Cool_Tools/vichan
1
0
Fork 0
mirror of https://github.com/vichan-devel/vichan.git synced 2024-11-24 07:30:10 +01:00
Code Releases Wiki Activity

a Fixed delete by IP, plus a bunch of small stuff

Browse Source
This commit is contained in:
Savetheinternet 2011-02-11 23:02:30 +11:00
parent 0346862645
commit c34ea2e3af
5 changed files with 63 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
inc/functions.php
View File

@ -299,7 +299,7 @@
} }
// Delete a post (reply or thread) // Delete a post (reply or thread)
function deletePost($id) { function deletePost($id, $error_if_doesnt_exist=true) {
global $board; global $board;
// Select post and replies (if thread) in one query // Select post and replies (if thread) in one query
@ -308,7 +308,9 @@
$query->execute() or error(db_error($query)); $query->execute() or error(db_error($query));
if($query->rowCount() < 1) { if($query->rowCount() < 1) {
error(ERROR_INVALIDPOST); if($error_if_doesnt_exist)
error(ERROR_INVALIDPOST);
else return false;
} }
// Delete posts and maybe replies // Delete posts and maybe replies
@ -337,6 +339,8 @@
if(isset($rebuild)) { if(isset($rebuild)) {
buildThread($rebuild); buildThread($rebuild);
} }
return true;
} }
function clean() { function clean() {
@ -370,7 +374,7 @@
while($th = $query->fetch()) { while($th = $query->fetch()) {
$thread = new Thread($th['id'], $th['subject'], $th['email'], $th['name'], $th['trip'], $th['body'], $th['time'], $th['thumb'], $th['thumbwidth'], $th['thumbheight'], $th['file'], $th['filewidth'], $th['fileheight'], $th['filesize'], $th['filename'], $th['ip'], $th['sticky'], $th['locked'], $mod ? '?/' : ROOT, $mod); $thread = new Thread($th['id'], $th['subject'], $th['email'], $th['name'], $th['trip'], $th['body'], $th['time'], $th['thumb'], $th['thumbwidth'], $th['thumbheight'], $th['file'], $th['filewidth'], $th['fileheight'], $th['filesize'], $th['filename'], $th['ip'], $th['sticky'], $th['locked'], $mod ? '?/' : ROOT, $mod);
$posts = prepare(sprintf("SELECT `id`, `subject`, `email`, `name`, `trip`, `body`, `time`, `thumb`, `thumbwidth`, `thumbheight`, `file`, `filewidth`, `fileheight`, `filesize`, `filename`,`ip` FROM `posts_%s` WHERE `thread` = ? ORDER BY `time` DESC LIMIT ?", $board['uri'])); $posts = prepare(sprintf("SELECT `id`, `subject`, `email`, `name`, `trip`, `body`, `time`, `thumb`, `thumbwidth`, `thumbheight`, `file`, `filewidth`, `fileheight`, `filesize`, `filename`,`ip` FROM `posts_%s` WHERE `thread` = ? ORDER BY `id` DESC LIMIT ?", $board['uri']));
$posts->bindValue(1, $th['id']); $posts->bindValue(1, $th['id']);
$posts->bindValue(2, THREADS_PREVIEW, PDO::PARAM_INT); $posts->bindValue(2, THREADS_PREVIEW, PDO::PARAM_INT);
$posts->execute() or error(db_error($posts)); $posts->execute() or error(db_error($posts));
@ -859,7 +863,7 @@
switch($type) { switch($type) {
case 'jpg': case 'jpg':
case 'jpeg': case 'jpeg':
if(!$image = imagecreatefromjpeg($source_pic)) { if(!$image = @imagecreatefromjpeg($source_pic)) {
unlink($source_pic); unlink($source_pic);
error(ERR_INVALIDIMG); error(ERR_INVALIDIMG);
} }

12
inc/mod.php
View File

@ -20,7 +20,7 @@
$query = prepare("SELECT `id`,`type` FROM `mods` WHERE `username` = :username AND `password` = :password LIMIT 1"); $query = prepare("SELECT `id`,`type` FROM `mods` WHERE `username` = :username AND `password` = :password LIMIT 1");
$query->bindValue(':username', $username); $query->bindValue(':username', $username);
$query->bindValue(':password', $password); $query->bindValue(':password', $password);
$query->execute(); $query->execute() or error(db_error($query));
if($user = $query->fetch()) { if($user = $query->fetch()) {
return $mod = Array( return $mod = Array(
@ -56,6 +56,16 @@
unset($_SESSION['mod']); unset($_SESSION['mod']);
} }
function modLog($action) {
global $mod;
$query = prepare("INSERT INTO `modlogs` VALUES (:id, :ip, :time, :text)");
$query->bindValue(':id', $mod['id'], PDO::PARAM_INT);
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
$query->bindValue(':time', time(), PDO::PARAM_INT);
$query->bindValue(':text', $action);
$query->execute() or error(db_error($query));
}
if(isset($_COOKIE['mod']) && isset($_SESSION['mod']) && is_array($_SESSION['mod'])) { if(isset($_COOKIE['mod']) && isset($_SESSION['mod']) && is_array($_SESSION['mod'])) {
// Should be username:session hash // Should be username:session hash
$cookie = explode(':', $_COOKIE['mod']); $cookie = explode(':', $_COOKIE['mod']);

7
main.js
View File

@ -6,8 +6,11 @@ function highlightReply(id)
if (divs[i].className.indexOf('post') != -1) if (divs[i].className.indexOf('post') != -1)
divs[i].className = divs[i].className.replace(/highlighted/, ''); divs[i].className = divs[i].className.replace(/highlighted/, '');
} }
if (id) if (id) {
document.getElementById('reply_'+id).className += ' highlighted'; post = document.getElementById('reply_'+id);
if(post)
post.className += ' highlighted';
}
} }
function focusId(id) function focusId(id)
{ {

