@@ -4,7 +4,7 @@ | |||
* Copyright (c) 2010-2012 Tinyboard Development Group | |||
*/ | |||
if(realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) { | |||
if (realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) { | |||
// You cannot request this file directly. | |||
exit; | |||
} | |||
@@ -16,9 +16,9 @@ class AntiBot { | |||
public static function randomString($length, $uppercase = false, $special_chars = false) { | |||
$chars = 'abcdefghijklmnopqrstuvwxyz0123456789'; | |||
if($uppercase) | |||
if ($uppercase) | |||
$chars .= 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'; | |||
if($special_chars) | |||
if ($special_chars) | |||
$chars .= ' ~!@#$%^&*()_+,./;\'[]\\{}|:"<>?=-` '; | |||
$chars = str_split($chars); | |||
@@ -26,15 +26,15 @@ class AntiBot { | |||
$ch = array(); | |||
// fill up $ch until we reach $length | |||
while(count($ch) < $length) { | |||
while (count($ch) < $length) { | |||
$n = $length - count($ch); | |||
$keys = array_rand($chars, $n > count($chars) ? count($chars) : $n); | |||
if($n == 1) { | |||
if ($n == 1) { | |||
$ch[] = $chars[$keys]; | |||
break; | |||
} | |||
shuffle($keys); | |||
foreach($keys as $key) | |||
foreach ($keys as $key) | |||
$ch[] = $chars[$key]; | |||
} | |||
@@ -46,8 +46,8 @@ class AntiBot { | |||
public static function make_confusing($string) { | |||
$chars = str_split($string); | |||
foreach($chars as &$c) { | |||
if(rand(0, 2) != 0) | |||
foreach ($chars as &$c) { | |||
if (rand(0, 2) != 0) | |||
continue; | |||
$c = mb_encode_numericentity($c, array(0, 0xffff, 0, 0xffff), 'UTF-8'); | |||
} | |||
@@ -58,7 +58,7 @@ class AntiBot { | |||
public function __construct(array $salt = array()) { | |||
global $config; | |||
if(!empty($salt)) { | |||
if (!empty($salt)) { | |||
// create a salted hash of the "extra salt" | |||
$this->salt = implode(':', $salt); | |||
} else { | |||
@@ -70,21 +70,21 @@ class AntiBot { | |||
$input_count = rand($config['spam']['hidden_inputs_min'], $config['spam']['hidden_inputs_max']); | |||
$hidden_input_names_x = 0; | |||
for($x = 0; $x < $input_count ; $x++) { | |||
if($hidden_input_names_x === false || rand(0, 2) == 0) { | |||
for ($x = 0; $x < $input_count ; $x++) { | |||
if ($hidden_input_names_x === false || rand(0, 2) == 0) { | |||
// Use an obscure name | |||
$name = $this->randomString(rand(10, 40)); | |||
} else { | |||
// Use a pre-defined confusing name | |||
$name = $config['spam']['hidden_input_names'][$hidden_input_names_x++]; | |||
if($hidden_input_names_x >= count($config['spam']['hidden_input_names'])) | |||
if ($hidden_input_names_x >= count($config['spam']['hidden_input_names'])) | |||
$hidden_input_names_x = false; | |||
} | |||
if(rand(0, 2) == 0) { | |||
if (rand(0, 2) == 0) { | |||
// Value must be null | |||
$this->inputs[$name] = ''; | |||
} elseif(rand(0, 4) == 0) { | |||
} elseif (rand(0, 4) == 0) { | |||
// Numeric value | |||
$this->inputs[$name] = (string)rand(0, 100); | |||
} else { | |||
@@ -111,11 +111,11 @@ class AntiBot { | |||
$html = ''; | |||
if($count === false) { | |||
if ($count === false) { | |||
$count = rand(1, count($this->inputs) / 15); | |||
} | |||
if($count === true) { | |||
if ($count === true) { | |||
// all elements | |||
$inputs = array_slice($this->inputs, $this->index); | |||
} else { | |||
@@ -123,11 +123,11 @@ class AntiBot { | |||
} | |||
$this->index += count($inputs); | |||
foreach($inputs as $name => $value) { | |||
foreach ($inputs as $name => $value) { | |||
$element = false; | |||
while(!$element) { | |||
while (!$element) { | |||
$element = $elements[array_rand($elements)]; | |||
if(strpos($element, 'textarea') !== false && $value == '') { | |||
if (strpos($element, 'textarea') !== false && $value == '') { | |||
// There have been some issues with mobile web browsers and empty <textarea>'s. | |||
$element = false; | |||
} | |||
@@ -135,12 +135,12 @@ class AntiBot { | |||
$element = str_replace('%name%', utf8tohtml($name), $element); | |||
if(rand(0, 2) == 0) | |||
if (rand(0, 2) == 0) | |||
$value = $this->make_confusing($value); | |||
else | |||
$value = utf8tohtml($value); | |||
if(strpos($element, 'textarea') === false) | |||
if (strpos($element, 'textarea') === false) | |||
$value = str_replace('"', '"', $value); | |||
$element = str_replace('%value%', $value, $element); | |||
@@ -161,7 +161,7 @@ class AntiBot { | |||
$hash = ''; | |||
// Iterate through each input | |||
foreach($inputs as $name => $value) { | |||
foreach ($inputs as $name => $value) { | |||
$hash .= $name . '=' . $value; | |||
} | |||
// Add a salt to the hash | |||
@@ -179,13 +179,13 @@ function _create_antibot($board, $thread) { | |||
query('DELETE FROM `antispam` WHERE `expires` < UNIX_TIMESTAMP()') or error(db_error()); | |||
if($thread) | |||
if ($thread) | |||
$query = prepare('UPDATE `antispam` SET `expires` = UNIX_TIMESTAMP() + :expires WHERE `board` = :board AND `thread` = :thread'); | |||
else | |||
$query = prepare('UPDATE `antispam` SET `expires` = UNIX_TIMESTAMP() + :expires WHERE `board` = :board AND `thread` IS NULL'); | |||
$query->bindValue(':board', $board); | |||
if($thread) | |||
if ($thread) | |||
$query->bindValue(':thread', $thread); | |||
$query->bindValue(':expires', $config['spam']['hidden_inputs_expire']); | |||
$query->execute() or error(db_error($query)); | |||
@@ -196,7 +196,7 @@ function _create_antibot($board, $thread) { | |||
$query->bindValue(':hash', $antibot->hash()); | |||
$query->execute() or error(db_error($query)); | |||
if($query->rowCount() == 0) { | |||
if ($query->rowCount() == 0) { | |||
// there was no database entry for this hash. most likely expired. | |||
return true; | |||
} | |||
@@ -207,12 +207,12 @@ function _create_antibot($board, $thread) { | |||
function checkSpam(array $extra_salt = array()) { | |||
global $config, $pdo; | |||
if(!isset($_POST['hash'])) | |||
if (!isset($_POST['hash'])) | |||
return true; | |||
$hash = $_POST['hash']; | |||
if(!empty($extra_salt)) { | |||
if (!empty($extra_salt)) { | |||
// create a salted hash of the "extra salt" | |||
$extra_salt = implode(':', $extra_salt); | |||
} else { | |||
@@ -222,8 +222,8 @@ function checkSpam(array $extra_salt = array()) { | |||
// Reconsturct the $inputs array | |||
$inputs = array(); | |||
foreach($_POST as $name => $value) { | |||
if(in_array($name, $config['spam']['valid_inputs'])) | |||
foreach ($_POST as $name => $value) { | |||
if (in_array($name, $config['spam']['valid_inputs'])) | |||
continue; | |||
$inputs[$name] = $value; | |||
@@ -235,7 +235,7 @@ function checkSpam(array $extra_salt = array()) { | |||
$_hash = ''; | |||
// Iterate through each input | |||
foreach($inputs as $name => $value) { | |||
foreach ($inputs as $name => $value) { | |||
$_hash .= $name . '=' . $value; | |||
} | |||
@@ -245,13 +245,13 @@ function checkSpam(array $extra_salt = array()) { | |||
// Use SHA1 for the hash | |||
$_hash = sha1($_hash . $extra_salt); | |||
if($hash != $_hash) | |||
if ($hash != $_hash) | |||
return true; | |||
$query = prepare('UPDATE `antispam` SET `passed` = `passed` + 1 WHERE `hash` = CRC32(:hash)'); | |||
$query->bindValue(':hash', $hash); | |||
$query->execute() or error(db_error($query)); | |||
if($query->rowCount() == 0) { | |||
if ($query->rowCount() == 0) { | |||
// there was no database entry for this hash. most likely expired. | |||
return true; | |||
} | |||
@@ -261,7 +261,7 @@ function checkSpam(array $extra_salt = array()) { | |||
$query->execute() or error(db_error($query)); | |||
$passed = $query->fetchColumn(0); | |||
if($passed > $config['spam']['hidden_inputs_max_pass']) | |||
if ($passed > $config['spam']['hidden_inputs_max_pass']) | |||
return true; | |||
return false; | |||
@@ -4,7 +4,7 @@ | |||
* Copyright (c) 2010-2012 Tinyboard Development Group | |||
*/ | |||
if(realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) { | |||
if (realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) { | |||
// You cannot request this file directly. | |||
exit; | |||
} | |||
@@ -14,7 +14,7 @@ class Cache { | |||
public static function init() { | |||
global $config; | |||
switch($config['cache']['enabled']) { | |||
switch ($config['cache']['enabled']) { | |||
case 'memcached': | |||
self::$cache = new Memcached(); | |||
self::$cache->addServers($config['cache']['memcached']); | |||
@@ -30,9 +30,9 @@ class Cache { | |||
$key = $config['cache']['prefix'] . $key; | |||
$data = false; | |||
switch($config['cache']['enabled']) { | |||
switch ($config['cache']['enabled']) { | |||
case 'memcached': | |||
if(!self::$cache) | |||
if (!self::$cache) | |||
self::init(); | |||
$data = self::$cache->get($key); | |||
break; | |||
@@ -48,7 +48,7 @@ class Cache { | |||
} | |||
// debug | |||
if($data && $config['debug']) { | |||
if ($data && $config['debug']) { | |||
$debug['cached'][] = $key; | |||
} | |||
@@ -59,12 +59,12 @@ class Cache { | |||
$key = $config['cache']['prefix'] . $key; | |||
if(!$expires) | |||
if (!$expires) | |||
$expires = $config['cache']['timeout']; | |||
switch($config['cache']['enabled']) { | |||
switch ($config['cache']['enabled']) { | |||
case 'memcached': | |||
if(!self::$cache) | |||
if (!self::$cache) | |||
self::init(); | |||
self::$cache->set($key, $value, $expires); | |||
break; | |||
@@ -84,9 +84,9 @@ class Cache { | |||
$key = $config['cache']['prefix'] . $key; | |||
switch($config['cache']['enabled']) { | |||
switch ($config['cache']['enabled']) { | |||
case 'memcached': | |||
if(!self::$cache) | |||
if (!self::$cache) | |||
self::init(); | |||
self::$cache->delete($key); | |||
break; | |||
@@ -104,9 +104,9 @@ class Cache { | |||
public static function flush() { | |||
global $config; | |||
switch($config['cache']['enabled']) { | |||
switch ($config['cache']['enabled']) { | |||
case 'memcached': | |||
if(!self::$cache) | |||
if (!self::$cache) | |||
self::init(); | |||
return self::$cache->flush(); | |||
case 'apc': | |||
@@ -156,11 +156,11 @@ | |||
// $octets = explode('.', $ip); | |||
// | |||
// // days since last activity | |||
// if($octets[1] > 14) | |||
// if ($octets[1] > 14) | |||
// return false; | |||
// | |||
// // "threat score" (http://www.projecthoneypot.org/threat_info.php) | |||
// if($octets[2] < 5) | |||
// if ($octets[2] < 5) | |||
// return false; | |||
// | |||
// return true; | |||
@@ -696,7 +696,7 @@ | |||
// The root directory, including the trailing slash, for Tinyboard. | |||
// examples: '/', 'http://boards.chan.org/', '/chan/' | |||
if(isset($_SERVER['REQUEST_URI'])) | |||
if (isset($_SERVER['REQUEST_URI'])) | |||
$config['root'] = (str_replace('\\', '/', dirname($_SERVER['REQUEST_URI'])) == '/' ? '/' : str_replace('\\', '/', dirname($_SERVER['REQUEST_URI'])) . '/'); | |||
else | |||
$config['root'] = '/'; // CLI mode | |||
@@ -855,7 +855,7 @@ | |||
$config['mod']['snippet_length'] = 75; | |||
