sshscp15
30e7574649
Fix display warning/errors ( #496 )
...
* prevent filling debug param when debug is off
* fix php warning: "$item" must be passed by reference
2022-09-15 13:03:32 -04:00
27chan
76fad44de4
Removed regex with possibiblity of XSS
...
An anonymous user reported the issue to me
2022-09-05 13:58:41 -03:00
Fred Brennan
572a11dba7
Flip insane default for non-developers
2022-08-29 11:48:38 -04:00
Fred Brennan
efd54a20e8
Install config to secrets.php by default
2022-08-29 11:47:47 -04:00
Fred Brennan
a99d7c7c80
Add support for APC(u)
2022-08-29 11:45:59 -04:00
C Hatfield
ae2d91c534
Moved hardcoded html filepaths into config file for extensibility ( #354 )
...
Co-authored-by: chatfield <chatfield@creatuity.com>
Co-authored-by: Fred Brennan <copypaste@kittens.ph>
2022-08-29 10:50:45 -04:00
haruhianon609
0f94915fdf
Add yandex images as image identification option ( #430 )
...
* Add yandex images as image identification option
* Update image_identification.html
* Fix indentation
Co-authored-by: Fred Brennan <copypaste@kittens.ph>
2022-08-29 10:37:40 -04:00
Fredrick Brennan
1e19e75bf5
Change illogical default of $config[force_body]
...
Makes JS and non-JS enforcement equivalent while providing a downgrade path.
JS may not allow empty bodies even when $config[force_body] false. Don't care enough to fix. PR welcome.
Close #493 .
2022-08-29 10:30:50 -04:00
Fredrick Brennan
9e63116338
fix mysql_version() for mariadb
2022-08-20 12:45:56 -04:00
sshscp15
4db4ab9cf0
simple catalog support for moderators
2022-08-20 12:25:10 -04:00
PVNFU-28
75236d6ae5
Update functions.php
...
current regex consumes the space after a post quote, instead of merely checking that it's there. As a result textually consecutive post quotes, which the source calls cites, cannot be separated by a single space. This fixes that
2022-08-20 12:20:53 -04:00
bebyx
c128a37160
Fix editing global pages for 7.4 ( #487 )
2022-08-20 12:17:04 -04:00
Junicchi
23ebde7883
fix Undefined index ip problem, fixes #434
2022-08-20 12:13:02 -04:00
27chan
ae3b5b194c
Merge pull request #466 from discomrade/patch-5
...
Fix multiple issues in anti bump flood
2022-06-21 12:56:11 -03:00
27chan
1d8a577029
Merge pull request #440 from discomrade/patch-1
...
Fix custom thumb_ext when using ImageMagick convert
2022-06-06 22:06:16 -03:00
discomrade
77bab66293
Fix multiple issues in anti bump flood
...
- saged posts aren't ignored when finding last bump
- bumplocked thread with one reply, delete the reply and no post matches the query
- bumplocked threads should be ignored
2022-01-22 03:31:52 +00:00
jove
847c5d130c
Fixes an error reporting typo.
2022-01-18 07:17:34 -01:00
discomrade
8512321669
Fix redis 'delete' deprecation error
...
Redis deprecated the 'delete' alias for 'del'. Posting while using redis cache would return an error, the post would still be posted.
2022-01-16 23:50:25 -05:00
Fredrick Brennan
9745e9d854
Ignore recently added graphicsmagick check
...
Closes #445 .
2021-11-03 22:55:55 -04:00
discomrade
54cd4d41f2
Fix custom thumb_ext for ImageMagick convert
...
Fixed breaking typo in previous commit
2021-06-23 12:40:27 +00:00
discomrade
a752a3930c
Fix custom thumb_ext for ImageMagick convert
...
When using ImageMagick's convert tool, the output defaults to the input format if no file extension or format is specified.
The temp file currently has no extension, so a $config['thumb_ext'] value has no effect on the image.
By appending the thumb_ext to the temp output file, it will convert the image to the intended format.