39
mod.php
View File

@ -43,6 +43,8 @@
if(!login($_POST['username'], $_POST['password'])) if(!login($_POST['username'], $_POST['password']))
loginForm(ERROR_INVALID, $_POST['username']); loginForm(ERROR_INVALID, $_POST['username']);
modLog("Logged in.");
// Login successful // Login successful
// Set cookies // Set cookies
setCookies(); setCookies();
@ -295,6 +297,9 @@
} }
$query->execute() or error(db_error($query)); $query->execute() or error(db_error($query));
// Record the action
modLog("Created a new board: {$b['title']}");
// Open the board // Open the board
openBoard($b['uri']) or error("Couldn't open board after creation."); openBoard($b['uri']) or error("Couldn't open board after creation.");
@ -356,6 +361,10 @@
// Delete post // Delete post
deleteFile($post); deleteFile($post);
// Record the action
modLog("Removed file from post #{$post}");
// Rebuild board // Rebuild board
buildIndex(); buildIndex();
@ -377,6 +386,10 @@
// Delete post // Delete post
deletePost($post); deletePost($post);
// Record the action
modLog("Deleted post #{$post}");
// Rebuild board // Rebuild board
buildIndex(); buildIndex();
@ -399,8 +412,12 @@
$query->bindValue(':id', $post, PDO::PARAM_INT); $query->bindValue(':id', $post, PDO::PARAM_INT);
if($matches[2] == 'un') { if($matches[2] == 'un') {
// Record the action
modLog("Unstickied post #{$post}");
$query->bindValue(':sticky', 0, PDO::PARAM_INT); $query->bindValue(':sticky', 0, PDO::PARAM_INT);
} else { } else {
// Record the action
modLog("Stickied post #{$post}");
$query->bindValue(':sticky', 1, PDO::PARAM_INT); $query->bindValue(':sticky', 1, PDO::PARAM_INT);
} }
@ -429,8 +446,12 @@
$query->bindValue(':id', $post, PDO::PARAM_INT); $query->bindValue(':id', $post, PDO::PARAM_INT);
if($matches[2] == 'un') { if($matches[2] == 'un') {
// Record the action
modLog("Unlocked post #{$post}");
$query->bindValue(':locked', 0, PDO::PARAM_INT); $query->bindValue(':locked', 0, PDO::PARAM_INT);
} else { } else {
// Record the action
modLog("Locked post #{$post}");
$query->bindValue(':locked', 1, PDO::PARAM_INT); $query->bindValue(':locked', 1, PDO::PARAM_INT);
} }
@ -454,10 +475,22 @@
if(!openBoard($boardName)) if(!openBoard($boardName))
error(ERROR_NOBOARD); error(ERROR_NOBOARD);
$query = prepare(sprintf("SELECT `id` FROM `posts_%s` WHERE `ip` = (SELECT `ip` FROM `posts_%s` WHERE `id` = :id)", $board['uri'], $board['uri'])); $query = prepare(sprintf("SELECT `ip` FROM `posts_%s` WHERE `id` = :id", $board['uri']));
$query->bindValue(':id', $post); $query->bindValue(':id', $post);
$query->execute() or error(db_error($query)); $query->execute() or error(db_error($query));
if(!$post = $query->fetch())
error(ERROR_INVALIDPOST);
$ip = $post['ip'];
// Record the action
modLog("Deleted all posts by IP address: #{$ip}");
$query = prepare(sprintf("SELECT `id` FROM `posts_%s` WHERE `ip` = :ip", $board['uri']));
$query->bindValue(':ip', $ip);
$query->execute() or error(db_error($query));
if($query->rowCount() < 1) if($query->rowCount() < 1)
error(ERROR_INVALIDPOST); error(ERROR_INVALIDPOST);
@ -529,6 +562,10 @@
} else { } else {
$query->bindValue(':reason', null, PDO::PARAM_NULL); $query->bindValue(':reason', null, PDO::PARAM_NULL);
} }
// Record the action
modLog("Created a ban for {$_POST['ip']} with reason {$_POST['reason']}");
$query->execute() or error(db_error($query)); $query->execute() or error(db_error($query));
// Delete too // Delete too

2
post.php
View File

@ -221,7 +221,7 @@
if(strlen($post['name']) > 50) error(sprintf(ERROR_TOOLONG, 'name')); if(strlen($post['name']) > 50) error(sprintf(ERROR_TOOLONG, 'name'));
if(strlen($post['email']) > 30) error(sprintf(ERROR_TOOLONG, 'email')); if(strlen($post['email']) > 30) error(sprintf(ERROR_TOOLONG, 'email'));
if(strlen($post['subject']) > 40) error(sprintf(ERROR_TOOLONG, 'subject')); if(strlen($post['subject']) > 40) error(sprintf(ERROR_TOOLONG, 'subject'));
if(strlen($post['body']) > MAX_BODY) error(ERROR_TOOLONGBODY); if(!$mod && strlen($post['body']) > MAX_BODY) error(ERROR_TOOLONGBODY);
if(!(!$OP && $post['has_file']) && strlen($post['body']) < 1) error(ERROR_TOOSHORTBODY); if(!(!$OP && $post['has_file']) && strlen($post['body']) < 1) error(ERROR_TOOSHORTBODY);
if(strlen($post['password']) > 20) error(sprintf(ERROR_TOOLONG, 'password')); if(strlen($post['password']) > 20) error(sprintf(ERROR_TOOLONG, 'password'));