Cool_Tools/vichan
1
0
Fork 0
mirror of https://github.com/vichan-devel/vichan.git synced 2024-11-23 23:20:57 +01:00
Code Releases Wiki Activity

code cleanup

Browse Source
This commit is contained in:
Michael Save 2012-04-13 00:18:19 +10:00
parent da52307c67
commit 51675e7a9b
14 changed files with 578 additions and 578 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

66
inc/anti-bot.php
View File

@ -4,7 +4,7 @@
* Copyright (c) 2010-2012 Tinyboard Development Group
*/
if(realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {
if (realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {
// You cannot request this file directly.
exit;
}
@ -16,9 +16,9 @@ class AntiBot {
public static function randomString($length, $uppercase = false, $special_chars = false) {
$chars = 'abcdefghijklmnopqrstuvwxyz0123456789';
if($uppercase)
if ($uppercase)
$chars .= 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
if($special_chars)
if ($special_chars)
$chars .= ' ~!@#$%^&*()_+,./;\'[]\\{}|:"<>?=-` ';
$chars = str_split($chars);
@ -26,15 +26,15 @@ class AntiBot {
$ch = array();
// fill up $ch until we reach $length
while(count($ch) < $length) {
while (count($ch) < $length) {
$n = $length - count($ch);
$keys = array_rand($chars, $n > count($chars) ? count($chars) : $n);
if($n == 1) {
if ($n == 1) {
$ch[] = $chars[$keys];
break;
}
shuffle($keys);
foreach($keys as $key)
foreach ($keys as $key)
$ch[] = $chars[$key];
}
@ -46,8 +46,8 @@ class AntiBot {
public static function make_confusing($string) {
$chars = str_split($string);
foreach($chars as &$c) {
if(rand(0, 2) != 0)
foreach ($chars as &$c) {
if (rand(0, 2) != 0)
continue;
$c = mb_encode_numericentity($c, array(0, 0xffff, 0, 0xffff), 'UTF-8');
}
@ -58,7 +58,7 @@ class AntiBot {
public function __construct(array $salt = array()) {
global $config;
if(!empty($salt)) {
if (!empty($salt)) {
// create a salted hash of the "extra salt"
$this->salt = implode(':', $salt);
} else {
@ -70,21 +70,21 @@ class AntiBot {
$input_count = rand($config['spam']['hidden_inputs_min'], $config['spam']['hidden_inputs_max']);
$hidden_input_names_x = 0;
for($x = 0; $x < $input_count ; $x++) {
if($hidden_input_names_x === false || rand(0, 2) == 0) {
for ($x = 0; $x < $input_count ; $x++) {
if ($hidden_input_names_x === false || rand(0, 2) == 0) {
// Use an obscure name
$name = $this->randomString(rand(10, 40));
} else {
// Use a pre-defined confusing name
$name = $config['spam']['hidden_input_names'][$hidden_input_names_x++];
if($hidden_input_names_x >= count($config['spam']['hidden_input_names']))
if ($hidden_input_names_x >= count($config['spam']['hidden_input_names']))
$hidden_input_names_x = false;
}
if(rand(0, 2) == 0) {
if (rand(0, 2) == 0) {
// Value must be null
$this->inputs[$name] = '';
} elseif(rand(0, 4) == 0) {
} elseif (rand(0, 4) == 0) {
// Numeric value
$this->inputs[$name] = (string)rand(0, 100);
} else {
@ -111,11 +111,11 @@ class AntiBot {
$html = '';
if($count === false) {
if ($count === false) {
$count = rand(1, count($this->inputs) / 15);
}
if($count === true) {
if ($count === true) {
// all elements
$inputs = array_slice($this->inputs, $this->index);
} else {
@ -123,11 +123,11 @@ class AntiBot {
}
$this->index += count($inputs);
foreach($inputs as $name => $value) {
foreach ($inputs as $name => $value) {
$element = false;
while(!$element) {
while (!$element) {
$element = $elements[array_rand($elements)];
if(strpos($element, 'textarea') !== false && $value == '') {
if (strpos($element, 'textarea') !== false && $value == '') {
// There have been some issues with mobile web browsers and empty <textarea>'s.
$element = false;
}
@ -135,12 +135,12 @@ class AntiBot {
$element = str_replace('%name%', utf8tohtml($name), $element);
if(rand(0, 2) == 0)
if (rand(0, 2) == 0)
$value = $this->make_confusing($value);
else
$value = utf8tohtml($value);
if(strpos($element, 'textarea') === false)
if (strpos($element, 'textarea') === false)
$value = str_replace('"', '&quot;', $value);
$element = str_replace('%value%', $value, $element);
@ -161,7 +161,7 @@ class AntiBot {
$hash = '';
// Iterate through each input
foreach($inputs as $name => $value) {
foreach ($inputs as $name => $value) {
$hash .= $name . '=' . $value;
}
// Add a salt to the hash
@ -179,13 +179,13 @@ function _create_antibot($board, $thread) {
query('DELETE FROM `antispam` WHERE `expires` < UNIX_TIMESTAMP()') or error(db_error());
if($thread)
if ($thread)
$query = prepare('UPDATE `antispam` SET `expires` = UNIX_TIMESTAMP() + :expires WHERE `board` = :board AND `thread` = :thread');
else
$query = prepare('UPDATE `antispam` SET `expires` = UNIX_TIMESTAMP() + :expires WHERE `board` = :board AND `thread` IS NULL');
$query->bindValue(':board', $board);
if($thread)
if ($thread)
$query->bindValue(':thread', $thread);
$query->bindValue(':expires', $config['spam']['hidden_inputs_expire']);
$query->execute() or error(db_error($query));
@ -196,7 +196,7 @@ function _create_antibot($board, $thread) {
$query->bindValue(':hash', $antibot->hash());
$query->execute() or error(db_error($query));
if($query->rowCount() == 0) {
if ($query->rowCount() == 0) {
// there was no database entry for this hash. most likely expired.
return true;
}
@ -207,12 +207,12 @@ function _create_antibot($board, $thread) {
function checkSpam(array $extra_salt = array()) {
global $config, $pdo;
if(!isset($_POST['hash']))
if (!isset($_POST['hash']))
return true;
$hash = $_POST['hash'];
if(!empty($extra_salt)) {
if (!empty($extra_salt)) {
// create a salted hash of the "extra salt"
$extra_salt = implode(':', $extra_salt);
} else {
@ -222,8 +222,8 @@ function checkSpam(array $extra_salt = array()) {
// Reconsturct the $inputs array
$inputs = array();
foreach($_POST as $name => $value) {
if(in_array($name, $config['spam']['valid_inputs']))
foreach ($_POST as $name => $value) {
if (in_array($name, $config['spam']['valid_inputs']))
continue;
$inputs[$name] = $value;
@ -235,7 +235,7 @@ function checkSpam(array $extra_salt = array()) {
$_hash = '';
// Iterate through each input
foreach($inputs as $name => $value) {
foreach ($inputs as $name => $value) {
$_hash .= $name . '=' . $value;
}
@ -245,13 +245,13 @@ function checkSpam(array $extra_salt = array()) {
// Use SHA1 for the hash
$_hash = sha1($_hash . $extra_salt);
if($hash != $_hash)
if ($hash != $_hash)
return true;
$query = prepare('UPDATE `antispam` SET `passed` = `passed` + 1 WHERE `hash` = CRC32(:hash)');
$query->bindValue(':hash', $hash);
$query->execute() or error(db_error($query));
if($query->rowCount() == 0) {
if ($query->rowCount() == 0) {
// there was no database entry for this hash. most likely expired.
return true;
}
@ -261,7 +261,7 @@ function checkSpam(array $extra_salt = array()) {
$query->execute() or error(db_error($query));
$passed = $query->fetchColumn(0);
if($passed > $config['spam']['hidden_inputs_max_pass'])
if ($passed > $config['spam']['hidden_inputs_max_pass'])
return true;
return false;

24
inc/cache.php
View File

@ -4,7 +4,7 @@
* Copyright (c) 2010-2012 Tinyboard Development Group
*/
if(realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {
if (realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {
// You cannot request this file directly.
exit;
}
@ -14,7 +14,7 @@ class Cache {
public static function init() {
global $config;
switch($config['cache']['enabled']) {
switch ($config['cache']['enabled']) {
case 'memcached':
self::$cache = new Memcached();
self::$cache->addServers($config['cache']['memcached']);
@ -30,9 +30,9 @@ class Cache {
$key = $config['cache']['prefix'] . $key;
$data = false;
switch($config['cache']['enabled']) {
switch ($config['cache']['enabled']) {
case 'memcached':
if(!self::$cache)
if (!self::$cache)
self::init();
$data = self::$cache->get($key);
break;
@ -48,7 +48,7 @@ class Cache {
}
// debug
if($data && $config['debug']) {
if ($data && $config['debug']) {
$debug['cached'][] = $key;
}
@ -59,12 +59,12 @@ class Cache {
$key = $config['cache']['prefix'] . $key;
if(!$expires)
if (!$expires)
$expires = $config['cache']['timeout'];
switch($config['cache']['enabled']) {
switch ($config['cache']['enabled']) {
case 'memcached':
if(!self::$cache)
if (!self::$cache)
self::init();
self::$cache->set($key, $value, $expires);
break;
@ -84,9 +84,9 @@ class Cache {
$key = $config['cache']['prefix'] . $key;
switch($config['cache']['enabled']) {
switch ($config['cache']['enabled']) {
case 'memcached':
if(!self::$cache)
if (!self::$cache)
self::init();
self::$cache->delete($key);
break;
@ -104,9 +104,9 @@ class Cache {
public static function flush() {
global $config;
switch($config['cache']['enabled']) {
switch ($config['cache']['enabled']) {
case 'memcached':
if(!self::$cache)
if (!self::$cache)
self::init();
return self::$cache->flush();
case 'apc':

8
inc/config.php
View File

@ -156,11 +156,11 @@
// $octets = explode('.', $ip);
//
// // days since last activity
// if($octets[1] > 14)
// if ($octets[1] > 14)
// return false;
//
// // "threat score" (http://www.projecthoneypot.org/threat_info.php)
// if($octets[2] < 5)
// if ($octets[2] < 5)
// return false;
//
// return true;
@ -696,7 +696,7 @@
// The root directory, including the trailing slash, for Tinyboard.
// examples: '/', 'http://boards.chan.org/', '/chan/'
if(isset($_SERVER['REQUEST_URI']))
if (isset($_SERVER['REQUEST_URI']))
$config['root'] = (str_replace('\\', '/', dirname($_SERVER['REQUEST_URI'])) == '/' ? '/' : str_replace('\\', '/', dirname($_SERVER['REQUEST_URI'])) . '/');
else
$config['root'] = '/'; // CLI mode
@ -855,7 +855,7 @@
$config['mod']['snippet_length'] = 75;
// Probably best not to change these:
if(!defined('JANITOR')) {
if (!defined('JANITOR')) {
define('JANITOR', 0, true);
define('MOD', 1, true);
define('ADMIN', 2, true);

