Cool_Tools/vichan
1
0
Fork 0
mirror of https://github.com/vichan-devel/vichan.git synced 2024-12-18 10:25:55 +01:00
Code Releases Wiki Activity

large cleanup

Browse Source
This commit is contained in:
Michael Save 2012-04-12 02:49:22 +10:00
parent 88092e4f9e
commit c9423a2c34
15 changed files with 7150 additions and 7064 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
inc/cache.php
View File

@ -1,5 +1,14 @@
<?php <?php
/*
* Copyright (c) 2010-2012 Tinyboard Development Group
*/
if(realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {
// You cannot request this file directly.
exit;
}
class Cache { class Cache {
private static $cache; private static $cache;
public static function init() { public static function init() {

101
inc/config.php
View File

@ -19,6 +19,8 @@
* *
* More information: http://tinyboard.org/docs/?p=Config * More information: http://tinyboard.org/docs/?p=Config
* *
* Tinyboard documentation: http://tinyboard.org/docs/
*
*/ */
@ -100,8 +102,8 @@
$config['cache']['prefix'] = ''; $config['cache']['prefix'] = '';
// Memcached servers to use - http://www.php.net/manual/en/memcached.addservers.php // Memcached servers to use - http://www.php.net/manual/en/memcached.addservers.php
$config['cache']['memcached'] = Array( $config['cache']['memcached'] = array(
Array('localhost', 11211) array('localhost', 11211)
); );
/* /*
@ -144,13 +146,13 @@
// DNS blacklists (DNSBL) http://tinyboard.org/docs/?p=Config/DNSBL // DNS blacklists (DNSBL) http://tinyboard.org/docs/?p=Config/DNSBL
// http://www.sectoor.de/tor.php // http://www.sectoor.de/tor.php
$config['dnsbl'][] = Array('tor.dnsbl.sectoor.de', 1); // Tor exit servers $config['dnsbl'][] = array('tor.dnsbl.sectoor.de', 1); // Tor exit servers
// http://www.sorbs.net/using.shtml // http://www.sorbs.net/using.shtml
// $config['dnsbl'][] = Array('dnsbl.sorbs.net', Array(2, 3, 4, 5, 6, 7, 8, 9)); // $config['dnsbl'][] = array('dnsbl.sorbs.net', array(2, 3, 4, 5, 6, 7, 8, 9));
// http://www.projecthoneypot.org/httpbl.php // http://www.projecthoneypot.org/httpbl.php
// $config['dnsbl'][] = Array('<your access key>.%.dnsbl.httpbl.org', function($ip) { // $config['dnsbl'][] = array('<your access key>.%.dnsbl.httpbl.org', function($ip) {
// $octets = explode('.', $ip); // $octets = explode('.', $ip);
// //
// // days since last activity // // days since last activity
@ -172,7 +174,7 @@
$config['spam']['hidden_inputs_min'] = 4; $config['spam']['hidden_inputs_min'] = 4;
$config['spam']['hidden_inputs_max'] = 12; $config['spam']['hidden_inputs_max'] = 12;
// These are fields used to confuse the bots. Make sure they aren't actually used by Tinyboard, or it won't work. // These are fields used to confuse the bots. Make sure they aren't actually used by Tinyboard, or it won't work.
$config['spam']['hidden_input_names'] = Array( $config['spam']['hidden_input_names'] = array(
'user', 'user',
'username', 'username',
'login', 'login',
@ -185,7 +187,7 @@
'message' 'message'
); );
// Always update this when adding new valid fields to the post form, or EVERYTHING WILL BE DETECTED AS SPAM! // Always update this when adding new valid fields to the post form, or EVERYTHING WILL BE DETECTED AS SPAM!
$config['spam']['valid_inputs'] = Array( $config['spam']['valid_inputs'] = array(
'hash', 'hash',
'board', 'board',
'thread', 'thread',
@ -208,10 +210,10 @@
// Custom flood filters. Detect flood attacks and reject new posts if there's a positive match. // Custom flood filters. Detect flood attacks and reject new posts if there's a positive match.
// See http://tinyboard.org/wiki/index.php?title=Flood_filters for more information. // See http://tinyboard.org/wiki/index.php?title=Flood_filters for more information.
//$config['flood_filters'][] = Array( //$config['flood_filters'][] = array(
// 'condition' => Array( // 'condition' => array(
// // 100 posts in the past 5 minutes (~20 p/m) // // 100 posts in the past 5 minutes (~20 p/m)
// 'posts_in_past_x_minutes' => Array(100, 5) // 'posts_in_past_x_minutes' => array(100, 5)
// ), // ),
// // Don't allow the user to post // // Don't allow the user to post
// 'action' => 'reject', // 'action' => 'reject',
@ -220,10 +222,10 @@
//); //);
// Another filter // Another filter
//$config['flood_filters'][] = Array( //$config['flood_filters'][] = array(
// 'condition' => Array( // 'condition' => array(
// // 10 new empty threads in the past 2 minutes // // 10 new empty threads in the past 2 minutes
// 'threads_with_no_replies_in_past_x_minutes' => Array(10, 2), // 'threads_with_no_replies_in_past_x_minutes' => array(10, 2),
// // Allow replies, but not new threads (ie. reject topics only). // // Allow replies, but not new threads (ie. reject topics only).
// 'OP' => true // 'OP' => true
// ), // ),
@ -300,10 +302,10 @@
// Wordfilters are used to automatically replace certain words/phrases with something else. // Wordfilters are used to automatically replace certain words/phrases with something else.
// For a normal string replacement: // For a normal string replacement:
// $config['wordfilters'][] = Array('cat', 'dog'); // $config['wordfilters'][] = array('cat', 'dog');
// Advanced raplcement (regular expressions): // Advanced raplcement (regular expressions):
// $config['wordfilters'][] = Array('/cat/', 'dog', true); // 'true' means it's a regular expression // $config['wordfilters'][] = array('/cat/', 'dog', true); // 'true' means it's a regular expression
// Always act as if they had typed "noko" in the email field no mattter what // Always act as if they had typed "noko" in the email field no mattter what
$config['always_noko'] = false; $config['always_noko'] = false;
@ -333,13 +335,13 @@
*/ */
// "Wiki" markup syntax ($config['wiki_markup'] in pervious versions): // "Wiki" markup syntax ($config['wiki_markup'] in pervious versions):
$config['markup'][] = Array("/'''(.+?)'''/", "<strong>\$1</strong>"); $config['markup'][] = array("/'''(.+?)'''/", "<strong>\$1</strong>");
$config['markup'][] = Array("/''(.+?)''/", "<em>\$1</em>"); $config['markup'][] = array("/''(.+?)''/", "<em>\$1</em>");
$config['markup'][] = Array("/\*\*(.+?)\*\*/", "<span class=\"spoiler\">\$1</span>"); $config['markup'][] = array("/\*\*(.+?)\*\*/", "<span class=\"spoiler\">\$1</span>");
$config['markup'][] = Array("/^\s*==(.+?)==\s*$/m", "<span class=\"heading\">\$1</span>"); $config['markup'][] = array("/^\s*==(.+?)==\s*$/m", "<span class=\"heading\">\$1</span>");
// Highlight PHP code wrapped in <code> tags (PHP 5.3.0+) // Highlight PHP code wrapped in <code> tags (PHP 5.3.0+)
// $config['markup'][] = Array( // $config['markup'][] = array(
// '/^&lt;code&gt;(.+)&lt;\/code&gt;/ms', // '/^&lt;code&gt;(.+)&lt;\/code&gt;/ms',
// function($matches) { // function($matches) {
// return highlight_string(html_entity_decode($matches[1]), true); // return highlight_string(html_entity_decode($matches[1]), true);
@ -507,29 +509,29 @@
// $config['uri_stylesheets'] = 'http://static.example.org/stylesheets/'; // $config['uri_stylesheets'] = 'http://static.example.org/stylesheets/';
// The default stylesheet to use // The default stylesheet to use
$config['default_stylesheet'] = Array('Yotsuba B', $config['stylesheets']['Yotsuba B']); $config['default_stylesheet'] = array('Yotsuba B', $config['stylesheets']['Yotsuba B']);
// Boardlinks // Boardlinks
// You can group, order and place the boardlist at the top of every page, using the following template. // You can group, order and place the boardlist at the top of every page, using the following template.
//$config['boards'] = Array( //$config['boards'] = array(
// Array('a', 'b'), // array('a', 'b'),
// Array('c', 'd', 'e', 'f', 'g'), // array('c', 'd', 'e', 'f', 'g'),
// Array('h', 'i', 'j'), // array('h', 'i', 'j'),
// Array('k', Array('l', 'm')), // array('k', array('l', 'm')),
// Array('status' => 'http://status.example.org/') // array('status' => 'http://status.example.org/')
//); //);
// Categories // Categories
// Required for the Categories theme. // Required for the Categories theme.
//$config['categories'] = Array( //$config['categories'] = array(
// 'Group Name' => Array('a', 'b', 'c'), // 'Group Name' => array('a', 'b', 'c'),
// 'Another Group' => Array('d') // 'Another Group' => array('d')
//); //);
// Custom_categories // Custom_categories
// Optional for the Categories theme. Array of name => (title, url) groups for categories with non-board links. // Optional for the Categories theme. array of name => (title, url) groups for categories with non-board links.
//$config['custom_categories'] = Array( //$config['custom_categories'] = array(
// 'Links' => Array( // 'Links' => array(
// 'Tinyboard' => 'http://tinyboard.org', // 'Tinyboard' => 'http://tinyboard.org',
// 'Donate' => 'donate.html' // 'Donate' => 'donate.html'
// ) // )
@ -576,24 +578,24 @@
// Custom embedding (YouTube, vimeo, etc.) // Custom embedding (YouTube, vimeo, etc.)
// It's very important that you match the full string (with ^ and $) or things will not work correctly. // It's very important that you match the full string (with ^ and $) or things will not work correctly.
$config['embedding'] = Array( $config['embedding'] = array(
Array( array(
'/^https?:\/\/(\w+\.)?youtube\.com\/watch\?v=([a-zA-Z0-9\-_]{10,11})(&.+)?$/i', '/^https?:\/\/(\w+\.)?youtube\.com\/watch\?v=([a-zA-Z0-9\-_]{10,11})(&.+)?$/i',
'<object style="float: left;margin: 10px 20px;" width="%%tb_width%%" height="%%tb_height%%"><param name="movie" value="http://www.youtube.com/v/$2?fs=1&amp;hl=en_US"></param><param name="allowFullScreen" value="true"></param><param name="allowscriptaccess" value="always"></param><embed src="http://www.youtube.com/v/$2?fs=1&amp;hl=en_US" type="application/x-shockwave-flash" width="%%tb_width%%" height="%%tb_height%%" allowscriptaccess="always" allowfullscreen="true"></embed></object>' '<object style="float: left;margin: 10px 20px;" width="%%tb_width%%" height="%%tb_height%%"><param name="movie" value="http://www.youtube.com/v/$2?fs=1&amp;hl=en_US"></param><param name="allowFullScreen" value="true"></param><param name="allowscriptaccess" value="always"></param><embed src="http://www.youtube.com/v/$2?fs=1&amp;hl=en_US" type="application/x-shockwave-flash" width="%%tb_width%%" height="%%tb_height%%" allowscriptaccess="always" allowfullscreen="true"></embed></object>'
), ),
Array( array(
'/^https?:\/\/(\w+\.)?vimeo\.com\/(\d{2,10})(\?.+)?$/i', '/^https?:\/\/(\w+\.)?vimeo\.com\/(\d{2,10})(\?.+)?$/i',
'<object style="float: left;margin: 10px 20px;" width="%%tb_width%%" height="%%tb_height%%"><param name="allowfullscreen" value="true" /><param name="allowscriptaccess" value="always" /><param name="movie" value="http://vimeo.com/moogaloop.swf?clip_id=$2&amp;server=vimeo.com&amp;show_title=0&amp;show_byline=0&amp;show_portrait=0&amp;color=00adef&amp;fullscreen=1&amp;autoplay=0&amp;loop=0" /><embed src="http://vimeo.com/moogaloop.swf?clip_id=$2&amp;server=vimeo.com&amp;show_title=0&amp;show_byline=0&amp;show_portrait=0&amp;color=00adef&amp;fullscreen=1&amp;autoplay=0&amp;loop=0" type="application/x-shockwave-flash" allowfullscreen="true" allowscriptaccess="always" width="%%tb_width%%" height="%%tb_height%%"></embed></object>' '<object style="float: left;margin: 10px 20px;" width="%%tb_width%%" height="%%tb_height%%"><param name="allowfullscreen" value="true" /><param name="allowscriptaccess" value="always" /><param name="movie" value="http://vimeo.com/moogaloop.swf?clip_id=$2&amp;server=vimeo.com&amp;show_title=0&amp;show_byline=0&amp;show_portrait=0&amp;color=00adef&amp;fullscreen=1&amp;autoplay=0&amp;loop=0" /><embed src="http://vimeo.com/moogaloop.swf?clip_id=$2&amp;server=vimeo.com&amp;show_title=0&amp;show_byline=0&amp;show_portrait=0&amp;color=00adef&amp;fullscreen=1&amp;autoplay=0&amp;loop=0" type="application/x-shockwave-flash" allowfullscreen="true" allowscriptaccess="always" width="%%tb_width%%" height="%%tb_height%%"></embed></object>'
), ),
Array( array(
'/^https?:\/\/(\w+\.)?dailymotion\.com\/video\/([a-zA-Z0-9]{2,10})(_.+)?$/i', '/^https?:\/\/(\w+\.)?dailymotion\.com\/video\/([a-zA-Z0-9]{2,10})(_.+)?$/i',
'<object style="float: left;margin: 10px 20px;" width="%%tb_width%%" height="%%tb_height%%"><param name="movie" value="http://www.dailymotion.com/swf/video/$2"></param><param name="allowFullScreen" value="true"></param><param name="allowScriptAccess" value="always"></param><param name="wmode" value="transparent"></param><embed type="application/x-shockwave-flash" src="http://www.dailymotion.com/swf/video/$2" width="%%tb_width%%" height="%%tb_height%%" wmode="transparent" allowfullscreen="true" allowscriptaccess="always"></embed></object>' '<object style="float: left;margin: 10px 20px;" width="%%tb_width%%" height="%%tb_height%%"><param name="movie" value="http://www.dailymotion.com/swf/video/$2"></param><param name="allowFullScreen" value="true"></param><param name="allowScriptAccess" value="always"></param><param name="wmode" value="transparent"></param><embed type="application/x-shockwave-flash" src="http://www.dailymotion.com/swf/video/$2" width="%%tb_width%%" height="%%tb_height%%" wmode="transparent" allowfullscreen="true" allowscriptaccess="always"></embed></object>'
), ),
Array( array(
'/^https?:\/\/(\w+\.)?metacafe\.com\/watch\/(\d+)\/([a-zA-Z0-9_\-.]+)\/(\?.+)?$/i', '/^https?:\/\/(\w+\.)?metacafe\.com\/watch\/(\d+)\/([a-zA-Z0-9_\-.]+)\/(\?.+)?$/i',
'<div style="float:left;margin:10px 20px;width:%%tb_width%%px;height:%%tb_height%%px"><embed flashVars="playerVars=showStats=no|autoPlay=no" src="http://www.metacafe.com/fplayer/$2/$3.swf" width="%%tb_width%%" height="%%tb_height%%" wmode="transparent" allowFullScreen="true" allowScriptAccess="always" name="Metacafe_$2" pluginspage="http://www.macromedia.com/go/getflashplayer" type="application/x-shockwave-flash"></embed></div>' '<div style="float:left;margin:10px 20px;width:%%tb_width%%px;height:%%tb_height%%px"><embed flashVars="playerVars=showStats=no|autoPlay=no" src="http://www.metacafe.com/fplayer/$2/$3.swf" width="%%tb_width%%" height="%%tb_height%%" wmode="transparent" allowFullScreen="true" allowScriptAccess="always" name="Metacafe_$2" pluginspage="http://www.macromedia.com/go/getflashplayer" type="application/x-shockwave-flash"></embed></div>'
), ),
Array( array(
'/^https?:\/\/video\.google\.com\/videoplay\?docid=(\d+)([&#](.+)?)?$/i', '/^https?:\/\/video\.google\.com\/videoplay\?docid=(\d+)([&#](.+)?)?$/i',
'<embed src="http://video.google.com/googleplayer.swf?docid=$1&hl=en&fs=true" style="width:%%tb_width%%px;height:%%tb_height%%px;float:left;margin:10px 20px" allowFullScreen="true" allowScriptAccess="always" type="application/x-shockwave-flash"></embed>' '<embed src="http://video.google.com/googleplayer.swf?docid=$1&hl=en&fs=true" style="width:%%tb_width%%px;height:%%tb_height%%px;float:left;margin:10px 20px" allowFullScreen="true" allowScriptAccess="always" type="application/x-shockwave-flash"></embed>'
) )
@ -767,14 +769,14 @@
//$config['custom_capcode']['Custom'] ='<a class="capcode" style="color:lightgreen;font-style:italic;font-weight:bold"> ## %s</a>'; //$config['custom_capcode']['Custom'] ='<a class="capcode" style="color:lightgreen;font-style:italic;font-weight:bold"> ## %s</a>';
// "## Mod" makes everything purple, including the name and tripcode // "## Mod" makes everything purple, including the name and tripcode
//$config['custom_capcode']['Mod'] = Array( //$config['custom_capcode']['Mod'] = array(
// '<a class="capcode" style="color:purple"> ## %s</a>', // '<a class="capcode" style="color:purple"> ## %s</a>',
// 'color:purple', // Change name style; optional // 'color:purple', // Change name style; optional
// 'color:purple' // Change tripcode style; optional // 'color:purple' // Change tripcode style; optional
//); //);
// "## Admin" makes everything red and bold, including the name and tripcode // "## Admin" makes everything red and bold, including the name and tripcode
//$config['custom_capcode']['Admin'] = Array( //$config['custom_capcode']['Admin'] = array(
// '<a class="capcode" style="color:red;font-weight:bold"> ## %s</a>', // '<a class="capcode" style="color:red;font-weight:bold"> ## %s</a>',
// 'color:red;font-weight:bold', // Change name style; optional // 'color:red;font-weight:bold', // Change name style; optional
// 'color:red;font-weight:bold' // Change tripcode style; optional // 'color:red;font-weight:bold' // Change tripcode style; optional
@ -996,18 +998,18 @@
// If you use Varnish, Squid, or any similar caching reverse-proxy in front of Tinyboard, // If you use Varnish, Squid, or any similar caching reverse-proxy in front of Tinyboard,
// you can configure Tinyboard to PURGE files when they're written to // you can configure Tinyboard to PURGE files when they're written to
//$config['purge'] = Array( //$config['purge'] = array(
// Array('127.0.0.1', 80) // array('127.0.0.1', 80)
// Array('127.0.0.1', 80, 'example.org') // array('127.0.0.1', 80, 'example.org')
//); //);
// Connection timeout, in seconds // Connection timeout, in seconds
$config['purge_timeout'] = 3; $config['purge_timeout'] = 3;
// Remote servers // Remote servers
// http://tinyboard.org/wiki/index.php?title=Multiple_Servers // http://tinyboard.org/wiki/index.php?title=Multiple_Servers
//$config['remote']['static'] = Array( //$config['remote']['static'] = array(
// 'host' => 'static.example.org', // 'host' => 'static.example.org',
// 'auth' => Array( // 'auth' => array(
// 'method' => 'plain', // 'method' => 'plain',
// 'username' => 'username', // 'username' => 'username',
// 'password' => 'password!123' // 'password' => 'password!123'
@ -1020,10 +1022,3 @@
// INSANE regular expression for IPv6 addresses // INSANE regular expression for IPv6 addresses
$config['ipv6_regex'] = '((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:)))(%.+)?'; $config['ipv6_regex'] = '((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:)))(%.+)?';
if($_SERVER['SCRIPT_FILENAME'] == str_replace('\\', '/', __FILE__)) {
// You cannot request this file directly.
header('Location: ../', true, 302);
exit;
}
?>