You can see this issue present on lainchan, where thumbnails have a .png filename but are not really PNG files when the input is a .jpg, for example.
2021-06-23 11:52:29 +00:00
h00j
fd9a3c07dd
Merge branch 'master' of https://github.com/vichan-devel/vichan
2021-04-01 22:30:49 +02:00
h00j
281dccb690
fix undefined index in cloak_mask/uncloak_mask
2021-04-01 22:30:22 +02:00
h00j
59c0f788d2
typo
2021-03-12 21:52:37 +01:00
h00j
4ef7feabf2
add telegrams
2021-03-12 21:51:42 +01:00
Łiźnier Hełam Łabej
ee57b6b5ca
Merge pull request #405 from PVNFU-28/patch-3
...
Update config.php
2021-02-26 21:41:46 +01:00
Łiźnier Hełam Łabej
7a44731f27
Merge pull request #413 from PVNFU-28/patch-9
...
replace rbl.efnet.org with rbl.efnetrbl.org
2021-02-26 21:40:01 +01:00
PVNFU-28
d166db6a50
replace rbl.efnet.org with rbl.efnetrbl.org
...
rbl.efnet.org redirects to rbl.efnetrbl.org and says
"Notice We have created a mirror of the rbl.efnet.org zone at rbl.efnetrbl.org.
It has the exact same data and responses. Please use the mirror in your configs.
The mirror was created after repeated failures at Network Solutions."
Also deleted some random tabs on empty lines and some extra spaces which were put by error I guess
2021-02-21 01:03:10 -03:00
PVNFU-28
30eb4e8335
Update config.php
...
Fixes https://github.com/vichan-devel/vichan/issues/404
2021-02-16 23:33:52 -03:00
h00j
00349d0315
mute constant redefinition notice
2021-02-14 09:22:01 +01:00
panfu28
c25e3dea78
Update config.php
...
Fixed embedding for dailymotion, metacage and vocaroo.
Google Videos stopped being a thing in 2012 it seems.
2021-02-14 02:49:15 -03:00
h00j
908b843854
move antibot functions
2021-02-13 21:14:06 +01:00
h00j
599fee5e21
use composer
2021-02-13 19:24:03 +01:00
Łiźnier Hełam Łabej
47df9c6485
Merge pull request #399 from vichan-devel/ip-cloaking
...
ip cloaking
2021-02-13 17:28:30 +01:00
h00j
bce71c1f98
ip cloaking
2021-02-13 14:11:41 +01:00
panfu28
d8e3925183
Update config.php
...
just fixed a comment that might confuse new users, plus it was outdated
2020-12-11 17:10:43 -03:00
Sardach
19151def82
insignificant fix
...
PHP7 shows a warning when executing tools/rebuild2.php: "Declaration of case-insensitive constants is deprecated"
$group_name and $group_value really not need be case-insensitive, so i simply removed that "true".
2020-10-31 04:24:21 -07:00
papereth
a268004c7a
Fix wrong variable used in ban lookup ( #376 )
...
` $_SERVER['REMOTE_ADDR']` was hardcoded in ban lookup instead of `$ip` variable
2020-08-09 18:31:50 -07:00
Daniel Saunders
c7e5cd6814
$board can be NULL here, prevent indexing it
...
Simplest 7.4 fix ever? Possibly.
2020-01-20 10:37:10 +08:00
Fredrick Brennan
5e809047ad
By default, no longer treat deprecations as errors
...
Close #363 .
See also https://www.youtube.com/watch?v=9crnlHLVdno
2020-01-20 10:04:39 +08:00
Fredrick Brennan
a2ba03849f
Fix PHP 7.4 deprecations
2020-01-20 10:04:39 +08:00
Fredrick Brennan
af06cf3737
Disable check_updates
by default
...
It no longer works and never will again, so...
