leftypol
/
leftypol
4
5
Fork 2
Code Issues 59 Pull Requests 1 Projects Releases Wiki Activity
Browse Source

Merge remote-tracking branch 'upstream/config' into frontpage2

pull/40/head
Comatoast 3 years ago
parent
c988f303c0 b962f6a128
commit
372919e849
7 changed files with 2037 additions and 1887 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 3272
      inc/config.php
  2. 482
      inc/filters.php
  3. 3
      inc/instance-config.php
  4. 22
      inc/mod/pages.php
  5. 2
      templates/themes/catalog/theme.php
  6. 51
      templates/themes/categories/news.html
  7. 92
      templates/themes/categories/theme.php

3272
inc/config.php
View File

File diff suppressed because it is too large

482
inc/filters.php
View File

@ -9,245 +9,271 @@ defined('TINYBOARD') or exit;
require_once 'inc/anti-bot.php';
class Filter {
public $flood_check;
private $condition;
private $post;
public function __construct(array $arr) {
foreach ($arr as $key => $value)
$this->$key = $value;
}
public function match($condition, $match) {
$condition = strtolower($condition);
public $flood_check;
private $condition;
private $post;
public function __construct(array $arr) {
foreach ($arr as $key => $value)
$this->$key = $value;
}
public function match($condition, $match) {
print_err("Filter condition: " . $condition);
$condition = strtolower($condition);
$post = &$this->post;
switch($condition) {
case 'custom':
if (!is_callable($match))
error('Custom condition for filter is not callable!');
return $match($post);
case 'flood-match':
if (!is_array($match))
error('Filter condition "flood-match" must be an array.');
// Filter out "flood" table entries which do not match this filter.
$flood_check_matched = array();
foreach ($this->flood_check as $flood_post) {
foreach ($match as $flood_match_arg) {
switch ($flood_match_arg) {
case 'ip':
if ($flood_post['ip'] != $_SERVER['REMOTE_ADDR'])
continue 3;
break;
case 'body':
if ($flood_post['posthash'] != make_comment_hex($post['body_nomarkup']))
continue 3;
break;
case 'file':
if (!isset($post['filehash']))
return false;
if ($flood_post['filehash'] != $post['filehash'])
continue 3;
break;
case 'board':
if ($flood_post['board'] != $post['board'])
continue 3;
break;
case 'isreply':
if ($flood_post['isreply'] == $post['op'])
continue 3;
break;
default:
error('Invalid filter flood condition: ' . $flood_match_arg);
}
}
$flood_check_matched[] = $flood_post;
}
$this->flood_check = $flood_check_matched;
return !empty($this->flood_check);
case 'flood-time':
foreach ($this->flood_check as $flood_post) {
if (time() - $flood_post['time'] <= $match) {
return true;
}
}
return false;
case 'flood-count':
$count = 0;
foreach ($this->flood_check as $flood_post) {
if (time() - $flood_post['time'] <= $this->condition['flood-time']) {
++$count;
}
}
return $count >= $match;
case 'name':
return preg_match($match, $post['name']);
case 'trip':
return $match === $post['trip'];
case 'email':
return preg_match($match, $post['email']);
case 'subject':
return preg_match($match, $post['subject']);
case 'body':
return preg_match($match, $post['body_nomarkup']);
case 'filehash':
return $match === $post['filehash'];
case 'filename':
if (!$post['files'])
return false;
$post = &$this->post;
switch($condition) {
case 'custom':
if (!is_callable($match))
error('Custom condition for filter is not callable!');
return $match($post);
case 'flood-match':
if (!is_array($match))
error('Filter condition "flood-match" must be an array.');
// Filter out "flood" table entries which do not match this filter.
$flood_check_matched = array();
foreach ($this->flood_check as $flood_post) {
foreach ($match as $flood_match_arg) {
switch ($flood_match_arg) {
case 'ip':
if ($flood_post['ip'] != $_SERVER['REMOTE_ADDR'])
continue 3;
break;
case 'body':
if ($flood_post['posthash'] != make_comment_hex($post['body_nomarkup']))
continue 3;
break;
case 'file':
if (!isset($post['filehash']))
return false;
if ($flood_post['filehash'] != $post['filehash'])
continue 3;
break;
case 'board':
if ($flood_post['board'] != $post['board'])
continue 3;
break;
case 'isreply':
if ($flood_post['isreply'] == $post['op'])
continue 3;
break;
default:
error('Invalid filter flood condition: ' . $flood_match_arg);
}
}
$flood_check_matched[] = $flood_post;
}
// is there any reason for this assignment?
$this->flood_check = $flood_check_matched;
return !empty($this->flood_check);
case 'flood-time-any':
foreach ($this->flood_check as $flood_post) {
if (time() - $flood_post['time'] <= $match) {