20
inc/database.php
View File

@ -4,7 +4,7 @@
* Copyright (c) 2010-2012 Tinyboard Development Group
*/
if(realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {
if (realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {
// You cannot request this file directly.
exit;
}
@ -21,13 +21,13 @@ class PreparedQueryDebug {
public function __call($function, $args) {
global $config, $debug;
if($config['debug'] && $function == 'execute') {
if ($config['debug'] && $function == 'execute') {
$start = microtime(true);
}
$return = call_user_func_array(array($this->query, $function), $args);
if($config['debug'] && $function == 'execute') {
if ($config['debug'] && $function == 'execute') {
$time = round((microtime(true) - $start) * 1000, 2) . 'ms';
$debug['sql'][] = Array(
@ -43,15 +43,15 @@ class PreparedQueryDebug {
function sql_open() {
global $pdo, $config;
if($pdo) return true;
if ($pdo) return true;
$dsn = $config['db']['type'] . ':host=' . $config['db']['server'] . ';dbname=' . $config['db']['database'];
if(!empty($config['db']['dsn']))
if (!empty($config['db']['dsn']))
$dsn .= ';' . $config['db']['dsn'];
try {
$options = Array(PDO::ATTR_TIMEOUT => $config['db']['timeout']);
$options = Array(PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8');
if($config['db']['persistent'])
if ($config['db']['persistent'])
$options[PDO::ATTR_PERSISTENT] = true;
return $pdo = new PDO($dsn, $config['db']['user'], $config['db']['password'], $options);
} catch(PDOException $e) {
@ -71,7 +71,7 @@ function prepare($query) {
sql_open();
if($config['debug'])
if ($config['debug'])
return new PreparedQueryDebug($query);
return $pdo->prepare($query);
}
@ -81,10 +81,10 @@ function query($query) {
sql_open();
if($config['debug']) {
if ($config['debug']) {
$start = microtime(true);
$query = $pdo->query($query);
if(!$query)
if (!$query)
return false;
$time = round((microtime(true) - $start) * 1000, 2) . 'ms';
$debug['sql'][] = Array(
@ -100,7 +100,7 @@ function query($query) {
function db_error($PDOStatement=null) {
global $pdo;
if(isset($PDOStatement)) {
if (isset($PDOStatement)) {
$err = $PDOStatement->errorInfo();
return $err[2];
} else {

114
inc/display.php
View File

@ -4,7 +4,7 @@
* Copyright (c) 2010-2012 Tinyboard Development Group
*/
if(realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {
if (realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {
// You cannot request this file directly.
exit;
}
@ -23,11 +23,11 @@ function doBoardListPart($list, $root) {
global $config;
$body = '';
foreach($list as $board) {
if(is_array($board))
foreach ($list as $board) {
if (is_array($board))
$body .= ' [' . doBoardListPart($board, $root) . '] ';
else {
if(($key = array_search($board, $list)) && gettype($key) == 'string') {
if (($key = array_search($board, $list)) && gettype($key) == 'string') {
$body .= ' <a href="' . $board . '">' . $key . '</a> /';
} else {
$body .= ' <a href="' . $root . $board . '/' . $config['file_index'] . '">' . $board . '</a> /';
@ -42,10 +42,10 @@ function doBoardListPart($list, $root) {
function createBoardlist($mod=false) {
global $config;
if(!isset($config['boards'])) return Array('top'=>'','bottom'=>'');
if (!isset($config['boards'])) return Array('top'=>'','bottom'=>'');
$body = doBoardListPart($config['boards'], $mod?'?/':$config['root']);
if(!preg_match('/\] $/', $body))
if (!preg_match('/\] $/', $body))
$body = '[' . $body . ']';
$body = trim($body);
@ -59,12 +59,12 @@ function createBoardlist($mod=false) {
function error($message, $priority = true) {
global $board, $mod, $config;
if($config['syslog'] && $priority !== false) {
if ($config['syslog'] && $priority !== false) {
// Use LOG_NOTICE instead of LOG_ERR or LOG_WARNING because most error message are not significant.
_syslog($priority !== true ? $priority : LOG_NOTICE, $message);
}
if(defined('STDIN')) {
if (defined('STDIN')) {
// Running from CLI
die('Error: ' . $message . "\n");
}
@ -103,7 +103,7 @@ function loginForm($error=false, $username=false, $redirect=false) {
function pm_snippet($body, $len=null) {
global $config;
if(!isset($len))
if (!isset($len))
$len = &$config['mod']['snippet_length'];
// Replace line breaks with some whitespace
@ -127,16 +127,16 @@ function pm_snippet($body, $len=null) {
function capcode($cap) {
global $config;
if(!$cap)
if (!$cap)
return false;
$capcode = Array();
if(isset($config['custom_capcode'][$cap])) {
if(is_array($config['custom_capcode'][$cap])) {
if (isset($config['custom_capcode'][$cap])) {
if (is_array($config['custom_capcode'][$cap])) {
$capcode['cap'] = sprintf($config['custom_capcode'][$cap][0], $cap);
if(isset($config['custom_capcode'][$cap][1]))
if (isset($config['custom_capcode'][$cap][1]))
$capcode['name'] = $config['custom_capcode'][$cap][1];
if(isset($config['custom_capcode'][$cap][2]))
if (isset($config['custom_capcode'][$cap][2]))
$capcode['trip'] = $config['custom_capcode'][$cap][2];
} else {
$capcode['cap'] = sprintf($config['custom_capcode'][$cap], $cap);
@ -151,38 +151,38 @@ function capcode($cap) {
function truncate($body, $url, $max_lines = false, $max_chars = false) {
global $config;
if($max_lines === false)
if ($max_lines === false)
$max_lines = $config['body_truncate'];
if($max_chars === false)
if ($max_chars === false)
$max_chars = $config['body_truncate_char'];
$original_body = $body;
$lines = substr_count($body, '<br/>');
// Limit line count
if($lines > $max_lines) {
if(preg_match('/(((.*?)<br\/>){' . $max_lines . '})/', $body, $m))
if ($lines > $max_lines) {
if (preg_match('/(((.*?)<br\/>){' . $max_lines . '})/', $body, $m))
$body = $m[0];
}
$body = substr($body, 0, $max_chars);
if($body != $original_body) {
if ($body != $original_body) {
// Remove any corrupt tags at the end
$body = preg_replace('/<([\w]+)?([^>]*)?$/', '', $body);
// Open tags
if(preg_match_all('/<([\w]+)[^>]*>/', $body, $open_tags)) {
if (preg_match_all('/<([\w]+)[^>]*>/', $body, $open_tags)) {
$tags = Array();
for($x=0;$x<count($open_tags[0]);$x++) {
if(!preg_match('/\/(\s+)?>$/', $open_tags[0][$x]))
for ($x=0;$x<count($open_tags[0]);$x++) {
if (!preg_match('/\/(\s+)?>$/', $open_tags[0][$x]))
$tags[] = $open_tags[1][$x];
}
// List successfully closed tags
if(preg_match_all('/(<\/([\w]+))>/', $body, $closed_tags)) {
for($x=0;$x<count($closed_tags[0]);$x++) {
if (preg_match_all('/(<\/([\w]+))>/', $body, $closed_tags)) {
for ($x=0;$x<count($closed_tags[0]);$x++) {
unset($tags[array_search($closed_tags[2][$x], $tags)]);
}
}
@ -191,7 +191,7 @@ function truncate($body, $url, $max_lines = false, $max_chars = false) {
$body = preg_replace('/&[^;]+$/', '', $body);
// Close any open tags
foreach($tags as &$tag) {
foreach ($tags as &$tag) {
$body .= "</{$tag}>";
}
} else {
@ -207,8 +207,8 @@ function truncate($body, $url, $max_lines = false, $max_chars = false) {
function confirmLink($text, $title, $confirm, $href) {
global $config, $mod;
if($config['mod']['server-side_confirm'])
return '<a onclick="if(confirm(\'' . htmlentities(addslashes($confirm)) . '\')) document.location=\'?/' . htmlentities(addslashes($href)) . '\';return false;" title="' . htmlentities($title) . '" href="?/confirm/' . $href . '">' . $text . '</a>';
if ($config['mod']['server-side_confirm'])
return '<a onclick="if (confirm(\'' . htmlentities(addslashes($confirm)) . '\')) document.location=\'?/' . htmlentities(addslashes($href)) . '\';return false;" title="' . htmlentities($title) . '" href="?/confirm/' . $href . '">' . $text . '</a>';
else
return '<a onclick="return confirm(\'' . htmlentities(addslashes($confirm)) . '\')" title="' . htmlentities($title) . '" href="?/' . $href . '">' . $text . '</a>';
}
@ -216,7 +216,7 @@ function confirmLink($text, $title, $confirm, $href) {
class Post {
public function __construct($id, $thread, $subject, $email, $name, $trip, $capcode, $body, $time, $thumb, $thumbx, $thumby, $file, $filex, $filey, $filesize, $filename, $ip, $embed, $root=null, $mod=false) {
global $config;
if(!isset($root))
if (!isset($root))
$root = &$config['root'];
$this->id = $id;
@ -241,7 +241,7 @@ class Post {
$this->root = $root;
$this->mod = $mod;
if($this->mod)
if ($this->mod)
// Fix internal links
// Very complicated regex
$this->body = preg_replace(
@ -259,38 +259,38 @@ class Post {
global $board, $config;
$built = '';
if($this->mod) {
if ($this->mod) {
// Mod controls (on posts)
// Delete
if(hasPermission($config['mod']['delete'], $board['uri'], $this->mod))
if (hasPermission($config['mod']['delete'], $board['uri'], $this->mod))
$built .= ' ' . confirmLink($config['mod']['link_delete'], 'Delete', 'Are you sure you want to delete this?', $board['uri'] . '/delete/' . $this->id);
// Delete all posts by IP
if(hasPermission($config['mod']['deletebyip'], $board['uri'], $this->mod))
if (hasPermission($config['mod']['deletebyip'], $board['uri'], $this->mod))
$built .= ' ' . confirmLink($config['mod']['link_deletebyip'], 'Delete all posts by IP', 'Are you sure you want to delete all posts by this IP address?', $board['uri'] . '/deletebyip/' . $this->id);
// Delete all posts by IP (global)
if(hasPermission($config['mod']['deletebyip_global'], $board['uri'], $this->mod))
if (hasPermission($config['mod']['deletebyip_global'], $board['uri'], $this->mod))
$built .= ' ' . confirmLink($config['mod']['link_deletebyip_global'], 'Delete all posts by IP across all boards', 'Are you sure you want to delete all posts by this IP address, across all boards?', $board['uri'] . '/deletebyip/' . $this->id . '/global');
// Ban
if(hasPermission($config['mod']['ban'], $board['uri'], $this->mod))
if (hasPermission($config['mod']['ban'], $board['uri'], $this->mod))
$built .= ' <a title="Ban" href="?/' . $board['uri'] . '/ban/' . $this->id . '">' . $config['mod']['link_ban'] . '</a>';
// Ban & Delete
if(hasPermission($config['mod']['bandelete'], $board['uri'], $this->mod))
if (hasPermission($config['mod']['bandelete'], $board['uri'], $this->mod))
$built .= ' <a title="Ban & Delete" href="?/' . $board['uri'] . '/ban&amp;delete/' . $this->id . '">' . $config['mod']['link_bandelete'] . '</a>';
// Delete file (keep post)
if(!empty($this->file) && hasPermission($config['mod']['deletefile'], $board['uri'], $this->mod))
if (!empty($this->file) && hasPermission($config['mod']['deletefile'], $board['uri'], $this->mod))
$built .= ' <a title="Remove file" href="?/' . $board['uri'] . '/deletefile/' . $this->id . '">' . $config['mod']['link_deletefile'] . '</a>';
// Edit post
if(hasPermission($config['mod']['editpost'], $board['uri'], $this->mod))
if (hasPermission($config['mod']['editpost'], $board['uri'], $this->mod))
$built .= ' <a title="Edit post" href="?/' . $board['uri'] . '/edit/' . $this->id . '">' . $config['mod']['link_editpost'] . '</a>';
if(!empty($built))
if (!empty($built))
$built = '<span class="controls">' . $built . '</span>';
}
return $built;
@ -306,7 +306,7 @@ class Post {
class Thread {
public function __construct($id, $subject, $email, $name, $trip, $capcode, $body, $time, $thumb, $thumbx, $thumby, $file, $filex, $filey, $filesize, $filename, $ip, $sticky, $locked, $bumplocked, $embed, $root=null, $mod=false, $hr=true) {
global $config;
if(!isset($root))
if (!isset($root))
$root = &$config['root'];
$this->id = $id;
@ -337,7 +337,7 @@ class Thread {
$this->mod = $mod;
$this->hr = $hr;
if($this->mod)
if ($this->mod)
// Fix internal links
// Very complicated regex
$this->body = preg_replace(
@ -358,60 +358,60 @@ class Thread {
global $board, $config;
$built = '';
if($this->mod) {
if ($this->mod) {
// Mod controls (on posts)
// Delete
if(hasPermission($config['mod']['delete'], $board['uri'], $this->mod))
if (hasPermission($config['mod']['delete'], $board['uri'], $this->mod))
$built .= ' ' . confirmLink($config['mod']['link_delete'], 'Delete', 'Are you sure you want to delete this?', $board['uri'] . '/delete/' . $this->id);
// Delete all posts by IP
if(hasPermission($config['mod']['deletebyip'], $board['uri'], $this->mod))
if (hasPermission($config['mod']['deletebyip'], $board['uri'], $this->mod))
$built .= ' ' . confirmLink($config['mod']['link_deletebyip'], 'Delete all posts by IP', 'Are you sure you want to delete all posts by this IP address?', $board['uri'] . '/deletebyip/' . $this->id);
// Delete all posts by IP (global)
if(hasPermission($config['mod']['deletebyip_global'], $board['uri'], $this->mod))
if (hasPermission($config['mod']['deletebyip_global'], $board['uri'], $this->mod))
$built .= ' ' . confirmLink($config['mod']['link_deletebyip_global'], 'Delete all posts by IP across all boards', 'Are you sure you want to delete all posts by this IP address, across all boards?', $board['uri'] . '/deletebyip/' . $this->id . '/global');
// Ban
if(hasPermission($config['mod']['ban'], $board['uri'], $this->mod))
if (hasPermission($config['mod']['ban'], $board['uri'], $this->mod))
$built .= ' <a title="Ban" href="?/' . $board['uri'] . '/ban/' . $this->id . '">' . $config['mod']['link_ban'] . '</a>';
// Ban & Delete
if(hasPermission($config['mod']['bandelete'], $board['uri'], $this->mod))
if (hasPermission($config['mod']['bandelete'], $board['uri'], $this->mod))
$built .= ' <a title="Ban & Delete" href="?/' . $board['uri'] . '/ban&amp;delete/' . $this->id . '">' . $config['mod']['link_bandelete'] . '</a>';
// Delete file (keep post)
if(!empty($this->file) && $this->file != 'deleted' && hasPermission($config['mod']['deletefile'], $board['uri'], $this->mod))
if (!empty($this->file) && $this->file != 'deleted' && hasPermission($config['mod']['deletefile'], $board['uri'], $this->mod))
$built .= ' <a title="Remove file" href="?/' . $board['uri'] . '/deletefile/' . $this->id . '">' . $config['mod']['link_deletefile'] . '</a>';
// Sticky
if(hasPermission($config['mod']['sticky'], $board['uri'], $this->mod))
if($this->sticky)
if (hasPermission($config['mod']['sticky'], $board['uri'], $this->mod))
if ($this->sticky)
$built .= ' <a title="Make thread not sticky" href="?/' . $board['uri'] . '/unsticky/' . $this->id . '">' . $config['mod']['link_desticky'] . '</a>';
else
$built .= ' <a title="Make thread sticky" href="?/' . $board['uri'] . '/sticky/' . $this->id . '">' . $config['mod']['link_sticky'] . '</a>';
if(hasPermission($config['mod']['bumplock'], $board['uri'], $this->mod))
if($this->bumplocked)
if (hasPermission($config['mod']['bumplock'], $board['uri'], $this->mod))
if ($this->bumplocked)
$built .= ' <a title="Allow thread to be bumped" href="?/' . $board['uri'] . '/bumpunlock/' . $this->id . '">' . $config['mod']['link_bumpunlock'] . '</a>';
else
$built .= ' <a title="Prevent thread from being bumped" href="?/' . $board['uri'] . '/bumplock/' . $this->id . '">' . $config['mod']['link_bumplock'] . '</a>';
// Lock
if(hasPermission($config['mod']['lock'], $board['uri'], $this->mod))
if($this->locked)
if (hasPermission($config['mod']['lock'], $board['uri'], $this->mod))
if ($this->locked)
$built .= ' <a title="Unlock thread" href="?/' . $board['uri'] . '/unlock/' . $this->id . '">' . $config['mod']['link_unlock'] . '</a>';
else
$built .= ' <a title="Lock thread" href="?/' . $board['uri'] . '/lock/' . $this->id . '">' . $config['mod']['link_lock'] . '</a>';
if(hasPermission($config['mod']['move'], $board['uri'], $this->mod))
if (hasPermission($config['mod']['move'], $board['uri'], $this->mod))
$built .= ' <a title="Move thread to another board" href="?/' . $board['uri'] . '/move/' . $this->id . '">' . $config['mod']['link_move'] . '</a>';
// Edit post
if(hasPermission($config['mod']['editpost'], $board['uri'], $this->mod))
if (hasPermission($config['mod']['editpost'], $board['uri'], $this->mod))
$built .= ' <a title="Edit post" href="?/' . $board['uri'] . '/edit/' . $this->id . '">' . $config['mod']['link_editpost'] . '</a>';
if(!empty($built))
if (!empty($built))
$built = '<span class="controls op">' . $built . '</span>';
}
return $built;
@ -426,7 +426,7 @@ class Thread {
$built = Element('post_thread.html', Array('config' => $config, 'board' => $board, 'post' => &$this, 'index' => $index));
if(!$this->mod && $index && $config['cache']['enabled']) {
if (!$this->mod && $index && $config['cache']['enabled']) {
cache::set($this->cache_key($index), $built);
}

