leftypol
/
leftypol
3
2
Fork 1
Code Issues 37 Pull Requests 1 Projects Releases Wiki Activity
Browse Source

merged mod branch

pull/40/head
Savetheinternet 12 years ago
parent
392ae5f6e4 44d280e120
commit
afbd0c6473
35 changed files with 2826 additions and 815 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 34
      LICENSE
  2. 47
      README.md
  3. 0
      default.css
  4. BIN
      img/fade-yotsuba.png
  5. 397
      inc/config.php
  6. 49
      inc/database.php
  7. 199
      inc/display.php
  8. 760
      inc/functions.php
  9. 46
      inc/instance-config.php
  10. 187
      inc/mod.php
  11. 2
      inc/template.php
  12. 101
      inc/user.php
  13. 244
      install.php
  14. 63
      install.sql
  15. 71
      main.js
  16. 661
      mod.php
  17. 365
      post.php
  18. 3
      res/index.php
  19. 3
      src/index.php
  20. BIN
      static/deleted.png
  21. 0
      static/error.png
  22. BIN
      static/locked.gif
  23. 0
      static/ok.png
  24. BIN
      static/sticky.gif
  25. 0
      static/warning.png
  26. 0
      static/zip.png
  27. 103
      style.css
  28. 47
      templates/index.html
  29. 28
      templates/login.html
  30. 10
      templates/page.html
  31. 25
      templates/posts.sql
  32. 41
      templates/thread.html
  33. 112
      test.php
  34. 3
      thumb/index.php
  35. 40
      yotsuba.css

34
LICENSE
View File

@ -1,13 +1,21 @@
Copyright (c) 2010 by Omega Software Development Group
Permission to use, copy, modify, and/or distribute this software for any
purpose with or without fee is hereby granted, provided that the above copyright
notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
Copyright (c) 2010-2011, Omega Software Development Group <http://omegasdg.com/>
Permission to use, copy, modify, and/or distribute this software is granted,
provided that the following terms are obeyed.
1. The above copyright notice, this permission notice, and these terms must
appear in all copies and modifications of this software.
2. This software must not be utilized in any manner that is primarily intended
for or directed toward commercial advantage or private monetary compensation.
3. Any changes to this software must be made easily publicly available in the
form of source code.
THIS SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH
REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND
FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT,
INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS
OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF
THIS SOFTWARE.

47
README.md
View File

@ -5,23 +5,25 @@ Tinyboard is an imageboard software package written in PHP. It aims to maintain
Tinyboard is not currently at a stable state.
[o]: http://omegadev.org/
[o]: http://omegasdg.com/
## Requirements
1. PHP >= 5.2.0
2. php-gd
3. php-pdo with appropriate driver for your database
## Installation
1. Tinyboard requires a MySQL database and a user to work. Create one.
1. Tinyboard requires an SQL database and a user to work. Create one.
2. Import 'install.sql' into the database. There are several ways to do this.
- using phpMyAdmin
- `mysql -uUSERNAME -pPASSWORD DATABASE < install.sql`
3. Edit 'instance-config.php' to suit your installation. You should copy some values from '[inc/config.php][c]' to redefine them in the instance-config.
4. Make sure that the directories used by Tinyboard are writable. Depending on your setup, you may need to `chmod` the directories to 777.
The default directories are:
- ./res
- ./src
- ./thumb
- . (document root)
4. Make sure that the Tinyboard directory is writable. Depending on your setup, you may need to `chmod` "." to 777, with `chmod 777 .`
5. Ensure everything is okay by running [test.php][t] in a browser. The script will try and help you correct your errors.
6. Run the [post.php][p] script. It should create an index.html and redirect you to it if everything is okay.
7. Optional (highly recommended): Either delete or chmod as unreadable the following files: [test.php][t], [install.sql][i], and this [README][r].
An automated installation script will be completed soon.
[t]: http://github.com/savetheinternet/Tinyboard/blob/master/test.php
[p]: http://github.com/savetheinternet/Tinyboard/blob/master/post.php
@ -30,17 +32,24 @@ Tinyboard is not currently at a stable state.
[r]: http://github.com/savetheinternet/Tinyboard/blob/master/README.md
## License
Copyright (c) 2010 by Omega Software Development Group
Copyright (c) 2010-2011, Omega Software Development Group <http://omegasdg.com/>
Permission to use, copy, modify, and/or distribute this software is granted,
provided that the following terms are obeyed.
1. The above copyright notice, this permission notice, and these terms must
appear in all copies and modifications of this software.
Permission to use, copy, modify, and/or distribute this software for any
purpose with or without fee is hereby granted, provided that the above copyright
notice and this permission notice appear in all copies.
2. This software must not be utilized in any manner that is primarily intended
for or directed toward commercial advantage or private monetary compensation.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3. Any changes to this software must be made easily publicly available in the
form of source code.
THIS SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH
REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND
FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT,
INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS
OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF
THIS SOFTWARE.

0
default.css
View File

BIN
img/fade-yotsuba.png
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 186 B

