perdedora
b02a1fc0db
feat: edit pre-existing bans ( #528 )
...
* feat: edit pre-existing bans
* change default permission
* theres no need for elseif here. related: d34f083a6b
* quote href param
* changes made
2023-01-12 20:38:23 -05:00
Fredrick Brennan
70222e8c2d
Revert "When moving Reply from Thread to Thread: Remove re-direct to error page "Thread does not exist""
2022-12-14 03:18:00 -05:00
smolten
812a111107
When moving a post, add condition (post is Thread) before trying to make Thread for post. Removes "Thread Does not exist" page that showed up even when a post was successfully moved between threads.
2022-12-13 00:56:23 -07:00
Fred Brennan
191dbd3be0
[SECURITY] [REGRESSION] Fix config editor UI
...
Closes #516 .
Co-Authored-By: Scotty Molt <smolt@asu.edu>
2022-12-10 10:27:59 -05:00
C Hatfield
ae2d91c534
Moved hardcoded html filepaths into config file for extensibility ( #354 )
...
Co-authored-by: chatfield <chatfield@creatuity.com>
Co-authored-by: Fred Brennan <copypaste@kittens.ph>
2022-08-29 10:50:45 -04:00
sshscp15
4db4ab9cf0
simple catalog support for moderators
2022-08-20 12:25:10 -04:00
bebyx
c128a37160
Fix editing global pages for 7.4 ( #487 )
2022-08-20 12:17:04 -04:00
Junicchi
23ebde7883
fix Undefined index ip problem, fixes #434
2022-08-20 12:13:02 -04:00
jove
847c5d130c
Fixes an error reporting typo.
2022-01-18 07:17:34 -01:00
h00j
4ef7feabf2
add telegrams
2021-03-12 21:51:42 +01:00
h00j
bce71c1f98
ip cloaking
2021-02-13 14:11:41 +01:00
rarjpg
0a3bca7dd8
Various fixes
2019-11-29 13:54:08 +08:00
Daniel Saunders
e15e966cdb
Fix a bug related to deleting boards (see https://github.com/vichan-devel/vichan/issues/331 )
2019-09-22 16:57:12 +08:00
Fredrick Brennan
ac971f36d5
Fix capcodes in PHP7.2. Close #299
2018-07-27 20:08:03 +08:00
Fredrick Brennan
09b373cf60
Merge pull request #245 from ghost/patch-2
...
Bug fixing inc.
2017-10-26 13:35:26 +08:00
RalphORama
c8765dede4
Update PHP version check
...
Removed trailing zero
2017-10-24 17:36:14 -04:00
RalphORama
2097562596
PHP version check for mcrypt_create_iv
...
Use `mcrypt_create_iv()` if PHP version is less than 7.1.0, otherwise use `random_bytes()` (introduced in PHP 7.1 to replace `mcrypt_create_iv()`)
2017-10-24 16:27:00 -04:00
RalphORama
67b1565ef8
Replace mcrypt_create_iv with random_bytes
...
`mcrypt_create_iv()` was deprecated in PHP 7.1.0.
2017-10-24 16:16:25 -04:00
antedeguemon
4d1dc45a7c
Bugfix: allow mods to edit poster name at edit post page
2017-07-29 20:23:18 -03:00
Thalis
7529c83a00
added fix from @Circlepuller to mod_move_reply also
...
thx @Cirlepuller
2017-07-28 22:51:59 +02:00
Thalis
0846d0c784
might fix moving replies with deleted image
...
brace yourself for other conflicts lol
2017-07-28 22:41:20 +02:00
Thalis
7883998a78
should fix moving a spoilered thread (OP) image
2017-07-28 21:01:12 +02:00
Daniel Saunders
d8e12a15b7
Dirty quick fix to allow moderation to move threads with deleted files
2017-07-24 15:00:33 -04:00
KekuKin
57732bdff5
Fixed uninstall error for themes.
