From db1cc6b8d235cc432d72409eac84678e113b65d3 Mon Sep 17 00:00:00 2001
From: barisusakli <barisusakli@gmail.com>
Date: Thu, 8 Jan 2015 15:49:00 -0500
Subject: [PATCH 01/14] search by fullname

---
 public/src/client/users.js |  2 +-
 src/socket.io/user.js      |  2 +-
 src/upgrade.js             | 39 ++++++++++++++++++++++++++++++++++++--
 src/user/profile.js        | 26 +++++++++++++++++++++++++
 src/user/search.js         |  7 ++-----
 5 files changed, 67 insertions(+), 9 deletions(-)

diff --git a/public/src/client/users.js b/public/src/client/users.js
index 60f9d6abb1..67d51dc052 100644
--- a/public/src/client/users.js
+++ b/public/src/client/users.js
@@ -115,7 +115,7 @@ define('forum/users', function() {
 
 				notify.html('<i class="fa fa-spinner fa-spin"></i>');
 
-				socket.emit('user.search', {query: username}, function(err, data) {
+				socket.emit('user.search', {query: username, by: $('.search select').val()}, function(err, data) {
 					if (err) {
 						reset();
 						return app.alertError(err.message);
diff --git a/src/socket.io/user.js b/src/socket.io/user.js
index aadd177e9a..7b1b7eea0e 100644
--- a/src/socket.io/user.js
+++ b/src/socket.io/user.js
@@ -69,7 +69,7 @@ SocketUser.search = function(socket, data, callback) {
 	if (!socket.uid) {
 		return callback(new Error('[[error:not-logged-in]]'));
 	}
-	user.search({query: data.query}, callback);
+	user.search({query: data.query, by: data.by}, callback);
 };
 
 // Password Reset
diff --git a/src/upgrade.js b/src/upgrade.js
index 1564b5453c..f5e548e614 100644
--- a/src/upgrade.js
+++ b/src/upgrade.js
@@ -21,7 +21,7 @@ var db = require('./database'),
 	schemaDate, thisSchemaDate,
 
 	// IMPORTANT: REMEMBER TO UPDATE VALUE OF latestSchema
-	latestSchema = Date.UTC(2015, 0, 8);
+	latestSchema = Date.UTC(2015, 0, 9);
 
 Upgrade.check = function(callback) {
 	db.get('schemaDate', function(err, value) {
@@ -459,7 +459,7 @@ Upgrade.upgrade = function(callback) {
 
 				db.getSortedSetRange('topics:tid', 0, -1, function(err, tids) {
 					if (err) {
-						winston.error('[2014/12/20] Error encountered while updating digest settings');
+						winston.error('[2015/01/08] Error encountered while Updating category topics sorted sets');
 						return next(err);
 					}
 
@@ -490,6 +490,41 @@ Upgrade.upgrade = function(callback) {
 				winston.info('[2015/01/08] Updating category topics sorted sets skipped');
 				next();
 			}
+		},
+		function(next) {
+			thisSchemaDate = Date.UTC(2015, 0, 9);
+			if (schemaDate < thisSchemaDate) {
+				winston.info('[2015/01/09] Creating fullname:uid hash');
+
+				db.getSortedSetRange('users:joindate', 0, -1, function(err, uids) {
+					if (err) {
+						winston.error('[2014/01/09] Error encountered while Creating fullname:uid hash');
+						return next(err);
+					}
+
+					var now = Date.now();
+
+					async.eachLimit(uids, 50, function(uid, next) {
+						db.getObjectFields('user:' + uid, ['fullname'], function(err, userData) {
+							if (err || !userData || !userData.fullname) {
+								return next(err);
+							}
+
+							db.setObjectField('fullname:uid', userData.fullname, uid, next);
+						});
+					}, function(err) {
+						if (err) {
+							winston.error('[2015/01/09] Error encountered while Creating fullname:uid hash');
+							return next(err);
+						}
+						winston.info('[2015/01/09] Creating fullname:uid hash done');
+						Upgrade.update(thisSchemaDate, next);
+					});
+				});
+			} else {
+				winston.info('[2015/01/09] Creating fullname:uid hash skipped');
+				next();
+			}
 		}
 
 
diff --git a/src/user/profile.js b/src/user/profile.js
index 866cc05219..b901bdb066 100644
--- a/src/user/profile.js
+++ b/src/user/profile.js
@@ -113,6 +113,8 @@ module.exports = function(User) {
 					return updateEmail(uid, data.email, next);
 				} else if (field === 'username') {
 					return updateUsername(uid, data.username, next);
+				} else if (field === 'fullname') {
+					return updateFullname(uid, data.fullname, next);
 				} else if (field === 'signature') {
 					data[field] = S(data[field]).stripTags().s;
 				} else if (field === 'website') {
@@ -222,6 +224,30 @@ module.exports = function(User) {
 		});
 	}
 
+	function updateFullname(uid, newFullname, callback) {
+		async.waterfall([
+			function(next) {
+				User.getUserField(uid, 'fullname', next);
+			},
+			function(fullname, next) {
+				if (newFullname === fullname) {
+					return callback();
+				}
+				db.deleteObjectField('fullname:uid', fullname, next);
+			},
+			function(next) {
+				User.setUserField(uid, 'fullname', newFullname, next);
+			},
+			function(next) {
+				if (newFullname) {
+					db.setObjectField('fullname:uid', newFullname, uid, next);
+				} else {
+					next();
+				}
+			}
+		], callback);
+	}
+
 	User.changePassword = function(uid, data, callback) {
 		if (!uid || !data || !data.uid) {
 			return callback(new Error('[[error:invalid-uid]]'));
diff --git a/src/user/search.js b/src/user/search.js
index 9bc162d097..0df56d94de 100644
--- a/src/user/search.js
+++ b/src/user/search.js
@@ -20,13 +20,10 @@ module.exports = function(User) {
 		}
 
 		var start = process.hrtime();
-		var key = 'username:uid';
-		if (by === 'email') {
-			 key = 'email:uid';
-		}
+		var key = by + ':uid';
 
 		db.getObject(key, function(err, hash) {
-			if (err) {
+			if (err || !hash) {
 				return callback(null, {timing: 0, users:[]});
 			}
 

From d7c27b35ab40ee93c669a98a190104dd39ea1cb8 Mon Sep 17 00:00:00 2001
From: barisusakli <barisusakli@gmail.com>
Date: Thu, 8 Jan 2015 17:47:20 -0500
Subject: [PATCH 02/14] closes #2586

---
 src/favourites.js | 24 ++++++++++++++----------
 1 file changed, 14 insertions(+), 10 deletions(-)

diff --git a/src/favourites.js b/src/favourites.js
index 1af5c881b8..11d6ba6721 100644
--- a/src/favourites.js
+++ b/src/favourites.js
@@ -172,6 +172,10 @@ var async = require('async'),
 				return callback(err);
 			}
 
+			if (!voteStatus || (!voteStatus.upvoted && !voteStatus.downvoted)) {
+				return callback();
+			}
+
 			var hook,
 				current = voteStatus.upvoted ? 'upvote' : 'downvote';
 