397
inc/config.php
View File

@ -8,177 +8,326 @@
* your instance-config.php
*
*/
$config = Array(
'db' => Array(),
'cookies' => Array(),
'error' => Array(),
'dir' => Array(),
'mod' => Array()
);
// Database stuff
define('MY_SERVER', 'localhost', true);
define('MY_USER', '', true);
define('MY_PASSWORD', '', true);
define('MY_DATABASE', '', true);
// SQL driver ("mysql", "pgsql", "sqlite", "dblib", etc)
// http://www.php.net/manual/en/pdo.drivers.php
$config['db']['type'] = 'mysql';
// Hostname or IP address
$config['db']['server'] = 'localhost';
// Login
$config['db']['user'] = '';
$config['db']['password'] = '';
// Tinyboard database
$config['db']['database'] = '';
// Anything more to add to the DSN string (eg. port=xxx;foo=bar)
$config['db']['dsn'] = '';
// The name of the session cookie (PHP's $_SESSION)
define('SESS_COOKIE', 'imgboard', true);
$config['cookies']['session']= 'imgboard';
// Used to safely determine when the user was first seen, to prevent floods.
// time()
define('TIME_COOKIE', 'arrived', true);
// HASH_COOKIE contains an MD5 hash of TIME_COOKIE+SALT for verification.
define('HASH_COOKIE', 'hash', true);
// Used to safely determine when the user was first seen, to prevent floods. Contains a UNIX timestamp.
$config['cookies']['time'] = 'arrived';
// Contains an MD5 hash of $config['cookies']['time'] for verification.
$config['cookies']['hash'] = 'hash';
// Used for moderation login
define('MOD_COOKIE', 'mod', true);
// Where to set the 'path' parameter to ROOT when creating cookies. Recommended.
define('JAIL_COOKIES', true, true);
// Whether or not to lock moderator sessions to the IP address that was logged in with.
define('MOD_LOCK_IP', true, true);
// Mod
$config['cookies']['mod'] = 'mod';
// Where to set the 'path' parameter to $config['root'] when creating cookies. Recommended.
$config['cookies']['jail'] = true;
// How long should the cookies last (in seconds)
define('COOKIE_EXPIRE', 15778463, true); //6 months
define('SALT', 'wefaw98YHEWUFuo', true);
$config['cookies']['expire']= 15778463; //6 months
// Make this something long and random for security
$config['cookies']['salt'] = 'wefaw98YHEWUFuo';
// How long should moderators should remain logged in (0=browser session) (in seconds)
$config['mod']['expire'] = 15778463; //6 months
// Used to salt secure tripcodes (##trip)
$config['secure_trip_salt'] = '@#$&^@#)$(*&@!_$(&329-8347';
// How many seconds before you can post, after the first visit
define('LURKTIME', 30, true);
$config['lurktime'] = 30;
// How many seconds between each post
$config['flood_time'] = 10;
// How many seconds between each post with exactly the same content and same IP
$config['flood_time_ip'] = 120;
// Same as above but different IP address
$config['flood_time_same'] = 30;
// Do you need a body for your non-OP posts?
$config['force_body'] = true;
// Max body length
define('MAX_BODY', 1800, true);
define('THREADS_PER_PAGE', 10, true);
define('MAX_PAGES', 5, true);
define('THREADS_PREVIEW', 5, true);
$config['max_body'] = 1800;
$config['threads_per_page'] = 10;
$config['max_pages'] = 10;
$config['threads_preview'] = 5;
// For development purposes. Turns 'display_errors' on. Not recommended for production.
define('VERBOSE_ERRORS', true, true);
$config['verbose_errors'] = true;
// Error messages
define('ERROR_LURK', 'Lurk some more before posting.', true);
define('ERROR_BOT', 'You look like a bot.', true);
define('ERROR_TOOLONG', 'The %s field was too long.', true);
define('ERROR_TOOLONGBODY', 'The body was too long.', true);
define('ERROR_TOOSHORTBODY', 'The body was too short or empty.', true);
define('ERROR_NOIMAGE', 'You must upload an image.', true);
define('ERROR_NOMOVE', 'The server failed to handle your upload.', true);
define('ERROR_FILEEXT', 'Unsupported image format.', true);
define('ERROR_NOBOARD', 'Invalid board!', true);
define('ERROR_NONEXISTANT', 'Thread specified does not exist.', true);
define('ERROR_NOPOST', 'You didn\'t make a post.', true);
define('ERR_INVALIDIMG','Invalid image.', true);
define('ERR_FILESIZE', 'Maximum file size: %maxsz% bytes<br>Your file\'s size: %filesz% bytes', true);
define('ERR_MAXSIZE', 'The file was too big.', true);
define('ERR_INVALIDZIP','Invalid archive!', true);
$config['error']['lurk'] = 'Lurk some more before posting.';
$config['error']['bot'] = 'You look like a bot.';
$config['error']['toolong'] = 'The %s field was too long.';
$config['error']['toolong_body'] = 'The body was too long.';
$config['error']['tooshort_body'] = 'The body was too short or empty.';
$config['error']['noimage'] = 'You must upload an image.';
$config['error']['nomove'] = 'The server failed to handle your upload.';
$config['error']['fileext'] = 'Unsupported image format.';
$config['error']['noboard'] = 'Invalid board!';
$config['error']['nonexistant'] = 'Thread specified does not exist.';
$config['error']['locked'] = 'Thread locked. You may not reply at this time.';
$config['error']['nopost'] = 'You didn\'t make a post.';
$config['error']['flood'] = 'Flood detected; Post discared.';
$config['error']['unoriginal'] = 'Unoriginal content!';
$config['error']['muted'] = 'Unoriginal content! You have been muted for %d seconds.';
$config['error']['youaremuted'] = 'You are muted! Expires in %d seconds.';
$config['error']['tor'] = 'Hmm… That looks like a Tor exit node.';
$config['error']['toomanylinks'] = 'Too many links; flood detected.';
$config['error']['nodelete'] = 'You didn\'t select anything to delete.';
$config['error']['invalidpassword'] = 'Wrong password…';
$config['error']['invalidimg'] = 'Invalid image.';
$config['error']['filesize'] = 'Maximum file size: %maxsz% bytes<br>Your file\'s size: %filesz% bytes';
$config['error']['maxsize'] = 'The file was too big.';
$config['error']['invalidzip'] = 'Invalid archive!';
// Moderator errors
define('ERROR_INVALID', 'Invalid username and/or password.', true);
define('ERROR_INVALIDAFTER', 'Invalid username and/or password. Your user may have been deleted or changed.');
define('ERROR_MALFORMED','Invalid/malformed cookies.', true);
$config['error']['invalid'] = 'Invalid username and/or password.';
$config['error']['notamod'] = 'You are not a mod…';
$config['error']['invalidafter'] = 'Invalid username and/or password. Your user may have been deleted or changed.';
$config['error']['malformed'] = 'Invalid/malformed cookies.';
$config['error']['missedafield'] = 'Your browser didn\'t submit an input when it should have.';
$config['error']['required'] = 'The %s field is required.';
$config['error']['invalidfield'] = 'The %s field was invalid.';
$config['error']['boardexists'] = 'There is already a %s board.';
$config['error']['noaccess'] = 'You don\'t have permission to do that.';
$config['error']['invalidpost'] = 'That post doesn\'t exist…';
$config['error']['404'] = 'Page not found.';
// Reply limit (deletes thread when this is reached)
$config['reply_limit'] = 250;
// For resizing, max values
define('THUMB_WIDTH', 200, true);
define('THUMB_HEIGHT', 200, true);
$config['thumb_width'] = 255;
$config['thumb_height'] = 255;
// Store image hash in the database for r9k-like boards implementation soon
// Function name for hashing
// sha1_file, md5_file, etc.
$config['file_hash'] = 'sha1_file';
$config['block_tor'] = true;
// Typically spambots try to post a lot of links. Refuse a post with X standalone links?
$config['max_links'] = 20;
// Maximum image upload size in bytes
define('MAX_FILESIZE', 10*1024*1024, true); // 10MB
$config['max_filesize'] = 10*1024*1024; // 10MB
// Maximum image dimensions
define('MAX_WIDTH', 10000, true);
define('MAX_HEIGHT', MAX_WIDTH, true);
/* When you upload a ZIP as a file, all the images inside the archive
* get dumped into the thread as replies.
* Extremely beta and not recommended yet.
*/
define('ALLOW_ZIP', false, true);
define('ZIP_IMAGE', 'src/zip.png', true);
$config['max_width'] = 1000;
$config['max_height'] = $config['max_width']; // 1:1
/**
Redraw the image using GD functions to strip any excess data (commonly ZIP archives)
WARNING: Very beta. Currently strips animated GIFs too :(
WARNING: Currently strips animated GIFs too :(
**/
define('REDRAW_IMAGE', false, true);
$config['redraw_image'] = false;
// Redrawing configuration
define('JPEG_QUALITY', 100, true);
define('REDRAW_GIF', false, true);
// Display the aspect ratio in a post's file info
define('SHOW_RATIO', true, true);
define('DIR_IMG', 'src/', true);
define('DIR_THUMB', 'thumb/', true);
define('DIR_RES', 'res/', true);
$config['jpeg_quality'] = 100;
// Temporary fix for the animation-stripping bug
$config['redraw_gifs'] = false;
// Where to store the .html templates. This folder and templates must exist or fatal errors will be thrown.
define('DIR_TEMPLATE', getcwd() . '/templates', true);
