leftypol
/
leftypol
4
5
Fork 2
Code Issues 55 Pull Requests 1 Projects Releases Wiki Activity
Browse Source

Merge pull request #92 from Macil/fixes 

Miscellaneous bugfixes
pull/40/head
Michael 11 years ago
parent
ced540a66e 3a9ed90c58
commit
6aac2472e6
6 changed files with 34 additions and 51 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 6
      inc/display.php
  2. 4
      inc/functions.php
  3. 37
      inc/mod/pages.php
  4. 34
      post.php
  5. 2
      templates/post_reply.html
  6. 2
      templates/post_thread.html

6
inc/display.php
View File

@ -216,7 +216,7 @@ function truncate($body, $url, $max_lines = false, $max_chars = false) {
function secure_link_confirm($text, $title, $confirm_message, $href) {
global $config;
return '<a onclick="if (confirm(\'' . htmlentities(addslashes($confirm_message)) . '\')) document.location=\'?/' . htmlentities(addslashes($href . '/' . make_secure_link_token($href))) . '\';return false;" title="' . htmlentities($title) . '" href="?/' . $href . '">' . $text . '</a>';
return '<a onclick="if (event.which==2) return true;if (confirm(\'' . htmlentities(addslashes($confirm_message)) . '\')) document.location=\'?/' . htmlentities(addslashes($href . '/' . make_secure_link_token($href))) . '\';return false;" title="' . htmlentities($title) . '" href="?/' . $href . '">' . $text . '</a>';
}
function secure_link($href) {
return $href . '/' . make_secure_link_token($href);
@ -350,8 +350,8 @@ class Thread {
// Fix internal links
// Very complicated regex
$this->body = preg_replace(
'/<a(([a-zA-Z]+="[^"]+")|[a-zA-Z]+=[a-zA-Z]+|\s)*href="' . preg_quote($config['root'], '/') . '(' . sprintf(preg_quote($config['board_path'], '/'), '\w+') . ')/',
'<a href="?/$3',
'/<a((([a-zA-Z]+="[^"]+")|[a-zA-Z]+=[a-zA-Z]+|\s)*)href="' . preg_quote($config['root'], '/') . '(' . sprintf(preg_quote($config['board_path'], '/'), '\w+') . ')/',
'<a $1href="?/$4',
$this->body
);
}

4
inc/functions.php
View File

@ -527,7 +527,7 @@ function checkFlood($post) {
$query = prepare(sprintf("SELECT * FROM `posts_%s` WHERE (`ip` = :ip AND `time` >= :floodtime) OR (`ip` = :ip AND `body` != '' AND `body` = :body AND `time` >= :floodsameiptime) OR (`body` != '' AND `body` = :body AND `time` >= :floodsametime) LIMIT 1", $board['uri']));
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
$query->bindValue(':body', $post['body'], PDO::PARAM_INT);
$query->bindValue(':body', $post['body']);
$query->bindValue(':floodtime', time()-$config['flood_time'], PDO::PARAM_INT);
$query->bindValue(':floodsameiptime', time()-$config['flood_time_ip'], PDO::PARAM_INT);
$query->bindValue(':floodsametime', time()-$config['flood_time_same'], PDO::PARAM_INT);
@ -697,7 +697,7 @@ function threadExists($id) {
function post(array $post) {
global $pdo, $board;
$query = prepare(sprintf("INSERT INTO `posts_%s` VALUES ( NULL, :thread, :subject, :email, :name, :trip, :capcode, :body, :body_nomarkup, :time, :time, :thumb, :thumbwidth, :thumbheight, :file, :width, :height, :filesize, :filename, :filehash, :password, :ip, :sticky, :locked, 0, :embed)", $board['uri']));
$query = prepare(sprintf("INSERT INTO `posts_%s` (`id`, `thread`, `subject`, `email`, `name`, `trip`, `capcode`, `body`, `body_nomarkup`, `time`, `bump`, `thumb`, `thumbwidth`, `thumbheight`, `file`, `filewidth`, `fileheight`, `filesize`, `filename`, `filehash`, `password`, `ip`, `sticky`, `locked`, `sage`, `embed`) VALUES ( NULL, :thread, :subject, :email, :name, :trip, :capcode, :body, :body_nomarkup, :time, :time, :thumb, :thumbwidth, :thumbheight, :file, :width, :height, :filesize, :filename, :filehash, :password, :ip, :sticky, :locked, 0, :embed)", $board['uri']));
// Basic stuff
if (!empty($post['subject'])) {