// Probably best not to change these: | |||
if(!defined('JANITOR')) { | |||
if (!defined('JANITOR')) { | |||
define('JANITOR', 0, true); | |||
define('MOD', 1, true); | |||
define('ADMIN', 2, true); | |||
@@ -4,7 +4,7 @@ | |||
* Copyright (c) 2010-2012 Tinyboard Development Group | |||
*/ | |||
if(realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) { | |||
if (realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) { | |||
// You cannot request this file directly. | |||
exit; | |||
} | |||
@@ -21,13 +21,13 @@ class PreparedQueryDebug { | |||
public function __call($function, $args) { | |||
global $config, $debug; | |||
if($config['debug'] && $function == 'execute') { | |||
if ($config['debug'] && $function == 'execute') { | |||
$start = microtime(true); | |||
} | |||
$return = call_user_func_array(array($this->query, $function), $args); | |||
if($config['debug'] && $function == 'execute') { | |||
if ($config['debug'] && $function == 'execute') { | |||
$time = round((microtime(true) - $start) * 1000, 2) . 'ms'; | |||
$debug['sql'][] = Array( | |||
@@ -43,15 +43,15 @@ class PreparedQueryDebug { | |||
function sql_open() { | |||
global $pdo, $config; | |||
if($pdo) return true; | |||
if ($pdo) return true; | |||
$dsn = $config['db']['type'] . ':host=' . $config['db']['server'] . ';dbname=' . $config['db']['database']; | |||
if(!empty($config['db']['dsn'])) | |||
if (!empty($config['db']['dsn'])) | |||
$dsn .= ';' . $config['db']['dsn']; | |||
try { | |||
$options = Array(PDO::ATTR_TIMEOUT => $config['db']['timeout']); | |||
$options = Array(PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8'); | |||
if($config['db']['persistent']) | |||
if ($config['db']['persistent']) | |||
$options[PDO::ATTR_PERSISTENT] = true; | |||
return $pdo = new PDO($dsn, $config['db']['user'], $config['db']['password'], $options); | |||
} catch(PDOException $e) { | |||
@@ -71,7 +71,7 @@ function prepare($query) { | |||
sql_open(); | |||
if($config['debug']) | |||
if ($config['debug']) | |||
return new PreparedQueryDebug($query); | |||
return $pdo->prepare($query); | |||
} | |||
@@ -81,10 +81,10 @@ function query($query) { | |||
sql_open(); | |||
if($config['debug']) { | |||
if ($config['debug']) { | |||
$start = microtime(true); | |||
$query = $pdo->query($query); | |||
if(!$query) | |||
if (!$query) | |||
return false; | |||
$time = round((microtime(true) - $start) * 1000, 2) . 'ms'; | |||
$debug['sql'][] = Array( | |||
@@ -100,7 +100,7 @@ function query($query) { | |||
function db_error($PDOStatement=null) { | |||
global $pdo; | |||
if(isset($PDOStatement)) { | |||
if (isset($PDOStatement)) { | |||
$err = $PDOStatement->errorInfo(); | |||
return $err[2]; | |||
} else { | |||
@@ -4,7 +4,7 @@ | |||
* Copyright (c) 2010-2012 Tinyboard Development Group | |||
*/ | |||
if(realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) { | |||
if (realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) { | |||
// You cannot request this file directly. | |||
exit; | |||
} | |||
@@ -23,11 +23,11 @@ function doBoardListPart($list, $root) { | |||
global $config; | |||
$body = ''; | |||
foreach($list as $board) { | |||
if(is_array($board)) | |||
foreach ($list as $board) { | |||
if (is_array($board)) | |||
$body .= ' [' . doBoardListPart($board, $root) . '] '; | |||
else { | |||
if(($key = array_search($board, $list)) && gettype($key) == 'string') { | |||
if (($key = array_search($board, $list)) && gettype($key) == 'string') { | |||
$body .= ' <a href="' . $board . '">' . $key . '</a> /'; | |||
} else { | |||
$body .= ' <a href="' . $root . $board . '/' . $config['file_index'] . '">' . $board . '</a> /'; | |||
@@ -42,10 +42,10 @@ function doBoardListPart($list, $root) { | |||
function createBoardlist($mod=false) { | |||
global $config; | |||
if(!isset($config['boards'])) return Array('top'=>'','bottom'=>''); | |||
if (!isset($config['boards'])) return Array('top'=>'','bottom'=>''); | |||
$body = doBoardListPart($config['boards'], $mod?'?/':$config['root']); | |||
if(!preg_match('/\] $/', $body)) | |||
if (!preg_match('/\] $/', $body)) | |||
$body = '[' . $body . ']'; | |||
$body = trim($body); | |||
@@ -59,12 +59,12 @@ function createBoardlist($mod=false) { | |||
function error($message, $priority = true) { | |||
global $board, $mod, $config; | |||
if($config['syslog'] && $priority !== false) { | |||
if ($config['syslog'] && $priority !== false) { | |||
// Use LOG_NOTICE instead of LOG_ERR or LOG_WARNING because most error message are not significant. | |||
_syslog($priority !== true ? $priority : LOG_NOTICE, $message); | |||
} | |||
if(defined('STDIN')) { | |||
if (defined('STDIN')) { | |||
// Running from CLI | |||
die('Error: ' . $message . "\n"); | |||
} | |||
@@ -103,7 +103,7 @@ function loginForm($error=false, $username=false, $redirect=false) { | |||
function pm_snippet($body, $len=null) { | |||
global $config; | |||
if(!isset($len)) | |||
if (!isset($len)) | |||
$len = &$config['mod']['snippet_length']; | |||
// Replace line breaks with some whitespace | |||
@@ -127,16 +127,16 @@ function pm_snippet($body, $len=null) { | |||
function capcode($cap) { | |||
global $config; | |||
if(!$cap) | |||
if (!$cap) | |||
return false; | |||
$capcode = Array(); | |||
if(isset($config['custom_capcode'][$cap])) { | |||
if(is_array($config['custom_capcode'][$cap])) { | |||
if (isset($config['custom_capcode'][$cap])) { | |||
if (is_array($config['custom_capcode'][$cap])) { | |||
$capcode['cap'] = sprintf($config['custom_capcode'][$cap][0], $cap); | |||
if(isset($config['custom_capcode'][$cap][1])) | |||
if (isset($config['custom_capcode'][$cap][1])) | |||
$capcode['name'] = $config['custom_capcode'][$cap][1]; | |||
if(isset($config['custom_capcode'][$cap][2])) | |||
if (isset($config['custom_capcode'][$cap][2])) | |||
$capcode['trip'] = $config['custom_capcode'][$cap][2]; | |||
} else { | |||
$capcode['cap'] = sprintf($config['custom_capcode'][$cap], $cap); | |||
@@ -151,38 +151,38 @@ function capcode($cap) { | |||
function truncate($body, $url, $max_lines = false, $max_chars = false) { | |||
global $config; | |||
if($max_lines === false) | |||
if ($max_lines === false) | |||
$max_lines = $config['body_truncate']; | |||
if($max_chars === false) | |||
if ($max_chars === false) | |||
$max_chars = $config['body_truncate_char']; | |||
$original_body = $body; | |||
$lines = substr_count($body, '<br/>'); | |||
// Limit line count | |||
if($lines > $max_lines) { | |||
if(preg_match('/(((.*?)<br\/>){' . $max_lines . '})/', $body, $m)) | |||
if ($lines > $max_lines) { | |||
if (preg_match('/(((.*?)<br\/>){' . $max_lines . '})/', $body, $m)) | |||
$body = $m[0]; | |||
} | |||
$body = substr($body, 0, $max_chars); | |||
if($body != $original_body) { | |||
if ($body != $original_body) { | |||
// Remove any corrupt tags at the end | |||
$body = preg_replace('/<([\w]+)?([^>]*)?$/', '', $body); | |||
// Open tags | |||
if(preg_match_all('/<([\w]+)[^>]*>/', $body, $open_tags)) { | |||
if (preg_match_all('/<([\w]+)[^>]*>/', $body, $open_tags)) { | |||
$tags = Array(); | |||
for($x=0;$x<count($open_tags[0]);$x++) { | |||
if(!preg_match('/\/(\s+)?>$/', $open_tags[0][$x])) | |||
for ($x=0;$x<count($open_tags[0]);$x++) { | |||
if (!preg_match('/\/(\s+)?>$/', $open_tags[0][$x])) | |||
$tags[] = $open_tags[1][$x]; | |||
} | |||
// List successfully closed tags | |||
if(preg_match_all('/(<\/([\w]+))>/', $body, $closed_tags)) { | |||
for($x=0;$x<count($closed_tags[0]);$x++) { | |||
if (preg_match_all('/(<\/([\w]+))>/', $body, $closed_tags)) { | |||
for ($x=0;$x<count($closed_tags[0]);$x++) { | |||
unset($tags[array_search($closed_tags[2][$x], $tags)]); | |||
} | |||
} | |||
@@ -191,7 +191,7 @@ function truncate($body, $url, $max_lines = false, $max_chars = false) { | |||
$body = preg_replace('/&[^;]+$/', '', $body); | |||
// Close any open tags | |||
foreach($tags as &$tag) { | |||
foreach ($tags as &$tag) { | |||
$body .= "</{$tag}>"; | |||
} | |||
} else { | |||
@@ -207,8 +207,8 @@ function truncate($body, $url, $max_lines = false, $max_chars = false) { | |||
function confirmLink($text, $title, $confirm, $href) { | |||
global $config, $mod; | |||
if($config['mod']['server-side_confirm']) | |||
return '<a onclick="if(confirm(\'' . htmlentities(addslashes($confirm)) . '\')) document.location=\'?/' . htmlentities(addslashes($href)) . '\';return false;" title="' . htmlentities($title) . '" href="?/confirm/' . $href . '">' . $text . '</a>'; | |||
if ($config['mod']['server-side_confirm']) | |||
return '<a onclick="if (confirm(\'' . htmlentities(addslashes($confirm)) . '\')) document.location=\'?/' . htmlentities(addslashes($href)) . '\';return false;" title="' . htmlentities($title) . '" href="?/confirm/' . $href . '">' . $text . '</a>'; | |||
else | |||
return '<a onclick="return confirm(\'' . htmlentities(addslashes($confirm)) . '\')" title="' . htmlentities($title) . '" href="?/' . $href . '">' . $text . '</a>'; | |||
} | |||
@@ -216,7 +216,7 @@ function confirmLink($text, $title, $confirm, $href) { | |||
class Post { | |||
public function __construct($id, $thread, $subject, $email, $name, $trip, $capcode, $body, $time, $thumb, $thumbx, $thumby, $file, $filex, $filey, $filesize, $filename, $ip, $embed, $root=null, $mod=false) { | |||
global $config; | |||
if(!isset($root)) | |||
if (!isset($root)) | |||
$root = &$config['root']; | |||
$this->id = $id; | |||
@@ -241,7 +241,7 @@ class Post { | |||
$this->root = $root; | |||
$this->mod = $mod; | |||
if($this->mod) | |||
if ($this->mod) | |||
// Fix internal links | |||
// Very complicated regex | |||
$this->body = preg_replace( | |||
@@ -259,38 +259,38 @@ class Post { | |||
global $board, $config; | |||
$built = ''; | |||
if($this->mod) { | |||
if ($this->mod) { | |||
// Mod controls (on posts) | |||
// Delete | |||
if(hasPermission($config['mod']['delete'], $board['uri'], $this->mod)) | |||
if (hasPermission($config['mod']['delete'], $board['uri'], $this->mod)) | |||
$built .= ' ' . confirmLink($config['mod']['link_delete'], 'Delete', 'Are you sure you want to delete this?', $board['uri'] . '/delete/' . $this->id); | |||
// Delete all posts by IP | |||
if(hasPermission($config['mod']['deletebyip'], $board['uri'], $this->mod)) | |||
if (hasPermission($config['mod']['deletebyip'], $board['uri'], $this->mod)) | |||
$built .= ' ' . confirmLink($config['mod']['link_deletebyip'], 'Delete all posts by IP', 'Are you sure you want to delete all posts by this IP address?', $board['uri'] . '/deletebyip/' . $this->id); | |||
// Delete all posts by IP (global) | |||
if(hasPermission($config['mod']['deletebyip_global'], $board['uri'], $this->mod)) | |||
if (hasPermission($config['mod']['deletebyip_global'], $board['uri'], $this->mod)) | |||
