Commit Graph

1083 Commits

Author SHA1 Message Date
czaks
cefd5517ac Merge branch 'master' of https://github.com/savetheinternet/Tinyboard 2013-07-31 21:36:54 -04:00
czaks
232f4ff868 markup modifiers: make it even harder to escape 2013-07-31 21:27:50 -04:00
czaks
ab36452543 fix post editing for tinyboard markup 2013-07-31 21:26:55 -04:00
Michael Foster
ea2b8cce07 Bugfix: HTML injection in post editing (introduces and fixes yet another bug) 2013-07-31 21:24:17 -04:00
czaks
e93d5b2f8e Revert "markup modifiers: make it even harder to escape"
This reverts commit d7ea47a91f.
2013-07-31 21:22:57 -04:00
czaks
055c3a7382 Revert "facilitate using markup modifiers multiple times; make raw html not consume the whole post"
This reverts commit e7dd0bbc4a.
2013-07-31 21:22:32 -04:00
czaks
83844b5e3e Merge branch 'master' of https://github.com/savetheinternet/Tinyboard
Conflicts:
	inc/functions.php
2013-07-31 21:03:13 -04:00
Michael Foster
a5312ebe89 Allow public ban messages on raw HTML posts 2013-07-31 21:02:26 -04:00
Michael Foster
0f9df0ac66 Newline before <tinyboard ban message> 2013-07-31 20:54:20 -04:00
Michael Foster
328484bee7 SQL cleanup 2013-07-31 20:51:43 -04:00
czaks
03d91df1d8 fix previous commit; markup is called via reference 2013-07-31 20:41:56 -04:00
czaks
ce2af291b0 markup modifiers: there was a plan for adding markup to ban reasons, but assignment was missing; escape markup there too 2013-07-31 20:33:27 -04:00
czaks
d7ea47a91f markup modifiers: make it even harder to escape 2013-07-31 20:13:19 -04:00
czaks
e7dd0bbc4a facilitate using markup modifiers multiple times; make raw html not consume the whole post 2013-07-31 20:11:11 -04:00
czaks
fa5922b45e fix post editing for tinyboard markup 2013-07-31 19:50:25 -04:00
czaks
b35ea55763 Merge branch 'master' of https://github.com/savetheinternet/Tinyboard
Conflicts:
	templates/thread.html
2013-07-31 19:25:04 -04:00
Michael Foster
6bbe407e18 Markup modifiers: raw HTML 2013-07-31 19:18:55 -04:00
Michael Foster
6d52c8b428 Markup modifiers. Fix issue #66 (public ban message lost when rebuilding post body) 2013-07-31 18:59:54 -04:00
Michael Foster
4891735c49 Fix issue #72 2013-07-31 18:29:09 -04:00
czaks
dc9df2b9b3 Merge branch 'master' of https://github.com/savetheinternet/Tinyboard 2013-07-31 17:05:53 -04:00
Michael Foster
3a8736cdc0 Fix last commit 2013-07-31 17:04:36 -04:00
Michael Foster
c2a287cd14 Only run SQL query to count threads if we really need to 2013-07-31 17:02:42 -04:00
czaks
c0abd1d851 Merge branch 'master' of https://github.com/savetheinternet/Tinyboard 2013-07-31 17:02:30 -04:00
Michael Foster
6cdf603875 Fix last commit; Make Tinyboard Twig extension more mb-safe 2013-07-31 16:38:09 -04:00
Michael Foster
dc1d1a3fcd Issue #125 2013-07-31 16:22:27 -04:00
czaks
3d979750b1 fix merge 2013-07-31 15:01:44 -04:00
czaks
55c7146d88 Merge branch 'master' of https://github.com/savetheinternet/Tinyboard
Conflicts:
	inc/config.php
	inc/display.php
	inc/functions.php
	inc/image.php
	js/expand.js
	js/hide-threads.js
	js/local-time.js
	js/smartphone-spoiler.js
	templates/header.html
	templates/index.html
	templates/main.js
	templates/page.html
	templates/post_reply.html
	templates/post_thread.html
	templates/thread.html
2013-07-31 14:54:20 -04:00
Michael Foster
659310663e i18n some more strings in inc/config.php 2013-07-31 06:56:57 -04:00
Michael Foster
42e16e233a Javascript l10n: Work without $config['additional_javascript_compile'] 2013-07-31 06:54:53 -04:00
Michael Foster
439795e63b Disallow board names which are too large for the filesytem to handle 2013-07-31 06:40:57 -04:00
Michael Foster
81da2fea04 Undo 7e0cec for now. Will restore later once I resolve issues 2013-07-31 05:03:50 -04:00
