From c23a0935b08bfe942e976fc796662f6103bbf5e2 Mon Sep 17 00:00:00 2001
From: Dalia Alawneh <alawnehdalia340@gmail.com>
Date: Sat, 22 Jul 2023 15:36:56 +0300
Subject: [PATCH 1/3] Refactor: Change var to let or const

---
 app.js                                       |   6 +-
 client/js/account.js                         |  22 +-
 client/js/admin_similar_users.js             |   2 +-
 client/js/admin_users.js                     |   4 +-
 client/js/mod_tools.js                       | 128 ++++----
 client/js/place.js                           | 302 +++++++++----------
 client/js/popout.js                          | 102 +++----
 client/js/site.js                            |  58 ++--
 controllers/AdminActionsController.js        |   6 +-
 controllers/AuthController.js                |   6 +-
 controllers/ChangelogController.js           |   6 +-
 controllers/ChatController.js                |   4 +-
 controllers/FeatureAvailabilityController.js |   2 +-
 controllers/ModeratorUserController.js       |  18 +-
 controllers/PasswordChangeController.js      |   4 +-
 controllers/PixelInfoController.js           |   2 +-
 controllers/PlaceController.js               |  12 +-
 controllers/TOTPSetupController.js           |   4 +-
 models/access.js                             |   8 +-
 models/action.js                             |   6 +-
 models/chatMessage.js                        |   4 +-
 models/pixel.js                              |  12 +-
 models/report.js                             |   2 +-
 models/user.js                               |  46 +--
 models/warp.js                               |   4 +-
 public/js/bootbox.min.js                     |   2 +-
 public/js/cookies-eu-banner.min.js           |   2 +-
 public/js/jquery.confetti.js                 |  42 +--
 routes/api.js                                |   2 +-
 scripts/migrate-ips.js                       |   2 +-
 scripts/resize.js                            |   2 +-
 util/ActionLogger.js                         |   4 +-
 util/ChangelogManager.js                     |  34 ++-
 util/DataModelManager.js                     |  18 +-
 util/HTTPServer.js                           |   8 +-
 util/JavaScriptProcessor.js                  |   4 +-
 util/LeaderboardManager.js                   |  14 +-
 util/ModuleManager.js                        |  52 ++--
 util/PaintingManager.js                      |  16 +-
 util/ResponseFactory.js                      |  12 +-
 util/UserActivityManager.js                  |   6 +-
 util/logger.js                               |   6 +-
 util/passport.js                             |   2 +-
 views/admin/dashboard.pug                    |   4 +-
 views/admin/similar_users.pug                |   4 +-
 views/admin/users.pug                        |   4 +-
 views/admin_layout.pug                       |  12 +-
 views/errors/404.pug                         |   2 +-
 views/errors/500.pug                         |   2 +-
 views/layout.pug                             |  16 +-
 views/public/account.pug                     |  20 +-
 views/public/deactivated.pug                 |   2 +-
 views/public/deleted.pug                     |   2 +-
 views/public/force-pw-reset.pug              |   4 +-
 views/public/index.pug                       |  12 +-
 views/public/pick-username.pug               |   4 +-
 views/public/popout.pug                      |   8 +-
 57 files changed, 548 insertions(+), 546 deletions(-)

diff --git a/app.js b/app.js
index 03ede300..c1f1bc9d 100644
--- a/app.js
+++ b/app.js
@@ -18,13 +18,13 @@ const User = require("./models/user");
 const fs = require("fs");
 const path = require("path");
 
-var app = {};
+const app = {};
 
 app.logger = require('./util/logger');
 
 app.loadConfig = (path = "./config/config") => {
     delete require.cache[require.resolve(path)];
-    var oldConfig = app.config;
+    const oldConfig = app.config;
     app.config = require(path);
     app.colours = [... new Set((app.config.colours || ["#FFFFFF", "#E4E4E4", "#888888", "#222222", "#FFA7D1", "#E50000", "#E59500", "#A06A42", "#E5D900", "#94E044", "#02BE01", "#00D3DD", "#0083C7", "#0000EA", "#CF6EE4", "#820080"]).map((c) => c.toUpperCase()))];
     if(!app.config.siteName) app.config.siteName = "Place";
@@ -150,7 +150,7 @@ app.recreateRoutes = () => {
 app.recreateRoutes();
 readline.on('line', i => {
     try {
-        var output = eval(i)
+        const output = eval(i)
         output instanceof Promise
         ? output.then(a => {
             console.log('Promise Resolved')
diff --git a/client/js/account.js b/client/js/account.js
index 5b4b8d79..4c2f9922 100644
--- a/client/js/account.js
+++ b/client/js/account.js
@@ -1,6 +1,6 @@
-var passwordProgressAlert = $("div[name=\"changePasswordProgressAlert\"]");
-var deactivateProgressAlert = $("div[name=\"deactivateAccountProgressAlert\"]");
-var enableTOTPAlert = $("div[name=\"enableTOTPAlert\"]");
+let passwordProgressAlert = $("div[name=\"changePasswordProgressAlert\"]");
+let deactivateProgressAlert = $("div[name=\"deactivateAccountProgressAlert\"]");
+let enableTOTPAlert = $("div[name=\"enableTOTPAlert\"]");
 
 function setAlert(alert, success = true, text) {
   alert.attr("class", "").addClass(`alert alert-${success ? "success" : "danger"}`).html(`<strong>${success ? "Success!" : "Uh oh!"}</strong> ${text || "An unknown error occurred."}`);
@@ -8,9 +8,9 @@ function setAlert(alert, success = true, text) {
 
 $("form#changePasswordForm").submit(function (e) {
   e.preventDefault();
-  var oPassword = $(this).find("input[name=\"password\"]").val();
-  var nPassword = $(this).find("input[name=\"newPassword\"]").val();
-  var nCPassword = $(this).find("input[name=\"newConfPassword\"]").val();
+  let oPassword = $(this).find("input[name=\"password\"]").val();
+  let nPassword = $(this).find("input[name=\"newPassword\"]").val();
+  let nCPassword = $(this).find("input[name=\"newConfPassword\"]").val();
   if (oPassword == "" || nPassword == "" || nCPassword == "") return setAlert(passwordProgressAlert, false, "Please fill out all the fields.");
   if (nPassword !== nCPassword) return setAlert(passwordProgressAlert, false, "The passwords you entered did not match.");
 
@@ -23,7 +23,7 @@ const passwordField = $("#deactivateAccount").find("input[name=\"password\"]");
 
 $("#deactivateButton").click(function(e) {
   e.preventDefault();
-  var password = passwordField.val();
+  let password = passwordField.val();
   if (password == "") return setAlert(deactivateProgressAlert, false, "Please enter your password.");
   placeAjax.post("/api/user/deactivate", { password: password }, null).then((response) => {
     window.location.href = "/deactivated";
@@ -32,7 +32,7 @@ $("#deactivateButton").click(function(e) {
 
 $("#deleteButton").click(function(e) {
   e.preventDefault();
-  var password = passwordField.val();
+  let password = passwordField.val();
   if (password == "") return setAlert(deactivateProgressAlert, false, "Please enter your password.");
   placeAjax.delete("/api/user", { password: password }, null).then((response) => {
     window.location.href = "/deleted";
@@ -40,7 +40,7 @@ $("#deleteButton").click(function(e) {
 });
 
 $("#disableTwoFactorAuth").click(function () {
-  var elem = $(this).addClass("disabled");
+  let elem = $(this).addClass("disabled");
   placeAjax.delete("/api/user/totp-setup", null, "An unknown error occurred while trying to disable two-factor authentication.", () => {
     elem.removeClass("disabled");
   }).then((response) => {
@@ -50,7 +50,7 @@ $("#disableTwoFactorAuth").click(function () {
 
 $("form#enableTOTPForm").submit(function (e) {
   e.preventDefault();
-  var submitBtn = $(this).find("button[type=submit]").text("Verifying").addClass("disabled");
+  let submitBtn = $(this).find("button[type=submit]").text("Verifying").addClass("disabled");
   placeAjax.post("/api/user/totp-setup", $(this).serialize(), null, () => {
     submitBtn.text("Verify").removeClass("disabled");
   }).then((response) => {
@@ -59,7 +59,7 @@ $("form#enableTOTPForm").submit(function (e) {
 });
 
 $("#enableTwoFactorAuth").click(function () {
-  var elem = $(this).addClass("disabled");
+  let elem = $(this).addClass("disabled");
   placeAjax.get("/api/user/totp-setup", null, "An unknown error occurred while trying to load two-factor authentication setup.", () => {
     elem.removeClass("disabled");
   }).then((response) => {
diff --git a/client/js/admin_similar_users.js b/client/js/admin_similar_users.js
index 76808733..63b6168b 100644
--- a/client/js/admin_similar_users.js
+++ b/client/js/admin_similar_users.js
@@ -1,6 +1,6 @@
 $(document).ready(function() {
     $(".timeago").timeago();
-    var getUserRow = function(user, relationString) {
+    let getUserRow = function(user, relationString) {
         return `<div class="user"> 
             <div class="user-info">
                 <a href="/@${user.username}" class="username">${user.username}</a>
diff --git a/client/js/admin_users.js b/client/js/admin_users.js
index 61da3733..8d02dc1b 100644
--- a/client/js/admin_users.js
+++ b/client/js/admin_users.js
@@ -1,5 +1,5 @@
 $(document).ready(function() {
-    var table = $("#users").DataTable({
+    let table = $("#users").DataTable({
         processing: true,
         serverSide: true,
         aaSorting: [[2, "desc"]],
@@ -24,7 +24,7 @@ $(document).ready(function() {
         },
         serverParams: (data) => data.bChunkSearch = true
     }).columns().every( function () {
-        var that = this;
+        let that = this;
         $("input[type=search]", this.footer() ).attr("spellcheck", "false").attr("autocomplete", "off").attr("autocorrect", "off").attr("autocapitalize", "off").on( "keyup change", function () {
             if (that.search() !== this.value) {
                 that.search(this.value, true).draw();
diff --git a/client/js/mod_tools.js b/client/js/mod_tools.js
index 4c1590f8..66b3b162 100644
--- a/client/js/mod_tools.js
+++ b/client/js/mod_tools.js
@@ -1,9 +1,9 @@
-var defaultBanReason = "";
-var actionTemplates = null;
+let defaultBanReason = "";
+let actionTemplates = null;
 
-var BroadcastDialogController = DialogController($("#broadcast-dialog"));
+let BroadcastDialogController = DialogController($("#broadcast-dialog"));
 
-var actions = {
+let actions = {
     user: {
         similar: {
             btnStyle: "default",
@@ -55,7 +55,7 @@ var actions = {
             adminOnly: true,
             getRequestData: function(elem) {
                 return new Promise((resolve, reject) => {
-                    var id = elem.parent().attr("data-user-id");
+                    let id = elem.parent().attr("data-user-id");
                     if(!id) id = elem.parent().parent().attr("data-user-id");
                     bootbox.prompt({
                         title: "Password Reset Key (for login)",
@@ -93,7 +93,7 @@ var actions = {
             btnStyle: "primary",
             getRequestData: function(elem) {
                 return new Promise((resolve, reject) => {
-                    var id = elem.parent().attr("data-user-id");
+                    let id = elem.parent().attr("data-user-id");
                     if(!id) id = elem.parent().parent().attr("data-user-id");
                     placeAjax.get("/api/mod/user_notes", {id: id}, null).then((res) => {
                         bootbox.prompt({
@@ -158,12 +158,12 @@ var actions = {
     }
 };
 
-var setActionDataOnElement = function(data, elem, action) {
-    var title = action.buttonText(data);
-    var shouldShow = true;
+let setActionDataOnElement = function(data, elem, action) {
+    let title = action.buttonText(data);
+    let shouldShow = true;
     if(typeof action["shouldShow"] === "function") shouldShow = action.shouldShow(data);
-    var isPressed = false;
-    var text = title;
+    let isPressed = false;
+    let text = title;
     if(typeof action.icon === "function") text = `<i class="fa fa-${action.icon(data)}"></i>`
     if(elem.hasClass("dropdown-action")) text = `<span class="text-${action.btnStyle}">${text}</span>`
     if(typeof action.isActive === "function") isPressed = action.isActive(data);
@@ -174,11 +174,11 @@ var setActionDataOnElement = function(data, elem, action) {
     elem.html(text);
 }
 
-var renderAction = function(actionName, data = {}, type = "user", dropdown = false) {
-    var action = actions[type][actionName];
-    var title = action.buttonText(data);
-    var dropdownItem = null;
-    var btn = $("<a>").attr("href", "javascript:void(0)").addClass(`${type}-action-btn ${dropdown ? "text" : "btn"}-${action.btnStyle} ${dropdown ? "dropdown" : "btn"}-action`).attr("data-admin-only", action.adminOnly === true).attr(`data-${type}-action`, actionName);
+let renderAction = function(actionName, data = {}, type = "user", dropdown = false) {
+    let action = actions[type][actionName];
+    let title = action.buttonText(data);
+    let dropdownItem = null;
+    let btn = $("<a>").attr("href", "javascript:void(0)").addClass(`${type}-action-btn ${dropdown ? "text" : "btn"}-${action.btnStyle} ${dropdown ? "dropdown" : "btn"}-action`).attr("data-admin-only", action.adminOnly === true).attr(`data-${type}-action`, actionName);
     if(typeof action.getAttributes === "function") btn.attr(action.getAttributes(data));
     if(typeof action.type !== "undefined" && action.type == "link") btn.attr("href", action.getLinkURL(data)).removeClass(`${type}-action-btn`);
     setActionDataOnElement(data, btn, action);
@@ -191,53 +191,53 @@ var renderAction = function(actionName, data = {}, type = "user", dropdown = fal
     return dropdown ? dropdownItem : btn;
 }
 
-var actionIDs = Object.keys(actions.user);
+let actionIDs = Object.keys(actions.user);
 
-var canTouchUser = function(user) {
-    var currentUserID = $("body").data("user-id");
-    var currentIsAdmin = $("body").data("user-is-admin");
-    var currentIsMod = $("body").data("user-is-mod");
-    var canTouchUser = (currentIsMod && !(user.moderator || user.admin)) || (currentIsAdmin && !user.admin);
+let canTouchUser = function(user) {
+    let currentUserID = $("body").data("user-id");
+    let currentIsAdmin = $("body").data("user-is-admin");
+    let currentIsMod = $("body").data("user-is-mod");
+    let canTouchUser = (currentIsMod && !(user.moderator || user.admin)) || (currentIsAdmin && !user.admin);
     if(user._id) user.id = user._id;
     return currentUserID != user.id && canTouchUser;
 }
 
-var renderUserActions = function(user) {
+let renderUserActions = function(user) {
     if(!canTouchUser(user)) return "";
     if(user._id) user.id = user._id;
-    var actionCtn = $("<div>").addClass("actions-ctn").attr("data-user-id", user.id);
+    let actionCtn = $("<div>").addClass("actions-ctn").attr("data-user-id", user.id);
     actionIDs.forEach((a) => renderAction(a, user, "user").appendTo(actionCtn));
     return actionCtn[0].outerHTML;
 }
 
-var renderServerActions = function() {
-    var actionContainer = $("<div>").addClass("action-ctn");
+let renderServerActions = function() {
+    let actionContainer = $("<div>").addClass("action-ctn");
     Object.keys(actions.server).forEach((key) => renderAction(key, {}, "server").appendTo(actionContainer));
     return actionContainer[0].outerHTML;
 }
 
-var renderUserActionsDropdown = function(user) {
+let renderUserActionsDropdown = function(user) {
     if(!canTouchUser(user)) return "";
-    var dropdownCtn = $("<div>").addClass("dropdown dropdown-inline user-action-dropdown-ctn").attr("data-user-id", user.id);
-    var btn = $("<a>").addClass("dropdown-toggle").attr({type: "button", "data-toggle": "dropdown", "aria-haspopup": true, "aria-expanded": false}).html("<span class=\"caret\"></span>").appendTo(dropdownCtn);
-    var dropdownList = $("<ul>").addClass("dropdown-menu").attr("data-user-id", user.id).appendTo(dropdownCtn);
+    let dropdownCtn = $("<div>").addClass("dropdown dropdown-inline user-action-dropdown-ctn").attr("data-user-id", user.id);
+    let btn = $("<a>").addClass("dropdown-toggle").attr({type: "button", "data-toggle": "dropdown", "aria-haspopup": true, "aria-expanded": false}).html("<span class=\"caret\"></span>").appendTo(dropdownCtn);
+    let dropdownList = $("<ul>").addClass("dropdown-menu").attr("data-user-id", user.id).appendTo(dropdownCtn);
     actionIDs.forEach((a) => renderAction(a, user, "user", true).appendTo(dropdownList));
     return dropdownCtn[0].outerHTML;
 }
 
-var updateUserDropdowns = function(user) {
+let updateUserDropdowns = function(user) {
     $(`div.user-action-dropdown-ctn[data-user-id="${user.id}"]`).html($(renderUserActionsDropdown(user))[0].innerHTML);
 }
 
 $("body").on("click", ".user-action-btn", function() {
-    var userID = $(this).parent().data("user-id");
+    let userID = $(this).parent().data("user-id");
     if(!userID) userID = $(this).parent().parent().data("user-id");
-    var action = actions.user[$(this).data("user-action")];
-    var elem = $(this);
-    var method = "GET";
+    let action = actions.user[$(this).data("user-action")];
+    let elem = $(this);
+    let method = "GET";
     if(typeof action.method !== "undefined") method = action.method;
     function continueWithRequestData(data) {
-        var originalText = elem.html();
+        let originalText = elem.html();
         elem.addClass("disabled").html(`<i class="fa fa-circle-o-notch fa-spin"></i> ${originalText}`);
         placeAjax.ajax({
             url:`/api/${action.url}/?id=${userID}`,
@@ -258,15 +258,15 @@ $("body").on("click", ".user-action-btn", function() {
 });
 
 $("body").on("click", ".server-action-btn", function() {
-    var action = actions.server[$(this).data("server-action")];
-    var data = {};
+    let action = actions.server[$(this).data("server-action")];
+    let data = {};
     if(action.type == "event" && typeof action.onClick === "function") return action.onClick($(this));
     if(typeof action.getRequestData === "function") data = action.getRequestData($(this));
     if(!data) return;
-    var originalText = $(this).html();
+    let originalText = $(this).html();
     $(this).addClass("disabled");
     $(this).html(`<i class="fa fa-circle-o-notch fa-spin"></i> ${originalText}`);
-    var elem = $(this);
+    let elem = $(this);
     placeAjax.get(`/api/${action.url}/`, data, "Couldn't perform action.", () => {
         elem.removeClass("disabled");
         if(action.callbackModifiesText === false) elem.html(originalText);
@@ -278,7 +278,7 @@ $("body").on("click", ".server-action-btn", function() {
 
 $("#broadcastForm").submit(function(e) {
     e.preventDefault();
-    var submitBtn = $(this).find("button[type=submit]").text("Broadcasting...").attr("disabled", "disabled");
+    let submitBtn = $(this).find("button[type=submit]").text("Broadcasting...").attr("disabled", "disabled");
     placeAjax.post("/api/admin/broadcast", {
         title: $(this).find("#inputBroadcastTitle").val(),
         message: $(this).find("#inputBroadcastMessage").val(),
@@ -291,11 +291,11 @@ $("#broadcastForm").submit(function(e) {
 })
 
 function getRowForAction(action) {
-    var actionTemplate = actionTemplates[action.action];
-    var randomString = function(length) {
-        var text = "";
-        var possible = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
-        for(var i = 0; i < length; i++) {
+    let actionTemplate = actionTemplates[action.action];
+    let randomString = function(length) {
+        let text = "";
+        let possible = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
+        for(let i = 0; i < length; i++) {
             text += possible.charAt(Math.floor(Math.random() * possible.length));
         }
         return text;
@@ -307,37 +307,37 @@ function getRowForAction(action) {
         return `<strong><a href="/@${user.username}">${user.username}</a> ${renderUserActionsDropdown(user)}</strong>`;
     }
 
-    var row = $("<div>").addClass("action").attr("data-action-id", action.id);
-    var username = "<strong>Deleted user</strong>";
-    var actionTxt = `<span class="action-str" title="${actionTemplate.displayName} - ${actionTemplate.category}">${actionTemplate.inlineDisplayName.toLowerCase()}</span>`;
+    let row = $("<div>").addClass("action").attr("data-action-id", action.id);
+    let username = "<strong>Deleted user</strong>";
+    let actionTxt = `<span class="action-str" title="${actionTemplate.displayName} - ${actionTemplate.category}">${actionTemplate.inlineDisplayName.toLowerCase()}</span>`;
     if(action.performingUser) username = renderUsernameText(action.performingUser);
-    var moreInfoCtn = null;
-    var sentenceEnd = "";
-    var otherLines = "";
+    let moreInfoCtn = null;
+    let sentenceEnd = "";
+    let otherLines = "";
     if(Object.keys(action.info).length > 0) {
         if(typeof actionTemplate.sentenceEndTextFormatting !== "undefined") sentenceEnd = parseActionTemplate(actionTemplate.sentenceEndTextFormatting, action);
         if(typeof actionTemplate.otherLinesTextFormatting !== "undefined") otherLines = "<br>" + parseActionTemplate(actionTemplate.otherLinesTextFormatting, action);
         if(typeof actionTemplate.hideInfo === "undefined" || !actionTemplate.hideInfo) {
-            var moreInfoCtn = $("<div>").addClass("info-collapse-ctn");
-            var id = `info-collapse-${randomString(16)}-${action.id}`;
-            var infoCtn = $("<div>").addClass("collapse info-collapse").attr("id", id).appendTo(moreInfoCtn);
-            var infoList = $("<samp>").appendTo(infoCtn);
+            let moreInfoCtn = $("<div>").addClass("info-collapse-ctn");
+            let id = `info-collapse-${randomString(16)}-${action.id}`;
+            let infoCtn = $("<div>").addClass("collapse info-collapse").attr("id", id).appendTo(moreInfoCtn);
+            let infoList = $("<samp>").appendTo(infoCtn);
             Object.keys(action.info).forEach((key) => {
-                var value = action.info[key];
+                let value = action.info[key];
                 if(typeof value !== "object") {
                     $("<strong>").text(key + ":").appendTo(infoList);
                     $("<span>").html(` ${value}<br>`).appendTo(infoList);
                 }
             })
-            var seeMoreLink = $("<a>").attr("role", "button").addClass("see-more-toggle").attr("data-toggle", "collapse").attr("href", `#${id}`).attr("aria-expanded", "false").attr("aria-controls", id).text("See more").appendTo(moreInfoCtn);
+            let seeMoreLink = $("<a>").attr("role", "button").addClass("see-more-toggle").attr("data-toggle", "collapse").attr("href", `#${id}`).attr("aria-expanded", "false").attr("aria-controls", id).text("See more").appendTo(moreInfoCtn);
             infoCtn.on("show.bs.collapse", () => seeMoreLink.text("See less")).on("hide.bs.collapse", () => seeMoreLink.text("See more"))
         }
     }
-    var text = `${username} ${actionTxt}${sentenceEnd}</span>.${otherLines}`;
+    let text = `${username} ${actionTxt}${sentenceEnd}</span>.${otherLines}`;
     if(typeof actionTemplate.requiresModerator !== "undefined" && actionTemplate.requiresModerator) {
-        var modUsername = "<strong>Deleted moderator</strong>"
+        let modUsername = "<strong>Deleted moderator</strong>"
         if(action.moderatingUser) modUsername = renderUsernameText(action.moderatingUser);
-        var text = `${modUsername} ${actionTxt} ${username}${sentenceEnd}</span>.${otherLines}`
+        let text = `${modUsername} ${actionTxt} ${username}${sentenceEnd}</span>.${otherLines}`
     }
     $("<p>").addClass("text").html(text).appendTo(row);
     if(moreInfoCtn) moreInfoCtn.appendTo(row);
@@ -356,9 +356,9 @@ function fetchActions(lastID, modOnly, limit, firstID, callback) {
 function addToContainerForResponse(container, data, lastID, modOnly, limit, allowsShowMore) {
     data.forEach((action) => getRowForAction(action).appendTo(container));
     if(allowsShowMore && lastID) {
-        var loading = false;
+        let loading = false;
         $("<a>").addClass("btn btn-popping btn-xs").text("Load more").appendTo(container).on("click", function() {
-            var btn = $(this);
+            let btn = $(this);
             if(!loading) {
                 loading = true;
                 btn.html("<i class=\"fa fa-spin fa-circle-o-notch\"></i> Loading…").addClass("disabled");
@@ -381,7 +381,7 @@ function loadRecentActionsIntoContainer(container, limit = null, modOnly = false
         if(!data) return $(container).text("Couldn't load mod actions");
         container.html("");
         addToContainerForResponse(container, data, lastID, modOnly, limit, allowsShowMore);
-        var refreshFirstID = data.length > 0 ? data[0].id : null;
+        let refreshFirstID = data.length > 0 ? data[0].id : null;
         setInterval(function() {
             fetchActions(null, modOnly, limit, refreshFirstID, function(data, lastID) {
                 if(data.length > 0) refreshFirstID = data[0].id;
diff --git a/client/js/place.js b/client/js/place.js
index 44636415..b3c4f6d5 100644
--- a/client/js/place.js
+++ b/client/js/place.js
@@ -4,12 +4,12 @@
 //  Written by THE WHOLE DYNASTIC CREW. Inspired by Reddit's /r/place.
 //
 
-var size;
+let size;
 
-var SignInDialogController = DialogController($("#sign-in-dialog"));
-var ChangelogDialogController = DialogController($("#changelog-dialog"));
-var HelpDialogController = DialogController($("#help-dialog"));
-var BetaDialogController = DialogController($("#beta-dialog"));
+let SignInDialogController = DialogController($("#sign-in-dialog"));
+let ChangelogDialogController = DialogController($("#changelog-dialog"));
+let HelpDialogController = DialogController($("#help-dialog"));
+let BetaDialogController = DialogController($("#beta-dialog"));
 BetaDialogController.dialog.find("#signup").click(function() {
     placeAjax.post("/api/beta-signup", null, null).then(data => {
         if (data.success) return BetaDialogController.hide();
@@ -23,7 +23,7 @@ ChangelogDialogController.dialog.find("#changelog-opt-out").click(function() {
     placeAjax.delete("/api/changelog/missed");
 });
 
-var canvasController = {
+let canvasController = {
     isDisplayDirty: false,
 
     init: function(canvas) {
@@ -58,16 +58,16 @@ var canvasController = {
     },
 
     getPixelColour: function(x, y) {
-        var data = this.ctx.getImageData(x, y, 1, 1).data;
+        let data = this.ctx.getImageData(x, y, 1, 1).data;
         function componentToHex(c) {
-            var hex = c.toString(16);
+            let hex = c.toString(16);
             return hex.length == 1 ? "0" + hex : hex;
         }
         return componentToHex(data[0]) + componentToHex(data[1]) + componentToHex(data[2]);
     }
 };
 
-var notificationHandler = {
+let notificationHandler = {
     notificationsSupported: "Notification" in window, supportsNewNotificationAPI: false,
 
     setup: function() {
@@ -96,7 +96,7 @@ var notificationHandler = {
 
     sendNotification: function(title, message, requesting = false) {
         if(!this.notificationsSupported) return;
-        var canSend = this.canNotify;
+        let canSend = this.canNotify;
         if(!canSend && !requesting) return;
         if(!canSend) {
             return this.requestPermission((granted) => {
@@ -121,7 +121,7 @@ var notificationHandler = {
     }
 }
 
-var place = {
+let place = {
     zooming: {
         zoomedIn: false,
         panFromX: 0, panFromY: 0,
@@ -189,9 +189,9 @@ var place = {
         this.placingOverlay = $(this.colourPaletteElement).find("#placing-modal");
         this.placeTimer = $(this.colourPaletteElement).find("#place-timer");
         $(this.placeTimer).on("click", "#notify-me", () => this.handleNotifyMeClick());
-        var app = this;
+        let app = this;
         $(this.colourPaletteElement).on("click", ".colour-option", function() {
-            var colourID = parseInt($(this).data("colour"));
+            let colourID = parseInt($(this).data("colour"));
             if(colourID) app.selectColour(colourID);
         });
         $(this.colourPaletteElement).click(function(e) {
@@ -202,12 +202,12 @@ var place = {
 
         $("#palette-expando").click(this.handlePaletteExpandoClick);
 
-        var controller = $(zoomController).parent()[0];
+        let controller = $(zoomController).parent()[0];
         canvas.onmousemove = (event) => this.handleMouseMove(event || window.event);
         canvas.addEventListener("contextmenu", (event) => this.contextMenu(event));
 
-        var handleKeyEvents = function(e) {
-            var kc = e.keyCode || e.which;
+        let handleKeyEvents = function(e) {
+            let kc = e.keyCode || e.which;
             app.keyStates[kc] = e.type == "keydown";
         }
 
@@ -236,7 +236,7 @@ var place = {
         this.setupDisplayCanvas(this.displayCanvas);
         this.setupInteraction();
 
-        var spawnPoint = this.getSpawnPoint();
+        let spawnPoint = this.getSpawnPoint();
         this.setCanvasPosition(spawnPoint.x, spawnPoint.y);
         this.setupZoomSlider();
         this.setZoomScale(this.zooming.zoomScale);
@@ -258,8 +258,8 @@ var place = {
         this.popoutController = popoutController;
         this.popoutController.setup(this, $("#popout-container")[0]);
         this.popoutController.popoutVisibilityController.visibilityChangeCallback = () => {
-            var start = new Date();
-            var interval = setInterval(function() {
+            let start = new Date();
+            let interval = setInterval(function() {
                 app.handleResize();
                 if((new Date() - start) > 250) clearInterval(interval);
             }, 1);
@@ -281,7 +281,7 @@ var place = {
         })
 
         $("#pixel-use-colour-btn").click(function() {
-            var colour = $(this).attr("data-represented-colour");
+            let colour = $(this).attr("data-represented-colour");
             $("#colour-picker").minicolors("value", "#" + colour);
         })
 
@@ -295,7 +295,7 @@ var place = {
     },
 
     handleColourTextChange: function(premature = false) {
-        var colour = $("#colour-picker-hex-value").val();
+        let colour = $("#colour-picker-hex-value").val();
         if(colour.substring(0, 1) != "#") colour = "#" + colour;
         if(colour.length != 7 && (colour.length != 4 || premature)) return;
         $("#colour-picker").minicolors("value", colour);
@@ -319,7 +319,7 @@ var place = {
 
     getCanvasImage: function() {
         if(this.loadedImage) return;
-        var app = this;
+        let app = this;
         this.adjustLoadingScreen("Loading…");;
         this.loadImage().then((image) => {
             app.adjustLoadingScreen();
@@ -347,18 +347,18 @@ var place = {
     },
 
     loadImage: function() {
-        var a = this;
+        let a = this;
         return new Promise((resolve, reject) => {
-            var xhr = new XMLHttpRequest();
+            let xhr = new XMLHttpRequest();
             xhr.open("GET", "/api/board-image", true);
             xhr.responseType = "blob";
             xhr.onload = function(e) {
                 if(xhr.status == 200) {
-                    var url = URL.createObjectURL(this.response);
-                    var img = new Image();
+                    let url = URL.createObjectURL(this.response);
+                    let img = new Image();
                     img.onload = function() {
                         URL.revokeObjectURL(this.src);
-                        var lastImageUpdate = xhr.getResponseHeader("X-Place-Last-Update");
+                        let lastImageUpdate = xhr.getResponseHeader("X-Place-Last-Update");
                         if(lastImageUpdate) a.requestPixelsAfterDate(lastImageUpdate);
                         resolve(img);
                     };
@@ -378,7 +378,7 @@ var place = {
     },
 
     setupInteraction: function() {
-        var app = this;
+        let app = this;
         interact(this.cameraController).draggable({
             inertia: true,
             restrict: {
@@ -401,13 +401,13 @@ var place = {
                 if(event.interaction.downEvent.button == 2) return event.preventDefault();
                 app.stat();
                 $(app.zoomController).removeClass("grabbing");
-                var coord = app.getCoordinates();
+                let coord = app.getCoordinates();
                 app.hashHandler.modifyHash(coord);
             }
         }).on("tap", (event) => {
             if(event.interaction.downEvent.button == 2) return event.preventDefault();
             if(!this.zooming.zooming) {
-                var cursor = app.getCanvasCursorPosition(event.pageX, event.pageY);
+                let cursor = app.getCanvasCursorPosition(event.pageX, event.pageY);
                 app.canvasClicked(cursor.x, cursor.y);
             }
             event.preventDefault();
@@ -423,14 +423,14 @@ var place = {
 
     mousewheelMoved: function(event) {
         if ($('.canvas-container:hover').length <= 0) return;
-        var e = event.originalEvent;
+        let e = event.originalEvent;
         e.preventDefault();
-        var delta = e.type == "wheel" ? -e.deltaY : (typeof e.wheelDeltaY !== "undefined" ? e.wheelDeltaY : e.wheelDelta);
+        let delta = e.type == "wheel" ? -e.deltaY : (typeof e.wheelDeltaY !== "undefined" ? e.wheelDeltaY : e.wheelDelta);
         this.setZoomScale(this.zooming.zoomScale + (delta / 100));
     },
 
     getCanvasCursorPosition: function(x = null, y = null) {
-        var zoom = this._getZoomMultiplier();
+        let zoom = this._getZoomMultiplier();
         return {x: Math.round(((x ? x : this.cursorX) - $(this.cameraController).offset().left) / zoom), y: Math.round(((y ? y : this.cursorY) - $(this.cameraController).offset().top) / zoom)};
     },
 
