From 51675e7a9bf4d5055ed45b37bac964f788800399 Mon Sep 17 00:00:00 2001 From: Michael Save Date: Fri, 13 Apr 2012 00:18:19 +1000 Subject: [PATCH] code cleanup --- inc/anti-bot.php | 66 +++---- inc/cache.php | 24 +-- inc/config.php | 8 +- inc/database.php | 20 +- inc/display.php | 114 ++++++------ inc/events.php | 12 +- inc/filters.php | 38 ++-- inc/functions.php | 466 +++++++++++++++++++++++----------------------- inc/image.php | 58 +++--- inc/mod.php | 34 ++-- inc/remote.php | 18 +- inc/template.php | 14 +- install.php | 76 ++++---- post.php | 208 ++++++++++----------- 14 files changed, 578 insertions(+), 578 deletions(-) diff --git a/inc/anti-bot.php b/inc/anti-bot.php index 131a643c..b5fcf2a1 100644 --- a/inc/anti-bot.php +++ b/inc/anti-bot.php @@ -4,7 +4,7 @@ * Copyright (c) 2010-2012 Tinyboard Development Group */ -if(realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) { +if (realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) { // You cannot request this file directly. exit; } @@ -16,9 +16,9 @@ class AntiBot { public static function randomString($length, $uppercase = false, $special_chars = false) { $chars = 'abcdefghijklmnopqrstuvwxyz0123456789'; - if($uppercase) + if ($uppercase) $chars .= 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'; - if($special_chars) + if ($special_chars) $chars .= ' ~!@#$%^&*()_+,./;\'[]\\{}|:"<>?=-` '; $chars = str_split($chars); @@ -26,15 +26,15 @@ class AntiBot { $ch = array(); // fill up $ch until we reach $length - while(count($ch) < $length) { + while (count($ch) < $length) { $n = $length - count($ch); $keys = array_rand($chars, $n > count($chars) ? count($chars) : $n); - if($n == 1) { + if ($n == 1) { $ch[] = $chars[$keys]; break; } shuffle($keys); - foreach($keys as $key) + foreach ($keys as $key) $ch[] = $chars[$key]; } @@ -46,8 +46,8 @@ class AntiBot { public static function make_confusing($string) { $chars = str_split($string); - foreach($chars as &$c) { - if(rand(0, 2) != 0) + foreach ($chars as &$c) { + if (rand(0, 2) != 0) continue; $c = mb_encode_numericentity($c, array(0, 0xffff, 0, 0xffff), 'UTF-8'); } @@ -58,7 +58,7 @@ class AntiBot { public function __construct(array $salt = array()) { global $config; - if(!empty($salt)) { + if (!empty($salt)) { // create a salted hash of the "extra salt" $this->salt = implode(':', $salt); } else { @@ -70,21 +70,21 @@ class AntiBot { $input_count = rand($config['spam']['hidden_inputs_min'], $config['spam']['hidden_inputs_max']); $hidden_input_names_x = 0; - for($x = 0; $x < $input_count ; $x++) { - if($hidden_input_names_x === false || rand(0, 2) == 0) { + for ($x = 0; $x < $input_count ; $x++) { + if ($hidden_input_names_x === false || rand(0, 2) == 0) { // Use an obscure name $name = $this->randomString(rand(10, 40)); } else { // Use a pre-defined confusing name $name = $config['spam']['hidden_input_names'][$hidden_input_names_x++]; - if($hidden_input_names_x >= count($config['spam']['hidden_input_names'])) + if ($hidden_input_names_x >= count($config['spam']['hidden_input_names'])) $hidden_input_names_x = false; } - if(rand(0, 2) == 0) { + if (rand(0, 2) == 0) { // Value must be null $this->inputs[$name] = ''; - } elseif(rand(0, 4) == 0) { + } elseif (rand(0, 4) == 0) { // Numeric value $this->inputs[$name] = (string)rand(0, 100); } else { @@ -111,11 +111,11 @@ class AntiBot { $html = ''; - if($count === false) { + if ($count === false) { $count = rand(1, count($this->inputs) / 15); } - if($count === true) { + if ($count === true) { // all elements $inputs = array_slice($this->inputs, $this->index); } else { @@ -123,11 +123,11 @@ class AntiBot { } $this->index += count($inputs); - foreach($inputs as $name => $value) { + foreach ($inputs as $name => $value) { $element = false; - while(!$element) { + while (!$element) { $element = $elements[array_rand($elements)]; - if(strpos($element, 'textarea') !== false && $value == '') { + if (strpos($element, 'textarea') !== false && $value == '') { // There have been some issues with mobile web browsers and empty @@ -151,14 +151,14 @@ if(file_exists($config['has_installed'])) { case 'v0.9.4-dev-3': case 'v0.9.4-dev-4': case 'v0.9.4': - foreach($boards as &$board) { + foreach ($boards as &$board) { query(sprintf("ALTER TABLE `posts_%s` CHANGE `subject` `subject` VARCHAR( 100 ) CHARACTER SET utf8 COLLATE utf8_general_ci NULL , CHANGE `email` `email` VARCHAR( 30 ) CHARACTER SET utf8 COLLATE utf8_general_ci NULL , CHANGE `name` `name` VARCHAR( 35 ) CHARACTER SET utf8 COLLATE utf8_general_ci NULL", $board['uri'])) or error(db_error()); } case 'v0.9.5-dev-1': - foreach($boards as &$board) { + foreach ($boards as &$board) { query(sprintf("ALTER TABLE `posts_%s` ADD `body_nomarkup` TEXT NULL AFTER `body`", $board['uri'])) or error(db_error()); } query("CREATE TABLE IF NOT EXISTS `cites` ( `board` varchar(8) NOT NULL, `post` int(11) NOT NULL, `target_board` varchar(8) NOT NULL, `target` int(11) NOT NULL, KEY `target` (`target_board`,`target`), KEY `post` (`board`,`post`)) ENGINE=MyISAM DEFAULT CHARSET=utf8;") or error(db_error()); @@ -192,7 +192,7 @@ if(file_exists($config['has_installed'])) { query("ALTER TABLE `bans` CHANGE `board` `board` VARCHAR( 120 ) NULL DEFAULT NULL") or error(db_error()); query("ALTER TABLE `reports` CHANGE `board` `board` VARCHAR( 120 ) NULL DEFAULT NULL") or error(db_error()); query("ALTER TABLE `modlogs` CHANGE `board` `board` VARCHAR( 120 ) NULL DEFAULT NULL") or error(db_error()); - foreach($boards as $board) { + foreach ($boards as $board) { $query = prepare("UPDATE `bans` SET `board` = :newboard WHERE `board` = :oldboard"); $query->bindValue(':newboard', $board['uri']); $query->bindValue(':oldboard', $board['id']); @@ -228,7 +228,7 @@ if(file_exists($config['has_installed'])) { die(Element('page.html', $page)); } -if($step == 0) { +if ($step == 0) { // Agreeement $page['body'] = ' @@ -237,7 +237,7 @@ if($step == 0) {

