diff --git a/inc/config.php b/inc/config.php index f4040570..4fe7a988 100644 --- a/inc/config.php +++ b/inc/config.php @@ -8,318 +8,326 @@ * your instance-config.php * */ - + + $config = Array( + 'db' => Array(), + 'cookies' => Array(), + 'error' => Array(), + 'dir' => Array(), + 'mod' => Array() + ); // Database stuff + // SQL driver ("mysql", "pgsql", "sqlite", "dblib", etc) // http://www.php.net/manual/en/pdo.drivers.php - define('DB_TYPE', 'mysql', true); + $config['db']['type'] = 'mysql'; // Hostname or IP address - define('DB_SERVER', 'localhost', true); + $config['db']['server'] = 'localhost'; // Login - define('DB_USER', '', true); - define('DB_PASSWORD', '', true); - // TinyBoard database - define('DB_DATABASE', '', true); + $config['db']['user'] = ''; + $config['db']['password'] = ''; + // Tinyboard database + $config['db']['database'] = ''; // Anything more to add to the DSN string (eg. port=xxx;foo=bar) - define('DB_DSN', '', true); + $config['db']['dsn'] = ''; // The name of the session cookie (PHP's $_SESSION) - define('SESS_COOKIE', 'imgboard', true); + $config['cookies']['session']= 'imgboard'; - // Used to safely determine when the user was first seen, to prevent floods. - // time() - define('TIME_COOKIE', 'arrived', true); - // HASH_COOKIE contains an MD5 hash of TIME_COOKIE+SALT for verification. - define('HASH_COOKIE', 'hash', true); + // Used to safely determine when the user was first seen, to prevent floods. Contains a UNIX timestamp. + $config['cookies']['time'] = 'arrived'; + // Contains an MD5 hash of $config['cookies']['time'] for verification. + $config['cookies']['hash'] = 'hash'; // Used for moderation login - define('MOD_COOKIE', 'mod', true); - // Where to set the 'path' parameter to ROOT when creating cookies. Recommended. - define('JAIL_COOKIES', true, true); - + $config['cookies']['mod'] = 'mod'; + // Where to set the 'path' parameter to $config['root'] when creating cookies. Recommended. + $config['cookies']['jail'] = true; // How long should the cookies last (in seconds) - define('COOKIE_EXPIRE', 15778463, true); //6 months - // How long should moderators should remain logged in (0=browser session) (in seconds) - define('MOD_EXPIRE', 15778463, true); + $config['cookies']['expire']= 15778463; //6 months // Make this something long and random for security - define('SALT', 'wefaw98YHEWUFuo', true); - define('SECURE_TRIP_SALT', '@#$&^@#)$(*&@!_$(&329-8347', true); + $config['cookies']['salt'] = 'wefaw98YHEWUFuo'; + // How long should moderators should remain logged in (0=browser session) (in seconds) + $config['mod']['expire'] = 15778463; //6 months + // Used to salt secure tripcodes (##trip) + $config['secure_trip_salt'] = '@#$&^@#)$(*&@!_$(&329-8347'; // How many seconds before you can post, after the first visit - define('LURKTIME', 30, true); - + $config['lurktime'] = 30; // How many seconds between each post - define('FLOOD_TIME', 10, true); + $config['flood_time'] = 10; // How many seconds between each post with exactly the same content and same IP - define('FLOOD_TIME_IP_SAME', 120, true); + $config['flood_time_ip'] = 120; // Same as above but different IP address - define('FLOOD_TIME_SAME', 30, true); + $config['flood_time_same'] = 30; // Do you need a body for your non-OP posts? - define('FORCE_BODY', true, true); + $config['force_body'] = true; // Max body length - define('MAX_BODY', 1800, true); - - define('THREADS_PER_PAGE', 10, true); - define('MAX_PAGES', 10, true); - define('THREADS_PREVIEW', 5, true); + $config['max_body'] = 1800; + + $config['threads_per_page'] = 10; + $config['max_pages'] = 10; + $config['threads_preview'] = 5; // For development purposes. Turns 'display_errors' on. Not recommended for production. - define('VERBOSE_ERRORS', true, true); + $config['verbose_errors'] = true; // Error messages - define('ERROR_LURK', 'Lurk some more before posting.', true); - define('ERROR_BOT', 'You look like a bot.', true); - define('ERROR_TOOLONG', 'The %s field was too long.', true); - define('ERROR_TOOLONGBODY', 'The body was too long.', true); - define('ERROR_TOOSHORTBODY', 'The body was too short or empty.', true); - define('ERROR_NOIMAGE', 'You must upload an image.', true); - define('ERROR_NOMOVE', 'The server failed to handle your upload.', true); - define('ERROR_FILEEXT', 'Unsupported image format.', true); - define('ERROR_NOBOARD', 'Invalid board!', true); - define('ERROR_NONEXISTANT', 'Thread specified does not exist.', true); - define('ERROR_LOCKED', 'Thread locked. You may not reply at this time.', true); - define('ERROR_NOPOST', 'You didn\'t make a post.', true); - define('ERROR_FLOOD', 'Flood detected; Post discared.', true); - define('ERROR_UNORIGINAL', 'Unoriginal content!', true); - define('ERROR_MUTED', 'Unoriginal content! You have been muted for %d seconds.', true); - define('ERROR_YOUAREMUTED', 'You are muted! Expires in %d seconds.', true); - define('ERROR_TOR', 'Hmm… That looks like a Tor exit node.', true); - define('ERROR_TOOMANYLINKS', 'Too many links; flood detected.', true); - define('ERROR_NODELETE', 'You didn\'t select anything to delete.', true); - define('ERROR_INVALIDPASSWORD', 'Wrong password…', true); - define('ERR_INVALIDIMG','Invalid image.', true); - define('ERR_FILESIZE', 'Maximum file size: %maxsz% bytes
Your file\'s size: %filesz% bytes', true); - define('ERR_MAXSIZE', 'The file was too big.', true); - define('ERR_INVALIDZIP', 'Invalid archive!', true); + $config['error']['lurk'] = 'Lurk some more before posting.'; + $config['error']['bot'] = 'You look like a bot.'; + $config['error']['toolong'] = 'The %s field was too long.'; + $config['error']['toolong_body'] = 'The body was too long.'; + $config['error']['tooshort_body'] = 'The body was too short or empty.'; + $config['error']['noimage'] = 'You must upload an image.'; + $config['error']['nomove'] = 'The server failed to handle your upload.'; + $config['error']['fileext'] = 'Unsupported image format.'; + $config['error']['noboard'] = 'Invalid board!'; + $config['error']['nonexistant'] = 'Thread specified does not exist.'; + $config['error']['locked'] = 'Thread locked. You may not reply at this time.'; + $config['error']['nopost'] = 'You didn\'t make a post.'; + $config['error']['flood'] = 'Flood detected; Post discared.'; + $config['error']['unoriginal'] = 'Unoriginal content!'; + $config['error']['muted'] = 'Unoriginal content! You have been muted for %d seconds.'; + $config['error']['youaremuted'] = 'You are muted! Expires in %d seconds.'; + $config['error']['tor'] = 'Hmm… That looks like a Tor exit node.'; + $config['error']['toomanylinks'] = 'Too many links; flood detected.'; + $config['error']['nodelete'] = 'You didn\'t select anything to delete.'; + $config['error']['invalidpassword'] = 'Wrong password…'; + $config['error']['invalidimg'] = 'Invalid image.'; + $config['error']['filesize'] = 'Maximum file size: %maxsz% bytes
Your file\'s size: %filesz% bytes'; + $config['error']['maxsize'] = 'The file was too big.'; + $config['error']['invalidzip'] = 'Invalid archive!'; // Moderator errors - define('ERROR_INVALID', 'Invalid username and/or password.', true); - define('ERROR_NOTAMOD', 'You are not a mod…', true); - define('ERROR_INVALIDAFTER', 'Invalid username and/or password. Your user may have been deleted or changed.', true); - define('ERROR_MALFORMED','Invalid/malformed cookies.', true); - define('ERROR_MISSEDAFIELD', 'Your browser didn\'t submit an input when it should have.', true); - define('ERROR_REQUIRED', 'The %s field is required.', true); - define('ERROR_INVALIDFIELD', 'The %s field was invalid.', true); - define('ERROR_BOARDEXISTS', 'There is already a %s board.', true); - define('ERROR_NOACCESS', 'You don\'t have permission to do that.', true); - define('ERROR_INVALIDPOST', 'That post doesn\'t exist…', true); - define('ERROR_404', 'Page not found.', true); + $config['error']['invalid'] = 'Invalid username and/or password.'; + $config['error']['notamod'] = 'You are not a mod…'; + $config['error']['invalidafter'] = 'Invalid username and/or password. Your user may have been deleted or changed.'; + $config['error']['malformed'] = 'Invalid/malformed cookies.'; + $config['error']['missedafield'] = 'Your browser didn\'t submit an input when it should have.'; + $config['error']['required'] = 'The %s field is required.'; + $config['error']['invalidfield'] = 'The %s field was invalid.'; + $config['error']['boardexists'] = 'There is already a %s board.'; + $config['error']['noaccess'] = 'You don\'t have permission to do that.'; + $config['error']['invalidpost'] = 'That post doesn\'t exist…'; + $config['error']['404'] = 'Page not found.'; // Reply limit (deletes thread when this is reached) - define('REPLY_LIMIT', 250, true); + $config['reply_limit'] = 250; // For resizing, max values - define('THUMB_WIDTH', 225, true); - define('THUMB_HEIGHT', 225, true); + $config['thumb_width'] = 255; + $config['thumb_height'] = 255; // Store image hash in the database for r9k-like boards implementation soon // Function name for hashing // sha1_file, md5_file, etc. - define('FILE_HASH', 'sha1_file', true); + $config['file_hash'] = 'sha1_file'; - define('BLOCK_TOR', true, true); + $config['block_tor'] = true; // Typically spambots try to post a lot of links. Refuse a post with X standalone links? - define('MAX_LINKS', 20, true); + $config['max_links'] = 20; // Maximum image upload size in bytes - define('MAX_FILESIZE', 10*1024*1024, true); // 10MB + $config['max_filesize'] = 10*1024*1024; // 10MB // Maximum image dimensions - define('MAX_WIDTH', 10000, true); - define('MAX_HEIGHT', MAX_WIDTH, true); - - /* When you upload a ZIP as a file, all the images inside the archive - * get dumped into the thread as replies. - * Extremely beta and not recommended yet. - */ - define('ALLOW_ZIP', false, true); + $config['max_width'] = 1000; + $config['max_height'] = $config['max_width']; // 1:1 /** Redraw the image using GD functions to strip any excess data (commonly ZIP archives) - WARNING: Very beta. Currently strips animated GIFs too :( + WARNING: Currently strips animated GIFs too :( **/ - define('REDRAW_IMAGE', false, true); + $config['redraw_image'] = false; // Redrawing configuration - define('JPEG_QUALITY', 100, true); - define('REDRAW_GIF', false, true); - - // Display the aspect ratio in a post's file info - define('SHOW_RATIO', true, true); - - define('DIR_IMG', 'src/', true); - define('DIR_THUMB', 'thumb/', true); - define('DIR_RES', 'res/', true); - define('DIR_STATIC', 'static/', true); + $config['jpeg_quality'] = 100; + // Temporary fix for the animation-stripping bug + $config['redraw_gifs'] = false; - // Where to store the .html templates. This folder and templates must exist or fatal errors will be thrown. - define('DIR_TEMPLATE', getcwd() . '/templates', true); + // Display the aspect ratio in a post's file info + $config['show_ratio'] = true; // The root directory, including the trailing slash, for Tinyboard. // examples: '/', 'http://boards.chan.org/', '/chan/' - define('ROOT', '/', true); - + $config['root'] = '/'; + + $config['dir']['img'] = 'src/'; + $config['dir']['thumb'] = 'thumb/'; + $config['dir']['res'] = 'res/'; + // For load balancing, having a seperate server (and domain/subdomain) for serving static content is possible. + // This can either be a directory or a URL (eg. http://static.example.org/) + $config['dir']['static'] = $config['root'] . 