@@ -444,23 +444,23 @@ var place = {
     },
 
     getSpawnPoint: function() {
-        var point = this.getHashPoint();
+        let point = this.getHashPoint();
         if (point) return point;
         return this.getRandomSpawnPoint();
     },
 
     getHashPoint: function() {
-        var hash = this.hashHandler.getHash();
+        let hash = this.hashHandler.getHash();
         if(typeof hash.x !== "undefined" && typeof hash.y !== "undefined") {
-            var x = parseInt(hash.x), y = parseInt(hash.y);
-            var fixed = this.closestInsideCoordinates(x, y);
+            let x = parseInt(hash.x), y = parseInt(hash.y);
+            let fixed = this.closestInsideCoordinates(x, y);
             if(x !== null && y !== null && !isNaN(x) && !isNaN(y)) return {x: -fixed.x + (size / 2), y: -fixed.y + (size / 2)};
         }
         return null;
     },
 
     handleHashChange: function() {
-        var point = this.getHashPoint();
+        let point = this.getHashPoint();
         if (point) this.setCanvasPosition(point.x, point.y);
     },
 
@@ -530,9 +530,9 @@ var place = {
     },
 
     setupColours: function() {
-        var overlay = $("#availability-loading-modal");
+        let overlay = $("#availability-loading-modal");
         $(this.colourPaletteElement).find(".colour-option, .palette-separator").remove();
-        var contentContainer = $(this.colourPaletteElement).find("#palette-content-ctn");
+        let contentContainer = $(this.colourPaletteElement).find("#palette-content-ctn");
         this.colourPaletteOptionElements = [];
         if(this.colours) {
             overlay.hide();
@@ -540,11 +540,11 @@ var place = {
                 $("body").toggleClass("picker-showing");
                 if($("body").hasClass("picker-showing")) $("#colour-picker-hex-value").focus();
             }).append("<div class=\"colour-option transparent\"></div>").appendTo(contentContainer);
-            var elem = $("<div>").addClass("colour-option custom").attr("id", "customChosenColourOption").attr("data-colour", 1).hide().appendTo(contentContainer);
+            let elem = $("<div>").addClass("colour-option custom").attr("id", "customChosenColourOption").attr("data-colour", 1).hide().appendTo(contentContainer);
             this.colourPaletteOptionElements.push(elem[0]);
             if(this.canPlaceCustomColours) $("<div>").addClass("palette-separator").appendTo(contentContainer);
             this.colours.forEach((colour, index) => {
-                var elem = $("<div>").addClass("colour-option" + (colour.toLowerCase() == "#ffffff" ? " is-white" : "")).css("background-color", colour).attr("data-colour", index + 2);
+                let elem = $("<div>").addClass("colour-option" + (colour.toLowerCase() == "#ffffff" ? " is-white" : "")).css("background-color", colour).attr("data-colour", index + 2);
                 elem.appendTo(contentContainer);
                 this.colourPaletteOptionElements.push(elem[0]);
             });
@@ -552,7 +552,7 @@ var place = {
             if(this.pixelFlags && this.pixelFlags.length > 0) {
                 $("<div>").addClass("palette-separator").appendTo(contentContainer);
                 this.pixelFlags.forEach((flag, index) => {
-                    var elem = $("<div>").addClass("colour-option flag-option").css("background-image", `url(${flag.image})`).attr("data-flag", index).attr("data-flag-id", flag.id).attr("title", `${flag.title}:\n${flag.description}`).attr("alt", flag.title);
+                    let elem = $("<div>").addClass("colour-option flag-option").css("background-image", `url(${flag.image})`).attr("data-flag", index).attr("data-flag-id", flag.id).attr("title", `${flag.title}:\n${flag.description}`).attr("alt", flag.title);
                     if(flag.needsBorder) elem.addClass("is-white");
                     elem.appendTo(contentContainer);
                     this.colourPaletteOptionElements.push(elem[0]);
@@ -566,7 +566,7 @@ var place = {
     handleColourPaletteChange: function(newColour) {
         if(!this.canPlaceCustomColours) return;
         this.customColour = newColour;
-        var elem = $("#customChosenColourOption").show().css("background-color", newColour);
+        let elem = $("#customChosenColourOption").show().css("background-color", newColour);
         $("#colour-picker-hex-value").val(newColour.toUpperCase());
         if(newColour.toLowerCase() == "#ffffff") elem.addClass("is-white");
         else elem.removeClass("is-white");
@@ -574,7 +574,7 @@ var place = {
     },
 
     handleResize: function() {
-        var canvasContainer = $(this.zoomController).parent();
+        let canvasContainer = $(this.zoomController).parent();
         this.displayCanvas.height = canvasContainer.height();
         this.displayCanvas.width = canvasContainer.width();
         this.displayCtx.mozImageSmoothingEnabled = false;
@@ -589,13 +589,13 @@ var place = {
     },
 
     updateColourSelectorPosition: function() {
-        var elem = $("#colour-picker-popover"), button = $("#customColourChooserOption");
-        var position = 20;
+        let elem = $("#colour-picker-popover"), button = $("#customColourChooserOption");
+        let position = 20;
         if(button.length > 0) position = Math.max(20, button.offset().left - (elem.outerWidth() / 2) + (button.outerWidth() / 2));
         if(position <= 20) {
             elem.addClass("arrow-left");
             if(button.length > 0) {
-                var arrowOffset = button.offset().left - (button.outerWidth() / 2) - 10;
+                let arrowOffset = button.offset().left - (button.outerWidth() / 2) - 10;
                 $("#popover-styling").html(`#colour-picker-popover:after, #colour-picker-popover:before { left: ${arrowOffset}px!important; }`);
             }
             else $("#popover-styling").html("");
@@ -613,10 +613,10 @@ var place = {
     },
 
     updateDisplayCanvas: function() {
-        var dcanvas = this.displayCanvas;
+        let dcanvas = this.displayCanvas;
         this.displayCtx.clearRect(0, 0, dcanvas.width, dcanvas.height);
-        var zoom = this._getCurrentZoom();
-        var mod = size / 2;
+        let zoom = this._getCurrentZoom();
+        let mod = size / 2;
         this.displayCtx.drawImage(this.canvas, dcanvas.width / 2 + (this.panX - mod - 0.5) * zoom, dcanvas.height / 2 + (this.panY - mod - 0.5) * zoom, this.canvas.width * zoom, this.canvas.height * zoom);
     },
 
@@ -637,8 +637,8 @@ var place = {
     animateZoom: function(callback = null) {
         this.zooming.zoomTime += this.zooming.fastZoom ? 5 : 2;
 
-        var x = this._lerp(this.zooming.panFromX, this.zooming.panToX, this.zooming.zoomTime);
-        var y = this._lerp(this.zooming.panFromY, this.zooming.panToY, this.zooming.zoomTime);
+        let x = this._lerp(this.zooming.panFromX, this.zooming.panToX, this.zooming.zoomTime);
+        let y = this._lerp(this.zooming.panFromY, this.zooming.panToY, this.zooming.zoomTime);
         this.updateUIWithZoomScale(this._lerp(this.zooming.zoomFrom, this.zooming.zoomTo, this.zooming.zoomTime));
         this.setCanvasPosition(x, y);
 
@@ -668,14 +668,14 @@ var place = {
         this.setCanvasPosition(this.zooming.panToX, this.zooming.panToY);
         this.zooming.panToX = null, this.zooming.panToY = null, this.zooming.zoomTo = null, this.zooming.zoomFrom = null;
         clearInterval(this.zooming.zoomHandle);
-        var coord = this.getCoordinates();
+        let coord = this.getCoordinates();
         this.hashHandler.modifyHash(coord);
         this.zooming.zoomHandle = null;
         this.zooming.fastZoom = false;
     },
 
     setupZoomSlider: function() {
-        var minScale = this.getMinimumScale();
+        let minScale = this.getMinimumScale();
         $('#zoom-slider').slider({
             ticks: this.zooming.snapPoints.map((p) => Math.max(p, minScale)),
             ticks_snap_bounds: 0.01,
@@ -695,7 +695,7 @@ var place = {
         this.zooming.panFromY = this.panY;
         if(this.zooming.panToX == null) this.zooming.panToX = this.panX;
         if(this.zooming.panToY == null) this.zooming.panToY = this.panY;
-        var newScale = this.normalizeZoomScale(scale);
+        let newScale = this.normalizeZoomScale(scale);
         if(animated) {
             this.zooming.zoomTime = 0;
             this.zooming.zoomFrom = this._getCurrentZoom();
@@ -714,13 +714,13 @@ var place = {
     },
 
     getMinimumScale: function() {
-        var canvasContainer = $(this.zoomController).parent();
+        let canvasContainer = $(this.zoomController).parent();
         return Math.min(1, Math.min((canvasContainer.height() - $("#page-nav").height()) / size, canvasContainer.width() / size));
     },
 
     normalizeZoomScale: function(scale) {
-        var minScale = this.getMinimumScale();
-        var newScale = Math.min(this.zooming.snapPoints[this.zooming.snapPoints.length - 1], Math.max(minScale, Math.max(this.zooming.snapPoints[0], scale)));
+        let minScale = this.getMinimumScale();
+        let newScale = Math.min(this.zooming.snapPoints[this.zooming.snapPoints.length - 1], Math.max(minScale, Math.max(this.zooming.snapPoints[0], scale)));
         this.zooming.wasZoomedFullyOut = newScale <= minScale;
         if (this.zooming.wasZoomedFullyOut && !$(this.colourPaletteElement).hasClass("full-canvas")) $(this.colourPaletteElement).addClass("full-canvas");
         else if(!this.zooming.wasZoomedFullyOut && $(this.colourPaletteElement).hasClass("full-canvas")) $(this.colourPaletteElement).removeClass("full-canvas");
@@ -729,7 +729,7 @@ var place = {
 
     toggleZoom: function() {
         if (this.zooming.zooming) return;
-        var scale = this.zooming.zoomScale;
+        let scale = this.zooming.zoomScale;
         if (scale < this.zooming.initialZoomPoint) this.setZoomScale(this.zooming.initialZoomPoint, true);
         else if (scale < (this.zooming.initialZoomPoint + this.zooming.zoomedInPoint) / 2) this.setZoomScale(this.zooming.zoomedInPoint, true);
         else if (scale <= this.zooming.zoomedInPoint) this.setZoomScale(this.zooming.initialZoomPoint, true);
@@ -741,7 +741,7 @@ var place = {
     },
 
     _adjustGridButtonText: function() {
-        var gridShown = $(this.grid).hasClass("show");
+        let gridShown = $(this.grid).hasClass("show");
         if (this.gridButton) $(this.gridButton).html(`<i class="fa fa-fw fa-${gridShown ? "square" : "th"}"></i>`).attr("title", (gridShown ? "Hide Grid" : "Show Grid") + " (G)");
     },
 
@@ -759,8 +759,8 @@ var place = {
 
     setCoordinatesButton: function(btn) {
         if(Clipboard.isSupported()) {
-            var app = this;
-            var clipboard = new Clipboard(btn);
+            let app = this;
+            let clipboard = new Clipboard(btn);
             $(btn).addClass("clickable").tooltip({
                 title: "Copied to clipboard!",
                 trigger: "manual",
@@ -775,19 +775,19 @@ var place = {
     },
 
     moveCamera: function(deltaX, deltaY, softAllowBoundPush = true) {
-        var cam = $(this.cameraController);
-        var zoomModifier = this._getCurrentZoom();
-        var coords = this.getCoordinates();
-        var x = deltaX / zoomModifier, y = deltaY / zoomModifier;
+        let cam = $(this.cameraController);
+        let zoomModifier = this._getCurrentZoom();
+        let coords = this.getCoordinates();
+        let x = deltaX / zoomModifier, y = deltaY / zoomModifier;
         this.setCanvasPosition(x, y, true, softAllowBoundPush);
     },
 
     updateCoordinates: function() {
-        var coord = this.getCoordinates();
+        let coord = this.getCoordinates();
         if(coord != this.lastUpdatedCoordinates) {
-            var coordElem = $(this.coordinateElement);
+            let coordElem = $(this.coordinateElement);
             setTimeout(function() {
-                var spans = coordElem.find("span");
+                let spans = coordElem.find("span");
                 spans.first().text(coord.x.toLocaleString());
                 spans.last().text(coord.y.toLocaleString());
                 coordElem.attr("data-clipboard-text", `(${coord.x}, ${coord.y})`);
@@ -797,13 +797,13 @@ var place = {
     },
 
     isOutsideOfBounds: function(precise = false) {
-        var coord = this.getCoordinates();
-        var x = coord.x < 0 || coord.x >= size, y = coord.y >= size || coord.y < 0
+        let coord = this.getCoordinates();
+        let x = coord.x < 0 || coord.x >= size, y = coord.y >= size || coord.y < 0
         return precise ? { x: x, y: y } : x || y;
     },
 
     getCoordinates: function() {
-        var dcanvas = this.canvasController.canvas;
+        let dcanvas = this.canvasController.canvas;
         return {x: Math.floor(-this.panX) + dcanvas.width / 2, y: Math.floor(-this.panY) + dcanvas.height / 2};
     },
 
@@ -826,9 +826,9 @@ var place = {
     },
 
     updateGrid: function() {
-        var zoom = this._getCurrentZoom();
-        var x = ($(this.cameraController).offset().left - (zoom / 2)) % zoom;
-        var y = ($(this.cameraController).offset().top - (zoom / 2)) % zoom;
+        let zoom = this._getCurrentZoom();
+        let x = ($(this.cameraController).offset().left - (zoom / 2)) % zoom;
+        let y = ($(this.cameraController).offset().top - (zoom / 2)) % zoom;
         $(this.grid).css({transform: `translate(${x}px, ${y}px)`, backgroundSize: `${zoom}px ${zoom}px`});
     },
 
@@ -841,12 +841,12 @@ var place = {
         this.lastX = x;
         this.lastY = y;
         if(this.gridHint) {
-            var zoom = this._getCurrentZoom();
+            let zoom = this._getCurrentZoom();
             // Hover position in grid multiplied by zoom
-            var x = Math.round((this.lastX - $(this.cameraController).offset().left) / zoom), y = Math.round((this.lastY - $(this.cameraController).offset().top) / zoom);
-            var elem = $(this.gridHint);
-            var posX = x + ($(this.cameraController).offset().left / zoom) - 0.5;
-            var posY = y + ($(this.cameraController).offset().top / zoom) - 0.5;
+            let x = Math.round((this.lastX - $(this.cameraController).offset().left) / zoom), y = Math.round((this.lastY - $(this.cameraController).offset().top) / zoom);
+            let elem = $(this.gridHint);
+            let posX = x + ($(this.cameraController).offset().left / zoom) - 0.5;
+            let posY = y + ($(this.cameraController).offset().top / zoom) - 0.5;
             elem.css({
                 left: posX * zoom,
                 top: posY * zoom,
@@ -858,7 +858,7 @@ var place = {
         if(!this.placing) {
             this.updateGridHint(event.pageX, event.pageY);
             if(this.handElement) {
-                var elem = $(this.handElement);
+                let elem = $(this.handElement);
                 elem.css({
                     left: event.pageX - (elem.width() / 2),
                     top: event.pageY - (elem.height() / 2),
@@ -894,7 +894,7 @@ var place = {
         if(this.isSignedIn()) {
             this.changePlaceTimerVisibility(true);
             $(this.placeTimer).children("span").text("Loading…");
-            var a = this;
+            let a = this;
             return placeAjax.get("/api/timer").then((data) => a.doTimer(data.timer)).catch((err) => this.changePlaceTimerVisibility(false));
         }
         this.changePlaceTimerVisibility(false);
@@ -920,12 +920,12 @@ var place = {
             return (new Array(length + 1).join(pad) + str).slice(-length);
         }
         if(this.unlockTime && this.secondTimer && this.fullUnlockTime) {
-            var time = Math.round(this.unlockTime - new Date().getTime() / 1000);
+            let time = Math.round(this.unlockTime - new Date().getTime() / 1000);
             if(time > 0) {
-                var minutes = ~~(time / 60), seconds = time - minutes * 60;
-                var formattedTime = `${minutes}:${padLeft(seconds.toString(), "0", 2)}`;
+                let minutes = ~~(time / 60), seconds = time - minutes * 60;
+                let formattedTime = `${minutes}:${padLeft(seconds.toString(), "0", 2)}`;
                 document.title = `[${formattedTime}] | ${this.originalTitle}`;
-                var shouldShowNotifyButton = !this.notificationHandler.canNotify() && this.notificationHandler.isAbleToRequestPermission();
+                let shouldShowNotifyButton = !this.notificationHandler.canNotify() && this.notificationHandler.isAbleToRequestPermission();
                 $(this.placeTimer).children("span").html("You may place again in <strong>" + formattedTime + "</strong>." + (shouldShowNotifyButton ? " <a href=\"#\" id=\"notify-me\">Notify me</a>." : ""));
                 return;
             } else if(this.fullUnlockTime > 5) { // only notify if full countdown exceeds 5 seconds
@@ -944,11 +944,11 @@ var place = {
     },
 
     changeUserCount: function(newContent) {
-        var elem = $(this.userCountElement);
+        let elem = $(this.userCountElement);
         elem.show();
-        var notch = elem.find(".loading");
-        var text = elem.find(".count");
-        var num = parseInt(newContent);
+        let notch = elem.find(".loading");
+        let text = elem.find(".count");
+        let num = parseInt(newContent);
         if(num === null || isNaN(num)) {
             notch.show();
             text.text("");
@@ -972,7 +972,7 @@ var place = {
     selectColour: function(colourID, hideColourPicker = true) {
         this.deselectColour(hideColourPicker);
         this.selectedColour = colourID - 1;
-        var elem = this.colourPaletteOptionElements[this.selectedColour];
+        let elem = this.colourPaletteOptionElements[this.selectedColour];
         // Create hand element
         this.handElement = $(elem).clone().addClass("hand").appendTo($(this.zoomController).parent())[0];
         // Update zoom scale for hand element sizing
@@ -999,7 +999,7 @@ var place = {
     changeSelectorVisibility: function(visible) {
         if(this.selectedColour == null) return;
         if(visible) {
-          var elem = this.colourPaletteOptionElements[this.selectedColour];
+          let elem = this.colourPaletteOptionElements[this.selectedColour];
           $(this.handElement).show();
           $(this.zoomController).addClass("selected");
           $(this.gridHint).show();
@@ -1021,16 +1021,16 @@ var place = {
     },
 
     canvasClicked: function(x, y, event) {
-        var app = this;
+        let app = this;
         this.stat();
         function getUserInfoTableItem(title, value) {
-            var ctn = $("<div>").addClass("field");
+            let ctn = $("<div>").addClass("field");
             $("<span>").addClass("title").text(title).appendTo(ctn);
             $(`<span>`).addClass("value").html(value).appendTo(ctn);
             return ctn;
         }
         function getUserInfoDateTableItem(title, date) {
-            var ctn = getUserInfoTableItem(title, "");
+            let ctn = getUserInfoTableItem(title, "");
             $("<time>").attr("datetime", date).attr("title", new Date(date).toLocaleString()).text($.timeago(date)).prependTo(ctn.find(".value"));
             return ctn;
         }
@@ -1041,17 +1041,17 @@ var place = {
         if (x < 0 || y < 0 || x > this.canvas.width - 1 || y > this.canvas.height - 1) return;
 
         // Make the user zoom in before placing pixel
-        var wasZoomedOut = !this.zooming.zoomedIn;
+        let wasZoomedOut = !this.zooming.zoomedIn;
         if(wasZoomedOut) this.zoomIntoPoint(x, y);
 
         if(this.selectedColour === null) {
             this.zoomIntoPoint(x, y);
             return this.getPixel(x, y, (err, data) => {
                 if(err || !data.pixel) return;
-                var popover = $(this.pixelDataPopover);
+                let popover = $(this.pixelDataPopover);
                 if(this.zooming.zooming) this.shouldShowPopover = true;
                 else popover.fadeIn(250);
-                var hasUser = !!data.pixel.user;
+                let hasUser = !!data.pixel.user;
                 if(typeof data.pixel.userError === "undefined") data.pixel.userError = null;
                 popover.find("#pixel-data-username").text(hasUser ? data.pixel.user.username : this.getUserStateText(data.pixel.userError));
                 if(hasUser) popover.find("#pixel-data-username").removeClass("deleted-account");
@@ -1070,22 +1070,22 @@ var place = {
                 else popover.find(".pixel-colour").removeClass("allow-use");
                 popover.find(".rank-container > *").remove();
                 if(hasUser) {
-                    var userInfoCtn = popover.find(".user-info");
+                    let userInfoCtn = popover.find(".user-info");
                     userInfoCtn.show();
                     userInfoCtn.find(".field").remove();
                     getUserInfoTableItem("Total pixels placed", data.pixel.user.statistics.totalPlaces.toLocaleString()).appendTo(userInfoCtn);
                     if(data.pixel.user.statistics.placesThisWeek !== null) getUserInfoTableItem("Pixels this week", data.pixel.user.statistics.placesThisWeek.toLocaleString()).appendTo(userInfoCtn);
                     getUserInfoDateTableItem("Account created", data.pixel.user.creationDate).appendTo(userInfoCtn);
-                    var latestCtn = getUserInfoDateTableItem("Last placed", data.pixel.user.statistics.lastPlace).appendTo(userInfoCtn);
+                    let latestCtn = getUserInfoDateTableItem("Last placed", data.pixel.user.statistics.lastPlace).appendTo(userInfoCtn);
                     if(data.pixel.user.latestPixel && data.pixel.user.latestPixel.isLatest) {
-                        var latest = data.pixel.user.latestPixel;
-                        var element = $("<div>")
+                        let latest = data.pixel.user.latestPixel;
+                        let element = $("<div>")
                         if(data.pixel.point.x == latest.point.x && data.pixel.point.y == latest.point.y) $("<span>").addClass("secondary-info").text("(this pixel)").appendTo(element);
                         else $("<a>").attr("href", "javascript:void(0)").text(`at (${latest.point.x.toLocaleString()}, ${latest.point.y.toLocaleString()})`).click(() => app.zoomIntoPoint(latest.point.x, latest.point.y, false)).appendTo(element);
                         element.appendTo(latestCtn.find(".value"));
                     }
                     popover.find("#pixel-data-username").attr("href", `/@${data.pixel.user.username}`);
-                    var rankContainer = popover.find(".rank-container");
+                    let rankContainer = popover.find(".rank-container");
                     data.pixel.user.badges.forEach((badge) => renderBadge(badge).appendTo(rankContainer));
                     popover.find("#user-actions-dropdown-ctn").html(renderUserActionsDropdown(data.pixel.user));
                 } else {
@@ -1098,7 +1098,7 @@ var place = {
         if(wasZoomedOut) return;
         if(this.selectedColour !== null && !this.placing) {
             this.changePlacingModalVisibility(true);
-            var hex = this.getCurrentColourHex();
+            let hex = this.getCurrentColourHex();
             this.placing = true;
             placeAjax.post("/api/place", { x: x, y: y, hex: hex }, "An error occurred while trying to place your pixel.", () => {
                 this.changePlacingModalVisibility(false);
@@ -1124,7 +1124,7 @@ var place = {
     },
 
     doKeys: function() {
-        var keys = Object.keys(this.keys).filter((key) => this.keys[key].filter((keyCode) => this.keyStates[keyCode] === true).length > 0);
+        let keys = Object.keys(this.keys).filter((key) => this.keys[key].filter((keyCode) => this.keyStates[keyCode] === true).length > 0);
         if(keys.indexOf("up") > -1) this.moveCamera(0, 5, false);
         if(keys.indexOf("down") > -1) this.moveCamera(0, -5, false);
         if(keys.indexOf("left") > -1) this.moveCamera(5, 0, false);
@@ -1145,8 +1145,8 @@ var place = {
 
     pickColourUnderCursor: function() {
         if(!this.canPlaceCustomColours) return;
-        var cursor = this.getCanvasCursorPosition();
-        var colour = this.canvasController.getPixelColour(cursor.x, cursor.y);
+        let cursor = this.getCanvasCursorPosition();
+        let colour = this.canvasController.getPixelColour(cursor.x, cursor.y);
         $("#colour-picker").minicolors("value", "#" + colour);
     },
 
@@ -1165,9 +1165,9 @@ var place = {
     },
 
     showAdminBroadcast: function(title, message, style, timeout = 0) {
-        var alert = $("<div>").addClass("floating-alert admin-alert alert alert-block alert-dismissable").addClass("alert-" + style).hide().prependTo($("#floating-alert-ctn"));
+        let alert = $("<div>").addClass("floating-alert admin-alert alert alert-block alert-dismissable").addClass("alert-" + style).hide().prependTo($("#floating-alert-ctn"));
         this.dismissBtn.clone().appendTo(alert);
-        var text = $("<p>").text(message).appendTo(alert);
+        let text = $("<p>").text(message).appendTo(alert);
         if(title != null && title != "") {
             $("<span>").text(" ").prependTo(text);
             $("<strong>").text(title).prependTo(text);
@@ -1182,8 +1182,8 @@ var place = {
     },
 
     handlePaletteExpandoClick: function() {
-        var options = {duration: 150, queue: false};
-        var expand = $(this).toggleClass("expanded").hasClass("expanded");
+        let options = {duration: 150, queue: false};
+        let expand = $(this).toggleClass("expanded").hasClass("expanded");
         if(expand) $("#menu-content-ctn").slideDown(options);
         else $("#menu-content-ctn").slideUp(options).fadeOut(options);
     },
@@ -1201,9 +1201,9 @@ var place = {
     },
 
     layoutWarps: function() {
-        var app = this;
+        let app = this;
         function getWarpInfo(title = null, detail = null, clickHandler = null, deleteClickHandler = null, add = false) {
-            var warpInfo = $("<div>").addClass("warp-info");
+            let warpInfo = $("<div>").addClass("warp-info");
             if(title) $("<span>").addClass("warp-title").text(title).appendTo(warpInfo);
             if(detail) $("<span>").addClass("warp-coordinates").text(detail).appendTo(warpInfo);
             if(add) warpInfo.addClass("add").attr("title", "Create a warp at the current position").append("<span class=\"warp-title\"><i class=\"fa fa-plus\"></i></span>");
@@ -1214,25 +1214,25 @@ var place = {
             if(clickHandler) warpInfo.click(clickHandler.bind(app, warpInfo));
             return warpInfo;
         }
-        var warpsContainer = $("#warps-ctn");
+        let warpsContainer = $("#warps-ctn");
         if(!this.warps) return warpsContainer.text("Couldn't load warps.");
         warpsContainer.html("");
-        var warpInfoContainer = $("<div>").addClass("menu-section-content").appendTo($("<div>").addClass("menu-section-content-ctn").appendTo(warpsContainer));
+        let warpInfoContainer = $("<div>").addClass("menu-section-content").appendTo($("<div>").addClass("menu-section-content-ctn").appendTo(warpsContainer));
         getWarpInfo(null, null, this.addNewWarpClicked, null, true).appendTo(warpInfoContainer);
         if(this.warps.length > 0) {
             this.warps.forEach((warp) => getWarpInfo(warp.name, `(${warp.location.x.toLocaleString()}, ${warp.location.y.toLocaleString()})`, () => this.zoomIntoPoint(warp.location.x, warp.location.y, false), this.deleteWarpClicked).attr("data-warp-id", warp.id).appendTo(warpInfoContainer));
         } else {
             warpInfoContainer.addClass("empty");
-            var explanation = $("<div>").addClass("warp-info explanation").appendTo(warpInfoContainer);
+            let explanation = $("<div>").addClass("warp-info explanation").appendTo(warpInfoContainer);
             $("<span>").addClass("warp-title").text("Warps").appendTo(explanation);
             $("<span>").addClass("warp-coordinates").text("Use warps to get around the canvas quickly. Save a position and warp to it later on.").appendTo(explanation);
         }
     },
 
     addNewWarpClicked: function(elem, event, input = null) {
-        var warpTitle = window.prompt(`Enter a title for this warp (at current position):`, input || "");
+        let warpTitle = window.prompt(`Enter a title for this warp (at current position):`, input || "");
         if(!warpTitle || warpTitle.length <= 0) return;
-        var pos = this.getCoordinates();
+        let pos = this.getCoordinates();
         placeAjax.post("/api/warps", {x: pos.x, y: pos.y, name: warpTitle}, "An unknown error occurred while attempting to create your warp.").then((response) => {
             if(response.warp) this.warps.unshift(response.warp);
             this.layoutWarps();
@@ -1248,22 +1248,22 @@ var place = {
         if(!window.confirm("Are you sure you want to delete this warp?")) return;
         function setDeletingState(deleting) {
             elem.data("deleting", deleting);
-            var icon = elem.find("i");
+            let icon = elem.find("i");
             if(deleting) icon.addClass("fa-minus").removeClass("fa-spin fa-circle-o-notch");
             else icon.removeClass("fa-minus").addClass("fa-spin fa-circle-o-notch");
         }
         setDeletingState(true);
-        var warpID = elem.attr("data-warp-id");
+        let warpID = elem.attr("data-warp-id");
         if(!warpID) return;
         placeAjax.delete("/api/warps/" + warpID, null, "An unknown error occurred while attempting to delete the specified warp.", () => setDeletingState(false)).then((response) => {
-            var index = this.warps.map((w) => w.id).indexOf(warpID);
+            let index = this.warps.map((w) => w.id).indexOf(warpID);
             if(index >= 0) this.warps.splice(index, 1);
             this.layoutWarps();
         }).catch(() => {});
     },
 
     loadTemplates: function() {
-        var templateJSON = localStorage.getItem("templates");
+        let templateJSON = localStorage.getItem("templates");
         if(!templateJSON) return this.templates = [];
         this.templates = JSON.parse(templateJSON);
     },
@@ -1275,40 +1275,40 @@ var place = {
     layoutTemplates: function() {
         if(!this.templatesEnabled) return $("#templates-ctn").text("Coming Soon");
         if(!this.templates) this.loadTemplates();
-        var templatesContainer = $("#templates-ctn");
-        var templateImgs = $("#template-images");
+        let templatesContainer = $("#templates-ctn");
+        let templateImgs = $("#template-images");
         templatesContainer.html("");
         templateImgs.html("");
-        var infoContainer = $("<div>").addClass("menu-section-content").appendTo($("<div>").addClass("menu-section-content-ctn").appendTo(templatesContainer));
+        let infoContainer = $("<div>").addClass("menu-section-content").appendTo($("<div>").addClass("menu-section-content-ctn").appendTo(templatesContainer));
         $("<div>").addClass("warp-info template add").html("<span class=\"warp-title\"><i class=\"fa fa-plus\"></i></span>").click(this.addTemplateClicked.bind(this)).appendTo(infoContainer);
         if(this.templates.length > 0) {
             this.templates.forEach((template, index) => {
-                var templateCtn = $("<div>").addClass("warp-info template").attr("data-template-id", index).attr("title", "Jump to the position of this template").appendTo(infoContainer);
+                let templateCtn = $("<div>").addClass("warp-info template").attr("data-template-id", index).attr("title", "Jump to the position of this template").appendTo(infoContainer);
                 templateCtn.click(this.moveToTemplateClicked.bind(this, templateCtn));
                 $("<div>").addClass("warp-delete").attr("title", "Delete this template").html("<i class=\"fa fa-minus fa-fw\"></i>").click(this.deleteTemplateClicked.bind(this, templateCtn)).appendTo(templateCtn);
                 $("<div>").addClass("warp-jump-to").attr("title", "Move this template to your current position").html("<i class=\"fa fa-map-pin fa-fw\"></i>").click(this.moveTemplateHereClicked.bind(this, templateCtn)).appendTo(templateCtn);
                 $("<div>").addClass("warp-visibility").attr("title", "Change the opacity of this template").html("<i class=\"fa fa-eye fa-fw\"></i>").click(this.changeOpacityOfTemplateClicked.bind(this, templateCtn)).appendTo(templateCtn);
                 $("<div>").addClass("warp-scale").attr("title", "Change the scale of this template").html("<i class=\"fa fa-expand fa-fw\"></i>").click(this.changeScaleOfTemplateClicked.bind(this, templateCtn)).appendTo(templateCtn);
                 $("<div>").addClass("template-img").css("background-image", `url(${template.url})`).appendTo(templateCtn);
-                var scale = (template.scale || 1) / 4;
+                let scale = (template.scale || 1) / 4;
                 $("<img>").attr("src", template.url).css({top: template.pos.y, left: template.pos.x, transform: `scale(${scale}) translateZ(0) translate(-${50 / scale}%, -${50 / scale}%)`, opacity: template.opacity}).appendTo(templateImgs);
             });
         } else {
             infoContainer.addClass("empty");
-            var explanation = $("<div>").addClass("warp-info template explanation").appendTo(infoContainer);
+            let explanation = $("<div>").addClass("warp-info template explanation").appendTo(infoContainer);
             $("<span>").addClass("warp-title").text("Templates").appendTo(explanation);
             $("<span>").addClass("warp-coordinates").text("Overlay an image on the canvas to use as a guide for your art.").appendTo(explanation);
         }
     },
     
     addTemplateClicked: function() {
-        var app = this;
+        let app = this;
         $("<input>").attr("type", "file").attr("accept", ".png,.jpg,.gif,.jpeg,.webm,.apng,.svg").hide().on("change", function() {
             this.remove();
             if(!this.files || !this.files[0]) return;
-            var reader = new FileReader();
+            let reader = new FileReader();
             reader.onload = (event) => {
-                var dataURI = event.target.result;
+                let dataURI = event.target.result;
                 app.templates.push({pos: app.getCoordinates(), url: dataURI, opacity: 0.5, scale: 1});
                 app.layoutTemplates();
                 app.saveTemplates();
@@ -1325,7 +1325,7 @@ var place = {
         event.preventDefault();
         event.stopPropagation();
         if(!window.confirm("Are you sure you want to delete this template?")) return;
-        var index = $(elem).attr("data-template-id");
+        let index = $(elem).attr("data-template-id");
         if(!index || index < 0) return;
         this.templates.splice(index, 1);
         this.layoutTemplates();
@@ -1335,7 +1335,7 @@ var place = {
     moveTemplateHereClicked: function(elem, event) {
         event.preventDefault();
         event.stopPropagation();
-        var index = $(elem).attr("data-template-id");
+        let index = $(elem).attr("data-template-id");
         if(!index || index < 0) return;
         this.templates[index].pos = this.getCoordinates();
         this.layoutTemplates();
@@ -1345,9 +1345,9 @@ var place = {
     changeOpacityOfTemplateClicked: function(elem, event) {
         event.preventDefault();
         event.stopPropagation();
-        var index = $(elem).attr("data-template-id");
+        let index = $(elem).attr("data-template-id");
         if(!index || index < 0) return;
-        var newOpacity = window.prompt("Enter the new desired opacity for this template (as a percentage):", (this.templates[index].opacity || 0.5) * 100);
+        let newOpacity = window.prompt("Enter the new desired opacity for this template (as a percentage):", (this.templates[index].opacity || 0.5) * 100);
         if(!newOpacity) return;
         if(newOpacity > 100 || newOpacity < 0) return window.alert("You must enter a value between 0 and 100.");
         this.templates[index].opacity = newOpacity / 100;
@@ -1358,9 +1358,9 @@ var place = {
     changeScaleOfTemplateClicked: function(elem, event) {
         event.preventDefault();
         event.stopPropagation();
-        var index = $(elem).attr("data-template-id");
+        let index = $(elem).attr("data-template-id");
         if(!index || index < 0) return;
-        var newScale = window.prompt("Enter the new desired scale for this template (relative to 1):", this.templates[index].scale || 1);
+        let newScale = window.prompt("Enter the new desired scale for this template (relative to 1):", this.templates[index].scale || 1);
         if(!newScale) return;
         this.templates[index].scale = newScale;
         this.layoutTemplates();
@@ -1370,9 +1370,9 @@ var place = {
     moveToTemplateClicked: function(elem, event) {
         event.preventDefault();
         event.stopPropagation();
-        var index = $(elem).attr("data-template-id");
+        let index = $(elem).attr("data-template-id");
         if(!index || index < 0) return;
-        var pos = this.templates[index].pos;
+        let pos = this.templates[index].pos;
         this.zoomIntoPoint(pos.x, pos.y, false);
     }
 };
@@ -1392,8 +1392,8 @@ $("#user-count").click(function() {
     place.popoutController.popoutVisibilityController.changeTab("active-users");
 });
 
