Source code of Leftypol imageboard
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

1978 lines
58 KiB

12 years ago
<?php
11 years ago
/*
* Copyright (c) 2010-2013 Tinyboard Development Group
11 years ago
*/
11 years ago
if (realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {
11 years ago
// You cannot request this file directly.
exit;
}
require_once 'inc/display.php';
require_once 'inc/template.php';
require_once 'inc/database.php';
require_once 'inc/events.php';
require_once 'inc/api.php';
11 years ago
require_once 'inc/lib/gettext/gettext.inc';
// the user is not currently logged in as a moderator
$mod = false;
register_shutdown_function('fatal_error_handler');
mb_internal_encoding('UTF-8');
loadConfig();
function loadConfig() {
global $board, $config, $__ip, $debug, $__version;
11 years ago
$error = function_exists('error') ? 'error' : 'basic_error_function_because_the_other_isnt_loaded_yet';
11 years ago
reset_events();
11 years ago
if (!isset($_SERVER['REMOTE_ADDR']))
11 years ago
$_SERVER['REMOTE_ADDR'] = '0.0.0.0';
$arrays = array(
'db',
'api',
'cache',
'cookies',
'error',
'dir',
'mod',
'spam',
'filters',
'wordfilters',
'custom_capcode',
'custom_tripcode',
'dnsbl',
'dnsbl_exceptions',
'remote',
'allowed_ext',
'allowed_ext_files',
'file_icons',
'footer',
'stylesheets',
'additional_javascript',
'markup',
'custom_pages',
'dashboard_links'
);
11 years ago
$config = array();
11 years ago
foreach ($arrays as $key) {
11 years ago
$config[$key] = array();
}
11 years ago
require 'inc/config.php';
11 years ago
if (!file_exists('inc/instance-config.php'))
11 years ago
$error('Tinyboard is not configured! Create inc/instance-config.php.');
11 years ago
require 'inc/instance-config.php';
11 years ago
if (isset($board['dir']) && file_exists($board['dir'] . '/config.php')) {
11 years ago
require $board['dir'] . '/config.php';
}
11 years ago
if (!isset($__version))
11 years ago
$__version = file_exists('.installed') ? trim(file_get_contents('.installed')) : false;
$config['version'] = $__version;
11 years ago
if ($config['debug']) {
if (!isset($debug)) {
$debug = array('sql' => array(), 'exec' => array(), 'purge' => array(), 'cached' => array(), 'write' => array());
11 years ago
$debug['start'] = microtime(true);
12 years ago
}
}
11 years ago
date_default_timezone_set($config['timezone']);
if (!isset($config['global_message']))
$config['global_message'] = false;
11 years ago
if (!isset($config['post_url']))
11 years ago
$config['post_url'] = $config['root'] . $config['file_post'];
11 years ago
if (!isset($config['referer_match']))
if (isset($_SERVER['HTTP_HOST'])) {
11 years ago
$config['referer_match'] = '/^' .
(preg_match($config['url_regex'], $config['root']) ? '' :
'https?:\/\/' . $_SERVER['HTTP_HOST']) .
preg_quote($config['root'], '/') .
'(' .
str_replace('%s', $config['board_regex'], preg_quote($config['board_path'], '/')) .
11 years ago
'(' .
preg_quote($config['file_index'], '/') . '|' .
str_replace('%d', '\d+', preg_quote($config['file_page'])) .
')?' .
'|' .
str_replace('%s', $config['board_regex'], preg_quote($config['board_path'], '/')) .
11 years ago
preg_quote($config['dir']['res'], '/') .
str_replace('%d', '\d+', preg_quote($config['file_page'], '/')) .
'|' .
preg_quote($config['file_mod'], '/') . '\?\/.+' .
