diff --git a/inc/anti-bot.php b/inc/anti-bot.php index 81afca1b..dbf66fc1 100644 --- a/inc/anti-bot.php +++ b/inc/anti-bot.php @@ -201,59 +201,56 @@ function _create_antibot($board, $thread) { function checkSpam(array $extra_salt = array()) { global $config, $pdo; - + if (!isset($_POST['hash'])) return true; - + $hash = $_POST['hash']; - + if (!empty($extra_salt)) { // create a salted hash of the "extra salt" $extra_salt = implode(':', $extra_salt); } else { $extra_salt = ''; } - + // Reconsturct the $inputs array $inputs = array(); - + foreach ($_POST as $name => $value) { if (in_array($name, $config['spam']['valid_inputs'])) continue; - + $inputs[$name] = $value; } - + // Sort the inputs in alphabetical order (A-Z) ksort($inputs); - + $_hash = ''; - + // Iterate through each input foreach ($inputs as $name => $value) { $_hash .= $name . '=' . $value; } - + // Add a salt to the hash $_hash .= $config['cookies']['salt']; - + // Use SHA1 for the hash $_hash = sha1($_hash . $extra_salt); - + if ($hash != $_hash) return true; - + $query = prepare('SELECT `passed` FROM `antispam` WHERE `hash` = :hash'); $query->bindValue(':hash', $hash); $query->execute() or error(db_error($query)); - if (($passed = $query->fetchColumn(0)) === false) { + if ((($passed = $query->fetchColumn(0)) === false) || ($passed > $config['spam']['hidden_inputs_max_pass'])) { // there was no database entry for this hash. most likely expired. return true; } - - if ($passed > $config['spam']['hidden_inputs_max_pass']) - return true; - + return $hash; } @@ -262,5 +259,3 @@ function incrementSpamHash($hash) { $query->bindValue(':hash', $hash); $query->execute() or error(db_error($query)); } - - diff --git a/inc/database.php b/inc/database.php index 84185ad1..0dcc66b2 100644 --- a/inc/database.php +++ b/inc/database.php @@ -73,6 +73,7 @@ function prepare($query) { if ($config['debug']) return new PreparedQueryDebug($query); + return $pdo->prepare($query); } @@ -93,19 +94,19 @@ function query($query) { 'time' => '~' . $time ); return $query; - } else { - return $pdo->query($query); } + + return $pdo->query($query); } function db_error($PDOStatement=null) { global $pdo; + if (isset($PDOStatement)) { $err = $PDOStatement->errorInfo(); return $err[2]; - } else { - $err = $pdo->errorInfo(); - return $err[2]; } -} + $err = $pdo->errorInfo(); + return $err[2]; +} diff --git a/inc/functions.php b/inc/functions.php index bd255b35..63cfcb25 100644 --- a/inc/functions.php +++ b/inc/functions.php @@ -218,6 +218,7 @@ function create_antibot($board, $thread = null) { function rebuildThemes($action) { // List themes $query = query("SELECT `theme` FROM `theme_settings` WHERE `name` IS NULL AND `value` IS NULL") or error(db_error()); + while ($theme = $query->fetch()) { rebuildTheme($theme['theme'], $action); } @@ -301,6 +302,7 @@ function setupBoard($array) { function openBoard($uri) { global $config; + if ($config['cache']['enabled'] && ($board = cache::get('board_' . $uri))) { setupBoard($board); return true; @@ -315,7 +317,9 @@ function openBoard($uri) { cache::set('board_' . $uri, $board); setupBoard($board); return true; - } else return false; + } + + return false; } function boardTitle($uri) { @@ -330,7 +334,9 @@ function boardTitle($uri) { if ($title = $query->fetch()) { return $title['title']; - } else return false; + } + + return false; } function purge($uri) { @@ -520,9 +526,9 @@ function until($timestamp) { return ($num = round($difference/(60*60*24))) . ' day' . ($num != 1 ? 's' : ''); } elseif ($difference < 60*60*24*365) { return ($num = round($difference/(60*60*24*7))) . ' week' . ($num != 1 ? 's' : ''); - } else { - return ($num = round($difference/(60*60*24*365))) . ' year' . ($num != 1 ? 's' : ''); } + + return ($num = round($difference/(60*60*24*365))) . ' year' . ($num != 1 ? 's' : ''); } function ago($timestamp) { @@ -537,9 +543,9 @@ function ago($timestamp) { return ($num = round($difference/(60*60*24))) . ' day' . ($num != 1 ? 's' : ''); } elseif ($difference < 60*60*24*365) { return ($num = round($difference/(60*60*24*7))) . ' week' . ($num != 1 ? 's' : ''); - } else { - return ($num = round($difference/(60*60*24*365))) . ' year' . ($num != 1 ? 's' : ''); } + + return ($num = round($difference/(60*60*24*365))) . ' year' . ($num != 1 ? 's' : ''); } function displayBan($ban) { @@ -657,7 +663,9 @@ function threadExists($id) { if ($query->rowCount()) { return true; - } else return false; + } + + return false; } function post(array $post) { @@ -818,10 +826,7 @@ function rebuildPost($id) { $query->bindValue(':id', $id, PDO::PARAM_INT); $query->execute() or error(db_error($query)); - if (!$post = $query->fetch()) - return false; - - if (!$post['body_nomarkup']) + if ((!$post = $query->fetch()) || !$post['body_nomarkup']) return false; markup($body = &$post['body_nomarkup']); @@ -1078,10 +1083,7 @@ function makerobot($body) { } function checkRobot($body) { - if (empty($body)) - return true; - - if (event('check-robot', $body)) + if (empty($body) || event('check-robot', $body)) return true; $body = makerobot($body); @@ -1091,14 +1093,13 @@ function checkRobot($body) { if ($query->fetch()) { return true; - } else { - // Insert new hash - - $query = prepare("INSERT INTO `robot` VALUES (:hash)"); - $query->bindValue(':hash', $body); - $query->execute() or error(db_error($query)); - return false; } + + // Insert new hash + $query = prepare("INSERT INTO `robot` VALUES (:hash)"); + $query->bindValue(':hash', $body); + $query->execute() or error(db_error($query)); + return false; } function numPosts($id) { @@ -1174,7 +1175,6 @@ function checkMute() { } } - function buildIndex() { global $board, $config; @@ -1510,11 +1510,11 @@ function buildThread($id, $return=false, $mod=false) { 'boardlist' => createBoardlist($mod), 'return' => ($mod ? '?' . $board['url'] . $config['file_index'] : $config['root'] . $board['uri'] . '/' . $config['file_index']) )); - + if ($return) return $body; - else - file_write($board['dir'] . $config['dir']['res'] . sprintf($config['file_page'], $id), $body); + + file_write($board['dir'] . $config['dir']['res'] . sprintf($config['file_page'], $id), $body); } function rrmdir($dir) { @@ -1608,8 +1608,6 @@ function fraction($numerator, $denominator, $sep) { return "{$numerator}{$sep}{$denominator}"; } - - function getPostByHash($hash) { global $board; $query = prepare(sprintf("SELECT `id`,`thread` FROM `posts_%s` WHERE `filehash` = :hash", $board['uri'])); @@ -1680,4 +1678,3 @@ function DNS($host) { return $ip_addr; } -