Merge Upstream

.classpath

@@ -17,12 +17,12 @@
 			<attribute name="maven.pomderived" value="true"/>
 		</attributes>
 	</classpathentry>
-	<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.7">
+	<classpathentry kind="con" path="org.eclipse.m2e.MAVEN2_CLASSPATH_CONTAINER">
 		<attributes>
 			<attribute name="maven.pomderived" value="true"/>
 		</attributes>
 	</classpathentry>
-	<classpathentry kind="con" path="org.eclipse.m2e.MAVEN2_CLASSPATH_CONTAINER">
+	<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.8">
 		<attributes>
 			<attribute name="maven.pomderived" value="true"/>
 		</attributes>

.gitignore

@@ -1,3 +1,5 @@
 build
 build.properties
 target
+ssl/
+src/main/java/net/socialgamer/cah/util/RealShadowBannedStringProvider.java

.settings/org.eclipse.jdt.core.prefs

@@ -1,14 +1,15 @@
 eclipse.preferences.version=1
 org.eclipse.jdt.core.compiler.codegen.inlineJsrBytecode=enabled
-org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.7
+org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.8
 org.eclipse.jdt.core.compiler.codegen.unusedLocal=preserve
-org.eclipse.jdt.core.compiler.compliance=1.7
+org.eclipse.jdt.core.compiler.compliance=1.8
 org.eclipse.jdt.core.compiler.debug.lineNumber=generate
 org.eclipse.jdt.core.compiler.debug.localVariable=generate
 org.eclipse.jdt.core.compiler.debug.sourceFile=generate
 org.eclipse.jdt.core.compiler.problem.assertIdentifier=error
 org.eclipse.jdt.core.compiler.problem.enumIdentifier=error
-org.eclipse.jdt.core.compiler.source=1.7
+org.eclipse.jdt.core.compiler.problem.forbiddenReference=warning
+org.eclipse.jdt.core.compiler.source=1.8
 org.eclipse.jdt.core.formatter.align_type_members_on_columns=false
 org.eclipse.jdt.core.formatter.alignment_for_arguments_in_allocation_expression=16
 org.eclipse.jdt.core.formatter.alignment_for_arguments_in_annotation=0

.settings/org.eclipse.wst.common.project.facet.core.xml

@@ -6,5 +6,5 @@
   <fixed facet="java"/>
   <installed facet="jst.web" version="3.0"/>
   <installed facet="wst.jsdt.web" version="1.0"/>
-  <installed facet="java" version="1.7"/>
+  <installed facet="java" version="1.8"/>
 </faceted-project>

LICENSE

@@ -0,0 +1,25 @@
+BSD 2-Clause License
+
+Copyright (c) 2012-2020, Andy Janata
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+* Redistributions of source code must retain the above copyright notice, this
+  list of conditions and the following disclaimer.
+
+* Redistributions in binary form must reproduce the above copyright notice,
+  this list of conditions and the following disclaimer in the documentation
+  and/or other materials provided with the distribution.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

README.md

@@ -0,0 +1,21 @@
+Pretend You're Xyzzy
+===================
+
+A Cards Against Humanity clone, server and web client. See WebContent/license.html for full details.
+
+Note: This project is only known to work with Tomcat 7, all other versions are unsupported. 
+Currently, the only way to build PYX is using Maven via ```mvn clean package war:war``` in the project's directory.
+
+
+If you're doing ```mvn clean package war:exploded jetty:run```, you now need to add ```-Dmaven.buildNumber.doCheck=false -Dmaven.buildNumber.doUpdate=false``` to make the buildnumber plugin allow you to run with uncommited changes.
+
+
+For GeoIP functions to work, download http://geolite.maxmind.com/download/geoip/database/GeoLite2-City.mmdb.gz somewhere, gunzip it, and update the geoip.db value in build.properties to point to it.
+
+## Third-Party Usage
+
+A Docker package for this project exists at [emcniece/DockerYourXyzzy](https://github.com/emcniece/DockerYourXyzzy):
+
+```sh
+docker run -d -p 8080:8080 emcniece/dockeryourxyzzy:dev
+```

WebContent/addcard.jsp

@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="UTF-8" ?>
 <%--
-Copyright (c) 2012, Andy Janata
+Copyright (c) 2012-2018, Andy Janata
 All rights reserved.
 