38
inc/database.php
View File

@ -1,11 +1,15 @@
<?php <?php
if($_SERVER['SCRIPT_FILENAME'] == str_replace('\\', '/', __FILE__)) {
// You cannot request this file directly.
header('Location: ../', true, 302);
exit;
}
class PreparedQueryDebug { /*
* Copyright (c) 2010-2012 Tinyboard Development Group
*/
if(realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {
// You cannot request this file directly.
exit;
}
class PreparedQueryDebug {
protected $query; protected $query;
public function __construct($query) { public function __construct($query) {
@ -21,7 +25,7 @@
$start = microtime(true); $start = microtime(true);
} }
$return = call_user_func_array(Array($this->query, $function), $args); $return = call_user_func_array(array($this->query, $function), $args);
if($config['debug'] && $function == 'execute') { if($config['debug'] && $function == 'execute') {
$time = round((microtime(true) - $start) * 1000, 2) . 'ms'; $time = round((microtime(true) - $start) * 1000, 2) . 'ms';
@ -35,9 +39,9 @@
return $return; return $return;
} }
} }
function sql_open() { function sql_open() {
global $pdo, $config; global $pdo, $config;
if($pdo) return true; if($pdo) return true;
@ -60,9 +64,9 @@
// Print error // Print error
error('Database error: ' . $message); error('Database error: ' . $message);
} }
} }
function prepare($query) { function prepare($query) {
global $pdo, $debug, $config; global $pdo, $debug, $config;
sql_open(); sql_open();
@ -70,9 +74,9 @@
if($config['debug']) if($config['debug'])
return new PreparedQueryDebug($query); return new PreparedQueryDebug($query);
return $pdo->prepare($query); return $pdo->prepare($query);
} }
function query($query) { function query($query) {
global $pdo, $debug, $config; global $pdo, $debug, $config;
sql_open(); sql_open();
@ -92,9 +96,9 @@
} else { } else {
return $pdo->query($query); return $pdo->query($query);
} }
} }
function db_error($PDOStatement=null) { function db_error($PDOStatement=null) {
global $pdo; global $pdo;
if(isset($PDOStatement)) { if(isset($PDOStatement)) {
$err = $PDOStatement->errorInfo(); $err = $PDOStatement->errorInfo();
@ -103,5 +107,5 @@
$err = $pdo->errorInfo(); $err = $pdo->errorInfo();
return $err[2]; return $err[2];
} }
} }
?>