'static/'; + // Where to store the .html templates. This folder and templates must exist or fatal errors will be thrown. + $config['dir']['template'] = getcwd() . '/templates'; // Static images // These can be URLs OR base64 (data URI scheme) - define('IMAGE_STICKY', ROOT . DIR_STATIC . 'sticky.gif', true); - define('IMAGE_LOCKED', ROOT . DIR_STATIC . 'locked.gif', true); - define('DELETED_IMAGE', ROOT . DIR_STATIC . 'deleted.png', true); - define('ZIP_IMAGE', ROOT . DIR_STATIC . 'zip.png', true); + $config['image_sticky'] = $config['dir']['static'] . 'sticky.gif'; + $config['image_locked'] = $config['dir']['static'] . 'locked.gif'; + $config['image_deleted'] = $config['dir']['static'] . 'deleted.png'; + $config['image_zip'] = $config['dir']['static'] . 'zip.png'; // If for some reason the folders and static HTML index files aren't in the current working direcotry, // enter the directory path here. Otherwise, keep it false. - define('ROOT_FILE', false, true); + $config['root_file'] = false; - define('POST_URL', ROOT . 'post.php', true); - define('FILE_INDEX', 'index.html', true); - define('FILE_PAGE', '%d.html', true); - define('FILE_MOD', 'mod.php', true); + $config['file_index'] = 'index.html'; + $config['file_page'] = '%d.html'; + $config['file_mod'] = 'mod.php'; // Multi-board (%s is board abbreviation) - define('BOARD_PATH', '%s/', true); + $config['board_path'] = '%s/'; // The HTTP status code to use when redirecting. // Should be 3xx (redirection). http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html // "302" is recommended. - define('REDIRECT_HTTP', 302, true); + $config['redirect_http'] = 302; + // TODO: Put this in per-board instance-config instead // Robot stuff // Strip repeating characters when making hashes - define('ROBOT_ENABLE', true, true); - define('ROBOT_BOARD', 'r9k', true); - define('ROBOT_STRIP_REPEATING', true, true); + $config['robot_enable'] = false; + $config['robot_strip_repeating'] = true; + // Enable mutes - define('ROBOT_MUTE', true, true); - define('ROBOT_MUTE_HOUR', 50, true); // How many mutes X hours ago to include in the algorithm - define('ROBOT_MUTE_MULTIPLIER', 2, true); - define('ROBOT_MUTE_DESCRIPTION', 'You have been muted for unoriginal content.', true); + // Tinyboard uses ROBOT9000's original 2^x implementation + $config['robot_mute'] = true; + // How many mutes x hours ago to include in the algorithm + $config['robot_mute_hour'] = 50; + // If you want to alter the algorithm a bit. Default value is 2. n^x + $config['robot_mute_multiplier'] = 2; + $config['robot_mute_descritpion'] = 'You have been muted for unoriginal content.'; /* Mod stuff */ // Whether or not to lock moderator sessions to the IP address that was logged in with. - define('MOD_LOCK_IP', true, true); + $config['mod']['lock_ip'] = true; // The page that is first shown when a moderator logs in. Defaults to the dashboard. - define('MOD_DEFAULT', '/', true); - // Don't even display MySQL password to administrators (in the configuration page) - define('MOD_NEVER_REAL_PASSWORD', true, true); + $config['mod']['default'] = '/'; + // Don't even display MySQL password to administrators (in the configuration page). + $config['mod']['never_reveal_password'] = true; // Do a DNS lookup on IP addresses to get their hostname on the IP summary page - define('MOD_DNS_LOOKUP', true, true); + $config['mod']['dns_lookup'] = true; // Show ban form on the IP summary page - define('MOD_IP_BANFORM', true, true); + $config['mod']['ip_banform'] = true; // How many recent posts, per board, to show in the IP summary page - define('MOD_IP_RECENTPOSTS', 5, true); + $config['mod']['ip_recentposts'] = 5; // Probably best not to change these: - define('MOD_JANITOR', 0, true); - define('MOD_MOD', 1, true); - define('MOD_ADMIN', 2, true); + define('JANITOR', 0, true); + define('MOD', 1, true); + define('ADMIN', 2, true); // Permissions // What level of administration you need to: /* Post Controls */ // View IP addresses - define('MOD_SHOW_IP', MOD_MOD, true); + $config['mod']['show_ip'] = MOD; // Delete a post - define('MOD_DELETE', MOD_JANITOR, true); + $config['mod']['delete'] = JANITOR; // Ban a user for a post - define('MOD_BAN', MOD_MOD, true); + $config['mod']['ban'] = MOD; // Ban and delete (one click; instant) - define('MOD_BANDELETE', MOD_BAN, true); + $config['mod']['bandelete'] = MOD; // Delete file (and keep post) - define('MOD_DELETEFILE', MOD_JANITOR, true); + $config['mod']['deletefile'] = JANITOR; // Delete all posts by IP - define('MOD_DELETEBYIP', MOD_BAN, true); + $config['mod']['deletebyip'] = MOD; // Sticky a thread - define('MOD_STICKY', MOD_MOD, true); + $config['mod']['sticky'] = MOD; // Lock a thread - define('MOD_LOCK', MOD_MOD, true); + $config['mod']['lock'] = MOD; // Post in a locked thread - define('MOD_POSTINLOCKED', MOD_MOD, true); + $config['mod']['postinlocked'] = MOD; // Post bypass unoriginal content check - define('MOD_POSTUNORIGINAL', MOD_MOD, true); + $config['mod']['postunoriginal'] = MOD; // Raw HTML posting - define('MOD_RAWHTML', MOD_MOD, true); + $config['mod']['rawhtml'] = MOD; /* Administration */ - // Display the contents of instant-config.php - define('MOD_SHOW_CONFIG', MOD_ADMIN, true); + // Display the contents of instance-config.php + $config['mod']['show_config'] = ADMIN; // View list of bans - define('MOD_VIEW_BANLIST', MOD_MOD, true); + $config['mod']['view_banlist'] = MOD; // View the username of the mod who made a ban - define('MOD_VIEW_BANSTAFF', MOD_MOD, true); - // If the moderator doesn't fit the MOD_VIEW_BANSTAFF (previous) permission, + $config['mod']['view_banstaff'] = MOD; + // If the moderator doesn't fit the $config['mod']['view_banstaff''] (previous) permission, // show him just a "?" instead. Otherwise, it will be "Mod" or "Admin" - define('MOD_VIEW_BANQUESTIONMARK', false, true); + $config['mod']['view_banquestionmark'] = false; // Show expired bans in the ban list (they are kept in cache until the culprit returns) - define('MOD_VIEW_BANEXPIRED', true, true); + $config['mod']['view_banexpired'] = true; // Create a new board - define('MOD_NEWBOARD', MOD_ADMIN, true); + $config['mod']['newboard'] = ADMIN; // Mod links (full HTML) // Correspond to above permission directives - define('MOD_LINK_DELETE', '[D]', true); - define('MOD_LINK_BAN', '[B]', true); - define('MOD_LINK_BANDELETE', '[B&D]', true); - define('MOD_LINK_DELETEFILE', '[F]', true); - define('MOD_LINK_DELETEBYIP', '[D+]', true); - define('MOD_LINK_STICKY', '[Sticky]', true); - define('MOD_LINK_DESTICKY', '[-Sticky]', true); - define('MOD_LINK_LOCK', '[Lock]', true); - define('MOD_LINK_UNLOCK', '[-Lock]', true); + $config['mod']['link_delete'] = '[D]'; + $config['mod']['link_ban'] = '[B]'; + $config['mod']['link_bandelete'] = '[B&D]'; + $config['mod']['link_deletefile'] = '[F]'; + $config['mod']['link_deletebyip'] = '[D+]'; + $config['mod']['link_sticky'] = '[Sticky]'; + $config['mod']['link_desticky'] = '[-Sticky]'; + $config['mod']['link_lock'] = '[Lock]'; + $config['mod']['link_unlock'] = '[-Lock]'; + // A small file in the main directory indicating that the script has been ran and the board(s) have been generated. // This keeps the script from querying the database and causing strain when not needed. - define('HAS_INSTALLED', '.installed', true); + $config['has_installed'] = '.installed'; - // Name of the boards. Typically '/%s/' (/b/, /mu/, etc) - // BOARD_ABBREVIATION - BOARD_TITLE - define('BOARD_ABBREVIATION', '/%s/', true); + // Name of the boards. Usually '/%s/' (/b/, /mu/, etc) + // $config['board_abbreviation'] - BOARD_TITLE + $config['board_abbreviation'] = '/%s/'; // Automatically convert things like "..." to Unicode characters ("…") - define('AUTO_UNICODE', true, true); + $config['auto_unicode'] = true; // Use some Wiki-like syntax (''em'', '''strong''', ==Heading==, etc) - define('WIKI_MARKUP', true, true); + $config['wiki_markup'] = true; // Whether to turn URLs into functional links - define('MARKUP_URLS', true, true); + $config['markup_urls'] = true; // Complex regular expression to catch URLs - define('URL_REGEX', '/' . '(https?|ftp):\/\/' . '(([\w\-]+\.)+[a-zA-Z]{2,6}|\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})' . '(\/([\w\-~\.#\/?=&;:+%]+)?)?' . '/', true); + $config['url_regex'] = '/' . '(https?|ftp):\/\/' . '(([\w\-]+\.)+[a-zA-Z]{2,6}|\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})' . '(\/([\w\-~\.#\/?=&;:+%]+)?)?' . '/'; // Allowed file extensions - $allowed_ext = Array('jpg', 'jpeg', 'bmp', 'gif', 'png', true); - - define('BUTTON_NEWTOPIC', 'New Topic', true); - define('BUTTON_REPLY', 'New Reply', true); + $config['allowed_ext'] = Array('jpg', 'jpeg', 'bmp', 'gif', 'png'); + + // The names on the post buttons. (On most imageboards, these are both "Post".) + $config['button_newtopic'] = 'New Topic'; + $config['button_reply'] = 'New Reply'; // The string passed to date() for post times // http://php.net/manual/en/function.date.php - define('POST_DATE', 'm/d/y (D) H:i:s', true); + $config['post_date'] = 'm/d/y (D) H:i:s'; - define('ALWAYS_NOKO', false, true); + // Always act as if they had typed "noko" in the email field no mattter what + $config['always_noko'] = false; - define('URL_MATCH', '/^' . - (preg_match(URL_REGEX, ROOT) ? '' : + $config['url_match'] = '/^' . + (preg_match($config['url_regex'], $config['root']) ? '' : (@$_SERVER['HTTPS']?'https':'http') . ':\/\/'.$_SERVER['HTTP_HOST']) . - preg_quote(ROOT, '/') . + preg_quote($config['root'], '/') . '(' . - str_replace('%s', '\w{1,8}', preg_quote(BOARD_PATH, '/')) . + str_replace('%s', '\w{1,8}', preg_quote($config['board_path'], '/')) . '|' . - str_replace('%s', '\w{1,8}', preg_quote(BOARD_PATH, '/')) . - preg_quote(FILE_INDEX, '/') . + str_replace('%s', '\w{1,8}', preg_quote($config['board_path'], '/')) . + preg_quote($config['file_index'], '/') . '|' . - str_replace('%s', '\w{1,8}', preg_quote(BOARD_PATH, '/')) . - str_replace('%d', '\d+', preg_quote(FILE_PAGE, '/')) . + str_replace('%s', '\w{1,8}', preg_quote($config['board_path'], '/')) . + str_replace('%d', '\d+', preg_quote($config['file_page'], '/')) . '|' . - preg_quote(FILE_MOD, '/') . + preg_quote($config['file_mod'], '/') . '\?\/.+' . - ')$/i', true); + ')$/i'; - if(ROOT_FILE) { - chdir(ROOT_FILE); + if($config['root_file']) { + chdir($config['root_file']); } - if(VERBOSE_ERRORS) { + if($config['verbose_errors']) { error_reporting(E_ALL); ini_set('display_errors', 1); } + ?> \ No newline at end of file diff --git a/inc/database.php b/inc/database.php index dca1fbd1..21fabe71 100644 --- a/inc/database.php +++ b/inc/database.php @@ -1,20 +1,20 @@ getMessage(); // Remove any sensitive information - $message = str_replace(DB_USER, 'hidden', $message); - $message = str_replace(DB_PASSWORD, 'hidden', $message); + $message = str_replace($config['db']['user'], 'hidden', $message); + $message = str_replace($config['db']['password'], 'hidden', $message); // Print error error('Database error: ' . $message); diff --git a/inc/display.php b/inc/display.php index 8423da0f..acf77e39 100644 --- a/inc/display.php +++ b/inc/display.php @@ -20,30 +20,32 @@ } function error($message) { - global $board, $mod; + global $board, $mod, $config; if(function_exists('sql_close')) sql_close(); die(Element('page.html', Array( - 'index'=>ROOT, + 'index'=>$config['root'], 'title'=>'Error', 'subtitle'=>'An error has occured.', 'body'=>"
" . "