 Redistribution and use in source and binary forms, with or without modification, are permitted
@@ -27,16 +27,24 @@ Administration tools.
 @author Andy Janata ([email protected])
 --%>
 <%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" %>
+<%@ page import="com.google.inject.Injector" %>
+<%@ page import="com.google.inject.Key" %>
+<%@ page import="com.google.inject.TypeLiteral" %>
+<%@ page import="net.socialgamer.cah.CahModule.Admins" %>
 <%@ page import="net.socialgamer.cah.HibernateUtil" %>
+<%@ page import="net.socialgamer.cah.StartupUtils" %>
 <%@ page import="net.socialgamer.cah.db.PyxBlackCard" %>
 <%@ page import="net.socialgamer.cah.db.PyxWhiteCard" %>
-<%@ page import="net.socialgamer.cah.Constants" %>
 <%@ page import="net.socialgamer.cah.RequestWrapper" %>
 <%@ page import="org.hibernate.Session" %>
 <%@ page import="org.hibernate.Transaction" %>
+<%@ page import="java.util.Set" %>
 <%
-  RequestWrapper wrapper = new RequestWrapper(request);
-if (!Constants.ADMIN_IP_ADDRESSES.contains(wrapper.getRemoteAddr())) {
+RequestWrapper wrapper = new RequestWrapper(request);
+ServletContext servletContext = pageContext.getServletContext();
+Injector injector = (Injector) servletContext.getAttribute(StartupUtils.INJECTOR);
+Set<String> admins = injector.getInstance(Key.get(new TypeLiteral<Set<String>>(){}, Admins.class));
+if (!admins.contains(wrapper.getRemoteAddr())) {
   response.sendError(403, "Access is restricted to known hosts");
   return;
 }

WebContent/admin.jsp

@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="UTF-8" ?>
 <%--
-Copyright (c) 2012, Andy Janata
+Copyright (c) 2012-2018, Andy Janata
 All rights reserved.
 
 Redistribution and use in source and binary forms, with or without modification, are permitted
@@ -32,8 +32,8 @@ Administration tools.
 <%@ page import="com.google.inject.TypeLiteral" %>
 <%@ page import="net.socialgamer.cah.RequestWrapper" %>
 <%@ page import="net.socialgamer.cah.StartupUtils" %>
+<%@ page import="net.socialgamer.cah.CahModule.Admins" %>
 <%@ page import="net.socialgamer.cah.CahModule.BanList" %>
-<%@ page import="net.socialgamer.cah.Constants" %>
 <%@ page import="net.socialgamer.cah.Constants.DisconnectReason" %>
 <%@ page import="net.socialgamer.cah.Constants.LongPollEvent" %>
 <%@ page import="net.socialgamer.cah.Constants.LongPollResponse" %>
@@ -50,14 +50,14 @@ Administration tools.
 
 <%
 RequestWrapper wrapper = new RequestWrapper(request);
-if (!Constants.ADMIN_IP_ADDRESSES.contains(wrapper.getRemoteAddr())) {
+ServletContext servletContext = pageContext.getServletContext();
+Injector injector = (Injector) servletContext.getAttribute(StartupUtils.INJECTOR);
+Set<String> admins = injector.getInstance(Key.get(new TypeLiteral<Set<String>>(){}, Admins.class));
+if (!admins.contains(wrapper.getRemoteAddr())) {
   response.sendError(403, "Access is restricted to known hosts");
   return;
 }
 
-ServletContext servletContext = pageContext.getServletContext();
-Injector injector = (Injector) servletContext.getAttribute(StartupUtils.INJECTOR);
-
 ConnectedUsers connectedUsers = injector.getInstance(ConnectedUsers.class);
 Set<String> banList = injector.getInstance(Key.get(new TypeLiteral<Set<String>>(){}, BanList.class));
 