// Display the aspect ratio in a post's file info
$config['show_ratio'] = true;
// The root directory, including the trailing slash, for Tinyboard.
// examples: '/', 'http://boards.chan.org/', '/chan/'
define('ROOT', '/', true);
$config['root'] = '/';
$config['dir']['img'] = 'src/';
$config['dir']['thumb'] = 'thumb/';
$config['dir']['res'] = 'res/';
// For load balancing, having a seperate server (and domain/subdomain) for serving static content is possible.
// This can either be a directory or a URL (eg. http://static.example.org/)
$config['dir']['static'] = $config['root'] . 'static/';
// Where to store the .html templates. This folder and templates must exist or fatal errors will be thrown.
$config['dir']['template'] = getcwd() . '/templates';
// Static images
// These can be URLs OR base64 (data URI scheme)
$config['image_sticky'] = $config['dir']['static'] . 'sticky.gif';
$config['image_locked'] = $config['dir']['static'] . 'locked.gif';
$config['image_deleted'] = $config['dir']['static'] . 'deleted.png';
$config['image_zip'] = $config['dir']['static'] . 'zip.png';
// If for some reason the folders and static HTML index files aren't in the current working direcotry,
// enter the directory path here. Otherwise, keep it false.
define('ROOT_FILE', false, true);
$config['root_file'] = false;
define('POST_URL', ROOT . 'post.php', true);
define('FILE_INDEX', 'index.html', true);
define('FILE_PAGE', '%d.html', true);
$config['file_index'] = 'index.html';
$config['file_page'] = '%d.html';
$config['file_mod'] = 'mod.php';
// Multi-board (%s is board abbreviation)
define('BOARD_PATH', '%s/', true);
$config['board_path'] = '%s/';
// The HTTP status code to use when redirecting.
// Should be 3xx (redirection). http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html
// "302" is recommended.
$config['redirect_http'] = 302;
// TODO: Put this in per-board instance-config instead
// Robot stuff
// Strip repeating characters when making hashes
$config['robot_enable'] = false;
$config['robot_strip_repeating'] = true;
// Enable mutes
// Tinyboard uses ROBOT9000's original 2^x implementation
$config['robot_mute'] = true;
// How many mutes x hours ago to include in the algorithm
$config['robot_mute_hour'] = 50;
// If you want to alter the algorithm a bit. Default value is 2. n^x
$config['robot_mute_multiplier'] = 2;
$config['robot_mute_descritpion'] = 'You have been muted for unoriginal content.';
/*
Mod stuff
*/
// Whether or not to lock moderator sessions to the IP address that was logged in with.
$config['mod']['lock_ip'] = true;
// The page that is first shown when a moderator logs in. Defaults to the dashboard.
$config['mod']['default'] = '/';
// Don't even display MySQL password to administrators (in the configuration page).
$config['mod']['never_reveal_password'] = true;
// Do a DNS lookup on IP addresses to get their hostname on the IP summary page
$config['mod']['dns_lookup'] = true;
// Show ban form on the IP summary page
$config['mod']['ip_banform'] = true;
// How many recent posts, per board, to show in the IP summary page
$config['mod']['ip_recentposts'] = 5;
// Probably best not to change these:
define('JANITOR', 0, true);
define('MOD', 1, true);
define('ADMIN', 2, true);
// Permissions
// What level of administration you need to:
/* Post Controls */
// View IP addresses
$config['mod']['show_ip'] = MOD;
// Delete a post
$config['mod']['delete'] = JANITOR;
// Ban a user for a post
$config['mod']['ban'] = MOD;
// Ban and delete (one click; instant)
$config['mod']['bandelete'] = MOD;
// Delete file (and keep post)
$config['mod']['deletefile'] = JANITOR;
// Delete all posts by IP
$config['mod']['deletebyip'] = MOD;
// Sticky a thread
$config['mod']['sticky'] = MOD;
// Lock a thread
$config['mod']['lock'] = MOD;
// Post in a locked thread
$config['mod']['postinlocked'] = MOD;
// Post bypass unoriginal content check
$config['mod']['postunoriginal'] = MOD;
// Raw HTML posting
$config['mod']['rawhtml'] = MOD;
/* Administration */
// Display the contents of instance-config.php
$config['mod']['show_config'] = ADMIN;
// View list of bans
$config['mod']['view_banlist'] = MOD;
// View the username of the mod who made a ban
$config['mod']['view_banstaff'] = MOD;
// If the moderator doesn't fit the $config['mod']['view_banstaff''] (previous) permission,
// show him just a "?" instead. Otherwise, it will be "Mod" or "Admin"
$config['mod']['view_banquestionmark'] = false;
// Show expired bans in the ban list (they are kept in cache until the culprit returns)
$config['mod']['view_banexpired'] = true;
// Create a new board
$config['mod']['newboard'] = ADMIN;
// Mod links (full HTML)
// Correspond to above permission directives
$config['mod']['link_delete'] = '[D]';
$config['mod']['link_ban'] = '[B]';
$config['mod']['link_bandelete'] = '[B&amp;D]';
$config['mod']['link_deletefile'] = '[F]';
$config['mod']['link_deletebyip'] = '[D+]';
$config['mod']['link_sticky'] = '[Sticky]';
$config['mod']['link_desticky'] = '[-Sticky]';
$config['mod']['link_lock'] = '[Lock]';
$config['mod']['link_unlock'] = '[-Lock]';
// A small file in the main directory indicating that the script has been ran and the board(s) have been generated.
// This keeps the script from querying the database and causing strain when not needed.
define('HAS_INSTALLED', '.installed', true);
$config['has_installed'] = '.installed';
// Name of the boards. Usually '/%s/' (/b/, /mu/, etc)
// $config['board_abbreviation'] - BOARD_TITLE
$config['board_abbreviation'] = '/%s/';
// Name of the boards. Typically '/%s/' (/b/, /mu/, etc)
// BOARD_ABBREVIATION - BOARD_TITLE
define('BOARD_ABBREVIATION', '/%s/', true);
// Automatically convert things like "..." to Unicode characters ("…")
define('AUTO_UNICODE', true, true);
$config['auto_unicode'] = true;
// Use some Wiki-like syntax (''em'', '''strong''', ==Heading==, etc)
define('WIKI_MARKUP', true, true);
$config['wiki_markup'] = true;
// Whether to turn URLs into functional links
define('MARKUP_URLS', true, true);
$config['markup_urls'] = true;
// Complex regular expression to catch URLs
define('URL_REGEX', '/' . '(https?|ftp):\/\/' . '([\w\-]+\.)+[a-zA-Z]{2,6}' . '(\/([\w\-~\.#\/?=&;:+%]+))?' . '/', true);
$config['url_regex'] = '/' . '(https?|ftp):\/\/' . '(([\w\-]+\.)+[a-zA-Z]{2,6}|\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})' . '(\/([\w\-~\.#\/?=&;:+%]+)?)?' . '/';
// Allowed file extensions
$allowed_ext = Array('jpg', 'jpeg', 'bmp', 'gif', 'png', true);
define('BUTTON_NEWTOPIC', 'New Topic', true);
define('BUTTON_REPLY', 'New Reply', true);
define('ALWAYS_NOKO', false, true);
define('URL_MATCH', '/^' .
(@$_SERVER['HTTPS']?'https':'http').':\/\/'.$_SERVER['HTTP_HOST'] .
'(' .
preg_quote(ROOT, '/') .
str_replace('%s', '\w{1,8}', preg_quote(BOARD_PATH, '/')) .
'|' .
preg_quote(ROOT, '/') .
str_replace('%s', '\w{1,8}', preg_quote(BOARD_PATH, '/')) .
preg_quote(FILE_INDEX, '/') .
'|' .
preg_quote(ROOT, '/') .
str_replace('%s', '\w{1,8}', preg_quote(BOARD_PATH, '/')) .
str_replace('%d', '\d+', preg_quote(FILE_PAGE, '/')) .
')$/', true);
if(ROOT_FILE) {
chdir(ROOT_FILE);
$config['allowed_ext'] = Array('jpg', 'jpeg', 'bmp', 'gif', 'png');
// The names on the post buttons. (On most imageboards, these are both "Post".)
$config['button_newtopic'] = 'New Topic';
$config['button_reply'] = 'New Reply';
// The string passed to date() for post times
// http://php.net/manual/en/function.date.php
$config['post_date'] = 'm/d/y (D) H:i:s';
// Always act as if they had typed "noko" in the email field no mattter what
$config['always_noko'] = false;
$config['url_match'] = '/^' .
(preg_match($config['url_regex'], $config['root']) ? '' :
(@$_SERVER['HTTPS']?'https':'http') .
':\/\/'.$_SERVER['HTTP_HOST']) .
preg_quote($config['root'], '/') .
'(' .
str_replace('%s', '\w{1,8}', preg_quote($config['board_path'], '/')) .
'|' .
str_replace('%s', '\w{1,8}', preg_quote($config['board_path'], '/')) .
preg_quote($config['file_index'], '/') .
'|' .
str_replace('%s', '\w{1,8}', preg_quote($config['board_path'], '/')) .
str_replace('%d', '\d+', preg_quote($config['file_page'], '/')) .
'|' .
preg_quote($config['file_mod'], '/') .
'\?\/.+' .
')$/i';
if($config['root_file']) {
chdir($config['root_file']);
}
if(VERBOSE_ERRORS) {
if($config['verbose_errors']) {
error_reporting(E_ALL);
ini_set('display_errors', 1);
}
/*
Multi-board support removes any use for this.
if(!defined('IS_INSTALLATION')) {
if(!file_exists(DIR_IMG)) @mkdir(DIR_IMG, 0777) or error("Couldn't create " . DIR_IMG . ". Install manually.", true);
if(!file_exists(DIR_THUMB)) @mkdir(DIR_THUMB, 0777) or error("Couldn't create " . DIR_IMG . ". Install manually.", true);
if(!file_exists(DIR_RES)) @mkdir(DIR_RES, 0777) or error("Couldn't create " . DIR_IMG . ". Install manually.", true);
}
*/
?>