...
Was receiving uninstall errors: undefined index: theme
2017-03-30 00:58:11 +02:00
Michael D. Reiley
8951cb74c8
Rebuild index when mod deletes a thread.
...
The index does not properly rebuild when a mod deletes a thread, resulting in a ghost thread remaining in the index until the next rebuild. This fix was originally contributed to Uboachan's codebase by Mannosuke.
2016-09-22 23:03:11 -07:00
Fredrick Brennan
505adffcdc
Cyclical threads ♺
2016-05-06 16:39:20 +02:00
8chan
d788131202
Allow a board called news to exist
2016-05-06 16:26:17 +02:00
Fredrick Brennan
95b1e103cb
Edit static pages commit
2016-05-06 16:03:55 +02:00
8chan
7911c374e8
Public action logs commit (log.php)
...
Note: In a previous commit, I began making inc/mod/auth.php more modular with the check_login() function. Including it does NOT check mod login by default anymore like it does on vichan. You have to call check_login(). I've finally included it in inc/functions.php. If you have any custom pages that use inc/mod/auth.php, just including functions.php is enough now.
===================================
Also: backports 351375185e
(early 404)
2016-05-06 15:44:26 +02:00
8chan
7a7574bdca
SECURITY / XSS : ?/edit allowed arbitrary HTML to be added by any user thru addition of <tinyboard raw html>1</tinyboard>
...
This allowed ANY user with ?/edit privilege to also have raw_html regardless of whether they had $config['mod']['rawhtml']
Now, any changes to <tinyboard> markup modifiers via ?/edit are not allowed. They are removed at read time, and before write they are removed again and the ones in the database (which should be clean...) are inserted instead.
Please immediately apply this patch to your instance if you are running any version of 8chan/infinity.
2016-05-06 12:43:25 +02:00
czaks
cd01191072
those parts are extraneous
2016-05-05 11:45:29 +02:00
8chan
3eb755ee7e
Move login check in inc/mod/auth.php to a function
...
This allows pages like create.php to not include inc/mod/pages.php while still being able to use the mod auth functions (like generating salts and passwords)
2016-05-05 11:40:52 +02:00
8chan Admin
93f748e6a8
Security: capitalization of mods username is significant
2016-05-05 11:39:12 +02:00
czaks
77176faece
enable javascript in mod panel
2016-05-05 09:56:54 +02:00
czaks
7c3126866c
ease the migration process for the previous security patch (by introducing another migration); restore php 5.4 compatibility (introducing a polyfill system)
2016-05-05 06:43:22 +02:00
czaks
caaf741691
[SECURITY] keep up with modern password hashing standards
2016-04-22 05:35:43 +02:00
czaks
2d9214ac63
version check should point at engine.vichan.net and not tinyboard.org actually
2015-04-23 08:18:36 +02:00
czaks
4c1d2f924c
fix error while installing themes; thanks xixi
2015-04-23 07:57:52 +02:00
czaks
b78b3db010
uncache themes on settings change
2015-04-05 16:59:04 +02:00
czaks
2f7aeec531
...
2015-03-10 13:48:33 +01:00
czaks
58b60f0aa4
...
2015-03-10 13:46:34 +01:00
czaks
bdb6001f3f
support for slugified links; may introduce a few bugs
2015-03-10 12:48:59 +01:00
czaks
9b3fa77719
new banlist implementation; also includes a public banlist
2014-10-08 23:23:59 +02:00
8chan
c4dc3f4d47
Fix spoiler image not working
2014-10-07 04:33:57 +02:00
kaf
fe60590d19
Check spoiler_image size before ussuming it is 128×128px
2014-10-05 15:26:28 +00:00
Juan Tamad
53ada6a5ff
added option for showing the mod in ban page.
...
also fixes issue where the Staff is not shown in ban appeals.