37
inc/mod/pages.php
View File

@ -64,6 +64,7 @@ function mod_confirm($request) {
}
function mod_logout() {
global $config;
destroyCookies();
header('Location: ?/', true, $config['redirect_http']);
@ -706,7 +707,7 @@ function mod_sticky($board, $unsticky, $post) {
$query->bindValue(':sticky', $unsticky ? 0 : 1);
$query->execute() or error(db_error($query));
if ($query->rowCount()) {
modLog(($unlock ? 'Unstickied' : 'Stickied') . " thread #{$post}");
modLog(($unsticky ? 'Unstickied' : 'Stickied') . " thread #{$post}");
buildThread($post);
buildIndex();
}
@ -728,7 +729,7 @@ function mod_bumplock($board, $unbumplock, $post) {
$query->bindValue(':bumplock', $unbumplock ? 0 : 1);
$query->execute() or error(db_error($query));
if ($query->rowCount()) {
modLog(($unlock ? 'Unbumplocked' : 'Bumplocked') . " thread #{$post}");
modLog(($unbumplock ? 'Unbumplocked' : 'Bumplocked') . " thread #{$post}");
buildThread($post);
buildIndex();
}
@ -1019,13 +1020,6 @@ function mod_deletefile($board, $post) {
// Record the action
modLog("Deleted file from post #{$post}");
$query = prepare(sprintf('SELECT `thread` FROM `posts_%s` WHERE `id` = :id', $board));
$query->bindValue(':id', $post);
$query->execute() or error(db_error($query));
$thread = $query->fetchColumn();
// Rebuild thread
buildThread($thread ? $thread : $post);
// Rebuild board
buildIndex();
@ -1058,7 +1052,7 @@ function mod_deletebyip($boardName, $post, $global = false) {
$query = '';
foreach ($boards as $_board) {
$query .= sprintf("SELECT `id`, '%s' AS `board` FROM `posts_%s` WHERE `ip` = :ip UNION ALL ", $_board['uri'], $_board['uri']);
$query .= sprintf("SELECT `thread`, `id`, '%s' AS `board` FROM `posts_%s` WHERE `ip` = :ip UNION ALL ", $_board['uri'], $_board['uri']);
}
$query = preg_replace('/UNION ALL $/', '', $query);
@ -1069,18 +1063,27 @@ function mod_deletebyip($boardName, $post, $global = false) {
if ($query->rowCount() < 1)
error($config['error']['invalidpost']);
$boards = array();
set_time_limit($config['mod']['rebuild_timelimit']);
$threads_to_rebuild = array();
$threads_deleted = array();
while ($post = $query->fetch()) {
openBoard($post['board']);
$boards[] = $post['board'];
deletePost($post['id'], false);
deletePost($post['id'], false, false);
if ($post['thread'])
$threads_to_rebuild[$post['board']][$post['thread']] = true;
else
$threads_deleted[$post['board']][$post['id']] = true;
}
$boards = array_unique($boards);
foreach ($boards as $_board) {
foreach ($threads_to_rebuild as $_board => $_threads) {
openBoard($_board);
foreach ($_threads as $_thread => $_dummy) {
if ($_dummy && !isset($threads_deleted[$_board][$_thread]))
buildThread($_thread);
}
buildIndex();
}
@ -1412,6 +1415,8 @@ function mod_rebuild() {
error($config['error']['noaccess']);
if (isset($_POST['rebuild'])) {
set_time_limit($config['mod']['rebuild_timelimit']);
$log = array();
$boards = listBoards();
$rebuilt_scripts = array();

34
post.php
View File

@ -407,34 +407,12 @@ if (isset($_POST['delete'])) {
require_once 'inc/image.php';
if ($config['thumb_method'] == 'imagick') {
// This is tricky, because Imagick won't let us find
// an image's dimensions without loading it all into
// memory first, unlike GD which provides the
// getimagesize() to do exactly that. This section
// is why GD is required, even when using Imagick
// instead. There doesn't seem to be an alternative.
// Necessary for security, as Imagick even ignores
// PHP's memory limit.
// first try GD's getimagesize()
if ($size = @getimagesize($upload)) {
if ($size[0] > $config['max_width'] || $size[1] > $config['max_height']) {
error($config['error']['maxsize']);
}
} else {
// GD failed
// TODO?
}
} else {
// find dimensions of an image using GD
if (!$size = @getimagesize($upload)) {
error($config['error']['invalidimg']);
}
if ($size[0] > $config['max_width'] || $size[1] > $config['max_height']) {
error($config['error']['maxsize']);
}
// find dimensions of an image using GD
if (!$size = @getimagesize($upload)) {
error($config['error']['invalidimg']);
}
if ($size[0] > $config['max_width'] || $size[1] > $config['max_height']) {
error($config['error']['maxsize']);
}
// create image object

2
templates/post_reply.html
View File

@ -63,7 +63,7 @@
, {{ post.ratio }}
{% endif %}
{% endif %}
{% if config.show_filename %}
{% if config.show_filename and post.filename %}
,
{% if post.filename|length > config.max_filename_display %}
<span title="{{ post.filename }}">{{ post.filename|truncate(config.max_filename_display) }}</span>

2
templates/post_thread.html
View File

@ -20,7 +20,7 @@
, {{ post.ratio }}
{% endif %}
{% endif %}
{% if config.show_filename %}
{% if config.show_filename and post.filename %}
,
{% if post.filename|length > config.max_filename_display %}
<span title="{{ post.filename }}">{{ post.filename|truncate(config.max_filename_display) }}</span>

Write Preview
Loading…
Cancel
Save