8chan
3eb755ee7e
Move login check in inc/mod/auth.php to a function
...
This allows pages like create.php to not include inc/mod/pages.php while still being able to use the mod auth functions (like generating salts and passwords)
2016-05-05 11:40:52 +02:00
czaks
d310abc95c
Merge branch 'master' of github.com:vichan-devel/vichan
2016-05-05 10:54:09 +02:00
czaks
186ad5ca86
bsd fixup
2016-05-05 10:53:44 +02:00
czaks
19b70663d7
remove magic_quotes check; it`s 2016 after all
2016-05-05 10:29:13 +02:00
czaks
4c827cf105
fix some nonsense
2016-05-05 10:22:34 +02:00
czaks
c4b98e94ce
[SECURITY] harden for imagetragick (we aren`t hit by the bug, but we were passing uncommon filetypes, like JPEG2000, directly to imagemagick)
2016-05-05 10:17:14 +02:00
czaks
dcf5d699bd
simplify the md5 execution logic
2016-05-05 08:22:19 +02:00
czaks
b5370fd3e5
fileboard: op tag fix
2015-04-23 02:41:17 +02:00
Marcin Łabanowski
4014682882
fileboard support
2015-04-22 06:06:34 +02:00
czaks
34eeaccea9
optimization: we don`t need bans.php most of the time and bans.php has big dependencies
2015-04-05 16:31:20 +02:00
czaks
6cbd51b83c
for fastcgi users: rearrange post.php, sort of, so that posts are created faster, and we can leave php to generate themes in the background
...
same for post deletion
2015-03-31 09:21:16 +02:00
czaks
10f93d0d43
implement a protection against transparent proxies
2015-03-24 05:19:25 +01:00
czaks
e999955d08
...
2015-03-10 13:28:55 +01:00
czaks
bdb6001f3f
support for slugified links; may introduce a few bugs
2015-03-10 12:48:59 +01:00
Jason Puglisi
6d28f9c98e
Fixed error that would prevent posting without ['mod']
2015-02-26 22:51:45 -05:00
Wesley
2d396c4eb8
Add E Z board locking feature
2015-02-15 21:16:36 -05:00
czaks
f4422e597b
fix a related bug
2014-10-24 13:43:15 +02:00
czaks
daad519b85
config[php_md5] feature
2014-10-24 13:24:33 +02:00
Bui
cb9b4db73d
do security checks *after* checking captcha
2014-10-07 00:15:45 +02:00
Fredrick Brennan
23c73ca839
Allow the user to decide whether or not he wants to display his country
2014-09-20 16:35:28 +00:00
Ian Bradley
c1ecef3772
Added support for BSD md5 incase md5sum isn't available.
2014-09-15 16:33:37 -07:00
czaks
9b943da60a
Revert "Rework the GeoIP code, add country-based poster names"
...
This reverts commit db3c7f4ee9
.
2014-07-06 02:13:08 +02:00
Jano Slota
a1d2d2388a
Fix the bug that allowed to post an empty reply
2014-07-06 01:29:30 +02:00
Jano Slota
db3c7f4ee9
Rework the GeoIP code, add country-based poster names
2014-07-06 01:29:12 +02:00
8chan
eea984859b
Better remote errors
2014-05-27 23:50:11 +00:00
Fredrick Brennan
c1bc5778dd
Derp, filesize was always being based on first file
2014-05-17 15:47:15 -04:00
Reid 'Crafted'
78ffd76fcf
Make post.php compatable with PHP 5.3x
...
Compatible with earlier versions of PHP. This should work on 5.4 too, but I haven't tested it.
2014-05-13 21:23:06 +01:00
czaks
19ce50c545
Merge ../pl
...
Conflicts:
post.php
2014-05-10 21:58:23 +02:00
Jano Slota
c2c7859a9e
Fixed a little exiftool bug
...
Conflicts:
post.php
2014-05-10 21:50:01 +02:00
czaks
cd15458a32
Merge remote-tracking branch 'origin/4.5'
2014-05-06 21:53:38 +02:00
czaks
f7278e5a61
user moderation support
2014-05-06 21:53:05 +02:00
Fredrick Brennan
d31a353962
Allow post deletion switch
2014-05-05 18:03:51 -04:00
czaks
0a53fdb3a2
remove quick-reply harder
2014-04-30 22:46:20 +02:00
czaks
46802d3f1b
fix post event
2014-04-29 21:18:17 +02:00
czaks
d57dcc5e6e
fix remote upload
2014-04-29 20:50:28 +02:00
czaks
b94e39148b
remove quick-reply-old. it probably doesn't work now, it certainly isn't
...
maintained. this is an old cruft and if needed, it needs rewriting.
2014-04-29 18:37:29 +02:00
copypaste
c483e1258c
multiimage posting
2014-04-27 15:48:47 +02:00
kaf
f83c87b623
Added: /pol/-like flags based on a953229de7
...