12
inc/events.php
View File

@ -4,7 +4,7 @@
* Copyright (c) 2010-2012 Tinyboard Development Group
*/
if(realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {
if (realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {
// You cannot request this file directly.
exit;
}
@ -18,13 +18,13 @@ function event() {
$args = array_splice($args, 1);
if(!isset($events[$event]))
if (!isset($events[$event]))
return false;
foreach($events[$event] as $callback) {
if(!is_callable($callback))
foreach ($events[$event] as $callback) {
if (!is_callable($callback))
error('Event handler for ' . $event . ' is not callable!');
if($error = call_user_func_array($callback, $args))
if ($error = call_user_func_array($callback, $args))
return $error;
}
@ -34,7 +34,7 @@ function event() {
function event_handler($event, $callback) {
global $events;
if(!isset($events[$event]))
if (!isset($events[$event]))
$events[$event] = Array();
$events[$event][] = $callback;

38
inc/filters.php
View File

@ -4,7 +4,7 @@
* Copyright (c) 2010-2012 Tinyboard Development Group
*/
if(realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {
if (realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {
// You cannot request this file directly.
exit;
}
@ -13,7 +13,7 @@ class Filter {
private $condition;
public function __construct(array $arr) {
foreach($arr as $key => $value)
foreach ($arr as $key => $value)
$this->$key = $value;
}
@ -22,7 +22,7 @@ class Filter {
switch($condition) {
case 'custom':
if(!is_callable($match))
if (!is_callable($match))
error('Custom condition for filter is not callable!');
return $match($post);
case 'name':
@ -36,11 +36,11 @@ class Filter {
case 'body':
return preg_match($match, $post['body']);
case 'filename':
if(!$post['has_file'])
if (!$post['has_file'])
return false;
return preg_match($match, $post['filename']);
case 'extension':
if(!$post['has_file'])
if (!$post['has_file'])
return false;
return preg_match($match, $post['body']);
case 'ip':
@ -61,22 +61,22 @@ class Filter {
case 'reject':
error(isset($this->message) ? $this->message : 'Posting throttled by flood filter.');
case 'ban':
if(!isset($this->reason))
if (!isset($this->reason))
error('The ban action requires a reason.');
$reason = $this->reason;
if(isset($this->expires))
if (isset($this->expires))
$expires = time() + $this->expires;
else
$expires = 0; // Ban indefinitely
if(isset($this->reject))
if (isset($this->reject))
$reject = $this->reject;
else
$reject = true;
if(isset($this->all_boards))
if (isset($this->all_boards))
$all_boards = $this->all_boards;
else
$all_boards = false;
@ -86,26 +86,26 @@ class Filter {
$query->bindValue(':mod', -1);
$query->bindValue(':set', time());
if($expires)
if ($expires)
$query->bindValue(':expires', $expires);
else
$query->bindValue(':expires', null, PDO::PARAM_NULL);
if($reason)
if ($reason)
$query->bindValue(':reason', $reason);
else
$query->bindValue(':reason', null, PDO::PARAM_NULL);
if($all_boards)
if ($all_boards)
$query->bindValue(':board', null, PDO::PARAM_NULL);
else
$query->bindValue(':board', $board['uri']);
$query->execute() or error(db_error($query));
if($reject) {
if(isset($this->message))
if ($reject) {
if (isset($this->message))
error($message);
checkBan($board['uri']);
@ -119,8 +119,8 @@ class Filter {
}
public function check(array $post) {
foreach($this->condition as $condition => $value) {
if(!$this->match($post, $condition, $value))
foreach ($this->condition as $condition => $value) {
if (!$this->match($post, $condition, $value))
return false;
}
@ -132,12 +132,12 @@ class Filter {
function do_filters(array $post) {
global $config;
if(!isset($config['flood_filters']))
if (!isset($config['flood_filters']))
return;
foreach($config['flood_filters'] as $arr) {
foreach ($config['flood_filters'] as $arr) {
$filter = new Filter($arr);
if($filter->check($post))
if ($filter->check($post))
$filter->action();
}
}

