mirror of
https://github.com/vichan-devel/vichan.git
synced 2024-11-28 01:10:51 +01:00
Merge branch 'master' of https://github.com/savetheinternet/Tinyboard
Conflicts: mod.php
This commit is contained in:
commit
e6b9bad788
@ -903,6 +903,9 @@
|
||||
// PM snippet (for ?/inbox) length in characters
|
||||
$config['mod']['snippet_length'] = 75;
|
||||
|
||||
// Edit raw HTML in posts by default
|
||||
$config['mod']['raw_html_default'] = false;
|
||||
|
||||
// Probably best not to change these:
|
||||
if (!defined('JANITOR')) {
|
||||
define('JANITOR', 0, true);
|
||||
@ -1049,6 +1052,9 @@
|
||||
// Edit the current configuration (via web interface)
|
||||
$config['mod']['edit_config'] = ADMIN;
|
||||
|
||||
// Execute un-filtered SQL queries on the database (?/debug/sql)
|
||||
$config['mod']['debug_sql'] = DISABLED;
|
||||
|
||||
/*
|
||||
* ====================
|
||||
* Events (PHP 5.3.0+)
|
||||
|
@ -297,7 +297,7 @@ class Post {
|
||||
|
||||
// Edit post
|
||||
if (hasPermission($config['mod']['editpost'], $board['uri'], $this->mod))
|
||||
$built .= ' <a title="Edit post" href="?/' . $board['uri'] . '/edit/' . $this->id . '">' . $config['mod']['link_editpost'] . '</a>';
|
||||
$built .= ' <a title="Edit post" href="?/' . $board['uri'] . '/edit' . ($config['mod']['raw_html_default'] ? '_raw' : '') . '/' . $this->id . '">' . $config['mod']['link_editpost'] . '</a>';
|
||||
|
||||
if (!empty($built))
|
||||
$built = '<span class="controls">' . $built . '</span>';
|
||||
@ -418,7 +418,7 @@ class Thread {
|
||||
|
||||
// Edit post
|
||||
if (hasPermission($config['mod']['editpost'], $board['uri'], $this->mod))
|
||||
$built .= ' <a title="Edit post" href="?/' . $board['uri'] . '/edit/' . $this->id . '">' . $config['mod']['link_editpost'] . '</a>';
|
||||
$built .= ' <a title="Edit post" href="?/' . $board['uri'] . '/edit' . ($config['mod']['raw_html_default'] ? '_raw' : '') . '/' . $this->id . '">' . $config['mod']['link_editpost'] . '</a>';
|
||||
|
||||
if (!empty($built))
|
||||
$built = '<span class="controls op">' . $built . '</span>';
|
||||
|
@ -986,7 +986,7 @@ function mod_ban_post($board, $delete, $post, $token = false) {
|
||||
mod_page(_('New ban'), 'mod/ban_form.html', $args);
|
||||
}
|
||||
|
||||
function mod_edit_post($board, $postID) {
|
||||
function mod_edit_post($board, $edit_raw_html, $postID) {
|
||||
global $config, $mod;
|
||||
|
||||
if (!openBoard($board))
|
||||
@ -995,7 +995,10 @@ function mod_edit_post($board, $postID) {
|
||||
if (!hasPermission($config['mod']['editpost'], $board))
|
||||
error($config['error']['noaccess']);
|
||||
|
||||
$security_token = make_secure_link_token($board . '/edit/' . $postID);
|
||||
if ($edit_raw_html && !hasPermission($config['mod']['rawhtml'], $board))
|
||||
error($config['error']['noaccess']);
|
||||
|
||||
$security_token = make_secure_link_token($board . '/edit' . ($edit_raw_html ? '_raw' : '') . '/' . $postID);
|
||||
|
||||
$query = prepare(sprintf('SELECT * FROM `posts_%s` WHERE `id` = :id', $board));
|
||||
$query->bindValue(':id', $postID);
|
||||
@ -1005,7 +1008,10 @@ function mod_edit_post($board, $postID) {
|
||||
error($config['error']['404']);
|
||||
|
||||
if (isset($_POST['name'], $_POST['email'], $_POST['subject'], $_POST['body'])) {
|
||||
$query = prepare(sprintf('UPDATE `posts_%s` SET `name` = :name, `email` = :email, `subject` = :subject, `body_nomarkup` = :body WHERE `id` = :id', $board));
