mirror of
https://github.com/vichan-devel/vichan.git
synced 2024-11-27 17:00:52 +01:00
code cleanup
This commit is contained in:
parent
da52307c67
commit
51675e7a9b
@ -4,7 +4,7 @@
|
|||||||
* Copyright (c) 2010-2012 Tinyboard Development Group
|
* Copyright (c) 2010-2012 Tinyboard Development Group
|
||||||
*/
|
*/
|
||||||
|
|
||||||
if(realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {
|
if (realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {
|
||||||
// You cannot request this file directly.
|
// You cannot request this file directly.
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
@ -16,9 +16,9 @@ class AntiBot {
|
|||||||
|
|
||||||
public static function randomString($length, $uppercase = false, $special_chars = false) {
|
public static function randomString($length, $uppercase = false, $special_chars = false) {
|
||||||
$chars = 'abcdefghijklmnopqrstuvwxyz0123456789';
|
$chars = 'abcdefghijklmnopqrstuvwxyz0123456789';
|
||||||
if($uppercase)
|
if ($uppercase)
|
||||||
$chars .= 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
|
$chars .= 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
|
||||||
if($special_chars)
|
if ($special_chars)
|
||||||
$chars .= ' ~!@#$%^&*()_+,./;\'[]\\{}|:"<>?=-` ';
|
$chars .= ' ~!@#$%^&*()_+,./;\'[]\\{}|:"<>?=-` ';
|
||||||
|
|
||||||
$chars = str_split($chars);
|
$chars = str_split($chars);
|
||||||
@ -26,15 +26,15 @@ class AntiBot {
|
|||||||
$ch = array();
|
$ch = array();
|
||||||
|
|
||||||
// fill up $ch until we reach $length
|
// fill up $ch until we reach $length
|
||||||
while(count($ch) < $length) {
|
while (count($ch) < $length) {
|
||||||
$n = $length - count($ch);
|
$n = $length - count($ch);
|
||||||
$keys = array_rand($chars, $n > count($chars) ? count($chars) : $n);
|
$keys = array_rand($chars, $n > count($chars) ? count($chars) : $n);
|
||||||
if($n == 1) {
|
if ($n == 1) {
|
||||||
$ch[] = $chars[$keys];
|
$ch[] = $chars[$keys];
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
shuffle($keys);
|
shuffle($keys);
|
||||||
foreach($keys as $key)
|
foreach ($keys as $key)
|
||||||
$ch[] = $chars[$key];
|
$ch[] = $chars[$key];
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -46,8 +46,8 @@ class AntiBot {
|
|||||||
public static function make_confusing($string) {
|
public static function make_confusing($string) {
|
||||||
$chars = str_split($string);
|
$chars = str_split($string);
|
||||||
|
|
||||||
foreach($chars as &$c) {
|
foreach ($chars as &$c) {
|
||||||
if(rand(0, 2) != 0)
|
if (rand(0, 2) != 0)
|
||||||
continue;
|
continue;
|
||||||
$c = mb_encode_numericentity($c, array(0, 0xffff, 0, 0xffff), 'UTF-8');
|
$c = mb_encode_numericentity($c, array(0, 0xffff, 0, 0xffff), 'UTF-8');
|
||||||
}
|
}
|
||||||
@ -58,7 +58,7 @@ class AntiBot {
|
|||||||
public function __construct(array $salt = array()) {
|
public function __construct(array $salt = array()) {
|
||||||
global $config;
|
global $config;
|
||||||
|
|
||||||
if(!empty($salt)) {
|
if (!empty($salt)) {
|
||||||
// create a salted hash of the "extra salt"
|
// create a salted hash of the "extra salt"
|
||||||
$this->salt = implode(':', $salt);
|
$this->salt = implode(':', $salt);
|
||||||
} else {
|
} else {
|
||||||
@ -70,21 +70,21 @@ class AntiBot {
|
|||||||
$input_count = rand($config['spam']['hidden_inputs_min'], $config['spam']['hidden_inputs_max']);
|
$input_count = rand($config['spam']['hidden_inputs_min'], $config['spam']['hidden_inputs_max']);
|
||||||
$hidden_input_names_x = 0;
|
$hidden_input_names_x = 0;
|
||||||
|
|
||||||
for($x = 0; $x < $input_count ; $x++) {
|
for ($x = 0; $x < $input_count ; $x++) {
|
||||||
if($hidden_input_names_x === false || rand(0, 2) == 0) {
|
if ($hidden_input_names_x === false || rand(0, 2) == 0) {
|
||||||
// Use an obscure name
|
// Use an obscure name
|
||||||
$name = $this->randomString(rand(10, 40));
|
$name = $this->randomString(rand(10, 40));
|
||||||
} else {
|
} else {
|
||||||
// Use a pre-defined confusing name
|
// Use a pre-defined confusing name
|
||||||
$name = $config['spam']['hidden_input_names'][$hidden_input_names_x++];
|
$name = $config['spam']['hidden_input_names'][$hidden_input_names_x++];
|
||||||
if($hidden_input_names_x >= count($config['spam']['hidden_input_names']))
|
if ($hidden_input_names_x >= count($config['spam']['hidden_input_names']))
|
||||||
$hidden_input_names_x = false;
|
$hidden_input_names_x = false;
|
||||||
}
|
}
|
||||||
|
|
||||||
if(rand(0, 2) == 0) {
|
if (rand(0, 2) == 0) {
|
||||||
// Value must be null
|
// Value must be null
|
||||||
$this->inputs[$name] = '';
|
$this->inputs[$name] = '';
|
||||||
} elseif(rand(0, 4) == 0) {
|
} elseif (rand(0, 4) == 0) {
|
||||||
// Numeric value
|
// Numeric value
|
||||||
$this->inputs[$name] = (string)rand(0, 100);
|
$this->inputs[$name] = (string)rand(0, 100);
|
||||||
} else {
|
} else {
|
||||||
@ -111,11 +111,11 @@ class AntiBot {
|
|||||||
|
|
||||||
$html = '';
|
$html = '';
|
||||||
|
|
||||||
if($count === false) {
|
if ($count === false) {
|
||||||
$count = rand(1, count($this->inputs) / 15);
|
$count = rand(1, count($this->inputs) / 15);
|
||||||
}
|
}
|
||||||
|
|
||||||
if($count === true) {
|
if ($count === true) {
|
||||||
// all elements
|
// all elements
|
||||||
$inputs = array_slice($this->inputs, $this->index);
|
$inputs = array_slice($this->inputs, $this->index);
|
||||||
} else {
|
} else {
|
||||||
@ -123,11 +123,11 @@ class AntiBot {
|
|||||||
}
|
}
|
||||||
$this->index += count($inputs);
|
$this->index += count($inputs);
|
||||||
|
|
||||||
foreach($inputs as $name => $value) {
|
foreach ($inputs as $name => $value) {
|
||||||
$element = false;
|
$element = false;
|
||||||
while(!$element) {
|
while (!$element) {
|
||||||
$element = $elements[array_rand($elements)];
|
$element = $elements[array_rand($elements)];
|
||||||
if(strpos($element, 'textarea') !== false && $value == '') {
|
if (strpos($element, 'textarea') !== false && $value == '') {
|
||||||
// There have been some issues with mobile web browsers and empty <textarea>'s.
|
// There have been some issues with mobile web browsers and empty <textarea>'s.
|
||||||
$element = false;
|
$element = false;
|
||||||
}
|
}
|
||||||
@ -135,12 +135,12 @@ class AntiBot {
|
|||||||
|
|
||||||
$element = str_replace('%name%', utf8tohtml($name), $element);
|
$element = str_replace('%name%', utf8tohtml($name), $element);
|
||||||
|
|
||||||
if(rand(0, 2) == 0)
|
if (rand(0, 2) == 0)
|
||||||
$value = $this->make_confusing($value);
|
$value = $this->make_confusing($value);
|
||||||
else
|
else
|
||||||
$value = utf8tohtml($value);
|
$value = utf8tohtml($value);
|
||||||
|
|
||||||
if(strpos($element, 'textarea') === false)
|
if (strpos($element, 'textarea') === false)
|
||||||
$value = str_replace('"', '"', $value);
|
$value = str_replace('"', '"', $value);
|
||||||
|
|
||||||
$element = str_replace('%value%', $value, $element);
|
$element = str_replace('%value%', $value, $element);
|
||||||
@ -161,7 +161,7 @@ class AntiBot {
|
|||||||
|
|
||||||
$hash = '';
|
$hash = '';
|
||||||
// Iterate through each input
|
// Iterate through each input
|
||||||
foreach($inputs as $name => $value) {
|
foreach ($inputs as $name => $value) {
|
||||||
$hash .= $name . '=' . $value;
|
$hash .= $name . '=' . $value;
|
||||||
}
|
}
|
||||||
// Add a salt to the hash
|
// Add a salt to the hash
|
||||||
@ -179,13 +179,13 @@ function _create_antibot($board, $thread) {
|
|||||||
|
|
||||||
query('DELETE FROM `antispam` WHERE `expires` < UNIX_TIMESTAMP()') or error(db_error());
|
query('DELETE FROM `antispam` WHERE `expires` < UNIX_TIMESTAMP()') or error(db_error());
|
||||||
|
|
||||||
if($thread)
|
if ($thread)
|
||||||
$query = prepare('UPDATE `antispam` SET `expires` = UNIX_TIMESTAMP() + :expires WHERE `board` = :board AND `thread` = :thread');
|
$query = prepare('UPDATE `antispam` SET `expires` = UNIX_TIMESTAMP() + :expires WHERE `board` = :board AND `thread` = :thread');
|
||||||
else
|
else
|
||||||
$query = prepare('UPDATE `antispam` SET `expires` = UNIX_TIMESTAMP() + :expires WHERE `board` = :board AND `thread` IS NULL');
|
$query = prepare('UPDATE `antispam` SET `expires` = UNIX_TIMESTAMP() + :expires WHERE `board` = :board AND `thread` IS NULL');
|
||||||
|
|
||||||
$query->bindValue(':board', $board);
|
$query->bindValue(':board', $board);
|
||||||
if($thread)
|
if ($thread)
|
||||||
$query->bindValue(':thread', $thread);
|
$query->bindValue(':thread', $thread);
|
||||||
$query->bindValue(':expires', $config['spam']['hidden_inputs_expire']);
|
$query->bindValue(':expires', $config['spam']['hidden_inputs_expire']);
|
||||||
$query->execute() or error(db_error($query));
|
$query->execute() or error(db_error($query));
|
||||||
@ -196,7 +196,7 @@ function _create_antibot($board, $thread) {
|
|||||||
$query->bindValue(':hash', $antibot->hash());
|
$query->bindValue(':hash', $antibot->hash());
|
||||||
$query->execute() or error(db_error($query));
|
$query->execute() or error(db_error($query));
|
||||||
|
|
||||||
if($query->rowCount() == 0) {
|
if ($query->rowCount() == 0) {
|
||||||
// there was no database entry for this hash. most likely expired.
|
// there was no database entry for this hash. most likely expired.
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
@ -207,12 +207,12 @@ function _create_antibot($board, $thread) {
|
|||||||
function checkSpam(array $extra_salt = array()) {
|
function checkSpam(array $extra_salt = array()) {
|
||||||
global $config, $pdo;
|
global $config, $pdo;
|
||||||
|
|
||||||
if(!isset($_POST['hash']))
|
if (!isset($_POST['hash']))
|
||||||
return true;
|
return true;
|
||||||
|
|
||||||
$hash = $_POST['hash'];
|
$hash = $_POST['hash'];
|
||||||
|
|
||||||
if(!empty($extra_salt)) {
|
if (!empty($extra_salt)) {
|
||||||
// create a salted hash of the "extra salt"
|
// create a salted hash of the "extra salt"
|
||||||
$extra_salt = implode(':', $extra_salt);
|
$extra_salt = implode(':', $extra_salt);
|
||||||
} else {
|
} else {
|
||||||
@ -222,8 +222,8 @@ function checkSpam(array $extra_salt = array()) {
|
|||||||
// Reconsturct the $inputs array
|
// Reconsturct the $inputs array
|
||||||
$inputs = array();
|
$inputs = array();
|
||||||
|
|
||||||
foreach($_POST as $name => $value) {
|
foreach ($_POST as $name => $value) {
|
||||||
if(in_array($name, $config['spam']['valid_inputs']))
|
if (in_array($name, $config['spam']['valid_inputs']))
|
||||||
continue;
|
continue;
|
||||||
|
|
||||||
$inputs[$name] = $value;
|
$inputs[$name] = $value;
|
||||||
@ -235,7 +235,7 @@ function checkSpam(array $extra_salt = array()) {
|
|||||||
$_hash = '';
|
$_hash = '';
|
||||||
|
|
||||||
// Iterate through each input
|
// Iterate through each input
|
||||||
foreach($inputs as $name => $value) {
|
foreach ($inputs as $name => $value) {
|
||||||
$_hash .= $name . '=' . $value;
|
$_hash .= $name . '=' . $value;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -245,13 +245,13 @@ function checkSpam(array $extra_salt = array()) {
|
|||||||
// Use SHA1 for the hash
|
// Use SHA1 for the hash
|
||||||
$_hash = sha1($_hash . $extra_salt);
|
$_hash = sha1($_hash . $extra_salt);
|
||||||
|
|
||||||
if($hash != $_hash)
|
if ($hash != $_hash)
|
||||||
return true;
|
return true;
|
||||||
|
|
||||||
$query = prepare('UPDATE `antispam` SET `passed` = `passed` + 1 WHERE `hash` = CRC32(:hash)');
|
$query = prepare('UPDATE `antispam` SET `passed` = `passed` + 1 WHERE `hash` = CRC32(:hash)');
|
||||||
$query->bindValue(':hash', $hash);
|
$query->bindValue(':hash', $hash);
|
||||||
$query->execute() or error(db_error($query));
|
$query->execute() or error(db_error($query));
|
||||||
if($query->rowCount() == 0) {
|
if ($query->rowCount() == 0) {
|
||||||
// there was no database entry for this hash. most likely expired.
|
// there was no database entry for this hash. most likely expired.
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
@ -261,7 +261,7 @@ function checkSpam(array $extra_salt = array()) {
|
|||||||
$query->execute() or error(db_error($query));
|
$query->execute() or error(db_error($query));
|
||||||
$passed = $query->fetchColumn(0);
|
$passed = $query->fetchColumn(0);
|
||||||
|
|
||||||
if($passed > $config['spam']['hidden_inputs_max_pass'])
|
if ($passed > $config['spam']['hidden_inputs_max_pass'])
|
||||||
return true;
|
return true;
|
||||||
|
|
||||||
return false;
|
return false;
|
||||||
|
@ -4,7 +4,7 @@
|
|||||||
* Copyright (c) 2010-2012 Tinyboard Development Group
|
* Copyright (c) 2010-2012 Tinyboard Development Group
|
||||||
*/
|
*/
|
||||||
|
|
||||||
if(realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {
|
if (realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {
|
||||||
// You cannot request this file directly.
|
// You cannot request this file directly.
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
@ -14,7 +14,7 @@ class Cache {
|
|||||||
public static function init() {
|
public static function init() {
|
||||||
global $config;
|
global $config;
|
||||||
|
|
||||||
switch($config['cache']['enabled']) {
|
switch ($config['cache']['enabled']) {
|
||||||
case 'memcached':
|
case 'memcached':
|
||||||
self::$cache = new Memcached();
|
self::$cache = new Memcached();
|
||||||
self::$cache->addServers($config['cache']['memcached']);
|
self::$cache->addServers($config['cache']['memcached']);
|
||||||
@ -30,9 +30,9 @@ class Cache {
|
|||||||
$key = $config['cache']['prefix'] . $key;
|
$key = $config['cache']['prefix'] . $key;
|
||||||
|
|
||||||
$data = false;
|
$data = false;
|
||||||
switch($config['cache']['enabled']) {
|
switch ($config['cache']['enabled']) {
|
||||||
case 'memcached':
|
case 'memcached':
|
||||||
if(!self::$cache)
|
if (!self::$cache)
|
||||||
self::init();
|
self::init();
|
||||||
$data = self::$cache->get($key);
|
$data = self::$cache->get($key);
|
||||||
break;
|
break;
|
||||||
@ -48,7 +48,7 @@ class Cache {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// debug
|
// debug
|
||||||
if($data && $config['debug']) {
|
if ($data && $config['debug']) {
|
||||||
$debug['cached'][] = $key;
|
$debug['cached'][] = $key;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -59,12 +59,12 @@ class Cache {
|
|||||||
|
|
||||||
$key = $config['cache']['prefix'] . $key;
|
$key = $config['cache']['prefix'] . $key;
|
||||||
|
|
||||||
if(!$expires)
|
if (!$expires)
|
||||||
$expires = $config['cache']['timeout'];
|
$expires = $config['cache']['timeout'];
|
||||||
|
|
||||||
switch($config['cache']['enabled']) {
|
switch ($config['cache']['enabled']) {
|
||||||
case 'memcached':
|
case 'memcached':
|
||||||
if(!self::$cache)
|
if (!self::$cache)
|
||||||
self::init();
|
self::init();
|
||||||
self::$cache->set($key, $value, $expires);
|
self::$cache->set($key, $value, $expires);
|
||||||
break;
|
break;
|
||||||
@ -84,9 +84,9 @@ class Cache {
|
|||||||
|
|
||||||
$key = $config['cache']['prefix'] . $key;
|
$key = $config['cache']['prefix'] . $key;
|
||||||
|
|
||||||
switch($config['cache']['enabled']) {
|
switch ($config['cache']['enabled']) {
|
||||||
case 'memcached':
|
case 'memcached':
|
||||||
if(!self::$cache)
|
if (!self::$cache)
|
||||||
self::init();
|
self::init();
|
||||||
self::$cache->delete($key);
|
self::$cache->delete($key);
|
||||||
break;
|
break;
|
||||||
@ -104,9 +104,9 @@ class Cache {
|
|||||||
public static function flush() {
|
public static function flush() {
|
||||||
global $config;
|
global $config;
|
||||||
|
|
||||||
switch($config['cache']['enabled']) {
|
switch ($config['cache']['enabled']) {
|
||||||
case 'memcached':
|
case 'memcached':
|
||||||
if(!self::$cache)
|
if (!self::$cache)
|
||||||
self::init();
|
self::init();
|
||||||
return self::$cache->flush();
|
return self::$cache->flush();
|
||||||
case 'apc':
|
case 'apc':
|
||||||
|
@ -156,11 +156,11 @@
|
|||||||
// $octets = explode('.', $ip);
|
// $octets = explode('.', $ip);
|
||||||
//
|
//
|
||||||
// // days since last activity
|
// // days since last activity
|
||||||
// if($octets[1] > 14)
|
// if ($octets[1] > 14)
|
||||||
// return false;
|
// return false;
|
||||||
//
|
//
|
||||||
// // "threat score" (http://www.projecthoneypot.org/threat_info.php)
|
// // "threat score" (http://www.projecthoneypot.org/threat_info.php)
|
||||||
// if($octets[2] < 5)
|
// if ($octets[2] < 5)
|
||||||
// return false;
|
// return false;
|
||||||
//
|
//
|
||||||
// return true;
|
// return true;
|
||||||
@ -696,7 +696,7 @@
|
|||||||
|
|
||||||
// The root directory, including the trailing slash, for Tinyboard.
|
// The root directory, including the trailing slash, for Tinyboard.
|
||||||
// examples: '/', 'http://boards.chan.org/', '/chan/'
|
// examples: '/', 'http://boards.chan.org/', '/chan/'
|
||||||
if(isset($_SERVER['REQUEST_URI']))
|
if (isset($_SERVER['REQUEST_URI']))
|
||||||
$config['root'] = (str_replace('\\', '/', dirname($_SERVER['REQUEST_URI'])) == '/' ? '/' : str_replace('\\', '/', dirname($_SERVER['REQUEST_URI'])) . '/');
|
$config['root'] = (str_replace('\\', '/', dirname($_SERVER['REQUEST_URI'])) == '/' ? '/' : str_replace('\\', '/', dirname($_SERVER['REQUEST_URI'])) . '/');
|
||||||
else
|
else
|
||||||
$config['root'] = '/'; // CLI mode
|
$config['root'] = '/'; // CLI mode
|
||||||
@ -855,7 +855,7 @@
|
|||||||
$config['mod']['snippet_length'] = 75;
|
$config['mod']['snippet_length'] = 75;
|
||||||
|
|
||||||
// Probably best not to change these:
|
// Probably best not to change these:
|
||||||
if(!defined('JANITOR')) {
|
if (!defined('JANITOR')) {
|
||||||
define('JANITOR', 0, true);
|
define('JANITOR', 0, true);
|
||||||
define('MOD', 1, true);
|
define('MOD', 1, true);
|
||||||
define('ADMIN', 2, true);
|
define('ADMIN', 2, true);
|
||||||
|
@ -4,7 +4,7 @@
|
|||||||
* Copyright (c) 2010-2012 Tinyboard Development Group
|
* Copyright (c) 2010-2012 Tinyboard Development Group
|
||||||
*/
|
*/
|
||||||
|
|
||||||
if(realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {
|
if (realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {
|
||||||
// You cannot request this file directly.
|
// You cannot request this file directly.
