1
0
mirror of https://github.com/vichan-devel/vichan.git synced 2024-11-30 18:24:29 +01:00

Changed config to an array

This commit is contained in:
Savetheinternet 2011-02-12 17:25:15 +11:00
parent b57d600c36
commit 3737439338
9 changed files with 523 additions and 606 deletions

View File

@ -8,318 +8,326 @@
* your instance-config.php * your instance-config.php
* *
*/ */
$config = Array(
'db' => Array(),
'cookies' => Array(),
'error' => Array(),
'dir' => Array(),
'mod' => Array()
);
// Database stuff // Database stuff
// SQL driver ("mysql", "pgsql", "sqlite", "dblib", etc) // SQL driver ("mysql", "pgsql", "sqlite", "dblib", etc)
// http://www.php.net/manual/en/pdo.drivers.php // http://www.php.net/manual/en/pdo.drivers.php
define('DB_TYPE', 'mysql', true); $config['db']['type'] = 'mysql';
// Hostname or IP address // Hostname or IP address
define('DB_SERVER', 'localhost', true); $config['db']['server'] = 'localhost';
// Login // Login
define('DB_USER', '', true); $config['db']['user'] = '';
define('DB_PASSWORD', '', true); $config['db']['password'] = '';
// TinyBoard database // Tinyboard database
define('DB_DATABASE', '', true); $config['db']['database'] = '';
// Anything more to add to the DSN string (eg. port=xxx;foo=bar) // Anything more to add to the DSN string (eg. port=xxx;foo=bar)
define('DB_DSN', '', true); $config['db']['dsn'] = '';
// The name of the session cookie (PHP's $_SESSION) // The name of the session cookie (PHP's $_SESSION)
define('SESS_COOKIE', 'imgboard', true); $config['cookies']['session']= 'imgboard';
// Used to safely determine when the user was first seen, to prevent floods. // Used to safely determine when the user was first seen, to prevent floods. Contains a UNIX timestamp.
// time() $config['cookies']['time'] = 'arrived';
define('TIME_COOKIE', 'arrived', true); // Contains an MD5 hash of $config['cookies']['time'] for verification.
// HASH_COOKIE contains an MD5 hash of TIME_COOKIE+SALT for verification. $config['cookies']['hash'] = 'hash';
define('HASH_COOKIE', 'hash', true);
// Used for moderation login // Used for moderation login
define('MOD_COOKIE', 'mod', true); $config['cookies']['mod'] = 'mod';
// Where to set the 'path' parameter to ROOT when creating cookies. Recommended. // Where to set the 'path' parameter to $config['root'] when creating cookies. Recommended.
define('JAIL_COOKIES', true, true); $config['cookies']['jail'] = true;
// How long should the cookies last (in seconds) // How long should the cookies last (in seconds)
define('COOKIE_EXPIRE', 15778463, true); //6 months $config['cookies']['expire']= 15778463; //6 months
// How long should moderators should remain logged in (0=browser session) (in seconds)
define('MOD_EXPIRE', 15778463, true);
// Make this something long and random for security // Make this something long and random for security
define('SALT', 'wefaw98YHEWUFuo', true); $config['cookies']['salt'] = 'wefaw98YHEWUFuo';
define('SECURE_TRIP_SALT', '@#$&^@#)$(*&@!_$(&329-8347', true); // How long should moderators should remain logged in (0=browser session) (in seconds)
$config['mod']['expire'] = 15778463; //6 months
// Used to salt secure tripcodes (##trip)
$config['secure_trip_salt'] = '@#$&^@#)$(*&@!_$(&329-8347';
// How many seconds before you can post, after the first visit // How many seconds before you can post, after the first visit
define('LURKTIME', 30, true); $config['lurktime'] = 30;
// How many seconds between each post // How many seconds between each post
define('FLOOD_TIME', 10, true); $config['flood_time'] = 10;
// How many seconds between each post with exactly the same content and same IP // How many seconds between each post with exactly the same content and same IP
define('FLOOD_TIME_IP_SAME', 120, true); $config['flood_time_ip'] = 120;
// Same as above but different IP address // Same as above but different IP address
define('FLOOD_TIME_SAME', 30, true); $config['flood_time_same'] = 30;
// Do you need a body for your non-OP posts? // Do you need a body for your non-OP posts?
define('FORCE_BODY', true, true); $config['force_body'] = true;
// Max body length // Max body length
define('MAX_BODY', 1800, true); $config['max_body'] = 1800;
define('THREADS_PER_PAGE', 10, true); $config['threads_per_page'] = 10;
define('MAX_PAGES', 10, true); $config['max_pages'] = 10;
define('THREADS_PREVIEW', 5, true); $config['threads_preview'] = 5;
// For development purposes. Turns 'display_errors' on. Not recommended for production. // For development purposes. Turns 'display_errors' on. Not recommended for production.
define('VERBOSE_ERRORS', true, true); $config['verbose_errors'] = true;
// Error messages // Error messages
define('ERROR_LURK', 'Lurk some more before posting.', true); $config['error']['lurk'] = 'Lurk some more before posting.';
define('ERROR_BOT', 'You look like a bot.', true); $config['error']['bot'] = 'You look like a bot.';
define('ERROR_TOOLONG', 'The %s field was too long.', true); $config['error']['toolong'] = 'The %s field was too long.';
define('ERROR_TOOLONGBODY', 'The body was too long.', true); $config['error']['toolong_body'] = 'The body was too long.';
define('ERROR_TOOSHORTBODY', 'The body was too short or empty.', true); $config['error']['tooshort_body'] = 'The body was too short or empty.';
define('ERROR_NOIMAGE', 'You must upload an image.', true); $config['error']['noimage'] = 'You must upload an image.';
define('ERROR_NOMOVE', 'The server failed to handle your upload.', true); $config['error']['nomove'] = 'The server failed to handle your upload.';
define('ERROR_FILEEXT', 'Unsupported image format.', true); $config['error']['fileext'] = 'Unsupported image format.';
define('ERROR_NOBOARD', 'Invalid board!', true); $config['error']['noboard'] = 'Invalid board!';
define('ERROR_NONEXISTANT', 'Thread specified does not exist.', true); $config['error']['nonexistant'] = 'Thread specified does not exist.';
define('ERROR_LOCKED', 'Thread locked. You may not reply at this time.', true); $config['error']['locked'] = 'Thread locked. You may not reply at this time.';
define('ERROR_NOPOST', 'You didn\'t make a post.', true); $config['error']['nopost'] = 'You didn\'t make a post.';
define('ERROR_FLOOD', 'Flood detected; Post discared.', true); $config['error']['flood'] = 'Flood detected; Post discared.';
define('ERROR_UNORIGINAL', 'Unoriginal content!', true); $config['error']['unoriginal'] = 'Unoriginal content!';
define('ERROR_MUTED', 'Unoriginal content! You have been muted for %d seconds.', true); $config['error']['muted'] = 'Unoriginal content! You have been muted for %d seconds.';
define('ERROR_YOUAREMUTED', 'You are muted! Expires in %d seconds.', true); $config['error']['youaremuted'] = 'You are muted! Expires in %d seconds.';
define('ERROR_TOR', 'Hmm… That looks like a Tor exit node.', true); $config['error']['tor'] = 'Hmm… That looks like a Tor exit node.';
define('ERROR_TOOMANYLINKS', 'Too many links; flood detected.', true); $config['error']['toomanylinks'] = 'Too many links; flood detected.';
define('ERROR_NODELETE', 'You didn\'t select anything to delete.', true); $config['error']['nodelete'] = 'You didn\'t select anything to delete.';
define('ERROR_INVALIDPASSWORD', 'Wrong password…', true); $config['error']['invalidpassword'] = 'Wrong password…';
define('ERR_INVALIDIMG','Invalid image.', true); $config['error']['invalidimg'] = 'Invalid image.';
define('ERR_FILESIZE', 'Maximum file size: %maxsz% bytes<br>Your file\'s size: %filesz% bytes', true); $config['error']['filesize'] = 'Maximum file size: %maxsz% bytes<br>Your file\'s size: %filesz% bytes';
define('ERR_MAXSIZE', 'The file was too big.', true); $config['error']['maxsize'] = 'The file was too big.';
define('ERR_INVALIDZIP', 'Invalid archive!', true); $config['error']['invalidzip'] = 'Invalid archive!';
// Moderator errors // Moderator errors
define('ERROR_INVALID', 'Invalid username and/or password.', true); $config['error']['invalid'] = 'Invalid username and/or password.';
define('ERROR_NOTAMOD', 'You are not a mod…', true); $config['error']['notamod'] = 'You are not a mod…';
define('ERROR_INVALIDAFTER', 'Invalid username and/or password. Your user may have been deleted or changed.', true); $config['error']['invalidafter'] = 'Invalid username and/or password. Your user may have been deleted or changed.';
define('ERROR_MALFORMED','Invalid/malformed cookies.', true); $config['error']['malformed'] = 'Invalid/malformed cookies.';
define('ERROR_MISSEDAFIELD', 'Your browser didn\'t submit an input when it should have.', true); $config['error']['missedafield'] = 'Your browser didn\'t submit an input when it should have.';
define('ERROR_REQUIRED', 'The %s field is required.', true); $config['error']['required'] = 'The %s field is required.';
define('ERROR_INVALIDFIELD', 'The %s field was invalid.', true); $config['error']['invalidfield'] = 'The %s field was invalid.';
define('ERROR_BOARDEXISTS', 'There is already a %s board.', true); $config['error']['boardexists'] = 'There is already a %s board.';
define('ERROR_NOACCESS', 'You don\'t have permission to do that.', true); $config['error']['noaccess'] = 'You don\'t have permission to do that.';
define('ERROR_INVALIDPOST', 'That post doesn\'t exist…', true); $config['error']['invalidpost'] = 'That post doesn\'t exist…';
define('ERROR_404', 'Page not found.', true); $config['error']['404'] = 'Page not found.';
// Reply limit (deletes thread when this is reached) // Reply limit (deletes thread when this is reached)
define('REPLY_LIMIT', 250, true); $config['reply_limit'] = 250;
// For resizing, max values // For resizing, max values
define('THUMB_WIDTH', 225, true); $config['thumb_width'] = 255;
define('THUMB_HEIGHT', 225, true); $config['thumb_height'] = 255;
// Store image hash in the database for r9k-like boards implementation soon // Store image hash in the database for r9k-like boards implementation soon
// Function name for hashing // Function name for hashing
// sha1_file, md5_file, etc. // sha1_file, md5_file, etc.
define('FILE_HASH', 'sha1_file', true); $config['file_hash'] = 'sha1_file';
define('BLOCK_TOR', true, true); $config['block_tor'] = true;
// Typically spambots try to post a lot of links. Refuse a post with X standalone links? // Typically spambots try to post a lot of links. Refuse a post with X standalone links?
define('MAX_LINKS', 20, true); $config['max_links'] = 20;
// Maximum image upload size in bytes // Maximum image upload size in bytes
define('MAX_FILESIZE', 10*1024*1024, true); // 10MB $config['max_filesize'] = 10*1024*1024; // 10MB
// Maximum image dimensions // Maximum image dimensions
define('MAX_WIDTH', 10000, true); $config['max_width'] = 1000;
define('MAX_HEIGHT', MAX_WIDTH, true); $config['max_height'] = $config['max_width']; // 1:1
/* When you upload a ZIP as a file, all the images inside the archive
* get dumped into the thread as replies.
* Extremely beta and not recommended yet.
*/
define('ALLOW_ZIP', false, true);
/** /**
Redraw the image using GD functions to strip any excess data (commonly ZIP archives) Redraw the image using GD functions to strip any excess data (commonly ZIP archives)
WARNING: Very beta. Currently strips animated GIFs too :( WARNING: Currently strips animated GIFs too :(
**/ **/
define('REDRAW_IMAGE', false, true); $config['redraw_image'] = false;
// Redrawing configuration // Redrawing configuration
define('JPEG_QUALITY', 100, true); $config['jpeg_quality'] = 100;
define('REDRAW_GIF', false, true); // Temporary fix for the animation-stripping bug
$config['redraw_gifs'] = false;
// Display the aspect ratio in a post's file info
define('SHOW_RATIO', true, true);
define('DIR_IMG', 'src/', true);
define('DIR_THUMB', 'thumb/', true);
define('DIR_RES', 'res/', true);
define('DIR_STATIC', 'static/', true);
// Where to store the .html templates. This folder and templates must exist or fatal errors will be thrown. // Display the aspect ratio in a post's file info
define('DIR_TEMPLATE', getcwd() . '/templates', true); $config['show_ratio'] = true;
// The root directory, including the trailing slash, for Tinyboard. // The root directory, including the trailing slash, for Tinyboard.
// examples: '/', 'http://boards.chan.org/', '/chan/' // examples: '/', 'http://boards.chan.org/', '/chan/'
define('ROOT', '/', true); $config['root'] = '/';
$config['dir']['img'] = 'src/';
$config['dir']['thumb'] = 'thumb/';
$config['dir']['res'] = 'res/';
// For load balancing, having a seperate server (and domain/subdomain) for serving static content is possible.
// This can either be a directory or a URL (eg. http://static.example.org/)
$config['dir']['static'] = $config['root'] . 'static/';
// Where to store the .html templates. This folder and templates must exist or fatal errors will be thrown.
$config['dir']['template'] = getcwd() . '/templates';
// Static images // Static images
// These can be URLs OR base64 (data URI scheme) // These can be URLs OR base64 (data URI scheme)
define('IMAGE_STICKY', ROOT . DIR_STATIC . 'sticky.gif', true); $config['image_sticky'] = $config['dir']['static'] . 'sticky.gif';
define('IMAGE_LOCKED', ROOT . DIR_STATIC . 'locked.gif', true); $config['image_locked'] = $config['dir']['static'] . 'locked.gif';
define('DELETED_IMAGE', ROOT . DIR_STATIC . 'deleted.png', true); $config['image_deleted'] = $config['dir']['static'] . 'deleted.png';
define('ZIP_IMAGE', ROOT . DIR_STATIC . 'zip.png', true); $config['image_zip'] = $config['dir']['static'] . 'zip.png';
// If for some reason the folders and static HTML index files aren't in the current working direcotry, // If for some reason the folders and static HTML index files aren't in the current working direcotry,
// enter the directory path here. Otherwise, keep it false. // enter the directory path here. Otherwise, keep it false.
define('ROOT_FILE', false, true); $config['root_file'] = false;
define('POST_URL', ROOT . 'post.php', true); $config['file_index'] = 'index.html';
define('FILE_INDEX', 'index.html', true); $config['file_page'] = '%d.html';
define('FILE_PAGE', '%d.html', true); $config['file_mod'] = 'mod.php';
define('FILE_MOD', 'mod.php', true);
// Multi-board (%s is board abbreviation) // Multi-board (%s is board abbreviation)
define('BOARD_PATH', '%s/', true); $config['board_path'] = '%s/';
// The HTTP status code to use when redirecting. // The HTTP status code to use when redirecting.
// Should be 3xx (redirection). http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html // Should be 3xx (redirection). http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html
// "302" is recommended. // "302" is recommended.
define('REDIRECT_HTTP', 302, true); $config['redirect_http'] = 302;
// TODO: Put this in per-board instance-config instead
// Robot stuff // Robot stuff
// Strip repeating characters when making hashes // Strip repeating characters when making hashes
define('ROBOT_ENABLE', true, true); $config['robot_enable'] = false;
define('ROBOT_BOARD', 'r9k', true); $config['robot_strip_repeating'] = true;
define('ROBOT_STRIP_REPEATING', true, true);
// Enable mutes // Enable mutes
define('ROBOT_MUTE', true, true); // Tinyboard uses ROBOT9000's original 2^x implementation
define('ROBOT_MUTE_HOUR', 50, true); // How many mutes X hours ago to include in the algorithm $config['robot_mute'] = true;
define('ROBOT_MUTE_MULTIPLIER', 2, true); // How many mutes x hours ago to include in the algorithm
define('ROBOT_MUTE_DESCRIPTION', 'You have been muted for unoriginal content.', true); $config['robot_mute_hour'] = 50;
// If you want to alter the algorithm a bit. Default value is 2. n^x
$config['robot_mute_multiplier'] = 2;
$config['robot_mute_descritpion'] = 'You have been muted for unoriginal content.';
/* /*
Mod stuff Mod stuff
*/ */
// Whether or not to lock moderator sessions to the IP address that was logged in with. // Whether or not to lock moderator sessions to the IP address that was logged in with.
define('MOD_LOCK_IP', true, true); $config['mod']['lock_ip'] = true;
// The page that is first shown when a moderator logs in. Defaults to the dashboard. // The page that is first shown when a moderator logs in. Defaults to the dashboard.
define('MOD_DEFAULT', '/', true); $config['mod']['default'] = '/';
// Don't even display MySQL password to administrators (in the configuration page) // Don't even display MySQL password to administrators (in the configuration page).
define('MOD_NEVER_REAL_PASSWORD', true, true); $config['mod']['never_reveal_password'] = true;
// Do a DNS lookup on IP addresses to get their hostname on the IP summary page // Do a DNS lookup on IP addresses to get their hostname on the IP summary page
define('MOD_DNS_LOOKUP', true, true); $config['mod']['dns_lookup'] = true;
// Show ban form on the IP summary page // Show ban form on the IP summary page
define('MOD_IP_BANFORM', true, true); $config['mod']['ip_banform'] = true;
// How many recent posts, per board, to show in the IP summary page // How many recent posts, per board, to show in the IP summary page
define('MOD_IP_RECENTPOSTS', 5, true); $config['mod']['ip_recentposts'] = 5;
// Probably best not to change these: // Probably best not to change these:
define('MOD_JANITOR', 0, true); define('JANITOR', 0, true);
define('MOD_MOD', 1, true); define('MOD', 1, true);
define('MOD_ADMIN', 2, true); define('ADMIN', 2, true);
// Permissions // Permissions
// What level of administration you need to: // What level of administration you need to:
/* Post Controls */ /* Post Controls */
// View IP addresses // View IP addresses
define('MOD_SHOW_IP', MOD_MOD, true); $config['mod']['show_ip'] = MOD;
// Delete a post // Delete a post
define('MOD_DELETE', MOD_JANITOR, true); $config['mod']['delete'] = JANITOR;
// Ban a user for a post // Ban a user for a post
define('MOD_BAN', MOD_MOD, true); $config['mod']['ban'] = MOD;
// Ban and delete (one click; instant) // Ban and delete (one click; instant)
define('MOD_BANDELETE', MOD_BAN, true); $config['mod']['bandelete'] = MOD;
// Delete file (and keep post) // Delete file (and keep post)
define('MOD_DELETEFILE', MOD_JANITOR, true); $config['mod']['deletefile'] = JANITOR;
// Delete all posts by IP // Delete all posts by IP
define('MOD_DELETEBYIP', MOD_BAN, true); $config['mod']['deletebyip'] = MOD;
// Sticky a thread // Sticky a thread
define('MOD_STICKY', MOD_MOD, true); $config['mod']['sticky'] = MOD;
// Lock a thread // Lock a thread
define('MOD_LOCK', MOD_MOD, true); $config['mod']['lock'] = MOD;
// Post in a locked thread // Post in a locked thread
define('MOD_POSTINLOCKED', MOD_MOD, true); $config['mod']['postinlocked'] = MOD;
// Post bypass unoriginal content check // Post bypass unoriginal content check
define('MOD_POSTUNORIGINAL', MOD_MOD, true); $config['mod']['postunoriginal'] = MOD;
// Raw HTML posting // Raw HTML posting
define('MOD_RAWHTML', MOD_MOD, true); $config['mod']['rawhtml'] = MOD;
/* Administration */ /* Administration */
// Display the contents of instant-config.php // Display the contents of instance-config.php
define('MOD_SHOW_CONFIG', MOD_ADMIN, true); $config['mod']['show_config'] = ADMIN;
// View list of bans // View list of bans
define('MOD_VIEW_BANLIST', MOD_MOD, true); $config['mod']['view_banlist'] = MOD;
// View the username of the mod who made a ban // View the username of the mod who made a ban
define('MOD_VIEW_BANSTAFF', MOD_MOD, true); $config['mod']['view_banstaff'] = MOD;
// If the moderator doesn't fit the MOD_VIEW_BANSTAFF (previous) permission, // If the moderator doesn't fit the $config['mod']['view_banstaff''] (previous) permission,
// show him just a "?" instead. Otherwise, it will be "Mod" or "Admin" // show him just a "?" instead. Otherwise, it will be "Mod" or "Admin"
define('MOD_VIEW_BANQUESTIONMARK', false, true); $config['mod']['view_banquestionmark'] = false;
// Show expired bans in the ban list (they are kept in cache until the culprit returns) // Show expired bans in the ban list (they are kept in cache until the culprit returns)
define('MOD_VIEW_BANEXPIRED', true, true); $config['mod']['view_banexpired'] = true;
// Create a new board // Create a new board
define('MOD_NEWBOARD', MOD_ADMIN, true); $config['mod']['newboard'] = ADMIN;
// Mod links (full HTML) // Mod links (full HTML)
// Correspond to above permission directives // Correspond to above permission directives
define('MOD_LINK_DELETE', '[D]', true); $config['mod']['link_delete'] = '[D]';
define('MOD_LINK_BAN', '[B]', true); $config['mod']['link_ban'] = '[B]';
define('MOD_LINK_BANDELETE', '[B&amp;D]', true); $config['mod']['link_bandelete'] = '[B&amp;D]';
define('MOD_LINK_DELETEFILE', '[F]', true); $config['mod']['link_deletefile'] = '[F]';
define('MOD_LINK_DELETEBYIP', '[D+]', true); $config['mod']['link_deletebyip'] = '[D+]';
define('MOD_LINK_STICKY', '[Sticky]', true); $config['mod']['link_sticky'] = '[Sticky]';
define('MOD_LINK_DESTICKY', '[-Sticky]', true); $config['mod']['link_desticky'] = '[-Sticky]';
define('MOD_LINK_LOCK', '[Lock]', true); $config['mod']['link_lock'] = '[Lock]';
define('MOD_LINK_UNLOCK', '[-Lock]', true); $config['mod']['link_unlock'] = '[-Lock]';
// A small file in the main directory indicating that the script has been ran and the board(s) have been generated. // A small file in the main directory indicating that the script has been ran and the board(s) have been generated.
// This keeps the script from querying the database and causing strain when not needed. // This keeps the script from querying the database and causing strain when not needed.
define('HAS_INSTALLED', '.installed', true); $config['has_installed'] = '.installed';
// Name of the boards. Typically '/%s/' (/b/, /mu/, etc) // Name of the boards. Usually '/%s/' (/b/, /mu/, etc)
// BOARD_ABBREVIATION - BOARD_TITLE // $config['board_abbreviation'] - BOARD_TITLE
define('BOARD_ABBREVIATION', '/%s/', true); $config['board_abbreviation'] = '/%s/';
// Automatically convert things like "..." to Unicode characters ("…") // Automatically convert things like "..." to Unicode characters ("…")
define('AUTO_UNICODE', true, true); $config['auto_unicode'] = true;
// Use some Wiki-like syntax (''em'', '''strong''', ==Heading==, etc) // Use some Wiki-like syntax (''em'', '''strong''', ==Heading==, etc)
define('WIKI_MARKUP', true, true); $config['wiki_markup'] = true;
// Whether to turn URLs into functional links // Whether to turn URLs into functional links
define('MARKUP_URLS', true, true); $config['markup_urls'] = true;
// Complex regular expression to catch URLs // Complex regular expression to catch URLs
define('URL_REGEX', '/' . '(https?|ftp):\/\/' . '(([\w\-]+\.)+[a-zA-Z]{2,6}|\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})' . '(\/([\w\-~\.#\/?=&;:+%]+)?)?' . '/', true); $config['url_regex'] = '/' . '(https?|ftp):\/\/' . '(([\w\-]+\.)+[a-zA-Z]{2,6}|\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})' . '(\/([\w\-~\.#\/?=&;:+%]+)?)?' . '/';
// Allowed file extensions // Allowed file extensions
$allowed_ext = Array('jpg', 'jpeg', 'bmp', 'gif', 'png', true); $config['allowed_ext'] = Array('jpg', 'jpeg', 'bmp', 'gif', 'png');
define('BUTTON_NEWTOPIC', 'New Topic', true); // The names on the post buttons. (On most imageboards, these are both "Post".)
define('BUTTON_REPLY', 'New Reply', true); $config['button_newtopic'] = 'New Topic';
$config['button_reply'] = 'New Reply';
// The string passed to date() for post times // The string passed to date() for post times
// http://php.net/manual/en/function.date.php // http://php.net/manual/en/function.date.php
define('POST_DATE', 'm/d/y (D) H:i:s', true); $config['post_date'] = 'm/d/y (D) H:i:s';
define('ALWAYS_NOKO', false, true); // Always act as if they had typed "noko" in the email field no mattter what
$config['always_noko'] = false;
define('URL_MATCH', '/^' . $config['url_match'] = '/^' .
(preg_match(URL_REGEX, ROOT) ? '' : (preg_match($config['url_regex'], $config['root']) ? '' :
(@$_SERVER['HTTPS']?'https':'http') . (@$_SERVER['HTTPS']?'https':'http') .
':\/\/'.$_SERVER['HTTP_HOST']) . ':\/\/'.$_SERVER['HTTP_HOST']) .
preg_quote(ROOT, '/') . preg_quote($config['root'], '/') .
'(' . '(' .
str_replace('%s', '\w{1,8}', preg_quote(BOARD_PATH, '/')) . str_replace('%s', '\w{1,8}', preg_quote($config['board_path'], '/')) .
'|' . '|' .
str_replace('%s', '\w{1,8}', preg_quote(BOARD_PATH, '/')) . str_replace('%s', '\w{1,8}', preg_quote($config['board_path'], '/')) .
preg_quote(FILE_INDEX, '/') . preg_quote($config['file_index'], '/') .
'|' . '|' .
str_replace('%s', '\w{1,8}', preg_quote(BOARD_PATH, '/')) . str_replace('%s', '\w{1,8}', preg_quote($config['board_path'], '/')) .
str_replace('%d', '\d+', preg_quote(FILE_PAGE, '/')) . str_replace('%d', '\d+', preg_quote($config['file_page'], '/')) .
'|' . '|' .
preg_quote(FILE_MOD, '/') . preg_quote($config['file_mod'], '/') .
'\?\/.+' . '\?\/.+' .
')$/i', true); ')$/i';
if(ROOT_FILE) { if($config['root_file']) {
chdir(ROOT_FILE); chdir($config['root_file']);
} }
if(VERBOSE_ERRORS) { if($config['verbose_errors']) {
error_reporting(E_ALL); error_reporting(E_ALL);
ini_set('display_errors', 1); ini_set('display_errors', 1);
} }
?> ?>

