Cool_Tools/vichan
1
0
Fork 0
mirror of https://github.com/vichan-devel/vichan.git synced 2024-11-25 07:50:23 +01:00
Code Releases Wiki Activity

Multiple board volunteers patch

Browse Source
This commit is contained in:
8chan 2014-10-28 23:23:17 -07:00
parent 1db3bbe201
commit a754155d5b
7 changed files with 435 additions and 326 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
faq.php
View File

@ -27,7 +27,7 @@ $body = <<<EOT
</ul>
<p>Other than that, you are free to institute whatever rules you want on your board.</p>
<h2>How do I add more volunteers?</h2>
<p>Give them your password. If you don't trust them enough for that, you probably shouldn't be making them a volunteer.</p>
<p>You may do this in your board settings, click on "Edit board volunteers".
<h2>How do I manage my board?</h2>
<p>Go to <a href="/mod.php">the volunteer panel</a> and click on the board link for your board.</p>
<h2>How do I contact the admin?</h2>
@ -39,7 +39,9 @@ $body = <<<EOT
<p>If either of those is true, the board was deleted automatically. You are free to recreate it. I cannot restore it, so don't bother emailing me about it.</p>
<h2>How do I post as a volunteer on my board?</h2>
<p>Make sure you are using the volunteer interface to view your board. The URL of your browser should be <a href="https://8chan.co/mod.php?/yourboard"><tt>https://8chan.co/mod.php?/yourboard</tt></a>. Then, put "## Board Volunteer" in the name field. Write your post and click "Reply". It will appear with your volunteer capcode.</p>
<p>Make sure you are using the volunteer interface to view your board. The URL of your browser should be <a href="https://8chan.co/mod.php?/yourboard"><tt>https://8chan.co/mod.php?/yourboard</tt></a>.</p>
<p>If you are the owner of the board, put "## Board Owner" in the name field. If someone else is the owner and you are just assisting them, put "## Board Volunteer" in the name field. Write your post and click "Reply". It will appear with your capcode.</p>
<h2>Help! The owner of X board is doing something I don't like!</h2>
<p>If they aren't doing anything illegal, I can't help you. I don't dictate how board owners should manage their boards.</p>
<p>If they are doing something illegal, email me.</p>

