From 00bd5e8d2033c14fe1fd7b15a0db1b1827d549b9 Mon Sep 17 00:00:00 2001
From: Macil Tech <maciltech@gmail.com>
Date: Fri, 18 Jan 2013 23:13:08 -0600
Subject: [PATCH 01/11] Remove buildThread() call from mod_deletefile because
 deleteFile() already calls it.

---
 inc/mod/pages.php | 7 -------
 1 file changed, 7 deletions(-)

diff --git a/inc/mod/pages.php b/inc/mod/pages.php
index 4f1ab73c..6261d4af 100644
--- a/inc/mod/pages.php
+++ b/inc/mod/pages.php
@@ -1019,13 +1019,6 @@ function mod_deletefile($board, $post) {
 	// Record the action
 	modLog("Deleted file from post #{$post}");
 	
-	$query = prepare(sprintf('SELECT `thread` FROM `posts_%s` WHERE `id` = :id', $board));
-	$query->bindValue(':id', $post);
-	$query->execute() or error(db_error($query));
-	$thread = $query->fetchColumn();
-	
-	// Rebuild thread
-	buildThread($thread ? $thread : $post);
 	// Rebuild board
 	buildIndex();
 	

From 9007640e88543f972321cbd4f5561e8666c51afd Mon Sep 17 00:00:00 2001
From: Macil Tech <maciltech@gmail.com>
Date: Wed, 16 Jan 2013 16:32:24 -0600
Subject: [PATCH 02/11] Don't do anything if a mod link is middle-clicked.

This lets Chrome users open mod actions in a new tab by middle-clicking,
as Chrome still calls the onclick event when middle-clicking unlike
Firefox.
---
 inc/display.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/inc/display.php b/inc/display.php
index 85c21e7c..ef952ca2 100644
--- a/inc/display.php
+++ b/inc/display.php
@@ -216,7 +216,7 @@ function truncate($body, $url, $max_lines = false, $max_chars = false) {
 function secure_link_confirm($text, $title, $confirm_message, $href) {
 	global $config;
 
-	return '<a onclick="if (confirm(\'' . htmlentities(addslashes($confirm_message)) . '\')) document.location=\'?/' . htmlentities(addslashes($href . '/' . make_secure_link_token($href))) . '\';return false;" title="' . htmlentities($title) . '" href="?/' . $href . '">' . $text . '</a>';
+	return '<a onclick="if (event.which==2) return true;if (confirm(\'' . htmlentities(addslashes($confirm_message)) . '\')) document.location=\'?/' . htmlentities(addslashes($href . '/' . make_secure_link_token($href))) . '\';return false;" title="' . htmlentities($title) . '" href="?/' . $href . '">' . $text . '</a>';
 }
 function secure_link($href) {
 	return $href . '/' . make_secure_link_token($href);

From fda99305aee1adbf8d57dc73b46565471fac4c4d Mon Sep 17 00:00:00 2001
From: Macil Tech <maciltech@gmail.com>
Date: Fri, 18 Jan 2013 23:16:42 -0600
Subject: [PATCH 03/11] Global missing from mod_logout

---
 inc/mod/pages.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/inc/mod/pages.php b/inc/mod/pages.php
index 6261d4af..7baaa3d9 100644
--- a/inc/mod/pages.php
+++ b/inc/mod/pages.php
@@ -64,6 +64,7 @@ function mod_confirm($request) {
 }
 
 function mod_logout() {
+	global $config;
 	destroyCookies();
 	
 	header('Location: ?/', true, $config['redirect_http']);

From 322b902c8a316c4c64cb81cd5db0974817ca57f5 Mon Sep 17 00:00:00 2001
From: Macil Tech <maciltech@gmail.com>
Date: Thu, 12 Jul 2012 07:43:43 -0600
Subject: [PATCH 04/11] Fix incorrect log message when bumplocking and
 stickying threads.