74
inc/display.php
View File

@ -1,31 +1,25 @@
<?php <?php
if($_SERVER['SCRIPT_FILENAME'] == str_replace('\\', '/', __FILE__)) {
// You cannot request this file directly.
header('Location: ../', true, 302);
exit;
}
/* /*
Stuff to help with the display. * Copyright (c) 2010-2012 Tinyboard Development Group
*/ */
if(realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {
// You cannot request this file directly.
exit;
}
/* /*
joaoptm78@gmail.com joaoptm78@gmail.com
http://www.php.net/manual/en/function.filesize.php#100097 http://www.php.net/manual/en/function.filesize.php#100097
*/ */
function format_bytes($size) { function format_bytes($size) {
$units = array(' B', ' KB', ' MB', ' GB', ' TB'); $units = array(' B', ' KB', ' MB', ' GB', ' TB');
for ($i = 0; $size >= 1024 && $i < 4; $i++) $size /= 1024; for ($i = 0; $size >= 1024 && $i < 4; $i++) $size /= 1024;
return round($size, 2).$units[$i]; return round($size, 2).$units[$i];
} }
function commaize($n) { function doBoardListPart($list, $root) {
$n = strval($n);
return (intval($n) < 1000) ? $n : commaize(substr($n, 0, -3)) . ',' . substr($n, -3);
}
function doBoardListPart($list, $root) {
global $config; global $config;
$body = ''; $body = '';
@ -43,9 +37,9 @@
$body = preg_replace('/\/$/', '', $body); $body = preg_replace('/\/$/', '', $body);
return $body; return $body;
} }
function createBoardlist($mod=false) { function createBoardlist($mod=false) {
global $config; global $config;
if(!isset($config['boards'])) return Array('top'=>'','bottom'=>''); if(!isset($config['boards'])) return Array('top'=>'','bottom'=>'');
@ -60,9 +54,9 @@
'top' => '<div class="boardlist">' . $body . '</div>', 'top' => '<div class="boardlist">' . $body . '</div>',
'bottom' => '<div class="boardlist bottom">' . $body . '</div>' 'bottom' => '<div class="boardlist bottom">' . $body . '</div>'
); );
} }
function error($message, $priority = true) { function error($message, $priority = true) {
global $board, $mod, $config; global $board, $mod, $config;
if($config['syslog'] && $priority !== false) { if($config['syslog'] && $priority !== false) {
@ -87,9 +81,9 @@
$board['dir'] . $config['file_index'] . "\">Go back</a>.</p>" : '') . $board['dir'] . $config['file_index'] . "\">Go back</a>.</p>" : '') .
'</center>' '</center>'
))); )));
} }
function loginForm($error=false, $username=false, $redirect=false) { function loginForm($error=false, $username=false, $redirect=false) {
global $config; global $config;
die(Element('page.html', Array( die(Element('page.html', Array(
@ -104,9 +98,9 @@
) )
) )
))); )));
} }
function pm_snippet($body, $len=null) { function pm_snippet($body, $len=null) {
global $config; global $config;
if(!isset($len)) if(!isset($len))
@ -128,9 +122,9 @@
// Re-escape the characters. // Re-escape the characters.
return '<em>' . utf8tohtml($body) . ($strlen > $len ? '&hellip;' : '') . '</em>'; return '<em>' . utf8tohtml($body) . ($strlen > $len ? '&hellip;' : '') . '</em>';
} }
function capcode($cap) { function capcode($cap) {
global $config; global $config;
if(!$cap) if(!$cap)
@ -152,9 +146,9 @@
} }
return $capcode; return $capcode;
} }
function truncate($body, $url, $max_lines = false, $max_chars = false) { function truncate($body, $url, $max_lines = false, $max_chars = false) {
global $config; global $config;
if($max_lines === false) if($max_lines === false)
@ -209,20 +203,21 @@
} }
return $body; return $body;
} }
function confirmLink($text, $title, $confirm, $href) { function confirmLink($text, $title, $confirm, $href) {
global $config, $mod; global $config, $mod;
if($config['mod']['server-side_confirm']) if($config['mod']['server-side_confirm'])
return '<a onclick="if(confirm(\'' . htmlentities(addslashes($confirm)) . '\')) document.location=\'?/' . htmlentities(addslashes($href)) . '\';return false;" title="' . htmlentities($title) . '" href="?/confirm/' . $href . '">' . $text . '</a>'; return '<a onclick="if(confirm(\'' . htmlentities(addslashes($confirm)) . '\')) document.location=\'?/' . htmlentities(addslashes($href)) . '\';return false;" title="' . htmlentities($title) . '" href="?/confirm/' . $href . '">' . $text . '</a>';
else else
return '<a onclick="return confirm(\'' . htmlentities(addslashes($confirm)) . '\')" title="' . htmlentities($title) . '" href="?/' . $href . '">' . $text . '</a>'; return '<a onclick="return confirm(\'' . htmlentities(addslashes($confirm)) . '\')" title="' . htmlentities($title) . '" href="?/' . $href . '">' . $text . '</a>';
} }
class Post { class Post {
public function __construct($id, $thread, $subject, $email, $name, $trip, $capcode, $body, $time, $thumb, $thumbx, $thumby, $file, $filex, $filey, $filesize, $filename, $ip, $embed, $root=null, $mod=false) { public function __construct($id, $thread, $subject, $email, $name, $trip, $capcode, $body, $time, $thumb, $thumbx, $thumby, $file, $filex, $filey, $filesize, $filename, $ip, $embed, $root=null, $mod=false) {
global $config; global $config;
if(!isset($root)) $root = &$config['root']; if(!isset($root))
$root = &$config['root'];
$this->id = $id; $this->id = $id;
$this->thread = $thread; $this->thread = $thread;
@ -306,12 +301,13 @@
return Element('post_reply.html', Array('config' => $config, 'board' => $board, 'post' => &$this, 'index' => $index)); return Element('post_reply.html', Array('config' => $config, 'board' => $board, 'post' => &$this, 'index' => $index));
} }
}; };
class Thread { class Thread {
public function __construct($id, $subject, $email, $name, $trip, $capcode, $body, $time, $thumb, $thumbx, $thumby, $file, $filex, $filey, $filesize, $filename, $ip, $sticky, $locked, $bumplocked, $embed, $root=null, $mod=false, $hr=true) { public function __construct($id, $subject, $email, $name, $trip, $capcode, $body, $time, $thumb, $thumbx, $thumby, $file, $filex, $filey, $filesize, $filename, $ip, $sticky, $locked, $bumplocked, $embed, $root=null, $mod=false, $hr=true) {
global $config; global $config;
if(!isset($root)) $root = &$config['root']; if(!isset($root))
$root = &$config['root'];
$this->id = $id; $this->id = $id;
$this->subject = utf8tohtml($subject); $this->subject = utf8tohtml($subject);
@ -441,5 +437,5 @@
return 'thread_' . ($index ? 'index_' : '') . $board['uri'] . '_' . $this->id; return 'thread_' . ($index ? 'index_' : '') . $board['uri'] . '_' . $this->id;
} }
}; };
?>

9
inc/events.php
View File

@ -1,5 +1,14 @@
<?php <?php
/*
* Copyright (c) 2010-2012 Tinyboard Development Group
*/
if(realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {
// You cannot request this file directly.
exit;
}
function event() { function event() {
global $events; global $events;

9
inc/filters.php
View File

@ -1,5 +1,14 @@
<?php <?php
/*
* Copyright (c) 2010-2012 Tinyboard Development Group
*/
if(realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {
// You cannot request this file directly.
exit;
}
class Filter { class Filter {
private $condition; private $condition;