View File

@ -1,20 +1,20 @@
<?php <?php
function sql_open() { function sql_open() {
global $pdo; global $pdo, $config;
if($pdo) return true; if($pdo) return true;
$dsn = DB_TYPE . ':host=' . DB_SERVER . ';dbname=' . DB_DATABASE; $dsn = $config['db']['type'] . ':host=' . $config['db']['server'] . ';dbname=' . $config['db']['database'];
if((bool)DB_DSN) // empty() doesn't work on constants if(!empty($config['db']['dsn']))
$dsn .= ';' . DB_DSN; $dsn .= ';' . $config['db']['dsn'];
try { try {
return $pdo = new PDO($dsn, DB_USER, DB_PASSWORD); return $pdo = new PDO($dsn, $config['db']['user'], $config['db']['password']);
} catch(PDOException $e) { } catch(PDOException $e) {
$message = $e->getMessage(); $message = $e->getMessage();
// Remove any sensitive information // Remove any sensitive information
$message = str_replace(DB_USER, '<em>hidden</em>', $message); $message = str_replace($config['db']['user'], '<em>hidden</em>', $message);
$message = str_replace(DB_PASSWORD, '<em>hidden</em>', $message); $message = str_replace($config['db']['password'], '<em>hidden</em>', $message);
// Print error // Print error
error('Database error: ' . $message); error('Database error: ' . $message);

