1
0
mirror of https://github.com/vichan-devel/vichan.git synced 2024-12-18 10:25:55 +01:00
Commit Graph

839 Commits

Author SHA1 Message Date
Mert Kasım İmran
d6d1082991 Fix for title/subtitle related issue
Subtitle was the page title and title was unused.
2020-12-02 15:56:35 -05:00
papereth
6ccaf19045
Fixed thread.html template (#380)
* Update functions.php

` $_SERVER['REMOTE_ADDR']` was hardcoded in ban lookup instead of `$ip` variable

* Fix information leak in thread.html

Sensitive information can be leaked due to inadequate/absent escaping.

Line 14 is truncating before removing tags, this can cause some tags to be cut and therefore not be removed by the `remove_` functions.
Line 22 is just leaking it all, not removing anything.

* Fixed thread template

`remove_markup` is not available on vichan, arguably it makes things better but it's out of scope for this CHANGE, removing modifiers is enough to stop the info leak
consider adding it again after pulling:
fallenPineapple@a5b3336

also moving truncation before escaping for extra safety
2020-08-15 07:19:47 -07:00
papereth
2275735fdf
Fix information leak in thread.html (#377)
Sensitive information can be leaked due to inadequate/absent escaping, if proxy_save enabled

Line 14 is truncating before removing tags, this can cause some tags to be cut and therefore not be removed by the `remove_` functions.
Line 22 is just leaking it all, not removing anything.
2020-08-10 09:50:02 -07:00
Fredrick Brennan
01538ed33a Close #366
I don't know why this works, but this extra whitespace is required on
PHP 7.4.

If you want to know why I hate PHP updates, this is why.
2020-01-21 09:46:29 +08:00
Daniel Saunders
2600298be8 Theme fixes 2020-01-20 10:37:54 +08:00
Fredrick Brennan
3a41c24e6e Fix PHP 7.3 regression in ?/users
This gets rid of the "Case-insensitive constants are deprecated" error
by passing doing |upper before passing to constant().
2019-05-02 12:19:50 +08:00
Fredrick Brennan
7514f31b36 count➜length in confeditor for PHP7.2 2018-10-12 14:47:38 +08:00
H1K1CH4N
b1842dfe10 removed NPFchan copyright 2018-09-29 04:19:36 +02:00
H1K1CH4N
6f15b56b65 made the image header a little bit better in index theme 2018-09-27 04:58:05 +02:00
H1K1CH4N
44dcbca6c9 improved index theme css 2018-09-27 03:02:21 +02:00
H1K1CH4N
b8f1c219f0 Adds a new theme called "Index"
adds an option to use textarea in theme settings.
Merged most Basic, Recent and Frameset theme functions in one.
you can add a video picture icon and quote in the homepage.
@ctrlcctrlv feel free to add suggestions and fix bladly formed code or let me know and I will try to fix.
i installed it on my demo site: https://hikichan.com/
2018-09-27 00:41:22 +02:00
Fredrick Brennan
aeb4a31194 Close #304 2018-09-18 14:08:06 +08:00
Fredrick Brennan
41cfd500de Fix dashboard Countable on non-countable error
Only affected PHP7.2, was due to a sloppy template. PHP7.2 is much more
strict than previous versions so these kinds of bugs are coming to the
fore.
2018-07-27 19:40:44 +08:00
antedeguemon
b94bf5ec19 Update license and copyright dates 2018-03-01 22:57:53 -03:00
H0K4
e8edadeda9
Update move.html 2017-11-05 18:07:52 +01:00
