czaks
736e982945
[SECURITY] Lessen security impact
...
post.php: misc fixes
2017-05-17 14:05:01 -04:00
Horija
dc7a507526
Update post.php
2017-04-24 12:21:33 +02:00
czaks
d85cb47647
report event
2017-03-11 08:34:58 -05:00
vholmes
387ebe9c0c
Prevents reports with too many characters
2017-02-15 23:07:50 -02:00
czaks
a5e7b3da6f
nntpchan: work around php nonsense
2016-08-19 23:15:42 +02:00
czaks
a779b96370
second iteration of nntpchan implementation
2016-08-15 00:56:06 +02:00
czaks
1c24c69999
Merge branch 'master' of github.com:vichan-devel/Tinyboard
2016-08-14 16:24:25 +02:00
czaks
5e335a8564
preliminary inbound nntpchan support
2016-08-14 16:24:17 +02:00
ptchan-foss
8548a4ff70
Fixed report syslog message
2016-08-12 18:18:54 +01:00
nekomiko482
a55760299c
Fixes incompatibility with BSD's md5 output format.
...
fixes #190
2016-07-07 12:53:40 +03:00
czaks
11cecf8452
Revert "[BUG] Image reject repost board option now also affects YT embeds"
...
This reverts commit b476b66007
.
2016-06-21 05:03:44 +02:00
czaks
e230f1472c
don`t ocr non-images
2016-06-10 12:41:53 +02:00
czaks
8a46c7a0d5
tesseract OCR support for spamfilters
2016-06-09 11:09:10 +02:00
czaks
644f227ab3
fix "Undefined variable: pid"; thanks fpdl and MrFreeman
2016-05-08 03:09:20 +02:00
Fredrick Brennan
505adffcdc
Cyclical threads ♺
2016-05-06 16:39:20 +02:00
8chan
7911c374e8
Public action logs commit (log.php)
...
Note: In a previous commit, I began making inc/mod/auth.php more modular with the check_login() function. Including it does NOT check mod login by default anymore like it does on vichan. You have to call check_login(). I've finally included it in inc/functions.php. If you have any custom pages that use inc/mod/auth.php, just including functions.php is enough now.
===================================
Also: backports 351375185e
(early 404)
2016-05-06 15:44:26 +02:00
Fredrick Brennan
b476b66007
[BUG] Image reject repost board option now also affects YT embeds
2016-05-06 15:12:08 +02:00
Fredrick Brennan
8943bb0bb3
Rewrite report system due to flooding
2016-05-05 12:57:52 +02:00
8chan
3eb755ee7e
Move login check in inc/mod/auth.php to a function
...
This allows pages like create.php to not include inc/mod/pages.php while still being able to use the mod auth functions (like generating salts and passwords)
2016-05-05 11:40:52 +02:00
czaks
d310abc95c
Merge branch 'master' of github.com:vichan-devel/vichan
2016-05-05 10:54:09 +02:00
czaks
186ad5ca86
bsd fixup
2016-05-05 10:53:44 +02:00
czaks
19b70663d7
remove magic_quotes check; it`s 2016 after all
2016-05-05 10:29:13 +02:00
czaks
4c827cf105
fix some nonsense
2016-05-05 10:22:34 +02:00
czaks
c4b98e94ce
[SECURITY] harden for imagetragick (we aren`t hit by the bug, but we were passing uncommon filetypes, like JPEG2000, directly to imagemagick)
2016-05-05 10:17:14 +02:00
czaks
dcf5d699bd
simplify the md5 execution logic
2016-05-05 08:22:19 +02:00
czaks
b5370fd3e5
fileboard: op tag fix
2015-04-23 02:41:17 +02:00
Marcin Łabanowski
4014682882
fileboard support
2015-04-22 06:06:34 +02:00
czaks
34eeaccea9
optimization: we don`t need bans.php most of the time and bans.php has big dependencies
2015-04-05 16:31:20 +02:00
czaks
6cbd51b83c
for fastcgi users: rearrange post.php, sort of, so that posts are created faster, and we can leave php to generate themes in the background
...
same for post deletion
2015-03-31 09:21:16 +02:00
czaks
10f93d0d43
implement a protection against transparent proxies
2015-03-24 05:19:25 +01:00
czaks
e999955d08
...