|
||||
if ($edit_raw_html)
|
||||
$query = prepare(sprintf('UPDATE `posts_%s` SET `name` = :name, `email` = :email, `subject` = :subject, `body` = :body WHERE `id` = :id', $board));
|
||||
else
|
||||
$query = prepare(sprintf('UPDATE `posts_%s` SET `name` = :name, `email` = :email, `subject` = :subject, `body_nomarkup` = :body WHERE `id` = :id', $board));
|
||||
$query->bindValue(':id', $postID);
|
||||
$query->bindValue('name', $_POST['name']);
|
||||
$query->bindValue(':email', $_POST['email']);
|
||||
@ -1013,15 +1019,19 @@ function mod_edit_post($board, $postID) {
|
||||
$query->bindValue(':body', $_POST['body']);
|
||||
$query->execute() or error(db_error($query));
|
||||
|
||||
rebuildPost($postID);
|
||||
if (!$edit_raw_html)
|
||||
rebuildPost($postID);
|
||||
|
||||
buildIndex();
|
||||
|
||||
header('Location: ?/' . sprintf($config['board_path'], $board) . $config['dir']['res'] . sprintf($config['file_page'], $post['thread'] ? $post['thread'] : $postID) . '#' . $postID, true, $config['redirect_http']);
|
||||
} else {
|
||||
if ($config['minify_html'])
|
||||
if ($config['minify_html']) {
|
||||
$post['body_nomarkup'] = str_replace("\n", '
', $post['body_nomarkup']);
|
||||
$post['body'] = str_replace("\n", '
', $post['body']);
|
||||
}
|
||||
|
||||
mod_page(_('Edit post'), 'mod/edit_post_form.html', array('token' => $security_token, 'post' => $post));
|
||||
mod_page(_('Edit post'), 'mod/edit_post_form.html', array('token' => $security_token, 'board' => $board, 'raw' => $edit_raw_html, 'post' => $post));
|
||||
}
|
||||
}
|
||||
|
||||
@ -1723,40 +1733,6 @@ function mod_config() {
|
||||
mod_page(_('Config editor'), 'mod/config-editor.html', array('conf' => $conf));
|
||||
}
|
||||
|
||||
function mod_debug_antispam() {
|
||||
global $pdo, $config;
|
||||
|
||||
$args = array();
|
||||
|
||||
if (isset($_POST['board'], $_POST['thread'])) {
|
||||
$where = '`board` = ' . $pdo->quote($_POST['board']);
|
||||
if ($_POST['thread'] != '')
|
||||
$where .= ' AND `thread` = ' . $pdo->quote($_POST['thread']);
|
||||
|
||||
if (isset($_POST['purge'])) {
|
||||
$query = prepare('UPDATE `antispam` SET `expires` = UNIX_TIMESTAMP() + :expires WHERE' . $where);
|
||||
$query->bindValue(':expires', $config['spam']['hidden_inputs_expire']);
|
||||
$query->execute() or error(db_error());
|
||||
}
|
||||
|
||||
$args['board'] = $_POST['board'];
|
||||
$args['thread'] = $_POST['thread'];
|
||||
} else {
|
||||
$where = '';
|
||||
}
|
||||
|
||||
$query = query('SELECT COUNT(*) FROM `antispam`' . ($where ? " WHERE $where" : '')) or error(db_error());
|
||||
$args['total'] = number_format($query->fetchColumn(0));
|
||||
|
||||
$query = query('SELECT COUNT(*) FROM `antispam` WHERE `expires` IS NOT NULL' . ($where ? " AND $where" : '')) or error(db_error());
|
||||
$args['expiring'] = number_format($query->fetchColumn(0));
|
||||
|
||||
$query = query('SELECT * FROM `antispam` ' . ($where ? "WHERE $where" : '') . ' ORDER BY `passed` DESC LIMIT 40') or error(db_error());
|
||||
$args['top'] = $query->fetchAll(PDO::FETCH_ASSOC);
|
||||
|
||||
mod_page(_('Debug: Anti-spam'), 'mod/debug/antispam.html', $args);
|
||||
}
|
||||
|
||||
function mod_themes_list() {
|
||||
global $config;
|
||||
|
||||
@ -1884,3 +1860,89 @@ function mod_theme_rebuild($theme_name) {
|
||||