2020-01-15 11:36:51 +08:00
rarjpg
63b0b92690
Move HTML Tidy 'bare' option to the config
2019-11-29 19:21:20 +08:00
rarjpg
0a3bca7dd8
Various fixes
2019-11-29 13:54:08 +08:00
Kureva
1613f6baea
Option to reset thread bump
after last post deleted.
2019-10-14 18:56:13 +08:00
Daniel Saunders
e15e966cdb
Fix a bug related to deleting boards (see https://github.com/vichan-devel/vichan/issues/331 )
2019-09-22 16:57:12 +08:00
Brayden
997326af59
fix typo in inc/config.php
2019-03-22 10:02:38 +08:00
Fredrick Brennan
ac971f36d5
Fix capcodes in PHP7.2. Close #299
2018-07-27 20:08:03 +08:00
Fredrick Brennan
524d48110b
Fix bans of form "5d", "1y", etc. for PHP7.2
...
This closes #301 .
2018-07-27 19:06:31 +08:00
Fredrick Brennan
0aa4e3badc
Update Twig. This closes #295
2018-05-10 18:25:37 +08:00
Fredrick Brennan
b078ffb1e4
Close #282
2018-05-10 17:33:07 +08:00
antedeguemon
b94bf5ec19
Update license and copyright dates
2018-03-01 22:57:53 -03:00
Fredrick Brennan
c2f7073dd4
Fix warnings in PHP7 in gettext library
...
Not sure how to commit this upstream, the library seems to be
unmaintained.
2017-11-05 21:17:20 +08:00
Fredrick Brennan
8e811cec44
Close #265
2017-11-03 22:12:35 +08:00
Christopher Henly
598843547e
Remove links to (dead) tinyboard.org
...
Instead we link to the archived documentation, just like in README.md. I also removed the link to tinyboard.org from the boardlinks example, and replaced it with a Github one.
2017-10-30 15:20:43 -04:00
vi
8c0b413c94
New vimeo embed
2017-10-27 22:41:08 -02:00
Fredrick Brennan
09b373cf60
Merge pull request #245 from ghost/patch-2
...
Bug fixing inc.
2017-10-26 13:35:26 +08:00
RalphORama
c8765dede4
Update PHP version check
...
Removed trailing zero
2017-10-24 17:36:14 -04:00
RalphORama
2097562596
PHP version check for mcrypt_create_iv
...
Use `mcrypt_create_iv()` if PHP version is less than 7.1.0, otherwise use `random_bytes()` (introduced in PHP 7.1 to replace `mcrypt_create_iv()`)
2017-10-24 16:27:00 -04:00
RalphORama
67b1565ef8
Replace mcrypt_create_iv with random_bytes
...
`mcrypt_create_iv()` was deprecated in PHP 7.1.0.
2017-10-24 16:16:25 -04:00
antedeguemon
4d1dc45a7c
Bugfix: allow mods to edit poster name at edit post page
2017-07-29 20:23:18 -03:00
Thalis
7529c83a00
added fix from @Circlepuller to mod_move_reply also
...
thx @Cirlepuller
2017-07-28 22:51:59 +02:00
Thalis
0846d0c784
might fix moving replies with deleted image
...
brace yourself for other conflicts lol
2017-07-28 22:41:20 +02:00
Thalis
7883998a78
should fix moving a spoilered thread (OP) image
2017-07-28 21:01:12 +02:00
Daniel Saunders
504282b55f
Merge remote-tracking branch 'vichan/master'
2017-07-24 22:40:39 -04:00
czaks
4025705eac
replace faulty dnsbl with efnetrbl
2017-07-24 15:04:01 -04:00
Daniel Saunders
64cf4b11ee
Dirty quick fix to allow moderation to move threads with deleted files
2017-07-24 15:01:17 -04:00
czaks
7b538f0eae
Merge branch 'master' of github.com:vichan-devel/Tinyboard
2017-07-24 15:00:44 -04:00
Daniel Saunders
d8e12a15b7
Dirty quick fix to allow moderation to move threads with deleted files
2017-07-24 15:00:33 -04:00
Daniel Saunders
a31a3a281f
Bug related to antispam and reCAPTCHA 2 valid fields
2017-07-24 12:22:53 -04:00
Daniel Saunders
09fadec620
inline-expanding.js needs jQuery to function, so why are we not including it in the default configuration too?