print_err("rejecting post with flood id: " . $flood_post['id']);
return true;
}
}
return false;
case 'flood-time':
foreach ($this->flood_check as $flood_post) {
if (time() - $flood_post['time'] <= $match) {
return true;
}
}
return false;
case 'flood-count':
$count = 0;
foreach ($this->flood_check as $flood_post) {
if (time() - $flood_post['time'] <= $this->condition['flood-time']) {
++$count;
}
}
return $count >= $match;
case 'name':
return preg_match($match, $post['name']);
case 'trip':
return $match === $post['trip'];
case 'email':
return preg_match($match, $post['email']);
case 'subject':
return preg_match($match, $post['subject']);
case 'body':
return preg_match($match, $post['body_nomarkup']);
case 'filehash':
return $match === $post['filehash'];
case 'filename':
if (!$post['files'])
return false;
foreach ($post['files'] as $file) {
if (preg_match($match, $file['filename'])) {
return true;
}
}
return false;
case 'extension':
if (!$post['files'])
return false;
foreach ($post['files'] as $file) {
if (preg_match($match, $file['filename'])) {
return true;
}
}
return false;
case 'extension':
if (!$post['files'])
return false;
foreach ($post['files'] as $file) {
if (preg_match($match, $file['extension'])) {
return true;
}
}
return false;
case 'ip':
return preg_match($match, $_SERVER['REMOTE_ADDR']);
case 'op':
return $post['op'] == $match;
case 'has_file':
return $post['has_file'] == $match;
case 'board':
return $post['board'] == $match;
case 'password':
return $post['password'] == $match;
default:
error('Unknown filter condition: ' . $condition);
}
}
public function action() {
global $board;
foreach ($post['files'] as $file) {
if (preg_match($match, $file['extension'])) {
return true;
}
}
return false;
case 'ip':
return preg_match($match, $_SERVER['REMOTE_ADDR']);
case 'op':
return $post['op'] == $match;
case 'has_file':
return $post['has_file'] == $match;
case 'board':
return $post['board'] == $match;
case 'password':
return $post['password'] == $match;
default:
error('Unknown filter condition: ' . $condition);
}
}
public function action() {
global $board;
$this->add_note = isset($this->add_note) ? $this->add_note : false;
if ($this->add_note) {
$query = prepare('INSERT INTO ``ip_notes`` VALUES (NULL, :ip, :mod, :time, :body)');
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
$query->bindValue(':mod', -1);
$query->bindValue(':time', time());
$query->bindValue(':body', "Autoban message: ".$this->post['body']);
$query->execute() or error(db_error($query));
}
if (isset ($this->action)) switch($this->action) {
case 'reject':
error(isset($this->message) ? $this->message : 'Posting blocked by filter.');
case 'ban':
if (!isset($this->reason))
error('The ban action requires a reason.');
$this->expires = isset($this->expires) ? $this->expires : false;
$this->reject = isset($this->reject) ? $this->reject : true;
$this->all_boards = isset($this->all_boards) ? $this->all_boards : false;
Bans::new_ban($_SERVER['REMOTE_ADDR'], $this->reason, $this->expires, $this->all_boards ? false : $board['uri'], -1);
$this->add_note = isset($this->add_note) ? $this->add_note : false;
if ($this->add_note) {
$query = prepare('INSERT INTO ``ip_notes`` VALUES (NULL, :ip, :mod, :time, :body)');
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
$query->bindValue(':mod', -1);
$query->bindValue(':time', time());
$query->bindValue(':body', "Autoban message: ".$this->post['body']);
$query->execute() or error(db_error($query));
}
if (isset ($this->action)) switch($this->action) {
case 'reject':
error(isset($this->message) ? $this->message : 'Posting blocked by filter.');
case 'ban':
if (!isset($this->reason))
error('The ban action requires a reason.');
$this->expires = isset($this->expires) ? $this->expires : false;
$this->reject = isset($this->reject) ? $this->reject : true;
$this->all_boards = isset($this->all_boards) ? $this->all_boards : false;
Bans::new_ban($_SERVER['REMOTE_ADDR'], $this->reason, $this->expires, $this->all_boards ? false : $board['uri'], -1);
if ($this->reject) {
if (isset($this->message))
error($message);
checkBan($board['uri']);
exit;
}
break;
default:
error('Unknown filter action: ' . $this->action);
}
}
public function check(array $post) {
$this->post = $post;
foreach ($this->condition as $condition => $value) {
if ($condition[0] == '!') {
$NOT = true;
$condition = substr($condition, 1);
} else $NOT = false;
if ($this->match($condition, $value) == $NOT)
return false;
}
return true;
}
if ($this->reject) {
if (isset($this->message))
error($message);
checkBan($board['uri']);
