Source code of Leftypol imageboard
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

1634 lines
54 KiB

12 years ago
<?php
if($_SERVER['SCRIPT_FILENAME'] == str_replace('\\', '/', __FILE__)) {
// You cannot request this file directly.
header('Location: ../', true, 302);
exit;
}
loadConfig();
function loadConfig() {
12 years ago
global $board, $config, $__ip;
require 'config.php';
if (file_exists('inc/instance-config.php')) {
require 'instance-config.php';
}
if(isset($board['dir']) && file_exists($board['dir'] . '/config.php')) {
require $board['dir'] . '/config.php';
}
if(!isset($config['url_stylesheet']))
$config['url_stylesheet'] = $config['root'] . 'style.css';
if(!isset($config['url_javascript']))
12 years ago
$config['url_javascript'] = $config['root'] . 'main.js';
if(!isset($config['post_url']))
12 years ago
$config['post_url'] = $config['root'] . $config['file_post'];
if(!isset($config['url_match']))
$config['url_match'] = '/^' .
(preg_match($config['url_regex'], $config['root']) ? '' :
(isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] && $_SERVER['HTTPS'] != 'off' ? 'https' : 'http') .
':\/\/'.$_SERVER['HTTP_HOST']) .
preg_quote($config['root'], '/') .
'(' .
str_replace('%s', '\w{1,8}', preg_quote($config['board_path'], '/')) .
'|' .
str_replace('%s', '\w{1,8}', preg_quote($config['board_path'], '/')) .
preg_quote($config['file_index'], '/') .
'|' .
str_replace('%s', '\w{1,8}', preg_quote($config['board_path'], '/')) .
str_replace('%d', '\d+', preg_quote($config['file_page'], '/')) .
'|' .
preg_quote($config['file_mod'], '/') .
'\?\/.+' .
')$/i';
if(!isset($config['cookies']['path']))
$config['cookies']['path'] = $config['root'];
if(!isset($config['dir']['static']))
12 years ago
$config['dir']['static'] = $config['root'] . 'static/';
if(!isset($config['image_sticky']))
12 years ago
$config['image_sticky'] = $config['dir']['static'] . 'sticky.gif';
if(!isset($config['image_locked']))
12 years ago
$config['image_locked'] = $config['dir']['static'] . 'locked.gif';
if(!isset($config['image_deleted']))
12 years ago
$config['image_deleted'] = $config['dir']['static'] . 'deleted.png';
if(!isset($config['image_zip']))
12 years ago
$config['image_zip'] = $config['dir']['static'] . 'zip.png';
if(!isset($config['uri_thumb']))
$config['uri_thumb'] = $config['root'] . $board['dir'] . $config['dir']['thumb'];
else
$config['uri_thumb'] = sprintf($config['uri_thumb'], $board['dir']);
if(!isset($config['uri_img']))
$config['uri_img'] = $config['root'] . $board['dir'] . $config['dir']['img'];
else
$config['uri_img'] = sprintf($config['uri_img'], $board['dir']);
12 years ago
if(!isset($config['uri_stylesheets']))
$config['uri_stylesheets'] = $config['root'];
if($config['root_file']) {
chdir($config['root_file']);
}
if($config['verbose_errors']) {
error_reporting(E_ALL);
ini_set('display_errors', 1);
}
12 years ago
if($config['ipv6_ipv4'] && isset($_SERVER['REMOTE_ADDR'])) {
12 years ago
// Keep the original address to properly comply with other board configurations
12 years ago
if(!isset($__ip))
$__ip = $_SERVER['REMOTE_ADDR'];
// ::ffff:0.0.0.0
if(preg_match('/^\:\:(ffff\:)?(\d+\.\d+\.\d+\.\d+)$/', $__ip, $m))
12 years ago
$_SERVER['REMOTE_ADDR'] = $m[2];
12 years ago
}
if($config['memcached']['enabled'])
memcached_open();
}
function basic_error_function_because_the_other_isnt_loaded_yet($message) {
if(function_exists('sql_close')) sql_close();
// Yes, this is horrible.
die('<!DOCTYPE html><html><head><title>Error</title>' .
'<style type="text/css">' .
'body{text-align:center;font-family:arial, helvetica, sans-serif;font-size:10pt;}' .
'p{padding:0;margin:20px 0;}' .
'p.c{font-size:11px;}' .
'</style></head>' .
'<body><h2>Error</h2>' . $message . '<hr/>' .
