metacord 0.0.1-security → 1.1.8-Beta

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of metacord might be problematic. Click here for more details.

Files changed (63) hide show
  1. package/LICENSE +21 -0
  2. package/MetaCord_Config.json +14 -0
  3. package/MetaCord_Database/Database.sqlite +0 -0
  4. package/MetaCord_Database/Do not delete this folder or any of the files in it +0 -0
  5. package/README.md +207 -5
  6. package/index.js +678 -0
  7. package/logger.js +16 -0
  8. package/package.json +38 -3
  9. package/src/addExternalModule.js +16 -0
  10. package/src/addUserToGroup.js +78 -0
  11. package/src/changeAdminStatus.js +78 -0
  12. package/src/changeArchivedStatus.js +41 -0
  13. package/src/changeBio.js +65 -0
  14. package/src/changeBlockedStatus.js +36 -0
  15. package/src/changeGroupImage.js +106 -0
  16. package/src/changeNickname.js +45 -0
  17. package/src/changeThreadColor.js +62 -0
  18. package/src/changeThreadEmoji.js +42 -0
  19. package/src/createNewGroup.js +70 -0
  20. package/src/createPoll.js +60 -0
  21. package/src/deleteMessage.js +45 -0
  22. package/src/deleteThread.js +43 -0
  23. package/src/forwardAttachment.js +48 -0
  24. package/src/getCurrentUserID.js +7 -0
  25. package/src/getEmojiUrl.js +27 -0
  26. package/src/getFriendsList.js +73 -0
  27. package/src/getOnlineTime.js +31 -0
  28. package/src/getThreadHistory.js +193 -0
  29. package/src/getThreadInfo.js +197 -0
  30. package/src/getThreadList.js +213 -0
  31. package/src/getThreadPictures.js +59 -0
  32. package/src/getUID.js +57 -0
  33. package/src/getUserID.js +62 -0
  34. package/src/getUserInfo.js +66 -0
  35. package/src/handleFriendRequest.js +49 -0
  36. package/src/handleMessageRequest.js +49 -0
  37. package/src/httpGet.js +49 -0
  38. package/src/httpPost.js +48 -0
  39. package/src/httpPostFormData.js +41 -0
  40. package/src/listenMqtt.js +634 -0
  41. package/src/logout.js +68 -0
  42. package/src/markAsDelivered.js +48 -0
  43. package/src/markAsRead.js +70 -0
  44. package/src/markAsReadAll.js +43 -0
  45. package/src/markAsSeen.js +51 -0
  46. package/src/muteThread.js +47 -0
  47. package/src/removeUserFromGroup.js +49 -0
  48. package/src/resolvePhotoUrl.js +37 -0
  49. package/src/searchForThread.js +43 -0
  50. package/src/sendMessage.js +334 -0
  51. package/src/sendTypingIndicator.js +80 -0
  52. package/src/setMessageReaction.js +109 -0
  53. package/src/setPostReaction.js +102 -0
  54. package/src/setTitle.js +74 -0
  55. package/src/threadColors.js +39 -0
  56. package/src/unfriend.js +43 -0
  57. package/src/unsendMessage.js +40 -0
  58. package/utils/Database.js +42 -0
  59. package/utils/Extension.js +138 -0
  60. package/utils/Html/MetaCord.png +0 -0
  61. package/utils/Html/index.html +200 -0
  62. package/utils/StateCrypt.js +53 -0
  63. package/utils.js +1249 -0
package/LICENSE ADDED
@@ -0,0 +1,21 @@
1
+ MIT License
2
+
3
+ Copyright (c) 2023 Shinchan0911
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining a copy
6
+ of this software and associated documentation files (the "Software"), to deal
7
+ in the Software without restriction, including without limitation the rights
8
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9
+ copies of the Software, and to permit persons to whom the Software is
10
+ furnished to do so, subject to the following conditions:
11
+
12
+ The above copyright notice and this permission notice shall be included in all
13
+ copies or substantial portions of the Software.
14
+
15
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21
+ SOFTWARE.
@@ -0,0 +1,14 @@
1
+ {
2
+ "Config_Version": "1.0.3",
3
+ "Auto_Update": true,
4
+ "Auto_Uptime": true,
5
+ "Encrypt_Appstate": true,
6
+ "Create_Html_Site": {
7
+ "Enable": false,
8
+ "Port": 8080
9
+ },
10
+ "Count_Online_Time": {
11
+ "Enable": true,
12
+ "Format": "{day} : {hour} {minute}"
13
+ }
14
+ }
package/README.md CHANGED
@@ -1,5 +1,207 @@
1
- # Security holding package
2
-
3
- This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
4
-
5
- Please refer to www.npmjs.com/advisories?search=metacord for more information.
1
+ This repo is a fork from main repo and will usually have new features bundled faster than main repo (and maybe bundle some bugs, too).