2014-09-01 06:30:33 +08:00
8chan
ef7556194c
Fix 55ch cancer; can now see next page of posts, ?/recent uses templating system
2014-07-19 18:42:52 +00:00
czaks
f97d2dff85
fix previous commit
2014-07-08 09:44:30 +02:00
czaks
9526f5ed1c
fix #72
2014-07-08 09:43:04 +02:00
czaks
2c883fda0a
fix ban appeals; thanks to sraczynski for reporting
2014-06-16 11:39:56 +02:00
czaks
427a9938a7
Merge 4.5
2014-06-12 03:12:56 +02:00
Chen-Pang He
7933abd271
Fix vichan #65
...
Conflicts:
inc/mod/auth.php
inc/mod/pages.php
2014-06-12 03:12:27 +02:00
czaks
503903ac0f
Merge 4.5
2014-06-11 02:05:14 +02:00
czaks
23d6e82038
$_SERVER[HTTPS] isn`t being always set; fixes #65
2014-06-11 02:04:59 +02:00
czaks
c2cbbe7e22
Merge 4.5
...
Conflicts:
js/expand-too-long.js
2014-06-10 17:51:03 +02:00
Chen-Pang He
6716a24b68
Send cookie only via HTTPS if a mod logs in via HTTPS, which is the case on this site
2014-06-10 17:42:18 +02:00
Fredrick Brennan
65a14a0d39
Fix moving of deleted files
2014-05-19 14:00:16 -04:00
Fredrick Brennan
5039584a5e
Fix ?/recent str_replace issue
2014-05-04 19:24:34 -04:00
Fredrick Brennan
042e7b9c59
Deprecate postControls(), per-file deletion and spoilering
2014-04-30 17:18:35 -04:00
Fredrick Brennan
24753907eb
remove var_dump
2014-04-29 20:18:30 -04:00
Fredrick Brennan
53e33d414f
Fix mod_move for multi image
2014-04-29 19:14:10 -04:00
Fredrick Brennan
2b3942d19d
Fix mod_move for multi image
2014-04-29 19:07:13 -04:00
czaks
bb5446a93d
Merge remote-tracking branch 'origin/br-integration' into staging
2014-04-29 21:35:50 +02:00
copypaste
c483e1258c
multiimage posting
2014-04-27 15:48:47 +02:00
czaks
9d9d514919
we no have any modpages.html
2014-03-25 11:57:36 +01:00
sinuca
fb2b66e2dd
Recent posts functionality
...
Conflicts:
inc/config.php
inc/mod/pages.php
mod.php
2014-03-25 11:35:04 +01:00
czaks
f5657caf24
Merge branch 'master' of https://github.com/savetheinternet/Tinyboard into vichan-devel-4.5
...
Conflicts:
inc/config.php
install.php
post.php
stylesheets/style.css
2013-11-11 21:54:35 +01:00
Michael Foster
f5422cad65
Um. I accidentally deleted this code for some reason.
2013-09-30 12:18:56 +10:00
Michael Foster
c8062fbf76
CSRF more mod pages
2013-09-23 16:48:56 +10:00
Michael Foster
d234c014f0
?/debug/apc with cache prefixes
2013-09-23 10:41:47 +10:00
Michael Foster
fcbc211314
Fixed weird bug with ?/debug/sql trying to allocate a few GB on some instances. Assuming bug with APCu.
2013-09-23 10:21:18 +10:00
Michael Foster
39be89ba49
?/debug/apc
2013-09-23 10:11:16 +10:00
Michael Foster
a9b7f9b1bc
begin implementation of in-built ban appealing
2013-09-21 12:51:23 +10:00
ctrlcctrlv
0a58973631
Make it so that users can't insert code w/syntax errors into ?/config
2013-09-21 02:21:05 +00:00
czaks
8ca495e5b8
Merge branch 'master' of https://github.com/savetheinternet/Tinyboard into vichan-devel-4.5
...