')([#?](.+)?)?$/ui';
} else {
11 years ago
// CLI mode
$config['referer_match'] = '//';
}
11 years ago
if (!isset($config['cookies']['path']))
11 years ago
$config['cookies']['path'] = &$config['root'];
11 years ago
if (!isset($config['dir']['static']))
11 years ago
$config['dir']['static'] = $config['root'] . 'static/';
11 years ago
if (!isset($config['image_sticky']))
11 years ago
$config['image_sticky'] = $config['dir']['static'] . 'sticky.gif';
11 years ago
if (!isset($config['image_locked']))
11 years ago
$config['image_locked'] = $config['dir']['static'] . 'locked.gif';
11 years ago
if (!isset($config['image_bumplocked']))
11 years ago
$config['image_bumplocked'] = $config['dir']['static'] . 'sage.gif';
11 years ago
if (!isset($config['image_deleted']))
11 years ago
$config['image_deleted'] = $config['dir']['static'] . 'deleted.png';
11 years ago
if (!isset($config['uri_thumb']))
11 years ago
$config['uri_thumb'] = $config['root'] . $board['dir'] . $config['dir']['thumb'];
11 years ago
elseif (isset($board['dir']))
11 years ago
$config['uri_thumb'] = sprintf($config['uri_thumb'], $board['dir']);
11 years ago
if (!isset($config['uri_img']))
11 years ago
$config['uri_img'] = $config['root'] . $board['dir'] . $config['dir']['img'];
11 years ago
elseif (isset($board['dir']))
11 years ago
$config['uri_img'] = sprintf($config['uri_img'], $board['dir']);
11 years ago
if (!isset($config['uri_stylesheets']))
11 years ago
$config['uri_stylesheets'] = $config['root'] . 'stylesheets/';
11 years ago
if (!isset($config['url_stylesheet']))
11 years ago
$config['url_stylesheet'] = $config['uri_stylesheets'] . 'style.css';
11 years ago
if (!isset($config['url_javascript']))
11 years ago
$config['url_javascript'] = $config['root'] . $config['file_script'];
11 years ago
if (!isset($config['additional_javascript_url']))
11 years ago
$config['additional_javascript_url'] = $config['root'];
if (!isset($config['uri_flags']))
$config['uri_flags'] = $config['root'] . 'static/flags/%s.png';
11 years ago
if ($config['root_file']) {
11 years ago
chdir($config['root_file']);
11 years ago
}
11 years ago
11 years ago
if ($config['verbose_errors']) {
set_error_handler('verbose_error_handler');
11 years ago
error_reporting(E_ALL);
ini_set('display_errors', true);
ini_set('html_errors', false);
11 years ago
}
11 years ago
// Keep the original address to properly comply with other board configurations
11 years ago
if (!isset($__ip))
11 years ago
$__ip = $_SERVER['REMOTE_ADDR'];
11 years ago
// ::ffff:0.0.0.0
11 years ago
if (preg_match('/^\:\:(ffff\:)?(\d+\.\d+\.\d+\.\d+)$/', $__ip, $m))
11 years ago
$_SERVER['REMOTE_ADDR'] = $m[2];
11 years ago
if (_setlocale(LC_ALL, $config['locale']) === false) {
11 years ago
$error('The specified locale (' . $config['locale'] . ') does not exist on your platform!');
}
11 years ago
if (extension_loaded('gettext')) {
11 years ago
bindtextdomain('tinyboard', './inc/locale');
bind_textdomain_codeset('tinyboard', 'UTF-8');
textdomain('tinyboard');
} else {
_bindtextdomain('tinyboard', './inc/locale');
_bind_textdomain_codeset('tinyboard', 'UTF-8');
_textdomain('tinyboard');
}
11 years ago
if ($config['syslog'])
11 years ago
openlog('tinyboard', LOG_ODELAY, LOG_SYSLOG); // open a connection to sysem logger
11 years ago
if ($config['recaptcha'])
11 years ago
require_once 'inc/lib/recaptcha/recaptchalib.php';
11 years ago
if ($config['cache']['enabled'])
11 years ago
require_once 'inc/cache.php';
event('load-config');
11 years ago
}
function basic_error_function_because_the_other_isnt_loaded_yet($message, $priority = true) {
global $config;
11 years ago
if ($config['syslog'] && $priority !== false) {
11 years ago
// Use LOG_NOTICE instead of LOG_ERR or LOG_WARNING because most error message are not significant.