'theme_name' => $theme_name,
|
||||
));
|
||||
}
|
||||
|
||||
function mod_debug_antispam() {
|
||||
global $pdo, $config;
|
||||
|
||||
$args = array();
|
||||
|
||||
if (isset($_POST['board'], $_POST['thread'])) {
|
||||
$where = '`board` = ' . $pdo->quote($_POST['board']);
|
||||
if ($_POST['thread'] != '')
|
||||
$where .= ' AND `thread` = ' . $pdo->quote($_POST['thread']);
|
||||
|
||||
if (isset($_POST['purge'])) {
|
||||
$query = prepare('UPDATE `antispam` SET `expires` = UNIX_TIMESTAMP() + :expires WHERE' . $where);
|
||||
$query->bindValue(':expires', $config['spam']['hidden_inputs_expire']);
|
||||
$query->execute() or error(db_error());
|
||||
}
|
||||
|
||||
$args['board'] = $_POST['board'];
|
||||
$args['thread'] = $_POST['thread'];
|
||||
} else {
|
||||
$where = '';
|
||||
}
|
||||
|
||||
$query = query('SELECT COUNT(*) FROM `antispam`' . ($where ? " WHERE $where" : '')) or error(db_error());
|
||||
$args['total'] = number_format($query->fetchColumn(0));
|
||||
|
||||
$query = query('SELECT COUNT(*) FROM `antispam` WHERE `expires` IS NOT NULL' . ($where ? " AND $where" : '')) or error(db_error());
|
||||
$args['expiring'] = number_format($query->fetchColumn(0));
|
||||
|
||||
$query = query('SELECT * FROM `antispam` ' . ($where ? "WHERE $where" : '') . ' ORDER BY `passed` DESC LIMIT 40') or error(db_error());
|
||||
$args['top'] = $query->fetchAll(PDO::FETCH_ASSOC);
|
||||
|
||||
$query = query('SELECT * FROM `antispam` ' . ($where ? "WHERE $where" : '') . ' ORDER BY `created` DESC LIMIT 20') or error(db_error());
|
||||
$args['recent'] = $query->fetchAll(PDO::FETCH_ASSOC);
|
||||
|
||||
mod_page(_('Debug: Anti-spam'), 'mod/debug/antispam.html', $args);
|
||||
}
|
||||
|
||||
function mod_debug_recent_posts() {
|
||||
global $pdo, $config;
|
||||
|
||||
$limit = 500;
|
||||
|
||||
$boards = listBoards();
|
||||
|
||||
// Manually build an SQL query
|
||||
$query = 'SELECT * FROM (';
|
||||
foreach ($boards as $board) {
|
||||
$query .= sprintf('SELECT *, %s AS `board` FROM `posts_%s` UNION ALL ', $pdo->quote($board['uri']), $board['uri']);
|
||||
}
|
||||
// Remove the last "UNION ALL" seperator and complete the query
|
||||
$query = preg_replace('/UNION ALL $/', ') AS `all_posts` ORDER BY `time` DESC LIMIT ' . $limit, $query);
|
||||
$query = query($query) or error(db_error());
|
||||
$posts = $query->fetchAll(PDO::FETCH_ASSOC);
|
||||
|
||||
foreach ($posts as &$post) {
|
||||
$post['snippet'] = pm_snippet($post['body']);
|
||||
}
|
||||
|
||||
mod_page(_('Debug: Recent posts'), 'mod/debug/recent_posts.html', array('posts' => $posts));
|
||||
}
|
||||
|
||||
function mod_debug_sql() {
|
||||
global $config;
|
||||
|
||||
if (!hasPermission($config['mod']['debug_sql']))
|
||||
error($config['error']['noaccess']);
|
||||
|
||||
$args['security_token'] = make_secure_link_token('debug/sql');
|
||||
|
||||
if (isset($_POST['query'])) {
|
||||
$args['query'] = $_POST['query'];
|
||||
if ($query = query($_POST['query'])) {
|
||||
$args['result'] = $query->fetchAll(PDO::FETCH_ASSOC);
|
||||
if (!empty($args['result']))
|
||||
$args['keys'] = array_keys($args['result'][0]);
|
||||
else
|
||||
$args['result'] = 'empty';
|
||||
} else {
|
||||
$args['error'] = db_error();
|
||||
}
|
||||
}
|
||||
|
||||
mod_page(_('Debug: SQL'), 'mod/debug/sql.html', $args);
|
||||
}
|
||||
|
||||
|
4
mod.php
4
mod.php