'; echo Element('page.html', $page); -} elseif($step == 1) { +} elseif ($step == 1) { $page['title'] = 'Pre-installation test'; $page['body'] = ''; @@ -250,7 +250,7 @@ if($step == 0) { function row($item, $result) { global $page, $config, $__is_error; - if(!$result) + if (!$result) $__is_error = true; $page['body'] .= ''; } @@ -271,7 +271,7 @@ if($step == 0) { $drivers = PDO::getAvailableDrivers(); rheader('PDO drivers (currently installed drivers)'); - foreach($drivers as &$driver) { + foreach ($drivers as &$driver) { row($driver, true); } @@ -287,7 +287,7 @@ if($step == 0) {

'; echo Element('page.html', $page); -} elseif($step == 2) { +} elseif ($step == 2) { // Basic config $page['title'] = 'Configuration'; @@ -304,9 +304,9 @@ if($step == 0) { $drivers = PDO::getAvailableDrivers(); - foreach($drivers as &$driver) { + foreach ($drivers as &$driver) { $driver_txt = $driver; - switch($driver) { + switch ($driver) { case 'cubrid': $driver_txt = 'Cubrid'; break; @@ -449,7 +449,7 @@ if($step == 0) { echo Element('page.html', $page); -} elseif($step == 3) { +} elseif ($step == 3) { $instance_config = ' $value) { - if(is_array($value)) { + foreach ($array as $name => $value) { + if (is_array($value)) { $instance_config .= "\n"; create_config_from_array($instance_config, $value, $prefix . '[\'' . addslashes($name) . '\']'); $instance_config .= "\n"; } else { $instance_config .= ' $config' . $prefix . '[\'' . addslashes($name) . '\'] = '; - if(is_numeric($value)) + if (is_numeric($value)) $instance_config .= $value; else $instance_config .= "'" . addslashes($value) . "'"; @@ -486,7 +486,7 @@ if($step == 0) { $instance_config .= "\n"; - if(@file_put_contents('inc/instance-config.php', $instance_config)) { + if (@file_put_contents('inc/instance-config.php', $instance_config)) { header('Location: ?step=4', true, $config['redirect_http']); } else { $page['title'] = 'Manual installation required'; @@ -500,7 +500,7 @@ if($step == 0) { '; echo Element('page.html', $page); } -} elseif($step == 4) { +} elseif ($step == 4) { // SQL installation buildJavascript(); @@ -516,13 +516,13 @@ if($step == 0) { $queries[] = Element('posts.sql', Array('board' => 'b')); $sql_errors = ''; - foreach($queries as &$query) { - if(!query($query)) + foreach ($queries as &$query) { + if (!query($query)) $sql_errors .= '
  • ' . db_error() . '
    • '; } $boards = listBoards(); - foreach($boards as &$_board) { + foreach ($boards as &$_board) { setupBoard($_board); buildIndex(); } @@ -530,22 +530,22 @@ if($step == 0) { $page['title'] = 'Installation complete'; $page['body'] = '

    Thank you for using Tinyboard. Please remember to report any bugs you discover. How do I edit the config files?

    '; - if(!empty($sql_errors)) { + if (!empty($sql_errors)) { $page['body'] .= '

    SQL errors

    SQL errors were encountered when trying to install the database. This may be the result of using a database which is already occupied with a Tinyboard installation; if so, you can probably ignore this.

    The errors encountered were:

    Ignore errors and complete installation.

    '; } else { file_write($config['has_installed'], VERSION); - if(!file_unlink(__FILE__)) { + if (!file_unlink(__FILE__)) { $page['body'] .= '

    Delete install.php!

    I couldn\'t remove install.php. You will have to remove it manually.

    '; } } echo Element('page.html', $page); -} elseif($step == 5) { +} elseif ($step == 5) { $page['title'] = 'Installation complete'; $page['body'] = '

    Thank you for using Tinyboard. Please remember to report any bugs you discover.

    '; file_write($config['has_installed'], VERSION); - if(!file_unlink(__FILE__)) { + if (!file_unlink(__FILE__)) { $page['body'] .= '

    Delete install.php!

    I couldn\'t remove install.php. You will have to remove it manually.