---
 inc/mod/pages.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/inc/mod/pages.php b/inc/mod/pages.php
index 7baaa3d9..9526a7df 100644
--- a/inc/mod/pages.php
+++ b/inc/mod/pages.php
@@ -707,7 +707,7 @@ function mod_sticky($board, $unsticky, $post) {
 	$query->bindValue(':sticky', $unsticky ? 0 : 1);
 	$query->execute() or error(db_error($query));
 	if ($query->rowCount()) {
-		modLog(($unlock ? 'Unstickied' : 'Stickied') . " thread #{$post}");
+		modLog(($unsticky ? 'Unstickied' : 'Stickied') . " thread #{$post}");
 		buildThread($post);
 		buildIndex();
 	}
@@ -729,7 +729,7 @@ function mod_bumplock($board, $unbumplock, $post) {
 	$query->bindValue(':bumplock', $unbumplock ? 0 : 1);
 	$query->execute() or error(db_error($query));
 	if ($query->rowCount()) {
-		modLog(($unlock ? 'Unbumplocked' : 'Bumplocked') . " thread #{$post}");
+		modLog(($unbumplock ? 'Unbumplocked' : 'Bumplocked') . " thread #{$post}");
 		buildThread($post);
 		buildIndex();
 	}

From f2d3e45fd3b21758fd12c0c4a23ce272cca18026 Mon Sep 17 00:00:00 2001
From: Macil Tech <maciltech@gmail.com>
Date: Fri, 13 Jul 2012 11:03:22 -0600
Subject: [PATCH 05/11] Handle posts without filenames.

If a post doesn't have a filename (such as because of a post event
changing it), then don't show an empty filename with the post.
---
 templates/post_reply.html  | 2 +-
 templates/post_thread.html | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/templates/post_reply.html b/templates/post_reply.html
index f50e392e..ddd0afd4 100644
--- a/templates/post_reply.html
+++ b/templates/post_reply.html
@@ -63,7 +63,7 @@
 					, {{ post.ratio }}
 				{% endif %}
 			{% endif %}
-			{% if config.show_filename %}
+			{% if config.show_filename and post.filename %}
 				, 
 				{% if post.filename|length > config.max_filename_display %}
 					<span title="{{ post.filename }}">{{ post.filename|truncate(config.max_filename_display) }}</span>
diff --git a/templates/post_thread.html b/templates/post_thread.html
index da93c5dd..cf93bed0 100644
--- a/templates/post_thread.html
+++ b/templates/post_thread.html
@@ -20,7 +20,7 @@
 				, {{ post.ratio }}
 			{% endif %}
 		{% endif %}
-		{% if config.show_filename %}
+		{% if config.show_filename and post.filename %}
 			, 
 			{% if post.filename|length > config.max_filename_display %}
 				<span title="{{ post.filename }}">{{ post.filename|truncate(config.max_filename_display) }}</span>

From 67ab3760baf43061d68b9480ed2e651b7b6566ae Mon Sep 17 00:00:00 2001
From: Macil Tech <maciltech@gmail.com>
Date: Thu, 19 Jul 2012 00:16:50 -0600
Subject: [PATCH 06/11] Removed redundant code in image processing.

Both paths of the code here did the same thing.
---
 post.php | 34 ++++++----------------------------
 1 file changed, 6 insertions(+), 28 deletions(-)

diff --git a/post.php b/post.php
index 16566b51..1153b46a 100644
--- a/post.php
+++ b/post.php
@@ -407,34 +407,12 @@ if (isset($_POST['delete'])) {
 			
 			require_once 'inc/image.php';
 			
-			if ($config['thumb_method'] == 'imagick') {
-				// This is tricky, because Imagick won't let us find
-				// an image's dimensions without loading it all into
-				// memory first, unlike GD which provides the
-				// getimagesize() to do exactly that. This section
-				// is why GD is required, even when using Imagick
-				// instead. There doesn't seem to be an alternative.
-				// Necessary for security, as Imagick even ignores
-				// PHP's memory limit.
-				
-				// first try GD's getimagesize()
-				if ($size = @getimagesize($upload)) {
-					if ($size[0] > $config['max_width'] || $size[1] > $config['max_height']) {
-
-						error($config['error']['maxsize']);
-					}
-				} else {
-					// GD failed
-					// TODO?
-				}
-			} else {
-				// find dimensions of an image using GD
-				if (!$size = @getimagesize($upload)) {
-					error($config['error']['invalidimg']);
-				}
-				if ($size[0] > $config['max_width'] || $size[1] > $config['max_height']) {
-					error($config['error']['maxsize']);
-				}
+			// find dimensions of an image using GD
+			if (!$size = @getimagesize($upload)) {
+				error($config['error']['invalidimg']);
+			}
+			if ($size[0] > $config['max_width'] || $size[1] > $config['max_height']) {
+				error($config['error']['maxsize']);
 			}
 			
 			// create image object

From 0092fc62ab48bb9abc84a9f0641f253e5e9f1d35 Mon Sep 17 00:00:00 2001
From: Macil Tech <maciltech@gmail.com>
Date: Tue, 24 Jul 2012 11:51:59 -0600
Subject: [PATCH 07/11] Extend timelimit when rebuilding from mod interface.

