Merge branch 'master' of https://github.com/savetheinternet/Tinyboard

11 years ago · 258083e5cb
7 changed files with 102 additions and 27 deletions
--- a/inc/config.php
+++ b/inc/config.php
@ -900,8 +900,8 @@
 	$config['mod']['shadow_mesage'] = 'Moved to %s.';
 	// Capcode to use when posting the above message.
 	$config['mod']['shadow_capcode'] = 'Mod';
-	// Name to use when posting the above message.
-	$config['mod']['shadow_name'] = $config['anonymous'];
+	// Name to use when posting the above message. If false, the default board name will be used. If something else, that will be used.
+	$config['mod']['shadow_name'] = false;
 	
 	// Wait indefinitely when rebuilding everything
 	$config['mod']['rebuild_timelimit'] = 0;
@ -1028,6 +1028,9 @@
 	$config['mod']['createusers'] = ADMIN;
 	// View the moderation log
 	$config['mod']['modlog'] = ADMIN;
+	// View relevant moderation log entries on IP address pages (ie. ban history, etc.)
+	// Warning: Can be pretty resource exhaustive if your mod logs are huge.
+	$config['mod']['modlog_ip'] = MOD;
 	// Create a PM (viewing mod usernames)
 	$config['mod']['create_pm'] = JANITOR;
 	// Read any PM, sent to or from anybody
--- a/inc/functions.php
+++ b/inc/functions.php
@ -1494,7 +1494,7 @@ function markup(&$body, $track_cites = false) {
 }

 function utf8tohtml($utf8) {
-	return mb_encode_numericentity(htmlspecialchars($utf8, ENT_NOQUOTES, 'UTF-8'), array(0x80, 0xffff, 0, 0xffff), 'UTF-8');
+	return htmlspecialchars($utf8, ENT_NOQUOTES, 'UTF-8');
 }

 function buildThread($id, $return=false, $mod=false) {
--- a/inc/mod/auth.php
+++ b/inc/mod/auth.php
@ -98,8 +98,10 @@ if (isset($_COOKIE[$config['cookies']['mod']])) {
 	// Should be username:hash:salt
 	$cookie = explode(':', $_COOKIE[$config['cookies']['mod']]);
 	if (count($cookie) != 3) {
+		// Malformed cookies
 		destroyCookies();
-		error($config['error']['malformed']);
+		mod_login();
+		exit;
 	}
 	
 	$query = prepare("SELECT `id`, `type`, `boards`, `password` FROM `mods` WHERE `username` = :username LIMIT 1");
@ -111,7 +113,8 @@ if (isset($_COOKIE[$config['cookies']['mod']])) {
 	if ($cookie[1] !== mkhash($cookie[0], $user['password'], $cookie[2])) {
 		// Malformed cookies
 		destroyCookies();
-		error($config['error']['malformed']);
+		mod_login();
+		exit;
 	}
 	
 	$mod = array(
--- a/inc/mod/ban.php
+++ b/inc/mod/ban.php
@ -80,16 +80,25 @@ function ban($mask, $reason, $length, $board) {
 	
 	modLog('Created a new ' .
 		($length > 0 ? preg_replace('/^(\d+) (\w+?)s?$/', '$1-$2', until($length)) : 'permanent') .
-		' ban (<small>#' . $pdo->lastInsertId() . '</small>) for ' .
+		' ban on ' .
+		($board ? '/' . $board . '/' : 'all boards') .
+		' for ' .
 		(filter_var($mask, FILTER_VALIDATE_IP) !== false ? "<a href=\"?/IP/$mask\">$mask</a>" : utf8tohtml($mask)) .
+		' (<small>#' . $pdo->lastInsertId() . '</small>)' .
 		' with ' . ($reason ? 'reason: ' . utf8tohtml($reason) . '' : 'no reason'));
 }

-function unban($id) {	
+function unban($id) {
+	$query = prepare("SELECT `ip` FROM `bans` WHERE `id` = :id");
+	$query->bindValue(':id', $id);
+	$query->execute() or error(db_error($query));
+	$mask = $query->fetchColumn();
+		
 	$query = prepare("DELETE FROM `bans` WHERE `id` = :id");
 	$query->bindValue(':id', $id);
 	$query->execute() or error(db_error($query));
 	
-	modLog("Removed ban #{$id}");
+	if ($mask)
+		modLog("Removed ban #{$id} for " . (filter_var($mask, FILTER_VALIDATE_IP) !== false ? "<a href=\"?/IP/$mask\">$mask</a>" : utf8tohtml($mask)));
 }