406
inc/8chan-mod-pages.php Normal file
View File

@ -0,0 +1,406 @@
<?php
if (!function_exists('prettify_textarea')){
function prettify_textarea($s){
return str_replace("\t", '&#09;', str_replace("\n", '&#13;&#10;', htmlentities($s)));
}
}
if (!function_exists('purify')){
function purify($s){
$config = HTMLPurifier_Config::createDefault();
$purifier = new HTMLPurifier($config);
$clean_html = $purifier->purify($s);
return $clean_html;
}
}
$config['mod']['show_ip'] = GLOBALVOLUNTEER;
$config['mod']['show_ip_less'] = BOARDVOLUNTEER;
$config['mod']['manageusers'] = GLOBALVOLUNTEER;
$config['mod']['noticeboard_post'] = GLOBALVOLUNTEER;
$config['mod']['search'] = GLOBALVOLUNTEER;
$config['mod']['clean_global'] = GLOBALVOLUNTEER;
$config['mod']['debug_recent'] = ADMIN;
$config['mod']['debug_antispam'] = ADMIN;
$config['mod']['noticeboard_post'] = ADMIN;
$config['mod']['modlog'] = GLOBALVOLUNTEER;
$config['mod']['editpost'] = BOARDVOLUNTEER;
$config['mod']['edit_banners'] = MOD;
$config['mod']['edit_flags'] = MOD;
$config['mod']['edit_settings'] = MOD;
$config['mod']['edit_volunteers'] = MOD;
$config['mod']['clean'] = BOARDVOLUNTEER;
// new perms
$config['mod']['ban'] = BOARDVOLUNTEER;
$config['mod']['unban'] = BOARDVOLUNTEER;
$config['mod']['deletebyip'] = BOARDVOLUNTEER;
$config['mod']['sticky'] = BOARDVOLUNTEER;
$config['mod']['lock'] = BOARDVOLUNTEER;
$config['mod']['postinlocked'] = BOARDVOLUNTEER;
$config['mod']['bumplock'] = BOARDVOLUNTEER;
$config['mod']['view_bumplock'] = BOARDVOLUNTEER;
$config['mod']['bypass_field_disable'] = BOARDVOLUNTEER;
$config['mod']['view_banlist'] = BOARDVOLUNTEER;
$config['mod']['view_banstaff'] = BOARDVOLUNTEER;
$config['mod']['public_ban'] = BOARDVOLUNTEER;
$config['mod']['recent'] = BOARDVOLUNTEER;
$config['mod']['ban_appeals'] = BOARDVOLUNTEER;
$config['mod']['view_ban_appeals'] = BOARDVOLUNTEER;
$config['mod']['custom_pages']['/volunteers/(\%b)'] = function($b) {
global $board, $config, $pdo;
if (!hasPermission($config['mod']['edit_volunteers'], $b))
error($config['error']['noaccess']);
if (!openBoard($b))
error("Could not open board!");
if (isset($_POST['username'], $_POST['password'])) {
$query = prepare('SELECT * FROM ``mods`` WHERE type = 19 AND boards = :board');
$query->bindValue(':board', $b);
$query->execute() or error(db_error($query));
$count = $query->rowCount();
$query = prepare('SELECT `username` FROM ``mods``');
$query->execute() or error(db_error($query));
$volunteers = $query->fetchAll(PDO::FETCH_ASSOC);
if ($_POST['username'] == '')
error(sprintf($config['error']['required'], 'username'));
if ($_POST['password'] == '')
error(sprintf($config['error']['required'], 'password'));
if ($count > 10) {
error(_('Too many board volunteers!'));
}
foreach ($volunteers as $i => $v) {
if ($_POST['username'] == $v['username']) {
error(_('Refusing to create a volunteer with the same username as an existing one.'));
}
}
$salt = generate_salt();
$password = hash('sha256', $salt . sha1($_POST['password']));
$query = prepare('INSERT INTO ``mods`` VALUES (NULL, :username, :password, :salt, 19, :board)');
$query->bindValue(':username', $_POST['username']);
$query->bindValue(':password', $password);
$query->bindValue(':salt', $salt);
$query->bindValue(':board', $b);
$query->execute() or error(db_error($query));
$userID = $pdo->lastInsertId();
modLog('Created a new volunteer: ' . utf8tohtml($_POST['username']) . ' <small>(#' . $userID . ')</small>');
}
if (isset($_POST['delete'])){
foreach ($_POST['delete'] as $i => $d){
$query = prepare('SELECT * FROM ``mods`` WHERE id = :id');
$query->bindValue(':id', $d);
$query->execute() or error(db_error($query));
$result = $query->fetch(PDO::FETCH_ASSOC);
if (!$result) {
error(_('Volunteer does not exist!'));
}
if ($result['boards'] != $b || $result['type'] != BOARDVOLUNTEER) {
error($config['error']['noaccess']);
}
$query = prepare('DELETE FROM ``mods`` WHERE id = :id');
$query->bindValue(':id', $d);
$query->execute() or error(db_error($query));
}
}
$query = prepare('SELECT * FROM ``mods`` WHERE type = 19 AND boards = :board');
$query->bindValue(':board', $b);
$query->execute() or error(db_error($query));
$volunteers = $query->fetchAll(PDO::FETCH_ASSOC);
mod_page(_('Edit volunteers'), 'mod/volunteers.html', array('board'=>$board,'token'=>make_secure_link_token('volunteers/'.$board['uri']),'volunteers'=>$volunteers));
};
$config['mod']['custom_pages']['/flags/(\%b)'] = function($b) {
global $config, $mod, $board;
require_once 'inc/image.php';
if (!hasPermission($config['mod']['edit_flags'], $b))
error($config['error']['noaccess']);
if (!openBoard($b))
error("Could not open board!");
$dir = 'static/custom-flags/'.$b;
if (!is_dir($dir)){
mkdir($dir, 0777, true);
}
if (isset($_FILES['file'])){
