From 1a5b3c8480785b70287cfe4e11c8592ea3b9a541 Mon Sep 17 00:00:00 2001 From: RealAngeleno Date: Sat, 15 Jul 2023 23:10:39 -0700 Subject: [PATCH 1/2] Revert "Temporarily Revert "Remove telegrams" due to critical bug with posting" --- inc/config.php | 6 -- inc/locale/pl_PL/LC_MESSAGES/tinyboard.po | 2 - inc/mod/pages.php | 44 ------------- install.sql | 15 ----- mod.php | 1 - post.php | 35 ----------- templates/important.html | 12 ---- templates/mod/view_ip.html | 77 ----------------------- 8 files changed, 192 deletions(-) delete mode 100644 templates/important.html diff --git a/inc/config.php b/inc/config.php index 61379574..82e596a8 100644 --- a/inc/config.php +++ b/inc/config.php @@ -1635,12 +1635,6 @@ $config['mod']['create_notes'] = $config['mod']['view_notes']; // Remote notes $config['mod']['remove_notes'] = ADMIN; - // View telegrams - $config['mod']['view_telegrams'] = JANITOR; - // Create telegrams - $config['mod']['create_telegrams'] = $config['mod']['view_telegrams']; - // Remove telegrams - $config['mod']['remove_telegrams'] = ADMIN; // Create a new board $config['mod']['newboard'] = ADMIN; // Manage existing boards (change title, etc) diff --git a/inc/locale/pl_PL/LC_MESSAGES/tinyboard.po b/inc/locale/pl_PL/LC_MESSAGES/tinyboard.po index 50d24b64..1521958f 100644 --- a/inc/locale/pl_PL/LC_MESSAGES/tinyboard.po +++ b/inc/locale/pl_PL/LC_MESSAGES/tinyboard.po @@ -2287,8 +2287,6 @@ msgstr "usuĊ„" msgid "New note" msgstr "Nowa notka" -msgid "New telegram" -msgstr "Nowa depesza" #. line 94 #. line 7 diff --git a/inc/mod/pages.php b/inc/mod/pages.php index d3cfba39..7af70b7b 100644 --- a/inc/mod/pages.php +++ b/inc/mod/pages.php @@ -806,25 +806,6 @@ function mod_ip_remove_note($cloaked_ip, $id) { header('Location: ?/IP/' . $cloaked_ip . '#notes', true, $config['redirect_http']); } -function mod_ip_remove_telegram($cloaked_ip, $id) { - $ip = uncloak_ip($cloaked_ip); - global $config, $mod; - - if (!hasPermission($config['mod']['remove_telegrams'])) - error($config['error']['noaccess']); - - if (filter_var($ip, FILTER_VALIDATE_IP) === false) - error("Invalid IP address."); - - $query = prepare('DELETE FROM ``telegrams`` WHERE `ip` = :ip AND `id` = :id'); - $query->bindValue(':ip', $ip); - $query->bindValue(':id', $id); - $query->execute() or error(db_error($query)); - - modLog("Removed a telegram for {$cloaked_ip}"); - - header('Location: ?/IP/' . $cloaked_ip . '#telegrams', true, $config['redirect_http']); -} function mod_page_ip($cip) { @@ -871,24 +852,6 @@ function mod_page_ip($cip) { return; } - if (isset($_POST['telegram'])) { - if (!hasPermission($config['mod']['create_telegrams'])) - error($config['error']['noaccess']); - - $_POST['telegram'] = escape_markup_modifiers($_POST['telegram']); - markup($_POST['telegram']); - $query = prepare('INSERT INTO ``telegrams`` VALUES (NULL, :mod_id, :ip, :message, 0, :created_at)'); - $query->bindValue(':ip', $ip); - $query->bindValue(':mod_id', $mod['id']); - $query->bindValue(':created_at', time()); - $query->bindValue(':message', $_POST['telegram']); - $query->execute() or error(db_error($query)); - - modLog("Added a telegram for {$cip}"); - - header('Location: ?