1892	templinfo["HonkCSRF"] = login.GetCSRF("honkhonk", r)
1893	page := r.FormValue("page")
1894
1895	wanted, _ := strconv.ParseInt(r.FormValue("tophid"), 10, 0)
1896
1897	var honks []*Honk
1898	switch page {
1899	case "atme":
1900		honks = gethonksforme(userid, wanted)
1901		honks = osmosis(honks, userid, false)
1902		templinfo["ServerMessage"] = "at me!"
1903	case "home":
1904		honks = gethonksforuser(userid, wanted)
1905		honks = osmosis(honks, userid, true)
1906		templinfo["ServerMessage"] = serverMsg
1907	case "first":
1908		honks = gethonksforuserfirstclass(userid, wanted)
1909		honks = osmosis(honks, userid, true)
1910		templinfo["ServerMessage"] = "first class only"
1911	case "saved":
1912		honks = getsavedhonks(userid, wanted)
1913		templinfo["PageName"] = "saved"
1914		templinfo["ServerMessage"] = "saved honks"
1915	case "combo":
1916		c := r.FormValue("c")
1917		honks = gethonksbycombo(userid, c, wanted)
1918		honks = osmosis(honks, userid, false)
1919		templinfo["ServerMessage"] = "honks by combo: " + c
1920	case "convoy":
1921		c := r.FormValue("c")
1922		honks = gethonksbyconvoy(userid, c, wanted)
1923		honks = osmosis(honks, userid, false)
1924		templinfo["ServerMessage"] = "honks in convoy: " + c
1925	case "honker":
1926		xid := r.FormValue("xid")
1927		if strings.IndexByte(xid, '@') != -1 {
1928			xid = gofish(xid)
1929		}
1930		honks = gethonksbyxonker(userid, xid, wanted)
1931		msg := templates.Sprintf(`honks by honker: <a href="%s" ref="noreferrer">%s</a>`, xid, xid)
1932		templinfo["ServerMessage"] = msg
1933	default:
1934		http.NotFound(w, r)
1935	}
1936	if len(honks) > 0 {
1937		templinfo["TopHID"] = honks[0].ID
1938	} else {
1939		templinfo["TopHID"] = wanted
1940	}
1941	reverbolate(userid, honks)
1942	templinfo["Honks"] = honks
1943	w.Header().Set("Content-Type", "text/html; charset=utf-8")
1944	err := readviews.Execute(w, "honkfrags.html", templinfo)
1945	if err != nil {
1946		log.Printf("frag error: %s", err)
1947	}
1948}
1949
1950func apihandler(w http.ResponseWriter, r *http.Request) {
1951	u := login.GetUserInfo(r)
1952	action := r.FormValue("action")
1953	log.Printf("api request '%s' on behalf of %s", action, u.Username)
1954	switch action {
1955	case "honk":
1956		submithonk(w, r)
1957	default:
1958		http.Error(w, "unknown action", http.StatusNotFound)
1959	}
1960}
1961
1962func serve() {
1963	db := opendatabase()
1964	login.Init(db)
1965
1966	listener, err := openListener()
1967	if err != nil {
1968		log.Fatal(err)
1969	}
1970	go redeliverator()
1971	go tracker()
1972
1973	debug := false
1974	getconfig("debug", &debug)
1975	readviews = templates.Load(debug,
1976		viewDir+"/views/honkpage.html",
1977		viewDir+"/views/honkfrags.html",
1978		viewDir+"/views/honkers.html",
1979		viewDir+"/views/hfcs.html",
1980		viewDir+"/views/combos.html",
1981		viewDir+"/views/honkform.html",
1982		viewDir+"/views/honk.html",
1983		viewDir+"/views/account.html",
1984		viewDir+"/views/about.html",
1985		viewDir+"/views/funzone.html",
1986		viewDir+"/views/login.html",
1987		viewDir+"/views/xzone.html",
1988		viewDir+"/views/msg.html",
1989		viewDir+"/views/header.html",
1990		viewDir+"/views/onts.html",
1991		viewDir+"/views/honkpage.js",
1992	)
1993	if !debug {
1994		assets := []string{viewDir + "/views/style.css", dataDir + "/views/local.css", viewDir + "/views/honkpage.js"}
1995		for _, s := range assets {
1996			savedassetparams[s] = getassetparam(s)
1997		}
1998	}
1999
2000	mux := mux.NewRouter()
2001	mux.Use(login.Checker)
2002
2003	mux.Handle("/api", login.TokenRequired(http.HandlerFunc(apihandler)))