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
@ -21,13 +21,13 @@ class PreparedQueryDebug {
|
|||||||
public function __call($function, $args) {
|
public function __call($function, $args) {
|
||||||
global $config, $debug;
|
global $config, $debug;
|
||||||
|
|
||||||
if($config['debug'] && $function == 'execute') {
|
if ($config['debug'] && $function == 'execute') {
|
||||||
$start = microtime(true);
|
$start = microtime(true);
|
||||||
}
|
}
|
||||||
|
|
||||||
$return = call_user_func_array(array($this->query, $function), $args);
|
$return = call_user_func_array(array($this->query, $function), $args);
|
||||||
|
|
||||||
if($config['debug'] && $function == 'execute') {
|
if ($config['debug'] && $function == 'execute') {
|
||||||
$time = round((microtime(true) - $start) * 1000, 2) . 'ms';
|
$time = round((microtime(true) - $start) * 1000, 2) . 'ms';
|
||||||
|
|
||||||
$debug['sql'][] = Array(
|
$debug['sql'][] = Array(
|
||||||
@ -43,15 +43,15 @@ class PreparedQueryDebug {
|
|||||||
|
|
||||||
function sql_open() {
|
function sql_open() {
|
||||||
global $pdo, $config;
|
global $pdo, $config;
|
||||||
if($pdo) return true;
|
if ($pdo) return true;
|
||||||
|
|
||||||
$dsn = $config['db']['type'] . ':host=' . $config['db']['server'] . ';dbname=' . $config['db']['database'];
|
$dsn = $config['db']['type'] . ':host=' . $config['db']['server'] . ';dbname=' . $config['db']['database'];
|
||||||
if(!empty($config['db']['dsn']))
|
if (!empty($config['db']['dsn']))
|
||||||
$dsn .= ';' . $config['db']['dsn'];
|
$dsn .= ';' . $config['db']['dsn'];
|
||||||
try {
|
try {
|
||||||
$options = Array(PDO::ATTR_TIMEOUT => $config['db']['timeout']);
|
$options = Array(PDO::ATTR_TIMEOUT => $config['db']['timeout']);
|
||||||
$options = Array(PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8');
|
$options = Array(PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8');
|
||||||
if($config['db']['persistent'])
|
if ($config['db']['persistent'])
|
||||||
$options[PDO::ATTR_PERSISTENT] = true;
|
$options[PDO::ATTR_PERSISTENT] = true;
|
||||||
return $pdo = new PDO($dsn, $config['db']['user'], $config['db']['password'], $options);
|
return $pdo = new PDO($dsn, $config['db']['user'], $config['db']['password'], $options);
|
||||||
} catch(PDOException $e) {
|
} catch(PDOException $e) {
|
||||||
@ -71,7 +71,7 @@ function prepare($query) {
|
|||||||
|
|
||||||
sql_open();
|
sql_open();
|
||||||
|
|
||||||
if($config['debug'])
|
if ($config['debug'])
|
||||||
return new PreparedQueryDebug($query);
|
return new PreparedQueryDebug($query);
|
||||||
return $pdo->prepare($query);
|
return $pdo->prepare($query);
|
||||||
}
|
}
|
||||||
@ -81,10 +81,10 @@ function query($query) {
|
|||||||
|
|
||||||
sql_open();
|
sql_open();
|
||||||
|
|
||||||
if($config['debug']) {
|
if ($config['debug']) {
|
||||||
$start = microtime(true);
|
$start = microtime(true);
|
||||||
$query = $pdo->query($query);
|
$query = $pdo->query($query);
|
||||||
if(!$query)
|
if (!$query)
|
||||||
return false;
|
return false;
|
||||||
$time = round((microtime(true) - $start) * 1000, 2) . 'ms';
|
$time = round((microtime(true) - $start) * 1000, 2) . 'ms';
|
||||||
$debug['sql'][] = Array(
|
$debug['sql'][] = Array(
|
||||||
@ -100,7 +100,7 @@ function query($query) {
|
|||||||
|
|
||||||
function db_error($PDOStatement=null) {
|
function db_error($PDOStatement=null) {
|
||||||
global $pdo;
|
global $pdo;
|
||||||
if(isset($PDOStatement)) {
|
if (isset($PDOStatement)) {
|
||||||
$err = $PDOStatement->errorInfo();
|
$err = $PDOStatement->errorInfo();
|
||||||
return $err[2];
|
return $err[2];
|
||||||
} else {
|
} else {
|
||||||
|
114
inc/display.php
114
inc/display.php
@ -4,7 +4,7 @@
|
|||||||
* Copyright (c) 2010-2012 Tinyboard Development Group
|
* Copyright (c) 2010-2012 Tinyboard Development Group
|
||||||
*/
|
*/
|
||||||
|
|
||||||
if(realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {
|
if (realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {
|
||||||
// You cannot request this file directly.
|
// You cannot request this file directly.
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
@ -23,11 +23,11 @@ function doBoardListPart($list, $root) {
|
|||||||
global $config;
|
global $config;
|
||||||
|
|
||||||
$body = '';
|
$body = '';
|
||||||
foreach($list as $board) {
|
foreach ($list as $board) {
|
||||||
if(is_array($board))
|
if (is_array($board))
|
||||||
$body .= ' [' . doBoardListPart($board, $root) . '] ';
|
$body .= ' [' . doBoardListPart($board, $root) . '] ';
|
||||||
else {
|
else {
|
||||||
if(($key = array_search($board, $list)) && gettype($key) == 'string') {
|
if (($key = array_search($board, $list)) && gettype($key) == 'string') {
|
||||||
$body .= ' <a href="' . $board . '">' . $key . '</a> /';
|
$body .= ' <a href="' . $board . '">' . $key . '</a> /';
|
||||||
} else {
|
} else {
|
||||||
$body .= ' <a href="' . $root . $board . '/' . $config['file_index'] . '">' . $board . '</a> /';
|
$body .= ' <a href="' . $root . $board . '/' . $config['file_index'] . '">' . $board . '</a> /';
|
||||||
@ -42,10 +42,10 @@ function doBoardListPart($list, $root) {
|
|||||||
function createBoardlist($mod=false) {
|
function createBoardlist($mod=false) {
|
||||||
global $config;
|
global $config;
|
||||||
|
|
||||||
if(!isset($config['boards'])) return Array('top'=>'','bottom'=>'');
|
if (!isset($config['boards'])) return Array('top'=>'','bottom'=>'');
|
||||||
|
|
||||||
$body = doBoardListPart($config['boards'], $mod?'?/':$config['root']);
|
$body = doBoardListPart($config['boards'], $mod?'?/':$config['root']);
|
||||||
if(!preg_match('/\] $/', $body))
|
if (!preg_match('/\] $/', $body))
|
||||||
$body = '[' . $body . ']';
|
$body = '[' . $body . ']';
|
||||||
|
|
||||||
$body = trim($body);
|
$body = trim($body);
|
||||||
@ -59,12 +59,12 @@ function createBoardlist($mod=false) {
|
|||||||
function error($message, $priority = true) {
|
function error($message, $priority = true) {
|
||||||
global $board, $mod, $config;
|
global $board, $mod, $config;
|
||||||
|
|
||||||
if($config['syslog'] && $priority !== false) {
|
if ($config['syslog'] && $priority !== false) {
|
||||||
// Use LOG_NOTICE instead of LOG_ERR or LOG_WARNING because most error message are not significant.
|
// Use LOG_NOTICE instead of LOG_ERR or LOG_WARNING because most error message are not significant.
|
||||||
_syslog($priority !== true ? $priority : LOG_NOTICE, $message);
|
_syslog($priority !== true ? $priority : LOG_NOTICE, $message);
|
||||||
}
|
}
|
||||||
|
|
||||||
if(defined('STDIN')) {
|
if (defined('STDIN')) {
|
||||||
// Running from CLI
|
// Running from CLI
|
||||||
die('Error: ' . $message . "\n");
|
die('Error: ' . $message . "\n");
|
||||||
}
|
}
|
||||||
@ -103,7 +103,7 @@ function loginForm($error=false, $username=false, $redirect=false) {
|
|||||||
function pm_snippet($body, $len=null) {
|
function pm_snippet($body, $len=null) {
|
||||||
global $config;
|
global $config;
|
||||||
|
|
||||||
if(!isset($len))
|
if (!isset($len))
|
||||||
$len = &$config['mod']['snippet_length'];
|
$len = &$config['mod']['snippet_length'];
|
||||||
|
|
||||||
// Replace line breaks with some whitespace
|
// Replace line breaks with some whitespace
|
||||||
@ -127,16 +127,16 @@ function pm_snippet($body, $len=null) {
|
|||||||
function capcode($cap) {
|
function capcode($cap) {
|
||||||
global $config;
|
global $config;
|
||||||
|
|
||||||
if(!$cap)
|
if (!$cap)
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
$capcode = Array();
|
$capcode = Array();
|
||||||
if(isset($config['custom_capcode'][$cap])) {
|
if (isset($config['custom_capcode'][$cap])) {
|
||||||
if(is_array($config['custom_capcode'][$cap])) {
|
if (is_array($config['custom_capcode'][$cap])) {
|
||||||
$capcode['cap'] = sprintf($config['custom_capcode'][$cap][0], $cap);
|
$capcode['cap'] = sprintf($config['custom_capcode'][$cap][0], $cap);
|
||||||
if(isset($config['custom_capcode'][$cap][1]))
|
if (isset($config['custom_capcode'][$cap][1]))
|
||||||
$capcode['name'] = $config['custom_capcode'][$cap][1];
|
$capcode['name'] = $config['custom_capcode'][$cap][1];
|
||||||
if(isset($config['custom_capcode'][$cap][2]))
|
if (isset($config['custom_capcode'][$cap][2]))
|
||||||
$capcode['trip'] = $config['custom_capcode'][$cap][2];
|
$capcode['trip'] = $config['custom_capcode'][$cap][2];
|
||||||
} else {
|
} else {
|
||||||
$capcode['cap'] = sprintf($config['custom_capcode'][$cap], $cap);
|
$capcode['cap'] = sprintf($config['custom_capcode'][$cap], $cap);
|
||||||
@ -151,38 +151,38 @@ function capcode($cap) {
|
|||||||
function truncate($body, $url, $max_lines = false, $max_chars = false) {
|
function truncate($body, $url, $max_lines = false, $max_chars = false) {
|
||||||
global $config;
|
global $config;
|
||||||
|
|
||||||
if($max_lines === false)
|
if ($max_lines === false)
|
||||||
$max_lines = $config['body_truncate'];
|
$max_lines = $config['body_truncate'];
|
||||||
if($max_chars === false)
|
if ($max_chars === false)
|
||||||
$max_chars = $config['body_truncate_char'];
|
$max_chars = $config['body_truncate_char'];
|
||||||
$original_body = $body;
|
$original_body = $body;
|
||||||
|
|
||||||
$lines = substr_count($body, '<br/>');
|
$lines = substr_count($body, '<br/>');
|
||||||
|
|
||||||
// Limit line count
|
// Limit line count
|
||||||
if($lines > $max_lines) {
|
if ($lines > $max_lines) {
|
||||||
if(preg_match('/(((.*?)<br\/>){' . $max_lines . '})/', $body, $m))
|
if (preg_match('/(((.*?)<br\/>){' . $max_lines . '})/', $body, $m))
|
||||||
$body = $m[0];
|
$body = $m[0];
|
||||||
}
|
}
|
||||||
|
|
||||||
$body = substr($body, 0, $max_chars);
|
$body = substr($body, 0, $max_chars);
|
||||||
|
|
||||||
if($body != $original_body) {
|
if ($body != $original_body) {
|
||||||
// Remove any corrupt tags at the end
|
// Remove any corrupt tags at the end
|
||||||
$body = preg_replace('/<([\w]+)?([^>]*)?$/', '', $body);
|
$body = preg_replace('/<([\w]+)?([^>]*)?$/', '', $body);
|
||||||
|
|
||||||
// Open tags
|
// Open tags
|
||||||
if(preg_match_all('/<([\w]+)[^>]*>/', $body, $open_tags)) {
|
if (preg_match_all('/<([\w]+)[^>]*>/', $body, $open_tags)) {
|
||||||
|
|
||||||
$tags = Array();
|
$tags = Array();
|
||||||
for($x=0;$x<count($open_tags[0]);$x++) {
|
for ($x=0;$x<count($open_tags[0]);$x++) {
|
||||||
if(!preg_match('/\/(\s+)?>$/', $open_tags[0][$x]))
|
if (!preg_match('/\/(\s+)?>$/', $open_tags[0][$x]))
|
||||||
$tags[] = $open_tags[1][$x];
|
$tags[] = $open_tags[1][$x];
|
||||||
}
|
}
|
||||||
|
|
||||||
// List successfully closed tags
|
// List successfully closed tags
|
||||||
if(preg_match_all('/(<\/([\w]+))>/', $body, $closed_tags)) {
|
if (preg_match_all('/(<\/([\w]+))>/', $body, $closed_tags)) {
|
||||||
for($x=0;$x<count($closed_tags[0]);$x++) {
|
for ($x=0;$x<count($closed_tags[0]);$x++) {
|
||||||
unset($tags[array_search($closed_tags[2][$x], $tags)]);
|
unset($tags[array_search($closed_tags[2][$x], $tags)]);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -191,7 +191,7 @@ function truncate($body, $url, $max_lines = false, $max_chars = false) {
|
|||||||
$body = preg_replace('/&[^;]+$/', '', $body);
|
$body = preg_replace('/&[^;]+$/', '', $body);
|
||||||
|
|
||||||
// Close any open tags
|
// Close any open tags
|
||||||
foreach($tags as &$tag) {
|
foreach ($tags as &$tag) {
|
||||||
$body .= "</{$tag}>";
|
$body .= "</{$tag}>";
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
@ -207,8 +207,8 @@ function truncate($body, $url, $max_lines = false, $max_chars = false) {
|
|||||||
|
|
||||||
function confirmLink($text, $title, $confirm, $href) {
|
function confirmLink($text, $title, $confirm, $href) {
|
||||||
global $config, $mod;
|
global $config, $mod;
|
||||||
if($config['mod']['server-side_confirm'])
|
if ($config['mod']['server-side_confirm'])
|
||||||
return '<a onclick="if(confirm(\'' . htmlentities(addslashes($confirm)) . '\')) document.location=\'?/' . htmlentities(addslashes($href)) . '\';return false;" title="' . htmlentities($title) . '" href="?/confirm/' . $href . '">' . $text . '</a>';
|
return '<a onclick="if (confirm(\'' . htmlentities(addslashes($confirm)) . '\')) document.location=\'?/' . htmlentities(addslashes($href)) . '\';return false;" title="' . htmlentities($title) . '" href="?/confirm/' . $href . '">' . $text . '</a>';
|
||||||
else
|
else
|
||||||
return '<a onclick="return confirm(\'' . htmlentities(addslashes($confirm)) . '\')" title="' . htmlentities($title) . '" href="?/' . $href . '">' . $text . '</a>';
|
return '<a onclick="return confirm(\'' . htmlentities(addslashes($confirm)) . '\')" title="' . htmlentities($title) . '" href="?/' . $href . '">' . $text . '</a>';
|
||||||
}
|
}
|
||||||
@ -216,7 +216,7 @@ function confirmLink($text, $title, $confirm, $href) {
|
|||||||
class Post {
|
class Post {
|
||||||
public function __construct($id, $thread, $subject, $email, $name, $trip, $capcode, $body, $time, $thumb, $thumbx, $thumby, $file, $filex, $filey, $filesize, $filename, $ip, $embed, $root=null, $mod=false) {
|
public function __construct($id, $thread, $subject, $email, $name, $trip, $capcode, $body, $time, $thumb, $thumbx, $thumby, $file, $filex, $filey, $filesize, $filename, $ip, $embed, $root=null, $mod=false) {
|
||||||
global $config;
|
global $config;
|
||||||
if(!isset($root))
|
if (!isset($root))
|
||||||
$root = &$config['root'];
|
$root = &$config['root'];
|
||||||
|
|
||||||
$this->id = $id;
|
$this->id = $id;
|
||||||
@ -241,7 +241,7 @@ class Post {
|
|||||||
$this->root = $root;
|
$this->root = $root;
|
||||||
$this->mod = $mod;
|
$this->mod = $mod;
|
||||||
|
|
||||||
if($this->mod)
|
if ($this->mod)
|
||||||
// Fix internal links
|
// Fix internal links
|
||||||
// Very complicated regex
|
// Very complicated regex
|
||||||
$this->body = preg_replace(
|
$this->body = preg_replace(
|
||||||
@ -259,38 +259,38 @@ class Post {
|
|||||||
global $board, $config;
|
global $board, $config;
|
||||||
|
|
||||||
$built = '';
|
$built = '';
|
||||||
if($this->mod) {
|
if ($this->mod) {
|
||||||
// Mod controls (on posts)
|
// Mod controls (on posts)
|
||||||
|
|
||||||
// Delete
|
// Delete
|
||||||
if(hasPermission($config['mod']['delete'], $board['uri'], $this->mod))
|
if (hasPermission($config['mod']['delete'], $board['uri'], $this->mod))
|
||||||
$built .= ' ' . confirmLink($config['mod']['link_delete'], 'Delete', 'Are you sure you want to delete this?', $board['uri'] . '/delete/' . $this->id);
|
$built .= ' ' . confirmLink($config['mod']['link_delete'], 'Delete', 'Are you sure you want to delete this?', $board['uri'] . '/delete/' . $this->id);
|
||||||
|
|
||||||
// Delete all posts by IP
|
// Delete all posts by IP
|
||||||
if(hasPermission($config['mod']['deletebyip'], $board['uri'], $this->mod))
|
if (hasPermission($config['mod']['deletebyip'], $board['uri'], $this->mod))