'<p class="c">This alternative error page is being displayed because the other couldn\'t be found or hasn\'t loaded yet.</p></body></html>');
}
12 years ago
function fatal_error_handler() {
if($error = error_get_last()) {
12 years ago
if($error['type'] == E_ERROR) {
if(function_exists('error')) {
error('Caught fatal error: ' . $error['message'] . ' in <strong>' . $error['file'] . '</strong> on line ' . $error['line']);
} else {
header('Content-Type: text/plain');
echo 'Caught fatal error: ' . $error['message'] . ' in ' . $error['file'] . ' on line ' . $error['line'];
}
}
12 years ago
}
}
12 years ago
register_shutdown_function('fatal_error_handler');
12 years ago
// Memcached
function memcached_open() {
global $memcached, $config;
if($memcached) return;
$memcached = new Memcached();
$memcached->addServers($config['memcached']['servers']);
}
function loadThemeConfig($_theme) {
global $config;
12 years ago
if(!file_exists($config['dir']['homepage'] . '/' . $_theme . '/info.php'))
return false;
// Load theme information into $theme
12 years ago
include $config['dir']['homepage'] . '/' . $_theme . '/info.php';
return $theme;
}
function rebuildTheme($action) {
12 years ago
global $config, $_theme;
12 years ago
12 years ago
$query = query("SELECT `value` AS `theme` FROM `theme_settings` WHERE `name` = 'theme'") or error(db_error());
if($theme = $query->fetch()) {
// A theme is installed
12 years ago
$_theme = $theme['theme'];
$theme = loadThemeConfig($_theme);
12 years ago
12 years ago
if(file_exists($config['dir']['homepage'] . '/' . $_theme . '/theme.php')) {
include $config['dir']['homepage'] . '/' . $_theme . '/theme.php';
$theme['build_function']($action, themeSettings());
}
12 years ago
}
}
function themeSettings() {
$query = query("SELECT * FROM `theme_settings`") or error(db_error());
$settings = Array();
while($s = $query->fetch()) {
$settings[$s['name']] = $s['value'];
}
return $settings;
}
function sprintf3($str, $vars, $delim = '%') {
$replaces = array();
foreach($vars as $k => $v) {
$replaces[$delim . $k . $delim] = $v;
}
return str_replace(array_keys($replaces),
array_values($replaces), $str);
}
function setupBoard($array) {
global $board, $config;
$board = Array(
'id' => $array['id'],
'uri' => $array['uri'],
'name' => $array['title'],
'title' => $array['subtitle']);
$board['dir'] = sprintf($config['board_path'], $board['uri']);
$board['url'] = sprintf($config['board_abbreviation'], $board['uri']);
loadConfig();
if(!file_exists($board['dir'])) mkdir($board['dir'], 0777);
if(!file_exists($board['dir'] . $config['dir']['img'])) @mkdir($board['dir'] . $config['dir']['img'], 0777) or error("Couldn't create " . $config['dir']['img'] . ". Check permissions.", true);
if(!file_exists($board['dir'] . $config['dir']['thumb'])) @mkdir($board['dir'] . $config['dir']['thumb'], 0777) or error("Couldn't create " . $config['dir']['thumb'] . ". Check permissions.", true);
if(!file_exists($board['dir'] . $config['dir']['res'])) @mkdir($board['dir'] . $config['dir']['res'], 0777) or error("Couldn't create " . $config['dir']['res'] . ". Check permissions.", true);
}
function openBoard($uri) {
$query = prepare("SELECT * FROM `boards` WHERE `uri` = :uri LIMIT 1");
$query->bindValue(':uri', $uri);
$query->execute() or error(db_error($query));
if($board = $query->fetch()) {
setupBoard($board);
return true;
} else return false;
}
function listBoards() {
$query = query("SELECT * FROM `boards` ORDER BY `uri`") or error(db_error());
$boards = $query->fetchAll();
return $boards;
}
12 years ago
function checkFlood($post) {
global $board, $config;
12 years ago
$query = prepare(sprintf("SELECT * FROM `posts_%s` WHERE (`ip` = :ip AND `time` >= :floodtime) OR (`ip` = :ip AND `body` = :body AND `time` >= :floodsameiptime) OR (`body` = :body AND `time` >= :floodsametime) LIMIT 1", $board['uri']));
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