419
inc/functions.php
View File

File diff suppressed because it is too large Load Diff

87
inc/image.php
View File

@ -1,11 +1,15 @@
<?php <?php
if($_SERVER['SCRIPT_FILENAME'] == str_replace('\\', '/', __FILE__)) {
// You cannot request this file directly.
header('Location: ../', true, 302);
exit;
}
class Image { /*
* Copyright (c) 2010-2012 Tinyboard Development Group
*/
if(realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {
// You cannot request this file directly.
exit;
}
class Image {
public $src, $format, $image, $size; public $src, $format, $image, $size;
public function __construct($src, $format = false) { public function __construct($src, $format = false) {
global $config; global $config;
@ -84,9 +88,9 @@
public function destroy() { public function destroy() {
$this->image->_destroy(); $this->image->_destroy();
} }
} }
class ImageGD { class ImageGD {
public function GD_create() { public function GD_create() {
$this->image = imagecreatetruecolor($this->width, $this->height); $this->image = imagecreatetruecolor($this->width, $this->height);
} }
@ -97,9 +101,9 @@
$this->GD_create(); $this->GD_create();
$this->GD_copyresampled(); $this->GD_copyresampled();
} }
} }
class ImageBase extends ImageGD { class ImageBase extends ImageGD {
public $image, $src, $original, $original_width, $original_height, $width, $height; public $image, $src, $original, $original_width, $original_height, $width, $height;
public function valid() { public function valid() {
return (bool)$this->image; return (bool)$this->image;
@ -144,9 +148,9 @@
// use default GD functions // use default GD functions
$this->GD_resize(); $this->GD_resize();
} }
} }
class ImageImagick extends ImageBase { class ImageImagick extends ImageBase {
public function init() { public function init() {
$this->image = new Imagick(); $this->image = new Imagick();
$this->image->setBackgroundColor(new ImagickPixel('transparent')); $this->image->setBackgroundColor(new ImagickPixel('transparent'));
@ -207,10 +211,10 @@
$this->image->scaleImage($this->width, $this->height, false); $this->image->scaleImage($this->width, $this->height, false);
} }
} }
} }
class ImageConvert extends ImageBase { class ImageConvert extends ImageBase {
public $width, $height, $temp; public $width, $height, $temp;
public function init() { public function init() {
@ -264,9 +268,9 @@
if(shell_exec("convert -flatten -filter Point -scale {$this->width}x{$this->height} +antialias -quality {$quality} " . escapeshellarg($this->src . '[0]') . " " . escapeshellarg($this->temp)) || !file_exists($this->temp)) if(shell_exec("convert -flatten -filter Point -scale {$this->width}x{$this->height} +antialias -quality {$quality} " . escapeshellarg($this->src . '[0]') . " " . escapeshellarg($this->temp)) || !file_exists($this->temp))
error('Failed to resize image!'); error('Failed to resize image!');
} }
} }
class ImagePNG extends ImageBase { class ImagePNG extends ImageBase {
public function from() { public function from() {
$this->image = @imagecreatefrompng($this->src); $this->image = @imagecreatefrompng($this->src);
} }
@ -281,9 +285,9 @@
imagealphablending($this->image, false); imagealphablending($this->image, false);
$this->GD_copyresampled(); $this->GD_copyresampled();
} }
} }
class ImageGIF extends ImageBase { class ImageGIF extends ImageBase {
public function from() { public function from() {
$this->image = @imagecreatefromgif($this->src); $this->image = @imagecreatefromgif($this->src);
} }
@ -296,38 +300,38 @@
imagesavealpha($this->image, true); imagesavealpha($this->image, true);
$this->GD_copyresampled(); $this->GD_copyresampled();
} }
} }
class ImageJPG extends ImageBase { class ImageJPG extends ImageBase {
public function from() { public function from() {
$this->image = @imagecreatefromjpeg($this->src); $this->image = @imagecreatefromjpeg($this->src);
} }
public function to($src) { public function to($src) {
imagejpeg($this->image, $src); imagejpeg($this->image, $src);
} }
} }
class ImageJPEG extends ImageJPG { class ImageJPEG extends ImageJPG {
} }
class ImageBMP extends ImageBase { class ImageBMP extends ImageBase {
public function from() { public function from() {
$this->image = @imagecreatefrombmp($this->src); $this->image = @imagecreatefrombmp($this->src);
} }
public function to($src) { public function to($src) {
imagebmp($this->image, $src); imagebmp($this->image, $src);
} }
} }
/*********************************************/ /*********************************************/
/* Fonction: imagecreatefrombmp */ /* Fonction: imagecreatefrombmp */
/* Author: DHKold */ /* Author: DHKold */
/* Contact: admin@dhkold.com */ /* Contact: admin@dhkold.com */
/* Date: The 15th of June 2005 */ /* Date: The 15th of June 2005 */
/* Version: 2.0B */ /* Version: 2.0B */
/*********************************************/ /*********************************************/
function imagecreatefrombmp($filename) { function imagecreatefrombmp($filename) {
if (! $f1 = fopen($filename,"rb")) return FALSE; if (! $f1 = fopen($filename,"rb")) return FALSE;
$FILE = unpack("vfile_type/Vfile_size/Vreserved/Vbitmap_offset", fread($f1,14)); $FILE = unpack("vfile_type/Vfile_size/Vreserved/Vbitmap_offset", fread($f1,14));
if ($FILE['file_type'] != 19778) return FALSE; if ($FILE['file_type'] != 19778) return FALSE;
@ -403,9 +407,9 @@
fclose($f1); fclose($f1);
return $res; return $res;
} }
function imagebmp(&$img, $filename='') { function imagebmp(&$img, $filename='') {
$widthOrig = imagesx($img); $widthOrig = imagesx($img);
$widthFloor = ((floor($widthOrig/16))*16); $widthFloor = ((floor($widthOrig/16))*16);
$widthCeil = ((ceil($widthOrig/16))*16); $widthCeil = ((ceil($widthOrig/16))*16);
@ -476,13 +480,12 @@
fwrite($file, $result); fwrite($file, $result);
fclose($file); fclose($file);
} }
} }
// imagebmp helpers // imagebmp helpers
function int_to_dword($n) { function int_to_dword($n) {
return chr($n & 255).chr(($n >> 8) & 255).chr(($n >> 16) & 255).chr(($n >> 24) & 255); return chr($n & 255).chr(($n >> 8) & 255).chr(($n >> 16) & 255).chr(($n >> 24) & 255);
} }
function int_to_word($n) { function int_to_word($n) {
return chr($n & 255).chr(($n >> 8) & 255); return chr($n & 255).chr(($n >> 8) & 255);
} }
?>

66
inc/mod.php
View File

@ -1,12 +1,16 @@
<?php <?php
if($_SERVER['SCRIPT_FILENAME'] == str_replace('\\', '/', __FILE__)) {
// You cannot request this file directly.
header('Location: ../', true, 302);
exit;
}
// create a hash/salt pair for validate logins /*
function mkhash($username, $password, $salt = false) { * Copyright (c) 2010-2012 Tinyboard Development Group
*/
if(realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {
// You cannot request this file directly.
exit;
}
// create a hash/salt pair for validate logins
function mkhash($username, $password, $salt = false) {
global $config; global $config;
if(!$salt) { if(!$salt) {
@ -23,9 +27,9 @@
return Array($hash, $salt); return Array($hash, $salt);
else else
return $hash; return $hash;
} }
function login($username, $password, $makehash=true) { function login($username, $password, $makehash=true) {
global $mod; global $mod;
// SHA1 password // SHA1 password
@ -47,9 +51,9 @@
'boards' => explode(',', $user['boards']) 'boards' => explode(',', $user['boards'])
); );
} else return false; } else return false;
} }
function setCookies() { function setCookies() {
global $mod, $config; global $mod, $config;
if(!$mod) if(!$mod)
error('setCookies() was called for a non-moderator!'); error('setCookies() was called for a non-moderator!');
@ -61,15 +65,15 @@
':' . ':' .
$mod['hash'][1], // salt $mod['hash'][1], // salt
time() + $config['cookies']['expire'], $config['cookies']['jail'] ? $config['cookies']['path'] : '/', null, false, true); time() + $config['cookies']['expire'], $config['cookies']['jail'] ? $config['cookies']['path'] : '/', null, false, true);
} }
function destroyCookies() { function destroyCookies() {
global $config; global $config;
// Delete the cookies // Delete the cookies
setcookie($config['cookies']['mod'], 'deleted', time() - $config['cookies']['expire'], $config['cookies']['jail']?$config['cookies']['path'] : '/', null, false, true); setcookie($config['cookies']['mod'], 'deleted', time() - $config['cookies']['expire'], $config['cookies']['jail']?$config['cookies']['path'] : '/', null, false, true);
} }
function create_pm_header() { function create_pm_header() {
global $mod; global $mod;
$query = prepare("SELECT `id` FROM `pms` WHERE `to` = :id AND `unread` = 1"); $query = prepare("SELECT `id` FROM `pms` WHERE `to` = :id AND `unread` = 1");
$query->bindValue(':id', $mod['id'], PDO::PARAM_INT); $query->bindValue(':id', $mod['id'], PDO::PARAM_INT);
@ -80,9 +84,9 @@
} }
return false; return false;
} }
function modLog($action, $_board=null) { function modLog($action, $_board=null) {
global $mod, $board, $config; global $mod, $board, $config;
$query = prepare("INSERT INTO `modlogs` VALUES (:id, :ip, :board, :time, :text)"); $query = prepare("INSERT INTO `modlogs` VALUES (:id, :ip, :board, :time, :text)");
$query->bindValue(':id', $mod['id'], PDO::PARAM_INT); $query->bindValue(':id', $mod['id'], PDO::PARAM_INT);
@ -99,11 +103,11 @@
if($config['syslog']) if($config['syslog'])
_syslog(LOG_INFO, '[mod/' . $mod['username'] . ']: ' . $action); _syslog(LOG_INFO, '[mod/' . $mod['username'] . ']: ' . $action);
} }
// Generates a <ul> element with a list of linked // Generates a <ul> element with a list of linked
// boards and their subtitles. (without the <ul> opening and ending tags) // boards and their subtitles. (without the <ul> opening and ending tags)
function ulBoards() { function ulBoards() {
global $mod, $config; global $mod, $config;
$body = ''; $body = '';
@ -129,9 +133,9 @@
$body .= '<li style="margin-top:15px;"><a href="?/new"><strong>' . _('Create new board') . '</strong></a></li>'; $body .= '<li style="margin-top:15px;"><a href="?/new"><strong>' . _('Create new board') . '</strong></a></li>';
} }
return $body; return $body;
} }
function form_newBan($ip=null, $reason='', $continue=false, $delete=false, $board=false, $allow_public = false) { function form_newBan($ip=null, $reason='', $continue=false, $delete=false, $board=false, $allow_public = false) {
global $config, $mod; global $config, $mod;
$boards = listBoards(); $boards = listBoards();
@ -205,9 +209,9 @@
'</table>' . '</table>' .
'</form>' . '</form>' .
'</fieldset>'; '</fieldset>';
} }
function form_newBoard() { function form_newBoard() {
return '<fieldset><legend>New board</legend>' . return '<fieldset><legend>New board</legend>' .
'<form action="?/new" method="post">' . '<form action="?/new" method="post">' .
'<table>' . '<table>' .
@ -233,10 +237,10 @@
'</table>' . '</table>' .
'</form>' . '</form>' .
'</fieldset>'; '</fieldset>';
} }
function removeBan($id) { function removeBan($id) {
global $config, $memcached; global $config, $memcached;
$query = prepare("DELETE FROM `bans` WHERE `id` = :id"); $query = prepare("DELETE FROM `bans` WHERE `id` = :id");
@ -248,12 +252,12 @@
// TODO // TODO
// $memcached->delete("ban_{$id}"); // $memcached->delete("ban_{$id}");
//} //}
} }
// Validate session // Validate session
if(isset($_COOKIE[$config['cookies']['mod']])) { if(isset($_COOKIE[$config['cookies']['mod']])) {
// Should be username:hash:salt // Should be username:hash:salt
$cookie = explode(':', $_COOKIE[$config['cookies']['mod']]); $cookie = explode(':', $_COOKIE[$config['cookies']['mod']]);
if(count($cookie) != 3) { if(count($cookie) != 3) {
@ -279,5 +283,5 @@
'username' => $cookie[0], 'username' => $cookie[0],
'boards' => explode(',', $user['boards']) 'boards' => explode(',', $user['boards'])
); );
} }

16
inc/remote.php
View File

@ -1,5 +1,15 @@
<?php <?php
class Remote {
/*
* Copyright (c) 2010-2012 Tinyboard Development Group
*/
if(realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {
// You cannot request this file directly.
exit;
}
class Remote {
public function __construct($config) { public function __construct($config) {
foreach($config as $name => $value) { foreach($config as $name => $value) {
$this->{$name} = $value; $this->{$name} = $value;
@ -53,5 +63,5 @@
error('Unknown send method.'); error('Unknown send method.');
} }
} }
}; };
?>