    '; } diff --git a/post.php b/post.php index 99beaa94..1f13d27a 100644 --- a/post.php +++ b/post.php @@ -17,20 +17,20 @@ if (get_magic_quotes_gpc()) { $_POST = strip_array($_POST); } -if(isset($_POST['delete'])) { +if (isset($_POST['delete'])) { // Delete - if(!isset($_POST['board'], $_POST['password'])) + if (!isset($_POST['board'], $_POST['password'])) error($config['error']['bot']); $password = &$_POST['password']; - if($password == '') + if ($password == '') error($config['error']['invalidpassword']); $delete = array(); - foreach($_POST as $post => $value) { - if(preg_match('/^delete_(\d+)$/', $post, $m)) { + foreach ($_POST as $post => $value) { + if (preg_match('/^delete_(\d+)$/', $post, $m)) { $delete[] = (int)$m[1]; } } @@ -38,29 +38,29 @@ if(isset($_POST['delete'])) { checkDNSBL(); // Check if board exists - if(!openBoard($_POST['board'])) + if (!openBoard($_POST['board'])) error($config['error']['noboard']); // Check if banned checkBan($board['uri']); - if(empty($delete)) + if (empty($delete)) error($config['error']['nodelete']); - foreach($delete as &$id) { + foreach ($delete as &$id) { $query = prepare(sprintf("SELECT `thread`, `time`,`password` FROM `posts_%s` WHERE `id` = :id", $board['uri'])); $query->bindValue(':id', $id, PDO::PARAM_INT); $query->execute() or error(db_error($query)); - if($post = $query->fetch()) { - if($password != '' && $post['password'] != $password) + if ($post = $query->fetch()) { + if ($password != '' && $post['password'] != $password) error($config['error']['invalidpassword']); - if($post['time'] >= time() - $config['delete_time']) { + if ($post['time'] >= time() - $config['delete_time']) { error(sprintf($config['error']['delete_too_soon'], until($post['time'] + $config['delete_time']))); } - if(isset($_POST['file'])) { + if (isset($_POST['file'])) { // Delete just the file deleteFile($id); } else { @@ -81,13 +81,13 @@ if(isset($_POST['delete'])) { header('Location: ' . $root . $board['dir'] . $config['file_index'], true, $config['redirect_http']); -} elseif(isset($_POST['report'])) { - if(!isset($_POST['board'], $_POST['password'], $_POST['reason'])) +} elseif (isset($_POST['report'])) { + if (!isset($_POST['board'], $_POST['password'], $_POST['reason'])) error($config['error']['bot']); $report = array(); - foreach($_POST as $post => $value) { - if(preg_match('/^delete_(\d+)$/', $post, $m)) { + foreach ($_POST as $post => $value) { + if (preg_match('/^delete_(\d+)$/', $post, $m)) { $report[] = (int)$m[1]; } } @@ -95,30 +95,30 @@ if(isset($_POST['delete'])) { checkDNSBL(); // Check if board exists - if(!openBoard($_POST['board'])) + if (!openBoard($_POST['board'])) error($config['error']['noboard']); // Check if banned checkBan($board['uri']); - if(empty($report)) + if (empty($report)) error($config['error']['noreport']); - if(count($report) > $config['report_limit']) + if (count($report) > $config['report_limit']) error($config['error']['toomanyreports']); $reason = &$_POST['reason']; markup($reason); - foreach($report as &$id) { + foreach ($report as &$id) { $query = prepare(sprintf("SELECT `thread` FROM `posts_%s` WHERE `id` = :id", $board['uri'])); $query->bindValue(':id', $id, PDO::PARAM_INT); $query->execute() or error(db_error($query)); $post = $query->fetch(); - if($post) { - if($config['syslog']) + if ($post) { + if ($config['syslog']) _syslog(LOG_INFO, 'Reported post: ' . '/' . $board['dir'] . $config['dir']['res'] . sprintf($config['file_page'], $post['thread'] ? $post['thread'] : $id) . ($post['thread'] ? '#' . $id : '') . ' for "' . $reason . '"' @@ -137,65 +137,65 @@ if(isset($_POST['delete'])) { $root = $is_mod ? $config['root'] . $config['file_mod'] . '?/' : $config['root']; header('Location: ' . $root . $board['dir'] . $config['file_index'], true, $config['redirect_http']); -} elseif(isset($_POST['post'])) { +} elseif (isset($_POST['post'])) { - if(!isset($_POST['subject'], $_POST['body'], $_POST['board'])) + if (!isset($_POST['subject'], $_POST['body'], $_POST['board'])) error($config['error']['bot']); - if(!isset($_POST['name'])) + if (!isset($_POST['name'])) $_POST['name'] = $config['anonymous']; - if(!isset($_POST['email'])) + if (!isset($_POST['email'])) $_POST['email'] = ''; - if(!isset($_POST['password'])) + if (!isset($_POST['password'])) $_POST['password'] = ''; $post = array('board' => $_POST['board']); - if(isset($_POST['thread'])) { + if (isset($_POST['thread'])) { $post['op'] = false; $post['thread'] = round($_POST['thread']); - } elseif($config['quick_reply'] && isset($_POST['quick-reply'])) { + } elseif ($config['quick_reply'] && isset($_POST['quick-reply'])) { $post['op'] = false; $post['thread'] = round($_POST['quick-reply']); } else $post['op'] = true; - if(!