2015-03-10 13:28:55 +01:00
czaks
bdb6001f3f
support for slugified links; may introduce a few bugs
2015-03-10 12:48:59 +01:00
Jason Puglisi
6d28f9c98e
Fixed error that would prevent posting without ['mod']
2015-02-26 22:51:45 -05:00
Wesley
2d396c4eb8
Add E Z board locking feature
2015-02-15 21:16:36 -05:00
czaks
f4422e597b
fix a related bug
2014-10-24 13:43:15 +02:00
czaks
daad519b85
config[php_md5] feature
2014-10-24 13:24:33 +02:00
Bui
cb9b4db73d
do security checks *after* checking captcha
2014-10-07 00:15:45 +02:00
Fredrick Brennan
23c73ca839
Allow the user to decide whether or not he wants to display his country
2014-09-20 16:35:28 +00:00
Ian Bradley
c1ecef3772
Added support for BSD md5 incase md5sum isn't available.
2014-09-15 16:33:37 -07:00
czaks
9b943da60a
Revert "Rework the GeoIP code, add country-based poster names"
...
This reverts commit db3c7f4ee9
.
2014-07-06 02:13:08 +02:00
Jano Slota
a1d2d2388a
Fix the bug that allowed to post an empty reply
2014-07-06 01:29:30 +02:00
Jano Slota
db3c7f4ee9
Rework the GeoIP code, add country-based poster names
2014-07-06 01:29:12 +02:00
8chan
eea984859b
Better remote errors
2014-05-27 23:50:11 +00:00
Fredrick Brennan
c1bc5778dd
Derp, filesize was always being based on first file
2014-05-17 15:47:15 -04:00
Reid 'Crafted'
78ffd76fcf
Make post.php compatable with PHP 5.3x
...
Compatible with earlier versions of PHP. This should work on 5.4 too, but I haven't tested it.
2014-05-13 21:23:06 +01:00
czaks
19ce50c545
Merge ../pl
...
Conflicts:
post.php
2014-05-10 21:58:23 +02:00
Jano Slota
c2c7859a9e
Fixed a little exiftool bug
...
Conflicts:
post.php
2014-05-10 21:50:01 +02:00
czaks
cd15458a32
Merge remote-tracking branch 'origin/4.5'
2014-05-06 21:53:38 +02:00
czaks
f7278e5a61
user moderation support
2014-05-06 21:53:05 +02:00
Fredrick Brennan
d31a353962
Allow post deletion switch
2014-05-05 18:03:51 -04:00
czaks
0a53fdb3a2
remove quick-reply harder
2014-04-30 22:46:20 +02:00
czaks
46802d3f1b
fix post event
2014-04-29 21:18:17 +02:00
czaks
d57dcc5e6e
fix remote upload
2014-04-29 20:50:28 +02:00
czaks
b94e39148b
remove quick-reply-old. it probably doesn't work now, it certainly isn't
...
maintained. this is an old cruft and if needed, it needs rewriting.
2014-04-29 18:37:29 +02:00
copypaste
c483e1258c
multiimage posting
2014-04-27 15:48:47 +02:00
kaf
f83c87b623
Added: /pol/-like flags based on a953229de7
...
Conflicts:
inc/config.php
templates/post_form.html
2014-04-19 18:48:17 +02:00
czaks
1fb362a7c0
fix previous commit
2014-04-18 14:33:50 +02:00
czaks
8e9db69375
post.php: load config earlier
2014-04-18 14:32:05 +02:00
czaks
e08bc5d54d
Merge branch 'master' of https://github.com/savetheinternet/Tinyboard
2014-04-12 20:52:42 +02:00
Michael Reiley
677e428a4d
Update copyright years.
2014-04-12 11:12:42 -07:00
czaks
bcb47a1d33
geoip: compatibility fix; this allows to have both versions of geoip loaded
2014-02-19 00:01:40 +01:00
Jano Slota
9dad842c24
Moved the external geoip files to inc/lib/geoip and made the geoip code a bit prettier
2014-02-18 23:50:01 +01:00
Jano Slota
ada45312a4
Use the added GeoIPv6 instead of the PHP plugin. Quite messy.
2014-02-18 23:49:07 +01:00
undido
bfc966e312
Security exploit patched information leak
2014-02-07 04:32:27 -04:00
czaks
d4698a82d1
SECURITY: post data were sent to file post.txt
2014-02-02 17:42:39 +01:00
czaks
8bd99be6f1
fix error on repost blockade: the expression had a bug
2014-01-19 14:42:03 -05:00
czaks
118cd77a4d
fix error on repost blockade: the expression had a bug
2013-12-23 19:01:08 +01:00
czaks
533443ac79
post.php: fix spaces
2013-12-23 18:42:01 +01:00
root
82972927d5
added: nonoko
2013-12-23 17:41:33 +01:00
czaks
f5657caf24
Merge branch 'master' of https://github.com/savetheinternet/Tinyboard into vichan-devel-4.5
...
