diff --git a/inc/config.php b/inc/config.php index 913a5686..4a413fd6 100644 --- a/inc/config.php +++ b/inc/config.php @@ -900,8 +900,8 @@ $config['mod']['shadow_mesage'] = 'Moved to %s.'; // Capcode to use when posting the above message. $config['mod']['shadow_capcode'] = 'Mod'; - // Name to use when posting the above message. - $config['mod']['shadow_name'] = $config['anonymous']; + // Name to use when posting the above message. If false, the default board name will be used. If something else, that will be used. + $config['mod']['shadow_name'] = false; // Wait indefinitely when rebuilding everything $config['mod']['rebuild_timelimit'] = 0; @@ -1028,6 +1028,9 @@ $config['mod']['createusers'] = ADMIN; // View the moderation log $config['mod']['modlog'] = ADMIN; + // View relevant moderation log entries on IP address pages (ie. ban history, etc.) + // Warning: Can be pretty resource exhaustive if your mod logs are huge. + $config['mod']['modlog_ip'] = MOD; // Create a PM (viewing mod usernames) $config['mod']['create_pm'] = JANITOR; // Read any PM, sent to or from anybody diff --git a/inc/functions.php b/inc/functions.php index 5cf539ce..6e98283d 100644 --- a/inc/functions.php +++ b/inc/functions.php @@ -1494,7 +1494,7 @@ function markup(&$body, $track_cites = false) { } function utf8tohtml($utf8) { - return mb_encode_numericentity(htmlspecialchars($utf8, ENT_NOQUOTES, 'UTF-8'), array(0x80, 0xffff, 0, 0xffff), 'UTF-8'); + return htmlspecialchars($utf8, ENT_NOQUOTES, 'UTF-8'); } function buildThread($id, $return=false, $mod=false) { diff --git a/inc/mod/auth.php b/inc/mod/auth.php index 8fb01ecb..73a24c44 100644 --- a/inc/mod/auth.php +++ b/inc/mod/auth.php @@ -98,8 +98,10 @@ if (isset($_COOKIE[$config['cookies']['mod']])) { // Should be username:hash:salt $cookie = explode(':', $_COOKIE[$config['cookies']['mod']]); if (count($cookie) != 3) { + // Malformed cookies destroyCookies(); - error($config['error']['malformed']); + mod_login(); + exit; } $query = prepare("SELECT `id`, `type`, `boards`, `password` FROM `mods` WHERE `username` = :username LIMIT 1"); @@ -111,7 +113,8 @@ if (isset($_COOKIE[$config['cookies']['mod']])) { if ($cookie[1] !== mkhash($cookie[0], $user['password'], $cookie[2])) { // Malformed cookies destroyCookies(); - error($config['error']['malformed']); + mod_login(); + exit; } $mod = array( diff --git a/inc/mod/ban.php b/inc/mod/ban.php index 9c93d70e..30234157 100644 --- a/inc/mod/ban.php +++ b/inc/mod/ban.php @@ -80,16 +80,25 @@ function ban($mask, $reason, $length, $board) { modLog('Created a new ' . ($length > 0 ? preg_replace('/^(\d+) (\w+?)s?$/', '$1-$2', until($length)) : 'permanent') . - ' ban (#' . $pdo->lastInsertId() . ') for ' . + ' ban on ' . + ($board ? '/' . $board . '/' : 'all boards') . + ' for ' . (filter_var($mask, FILTER_VALIDATE_IP) !== false ? "$mask" : utf8tohtml($mask)) . + ' (#' . $pdo->lastInsertId() . ')' . ' with ' . ($reason ? 'reason: ' . utf8tohtml($reason) . '' : 'no reason')); } -function unban($id) { +function unban($id) { + $query = prepare("SELECT `ip` FROM `bans` WHERE `id` = :id"); + $query->bindValue(':id', $id); + $query->execute() or error(db_error($query)); + $mask = $query->fetchColumn(); + $query = prepare("DELETE FROM `bans` WHERE `id` = :id"); $query->bindValue(':id', $id); $query->execute() or error(db_error($query)); - modLog("Removed ban #{$id}"); + if ($mask) + modLog("Removed ban #{$id} for " . (filter_var($mask, FILTER_VALIDATE_IP) !