kashire
/
lainchan
4
0
Fork 0
Código Incidencias 0 Pull Requests 0 Lanzamientos 26 Wiki Actividad
The version of vichan running on lainchan.org
No puede seleccionar más de 25 temas Los temas deben comenzar con una letra o número, pueden incluir guiones ('-') y pueden tener hasta 35 caracteres de largo.
4229 Commits
3 Ramas
120MB
Rama: master
Ramas Etiquetas
${ item.name }
Crear rama ${ searchTerm }
desde 'master'
${ noResults }
lainchan/mod.php

mod.php 8.4KB
Original Enlace permanente Vista normal Histórico

created mod.php
hace 13 años
large cleanup
hace 12 años
Update copyright years.
hace 10 años
large cleanup
hace 12 años
optimization: we don`t need bans.php most of the time and bans.php has big dependencies
hace 9 años
large cleanup
hace 12 años
More $config['debug'] improvements to time-related stuff
hace 10 años
Public action logs commit (log.php) Note: In a previous commit, I began making inc/mod/auth.php more modular with the check_login() function. Including it does NOT check mod login by default anymore like it does on vichan. You have to call check_login(). I've finally included it in inc/functions.php. If you have any custom pages that use inc/mod/auth.php, just including functions.php is enough now. =================================== Also: backports 351375185e5 (early 404)
hace 9 años
Move login check in inc/mod/auth.php to a function This allows pages like create.php to not include inc/mod/pages.php while still being able to use the mod auth functions (like generating salts and passwords)
hace 9 años
large cleanup
hace 12 años
fix for boards containing + character; they were previously unaccessible in mod panel
hace 10 años
large cleanup
hace 12 años
Pass the thread ID when banning/deleting
hace 9 años
start on mod interface rewrite
hace 12 años
CSRF more mod pages
hace 10 años
various improvements
hace 12 años
CSRF more mod pages
hace 10 años
IP notes
hace 12 años
CSRF more mod pages
hace 10 años
a lot more improvements
hace 12 años
CSRF more mod pages
hace 10 años
Edit static pages commit
hace 9 años
a lot more improvements
hace 12 años
CSRF more mod pages
hace 10 años
promote/demote users, started on rebuild
hace 12 años
CSRF more mod pages
hace 10 años
Bring back search (searching posts not implemented yet)
hace 10 años
Fix some indent-formatting. Tab = 8 chars
hace 10 años
CSRF more mod pages
hace 10 años
new banlist implementation; also includes a public banlist
hace 9 años
CSRF more mod pages
hace 10 años
Recent posts functionality Conflicts: inc/config.php inc/mod/pages.php mod.php
hace 10 años
Add merge thread functionality as a moderator feature (shadow threading and leaving OP is not yet supported) and board filter to Recent Posts iinterface.
hace 7 años
Recent posts functionality Conflicts: inc/config.php inc/mod/pages.php mod.php
hace 10 años
CSRF more mod pages
hace 10 años
Add warning without ban, joke capcode support, SC editor support, home link support, table for calender theme / extension, removing boardalias duplicate citations in markup and other features
hace 6 años
Fix some indent-formatting. Tab = 8 chars
hace 10 años
Optionally allow the moving of single replies
hace 10 años
Add merge thread functionality as a moderator feature (shadow threading and leaving OP is not yet supported) and board filter to Recent Posts iinterface.
hace 7 años
Fix some indent-formatting. Tab = 8 chars
hace 10 años
Deprecate postControls(), per-file deletion and spoilering
hace 10 años
Fix some indent-formatting. Tab = 8 chars
hace 10 años
Cyclical threads ♺
hace 9 años
Fix some indent-formatting. Tab = 8 chars
hace 10 años
multiple improvements
hace 12 años
CSRF more mod pages
hace 10 años
themes
hace 11 años
CSRF more mod pages
hace 10 años
Config editort
hace 12 años
multiple improvements
hace 12 años
small change
hace 12 años
New debug mod page: ?/debug/recent (recent posts across all boards)
hace 11 años
?/debug/apc
hace 10 años
New debug page: ?/debug/sql
hace 11 años
large cleanup
hace 12 años
start on mod interface rewrite
hace 12 años
Allow Unicode in board URIs.
hace 10 años
Adds "noko50" (View Last 50 Posts) pages. (Broken Reply)
hace 10 años
small change
hace 12 años
support for slugified links; may introduce a few bugs
hace 9 años
start on mod interface rewrite
hace 12 años
a lot more improvements
hace 12 años
Don't always redirect to dashboard on login
hace 11 años
a lot more improvements
hace 12 años
small bug fixes
hace 12 años
small change
hace 12 años
a lot more improvements
hace 12 años
start on mod interface rewrite
hace 12 años
small change
hace 12 años
Bug fix: Error when using anonymous functions for mod pages
hace 11 años
CSRF protection
hace 11 años
Major config.php cleanup and a few minor misc fixes.
hace 10 años
Allow Unicode in board URIs.
hace 10 años
small change
hace 12 años
start on mod interface rewrite
hace 12 años
Major config.php cleanup and a few minor misc fixes.
hace 10 años
Bug fix: Error when using anonymous functions for mod pages
hace 11 años
CSRF protection
hace 11 años
start on mod interface rewrite
hace 12 años
More $config['debug'] improvements to time-related stuff
hace 10 años
large cleanup
hace 12 años
More $config['debug'] improvements to time-related stuff
hace 10 años
large cleanup
hace 12 años
a lot more improvements
hace 12 años
large cleanup
hace 12 años
a lot more improvements
hace 12 años
large cleanup
hace 12 años
start on mod interface rewrite
hace 12 años
created mod.php
hace 13 años
large cleanup
hace 12 años
Fixed issue #31 ("manage users" page not displaying as intended in Firefox and possibly other browsers)
hace 12 años
start on mod interface rewrite
hace 12 años
 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214 
  1. <?php

