From 4bcd995bea62a164dec0c7adf0c2cba3735b6a18 Mon Sep 17 00:00:00 2001 From: Savetheinternet Date: Thu, 3 Feb 2011 20:28:14 +1100 Subject: [PATCH] raw html --- inc/config.php | 12 ++++++++---- post.php | 31 +++++++++++++++---------------- templates/index.html | 6 +++++- templates/thread.html | 15 ++++++++++++++- 4 files changed, 42 insertions(+), 22 deletions(-) diff --git a/inc/config.php b/inc/config.php index 0cdd2934..bf3956fe 100644 --- a/inc/config.php +++ b/inc/config.php @@ -39,6 +39,8 @@ // How long should the cookies last (in seconds) define('COOKIE_EXPIRE', 15778463, true); //6 months + // How long should moderators should remain logged in (0=browser session) (in seconds) + define('MOD_EXPIRE', 15778463, true); // Make this something long and random for security define('SALT', 'wefaw98YHEWUFuo', true); define('SECURE_TRIP_SALT', '@#$&^@#)$(*&@!_$(&329-8347', true); @@ -47,7 +49,7 @@ define('LURKTIME', 30, true); // How many seconds between each post - define('FLOOD_TIME', 4, true); + define('FLOOD_TIME', 10, true); // How many seconds between each post with exactly the same content and same IP define('FLOOD_TIME_IP_SAME', 120, true); // Same as above but different IP address @@ -108,8 +110,8 @@ define('REPLY_LIMIT', 250, true); // For resizing, max values - define('THUMB_WIDTH', 250, true); - define('THUMB_HEIGHT', 250, true); + define('THUMB_WIDTH', 225, true); + define('THUMB_HEIGHT', 225, true); // Store image hash in the database for r9k-like boards implementation soon // Function name for hashing @@ -118,7 +120,7 @@ define('BLOCK_TOR', true, true); // Typically spambots try to post a lot of links. Refuse a post with X standalone links? - define('MAX_LINKS', 15, true); + define('MAX_LINKS', 20, true); // Maximum image upload size in bytes define('MAX_FILESIZE', 10*1024*1024, true); // 10MB @@ -236,6 +238,8 @@ define('MOD_POSTINLOCKED', MOD_MOD, true); // Post bypass unoriginal content check define('MOD_POSTUNORIGINAL', MOD_MOD, true); + // Raw HTML posting + define('MOD_RAWHTML', MOD_MOD, true); /* Administration */ // Display the contents of instant-config.php diff --git a/post.php b/post.php index ec21d66f..62260e1b 100644 --- a/post.php +++ b/post.php @@ -99,9 +99,9 @@ $post['thread'] = round($_POST['thread']); } else $OP = true; - if(!(($OP && $_POST['post'] == BUTTON_NEWTOPIC) || - (!$OP && $_POST['post'] == BUTTON_REPLY))) - error(ERROR_BOT); + //if(!(($OP && $_POST['post'] == BUTTON_NEWTOPIC) || + // (!$OP && $_POST['post'] == BUTTON_REPLY))) + // error(ERROR_BOT); // Check the referrer if($OP) { @@ -151,7 +151,7 @@ $post['email'] = utf8tohtml($_POST['email']); $post['body'] = $_POST['body']; $post['password'] = $_POST['password']; - $post['filename'] = $_FILES['file']['name']; + $post['filename'] = get_magic_quotes_gpc() ? stripslashes($_FILES['file']['name']) : $_FILES['file']['name']; $post['has_file'] = $OP || !empty($_FILES['file']['tmp_name']); $post['mod'] = isset($_POST['mod']) && $_POST['mod']; @@ -167,9 +167,11 @@ $post['sticky'] = $OP && isset($_POST['sticky']); $post['locked'] = $OP && isset($_POST['lock']); + $post['raw'] = isset($_POST['raw']); if($post['sticky'] && $mod['type'] < MOD_STICKY) error(ERROR_NOACCESS); if($post['locked'] && $mod['type'] < MOD_LOCK) error(ERROR_NOACCESS); + if($post['raw'] && $mod['type'] < MOD_RAWHTML) error(ERROR_NOACCESS); } // Check if thread is locked @@ -208,7 +210,7 @@ if($post['has_file']) { $post['extension'] = strtolower(substr($post['filename'], strrpos($post['filename'], '.') + 1)); - $post['file_id'] = rand(0, 1000000000); + $post['file_id'] = time() . rand(100, 999); $post['file'] = $board['dir'] . DIR_IMG . $post['file_id'] . '.' . $post['extension']; $post['thumb'] = $board['dir'] . DIR_THUMB . $post['file_id'] . '.png'; $post['zip'] = $OP && $post['has_file'] && ALLOW_ZIP && $post['extension'] == 'zip' ? $post['file'] : false; @@ -216,7 +218,7 @@ } // Check string lengths - if(strlen($post['name']) > 25) error(sprintf(ERROR_TOOLONG, 'name')); + if(strlen($post['name']) > 50) error(sprintf(ERROR_TOOLONG, 'name')); if(strlen($post['email']) > 30) error(sprintf(ERROR_TOOLONG, 'email')); if(strlen($post['subject']) > 40) error(sprintf(ERROR_TOOLONG, 'subject')); if(strlen($post['body']) > MAX_BODY) error(ERROR_TOOLONGBODY); @@ -227,7 +229,9 @@ $post['trip'] .= ' ## ' . $post['mod_tag'] . ''; $post['body_nomarkup'] = $post['body']; - markup($post['body']); + + if(!($mod && $post['raw'])) + markup($post['body']); // Check for a flood if(checkFlood($post)) { @@ -415,14 +419,10 @@ unlink($post['zip']); } - if(numPosts($OP?$id:$post['thread']) > REPLY_LIMIT) { - deletePost($OP?$id:$post['thread']); - } else { - buildThread(($OP?$id:$post['thread'])); - - if(!$OP && $post['email'] != 'sage') { - bumpThread($post['thread']); - } + buildThread(($OP?$id:$post['thread'])); + + if(!$OP && strtolower($post['email']) != 'sage' && (REPLY_LIMIT == 0 || numPosts($post['thread']) < REPLY_LIMIT)) { + bumpThread($post['thread']); } if($OP) @@ -431,7 +431,6 @@ buildIndex(); sql_close(); - $root = $post['mod'] ? ROOT . FILE_MOD . '?/' : ROOT; if(ALWAYS_NOKO || $noko) { diff --git a/templates/index.html b/templates/index.html index 88101984..d24f5b28 100644 --- a/templates/index.html +++ b/templates/index.html @@ -21,7 +21,7 @@ Name - + @@ -71,6 +71,10 @@
+
+
+ +
} diff --git a/templates/thread.html b/templates/thread.html index 95867830..a2f61df8 100644 --- a/templates/thread.html +++ b/templates/thread.html @@ -22,7 +22,7 @@ Name - + @@ -58,6 +58,19 @@ + {mod? + + + Flags + + +
+
+ +
+ + + } Password