== false ? "$mask" : utf8tohtml($mask))); } diff --git a/inc/mod/pages.php b/inc/mod/pages.php index 8d215efb..116008d5 100644 --- a/inc/mod/pages.php +++ b/inc/mod/pages.php @@ -114,26 +114,37 @@ function mod_dashboard() { } else { $ctx = stream_context_create(array('http' => array('timeout' => 5))); if ($code = @file_get_contents('http://tinyboard.org/version.txt', 0, $ctx)) { - eval($code); - if (preg_match('/v(\d+)\.(\d)\.(\d+)(-dev.+)?$/', $config['version'], $matches)) { - $current = array( - 'massive' => (int) $matches[1], - 'major' => (int) $matches[2], - 'minor' => (int) $matches[3] + $ver = strtok($code, "\n"); + + if (preg_match('@^// v(\d+)\.(\d+)\.(\d+)\s*?$@', $ver, $matches)) { + $latest = array( + 'massive' => $matches[1], + 'major' => $matches[2], + 'minor' => $matches[3] ); - if (isset($m[4])) { - // Development versions are always ahead in the versioning numbers - $current['minor'] --; - } - // Check if it's newer - if (!( $latest['massive'] > $current['massive'] || - $latest['major'] > $current['major'] || - ($latest['massive'] == $current['massive'] && - $latest['major'] == $current['major'] && - $latest['minor'] > $current['minor'] - ))) + if (preg_match('/v(\d+)\.(\d)\.(\d+)(-dev.+)?$/', $config['version'], $matches)) { + $current = array( + 'massive' => (int) $matches[1], + 'major' => (int) $matches[2], + 'minor' => (int) $matches[3] + ); + if (isset($m[4])) { + // Development versions are always ahead in the versioning numbers + $current['minor'] --; + } + // Check if it's newer + if (!( $latest['massive'] > $current['massive'] || + $latest['major'] > $current['major'] || + ($latest['massive'] == $current['massive'] && + $latest['major'] == $current['major'] && + $latest['minor'] > $current['minor'] + ))) + $latest = false; + } else { $latest = false; + } } else { + // Couldn't get latest version $latest = false; } } else { @@ -589,6 +600,15 @@ function mod_page_ip($ip) { $args['notes'] = $query->fetchAll(PDO::FETCH_ASSOC); } + if (hasPermission($config['mod']['modlog_ip'])) { + $query = prepare("SELECT `username`, `mod`, `ip`, `board`, `time`, `text` FROM `modlogs` LEFT JOIN `mods` ON `mod` = `mods`.`id` WHERE `text` LIKE :search ORDER BY `time` DESC LIMIT 20"); + $query->bindValue(':search', '%' . $ip . '%'); + $query->execute() or error(db_error($query)); + $args['logs'] = $query->fetchAll(PDO::FETCH_ASSOC); + } else { + $args['logs'] = array(); + } + mod_page(sprintf('%s: %s', _('IP'), $ip), 'mod/view_ip.html', $args, $args['hostname']); } @@ -892,7 +912,7 @@ function mod_move($originBoard, $postID) { 'mod' => true, 'subject' => '', 'email' => '', - 'name' => $config['mod']['shadow_name'], + 'name' => (!$config['mod']['shadow_name'] ? $config['anonymous'] : $config['mod']['shadow_name']), 'capcode' => $config['mod']['shadow_capcode'], 'trip' => '', 'password' => '', diff --git a/mod.php b/mod.php index 6257fe53..dc666996 100644 --- a/mod.php +++ b/mod.php @@ -5,8 +5,8 @@ */ require 'inc/functions.php'; -require 'inc/mod/auth.php'; require 'inc/mod/pages.php'; +require 'inc/mod/auth.php'; // Fix for magic quotes if (get_magic_quotes_gpc()) { diff --git a/templates/mod/view_ip.html b/templates/mod/view_ip.html index c49880ae..562a0140 100644 --- a/templates/mod/view_ip.html +++ b/templates/mod/view_ip.html @@ -161,3 +161,43 @@ {% include 'mod/ban_form.html' %} {% endif %} + +{% if logs|count > 0 %} +
+ History + + + + + + + + {% for log in logs %} + + + + + + + {% endfor %} +
{% trans 'Staff' %}{% trans 'Time' %}{% trans 'Board' %}{% trans 'Action' %}
+ {% if log.username %} + {{ log.username|e }} + {% elseif log.mod == -1 %} + system + {% else %} + {% trans 'deleted?' %} + {% endif %} + + {{ log.time|ago }} + + {% if log.board %} + {{ config.board_abbreviation|sprintf(log.board) }} + {% else %} + - + {% endif %} + + {{ log.text }} +
+
+{% endif %}