Cool_Tools/vichan
1
0
Fork 0
mirror of https://github.com/vichan-devel/vichan.git synced 2025-03-01 16:20:36 +01:00
Code Releases Wiki Activity

SECURITY: Move indexed option to table...fixes unindexed boards appearing in search/random

Browse Source
This commit is contained in:
8chan 2014-10-07 20:54:00 -07:00
parent 2f91ea9c74
commit d58adad48d
7 changed files with 11 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
boards.php
View File

@ -57,8 +57,8 @@ foreach ($boards as $i => &$board) {
$board_config = str_replace('$config', '$boardCONFIG', $board_config); $board_config = str_replace('$config', '$boardCONFIG', $board_config);
$board_config = str_replace('<?php', '', $board_config); $board_config = str_replace('<?php', '', $board_config);
eval($board_config); eval($board_config);
$showboard = (!isset($boardCONFIG['meta_noindex']) || !$boardCONFIG['meta_noindex']);
} }
$showboard = $board['indexed'];
$locale = isset($boardCONFIG['locale'])?$boardCONFIG['locale']:'en'; $locale = isset($boardCONFIG['locale'])?$boardCONFIG['locale']:'en';
$board['title'] = utf8tohtml($board['title']); $board['title'] = utf8tohtml($board['title']);

7
inc/functions.php
View File

@ -652,20 +652,21 @@ function hasPermission($action = null, $board = null, $_mod = null) {
return true; return true;
} }
function listBoards($just_uri = false) { function listBoards($just_uri = false, $indexed_only = false) {
global $config; global $config;
$just_uri ? $cache_name = 'all_boards_uri' : $cache_name = 'all_boards'; $just_uri ? $cache_name = 'all_boards_uri' : $cache_name = 'all_boards';
$indexed_only ? $cache_name .= 'indexed' : false;
if ($config['cache']['enabled'] && ($boards = cache::get($cache_name))) if ($config['cache']['enabled'] && ($boards = cache::get($cache_name)))
return $boards; return $boards;
if (!$just_uri) { if (!$just_uri) {
$query = query("SELECT ``boards``.`uri` uri, ``boards``.`title` title, ``boards``.`subtitle` subtitle, ``board_create``.`time` time FROM ``boards`` LEFT JOIN ``board_create`` ON ``boards``.`uri` = ``board_create``.`uri` ORDER BY ``boards``.`uri`") or error(db_error()); $query = query("SELECT ``boards``.`uri` uri, ``boards``.`title` title, ``boards``.`subtitle` subtitle, ``board_create``.`time` time, ``boards``.`indexed` indexed FROM ``boards``" . ( $indexed_only ? " WHERE `indexed` = 1 " : "" ) . "LEFT JOIN ``board_create`` ON ``boards``.`uri` = ``board_create``.`uri` ORDER BY ``boards``.`uri`") or error(db_error());
$boards = $query->fetchAll(); $boards = $query->fetchAll();
} else { } else {
$boards = array(); $boards = array();
$query = query("SELECT `uri` FROM ``boards``") or error(db_error()); $query = query("SELECT `uri` FROM ``boards``" . ( $indexed_only ? " WHERE `indexed` = 1" : "" ) . " ORDER BY ``boards``.`uri`") or error(db_error());
while (true) { while (true) {
$board = $query->fetchColumn(); $board = $query->fetchColumn();
if ($board === FALSE) break; if ($board === FALSE) break;

5
inc/instance-config.php
View File

@ -255,7 +255,6 @@
$poster_ids = isset($_POST['poster_ids']) ? 'true' : 'false'; $poster_ids = isset($_POST['poster_ids']) ? 'true' : 'false';
$show_sages = isset($_POST['show_sages']) ? 'true' : 'false'; $show_sages = isset($_POST['show_sages']) ? 'true' : 'false';
$auto_unicode = isset($_POST['auto_unicode']) ? 'true' : 'false'; $auto_unicode = isset($_POST['auto_unicode']) ? 'true' : 'false';
$meta_noindex = isset($_POST['meta_noindex']) ? 'true' : 'false';
$allow_roll = isset($_POST['allow_roll']) ? 'true' : 'false'; $allow_roll = isset($_POST['allow_roll']) ? 'true' : 'false';
$image_reject_repost = isset($_POST['image_reject_repost']) ? 'true' : 'false'; $image_reject_repost = isset($_POST['image_reject_repost']) ? 'true' : 'false';
$allow_flash = isset($_POST['allow_flash']) ? '$config[\'allowed_ext_files\'][] = \'swf\';' : ''; $allow_flash = isset($_POST['allow_flash']) ? '$config[\'allowed_ext_files\'][] = \'swf\';' : '';
@ -311,10 +310,11 @@ OEKAKI;
if (!(strlen($subtitle) < 200)) if (!(strlen($subtitle) < 200))
error('Invalid subtitle'); error('Invalid subtitle');
$query = prepare('UPDATE ``boards`` SET `title` = :title, `subtitle` = :subtitle WHERE `uri` = :uri'); $query = prepare('UPDATE ``boards`` SET `title` = :title, `subtitle` = :subtitle, `indexed` = :indexed WHERE `uri` = :uri');
$query->bindValue(':title', $title); $query->bindValue(':title', $title);
$query->bindValue(':subtitle', $subtitle); $query->bindValue(':subtitle', $subtitle);
$query->bindValue(':uri', $b); $query->bindValue(':uri', $b);
$query->bindValue(':indexed', !isset($_POST['meta_noindex']));
$query->execute() or error(db_error($query)); $query->execute() or error(db_error($query));
@ -328,7 +328,6 @@ OEKAKI;
\$config['poster_ids'] = $poster_ids; \$config['poster_ids'] = $poster_ids;
\$config['show_sages'] = $show_sages; \$config['show_sages'] = $show_sages;
\$config['auto_unicode'] = $auto_unicode; \$config['auto_unicode'] = $auto_unicode;
\$config['meta_noindex'] = $meta_noindex;
\$config['allow_roll'] = $allow_roll; \$config['allow_roll'] = $allow_roll;
\$config['image_reject_repost'] = $image_reject_repost; \$config['image_reject_repost'] = $image_reject_repost;
\$config['anonymous'] = base64_decode('$anonymous'); \$config['anonymous'] = base64_decode('$anonymous');