-var hash = hashHandler.getHash();
-var hashKeys = Object.keys(hash);
+let hash = hashHandler.getHash();
+let hashKeys = Object.keys(hash);
 if(hashKeys.indexOf("signin") > 0 || hashKeys.indexOf("logintext") > 0) {
     if(hashKeys.indexOf("logintext") > 0) {
         SignInDialogController.showErrorOnTab("sign-in", hash["logintext"])
@@ -1407,7 +1407,7 @@ if(hashKeys.indexOf("signin") > 0 || hashKeys.indexOf("logintext") > 0) {
 }
 
 $("*[data-place-trigger]").click(function() {
-    var trigger = $(this).data("place-trigger");
+    let trigger = $(this).data("place-trigger");
     if(trigger == "openSignInDialog") {
         SignInDialogController.show("sign-in");
     } else if(trigger == "openSignUpDialog") {
@@ -1418,14 +1418,14 @@ $("*[data-place-trigger]").click(function() {
 });
 
 if(place.isSignedIn()) {
-    var changelogController = {
+    let changelogController = {
         contentElement: $("#changelog-content"),
         changelogs: null, pagination: null,
         isLoadingChangelogs: false,
 
         setup: function() {
             $(document).on("keydown", (e) => {
-                var isLeft = e.keyCode == 37, isRight = e.keyCode == 39;
+                let isLeft = e.keyCode == 37, isRight = e.keyCode == 39;
                 if(ChangelogDialogController.isShowing() && (isLeft || isRight) && this.pagination) {
                     e.preventDefault();
                     if(this.pagination.next && isRight) this.requestChangelogPage(this.pagination.next);
@@ -1472,14 +1472,14 @@ if(place.isSignedIn()) {
             if(this.changelogs.length <= 0) return this.contentElement.addClass("needs-margin").text("There's no changelog to show.");
             this.contentElement.html("").removeClass("needs-margin");
             this.changelogs.forEach((changelog) => {
-                var element = $("<div>").addClass("changelog-info").attr("data-changelog-version", changelog.version).appendTo(this.contentElement);
+                let element = $("<div>").addClass("changelog-info").attr("data-changelog-version", changelog.version).appendTo(this.contentElement);
                 $("<p>").addClass("subhead extra-margin").text(this.getFormattedDate(changelog.date)).appendTo(element);
                 $("<p>").html(changelog.html).appendTo(element);
             });
             if(this.pagination) {
-                var paginationContainer = $("<ul>").addClass("pager").appendTo($("<nav>").attr("aria-label", "Changelog page navigation").appendTo(this.contentElement));
-                var previous = $("<a>").html("<span aria-hidden=\"true\">&larr;</span> Older").appendTo($("<li>").addClass("previous").appendTo(paginationContainer));
-                var next = $("<a>").html("Newer <span aria-hidden=\"true\">&rarr;</span>").appendTo($("<li>").addClass("next").appendTo(paginationContainer));
+                let paginationContainer = $("<ul>").addClass("pager").appendTo($("<nav>").attr("aria-label", "Changelog page navigation").appendTo(this.contentElement));
+                let previous = $("<a>").html("<span aria-hidden=\"true\">&larr;</span> Older").appendTo($("<li>").addClass("previous").appendTo(paginationContainer));
+                let next = $("<a>").html("Newer <span aria-hidden=\"true\">&rarr;</span>").appendTo($("<li>").addClass("next").appendTo(paginationContainer));
                 if(this.pagination.previous) previous.attr("href", "javascript:void(0)").click(() => this.requestChangelogPage(this.pagination.previous));
                 else previous.parent().addClass("disabled");
                 if(this.pagination.next) next.attr("href", "javascript:void(0)").click(() => this.requestChangelogPage(this.pagination.next));
@@ -1488,8 +1488,8 @@ if(place.isSignedIn()) {
         },
 
         getFormattedDate: function(dateStr) {
-            var date = new Date(dateStr);
-            var t = new Date(), y = new Date();
+            let date = new Date(dateStr);
+            let t = new Date(), y = new Date();
             y.setDate(y.getDate() - 1);
             if(date.toDateString() == (new Date()).toDateString()) return "Today";
             else if(date.toDateString() == y.toDateString()) return "Yesterday";
diff --git a/client/js/popout.js b/client/js/popout.js
index 9a2088a8..75e7be65 100644
--- a/client/js/popout.js
+++ b/client/js/popout.js
@@ -1,16 +1,16 @@
 window.mobileAndTabletCheck = function() {
-  var check = false;
+  let check = false;
   (function(a){if(/(android|bb\d+|meego).+mobile|avantgo|bada\/|blackberry|blazer|compal|elaine|fennec|hiptop|iemobile|ip(hone|od)|iris|kindle|lge |maemo|midp|mmp|mobile.+firefox|netfront|opera m(ob|in)i|palm( os)?|phone|p(ixi|re)\/|plucker|pocket|psp|series(4|6)0|symbian|treo|up\.(browser|link)|vodafone|wap|windows ce|xda|xiino|android|ipad|playbook|silk/i.test(a)||/1207|6310|6590|3gso|4thp|50[1-6]i|770s|802s|a wa|abac|ac(er|oo|s\-)|ai(ko|rn)|al(av|ca|co)|amoi|an(ex|ny|yw)|aptu|ar(ch|go)|as(te|us)|attw|au(di|\-m|r |s )|avan|be(ck|ll|nq)|bi(lb|rd)|bl(ac|az)|br(e|v)w|bumb|bw\-(n|u)|c55\/|capi|ccwa|cdm\-|cell|chtm|cldc|cmd\-|co(mp|nd)|craw|da(it|ll|ng)|dbte|dc\-s|devi|dica|dmob|do(c|p)o|ds(12|\-d)|el(49|ai)|em(l2|ul)|er(ic|k0)|esl8|ez([4-7]0|os|wa|ze)|fetc|fly(\-|_)|g1 u|g560|gene|gf\-5|g\-mo|go(\.w|od)|gr(ad|un)|haie|hcit|hd\-(m|p|t)|hei\-|hi(pt|ta)|hp( i|ip)|hs\-c|ht(c(\-| |_|a|g|p|s|t)|tp)|hu(aw|tc)|i\-(20|go|ma)|i230|iac( |\-|\/)|ibro|idea|ig01|ikom|im1k|inno|ipaq|iris|ja(t|v)a|jbro|jemu|jigs|kddi|keji|kgt( |\/)|klon|kpt |kwc\-|kyo(c|k)|le(no|xi)|lg( g|\/(k|l|u)|50|54|\-[a-w])|libw|lynx|m1\-w|m3ga|m50\/|ma(te|ui|xo)|mc(01|21|ca)|m\-cr|me(rc|ri)|mi(o8|oa|ts)|mmef|mo(01|02|bi|de|do|t(\-| |o|v)|zz)|mt(50|p1|v )|mwbp|mywa|n10[0-2]|n20[2-3]|n30(0|2)|n50(0|2|5)|n7(0(0|1)|10)|ne((c|m)\-|on|tf|wf|wg|wt)|nok(6|i)|nzph|o2im|op(ti|wv)|oran|owg1|p800|pan(a|d|t)|pdxg|pg(13|\-([1-8]|c))|phil|pire|pl(ay|uc)|pn\-2|po(ck|rt|se)|prox|psio|pt\-g|qa\-a|qc(07|12|21|32|60|\-[2-7]|i\-)|qtek|r380|r600|raks|rim9|ro(ve|zo)|s55\/|sa(ge|ma|mm|ms|ny|va)|sc(01|h\-|oo|p\-)|sdk\/|se(c(\-|0|1)|47|mc|nd|ri)|sgh\-|shar|sie(\-|m)|sk\-0|sl(45|id)|sm(al|ar|b3|it|t5)|so(ft|ny)|sp(01|h\-|v\-|v )|sy(01|mb)|t2(18|50)|t6(00|10|18)|ta(gt|lk)|tcl\-|tdg\-|tel(i|m)|tim\-|t\-mo|to(pl|sh)|ts(70|m\-|m3|m5)|tx\-9|up(\.b|g1|si)|utst|v400|v750|veri|vi(rg|te)|vk(40|5[0-3]|\-v)|vm40|voda|vulc|vx(52|53|60|61|70|80|81|83|85|98)|w3c(\-| )|webc|whit|wi(g |nc|nw)|wmlb|wonu|x700|yas\-|your|zeto|zte\-/i.test(a.substr(0,4))) check = true;})(navigator.userAgent||navigator.vendor||window.opera);
   return check;
 };
 
 function PopoutVisibilityController(popoutContainer) {
-    var controller = {
+    let controller = {
         popoutContainer: popoutContainer,
         tabChangeCallback: null, visibilityChangeCallback: null,
 
         _setup: function() {
-            var p = this;
+            let p = this;
             $(this.popoutContainer).find("input").attr("disabled", "disabled");
             $(this.popoutContainer).find(".tabbar > .tab").click(function() {
                 p.changeTab($(this).data("tab-name"));
@@ -24,7 +24,7 @@ function PopoutVisibilityController(popoutContainer) {
                     window.close();
                 } else {
                     console.log(p.activeTab);
-                    var w = window.open("/popout#" + p.activeTab, "Place_Popout", "directories=no,titlebar=no,toolbar=no,location=no,status=no,menubar=no,scrollbars=no,resizable=no,width=350,height=" + window.height);
+                    let w = window.open("/popout#" + p.activeTab, "Place_Popout", "directories=no,titlebar=no,toolbar=no,location=no,status=no,menubar=no,scrollbars=no,resizable=no,width=350,height=" + window.height);
                     if (window.focus) {w.focus()}
                     $("body").addClass("popped-out");
                     if(p.visibilityChangeCallback) p.visibilityChangeCallback();
@@ -41,7 +41,7 @@ function PopoutVisibilityController(popoutContainer) {
         },
 
         changeTab: function(name) {
-            var p = this;
+            let p = this;
             p.activeTab = name;
             $(this.popoutContainer).find(".tab-content.active, .tab.active").removeClass("active");
             $(this.popoutContainer).attr("data-selected-tab", name);
@@ -85,7 +85,7 @@ function PopoutVisibilityController(popoutContainer) {
     return controller;
 }
 
-var popoutController = {
+let popoutController = {
     isOutdated: false, place: null,
     messages: [], activeUsers: [], leaderboard: [],
 
@@ -96,7 +96,7 @@ var popoutController = {
             else $(".tab-content.active").scrollTop(0);
         }
         this.place = place;
-        var p = this;
+        let p = this;
 
         this.setupChat();
         this.loadLeaderboard();
@@ -122,7 +122,7 @@ var popoutController = {
     },
 
     setupChat: function() {
-        var app = this;
+        let app = this;
         this.loadChatMessages();
         $("#chat-send-btn").click(function() {
             app.sendChatMessage();
@@ -138,7 +138,7 @@ var popoutController = {
     },
     
     loadChatMessages: function() {
-        var app = this;
+        let app = this;
         placeAjax.get("/api/chat", null, null).then((response) => {
             app.messages = response.messages;
             app.layoutMessages();
@@ -147,41 +147,41 @@ var popoutController = {
 
     layoutMessages: function(alwaysScrollToBottom = true) {
         function getFancyDate(date) {
-            var now = new Date();
-            var almostSameDate = now.getMonth() == date.getMonth() && now.getFullYear() == date.getFullYear();
-            var isToday = now.getDate() == date.getDate();
-            var isYesterday = !isToday && now.getDate() == date.getDate() - 1;
+            let now = new Date();
+            let almostSameDate = now.getMonth() == date.getMonth() && now.getFullYear() == date.getFullYear();
+            let isToday = now.getDate() == date.getDate();
+            let isYesterday = !isToday && now.getDate() == date.getDate() - 1;
             return `${isToday ? "Today" : (isYesterday ? "Yesterday" : date.toLocaleDateString())}, ${date.toLocaleTimeString()}`
         }
-        var prevHeight = null;
+        let prevHeight = null;
         if(!alwaysScrollToBottom) prevHeight = $("#chat-messages")[0].scrollHeight;
-        var oldScrollTop = $("#chat-messages").scrollTop();
+        let oldScrollTop = $("#chat-messages").scrollTop();
         $("#chat-messages > *").remove();
-        var sinceLastTimestamp = 0;
+        let sinceLastTimestamp = 0;
         const maxMessageBlock = 10;
         this.messages.forEach((item, index, arr) => {
-            var outgoing = $("body").data("user-id") == item.userID;
+            let outgoing = $("body").data("user-id") == item.userID;
             // Check if this message is not the first
-            var hasLastMessage = index > 0;
+            let hasLastMessage = index > 0;
             // Get the date of the last message, if possible
-            var lastMessageDate = null;
+            let lastMessageDate = null;
             if(hasLastMessage) lastMessageDate = new Date(arr[index - 1].date);
-            var messageDate = new Date(item.date);
+            let messageDate = new Date(item.date);
             // Check if this message has an attached user
-            var hasUser = !!item.user;
+            let hasUser = !!item.user;
             if(typeof item.userError === "undefined") item.userError = null;
             // Determine if this message should have a timestamp before it (they appear for first messages, every 10 messages without a timestamp, after 3 minute breaks, or if messages were sent on different days)
-            var needsTimestamp = sinceLastTimestamp > 10 || !hasLastMessage || (messageDate - lastMessageDate > 1000 * 60 * 3) || (messageDate.toDateString() !== lastMessageDate.toDateString());
+            let needsTimestamp = sinceLastTimestamp > 10 || !hasLastMessage || (messageDate - lastMessageDate > 1000 * 60 * 3) || (messageDate.toDateString() !== lastMessageDate.toDateString());
             // Determine if this message should show a username (checks if its not sent my user and if it is the first message sent, or if the message before it was sent by someone else)
-            var needsUsername = !outgoing && (needsTimestamp || !hasLastMessage || arr[index - 1].userID != item.userID);
+            let needsUsername = !outgoing && (needsTimestamp || !hasLastMessage || arr[index - 1].userID != item.userID);
             // Determine if this message should show a coordinate (if its the last message, the previous message was sent by someone else, or separated by three minutes)
-            var needsCoordinate = index >= arr.length - 1 || (arr[index + 1].userID != item.userID || new Date(arr[index + 1].date) - messageDate > 1000 * 60 * 3 || sinceLastTimestamp == 10);
+            let needsCoordinate = index >= arr.length - 1 || (arr[index + 1].userID != item.userID || new Date(arr[index + 1].date) - messageDate > 1000 * 60 * 3 || sinceLastTimestamp == 10);
             // Calculate our maximum message blocks
             if(sinceLastTimestamp > 10) sinceLastTimestamp = 0;
             if(!needsTimestamp) sinceLastTimestamp++;
             if(needsTimestamp) $(`<div class="timestamp"></div>`).text(getFancyDate(new Date(item.date))).appendTo("#chat-messages");
-            var ctn = $(`<div class="message-ctn"><div class="clearfix"><div class="message"></div></div></div>`).addClass(outgoing ? "outgoing" : "incoming");
-            var usernameHTML = $("<div class=\"username-ctn\"><a class=\"username\"><span></span></a></div>");
+            let ctn = $(`<div class="message-ctn"><div class="clearfix"><div class="message"></div></div></div>`).addClass(outgoing ? "outgoing" : "incoming");
+            let usernameHTML = $("<div class=\"username-ctn\"><a class=\"username\"><span></span></a></div>");
             usernameHTML.find("span").text(hasUser ? item.user.username : this.place.getUserStateText(item.userError))
             if(item.user && typeof renderUserActionsDropdown === "function") {
                 $(renderUserActionsDropdown(item.user)).appendTo(usernameHTML);
@@ -194,7 +194,7 @@ var popoutController = {
             if(needsUsername) usernameHTML.prependTo(ctn);
             ctn.find(".message").text(item.text).attr("title", messageDate.toLocaleString());
             if(needsCoordinate) {
-                var coords = $(`<a class="chat-coordinates" href="javascript:void(0);"><i class="fa fa-map-marker"></i> <span></span></a>`).click(() => {
+                let coords = $(`<a class="chat-coordinates" href="javascript:void(0);"><i class="fa fa-map-marker"></i> <span></span></a>`).click(() => {
                     this.place.zoomIntoPoint(item.position.x, item.position.y, false);
                     if($("body").hasClass("is-popped-out") && window.opener) window.opener.focus();
                 });
@@ -214,27 +214,27 @@ var popoutController = {
     },
 
     scrollToChatBottom: function(checkScrollOffset = null, oldScrollTop = null) {
-        var msgs = $("#chat-messages");
+        let msgs = $("#chat-messages");
         if(!checkScrollOffset || oldScrollTop + 100 >= checkScrollOffset - msgs.innerHeight()) {
             msgs.scrollTop(msgs[0].scrollHeight);
         }
     },
 
     showTextOnTab: function(tabSelector, text) {
-        var tab = $(`.tab-content[data-tab-name=${tabSelector}]`);
+        let tab = $(`.tab-content[data-tab-name=${tabSelector}]`);
         tab.html("");
         $("<div>").addClass("coming-soon").text(text).appendTo(tab);
     },
 
     sendChatMessage: function() {
-        var app = this;
-        var input = $("#chat-input-field");
-        var btn = $("#chat-send-btn");
+        let app = this;
+        let input = $("#chat-input-field");
+        let btn = $("#chat-send-btn");
         if(input.val().length <= 0) return;
         btn.text("Sending…").attr("disabled", "disabled");
         console.log()
-        var coords = this.place.getCoordinates();
-        var text = input.val();
+        let coords = this.place.getCoordinates();
+        let text = input.val();
         placeAjax.post("/api/chat", {text: text, x: coords.x, y: coords.y}, "An unknown error occurred while trying to send your chat message.", () => {
             btn.text("Send").removeAttr("disabled");
         }).then((response) => {
@@ -247,7 +247,7 @@ var popoutController = {
     },
 
     loadLeaderboard: function() {
-        var app = this;
+        let app = this;
         placeAjax.get("/api/leaderboard", null, null).then((response) => {
             app.leaderboard = response.leaderboard;
             if(response.lastUpdated) app.leaderboardUpdated = new Date(response.lastUpdated);
@@ -260,33 +260,33 @@ var popoutController = {
 
     layoutLeaderboard: function() {
         function getStatElement(name, value) {
-            var elem = $("<div>");
+            let elem = $("<div>");
             $("<span>").addClass("value").text(value).appendTo(elem);
             $("<span>").addClass("name").text(name).appendTo(elem);
             return elem;
         }
-        var tab = $("#leaderboardTab");
+        let tab = $("#leaderboardTab");
         tab.find("*").remove();
         if(!this.leaderboard) return this.showTextOnTab("leaderboard", "Loading…");
         if(this.leaderboard.length <= 0) return this.showTextOnTab("leaderboard", "No leaderboard data");
-        var topPlace = $(`<div class="top-place"><i class="fa fa-trophy big-icon"></i><span class="info">Leader</span></div>`).appendTo(tab);
-        var userInfo = $("<div>").addClass("leader-info").appendTo(topPlace);
+        let topPlace = $(`<div class="top-place"><i class="fa fa-trophy big-icon"></i><span class="info">Leader</span></div>`).appendTo(tab);
+        let userInfo = $("<div>").addClass("leader-info").appendTo(topPlace);
         $("<a>").addClass("name").attr("href", `/@${this.leaderboard[0].username}`).text(this.leaderboard[0].username).appendTo(userInfo);
         $("<span>").addClass("pixel-label").text("Pixels placed").appendTo(userInfo);
-        var subdetails = $("<div>").addClass("subdetails row-fluid clearfix").appendTo(userInfo);
+        let subdetails = $("<div>").addClass("subdetails row-fluid clearfix").appendTo(userInfo);
         getStatElement("This week", this.leaderboard[0].statistics.placesThisWeek.toLocaleString()).addClass("col-xs-6").appendTo(subdetails);
         getStatElement("Total", this.leaderboard[0].statistics.totalPlaces.toLocaleString()).addClass("col-xs-6").appendTo(subdetails);
         if(this.leaderboard.length > 1) {
             this.leaderboard.forEach((item, index) => {
                 if(index > 0) {
-                    var table = $("<table>").addClass("table table-contained").appendTo($("<div>").addClass("user compact").appendTo($("<a>").attr("href", `/@${item.username}`).appendTo(tab)));
-                    var row = $("<tr>").appendTo(table);
+                    let table = $("<table>").addClass("table table-contained").appendTo($("<div>").addClass("user compact").appendTo($("<a>").attr("href", `/@${item.username}`).appendTo(tab)));
+                    let row = $("<tr>").appendTo(table);
                     $("<td>").addClass("bold").text(`${index + 1}.`).appendTo(row);
                     $("<a>").text(item.username).attr("href", `/@${item.username}`).appendTo($("<td>").appendTo(row));
-                    var info1 = $("<td>").addClass("stat").appendTo(row);
+                    let info1 = $("<td>").addClass("stat").appendTo(row);
                     $("<span>").text(item.statistics.placesThisWeek.toLocaleString()).appendTo(info1);
                     $("<span>").text("This week").addClass("row-label").appendTo(info1);
-                    var info2 = $("<td>").addClass("stat").appendTo(row);
+                    let info2 = $("<td>").addClass("stat").appendTo(row);
                     $("<span>").text(item.statistics.totalPlaces.toLocaleString()).appendTo(info2);
                     $("<span>").text("Total").addClass("row-label").appendTo(info2);
                 }
@@ -297,7 +297,7 @@ var popoutController = {
     },
 
     loadActiveUsers: function() {
-        var app = this;
+        let app = this;
         placeAjax.get("/api/active-now", null, null).then((response) => {
             app.activeUsers = response.active;
             app.layoutActiveUsers();
@@ -309,18 +309,18 @@ var popoutController = {
 
     layoutActiveUsers: function() {
         if(this.activeUsers.length <= 0) return this.showTextOnTab("active-users", "No Active Users");
-        var tab = $("#activeUsersTab");
+        let tab = $("#activeUsersTab");
         tab.find("*").remove();
-        var usersCtn = $(`<div>`).appendTo(tab);
+        let usersCtn = $(`<div>`).appendTo(tab);
         this.activeUsers.forEach((item, index) => {
-            var row = $("<div>").addClass("user-info").appendTo($("<div>").addClass("user").appendTo(usersCtn));
+            let row = $("<div>").addClass("user-info").appendTo($("<div>").addClass("user").appendTo(usersCtn));
             $("<a>").text(item.username).addClass("username").attr("href", `/@${item.username}`).appendTo(row);
             if(item.badges && item.badges.length > 0) {
-                var badgeCtn = $("<div>").addClass("rank-container").appendTo(row);
+                let badgeCtn = $("<div>").addClass("rank-container").appendTo(row);
                 item.badges.filter((badge) => !badge.isLowRanking).forEach((badge) => renderBadge(badge, false).appendTo(badgeCtn));
             }
-            var lastSeen = $("<span>").text("Last seen ").addClass("last-seen").appendTo(row);
-            var date = item.statistics.lastSeenActively;
+            let lastSeen = $("<span>").text("Last seen ").addClass("last-seen").appendTo(row);
+            let date = item.statistics.lastSeenActively;
             $("<time>").attr("datetime", date).attr("title", new Date(date).toLocaleString()).text($.timeago(date)).appendTo($("<strong>").appendTo(lastSeen));
         });
         $("<p>").addClass("text-muted").text("Users that are both logged in and have either placed a pixel or sent a chat message in the last five minutes will appear here. This tab is updated once a minute, so data may appear delayed.").appendTo(tab);
diff --git a/client/js/site.js b/client/js/site.js
index 9fcc606e..81f3fc13 100644
--- a/client/js/site.js
+++ b/client/js/site.js
@@ -2,19 +2,19 @@ $.ajaxSetup({
 	headers: { 'X-CSRF-TOKEN': $('meta[name="csrf-token"]').attr('content') }
 });
 
-var renderBadge = function(badge, prefersShortText = false) {
-	var badge = $("<span>").addClass(`label badge-label label-${badge.style || "default"}`).text(prefersShortText && badge.shortText ? badge.shortText : badge.text);
+let renderBadge = function(badge, prefersShortText = false) {
+	let badge = $("<span>").addClass(`label badge-label label-${badge.style || "default"}`).text(prefersShortText && badge.shortText ? badge.shortText : badge.text);
 	if(badge.title) badge.attr("title", badge.title);
 	return badge;
 }
 
-var hashHandler = {
+let hashHandler = {
     getHash: function() {
         return this.decodeHash(window.location.hash);
     },
 
     setHash: function(hash) {
-        var encodedHash = this.encodeHash(hash);
+        let encodedHash = this.encodeHash(hash);
         if("history" in window) window.history.replaceState(undefined, undefined, "#" + encodedHash);
         else location.replace("#" + encodedHash);
     },
@@ -24,9 +24,9 @@ var hashHandler = {
     },
 
     deleteHashKey: function(keys) {
-        var keysToUse = keys;
+        let keysToUse = keys;
         if(typeof keys == "string") keysToUse = [keys];
-        var hash = this.getHash();
+        let hash = this.getHash();
         keysToUse.forEach((key) => delete hash[key]);
         this.setHash(hash);
     },
@@ -34,11 +34,11 @@ var hashHandler = {
     decodeHash: function(hashString) {
         if(hashString.indexOf("#") === 0) hashString = hashString.substring(1);
         if (hashString.length <= 0) return {};
-        var hashArguments = hashString.split("&");
-        var decoded = {};
+        let hashArguments = hashString.split("&");
+        let decoded = {};
         hashArguments.forEach(function(hashArg) {
-            var parts = hashArg.split("=");
-            var key = parts[0], value = decodeURIComponent(parts[1]);
+            let parts = hashArg.split("=");
+            let key = parts[0], value = decodeURIComponent(parts[1]);
             if(key) decoded[key] = value;
         });
         return decoded;
@@ -56,12 +56,12 @@ function DialogController(dialog) {
         isAnimating: false,
 
         setup: function() {
-            var me = this;
+            let me = this;
             me.dialog.parent().find(".dialog .close, .dialog-overlay").click(function() {
                 me.hide();
             });
             me.dialog.find(".switchers > div").click(function() {
-                var id = $(this).attr("tab-name");
+                let id = $(this).attr("tab-name");
                 me.switchTab(id);
             });
             $(document).keydown(function(e) {
@@ -75,13 +75,13 @@ function DialogController(dialog) {
             })
             me.dialog.find("form.form-signin").submit(function(e) {
                 e.preventDefault();
-                var form = $(this);
-                var call = form.attr("action");
-                var tab = form.parent().attr("tab-name");
-                var data = form.serialize();
+                let form = $(this);
+                let call = form.attr("action");
+                let tab = form.parent().attr("tab-name");
+                let data = form.serialize();
                 if(form.data("submitting")) return;
-                var submitButton = form.find("input[type=submit], button[type=submit]");
-                var origSubmitButtonText = submitButton.text();
+                let submitButton = form.find("input[type=submit], button[type=submit]");
+                let origSubmitButtonText = submitButton.text();
                 submitButton.text("Loading").attr("disabled", "disabled");
                 form.data("submitting", true);
                 placeAjax.post("/api" + call, data, null, () => {
@@ -89,8 +89,8 @@ function DialogController(dialog) {
                     if(origSubmitButtonText) submitButton.text(origSubmitButtonText);
                     form.data("submitting", false);
                 }).then((data) => {
-                    var hash = hashHandler.getHash();
-                    var redirectURL = hash["redirectURL"];
+                    let hash = hashHandler.getHash();
+                    let redirectURL = hash["redirectURL"];
                     const absoluteURLRegex = new RegExp('^(?:[a-z]+:)?(//)?', 'i');
                     if(redirectURL && redirectURL != "/" && !absoluteURLRegex.test(redirectURL)) {
                         window.location.href = redirectURL;
@@ -107,7 +107,7 @@ function DialogController(dialog) {
                     }
                     if(tab == "sign-up" && typeof grecaptcha !== "undefined") grecaptcha.reset();
                     me.shake();
-                    var error = "An unknown error occurred while attempting to authenticate you.";
+                    let error = "An unknown error occurred while attempting to authenticate you.";
                     if(err && err.message) error = err.message;
                     me.showErrorOnTab(tab, error);
                 });
@@ -125,15 +125,15 @@ function DialogController(dialog) {
         },
 
         showErrorOnTab: function(tab, text = null) {
-            var tabContent = this.dialog.find(`.pages > div[tab-name=${tab}]`);
+            let tabContent = this.dialog.find(`.pages > div[tab-name=${tab}]`);
             if(text) {
                 // show error
-                var existing = tabContent.find(".tab-error");
+                let existing = tabContent.find(".tab-error");
                 if(existing.length > 0) {
                     existing.find("span").text(text);
                     return;
                 }
-                var alert = $("<div>").addClass("tab-error alert alert-danger").hide().appendTo(tabContent).fadeIn();
+                let alert = $("<div>").addClass("tab-error alert alert-danger").hide().appendTo(tabContent).fadeIn();
                 $("<strong>").text("Uh oh! ").appendTo(alert);
                 $("<span>").text(text).appendTo(alert);
             } else {
@@ -146,8 +146,8 @@ function DialogController(dialog) {
             this.dialog.find(`.pages > div:not([tab-name=${tab}]) .tab-error`).remove();
             this.currentTab = tab;
             this.isAnimating = true;
-            var hidesSwitchers = this.dialog.find(`.pages > div[tab-name=${tab}]`).hasClass("hides-switchers");
-            var applyClasses = () => {
+            let hidesSwitchers = this.dialog.find(`.pages > div[tab-name=${tab}]`).hasClass("hides-switchers");
+            let applyClasses = () => {
                 this.isAnimating = false;
                 this.dialog.find(".pages > div.active, .switchers > div.active").removeClass("active");
                 this.dialog.find(".switchers").removeClass("hidden");
@@ -156,7 +156,7 @@ function DialogController(dialog) {
             }
             if(animated) {
                 const animDuration = 250;
-                var toHide = $(`.pages > div.active, .switchers${hidesSwitchers ? "" : ` > div[tab-name=${tab}]`}`).animate({opacity: 0}, {duration: animDuration, queue: false}).slideUp({duration: animDuration, queue: false, complete: function() {
+                let toHide = $(`.pages > div.active, .switchers${hidesSwitchers ? "" : ` > div[tab-name=${tab}]`}`).animate({opacity: 0}, {duration: animDuration, queue: false}).slideUp({duration: animDuration, queue: false, complete: function() {
                     $(this).attr("style", "");
                     applyClasses();
                 }});
@@ -189,7 +189,7 @@ function DialogController(dialog) {
 }
 
 const defaultErrorMessage = "An unknown error occurred while trying to make that request.";
-var placeAjax = {
+let placeAjax = {
 	ajax: function(data, defaultErrorMessage = defaultErrorMessage, alwaysCallback = null) {
 		return new Promise((resolve, reject) => {
 			function handleError(response) {
@@ -228,7 +228,7 @@ var placeAjax = {
 if(("standalone" in window.navigator) && window.navigator.standalone){
 
