.%.dnsbl.httpbl.org', function($ip) { // $octets = explode('.', $ip); // // // days since last activity // if ($octets[1] > 14) // return false; // // // "threat score" (http://www.projecthoneypot.org/threat_info.php) // if ($octets[2] < 5) // return false; // // return true; // }, 'dnsbl.httpbl.org'); // hide our access key // Skip checking certain IP addresses against blacklists (for troubleshooting or whatever) $config['dnsbl_exceptions'][] = '127.0.0.1'; /* * Introduction to Tinyboard's spam filter: * * In simple terms, whenever a posting form on a page is generated (which happens whenever a * post is made), Tinyboard will add a random amount of hidden, obscure fields to it to * confuse bots and upset hackers. These fields and their respective obscure values are * validated upon posting with a 160-bit "hash". That hash can only be used as many times * as you specify; otherwise, flooding bots could just keep reusing the same hash. * Once a new set of inputs (and the hash) are generated, old hashes for the same thread * and board are set to expire. Because you have to reload the page to get the new set * of inputs and hash, if they expire too quickly and more than one person is viewing the * page at a given time, Tinyboard would return false positives (depending on how long the * user sits on the page before posting). If your imageboard is quite fast/popular, set * $config['spam']['hidden_inputs_max_pass'] and $config['spam']['hidden_inputs_expire'] to * something higher to avoid false positives. * * See also: http://tinyboard.org/docs/?p=Your_request_looks_automated * */ // Number of hidden fields to generate. $config['spam']['hidden_inputs_min'] = 4; $config['spam']['hidden_inputs_max'] = 12; // How many times can a "hash" be used to post? $config['spam']['hidden_inputs_max_pass'] = 12; // How soon after regeneration do hashes expire (in seconds)? $config['spam']['hidden_inputs_expire'] = 60 * 60 * 3; // three hours // Whether to use Unicode characters in hidden input names and values. $config['spam']['unicode'] = true; // These are fields used to confuse the bots. Make sure they aren't actually used by Tinyboard, or it won't work. $config['spam']['hidden_input_names'] = array( 'user', 'username', 'login', 'search', 'q', 'url', 'firstname', 'lastname', 'text', 'message' ); // Always update this when adding new valid fields to the post form, or EVERYTHING WILL BE DETECTED AS SPAM! $config['spam']['valid_inputs'] = array( 'hash', 'board', 'thread', 'mod', 'name', 'email', 'subject', 'post', 'body', 'password', 'sticky', 'lock', 'raw', 'embed', 'recaptcha_challenge_field', 'recaptcha_response_field', 'spoiler', 'quick-reply', 'page', 'file_url', 'json_response', ); // Enable reCaptcha to make spam even harder. Rarely necessary. $config['recaptcha'] = false; // Public and private key pair from https://www.google.com/recaptcha/admin/create $config['recaptcha_public'] = '6LcXTcUSAAAAAKBxyFWIt2SO8jwx4W7wcSMRoN3f'; $config['recaptcha_private'] = '6LcXTcUSAAAAAOGVbVdhmEM1_SyRF4xTKe8jbzf_'; /* * Custom filters detect certain posts and reject/ban accordingly. They are made up of a condition and an * action (for when ALL conditions are met). As every single post has to be put through each filter, * having hundreds probably isn't ideal as it could slow things down. * * By default, the custom filters array is populated with basic flood prevention conditions. This * includes forcing users to wait at least 5 seconds between posts. To disable (or amend) these flood * prevention settings, you will need to empty the $config['filters'] array first. You can do so by * adding "$config['filters'] = array();" to inc/instance-config.php. Basic flood prevention used to be * controlled solely by config variables such as $config['flood_time'] and $config['flood_time_ip'], and * it still is, as long as you leave the relevant $config['filters'] intact. These old config variables * still exist for backwards-compatability and general convenience. * * Read more: http://tinyboard.org/docs/index.php?p=Config/Filters */ // Minimum time between between each post by the same IP address. $config['flood_time'] = 10; // Minimum time between between each post with the exact same content AND same IP address. $config['flood_time_ip'] = 120; // Same as above but by a different IP address. (Same content, not necessarily same IP address.) $config['flood_time_same'] = 30; // Minimum time between posts by the same IP address (all boards). $config['filters'][] = array( 'condition' => array( 'flood-match' => array('ip'), // Only match IP address 'flood-time' => &$config['flood_time'] ), 'action' => 'reject', 'message' => &$config['error']['flood'] ); // Minimum time between posts by the same IP address with the same text. $config['filters'][] = array( 'condition' => array( 'flood-match' => array('ip', 'body'), // Match IP address and post body 'flood-time' => &$config['flood_time_ip'], '!body' => '/^$/', // Post body is NOT empty ), 'action' => 'reject', 'message' => &$config['error']['flood'] ); // Minimum time between posts with the same text. (Same content, but not always the same IP address.) $config['filters'][] = array( 'condition' => array( 'flood-match' => array('body'), // Match only post body 'flood-time' => &$config['flood_time_same'] ), 'action' => 'reject', 'message' => &$config['error']['flood'] ); // Example: Minimum time between posts with the same file hash. // $config['filters'][] = array( // 'condition' => array( // 'flood-match' => array('file'), // Match file hash // 'flood-time' => 60 * 2 // 2 minutes minimum // ), // 'action' => 'reject', // 'message' => &$config['error']['flood'] // ); // Example: Use the "flood-count" condition to only match if the user has made at least two posts with // the same content and IP address in the past 2 minutes. // $config['filters'][] = array( // 'condition' => array( // 'flood-match' => array('ip', 'body'), // Match IP address and post body // 'flood-time' => 60 * 2, // 2 minutes // 'flood-count' => 2 // At least two recent posts // ), // '!body' => '/^$/', // 'action' => 'reject', // 'message' => &$config['error']['flood'] // ); // Example: Blocking an imaginary known spammer, who keeps posting a reply with the name "surgeon", // ending his posts with "regards, the surgeon" or similar. // $config['filters'][] = array( // 'condition' => array( // 