_syslog($priority !== true ? $priority : LOG_NOTICE, $message);
}
11 years ago
// Yes, this is horrible.
die('<!DOCTYPE html><html><head><title>Error</title>' .
'<style type="text/css">' .
'body{text-align:center;font-family:arial, helvetica, sans-serif;font-size:10pt;}' .
'p{padding:0;margin:20px 0;}' .
'p.c{font-size:11px;}' .
'</style></head>' .
'<body><h2>Error</h2>' . $message . '<hr/>' .
'<p class="c">This alternative error page is being displayed because the other couldn\'t be found or hasn\'t loaded yet.</p></body></html>');
}
function fatal_error_handler() {
11 years ago
if ($error = error_get_last()) {
if ($error['type'] == E_ERROR) {
if (function_exists('error')) {
11 years ago
error('Caught fatal error: ' . $error['message'] . ' in <strong>' . $error['file'] . '</strong> on line ' . $error['line'], LOG_ERR);
} else {
basic_error_function_because_the_other_isnt_loaded_yet('Caught fatal error: ' . $error['message'] . ' in ' . $error['file'] . ' on line ' . $error['line'], LOG_ERR);
}
12 years ago
}
}
11 years ago
}
11 years ago
11 years ago
function _syslog($priority, $message) {
11 years ago
if (isset($_SERVER['REMOTE_ADDR'], $_SERVER['REQUEST_METHOD'], $_SERVER['REQUEST_URI'])) {
11 years ago
// CGI
syslog($priority, $message . ' - client: ' . $_SERVER['REMOTE_ADDR'] . ', request: "' . $_SERVER['REQUEST_METHOD'] . ' ' . $_SERVER['REQUEST_URI'] . '"');
} else {
syslog($priority, $message);
}
}
11 years ago
function verbose_error_handler($errno, $errstr, $errfile, $errline) {
if (error_reporting() == 0)
return false; // Looks like this warning was suppressed by the @ operator.
error(utf8tohtml($errstr), true, array(
'file' => $errfile . ':' . $errline,
'errno' => $errno,
'error' => $errstr,
'backtrace' => array_slice(debug_backtrace(), 1)
));
}
function create_antibot($board, $thread = null) {
require_once dirname(__FILE__) . '/anti-bot.php';
return _create_antibot($board, $thread);
}
11 years ago
function rebuildThemes($action, $board = false) {
11 years ago
// List themes
$query = query("SELECT `theme` FROM ``theme_settings`` WHERE `name` IS NULL AND `value` IS NULL") or error(db_error());
10 years ago
9 years ago
while ($theme = $query->fetch(PDO::FETCH_ASSOC)) {
rebuildTheme($theme['theme'], $action, $board);
11 years ago
}
}
function loadThemeConfig($_theme) {
global $config;
11 years ago
if (!file_exists($config['dir']['themes'] . '/' . $_theme . '/info.php'))
11 years ago
return false;
// Load theme information into $theme
include $config['dir']['themes'] . '/' . $_theme . '/info.php';
return $theme;
}
function rebuildTheme($theme, $action, $board = false) {
11 years ago
global $config, $_theme;
$_theme = $theme;
$theme = loadThemeConfig($_theme);
11 years ago
if (file_exists($config['dir']['themes'] . '/' . $_theme . '/theme.php')) {
11 years ago
require_once $config['dir']['themes'] . '/' . $_theme . '/theme.php';
$theme['build_function']($action, themeSettings($_theme), $board);
11 years ago
}
}
function themeSettings($theme) {
$query = prepare("SELECT `name`, `value` FROM ``theme_settings`` WHERE `theme` = :theme AND `name` IS NOT NULL");
11 years ago
$query->bindValue(':theme', $theme);
$query->execute() or error(db_error($query));
$settings = array();
9 years ago
while ($s = $query->fetch(PDO::FETCH_ASSOC)) {
11 years ago
$settings[$s['name']] = $s['value'];
}
return $settings;
}
function sprintf3($str, $vars, $delim = '%') {
$replaces = array();
11 years ago
foreach ($vars as $k => $v) {
11 years ago
$replaces[$delim . $k . $delim] = $v;
}
return str_replace(array_keys($replaces),