 	// If you want to prevent remote links in standalone web apps opening Mobile Safari, change 'remotes' to true
-	var noddy, remotes = false;
+	let noddy, remotes = false;
 	
 	document.addEventListener("click", function(event) {
 		
diff --git a/controllers/AdminActionsController.js b/controllers/AdminActionsController.js
index 97daf132..77eb85fc 100644
--- a/controllers/AdminActionsController.js
+++ b/controllers/AdminActionsController.js
@@ -3,7 +3,7 @@ const Pixel = require("../models/pixel");
 const ActionLogger = require("../util/ActionLogger");
 
 exports.getAPIStats = (req, res, next) => {
-    var signups24h = null, pixelsPlaced24h = null, pixelsPerMin = null;
+    let signups24h = null, pixelsPlaced24h = null, pixelsPerMin = null;
     let dateBack24h = new Date(new Date().getTime() - (24 * 60 * 60 * 1000));
     let dateBack20m = new Date(new Date().getTime() - (20 * 60 * 1000));
     function finish() {
@@ -44,9 +44,9 @@ exports.apiReloadConfig = (req, res, next) => {
 
 exports.apiBroadcastAlert = (req, res, next) => {
     if(!req.body.message || !req.body.timeout) return res.status(400).json({success: false});
-    var timeout = Number.parseInt(req.body.timeout);
+    let timeout = Number.parseInt(req.body.timeout);
     if(Number.isNaN(timeout)) return res.status(400).json({success: false});
-    var info = {
+    let info = {
         title: req.body.title,
         message: req.body.message,
         timeout: Math.max(0, timeout),
diff --git a/controllers/AuthController.js b/controllers/AuthController.js
index 67ec7570..66995682 100644
--- a/controllers/AuthController.js
+++ b/controllers/AuthController.js
@@ -40,7 +40,7 @@ exports.postSignUp = (req, res, next) => {
         }
     });
     function sendError(error) {
-        var status = error.intCode || 500;
+        let status = error.intCode || 500;
         if (typeof error.intCode !== "undefined") delete error.intCode;
         res.status(status).json({success: false, error: error || {message: "An unknown error occurred", code: "unknown_error"}});
     }
@@ -76,7 +76,7 @@ exports.getSignOut = (req, res, next) => {
     ActionLogger.log(req.place, "signOut", req.user);
     req.logout();
     req.session = null;
-    var redirectURL = typeof req.query.redirectURL !== "undefined" ? req.query.redirectURL : null;
-    var shouldUseRedirect = redirectURL && redirectURL != "/" && !absoluteURLRegex.test(redirectURL);
+    let redirectURL = typeof req.query.redirectURL !== "undefined" ? req.query.redirectURL : null;
+    let shouldUseRedirect = redirectURL && redirectURL != "/" && !absoluteURLRegex.test(redirectURL);
     return res.redirect(`/${(shouldUseRedirect ? redirectURL : "")}`);
 };
diff --git a/controllers/ChangelogController.js b/controllers/ChangelogController.js
index e22a3980..01f88c2f 100644
--- a/controllers/ChangelogController.js
+++ b/controllers/ChangelogController.js
@@ -1,6 +1,6 @@
 exports.getMissedChangelogs = (req, res, next) => {
     if(req.user.changelogOptedOut) return res.json({success: true, changelogs: []});
-    var changelogs;
+    let changelogs;
     if(req.user.latestChangelogFetch) changelogs = req.place.changelogManager.getChangelogsSince(req.user.latestChangelogFetch);
     else changelogs = req.place.changelogManager.getChangelogs();
     changelogs = changelogs.slice(0, 2);
@@ -24,7 +24,7 @@ exports.deleteMissedChangelogs = (req, res, next) => {
 }
 
 exports.getLatestChangelog = (req, res, next) => {
-    var changelog = req.place.changelogManager.getLatestChangelog();
+    let changelog = req.place.changelogManager.getLatestChangelog();
     req.user.changelogOptedOut = false;
     req.user.save();
     res.json({success: true, changelog: changelog, pagination: changelog ? req.place.changelogManager.getPaginationInfo(changelog.version) : null});
@@ -34,7 +34,7 @@ exports.getChangelog = (req, res, next) => {
     req.user.changelogOptedOut = false;
     req.user.save();
     if(!req.params.version) return res.status(400).json({success: false, error: {message: "You must specify the changelog version to get.", code: "bad_request"}});
-    var changelog = req.place.changelogManager.getChangelog(req.params.version);
+    let changelog = req.place.changelogManager.getChangelog(req.params.version);
     if(!changelog) res.status(404);
     res.json({success: true, changelog: changelog, pagination: req.place.changelogManager.getPaginationInfo(req.params.version)});
 }
\ No newline at end of file
diff --git a/controllers/ChatController.js b/controllers/ChatController.js
index e42037d6..84d2beac 100644
--- a/controllers/ChatController.js
+++ b/controllers/ChatController.js
@@ -3,8 +3,8 @@ const ActionLogger = require("../util/ActionLogger")
 
 exports.getAPIChat = (req, res, next) => {
     ChatMessage.getLatestMessages().then((messages) => {
-        var overrideDataAccess = req.user && (req.user.moderator || req.user.admin);
-        var promises = messages.reverse().map((m) => m.getInfo(overrideDataAccess));
+        let overrideDataAccess = req.user && (req.user.moderator || req.user.admin);
+        let promises = messages.reverse().map((m) => m.getInfo(overrideDataAccess));
         Promise.all(promises).then((messages) => {
             // Removed banned users' messages if we're not mod
             if(overrideDataAccess !== true) messages = messages.filter((m) => (!m.user || !m.user.banned) && (m.userError != "ban"));
diff --git a/controllers/FeatureAvailabilityController.js b/controllers/FeatureAvailabilityController.js
index 445619c9..ddeee8fb 100644
--- a/controllers/FeatureAvailabilityController.js
+++ b/controllers/FeatureAvailabilityController.js
@@ -1,5 +1,5 @@
 exports.getAvailability = (req, res, next) => {
-    var features = {
+    let features = {
         colours: req.place.colours,
         flags: req.place.config.pixelFlags || []
     }
diff --git a/controllers/ModeratorUserController.js b/controllers/ModeratorUserController.js
index b258f211..40ab098e 100644
--- a/controllers/ModeratorUserController.js
+++ b/controllers/ModeratorUserController.js
@@ -6,7 +6,7 @@ const Action = require("../models/action");
 
 exports.getAPIUsersTable = (req, res, next) => {
     let searchValue = req.body.search ? req.body.search.value || "" : "";
-    var sort = { creationDate: "desc" };
+    let sort = { creationDate: "desc" };
     if(req.body.order && req.body.order.length > 0 && req.body.columns) {
         if(req.body.columns.length > req.body.order[0].column || 1) {
             let colName = req.body.columns[req.body.order[0].column].data;
@@ -62,7 +62,7 @@ exports.postAPIToggleBan = (req, res, next) => {
     if(req.query.id == req.user.id) return res.status(400).json({success: false, error: {message: "You may not ban yourself.", code: "cant_modify_self"}});
     User.findById(req.query.id).then((user) => {
         if(!req.user.canPerformActionsOnUser(user)) return res.status(403).json({success: false, error: {message: "You may not perform actions on this user.", code: "access_denied_perms"}});
-        var info = null;
+        let info = null;
         if(!user.banned) {
             // We're trying to ban the user
             if(!req.query.reason || req.query.reason.length <= 3) return res.status(400).json({success: false, error: {message: "Make sure you have specified a ban reason that is over three characters in length.", code: "invalid_reason"}});
@@ -132,18 +132,18 @@ exports.getAPISimilarUsers = (req, res, next) => {
     User.findById(req.params.userID).then((user) => {
         if(!req.user.canPerformActionsOnUser(user)) return res.status(403).json({success: false, error: {message: "You may not perform actions on this user.", code: "access_denied_perms"}});
         user.findSimilarIPUsers().then((users) => {
-            var identifiedAccounts = users.map((user) => { return { user: user.toInfo(req.place), reasons: ["ip"] }; });
+            let identifiedAccounts = users.map((user) => { return { user: user.toInfo(req.place), reasons: ["ip"] }; });
             function respondIdentifiedAccounts() {
                 res.json({ success: true, target: user.toInfo(req.place), identifiedAccounts: identifiedAccounts })
             }
             if (fs.existsSync(path.join(__dirname, "../util/", "legit.js"))) {
                 const legit = require("../util/legit");
-                var currentUsernames = identifiedAccounts.map((i) => i.user.username);
+                let currentUsernames = identifiedAccounts.map((i) => i.user.username);
                 legit.findSimilarUsers(user).then((users) => {
-                    var reason = legit.similarityAspectName();
+                    let reason = legit.similarityAspectName();
                     users.forEach((user) => {
                         if(currentUsernames.includes(user.name)) {
-                            var i = currentUsernames.indexOf(user.name);
+                            let i = currentUsernames.indexOf(user.name);
                             identifiedAccounts[i].reasons.push(reason);
                         } else identifiedAccounts.push({ user: user.toInfo(req.place), reasons: [reason] });
                     });
@@ -158,13 +158,13 @@ exports.getAPISimilarUsers = (req, res, next) => {
 };
 
 exports.getAPIActions = (req, res, next) => {
-    var condition = { actionID: { $in: ActionLogger.actionIDsToRetrieve(req.query.modOnly === "true") } };
+    let condition = { actionID: { $in: ActionLogger.actionIDsToRetrieve(req.query.modOnly === "true") } };
     if (req.query.lastID) condition._id = { $lt: req.query.lastID };
     else if (req.query.firstID) condition._id = { $gt: req.query.firstID };
     Action.find(condition, null, {sort: {_id: -1}}).limit(Math.min(250, req.query.limit || 25)).then((actions) => {
-        var lastID = null;
+        let lastID = null;
         if(actions.length > 1) lastID = actions[actions.length - 1]._id;
-        var promises = actions.map((a) => a.getInfo());
+        let promises = actions.map((a) => a.getInfo());
         Promise.all(promises).then((actions) => res.json({ success: true, actions: actions, lastID: lastID, actionTemplates: ActionLogger.getAllActionInfo() })).catch((err) => res.status(500).json({ success: false }))
     }).catch((err) => {
         req.place.reportError("An error occurred while trying to retrieve actions: " + err);
diff --git a/controllers/PasswordChangeController.js b/controllers/PasswordChangeController.js
index 42c15f98..783b19c3 100644
--- a/controllers/PasswordChangeController.js
+++ b/controllers/PasswordChangeController.js
@@ -9,7 +9,7 @@ exports.postSelfServeForcedPassword = (req, res, next) => {
     if(!req.body.password) return renderResponse("Please enter your new password.");
     if(req.body.password != req.body.confirmPassword) return renderResponse("The two passwords did not match.");
     if(req.user.isOauth) return renderResponse("You may not change your password as you are using an external service for login.");
-    var passwordError = User.getPasswordError(req.body.password);
+    let passwordError = User.getPasswordError(req.body.password);
     if(passwordError) return renderResponse(passwordError);
     req.user.password = req.body.password;
     req.user.passwordResetKey = null;
@@ -25,7 +25,7 @@ exports.postSelfServePassword = (req, res, next) => {
     if(req.user.isOauth) return res.status(400).json({success: false, error: {message: "You may not change your password as you are using an external service for login.", code: "regular_account_only"}});
     req.user.comparePassword(req.body.old, (error, match) => {
         if(!match || error) return res.status(401).json({success: false, error: {message: "The old password you entered was incorrect.", code: "incorrect_password"}});
-        var passwordError = User.getPasswordError(req.body.new);
+        let passwordError = User.getPasswordError(req.body.new);
         if(passwordError) return res.status(400).json({success: false, error: {message: passwordError, code: "password_validation"}});
         req.user.password = req.body.new;
         req.user.save().then(() => {
diff --git a/controllers/PixelInfoController.js b/controllers/PixelInfoController.js
index 828faf72..c9cbb808 100644
--- a/controllers/PixelInfoController.js
+++ b/controllers/PixelInfoController.js
@@ -6,7 +6,7 @@ exports.getAPIPixelInfo = (req, res, next) => {
         return res.status(500).json({ success: false, error: { message: "An error occurred while trying to look up information about that pixel." } })
     }
     if(!req.query.x || !req.query.y) return res.status(400).json( { success: false, error: { message: "You did not specify the coordinates of the pixel to look up.", code: "bad_request" } });
-    var overrideDataAccess = req.user && (req.user.moderator || req.user.admin);
+    let overrideDataAccess = req.user && (req.user.moderator || req.user.admin);
     Pixel.find({xPos: req.query.x, yPos: req.query.y}).then((pixels) => {
         if (pixels.length <= 0) return res.json({ success: true, pixel: null });
         pixels[0].getInfo(overrideDataAccess, req.place).then((info) => {
diff --git a/controllers/PlaceController.js b/controllers/PlaceController.js
index cd0d8726..b90b6bc9 100644
--- a/controllers/PlaceController.js
+++ b/controllers/PlaceController.js
@@ -9,14 +9,14 @@ exports.postAPIPixel = (req, res, next) => {
     function paintWithUser(user) {
         if (!user.canPlace(req.place)) return res.status(429).json({ success: false, error: { message: "You cannot place yet.", code: "slow_down" } });
         if (!req.body.x || !req.body.y || !req.body.hex) return res.status(400).json({ success: false, error: { message: "You need to include all paramaters", code: "invalid_parameters" } });
-        var x = Number.parseInt(req.body.x), y = Number.parseInt(req.body.y);
+        let x = Number.parseInt(req.body.x), y = Number.parseInt(req.body.y);
         if(Number.isNaN(x) || Number.isNaN(y)) return res.status(400).json({ success: false, error: { message: "Your coordinates were incorrectly formatted", code: "invalid_parameters" } });
         if (!user.canPlaceColour(req.body.hex, req.place)) return res.status(400).json({ success: false, error: { message: "You can't place that colour.", code: "disallowed_colour" } });
-        var rgb = req.place.paintingManager.getColourRGB(req.body.hex);
+        let rgb = req.place.paintingManager.getColourRGB(req.body.hex);
         req.place.paintingManager.doPaint(rgb, x, y, user).then((pixel) => {
             return User.findById(user.id).then((user) => {
-                var seconds = user.getPlaceSecondsRemaining(req.place);
-                var countData = { canPlace: seconds <= 0, seconds: seconds };
+                let seconds = user.getPlaceSecondsRemaining(req.place);
+                let countData = { canPlace: seconds <= 0, seconds: seconds };
                 return res.json({ success: true, timer: countData })
             }).catch((err) => res.json({ success: true }));
         }).catch((err) => {
@@ -29,8 +29,8 @@ exports.postAPIPixel = (req, res, next) => {
 
 exports.getAPITimer = (req, res, next) => {
     function getTimerPayload(user) {
-        var seconds = user.getPlaceSecondsRemaining(req.place);
-        var countData = { canPlace: seconds <= 0, seconds: seconds };
+        let seconds = user.getPlaceSecondsRemaining(req.place);
+        let countData = { canPlace: seconds <= 0, seconds: seconds };
         return { success: true, timer: countData };
     }
     return res.json(getTimerPayload(req.user));
diff --git a/controllers/TOTPSetupController.js b/controllers/TOTPSetupController.js
index eb7dbe1d..c63a4b2b 100644
--- a/controllers/TOTPSetupController.js
+++ b/controllers/TOTPSetupController.js
@@ -3,8 +3,8 @@ const QRCode = require("qrcode");
 
 exports.getTOTPSetup = function(req, res, next) {
     if(req.user.twoFactorAuthEnabled()) return res.status(403).json({success: false, error: {message: "You already have two-factor authentication set up on your account.", code: "totp_already_setup"}});
-    var secret = speakeasy.generateSecret({length: 20, issuer: req.place.config.siteName, name: req.user.name});
-    var url = speakeasy.otpauthURL({secret: secret.ascii, label: req.user.name, issuer: req.place.config.siteName});
+    let secret = speakeasy.generateSecret({length: 20, issuer: req.place.config.siteName, name: req.user.name});
+    let url = speakeasy.otpauthURL({secret: secret.ascii, label: req.user.name, issuer: req.place.config.siteName});
     QRCode.toDataURL(url, function(err, data_url) {
         if(err) return res.status(500).json({success: false, error: {message: "An error occurred while trying to set up two-factor authentication on your account."}})
         res.json({success: true, totp: {secret: secret.base32, qrData: data_url, authURL: url}});
diff --git a/models/access.js b/models/access.js
index 6912d89e..46f8c7f3 100644
--- a/models/access.js
+++ b/models/access.js
@@ -3,7 +3,7 @@ const crypto = require("crypto");
 const mongoose = require("mongoose");
 const Schema = mongoose.Schema;
 
-var AccessSchema = new Schema({
+let AccessSchema = new Schema({
     userID: {
         type: Schema.ObjectId,
         required: true
@@ -30,7 +30,7 @@ var AccessSchema = new Schema({
 });
 
 AccessSchema.methods.toInfo = function(userIDs = true) {
-    var info = {
+    let info = {
         date: this.date,
         userAgent: this.userAgent,
         ipAddress: this.hashedIPAddress
@@ -48,7 +48,7 @@ AccessSchema.statics.recordAccess = function(req, userID) {
 }
 
 AccessSchema.statics.recordAccessInfo = function(app, userID, userAgent, ipAddress, key) {
-    var ipHash = this.getHashedIPAddress(ipAddress);
+    let ipHash = this.getHashedIPAddress(ipAddress);
     this.findOneAndUpdate({
         userID: userID,
         userAgent: userAgent,
@@ -88,7 +88,7 @@ AccessSchema.statics.findSimilarIPUserIDs = function(user) {
     return new Promise((resolve, reject) => {
         this.findIPsForUser(user).then((ipAddresses) => {
             this.find({ hashedIPAddress: { $in: ipAddresses }, userID: { $ne: user._id } }).then((accesses) => {
-                var userIDs = accesses.map((access) => String(access.userID));
+                let userIDs = accesses.map((access) => String(access.userID));
                 resolve([...new Set(userIDs)]);
             }).catch(reject);
         }).catch(reject);
diff --git a/models/action.js b/models/action.js
index d68eda14..18673338 100644
--- a/models/action.js
+++ b/models/action.js
@@ -3,7 +3,7 @@ const mongoose = require("mongoose");
 const Schema = mongoose.Schema;
 const User = require("./user");
 
-var ActionSchema = new Schema({
+let ActionSchema = new Schema({
     actionID: {
         type: String,
         required: true
@@ -18,7 +18,7 @@ var ActionSchema = new Schema({
 });
 
 ActionSchema.methods.toInfo = function(userIDs = true) {
-    var info = {
+    let info = {
         id: this.id,
         action: this.actionID,
         info: this.info || [],
@@ -33,7 +33,7 @@ ActionSchema.methods.toInfo = function(userIDs = true) {
 
 ActionSchema.methods.getInfo = function() {
     return new Promise((resolve, reject) => {
-        var info = this.toInfo();
+        let info = this.toInfo();
         if(this.performingUserID) {
             User.findById(this.performingUserID).then((user) => {
                 info.performingUser = user.toInfo();
diff --git a/models/chatMessage.js b/models/chatMessage.js
index 95fba47f..557c99e6 100644
--- a/models/chatMessage.js
+++ b/models/chatMessage.js
@@ -3,7 +3,7 @@ const mongoose = require("mongoose");
 const Schema = mongoose.Schema;
 const User = require("./user");
 
-var ChatMessageSchema = new Schema({
+let ChatMessageSchema = new Schema({
     userID: {
         type: Schema.ObjectId,
         required: true
@@ -40,7 +40,7 @@ var ChatMessageSchema = new Schema({
 });
 
 ChatMessageSchema.methods.toInfo = function(userIDs = true) {
-    var info = {
+    let info = {
         id: this.id,
         date: this.date,
         text: this.text,
diff --git a/models/pixel.js b/models/pixel.js
index 47b8a7fc..e851720e 100644
--- a/models/pixel.js
+++ b/models/pixel.js
@@ -2,11 +2,11 @@ const DataModelManager = require("../util/DataModelManager");
 const mongoose = require("mongoose");
 const Schema = mongoose.Schema;
 
-var colourPieceValidator = function(c) {
+let colourPieceValidator = function(c) {
     return Number.isInteger(c) && c >= 0 && c <= 255;
 }
 
-var PixelSchema = new Schema({
+let PixelSchema = new Schema({
     xPos: {
         type: Number,
         required: true,
@@ -58,7 +58,7 @@ var PixelSchema = new Schema({
 });
 
 PixelSchema.methods.toInfo = function(userIDs = true) {
-    var info = {
+    let info = {
         point: {
             x: this.xPos,
             y: this.yPos
@@ -71,7 +71,7 @@ PixelSchema.methods.toInfo = function(userIDs = true) {
 }
 
 PixelSchema.statics.addPixel = function(colour, x, y, userID, app, callback) {
-    var pn = this;
+    let pn = this;
     x = parseInt(x), y = parseInt(y);
     if(isNaN(x) || isNaN(y)) return callback(null, { message: "Invalid positions provided." });
     // TODO: Get actual position below:
@@ -86,7 +86,7 @@ PixelSchema.statics.addPixel = function(colour, x, y, userID, app, callback) {
         colourB: 1
     }).then((pixel) => {
         // Find the pixel at this location
-        var wasIdentical = colour.r == 255 && colour.g == 255 && colour.b == 255; // set to identical if pixel was white
+        let wasIdentical = colour.r == 255 && colour.g == 255 && colour.b == 255; // set to identical if pixel was white
         if (pixel) { // we have data from the old pixel
             wasIdentical = pixel.editorID == userID && pixel.colourR == colour.r && pixel.colourG == colour.g && pixel.colourB == colour.b; // set to identical if colour matched old pixel
         }
@@ -138,7 +138,7 @@ PixelSchema.methods.getHexColour = function() {
 PixelSchema.statics.getHexFromRGB = function(r, g, b) {
     // Borrowed partly from: https://stackoverflow.com/a/5624139
     function componentToHex(c) {
-        var hex = c.toString(16);
+        let hex = c.toString(16);
         return hex.length == 1 ? "0" + hex : hex;
     }
     return componentToHex(r) + componentToHex(g) + componentToHex(b);
diff --git a/models/report.js b/models/report.js
index 43ca2b69..3d8352b8 100644
--- a/models/report.js
+++ b/models/report.js
@@ -2,7 +2,7 @@ const DataModelManager = require("../util/DataModelManager");
 const mongoose = require("mongoose");
 const Schema = mongoose.Schema;
 
-var ReportSchema = new Schema({
+let ReportSchema = new Schema({
     offenderID: {
         type: String,
         required: true
diff --git a/models/user.js b/models/user.js
index eb0295b6..bd4d9373 100644
--- a/models/user.js
+++ b/models/user.js
@@ -7,7 +7,7 @@ const Access = require("./access");
 const dataTables = require("mongoose-datatables");
 const TOSManager = require("../util/TOSManager");
 
-var UserSchema = new Schema({
+let UserSchema = new Schema({
     name: {
         type: String,
         unique: true,
@@ -132,7 +132,7 @@ UserSchema.methods.comparePassword = function(passwd, cb) {
 }
 
 UserSchema.methods.toInfo = function(app = null) {
-    var info = {
+    let info = {
         id: this.id,
         username: this.name,
         isOauth: this.isOauth || false,
@@ -160,7 +160,7 @@ UserSchema.methods.toInfo = function(app = null) {
 
 UserSchema.methods.getInfo = function(app = null, getPixelInfo = true) {
     return new Promise((resolve, reject) => {
-        var info = this.toInfo(app);
+        let info = this.toInfo(app);
         if (getPixelInfo) {
             this.getLatestAvailablePixel().then((pixel) => {
                 info.latestPixel = pixel;
@@ -182,7 +182,7 @@ UserSchema.methods.loginError = function() {
 
 UserSchema.methods.markForDeletion = function() {
     this.deactivated = true;
-    var date = new Date();
+    let date = new Date();
     date.setDate(date.getDate() + 7);
     this.deletionDate = date;
     return this.save();
@@ -237,14 +237,14 @@ UserSchema.statics.register = function(username, password, app, callback, OAuthI
         code: "username_taken",
         intCode: 400
     });
-    var passwordError = this.getPasswordError(password);
+    let passwordError = this.getPasswordError(password);
     if(passwordError) return callback(null, {
         message: passwordError,
         code: "password_validation",
         intCode: 400
     });
 
-    var Schema = this;
+    let Schema = this;
 
     function continueWithRegistration() {
         // ghetto af boi
@@ -297,7 +297,7 @@ UserSchema.statics.isValidUsername = function(username) {
 }
 
 UserSchema.methods.addPixel = function(colour, x, y, app, callback) {
-    var user = this;
+    let user = this;
     Pixel.addPixel(colour, x, y, this.id, app, (changed, error) => {
         if (changed === null) return callback(null, error);
         if (changed) {
@@ -353,7 +353,7 @@ UserSchema.methods.getLatestAvailablePixel = function() {
             }
         }, function(err, pixel) {
             if (err || !pixel) return resolve(null);
-            var info = pixel.toInfo();
+            let info = pixel.toInfo();
             info.isLatest = pixel ? ~((pixel.lastModified - this.lastPlace) / 1000) <= 3 : false;
             resolve(info);
         });
@@ -361,16 +361,16 @@ UserSchema.methods.getLatestAvailablePixel = function() {
 }
 
 UserSchema.methods.canPerformActionsOnUser = function(user) {
-    var canTouchUser = (this.moderator && !(user.moderator || user.admin)) || (this.admin && !user.admin);
+    let canTouchUser = (this.moderator && !(user.moderator || user.admin)) || (this.admin && !user.admin);
     return this._id != user._id && canTouchUser;
 }
 
 UserSchema.methods.getUsernameInitials = function() {
     function getInitials(string) {
-        var output = "";
-        var mustBeUppercase = false;
-        var lastCharacterUsed = false;
-        for (var i = 0; i < string.length; i++) {
+        let output = "";
+        let mustBeUppercase = false;
+        let lastCharacterUsed = false;
+        for (let i = 0; i < string.length; i++) {
             // Limit to three characters
             if (output.length >= 3) break;
             // Check if this character is uppercase, and add to string if so
@@ -392,12 +392,12 @@ UserSchema.methods.getUsernameInitials = function() {
 
 UserSchema.statics.getPubliclyAvailableUserInfo = function(userID, overrideDataAccess = false, app = null, getPixelInfo = true) {
     return new Promise((resolve, reject) => {
-        var info = {};
+        let info = {};
         function returnInfo(error) {
             info.userError = error;
             resolve(info);
         }
-        var continueWithUser = (user) => {
+        let continueWithUser = (user) => {
             if (!user) return returnInfo("delete");
             if (!overrideDataAccess && user.banned) return returnInfo("ban");
             else if (!overrideDataAccess && user.isMarkedForDeletion()) return returnInfo("deleted");
@@ -471,9 +471,9 @@ UserSchema.methods.getFeatureAvailability = function() {
 }
 
 UserSchema.methods.getBadges = function(app) {
-    var badges = [];
+    let badges = [];
     if(app) {
-        var rank = app.leaderboardManager.getUserRank(this.id);
+        let rank = app.leaderboardManager.getUserRank(this.id);
         if(rank) badges.push({ text: `Ranked #${rank.toLocaleString()}`, style: rank <= 5 ? "danger" : "info", isRanking: true, lowPriority: true, isLowRanking: rank > 25 });
     }
     if(this.banned) badges.push({ text: "Banned", style: "danger", title: "This user has been banned for breaking the rules." });
@@ -490,7 +490,7 @@ UserSchema.plugin(dataTables, {
 
 UserSchema.methods.getUserData = function() {
     return new Promise((resolve, reject) => {
-        var user = this.toInfo();
+        let user = this.toInfo();
         Promise.all([
             Access.find({ userID: this.id }),
             Pixel.find({ editorID: this.id }),
@@ -498,11 +498,11 @@ UserSchema.methods.getUserData = function() {
             require("./warp").find({ userID: this.id }),
             require("./chatMessage").find({ userID: this.id })
         ]).then((result) => {
-            var accesses = result[0].map((a) => a.toInfo(false));
-            var pixels = result[1].map((p) => p.toInfo(false));
-            var actions = result[2].map((a) => a.toInfo(false));
-            var warps = result[3].map((w) => w.toInfo());
-            var chatMessages = result[4].map((m) => m.toInfo(false));
+            let accesses = result[0].map((a) => a.toInfo(false));
+            let pixels = result[1].map((p) => p.toInfo(false));
+            let actions = result[2].map((a) => a.toInfo(false));
+            let warps = result[3].map((w) => w.toInfo());
+            let chatMessages = result[4].map((m) => m.toInfo(false));
             resolve({ user: user, accesses: accesses, pixels: pixels, actions: actions, warps: warps, chatMessages: chatMessages });
         });
     });
diff --git a/models/warp.js b/models/warp.js
index d48bca66..d3cbe66f 100644
--- a/models/warp.js
+++ b/models/warp.js
@@ -2,7 +2,7 @@ const DataModelManager = require("../util/DataModelManager");
 const mongoose = require("mongoose");
 const Schema = mongoose.Schema;
 
-var WarpSchema = new Schema({
+let WarpSchema = new Schema({
     xPos: {
         type: Number,
         required: true,
@@ -49,7 +49,7 @@ WarpSchema.statics.createWarp = function(x, y, name, userID, callback) {
     this.count({userID: userID, name: name}).then((count) => {
         if(count > 0) return callback(null, { message: "You already have a warp with that name.", code: "validation" });
 
-        var warp = this({
+        let warp = this({
             xPos: x,
             yPos: y,
             name: name,
diff --git a/public/js/bootbox.min.js b/public/js/bootbox.min.js
index 61556788..149b16a5 100644
--- a/public/js/bootbox.min.js
+++ b/public/js/bootbox.min.js
@@ -5,4 +5,4 @@
  * Modified fork: https://github.com/AppleBetas/bootbox
  */
 