2017-07-24 04:38:38 -04:00
Daniel Saunders
b5fac28a8b
Fully removed the outdated recaptchalib.php (freed up some room hehe)
2017-07-24 04:03:49 -04:00
Marcin Łabanowski
39715e3595
Merge pull request #224 from ghost/patch-2
...
Implementing Czaks captcha
2017-07-23 17:57:59 +02:00
Marcin Łabanowski
3e23c028de
Merge pull request #215 from antedeguemon/master
...
Prevents reports with too many characters
2017-07-23 17:55:22 +02:00
Marcin Łabanowski
ef1898833d
Merge pull request #226 from ghost/patch-1
...
Fixed DNSBL TOR
2017-07-23 17:54:08 +02:00
Thalis
fe495fed64
Update config.php
2017-07-23 17:50:54 +02:00
czaks
40fe35fedc
early 404 staged
2017-05-17 14:54:35 -04:00
Hollick
29409f1456
Update config.php
...
Well I'm just putting this info out there for those that need tor protection. no reason to pull this if not stable.
2017-04-28 19:07:17 +02:00
Hollick
c4358b078e
Update config.php
2017-04-28 16:19:32 +02:00
Hollick
bb86d55b1f
Fixed DNSBL TOR
...
Don't know if Sectoor.de comes online again. Found this new dnsbl tor blacklist checker. in case you really need a tor blacklist.
2017-04-28 16:09:15 +02:00
Horija
e1bc4f1da9
Update config.php
2017-04-24 11:41:49 +02:00
Horija
3438718667
Add files via upload
2017-04-24 11:40:49 +02:00
Horija
6a53b99feb
Create readme.md
2017-04-24 11:40:22 +02:00
Horija
9ddb5833b3
Implementing a new captcha
...
I'm (trying) to integrate @Czaks custom captcha
2017-04-24 11:38:56 +02:00
KekuKin
57732bdff5
Fixed uninstall error for themes.
...
Was receiving uninstall errors: undefined index: theme
2017-03-30 00:58:11 +02:00
vholmes
387ebe9c0c
Prevents reports with too many characters
2017-02-15 23:07:50 -02:00
Marcin Łabanowski
a989435253
Merge pull request #212 from SHooZ/uk_UA-localization
...
Add uk_UA localization files
2017-01-22 23:58:32 +01:00
SHooZ
2ca02733ac
Add uk_UA localization files
2017-01-22 22:16:56 +00:00
Michael D. Reiley
372c26491a
Fix typo in max_images comment
...
multi_image.js should be multi-image.js, with a dash, not an underscore.
2016-10-01 15:06:09 -07:00
Michael D. Reiley
8951cb74c8
Rebuild index when mod deletes a thread.
...
The index does not properly rebuild when a mod deletes a thread, resulting in a ghost thread remaining in the index until the next rebuild. This fix was originally contributed to Uboachan's codebase by Mannosuke.
2016-09-22 23:03:11 -07:00
czaks
3f38a6db97
Merge branch 'master' of github.com:vichan-devel/Tinyboard
2016-08-19 23:15:47 +02:00
czaks
a5e7b3da6f
nntpchan: work around php nonsense
2016-08-19 23:15:42 +02:00
Jeff Becker
1c3e6e590a
patch for nntpchan stream
2016-08-19 16:05:50 -04:00
czaks
0b19051891
fix a notice; increase waiting time for dns
2016-08-15 04:13:26 +02:00
czaks
a779b96370
second iteration of nntpchan implementation
2016-08-15 00:56:06 +02:00
czaks
5e335a8564
preliminary inbound nntpchan support
2016-08-14 16:24:17 +02:00
czaks
11cecf8452
Revert "[BUG] Image reject repost board option now also affects YT embeds"
...