2
random.php
View File

@ -2,7 +2,7 @@
include "inc/functions.php"; include "inc/functions.php";
$boards = listBoards(TRUE); $boards = listBoards(TRUE, TRUE);
$board = array_rand($boards); $board = array_rand($boards);
header('Location: /'.$boards[$board]); header('Location: /'.$boards[$board]);
?> ?>

2
search.php
View File

@ -12,7 +12,7 @@
if (isset($config['search']['boards'])) { if (isset($config['search']['boards'])) {
$boards = $config['search']['boards']; $boards = $config['search']['boards'];
} else { } else {
$boards = listBoards(TRUE); $boards = listBoards(TRUE, TRUE);
} }
$body = Element('search_form.html', Array('boards' => $boards, 'b' => isset($_GET['board']) ? $_GET['board'] : false, 'search' => isset($_GET['search']) ? str_replace('"', '&quot;', utf8tohtml($_GET['search'])) : false)); $body = Element('search_form.html', Array('boards' => $boards, 'b' => isset($_GET['board']) ? $_GET['board'] : false, 'search' => isset($_GET['search']) ? str_replace('"', '&quot;', utf8tohtml($_GET['search'])) : false));

2
templates/8chan/index.html
View File

@ -239,7 +239,7 @@
<strong>{% trans %}Featured boards:{% endtrans %}</strong> <strong>{% trans %}Featured boards:{% endtrans %}</strong>
<span class="favorite-boards"></span> <span class="favorite-boards"></span>
<br> <br>
<strong>{% trans %}Board of the week:{% endtrans %} /<a href="/ebola">ebola</a>/</strong> <strong>{% trans %}Board of the week:{% endtrans %} /<a href="/cow">cow</a>/, /<a href="/fringe">fringe</a>/, /<a href="/desu">desu</a>/</strong>
</div> </div>
</header> </header>

2
templates/header.html
View File

@ -4,7 +4,7 @@
<meta name="viewport" content="width=device-width, initial-scale=1, user-scalable=yes"> <meta name="viewport" content="width=device-width, initial-scale=1, user-scalable=yes">
{% if config.meta_keywords %}<meta name="keywords" content="{{ config.meta_keywords }}">{% endif %} {% if config.meta_keywords %}<meta name="keywords" content="{{ config.meta_keywords }}">{% endif %}
{% if config.meta_description %}<meta name="description" content="{{ config.meta_description }}">{% endif %} {% if config.meta_description %}<meta name="description" content="{{ config.meta_description }}">{% endif %}
{% if config.meta_noindex %}<meta name="robots" content="noindex" />{% endif %} {% if not board.indexed %}<meta name="robots" content="noindex" />{% endif %}
{% if config.default_stylesheet.1 != '' and not mod %}<link rel="stylesheet" type="text/css" id="stylesheet" href="{{ config.uri_stylesheets }}{{ config.default_stylesheet.1 }}">{% endif %} {% if config.default_stylesheet.1 != '' and not mod %}<link rel="stylesheet" type="text/css" id="stylesheet" href="{{ config.uri_stylesheets }}{{ config.default_stylesheet.1 }}">{% endif %}
{% if config.font_awesome %}<link rel="stylesheet" media="screen" href="{{ config.root }}{{ config.font_awesome_css }}">{% endif %} {% if config.font_awesome %}<link rel="stylesheet" media="screen" href="{{ config.root }}{{ config.font_awesome_css }}">{% endif %}
{% if config.country_flags_condensed %}<link rel="stylesheet" href="{{ config.root }}{{ config.country_flags_condensed_css }}">{% endif %} {% if config.country_flags_condensed %}<link rel="stylesheet" href="{{ config.root }}{{ config.country_flags_condensed_css }}">{% endif %}