@@ -184,17 +188,17 @@ var async = require('async'),
 				current = 'unvote';
 			}
 
-			plugins.fireHook('action:post.' + hook, {
-				pid: pid,
-				uid: uid,
-				current: current
+			vote(voteStatus.upvoted ? 'downvote' : 'upvote', true, pid, uid, function(err, data) {
+				if (err) {
+					return callback(err);
+				}
+				plugins.fireHook('action:post.' + hook, {
+					pid: pid,
+					uid: uid,
+					current: current
+				});
+				callback(null, data);
 			});
-
-			if (!voteStatus || (!voteStatus.upvoted && !voteStatus.downvoted)) {
-				return callback();
-			}
-
-			vote(voteStatus.upvoted ? 'downvote' : 'upvote', true, pid, uid, callback);
 		});
 	}
 

From a8de1c14659a4d6f754846c6349d5bd556719fed Mon Sep 17 00:00:00 2001
From: barisusakli <barisusakli@gmail.com>
Date: Thu, 8 Jan 2015 18:24:05 -0500
Subject: [PATCH 03/14] properly fix #2586

---
 src/favourites.js | 42 +++++++++++++++++++++++-------------------
 1 file changed, 23 insertions(+), 19 deletions(-)

diff --git a/src/favourites.js b/src/favourites.js
index 11d6ba6721..4f5ff90274 100644
--- a/src/favourites.js
+++ b/src/favourites.js
@@ -17,15 +17,11 @@ var async = require('async'),
 			return callback(new Error('[[error:not-logged-in]]'));
 		}
 
-		posts.getPostFields(pid, ['pid', 'uid', 'timestamp'], function (err, postData) {
+		posts.getPostFields(pid, ['pid', 'uid'], function (err, postData) {
 			if (err) {
 				return callback(err);
 			}
 
-			if (uid === parseInt(postData.uid, 10)) {
-				return callback(new Error('[[error:cant-vote-self-post]]'));
-			}
-
 			var now = Date.now();
 
 			if(type === 'upvote' && !unvote) {
@@ -167,16 +163,24 @@ var async = require('async'),
 	};
 
 	function unvote(pid, uid, command, callback) {
-		Favourites.hasVoted(pid, uid, function(err, voteStatus) {
+		async.parallel({
+			owner: function(next) {
+				posts.getPostField(pid, 'uid', next);
+			},
+			voteStatus: function(next) {
+				Favourites.hasVoted(pid, uid, next);
+			}
+		}, function(err, results) {
 			if (err) {
 				return callback(err);
 			}
 
-			if (!voteStatus || (!voteStatus.upvoted && !voteStatus.downvoted)) {
-				return callback();
+			if (parseInt(uid, 10) === parseInt(results.owner, 10)) {
+				return callback(new Error('[[error:cant-vote-self-post]]'));
 			}
 
-			var hook,
+			var voteStatus = results.voteStatus,
+				hook,
 				current = voteStatus.upvoted ? 'upvote' : 'downvote';
 
 			if (voteStatus.upvoted && command === 'downvote' || voteStatus.downvoted && command === 'upvote') {
@@ -188,17 +192,17 @@ var async = require('async'),
 				current = 'unvote';
 			}
 
-			vote(voteStatus.upvoted ? 'downvote' : 'upvote', true, pid, uid, function(err, data) {
-				if (err) {
-					return callback(err);
-				}
-				plugins.fireHook('action:post.' + hook, {
-					pid: pid,
-					uid: uid,
-					current: current
-				});
-				callback(null, data);
+			plugins.fireHook('action:post.' + hook, {
+				pid: pid,
+				uid: uid,
+				current: current
 			});
+
+			if (!voteStatus || (!voteStatus.upvoted && !voteStatus.downvoted)) {
+				return callback();
+			}
+
+			vote(voteStatus.upvoted ? 'downvote' : 'upvote', true, pid, uid, callback);
 		});
 	}
 

From a7d73d4106157eb0f2bceaea04180f9e0575208e Mon Sep 17 00:00:00 2001
From: psychobunny <psycho.bunny@hotmail.com>
Date: Fri, 9 Jan 2015 14:33:42 -0500
Subject: [PATCH 04/14] fixes adding new routes to user/xxx/route

---
 public/src/ajaxify.js | 3 ++-
 src/views/config.json | 2 +-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/public/src/ajaxify.js b/public/src/ajaxify.js
index 4896c58195..8a5fa5b4fa 100644
--- a/public/src/ajaxify.js
+++ b/public/src/ajaxify.js
@@ -195,7 +195,8 @@ $(document).ready(function() {
 		ajaxify.getCustomTemplateMapping = function(tpl) {
 			if (templatesModule.config && templatesModule.config.custom_mapping && tpl !== undefined) {
 				for (var pattern in templatesModule.config.custom_mapping) {
-					if (tpl.match(pattern)) {
+					var match = tpl.match(pattern);
+					if (match && match[0] === tpl) {
 						return (templatesModule.config.custom_mapping[pattern]);
 					}
 				}
diff --git a/src/views/config.json b/src/views/config.json
index 70ba11b3af..7a7a5da07d 100644
--- a/src/views/config.json
+++ b/src/views/config.json
@@ -13,7 +13,7 @@
 		"^user/.*/favourites": "account/favourites",
 		"^user/.*/posts": "account/posts",
 		"^user/.*/topics": "account/topics",
-		"^user/.*": "account/profile",
+		"^user/[.^\/]*": "account/profile",
 		"^reset/.*": "reset_code",
 		"^tags/.*": "tag",
 		"^groups/?$": "groups/list",

From 5d43aa32126d50b524af9cd20a870f4f2e8ebc63 Mon Sep 17 00:00:00 2001
From: psychobunny <psycho.bunny@hotmail.com>
Date: Sat, 10 Jan 2015 14:50:28 -0500
Subject: [PATCH 05/14] ability to redirect the user from anywhere

just send

```
callback({
status: 302,
path: '/user/psychobunny'
});
```
---
 src/routes/index.js | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/routes/index.js b/src/routes/index.js
index ffee5b8272..eb35860928 100644
--- a/src/routes/index.js
+++ b/src/routes/index.js
@@ -211,6 +211,10 @@ function handleErrors(app, middleware) {
 			return res.sendStatus(403);
 		}
 
+		if (parseInt(err.status, 10) === 302 && err.path) {
+			return res.locals.isAPI ? res.status(302).json(err) : res.redirect(err.path);
+		}
+
 		res.status(err.status || 500);
 
 		if (res.locals.isAPI) {

From 4ab288acaec34a53aa72acb5c24c461818bd7b53 Mon Sep 17 00:00:00 2001
From: barisusakli <barisusakli@gmail.com>
Date: Sat, 10 Jan 2015 15:03:29 -0500
Subject: [PATCH 06/14] delete fullname:uid mapping on user delete

---
 src/user/delete.js | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/user/delete.js b/src/user/delete.js
index 12b3f390eb..ce7f70a30f 100644
--- a/src/user/delete.js
+++ b/src/user/delete.js
@@ -42,7 +42,7 @@ module.exports = function(User) {
 	}
 