$upload = $_FILES['file']['tmp_name'];
$banners = array_diff(scandir($dir), array('..', '.'));
if (!is_readable($upload))
error($config['error']['nomove']);
$id = time() . substr(microtime(), 2, 3);
$extension = strtolower(mb_substr($_FILES['file']['name'], mb_strrpos($_FILES['file']['name'], '.') + 1));
if ($extension != 'png') {
error(_('Flags must be in PNG format.'));
}
if (filesize($upload) > 48000){
error(_('File too large!'));
}
if (!$size = @getimagesize($upload)) {
error($config['error']['invalidimg']);
}
if ($size[0] != 16 or $size[1] != 11){
error(_('Image wrong size!'));
}
if (sizeof($banners) >= 100) {
error(_('Too many flags.'));
}
copy($upload, "$dir/$id.$extension");
}
if (isset($_POST['delete'])){
foreach ($_POST['delete'] as $i => $d){
if (!preg_match('/[0-9+]\.(png|jpeg|jpg|gif)/', $d)){
error('Nice try.');
}
unlink("$dir/$d");
}
}
$banners = array_diff(scandir($dir), array('..', '.'));
mod_page(_('Edit banners'), 'mod/banners.html', array('board'=>$board,'banners'=>$banners,'token'=>make_secure_link_token('banners/'.$board['uri'])));
};
$config['mod']['custom_pages']['/banners/(\%b)'] = function($b) {
global $config, $mod, $board;
require_once 'inc/image.php';
if (!hasPermission($config['mod']['edit_banners'], $b))
error($config['error']['noaccess']);
if (!openBoard($b))
error("Could not open board!");
$dir = 'static/banners/'.$b;
if (!is_dir($dir)){
mkdir($dir, 0777, true);
}
if (isset($_FILES['file'])){
$upload = $_FILES['file']['tmp_name'];
$banners = array_diff(scandir($dir), array('..', '.'));
if (!is_readable($upload))
error($config['error']['nomove']);
$id = time() . substr(microtime(), 2, 3);
$extension = strtolower(mb_substr($_FILES['file']['name'], mb_strrpos($_FILES['file']['name'], '.') + 1));
if (!in_array($extension, array('jpg','jpeg','png','gif'))){
error('Not an image extension.');
}
if (filesize($upload) > 512000){
error('File too large!');
}
if (!$size = @getimagesize($upload)) {
error($config['error']['invalidimg']);
}
if ($size[0] != 300 or $size[1] != 100){
error('Image wrong size!');
}
if (sizeof($banners) >= 50) {
error('Too many banners.');
}
copy($upload, "$dir/$id.$extension");
}
if (isset($_POST['delete'])){
foreach ($_POST['delete'] as $i => $d){
if (!preg_match('/[0-9+]\.(png|jpeg|jpg|gif)/', $d)){
error('Nice try.');
}
unlink("$dir/$d");
}
}
$banners = array_diff(scandir($dir), array('..', '.'));
mod_page(_('Edit banners'), 'mod/banners.html', array('board'=>$board,'banners'=>$banners,'token'=>make_secure_link_token('banners/'.$board['uri'])));
};
$config['mod']['custom_pages']['/settings/(\%b)'] = function($b) {
global $config, $mod;
if (!in_array($b, $mod['boards']) and $mod['boards'][0] != '*')
error($config['error']['noaccess']);
if (!openBoard($b))
error("Could not open board!");
$possible_languages = array_diff(scandir('inc/locale/'), array('..', '.', '.tx', 'README.md'));
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$title = $_POST['title'];
$subtitle = $_POST['subtitle'];
$country_flags = isset($_POST['country_flags']) ? 'true' : 'false';
$field_disable_name = isset($_POST['field_disable_name']) ? 'true' : 'false';
$enable_embedding = isset($_POST['enable_embedding']) ? 'true' : 'false';
$force_image_op = isset($_POST['force_image_op']) ? 'true' : 'false';
$disable_images = isset($_POST['disable_images']) ? 'true' : 'false';
$poster_ids = isset($_POST['poster_ids']) ? 'true' : 'false';
$show_sages = isset($_POST['show_sages']) ? 'true' : 'false';
$auto_unicode = isset($_POST['auto_unicode']) ? 'true' : 'false';
$allow_roll = isset($_POST['allow_roll']) ? 'true' : 'false';
$image_reject_repost = isset($_POST['image_reject_repost']) ? 'true' : 'false';
$allow_delete = isset($_POST['allow_delete']) ? 'true' : 'false';
$allow_flash = isset($_POST['allow_flash']) ? '$config[\'allowed_ext_files\'][] = \'swf\';' : '';
$code_tags = isset($_POST['code_tags']) ? '$config[\'additional_javascript\'][] = \'js/code_tags/run_prettify.js\';$config[\'markup\'][] = array("/\[code\](.+?)\[\/code\]/ms", "<code><pre class=\'prettyprint\' style=\'display:inline-block\'>\$1</pre></code>");' : '';
$katex = isset($_POST['katex']) ? '$config[\'katex\'] = true;$config[\'additional_javascript\'][] = \'js/katex/katex.min.js\'; $config[\'markup\'][] = array("/\[tex\](.+?)\[\/tex\]/ms", "<span class=\'tex\'>\$1</span>"); $config[\'additional_javascript\'][] = \'js/katex-enable.js\';' : '';
$oekaki_js = <<<OEKAKI
\$config['additional_javascript'][] = 'js/jquery-ui.custom.min.js';
\$config['additional_javascript'][] = 'js/wPaint/lib/wColorPicker.min.js';
\$config['additional_javascript'][] = 'js/wPaint/wPaint.min.js';
\$config['additional_javascript'][] = 'js/wPaint/plugins/main/wPaint.menu.main.min.js';
