Merge https://github.com/vichan-devel/vichan

README.md

@@ -7,7 +7,7 @@ vichan is a free light-weight, fast, highly configurable and user-friendly
 imageboard software package. It is written in PHP and has few dependencies.
 
 vichan is a fork of [Tinyboard](http://tinyboard.org/), a great imageboard package, actively
-building on it and adding a lot of features and another improvements.
+building on it and adding a lot of features and other improvements.
 
 Support and announcements: https://int.vichan.net/devel/
 

inc/config.php

@@ -773,7 +773,8 @@
 	//  $config['board_path'] if you wish to change the URL.
 	$config['board_abbreviation'] = '/%s/';
 
-	// The default name (ie. Anonymous).
+	// The default name (ie. Anonymous). Can be an array - in that case it's picked randomly from the array.
+	// Example: $config['anonymous'] = array('Bernd', 'Senpai', 'Jonne', 'ChanPro');
 	$config['anonymous'] = 'Anonymous';
 
 	// Number of reports you can create at once.

inc/functions.php

@@ -1,7 +1,7 @@
 <?php
 
 /*
- *  Copyright (c) 2010-2013 Tinyboard Development Group
+ *  Copyright (c) 2010-2014 Tinyboard Development Group
  */
 
 if (realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {
@@ -240,6 +240,9 @@ function loadConfig() {
 		event_handler('post', 'postHandler');
 	}
 
+	if (is_array($config['anonymous']))
+		$config['anonymous'] = $config['anonymous'][array_rand($config['anonymous'])];
+
 	event('load-config');
 	
 	if ($config['debug']) {
@@ -546,6 +549,28 @@ function file_write($path, $data, $simple = false, $skip_purge = false) {
 	if (!fclose($fp))
 		error('Unable to close file: ' . $path);
 
+	/**
+	 * Create gzipped file.
+	 *
+	 * When writing into a file foo.bar and the size is larger or equal to 1
+	 * KiB, this also produces the gzipped version foo.bar.gz
+	 *
+	 * This is useful with nginx with gzip_static on.
+	 */
+	if ($config['gzip_static']) {
+		$gzpath = "$path.gz";
+
+		if ($bytes & ~0x3ff) {  // if ($bytes >= 1024)
+			if (file_put_contents($gzpath, gzencode($data), $simple ? 0 : LOCK_EX) === false)
+				error("Unable to write to file: $gzpath");
+			if (!touch($gzpath, filemtime($path), fileatime($path)))
+				error("Unable to touch file: $gzpath");
+		}
+		else {
+			@unlink($gzpath);
+		}
+	}
+
 	if (!$skip_purge && isset($config['purge'])) {
 		// Purge cache
 		if (basename($path) == $config['file_index']) {

inc/lib/IP/Lifo/IP/CIDR.php

@@ -254,13 +254,31 @@ class CIDR
      * and the starting IP is not on a valid network boundrary (eg: Displaying
      * an IP from an interface).
      *
-     * @return string IP in CIDR notation "ipaddr/prefix"
+     * <b>Note: The CIDR block returned is NOT always bit aligned.</b>
+     *
+     * @return string IP in CIDR notation "start_ip/prefix"
      */
     public function getCidr()
     {
         return $this->start . '/' . $this->prefix;
     }
 
+    /**
+     * Get the TRUE cidr notation for the subnet block.
+     *
+     * This is useful for when you want a string representation of the IP/prefix
+     * and the starting IP is not on a valid network boundrary (eg: Displaying
+     * an IP from an interface).
+     *
+     * <b>Note: The CIDR block returned is ALWAYS bit aligned.</b>
+     *
+     * @return string IP in CIDR notation "network/prefix"
+     */
+    public function getTrueCidr()
+    {
+        return $this->getNetwork() . '/' . $this->prefix;
+    }
+
     /**
      * Get the [low,high] range of the CIDR block
      *
@@ -382,8 +400,9 @@ class CIDR
     {
         // use fixed length HEX strings so we can easily do STRING comparisons
         // instead of using slower bccomp() math.
-        list($lo,$hi)   = array_map(function($v){ return sprintf("%032s", IP::inet_ptoh($v)); }, CIDR::cidr_to_range($ip));
-        list($min,$max) = array_map(function($v){ return sprintf("%032s", IP::inet_ptoh($v)); }, CIDR::cidr_to_range($cidr));
+        $map = function($v){ return sprintf("%032s", IP::inet_ptoh($v)); };
+        list($lo,$hi)   = array_map($map, CIDR::cidr_to_range($ip));
+        list($min,$max) = array_map($map, CIDR::cidr_to_range($cidr));
 
         /** visualization of logic used below
             lo-hi   = $ip to check
@@ -447,7 +466,8 @@ class CIDR
         }
 
         // force bit length to 32 or 128 depending on type of IP
-        $bitlen = (false === filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) ? 128 : 32;
+        $version = IP::isIPv4($ip) ? 4 : 6;
+        $bitlen = $version == 4 ? 32 : 128;
 
         if ($bits === null) {
             // if no prefix is given use the length of the binary string which
@@ -469,7 +489,7 @@ class CIDR
         // calculate "broadcast" (not technically a broadcast in IPv6)
         $ip2 = BC::bcor($ip1, BC::bcnot($netmask));
 
-        return array(IP::inet_dtop($ip1), IP::inet_dtop($ip2));
+        return array(IP::inet_dtop($ip1, $version), IP::inet_dtop($ip2, $version));
     }
 