49
inc/database.php
View File

@ -0,0 +1,49 @@
<?php
function sql_open() {
global $pdo, $config;
if($pdo) return true;
$dsn = $config['db']['type'] . ':host=' . $config['db']['server'] . ';dbname=' . $config['db']['database'];
if(!empty($config['db']['dsn']))
$dsn .= ';' . $config['db']['dsn'];
try {
return $pdo = new PDO($dsn, $config['db']['user'], $config['db']['password']);
} catch(PDOException $e) {
$message = $e->getMessage();
// Remove any sensitive information
$message = str_replace($config['db']['user'], '<em>hidden</em>', $message);
$message = str_replace($config['db']['password'], '<em>hidden</em>', $message);
// Print error
error('Database error: ' . $message);
}
}
function sql_close() {
global $pdo;
$pdo = NULL;
}
function prepare($query) {
global $pdo;
return $pdo->prepare($query);
}
function query($query) {
global $pdo;
return $pdo->query($query);
}
function db_error($PDOStatement=null) {
global $pdo;
if(isset($PDOStatement)) {
$err = $PDOStatement->errorInfo();
return $err[2];
} else {
$err = $pdo->errorInfo();
return $err[2];
}
}
?>

199
inc/display.php
View File

@ -20,27 +20,32 @@
}
function error($message) {
global $board;
global $board, $mod, $config;
if(function_exists('sql_close')) sql_close();
die(Element('page.html', Array(
'index'=>ROOT,
'index'=>$config['root'],
'title'=>'Error',
'subtitle'=>'An error has occured.',
'body'=>"<center>" .
"<h2>$message</h2>" .
(isset($board) ? "<p><a href=\"" . ROOT . $board['dir'] . FILE_INDEX . "\">Go back</a>.</p>" : '').
(isset($board) ?
"<p><a href=\"" . $config['root'] .
($mod ? $config['file_mod'] . '?/' : '') .
$board['dir'] . $config['file_index'] . "\">Go back</a>.</p>" : '').
"</center>"
)));
}
function loginForm($error=false, $username=false) {
global $config;
if(function_exists('sql_close')) sql_close();
die(Element('page.html', Array(
'index'=>ROOT,
'index'=>$config['root'],
'title'=>'Login',
'body'=>Element('login.html', Array(
'index'=>ROOT,
'index'=>$config['root'],
'error'=>$error,
'username'=>$username
)
@ -49,7 +54,10 @@
}
class Post {
public function __construct($id, $thread, $subject, $email, $name, $trip, $body, $time, $thumb, $thumbx, $thumby, $file, $filex, $filey, $filesize, $filename) {
public function __construct($id, $thread, $subject, $email, $name, $trip, $body, $time, $thumb, $thumbx, $thumby, $file, $filex, $filey, $filesize, $filename, $ip, $root=null, $mod=false) {
global $config;
if(!isset($root)) $root = $config['root'];
$this->id = $id;
$this->thread = $thread;
$this->subject = utf8tohtml($subject);
@ -66,12 +74,59 @@
$this->filey = $filey;
$this->filesize = $filesize;
$this->filename = $filename;
$this->ip = $ip;
$this->root = $root;
$this->mod = $mod;
if($this->mod)
// Fix internal links
// Very complicated regex
$this->body = preg_replace(
'/<a(([a-zA-Z]+="[^"]+")|[a-zA-Z]+=[a-zA-Z]+|\s)*href="' . preg_quote($config['root'], '/') . '(' . sprintf(preg_quote($config['board_path'], '/'), '\w+') . ')/',
'<a href="?/$3',
$this->body
);
}
public function postControls() {
global $board, $config;
$built = '';
if($this->mod) {
// Mod controls (on posts)
$built .= '<span class="controls">';
// Delete
if($this->mod['type'] >= $config['mod']['delete'])
$built .= ' <a title="Delete" href="?/' . $board['uri'] . '/delete/' . $this->id . '">' . $config['mod']['link_delete'] . '</a>';
// Delete all posts by IP
if($this->mod['type'] >= $config['mod']['deletebyip'])
$built .= ' <a title="Delete all posts by IP" href="?/' . $board['uri'] . '/deletebyip/' . $this->id . '">' . $config['mod']['link_deletebyip'] . '</a>';
// Ban
if($this->mod['type'] >= $config['mod']['ban'])
$built .= ' <a title="Ban" href="?/' . $board['uri'] . '/ban/' . $this->id . '">' . $config['mod']['link_ban'] . '</a>';
// Ban & Delete
if($this->mod['type'] >= $config['mod']['bandelete'])
$built .= ' <a title="Ban & Delete" href="?/' . $board['uri'] . '/ban&amp;delete/' . $this->id . '">' . $config['mod']['link_bandelete'] . '</a>';
// Delete file (keep post)
if(!empty($this->file) && $this->mod['type'] >= $config['mod']['deletefile'])
$built .= ' <a title="Remove file" href="?/' . $board['uri'] . '/deletefile/' . $this->id . '">' . $config['mod']['link_deletefile'] . '</a>';
$built .= '</span>';
}
return $built;
}
public function build($index=false) {
global $board;
global $board, $config;
$built = '<div class="post reply"' . (!$index?' id="reply_' . $this->id . '"':'') . '>' .
'<p class="intro"' . (!$index?' id="' . $this->id . '"':'') . '>';
'<p class="intro"' . (!$index?' id="' . $this->id . '"':'') . '>' .
// Delete
'<input type="checkbox" class="delete" name="delete_' . $this->id . '" id="delete_' . $this->id . '" /><label for="delete_' . $this->id . '">';
// Subject
if(!empty($this->subject))
@ -84,39 +139,52 @@
// Trip
. (!empty($this->trip) ? ' <span class="trip">'.$this->trip.'</span>':'');
// IP Address
if($this->mod && $this->mod['type'] >= $config['mod']['show_ip']) {
$built .= ' [<a style="margin:0;" href="?/IP/' . $this->ip . '">' . $this->ip . '</a>]';
}
// End email
if(!empty($this->email))
$built .= '</a>';
// Date/time
$built .= ' ' . date('m/d/y (D) H:i:s', $this->time);
$built .= ' ' . date($config['post_date'], $this->time);
// End delete
$built .= '</label>';
$built .= ' <a class="post_no"' .
// JavaScript highlight
($index?'':' onclick="highlightReply(' . $this->id . ');"') .
' href="' . ROOT . $board['dir'] . DIR_RES . $this->thread . '.html' . '#' . $this->id . '">No.</a>' .
' href="' . $this->root . $board['dir'] . $config['dir']['res'] . $this->thread . '.html' . '#' . $this->id . '">No.</a>' .
// JavaScript cite
'<a class="post_no"' . ($index?'':'onclick="citeReply(' . $this->id . ');"') . 'href="' . ($index?ROOT . $board['dir'] . DIR_RES . $this->thread . '.html' . '#q' . $this->id:'javascript:void(0);') . '">'.$this->id.'</a>' .
'<a class="post_no"' . ($index?'':' onclick="citeReply(' . $this->id . ');"') . ' href="' . ($index?$this->root . $board['dir'] . $config['dir']['res'] . $this->thread . '.html' . '#q' . $this->id:'javascript:void(0);') . '">'.$this->id.'</a>' .
'</p>';
// File info
if(!empty($this->file)) {
$built .= '<p class="fileinfo">File: <a href="' . ROOT . $board['dir'] . DIR_IMG . $this->file .'">' . $this->file . '</a> <span class="unimportant">(' .
if(!empty($this->file) && $this->file != 'deleted') {
$built .= '<p class="fileinfo">File: <a href="' . $config['root'] . $board['dir'] . $config['dir']['img'] . $this->file .'">' . $this->file . '</a> <span class="unimportant">(' .
// Filesize
format_bytes($this->filesize) . ', ' .
// File dimensions
$this->filex . 'x' . $this->filey;
// Aspect Ratio
if(SHOW_RATIO) {
if($config['show_ratio']) {
$fraction = fraction($this->filex, $this->filey, ':');
$built .= ', ' . $fraction;
}
// Filename
$built .= ', ' . $this->filename . ')</span></p>' .
$built .= ', ' . $this->filename . ')</span></p>' .
// Thumbnail