H0K4
896d9e2f75
Update move_reply.html 2017-11-05 18:07:22 +01:00
H0K4
714cb95194
Update move_reply.html 2017-11-05 18:04:34 +01:00
H0K4
767e8f5d6a
Prevents double submit when moving a thread.
I probably moved 1000 of threads and if you double click on the submit button it duplicates the moved thread.
2017-11-05 18:03:20 +01:00
Thalis
0b84fc26d6 fixed deleted.png image not found on the front end 2017-07-28 21:40:06 +02:00
czaks
b7875be471 search form in index: fix order 2017-07-26 23:37:05 -04:00
Daniel Saunders
7a43a3ea34 Updated reCAPTCHA v2 to use api.js method 2017-07-24 03:40:56 -04:00
Marcin Łabanowski
39715e3595 Merge pull request #224 from ghost/patch-2
Implementing Czaks captcha
2017-07-23 17:57:59 +02:00
Marcin Łabanowski
59bcf88872 Merge pull request #146 from szalwia/master
Fix thumbnail scaling in recent theme
2017-07-23 17:55:40 +02:00
Thalis
4efaf50c90 Board search content implementation
you can search boards with this mod.
2017-07-23 17:49:01 +02:00
antedeguemon
4f85b7c570 Fixed XSS in post edit page and modsearch 2017-05-21 17:08:43 -03:00
Horija
5dbfc0ab24 Update post_form.html 2017-04-24 11:44:39 +02:00
Horija
175b54b7f0 Fixed go to bottom link 2017-04-21 03:09:48 +02:00
int15h
b3071152dc new exif provider 2016-12-24 10:39:30 -02:00
Montrosos
1f4de533f0 Included header.html for better boardlist
Simply included the header.html so that the compact boardlist works with it and it's responsive now.
2016-12-12 13:52:42 +01:00
czaks
fed9065cf1 skip non-image files in recent themes; fixes vichan-devel/vichan#185 2016-06-19 02:23:24 +02:00
fatchan
4f3cc7f316 Whoops 2016-06-09 11:22:57 +02:00
fatchan
f27c26907d Remove hardcoded 8chan links in catalog RSS 2016-06-09 11:22:47 +02:00
fatchan
cdd963e79e fix flag spacing 2016-06-09 11:18:34 +02:00
czaks
36d762514c Merge branch 'master' of github.com:vichan-devel/Tinyboard 2016-06-09 04:51:17 +02:00
czaks
94c91db097 fix news deletion; thanks MrFreeman 2016-06-09 04:51:05 +02:00
fatchan
d285a79667 Move the 'Go back and rebuild again' to the top of the rebuilt page so you dont have to scroll 2016-05-31 23:28:55 +10:00
czaks
b6f0317bde advanced build (1/2): a small refactor of index generating procedure; generation strategies 2016-05-08 10:54:30 +02:00
czaks
3f405b3484 what if IP address contained bad characters? (highly local) 2016-05-06 16:53:28 +02:00
czaks
3571670b98 fix catalog link someone? 2016-05-06 16:51:34 +02:00
czaks
a5bd39dc4a mod dashboard html: link to page editor 2016-05-06 16:49:35 +02:00
Fredrick Brennan
505adffcdc Cyclical threads ♺ 2016-05-06 16:39:20 +02:00
8chan
d788131202 Allow a board called news to exist 2016-05-06 16:26:17 +02:00
Fredrick Brennan
95b1e103cb Edit static pages commit 2016-05-06 16:03:55 +02:00
8chan
7911c374e8 Public action logs commit (log.php)
Note: In a previous commit, I began making inc/mod/auth.php more modular with the check_login() function. Including it does NOT check mod login by default anymore like it does on vichan. You have to call check_login(). I've finally included it in inc/functions.php. If you have any custom pages that use inc/mod/auth.php, just including functions.php is enough now.

