Merge branch 'master' of github.com:vichan-devel/vichan

inc/functions.php

@@ -880,7 +880,7 @@ function displayBan($ban) {
 		Element('page.html', array(
 			'title' => _('Banned!'),
 			'config' => $config,
-			'nojavascript' => true,
+			'boardlist' => createBoardlist($mod),
 			'body' => Element('banned.html', array(
 				'config' => $config,
 				'ban' => $ban,

inc/mod/pages.php

@@ -15,7 +15,7 @@ function mod_page($title, $template, $args, $subtitle = false) {
 		'hide_dashboard_link' => $template == 'mod/dashboard.html',
 		'title' => $title,
 		'subtitle' => $subtitle,
-		'nojavascript' => true,
+		'boardlist' => createBoardlist($mod),
 		'body' => Element($template,
 				array_merge(
 					array('config' => $config, 'mod' => $mod), 
@@ -846,7 +846,7 @@ function mod_page_ip($ip) {
 	
 	$args['security_token'] = make_secure_link_token('IP/' . $ip);
 	
-	mod_page(sprintf('%s: %s', _('IP'), $ip), 'mod/view_ip.html', $args, $args['hostname']);
+	mod_page(sprintf('%s: %s', _('IP'), htmlspecialchars($ip)), 'mod/view_ip.html', $args, $args['hostname']);
 }
 
 function mod_ban() {

mod.php

@@ -12,16 +12,6 @@ require_once 'inc/mod/auth.php';
 if ($config['debug'])
 	$parse_start_time = microtime(true);
 
-// Fix for magic quotes
-if (get_magic_quotes_gpc()) {
-	function strip_array($var) {
-		return is_array($var) ? array_map('strip_array', $var) : stripslashes($var);
-	}
-	
-	$_GET = strip_array($_GET);
-	$_POST = strip_array($_POST);
-}
-
 $query = isset($_SERVER['QUERY_STRING']) ? rawurldecode($_SERVER['QUERY_STRING']) : '';
 
 $pages = array(

post.php

@@ -7,16 +7,6 @@ require_once 'inc/functions.php';
 require_once 'inc/anti-bot.php';
 require_once 'inc/bans.php';
 
-// Fix for magic quotes
-if (get_magic_quotes_gpc()) {
-	function strip_array($var) {
-		return is_array($var) ? array_map('strip_array', $var) : stripslashes($var);
-	}
-	
-	$_GET = strip_array($_GET);
-	$_POST = strip_array($_POST);
-}
-
 if ((!isset($_POST['mod']) || !$_POST['mod']) && $config['board_locked']) {
     error("Board is locked");
 }
@@ -447,7 +437,7 @@ if (isset($_POST['delete'])) {
 		$i = 0;
 		foreach ($_FILES as $key => $file) {
 			if ($file['size'] && $file['tmp_name']) {
-				$file['filename'] = urldecode(get_magic_quotes_gpc() ? stripslashes($file['name']) : $file['name']);
+				$file['filename'] = urldecode($file['name']);
 				$file['extension'] = strtolower(mb_substr($file['filename'], mb_strrpos($file['filename'], '.') + 1));
 				if (isset($config['filename_func']))
 					$file['file_id'] = $config['filename_func']($file);
@@ -625,12 +615,14 @@ if (isset($_POST['delete'])) {
 	
 	if ($post['has_file']) {	
 		foreach ($post['files'] as $key => &$file) {
-		if ($file['is_an_image'] && $config['ie_mime_type_detection'] !== false) {
-			// Check IE MIME type detection XSS exploit
-			$buffer = file_get_contents($upload, null, null, null, 255);
-			if (preg_match($config['ie_mime_type_detection'], $buffer)) {
-				undoImage($post);
-				error($config['error']['mime_exploit']);
+		if ($file['is_an_image']) {
+			if ($config['ie_mime_type_detection'] !== false) {
+				// Check IE MIME type detection XSS exploit
+				$buffer = file_get_contents($upload, null, null, null, 255);
+				if (preg_match($config['ie_mime_type_detection'], $buffer)) {
+					undoImage($post);
+					error($config['error']['mime_exploit']);
+				}
 			}
 			
 			require_once 'inc/image.php';
@@ -639,6 +631,9 @@ if (isset($_POST['delete'])) {
 			if (!$size = @getimagesize($file['tmp_name'])) {
 				error($config['error']['invalidimg']);
 			}
+			if (!in_array($size[2], array(IMAGETYPE_PNG, IMAGETYPE_GIF, IMAGETYPE_JPEG, IMAGETYPE_BMP))) {
+				error($config['error']['invalidimg']);
+			}
 			if ($size[0] > $config['max_width'] || $size[1] > $config['max_height']) {
 				error($config['error']['maxsize']);
 			}

templates/page.html

@@ -9,6 +9,8 @@
 	<title>{{ title }}</title>
 </head>
 <body>
+        {{ boardlist.top }}
+
 	{% if pm %}<div class="top_notice">You have <a href="?/PM/{{ pm.id }}">an unread PM</a>{% if pm.waiting > 0 %}, plus {{ pm.waiting }} more waiting{% endif %}.</div><hr>{% endif %}
 	<header>
 		<h1>{{ title }}</h1>