2
+
3
+ # MetaCord Facebook Chat API
4
+ <a href="https://www.npmjs.com/package/metacord"><img alt="npm version" src="https://img.shields.io/npm/v/metacord.svg?style=flat-square"></a>
5
+ <img alt="version" src="https://img.shields.io/github/package-json/v/shinchan0911/metacord?label=github&style=flat-square">
6
+ <a href="https://www.npmjs.com/package/metacord"><img src="https://img.shields.io/npm/dm/metacord.svg?style=flat-square" alt="npm downloads"></a>
7
+ [![code style: prettier](https://img.shields.io/badge/code_style-prettier-ff69b4.svg?style=flat-square)](https://github.com/prettier/prettier)
8
+
9
+ Facebook now has an official API for chat bots [here](https://developers.facebook.com/docs/messenger-platform).
10
+
11
+ This API is the only way to automate chat functionalities on a user account. We do this by emulating the browser. This means doing the exact same GET/POST requests and tricking Facebook into thinking we're accessing the website normally. Because we're doing it this way, this API won't work with an auth token but requires the credentials of a Facebook account.
12
+
13
+ _Disclaimer_: We are not responsible if your account gets banned for spammy activities such as sending lots of messages to people you don't know, sending messages very quickly, sending spammy looking URLs, logging in and out very quickly... Be responsible Facebook citizens.
14
+
15
+ See [below](#projects-using-this-api) for projects using this API.
16
+
17
+ See the [full changelog](/CHANGELOG.md) for release details.
18
+
19
+ ## Install
20
+ If you just want to use metacord, you should use this command:
21
+ ```bash
22
+ npm install metacord
23
+ ```
24
+ It will download `metacord` from NPM repositories
25
+
26
+ ### Bleeding edge
27
+ If you want to use bleeding edge (directly from github) to test new features or submit bug report, this is the command for you:
28
+ ```bash
29
+ npm install shinchan0911/metacord
30
+ ```
31
+
32
+ ## Testing your bots
33
+ If you want to test your bots without creating another account on Facebook, you can use [Facebook Whitehat Accounts](https://www.facebook.com/whitehat/accounts/).
34
+
35
+ ## Example Usage
36
+ ```javascript
37
+ const login = require("metacord");
38
+
39
+ // Create simple echo bot
40
+ login({email: "FB_EMAIL", password: "FB_PASSWORD"}, (err, api) => {
41
+ if(err) return console.error(err);
42
+
43
+ api.listen((err, message) => {
44
+ api.sendMessage(message.body, message.threadID);
45
+ });
46
+ });
47
+ ```
48
+
49
+ Result:
50
+
51
+ <img width="517" alt="screen shot 2016-11-04 at 14 36 00" src="https://cloud.githubusercontent.com/assets/4534692/20023545/f8c24130-a29d-11e6-9ef7-47568bdbc1f2.png">
52
+
53
+
54
+ ## Documentation
55
+
56
+ You can see it [here](DOCS.md).
57
+
58
+ ## Main Functionality
59
+
60
+ ### Sending a message
61
+ #### api.sendMessage(message, threadID[, callback][, messageID])
62
+
63
+ Various types of message can be sent:
64
+ * *Regular:* set field `body` to the desired message as a string.
65
+ * *Sticker:* set a field `sticker` to the desired sticker ID.
66
+ * *File or image:* Set field `attachment` to a readable stream or an array of readable streams.
67
+ * *URL:* set a field `url` to the desired URL.
68
+ * *Emoji:* set field `emoji` to the desired emoji as a string and set field `emojiSize` with size of the emoji (`small`, `medium`, `large`)
69
+
70
+ Note that a message can only be a regular message (which can be empty) and optionally one of the following: a sticker, an attachment or a url.
71
+
72
+ __Tip__: to find your own ID, you can look inside the cookies. The `userID` is under the name `c_user`.
73
+
74
+ __Example (Basic Message)__
75
+ ```js
76
+ const login = require("metacord");
77
+
78
+ login({email: "FB_EMAIL", password: "FB_PASSWORD"}, (err, api) => {
79
+ if(err) return console.error(err);
80
+
81
+ var yourID = "000000000000000";
82
+ var msg = "Hey!";
83
+ api.sendMessage(msg, yourID);
84
+ });
85
+ ```
86
+
87
+ __Example (File upload)__
88
+ ```js
89
+ const login = require("metacord");
90
+
91
+ login({email: "FB_EMAIL", password: "FB_PASSWORD"}, (err, api) => {
92
+ if(err) return console.error(err);
93
+
94
+ // Note this example uploads an image called image.jpg
95
+ var yourID = "000000000000000";
96
+ var msg = {
97
+ body: "Hey!",
98
+ attachment: fs.createReadStream(__dirname + '/image.jpg')
99
+ }
100
+ api.sendMessage(msg, yourID);
101
+ });
102
+ ```
103
+
104
+ ------------------------------------
105
+ ### Saving session.