'name' => '/^surgeon$/', // 'body' => '/regards,\s+(the )?surgeon$/i', // 'OP' => false // ), // 'action' => 'reject', // 'message' => 'Go away, spammer.' // ); // Example: Same as above, but issuing a 3-hour ban instead of just reject the post. // $config['filters'][] = array( // 'condition' => array( // 'name' => '/^surgeon$/', // 'body' => '/regards,\s+(the )?surgeon$/i', // 'OP' => false // ), // 'action' => 'ban', // 'expires' => 60 * 60 * 3, // 3 hours // 'reason' => 'Go away, spammer.' // ); // Example: PHP 5.3+ (anonymous functions) // There is also a "custom" condition, making the possibilities of this feature pretty much endless. // This is a bad example, because there is already a "name" condition built-in. // $config['filters'][] = array( // 'condition' => array( // 'body' => '/h$/i', // 'OP' => false, // 'custom' => function($post) { // if($post['name'] == 'Anonymous') // return true; // else // return false; // } // ), // 'action' => 'reject' // ); // Filter flood prevention conditions ("flood-match") depend on a table which contains a cache of recent // posts across all boards. This table is automatically purged of older posts, determining the maximum // "age" by looking at each filter. However, when determining the maximum age, Tinyboard does not look // outside the current board. This means that if you have a special flood condition for a specific board // (contained in a board configuration file) which has a flood-time greater than any of those in the // global configuration, you need to set the following variable to the maximum flood-time condition value. // $config['flood_cache'] = 60 * 60 * 24; // 24 hours /* * ==================== * Post settings * ==================== */ // Do you need a body for your reply posts? $config['force_body'] = false; // Do you need a body for new threads? $config['force_body_op'] = true; // Require an image for threads? $config['force_image_op'] = true; // Strip superfluous new lines at the end of a post. $config['strip_superfluous_returns'] = true; // Strip combining characters from Unicode strings (eg. "Zalgo"). $config['strip_combining_chars'] = true; // Maximum post body length. $config['max_body'] = 1800; // Maximum number of post body lines to show on the index page. $config['body_truncate'] = 15; // Maximum number of characters to show on the index page. $config['body_truncate_char'] = 2500; // Typically spambots try to post many links. Refuse a post with X links? $config['max_links'] = 20; // Maximum number of cites per post (prevents abuse, as more citations mean more database queries). $config['max_cites'] = 45; // Maximum number of cross-board links/citations per post. $config['max_cross'] = $config['max_cites']; // Track post citations (>>XX). Rebuilds posts after a cited post is deleted, removing broken links. // Puts a little more load on the database. $config['track_cites'] = true; // Maximum filename length (will be truncated). $config['max_filename_len'] = 255; // Maximum filename length to display (the rest can be viewed upon mouseover). $config['max_filename_display'] = 30; // How long after posting should you have to wait before being able to delete that post? (In seconds.) $config['delete_time'] = 10; // Reply limit (stops bumping thread when this is reached). $config['reply_limit'] = 250; // Image hard limit (stops allowing new image replies when this is reached if not zero). $config['image_hard_limit'] = 0; // Reply hard limit (stops allowing new replies when this is reached if not zero). $config['reply_hard_limit'] = 0; $config['robot_enable'] = false; // Strip repeating characters when making hashes. $config['robot_strip_repeating'] = true; // Enabled mutes? Tinyboard uses ROBOT9000's original 2^x implementation where x is the number of times // you have been muted in the past. $config['robot_mute'] = true; // How long before Tinyboard forgets about a mute? $config['robot_mute_hour'] = 336; // 2 weeks // If you want to alter the algorithm a bit. Default value is 2. $config['robot_mute_multiplier'] = 2; // (n^x where x is the number of previous mutes) $config['robot_mute_descritpion'] = _('You have been muted for unoriginal content.'); // Automatically convert things like "..." to Unicode characters ("…"). $config['auto_unicode'] = true; // Whether to turn URLs into functional links. $config['markup_urls'] = true; // Optional URL prefix for links (eg. "http://anonym.to/?"). $config['link_prefix'] = ''; // Allow "uploading" images via URL as well. Users can enter the URL of the image and then Tinyboard will // download it. Not usually recommended. $config['allow_upload_by_url'] = false; // The timeout for the above, in seconds. $config['upload_by_url_timeout'] = 15; // A wordfilter (sometimes referred to as just a "filter" or "censor") automatically scans users’ posts // as they are submitted and changes or censors particular words or phrases. // For a normal string replacement: // $config['wordfilters'][] = array('cat', 'dog'); // Advanced raplcement (regular expressions): // $config['wordfilters'][] = array('/ca[rt]/', 'dog', true); // 'true' means it's a regular expression // Always act as if the user had typed "noko" into the email field. $config['always_noko'] = false; // Example: Custom tripcodes. The below example makes a tripcode of "#test123" evaluate to "!HelloWorld". // $config['custom_tripcode']['#test123'] = '!HelloWorld'; // Example: Custom secure tripcode. // $config['custom_tripcode']['##securetrip'] = '!!somethingelse'; // Allow users to mark their image as a "spoiler" when posting. The thumbnail will be replaced with a // static spoiler image instead (see $config['spoiler_image']). $config['spoiler_images'] = false; // With the following, you can disable certain superfluous fields or enable "forced anonymous". // When true, all names will be set to $config['anonymous']. $config['field_disable_name'] = false; // When true, there will be no email field. $config['field_disable_email'] = false; // When true, there will be no subject field. $config['field_disable_subject'] = false; // When true, there will be no subject field for replies. $config['field_disable_reply_subject'] = false; // When true, a blank password will be used for files (not usable for deletion). $config['field_disable_password'] = false; // Attach country flags to posts. Requires the PHP "geoip" extension to be installed: // http://www.php.net/manual/en/intro.geoip.php. In the future, maybe I will find and include a proper // pure-PHP geolocation library. $config['country_flags'] = false; /* * ==================== * Ban settings * ==================== */ // Require users to see the ban page at least once for a ban even if it has since expired. $config['require_ban_view'] = true; // Show the post the user was banned for on the "You are banned" page. $config['ban_show_post'] = false; // Optional HTML to append to "You are banned" pages. For example, you could include instructions and/or // a link to an email address or IRC chat room to appeal the ban. $config['ban_page_extra'] = ''; // Allow users to appeal bans through Tinyboard. $config['ban_appeals'] = false; // Do not allow users to appeal bans that are shorter than this length (in seconds). $config['ban_appeals_min_length'] = 60 * 60 * 6; // 6 hours // How many ban appeals can be made for a single ban? $config['ban_appeals_max'] = 1; /* * ==================== * Markup settings * ==================== */ // "Wiki" markup syntax ($config['wiki_markup'] in pervious versions): $config['markup'][] = array("/'''(.+?)'''/", "\$1"); $config['markup'][] = array("/''(.+?)''/", "\$1"); $config['markup'][] = array("/\*\*(.+?)\*\*/", "\$1"); // $config['markup'][] = array("/^[ |\t]*==(.+?)==[ |\t]*$/m", "\$1"); // Highlight PHP code wrapped in tags (PHP 5.3+) // $config['markup'][] = array( // '/^<code>(.+)<\/code>/ms', // function($matches) { // return highlight_string(html_entity_decode($matches[1]), true); // } // ); // Repair markup with HTML Tidy. This may be slower, but it solves nesting mistakes. Tinyboad, at the // time of writing this, can not prevent out-of-order markup tags (eg. "**''test**'') without help from // HTML Tidy. $config['markup_repair_tidy'] = false; // Always regenerate markup. This isn't recommended and should only be used for debugging; by default, // Tinyboard only parses post markup when it needs to, and keeps post-markup HTML in the database. This // will significantly impact performance when enabled. $config['always_regenerate_markup'] = false; /* * ==================== * Image settings * ==================== */ // For resizing, maximum thumbnail dimensions. $config['thumb_width'] = 255; $config['thumb_height'] = 255; // Maximum thumbnail dimensions for thread (OP) images. $config['thumb_op_width'] = 255; $config['thumb_op_height'] = 255; // Thumbnail extension ("png" recommended). Leave this empty if you want the extension to be inherited // from the uploaded file. $config['thumb_ext'] = 'png'; // Maximum amount of animated GIF frames to resize (more frames can mean more processing power). A value // of "1" means thumbnails will not be animated. Requires $config['thumb_ext'] to be 'gif' (or blank) and // $config['thumb_method'] to be 'imagick', 'convert', or 'convert+gifsicle'. This value is not // respected by 'convert'; will just resize all frames if this is > 1. $config['thumb_keep_animation_frames'] = 1; /* * Thumbnailing method: * * 'gd' PHP GD (default). Only handles the most basic image formats (GIF, JPEG, PNG). * GD is a prerequisite for Tinyboard no matter what method you choose. * * 'imagick' PHP's ImageMagick bindings. Fast and efficient, supporting many image formats. * A few minor bugs. http://pecl.php.net/package/imagick * * 'convert' The command line version of ImageMagick (`convert`). Fixes most of the bugs in * PHP Imagick. `convert` produces the best still thumbnails and is highly recommended. * * 'gm' GraphicsMagick (`gm`) is a fork of ImageMagick with many improvements. It is more * efficient and gets thumbnailing done using fewer resources. * * 'convert+gifscale' * OR 'gm+gifsicle' Same as above, with the exception of using `gifsicle` (command line application) * instead of `convert` for resizing GIFs. It's faster and resulting animated * thumbnails have less artifacts than if resized with ImageMagick. */ $config['thumb_method'] = 'gd'; // $config['thumb_method'] = 'convert'; // Command-line options passed to ImageMagick when using `convert` for thumbnailing. Don't touch the // placement of "%s" and "%d". $config['convert_args'] = '-size %dx%d %s -thumbnail %dx%d -auto-orient +profile "*" %s'; // Strip EXIF metadata from JPEG files. $config['strip_exif'] = false; // Use the command-line `exiftool` tool to strip EXIF metadata without decompressing/recompressing JPEGs. // Ignored when $config['redraw_image'] is true. This is also used to adjust the Orientation tag when // $config['strip_exif'] is false and $config['convert_manual_orient'] is true. $config['use_exiftool'] = false; // Redraw the image to strip any excess data (commonly ZIP archives) WARNING: This might strip the // animation of GIFs, depending on the chosen thumbnailing method. It also requires recompressing // the image, so more processing power is required. $config['redraw_image'] = false; // Automatically correct the orientation of JPEG files using -auto-orient in `convert`. This only works // when `convert` or `gm` is selected for thumbnailing. Again, requires more processing power because // this basically does the same thing as $config['redraw_image']. (If $config['redraw_image'] is enabled, // this value doesn't matter as $config['redraw_image'] attempts to correct orientation too.) $config['convert_auto_orient'] = false; // Is your version of ImageMagick or GraphicsMagick old? Older versions may not include the -auto-orient // switch. This is a manual replacement for that switch. This is independent from the above switch; // -auto-orrient is applied when thumbnailing too. $config['convert_manual_orient'] = false; // Regular expression to check for an XSS exploit with IE 6 and 7. To disable, set to false. // Details: https://github.com/savetheinternet/Tinyboard/issues/20 $config['ie_mime_type_detection'] = '/<(?:body|head|html|img|plaintext|pre|script|table|title|a href|channel|scriptlet)/i'; // Allowed image file extensions. $config['allowed_ext'][] = 'jpg'; $config['allowed_ext'][] = 'jpeg'; $config['allowed_ext'][] = 'bmp'; $config['allowed_ext'][] = 'gif'; $config['allowed_ext'][] = 'png'; // $config['allowed_ext'][] = 'svg'; // Allowed additional file extensions (not images; downloadable files). // $config['allowed_ext_files'][] = 'txt'; // $config['allowed_ext_files'][] = 'zip'; // An alternative function for generating