Browse Source

raw html

pull/40/head
Savetheinternet 14 years ago
parent
commit
4bcd995bea
  1. 12
      inc/config.php
  2. 31
      post.php
  3. 6
      templates/index.html
  4. 15
      templates/thread.html

12
inc/config.php

@ -39,6 +39,8 @@
// How long should the cookies last (in seconds)
define('COOKIE_EXPIRE', 15778463, true); //6 months
// How long should moderators should remain logged in (0=browser session) (in seconds)
define('MOD_EXPIRE', 15778463, true);
// Make this something long and random for security
define('SALT', 'wefaw98YHEWUFuo', true);
define('SECURE_TRIP_SALT', '@#$&^@#)$(*&@!_$(&329-8347', true);
@ -47,7 +49,7 @@
define('LURKTIME', 30, true);
// How many seconds between each post
define('FLOOD_TIME', 4, true);
define('FLOOD_TIME', 10, true);
// How many seconds between each post with exactly the same content and same IP
define('FLOOD_TIME_IP_SAME', 120, true);
// Same as above but different IP address
@ -108,8 +110,8 @@
define('REPLY_LIMIT', 250, true);
// For resizing, max values
define('THUMB_WIDTH', 250, true);
define('THUMB_HEIGHT', 250, true);
define('THUMB_WIDTH', 225, true);
define('THUMB_HEIGHT', 225, true);
// Store image hash in the database for r9k-like boards implementation soon
// Function name for hashing
@ -118,7 +120,7 @@
define('BLOCK_TOR', true, true);
// Typically spambots try to post a lot of links. Refuse a post with X standalone links?
define('MAX_LINKS', 15, true);
define('MAX_LINKS', 20, true);
// Maximum image upload size in bytes
define('MAX_FILESIZE', 10*1024*1024, true); // 10MB
@ -236,6 +238,8 @@
define('MOD_POSTINLOCKED', MOD_MOD, true);
// Post bypass unoriginal content check
define('MOD_POSTUNORIGINAL', MOD_MOD, true);
// Raw HTML posting
define('MOD_RAWHTML', MOD_MOD, true);
/* Administration */
// Display the contents of instant-config.php

31
post.php

@ -99,9 +99,9 @@
$post['thread'] = round($_POST['thread']);
} else $OP = true;
if(!(($OP && $_POST['post'] == BUTTON_NEWTOPIC) ||
(!$OP && $_POST['post'] == BUTTON_REPLY)))
error(ERROR_BOT);
//if(!(($OP && $_POST['post'] == BUTTON_NEWTOPIC) ||
// (!$OP && $_POST['post'] == BUTTON_REPLY)))
// error(ERROR_BOT);
// Check the referrer
if($OP) {
@ -151,7 +151,7 @@
$post['email'] = utf8tohtml($_POST['email']);
$post['body'] = $_POST['body'];
$post['password'] = $_POST['password'];
$post['filename'] = $_FILES['file']['name'];
$post['filename'] = get_magic_quotes_gpc() ? stripslashes($_FILES['file']['name']) : $_FILES['file']['name'];
$post['has_file'] = $OP || !empty($_FILES['file']['tmp_name']);
$post['mod'] = isset($_POST['mod']) && $_POST['mod'];
@ -167,9 +167,11 @@
$post['sticky'] = $OP && isset($_POST['sticky']);
$post['locked'] = $OP && isset($_POST['lock']);
$post['raw'] = isset($_POST['raw']);
if($post['sticky'] && $mod['type'] < MOD_STICKY) error(ERROR_NOACCESS);
if($post['locked'] && $mod['type'] < MOD_LOCK) error(ERROR_NOACCESS);
if($post['raw'] && $mod['type'] < MOD_RAWHTML) error(ERROR_NOACCESS);
}
// Check if thread is locked
@ -208,7 +210,7 @@
if($post['has_file']) {
$post['extension'] = strtolower(substr($post['filename'], strrpos($post['filename'], '.') + 1));
$post['file_id'] = rand(0, 1000000000);
$post['file_id'] = time() . rand(100, 999);
$post['file'] = $board['dir'] . DIR_IMG . $post['file_id'] . '.' . $post['extension'];
$post['thumb'] = $board['dir'] . DIR_THUMB . $post['file_id'] . '.png';
$post['zip'] = $OP && $post['has_file'] && ALLOW_ZIP && $post['extension'] == 'zip' ? $post['file'] : false;
@ -216,7 +218,7 @@
}
// Check string lengths
if(strlen($post['name']) > 25) error(sprintf(ERROR_TOOLONG, 'name'));
if(strlen($post['name']) > 50) error(sprintf(ERROR_TOOLONG, 'name'));
if(strlen($post['email']) > 30) error(sprintf(ERROR_TOOLONG, 'email'));
if(strlen($post['subject']) > 40) error(sprintf(ERROR_TOOLONG, 'subject'));
if(strlen($post['body']) > MAX_BODY) error(ERROR_TOOLONGBODY);
@ -227,7 +229,9 @@
$post['trip'] .= ' <a class="nametag">## ' . $post['mod_tag'] . '</a>';
$post['body_nomarkup'] = $post['body'];
markup($post['body']);
if(!($mod && $post['raw']))
markup($post['body']);
// Check for a flood
if(checkFlood($post)) {
@ -415,14 +419,10 @@
unlink($post['zip']);
}
if(numPosts($OP?$id:$post['thread']) > REPLY_LIMIT) {
deletePost($OP?$id:$post['thread']);
} else {
buildThread(($OP?$id:$post['thread']));
if(!$OP && $post['email'] != 'sage') {
bumpThread($post['thread']);
}
buildThread(($OP?$id:$post['thread']));
if(!$OP && strtolower($post['email']) != 'sage' && (REPLY_LIMIT == 0 || numPosts($post['thread']) < REPLY_LIMIT)) {
bumpThread($post['thread']);
}
if($OP)
@ -431,7 +431,6 @@
buildIndex();
sql_close();
$root = $post['mod'] ? ROOT . FILE_MOD . '?/' : ROOT;
if(ALWAYS_NOKO || $noko) {

6
templates/index.html

@ -21,7 +21,7 @@
Name
</th>
<td>
<input type="text" name="name" size="25" maxlength="25" autocomplete="off" />
<input type="text" name="name" size="25" maxlength="50" autocomplete="off" />
</td>
</tr>
<tr>
@ -71,6 +71,10 @@
<label for="lock">Lock</label><br/>
<input title="Lock" type="checkbox" name="lock" id="lock">
</div>
<div>
<label for="raw">Raw HTML</label><br/>
<input title="Raw HTML" type="checkbox" name="raw" id="raw">
</div>
</td>
</tr>
}

15
templates/thread.html

@ -22,7 +22,7 @@
Name
</th>
<td>
<input type="text" name="name" size="25" maxlength="25" autocomplete="off" />
<input type="text" name="name" size="25" maxlength="50" autocomplete="off" />
</td>
</tr>
<tr>
@ -58,6 +58,19 @@
<input type="file" name="file"/>
</td>
</tr>
{mod?
<tr>
<th>
Flags
</th>
<td>
<div>
<label for="raw">Raw HTML</label><br/>
<input title="Raw HTML" type="checkbox" name="raw" id="raw">
</div>
</td>
</tr>
}
<tr>
<th>
Password

Loading…
Cancel
Save