$query->bindValue(':body', $post['body'], PDO::PARAM_INT);
$query->bindValue(':floodtime', time()-$config['flood_time'], PDO::PARAM_INT);
$query->bindValue(':floodsameiptime', time()-$config['flood_time_ip'], PDO::PARAM_INT);
$query->bindValue(':floodsametime', time()-$config['flood_time_same'], PDO::PARAM_INT);
12 years ago
$query->execute() or error(db_error($query));
return (bool)$query->fetch();
}
12 years ago
function until($timestamp) {
$difference = $timestamp - time();
if($difference < 60) {
return $difference . ' second' . ($difference != 1 ? 's' : '');
} elseif($difference < 60*60) {
return ($num = round($difference/(60))) . ' minute' . ($num != 1 ? 's' : '');
} elseif($difference < 60*60*24) {
return ($num = round($difference/(60*60))) . ' hour' . ($num != 1 ? 's' : '');
} elseif($difference < 60*60*24*7) {
return ($num = round($difference/(60*60*24))) . ' day' . ($num != 1 ? 's' : '');
} elseif($difference < 60*60*24*365) {
12 years ago
return ($num = round($difference/(60*60*24*7))) . ' week' . ($num != 1 ? 's' : '');
12 years ago
} else {
return ($num = round($difference/(60*60*24*365))) . ' year' . ($num != 1 ? 's' : '');
}
}
function ago($timestamp) {
$difference = time() - $timestamp;
if($difference < 60) {
return $difference . ' second' . ($difference != 1 ? 's' : '');
} elseif($difference < 60*60) {
return ($num = round($difference/(60))) . ' minute' . ($num != 1 ? 's' : '');
} elseif($difference < 60*60*24) {
return ($num = round($difference/(60*60))) . ' hour' . ($num != 1 ? 's' : '');
} elseif($difference < 60*60*24*7) {
return ($num = round($difference/(60*60*24))) . ' day' . ($num != 1 ? 's' : '');
} elseif($difference < 60*60*24*365) {
return ($num = round($difference/(60*60*24*7))) . ' week' . ($num != 1 ? 's' : '');
12 years ago
} else {
return ($num = round($difference/(60*60*24*365))) . ' year' . ($num != 1 ? 's' : '');
12 years ago
}
}
function formatDate($timestamp) {
return date('jS F, Y', $timestamp);
}
function displayBan($ban) {
global $config;
$body = '<div class="ban">
12 years ago
<h2>You are banned! ;_;</h2>
<p>You have been banned ' .
($ban['reason'] ? 'for the following reason:' : 'for an unspecified reason.') .
'</p>' .
($ban['reason'] ?
'<p class="reason">' .
$ban['reason'] .
'</p>'
: '') .
'<p>Your ban was filed on <strong>' .
formatDate($ban['set']) .
'</strong>, and <span id="expires">' .
12 years ago
($ban['expires'] ?
'expires <span id="countdown">' . until($ban['expires']) . '</span> from now, which is on <strong>' .
12 years ago
formatDate($ban['expires']) .
'</strong>
<script>
// return date("jS F, Y", $timestamp);
var secondsLeft = ' . ($ban['expires'] - time()) . '
var end = new Date().getTime() + secondsLeft*1000;
function updateExpiresTime() {
countdown.firstChild.nodeValue = until(end);
}
function until(end) {
var now = new Date().getTime();
var diff = Math.round((end - now) / 1000); // in seconds
if (diff < 0) {
document.getElementById("expires").innerHTML = "has since expired. Refresh the page to continue.";
//location.reload(true);
clearInterval(int);
return "";
} else if (diff < 60) {
return diff + " second" + (diff == 1 ? "" : "s");
} else if (diff < 60*60) {
return (num = Math.round(diff/(60))) + " minute" + (num == 1 ? "" : "s");
} else if (diff < 60*60*24) {
return (num = Math.round(diff/(60*60))) + " hour" + (num == 1 ? "" : "s");
} else if (diff < 60*60*24*7) {
return (num = Math.round(diff/(60*60*24))) + " day" + (num == 1 ? "" : "s");
} else if (diff < 60*60*24*365) {
return (num = Math.round(diff/(60*60*24*7))) + " week" + (num == 1 ? "" : "s");
} else {
return (num = Math.round(diff/(60*60*24*365))) + " year" + (num == 1 ? "" : "s");
}
}
var countdown = document.getElementById("countdown");
updateExpiresTime();
var int = setInterval(updateExpiresTime, 1000);
</script>'
: '<em>will not expire</em>.' ) .
