From 3ef5e9c0c871f941301d50b2a04753912c859e8d Mon Sep 17 00:00:00 2001
From: czaks <marcin@6irc.net>
Date: Tue, 8 Jul 2014 01:40:58 +0200
Subject: [PATCH 1/4] tag for vichan-4.5.2

---
 install.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/install.php b/install.php
index 21094532..2881f628 100644
--- a/install.php
+++ b/install.php
@@ -1,7 +1,7 @@
 <?php
 
 // Installation/upgrade file	
-define('VERSION', '4.5.1');
+define('VERSION', '4.5.2');
 
 require 'inc/functions.php';
 
@@ -523,6 +523,7 @@ if (file_exists($config['has_installed'])) {
 			$twig->clearCacheFiles();
 		case '4.4.98':
 		case '4.5.0':
+		case '4.5.1':
 		case false:
 			// TODO: enhance Tinyboard -> vichan upgrade path.
 			query("CREATE TABLE IF NOT EXISTS ``search_queries`` (  `ip` varchar(39) NOT NULL,  `time` int(11) NOT NULL,  `query` text NOT NULL) ENGINE=MyISAM DEFAULT CHARSET=utf8;") or error(db_error());

From 9526f5ed1c5664fa8e12d6c43c20ef4fd2171e93 Mon Sep 17 00:00:00 2001
From: czaks <marcin@6irc.net>
Date: Tue, 8 Jul 2014 09:43:04 +0200
Subject: [PATCH 2/4] fix #72

---
 inc/mod/pages.php | 27 +++++++++++++++------------
 1 file changed, 15 insertions(+), 12 deletions(-)

diff --git a/inc/mod/pages.php b/inc/mod/pages.php
index 9b9d3127..0cd49408 100644
--- a/inc/mod/pages.php
+++ b/inc/mod/pages.php
@@ -232,7 +232,7 @@ function mod_search($type, $search_query_escaped, $page_no = 1) {
 	
 	// Which `field` to search?
 	if ($type == 'posts')
-		$sql_field = array('body_nomarkup', 'filename', 'file', 'subject', 'filehash', 'ip', 'name', 'trip');
+		$sql_field = array('body_nomarkup', 'files', 'subject', 'filehash', 'ip', 'name', 'trip');
 	if ($type == 'IP_notes')
 		$sql_field = 'body';
 	if ($type == 'bans')
@@ -739,28 +739,31 @@ function mod_view_thread50($boardName, $thread) {
 
 function mod_ip_remove_note($ip, $id) {
 	global $config, $mod;
+	$ip = rawurldecode($ip);
 	
 	if (!hasPermission($config['mod']['remove_notes']))
 			error($config['error']['noaccess']);
 	
-	if (filter_var($ip, FILTER_VALIDATE_IP) === false)
-		error("Invalid IP address.");
+	//if (filter_var($ip, FILTER_VALIDATE_IP) === false)
+	//	error("Invalid IP address.");
 	
 	$query = prepare('DELETE FROM ``ip_notes`` WHERE `ip` = :ip AND `id` = :id');
 	$query->bindValue(':ip', $ip);
 	$query->bindValue(':id', $id);
 	$query->execute() or error(db_error($query));
 	
-	modLog("Removed a note for <a href=\"?/IP/{$ip}\">{$ip}</a>");
+	modLog("Removed a note for <a href=\"?/IP/".rawurlencode($ip)."\">".htmlspecialchars($ip)."</a>");
 	
-	header('Location: ?/IP/' . $ip . '#notes', true, $config['redirect_http']);
+	header('Location: ?/IP/' . rawurlencode($ip) . '#notes', true, $config['redirect_http']);
 }
 
 function mod_page_ip($ip) {
 	global $config, $mod;
 	
-	if (filter_var($ip, FILTER_VALIDATE_IP) === false)
-		error("Invalid IP address.");
+	$ip = rawurldecode($ip);
+
+	//if (filter_var($ip, FILTER_VALIDATE_IP) === false)
+	//	error("Invalid IP address.");
 	
 	if (isset($_POST['ban_id'], $_POST['unban'])) {
 		if (!hasPermission($config['mod']['unban']))
@@ -768,7 +771,7 @@ function mod_page_ip($ip) {
 		
 		Bans::delete($_POST['ban_id'], true);
 		