Conflicts:
inc/config.php
templates/post_form.html
2014-04-19 18:48:17 +02:00
czaks
1fb362a7c0
fix previous commit
2014-04-18 14:33:50 +02:00
czaks
8e9db69375
post.php: load config earlier
2014-04-18 14:32:05 +02:00
czaks
e08bc5d54d
Merge branch 'master' of https://github.com/savetheinternet/Tinyboard
2014-04-12 20:52:42 +02:00
Michael Reiley
677e428a4d
Update copyright years.
2014-04-12 11:12:42 -07:00
czaks
bcb47a1d33
geoip: compatibility fix; this allows to have both versions of geoip loaded
2014-02-19 00:01:40 +01:00
Jano Slota
9dad842c24
Moved the external geoip files to inc/lib/geoip and made the geoip code a bit prettier
2014-02-18 23:50:01 +01:00
Jano Slota
ada45312a4
Use the added GeoIPv6 instead of the PHP plugin. Quite messy.
2014-02-18 23:49:07 +01:00
undido
bfc966e312
Security exploit patched information leak
2014-02-07 04:32:27 -04:00
czaks
d4698a82d1
SECURITY: post data were sent to file post.txt
2014-02-02 17:42:39 +01:00
czaks
8bd99be6f1
fix error on repost blockade: the expression had a bug
2014-01-19 14:42:03 -05:00
czaks
118cd77a4d
fix error on repost blockade: the expression had a bug
2013-12-23 19:01:08 +01:00
czaks
533443ac79
post.php: fix spaces
2013-12-23 18:42:01 +01:00
root
82972927d5
added: nonoko
2013-12-23 17:41:33 +01:00
czaks
f5657caf24
Merge branch 'master' of https://github.com/savetheinternet/Tinyboard into vichan-devel-4.5
...
Conflicts:
inc/config.php
install.php
post.php
stylesheets/style.css
2013-11-11 21:54:35 +01:00
Michael Foster
00f4da3b82
$config['referer_match'] = false to disable
2013-09-23 15:52:59 +10:00
Michael Foster
a9b7f9b1bc
begin implementation of in-built ban appealing
2013-09-21 12:51:23 +10:00
czaks
99a2e1cf3d
Merge branch 'master' of https://github.com/savetheinternet/Tinyboard into vichan-devel-4.5
...
Conflicts:
js/quick-reply.js
2013-09-18 09:00:22 -04:00
Michael Foster
d13f30b39f
js/settings.js: Simple config stuff for javascript extensions
2013-09-18 14:40:39 +10:00
czaks
6cb7eb939e
Merge branch 'master' of https://github.com/savetheinternet/Tinyboard into vichan-devel-4.5
...
Conflicts:
inc/config.php
inc/display.php
inc/mod/pages.php
install.php
js/quick-reply.js
post.php
templates/index.html
2013-09-17 10:43:44 -04:00
Michael Foster
4b45ccc4ee
ajax-post-controls.js
2013-09-16 04:42:13 +10:00
Michael Foster
30fb025eef
;
2013-09-15 20:15:17 +10:00
Michael Foster
00833eeafd
js/ajax.js: post with ajax
2013-09-15 14:03:27 +10:00
Michael Foster
4cd2389655
lol
2013-09-15 05:48:37 +10:00
Michael Foster
32c999346f
Remove $config['url_regex'];
2013-09-15 05:46:08 +10:00
Michael Foster
f309e4037c
Better and faster basic flood prevention, while merging it into $config['filters'].
2013-09-06 23:09:18 +10:00
czaks
069f1def9b
Merge branch 'master' of https://github.com/savetheinternet/Tinyboard
...
Conflicts:
install.php
2013-09-01 11:25:19 -04:00
Michael Foster
b51fc38783
Some SQL and indexes improvements
2013-09-01 02:04:42 +10:00
Michael Foster
8d14ef6bf7
lol
2013-08-31 13:33:26 +10:00
czaks
8de81d176c
Merge branch 'master' of https://github.com/savetheinternet/Tinyboard
...
Conflicts:
inc/config.php
2013-08-29 07:33:19 -04:00
Michael Foster
a8e3754375
Minor $config['try_smarter'] work
2013-08-29 18:55:25 +10:00
Michael Foster
d7fc5adc22
Performance: Use only one INSERT INTO (with multiple rows) for tracked cites
2013-08-29 12:38:37 +10:00
czaks
8503e65858
Merge branch 'master' of https://github.com/savetheinternet/Tinyboard
...
Conflicts:
inc/config.php
inc/functions.php
install.php
stylesheets/dark_roach.css
2013-08-28 12:41:36 -04:00
Michael Foster
5003a692b4
exiftool: Use -overwrite_original. Important bugfix; old images were never being deleted when using exiftool (instead kept as *_original in /tmp)
2013-08-27 08:55:03 +10:00
Michael Foster
319cd2520f
Upload by URL: still use fatal_error_handler() on shutdown
2013-08-27 08:13:23 +10:00
Dan Saunders
09388f6588
Added a post-delete action for themes
...