\$config['additional_javascript'][] = 'js/wPaint/plugins/text/wPaint.menu.text.min.js';
\$config['additional_javascript'][] = 'js/wPaint/plugins/shapes/wPaint.menu.main.shapes.min.js';
\$config['additional_javascript'][] = 'js/wPaint/plugins/file/wPaint.menu.main.file.min.js';
\$config['additional_javascript'][] = 'js/wpaint.js';
\$config['additional_javascript'][] = 'js/upload-selection.js';
OEKAKI;
$oekaki = isset($_POST['oekaki']) ? $oekaki_js : '';
if ($_POST['locale'] !== 'en' && in_array($_POST['locale'], $possible_languages)) {
$locale = "\$config['locale'] = '{$_POST['locale']}.UTF-8';";
} else {
$locale = '';
}
if (isset($_POST['max_images']) && (int)$_POST['max_images'] && (int)$_POST['max_images'] <= 5) {
$_POST['max_images'] = (int)$_POST['max_images'];
$multiimage = "\$config['max_images'] = {$_POST['max_images']};
\$config['additional_javascript'][] = 'js/multi-image.js';";
} else {
$multiimage = '';
}
$anonymous = base64_encode($_POST['anonymous']);
$blotter = base64_encode(purify(html_entity_decode($_POST['blotter'])));
$add_to_config = @file_get_contents($b.'/extra_config.php');
$replace = '';
if (isset($_POST['replace'])) {
if (count($_POST['replace']) == count($_POST['with'])) {
foreach ($_POST['replace'] as $i => $r ) {
if ($r !== '') {
$w = $_POST['with'][$i];
$replace .= '$config[\'wordfilters\'][] = array(base64_decode(\'' . base64_encode($r) . '\'), base64_decode(\'' . base64_encode($w) . '\'));';
}
}
}
}
if (!(strlen($title) < 40))
error('Invalid title');
if (!(strlen($subtitle) < 200))
error('Invalid subtitle');
$query = prepare('UPDATE ``boards`` SET `title` = :title, `subtitle` = :subtitle, `indexed` = :indexed, `public_bans` = :public_bans, `8archive` = :8archive WHERE `uri` = :uri');
$query->bindValue(':title', $title);
$query->bindValue(':subtitle', $subtitle);
$query->bindValue(':uri', $b);
$query->bindValue(':indexed', !isset($_POST['meta_noindex']));
$query->bindValue(':public_bans', isset($_POST['public_bans']));
$query->bindValue(':8archive', isset($_POST['8archive']));
$query->execute() or error(db_error($query));
$config_file = <<<EOT
<?php
\$config['file_script'] = '$b/main.js';
\$config['country_flags'] = $country_flags;
\$config['field_disable_name'] = $field_disable_name;
\$config['enable_embedding'] = $enable_embedding;
\$config['force_image_op'] = $force_image_op;
\$config['disable_images'] = $disable_images;
\$config['poster_ids'] = $poster_ids;
\$config['show_sages'] = $show_sages;
\$config['auto_unicode'] = $auto_unicode;
\$config['allow_roll'] = $allow_roll;
\$config['image_reject_repost'] = $image_reject_repost;
\$config['allow_delete'] = $allow_delete;
\$config['anonymous'] = base64_decode('$anonymous');
\$config['blotter'] = base64_decode('$blotter');
\$config['stylesheets']['Custom'] = 'board/$b.css';
\$config['default_stylesheet'] = array('Custom', \$config['stylesheets']['Custom']);
$code_tags $katex $oekaki $replace $multiimage $allow_flash
if (\$config['disable_images'])
\$config['max_pages'] = 10000;
$locale
$add_to_config
EOT;
$query = query('SELECT `uri`, `title`, `subtitle` FROM ``boards`` WHERE `8archive` = TRUE');
file_write('8archive.json', json_encode($query->fetchAll(PDO::FETCH_ASSOC)));
file_write($b.'/config.php', $config_file);
file_write('stylesheets/board/'.$b.'.css', $_POST['css']);
file_write($b.'/rules.html', Element('page.html', array('title'=>'Rules', 'subtitle'=>'', 'config'=>$config, 'body'=>'<div class="ban">'.purify($_POST['rules']).'</div>')));
file_write($b.'/rules.txt', $_POST['rules']);
$_config = $config;
openBoard($b);
// be smarter about rebuilds...only some changes really require us to rebuild all threads
if ($_config['blotter'] != $config['blotter'] || $_config['field_disable_name'] != $config['field_disable_name'] || $_config['show_sages'] != $config['show_sages']) {
buildIndex();
$query = query(sprintf("SELECT `id` FROM ``posts_%s`` WHERE `thread` IS NULL", $b)) or error(db_error());
while ($post = $query->fetch(PDO::FETCH_ASSOC)) {
buildThread($post['id']);
}
}
buildJavascript();
modLog('Edited board settings', $b);
}
$query = prepare('SELECT * FROM boards WHERE uri = :board');
$query->bindValue(':board', $b);
$query->execute() or error(db_error($query));
$board = $query->fetchAll()[0];
$rules = @file_get_contents($board['uri'] . '/rules.txt');
$css = @file_get_contents('stylesheets/board/' . $board['uri'] . '.css');
openBoard($b);
rebuildThemes('bans');
if ($config['cache']['enabled'])
cache::delete('board_' . $board['uri']);
cache::delete('all_boards');
mod_page(_('Board configuration'), 'mod/settings.html', array('board'=>$board, 'rules'=>prettify_textarea($rules), 'css'=>prettify_textarea($css), 'token'=>make_secure_link_token('settings/'.$board['uri']), 'languages'=>$possible_languages));
};