466
inc/functions.php
View File

File diff suppressed because it is too large Load Diff

58
inc/image.php
View File

@ -4,7 +4,7 @@
* Copyright (c) 2010-2012 Tinyboard Development Group
*/
if(realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {
if (realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {
// You cannot request this file directly.
exit;
}
@ -17,25 +17,25 @@ class Image {
$this->src = $src;
$this->format = $format;
if($config['thumb_method'] == 'imagick') {
if ($config['thumb_method'] == 'imagick') {
$classname = 'ImageImagick';
} elseif($config['thumb_method'] == 'convert') {
} elseif ($config['thumb_method'] == 'convert') {
$classname = 'ImageConvert';
} else {
$classname = 'Image' . strtoupper($this->format);
if(!class_exists($classname)) {
if (!class_exists($classname)) {
error('Unsupported file format: ' . $this->format);
}
}
$this->image = new $classname($this);
if(!$this->image->valid()) {
if (!$this->image->valid()) {
$this->delete();
error($config['error']['invalidimg']);
}
$this->size = (object)Array('width' => $this->image->_width(), 'height' => $this->image->_height());
if($this->size->width < 1 || $this->size->height < 1) {
if ($this->size->width < 1 || $this->size->height < 1) {
$this->delete();
error($config['error']['invalidimg']);
}
@ -44,13 +44,13 @@ class Image {
public function resize($extension, $max_width, $max_height) {
global $config;
if($config['thumb_method'] == 'imagick') {
if ($config['thumb_method'] == 'imagick') {
$classname = 'ImageImagick';
} elseif($config['thumb_method'] == 'convert') {
} elseif ($config['thumb_method'] == 'convert') {
$classname = 'ImageConvert';
} else {
$classname = 'Image' . strtoupper($extension);
if(!class_exists($classname)) {
if (!class_exists($classname)) {
error('Unsupported file format: ' . $extension);
}
}
@ -63,7 +63,7 @@ class Image {
$x_ratio = $max_width / $this->size->width;
$y_ratio = $max_height / $this->size->height;
if(($this->size->width <= $max_width) && ($this->size->height <= $max_height)) {
if (($this->size->width <= $max_width) && ($this->size->height <= $max_height)) {
$width = $this->size->width;
$height = $this->size->height;
} elseif (($x_ratio * $this->size->height) < $max_height) {
@ -110,29 +110,29 @@ class ImageBase extends ImageGD {
}
public function __construct($img) {
if(method_exists($this, 'init'))
if (method_exists($this, 'init'))
$this->init();
if($img !== false) {
if ($img !== false) {
$this->src = $img->src;
$this->from();
}
}
public function _width() {
if(method_exists($this, 'width'))
if (method_exists($this, 'width'))
return $this->width();
// use default GD functions
return imagesx($this->image);
}
public function _height() {
if(method_exists($this, 'height'))
if (method_exists($this, 'height'))
return $this->height();
// use default GD functions
return imagesy($this->image);
}
public function _destroy() {
if(method_exists($this, 'destroy'))
if (method_exists($this, 'destroy'))
return $this->destroy();
// use default GD functions
return imagedestroy($this->image);
@ -142,7 +142,7 @@ class ImageBase extends ImageGD {
$this->width = $width;
$this->height = $height;
if(method_exists($this, 'resize'))
if (method_exists($this, 'resize'))
$this->resize();
else
// use default GD functions
@ -164,7 +164,7 @@ class ImageImagick extends ImageBase {
}
}
public function to($src) {
if(preg_match('/\.gif$/i', $src))
if (preg_match('/\.gif$/i', $src))
$this->image->writeImages($src, true);
else
$this->image->writeImage($src);
@ -181,20 +181,20 @@ class ImageImagick extends ImageBase {
public function resize() {
global $config;
if(preg_match('/\.gif$/i', $this->src) && $config['thumb_ext'] == 'gif') {
if (preg_match('/\.gif$/i', $this->src) && $config['thumb_ext'] == 'gif') {
$this->image = new Imagick();
$this->image->setFormat('gif');
$keep_frames = Array();
for($i = 0; $i < $this->original->getNumberImages(); $i += floor($this->original->getNumberImages() / $config['thumb_keep_animation_frames']))
for ($i = 0; $i < $this->original->getNumberImages(); $i += floor($this->original->getNumberImages() / $config['thumb_keep_animation_frames']))
$keep_frames[] = $i;
$i = 0;
$delay = 0;
foreach($this->original as $frame) {
foreach ($this->original as $frame) {
$delay += $frame->getImageDelay();
if(in_array($i, $keep_frames)) {
if (in_array($i, $keep_frames)) {
// $frame->scaleImage($this->width, $this->height, false);
$frame->sampleImage($this->width, $this->height);
$frame->setImagePage($this->width, $this->height, 0, 0);
@ -223,7 +223,7 @@ class ImageConvert extends ImageBase {
}
public function from() {
$size = trim(shell_exec('identify -format "%w %h" ' . escapeshellarg($this->src . '[0]')));
if(preg_match('/^(\d+) (\d+)$/', $size, $m)) {
if (preg_match('/^(\d+) (\d+)$/', $size, $m)) {
$this->width = $m[1];
$this->height = $m[2];
@ -234,7 +234,7 @@ class ImageConvert extends ImageBase {
}
}
public function to($src) {
if(!$this->temp) {
if (!$this->temp) {
// $config['redraw_image']
shell_exec('convert ' . escapeshellarg($this->src) . ' ' . escapeshellarg($src));
} else {
@ -255,7 +255,7 @@ class ImageConvert extends ImageBase {
public function resize() {
global $config;
if($this->temp) {
if ($this->temp) {
// remove old
$this->destroy();
}
@ -264,7 +264,7 @@ class ImageConvert extends ImageBase {
$quality = $config['thumb_quality'] * 10;
if(shell_exec("convert -flatten -filter Point -scale {$this->width}x{$this->height} +antialias -quality {$quality} " . escapeshellarg($this->src . '[0]') . " " . escapeshellarg($this->temp)) || !file_exists($this->temp))
if (shell_exec("convert -flatten -filter Point -scale {$this->width}x{$this->height} +antialias -quality {$quality} " . escapeshellarg($this->src . '[0]') . " " . escapeshellarg($this->temp)) || !file_exists($this->temp))
error('Failed to resize image!');
}
}
@ -288,10 +288,10 @@ class ImagePNG extends ImageBase {
class ImageGIF extends ImageBase {
public function from() {
$this->image = @imagecreatefromgif($this->src);
$this->image = @imagecreatefromgif ($this->src);
}
public function to($src) {
imagegif($this->image, $src);
imagegif ($this->image, $src);
}
public function resize() {
$this->GD_create();
@ -436,7 +436,7 @@ function imagebmp(&$img, $filename='') {
// is faster than chr()
$arrChr = array();
for($i=0; $i<256; $i++){
for ($i=0; $i<256; $i++){
$arrChr[$i] = chr($i);
}
@ -472,7 +472,7 @@ function imagebmp(&$img, $filename='') {
}
// see imagegif
if($filename == '') {
if ($filename == '') {
echo $result;
} else {
$file = fopen($filename, 'wb');