The rebuild_timelimit config option was not used anywhere since the mod
interface rewrite.
---
 inc/mod/pages.php | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/inc/mod/pages.php b/inc/mod/pages.php
index 9526a7df..91ae8046 100644
--- a/inc/mod/pages.php
+++ b/inc/mod/pages.php
@@ -1406,6 +1406,8 @@ function mod_rebuild() {
 		error($config['error']['noaccess']);
 	
 	if (isset($_POST['rebuild'])) {
+		set_time_limit($config['mod']['rebuild_timelimit']);
+		
 		$log = array();
 		$boards = listBoards();
 		$rebuilt_scripts = array();

From 5628f789702d9bdbd573f1833f6258b4f26a47b4 Mon Sep 17 00:00:00 2001
From: Macil Tech <maciltech@gmail.com>
Date: Tue, 4 Sep 2012 00:21:04 -0600
Subject: [PATCH 08/11] Made deleting posts by IP more efficient.

No longer rebuilds same thread multiple times.
---
 inc/mod/pages.php | 23 ++++++++++++++++-------
 1 file changed, 16 insertions(+), 7 deletions(-)

diff --git a/inc/mod/pages.php b/inc/mod/pages.php
index 91ae8046..e90e9ff0 100644
--- a/inc/mod/pages.php
+++ b/inc/mod/pages.php
@@ -1052,7 +1052,7 @@ function mod_deletebyip($boardName, $post, $global = false) {
 	
 	$query = '';
 	foreach ($boards as $_board) {
-		$query .= sprintf("SELECT `id`, '%s' AS `board` FROM `posts_%s` WHERE `ip` = :ip UNION ALL ", $_board['uri'], $_board['uri']);
+		$query .= sprintf("SELECT `thread`, `id`, '%s' AS `board` FROM `posts_%s` WHERE `ip` = :ip UNION ALL ", $_board['uri'], $_board['uri']);
 	}
 	$query = preg_replace('/UNION ALL $/', '', $query);
 	
@@ -1063,18 +1063,27 @@ function mod_deletebyip($boardName, $post, $global = false) {
 	if ($query->rowCount() < 1)
 		error($config['error']['invalidpost']);
 	
-	$boards = array();
+	set_time_limit($config['mod']['rebuild_timelimit']);
+	
+	$threads_to_rebuild = array();
+	$threads_deleted = array();
 	while ($post = $query->fetch()) {
 		openBoard($post['board']);
-		$boards[] = $post['board'];
 		
-		deletePost($post['id'], false);
+		deletePost($post['id'], false, false);
+
+		if ($post['thread'])
+			$threads_to_rebuild[$post['board']][$post['thread']] = true;
+		else
+			$threads_deleted[$post['board']][$post['id']] = true;
 	}
 	
-	$boards = array_unique($boards);
-	
-	foreach ($boards as $_board) {
+	foreach ($threads_to_rebuild as $_board => $_threads) {
 		openBoard($_board);
+		foreach ($_threads as $_thread => $_dummy) {
+			if ($_dummy && !isset($threads_deleted[$_board][$_thread]))
+				buildThread($_thread);
+		}
 		buildIndex();
 	}
 	

From 90ada24ddc84c08ddeb2411e0ede02b1afa7104c Mon Sep 17 00:00:00 2001
From: Macil Tech <maciltech@gmail.com>
Date: Tue, 9 Oct 2012 19:57:01 -0600
Subject: [PATCH 09/11] Insert into posts table using named columns.