7
inc/bans.php
View File

@ -202,11 +202,14 @@ class Bans {
case ADMIN:
$ban['username'] = 'Admin';
break;
case SUPERMOD:
case GLOBALVOLUNTEER:
$ban['username'] = 'Global Volunteer';
break;
case MOD:
$ban['username'] = 'Local Volunteer';
$ban['username'] = 'Board Owner';
break;
case BOARDVOLUNTEER:
$ban['username'] = 'Board Volunteer';
break;
default:
$ban['username'] = '?';

325
inc/instance-config.php
View File

@ -49,7 +49,7 @@
// Load database credentials
require "secrets.php";
// Image shit
$config['thumb_method'] = 'gm+gifsicle';
$config['thumb_ext'] = '';
@ -66,31 +66,16 @@
$config['webm']['max_length'] = 60 * 15;
// Mod shit
$config['mod']['groups'][25] = 'Supermod';
$config['mod']['groups'][25] = 'GlobalVolunteer';
$config['mod']['groups'][19] = 'BoardVolunteer';
define_groups();
$config['mod']['capcode'][MOD] = array('Board Volunteer');
$config['mod']['capcode'][SUPERMOD] = array('Global Volunteer');
$config['mod']['capcode'][BOARDVOLUNTEER] = array('Board Volunteer');
$config['mod']['capcode'][MOD] = array('Board Owner');
$config['mod']['capcode'][GLOBALVOLUNTEER] = array('Global Volunteer');
$config['custom_capcode']['Admin'] = array(
'<span class="capcode" style="color:blue;font-weight:bold"> <i class="fa fa-wheelchair"></i> %s</span>',
);
$config['custom_capcode']['Bear'] = array(
'<span class="capcode" style="color:brown;font-weight:bold"> <img src="/static/paw.svg" height="12" width="12"> %s</span>',
);
//$config['mod']['view_banlist'] = SUPERMOD;
$config['mod']['show_ip'] = SUPERMOD;
$config['mod']['show_ip_less'] = MOD;
$config['mod']['manageusers'] = SUPERMOD;
$config['mod']['noticeboard_post'] = SUPERMOD;
$config['mod']['search'] = SUPERMOD;
$config['mod']['clean_global'] = SUPERMOD;
$config['mod']['debug_recent'] = ADMIN;
$config['mod']['debug_antispam'] = ADMIN;
$config['mod']['modlog'] = SUPERMOD;
$config['mod']['editpost'] = MOD;
$config['mod']['edit_banners'] = MOD;
$config['mod']['edit_flags'] = MOD;
$config['mod']['edit_settings'] = MOD;
$config['mod']['clean'] = MOD;
//$config['mod']['view_banlist'] = GLOBALVOLUNTEER;
$config['mod']['recent_reports'] = 65535;
$config['mod']['ip_less_recentposts'] = 75;
$config['ban_show_post'] = true;
@ -159,7 +144,7 @@
$config['markup'][] = array("/~~(.+?)~~/", "<s>\$1</s>");
$config['markup'][] = array("/__(.+?)__/", "<u>\$1</u>");
$config['boards'] = array(array('<i class="fa fa-home" title="Home"></i>' => '/', '<i class="fa fa-tags" title="Boards"></i>' => '/boards.html', '<i class="fa fa-question" title="FAQ"></i>' => '/faq.html', '<i class="fa fa-random" title="Random"></i>' => '/random.php', '<i class="fa fa-plus" title="New board"></i>' => '/create.php', '<i class="fa fa-ban" title="Public ban list"></i>' => '/bans.html', '<i class="fa fa-search" title="Search"></i>' => '/search.php', '<i class="fa fa-cog" title="Manage board"></i>' => '/mod.php', '<i class="fa fa-quote-right" title="Chat"></i>' => 'https://qchat.rizon.net/?channels=#8chan'), array('b', 'meta', 'int'), array('<i class="fa fa-twitter" title="Twitter"></i>'=>'https://twitter.com/infinitechan'));
$config['boards'] = array(array('<i class="fa fa-home" title="Home"></i>' => '/', '<i class="fa fa-tags" title="Boards"></i>' => '/boards.html', '<i class="fa fa-question" title="FAQ"></i>' => '/faq.html', '<i class="fa fa-random" title="Random"></i>' => '/random.php', '<i class="fa fa-plus" title="New board"></i>' => '/create.php', '<i class="fa fa-ban" title="Public ban list"></i>' => '/bans.html', '<i class="fa fa-search" title="Search"></i>' => '/search.php', '<i class="fa fa-cog" title="Manage board"></i>' => '/mod.php', '<i class="fa fa-quote-right" title="Chat"></i>' => 'https://qchat.rizon.net/?channels=#8chan'), array('b', 'meta'), array('<i class="fa fa-twitter" title="Twitter"></i>'=>'https://twitter.com/infinitechan'));
//$config['boards'] = array(array('<i class="fa fa-home" title="Home"></i>' => '/', '<i class="fa fa-tags" title="Boards"></i>' => '/boards.html', '<i class="fa fa-question" title="FAQ"></i>' => '/faq.html', '<i class="fa fa-random" title="Random"></i>' => '/random.php', '<i class="fa fa-plus" title="New board"></i>' => '/create.php', '<i class="fa fa-search" title="Search"></i>' => '/search.php', '<i class="fa fa-cog" title="Manage board"></i>' => '/mod.php', '<i class="fa fa-quote-right" title="Chat"></i>' => 'https://qchat.rizon.net/?channels=#8chan'), array('b', 'meta', 'int'), array('v', 'a', 'tg', 'fit', 'pol', 'tech', 'mu', 'co', 'sp', 'boards'), array('<i class="fa fa-twitter" title="Twitter"></i>'=>'https://twitter.com/infinitechan'));
$config['footer'][] = 'Contribute to 8chan.co development at <a href="https://github.com/ctrlcctrlv/8chan">github</a>';
@ -172,298 +157,7 @@
$config['wordfilters'][] = array('\rule', ''); // 'true' means it's a regular expression
if (!function_exists('prettify_textarea')){
function prettify_textarea($s){
return str_replace("\t", '&#09;', str_replace("\n", '&#13;&#10;', htmlentities($s)));
}
}
if (!function_exists('purify')){
function purify($s){
$config = HTMLPurifier_Config::createDefault();