'<a href="' . ROOT . $board['dir'] . DIR_IMG . $this->file.'"><img src="' . ROOT . $board['dir'] . DIR_THUMB . $this->thumb.'" style="width:'.$this->thumbx.'px;height:'.$this->thumby.'px;" /></a>';
'<a href="' . $config['root'] . $board['dir'] . $config['dir']['img'] . $this->file.'"><img src="' . $config['root'] . $board['dir'] . $config['dir']['thumb'] . $this->thumb.'" style="width:'.$this->thumbx.'px;height:'.$this->thumby.'px;" /></a>';
} elseif($this->file == 'deleted') {
$built .= '<img src="' . $config['image_deleted'] . '" />';
}
$built .= $this->postControls();
// Body
$built .= '<p class="body">' . $this->body . '</p></div><br class="clear"/>';
@ -126,7 +194,10 @@
class Thread {
public $omitted = 0;
public function __construct($id, $subject, $email, $name, $trip, $body, $time, $thumb, $thumbx, $thumby, $file, $filex, $filey, $filesize, $filename) {
public function __construct($id, $subject, $email, $name, $trip, $body, $time, $thumb, $thumbx, $thumby, $file, $filex, $filey, $filesize, $filename, $ip, $sticky, $locked, $root=null, $mod=false) {
global $config;
if(!isset($root)) $root = $config['root'];
$this->id = $id;
$this->subject = utf8tohtml($subject);
$this->email = $email;
@ -144,32 +215,91 @@
$this->filename = $filename;
$this->omitted = 0;
$this->posts = Array();
$this->ip = $ip;
$this->sticky = $sticky;
$this->locked = $locked;
$this->root = $root;
$this->mod = $mod;
if($this->mod)
// Fix internal links
// Very complicated regex
$this->body = preg_replace(
'/<a(([a-zA-Z]+="[^"]+")|[a-zA-Z]+=[a-zA-Z]+|\s)*href="' . preg_quote($config['root'], '/') . '(' . sprintf(preg_quote($config['board_path'], '/'), '\w+') . ')/',
'<a href="?/$3',
$this->body
);
}
public function add(Post $post) {
$this->posts[] = $post;
}
public function postControls() {
global $board, $config;
$built = '';
if($this->mod) {
// Mod controls (on posts)
$built .= '<span class="controls op">';
// Delete
if($this->mod['type'] >= $config['mod']['delete'])
$built .= ' <a title="Delete" href="?/' . $board['uri'] . '/delete/' . $this->id . '">' . $config['mod']['link_delete'] . '</a>';
// Delete all posts by IP
if($this->mod['type'] >= $config['mod']['deletebyip'])
$built .= ' <a title="Delete all posts by IP" href="?/' . $board['uri'] . '/deletebyip/' . $this->id . '">' . $config['mod']['link_deletebyip'] . '</a>';
// Ban
if($this->mod['type'] >= $config['mod']['ban'])
$built .= ' <a title="Ban" href="?/' . $board['uri'] . '/ban/' . $this->id . '">' . $config['mod']['link_ban'] . '</a>';
// Ban & Delete
if($this->mod['type'] >= $config['mod']['bandelete'])
$built .= ' <a title="Ban & Delete" href="?/' . $board['uri'] . '/ban&amp;delete/' . $this->id . '">' . $config['mod']['link_bandelete'] . '</a>';
// Stickies
if($this->mod['type'] >= $config['mod']['sticky'])
if($this->sticky)
$built .= ' <a title="Make thread not sticky" href="?/' . $board['uri'] . '/unsticky/' . $this->id . '">' . $config['mod']['link_desticky'] . '</a>';
else
$built .= ' <a title="Make thread sticky" href="?/' . $board['uri'] . '/sticky/' . $this->id . '">' . $config['mod']['link_sticky'] . '</a>';
// Lock
if($this->mod['type'] >= $config['mod']['lock'])
if($this->locked)
$built .= ' <a title="Lock thread" href="?/' . $board['uri'] . '/unlock/' . $this->id . '">' . $config['mod']['link_unlock'] . '</a>';
else
$built .= ' <a title="Unlock thread" href="?/' . $board['uri'] . '/lock/' . $this->id . '">' . $config['mod']['link_lock'] . '</a>';
$built .= '</span>';
}
return $built;
}
public function build($index=false) {
global $board;
global $board, $config;
$built = '<p class="fileinfo">File: <a href="' . ROOT . $board['dir'] . DIR_IMG . $this->file .'">' . $this->file . '</a> <span class="unimportant">(' .
$built = '<p class="fileinfo">File: <a href="' . $config['root'] . $board['dir'] . $config['dir']['img'] . $this->file .'">' . $this->file . '</a> <span class="unimportant">(' .
// Filesize
format_bytes($this->filesize) . ', ' .
// File dimensions
$this->filex . 'x' . $this->filey;
// Aspect Ratio
if(SHOW_RATIO) {
if($config['show_ratio']) {
$fraction = fraction($this->filex, $this->filey, ':');
$built .= ', ' . $fraction;
}
// Filename
$built .= ', ' . $this->filename . ')</span></p>' .
// Thumbnail
'<a href="' . ROOT . $board['dir'] . DIR_IMG . $this->file.'"><img src="' . ROOT . $board['dir'] . DIR_THUMB . $this->thumb.'" style="width:'.$this->thumbx.'px;height:'.$this->thumby.'px;" /></a>';
'<a href="' . $config['root'] . $board['dir'] . $config['dir']['img'] . $this->file.'"><img src="' . $config['root'] . $board['dir'] . $config['dir']['thumb'] . $this->thumb.'" style="width:'.$this->thumbx.'px;height:'.$this->thumby.'px;" /></a>';
$built .= '<div class="post op"><p class="intro"' . (!$index?' id="' . $this->id . '"':'') . '>';
// Delete
$built .= '<input type="checkbox" class="delete" name="delete_' . $this->id . '" id="delete_' . $this->id . '" /><label for="delete_' . $this->id . '">';
// Subject
if(!empty($this->subject))
$built .= '<span class="subject">' . $this->subject . '</span> ';
@ -181,23 +311,38 @@
// Trip
. (!empty($this->trip) ? ' <span class="trip">'.$this->trip.'</span>':'');
// IP Address
if($this->mod && $this->mod['type'] >= $config['mod']['show_ip']) {
$built .= ' [<a style="margin:0;" href="?/IP/' . $this->ip . '">' . $this->ip . '</a>]';
}
// End email
if(!empty($this->email))
$built .= '</a>';
// Date/time
$built .= ' ' . date('m/d/y (D) H:i:s', $this->time);
$built .= ' ' . date($config['post_date'], $this->time);
// End delete
$built .= '</label>';
$built .= ' <a class="post_no"' .
// JavaScript highlight
($index?'':' onclick="highlightReply(' . $this->id . ');"') .
' href="' . ROOT . $board['dir'] . DIR_RES . $this->id . '.html' . '#' . $this->id . '">No.</a>' .
' href="' . $this->root . $board['dir'] . $config['dir']['res'] . $this->id . '.html' . '#' . $this->id . '">No.</a>' .
// JavaScript cite
'<a class="post_no"' . ($index?'':'onclick="citeReply(' . $this->id . ');"') . 'href="' . ($index?ROOT . $board['dir'] . DIR_RES . $this->id . '.html' . '#q' . $this->id:'javascript:void(0);') . '">'.$this->id.'</a>' .
'<a class="post_no"' . ($index?'':' onclick="citeReply(' . $this->id . ');"') . ' href="' . ($index?$this->root . $board['dir'] . $config['dir']['res'] . $this->id . '.html' . '#q' . $this->id:'javascript:void(0);') . '">'.$this->id.'</a>' .
// Sticky
($this->sticky ? '<img class="icon" title="Sticky" src="' . $config['image_sticky'] . '" />' : '') .
// Locked
($this->locked ? '<img class="icon" title="Locked" src="' . $config['image_locked'] . '" />' : '') .
// [Reply]
($index ? '<a href="' . ROOT . $board['dir'] . DIR_RES . $this->id . '.html">[Reply]</a>' : '') .
($index ? '<a href="' . $this->root . $board['dir'] . $config['dir']['res'] . $this->id . '.html">[Reply]</a>' : '') .
// Mod controls
$this->postControls() .
'</p>';
// Body
$built .= $this->body .

