Add more information to errors

Add more information when cacheing breaks, and when people requests
stories that don't exist (probably robots)

README.md

@@ -1,6 +1,24 @@
-# Misc notes.
+# SMR
 
-We need to enable STATX in kore instead of STAT. One of the places seems to have
+## Overview
-ifdef garuds around it, just added it to the other place.
 
-We need to comment out the restrictions on mprotect around line 99 of src/seccomp.c in order for luajit to be able to do it's thing
+This repository contains the source code to a pastebin clone. It was made after
+concerns with pastebin.com taking down certain kinds of content. SMR aims to
+be small, fast, and secure. It is built on top of [Kore](https://kore.io), using
+[luajit](https://luajit.org) to expose a Lua programming environment. It uses
+[sqlite3](https://sqlite.org) as it's database. SMR is implemented in just over
+1.5k SLOC and is expected to never exceed 5k SLOC. Contributions welcome.
+
+## Roadmap
+
+* Accounts (complete)
+* Comments (complete)
+* Tags
+* Author biographies
+
+## Misc notes.
+
+SMR requires a slightly modified version of Kore to run. See [my kore patches](https://git.fuwafuwa.moe/rmalley/kore_patches)
+for the changes I needed to make to get the JIT compiler playing nice with
+Kore's seccomp restrictions. There are a few other changes, like modified kore
+to accept any text as input for things like file upload.

src/lua/init.lua

@@ -228,14 +228,21 @@ local function encode_id(number)
 end
 
 local function decode_id(s)
-        local n = 0
+	local res, id = pcall(function()
-        local charlen = string.len(url_characters)
+		local n = 0
-        for i = 1,string.len(s) do
+		local charlen = string.len(url_characters)
-                local char = string.sub(s,i,i)
+		for i = 1,string.len(s) do
-                local pos = url_characters_rev[char] - 1
+			local char = string.sub(s,i,i)
-                n = n + (pos*math.pow(charlen,i-1))
+			local pos = url_characters_rev[char] - 1
+			n = n + (pos*math.pow(charlen,i-1))
+		end
+		return n
+	end)
+	if res then
+		return id
+	else
+		error("Failed to decode id:" .. s)
 	end
-        return n
 end
 
 local function do_sql(stmnt)
@@ -320,7 +327,7 @@ local function render(pagename,callback)
 		stmnt_cache:reset()
 		--page is not cached
 	elseif err == sql.ROW then
-		print("Cache hit!")
+		print("Cache hit:" .. pagename)
 		data = stmnt_cache:get_values()
 		stmnt_cache:reset()
 		return data[1]
@@ -720,6 +727,9 @@ local function read_story(host,path,idp,show_comments,iam)
 		}
 	end
 	--Don't cache if we're logged in, someone might see dirty cache information on the page.
+	--(I.e. When the user has loaded comments, the form to past a comment may contain a username,
+	--which is not the user's, from whoever loaded the cache last) to fix this bug, don't cache
+	--pages when the user is logged in. All non-logged-in users can see the same page no problem.
 	if not iam then
 		return render(cachestr,readstoryf)
 	else
@@ -795,6 +805,7 @@ function read(req)
 		local idp = string.sub(path,2)--remove leading "/"
 		local id = decode_id(idp)
 		local isanon = 1
+		--Even if an author is logged in, they may post their comment anonymously
 		if author and pasteas ~= "Anonymous" then
 			isanon = 0
 		end
@@ -809,6 +820,7 @@ function read(req)
 		if err ~= sql.DONE then
 			http_response(req,500,"Internal error, failed to post comment. Go back and try again.")
 		else
+			--When we post a comment, we need to dirty the cache for the "comments displayed" page.
 			dirty_cache(string.format("%s%s?comments=1",host,path))
 			local redir = string.format("https://%s%s?comments=1", domain, path)
 			http_response_header(req,"Location",redir)