This reverts commit b476b66007
.
2016-06-21 05:03:44 +02:00
czaks
d2bb4a776f
fail gracefully on no thumbnail
2016-06-09 11:15:45 +02:00
czaks
8a46c7a0d5
tesseract OCR support for spamfilters
2016-06-09 11:09:10 +02:00
czaks
52fe9bc873
fix sane_strategy for advanced build. should fix the ajax.js problem.
2016-05-15 15:53:30 +02:00
czaks
bb9aaad899
i forgot about a queue and a lock implementation
2016-05-08 15:37:49 +02:00
czaks
f24e0f9814
optimize out openboard when we don`t need it. a big performance improvement too 🏎
...
also, don't call dnsbl for local ip addresses
2016-05-08 14:02:17 +02:00
czaks
12e6aba5d4
(2/2) advanced build. implement a daemon that will build static pages.
...
implement a queue and a lock. fix notice in bans. and it even works!
the daemon is basic right now, it could work in a mode that it will defer building certain
pages until a certain time.
2016-05-08 13:23:41 +02:00
czaks
e265375475
fixup
2016-05-08 10:59:36 +02:00
czaks
b6f0317bde
advanced build (1/2): a small refactor of index generating procedure; generation strategies
2016-05-08 10:54:30 +02:00
czaks
a5e22f6d63
split route and controller parts from smart build
2016-05-08 02:50:44 +02:00
Fredrick Brennan
505adffcdc
Cyclical threads ♺
2016-05-06 16:39:20 +02:00
czaks
ab02a42725
maybe we can try to load Parsedown, after all we can silence the error
2016-05-06 16:27:43 +02:00
8chan
d788131202
Allow a board called news to exist
2016-05-06 16:26:17 +02:00
czaks
d726eaf195
we don't have a htmlpurifier yet ;_;
2016-05-06 16:07:21 +02:00
Fredrick Brennan
95b1e103cb
Edit static pages commit
2016-05-06 16:03:55 +02:00
8chan
7911c374e8
Public action logs commit (log.php)
...
Note: In a previous commit, I began making inc/mod/auth.php more modular with the check_login() function. Including it does NOT check mod login by default anymore like it does on vichan. You have to call check_login(). I've finally included it in inc/functions.php. If you have any custom pages that use inc/mod/auth.php, just including functions.php is enough now.
===================================
Also: backports 351375185e
(early 404)
2016-05-06 15:44:26 +02:00
8chan
6dd1420f91
Add event to quote backlinks
2016-05-06 15:15:17 +02:00
8chan
ce3ce4f1b6
Fix *0 secure tripcodes caused by accidentally feeding + signs to crypt()
2016-05-06 15:14:55 +02:00
8chan
7831da83fc
New event: rebuildpost, allows you to bind events to ?/edit
2016-05-06 15:13:27 +02:00
Fredrick Brennan
b476b66007
[BUG] Image reject repost board option now also affects YT embeds
2016-05-06 15:12:08 +02:00
czaks
126ee42b9d
better rules for stripping combined chars, based on 45c0d32761
by @ctrlcctrlv
2016-05-06 14:34:42 +02:00
czaks
33ef3f9b01
synchronize catalog_link
2016-05-06 14:14:22 +02:00
8chan
7a7574bdca
SECURITY / XSS : ?/edit allowed arbitrary HTML to be added by any user thru addition of <tinyboard raw html>1</tinyboard>
...
This allowed ANY user with ?/edit privilege to also have raw_html regardless of whether they had $config['mod']['rawhtml']
Now, any changes to <tinyboard> markup modifiers via ?/edit are not allowed. They are removed at read time, and before write they are removed again and the ones in the database (which should be clean...) are inserted instead.
Please immediately apply this patch to your instance if you are running any version of 8chan/infinity.
