462 lines
13 KiB
PHP
462 lines
13 KiB
PHP
<?php
|
|
|
|
/*
|
|
* Copyright (c) 2010-2013 Tinyboard Development Group
|
|
*/
|
|
|
|
if (realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {
|
|
// You cannot request this file directly.
|
|
exit;
|
|
}
|
|
|
|
/*
|
|
joaoptm78@gmail.com
|
|
http://www.php.net/manual/en/function.filesize.php#100097
|
|
*/
|
|
function format_bytes($size) {
|
|
$units = array(' B', ' KB', ' MB', ' GB', ' TB');
|
|
for ($i = 0; $size >= 1024 && $i < 4; $i++) $size /= 1024;
|
|
return round($size, 2).$units[$i];
|
|
}
|
|
|
|
function doBoardListPart($list, $root, &$boards) {
|
|
global $config;
|
|
|
|
$body = '';
|
|
foreach ($list as $key => $board) {
|
|
if (is_array($board))
|
|
$body .= ' <span class="sub" data-description="' . $key . '">[' . doBoardListPart($board, $root, $boards) . ']</span> ';
|
|
else {
|
|
if (gettype($key) == 'string') {
|
|
$body .= ' <a href="' . $board . '">' . $key . '</a> /';
|
|
} else {
|
|
$title = '';
|
|
if (isset ($boards[$board])) {
|
|
$title = ' title="'.$boards[$board].'"';
|
|
}
|
|
|
|
$body .= ' <a href="' . $root . $board . '/' . $config['file_index'] . '"'.$title.'>' . $board . '</a> /';
|
|
}
|
|
}
|
|
}
|
|
$body = preg_replace('/\/$/', '', $body);
|
|
|
|
return $body;
|
|
}
|
|
|
|
function createBoardlist($mod=false) {
|
|
global $config;
|
|
|
|
if (!isset($config['boards'])) return array('top'=>'','bottom'=>'');
|
|
|
|
$xboards = listBoards();
|
|
$boards = array();
|
|
foreach ($xboards as $val) {
|
|
$boards[$val['uri']] = $val['title'];
|
|
}
|
|
|
|
$body = doBoardListPart($config['boards'], $mod?'?/':$config['root'], $boards);
|
|
|
|
if ($config['boardlist_wrap_bracket'] && !preg_match('/\] $/', $body))
|
|
$body = '[' . $body . ']';
|
|
|
|
$body = trim($body);
|
|
|
|
// Message compact-boardlist.js faster, so that page looks less ugly during loading
|
|
$top = "<script type='text/javascript'>if (typeof do_boardlist != 'undefined') do_boardlist();</script>";
|
|
|
|
return array(
|
|
'top' => '<div class="boardlist">' . $body . '</div>' . $top,
|
|
'bottom' => '<div class="boardlist bottom">' . $body . '</div>'
|
|
);
|
|
}
|
|
|
|
function error($message, $priority = true, $debug_stuff = false) {
|
|
global $board, $mod, $config, $db_error;
|
|
|
|
if ($config['syslog'] && $priority !== false) {
|
|
// Use LOG_NOTICE instead of LOG_ERR or LOG_WARNING because most error message are not significant.
|
|
_syslog($priority !== true ? $priority : LOG_NOTICE, $message);
|
|
}
|
|
|
|
if (defined('STDIN')) {
|
|
// Running from CLI
|
|
echo('Error: ' . $message . "\n");
|
|
debug_print_backtrace(DEBUG_BACKTRACE_IGNORE_ARGS);
|
|
die();
|
|
}
|
|
|
|
if ($config['debug'] && isset($db_error)) {
|
|
$debug_stuff = array_combine(array('SQLSTATE', 'Error code', 'Error message'), $db_error);
|
|
}
|
|
|
|
if ($config['debug']) {
|
|
$debug_stuff['backtrace'] = debug_backtrace();
|
|
}
|
|
|
|
// Return the bad request header, necessary for AJAX posts
|
|
// czaks: is it really so? the ajax errors only work when this is commented out
|
|
// better yet use it when ajax is disabled
|
|
if (!isset ($_POST['json_response'])) {
|
|
header($_SERVER['SERVER_PROTOCOL'] . ' 400 Bad Request');
|
|
}
|
|
|
|
// Is there a reason to disable this?