760
inc/functions.php
View File

@ -7,26 +7,9 @@
return str_replace(array_keys($replaces),
array_values($replaces), $str);
}
function sql_open() {
global $sql;
$sql = @mysql_connect(MY_SERVER, MY_USER, MY_PASSWORD) or error('Database error.');
@mysql_select_db(MY_DATABASE, $sql) or error('Database error.');
}
function sql_close() {
global $sql;
@mysql_close($sql);
}
function mysql_safe_array(&$array) {
foreach($array as &$item) {
$item = mysql_real_escape_string($item);
}
}
function setupBoard($array) {
global $board;
global $board, $config;
$board = Array(
'id' => $array['id'],
@ -34,166 +17,514 @@
'name' => $array['title'],
'title' => $array['subtitle']);
$board['dir'] = sprintf(BOARD_PATH, $board['uri']);
$board['url'] = sprintf(BOARD_ABBREVIATION, $board['uri']);
$board['dir'] = sprintf($config['board_path'], $board['uri']);
$board['url'] = sprintf($config['board_abbreviation'], $board['uri']);
if(!file_exists($board['dir'])) mkdir($board['dir'], 0777);
if(!file_exists($board['dir'] . DIR_IMG)) @mkdir($board['dir'] . DIR_IMG, 0777) or error("Couldn't create " . DIR_IMG . ". Check permissions.", true);
if(!file_exists($board['dir'] . DIR_THUMB)) @mkdir($board['dir'] . DIR_THUMB, 0777) or error("Couldn't create " . DIR_THUMB . ". Check permissions.", true);
if(!file_exists($board['dir'] . DIR_RES)) @mkdir($board['dir'] . DIR_RES, 0777) or error("Couldn't create " . DIR_RES . ". Check permissions.", true);
if(!file_exists($board['dir'] . $config['dir']['img'])) @mkdir($board['dir'] . $config['dir']['img'], 0777) or error("Couldn't create " . $config['dir']['img'] . ". Check permissions.", true);
if(!file_exists($board['dir'] . $config['dir']['thumb'])) @mkdir($board['dir'] . $config['dir']['thumb'], 0777) or error("Couldn't create " . $config['dir']['thumb'] . ". Check permissions.", true);
if(!file_exists($board['dir'] . $config['dir']['res'])) @mkdir($board['dir'] . $config['dir']['res'], 0777) or error("Couldn't create " . $config['dir']['res'] . ". Check permissions.", true);
}
function openBoard($uri) {
global $sql;
$boards_res = mysql_query(sprintf(
"SELECT * FROM `boards` WHERE `uri` = '%s' LIMIT 1",
mysql_real_escape_string($uri)
), $sql) or error(mysql_error($sql));
if($_board = mysql_fetch_array($boards_res)) {
setupBoard($_board);
sql_open();
$query = prepare("SELECT * FROM `boards` WHERE `uri` = :uri LIMIT 1");
$query->bindValue(':uri', $uri);
$query->execute() or error(db_error($query));
if($board = $query->fetch()) {
setupBoard($board);
return true;
} else return false;
}
function listBoards() {
$query = query("SELECT * FROM `boards` ORDER BY `uri`") or error(db_error());
$boards = $query->fetchAll();
return $boards;
}
function checkFlood($post) {
global $board, $config;
$query = prepare(sprintf("SELECT * FROM `posts_%s` WHERE (`ip` = :ip AND `time` >= :floodtime) OR (`ip` = :ip AND `body` = :body AND `time` >= :floodsameiptime) OR (`body` = :body AND `time` >= :floodsametime) LIMIT 1", $board['uri']));
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
$query->bindValue(':body', $post['body'], PDO::PARAM_INT);
$query->bindValue(':floodtime', time()-$config['flood_time'], PDO::PARAM_INT);
$query->bindValue(':floodsameiptime', time()-$config['flood_time_ip'], PDO::PARAM_INT);
$query->bindValue(':floodsametime', time()-$config['flood_time_same'], PDO::PARAM_INT);
$query->execute() or error(db_error($query));
return (bool)$query->fetch();
}
function until($timestamp) {
$difference = $timestamp - time();
if($difference < 60) {
return $difference . ' second' . ($difference != 1 ? 's' : '');
} elseif($difference < 60*60) {
return ($num = round($difference/(60))) . ' minute' . ($num != 1 ? 's' : '');
} elseif($difference < 60*60*24) {
return ($num = round($difference/(60*60))) . ' hour' . ($num != 1 ? 's' : '');
} elseif($difference < 60*60*24*7) {
return ($num = round($difference/(60*60*24))) . ' day' . ($num != 1 ? 's' : '');
} elseif($difference < 60*60*24*365) {
return ($num = round($difference/(60*60*24*7))) . ' week' . ($num != 1 ? 's' : '');
} else {
return ($num = round($difference/(60*60*24*365))) . ' year' . ($num != 1 ? 's' : '');
}
}
function formatDate($timestamp) {
return date('jS F, Y', $timestamp);
}
function checkBan() {
global $config;
if(!isset($_SERVER['REMOTE_ADDR'])) {
// Server misconfiguration
return;
}
$query = prepare("SELECT * FROM `bans` WHERE `ip` = :ip LIMIT 1");
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
$query->execute() or error(db_error($query));
if($ban = $query->fetch()) {
if($ban['expires'] && $ban['expires'] < time()) {
// Ban expired
$query = prepare("DELETE FROM `bans` WHERE `ip` = :ip AND `expires` = :expires LIMIT 1");
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
$query->bindValue(':expires', $ban['expires'], PDO::PARAM_INT);
$query->execute() or error(db_error($query));
return;
}
$body = '<div class="ban">
<h2>You are banned! ;_;</h2>
<p>You have been banned ' .
($ban['reason'] ? 'for the following reason:' : 'for an unspecified reason.') .
'</p>' .
($ban['reason'] ?
'<p class="reason">' .
$ban['reason'] .
'</p>'
: '') .
'<p>Your ban was filed on <strong>' .
formatDate($ban['set']) .
'</strong>, and <span id="expires">' .
($ban['expires'] ?
'expires <span id="countdown">' . until($ban['expires']) . '</span> from now, which is on <strong>' .
formatDate($ban['expires']) .
'</strong>
<script>
// return date("jS F, Y", $timestamp);
var secondsLeft = ' . ($ban['expires'] - time()) . '
var end = new Date().getTime() + secondsLeft*1000;
function updateExpiresTime() {
countdown.firstChild.nodeValue = until(end);
}
function until(end) {
var now = new Date().getTime();
var diff = Math.round((end - now) / 1000); // in seconds
if (diff < 0) {
document.getElementById("expires").innerHTML = "has since expired. Refresh the page to continue.";
//location.reload(true);
clearInterval(int);
return "";
} else if (diff < 60) {
return diff + " second" + (diff == 1 ? "" : "s");
} else if (diff < 60*60) {
return (num = Math.round(diff/(60))) + " minute" + (num == 1 ? "" : "s");
} else if (diff < 60*60*24) {
return (num = Math.round(diff/(60*60))) + " hour" + (num == 1 ? "" : "s");
} else if (diff < 60*60*24*7) {
return (num = Math.round(diff/(60*60*24))) + " day" + (num == 1 ? "" : "s");
} else if (diff < 60*60*24*365) {
return (num = Math.round(diff/(60*60*24*7))) + " week" + (num == 1 ? "" : "s");
} else {
return (num = Math.round(diff/(60*60*365))) + " year" + (num == 1 ? "" : "s");
}
}
var countdown = document.getElementById("countdown");
updateExpiresTime();
var int = setInterval(updateExpiresTime, 1000);
</script>'
: '<em>will not expire</em>.' ) .
'</span></p>
<p>Your IP address is <strong>' . $_SERVER['REMOTE_ADDR'] . '</strong>.</p>
</div>';
// Show banned page and exit
die(Element('page.html', Array(
'index' => $config['root'],
'title' => 'Banned',
'subtitle' => 'You are banned!',
'body' => $body
)
));
}
}
function threadLocked($id) {
global $board;
$query = prepare(sprintf("SELECT `locked` FROM `posts_%s` WHERE `id` = :id AND `thread` IS NULL LIMIT 1", $board['uri']));
$query->bindValue(':id', $id, PDO::PARAM_INT);
$query->execute() or error(db_error());
if(!$post = $query->fetch()) {
// Non-existant, so it can't be locked...
return false;
}
return (bool) $post['locked'];
}
function threadExists($id) {
global $sql;
$thread_res = mysql_query(sprintf(
"SELECT 1 FROM `posts` WHERE `id` = '%d' AND `thread` IS NULL LIMIT 1",
$id
), $sql) or error(mysql_error($sql));
global $board;
if(mysql_num_rows($thread_res) > 0) {
$query = prepare(sprintf("SELECT 1 FROM `posts_%s` WHERE `id` = :id AND `thread` IS NULL LIMIT 1", $board['uri']));
$query->bindValue(':id', $id, PDO::PARAM_INT);
$query->execute() or error(db_error());
if($query->rowCount()) {
return true;
} else return false;
}
function post($post, $OP) {
global $sql, $board;
global $pdo, $board;
$query = prepare(sprintf("INSERT INTO `posts_%s` VALUES ( NULL, :thread, :subject, :email, :name, :trip, :body, :time, :time, :thumb, :thumbwidth, :thumbheight, :file, :width, :height, :filesize, :filename, :filehash, :password, :ip, :sticky, :locked)", $board['uri']));
// Basic stuff
$query->bindValue(':subject', $post['subject']);
$query->bindValue(':email', $post['email']);
$query->bindValue(':name', $post['name']);
$query->bindValue(':trip', $post['trip']);
$query->bindValue(':body', $post['body']);
$query->bindValue(':time', time(), PDO::PARAM_INT);
$query->bindValue(':password', $post['password']);
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
if($post['mod'] && $post['sticky']) {
$query->bindValue(':sticky', 1, PDO::PARAM_INT);
} else {
$query->bindValue(':sticky', 0, PDO::PARAM_INT);
}
if($post['mod'] && $post['locked']) {
$query->bindValue(':locked', 1, PDO::PARAM_INT);
} else {
$query->bindValue(':locked', 0, PDO::PARAM_INT);
}
if($OP) {
mysql_query(
sprintf("INSERT INTO `posts` VALUES ( NULL, '%d', NULL, '%s', '%s', '%s', '%s', '%s', '%d', '%d', '%s', '%d', '%d', '%s', '%d', '%d', '%d', '%s', '%s', '%s', '%s' )",
$board['id'],
$post['subject'],
$post['email'],
$post['name'],
$post['trip'],
$post['body'],
time(),
time(),
$post['thumb'],
$post['thumbwidth'],
$post['thumbheight'],
$post['file'],
$post['width'],