$purifier = new HTMLPurifier($config);
$clean_html = $purifier->purify($s);
return $clean_html;
}
}
$config['mod']['custom_pages']['/flags/(\%b)'] = function($b) {
global $config, $mod, $board;
require_once 'inc/image.php';
if (!hasPermission($config['mod']['edit_flags'], $b))
error($config['mod']['noaccess']);
if (!openBoard($b))
error("Could not open board!");
$dir = 'static/custom-flags/'.$b;
if (!is_dir($dir)){
mkdir($dir, 0777, true);
}
if (isset($_FILES['file'])){
$upload = $_FILES['file']['tmp_name'];
$banners = array_diff(scandir($dir), array('..', '.'));
if (!is_readable($upload))
error($config['error']['nomove']);
$id = time() . substr(microtime(), 2, 3);
$extension = strtolower(mb_substr($_FILES['file']['name'], mb_strrpos($_FILES['file']['name'], '.') + 1));
if ($extension != 'png') {
error(_('Flags must be in PNG format.'));
}
if (filesize($upload) > 48000){
error(_('File too large!'));
}
if (!$size = @getimagesize($upload)) {
error($config['error']['invalidimg']);
}
if ($size[0] != 16 or $size[1] != 11){
error(_('Image wrong size!'));
}
if (sizeof($banners) >= 100) {
error(_('Too many flags.'));
}
copy($upload, "$dir/$id.$extension");
}
if (isset($_POST['delete'])){
foreach ($_POST['delete'] as $i => $d){
if (!preg_match('/[0-9+]\.(png|jpeg|jpg|gif)/', $d)){
error('Nice try.');
}
unlink("$dir/$d");
}
}
$banners = array_diff(scandir($dir), array('..', '.'));
mod_page(_('Edit banners'), 'mod/banners.html', array('board'=>$board,'banners'=>$banners,'token'=>make_secure_link_token('banners/'.$board['uri'])));
};
$config['mod']['custom_pages']['/banners/(\%b)'] = function($b) {
global $config, $mod, $board;
require_once 'inc/image.php';
if (!hasPermission($config['mod']['edit_banners'], $b))
error($config['error']['noaccess']);
if (!openBoard($b))
error("Could not open board!");
$dir = 'static/banners/'.$b;
if (!is_dir($dir)){
mkdir($dir, 0777, true);
}
if (isset($_FILES['file'])){
$upload = $_FILES['file']['tmp_name'];
$banners = array_diff(scandir($dir), array('..', '.'));
if (!is_readable($upload))
error($config['error']['nomove']);
$id = time() . substr(microtime(), 2, 3);
$extension = strtolower(mb_substr($_FILES['file']['name'], mb_strrpos($_FILES['file']['name'], '.') + 1));
if (!in_array($extension, array('jpg','jpeg','png','gif'))){
error('Not an image extension.');
}
if (filesize($upload) > 512000){
error('File too large!');
}
if (!$size = @getimagesize($upload)) {
error($config['error']['invalidimg']);
}
if ($size[0] != 300 or $size[1] != 100){
error('Image wrong size!');
}
if (sizeof($banners) >= 50) {
error('Too many banners.');
}
copy($upload, "$dir/$id.$extension");
}
if (isset($_POST['delete'])){
foreach ($_POST['delete'] as $i => $d){
if (!preg_match('/[0-9+]\.(png|jpeg|jpg|gif)/', $d)){
error('Nice try.');
}
unlink("$dir/$d");
}
}
$banners = array_diff(scandir($dir), array('..', '.'));
mod_page(_('Edit banners'), 'mod/banners.html', array('board'=>$board,'banners'=>$banners,'token'=>make_secure_link_token('banners/'.$board['uri'])));
};
$config['mod']['custom_pages']['/settings/(\%b)'] = function($b) {
global $config, $mod;
if (!in_array($b, $mod['boards']) and $mod['boards'][0] != '*')
error($config['error']['noaccess']);
if (!openBoard($b))
error("Could not open board!");
$possible_languages = array_diff(scandir('inc/locale/'), array('..', '.', '.tx', 'README.md'));
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$title = $_POST['title'];
$subtitle = $_POST['subtitle'];
$country_flags = isset($_POST['country_flags']) ? 'true' : 'false';
$field_disable_name = isset($_POST['field_disable_name']) ? 'true' : 'false';
$enable_embedding = isset($_POST['enable_embedding']) ? 'true' : 'false';
$force_image_op = isset($_POST['force_image_op']) ? 'true' : 'false';
$disable_images = isset($_POST['disable_images']) ? 'true' : 'false';
$poster_ids = isset($_POST['poster_ids']) ? 'true' : 'false';
$show_sages = isset($_POST['show_sages']) ? 'true' : 'false';
$auto_unicode = isset($_POST['auto_unicode']) ? 'true' : 'false';
$allow_roll = isset($_POST['allow_roll']) ? 'true' : 'false';
$image_reject_repost = isset($_POST['image_reject_repost']) ? 'true' : 'false';
$allow_delete = isset($_POST['allow_delete']) ? 'true' : 'false';
$allow_flash = isset($_POST['allow_flash']) ? '$config[\'allowed_ext_files\'][] = \'swf\';' : '';
$code_tags = isset($_POST['code_tags']) ? '$config[\'additional_javascript\'][] = \'js/code_tags/run_prettify.js\';$config[\'markup\'][] = array("/\[code\](.+?)\[\/code\]/ms", "<code><pre class=\'prettyprint\' style=\'display:inline-block\'>\$1</pre></code>");' : '';
$katex = isset($_POST['katex']) ? '$config[\'katex\'] = true;$config[\'additional_javascript\'][] = \'js/katex/katex.min.js\'; $config[\'markup\'][] = array("/\[tex\](.+?)\[\/tex\]/ms", "<span class=\'tex\'>\$1</span>"); $config[\'additional_javascript\'][] = \'js/katex-enable.js\';' : '';
$oekaki_js = <<<OEKAKI
\$config['additional_javascript'][] = 'js/jquery-ui.custom.min.js';
\$config['additional_javascript'][] = 'js/wPaint/lib/wColorPicker.min.js';
\$config['additional_javascript'][] = 'js/wPaint/wPaint.min.js';