34
inc/mod.php
View File

@ -4,7 +4,7 @@
* Copyright (c) 2010-2012 Tinyboard Development Group
*/
if(realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {
if (realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {
// You cannot request this file directly.
exit;
}
@ -13,7 +13,7 @@ if(realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {
function mkhash($username, $password, $salt = false) {
global $config;
if(!$salt) {
if (!$salt) {
// create some sort of salt for the hash
$salt = substr(base64_encode(sha1(rand() . time(), true) . $config['cookies']['salt']), 0, 15);
@ -23,7 +23,7 @@ function mkhash($username, $password, $salt = false) {
// generate hash (method is not important as long as it's strong)
$hash = substr(base64_encode(md5($username . sha1($username . $password . $salt . ($config['mod']['lock_ip'] ? $_SERVER['REMOTE_ADDR'] : ''), true), true)), 0, 20);
if(isset($generated_salt))
if (isset($generated_salt))
return Array($hash, $salt);
else
return $hash;
@ -33,7 +33,7 @@ function login($username, $password, $makehash=true) {
global $mod;
// SHA1 password
if($makehash) {
if ($makehash) {
$password = sha1($password);
}
@ -42,7 +42,7 @@ function login($username, $password, $makehash=true) {
$query->bindValue(':password', $password);
$query->execute() or error(db_error($query));
if($user = $query->fetch()) {
if ($user = $query->fetch()) {
return $mod = Array(
'id' => $user['id'],
'type' => $user['type'],
@ -55,7 +55,7 @@ function login($username, $password, $makehash=true) {
function setCookies() {
global $mod, $config;
if(!$mod)
if (!$mod)
error('setCookies() was called for a non-moderator!');
setcookie($config['cookies']['mod'],
@ -79,7 +79,7 @@ function create_pm_header() {
$query->bindValue(':id', $mod['id'], PDO::PARAM_INT);
$query->execute() or error(db_error($query));
if($pm = $query->fetch()) {
if ($pm = $query->fetch()) {
return Array('id' => $pm['id'], 'waiting' => $query->rowCount() - 1);
}
@ -93,15 +93,15 @@ function modLog($action, $_board=null) {
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
$query->bindValue(':time', time(), PDO::PARAM_INT);
$query->bindValue(':text', $action);
if(isset($_board))
if (isset($_board))
$query->bindValue(':board', $_board);
elseif(isset($board))
elseif (isset($board))
$query->bindValue(':board', $board['uri']);
else
$query->bindValue(':board', null, PDO::PARAM_NULL);
$query->execute() or error(db_error($query));
if($config['syslog'])
if ($config['syslog'])
_syslog(LOG_INFO, '[mod/' . $mod['username'] . ']: ' . $action);
}
@ -115,7 +115,7 @@ function ulBoards() {
// List of boards
$boards = listBoards();
foreach($boards as &$b) {
foreach ($boards as &$b) {
$body .= '<li>' .
'<a href="?/' .
sprintf($config['board_path'], $b['uri']) . $config['file_index'] .
@ -129,7 +129,7 @@ function ulBoards() {
'</li>';
}
if($mod['type'] >= $config['mod']['newboard']) {
if ($mod['type'] >= $config['mod']['newboard']) {
$body .= '<li style="margin-top:15px;"><a href="?/new"><strong>' . _('Create new board') . '</strong></a></li>';
}
return $body;
@ -140,7 +140,7 @@ function form_newBan($ip=null, $reason='', $continue=false, $delete=false, $boar
$boards = listBoards();
$__boards = '<li><input type="radio" checked="checked" name="board" id="board_*" value=""/> <label style="display:inline" for="board_*"><em>' . _('all boards') . '</em></label></li>';
foreach($boards as &$_board) {
foreach ($boards as &$_board) {
$__boards .= '<li>' .
'<input type="radio" name="board" id="board_' . $_board['uri'] . '" value="' . $_board['uri'] . '">' .
'<label style="display:inline" for="board_' . $_board['uri'] . '"> ' .
@ -247,7 +247,7 @@ function removeBan($id) {
$query->bindValue(':id', $id, PDO::PARAM_INT);
$query->execute() or error(db_error($query));
//if($config['memcached']['enabled']) {
//if ($config['memcached']['enabled']) {
// Remove cached ban
// TODO
// $memcached->delete("ban_{$id}");
@ -257,10 +257,10 @@ function removeBan($id) {
// Validate session
if(isset($_COOKIE[$config['cookies']['mod']])) {
if (isset($_COOKIE[$config['cookies']['mod']])) {
// Should be username:hash:salt
$cookie = explode(':', $_COOKIE[$config['cookies']['mod']]);
if(count($cookie) != 3) {
if (count($cookie) != 3) {
destroyCookies();
error($config['error']['malformed']);
}
@ -271,7 +271,7 @@ if(isset($_COOKIE[$config['cookies']['mod']])) {
$user = $query->fetch();
// validate password hash
if($cookie[1] != mkhash($cookie[0], $user['password'], $cookie[2])) {
if ($cookie[1] != mkhash($cookie[0], $user['password'], $cookie[2])) {
// Malformed cookies
destroyCookies();
error($config['error']['malformed']);

18
inc/remote.php
View File

@ -4,38 +4,38 @@
* Copyright (c) 2010-2012 Tinyboard Development Group
*/
if(realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {
if (realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {
// You cannot request this file directly.
exit;
}
class Remote {
public function __construct($config) {
foreach($config as $name => $value) {
foreach ($config as $name => $value) {
$this->{$name} = $value;
}
$methods = Array();
if(!isset($this->auth['method']))
if (!isset($this->auth['method']))
error('Unspecified authentication method.');
// Connect
$this->connection = ssh2_connect($this->host, isset($this->port) ? $this->port : 22, $methods);
switch($this->auth['method']) {
switch ($this->auth['method']) {
case 'pubkey':
if(!isset($this->auth['public']))
if (!isset($this->auth['public']))
error('Public key filename not specified.');
if(!isset($this->auth['private']))
if (!isset($this->auth['private']))
error('Private key filename not specified.');
if(!ssh2_auth_pubkey_file($this->connection, $this->auth['username'], $this->auth['public'], $this->auth['private'], isset($this->auth['passphrase']) ? $this->auth['passphrase']: null))
if (!ssh2_auth_pubkey_file($this->connection, $this->auth['username'], $this->auth['public'], $this->auth['private'], isset($this->auth['passphrase']) ? $this->auth['passphrase']: null))
error('Public key authentication failed.');
break;
case 'plain':
if(!ssh2_auth_password($this->connection, $this->auth['username'], $this->auth['password']))
if (!ssh2_auth_password($this->connection, $this->auth['username'], $this->auth['password']))
error('Plain-text authentication failed.');
break;
default:
@ -47,7 +47,7 @@ class Remote {
public function write($data, $remote_path) {
global $config;
switch($this->type) {
switch ($this->type) {
case 'sftp':
$sftp = ssh2_sftp($this->connection);
file_write('ssh2.sftp://' . $sftp . $remote_path, $data, true);

14
inc/template.php
View File

@ -4,7 +4,7 @@
* Copyright (c) 2010-2012 Tinyboard Development Group
*/
if(realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {
if (realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {
// You cannot request this file directly.
exit;
}
@ -36,15 +36,15 @@ function load_twig() {
function Element($templateFile, array $options) {
global $config, $debug, $twig;
if(!$twig)
if (!$twig)
load_twig();
if(function_exists('create_pm_header') && ((isset($options['mod']) && $options['mod']) || isset($options['__mod']))) {
if (function_exists('create_pm_header') && ((isset($options['mod']) && $options['mod']) || isset($options['__mod']))) {
$options['pm'] = create_pm_header();
}
if(isset($options['body']) && $config['debug']) {
if(isset($debug['start'])) {
if (isset($options['body']) && $config['debug']) {
if (isset($debug['start'])) {
$debug['time'] = '~' . round((microtime(true) - $debug['start']) * 1000, 2) . 'ms';
unset($debug['start']);
}
@ -57,10 +57,10 @@ function Element($templateFile, array $options) {
}
// Read the template file
if(@file_get_contents("{$config['dir']['template']}/${templateFile}")) {
if (@file_get_contents("{$config['dir']['template']}/${templateFile}")) {
$body = $twig->render($templateFile, $options);
if($config['minify_html'] && preg_match('/\.html$/', $templateFile)) {
if ($config['minify_html'] && preg_match('/\.html$/', $templateFile)) {
$body = trim(preg_replace("/[\t\r\n]/", '', $body));
}

