1
0
mirror of https://github.com/vichan-devel/vichan.git synced 2024-12-01 18:47:20 +01:00

Fixed various issues with per-board mod configurations

This commit is contained in:
Savetheinternet 2011-10-15 09:21:24 +11:00
parent 4a80a9b638
commit 82ca75f91a

46
mod.php
View File

@ -1840,15 +1840,18 @@
echo $page; echo $page;
} elseif(preg_match('/^\/' . $regex['board'] . 'deletefile\/(\d+)$/', $query, $matches)) { } elseif(preg_match('/^\/' . $regex['board'] . 'deletefile\/(\d+)$/', $query, $matches)) {
if(!hasPermission($config['mod']['deletefile'])) error($config['error']['noaccess']);
// Delete file from post // Delete file from post
$boardName = &$matches[1]; $boardName = &$matches[1];
$post = &$matches[2];
// Open board // Open board
if(!openBoard($boardName)) if(!openBoard($boardName))
error($config['error']['noboard']); error($config['error']['noboard']);
if(!hasPermission($config['mod']['deletefile'], $boardName)) error($config['error']['noaccess']);
$post = &$matches[2];
// Delete post // Delete post
deleteFile($post); deleteFile($post);
@ -1862,15 +1865,18 @@
// Redirect // Redirect
header('Location: ?/' . sprintf($config['board_path'], $boardName) . $config['file_index'], true, $config['redirect_http']); header('Location: ?/' . sprintf($config['board_path'], $boardName) . $config['file_index'], true, $config['redirect_http']);
} elseif(preg_match('/^\/' . $regex['board'] . 'delete\/(\d+)$/', $query, $matches)) { } elseif(preg_match('/^\/' . $regex['board'] . 'delete\/(\d+)$/', $query, $matches)) {
if(!hasPermission($config['mod']['delete'])) error($config['error']['noaccess']);
// Delete post // Delete post
$boardName = &$matches[1]; $boardName = &$matches[1];
$post = &$matches[2];
// Open board // Open board
if(!openBoard($boardName)) if(!openBoard($boardName))
error($config['error']['noboard']); error($config['error']['noboard']);
if(!hasPermission($config['mod']['delete'], $boardName)) error($config['error']['noaccess']);
$post = &$matches[2];
// Delete post // Delete post
deletePost($post); deletePost($post);
@ -1883,15 +1889,18 @@
// Redirect // Redirect
header('Location: ?/' . sprintf($config['board_path'], $boardName) . $config['file_index'], true, $config['redirect_http']); header('Location: ?/' . sprintf($config['board_path'], $boardName) . $config['file_index'], true, $config['redirect_http']);
} elseif(preg_match('/^\/' . $regex['board'] . '(un)?sticky\/(\d+)$/', $query, $matches)) { } elseif(preg_match('/^\/' . $regex['board'] . '(un)?sticky\/(\d+)$/', $query, $matches)) {
if(!hasPermission($config['mod']['sticky'])) error($config['error']['noaccess']);
// Add/remove sticky // Add/remove sticky
$boardName = &$matches[1]; $boardName = &$matches[1];
$post = &$matches[3];
// Open board // Open board
if(!openBoard($boardName)) if(!openBoard($boardName))
error($config['error']['noboard']); error($config['error']['noboard']);
if(!hasPermission($config['mod']['sticky'], $boardName)) error($config['error']['noaccess']);
$post = &$matches[3];
$query = prepare(sprintf("UPDATE `posts_%s` SET `sticky` = :sticky WHERE `id` = :id AND `thread` IS NULL", $board['uri'])); $query = prepare(sprintf("UPDATE `posts_%s` SET `sticky` = :sticky WHERE `id` = :id AND `thread` IS NULL", $board['uri']));
$query->bindValue(':id', $post, PDO::PARAM_INT); $query->bindValue(':id', $post, PDO::PARAM_INT);
@ -1917,13 +1926,15 @@
// Lock/Unlock // Lock/Unlock
$boardName = &$matches[1]; $boardName = &$matches[1];
if(!hasPermission($config['mod']['lock'], $boardName)) error($config['error']['noaccess']);
$post = &$matches[3];
// Open board // Open board
if(!openBoard($boardName)) if(!openBoard($boardName))