$message

" . (isset($board) ? - "

Go back.

" : ''). + "

Go back.

" : ''). "
" ))); } function loginForm($error=false, $username=false) { + global $config; + if(function_exists('sql_close')) sql_close(); die(Element('page.html', Array( - 'index'=>ROOT, + 'index'=>$config['root'], 'title'=>'Login', 'body'=>Element('login.html', Array( - 'index'=>ROOT, + 'index'=>$config['root'], 'error'=>$error, 'username'=>$username ) @@ -52,7 +54,10 @@ } class Post { - public function __construct($id, $thread, $subject, $email, $name, $trip, $body, $time, $thumb, $thumbx, $thumby, $file, $filex, $filey, $filesize, $filename, $ip, $root=ROOT, $mod=false) { + public function __construct($id, $thread, $subject, $email, $name, $trip, $body, $time, $thumb, $thumbx, $thumby, $file, $filex, $filey, $filesize, $filename, $ip, $root=null, $mod=false) { + global $config; + if(!isset($root)) $root = $config['root']; + $this->id = $id; $this->thread = $thread; $this->subject = utf8tohtml($subject); @@ -77,13 +82,13 @@ // Fix internal links // Very complicated regex $this->body = preg_replace( - '/'; // Delete - if($this->mod['type'] >= MOD_DELETE) - $built .= ' ' . MOD_LINK_DELETE . ''; + if($this->mod['type'] >= $config['mod']['delete']) + $built .= ' ' . $config['mod']['link_delete'] . ''; // Delete all posts by IP - if($this->mod['type'] >= MOD_DELETEBYIP) - $built .= ' ' . MOD_LINK_DELETEBYIP . ''; + if($this->mod['type'] >= $config['mod']['deletebyip']) + $built .= ' ' . $config['mod']['link_deletebyip'] . ''; // Ban - if($this->mod['type'] >= MOD_BAN) - $built .= ' ' . MOD_LINK_BAN . ''; + if($this->mod['type'] >= $config['mod']['ban']) + $built .= ' ' . $config['mod']['link_ban'] . ''; // Ban & Delete - if($this->mod['type'] >= MOD_BANDELETE) - $built .= ' ' . MOD_LINK_BANDELETE . ''; + if($this->mod['type'] >= $config['mod']['bandelete']) + $built .= ' ' . $config['mod']['link_bandelete'] . ''; // Delete file (keep post) - if(!empty($this->file) && $this->mod['type'] >= MOD_DELETEFILE) - $built .= ' ' . MOD_LINK_DELETEFILE . ''; + if(!empty($this->file) && $this->mod['type'] >= $config['mod']['deletefile']) + $built .= ' ' . $config['mod']['link_deletefile'] . ''; $built .= ''; } @@ -116,7 +121,7 @@ } public function build($index=false) { - global $board; + global $board, $config; $built = '
' . '

' . @@ -135,7 +140,7 @@ . (!empty($this->trip) ? ' '.$this->trip.'':''); // IP Address - if($this->mod && $this->mod['type'] >= MOD_SHOW_IP) { + if($this->mod && $this->mod['type'] >= $config['mod']['show_ip']) { $built .= ' [' . $this->ip . ']'; } @@ -144,7 +149,7 @@ $built .= ''; // Date/time - $built .= ' ' . date(POST_DATE, $this->time); + $built .= ' ' . date($config['post_date'], $this->time); // End delete $built .= ''; @@ -152,20 +157,20 @@ $built .= ' No.' . + ' href="' . $this->root . $board['dir'] . $config['dir']['res'] . $this->thread . '.html' . '#' . $this->id . '">No.' . // JavaScript cite - ''.$this->id.'' . + ''.$this->id.'' . '

'; // File info if(!empty($this->file) && $this->file != 'deleted') { - $built .= '

File: ' . $this->file . ' (' . + $built .= '

File: ' . $this->file . ' (' . // Filesize format_bytes($this->filesize) . ', ' . // File dimensions $this->filex . 'x' . $this->filey; // Aspect Ratio - if(SHOW_RATIO) { + if($config['show_ratio']) { $fraction = fraction($this->filex, $this->filey, ':'); $built .= ', ' . $fraction; } @@ -173,9 +178,9 @@ $built .= ', ' . $this->filename . ')

' . // Thumbnail - ''; + ''; } elseif($this->file == 'deleted') { - $built .= ''; + $built .= ''; } $built .= $this->postControls(); @@ -189,7 +194,10 @@ class Thread { public $omitted = 0; - public function __construct($id, $subject, $email, $name, $trip, $body, $time, $thumb, $thumbx, $thumby, $file, $filex, $filey, $filesize, $filename, $ip, $sticky, $locked, $root=ROOT, $mod=false) { + public function __construct($id, $subject, $email, $name, $trip, $body, $time, $thumb, $thumbx, $thumby, $file, $filex, $filey, $filesize, $filename, $ip, $sticky, $locked, $root=null, $mod=false) { + global $config; + if(!isset($root)) $root = $config['root']; + $this->id = $id; $this->subject = utf8tohtml($subject); $this->email = $email; @@ -217,7 +225,7 @@ // Fix internal links // Very complicated regex $this->body = preg_replace( - '/'; // Delete - if($this->mod['type'] >= MOD_DELETE) - $built .= ' ' . MOD_LINK_DELETE . ''; + if($this->mod['type'] >= $config['mod']['delete']) + $built .= ' ' . $config['mod']['link_delete'] . ''; // Delete all posts by IP - if($this->mod['type'] >= MOD_DELETEBYIP) - $built .= ' ' . MOD_LINK_DELETEBYIP . ''; + if($this->mod['type'] >= $config['mod']['deletebyip']) + $built .= ' ' . $config['mod']['link_deletebyip'] . ''; // Ban - if($this->mod['type'] >= MOD_BAN) - $built .= ' ' . MOD_LINK_BAN . ''; + if($this->mod['type'] >= $config['mod']['ban']) + $built .= ' ' . $config['mod']['link_ban'] . ''; // Ban & Delete - if($this->mod['type'] >= MOD_BANDELETE) - $built .= ' ' . MOD_LINK_BANDELETE . ''; + if($this->mod['type'] >= $config['mod']['bandelete']) + $built .= ' ' . $config['mod']['link_bandelete'] . ''; // Stickies - if($this->mod['type'] >= MOD_STICKY) + if($this->mod['type'] >= $config['mod']['sticky']) if($this->sticky) - $built .= ' ' . MOD_LINK_DESTICKY . ''; + $built .= ' ' . $config['mod']['link_desticky'] . ''; else - $built .= ' ' . MOD_LINK_STICKY . ''; + $built .= ' ' . $config['mod']['link_sticky'] . ''; // Lock - if($this->mod['type'] >= MOD_LOCK) + if($this->mod['type'] >= $config['mod']['lock']) if($this->locked) - $built .= ' ' . MOD_LINK_UNLOCK . ''; + $built .= ' ' . $config['mod']['link_unlock'] . ''; else - $built .= ' ' . MOD_LINK_LOCK . ''; + $built .= ' ' . $config['mod']['link_lock'] . ''; $built .= ''; @@ -270,22 +278,22 @@ } public function build($index=false) { - global $board; + global $board, $config; - $built = '

File: ' . $this->file . ' (' . + $built = '

File: ' . $this->file . ' (' . // Filesize format_bytes($this->filesize) . ', ' . // File dimensions $this->filex . 'x' . $this->filey; // Aspect Ratio - if(SHOW_RATIO) { + if($config['show_ratio']) { $fraction = fraction($this->filex, $this->filey, ':'); $built .= ', ' . $fraction; } // Filename $built .= ', ' . $this->filename . ')

' . // Thumbnail - ''; + ''; $built .= '