$built .= ' ' . confirmLink($config['mod']['link_deletebyip_global'], 'Delete all posts by IP across all boards', 'Are you sure you want to delete all posts by this IP address, across all boards?', $board['uri'] . '/deletebyip/' . $this->id . '/global'); | |||
// Ban | |||
if(hasPermission($config['mod']['ban'], $board['uri'], $this->mod)) | |||
if (hasPermission($config['mod']['ban'], $board['uri'], $this->mod)) | |||
$built .= ' <a title="Ban" href="?/' . $board['uri'] . '/ban/' . $this->id . '">' . $config['mod']['link_ban'] . '</a>'; | |||
// Ban & Delete | |||
if(hasPermission($config['mod']['bandelete'], $board['uri'], $this->mod)) | |||
if (hasPermission($config['mod']['bandelete'], $board['uri'], $this->mod)) | |||
$built .= ' <a title="Ban & Delete" href="?/' . $board['uri'] . '/ban&delete/' . $this->id . '">' . $config['mod']['link_bandelete'] . '</a>'; | |||
// Delete file (keep post) | |||
if(!empty($this->file) && hasPermission($config['mod']['deletefile'], $board['uri'], $this->mod)) | |||
if (!empty($this->file) && hasPermission($config['mod']['deletefile'], $board['uri'], $this->mod)) | |||
$built .= ' <a title="Remove file" href="?/' . $board['uri'] . '/deletefile/' . $this->id . '">' . $config['mod']['link_deletefile'] . '</a>'; | |||
// Edit post | |||
if(hasPermission($config['mod']['editpost'], $board['uri'], $this->mod)) | |||
if (hasPermission($config['mod']['editpost'], $board['uri'], $this->mod)) | |||
$built .= ' <a title="Edit post" href="?/' . $board['uri'] . '/edit/' . $this->id . '">' . $config['mod']['link_editpost'] . '</a>'; | |||
if(!empty($built)) | |||
if (!empty($built)) | |||
$built = '<span class="controls">' . $built . '</span>'; | |||
} | |||
return $built; | |||
@@ -306,7 +306,7 @@ class Post { | |||
class Thread { | |||
public function __construct($id, $subject, $email, $name, $trip, $capcode, $body, $time, $thumb, $thumbx, $thumby, $file, $filex, $filey, $filesize, $filename, $ip, $sticky, $locked, $bumplocked, $embed, $root=null, $mod=false, $hr=true) { | |||
global $config; | |||
if(!isset($root)) | |||
if (!isset($root)) | |||
$root = &$config['root']; | |||
$this->id = $id; | |||
@@ -337,7 +337,7 @@ class Thread { | |||
$this->mod = $mod; | |||
$this->hr = $hr; | |||
if($this->mod) | |||
if ($this->mod) | |||
// Fix internal links | |||
// Very complicated regex | |||
$this->body = preg_replace( | |||
@@ -358,60 +358,60 @@ class Thread { | |||
global $board, $config; | |||
$built = ''; | |||
if($this->mod) { | |||
if ($this->mod) { | |||
// Mod controls (on posts) | |||
// Delete | |||
if(hasPermission($config['mod']['delete'], $board['uri'], $this->mod)) | |||
if (hasPermission($config['mod']['delete'], $board['uri'], $this->mod)) | |||
$built .= ' ' . confirmLink($config['mod']['link_delete'], 'Delete', 'Are you sure you want to delete this?', $board['uri'] . '/delete/' . $this->id); | |||
// Delete all posts by IP | |||
if(hasPermission($config['mod']['deletebyip'], $board['uri'], $this->mod)) | |||
if (hasPermission($config['mod']['deletebyip'], $board['uri'], $this->mod)) | |||
$built .= ' ' . confirmLink($config['mod']['link_deletebyip'], 'Delete all posts by IP', 'Are you sure you want to delete all posts by this IP address?', $board['uri'] . '/deletebyip/' . $this->id); | |||
// Delete all posts by IP (global) | |||
if(hasPermission($config['mod']['deletebyip_global'], $board['uri'], $this->mod)) | |||
if (hasPermission($config['mod']['deletebyip_global'], $board['uri'], $this->mod)) | |||
$built .= ' ' . confirmLink($config['mod']['link_deletebyip_global'], 'Delete all posts by IP across all boards', 'Are you sure you want to delete all posts by this IP address, across all boards?', $board['uri'] . '/deletebyip/' . $this->id . '/global'); | |||
// Ban | |||
if(hasPermission($config['mod']['ban'], $board['uri'], $this->mod)) | |||
if (hasPermission($config['mod']['ban'], $board['uri'], $this->mod)) | |||
$built .= ' <a title="Ban" href="?/' . $board['uri'] . '/ban/' . $this->id . '">' . $config['mod']['link_ban'] . '</a>'; | |||
// Ban & Delete | |||
if(hasPermission($config['mod']['bandelete'], $board['uri'], $this->mod)) | |||
if (hasPermission($config['mod']['bandelete'], $board['uri'], $this->mod)) | |||
$built .= ' <a title="Ban & Delete" href="?/' . $board['uri'] . '/ban&delete/' . $this->id . '">' . $config['mod']['link_bandelete'] . '</a>'; | |||
// Delete file (keep post) | |||
if(!empty($this->file) && $this->file != 'deleted' && hasPermission($config['mod']['deletefile'], $board['uri'], $this->mod)) | |||
if (!empty($this->file) && $this->file != 'deleted' && hasPermission($config['mod']['deletefile'], $board['uri'], $this->mod)) | |||
$built .= ' <a title="Remove file" href="?/' . $board['uri'] . '/deletefile/' . $this->id . '">' . $config['mod']['link_deletefile'] . '</a>'; | |||
// Sticky | |||
if(hasPermission($config['mod']['sticky'], $board['uri'], $this->mod)) | |||
if($this->sticky) | |||
if (hasPermission($config['mod']['sticky'], $board['uri'], $this->mod)) | |||
if ($this->sticky) | |||
$built .= ' <a title="Make thread not sticky" href="?/' . $board['uri'] . '/unsticky/' . $this->id . '">' . $config['mod']['link_desticky'] . '</a>'; | |||
else | |||
$built .= ' <a title="Make thread sticky" href="?/' . $board['uri'] . '/sticky/' . $this->id . '">' . $config['mod']['link_sticky'] . '</a>'; | |||
if(hasPermission($config['mod']['bumplock'], $board['uri'], $this->mod)) | |||
if($this->bumplocked) | |||
if (hasPermission($config['mod']['bumplock'], $board['uri'], $this->mod)) | |||
if ($this->bumplocked) | |||
$built .= ' <a title="Allow thread to be bumped" href="?/' . $board['uri'] . '/bumpunlock/' . $this->id . '">' . $config['mod']['link_bumpunlock'] . '</a>'; | |||
else | |||
$built .= ' <a title="Prevent thread from being bumped" href="?/' . $board['uri'] . '/bumplock/' . $this->id . '">' . $config['mod']['link_bumplock'] . '</a>'; | |||
// Lock | |||
if(hasPermission($config['mod']['lock'], $board['uri'], $this->mod)) | |||
if($this->locked) | |||
if (hasPermission($config['mod']['lock'], $board['uri'], $this->mod)) | |||
if ($this->locked) | |||
$built .= ' <a title="Unlock thread" href="?/' . $board['uri'] . '/unlock/' . $this->id . '">' . $config['mod']['link_unlock'] . '</a>'; | |||
else | |||
$built .= ' <a title="Lock thread" href="?/' . $board['uri'] . '/lock/' . $this->id . '">' . $config['mod']['link_lock'] . '</a>'; | |||
if(hasPermission($config['mod']['move'], $board['uri'], $this->mod)) | |||
if (hasPermission($config['mod']['move'], $board['uri'], $this->mod)) | |||
$built .= ' <a title="Move thread to another board" href="?/' . $board['uri'] . '/move/' . $this->id . '">' . $config['mod']['link_move'] . '</a>'; | |||
// Edit post | |||
if(hasPermission($config['mod']['editpost'], $board['uri'], $this->mod)) | |||
if (hasPermission($config['mod']['editpost'], $board['uri'], $this->mod)) | |||
$built .= ' <a title="Edit post" href="?/' . $board['uri'] . '/edit/' . $this->id . '">' . $config['mod']['link_editpost'] . '</a>'; | |||
if(!empty($built)) | |||
if (!empty($built)) | |||
$built = '<span class="controls op">' . $built . '</span>'; | |||
} | |||
return $built; | |||
@@ -426,7 +426,7 @@ class Thread { | |||
$built = Element('post_thread.html', Array('config' => $config, 'board' => $board, 'post' => &$this, 'index' => $index)); | |||
if(!$this->mod && $index && $config['cache']['enabled']) { | |||
if (!$this->mod && $index && $config['cache']['enabled']) { | |||
cache::set($this->cache_key($index), $built); | |||
} | |||
@@ -4,7 +4,7 @@ | |||
* Copyright (c) 2010-2012 Tinyboard Development Group | |||
*/ | |||
if(realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) { | |||
if (realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) { | |||
// You cannot request this file directly. | |||
exit; | |||
} | |||
@@ -18,13 +18,13 @@ function event() { | |||
$args = array_splice($args, 1); | |||
if(!isset($events[$event])) | |||
if (!isset($events[$event])) | |||
return false; | |||
foreach($events[$event] as $callback) { | |||
if(!is_callable($callback)) | |||
foreach ($events[$event] as $callback) { | |||
if (!is_callable($callback)) | |||
error('Event handler for ' . $event . ' is not callable!'); | |||
if($error = call_user_func_array($callback, $args)) | |||
if ($error = call_user_func_array($callback, $args)) | |||
return $error; | |||
} | |||
@@ -34,7 +34,7 @@ function event() { | |||
function event_handler($event, $callback) { | |||
global $events; | |||
if(!isset($events[$event])) | |||
if (!isset($events[$event])) | |||
$events[$event] = Array(); | |||
$events[$event][] = $callback; | |||
@@ -4,7 +4,7 @@ | |||
* Copyright (c) 2010-2012 Tinyboard Development Group | |||
*/ | |||
if(realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) { | |||
if (realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) { | |||
// You cannot request this file directly. | |||
exit; | |||
} | |||
@@ -13,7 +13,7 @@ class Filter { | |||
private $condition; | |||
public function __construct(array $arr) { | |||
foreach($arr as $key => $value) | |||
foreach ($arr as $key => $value) | |||
$this->$key = $value; | |||
} | |||
@@ -22,7 +22,7 @@ class Filter { | |||
switch($condition) { | |||
case 'custom': | |||
if(!is_callable($match)) | |||
if (!is_callable($match)) | |||
error('Custom condition for filter is not callable!'); | |||
return $match($post); | |||
case 'name': | |||
@@ -36,11 +36,11 @@ class Filter { | |||
case 'body': | |||
return preg_match($match, $post['body']); | |||
case 'filename': | |||
if(!$post['has_file']) | |||
if (!$post['has_file']) | |||
return false; | |||
return preg_match($match, $post['filename']); | |||
case 'extension': | |||
if(!$post['has_file']) | |||
if (!$post['has_file']) | |||
return false; | |||
return preg_match($match, $post['body']); | |||
case 'ip': | |||
@@ -61,22 +61,22 @@ class Filter { | |||
case 'reject': | |||
error(isset($this->message) ? $this->message : 'Posting throttled by flood filter.'); | |||
case 'ban': | |||
if(!isset($this->reason)) | |||
if (!isset($this->reason)) | |||
error('The ban action requires a reason.'); | |||
$reason = $this->reason; | |||
if(isset($this->expires)) | |||
if (isset($this->expires)) | |||
$expires = time() + $this->expires; | |||
else | |||
$expires = 0; // Ban indefinitely | |||
if(isset($this->reject)) | |||
if (isset($this->reject)) | |||
$reject = $this->reject; | |||
else | |||
$reject = true; | |||
if(isset($this->all_boards)) | |||
if (isset($this->all_boards)) | |||
$all_boards = $this->all_boards; | |||
else | |||
$all_boards = false; | |||
@@ -86,26 +86,26 @@ class Filter { | |||
$query->bindValue(':mod', -1); | |||
$query->bindValue(':set', time()); | |||
if($expires) | |||
if ($expires) | |||
$query->bindValue(':expires', $expires); | |||
else | |||
$query->bindValue(':expires', null, PDO::PARAM_NULL); | |||