'</span></p>
12 years ago
<p>Your IP address is <strong>' . $_SERVER['REMOTE_ADDR'] . '</strong>.</p>
</div>';
// Show banned page and exit
die(Element('page.html', Array(
'config' => $config,
'title' => 'Banned',
'subtitle' => 'You are banned!',
'body' => $body
)
));
}
function checkBan() {
global $config, $memcached;
if(!isset($_SERVER['REMOTE_ADDR'])) {
// Server misconfiguration
return;
}
if($config['memcached']['enabled']) {
// Cached ban?
if($ban = $memcached->get("ban_${_SERVER['REMOTE_ADDR']}")) {
displayBan($ban);
}
}
$query = prepare("SELECT * FROM `bans` WHERE `ip` = :ip ORDER BY `expires` IS NULL DESC, `expires` DESC, `expires` DESC LIMIT 1");
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
$query->execute() or error(db_error($query));
if($query->rowCount() < 1 && $config['ban_range']) {
$query = prepare("SELECT * FROM `bans` WHERE :ip REGEXP CONCAT('^', REPLACE(REPLACE(`ip`, '.', '\\.'), '*', '[0-9]*'), '$') ORDER BY `expires` IS NULL DESC, `expires` DESC LIMIT 1");
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
$query->execute() or error(db_error($query));
}
if($ban = $query->fetch()) {
if($ban['expires'] && $ban['expires'] < time()) {
// Ban expired
$query = prepare("DELETE FROM `bans` WHERE `ip` = :ip AND `expires` = :expires LIMIT 1");
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
$query->bindValue(':expires', $ban['expires'], PDO::PARAM_INT);
$query->execute() or error(db_error($query));
if($config['ban_range']) {
$query = prepare("DELETE FROM `bans` WHERE :ip REGEXP CONCAT('^', REPLACE(REPLACE(`ip`, '.', '\\.'), '*', '[0-9a-f]*'), '$') AND `expires` = :expires LIMIT 1");
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
$query->bindValue(':expires', $ban['expires'], PDO::PARAM_INT);
$query->execute() or error(db_error($query));
}
return;
}
12 years ago
if($config['memcached']['enabled'])
$memcached->set("ban_${_SERVER['REMOTE_ADDR']}", $ban, $ban['expires']);
displayBan($ban);
12 years ago
}
}
function threadLocked($id) {
global $board;
$query = prepare(sprintf("SELECT `locked` FROM `posts_%s` WHERE `id` = :id AND `thread` IS NULL LIMIT 1", $board['uri']));
$query->bindValue(':id', $id, PDO::PARAM_INT);
$query->execute() or error(db_error());
if(!$post = $query->fetch()) {
// Non-existant, so it can't be locked...
return false;
}
return (bool) $post['locked'];
}
function threadExists($id) {
global $board;
$query = prepare(sprintf("SELECT 1 FROM `posts_%s` WHERE `id` = :id AND `thread` IS NULL LIMIT 1", $board['uri']));
$query->bindValue(':id', $id, PDO::PARAM_INT);
$query->execute() or error(db_error());
if($query->rowCount()) {
return true;
} else return false;
}
function post($post, $OP) {
global $pdo, $board;
12 years ago
$query = prepare(sprintf("INSERT INTO `posts_%s` VALUES ( NULL, :thread, :subject, :email, :name, :trip, :capcode, :body, :time, :time, :thumb, :thumbwidth, :thumbheight, :file, :width, :height, :filesize, :filename, :filehash, :password, :ip, :sticky, :locked, :embed)", $board['uri']));
// Basic stuff
$query->bindValue(':subject', $post['subject']);
$query->bindValue(':email', $post['email']);
$query->bindValue(':name', $post['name']);
$query->bindValue(':trip', $post['trip']);
$query->bindValue(':body', $post['body']);
$query->bindValue(':time', time(), PDO::PARAM_INT);
$query->bindValue(':password', $post['password']);
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
if($post['mod'] && $post['sticky']) {
$query->bindValue(':sticky', 1, PDO::PARAM_INT);
} else {
$query->bindValue(':sticky', 0, PDO::PARAM_INT);
}
12 years ago
if($post['mod'] && $post['locked']) {
$query->bindValue(':locked', 1, PDO::PARAM_INT);
} else {
$query->bindValue(':locked', 0, PDO::PARAM_INT);
}
if($post['mod'] && $post['capcode']) {
$query->bindValue(':capcode', $post['capcode'], PDO::PARAM_INT);
} else {
$query->bindValue(':capcode', NULL, PDO::PARAM_NULL);
}
12 years ago
if(!empty($post['embed'])) {
$query->bindValue(':embed', $post['embed']);
} else {
$query->bindValue(':embed', NULL, PDO::PARAM_NULL);
}
if($OP) {