exit;
}
break;
default:
error('Unknown filter action: ' . $this->action);
}
}
public function check(array $post) {
$this->post = $post;
foreach ($this->condition as $condition => $value) {
if ($condition[0] == '!') {
$NOT = true;
$condition = substr($condition, 1);
} else {
$NOT = false;
}
if ($this->match($condition, $value) == $NOT)
return false;
}
return true;
}
}
function purge_flood_table() {
global $config;
// Determine how long we need to keep a cache of posts for flood prevention. Unfortunately, it is not
// aware of flood filters in other board configurations. You can solve this problem by settings the
// config variable $config['flood_cache'] (seconds).
if (isset($config['flood_cache'])) {
$max_time = &$config['flood_cache'];
} else {
$max_time = 0;
foreach ($config['filters'] as $filter) {
if (isset($filter['condition']['flood-time']))
$max_time = max($max_time, $filter['condition']['flood-time']);
}
}
$time = time() - $max_time;
query("DELETE FROM ``flood`` WHERE `time` < $time") or error(db_error());
global $config;
// Determine how long we need to keep a cache of posts for flood prevention. Unfortunately, it is not
// aware of flood filters in other board configurations. You can solve this problem by settings the
// config variable $config['flood_cache'] (seconds).
if (isset($config['flood_cache'])) {
$max_time = &$config['flood_cache'];
} else {
$max_time = 0;
foreach ($config['filters'] as $filter) {
if (isset($filter['condition']['flood-time']))
$max_time = max($max_time, $filter['condition']['flood-time']);
}
}
$time = time() - $max_time;
query("DELETE FROM ``flood`` WHERE `time` < $time") or error(db_error());
}
function do_filters(array $post) {
global $config;
global $config;
print_err("do_filters begin");
if (!isset($config['filters']) || empty($config['filters']))
return;
foreach ($config['filters'] as $filter) {
if (isset($filter['condition']['flood-match'])) {
$has_flood = true;
break;
}
}
if (isset($has_flood)) {
if ($post['has_file']) {
$query = prepare("SELECT * FROM ``flood`` WHERE `ip` = :ip OR `posthash` = :posthash OR `filehash` = :filehash");
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
$query->bindValue(':posthash', make_comment_hex($post['body_nomarkup']));
$query->bindValue(':filehash', $post['filehash']);
} else {
$query = prepare("SELECT * FROM ``flood`` WHERE `ip` = :ip OR `posthash` = :posthash");
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
$query->bindValue(':posthash', make_comment_hex($post['body_nomarkup']));
}
$query->execute() or error(db_error($query));
$flood_check = $query->fetchAll(PDO::FETCH_ASSOC);
} else {
$flood_check = false;
}
foreach ($config['filters'] as $filter_array) {
$filter = new Filter($filter_array);
$filter->flood_check = $flood_check;
if ($filter->check($post))
$filter->action();
}
purge_flood_table();
print_err("do_filters begin");
if (!isset($config['filters']) || empty($config['filters']))
return;
// look at the flood table regardless of IP
$noip = false;
foreach ($config['filters'] as $filter) {
if (isset($filter['condition']['flood-match']) && (!isset($filter['noip']) || $filter['noip'] == false)) {
$has_flood = true;
break;
} else if ($filter['noip'] == true) {
print_err("filters noip is true");
$noip = true;
$find_time = time() - $filter['find-time'];
}
}
if ($noip) {
print_err("SELECT * FROM flood WHERE time > " . strval($find_time));
$query = prepare("SELECT * FROM ``flood`` WHERE `time` > $find_time");
$query->execute() or error(db_error($query));
$flood_check = $query->fetchAll(PDO::FETCH_ASSOC);
} else if (isset($has_flood)) {
if ($post['has_file']) {
$query = prepare("SELECT * FROM ``flood`` WHERE `ip` = :ip OR `posthash` = :posthash OR `filehash` = :filehash");
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
$query->bindValue(':posthash', make_comment_hex($post['body_nomarkup']));
$query->bindValue(':filehash', $post['filehash']);
} else {
$query = prepare("SELECT * FROM ``flood`` WHERE `ip` = :ip OR `posthash` = :posthash");
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
$query->bindValue(':posthash', make_comment_hex($post['body_nomarkup']));
}
$query->execute() or error(db_error($query));
$flood_check = $query->fetchAll(PDO::FETCH_ASSOC);
} else {
$flood_check = false;
}
foreach ($config['filters'] as $filter_array) {
print_err("creating new filter, running check");
$filter = new Filter($filter_array);
$filter->flood_check = $flood_check;
if ($filter->check($post)) {
$filter->action();
}
}
purge_flood_table();
}