View File

@ -20,30 +20,32 @@
} }
function error($message) { function error($message) {
global $board, $mod; global $board, $mod, $config;
if(function_exists('sql_close')) sql_close(); if(function_exists('sql_close')) sql_close();
die(Element('page.html', Array( die(Element('page.html', Array(
'index'=>ROOT, 'index'=>$config['root'],
'title'=>'Error', 'title'=>'Error',
'subtitle'=>'An error has occured.', 'subtitle'=>'An error has occured.',
'body'=>"<center>" . 'body'=>"<center>" .
"<h2>$message</h2>" . "<h2>$message</h2>" .
(isset($board) ? (isset($board) ?
"<p><a href=\"" . ROOT . "<p><a href=\"" . $config['root'] .
($mod ? FILE_MOD . '?/' : '') . ($mod ? $config['file_mod'] . '?/' : '') .
$board['dir'] . FILE_INDEX . "\">Go back</a>.</p>" : ''). $board['dir'] . $config['file_index'] . "\">Go back</a>.</p>" : '').
"</center>" "</center>"
))); )));
} }
function loginForm($error=false, $username=false) { function loginForm($error=false, $username=false) {
global $config;
if(function_exists('sql_close')) sql_close(); if(function_exists('sql_close')) sql_close();
die(Element('page.html', Array( die(Element('page.html', Array(
'index'=>ROOT, 'index'=>$config['root'],
'title'=>'Login', 'title'=>'Login',
'body'=>Element('login.html', Array( 'body'=>Element('login.html', Array(
'index'=>ROOT, 'index'=>$config['root'],
'error'=>$error, 'error'=>$error,
'username'=>$username 'username'=>$username
) )
@ -52,7 +54,10 @@
} }
class Post { class Post {
public function __construct($id, $thread, $subject, $email, $name, $trip, $body, $time, $thumb, $thumbx, $thumby, $file, $filex, $filey, $filesize, $filename, $ip, $root=ROOT, $mod=false) { public function __construct($id, $thread, $subject, $email, $name, $trip, $body, $time, $thumb, $thumbx, $thumby, $file, $filex, $filey, $filesize, $filename, $ip, $root=null, $mod=false) {
global $config;
if(!isset($root)) $root = $config['root'];
$this->id = $id; $this->id = $id;
$this->thread = $thread; $this->thread = $thread;
$this->subject = utf8tohtml($subject); $this->subject = utf8tohtml($subject);
@ -77,13 +82,13 @@
// Fix internal links // Fix internal links
// Very complicated regex // Very complicated regex
$this->body = preg_replace( $this->body = preg_replace(
'/<a(([a-zA-Z]+="[^"]+")|[a-zA-Z]+=[a-zA-Z]+|\s)*href="' . preg_quote(ROOT, '/') . '(' . sprintf(preg_quote(BOARD_PATH, '/'), '\w+') . ')/', '/<a(([a-zA-Z]+="[^"]+")|[a-zA-Z]+=[a-zA-Z]+|\s)*href="' . preg_quote($config['root'], '/') . '(' . sprintf(preg_quote($config['board_path'], '/'), '\w+') . ')/',
'<a href="?/$3', '<a href="?/$3',
$this->body $this->body
); );
} }
public function postControls() { public function postControls() {
global $board; global $board, $config;
$built = ''; $built = '';
if($this->mod) { if($this->mod) {
@ -91,24 +96,24 @@
$built .= '<span class="controls">'; $built .= '<span class="controls">';
// Delete // Delete
if($this->mod['type'] >= MOD_DELETE) if($this->mod['type'] >= $config['mod']['delete'])
$built .= ' <a title="Delete" href="?/' . $board['uri'] . '/delete/' . $this->id . '">' . MOD_LINK_DELETE . '</a>'; $built .= ' <a title="Delete" href="?/' . $board['uri'] . '/delete/' . $this->id . '">' . $config['mod']['link_delete'] . '</a>';
// Delete all posts by IP // Delete all posts by IP
if($this->mod['type'] >= MOD_DELETEBYIP) if($this->mod['type'] >= $config['mod']['deletebyip'])
$built .= ' <a title="Delete all posts by IP" href="?/' . $board['uri'] . '/deletebyip/' . $this->id . '">' . MOD_LINK_DELETEBYIP . '</a>'; $built .= ' <a title="Delete all posts by IP" href="?/' . $board['uri'] . '/deletebyip/' . $this->id . '">' . $config['mod']['link_deletebyip'] . '</a>';
// Ban // Ban
if($this->mod['type'] >= MOD_BAN) if($this->mod['type'] >= $config['mod']['ban'])
$built .= ' <a title="Ban" href="?/' . $board['uri'] . '/ban/' . $this->id . '">' . MOD_LINK_BAN . '</a>'; $built .= ' <a title="Ban" href="?/' . $board['uri'] . '/ban/' . $this->id . '">' . $config['mod']['link_ban'] . '</a>';
// Ban & Delete // Ban & Delete
if($this->mod['type'] >= MOD_BANDELETE) if($this->mod['type'] >= $config['mod']['bandelete'])
$built .= ' <a title="Ban & Delete" href="?/' . $board['uri'] . '/ban&amp;delete/' . $this->id . '">' . MOD_LINK_BANDELETE . '</a>'; $built .= ' <a title="Ban & Delete" href="?/' . $board['uri'] . '/ban&amp;delete/' . $this->id . '">' . $config['mod']['link_bandelete'] . '</a>';
// Delete file (keep post) // Delete file (keep post)
if(!empty($this->file) && $this->mod['type'] >= MOD_DELETEFILE) if(!empty($this->file) && $this->mod['type'] >= $config['mod']['deletefile'])
$built .= ' <a title="Remove file" href="?/' . $board['uri'] . '/deletefile/' . $this->id . '">' . MOD_LINK_DELETEFILE . '</a>'; $built .= ' <a title="Remove file" href="?/' . $board['uri'] . '/deletefile/' . $this->id . '">' . $config['mod']['link_deletefile'] . '</a>';
$built .= '</span>'; $built .= '</span>';
} }
@ -116,7 +121,7 @@
} }
public function build($index=false) { public function build($index=false) {
global $board; global $board, $config;
$built = '<div class="post reply"' . (!$index?' id="reply_' . $this->id . '"':'') . '>' . $built = '<div class="post reply"' . (!$index?' id="reply_' . $this->id . '"':'') . '>' .
'<p class="intro"' . (!$index?' id="' . $this->id . '"':'') . '>' . '<p class="intro"' . (!$index?' id="' . $this->id . '"':'') . '>' .
@ -135,7 +140,7 @@
. (!empty($this->trip) ? ' <span class="trip">'.$this->trip.'</span>':''); . (!empty($this->trip) ? ' <span class="trip">'.$this->trip.'</span>':'');
// IP Address // IP Address
if($this->mod && $this->mod['type'] >= MOD_SHOW_IP) { if($this->mod && $this->mod['type'] >= $config['mod']['show_ip']) {
$built .= ' [<a style="margin:0;" href="?/IP/' . $this->ip . '">' . $this->ip . '</a>]'; $built .= ' [<a style="margin:0;" href="?/IP/' . $this->ip . '">' . $this->ip . '</a>]';
} }
@ -144,7 +149,7 @@
$built .= '</a>'; $built .= '</a>';
// Date/time // Date/time
$built .= ' ' . date(POST_DATE, $this->time); $built .= ' ' . date($config['post_date'], $this->time);
// End delete // End delete
$built .= '</label>'; $built .= '</label>';
@ -152,20 +157,20 @@
$built .= ' <a class="post_no"' . $built .= ' <a class="post_no"' .
// JavaScript highlight // JavaScript highlight
($index?'':' onclick="highlightReply(' . $this->id . ');"') . ($index?'':' onclick="highlightReply(' . $this->id . ');"') .
' href="' . $this->root . $board['dir'] . DIR_RES . $this->thread . '.html' . '#' . $this->id . '">No.</a>' . ' href="' . $this->root . $board['dir'] . $config['dir']['res'] . $this->thread . '.html' . '#' . $this->id . '">No.</a>' .
// JavaScript cite // JavaScript cite
'<a class="post_no"' . ($index?'':' onclick="citeReply(' . $this->id . ');"') . ' href="' . ($index?$this->root . $board['dir'] . DIR_RES . $this->thread . '.html' . '#q' . $this->id:'javascript:void(0);') . '">'.$this->id.'</a>' . '<a class="post_no"' . ($index?'':' onclick="citeReply(' . $this->id . ');"') . ' href="' . ($index?$this->root . $board['dir'] . $config['dir']['res'] . $this->thread . '.html' . '#q' . $this->id:'javascript:void(0);') . '">'.$this->id.'</a>' .
'</p>'; '</p>';
// File info // File info
if(!empty($this->file) && $this->file != 'deleted') { if(!empty($this->file) && $this->file != 'deleted') {
$built .= '<p class="fileinfo">File: <a href="' . ROOT . $board['dir'] . DIR_IMG . $this->file .'">' . $this->file . '</a> <span class="unimportant">(' . $built .= '<p class="fileinfo">File: <a href="' . $config['root'] . $board['dir'] . $config['dir']['img'] . $this->file .'">' . $this->file . '</a> <span class="unimportant">(' .
// Filesize // Filesize
format_bytes($this->filesize) . ', ' . format_bytes($this->filesize) . ', ' .
// File dimensions // File dimensions
$this->filex . 'x' . $this->filey; $this->filex . 'x' . $this->filey;
// Aspect Ratio // Aspect Ratio
if(SHOW_RATIO) { if($config['show_ratio']) {
$fraction = fraction($this->filex, $this->filey, ':'); $fraction = fraction($this->filex, $this->filey, ':');
$built .= ', ' . $fraction; $built .= ', ' . $fraction;
} }
@ -173,9 +178,9 @@
$built .= ', ' . $this->filename . ')</span></p>' . $built .= ', ' . $this->filename . ')</span></p>' .
// Thumbnail // Thumbnail
'<a href="' . ROOT . $board['dir'] . DIR_IMG . $this->file.'"><img src="' . ROOT . $board['dir'] . DIR_THUMB . $this->thumb.'" style="width:'.$this->thumbx.'px;height:'.$this->thumby.'px;" /></a>'; '<a href="' . $config['root'] . $board['dir'] . $config['dir']['img'] . $this->file.'"><img src="' . $config['root'] . $board['dir'] . $config['dir']['thumb'] . $this->thumb.'" style="width:'.$this->thumbx.'px;height:'.$this->thumby.'px;" /></a>';
} elseif($this->file == 'deleted') { } elseif($this->file == 'deleted') {
$built .= '<img src="' . DELETED_IMAGE . '" />'; $built .= '<img src="' . $config['image_deleted'] . '" />';
} }
$built .= $this->postControls(); $built .= $this->postControls();
@ -189,7 +194,10 @@
class Thread { class Thread {
public $omitted = 0; public $omitted = 0;
public function __construct($id, $subject, $email, $name, $trip, $body, $time, $thumb, $thumbx, $thumby, $file, $filex, $filey, $filesize, $filename, $ip, $sticky, $locked, $root=ROOT, $mod=false) { public function __construct($id, $subject, $email, $name, $trip, $body, $time, $thumb, $thumbx, $thumby, $file, $filex, $filey, $filesize, $filename, $ip, $sticky, $locked, $root=null, $mod=false) {
global $config;
if(!isset($root)) $root = $config['root'];
$this->id = $id; $this->id = $id;
$this->subject = utf8tohtml($subject); $this->subject = utf8tohtml($subject);
$this->email = $email; $this->email = $email;
@ -217,7 +225,7 @@
// Fix internal links // Fix internal links
// Very complicated regex // Very complicated regex
$this->body = preg_replace( $this->body = preg_replace(
'/<a(([a-zA-Z]+="[^"]+")|[a-zA-Z]+=[a-zA-Z]+|\s)*href="' . preg_quote(ROOT, '/') . '(' . sprintf(preg_quote(BOARD_PATH, '/'), '\w+') . ')/', '/<a(([a-zA-Z]+="[^"]+")|[a-zA-Z]+=[a-zA-Z]+|\s)*href="' . preg_quote($config['root'], '/') . '(' . sprintf(preg_quote($config['board_path'], '/'), '\w+') . ')/',
'<a href="?/$3', '<a href="?/$3',
$this->body $this->body
); );
@ -226,7 +234,7 @@
$this->posts[] = $post; $this->posts[] = $post;
} }
public function postControls() { public function postControls() {
global $board; global $board, $config;
$built = ''; $built = '';
if($this->mod) { if($this->mod) {
@ -234,34 +242,34 @@
$built .= '<span class="controls op">'; $built .= '<span class="controls op">';
// Delete // Delete
if($this->mod['type'] >= MOD_DELETE) if($this->mod['type'] >= $config['mod']['delete'])
$built .= ' <a title="Delete" href="?/' . $board['uri'] . '/delete/' . $this->id . '">' . MOD_LINK_DELETE . '</a>'; $built .= ' <a title="Delete" href="?/' . $board['uri'] . '/delete/' . $this->id . '">' . $config['mod']['link_delete'] . '</a>';
// Delete all posts by IP // Delete all posts by IP
if($this->mod['type'] >= MOD_DELETEBYIP) if($this->mod['type'] >= $config['mod']['deletebyip'])
$built .= ' <a title="Delete all posts by IP" href="?/' . $board['uri'] . '/deletebyip/' . $this->id . '">' . MOD_LINK_DELETEBYIP . '</a>'; $built .= ' <a title="Delete all posts by IP" href="?/' . $board['uri'] . '/deletebyip/' . $this->id . '">' . $config['mod']['link_deletebyip'] . '</a>';
// Ban // Ban
if($this->mod['type'] >= MOD_BAN) if($this->mod['type'] >= $config['mod']['ban'])
$built .= ' <a title="Ban" href="?/' . $board['uri'] . '/ban/' . $this->id . '">' . MOD_LINK_BAN . '</a>'; $built .= ' <a title="Ban" href="?/' . $board['uri'] . '/ban/' . $this->id . '">' . $config['mod']['link_ban'] . '</a>';
// Ban & Delete // Ban & Delete
if($this->mod['type'] >= MOD_BANDELETE) if($this->mod['type'] >= $config['mod']['bandelete'])
$built .= ' <a title="Ban & Delete" href="?/' . $board['uri'] . '/ban&amp;delete/' . $this->id . '">' . MOD_LINK_BANDELETE . '</a>'; $built .= ' <a title="Ban & Delete" href="?/' . $board['uri'] . '/ban&amp;delete/' . $this->id . '">' . $config['mod']['link_bandelete'] . '</a>';
// Stickies // Stickies
if($this->mod['type'] >= MOD_STICKY) if($this->mod['type'] >= $config['mod']['sticky'])
if($this->sticky) if($this->sticky)
$built .= ' <a title="Make thread not sticky" href="?/' . $board['uri'] . '/unsticky/' . $this->id . '">' . MOD_LINK_DESTICKY . '</a>'; $built .= ' <a title="Make thread not sticky" href="?/' . $board['uri'] . '/unsticky/' . $this->id . '">' . $config['mod']['link_desticky'] . '</a>';
else else
$built .= ' <a title="Make thread sticky" href="?/' . $board['uri'] . '/sticky/' . $this->id . '">' . MOD_LINK_STICKY . '</a>'; $built .= ' <a title="Make thread sticky" href="?/' . $board['uri'] . '/sticky/' . $this->id . '">' . $config['mod']['link_sticky'] . '</a>';
// Lock // Lock
if($this->mod['type'] >= MOD_LOCK) if($this->mod['type'] >= $config['mod']['lock'])
if($this->locked) if($this->locked)
$built .= ' <a title="Lock thread" href="?/' . $board['uri'] . '/unlock/' . $this->id . '">' . MOD_LINK_UNLOCK . '</a>'; $built .= ' <a title="Lock thread" href="?/' . $board['uri'] . '/unlock/' . $this->id . '">' . $config['mod']['link_unlock'] . '</a>';
else else
$built .= ' <a title="Unlock thread" href="?/' . $board['uri'] . '/lock/' . $this->id . '">' . MOD_LINK_LOCK . '</a>'; $built .= ' <a title="Unlock thread" href="?/' . $board['uri'] . '/lock/' . $this->id . '">' . $config['mod']['link_lock'] . '</a>';
$built .= '</span>'; $built .= '</span>';
@ -270,22 +278,22 @@
} }
public function build($index=false) { public function build($index=false) {
global $board; global $board, $config;
$built = '<p class="fileinfo">File: <a href="' . ROOT . $board['dir'] . DIR_IMG . $this->file .'">' . $this->file . '</a> <span class="unimportant">(' . $built = '<p class="fileinfo">File: <a href="' . $config['root'] . $board['dir'] . $config['dir']['img'] . $this->file .'">' . $this->file . '</a> <span class="unimportant">(' .
// Filesize // Filesize
format_bytes($this->filesize) . ', ' . format_bytes($this->filesize) . ', ' .
// File dimensions // File dimensions
$this->filex . 'x' . $this->filey; $this->filex . 'x' . $this->filey;
// Aspect Ratio // Aspect Ratio
if(SHOW_RATIO) { if($config['show_ratio']) {
$fraction = fraction($this->filex, $this->filey, ':'); $fraction = fraction($this->filex, $this->filey, ':');
$built .= ', ' . $fraction; $built .= ', ' . $fraction;
} }
// Filename // Filename
$built .= ', ' . $this->filename . ')</span></p>' . $built .= ', ' . $this->filename . ')</span></p>' .
// Thumbnail // Thumbnail
'<a href="' . ROOT . $board['dir'] . DIR_IMG . $this->file.'"><img src="' . ROOT . $board['dir'] . DIR_THUMB . $this->thumb.'" style="width:'.$this->thumbx.'px;height:'.$this->thumby.'px;" /></a>'; '<a href="' . $config['root'] . $board['dir'] . $config['dir']['img'] . $this->file.'"><img src="' . $config['root'] . $board['dir'] . $config['dir']['thumb'] . $this->thumb.'" style="width:'.$this->thumbx.'px;height:'.$this->thumby.'px;" /></a>';
$built .= '<div class="post op"><p class="intro"' . (!$index?' id="' . $this->id . '"':'') . '>'; $built .= '<div class="post op"><p class="intro"' . (!$index?' id="' . $this->id . '"':'') . '>';
@ -304,7 +312,7 @@
. (!empty($this->trip) ? ' <span class="trip">'.$this->trip.'</span>':''); . (!empty($this->trip) ? ' <span class="trip">'.$this->trip.'</span>':'');
// IP Address // IP Address
if($this->mod && $this->mod['type'] >= MOD_SHOW_IP) { if($this->mod && $this->mod['type'] >= $config['mod']['show_ip']) {
$built .= ' [<a style="margin:0;" href="?/IP/' . $this->ip . '">' . $this->ip . '</a>]'; $built .= ' [<a style="margin:0;" href="?/IP/' . $this->ip . '">' . $this->ip . '</a>]';
} }
@ -313,7 +321,7 @@
$built .= '</a>'; $built .= '</a>';
// Date/time // Date/time
$built .= ' ' . date(POST_DATE, $this->time); $built .= ' ' . date($config['post_date'], $this->time);
// End delete // End delete
$built .= '</label>'; $built .= '</label>';
@ -321,15 +329,15 @@
$built .= ' <a class="post_no"' . $built .= ' <a class="post_no"' .
// JavaScript highlight // JavaScript highlight
($index?'':' onclick="highlightReply(' . $this->id . ');"') . ($index?'':' onclick="highlightReply(' . $this->id . ');"') .
' href="' . $this->root . $board['dir'] . DIR_RES . $this->id . '.html' . '#' . $this->id . '">No.</a>' . ' href="' . $this->root . $board['dir'] . $config['dir']['res'] . $this->id . '.html' . '#' . $this->id . '">No.</a>' .
// JavaScript cite // JavaScript cite
'<a class="post_no"' . ($index?'':' onclick="citeReply(' . $this->id . ');"') . ' href="' . ($index?$this->root . $board['dir'] . DIR_RES . $this->id . '.html' . '#q' . $this->id:'javascript:void(0);') . '">'.$this->id.'</a>' . '<a class="post_no"' . ($index?'':' onclick="citeReply(' . $this->id . ');"') . ' href="' . ($index?$this->root . $board['dir'] . $config['dir']['res'] . $this->id . '.html' . '#q' . $this->id:'javascript:void(0);') . '">'.$this->id.'</a>' .
// Sticky // Sticky
($this->sticky ? '<img class="icon" title="Sticky" src="' . IMAGE_STICKY . '" />' : '') . ($this->sticky ? '<img class="icon" title="Sticky" src="' . $config['image_sticky'] . '" />' : '') .
// Locked // Locked
($this->locked ? '<img class="icon" title="Locked" src="' . IMAGE_LOCKED . '" />' : '') . ($this->locked ? '<img class="icon" title="Locked" src="' . $config['image_locked'] . '" />' : '') .
// [Reply] // [Reply]
($index ? '<a href="' . $this->root . $board['dir'] . DIR_RES . $this->id . '.html">[Reply]</a>' : '') . ($index ? '<a href="' . $this->root . $board['dir'] . $config['dir']['res'] . $this->id . '.html">[Reply]</a>' : '') .
// Mod controls // Mod controls
$this->postControls() . $this->postControls() .