-!function(t,e){"use strict";"function"==typeof define&&define.amd?define(["jquery"],e):"object"==typeof exports?"undefined"==typeof $?module.exports=e(require("jquery")):module.exports=e($):t.bootbox=e(t.jQuery)}(this,function t(e,o){"use strict";function a(t){var e=m[f.locale];return e?e[t]:m.en[t]}function n(t,o,a){t.stopPropagation(),t.preventDefault(),e.isFunction(a)&&!1===a.call(o,t)||o.modal("hide")}function r(t){if(Object.keys)return Object.keys(t).length;var e,o=0;for(e in t)o++;return o}function l(t,o){var a=0;e.each(t,function(t,e){o(t,e,a++)})}function i(t){var o,a;if("object"!=typeof t)throw new Error("Please supply an object of options");if(!t.message)throw new Error("Please specify a message");return(t=e.extend({},f,t)).buttons||(t.buttons={}),o=t.buttons,a=r(o),l(o,function(t,n,r){var l=r===a-1;if(e.isFunction(n)&&(n=o[t]={callback:n}),"object"!==e.type(n))throw new Error("button with key "+t+" must be an object");n.label||(n.label=t),n.className||(n.className=a<=2&&l?"btn-primary":"btn-default")}),t}function c(t,e){var o=t.length,a={};if(o<1||o>2)throw new Error("Invalid argument length");return 2===o||"string"==typeof t[0]?(a[e[0]]=t[0],a[e[1]]=t[1]):a=t[0],a}function s(t,o,a){return e.extend(!0,{},t,c(o,a))}function u(t,e,o,a){return b(s({className:"bootbox-"+t,buttons:p.apply(null,e)},a,o),e)}function p(){for(var t={},e=0,o=arguments.length;e<o;e++){var n=arguments[e],r=n.toLowerCase(),l=n.toUpperCase();t[r]={label:a(l)}}return t}function b(t,e){var a={};return l(e,function(t,e){a[e]=!0}),l(t.buttons,function(t){if(a[t]===o)throw new Error("button key "+t+" is not allowed (options are "+e.join("\n")+")")}),t}var d={dialog:"<div class='bootbox modal' tabindex='-1' role='dialog' aria-hidden='true'><div class='modal-dialog'><div class='modal-content'><div class='modal-body'><div class='bootbox-body'></div></div></div></div></div>",header:"<div class='modal-header'><h4 class='modal-title'></h4></div>",footer:"<div class='modal-footer'></div>",closeButton:"<button type='button' class='bootbox-close-button close' aria-hidden='true'>&times;</button>",form:"<form class='bootbox-form'></form>",inputs:{text:"<input class='bootbox-input bootbox-input-text form-control' autocomplete=off type=text />",textarea:"<textarea class='bootbox-input bootbox-input-textarea form-control'></textarea>",email:"<input class='bootbox-input bootbox-input-email form-control' autocomplete='off' type='email' />",select:"<select class='bootbox-input bootbox-input-select form-control'></select>",checkbox:"<div class='checkbox'><label><input class='bootbox-input bootbox-input-checkbox' type='checkbox' /></label></div>",date:"<input class='bootbox-input bootbox-input-date form-control' autocomplete=off type='date' />",time:"<input class='bootbox-input bootbox-input-time form-control' autocomplete=off type='time' />",number:"<input class='bootbox-input bootbox-input-number form-control' autocomplete=off type='number' />",password:"<input class='bootbox-input bootbox-input-password form-control' autocomplete='off' type='password' />"}},f={locale:"en",backdrop:"static",animate:!0,className:null,closeButton:!0,show:!0,container:"body"},C={};C.alert=function(){var t;if((t=u("alert",["ok"],["message","callback"],arguments)).callback&&!e.isFunction(t.callback))throw new Error("alert requires callback property to be a function when provided");return t.buttons.ok.callback=t.onEscape=function(){return!e.isFunction(t.callback)||t.callback.call(this)},C.dialog(t)},C.confirm=function(){var t;if(t=u("confirm",["cancel","confirm"],["message","callback"],arguments),!e.isFunction(t.callback))throw new Error("confirm requires a callback");return t.buttons.cancel.callback=t.onEscape=function(){return t.callback.call(this,!1)},t.buttons.confirm.callback=function(){return t.callback.call(this,!0)},C.dialog(t)},C.prompt=function(){var t,a,n,r,i,c,u;if(r=e(d.form),a={className:"bootbox-prompt",buttons:p("cancel","confirm"),value:"",inputType:"text"},t=b(s(a,arguments,["title","callback"]),["cancel","confirm"]),c=t.show===o||t.show,t.message=r,t.buttons.cancel.callback=t.onEscape=function(){return t.callback.call(this,null)},t.buttons.confirm.callback=function(){var o;return o="checkbox"===t.inputType?i.find("input:checked").map(function(){return e(this).val()}).get():i.val(),t.callback.call(this,o)},t.show=!1,!t.title)throw new Error("prompt requires a title");if(!e.isFunction(t.callback))throw new Error("prompt requires a callback");if(!d.inputs[t.inputType])throw new Error("invalid prompt type");switch(i=e(d.inputs[t.inputType]),t.inputType){case"text":case"textarea":case"email":case"date":case"time":case"number":case"password":i.val(t.value);break;case"select":var f={};if(u=t.inputOptions||[],!e.isArray(u))throw new Error("Please pass an array of input options");if(!u.length)throw new Error("prompt with select requires options");l(u,function(t,a){var n=i;if(a.value===o||a.text===o)throw new Error("each option needs a `value` and a `text` property");a.group&&(f[a.group]||(f[a.group]=e("<optgroup/>").attr("label",a.group)),n=f[a.group]),n.append("<option value='"+a.value+"'>"+a.text+"</option>")}),l(f,function(t,e){i.append(e)}),i.val(t.value);break;case"checkbox":var m=e.isArray(t.value)?t.value:[t.value];if(!(u=t.inputOptions||[]).length)throw new Error("prompt with checkbox requires options");if(!u[0].value||!u[0].text)throw new Error("each option needs a `value` and a `text` property");i=e("<div/>"),l(u,function(o,a){var n=e(d.inputs[t.inputType]);n.find("input").attr("value",a.value),n.find("label").append(a.text),l(m,function(t,e){e===a.value&&n.find("input").prop("checked",!0)}),i.append(n)})}return t.placeholder&&i.attr("placeholder",t.placeholder),t.pattern&&i.attr("pattern",t.pattern),t.maxlength&&i.attr("maxlength",t.maxlength),r.append(i),r.on("submit",function(t){t.preventDefault(),t.stopPropagation(),n.find(".btn-primary").click()}),(n=C.dialog(t)).off("shown.bs.modal"),n.on("shown.bs.modal",function(){i.focus(),i[0].setSelectionRange(i[0].value.length,i[0].value.length)}),!0===c&&n.modal("show"),n},C.dialog=function(t){t=i(t);var a=e(d.dialog),r=a.find(".modal-dialog"),c=a.find(".modal-body"),s=t.buttons,u="",p={onEscape:t.onEscape};if(e.fn.modal===o)throw new Error("$.fn.modal is not defined; please double check you have included the Bootstrap JavaScript library. See http://getbootstrap.com/javascript/ for more details.");if(l(s,function(t,e){u+="<button data-bb-handler='"+t+"' type='button' class='btn "+e.className+"'>"+e.label+"</button>",p[t]=e.callback}),c.find(".bootbox-body").html(t.message),!0===t.animate&&a.addClass("fade"),t.className&&a.addClass(t.className),"large"===t.size?r.addClass("modal-lg"):"small"===t.size&&r.addClass("modal-sm"),t.title&&c.before(d.header),t.closeButton){var b=e(d.closeButton);t.title?a.find(".modal-header").prepend(b):b.css("margin-top","-2px").prependTo(c)}return t.title&&a.find(".modal-title").html(t.title),u.length&&(c.after(d.footer),a.find(".modal-footer").html(u)),a.one("hide.bs.modal",function(){a.off("escape.close.bb"),a.off("click")}),a.one("hidden.bs.modal",function(t){t.target===this&&a.remove()}),a.one("shown.bs.modal",function(){a.find(".btn-primary:first").focus()}),"static"!==t.backdrop&&a.on("click.dismiss.bs.modal",function(t){a.children(".modal-backdrop").length&&(t.currentTarget=a.children(".modal-backdrop").get(0)),t.target===t.currentTarget&&a.trigger("escape.close.bb")}),a.on("escape.close.bb",function(t){p.onEscape&&n(t,a,p.onEscape)}),a.on("click",".modal-footer button",function(t){var o=e(this).data("bb-handler");n(t,a,p[o])}),a.on("click",".bootbox-close-button",function(t){n(t,a,p.onEscape)}),a.on("keydown",function(t){27===t.which?a.trigger("escape.close.bb"):13!=t.which||t.shiftKey||(t.preventDefault(),n(t,a,p.confirm))}),e(t.container).append(a),a.modal({backdrop:!!t.backdrop&&"static",keyboard:!1,show:!1}),t.show&&a.modal("show"),a},C.setDefaults=function(){var t={};2===arguments.length?t[arguments[0]]=arguments[1]:t=arguments[0],e.extend(f,t)},C.hideAll=function(){return e(".bootbox").modal("hide"),C};var m={ar:{OK:"موافق",CANCEL:"الغاء",CONFIRM:"تأكيد"},bg_BG:{OK:"Ок",CANCEL:"Отказ",CONFIRM:"Потвърждавам"},br:{OK:"OK",CANCEL:"Cancelar",CONFIRM:"Sim"},cs:{OK:"OK",CANCEL:"Zrušit",CONFIRM:"Potvrdit"},da:{OK:"OK",CANCEL:"Annuller",CONFIRM:"Accepter"},de:{OK:"OK",CANCEL:"Abbrechen",CONFIRM:"Akzeptieren"},el:{OK:"Εντάξει",CANCEL:"Ακύρωση",CONFIRM:"Επιβεβαίωση"},en:{OK:"OK",CANCEL:"Cancel",CONFIRM:"OK"},es:{OK:"OK",CANCEL:"Cancelar",CONFIRM:"Aceptar"},eu:{OK:"OK",CANCEL:"Ezeztatu",CONFIRM:"Onartu"},et:{OK:"OK",CANCEL:"Katkesta",CONFIRM:"OK"},fa:{OK:"قبول",CANCEL:"لغو",CONFIRM:"تایید"},fi:{OK:"OK",CANCEL:"Peruuta",CONFIRM:"OK"},fr:{OK:"OK",CANCEL:"Annuler",CONFIRM:"Confirmer"},he:{OK:"אישור",CANCEL:"ביטול",CONFIRM:"אישור"},hu:{OK:"OK",CANCEL:"Mégsem",CONFIRM:"Megerősít"},hr:{OK:"OK",CANCEL:"Odustani",CONFIRM:"Potvrdi"},id:{OK:"OK",CANCEL:"Batal",CONFIRM:"OK"},it:{OK:"OK",CANCEL:"Annulla",CONFIRM:"Conferma"},ja:{OK:"OK",CANCEL:"キャンセル",CONFIRM:"確認"},lt:{OK:"Gerai",CANCEL:"Atšaukti",CONFIRM:"Patvirtinti"},lv:{OK:"Labi",CANCEL:"Atcelt",CONFIRM:"Apstiprināt"},nl:{OK:"OK",CANCEL:"Annuleren",CONFIRM:"Accepteren"},no:{OK:"OK",CANCEL:"Avbryt",CONFIRM:"OK"},pl:{OK:"OK",CANCEL:"Anuluj",CONFIRM:"Potwierdź"},pt:{OK:"OK",CANCEL:"Cancelar",CONFIRM:"Confirmar"},ru:{OK:"OK",CANCEL:"Отмена",CONFIRM:"Применить"},sk:{OK:"OK",CANCEL:"Zrušiť",CONFIRM:"Potvrdiť"},sl:{OK:"OK",CANCEL:"Prekliči",CONFIRM:"Potrdi"},sq:{OK:"OK",CANCEL:"Anulo",CONFIRM:"Prano"},sv:{OK:"OK",CANCEL:"Avbryt",CONFIRM:"OK"},th:{OK:"ตกลง",CANCEL:"ยกเลิก",CONFIRM:"ยืนยัน"},tr:{OK:"Tamam",CANCEL:"İptal",CONFIRM:"Onayla"},uk:{OK:"OK",CANCEL:"Відміна",CONFIRM:"Прийняти"},zh_CN:{OK:"OK",CANCEL:"取消",CONFIRM:"确认"},zh_TW:{OK:"OK",CANCEL:"取消",CONFIRM:"確認"}};return C.addLocale=function(t,o){return e.each(["OK","CANCEL","CONFIRM"],function(t,e){if(!o[e])throw new Error("Please supply a translation for '"+e+"'")}),m[t]={OK:o.OK,CANCEL:o.CANCEL,CONFIRM:o.CONFIRM},C},C.removeLocale=function(t){return delete m[t],C},C.setLocale=function(t){return C.setDefaults("locale",t)},C.init=function(o){return t(o||e)},C});
\ No newline at end of file
+!function(t,e){"use strict";"function"==typeof define&&define.amd?define(["jquery"],e):"object"==typeof exports?"undefined"==typeof $?module.exports=e(require("jquery")):module.exports=e($):t.bootbox=e(t.jQuery)}(this,function t(e,o){"use strict";function a(t){let e=m[f.locale];return e?e[t]:m.en[t]}function n(t,o,a){t.stopPropagation(),t.preventDefault(),e.isFunction(a)&&!1===a.call(o,t)||o.modal("hide")}function r(t){if(Object.keys)return Object.keys(t).length;let e,o=0;for(e in t)o++;return o}function l(t,o){let a=0;e.each(t,function(t,e){o(t,e,a++)})}function i(t){let o,a;if("object"!=typeof t)throw new Error("Please supply an object of options");if(!t.message)throw new Error("Please specify a message");return(t=e.extend({},f,t)).buttons||(t.buttons={}),o=t.buttons,a=r(o),l(o,function(t,n,r){let l=r===a-1;if(e.isFunction(n)&&(n=o[t]={callback:n}),"object"!==e.type(n))throw new Error("button with key "+t+" must be an object");n.label||(n.label=t),n.className||(n.className=a<=2&&l?"btn-primary":"btn-default")}),t}function c(t,e){let o=t.length,a={};if(o<1||o>2)throw new Error("Invalid argument length");return 2===o||"string"==typeof t[0]?(a[e[0]]=t[0],a[e[1]]=t[1]):a=t[0],a}function s(t,o,a){return e.extend(!0,{},t,c(o,a))}function u(t,e,o,a){return b(s({className:"bootbox-"+t,buttons:p.apply(null,e)},a,o),e)}function p(){for(let t={},e=0,o=arguments.length;e<o;e++){let n=arguments[e],r=n.toLowerCase(),l=n.toUpperCase();t[r]={label:a(l)}}return t}function b(t,e){let a={};return l(e,function(t,e){a[e]=!0}),l(t.buttons,function(t){if(a[t]===o)throw new Error("button key "+t+" is not allowed (options are "+e.join("\n")+")")}),t}let d={dialog:"<div class='bootbox modal' tabindex='-1' role='dialog' aria-hidden='true'><div class='modal-dialog'><div class='modal-content'><div class='modal-body'><div class='bootbox-body'></div></div></div></div></div>",header:"<div class='modal-header'><h4 class='modal-title'></h4></div>",footer:"<div class='modal-footer'></div>",closeButton:"<button type='button' class='bootbox-close-button close' aria-hidden='true'>&times;</button>",form:"<form class='bootbox-form'></form>",inputs:{text:"<input class='bootbox-input bootbox-input-text form-control' autocomplete=off type=text />",textarea:"<textarea class='bootbox-input bootbox-input-textarea form-control'></textarea>",email:"<input class='bootbox-input bootbox-input-email form-control' autocomplete='off' type='email' />",select:"<select class='bootbox-input bootbox-input-select form-control'></select>",checkbox:"<div class='checkbox'><label><input class='bootbox-input bootbox-input-checkbox' type='checkbox' /></label></div>",date:"<input class='bootbox-input bootbox-input-date form-control' autocomplete=off type='date' />",time:"<input class='bootbox-input bootbox-input-time form-control' autocomplete=off type='time' />",number:"<input class='bootbox-input bootbox-input-number form-control' autocomplete=off type='number' />",password:"<input class='bootbox-input bootbox-input-password form-control' autocomplete='off' type='password' />"}},f={locale:"en",backdrop:"static",animate:!0,className:null,closeButton:!0,show:!0,container:"body"},C={};C.alert=function(){let t;if((t=u("alert",["ok"],["message","callback"],arguments)).callback&&!e.isFunction(t.callback))throw new Error("alert requires callback property to be a function when provided");return t.buttons.ok.callback=t.onEscape=function(){return!e.isFunction(t.callback)||t.callback.call(this)},C.dialog(t)},C.confirm=function(){let t;if(t=u("confirm",["cancel","confirm"],["message","callback"],arguments),!e.isFunction(t.callback))throw new Error("confirm requires a callback");return t.buttons.cancel.callback=t.onEscape=function(){return t.callback.call(this,!1)},t.buttons.confirm.callback=function(){return t.callback.call(this,!0)},C.dialog(t)},C.prompt=function(){let t,a,n,r,i,c,u;if(r=e(d.form),a={className:"bootbox-prompt",buttons:p("cancel","confirm"),value:"",inputType:"text"},t=b(s(a,arguments,["title","callback"]),["cancel","confirm"]),c=t.show===o||t.show,t.message=r,t.buttons.cancel.callback=t.onEscape=function(){return t.callback.call(this,null)},t.buttons.confirm.callback=function(){let o;return o="checkbox"===t.inputType?i.find("input:checked").map(function(){return e(this).val()}).get():i.val(),t.callback.call(this,o)},t.show=!1,!t.title)throw new Error("prompt requires a title");if(!e.isFunction(t.callback))throw new Error("prompt requires a callback");if(!d.inputs[t.inputType])throw new Error("invalid prompt type");switch(i=e(d.inputs[t.inputType]),t.inputType){case"text":case"textarea":case"email":case"date":case"time":case"number":case"password":i.val(t.value);break;case"select":let f={};if(u=t.inputOptions||[],!e.isArray(u))throw new Error("Please pass an array of input options");if(!u.length)throw new Error("prompt with select requires options");l(u,function(t,a){let n=i;if(a.value===o||a.text===o)throw new Error("each option needs a `value` and a `text` property");a.group&&(f[a.group]||(f[a.group]=e("<optgroup/>").attr("label",a.group)),n=f[a.group]),n.append("<option value='"+a.value+"'>"+a.text+"</option>")}),l(f,function(t,e){i.append(e)}),i.val(t.value);break;case"checkbox":let m=e.isArray(t.value)?t.value:[t.value];if(!(u=t.inputOptions||[]).length)throw new Error("prompt with checkbox requires options");if(!u[0].value||!u[0].text)throw new Error("each option needs a `value` and a `text` property");i=e("<div/>"),l(u,function(o,a){let n=e(d.inputs[t.inputType]);n.find("input").attr("value",a.value),n.find("label").append(a.text),l(m,function(t,e){e===a.value&&n.find("input").prop("checked",!0)}),i.append(n)})}return t.placeholder&&i.attr("placeholder",t.placeholder),t.pattern&&i.attr("pattern",t.pattern),t.maxlength&&i.attr("maxlength",t.maxlength),r.append(i),r.on("submit",function(t){t.preventDefault(),t.stopPropagation(),n.find(".btn-primary").click()}),(n=C.dialog(t)).off("shown.bs.modal"),n.on("shown.bs.modal",function(){i.focus(),i[0].setSelectionRange(i[0].value.length,i[0].value.length)}),!0===c&&n.modal("show"),n},C.dialog=function(t){t=i(t);let a=e(d.dialog),r=a.find(".modal-dialog"),c=a.find(".modal-body"),s=t.buttons,u="",p={onEscape:t.onEscape};if(e.fn.modal===o)throw new Error("$.fn.modal is not defined; please double check you have included the Bootstrap JavaScript library. See http://getbootstrap.com/javascript/ for more details.");if(l(s,function(t,e){u+="<button data-bb-handler='"+t+"' type='button' class='btn "+e.className+"'>"+e.label+"</button>",p[t]=e.callback}),c.find(".bootbox-body").html(t.message),!0===t.animate&&a.addClass("fade"),t.className&&a.addClass(t.className),"large"===t.size?r.addClass("modal-lg"):"small"===t.size&&r.addClass("modal-sm"),t.title&&c.before(d.header),t.closeButton){let b=e(d.closeButton);t.title?a.find(".modal-header").prepend(b):b.css("margin-top","-2px").prependTo(c)}return t.title&&a.find(".modal-title").html(t.title),u.length&&(c.after(d.footer),a.find(".modal-footer").html(u)),a.one("hide.bs.modal",function(){a.off("escape.close.bb"),a.off("click")}),a.one("hidden.bs.modal",function(t){t.target===this&&a.remove()}),a.one("shown.bs.modal",function(){a.find(".btn-primary:first").focus()}),"static"!==t.backdrop&&a.on("click.dismiss.bs.modal",function(t){a.children(".modal-backdrop").length&&(t.currentTarget=a.children(".modal-backdrop").get(0)),t.target===t.currentTarget&&a.trigger("escape.close.bb")}),a.on("escape.close.bb",function(t){p.onEscape&&n(t,a,p.onEscape)}),a.on("click",".modal-footer button",function(t){let o=e(this).data("bb-handler");n(t,a,p[o])}),a.on("click",".bootbox-close-button",function(t){n(t,a,p.onEscape)}),a.on("keydown",function(t){27===t.which?a.trigger("escape.close.bb"):13!=t.which||t.shiftKey||(t.preventDefault(),n(t,a,p.confirm))}),e(t.container).append(a),a.modal({backdrop:!!t.backdrop&&"static",keyboard:!1,show:!1}),t.show&&a.modal("show"),a},C.setDefaults=function(){let t={};2===arguments.length?t[arguments[0]]=arguments[1]:t=arguments[0],e.extend(f,t)},C.hideAll=function(){return e(".bootbox").modal("hide"),C};let m={ar:{OK:"موافق",CANCEL:"الغاء",CONFIRM:"تأكيد"},bg_BG:{OK:"Ок",CANCEL:"Отказ",CONFIRM:"Потвърждавам"},br:{OK:"OK",CANCEL:"Cancelar",CONFIRM:"Sim"},cs:{OK:"OK",CANCEL:"Zrušit",CONFIRM:"Potvrdit"},da:{OK:"OK",CANCEL:"Annuller",CONFIRM:"Accepter"},de:{OK:"OK",CANCEL:"Abbrechen",CONFIRM:"Akzeptieren"},el:{OK:"Εντάξει",CANCEL:"Ακύρωση",CONFIRM:"Επιβεβαίωση"},en:{OK:"OK",CANCEL:"Cancel",CONFIRM:"OK"},es:{OK:"OK",CANCEL:"Cancelar",CONFIRM:"Aceptar"},eu:{OK:"OK",CANCEL:"Ezeztatu",CONFIRM:"Onartu"},et:{OK:"OK",CANCEL:"Katkesta",CONFIRM:"OK"},fa:{OK:"قبول",CANCEL:"لغو",CONFIRM:"تایید"},fi:{OK:"OK",CANCEL:"Peruuta",CONFIRM:"OK"},fr:{OK:"OK",CANCEL:"Annuler",CONFIRM:"Confirmer"},he:{OK:"אישור",CANCEL:"ביטול",CONFIRM:"אישור"},hu:{OK:"OK",CANCEL:"Mégsem",CONFIRM:"Megerősít"},hr:{OK:"OK",CANCEL:"Odustani",CONFIRM:"Potvrdi"},id:{OK:"OK",CANCEL:"Batal",CONFIRM:"OK"},it:{OK:"OK",CANCEL:"Annulla",CONFIRM:"Conferma"},ja:{OK:"OK",CANCEL:"キャンセル",CONFIRM:"確認"},lt:{OK:"Gerai",CANCEL:"Atšaukti",CONFIRM:"Patvirtinti"},lv:{OK:"Labi",CANCEL:"Atcelt",CONFIRM:"Apstiprināt"},nl:{OK:"OK",CANCEL:"Annuleren",CONFIRM:"Accepteren"},no:{OK:"OK",CANCEL:"Avbryt",CONFIRM:"OK"},pl:{OK:"OK",CANCEL:"Anuluj",CONFIRM:"Potwierdź"},pt:{OK:"OK",CANCEL:"Cancelar",CONFIRM:"Confirmar"},ru:{OK:"OK",CANCEL:"Отмена",CONFIRM:"Применить"},sk:{OK:"OK",CANCEL:"Zrušiť",CONFIRM:"Potvrdiť"},sl:{OK:"OK",CANCEL:"Prekliči",CONFIRM:"Potrdi"},sq:{OK:"OK",CANCEL:"Anulo",CONFIRM:"Prano"},sv:{OK:"OK",CANCEL:"Avbryt",CONFIRM:"OK"},th:{OK:"ตกลง",CANCEL:"ยกเลิก",CONFIRM:"ยืนยัน"},tr:{OK:"Tamam",CANCEL:"İptal",CONFIRM:"Onayla"},uk:{OK:"OK",CANCEL:"Відміна",CONFIRM:"Прийняти"},zh_CN:{OK:"OK",CANCEL:"取消",CONFIRM:"确认"},zh_TW:{OK:"OK",CANCEL:"取消",CONFIRM:"確認"}};return C.addLocale=function(t,o){return e.each(["OK","CANCEL","CONFIRM"],function(t,e){if(!o[e])throw new Error("Please supply a translation for '"+e+"'")}),m[t]={OK:o.OK,CANCEL:o.CANCEL,CONFIRM:o.CONFIRM},C},C.removeLocale=function(t){return delete m[t],C},C.setLocale=function(t){return C.setDefaults("locale",t)},C.init=function(o){return t(o||e)},C});
\ No newline at end of file
diff --git a/public/js/cookies-eu-banner.min.js b/public/js/cookies-eu-banner.min.js
index 807d82d3..e7bd7eb3 100755
--- a/public/js/cookies-eu-banner.min.js
+++ b/public/js/cookies-eu-banner.min.js
@@ -1,2 +1,2 @@
 /** Cookies EU banner v1.2.7 - Manage display of banner to accept/reject cookies from tracking services like Google Analytics - alex-d.github.io/Cookies-EU-banner/ - License MIT - Author : Alex-D / alex-d.fr */
-!function(e,t){"function"==typeof define&&define.amd?define([],t):"object"==typeof exports?module.exports=t():e.CookiesEuBanner=t()}(window,function(){var e,t=window.document;return e=function(t,o){return this instanceof e?(this.cookieTimeout=33696e6,this.bots=/bot|googlebot|crawler|spider|robot|crawling/i,this.cookieName="hasConsent",this.trackingCookiesNames=["__utma","__utmb","__utmc","__utmt","__utmv","__utmz","_ga","_gat"],this.launchFunction=t,this.waitAccept=null!=o?o:!1,this.init(),void 0):new e(t)},e.prototype={init:function(){return this.isBot()||!this.isToTrack()||this.hasConsent()===!1?!1:this.hasConsent()===!0?(this.launchFunction(),!0):(this.showBanner(),this.waitAccept||this.setCookie(this.cookieName,!0),void 0)},showBanner:function(){var e=this,o=t.getElementById("cookies-eu-banner"),i=t.getElementById("cookies-eu-reject"),n=t.getElementById("cookies-eu-accept"),s=t.getElementById("cookies-eu-more");o.style.display="block",this.addEventListener(s,"click",function(){e.deleteCookie(e.cookieName)}),this.addEventListener(n,"click",function(){o.parentNode.removeChild(o),e.setCookie(e.cookieName,!0),e.launchFunction()}),this.addEventListener(i,"click",function(){o.parentNode.removeChild(o),e.setCookie(e.cookieName,!1),e.deleteTrackingCookies()})},hasConsent:function(){return t.cookie.indexOf(this.cookieName+"=true")>-1?!0:t.cookie.indexOf(this.cookieName+"=false")>-1?!1:null},isBot:function(){return this.bots.test(navigator.userAgent)},isToTrack:function(){var e=navigator.doNotTrack||navigator.msDoNotTrack||window.doNotTrack;return null!=e?e&&"yes"!==e&&1!==e&&"1"!==e:!0},deleteTrackingCookies:function(){var e;for(e in this.trackingCookiesNames)this.deleteCookie(e)},setCookie:function(e,o){var i=new Date;i.setTime(i.getTime()+this.cookieTimeout),t.cookie=e+"="+o+";expires="+i.toGMTString()+";path=/"},deleteCookie:function(e){var o=t.location.hostname;0===o.indexOf("www.")&&(o=o.substring(4)),t.cookie=e+"=; domain=."+o+"; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/",t.cookie=e+"=; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/"},addEventListener:function(e,o,i){t.addEventListener?e.addEventListener(o,i):e.attachEvent&&e.attachEvent("on"+o,i)}},e});
\ No newline at end of file
+!function(e,t){"function"==typeof define&&define.amd?define([],t):"object"==typeof exports?module.exports=t():e.CookiesEuBanner=t()}(window,function(){let e,t=window.document;return e=function(t,o){return this instanceof e?(this.cookieTimeout=33696e6,this.bots=/bot|googlebot|crawler|spider|robot|crawling/i,this.cookieName="hasConsent",this.trackingCookiesNames=["__utma","__utmb","__utmc","__utmt","__utmv","__utmz","_ga","_gat"],this.launchFunction=t,this.waitAccept=null!=o?o:!1,this.init(),void 0):new e(t)},e.prototype={init:function(){return this.isBot()||!this.isToTrack()||this.hasConsent()===!1?!1:this.hasConsent()===!0?(this.launchFunction(),!0):(this.showBanner(),this.waitAccept||this.setCookie(this.cookieName,!0),void 0)},showBanner:function(){let e=this,o=t.getElementById("cookies-eu-banner"),i=t.getElementById("cookies-eu-reject"),n=t.getElementById("cookies-eu-accept"),s=t.getElementById("cookies-eu-more");o.style.display="block",this.addEventListener(s,"click",function(){e.deleteCookie(e.cookieName)}),this.addEventListener(n,"click",function(){o.parentNode.removeChild(o),e.setCookie(e.cookieName,!0),e.launchFunction()}),this.addEventListener(i,"click",function(){o.parentNode.removeChild(o),e.setCookie(e.cookieName,!1),e.deleteTrackingCookies()})},hasConsent:function(){return t.cookie.indexOf(this.cookieName+"=true")>-1?!0:t.cookie.indexOf(this.cookieName+"=false")>-1?!1:null},isBot:function(){return this.bots.test(navigator.userAgent)},isToTrack:function(){let e=navigator.doNotTrack||navigator.msDoNotTrack||window.doNotTrack;return null!=e?e&&"yes"!==e&&1!==e&&"1"!==e:!0},deleteTrackingCookies:function(){let e;for(e in this.trackingCookiesNames)this.deleteCookie(e)},setCookie:function(e,o){let i=new Date;i.setTime(i.getTime()+this.cookieTimeout),t.cookie=e+"="+o+";expires="+i.toGMTString()+";path=/"},deleteCookie:function(e){let o=t.location.hostname;0===o.indexOf("www.")&&(o=o.substring(4)),t.cookie=e+"=; domain=."+o+"; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/",t.cookie=e+"=; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/"},addEventListener:function(e,o,i){t.addEventListener?e.addEventListener(o,i):e.attachEvent&&e.attachEvent("on"+o,i)}},e});
\ No newline at end of file
diff --git a/public/js/jquery.confetti.js b/public/js/jquery.confetti.js
index 929fca02..22106552 100644
--- a/public/js/jquery.confetti.js
+++ b/public/js/jquery.confetti.js
@@ -1,23 +1,23 @@
 (function($) {
   $.confetti = new function() {
     // globals
-    var canvas;
-    var ctx;
-    var W;
-    var H;
-    var mp = 150; //max particles
-    var particles = [];
-    var angle = 0;
-    var tiltAngle = 0;
-    var confettiActive = true;
-    var animationComplete = true;
-    var deactivationTimerHandler;
-    var reactivationTimerHandler;
-    var animationHandler;
+    let canvas;
+    let ctx;
+    let W;
+    let H;
+    let mp = 150; //max particles
+    let particles = [];
+    let angle = 0;
+    let tiltAngle = 0;
+    let confettiActive = true;
+    let animationComplete = true;
+    let deactivationTimerHandler;
+    let reactivationTimerHandler;
+    let animationHandler;
 
     // objects
 
-    var particleColors = {
+    let particleColors = {
         colorOptions: ["DodgerBlue", "OliveDrab", "Gold", "pink", "SlateBlue", "lightblue", "Violet", "PaleGreen", "SteelBlue", "SandyBrown", "Chocolate", "Crimson"],
         colorIndex: 0,
         colorIncrementer: 0,
@@ -91,8 +91,8 @@
         canvas.style.display = 'block';
         particles = [];
         animationComplete = false;
-        for (var i = 0; i < mp; i++) {
-            var particleColor = particleColors.getColor();
+        for (let i = 0; i < mp; i++) {
+            let particleColor = particleColors.getColor();
             particles.push(new confettiParticle(particleColor));
         }
         StartConfetti();
@@ -100,8 +100,8 @@
 
     function Draw() {
         ctx.clearRect(0, 0, W, H);
-        var results = [];
-        for (var i = 0; i < mp; i++) {
+        let results = [];
+        for (let i = 0; i < mp; i++) {
             (function (j) {
                 results.push(particles[j].draw());
             })(i);
@@ -117,12 +117,12 @@
 
 
     function Update() {
-        var remainingFlakes = 0;
-        var particle;
+        let remainingFlakes = 0;
+        let particle;
         angle += 0.01;
         tiltAngle += 0.1;
 
-        for (var i = 0; i < mp; i++) {
+        for (let i = 0; i < mp; i++) {
             particle = particles[i];
             if (animationComplete) return;
 
diff --git a/routes/api.js b/routes/api.js
index f4451c31..31d71ab1 100644
--- a/routes/api.js
+++ b/routes/api.js
@@ -184,7 +184,7 @@ function APIRouter(app) {
         maxWait: 15 * 1000, // 15 seconds,
         lifetime: 25, // remember spam for max of 25 seconds
         failCallback: (req, res, next, nextValidRequestDate) => {
-            var seconds = Math.round((nextValidRequestDate - new Date()) / 1000);
+            let seconds = Math.round((nextValidRequestDate - new Date()) / 1000);
             return res.status(429).json({
                 success: false,
                 error: {
diff --git a/scripts/migrate-ips.js b/scripts/migrate-ips.js
index a4d8ff44..4ff0ab54 100644
--- a/scripts/migrate-ips.js
+++ b/scripts/migrate-ips.js
@@ -9,7 +9,7 @@ console.log('PLEASE BACKUP YOUR DATABASE BEFORE RUNNING THIS TOOL');
 console.log('--------------------------------');
 