@@ -100,7 +100,7 @@ if (banParam != null) {
    user.enqueueMessage(qm);
 
    connectedUsers.removeUser(user, DisconnectReason.BANNED);
-   banList.add(user.getHostName());
+   banList.add(user.getHostname());
   }
   response.sendRedirect("admin.jsp");
   return;
@@ -214,7 +214,7 @@ User list:
 	  %>
 	  <tr>
 	    <td><%= u.getNickname() %></td>
-	    <td><%= u.getHostName() %></td>
+	    <td><%= u.getHostname() %></td>
 	    <td>
         <a href="?kick=<%= u.getNickname() %>">Kick</a>
         <a href="?ban=<%= u.getNickname() %>">Ban</a>

WebContent/cah.css

@@ -1,5 +1,5 @@
 /**
- * Copyright (c) 2012, Andy Janata
+ * Copyright (c) 2012-2018, Andy Janata
  * All rights reserved.
  * 
  * Redistribution and use in source and binary forms, with or without modification, are permitted
@@ -21,8 +21,11 @@
  * WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
-body {
+#gamebody {
   overflow: hidden;
+}
+
+body {
   min-height: 640px;
   background: #eee;
   color: #000;
@@ -143,6 +146,7 @@ h2,h3,h4 {
   border-radius: .25em;
   text-transform: uppercase;
   font-weight: 700;
+  white-space: normal;
 }
 
 .gamelist_lobby_spectate {
@@ -240,6 +244,10 @@ h2,h3,h4 {
   float: right;
 }
 
+#tab-preferences, #tab-gamelist-filters {
+  overflow-y: auto;
+}
+
 .chat {
   border: 1px solid black;
   left: -1px;
@@ -634,3 +642,26 @@ span.debug, span.admin {
   bottom: 19px;
   font-size: 8pt;
 }
+
+dfn {
+  border-bottom: 1px dotted black;
+}
+
+#tweetbox {
+  float: right;
+}
+
+.gamelink {
+  cursor: pointer;
+  text-decoration: underline;
+}
+
+.imagecard {
+  height: 100%;
+  width: 100%;
+}
+
+.card_text {
+  word-wrap: break-word;
+  overflow: hidden;
+}

WebContent/cardsets.jsp

@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="UTF-8" ?>
 <%--
-Copyright (c) 2012, Andy Janata
+Copyright (c) 2012-2018, Andy Janata
 All rights reserved.
 
 Redistribution and use in source and binary forms, with or without modification, are permitted
@@ -27,20 +27,28 @@ Administration tools.
 @author Andy Janata ([email protected])
 --%>
 <%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" %>
+<%@ page import="com.google.inject.Injector" %>
+<%@ page import="com.google.inject.Key" %>
+<%@ page import="com.google.inject.TypeLiteral" %>
 <%@ page import="java.util.ArrayList" %>
 <%@ page import="java.util.List" %>
+<%@ page import="java.util.Set" %>
+<%@ page import="net.socialgamer.cah.CahModule.Admins" %>
 <%@ page import="net.socialgamer.cah.HibernateUtil" %>
+<%@ page import="net.socialgamer.cah.StartupUtils" %>
 <%@ page import="net.socialgamer.cah.db.PyxBlackCard" %>
 <%@ page import="net.socialgamer.cah.db.PyxCardSet" %>
 <%@ page import="net.socialgamer.cah.db.PyxWhiteCard" %>
-<%@ page import="net.socialgamer.cah.Constants" %>
 <%@ page import="net.socialgamer.cah.RequestWrapper" %>
 <%@ page import="org.apache.commons.lang3.StringEscapeUtils" %>
 <%@ page import="org.hibernate.Session" %>
 <%@ page import="org.hibernate.Transaction" %>
 <%
-  RequestWrapper wrapper = new RequestWrapper(request);
-if (!Constants.ADMIN_IP_ADDRESSES.contains(wrapper.getRemoteAddr())) {
+RequestWrapper wrapper = new RequestWrapper(request);
+ServletContext servletContext = pageContext.getServletContext();
+Injector injector = (Injector) servletContext.getAttribute(StartupUtils.INJECTOR);
+Set<String> admins = injector.getInstance(Key.get(new TypeLiteral<Set<String>>(){}, Admins.class));
+if (!admins.contains(wrapper.getRemoteAddr())) {
   response.sendError(403, "Access is restricted to known hosts");
   return;
 }
@@ -151,7 +159,7 @@ try {
   }
 
