From ff10a54cdd61c476bdd4c3057b7ab35bd5eed735 Mon Sep 17 00:00:00 2001
From: Yanislav Igonin <yanislavdabest@gmail.com>
Date: Tue, 2 Nov 2021 11:10:59 +0200
Subject: [PATCH] fix: captcha checks after post validation now

---
 controllers/threads_controller.go | 44 +++++++++++++++----------------
 1 file changed, 22 insertions(+), 22 deletions(-)

diff --git a/controllers/threads_controller.go b/controllers/threads_controller.go
index 67b4e73..dc7dc15 100644
--- a/controllers/threads_controller.go
+++ b/controllers/threads_controller.go
@@ -101,17 +101,6 @@ func CreateThread(c *gin.Context) {
 		return
 	}
 
-	captchaID := form.Value["captchaId"][0]
-	captchaString := form.Value["captcha"][0]
-	isCaptchaValid := captcha.VerifyString(captchaID, captchaString)
-	if !isCaptchaValid {
-		errorHtmlData := Repositories.BadRequestHtmlData{
-			Message: Repositories.InvalidCaptchaErrorMessage,
-		}
-		c.HTML(http.StatusInternalServerError, "400.html", errorHtmlData)
-		return
-	}
-
 	// TODO: dat shit crashes if no fields in request
 	text := form.Value["text"][0]
 	title := form.Value["title"][0]
@@ -125,6 +114,17 @@ func CreateThread(c *gin.Context) {
 		return
 	}
 
+	captchaID := form.Value["captchaId"][0]
+	captchaString := form.Value["captcha"][0]
+	isCaptchaValid := captcha.VerifyString(captchaID, captchaString)
+	if !isCaptchaValid {
+		errorHtmlData := Repositories.BadRequestHtmlData{
+			Message: Repositories.InvalidCaptchaErrorMessage,
+		}
+		c.HTML(http.StatusInternalServerError, "400.html", errorHtmlData)
+		return
+	}
+
 	conn, err := Db.Pool.Acquire(context.TODO())
 	if err != nil {
 		log.Println("error:", err)
@@ -225,17 +225,6 @@ func UpdateThread(c *gin.Context) {
 		return
 	}
 
-	captchaID := form.Value["captchaId"][0]
-	captchaString := form.Value["captcha"][0]
-	isCaptchaValid := captcha.VerifyString(captchaID, captchaString)
-	if !isCaptchaValid {
-		errorHtmlData := Repositories.BadRequestHtmlData{
-			Message: Repositories.InvalidCaptchaErrorMessage,
-		}
-		c.HTML(http.StatusInternalServerError, "400.html", errorHtmlData)
-		return
-	}
-
 	// TODO: dat shit crashes if no fields in request
 	text := form.Value["text"][0]
 	filesInRequest := form.File["files"]
@@ -248,6 +237,17 @@ func UpdateThread(c *gin.Context) {
 		return
 	}
 
+	captchaID := form.Value["captchaId"][0]
+	captchaString := form.Value["captcha"][0]
+	isCaptchaValid := captcha.VerifyString(captchaID, captchaString)
+	if !isCaptchaValid {
+		errorHtmlData := Repositories.BadRequestHtmlData{
+			Message: Repositories.InvalidCaptchaErrorMessage,
+		}
+		c.HTML(http.StatusInternalServerError, "400.html", errorHtmlData)
+		return
+	}
+
 	isSageField := form.Value["sage"]
 	var isSageString string
 	if len(isSageField) != 0 {