53
inc/template.php
View File

@ -1,9 +1,18 @@
<?php <?php
if($_SERVER['SCRIPT_FILENAME'] == str_replace('\\', '/', __FILE__)) {
/*
* Copyright (c) 2010-2012 Tinyboard Development Group
*/
if(realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {
// You cannot request this file directly. // You cannot request this file directly.
header('Location: ../', true, 302);
exit; exit;
} }
$twig = false;
function load_twig() {
global $twig, $config;
require 'lib/Twig/Autoloader.php'; require 'lib/Twig/Autoloader.php';
Twig_Autoloader::register(); Twig_Autoloader::register();
@ -14,9 +23,21 @@
Twig_Autoloader::autoload('Twig_Extensions_Extension_Tinyboard'); Twig_Autoloader::autoload('Twig_Extensions_Extension_Tinyboard');
$loader = new Twig_Loader_Filesystem($config['dir']['template']); $loader = new Twig_Loader_Filesystem($config['dir']['template']);
$loader->setPaths($config['dir']['template']);
$twig = new Twig_Environment($loader, Array(
'autoescape' => false,
'cache' => "{$config['dir']['template']}/cache",
'debug' => ($config['debug'] ? true : false),
));
$twig->addExtension(new Twig_Extensions_Extension_Tinyboard());
$twig->addExtension(new Twig_Extensions_Extension_I18n());
}
function Element($templateFile, array $options) { function Element($templateFile, array $options) {
global $config, $debug, $loader; global $config, $debug, $twig;
if(!$twig)
load_twig();
if(function_exists('create_pm_header') && ((isset($options['mod']) && $options['mod']) || isset($options['__mod']))) { if(function_exists('create_pm_header') && ((isset($options['mod']) && $options['mod']) || isset($options['__mod']))) {
$options['pm'] = create_pm_header(); $options['pm'] = create_pm_header();
@ -26,21 +47,15 @@
if(isset($debug['start'])) { if(isset($debug['start'])) {
$debug['time'] = '~' . round((microtime(true) - $debug['start']) * 1000, 2) . 'ms'; $debug['time'] = '~' . round((microtime(true) - $debug['start']) * 1000, 2) . 'ms';
unset($debug['start']); unset($debug['start']);
} }
$options['body'] .= '<h3>Debug</h3><pre style="white-space: pre-wrap;font-size: 10px;">' . str_replace("\n", '<br/>', utf8tohtml(print_r($debug, true))) . '</pre>'; $debug['included'] = get_included_files();
$debug['memory'] = round(memory_get_usage(true) / (1024 * 1024), 2) . ' MiB';
$options['body'] .=
'<h3>Debug</h3><pre style="white-space: pre-wrap;font-size: 10px;">' .
str_replace("\n", '<br/>', utf8tohtml(print_r($debug, true))) .
'</pre>';
} }
$loader->setPaths($config['dir']['template']);
$twig = new Twig_Environment($loader, Array(
'autoescape' => false,
'cache' => "{$config['dir']['template']}/cache",
'debug' => ($config['debug'] ? true : false),
));
$twig->addExtension(new Twig_Extensions_Extension_Tinyboard());
$twig->addExtension(new Twig_Extensions_Extension_I18n());
// Read the template file // Read the template file
if(@file_get_contents("{$config['dir']['template']}/${templateFile}")) { if(@file_get_contents("{$config['dir']['template']}/${templateFile}")) {
$body = $twig->render($templateFile, $options); $body = $twig->render($templateFile, $options);
@ -53,5 +68,5 @@
} else { } else {
throw new Exception("Template file '${templateFile}' does not exist or is empty in '{$config['dir']['template']}'!"); throw new Exception("Template file '${templateFile}' does not exist or is empty in '{$config['dir']['template']}'!");
} }
} }
?>

10
inc/user.php
View File

@ -1,10 +0,0 @@
<?php
if($_SERVER['SCRIPT_FILENAME'] == str_replace('\\', '/', __FILE__)) {
// You cannot request this file directly.
header('Location: ../', true, 302);
exit;
}
// 'false' means that the user is not logged in as a moderator
$mod = false;

58
install.php
View File

@ -1,24 +1,22 @@
<?php <?php
// Installation/upgrade file
define('VERSION', 'v0.9.6-dev-1');
require 'inc/functions.php'; // Installation/upgrade file
require 'inc/display.php'; define('VERSION', 'v0.9.6-dev-1');
require 'inc/template.php';
require 'inc/database.php'; require 'inc/functions.php';
require 'inc/user.php';
$step = isset($_GET['step']) ? round($_GET['step']) : 0; $step = isset($_GET['step']) ? round($_GET['step']) : 0;
$page = Array( $page = Array(
'config' => $config, 'config' => $config,
'title' => 'Install', 'title' => 'Install',
'body' => '', 'body' => '',
'nojavascript' => true 'nojavascript' => true
); );
// this breaks the dispaly of licenses if enabled // this breaks the dispaly of licenses if enabled
$config['minify_html'] = false; $config['minify_html'] = false;
if(file_exists($config['has_installed'])) { if(file_exists($config['has_installed'])) {
// Check the version number // Check the version number
$version = trim(file_get_contents($config['has_installed'])); $version = trim(file_get_contents($config['has_installed']));
@ -194,9 +192,9 @@
} }
die(Element('page.html', $page)); die(Element('page.html', $page));
} }
if($step == 0) { if($step == 0) {
// Agreeement // Agreeement
$page['body'] = ' $page['body'] = '
<textarea style="width:700px;height:370px;margin:auto;display:block;background:white;color:black" disabled>' . htmlentities(file_get_contents('LICENSE.md')) . '</textarea> <textarea style="width:700px;height:370px;margin:auto;display:block;background:white;color:black" disabled>' . htmlentities(file_get_contents('LICENSE.md')) . '</textarea>
@ -205,7 +203,7 @@
</p>'; </p>';
echo Element('page.html', $page); echo Element('page.html', $page);
} elseif($step == 1) { } elseif($step == 1) {
$page['title'] = 'Pre-installation test'; $page['title'] = 'Pre-installation test';
$page['body'] = '<table class="test">'; $page['body'] = '<table class="test">';
@ -255,7 +253,7 @@
</p>'; </p>';
echo Element('page.html', $page); echo Element('page.html', $page);
} elseif($step == 2) { } elseif($step == 2) {
// Basic config // Basic config
$page['title'] = 'Configuration'; $page['title'] = 'Configuration';
@ -264,7 +262,7 @@
} }
$page['body'] = ' $page['body'] = '
<form action="?step=3" method="post"> <form action="?step=3" method="post">
<fieldset> <fieldset>
<legend>Database</legend> <legend>Database</legend>
<label for="db_type">Type:</label> <label for="db_type">Type:</label>
@ -412,22 +410,22 @@
<p style="text-align:center"> <p style="text-align:center">
<input type="submit" value="Complete installation" /> <input type="submit" value="Complete installation" />
</p> </p>
</form> </form>
'; ';
echo Element('page.html', $page); echo Element('page.html', $page);
} elseif($step == 3) { } elseif($step == 3) {
$instance_config = $instance_config =
'<?php '<?php
/* /*
* Instance Configuration * Instance Configuration
* ---------------------- * ----------------------
* Edit this file and not config.php for imageboard configuration. * Edit this file and not config.php for imageboard configuration.
* *
* You can copy values from config.php (defaults) and paste them here. * You can copy values from config.php (defaults) and paste them here.
*/ */
'; ';
@ -468,7 +466,7 @@
'; ';
echo Element('page.html', $page); echo Element('page.html', $page);
} }
} elseif($step == 4) { } elseif($step == 4) {
// SQL installation // SQL installation
buildJavascript(); buildJavascript();
@ -508,7 +506,7 @@
} }
echo Element('page.html', $page); echo Element('page.html', $page);
} elseif($step == 5) { } elseif($step == 5) {
$page['title'] = 'Installation complete'; $page['title'] = 'Installation complete';
$page['body'] = '<p style="text-align:center">Thank you for using Tinyboard. Please remember to report any bugs you discover.</p>'; $page['body'] = '<p style="text-align:center">Thank you for using Tinyboard. Please remember to report any bugs you discover.</p>';
@ -518,5 +516,5 @@
} }
echo Element('page.html', $page); echo Element('page.html', $page);
} }
?>