|
||||||
$built .= ' ' . confirmLink($config['mod']['link_deletebyip'], 'Delete all posts by IP', 'Are you sure you want to delete all posts by this IP address?', $board['uri'] . '/deletebyip/' . $this->id);
|
$built .= ' ' . confirmLink($config['mod']['link_deletebyip'], 'Delete all posts by IP', 'Are you sure you want to delete all posts by this IP address?', $board['uri'] . '/deletebyip/' . $this->id);
|
||||||
|
|
||||||
// Delete all posts by IP (global)
|
// Delete all posts by IP (global)
|
||||||
if(hasPermission($config['mod']['deletebyip_global'], $board['uri'], $this->mod))
|
if (hasPermission($config['mod']['deletebyip_global'], $board['uri'], $this->mod))
|
||||||
$built .= ' ' . confirmLink($config['mod']['link_deletebyip_global'], 'Delete all posts by IP across all boards', 'Are you sure you want to delete all posts by this IP address, across all boards?', $board['uri'] . '/deletebyip/' . $this->id . '/global');
|
$built .= ' ' . confirmLink($config['mod']['link_deletebyip_global'], 'Delete all posts by IP across all boards', 'Are you sure you want to delete all posts by this IP address, across all boards?', $board['uri'] . '/deletebyip/' . $this->id . '/global');
|
||||||
|
|
||||||
// Ban
|
// Ban
|
||||||
if(hasPermission($config['mod']['ban'], $board['uri'], $this->mod))
|
if (hasPermission($config['mod']['ban'], $board['uri'], $this->mod))
|
||||||
$built .= ' <a title="Ban" href="?/' . $board['uri'] . '/ban/' . $this->id . '">' . $config['mod']['link_ban'] . '</a>';
|
$built .= ' <a title="Ban" href="?/' . $board['uri'] . '/ban/' . $this->id . '">' . $config['mod']['link_ban'] . '</a>';
|
||||||
|
|
||||||
// Ban & Delete
|
// Ban & Delete
|
||||||
if(hasPermission($config['mod']['bandelete'], $board['uri'], $this->mod))
|
if (hasPermission($config['mod']['bandelete'], $board['uri'], $this->mod))
|
||||||
$built .= ' <a title="Ban & Delete" href="?/' . $board['uri'] . '/ban&delete/' . $this->id . '">' . $config['mod']['link_bandelete'] . '</a>';
|
$built .= ' <a title="Ban & Delete" href="?/' . $board['uri'] . '/ban&delete/' . $this->id . '">' . $config['mod']['link_bandelete'] . '</a>';
|
||||||
|
|
||||||
// Delete file (keep post)
|
// Delete file (keep post)
|
||||||
if(!empty($this->file) && hasPermission($config['mod']['deletefile'], $board['uri'], $this->mod))
|
if (!empty($this->file) && hasPermission($config['mod']['deletefile'], $board['uri'], $this->mod))
|
||||||
$built .= ' <a title="Remove file" href="?/' . $board['uri'] . '/deletefile/' . $this->id . '">' . $config['mod']['link_deletefile'] . '</a>';
|
$built .= ' <a title="Remove file" href="?/' . $board['uri'] . '/deletefile/' . $this->id . '">' . $config['mod']['link_deletefile'] . '</a>';
|
||||||
|
|
||||||
// Edit post
|
// Edit post
|
||||||
if(hasPermission($config['mod']['editpost'], $board['uri'], $this->mod))
|
if (hasPermission($config['mod']['editpost'], $board['uri'], $this->mod))
|
||||||
$built .= ' <a title="Edit post" href="?/' . $board['uri'] . '/edit/' . $this->id . '">' . $config['mod']['link_editpost'] . '</a>';
|
$built .= ' <a title="Edit post" href="?/' . $board['uri'] . '/edit/' . $this->id . '">' . $config['mod']['link_editpost'] . '</a>';
|
||||||
|
|
||||||
if(!empty($built))
|
if (!empty($built))
|
||||||
$built = '<span class="controls">' . $built . '</span>';
|
$built = '<span class="controls">' . $built . '</span>';
|
||||||
}
|
}
|
||||||
return $built;
|
return $built;
|
||||||
@ -306,7 +306,7 @@ class Post {
|
|||||||
class Thread {
|
class Thread {
|
||||||
public function __construct($id, $subject, $email, $name, $trip, $capcode, $body, $time, $thumb, $thumbx, $thumby, $file, $filex, $filey, $filesize, $filename, $ip, $sticky, $locked, $bumplocked, $embed, $root=null, $mod=false, $hr=true) {
|
public function __construct($id, $subject, $email, $name, $trip, $capcode, $body, $time, $thumb, $thumbx, $thumby, $file, $filex, $filey, $filesize, $filename, $ip, $sticky, $locked, $bumplocked, $embed, $root=null, $mod=false, $hr=true) {
|
||||||
global $config;
|
global $config;
|
||||||
if(!isset($root))
|
if (!isset($root))
|
||||||
$root = &$config['root'];
|
$root = &$config['root'];
|
||||||
|
|
||||||
$this->id = $id;
|
$this->id = $id;
|
||||||
@ -337,7 +337,7 @@ class Thread {
|
|||||||
$this->mod = $mod;
|
$this->mod = $mod;
|
||||||
$this->hr = $hr;
|
$this->hr = $hr;
|
||||||
|
|
||||||
if($this->mod)
|
if ($this->mod)
|
||||||
// Fix internal links
|
// Fix internal links
|
||||||
// Very complicated regex
|
// Very complicated regex
|
||||||
$this->body = preg_replace(
|
$this->body = preg_replace(
|
||||||
@ -358,60 +358,60 @@ class Thread {
|
|||||||
global $board, $config;
|
global $board, $config;
|
||||||
|
|
||||||
$built = '';
|
$built = '';
|
||||||
if($this->mod) {
|
if ($this->mod) {
|
||||||
// Mod controls (on posts)
|
// Mod controls (on posts)
|
||||||
// Delete
|
// Delete
|
||||||
if(hasPermission($config['mod']['delete'], $board['uri'], $this->mod))
|
if (hasPermission($config['mod']['delete'], $board['uri'], $this->mod))
|
||||||
$built .= ' ' . confirmLink($config['mod']['link_delete'], 'Delete', 'Are you sure you want to delete this?', $board['uri'] . '/delete/' . $this->id);
|
$built .= ' ' . confirmLink($config['mod']['link_delete'], 'Delete', 'Are you sure you want to delete this?', $board['uri'] . '/delete/' . $this->id);
|
||||||
|
|
||||||
// Delete all posts by IP
|
// Delete all posts by IP
|
||||||
if(hasPermission($config['mod']['deletebyip'], $board['uri'], $this->mod))
|
if (hasPermission($config['mod']['deletebyip'], $board['uri'], $this->mod))
|
||||||
$built .= ' ' . confirmLink($config['mod']['link_deletebyip'], 'Delete all posts by IP', 'Are you sure you want to delete all posts by this IP address?', $board['uri'] . '/deletebyip/' . $this->id);
|
$built .= ' ' . confirmLink($config['mod']['link_deletebyip'], 'Delete all posts by IP', 'Are you sure you want to delete all posts by this IP address?', $board['uri'] . '/deletebyip/' . $this->id);
|
||||||
|
|
||||||
// Delete all posts by IP (global)
|
// Delete all posts by IP (global)
|
||||||
if(hasPermission($config['mod']['deletebyip_global'], $board['uri'], $this->mod))
|
if (hasPermission($config['mod']['deletebyip_global'], $board['uri'], $this->mod))
|
||||||
$built .= ' ' . confirmLink($config['mod']['link_deletebyip_global'], 'Delete all posts by IP across all boards', 'Are you sure you want to delete all posts by this IP address, across all boards?', $board['uri'] . '/deletebyip/' . $this->id . '/global');
|
$built .= ' ' . confirmLink($config['mod']['link_deletebyip_global'], 'Delete all posts by IP across all boards', 'Are you sure you want to delete all posts by this IP address, across all boards?', $board['uri'] . '/deletebyip/' . $this->id . '/global');
|
||||||
|
|
||||||
// Ban
|
// Ban
|
||||||
if(hasPermission($config['mod']['ban'], $board['uri'], $this->mod))
|
if (hasPermission($config['mod']['ban'], $board['uri'], $this->mod))
|
||||||
$built .= ' <a title="Ban" href="?/' . $board['uri'] . '/ban/' . $this->id . '">' . $config['mod']['link_ban'] . '</a>';
|
$built .= ' <a title="Ban" href="?/' . $board['uri'] . '/ban/' . $this->id . '">' . $config['mod']['link_ban'] . '</a>';
|
||||||
|
|
||||||
// Ban & Delete
|
// Ban & Delete
|
||||||
if(hasPermission($config['mod']['bandelete'], $board['uri'], $this->mod))
|
if (hasPermission($config['mod']['bandelete'], $board['uri'], $this->mod))
|
||||||
$built .= ' <a title="Ban & Delete" href="?/' . $board['uri'] . '/ban&delete/' . $this->id . '">' . $config['mod']['link_bandelete'] . '</a>';
|
$built .= ' <a title="Ban & Delete" href="?/' . $board['uri'] . '/ban&delete/' . $this->id . '">' . $config['mod']['link_bandelete'] . '</a>';
|
||||||
|
|
||||||
// Delete file (keep post)
|
// Delete file (keep post)
|
||||||
if(!empty($this->file) && $this->file != 'deleted' && hasPermission($config['mod']['deletefile'], $board['uri'], $this->mod))
|
if (!empty($this->file) && $this->file != 'deleted' && hasPermission($config['mod']['deletefile'], $board['uri'], $this->mod))
|
||||||
$built .= ' <a title="Remove file" href="?/' . $board['uri'] . '/deletefile/' . $this->id . '">' . $config['mod']['link_deletefile'] . '</a>';
|
$built .= ' <a title="Remove file" href="?/' . $board['uri'] . '/deletefile/' . $this->id . '">' . $config['mod']['link_deletefile'] . '</a>';
|
||||||
|
|
||||||
// Sticky
|
// Sticky
|
||||||
if(hasPermission($config['mod']['sticky'], $board['uri'], $this->mod))
|
if (hasPermission($config['mod']['sticky'], $board['uri'], $this->mod))
|
||||||
if($this->sticky)
|
if ($this->sticky)
|
||||||
$built .= ' <a title="Make thread not sticky" href="?/' . $board['uri'] . '/unsticky/' . $this->id . '">' . $config['mod']['link_desticky'] . '</a>';
|
$built .= ' <a title="Make thread not sticky" href="?/' . $board['uri'] . '/unsticky/' . $this->id . '">' . $config['mod']['link_desticky'] . '</a>';
|
||||||
else
|
else
|
||||||
$built .= ' <a title="Make thread sticky" href="?/' . $board['uri'] . '/sticky/' . $this->id . '">' . $config['mod']['link_sticky'] . '</a>';
|
$built .= ' <a title="Make thread sticky" href="?/' . $board['uri'] . '/sticky/' . $this->id . '">' . $config['mod']['link_sticky'] . '</a>';
|
||||||
|
|
||||||
if(hasPermission($config['mod']['bumplock'], $board['uri'], $this->mod))
|
if (hasPermission($config['mod']['bumplock'], $board['uri'], $this->mod))
|
||||||
if($this->bumplocked)
|
if ($this->bumplocked)
|
||||||
$built .= ' <a title="Allow thread to be bumped" href="?/' . $board['uri'] . '/bumpunlock/' . $this->id . '">' . $config['mod']['link_bumpunlock'] . '</a>';
|
$built .= ' <a title="Allow thread to be bumped" href="?/' . $board['uri'] . '/bumpunlock/' . $this->id . '">' . $config['mod']['link_bumpunlock'] . '</a>';
|
||||||
else
|
else
|
||||||
$built .= ' <a title="Prevent thread from being bumped" href="?/' . $board['uri'] . '/bumplock/' . $this->id . '">' . $config['mod']['link_bumplock'] . '</a>';
|
$built .= ' <a title="Prevent thread from being bumped" href="?/' . $board['uri'] . '/bumplock/' . $this->id . '">' . $config['mod']['link_bumplock'] . '</a>';
|
||||||
|
|
||||||
// Lock
|
// Lock
|
||||||
if(hasPermission($config['mod']['lock'], $board['uri'], $this->mod))
|
if (hasPermission($config['mod']['lock'], $board['uri'], $this->mod))
|
||||||
if($this->locked)
|
if ($this->locked)
|
||||||
$built .= ' <a title="Unlock thread" href="?/' . $board['uri'] . '/unlock/' . $this->id . '">' . $config['mod']['link_unlock'] . '</a>';
|
$built .= ' <a title="Unlock thread" href="?/' . $board['uri'] . '/unlock/' . $this->id . '">' . $config['mod']['link_unlock'] . '</a>';
|
||||||
else
|
else
|
||||||
$built .= ' <a title="Lock thread" href="?/' . $board['uri'] . '/lock/' . $this->id . '">' . $config['mod']['link_lock'] . '</a>';
|
$built .= ' <a title="Lock thread" href="?/' . $board['uri'] . '/lock/' . $this->id . '">' . $config['mod']['link_lock'] . '</a>';
|
||||||
|
|
||||||
if(hasPermission($config['mod']['move'], $board['uri'], $this->mod))
|
if (hasPermission($config['mod']['move'], $board['uri'], $this->mod))
|
||||||
$built .= ' <a title="Move thread to another board" href="?/' . $board['uri'] . '/move/' . $this->id . '">' . $config['mod']['link_move'] . '</a>';
|
$built .= ' <a title="Move thread to another board" href="?/' . $board['uri'] . '/move/' . $this->id . '">' . $config['mod']['link_move'] . '</a>';
|
||||||
|
|
||||||
// Edit post
|
// Edit post
|
||||||
if(hasPermission($config['mod']['editpost'], $board['uri'], $this->mod))
|
if (hasPermission($config['mod']['editpost'], $board['uri'], $this->mod))
|
||||||
$built .= ' <a title="Edit post" href="?/' . $board['uri'] . '/edit/' . $this->id . '">' . $config['mod']['link_editpost'] . '</a>';
|
$built .= ' <a title="Edit post" href="?/' . $board['uri'] . '/edit/' . $this->id . '">' . $config['mod']['link_editpost'] . '</a>';
|
||||||
|
|
||||||
if(!empty($built))
|
if (!empty($built))
|
||||||
$built = '<span class="controls op">' . $built . '</span>';
|
$built = '<span class="controls op">' . $built . '</span>';
|
||||||
}
|
}
|
||||||
return $built;
|
return $built;
|
||||||
@ -426,7 +426,7 @@ class Thread {
|
|||||||
|
|
||||||
$built = Element('post_thread.html', Array('config' => $config, 'board' => $board, 'post' => &$this, 'index' => $index));
|
$built = Element('post_thread.html', Array('config' => $config, 'board' => $board, 'post' => &$this, 'index' => $index));
|
||||||
|
|
||||||
if(!$this->mod && $index && $config['cache']['enabled']) {
|
if (!$this->mod && $index && $config['cache']['enabled']) {
|
||||||
cache::set($this->cache_key($index), $built);
|
cache::set($this->cache_key($index), $built);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -4,7 +4,7 @@
|
|||||||
* Copyright (c) 2010-2012 Tinyboard Development Group
|
* Copyright (c) 2010-2012 Tinyboard Development Group
|
||||||
*/
|
*/
|
||||||
|
|
||||||
if(realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {
|
if (realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {
|
||||||
// You cannot request this file directly.
|
// You cannot request this file directly.
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
@ -18,13 +18,13 @@ function event() {
|
|||||||
|
|
||||||
$args = array_splice($args, 1);
|
$args = array_splice($args, 1);
|
||||||
|
|
||||||
if(!isset($events[$event]))
|
if (!isset($events[$event]))
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
foreach($events[$event] as $callback) {
|
foreach ($events[$event] as $callback) {
|
||||||
if(!is_callable($callback))
|
if (!is_callable($callback))
|
||||||
error('Event handler for ' . $event . ' is not callable!');
|
error('Event handler for ' . $event . ' is not callable!');
|
||||||
if($error = call_user_func_array($callback, $args))
|
if ($error = call_user_func_array($callback, $args))
|
||||||
return $error;
|
return $error;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -34,7 +34,7 @@ function event() {
|
|||||||
function event_handler($event, $callback) {
|
function event_handler($event, $callback) {
|
||||||
global $events;
|
global $events;
|
||||||
|
|
||||||
if(!isset($events[$event]))
|
if (!isset($events[$event]))
|
||||||
$events[$event] = Array();
|
$events[$event] = Array();
|
||||||
|
|
||||||
$events[$event][] = $callback;
|
$events[$event][] = $callback;
|
||||||
|
@ -4,7 +4,7 @@
|
|||||||
* Copyright (c) 2010-2012 Tinyboard Development Group
|
* Copyright (c) 2010-2012 Tinyboard Development Group
|
||||||
*/
|
*/
|
||||||
|
|
||||||
if(realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {
|
if (realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {
|
||||||
// You cannot request this file directly.
|
// You cannot request this file directly.