czaks
67db0a878a js i18n: finish implementation with addition of the compiled locale strings file to additional javascripts 2013-07-31 04:57:50 -04:00
czaks
3f98522ff2 i18n one more string in inc/functions.php 2013-07-31 04:56:42 -04:00
czaks
babeec8bb9 localise time values 2013-07-31 04:55:34 -04:00
czaks
be2e7d9782 i18n some strings in inc/config.php 2013-07-31 04:54:08 -04:00
Michael Foster
123a72d7de Convert to UNIX line endings 2013-07-31 04:28:26 -04:00
Marcin Łabanowski
7e0cec3d9d Facilitate styling of subboard listings 2013-07-31 04:09:35 -04:00
czaks
22556f43f5 Update Polish locale 2013-07-31 04:07:15 -04:00
czaks
b772be7c5b Update Polish translation 2013-07-31 04:07:03 -04:00
czaks
ba27016813 locale: update polish translation 2013-07-31 04:06:57 -04:00
czaks
0ffa0b3adf Update Polish translation; javascript l10n 2013-07-31 04:06:52 -04:00
55ch
dd01c8308d Brazilian Portuguese translation for Tinyboard 2013-07-31 04:05:55 -04:00
Marcin Łabanowski
5ea2f02e7d Fixed typo in Polish translation 2013-07-31 04:05:49 -04:00
Marcin Łabanowski
39cf9e7de5 Updated Polish translation (3) 2013-07-31 04:05:44 -04:00
Marcin Łabanowski
4266c412b5 Updated Polish translation (2) 2013-07-31 04:05:38 -04:00
Marcin Łabanowski
cbab1f9ac2 Updated Polish translation 2013-07-31 04:05:29 -04:00
Michael Foster
64bc410484 Small comment change 2013-07-31 04:02:40 -04:00
Marcin Łabanowski
7c8bbe8527 Implement image identification buttons using regex.info/exif, google images and tineye 2013-07-31 04:00:22 -04:00
Michael Foster
18516ff828 Rename $config['url_ads'] to $config['link_prefix'] 2013-07-31 03:43:01 -04:00
szalej
51efd817c8 Update inc/config.php
hide referrer option
2013-07-31 03:39:51 -04:00
Marcin Łabanowski
3ef2c05bb2 url_ads: fix it not working 2013-07-31 03:39:20 -04:00
szalej
5bf53cb581 Update inc/functions.php
url ads
2013-07-31 03:39:15 -04:00
szalej
220609999a Update inc/functions.php
Hide Referrer (nullrefer.com)
2013-07-31 03:39:10 -04:00
asiekierka
44d3b12cef Embedding: added vocaroo support 2013-07-31 03:37:09 -04:00
Michael Foster
573f86ccae Tiny code clean-up 2013-07-31 03:35:07 -04:00
Marcin Łabanowski
73cb2bdf2c convert+gifsicle: fix previous commit 2013-07-31 03:33:12 -04:00
Marcin Łabanowski
b7e725bf3e Support for resizing gifs using gifsicle with resizing the rest using ImageMagick 2013-07-31 03:33:06 -04:00
Marcin Łabanowski
f9cdf31ede Fix animated .gif conversion when $config['thumb_ext'] == '' 2013-07-31 03:32:44 -04:00
czaks
ee23ec1e24 Merge branch 'master' of https://github.com/savetheinternet/Tinyboard 2013-07-31 03:18:11 -04:00
Michael Foster
a2d8e4cf3e Previous commit comment fix 2013-07-31 03:13:51 -04:00
Michael Foster
37d769646b Markup/quote fix for multibyte 2013-07-31 03:12:06 -04:00
czaks
96bcf5dd1e Merge branch 'master' of https://github.com/savetheinternet/Tinyboard
Conflicts:
	inc/functions.php
	inc/mod/pages.php
	install.php
	js/expand.js
	mod.php
2013-07-31 02:30:44 -04:00
Michael Foster
b22bcdecf9 Fix last commit: purge() issue 2013-07-31 02:19:58 -04:00
Michael Foster
42cba53887 Allow Unicode in board URIs. 2013-07-31 02:08:55 -04:00
Michael Foster
bb2868896c Ability to hide IP addresses from mod log 2013-07-31 00:04:57 -04:00
Michael Foster
343397d561 ?/IP/: Don't show posts for board user doesn't have access to 2013-07-30 23:30:49 -04:00
Michael Foster
8efab06616 Upgrade to utf8mb4 charset for MySQL server versions above 5.5.3. Keep support for older versions. Fix charsets for multiple columns and tables. 2013-07-30 22:08:56 -04:00
Michael Foster
461084d400 MySQL's utf8 charset only supports up to 3-byte symbols. Insterting four byte symbols (U+010000 to U+10FFFF) can be done maliciously to break HTML mark-up.