     /**

inc/lib/IP/Lifo/IP/IP.php

@@ -26,6 +26,10 @@ abstract class IP
     {
         // shortcut for IPv4 addresses
         if (strpos($ip, ':') === false && strpos($ip, '.') !== false) {
+            // remove any cidr block notation
+            if (($o = strpos($ip, '/')) !== false) {
+                $ip = substr($ip, 0, $o);
+            }
             return sprintf('%u', ip2long($ip));
         }
 
@@ -55,8 +59,11 @@ abstract class IP
 
     /**
      * Convert a decimal string into a human readable IP address.
+     *
+     * @param decimal $decimal Decimal number to convert into presentational IP string.
+     * @param integer $version Force IP version to 4 or 6. Leave null for automatic.
      */
-    public static function inet_dtop($decimal, $expand = false)
+    public static function inet_dtop($decimal, $version = null)
     {
         $parts = array();
         $parts[1] = bcdiv($decimal,                  '79228162514264337593543950336', 0);   // >> 96
@@ -74,25 +81,27 @@ abstract class IP
             $part = (int) $part;
         }
 
-        // if the first 96bits is all zeros then we can safely assume we
-        // actually have an IPv4 address. Even though it's technically possible
-        // you're not really ever going to see an IPv6 address in the range:
-        // ::0 - ::ffff
-        // It's feasible to see an IPv6 address of "::", in which case the
-        // caller is going to have to account for that on their own.
-        if (($parts[1] | $parts[2] | $parts[3]) == 0) {
+        if (!$version) {
+            // if the first 96bits is all zeros then we can safely assume we
+            // actually have an IPv4 address. Even though it's technically possible
+            // you're not really ever going to see an IPv6 address in the range:
+            // ::0 - ::ffff
+            // It's feasible to see an IPv6 address of "::", in which case the
+            // caller is going to have to account for that on their own (or
+            // pass $version to this function).
+            if (($parts[1] | $parts[2] | $parts[3]) == 0) {
+                $version = 4;
+            }
+        }
+
+        if ($version == 4) {
             $ip = long2ip($parts[4]);
         } else {
             $packed = pack('N4', $parts[1], $parts[2], $parts[3], $parts[4]);
             $ip = inet_ntop($packed);
         }
 
-        // Turn IPv6 to IPv4 if it's IPv4
-        if (preg_match('/^::\d+\./', $ip)) {
-            return substr($ip, 2);
-        }
-
-        return $expand ? self::inet_expand($ip) : $ip;
+        return $ip;
     }
 
     /**
@@ -107,8 +116,11 @@ abstract class IP
     /**
      * Convert a human readable (presentational) IP address into a BINARY string.
      */
-    public static function inet_ptob($ip, $bits = 128)
+    public static function inet_ptob($ip, $bits = null)
     {
+        if ($bits === null) {
+            $bits = self::isIPv4($ip) ? 32 : 128;
+        }
         return BC::bcdecbin(self::inet_ptod($ip), $bits);
     }
 
@@ -157,7 +169,7 @@ abstract class IP
      * One use-case for this is IP 6to4 tunnels used in networking.
      *
      * @example
-     *      to_ipv4("10.10.10.10") == a0a:a0a
+     *      to_ipv6("10.10.10.10") == a0a:a0a
      *
      * @param string $ip IPv4 address.
      * @param boolean $mapped If true a Full IPv6 address is returned within the

js/save-user_flag.js

@@ -0,0 +1,8 @@
+onready(function(){
+	var flagStorage = "flag_"+window.location.pathname.split('/')[1];
+	var item = window.localStorage.getItem(flagStorage);
+	$('select[name=user_flag]').val(item);
+	$('select[name=user_flag]').change(function() {
+		window.localStorage.setItem(flagStorage, $(this).val());
+	});
+});

post.php

@@ -349,7 +349,7 @@ if (isset($_POST['delete'])) {
 	$post['email'] = str_replace(' ', '%20', htmlspecialchars($_POST['email']));
 	$post['body'] = $_POST['body'];
 	$post['password'] = $_POST['password'];
-	$post['has_file'] = (!isset($post['embed']) && (($post['op'] && !isset($post['no_longer_require_an_image_for_op']) && $config['force_image_op']) || !empty($_FILES)));
+	$post['has_file'] = (!isset($post['embed']) && (($post['op'] && !isset($post['no_longer_require_an_image_for_op']) && $config['force_image_op']) || !empty($_FILES['file']['name'])));
 	
 	if (!($post['has_file'] || isset($post['embed'])) || (($post['op'] && $config['force_body_op']) || (!$post['op'] && $config['force_body']))) {
 		$stripped_whitespace = preg_replace('/[\s]/u', '', $post['body']);

templates/post/fileinfo.html

@@ -22,7 +22,7 @@
 			{% if config.show_filename and file.filename %}
 				, 
 				{% if file.filename|length > config.max_filename_display %}
-					<span class="postfilename" title="{{ file.filename|e }}">{{ file.filename|truncate_filename(config.max_filename_display)|bidi_cleanup }}</span>
+					<span class="postfilename" title="{{ file.filename|e|bidi_cleanup }}">{{ file.filename|truncate_filename(config.max_filename_display)|e|bidi_cleanup }}</span>
 				{% else %}
 					<span class="postfilename">{{ file.filename|e|bidi_cleanup }}</span>
 				{% endif %}