'; @@ -304,7 +312,7 @@ . (!empty($this->trip) ? ' '.$this->trip.'':''); // IP Address - if($this->mod && $this->mod['type'] >= MOD_SHOW_IP) { + if($this->mod && $this->mod['type'] >= $config['mod']['show_ip']) { $built .= ' [' . $this->ip . ']'; } @@ -313,7 +321,7 @@ $built .= ''; // Date/time - $built .= ' ' . date(POST_DATE, $this->time); + $built .= ' ' . date($config['post_date'], $this->time); // End delete $built .= ''; @@ -321,15 +329,15 @@ $built .= ' No.' . + ' href="' . $this->root . $board['dir'] . $config['dir']['res'] . $this->id . '.html' . '#' . $this->id . '">No.' . // JavaScript cite - ''.$this->id.'' . + ''.$this->id.'' . // Sticky - ($this->sticky ? '' : '') . + ($this->sticky ? '' : '') . // Locked - ($this->locked ? '' : '') . + ($this->locked ? '' : '') . // [Reply] - ($index ? '[Reply]' : '') . + ($index ? '[Reply]' : '') . // Mod controls $this->postControls() . diff --git a/inc/functions.php b/inc/functions.php index 6901de62..cc2a02f8 100644 --- a/inc/functions.php +++ b/inc/functions.php @@ -9,7 +9,7 @@ } function setupBoard($array) { - global $board; + global $board, $config; $board = Array( 'id' => $array['id'], @@ -17,13 +17,13 @@ 'name' => $array['title'], 'title' => $array['subtitle']); - $board['dir'] = sprintf(BOARD_PATH, $board['uri']); - $board['url'] = sprintf(BOARD_ABBREVIATION, $board['uri']); + $board['dir'] = sprintf($config['board_path'], $board['uri']); + $board['url'] = sprintf($config['board_abbreviation'], $board['uri']); if(!file_exists($board['dir'])) mkdir($board['dir'], 0777); - if(!file_exists($board['dir'] . DIR_IMG)) @mkdir($board['dir'] . DIR_IMG, 0777) or error("Couldn't create " . DIR_IMG . ". Check permissions.", true); - if(!file_exists($board['dir'] . DIR_THUMB)) @mkdir($board['dir'] . DIR_THUMB, 0777) or error("Couldn't create " . DIR_THUMB . ". Check permissions.", true); - if(!file_exists($board['dir'] . DIR_RES)) @mkdir($board['dir'] . DIR_RES, 0777) or error("Couldn't create " . DIR_RES . ". Check permissions.", true); + if(!file_exists($board['dir'] . $config['dir']['img'])) @mkdir($board['dir'] . $config['dir']['img'], 0777) or error("Couldn't create " . $config['dir']['img'] . ". Check permissions.", true); + if(!file_exists($board['dir'] . $config['dir']['thumb'])) @mkdir($board['dir'] . $config['dir']['thumb'], 0777) or error("Couldn't create " . $config['dir']['thumb'] . ". Check permissions.", true); + if(!file_exists($board['dir'] . $config['dir']['res'])) @mkdir($board['dir'] . $config['dir']['res'], 0777) or error("Couldn't create " . $config['dir']['res'] . ". Check permissions.", true); } function openBoard($uri) { @@ -46,14 +46,14 @@ } function checkFlood($post) { - global $board; + global $board, $config; $query = prepare(sprintf("SELECT * FROM `posts_%s` WHERE (`ip` = :ip AND `time` >= :floodtime) OR (`ip` = :ip AND `body` = :body AND `time` >= :floodsameiptime) OR (`body` = :body AND `time` >= :floodsametime) LIMIT 1", $board['uri'])); $query->bindValue(':ip', $_SERVER['REMOTE_ADDR']); $query->bindValue(':body', $post['body'], PDO::PARAM_INT); - $query->bindValue(':floodtime', time()-FLOOD_TIME, PDO::PARAM_INT); - $query->bindValue(':floodsameiptime', time()-FLOOD_TIME_IP_SAME, PDO::PARAM_INT); - $query->bindValue(':floodsametime', time()-FLOOD_TIME_SAME, PDO::PARAM_INT); + $query->bindValue(':floodtime', time()-$config['flood_time'], PDO::PARAM_INT); + $query->bindValue(':floodsameiptime', time()-$config['flood_time_ip'], PDO::PARAM_INT); + $query->bindValue(':floodsametime', time()-$config['flood_time_same'], PDO::PARAM_INT); $query->execute() or error(db_error($query)); return (bool)$query->fetch(); @@ -81,6 +81,8 @@ } function checkBan() { + global $config; + if(!isset($_SERVER['REMOTE_ADDR'])) { // Server misconfiguration return; @@ -157,7 +159,7 @@ // Show banned page and exit die(Element('page.html', Array( - 'index' => ROOT, + 'index' => $config['root'], 'title' => 'Banned', 'subtitle' => 'You are banned!', 'body' => $body @@ -264,14 +266,14 @@ // Remove file from post function deleteFile($id, $remove_entirely_if_already=true) { - global $board; + global $board, $config; $query = prepare(sprintf("SELECT `thread`,`thumb`,`file` FROM `posts_%s` WHERE `id` = :id AND `thread` IS NOT NULL LIMIT 1", $board['uri'])); $query->bindValue(':id', $id, PDO::PARAM_INT); $query->execute() or error(db_error($query)); if($query->rowCount() < 1) { - error(ERROR_INVALIDPOST); + error($config['error']['invalidpost']); } $post = $query->fetch(); @@ -282,10 +284,10 @@ $query->bindValue(':file', null, PDO::PARAM_NULL); } else { // Delete thumbnail - @unlink($board['dir'] . DIR_THUMB . $post['thumb']); + @unlink($board['dir'] . $config['dir']['thumb'] . $post['thumb']); // Delete file - @unlink($board['dir'] . DIR_IMG . $post['file']); + @unlink($board['dir'] . $config['dir']['img'] . $post['file']); // Set file to 'deleted' $query->bindValue(':file', 'deleted', PDO::PARAM_INT); @@ -300,7 +302,7 @@ // Delete a post (reply or thread) function deletePost($id, $error_if_doesnt_exist=true) { - global $board; + global $board, $config; // Select post and replies (if thread) in one query $query = prepare(sprintf("SELECT `id`,`thread`,`thumb`,`file` FROM `posts_%s` WHERE `id` = :id OR `thread` = :id", $board['uri'])); @@ -309,7 +311,7 @@ if($query->rowCount() < 1) { if($error_if_doesnt_exist) - error(ERROR_INVALIDPOST); + error($config['error']['invalidpost']); else return false; } @@ -317,18 +319,18 @@ while($post = $query->fetch()) { if(!$post['thread']) { // Delete thread HTML page - @unlink($board['dir'] . DIR_RES . sprintf(FILE_PAGE, $post['id'])); + @unlink($board['dir'] . $config['dir']['res'] . sprintf($config['file_page'], $post['id'])); } elseif($query->rowCount() == 1) { // Rebuild thread $rebuild = $post['thread']; } if($post['thumb']) { // Delete thumbnail - @unlink($board['dir'] . DIR_THUMB . $post['thumb']); + @unlink($board['dir'] . $config['dir']['thumb'] . $post['thumb']); } if($post['file']) { // Delete file - @unlink($board['dir'] . DIR_IMG . $post['file']); + @unlink($board['dir'] . $config['dir']['img'] . $post['file']); } } @@ -344,8 +346,8 @@ } function clean() { - global $board; - $offset = round(MAX_PAGES*THREADS_PER_PAGE); + global $board, $config; + $offset = round($config['max_pages']*$config['threads_per_page']); // I too wish there was an easier way of doing this... $query = prepare(sprintf("SELECT `id` FROM `posts_%s` WHERE `thread` IS NULL ORDER BY `sticky` DESC, `bump` DESC LIMIT :offset, 9001", $board['uri'])); @@ -358,74 +360,75 @@ } function index($page, $mod=false) { - global $board; + global $board, $config; $body = ''; - $offset = round($page*THREADS_PER_PAGE-THREADS_PER_PAGE); + $offset = round($page*$config['threads_per_page']-$config['threads_per_page']); sql_open(); $query = prepare(sprintf("SELECT * FROM `posts_%s` WHERE `thread` IS NULL ORDER BY `sticky` DESC, `bump` DESC LIMIT ?,?", $board['uri'])); $query->bindValue(1, $offset, PDO::PARAM_INT); - $query->bindValue(2, THREADS_PER_PAGE, PDO::PARAM_INT); + $query->bindValue(2, $config['threads_per_page'], PDO::PARAM_INT); $query->execute() or error(db_error($query)); if($query->rowcount() < 1 && $page > 1) return false; while($th = $query->fetch()) { - $thread = new Thread($th['id'], $th['subject'], $th['email'], $th['name'], $th['trip'], $th['body'], $th['time'], $th['thumb'], $th['thumbwidth'], $th['thumbheight'], $th['file'], $th['filewidth'], $th['fileheight'], $th['filesize'], $th['filename'], $th['ip'], $th['sticky'], $th['locked'], $mod ? '?/' : ROOT, $mod); + $thread = new Thread($th['id'], $th['subject'], $th['email'], $th['name'], $th['trip'], $th['body'], $th['time'], $th['thumb'], $th['thumbwidth'], $th['thumbheight'], $th['file'], $th['filewidth'], $th['fileheight'], $th['filesize'], $th['filename'], $th['ip'], $th['sticky'], $th['locked'], $mod ? '?/' : $config['root'], $mod); $posts = prepare(sprintf("SELECT `id`, `subject`, `email`, `name`, `trip`, `body`, `time`, `thumb`, `thumbwidth`, `thumbheight`, `file`, `filewidth`, `fileheight`, `filesize`, `filename`,`ip` FROM `posts_%s` WHERE `thread` = ? ORDER BY `id` DESC LIMIT ?", $board['uri'])); $posts->bindValue(1, $th['id']); - $posts->bindValue(2, THREADS_PREVIEW, PDO::PARAM_INT); + $posts->bindValue(2, $config['threads_preview'], PDO::PARAM_INT); $posts->execute() or error(db_error($posts)); - if($posts->rowCount() == THREADS_PREVIEW) { + if($posts->rowCount() == $config['threads_preview']) { $count = prepare(sprintf("SELECT COUNT(`id`) as `num` FROM `posts_%s` WHERE `thread` = ?", $board['uri'])); $count->bindValue(1, $th['id']); $count->execute() or error(db_error($count)); $count = $count->fetch(); - $omitted = $count['num'] - THREADS_PREVIEW; + $omitted = $count['num'] - $config['threads_preview']; $thread->omitted = $omitted; unset($count); unset($omitted); } while($po = $posts->fetch()) { - $thread->add(new Post($po['id'], $th['id'], $po['subject'], $po['email'], $po['name'], $po['trip'], $po['body'], $po['time'], $po['thumb'], $po['thumbwidth'], $po['thumbheight'], $po['file'], $po['filewidth'], $po['fileheight'], $po['filesize'], $po['filename'], $po['ip'], $mod ? '?/' : ROOT, $mod)); + $thread->add(new Post($po['id'], $th['id'], $po['subject'], $po['email'], $po['name'], $po['trip'], $po['body'], $po['time'], $po['thumb'], $po['thumbwidth'], $po['thumbheight'], $po['file'], $po['filewidth'], $po['fileheight'], $po['filesize'], $po['filename'], $po['ip'], $mod ? '?/' : $config['root'], $mod)); } $thread->posts = array_reverse($thread->posts); $body .= $thread->build(true); } - return Array('button'=>BUTTON_NEWTOPIC, 'board'=>$board, 'body'=>$body, 'post_url' => POST_URL, 'index' => ROOT); + return Array('button'=>$config['button_newtopic'], 'board'=>$board, 'body'=>$body, 'post_url' => $config['post_url'], 'index' => $config['root']); } function getPages($mod=false) { - global $board; + global $board, $config; // Count threads $query = query(sprintf("SELECT COUNT(`id`) as `num` FROM `posts_%s` WHERE `thread` IS NULL", $board['uri'])) or error(db_error()); $count = current($query->fetch()); - $count = floor((THREADS_PER_PAGE + $count - 1) / THREADS_PER_PAGE); + $count = floor(($config['threads_per_page'] + $count - 1) / $config['threads_per_page']); $pages = Array(); - for($x=0;$x<$count && $x $x+1, 'link' => $x==0 ? ($mod ? '?/' : ROOT) . $board['dir'] . FILE_INDEX : ($mod ? '?/' : ROOT) . $board['dir'] . sprintf(FILE_PAGE, $x+1)); + for($x=0;$x<$count && $x<$config['max_pages'];$x++) { + $pages[] = Array('num' => $x+1, 'link' => $x==0 ? ($mod ? '?/' : $config['root']) . $board['dir'] . $config['file_index'] : ($mod ? '?/' : $config['root']) . $board['dir'] . sprintf($config['file_page'], $x+1)); } return $pages; } function makerobot($body) { + global $config; $body = strtolower($body); // Leave only letters $body = preg_replace('/[^a-z]/i', '', $body); // Remove repeating characters - if(ROBOT_STRIP_REPEATING) + if($config['robot_strip_repeating']) $body = preg_replace('/(.)\\1+/', '$1', $body); return sha1($body); @@ -468,6 +471,7 @@ } function muteTime() { + global $config; // Find number of mutes in the past X hours $query = prepare("SELECT COUNT(*) as `count` FROM `mutes` WHERE `time` >= :time AND `ip` = :ip"); $query->bindValue(':time', time()-(ROBOT_MUTE_HOUR*3600), PDO::PARAM_INT); @@ -476,7 +480,7 @@ $result = $query->fetch(); if($result['count'] == 0) return 0; - return pow(ROBOT_MUTE_MULTIPLIER, $result['count']); + return pow($config['robot_mute_multiplier'], $result['count']); } function mute() { @@ -504,7 +508,7 @@ if($mute['time'] + $mutetime > time()) { // Not expired yet - error(sprintf(ERROR_YOUAREMUTED, $mute['time'] + $mutetime - time())); + error(sprintf($config['error']['youaremuted'], $mute['time'] + $mutetime - time())); } else { // Already expired return; @@ -513,14 +517,14 @@ } function buildIndex() { - global $board; + global $board, $config; sql_open(); $pages = getPages(); $page = 1; - while($page <= MAX_PAGES && $content = index($page)) { - $filename = $board['dir'] . ($page==1 ? FILE_INDEX : sprintf(FILE_PAGE, $page)); + while($page <= $config['max_pages'] && $content = index($page)) { + $filename = $board['dir'] . ($page==1 ? $config['file_index'] : sprintf($config['file_page'], $page)); if(file_exists($filename)) $md5 = md5_file($filename); $content['pages'] = $pages; @@ -531,9 +535,9 @@ } $page++; } - if($page < MAX_PAGES) { - for(;$page<=MAX_PAGES;$page++) { - $filename = $page==1 ? FILE_INDEX : sprintf(FILE_PAGE, $page); + if($page < $config['max_pages']) { + for(;$page<=$config['max_pages'];$page++) { + $filename = $page==1 ? $config['file_index'] : sprintf($config['file_page'], $page); @unlink($filename); } } @@ -566,17 +570,17 @@ } function markup(&$body) { - global $board; + global $board, $config; $body = utf8tohtml($body, true); - if(MARKUP_URLS) { - $body = preg_replace(URL_REGEX, "$0", $body, -1, $num_links); - if($num_links > MAX_LINKS) - error(ERROR_TOOMANYLINKS); + if($config['markup_urls']) { + $body = preg_replace($config['url_regex'], "$0", $body, -1, $num_links); + if($num_links > $config['max_links']) + error($config['error']['toomanylinks']); } - if(AUTO_UNICODE) { + if($config['auto_unicode']) { $body = str_replace('...', '…', $body); $body = str_replace('<--', '←', $body); @@ -603,7 +607,7 @@ $query->execute() or error(db_error($query)); if($post = $query->fetch()) { - $replacement = '>>' . $cite . ''; + $replacement = '>>' . $cite . ''; } else { $replacement = ">>{$cite}"; } @@ -630,7 +634,7 @@ $body = preg_replace("/(^|\n)([\s]+)?(>)([^\n]+)?($|\n)/m", '$1$2$3$4$5', $body); - if(WIKI_MARKUP) { + if($config['wiki_markup']) { $body = preg_replace("/(^|\n)==(.+?)==\n?/m", "