|
|
if (isset($_POST['json_response'])) {
|
|
header('Content-Type: text/json; charset=utf-8');
|
|
die(json_encode(array(
|
|
'error' => $message
|
|
)));
|
|
}
|
|
|
|
$pw = $config['db']['password'];
|
|
$debug_callback = function(&$item) use (&$debug_callback, $pw) {
|
|
global $config;
|
|
if (is_array($item)) {
|
|
$item = array_filter($item, $debug_callback);
|
|
}
|
|
return ($item !== $pw || !$pw);
|
|
};
|
|
|
|
|
|
$debug_stuff = array_filter($debug_stuff, $debug_callback);
|
|
|
|
die(Element('page.html', array(
|
|
'config' => $config,
|
|
'title' => _('Error'),
|
|
'subtitle' => _('An error has occured.'),
|
|
'body' => Element('error.html', array(
|
|
'config' => $config,
|
|
'message' => $message,
|
|
'mod' => $mod,
|
|
'board' => isset($board) ? $board : false,
|
|
'debug' => is_array($debug_stuff) ? str_replace("\n", ' ', utf8tohtml(print_r($debug_stuff, true))) : utf8tohtml($debug_stuff)
|
|
))
|
|
)));
|
|
}
|
|
|
|
function loginForm($error=false, $username=false, $redirect=false) {
|
|
global $config;
|
|
|
|
die(Element('page.html', array(
|
|
'index' => $config['root'],
|
|
'title' => _('Login'),
|
|
'config' => $config,
|
|
'body' => Element('login.html', array(
|
|
'config'=>$config,
|
|
'error'=>$error,
|
|
'username'=>utf8tohtml($username),
|
|
'redirect'=>$redirect
|
|
)
|
|
)
|
|
)));
|
|
}
|
|
|
|
function pm_snippet($body, $len=null) {
|
|
global $config;
|
|
|
|
if (!isset($len))
|
|
$len = &$config['mod']['snippet_length'];
|
|
|
|
// Replace line breaks with some whitespace
|
|
$body = preg_replace('@<br/?>@i', ' ', $body);
|
|
|
|
// Strip tags
|
|
$body = strip_tags($body);
|
|
|
|
// Unescape HTML characters, to avoid splitting them in half
|
|
$body = html_entity_decode($body, ENT_COMPAT, 'UTF-8');
|
|
|
|
// calculate strlen() so we can add "..." after if needed
|
|
$strlen = mb_strlen($body);
|
|
|
|
$body = mb_substr($body, 0, $len);
|
|
|
|
// Re-escape the characters.
|
|
return '<em>' . utf8tohtml($body) . ($strlen > $len ? '…' : '') . '</em>';
|
|
}
|
|
|
|
function capcode($cap) {
|
|
global $config;
|
|
|
|
if (!$cap)
|
|
return false;
|
|
|
|
$capcode = array();
|
|
if (isset($config['custom_capcode'][$cap])) {
|
|
if (is_array($config['custom_capcode'][$cap])) {
|
|
$capcode['cap'] = sprintf($config['custom_capcode'][$cap][0], $cap);
|
|
if (isset($config['custom_capcode'][$cap][1]))
|
|
$capcode['name'] = $config['custom_capcode'][$cap][1];
|
|
if (isset($config['custom_capcode'][$cap][2]))
|
|
$capcode['trip'] = $config['custom_capcode'][$cap][2];
|
|
} else {
|
|
$capcode['cap'] = sprintf($config['custom_capcode'][$cap], $cap);
|
|
}
|
|
} else {
|
|
$capcode['cap'] = sprintf($config['capcode'], $cap);
|
|
}
|
|
|
|
return $capcode;
|
|
}
|
|
|
|
function truncate($body, $url, $max_lines = false, $max_chars = false) {
|
|
global $config;
|
|
|
|
if ($max_lines === false)
|
|
$max_lines = $config['body_truncate'];
|
|
if ($max_chars === false)
|
|
$max_chars = $config['body_truncate_char'];
|
|
|
|
// We don't want to risk truncating in the middle of an HTML comment.
|
|
// It's easiest just to remove them all first.