The ideal solution was to convert to MySQL's utf8mb4 charset, but then we would lose support for MySQL < 5.5.3. In this fix, incompatible characters are encoded as HTML numeric character references (eg. #65536) and just stripped from body_nommarkup.
2013-07-30 16:41:10 -04:00
czaks
793042ee6c Merge branch 'master' of https://github.com/savetheinternet/Tinyboard
Conflicts:
	js/inline-expanding.js
2013-07-29 23:17:37 -04:00
Michael Foster
1759ac2ea3 Post search: Search other fields too 2013-07-29 20:20:07 -04:00
czaks
4257191acd Merge branch 'master' of https://github.com/savetheinternet/Tinyboard 2013-07-29 16:26:10 -04:00
Michael Foster
58306bdc63 Search posts 2013-07-29 16:18:06 -04:00
Michael Foster
5bab041814 Make font-awesome enabled by default 2013-07-29 12:27:10 -04:00
czaks
d11e9d752e Merge branch 'master' of https://github.com/savetheinternet/Tinyboard 2013-07-28 20:51:43 -04:00
Michael Foster
bd8bd3c02e Fix for last commit 2013-07-28 20:46:00 -04:00
Michael Foster
57c8e4ee7c Strip combining characters from Unicode strings (eg. Zalgo) 2013-07-28 20:33:26 -04:00
czaks
396492aad6 Update Polish locale 2013-07-27 02:01:42 -04:00
czaks
065a6f97c8 localise time values 2013-07-27 01:50:38 -04:00
czaks
3f2ea6b936 i18n some strings in inc/config.php 2013-07-27 01:33:21 -04:00
czaks
ae99c6dd0d i18n one more string in inc/functions.php 2013-07-27 01:21:30 -04:00
czaks
5108bd1bf7 Merge branch 'master' of https://github.com/savetheinternet/Tinyboard
Conflicts:
	inc/functions.php
2013-07-26 13:47:53 -04:00
Michael Foster
37d5846e4e Fix markup overlapping. Issue #124 2013-07-26 11:01:13 -04:00
czaks
114e34eea5 Merge branch 'master' of https://github.com/savetheinternet/Tinyboard
Conflicts:
	install.php
2013-07-24 16:24:20 -04:00
Michael Foster
33a1c00bd5 %length% in public ban messages 2013-07-24 11:30:01 -04:00
Michael Foster
31f657e550 Long overdue: Salted password hashes 2013-07-24 11:15:55 -04:00
czaks
1aa522e138 Merge branch 'master' of https://github.com/savetheinternet/Tinyboard
Conflicts:
	templates/index.html
	templates/post_thread.html
	templates/thread.html
2013-07-23 10:25:33 -04:00
Michael Foster
1132a4ce79 Option to use font-awesome for sticky/lock icons, etc. 2013-07-23 09:38:42 -04:00
Michael Foster
ab0c5ee481 Option to make stylesheet selections board-specific 2013-07-23 01:35:56 -04:00
czaks
88c1205e42 Merge branch 'master' of https://github.com/savetheinternet/Tinyboard
Conflicts:
	js/hide-threads.js
2013-07-22 23:33:02 -04:00
Michael Foster
6ba8f3f7de Add custom links to dashboard 2013-07-22 18:30:45 -04:00
Michael Foster
ed8fe6c27a Option to check public ban message by default 2013-07-22 17:51:13 -04:00
czaks
805c729892 Merge branch 'master' of https://github.com/savetheinternet/Tinyboard 2013-07-22 10:14:17 -04:00
Michael Foster
308f557fd5 Option to automatically strip EXIF metadata from JPEGs 2013-07-21 15:50:45 -04:00
czaks
97a22e57c1 Remove imgcaptcha, this code is unused in any of our forks and needs work to get here back.