@ -61,7 +61,7 @@ $pages = array(
|
||||
'/ban' => 'secure_POST ban', // new ban
|
||||
'/([\w+.]+)/ban(&delete)?/(\d+)' => 'secure_POST ban_post', // ban poster
|
||||
'/([\w+.]+)/move/(\d+)' => 'secure_POST move', // move thread
|
||||
'/([\w+.]+)/edit/(\d+)' => 'secure_POST edit_post', // edit post
|
||||
'/([\w+.])/edit(_raw)?/(\d+)' => 'secure_POST edit_post', // edit post
|
||||
'/([\w+.]+)/delete/(\d+)' => 'secure delete', // delete post
|
||||
'/([\w+.]+)/deletefile/(\d+)' => 'secure deletefile', // delete file from post
|
||||
'/([\w+.]+)/deletebyip/(\d+)(/global)?' => 'secure deletebyip', // delete all posts by IP address
|
||||
@ -78,6 +78,8 @@ $pages = array(
|
||||
|
||||
// these pages aren't listed in the dashboard without $config['debug']
|
||||
'/debug/antispam' => 'debug_antispam',
|
||||
'/debug/recent' => 'debug_recent_posts',
|
||||
'/debug/sql' => 'secure_POST debug_sql',
|
||||
|
||||
// This should always be at the end:
|
||||
'/([\w+.]+)/' => 'view_board',
|
||||
|
@ -1,3 +1,44 @@
|
||||
<p style="text-align:center">
|
||||
Most recent:
|
||||
</p>
|
||||
<table class="modlog" style="width:700px;margin:auto">
|
||||
<tr>
|
||||
<th>Board</th>
|
||||
<th>Thread</th>
|
||||
<th>Hash (SHA1)</th>
|
||||
<th>Created</th>
|
||||
<th>Expires</th>
|
||||
<th>Passed</th>
|
||||
</tr>
|
||||
{% for hash in recent %}
|
||||
<tr>
|
||||
<td>{{ config.board_abbreviation|sprintf(hash.board) }}</td>
|
||||
<td>
|
||||
{% if hash.thread %}
|
||||
{{ hash.thread }}
|
||||
{% else %}
|
||||
-
|
||||
{% endif %}</td>
|
||||
<td>
|
||||
<small><code>{{ hash.hash }}</code></small>
|
||||
</td>
|
||||
<td>
|
||||
<span title="{{ hash.created|date(config.post_date) }}">{{ hash.created|ago }} ago</span>
|
||||
</td>
|
||||
<td>
|
||||
{% if hash.expires %}
|
||||
<span title="{{ hash.expires|date(config.post_date) }}">
|
||||
{{ hash.expires|until }}
|
||||
</span>
|
||||
{% else %}
|
||||
-
|
||||
{% endif %}
|
||||
</td>
|
||||
<td>{{ hash.passed }}</td>
|
||||
</tr>
|
||||
{% endfor %}
|
||||
</table>
|
||||
|
||||
<p style="text-align:center">
|
||||
Most used (in active):
|
||||
</p>
|
||||
@ -38,6 +79,7 @@
|
||||
</tr>
|
||||
{% endfor %}
|
||||
</table>
|
||||
|
||||
<p style="text-align:center">
|
||||
Total: <strong>{{ total }}</strong> (<strong>{{ expiring }}</strong> set to expire)
|
||||
</p>
|
||||
|
89
templates/mod/debug/recent_posts.html
Normal file
89
templates/mod/debug/recent_posts.html
Normal file
@ -0,0 +1,89 @@
|
||||
<table class="modlog">
|
||||
<tr>
|
||||
<th>Time</th>
|
||||
<th>Board</th>
|
||||
<th>ID</th>
|
||||
<th>Thread</th>
|
||||
<th>IP</th>
|
||||
<th>Name</th>
|
||||
<th>Subject</th>
|
||||
<th>File</th>
|
||||
<th>Body (snippet)</th>
|
||||
</tr>
|
||||
{% for post in posts %}
|
||||
<tr>
|
||||
<td class="minimal">
|
||||
<small>{{ post.time | ago }} ago</small>
|
||||
</td>
|
||||
<td class="minimal">
|
||||
<a href="?/{{ config.board_path|sprintf(post.board) }}{{ config.file_index }}">{{ config.board_abbreviation|sprintf(post.board) }}</a>
|
||||
</td>
|
||||
<td class="minimal" >
|
||||
{% if post.thread %}
|
||||
{% set thread = post.thread %}
|
||||
{% else %}
|
||||
{% set thread = post.id %}
|
||||
{% endif %}
|
||||
<a href="{{ config.root ~ post.board ~ '/' ~ config.dir.res}}{{ config.file_page|sprintf(thread) }}#{{ post.id }}">
|
||||
{{ post.id }}
|
||||
</a>
|
||||
</td>
|