-		header('Location: ?/IP/' . $ip . '#bans', true, $config['redirect_http']);
+		header('Location: ?/IP/' . rawurlencode($ip) . '#bans', true, $config['redirect_http']);
 		return;
 	}
 	
@@ -785,9 +788,9 @@ function mod_page_ip($ip) {
 		$query->bindValue(':body', $_POST['note']);
 		$query->execute() or error(db_error($query));
 		
-		modLog("Added a note for <a href=\"?/IP/{$ip}\">{$ip}</a>");
+		modLog("Added a note for <a href=\"?/IP/".rawurlencode($ip)."\">".htmlspecialchars($ip)."</a>");
 		
-		header('Location: ?/IP/' . $ip . '#notes', true, $config['redirect_http']);
+		header('Location: ?/IP/' . rawurlencode($ip) . '#notes', true, $config['redirect_http']);
 		return;
 	}
 	
@@ -803,7 +806,7 @@ function mod_page_ip($ip) {
 		openBoard($board['uri']);
 		if (!hasPermission($config['mod']['show_ip'], $board['uri']))
 			continue;
-		$query = prepare(sprintf('SELECT * FROM ``posts_%s`` WHERE `ip` = :ip ORDER BY `sticky` DESC, `id` DESC LIMIT :limit', $board['uri']));
+		$query = prepare(sprintf('SELECT * FROM ``posts_%s`` WHERE `ip` = :ip OR `password` = :ip ORDER BY `sticky` DESC, `id` DESC LIMIT :limit', $board['uri']));
 		$query->bindValue(':ip', $ip);
 		$query->bindValue(':limit', $config['mod']['ip_recentposts'], PDO::PARAM_INT);
 		$query->execute() or error(db_error($query));
@@ -846,7 +849,7 @@ function mod_page_ip($ip) {
 	
 	$args['security_token'] = make_secure_link_token('IP/' . $ip);
 	
-	mod_page(sprintf('%s: %s', _('IP'), $ip), 'mod/view_ip.html', $args, $args['hostname']);
+	mod_page(sprintf('%s: %s', _('IP'), htmlspecialchars($ip)), 'mod/view_ip.html', $args, $args['hostname']);
 }
 
 function mod_ban() {

From f97d2dff8594bc11f61659c8c5ff2d687a4635df Mon Sep 17 00:00:00 2001
From: czaks <marcin@6irc.net>
Date: Tue, 8 Jul 2014 09:44:30 +0200
Subject: [PATCH 3/4] fix previous commit

---
 inc/mod/pages.php | 25 +++++++++++--------------
 1 file changed, 11 insertions(+), 14 deletions(-)

diff --git a/inc/mod/pages.php b/inc/mod/pages.php
index 0cd49408..801ad9eb 100644
--- a/inc/mod/pages.php
+++ b/inc/mod/pages.php
@@ -739,31 +739,28 @@ function mod_view_thread50($boardName, $thread) {
 
 function mod_ip_remove_note($ip, $id) {
 	global $config, $mod;
-	$ip = rawurldecode($ip);
 	
 	if (!hasPermission($config['mod']['remove_notes']))
 			error($config['error']['noaccess']);
 	
-	//if (filter_var($ip, FILTER_VALIDATE_IP) === false)
-	//	error("Invalid IP address.");
+	if (filter_var($ip, FILTER_VALIDATE_IP) === false)
+		error("Invalid IP address.");
 	
 	$query = prepare('DELETE FROM ``ip_notes`` WHERE `ip` = :ip AND `id` = :id');
 	$query->bindValue(':ip', $ip);
 	$query->bindValue(':id', $id);
 	$query->execute() or error(db_error($query));
 	
-	modLog("Removed a note for <a href=\"?/IP/".rawurlencode($ip)."\">".htmlspecialchars($ip)."</a>");
+	modLog("Removed a note for <a href=\"?/IP/{$ip}\">{$ip}</a>");
 	
-	header('Location: ?/IP/' . rawurlencode($ip) . '#notes', true, $config['redirect_http']);
+	header('Location: ?/IP/' . $ip . '#notes', true, $config['redirect_http']);
 }
 
 function mod_page_ip($ip) {
 	global $config, $mod;
 	