array_values($replaces), $str);
11 years ago
}
function mb_substr_replace($string, $replacement, $start, $length) {
return mb_substr($string, 0, $start) . $replacement . mb_substr($string, $start + $length);
}
11 years ago
function setupBoard($array) {
global $board, $config;
11 years ago
$board = array(
'uri' => $array['uri'],
'title' => $array['title'],
'subtitle' => $array['subtitle']
);
// older versions
$board['name'] = &$board['title'];
11 years ago
$board['dir'] = sprintf($config['board_path'], $board['uri']);
$board['url'] = sprintf($config['board_abbreviation'], $board['uri']);
11 years ago
loadConfig();
11 years ago
if (!file_exists($board['dir']))
@mkdir($board['dir'], 0777) or error("Couldn't create " . $board['dir'] . ". Check permissions.", true);
11 years ago
if (!file_exists($board['dir'] . $config['dir']['img']))
@mkdir($board['dir'] . $config['dir']['img'], 0777)
or error("Couldn't create " . $board['dir'] . $config['dir']['img'] . ". Check permissions.", true);
11 years ago
if (!file_exists($board['dir'] . $config['dir']['thumb']))
@mkdir($board['dir'] . $config['dir']['thumb'], 0777)
or error("Couldn't create " . $board['dir'] . $config['dir']['img'] . ". Check permissions.", true);
11 years ago
if (!file_exists($board['dir'] . $config['dir']['res']))
@mkdir($board['dir'] . $config['dir']['res'], 0777)
or error("Couldn't create " . $board['dir'] . $config['dir']['img'] . ". Check permissions.", true);
11 years ago
}
function openBoard($uri) {
global $config, $build_pages;
if ($config['try_smarter'])
$build_pages = array();
$board = getBoardInfo($uri);
if ($board) {
setupBoard($board);
return true;
}
return false;
}
function getBoardInfo($uri) {
11 years ago
global $config;
10 years ago
11 years ago
if ($config['cache']['enabled'] && ($board = cache::get('board_' . $uri))) {
return $board;
}
$query = prepare("SELECT * FROM ``boards`` WHERE `uri` = :uri LIMIT 1");
11 years ago
$query->bindValue(':uri', $uri);
$query->execute() or error(db_error($query));
9 years ago
if ($board = $query->fetch(PDO::FETCH_ASSOC)) {
11 years ago
if ($config['cache']['enabled'])
11 years ago
cache::set('board_' . $uri, $board);
return $board;
10 years ago
}
return false;
11 years ago
}
11 years ago
11 years ago
function boardTitle($uri) {
$board = getBoardInfo($uri);
if ($board)
11 years ago
return $board['title'];
10 years ago
return false;
11 years ago
}
function purge($uri) {
global $config, $debug;
// Fix for Unicode
$uri = rawurlencode($uri);
$noescape = "/!~*()+:";
$noescape = preg_split('//', $noescape);
$noescape_url = array_map("rawurlencode", $noescape);
$uri = str_replace($noescape_url, $noescape, $uri);
if (preg_match($config['referer_match'], $config['root']) && isset($_SERVER['REQUEST_URI'])) {
11 years ago
$uri = (str_replace('\\', '/', dirname($_SERVER['REQUEST_URI'])) == '/' ? '/' : str_replace('\\', '/', dirname($_SERVER['REQUEST_URI'])) . '/') . $uri;
} else {
$uri = $config['root'] . $uri;
}
11 years ago
if ($config['debug']) {
11 years ago
$debug['purge'][] = $uri;
}
11 years ago
foreach ($config['purge'] as &$purge) {
11 years ago
$host = &$purge[0];
$port = &$purge[1];
$http_host = isset($purge[2]) ? $purge[2] : (isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : 'localhost');
11 years ago
$request = "PURGE {$uri} HTTP/1.1\r\nHost: {$http_host}\r\nUser-Agent: Tinyboard\r\nConnection: Close\r\n\r\n";
11 years ago
if ($fp = fsockopen($host, $port, $errno, $errstr, $config['purge_timeout'])) {
11 years ago
fwrite($fp, $request);
fclose($fp);
} else {
11 years ago
// Cannot connect?