$2

", $body); $body = preg_replace("/'''(.+?)'''/m", "$1", $body); $body = preg_replace("/''(.+?)''/m", "$1", $body); @@ -679,7 +683,7 @@ } function buildThread($id, $return=false, $mod=false) { - global $board; + global $board, $config; $id = round($id); $query = prepare(sprintf("SELECT `id`,`thread`,`subject`,`name`,`email`,`trip`,`body`,`time`,`thumb`,`thumbwidth`,`thumbheight`,`file`,`filewidth`,`fileheight`,`filesize`,`filename`,`ip`,`sticky`,`locked` FROM `posts_%s` WHERE (`thread` IS NULL AND `id` = :id) OR `thread` = :id ORDER BY `thread`,`time`", $board['uri'])); @@ -688,33 +692,34 @@ while($post = $query->fetch()) { if(!isset($thread)) { - $thread = new Thread($post['id'], $post['subject'], $post['email'], $post['name'], $post['trip'], $post['body'], $post['time'], $post['thumb'], $post['thumbwidth'], $post['thumbheight'], $post['file'], $post['filewidth'], $post['fileheight'], $post['filesize'], $post['filename'], $post['ip'], $post['sticky'], $post['locked'], $mod ? '?/' : ROOT, $mod); + $thread = new Thread($post['id'], $post['subject'], $post['email'], $post['name'], $post['trip'], $post['body'], $post['time'], $post['thumb'], $post['thumbwidth'], $post['thumbheight'], $post['file'], $post['filewidth'], $post['fileheight'], $post['filesize'], $post['filename'], $post['ip'], $post['sticky'], $post['locked'], $mod ? '?/' : $config['root'], $mod); } else { - $thread->add(new Post($post['id'], $thread->id, $post['subject'], $post['email'], $post['name'], $post['trip'], $post['body'], $post['time'], $post['thumb'], $post['thumbwidth'], $post['thumbheight'], $post['file'], $post['filewidth'], $post['fileheight'], $post['filesize'], $post['filename'], $post['ip'], $mod ? '?/' : ROOT, $mod)); + $thread->add(new Post($post['id'], $thread->id, $post['subject'], $post['email'], $post['name'], $post['trip'], $post['body'], $post['time'], $post['thumb'], $post['thumbwidth'], $post['thumbheight'], $post['file'], $post['filewidth'], $post['fileheight'], $post['filesize'], $post['filename'], $post['ip'], $mod ? '?/' : $config['root'], $mod)); } } // Check if any posts were found - if(!isset($thread)) error(ERROR_NONEXISTANT); + if(!isset($thread)) error($config['error']['nonexistant']); $body = Element('thread.html', Array( - 'button'=>BUTTON_REPLY, + 'button'=>$config['button_reply'], 'board'=>$board, 'body'=>$thread->build(), - 'post_url' => POST_URL, - 'index' => ROOT, + 'post_url' => $config['post_url'], + 'index' => $config['root'], 'id' => $id, 'mod' => $mod, - 'return' => ($mod ? '?' . $board['url'] . FILE_INDEX : ROOT . $board['uri'] . '/' . FILE_INDEX) + 'return' => ($mod ? '?' . $board['url'] . $config['file_index'] : $config['root'] . $board['uri'] . '/' . $config['file_index']) )); if($return) return $body; else - @file_put_contents($board['dir'] . DIR_RES . sprintf(FILE_PAGE, $id), $body) or error("Couldn't write to file."); + @file_put_contents($board['dir'] . $config['dir']['res'] . sprintf($config['file_page'], $id), $body) or error("Couldn't write to file."); } function generate_tripcode ( $name, $length = 10 ) { + global $config; $name = stripslashes ( $name ); $t = explode('#', $name); $nameo = $t[0]; @@ -730,7 +735,7 @@ $salt = strtr ( $salt, ':;<=>?@[\]^_`', 'ABCDEFGabcdef' ); if ( isset ( $t[2] ) ) { // secure - $trip = '!!' . substr ( crypt ( $trip, SECURE_TRIP_SALT ), ( -1 * $length ) ); + $trip = '!!' . substr ( crypt ( $trip, $config['secure_trip_salt'] ), ( -1 * $length ) ); } else { // insecure $trip = '!' . substr ( crypt ( $trip, $salt ), ( -1 * $length ) ); @@ -865,25 +870,25 @@ case 'jpeg': if(!$image = @imagecreatefromjpeg($source_pic)) { unlink($source_pic); - error(ERR_INVALIDIMG); + error($config['error']['invalidimg']); } break; case 'png': if(!$image = @imagecreatefrompng($source_pic)) { unlink($source_pic); - error(ERR_INVALIDIMG); + error($config['error']['invalidimg']); } break; case 'gif': if(!$image = @imagecreatefromgif($source_pic)) { unlink($source_pic); - error(ERR_INVALIDIMG); + error($config['error']['invalidimg']); } break; case 'bmp': if(!$image = @imagecreatefrombmp($source_pic)) { unlink($source_pic); - error(ERR_INVALIDIMG); + error($config['error']['invalidimg']); } break; default: diff --git a/inc/instance-config.php b/inc/instance-config.php index 88178f2c..864a956c 100644 --- a/inc/instance-config.php +++ b/inc/instance-config.php @@ -11,14 +11,41 @@ // Database stuff - define('DB_TYPE', 'mysql'); - define('DB_SERVER', 'localhost'); - define('DB_USER', ''); - define('DB_PASSWORD', ''); - define('DB_DATABASE', ''); - - define('ROOT', '/'); - -// define('FOO', 'bar'); - + $config['db']['type'] = 'mysql'; + $config['db']['server'] = 'localhost'; + $config['db']['user'] = ''; + $config['db']['password'] = ''; + $config['db']['database'] = ''; + + $config['root'] = '/'; + + + + // The following looks ugly. I will find a better place to put this code soon. + $config['post_url'] = $config['root'] . 'post.php'; + + $config['url_match'] = '/^' . + (preg_match($config['url_regex'], $config['root']) ? '' : + (@$_SERVER['HTTPS']?'https':'http') . + ':\/\/'.$_SERVER['HTTP_HOST']) . + preg_quote($config['root'], '/') . + '(' . + str_replace('%s', '\w{1,8}', preg_quote($config['board_path'], '/')) . + '|' . + str_replace('%s', '\w{1,8}', preg_quote($config['board_path'], '/')) . + preg_quote($config['file_index'], '/') . + '|' . + str_replace('%s', '\w{1,8}', preg_quote($config['board_path'], '/')) . + str_replace('%d', '\d+', preg_quote($config['file_page'], '/')) . + '|' . + preg_quote($config['file_mod'], '/') . + '\?\/.+' . + ')$/i'; + + $config['dir']['static'] = $config['root'] . 'static/'; + + $config['image_sticky'] = $config['dir']['static'] . 'sticky.gif'; + $config['image_locked'] = $config['dir']['static'] . 'locked.gif'; + $config['image_deleted'] = $config['dir']['static'] . 'deleted.png'; + $config['image_zip'] = $config['dir']['static'] . 'zip.png'; ?> \ No newline at end of file diff --git a/inc/template.php b/inc/template.php index ff65c0c3..d8961167 100644 --- a/inc/template.php +++ b/inc/template.php @@ -8,7 +8,7 @@ // Standard configuration // // Folder where the template files are kept - $templateDir = DIR_TEMPLATE; + $templateDir = $config['dir']['template']; // // Enable global things like %gentime, etc. $templateGlobals = true; diff --git a/inc/user.php b/inc/user.php index 6470d2ff..021515a2 100644 --- a/inc/user.php +++ b/inc/user.php @@ -3,10 +3,10 @@ $mod = false; // Set the session name. - session_name(SESS_COOKIE); + session_name($config['cookies']['session']); // Set session parameters - session_set_cookie_params(0, JAIL_COOKIES?ROOT:'/'); + session_set_cookie_params(0, $config['cookies']['jail']?$config['root']:'/'); // Start the session session_start(); @@ -14,13 +14,13 @@ // Session creation time if(!isset($_SESSION['created'])) $_SESSION['created'] = time(); - if(!isset($_COOKIE[HASH_COOKIE]) || !isset($_COOKIE[TIME_COOKIE]) || $_COOKIE[HASH_COOKIE] != md5($_COOKIE[TIME_COOKIE].SALT)) { + if(!isset($_COOKIE[$config['cookies']['hash']]) || !isset($_COOKIE[$config['cookies']['time']]) || $_COOKIE[$config['cookies']['hash']] != md5($_COOKIE[$config['cookies']['time']] . $config['cookies']['salt'])) { $time = time(); - setcookie(TIME_COOKIE, $time, time()+COOKIE_EXPIRE, JAIL_COOKIES?ROOT:'/', null, false, true); - setcookie(HASH_COOKIE, md5($time.SALT), $time+COOKIE_EXPIRE, JAIL_COOKIES?ROOT:'/', null, false, true); + setcookie($config['cookies']['time'], $time, time()+$config['cookies']['expire'], $config['cookies']['jail']?$config['root']:'/', null, false, true); + setcookie($config['cookies']['hash'], md5($time . $config['cookies']['salt']), $time+$config['cookies']['expire'], $config['cookies']['jail']?$config['root']:'/', null, false, true); $user = Array('valid' => false, 'appeared' => $time); } else { - $user = Array('valid' => true, 'appeared' => $_COOKIE[TIME_COOKIE]); + $user = Array('valid' => true, 'appeared' => $_COOKIE[$config['cookies']['time']]); } ?> \ No newline at end of file diff --git a/mod.php b/mod.php index 12b730a0..40244b4a 100644 --- a/mod.php +++ b/mod.php @@ -1,10 +1,10 @@ str_replace('%s', '(\w{1,8})', preg_quote(BOARD_PATH, '/')), - 'page' => str_replace('%d', '(\d+)', preg_quote(FILE_PAGE, '/')), - 'img' => preg_quote(DIR_IMG, '/'), - 'thumb' => preg_quote(DIR_THUMB, '/'), - 'res' => preg_quote(DIR_RES, '/'), - 'index' => preg_quote(FILE_INDEX, '/') + 'board' => str_replace('%s', '(\w{1,8})', preg_quote($config['board_path'], '/')), + 'page' => str_replace('%d', '(\d+)', preg_quote($config['file_page'], '/')), + 'img' => preg_quote($config['dir']['img'], '/'), + 'thumb' => preg_quote($config['dir']['thumb'], '/'), + 'res' => preg_quote($config['dir']['res'], '/'), + 'index' => preg_quote($config['file_index'], '/') ); if(preg_match('/^\/?$/', $query)) { @@ -81,10 +81,10 @@ // Boards $fieldset['Boards'] .= ulBoards(); - if($mod['type'] >= MOD_VIEW_BANLIST) { + if($mod['type'] >= $config['mod']['view_banlist']) { $fieldset['Administration'] .= '