 	User.deleteAccount = function(uid, callback) {
-		User.getUserFields(uid, ['username', 'userslug', 'email'], function(err, userData) {
+		User.getUserFields(uid, ['username', 'userslug', 'fullname', 'email'], function(err, userData) {
 			if (err)  {
 				return callback(err);
 			}
@@ -54,6 +54,9 @@ module.exports = function(User) {
 				function(next) {
 					db.deleteObjectField('userslug:uid', userData.userslug, next);
 				},
+				function(next) {
+					db.deleteObjectField('fullname:uid', userData.fullname, next);
+				},
 				function(next) {
 					if (userData.email) {
 						db.deleteObjectField('email:uid', userData.email.toLowerCase(), next);

From 1caddb6182c24dd6bb6df303abfe6ce052357857 Mon Sep 17 00:00:00 2001
From: barisusakli <barisusakli@gmail.com>
Date: Sat, 10 Jan 2015 16:40:54 -0500
Subject: [PATCH 07/14] uploads controller

---
 src/controllers/uploads.js | 125 ++++++++++++++++++++++++++++++
 src/routes/api.js          | 151 +++++--------------------------------
 2 files changed, 142 insertions(+), 134 deletions(-)
 create mode 100644 src/controllers/uploads.js

diff --git a/src/controllers/uploads.js b/src/controllers/uploads.js
new file mode 100644
index 0000000000..237ae5c453
--- /dev/null
+++ b/src/controllers/uploads.js
@@ -0,0 +1,125 @@
+"use strict";
+
+var uploadsController = {},
+
+	fs = require('fs'),
+	path = require('path'),
+	async = require('async'),
+
+	meta = require('../meta'),
+	plugins = require('../plugins'),
+	utils = require('../../public/src/utils'),
+	image = require('../image');
+
+
+uploadsController.upload = function(req, res, filesIterator, next) {
+	var files = req.files.files;
+
+	if (!req.user) {
+		deleteTempFiles(files);
+		return res.status(403).json('not allowed');
+	}
+
+	if (!Array.isArray(files)) {
+		return res.status(500).json('invalid files');
+	}
+
+	if (Array.isArray(files[0])) {
+		files = files[0];
+	}
+
+	async.map(files, filesIterator, function(err, images) {
+		deleteTempFiles(files);
+
+		if (err) {
+			return res.status(500).send(err.message);
+		}
+
+		// IE8 - send it as text/html so browser won't trigger a file download for the json response
+		// malsup.com/jquery/form/#file-upload
+		res.status(200).send(req.xhr ? images : JSON.stringify(images));
+	});
+};
+
+uploadsController.uploadPost = function(req, res, next) {
+	uploadsController.upload(req, res, function(file, next) {
+		if (file.type.match(/image./)) {
+			uploadImage(req.user.uid, file, next);
+		} else {
+			uploadFile(req.user.uid, file, next);
+		}
+	}, next);
+};
+
+uploadsController.uploadThumb = function(req, res, next) {
+	if (parseInt(meta.config.allowTopicsThumbnail, 10) !== 1) {
+		deleteTempFiles(req.files.files);
+		return next(new Error('[[error:topic-thumbnails-are-disabled]]'));
+	}
+
+	uploadsController.upload(req, res, function(file, next) {
+		if(file.type.match(/image./)) {
+			var size = meta.config.topicThumbSize || 120;
+			image.resizeImage(file.path, path.extname(file.name), size, size, function(err) {
+				if (err) {
+					return next(err);
+				}
+				uploadImage(req.user.uid, file, next);
+			});
+		} else {
+			next(new Error('[[error:invalid-file]]'));
+		}
+	}, next);
+};
+
+function uploadImage(uid, image, callback) {
+	if (plugins.hasListeners('filter:uploadImage')) {
+		return plugins.fireHook('filter:uploadImage', {image: image, uid: uid}, callback);
+	}
+
+	if (parseInt(meta.config.allowFileUploads, 10)) {
+		uploadFile(uid, image, callback);
+	} else {
+		callback(new Error('[[error:uploads-are-disabled]]'));
+	}
+}
+
+function uploadFile(uid, file, callback) {
+	if (plugins.hasListeners('filter:uploadFile')) {
+		return plugins.fireHook('filter:uploadFile', {file: file, uid: uid}, callback);
+	}
+
+	if (parseInt(meta.config.allowFileUploads, 10) !== 1) {
+		return callback(new Error('[[error:uploads-are-disabled]]'));
+	}
+
+	if (!file) {
+		return callback(new Error('[[error:invalid-file]]'));
+	}
+
+	if (file.size > parseInt(meta.config.maximumFileSize, 10) * 1024) {
+		return callback(new Error('[[error:file-too-big, ' + meta.config.maximumFileSize + ']]'));
+	}
+
+	var filename = 'upload-' + utils.generateUUID() + path.extname(file.name);
+	require('../file').saveFileToLocal(filename, 'files', file.path, function(err, upload) {
+		if (err) {
+			return callback(err);
+		}
+
+		callback(null, {
+			url: upload.url,
+			name: file.name
+		});
+	});
+}
+
+function deleteTempFiles(files) {
+	for(var i=0; i<files.length; ++i) {
+		fs.unlink(files[i].path);
+	}
+}
+
+
+
+module.exports = uploadsController;
diff --git a/src/routes/api.js b/src/routes/api.js
index a0a710307b..9d216b8d02 100644
--- a/src/routes/api.js
+++ b/src/routes/api.js
@@ -6,128 +6,33 @@ var path = require('path'),
 	nconf = require('nconf'),
 	express = require('express'),
 
-	user = require('../user'),
-	topics = require('../topics'),
 	posts = require('../posts'),
 	categories = require('../categories'),
-	meta = require('../meta'),
 	plugins = require('../plugins'),
 	utils = require('../../public/src/utils'),
-	image = require('../image'),
-	pkg = require('../../package.json');
+	uploadsController = require('../controllers/uploads');
 
 
-function deleteTempFiles(files) {
-	for(var i=0; i<files.length; ++i) {
-		fs.unlink(files[i].path);
-	}
-}
+module.exports =  function(app, middleware, controllers) {
 
-function upload(req, res, filesIterator, next) {
-	var files = req.files.files;
+	var router = express.Router();
+	app.use('/api', router);
 
-	if (!req.user) {
-		deleteTempFiles(files);
-		return res.status(403).json('not allowed');
-	}
+	router.get('/config', middleware.applyCSRF, controllers.api.getConfig);
+	router.get('/widgets/render', controllers.api.renderWidgets);
 
-	if (!Array.isArray(files)) {
-		return res.status(500).json('invalid files');
-	}
+	router.get('/user/uid/:uid', middleware.checkGlobalPrivacySettings, controllers.accounts.getUserByUID);
+	router.get('/get_templates_listing', getTemplatesListing);
+	router.get('/categories/:cid/moderators', getModerators);
+	router.get('/recent/posts/:term?', getRecentPosts);
 