3
inc/instance-config.php
View File

@ -82,6 +82,9 @@ $config['db']['password'] = '';
$config['cookies']['mod'] = 'mod';
$config['cookies']['salt'] = 'MGYwNjhlNjU5Y2QxNWU3YjQ3MzQ1Yj';
$config['flood_cache'] = 60 * 15; // 15 minutes. The oldest a post can be in the flood table
$config['flood_time_any'] = 40; // time between thread creation
$config['flood_time'] = 30;
$config['flood_time_ip'] = 60;
$config['flood_time_same'] = 60;

22
inc/mod/pages.php
View File

@ -28,6 +28,12 @@ function mod_page($title, $template, $args, $subtitle = false) {
);
}
function clone_wrapped_with_exist_check($clonefn, $src, $dest) {
if (file_exists($src)) {
$clonefn($src, $dest);
}
}
function mod_login($redirect = false) {
global $config;
@ -1353,9 +1359,9 @@ function mod_move($originBoard, $postID) {
// copy image
foreach ($post['files'] as $i => &$file) {
if ($file['file'] !== 'deleted')
$clone($file['file_path'], sprintf($config['board_path'], $board['uri']) . $config['dir']['img'] . $file['file']);
clone_wrapped_with_exist_check($clone, $file['file_path'], sprintf($config['board_path'], $board['uri']) . $config['dir']['img'] . $file['file']);
if (isset($file['thumb']) && !in_array($file['thumb'], array('spoiler', 'deleted', 'file')))
$clone($file['thumb_path'], sprintf($config['board_path'], $board['uri']) . $config['dir']['thumb'] . $file['thumb']);
clone_wrapped_with_exist_check($clone, $file['thumb_path'], sprintf($config['board_path'], $board['uri']) . $config['dir']['thumb'] . $file['thumb']);
}
}
@ -1416,8 +1422,8 @@ function mod_move($originBoard, $postID) {
if ($post['has_file']) {
// copy image
foreach ($post['files'] as $i => &$file) {
$clone($file['file_path'], sprintf($config['board_path'], $board['uri']) . $config['dir']['img'] . $file['file']);
$clone($file['thumb_path'], sprintf($config['board_path'], $board['uri']) . $config['dir']['thumb'] . $file['thumb']);
clone_wrapped_with_exist_check($clone, $file['file_path'], sprintf($config['board_path'], $board['uri']) . $config['dir']['img'] . $file['file']);
clone_wrapped_with_exist_check($clone, $file['thumb_path'], sprintf($config['board_path'], $board['uri']) . $config['dir']['thumb'] . $file['thumb']);
}
}
// insert reply
@ -1610,9 +1616,9 @@ function mod_merge($originBoard, $postID) {
// copy image
foreach ($post['files'] as $i => &$file) {
if ($file['file'] !== 'deleted')
$clone($file['file_path'], sprintf($config['board_path'], $board['uri']) . $config['dir']['img'] . $file['file']);
clone_wrapped_with_exist_check($clone, $file['file_path'], sprintf($config['board_path'], $board['uri']) . $config['dir']['img'] . $file['file']);
if (isset($file['thumb']) && !in_array($file['thumb'], array('spoiler', 'deleted', 'file')))
$clone($file['thumb_path'], sprintf($config['board_path'], $board['uri']) . $config['dir']['thumb'] . $file['thumb']);