 // Flag variables
-var doneReading = false;
+let doneReading = false;
 let saved = 0;
 let i = 0;
 
diff --git a/scripts/resize.js b/scripts/resize.js
index 1a0d7b19..08a8c8dd 100644
--- a/scripts/resize.js
+++ b/scripts/resize.js
@@ -9,7 +9,7 @@ console.log('PLEASE BACKUP YOUR DATABASE BEFORE RUNNING THIS TOOL');
 console.log('--------------------------------');
 
 // Flag variables
-var doneReading = false;
+let doneReading = false;
 let i = 0;
 let saved = 0;
 
diff --git a/util/ActionLogger.js b/util/ActionLogger.js
index 589c7823..febccfdc 100644
--- a/util/ActionLogger.js
+++ b/util/ActionLogger.js
@@ -1,7 +1,7 @@
 const Action = require("../models/action");
 
 // Below are the possible actions
-var actions = {
+const actions = {
     // Normal user actions
     signIn: {
         displayName: "Sign in",
@@ -136,7 +136,7 @@ var actions = {
     }
 };
 
-var actionLogger = {
+const actionLogger = {
     log: function(app, actionID, performingUser, moderatingUser = null, info = null) {
         Action({
             actionID: actionID,
diff --git a/util/ChangelogManager.js b/util/ChangelogManager.js
index 0773f6b6..f499a237 100644
--- a/util/ChangelogManager.js
+++ b/util/ChangelogManager.js
@@ -12,16 +12,16 @@ class ChangelogManager {
     }
 
     _fetchChangelogs() {
-        if(this.app.config.enableChangelogs) {
+        if (this.app.config.enableChangelogs) {
             this.app.logger.info("Changelogs", `Starting load of changelogs…`);
             fs.readdir(changelogsPath, (err, files) => {
-                var changelogs = [];
-                if(err) return this.app.logger.error("Changelogs", "Couldn't load changelogs: " + err);
+                let changelogs = [];
+                if (err) return this.app.logger.error("Changelogs", "Couldn't load changelogs: " + err);
                 files.filter((name) => name.split(".").pop() == "json").forEach((name) => {
-                    var fullPath = path.join(changelogsPath, name);
-                    var changelogData = require(fullPath);
-                    if(changelogData["date"] && changelogData["text"]) {
-                        var version = {
+                    const fullPath = path.join(changelogsPath, name);
+                    const changelogData = require(fullPath);
+                    if (changelogData["date"] && changelogData["text"]) {
+                        const version = {
                             version: Number.parseInt(name),
                             html: marked(changelogData["text"]),
                             date: changelogData["date"]
@@ -44,7 +44,7 @@ class ChangelogManager {
     getChangelogs() {
         return this.changelogs;
     }
-    
+
     getChangelogCount() {
         return this.changelogs.length;
     }
@@ -60,25 +60,27 @@ class ChangelogManager {
     getChangelogVersions() {
         return this.getChangelogs().map((c) => c.version);
     }
-    
+
     getChangelog(version) {
         return this.getChangelogs().find((c) => c.version == version);
     }
-    
+
     getChangelogsSince(version) {
         return this.getChangelogs().filter((c) => c.version > version);
     }
-    
+
     getChangelogsBefore(version) {
         return this.getChangelogs().filter((c) => c.version < version);
     }
 
     getPaginationInfo(version, forceDisableNext = false) {
-        if(!version) return {};
-        var versions = this.getChangelogVersions();
-        var previous = versions.filter((c) => c < version)[0];
-        var next = forceDisableNext ? null : versions.filter((c) => c > version).slice(-1).pop();
-        return {next: next, previous: previous}
+        if (!version) {
+            return {};
+        }
+        const versions = this.getChangelogVersions();
+        const previous = versions.find((c) => c < version);
+        const next = forceDisableNext ? null : versions.find((c) => c > version);
+        return { next, previous };
     }
 }
 
diff --git a/util/DataModelManager.js b/util/DataModelManager.js
index 8e9153ab..1db54f7d 100644
--- a/util/DataModelManager.js
+++ b/util/DataModelManager.js
@@ -12,13 +12,13 @@ class DataModelManager {
     }
 
     registerModel(name, prototype) {
-        var m = this;
+        let m = this;
         // Check if we've already initialized this model
-        var needsInitialization = !this.registeredModels.has(name);
+        let needsInitialization = !this.registeredModels.has(name);
         if(needsInitialization) {
             // Add original model static methods to our manager for later, and change them in the model to call the manager.
             Object.keys(prototype.statics).forEach((key) => {
-                var method = prototype.statics[key];
+                let method = prototype.statics[key];
                 this._registerMethodHandler(name, key, true, method);
                 prototype.statics[key] = function() {
                     return m._getMethodHandler(name, key, true).apply(this, Array.from(arguments))
@@ -27,16 +27,16 @@ class DataModelManager {
             prototype.options.strict = false;
         }
         if(this.modelFields[name]) prototype.add(this.modelFields[name]);
-        var model = mongoose.model(name, this.registeredModels.get(name) || prototype);
+        let model = mongoose.model(name, this.registeredModels.get(name) || prototype);
         if(needsInitialization) {
             // Add original model instance methods to our manager for later, and change them in the model to call the manager.
             Object.keys(prototype.methods).forEach((key) => {
-                var method = mongoose.models[name].prototype[key];
+                let method = mongoose.models[name].prototype[key];
                 this._registerMethodHandler(name, key, false, method);
                 this._setupMethodHandler(name, key, false);
             });
             // Add methods that we've declared in modules to the model.
-            var methodsToAdd = this.modelInstanceMethods[name];
+            let methodsToAdd = this.modelInstanceMethods[name];
             if(methodsToAdd) Object.keys(methodsToAdd).forEach((key) => {
                 this._setupMethodHandler(name, key, false);
             });
@@ -92,12 +92,12 @@ class DataModelManager {
     }
 
     _getMethodHandler(model, name, isStatic) {
-        var res = this._getList(isStatic)[model][name].slice();
+        let res = this._getList(isStatic)[model][name].slice();
         if (res.length <= 1) return res[0];
         res.reverse();
         return function() {
-            var args = Array.from(arguments);
-            var index = 1;
+            let args = Array.from(arguments);
+            let index = 1;
             args.push(() => {
                 if(!res[index]) return;
                 index++;
diff --git a/util/HTTPServer.js b/util/HTTPServer.js
index 87905398..0bfc57bf 100644
--- a/util/HTTPServer.js
+++ b/util/HTTPServer.js
@@ -10,8 +10,8 @@ const fs = require("fs");
 const path = require("path");
 
 function HTTPServer(app) {
-    var server = express();
-    var httpServer = require("http").createServer(server);
+    let server = express();
+    let httpServer = require("http").createServer(server);
     
     // Setup for parameters and bodies
     server.use(bodyParser.urlencoded({extended: false}));
@@ -22,7 +22,7 @@ function HTTPServer(app) {
     // Set rendering engine
     server.set("view engine", "pug");
 
-    var setupRoutes = function(directories, modulesWithRoutes) {
+    let setupRoutes = function(directories, modulesWithRoutes) {
         // Use public folder for resources
         server.use(express.static("public"));
         // Register module public directories
@@ -36,7 +36,7 @@ function HTTPServer(app) {
             // Pretty-print JSON
             server.set("json spaces", 4);
         } else {
-            var logInfo = {};
+            let logInfo = {};
             if (fs.existsSync("/var/log/place")) logInfo.stream = require("stream-file-archive")({
                 path: "/var/log/place/access-%Y-%m-%d.log",  // Write logs rotated by the day
                 symlink: "/var/log/place/current.log",    // Maintain a symlink called current.log
diff --git a/util/JavaScriptProcessor.js b/util/JavaScriptProcessor.js
index d9fd67b0..4dc7b7f1 100644
--- a/util/JavaScriptProcessor.js
+++ b/util/JavaScriptProcessor.js
@@ -16,7 +16,7 @@ class JavaScriptProcessor {
             }
         };
 
-        var swallowError = function(error) {
+        let swallowError = function(error) {
             app.reportError("Error while processing JavaScript: " + error);
             this.emit("end");
         }
@@ -28,7 +28,7 @@ class JavaScriptProcessor {
         // Process JavaScript
         gulp.task("scripts", (cb) => {
             this.app.logger.info('Babel', "Processing JavaScript…");
-            var t = gulp.src(this.paths.scripts.src);
+            let t = gulp.src(this.paths.scripts.src);
             t = t.pipe(changed(this.paths.scripts.built))
             t = t.pipe(sourcemaps.init());
             t = t.pipe(babel({ presets: ["es2015", "es2016", "es2017"] }));
diff --git a/util/LeaderboardManager.js b/util/LeaderboardManager.js
index aae7410d..21b47db3 100644
--- a/util/LeaderboardManager.js
+++ b/util/LeaderboardManager.js
@@ -2,7 +2,7 @@ const Pixel = require("../models/pixel");
 const User = require("../models/user");
 
 function LeaderboardManager(app) {
-    var manager = {
+    let manager = {
         needsUpdating: true,
         topUsers: null, pixelCounts: null,
         waitingForUpdate: [],
@@ -10,16 +10,16 @@ function LeaderboardManager(app) {
         lastUpdated: null,
 
         update: function() {
-            var m = this;
+            let m = this;
             if(!this.needsUpdating) return;
             app.logger.log('Leaderboard', "Starting generation of leaderboard data…");
             this.isUpdating = true;
             this.needsUpdating = false;
-            var dateBackLastWeek = new Date(new Date().getTime() - (7 * 24 * 60 * 60 * 1000));
-            var pixelCounts = {};
+            let dateBackLastWeek = new Date(new Date().getTime() - (7 * 24 * 60 * 60 * 1000));
+            let pixelCounts = {};
             Pixel.find({lastModified: {$gt: dateBackLastWeek}}, {editorID: 1}).stream().on("data", (pixel) => {
                 if (!pixel.editorID) return;
-                var uid = pixel.editorID.toString();
+                let uid = pixel.editorID.toString();
                 if(!Object.keys(pixelCounts).includes(uid)) pixelCounts[uid] = 0;
                 pixelCounts[uid]++;
             }).on("end", () => {
@@ -53,14 +53,14 @@ function LeaderboardManager(app) {
             if(this.isUpdating) return this.waitingForUpdate.push(callback);
             if(!this.topUsers || !this.pixelCounts) return callback("No leaderboard data loaded", null);
             User.find({_id: { $in: this.topUsers }}).then((users) => {
-                var info = { leaderboard: users.sort((a, b) => this.pixelCounts[b._id] - this.pixelCounts[a._id]).map((u) => u.toInfo(app)), lastUpdated: this.lastUpdated };
+                let info = { leaderboard: users.sort((a, b) => this.pixelCounts[b._id] - this.pixelCounts[a._id]).map((u) => u.toInfo(app)), lastUpdated: this.lastUpdated };
                 callback(null, info);
             }).catch((err) => callback(err, null));
         },
 
         getUserRank: function(userID) {
             if(!this.topUsers) return null;
-            var index = this.topUsers.indexOf(userID);
+            let index = this.topUsers.indexOf(userID);
             return index >= 0 ? index + 1 : null;
         }
     };
diff --git a/util/ModuleManager.js b/util/ModuleManager.js
index 5314453d..bab246c1 100644
--- a/util/ModuleManager.js
+++ b/util/ModuleManager.js
@@ -25,9 +25,9 @@ class ModuleManager {
     }
 
     load(meta, mainPath) {
-        var s = this;
-        var validDependencies = true;
-        var withoutConflicts = true;
+        let s = this;
+        let validDependencies = true;
+        let withoutConflicts = true;
         // Check dependency modules
         meta.depends.every((dependency) => {
             if(!this.moduleIdentifiers.includes(directory)) {
@@ -52,8 +52,8 @@ class ModuleManager {
         s.moduleMetas[meta.identifier] = meta;
         s.modulePaths[meta.identifier] = path.dirname(mainPath);
         function finalizeLoad() {
-            var Module = require(mainPath);
-            var newModule = new Module(s.app);
+            let Module = require(mainPath);
+            let newModule = new Module(s.app);
             s.modules.set(meta.identifier, newModule);
             s.logger.log('MODULE MANAGER', `Loaded module "${meta.name}" (${meta.identifier}).`);
         }
@@ -75,7 +75,7 @@ class ModuleManager {
             }
             if(files.length <= 0) return this.doneLoading("No modules loaded.");
             // Try and load information about all the modules
-            var promises = files.map((file) => this.processModuleLoadingInformation(file));
+            let promises = files.map((file) => this.processModuleLoadingInformation(file));
             Promise.all(promises).then(moduleInfo => {
                 // Remove nulls and sort by priority
                 moduleInfo = moduleInfo.filter((o) => !!o).sort((a, b) => b.priority - a.priority); 
@@ -99,22 +99,22 @@ class ModuleManager {
 
     processModuleLoadingInformation(file) {
         return new Promise((resolve, reject) => {
-            var folderPath = path.join(modulesDirectory, file);
+            let folderPath = path.join(modulesDirectory, file);
             fs.stat(folderPath, (err, stat) => {
                 if(err) {
                     this.logger.capture("Error loading single module directory: " + err);
                     return resolve(null);
                 }
                 if(!stat.isDirectory()) return resolve(null);
-                var folder = path.parse(folderPath);
-                var nicePath = path.join(folder.dir, folder.base);
+                let folder = path.parse(folderPath);
+                let nicePath = path.join(folder.dir, folder.base);
                 // Attempt to stat module.json
                 fs.stat(path.join(nicePath, "module.json"), (err) => {
                     if(err) {
                         this.logger.capture(`Skipping malformed module "${folder.name}" (error loading module.json).`);
                         return resolve(null);
                     }
-                    var moduleMeta = require(path.join(nicePath, "module.json"));
+                    let moduleMeta = require(path.join(nicePath, "module.json"));
                     if(!moduleMeta.main || !moduleMeta.identifier || !moduleMeta.name) return this.logger.capture(`Skipping malformed module "${folder.name}" (invalid module.json).`);
                     moduleMeta = this.addMetaDefaults(moduleMeta);
                     // Attempt to stat main module JS file
@@ -143,7 +143,7 @@ class ModuleManager {
     // --- Resource Loading ---
 
     getResourcesFromModules(req) {
-        var resources = { css: [], js: [] };
+        let resources = { css: [], js: [] };
         this.modules.forEach((module) => {
             if(typeof module.getCSSResourceList === "function") resources.css = resources.css.concat(module.getCSSResourceList(req));
             if(typeof module.getJSResourceList === "function") resources.js = resources.js.concat(module.getJSResourceList(req));
@@ -155,7 +155,7 @@ class ModuleManager {
 
     getAllPublicDirectoriesToRegister() {
         return new Promise((resolve, reject) => {
-            var promises = Object.keys(this.moduleMetas).map((module) => this.getRegisteredPublicDirectoriesForModule(this.moduleMetas[module]));
+            let promises = Object.keys(this.moduleMetas).map((module) => this.getRegisteredPublicDirectoriesForModule(this.moduleMetas[module]));
             Promise.all(promises).then((directories) => resolve(directories.filter((o) => !!o))).catch((err) => {
                 this.app.reportError("Error loading public directories for modules: " + err);
                 resolve();
@@ -165,7 +165,7 @@ class ModuleManager {
 
     getRegisteredPublicDirectoriesForModule(meta) {
         return new Promise((resolve, reject) => {
-            var publicPath = path.join(this.modulePaths[meta.identifier], "public");
+            let publicPath = path.join(this.modulePaths[meta.identifier], "public");
             fs.stat(publicPath, (err, stat) => {
                 if(err || !stat.isDirectory()) return resolve(null);
                 resolve({root: meta.publicRoot, middleware: express.static(publicPath)});
@@ -177,7 +177,7 @@ class ModuleManager {
 
     getRoutesToRegister() {
         return new Promise((resolve, reject) => {
-            var promises = Object.keys(this.moduleMetas).map((module) => this.getRoutesToRegisterForModule(this.moduleMetas[module]));
+            let promises = Object.keys(this.moduleMetas).map((module) => this.getRoutesToRegisterForModule(this.moduleMetas[module]));
             Promise.all(promises).then((routes) => resolve(routes.filter((o) => !!o))).catch((err) => {
                 this.app.reportError("Error loading routes for modules: " + err);
                 resolve();
@@ -187,7 +187,7 @@ class ModuleManager {
 
     getRoutesToRegisterForModule(meta) {
         return new Promise((resolve, reject) => {
-            var promises = meta.routes.filter((info) => info.path && info.file).map((info) => this.getRouterForRouterInformationAndMeta(info, meta));
+            let promises = meta.routes.filter((info) => info.path && info.file).map((info) => this.getRouterForRouterInformationAndMeta(info, meta));
             Promise.all(promises).then((routes) => resolve(routes)).catch((err) => {
                 this.app.reportError(`Error loading routes for module "${meta.name}" (${meta.identifier}): ${err}`);
                 resolve();
@@ -197,10 +197,10 @@ class ModuleManager {
 
     getRouterForRouterInformationAndMeta(routerInfo, meta) {
         return new Promise((resolve, reject) => {
-            var routerPath = path.join(path.join(this.modulePaths[meta.identifier], "routes"), routerInfo.file);
+            let routerPath = path.join(path.join(this.modulePaths[meta.identifier], "routes"), routerInfo.file);
             fs.stat(routerPath, (err, stat) => {
                 if(err || stat.isDirectory()) return resolve(null);
-                var router = require(routerPath)(this.app, (req, res, next) => {
+                let router = require(routerPath)(this.app, (req, res, next) => {
                     req.moduleResponseFactory = new ResponseFactory(this.app, req, res, path.join(this.modulePaths[meta.identifier], "views") + path.sep);
                     next();
                 });
@@ -212,10 +212,10 @@ class ModuleManager {
     // --- Middleware ---
 
     processRequest(req, res, next) {
-        var middlewareFetchers = Array.from(this.modules.values()).filter((module) => typeof module.processRequest === "function").map((module) => module.processRequest);
-        var middlewares = [];
+        let middlewareFetchers = Array.from(this.modules.values()).filter((module) => typeof module.processRequest === "function").map((module) => module.processRequest);
+        let middlewares = [];
         middlewareFetchers.forEach((process) => middlewares = middlewares.concat(process(req)));
-        var index = 0;
+        let index = 0;
         function handleNext() {
             if(!middlewares[index]) return next();
             index++;
@@ -227,12 +227,12 @@ class ModuleManager {
     // --- View Extensions ---
 
     processViewExtensionsForModule(meta, callback) {
-        var vPath = path.join(this.modulePaths[meta.identifier], "view_extensions");
+        let vPath = path.join(this.modulePaths[meta.identifier], "view_extensions");
         fs.stat(vPath, (err, stat) => {
             if(err || !stat.isDirectory()) return callback();
             fs.readdir(vPath, (err, files) => {
                 files.filter((fn) => path.extname(fn) == ".pug").forEach((file) => {
-                    var templateName = file.toLowerCase().slice(0, -4);
+                    let templateName = file.toLowerCase().slice(0, -4);
                     if(!this.viewExtensions[templateName]) this.viewExtensions[templateName] = [];
                     this.viewExtensions[templateName].push(path.join(vPath, file));
                 });
@@ -246,21 +246,21 @@ class ModuleManager {
     }
 
     gatherViewExtensions(name, req, res) {
-        var responseFactory = new ResponseFactory(this.app, req, res);
-        var info = responseFactory.getAutomaticTemplateData();
+        let responseFactory = new ResponseFactory(this.app, req, res);
+        let info = responseFactory.getAutomaticTemplateData();
         return this.getViewExtensions(name).map((file) => pug.renderFile(file, info)).join("\n");
     }
 
     // --- Model Extensions ---
 
     processModelExtensionsForModule(meta, callback) {
-        var mePath = path.join(this.modulePaths[meta.identifier], "model_extensions");
+        let mePath = path.join(this.modulePaths[meta.identifier], "model_extensions");
         fs.stat(mePath, (err, stat) => {
             if(err || !stat.isDirectory()) return callback();
             fs.readdir(mePath, (err, files) => {
                 files.filter((fn) => path.extname(fn) == ".js").forEach((file) => {
                     const Override = require(path.join(mePath, file));
-                    var overrides = Override(this.app, DEFAULT_MODEL_OVERRIDE_MANAGER);
+                    let overrides = Override(this.app, DEFAULT_MODEL_OVERRIDE_MANAGER);
                     DataModelManager.registerModuleOverrides(file, overrides);
                 });
                 callback();
diff --git a/util/PaintingManager.js b/util/PaintingManager.js
index 491c7061..d91cdc49 100644
--- a/util/PaintingManager.js
+++ b/util/PaintingManager.js
@@ -37,9 +37,9 @@ function PaintingManager(app) {
         },
 
         loadImageFromDatabase: function() {
-            var hasServed = false;
+            let hasServed = false;
             return new Promise((resolve, reject) => {
-                var serveImage = async (image, skipImmediateCache = false) => {
+                let serveImage = async (image, skipImmediateCache = false) => {
                     this.hasImage = true;
                     this.image = image;
                     this.firstGenerateAfterLoad = true;
@@ -54,8 +54,8 @@ function PaintingManager(app) {
                         await serveImage(image, skipImmediateCache);
                     }
                     Pixel.count({}).then((count) => {
-                        var loaded = 0;
-                        var progressUpdater = setInterval(() => {
+                        let loaded = 0;
+                        let progressUpdater = setInterval(() => {
                             app.logger.info("Startup", `Loaded ${loaded.toLocaleString()} of ${count.toLocaleString()} pixel${count == 1 ? "" : "s"} (${Math.round(loaded / count * 100)}% complete)`);
                         }, 2500);
                         Pixel.find({}).stream().on("data", (pixel) => {
@@ -90,7 +90,7 @@ function PaintingManager(app) {
         },
 
         generateOutputImage: function(skipImmediateCache = false) {
-            var a = this;
+            let a = this;
             return new Promise((resolve, reject) => {
                 if (a.isGenerating) return reject();
                 a.isGenerating = true;
@@ -136,7 +136,7 @@ function PaintingManager(app) {
         },
 
         getColourRGB: function(hex) {
-            var result = /^#?([a-f\d]{2})([a-f\d]{2})([a-f\d]{2})$/i.exec(hex);
+            let result = /^#?([a-f\d]{2})([a-f\d]{2})([a-f\d]{2})$/i.exec(hex);
             return result ? {
                 r: parseInt(result[1], 16),
                 g: parseInt(result[2], 16),
@@ -145,7 +145,7 @@ function PaintingManager(app) {
         },
 
         doPaint: function(colour, x, y, user) {
-            var a = this;
+            let a = this;
             return new Promise((resolve, reject) => {
                 if (!this.hasImage) return reject({message: "Our servers are currently getting ready. Please try again in a moment.", code: "not_ready"});
                 if (app.temporaryUserInfo.isUserPlacing(user)) return reject({message: "You cannot place more than one tile at once.", code: "attempted_overload"});
@@ -159,7 +159,7 @@ function PaintingManager(app) {
                     if (a.pixelsToPreserve) a.pixelsToPreserve.push(pixelData);
                     a.imageHasChanged = true;
                     // Send notice to all clients:
-                    var info = {x: x, y: y, colour: Pixel.getHexFromRGB(colour.r, colour.g, colour.b)};
+                    let info = {x: x, y: y, colour: Pixel.getHexFromRGB(colour.r, colour.g, colour.b)};
                     app.pixelNotificationManager.pixelChanged(info);
                     ActionLogger.log(app, "place", user, null, info);
                     app.userActivityController.recordActivity(user);
diff --git a/util/ResponseFactory.js b/util/ResponseFactory.js
index 5e52a337..760e1921 100644
--- a/util/ResponseFactory.js
+++ b/util/ResponseFactory.js
@@ -10,18 +10,18 @@ class ResponseFactory {
     }
 
     sendRenderedResponse(template, data = null, mimeType = "text/html") {
-        var sendData = this.getAutomaticTemplateData();
+        let sendData = this.getAutomaticTemplateData();
         if (data) sendData = Object.assign({}, sendData, data);
         return this.res.header("Content-Type", mimeType).render(this.root + template, sendData);
     }
 
     getAutomaticTemplateData() {
-        var resources = this.req.place.moduleManager.getResourcesFromModules(this.req);
-        var routerPath = this.req.baseUrl.substr(1);
+        let resources = this.req.place.moduleManager.getResourcesFromModules(this.req);
+        let routerPath = this.req.baseUrl.substr(1);
         if(routerPath.length > 0) routerPath += "/";
-        var redirectURLPart = this.req.path == "/signin" || this.req.path == "/signup" ? "" : encodeURIComponent(routerPath + this.req.url.substr(1));
-        var path = this.req.baseUrl + this.req.path;
-        var data = { url: this.req.url, path: path, config: this.app.config, fs: fs, renderCaptcha: () => this.app.recaptcha.render(), redirectURLPart: redirectURLPart, moduleManager: this.req.place.moduleManager, resources: resources, req: this.req, res: this.res, TOSManager: TOSManager };
+        let redirectURLPart = this.req.path == "/signin" || this.req.path == "/signup" ? "" : encodeURIComponent(routerPath + this.req.url.substr(1));
+        let path = this.req.baseUrl + this.req.path;
+        let data = { url: this.req.url, path: path, config: this.app.config, fs: fs, renderCaptcha: () => this.app.recaptcha.render(), redirectURLPart: redirectURLPart, moduleManager: this.req.place.moduleManager, resources: resources, req: this.req, res: this.res, TOSManager: TOSManager };
         if (typeof this.req.user !== undefined && this.req.user) data.user = this.req.user;
         return data;
     }
diff --git a/util/UserActivityManager.js b/util/UserActivityManager.js
index de367a4b..1077d367 100644
--- a/util/UserActivityManager.js
+++ b/util/UserActivityManager.js
@@ -1,11 +1,11 @@
 const User = require("../models/user");
 
 function UserActivityManager(app) {
-    var controller = {
+    let controller = {
         userActivityTimes: {},
 
         update: function() {
-            var pastTime = new Date().getTime() - (1000 * 60 * 5); // active users last did something in three minute span
+            let pastTime = new Date().getTime() - (1000 * 60 * 5); // active users last did something in three minute span
             this.userActivityTimes = Object.keys(this.userActivityTimes).filter((u) => this.userActivityTimes[u] > pastTime).splice(0, 25).reduce((obj, key) => {
                 obj[key] = this.userActivityTimes[key];
                 return obj;
@@ -20,7 +20,7 @@ function UserActivityManager(app) {
         getInfo: function() {
             return new Promise((resolve, reject) => {
                 User.find({_id: { $in: Object.keys(this.userActivityTimes).splice(0, 25) }}).then(users => {
-                    var info = users.sort((a, b) => this.userActivityTimes[b._id] - this.userActivityTimes[a._id]).map(u => u.toInfo(app));
+                    let info = users.sort((a, b) => this.userActivityTimes[b._id] - this.userActivityTimes[a._id]).map(u => u.toInfo(app));
                     resolve(info);
                 }).catch((err) => reject(err));
             });
diff --git a/util/logger.js b/util/logger.js
index b0b4e0f3..5f5a3b35 100644
--- a/util/logger.js
+++ b/util/logger.js
@@ -11,13 +11,13 @@ const methodColours = {
     error: "\x1b[31m" // red
 }
 
-var lastLogTime = null;
-var messagesSinceLastDatestamp = 0;
+let lastLogTime = null;
+let messagesSinceLastDatestamp = 0;
 
 for (const method of Object.keys(console)) {
     exports[method] = function log(topic, ...args) {
         // Datestamp calculation
-        var now = new Date();
+        let now = new Date();
         // show datestamp for every unique date or every 50 messages for legibility
         if (lastLogTime != null ? now.toDateString() !== lastLogTime.toDateString() : true || messagesSinceLastDatestamp > 50) {
             console.log(`--------- [ MESSAGES ON ${now.toLocaleDateString()} ] ---------`);
diff --git a/util/passport.js b/util/passport.js
index ff3598e4..17043b3a 100644
--- a/util/passport.js
+++ b/util/passport.js
@@ -16,7 +16,7 @@ const config = require("../config/config");
 const ActionLogger = require("../util/ActionLogger");
 
 module.exports = function(passport, app) {
-    var opts = {};
+    let opts = {};
     opts.jwtFromRequest = ExtractJwt.fromAuthHeader();
     opts.secretOrKey = config.secret;
     passport.use(new JwtStrategy(opts, function(jwt_payload, done) {
diff --git a/views/admin/dashboard.pug b/views/admin/dashboard.pug
index e7b61d54..fee22a5f 100644
--- a/views/admin/dashboard.pug
+++ b/views/admin/dashboard.pug
@@ -11,8 +11,8 @@ mixin renderDashboardStat(id, name, underName, moreInfo)
                 br
                 small #{moreInfo}
 block adminDependencies
-    - var js = ["/js/build/admin_dashboard.js", "https://cdn.jsdelivr.net/gh/rmm5t/jquery-timeago@180864a9c544a49e43719b457250af216d5e4c3a/jquery.timeago.js"];
-    - var jsSnippets = [`loadRecentActionsIntoContainer($("#actions-ctn"), 10, false, false)`];
+    - let js = ["/js/build/admin_dashboard.js", "https://cdn.jsdelivr.net/gh/rmm5t/jquery-timeago@180864a9c544a49e43719b457250af216d5e4c3a/jquery.timeago.js"];
+    - let jsSnippets = [`loadRecentActionsIntoContainer($("#actions-ctn"), 10, false, false)`];
 block adminContent
     h1.page-header Dashboard
     // Status Updates
diff --git a/views/admin/similar_users.pug b/views/admin/similar_users.pug
index 8ccd14bd..7245464b 100644
--- a/views/admin/similar_users.pug
+++ b/views/admin/similar_users.pug
@@ -1,7 +1,7 @@
 extends ../admin_layout
 block adminDependencies
-    - var js = ["https://cdn.jsdelivr.net/gh/rmm5t/jquery-timeago@180864a9c544a49e43719b457250af216d5e4c3a/jquery.timeago.js", "/js/build/admin_similar_users.js"];
-    - var jsSnippets = [`var defaultBanReason = "Alternate account of ${target.name}";`, `var userID = "${target.id}";`];
+    - let js = ["https://cdn.jsdelivr.net/gh/rmm5t/jquery-timeago@180864a9c544a49e43719b457250af216d5e4c3a/jquery.timeago.js", "/js/build/admin_similar_users.js"];
+    - let jsSnippets = [`let defaultBanReason = "Alternate account of ${target.name}";`, `let userID = "${target.id}";`];
 block adminContent
     .page-header
         h1 Similar Accounts
diff --git a/views/admin/users.pug b/views/admin/users.pug
index 78a9bc6e..ceed4d5c 100644
--- a/views/admin/users.pug
+++ b/views/admin/users.pug
@@ -1,7 +1,7 @@
 extends ../admin_layout
 block adminDependencies
-    - var css = ["https://cdn.datatables.net/1.10.13/css/dataTables.bootstrap.min.css"];
-    - var js = ["https://cdn.datatables.net/1.10.13/js/jquery.dataTables.min.js", "https://cdn.datatables.net/1.10.13/js/dataTables.bootstrap.min.js", "/js/build/admin_users.js"];
+    - let css = ["https://cdn.datatables.net/1.10.13/css/dataTables.bootstrap.min.css"];
+    - let js = ["https://cdn.datatables.net/1.10.13/js/jquery.dataTables.min.js", "https://cdn.datatables.net/1.10.13/js/dataTables.bootstrap.min.js", "/js/build/admin_users.js"];
 block adminContent
     h1.page-header Users
     table.table#users
diff --git a/views/admin_layout.pug b/views/admin_layout.pug
index 72779e9b..2f29ec86 100644
--- a/views/admin_layout.pug
+++ b/views/admin_layout.pug
@@ -1,6 +1,6 @@
 extends layout
 mixin renderAdminNavItem(name, itemPath)
-    - var isCurrentPage = itemPath == path;
+    - let isCurrentPage = itemPath == path;
     li(class=(isCurrentPage ? "active": ""))
         a(href=itemPath)
             .
@@ -11,11 +11,11 @@ block dependencies
     block adminDependencies
     - if (typeof pageTitle === "undefined") pageTitle = null;
     - if (typeof user === "undefined") user = null;
-    - var userAdmin = user ? user.admin : false;
-    - var pageTitle = !!pageTitle ? pageTitle + " &middot; Admin" : "Admin";
-    - var css = ["/css/dashboard.css", "https://cdnjs.cloudflare.com/ajax/libs/bootstrap-select/1.12.2/css/bootstrap-select.min.css"].concat(typeof css === "undefined" ? [] : css);
-    - var js = ["https://cdnjs.cloudflare.com/ajax/libs/bootstrap-select/1.12.2/js/bootstrap-select.min.js"].concat(typeof js === "undefined" ? [] : js);
-    - var isAdmin = true;
+    - let userAdmin = user ? user.admin : false;
+    - let pageTitle = !!pageTitle ? pageTitle + " &middot; Admin" : "Admin";
+    - let css = ["/css/dashboard.css", "https://cdnjs.cloudflare.com/ajax/libs/bootstrap-select/1.12.2/css/bootstrap-select.min.css"].concat(typeof css === "undefined" ? [] : css);
+    - let js = ["https://cdnjs.cloudflare.com/ajax/libs/bootstrap-select/1.12.2/js/bootstrap-select.min.js"].concat(typeof js === "undefined" ? [] : js);
+    - let isAdmin = true;
 block content
     .container-fluid
         .row
diff --git a/views/errors/404.pug b/views/errors/404.pug
index c8319b2b..a8c54ac5 100644
--- a/views/errors/404.pug
+++ b/views/errors/404.pug
@@ -1,6 +1,6 @@
 extends ../layout
 block dependencies
-    - var pageTitle = "Page not found"
+    - let pageTitle = "Page not found"
 block content
     .container.norctn
         h1 Page not found!
diff --git a/views/errors/500.pug b/views/errors/500.pug
index bffe1011..af3cd71e 100644
--- a/views/errors/500.pug
+++ b/views/errors/500.pug
@@ -1,7 +1,7 @@
 