Revert "Merge branch 'imgcaptcha' of https://github.com/asiekierka/Tinyboard"

This reverts commit 49afb685c8, reversing
changes made to 2451a0f29c.

Conflicts:

	js/imgcaptcha.js
2013-07-20 22:47:26 -04:00
czaks
8772c31ce1 post search: missed default config 2013-07-20 22:45:21 -04:00
czaks
33c7abf11f Merge branch 'master' of github.com:vichan-devel/Tinyboard 2013-07-20 22:33:56 -04:00
czaks
17952d173c Update Polish translation 2013-07-20 20:23:55 -04:00
Czterooki
bc1bc9f6ef Merge branch 'master' of github.com:vichan-devel/Tinyboard 2013-07-20 18:28:57 -04:00
czaks
9f323ae65f Merge branch 'master' of https://github.com/savetheinternet/Tinyboard
Conflicts:
	templates/themes/sitemap/info.php
2013-07-20 17:28:34 -04:00
Michael Foster
67cbc2b1aa Fix permissions with search 2013-07-20 13:15:44 -04:00
Michael Foster
b776e0a7f0 Search update 2013-07-20 12:05:42 -04:00
Michael Foster
e62b83e79c Bring back search (searching posts not implemented yet) 2013-07-20 07:50:33 -04:00
Czterooki
aef4425592 merge with vichan-gold 2013-07-20 00:19:08 -04:00
Czterooki
01d9ad9d43 inc/mod/pages.php 2013-07-20 00:05:08 -04:00
Czterooki
ad7d15535b config.php 2013-07-20 00:03:45 -04:00
Michael Foster
30dc892786 Only store video URLs in database, instead of the generated player HTML. 2013-07-19 18:36:12 -04:00
czaks
f04566f6d3 locale: update polish translation 2013-07-18 16:34:22 -04:00
czaks
fa66b96240 Merge branch 'master' of https://github.com/savetheinternet/Tinyboard
Conflicts:
	post.php
2013-07-18 15:19:03 -04:00
Michael Foster
e4bd9a6886 Themes edit: Split "post" into two seperate actions: "post" (replies) and "post-thread". And add a $board variable. 2013-07-18 12:06:26 -04:00
Michael Foster
ce9431ba34 Update filters to work with new ban table 2013-07-18 10:17:19 -04:00
czaks
84aaaabece Merge branch 'master' of https://github.com/kaja47/Tinyboard 2013-07-16 13:40:56 -04:00
czaks
7bdb96a16b Merge branch 'master' of https://github.com/savetheinternet/Tinyboard
Conflicts:
	install.php
	templates/index.html
	templates/thread.html
2013-07-16 13:02:13 -04:00
Michael Foster
aadb57f2a2 More ban stuff: Show whether or not user has "seen" a ban yet in the ban list and on IP address pages. Purge useless expired ban records. 2013-07-16 08:50:39 -04:00
Michael Foster
c8f30550af $config['require_ban_view']: Force users to view the "You are banned" page at least once before letting a ban disappear naturally. 2013-07-16 06:33:37 -04:00
Michael Foster
29b10c88db Outputting thread subject in header/title (issue #122) 2013-07-16 02:48:20 -04:00
Michael Foster
7302fc57a8 Automatically dismiss all reports regarding a thread after it is locked. 2013-07-16 02:32:44 -04:00
Michael Foster
2144d43f2b Fix issue #24 2013-07-16 02:27:20 -04:00
Michael Foster
23b27d8057 Add clean() to mod_move function 2013-07-16 01:38:24 -04:00
Michael Foster
77e4d926d9 Add "write" (files written to) to debug section 2013-07-16 01:21:06 -04:00
Macil Tech
82e3592703 Argh, just remove all RTL and LTR control codes in bidi_cleanup.
If the name and subject fields both start with RLO characters, then the
subject would be after the name with the old bidi_cleanup.
2013-07-08 13:26:31 -05:00
czaks
8de00e5ba9 Update Polish translation; javascript l10n 2013-07-03 01:59:36 -04:00
czaks
21f6799617 js i18n: finish implementation with addition of the compiled locale strings file to additional javascripts 2013-07-03 00:25:32 -04:00
K
74a470bf4e Add support for 4chan-compatible json API. 2013-07-02 19:52:29 +02:00
czaks
24a520485d Merge branch 'master' of https://github.com/savetheinternet/Tinyboard
Conflicts:
	templates/page.html
2013-06-21 16:41:39 -04:00
Michael
9b0c31daa6 Merge pull request #116 from Macil/hardlimits
Adds image_hard_limit and reply_hard_limit options
2013-06-18 10:46:25 -07:00
Michael
0ac9dd5f25 Merge pull request #115 from Macil/miscfixes
Miscellaneous fixes
2013-06-18 10:45:13 -07:00
Michael
cbc3bd0c0a Merge pull request #114 from Macil/rtlfix
Fix display issues with RTL control characters in post names, subjects, ...