image filenames, instead of the default UNIX timestamp. // $config['filename_func'] = function($post) { // return sprintf("%s", time() . substr(microtime(), 2, 3)); // }; // Thumbnail to use for the non-image file uploads. $config['file_icons']['default'] = 'file.png'; $config['file_icons']['zip'] = 'zip.png'; // Example: Custom thumbnail for certain file extension. // $config['file_icons']['extension'] = 'some_file.png'; // Location of above images. $config['file_thumb'] = 'static/%s'; // Location of thumbnail to use for spoiler images. $config['spoiler_image'] = 'static/spoiler.png'; // Location of thumbnail to use for deleted images. // $config['image_deleted'] = 'static/deleted.png'; // When a thumbnailed image is going to be the same (in dimension), just copy the entire file and use // that as a thumbnail instead of resizing/redrawing. $config['minimum_copy_resize'] = false; // Maximum image upload size in bytes. $config['max_filesize'] = 10 * 1024 * 1024; // 10MB // Maximum image dimensions. $config['max_width'] = 10000; $config['max_height'] = $config['max_width']; // Reject duplicate image uploads. $config['image_reject_repost'] = true; // Reject duplicate image uploads within the same thread. Doesn't change anything if // $config['image_reject_repost'] is true. $config['image_reject_repost_in_thread'] = false; // Display the aspect ratio of uploaded files. $config['show_ratio'] = false; // Display the file's original filename. $config['show_filename'] = true; // Display image identification links using regex.info/exif, TinEye and Google Images. $config['image_identification'] = false; /* * ==================== * Board settings * ==================== */ // Maximum amount of threads to display per page. $config['threads_per_page'] = 10; // Maximum number of pages. Content past the last page is automatically purged. $config['max_pages'] = 10; // Replies to show per thread on the board index page. $config['threads_preview'] = 5; // Same as above, but for stickied threads. $config['threads_preview_sticky'] = 1; // How to display the URI of boards. Usually '/%s/' (/b/, /mu/, etc). This doesn't change the URL. Find // $config['board_path'] if you wish to change the URL. $config['board_abbreviation'] = '/%s/'; // The default name (ie. Anonymous). $config['anonymous'] = 'Anonymous'; // Number of reports you can create at once. $config['report_limit'] = 3; // Allow unfiltered HTML in board subtitles. This is useful for placing icons and links. $config['allow_subtitle_html'] = false; /* * ==================== * Display settings * ==================== */ // Tinyboard has been translated into a few langauges. See inc/locale for available translations. $config['locale'] = 'en'; // (en, ru_RU.UTF-8, fi_FI.UTF-8, pl_PL.UTF-8) // Timezone to use for displaying dates/tiems. $config['timezone'] = 'America/Los_Angeles'; // The format string passed to strftime() for displaying dates. // http://www.php.net/manual/en/function.strftime.php $config['post_date'] = '%m/%d/%y (%a) %H:%M:%S'; // Same as above, but used for "you are banned' pages. $config['ban_date'] = '%A %e %B, %Y'; // The names on the post buttons. (On most imageboards, these are both just "Post"). $config['button_newtopic'] = _('New Topic'); $config['button_reply'] = _('New Reply'); // Assign each poster in a thread a unique ID, shown by "ID: xxxxx" before the post number. $config['poster_ids'] = false; // Number of characters in the poster ID (maximum is 40). $config['poster_id_length'] = 5; // Show thread subject in page title. $config['thread_subject_in_title'] = false; // Additional lines added to the footer of all pages. $config['footer'][] = _('All trademarks, copyrights, comments, and images on this page are owned by and are the responsibility of their respective parties.'); // Characters used to generate a random password (with Javascript). $config['genpassword_chars'] = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()_+'; // Optional banner image at the top of every page. // $config['url_banner'] = '/banner.php'; // Banner dimensions are also optional. As the banner loads after the rest of the page, everything may be // shifted down a few pixels when it does. Making the banner a fixed size will prevent this. // $config['banner_width'] = 300; // $config['banner_height'] = 100; // Custom stylesheets available for the user to choose. See the "stylesheets/" folder for a list of // available stylesheets (or create your own). $config['stylesheets']['Yotsuba B'] = ''; // Default; there is no additional/custom stylesheet for this. $config['stylesheets']['Yotsuba'] = 'yotsuba.css'; // $config['stylesheets']['Futaba'] = 'futaba.css'; // $config['stylesheets']['Dark'] = 'dark.css'; // The prefix for each stylesheet URI. Defaults to $config['root']/stylesheets/ // $config['uri_stylesheets'] = 'http://static.example.org/stylesheets/'; // The default stylesheet to use. $config['default_stylesheet'] = array('Yotsuba B', $config['stylesheets']['Yotsuba B']); // Make stylesheet selections board-specific. $config['stylesheets_board'] = false; // Use Font-Awesome for displaying lock and pin icons, instead of the images in static/. // http://fortawesome.github.io/Font-Awesome/icon/pushpin/ // http://fortawesome.github.io/Font-Awesome/icon/lock/ $config['font_awesome'] = true; $config['font_awesome_css'] = 'stylesheets/font-awesome/css/font-awesome.min.css'; /* * For lack of a better name, “boardlinks” are those sets of navigational links that appear at the top * and bottom of board pages. They can be a list of links to boards and/or other pages such as status * blogs and social network profiles/pages. * * "Groups" in the boardlinks are marked with square brackets. Tinyboard allows for infinite recursion * with groups. Each array() in $config['boards'] represents a new square bracket group. */ // $config['boards'] = array( // array('a', 'b'), // array('c', 'd', 'e', 'f', 'g'), // array('h', 'i', 'j'), // array('k', array('l', 'm')), // array('status' => 'http://status.example.org/') // ); // Whether or not to put brackets around the whole board list $config['boardlist_wrap_bracket'] = true; // Show page navigation links at the top as well. $config['page_nav_top'] = false; // Show "Catalog" link in page navigation. Use with the Catalog theme. // $config['catalog_link'] = 'catalog.html'; // Board categories. Only used in the "Categories" theme. // $config['categories'] = array( // 'Group Name' => array('a', 'b', 'c'), // 'Another Group' => array('d') // ); // Optional for the Categories theme. This is an array of name => (title, url) groups for categories // with non-board links. // $config['custom_categories'] = array( // 'Links' => array( // 'Tinyboard' => 'http://tinyboard.org', // 'Donate' => 'donate.html' // ) // ); // Automatically remove unnecessary whitespace when compiling HTML files from templates. $config['minify_html'] = true; // Display flags (when available). This config option has no effect unless poster flags are enabled (see // $config['country_flags']). Disable this if you want all previously-assigned flags to be hidden. $config['display_flags'] = true; // Location of post flags/icons (where "%s" is the flag name). Defaults to static/flags/%s.png. // $config['uri_flags'] = 'http://static.example.org/flags/%s.png'; // Width and height (and more?) of post flags. Can be overridden with the Tinyboard post modifier: // . $config['flag_style'] = 'width:16px;height:11px;'; /* * ==================== * Javascript * ==================== */ // Additional Javascript files to include on board index and thread pages. See js/ for available scripts. $config['additional_javascript'][] = 'js/inline-expanding.js'; // $config['additional_javascript'][] = 'js/local-time.js'; // Some scripts require jQuery. Check the comments in script files to see what's needed. When enabling // jQuery, you should first empty the array so that "js/query.min.js" can be the first, and then re-add // "js/inline-expanding.js" or else the inline-expanding script might not interact properly with other // scripts. // $config['additional_javascript'] = array(); // $config['additional_javascript'][] = 'js/jquery.min.js'; // $config['additional_javascript'][] = 'js/inline-expanding.js'; // $config['additional_javascript'][] = 'js/auto-reload.js'; // $config['additional_javascript'][] = 'js/post-hover.js'; // $config['additional_javascript'][] = 'js/style-select.js'; // Where these script files are located on the web. Defaults to $config['root']. // $config['additional_javascript_url'] = 'http://static.example.org/tinyboard-javascript-stuff/'; // Compile all additional scripts into one file ($config['file_script']) instead of including them seperately. $config['additional_javascript_compile'] = false; // Minify Javascript using http://code.google.com/p/minify/. $config['minify_js'] = false; // Allows js/quick-reply-old.js to work. This could make your imageboard more vulnerable to flood attacks. $config['quick_reply'] = false; // Show "SAGE!" next to sage posts $config['show_sages'] = false; /* * ==================== * Video embedding * ==================== */ // Enable embedding (see below). $config['enable_embedding'] = false; // Custom embedding (YouTube, vimeo, etc.) // It's very important that you match the entire input (with ^ and $) or things will not work correctly. $config['embedding'] = array( array( '/^https?:\/\/(\w+\.)?youtube\.com\/watch\?v=([a-zA-Z0-9\-_]{10,11})(&.+)?$/i', '' ), array( '/^https?:\/\/(\w+\.)?vimeo\.com\/(\d{2,10})(\?.+)?$/i', '' ), array( '/^https?:\/\/(\w+\.)?dailymotion\.com\/video\/([a-zA-Z0-9]{2,10})(_.+)?$/i', '' ), array( '/^https?:\/\/(\w+\.)?metacafe\.com\/watch\/(\d+)\/([a-zA-Z0-9_\-.]+)\/(\?.+)?$/i', '
' ), array( '/^https?:\/\/video\.google\.com\/videoplay\?docid=(\d+)([&#](.+)?)?$/i', '' ), array( '/^https?:\/\/(\w+\.)?vocaroo\.com\/i\/([a-zA-Z0-9]{2,15})$/i', '' ) ); // Embedding width and height. $config['embed_width'] = 300; $config['embed_height'] = 246; /* * ==================== * Error messages * ==================== */ // Error messages $config['error']['bot'] = _('You look like a bot.'); $config['error']['referer'] = _('Your browser sent an invalid or no HTTP referer.'); $config['error']['toolong'] = _('The %s field was too long.'); $config['error']['toolong_body'] = _('The body was too long.'); $config['error']['tooshort_body'] = _('The body was too short or empty.'); $config['error']['noimage'] = _('You must upload an image.'); $config['error']['nomove'] = _('The server failed to handle your upload.'); $config['error']['fileext'] = _('Unsupported image format.'); $config['error']['noboard'] = _('Invalid board!'); $config['error']['nonexistant'] = _('Thread specified does not exist.'); $config['error']['locked'] = _('Thread locked. You may not reply at this time.'); $config['error']['reply_hard_limit'] = _('Thread has reached its maximum reply limit.'); $config['error']['image_hard_limit'] = _('Thread has reached its maximum image limit.'); $config['error']['nopost'] = _('You didn\'t make a post.'); $config['error']['flood'] = _('Flood detected; Post discarded.'); $config['error']['spam'] = _('Your request looks automated; Post discarded.'); $config['error']['unoriginal'] = _('Unoriginal content!'); $config['error']['muted'] = _('Unoriginal content! You have been muted for %d seconds.'); $config['error']['youaremuted'] = _('You are muted! Expires in %d seconds.'); $config['error']['dnsbl'] = _('Your IP address is listed in %s.'); $config['error']['toomanylinks'] = _('Too many links; flood detected.'); $config['error']['toomanycites'] = _('Too many cites; post discarded.'); $config['error']['toomanycross'] = _('Too many cross-board links; post discarded.'); $config['error']['nodelete'] = _('You didn\'t select anything to delete.'); $config['error']['noreport'] = _('You didn\'t select anything to report.'); $config['error']['toomanyreports'] = _('You can\'t report that many posts at once.'); $config['error']['invalidpassword'] = _('Wrong password…'); $config['error']['invalidimg'] = _('Invalid image.'); $config['error']['unknownext'] = _('Unknown file extension.'); $config['error']['filesize'] = _('Maximum file size: %maxsz% bytes