76
install.php
View File

@ -16,21 +16,21 @@ $page = Array(
// this breaks the dispaly of licenses if enabled
$config['minify_html'] = false;
if(file_exists($config['has_installed'])) {
if (file_exists($config['has_installed'])) {
// Check the version number
$version = trim(file_get_contents($config['has_installed']));
if(empty($version))
if (empty($version))
$version = 'v0.9.1';
$boards = listBoards();
switch($version) {
switch ($version) {
case 'v0.9':
case 'v0.9.1':
// Upgrade to v0.9.2-dev
foreach($boards as &$_board) {
foreach ($boards as &$_board) {
// Add `capcode` field after `trip`
query(sprintf("ALTER TABLE `posts_%s` ADD `capcode` VARCHAR( 50 ) NULL AFTER `trip`", $_board['uri'])) or error(db_error());
@ -51,7 +51,7 @@ if(file_exists($config['has_installed'])) {
$version = 'v0.9.2-dev-1';
// Upgrade to v0.9.2-dev-2
foreach($boards as &$_board) {
foreach ($boards as &$_board) {
// Increase field sizes
query(sprintf("ALTER TABLE `posts_%s` CHANGE `subject` `subject` VARCHAR( 50 ) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL", $_board['uri'])) or error(db_error());
query(sprintf("ALTER TABLE `posts_%s` CHANGE `name` `name` VARCHAR( 35 ) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL", $_board['uri'])) or error(db_error());
@ -59,7 +59,7 @@ if(file_exists($config['has_installed'])) {
case 'v0.9.2-dev-2':
// Upgrade to v0.9.2-dev-3 (v0.9.2)
foreach($boards as &$_board) {
foreach ($boards as &$_board) {
// Add `custom_fields` field
query(sprintf("ALTER TABLE `posts_%s` ADD `embed` TEXT NULL", $_board['uri'])) or error(db_error());
}
@ -76,7 +76,7 @@ if(file_exists($config['has_installed'])) {
query("ALTER TABLE `mods` ADD `boards` TEXT NOT NULL") or error(db_error());
query("UPDATE `mods` SET `boards` = '*'") or error(db_error());
case 'v0.9.3-dev-2':
foreach($boards as &$_board) {
foreach ($boards as &$_board) {
query(sprintf("ALTER TABLE `posts_%s` CHANGE `filehash` `filehash` TEXT CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL", $_board['uri'])) or error(db_error());
}
case 'v0.9.3-dev-3':
@ -86,7 +86,7 @@ if(file_exists($config['has_installed'])) {
// add ban ID
query("ALTER TABLE `bans` ADD `id` INT NOT NULL AUTO_INCREMENT FIRST, ADD PRIMARY KEY ( `id` ), ADD UNIQUE (`id`)");
case 'v0.9.3-dev-5':
foreach($boards as &$_board) {
foreach ($boards as &$_board) {
// Increase subject field size
query(sprintf("ALTER TABLE `posts_%s` CHANGE `subject` `subject` VARCHAR( 100 ) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL", $_board['uri'])) or error(db_error());
}
@ -95,23 +95,23 @@ if(file_exists($config['has_installed'])) {
$tables = Array(
'bans', 'boards', 'ip_notes', 'modlogs', 'mods', 'mutes', 'noticeboard', 'pms', 'reports', 'robot', 'theme_settings', 'news'
);
foreach($boards as &$board) {
foreach ($boards as &$board) {
$tables[] = "posts_{$board['uri']}";
}
foreach($tables as &$table) {
foreach ($tables as &$table) {
query("ALTER TABLE `{$table}` ENGINE = MYISAM DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci") or error(db_error());
}
case 'v0.9.3-dev-7':
foreach($boards as &$board) {
foreach ($boards as &$board) {
query(sprintf("ALTER TABLE `posts_%s` CHANGE `filename` `filename` TEXT CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL", $board['uri'])) or error(db_error());
}
case 'v0.9.3-dev-8':
foreach($boards as &$board) {
foreach ($boards as &$board) {
query(sprintf("ALTER TABLE `posts_%s` ADD INDEX ( `thread` )", $board['uri'])) or error(db_error());
}
case 'v0.9.3-dev-9':
foreach($boards as &$board) {
foreach ($boards as &$board) {
query(sprintf("ALTER TABLE `posts_%s`ADD INDEX ( `time` )", $board['uri'])) or error(db_error());
query(sprintf("ALTER TABLE `posts_%s`ADD FULLTEXT (`body`)", $board['uri'])) or error(db_error());
}
@ -132,11 +132,11 @@ if(file_exists($config['has_installed'])) {
query("ALTER TABLE `news` ADD INDEX (`time`)") or error(db_error());
query("ALTER TABLE `theme_settings` ADD INDEX (`theme`)") or error(db_error());
case 'v0.9.4-dev-1':
foreach($boards as &$board) {
foreach ($boards as &$board) {
query(sprintf("ALTER TABLE `posts_%s` ADD `sage` INT( 1 ) NOT NULL AFTER `locked`", $board['uri'])) or error(db_error());
}
case 'v0.9.4-dev-2':
if(!isset($_GET['confirm'])) {
if (!isset($_GET['confirm'])) {
$page['title'] = 'License Change';
$page['body'] = '<p style="text-align:center">You are upgrading to a version which uses an amended license. The licenses included with Tinyboard distributions prior to this version (v0.9.4-dev-2) are still valid for those versions, but no longer apply to this and newer versions.</p>' .
'<textarea style="width:700px;height:370px;margin:auto;display:block;background:white;color:black" disabled>' . htmlentities(file_get_contents('LICENSE.md')) . '</textarea>
@ -151,14 +151,14 @@ if(file_exists($config['has_installed'])) {
case 'v0.9.4-dev-3':
case 'v0.9.4-dev-4':
case 'v0.9.4':
foreach($boards as &$board) {
foreach ($boards as &$board) {
query(sprintf("ALTER TABLE `posts_%s`
CHANGE `subject` `subject` VARCHAR( 100 ) CHARACTER SET utf8 COLLATE utf8_general_ci NULL ,
CHANGE `email` `email` VARCHAR( 30 ) CHARACTER SET utf8 COLLATE utf8_general_ci NULL ,
CHANGE `name` `name` VARCHAR( 35 ) CHARACTER SET utf8 COLLATE utf8_general_ci NULL", $board['uri'])) or error(db_error());
}
case 'v0.9.5-dev-1':
foreach($boards as &$board) {
foreach ($boards as &$board) {
query(sprintf("ALTER TABLE `posts_%s` ADD `body_nomarkup` TEXT NULL AFTER `body`", $board['uri'])) or error(db_error());
}
query("CREATE TABLE IF NOT EXISTS `cites` ( `board` varchar(8) NOT NULL, `post` int(11) NOT NULL, `target_board` varchar(8) NOT NULL, `target` int(11) NOT NULL, KEY `target` (`target_board`,`target`), KEY `post` (`board`,`post`)) ENGINE=MyISAM DEFAULT CHARSET=utf8;") or error(db_error());
@ -192,7 +192,7 @@ if(file_exists($config['has_installed'])) {
query("ALTER TABLE `bans` CHANGE `board` `board` VARCHAR( 120 ) NULL DEFAULT NULL") or error(db_error());
query("ALTER TABLE `reports` CHANGE `board` `board` VARCHAR( 120 ) NULL DEFAULT NULL") or error(db_error());
query("ALTER TABLE `modlogs` CHANGE `board` `board` VARCHAR( 120 ) NULL DEFAULT NULL") or error(db_error());
foreach($boards as $board) {
foreach ($boards as $board) {
$query = prepare("UPDATE `bans` SET `board` = :newboard WHERE `board` = :oldboard");
$query->bindValue(':newboard', $board['uri']);
$query->bindValue(':oldboard', $board['id']);
@ -228,7 +228,7 @@ if(file_exists($config['has_installed'])) {
die(Element('page.html', $page));
}
if($step == 0) {
if ($step == 0) {
// Agreeement
$page['body'] = '
<textarea style="width:700px;height:370px;margin:auto;display:block;background:white;color:black" disabled>' . htmlentities(file_get_contents('LICENSE.md')) . '</textarea>
@ -237,7 +237,7 @@ if($step == 0) {
</p>';
echo Element('page.html', $page);
} elseif($step == 1) {
} elseif ($step == 1) {
$page['title'] = 'Pre-installation test';
$page['body'] = '<table class="test">';
@ -250,7 +250,7 @@ if($step == 0) {
function row($item, $result) {
global $page, $config, $__is_error;
if(!$result)
if (!$result)
$__is_error = true;
$page['body'] .= '<tr><th>' . $item . '</th><td><img style="width:16px;height:16px" src="' . $config['dir']['static'] . ($result ? 'ok.png' : 'error.png') . '" /></td></tr>';
}
@ -271,7 +271,7 @@ if($step == 0) {
$drivers = PDO::getAvailableDrivers();
rheader('PDO drivers <em>(currently installed drivers)</em>');
foreach($drivers as &$driver) {
foreach ($drivers as &$driver) {
row($driver, true);
}
@ -287,7 +287,7 @@ if($step == 0) {
</p>';
echo Element('page.html', $page);
} elseif($step == 2) {
} elseif ($step == 2) {
// Basic config
$page['title'] = 'Configuration';
@ -304,9 +304,9 @@ if($step == 0) {
$drivers = PDO::getAvailableDrivers();
foreach($drivers as &$driver) {
foreach ($drivers as &$driver) {
$driver_txt = $driver;
switch($driver) {
switch ($driver) {
case 'cubrid':
$driver_txt = 'Cubrid';
break;
@ -449,7 +449,7 @@ if($step == 0) {
echo Element('page.html', $page);
} elseif($step == 3) {
} elseif ($step == 3) {
$instance_config =
'<?php
@ -464,15 +464,15 @@ if($step == 0) {
';
function create_config_from_array(&$instance_config, &$array, $prefix = '') {
foreach($array as $name => $value) {
if(is_array($value)) {
foreach ($array as $name => $value) {
if (is_array($value)) {
$instance_config .= "\n";
create_config_from_array($instance_config, $value, $prefix . '[\'' . addslashes($name) . '\']');
$instance_config .= "\n";
} else {
$instance_config .= ' $config' . $prefix . '[\'' . addslashes($name) . '\'] = ';
if(is_numeric($value))
if (is_numeric($value))
$instance_config .= $value;
else
$instance_config .= "'" . addslashes($value) . "'";
@ -486,7 +486,7 @@ if($step == 0) {
$instance_config .= "\n";
if(@file_put_contents('inc/instance-config.php', $instance_config)) {
if (@file_put_contents('inc/instance-config.php', $instance_config)) {
header('Location: ?step=4', true, $config['redirect_http']);
} else {
$page['title'] = 'Manual installation required';
@ -500,7 +500,7 @@ if($step == 0) {
';
echo Element('page.html', $page);
}
} elseif($step == 4) {
} elseif ($step == 4) {
// SQL installation
buildJavascript();
@ -516,13 +516,13 @@ if($step == 0) {
$queries[] = Element('posts.sql', Array('board' => 'b'));
$sql_errors = '';
foreach($queries as &$query) {
if(!query($query))
foreach ($queries as &$query) {
if (!query($query))
$sql_errors .= '<li>' . db_error() . '</li>';
}
$boards = listBoards();
foreach($boards as &$_board) {
foreach ($boards as &$_board) {
setupBoard($_board);
buildIndex();
}
@ -530,22 +530,22 @@ if($step == 0) {
$page['title'] = 'Installation complete';
$page['body'] = '<p style="text-align:center">Thank you for using Tinyboard. Please remember to report any bugs you discover. <a href="http://tinyboard.org/docs/?p=Config">How do I edit the config files?</a></p>';
if(!empty($sql_errors)) {
if (!empty($sql_errors)) {
$page['body'] .= '<div class="ban"><h2>SQL errors</h2><p>SQL errors were encountered when trying to install the database. This may be the result of using a database which is already occupied with a Tinyboard installation; if so, you can probably ignore this.</p><p>The errors encountered were:</p><ul>' . $sql_errors . '</ul><p><a href="?step=5">Ignore errors and complete installation.</a></p></div>';
} else {
file_write($config['has_installed'], VERSION);
if(!file_unlink(__FILE__)) {
if (!file_unlink(__FILE__)) {
$page['body'] .= '<div class="ban"><h2>Delete install.php!</h2><p>I couldn\'t remove <strong>install.php</strong>. You will have to remove it manually.</p></div>';
}
}
echo Element('page.html', $page);
} elseif($step == 5) {
} elseif ($step == 5) {
$page['title'] = 'Installation complete';
$page['body'] = '<p style="text-align:center">Thank you for using Tinyboard. Please remember to report any bugs you discover.</p>';
file_write($config['has_installed'], VERSION);
if(!file_unlink(__FILE__)) {
if (!file_unlink(__FILE__)) {
$page['body'] .= '<div class="ban"><h2>Delete install.php!</h2><p>I couldn\'t remove <strong>install.php</strong>. You will have to remove it manually.</p></div>';
}