$post['height'],
$post['filesize'],
$post['filename'],
$post['filehash'],
$post['password'],
mysql_real_escape_string($_SERVER['REMOTE_ADDR'])
), $sql) or error(mysql_error($sql));
return mysql_insert_id($sql);
// No parent thread, image
$query->bindValue(':thread', null, PDO::PARAM_NULL);
} else {
$query->bindValue(':thread', $post['thread'], PDO::PARAM_INT);
}
if($post['has_file']) {
$query->bindValue(':thumb', $post['thumb']);
$query->bindValue(':thumbwidth', $post['thumbwidth'], PDO::PARAM_INT);
$query->bindValue(':thumbheight', $post['thumbheight'], PDO::PARAM_INT);
$query->bindValue(':file', $post['file']);
$query->bindValue(':width', $post['width'], PDO::PARAM_INT);
$query->bindValue(':height', $post['height'], PDO::PARAM_INT);
$query->bindValue(':filesize', $post['filesize'], PDO::PARAM_INT);
$query->bindValue(':filename', $post['filename']);
$query->bindValue(':filehash', $post['filehash']);
} else {
mysql_query(
sprintf("INSERT INTO `posts` VALUES ( NULL, '%d', '%d', '%s', '%s', '%s', '%s', '%s', '%d', '%d', '%s', '%d', '%d', '%s', '%d', '%d', '%d', '%s', '%s', '%s', '%s' )",
$board['id'],
$post['thread'],
$post['subject'],
$post['email'],
$post['name'],
$post['trip'],
$post['body'],
time(),
time(),
$post['has_file']?$post['thumb']:null,
$post['has_file']?$post['thumbwidth']:null,
$post['has_file']?$post['thumbheight']:null,
$post['has_file']?$post['file']:null,
$post['has_file']?$post['width']:null,
$post['has_file']?$post['height']:null,
$post['has_file']?$post['filesize']:null,
$post['has_file']?$post['filename']:null,
$post['has_file']?$post['filehash']:null,
$post['password'],
mysql_real_escape_string($_SERVER['REMOTE_ADDR'])
), $sql) or error(mysql_error($sql));
return mysql_insert_id($sql);
}
}
function index($page) {
global $sql, $board;
$query->bindValue(':thumb', null, PDO::PARAM_NULL);
$query->bindValue(':thumbwidth', null, PDO::PARAM_NULL);
$query->bindValue(':thumbheight', null, PDO::PARAM_NULL);
$query->bindValue(':file', null, PDO::PARAM_NULL);
$query->bindValue(':width', null, PDO::PARAM_NULL);
$query->bindValue(':height', null, PDO::PARAM_NULL);
$query->bindValue(':filesize', null, PDO::PARAM_NULL);
$query->bindValue(':filename', null, PDO::PARAM_NULL);
$query->bindValue(':filehash', null, PDO::PARAM_NULL);
}
$query->execute() or error(db_error($query));
return $pdo->lastInsertId();
}
function bumpThread($id) {
global $board;
$query = prepare(sprintf("UPDATE `posts_%s` SET `bump` = :time WHERE `id` = :id AND `thread` IS NULL", $board['uri']));
$query->bindValue(':time', time(), PDO::PARAM_INT);
$query->bindValue(':id', $id, PDO::PARAM_INT);
$query->execute() or error(db_error($query));
}
// Remove file from post
function deleteFile($id, $remove_entirely_if_already=true) {
global $board, $config;
$query = prepare(sprintf("SELECT `thread`,`thumb`,`file` FROM `posts_%s` WHERE `id` = :id AND `thread` IS NOT NULL LIMIT 1", $board['uri']));
$query->bindValue(':id', $id, PDO::PARAM_INT);
$query->execute() or error(db_error($query));
if($query->rowCount() < 1) {
error($config['error']['invalidpost']);
}
$post = $query->fetch();
$query = prepare(sprintf("UPDATE `posts_%s` SET `thumb` = NULL, `thumbwidth` = NULL, `thumbheight` = NULL, `filewidth` = NULL, `fileheight` = NULL, `filesize` = NULL, `filename` = NULL, `filehash` = NULL, `file` = :file WHERE `id` = :id OR `thread` = :id", $board['uri']));
if($post['file'] == 'deleted' && $remove_entirely_if_already) {
// Already deleted; remove file fully
$query->bindValue(':file', null, PDO::PARAM_NULL);
} else {
// Delete thumbnail
@unlink($board['dir'] . $config['dir']['thumb'] . $post['thumb']);
// Delete file
@unlink($board['dir'] . $config['dir']['img'] . $post['file']);
// Set file to 'deleted'
$query->bindValue(':file', 'deleted', PDO::PARAM_INT);
}
// Update database
$query->bindValue(':id', $id, PDO::PARAM_INT);
$query->execute() or error(db_error($query));
buildThread($post['thread']);
}
// Delete a post (reply or thread)
function deletePost($id, $error_if_doesnt_exist=true) {
global $board, $config;
// Select post and replies (if thread) in one query
$query = prepare(sprintf("SELECT `id`,`thread`,`thumb`,`file` FROM `posts_%s` WHERE `id` = :id OR `thread` = :id", $board['uri']));
$query->bindValue(':id', $id, PDO::PARAM_INT);
$query->execute() or error(db_error($query));
if($query->rowCount() < 1) {
if($error_if_doesnt_exist)
error($config['error']['invalidpost']);
else return false;
}
// Delete posts and maybe replies
while($post = $query->fetch()) {
if(!$post['thread']) {
// Delete thread HTML page
@unlink($board['dir'] . $config['dir']['res'] . sprintf($config['file_page'], $post['id']));
} elseif($query->rowCount() == 1) {
// Rebuild thread
$rebuild = $post['thread'];
}
if($post['thumb']) {
// Delete thumbnail
@unlink($board['dir'] . $config['dir']['thumb'] . $post['thumb']);
}
if($post['file']) {
// Delete file
@unlink($board['dir'] . $config['dir']['img'] . $post['file']);
}
}
$query = prepare(sprintf("DELETE FROM `posts_%s` WHERE `id` = :id OR `thread` = :id", $board['uri']));
$query->bindValue(':id', $id, PDO::PARAM_INT);
$query->execute() or error(db_error($query));
if(isset($rebuild)) {
buildThread($rebuild);
}
return true;
}
function clean() {
global $board, $config;
$offset = round($config['max_pages']*$config['threads_per_page']);
// I too wish there was an easier way of doing this...
$query = prepare(sprintf("SELECT `id` FROM `posts_%s` WHERE `thread` IS NULL ORDER BY `sticky` DESC, `bump` DESC LIMIT :offset, 9001", $board['uri']));
$query->bindValue(':offset', $offset, PDO::PARAM_INT);
$query->execute() or error(db_error($query));
while($post = $query->fetch()) {
deletePost($post['id']);
}
}
function index($page, $mod=false) {
global $board, $config;
$body = '';
$offset = round($page*THREADS_PER_PAGE-THREADS_PER_PAGE);
$offset = round($page*$config['threads_per_page']-$config['threads_per_page']);
sql_open();
$query = mysql_query(sprintf(
"SELECT * FROM `posts` WHERE `thread` IS NULL AND `board` = '%d' ORDER BY `bump` DESC LIMIT %d,%d",
$board['id'],
$offset,
THREADS_PER_PAGE
), $sql) or error(mysql_error($sql));
if(mysql_num_rows($query) < 1 && $page > 1) return false;
while($th = mysql_fetch_array($query)) {
$thread = new Thread($th['id'], $th['subject'], $th['email'], $th['name'], $th['trip'], $th['body'], $th['time'], $th['thumb'], $th['thumbwidth'], $th['thumbheight'], $th['file'], $th['filewidth'], $th['fileheight'], $th['filesize'], $th['filename']);
$newposts = mysql_query(sprintf(
"SELECT `id`, `subject`, `email`, `name`, `trip`, `body`, `time`, `thumb`, `thumbwidth`, `thumbheight`, `file`, `filewidth`, `fileheight`, `filesize`, `filename` FROM `posts` WHERE `board` = '%d' AND `thread` = '%s' ORDER BY `time` DESC LIMIT %d",
$board['id'],
$th['id'],
THREADS_PREVIEW
), $sql) or error(mysql_error($sql));
if(mysql_num_rows($newposts) == THREADS_PREVIEW) {
$count_query = mysql_query(sprintf(
"SELECT COUNT(`id`) as `num` FROM `posts` WHERE `board` = '%d' AND `thread` = '%s'",
$board['id'],
$th['id']
), $sql) or error(mysql_error($sql));
$count = mysql_fetch_array($count_query);
$omitted = $count['num'] - THREADS_PREVIEW;
$query = prepare(sprintf("SELECT * FROM `posts_%s` WHERE `thread` IS NULL ORDER BY `sticky` DESC, `bump` DESC LIMIT ?,?", $board['uri']));
$query->bindValue(1, $offset, PDO::PARAM_INT);
$query->bindValue(2, $config['threads_per_page'], PDO::PARAM_INT);
$query->execute() or error(db_error($query));
if($query->rowcount() < 1 && $page > 1) return false;
while($th = $query->fetch()) {
$thread = new Thread($th['id'], $th['subject'], $th['email'], $th['name'], $th['trip'], $th['body'], $th['time'], $th['thumb'], $th['thumbwidth'], $th['thumbheight'], $th['file'], $th['filewidth'], $th['fileheight'], $th['filesize'], $th['filename'], $th['ip'], $th['sticky'], $th['locked'], $mod ? '?/' : $config['root'], $mod);
$posts = prepare(sprintf("SELECT `id`, `subject`, `email`, `name`, `trip`, `body`, `time`, `thumb`, `thumbwidth`, `thumbheight`, `file`, `filewidth`, `fileheight`, `filesize`, `filename`,`ip` FROM `posts_%s` WHERE `thread` = ? ORDER BY `id` DESC LIMIT ?", $board['uri']));
$posts->bindValue(1, $th['id']);
$posts->bindValue(2, $config['threads_preview'], PDO::PARAM_INT);
$posts->execute() or error(db_error($posts));
if($posts->rowCount() == $config['threads_preview']) {
$count = prepare(sprintf("SELECT COUNT(`id`) as `num` FROM `posts_%s` WHERE `thread` = ?", $board['uri']));
$count->bindValue(1, $th['id']);
$count->execute() or error(db_error($count));
$count = $count->fetch();
$omitted = $count['num'] - $config['threads_preview'];
$thread->omitted = $omitted;
mysql_free_result($count_query);
unset($count);
unset($omitted);
}
while($po = mysql_fetch_array($newposts)) {
$thread->add(new Post($po['id'], $th['id'], $po['subject'], $po['email'], $po['name'], $po['trip'], $po['body'], $po['time'], $po['thumb'], $po['thumbwidth'], $po['thumbheight'], $po['file'], $po['filewidth'], $po['fileheight'], $po['filesize'], $po['filename']));
while($po = $posts->fetch()) {
$thread->add(new Post($po['id'], $th['id'], $po['subject'], $po['email'], $po['name'], $po['trip'], $po['body'], $po['time'], $po['thumb'], $po['thumbwidth'], $po['thumbheight'], $po['file'], $po['filewidth'], $po['fileheight'], $po['filesize'], $po['filename'], $po['ip'], $mod ? '?/' : $config['root'], $mod));