(($post['op'] && $_POST['post'] == $config['button_newtopic']) || + if (!(($post['op'] && $_POST['post'] == $config['button_newtopic']) || (!$post['op'] && $_POST['post'] == $config['button_reply']))) error($config['error']['bot']); // Check the referrer - if(!isset($_SERVER['HTTP_REFERER']) || !preg_match($config['referer_match'], $_SERVER['HTTP_REFERER'])) + if (!isset($_SERVER['HTTP_REFERER']) || !preg_match($config['referer_match'], $_SERVER['HTTP_REFERER'])) error($config['error']['referer']); checkDNSBL(); // Check if board exists - if(!openBoard($post['board'])) + if (!openBoard($post['board'])) error($config['error']['noboard']); // Check if banned checkBan($board['uri']); // Check for CAPTCHA right after opening the board so the "return" link is in there - if($config['recaptcha']) { - if(!isset($_POST['recaptcha_challenge_field']) || !isset($_POST['recaptcha_response_field'])) + if ($config['recaptcha']) { + if (!isset($_POST['recaptcha_challenge_field']) || !isset($_POST['recaptcha_response_field'])) error($config['error']['bot']); // Check what reCAPTCHA has to say... $resp = recaptcha_check_answer($config['recaptcha_private'], $_SERVER['REMOTE_ADDR'], $_POST['recaptcha_challenge_field'], $_POST['recaptcha_response_field']); - if(!$resp->is_valid) { + if (!$resp->is_valid) { error($config['error']['captcha']); } } - if($post['mod'] = isset($_POST['mod']) && $_POST['mod']) { + if ($post['mod'] = isset($_POST['mod']) && $_POST['mod']) { require 'inc/mod.php'; - if(!$mod) { + if (!$mod) { // Liar. You're not a mod. error($config['error']['notamod']); } @@ -204,28 +204,28 @@ if(isset($_POST['delete'])) { $post['locked'] = $post['op'] && isset($_POST['lock']); $post['raw'] = isset($_POST['raw']); - if($post['sticky'] && !hasPermission($config['mod']['sticky'], $board['uri'])) + if ($post['sticky'] && !hasPermission($config['mod']['sticky'], $board['uri'])) error($config['error']['noaccess']); - if($post['locked'] && !hasPermission($config['mod']['lock'], $board['uri'])) + if ($post['locked'] && !hasPermission($config['mod']['lock'], $board['uri'])) error($config['error']['noaccess']); - if($post['raw'] && !hasPermission($config['mod']['rawhtml'], $board['uri'])) + if ($post['raw'] && !hasPermission($config['mod']['rawhtml'], $board['uri'])) error($config['error']['noaccess']); } - if(!$post['mod'] && checkSpam(array($board['uri'], isset($post['thread']) && !($config['quick_reply'] && isset($_POST['quick-reply'])) ? $post['thread'] : null))) + if (!$post['mod'] && checkSpam(array($board['uri'], isset($post['thread']) && !($config['quick_reply'] && isset($_POST['quick-reply'])) ? $post['thread'] : null))) error($config['error']['spam']); - if($config['robot_enable'] && $config['robot_mute']) { + if ($config['robot_enable'] && $config['robot_mute']) { checkMute(); } //Check if thread exists - if(!$post['op']) { + if (!$post['op']) { $query = prepare(sprintf("SELECT `sticky`,`locked`,`sage` FROM `posts_%s` WHERE `id` = :id AND `thread` IS NULL LIMIT 1", $board['uri'])); $query->bindValue(':id', $post['thread'], PDO::PARAM_INT); $query->execute() or error(db_error()); - if(!$thread = $query->fetch()) { + if (!