From 49af7dd65d7677dde7887627c1c4171d43885d4e Mon Sep 17 00:00:00 2001
From: Ajay Ramachandran <dev@ajay.app>
Date: Thu, 22 Aug 2019 00:01:27 -0400
Subject: [PATCH] Added new shadowHidden variable that only lets it get sent
 out to submitters.

---
 databases/_private.db.sql      |  3 +++
 databases/_sponsorTimes.db.sql | 11 ++++++-----
 index.js                       | 20 +++++++++++++++++++-
 3 files changed, 28 insertions(+), 6 deletions(-)

diff --git a/databases/_private.db.sql b/databases/_private.db.sql
index b8f6089..dfd672a 100644
--- a/databases/_private.db.sql
+++ b/databases/_private.db.sql
@@ -1,4 +1,7 @@
 BEGIN TRANSACTION;
+CREATE TABLE IF NOT EXISTS "shadowBannedUsers" (
+	"userID"	TEXT NOT NULL
+);
 CREATE TABLE IF NOT EXISTS "votes" (
 	"UUID"	TEXT NOT NULL,
 	"userID"	INTEGER NOT NULL,
diff --git a/databases/_sponsorTimes.db.sql b/databases/_sponsorTimes.db.sql
index 461272d..ec45877 100644
--- a/databases/_sponsorTimes.db.sql
+++ b/databases/_sponsorTimes.db.sql
@@ -1,8 +1,4 @@
 BEGIN TRANSACTION;
-CREATE TABLE IF NOT EXISTS "userNames" (
-	"userID"	TEXT NOT NULL,
-	"userName"	TEXT NOT NULL
-);
 CREATE TABLE IF NOT EXISTS "sponsorTimes" (
 	"videoID"	TEXT NOT NULL,
 	"startTime"	REAL NOT NULL,
@@ -11,6 +7,11 @@ CREATE TABLE IF NOT EXISTS "sponsorTimes" (
 	"UUID"	TEXT NOT NULL UNIQUE,
 	"userID"	TEXT NOT NULL,
 	"timeSubmitted"	INTEGER NOT NULL,
-	"views"	INTEGER NOT NULL
+	"views"	INTEGER NOT NULL,
+	"shadowHidden"	INTEGER NOT NULL
+);
+CREATE TABLE IF NOT EXISTS "userNames" (
+	"userID"	TEXT NOT NULL,
+	"userName"	TEXT NOT NULL
 );
 COMMIT;
diff --git a/index.js b/index.js
index bbe94bf..b0117aa 100644
--- a/index.js
+++ b/index.js
@@ -37,7 +37,9 @@ app.get('/api/getVideoSponsorTimes', function (req, res) {
     let votes = []
     let UUIDs = [];
 
-    db.prepare("SELECT startTime, endTime, votes, UUID FROM sponsorTimes WHERE videoID = ? ORDER BY startTime").all(videoID, function(err, rows) {
+    let hashedIP = getHash(getIP(req) + globalSalt);
+
+    db.prepare("SELECT startTime, endTime, votes, UUID, shadowHidden FROM sponsorTimes WHERE videoID = ? ORDER BY startTime").all(videoID, async function(err, rows) {
         if (err) console.log(err);
 
         for (let i = 0; i < rows.length; i++) {
@@ -46,6 +48,22 @@ app.get('/api/getVideoSponsorTimes', function (req, res) {
                 //too untrustworthy, just ignore it
                 continue;
             }
+
+            //check if shadowHidden
+            //this means it is hidden to everyone but the original ip that submitted it
+            if (rows[i].shadowHidden == 1) {
+                //get the ip
+                //await the callback
+                let result = await new Promise((resolve, reject) => {
+                    privateDB.prepare("SELECT hashedIP FROM sponsorTimes WHERE videoID = ?").all(videoID, (err, rows) => resolve({err, rows}));
+                });
+
+                if (result.rows.length == 0 || !result.rows.includes({hashedIP})) {
+                    //this isn't their ip, don't send it to them
+                    continue;
+                }
+            }
+
             sponsorTimes.push([]);
             
             let index = sponsorTimes.length - 1;