Conflicts:
inc/config.php
2013-09-17 19:12:19 -04:00
Michael Foster
3471f7c668
Optionally show post user was banned for
2013-09-18 08:47:34 +10:00
czaks
6cb7eb939e
Merge branch 'master' of https://github.com/savetheinternet/Tinyboard into vichan-devel-4.5
...
Conflicts:
inc/config.php
inc/display.php
inc/mod/pages.php
install.php
js/quick-reply.js
post.php
templates/index.html
2013-09-17 10:43:44 -04:00
Michael Foster
803f0c8ce1
Fix search for new bans table
2013-09-17 09:35:13 +10:00
Michael Foster
3e57bb04d7
Begin upgrade to much better bans table. DO NOT PULL YET; It won't work.
2013-09-17 09:15:24 +10:00
Michael Foster
dd1bec687b
bugfix: disable javascript on mod pages
2013-09-16 06:37:14 +10:00
Michael Foster
b038e0b244
fix last commit
2013-09-15 04:23:47 +10:00
Michael Foster
2230f0a051
disable $config['try_smarter'] on ?/rebuild
2013-09-15 04:22:27 +10:00
Michael Foster
5da8f28726
Improvements to ?/debug/antispam and ?/debug/recentc
2013-09-09 20:16:13 +10:00
Michael Foster
cc37d79c0d
Fix last commit.
2013-09-09 01:38:32 +10:00
Michael Foster
eea4e42609
Add ability to create custom user/permissions groups
2013-09-09 01:33:51 +10:00
Michael Foster
7f0de93608
Cleaner check to make sure inc/ files aren't accessed directly.
2013-09-06 20:12:04 +10:00
czaks
8a244ab61e
Fixed working on some broken shared hostings. Thanks for Belarussian anon for reporting.
2013-09-02 13:41:28 +10:00
czaks
069f1def9b
Merge branch 'master' of https://github.com/savetheinternet/Tinyboard
...
Conflicts:
install.php
2013-09-01 11:25:19 -04:00
czaks
c240056865
Fixed working on some broken shared hostings. Thanks for Belarussian anon for reporting.
2013-09-01 11:20:57 -04:00
Michael Foster
8d14ef6bf7
lol
2013-08-31 13:33:26 +10:00
Michael Foster
d166fc70bd
Fix \t in posts (editing posts, and HTML Tidy)
2013-08-31 13:23:29 +10:00
Michael Foster
46d41cd2a7
More track_cites work
2013-08-30 15:00:33 +10:00
Michael Foster
8921eb9c1a
Bugfix: pm_unreadcount cache not working correctly
2013-08-30 08:38:14 +10:00
ctrlcctrlv
5f977ee593
Moving threads wasn't working with the catalog theme enabled
...
Conflicts:
inc/mod/pages.php
2013-08-29 15:18:45 +10:00
ctrlcctrlv
b829d19ec7
Moving threads wasn't working with the catalog theme enabled
2013-08-29 00:38:39 +00:00
ctrlcctrlv
3b5561d1a4
Bugfix: Circlepuller is a dumbass and broke many mod actions, don't merge his commits without testing them
2013-08-29 07:32:29 +10:00
ctrlcctrlv
e34c0f4b65
Bugfix: Circlepuller is a dumbass and broke many mod actions, don't merge his commits without testing them
2013-08-28 21:31:10 +00:00
czaks
8503e65858
Merge branch 'master' of https://github.com/savetheinternet/Tinyboard
...
Conflicts:
inc/config.php
inc/functions.php
install.php
stylesheets/dark_roach.css
2013-08-28 12:41:36 -04:00
Michael Foster
6ce78cb1a4
Bugfix: post editing: should be $board here, not $board['uri']
2013-08-27 17:27:17 +10:00
Dan Saunders
00a1841cbc
Regenerate themes after editing a post
2013-08-27 06:56:53 +10:00