error($config['error']['noboard']); error($config['error']['noboard']);
if(!hasPermission($config['mod']['lock'], $boardName)) error($config['error']['noaccess']);
$post = &$matches[3];
$query = prepare(sprintf("UPDATE `posts_%s` SET `locked` = :locked WHERE `id` = :id AND `thread` IS NULL", $board['uri'])); $query = prepare(sprintf("UPDATE `posts_%s` SET `locked` = :locked WHERE `id` = :id AND `thread` IS NULL", $board['uri']));
$query->bindValue(':id', $post, PDO::PARAM_INT); $query->bindValue(':id', $post, PDO::PARAM_INT);
@ -1949,13 +1960,14 @@
// Lock/Unlock // Lock/Unlock
$boardName = &$matches[1]; $boardName = &$matches[1];
if(!hasPermission($config['mod']['bumplock'], $boardName)) error($config['error']['noaccess']);
$post = &$matches[3];
// Open board // Open board
if(!openBoard($boardName)) if(!openBoard($boardName))
error($config['error']['noboard']); error($config['error']['noboard']);
if(!hasPermission($config['mod']['bumplock'], $boardName)) error($config['error']['noaccess']);
$post = &$matches[3];
$query = prepare(sprintf("UPDATE `posts_%s` SET `sage` = :bumplocked WHERE `id` = :id AND `thread` IS NULL", $board['uri'])); $query = prepare(sprintf("UPDATE `posts_%s` SET `sage` = :bumplocked WHERE `id` = :id AND `thread` IS NULL", $board['uri']));
$query->bindValue(':id', $post, PDO::PARAM_INT); $query->bindValue(':id', $post, PDO::PARAM_INT);
@ -2108,10 +2120,9 @@
$query->execute() or error(db_error($query)); $query->execute() or error(db_error($query));
openBoard($_POST['board']);
// Delete too // Delete too
if(isset($_POST['delete']) && isset($_POST['board']) && hasPermission($config['mod']['delete'], $_POST['board'])) { if(isset($_POST['delete']) && isset($_POST['board']) && hasPermission($config['mod']['delete'], $_POST['board'])) {
openBoard($_POST['board']);
$post = round($_POST['delete']); $post = round($_POST['delete']);
deletePost($post); deletePost($post);
@ -2124,8 +2135,6 @@
} }
if(hasPermission($config['mod']['public_ban']) && isset($_POST['post']) && isset($_POST['board']) && isset($_POST['public_message']) && isset($_POST['message'])) { if(hasPermission($config['mod']['public_ban']) && isset($_POST['post']) && isset($_POST['board']) && isset($_POST['public_message']) && isset($_POST['message'])) {
openBoard($_POST['board']);
$post = round($_POST['post']); $post = round($_POST['post']);
$query = prepare(sprintf("UPDATE `posts_%s` SET `body` = CONCAT(`body`, :body) WHERE `id` = :id", $board['uri'])); $query = prepare(sprintf("UPDATE `posts_%s` SET `body` = CONCAT(`body`, :body) WHERE `id` = :id", $board['uri']));
@ -2163,15 +2172,16 @@
// Ban by post // Ban by post
$boardName = &$matches[1]; $boardName = &$matches[1];
// Open board
if(!openBoard($boardName))
error($config['error']['noboard']);
if(!hasPermission($config['mod']['ban'], $boardName)) error($config['error']['noaccess']); if(!hasPermission($config['mod']['ban'], $boardName)) error($config['error']['noaccess']);
$delete = isset($matches[2]) && $matches[2] == '&delete'; $delete = isset($matches[2]) && $matches[2] == '&delete';
if($delete && !hasPermission($config['mod']['delete'], $boardName)) error($config['error']['noaccess']); if($delete && !hasPermission($config['mod']['delete'], $boardName)) error($config['error']['noaccess']);
$post = $matches[3]; $post = $matches[3];
// Open board
if(!openBoard($boardName))
error($config['error']['noboard']);
$query = prepare(sprintf("SELECT `ip`,`id` FROM `posts_%s` WHERE `id` = :id LIMIT 1", $board['uri'])); $query = prepare(sprintf("SELECT `ip`,`id` FROM `posts_%s` WHERE `id` = :id LIMIT 1", $board['uri']));
$query->bindValue(':id', $post, PDO::PARAM_INT); $query->bindValue(':id', $post, PDO::PARAM_INT);