|
|
$body = preg_replace('/<!--.*?-->/s', '', $body);
|
|
|
|
$original_body = $body;
|
|
|
|
$lines = substr_count($body, '<br/>');
|
|
|
|
// Limit line count
|
|
if ($lines > $max_lines) {
|
|
if (preg_match('/(((.*?)<br\/>){' . $max_lines . '})/', $body, $m))
|
|
$body = $m[0];
|
|
}
|
|
|
|
$body = mb_substr($body, 0, $max_chars);
|
|
|
|
if ($body != $original_body) {
|
|
// Remove any corrupt tags at the end
|
|
$body = preg_replace('/<([\w]+)?([^>]*)?$/', '', $body);
|
|
|
|
// Open tags
|
|
if (preg_match_all('/<([\w]+)[^>]*>/', $body, $open_tags)) {
|
|
|
|
$tags = array();
|
|
for ($x=0;$x<count($open_tags[0]);$x++) {
|
|
if (!preg_match('/\/(\s+)?>$/', $open_tags[0][$x]))
|
|
$tags[] = $open_tags[1][$x];
|
|
}
|
|
|
|
// List successfully closed tags
|
|
if (preg_match_all('/(<\/([\w]+))>/', $body, $closed_tags)) {
|
|
for ($x=0;$x<count($closed_tags[0]);$x++) {
|
|
unset($tags[array_search($closed_tags[2][$x], $tags)]);
|
|
}
|
|
}
|
|
|
|
// remove broken HTML entity at the end (if existent)
|
|
$body = preg_replace('/&[^;]+$/', '', $body);
|
|
|
|
$tags_no_close_needed = array("colgroup", "dd", "dt", "li", "optgroup", "option", "p", "tbody", "td", "tfoot", "th", "thead", "tr", "br", "img");
|
|
|
|
// Close any open tags
|
|
foreach ($tags as &$tag) {
|
|
if (!in_array($tag, $tags_no_close_needed))
|
|
$body .= "</{$tag}>";
|
|
}
|
|
} else {
|
|
// remove broken HTML entity at the end (if existent)
|
|
$body = preg_replace('/&[^;]*$/', '', $body);
|
|
}
|
|
|
|
$body .= '<span class="toolong">'.sprintf(_('Post too long. Click <a href="%s">here</a> to view the full text.'), $url).'</span>';
|
|
}
|
|
|
|
return $body;
|
|
}
|
|
|
|
function bidi_cleanup($data) {
|
|
// Closes all embedded RTL and LTR unicode formatting blocks in a string so that
|
|
// it can be used inside another without controlling its direction.
|
|
|
|
$explicits = '\xE2\x80\xAA|\xE2\x80\xAB|\xE2\x80\xAD|\xE2\x80\xAE';
|
|
$pdf = '\xE2\x80\xAC';
|
|
|
|
preg_match_all("!$explicits!", $data, $m1, PREG_OFFSET_CAPTURE | PREG_SET_ORDER);
|
|
preg_match_all("!$pdf!", $data, $m2, PREG_OFFSET_CAPTURE | PREG_SET_ORDER);
|
|
|
|
if (count($m1) || count($m2)){
|
|
|
|
$p = array();
|
|
foreach ($m1 as $m){ $p[$m[0][1]] = 'push'; }
|
|
foreach ($m2 as $m){ $p[$m[0][1]] = 'pop'; }
|
|
ksort($p);
|
|
|
|
$offset = 0;
|
|
$stack = 0;
|
|
foreach ($p as $pos => $type){
|
|
|
|
if ($type == 'push'){
|
|
$stack++;
|
|
}else{
|
|
if ($stack){
|
|
$stack--;
|
|
}else{
|
|
# we have a pop without a push - remove it
|
|
$data = substr($data, 0, $pos-$offset)
|
|
.substr($data, $pos+3-$offset);
|
|
$offset += 3;
|
|
}
|
|
}
|
|
}
|
|
|
|
# now add some pops if your stack is bigger than 0
|
|
for ($i=0; $i<$stack; $i++){
|
|
$data .= "\xE2\x80\xAC";
|
|
}
|
|
|
|
return $data;
|
|
}
|
|
|
|
return $data;
|
|
}
|
|
|
|
function secure_link_confirm($text, $title, $confirm_message, $href) {
|
|
global $config;
|
|
|
|
return '<a onclick="if (event.which==2) return true;if (confirm(\'' . htmlentities(addslashes($confirm_message)) . '\')) document.location=\'?/' . htmlspecialchars(addslashes($href . '/' . make_secure_link_token($href))) . '\';return false;" title="' . htmlentities($title) . '" href="?/' . $href . '">' . $text . '</a>';
|
|
}
|
|
function secure_link($href) {
|
|
return $href . '/' . make_secure_link_token($href);
|
|
}
|
|
|
|
function embed_html($link) {
|
|
global $config;
|
|
|
|
foreach ($config['embedding'] as $embed) {
|
|
if ($html = preg_replace($embed[0], $embed[1], $link)) {
|
|
if ($html == $link)
|
|
continue; // Nope
|
|
|
|
$html = str_replace('%%tb_width%%', $config['embed_width'], $html);
|
|
$html = str_replace('%%tb_height%%', $config['embed_height'], $html);
|
|
|
|
return $html;
|
|
}
|
|
}
|
|
|
|
if ($link[0] == '<') {
|
|
// Prior to v0.9.6-dev-8, HTML code for embedding was stored in the database instead of the link.