This would be really useful for themes that focus on posts
2013-08-26 13:35:51 +10:00
Michael Foster
cdeccbb9ba
Uploading files via URL: fix for URL parameters (eg. image.png?id=343543)
2013-08-26 12:13:40 +10:00
czaks
de035f4a7e
Merge branch 'master' of https://github.com/savetheinternet/Tinyboard
...
Conflicts:
stylesheets/dark_roach.css
stylesheets/style.css
2013-08-20 18:22:37 -04:00
Michael Foster
e45ffb8592
custom timeouet for curl'ing upload urls
2013-08-19 18:54:10 +10:00
czaks
da1b7d087e
Merge branch 'master' of https://github.com/savetheinternet/Tinyboard
...
Conflicts:
install.php
2013-08-18 13:16:31 -04:00
Michael Foster
740b710dd4
chmod(): images don't need +x lol
2013-08-19 01:54:14 +10:00
Michael Foster
154fbf5070
Huge bug: undoImage() was not working at all. This means lots of Tinyboard users probably have lone/permanent images. Working on Tinyboard-Tools script to remove all images/thumbs that don't belong.
2013-08-19 01:07:04 +10:00
Michael Foster
80804b9df6
Bugfix: $config['file_thumb'] being used incorrectly
2013-08-18 20:53:01 +10:00
czaks
bf119b7abd
Merge branch 'master' of https://github.com/savetheinternet/Tinyboard
...
Conflicts:
js/post-hover.js
2013-08-17 16:21:40 -04:00
Michael Foster
3a27060503
GeoIP: Ignore country codes that aren't country codes: ap (Asia/Pacific), EU, etc.
2013-08-18 01:06:13 +10:00
czaks
ca565d07c2
Merge branch 'master' of https://github.com/savetheinternet/Tinyboard
...
Conflicts:
inc/display.php
2013-08-16 16:06:54 -04:00
Michael Foster
0d45fbc799
Add \n before post modifiers. Add flag alt for country flags.
2013-08-17 03:39:58 +10:00
czaks
146243c473
Merge branch 'master' of https://github.com/savetheinternet/Tinyboard
...
Conflicts:
inc/config.php
inc/display.php
inc/functions.php
2013-08-16 10:07:24 -04:00
Michael Foster
a9fe4ea2db
Change flag_country to just flag
2013-08-16 22:12:25 +10:00
Michael Foster
4876a27232
Much better post modifiers: raw HTML, ban messages, etc.
2013-08-16 21:25:56 +10:00
Michael Foster
b666886416
A few modifications:
...
1. Finally, clean up some of the crappy code in inc/display.php; no more extreme clutter. new Thread() and new Post() take an array as the first parameter now.
2. Poster country flags. Currently requires the "geoip" extension.
3. Give post images a classname. This was also long-overdue.
2013-08-16 21:08:01 +10:00
czaks
4f855cf3b3
Merge branch 'master' of https://github.com/savetheinternet/Tinyboard
...
Conflicts:
inc/config.php
inc/display.php
inc/functions.php
2013-08-13 14:46:16 -04:00
Michael Foster
60b3cfc539
Upload via URL: Make sure we're not vulnerable to this buffer overflow exploit. http://www.exploit-db.com/exploits/24487/
2013-08-13 00:07:23 +10:00
Michael Foster
6fdbe76f7b
bugfix: sometimes this acts weird
2013-08-12 23:35:27 +10:00
Michael Foster
6a1e8e834b
Fix last commit: add chmod() to fix some permissions derping
2013-08-12 23:06:58 +10:00
Michael Foster
0de0bc6ceb
Optional: Allow uploading by URL
2013-08-12 22:51:46 +10:00
czaks
8534e2cc80
Merge branch 'noko50-new-dev11' of http://github.com/fallenPineapple/Tinyboard
...
Conflicts:
inc/functions.php
2013-08-11 17:49:29 -04:00
czaks
fa9bf536c3
Merge branch 'master' of https://github.com/savetheinternet/Tinyboard
...
Conflicts:
inc/config.php
inc/display.php
inc/mod/pages.php
js/catalog-link.js
post.php
templates/banned.html
2013-08-11 09:50:33 -04:00
Michael Foster
5836cd23d2
Critical bug: users could not report OP posts, only replies (thanks to ctrlcctrlv for finding this)
2013-08-11 21:22:25 +10:00
fallenPineapple
a4e97c32ec
noko50 reply fix
2013-08-11 06:29:30 -04:00
fallenPineapple
12ee85beaf
Adds "noko50" (View Last 50 Posts) pages. (Broken Reply)
2013-08-10 17:16:30 -04:00
ctrlcctrlv
52df2bd5fd
Critical bug: users could not report OP posts, only replies
2013-08-09 17:53:23 +00:00
czaks
06d2dafa2a
Merge branch 'master' of https://github.com/savetheinternet/Tinyboard
2013-08-04 23:31:53 -04:00