-	if (Array.isArray(files[0])) {
-		files = files[0];
-	}
-
-	async.map(files, filesIterator, function(err, images) {
-		deleteTempFiles(files);
-
-		if (err) {
-			return res.status(500).send(err.message);
-		}
-
-		// IE8 - send it as text/html so browser won't trigger a file download for the json response
-		// malsup.com/jquery/form/#file-upload
-		res.status(200).send(req.xhr ? images : JSON.stringify(images));
-	});
-}
-
-function uploadPost(req, res, next) {
-	upload(req, res, function(file, next) {
-		if(file.type.match(/image./)) {
-			uploadImage(req.user.uid, file, next);
-		} else {
-			uploadFile(req.user.uid, file, next);
-		}
-	}, next);
-}
-
-function uploadThumb(req, res, next) {
-	if (parseInt(meta.config.allowTopicsThumbnail, 10) !== 1) {
-		deleteTempFiles(req.files.files);
-		return next(new Error('[[error:topic-thumbnails-are-disabled]]'));
-	}
-
-	upload(req, res, function(file, next) {
-		if(file.type.match(/image./)) {
-			var size = meta.config.topicThumbSize || 120;
-			image.resizeImage(file.path, path.extname(file.name), size, size, function(err) {
-				if (err) {
-					return next(err);
-				}
-				uploadImage(req.user.uid, file, next);
-			});
-		} else {
-			next(new Error('[[error:invalid-file]]'));
-		}
-	}, next);
-}
-
-
-function uploadImage(uid, image, callback) {
-	if (plugins.hasListeners('filter:uploadImage')) {
-		plugins.fireHook('filter:uploadImage', {image: image, uid: uid}, callback);
-	} else {
-
-		if (parseInt(meta.config.allowFileUploads, 10)) {
-			uploadFile(uid, image, callback);
-		} else {
-			callback(new Error('[[error:uploads-are-disabled]]'));
-		}
-	}
-}
-
-function uploadFile(uid, file, callback) {
-	if (plugins.hasListeners('filter:uploadFile')) {
-		plugins.fireHook('filter:uploadFile', {file: file, uid: uid}, callback);
-	} else {
-
-		if(parseInt(meta.config.allowFileUploads, 10) !== 1) {
-			return callback(new Error('[[error:uploads-are-disabled]]'));
-		}
-
-		if(!file) {
-			return callback(new Error('[[error:invalid-file]]'));
-		}
-
-		if(file.size > parseInt(meta.config.maximumFileSize, 10) * 1024) {
-			return callback(new Error('[[error:file-too-big, ' + meta.config.maximumFileSize + ']]'));
-		}
-
-		var filename = 'upload-' + utils.generateUUID() + path.extname(file.name);
-		require('../file').saveFileToLocal(filename, 'files', file.path, function(err, upload) {
-			if(err) {
-				return callback(err);
-			}
-
-			callback(null, {
-				url: upload.url,
-				name: file.name
-			});
-		});
-	}
-}
+	var multipart = require('connect-multiparty');
+	var multipartMiddleware = multipart();
 
+	router.post('/post/upload', multipartMiddleware, middleware.applyCSRF, uploadsController.uploadPost);
+	router.post('/topic/thumb/upload', multipartMiddleware, middleware.applyCSRF, uploadsController.uploadThumb);
+	router.post('/user/:userslug/uploadpicture', multipartMiddleware, middleware.applyCSRF, middleware.authenticate, middleware.checkGlobalPrivacySettings, middleware.checkAccountPermissions, controllers.accounts.uploadPicture);
+};
 
 function getModerators(req, res, next) {
 	categories.getModerators(req.params.cid, function(err, moderators) {
@@ -196,26 +101,4 @@ function getRecentPosts(req, res, next) {
 
 		res.json(data);
 	});
-}
-
-module.exports =  function(app, middleware, controllers) {
-
-	var router = express.Router();
-	app.use('/api', router);
-
-	router.get('/config', middleware.applyCSRF, controllers.api.getConfig);
-	router.get('/widgets/render', controllers.api.renderWidgets);
-
-	router.get('/user/uid/:uid', middleware.checkGlobalPrivacySettings, controllers.accounts.getUserByUID);
-	router.get('/get_templates_listing', getTemplatesListing);
-	router.get('/categories/:cid/moderators', getModerators);
-	router.get('/recent/posts/:term?', getRecentPosts);
-
-	var multipart = require('connect-multiparty');
-	var multipartMiddleware = multipart();
-
-	router.post('/post/upload', multipartMiddleware, middleware.applyCSRF, uploadPost);
-	router.post('/topic/thumb/upload', multipartMiddleware, middleware.applyCSRF, uploadThumb);
-	router.post('/user/:userslug/uploadpicture', multipartMiddleware, middleware.applyCSRF, middleware.authenticate, middleware.checkGlobalPrivacySettings, middleware.checkAccountPermissions, controllers.accounts.uploadPicture);
-
-};
+}
\ No newline at end of file

From 9f35a2b251eafa510538cd3c2ae7a3661dca9953 Mon Sep 17 00:00:00 2001
From: barisusakli <barisusakli@gmail.com>
Date: Sat, 10 Jan 2015 17:12:32 -0500
Subject: [PATCH 08/14] flat threadtools.purge

---
 src/threadTools.js | 45 +++++++++++++++++++++------------------------
 1 file changed, 21 insertions(+), 24 deletions(-)

diff --git a/src/threadTools.js b/src/threadTools.js
index 50cd3def95..8e622ce4a0 100644
--- a/src/threadTools.js
+++ b/src/threadTools.js
@@ -73,31 +73,28 @@ var winston = require('winston'),
 	}
 
 	ThreadTools.purge = function(tid, uid, callback) {
-		ThreadTools.exists(tid, function(err, exists) {
-			if (err || !exists) {
-				return callback(err);
-			}
-
-			batch.processSortedSet('tid:' + tid + ':posts', function(pids, next) {
-				async.eachLimit(pids, 10, posts.purge, next);
-			}, {alwaysStartAt: 0}, function(err) {
-				if (err) {
-					return callback(err);
+		async.waterfall([
+			function(next) {
+				ThreadTools.exists(tid, next);
+			},
+			function(exists, next) {
+				if (!exists) {
+					return callback();
 				}
-
-				topics.getTopicField(tid, 'mainPid', function(err, mainPid) {
-					if (err) {
-						return callback(err);
-					}
-					posts.purge(mainPid, function(err) {
-						if (err) {
-							return callback(err);
-						}
-						topics.purge(tid, callback);
-					});
-				});
-			});
-		});
+				batch.processSortedSet('tid:' + tid + ':posts', function(pids, next) {
+					async.eachLimit(pids, 10, posts.purge, next);
+				}, {alwaysStartAt: 0}, next);
+			},
+			function(next) {
+				topics.getTopicField(tid, 'mainPid', next);
+			},
+			function(mainPid, next) {
+				posts.purge(mainPid, next);
+			},
+			function(next) {
+				topics.purge(tid, next);
+			}
+		], callback);
 	};
 