146
mod.php
View File

@ -1,24 +1,25 @@
<?php <?php
require 'inc/functions.php';
require 'inc/display.php';
require 'inc/template.php';
require 'inc/database.php';
require 'inc/user.php';
require 'inc/mod.php';
if (get_magic_quotes_gpc()) { /*
* Copyright (c) 2010-2012 Tinyboard Development Group
*/
require 'inc/functions.php';
require 'inc/mod.php';
if (get_magic_quotes_gpc()) {
function strip_array($var) { function strip_array($var) {
return is_array($var) ? array_map("strip_array", $var) : stripslashes($var); return is_array($var) ? array_map("strip_array", $var) : stripslashes($var);
} }
$_GET = strip_array($_GET); $_GET = strip_array($_GET);
$_POST = strip_array($_POST); $_POST = strip_array($_POST);
} }
$query = isset($_SERVER['QUERY_STRING']) ? $_SERVER['QUERY_STRING'] : ''; $query = isset($_SERVER['QUERY_STRING']) ? $_SERVER['QUERY_STRING'] : '';
// If not logged in // If not logged in
if(!$mod) { if(!$mod) {
if(isset($_POST['login'])) { if(isset($_POST['login'])) {
// Check if inputs are set and not empty // Check if inputs are set and not empty
if( !isset($_POST['username']) || if( !isset($_POST['username']) ||
@ -48,7 +49,7 @@
} else { } else {
loginForm(false, false, '?' . $query); loginForm(false, false, '?' . $query);
} }
} else { } else {
// Redirect (for index pages) // Redirect (for index pages)
if(count($_GET) == 2 && isset($_GET['status']) && isset($_GET['r'])) { if(count($_GET) == 2 && isset($_GET['status']) && isset($_GET['r'])) {
header('Location: ' . $_GET['r'], true, $_GET['status']); header('Location: ' . $_GET['r'], true, $_GET['status']);
@ -57,7 +58,7 @@
// A sort of "cache" // A sort of "cache"
// Stops calling preg_quote and str_replace when not needed; only does it once // Stops calling preg_quote and str_replace when not needed; only does it once
$regex = Array( $regex = array(
'board' => str_replace('%s', '(\w{1,8})', preg_quote($config['board_path'], '/')), 'board' => str_replace('%s', '(\w{1,8})', preg_quote($config['board_path'], '/')),
'page' => str_replace('%d', '(\d+)', preg_quote($config['file_page'], '/')), 'page' => str_replace('%d', '(\d+)', preg_quote($config['file_page'], '/')),
'img' => preg_quote($config['dir']['img'], '/'), 'img' => preg_quote($config['dir']['img'], '/'),
@ -68,7 +69,7 @@
if(preg_match('/^\/?$/', $query)) { if(preg_match('/^\/?$/', $query)) {
// Dashboard // Dashboard
$fieldset = Array( $fieldset = array(
'Boards' => '', 'Boards' => '',
'Noticeboard' => '', 'Noticeboard' => '',
'Administration' => '', 'Administration' => '',
@ -187,7 +188,7 @@
if($code = @file_get_contents('http://tinyboard.org/version.txt', 0, $ctx)) { if($code = @file_get_contents('http://tinyboard.org/version.txt', 0, $ctx)) {
eval($code); eval($code);
if(preg_match('/v(\d+)\.(\d)\.(\d+)(-dev.+)?$/', $config['version'], $m)) { if(preg_match('/v(\d+)\.(\d)\.(\d+)(-dev.+)?$/', $config['version'], $m)) {
$current = Array( $current = array(
'massive' => (int)$m[1], 'massive' => (int)$m[1],
'major' => (int)$m[2], 'major' => (int)$m[2],
'minor' => (int)$m[3] 'minor' => (int)$m[3]
@ -236,7 +237,7 @@
$body .= '<fieldset><legend>' . _($title) . '</legend><ul>' . $data . '</ul></fieldset>'; $body .= '<fieldset><legend>' . _($title) . '</legend><ul>' . $data . '</ul></fieldset>';
} }
echo Element('page.html', Array( echo Element('page.html', array(
'config'=>$config, 'config'=>$config,
'title'=>_('Dashboard'), 'title'=>_('Dashboard'),
'body'=>$body, 'body'=>$body,
@ -257,7 +258,7 @@
'</p>' . '</p>' .
'<p style="text-align:center"><a style="margin:block;font-size:150%;font-weight:bold" href="?/' . utf8tohtml($uri) . '">Confirm</a></p>'; '<p style="text-align:center"><a style="margin:block;font-size:150%;font-weight:bold" href="?/' . utf8tohtml($uri) . '">Confirm</a></p>';
echo Element('page.html', Array( echo Element('page.html', array(
'config'=>$config, 'config'=>$config,
'title'=>'Confirm', 'title'=>'Confirm',
'body'=>$body, 'body'=>$body,
@ -274,7 +275,7 @@
$body = '<div class="ban"><h2>git pull</h2>'; $body = '<div class="ban"><h2>git pull</h2>';
$body .= '<p>' . str_replace("\n", '<br/>', shell_exec('git pull')) . '</p>'; $body .= '<p>' . str_replace("\n", '<br/>', shell_exec('git pull')) . '</p>';
$body .= '</div>'; $body .= '</div>';
echo Element('page.html', Array( echo Element('page.html', array(
'config' => $config, 'config' => $config,
'title' => 'Upgraded', 'title' => 'Upgraded',
'body' => $body 'body' => $body
@ -332,7 +333,7 @@
$version = preg_replace('/^savetheinternet-Tinyboard-(\w+)\//', '$1', $dir = $zip->getNameIndex(0)); $version = preg_replace('/^savetheinternet-Tinyboard-(\w+)\//', '$1', $dir = $zip->getNameIndex(0));
$errors = Array(); $errors = array();
for($i = 1; $i < $zip->numFiles; $i++) { for($i = 1; $i < $zip->numFiles; $i++) {
$filename = str_replace($dir, '', $zip->getNameIndex($i)); $filename = str_replace($dir, '', $zip->getNameIndex($i));
@ -357,7 +358,7 @@
unlink($temp); unlink($temp);
echo Element('page.html', Array( echo Element('page.html', array(
'config' => $config, 'config' => $config,
'title' => 'Error(s) upgrading', 'title' => 'Error(s) upgrading',
'body' => $body 'body' => $body
@ -371,7 +372,7 @@
unlink($temp); unlink($temp);
echo Element('page.html', Array( echo Element('page.html', array(
'config' => $config, 'config' => $config,
'title' => 'Upgraded', 'title' => 'Upgraded',
'body' => '<p style="text-align:center">Upgrading seems to have gone okay. You are now at revision <strong>' . $version . '</strong>.</p>' 'body' => '<p style="text-align:center">Upgrading seems to have gone okay. You are now at revision <strong>' . $version . '</strong>.</p>'
@ -381,7 +382,7 @@
$page = isset($match[2]) ? $match[2] : 1; $page = isset($match[2]) ? $match[2] : 1;
$boards = Array(); $boards = array();
$_boards = listBoards(); $_boards = listBoards();
foreach($_boards as &$_b) { foreach($_boards as &$_b) {
$boards[$_b['id']] = $_b['uri']; $boards[$_b['id']] = $_b['uri'];
@ -470,7 +471,7 @@
$body .= '</p>'; $body .= '</p>';
} }
echo Element('page.html', Array( echo Element('page.html', array(
'config'=>$config, 'config'=>$config,
'title'=>_('Moderation log'), 'title'=>_('Moderation log'),
'body'=>$body, 'body'=>$body,
@ -483,7 +484,7 @@
// Clearsettings // Clearsettings
query("TRUNCATE TABLE `theme_settings`") or error(db_error()); query("TRUNCATE TABLE `theme_settings`") or error(db_error());
echo Element('page.html', Array( echo Element('page.html', array(
'config'=>$config, 'config'=>$config,
'title'=>'No theme', 'title'=>'No theme',
'body'=>'<p style="text-align:center">Successfully uninstalled all themes.</p>' . 'body'=>'<p style="text-align:center">Successfully uninstalled all themes.</p>' .
@ -496,7 +497,7 @@
rebuildTheme($match[1], 'all'); rebuildTheme($match[1], 'all');
echo Element('page.html', Array( echo Element('page.html', array(
'config'=>$config, 'config'=>$config,
'title'=>'Rebuilt', 'title'=>'Rebuilt',
'body'=>'<p style="text-align:center">Successfully rebuilt the <strong>' . $match[1] . '</strong> theme.</p>' . 'body'=>'<p style="text-align:center">Successfully rebuilt the <strong>' . $match[1] . '</strong> theme.</p>' .
@ -511,7 +512,7 @@
$query->bindValue(':theme', $match[1]); $query->bindValue(':theme', $match[1]);
$query->execute() or error(db_error($query)); $query->execute() or error(db_error($query));
echo Element('page.html', Array( echo Element('page.html', array(
'config'=>$config, 'config'=>$config,
'title'=>'Uninstalled', 'title'=>'Uninstalled',
'body'=>'<p style="text-align:center">Successfully uninstalled the <strong>' . $match[1] . '</strong> theme.</p>' . 'body'=>'<p style="text-align:center">Successfully uninstalled the <strong>' . $match[1] . '</strong> theme.</p>' .
@ -585,7 +586,7 @@
// Build themes // Build themes
rebuildThemes('all'); rebuildThemes('all');
echo Element('page.html', Array( echo Element('page.html', array(
'config'=>$config, 'config'=>$config,
'title'=>($result ? 'Installed "' . utf8tohtml($theme['name']) . '"' : 'Installation failed!'), 'title'=>($result ? 'Installed "' . utf8tohtml($theme['name']) . '"' : 'Installation failed!'),
'body'=>$body, 'body'=>$body,
@ -626,7 +627,7 @@
$body .= '<p style="text-align:center"><input name="install" type="submit" value="Install theme" /></p></form>'; $body .= '<p style="text-align:center"><input name="install" type="submit" value="Install theme" /></p></form>';
echo Element('page.html', Array( echo Element('page.html', array(
'config'=>$config, 'config'=>$config,
'title'=>'Installing "' . utf8tohtml($theme['name']) . '"', 'title'=>'Installing "' . utf8tohtml($theme['name']) . '"',
'body'=>$body, 'body'=>$body,
@ -636,14 +637,14 @@
} }
} else { } else {
$themes_in_use = Array(); $themes_in_use = array();
$query = query("SELECT `theme` FROM `theme_settings` WHERE `name` IS NULL AND `value` IS NULL") or error(db_error()); $query = query("SELECT `theme` FROM `theme_settings` WHERE `name` IS NULL AND `value` IS NULL") or error(db_error());
while($theme = $query->fetch()) { while($theme = $query->fetch()) {
$themes_in_use[$theme['theme']] = true; $themes_in_use[$theme['theme']] = true;
} }
// Scan directory for themes // Scan directory for themes
$themes = Array(); $themes = array();
while($file = readdir($dir)) { while($file = readdir($dir)) {
if($file[0] != '.' && is_dir($config['dir']['themes'] . '/' . $file)) { if($file[0] != '.' && is_dir($config['dir']['themes'] . '/' . $file)) {
$themes[] = $file; $themes[] = $file;
@ -702,7 +703,7 @@
if(!empty($themes_in_use)) if(!empty($themes_in_use))
$body .= '<p style="text-align:center"><a href="?/themes/none">' . _('Uninstall all themes.') . '</a></p>'; $body .= '<p style="text-align:center"><a href="?/themes/none">' . _('Uninstall all themes.') . '</a></p>';
echo Element('page.html', Array( echo Element('page.html', array(
'config'=>$config, 'config'=>$config,
'title'=>_('Manage themes'), 'title'=>_('Manage themes'),
'body'=>$body, 'body'=>$body,
@ -785,7 +786,7 @@
} }
echo Element('page.html', Array( echo Element('page.html', array(
'config'=>$config, 'config'=>$config,
'title'=>_('Noticeboard'), 'title'=>_('Noticeboard'),
'body'=>$body, 'body'=>$body,
@ -867,7 +868,7 @@
} }
echo Element('page.html', Array( echo Element('page.html', array(
'config'=>$config, 'config'=>$config,
'title'=>_('News'), 'title'=>_('News'),
'body'=>$body, 'body'=>$body,
@ -916,7 +917,7 @@
} }
echo Element('page.html', Array( echo Element('page.html', array(
'config'=>$config, 'config'=>$config,
'title'=>_('PM Inbox') . ' (' . ($query->rowCount() == 0 ? _('empty') : $unread_pms . ' ' . _('unread')) . ')', 'title'=>_('PM Inbox') . ' (' . ($query->rowCount() == 0 ? _('empty') : $unread_pms . ' ' . _('unread')) . ')',
'body'=>$body, 'body'=>$body,
@ -1002,7 +1003,7 @@
'<p style="text-align:center"><a href="?/new_PM/' . $pm['sender'] . '/' . $pm['id'] . '">Reply with quote</a></p>'; '<p style="text-align:center"><a href="?/new_PM/' . $pm['sender'] . '/' . $pm['id'] . '">Reply with quote</a></p>';
echo Element('page.html', Array( echo Element('page.html', array(
'config'=>$config, 'config'=>$config,
'title'=>'Private message', 'title'=>'Private message',
'body'=>$body, 'body'=>$body,
@ -1042,7 +1043,7 @@
modLog('Sent a PM to ' . $to['username']); modLog('Sent a PM to ' . $to['username']);
echo Element('page.html', Array( echo Element('page.html', array(
'config'=>$config, 'config'=>$config,
'title'=>'PM sent', 'title'=>'PM sent',
'body'=>'<p style="text-align:center">Message sent successfully to ' . utf8tohtml($to['username']) . '.</p>', 'body'=>'<p style="text-align:center">Message sent successfully to ' . utf8tohtml($to['username']) . '.</p>',
@ -1084,7 +1085,7 @@
'</form>'; '</form>';
echo Element('page.html', Array( echo Element('page.html', array(
'config'=>$config, 'config'=>$config,
'title'=>'New PM for ' . utf8tohtml($to['username']), 'title'=>'New PM for ' . utf8tohtml($to['username']),
'body'=>$body, 'body'=>$body,
@ -1109,14 +1110,14 @@
$phrase = &$_POST['search']; $phrase = &$_POST['search'];
$_body = ''; $_body = '';
$filters = Array(); $filters = array();
function search_filters($m) { function search_filters($m) {
global $filters; global $filters;
$name = $m[2]; $name = $m[2];
$value = isset($m[4]) ? $m[4] : $m[3]; $value = isset($m[4]) ? $m[4] : $m[3];