clone_wrapped_with_exist_check($clone, $file['thumb_path'], sprintf($config['board_path'], $board['uri']) . $config['dir']['thumb'] . $file['thumb']);
}
}
@ -1673,8 +1679,8 @@ function mod_merge($originBoard, $postID) {
if ($post['has_file']) {
// copy image
foreach ($post['files'] as $i => &$file) {
$clone($file['file_path'], sprintf($config['board_path'], $board['uri']) . $config['dir']['img'] . $file['file']);
$clone($file['thumb_path'], sprintf($config['board_path'], $board['uri']) . $config['dir']['thumb'] . $file['thumb']);
clone_wrapped_with_exist_check($clone, $file['file_path'], sprintf($config['board_path'], $board['uri']) . $config['dir']['img'] . $file['file']);
clone_wrapped_with_exist_check($clone, $file['thumb_path'], sprintf($config['board_path'], $board['uri']) . $config['dir']['thumb'] . $file['thumb']);
}
}
// insert reply

2
templates/themes/catalog/theme.php
View File

@ -50,7 +50,7 @@
elseif ($action == 'rebuild') {
print_err("catalog_build calling Catalog.build 2");
$b->build($settings, $board);
if($settings['has_overboard']) {
if(isset($settings['has_overboard']) && $settings['has_overboard']) {
$b->buildOverboardCatalog($settings, $boards);
}
}

51
templates/themes/categories/news.html
View File

@ -25,12 +25,53 @@
{% endfor %}
{% endif %}
</div>
{% if stats %}
<div class="ban" style="border: none; background: none;">
<h1 id="post-statistics">
{% trans "Post Statistics" %}
</h1>
</div>
<table class="modlog" style="width: 50%; text-align: left;">
<thead>
<tr>
<th>{% trans "Board" %}</th>
<th>{% trans "PPH" %}</th>
<th>{% trans "Recent IPs" %}</th>
</tr>
</thead>
<tbody>
<tr>
<td class="minimal">
<span>{% trans "Total" %}</span>
</td>
<td class="minimal">
<span>{{ stats.pph }}</span>
</td>
<td class="minimal">
<span>{{ stats.recent_ips }}</span>
</td>
</tr>
{% for boardStat in stats.boards %}
<tr>
<td class="minimal">
<span>{{ boardStat.title }}</span>
</td>
<td class="minimal">
<span>{{ boardStat.pph }}</span>
</td>
<td class="minimal">
<span>{{ boardStat.recent_ips }}</span>
</td>
</tr>
{% endfor %}
</tbody>
</table>
{% endif %}
<footer>
<p class="unimportant" style="margin-top:20px;text-align:center;">- Tinyboard +
<a href="https://engine.vichan.net/">vichan</a> {{ config.version }} -
<br>Tinyboard Copyright &copy; 2010-2014 Tinyboard Development Group
<br><a href="https://engine.vichan.net/">vichan</a> Copyright &copy; 2012-2016 vichan-devel
<p class="unimportant" style="margin-top:20px;text-align:center;">- Tinyboard +
<a href="https://engine.vichan.net/">vichan</a> {{ config.version }} -
<br>Tinyboard Copyright &copy; 2010-2014 Tinyboard Development Group
<br><a href="https://engine.vichan.net/">vichan</a> Copyright &copy; 2012-2016 vichan-devel
<br><br>
<br><b>Leftypol.org is not currently under investigation by any Federal, State, or Local Authorities.</b></p>
</footer>