  • Ban list
    • '; } - if($mod['type'] >= MOD_SHOW_CONFIG) { + if($mod['type'] >= $config['mod']['show_config']) { $fieldset['Administration'] .= '
  • Show configuration
    • '; } @@ -97,16 +97,16 @@ } echo Element('page.html', Array( - 'index'=>ROOT, + 'index'=>$config['root'], 'title'=>'Dashboard', 'body'=>$body //,'mod'=>true /* All 'mod' does, at this point, is put the "Return to dashboard" link in. */ ) ); } elseif(preg_match('/^\/bans$/', $query)) { - if($mod['type'] < MOD_VIEW_BANLIST) error(ERROR_NOACCESS); + if($mod['type'] < $config['mod']['view_banlist']) error($config['error']['noaccess']); - if(MOD_VIEW_BANEXPIRED) { + if($config['mod']['view_banexpired']) { $query = prepare("SELECT * FROM `bans` INNER JOIN `mods` ON `mod` = `id` GROUP BY `ip` ORDER BY `expires` < :time, `set` DESC"); $query->bindValue(':time', time(), PDO::PARAM_INT); $query->execute() or error(db_error($query)); @@ -126,7 +126,7 @@ while($ban = $query->fetch()) { $body .= '' . @@ -145,26 +145,26 @@ '' . $ban['reason'] . '' . // Set - '' . date(POST_DATE, $ban['set']) . '' . + '' . date($config['post_date'], $ban['set']) . '' . // Expires '' . ($ban['expires'] == 0 ? 'Never' : - date(POST_DATE, $ban['expires']) + date($config['post_date'], $ban['expires']) ) . '' . // Staff '' . - ($mod['type'] < MOD_VIEW_BANSTAFF ? - (MOD_VIEW_BANQUESTIONMARK ? + ($mod['type'] < $config['mod']['view_banstaff'] ? + ($config['mod']['view_banquestionmark'] ? '?' : - ($ban['type'] == MOD_JANITOR ? 'Janitor' : - ($ban['type'] == MOD_MOD ? 'Mod' : - ($ban['type'] == MOD_ADMIN ? 'Admin' : + ($ban['type'] == JANITOR ? 'Janitor' : + ($ban['type'] == MOD ? 'Mod' : + ($ban['type'] == ADMIN ? 'Admin' : '?'))) ) : @@ -181,14 +181,14 @@ } echo Element('page.html', Array( - 'index'=>ROOT, + 'index'=>$config['root'], 'title'=>'Ban list', 'body'=>$body, 'mod'=>true ) ); } elseif(preg_match('/^\/config$/', $query)) { - if($mod['type'] < MOD_SHOW_CONFIG) error(ERROR_NOACCESS); + if($mod['type'] < $config['mod']['show_config']) error($config['error']['noaccess']); // Show instance-config.php @@ -240,14 +240,14 @@ $body = '
    Configuration' . $data . '
    '; echo Element('page.html', Array( - 'index'=>ROOT, + 'index'=>$config['root'], 'title'=>'Configuration', 'body'=>$body, 'mod'=>true ) ); } elseif(preg_match('/^\/new$/', $query)) { - if($mod['type'] < MOD_NEWBOARD) error(ERROR_NOACCESS); + if($mod['type'] < $config['mod']['newboard']) error($config['error']['noaccess']); // New board $body = ''; @@ -257,7 +257,7 @@ if( !isset($_POST['uri']) || !isset($_POST['title']) || !isset($_POST['subtitle']) - ) error(ERROR_MISSEDAFIELD); + ) error($config['error']['missedafield']); $b = Array( 'uri' => $_POST['uri'], @@ -267,24 +267,24 @@ // Check required fields if(empty($b['uri'])) - error(sprintf(ERROR_REQUIRED, 'URI')); + error(sprintf($config['error']['required'], 'URI')); if(empty($b['title'])) - error(sprintf(ERROR_REQUIRED, 'title')); + error(sprintf($config['error']['required'], 'title')); // Check string lengths if(strlen($b['uri']) > 8) - error(sprintf(ERROR_TOOLONG, 'URI')); + error(sprintf($config['error']['toolong'], 'URI')); if(strlen($b['title']) > 20) - error(sprintf(ERROR_TOOLONG, 'title')); + error(sprintf($config['error']['toolong'], 'title')); if(strlen($b['subtitle']) > 40) - error(sprintf(ERROR_TOOLONG, 'subtitle')); + error(sprintf($config['error']['toolong'], 'subtitle')); if(!preg_match('/^\w+$/', $b['uri'])) - error(sprintf(ERROR_INVALIDFIELD, 'URI')); + error(sprintf($config['error']['invalidfield'], 'URI')); if(openBoard($b['uri'])) { unset($board); - error(sprintf(ERROR_BOARDEXISTS, sprintf(BOARD_ABBREVIATION, $b['uri']))); + error(sprintf($config['error']['boardexists'], sprintf($config['board_abbreviation'], $b['uri']))); } $query = prepare("INSERT INTO `boards` VALUES (NULL, :uri, :title, :subtitle)"); @@ -315,7 +315,7 @@ // TODO: Statistics, etc, in the dashboard. echo Element('page.html', Array( - 'index'=>ROOT, + 'index'=>$config['root'], 'title'=>'New board', 'body'=>$body, 'mod'=>true @@ -328,10 +328,10 @@ // Open board if(!openBoard($boardName)) - error(ERROR_NOBOARD); + error($config['error']['noboard']); - if(!$page = index(empty($matches[2]) || $matches[2] == FILE_INDEX ? 1 : $matches[2], $mod)) { - error(ERROR_404); + if(!$page = index(empty($matches[2]) || $matches[2] == $config['file_index'] ? 1 : $matches[2], $mod)) { + error($config['error']['404']); } $page['pages'] = getPages(true); $page['mod'] = true; @@ -344,20 +344,20 @@ $thread = $matches[2]; // Open board if(!openBoard($boardName)) - error(ERROR_NOBOARD); + error($config['error']['noboard']); $page = buildThread($thread, true, $mod); echo $page; } elseif(preg_match('/^\/' . $regex['board'] . 'deletefile\/(\d+)$/', $query, $matches)) { - if($mod['type'] < MOD_DELETEFILE) error(ERROR_NOACCESS); + if($mod['type'] < $config['mod']['deletefile']) error($config['error']['noaccess']); // Delete file from post $boardName = $matches[1]; $post = $matches[2]; // Open board if(!openBoard($boardName)) - error(ERROR_NOBOARD); + error($config['error']['noboard']); // Delete post deleteFile($post); @@ -371,18 +371,18 @@ // Redirect if(isset($_SERVER['HTTP_REFERER'])) - header('Location: ' . $_SERVER['HTTP_REFERER'], true, REDIRECT_HTTP); + header('Location: ' . $_SERVER['HTTP_REFERER'], true, $config['redirect_http']); else - header('Location: ?/' . sprintf(BOARD_PATH, $boardName) . FILE_INDEX, true, REDIRECT_HTTP); + header('Location: ?/' . sprintf($config['board_path'], $boardName) . $config['file_index'], true, $config['redirect_http']); } elseif(preg_match('/^\/' . $regex['board'] . 'delete\/(\d+)$/', $query, $matches)) { - if($mod['type'] < MOD_DELETE) error(ERROR_NOACCESS); + if($mod['type'] < $config['mod']['delete']) error($config['error']['noaccess']); // Delete post $boardName = $matches[1]; $post = $matches[2]; // Open board if(!openBoard($boardName)) - error(ERROR_NOBOARD); + error($config['error']['noboard']); // Delete post deletePost($post); @@ -395,18 +395,18 @@ // Redirect if(isset($_SERVER['HTTP_REFERER'])) - header('Location: ' . $_SERVER['HTTP_REFERER'], true, REDIRECT_HTTP); + header('Location: ' . $_SERVER['HTTP_REFERER'], true, $config['redirect_http']); else - header('Location: ?/' . sprintf(BOARD_PATH, $boardName) . FILE_INDEX, true, REDIRECT_HTTP); + header('Location: ?/' . sprintf($config['board_path'], $boardName) . $config['file_index'], true, $config['redirect_http']); } elseif(preg_match('/^\/' . $regex['board'] . '(un)?sticky\/(\d+)$/', $query, $matches)) { - if($mod['type'] < MOD_STICKY) error(ERROR_NOACCESS); + if($mod['type'] < $config['mod']['sticky']) error($config['error']['noaccess']); // Add/remove sticky $boardName = $matches[1]; $post = $matches[3]; // Open board if(!openBoard($boardName)) - error(ERROR_NOBOARD); + error($config['error']['noboard']); $query = prepare(sprintf("UPDATE `posts_%s` SET `sticky` = :sticky WHERE `id` = :id AND `thread` IS NULL", $board['uri'])); $query->bindValue(':id', $post, PDO::PARAM_INT); @@ -429,18 +429,18 @@ // Redirect if(isset($_SERVER['HTTP_REFERER'])) - header('Location: ' . $_SERVER['HTTP_REFERER'], true, REDIRECT_HTTP); + header('Location: ' . $_SERVER['HTTP_REFERER'], true, $config['redirect_http']); else - header('Location: ?/' . sprintf(BOARD_PATH, $boardName) . FILE_INDEX, true, REDIRECT_HTTP); + header('Location: ?/' . sprintf($config['board_path'], $boardName) . $config['file_index'], true, $config['redirect_http']); } elseif(preg_match('/^\/' . $regex['board'] . '(un)?lock\/(\d+)$/', $query, $matches)) { - if($mod['type'] < MOD_LOCK) error(ERROR_NOACCESS); + if($mod['type'] < $config['mod']['lock']) error($config['error']['noaccess']); // Lock/Unlock $boardName = $matches[1]; $post = $matches[3]; // Open board if(!openBoard($boardName)) - error(ERROR_NOBOARD); + error($config['error']['noboard']); $query = prepare(sprintf("UPDATE `posts_%s` SET `locked` = :locked WHERE `id` = :id AND `thread` IS NULL", $board['uri'])); $query->bindValue(':id', $post, PDO::PARAM_INT); @@ -463,9 +463,9 @@ // Redirect if(isset($_SERVER['HTTP_REFERER'])) - header('Location: ' . $_SERVER['HTTP_REFERER'], true, REDIRECT_HTTP); + header('Location: ' . $_SERVER['HTTP_REFERER'], true, $config['redirect_http']); else - header('Location: ?/' . sprintf(BOARD_PATH, $boardName) . FILE_INDEX, true, REDIRECT_HTTP); + header('Location: ?/' . sprintf($config['board_path'], $boardName) . $config['file_index'], true, $config['redirect_http']); } elseif(preg_match('/^\/' . $regex['board'] . 'deletebyip\/(\d+)$/', $query, $matches)) { // Delete all posts by an IP @@ -473,14 +473,14 @@ $post = $matches[2]; // Open board if(!openBoard($boardName)) - error(ERROR_NOBOARD); + error($config['error']['noboard']); $query = prepare(sprintf("SELECT `ip` FROM `posts_%s` WHERE `id` = :id", $board['uri'])); $query->bindValue(':id', $post); $query->execute() or error(db_error($query)); if(!