package handlers import ( "log" "net/http" "strconv" "threadr/models" "github.com/gorilla/sessions" ) func BoardHandler(app *App) http.HandlerFunc { return func(w http.ResponseWriter, r *http.Request) { session := r.Context().Value("session").(*sessions.Session) loggedIn := session.Values["user_id"] != nil userID, _ := session.Values["user_id"].(int) boardIDStr := r.URL.Query().Get("id") boardID, err := strconv.Atoi(boardIDStr) if err != nil { http.Error(w, "Invalid board ID", http.StatusBadRequest) return } board, err := models.GetBoardByID(app.DB, boardID) if err != nil { log.Printf("Error fetching board: %v", err) http.Error(w, "Internal Server Error", http.StatusInternalServerError) return } if board == nil { http.Error(w, "Board not found", http.StatusNotFound) return } if board.Private { if !loggedIn { http.Redirect(w, r, app.Config.ThreadrDir+"/login/", http.StatusFound) return } hasPerm, err := models.HasBoardPermission(app.DB, userID, boardID, models.PermViewBoard) if err != nil { log.Printf("Error checking permission: %v", err) http.Error(w, "Internal Server Error", http.StatusInternalServerError) return } if !hasPerm { http.Error(w, "You do not have permission to view this board", http.StatusForbidden) return } } if r.Method == http.MethodPost && loggedIn { action := r.URL.Query().Get("action") if action == "create_thread" { title := r.FormValue("title") threadType := r.FormValue("type") if title == "" || (threadType != "classic" && threadType != "chat" && threadType != "question") { http.Error(w, "Invalid input", http.StatusBadRequest) return } if board.Private { hasPerm, err := models.HasBoardPermission(app.DB, userID, boardID, models.PermPostInBoard) if err != nil { log.Printf("Error checking permission: %v", err) http.Error(w, "Internal Server Error", http.StatusInternalServerError) return } if !hasPerm { http.Error(w, "You do not have permission to post in this board", http.StatusForbidden) return } } thread := models.Thread{ BoardID: boardID, Title: title, Type: threadType, CreatedByUserID: userID, } err = models.CreateThread(app.DB, thread) if err != nil { log.Printf("Error creating thread: %v", err) http.Error(w, "Internal Server Error", http.StatusInternalServerError) return } var threadID int err = app.DB.QueryRow("SELECT LAST_INSERT_ID()").Scan(&threadID) if err != nil { log.Printf("Error getting last insert id: %v", err) http.Error(w, "Internal Server Error", http.StatusInternalServerError) return } http.Redirect(w, r, app.Config.ThreadrDir+"/thread/?id="+strconv.Itoa(threadID), http.StatusFound) return } } threads, err := models.GetThreadsByBoardID(app.DB, boardID) if err != nil { log.Printf("Error fetching threads: %v", err) http.Error(w, "Internal Server Error", http.StatusInternalServerError) return } data := struct { PageData Board models.Board Threads []models.Thread }{ PageData: PageData{ Title: "ThreadR - " + board.Name, Navbar: "boards", LoggedIn: loggedIn, ShowCookieBanner: true, BasePath: app.Config.ThreadrDir, StaticPath: app.Config.ThreadrDir + "/static", CurrentURL: r.URL.Path, }, Board: *board, Threads: threads, } if err := app.Tmpl.ExecuteTemplate(w, "board", data); err != nil { log.Printf("Error executing template in BoardHandler: %v", err) http.Error(w, "Internal Server Error", http.StatusInternalServerError) return } } }