if($reason) | |||
if ($reason) | |||
$query->bindValue(':reason', $reason); | |||
else | |||
$query->bindValue(':reason', null, PDO::PARAM_NULL); | |||
if($all_boards) | |||
if ($all_boards) | |||
$query->bindValue(':board', null, PDO::PARAM_NULL); | |||
else | |||
$query->bindValue(':board', $board['uri']); | |||
$query->execute() or error(db_error($query)); | |||
if($reject) { | |||
if(isset($this->message)) | |||
if ($reject) { | |||
if (isset($this->message)) | |||
error($message); | |||
checkBan($board['uri']); | |||
@@ -119,8 +119,8 @@ class Filter { | |||
} | |||
public function check(array $post) { | |||
foreach($this->condition as $condition => $value) { | |||
if(!$this->match($post, $condition, $value)) | |||
foreach ($this->condition as $condition => $value) { | |||
if (!$this->match($post, $condition, $value)) | |||
return false; | |||
} | |||
@@ -132,12 +132,12 @@ class Filter { | |||
function do_filters(array $post) { | |||
global $config; | |||
if(!isset($config['flood_filters'])) | |||
if (!isset($config['flood_filters'])) | |||
return; | |||
foreach($config['flood_filters'] as $arr) { | |||
foreach ($config['flood_filters'] as $arr) { | |||
$filter = new Filter($arr); | |||
if($filter->check($post)) | |||
if ($filter->check($post)) | |||
$filter->action(); | |||
} | |||
} | |||
@@ -4,7 +4,7 @@ | |||
* Copyright (c) 2010-2012 Tinyboard Development Group | |||
*/ | |||
if(realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) { | |||
if (realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) { | |||
// You cannot request this file directly. | |||
exit; | |||
} | |||
@@ -17,25 +17,25 @@ class Image { | |||
$this->src = $src; | |||
$this->format = $format; | |||
if($config['thumb_method'] == 'imagick') { | |||
if ($config['thumb_method'] == 'imagick') { | |||
$classname = 'ImageImagick'; | |||
} elseif($config['thumb_method'] == 'convert') { | |||
} elseif ($config['thumb_method'] == 'convert') { | |||
$classname = 'ImageConvert'; | |||
} else { | |||
$classname = 'Image' . strtoupper($this->format); | |||
if(!class_exists($classname)) { | |||
if (!class_exists($classname)) { | |||
error('Unsupported file format: ' . $this->format); | |||
} | |||
} | |||
$this->image = new $classname($this); | |||
if(!$this->image->valid()) { | |||
if (!$this->image->valid()) { | |||
$this->delete(); | |||
error($config['error']['invalidimg']); | |||
} | |||
$this->size = (object)Array('width' => $this->image->_width(), 'height' => $this->image->_height()); | |||
if($this->size->width < 1 || $this->size->height < 1) { | |||
if ($this->size->width < 1 || $this->size->height < 1) { | |||
$this->delete(); | |||
error($config['error']['invalidimg']); | |||
} | |||
@@ -44,13 +44,13 @@ class Image { | |||
public function resize($extension, $max_width, $max_height) { | |||
global $config; | |||
if($config['thumb_method'] == 'imagick') { | |||
if ($config['thumb_method'] == 'imagick') { | |||
$classname = 'ImageImagick'; | |||
} elseif($config['thumb_method'] == 'convert') { | |||
} elseif ($config['thumb_method'] == 'convert') { | |||
$classname = 'ImageConvert'; | |||
} else { | |||
$classname = 'Image' . strtoupper($extension); | |||
if(!class_exists($classname)) { | |||
if (!class_exists($classname)) { | |||
error('Unsupported file format: ' . $extension); | |||
} | |||
} | |||
@@ -63,7 +63,7 @@ class Image { | |||
$x_ratio = $max_width / $this->size->width; | |||
$y_ratio = $max_height / $this->size->height; | |||
if(($this->size->width <= $max_width) && ($this->size->height <= $max_height)) { | |||
if (($this->size->width <= $max_width) && ($this->size->height <= $max_height)) { | |||
$width = $this->size->width; | |||
$height = $this->size->height; | |||
} elseif (($x_ratio * $this->size->height) < $max_height) { | |||
@@ -110,29 +110,29 @@ class ImageBase extends ImageGD { | |||
} | |||
public function __construct($img) { | |||
if(method_exists($this, 'init')) | |||
if (method_exists($this, 'init')) | |||
$this->init(); | |||
if($img !== false) { | |||
if ($img !== false) { | |||
$this->src = $img->src; | |||
$this->from(); | |||
} | |||
} | |||
public function _width() { | |||
if(method_exists($this, 'width')) | |||
if (method_exists($this, 'width')) | |||
return $this->width(); | |||
// use default GD functions | |||
return imagesx($this->image); | |||
} | |||
public function _height() { | |||
if(method_exists($this, 'height')) | |||
if (method_exists($this, 'height')) | |||
return $this->height(); | |||
// use default GD functions | |||
return imagesy($this->image); | |||
} | |||
public function _destroy() { | |||
if(method_exists($this, 'destroy')) | |||
if (method_exists($this, 'destroy')) | |||
return $this->destroy(); | |||
// use default GD functions | |||
return imagedestroy($this->image); | |||
@@ -142,7 +142,7 @@ class ImageBase extends ImageGD { | |||
$this->width = $width; | |||
$this->height = $height; | |||
if(method_exists($this, 'resize')) | |||
if (method_exists($this, 'resize')) | |||
$this->resize(); | |||
else | |||
// use default GD functions | |||
@@ -164,7 +164,7 @@ class ImageImagick extends ImageBase { | |||
} | |||
} | |||
public function to($src) { | |||
if(preg_match('/\.gif$/i', $src)) | |||
if (preg_match('/\.gif$/i', $src)) | |||
$this->image->writeImages($src, true); | |||
else | |||
$this->image->writeImage($src); | |||
@@ -181,20 +181,20 @@ class ImageImagick extends ImageBase { | |||
public function resize() { | |||
global $config; | |||
if(preg_match('/\.gif$/i', $this->src) && $config['thumb_ext'] == 'gif') { | |||
if (preg_match('/\.gif$/i', $this->src) && $config['thumb_ext'] == 'gif') { | |||
$this->image = new Imagick(); | |||
$this->image->setFormat('gif'); | |||
$keep_frames = Array(); | |||
for($i = 0; $i < $this->original->getNumberImages(); $i += floor($this->original->getNumberImages() / $config['thumb_keep_animation_frames'])) | |||
for ($i = 0; $i < $this->original->getNumberImages(); $i += floor($this->original->getNumberImages() / $config['thumb_keep_animation_frames'])) | |||
$keep_frames[] = $i; | |||
$i = 0; | |||
$delay = 0; | |||
foreach($this->original as $frame) { | |||
foreach ($this->original as $frame) { | |||
$delay += $frame->getImageDelay(); | |||
if(in_array($i, $keep_frames)) { | |||
if (in_array($i, $keep_frames)) { | |||
// $frame->scaleImage($this->width, $this->height, false); | |||
$frame->sampleImage($this->width, $this->height); | |||
$frame->setImagePage($this->width, $this->height, 0, 0); | |||
@@ -223,7 +223,7 @@ class ImageConvert extends ImageBase { | |||
} | |||
public function from() { | |||
$size = trim(shell_exec('identify -format "%w %h" ' . escapeshellarg($this->src . '[0]'))); | |||
if(preg_match('/^(\d+) (\d+)$/', $size, $m)) { | |||
if (preg_match('/^(\d+) (\d+)$/', $size, $m)) { | |||
$this->width = $m[1]; | |||
$this->height = $m[2]; | |||
@@ -234,7 +234,7 @@ class ImageConvert extends ImageBase { | |||
} | |||
} | |||
public function to($src) { | |||
if(!$this->temp) { | |||
if (!$this->temp) { | |||
// $config['redraw_image'] | |||
shell_exec('convert ' . escapeshellarg($this->src) . ' ' . escapeshellarg($src)); | |||
} else { | |||
@@ -255,7 +255,7 @@ class ImageConvert extends ImageBase { | |||
public function resize() { | |||
global $config; | |||
if($this->temp) { | |||
if ($this->temp) { | |||
// remove old | |||
$this->destroy(); | |||
} | |||
@@ -264,7 +264,7 @@ class ImageConvert extends ImageBase { | |||
$quality = $config['thumb_quality'] * 10; | |||
if(shell_exec("convert -flatten -filter Point -scale {$this->width}x{$this->height} +antialias -quality {$quality} " . escapeshellarg($this->src . '[0]') . " " . escapeshellarg($this->temp)) || !file_exists($this->temp)) | |||
if (shell_exec("convert -flatten -filter Point -scale {$this->width}x{$this->height} +antialias -quality {$quality} " . escapeshellarg($this->src . '[0]') . " " . escapeshellarg($this->temp)) || !file_exists($this->temp)) | |||
error('Failed to resize image!'); | |||
} | |||
} | |||
@@ -288,10 +288,10 @@ class ImagePNG extends ImageBase { | |||
class ImageGIF extends ImageBase { | |||
public function from() { | |||
$this->image = @imagecreatefromgif($this->src); | |||
$this->image = @imagecreatefromgif ($this->src); | |||
} | |||
public function to($src) { | |||
imagegif($this->image, $src); | |||
imagegif ($this->image, $src); | |||
} | |||
public function resize() { | |||
$this->GD_create(); | |||
@@ -436,7 +436,7 @@ function imagebmp(&$img, $filename='') { | |||
// is faster than chr() | |||
$arrChr = array(); | |||
for($i=0; $i<256; $i++){ | |||
for ($i=0; $i<256; $i++){ | |||
$arrChr[$i] = chr($i); | |||
} | |||
@@ -472,7 +472,7 @@ function imagebmp(&$img, $filename='') { | |||
} | |||
// see imagegif | |||
if($filename == '') { | |||
if ($filename == '') { | |||
echo $result; | |||
} else { | |||
$file = fopen($filename, 'wb'); | |||
@@ -4,7 +4,7 @@ | |||
* Copyright (c) 2010-2012 Tinyboard Development Group | |||
*/ | |||
if(realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) { | |||
if (realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) { | |||
// You cannot request this file directly. | |||
exit; | |||
} | |||
@@ -13,7 +13,7 @@ if(realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) { | |||
function mkhash($username, $password, $salt = false) { | |||
global $config; | |||
if(!$salt) { | |||
if (!$salt) { | |||
// create some sort of salt for the hash | |||
$salt = substr(base64_encode(sha1(rand() . time(), true) . $config['cookies']['salt']), 0, 15); | |||
@@ -23,7 +23,7 @@ function mkhash($username, $password, $salt = false) { | |||
// generate hash (method is not important as long as it's strong) | |||
$hash = substr(base64_encode(md5($username . sha1($username . $password . $salt . ($config['mod']['lock_ip'] ? $_SERVER['REMOTE_ADDR'] : ''), true), true)), 0, 20); | |||
if(isset($generated_salt)) | |||
if (isset($generated_salt)) | |||
return Array($hash, $salt); | |||
else | |||
return $hash; | |||
@@ -33,7 +33,7 @@ function login($username, $password, $makehash=true) { | |||
global $mod; | |||
// SHA1 password | |||
if($makehash) { | |||
if ($makehash) { | |||
$password = sha1($password); | |||
} | |||
@@ -42,7 +42,7 @@ function login($username, $password, $makehash=true) { | |||
$query->bindValue(':password', $password); | |||
$query->execute() or error(db_error($query)); | |||
if($user = $query->fetch()) { | |||
if ($user = $query->fetch()) { | |||
return $mod = Array( | |||
'id' => $user['id'], | |||
'type' => $user['type'], | |||
@@ -55,7 +55,7 @@ function login($username, $password, $makehash=true) { | |||
function setCookies() { | |||
global $mod, $config; | |||
if(!$mod) | |||
if (!$mod) | |||
error('setCookies() was called for a non-moderator!'); | |||
setcookie($config['cookies']['mod'], | |||