Conflicts:
inc/config.php
install.php
post.php
stylesheets/style.css
2013-11-11 21:54:35 +01:00
Michael Foster
00f4da3b82
$config['referer_match'] = false to disable
2013-09-23 15:52:59 +10:00
Michael Foster
a9b7f9b1bc
begin implementation of in-built ban appealing
2013-09-21 12:51:23 +10:00
czaks
99a2e1cf3d
Merge branch 'master' of https://github.com/savetheinternet/Tinyboard into vichan-devel-4.5
...
Conflicts:
js/quick-reply.js
2013-09-18 09:00:22 -04:00
Michael Foster
d13f30b39f
js/settings.js: Simple config stuff for javascript extensions
2013-09-18 14:40:39 +10:00
czaks
6cb7eb939e
Merge branch 'master' of https://github.com/savetheinternet/Tinyboard into vichan-devel-4.5
...
Conflicts:
inc/config.php
inc/display.php
inc/mod/pages.php
install.php
js/quick-reply.js
post.php
templates/index.html
2013-09-17 10:43:44 -04:00
Michael Foster
4b45ccc4ee
ajax-post-controls.js
2013-09-16 04:42:13 +10:00
Michael Foster
30fb025eef
;
2013-09-15 20:15:17 +10:00
Michael Foster
00833eeafd
js/ajax.js: post with ajax
2013-09-15 14:03:27 +10:00
Michael Foster
4cd2389655
lol
2013-09-15 05:48:37 +10:00
Michael Foster
32c999346f
Remove $config['url_regex'];
2013-09-15 05:46:08 +10:00
Michael Foster
f309e4037c
Better and faster basic flood prevention, while merging it into $config['filters'].
2013-09-06 23:09:18 +10:00
czaks
069f1def9b
Merge branch 'master' of https://github.com/savetheinternet/Tinyboard
...
Conflicts:
install.php
2013-09-01 11:25:19 -04:00
Michael Foster
b51fc38783
Some SQL and indexes improvements
2013-09-01 02:04:42 +10:00
Michael Foster
8d14ef6bf7
lol
2013-08-31 13:33:26 +10:00
czaks
8de81d176c
Merge branch 'master' of https://github.com/savetheinternet/Tinyboard
...
Conflicts:
inc/config.php
2013-08-29 07:33:19 -04:00
Michael Foster
a8e3754375
Minor $config['try_smarter'] work
2013-08-29 18:55:25 +10:00
Michael Foster
d7fc5adc22
Performance: Use only one INSERT INTO (with multiple rows) for tracked cites
2013-08-29 12:38:37 +10:00
czaks
8503e65858
Merge branch 'master' of https://github.com/savetheinternet/Tinyboard
...
Conflicts:
inc/config.php
inc/functions.php
install.php
stylesheets/dark_roach.css
2013-08-28 12:41:36 -04:00
Michael Foster
5003a692b4
exiftool: Use -overwrite_original. Important bugfix; old images were never being deleted when using exiftool (instead kept as *_original in /tmp)
2013-08-27 08:55:03 +10:00
Michael Foster
319cd2520f
Upload by URL: still use fatal_error_handler() on shutdown
2013-08-27 08:13:23 +10:00
Dan Saunders
09388f6588
Added a post-delete action for themes
...
This would be really useful for themes that focus on posts
2013-08-26 13:35:51 +10:00
Michael Foster
cdeccbb9ba
Uploading files via URL: fix for URL parameters (eg. image.png?id=343543)
2013-08-26 12:13:40 +10:00
czaks
de035f4a7e
Merge branch 'master' of https://github.com/savetheinternet/Tinyboard
...
Conflicts:
stylesheets/dark_roach.css
stylesheets/style.css
2013-08-20 18:22:37 -04:00
Michael Foster
e45ffb8592
custom timeouet for curl'ing upload urls
2013-08-19 18:54:10 +10:00
czaks
da1b7d087e
Merge branch 'master' of https://github.com/savetheinternet/Tinyboard
...
Conflicts:
install.php
2013-08-18 13:16:31 -04:00
Michael Foster
740b710dd4
chmod(): images don't need +x lol
2013-08-19 01:54:14 +10:00
Michael Foster
154fbf5070
Huge bug: undoImage() was not working at all. This means lots of Tinyboard users probably have lone/permanent images. Working on Tinyboard-Tools script to remove all images/thumbs that don't belong.
2013-08-19 01:07:04 +10:00
Michael Foster
80804b9df6
Bugfix: $config['file_thumb'] being used incorrectly
2013-08-18 20:53:01 +10:00
czaks
bf119b7abd
Merge branch 'master' of https://github.com/savetheinternet/Tinyboard
...
Conflicts:
js/post-hover.js
2013-08-17 16:21:40 -04:00
Michael Foster
3a27060503
GeoIP: Ignore country codes that aren't country codes: ap (Asia/Pacific), EU, etc.
2013-08-18 01:06:13 +10:00