View File

@ -9,7 +9,7 @@
} }
function setupBoard($array) { function setupBoard($array) {
global $board; global $board, $config;
$board = Array( $board = Array(
'id' => $array['id'], 'id' => $array['id'],
@ -17,13 +17,13 @@
'name' => $array['title'], 'name' => $array['title'],
'title' => $array['subtitle']); 'title' => $array['subtitle']);
$board['dir'] = sprintf(BOARD_PATH, $board['uri']); $board['dir'] = sprintf($config['board_path'], $board['uri']);
$board['url'] = sprintf(BOARD_ABBREVIATION, $board['uri']); $board['url'] = sprintf($config['board_abbreviation'], $board['uri']);
if(!file_exists($board['dir'])) mkdir($board['dir'], 0777); if(!file_exists($board['dir'])) mkdir($board['dir'], 0777);
if(!file_exists($board['dir'] . DIR_IMG)) @mkdir($board['dir'] . DIR_IMG, 0777) or error("Couldn't create " . DIR_IMG . ". Check permissions.", true); if(!file_exists($board['dir'] . $config['dir']['img'])) @mkdir($board['dir'] . $config['dir']['img'], 0777) or error("Couldn't create " . $config['dir']['img'] . ". Check permissions.", true);
if(!file_exists($board['dir'] . DIR_THUMB)) @mkdir($board['dir'] . DIR_THUMB, 0777) or error("Couldn't create " . DIR_THUMB . ". Check permissions.", true); if(!file_exists($board['dir'] . $config['dir']['thumb'])) @mkdir($board['dir'] . $config['dir']['thumb'], 0777) or error("Couldn't create " . $config['dir']['thumb'] . ". Check permissions.", true);
if(!file_exists($board['dir'] . DIR_RES)) @mkdir($board['dir'] . DIR_RES, 0777) or error("Couldn't create " . DIR_RES . ". Check permissions.", true); if(!file_exists($board['dir'] . $config['dir']['res'])) @mkdir($board['dir'] . $config['dir']['res'], 0777) or error("Couldn't create " . $config['dir']['res'] . ". Check permissions.", true);
} }
function openBoard($uri) { function openBoard($uri) {
@ -46,14 +46,14 @@
} }
function checkFlood($post) { function checkFlood($post) {
global $board; global $board, $config;
$query = prepare(sprintf("SELECT * FROM `posts_%s` WHERE (`ip` = :ip AND `time` >= :floodtime) OR (`ip` = :ip AND `body` = :body AND `time` >= :floodsameiptime) OR (`body` = :body AND `time` >= :floodsametime) LIMIT 1", $board['uri'])); $query = prepare(sprintf("SELECT * FROM `posts_%s` WHERE (`ip` = :ip AND `time` >= :floodtime) OR (`ip` = :ip AND `body` = :body AND `time` >= :floodsameiptime) OR (`body` = :body AND `time` >= :floodsametime) LIMIT 1", $board['uri']));
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']); $query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
$query->bindValue(':body', $post['body'], PDO::PARAM_INT); $query->bindValue(':body', $post['body'], PDO::PARAM_INT);
$query->bindValue(':floodtime', time()-FLOOD_TIME, PDO::PARAM_INT); $query->bindValue(':floodtime', time()-$config['flood_time'], PDO::PARAM_INT);
$query->bindValue(':floodsameiptime', time()-FLOOD_TIME_IP_SAME, PDO::PARAM_INT); $query->bindValue(':floodsameiptime', time()-$config['flood_time_ip'], PDO::PARAM_INT);
$query->bindValue(':floodsametime', time()-FLOOD_TIME_SAME, PDO::PARAM_INT); $query->bindValue(':floodsametime', time()-$config['flood_time_same'], PDO::PARAM_INT);
$query->execute() or error(db_error($query)); $query->execute() or error(db_error($query));
return (bool)$query->fetch(); return (bool)$query->fetch();
@ -81,6 +81,8 @@
} }
function checkBan() { function checkBan() {
global $config;
if(!isset($_SERVER['REMOTE_ADDR'])) { if(!isset($_SERVER['REMOTE_ADDR'])) {
// Server misconfiguration // Server misconfiguration
return; return;
@ -157,7 +159,7 @@
// Show banned page and exit // Show banned page and exit
die(Element('page.html', Array( die(Element('page.html', Array(
'index' => ROOT, 'index' => $config['root'],
'title' => 'Banned', 'title' => 'Banned',
'subtitle' => 'You are banned!', 'subtitle' => 'You are banned!',
'body' => $body 'body' => $body
@ -264,14 +266,14 @@
// Remove file from post // Remove file from post
function deleteFile($id, $remove_entirely_if_already=true) { function deleteFile($id, $remove_entirely_if_already=true) {
global $board; global $board, $config;
$query = prepare(sprintf("SELECT `thread`,`thumb`,`file` FROM `posts_%s` WHERE `id` = :id AND `thread` IS NOT NULL LIMIT 1", $board['uri'])); $query = prepare(sprintf("SELECT `thread`,`thumb`,`file` FROM `posts_%s` WHERE `id` = :id AND `thread` IS NOT NULL LIMIT 1", $board['uri']));
$query->bindValue(':id', $id, PDO::PARAM_INT); $query->bindValue(':id', $id, PDO::PARAM_INT);
$query->execute() or error(db_error($query)); $query->execute() or error(db_error($query));
if($query->rowCount() < 1) { if($query->rowCount() < 1) {
error(ERROR_INVALIDPOST); error($config['error']['invalidpost']);
} }
$post = $query->fetch(); $post = $query->fetch();
@ -282,10 +284,10 @@
$query->bindValue(':file', null, PDO::PARAM_NULL); $query->bindValue(':file', null, PDO::PARAM_NULL);
} else { } else {
// Delete thumbnail // Delete thumbnail
@unlink($board['dir'] . DIR_THUMB . $post['thumb']); @unlink($board['dir'] . $config['dir']['thumb'] . $post['thumb']);
// Delete file // Delete file
@unlink($board['dir'] . DIR_IMG . $post['file']); @unlink($board['dir'] . $config['dir']['img'] . $post['file']);
// Set file to 'deleted' // Set file to 'deleted'
$query->bindValue(':file', 'deleted', PDO::PARAM_INT); $query->bindValue(':file', 'deleted', PDO::PARAM_INT);
@ -300,7 +302,7 @@
// Delete a post (reply or thread) // Delete a post (reply or thread)
function deletePost($id, $error_if_doesnt_exist=true) { function deletePost($id, $error_if_doesnt_exist=true) {
global $board; global $board, $config;
// Select post and replies (if thread) in one query // Select post and replies (if thread) in one query
$query = prepare(sprintf("SELECT `id`,`thread`,`thumb`,`file` FROM `posts_%s` WHERE `id` = :id OR `thread` = :id", $board['uri'])); $query = prepare(sprintf("SELECT `id`,`thread`,`thumb`,`file` FROM `posts_%s` WHERE `id` = :id OR `thread` = :id", $board['uri']));
@ -309,7 +311,7 @@
if($query->rowCount() < 1) { if($query->rowCount() < 1) {
if($error_if_doesnt_exist) if($error_if_doesnt_exist)
error(ERROR_INVALIDPOST); error($config['error']['invalidpost']);
else return false; else return false;
} }
@ -317,18 +319,18 @@
while($post = $query->fetch()) { while($post = $query->fetch()) {
if(!$post['thread']) { if(!$post['thread']) {
// Delete thread HTML page // Delete thread HTML page
@unlink($board['dir'] . DIR_RES . sprintf(FILE_PAGE, $post['id'])); @unlink($board['dir'] . $config['dir']['res'] . sprintf($config['file_page'], $post['id']));
} elseif($query->rowCount() == 1) { } elseif($query->rowCount() == 1) {
// Rebuild thread // Rebuild thread
$rebuild = $post['thread']; $rebuild = $post['thread'];
} }
if($post['thumb']) { if($post['thumb']) {
// Delete thumbnail // Delete thumbnail
@unlink($board['dir'] . DIR_THUMB . $post['thumb']); @unlink($board['dir'] . $config['dir']['thumb'] . $post['thumb']);
} }
if($post['file']) { if($post['file']) {
// Delete file // Delete file
@unlink($board['dir'] . DIR_IMG . $post['file']); @unlink($board['dir'] . $config['dir']['img'] . $post['file']);
} }
} }
@ -344,8 +346,8 @@
} }
function clean() { function clean() {
global $board; global $board, $config;
$offset = round(MAX_PAGES*THREADS_PER_PAGE); $offset = round($config['max_pages']*$config['threads_per_page']);
// I too wish there was an easier way of doing this... // I too wish there was an easier way of doing this...
$query = prepare(sprintf("SELECT `id` FROM `posts_%s` WHERE `thread` IS NULL ORDER BY `sticky` DESC, `bump` DESC LIMIT :offset, 9001", $board['uri'])); $query = prepare(sprintf("SELECT `id` FROM `posts_%s` WHERE `thread` IS NULL ORDER BY `sticky` DESC, `bump` DESC LIMIT :offset, 9001", $board['uri']));
@ -358,74 +360,75 @@
} }
function index($page, $mod=false) { function index($page, $mod=false) {
global $board; global $board, $config;
$body = ''; $body = '';
$offset = round($page*THREADS_PER_PAGE-THREADS_PER_PAGE); $offset = round($page*$config['threads_per_page']-$config['threads_per_page']);
sql_open(); sql_open();
$query = prepare(sprintf("SELECT * FROM `posts_%s` WHERE `thread` IS NULL ORDER BY `sticky` DESC, `bump` DESC LIMIT ?,?", $board['uri'])); $query = prepare(sprintf("SELECT * FROM `posts_%s` WHERE `thread` IS NULL ORDER BY `sticky` DESC, `bump` DESC LIMIT ?,?", $board['uri']));
$query->bindValue(1, $offset, PDO::PARAM_INT); $query->bindValue(1, $offset, PDO::PARAM_INT);
$query->bindValue(2, THREADS_PER_PAGE, PDO::PARAM_INT); $query->bindValue(2, $config['threads_per_page'], PDO::PARAM_INT);
$query->execute() or error(db_error($query)); $query->execute() or error(db_error($query));
if($query->rowcount() < 1 && $page > 1) return false; if($query->rowcount() < 1 && $page > 1) return false;
while($th = $query->fetch()) { while($th = $query->fetch()) {
$thread = new Thread($th['id'], $th['subject'], $th['email'], $th['name'], $th['trip'], $th['body'], $th['time'], $th['thumb'], $th['thumbwidth'], $th['thumbheight'], $th['file'], $th['filewidth'], $th['fileheight'], $th['filesize'], $th['filename'], $th['ip'], $th['sticky'], $th['locked'], $mod ? '?/' : ROOT, $mod); $thread = new Thread($th['id'], $th['subject'], $th['email'], $th['name'], $th['trip'], $th['body'], $th['time'], $th['thumb'], $th['thumbwidth'], $th['thumbheight'], $th['file'], $th['filewidth'], $th['fileheight'], $th['filesize'], $th['filename'], $th['ip'], $th['sticky'], $th['locked'], $mod ? '?/' : $config['root'], $mod);
$posts = prepare(sprintf("SELECT `id`, `subject`, `email`, `name`, `trip`, `body`, `time`, `thumb`, `thumbwidth`, `thumbheight`, `file`, `filewidth`, `fileheight`, `filesize`, `filename`,`ip` FROM `posts_%s` WHERE `thread` = ? ORDER BY `id` DESC LIMIT ?", $board['uri'])); $posts = prepare(sprintf("SELECT `id`, `subject`, `email`, `name`, `trip`, `body`, `time`, `thumb`, `thumbwidth`, `thumbheight`, `file`, `filewidth`, `fileheight`, `filesize`, `filename`,`ip` FROM `posts_%s` WHERE `thread` = ? ORDER BY `id` DESC LIMIT ?", $board['uri']));
$posts->bindValue(1, $th['id']); $posts->bindValue(1, $th['id']);
$posts->bindValue(2, THREADS_PREVIEW, PDO::PARAM_INT); $posts->bindValue(2, $config['threads_preview'], PDO::PARAM_INT);
$posts->execute() or error(db_error($posts)); $posts->execute() or error(db_error($posts));
if($posts->rowCount() == THREADS_PREVIEW) { if($posts->rowCount() == $config['threads_preview']) {
$count = prepare(sprintf("SELECT COUNT(`id`) as `num` FROM `posts_%s` WHERE `thread` = ?", $board['uri'])); $count = prepare(sprintf("SELECT COUNT(`id`) as `num` FROM `posts_%s` WHERE `thread` = ?", $board['uri']));
$count->bindValue(1, $th['id']); $count->bindValue(1, $th['id']);
$count->execute() or error(db_error($count)); $count->execute() or error(db_error($count));
$count = $count->fetch(); $count = $count->fetch();
$omitted = $count['num'] - THREADS_PREVIEW; $omitted = $count['num'] - $config['threads_preview'];
$thread->omitted = $omitted; $thread->omitted = $omitted;
unset($count); unset($count);
unset($omitted); unset($omitted);
} }
while($po = $posts->fetch()) { while($po = $posts->fetch()) {
$thread->add(new Post($po['id'], $th['id'], $po['subject'], $po['email'], $po['name'], $po['trip'], $po['body'], $po['time'], $po['thumb'], $po['thumbwidth'], $po['thumbheight'], $po['file'], $po['filewidth'], $po['fileheight'], $po['filesize'], $po['filename'], $po['ip'], $mod ? '?/' : ROOT, $mod)); $thread->add(new Post($po['id'], $th['id'], $po['subject'], $po['email'], $po['name'], $po['trip'], $po['body'], $po['time'], $po['thumb'], $po['thumbwidth'], $po['thumbheight'], $po['file'], $po['filewidth'], $po['fileheight'], $po['filesize'], $po['filename'], $po['ip'], $mod ? '?/' : $config['root'], $mod));
} }
$thread->posts = array_reverse($thread->posts); $thread->posts = array_reverse($thread->posts);