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
@ -13,7 +13,7 @@ class Filter {
|
|||||||
private $condition;
|
private $condition;
|
||||||
|
|
||||||
public function __construct(array $arr) {
|
public function __construct(array $arr) {
|
||||||
foreach($arr as $key => $value)
|
foreach ($arr as $key => $value)
|
||||||
$this->$key = $value;
|
$this->$key = $value;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -22,7 +22,7 @@ class Filter {
|
|||||||
|
|
||||||
switch($condition) {
|
switch($condition) {
|
||||||
case 'custom':
|
case 'custom':
|
||||||
if(!is_callable($match))
|
if (!is_callable($match))
|
||||||
error('Custom condition for filter is not callable!');
|
error('Custom condition for filter is not callable!');
|
||||||
return $match($post);
|
return $match($post);
|
||||||
case 'name':
|
case 'name':
|
||||||
@ -36,11 +36,11 @@ class Filter {
|
|||||||
case 'body':
|
case 'body':
|
||||||
return preg_match($match, $post['body']);
|
return preg_match($match, $post['body']);
|
||||||
case 'filename':
|
case 'filename':
|
||||||
if(!$post['has_file'])
|
if (!$post['has_file'])
|
||||||
return false;
|
return false;
|
||||||
return preg_match($match, $post['filename']);
|
return preg_match($match, $post['filename']);
|
||||||
case 'extension':
|
case 'extension':
|
||||||
if(!$post['has_file'])
|
if (!$post['has_file'])
|
||||||
return false;
|
return false;
|
||||||
return preg_match($match, $post['body']);
|
return preg_match($match, $post['body']);
|
||||||
case 'ip':
|
case 'ip':
|
||||||
@ -61,22 +61,22 @@ class Filter {
|
|||||||
case 'reject':
|
case 'reject':
|
||||||
error(isset($this->message) ? $this->message : 'Posting throttled by flood filter.');
|
error(isset($this->message) ? $this->message : 'Posting throttled by flood filter.');
|
||||||
case 'ban':
|
case 'ban':
|
||||||
if(!isset($this->reason))
|
if (!isset($this->reason))
|
||||||
error('The ban action requires a reason.');
|
error('The ban action requires a reason.');
|
||||||
|
|
||||||
$reason = $this->reason;
|
$reason = $this->reason;
|
||||||
|
|
||||||
if(isset($this->expires))
|
if (isset($this->expires))
|
||||||
$expires = time() + $this->expires;
|
$expires = time() + $this->expires;
|
||||||
else
|
else
|
||||||
$expires = 0; // Ban indefinitely
|
$expires = 0; // Ban indefinitely
|
||||||
|
|
||||||
if(isset($this->reject))
|
if (isset($this->reject))
|
||||||
$reject = $this->reject;
|
$reject = $this->reject;
|
||||||
else
|
else
|
||||||
$reject = true;
|
$reject = true;
|
||||||
|
|
||||||
if(isset($this->all_boards))
|
if (isset($this->all_boards))
|
||||||
$all_boards = $this->all_boards;
|
$all_boards = $this->all_boards;
|
||||||
else
|
else
|
||||||
$all_boards = false;
|
$all_boards = false;
|
||||||
@ -86,26 +86,26 @@ class Filter {
|
|||||||
$query->bindValue(':mod', -1);
|
$query->bindValue(':mod', -1);
|
||||||
$query->bindValue(':set', time());
|
$query->bindValue(':set', time());
|
||||||
|
|
||||||
if($expires)
|
if ($expires)
|
||||||
$query->bindValue(':expires', $expires);
|
$query->bindValue(':expires', $expires);
|
||||||
else
|
else
|
||||||
$query->bindValue(':expires', null, PDO::PARAM_NULL);
|
$query->bindValue(':expires', null, PDO::PARAM_NULL);
|
||||||
|
|
||||||
if($reason)
|
if ($reason)
|
||||||
$query->bindValue(':reason', $reason);
|
$query->bindValue(':reason', $reason);
|
||||||
else
|
else
|
||||||
$query->bindValue(':reason', null, PDO::PARAM_NULL);
|
$query->bindValue(':reason', null, PDO::PARAM_NULL);
|
||||||
|
|
||||||
|
|
||||||
if($all_boards)
|
if ($all_boards)
|
||||||
$query->bindValue(':board', null, PDO::PARAM_NULL);
|
$query->bindValue(':board', null, PDO::PARAM_NULL);
|
||||||
else
|
else
|
||||||
$query->bindValue(':board', $board['uri']);
|
$query->bindValue(':board', $board['uri']);
|
||||||
|
|
||||||
$query->execute() or error(db_error($query));
|
$query->execute() or error(db_error($query));
|
||||||
|
|
||||||
if($reject) {
|
if ($reject) {
|
||||||
if(isset($this->message))
|
if (isset($this->message))
|
||||||
error($message);
|
error($message);
|
||||||
|
|
||||||
checkBan($board['uri']);
|
checkBan($board['uri']);
|
||||||
@ -119,8 +119,8 @@ class Filter {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public function check(array $post) {
|
public function check(array $post) {
|
||||||
foreach($this->condition as $condition => $value) {
|
foreach ($this->condition as $condition => $value) {
|
||||||
if(!$this->match($post, $condition, $value))
|
if (!$this->match($post, $condition, $value))
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -132,12 +132,12 @@ class Filter {
|
|||||||
function do_filters(array $post) {
|
function do_filters(array $post) {
|
||||||
global $config;
|
global $config;
|
||||||
|
|
||||||
if(!isset($config['flood_filters']))
|
if (!isset($config['flood_filters']))
|
||||||
return;
|
return;
|
||||||
|
|
||||||
foreach($config['flood_filters'] as $arr) {
|
foreach ($config['flood_filters'] as $arr) {
|
||||||
$filter = new Filter($arr);
|
$filter = new Filter($arr);
|
||||||
if($filter->check($post))
|
if ($filter->check($post))
|
||||||
$filter->action();
|
$filter->action();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
File diff suppressed because it is too large
Load Diff
@ -4,7 +4,7 @@
|
|||||||
* Copyright (c) 2010-2012 Tinyboard Development Group
|
* Copyright (c) 2010-2012 Tinyboard Development Group
|
||||||
*/
|
*/
|
||||||
|
|
||||||
if(realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {
|
if (realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {
|
||||||
// You cannot request this file directly.
|
// You cannot request this file directly.
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
@ -17,25 +17,25 @@ class Image {
|
|||||||
$this->src = $src;
|
$this->src = $src;
|
||||||
$this->format = $format;
|
$this->format = $format;
|
||||||
|
|
||||||
if($config['thumb_method'] == 'imagick') {
|
if ($config['thumb_method'] == 'imagick') {
|
||||||
$classname = 'ImageImagick';
|
$classname = 'ImageImagick';
|
||||||
} elseif($config['thumb_method'] == 'convert') {
|
} elseif ($config['thumb_method'] == 'convert') {
|
||||||
$classname = 'ImageConvert';
|
$classname = 'ImageConvert';
|
||||||
} else {
|
} else {
|
||||||
$classname = 'Image' . strtoupper($this->format);
|
$classname = 'Image' . strtoupper($this->format);
|
||||||
if(!class_exists($classname)) {
|
if (!class_exists($classname)) {
|
||||||
error('Unsupported file format: ' . $this->format);
|
error('Unsupported file format: ' . $this->format);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$this->image = new $classname($this);
|
$this->image = new $classname($this);
|
||||||
if(!$this->image->valid()) {
|
if (!$this->image->valid()) {
|
||||||
$this->delete();
|
$this->delete();
|
||||||
error($config['error']['invalidimg']);
|
error($config['error']['invalidimg']);
|
||||||
}
|
}
|
||||||
|
|
||||||
$this->size = (object)Array('width' => $this->image->_width(), 'height' => $this->image->_height());
|
$this->size = (object)Array('width' => $this->image->_width(), 'height' => $this->image->_height());
|
||||||
if($this->size->width < 1 || $this->size->height < 1) {
|
if ($this->size->width < 1 || $this->size->height < 1) {
|
||||||
$this->delete();
|
$this->delete();
|
||||||
error($config['error']['invalidimg']);
|
error($config['error']['invalidimg']);
|
||||||
}
|
}
|
||||||
@ -44,13 +44,13 @@ class Image {
|
|||||||
public function resize($extension, $max_width, $max_height) {
|
public function resize($extension, $max_width, $max_height) {
|
||||||
global $config;
|
global $config;
|
||||||
|
|
||||||
if($config['thumb_method'] == 'imagick') {
|
if ($config['thumb_method'] == 'imagick') {
|
||||||
$classname = 'ImageImagick';
|
$classname = 'ImageImagick';
|
||||||
} elseif($config['thumb_method'] == 'convert') {
|
} elseif ($config['thumb_method'] == 'convert') {
|
||||||
$classname = 'ImageConvert';
|
$classname = 'ImageConvert';
|
||||||
} else {
|
} else {
|
||||||
$classname = 'Image' . strtoupper($extension);
|
$classname = 'Image' . strtoupper($extension);
|
||||||
if(!class_exists($classname)) {
|
if (!class_exists($classname)) {
|
||||||
error('Unsupported file format: ' . $extension);
|
error('Unsupported file format: ' . $extension);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -63,7 +63,7 @@ class Image {
|
|||||||
$x_ratio = $max_width / $this->size->width;
|
$x_ratio = $max_width / $this->size->width;
|
||||||
$y_ratio = $max_height / $this->size->height;
|
$y_ratio = $max_height / $this->size->height;
|
||||||
|
|
||||||
if(($this->size->width <= $max_width) && ($this->size->height <= $max_height)) {
|
if (($this->size->width <= $max_width) && ($this->size->height <= $max_height)) {
|
||||||
$width = $this->size->width;
|
$width = $this->size->width;
|
||||||
$height = $this->size->height;
|
$height = $this->size->height;
|
||||||
} elseif (($x_ratio * $this->size->height) < $max_height) {
|
} elseif (($x_ratio * $this->size->height) < $max_height) {
|
||||||
@ -110,29 +110,29 @@ class ImageBase extends ImageGD {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public function __construct($img) {
|
public function __construct($img) {
|
||||||
if(method_exists($this, 'init'))
|
if (method_exists($this, 'init'))
|
||||||
$this->init();
|
$this->init();
|
||||||
|
|
||||||
if($img !== false) {
|
if ($img !== false) {
|
||||||
$this->src = $img->src;
|
$this->src = $img->src;
|
||||||
$this->from();
|
$this->from();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
public function _width() {
|
public function _width() {
|
||||||
if(method_exists($this, 'width'))
|
if (method_exists($this, 'width'))
|
||||||
return $this->width();
|
return $this->width();
|
||||||
// use default GD functions
|
// use default GD functions
|
||||||
return imagesx($this->image);
|
return imagesx($this->image);
|
||||||
}
|
}
|
||||||
public function _height() {
|
public function _height() {
|
||||||
if(method_exists($this, 'height'))
|
if (method_exists($this, 'height'))
|
||||||
return $this->height();
|
return $this->height();
|
||||||
// use default GD functions
|
// use default GD functions
|
||||||
return imagesy($this->image);
|
return imagesy($this->image);
|
||||||
}
|
}
|
||||||
public function _destroy() {
|
public function _destroy() {
|
||||||
if(method_exists($this, 'destroy'))
|
if (method_exists($this, 'destroy'))
|
||||||
return $this->destroy();
|
return $this->destroy();
|
||||||
// use default GD functions
|
// use default GD functions
|
||||||
return imagedestroy($this->image);
|
return imagedestroy($this->image);
|
||||||
@ -142,7 +142,7 @@ class ImageBase extends ImageGD {
|
|||||||
$this->width = $width;
|
$this->width = $width;
|
||||||
$this->height = $height;
|
$this->height = $height;
|
||||||
|
|
||||||
if(method_exists($this, 'resize'))
|
if (method_exists($this, 'resize'))
|
||||||
$this->resize();
|
$this->resize();
|
||||||
else
|
else
|
||||||
// use default GD functions
|
// use default GD functions
|
||||||
@ -164,7 +164,7 @@ class ImageImagick extends ImageBase {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
public function to($src) {
|
public function to($src) {
|
||||||
if(preg_match('/\.gif$/i', $src))
|
if (preg_match('/\.gif$/i', $src))
|
||||||
$this->image->writeImages($src, true);
|
$this->image->writeImages($src, true);
|
||||||
else
|
else
|
||||||
$this->image->writeImage($src);
|
$this->image->writeImage($src);
|
||||||
@ -181,20 +181,20 @@ class ImageImagick extends ImageBase {
|
|||||||
public function resize() {
|
public function resize() {
|
||||||
global $config;
|
global $config;
|
||||||
|
|
||||||
if(preg_match('/\.gif$/i', $this->src) && $config['thumb_ext'] == 'gif') {
|
if (preg_match('/\.gif$/i', $this->src) && $config['thumb_ext'] == 'gif') {
|
||||||
$this->image = new Imagick();
|
$this->image = new Imagick();
|
||||||
$this->image->setFormat('gif');
|
$this->image->setFormat('gif');
|
||||||
|
|
||||||
$keep_frames = Array();
|
$keep_frames = Array();
|
||||||
for($i = 0; $i < $this->original->getNumberImages(); $i += floor($this->original->getNumberImages() / $config['thumb_keep_animation_frames']))
|
for ($i = 0; $i < $this->original->getNumberImages(); $i += floor($this->original->getNumberImages() / $config['thumb_keep_animation_frames']))
|
||||||
$keep_frames[] = $i;
|
$keep_frames[] = $i;
|
||||||
|
|
||||||
$i = 0;
|
$i = 0;
|
||||||
$delay = 0;
|
$delay = 0;
|
||||||
foreach($this->original as $frame) {
|
foreach ($this->original as $frame) {
|
||||||
$delay += $frame->getImageDelay();
|
$delay += $frame->getImageDelay();
|
||||||
|
|
||||||
if(in_array($i, $keep_frames)) {
|
if (in_array($i, $keep_frames)) {
|
||||||
// $frame->scaleImage($this->width, $this->height, false);
|
// $frame->scaleImage($this->width, $this->height, false);
|
||||||
$frame->sampleImage($this->width, $this->height);
|
$frame->sampleImage($this->width, $this->height);
|
||||||
$frame->setImagePage($this->width, $this->height, 0, 0);
|
$frame->setImagePage($this->width, $this->height, 0, 0);
|
||||||
@ -223,7 +223,7 @@ class ImageConvert extends ImageBase {
|
|||||||
}
|
}
|
||||||
public function from() {
|
public function from() {
|
||||||
$size = trim(shell_exec('identify -format "%w %h" ' . escapeshellarg($this->src . '[0]')));
|
$size = trim(shell_exec('identify -format "%w %h" ' . escapeshellarg($this->src . '[0]')));
|
||||||
if(preg_match('/^(\d+) (\d+)$/', $size, $m)) {
|
if (preg_match('/^(\d+) (\d+)$/', $size, $m)) {
|
||||||
$this->width = $m[1];
|
$this->width = $m[1];
|
||||||
$this->height = $m[2];
|
$this->height = $m[2];
|
||||||
|
|
||||||
@ -234,7 +234,7 @@ class ImageConvert extends ImageBase {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
public function to($src) {
|
public function to($src) {
|
||||||
if(!$this->temp) {
|
if (!$this->temp) {
|
||||||
// $config['redraw_image']
|
// $config['redraw_image']
|
||||||
shell_exec('convert ' . escapeshellarg($this->src) . ' ' . escapeshellarg($src));
|
shell_exec('convert ' . escapeshellarg($this->src) . ' ' . escapeshellarg($src));
|
||||||
} else {
|
} else {
|
||||||
@ -255,7 +255,7 @@ class ImageConvert extends ImageBase {
|
|||||||
public function resize() {
|
public function resize() {
|
||||||
global $config;
|
global $config;
|
||||||
|
|
||||||
if($this->temp) {
|
if ($this->temp) {
|
||||||
// remove old
|
// remove old
|
||||||
$this->destroy();
|
$this->destroy();
|
||||||
}
|
}
|
||||||
@ -264,7 +264,7 @@ class ImageConvert extends ImageBase {
|
|||||||
|
|
||||||
$quality = $config['thumb_quality'] * 10;
|
$quality = $config['thumb_quality'] * 10;
|
||||||
|
|
||||||
if(shell_exec("convert -flatten -filter Point -scale {$this->width}x{$this->height} +antialias -quality {$quality} " . escapeshellarg($this->src . '[0]') . " " . escapeshellarg($this->temp)) || !file_exists($this->temp))
|
if (shell_exec("convert -flatten -filter Point -scale {$this->width}x{$this->height} +antialias -quality {$quality} " . escapeshellarg($this->src . '[0]') . " " . escapeshellarg($this->temp)) || !file_exists($this->temp))
|
||||||
error('Failed to resize image!');
|
error('Failed to resize image!');
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -288,10 +288,10 @@ class ImagePNG extends ImageBase {
|
|||||||
|
|
||||||
class ImageGIF extends ImageBase {
|
class ImageGIF extends ImageBase {
|
||||||
public function from() {
|
public function from() {
|
||||||
$this->image = @imagecreatefromgif($this->src);
|
$this->image = @imagecreatefromgif ($this->src);
|
||||||
}
|
}
|
||||||
public function to($src) {
|
public function to($src) {
|
||||||
imagegif($this->image, $src);
|
imagegif ($this->image, $src);
|
||||||
}
|
}
|
||||||
public function resize() {
|
public function resize() {
|
||||||
$this->GD_create();
|
$this->GD_create();
|
||||||
@ -436,7 +436,7 @@ function imagebmp(&$img, $filename='') {
|
|||||||
|
|
||||||
// is faster than chr()
|
// is faster than chr()
|
||||||
$arrChr = array();
|
$arrChr = array();
|
||||||
for($i=0; $i<256; $i++){
|
for ($i=0; $i<256; $i++){
|
||||||
$arrChr[$i] = chr($i);
|
$arrChr[$i] = chr($i);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -472,7 +472,7 @@ function imagebmp(&$img, $filename='') {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// see imagegif
|
// see imagegif
|
||||||
if($filename == '') {
|
if ($filename == '') {
|
||||||
echo $result;
|
echo $result;
|
||||||
} else {
|
} else {
|
||||||
$file = fopen($filename, 'wb');
|
$file = fopen($filename, 'wb');
|
||||||
|
34
inc/mod.php
34
inc/mod.php
@ -4,7 +4,7 @@
|
|||||||
* Copyright (c) 2010-2012 Tinyboard Development Group
|
* Copyright (c) 2010-2012 Tinyboard Development Group
|
||||||
*/
|
*/
|
||||||
|
|
||||||
if(realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {
|
if (realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {
|
||||||
// You cannot request this file directly.
|
// You cannot request this file directly.
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
@ -13,7 +13,7 @@ if(realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {
|
|||||||
function mkhash($username, $password, $salt = false) {
|
function mkhash($username, $password, $salt = false) {
|
||||||
global $config;
|
global $config;
|
||||||
|
|
||||||
if(!$salt) {
|
if (!$salt) {
|
||||||
// create some sort of salt for the hash
|
// create some sort of salt for the hash
|
||||||
$salt = substr(base64_encode(sha1(rand() . time(), true) . $config['cookies']['salt']), 0, 15);
|
$salt = substr(base64_encode(sha1(rand() . time(), true) . $config['cookies']['salt']), 0, 15);
|
||||||
|
|
||||||
@ -23,7 +23,7 @@ function mkhash($username, $password, $salt = false) {
|
|||||||
// generate hash (method is not important as long as it's strong)
|
// generate hash (method is not important as long as it's strong)
|
||||||
$hash = substr(base64_encode(md5($username . sha1($username . $password . $salt . ($config['mod']['lock_ip'] ? $_SERVER['REMOTE_ADDR'] : ''), true), true)), 0, 20);
|
$hash = substr(base64_encode(md5($username . sha1($username . $password . $salt . ($config['mod']['lock_ip'] ? $_SERVER['REMOTE_ADDR'] : ''), true), true)), 0, 20);
|
||||||
|
|
||||||
if(isset($generated_salt))
|
if (isset($generated_salt))
|
||||||
return Array($hash, $salt);
|
return Array($hash, $salt);
|
||||||
else
|
else
|
||||||
return $hash;
|
return $hash;
|
||||||
@ -33,7 +33,7 @@ function login($username, $password, $makehash=true) {
|
|||||||
global $mod;
|
global $mod;
|
||||||
|
|
||||||
// SHA1 password
|
// SHA1 password
|
||||||
if($makehash) {
|
if ($makehash) {
|
||||||
$password = sha1($password);
|
$password = sha1($password);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -42,7 +42,7 @@ function login($username, $password, $makehash=true) {
|
|||||||
$query->bindValue(':password', $password);
|
$query->bindValue(':password', $password);
|
||||||
$query->execute() or error(db_error($query));
|
$query->execute() or error(db_error($query));
|
||||||
|
|
||||||
if($user = $query->fetch()) {
|
if ($user = $query->fetch()) {
|
||||||
return $mod = Array(
|
return $mod = Array(
|
||||||
'id' => $user['id'],
|
'id' => $user['id'],
|
||||||
'type' => $user['type'],
|
'type' => $user['type'],
|
||||||
@ -55,7 +55,7 @@ function login($username, $password, $makehash=true) {
|
|||||||
|
|
||||||
function setCookies() {
|
function setCookies() {
|
||||||
global $mod, $config;
|
global $mod, $config;
|
||||||
if(!$mod)
|
if (!$mod)
|
||||||
error('setCookies() was called for a non-moderator!');
|
error('setCookies() was called for a non-moderator!');
|
||||||
|
|
||||||
setcookie($config['cookies']['mod'],
|
setcookie($config['cookies']['mod'],
|
||||||
@ -79,7 +79,7 @@ function create_pm_header() {
|
|||||||
$query->bindValue(':id', $mod['id'], PDO::PARAM_INT);
|
$query->bindValue(':id', $mod['id'], PDO::PARAM_INT);
|
||||||
$query->execute() or error(db_error($query));
|
$query->execute() or error(db_error($query));
|
||||||
|
|
||||||
if($pm = $query->fetch()) {
|
if ($pm = $query->fetch()) {
|
||||||
return Array('id' => $pm['id'], 'waiting' => $query->rowCount() - 1);
|
return Array('id' => $pm['id'], 'waiting' => $query->rowCount() - 1);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -93,15 +93,15 @@ function modLog($action, $_board=null) {
|
|||||||
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
|
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
|
||||||
$query->bindValue(':time', time(), PDO::PARAM_INT);
|
$query->bindValue(':time', time(), PDO::PARAM_INT);
|
||||||
$query->bindValue(':text', $action);
|
$query->bindValue(':text', $action);
|
||||||
if(isset($_board))
|
if (isset($_board))
|
||||||
$query->bindValue(':board', $_board);
|
$query->bindValue(':board', $_board);
|
||||||
elseif(isset($board))
|
elseif (isset($board))
|
||||||
$query->bindValue(':board', $board['uri']);
|
$query->bindValue(':board', $board['uri']);
|
||||||
else
|
else
|
||||||
$query->bindValue(':board', null, PDO::PARAM_NULL);
|
$query->bindValue(':board', null, PDO::PARAM_NULL);
|
||||||
$query->execute() or error(db_error($query));
|
$query->execute() or error(db_error($query));
|
||||||
|
|
||||||
if($config['syslog'])
|
if ($config['syslog'])
|
||||||
_syslog(LOG_INFO, '[mod/' . $mod['username'] . ']: ' . $action);
|
_syslog(LOG_INFO, '[mod/' . $mod['username'] . ']: ' . $action);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -115,7 +115,7 @@ function ulBoards() {
|
|||||||
// List of boards
|
// List of boards
|
||||||
$boards = listBoards();
|
$boards = listBoards();
|
||||||
|
|
||||||
foreach($boards as &$b) {
|
foreach ($boards as &$b) {
|
||||||
$body .= '<li>' .