  2. 

  3. /*

  4.  *  Copyright (c) 2010-2014 Tinyboard Development Group

  5.  */

  6. 

  7. require_once 'inc/functions.php';

  8. 

  9. if ($config['debug'])

  10. 	$parse_start_time = microtime(true);

  11. 

  12. require_once 'inc/bans.php';

  13. require_once 'inc/mod/pages.php';

  14. 

  15. check_login(true);

  16. 

  17. $query = isset($_SERVER['QUERY_STRING']) ? rawurldecode($_SERVER['QUERY_STRING']) : '';

  18. 

  19. // If there's a thread parameter (eg, for returning to after enacting a ban)

  20. // drop it from the $query.

  21. if(isset($_GET['thread'])) {

  22.     $query = explode("&thread=", $query)[0];

  23. }

  24. 

  25. $pages = array(

  26. 	''					=> ':?/',			// redirect to dashboard

  27. 	'/'					=> 'dashboard',			// dashboard

  28. 	'/confirm/(.+)'				=> 'confirm',			// confirm action (if javascript didn't work)

  29. 	'/logout'				=> 'secure logout',		// logout

  30. 	

  31. 	'/users'				=> 'users',			// manage users

  32. 	'/users/(\d+)/(promote|demote)'		=> 'secure user_promote',	// prmote/demote user

  33. 	'/users/(\d+)'				=> 'secure_POST user',		// edit user

  34. 	'/users/new'				=> 'secure_POST user_new',	// create a new user

  35. 	

  36. 	'/new_PM/([^/]+)'			=> 'secure_POST new_pm',	// create a new pm

  37. 	'/PM/(\d+)(/reply)?'			=> 'pm',			// read a pm

  38. 	'/inbox'				=> 'inbox',			// pm inbox

  39. 	

  40. 	'/log'					=> 'log',			// modlog

  41. 	'/log/(\d+)'				=> 'log',			// modlog

  42. 	'/log:([^/:]+)'				=> 'user_log',			// modlog

  43. 	'/log:([^/:]+)/(\d+)'			=> 'user_log',			// modlog

  44. 	'/log:b:([^/]+)'			=> 'board_log',			// modlog

  45. 	'/log:b:([^/]+)/(\d+)'			=> 'board_log',			// modlog

  46. 

  47. 	'/edit_news'				=> 'secure_POST news',		// view news

  48. 	'/edit_news/(\d+)'			=> 'secure_POST news',		// view news

  49. 	'/edit_news/delete/(\d+)'		=> 'secure news_delete',	// delete from news

  50. 

  51. 	'/edit_pages(?:/?(\%b)?)'		=> 'secure_POST pages',

  52. 	'/edit_page/(\d+)'			=> 'secure_POST edit_page',

  53. 	'/edit_pages/delete/([a-z0-9]+)'	=> 'secure delete_page',

  54. 	'/edit_pages/delete/([a-z0-9]+)/(\%b)'	=> 'secure delete_page_board',

  55. 	

  56. 	'/noticeboard'				=> 'secure_POST noticeboard',	// view noticeboard

  57. 	'/noticeboard/(\d+)'			=> 'secure_POST noticeboard',	// view noticeboard

  58. 	'/noticeboard/delete/(\d+)'		=> 'secure noticeboard_delete',	// delete from noticeboard

  59. 	

  60. 	'/edit/(\%b)'				=> 'secure_POST edit_board',	// edit board details

  61. 	'/new-board'				=> 'secure_POST new_board',	// create a new board

  62. 	