2013-06-18 10:41:31 -07:00
Michael
68c6a749f2 Merge pull request #113 from Macil/tzfix
Output times in UTC
2013-06-18 10:40:56 -07:00
Macil Tech
3eda5b0543 Adds image_hard_limit and reply_hard_limit options.
Also reworks the numPosts() function and uses it elsewhere too.
2013-06-18 12:21:41 -05:00
Macil Tech
765e64ee38 m and n dash fix 2013-06-18 12:07:30 -05:00
Macil Tech
b078222ede Fix "Undefined index: sticky" and "locked" errors on new thread creation. 2013-06-18 12:00:26 -05:00
Macil Tech
b6fc7ca89d Fix broken entity removal in post truncation. 2013-06-18 11:16:15 -05:00
Macil Tech
be1e55b9d6 Fix result page after installing theme getting doubled up. 2013-06-18 11:14:02 -05:00
Macil Tech
6fd6b92fe8 Fix openBoard and boardTitle functions using same caching keys.
Added getBoardInfo function that's used by both of the above functions,
and can get a board's info without loading it.
2013-06-18 11:13:43 -05:00
Macil Tech
1d4fced75a pm_snippet() should probably use mb_substr if it's using mb_strlen. 2013-06-18 11:12:31 -05:00
Macil Tech
2fe79f6a61 Output times in UTC.
Let the client localize the times with js/local-time.js themselves. No
one cares what the server timezone is.

This fixes a bug where posts made in a different daylight savings mode
have their times displayed off by an hour. Their times would be rendered
to the server's own timezone area correctly, but then the server's
*current* utc-offset would be appended, which wouldn't match up.
2013-06-18 11:10:39 -05:00
Macil Tech
a92bb182d9 Fix display issues with RTL control characters in post names, subjects, and filenames. 2013-06-18 11:07:47 -05:00
Macil Tech
3bcc87caf2 Fix PM count caching.
cache::get() returns null if the key wasn't found (at least when using
the Redis cache backend).
2013-06-18 11:02:45 -05:00
55ch
9f00d86f1a Brazilian Portuguese translation for Tinyboard 2013-06-15 07:07:16 -04:00
czaks
258083e5cb Merge branch 'master' of https://github.com/savetheinternet/Tinyboard 2013-05-26 17:53:00 -04:00
undido
83401b3a68 update config.php config for unban limit
Adding config and error for unban list when a user tries to unban more users than they are allowed too.
2013-04-16 19:14:51 -03:00
undido
b4ff535128 update to pages.php minor exploit
A lot of bans can be removed from a tinyboard database because it isn't limited A staff member could select 100 users all at once with a simple javascript function and unban them all this needs to be limited because a staff member on an image board if they feel hostile they can just remove all bans on the tinyboard site easily without being limited to how many people they can unban at a time, this adds an option to limit it.
2013-04-16 19:09:58 -03:00
Fredrick
bb54605eb7 Fix per-board name not being used 2013-03-20 07:46:48 -04:00
Fredrick
53f710060d Fix truncation issue by no longer using HTML entities for Unicode characters 2013-03-17 07:00:55 -04:00
Michael Save
64ae123739 Mod log in ?/IP (ie. ban history) 2013-03-16 18:27:24 +11:00
Michael Save
1816218c64 Fix: Critical security vulnerability 2013-03-15 00:40:02 +11:00
Michael Save
2051018ba1 ... 2013-01-30 05:07:09 +11:00
Michael Save
5661e32b1c Instead of showing $config['error']['malformed'] on corrupt session, just go straight to the login form 2013-01-30 04:45:38 +11:00
Marcin Łabanowski
b4efebae55 Merge branch 'master' of https://github.com/savetheinternet/Tinyboard 2013-01-29 14:31:35 +01:00
Michael Save
45f9b51ad8 Merge branch 'master' of github.com:savetheinternet/Tinyboard 2013-01-29 22:17:46 +11:00