@@ -79,7 +79,7 @@ function create_pm_header() { | |||
$query->bindValue(':id', $mod['id'], PDO::PARAM_INT); | |||
$query->execute() or error(db_error($query)); | |||
if($pm = $query->fetch()) { | |||
if ($pm = $query->fetch()) { | |||
return Array('id' => $pm['id'], 'waiting' => $query->rowCount() - 1); | |||
} | |||
@@ -93,15 +93,15 @@ function modLog($action, $_board=null) { | |||
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']); | |||
$query->bindValue(':time', time(), PDO::PARAM_INT); | |||
$query->bindValue(':text', $action); | |||
if(isset($_board)) | |||
if (isset($_board)) | |||
$query->bindValue(':board', $_board); | |||
elseif(isset($board)) | |||
elseif (isset($board)) | |||
$query->bindValue(':board', $board['uri']); | |||
else | |||
$query->bindValue(':board', null, PDO::PARAM_NULL); | |||
$query->execute() or error(db_error($query)); | |||
if($config['syslog']) | |||
if ($config['syslog']) | |||
_syslog(LOG_INFO, '[mod/' . $mod['username'] . ']: ' . $action); | |||
} | |||
@@ -115,7 +115,7 @@ function ulBoards() { | |||
// List of boards | |||
$boards = listBoards(); | |||
foreach($boards as &$b) { | |||
foreach ($boards as &$b) { | |||
$body .= '<li>' . | |||
'<a href="?/' . | |||
sprintf($config['board_path'], $b['uri']) . $config['file_index'] . | |||
@@ -129,7 +129,7 @@ function ulBoards() { | |||
'</li>'; | |||
} | |||
if($mod['type'] >= $config['mod']['newboard']) { | |||
if ($mod['type'] >= $config['mod']['newboard']) { | |||
$body .= '<li style="margin-top:15px;"><a href="?/new"><strong>' . _('Create new board') . '</strong></a></li>'; | |||
} | |||
return $body; | |||
@@ -140,7 +140,7 @@ function form_newBan($ip=null, $reason='', $continue=false, $delete=false, $boar | |||
$boards = listBoards(); | |||
$__boards = '<li><input type="radio" checked="checked" name="board" id="board_*" value=""/> <label style="display:inline" for="board_*"><em>' . _('all boards') . '</em></label></li>'; | |||
foreach($boards as &$_board) { | |||
foreach ($boards as &$_board) { | |||
$__boards .= '<li>' . | |||
'<input type="radio" name="board" id="board_' . $_board['uri'] . '" value="' . $_board['uri'] . '">' . | |||
'<label style="display:inline" for="board_' . $_board['uri'] . '"> ' . | |||
@@ -247,7 +247,7 @@ function removeBan($id) { | |||
$query->bindValue(':id', $id, PDO::PARAM_INT); | |||
$query->execute() or error(db_error($query)); | |||
//if($config['memcached']['enabled']) { | |||
//if ($config['memcached']['enabled']) { | |||
// Remove cached ban | |||
// TODO | |||
// $memcached->delete("ban_{$id}"); | |||
@@ -257,10 +257,10 @@ function removeBan($id) { | |||
// Validate session | |||
if(isset($_COOKIE[$config['cookies']['mod']])) { | |||
if (isset($_COOKIE[$config['cookies']['mod']])) { | |||
// Should be username:hash:salt | |||
$cookie = explode(':', $_COOKIE[$config['cookies']['mod']]); | |||
if(count($cookie) != 3) { | |||
if (count($cookie) != 3) { | |||
destroyCookies(); | |||
error($config['error']['malformed']); | |||
} | |||
@@ -271,7 +271,7 @@ if(isset($_COOKIE[$config['cookies']['mod']])) { | |||
$user = $query->fetch(); | |||
// validate password hash | |||
if($cookie[1] != mkhash($cookie[0], $user['password'], $cookie[2])) { | |||
if ($cookie[1] != mkhash($cookie[0], $user['password'], $cookie[2])) { | |||
// Malformed cookies | |||
destroyCookies(); | |||
error($config['error']['malformed']); | |||
@@ -4,38 +4,38 @@ | |||
* Copyright (c) 2010-2012 Tinyboard Development Group | |||
*/ | |||
if(realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) { | |||
if (realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) { | |||
// You cannot request this file directly. | |||
exit; | |||
} | |||
class Remote { | |||
public function __construct($config) { | |||
foreach($config as $name => $value) { | |||
foreach ($config as $name => $value) { | |||
$this->{$name} = $value; | |||
} | |||
$methods = Array(); | |||
if(!isset($this->auth['method'])) | |||
if (!isset($this->auth['method'])) | |||
error('Unspecified authentication method.'); | |||
// Connect | |||
$this->connection = ssh2_connect($this->host, isset($this->port) ? $this->port : 22, $methods); | |||
switch($this->auth['method']) { | |||
switch ($this->auth['method']) { | |||
case 'pubkey': | |||
if(!isset($this->auth['public'])) | |||
if (!isset($this->auth['public'])) | |||
error('Public key filename not specified.'); | |||
if(!isset($this->auth['private'])) | |||
if (!isset($this->auth['private'])) | |||
error('Private key filename not specified.'); | |||
if(!ssh2_auth_pubkey_file($this->connection, $this->auth['username'], $this->auth['public'], $this->auth['private'], isset($this->auth['passphrase']) ? $this->auth['passphrase']: null)) | |||
if (!ssh2_auth_pubkey_file($this->connection, $this->auth['username'], $this->auth['public'], $this->auth['private'], isset($this->auth['passphrase']) ? $this->auth['passphrase']: null)) | |||
error('Public key authentication failed.'); | |||
break; | |||
case 'plain': | |||
if(!ssh2_auth_password($this->connection, $this->auth['username'], $this->auth['password'])) | |||
if (!ssh2_auth_password($this->connection, $this->auth['username'], $this->auth['password'])) | |||
error('Plain-text authentication failed.'); | |||
break; | |||
default: | |||
@@ -47,7 +47,7 @@ class Remote { | |||
public function write($data, $remote_path) { | |||
global $config; | |||
switch($this->type) { | |||
switch ($this->type) { | |||
case 'sftp': | |||
$sftp = ssh2_sftp($this->connection); | |||
file_write('ssh2.sftp://' . $sftp . $remote_path, $data, true); | |||
@@ -4,7 +4,7 @@ | |||
* Copyright (c) 2010-2012 Tinyboard Development Group | |||
*/ | |||
if(realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) { | |||
if (realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) { | |||
// You cannot request this file directly. | |||
exit; | |||
} | |||
@@ -36,15 +36,15 @@ function load_twig() { | |||
function Element($templateFile, array $options) { | |||
global $config, $debug, $twig; | |||
if(!$twig) | |||
if (!$twig) | |||
load_twig(); | |||
if(function_exists('create_pm_header') && ((isset($options['mod']) && $options['mod']) || isset($options['__mod']))) { | |||
if (function_exists('create_pm_header') && ((isset($options['mod']) && $options['mod']) || isset($options['__mod']))) { | |||
$options['pm'] = create_pm_header(); | |||
} | |||
if(isset($options['body']) && $config['debug']) { | |||
if(isset($debug['start'])) { | |||
if (isset($options['body']) && $config['debug']) { | |||
if (isset($debug['start'])) { | |||
$debug['time'] = '~' . round((microtime(true) - $debug['start']) * 1000, 2) . 'ms'; | |||
unset($debug['start']); | |||
} | |||
@@ -57,10 +57,10 @@ function Element($templateFile, array $options) { | |||
} | |||
// Read the template file | |||
if(@file_get_contents("{$config['dir']['template']}/${templateFile}")) { | |||
if (@file_get_contents("{$config['dir']['template']}/${templateFile}")) { | |||
$body = $twig->render($templateFile, $options); | |||
if($config['minify_html'] && preg_match('/\.html$/', $templateFile)) { | |||
if ($config['minify_html'] && preg_match('/\.html$/', $templateFile)) { | |||
$body = trim(preg_replace("/[\t\r\n]/", '', $body)); | |||
} | |||
@@ -16,21 +16,21 @@ $page = Array( | |||
// this breaks the dispaly of licenses if enabled | |||
$config['minify_html'] = false; | |||
if(file_exists($config['has_installed'])) { | |||
if (file_exists($config['has_installed'])) { | |||
// Check the version number | |||
$version = trim(file_get_contents($config['has_installed'])); | |||
if(empty($version)) | |||
if (empty($version)) | |||
$version = 'v0.9.1'; | |||
$boards = listBoards(); | |||
switch($version) { | |||
switch ($version) { | |||
case 'v0.9': | |||
case 'v0.9.1': | |||
// Upgrade to v0.9.2-dev | |||
foreach($boards as &$_board) { | |||
foreach ($boards as &$_board) { | |||
// Add `capcode` field after `trip` | |||
query(sprintf("ALTER TABLE `posts_%s` ADD `capcode` VARCHAR( 50 ) NULL AFTER `trip`", $_board['uri'])) or error(db_error()); | |||
@@ -51,7 +51,7 @@ if(file_exists($config['has_installed'])) { | |||
$version = 'v0.9.2-dev-1'; | |||
// Upgrade to v0.9.2-dev-2 | |||
foreach($boards as &$_board) { | |||
foreach ($boards as &$_board) { | |||
// Increase field sizes | |||
query(sprintf("ALTER TABLE `posts_%s` CHANGE `subject` `subject` VARCHAR( 50 ) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL", $_board['uri'])) or error(db_error()); | |||
query(sprintf("ALTER TABLE `posts_%s` CHANGE `name` `name` VARCHAR( 35 ) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL", $_board['uri'])) or error(db_error()); | |||
@@ -59,7 +59,7 @@ if(file_exists($config['has_installed'])) { | |||
case 'v0.9.2-dev-2': | |||
// Upgrade to v0.9.2-dev-3 (v0.9.2) | |||
foreach($boards as &$_board) { | |||
foreach ($boards as &$_board) { | |||
// Add `custom_fields` field | |||
query(sprintf("ALTER TABLE `posts_%s` ADD `embed` TEXT NULL", $_board['uri'])) or error(db_error()); | |||
} | |||
@@ -76,7 +76,7 @@ if(file_exists($config['has_installed'])) { | |||
query("ALTER TABLE `mods` ADD `boards` TEXT NOT NULL") or error(db_error()); | |||
query("UPDATE `mods` SET `boards` = '*'") or error(db_error()); | |||
case 'v0.9.3-dev-2': | |||
foreach($boards as &$_board) { | |||
foreach ($boards as &$_board) { | |||
query(sprintf("ALTER TABLE `posts_%s` CHANGE `filehash` `filehash` TEXT CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL", $_board['uri'])) or error(db_error()); | |||
} | |||
case 'v0.9.3-dev-3': | |||
@@ -86,7 +86,7 @@ if(file_exists($config['has_installed'])) { | |||
// add ban ID | |||
query("ALTER TABLE `bans` ADD `id` INT NOT NULL AUTO_INCREMENT FIRST, ADD PRIMARY KEY ( `id` ), ADD UNIQUE (`id`)"); | |||
case 'v0.9.3-dev-5': | |||
foreach($boards as &$_board) { | |||
foreach ($boards as &$_board) { | |||
// Increase subject field size | |||
query(sprintf("ALTER TABLE `posts_%s` CHANGE `subject` `subject` VARCHAR( 100 ) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL", $_board['uri'])) or error(db_error()); | |||
} | |||
@@ -95,23 +95,23 @@ if(file_exists($config['has_installed'])) { | |||
$tables = Array( | |||
'bans', 'boards', 'ip_notes', 'modlogs', 'mods', 'mutes', 'noticeboard', 'pms', 'reports', 'robot', 'theme_settings', 'news' | |||
); | |||
foreach($boards as &$board) { | |||
foreach ($boards as &$board) { | |||
$tables[] = "posts_{$board['uri']}"; | |||
} | |||
foreach($tables as &$table) { | |||
foreach ($tables as &$table) { | |||
query("ALTER TABLE `{$table}` ENGINE = MYISAM DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci") or error(db_error()); | |||
} | |||
case 'v0.9.3-dev-7': | |||
foreach($boards as &$board) { | |||
foreach ($boards as &$board) { | |||