--- a/inc/mod/pages.php
+++ b/inc/mod/pages.php
@ -114,26 +114,37 @@ function mod_dashboard() {
 		} else {
 			$ctx = stream_context_create(array('http' => array('timeout' => 5)));
 			if ($code = @file_get_contents('http://tinyboard.org/version.txt', 0, $ctx)) {
-				eval($code);
-				if (preg_match('/v(\d+)\.(\d)\.(\d+)(-dev.+)?$/', $config['version'], $matches)) {
-					$current = array(
-						'massive' => (int) $matches[1],
-						'major' => (int) $matches[2],
-						'minor' => (int) $matches[3]
+				$ver = strtok($code, "\n");
+				
+				if (preg_match('@^// v(\d+)\.(\d+)\.(\d+)\s*?$@', $ver, $matches)) {
+					$latest = array(
+						'massive' => $matches[1],
+						'major' => $matches[2],
+						'minor' => $matches[3]
 					);
-					if (isset($m[4])) { 
-						// Development versions are always ahead in the versioning numbers
-						$current['minor'] --;
-					}
-					// Check if it's newer
-					if (!(	$latest['massive'] > $current['massive'] ||
-						$latest['major'] > $current['major'] ||
-							($latest['massive'] == $current['massive'] &&
-								$latest['major'] == $current['major'] &&
-								$latest['minor'] > $current['minor']
-							)))
+					if (preg_match('/v(\d+)\.(\d)\.(\d+)(-dev.+)?$/', $config['version'], $matches)) {
+						$current = array(
+							'massive' => (int) $matches[1],
+							'major' => (int) $matches[2],
+							'minor' => (int) $matches[3]
+						);
+						if (isset($m[4])) { 
+							// Development versions are always ahead in the versioning numbers
+							$current['minor'] --;
+						}
+						// Check if it's newer
+						if (!(	$latest['massive'] > $current['massive'] ||
+							$latest['major'] > $current['major'] ||
+								($latest['massive'] == $current['massive'] &&
+									$latest['major'] == $current['major'] &&
+									$latest['minor'] > $current['minor']
+								)))
+							$latest = false;
+					} else {
 						$latest = false;
+					}
 				} else {
+					// Couldn't get latest version
 					$latest = false;
 				}
 			} else {
@ -589,6 +600,15 @@ function mod_page_ip($ip) {
 		$args['notes'] = $query->fetchAll(PDO::FETCH_ASSOC);
 	}
 	
+	if (hasPermission($config['mod']['modlog_ip'])) {
+		$query = prepare("SELECT `username`, `mod`, `ip`, `board`, `time`, `text` FROM `modlogs` LEFT JOIN `mods` ON `mod` = `mods`.`id` WHERE `text` LIKE :search ORDER BY `time` DESC LIMIT 20");
+		$query->bindValue(':search', '%' . $ip . '%');
+		$query->execute() or error(db_error($query));
+		$args['logs'] = $query->fetchAll(PDO::FETCH_ASSOC);
+	} else {
+		$args['logs'] = array();
+	}
+	
 	mod_page(sprintf('%s: %s', _('IP'), $ip), 'mod/view_ip.html', $args, $args['hostname']);
 }

@ -892,7 +912,7 @@ function mod_move($originBoard, $postID) {
 				'mod' => true,
 				'subject' => '',
 				'email' => '',
-				'name' => $config['mod']['shadow_name'],
+				'name' => (!$config['mod']['shadow_name'] ? $config['anonymous'] : $config['mod']['shadow_name']),
 				'capcode' => $config['mod']['shadow_capcode'],
 				'trip' => '',
 				'password' => '',
--- a/mod.php
+++ b/mod.php
@ -5,8 +5,8 @@
 */

 require 'inc/functions.php';
-require 'inc/mod/auth.php';
 require 'inc/mod/pages.php';
+require 'inc/mod/auth.php';

 // Fix for magic quotes
 if (get_magic_quotes_gpc()) {
--- a/templates/mod/view_ip.html
+++ b/templates/mod/view_ip.html
@ -161,3 +161,43 @@
 		{% include 'mod/ban_form.html' %}
 	</fieldset>
 {% endif %}
+
+{% if logs|count > 0  %}
+	<fieldset id="history">
+		<legend>History</legend>
+		<table class="modlog" style="width:100%">
+			<tr>
+				<th>{% trans 'Staff' %}</th>
+				<th>{% trans 'Time' %}</th>
+				<th>{% trans 'Board' %}</th>
+				<th>{% trans 'Action' %}</th>
+			</tr>
+			{% for log in logs %}
+				<tr>
+					<td class="minimal">
+						{% if log.username %}
+							<a href="?/log:{{ log.username|e }}">{{ log.username|e }}</a>
+						{% elseif log.mod == -1 %}
+							<em>system</em>
+						{% else %}
+							<em>{% trans 'deleted?' %}</em>
+						{% endif %}
+					</td>
+					<td class="minimal">
+						<span title="{{ log.time|date(config.post_date) }}">{{ log.time|ago }}</span>
+					</td>
+					<td class="minimal">
+						{% if log.board %}
+							<a href="?/{{ config.board_path|sprintf(log.board) }}{{ config.file_index }}">{{ config.board_abbreviation|sprintf(log.board) }}</a>
+						{% else %}
+							-
+						{% endif %}
+					</td>
+					<td>
+						{{ log.text }}
+					</td>
+				</tr>
+			{% endfor %}
+		</table>
+	</fieldset>
+{% endif %}