|
$body .= '<li>' .
|
||||||
'<a href="?/' .
|
'<a href="?/' .
|
||||||
sprintf($config['board_path'], $b['uri']) . $config['file_index'] .
|
sprintf($config['board_path'], $b['uri']) . $config['file_index'] .
|
||||||
@ -129,7 +129,7 @@ function ulBoards() {
|
|||||||
'</li>';
|
'</li>';
|
||||||
}
|
}
|
||||||
|
|
||||||
if($mod['type'] >= $config['mod']['newboard']) {
|
if ($mod['type'] >= $config['mod']['newboard']) {
|
||||||
$body .= '<li style="margin-top:15px;"><a href="?/new"><strong>' . _('Create new board') . '</strong></a></li>';
|
$body .= '<li style="margin-top:15px;"><a href="?/new"><strong>' . _('Create new board') . '</strong></a></li>';
|
||||||
}
|
}
|
||||||
return $body;
|
return $body;
|
||||||
@ -140,7 +140,7 @@ function form_newBan($ip=null, $reason='', $continue=false, $delete=false, $boar
|
|||||||
|
|
||||||
$boards = listBoards();
|
$boards = listBoards();
|
||||||
$__boards = '<li><input type="radio" checked="checked" name="board" id="board_*" value=""/> <label style="display:inline" for="board_*"><em>' . _('all boards') . '</em></label></li>';
|
$__boards = '<li><input type="radio" checked="checked" name="board" id="board_*" value=""/> <label style="display:inline" for="board_*"><em>' . _('all boards') . '</em></label></li>';
|
||||||
foreach($boards as &$_board) {
|
foreach ($boards as &$_board) {
|
||||||
$__boards .= '<li>' .
|
$__boards .= '<li>' .
|
||||||
'<input type="radio" name="board" id="board_' . $_board['uri'] . '" value="' . $_board['uri'] . '">' .
|
'<input type="radio" name="board" id="board_' . $_board['uri'] . '" value="' . $_board['uri'] . '">' .
|
||||||
'<label style="display:inline" for="board_' . $_board['uri'] . '"> ' .
|
'<label style="display:inline" for="board_' . $_board['uri'] . '"> ' .
|
||||||
@ -247,7 +247,7 @@ function removeBan($id) {
|
|||||||
$query->bindValue(':id', $id, PDO::PARAM_INT);
|
$query->bindValue(':id', $id, PDO::PARAM_INT);
|
||||||
$query->execute() or error(db_error($query));
|
$query->execute() or error(db_error($query));
|
||||||
|
|
||||||
//if($config['memcached']['enabled']) {
|
//if ($config['memcached']['enabled']) {
|
||||||
// Remove cached ban
|
// Remove cached ban
|
||||||
// TODO
|
// TODO
|
||||||
// $memcached->delete("ban_{$id}");
|
// $memcached->delete("ban_{$id}");
|
||||||
@ -257,10 +257,10 @@ function removeBan($id) {
|
|||||||
|
|
||||||
// Validate session
|
// Validate session
|
||||||
|
|
||||||
if(isset($_COOKIE[$config['cookies']['mod']])) {
|
if (isset($_COOKIE[$config['cookies']['mod']])) {
|
||||||
// Should be username:hash:salt
|
// Should be username:hash:salt
|
||||||
$cookie = explode(':', $_COOKIE[$config['cookies']['mod']]);
|
$cookie = explode(':', $_COOKIE[$config['cookies']['mod']]);
|
||||||
if(count($cookie) != 3) {
|
if (count($cookie) != 3) {
|
||||||
destroyCookies();
|
destroyCookies();
|
||||||
error($config['error']['malformed']);
|
error($config['error']['malformed']);
|
||||||
}
|
}
|
||||||
@ -271,7 +271,7 @@ if(isset($_COOKIE[$config['cookies']['mod']])) {
|
|||||||
$user = $query->fetch();
|
$user = $query->fetch();
|
||||||
|
|
||||||
// validate password hash
|
// validate password hash
|
||||||
if($cookie[1] != mkhash($cookie[0], $user['password'], $cookie[2])) {
|
if ($cookie[1] != mkhash($cookie[0], $user['password'], $cookie[2])) {
|
||||||
// Malformed cookies
|
// Malformed cookies
|
||||||
destroyCookies();
|
destroyCookies();
|
||||||
error($config['error']['malformed']);
|
error($config['error']['malformed']);
|
||||||
|
@ -4,38 +4,38 @@
|
|||||||
* Copyright (c) 2010-2012 Tinyboard Development Group
|
* Copyright (c) 2010-2012 Tinyboard Development Group
|
||||||
*/
|
*/
|
||||||
|
|
||||||
if(realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {
|
if (realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {
|
||||||
// You cannot request this file directly.
|
// You cannot request this file directly.
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
class Remote {
|
class Remote {
|
||||||
public function __construct($config) {
|
public function __construct($config) {
|
||||||
foreach($config as $name => $value) {
|
foreach ($config as $name => $value) {
|
||||||
$this->{$name} = $value;
|
$this->{$name} = $value;
|
||||||
}
|
}
|
||||||
|
|
||||||
$methods = Array();
|
$methods = Array();
|
||||||
|
|
||||||
if(!isset($this->auth['method']))
|
if (!isset($this->auth['method']))
|
||||||
error('Unspecified authentication method.');
|
error('Unspecified authentication method.');
|
||||||
|
|
||||||
// Connect
|
// Connect
|
||||||
$this->connection = ssh2_connect($this->host, isset($this->port) ? $this->port : 22, $methods);
|
$this->connection = ssh2_connect($this->host, isset($this->port) ? $this->port : 22, $methods);
|
||||||
|
|
||||||
switch($this->auth['method']) {
|
switch ($this->auth['method']) {
|
||||||
case 'pubkey':
|
case 'pubkey':
|
||||||
|
|
||||||
if(!isset($this->auth['public']))
|
if (!isset($this->auth['public']))
|
||||||
error('Public key filename not specified.');
|
error('Public key filename not specified.');
|
||||||
if(!isset($this->auth['private']))
|
if (!isset($this->auth['private']))
|
||||||
error('Private key filename not specified.');
|
error('Private key filename not specified.');
|
||||||
|
|
||||||
if(!ssh2_auth_pubkey_file($this->connection, $this->auth['username'], $this->auth['public'], $this->auth['private'], isset($this->auth['passphrase']) ? $this->auth['passphrase']: null))
|
if (!ssh2_auth_pubkey_file($this->connection, $this->auth['username'], $this->auth['public'], $this->auth['private'], isset($this->auth['passphrase']) ? $this->auth['passphrase']: null))
|
||||||
error('Public key authentication failed.');
|
error('Public key authentication failed.');
|
||||||
break;
|
break;
|
||||||
case 'plain':
|
case 'plain':
|
||||||
if(!ssh2_auth_password($this->connection, $this->auth['username'], $this->auth['password']))
|
if (!ssh2_auth_password($this->connection, $this->auth['username'], $this->auth['password']))
|
||||||
error('Plain-text authentication failed.');
|
error('Plain-text authentication failed.');
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
@ -47,7 +47,7 @@ class Remote {
|
|||||||
public function write($data, $remote_path) {
|
public function write($data, $remote_path) {
|
||||||
global $config;
|
global $config;
|
||||||
|
|
||||||
switch($this->type) {
|
switch ($this->type) {
|
||||||
case 'sftp':
|
case 'sftp':
|
||||||
$sftp = ssh2_sftp($this->connection);
|
$sftp = ssh2_sftp($this->connection);
|
||||||
file_write('ssh2.sftp://' . $sftp . $remote_path, $data, true);
|
file_write('ssh2.sftp://' . $sftp . $remote_path, $data, true);
|
||||||
|
@ -4,7 +4,7 @@
|
|||||||
* Copyright (c) 2010-2012 Tinyboard Development Group
|
* Copyright (c) 2010-2012 Tinyboard Development Group
|
||||||
*/
|
*/
|
||||||
|
|
||||||
if(realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {
|
if (realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {
|
||||||
// You cannot request this file directly.
|
// You cannot request this file directly.
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
@ -36,15 +36,15 @@ function load_twig() {
|
|||||||
function Element($templateFile, array $options) {
|
function Element($templateFile, array $options) {
|
||||||
global $config, $debug, $twig;
|
global $config, $debug, $twig;
|
||||||
|
|
||||||
if(!$twig)
|
if (!$twig)
|
||||||
load_twig();
|
load_twig();
|
||||||
|
|
||||||
if(function_exists('create_pm_header') && ((isset($options['mod']) && $options['mod']) || isset($options['__mod']))) {
|
if (function_exists('create_pm_header') && ((isset($options['mod']) && $options['mod']) || isset($options['__mod']))) {
|
||||||
$options['pm'] = create_pm_header();
|
$options['pm'] = create_pm_header();
|
||||||
}
|
}
|
||||||
|
|
||||||
if(isset($options['body']) && $config['debug']) {
|
if (isset($options['body']) && $config['debug']) {
|
||||||
if(isset($debug['start'])) {
|
if (isset($debug['start'])) {
|
||||||
$debug['time'] = '~' . round((microtime(true) - $debug['start']) * 1000, 2) . 'ms';
|
$debug['time'] = '~' . round((microtime(true) - $debug['start']) * 1000, 2) . 'ms';
|
||||||
unset($debug['start']);
|
unset($debug['start']);
|
||||||
}
|
}
|
||||||
@ -57,10 +57,10 @@ function Element($templateFile, array $options) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Read the template file
|
// Read the template file
|
||||||
if(@file_get_contents("{$config['dir']['template']}/${templateFile}")) {
|
if (@file_get_contents("{$config['dir']['template']}/${templateFile}")) {
|
||||||
$body = $twig->render($templateFile, $options);
|
$body = $twig->render($templateFile, $options);
|
||||||
|
|
||||||
if($config['minify_html'] && preg_match('/\.html$/', $templateFile)) {
|
if ($config['minify_html'] && preg_match('/\.html$/', $templateFile)) {
|
||||||
$body = trim(preg_replace("/[\t\r\n]/", '', $body));
|
$body = trim(preg_replace("/[\t\r\n]/", '', $body));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
76
install.php
76
install.php
@ -16,21 +16,21 @@ $page = Array(
|
|||||||
// this breaks the dispaly of licenses if enabled
|
// this breaks the dispaly of licenses if enabled
|
||||||
$config['minify_html'] = false;
|
$config['minify_html'] = false;
|
||||||
|
|
||||||
if(file_exists($config['has_installed'])) {
|
if (file_exists($config['has_installed'])) {
|
||||||
|
|
||||||
// Check the version number
|
// Check the version number
|
||||||
$version = trim(file_get_contents($config['has_installed']));
|
$version = trim(file_get_contents($config['has_installed']));
|
||||||
if(empty($version))
|
if (empty($version))
|
||||||
$version = 'v0.9.1';
|
$version = 'v0.9.1';
|
||||||
|
|
||||||
$boards = listBoards();
|
$boards = listBoards();
|
||||||
|
|
||||||
switch($version) {
|
switch ($version) {
|
||||||
case 'v0.9':
|
case 'v0.9':
|
||||||
case 'v0.9.1':
|
case 'v0.9.1':
|
||||||
// Upgrade to v0.9.2-dev
|
// Upgrade to v0.9.2-dev
|
||||||
|
|
||||||
foreach($boards as &$_board) {
|
foreach ($boards as &$_board) {
|
||||||
// Add `capcode` field after `trip`
|
// Add `capcode` field after `trip`
|
||||||
query(sprintf("ALTER TABLE `posts_%s` ADD `capcode` VARCHAR( 50 ) NULL AFTER `trip`", $_board['uri'])) or error(db_error());
|
query(sprintf("ALTER TABLE `posts_%s` ADD `capcode` VARCHAR( 50 ) NULL AFTER `trip`", $_board['uri'])) or error(db_error());
|
||||||
|
|
||||||
@ -51,7 +51,7 @@ if(file_exists($config['has_installed'])) {
|
|||||||
$version = 'v0.9.2-dev-1';
|
$version = 'v0.9.2-dev-1';
|
||||||
// Upgrade to v0.9.2-dev-2
|
// Upgrade to v0.9.2-dev-2
|
||||||
|
|
||||||
foreach($boards as &$_board) {
|
foreach ($boards as &$_board) {
|
||||||
// Increase field sizes
|
// Increase field sizes
|
||||||
query(sprintf("ALTER TABLE `posts_%s` CHANGE `subject` `subject` VARCHAR( 50 ) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL", $_board['uri'])) or error(db_error());
|
query(sprintf("ALTER TABLE `posts_%s` CHANGE `subject` `subject` VARCHAR( 50 ) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL", $_board['uri'])) or error(db_error());
|
||||||
query(sprintf("ALTER TABLE `posts_%s` CHANGE `name` `name` VARCHAR( 35 ) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL", $_board['uri'])) or error(db_error());
|
query(sprintf("ALTER TABLE `posts_%s` CHANGE `name` `name` VARCHAR( 35 ) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL", $_board['uri'])) or error(db_error());
|
||||||
@ -59,7 +59,7 @@ if(file_exists($config['has_installed'])) {
|
|||||||
case 'v0.9.2-dev-2':
|
case 'v0.9.2-dev-2':
|
||||||
// Upgrade to v0.9.2-dev-3 (v0.9.2)
|
// Upgrade to v0.9.2-dev-3 (v0.9.2)
|
||||||
|
|
||||||
foreach($boards as &$_board) {
|
foreach ($boards as &$_board) {
|
||||||
// Add `custom_fields` field
|
// Add `custom_fields` field
|
||||||
query(sprintf("ALTER TABLE `posts_%s` ADD `embed` TEXT NULL", $_board['uri'])) or error(db_error());
|
query(sprintf("ALTER TABLE `posts_%s` ADD `embed` TEXT NULL", $_board['uri'])) or error(db_error());
|
||||||
}
|
}
|
||||||
@ -76,7 +76,7 @@ if(file_exists($config['has_installed'])) {
|
|||||||
query("ALTER TABLE `mods` ADD `boards` TEXT NOT NULL") or error(db_error());
|
query("ALTER TABLE `mods` ADD `boards` TEXT NOT NULL") or error(db_error());
|
||||||
query("UPDATE `mods` SET `boards` = '*'") or error(db_error());
|
query("UPDATE `mods` SET `boards` = '*'") or error(db_error());
|
||||||
case 'v0.9.3-dev-2':
|
case 'v0.9.3-dev-2':
|
||||||
foreach($boards as &$_board) {
|
foreach ($boards as &$_board) {
|
||||||
query(sprintf("ALTER TABLE `posts_%s` CHANGE `filehash` `filehash` TEXT CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL", $_board['uri'])) or error(db_error());
|
query(sprintf("ALTER TABLE `posts_%s` CHANGE `filehash` `filehash` TEXT CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL", $_board['uri'])) or error(db_error());
|
||||||
}
|
}
|
||||||
case 'v0.9.3-dev-3':
|
case 'v0.9.3-dev-3':
|
||||||
@ -86,7 +86,7 @@ if(file_exists($config['has_installed'])) {
|
|||||||
// add ban ID
|
// add ban ID
|
||||||
query("ALTER TABLE `bans` ADD `id` INT NOT NULL AUTO_INCREMENT FIRST, ADD PRIMARY KEY ( `id` ), ADD UNIQUE (`id`)");
|
query("ALTER TABLE `bans` ADD `id` INT NOT NULL AUTO_INCREMENT FIRST, ADD PRIMARY KEY ( `id` ), ADD UNIQUE (`id`)");
|
||||||
case 'v0.9.3-dev-5':
|
case 'v0.9.3-dev-5':
|
||||||
foreach($boards as &$_board) {
|
foreach ($boards as &$_board) {
|
||||||
// Increase subject field size
|
// Increase subject field size
|
||||||
query(sprintf("ALTER TABLE `posts_%s` CHANGE `subject` `subject` VARCHAR( 100 ) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL", $_board['uri'])) or error(db_error());
|
query(sprintf("ALTER TABLE `posts_%s` CHANGE `subject` `subject` VARCHAR( 100 ) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL", $_board['uri'])) or error(db_error());
|
||||||
}
|
}
|
||||||
@ -95,23 +95,23 @@ if(file_exists($config['has_installed'])) {
|
|||||||
$tables = Array(
|
$tables = Array(
|
||||||
'bans', 'boards', 'ip_notes', 'modlogs', 'mods', 'mutes', 'noticeboard', 'pms', 'reports', 'robot', 'theme_settings', 'news'
|
'bans', 'boards', 'ip_notes', 'modlogs', 'mods', 'mutes', 'noticeboard', 'pms', 'reports', 'robot', 'theme_settings', 'news'
|
||||||
);
|
);
|
||||||
foreach($boards as &$board) {
|
foreach ($boards as &$board) {
|
||||||
$tables[] = "posts_{$board['uri']}";
|
$tables[] = "posts_{$board['uri']}";
|
||||||
}
|
}
|
||||||
|
|
||||||
foreach($tables as &$table) {
|
foreach ($tables as &$table) {
|
||||||
query("ALTER TABLE `{$table}` ENGINE = MYISAM DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci") or error(db_error());
|
query("ALTER TABLE `{$table}` ENGINE = MYISAM DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci") or error(db_error());
|
||||||
}
|
}
|
||||||
case 'v0.9.3-dev-7':
|
case 'v0.9.3-dev-7':
|
||||||
foreach($boards as &$board) {
|
foreach ($boards as &$board) {
|
||||||
query(sprintf("ALTER TABLE `posts_%s` CHANGE `filename` `filename` TEXT CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL", $board['uri'])) or error(db_error());
|
query(sprintf("ALTER TABLE `posts_%s` CHANGE `filename` `filename` TEXT CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL", $board['uri'])) or error(db_error());
|
||||||
}
|
}
|
||||||
case 'v0.9.3-dev-8':
|
case 'v0.9.3-dev-8':
|
||||||
foreach($boards as &$board) {
|
foreach ($boards as &$board) {
|
||||||
query(sprintf("ALTER TABLE `posts_%s` ADD INDEX ( `thread` )", $board['uri'])) or error(db_error());
|
query(sprintf("ALTER TABLE `posts_%s` ADD INDEX ( `thread` )", $board['uri'])) or error(db_error());
|
||||||
}
|
}
|
||||||
case 'v0.9.3-dev-9':
|
case 'v0.9.3-dev-9':
|
||||||
foreach($boards as &$board) {
|
foreach ($boards as &$board) {
|
||||||
query(sprintf("ALTER TABLE `posts_%s`ADD INDEX ( `time` )", $board['uri'])) or error(db_error());
|
query(sprintf("ALTER TABLE `posts_%s`ADD INDEX ( `time` )", $board['uri'])) or error(db_error());
|
||||||
query(sprintf("ALTER TABLE `posts_%s`ADD FULLTEXT (`body`)", $board['uri'])) or error(db_error());
|
query(sprintf("ALTER TABLE `posts_%s`ADD FULLTEXT (`body`)", $board['uri'])) or error(db_error());
|
||||||
}
|
}
|
||||||
@ -132,11 +132,11 @@ if(file_exists($config['has_installed'])) {
|
|||||||
query("ALTER TABLE `news` ADD INDEX (`time`)") or error(db_error());
|
query("ALTER TABLE `news` ADD INDEX (`time`)") or error(db_error());
|
||||||
query("ALTER TABLE `theme_settings` ADD INDEX (`theme`)") or error(db_error());
|
query("ALTER TABLE `theme_settings` ADD INDEX (`theme`)") or error(db_error());
|
||||||
case 'v0.9.4-dev-1':
|
case 'v0.9.4-dev-1':
|
||||||
foreach($boards as &$board) {
|
foreach ($boards as &$board) {
|
||||||
query(sprintf("ALTER TABLE `posts_%s` ADD `sage` INT( 1 ) NOT NULL AFTER `locked`", $board['uri'])) or error(db_error());
|
query(sprintf("ALTER TABLE `posts_%s` ADD `sage` INT( 1 ) NOT NULL AFTER `locked`", $board['uri'])) or error(db_error());
|
||||||
}
|
}
|
||||||
case 'v0.9.4-dev-2':
|
case 'v0.9.4-dev-2':
|
||||||
if(!isset($_GET['confirm'])) {
|
if (!isset($_GET['confirm'])) {
|
||||||
$page['title'] = 'License Change';
|
$page['title'] = 'License Change';
|
||||||
$page['body'] = '<p style="text-align:center">You are upgrading to a version which uses an amended license. The licenses included with Tinyboard distributions prior to this version (v0.9.4-dev-2) are still valid for those versions, but no longer apply to this and newer versions.</p>' .