/IP/' . $cip . '#telegrams', true, $config['redirect_http']); - return; - } $args = array(); $args['ip'] = $ip; @@ -934,13 +897,6 @@ function mod_page_ip($cip) { $args['notes'] = $query->fetchAll(PDO::FETCH_ASSOC); } - if (hasPermission($config['mod']['view_telegrams'])) { - $query = prepare("SELECT ``telegrams``.*, `username` FROM ``telegrams`` LEFT JOIN ``mods`` ON `mod_id` = ``mods``.`id` WHERE `ip` = :ip ORDER BY `created_at` DESC"); - $query->bindValue(':ip', $ip); - $query->execute() or error(db_error($query)); - $args['telegrams'] = $query->fetchAll(PDO::FETCH_ASSOC); - } - if (hasPermission($config['mod']['modlog_ip'])) { $query = prepare("SELECT `username`, `mod`, `ip`, `board`, `time`, `text` FROM ``modlogs`` LEFT JOIN ``mods`` ON `mod` = ``mods``.`id` WHERE `text` LIKE :search ORDER BY `time` DESC LIMIT 50"); $query->bindValue(':search', '%' . $cip . '%'); diff --git a/install.sql b/install.sql index 0c6e44eb..ca60a58a 100644 --- a/install.sql +++ b/install.sql @@ -346,21 +346,6 @@ CREATE TABLE IF NOT EXISTS `captchas` ( PRIMARY KEY (`cookie`,`extra`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8mb4; --- -------------------------------------------------------- - --- --- Table structure for table `telegrams` --- - -CREATE TABLE IF NOT EXISTS `telegrams` ( - `id` int(11) unsigned NOT NULL AUTO_INCREMENT, - `mod_id` int(11) unsigned NOT NULL, - `ip` varchar(39) CHARACTER SET ascii NOT NULL, - `message` text NOT NULL, - `seen` tinyint(1) NOT NULL DEFAULT FALSE, - `created_at` INT(11), - PRIMARY KEY(`id`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8mb4; /*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */; /*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */; diff --git a/mod.php b/mod.php index 94e419ef..eacbba1a 100644 --- a/mod.php +++ b/mod.php @@ -59,7 +59,6 @@ $pages = array( '/IP/([\w.:]+)' => 'secure_POST ip', // view ip address '/IP/([\w.:]+)/remove_note/(\d+)' => 'secure ip_remove_note', // remove note from ip address - '/IP/([\w.:-]+)/remove_telegram/(\d+)' => 'secure ip_remove_telegram', // remove telegram from ip address '/ban' => 'secure_POST ban', // new ban '/bans' => 'secure_POST bans', // ban list diff --git a/post.php b/post.php index cfea1207..4b665104 100644 --- a/post.php +++ b/post.php @@ -1216,27 +1216,6 @@ if (isset($_POST['delete'])) { if (!$post['mod']) header('X-Associated-Content: "' . $redirect . '"'); - // Any telegrams to show? - $query = prepare('SELECT * FROM ``telegrams`` WHERE ``ip`` = :ip AND ``seen`` = 0'); - $query->bindValue(':ip', $_SERVER['REMOTE_ADDR']); - $query->execute() or error(db_error($query)); - $telegrams = $query->fetchAll(PDO::FETCH_ASSOC); - - if (count($telegrams) > 0) - goto skip_redirect; - - if (!isset($_POST['json_response'])) { - header('Location: ' . $redirect, true, $config['redirect_http']); - } else { - header('Content-Type: text/json; charset=utf-8'); - echo json_encode(array( - 'redirect' => $redirect, - 'noko' => $noko, - 'id' => $id - )); - } - skip_redirect: - if ($config['try_smarter'] && $post['op']) $build_pages = range(1, $config['max_pages']); @@ -1248,20 +1227,6 @@ if (isset($_POST['delete'])) { buildIndex(); - if (count($telegrams) > 0) { - $ids = implode(', ', array_map(function($x) { return (int)$x['id']; }, $telegrams)); - query("UPDATE ``telegrams`` SET ``seen`` = 1 WHERE ``id`` IN({$ids})") or error(db_error()); - die(Element('page.html', array( - 'title' => _('Important message from Moderation'), - 'config' => $config, - 'body' => Element('important.html', array( - 'config' => $config, - 'redirect' => $redirect, - 'telegrams' => $telegrams, - )) - ))); - } - // We are already done, let's continue our heavy-lifting work in the background (if we run off FastCGI) if (function_exists('fastcgi_finish_request')) @fastcgi_finish_request(); diff --git a/templates/important.html b/templates/important.html deleted file mode 100644 index 9ad4460e..00000000 --- a/templates/important.html +++ /dev/null @@ -1,12 +0,0 @@ -
- {% for telegram in telegrams %} -
- -

{{ telegram.message }}

-
-
- {% endfor %} -
- {%trans 'Return' %} -
-
diff --git a/templates/mod/view_ip.html b/templates/mod/view_ip.html index eb57d19b..867312c4 100644 --- a/templates/mod/view_ip.html +++ b/templates/mod/view_ip.html @@ -81,83 +81,6 @@ {% endif %} -{% if mod|hasPermission(config.mod.view_telegrams) %} -
- - {% set telegrams_length = telegrams|length %} - {{ telegrams_length }} {% trans %}telegram on record{% plural notes_length %}telegrams on record{% endtrans %} - - - {% if telegrams|length > 0 %} - - - - - - - {% if mod|hasPermission(config.mod.remove_telegrams) %} - - {% endif %} - - {% for telegram in telegrams %} - - - - - - {% if mod|hasPermission(config.mod.remove_telegrams) %} - - {% endif %} - - {% endfor %} -
{% trans 'Staff' %}{% trans 'Message' %}{% trans 'Date' %}{% trans 'Seen' %}{% trans 'Actions' %}
- {% if telegram.username %} - {{ telegram.username|e }} - {% else %} - {% trans 'deleted?' %} - {% endif %} - - {{ telegram.message }} - - {{ telegram.created_at|date(config.post_date) }} - - {% if telegram.seen %} - {% trans 'Yes' %} - {% else %} - {% trans 'No' %} - {% endif %} - - - [{% trans 'remove' %}] - -
- {% endif %} - - {% if mod|hasPermission(config.mod.create_telegrams) %} -
- - - - - - - - - - - - - - -
{% trans 'Staff' %}{{ mod.username|e }}
- - - -
-
- {% endif %} -
-{% endif %} {% if bans|length > 0 and mod|hasPermission(config.mod.view_ban) %}
From 70b5c80ceadc0cc6a7f058d86986f61bac902439 Mon Sep 17 00:00:00 2001 From: RealAngeleno Date: Tue, 18 Jul 2023 02:35:56 -0700 Subject: [PATCH 2/2] fix bug with removal of telegrams --- post.php | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/post.php b/post.php index 4b665104..b3d3203a 100644 --- a/post.php +++ b/post.php @@ -1217,6 +1217,17 @@ if (isset($_POST['delete'])) { if (!$post['mod']) header('X-Associated-Content: "' . $redirect . '"'); + if (!isset($_POST['json_response'])) { + header('Location: ' . $redirect, true, $config['redirect_http']); + } else { + header('Content-Type: text/json; charset=utf-8'); + echo json_encode(array( + 'redirect' => $redirect, + 'noko' => $noko, + 'id' => $id + )); + } + if ($config['try_smarter'] && $post['op']) $build_pages = range(1, $config['max_pages']); @@ -1226,7 +1237,7 @@ if (isset($_POST['delete'])) { event('post-after', $post); buildIndex(); - + // We are already done, let's continue our heavy-lifting work in the background (if we run off FastCGI) if (function_exists('fastcgi_finish_request')) @fastcgi_finish_request();