$body .= $thread->build(true); $body .= $thread->build(true);
} }
return Array('button'=>BUTTON_NEWTOPIC, 'board'=>$board, 'body'=>$body, 'post_url' => POST_URL, 'index' => ROOT); return Array('button'=>$config['button_newtopic'], 'board'=>$board, 'body'=>$body, 'post_url' => $config['post_url'], 'index' => $config['root']);
} }
function getPages($mod=false) { function getPages($mod=false) {
global $board; global $board, $config;
// Count threads // Count threads
$query = query(sprintf("SELECT COUNT(`id`) as `num` FROM `posts_%s` WHERE `thread` IS NULL", $board['uri'])) or error(db_error()); $query = query(sprintf("SELECT COUNT(`id`) as `num` FROM `posts_%s` WHERE `thread` IS NULL", $board['uri'])) or error(db_error());
$count = current($query->fetch()); $count = current($query->fetch());
$count = floor((THREADS_PER_PAGE + $count - 1) / THREADS_PER_PAGE); $count = floor(($config['threads_per_page'] + $count - 1) / $config['threads_per_page']);
$pages = Array(); $pages = Array();
for($x=0;$x<$count && $x<MAX_PAGES;$x++) { for($x=0;$x<$count && $x<$config['max_pages'];$x++) {
$pages[] = Array('num' => $x+1, 'link' => $x==0 ? ($mod ? '?/' : ROOT) . $board['dir'] . FILE_INDEX : ($mod ? '?/' : ROOT) . $board['dir'] . sprintf(FILE_PAGE, $x+1)); $pages[] = Array('num' => $x+1, 'link' => $x==0 ? ($mod ? '?/' : $config['root']) . $board['dir'] . $config['file_index'] : ($mod ? '?/' : $config['root']) . $board['dir'] . sprintf($config['file_page'], $x+1));
} }
return $pages; return $pages;
} }
function makerobot($body) { function makerobot($body) {
global $config;
$body = strtolower($body); $body = strtolower($body);
// Leave only letters // Leave only letters
$body = preg_replace('/[^a-z]/i', '', $body); $body = preg_replace('/[^a-z]/i', '', $body);
// Remove repeating characters // Remove repeating characters
if(ROBOT_STRIP_REPEATING) if($config['robot_strip_repeating'])
$body = preg_replace('/(.)\\1+/', '$1', $body); $body = preg_replace('/(.)\\1+/', '$1', $body);
return sha1($body); return sha1($body);
@ -468,6 +471,7 @@
} }
function muteTime() { function muteTime() {
global $config;
// Find number of mutes in the past X hours // Find number of mutes in the past X hours
$query = prepare("SELECT COUNT(*) as `count` FROM `mutes` WHERE `time` >= :time AND `ip` = :ip"); $query = prepare("SELECT COUNT(*) as `count` FROM `mutes` WHERE `time` >= :time AND `ip` = :ip");
$query->bindValue(':time', time()-(ROBOT_MUTE_HOUR*3600), PDO::PARAM_INT); $query->bindValue(':time', time()-(ROBOT_MUTE_HOUR*3600), PDO::PARAM_INT);
@ -476,7 +480,7 @@
$result = $query->fetch(); $result = $query->fetch();
if($result['count'] == 0) return 0; if($result['count'] == 0) return 0;
return pow(ROBOT_MUTE_MULTIPLIER, $result['count']); return pow($config['robot_mute_multiplier'], $result['count']);
} }
function mute() { function mute() {
@ -504,7 +508,7 @@
if($mute['time'] + $mutetime > time()) { if($mute['time'] + $mutetime > time()) {
// Not expired yet // Not expired yet
error(sprintf(ERROR_YOUAREMUTED, $mute['time'] + $mutetime - time())); error(sprintf($config['error']['youaremuted'], $mute['time'] + $mutetime - time()));
} else { } else {
// Already expired // Already expired
return; return;
@ -513,14 +517,14 @@
} }
function buildIndex() { function buildIndex() {
global $board; global $board, $config;
sql_open(); sql_open();
$pages = getPages(); $pages = getPages();
$page = 1; $page = 1;
while($page <= MAX_PAGES && $content = index($page)) { while($page <= $config['max_pages'] && $content = index($page)) {
$filename = $board['dir'] . ($page==1 ? FILE_INDEX : sprintf(FILE_PAGE, $page)); $filename = $board['dir'] . ($page==1 ? $config['file_index'] : sprintf($config['file_page'], $page));
if(file_exists($filename)) $md5 = md5_file($filename); if(file_exists($filename)) $md5 = md5_file($filename);
$content['pages'] = $pages; $content['pages'] = $pages;
@ -531,9 +535,9 @@
} }
$page++; $page++;
} }
if($page < MAX_PAGES) { if($page < $config['max_pages']) {
for(;$page<=MAX_PAGES;$page++) { for(;$page<=$config['max_pages'];$page++) {
$filename = $page==1 ? FILE_INDEX : sprintf(FILE_PAGE, $page); $filename = $page==1 ? $config['file_index'] : sprintf($config['file_page'], $page);
@unlink($filename); @unlink($filename);
} }
} }
@ -566,17 +570,17 @@
} }
function markup(&$body) { function markup(&$body) {
global $board; global $board, $config;
$body = utf8tohtml($body, true); $body = utf8tohtml($body, true);
if(MARKUP_URLS) { if($config['markup_urls']) {
$body = preg_replace(URL_REGEX, "<a href=\"$0\">$0</a>", $body, -1, $num_links); $body = preg_replace($config['url_regex'], "<a href=\"$0\">$0</a>", $body, -1, $num_links);
if($num_links > MAX_LINKS) if($num_links > $config['max_links'])
error(ERROR_TOOMANYLINKS); error($config['error']['toomanylinks']);
} }
if(AUTO_UNICODE) { if($config['auto_unicode']) {
$body = str_replace('...', '…', $body); $body = str_replace('...', '…', $body);
$body = str_replace('<--', '←', $body); $body = str_replace('<--', '←', $body);
@ -603,7 +607,7 @@
$query->execute() or error(db_error($query)); $query->execute() or error(db_error($query));
if($post = $query->fetch()) { if($post = $query->fetch()) {
$replacement = '<a onclick="highlightReply(\''.$cite.'\');" href="' . ROOT . $board['dir'] . DIR_RES . ($post['thread']?$post['thread']:$post['id']) . '.html#' . $cite . '">&gt;&gt;' . $cite . '</a>'; $replacement = '<a onclick="highlightReply(\''.$cite.'\');" href="' . $config['root'] . $board['dir'] . $config['dir']['res'] . ($post['thread']?$post['thread']:$post['id']) . '.html#' . $cite . '">&gt;&gt;' . $cite . '</a>';
} else { } else {
$replacement = "&gt;&gt;{$cite}"; $replacement = "&gt;&gt;{$cite}";
} }
@ -630,7 +634,7 @@
$body = preg_replace("/(^|\n)([\s]+)?(&gt;)([^\n]+)?($|\n)/m", '$1$2<span class="quote">$3$4</span>$5', $body); $body = preg_replace("/(^|\n)([\s]+)?(&gt;)([^\n]+)?($|\n)/m", '$1$2<span class="quote">$3$4</span>$5', $body);
if(WIKI_MARKUP) { if($config['wiki_markup']) {
$body = preg_replace("/(^|\n)==(.+?)==\n?/m", "<h2>$2</h2>", $body); $body = preg_replace("/(^|\n)==(.+?)==\n?/m", "<h2>$2</h2>", $body);
$body = preg_replace("/'''(.+?)'''/m", "<strong>$1</strong>", $body); $body = preg_replace("/'''(.+?)'''/m", "<strong>$1</strong>", $body);
$body = preg_replace("/''(.+?)''/m", "<em>$1</em>", $body); $body = preg_replace("/''(.+?)''/m", "<em>$1</em>", $body);
@ -679,7 +683,7 @@
} }
function buildThread($id, $return=false, $mod=false) { function buildThread($id, $return=false, $mod=false) {
global $board; global $board, $config;
$id = round($id); $id = round($id);
$query = prepare(sprintf("SELECT `id`,`thread`,`subject`,`name`,`email`,`trip`,`body`,`time`,`thumb`,`thumbwidth`,`thumbheight`,`file`,`filewidth`,`fileheight`,`filesize`,`filename`,`ip`,`sticky`,`locked` FROM `posts_%s` WHERE (`thread` IS NULL AND `id` = :id) OR `thread` = :id ORDER BY `thread`,`time`", $board['uri'])); $query = prepare(sprintf("SELECT `id`,`thread`,`subject`,`name`,`email`,`trip`,`body`,`time`,`thumb`,`thumbwidth`,`thumbheight`,`file`,`filewidth`,`fileheight`,`filesize`,`filename`,`ip`,`sticky`,`locked` FROM `posts_%s` WHERE (`thread` IS NULL AND `id` = :id) OR `thread` = :id ORDER BY `thread`,`time`", $board['uri']));
@ -688,33 +692,34 @@
while($post = $query->fetch()) { while($post = $query->fetch()) {
if(!isset($thread)) { if(!isset($thread)) {
$thread = new Thread($post['id'], $post['subject'], $post['email'], $post['name'], $post['trip'], $post['body'], $post['time'], $post['thumb'], $post['thumbwidth'], $post['thumbheight'], $post['file'], $post['filewidth'], $post['fileheight'], $post['filesize'], $post['filename'], $post['ip'], $post['sticky'], $post['locked'], $mod ? '?/' : ROOT, $mod); $thread = new Thread($post['id'], $post['subject'], $post['email'], $post['name'], $post['trip'], $post['body'], $post['time'], $post['thumb'], $post['thumbwidth'], $post['thumbheight'], $post['file'], $post['filewidth'], $post['fileheight'], $post['filesize'], $post['filename'], $post['ip'], $post['sticky'], $post['locked'], $mod ? '?/' : $config['root'], $mod);
} else { } else {
$thread->add(new Post($post['id'], $thread->id, $post['subject'], $post['email'], $post['name'], $post['trip'], $post['body'], $post['time'], $post['thumb'], $post['thumbwidth'], $post['thumbheight'], $post['file'], $post['filewidth'], $post['fileheight'], $post['filesize'], $post['filename'], $post['ip'], $mod ? '?/' : ROOT, $mod)); $thread->add(new Post($post['id'], $thread->id, $post['subject'], $post['email'], $post['name'], $post['trip'], $post['body'], $post['time'], $post['thumb'], $post['thumbwidth'], $post['thumbheight'], $post['file'], $post['filewidth'], $post['fileheight'], $post['filesize'], $post['filename'], $post['ip'], $mod ? '?/' : $config['root'], $mod));
} }
} }
// Check if any posts were found // Check if any posts were found
if(!isset($thread)) error(ERROR_NONEXISTANT); if(!isset($thread)) error($config['error']['nonexistant']);
$body = Element('thread.html', Array( $body = Element('thread.html', Array(
'button'=>BUTTON_REPLY, 'button'=>$config['button_reply'],
'board'=>$board, 'board'=>$board,
'body'=>$thread->build(), 'body'=>$thread->build(),
'post_url' => POST_URL, 'post_url' => $config['post_url'],
'index' => ROOT, 'index' => $config['root'],
'id' => $id, 'id' => $id,
'mod' => $mod, 'mod' => $mod,
'return' => ($mod ? '?' . $board['url'] . FILE_INDEX : ROOT . $board['uri'] . '/' . FILE_INDEX) 'return' => ($mod ? '?' . $board['url'] . $config['file_index'] : $config['root'] . $board['uri'] . '/' . $config['file_index'])
)); ));
if($return) if($return)
return $body; return $body;
else else
@file_put_contents($board['dir'] . DIR_RES . sprintf(FILE_PAGE, $id), $body) or error("Couldn't write to file."); @file_put_contents($board['dir'] . $config['dir']['res'] . sprintf($config['file_page'], $id), $body) or error("Couldn't write to file.");
} }
function generate_tripcode ( $name, $length = 10 ) { function generate_tripcode ( $name, $length = 10 ) {
global $config;
$name = stripslashes ( $name ); $name = stripslashes ( $name );
$t = explode('#', $name); $t = explode('#', $name);
$nameo = $t[0]; $nameo = $t[0];
@ -730,7 +735,7 @@
$salt = strtr ( $salt, ':;<=>?@[\]^_`', 'ABCDEFGabcdef' ); $salt = strtr ( $salt, ':;<=>?@[\]^_`', 'ABCDEFGabcdef' );
if ( isset ( $t[2] ) ) { if ( isset ( $t[2] ) ) {
// secure // secure
$trip = '!!' . substr ( crypt ( $trip, SECURE_TRIP_SALT ), ( -1 * $length ) ); $trip = '!!' . substr ( crypt ( $trip, $config['secure_trip_salt'] ), ( -1 * $length ) );
} else { } else {
// insecure // insecure
$trip = '!' . substr ( crypt ( $trip, $salt ), ( -1 * $length ) ); $trip = '!' . substr ( crypt ( $trip, $salt ), ( -1 * $length ) );
@ -865,25 +870,25 @@
case 'jpeg': case 'jpeg':
if(!$image = @imagecreatefromjpeg($source_pic)) { if(!$image = @imagecreatefromjpeg($source_pic)) {
unlink($source_pic); unlink($source_pic);
error(ERR_INVALIDIMG); error($config['error']['invalidimg']);
} }
break; break;
case 'png': case 'png':
if(!$image = @imagecreatefrompng($source_pic)) { if(!$image = @imagecreatefrompng($source_pic)) {
unlink($source_pic); unlink($source_pic);
error(ERR_INVALIDIMG); error($config['error']['invalidimg']);
} }
break; break;
case 'gif': case 'gif':
if(!$image = @imagecreatefromgif($source_pic)) { if(!$image = @imagecreatefromgif($source_pic)) {
unlink($source_pic); unlink($source_pic);
error(ERR_INVALIDIMG); error($config['error']['invalidimg']);
} }
break; break;
case 'bmp': case 'bmp':
if(!$image = @imagecreatefrombmp($source_pic)) { if(!$image = @imagecreatefrombmp($source_pic)) {
unlink($source_pic); unlink($source_pic);
error(ERR_INVALIDIMG); error($config['error']['invalidimg']);
} }
break; break;
default: default:

View File

@ -11,14 +11,41 @@
// Database stuff // Database stuff
define('DB_TYPE', 'mysql'); $config['db']['type'] = 'mysql';
define('DB_SERVER', 'localhost'); $config['db']['server'] = 'localhost';
define('DB_USER', ''); $config['db']['user'] = '';
define('DB_PASSWORD', ''); $config['db']['password'] = '';
define('DB_DATABASE', ''); $config['db']['database'] = '';
define('ROOT', '/'); $config['root'] = '/';
// define('FOO', 'bar');
// The following looks ugly. I will find a better place to put this code soon.
$config['post_url'] = $config['root'] . 'post.php';
$config['url_match'] = '/^' .
(preg_match($config['url_regex'], $config['root']) ? '' :
(@$_SERVER['HTTPS']?'https':'http') .
':\/\/'.$_SERVER['HTTP_HOST']) .
preg_quote($config['root'], '/') .
'(' .
str_replace('%s', '\w{1,8}', preg_quote($config['board_path'], '/')) .
'|' .
str_replace('%s', '\w{1,8}', preg_quote($config['board_path'], '/')) .
preg_quote($config['file_index'], '/') .
'|' .
str_replace('%s', '\w{1,8}', preg_quote($config['board_path'], '/')) .
str_replace('%d', '\d+', preg_quote($config['file_page'], '/')) .
'|' .
preg_quote($config['file_mod'], '/') .
'\?\/.+' .
')$/i';
$config['dir']['static'] = $config['root'] . 'static/';
$config['image_sticky'] = $config['dir']['static'] . 'sticky.gif';
$config['image_locked'] = $config['dir']['static'] . 'locked.gif';
$config['image_deleted'] = $config['dir']['static'] . 'deleted.png';
$config['image_zip'] = $config['dir']['static'] . 'zip.png';
?> ?>

View File

@ -8,7 +8,7 @@
// Standard configuration // Standard configuration
// //
// Folder where the template files are kept // Folder where the template files are kept
$templateDir = DIR_TEMPLATE; $templateDir = $config['dir']['template'];
// //
// Enable global things like %gentime, etc. // Enable global things like %gentime, etc.
$templateGlobals = true; $templateGlobals = true;

View File

@ -3,10 +3,10 @@
$mod = false; $mod = false;
// Set the session name. // Set the session name.
session_name(SESS_COOKIE); session_name($config['cookies']['session']);
// Set session parameters // Set session parameters
session_set_cookie_params(0, JAIL_COOKIES?ROOT:'/'); session_set_cookie_params(0, $config['cookies']['jail']?$config['root']:'/');
// Start the session // Start the session
session_start(); session_start();
@ -14,13 +14,13 @@
// Session creation time // Session creation time
if(!isset($_SESSION['created'])) $_SESSION['created'] = time(); if(!isset($_SESSION['created'])) $_SESSION['created'] = time();
if(!isset($_COOKIE[HASH_COOKIE]) || !isset($_COOKIE[TIME_COOKIE]) || $_COOKIE[HASH_COOKIE] != md5($_COOKIE[TIME_COOKIE].SALT)) { if(!isset($_COOKIE[$config['cookies']['hash']]) || !isset($_COOKIE[$config['cookies']['time']]) || $_COOKIE[$config['cookies']['hash']] != md5($_COOKIE[$config['cookies']['time']] . $config['cookies']['salt'])) {
$time = time(); $time = time();
setcookie(TIME_COOKIE, $time, time()+COOKIE_EXPIRE, JAIL_COOKIES?ROOT:'/', null, false, true); setcookie($config['cookies']['time'], $time, time()+$config['cookies']['expire'], $config['cookies']['jail']?$config['root']:'/', null, false, true);
setcookie(HASH_COOKIE, md5($time.SALT), $time+COOKIE_EXPIRE, JAIL_COOKIES?ROOT:'/', null, false, true); setcookie($config['cookies']['hash'], md5($time . $config['cookies']['salt']), $time+$config['cookies']['expire'], $config['cookies']['jail']?$config['root']:'/', null, false, true);
$user = Array('valid' => false, 'appeared' => $time); $user = Array('valid' => false, 'appeared' => $time);
} else { } else {
$user = Array('valid' => true, 'appeared' => $_COOKIE[TIME_COOKIE]); $user = Array('valid' => true, 'appeared' => $_COOKIE[$config['cookies']['time']]);
} }
?> ?>