||||
<td class="minimal">
|
||||
<small>
|
||||
{% if post.thread %}
|
||||
{{ post.thread }}
|
||||
{% else %}
|
||||
(OP)
|
||||
{% endif %}
|
||||
</small>
|
||||
</td>
|
||||
<td class="minimal">
|
||||
{% if mod|hasPermission(config.mod.show_ip, post.board) %}
|
||||
<a href="?/IP/{{ post.ip }}">
|
||||
{{ post.ip }}
|
||||
</a>
|
||||
{% else %}
|
||||
<em>hidden</em>
|
||||
{% endif %}
|
||||
</td>
|
||||
<td class="minimal" >
|
||||
<small>
|
||||
{% if post.email|length > 0 %}
|
||||
{# start email #}
|
||||
<a class="email" href="mailto:{{ post.email }}">
|
||||
{% endif %}
|
||||
{% set capcode = post.capcode|capcode %}
|
||||
<span {% if capcode.name %}style="{{ capcode.name }}" {% endif %}class="name">{{ post.name }}</span>
|
||||
{% if post.trip|length > 0 %}
|
||||
<span {% if capcode.trip %}style="{{ capcode.trip }}" {% endif %}class="trip">{{ post.trip }}</span>
|
||||
{% endif %}
|
||||
{% if post.email|length > 0 %}
|
||||
{# end email #}
|
||||
</a>
|
||||
{% endif %}
|
||||
{% if capcode %}
|
||||
{{ capcode.cap }}
|
||||
{% endif %}
|
||||
</small>
|
||||
</td>
|
||||
<td class="minimal" >
|
||||
{% if post.subject %}
|
||||
<small>{{ post.subject }}</small>
|
||||
{% else %}
|
||||
–
|
||||
{% endif %}
|
||||
</td>
|
||||
<td class="minimal">
|
||||
{% if post.file %}
|
||||
<small>{{ post.file }} ({{ post.filesize | filesize }})</small>
|
||||
{% else %}
|
||||
–
|
||||
{% endif %}
|
||||
</td>
|
||||
<td>
|
||||
<small><em>{{ post.snippet }}</em></small>
|
||||
</td>
|
||||
</tr>
|
||||
{% endfor %}
|
||||
</table>
|
||||
|
26
templates/mod/debug/sql.html
Normal file
26
templates/mod/debug/sql.html
Normal file
@ -0,0 +1,26 @@
|
||||
<form action="" method="post">
|
||||
<input type="hidden" name="token" value="{{ security_token }}">
|
||||
<textarea style="display:block;margin:5px auto;width:90%;max-width:600px" rows="3" name="query">{{ query | e }}</textarea>
|
||||
<input style="display:block;margin:5px auto" type="submit" value="Query">
|
||||
</form>
|
||||
|
||||
{% if result == 'empty' %}
|
||||
<p style="text-align:center">Query successful (no result).</p>
|
||||
{% elseif result %}
|
||||
<table class="modlog">
|
||||
<tr>
|
||||
{% for key in keys %}
|
||||
<th>{{ key | e }}</th>
|
||||
{% endfor %}
|
||||
</tr>
|
||||
{% for row in result %}
|
||||
<tr>
|
||||
{% for col in row %}
|
||||
<td>{{ col | e }}</td>
|
||||
{% endfor %}
|
||||
</tr>
|
||||
{% endfor %}
|
||||
</table>
|
||||
{% elseif error %}
|
||||
<p style="text-align:center;color:#d00">{{ error | e }}</p>
|
||||
{% endif %}
|
@ -32,8 +32,16 @@
|
||||
{% trans %}Comment{% endtrans %}
|
||||
</th>
|
||||
<td>
|
||||
<textarea name="body" id="body" rows="5" cols="35">{{ post.body_nomarkup }}</textarea>
|
||||
<textarea name="body" id="body" rows="8" cols="35">{% if raw %}{{ post.body | e }}{% else %}{{ post.body_nomarkup }}{% endif %}</textarea>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
<p style="text-align:center">
|
||||
{% if raw %}
|
||||
{% trans %}Currently editing raw HTML.{% endtrans %}
|
||||
<a href="?/{{ board }}/edit/{{ post.id }}">{% trans %}Edit markup instead?{% endtrans %}</a>
|
||||
{% else %}
|
||||
<a href="?/{{ board }}/edit_raw/{{ post.id }}">{% trans %}Edit raw HTML instead?{% endtrans %}</a>
|
||||
{% endif %}
|
||||
</p>
|
||||
</form>
|
||||
|
Loading…
Reference in New Issue
Block a user