// No parent thread, image
$query->bindValue(':thread', null, PDO::PARAM_NULL);
} else {
$query->bindValue(':thread', $post['thread'], PDO::PARAM_INT);
}
if($post['has_file']) {
$query->bindValue(':thumb', $post['thumb']);
$query->bindValue(':thumbwidth', $post['thumbwidth'], PDO::PARAM_INT);
$query->bindValue(':thumbheight', $post['thumbheight'], PDO::PARAM_INT);
$query->bindValue(':file', $post['file']);
$query->bindValue(':width', $post['width'], PDO::PARAM_INT);
$query->bindValue(':height', $post['height'], PDO::PARAM_INT);
$query->bindValue(':filesize', $post['filesize'], PDO::PARAM_INT);
$query->bindValue(':filename', $post['filename']);
12 years ago
$query->bindValue(':filehash', $post['file']);
} else {
$query->bindValue(':thumb', null, PDO::PARAM_NULL);
$query->bindValue(':thumbwidth', null, PDO::PARAM_NULL);
$query->bindValue(':thumbheight', null, PDO::PARAM_NULL);
$query->bindValue(':file', null, PDO::PARAM_NULL);
$query->bindValue(':width', null, PDO::PARAM_NULL);
$query->bindValue(':height', null, PDO::PARAM_NULL);
$query->bindValue(':filesize', null, PDO::PARAM_NULL);
$query->bindValue(':filename', null, PDO::PARAM_NULL);
$query->bindValue(':filehash', null, PDO::PARAM_NULL);
}
$query->execute() or error(db_error($query));
return $pdo->lastInsertId();
}
function bumpThread($id) {
global $board;
$query = prepare(sprintf("UPDATE `posts_%s` SET `bump` = :time WHERE `id` = :id AND `thread` IS NULL", $board['uri']));
$query->bindValue(':time', time(), PDO::PARAM_INT);
$query->bindValue(':id', $id, PDO::PARAM_INT);
$query->execute() or error(db_error($query));
}
12 years ago
12 years ago
// Remove file from post
function deleteFile($id, $remove_entirely_if_already=true) {
global $board, $config;
12 years ago
$query = prepare(sprintf("SELECT `thread`,`thumb`,`file` FROM `posts_%s` WHERE `id` = :id AND `thread` IS NOT NULL LIMIT 1", $board['uri']));
$query->bindValue(':id', $id, PDO::PARAM_INT);
$query->execute() or error(db_error($query));
if($query->rowCount() < 1) {
error($config['error']['invalidpost']);
12 years ago
}
$post = $query->fetch();
$query = prepare(sprintf("UPDATE `posts_%s` SET `thumb` = NULL, `thumbwidth` = NULL, `thumbheight` = NULL, `filewidth` = NULL, `fileheight` = NULL, `filesize` = NULL, `filename` = NULL, `filehash` = NULL, `file` = :file WHERE `id` = :id OR `thread` = :id", $board['uri']));
if($post['file'] == 'deleted' && $remove_entirely_if_already) {
// Already deleted; remove file fully
$query->bindValue(':file', null, PDO::PARAM_NULL);
} else {
// Delete thumbnail
@unlink($board['dir'] . $config['dir']['thumb'] . $post['thumb']);
12 years ago
// Delete file
@unlink($board['dir'] . $config['dir']['img'] . $post['file']);
12 years ago
// Set file to 'deleted'
$query->bindValue(':file', 'deleted', PDO::PARAM_INT);
}
// Update database
$query->bindValue(':id', $id, PDO::PARAM_INT);
$query->execute() or error(db_error($query));
buildThread($post['thread']);
}
12 years ago
// Delete a post (reply or thread)
function deletePost($id, $error_if_doesnt_exist=true) {
global $board, $config;
12 years ago
// Select post and replies (if thread) in one query
$query = prepare(sprintf("SELECT `id`,`thread`,`thumb`,`file` FROM `posts_%s` WHERE `id` = :id OR `thread` = :id", $board['uri']));
$query->bindValue(':id', $id, PDO::PARAM_INT);
$query->execute() or error(db_error($query));
if($query->rowCount() < 1) {
if($error_if_doesnt_exist)
error($config['error']['invalidpost']);
else return false;
12 years ago
}
// Delete posts and maybe replies
while($post = $query->fetch()) {
if(!$post['thread']) {
// Delete thread HTML page
@unlink($board['dir'] . $config['dir']['res'] . sprintf($config['file_page'], $post['id']));
12 years ago
} elseif($query->rowCount() == 1) {
// Rebuild thread
$rebuild = $post['thread'];
}
if($post['thumb']) {
// Delete thumbnail
@unlink($board['dir'] . $config['dir']['thumb'] . $post['thumb']);
12 years ago
}
if($post['file']) {
// Delete file
@unlink($board['dir'] . $config['dir']['img'] . $post['file']);
12 years ago
}
}