106
+
107
+ To avoid logging in every time you should save AppState (cookies etc.) to a file, then you can use it without having password in your scripts.
108
+
109
+ __Example__
110
+
111
+ ```js
112
+ const fs = require("fs");
113
+ const login = require("metacord");
114
+
115
+ var credentials = {email: "FB_EMAIL", password: "FB_PASSWORD"};
116
+
117
+ login(credentials, (err, api) => {
118
+ if(err) return console.error(err);
119
+
120
+ fs.writeFileSync('appstate.json', JSON.stringify(api.getAppState()));
121
+ });
122
+ ```
123
+
124
+ Alternative: Use [c3c-fbstate](https://github.com/lequanglam/c3c-fbstate) to get fbstate.json (appstate.json)
125
+
126
+ ------------------------------------
127
+
128
+ ### Listening to a chat
129
+ #### api.listen(callback)
130
+
131
+ Listen watches for messages sent in a chat. By default this won't receive events (joining/leaving a chat, title change etc…) but it can be activated with `api.setOptions({listenEvents: true})`. This will by default ignore messages sent by the current account, you can enable listening to your own messages with `api.setOptions({selfListen: true})`.
132
+
133
+ __Example__
134
+
135
+ ```js
136
+ const fs = require("fs");
137
+ const login = require("metacord");
138
+
139
+ // Simple echo bot. It will repeat everything that you say.
140
+ // Will stop when you say '/stop'
141
+ login({appState: JSON.parse(fs.readFileSync('appstate.json', 'utf8'))}, (err, api) => {
142
+ if(err) return console.error(err);
143
+
144
+ api.setOptions({listenEvents: true});
145
+
146
+ var stopListening = api.listenMqtt((err, event) => {
147
+ if(err) return console.error(err);
148
+
149
+ api.markAsRead(event.threadID, (err) => {
150
+ if(err) console.error(err);
151
+ });
152
+
153
+ switch(event.type) {
154
+ case "message":
155
+ if(event.body === '/stop') {
156
+ api.sendMessage("Goodbye…", event.threadID);
157
+ return stopListening();
158
+ }
159
+ api.sendMessage("TEST BOT: " + event.body, event.threadID);
160
+ break;
161
+ case "event":
162
+ console.log(event);
163
+ break;
164
+ }
165
+ });
166
+ });
167
+ ```
168
+
169
+ ## FAQS
170
+
171
+ 1. How do I run tests?
172
+ > For tests, create a `test-config.json` file that resembles `example-config.json` and put it in the `test` directory. From the root >directory, run `npm test`.
173
+
174
+ 2. Why doesn't `sendMessage` always work when I'm logged in as a page?
175
+ > Pages can't start conversations with users directly; this is to prevent pages from spamming users.
176
+
177
+ 3. What do I do when `login` doesn't work?
178
+ > First check that you can login to Facebook using the website. If login approvals are enabled, you might be logging in incorrectly. For how to handle login approvals, read our docs on [`login`](DOCS.md#login).
179
+
180
+ 4. How can I avoid logging in every time? Can I log into a previous session?
181
+ > We support caching everything relevant for you to bypass login. `api.getAppState()` returns an object that you can save and pass into login as `{appState: mySavedAppState}` instead of the credentials object. If this fails, your session has expired.
182
+
183
+ 5. Do you support sending messages as a page?
184
+ > Yes, set the pageID option on login (this doesn't work if you set it using api.setOptions, it affects the login process).
185
+ > ```js
186
+ > login(credentials, {pageID: "000000000000000"}, (err, api) => { … }
187
+ > ```
188
+
189
+ 6. I'm getting some crazy weird syntax error like `SyntaxError: Unexpected token [`!!!
190
+ > Please try to update your version of node.js before submitting an issue of this nature. We like to use new language features.
191
+
192
+ 7. I don't want all of these logging messages!
193
+ > You can use `api.setOptions` to silence the logging. You get the `api` object from `login` (see example above). Do
194
+ > ```js
195
+ > api.setOptions({
196
+ > logLevel: "silent"
197
+ > });
198
+ > ```
199
+
200
+ <a name="projects-using-this-api"></a>
201
+ ## Projects using this API:
202
+
203
+ <<<<<<< HEAD
204
+ - [c3c](https://github.com/lequanglam/c3c) - A bot that can be customizable using plugins. Support Facebook & Discord.
205
+ =======
206
+ - [c3c](https://github.com/lequanglam/c3c) - A bot that can be customizable using plugins. Support Facebook & Discord.
207
+ >>>>>>> 506fda2afb170d3f390503581d703afea980769a