208
post.php
View File

@ -17,20 +17,20 @@ if (get_magic_quotes_gpc()) {
$_POST = strip_array($_POST);
}
if(isset($_POST['delete'])) {
if (isset($_POST['delete'])) {
// Delete
if(!isset($_POST['board'], $_POST['password']))
if (!isset($_POST['board'], $_POST['password']))
error($config['error']['bot']);
$password = &$_POST['password'];
if($password == '')
if ($password == '')
error($config['error']['invalidpassword']);
$delete = array();
foreach($_POST as $post => $value) {
if(preg_match('/^delete_(\d+)$/', $post, $m)) {
foreach ($_POST as $post => $value) {
if (preg_match('/^delete_(\d+)$/', $post, $m)) {
$delete[] = (int)$m[1];
}
}
@ -38,29 +38,29 @@ if(isset($_POST['delete'])) {
checkDNSBL();
// Check if board exists
if(!openBoard($_POST['board']))
if (!openBoard($_POST['board']))
error($config['error']['noboard']);
// Check if banned
checkBan($board['uri']);
if(empty($delete))
if (empty($delete))
error($config['error']['nodelete']);
foreach($delete as &$id) {
foreach ($delete as &$id) {
$query = prepare(sprintf("SELECT `thread`, `time`,`password` FROM `posts_%s` WHERE `id` = :id", $board['uri']));
$query->bindValue(':id', $id, PDO::PARAM_INT);
$query->execute() or error(db_error($query));
if($post = $query->fetch()) {
if($password != '' && $post['password'] != $password)
if ($post = $query->fetch()) {
if ($password != '' && $post['password'] != $password)
error($config['error']['invalidpassword']);
if($post['time'] >= time() - $config['delete_time']) {
if ($post['time'] >= time() - $config['delete_time']) {
error(sprintf($config['error']['delete_too_soon'], until($post['time'] + $config['delete_time'])));
}
if(isset($_POST['file'])) {
if (isset($_POST['file'])) {
// Delete just the file
deleteFile($id);
} else {
@ -81,13 +81,13 @@ if(isset($_POST['delete'])) {
header('Location: ' . $root . $board['dir'] . $config['file_index'], true, $config['redirect_http']);
} elseif(isset($_POST['report'])) {
if(!isset($_POST['board'], $_POST['password'], $_POST['reason']))
} elseif (isset($_POST['report'])) {
if (!isset($_POST['board'], $_POST['password'], $_POST['reason']))
error($config['error']['bot']);
$report = array();
foreach($_POST as $post => $value) {
if(preg_match('/^delete_(\d+)$/', $post, $m)) {
foreach ($_POST as $post => $value) {
if (preg_match('/^delete_(\d+)$/', $post, $m)) {
$report[] = (int)$m[1];
}
}
@ -95,30 +95,30 @@ if(isset($_POST['delete'])) {
checkDNSBL();
// Check if board exists
if(!openBoard($_POST['board']))
if (!openBoard($_POST['board']))
error($config['error']['noboard']);
// Check if banned
checkBan($board['uri']);
if(empty($report))
if (empty($report))
error($config['error']['noreport']);
if(count($report) > $config['report_limit'])
if (count($report) > $config['report_limit'])
error($config['error']['toomanyreports']);
$reason = &$_POST['reason'];
markup($reason);
foreach($report as &$id) {
foreach ($report as &$id) {
$query = prepare(sprintf("SELECT `thread` FROM `posts_%s` WHERE `id` = :id", $board['uri']));
$query->bindValue(':id', $id, PDO::PARAM_INT);
$query->execute() or error(db_error($query));
$post = $query->fetch();
if($post) {
if($config['syslog'])
if ($post) {
if ($config['syslog'])
_syslog(LOG_INFO, 'Reported post: ' .
'/' . $board['dir'] . $config['dir']['res'] . sprintf($config['file_page'], $post['thread'] ? $post['thread'] : $id) . ($post['thread'] ? '#' . $id : '') .
' for "' . $reason . '"'
@ -137,65 +137,65 @@ if(isset($_POST['delete'])) {
$root = $is_mod ? $config['root'] . $config['file_mod'] . '?/' : $config['root'];
header('Location: ' . $root . $board['dir'] . $config['file_index'], true, $config['redirect_http']);
} elseif(isset($_POST['post'])) {
} elseif (isset($_POST['post'])) {
if(!isset($_POST['subject'], $_POST['body'], $_POST['board']))
if (!isset($_POST['subject'], $_POST['body'], $_POST['board']))
error($config['error']['bot']);
if(!isset($_POST['name']))
if (!isset($_POST['name']))
$_POST['name'] = $config['anonymous'];
if(!isset($_POST['email']))
if (!isset($_POST['email']))
$_POST['email'] = '';
if(!isset($_POST['password']))
if (!isset($_POST['password']))
$_POST['password'] = '';
$post = array('board' => $_POST['board']);
if(isset($_POST['thread'])) {
if (isset($_POST['thread'])) {
$post['op'] = false;
$post['thread'] = round($_POST['thread']);
} elseif($config['quick_reply'] && isset($_POST['quick-reply'])) {
} elseif ($config['quick_reply'] && isset($_POST['quick-reply'])) {
$post['op'] = false;
$post['thread'] = round($_POST['quick-reply']);
} else
$post['op'] = true;
if(!(($post['op'] && $_POST['post'] == $config['button_newtopic']) ||
if (!(($post['op'] && $_POST['post'] == $config['button_newtopic']) ||
(!$post['op'] && $_POST['post'] == $config['button_reply'])))
error($config['error']['bot']);
// Check the referrer
if(!isset($_SERVER['HTTP_REFERER']) || !preg_match($config['referer_match'], $_SERVER['HTTP_REFERER']))
if (!isset($_SERVER['HTTP_REFERER']) || !preg_match($config['referer_match'], $_SERVER['HTTP_REFERER']))
error($config['error']['referer']);
checkDNSBL();
// Check if board exists
if(!openBoard($post['board']))
if (!openBoard($post['board']))
error($config['error']['noboard']);
// Check if banned
checkBan($board['uri']);
// Check for CAPTCHA right after opening the board so the "return" link is in there
if($config['recaptcha']) {
if(!isset($_POST['recaptcha_challenge_field']) || !isset($_POST['recaptcha_response_field']))
if ($config['recaptcha']) {
if (!isset($_POST['recaptcha_challenge_field']) || !isset($_POST['recaptcha_response_field']))
error($config['error']['bot']);
// Check what reCAPTCHA has to say...
$resp = recaptcha_check_answer($config['recaptcha_private'],
$_SERVER['REMOTE_ADDR'],
$_POST['recaptcha_challenge_field'],
$_POST['recaptcha_response_field']);
if(!$resp->is_valid) {
if (!$resp->is_valid) {
error($config['error']['captcha']);
}
}
if($post['mod'] = isset($_POST['mod']) && $_POST['mod']) {
if ($post['mod'] = isset($_POST['mod']) && $_POST['mod']) {
require 'inc/mod.php';
if(!$mod) {
if (!$mod) {
// Liar. You're not a mod.
error($config['error']['notamod']);
}
@ -204,28 +204,28 @@ if(isset($_POST['delete'])) {
$post['locked'] = $post['op'] && isset($_POST['lock']);
$post['raw'] = isset($_POST['raw']);
if($post['sticky'] && !hasPermission($config['mod']['sticky'], $board['uri']))
if ($post['sticky'] && !hasPermission($config['mod']['sticky'], $board['uri']))
error($config['error']['noaccess']);
if($post['locked'] && !hasPermission($config['mod']['lock'], $board['uri']))
if ($post['locked'] && !hasPermission($config['mod']['lock'], $board['uri']))
error($config['error']['noaccess']);
if($post['raw'] && !hasPermission($config['mod']['rawhtml'], $board['uri']))
if ($post['raw'] && !hasPermission($config['mod']['rawhtml'], $board['uri']))
error($config['error']['noaccess']);
}
if(!$post['mod'] && checkSpam(array($board['uri'], isset($post['thread']) && !($config['quick_reply'] && isset($_POST['quick-reply'])) ? $post['thread'] : null)))
if (!$post['mod'] && checkSpam(array($board['uri'], isset($post['thread']) && !($config['quick_reply'] && isset($_POST['quick-reply'])) ? $post['thread'] : null)))
error($config['error']['spam']);
if($config['robot_enable'] && $config['robot_mute']) {
if ($config['robot_enable'] && $config['robot_mute']) {
checkMute();
}
//Check if thread exists
if(!$post['op']) {
if (!$post['op']) {
$query = prepare(sprintf("SELECT `sticky`,`locked`,`sage` FROM `posts_%s` WHERE `id` = :id AND `thread` IS NULL LIMIT 1", $board['uri']));
$query->bindValue(':id', $post['thread'], PDO::PARAM_INT);
$query->execute() or error(db_error());
if(!$thread = $query->fetch()) {
if (!$thread = $query->fetch()) {
// Non-existant
error($config['error']['nonexistant']);
}
@ -233,12 +233,12 @@ if(isset($_POST['delete'])) {
// Check for an embed field
if($config['enable_embedding'] && isset($_POST['embed']) && !empty($_POST['embed'])) {
if ($config['enable_embedding'] && isset($_POST['embed']) && !empty($_POST['embed'])) {
// yep; validate it
$value = $_POST['embed'];
foreach($config['embedding'] as &$embed) {
if($html = preg_replace($embed[0], $embed[1], $value)) {
if($html == $value) {
foreach ($config['embedding'] as &$embed) {
if ($html = preg_replace($embed[0], $embed[1], $value)) {
if ($html == $value) {
// Nope.
continue;
}
@ -254,25 +254,25 @@ if(isset($_POST['delete'])) {
break;
}
}
if(!isset($post['embed'])) {
if (!isset($post['embed'])) {
error($config['error']['invalid_embed']);
}
}
if(!hasPermission($config['mod']['bypass_field_disable'], $board['uri'])) {
if($config['field_disable_name'])
if (!hasPermission($config['mod']['bypass_field_disable'], $board['uri'])) {
if ($config['field_disable_name'])
$_POST['name'] = $config['anonymous']; // "forced anonymous"
if($config['field_disable_email'])
if ($config['field_disable_email'])
$_POST['email'] = '';
if($config['field_disable_password'])
if ($config['field_disable_password'])
$_POST['password'] = '';
}
// Check for a file
if($post['op'] && !isset($post['no_longer_require_an_image_for_op'])) {
if(!isset($_FILES['file']['tmp_name']) || $_FILES['file']['tmp_name'] == '' && $config['force_image_op'])
if ($post['op'] && !isset($post['no_longer_require_an_image_for_op'])) {
if (!isset($_FILES['file']['tmp_name']) || $_FILES['file']['tmp_name'] == '' && $config['force_image_op'])
error($config['error']['noimage']);
}
@ -283,26 +283,26 @@ if(isset($_POST['delete'])) {
$post['password'] = $_POST['password'];
$post['has_file'] = !isset($post['embed']) && (($post['op'] && !isset($post['no_longer_require_an_image_for_op']) && $config['force_image_op']) || (isset($_FILES['file']) && $_FILES['file']['tmp_name'] != ''));
if($post['has_file'])
if ($post['has_file'])
$post['filename'] = utf8tohtml(get_magic_quotes_gpc() ? stripslashes($_FILES['file']['name']) : $_FILES['file']['name']);
if(!($post['has_file'] || isset($post['embed'])) || (($post['op'] && $config['force_body_op']) || (!$post['op'] && $config['force_body']))) {
if (!($post['has_file'] || isset($post['embed'])) || (($post['op'] && $config['force_body_op']) || (!$post['op'] && $config['force_body']))) {
$stripped_whitespace = preg_replace('/[\s]/u', '', $post['body']);
if($stripped_whitespace == '') {
if ($stripped_whitespace == '') {