 	ThreadTools.lock = function(tid, uid, callback) {

From 5414c268a05e18299a53d216014f4dfd90badc61 Mon Sep 17 00:00:00 2001
From: barisusakli <barisusakli@gmail.com>
Date: Sat, 10 Jan 2015 17:41:03 -0500
Subject: [PATCH 09/14] sort numerically

---
 public/src/client/topic/fork.js | 4 ++--
 src/topics/fork.js              | 4 +++-
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/public/src/client/topic/fork.js b/public/src/client/topic/fork.js
index 92e9438b24..21f8d06e59 100644
--- a/public/src/client/topic/fork.js
+++ b/public/src/client/topic/fork.js
@@ -101,8 +101,8 @@ define('forum/topic/fork', function() {
 				post.css('opacity', '1.0');
 			}
 
-			if(pids.length) {
-				pids.sort();
+			if (pids.length) {
+				pids.sort(function(a,b) { return a - b; });
 				forkModal.find('#fork-pids').html(pids.toString());
 			} else {
 				showNoPostsSelected();
diff --git a/src/topics/fork.js b/src/topics/fork.js
index d5670bfb9a..4eb1274b2a 100644
--- a/src/topics/fork.js
+++ b/src/topics/fork.js
@@ -28,7 +28,9 @@ module.exports = function(Topics) {
 			return callback(new Error('[[error:invalid-pid]]'));
 		}
 
-		pids.sort();
+		pids.sort(function(a, b) {
+			return a - b;
+		});
 		var mainPid = pids[0];
 
 		async.parallel({

From 23f450adbd42e81eaa108731bccd4a57634c8365 Mon Sep 17 00:00:00 2001
From: barisusakli <barisusakli@gmail.com>
Date: Sat, 10 Jan 2015 17:47:31 -0500
Subject: [PATCH 10/14] delete topic post sorted sets on topic purge

---
 src/topics/delete.js | 6 +++++-
 src/topics/posts.js  | 9 +--------
 2 files changed, 6 insertions(+), 9 deletions(-)

diff --git a/src/topics/delete.js b/src/topics/delete.js
index eb4c6c43a0..de86eb7bbc 100644
--- a/src/topics/delete.js
+++ b/src/topics/delete.js
@@ -45,7 +45,11 @@ module.exports = function(Topics) {
 	Topics.purge = function(tid, callback) {
 		async.parallel([
 			function(next) {
-				db.deleteAll(['tid:' + tid + ':followers', 'tid:' + tid + ':read_by_uid'], next);
+				db.deleteAll([
+					'tid:' + tid + ':followers',
+					'tid:' + tid + ':posts',
+					'tid:' + tid + ':posts:votes'
+				], next);
 			},
 			function(next) {
 				db.sortedSetsRemove(['topics:tid', 'topics:recent', 'topics:posts', 'topics:views'], tid, next);
diff --git a/src/topics/posts.js b/src/topics/posts.js
index 66fbb6bc4a..9e3275887f 100644
--- a/src/topics/posts.js
+++ b/src/topics/posts.js
@@ -218,14 +218,7 @@ module.exports = function(Topics) {
 	};
 
 	Topics.removePostFromTopic = function(tid, pid, callback) {
-		async.parallel([
-			function (next) {
-				db.sortedSetRemove('tid:' + tid + ':posts', pid, next);
-			},
-			function (next) {
-				db.sortedSetRemove('tid:' + tid + ':posts:votes', pid, next);
-			}
-		], function(err, results) {
+		db.sortedSetsRemove(['tid:' + tid + ':posts', 'tid:' + tid + ':posts:votes'], pid, function(err) {
 			if (err) {
 				return callback(err);
 			}

From f74383bba4814c05426631596c1745b112831127 Mon Sep 17 00:00:00 2001
From: barisusakli <barisusakli@gmail.com>
Date: Sat, 10 Jan 2015 18:59:24 -0500
Subject: [PATCH 11/14] changed userPhoto to files[]

---
 public/src/client/account/profile.js |  8 +--
 public/src/modules/uploader.js       |  3 +-
 src/controllers/accounts.js          | 32 ++++++-----
 src/controllers/admin/uploads.js     | 82 ++++++++++++++--------------
 src/middleware/middleware.js         |  7 +++
 src/routes/admin.js                  |  2 +-
 src/routes/api.js                    |  8 +--
 src/views/admin/footer.tpl           |  2 +-
 8 files changed, 77 insertions(+), 67 deletions(-)

diff --git a/public/src/client/account/profile.js b/public/src/client/account/profile.js
index 2c3db09a07..421fc006ef 100644
--- a/public/src/client/account/profile.js
+++ b/public/src/client/account/profile.js
@@ -36,11 +36,7 @@ define('forum/account/profile', ['forum/account/header', 'forum/infinitescroll']
 		socket.removeListener('event:user_status_change', onUserStatusChange);
 		socket.on('event:user_status_change', onUserStatusChange);
 
-		if (yourid !== theirid) {
-			socket.emit('user.increaseViewCount', theirid);
-		}
-
-		infinitescroll.init(loadMoreTopics);
+		infinitescroll.init(loadMorePosts);
 	};
 
 	function processPage() {
@@ -84,7 +80,7 @@ define('forum/account/profile', ['forum/account/header', 'forum/infinitescroll']
 
 	}
 
-	function loadMoreTopics(direction) {
+	function loadMorePosts(direction) {
 		if(direction < 0 || !$('.user-recent-posts').length) {
 			return;
 		}
diff --git a/public/src/modules/uploader.js b/public/src/modules/uploader.js
index 4156507683..a510cee750 100644
--- a/public/src/modules/uploader.js
+++ b/public/src/modules/uploader.js
@@ -20,9 +20,8 @@ define('uploader', ['csrf'], function(csrf) {
 		uploadForm[0].reset();
 		uploadForm.attr('action', route);
 		uploadForm.find('#params').val(JSON.stringify(params));
-		// uploadForm.find('#csrfToken').val(csrf.get());
 
-		if(fileSize) {
+		if (fileSize) {
 			uploadForm.find('#upload-file-size').html(fileSize);
 			uploadForm.find('#file-size-block').removeClass('hide');
 		} else {
diff --git a/src/controllers/accounts.js b/src/controllers/accounts.js
index 804541fe42..07dd1c5790 100644
--- a/src/controllers/accounts.js
+++ b/src/controllers/accounts.js
@@ -144,6 +144,10 @@ accountsController.getAccount = function(req, res, next) {
 			return helpers.notFound(req, res);
 		}
 
+		if (callerUID !== parseInt(userData.uid, 10)) {
+			user.incrementUserFieldBy(userData.uid, 'profileviews', 1);
+		}
+
 		async.parallel({
 			isFollowing: function(next) {
 				user.isFollowing(callerUID, userData.theirid, next);
@@ -386,25 +390,27 @@ accountsController.accountSettings = function(req, res, next) {
 };
 
 accountsController.uploadPicture = function (req, res, next) {
+	var userPhoto = req.files.files[0];
 	var uploadSize = parseInt(meta.config.maximumProfileImageSize, 10) || 256;
-	if (req.files.userPhoto.size > uploadSize * 1024) {
-		fs.unlink(req.files.userPhoto.path);
+
+	if (userPhoto.size > uploadSize * 1024) {
+		fs.unlink(userPhoto.path);
 		return res.json({
 			error: 'Images must be smaller than ' + uploadSize + ' kb!'
 		});
 	}
 
 	var allowedTypes = ['image/png', 'image/jpeg', 'image/jpg', 'image/gif'];
-	if (allowedTypes.indexOf(req.files.userPhoto.type) === -1) {
-		fs.unlink(req.files.userPhoto.path);
+	if (allowedTypes.indexOf(userPhoto.type) === -1) {
+		fs.unlink(userPhoto.path);
 		return res.json({
 			error: 'Allowed image types are png, jpg and gif!'
 		});
 	}
 