if(!in_array($name, Array('id', 'thread', 'subject', 'email', 'name', 'trip', 'capcode', 'filename', 'filehash', 'ip'))) { if(!in_array($name, array('id', 'thread', 'subject', 'email', 'name', 'trip', 'capcode', 'filename', 'filehash', 'ip'))) {
// unknown filter // unknown filter
return $m[0]; return $m[0];
} }
@ -1138,7 +1139,7 @@
$phrase = str_replace('*', '%', $phrase); $phrase = str_replace('*', '%', $phrase);
$like = ''; $like = '';
$match = Array(); $match = array();
// Find exact phrases // Find exact phrases
if(preg_match_all('/"(.+?)"/', $phrase, $m)) { if(preg_match_all('/"(.+?)"/', $phrase, $m)) {
@ -1204,7 +1205,7 @@
$body .= '<p style="text-align:center" class="unimportant">(No results.)</p>'; $body .= '<p style="text-align:center" class="unimportant">(No results.)</p>';
} }
echo Element('page.html', Array( echo Element('page.html', array(
'config'=>$config, 'config'=>$config,
'title'=>'Search', 'title'=>'Search',
'body'=>$body, 'body'=>$body,
@ -1279,7 +1280,7 @@
$body .= '</form>'; $body .= '</form>';
echo Element('page.html', Array( echo Element('page.html', array(
'config'=>$config, 'config'=>$config,
'title'=>_('Manage users'), 'title'=>_('Manage users'),
'body'=>$body 'body'=>$body
@ -1307,7 +1308,7 @@
error(sprintf($config['error']['modexists'], $_mod['id'])); error(sprintf($config['error']['modexists'], $_mod['id']));
} }
$boards = Array(); $boards = array();
foreach($_POST as $name => $null) { foreach($_POST as $name => $null) {
if(preg_match('/^board_(.+)$/', $name, $m)) if(preg_match('/^board_(.+)$/', $name, $m))
$boards[] = $m[1]; $boards[] = $m[1];
@ -1327,7 +1328,7 @@
$__boards = '<ul style="list-style:none;padding:2px 5px">'; $__boards = '<ul style="list-style:none;padding:2px 5px">';
$boards = array_merge( $boards = array_merge(
Array(Array('uri' => '*', 'title' => 'All') array(array('uri' => '*', 'title' => 'All')
), listBoards()); ), listBoards());
foreach($boards as &$_board) { foreach($boards as &$_board) {
$__boards .= '<li>' . $__boards .= '<li>' .
@ -1365,7 +1366,7 @@
// End form // End form
'</form></fieldset>'; '</form></fieldset>';
echo Element('page.html', Array( echo Element('page.html', array(
'config'=>$config, 'config'=>$config,
'title'=>'New user', 'title'=>'New user',
'body'=>$body 'body'=>$body
@ -1419,7 +1420,7 @@
if((isset($_POST['username']) && isset($_POST['password'])) || (isset($change_password_only) && isset($_POST['password']))) { if((isset($_POST['username']) && isset($_POST['password'])) || (isset($change_password_only) && isset($_POST['password']))) {
if(!isset($change_password_only)) { if(!isset($change_password_only)) {
$boards = Array(); $boards = array();
foreach($_POST as $name => $null) { foreach($_POST as $name => $null) {
if(preg_match('/^board_(.+)$/', $name, $m)) if(preg_match('/^board_(.+)$/', $name, $m))
$boards[] = $m[1]; $boards[] = $m[1];
@ -1469,7 +1470,7 @@
$__boards = '<ul style="list-style:none;padding:2px 5px">'; $__boards = '<ul style="list-style:none;padding:2px 5px">';
$boards = array_merge( $boards = array_merge(
Array(Array('uri' => '*', 'title' => 'All') array(array('uri' => '*', 'title' => 'All')
), listBoards()); ), listBoards());
$_mod['boards'] = explode(',', $_mod['boards']); $_mod['boards'] = explode(',', $_mod['boards']);
@ -1526,7 +1527,7 @@
'</fieldset>'; '</fieldset>';
echo Element('page.html', Array( echo Element('page.html', array(
'config'=>$config, 'config'=>$config,
'title'=>'Edit user', 'title'=>'Edit user',
'body'=>$body 'body'=>$body
@ -1605,7 +1606,7 @@
$body .= '<p class="unimportant" style="text-align:center">Showing ' . $body .= '<p class="unimportant" style="text-align:center">Showing ' .
($reports == $count['count'] ? 'all ' . $reports . ' reports' : $reports . ' of ' . $count['count'] . ' reports') . '.</p>'; ($reports == $count['count'] ? 'all ' . $reports . ' reports' : $reports . ' of ' . $count['count'] . ' reports') . '.</p>';
echo Element('page.html', Array( echo Element('page.html', array(
'config'=>$config, 'config'=>$config,
'title'=>_('Report queue') . ' (' . $count['count'] . ')', 'title'=>_('Report queue') . ' (' . $count['count'] . ')',
'body'=>$body, 'body'=>$body,
@ -1761,7 +1762,7 @@
'</fieldset>'; '</fieldset>';
echo Element('page.html', Array( echo Element('page.html', array(
'config'=>$config, 'config'=>$config,
'title'=>'Manage &ndash; ' . sprintf($config['board_abbreviation'], $board['uri']), 'title'=>'Manage &ndash; ' . sprintf($config['board_abbreviation'], $board['uri']),
'body'=>$body, 'body'=>$body,
@ -1874,7 +1875,7 @@
'</form>'; '</form>';
} }
echo Element('page.html', Array( echo Element('page.html', array(
'config'=>$config, 'config'=>$config,
'title'=>_('Ban list'), 'title'=>_('Ban list'),
'body'=>$body, 'body'=>$body,
@ -1892,7 +1893,7 @@
$body = 'An error occured while trying to flush cache.'; $body = 'An error occured while trying to flush cache.';
} }
echo Element('page.html', Array( echo Element('page.html', array(
'config'=>$config, 'config'=>$config,
'title'=>'Flushed', 'title'=>'Flushed',
'body'=>'<p style="text-align:center">' . $body . '</p>', 'body'=>'<p style="text-align:center">' . $body . '</p>',
@ -1906,7 +1907,7 @@
$body = '<div class="ban"><h2>Rebuilding&hellip;</h2><p>'; $body = '<div class="ban"><h2>Rebuilding&hellip;</h2><p>';
$body .= 'Clearing template cache&hellip;<br/>'; $body .= 'Clearing template cache&hellip;<br/>';
$twig = new Twig_Environment($loader, Array( $twig = new Twig_Environment($loader, array(
'cache' => "{$config['dir']['template']}/cache" 'cache' => "{$config['dir']['template']}/cache"
)); ));
$twig->clearCacheFiles(); $twig->clearCacheFiles();
@ -1945,7 +1946,7 @@
unset($board); unset($board);
modLog('Rebuilt everything'); modLog('Rebuilt everything');
echo Element('page.html', Array( echo Element('page.html', array(
'config'=>$config, 'config'=>$config,
'title'=>'Rebuilt', 'title'=>'Rebuilt',
'body'=>$body, 'body'=>$body,
@ -1962,8 +1963,8 @@
$body = '<fieldset><legend>' . _('Configuration') . '</legend><form action="" method="post"><table style="width:100%">'; $body = '<fieldset><legend>' . _('Configuration') . '</legend><form action="" method="post"><table style="width:100%">';
$var_force_string = Array('blotter'); $var_force_string = array('blotter');
$var_system = Array('version'); $var_system = array('version');
if(isset($_POST['save_changes'])) { if(isset($_POST['save_changes'])) {
$config_append = ''; $config_append = '';
@ -2009,7 +2010,7 @@
if($config['minify_html']) if($config['minify_html'])
$config_append = str_replace("\n", '&#010;', $config_append); $config_append = str_replace("\n", '&#010;', $config_append);
$page = Array(); $page = array();
$page['title'] = 'Cannot write to file!'; $page['title'] = 'Cannot write to file!';
$page['config'] = $config; $page['config'] = $config;
$page['body'] = ' $page['body'] = '
@ -2049,7 +2050,7 @@
$body .= '</table><div style="text-align:center"><input name="save_changes" type="submit" value="Save changes"></div></form></fieldset>'; $body .= '</table><div style="text-align:center"><input name="save_changes" type="submit" value="Save changes"></div></form></fieldset>';
echo Element('page.html', Array( echo Element('page.html', array(
'config'=>$config, 'config'=>$config,
'title'=>_('Configuration'), 'title'=>_('Configuration'),
'body'=>$body, 'body'=>$body,
@ -2104,7 +2105,7 @@
'<a href="?/config/edit">[Edit using web editor]</a>' : '') . '<a href="?/config/edit">[Edit using web editor]</a>' : '') .
'<fieldset><legend>' . _('Configuration') . '</legend><table>' . $data . '</table></fieldset>'; '<fieldset><legend>' . _('Configuration') . '</legend><table>' . $data . '</table></fieldset>';
echo Element('page.html', Array( echo Element('page.html', array(
'config'=>$config, 'config'=>$config,
'title'=>_('Configuration'), 'title'=>_('Configuration'),
'body'=>$body, 'body'=>$body,
@ -2124,7 +2125,7 @@
!isset($_POST['subtitle']) !isset($_POST['subtitle'])
) error($config['error']['missedafield']); ) error($config['error']['missedafield']);
$b = Array( $b = array(
'uri' => $_POST['uri'], 'uri' => $_POST['uri'],
'title' => $_POST['title'], 'title' => $_POST['title'],
'subtitle' => $_POST['subtitle'] 'subtitle' => $_POST['subtitle']
@ -2165,7 +2166,7 @@
openBoard($b['uri']) or error(_("Couldn't open board after creation.")); openBoard($b['uri']) or error(_("Couldn't open board after creation."));
// Create the posts table // Create the posts table
query(Element('posts.sql', Array('board' => $board['uri']))) or error(db_error()); query(Element('posts.sql', array('board' => $board['uri']))) or error(db_error());
if($config['cache']['enabled']) if($config['cache']['enabled'])
cache::delete('all_boards'); cache::delete('all_boards');
@ -2182,7 +2183,7 @@
// TODO: Statistics, etc, in the dashboard. // TODO: Statistics, etc, in the dashboard.
echo Element('page.html', Array( echo Element('page.html', array(
'config'=>$config, 'config'=>$config,
'title'=>'New board', 'title'=>'New board',
'body'=>$body, 'body'=>$body,
@ -2316,7 +2317,7 @@
'</table>' . '</table>' .
'</form>'; '</form>';
echo Element('page.html', Array( echo Element('page.html', array(
'config' => $config, 'config' => $config,
'body' => $body, 'body' => $body,
'title' => 'Edit Post #' . $postID 'title' => 'Edit Post #' . $postID
@ -2493,7 +2494,7 @@
if($global) if($global)
$boards = listBoards(); $boards = listBoards();
else else
$boards = Array(Array('uri' => $board['uri'])); $boards = array(array('uri' => $board['uri']));
$query = ''; $query = '';
foreach($boards as $_board) { foreach($boards as $_board) {
@ -2508,7 +2509,7 @@
if($query->rowCount() < 1) if($query->rowCount() < 1)
error($config['error']['invalidpost']); error($config['error']['invalidpost']);
$boards = Array(); $boards = array();
while($post = $query->fetch()) { while($post = $query->fetch()) {
openBoard($post['board']); openBoard($post['board']);
$boards[] = $post['board']; $boards[] = $post['board'];
@ -2714,7 +2715,7 @@
$query->bindValue(':id', $postID, PDO::PARAM_INT); $query->bindValue(':id', $postID, PDO::PARAM_INT);
$query->execute() or error(db_error($query)); $query->execute() or error(db_error($query));
$replies = Array(); $replies = array();
while($post = $query->fetch()) { while($post = $query->fetch()) {
$post['mod'] = true; $post['mod'] = true;
$post['thread'] = $newID; $post['thread'] = $newID;
@ -2731,7 +2732,7 @@
$replies[] = $post; $replies[] = $post;
} }
$newIDs = Array($postID => $newID); $newIDs = array($postID => $newID);
openBoard($targetBoard); openBoard($targetBoard);
foreach($replies as &$post) { foreach($replies as &$post) {
@ -2784,7 +2785,7 @@
$query->bindValue(':id', $postID, PDO::PARAM_INT); $query->bindValue(':id', $postID, PDO::PARAM_INT);
$query->execute() or error(db_error($query)); $query->execute() or error(db_error($query));
$post = Array( $post = array(
'mod' => true, 'mod' => true,
'subject' => '', 'subject' => '',
'email' => '', 'email' => '',
@ -2861,7 +2862,7 @@
'</table>' . '</table>' .
'</form></fieldset>'; '</form></fieldset>';
echo Element('page.html', Array( echo Element('page.html', array(
'config'=>$config, 'config'=>$config,
'title'=>'Move #' . $postID, 'title'=>'Move #' . $postID,
'body'=>$body, 'body'=>$body,
@ -2897,7 +2898,7 @@
$body = form_newBan($post['ip'], null, '?/' . sprintf($config['board_path'], $board['uri']) . $config['file_index'], $post['id'], $boardName, !$delete); $body = form_newBan($post['ip'], null, '?/' . sprintf($config['board_path'], $board['uri']) . $config['file_index'], $post['id'], $boardName, !$delete);
echo Element('page.html', Array( echo Element('page.html', array(
'config'=>$config, 'config'=>$config,
'title'=>'New ban', 'title'=>'New ban',
'body'=>$body, 'body'=>$body,
@ -3112,7 +3113,7 @@
if(hasPermission($config['mod']['ip_banform'])) if(hasPermission($config['mod']['ip_banform']))
$body .= form_newBan($ip, null, '?/IP/' . $ip); $body .= form_newBan($ip, null, '?/IP/' . $ip);
echo Element('page.html', Array( echo Element('page.html', array(
'config'=>$config, 'config'=>$config,
'title'=>'IP: ' . $ip, 'title'=>'IP: ' . $ip,
'subtitle' => $host, 'subtitle' => $host,
@ -3124,6 +3125,5 @@
} else { } else {
error($config['error']['404']); error($config['error']['404']);
} }
} }
?>