|
$page['body'] = '<p style="text-align:center">You are upgrading to a version which uses an amended license. The licenses included with Tinyboard distributions prior to this version (v0.9.4-dev-2) are still valid for those versions, but no longer apply to this and newer versions.</p>' .
|
||||||
'<textarea style="width:700px;height:370px;margin:auto;display:block;background:white;color:black" disabled>' . htmlentities(file_get_contents('LICENSE.md')) . '</textarea>
|
'<textarea style="width:700px;height:370px;margin:auto;display:block;background:white;color:black" disabled>' . htmlentities(file_get_contents('LICENSE.md')) . '</textarea>
|
||||||
@ -151,14 +151,14 @@ if(file_exists($config['has_installed'])) {
|
|||||||
case 'v0.9.4-dev-3':
|
case 'v0.9.4-dev-3':
|
||||||
case 'v0.9.4-dev-4':
|
case 'v0.9.4-dev-4':
|
||||||
case 'v0.9.4':
|
case 'v0.9.4':
|
||||||
foreach($boards as &$board) {
|
foreach ($boards as &$board) {
|
||||||
query(sprintf("ALTER TABLE `posts_%s`
|
query(sprintf("ALTER TABLE `posts_%s`
|
||||||
CHANGE `subject` `subject` VARCHAR( 100 ) CHARACTER SET utf8 COLLATE utf8_general_ci NULL ,
|
CHANGE `subject` `subject` VARCHAR( 100 ) CHARACTER SET utf8 COLLATE utf8_general_ci NULL ,
|
||||||
CHANGE `email` `email` VARCHAR( 30 ) CHARACTER SET utf8 COLLATE utf8_general_ci NULL ,
|
CHANGE `email` `email` VARCHAR( 30 ) CHARACTER SET utf8 COLLATE utf8_general_ci NULL ,
|
||||||
CHANGE `name` `name` VARCHAR( 35 ) CHARACTER SET utf8 COLLATE utf8_general_ci NULL", $board['uri'])) or error(db_error());
|
CHANGE `name` `name` VARCHAR( 35 ) CHARACTER SET utf8 COLLATE utf8_general_ci NULL", $board['uri'])) or error(db_error());
|
||||||
}
|
}
|
||||||
case 'v0.9.5-dev-1':
|
case 'v0.9.5-dev-1':
|
||||||
foreach($boards as &$board) {
|
foreach ($boards as &$board) {
|
||||||
query(sprintf("ALTER TABLE `posts_%s` ADD `body_nomarkup` TEXT NULL AFTER `body`", $board['uri'])) or error(db_error());
|
query(sprintf("ALTER TABLE `posts_%s` ADD `body_nomarkup` TEXT NULL AFTER `body`", $board['uri'])) or error(db_error());
|
||||||
}
|
}
|
||||||
query("CREATE TABLE IF NOT EXISTS `cites` ( `board` varchar(8) NOT NULL, `post` int(11) NOT NULL, `target_board` varchar(8) NOT NULL, `target` int(11) NOT NULL, KEY `target` (`target_board`,`target`), KEY `post` (`board`,`post`)) ENGINE=MyISAM DEFAULT CHARSET=utf8;") or error(db_error());
|
query("CREATE TABLE IF NOT EXISTS `cites` ( `board` varchar(8) NOT NULL, `post` int(11) NOT NULL, `target_board` varchar(8) NOT NULL, `target` int(11) NOT NULL, KEY `target` (`target_board`,`target`), KEY `post` (`board`,`post`)) ENGINE=MyISAM DEFAULT CHARSET=utf8;") or error(db_error());
|
||||||
@ -192,7 +192,7 @@ if(file_exists($config['has_installed'])) {
|
|||||||
query("ALTER TABLE `bans` CHANGE `board` `board` VARCHAR( 120 ) NULL DEFAULT NULL") or error(db_error());
|
query("ALTER TABLE `bans` CHANGE `board` `board` VARCHAR( 120 ) NULL DEFAULT NULL") or error(db_error());
|
||||||
query("ALTER TABLE `reports` CHANGE `board` `board` VARCHAR( 120 ) NULL DEFAULT NULL") or error(db_error());
|
query("ALTER TABLE `reports` CHANGE `board` `board` VARCHAR( 120 ) NULL DEFAULT NULL") or error(db_error());
|
||||||
query("ALTER TABLE `modlogs` CHANGE `board` `board` VARCHAR( 120 ) NULL DEFAULT NULL") or error(db_error());
|
query("ALTER TABLE `modlogs` CHANGE `board` `board` VARCHAR( 120 ) NULL DEFAULT NULL") or error(db_error());
|
||||||
foreach($boards as $board) {
|
foreach ($boards as $board) {
|
||||||
$query = prepare("UPDATE `bans` SET `board` = :newboard WHERE `board` = :oldboard");
|
$query = prepare("UPDATE `bans` SET `board` = :newboard WHERE `board` = :oldboard");
|
||||||
$query->bindValue(':newboard', $board['uri']);
|
$query->bindValue(':newboard', $board['uri']);
|
||||||
$query->bindValue(':oldboard', $board['id']);
|
$query->bindValue(':oldboard', $board['id']);
|
||||||
@ -228,7 +228,7 @@ if(file_exists($config['has_installed'])) {
|
|||||||
die(Element('page.html', $page));
|
die(Element('page.html', $page));
|
||||||
}
|
}
|
||||||
|
|
||||||
if($step == 0) {
|
if ($step == 0) {
|
||||||
// Agreeement
|
// Agreeement
|
||||||
$page['body'] = '
|
$page['body'] = '
|
||||||
<textarea style="width:700px;height:370px;margin:auto;display:block;background:white;color:black" disabled>' . htmlentities(file_get_contents('LICENSE.md')) . '</textarea>
|
<textarea style="width:700px;height:370px;margin:auto;display:block;background:white;color:black" disabled>' . htmlentities(file_get_contents('LICENSE.md')) . '</textarea>
|
||||||
@ -237,7 +237,7 @@ if($step == 0) {
|
|||||||
</p>';
|
</p>';
|
||||||
|
|
||||||
echo Element('page.html', $page);
|
echo Element('page.html', $page);
|
||||||
} elseif($step == 1) {
|
} elseif ($step == 1) {
|
||||||
$page['title'] = 'Pre-installation test';
|
$page['title'] = 'Pre-installation test';
|
||||||
|
|
||||||
$page['body'] = '<table class="test">';
|
$page['body'] = '<table class="test">';
|
||||||
@ -250,7 +250,7 @@ if($step == 0) {
|
|||||||
|
|
||||||
function row($item, $result) {
|
function row($item, $result) {
|
||||||
global $page, $config, $__is_error;
|
global $page, $config, $__is_error;
|
||||||
if(!$result)
|
if (!$result)
|
||||||
$__is_error = true;
|
$__is_error = true;
|
||||||
$page['body'] .= '<tr><th>' . $item . '</th><td><img style="width:16px;height:16px" src="' . $config['dir']['static'] . ($result ? 'ok.png' : 'error.png') . '" /></td></tr>';
|
$page['body'] .= '<tr><th>' . $item . '</th><td><img style="width:16px;height:16px" src="' . $config['dir']['static'] . ($result ? 'ok.png' : 'error.png') . '" /></td></tr>';
|
||||||
}
|
}
|
||||||
@ -271,7 +271,7 @@ if($step == 0) {
|
|||||||
$drivers = PDO::getAvailableDrivers();
|
$drivers = PDO::getAvailableDrivers();
|
||||||
|
|
||||||
rheader('PDO drivers <em>(currently installed drivers)</em>');
|
rheader('PDO drivers <em>(currently installed drivers)</em>');
|
||||||
foreach($drivers as &$driver) {
|
foreach ($drivers as &$driver) {
|
||||||
row($driver, true);
|
row($driver, true);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -287,7 +287,7 @@ if($step == 0) {
|
|||||||
</p>';
|
</p>';
|
||||||
|
|
||||||
echo Element('page.html', $page);
|
echo Element('page.html', $page);
|
||||||
} elseif($step == 2) {
|
} elseif ($step == 2) {
|
||||||
// Basic config
|
// Basic config
|
||||||
$page['title'] = 'Configuration';
|
$page['title'] = 'Configuration';
|
||||||
|
|
||||||
@ -304,9 +304,9 @@ if($step == 0) {
|
|||||||
|
|
||||||
$drivers = PDO::getAvailableDrivers();
|
$drivers = PDO::getAvailableDrivers();
|
||||||
|
|
||||||
foreach($drivers as &$driver) {
|
foreach ($drivers as &$driver) {
|
||||||
$driver_txt = $driver;
|
$driver_txt = $driver;
|
||||||
switch($driver) {
|
switch ($driver) {
|
||||||
case 'cubrid':
|
case 'cubrid':
|
||||||
$driver_txt = 'Cubrid';
|
$driver_txt = 'Cubrid';
|
||||||
break;
|
break;
|
||||||
@ -449,7 +449,7 @@ if($step == 0) {
|
|||||||
|
|
||||||
|
|
||||||
echo Element('page.html', $page);
|
echo Element('page.html', $page);
|
||||||
} elseif($step == 3) {
|
} elseif ($step == 3) {
|
||||||
$instance_config =
|
$instance_config =
|
||||||
'<?php
|
'<?php
|
||||||
|
|
||||||
@ -464,15 +464,15 @@ if($step == 0) {
|
|||||||
';
|
';
|
||||||
|
|
||||||
function create_config_from_array(&$instance_config, &$array, $prefix = '') {
|
function create_config_from_array(&$instance_config, &$array, $prefix = '') {
|
||||||
foreach($array as $name => $value) {
|
foreach ($array as $name => $value) {
|
||||||
if(is_array($value)) {
|
if (is_array($value)) {
|
||||||
$instance_config .= "\n";
|
$instance_config .= "\n";
|
||||||
create_config_from_array($instance_config, $value, $prefix . '[\'' . addslashes($name) . '\']');
|
create_config_from_array($instance_config, $value, $prefix . '[\'' . addslashes($name) . '\']');
|
||||||
$instance_config .= "\n";
|
$instance_config .= "\n";
|
||||||
} else {
|
} else {
|
||||||
$instance_config .= ' $config' . $prefix . '[\'' . addslashes($name) . '\'] = ';
|
$instance_config .= ' $config' . $prefix . '[\'' . addslashes($name) . '\'] = ';
|
||||||
|
|
||||||
if(is_numeric($value))
|
if (is_numeric($value))
|
||||||
$instance_config .= $value;
|
$instance_config .= $value;
|
||||||
else
|
else
|
||||||
$instance_config .= "'" . addslashes($value) . "'";
|
$instance_config .= "'" . addslashes($value) . "'";
|
||||||
@ -486,7 +486,7 @@ if($step == 0) {
|
|||||||
|
|
||||||
$instance_config .= "\n";
|
$instance_config .= "\n";
|
||||||
|
|
||||||
if(@file_put_contents('inc/instance-config.php', $instance_config)) {
|
if (@file_put_contents('inc/instance-config.php', $instance_config)) {
|
||||||
header('Location: ?step=4', true, $config['redirect_http']);
|
header('Location: ?step=4', true, $config['redirect_http']);
|
||||||
} else {
|
} else {
|
||||||
$page['title'] = 'Manual installation required';
|
$page['title'] = 'Manual installation required';
|
||||||
@ -500,7 +500,7 @@ if($step == 0) {
|
|||||||
';
|
';
|
||||||
echo Element('page.html', $page);
|
echo Element('page.html', $page);
|
||||||
}
|
}
|
||||||
} elseif($step == 4) {
|
} elseif ($step == 4) {
|
||||||
// SQL installation
|
// SQL installation
|
||||||
|
|
||||||
buildJavascript();
|
buildJavascript();
|
||||||
@ -516,13 +516,13 @@ if($step == 0) {
|
|||||||
$queries[] = Element('posts.sql', Array('board' => 'b'));
|
$queries[] = Element('posts.sql', Array('board' => 'b'));
|
||||||
|
|
||||||
$sql_errors = '';
|
$sql_errors = '';
|
||||||
foreach($queries as &$query) {
|
foreach ($queries as &$query) {
|
||||||
if(!query($query))
|
if (!query($query))
|
||||||
$sql_errors .= '<li>' . db_error() . '</li>';
|
$sql_errors .= '<li>' . db_error() . '</li>';
|
||||||
}
|
}
|
||||||
|
|
||||||
$boards = listBoards();
|
$boards = listBoards();
|
||||||
foreach($boards as &$_board) {
|
foreach ($boards as &$_board) {
|
||||||
setupBoard($_board);
|
setupBoard($_board);
|
||||||
buildIndex();
|
buildIndex();
|
||||||
}
|
}
|
||||||
@ -530,22 +530,22 @@ if($step == 0) {
|
|||||||
$page['title'] = 'Installation complete';
|
$page['title'] = 'Installation complete';
|
||||||
$page['body'] = '<p style="text-align:center">Thank you for using Tinyboard. Please remember to report any bugs you discover. <a href="http://tinyboard.org/docs/?p=Config">How do I edit the config files?</a></p>';
|
$page['body'] = '<p style="text-align:center">Thank you for using Tinyboard. Please remember to report any bugs you discover. <a href="http://tinyboard.org/docs/?p=Config">How do I edit the config files?</a></p>';
|
||||||
|
|
||||||
if(!empty($sql_errors)) {
|
if (!empty($sql_errors)) {
|
||||||
$page['body'] .= '<div class="ban"><h2>SQL errors</h2><p>SQL errors were encountered when trying to install the database. This may be the result of using a database which is already occupied with a Tinyboard installation; if so, you can probably ignore this.</p><p>The errors encountered were:</p><ul>' . $sql_errors . '</ul><p><a href="?step=5">Ignore errors and complete installation.</a></p></div>';
|
$page['body'] .= '<div class="ban"><h2>SQL errors</h2><p>SQL errors were encountered when trying to install the database. This may be the result of using a database which is already occupied with a Tinyboard installation; if so, you can probably ignore this.</p><p>The errors encountered were:</p><ul>' . $sql_errors . '</ul><p><a href="?step=5">Ignore errors and complete installation.</a></p></div>';
|
||||||
} else {
|
} else {
|
||||||
file_write($config['has_installed'], VERSION);
|
file_write($config['has_installed'], VERSION);
|
||||||
if(!file_unlink(__FILE__)) {
|
if (!file_unlink(__FILE__)) {
|
||||||
$page['body'] .= '<div class="ban"><h2>Delete install.php!</h2><p>I couldn\'t remove <strong>install.php</strong>. You will have to remove it manually.</p></div>';
|
$page['body'] .= '<div class="ban"><h2>Delete install.php!</h2><p>I couldn\'t remove <strong>install.php</strong>. You will have to remove it manually.</p></div>';
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
echo Element('page.html', $page);
|
echo Element('page.html', $page);
|
||||||
} elseif($step == 5) {
|
} elseif ($step == 5) {
|
||||||
$page['title'] = 'Installation complete';
|
$page['title'] = 'Installation complete';
|
||||||
$page['body'] = '<p style="text-align:center">Thank you for using Tinyboard. Please remember to report any bugs you discover.</p>';
|
$page['body'] = '<p style="text-align:center">Thank you for using Tinyboard. Please remember to report any bugs you discover.</p>';
|
||||||
|
|
||||||
file_write($config['has_installed'], VERSION);
|
file_write($config['has_installed'], VERSION);
|
||||||
if(!file_unlink(__FILE__)) {
|
if (!file_unlink(__FILE__)) {
|
||||||
$page['body'] .= '<div class="ban"><h2>Delete install.php!</h2><p>I couldn\'t remove <strong>install.php</strong>. You will have to remove it manually.</p></div>';
|
$page['body'] .= '<div class="ban"><h2>Delete install.php!</h2><p>I couldn\'t remove <strong>install.php</strong>. You will have to remove it manually.</p></div>';
|
||||||
}
|
}
|
||||||
|
|
||||||
|
208
post.php
208
post.php
@ -17,20 +17,20 @@ if (get_magic_quotes_gpc()) {
|
|||||||
$_POST = strip_array($_POST);
|
$_POST = strip_array($_POST);
|
||||||
}
|
}
|
||||||
|
|
||||||
if(isset($_POST['delete'])) {
|
if (isset($_POST['delete'])) {
|
||||||
// Delete
|
// Delete
|
||||||
|
|
||||||
if(!isset($_POST['board'], $_POST['password']))
|
if (!isset($_POST['board'], $_POST['password']))
|
||||||
error($config['error']['bot']);
|
error($config['error']['bot']);
|
||||||
|
|
||||||
$password = &$_POST['password'];
|
$password = &$_POST['password'];
|
||||||
|
|
||||||
if($password == '')
|
if ($password == '')
|
||||||
error($config['error']['invalidpassword']);
|
error($config['error']['invalidpassword']);
|
||||||
|
|
||||||
$delete = array();
|
$delete = array();
|
||||||
foreach($_POST as $post => $value) {
|
foreach ($_POST as $post => $value) {
|
||||||
if(preg_match('/^delete_(\d+)$/', $post, $m)) {
|
if (preg_match('/^delete_(\d+)$/', $post, $m)) {
|
||||||
$delete[] = (int)$m[1];
|
$delete[] = (int)$m[1];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -38,29 +38,29 @@ if(isset($_POST['delete'])) {
|
|||||||
checkDNSBL();
|
checkDNSBL();
|
||||||
|
|
||||||
// Check if board exists
|
// Check if board exists
|
||||||
if(!openBoard($_POST['board']))
|
if (!openBoard($_POST['board']))
|
||||||
error($config['error']['noboard']);
|
error($config['error']['noboard']);
|
||||||
|
|
||||||
// Check if banned
|
// Check if banned
|
||||||
checkBan($board['uri']);
|
checkBan($board['uri']);
|
||||||
|
|
||||||
if(empty($delete))
|
if (empty($delete))
|
||||||
error($config['error']['nodelete']);
|
error($config['error']['nodelete']);
|
||||||
|
|
||||||
foreach($delete as &$id) {
|
foreach ($delete as &$id) {
|
||||||
$query = prepare(sprintf("SELECT `thread`, `time`,`password` FROM `posts_%s` WHERE `id` = :id", $board['uri']));
|
$query = prepare(sprintf("SELECT `thread`, `time`,`password` FROM `posts_%s` WHERE `id` = :id", $board['uri']));
|
||||||
$query->bindValue(':id', $id, PDO::PARAM_INT);
|
$query->bindValue(':id', $id, PDO::PARAM_INT);
|
||||||
$query->execute() or error(db_error($query));
|
$query->execute() or error(db_error($query));
|
||||||
|
|
||||||
if($post = $query->fetch()) {
|
if ($post = $query->fetch()) {
|
||||||
if($password != '' && $post['password'] != $password)
|
if ($password != '' && $post['password'] != $password)
|
||||||
error($config['error']['invalidpassword']);
|
error($config['error']['invalidpassword']);
|
||||||
|
|
||||||
if($post['time'] >= time() - $config['delete_time']) {
|
if ($post['time'] >= time() - $config['delete_time']) {
|
||||||
error(sprintf($config['error']['delete_too_soon'], until($post['time'] + $config['delete_time'])));
|
error(sprintf($config['error']['delete_too_soon'], until($post['time'] + $config['delete_time'])));
|
||||||
}
|
}
|
||||||
|
|
||||||
if(isset($_POST['file'])) {
|
if (isset($_POST['file'])) {
|
||||||
// Delete just the file
|
// Delete just the file
|
||||||
deleteFile($id);
|
deleteFile($id);
|
||||||
} else {
|
} else {
|
||||||
@ -81,13 +81,13 @@ if(isset($_POST['delete'])) {
|
|||||||
|
|
||||||
header('Location: ' . $root . $board['dir'] . $config['file_index'], true, $config['redirect_http']);
|
header('Location: ' . $root . $board['dir'] . $config['file_index'], true, $config['redirect_http']);
|
||||||
|
|
||||||
} elseif(isset($_POST['report'])) {
|
} elseif (isset($_POST['report'])) {
|
||||||
if(!isset($_POST['board'], $_POST['password'], $_POST['reason']))
|
if (!isset($_POST['board'], $_POST['password'], $_POST['reason']))
|
||||||
error($config['error']['bot']);
|
error($config['error']['bot']);
|
||||||
|
|
||||||
$report = array();
|
$report = array();
|
||||||
foreach($_POST as $post => $value) {
|
foreach ($_POST as $post => $value) {
|
||||||
if(preg_match('/^delete_(\d+)$/', $post, $m)) {
|
if (preg_match('/^delete_(\d+)$/', $post, $m)) {
|
||||||
$report[] = (int)$m[1];
|
$report[] = (int)$m[1];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -95,30 +95,30 @@ if(isset($_POST['delete'])) {
|
|||||||
checkDNSBL();
|
checkDNSBL();
|
||||||
|
|
||||||
// Check if board exists
|
// Check if board exists
|
||||||
if(!openBoard($_POST['board']))
|
if (!openBoard($_POST['board']))
|
||||||
error($config['error']['noboard']);
|
error($config['error']['noboard']);
|
||||||
|
|
||||||
// Check if banned
|
// Check if banned
|
||||||
checkBan($board['uri']);
|
checkBan($board['uri']);
|
||||||
|
|
||||||
if(empty($report))
|
if (empty($report))
|
||||||
error($config['error']['noreport']);
|
error($config['error']['noreport']);
|
||||||
|
|
||||||
if(count($report) > $config['report_limit'])
|
if (count($report) > $config['report_limit'])
|
||||||
error($config['error']['toomanyreports']);
|
error($config['error']['toomanyreports']);
|
||||||
|
|
||||||
$reason = &$_POST['reason'];
|
$reason = &$_POST['reason'];
|
||||||
markup($reason);
|
markup($reason);
|
||||||
|
|
||||||
foreach($report as &$id) {
|
foreach ($report as &$id) {
|
||||||
$query = prepare(sprintf("SELECT `thread` FROM `posts_%s` WHERE `id` = :id", $board['uri']));
|
$query = prepare(sprintf("SELECT `thread` FROM `posts_%s` WHERE `id` = :id", $board['uri']));
|
||||||
$query->bindValue(':id', $id, PDO::PARAM_INT);
|
$query->bindValue(':id', $id, PDO::PARAM_INT);
|
||||||
$query->execute() or error(db_error($query));
|
$query->execute() or error(db_error($query));
|
||||||
|
|
||||||
$post = $query->fetch();
|
$post = $query->fetch();
|
||||||
|
|
||||||
if($post) {
|
if ($post) {
|
||||||
if($config['syslog'])
|
if ($config['syslog'])
|
||||||
_syslog(LOG_INFO, 'Reported post: ' .