-	var extension = path.extname(req.files.userPhoto.name);
+	var extension = path.extname(userPhoto.name);
 	if (!extension) {
-		fs.unlink(req.files.userPhoto.path);
+		fs.unlink(userPhoto.path);
 		return res.json({
 			error: 'Error uploading file! Error : Invalid extension!'
 		});
@@ -415,11 +421,11 @@ accountsController.uploadPicture = function (req, res, next) {
 
 	async.waterfall([
 		function(next) {
-			image.resizeImage(req.files.userPhoto.path, extension, imageDimension, imageDimension, next);
+			image.resizeImage(userPhoto.path, extension, imageDimension, imageDimension, next);
 		},
 		function(next) {
 			if (parseInt(meta.config['profile:convertProfileImageToPNG'], 10) === 1) {
-				image.convertImageToPng(req.files.userPhoto.path, extension, next);
+				image.convertImageToPng(userPhoto.path, extension, next);
 			} else {
 				next();
 			}
@@ -447,7 +453,7 @@ accountsController.uploadPicture = function (req, res, next) {
 	], function(err, result) {
 
 		function done(err, image) {
-			fs.unlink(req.files.userPhoto.path);
+			fs.unlink(userPhoto.path);
 			if(err) {
 				return res.json({error: err.message});
 			}
@@ -460,12 +466,12 @@ accountsController.uploadPicture = function (req, res, next) {
 		}
 
 		if (err) {
-			fs.unlink(req.files.userPhoto.path);
+			fs.unlink(userPhoto.path);
 			return res.json({error:err.message});
 		}
 
 		if (plugins.hasListeners('filter:uploadImage')) {
-			return plugins.fireHook('filter:uploadImage', {image: req.files.userPhoto, uid: updateUid}, done);
+			return plugins.fireHook('filter:uploadImage', {image: userPhoto, uid: updateUid}, done);
 		}
 
 		var convertToPNG = parseInt(meta.config['profile:convertProfileImageToPNG'], 10) === 1;
@@ -473,7 +479,7 @@ accountsController.uploadPicture = function (req, res, next) {
 
 		user.getUserField(updateUid, 'uploadedpicture', function (err, oldpicture) {
 			if (!oldpicture) {
-				file.saveFileToLocal(filename, 'profile', req.files.userPhoto.path, done);
+				file.saveFileToLocal(filename, 'profile', userPhoto.path, done);
 				return;
 			}
 
@@ -484,7 +490,7 @@ accountsController.uploadPicture = function (req, res, next) {
 					winston.err(err);
 				}
 
-				file.saveFileToLocal(filename, 'profile', req.files.userPhoto.path, done);
+				file.saveFileToLocal(filename, 'profile', userPhoto.path, done);
 			});
 		});
 	});
diff --git a/src/controllers/admin/uploads.js b/src/controllers/admin/uploads.js
index a3f5caf533..98d8e42fb2 100644
--- a/src/controllers/admin/uploads.js
+++ b/src/controllers/admin/uploads.js
@@ -8,37 +8,8 @@ var fs = require('fs'),
 
 var uploadsController = {};
 
-function validateUpload(res, req, allowedTypes) {
-	if (allowedTypes.indexOf(req.files.userPhoto.type) === -1) {
-		var err = {
-			error: 'Invalid image type. Allowed types are: ' + allowedTypes.join(', ')
-		};
-
-		fs.unlink(req.files.userPhoto.path);
-		res.send(req.xhr ? err : JSON.stringify(err));
-		return false;
-	}
-
-	return true;
-}
-
-uploadsController.uploadImage = function(filename, folder, req, res) {
-	function done(err, image) {
-		fs.unlink(req.files.userPhoto.path);
-
-		var response = err ? {error: err.message} : {path: image.url};
-
-		res.send(req.xhr ? response : JSON.stringify(response));
-	}
-
-	if (plugins.hasListeners('filter:uploadImage')) {
-		plugins.fireHook('filter:uploadImage', {image: req.files.userPhoto, uid: req.user.uid}, done);
-	} else {
-		file.saveFileToLocal(filename, folder, req.files.userPhoto.path, done);
-	}
-};
-
 uploadsController.uploadCategoryPicture = function(req, res, next) {
+	var uploadedFile = req.files.files[0];
 	var allowedTypes = ['image/png', 'image/jpeg', 'image/jpg', 'image/gif', 'image/svg+xml'],
 		params = null;
 
@@ -48,22 +19,23 @@ uploadsController.uploadCategoryPicture = function(req, res, next) {
 		var err = {
 			error: 'Error uploading file! Error :' + e.message
 		};
-		fs.unlink(req.files.userPhoto.path);
+		fs.unlink(uploadedFile.path);
 		return res.send(req.xhr ? err : JSON.stringify(err));
 	}
 
-	if (validateUpload(res, req, allowedTypes)) {
-		var filename =  'category-' + params.cid + path.extname(req.files.userPhoto.name);
-		uploadsController.uploadImage(filename, 'category', req, res);
+	if (validateUpload(req, res, uploadedFile, allowedTypes)) {
+		var filename =  'category-' + params.cid + path.extname(uploadedFile.name);
+		uploadImage(filename, 'category', uploadedFile, req, res);
 	}
 };
 
 uploadsController.uploadFavicon = function(req, res, next) {
+	var uploadedFile = req.files.files[0];
 	var allowedTypes = ['image/x-icon', 'image/vnd.microsoft.icon'];
 
-	if (validateUpload(res, req, allowedTypes)) {
-		file.saveFileToLocal('favicon.ico', 'files', req.files.userPhoto.path, function(err, image) {
-			fs.unlink(req.files.userPhoto.path);
+	if (validateUpload(res, req, uploadedFile, allowedTypes)) {
+		file.saveFileToLocal('favicon.ico', 'files', uploadedFile.path, function(err, image) {
+			fs.unlink(uploadedFile.path);
 
 			var response = err ? {error: err.message} : {path: image.url};
 
@@ -81,11 +53,41 @@ uploadsController.uploadGravatarDefault = function(req, res, next) {
 };
 
 function upload(name, req, res, next) {
+	var uploadedFile = req.files.files[0];
 	var allowedTypes = ['image/png', 'image/jpeg', 'image/pjpeg', 'image/jpg', 'image/gif'];
+	if (validateUpload(req, res, uploadedFile, allowedTypes)) {
+		var filename = name + path.extname(uploadedFile.name);
+		uploadImage(filename, 'files', uploadedFile, req, res);
+	}
+}
 
