From fb4e28c7b86c8e8b1716eea38ad7c6d39172a2c9 Mon Sep 17 00:00:00 2001 From: Yousha Date: Thu, 30 Aug 2012 20:05:17 +0430 Subject: [PATCH 1/3] Updated. --- README.md | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 217646a6..22539076 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,8 @@ -Tinyboard -- A lightweight PHP imageboard. +Tinyboard - A lightweight PHP imageboard. ========================================== +About +------------ Tinyboard is a light-weight, fast, highly configurable and user-friendly imageboard software package released under a non-restrictive open-source license. It is written in PHP and has few dependencies. @@ -19,8 +21,11 @@ it need one. Contributing ------------ -Use GitHub to submit a pull request. If you need help developing a patch, join -our IRC channel. +* Use GitHub to submit a pull request. +* Send feedbacks +* Fix bugs or add features +* Write/Edit the Wiki +If you need help developing a patch, join our IRC channel. Installation ------------- From 55470a7ac82c49e30c5439344379e877ab1e7898 Mon Sep 17 00:00:00 2001 From: Yousha Date: Thu, 30 Aug 2012 20:05:27 +0430 Subject: [PATCH 2/3] Improved. --- inc/anti-bot.php | 35 +++++++++++++++-------------------- inc/database.php | 13 +++++++------ inc/functions.php | 55 ++++++++++++++++++++++++++----------------------------- 3 files changed, 48 insertions(+), 55 deletions(-) diff --git a/inc/anti-bot.php b/inc/anti-bot.php index 81afca1b..dbf66fc1 100644 --- a/inc/anti-bot.php +++ b/inc/anti-bot.php @@ -201,59 +201,56 @@ function _create_antibot($board, $thread) { function checkSpam(array $extra_salt = array()) { global $config, $pdo; - + if (!isset($_POST['hash'])) return true; - + $hash = $_POST['hash']; - + if (!empty($extra_salt)) { // create a salted hash of the "extra salt" $extra_salt = implode(':', $extra_salt); } else { $extra_salt = ''; } - + // Reconsturct the $inputs array $inputs = array(); - + foreach ($_POST as $name => $value) { if (in_array($name, $config['spam']['valid_inputs'])) continue; - + $inputs[$name] = $value; } - + // Sort the inputs in alphabetical order (A-Z) ksort($inputs); - + $_hash = ''; - + // Iterate through each input foreach ($inputs as $name => $value) { $_hash .= $name . '=' . $value; } - + // Add a salt to the hash $_hash .= $config['cookies']['salt']; - + // Use SHA1 for the hash $_hash = sha1($_hash . $extra_salt); - + if ($hash != $_hash) return true; - + $query = prepare('SELECT `passed` FROM `antispam` WHERE `hash` = :hash'); $query->bindValue(':hash', $hash); $query->execute() or error(db_error($query)); - if (($passed = $query->fetchColumn(0)) === false) { + if ((($passed = $query->fetchColumn(0)) === false) || ($passed > $config['spam']['hidden_inputs_max_pass'])) { // there was no database entry for this hash. most likely expired. return true; } - - if ($passed > $config['spam']['hidden_inputs_max_pass']) - return true; - + return $hash; } @@ -262,5 +259,3 @@ function incrementSpamHash($hash) { $query->bindValue(':hash', $hash); $query->execute() or error(db_error($query)); } - - diff --git a/inc/database.php b/inc/database.php index 84185ad1..0dcc66b2 100644 --- a/inc/database.php +++ b/inc/database.php @@ -73,6 +73,7 @@ function prepare($query) { if ($config['debug']) return new PreparedQueryDebug($query); + return $pdo->prepare($query); } @@ -93,19 +94,19 @@ function query($query) { 'time' => '~' . $time ); return $query; - } else { - return $pdo->query($query); } + + return $pdo->query($query); } function db_error($PDOStatement=null) { global $pdo; + if (isset($PDOStatement)) { $err = $PDOStatement->errorInfo(); return $err[2]; - } else { - $err = $pdo->errorInfo(); - return $err[2]; } -} + $err = $pdo->errorInfo(); + return $err[2]; +} diff --git a/inc/functions.php b/inc/functions.php index bd255b35..63cfcb25 100644 --- a/inc/functions.php +++ b/inc/functions.php @@ -218,6 +218,7 @@ function create_antibot($board, $thread = null) { function rebuildThemes($action) { // List themes $query = query("SELECT `theme` FROM `theme_settings` WHERE `name` IS NULL AND `value` IS NULL") or error(db_error()); + while ($theme = $query->fetch()) { rebuildTheme($theme['theme'], $action); } @@ -301,6 +302,7 @@ function setupBoard($array) { function openBoard($uri) { global $config; + if ($config['cache']['enabled'] && ($board = cache::get('board_' . $uri))) { setupBoard($board); return true; @@ -315,7 +317,9 @@ function openBoard($uri) { cache::set('board_' . $uri, $board); setupBoard($board); return true; - } else return false; + } + + return false; } function boardTitle($uri) { @@ -330,7 +334,9 @@ function boardTitle($uri) { if ($title = $query->fetch()) { return $title['title']; - } else return false; + } + + return false; } function purge($uri) { @@ -520,9 +526,9 @@ function until($timestamp) { return ($num = round($difference/(60*60*24))) . ' day' . ($num != 1 ? 's' : ''); } elseif ($difference < 60*60*24*365) { return ($num = round($difference/(60*60*24*7))) . ' week' . ($num != 1 ? 's' : ''); - } else { - return ($num = round($difference/(60*60*24*365))) . ' year' . ($num != 1 ? 's' : ''); } + + return ($num = round($difference/(60*60*24*365))) . ' year' . ($num != 1 ? 's' : ''); } function ago($timestamp) { @@ -537,9 +543,9 @@ function ago($timestamp) { return ($num = round($difference/(60*60*24))) . ' day' . ($num != 1 ? 's' : ''); } elseif ($difference < 60*60*24*365) { return ($num = round($difference/(60*60*24*7))) . ' week' . ($num != 1 ? 's' : ''); - } else { - return ($num = round($difference/(60*60*24*365))) . ' year' . ($num != 1 ? 's' : ''); } + + return ($num = round($difference/(60*60*24*365))) . ' year' . ($num != 1 ? 's' : ''); } function displayBan($ban) { @@ -657,7 +663,9 @@ function threadExists($id) { if ($query->rowCount()) { return true; - } else return false; + } + + return false; } function post(array $post) { @@ -818,10 +826,7 @@ function rebuildPost($id) { $query->bindValue(':id', $id, PDO::PARAM_INT); $query->execute() or error(db_error($query)); - if (!$post = $query->fetch()) - return false; - - if (!$post['body_nomarkup']) + if ((!$post = $query->fetch()) || !$post['body_nomarkup']) return false; markup($body = &$post['body_nomarkup']); @@ -1078,10 +1083,7 @@ function makerobot($body) { } function checkRobot($body) { - if (empty($body)) - return true; - - if (event('check-robot', $body)) + if (empty($body) || event('check-robot', $body)) return true; $body = makerobot($body); @@ -1091,14 +1093,13 @@ function checkRobot($body) { if ($query->fetch()) { return true; - } else { - // Insert new hash - - $query = prepare("INSERT INTO `robot` VALUES (:hash)"); - $query->bindValue(':hash', $body); - $query->execute() or error(db_error($query)); - return false; } + + // Insert new hash + $query = prepare("INSERT INTO `robot` VALUES (:hash)"); + $query->bindValue(':hash', $body); + $query->execute() or error(db_error($query)); + return false; } function numPosts($id) { @@ -1174,7 +1175,6 @@ function checkMute() { } } - function buildIndex() { global $board, $config; @@ -1510,11 +1510,11 @@ function buildThread($id, $return=false, $mod=false) { 'boardlist' => createBoardlist($mod), 'return' => ($mod ? '?' . $board['url'] . $config['file_index'] : $config['root'] . $board['uri'] . '/' . $config['file_index']) )); - + if ($return) return $body; - else - file_write($board['dir'] . $config['dir']['res'] . sprintf($config['file_page'], $id), $body); + + file_write($board['dir'] . $config['dir']['res'] . sprintf($config['file_page'], $id), $body); } function rrmdir($dir) { @@ -1608,8 +1608,6 @@ function fraction($numerator, $denominator, $sep) { return "{$numerator}{$sep}{$denominator}"; } - - function getPostByHash($hash) { global $board; $query = prepare(sprintf("SELECT `id`,`thread` FROM `posts_%s` WHERE `filehash` = :hash", $board['uri'])); @@ -1680,4 +1678,3 @@ function DNS($host) { return $ip_addr; } - From 82c960cc94eddd1a245a8c1d2f102f9165db1530 Mon Sep 17 00:00:00 2001 From: Yousha Date: Thu, 30 Aug 2012 20:06:44 +0430 Subject: [PATCH 3/3] Added UNSIGNED to ID fields. --- install.sql | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/install.sql b/install.sql index a13453ff..b0bee8c8 100644 --- a/install.sql +++ b/install.sql @@ -44,7 +44,7 @@ CREATE TABLE IF NOT EXISTS `antispam` ( -- CREATE TABLE IF NOT EXISTS `bans` ( - `id` int(11) NOT NULL AUTO_INCREMENT, + `id` int(11) unsigned NOT NULL AUTO_INCREMENT, `ip` varchar(45) NOT NULL, `mod` int(11) NOT NULL COMMENT 'which mod made the ban', `set` int(11) NOT NULL, @@ -97,7 +97,7 @@ CREATE TABLE IF NOT EXISTS `cites` ( -- CREATE TABLE IF NOT EXISTS `ip_notes` ( - `id` int(11) NOT NULL AUTO_INCREMENT, + `id` int(11) unsigned NOT NULL AUTO_INCREMENT, `ip` varchar(45) NOT NULL, `mod` int(11) DEFAULT NULL, `time` int(11) NOT NULL, @@ -128,7 +128,7 @@ CREATE TABLE IF NOT EXISTS `modlogs` ( -- CREATE TABLE IF NOT EXISTS `mods` ( - `id` smallint(6) NOT NULL AUTO_INCREMENT, + `id` smallint(6) unsigned NOT NULL AUTO_INCREMENT, `username` varchar(30) NOT NULL, `password` char(40) NOT NULL COMMENT 'SHA1', `type` smallint(1) NOT NULL COMMENT '0: janitor, 1: mod, 2: admin', @@ -163,7 +163,7 @@ CREATE TABLE IF NOT EXISTS `mutes` ( -- CREATE TABLE IF NOT EXISTS `news` ( - `id` int(11) NOT NULL AUTO_INCREMENT, + `id` int(11) unsigned NOT NULL AUTO_INCREMENT, `name` text NOT NULL, `time` int(11) NOT NULL, `subject` text NOT NULL, @@ -179,7 +179,7 @@ CREATE TABLE IF NOT EXISTS `news` ( -- CREATE TABLE IF NOT EXISTS `noticeboard` ( - `id` int(11) NOT NULL AUTO_INCREMENT, + `id` int(11) unsigned NOT NULL AUTO_INCREMENT, `mod` int(11) NOT NULL, `time` int(11) NOT NULL, `subject` text NOT NULL, @@ -194,7 +194,7 @@ CREATE TABLE IF NOT EXISTS `noticeboard` ( -- CREATE TABLE IF NOT EXISTS `pms` ( - `id` int(11) NOT NULL AUTO_INCREMENT, + `id` int(11) unsigned NOT NULL AUTO_INCREMENT, `sender` int(11) NOT NULL, `to` int(11) NOT NULL, `message` text NOT NULL, @@ -210,7 +210,7 @@ CREATE TABLE IF NOT EXISTS `pms` ( -- CREATE TABLE IF NOT EXISTS `reports` ( - `id` int(11) NOT NULL AUTO_INCREMENT, + `id` int(11) unsigned NOT NULL AUTO_INCREMENT, `time` int(11) NOT NULL, `ip` varchar(45) NOT NULL, `board` varchar(120) DEFAULT NULL,