   @SuppressWarnings("unchecked")
-  List<PyxCardSet> cardSets = hibernateSession.createQuery("from PyxCardSet order by weight, id")
+  List<PyxCardSet> cardSets = hibernateSession.createQuery("from PyxCardSet order by weight, name")
       .setReadOnly(true).list();
 
   @SuppressWarnings("unchecked")
@@ -242,6 +250,8 @@ select {
       <th>Delete</th>
       <th>Edit</th>
       <th>Weight</th>
+      <th>Blacks</th>
+      <th>Whites</th>
       <th>Active</th>
     </tr>
   </thead>
@@ -254,6 +264,8 @@ select {
         <td><a href="?delete=<%=cardSet.getId()%>" onclick="return confirm('Are you sure?')">Delete</a></td>
         <td><a href="?edit=<%=cardSet.getId()%>">Edit</a></td>
         <td><%=cardSet.getWeight()%></td>
+        <td><%=cardSet.getBlackCards().size()%></td>
+        <td><%=cardSet.getWhiteCards().size()%></td>
         <td><%=cardSet.isActive()%></td>
       </tr>
     <%
@@ -281,11 +293,11 @@ select {
   </h2>
   <label for="cardSetName">Name:</label>
   <input type="text" name="cardSetName" id="cardSetName" size="50"
-      value="<%=editCardSet != null ? StringEscapeUtils.escapeXml(editCardSet.getName()) : ""%>" />
+      value="<%=editCardSet != null ? StringEscapeUtils.escapeXml11(editCardSet.getName()) : ""%>" />
   <br/>
   <label for="cardSetDescription">Description:</label>
   <input type="text" name="cardSetDescription" id="cardSetDescription" size="50"
-      value="<%=editCardSet != null ? StringEscapeUtils.escapeXml(editCardSet.getDescription()) : ""%>" />
+      value="<%=editCardSet != null ? StringEscapeUtils.escapeXml11(editCardSet.getDescription()) : ""%>" />
   <br/>
   <label for="cardSetWeight">Weight:</label>
   <input type="text" name="cardSetWeight" id="cardSetWeight" size="4"
@@ -306,7 +318,7 @@ select {
       for (PyxBlackCard blackCard : blackCards) {
     %>
       <option value="<%=blackCard.getId()%>">
-        <%=StringEscapeUtils.escapeXml(blackCard.toString())%>
+        <%=StringEscapeUtils.escapeXml11(blackCard.toString())%>
       </option>
     <%
       }
@@ -326,7 +338,7 @@ select {
         for (PyxBlackCard blackCard : editCardSet.getBlackCards()) {
       %>
         <option value="<%=blackCard.getId()%>" id="bc_<%=blackCard.getId()%>">
-          <%=StringEscapeUtils.escapeXml(blackCard.toString())%>
+          <%=StringEscapeUtils.escapeXml11(blackCard.toString())%>
         </option>
       <%
         }
@@ -343,7 +355,7 @@ select {
       for (PyxWhiteCard whiteCard : whiteCards) {
     %>
       <option value="<%=whiteCard.getId()%>">
-        <%=StringEscapeUtils.escapeXml(whiteCard.toString())%>
+        <%=StringEscapeUtils.escapeXml11(whiteCard.toString())%>
       </option>
     <%
       }
@@ -363,7 +375,7 @@ select {
         for (PyxWhiteCard whiteCard : editCardSet.getWhiteCards()) {
       %>
         <option value="<%= whiteCard.getId() %>" id="wc_<%= whiteCard.getId() %>">
-          <%= StringEscapeUtils.escapeXml(whiteCard.toString()) %>
+          <%= StringEscapeUtils.escapeXml11(whiteCard.toString()) %>
         </option>
       <% } %>
     <% } %>