-	$ip = rawurldecode($ip);
-
-	//if (filter_var($ip, FILTER_VALIDATE_IP) === false)
-	//	error("Invalid IP address.");
+	if (filter_var($ip, FILTER_VALIDATE_IP) === false)
+		error("Invalid IP address.");
 	
 	if (isset($_POST['ban_id'], $_POST['unban'])) {
 		if (!hasPermission($config['mod']['unban']))
@@ -771,7 +768,7 @@ function mod_page_ip($ip) {
 		
 		Bans::delete($_POST['ban_id'], true);
 		
-		header('Location: ?/IP/' . rawurlencode($ip) . '#bans', true, $config['redirect_http']);
+		header('Location: ?/IP/' . $ip . '#bans', true, $config['redirect_http']);
 		return;
 	}
 	
@@ -788,9 +785,9 @@ function mod_page_ip($ip) {
 		$query->bindValue(':body', $_POST['note']);
 		$query->execute() or error(db_error($query));
 		
-		modLog("Added a note for <a href=\"?/IP/".rawurlencode($ip)."\">".htmlspecialchars($ip)."</a>");
+		modLog("Added a note for <a href=\"?/IP/{$ip}\">{$ip}</a>");
 		
-		header('Location: ?/IP/' . rawurlencode($ip) . '#notes', true, $config['redirect_http']);
+		header('Location: ?/IP/' . $ip . '#notes', true, $config['redirect_http']);
 		return;
 	}
 	
@@ -806,7 +803,7 @@ function mod_page_ip($ip) {
 		openBoard($board['uri']);
 		if (!hasPermission($config['mod']['show_ip'], $board['uri']))
 			continue;
-		$query = prepare(sprintf('SELECT * FROM ``posts_%s`` WHERE `ip` = :ip OR `password` = :ip ORDER BY `sticky` DESC, `id` DESC LIMIT :limit', $board['uri']));
+		$query = prepare(sprintf('SELECT * FROM ``posts_%s`` WHERE `ip` = :ip ORDER BY `sticky` DESC, `id` DESC LIMIT :limit', $board['uri']));
 		$query->bindValue(':ip', $ip);
 		$query->bindValue(':limit', $config['mod']['ip_recentposts'], PDO::PARAM_INT);
 		$query->execute() or error(db_error($query));
@@ -849,7 +846,7 @@ function mod_page_ip($ip) {
 	
 	$args['security_token'] = make_secure_link_token('IP/' . $ip);
 	
-	mod_page(sprintf('%s: %s', _('IP'), htmlspecialchars($ip)), 'mod/view_ip.html', $args, $args['hostname']);
+	mod_page(sprintf('%s: %s', _('IP'), $ip), 'mod/view_ip.html', $args, $args['hostname']);
 }
 
 function mod_ban() {

From 8d0f1bf4adc1dcc61c46d87eacc4458e3fa0c329 Mon Sep 17 00:00:00 2001
From: czaks <marcin@6irc.net>
Date: Tue, 8 Jul 2014 09:56:31 +0200
Subject: [PATCH 4/4] fix a bug in filename truncation

---
 inc/lib/Twig/Extensions/Extension/Tinyboard.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/inc/lib/Twig/Extensions/Extension/Tinyboard.php b/inc/lib/Twig/Extensions/Extension/Tinyboard.php
index 986ecf45..81276147 100644
--- a/inc/lib/Twig/Extensions/Extension/Tinyboard.php
+++ b/inc/lib/Twig/Extensions/Extension/Tinyboard.php
@@ -92,7 +92,7 @@ function twig_sprintf_filter( $value, $var) {
 	return sprintf($value, $var);
 }
 
-function twig_truncate_filter($value, $length = 30, $preserve = false, $separator = '&hellip;') {
+function twig_truncate_filter($value, $length = 30, $preserve = false, $separator = '…') {
 	if (mb_strlen($value) > $length) {
 		if ($preserve) {
 			if (false !== ($breakpoint = mb_strpos($value, ' ', $length))) {
@@ -104,7 +104,7 @@ function twig_truncate_filter($value, $length = 30, $preserve = false, $separato
 	return $value;
 }
 
-function twig_filename_truncate_filter($value, $length = 30, $separator = '&hellip;') {
+function twig_filename_truncate_filter($value, $length = 30, $separator = '…') {
 	if (mb_strlen($value) > $length) {
 		$value = strrev($value);
 		$array = array_reverse(explode(".", $value, 2));