query(sprintf("ALTER TABLE `posts_%s` CHANGE `filename` `filename` TEXT CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL", $board['uri'])) or error(db_error()); | |||
} | |||
case 'v0.9.3-dev-8': | |||
foreach($boards as &$board) { | |||
foreach ($boards as &$board) { | |||
query(sprintf("ALTER TABLE `posts_%s` ADD INDEX ( `thread` )", $board['uri'])) or error(db_error()); | |||
} | |||
case 'v0.9.3-dev-9': | |||
foreach($boards as &$board) { | |||
foreach ($boards as &$board) { | |||
query(sprintf("ALTER TABLE `posts_%s`ADD INDEX ( `time` )", $board['uri'])) or error(db_error()); | |||
query(sprintf("ALTER TABLE `posts_%s`ADD FULLTEXT (`body`)", $board['uri'])) or error(db_error()); | |||
} | |||
@@ -132,11 +132,11 @@ if(file_exists($config['has_installed'])) { | |||
query("ALTER TABLE `news` ADD INDEX (`time`)") or error(db_error()); | |||
query("ALTER TABLE `theme_settings` ADD INDEX (`theme`)") or error(db_error()); | |||
case 'v0.9.4-dev-1': | |||
foreach($boards as &$board) { | |||
foreach ($boards as &$board) { | |||
query(sprintf("ALTER TABLE `posts_%s` ADD `sage` INT( 1 ) NOT NULL AFTER `locked`", $board['uri'])) or error(db_error()); | |||
} | |||
case 'v0.9.4-dev-2': | |||
if(!isset($_GET['confirm'])) { | |||
if (!isset($_GET['confirm'])) { | |||
$page['title'] = 'License Change'; | |||
$page['body'] = '<p style="text-align:center">You are upgrading to a version which uses an amended license. The licenses included with Tinyboard distributions prior to this version (v0.9.4-dev-2) are still valid for those versions, but no longer apply to this and newer versions.</p>' . | |||
'<textarea style="width:700px;height:370px;margin:auto;display:block;background:white;color:black" disabled>' . htmlentities(file_get_contents('LICENSE.md')) . '</textarea> | |||
@@ -151,14 +151,14 @@ if(file_exists($config['has_installed'])) { | |||
case 'v0.9.4-dev-3': | |||
case 'v0.9.4-dev-4': | |||
case 'v0.9.4': | |||
foreach($boards as &$board) { | |||
foreach ($boards as &$board) { | |||
query(sprintf("ALTER TABLE `posts_%s` | |||
CHANGE `subject` `subject` VARCHAR( 100 ) CHARACTER SET utf8 COLLATE utf8_general_ci NULL , | |||
CHANGE `email` `email` VARCHAR( 30 ) CHARACTER SET utf8 COLLATE utf8_general_ci NULL , | |||
CHANGE `name` `name` VARCHAR( 35 ) CHARACTER SET utf8 COLLATE utf8_general_ci NULL", $board['uri'])) or error(db_error()); | |||
} | |||
case 'v0.9.5-dev-1': | |||
foreach($boards as &$board) { | |||
foreach ($boards as &$board) { | |||
query(sprintf("ALTER TABLE `posts_%s` ADD `body_nomarkup` TEXT NULL AFTER `body`", $board['uri'])) or error(db_error()); | |||
} | |||
query("CREATE TABLE IF NOT EXISTS `cites` ( `board` varchar(8) NOT NULL, `post` int(11) NOT NULL, `target_board` varchar(8) NOT NULL, `target` int(11) NOT NULL, KEY `target` (`target_board`,`target`), KEY `post` (`board`,`post`)) ENGINE=MyISAM DEFAULT CHARSET=utf8;") or error(db_error()); | |||
@@ -192,7 +192,7 @@ if(file_exists($config['has_installed'])) { | |||
query("ALTER TABLE `bans` CHANGE `board` `board` VARCHAR( 120 ) NULL DEFAULT NULL") or error(db_error()); | |||
query("ALTER TABLE `reports` CHANGE `board` `board` VARCHAR( 120 ) NULL DEFAULT NULL") or error(db_error()); | |||
query("ALTER TABLE `modlogs` CHANGE `board` `board` VARCHAR( 120 ) NULL DEFAULT NULL") or error(db_error()); | |||
foreach($boards as $board) { | |||
foreach ($boards as $board) { | |||
$query = prepare("UPDATE `bans` SET `board` = :newboard WHERE `board` = :oldboard"); | |||
$query->bindValue(':newboard', $board['uri']); | |||
$query->bindValue(':oldboard', $board['id']); | |||
@@ -228,7 +228,7 @@ if(file_exists($config['has_installed'])) { | |||
die(Element('page.html', $page)); | |||
} | |||
if($step == 0) { | |||
if ($step == 0) { | |||
// Agreeement | |||
$page['body'] = ' | |||
<textarea style="width:700px;height:370px;margin:auto;display:block;background:white;color:black" disabled>' . htmlentities(file_get_contents('LICENSE.md')) . '</textarea> | |||
@@ -237,7 +237,7 @@ if($step == 0) { | |||
</p>'; | |||
echo Element('page.html', $page); | |||
} elseif($step == 1) { | |||
} elseif ($step == 1) { | |||
$page['title'] = 'Pre-installation test'; | |||
$page['body'] = '<table class="test">'; | |||
@@ -250,7 +250,7 @@ if($step == 0) { | |||
function row($item, $result) { | |||
global $page, $config, $__is_error; | |||
if(!$result) | |||
if (!$result) | |||
$__is_error = true; | |||
$page['body'] .= '<tr><th>' . $item . '</th><td><img style="width:16px;height:16px" src="' . $config['dir']['static'] . ($result ? 'ok.png' : 'error.png') . '" /></td></tr>'; | |||
} | |||
@@ -271,7 +271,7 @@ if($step == 0) { | |||
$drivers = PDO::getAvailableDrivers(); | |||
rheader('PDO drivers <em>(currently installed drivers)</em>'); | |||
foreach($drivers as &$driver) { | |||
foreach ($drivers as &$driver) { | |||
row($driver, true); | |||
} | |||
@@ -287,7 +287,7 @@ if($step == 0) { | |||
</p>'; | |||
echo Element('page.html', $page); | |||
} elseif($step == 2) { | |||
} elseif ($step == 2) { | |||
// Basic config | |||
$page['title'] = 'Configuration'; | |||
@@ -304,9 +304,9 @@ if($step == 0) { | |||
$drivers = PDO::getAvailableDrivers(); | |||
foreach($drivers as &$driver) { | |||
foreach ($drivers as &$driver) { | |||
$driver_txt = $driver; | |||
switch($driver) { | |||
switch ($driver) { | |||
case 'cubrid': | |||
$driver_txt = 'Cubrid'; | |||
break; | |||
@@ -449,7 +449,7 @@ if($step == 0) { | |||
echo Element('page.html', $page); | |||
} elseif($step == 3) { | |||
} elseif ($step == 3) { | |||
$instance_config = | |||
'<?php | |||
@@ -464,15 +464,15 @@ if($step == 0) { | |||
'; | |||
function create_config_from_array(&$instance_config, &$array, $prefix = '') { | |||
foreach($array as $name => $value) { | |||
if(is_array($value)) { | |||
foreach ($array as $name => $value) { | |||
if (is_array($value)) { | |||
$instance_config .= "\n"; | |||
create_config_from_array($instance_config, $value, $prefix . '[\'' . addslashes($name) . '\']'); | |||
$instance_config .= "\n"; | |||
} else { | |||
$instance_config .= ' $config' . $prefix . '[\'' . addslashes($name) . '\'] = '; | |||
if(is_numeric($value)) | |||
if (is_numeric($value)) | |||
$instance_config .= $value; | |||
else | |||
$instance_config .= "'" . addslashes($value) . "'"; | |||
@@ -486,7 +486,7 @@ if($step == 0) { | |||
$instance_config .= "\n"; | |||
if(@file_put_contents('inc/instance-config.php', $instance_config)) { | |||
if (@file_put_contents('inc/instance-config.php', $instance_config)) { | |||
header('Location: ?step=4', true, $config['redirect_http']); | |||
} else { | |||
$page['title'] = 'Manual installation required'; | |||
@@ -500,7 +500,7 @@ if($step == 0) { | |||
'; | |||
echo Element('page.html', $page); | |||
} | |||
} elseif($step == 4) { | |||
} elseif ($step == 4) { | |||
// SQL installation | |||
buildJavascript(); | |||
@@ -516,13 +516,13 @@ if($step == 0) { | |||
$queries[] = Element('posts.sql', Array('board' => 'b')); | |||
$sql_errors = ''; | |||
foreach($queries as &$query) { | |||
if(!query($query)) | |||
foreach ($queries as &$query) { | |||
if (!query($query)) | |||
$sql_errors .= '<li>' . db_error() . '</li>'; | |||
} | |||
$boards = listBoards(); | |||
foreach($boards as &$_board) { | |||
foreach ($boards as &$_board) { | |||
setupBoard($_board); | |||
buildIndex(); | |||
} | |||
@@ -530,22 +530,22 @@ if($step == 0) { | |||
$page['title'] = 'Installation complete'; | |||
$page['body'] = '<p style="text-align:center">Thank you for using Tinyboard. Please remember to report any bugs you discover. <a href="http://tinyboard.org/docs/?p=Config">How do I edit the config files?</a></p>'; | |||
if(!empty($sql_errors)) { | |||
if (!empty($sql_errors)) { | |||
$page['body'] .= '<div class="ban"><h2>SQL errors</h2><p>SQL errors were encountered when trying to install the database. This may be the result of using a database which is already occupied with a Tinyboard installation; if so, you can probably ignore this.</p><p>The errors encountered were:</p><ul>' . $sql_errors . '</ul><p><a href="?step=5">Ignore errors and complete installation.</a></p></div>'; | |||
} else { | |||
file_write($config['has_installed'], VERSION); | |||
if(!file_unlink(__FILE__)) { | |||
if (!file_unlink(__FILE__)) { | |||
$page['body'] .= '<div class="ban"><h2>Delete install.php!</h2><p>I couldn\'t remove <strong>install.php</strong>. You will have to remove it manually.</p></div>'; | |||
} | |||
} | |||
echo Element('page.html', $page); | |||
} elseif($step == 5) { | |||
} elseif ($step == 5) { | |||
$page['title'] = 'Installation complete'; | |||
$page['body'] = '<p style="text-align:center">Thank you for using Tinyboard. Please remember to report any bugs you discover.</p>'; | |||
file_write($config['has_installed'], VERSION); | |||
if(!file_unlink(__FILE__)) { | |||
if (!file_unlink(__FILE__)) { | |||
$page['body'] .= '<div class="ban"><h2>Delete install.php!</h2><p>I couldn\'t remove <strong>install.php</strong>. You will have to remove it manually.</p></div>'; | |||
} | |||
@@ -17,20 +17,20 @@ if (get_magic_quotes_gpc()) { | |||
$_POST = strip_array($_POST); | |||
} | |||
if(isset($_POST['delete'])) { | |||
if (isset($_POST['delete'])) { | |||
// Delete | |||
if(!isset($_POST['board'], $_POST['password'])) | |||
if (!isset($_POST['board'], $_POST['password'])) | |||
error($config['error']['bot']); | |||
$password = &$_POST['password']; | |||
if($password == '') | |||
if ($password == '') | |||
error($config['error']['invalidpassword']); | |||
$delete = array(); | |||
foreach($_POST as $post => $value) { | |||
if(preg_match('/^delete_(\d+)$/', $post, $m)) { | |||
foreach ($_POST as $post => $value) { | |||
if (preg_match('/^delete_(\d+)$/', $post, $m)) { | |||
$delete[] = (int)$m[1]; | |||
} | |||
} | |||
@@ -38,29 +38,29 @@ if(isset($_POST['delete'])) { | |||
checkDNSBL(); | |||
// Check if board exists | |||
if(!openBoard($_POST['board'])) | |||
if (!openBoard($_POST['board'])) | |||
error($config['error']['noboard']); | |||
// Check if banned | |||
checkBan($board['uri']); | |||
if(empty($delete)) | |||
if (empty($delete)) | |||
error($config['error']['nodelete']); | |||
foreach($delete as &$id) { | |||
foreach ($delete as &$id) { | |||
$query = prepare(sprintf("SELECT `thread`, `time`,`password` FROM `posts_%s` WHERE `id` = :id", $board['uri'])); | |||
$query->bindValue(':id', $id, PDO::PARAM_INT); | |||
$query->execute() or error(db_error($query)); | |||
if($post = $query->fetch()) { | |||
if($password != '' && $post['password'] != $password) | |||
if ($post = $query->fetch()) { | |||
if ($password != '' && $post['password'] != $password) | |||
error($config['error']['invalidpassword']); | |||
if($post['time'] >= time() - $config['delete_time']) { | |||
if ($post['time'] >= time() - $config['delete_time']) { | |||