 extends ../layout
 block dependencies
-    - var pageTitle = "Server error"
+    - let pageTitle = "Server error"
 block content
     .container.norctn
         h1 Server error
diff --git a/views/layout.pug b/views/layout.pug
index 65c75ec0..7a410bf4 100644
--- a/views/layout.pug
+++ b/views/layout.pug
@@ -8,23 +8,23 @@ block dependencies
 - if(typeof pinnable === "undefined") pinnable = false;
 - if(typeof navbarSupportsTopMode === "undefined") navbarSupportsTopMode = false;
 - if(typeof isPoppedOut === "undefined") isPoppedOut = false;
-- var userAdmin = user ? user.admin : false, userMod = user ? user.moderator || userAdmin : false;
+- let userAdmin = user ? user.admin : false, userMod = user ? user.moderator || userAdmin : false;
 - if(typeof needsHelp === "undefined") needsHelp = false;
-- var resourceVersion = "10"; // Increment this when you make a change to the HTML that absolutely requires CSS or JS refreshing
+- let resourceVersion = "10"; // Increment this when you make a change to the HTML that absolutely requires CSS or JS refreshing
 - css = resources.css.concat(css);
-- var bodyClasses = ["fixed-navbar"];
+- let bodyClasses = ["fixed-navbar"];
 - if (user) bodyClasses.push("signed-in");
 - if (isPoppedOut) bodyClasses.push("is-popped-out");
-- var hasCommunityGuidelines = fs.existsSync("./config/community_guidelines.md");
-- var hasTOS = TOSManager.hasTOSSync();
-- var hasPP = TOSManager.hasPrivacyPolicySync();
+- let hasCommunityGuidelines = fs.existsSync("./config/community_guidelines.md");
+- let hasTOS = TOSManager.hasTOSSync();
+- let hasPP = TOSManager.hasPrivacyPolicySync();
 mixin renderBadge(badge, prefersShortText = false)
   span.label.badge-label(class=`label-${badge.style || "default"}`, title=badge.title) #{prefersShortText && badge.shortText ? badge.shortText : badge.text}
 mixin renderBadges(badges, prefersShortText = false)
   each badge in badges
     +renderBadge(badge, prefersShortText)
 mixin renderNavItem(name, itemPath, icon, showsName = true)
-  - var isCurrentPage = itemPath == (overrideNavPath || path) || (isAdmin && itemPath == "/admin");
+  - let isCurrentPage = itemPath == (overrideNavPath || path) || (isAdmin && itemPath == "/admin");
   li(id=`nav-${name.toLowerCase().replace(/[^0-9a-z ]/gi, '').replace(/ /g, "-")}`, class=(isCurrentPage ? "active" : ""))
     a(href=itemPath)
       if icon
@@ -152,7 +152,7 @@ html(lang="en")
 - if(typeof user === "undefined") user = null;
 - if(typeof js === "undefined" || !js) js = [];
 - if(typeof jsSnippets === "undefined" || !jsSnippets) jsSnippets = [];
-- var userAdmin = user ? user.admin : false, userMod = user ? user.moderator || userAdmin : false;
+- let userAdmin = user ? user.admin : false, userMod = user ? user.moderator || userAdmin : false;
 - if(userMod) { js.unshift("/js/bootbox.min.js"); js.unshift("/js/build/mod_tools.js");}
 - if(typeof jsModSnippets === "undefined" || !jsModSnippets || !userMod) jsModSnippets = [];
 - js = resources.js.concat(js);
diff --git a/views/public/account.pug b/views/public/account.pug
index 3a9f0294..360a32b2 100644
--- a/views/public/account.pug
+++ b/views/public/account.pug
@@ -1,19 +1,19 @@
 extends ../layout
 block dependencies
-    - var isSelf = user ? user.id == profileUser.id : false;
-    - if (isSelf) var overrideNavPath = "/account";    
-    - var pixel = profileUserInfo.latestPixel;
-    - var boardImageCorrection = (1000 / config.boardSize) * 4;
-    - var pageTitle = isSelf ? "Account Details" : `${profileUser.name}'s Profile`;
-    - var pageDesc = isSelf ? `View information about your ${config.siteName} account.` : `View ${profileUser.name}'s profile on ${config.siteName}.`;
-    - var css = ["/css/dashboard.css", "/css/profile.css"];
-    - var navbarSupportsTopMode = !!profileUserInfo.latestPixel;
+    - let isSelf = user ? user.id == profileUser.id : false;
+    - if (isSelf) let overrideNavPath = "/account";    
+    - let pixel = profileUserInfo.latestPixel;
+    - let boardImageCorrection = (1000 / config.boardSize) * 4;
+    - let pageTitle = isSelf ? "Account Details" : `${profileUser.name}'s Profile`;
+    - let pageDesc = isSelf ? `View information about your ${config.siteName} account.` : `View ${profileUser.name}'s profile on ${config.siteName}.`;
+    - let css = ["/css/dashboard.css", "/css/profile.css"];
+    - let navbarSupportsTopMode = !!profileUserInfo.latestPixel;
     - js = ["/js/tooltip.js", "/js/build/account.js", "https://cdn.jsdelivr.net/gh/rmm5t/jquery-timeago@180864a9c544a49e43719b457250af216d5e4c3a/jquery.timeago.js"];
     - jsModSnippets = [`  $(document).ready(function() {
     -    $("#profile-mod-tools-ctn").html(renderUserActions(${JSON.stringify(profileUser)}));
     -  });`];
 block content
-    - var has2FA = profileUser.twoFactorAuthEnabled();
+    - let has2FA = profileUser.twoFactorAuthEnabled();
     if pixel
         a(href=`/#x=${pixel.point.x}&y=${pixel.point.y}`)
             .profile-header(style=`background-position: calc(50% - ${(pixel.point.x - (config.boardSize / 2)) * boardImageCorrection}px) ${-(pixel.point.y * boardImageCorrection) + 175}px;`)
@@ -28,7 +28,7 @@ block content
                             #{profileUser.name}
                         +renderBadges(profileUser.getBadges(null))
                     .subdetails
-                        - var rank = profileUserInfo.statistics.leaderboardRank;
+                        - let rank = profileUserInfo.statistics.leaderboardRank;
                         if rank !== null
                             div
                                 span.value ##{profileUserInfo.statistics.leaderboardRank.toLocaleString()}
diff --git a/views/public/deactivated.pug b/views/public/deactivated.pug
index 3a4a892b..090f2963 100644
--- a/views/public/deactivated.pug
+++ b/views/public/deactivated.pug
@@ -1,6 +1,6 @@
 extends ../layout
 block dependencies
-    - var pageTitle = "Account Deactivated"
+    - let pageTitle = "Account Deactivated"
 block content
     .container.norctn
         h1 Account Deactivated
diff --git a/views/public/deleted.pug b/views/public/deleted.pug
index 5318ce4c..1b5a7d77 100644
--- a/views/public/deleted.pug
+++ b/views/public/deleted.pug
@@ -1,6 +1,6 @@
 extends ../layout
 block dependencies
-    - var pageTitle = "Account Deleted"
+    - let pageTitle = "Account Deleted"
 block content
     .container.norctn
         h1 Account Deleted
diff --git a/views/public/force-pw-reset.pug b/views/public/force-pw-reset.pug
index 7a02349a..37905da7 100644
--- a/views/public/force-pw-reset.pug
+++ b/views/public/force-pw-reset.pug
@@ -1,7 +1,7 @@
 extends ../layout
 block dependencies
-    - var pageTitle = "Reset your Password";
-    - var css = ["/css/signin.css"];
+    - let pageTitle = "Reset your Password";
+    - let css = ["/css/signin.css"];
     - if (typeof error === "undefined") error = null;
 block content
     .container
diff --git a/views/public/index.pug b/views/public/index.pug
index 1a4cf3cc..79f015ba 100644
--- a/views/public/index.pug
+++ b/views/public/index.pug
@@ -1,10 +1,10 @@
 extends ../layout
 block dependencies
-    - var css = ["https://cdnjs.cloudflare.com/ajax/libs/bootstrap-slider/10.0.0/css/bootstrap-slider.min.css", "https://cdn.jsdelivr.net/jquery.minicolors/2.1.2/jquery.minicolors.css", "/css/place.css"];
-    - var pinnable = true;
-    - var needsLegit = true;
-    - var needsHelp = true;
-    - var pageDesc = "Work together to create something amazing. Join thousands of other users and see what happens when you share one huge canvas.";
+    - let css = ["https://cdnjs.cloudflare.com/ajax/libs/bootstrap-slider/10.0.0/css/bootstrap-slider.min.css", "https://cdn.jsdelivr.net/jquery.minicolors/2.1.2/jquery.minicolors.css", "/css/place.css"];
+    - let pinnable = true;
+    - let needsLegit = true;
+    - let needsHelp = true;
+    - let pageDesc = "Work together to create something amazing. Join thousands of other users and see what happens when you share one huge canvas.";
 block content
     +getViewExtensions("main")
     include views/place
@@ -25,4 +25,4 @@ block content
     unless user
         include views/auth-dialog
     include views/help-dialog
-    - var js = ["https://cdn.jsdelivr.net/interact.js/1.2.6/interact.min.js", "https://cdnjs.cloudflare.com/ajax/libs/bootstrap-slider/10.0.0/bootstrap-slider.min.js", "https://cdn.jsdelivr.net/jquery.minicolors/2.1.2/jquery.minicolors.min.js", "https://cdn.jsdelivr.net/clipboard.js/1.6.0/clipboard.min.js", "https://unpkg.com/eventemitter3@^4.0.0/umd/eventemitter3.min.js", "/js/build/socket.js", "/js/build/popout.js", "/js/build/place.js", "https://cdn.jsdelivr.net/gh/rmm5t/jquery-timeago@180864a9c544a49e43719b457250af216d5e4c3a/jquery.timeago.js"];
+    - let js = ["https://cdn.jsdelivr.net/interact.js/1.2.6/interact.min.js", "https://cdnjs.cloudflare.com/ajax/libs/bootstrap-slider/10.0.0/bootstrap-slider.min.js", "https://cdn.jsdelivr.net/jquery.minicolors/2.1.2/jquery.minicolors.min.js", "https://cdn.jsdelivr.net/clipboard.js/1.6.0/clipboard.min.js", "https://unpkg.com/eventemitter3@^4.0.0/umd/eventemitter3.min.js", "/js/build/socket.js", "/js/build/popout.js", "/js/build/place.js", "https://cdn.jsdelivr.net/gh/rmm5t/jquery-timeago@180864a9c544a49e43719b457250af216d5e4c3a/jquery.timeago.js"];
diff --git a/views/public/pick-username.pug b/views/public/pick-username.pug
index 8f43cfad..11b40d94 100644
--- a/views/public/pick-username.pug
+++ b/views/public/pick-username.pug
@@ -1,7 +1,7 @@
 extends ../layout
 block dependencies
-    - var pageTitle = "Pick a Username";
-    - var css = ["/css/signin.css"];
+    - let pageTitle = "Pick a Username";
+    - let css = ["/css/signin.css"];
 block content
     - if (typeof username === "undefined") username = "";
     - if (typeof error === "undefined") error = null;
diff --git a/views/public/popout.pug b/views/public/popout.pug
index 2b54e40c..c26d51e5 100644
--- a/views/public/popout.pug
+++ b/views/public/popout.pug
@@ -1,8 +1,8 @@
 extends ../layout
 block dependencies
-    - var css = ["/css/place.css", "/css/popout.css"];
-    - var js = ["https://unpkg.com/eventemitter3@latest/umd/eventemitter3.min.js", "/js/build/socket.js", "/js/build/popout.js", "https://cdn.jsdelivr.net/gh/rmm5t/jquery-timeago@180864a9c544a49e43719b457250af216d5e4c3a/jquery.timeago.js"];
-    - var pageTitle = "Popout";
-    - var isPoppedOut = true;
+    - let css = ["/css/place.css", "/css/popout.css"];
+    - let js = ["https://unpkg.com/eventemitter3@latest/umd/eventemitter3.min.js", "/js/build/socket.js", "/js/build/popout.js", "https://cdn.jsdelivr.net/gh/rmm5t/jquery-timeago@180864a9c544a49e43719b457250af216d5e4c3a/jquery.timeago.js"];
+    - let pageTitle = "Popout";
+    - let isPoppedOut = true;
 block content
     include views/popout-container
\ No newline at end of file

From b48b47d96960d2a5f2f02be75fba03657d215079 Mon Sep 17 00:00:00 2001
From: Dalia Alawneh <alawnehdalia340@gmail.com>
Date: Sat, 22 Jul 2023 15:57:19 +0300
Subject: [PATCH 2/3] Refactor: Convert let variables to const

---
 controllers/AdminActionsController.js        |   4 +-
 controllers/AuthController.js                |   2 +-
 controllers/ChatController.js                |   4 +-
 controllers/FeatureAvailabilityController.js |   2 +-
 controllers/JWTController.js                 |   2 +-
 controllers/ModeratorUserController.js       |   2 +-
 controllers/UsernamePickerController.js      |  20 +--
 models/access.js                             |  24 ++--
 models/action.js                             |  12 +-
 models/chatMessage.js                        |  10 +-
 models/pixel.js                              |  26 ++--
 models/report.js                             |   6 +-
 models/user.js                               | 124 +++++++++----------
 models/warp.js                               |  16 +--
 routes/admin.js                              |   2 +-
 routes/api.js                                |   2 +-
 routes/oauth.js                              |   2 +-
 routes/public.js                             |   2 +-
 util/HTTPServer.js                           |   6 +-
 util/JavaScriptProcessor.js                  |   2 +-
 util/LeaderboardManager.js                   |   2 +-
 util/UserActivityManager.js                  |   2 +-
 util/passport.js                             |   2 +-
 23 files changed, 138 insertions(+), 138 deletions(-)

diff --git a/controllers/AdminActionsController.js b/controllers/AdminActionsController.js
index 77eb85fc..5fe9c19d 100644
--- a/controllers/AdminActionsController.js
+++ b/controllers/AdminActionsController.js
@@ -4,8 +4,8 @@ const ActionLogger = require("../util/ActionLogger");
 
 exports.getAPIStats = (req, res, next) => {
     let signups24h = null, pixelsPlaced24h = null, pixelsPerMin = null;
-    let dateBack24h = new Date(new Date().getTime() - (24 * 60 * 60 * 1000));
-    let dateBack20m = new Date(new Date().getTime() - (20 * 60 * 1000));
+    const dateBack24h = new Date(new Date().getTime() - (24 * 60 * 60 * 1000));
+    const dateBack20m = new Date(new Date().getTime() - (20 * 60 * 1000));
     function finish() {
         return res.json({ success: true, stats: { online: req.place.websocketServer.connectedClients, signups24h: signups24h, pixelsPlaced24h: pixelsPlaced24h, pixelsPerMin: pixelsPerMin } });
     }
diff --git a/controllers/AuthController.js b/controllers/AuthController.js
index 66995682..7105ce9e 100644
--- a/controllers/AuthController.js
+++ b/controllers/AuthController.js
@@ -76,7 +76,7 @@ exports.getSignOut = (req, res, next) => {
     ActionLogger.log(req.place, "signOut", req.user);
     req.logout();
     req.session = null;
-    let redirectURL = typeof req.query.redirectURL !== "undefined" ? req.query.redirectURL : null;
+    const redirectURL = typeof req.query.redirectURL !== "undefined" ? req.query.redirectURL : null;
     let shouldUseRedirect = redirectURL && redirectURL != "/" && !absoluteURLRegex.test(redirectURL);
     return res.redirect(`/${(shouldUseRedirect ? redirectURL : "")}`);
 };
diff --git a/controllers/ChatController.js b/controllers/ChatController.js
index 84d2beac..7ab9597a 100644
--- a/controllers/ChatController.js
+++ b/controllers/ChatController.js
@@ -3,8 +3,8 @@ const ActionLogger = require("../util/ActionLogger")
 
 exports.getAPIChat = (req, res, next) => {
     ChatMessage.getLatestMessages().then((messages) => {
-        let overrideDataAccess = req.user && (req.user.moderator || req.user.admin);
-        let promises = messages.reverse().map((m) => m.getInfo(overrideDataAccess));
+        const overrideDataAccess = req.user && (req.user.moderator || req.user.admin);
+        const promises = messages.reverse().map((m) => m.getInfo(overrideDataAccess));
         Promise.all(promises).then((messages) => {
             // Removed banned users' messages if we're not mod
             if(overrideDataAccess !== true) messages = messages.filter((m) => (!m.user || !m.user.banned) && (m.userError != "ban"));
diff --git a/controllers/FeatureAvailabilityController.js b/controllers/FeatureAvailabilityController.js
index ddeee8fb..49f160f2 100644
--- a/controllers/FeatureAvailabilityController.js
+++ b/controllers/FeatureAvailabilityController.js
@@ -1,5 +1,5 @@
 exports.getAvailability = (req, res, next) => {
-    let features = {
+    const features = {
         colours: req.place.colours,
         flags: req.place.config.pixelFlags || []
     }
diff --git a/controllers/JWTController.js b/controllers/JWTController.js
index 76527746..f7f40e2c 100644
--- a/controllers/JWTController.js
+++ b/controllers/JWTController.js
@@ -6,7 +6,7 @@ exports.identifyAPIUser = (req, res, next) => {
     if (!req.body.username || !req.body.password) return res.status(400).json({ success: false, error: { message: "A username and password are required.", code: "invalid_parameters" } });
     passport.authenticate("local", { session: false }, function(err, user, info) {
         if (!user) return res.status(500).json({ success: false, error: info.error || { message: "An unknown error occurred." } });
-        let token = jwt.encode(user, req.place.config.secret);
+        const token = jwt.encode(user, req.place.config.secret);
         res.json({ success: true, token: `JWT ${token}`, user: user.toInfo(req.place) }); // create and return jwt token here
     })(req, res, next);
 };
\ No newline at end of file
diff --git a/controllers/ModeratorUserController.js b/controllers/ModeratorUserController.js
index 40ab098e..c82d8f3b 100644
--- a/controllers/ModeratorUserController.js
+++ b/controllers/ModeratorUserController.js
@@ -5,7 +5,7 @@ const fs = require("fs");
 const Action = require("../models/action");
 
 exports.getAPIUsersTable = (req, res, next) => {
-    let searchValue = req.body.search ? req.body.search.value || "" : "";
+    const searchValue = req.body.search ? req.body.search.value || "" : "";
     let sort = { creationDate: "desc" };
     if(req.body.order && req.body.order.length > 0 && req.body.columns) {
         if(req.body.columns.length > req.body.order[0].column || 1) {
diff --git a/controllers/UsernamePickerController.js b/controllers/UsernamePickerController.js
index c042612e..ff6f2e8c 100644
--- a/controllers/UsernamePickerController.js
+++ b/controllers/UsernamePickerController.js
@@ -2,23 +2,23 @@ const fs = require("fs");
 
 exports.postUsername = (req, res, next) => {
     function renderResponse(errorMsg) {
-        return req.responseFactory.sendRenderedResponse("public/pick-username", { captcha: req.place.enableCaptcha, error: { message: errorMsg || "An unknown error occurred" }, username: req.body.username, user: {name: ""} });
+        return req.responseFactory.sendRenderedResponse("public/pick-username", { captcha: req.place.enableCaptcha, error: { message: errorMsg || "An unknown error occurred" }, username: req.body.username, user: { name: "" } });
     }
-    if(req.user.usernameSet) res.redirect("/");
-    
+    if (req.user.usernameSet) res.redirect("/");
+
     // Check if we can actually do this
     const config = req.place.config;
     if (config.maintenance && !config.maintenance.allowSignups) {
         req.logout();
         return res.redirect(403, "/");
     }
-    
-    let user = req.user;
+
+    const user = req.user;
     user.name = req.body.username;
     function doPickUsername() {
-        user.setUserName(user.name, function(err) {
-            if(err) return renderResponse(err.message);
-            req.login(user, function(err) {
+        user.setUserName(user.name, function (err) {
+            if (err) return renderResponse(err.message);
+            req.login(user, function (err) {
                 if (err) {
                     req.place.reportError("Unknown user login error.");
                     return renderResponse("An unknown error occurred.");
@@ -29,9 +29,9 @@ exports.postUsername = (req, res, next) => {
     }
     fs.exists(__dirname + "/../config/community_guidelines.md", (exists) => {
         if (!req.body.agreeToGuidelines && exists) return renderResponse("You must agree to the community guidelines to use this service.");
-        if(req.place.enableCaptcha) {
+        if (req.place.enableCaptcha) {
             req.place.recaptcha.verify(req, (error) => {
-                if(error) return renderResponse("Please fill in the captcha properly.");
+                if (error) return renderResponse("Please fill in the captcha properly.");
                 doPickUsername();
             });
         } else doPickUsername();
diff --git a/models/access.js b/models/access.js
index 46f8c7f3..806093e8 100644
--- a/models/access.js
+++ b/models/access.js
@@ -3,7 +3,7 @@ const crypto = require("crypto");
 const mongoose = require("mongoose");
 const Schema = mongoose.Schema;
 
-let AccessSchema = new Schema({
+const AccessSchema = new Schema({
     userID: {
         type: Schema.ObjectId,
         required: true
@@ -29,7 +29,7 @@ let AccessSchema = new Schema({
     }
 });
 
-AccessSchema.methods.toInfo = function(userIDs = true) {
+AccessSchema.methods.toInfo = function (userIDs = true) {
     let info = {
         date: this.date,
         userAgent: this.userAgent,
@@ -39,15 +39,15 @@ AccessSchema.methods.toInfo = function(userIDs = true) {
     return info;
 }
 
-AccessSchema.statics.getHashedIPAddress = function(ipAddress) {
+AccessSchema.statics.getHashedIPAddress = function (ipAddress) {
     return crypto.createHash('sha256').update(ipAddress).digest('base64');
 }
 
-AccessSchema.statics.recordAccess = function(req, userID) {
+AccessSchema.statics.recordAccess = function (req, userID) {
     this.recordAccessInfo(req.place, userID, req.get("User-Agent"), req.get("X-Forwarded-For") || req.connection.remoteAddress, (typeof req.key !== "undefined" ? req.key : null));
 }
 
-AccessSchema.statics.recordAccessInfo = function(app, userID, userAgent, ipAddress, key) {
+AccessSchema.statics.recordAccessInfo = function (app, userID, userAgent, ipAddress, key) {
     let ipHash = this.getHashedIPAddress(ipAddress);
     this.findOneAndUpdate({
         userID: userID,
@@ -61,18 +61,18 @@ AccessSchema.statics.recordAccessInfo = function(app, userID, userAgent, ipAddre
         hashedIPAddress: ipHash,
         key: key
     }, { upsert: true }, (err, access) => {
-        if(err) app.reportError("Couldn't record access attempt: " + err);
+        if (err) app.reportError("Couldn't record access attempt: " + err);
     });
 }
 
-AccessSchema.statics.findIPsForUser = function(user) {
+AccessSchema.statics.findIPsForUser = function (user) {
     return new Promise((resolve, reject) => {
-        this.find({userID: user._id}).then((accesses) => resolve(accesses.map((access) => access.hashedIPAddress))).catch(reject);
+        this.find({ userID: user._id }).then((accesses) => resolve(accesses.map((access) => access.hashedIPAddress))).catch(reject);
     });
 }
 
-AccessSchema.statics.getUniqueIPsAndUserAgentsForUser = async function(user) {
-    const accesses = await this.find({userID: user._id});
+AccessSchema.statics.getUniqueIPsAndUserAgentsForUser = async function (user) {
+    const accesses = await this.find({ userID: user._id });
     // The [...new Set(array)] is filtering all duplicate strings, and I found it was the most efficient.
     const ipAddresses = [...new Set(accesses.map((access) => access.hashedIPAddress))];
     const userAgents = [...new Set(accesses.map((access) => access.userAgent))];
@@ -84,7 +84,7 @@ AccessSchema.statics.getUniqueIPsAndUserAgentsForUser = async function(user) {
     };
 }
 
-AccessSchema.statics.findSimilarIPUserIDs = function(user) {
+AccessSchema.statics.findSimilarIPUserIDs = function (user) {
     return new Promise((resolve, reject) => {
         this.findIPsForUser(user).then((ipAddresses) => {
             this.find({ hashedIPAddress: { $in: ipAddresses }, userID: { $ne: user._id } }).then((accesses) => {
@@ -95,7 +95,7 @@ AccessSchema.statics.findSimilarIPUserIDs = function(user) {
     });
 }
 
-AccessSchema.methods.migrateIPAddress = function() {
+AccessSchema.methods.migrateIPAddress = function () {
     this.hashedIPAddress = AccessSchema.statics.getHashedIPAddress(this.ipAddress);
     this.ipAddress = null;
     return this.save();
diff --git a/models/action.js b/models/action.js
index 18673338..af487ea6 100644
--- a/models/action.js
+++ b/models/action.js
@@ -3,7 +3,7 @@ const mongoose = require("mongoose");
 const Schema = mongoose.Schema;
 const User = require("./user");
 
-let ActionSchema = new Schema({
+const ActionSchema = new Schema({
     actionID: {
         type: String,
         required: true
@@ -17,7 +17,7 @@ let ActionSchema = new Schema({
     moderatingUserID: Schema.ObjectId
 });
 
-ActionSchema.methods.toInfo = function(userIDs = true) {
+ActionSchema.methods.toInfo = function (userIDs = true) {
     let info = {
         id: this.id,
         action: this.actionID,
@@ -31,17 +31,17 @@ ActionSchema.methods.toInfo = function(userIDs = true) {
     return info
 }
 
-ActionSchema.methods.getInfo = function() {
+ActionSchema.methods.getInfo = function () {
     return new Promise((resolve, reject) => {
         let info = this.toInfo();
-        if(this.performingUserID) {
+        if (this.performingUserID) {
             User.findById(this.performingUserID).then((user) => {
                 info.performingUser = user.toInfo();
-                if(this.moderatingUserID) User.findById(this.moderatingUserID).then((mod) => {info.moderatingUser = mod.toInfo(); resolve(info) }).catch(() => resolve(info));
+                if (this.moderatingUserID) User.findById(this.moderatingUserID).then((mod) => { info.moderatingUser = mod.toInfo(); resolve(info) }).catch(() => resolve(info));
                 else resolve(info);
             }).catch((err) => {
                 info.performingUser = null;
-                if(this.moderatingUserID) User.findById(this.moderatingUserID).then((mod) => {info.moderatingUser = mod.toInfo(); resolve(info) }).catch(() => resolve(info));
+                if (this.moderatingUserID) User.findById(this.moderatingUserID).then((mod) => { info.moderatingUser = mod.toInfo(); resolve(info) }).catch(() => resolve(info));
                 else resolve(info);
             })
         } else {
diff --git a/models/chatMessage.js b/models/chatMessage.js
index 557c99e6..75c0dee7 100644
--- a/models/chatMessage.js
+++ b/models/chatMessage.js
@@ -3,7 +3,7 @@ const mongoose = require("mongoose");
 const Schema = mongoose.Schema;
 const User = require("./user");
 
-let ChatMessageSchema = new Schema({
+const ChatMessageSchema = new Schema({
     userID: {
         type: Schema.ObjectId,
         required: true
@@ -39,7 +39,7 @@ let ChatMessageSchema = new Schema({
     }
 });
 
-ChatMessageSchema.methods.toInfo = function(userIDs = true) {
+ChatMessageSchema.methods.toInfo = function (userIDs = true) {
     let info = {
         id: this.id,
         date: this.date,
@@ -53,13 +53,13 @@ ChatMessageSchema.methods.toInfo = function(userIDs = true) {
     return info;
 }
 
-ChatMessageSchema.methods.getInfo = function(overrideDataAccess = false) {
+ChatMessageSchema.methods.getInfo = function (overrideDataAccess = false) {
     return new Promise((resolve, reject) => {
         User.getPubliclyAvailableUserInfo(this.userID, overrideDataAccess, null, false).then((userInfo) => resolve(Object.assign(this.toInfo(), userInfo))).catch((err) => reject(err));
     })
 }
 
-ChatMessageSchema.statics.createMessage = function(app, userID, text, xPos, yPos) {
+ChatMessageSchema.statics.createMessage = function (app, userID, text, xPos, yPos) {
     return this({
         userID: userID,
         date: Date(),
@@ -69,7 +69,7 @@ ChatMessageSchema.statics.createMessage = function(app, userID, text, xPos, yPos
     }).save();
 }
 
-ChatMessageSchema.statics.getLatestMessages = function(limit = 50) {
+ChatMessageSchema.statics.getLatestMessages = function (limit = 50) {
     return this.find({ deleted: { $ne: true } }).sort({ date: -1 }).limit(limit);
 }
 
diff --git a/models/pixel.js b/models/pixel.js
index e851720e..89e49b86 100644
--- a/models/pixel.js
+++ b/models/pixel.js
@@ -2,11 +2,11 @@ const DataModelManager = require("../util/DataModelManager");
 const mongoose = require("mongoose");
 const Schema = mongoose.Schema;
 
-let colourPieceValidator = function(c) {
+const colourPieceValidator = function (c) {
     return Number.isInteger(c) && c >= 0 && c <= 255;
 }
 
-let PixelSchema = new Schema({
+const PixelSchema = new Schema({
     xPos: {
         type: Number,
         required: true,
@@ -57,7 +57,7 @@ let PixelSchema = new Schema({
     }
 });
 
-PixelSchema.methods.toInfo = function(userIDs = true) {
+PixelSchema.methods.toInfo = function (userIDs = true) {
     let info = {
         point: {
             x: this.xPos,
@@ -70,12 +70,12 @@ PixelSchema.methods.toInfo = function(userIDs = true) {
     return info;
 }
 
-PixelSchema.statics.addPixel = function(colour, x, y, userID, app, callback) {
+PixelSchema.statics.addPixel = function (colour, x, y, userID, app, callback) {
     let pn = this;
     x = parseInt(x), y = parseInt(y);
-    if(isNaN(x) || isNaN(y)) return callback(null, { message: "Invalid positions provided." });
+    if (isNaN(x) || isNaN(y)) return callback(null, { message: "Invalid positions provided." });
     // TODO: Get actual position below:
-    if(x < 0 || y < 0 || x >= app.config.boardSize || y >= app.config.boardSize) return callback(null, { message: "Position is out of bounds." });
+    if (x < 0 || y < 0 || x >= app.config.boardSize || y >= app.config.boardSize) return callback(null, { message: "Position is out of bounds." });
     this.findOne({
         xPos: x,
         yPos: y
@@ -91,7 +91,7 @@ PixelSchema.statics.addPixel = function(colour, x, y, userID, app, callback) {
             wasIdentical = pixel.editorID == userID && pixel.colourR == colour.r && pixel.colourG == colour.g && pixel.colourB == colour.b; // set to identical if colour matched old pixel
         }
         if (!wasIdentical) { // if the pixel was changed
-            if(!pixel) { // if the spot was blank, create a new one
+            if (!pixel) { // if the spot was blank, create a new one
                 pixel = pn({
                     xPos: x,
                     yPos: y
@@ -120,22 +120,22 @@ PixelSchema.statics.addPixel = function(colour, x, y, userID, app, callback) {
     });
 }
 
-PixelSchema.methods.getInfo = function(overrideDataAccess = false, app = null) {
+PixelSchema.methods.getInfo = function (overrideDataAccess = false, app = null) {
     return new Promise((resolve, reject) => {
         let info = this.toInfo();
         require("./user").getPubliclyAvailableUserInfo(this.editorID, overrideDataAccess, app).then((userInfo) => resolve(Object.assign(info, userInfo))).catch((err) => reject(err));
     });
 }
 
-PixelSchema.methods.getSocketInfo = function() {
-    return {x: this.xPos, y: this.yPos, colour: this.getHexColour()};
+PixelSchema.methods.getSocketInfo = function () {
+    return { x: this.xPos, y: this.yPos, colour: this.getHexColour() };
 }
 