2004
2005	posters := mux.Methods("POST").Subrouter()
2006	getters := mux.Methods("GET").Subrouter()
2007
2008	getters.HandleFunc("/", homepage)
2009	getters.HandleFunc("/home", homepage)
2010	getters.HandleFunc("/front", homepage)
2011	getters.HandleFunc("/events", homepage)
2012	getters.HandleFunc("/robots.txt", nomoroboto)
2013	getters.HandleFunc("/rss", showrss)
2014	getters.HandleFunc("/"+userSep+"/{name:[[:alnum:]]+}", showuser)
2015	getters.HandleFunc("/"+userSep+"/{name:[[:alnum:]]+}/"+honkSep+"/{xid:[[:alnum:]]+}", showonehonk)
2016	getters.HandleFunc("/"+userSep+"/{name:[[:alnum:]]+}/rss", showrss)
2017	posters.HandleFunc("/"+userSep+"/{name:[[:alnum:]]+}/inbox", inbox)
2018	getters.HandleFunc("/"+userSep+"/{name:[[:alnum:]]+}/outbox", outbox)
2019	getters.HandleFunc("/"+userSep+"/{name:[[:alnum:]]+}/followers", emptiness)
2020	getters.HandleFunc("/"+userSep+"/{name:[[:alnum:]]+}/following", emptiness)
2021	getters.HandleFunc("/a", avatate)
2022	getters.HandleFunc("/o", thelistingoftheontologies)
2023	getters.HandleFunc("/o/{name:.+}", showontology)
2024	getters.HandleFunc("/d/{xid:[[:alnum:].]+}", servefile)
2025	getters.HandleFunc("/emu/{xid:[[:alnum:]_.-]+}", serveemu)
2026	getters.HandleFunc("/meme/{xid:[[:alnum:]_.-]+}", servememe)
2027	getters.HandleFunc("/.well-known/webfinger", fingerlicker)
2028
2029	getters.HandleFunc("/server", serveractor)
2030	posters.HandleFunc("/server/inbox", serverinbox)
2031
2032	getters.HandleFunc("/style.css", serveasset)
2033	getters.HandleFunc("/local.css", serveasset)
2034	getters.HandleFunc("/honkpage.js", serveasset)
2035	getters.HandleFunc("/about", servehtml)
2036	getters.HandleFunc("/login", servehtml)
2037	posters.HandleFunc("/dologin", login.LoginFunc)
2038	getters.HandleFunc("/logout", login.LogoutFunc)
2039	getters.HandleFunc("/help/{name:[[:alnum:]_.-]+}", servehelp)
2040
2041	loggedin := mux.NewRoute().Subrouter()
2042	loggedin.Use(login.Required)
2043	loggedin.HandleFunc("/first", homepage)
2044	loggedin.HandleFunc("/saved", homepage)
2045	loggedin.HandleFunc("/account", accountpage)
2046	loggedin.HandleFunc("/funzone", showfunzone)
2047	loggedin.HandleFunc("/chpass", dochpass)
2048	loggedin.HandleFunc("/atme", homepage)
2049	loggedin.HandleFunc("/hfcs", hfcspage)
2050	loggedin.HandleFunc("/xzone", xzone)
2051	loggedin.HandleFunc("/newhonk", newhonkpage)
2052	loggedin.HandleFunc("/edit", edithonkpage)
2053	loggedin.Handle("/honk", login.CSRFWrap("honkhonk", http.HandlerFunc(submithonk)))
2054	loggedin.Handle("/bonk", login.CSRFWrap("honkhonk", http.HandlerFunc(submitbonk)))
2055	loggedin.Handle("/zonkit", login.CSRFWrap("honkhonk", http.HandlerFunc(zonkit)))
2056	loggedin.Handle("/savehfcs", login.CSRFWrap("filter", http.HandlerFunc(savehfcs)))
2057	loggedin.Handle("/saveuser", login.CSRFWrap("saveuser", http.HandlerFunc(saveuser)))
2058	loggedin.Handle("/ximport", login.CSRFWrap("ximport", http.HandlerFunc(ximport)))
2059	loggedin.HandleFunc("/honkers", showhonkers)
2060	loggedin.HandleFunc("/h/{name:[[:alnum:]_.-]+}", showhonker)
2061	loggedin.HandleFunc("/h", showhonker)
2062	loggedin.HandleFunc("/c/{name:[[:alnum:]_.-]+}", showcombo)
2063	loggedin.HandleFunc("/c", showcombos)
2064	loggedin.HandleFunc("/t", showconvoy)
2065	loggedin.HandleFunc("/q", showsearch)
2066	loggedin.HandleFunc("/hydra", webhydra)
2067	loggedin.Handle("/submithonker", login.CSRFWrap("submithonker", http.HandlerFunc(submithonker)))
2068
2069	err = http.Serve(listener, mux)
2070	if err != nil {
2071		log.Fatal(err)
2072	}
2073}