error(sprintf($config['error']['delete_too_soon'], until($post['time'] + $config['delete_time']))); | |||
} | |||
if(isset($_POST['file'])) { | |||
if (isset($_POST['file'])) { | |||
// Delete just the file | |||
deleteFile($id); | |||
} else { | |||
@@ -81,13 +81,13 @@ if(isset($_POST['delete'])) { | |||
header('Location: ' . $root . $board['dir'] . $config['file_index'], true, $config['redirect_http']); | |||
} elseif(isset($_POST['report'])) { | |||
if(!isset($_POST['board'], $_POST['password'], $_POST['reason'])) | |||
} elseif (isset($_POST['report'])) { | |||
if (!isset($_POST['board'], $_POST['password'], $_POST['reason'])) | |||
error($config['error']['bot']); | |||
$report = array(); | |||
foreach($_POST as $post => $value) { | |||
if(preg_match('/^delete_(\d+)$/', $post, $m)) { | |||
foreach ($_POST as $post => $value) { | |||
if (preg_match('/^delete_(\d+)$/', $post, $m)) { | |||
$report[] = (int)$m[1]; | |||
} | |||
} | |||
@@ -95,30 +95,30 @@ if(isset($_POST['delete'])) { | |||
checkDNSBL(); | |||
// Check if board exists | |||
if(!openBoard($_POST['board'])) | |||
if (!openBoard($_POST['board'])) | |||
error($config['error']['noboard']); | |||
// Check if banned | |||
checkBan($board['uri']); | |||
if(empty($report)) | |||
if (empty($report)) | |||
error($config['error']['noreport']); | |||
if(count($report) > $config['report_limit']) | |||
if (count($report) > $config['report_limit']) | |||
error($config['error']['toomanyreports']); | |||
$reason = &$_POST['reason']; | |||
markup($reason); | |||
foreach($report as &$id) { | |||
foreach ($report as &$id) { | |||
$query = prepare(sprintf("SELECT `thread` FROM `posts_%s` WHERE `id` = :id", $board['uri'])); | |||
$query->bindValue(':id', $id, PDO::PARAM_INT); | |||
$query->execute() or error(db_error($query)); | |||
$post = $query->fetch(); | |||
if($post) { | |||
if($config['syslog']) | |||
if ($post) { | |||
if ($config['syslog']) | |||
_syslog(LOG_INFO, 'Reported post: ' . | |||
'/' . $board['dir'] . $config['dir']['res'] . sprintf($config['file_page'], $post['thread'] ? $post['thread'] : $id) . ($post['thread'] ? '#' . $id : '') . | |||
' for "' . $reason . '"' | |||
@@ -137,65 +137,65 @@ if(isset($_POST['delete'])) { | |||
$root = $is_mod ? $config['root'] . $config['file_mod'] . '?/' : $config['root']; | |||
header('Location: ' . $root . $board['dir'] . $config['file_index'], true, $config['redirect_http']); | |||
} elseif(isset($_POST['post'])) { | |||
} elseif (isset($_POST['post'])) { | |||
if(!isset($_POST['subject'], $_POST['body'], $_POST['board'])) | |||
if (!isset($_POST['subject'], $_POST['body'], $_POST['board'])) | |||
error($config['error']['bot']); | |||
if(!isset($_POST['name'])) | |||
if (!isset($_POST['name'])) | |||
$_POST['name'] = $config['anonymous']; | |||
if(!isset($_POST['email'])) | |||
if (!isset($_POST['email'])) | |||
$_POST['email'] = ''; | |||
if(!isset($_POST['password'])) | |||
if (!isset($_POST['password'])) | |||
$_POST['password'] = ''; | |||
$post = array('board' => $_POST['board']); | |||
if(isset($_POST['thread'])) { | |||
if (isset($_POST['thread'])) { | |||
$post['op'] = false; | |||
$post['thread'] = round($_POST['thread']); | |||
} elseif($config['quick_reply'] && isset($_POST['quick-reply'])) { | |||
} elseif ($config['quick_reply'] && isset($_POST['quick-reply'])) { | |||
$post['op'] = false; | |||
$post['thread'] = round($_POST['quick-reply']); | |||
} else | |||
$post['op'] = true; | |||
if(!(($post['op'] && $_POST['post'] == $config['button_newtopic']) || | |||
if (!(($post['op'] && $_POST['post'] == $config['button_newtopic']) || | |||
(!$post['op'] && $_POST['post'] == $config['button_reply']))) | |||
error($config['error']['bot']); | |||
// Check the referrer | |||
if(!isset($_SERVER['HTTP_REFERER']) || !preg_match($config['referer_match'], $_SERVER['HTTP_REFERER'])) | |||
if (!isset($_SERVER['HTTP_REFERER']) || !preg_match($config['referer_match'], $_SERVER['HTTP_REFERER'])) | |||
error($config['error']['referer']); | |||
checkDNSBL(); | |||
// Check if board exists | |||
if(!openBoard($post['board'])) | |||
if (!openBoard($post['board'])) | |||
error($config['error']['noboard']); | |||
// Check if banned | |||
checkBan($board['uri']); | |||
// Check for CAPTCHA right after opening the board so the "return" link is in there | |||
if($config['recaptcha']) { | |||
if(!isset($_POST['recaptcha_challenge_field']) || !isset($_POST['recaptcha_response_field'])) | |||
if ($config['recaptcha']) { | |||
if (!isset($_POST['recaptcha_challenge_field']) || !isset($_POST['recaptcha_response_field'])) | |||
error($config['error']['bot']); | |||
// Check what reCAPTCHA has to say... | |||
$resp = recaptcha_check_answer($config['recaptcha_private'], | |||
$_SERVER['REMOTE_ADDR'], | |||
$_POST['recaptcha_challenge_field'], | |||
$_POST['recaptcha_response_field']); | |||
if(!$resp->is_valid) { | |||
if (!$resp->is_valid) { | |||
error($config['error']['captcha']); | |||
} | |||
} | |||
if($post['mod'] = isset($_POST['mod']) && $_POST['mod']) { | |||
if ($post['mod'] = isset($_POST['mod']) && $_POST['mod']) { | |||
require 'inc/mod.php'; | |||
if(!$mod) { | |||
if (!$mod) { | |||
// Liar. You're not a mod. | |||
error($config['error']['notamod']); | |||
} | |||
@@ -204,28 +204,28 @@ if(isset($_POST['delete'])) { | |||
$post['locked'] = $post['op'] && isset($_POST['lock']); | |||
$post['raw'] = isset($_POST['raw']); | |||
if($post['sticky'] && !hasPermission($config['mod']['sticky'], $board['uri'])) | |||
if ($post['sticky'] && !hasPermission($config['mod']['sticky'], $board['uri'])) | |||
error($config['error']['noaccess']); | |||
if($post['locked'] && !hasPermission($config['mod']['lock'], $board['uri'])) | |||
if ($post['locked'] && !hasPermission($config['mod']['lock'], $board['uri'])) | |||
error($config['error']['noaccess']); | |||
if($post['raw'] && !hasPermission($config['mod']['rawhtml'], $board['uri'])) | |||
if ($post['raw'] && !hasPermission($config['mod']['rawhtml'], $board['uri'])) | |||
error($config['error']['noaccess']); | |||
} | |||
if(!$post['mod'] && checkSpam(array($board['uri'], isset($post['thread']) && !($config['quick_reply'] && isset($_POST['quick-reply'])) ? $post['thread'] : null))) | |||
if (!$post['mod'] && checkSpam(array($board['uri'], isset($post['thread']) && !($config['quick_reply'] && isset($_POST['quick-reply'])) ? $post['thread'] : null))) | |||
error($config['error']['spam']); | |||
if($config['robot_enable'] && $config['robot_mute']) { | |||
if ($config['robot_enable'] && $config['robot_mute']) { | |||
checkMute(); | |||
} | |||
//Check if thread exists | |||
if(!$post['op']) { | |||
if (!$post['op']) { | |||
$query = prepare(sprintf("SELECT `sticky`,`locked`,`sage` FROM `posts_%s` WHERE `id` = :id AND `thread` IS NULL LIMIT 1", $board['uri'])); | |||
$query->bindValue(':id', $post['thread'], PDO::PARAM_INT); | |||
$query->execute() or error(db_error()); | |||
if(!$thread = $query->fetch()) { | |||
if (!$thread = $query->fetch()) { | |||
// Non-existant | |||
error($config['error']['nonexistant']); | |||
} | |||
@@ -233,12 +233,12 @@ if(isset($_POST['delete'])) { | |||
// Check for an embed field | |||
if($config['enable_embedding'] && isset($_POST['embed']) && !empty($_POST['embed'])) { | |||
if ($config['enable_embedding'] && isset($_POST['embed']) && !empty($_POST['embed'])) { | |||
// yep; validate it | |||
$value = $_POST['embed']; | |||
foreach($config['embedding'] as &$embed) { | |||
if($html = preg_replace($embed[0], $embed[1], $value)) { | |||
if($html == $value) { | |||
foreach ($config['embedding'] as &$embed) { | |||
if ($html = preg_replace($embed[0], $embed[1], $value)) { | |||
if ($html == $value) { | |||
// Nope. | |||
continue; | |||
} | |||
@@ -254,25 +254,25 @@ if(isset($_POST['delete'])) { | |||
break; | |||
} | |||
} | |||
if(!isset($post['embed'])) { | |||
if (!isset($post['embed'])) { | |||
error($config['error']['invalid_embed']); | |||
} | |||
} | |||
if(!hasPermission($config['mod']['bypass_field_disable'], $board['uri'])) { | |||
if($config['field_disable_name']) | |||
if (!hasPermission($config['mod']['bypass_field_disable'], $board['uri'])) { | |||
if ($config['field_disable_name']) | |||
$_POST['name'] = $config['anonymous']; // "forced anonymous" | |||
if($config['field_disable_email']) | |||
if ($config['field_disable_email']) | |||
$_POST['email'] = ''; | |||
if($config['field_disable_password']) | |||
if ($config['field_disable_password']) | |||
$_POST['password'] = ''; | |||
} | |||
// Check for a file | |||
if($post['op'] && !isset($post['no_longer_require_an_image_for_op'])) { | |||
if(!isset($_FILES['file']['tmp_name']) || $_FILES['file']['tmp_name'] == '' && $config['force_image_op']) | |||
if ($post['op'] && !isset($post['no_longer_require_an_image_for_op'])) { | |||
if (!isset($_FILES['file']['tmp_name']) || $_FILES['file']['tmp_name'] == '' && $config['force_image_op']) | |||
error($config['error']['noimage']); | |||
} | |||
@@ -283,26 +283,26 @@ if(isset($_POST['delete'])) { | |||
$post['password'] = $_POST['password']; | |||
$post['has_file'] = !isset($post['embed']) && (($post['op'] && !isset($post['no_longer_require_an_image_for_op']) && $config['force_image_op']) || (isset($_FILES['file']) && $_FILES['file']['tmp_name'] != '')); | |||
if($post['has_file']) | |||
if ($post['has_file']) | |||
$post['filename'] = utf8tohtml(get_magic_quotes_gpc() ? stripslashes($_FILES['file']['name']) : $_FILES['file']['name']); | |||
if(!($post['has_file'] || isset($post['embed'])) || (($post['op'] && $config['force_body_op']) || (!$post['op'] && $config['force_body']))) { | |||
if (!($post['has_file'] || isset($post['embed'])) || (($post['op'] && $config['force_body_op']) || (!$post['op'] && $config['force_body']))) { | |||
$stripped_whitespace = preg_replace('/[\s]/u', '', $post['body']); | |||
if($stripped_whitespace == '') { | |||
if ($stripped_whitespace == '') { | |||
error($config['error']['tooshort_body']); | |||
} | |||
} | |||
// Check if thread is locked | |||
// but allow mods to post | |||
if(!$post['op'] && !hasPermission($config['mod']['postinlocked'], $board['uri'])) { | |||
if($thread['locked']) | |||
if (!$post['op'] && !hasPermission($config['mod']['postinlocked'], $board['uri'])) { | |||
if ($thread['locked']) | |||
error($config['error']['locked']); | |||
} | |||
if($post['has_file']) { | |||
if ($post['has_file']) { | |||
$size = $_FILES['file']['size']; | |||
if($size > $config['max_filesize']) | |||
if ($size > $config['max_filesize']) | |||
error(sprintf3($config['error']['filesize'], array( | |||
'sz' => number_format($size), | |||
'filesz' => number_format($size), | |||
@@ -310,8 +310,8 @@ if(isset($_POST['delete'])) { | |||
))); | |||
} | |||
if($mod && $mod['type'] >= MOD && preg_match('/^((.+) )?## (.+)$/', $post['name'], $match)) { | |||