$thread = $query->fetch()) { // Non-existant error($config['error']['nonexistant']); } @@ -233,12 +233,12 @@ if(isset($_POST['delete'])) { // Check for an embed field - if($config['enable_embedding'] && isset($_POST['embed']) && !empty($_POST['embed'])) { + if ($config['enable_embedding'] && isset($_POST['embed']) && !empty($_POST['embed'])) { // yep; validate it $value = $_POST['embed']; - foreach($config['embedding'] as &$embed) { - if($html = preg_replace($embed[0], $embed[1], $value)) { - if($html == $value) { + foreach ($config['embedding'] as &$embed) { + if ($html = preg_replace($embed[0], $embed[1], $value)) { + if ($html == $value) { // Nope. continue; } @@ -254,25 +254,25 @@ if(isset($_POST['delete'])) { break; } } - if(!isset($post['embed'])) { + if (!isset($post['embed'])) { error($config['error']['invalid_embed']); } } - if(!hasPermission($config['mod']['bypass_field_disable'], $board['uri'])) { - if($config['field_disable_name']) + if (!hasPermission($config['mod']['bypass_field_disable'], $board['uri'])) { + if ($config['field_disable_name']) $_POST['name'] = $config['anonymous']; // "forced anonymous" - if($config['field_disable_email']) + if ($config['field_disable_email']) $_POST['email'] = ''; - if($config['field_disable_password']) + if ($config['field_disable_password']) $_POST['password'] = ''; } // Check for a file - if($post['op'] && !isset($post['no_longer_require_an_image_for_op'])) { - if(!isset($_FILES['file']['tmp_name']) || $_FILES['file']['tmp_name'] == '' && $config['force_image_op']) + if ($post['op'] && !isset($post['no_longer_require_an_image_for_op'])) { + if (!isset($_FILES['file']['tmp_name']) || $_FILES['file']['tmp_name'] == '' && $config['force_image_op']) error($config['error']['noimage']); } @@ -283,26 +283,26 @@ if(isset($_POST['delete'])) { $post['password'] = $_POST['password']; $post['has_file'] = !isset($post['embed']) && (($post['op'] && !isset($post['no_longer_require_an_image_for_op']) && $config['force_image_op']) || (isset($_FILES['file']) && $_FILES['file']['tmp_name'] != '')); - if($post['has_file']) + if ($post['has_file']) $post['filename'] = utf8tohtml(get_magic_quotes_gpc() ? stripslashes($_FILES['file']['name']) : $_FILES['file']['name']); - if(!($post['has_file'] || isset($post['embed'])) || (($post['op'] && $config['force_body_op']) || (!$post['op'] && $config['force_body']))) { + if (!($post['has_file'] || isset($post['embed'])) || (($post['op'] && $config['force_body_op']) || (!$post['op'] && $config['force_body']))) { $stripped_whitespace = preg_replace('/[\s]/u', '', $post['body']); - if($stripped_whitespace == '') { + if ($stripped_whitespace == '') { error($config['error']['tooshort_body']); } } // Check if thread is locked // but allow mods to post - if(!$post['op'] && !hasPermission($config['mod']['postinlocked'], $board['uri'])) { - if($thread['locked']) + if (!$post['op'] && !hasPermission($config['mod']['postinlocked'], $board['uri'])) { + if ($thread['locked']) error($config['error']['locked']); } - if($post['has_file']) { + if ($post['has_file']) { $size = $_FILES['file']['size']; - if($size > $config['max_filesize']) + if ($size > $config['max_filesize']) error(sprintf3($config['error']['filesize'], array( 'sz' => number_format($size), 'filesz' => number_format($size), @@ -310,8 +310,8 @@ if(isset($_POST['delete'])) { ))); } - if($mod && $mod['type'] >= MOD && preg_match('/^((.+) )?## (.+)$/', $post['name'], $match)) { - if(($mod['type'] == MOD && $match[3] == 'Mod') || $mod['type'] >= ADMIN) { + if ($mod && $mod['type'] >= MOD && preg_match('/^((.+) )?## (.+)$/', $post['name'], $match)) { + if (($mod['type'] == MOD && $match[3] == 'Mod') || $mod['type'] >= ADMIN) { $post['capcode'] = utf8tohtml($match[3]); $post['name'] = $match[2] != '' ? $match[2] : $config['anonymous']; } @@ -323,14 +323,14 @@ if(isset($_POST['delete'])) { $post['name'] = $trip[0]; $post['trip'] = isset($trip[1]) ? $trip[1] : ''; - if(strtolower($post['email']) == 'noko') { + if (strtolower($post['email']) == 'noko') { $noko = true; $post['email'] = ''; } else $noko = false; - if($post['has_file']) { + if ($post['has_file']) { $post['extension'] = strtolower(substr($post['filename'], strrpos($post['filename'], '.') + 1)); - if(isset($config['filename_func'])) + if (isset($config['filename_func'])) $post['file_id'] = $config['filename_func']($post); else $post['file_id'] = time() . substr(microtime(), 2, 3); @@ -340,26 +340,26 @@ if(isset($_POST['delete'])) { } // Check string lengths - if(mb_strlen($post['name']) > 35) + if (mb_strlen($post['name']) > 35) error(sprintf($config['error']['toolong'], 'name')); - if(mb_strlen($post['email']) > 40) + if (mb_strlen($post['email']) > 40) error(sprintf($config['error']['toolong'], 'email')); - if(mb_strlen($post['subject']) > 100) + if (mb_strlen($post['subject']) > 100) error(sprintf($config['error']['toolong'], 'subject')); - if(!