leftypol
/
leftypol
4
5
Fork 2
Code Issues 55 Pull Requests 1 Projects Releases Wiki Activity
Browse Source

a Fixed delete by IP, plus a bunch of small stuff

pull/40/head
Savetheinternet 13 years ago
parent
0346862645
commit
c34ea2e3af
5 changed files with 63 additions and 9 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 12
      inc/functions.php
  2. 12
      inc/mod.php
  3. 7
      main.js
  4. 39
      mod.php
  5. 2
      post.php

12
inc/functions.php
View File

@ -299,7 +299,7 @@
} }
// Delete a post (reply or thread) // Delete a post (reply or thread)
function deletePost($id) { function deletePost($id, $error_if_doesnt_exist=true) {
global $board; global $board;
// Select post and replies (if thread) in one query // Select post and replies (if thread) in one query
@ -308,7 +308,9 @@
$query->execute() or error(db_error($query)); $query->execute() or error(db_error($query));
if($query->rowCount() < 1) { if($query->rowCount() < 1) {
error(ERROR_INVALIDPOST); if($error_if_doesnt_exist)
error(ERROR_INVALIDPOST);
else return false;
} }
// Delete posts and maybe replies // Delete posts and maybe replies
@ -337,6 +339,8 @@
if(isset($rebuild)) { if(isset($rebuild)) {
buildThread($rebuild); buildThread($rebuild);
} }
return true;
} }
function clean() { function clean() {
@ -370,7 +374,7 @@
while($th = $query->fetch()) { while($th = $query->fetch()) {
$thread = new Thread($th['id'], $th['subject'], $th['email'], $th['name'], $th['trip'], $th['body'], $th['time'], $th['thumb'], $th['thumbwidth'], $th['thumbheight'], $th['file'], $th['filewidth'], $th['fileheight'], $th['filesize'], $th['filename'], $th['ip'], $th['sticky'], $th['locked'], $mod ? '?/' : ROOT, $mod); $thread = new Thread($th['id'], $th['subject'], $th['email'], $th['name'], $th['trip'], $th['body'], $th['time'], $th['thumb'], $th['thumbwidth'], $th['thumbheight'], $th['file'], $th['filewidth'], $th['fileheight'], $th['filesize'], $th['filename'], $th['ip'], $th['sticky'], $th['locked'], $mod ? '?/' : ROOT, $mod);
$posts = prepare(sprintf("SELECT `id`, `subject`, `email`, `name`, `trip`, `body`, `time`, `thumb`, `thumbwidth`, `thumbheight`, `file`, `filewidth`, `fileheight`, `filesize`, `filename`,`ip` FROM `posts_%s` WHERE `thread` = ? ORDER BY `time` DESC LIMIT ?", $board['uri'])); $posts = prepare(sprintf("SELECT `id`, `subject`, `email`, `name`, `trip`, `body`, `time`, `thumb`, `thumbwidth`, `thumbheight`, `file`, `filewidth`, `fileheight`, `filesize`, `filename`,`ip` FROM `posts_%s` WHERE `thread` = ? ORDER BY `id` DESC LIMIT ?", $board['uri']));
$posts->bindValue(1, $th['id']); $posts->bindValue(1, $th['id']);
$posts->bindValue(2, THREADS_PREVIEW, PDO::PARAM_INT); $posts->bindValue(2, THREADS_PREVIEW, PDO::PARAM_INT);
$posts->execute() or error(db_error($posts)); $posts->execute() or error(db_error($posts));
@ -859,7 +863,7 @@
switch($type) { switch($type) {
case 'jpg': case 'jpg':
case 'jpeg': case 'jpeg':
if(!$image = imagecreatefromjpeg($source_pic)) { if(!$image = @imagecreatefromjpeg($source_pic)) {
unlink($source_pic); unlink($source_pic);
error(ERR_INVALIDIMG); error(ERR_INVALIDIMG);
} }

12
inc/mod.php
View File

@ -20,7 +20,7 @@
$query = prepare("SELECT `id`,`type` FROM `mods` WHERE `username` = :username AND `password` = :password LIMIT 1"); $query = prepare("SELECT `id`,`type` FROM `mods` WHERE `username` = :username AND `password` = :password LIMIT 1");
$query->bindValue(':username', $username); $query->bindValue(':username', $username);
$query->bindValue(':password', $password); $query->bindValue(':password', $password);
$query->execute(); $query->execute() or error(db_error($query));
if($user = $query->fetch()) { if($user = $query->fetch()) {
return $mod = Array( return $mod = Array(
@ -56,6 +56,16 @@
unset($_SESSION['mod']); unset($_SESSION['mod']);
} }
function modLog($action) {
global $mod;
$query = prepare("INSERT INTO `modlogs` VALUES (:id, :ip, :time, :text)");
$query->bindValue(':id', $mod['id'], PDO::PARAM_INT);
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
$query->bindValue(':time', time(), PDO::PARAM_INT);
$query->bindValue(':text', $action);
$query->execute() or error(db_error($query));
}
if(isset($_COOKIE['mod']) && isset($_SESSION['mod']) && is_array($_SESSION['mod'])) { if(isset($_COOKIE['mod']) && isset($_SESSION['mod']) && is_array($_SESSION['mod'])) {
// Should be username:session hash // Should be username:session hash
$cookie = explode(':', $_COOKIE['mod']); $cookie = explode(':', $_COOKIE['mod']);

7
main.js
View File

@ -6,8 +6,11 @@ function highlightReply(id)
if (divs[i].className.indexOf('post') != -1) if (divs[i].className.indexOf('post') != -1)
divs[i].className = divs[i].className.replace(/highlighted/, ''); divs[i].className = divs[i].className.replace(/highlighted/, '');
} }
if (id) if (id) {
document.getElementById('reply_'+id).className += ' highlighted'; post = document.getElementById('reply_'+id);
if(post)
post.className += ' highlighted';
}
} }
function focusId(id) function focusId(id)
{ {