error($config['error']['tooshort_body']);
}
}
// Check if thread is locked
// but allow mods to post
if(!$post['op'] && !hasPermission($config['mod']['postinlocked'], $board['uri'])) {
if($thread['locked'])
if (!$post['op'] && !hasPermission($config['mod']['postinlocked'], $board['uri'])) {
if ($thread['locked'])
error($config['error']['locked']);
}
if($post['has_file']) {
if ($post['has_file']) {
$size = $_FILES['file']['size'];
if($size > $config['max_filesize'])
if ($size > $config['max_filesize'])
error(sprintf3($config['error']['filesize'], array(
'sz' => number_format($size),
'filesz' => number_format($size),
@ -310,8 +310,8 @@ if(isset($_POST['delete'])) {
)));
}
if($mod && $mod['type'] >= MOD && preg_match('/^((.+) )?## (.+)$/', $post['name'], $match)) {
if(($mod['type'] == MOD && $match[3] == 'Mod') || $mod['type'] >= ADMIN) {
if ($mod && $mod['type'] >= MOD && preg_match('/^((.+) )?## (.+)$/', $post['name'], $match)) {
if (($mod['type'] == MOD && $match[3] == 'Mod') || $mod['type'] >= ADMIN) {
$post['capcode'] = utf8tohtml($match[3]);
$post['name'] = $match[2] != '' ? $match[2] : $config['anonymous'];
}
@ -323,14 +323,14 @@ if(isset($_POST['delete'])) {
$post['name'] = $trip[0];
$post['trip'] = isset($trip[1]) ? $trip[1] : '';
if(strtolower($post['email']) == 'noko') {
if (strtolower($post['email']) == 'noko') {
$noko = true;
$post['email'] = '';
} else $noko = false;
if($post['has_file']) {
if ($post['has_file']) {
$post['extension'] = strtolower(substr($post['filename'], strrpos($post['filename'], '.') + 1));
if(isset($config['filename_func']))
if (isset($config['filename_func']))
$post['file_id'] = $config['filename_func']($post);
else
$post['file_id'] = time() . substr(microtime(), 2, 3);
@ -340,26 +340,26 @@ if(isset($_POST['delete'])) {
}
// Check string lengths
if(mb_strlen($post['name']) > 35)
if (mb_strlen($post['name']) > 35)
error(sprintf($config['error']['toolong'], 'name'));
if(mb_strlen($post['email']) > 40)
if (mb_strlen($post['email']) > 40)
error(sprintf($config['error']['toolong'], 'email'));
if(mb_strlen($post['subject']) > 100)
if (mb_strlen($post['subject']) > 100)
error(sprintf($config['error']['toolong'], 'subject'));
if(!$mod && mb_strlen($post['body']) > $config['max_body'])
if (!$mod && mb_strlen($post['body']) > $config['max_body'])
error($config['error']['toolong_body']);
if(mb_strlen($post['password']) > 20)
if (mb_strlen($post['password']) > 20)
error(sprintf($config['error']['toolong'], 'password'));
wordfilters($post['body']);
$post['body_nomarkup'] = $post['body'];
if(!($mod && isset($post['raw']) && $post['raw']))
if (!($mod && isset($post['raw']) && $post['raw']))
$post['tracked_cites'] = markup($post['body'], true);
// Check for a flood
if(!hasPermission($config['mod']['flood'], $board['uri']) && checkFlood($post)) {
if (!hasPermission($config['mod']['flood'], $board['uri']) && checkFlood($post)) {
error($config['error']['flood']);
}
@ -367,8 +367,8 @@ if(isset($_POST['delete'])) {
do_filters($post);
if($post['has_file']) {
if(!in_array($post['extension'], $config['allowed_ext']) && !in_array($post['extension'], $config['allowed_ext_files']))
if ($post['has_file']) {
if (!in_array($post['extension'], $config['allowed_ext']) && !in_array($post['extension'], $config['allowed_ext_files']))
error($config['error']['unknownext']);
$is_an_image = !in_array($post['extension'], $config['allowed_ext_files']);
@ -378,23 +378,23 @@ if(isset($_POST['delete'])) {
$upload = $_FILES['file']['tmp_name'];
if(!is_readable($upload))
if (!is_readable($upload))
error($config['error']['nomove']);
$post['filehash'] = $config['file_hash']($upload);
$post['filesize'] = filesize($upload);
if($is_an_image) {
if ($is_an_image) {
// Check IE MIME type detection XSS exploit
$buffer = file_get_contents($upload, null, null, null, 255);
if(preg_match($config['ie_mime_type_detection'], $buffer)) {
if (preg_match($config['ie_mime_type_detection'], $buffer)) {
undoImage($post);
error($config['error']['mime_exploit']);
}
require_once 'inc/image.php';
if($config['thumb_method'] == 'imagick') {
if ($config['thumb_method'] == 'imagick') {
// This is tricky, because Imagick won't let us find
// an image's dimensions without loading it all into
// memory first, unlike GD which provides the
@ -405,8 +405,8 @@ if(isset($_POST['delete'])) {
// PHP's memory limit.
// first try GD's getimagesize()
if($size = @getimagesize($upload)) {
if($size[0] > $config['max_width'] || $size[1] > $config['max_height']) {
if ($size = @getimagesize($upload)) {
if ($size[0] > $config['max_width'] || $size[1] > $config['max_height']) {
error($config['error']['maxsize']);
}
@ -416,10 +416,10 @@ if(isset($_POST['delete'])) {
}
} else {
// find dimensions of an image using GD
if(!$size = @getimagesize($upload)) {
if (!$size = @getimagesize($upload)) {
error($config['error']['invalidimg']);
}
if($size[0] > $config['max_width'] || $size[1] > $config['max_height']) {
if ($size[0] > $config['max_width'] || $size[1] > $config['max_height']) {
error($config['error']['maxsize']);
}
}
@ -427,7 +427,7 @@ if(isset($_POST['delete'])) {
// create image object
$image = new Image($upload, $post['extension']);
if($image->size->width > $config['max_width'] || $image->size->height > $config['max_height']) {
if ($image->size->width > $config['max_width'] || $image->size->height > $config['max_height']) {
$image->delete();
error($config['error']['maxsize']);
}
@ -435,13 +435,13 @@ if(isset($_POST['delete'])) {
$post['width'] = $image->size->width;
$post['height'] = $image->size->height;
if($config['spoiler_images'] && isset($_POST['spoiler'])) {
if ($config['spoiler_images'] && isset($_POST['spoiler'])) {
$post['thumb'] = 'spoiler';
$size = @getimagesize($config['spoiler_image']);
$post['thumbwidth'] = $size[0];
$post['thumbheight'] = $size[1];
} elseif($config['minimum_copy_resize'] &&
} elseif ($config['minimum_copy_resize'] &&
$image->size->width <= $config['thumb_width'] &&
$image->size->height <= $config['thumb_height'] &&
$post['extension'] == ($config['thumb_ext'] ? $config['thumb_ext'] : $post['extension'])) {
@ -466,10 +466,10 @@ if(isset($_POST['delete'])) {
$thumb->_destroy();
}
if($config['redraw_image']) {
if ($config['redraw_image']) {
$image->to($post['file']);
} else {
if(!@move_uploaded_file($_FILES['file']['tmp_name'], $post['file']))
if (!@move_uploaded_file($_FILES['file']['tmp_name'], $post['file']))
error($config['error']['nomove']);
}
$image->destroy();
@ -485,7 +485,7 @@ if(isset($_POST['delete'])) {
}
}
if($post['has_file'] && $config['image_reject_repost'] && $p = getPostByHash($post['filehash'])) {
if ($post['has_file'] && $config['image_reject_repost'] && $p = getPostByHash($post['filehash'])) {
undoImage($post);
error(sprintf($config['error']['fileexists'],
$post['mod'] ? $config['root'] . $config['file_mod'] . '?/' : $config['root'] .
@ -498,9 +498,9 @@ if(isset($_POST['delete'])) {
));
}
if(!hasPermission($config['mod']['postunoriginal'], $board['uri']) && $config['robot_enable'] && checkRobot($post['body_nomarkup'])) {
if (!hasPermission($config['mod']['postunoriginal'], $board['uri']) && $config['robot_enable'] && checkRobot($post['body_nomarkup'])) {
undoImage($post);
if($config['robot_mute']) {
if ($config['robot_mute']) {
error(sprintf($config['error']['muted'], mute()));
} else {
error($config['error']['unoriginal']);
@ -508,15 +508,15 @@ if(isset($_POST['delete'])) {
}
// Remove board directories before inserting them into the database.
if($post['has_file']) {
if ($post['has_file']) {
$post['file_path'] = $post['file'];
$post['file'] = substr_replace($post['file'], '', 0, mb_strlen($board['dir'] . $config['dir']['img']));
if($is_an_image && $post['thumb'] != 'spoiler')
if ($is_an_image && $post['thumb'] != 'spoiler')
$post['thumb'] = substr_replace($post['thumb'], '', 0, mb_strlen($board['dir'] . $config['dir']['thumb']));
}
$post = (object)$post;
if($error = event('post', $post)) {
if ($error = event('post', $post)) {
undoImage((array)$post);
error($error);
}
@ -524,8 +524,8 @@ if(isset($_POST['delete'])) {
$id = post($post);
if(isset($post['tracked_cites'])) {
foreach($post['tracked_cites'] as $cite) {
if (isset($post['tracked_cites'])) {
foreach ($post['tracked_cites'] as $cite) {
$query = prepare('INSERT INTO `cites` VALUES (:board, :post, :target_board, :target)');
$query->bindValue(':board', $board['uri']);
$query->bindValue(':post', $id, PDO::PARAM_INT);
@ -537,20 +537,20 @@ if(isset($_POST['delete'])) {
buildThread($post['op'] ? $id : $post['thread']);
if(!$post['op'] && strtolower($post['email']) != 'sage' && !$thread['sage'] && ($config['reply_limit'] == 0 || numPosts($post['thread']) < $config['reply_limit'])) {
if (!$post['op'] && strtolower($post['email']) != 'sage' && !$thread['sage'] && ($config['reply_limit'] == 0 || numPosts($post['thread']) < $config['reply_limit'])) {
bumpThread($post['thread']);
}
if($post['op'])
if ($post['op'])
clean();
event('post-after', $post);
buildIndex();
if(isset($_SERVER['HTTP_REFERER'])) {
if (isset($_SERVER['HTTP_REFERER'])) {
// Tell Javascript that we posted successfully
if(isset($_COOKIE[$config['cookies']['js']]))
if (isset($_COOKIE[$config['cookies']['js']]))
$js = json_decode($_COOKIE[$config['cookies']['js']]);
else
$js = (object) array();
@ -562,7 +562,7 @@ if(isset($_POST['delete'])) {
$root = $post['mod'] ? $config['root'] . $config['file_mod'] . '?/' : $config['root'];
if($config['always_noko'] || $noko) {
if ($config['always_noko'] || $noko) {
$redirect = $root . $board['dir'] . $config['dir']['res'] .
sprintf($config['file_page'], $post['op'] ? $id:$post['thread']) . (!$post['op'] ? '#' . $id : '');
} else {
@ -570,14 +570,14 @@ if(isset($_POST['delete'])) {
}
if($config['syslog'])
if ($config['syslog'])
_syslog(LOG_INFO, 'New post: /' . $board['dir'] . $config['dir']['res'] .
sprintf($config['file_page'], $post['op'] ? $id : $post['thread']) . (!$$post['op'] ? '#' . $id : ''));
rebuildThemes('post');
header('Location: ' . $redirect, true, $config['redirect_http']);
} else {
if(!file_exists($config['has_installed'])) {
if (!file_exists($config['has_installed'])) {
header('Location: install.php', true, $config['redirect_http']);
} else {
// They opened post.php in their browser manually.