error('Could not PURGE for ' . $host);
}
}
11 years ago
}
function file_write($path, $data, $simple = false, $skip_purge = false) {
global $config, $debug;
11 years ago
if (preg_match('/^remote:\/\/(.+)\:(.+)$/', $path, $m)) {
if (isset($config['remote'][$m[1]])) {
11 years ago
require_once 'inc/remote.php';
11 years ago
$remote = new Remote($config['remote'][$m[1]]);
$remote->write($data, $m[2]);
return;
} else {
error('Invalid remote server: ' . $m[1]);
}
}
11 years ago
if (!$fp = fopen($path, $simple ? 'w' : 'c'))
11 years ago
error('Unable to open file for writing: ' . $path);
11 years ago
// File locking
11 years ago
if (!$simple && !flock($fp, LOCK_EX)) {
11 years ago
error('Unable to lock file: ' . $path);
}
11 years ago
// Truncate file
11 years ago
if (!$simple && !ftruncate($fp, 0))
11 years ago
error('Unable to truncate file: ' . $path);
11 years ago
// Write data
if (($bytes = fwrite($fp, $data)) === false)
11 years ago
error('Unable to write to file: ' . $path);
11 years ago
// Unlock
11 years ago
if (!$simple)
11 years ago
flock($fp, LOCK_UN);
11 years ago
// Close
11 years ago
if (!fclose($fp))
11 years ago
error('Unable to close file: ' . $path);
if (!$skip_purge && isset($config['purge'])) {
11 years ago
// Purge cache
11 years ago
if (basename($path) == $config['file_index']) {
11 years ago
// Index file (/index.html); purge "/" as well
$uri = dirname($path);
// root
11 years ago
if ($uri == '.')
11 years ago
$uri = '';
else
$uri .= '/';
purge($uri);
12 years ago
}
11 years ago
purge($path);
12 years ago
}
if ($config['debug']) {
$debug['write'][] = $path . ': ' . $bytes . ' bytes';
}
11 years ago
event('write', $path);
}
function file_unlink($path) {
global $config, $debug;
11 years ago
if ($config['debug']) {
if (!isset($debug['unlink']))
11 years ago
$debug['unlink'] = array();
$debug['unlink'][] = $path;
}
11 years ago
$ret = @unlink($path);
11 years ago
if (isset($config['purge']) && $path[0] != '/' && isset($_SERVER['HTTP_HOST'])) {
11 years ago
// Purge cache
11 years ago
if (basename($path) == $config['file_index']) {
11 years ago
// Index file (/index.html); purge "/" as well
$uri = dirname($path);
// root
11 years ago
if ($uri == '.')