-	if (validateUpload(res, req, allowedTypes)) {
-		var filename = name + path.extname(req.files.userPhoto.name);
-		uploadsController.uploadImage(filename, 'files', req, res);
+function validateUpload(req, res, uploadedFile, allowedTypes) {
+	if (allowedTypes.indexOf(uploadedFile.type) === -1) {
+		var err = {
+			error: 'Invalid image type. Allowed types are: ' + allowedTypes.join(', ')
+		};
+
+		fs.unlink(uploadedFile.path);
+		res.send(req.xhr ? err : JSON.stringify(err));
+		return false;
+	}
+
+	return true;
+}
+
+function uploadImage(filename, folder, uploadedFile, req, res) {
+	function done(err, uploadedImage) {
+		fs.unlink(uploadedFile.path);
+
+		var response = err ? {error: err.message} : {path: uploadedImage.url};
+
+		res.send(req.xhr ? response : JSON.stringify(response));
+	}
+
+	if (plugins.hasListeners('filter:uploadImage')) {
+		plugins.fireHook('filter:uploadImage', {image: uploadedFile, uid: req.user.uid}, done);
+	} else {
+		file.saveFileToLocal(filename, folder, uploadedFile.path, done);
 	}
 }
 
diff --git a/src/middleware/middleware.js b/src/middleware/middleware.js
index 57b8f20159..3d8c463805 100644
--- a/src/middleware/middleware.js
+++ b/src/middleware/middleware.js
@@ -106,6 +106,13 @@ middleware.addSlug = function(req, res, next) {
 	next();
 };
 
+middleware.validateFiles = function(req, res, next) {
+	if (!Array.isArray(req.files.files) || !req.files.files.length) {
+		return next(new Error(['[[error:invalid-files]]']));
+	}
+	next();
+};
+
 middleware.prepareAPI = function(req, res, next) {
 	res.locals.isAPI = true;
 	next();
diff --git a/src/routes/admin.js b/src/routes/admin.js
index 7d867ddbf0..1b9efcef58 100644
--- a/src/routes/admin.js
+++ b/src/routes/admin.js
@@ -10,7 +10,7 @@ function apiRoutes(app, middleware, controllers) {
 	var multipart = require('connect-multiparty');
 	var multipartMiddleware = multipart();
 
-	var middlewares = [multipartMiddleware, middleware.applyCSRF, middleware.authenticate];
+	var middlewares = [multipartMiddleware, middleware.validateFiles, middleware.applyCSRF, middleware.authenticate];
 
 	app.post('/category/uploadpicture', middlewares, controllers.admin.uploads.uploadCategoryPicture);
 	app.post('/uploadfavicon', middlewares, controllers.admin.uploads.uploadFavicon);
diff --git a/src/routes/api.js b/src/routes/api.js
index 9d216b8d02..da281280cc 100644
--- a/src/routes/api.js
+++ b/src/routes/api.js
@@ -28,10 +28,10 @@ module.exports =  function(app, middleware, controllers) {
 
 	var multipart = require('connect-multiparty');
 	var multipartMiddleware = multipart();
-
-	router.post('/post/upload', multipartMiddleware, middleware.applyCSRF, uploadsController.uploadPost);
-	router.post('/topic/thumb/upload', multipartMiddleware, middleware.applyCSRF, uploadsController.uploadThumb);
-	router.post('/user/:userslug/uploadpicture', multipartMiddleware, middleware.applyCSRF, middleware.authenticate, middleware.checkGlobalPrivacySettings, middleware.checkAccountPermissions, controllers.accounts.uploadPicture);
+	var middlewares = [multipartMiddleware, middleware.validateFiles, middleware.applyCSRF];
+	router.post('/post/upload', middlewares, uploadsController.uploadPost);
+	router.post('/topic/thumb/upload', middlewares, uploadsController.uploadThumb);
+	router.post('/user/:userslug/uploadpicture', middlewares.concat([middleware.authenticate, middleware.checkGlobalPrivacySettings, middleware.checkAccountPermissions]), controllers.accounts.uploadPicture);
 };
 
 function getModerators(req, res, next) {
diff --git a/src/views/admin/footer.tpl b/src/views/admin/footer.tpl
index c54c67dd3c..e81d9e6a1a 100644
--- a/src/views/admin/footer.tpl
+++ b/src/views/admin/footer.tpl
@@ -13,7 +13,7 @@
 					<form id="uploadForm" action="" method="post" enctype="multipart/form-data">
 						<div class="form-group">
 							<label for="userPhoto">Upload a picture</label>
-							<input type="file" id="userPhotoInput"  name="userPhoto">
+							<input type="file" id="userPhotoInput" name="files[]">
 							<p class="help-block"></p>
 						</div>
 						<input type="hidden" id="params" name="params">

From 0305ad989c876f6c3de1897995bc825dca38a691 Mon Sep 17 00:00:00 2001
From: barisusakli <barisusakli@gmail.com>
Date: Sat, 10 Jan 2015 19:48:00 -0500
Subject: [PATCH 12/14] match uploader return

---
 public/src/modules/uploader.js   | 60 ++++++++++++++------------------
 src/controllers/accounts.js      |  6 ++--
 src/controllers/admin/uploads.js |  6 ++--
 3 files changed, 31 insertions(+), 41 deletions(-)

diff --git a/public/src/modules/uploader.js b/public/src/modules/uploader.js
index a510cee750..91eb439a25 100644
--- a/public/src/modules/uploader.js
+++ b/public/src/modules/uploader.js
@@ -1,16 +1,10 @@
+'use strict';
+
+/* globals define */
+
 define('uploader', ['csrf'], function(csrf) {
 
-	var module = {},
-		maybeParse = function(response) {
-			if (typeof response == 'string')  {
-				try {
-					return $.parseJSON(response);
-				} catch (e) {
-					return {error: 'Something went wrong while parsing server response'};
-				}
-			}
-			return response;
-		};
+	var module = {};
 
 	module.open = function(route, params, fileSize, callback) {
 		var uploadModal = $('#upload-picture-modal');
@@ -34,28 +28,18 @@ define('uploader', ['csrf'], function(csrf) {
 
 		uploadForm.off('submit').submit(function() {
 
-			function status(message) {
+			function showAlert(type, message) {
 				module.hideAlerts();
-				uploadModal.find('#alert-status').text(message).removeClass('hide');
+				uploadModal.find('#alert-' + type).text(message).removeClass('hide');
 			}
 
-			function success(message) {
-				module.hideAlerts();
-				uploadModal.find('#alert-success').text(message).removeClass('hide');
-			}
-
-			function error(message) {
-				module.hideAlerts();
-				uploadModal.find('#alert-error').text(message).removeClass('hide');
-			}
-
-			status('uploading the file ...');
+			showAlert('status', 'uploading the file ...');
 
 			uploadModal.find('#upload-progress-bar').css('width', '0%');
 			uploadModal.find('#upload-progress-box').show().removeClass('hide');
 
 			if (!$('#userPhotoInput').val()) {
-				error('select an image to upload!');
+				showAlert('error', 'select an image to upload!');
 				return false;
 			}
 