|
_syslog(LOG_INFO, 'Reported post: ' .
|
||||||
'/' . $board['dir'] . $config['dir']['res'] . sprintf($config['file_page'], $post['thread'] ? $post['thread'] : $id) . ($post['thread'] ? '#' . $id : '') .
|
'/' . $board['dir'] . $config['dir']['res'] . sprintf($config['file_page'], $post['thread'] ? $post['thread'] : $id) . ($post['thread'] ? '#' . $id : '') .
|
||||||
' for "' . $reason . '"'
|
' for "' . $reason . '"'
|
||||||
@ -137,65 +137,65 @@ if(isset($_POST['delete'])) {
|
|||||||
$root = $is_mod ? $config['root'] . $config['file_mod'] . '?/' : $config['root'];
|
$root = $is_mod ? $config['root'] . $config['file_mod'] . '?/' : $config['root'];
|
||||||
|
|
||||||
header('Location: ' . $root . $board['dir'] . $config['file_index'], true, $config['redirect_http']);
|
header('Location: ' . $root . $board['dir'] . $config['file_index'], true, $config['redirect_http']);
|
||||||
} elseif(isset($_POST['post'])) {
|
} elseif (isset($_POST['post'])) {
|
||||||
|
|
||||||
if(!isset($_POST['subject'], $_POST['body'], $_POST['board']))
|
if (!isset($_POST['subject'], $_POST['body'], $_POST['board']))
|
||||||
error($config['error']['bot']);
|
error($config['error']['bot']);
|
||||||
|
|
||||||
if(!isset($_POST['name']))
|
if (!isset($_POST['name']))
|
||||||
$_POST['name'] = $config['anonymous'];
|
$_POST['name'] = $config['anonymous'];
|
||||||
|
|
||||||
if(!isset($_POST['email']))
|
if (!isset($_POST['email']))
|
||||||
$_POST['email'] = '';
|
$_POST['email'] = '';
|
||||||
|
|
||||||
if(!isset($_POST['password']))
|
if (!isset($_POST['password']))
|
||||||
$_POST['password'] = '';
|
$_POST['password'] = '';
|
||||||
|
|
||||||
$post = array('board' => $_POST['board']);
|
$post = array('board' => $_POST['board']);
|
||||||
|
|
||||||
if(isset($_POST['thread'])) {
|
if (isset($_POST['thread'])) {
|
||||||
$post['op'] = false;
|
$post['op'] = false;
|
||||||
$post['thread'] = round($_POST['thread']);
|
$post['thread'] = round($_POST['thread']);
|
||||||
} elseif($config['quick_reply'] && isset($_POST['quick-reply'])) {
|
} elseif ($config['quick_reply'] && isset($_POST['quick-reply'])) {
|
||||||
$post['op'] = false;
|
$post['op'] = false;
|
||||||
$post['thread'] = round($_POST['quick-reply']);
|
$post['thread'] = round($_POST['quick-reply']);
|
||||||
} else
|
} else
|
||||||
$post['op'] = true;
|
$post['op'] = true;
|
||||||
|
|
||||||
if(!(($post['op'] && $_POST['post'] == $config['button_newtopic']) ||
|
if (!(($post['op'] && $_POST['post'] == $config['button_newtopic']) ||
|
||||||
(!$post['op'] && $_POST['post'] == $config['button_reply'])))
|
(!$post['op'] && $_POST['post'] == $config['button_reply'])))
|
||||||
error($config['error']['bot']);
|
error($config['error']['bot']);
|
||||||
|
|
||||||
// Check the referrer
|
// Check the referrer
|
||||||
if(!isset($_SERVER['HTTP_REFERER']) || !preg_match($config['referer_match'], $_SERVER['HTTP_REFERER']))
|
if (!isset($_SERVER['HTTP_REFERER']) || !preg_match($config['referer_match'], $_SERVER['HTTP_REFERER']))
|
||||||
error($config['error']['referer']);
|
error($config['error']['referer']);
|
||||||
|
|
||||||
checkDNSBL();
|
checkDNSBL();
|
||||||
|
|
||||||
// Check if board exists
|
// Check if board exists
|
||||||
if(!openBoard($post['board']))
|
if (!openBoard($post['board']))
|
||||||
error($config['error']['noboard']);
|
error($config['error']['noboard']);
|
||||||
|
|
||||||
// Check if banned
|
// Check if banned
|
||||||
checkBan($board['uri']);
|
checkBan($board['uri']);
|
||||||
|
|
||||||
// Check for CAPTCHA right after opening the board so the "return" link is in there
|
// Check for CAPTCHA right after opening the board so the "return" link is in there
|
||||||
if($config['recaptcha']) {
|
if ($config['recaptcha']) {
|
||||||
if(!isset($_POST['recaptcha_challenge_field']) || !isset($_POST['recaptcha_response_field']))
|
if (!isset($_POST['recaptcha_challenge_field']) || !isset($_POST['recaptcha_response_field']))
|
||||||
error($config['error']['bot']);
|
error($config['error']['bot']);
|
||||||
// Check what reCAPTCHA has to say...
|
// Check what reCAPTCHA has to say...
|
||||||
$resp = recaptcha_check_answer($config['recaptcha_private'],
|
$resp = recaptcha_check_answer($config['recaptcha_private'],
|
||||||
$_SERVER['REMOTE_ADDR'],
|
$_SERVER['REMOTE_ADDR'],
|
||||||
$_POST['recaptcha_challenge_field'],
|
$_POST['recaptcha_challenge_field'],
|
||||||
$_POST['recaptcha_response_field']);
|
$_POST['recaptcha_response_field']);
|
||||||
if(!$resp->is_valid) {
|
if (!$resp->is_valid) {
|
||||||
error($config['error']['captcha']);
|
error($config['error']['captcha']);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if($post['mod'] = isset($_POST['mod']) && $_POST['mod']) {
|
if ($post['mod'] = isset($_POST['mod']) && $_POST['mod']) {
|
||||||
require 'inc/mod.php';
|
require 'inc/mod.php';
|
||||||
if(!$mod) {
|
if (!$mod) {
|
||||||
// Liar. You're not a mod.
|
// Liar. You're not a mod.
|
||||||
error($config['error']['notamod']);
|
error($config['error']['notamod']);
|
||||||
}
|
}
|
||||||
@ -204,28 +204,28 @@ if(isset($_POST['delete'])) {
|
|||||||
$post['locked'] = $post['op'] && isset($_POST['lock']);
|
$post['locked'] = $post['op'] && isset($_POST['lock']);
|
||||||
$post['raw'] = isset($_POST['raw']);
|
$post['raw'] = isset($_POST['raw']);
|
||||||
|
|
||||||
if($post['sticky'] && !hasPermission($config['mod']['sticky'], $board['uri']))
|
if ($post['sticky'] && !hasPermission($config['mod']['sticky'], $board['uri']))
|
||||||
error($config['error']['noaccess']);
|
error($config['error']['noaccess']);
|
||||||
if($post['locked'] && !hasPermission($config['mod']['lock'], $board['uri']))
|
if ($post['locked'] && !hasPermission($config['mod']['lock'], $board['uri']))
|
||||||
error($config['error']['noaccess']);
|
error($config['error']['noaccess']);
|
||||||
if($post['raw'] && !hasPermission($config['mod']['rawhtml'], $board['uri']))
|
if ($post['raw'] && !hasPermission($config['mod']['rawhtml'], $board['uri']))
|
||||||
error($config['error']['noaccess']);
|
error($config['error']['noaccess']);
|
||||||
}
|
}
|
||||||
|
|
||||||
if(!$post['mod'] && checkSpam(array($board['uri'], isset($post['thread']) && !($config['quick_reply'] && isset($_POST['quick-reply'])) ? $post['thread'] : null)))
|
if (!$post['mod'] && checkSpam(array($board['uri'], isset($post['thread']) && !($config['quick_reply'] && isset($_POST['quick-reply'])) ? $post['thread'] : null)))
|
||||||
error($config['error']['spam']);
|
error($config['error']['spam']);
|
||||||
|
|
||||||
if($config['robot_enable'] && $config['robot_mute']) {
|
if ($config['robot_enable'] && $config['robot_mute']) {
|
||||||
checkMute();
|
checkMute();
|
||||||
}
|
}
|
||||||
|
|
||||||
//Check if thread exists
|
//Check if thread exists
|
||||||
if(!$post['op']) {
|
if (!$post['op']) {
|
||||||
$query = prepare(sprintf("SELECT `sticky`,`locked`,`sage` FROM `posts_%s` WHERE `id` = :id AND `thread` IS NULL LIMIT 1", $board['uri']));
|
$query = prepare(sprintf("SELECT `sticky`,`locked`,`sage` FROM `posts_%s` WHERE `id` = :id AND `thread` IS NULL LIMIT 1", $board['uri']));
|
||||||
$query->bindValue(':id', $post['thread'], PDO::PARAM_INT);
|
$query->bindValue(':id', $post['thread'], PDO::PARAM_INT);
|
||||||
$query->execute() or error(db_error());
|
$query->execute() or error(db_error());
|
||||||
|
|
||||||
if(!$thread = $query->fetch()) {
|
if (!$thread = $query->fetch()) {
|
||||||
// Non-existant
|
// Non-existant
|
||||||
error($config['error']['nonexistant']);
|
error($config['error']['nonexistant']);
|
||||||
}
|
}
|
||||||
@ -233,12 +233,12 @@ if(isset($_POST['delete'])) {
|
|||||||
|
|
||||||
|
|
||||||
// Check for an embed field
|
// Check for an embed field
|
||||||
if($config['enable_embedding'] && isset($_POST['embed']) && !empty($_POST['embed'])) {
|
if ($config['enable_embedding'] && isset($_POST['embed']) && !empty($_POST['embed'])) {
|
||||||
// yep; validate it
|
// yep; validate it
|
||||||
$value = $_POST['embed'];
|
$value = $_POST['embed'];
|
||||||
foreach($config['embedding'] as &$embed) {
|
foreach ($config['embedding'] as &$embed) {
|
||||||
if($html = preg_replace($embed[0], $embed[1], $value)) {
|
if ($html = preg_replace($embed[0], $embed[1], $value)) {
|
||||||
if($html == $value) {
|
if ($html == $value) {
|
||||||
// Nope.
|
// Nope.