$query = prepare(sprintf("DELETE FROM `posts_%s` WHERE `id` = :id OR `thread` = :id", $board['uri']));
$query->bindValue(':id', $id, PDO::PARAM_INT);
$query->execute() or error(db_error($query));
if(isset($rebuild)) {
buildThread($rebuild);
}
return true;
12 years ago
}
function clean() {
global $board, $config;
$offset = round($config['max_pages']*$config['threads_per_page']);
12 years ago
// I too wish there was an easier way of doing this...
$query = prepare(sprintf("SELECT `id` FROM `posts_%s` WHERE `thread` IS NULL ORDER BY `sticky` DESC, `bump` DESC LIMIT :offset, 9001", $board['uri']));
$query->bindValue(':offset', $offset, PDO::PARAM_INT);
$query->execute() or error(db_error($query));
while($post = $query->fetch()) {
deletePost($post['id']);
}
}
function index($page, $mod=false) {
global $board, $config, $memcached;
12 years ago
$body = '';
$offset = round($page*$config['threads_per_page']-$config['threads_per_page']);
$query = prepare(sprintf("SELECT * FROM `posts_%s` WHERE `thread` IS NULL ORDER BY `sticky` DESC, `bump` DESC LIMIT ?,?", $board['uri']));
$query->bindValue(1, $offset, PDO::PARAM_INT);
$query->bindValue(2, $config['threads_per_page'], PDO::PARAM_INT);
$query->execute() or error(db_error($query));
if($query->rowcount() < 1 && $page > 1) return false;
while($th = $query->fetch()) {
12 years ago
$thread = new Thread($th['id'], $th['subject'], $th['email'], $th['name'], $th['trip'], $th['capcode'], $th['body'], $th['time'], $th['thumb'], $th['thumbwidth'], $th['thumbheight'], $th['file'], $th['filewidth'], $th['fileheight'], $th['filesize'], $th['filename'], $th['ip'], $th['sticky'], $th['locked'], $th['embed'], $mod ? '?/' : $config['root'], $mod);
if($config['memcached']['enabled'] && !$mod) {
if($built = $memcached->get("theadindex_{$th['id']}")) {
$body .= $built;
continue;
}
}
12 years ago
$posts = prepare(sprintf("SELECT * FROM `posts_%s` WHERE `thread` = ? ORDER BY `id` DESC LIMIT ?", $board['uri']));
$posts->bindValue(1, $th['id']);
$posts->bindValue(2, ($th['sticky'] ? $config['threads_preview_sticky'] : $config['threads_preview']), PDO::PARAM_INT);
$posts->execute() or error(db_error($posts));
$num_images = 0;
while($po = $posts->fetch()) {
if($po['file'])
$num_images++;
12 years ago
$thread->add(new Post($po['id'], $th['id'], $po['subject'], $po['email'], $po['name'], $po['trip'], $po['capcode'], $po['body'], $po['time'], $po['thumb'], $po['thumbwidth'], $po['thumbheight'], $po['file'], $po['filewidth'], $po['fileheight'], $po['filesize'], $po['filename'], $po['ip'], $po['embed'], $mod ? '?/' : $config['root'], $mod));
}
if($posts->rowCount() == ($th['sticky'] ? $config['threads_preview_sticky'] : $config['threads_preview'])) {
$count = prepare(sprintf("SELECT COUNT(`id`) as `num` FROM `posts_%s` WHERE `thread` = :thread UNION ALL SELECT COUNT(`id`) FROM `posts_%s` WHERE `file` IS NOT NULL AND `thread` = :thread", $board['uri'], $board['uri']));
$count->bindValue(':thread', $th['id'], PDO::PARAM_INT);
$count->execute() or error(db_error($count));
$c = $count->fetch();
$thread->omitted = $c['num'] - ($th['sticky'] ? $config['threads_preview_sticky'] : $config['threads_preview']);
$c = $count->fetch();
$thread->omitted_images = $c['num'] - $num_images;
12 years ago
}
12 years ago
$thread->posts = array_reverse($thread->posts);
$built = '<div id="thread_' . $thread->id . '">' . $thread->build(true) . '</div>';
if($config['memcached']['enabled'] && !$mod) {
$memcached->set("theadindex_{$th['id']}", $built, time() + $config['memcached']['timeout']);
}
$body .= $built;
12 years ago
}
12 years ago
return Array(
'board'=>$board,
'body'=>$body,
'post_url' => $config['post_url'],
'config' => $config,
12 years ago
'boardlist' => createBoardlist($mod)
);
12 years ago
}
12 years ago
function getPageButtons($pages, $mod=false) {
global $config, $board;
$btn = Array();
$root = ($mod ? '?/' : $config['root']) . $board['dir'];
foreach($pages as $num => $page) {
if(isset($page['selected'])) {
// Previous button
if($num == 0) {
// There is no previous page.