|
|
return $link;
|
|
}
|
|
|
|
return 'Embedding error.';
|
|
}
|
|
|
|
class Post {
|
|
public function __construct($post, $root=null, $mod=false) {
|
|
global $config;
|
|
if (!isset($root))
|
|
$root = &$config['root'];
|
|
|
|
foreach ($post as $key => $value) {
|
|
$this->{$key} = $value;
|
|
}
|
|
|
|
if (isset($this->files))
|
|
$this->files = json_decode($this->files);
|
|
|
|
$this->subject = utf8tohtml($this->subject);
|
|
$this->name = utf8tohtml($this->name);
|
|
$this->mod = $mod;
|
|
$this->root = $root;
|
|
|
|
if ($this->embed)
|
|
$this->embed = embed_html($this->embed);
|
|
|
|
$this->modifiers = extract_modifiers($this->body_nomarkup);
|
|
|
|
if ($config['always_regenerate_markup']) {
|
|
$this->body = $this->body_nomarkup;
|
|
markup($this->body);
|
|
}
|
|
|
|
if ($this->mod)
|
|
// Fix internal links
|
|
// Very complicated regex
|
|
$this->body = preg_replace(
|
|
'/<a((([a-zA-Z]+="[^"]+")|[a-zA-Z]+=[a-zA-Z]+|\s)*)href="' . preg_quote($config['root'], '/') . '(' . sprintf(preg_quote($config['board_path'], '/'), $config['board_regex']) . ')/u',
|
|
'<a $1href="?/$4',
|
|
$this->body
|
|
);
|
|
}
|
|
public function link($pre = '') {
|
|
global $config, $board;
|
|
|
|
return $this->root . $board['dir'] . $config['dir']['res'] . sprintf($config['file_page'], $this->thread) . '#' . $pre . $this->id;
|
|
}
|
|
|
|
public function build($index=false) {
|
|
global $board, $config;
|
|
|
|
return Element('post_reply.html', array('config' => $config, 'board' => $board, 'post' => &$this, 'index' => $index, 'mod' => $this->mod));
|
|
}
|
|
};
|
|
|
|
class Thread {
|
|
public function __construct($post, $root = null, $mod = false, $hr = true) {
|
|
global $config;
|
|
if (!isset($root))
|
|
$root = &$config['root'];
|
|
|
|
foreach ($post as $key => $value) {
|
|
$this->{$key} = $value;
|
|
}
|
|
|
|
if (isset($this->files))
|
|
$this->files = json_decode($this->files);
|
|
|
|
$this->subject = utf8tohtml($this->subject);
|
|
$this->name = utf8tohtml($this->name);
|
|
$this->mod = $mod;
|
|
$this->root = $root;
|
|
$this->hr = $hr;
|
|
|
|
$this->posts = array();
|
|
$this->omitted = 0;
|
|
$this->omitted_images = 0;
|
|
|
|
if ($this->embed)
|
|
$this->embed = embed_html($this->embed);
|
|
|
|
$this->modifiers = extract_modifiers($this->body_nomarkup);
|
|
|
|
if ($config['always_regenerate_markup']) {
|
|
$this->body = $this->body_nomarkup;
|
|
markup($this->body);
|
|
}
|
|
|
|
if ($this->mod)
|
|
// Fix internal links
|
|
// Very complicated regex
|
|
$this->body = preg_replace(
|
|
'/<a((([a-zA-Z]+="[^"]+")|[a-zA-Z]+=[a-zA-Z]+|\s)*)href="' . preg_quote($config['root'], '/') . '(' . sprintf(preg_quote($config['board_path'], '/'), $config['board_regex']) . ')/u',
|
|
'<a $1href="?/$4',
|
|
$this->body
|
|
);
|
|
}
|
|
public function link($pre = '') {
|
|
global $config, $board;
|
|
|
|
return $this->root . $board['dir'] . $config['dir']['res'] . sprintf($config['file_page'], $this->id) . '#' . $pre . $this->id;
|
|
}
|
|
public function add(Post $post) {
|
|
$this->posts[] = $post;
|
|
}
|
|
public function postCount() {
|
|
return count($this->posts) + $this->omitted;
|
|
}
|
|
public function build($index=false, $isnoko50=false) {
|
|
global $board, $config, $debug;
|
|
|
|
$hasnoko50 = $this->postCount() >= $config['noko50_min'];
|
|
|
|
event('show-thread', $this);
|
|
|
|
$built = Element('post_thread.html', array('config' => $config, 'board' => $board, 'post' => &$this, 'index' => $index, 'hasnoko50' => $hasnoko50, 'isnoko50' => $isnoko50, 'mod' => $this->mod));
|
|
|
|
return $built;
|
|
}
|
|
};
|
|
|