-PixelSchema.methods.getHexColour = function() {
+PixelSchema.methods.getHexColour = function () {
     return PixelSchema.statics.getHexFromRGB(this.colourR, this.colourG, this.colourB);
 }
 
-PixelSchema.statics.getHexFromRGB = function(r, g, b) {
+PixelSchema.statics.getHexFromRGB = function (r, g, b) {
     // Borrowed partly from: https://stackoverflow.com/a/5624139
     function componentToHex(c) {
         let hex = c.toString(16);
@@ -144,5 +144,5 @@ PixelSchema.statics.getHexFromRGB = function(r, g, b) {
     return componentToHex(r) + componentToHex(g) + componentToHex(b);
 }
 
-PixelSchema.index({xPos: 1, yPos: 1});
+PixelSchema.index({ xPos: 1, yPos: 1 });
 module.exports = DataModelManager.registerModel("Pixel", PixelSchema);
diff --git a/models/report.js b/models/report.js
index 3d8352b8..3acb8e6c 100644
--- a/models/report.js
+++ b/models/report.js
@@ -2,7 +2,7 @@ const DataModelManager = require("../util/DataModelManager");
 const mongoose = require("mongoose");
 const Schema = mongoose.Schema;
 
-let ReportSchema = new Schema({
+const ReportSchema = new Schema({
     offenderID: {
         type: String,
         required: true
@@ -30,14 +30,14 @@ let ReportSchema = new Schema({
     }
 });
 
-ReportSchema.statics.reportUser = function(reportedUser, reporter, reason, app, callback)  {
+ReportSchema.statics.reportUser = function (reportedUser, reporter, reason, app, callback) {
     let report = this({
         offenderID: reportedUser,
         reporterID: reporter,
         reason: reason
     });
 
-    report.save(function(err) {
+    report.save(function (err) {
         if (err) return callback(null, { message: "some error fuck off out of here.", code: "fuck_off" });
         require("../util/ActionLogger").log(app, "report", report);
         return callback(report, null);
diff --git a/models/user.js b/models/user.js
index bd4d9373..c5756ca2 100644
--- a/models/user.js
+++ b/models/user.js
@@ -7,7 +7,7 @@ const Access = require("./access");
 const dataTables = require("mongoose-datatables");
 const TOSManager = require("../util/TOSManager");
 
-let UserSchema = new Schema({
+const UserSchema = new Schema({
     name: {
         type: String,
         unique: true,
@@ -108,12 +108,12 @@ let UserSchema = new Schema({
     }
 });
 
-UserSchema.pre("save", function(next) {
-    let user = this;
+UserSchema.pre("save", function (next) {
+    const user = this;
     if (this.isModified("password") || this.isNew) {
-        bcrypt.genSalt(10, function(err, salt) {
+        bcrypt.genSalt(10, function (err, salt) {
             if (err) return next(err);
-            bcrypt.hash(user.password, salt, function(err, hash) {
+            bcrypt.hash(user.password, salt, function (err, hash) {
                 if (err) return next(err);
                 user.password = hash;
                 next();
@@ -124,14 +124,14 @@ UserSchema.pre("save", function(next) {
     }
 });
 
-UserSchema.methods.comparePassword = function(passwd, cb) {
-    bcrypt.compare(passwd, this.password, function(err, isMatch) {
+UserSchema.methods.comparePassword = function (passwd, cb) {
+    bcrypt.compare(passwd, this.password, function (err, isMatch) {
         if (err) return cb(err);
         cb(null, isMatch);
     });
 }
 
-UserSchema.methods.toInfo = function(app = null) {
+UserSchema.methods.toInfo = function (app = null) {
     let info = {
         id: this.id,
         username: this.name,
@@ -158,7 +158,7 @@ UserSchema.methods.toInfo = function(app = null) {
     return info;
 }
 
-UserSchema.methods.getInfo = function(app = null, getPixelInfo = true) {
+UserSchema.methods.getInfo = function (app = null, getPixelInfo = true) {
     return new Promise((resolve, reject) => {
         let info = this.toInfo(app);
         if (getPixelInfo) {
@@ -172,7 +172,7 @@ UserSchema.methods.getInfo = function(app = null, getPixelInfo = true) {
     });
 }
 
-UserSchema.methods.loginError = function() {
+UserSchema.methods.loginError = function () {
     if (this.banned === true) return {
         message: "You are banned from using this service due to violations of the rules.",
         code: "banned"
@@ -180,7 +180,7 @@ UserSchema.methods.loginError = function() {
     return null;
 }
 
-UserSchema.methods.markForDeletion = function() {
+UserSchema.methods.markForDeletion = function () {
     this.deactivated = true;
     let date = new Date();
     date.setDate(date.getDate() + 7);
@@ -188,11 +188,11 @@ UserSchema.methods.markForDeletion = function() {
     return this.save();
 }
 
-UserSchema.methods.isMarkedForDeletion = function() {
+UserSchema.methods.isMarkedForDeletion = function () {
     return this.deletionDate != null
 }
 
-UserSchema.methods.setUserName = function(username, callback, usernameSet) {
+UserSchema.methods.setUserName = function (username, callback, usernameSet) {
     if (!UserSchema.statics.isValidUsername(username)) return callback({
         message: "That username cannot be used. Usernames must be 3-20 characters in length and may only consist of letters, numbers, underscores, and dashes.",
         code: "username_taken",
@@ -200,7 +200,7 @@ UserSchema.methods.setUserName = function(username, callback, usernameSet) {
     });
     this.name = username;
     this.usernameSet = true;
-    this.save(function(err) {
+    this.save(function (err) {
         if (err) return callback({
             message: "That username already exists.",
             code: "username_taken",
@@ -210,15 +210,15 @@ UserSchema.methods.setUserName = function(username, callback, usernameSet) {
     });
 }
 
-UserSchema.methods.recordAccess = function(req) {
+UserSchema.methods.recordAccess = function (req) {
     return Access.recordAccess(req, this.id);
 }
 
-UserSchema.methods.getUniqueIPsAndUserAgents = function() {
+UserSchema.methods.getUniqueIPsAndUserAgents = function () {
     return Access.getUniqueIPsAndUserAgentsForUser(this);
 }
 
-UserSchema.statics.findByUsername = function(username, callback = null) {
+UserSchema.statics.findByUsername = function (username, callback = null) {
     return this.findOne({
         name: {
             $regex: new RegExp(["^", username.toLowerCase(), "$"].join(""), "i")
@@ -226,19 +226,19 @@ UserSchema.statics.findByUsername = function(username, callback = null) {
     }, callback)
 }
 
-UserSchema.statics.getPasswordError = function(password) {
+UserSchema.statics.getPasswordError = function (password) {
     return null; // temp fix signups, not good
     // return password.match(/^(?=.*\d)(?=.*[a-z])(?=.*[A-Z])$/) && password.length >= 8 ? null : "That password cannot be used. Passwords are required to contain at least one digit, one uppercase letter, one lowercase letter, and be at least 8 characters in length.";
 }
 
-UserSchema.statics.register = function(username, password, app, callback, OAuthID, OAuthName) {
+UserSchema.statics.register = function (username, password, app, callback, OAuthID, OAuthName) {
     if (!OAuthID && !this.isValidUsername(username)) return callback(null, {
         message: "That username cannot be used. Usernames must be 3-20 characters in length and may only consist of letters, numbers, underscores, and dashes.",
         code: "username_taken",
         intCode: 400
     });
     let passwordError = this.getPasswordError(password);
-    if(passwordError) return callback(null, {
+    if (passwordError) return callback(null, {
         message: passwordError,
         code: "password_validation",
         intCode: 400
@@ -268,7 +268,7 @@ UserSchema.statics.register = function(username, password, app, callback, OAuthI
         });
 
         // Save the user
-        newUser.save(function(err) {
+        newUser.save(function (err) {
             if (err) return callback(null, {
                 message: "An account with that username already exists.",
                 code: "username_taken",
@@ -292,12 +292,12 @@ UserSchema.statics.register = function(username, password, app, callback, OAuthI
     }
 }
 
-UserSchema.statics.isValidUsername = function(username) {
+UserSchema.statics.isValidUsername = function (username) {
     return /^[a-zA-Z0-9-_]{3,20}$/.test(username);
 }
 
-UserSchema.methods.addPixel = function(colour, x, y, app, callback) {
-    let user = this;
+UserSchema.methods.addPixel = function (colour, x, y, app, callback) {
+    const user = this;
     Pixel.addPixel(colour, x, y, this.id, app, (changed, error) => {
         if (changed === null) return callback(null, error);
         if (changed) {
@@ -313,7 +313,7 @@ UserSchema.methods.addPixel = function(colour, x, y, app, callback) {
     });
 }
 
-UserSchema.methods.getPlaceSecondsRemaining = function(app) {
+UserSchema.methods.getPlaceSecondsRemaining = function (app) {
     if (this.admin) return 0;
     if (this.lastPlace) {
         let current = new Date().getTime();
@@ -327,11 +327,11 @@ UserSchema.methods.getPlaceSecondsRemaining = function(app) {
     return 0;
 }
 
-UserSchema.methods.canPlace = function(app) {
+UserSchema.methods.canPlace = function (app) {
     return this.getPlaceSecondsRemaining(app) <= 0;
 }
 
-UserSchema.methods.findSimilarIPUsers = function() {
+UserSchema.methods.findSimilarIPUsers = function () {
     return new Promise((resolve, reject) => {
         Access.findSimilarIPUserIDs(this).then((userIDs) => {
             this.model("User").find({
@@ -343,7 +343,7 @@ UserSchema.methods.findSimilarIPUsers = function() {
     });
 }
 
-UserSchema.methods.getLatestAvailablePixel = function() {
+UserSchema.methods.getLatestAvailablePixel = function () {
     return new Promise((resolve, reject) => {
         Pixel.findOne({
             editorID: this.id
@@ -351,7 +351,7 @@ UserSchema.methods.getLatestAvailablePixel = function() {
             sort: {
                 lastModified: -1
             }
-        }, function(err, pixel) {
+        }, function (err, pixel) {
             if (err || !pixel) return resolve(null);
             let info = pixel.toInfo();
             info.isLatest = pixel ? ~((pixel.lastModified - this.lastPlace) / 1000) <= 3 : false;
@@ -360,12 +360,12 @@ UserSchema.methods.getLatestAvailablePixel = function() {
     });
 }
 
-UserSchema.methods.canPerformActionsOnUser = function(user) {
+UserSchema.methods.canPerformActionsOnUser = function (user) {
     let canTouchUser = (this.moderator && !(user.moderator || user.admin)) || (this.admin && !user.admin);
     return this._id != user._id && canTouchUser;
 }
 
-UserSchema.methods.getUsernameInitials = function() {
+UserSchema.methods.getUsernameInitials = function () {
     function getInitials(string) {
         let output = "";
         let mustBeUppercase = false;
@@ -390,7 +390,7 @@ UserSchema.methods.getUsernameInitials = function() {
     return getInitials(this.name);
 }
 
-UserSchema.statics.getPubliclyAvailableUserInfo = function(userID, overrideDataAccess = false, app = null, getPixelInfo = true) {
+UserSchema.statics.getPubliclyAvailableUserInfo = function (userID, overrideDataAccess = false, app = null, getPixelInfo = true) {
     return new Promise((resolve, reject) => {
         let info = {};
         function returnInfo(error) {
@@ -404,14 +404,14 @@ UserSchema.statics.getPubliclyAvailableUserInfo = function(userID, overrideDataA
             else if (!overrideDataAccess && user.deactivated) return returnInfo("deactivated");
             user.getInfo(app, getPixelInfo).then((userInfo) => {
                 info.user = userInfo;
-                if(overrideDataAccess) {
+                if (overrideDataAccess) {
                     info.user.isOauth = user.isOauth;
                     info.user.hasTOTP = user.twoFactorAuthEnabled();
                 }
                 resolve(info);
             }).catch((err) => returnInfo("delete"));
         }
-        if(!userID) return continueWithUser(null);
+        if (!userID) return continueWithUser(null);
         this.findById(userID).then(continueWithUser).catch((err) => {
             app.logger.capture("Error getting user info: " + err, { user: { _id: userID } });
             returnInfo("delete");
@@ -419,11 +419,11 @@ UserSchema.statics.getPubliclyAvailableUserInfo = function(userID, overrideDataA
     });
 }
 
-UserSchema.methods.getMustAcceptTOS = function() {
+UserSchema.methods.getMustAcceptTOS = function () {
     return new Promise((resolve, reject) => {
         TOSManager.hasTOS().then((hasTOS) => {
-            if(!hasTOS) return resolve(false);
-            if(!this.lastAcceptedTOSRevision) return resolve(true);
+            if (!hasTOS) return resolve(false);
+            if (!this.lastAcceptedTOSRevision) return resolve(true);
             TOSManager.getCurrentTOSVersion().then((version) => {
                 resolve(this.lastAcceptedTOSRevision != version);
             }).catch((err) => reject(err));
@@ -431,14 +431,14 @@ UserSchema.methods.getMustAcceptTOS = function() {
     });
 }
 
-UserSchema.methods.twoFactorAuthEnabled = function() {
+UserSchema.methods.twoFactorAuthEnabled = function () {
     return this.totpSecret != null;
 }
 
-UserSchema.methods.updateTOSAcceptance = function() {
+UserSchema.methods.updateTOSAcceptance = function () {
     return new Promise((resolve, reject) => {
         TOSManager.hasTOS().then((hasTOS) => {
-            if(!hasTOS) {
+            if (!hasTOS) {
                 this.lastAcceptedTOSRevision = null;
                 resolve();
             }
@@ -450,37 +450,37 @@ UserSchema.methods.updateTOSAcceptance = function() {
     });
 }
 
-UserSchema.statics.isTOSAgreementCurrentlyRequired = function() {
+UserSchema.statics.isTOSAgreementCurrentlyRequired = function () {
     return TOSManager.hasTOS();
 }
 
-UserSchema.methods.canPlaceCustomColours = function() {
+UserSchema.methods.canPlaceCustomColours = function () {
     return this.admin || this.moderator;
 }
 
-UserSchema.methods.canPlaceColour = function(hex, app) {
-    if(this.canPlaceCustomColours()) return true;
+UserSchema.methods.canPlaceColour = function (hex, app) {
+    if (this.canPlaceCustomColours()) return true;
     return app.colours.includes(hex.toUpperCase());
 }
 
-UserSchema.methods.getFeatureAvailability = function() {
+UserSchema.methods.getFeatureAvailability = function () {
     return {
         canPlaceCustomColours: this.canPlaceCustomColours(),
         hasTemplatesExperiment: this.admin || this.tester || false
     };
 }
 
-UserSchema.methods.getBadges = function(app) {
+UserSchema.methods.getBadges = function (app) {
     let badges = [];
-    if(app) {
-        let rank = app.leaderboardManager.getUserRank(this.id);
-        if(rank) badges.push({ text: `Ranked #${rank.toLocaleString()}`, style: rank <= 5 ? "danger" : "info", isRanking: true, lowPriority: true, isLowRanking: rank > 25 });
+    if (app) {
+        const rank = app.leaderboardManager.getUserRank(this.id);
+        if (rank) badges.push({ text: `Ranked #${rank.toLocaleString()}`, style: rank <= 5 ? "danger" : "info", isRanking: true, lowPriority: true, isLowRanking: rank > 25 });
     }
-    if(this.banned) badges.push({ text: "Banned", style: "danger", title: "This user has been banned for breaking the rules." });
-    else if(this.isMarkedForDeletion()) badges.push({ text: "Deleted", style: "danger", title: "This user chose to delete their account." });
-    else if(this.deactivated) badges.push({ text: "Deactivated", style: "danger", title: "This user chose to deactivate their account." });
-    if(this.admin) badges.push({ text: "Admin", style: "warning", inlineBefore: true, title: "This user is an administrator." });
-    else if(this.moderator) badges.push({ text: "Moderator", shortText: "Mod", style: "warning", inlineBefore: true, title: "This user is a moderator." });
+    if (this.banned) badges.push({ text: "Banned", style: "danger", title: "This user has been banned for breaking the rules." });
+    else if (this.isMarkedForDeletion()) badges.push({ text: "Deleted", style: "danger", title: "This user chose to delete their account." });
+    else if (this.deactivated) badges.push({ text: "Deactivated", style: "danger", title: "This user chose to deactivate their account." });
+    if (this.admin) badges.push({ text: "Admin", style: "warning", inlineBefore: true, title: "This user is an administrator." });
+    else if (this.moderator) badges.push({ text: "Moderator", shortText: "Mod", style: "warning", inlineBefore: true, title: "This user is a moderator." });
     return badges;
 }
 
@@ -488,21 +488,21 @@ UserSchema.plugin(dataTables, {
     totalKey: "recordsFiltered",
 });
 
-UserSchema.methods.getUserData = function() {
+UserSchema.methods.getUserData = function () {
     return new Promise((resolve, reject) => {
-        let user = this.toInfo();
+        const user = this.toInfo();
         Promise.all([
             Access.find({ userID: this.id }),
             Pixel.find({ editorID: this.id }),
-            require("./action").find({ $or: [ { performingUserID: this.id }, { moderatingUserID: this.id } ] }),
+            require("./action").find({ $or: [{ performingUserID: this.id }, { moderatingUserID: this.id }] }),
             require("./warp").find({ userID: this.id }),
             require("./chatMessage").find({ userID: this.id })
         ]).then((result) => {
-            let accesses = result[0].map((a) => a.toInfo(false));
-            let pixels = result[1].map((p) => p.toInfo(false));
-            let actions = result[2].map((a) => a.toInfo(false));
-            let warps = result[3].map((w) => w.toInfo());
-            let chatMessages = result[4].map((m) => m.toInfo(false));
+            const accesses = result[0].map((a) => a.toInfo(false));
+            const pixels = result[1].map((p) => p.toInfo(false));
+            const actions = result[2].map((a) => a.toInfo(false));
+            const warps = result[3].map((w) => w.toInfo());
+            const chatMessages = result[4].map((m) => m.toInfo(false));
             resolve({ user: user, accesses: accesses, pixels: pixels, actions: actions, warps: warps, chatMessages: chatMessages });
         });
     });
diff --git a/models/warp.js b/models/warp.js
index d3cbe66f..d4171b74 100644
--- a/models/warp.js
+++ b/models/warp.js
@@ -2,7 +2,7 @@ const DataModelManager = require("../util/DataModelManager");
 const mongoose = require("mongoose");
 const Schema = mongoose.Schema;
 
-let WarpSchema = new Schema({
+const WarpSchema = new Schema({
     xPos: {
         type: Number,
         required: true,
@@ -33,7 +33,7 @@ let WarpSchema = new Schema({
     }
 });
 
-WarpSchema.methods.toInfo = function() {
+WarpSchema.methods.toInfo = function () {
     return {
         id: this.id,
         location: {
@@ -44,10 +44,10 @@ WarpSchema.methods.toInfo = function() {
     };
 }
 
-WarpSchema.statics.createWarp = function(x, y, name, userID, callback) {
-    if(name.length <= 0 || name.length > 15) return callback(null, { message: "Your warp name must be between 1-15 characters in length.", code: "validation" });
-    this.count({userID: userID, name: name}).then((count) => {
-        if(count > 0) return callback(null, { message: "You already have a warp with that name.", code: "validation" });
+WarpSchema.statics.createWarp = function (x, y, name, userID, callback) {
+    if (name.length <= 0 || name.length > 15) return callback(null, { message: "Your warp name must be between 1-15 characters in length.", code: "validation" });
+    this.count({ userID: userID, name: name }).then((count) => {
+        if (count > 0) return callback(null, { message: "You already have a warp with that name.", code: "validation" });
 
         let warp = this({
             xPos: x,
@@ -56,8 +56,8 @@ WarpSchema.statics.createWarp = function(x, y, name, userID, callback) {
             userID: userID,
             creationDate: Date()
         });
-    
-        warp.save(function(err) {
+
+        warp.save(function (err) {
             if (err) return callback(null, { message: "An error occurred while trying to create that warp.", code: "server_error" });
             return callback(warp, null);
         });
diff --git a/routes/admin.js b/routes/admin.js
index 6bc0e949..1868a1c9 100644
--- a/routes/admin.js
+++ b/routes/admin.js
@@ -2,7 +2,7 @@ const express = require("express");
 const User = require("../models/user");
 
 function AdminRouter(app) {
-    let router = express.Router()
+    const router = express.Router()
     
     router.use(function(req, res, next) {
         // Don't allow anything if user has forced pw reset or OAuth not configured
diff --git a/routes/api.js b/routes/api.js
index 31d71ab1..926f6799 100644
--- a/routes/api.js
+++ b/routes/api.js
@@ -18,7 +18,7 @@ const WarpController = require("../controllers/WarpController");
 const UserDownloadController = require("../controllers/UserDownloadController");
 
 function APIRouter(app) {
-    let router = express.Router();
+    const router = express.Router();
 
     router.use(function(req, res, next) {
         res.header("Cache-Control", "private, no-cache, no-store, must-revalidate");
diff --git a/routes/oauth.js b/routes/oauth.js
index 67b75263..63b4e5ef 100644
--- a/routes/oauth.js
+++ b/routes/oauth.js
@@ -4,7 +4,7 @@ const OAuthController = require("../controllers/OAuthController");
 
 function OAuthRouter(app) {
     require("../util/passport")(passport, app);
-    let router = express.Router();
+    const router = express.Router();
 
     if(typeof app.config.oauth !== "undefined") {
         if (app.config.oauth.google.enabled) {
diff --git a/routes/public.js b/routes/public.js
index a3b6ad99..db76f004 100644
--- a/routes/public.js
+++ b/routes/public.js
@@ -8,7 +8,7 @@ const AccountPageController = require("../controllers/AccountPageController");
 const AuthController = require("../controllers/AuthController");
 
 function PublicRouter(app) {
-    let router = express.Router();
+    const router = express.Router();
 
     const requireUser = (req, res, next) => {
         if (!req.user) return res.status(401).redirect("/#signin");
diff --git a/util/HTTPServer.js b/util/HTTPServer.js
index 0bfc57bf..aea054df 100644
--- a/util/HTTPServer.js
+++ b/util/HTTPServer.js
@@ -10,8 +10,8 @@ const fs = require("fs");
 const path = require("path");
 
 function HTTPServer(app) {
-    let server = express();
-    let httpServer = require("http").createServer(server);
+    const server = express();
+    const httpServer = require("http").createServer(server);
     
     // Setup for parameters and bodies
     server.use(bodyParser.urlencoded({extended: false}));
@@ -22,7 +22,7 @@ function HTTPServer(app) {
     // Set rendering engine
     server.set("view engine", "pug");
 
-    let setupRoutes = function(directories, modulesWithRoutes) {
+    const setupRoutes = function(directories, modulesWithRoutes) {
         // Use public folder for resources
         server.use(express.static("public"));
         // Register module public directories
diff --git a/util/JavaScriptProcessor.js b/util/JavaScriptProcessor.js
index 4dc7b7f1..63435fb3 100644
--- a/util/JavaScriptProcessor.js
+++ b/util/JavaScriptProcessor.js
@@ -16,7 +16,7 @@ class JavaScriptProcessor {
             }
         };
 
-        let swallowError = function(error) {
+        const swallowError = function(error) {
             app.reportError("Error while processing JavaScript: " + error);
             this.emit("end");
         }
diff --git a/util/LeaderboardManager.js b/util/LeaderboardManager.js
index 21b47db3..4fd31d8e 100644
--- a/util/LeaderboardManager.js
+++ b/util/LeaderboardManager.js
@@ -2,7 +2,7 @@ const Pixel = require("../models/pixel");
 const User = require("../models/user");
 
 function LeaderboardManager(app) {
-    let manager = {
+    const manager = {
         needsUpdating: true,
         topUsers: null, pixelCounts: null,
         waitingForUpdate: [],
diff --git a/util/UserActivityManager.js b/util/UserActivityManager.js
index 1077d367..dc8fd5d8 100644
--- a/util/UserActivityManager.js
+++ b/util/UserActivityManager.js
@@ -1,7 +1,7 @@
 const User = require("../models/user");
 
 function UserActivityManager(app) {
-    let controller = {
+    const controller = {
         userActivityTimes: {},
 
         update: function() {
diff --git a/util/passport.js b/util/passport.js
index 17043b3a..25a82790 100644
--- a/util/passport.js
+++ b/util/passport.js
@@ -16,7 +16,7 @@ const config = require("../config/config");
 const ActionLogger = require("../util/ActionLogger");
 
 module.exports = function(passport, app) {
-    let opts = {};
+    const opts = {};
     opts.jwtFromRequest = ExtractJwt.fromAuthHeader();
     opts.secretOrKey = config.secret;
     passport.use(new JwtStrategy(opts, function(jwt_payload, done) {

From 7a92068d79a0ff4fe4d7fb6329595f91e2f2ade9 Mon Sep 17 00:00:00 2001
From: Dalia Alawneh <alawnehdalia340@gmail.com>
Date: Sat, 22 Jul 2023 17:40:44 +0300
Subject: [PATCH 3/3] Refactor: Improve Configuration Handling in
 app.loadConfig()

In this commit, I refactored the app.loadConfig() function to improve the handling of configurations. The changes include:

1. Extracted loadNewConfig(), setDefaultValues(), checkConfigChanges(), and checkPortChanges() functions for better code organization and reusability.
2. Set default values for siteName, enableChangelogs, and boardSize if not specified in the configuration.
3. Ensured colors are stored as uppercase unique values in app.colours.
4. Improved the conditional checks for changes in the configuration, database, board size, OAuth settings, and port number.
5. Restructured the code to handle different scenarios more efficiently.

These refactorings enhance the readability, maintainability, and overall quality of the codebase. The core functionality of app.loadConfig() remains intact, but the code is now more organized and easier to understand.
---
 app.js | 102 +++++++++++++++++++++++++++++++++++++++++----------------
 1 file changed, 73 insertions(+), 29 deletions(-)

diff --git a/app.js b/app.js
index c1f1bc9d..ac90f1f5 100644
--- a/app.js
+++ b/app.js
@@ -1,7 +1,7 @@
 const mongoose = require("mongoose");
 mongoose.promise = global.Promise;
 const recaptcha = require("express-recaptcha");
-const readline = require("readline").createInterface({input: process.stdin, output: process.stdout});
+const readline = require("readline").createInterface({ input: process.stdin, output: process.stdout });
 const util = require("util");
 const PaintingManager = require("./util/PaintingManager");
 const HTTPServer = require("./util/HTTPServer");
@@ -22,25 +22,69 @@ const app = {};
 
 app.logger = require('./util/logger');
 
-app.loadConfig = (path = "./config/config") => {
+const loadNewConfig = (path) => {
     delete require.cache[require.resolve(path)];
-    const oldConfig = app.config;
     app.config = require(path);
-    app.colours = [... new Set((app.config.colours || ["#FFFFFF", "#E4E4E4", "#888888", "#222222", "#FFA7D1", "#E50000", "#E59500", "#A06A42", "#E5D900", "#94E044", "#02BE01", "#00D3DD", "#0083C7", "#0000EA", "#CF6EE4", "#820080"]).map((c) => c.toUpperCase()))];
-    if(!app.config.siteName) app.config.siteName = "Place";
-    if(!app.config.enableChangelogs) app.config.enableChangelogs = true;
-    if(!app.config.boardSize) app.config.boardSize = 1600; // default to 1600 if not specified in config
-    if(oldConfig && (oldConfig.secret != app.config.secret || oldConfig.database != app.config.database || oldConfig.boardSize != app.config.boardSize)) {
-        app.logger.log("Configuration", "We are stopping the Place server because the database URL, secret, and/or board image size has been changed, which will require restarting the entire server.");
+    app.colours = [
+        ...new Set(
+            (app.config.colours || [
+                "#FFFFFF", "#E4E4E4", "#888888", "#222222", "#FFA7D1", "#E50000",
+                "#E59500", "#A06A42", "#E5D900", "#94E044", "#02BE01", "#00D3DD",
+                "#0083C7", "#0000EA", "#CF6EE4", "#820080"
+            ]).map((c) => c.toUpperCase())
+        ),
+    ]
+}
+
+const setDefaultValues = () => {
+    if (!app.config.siteName) {
+        app.config.siteName = "Place";
+    }
+    if (!app.config.enableChangelogs) {
+        app.config.enableChangelogs = true;
+    }
+    if (!app.config.boardSize) {
+        app.config.boardSize = 1600;
+    } // default to 1600 if not specified in config
+}
+const checkConfigChanges = (oldConfig) => {
+    const hasConfigChanged =
+        oldConfig &&
+        (oldConfig.secret !== app.config.secret ||
+            oldConfig.database !== app.config.database ||
+            oldConfig.boardSize !== app.config.boardSize);
+
+    if (hasConfigChanged) {
+        app.logger.log(
+            "Configuration",
+            "We are stopping the Place server because the database URL, secret, and/or board image size has been changed, which will require restarting the entire server."
+        );
         process.exit(0);
     }
-    if(oldConfig && (oldConfig.oauth != app.config.oauth)) {
+}
+
+const checkPortChanges = (oldConfig) => {
+    const hasPortChanges =
+        oldConfig &&
+        (oldConfig.port != app.config.port ||
+            oldConfig.onlyListenLocal != app.config.onlyListenLocal)
+    if (hasPortChanges) {
+        app.restartServer()
+    }
+}
+app.loadConfig = (path = "./config/config") => {
+    const oldConfig = app.config
+    loadNewConfig(path)
+    setDefaultValues()
+    checkConfigChanges(oldConfig)
+    checkPortChanges(oldConfig)
+
+    if (oldConfig && (oldConfig.oauth != app.config.oauth)) {
         app.stopServer();
         app.recreateServer();
         app.restartServer();
         app.recreateRoutes();
     }
-    if(oldConfig && (oldConfig.port != app.config.port || oldConfig.onlyListenLocal != app.config.onlyListenLocal)) app.restartServer();
 }
 app.loadConfig();
 
@@ -73,24 +117,24 @@ app.leaderboardManager = LeaderboardManager(app);
 app.userActivityController = UserActivityManager(app);
 
 app.enableCaptcha = false;
-if(typeof app.config.recaptcha !== "undefined") {
-    if(typeof app.config.recaptcha.siteKey !== "undefined" && typeof app.config.recaptcha.secretKey !== "undefined") {
+if (typeof app.config.recaptcha !== "undefined") {
+    if (typeof app.config.recaptcha.siteKey !== "undefined" && typeof app.config.recaptcha.secretKey !== "undefined") {
         app.enableCaptcha = app.config.recaptcha.siteKey != "" && app.config.recaptcha.secretKey != "";
     }
 }
-if(app.enableCaptcha) {
+if (app.enableCaptcha) {
     // Set up reCaptcha
     recaptcha.init(app.config.recaptcha.siteKey, app.config.recaptcha.secretKey);
     app.recaptcha = recaptcha;
 }
 
 app.adminMiddleware = (req, res, next) => {
-    if(!req.user || !req.user.admin) return res.status(403).redirect("/?admindenied=1");
+    if (!req.user || !req.user.admin) return res.status(403).redirect("/?admindenied=1");
     next();
 };
 
 app.modMiddleware = (req, res, next) => {
-    if(!req.user || !(req.user.admin || req.user.moderator)) return res.status(403).redirect("/?moddenied=1");
+    if (!req.user || !(req.user.admin || req.user.moderator)) return res.status(403).redirect("/?moddenied=1");
     next();
 };
 
@@ -106,7 +150,7 @@ mongoose.connect(process.env.DATABASE || app.config.database);
 const handlePendingDeletions = () => {
     setInterval(() => {
         const now = new Date();
-        User.remove({ deletionDate: { $lte: now } }, function(err, result) {
+        User.remove({ deletionDate: { $lte: now } }, function (err, result) {
             if (err) { console.error(err); return }
             if (result.n) app.logger.log('Deleter', `Deleted ${result.n} users.`);
         });
@@ -122,10 +166,10 @@ app.javascriptProcessor = new JavaScriptProcessor(app);
 app.javascriptProcessor.processJavaScript();
 
 app.stopServer = () => {
-    if(app.server.listening) {
+    if (app.server.listening) {
         app.logger.log('Shutdown', "Closing server…")
         app.server.close();
-        setImmediate(function() { app.server.emit("close"); });
+        setImmediate(function () { app.server.emit("close"); });
     }
 }
 
@@ -152,16 +196,16 @@ readline.on('line', i => {
     try {
         const output = eval(i)
         output instanceof Promise
-        ? output.then(a => {
-            console.log('Promise Resolved')
-            console.log(util.inspect(a, {depth: 0}))
-        }).catch(e => {
-            console.log('Promise Rejected')
-            console.log(e.stack)
-        })
-        : output instanceof Object
-            ? console.log(util.inspect(output, {depth: 0}))
-            : console.log(output)
+            ? output.then(a => {
+                console.log('Promise Resolved')
+                console.log(util.inspect(a, { depth: 0 }))
+            }).catch(e => {
+                console.log('Promise Rejected')
+                console.log(e.stack)
+            })
+            : output instanceof Object
+                ? console.log(util.inspect(output, { depth: 0 }))
+                : console.log(output)
     } catch (err) {
         console.log(err.stack)
     }