11 years ago
$uri = '';
else
$uri .= '/';
purge($uri);
12 years ago
}
11 years ago
purge($path);
12 years ago
}
11 years ago
event('unlink', $path);
11 years ago
return $ret;
}
function hasPermission($action = null, $board = null, $_mod = null) {
global $config;
11 years ago
if (isset($_mod))
11 years ago
$mod = &$_mod;
else
global $mod;
11 years ago
if (!is_array($mod))
11 years ago
return false;
11 years ago
if (isset($action) && $mod['type'] < $action)
11 years ago
return false;
11 years ago
if (!isset($board) || $config['mod']['skip_per_board'])
11 years ago
return true;
11 years ago
if (!isset($mod['boards']))
11 years ago
return false;
11 years ago
if (!in_array('*', $mod['boards']) && !in_array($board, $mod['boards']))
11 years ago
return false;
11 years ago
return true;
}
function listBoards() {
global $config;
11 years ago
if ($config['cache']['enabled'] && ($boards = cache::get('all_boards')))
11 years ago
return $boards;
$query = query("SELECT * FROM ``boards`` ORDER BY `uri`") or error(db_error());
11 years ago
$boards = $query->fetchAll();
11 years ago
if ($config['cache']['enabled'])
11 years ago
cache::set('all_boards', $boards);
11 years ago
return $boards;
}
function checkFlood($post) {
global $board, $config;
$query = prepare(sprintf("SELECT * FROM ``posts_%s`` WHERE (`ip` = :ip AND `time` >= :floodtime) OR (`ip` = :ip AND `body` != '' AND `body` = :body AND `time` >= :floodsameiptime) OR (`body` != '' AND `body` = :body AND `time` >= :floodsametime) LIMIT 1", $board['uri']));
11 years ago
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
$query->bindValue(':body', $post['body']);
11 years ago
$query->bindValue(':floodtime', time()-$config['flood_time'], PDO::PARAM_INT);
$query->bindValue(':floodsameiptime', time()-$config['flood_time_ip'], PDO::PARAM_INT);
$query->bindValue(':floodsametime', time()-$config['flood_time_same'], PDO::PARAM_INT);
$query->execute() or error(db_error($query));
9 years ago
$flood = (bool) $query->fetch(PDO::FETCH_ASSOC);
11 years ago
if (event('check-flood', $post))
11 years ago
return true;
11 years ago
return $flood;
}
function until($timestamp) {
$difference = $timestamp - time();
11 years ago
if ($difference < 60) {
return $difference . ' ' . ngettext('second', 'seconds', $difference);
11 years ago
} elseif ($difference < 60*60) {
return ($num = round($difference/(60))) . ' ' . ngettext('minute', 'minutes', $num);
11 years ago
} elseif ($difference < 60*60*24) {
return ($num = round($difference/(60*60))) . ' ' . ngettext('hour', 'hours', $num);
11 years ago
} elseif ($difference < 60*60*24*7) {
return ($num = round($difference/(60*60*24))) . ' ' . ngettext('day', 'days', $num);
11 years ago
} elseif ($difference < 60*60*24*365) {
return ($num = round($difference/(60*60*24*7))) . ' ' . ngettext('week', 'weeks', $num);
11 years ago
}
10 years ago
return ($num = round($difference/(60*60*24*365))) . ' ' . ngettext('year', 'years', $num);
11 years ago
}
function ago($timestamp) {
$difference = time() - $timestamp;
11 years ago
if ($difference < 60) {
return $difference . ' ' . ngettext('second', 'seconds', $difference);
11 years ago
} elseif ($difference < 60*60) {
return ($num = round($difference/(60))) . ' ' . ngettext('minute', 'minutes', $num);
11 years ago
} elseif ($difference < 60*60*24) {
return ($num = round($difference/(60*60))) . ' ' . ngettext('hour', 'hours', $num);
11 years ago
} elseif ($difference < 60*60*24*7) {
return ($num = round($difference/(60*60*24))) . ' ' . ngettext('day', 'days', $num);
11 years ago
} elseif ($difference < 60*60*24*365) {
return ($num = round($difference/(60*60*24*7))) . ' ' . ngettext('week', 'weeks', $num);
11 years ago
}
10 years ago
return ($num = round($difference/(60*60*24*365))) . ' ' . ngettext('year', 'years', $num);
11 years ago
}
function displayBan($ban) {
global $config;
if (!$ban['seen']) {
$query = prepare("UPDATE ``bans`` SET `seen` = 1 WHERE `id` = :id");
$query->bindValue(':id', $ban['id'], PDO::PARAM_INT);
$query->execute() or error(db_error($query));
}
11 years ago
$ban['ip'] = $_SERVER['REMOTE_ADDR'];
11 years ago
// Show banned page and exit
die(
Element('page.html', array(
'title' => _('Banned!'),
11 years ago
'config' => $config,
'body' => Element('banned.html', array(
'config' => $config,
11 years ago
'ban' => $ban
)
))
));
}
function checkBan($board = 0) {
global $config;
11 years ago
if (!isset($_SERVER['REMOTE_ADDR'])) {
11 years ago
// Server misconfiguration
return;