Your file\'s size: %filesz% bytes'); $config['error']['maxsize'] = _('The file was too big.'); $config['error']['fileexists'] = _('That file already exists!'); $config['error']['fileexistsinthread'] = _('That file already exists in this thread!'); $config['error']['delete_too_soon'] = _('You\'ll have to wait another %s before deleting that.'); $config['error']['mime_exploit'] = _('MIME type detection XSS exploit (IE) detected; post discarded.'); $config['error']['invalid_embed'] = _('Couldn\'t make sense of the URL of the video you tried to embed.'); $config['error']['captcha'] = _('You seem to have mistyped the verification.'); // Moderator errors $config['error']['toomanyunban'] = _('You are only allowed to unban %s users at a time. You tried to unban %u users.'); $config['error']['invalid'] = _('Invalid username and/or password.'); $config['error']['notamod'] = _('You are not a mod…'); $config['error']['invalidafter'] = _('Invalid username and/or password. Your user may have been deleted or changed.'); $config['error']['malformed'] = _('Invalid/malformed cookies.'); $config['error']['missedafield'] = _('Your browser didn\'t submit an input when it should have.'); $config['error']['required'] = _('The %s field is required.'); $config['error']['invalidfield'] = _('The %s field was invalid.'); $config['error']['boardexists'] = _('There is already a %s board.'); $config['error']['noaccess'] = _('You don\'t have permission to do that.'); $config['error']['invalidpost'] = _('That post doesn\'t exist…'); $config['error']['404'] = _('Page not found.'); $config['error']['modexists'] = _('That mod already exists!'); $config['error']['invalidtheme'] = _('That theme doesn\'t exist!'); $config['error']['csrf'] = _('Invalid security token! Please go back and try again.'); /* * ========================= * Directory/file settings * ========================= */ // The root directory, including the trailing slash, for Tinyboard. // Examples: '/', 'http://boards.chan.org/', '/chan/'. if (isset($_SERVER['REQUEST_URI'])) { $request_uri = $_SERVER['REQUEST_URI']; if (isset($_SERVER['QUERY_STRING']) && $_SERVER['QUERY_STRING'] !== '') $request_uri = substr($request_uri, 0, - 1 - strlen($_SERVER['QUERY_STRING'])); $config['root'] = str_replace('\\', '/', dirname($request_uri)) == '/' ? '/' : str_replace('\\', '/', dirname($request_uri)) . '/'; unset($request_uri); } else $config['root'] = '/'; // CLI mode // The scheme and domain. This is used to get the site's absolute URL (eg. for image identification links). // If you use the CLI tools, it would be wise to override this setting. $config['domain'] = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off') ? 'https://' : 'http://'; $config['domain'] .= isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : 'localhost'; // If for some reason the folders and static HTML index files aren't in the current working direcotry, // enter the directory path here. Otherwise, keep it false. $config['root_file'] = false; // Location of files. $config['file_index'] = 'index.html'; $config['file_page'] = '%d.html'; $config['file_mod'] = 'mod.php'; $config['file_post'] = 'post.php'; $config['file_script'] = 'main.js'; // Board directory, followed by a forward-slash (/). $config['board_path'] = '%s/'; // Misc directories. $config['dir']['img'] = 'src/'; $config['dir']['thumb'] = 'thumb/'; $config['dir']['res'] = 'res/'; // For load balancing, having a seperate server (and domain/subdomain) for serving static content is // possible. This can either be a directory or a URL. Defaults to $config['root'] . 'static/'. // $config['dir']['static'] = 'http://static.example.org/'; // Where to store the .html templates. This folder and the template files must exist. $config['dir']['template'] = getcwd() . '/templates'; // Location of Tinyboard "themes". $config['dir']['themes'] = getcwd() . '/templates/themes'; // Same as above, but a URI (accessable by web interface). $config['dir']['themes_uri'] = 'templates/themes'; // Home directory. Used by themes. $config['dir']['home'] = ''; // Static images. These can be URLs OR base64 (data URI scheme). These are only used if // $config['font_awesome'] is false (default). // $config['image_sticky'] = 'static/sticky.gif'; // $config['image_locked'] = 'static/locked.gif'; // $config['image_bumplocked'] = 'static/sage.gif'. // If you want to put images and other dynamic-static stuff on another (preferably cookieless) domain. // This will override $config['root'] and $config['dir']['...'] directives. "%s" will get replaced with // $board['dir'], which includes a trailing slash. // $config['uri_thumb'] = 'http://images.example.org/%sthumb/'; // $config['uri_img'] = 'http://images.example.org/%ssrc/'; // Set custom locations for stylesheets and the main script file. This can be used for load balancing // across multiple servers or hostnames. // $config['url_stylesheet'] = 'http://static.example.org/style.css'; // main/base stylesheet // $config['url_javascript'] = 'http://static.example.org/main.js'; // Website favicon. // $config['url_favicon'] = '/favicon.gif'; // EXPERIMENTAL: Try not to build pages when we shouldn't have to. $config['try_smarter'] = true; /* * ==================== * Mod settings * ==================== */ // Limit how many bans can be removed via the ban list. Set to false (or zero) for no limit. $config['mod']['unban_limit'] = false; // Whether or not to lock moderator sessions to IP addresses. This makes cookie theft ineffective. $config['mod']['lock_ip'] = true; // The page that is first shown when a moderator logs in. Defaults to the dashboard (?/). $config['mod']['default'] = '/'; // Mod links (full HTML). $config['mod']['link_delete'] = '[D]'; $config['mod']['link_ban'] = '[B]'; $config['mod']['link_bandelete'] = '[B&D]'; $config['mod']['link_deletefile'] = '[F]'; $config['mod']['link_spoilerimage'] = '[S]'; $config['mod']['link_deletebyip'] = '[D+]'; $config['mod']['link_deletebyip_global'] = '[D++]'; $config['mod']['link_sticky'] = '[Sticky]'; $config['mod']['link_desticky'] = '[-Sticky]'; $config['mod']['link_lock'] = '[Lock]'; $config['mod']['link_unlock'] = '[-Lock]'; $config['mod']['link_bumplock'] = '[Sage]'; $config['mod']['link_bumpunlock'] = '[-Sage]'; $config['mod']['link_editpost'] = '[Edit]'; $config['mod']['link_move'] = '[Move]'; // Moderator capcodes. $config['capcode'] = ' ## %s'; // "## Custom" becomes lightgreen, italic and bold: //$config['custom_capcode']['Custom'] =' ## %s'; // "## Mod" makes everything purple, including the name and tripcode: //$config['custom_capcode']['Mod'] = array( // ' ## %s', // 'color:purple', // Change name style; optional // 'color:purple' // Change tripcode style; optional //); // "## Admin" makes everything red and bold, including the name and tripcode: //$config['custom_capcode']['Admin'] = array( // ' ## %s', // 'color:red;font-weight:bold', // Change name style; optional // 'color:red;font-weight:bold' // Change tripcode style; optional //); // How often (minimum) to purge the ban list of expired bans (which have been seen). Only works when // $config['cache'] is enabled and working. $config['purge_bans'] = 60 * 60 * 12; // 12 hours // Do DNS lookups on IP addresses to get their hostname for the moderator IP pages (?