if(($mod['type'] == MOD && $match[3] == 'Mod') || $mod['type'] >= ADMIN) { | |||
if ($mod && $mod['type'] >= MOD && preg_match('/^((.+) )?## (.+)$/', $post['name'], $match)) { | |||
if (($mod['type'] == MOD && $match[3] == 'Mod') || $mod['type'] >= ADMIN) { | |||
$post['capcode'] = utf8tohtml($match[3]); | |||
$post['name'] = $match[2] != '' ? $match[2] : $config['anonymous']; | |||
} | |||
@@ -323,14 +323,14 @@ if(isset($_POST['delete'])) { | |||
$post['name'] = $trip[0]; | |||
$post['trip'] = isset($trip[1]) ? $trip[1] : ''; | |||
if(strtolower($post['email']) == 'noko') { | |||
if (strtolower($post['email']) == 'noko') { | |||
$noko = true; | |||
$post['email'] = ''; | |||
} else $noko = false; | |||
if($post['has_file']) { | |||
if ($post['has_file']) { | |||
$post['extension'] = strtolower(substr($post['filename'], strrpos($post['filename'], '.') + 1)); | |||
if(isset($config['filename_func'])) | |||
if (isset($config['filename_func'])) | |||
$post['file_id'] = $config['filename_func']($post); | |||
else | |||
$post['file_id'] = time() . substr(microtime(), 2, 3); | |||
@@ -340,26 +340,26 @@ if(isset($_POST['delete'])) { | |||
} | |||
// Check string lengths | |||
if(mb_strlen($post['name']) > 35) | |||
if (mb_strlen($post['name']) > 35) | |||
error(sprintf($config['error']['toolong'], 'name')); | |||
if(mb_strlen($post['email']) > 40) | |||
if (mb_strlen($post['email']) > 40) | |||
error(sprintf($config['error']['toolong'], 'email')); | |||
if(mb_strlen($post['subject']) > 100) | |||
if (mb_strlen($post['subject']) > 100) | |||
error(sprintf($config['error']['toolong'], 'subject')); | |||
if(!$mod && mb_strlen($post['body']) > $config['max_body']) | |||
if (!$mod && mb_strlen($post['body']) > $config['max_body']) | |||
error($config['error']['toolong_body']); | |||
if(mb_strlen($post['password']) > 20) | |||
if (mb_strlen($post['password']) > 20) | |||
error(sprintf($config['error']['toolong'], 'password')); | |||
wordfilters($post['body']); | |||
$post['body_nomarkup'] = $post['body']; | |||
if(!($mod && isset($post['raw']) && $post['raw'])) | |||
if (!($mod && isset($post['raw']) && $post['raw'])) | |||
$post['tracked_cites'] = markup($post['body'], true); | |||
// Check for a flood | |||
if(!hasPermission($config['mod']['flood'], $board['uri']) && checkFlood($post)) { | |||
if (!hasPermission($config['mod']['flood'], $board['uri']) && checkFlood($post)) { | |||
error($config['error']['flood']); | |||
} | |||
@@ -367,8 +367,8 @@ if(isset($_POST['delete'])) { | |||
do_filters($post); | |||
if($post['has_file']) { | |||
if(!in_array($post['extension'], $config['allowed_ext']) && !in_array($post['extension'], $config['allowed_ext_files'])) | |||
if ($post['has_file']) { | |||
if (!in_array($post['extension'], $config['allowed_ext']) && !in_array($post['extension'], $config['allowed_ext_files'])) | |||
error($config['error']['unknownext']); | |||
$is_an_image = !in_array($post['extension'], $config['allowed_ext_files']); | |||
@@ -378,23 +378,23 @@ if(isset($_POST['delete'])) { | |||
$upload = $_FILES['file']['tmp_name']; | |||
if(!is_readable($upload)) | |||
if (!is_readable($upload)) | |||
error($config['error']['nomove']); | |||
$post['filehash'] = $config['file_hash']($upload); | |||
$post['filesize'] = filesize($upload); | |||
if($is_an_image) { | |||
if ($is_an_image) { | |||
// Check IE MIME type detection XSS exploit | |||
$buffer = file_get_contents($upload, null, null, null, 255); | |||
if(preg_match($config['ie_mime_type_detection'], $buffer)) { | |||
if (preg_match($config['ie_mime_type_detection'], $buffer)) { | |||
undoImage($post); | |||
error($config['error']['mime_exploit']); | |||
} | |||
require_once 'inc/image.php'; | |||
if($config['thumb_method'] == 'imagick') { | |||
if ($config['thumb_method'] == 'imagick') { | |||
// This is tricky, because Imagick won't let us find | |||
// an image's dimensions without loading it all into | |||
// memory first, unlike GD which provides the | |||
@@ -405,8 +405,8 @@ if(isset($_POST['delete'])) { | |||
// PHP's memory limit. | |||
// first try GD's getimagesize() | |||
if($size = @getimagesize($upload)) { | |||
if($size[0] > $config['max_width'] || $size[1] > $config['max_height']) { | |||
if ($size = @getimagesize($upload)) { | |||
if ($size[0] > $config['max_width'] || $size[1] > $config['max_height']) { | |||
error($config['error']['maxsize']); | |||
} | |||
@@ -416,10 +416,10 @@ if(isset($_POST['delete'])) { | |||
} | |||
} else { | |||
// find dimensions of an image using GD | |||
if(!$size = @getimagesize($upload)) { | |||
if (!$size = @getimagesize($upload)) { | |||
error($config['error']['invalidimg']); | |||
} | |||
if($size[0] > $config['max_width'] || $size[1] > $config['max_height']) { | |||
if ($size[0] > $config['max_width'] || $size[1] > $config['max_height']) { | |||
error($config['error']['maxsize']); | |||
} | |||
} | |||
@@ -427,7 +427,7 @@ if(isset($_POST['delete'])) { | |||
// create image object | |||
$image = new Image($upload, $post['extension']); | |||
if($image->size->width > $config['max_width'] || $image->size->height > $config['max_height']) { | |||
if ($image->size->width > $config['max_width'] || $image->size->height > $config['max_height']) { | |||
$image->delete(); | |||
error($config['error']['maxsize']); | |||
} | |||
@@ -435,13 +435,13 @@ if(isset($_POST['delete'])) { | |||
$post['width'] = $image->size->width; | |||
$post['height'] = $image->size->height; | |||
if($config['spoiler_images'] && isset($_POST['spoiler'])) { | |||
if ($config['spoiler_images'] && isset($_POST['spoiler'])) { | |||
$post['thumb'] = 'spoiler'; | |||
$size = @getimagesize($config['spoiler_image']); | |||
$post['thumbwidth'] = $size[0]; | |||
$post['thumbheight'] = $size[1]; | |||
} elseif($config['minimum_copy_resize'] && | |||
} elseif ($config['minimum_copy_resize'] && | |||
$image->size->width <= $config['thumb_width'] && | |||
$image->size->height <= $config['thumb_height'] && | |||
$post['extension'] == ($config['thumb_ext'] ? $config['thumb_ext'] : $post['extension'])) { | |||
@@ -466,10 +466,10 @@ if(isset($_POST['delete'])) { | |||
$thumb->_destroy(); | |||
} | |||
if($config['redraw_image']) { | |||
if ($config['redraw_image']) { | |||
$image->to($post['file']); | |||
} else { | |||
if(!@move_uploaded_file($_FILES['file']['tmp_name'], $post['file'])) | |||
if (!@move_uploaded_file($_FILES['file']['tmp_name'], $post['file'])) | |||
error($config['error']['nomove']); | |||
} | |||
$image->destroy(); | |||
@@ -485,7 +485,7 @@ if(isset($_POST['delete'])) { | |||
} | |||
} | |||
if($post['has_file'] && $config['image_reject_repost'] && $p = getPostByHash($post['filehash'])) { | |||
if ($post['has_file'] && $config['image_reject_repost'] && $p = getPostByHash($post['filehash'])) { | |||
undoImage($post); | |||
error(sprintf($config['error']['fileexists'], | |||
$post['mod'] ? $config['root'] . $config['file_mod'] . '?/' : $config['root'] . | |||
@@ -498,9 +498,9 @@ if(isset($_POST['delete'])) { | |||
)); | |||
} | |||
if(!hasPermission($config['mod']['postunoriginal'], $board['uri']) && $config['robot_enable'] && checkRobot($post['body_nomarkup'])) { | |||
if (!hasPermission($config['mod']['postunoriginal'], $board['uri']) && $config['robot_enable'] && checkRobot($post['body_nomarkup'])) { | |||
undoImage($post); | |||
if($config['robot_mute']) { | |||
if ($config['robot_mute']) { | |||
error(sprintf($config['error']['muted'], mute())); | |||
} else { | |||
error($config['error']['unoriginal']); | |||
@@ -508,15 +508,15 @@ if(isset($_POST['delete'])) { | |||
} | |||
// Remove board directories before inserting them into the database. | |||
if($post['has_file']) { | |||
if ($post['has_file']) { | |||
$post['file_path'] = $post['file']; | |||
$post['file'] = substr_replace($post['file'], '', 0, mb_strlen($board['dir'] . $config['dir']['img'])); | |||
if($is_an_image && $post['thumb'] != 'spoiler') | |||
if ($is_an_image && $post['thumb'] != 'spoiler') | |||
$post['thumb'] = substr_replace($post['thumb'], '', 0, mb_strlen($board['dir'] . $config['dir']['thumb'])); | |||
} | |||
$post = (object)$post; | |||
if($error = event('post', $post)) { | |||
if ($error = event('post', $post)) { | |||
undoImage((array)$post); | |||
error($error); | |||
} | |||
@@ -524,8 +524,8 @@ if(isset($_POST['delete'])) { | |||
$id = post($post); | |||
if(isset($post['tracked_cites'])) { | |||
foreach($post['tracked_cites'] as $cite) { | |||
if (isset($post['tracked_cites'])) { | |||
foreach ($post['tracked_cites'] as $cite) { | |||
$query = prepare('INSERT INTO `cites` VALUES (:board, :post, :target_board, :target)'); | |||
$query->bindValue(':board', $board['uri']); | |||
$query->bindValue(':post', $id, PDO::PARAM_INT); | |||
@@ -537,20 +537,20 @@ if(isset($_POST['delete'])) { | |||
buildThread($post['op'] ? $id : $post['thread']); | |||
if(!$post['op'] && strtolower($post['email']) != 'sage' && !$thread['sage'] && ($config['reply_limit'] == 0 || numPosts($post['thread']) < $config['reply_limit'])) { | |||
if (!$post['op'] && strtolower($post['email']) != 'sage' && !$thread['sage'] && ($config['reply_limit'] == 0 || numPosts($post['thread']) < $config['reply_limit'])) { | |||
bumpThread($post['thread']); | |||
} | |||
if($post['op']) | |||
if ($post['op']) | |||
clean(); | |||
event('post-after', $post); | |||
buildIndex(); | |||
if(isset($_SERVER['HTTP_REFERER'])) { | |||
if (isset($_SERVER['HTTP_REFERER'])) { | |||
// Tell Javascript that we posted successfully | |||
if(isset($_COOKIE[$config['cookies']['js']])) | |||
if (isset($_COOKIE[$config['cookies']['js']])) | |||
$js = json_decode($_COOKIE[$config['cookies']['js']]); | |||
else | |||
$js = (object) array(); | |||
@@ -562,7 +562,7 @@ if(isset($_POST['delete'])) { | |||
$root = $post['mod'] ? $config['root'] . $config['file_mod'] . '?/' : $config['root']; | |||
if($config['always_noko'] || $noko) { | |||
if ($config['always_noko'] || $noko) { | |||
$redirect = $root . $board['dir'] . $config['dir']['res'] . | |||
sprintf($config['file_page'], $post['op'] ? $id:$post['thread']) . (!$post['op'] ? '#' . $id : ''); | |||
} else { | |||
@@ -570,14 +570,14 @@ if(isset($_POST['delete'])) { | |||
} | |||
if($config['syslog']) | |||
if ($config['syslog']) | |||
_syslog(LOG_INFO, 'New post: /' . $board['dir'] . $config['dir']['res'] . | |||
sprintf($config['file_page'], $post['op'] ? $id : $post['thread']) . (!$$post['op'] ? '#' . $id : '')); | |||
rebuildThemes('post'); | |||
header('Location: ' . $redirect, true, $config['redirect_http']); | |||
} else { | |||
if(!file_exists($config['has_installed'])) { | |||
if (!file_exists($config['has_installed'])) { | |||
header('Location: install.php', true, $config['redirect_http']); | |||
} else { | |||
// They opened post.php in their browser manually. | |||