2016-05-06 12:43:25 +02:00
8chan
6da7f4d25a
No more country flags in <title>
2016-05-06 12:40:37 +02:00
8chan
632d0a76d0
Display placeholder if no file in catalog/theme.php; czaks: fix the code a bit
2016-05-06 12:37:00 +02:00
8chan
6b04b3c671
Fix post deletion
2016-05-05 13:21:09 +02:00
Fredrick Brennan
8943bb0bb3
Rewrite report system due to flooding
2016-05-05 12:57:52 +02:00
czaks
cd01191072
those parts are extraneous
2016-05-05 11:45:29 +02:00
8chan
3eb755ee7e
Move login check in inc/mod/auth.php to a function
...
This allows pages like create.php to not include inc/mod/pages.php while still being able to use the mod auth functions (like generating salts and passwords)
2016-05-05 11:40:52 +02:00
8chan Admin
93f748e6a8
Security: capitalization of mods username is significant
2016-05-05 11:39:12 +02:00
czaks
d310abc95c
Merge branch 'master' of github.com:vichan-devel/vichan
2016-05-05 10:54:09 +02:00
czaks
abe4bdd6ae
fixup
2016-05-05 10:52:58 +02:00
czaks
77176faece
enable javascript in mod panel
2016-05-05 09:56:54 +02:00
czaks
a42256b296
locale cache: fix a bug when perms are done wrong
2016-05-05 08:43:34 +02:00
czaks
36b78e5f98
fix for editor highlighting
2016-05-05 08:40:13 +02:00
czaks
dcf5d699bd
simplify the md5 execution logic
2016-05-05 08:22:19 +02:00
czaks
9768161327
simplify the code a bit
2016-05-05 07:51:55 +02:00
czaks
7c3126866c
ease the migration process for the previous security patch (by introducing another migration); restore php 5.4 compatibility (introducing a polyfill system)
2016-05-05 06:43:22 +02:00
czaks
caaf741691
[SECURITY] keep up with modern password hashing standards
2016-04-22 05:35:43 +02:00
Matthieu
d2de4419bd
Added: config option to hide email in post. (prevent emailfag but let the possibility to sage and noko)
2016-01-26 00:50:55 +01:00
czaks
6d4e756240
fix a bug for some bad database state. thanks Seisatsu for testing
2015-09-11 12:49:42 +02:00
czaks
706feeddff
fix cache_config: webms were thumbnailed twice and with the latest addition, they couldn`t resize at all
2015-08-11 04:51:27 +02:00
czaks
a54488d900
Merge branch 'master' of github.com:vichan-devel/Tinyboard
2015-08-11 03:47:54 +02:00
czaks
1136cc0e44
reflect in readme, that we support .mp4 files as well now
2015-08-11 03:47:44 +02:00
czaks
ccd00c497c
a stricter check for webm processing
2015-08-11 03:46:02 +02:00
Marcin Łabanowski
11d4cb0f4f
Merge pull request #155 from 27chan/patch-7
...
Add extension mp4
2015-08-11 03:44:51 +02:00
Marcin Łabanowski
b0eb49de82
Merge pull request #160 from 27chan/patch-10
...
Add extension mp4
2015-08-11 03:39:22 +02:00
27chan
219c1987a9
Add extension mp4
2015-08-10 22:25:09 -03:00
27chan
f1cbbbc15a
Add extension mp4
2015-08-10 22:15:21 -03:00
27chan
601c8cebc9
Add extension mp4
2015-08-10 22:13:42 -03:00
czaks
d3d167affb
SECURITY: XSS fix for youtube.js/metacafe embed
2015-07-08 16:26:58 +02:00
Anonke
3f29bdfac9
the poster IDs were showing in API despite being disabled
2015-05-30 20:46:43 +02:00
czaks
2d9214ac63
version check should point at engine.vichan.net and not tinyboard.org actually
2015-04-23 08:18:36 +02:00
czaks
4c1d2f924c
fix error while installing themes; thanks xixi
2015-04-23 07:57:52 +02:00