156
mod.php
View File

@ -1,10 +1,10 @@
<?php <?php
require 'inc/functions.php'; require 'inc/functions.php';
require 'inc/display.php'; require 'inc/display.php';
require 'inc/config.php';
if (file_exists('inc/instance-config.php')) { if (file_exists('inc/instance-config.php')) {
require 'inc/instance-config.php'; require 'inc/instance-config.php';
} }
require 'inc/config.php';
require 'inc/template.php'; require 'inc/template.php';
require 'inc/database.php'; require 'inc/database.php';
require 'inc/user.php'; require 'inc/user.php';
@ -37,11 +37,11 @@
!isset($_POST['password']) || !isset($_POST['password']) ||
empty($_POST['username']) || empty($_POST['username']) ||
empty($_POST['password']) empty($_POST['password'])
) loginForm(ERROR_INVALID, $_POST['username']); ) loginForm($config['error']['invalid'], $_POST['username']);
if(!login($_POST['username'], $_POST['password'])) if(!login($_POST['username'], $_POST['password']))
loginForm(ERROR_INVALID, $_POST['username']); loginForm($config['error']['invalid'], $_POST['username']);
modLog("Logged in."); modLog("Logged in.");
@ -50,7 +50,7 @@
setCookies(); setCookies();
// Redirect // Redirect
header('Location: ?' . MOD_DEFAULT, true, REDIRECT_HTTP); header('Location: ?' . $config['mod']['default'], true, $config['redirect_http']);
// Close connection // Close connection
sql_close(); sql_close();
@ -63,12 +63,12 @@
// A sort of "cache" // A sort of "cache"
// Stops calling preg_quote and str_replace when not needed; only does it once // Stops calling preg_quote and str_replace when not needed; only does it once
$regex = Array( $regex = Array(
'board' => str_replace('%s', '(\w{1,8})', preg_quote(BOARD_PATH, '/')), 'board' => str_replace('%s', '(\w{1,8})', preg_quote($config['board_path'], '/')),
'page' => str_replace('%d', '(\d+)', preg_quote(FILE_PAGE, '/')), 'page' => str_replace('%d', '(\d+)', preg_quote($config['file_page'], '/')),
'img' => preg_quote(DIR_IMG, '/'), 'img' => preg_quote($config['dir']['img'], '/'),
'thumb' => preg_quote(DIR_THUMB, '/'), 'thumb' => preg_quote($config['dir']['thumb'], '/'),
'res' => preg_quote(DIR_RES, '/'), 'res' => preg_quote($config['dir']['res'], '/'),
'index' => preg_quote(FILE_INDEX, '/') 'index' => preg_quote($config['file_index'], '/')
); );
if(preg_match('/^\/?$/', $query)) { if(preg_match('/^\/?$/', $query)) {
@ -81,10 +81,10 @@
// Boards // Boards
$fieldset['Boards'] .= ulBoards(); $fieldset['Boards'] .= ulBoards();
if($mod['type'] >= MOD_VIEW_BANLIST) { if($mod['type'] >= $config['mod']['view_banlist']) {
$fieldset['Administration'] .= '<li><a href="?/bans">Ban list</a></li>'; $fieldset['Administration'] .= '<li><a href="?/bans">Ban list</a></li>';
} }
if($mod['type'] >= MOD_SHOW_CONFIG) { if($mod['type'] >= $config['mod']['show_config']) {
$fieldset['Administration'] .= '<li><a href="?/config">Show configuration</a></li>'; $fieldset['Administration'] .= '<li><a href="?/config">Show configuration</a></li>';
} }
@ -97,16 +97,16 @@
} }
echo Element('page.html', Array( echo Element('page.html', Array(
'index'=>ROOT, 'index'=>$config['root'],
'title'=>'Dashboard', 'title'=>'Dashboard',
'body'=>$body 'body'=>$body
//,'mod'=>true /* All 'mod' does, at this point, is put the "Return to dashboard" link in. */ //,'mod'=>true /* All 'mod' does, at this point, is put the "Return to dashboard" link in. */
) )
); );
} elseif(preg_match('/^\/bans$/', $query)) { } elseif(preg_match('/^\/bans$/', $query)) {
if($mod['type'] < MOD_VIEW_BANLIST) error(ERROR_NOACCESS); if($mod['type'] < $config['mod']['view_banlist']) error($config['error']['noaccess']);
if(MOD_VIEW_BANEXPIRED) { if($config['mod']['view_banexpired']) {
$query = prepare("SELECT * FROM `bans` INNER JOIN `mods` ON `mod` = `id` GROUP BY `ip` ORDER BY `expires` < :time, `set` DESC"); $query = prepare("SELECT * FROM `bans` INNER JOIN `mods` ON `mod` = `id` GROUP BY `ip` ORDER BY `expires` < :time, `set` DESC");
$query->bindValue(':time', time(), PDO::PARAM_INT); $query->bindValue(':time', time(), PDO::PARAM_INT);
$query->execute() or error(db_error($query)); $query->execute() or error(db_error($query));
@ -126,7 +126,7 @@
while($ban = $query->fetch()) { while($ban = $query->fetch()) {
$body .= $body .=
'<tr' . '<tr' .
(MOD_VIEW_BANEXPIRED && $ban['expires'] != 0 && $ban['expires'] < time() ? ($config['mod']['view_banexpired'] && $ban['expires'] != 0 && $ban['expires'] < time() ?
' style="text-decoration:line-through"' ' style="text-decoration:line-through"'
:'') . :'') .
'>' . '>' .
@ -145,26 +145,26 @@
'<td>' . $ban['reason'] . '</td>' . '<td>' . $ban['reason'] . '</td>' .
// Set // Set
'<td style="white-space: nowrap">' . date(POST_DATE, $ban['set']) . '</td>' . '<td style="white-space: nowrap">' . date($config['post_date'], $ban['set']) . '</td>' .
// Expires // Expires
'<td style="white-space: nowrap">' . '<td style="white-space: nowrap">' .
($ban['expires'] == 0 ? ($ban['expires'] == 0 ?
'<em>Never</em>' '<em>Never</em>'
: :
date(POST_DATE, $ban['expires']) date($config['post_date'], $ban['expires'])
) . ) .
'</td>' . '</td>' .
// Staff // Staff
'<td>' . '<td>' .
($mod['type'] < MOD_VIEW_BANSTAFF ? ($mod['type'] < $config['mod']['view_banstaff'] ?
(MOD_VIEW_BANQUESTIONMARK ? ($config['mod']['view_banquestionmark'] ?
'?' '?'
: :
($ban['type'] == MOD_JANITOR ? 'Janitor' : ($ban['type'] == JANITOR ? 'Janitor' :
($ban['type'] == MOD_MOD ? 'Mod' : ($ban['type'] == MOD ? 'Mod' :
($ban['type'] == MOD_ADMIN ? 'Admin' : ($ban['type'] == ADMIN ? 'Admin' :
'?'))) '?')))
) )
: :
@ -181,14 +181,14 @@
} }
echo Element('page.html', Array( echo Element('page.html', Array(
'index'=>ROOT, 'index'=>$config['root'],
'title'=>'Ban list', 'title'=>'Ban list',
'body'=>$body, 'body'=>$body,
'mod'=>true 'mod'=>true
) )
); );
} elseif(preg_match('/^\/config$/', $query)) { } elseif(preg_match('/^\/config$/', $query)) {
if($mod['type'] < MOD_SHOW_CONFIG) error(ERROR_NOACCESS); if($mod['type'] < $config['mod']['show_config']) error($config['error']['noaccess']);
// Show instance-config.php // Show instance-config.php
@ -240,14 +240,14 @@
$body = '<fieldset><legend>Configuration</legend><table>' . $data . '</table></fieldset>'; $body = '<fieldset><legend>Configuration</legend><table>' . $data . '</table></fieldset>';
echo Element('page.html', Array( echo Element('page.html', Array(
'index'=>ROOT, 'index'=>$config['root'],
'title'=>'Configuration', 'title'=>'Configuration',
'body'=>$body, 'body'=>$body,
'mod'=>true 'mod'=>true
) )
); );
} elseif(preg_match('/^\/new$/', $query)) { } elseif(preg_match('/^\/new$/', $query)) {
if($mod['type'] < MOD_NEWBOARD) error(ERROR_NOACCESS); if($mod['type'] < $config['mod']['newboard']) error($config['error']['noaccess']);
// New board // New board
$body = ''; $body = '';
@ -257,7 +257,7 @@
if( !isset($_POST['uri']) || if( !isset($_POST['uri']) ||
!isset($_POST['title']) || !isset($_POST['title']) ||
!isset($_POST['subtitle']) !isset($_POST['subtitle'])
) error(ERROR_MISSEDAFIELD); ) error($config['error']['missedafield']);
$b = Array( $b = Array(
'uri' => $_POST['uri'], 'uri' => $_POST['uri'],
@ -267,24 +267,24 @@
// Check required fields // Check required fields
if(empty($b['uri'])) if(empty($b['uri']))
error(sprintf(ERROR_REQUIRED, 'URI')); error(sprintf($config['error']['required'], 'URI'));
if(empty($b['title'])) if(empty($b['title']))
error(sprintf(ERROR_REQUIRED, 'title')); error(sprintf($config['error']['required'], 'title'));
// Check string lengths // Check string lengths
if(strlen($b['uri']) > 8) if(strlen($b['uri']) > 8)
error(sprintf(ERROR_TOOLONG, 'URI')); error(sprintf($config['error']['toolong'], 'URI'));
if(strlen($b['title']) > 20) if(strlen($b['title']) > 20)
error(sprintf(ERROR_TOOLONG, 'title')); error(sprintf($config['error']['toolong'], 'title'));
if(strlen($b['subtitle']) > 40) if(strlen($b['subtitle']) > 40)
error(sprintf(ERROR_TOOLONG, 'subtitle')); error(sprintf($config['error']['toolong'], 'subtitle'));
if(!preg_match('/^\w+$/', $b['uri'])) if(!preg_match('/^\w+$/', $b['uri']))
error(sprintf(ERROR_INVALIDFIELD, 'URI')); error(sprintf($config['error']['invalidfield'], 'URI'));
if(openBoard($b['uri'])) { if(openBoard($b['uri'])) {
unset($board); unset($board);
error(sprintf(ERROR_BOARDEXISTS, sprintf(BOARD_ABBREVIATION, $b['uri']))); error(sprintf($config['error']['boardexists'], sprintf($config['board_abbreviation'], $b['uri'])));
} }
$query = prepare("INSERT INTO `boards` VALUES (NULL, :uri, :title, :subtitle)"); $query = prepare("INSERT INTO `boards` VALUES (NULL, :uri, :title, :subtitle)");
@ -315,7 +315,7 @@
// TODO: Statistics, etc, in the dashboard. // TODO: Statistics, etc, in the dashboard.
echo Element('page.html', Array( echo Element('page.html', Array(
'index'=>ROOT, 'index'=>$config['root'],
'title'=>'New board', 'title'=>'New board',
'body'=>$body, 'body'=>$body,
'mod'=>true 'mod'=>true
@ -328,10 +328,10 @@
// Open board // Open board
if(!openBoard($boardName)) if(!openBoard($boardName))
error(ERROR_NOBOARD); error($config['error']['noboard']);
if(!$page = index(empty($matches[2]) || $matches[2] == FILE_INDEX ? 1 : $matches[2], $mod)) { if(!$page = index(empty($matches[2]) || $matches[2] == $config['file_index'] ? 1 : $matches[2], $mod)) {
error(ERROR_404); error($config['error']['404']);
} }
$page['pages'] = getPages(true); $page['pages'] = getPages(true);
$page['mod'] = true; $page['mod'] = true;
@ -344,20 +344,20 @@
$thread = $matches[2]; $thread = $matches[2];
// Open board // Open board
if(!openBoard($boardName)) if(!openBoard($boardName))
error(ERROR_NOBOARD); error($config['error']['noboard']);
$page = buildThread($thread, true, $mod); $page = buildThread($thread, true, $mod);
echo $page; echo $page;
} elseif(preg_match('/^\/' . $regex['board'] . 'deletefile\/(\d+)$/', $query, $matches)) { } elseif(preg_match('/^\/' . $regex['board'] . 'deletefile\/(\d+)$/', $query, $matches)) {
if($mod['type'] < MOD_DELETEFILE) error(ERROR_NOACCESS); if($mod['type'] < $config['mod']['deletefile']) error($config['error']['noaccess']);
// Delete file from post // Delete file from post
$boardName = $matches[1]; $boardName = $matches[1];
$post = $matches[2]; $post = $matches[2];
// Open board // Open board
if(!openBoard($boardName)) if(!openBoard($boardName))
error(ERROR_NOBOARD); error($config['error']['noboard']);
// Delete post // Delete post
deleteFile($post); deleteFile($post);
@ -371,18 +371,18 @@
// Redirect // Redirect
if(isset($_SERVER['HTTP_REFERER'])) if(isset($_SERVER['HTTP_REFERER']))
header('Location: ' . $_SERVER['HTTP_REFERER'], true, REDIRECT_HTTP); header('Location: ' . $_SERVER['HTTP_REFERER'], true, $config['redirect_http']);
else else
header('Location: ?/' . sprintf(BOARD_PATH, $boardName) . FILE_INDEX, true, REDIRECT_HTTP); header('Location: ?/' . sprintf($config['board_path'], $boardName) . $config['file_index'], true, $config['redirect_http']);
} elseif(preg_match('/^\/' . $regex['board'] . 'delete\/(\d+)$/', $query, $matches)) { } elseif(preg_match('/^\/' . $regex['board'] . 'delete\/(\d+)$/', $query, $matches)) {
if($mod['type'] < MOD_DELETE) error(ERROR_NOACCESS); if($mod['type'] < $config['mod']['delete']) error($config['error']['noaccess']);
// Delete post // Delete post
$boardName = $matches[1]; $boardName = $matches[1];
$post = $matches[2]; $post = $matches[2];
// Open board // Open board
if(!openBoard($boardName)) if(!openBoard($boardName))
error(ERROR_NOBOARD); error($config['error']['noboard']);
// Delete post // Delete post
deletePost($post); deletePost($post);
@ -395,18 +395,18 @@
// Redirect // Redirect
if(isset($_SERVER['HTTP_REFERER'])) if(isset($_SERVER['HTTP_REFERER']))
header('Location: ' . $_SERVER['HTTP_REFERER'], true, REDIRECT_HTTP); header('Location: ' . $_SERVER['HTTP_REFERER'], true, $config['redirect_http']);
else else
header('Location: ?/' . sprintf(BOARD_PATH, $boardName) . FILE_INDEX, true, REDIRECT_HTTP); header('Location: ?/' . sprintf($config['board_path'], $boardName) . $config['file_index'], true, $config['redirect_http']);
} elseif(preg_match('/^\/' . $regex['board'] . '(un)?sticky\/(\d+)$/', $query, $matches)) { } elseif(preg_match('/^\/' . $regex['board'] . '(un)?sticky\/(\d+)$/', $query, $matches)) {
if($mod['type'] < MOD_STICKY) error(ERROR_NOACCESS); if($mod['type'] < $config['mod']['sticky']) error($config['error']['noaccess']);
// Add/remove sticky // Add/remove sticky
$boardName = $matches[1]; $boardName = $matches[1];
$post = $matches[3]; $post = $matches[3];
// Open board // Open board
if(!openBoard($boardName)) if(!openBoard($boardName))
error(ERROR_NOBOARD); error($config['error']['noboard']);
$query = prepare(sprintf("UPDATE `posts_%s` SET `sticky` = :sticky WHERE `id` = :id AND `thread` IS NULL", $board['uri'])); $query = prepare(sprintf("UPDATE `posts_%s` SET `sticky` = :sticky WHERE `id` = :id AND `thread` IS NULL", $board['uri']));
$query->bindValue(':id', $post, PDO::PARAM_INT); $query->bindValue(':id', $post, PDO::PARAM_INT);
@ -429,18 +429,18 @@
// Redirect // Redirect
if(isset($_SERVER['HTTP_REFERER'])) if(isset($_SERVER['HTTP_REFERER']))
header('Location: ' . $_SERVER['HTTP_REFERER'], true, REDIRECT_HTTP); header('Location: ' . $_SERVER['HTTP_REFERER'], true, $config['redirect_http']);
else else
header('Location: ?/' . sprintf(BOARD_PATH, $boardName) . FILE_INDEX, true, REDIRECT_HTTP); header('Location: ?/' . sprintf($config['board_path'], $boardName) . $config['file_index'], true, $config['redirect_http']);
} elseif(preg_match('/^\/' . $regex['board'] . '(un)?lock\/(\d+)$/', $query, $matches)) { } elseif(preg_match('/^\/' . $regex['board'] . '(un)?lock\/(\d+)$/', $query, $matches)) {
if($mod['type'] < MOD_LOCK) error(ERROR_NOACCESS); if($mod['type'] < $config['mod']['lock']) error($config['error']['noaccess']);
// Lock/Unlock // Lock/Unlock
$boardName = $matches[1]; $boardName = $matches[1];
$post = $matches[3]; $post = $matches[3];
// Open board // Open board
if(!openBoard($boardName)) if(!openBoard($boardName))
error(ERROR_NOBOARD); error($config['error']['noboard']);
$query = prepare(sprintf("UPDATE `posts_%s` SET `locked` = :locked WHERE `id` = :id AND `thread` IS NULL", $board['uri'])); $query = prepare(sprintf("UPDATE `posts_%s` SET `locked` = :locked WHERE `id` = :id AND `thread` IS NULL", $board['uri']));
$query->bindValue(':id', $post, PDO::PARAM_INT); $query->bindValue(':id', $post, PDO::PARAM_INT);
@ -463,9 +463,9 @@
// Redirect // Redirect
if(isset($_SERVER['HTTP_REFERER'])) if(isset($_SERVER['HTTP_REFERER']))
header('Location: ' . $_SERVER['HTTP_REFERER'], true, REDIRECT_HTTP); header('Location: ' . $_SERVER['HTTP_REFERER'], true, $config['redirect_http']);
else else
header('Location: ?/' . sprintf(BOARD_PATH, $boardName) . FILE_INDEX, true, REDIRECT_HTTP); header('Location: ?/' . sprintf($config['board_path'], $boardName) . $config['file_index'], true, $config['redirect_http']);
} elseif(preg_match('/^\/' . $regex['board'] . 'deletebyip\/(\d+)$/', $query, $matches)) { } elseif(preg_match('/^\/' . $regex['board'] . 'deletebyip\/(\d+)$/', $query, $matches)) {
// Delete all posts by an IP // Delete all posts by an IP
@ -473,14 +473,14 @@
$post = $matches[2]; $post = $matches[2];
// Open board // Open board
if(!openBoard($boardName)) if(!openBoard($boardName))
error(ERROR_NOBOARD); error($config['error']['noboard']);
$query = prepare(sprintf("SELECT `ip` FROM `posts_%s` WHERE `id` = :id", $board['uri'])); $query = prepare(sprintf("SELECT `ip` FROM `posts_%s` WHERE `id` = :id", $board['uri']));
$query->bindValue(':id', $post); $query->bindValue(':id', $post);
$query->execute() or error(db_error($query)); $query->execute() or error(db_error($query));
if(!$post = $query->fetch()) if(!$post = $query->fetch())
error(ERROR_INVALIDPOST); error($config['error']['invalidpost']);
$ip = $post['ip']; $ip = $post['ip'];
@ -492,16 +492,16 @@
$query->execute() or error(db_error($query)); $query->execute() or error(db_error($query));
if($query->rowCount() < 1) if($query->rowCount() < 1)
error(ERROR_INVALIDPOST); error($config['error']['invalidpost']);
while($post = $query->fetch()) { while($post = $query->fetch()) {
deletePost($post['id'], false); deletePost($post['id'], false);
} }
if(isset($_SERVER['HTTP_REFERER'])) if(isset($_SERVER['HTTP_REFERER']))
header('Location: ' . $_SERVER['HTTP_REFERER'], true, REDIRECT_HTTP); header('Location: ' . $_SERVER['HTTP_REFERER'], true, $config['redirect_http']);
else else
header('Location: ?/' . sprintf(BOARD_PATH, $boardName) . FILE_INDEX, true, REDIRECT_HTTP); header('Location: ?/' . sprintf($config['board_path'], $boardName) . $config['file_index'], true, $config['redirect_http']);
} elseif(preg_match('/^\/ban$/', $query)) { } elseif(preg_match('/^\/ban$/', $query)) {
// Ban page // Ban page
@ -509,11 +509,11 @@
if( !isset($_POST['ip']) || if( !isset($_POST['ip']) ||
!isset($_POST['reason']) || !isset($_POST['reason']) ||
!isset($_POST['length']) !isset($_POST['length'])
) error(ERROR_MISSEDAFIELD); ) error($config['error']['missedafield']);
// Check required fields // Check required fields
if(empty($_POST['ip'])) if(empty($_POST['ip']))
error(sprintf(ERROR_REQUIRED, 'IP address')); error(sprintf($config['error']['required'], 'IP address'));
$query = prepare("INSERT INTO `bans` VALUES (:ip, :mod, :set, :expires, :reason)"); $query = prepare("INSERT INTO `bans` VALUES (:ip, :mod, :set, :expires, :reason)");
@ -569,19 +569,19 @@
$query->execute() or error(db_error($query)); $query->execute() or error(db_error($query));
// Delete too // Delete too
if($mod['type'] >= MOD_DELETE && isset($_POST['delete']) && isset($_POST['board'])) { if($mod['type'] >= $config['mod']['delete'] && isset($_POST['delete']) && isset($_POST['board'])) {
openBoard($_POST['board']); openBoard($_POST['board']);
deletePost(round($_POST['delete'])); deletePost(round($_POST['delete']));
} }
// Redirect // Redirect
if(isset($_POST['continue'])) if(isset($_POST['continue']))
header('Location: ' . $_POST['continue'], true, REDIRECT_HTTP); header('Location: ' . $_POST['continue'], true, $config['redirect_http']);
else else
header('Location: ?/' . sprintf(BOARD_PATH, $boardName) . FILE_INDEX, true, REDIRECT_HTTP); header('Location: ?/' . sprintf($config['board_path'], $boardName) . $config['file_index'], true, $config['redirect_http']);
} }
} elseif(preg_match('/^\/' . $regex['board'] . 'ban(&delete)?\/(\d+)$/', $query, $matches)) { } elseif(preg_match('/^\/' . $regex['board'] . 'ban(&delete)?\/(\d+)$/', $query, $matches)) {
if($mod['type'] < MOD_DELETE) error(ERROR_NOACCESS); if($mod['type'] < $config['mod']['delete']) error($config['error']['noaccess']);
// Ban by post // Ban by post
$boardName = $matches[1]; $boardName = $matches[1];
@ -589,14 +589,14 @@
$post = $matches[3]; $post = $matches[3];
// Open board // Open board
if(!openBoard($boardName)) if(!openBoard($boardName))
error(ERROR_NOBOARD); error($config['error']['noboard']);
$query = prepare(sprintf("SELECT `ip`,`id` FROM `posts_%s` WHERE `id` = :id LIMIT 1", $board['uri'])); $query = prepare(sprintf("SELECT `ip`,`id` FROM `posts_%s` WHERE `id` = :id LIMIT 1", $board['uri']));
$query->bindValue(':id', $post, PDO::PARAM_INT); $query->bindValue(':id', $post, PDO::PARAM_INT);
$query->execute() or error(db_error($query)); $query->execute() or error(db_error($query));
if($query->rowCount() < 1) { if($query->rowCount() < 1) {
error(ERROR_INVALIDPOST); error($config['error']['invalidpost']);
} }
$post = $query->fetch(); $post = $query->fetch();
@ -604,7 +604,7 @@
$body = form_newBan($post['ip'], null, isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : false, $delete ? $post['id'] : false, $delete ? $boardName : false); $body = form_newBan($post['ip'], null, isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : false, $delete ? $post['id'] : false, $delete ? $boardName : false);
echo Element('page.html', Array( echo Element('page.html', Array(
'index'=>ROOT, 'index'=>$config['root'],
'title'=>'New ban', 'title'=>'New ban',
'body'=>$body, 'body'=>$body,
'mod'=>true 'mod'=>true
@ -614,7 +614,7 @@
// View information on an IP address // View information on an IP address
$ip = $matches[1]; $ip = $matches[1];
$host = MOD_DNS_LOOKUP ? gethostbyaddr($ip) : false; $host = $config['mod']['dns_lookup'] ? gethostbyaddr($ip) : false;
$body = ''; $body = '';
$boards = listBoards(); $boards = listBoards();
@ -624,26 +624,26 @@
$temp = ''; $temp = '';
$query = prepare(sprintf("SELECT * FROM `posts_%s` WHERE `ip` = :ip ORDER BY `sticky` DESC, `time` DESC LIMIT :limit", $_board['uri'])); $query = prepare(sprintf("SELECT * FROM `posts_%s` WHERE `ip` = :ip ORDER BY `sticky` DESC, `time` DESC LIMIT :limit", $_board['uri']));
$query->bindValue(':ip', $ip); $query->bindValue(':ip', $ip);
$query->bindValue(':limit', MOD_IP_RECENTPOSTS, PDO::PARAM_INT); $query->bindValue(':limit', $config['mod']['ip_recentposts'], PDO::PARAM_INT);
$query->execute() or error(db_error($query)); $query->execute() or error(db_error($query));
while($post = $query->fetch()) { while($post = $query->fetch()) {
$po = new Post($post['id'], $post['thread'], $post['subject'], $post['email'], $post['name'], $post['trip'], $post['body'], $post['time'], $post['thumb'], $post['thumbwidth'], $post['thumbheight'], $post['file'], $post['filewidth'], $post['fileheight'], $post['filesize'], $post['filename'], $post['ip'], $mod ? '?/' : ROOT, $mod); $po = new Post($post['id'], $post['thread'], $post['subject'], $post['email'], $post['name'], $post['trip'], $post['body'], $post['time'], $post['thumb'], $post['thumbwidth'], $post['thumbheight'], $post['file'], $post['filewidth'], $post['fileheight'], $post['filesize'], $post['filename'], $post['ip'], $mod ? '?/' : $config['root'], $mod);
$temp .= $po->build(); $temp .= $po->build();
} }
if(!empty($temp)) if(!empty($temp))
$body .= '<fieldset><legend>Last ' . $query->rowCount() . ' posts on <a href="?/' . $body .= '<fieldset><legend>Last ' . $query->rowCount() . ' posts on <a href="?/' .
sprintf(BOARD_PATH, $_board['uri']) . FILE_INDEX . sprintf($config['board_path'], $_board['uri']) . $config['file_index'] .
'">' . '">' .
sprintf(BOARD_ABBREVIATION, $_board['uri']) . ' - ' . $_board['title'] . sprintf($config['board_abbreviation'], $_board['uri']) . ' - ' . $_board['title'] .
'</a></legend>' . $temp . '</fieldset>'; '</a></legend>' . $temp . '</fieldset>';
} }
if(MOD_IP_BANFORM) if($config['mod']['ip_banform'])
$body .= form_newBan($ip, null, isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : false); $body .= form_newBan($ip, null, isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : false);
echo Element('page.html', Array( echo Element('page.html', Array(
'index'=>ROOT, 'index'=>$config['root'],
'title'=>'IP: ' . $ip, 'title'=>'IP: ' . $ip,
'subtitle' => $host, 'subtitle' => $host,
'body'=>$body, 'body'=>$body,
@ -651,7 +651,7 @@
) )
); );
} else { } else {
error(ERROR_404); error($config['error']['404']);
} }
} }