$post = $query->fetch()) - error(ERROR_INVALIDPOST); + error($config['error']['invalidpost']); $ip = $post['ip']; @@ -492,16 +492,16 @@ $query->execute() or error(db_error($query)); if($query->rowCount() < 1) - error(ERROR_INVALIDPOST); + error($config['error']['invalidpost']); while($post = $query->fetch()) { deletePost($post['id'], false); } if(isset($_SERVER['HTTP_REFERER'])) - header('Location: ' . $_SERVER['HTTP_REFERER'], true, REDIRECT_HTTP); + header('Location: ' . $_SERVER['HTTP_REFERER'], true, $config['redirect_http']); else - header('Location: ?/' . sprintf(BOARD_PATH, $boardName) . FILE_INDEX, true, REDIRECT_HTTP); + header('Location: ?/' . sprintf($config['board_path'], $boardName) . $config['file_index'], true, $config['redirect_http']); } elseif(preg_match('/^\/ban$/', $query)) { // Ban page @@ -509,11 +509,11 @@ if( !isset($_POST['ip']) || !isset($_POST['reason']) || !isset($_POST['length']) - ) error(ERROR_MISSEDAFIELD); + ) error($config['error']['missedafield']); // Check required fields if(empty($_POST['ip'])) - error(sprintf(ERROR_REQUIRED, 'IP address')); + error(sprintf($config['error']['required'], 'IP address')); $query = prepare("INSERT INTO `bans` VALUES (:ip, :mod, :set, :expires, :reason)"); @@ -569,19 +569,19 @@ $query->execute() or error(db_error($query)); // Delete too - if($mod['type'] >= MOD_DELETE && isset($_POST['delete']) && isset($_POST['board'])) { + if($mod['type'] >= $config['mod']['delete'] && isset($_POST['delete']) && isset($_POST['board'])) { openBoard($_POST['board']); deletePost(round($_POST['delete'])); } // Redirect if(isset($_POST['continue'])) - header('Location: ' . $_POST['continue'], true, REDIRECT_HTTP); + header('Location: ' . $_POST['continue'], true, $config['redirect_http']); else - header('Location: ?/' . sprintf(BOARD_PATH, $boardName) . FILE_INDEX, true, REDIRECT_HTTP); + header('Location: ?/' . sprintf($config['board_path'], $boardName) . $config['file_index'], true, $config['redirect_http']); } } elseif(preg_match('/^\/' . $regex['board'] . 'ban(&delete)?\/(\d+)$/', $query, $matches)) { - if($mod['type'] < MOD_DELETE) error(ERROR_NOACCESS); + if($mod['type'] < $config['mod']['delete']) error($config['error']['noaccess']); // Ban by post $boardName = $matches[1]; @@ -589,14 +589,14 @@ $post = $matches[3]; // Open board if(!openBoard($boardName)) - error(ERROR_NOBOARD); + error($config['error']['noboard']); $query = prepare(sprintf("SELECT `ip`,`id` FROM `posts_%s` WHERE `id` = :id LIMIT 1", $board['uri'])); $query->bindValue(':id', $post, PDO::PARAM_INT); $query->execute() or error(db_error($query)); if($query->rowCount() < 1) { - error(ERROR_INVALIDPOST); + error($config['error']['invalidpost']); } $post = $query->fetch(); @@ -604,7 +604,7 @@ $body = form_newBan($post['ip'], null, isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : false, $delete ? $post['id'] : false, $delete ? $boardName : false); echo Element('page.html', Array( - 'index'=>ROOT, + 'index'=>$config['root'], 'title'=>'New ban', 'body'=>$body, 'mod'=>true @@ -614,7 +614,7 @@ // View information on an IP address $ip = $matches[1]; - $host = MOD_DNS_LOOKUP ? gethostbyaddr($ip) : false; + $host = $config['mod']['dns_lookup'] ? gethostbyaddr($ip) : false; $body = ''; $boards = listBoards(); @@ -624,26 +624,26 @@ $temp = ''; $query = prepare(sprintf("SELECT * FROM `posts_%s` WHERE `ip` = :ip ORDER BY `sticky` DESC, `time` DESC LIMIT :limit", $_board['uri'])); $query->bindValue(':ip', $ip); - $query->bindValue(':limit', MOD_IP_RECENTPOSTS, PDO::PARAM_INT); + $query->bindValue(':limit', $config['mod']['ip_recentposts'], PDO::PARAM_INT); $query->execute() or error(db_error($query)); while($post = $query->fetch()) { - $po = new Post($post['id'], $post['thread'], $post['subject'], $post['email'], $post['name'], $post['trip'], $post['body'], $post['time'], $post['thumb'], $post['thumbwidth'], $post['thumbheight'], $post['file'], $post['filewidth'], $post['fileheight'], $post['filesize'], $post['filename'], $post['ip'], $mod ? '?/' : ROOT, $mod); + $po = new Post($post['id'], $post['thread'], $post['subject'], $post['email'], $post['name'], $post['trip'], $post['body'], $post['time'], $post['thumb'], $post['thumbwidth'], $post['thumbheight'], $post['file'], $post['filewidth'], $post['fileheight'], $post['filesize'], $post['filename'], $post['ip'], $mod ? '?/' : $config['root'], $mod); $temp .= $po->build(); } if(!empty($temp)) $body .= '
    Last ' . $query->rowCount() . ' posts on ' . - sprintf(BOARD_ABBREVIATION, $_board['uri']) . ' - ' . $_board['title'] . + sprintf($config['board_abbreviation'], $_board['uri']) . ' - ' . $_board['title'] . '' . $temp . '
    '; } - if(MOD_IP_BANFORM) + if($config['mod']['ip_banform']) $body .= form_newBan($ip, null, isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : false); echo Element('page.html', Array( - 'index'=>ROOT, + 'index'=>$config['root'], 'title'=>'IP: ' . $ip, 'subtitle' => $host, 'body'=>$body, @@ -651,7 +651,7 @@ ) ); } else { - error(ERROR_404); + error($config['error']['404']); } } diff --git a/post.php b/post.php index 38599222..431be0c0 100644 --- a/post.php +++ b/post.php @@ -1,10 +1,10 @@ $value) { @@ -45,15 +45,15 @@ // Check if banned checkBan(); - if(BLOCK_TOR && isTor()) - error(ERROR_TOR); + if($config['block_tor'] && isTor()) + error($config['error']['tor']); // Check if board exists if(!openBoard($_POST['board'])) - error(ERROR_NOBOARD); + error($config['error']['noboard']); if(empty($delete)) - error(ERROR_NODELETE); + error($config['error']['nodelete']); foreach($delete as &$id) { $query = prepare(sprintf("SELECT `password` FROM `posts_%s` WHERE `id` = :id", $board['uri'])); @@ -62,7 +62,7 @@ if($post = $query->fetch()) { if(!empty($password) && $post['password'] != $password) - error(ERROR_INVALIDPASSWORD); + error($config['error']['invalidpassword']); if(isset($_POST['file'])) { // Delete just the file @@ -79,9 +79,9 @@ sql_close(); $is_mod = isset($_POST['mod']) && $_POST['mod']; - $root = $is_mod ? ROOT . FILE_MOD . '?/' : ROOT; + $root = $is_mod ? $config['root'] . $config['file_mod'] . '?/' : $config['root']; - header('Location: ' . $root . $board['dir'] . FILE_INDEX, true, REDIRECT_HTTP); + header('Location: ' . $root . $board['dir'] . $config['file_index'], true, $config['redirect_http']); } elseif(isset($_POST['post'])) { if( !isset($_POST['name']) || @@ -90,7 +90,7 @@ !isset($_POST['body']) || !isset($_POST['board']) || !isset($_POST['password']) - ) error(ERROR_BOT); + ) error($config['error']['bot']); $post = Array('board' => $_POST['board']); @@ -99,13 +99,13 @@ $post['thread'] = round($_POST['thread']); } else $OP = true; - //if(!(($OP && $_POST['post'] == BUTTON_NEWTOPIC) || - // (!$OP && $_POST['post'] == BUTTON_REPLY))) - // error(ERROR_BOT); + if(!(($OP && $_POST['post'] == $config['button_newtopic']) || + (!$OP && $_POST['post'] == $config['button_reply']))) + error($config['error']['bot']); // Check the referrer if($OP) { - if(!isset($_SERVER['HTTP_REFERER']) || !preg_match(URL_MATCH, $_SERVER['HTTP_REFERER'])) error(ERROR_BOT); + if(!isset($_SERVER['HTTP_REFERER']) || !preg_match($config['url_match'], $_SERVER['HTTP_REFERER'])) error($config['error']['bot']); } // TODO: Since we're now using static HTML files, we can't give them cookies on their first page view @@ -113,7 +113,7 @@ /* // Check if he has a valid cookie. - if(!$user['valid']) error(ERROR_BOT); + if(!$user['valid']) error($config['error']['bot']); // Check how long he has been here. if(time()-$user['appeared'] MAX_FILESIZE) - error(sprintf3(ERR_FILESIZE, array( + if($size > $config['max_filesize']) + error(sprintf3($config['error']['filesize'], array( 'sz'=>commaize($size), 'filesz'=>commaize($size), - 'maxsz'=>commaize(MAX_FILESIZE)))); + 'maxsz'=>commaize($config['max_filesize'])))); } - if($mod && $mod['type'] >= MOD_MOD && preg_match('/^((.+) )?## (.+)$/', $post['name'], $match)) { - if(($mod['type'] == MOD_MOD && $match[3] == 'Mod') || $mod['type'] >= MOD_ADMIN) { + if($mod && $mod['type'] >= MOD && preg_match('/^((.+) )?## (.+)$/', $post['name'], $match)) { + if(($mod['type'] == MOD && $match[3] == 'Mod') || $mod['type'] >= ADMIN) { $post['mod_tag'] = $match[3]; $post['name'] = !empty($match[2])?$match[2]:'Anonymous'; } @@ -211,19 +211,17 @@ if($post['has_file']) { $post['extension'] = strtolower(substr($post['filename'], strrpos($post['filename'], '.') + 1)); $post['file_id'] = time() . rand(100, 999); - $post['file'] = $board['dir'] . DIR_IMG . $post['file_id'] . '.' . $post['extension']; - $post['thumb'] = $board['dir'] . DIR_THUMB . $post['file_id'] . '.png'; - $post['zip'] = $OP && $post['has_file'] && ALLOW_ZIP && $post['extension'] == 'zip' ? $post['file'] : false; - if(!