$mod && mb_strlen($post['body']) > $config['max_body']) + if (!$mod && mb_strlen($post['body']) > $config['max_body']) error($config['error']['toolong_body']); - if(mb_strlen($post['password']) > 20) + if (mb_strlen($post['password']) > 20) error(sprintf($config['error']['toolong'], 'password')); wordfilters($post['body']); $post['body_nomarkup'] = $post['body']; - if(!($mod && isset($post['raw']) && $post['raw'])) + if (!($mod && isset($post['raw']) && $post['raw'])) $post['tracked_cites'] = markup($post['body'], true); // Check for a flood - if(!hasPermission($config['mod']['flood'], $board['uri']) && checkFlood($post)) { + if (!hasPermission($config['mod']['flood'], $board['uri']) && checkFlood($post)) { error($config['error']['flood']); } @@ -367,8 +367,8 @@ if(isset($_POST['delete'])) { do_filters($post); - if($post['has_file']) { - if(!in_array($post['extension'], $config['allowed_ext']) && !in_array($post['extension'], $config['allowed_ext_files'])) + if ($post['has_file']) { + if (!in_array($post['extension'], $config['allowed_ext']) && !in_array($post['extension'], $config['allowed_ext_files'])) error($config['error']['unknownext']); $is_an_image = !in_array($post['extension'], $config['allowed_ext_files']); @@ -378,23 +378,23 @@ if(isset($_POST['delete'])) { $upload = $_FILES['file']['tmp_name']; - if(!is_readable($upload)) + if (!is_readable($upload)) error($config['error']['nomove']); $post['filehash'] = $config['file_hash']($upload); $post['filesize'] = filesize($upload); - if($is_an_image) { + if ($is_an_image) { // Check IE MIME type detection XSS exploit $buffer = file_get_contents($upload, null, null, null, 255); - if(preg_match($config['ie_mime_type_detection'], $buffer)) { + if (preg_match($config['ie_mime_type_detection'], $buffer)) { undoImage($post); error($config['error']['mime_exploit']); } require_once 'inc/image.php'; - if($config['thumb_method'] == 'imagick') { + if ($config['thumb_method'] == 'imagick') { // This is tricky, because Imagick won't let us find // an image's dimensions without loading it all into // memory first, unlike GD which provides the @@ -405,8 +405,8 @@ if(isset($_POST['delete'])) { // PHP's memory limit. // first try GD's getimagesize() - if($size = @getimagesize($upload)) { - if($size[0] > $config['max_width'] || $size[1] > $config['max_height']) { + if ($size = @getimagesize($upload)) { + if ($size[0] > $config['max_width'] || $size[1] > $config['max_height']) { error($config['error']['maxsize']); } @@ -416,10 +416,10 @@ if(isset($_POST['delete'])) { } } else { // find dimensions of an image using GD - if(!$size = @getimagesize($upload)) { + if (!$size = @getimagesize($upload)) { error($config['error']['invalidimg']); } - if($size[0] > $config['max_width'] || $size[1] > $config['max_height']) { + if ($size[0] > $config['max_width'] || $size[1] > $config['max_height']) { error($config['error']['maxsize']); } } @@ -427,7 +427,7 @@ if(isset($_POST['delete'])) { // create image object $image = new Image($upload, $post['extension']); - if($image->size->width > $config['max_width'] || $image->size->height > $config['max_height']) { + if ($image->size->width > $config['max_width'] || $image->size->height > $config['max_height']) { $image->delete(); error($config['error']['maxsize']); } @@ -435,13 +435,13 @@ if(isset($_POST['delete'])) { $post['width'] = $image->size->width; $post['height'] = $image->size->height; - if($config['spoiler_images'] && isset($_POST['spoiler'])) { + if ($config['spoiler_images'] && isset($_POST['spoiler'])) { $post['thumb'] = 'spoiler'; $size = @getimagesize($config['spoiler_image']); $post['thumbwidth'] = $size[0]; $post['thumbheight'] = $size[1]; - } elseif($config['minimum_copy_resize'] && + } elseif ($config['minimum_copy_resize'] && $image->size->width <= $config['thumb_width'] && $image->size->height <= $config['thumb_height'] && $post['extension'] == ($config['thumb_ext'] ? $config['thumb_ext'] : $post['extension'])) { @@ -466,10 +466,10 @@ if(isset($_POST['delete'])) { $thumb->_destroy(); } - if($config['redraw_image']) { + if ($config['redraw_image']) { $image->to($post['file']); } else { - if(!