Makes it easier to update the posts table schema.
---
 inc/functions.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/inc/functions.php b/inc/functions.php
index a7b6b434..3de1ccaf 100644
--- a/inc/functions.php
+++ b/inc/functions.php
@@ -697,7 +697,7 @@ function threadExists($id) {
 
 function post(array $post) {
 	global $pdo, $board;
-	$query = prepare(sprintf("INSERT INTO `posts_%s` VALUES ( NULL, :thread, :subject, :email, :name, :trip, :capcode, :body, :body_nomarkup, :time, :time, :thumb, :thumbwidth, :thumbheight, :file, :width, :height, :filesize, :filename, :filehash, :password, :ip, :sticky, :locked, 0, :embed)", $board['uri']));
+	$query = prepare(sprintf("INSERT INTO `posts_%s` (`id`, `thread`, `subject`, `email`, `name`, `trip`, `capcode`, `body`, `body_nomarkup`, `time`, `bump`, `thumb`, `thumbwidth`, `thumbheight`, `file`, `filewidth`, `fileheight`, `filesize`, `filename`, `filehash`, `password`, `ip`, `sticky`, `locked`, `sage`, `embed`) VALUES ( NULL, :thread, :subject, :email, :name, :trip, :capcode, :body, :body_nomarkup, :time, :time, :thumb, :thumbwidth, :thumbheight, :file, :width, :height, :filesize, :filename, :filehash, :password, :ip, :sticky, :locked, 0, :embed)", $board['uri']));
 	
 	// Basic stuff
 	if (!empty($post['subject'])) {

From 7eef94e04e3f80ae776cd2c02ca29dd93945a47f Mon Sep 17 00:00:00 2001
From: Macil Tech <maciltech@gmail.com>
Date: Fri, 2 Nov 2012 22:29:11 -0600
Subject: [PATCH 10/11] Fix transforming links to mod links in OP posts.

Similar regexes are called for threads and posts, but they differed
needlessly, and the thread regex would drop anything between the `<a`
and `href="` parts. This makes them both the same and functional.
---
 inc/display.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/inc/display.php b/inc/display.php
index ef952ca2..2b5d3116 100644
--- a/inc/display.php
+++ b/inc/display.php
@@ -350,8 +350,8 @@ class Thread {
 			// Fix internal links
 			// Very complicated regex
 			$this->body = preg_replace(
-				'/<a(([a-zA-Z]+="[^"]+")|[a-zA-Z]+=[a-zA-Z]+|\s)*href="' . preg_quote($config['root'], '/') . '(' . sprintf(preg_quote($config['board_path'], '/'), '\w+') . ')/',
-				'<a href="?/$3',
+				'/<a((([a-zA-Z]+="[^"]+")|[a-zA-Z]+=[a-zA-Z]+|\s)*)href="' . preg_quote($config['root'], '/') . '(' . sprintf(preg_quote($config['board_path'], '/'), '\w+') . ')/',
+				'<a $1href="?/$4',
 				$this->body
 			);
 	}

From 3a9ed90c585b0e97cbc3453f5a004c34e630cf00 Mon Sep 17 00:00:00 2001
From: Macil Tech <maciltech@gmail.com>
Date: Wed, 28 Nov 2012 20:08:53 -0700
Subject: [PATCH 11/11] Incorrect parameter type.

The parameter was bound with the wrong type. I guess the type isn't
enforced judging by how the code still seemed to work, but it probably
should be fixed.
---
 inc/functions.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/inc/functions.php b/inc/functions.php
index 3de1ccaf..8ce81e25 100644
--- a/inc/functions.php
+++ b/inc/functions.php
@@ -527,7 +527,7 @@ function checkFlood($post) {
 	
 	$query = prepare(sprintf("SELECT * FROM `posts_%s` WHERE (`ip` = :ip AND `time` >= :floodtime) OR (`ip` = :ip AND `body` != '' AND `body` = :body AND `time` >= :floodsameiptime) OR (`body` != ''  AND `body` = :body AND `time` >= :floodsametime) LIMIT 1", $board['uri']));
 	$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
-	$query->bindValue(':body', $post['body'], PDO::PARAM_INT);
+	$query->bindValue(':body', $post['body']);
 	$query->bindValue(':floodtime', time()-$config['flood_time'], PDO::PARAM_INT);
 	$query->bindValue(':floodsameiptime', time()-$config['flood_time_ip'], PDO::PARAM_INT);
 	$query->bindValue(':floodsametime', time()-$config['flood_time_same'], PDO::PARAM_INT);