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
@ -254,25 +254,25 @@ if(isset($_POST['delete'])) {
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if(!isset($post['embed'])) {
|
if (!isset($post['embed'])) {
|
||||||
error($config['error']['invalid_embed']);
|
error($config['error']['invalid_embed']);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if(!hasPermission($config['mod']['bypass_field_disable'], $board['uri'])) {
|
if (!hasPermission($config['mod']['bypass_field_disable'], $board['uri'])) {
|
||||||
if($config['field_disable_name'])
|
if ($config['field_disable_name'])
|
||||||
$_POST['name'] = $config['anonymous']; // "forced anonymous"
|
$_POST['name'] = $config['anonymous']; // "forced anonymous"
|
||||||
|
|
||||||
if($config['field_disable_email'])
|
if ($config['field_disable_email'])
|
||||||
$_POST['email'] = '';
|
$_POST['email'] = '';
|
||||||
|
|
||||||
if($config['field_disable_password'])
|
if ($config['field_disable_password'])
|
||||||
$_POST['password'] = '';
|
$_POST['password'] = '';
|
||||||
}
|
}
|
||||||
|
|
||||||
// Check for a file
|
// Check for a file
|
||||||
if($post['op'] && !isset($post['no_longer_require_an_image_for_op'])) {
|
if ($post['op'] && !isset($post['no_longer_require_an_image_for_op'])) {
|
||||||
if(!isset($_FILES['file']['tmp_name']) || $_FILES['file']['tmp_name'] == '' && $config['force_image_op'])
|
if (!isset($_FILES['file']['tmp_name']) || $_FILES['file']['tmp_name'] == '' && $config['force_image_op'])
|
||||||
error($config['error']['noimage']);
|
error($config['error']['noimage']);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -283,26 +283,26 @@ if(isset($_POST['delete'])) {
|
|||||||
$post['password'] = $_POST['password'];
|
$post['password'] = $_POST['password'];
|
||||||
$post['has_file'] = !isset($post['embed']) && (($post['op'] && !isset($post['no_longer_require_an_image_for_op']) && $config['force_image_op']) || (isset($_FILES['file']) && $_FILES['file']['tmp_name'] != ''));
|
$post['has_file'] = !isset($post['embed']) && (($post['op'] && !isset($post['no_longer_require_an_image_for_op']) && $config['force_image_op']) || (isset($_FILES['file']) && $_FILES['file']['tmp_name'] != ''));
|
||||||
|
|
||||||
if($post['has_file'])
|
if ($post['has_file'])
|
||||||
$post['filename'] = utf8tohtml(get_magic_quotes_gpc() ? stripslashes($_FILES['file']['name']) : $_FILES['file']['name']);
|
$post['filename'] = utf8tohtml(get_magic_quotes_gpc() ? stripslashes($_FILES['file']['name']) : $_FILES['file']['name']);
|
||||||
|
|
||||||
if(!($post['has_file'] || isset($post['embed'])) || (($post['op'] && $config['force_body_op']) || (!$post['op'] && $config['force_body']))) {
|
if (!($post['has_file'] || isset($post['embed'])) || (($post['op'] && $config['force_body_op']) || (!$post['op'] && $config['force_body']))) {
|
||||||
$stripped_whitespace = preg_replace('/[\s]/u', '', $post['body']);
|
$stripped_whitespace = preg_replace('/[\s]/u', '', $post['body']);
|
||||||
if($stripped_whitespace == '') {
|
if ($stripped_whitespace == '') {
|
||||||
error($config['error']['tooshort_body']);
|
error($config['error']['tooshort_body']);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// Check if thread is locked
|
// Check if thread is locked
|
||||||
// but allow mods to post
|
// but allow mods to post
|
||||||
if(!$post['op'] && !hasPermission($config['mod']['postinlocked'], $board['uri'])) {
|
if (!$post['op'] && !hasPermission($config['mod']['postinlocked'], $board['uri'])) {
|
||||||
if($thread['locked'])
|
if ($thread['locked'])
|
||||||
error($config['error']['locked']);
|
error($config['error']['locked']);
|
||||||
}
|
}
|
||||||
|
|
||||||
if($post['has_file']) {
|
if ($post['has_file']) {
|
||||||
$size = $_FILES['file']['size'];
|
$size = $_FILES['file']['size'];
|
||||||
if($size > $config['max_filesize'])
|
if ($size > $config['max_filesize'])
|
||||||
error(sprintf3($config['error']['filesize'], array(
|
error(sprintf3($config['error']['filesize'], array(
|
||||||
'sz' => number_format($size),
|
'sz' => number_format($size),
|
||||||
'filesz' => number_format($size),
|
'filesz' => number_format($size),
|
||||||
@ -310,8 +310,8 @@ if(isset($_POST['delete'])) {
|
|||||||
)));
|
)));
|
||||||
}
|
}
|
||||||
|
|
||||||
if($mod && $mod['type'] >= MOD && preg_match('/^((.+) )?## (.+)$/', $post['name'], $match)) {
|
if ($mod && $mod['type'] >= MOD && preg_match('/^((.+) )?## (.+)$/', $post['name'], $match)) {
|
||||||
if(($mod['type'] == MOD && $match[3] == 'Mod') || $mod['type'] >= ADMIN) {
|
if (($mod['type'] == MOD && $match[3] == 'Mod') || $mod['type'] >= ADMIN) {
|
||||||
$post['capcode'] = utf8tohtml($match[3]);
|
$post['capcode'] = utf8tohtml($match[3]);
|
||||||
$post['name'] = $match[2] != '' ? $match[2] : $config['anonymous'];
|
$post['name'] = $match[2] != '' ? $match[2] : $config['anonymous'];
|
||||||
}
|
}
|
||||||
@ -323,14 +323,14 @@ if(isset($_POST['delete'])) {
|
|||||||
$post['name'] = $trip[0];
|
$post['name'] = $trip[0];
|
||||||
$post['trip'] = isset($trip[1]) ? $trip[1] : '';
|
$post['trip'] = isset($trip[1]) ? $trip[1] : '';
|
||||||
|
|
||||||
if(strtolower($post['email']) == 'noko') {
|
if (strtolower($post['email']) == 'noko') {
|
||||||
$noko = true;
|
$noko = true;
|
||||||
$post['email'] = '';
|
$post['email'] = '';
|
||||||
} else $noko = false;
|
} else $noko = false;
|
||||||
|
|
||||||
if($post['has_file']) {
|
if ($post['has_file']) {
|
||||||
$post['extension'] = strtolower(substr($post['filename'], strrpos($post['filename'], '.') + 1));
|
$post['extension'] = strtolower(substr($post['filename'], strrpos($post['filename'], '.') + 1));
|
||||||
if(isset($config['filename_func']))
|
if (isset($config['filename_func']))
|
||||||
$post['file_id'] = $config['filename_func']($post);
|
$post['file_id'] = $config['filename_func']($post);
|
||||||
else
|
else
|
||||||
$post['file_id'] = time() . substr(microtime(), 2, 3);
|
$post['file_id'] = time() . substr(microtime(), 2, 3);
|
||||||
@ -340,26 +340,26 @@ if(isset($_POST['delete'])) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Check string lengths
|
// Check string lengths
|
||||||
if(mb_strlen($post['name']) > 35)
|
if (mb_strlen($post['name']) > 35)
|
||||||
error(sprintf($config['error']['toolong'], 'name'));
|
error(sprintf($config['error']['toolong'], 'name'));
|
||||||
if(mb_strlen($post['email']) > 40)
|
if (mb_strlen($post['email']) > 40)
|
||||||
error(sprintf($config['error']['toolong'], 'email'));
|
error(sprintf($config['error']['toolong'], 'email'));
|
||||||
if(mb_strlen($post['subject']) > 100)
|
if (mb_strlen($post['subject']) > 100)
|
||||||
error(sprintf($config['error']['toolong'], 'subject'));
|
error(sprintf($config['error']['toolong'], 'subject'));
|
||||||
if(!$mod && mb_strlen($post['body']) > $config['max_body'])
|
if (!$mod && mb_strlen($post['body']) > $config['max_body'])
|
||||||
error($config['error']['toolong_body']);
|
error($config['error']['toolong_body']);
|
||||||
if(mb_strlen($post['password']) > 20)
|
if (mb_strlen($post['password']) > 20)
|
||||||
error(sprintf($config['error']['toolong'], 'password'));
|
error(sprintf($config['error']['toolong'], 'password'));
|
||||||
|
|
||||||
wordfilters($post['body']);
|
wordfilters($post['body']);
|
||||||
|
|
||||||
$post['body_nomarkup'] = $post['body'];
|
$post['body_nomarkup'] = $post['body'];
|
||||||
|
|
||||||
if(!($mod && isset($post['raw']) && $post['raw']))
|
if (!($mod && isset($post['raw']) && $post['raw']))
|
||||||
$post['tracked_cites'] = markup($post['body'], true);
|
$post['tracked_cites'] = markup($post['body'], true);
|
||||||
|
|
||||||
// Check for a flood
|
// Check for a flood
|
||||||
if(!hasPermission($config['mod']['flood'], $board['uri']) && checkFlood($post)) {
|
if (!hasPermission($config['mod']['flood'], $board['uri']) && checkFlood($post)) {
|
||||||
error($config['error']['flood']);
|
error($config['error']['flood']);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -367,8 +367,8 @@ if(isset($_POST['delete'])) {
|
|||||||
|
|
||||||
do_filters($post);
|
do_filters($post);
|
||||||
|
|
||||||
if($post['has_file']) {
|
if ($post['has_file']) {
|
||||||
if(!in_array($post['extension'], $config['allowed_ext']) && !in_array($post['extension'], $config['allowed_ext_files']))
|
if (!in_array($post['extension'], $config['allowed_ext']) && !in_array($post['extension'], $config['allowed_ext_files']))
|
||||||
error($config['error']['unknownext']);
|
error($config['error']['unknownext']);
|
||||||
|
|
||||||
$is_an_image = !in_array($post['extension'], $config['allowed_ext_files']);
|
$is_an_image = !in_array($post['extension'], $config['allowed_ext_files']);
|
||||||
@ -378,23 +378,23 @@ if(isset($_POST['delete'])) {
|
|||||||
|
|
||||||
$upload = $_FILES['file']['tmp_name'];
|
$upload = $_FILES['file']['tmp_name'];
|
||||||
|
|
||||||
if(!is_readable($upload))
|
if (!is_readable($upload))
|
||||||
error($config['error']['nomove']);
|
error($config['error']['nomove']);
|
||||||
|
|
||||||
$post['filehash'] = $config['file_hash']($upload);
|
$post['filehash'] = $config['file_hash']($upload);
|
||||||
$post['filesize'] = filesize($upload);
|
$post['filesize'] = filesize($upload);
|
||||||
|
|
||||||
if($is_an_image) {
|
if ($is_an_image) {
|
||||||
// Check IE MIME type detection XSS exploit
|
// Check IE MIME type detection XSS exploit
|
||||||
$buffer = file_get_contents($upload, null, null, null, 255);
|
$buffer = file_get_contents($upload, null, null, null, 255);
|
||||||
if(preg_match($config['ie_mime_type_detection'], $buffer)) {
|
if (preg_match($config['ie_mime_type_detection'], $buffer)) {
|
||||||
undoImage($post);
|
undoImage($post);
|
||||||
error($config['error']['mime_exploit']);
|
error($config['error']['mime_exploit']);
|
||||||
}
|
}
|
||||||
|
|
||||||
require_once 'inc/image.php';
|
require_once 'inc/image.php';
|
||||||
|
|
||||||
if($config['thumb_method'] == 'imagick') {
|
if ($config['thumb_method'] == 'imagick') {
|
||||||
// This is tricky, because Imagick won't let us find
|
// This is tricky, because Imagick won't let us find
|
||||||
// an image's dimensions without loading it all into
|
// an image's dimensions without loading it all into
|
||||||
// memory first, unlike GD which provides the
|
// memory first, unlike GD which provides the
|
||||||
@ -405,8 +405,8 @@ if(isset($_POST['delete'])) {
|
|||||||
// PHP's memory limit.
|
// PHP's memory limit.
|
||||||
|
|
||||||
// first try GD's getimagesize()
|
// first try GD's getimagesize()
|
||||||
if($size = @getimagesize($upload)) {
|
if ($size = @getimagesize($upload)) {
|
||||||
if($size[0] > $config['max_width'] || $size[1] > $config['max_height']) {
|
if ($size[0] > $config['max_width'] || $size[1] > $config['max_height']) {
|
||||||
|
|
||||||
error($config['error']['maxsize']);
|
error($config['error']['maxsize']);
|
||||||
}
|
}
|
||||||
@ -416,10 +416,10 @@ if(isset($_POST['delete'])) {
|
|||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
// find dimensions of an image using GD
|
// find dimensions of an image using GD
|
||||||
if(!$size = @getimagesize($upload)) {
|
if (!$size = @getimagesize($upload)) {
|
||||||
error($config['error']['invalidimg']);
|
error($config['error']['invalidimg']);
|
||||||
}
|
}
|
||||||
if($size[0] > $config['max_width'] || $size[1] > $config['max_height']) {
|
if ($size[0] > $config['max_width'] || $size[1] > $config['max_height']) {
|
||||||
error($config['error']['maxsize']);
|
error($config['error']['maxsize']);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -427,7 +427,7 @@ if(isset($_POST['delete'])) {
|
|||||||
// create image object
|
// create image object
|
||||||
$image = new Image($upload, $post['extension']);
|
$image = new Image($upload, $post['extension']);
|
||||||
|
|
||||||
if($image->size->width > $config['max_width'] || $image->size->height > $config['max_height']) {
|
if ($image->size->width > $config['max_width'] || $image->size->height > $config['max_height']) {
|
||||||
$image->delete();
|
$image->delete();
|
||||||
error($config['error']['maxsize']);
|
error($config['error']['maxsize']);
|
||||||
}
|
}
|
||||||
@ -435,13 +435,13 @@ if(isset($_POST['delete'])) {
|
|||||||
$post['width'] = $image->size->width;
|
$post['width'] = $image->size->width;
|
||||||
$post['height'] = $image->size->height;
|
$post['height'] = $image->size->height;
|
||||||
|
|
||||||
if($config['spoiler_images'] && isset($_POST['spoiler'])) {
|
if ($config['spoiler_images'] && isset($_POST['spoiler'])) {
|
||||||
$post['thumb'] = 'spoiler';
|
$post['thumb'] = 'spoiler';
|
||||||
|
|
||||||
$size = @getimagesize($config['spoiler_image']);
|
$size = @getimagesize($config['spoiler_image']);
|
||||||
$post['thumbwidth'] = $size[0];
|
$post['thumbwidth'] = $size[0];
|
||||||
$post['thumbheight'] = $size[1];
|
$post['thumbheight'] = $size[1];
|
||||||
} elseif($config['minimum_copy_resize'] &&
|
} elseif ($config['minimum_copy_resize'] &&
|
||||||
$image->size->width <= $config['thumb_width'] &&
|
$image->size->width <= $config['thumb_width'] &&
|
||||||
$image->size->height <= $config['thumb_height'] &&
|
$image->size->height <= $config['thumb_height'] &&
|
||||||
$post['extension'] == ($config['thumb_ext'] ? $config['thumb_ext'] : $post['extension'])) {
|
$post['extension'] == ($config['thumb_ext'] ? $config['thumb_ext'] : $post['extension'])) {
|
||||||
@ -466,10 +466,10 @@ if(isset($_POST['delete'])) {
|
|||||||
$thumb->_destroy();
|
$thumb->_destroy();
|
||||||
}
|
}
|
||||||
|
|
||||||
if($config['redraw_image']) {
|
if ($config['redraw_image']) {
|
||||||
$image->to($post['file']);
|
$image->to($post['file']);
|
||||||
} else {
|
} else {
|
||||||
if(!@move_uploaded_file($_FILES['file']['tmp_name'], $post['file']))
|
if (!@move_uploaded_file($_FILES['file']['tmp_name'], $post['file']))
|
||||||
error($config['error']['nomove']);
|
error($config['error']['nomove']);
|
||||||
}
|
}
|
||||||
$image->destroy();
|
$image->destroy();
|
||||||
@ -485,7 +485,7 @@ if(isset($_POST['delete'])) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if($post['has_file'] && $config['image_reject_repost'] && $p = getPostByHash($post['filehash'])) {
|
if ($post['has_file'] && $config['image_reject_repost'] && $p = getPostByHash($post['filehash'])) {
|
||||||
undoImage($post);
|
undoImage($post);
|
||||||
error(sprintf($config['error']['fileexists'],
|
error(sprintf($config['error']['fileexists'],
|
||||||
$post['mod'] ? $config['root'] . $config['file_mod'] . '?/' : $config['root'] .
|
$post['mod'] ? $config['root'] . $config['file_mod'] . '?/' : $config['root'] .
|
||||||
@ -498,9 +498,9 @@ if(isset($_POST['delete'])) {
|
|||||||
));
|
));
|
||||||
}
|
}
|
||||||
|
|
||||||
if(!hasPermission($config['mod']['postunoriginal'], $board['uri']) && $config['robot_enable'] && checkRobot($post['body_nomarkup'])) {
|
if (!hasPermission($config['mod']['postunoriginal'], $board['uri']) && $config['robot_enable'] && checkRobot($post['body_nomarkup'])) {
|
||||||
undoImage($post);
|
undoImage($post);
|
||||||
if($config['robot_mute']) {
|
if ($config['robot_mute']) {
|
||||||
error(sprintf($config['error']['muted'], mute()));
|
error(sprintf($config['error']['muted'], mute()));
|
||||||
} else {
|
} else {
|
||||||
error($config['error']['unoriginal']);
|
error($config['error']['unoriginal']);
|
||||||
@ -508,15 +508,15 @@ if(isset($_POST['delete'])) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Remove board directories before inserting them into the database.
|
// Remove board directories before inserting them into the database.
|
||||||
if($post['has_file']) {
|
if ($post['has_file']) {
|
||||||
$post['file_path'] = $post['file'];
|
$post['file_path'] = $post['file'];
|
||||||
$post['file'] = substr_replace($post['file'], '', 0, mb_strlen($board['dir'] . $config['dir']['img']));
|
$post['file'] = substr_replace($post['file'], '', 0, mb_strlen($board['dir'] . $config['dir']['img']));
|
||||||
if($is_an_image && $post['thumb'] != 'spoiler')
|
if ($is_an_image && $post['thumb'] != 'spoiler')
|
||||||
$post['thumb'] = substr_replace($post['thumb'], '', 0, mb_strlen($board['dir'] . $config['dir']['thumb']));
|
$post['thumb'] = substr_replace($post['thumb'], '', 0, mb_strlen($board['dir'] . $config['dir']['thumb']));
|
||||||
}
|
}
|
||||||
|
|
||||||
$post = (object)$post;
|
$post = (object)$post;
|
||||||
if($error = event('post', $post)) {
|
if ($error = event('post', $post)) {
|
||||||
undoImage((array)$post);
|
undoImage((array)$post);
|
||||||
error($error);
|
error($error);
|
||||||
}
|
}
|
||||||
@ -524,8 +524,8 @@ if(isset($_POST['delete'])) {
|
|||||||
|
|
||||||
$id = post($post);
|
$id = post($post);
|
||||||
|
|
||||||
if(isset($post['tracked_cites'])) {
|
if (isset($post['tracked_cites'])) {
|
||||||
foreach($post['tracked_cites'] as $cite) {
|
foreach ($post['tracked_cites'] as $cite) {
|
||||||
$query = prepare('INSERT INTO `cites` VALUES (:board, :post, :target_board, :target)');
|
$query = prepare('INSERT INTO `cites` VALUES (:board, :post, :target_board, :target)');
|
||||||
$query->bindValue(':board', $board['uri']);
|
$query->bindValue(':board', $board['uri']);
|
||||||
$query->bindValue(':post', $id, PDO::PARAM_INT);
|
$query->bindValue(':post', $id, PDO::PARAM_INT);
|
||||||
@ -537,20 +537,20 @@ if(isset($_POST['delete'])) {
|
|||||||
|
|
||||||
buildThread($post['op'] ? $id : $post['thread']);
|
buildThread($post['op'] ? $id : $post['thread']);
|
||||||
|
|
||||||
if(!$post['op'] && strtolower($post['email']) != 'sage' && !$thread['sage'] && ($config['reply_limit'] == 0 || numPosts($post['thread']) < $config['reply_limit'])) {
|
if (!$post['op'] && strtolower($post['email']) != 'sage' && !$thread['sage'] && ($config['reply_limit'] == 0 || numPosts($post['thread']) < $config['reply_limit'])) {
|
||||||
bumpThread($post['thread']);
|
bumpThread($post['thread']);
|
||||||
}
|
}
|
||||||
|
|
||||||
if($post['op'])
|
if ($post['op'])
|
||||||
clean();
|
clean();
|
||||||
|
|
||||||
event('post-after', $post);
|
event('post-after', $post);
|
||||||
|
|
||||||
buildIndex();
|
buildIndex();
|
||||||
|
|
||||||
if(isset($_SERVER['HTTP_REFERER'])) {
|
if (isset($_SERVER['HTTP_REFERER'])) {
|
||||||
// Tell Javascript that we posted successfully
|
// Tell Javascript that we posted successfully
|
||||||
if(isset($_COOKIE[$config['cookies']['js']]))
|
if (isset($_COOKIE[$config['cookies']['js']]))
|
||||||
$js = json_decode($_COOKIE[$config['cookies']['js']]);
|
$js = json_decode($_COOKIE[$config['cookies']['js']]);
|
||||||
else
|
else
|
||||||
$js = (object) array();
|
$js = (object) array();
|
||||||
@ -562,7 +562,7 @@ if(isset($_POST['delete'])) {
|
|||||||
|
|
||||||
$root = $post['mod'] ? $config['root'] . $config['file_mod'] . '?/' : $config['root'];
|
$root = $post['mod'] ? $config['root'] . $config['file_mod'] . '?/' : $config['root'];
|
||||||
|
|
||||||
if($config['always_noko'] || $noko) {
|
if ($config['always_noko'] || $noko) {
|
||||||
$redirect = $root . $board['dir'] . $config['dir']['res'] .
|
$redirect = $root . $board['dir'] . $config['dir']['res'] .
|
||||||
sprintf($config['file_page'], $post['op'] ? $id:$post['thread']) . (!$post['op'] ? '#' . $id : '');
|
sprintf($config['file_page'], $post['op'] ? $id:$post['thread']) . (!$post['op'] ? '#' . $id : '');
|
||||||
} else {
|
} else {
|
||||||
@ -570,14 +570,14 @@ if(isset($_POST['delete'])) {
|
|||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if($config['syslog'])
|
if ($config['syslog'])
|
||||||
_syslog(LOG_INFO, 'New post: /' . $board['dir'] . $config['dir']['res'] .
|
_syslog(LOG_INFO, 'New post: /' . $board['dir'] . $config['dir']['res'] .
|
||||||
sprintf($config['file_page'], $post['op'] ? $id : $post['thread']) . (!$$post['op'] ? '#' . $id : ''));
|
sprintf($config['file_page'], $post['op'] ? $id : $post['thread']) . (!$$post['op'] ? '#' . $id : ''));
|
||||||
|
|
||||||
rebuildThemes('post');
|
rebuildThemes('post');
|
||||||
header('Location: ' . $redirect, true, $config['redirect_http']);
|
header('Location: ' . $redirect, true, $config['redirect_http']);
|
||||||
} else {
|
} else {
|
||||||
if(!file_exists($config['has_installed'])) {
|
if (!file_exists($config['has_installed'])) {
|
||||||
header('Location: install.php', true, $config['redirect_http']);
|
header('Location: install.php', true, $config['redirect_http']);
|
||||||
} else {
|
} else {
|
||||||
// They opened post.php in their browser manually.
|
// They opened post.php in their browser manually.
|
||||||
|
Loading…
Reference in New Issue
Block a user