@move_uploaded_file($_FILES['file']['tmp_name'], $post['file'])) + if (!@move_uploaded_file($_FILES['file']['tmp_name'], $post['file'])) error($config['error']['nomove']); } $image->destroy(); @@ -485,7 +485,7 @@ if(isset($_POST['delete'])) { } } - if($post['has_file'] && $config['image_reject_repost'] && $p = getPostByHash($post['filehash'])) { + if ($post['has_file'] && $config['image_reject_repost'] && $p = getPostByHash($post['filehash'])) { undoImage($post); error(sprintf($config['error']['fileexists'], $post['mod'] ? $config['root'] . $config['file_mod'] . '?/' : $config['root'] . @@ -498,9 +498,9 @@ if(isset($_POST['delete'])) { )); } - if(!hasPermission($config['mod']['postunoriginal'], $board['uri']) && $config['robot_enable'] && checkRobot($post['body_nomarkup'])) { + if (!hasPermission($config['mod']['postunoriginal'], $board['uri']) && $config['robot_enable'] && checkRobot($post['body_nomarkup'])) { undoImage($post); - if($config['robot_mute']) { + if ($config['robot_mute']) { error(sprintf($config['error']['muted'], mute())); } else { error($config['error']['unoriginal']); @@ -508,15 +508,15 @@ if(isset($_POST['delete'])) { } // Remove board directories before inserting them into the database. - if($post['has_file']) { + if ($post['has_file']) { $post['file_path'] = $post['file']; $post['file'] = substr_replace($post['file'], '', 0, mb_strlen($board['dir'] . $config['dir']['img'])); - if($is_an_image && $post['thumb'] != 'spoiler') + if ($is_an_image && $post['thumb'] != 'spoiler') $post['thumb'] = substr_replace($post['thumb'], '', 0, mb_strlen($board['dir'] . $config['dir']['thumb'])); } $post = (object)$post; - if($error = event('post', $post)) { + if ($error = event('post', $post)) { undoImage((array)$post); error($error); } @@ -524,8 +524,8 @@ if(isset($_POST['delete'])) { $id = post($post); - if(isset($post['tracked_cites'])) { - foreach($post['tracked_cites'] as $cite) { + if (isset($post['tracked_cites'])) { + foreach ($post['tracked_cites'] as $cite) { $query = prepare('INSERT INTO `cites` VALUES (:board, :post, :target_board, :target)'); $query->bindValue(':board', $board['uri']); $query->bindValue(':post', $id, PDO::PARAM_INT); @@ -537,20 +537,20 @@ if(isset($_POST['delete'])) { buildThread($post['op'] ? $id : $post['thread']); - if(!$post['op'] && strtolower($post['email']) != 'sage' && !$thread['sage'] && ($config['reply_limit'] == 0 || numPosts($post['thread']) < $config['reply_limit'])) { + if (!$post['op'] && strtolower($post['email']) != 'sage' && !$thread['sage'] && ($config['reply_limit'] == 0 || numPosts($post['thread']) < $config['reply_limit'])) { bumpThread($post['thread']); } - if($post['op']) + if ($post['op']) clean(); event('post-after', $post); buildIndex(); - if(isset($_SERVER['HTTP_REFERER'])) { + if (isset($_SERVER['HTTP_REFERER'])) { // Tell Javascript that we posted successfully - if(isset($_COOKIE[$config['cookies']['js']])) + if (isset($_COOKIE[$config['cookies']['js']])) $js = json_decode($_COOKIE[$config['cookies']['js']]); else $js = (object) array(); @@ -562,7 +562,7 @@ if(isset($_POST['delete'])) { $root = $post['mod'] ? $config['root'] . $config['file_mod'] . '?/' : $config['root']; - if($config['always_noko'] || $noko) { + if ($config['always_noko'] || $noko) { $redirect = $root . $board['dir'] . $config['dir']['res'] . sprintf($config['file_page'], $post['op'] ? $id:$post['thread']) . (!$post['op'] ? '#' . $id : ''); } else { @@ -570,14 +570,14 @@ if(isset($_POST['delete'])) { } - if($config['syslog']) + if ($config['syslog']) _syslog(LOG_INFO, 'New post: /' . $board['dir'] . $config['dir']['res'] . sprintf($config['file_page'], $post['op'] ? $id : $post['thread']) . (!$$post['op'] ? '#' . $id : '')); rebuildThemes('post'); header('Location: ' . $redirect, true, $config['redirect_http']); } else { - if(!file_exists($config['has_installed'])) { + if (!file_exists($config['has_installed'])) { header('Location: install.php', true, $config['redirect_http']); } else { // They opened post.php in their browser manually.
    ' . $item . '