92
templates/themes/categories/theme.php
View File

@ -1,12 +1,12 @@
<?php
require 'info.php';
function categories_build($action, $settings, $board) {
// Possible values for $action:
// - all (rebuild everything, initialization)
// - news (news has been updated)
// - boards (board list changed)
Categories::build($action, $settings);
}
@ -15,21 +15,28 @@
public static function build($action, $settings) {
global $config;
if ($action == 'all')
if ($action == 'all' ||
$action == 'boards' ||
$action == 'news' ||
$action == 'post' ||
$action == 'post-thread' ||
$action == 'post-delete'){
file_write($config['dir']['home'] . $settings['file_main'], Categories::homepage($settings));
if ($action == 'all' || $action == 'boards')
file_write($config['dir']['home'] . $settings['file_sidebar'], Categories::sidebar($settings));
if ($action == 'all' || $action == 'news')
file_write($config['dir']['home'] . $settings['file_news'], Categories::news($settings));
}
if ($action == 'all'){
file_write($config['dir']['home'] . $settings['file_sidebar'], Categories::sidebar($settings));
}
}
// Build homepage
public static function homepage($settings) {
global $config;
$query = query("SELECT * FROM ``news`` ORDER BY `time` DESC") or error(db_error());
$news = $query->fetchAll(PDO::FETCH_ASSOC);
$stats = Categories::getPostStatistics($settings);
return Element(
'themes/categories/frames.html',
Array(
@ -37,31 +44,33 @@
'settings' => $settings,
'categories' => Categories::getCategories($config),
'news' => $news,
'stats' => $stats,
'boardlist' => createBoardlist(false)
)
);
}
// Build news page
public static function news($settings) {
global $config;
$query = query("SELECT * FROM ``news`` ORDER BY `time` DESC") or error(db_error());
$news = $query->fetchAll(PDO::FETCH_ASSOC);
$stats = Categories::getPostStatistics($settings);
return Element('themes/categories/news.html', Array(
'settings' => $settings,
'config' => $config,
'news' => $news,
'stats' => $stats,
'boardlist' => createBoardlist(false)
));
}
// Build sidebar
public static function sidebar($settings) {
global $config, $board;
return Element('themes/categories/sidebar.html', Array(
'settings' => $settings,
'config' => $config,
@ -71,7 +80,7 @@
private static function getCategories($config) {
$categories = $config['categories'];
foreach ($categories as &$boards) {
foreach ($boards as &$board) {
$title = boardTitle($board);
@ -83,6 +92,57 @@
return $categories;
}
private static function getPostStatistics($settings) {
global $config;
if (!isset($config['boards'])) {
return null;
}
$stats = [];
$unique = [];
foreach (array_merge(... $config['boards']) as $uri) {
$_board = getBoardInfo($uri);
if (!$_board) {
// board doesn't exist.
continue;
}
$boardStat['title'] = $_board['title'];
$pph_query = query(
sprintf("SELECT COUNT(*) AS count FROM ``posts_%s`` WHERE time > %d",
$_board['uri'],
time()-3600)
) or error(db_error());
$boardStat['pph'] = $pph_query->fetch()['count'];
$unique_query = query(
sprintf("SELECT DISTINCT ip FROM ``posts_%s`` WHERE time > %d",
$_board['uri'],
time()-3600)
) or error(db_error());
$unique_ips = $unique_query->fetchAll();
$boardStat['recent_ips'] = count($unique_ips);
foreach ($unique_ips as $_k => $row) {
$unique[$row['ip']] = true;
}
$stats['boards'][] = $boardStat;
}
$stats['recent_ips'] = count($unique);
$stats['pph'] = array_sum(array_column($stats['boards'], 'pph'));
return $stats;
}
};
?>

Write Preview
Loading…
Cancel
Save