265
post.php
View File

@ -1,10 +1,10 @@
<?php <?php
require 'inc/functions.php'; require 'inc/functions.php';
require 'inc/display.php'; require 'inc/display.php';
require 'inc/config.php';
if (file_exists('inc/instance-config.php')) { if (file_exists('inc/instance-config.php')) {
require 'inc/instance-config.php'; require 'inc/instance-config.php';
} }
require 'inc/config.php';
require 'inc/template.php'; require 'inc/template.php';
require 'inc/database.php'; require 'inc/database.php';
require 'inc/user.php'; require 'inc/user.php';
@ -26,12 +26,12 @@
if( !isset($_POST['board']) || if( !isset($_POST['board']) ||
!isset($_POST['password']) !isset($_POST['password'])
) )
error(ERROR_BOT); error($config['error']['bot']);
$password = $_POST['password']; $password = $_POST['password'];
if(empty($password)) if(empty($password))
error(ERROR_INVALIDPASSWORD); error($config['error']['invalidpassword']);
$delete = Array(); $delete = Array();
foreach($_POST as $post => $value) { foreach($_POST as $post => $value) {
@ -45,15 +45,15 @@
// Check if banned // Check if banned
checkBan(); checkBan();
if(BLOCK_TOR && isTor()) if($config['block_tor'] && isTor())
error(ERROR_TOR); error($config['error']['tor']);
// Check if board exists // Check if board exists
if(!openBoard($_POST['board'])) if(!openBoard($_POST['board']))
error(ERROR_NOBOARD); error($config['error']['noboard']);
if(empty($delete)) if(empty($delete))
error(ERROR_NODELETE); error($config['error']['nodelete']);
foreach($delete as &$id) { foreach($delete as &$id) {
$query = prepare(sprintf("SELECT `password` FROM `posts_%s` WHERE `id` = :id", $board['uri'])); $query = prepare(sprintf("SELECT `password` FROM `posts_%s` WHERE `id` = :id", $board['uri']));
@ -62,7 +62,7 @@
if($post = $query->fetch()) { if($post = $query->fetch()) {
if(!empty($password) && $post['password'] != $password) if(!empty($password) && $post['password'] != $password)
error(ERROR_INVALIDPASSWORD); error($config['error']['invalidpassword']);
if(isset($_POST['file'])) { if(isset($_POST['file'])) {
// Delete just the file // Delete just the file
@ -79,9 +79,9 @@
sql_close(); sql_close();
$is_mod = isset($_POST['mod']) && $_POST['mod']; $is_mod = isset($_POST['mod']) && $_POST['mod'];
$root = $is_mod ? ROOT . FILE_MOD . '?/' : ROOT; $root = $is_mod ? $config['root'] . $config['file_mod'] . '?/' : $config['root'];
header('Location: ' . $root . $board['dir'] . FILE_INDEX, true, REDIRECT_HTTP); header('Location: ' . $root . $board['dir'] . $config['file_index'], true, $config['redirect_http']);
} elseif(isset($_POST['post'])) { } elseif(isset($_POST['post'])) {
if( !isset($_POST['name']) || if( !isset($_POST['name']) ||
@ -90,7 +90,7 @@
!isset($_POST['body']) || !isset($_POST['body']) ||
!isset($_POST['board']) || !isset($_POST['board']) ||
!isset($_POST['password']) !isset($_POST['password'])
) error(ERROR_BOT); ) error($config['error']['bot']);
$post = Array('board' => $_POST['board']); $post = Array('board' => $_POST['board']);
@ -99,13 +99,13 @@
$post['thread'] = round($_POST['thread']); $post['thread'] = round($_POST['thread']);
} else $OP = true; } else $OP = true;
//if(!(($OP && $_POST['post'] == BUTTON_NEWTOPIC) || if(!(($OP && $_POST['post'] == $config['button_newtopic']) ||
// (!$OP && $_POST['post'] == BUTTON_REPLY))) (!$OP && $_POST['post'] == $config['button_reply'])))
// error(ERROR_BOT); error($config['error']['bot']);
// Check the referrer // Check the referrer
if($OP) { if($OP) {
if(!isset($_SERVER['HTTP_REFERER']) || !preg_match(URL_MATCH, $_SERVER['HTTP_REFERER'])) error(ERROR_BOT); if(!isset($_SERVER['HTTP_REFERER']) || !preg_match($config['url_match'], $_SERVER['HTTP_REFERER'])) error($config['error']['bot']);
} }
// TODO: Since we're now using static HTML files, we can't give them cookies on their first page view // TODO: Since we're now using static HTML files, we can't give them cookies on their first page view
@ -113,7 +113,7 @@
/* /*
// Check if he has a valid cookie. // Check if he has a valid cookie.
if(!$user['valid']) error(ERROR_BOT); if(!$user['valid']) error($config['error']['bot']);
// Check how long he has been here. // Check how long he has been here.
if(time()-$user['appeared']<LURKTIME) error(ERROR_LURK); if(time()-$user['appeared']<LURKTIME) error(ERROR_LURK);
@ -125,25 +125,25 @@
// Check if banned // Check if banned
checkBan(); checkBan();
if(BLOCK_TOR && isTor()) if($config['block_tor'] && isTor())
error(ERROR_TOR); error($config['error']['tor']);
// Check if board exists // Check if board exists
if(!openBoard($post['board'])) if(!openBoard($post['board']))
error(ERROR_NOBOARD); error($config['error']['noboard']);
if(ROBOT_ENABLE && $board['uri'] == ROBOT_BOARD && ROBOT_MUTE) { //if(ROBOT_ENABLE && $board['uri'] == ROBOT_BOARD && ROBOT_MUTE) {
checkMute(); // checkMute();
} //}
//Check if thread exists //Check if thread exists
if(!$OP && !threadExists($post['thread'])) if(!$OP && !threadExists($post['thread']))
error(ERROR_NONEXISTANT); error($config['error']['nonexistant']);
// Check for a file // Check for a file
if($OP) { if($OP) {
if(!isset($_FILES['file']['tmp_name']) || empty($_FILES['file']['tmp_name'])) if(!isset($_FILES['file']['tmp_name']) || empty($_FILES['file']['tmp_name']))
error(ERROR_NOIMAGE); error($config['error']['noimage']);
} }
$post['name'] = (!empty($_POST['name'])?$_POST['name']:'Anonymous'); $post['name'] = (!empty($_POST['name'])?$_POST['name']:'Anonymous');
@ -155,43 +155,43 @@
$post['has_file'] = $OP || !empty($_FILES['file']['tmp_name']); $post['has_file'] = $OP || !empty($_FILES['file']['tmp_name']);
$post['mod'] = isset($_POST['mod']) && $_POST['mod']; $post['mod'] = isset($_POST['mod']) && $_POST['mod'];
if(empty($post['body']) && FORCE_BODY) if(empty($post['body']) && $config['force_body'])
error(ERROR_TOOSHORTBODY); error($config['error']['tooshortbody']);
if($post['mod']) { if($post['mod']) {
require 'inc/mod.php'; require 'inc/mod.php';
if(!$mod) { if(!$mod) {
// Liar. You're not a mod. // Liar. You're not a mod.
error(ERROR_NOTAMOD); error($config['error']['notamod']);
} }
$post['sticky'] = $OP && isset($_POST['sticky']); $post['sticky'] = $OP && isset($_POST['sticky']);
$post['locked'] = $OP && isset($_POST['lock']); $post['locked'] = $OP && isset($_POST['lock']);
$post['raw'] = isset($_POST['raw']); $post['raw'] = isset($_POST['raw']);
if($post['sticky'] && $mod['type'] < MOD_STICKY) error(ERROR_NOACCESS); if($post['sticky'] && $mod['type'] < $config['mod']['sticky']) error($config['error']['noaccess']);
if($post['locked'] && $mod['type'] < MOD_LOCK) error(ERROR_NOACCESS); if($post['locked'] && $mod['type'] < $config['mod']['lock']) error($config['error']['noaccess']);
if($post['raw'] && $mod['type'] < MOD_RAWHTML) error(ERROR_NOACCESS); if($post['raw'] && $mod['type'] < $config['mod']['rawhtml']) error($config['error']['noaccess']);
} }
// Check if thread is locked // Check if thread is locked
// but allow mods to post // but allow mods to post
if(!$OP && (!$mod || $mod['type'] < MOD_POSTINLOCKED)) { if(!$OP && (!$mod || $mod['type'] < $config['mod']['postinlocked'])) {
if(threadLocked($post['thread'])) if(threadLocked($post['thread']))
error(ERROR_LOCKED); error($config['error']['locked']);
} }
if($post['has_file']) { if($post['has_file']) {
$size = $_FILES['file']['size']; $size = $_FILES['file']['size'];
if($size > MAX_FILESIZE) if($size > $config['max_filesize'])
error(sprintf3(ERR_FILESIZE, array( error(sprintf3($config['error']['filesize'], array(
'sz'=>commaize($size), 'sz'=>commaize($size),
'filesz'=>commaize($size), 'filesz'=>commaize($size),
'maxsz'=>commaize(MAX_FILESIZE)))); 'maxsz'=>commaize($config['max_filesize']))));
} }
if($mod && $mod['type'] >= MOD_MOD && preg_match('/^((.+) )?## (.+)$/', $post['name'], $match)) { if($mod && $mod['type'] >= MOD && preg_match('/^((.+) )?## (.+)$/', $post['name'], $match)) {
if(($mod['type'] == MOD_MOD && $match[3] == 'Mod') || $mod['type'] >= MOD_ADMIN) { if(($mod['type'] == MOD && $match[3] == 'Mod') || $mod['type'] >= ADMIN) {
$post['mod_tag'] = $match[3]; $post['mod_tag'] = $match[3];
$post['name'] = !empty($match[2])?$match[2]:'Anonymous'; $post['name'] = !empty($match[2])?$match[2]:'Anonymous';
} }
@ -211,19 +211,17 @@
if($post['has_file']) { if($post['has_file']) {
$post['extension'] = strtolower(substr($post['filename'], strrpos($post['filename'], '.') + 1)); $post['extension'] = strtolower(substr($post['filename'], strrpos($post['filename'], '.') + 1));
$post['file_id'] = time() . rand(100, 999); $post['file_id'] = time() . rand(100, 999);
$post['file'] = $board['dir'] . DIR_IMG . $post['file_id'] . '.' . $post['extension']; $post['file'] = $board['dir'] . $config['dir']['img'] . $post['file_id'] . '.' . $post['extension'];
$post['thumb'] = $board['dir'] . DIR_THUMB . $post['file_id'] . '.png'; $post['thumb'] = $board['dir'] . $config['dir']['thumb'] . $post['file_id'] . '.png';
$post['zip'] = $OP && $post['has_file'] && ALLOW_ZIP && $post['extension'] == 'zip' ? $post['file'] : false;
if(!($post['zip'] || in_array($post['extension'], $allowed_ext))) error(ERROR_FILEEXT);
} }
// Check string lengths // Check string lengths
if(strlen($post['name']) > 50) error(sprintf(ERROR_TOOLONG, 'name')); if(strlen($post['name']) > 50) error(sprintf($config['error']['toolong'], 'name'));
if(strlen($post['email']) > 30) error(sprintf(ERROR_TOOLONG, 'email')); if(strlen($post['email']) > 30) error(sprintf($config['error']['toolong'], 'email'));
if(strlen($post['subject']) > 40) error(sprintf(ERROR_TOOLONG, 'subject')); if(strlen($post['subject']) > 40) error(sprintf($config['error']['toolong'], 'subject'));
if(!$mod && strlen($post['body']) > MAX_BODY) error(ERROR_TOOLONGBODY); if(!$mod && strlen($post['body']) > $config['max_body']) error($config['error']['toolongbody']);
if(!(!$OP && $post['has_file']) && strlen($post['body']) < 1) error(ERROR_TOOSHORTBODY); if(!(!$OP && $post['has_file']) && strlen($post['body']) < 1) error($config['error']['tooshortbody']);
if(strlen($post['password']) > 20) error(sprintf(ERROR_TOOLONG, 'password')); if(strlen($post['password']) > 20) error(sprintf($config['error']['toolong'], 'password'));
if($post['mod_tag']) if($post['mod_tag'])
$post['trip'] .= ' <a class="nametag">## ' . $post['mod_tag'] . '</a>'; $post['trip'] .= ' <a class="nametag">## ' . $post['mod_tag'] . '</a>';
@ -235,26 +233,14 @@
// Check for a flood // Check for a flood
if(checkFlood($post)) { if(checkFlood($post)) {
error(ERROR_FLOOD); error($config['error']['flood']);
} }
if($post['has_file']) { if($post['has_file']) {
// Just trim the filename if it's too long // Just trim the filename if it's too long
if(strlen($post['filename']) > 30) $post['filename'] = substr($post['filename'], 0, 27).'…'; if(strlen($post['filename']) > 30) $post['filename'] = substr($post['filename'], 0, 27).'…';
// Move the uploaded file // Move the uploaded file
if(!@move_uploaded_file($_FILES['file']['tmp_name'], $post['file'])) error(ERROR_NOMOVE); if(!@move_uploaded_file($_FILES['file']['tmp_name'], $post['file'])) error($config['error']['nomove']);
if($post['zip']) {
// Validate ZIP file
if(is_resource($zip = zip_open($post['zip'])))
// TODO: Check if it's not empty and has at least one (valid) image
zip_close($zip);
else
error(ERR_INVALIDZIP);
$post['file'] = ZIP_IMAGE;
$post['extension'] = strtolower(substr($post['file'], strrpos($post['file'], '.') + 1));
}
$size = @getimagesize($post['file']); $size = @getimagesize($post['file']);
$post['width'] = $size[0]; $post['width'] = $size[0];
@ -263,165 +249,48 @@
// Check if the image is valid // Check if the image is valid
if($post['width'] < 1 || $post['height'] < 1) { if($post['width'] < 1 || $post['height'] < 1) {
unlink($post['file']); unlink($post['file']);
error(ERR_INVALIDIMG); error($config['error']['invalidimg']);
} }
if($post['width'] > MAX_WIDTH || $post['height'] > MAX_HEIGHT) { if($post['width'] > $config['max_width'] || $post['height'] > $config['max_height']) {
unlink($post['file']); unlink($post['file']);
error(ERR_MAXSIZE); error($config['error']['maxsize']);
} }
$hash_function = FILE_HASH; $post['filehash'] = $config['file_hash']($post['file']);
$post['filehash'] = $hash_function($post['file']);
$post['filesize'] = filesize($post['file']); $post['filesize'] = filesize($post['file']);
$image = createimage($post['extension'], $post['file']); $image = createimage($post['extension'], $post['file']);
if(REDRAW_IMAGE && !$post['zip']) {
switch($post['extension']) {
case 'jpg':
case 'jpeg':
imagejpeg($image, $post['file'], JPEG_QUALITY);
break;
case 'png':
imagepng($image, $post['file'], 7);
break;
case 'gif':
if(REDRAW_GIF)
imagegif($image, $post['file']);
break;
case 'bmp':
imagebmp($image, $post['file']);
break;
default:
unlink($post['file']);
error('Unknwon file extension.');
}
}
// Create a thumbnail // Create a thumbnail
$thumb = resize($image, $post['width'], $post['height'], $post['thumb'], THUMB_WIDTH, THUMB_HEIGHT); $thumb = resize($image, $post['width'], $post['height'], $post['thumb'], $config['thumb_width'], $config['thumb_height']);
$post['thumbwidth'] = $thumb['width']; $post['thumbwidth'] = $thumb['width'];
$post['thumbheight'] = $thumb['height']; $post['thumbheight'] = $thumb['height'];
} }
if(!($mod && $mod['type'] >= MOD_POSTUNORIGINAL) && ROBOT_ENABLE && $board['uri'] == ROBOT_BOARD && checkRobot($post['body_nomarkup'])) { /*
if(!($mod && $mod['type'] >= $config['mod']['postunoriginal']) && ROBOT_ENABLE && $board['uri'] == ROBOT_BOARD && checkRobot($post['body_nomarkup'])) {
if(ROBOT_MUTE) { if(ROBOT_MUTE) {
error(sprintf(ERROR_MUTED, mute())); error(sprintf($config['error']['muted'], mute()));
} else { } else {
error(ERROR_UNORIGINAL); error($config['error']['unoriginal']);
} }
} }
*/
// Remove DIR_* before inserting them into the database. // Remove DIR_* before inserting them into the database.
if($post['has_file']) { if($post['has_file']) {
$post['file'] = substr_replace($post['file'], '', 0, strlen($board['dir'] . DIR_IMG)); $post['file'] = substr_replace($post['file'], '', 0, strlen($board['dir'] . $config['dir']['img']));
$post['thumb'] = substr_replace($post['thumb'], '', 0, strlen($board['dir'] . DIR_THUMB)); $post['thumb'] = substr_replace($post['thumb'], '', 0, strlen($board['dir'] . $config['dir']['thumb']));
} }
// Todo: Validate some more, remove messy code, allow more specific configuration // Todo: Validate some more, remove messy code, allow more specific configuration
$id = post($post, $OP); $id = post($post, $OP);
if($post['has_file'] && $post['zip']) {
// Open ZIP
$zip = zip_open($post['zip']);
// Read files
while($entry = zip_read($zip)) {
$filename = basename(zip_entry_name($entry));
$extension = strtolower(substr($filename, strrpos($filename, '.') + 1));
if(in_array($extension, $allowed_ext)) {
if (zip_entry_open($zip, $entry, 'r')) {
// Fake post
$dump_post = Array(
'subject' => $post['subject'],
'email' => $post['email'],
'name' => $post['name'],
'trip' => $post['trip'],
'body' => '',
'thread' => $id,
'password' => '',
'has_file' => true,
'file_id' => rand(0, 1000000000),
'filename' => $filename
);
$dump_post['file'] = $board['dir'] . DIR_IMG . $dump_post['file_id'] . '.' . $extension;
$dump_post['thumb'] = $board['dir'] . DIR_THUMB . $dump_post['file_id'] . '.png';
// Extract the image from the ZIP
$fp = fopen($dump_post['file'], 'w+');
fwrite($fp, zip_entry_read($entry, zip_entry_filesize($entry)));
fclose($fp);
$size = @getimagesize($dump_post['file']);
$dump_post['width'] = $size[0];
$dump_post['height'] = $size[1];
// Check if the image is valid
if($dump_post['width'] < 1 || $dump_post['height'] < 1) {
unlink($dump_post['file']);
} else {
if($dump_post['width'] > MAX_WIDTH || $dump_post['height'] > MAX_HEIGHT) {
unlink($dump_post['file']);
error(ERR_MAXSIZE);
} else {
$dump_post['filehash'] = md5_file($dump_post['file']);
$dump_post['filesize'] = filesize($dump_post['file']);
$image = createimage($extension, $dump_post['file']);
$success = true;
if(REDRAW_IMAGE) {
switch($extension) {
case 'jpg':
case 'jpeg':
imagejpeg($image, $dump_post['file'], JPEG_QUALITY);
break;
case 'png':
imagepng($image, $dump_post['file'], 7);
break;
case 'gif':
if(REDRAW_GIF)
imagegif($image, $dump_post['file']);
break;
case 'bmp':
imagebmp($image, $dump_post['file']);
break;
default:
$success = false;
}
}
// Create a thumbnail
$thumb = resize($image, $dump_post['width'], $dump_post['height'], $dump_post['thumb'], THUMB_WIDTH, THUMB_HEIGHT);
$dump_post['thumbwidth'] = $thumb['width'];
$dump_post['thumbheight'] = $thumb['height'];
// Remove DIR_* before inserting them into the database.
$dump_post['file'] = substr_replace($dump_post['file'], '', 0, strlen($board['dir'] . DIR_IMG));
$dump_post['thumb'] = substr_replace($dump_post['thumb'], '', 0, strlen($board['dir'] . DIR_THUMB));
// Create the post
post($dump_post, false);
}
}
// Close the ZIP
zip_entry_close($entry);
}
}
}
zip_close($zip);
unlink($post['zip']);
}
buildThread(($OP?$id:$post['thread'])); buildThread(($OP?$id:$post['thread']));
if(!$OP && strtolower($post['email']) != 'sage' && (REPLY_LIMIT == 0 || numPosts($post['thread']) < REPLY_LIMIT)) { if(!$OP && strtolower($post['email']) != 'sage' && ($config['reply_limit'] == 0 || numPosts($post['thread']) < $config['reply_limit'])) {
bumpThread($post['thread']); bumpThread($post['thread']);
} }
@ -431,17 +300,17 @@
buildIndex(); buildIndex();
sql_close(); sql_close();
$root = $post['mod'] ? ROOT . FILE_MOD . '?/' : ROOT; $root = $post['mod'] ? $config['root'] . $config['file_mod'] . '?/' : $config['root'];
if(ALWAYS_NOKO || $noko) { if($config['always_noko'] || $noko) {
header('Location: ' . $root . $board['dir'] . DIR_RES . ($OP?$id:$post['thread']) . '.html' . (!$OP?'#'.$id:''), true, REDIRECT_HTTP); header('Location: ' . $root . $board['dir'] . $config['dir']['res'] . ($OP?$id:$post['thread']) . '.html' . (!$OP?'#'.$id:''), true, $config['redirect_http']);
} else { } else {
header('Location: ' . $root . $board['dir'] . FILE_INDEX, true, REDIRECT_HTTP); header('Location: ' . $root . $board['dir'] . $config['file_index'], true, $config['redirect_http']);
} }
exit; exit;
} else { } else {
if(!file_exists(HAS_INSTALLED)) { if(!file_exists($config['has_installed'])) {
sql_open(); sql_open();
// Build all boards // Build all boards
@ -452,7 +321,7 @@
} }
sql_close(); sql_close();
touch(HAS_INSTALLED, 0777); touch($config['has_installed'], 0777);
die(Element('page.html', Array( die(Element('page.html', Array(
'index'=>ROOT, 'index'=>ROOT,
@ -464,7 +333,7 @@
} else { } else {
// They opened post.php in their browser manually. // They opened post.php in their browser manually.
// Possible TODO: Redirect back to homepage. // Possible TODO: Redirect back to homepage.
error(ERROR_NOPOST); error($config['error']['nopost']);
} }
} }
?> ?>