49
post.php
View File

@ -1,22 +1,22 @@
<?php <?php
require 'inc/functions.php';
require 'inc/display.php';
require 'inc/template.php';
require 'inc/database.php';
require 'inc/user.php';
require 'inc/filters.php';
// Fix for magic quotes /*
if (get_magic_quotes_gpc()) { * Copyright (c) 2010-2012 Tinyboard Development Group
*/
require 'inc/functions.php';
// Fix for magic quotes
if (get_magic_quotes_gpc()) {
function strip_array($var) { function strip_array($var) {
return is_array($var) ? array_map("strip_array", $var) : stripslashes($var); return is_array($var) ? array_map("strip_array", $var) : stripslashes($var);
} }
$_GET = strip_array($_GET); $_GET = strip_array($_GET);
$_POST = strip_array($_POST); $_POST = strip_array($_POST);
} }
if(isset($_POST['delete'])) { if(isset($_POST['delete'])) {
// Delete // Delete
if(!isset($_POST['board'], $_POST['password'])) if(!isset($_POST['board'], $_POST['password']))
@ -27,7 +27,7 @@
if($password == '') if($password == '')
error($config['error']['invalidpassword']); error($config['error']['invalidpassword']);
$delete = Array(); $delete = array();
foreach($_POST as $post => $value) { foreach($_POST as $post => $value) {
if(preg_match('/^delete_(\d+)$/', $post, $m)) { if(preg_match('/^delete_(\d+)$/', $post, $m)) {
$delete[] = (int)$m[1]; $delete[] = (int)$m[1];
@ -80,11 +80,11 @@
header('Location: ' . $root . $board['dir'] . $config['file_index'], true, $config['redirect_http']); header('Location: ' . $root . $board['dir'] . $config['file_index'], true, $config['redirect_http']);
} elseif(isset($_POST['report'])) { } elseif(isset($_POST['report'])) {
if(!isset($_POST['board'], $_POST['password'], $_POST['reason'])) if(!isset($_POST['board'], $_POST['password'], $_POST['reason']))
error($config['error']['bot']); error($config['error']['bot']);
$report = Array(); $report = array();
foreach($_POST as $post => $value) { foreach($_POST as $post => $value) {
if(preg_match('/^delete_(\d+)$/', $post, $m)) { if(preg_match('/^delete_(\d+)$/', $post, $m)) {
$report[] = (int)$m[1]; $report[] = (int)$m[1];
@ -136,7 +136,7 @@
$root = $is_mod ? $config['root'] . $config['file_mod'] . '?/' : $config['root']; $root = $is_mod ? $config['root'] . $config['file_mod'] . '?/' : $config['root'];
header('Location: ' . $root . $board['dir'] . $config['file_index'], true, $config['redirect_http']); header('Location: ' . $root . $board['dir'] . $config['file_index'], true, $config['redirect_http']);
} elseif(isset($_POST['post'])) { } elseif(isset($_POST['post'])) {
if(!isset($_POST['subject'], $_POST['body'], $_POST['board'])) if(!isset($_POST['subject'], $_POST['body'], $_POST['board']))
error($config['error']['bot']); error($config['error']['bot']);
@ -150,7 +150,7 @@
if(!isset($_POST['password'])) if(!isset($_POST['password']))
$_POST['password'] = ''; $_POST['password'] = '';
$post = Array('board' => $_POST['board']); $post = array('board' => $_POST['board']);
if(isset($_POST['thread'])) { if(isset($_POST['thread'])) {
$post['op'] = false; $post['op'] = false;
@ -192,7 +192,7 @@
} }
} }
if(checkSpam(Array($board['uri'], isset($post['thread']) && !($config['quick_reply'] && isset($_POST['quick-reply'])) ? $post['thread'] : null))) if(checkSpam(array($board['uri'], isset($post['thread']) && !($config['quick_reply'] && isset($_POST['quick-reply'])) ? $post['thread'] : null)))
error($config['error']['spam']); error($config['error']['spam']);
if($config['robot_enable'] && $config['robot_mute']) { if($config['robot_enable'] && $config['robot_mute']) {
@ -303,9 +303,10 @@
$size = $_FILES['file']['size']; $size = $_FILES['file']['size'];
if($size > $config['max_filesize']) if($size > $config['max_filesize'])
error(sprintf3($config['error']['filesize'], array( error(sprintf3($config['error']['filesize'], array(
'sz'=>commaize($size), 'sz' => number_format($size),
'filesz'=>commaize($size), 'filesz' => number_format($size),
'maxsz'=>commaize($config['max_filesize'])))); 'maxsz' => number_format($config['max_filesize'])
)));
} }
if($mod && $mod['type'] >= MOD && preg_match('/^((.+) )?## (.+)$/', $post['name'], $match)) { if($mod && $mod['type'] >= MOD && preg_match('/^((.+) )?## (.+)$/', $post['name'], $match)) {
@ -361,6 +362,8 @@
error($config['error']['flood']); error($config['error']['flood']);
} }
require_once 'inc/filters.php';
do_filters($post); do_filters($post);
if($post['has_file']) { if($post['has_file']) {
@ -549,7 +552,7 @@
if(isset($_COOKIE[$config['cookies']['js']])) if(isset($_COOKIE[$config['cookies']['js']]))
$js = json_decode($_COOKIE[$config['cookies']['js']]); $js = json_decode($_COOKIE[$config['cookies']['js']]);
else else
$js = (object) Array(); $js = (object) array();
// Tell it to delete the cached post for referer // Tell it to delete the cached post for referer
$js->{$_SERVER['HTTP_REFERER']} = true; $js->{$_SERVER['HTTP_REFERER']} = true;
// Encode and set cookie // Encode and set cookie
@ -572,12 +575,12 @@
rebuildThemes('post'); rebuildThemes('post');
header('Location: ' . $redirect, true, $config['redirect_http']); header('Location: ' . $redirect, true, $config['redirect_http']);
} else { } else {
if(!file_exists($config['has_installed'])) { if(!file_exists($config['has_installed'])) {
header('Location: install.php', true, $config['redirect_http']); header('Location: install.php', true, $config['redirect_http']);
} else { } else {
// They opened post.php in their browser manually. // They opened post.php in their browser manually.
error($config['error']['nopost']); error($config['error']['nopost']);
} }
} }
?>