$btn['prev'] = 'Previous';
} else {
$loc = ($mod ? '?/' . $board['uri'] . '/' : '') .
($num == 1 ?
$config['file_index']
:
sprintf($config['file_page'], $num)
);
$btn['prev'] = '<form action="' . ($mod ? '' : $root . $loc) . '" method="get">' .
($mod ?
'<input type="hidden" name="status" value="301" />' .
'<input type="hidden" name="r" value="' . htmlentities($loc) . '" />'
:'') .
'<input type="submit" value="Previous" /></form>';
}
if($num == count($pages) - 1) {
// There is no next page.
$btn['next'] = 'Next';
} else {
$loc = ($mod ? '?/' . $board['uri'] . '/' : '') . sprintf($config['file_page'], $num + 2);
$btn['next'] = '<form action="' . ($mod ? '' : $root . $loc) . '" method="get">' .
($mod ?
'<input type="hidden" name="status" value="301" />' .
'<input type="hidden" name="r" value="' . htmlentities($loc) . '" />'
:'') .
'<input type="submit" value="Next" /></form>';
}
}
}
return $btn;
}
12 years ago
function getPages($mod=false) {
global $board, $config;
12 years ago
// Count threads
$query = query(sprintf("SELECT COUNT(`id`) as `num` FROM `posts_%s` WHERE `thread` IS NULL", $board['uri'])) or error(db_error());
$count = current($query->fetch());
$count = floor(($config['threads_per_page'] + $count - 1) / $config['threads_per_page']);
if($count < 1) $count = 1;
12 years ago
$pages = Array();
for($x=0;$x<$count && $x<$config['max_pages'];$x++) {
$pages[] = Array(
'num' => $x+1,
'link' => $x==0 ? ($mod ? '?/' : $config['root']) . $board['dir'] . $config['file_index'] : ($mod ? '?/' : $config['root']) . $board['dir'] . sprintf($config['file_page'], $x+1)
);
12 years ago
}
return $pages;
}
12 years ago
function makerobot($body) {
global $config;
12 years ago
$body = strtolower($body);
// Leave only letters
$body = preg_replace('/[^a-z]/i', '', $body);
// Remove repeating characters
if($config['robot_strip_repeating'])
12 years ago
$body = preg_replace('/(.)\\1+/', '$1', $body);
return sha1($body);
}
function checkRobot($body) {
$body = makerobot($body);
$query = prepare("SELECT 1 FROM `robot` WHERE `hash` = :hash LIMIT 1");
$query->bindValue(':hash', $body);
$query->execute() or error(db_error($query));
12 years ago
if($query->fetch()) {
return true;
} else {
// Insert new hash
$query = prepare("INSERT INTO `robot` VALUES (:hash)");
$query->bindValue(':hash', $body);
$query->execute() or error(db_error($query));
return false;
}
}
function numPosts($id) {
global $board;
$query = prepare(sprintf("SELECT COUNT(*) as `count` FROM `posts_%s` WHERE `thread` = :thread", $board['uri']));
$query->bindValue(':thread', $id, PDO::PARAM_INT);
$query->execute() or error(db_error($query));
$result = $query->fetch();
return $result['count'];
}
function muteTime() {
global $config;
// Find number of mutes in the past X hours
$query = prepare("SELECT COUNT(*) as `count` FROM `mutes` WHERE `time` >= :time AND `ip` = :ip");
$query->bindValue(':time', time()-($config['robot_mute_hour']*3600), PDO::PARAM_INT);
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
$query->execute() or error(db_error($query));
$result = $query->fetch();
if($result['count'] == 0) return 0;
return pow($config['robot_mute_multiplier'], $result['count']);
}
function mute() {
// Insert mute
$query = prepare("INSERT INTO `mutes` VALUES (:ip, :time)");
$query->bindValue(':time', time(), PDO::PARAM_INT);
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
$query->execute() or error(db_error($query));
return muteTime();
}
function checkMute() {
global $config, $memcached;
if($config['memcached']['enabled']) {
// Cached mute?