/IP/x.x.x.x). $config['mod']['dns_lookup'] = true; // How many recent posts, per board, to show in ?/IP/x.x.x.x. $config['mod']['ip_recentposts'] = 5; // Number of posts to display on the reports page. $config['mod']['recent_reports'] = 10; // Number of actions to show per page in the moderation log. $config['mod']['modlog_page'] = 350; // Number of bans to show per page in the ban list. $config['mod']['banlist_page'] = 350; // Number of news entries to display per page. $config['mod']['news_page'] = 40; // Number of results to display per page. $config['mod']['search_page'] = 200; // Number of entries to show per page in the moderator noticeboard. $config['mod']['noticeboard_page'] = 50; // Number of entries to summarize and display on the dashboard. $config['mod']['noticeboard_dashboard'] = 5; // Check public ban message by default. $config['mod']['check_ban_message'] = false; // Default public ban message. In public ban messages, %length% is replaced with "for x days" or // "permanently" (with %LENGTH% being the uppercase equivalent). $config['mod']['default_ban_message'] = _('USER WAS BANNED FOR THIS POST'); // $config['mod']['default_ban_message'] = 'USER WAS BANNED %LENGTH% FOR THIS POST'; // HTML to append to post bodies for public bans messages (where "%s" is the message). $config['mod']['ban_message'] = '(%s)'; // When moving a thread to another board and choosing to keep a "shadow thread", an automated post (with // a capcode) will be made, linking to the new location for the thread. "%s" will be replaced with a // standard cross-board post citation (>>>/board/xxx) $config['mod']['shadow_mesage'] = 'Moved to %s.'; // Capcode to use when posting the above message. $config['mod']['shadow_capcode'] = 'Mod'; // Name to use when posting the above message. If false, $config['anonymous'] will be used. $config['mod']['shadow_name'] = false; // PHP time limit for ?/rebuild. A value of 0 should cause PHP to wait indefinitely. $config['mod']['rebuild_timelimit'] = 0; // PM snippet (for ?/inbox) length in characters. $config['mod']['snippet_length'] = 75; // Edit raw HTML in posts by default. $config['mod']['raw_html_default'] = false; // Automatically dismiss all reports regarding a thread when it is locked. $config['mod']['dismiss_reports_on_lock'] = true; // Replace ?/config with a simple text editor for editing inc/instance-config.php. $config['mod']['config_editor_php'] = false; /* * ==================== * Mod permissions * ==================== */ // Probably best not to change this unless you are smart enough to figure out what you're doing. If you // decide to change it, remember that it is impossible to redefinite/overwrite groups; you may only add // new ones. $config['mod']['groups'] = array( 10 => 'Janitor', 20 => 'Mod', 30 => 'Admin', // 98 => 'God', 99 => 'Disabled' ); // If you add stuff to the above, you'll need to call this function immediately after. define_groups(); // Example: Adding a new permissions group. // $config['mod']['groups'][0] = 'NearlyPowerless'; // define_groups(); // Capcode permissions. $config['mod']['capcode'] = array( // JANITOR => array('Janitor'), MOD => array('Mod'), ADMIN => true ); // Example: Allow mods to post with "## Moderator" as well // $config['mod']['capcode'][MOD][] = 'Moderator'; // Example: Allow janitors to post with any capcode // $config['mod']['capcode'][JANITOR] = true; // Set any of the below to "DISABLED" to make them unavailable for everyone. // Don't worry about per-board moderators. Let all mods moderate any board. $config['mod']['skip_per_board'] = false; /* Post Controls */ // View IP addresses $config['mod']['show_ip'] = MOD; // Delete a post $config['mod']['delete'] = JANITOR; // Ban a user for a post $config['mod']['ban'] = MOD; // Ban and delete (one click; instant) $config['mod']['bandelete'] = MOD; // Remove bans $config['mod']['unban'] = MOD; // Spoiler image $config['mod']['spoilerimage'] = JANITOR; // Delete file (and keep post) $config['mod']['deletefile'] = JANITOR; // Delete all posts by IP $config['mod']['deletebyip'] = MOD; // Delete all posts by IP across all boards $config['mod']['deletebyip_global'] = ADMIN; // Sticky a thread $config['mod']['sticky'] = MOD; // Lock a thread $config['mod']['lock'] = MOD; // Post in a locked thread $config['mod']['postinlocked'] = MOD; // Prevent a thread from being bumped $config['mod']['bumplock'] = MOD; // View whether a thread has been bumplocked ("-1" to allow non-mods to see too) $config['mod']['view_bumplock'] = MOD; // Edit posts $config['mod']['editpost'] = ADMIN; // "Move" a thread to another board (EXPERIMENTAL; has some known bugs) $config['mod']['move'] = DISABLED; // Bypass "field_disable_*" (forced anonymity, etc.) $config['mod']['bypass_field_disable'] = MOD; // Post bypass unoriginal content check on robot-enabled boards $config['mod']['postunoriginal'] = ADMIN; // Bypass flood check $config['mod']['bypass_filters'] = ADMIN; $config['mod']['flood'] = &$config['mod']['bypass_filters']; // Raw HTML posting $config['mod']['rawhtml'] = ADMIN; /* Administration */ // View the report queue $config['mod']['reports'] = JANITOR; // Dismiss an abuse report $config['mod']['report_dismiss'] = JANITOR; // Dismiss all abuse reports by an IP $config['mod']['report_dismiss_ip'] = JANITOR; // View list of bans $config['mod']['view_banlist'] = MOD; // View the username of the mod who made a ban $config['mod']['view_banstaff'] = MOD; // If the moderator doesn't fit the $config['mod']['view_banstaff''] (previous) permission, show him just // a "?" instead. Otherwise, it will be "Mod" or "Admin". $config['mod']['view_banquestionmark'] = false; // Show expired bans in the ban list (they are kept in cache until the culprit returns) $config['mod']['view_banexpired'] = true; // View ban for IP address $config['mod']['view_ban'] = $config['mod']['view_banlist']; // View IP address notes $config['mod']['view_notes'] = JANITOR; // Create notes $config['mod']['create_notes'] = $config['mod']['view_notes']; // Remote notes $config['mod']['remove_notes'] = ADMIN; // Create a new board $config['mod']['newboard'] = ADMIN; // Manage existing boards (change title, etc) $config['mod']['manageboards'] = ADMIN; // Delete a board $config['mod']['deleteboard'] = ADMIN; // List/manage users $config['mod']['manageusers'] = MOD; // Promote/demote users $config['mod']['promoteusers'] = ADMIN; // Edit any users' login information $config['mod']['editusers'] = ADMIN; // Change user's own password $config['mod']['change_password'] = JANITOR; // Delete a user $config['mod']['deleteusers'] = ADMIN; // Create a user $config['mod']['createusers'] = ADMIN; // View the moderation log $config['mod']['modlog'] = ADMIN; // View IP addresses of other mods in ?