\$config['additional_javascript'][] = 'js/wPaint/plugins/main/wPaint.menu.main.min.js';
\$config['additional_javascript'][] = 'js/wPaint/plugins/text/wPaint.menu.text.min.js';
\$config['additional_javascript'][] = 'js/wPaint/plugins/shapes/wPaint.menu.main.shapes.min.js';
\$config['additional_javascript'][] = 'js/wPaint/plugins/file/wPaint.menu.main.file.min.js';
\$config['additional_javascript'][] = 'js/wpaint.js';
\$config['additional_javascript'][] = 'js/upload-selection.js';
OEKAKI;
$oekaki = isset($_POST['oekaki']) ? $oekaki_js : '';
if ($_POST['locale'] !== 'en' && in_array($_POST['locale'], $possible_languages)) {
$locale = "\$config['locale'] = '{$_POST['locale']}.UTF-8';";
} else {
$locale = '';
}
if (isset($_POST['max_images']) && (int)$_POST['max_images'] && (int)$_POST['max_images'] <= 5) {
$_POST['max_images'] = (int)$_POST['max_images'];
$multiimage = "\$config['max_images'] = {$_POST['max_images']};
\$config['additional_javascript'][] = 'js/multi-image.js';";
} else {
$multiimage = '';
}
$anonymous = base64_encode($_POST['anonymous']);
$blotter = base64_encode(purify(html_entity_decode($_POST['blotter'])));
$add_to_config = @file_get_contents($b.'/extra_config.php');
$replace = '';
if (isset($_POST['replace'])) {
if (count($_POST['replace']) == count($_POST['with'])) {
foreach ($_POST['replace'] as $i => $r ) {
if ($r !== '') {
$w = $_POST['with'][$i];
$replace .= '$config[\'wordfilters\'][] = array(base64_decode(\'' . base64_encode($r) . '\'), base64_decode(\'' . base64_encode($w) . '\'));';
}
}
}
}
if (!(strlen($title) < 40))
error('Invalid title');
if (!(strlen($subtitle) < 200))
error('Invalid subtitle');
$query = prepare('UPDATE ``boards`` SET `title` = :title, `subtitle` = :subtitle, `indexed` = :indexed, `public_bans` = :public_bans, `8archive` = :8archive WHERE `uri` = :uri');
$query->bindValue(':title', $title);
$query->bindValue(':subtitle', $subtitle);
$query->bindValue(':uri', $b);
$query->bindValue(':indexed', !isset($_POST['meta_noindex']));
$query->bindValue(':public_bans', isset($_POST['public_bans']));
$query->bindValue(':8archive', isset($_POST['8archive']));
$query->execute() or error(db_error($query));
$config_file = <<<EOT
<?php
\$config['file_script'] = '$b/main.js';
\$config['country_flags'] = $country_flags;
\$config['field_disable_name'] = $field_disable_name;
\$config['enable_embedding'] = $enable_embedding;
\$config['force_image_op'] = $force_image_op;
\$config['disable_images'] = $disable_images;
\$config['poster_ids'] = $poster_ids;
\$config['show_sages'] = $show_sages;
\$config['auto_unicode'] = $auto_unicode;
\$config['allow_roll'] = $allow_roll;
\$config['image_reject_repost'] = $image_reject_repost;
\$config['allow_delete'] = $allow_delete;
\$config['anonymous'] = base64_decode('$anonymous');
\$config['blotter'] = base64_decode('$blotter');
\$config['stylesheets']['Custom'] = 'board/$b.css';
\$config['default_stylesheet'] = array('Custom', \$config['stylesheets']['Custom']);
$code_tags $katex $oekaki $replace $multiimage $allow_flash
if (\$config['disable_images'])
\$config['max_pages'] = 10000;
$locale
$add_to_config
EOT;
$query = query('SELECT `uri`, `title`, `subtitle` FROM ``boards`` WHERE `8archive` = TRUE');
file_write('8archive.json', json_encode($query->fetchAll(PDO::FETCH_ASSOC)));
file_write($b.'/config.php', $config_file);
file_write('stylesheets/board/'.$b.'.css', $_POST['css']);
file_write($b.'/rules.html', Element('page.html', array('title'=>'Rules', 'subtitle'=>'', 'config'=>$config, 'body'=>'<div class="ban">'.purify($_POST['rules']).'</div>')));
file_write($b.'/rules.txt', $_POST['rules']);
$_config = $config;
openBoard($b);
// be smarter about rebuilds...only some changes really require us to rebuild all threads
if ($_config['blotter'] != $config['blotter'] || $_config['field_disable_name'] != $config['field_disable_name'] || $_config['show_sages'] != $config['show_sages']) {
buildIndex();
$query = query(sprintf("SELECT `id` FROM ``posts_%s`` WHERE `thread` IS NULL", $b)) or error(db_error());
while ($post = $query->fetch(PDO::FETCH_ASSOC)) {
buildThread($post['id']);
}
}
buildJavascript();
modLog('Edited board settings', $b);
}
$query = prepare('SELECT * FROM boards WHERE uri = :board');
$query->bindValue(':board', $b);
$query->execute() or error(db_error($query));
$board = $query->fetchAll()[0];
$rules = @file_get_contents($board['uri'] . '/rules.txt');
$css = @file_get_contents('stylesheets/board/' . $board['uri'] . '.css');
openBoard($b);
rebuildThemes('bans');
if ($config['cache']['enabled'])
cache::delete('board_' . $board['uri']);
cache::delete('all_boards');
mod_page(_('Board configuration'), 'mod/settings.html', array('board'=>$board, 'rules'=>prettify_textarea($rules), 'css'=>prettify_textarea($css), 'token'=>make_secure_link_token('settings/'.$board['uri']), 'languages'=>$possible_languages));
};
$config['embedding'] = array(
array(
'/^https?:\/\/(\w+\.)?youtube\.com\/watch\?v=([a-zA-Z0-9\-_]{10,11})(&.+)?$/i',
@ -492,3 +186,6 @@ EOT;
);
$config['gzip_static'] = false;
// 8chan specific mod pages
require '8chan-mod-pages.php';