if(($mute = $memcached->get("mute_${_SERVER['REMOTE_ADDR']}")) && ($mutetime = $memcached->get("mutetime_${_SERVER['REMOTE_ADDR']}"))) {
error(sprintf($config['error']['youaremuted'], $mute['time'] + $mutetime - time()));
}
}
$mutetime = muteTime();
if($mutetime > 0) {
// Find last mute time
$query = prepare("SELECT `time` FROM `mutes` WHERE `ip` = :ip ORDER BY `time` DESC LIMIT 1");
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
$query->execute() or error(db_error($query));
if(!$mute = $query->fetch()) {
// What!? He's muted but he's not muted...
return;
}
if($mute['time'] + $mutetime > time()) {
if($config['memcached']['enabled']) {
$memcached->set("mute_${_SERVER['REMOTE_ADDR']}", $mute, $mute['time'] + $mutetime);
$memcached->set("mutetime_${_SERVER['REMOTE_ADDR']}", $mutetime, $mute['time'] + $mutetime);
}
// Not expired yet
error(sprintf($config['error']['youaremuted'], $mute['time'] + $mutetime - time()));
} else {
// Already expired
return;
}
}
}
12 years ago
function createHiddenInputs() {
global $config;
$inputs = Array();
shuffle($config['spam']['hidden_input_names']);
$hidden_input_names_x = 0;
$input_count = rand($config['spam']['hidden_inputs_min'], $config['spam']['hidden_inputs_max']);
for($x=0;$x<$input_count;$x++) {
if(rand(0, 2) == 0 || $hidden_input_names_x < 0) {
// Use an obscure name
$name = substr(base64_encode(sha1(rand())), 0, rand(2, 40));
} else {
// Use a pre-defined confusing name
$name = $config['spam']['hidden_input_names'][$hidden_input_names_x++];
if($hidden_input_names_x >= count($config['spam']['hidden_input_names']))
12 years ago
$hidden_input_names_x = -1;
}
if(rand(0, 2) == 0) {
// Value must be null
$inputs[$name] = '';
} elseif(rand(0, 4) == 0) {
// Numeric value
$inputs[$name] = rand(0, 100);
} else {
// Obscure value
$inputs[$name] = substr(base64_encode(sha1(rand())), 0, rand(2, 40));
}
}
$content = '';
foreach($inputs as $name => $value) {
$display_type = rand(0, 8);
switch($display_type) {
case 0:
$content .= '<input type="hidden" name="' . htmlspecialchars($name) . '" value="' . htmlspecialchars($value) . '" />';
break;
case 1:
$content .= '<input style="display:none" name="' . htmlspecialchars($name) . '" value="' . htmlspecialchars($value) . '" />';
break;
case 2:
$content .= '<input type="hidden" value="' . htmlspecialchars($value) . '" name="' . htmlspecialchars($name) . '" />';
break;
case 3:
$content .= '<input type="hidden" name="' . htmlspecialchars($name) . '" value="' . htmlspecialchars($value) . '" />';
break;
case 4:
$content .= '<span style="display:none"><input type="text" name="' . htmlspecialchars($name) . '" value="' . htmlspecialchars($value) . '" /></span>';
break;
case 5:
$content .= '<div style="display:none"><input type="text" name="' . htmlspecialchars($name) . '" value="' . htmlspecialchars($value) . '" /></div>';
break;
case 6:
if(!empty($value))
$content .= '<textarea style="display:none" name="' . htmlspecialchars($name) . '">' . htmlspecialchars($value) . '</textarea>';
else