  63. 	'/rebuild'				=> 'secure_POST rebuild',	// rebuild static files

  64. 	'/reports'				=> 'reports',			// report queue

  65. 	'/reports/(\d+)/dismiss(all)?'		=> 'secure report_dismiss',	// dismiss a report

  66. 	

  67. 	'/IP/([\w.:]+)'				=> 'secure_POST ip',		// view ip address

  68. 	'/IP/([\w.:]+)/remove_note/(\d+)'	=> 'secure ip_remove_note',	// remove note from ip address

  69. 	

  70. 	'/ban'					=> 'secure_POST ban',		// new ban

  71. 	'/bans'					=> 'secure_POST bans',		// ban list

  72. 	'/bans.json'				=> 'secure bans_json',		// ban list JSON

  73. 	'/ban-appeals'				=> 'secure_POST ban_appeals',	// view ban appeals

  74. 	

  75. 	'/recent/(\d+)'				=> 'recent_posts',		// view recent posts

  76. 	'/recent/(\d+)/([\w,]+?)'				=> 'recent_posts',		// view recent posts

  77. 	'/recent/(\d+)/([\w,]+?)/(json)?'			=> 'recent_posts',		// view recent posts JSON

  78. 

  79. 	'/search'				=> 'search_redirect',		// search

  80. 	'/search/(posts|IP_notes|bans|log)/(.+)/(\d+)'	=> 'search',		// search

  81. 	'/search/(posts|IP_notes|bans|log)/(.+)'	=> 'search',		// search

  82. 

  83. 	'/(\%b)/warning/(\d+)'		        => 'secure_POST warning_post', 	// warn poster

  84. 	'/(\%b)/ban(&delete)?/(\d+)'		=> 'secure_POST ban_post', 	// ban poster

  85. 	'/(\%b)/move/(\d+)'			=> 'secure_POST move',		// move thread

  86. 	'/(\%b)/move_reply/(\d+)'			=> 'secure_POST move_reply',		// move reply

  87. 	'/(\%b)/merge/(\d+)'			=> 'secure_POST merge',		// merge thread

  88. 	'/(\%b)/edit(_raw)?/(\d+)'		=> 'secure_POST edit_post',	// edit post

  89. 	'/(\%b)/delete/(\d+)'			=> 'secure delete',		// delete post

  90. 	'/(\%b)/deletefile/(\d+)/(\d+)'		=> 'secure deletefile',		// delete file from post

  91. 	'/(\%b+)/spoiler/(\d+)/(\d+)'			=> 'secure spoiler_image',	// spoiler file

  92. 	'/(\%b)/deletebyip/(\d+)(/global)?'	=> 'secure deletebyip',		// delete all posts by IP address

  93. 	'/(\%b)/(un)?lock/(\d+)'		=> 'secure lock',		// lock thread

  94. 	'/(\%b)/(un)?sticky/(\d+)'		=> 'secure sticky',		// sticky thread

  95. 	'/(\%b)/(un)?cycle/(\d+)'                         => 'secure cycle',          // cycle thread

  96. 	'/(\%b)/bump(un)?lock/(\d+)'		=> 'secure bumplock',		// "bumplock" thread

  97. 	

  98. 	'/themes'				=> 'themes_list',		// manage themes

  99. 	'/themes/(\w+)'				=> 'secure_POST theme_configure',		// configure/reconfigure theme

  100. 	'/themes/(\w+)/rebuild'			=> 'secure theme_rebuild',		// rebuild theme

  101. 	'/themes/(\w+)/uninstall'		=> 'secure theme_uninstall',		// uninstall theme

  102. 	

  103. 	'/config'				=> 'secure_POST config',	// config editor

  104. 	'/config/(\%b)'				=> 'secure_POST config',	// config editor

  105. 	

  106. 	// these pages aren't listed in the dashboard without $config['debug']

  107. 	'/debug/antispam'			=> 'debug_antispam',

  108. 	'/debug/recent'				=> 'debug_recent_posts',

  109. 	'/debug/apc'				=> 'debug_apc',

  110. 	'/debug/sql'				=> 'secure_POST debug_sql',

  111. 	

  112. 	// This should always be at the end:

  113. 	'/(\%b)/'										=> 'view_board',

  114. 	'/(\%b)/' . preg_quote($config['file_index'], '!')					=> 'view_board',

  115. 	'/(\%b)/' . str_replace('%d', '(\d+)', preg_quote($config['file_page'], '!'))		=> 'view_board',

  116. 	'/(\%b)/' . preg_quote($config['dir']['res'], '!') .

  117. 			str_replace('%d', '(\d+)', preg_quote($config['file_page50'], '!'))	=> 'view_thread50',

  118. 	'/(\%b)/' . preg_quote($config['dir']['res'], '!') .

  119. 			str_replace('%d', '(\d+)', preg_quote($config['file_page'], '!'))	=> 'view_thread',

  120. 