}
mysql_free_result($newposts);
$thread->posts = array_reverse($thread->posts);
$body .= $thread->build(true);
}
mysql_free_result($query);
return Array('button'=>BUTTON_NEWTOPIC, 'board'=>$board, 'body'=>$body, 'post_url' => POST_URL, 'index' => ROOT);
return Array('button'=>$config['button_newtopic'], 'board'=>$board, 'body'=>$body, 'post_url' => $config['post_url'], 'index' => $config['root']);
}
function getPages($mod=false) {
global $board, $config;
// Count threads
$query = query(sprintf("SELECT COUNT(`id`) as `num` FROM `posts_%s` WHERE `thread` IS NULL", $board['uri'])) or error(db_error());
$count = current($query->fetch());
$count = floor(($config['threads_per_page'] + $count - 1) / $config['threads_per_page']);
$pages = Array();
for($x=0;$x<$count && $x<$config['max_pages'];$x++) {
$pages[] = Array('num' => $x+1, 'link' => $x==0 ? ($mod ? '?/' : $config['root']) . $board['dir'] . $config['file_index'] : ($mod ? '?/' : $config['root']) . $board['dir'] . sprintf($config['file_page'], $x+1));
}
return $pages;
}
function makerobot($body) {
global $config;
$body = strtolower($body);
// Leave only letters
$body = preg_replace('/[^a-z]/i', '', $body);
// Remove repeating characters
if($config['robot_strip_repeating'])
$body = preg_replace('/(.)\\1+/', '$1', $body);
return sha1($body);
}
function checkRobot($body) {
/* CREATE TABLE `robot` (
`hash` VARCHAR( 40 ) NOT NULL COMMENT 'SHA1'
) ENGINE = INNODB; */
/* CREATE TABLE `mutes` (
`ip` VARCHAR( 15 ) NOT NULL ,
`time` INT NOT NULL
) ENGINE = MYISAM ; */
$body = makerobot($body);
$query = prepare("SELECT 1 FROM `robot` WHERE `hash` = :hash LIMIT 1");
$query->bindValue(':hash', $body);
$query->execute() or error(db_error($query));
if($query->fetch()) {
return true;
} else {
// Insert new hash
$query = prepare("INSERT INTO `robot` VALUES (:hash)");
$query->bindValue(':hash', $body);
$query->execute() or error(db_error($query));
return false;
}
}
function numPosts($id) {
global $board;
$query = prepare(sprintf("SELECT COUNT(*) as `count` FROM `posts_%s` WHERE `thread` = :thread", $board['uri']));
$query->bindValue(':thread', $id, PDO::PARAM_INT);
$query->execute() or error(db_error($query));
$result = $query->fetch();
return $result['count'];
}
function muteTime() {
global $config;
// Find number of mutes in the past X hours
$query = prepare("SELECT COUNT(*) as `count` FROM `mutes` WHERE `time` >= :time AND `ip` = :ip");
$query->bindValue(':time', time()-(ROBOT_MUTE_HOUR*3600), PDO::PARAM_INT);
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
$query->execute() or error(db_error($query));
$result = $query->fetch();
if($result['count'] == 0) return 0;
return pow($config['robot_mute_multiplier'], $result['count']);
}
function mute() {
// Insert mute
$query = prepare("INSERT INTO `mutes` VALUES (:ip, :time)");
$query->bindValue(':time', time(), PDO::PARAM_INT);
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
$query->execute() or error(db_error($query));
return muteTime();
}
function checkMute() {
$mutetime = muteTime();
if($mutetime > 0) {
// Find last mute time
$query = prepare("SELECT `time` FROM `mutes` WHERE `ip` = :ip ORDER BY `time` DESC LIMIT 1");
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
$query->execute() or error(db_error($query));
if(!$mute = $query->fetch()) {
// What!? He's muted but he's not muted...
return;
}
if($mute['time'] + $mutetime > time()) {
// Not expired yet
error(sprintf($config['error']['youaremuted'], $mute['time'] + $mutetime - time()));
} else {
// Already expired
return;
}
}
}
function buildIndex() {
global $sql, $board;
global $board, $config;
sql_open();
$res = mysql_query(sprintf(
"SELECT COUNT(`id`) as `num` FROM `posts` WHERE `board` = '%d' AND `thread` IS NULL",
$board['id']
), $sql) or error(mysql_error($sql));
$arr = mysql_fetch_array($res);
$count = floor((THREADS_PER_PAGE + $arr['num'] - 1) / THREADS_PER_PAGE);
$pages = Array();
for($x=0;$x<$count && $x<MAX_PAGES;$x++) {
$pages[] = Array('num' => $x+1, 'link' => $x==0 ? ROOT . $board['dir'] . FILE_INDEX : ROOT . $board['dir'] . sprintf(FILE_PAGE, $x+1));
}
mysql_free_result($res);
unset($arr);
unset($count);
$pages = getPages();
$page = 1;
while($page <= MAX_PAGES && $content = index($page)) {
$filename = $board['dir'] . ($page==1 ? FILE_INDEX : sprintf(FILE_PAGE, $page));
while($page <= $config['max_pages'] && $content = index($page)) {
$filename = $board['dir'] . ($page==1 ? $config['file_index'] : sprintf($config['file_page'], $page));
if(file_exists($filename)) $md5 = md5_file($filename);
$content['pages'] = $pages;
@ -204,18 +535,52 @@
}
$page++;
}
if($page < MAX_PAGES) {
for(;$page<=MAX_PAGES;$page++) {
$filename = $page==1 ? FILE_INDEX : sprintf(FILE_PAGE, $page);
if($page < $config['max_pages']) {
for(;$page<=$config['max_pages'];$page++) {
$filename = $page==1 ? $config['file_index'] : sprintf($config['file_page'], $page);
@unlink($filename);
}
}
}
function isDNSBL() {
$dns_black_lists = file('./dnsbl.txt', FILE_IGNORE_NEW_LINES);
// Reverse the IP
$rev_ip = implode(array_reverse(explode('.', $_SERVER['REMOTE_ADDR'])), '.');
$response = array();
foreach ($dns_black_lists as $dns_black_list) {
$response = (gethostbynamel($rev_ip . '.' . $dns_black_list));
if(!empty($response))
return true;
}
return false;
}
function isTor() {
return gethostbyname(
ReverseIPOctets($_SERVER['REMOTE_ADDR']) . '.' . $_SERVER['SERVER_PORT'] . '.' . ReverseIPOctets($_SERVER['SERVER_ADDR']) . '.ip-port.exitlist.torproject.org'
) == '127.0.0.2';
}
function ReverseIPOctets($inputip) {
$ipoc = explode('.', $inputip);
return $ipoc[3] . '.' . $ipoc[2] . '.' . $ipoc[1] . '.' . $ipoc[0];
}
function markup(&$body) {
global $sql, $board;
if(AUTO_UNICODE) {
global $board, $config;
$body = utf8tohtml($body, true);
if($config['markup_urls']) {
$body = preg_replace($config['url_regex'], "<a href=\"$0\">$0</a>", $body, -1, $num_links);
if($num_links > $config['max_links'])
error($config['error']['toomanylinks']);
}
if($config['auto_unicode']) {
$body = str_replace('...', '…', $body);
$body = str_replace('<--', '', $body);
@ -226,8 +591,6 @@
$body = str_replace('--', '–', $body); // en dash
}
$body = utf8tohtml($body, true);
// Cites
if(preg_match_all('/(^|\s)&gt;&gt;([0-9]+?)(\s|$)/', $body, $cites)) {
$previousPosition = 0;
@ -239,43 +602,43 @@
strlen($cites[1][$index]),
strlen($cites[3][$index]),
);
$result = mysql_query(sprintf(
"SELECT `thread`,`id` FROM `posts` WHERE `board` = '%d' AND `id` = '%d' LIMIT 1",
$board['id'],
$cite
), $sql) or error(mysql_error($sql));
if($post = mysql_fetch_array($result)) {
$replacement = '<a onclick="highlightReply(\''.$cite.'\');" href="' . ROOT . $board['dir'] . DIR_RES . ($post['thread']?$post['thread']:$post['id']) . '.html#' . $cite . '">&gt;&gt;' . $cite . '</a>';
$query = prepare(sprintf("SELECT `thread`,`id` FROM `posts_%s` WHERE `id` = :id LIMIT 1", $board['uri']));
$query->bindValue(':id', $cite);
$query->execute() or error(db_error($query));
if($post = $query->fetch()) {
$replacement = '<a onclick="highlightReply(\''.$cite.'\');" href="' . $config['root'] . $board['dir'] . $config['dir']['res'] . ($post['thread']?$post['thread']:$post['id']) . '.html#' . $cite . '">&gt;&gt;' . $cite . '</a>';
} else {
$replacement = "&gt;&gt;{$cite}";
}
mysql_free_result($result);
// Find the position of the cite
$position = strpos($body, $cites[0][$index]);
// Replace the found string with "xxxx[...]". (allows duplicate tags). Keeps whitespace.
$body = substr_replace($body, str_repeat('x', strlen($cites[0][$index]) - $whitespace[0] - $whitespace[1]), $position + $whitespace[0], strlen($cites[0][$index]) - $whitespace[0] - $whitespace[1]);
$temp .= substr($body, $previousPosition, $position-$previousPosition) . $cites[1][$index] . $replacement . $cites[3][$index];
$previousPosition = $position+strlen($cites[0][$index]);
}
// The rest
$temp .= substr($body, $previousPosition);
$body = $temp;
}
$body = str_replace("\r", '', $body);
if(MARKUP_URLS)
$body = preg_replace(URL_REGEX, "<a href=\"$0\">$0</a>", $body);
$body = preg_replace("/(^|\n)([\s]+)?(&gt;)([^\n]+)?($|\n)/m", '$1$2<span class="quote">$3$4</span>$5', $body);
if(WIKI_MARKUP) {
if($config['wiki_markup']) {
$body = preg_replace("/(^|\n)==(.+?)==\n?/m", "<h2>$2</h2>", $body);
$body = preg_replace("/'''(.+?)'''/m", "<strong>$1</strong>", $body);
$body = preg_replace("/''(.+?)''/m", "<em>$1</em>", $body);
$body = preg_replace("/\*\*(.+?)\*\*/m", "<span class=\"spoiler\">$1</span>", $body);
}
$body = preg_replace("/\n/", '<br/>', $body);
}
@ -319,41 +682,44 @@
return $result;
}
function buildThread($id, $return=false) {
global $sql, $board;
function buildThread($id, $return=false, $mod=false) {
global $board, $config;
$id = round($id);
$query = mysql_query(sprintf(
"SELECT `id`,`thread`,`subject`,`name`,`email`,`trip`,`body`,`time`,`thumb`,`thumbwidth`,`thumbheight`,`file`,`filewidth`,`fileheight`,`filesize`,`filename` FROM `posts` WHERE `board` = '%d' AND ((`thread` IS NULL AND `id` = '%s') OR `thread` = '%s') ORDER BY `thread`,`time`",
$board['id'],
$id,