@@ -65,7 +49,7 @@ define('uploader', ['csrf'], function(csrf) {
 				},
 				error: function(xhr) {
 					xhr = maybeParse(xhr);
-					error('Error: ' + xhr.status);
+					showAlert('error', 'Error: ' + xhr.status);
 				},
 
 				uploadProgress: function(event, position, total, percent) {
@@ -76,12 +60,13 @@ define('uploader', ['csrf'], function(csrf) {
 					response = maybeParse(response);
 
 					if (response.error) {
-						error(response.error);
+						showAlert('error', response.error);
 						return;
 					}
-					callback(response.path);
 
-					success('File uploaded successfully!');
+					callback(response[0].url);
+
+					showAlert('success', 'File uploaded successfully!');
 					setTimeout(function() {
 						module.hideAlerts();
 						uploadModal.modal('hide');
@@ -93,12 +78,19 @@ define('uploader', ['csrf'], function(csrf) {
 		});
 	};
 
+	function maybeParse(response) {
+		if (typeof response === 'string') {
+			try {
+				return $.parseJSON(response);
+			} catch (e) {
+				return {error: 'Something went wrong while parsing server response'};
+			}
+		}
+		return response;
+	}
+
 	module.hideAlerts = function() {
-		var uploadModal = $('#upload-picture-modal');
-		uploadModal.find('#alert-status').addClass('hide');
-		uploadModal.find('#alert-success').addClass('hide');
-		uploadModal.find('#alert-error').addClass('hide');
-		uploadModal.find('#upload-progress-box').addClass('hide');
+		$('#upload-picture-modal').find('#alert-status, #alert-success, #alert-error, #upload-progress-box').addClass('hide');
 	};
 
 	return module;
diff --git a/src/controllers/accounts.js b/src/controllers/accounts.js
index 07dd1c5790..69ea848ec0 100644
--- a/src/controllers/accounts.js
+++ b/src/controllers/accounts.js
@@ -454,15 +454,13 @@ accountsController.uploadPicture = function (req, res, next) {
 
 		function done(err, image) {
 			fs.unlink(userPhoto.path);
-			if(err) {
+			if (err) {
 				return res.json({error: err.message});
 			}
 
 			user.setUserFields(updateUid, {uploadedpicture: image.url, picture: image.url});
 
-			res.json({
-				path: image.url
-			});
+			res.json([{name: userPhoto.name, url: image.url}]);
 		}
 
 		if (err) {
diff --git a/src/controllers/admin/uploads.js b/src/controllers/admin/uploads.js
index 98d8e42fb2..0b7ece2775 100644
--- a/src/controllers/admin/uploads.js
+++ b/src/controllers/admin/uploads.js
@@ -37,7 +37,7 @@ uploadsController.uploadFavicon = function(req, res, next) {
 		file.saveFileToLocal('favicon.ico', 'files', uploadedFile.path, function(err, image) {
 			fs.unlink(uploadedFile.path);
 
-			var response = err ? {error: err.message} : {path: image.url};
+			var response = err ? {error: err.message} : [{name: uploadedFile.name, url: image.url}];
 
 			res.send(req.xhr ? response : JSON.stringify(response));
 		});
@@ -76,10 +76,10 @@ function validateUpload(req, res, uploadedFile, allowedTypes) {
 }
 
 function uploadImage(filename, folder, uploadedFile, req, res) {
-	function done(err, uploadedImage) {
+	function done(err, image) {
 		fs.unlink(uploadedFile.path);
 
-		var response = err ? {error: err.message} : {path: uploadedImage.url};
+		var response = err ? {error: err.message} : [{name: uploadedFile.name, url: image.url}];
 
 		res.send(req.xhr ? response : JSON.stringify(response));
 	}

From 19f0f6b7e04945b102457dce4f88ddd71f2afbcd Mon Sep 17 00:00:00 2001
From: Julian Lam <julian@designcreateplay.com>
Date: Sun, 11 Jan 2015 16:55:25 -0500
Subject: [PATCH 13/14] fixed issue where trying to go to the user profile
 would cause a cold load instead of ajaxify

---
 src/views/config.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/views/config.json b/src/views/config.json
index 7a7a5da07d..9fc65e5781 100644
--- a/src/views/config.json
+++ b/src/views/config.json
@@ -13,7 +13,7 @@
 		"^user/.*/favourites": "account/favourites",
 		"^user/.*/posts": "account/posts",
 		"^user/.*/topics": "account/topics",
-		"^user/[.^\/]*": "account/profile",
+		"^user/[^\/]+": "account/profile",
 		"^reset/.*": "reset_code",
 		"^tags/.*": "tag",
 		"^groups/?$": "groups/list",

From 2974f1ba8aff4e35eb43596adb6791ec5fbd357d Mon Sep 17 00:00:00 2001
From: barisusakli <barisusakli@gmail.com>
Date: Mon, 12 Jan 2015 11:07:38 -0500
Subject: [PATCH 14/14] closes #2602

---
 src/middleware/middleware.js | 40 ++++++++++++++++++------------------
 1 file changed, 20 insertions(+), 20 deletions(-)

diff --git a/src/middleware/middleware.js b/src/middleware/middleware.js
index 3d8c463805..be112f810f 100644
--- a/src/middleware/middleware.js
+++ b/src/middleware/middleware.js
@@ -445,7 +445,7 @@ middleware.addExpiresHeaders = function(req, res, next) {
 };
 
 middleware.maintenanceMode = function(req, res, next) {
-	if (meta.config.maintenanceMode !== '1') {
+	if (parseInt(meta.config.maintenanceMode, 10) !== 1) {
 		return next();
 	}
 
@@ -480,35 +480,35 @@ middleware.maintenanceMode = function(req, res, next) {
 					return true;
 				}
 			}
+			return false;
 		},
 		isApiRoute = /^\/api/;
 
-	if (!isAllowed(req.url)) {
-		if (!req.user) {
-			return render();
-		} else {
-			user.isAdministrator(req.user.uid, function(err, isAdmin) {
-				if (!isAdmin) {
-					return render();
-				} else {
-					return next();
-				}
-			});
-		}
-	} else {
+	if (isAllowed(req.url)) {
 		return next();
 	}
+
+	if (!req.user) {
+		return render();
+	}
+
+	user.isAdministrator(req.user.uid, function(err, isAdmin) {
+		if (err) {
+			return next(err);
+		}
+		if (!isAdmin) {
+			render();
+		} else {
+			next();
+		}
+	});
 };
 
 middleware.publicTagListing = function(req, res, next) {
-	if ((!meta.config.hasOwnProperty('publicTagListing') || parseInt(meta.config.publicTagListing, 10) === 1)) {
+	if (req.user || (!meta.config.hasOwnProperty('publicTagListing') || parseInt(meta.config.publicTagListing, 10) === 1)) {
 		next();
 	} else {
-		if (res.locals.isAPI) {
-			res.sendStatus(401);
-		} else {
-			middleware.ensureLoggedIn(req, res, next);
-		}
+		controllers.helpers.notAllowed(req, res);
 	}
 };