===================================
Also: backports 351375185e (early 404)
2016-05-06 15:44:26 +02:00
czaks
2fa37278db boardlist goes before #top 2016-05-06 15:09:25 +02:00
Forkless
d069a4c9fd Added option for hiding IDs. 2016-05-06 14:32:53 +02:00
czaks
33ef3f9b01 synchronize catalog_link 2016-05-06 14:14:22 +02:00
Bui
33ef1d2123 add active page classes to body; czaks: go to bottom @ thread: fixes 2016-05-06 14:05:16 +02:00
8n-tech
6644ff666a Also improved some CSS and HTML aspects of the thread layout.
Signed-off-by: 8n-tech <8n-tech@users.noreply.github.com>
2016-05-06 13:51:15 +02:00
8chan
6da7f4d25a No more country flags in <title> 2016-05-06 12:40:37 +02:00
8chan
ae4eb4d3d9 RSS 2016-05-06 12:40:07 +02:00
8chan
632d0a76d0 Display placeholder if no file in catalog/theme.php; czaks: fix the code a bit 2016-05-06 12:37:00 +02:00
anonfagola
cb97029d0d Update catalog.html
Changed title from being - "Catalog /board/" to "/board/ - Catalog"
2016-05-06 12:27:21 +02:00
czaks
3f29170f1b debrand 8chan; btw. the previous commit was [SECURITY] i think? 2016-05-06 12:23:18 +02:00
8chan
ce62673a2c OpenGraph information in thread pages https://en.wikipedia.org/wiki/Facebook_Platform#Open_Graph_protocol 2016-05-06 12:18:31 +02:00
8chan
aa0d3395b1 Show first 256 chars of body in <title> 2016-05-06 12:17:51 +02:00
8chan
b6f3d44080 Go to bottom link 2016-05-06 12:16:01 +02:00
czaks
293543878a backport parts of 2d6d449bd2, in particular html classes 2016-05-06 12:14:28 +02:00
Bui
6c334a3b44 lol spaces 2016-05-06 11:45:52 +02:00
Bui
d46bf4e2f2 add id to thread links 2016-05-06 11:45:37 +02:00
czaks
02c3c28a16 main.js: a bit more sane code 2016-05-05 15:37:50 +02:00
czaks
6991ca270e fix bad merge 2016-05-05 13:53:52 +02:00
Fredrick Brennan
71fde35938 Oops forgot a file 2016-05-05 13:33:14 +02:00
Fredrick Brennan
8943bb0bb3 Rewrite report system due to flooding 2016-05-05 12:57:52 +02:00
8chan
95a9b7b72b Completely rewrite fix-report-delete-submit.js, add report/delete to menu 2016-05-05 12:52:17 +02:00
8chan
dd27026618 Show stickies at top of catalog 2016-05-05 12:01:16 +02:00
8chan
e8b530a783 Shift-click to hide threads in catalog 2016-05-05 12:00:21 +02:00
8chan
4f96263e3b Upgrade jQuery mixitup, preserve settings, no animations 2016-05-05 11:59:00 +02:00
czaks
77176faece enable javascript in mod panel 2016-05-05 09:56:54 +02:00
czaks
38bf3276e4 update copyright years; remove a link to tinyboard (website is dead) 2016-05-05 09:39:23 +02:00
czaks
8dac72e924 update installer 2016-05-05 09:16:09 +02:00
27chan
199931dc1a Fix default theme and add Font Awesome Icons 2016-04-29 18:00:33 -03:00
Matthieu
028fd3df15 Added: RSS theme 2016-01-26 00:51:39 +01:00
Matthieu
d2de4419bd Added: config option to hide email in post. (prevent emailfag but let the possibility to sage and noko) 2016-01-26 00:50:55 +01:00
kellerwhy
d4dcfc6321 Make mod/recent_posts.html respect $config['dir']['res']
So certain links don't keep linking to /board/res/postnumber despite any changes to $config['dir']['res'] e.g. changing res/ to thread/
2015-08-10 23:16:23 -04:00
27chan
e6c1623a42 Add extension mp4 2015-08-10 22:09:26 -03:00
Jason Puglisi
90e4208473 Added [Return] and [Go to bottom] to thread page above posts 2015-08-08 13:45:02 -04:00
szalwia
11c7c57873 Fix thumbnail scaling in recent theme
Use decoded JSON values to set thumbnail sizes in the recent theme
2015-06-04 17:18:27 +01:00
czaks
2d9214ac63 version check should point at engine.vichan.net and not tinyboard.org actually 2015-04-23 08:18:36 +02:00
czaks
271dcb7a65 fileboard: fix possible XSS (mainly applicable to 8chan) 2015-04-23 03:45:08 +02:00
Marcin Łabanowski
4014682882 fileboard support 2015-04-22 06:06:34 +02:00
czaks
4060bf10ed update copyright years & vichan website 2015-04-12 03:18:51 +02:00
czaks
1f9e36868e ukko: small optimization: move js creation to install time 2015-04-05 16:20:59 +02:00
czaks
e273111340 sitemap theme for smart_build 2015-04-03 05:57:39 +02:00
czaks
61d2729a40 themes can use smart_build now 2015-04-02 20:54:28 +02:00
czaks
e9e5ceaf90 main.js vs new file uploader 2015-04-01 19:37:06 +02:00
czaks
960053af75 catalog: fix for embed youtube on https 2015-03-31 07:48:03 +02:00
czaks
745bdc2b6c password is text nao, fuck you chrome 2015-03-31 07:01:51 +02:00
czaks
765dea599b trivial fixes to file-selector.js 2015-03-31 06:50:05 +02:00
8chan
f26256f55a Make file selector work, add to config
Conflicts:
	inc/instance-config.php
	templates/post_form.html
2015-03-31 05:59:54 +02:00
marktaiwan
6e84a25f9a Adds keyboard focus to file selector 2015-03-31 05:57:45 +02:00
marktaiwan
0005f11098 initialize file selector soon as it's loaded
Conflicts:
	templates/post_form.html
2015-03-31 05:57:22 +02:00
marktaiwan
3bd7f94861 Fallback for browsers that disables javascript
Conflicts:
	stylesheets/style.css
	templates/post_form.html
2015-03-31 05:54:07 +02:00
Marcin Łabanowski
8eb3d709f7 Merge pull request #129 from JasonPuglisi/active-content-fix
Fixed and re-enabled active content stat for recent theme
2015-03-28 05:22:02 +01:00
czaks
11c020be9b Merge branch 'master' of github.com:vichan-devel/Tinyboard
Conflicts:
	templates/post/image_identification.html
2015-03-23 00:35:48 +01:00
czaks
81afc17b67 image identification: url encode 2015-03-23 00:35:13 +01:00
Jason Puglisi
034b288a13 Fixed to work with multiple images 2015-03-20 09:47:40 -04:00
Jason Puglisi
1283e51ca5 Fixed and re-enabled active content stat for recent theme 2015-03-19 21:49:57 -04:00
Jason Puglisi
d6e91ec62f Added space after Google image search link 2015-03-19 19:35:28 -04:00
czaks
4aa1d387f8 ... 2015-03-10 13:34:02 +01:00