($post['zip'] || in_array($post['extension'], $allowed_ext))) error(ERROR_FILEEXT); + $post['file'] = $board['dir'] . $config['dir']['img'] . $post['file_id'] . '.' . $post['extension']; + $post['thumb'] = $board['dir'] . $config['dir']['thumb'] . $post['file_id'] . '.png'; } // Check string lengths - if(strlen($post['name']) > 50) error(sprintf(ERROR_TOOLONG, 'name')); - if(strlen($post['email']) > 30) error(sprintf(ERROR_TOOLONG, 'email')); - if(strlen($post['subject']) > 40) error(sprintf(ERROR_TOOLONG, 'subject')); - if(!$mod && strlen($post['body']) > MAX_BODY) error(ERROR_TOOLONGBODY); - if(!(!$OP && $post['has_file']) && strlen($post['body']) < 1) error(ERROR_TOOSHORTBODY); - if(strlen($post['password']) > 20) error(sprintf(ERROR_TOOLONG, 'password')); + if(strlen($post['name']) > 50) error(sprintf($config['error']['toolong'], 'name')); + if(strlen($post['email']) > 30) error(sprintf($config['error']['toolong'], 'email')); + if(strlen($post['subject']) > 40) error(sprintf($config['error']['toolong'], 'subject')); + if(!$mod && strlen($post['body']) > $config['max_body']) error($config['error']['toolongbody']); + if(!(!$OP && $post['has_file']) && strlen($post['body']) < 1) error($config['error']['tooshortbody']); + if(strlen($post['password']) > 20) error(sprintf($config['error']['toolong'], 'password')); if($post['mod_tag']) $post['trip'] .= ' ## ' . $post['mod_tag'] . ''; @@ -235,26 +233,14 @@ // Check for a flood if(checkFlood($post)) { - error(ERROR_FLOOD); + error($config['error']['flood']); } if($post['has_file']) { // Just trim the filename if it's too long if(strlen($post['filename']) > 30) $post['filename'] = substr($post['filename'], 0, 27).'…'; // Move the uploaded file - if(!@move_uploaded_file($_FILES['file']['tmp_name'], $post['file'])) error(ERROR_NOMOVE); - - if($post['zip']) { - // Validate ZIP file - if(is_resource($zip = zip_open($post['zip']))) - // TODO: Check if it's not empty and has at least one (valid) image - zip_close($zip); - else - error(ERR_INVALIDZIP); - - $post['file'] = ZIP_IMAGE; - $post['extension'] = strtolower(substr($post['file'], strrpos($post['file'], '.') + 1)); - } + if(!@move_uploaded_file($_FILES['file']['tmp_name'], $post['file'])) error($config['error']['nomove']); $size = @getimagesize($post['file']); $post['width'] = $size[0]; @@ -263,165 +249,48 @@ // Check if the image is valid if($post['width'] < 1 || $post['height'] < 1) { unlink($post['file']); - error(ERR_INVALIDIMG); + error($config['error']['invalidimg']); } - if($post['width'] > MAX_WIDTH || $post['height'] > MAX_HEIGHT) { + if($post['width'] > $config['max_width'] || $post['height'] > $config['max_height']) { unlink($post['file']); - error(ERR_MAXSIZE); + error($config['error']['maxsize']); } - $hash_function = FILE_HASH; - $post['filehash'] = $hash_function($post['file']); + $post['filehash'] = $config['file_hash']($post['file']); $post['filesize'] = filesize($post['file']); $image = createimage($post['extension'], $post['file']); - if(REDRAW_IMAGE && !$post['zip']) { - switch($post['extension']) { - case 'jpg': - case 'jpeg': - imagejpeg($image, $post['file'], JPEG_QUALITY); - break; - case 'png': - imagepng($image, $post['file'], 7); - break; - case 'gif': - if(REDRAW_GIF) - imagegif($image, $post['file']); - break; - case 'bmp': - imagebmp($image, $post['file']); - break; - default: - unlink($post['file']); - error('Unknwon file extension.'); - } - } - // Create a thumbnail - $thumb = resize($image, $post['width'], $post['height'], $post['thumb'], THUMB_WIDTH, THUMB_HEIGHT); + $thumb = resize($image, $post['width'], $post['height'], $post['thumb'], $config['thumb_width'], $config['thumb_height']); $post['thumbwidth'] = $thumb['width']; $post['thumbheight'] = $thumb['height']; } - if(!($mod && $mod['type'] >= MOD_POSTUNORIGINAL) && ROBOT_ENABLE && $board['uri'] == ROBOT_BOARD && checkRobot($post['body_nomarkup'])) { + /* + if(!($mod && $mod['type'] >= $config['mod']['postunoriginal']) && ROBOT_ENABLE && $board['uri'] == ROBOT_BOARD && checkRobot($post['body_nomarkup'])) { if(ROBOT_MUTE) { - error(sprintf(ERROR_MUTED, mute())); + error(sprintf($config['error']['muted'], mute())); } else { - error(ERROR_UNORIGINAL); + error($config['error']['unoriginal']); } } + */ // Remove DIR_* before inserting them into the database. if($post['has_file']) { - $post['file'] = substr_replace($post['file'], '', 0, strlen($board['dir'] . DIR_IMG)); - $post['thumb'] = substr_replace($post['thumb'], '', 0, strlen($board['dir'] . DIR_THUMB)); + $post['file'] = substr_replace($post['file'], '', 0, strlen($board['dir'] . $config['dir']['img'])); + $post['thumb'] = substr_replace($post['thumb'], '', 0, strlen($board['dir'] . $config['dir']['thumb'])); } // Todo: Validate some more, remove messy code, allow more specific configuration $id = post($post, $OP); - if($post['has_file'] && $post['zip']) { - // Open ZIP - $zip = zip_open($post['zip']); - // Read files - while($entry = zip_read($zip)) { - $filename = basename(zip_entry_name($entry)); - $extension = strtolower(substr($filename, strrpos($filename, '.') + 1)); - - if(in_array($extension, $allowed_ext)) { - if (zip_entry_open($zip, $entry, 'r')) { - // Fake post - $dump_post = Array( - 'subject' => $post['subject'], - 'email' => $post['email'], - 'name' => $post['name'], - 'trip' => $post['trip'], - 'body' => '', - 'thread' => $id, - 'password' => '', - 'has_file' => true, - 'file_id' => rand(0, 1000000000), - 'filename' => $filename - ); - - $dump_post['file'] = $board['dir'] . DIR_IMG . $dump_post['file_id'] . '.' . $extension; - $dump_post['thumb'] = $board['dir'] . DIR_THUMB . $dump_post['file_id'] . '.png'; - - // Extract the image from the ZIP - $fp = fopen($dump_post['file'], 'w+'); - fwrite($fp, zip_entry_read($entry, zip_entry_filesize($entry))); - fclose($fp); - - $size = @getimagesize($dump_post['file']); - $dump_post['width'] = $size[0]; - $dump_post['height'] = $size[1]; - - // Check if the image is valid - if($dump_post['width'] < 1 || $dump_post['height'] < 1) { - unlink($dump_post['file']); - } else { - if($dump_post['width'] > MAX_WIDTH || $dump_post['height'] > MAX_HEIGHT) { - unlink($dump_post['file']); - error(ERR_MAXSIZE); - } else { - $dump_post['filehash'] = md5_file($dump_post['file']); - $dump_post['filesize'] = filesize($dump_post['file']); - - $image = createimage($extension, $dump_post['file']); - - $success = true; - if(REDRAW_IMAGE) { - switch($extension) { - case 'jpg': - case 'jpeg': - imagejpeg($image, $dump_post['file'], JPEG_QUALITY); - break; - case 'png': - imagepng($image, $dump_post['file'], 7); - break; - case 'gif': - if(REDRAW_GIF) - imagegif($image, $dump_post['file']); - break; - case 'bmp': - imagebmp($image, $dump_post['file']); - break; - default: - $success = false; - } - } - - - // Create a thumbnail - $thumb = resize($image, $dump_post['width'], $dump_post['height'], $dump_post['thumb'], THUMB_WIDTH, THUMB_HEIGHT); - - $dump_post['thumbwidth'] = $thumb['width']; - $dump_post['thumbheight'] = $thumb['height']; - - // Remove DIR_* before inserting them into the database. - $dump_post['file'] = substr_replace($dump_post['file'], '', 0, strlen($board['dir'] . DIR_IMG)); - $dump_post['thumb'] = substr_replace($dump_post['thumb'], '', 0, strlen($board['dir'] . DIR_THUMB)); - - // Create the post - post($dump_post, false); - } - } - - // Close the ZIP - zip_entry_close($entry); - } - } - } - zip_close($zip); - unlink($post['zip']); - } - buildThread(($OP?$id:$post['thread'])); - if(!$OP && strtolower($post['email']) != 'sage' && (REPLY_LIMIT == 0 || numPosts($post['thread']) < REPLY_LIMIT)) { + if(!$OP && strtolower($post['email']) != 'sage' && ($config['reply_limit'] == 0 || numPosts($post['thread']) < $config['reply_limit'])) { bumpThread($post['thread']); } @@ -431,17 +300,17 @@ buildIndex(); sql_close(); - $root = $post['mod'] ? ROOT . FILE_MOD . '?/' : ROOT; + $root = $post['mod'] ? $config['root'] . $config['file_mod'] . '?/' : $config['root']; - if(ALWAYS_NOKO || $noko) { - header('Location: ' . $root . $board['dir'] . DIR_RES . ($OP?$id:$post['thread']) . '.html' . (!$OP?'#'.$id:''), true, REDIRECT_HTTP); + if($config['always_noko'] || $noko) { + header('Location: ' . $root . $board['dir'] . $config['dir']['res'] . ($OP?$id:$post['thread']) . '.html' . (!$OP?'#'.$id:''), true, $config['redirect_http']); } else { - header('Location: ' . $root . $board['dir'] . FILE_INDEX, true, REDIRECT_HTTP); + header('Location: ' . $root . $board['dir'] . $config['file_index'], true, $config['redirect_http']); } exit; } else { - if(!file_exists(HAS_INSTALLED)) { + if(!file_exists($config['has_installed'])) { sql_open(); // Build all boards @@ -452,7 +321,7 @@ } sql_close(); - touch(HAS_INSTALLED, 0777); + touch($config['has_installed'], 0777); die(Element('page.html', Array( 'index'=>ROOT, @@ -464,7 +333,7 @@ } else { // They opened post.php in their browser manually. // Possible TODO: Redirect back to homepage. - error(ERROR_NOPOST); + error($config['error']['nopost']); } } ?>