fix: show local time for ban

fix: escape moderation note before adding to dom
feat: merge
2025-12-27 02:40:39 +01:00 · 2021-09-21 16:12:04 -04:00 · 2021-09-20 11:07:27 -04:00 · 2021-09-20 11:06:55 -04:00
3 changed files with 27 additions and 11 deletions
--- a/public/src/client/account/info.js
+++ b/public/src/client/account/info.js
@@ -21,7 +21,7 @@ define('forum/account/info', ['forum/account/header', 'components', 'forum/accou
 				app.alertSuccess('[[user:info.moderation-note.success]]');
 				var timestamp = Date.now();
 				var data = [{
-					note: note,
+					note: utils.escapeHTML(note),
 					user: app.user,
 					timestamp: timestamp,
 					timestampISO: utils.toISOString(timestamp),
--- a/public/src/sockets.js
+++ b/public/src/sockets.js
@@ -208,15 +208,20 @@ socket = window.socket;
 	}

 	function onEventBanned(data) {
-		var message = data.until ? '[[error:user-banned-reason-until, ' + utils.toISOString(data.until) + ', ' + data.reason + ']]' : '[[error:user-banned-reason, ' + data.reason + ']]';
-
-		bootbox.alert({
-			title: '[[error:user-banned]]',
-			message: message,
-			closeButton: false,
-			callback: function () {
-				window.location.href = config.relative_path + '/';
-			},
+		require(['translator'], function (translator) {
+			var message = data.until ?
+				translator.compile('error:user-banned-reason-until', (new Date(data.until).toLocaleString()), data.reason) :
+				'[[error:user-banned-reason, ' + data.reason + ']]';
+			translator.translate(message, function (message) {
+				bootbox.alert({
+					title: '[[error:user-banned]]',
+					message: message,
+					closeButton: false,
+					callback: function () {
+						window.location.href = config.relative_path + '/';
+					},
+				});
+			});
 		});
 	}

--- a/src/controllers/helpers.js
+++ b/src/controllers/helpers.js
@@ -11,6 +11,7 @@ const privileges = require('../privileges');
 const categories = require('../categories');
 const plugins = require('../plugins');
 const meta = require('../meta');
+const middlewareHelpers = require('../middleware/helpers');

 const helpers = module.exports;

@@ -124,7 +125,17 @@ helpers.notAllowed = async function (req, res, error) {

 	if (req.loggedIn || req.uid === -1) {
 		if (res.locals.isAPI) {
-			helpers.formatApiResponse(403, res, error);
+			if (req.originalUrl.startsWith(`${relative_path}/api/v3`)) {
+				helpers.formatApiResponse(403, res, error);
+			} else {
+				res.status(403).json({
+					path: req.path.replace(/^\/api/, ''),
+					loggedIn: req.loggedIn,
+					error: error,
+					title: '[[global:403.title]]',
+					bodyClass: middlewareHelpers.buildBodyClass(req, res),
+				});
+			}
 		} else {
 			const middleware = require('../middleware');
 			await middleware.buildHeaderAsync(req, res);
Author	SHA1	Message	Date
Barış Soner Uşaklı	e6c9585ae6	fix: show local time for ban	2021-09-21 16:12:04 -04:00
Barış Soner Uşaklı	f57291ef5f	fix: escape moderation note before adding to dom	2021-09-20 11:07:27 -04:00
Barış Soner Uşaklı	9556da11d4	feat: merge	2021-09-20 11:06:55 -04:00