  121. 	'/(\%b)/' . preg_quote($config['dir']['res'], '!') .

  122. 			str_replace(array('%d','%s'), array('(\d+)', '[a-z0-9-]+'), preg_quote($config['file_page50_slug'], '!'))	=> 'view_thread50',

  123. 	'/(\%b)/' . preg_quote($config['dir']['res'], '!') .

  124. 			str_replace(array('%d','%s'), array('(\d+)', '[a-z0-9-]+'), preg_quote($config['file_page_slug'], '!'))	=> 'view_thread',

  125. );

  126. 

  127. 

  128. if (!$mod) {

  129. 	$pages = array('!^(.+)?$!' => 'login');

  130. } elseif (isset($_GET['status'], $_GET['r'])) {

  131. 	header('Location: ' . $_GET['r'], true, (int)$_GET['status']);

  132. 	exit;

  133. }

  134. 

  135. if (isset($config['mod']['custom_pages'])) {

  136. 	$pages = array_merge($pages, $config['mod']['custom_pages']);

  137. }

  138. 

  139. $new_pages = array();

  140. foreach ($pages as $key => $callback) {

  141. 	if (is_string($callback) && preg_match('/^secure /', $callback))

  142. 		$key .= '(/(?P<token>[a-f0-9]{8}))?';

  143. 	$key = str_replace('\%b', '?P<board>' . sprintf(substr($config['board_path'], 0, -1), $config['board_regex']), $key);

  144. 	$new_pages[@$key[0] == '!' ? $key : '!^' . $key . '(?:&[^&=]+=[^&]*)*$!u'] = $callback;

  145. }

  146. $pages = $new_pages;

  147. 

  148. foreach ($pages as $uri => $handler) {

  149. 	if (preg_match($uri, $query, $matches)) {

  150. 		$matches = array_slice($matches, 1);

  151. 		

  152. 		if (isset($matches['board'])) {

  153. 			$board_match = $matches['board'];

  154. 			unset($matches['board']);

  155. 			$key = array_search($board_match, $matches);

  156. 			if (preg_match('/^' . sprintf(substr($config['board_path'], 0, -1), '(' . $config['board_regex'] . ')') . '$/u', $matches[$key], $board_match)) {

  157. 				$matches[$key] = $board_match[1];

  158. 			}

  159. 		}

  160. 		

  161. 		if (is_string($handler) && preg_match('/^secure(_POST)? /', $handler, $m)) {

  162. 			$secure_post_only = isset($m[1]);

  163. 			if (!$secure_post_only || $_SERVER['REQUEST_METHOD'] == 'POST') {

  164. 				$token = isset($matches['token']) ? $matches['token'] : (isset($_POST['token']) ? $_POST['token'] : false);

  165. 				

  166. 				if ($token === false) {

  167. 					if ($secure_post_only)

  168. 						error($config['error']['csrf']);

  169. 					else {

  170. 						mod_confirm(substr($query, 1));

  171. 						exit;

  172. 					}

  173. 				}

  174. 			

  175. 				// CSRF-protected page; validate security token

  176. 				$actual_query = preg_replace('!/([a-f0-9]{8})$!', '', $query);

  177. 				if ($token != make_secure_link_token(substr($actual_query, 1))) {

  178. 					error($config['error']['csrf']);

  179. 				}

  180. 			}

  181. 			$handler = preg_replace('/^secure(_POST)? /', '', $handler);

  182. 		}

  183. 		

  184. 		if ($config['debug']) {

  185. 			$debug['mod_page'] = array(

  186. 				'req' => $query,

  187. 				'match' => $uri,

  188. 				'handler' => $handler,

  189. 			);

  190. 			$debug['time']['parse_mod_req'] = '~' . round((microtime(true) - $parse_start_time) * 1000, 2) . 'ms';

  191. 		}

  192. 		

  193. 		if (is_string($handler)) {

  194. 			if ($handler[0] == ':') {

  195. 				header('Location: ' . substr($handler, 1),  true, $config['redirect_http']);

  196. 			} elseif (is_callable("mod_page_$handler")) {

  197. 				call_user_func_array("mod_page_$handler", $matches);

  198. 			} elseif (is_callable("mod_$handler")) {

  199. 				call_user_func_array("mod_$handler", $matches);

  200. 			} else {

  201. 				error("Mod page '$handler' not found!");

  202. 			}

  203. 		} elseif (is_callable($handler)) {

  204. 			call_user_func_array($handler, $matches);

  205. 		} else {

  206. 			error("Mod page '$handler' not a string, and not callable!");

  207. 		}

  208. 		

  209. 		exit;

  210. 	}

  211. }

  212. 

  213. error($config['error']['404']);

  214.