/log $config['mod']['show_ip_modlog'] = ADMIN; // View relevant moderation log entries on IP address pages (ie. ban history, etc.) Warning: Can be // pretty resource intensive if your mod logs are huge. $config['mod']['modlog_ip'] = MOD; // Create a PM (viewing mod usernames) $config['mod']['create_pm'] = JANITOR; // Read any PM, sent to or from anybody $config['mod']['master_pm'] = ADMIN; // Rebuild everything $config['mod']['rebuild'] = ADMIN; // Search through posts, IP address notes and bans $config['mod']['search'] = JANITOR; // Allow searching posts (can be used with board configuration file to disallow searching through a // certain board) $config['mod']['search_posts'] = JANITOR; // Read the moderator noticeboard $config['mod']['noticeboard'] = JANITOR; // Post to the moderator noticeboard $config['mod']['noticeboard_post'] = MOD; // Delete entries from the noticeboard $config['mod']['noticeboard_delete'] = ADMIN; // Public ban messages; attached to posts $config['mod']['public_ban'] = MOD; // Manage and install themes for homepage $config['mod']['themes'] = ADMIN; // Post news entries $config['mod']['news'] = ADMIN; // Custom name when posting news $config['mod']['news_custom'] = ADMIN; // Delete news entries $config['mod']['news_delete'] = ADMIN; // Execute un-filtered SQL queries on the database (?/debug/sql) $config['mod']['debug_sql'] = DISABLED; // Look through all cache values for debugging when APC is enabled (?/debug/apc) $config['mod']['debug_apc'] = ADMIN; // Look through debug information for recent posts (?/debug/recent) $config['mod']['debug_recent'] = ADMIN; // Look through debug information for the antispam system (?/debug/antispam) $config['mod']['debug_antispam'] = ADMIN; // Edit the current configuration (via web interface) $config['mod']['edit_config'] = ADMIN; // View ban appeals $config['mod']['view_ban_appeals'] = MOD; // Accept and deny ban appeals $config['mod']['ban_appeals'] = MOD; // Config editor permissions $config['mod']['config'] = array(); // Disable the following configuration variables from being changed via ?/config. The following default // banned variables are considered somewhat dangerous. $config['mod']['config'][DISABLED] = array( 'mod>config', 'mod>config_editor_php', 'mod>groups', 'convert_args', 'db>password', ); $config['mod']['config'][JANITOR] = array( '!', // Allow editing ONLY the variables listed (in this case, nothing). ); $config['mod']['config'][MOD] = array( '!', // Allow editing ONLY the variables listed (plus that in $config['mod']['config'][JANITOR]). 'global_message', ); // Example: Disallow ADMIN from editing (and viewing) $config['db']['password']. // $config['mod']['config'][ADMIN] = array( // 'db>password', // ); // Example: Allow ADMIN to edit anything other than $config['db'] // (and $config['mod']['config'][DISABLED]). // $config['mod']['config'][ADMIN] = array( // 'db', // ); /* * ==================== * Events (PHP 5.3.0+) * ==================== */ // http://tinyboard.org/docs/?p=Events // event_handler('post', function($post) { // // do something // }); // event_handler('post', function($post) { // // do something else // // // return an error (reject post) // return 'Sorry, you cannot post that!'; // }); /* * ============= * API settings * ============= */ // Whether or not to enable the 4chan-compatible API, disabled by default. See // https://github.com/4chan/4chan-API for API specification. $config['api']['enabled'] = false; // Extra fields in to be shown in the array that are not in the 4chan-API. You can get these by taking a // look at the schema for posts_ tables. The array should be formatted as $db_column => $translated_name. // Example: Adding the pre-markup post body to the API as "com_nomarkup". // $config['api']['extra_fields'] = array('body_nomarkup' => 'com_nomarkup'); /* * ==================== * Other/uncategorized * ==================== */ // Meta keywords. It's probably best to include these in per-board configurations. // $config['meta_keywords'] = 'chan,anonymous discussion,imageboard,tinyboard'; // Link imageboard to your Google Analytics account to track users and provide traffic insights. // $config['google_analytics'] = 'UA-xxxxxxx-yy'; // Keep the Google Analytics cookies to one domain -- ga._setDomainName() // $config['google_analytics_domain'] = 'www.example.org'; // If you use Varnish, Squid, or any similar caching reverse-proxy in front of Tinyboard, you can // configure Tinyboard to PURGE files when they're written to. // $config['purge'] = array( // array('127.0.0.1', 80) // array('127.0.0.1', 80, 'example.org') // ); // Connection timeout for $config['purge'], in seconds. $config['purge_timeout'] = 3; // Additional mod.php?/ pages. Look in inc/mod/pages.php for help. // $config['mod']['custom_pages']['/something/(\d+)'] = function($id) { // global $config; // if (!hasPermission($config['mod']['something'])) // error($config['error']['noaccess']); // // ... // }; // Example: Add links to dashboard (will all be in a new "Other" category). // $config['mod']['dashboard_links']['Something'] = '?/something'; // Remote servers. I'm not even sure if this code works anymore. It might. Haven't tried it in a while. // $config['remote']['static'] = array( // 'host' => 'static.example.org', // 'auth' => array( // 'method' => 'plain', // 'username' => 'username', // 'password' => 'password!123' // ), // 'type' => 'scp' // ); // Regex for board URIs. Don't add "`" character or any Unicode that MySQL can't handle. 58 characters // is the absolute maximum, because MySQL cannot handle table names greater than 64 characters. $config['board_regex'] = '[0-9a-zA-Z$_\x{0080}-\x{FFFF}]{1,58}';