39
mod.php
View File

@ -43,6 +43,8 @@
if(!login($_POST['username'], $_POST['password'])) if(!login($_POST['username'], $_POST['password']))
loginForm(ERROR_INVALID, $_POST['username']); loginForm(ERROR_INVALID, $_POST['username']);
modLog("Logged in.");
// Login successful // Login successful
// Set cookies // Set cookies
setCookies(); setCookies();
@ -295,6 +297,9 @@
} }
$query->execute() or error(db_error($query)); $query->execute() or error(db_error($query));
// Record the action
modLog("Created a new board: {$b['title']}");
// Open the board // Open the board
openBoard($b['uri']) or error("Couldn't open board after creation."); openBoard($b['uri']) or error("Couldn't open board after creation.");
@ -356,6 +361,10 @@
// Delete post // Delete post
deleteFile($post); deleteFile($post);
// Record the action
modLog("Removed file from post #{$post}");
// Rebuild board // Rebuild board
buildIndex(); buildIndex();
@ -377,6 +386,10 @@
// Delete post // Delete post
deletePost($post); deletePost($post);
// Record the action
modLog("Deleted post #{$post}");
// Rebuild board // Rebuild board
buildIndex(); buildIndex();
@ -399,8 +412,12 @@
$query->bindValue(':id', $post, PDO::PARAM_INT); $query->bindValue(':id', $post, PDO::PARAM_INT);
if($matches[2] == 'un') { if($matches[2] == 'un') {
// Record the action
modLog("Unstickied post #{$post}");
$query->bindValue(':sticky', 0, PDO::PARAM_INT); $query->bindValue(':sticky', 0, PDO::PARAM_INT);
} else { } else {
// Record the action
modLog("Stickied post #{$post}");
$query->bindValue(':sticky', 1, PDO::PARAM_INT); $query->bindValue(':sticky', 1, PDO::PARAM_INT);
} }
@ -429,8 +446,12 @@
$query->bindValue(':id', $post, PDO::PARAM_INT); $query->bindValue(':id', $post, PDO::PARAM_INT);
if($matches[2] == 'un') { if($matches[2] == 'un') {
// Record the action
modLog("Unlocked post #{$post}");
$query->bindValue(':locked', 0, PDO::PARAM_INT); $query->bindValue(':locked', 0, PDO::PARAM_INT);
} else { } else {
// Record the action
modLog("Locked post #{$post}");
$query->bindValue(':locked', 1, PDO::PARAM_INT); $query->bindValue(':locked', 1, PDO::PARAM_INT);
} }
@ -454,10 +475,22 @@
if(!openBoard($boardName)) if(!openBoard($boardName))
error(ERROR_NOBOARD); error(ERROR_NOBOARD);
$query = prepare(sprintf("SELECT `id` FROM `posts_%s` WHERE `ip` = (SELECT `ip` FROM `posts_%s` WHERE `id` = :id)", $board['uri'], $board['uri'])); $query = prepare(sprintf("SELECT `ip` FROM `posts_%s` WHERE `id` = :id", $board['uri']));
$query->bindValue(':id', $post); $query->bindValue(':id', $post);
$query->execute() or error(db_error($query)); $query->execute() or error(db_error($query));
if(!$post = $query->fetch())
error(ERROR_INVALIDPOST);
$ip = $post['ip'];
// Record the action
modLog("Deleted all posts by IP address: #{$ip}");
$query = prepare(sprintf("SELECT `id` FROM `posts_%s` WHERE `ip` = :ip", $board['uri']));
$query->bindValue(':ip', $ip);
$query->execute() or error(db_error($query));
if($query->rowCount() < 1) if($query->rowCount() < 1)
error(ERROR_INVALIDPOST); error(ERROR_INVALIDPOST);
@ -529,6 +562,10 @@
} else { } else {
$query->bindValue(':reason', null, PDO::PARAM_NULL); $query->bindValue(':reason', null, PDO::PARAM_NULL);
} }
// Record the action
modLog("Created a ban for {$_POST['ip']} with reason {$_POST['reason']}");
$query->execute() or error(db_error($query)); $query->execute() or error(db_error($query));
// Delete too // Delete too

2
post.php
View File

@ -221,7 +221,7 @@
if(strlen($post['name']) > 50) error(sprintf(ERROR_TOOLONG, 'name')); if(strlen($post['name']) > 50) error(sprintf(ERROR_TOOLONG, 'name'));
if(strlen($post['email']) > 30) error(sprintf(ERROR_TOOLONG, 'email')); if(strlen($post['email']) > 30) error(sprintf(ERROR_TOOLONG, 'email'));
if(strlen($post['subject']) > 40) error(sprintf(ERROR_TOOLONG, 'subject')); if(strlen($post['subject']) > 40) error(sprintf(ERROR_TOOLONG, 'subject'));
if(strlen($post['body']) > MAX_BODY) error(ERROR_TOOLONGBODY); if(!$mod && strlen($post['body']) > MAX_BODY) error(ERROR_TOOLONGBODY);
if(!(!$OP && $post['has_file']) && strlen($post['body']) < 1) error(ERROR_TOOSHORTBODY); if(!(!$OP && $post['has_file']) && strlen($post['body']) < 1) error(ERROR_TOOSHORTBODY);
if(strlen($post['password']) > 20) error(sprintf(ERROR_TOOLONG, 'password')); if(strlen($post['password']) > 20) error(sprintf(ERROR_TOOLONG, 'password'));

Write Preview
Loading…
Cancel
Save