14
inc/mod/pages.php
View File

@ -100,9 +100,9 @@ function mod_dashboard() {
cache::set('pm_unreadcount_' . $mod['id'], $args['unread_pms']);
}
$query = prepare('SELECT COUNT(*) AS `total_reports` FROM ``reports``' . ($mod["type"] == "20" ? " WHERE board = :board" : ""));
$query = prepare('SELECT COUNT(*) AS `total_reports` FROM ``reports``' . (($mod["type"] == MOD || $mod["type"] == BOARDVOLUNTEER) ? " WHERE board = :board" : ""));
if ($mod['type'] == MOD) {
if ($mod['type'] == MOD || $mod["type"] == BOARDVOLUNTEER) {
$query->bindValue(':board', $mod['boards'][0]);
} else {
$query = prepare('SELECT (SELECT COUNT(id) FROM reports WHERE global = 0) AS total_reports, (SELECT COUNT(id) FROM reports WHERE global = 1) AS global_reports');
@ -2298,7 +2298,7 @@ function mod_reports() {
error($config['error']['noaccess']);
}
if( $mod['type'] == MOD and $global) {
if( ($mod['type'] == MOD || $mod["type"] == BOARDVOLUNTEER) and $global) {
error($config['error']['noaccess']);
}
@ -2306,10 +2306,10 @@ function mod_reports() {
$report_scope = $global ? "global" : "local";
// Get REPORTS.
$query = prepare("SELECT * FROM ``reports`` WHERE " . ($mod["type"] == MOD ? "board = :board AND" : "") . " ``".($global ? "global" : "local")."`` = TRUE LIMIT :limit");
$query = prepare("SELECT * FROM ``reports`` WHERE " . (($mod["type"] == MOD || $mod["type"] == BOARDVOLUNTEER) ? "board = :board AND" : "") . " ``".($global ? "global" : "local")."`` = TRUE LIMIT :limit");
// Limit reports by board if the moderator is local.
if( $mod['type'] == MOD ) {
if( $mod['type'] == MOD || $mod["type"] == BOARDVOLUNTEER ) {
$query->bindValue(':board', $mod['boards'][0]);
}
@ -2527,7 +2527,7 @@ function mod_report_dismiss() {
$global = in_array( "global", $arguments );
$content = in_array( "content", $arguments );
if( $mod['type'] == MOD and $global ) {
if( ($mod['type'] == MOD || $mod["type"] == BOARDVOLUNTEER) and $global ) {
error($config['error']['noaccess']);
}
@ -2649,7 +2649,7 @@ function mod_report_dismiss() {
function mod_report_demote() {
global $config, $mod;
if( $mod['type'] == MOD ) {
if( $mod['type'] == MOD || $mod["type"] == BOARDVOLUNTEER ) {
error($config['error']['noaccess']);
}

2
templates/mod/dashboard.html
View File

@ -54,7 +54,7 @@
<a href="?/reports">{% trans 'Report queue' %} ({{ reports }})</a>
{% if reports > 0 %}</strong>{% endif %}&nbsp;
{% if global_reports > 0 %}<strong>{% endif %}
{% if mod.type != 20 %}<a href="?/reports/global">Global reports ({{global_reports}})</a>{% endif %}
{% if mod.type != constant('MOD') and mod.type != constant('BOARDVOLUNTEER') %}<a href="?/reports/global">Global reports ({{global_reports}})</a>{% endif %}
{% if reports > 0 %}</strong>{% endif %}
</li>
{% endif %}

1
templates/mod/settings.html
View File

@ -55,6 +55,7 @@
</table>
<p style="text-align:center"><a href="?/banners/{{board.uri}}">{% trans %}Edit board banners{% endtrans %}</a></p>
<p style="text-align:center"><a href="?/volunteers/{{board.uri}}">{% trans %}Edit board volunteers{% endtrans %}</a></p>
<table>
<tr><th>{% trans %}Default poster name{% endtrans %}</th><td><input type="text" name="anonymous" value="{{config.anonymous|e}}"></td></tr>