Merge branch 'master' of https://github.com/savetheinternet/Tinyboard into HEAD

Conflicts: mod.php
11 years ago · fabba73ce4
7 changed files with 166 additions and 9 deletions
--- a/inc/anti-bot.php
+++ b/inc/anti-bot.php
@ -152,6 +152,10 @@ class AntiBot {
 		return $html;
 	}
 	
+	public function reset() {
+		$this->index = 0;
+	}
+	
 	public function hash() {
 		global $config;
 		
--- a/inc/config.php
+++ b/inc/config.php
@ -962,8 +962,8 @@
 	$config['mod']['bumplock'] = MOD;
 	// View whether a thread has been bumplocked ("-1" to allow non-mods to see too)
 	$config['mod']['view_bumplock'] = MOD;
-	// Edit posts (EXPERIMENTAL)
-	$config['mod']['editpost'] = DISABLED;
+	// Edit posts
+	$config['mod']['editpost'] = ADMIN;
 	// "Move" a thread to another board (EXPERIMENTAL; has some known bugs)
 	$config['mod']['move'] = DISABLED;
 	// Bypass "field_disable_*" (forced anonymity, etc.)
--- a/inc/functions.php
+++ b/inc/functions.php
@ -1213,18 +1213,17 @@ function buildIndex() {

 	$page = 1;
 	while ($page <= $config['max_pages'] && $content = index($page)) {
-		$filename = $board['dir'] . ($page==1 ? $config['file_index'] : sprintf($config['file_page'], $page));
-		if (file_exists($filename)) $md5 = md5_file($filename);
+		$filename = $board['dir'] . ($page == 1 ? $config['file_index'] : sprintf($config['file_page'], $page));
+		
+		$antibot->reset();
 		
 		$content['pages'] = $pages;
 		$content['pages'][$page-1]['selected'] = true;
 		$content['btn'] = getPageButtons($content['pages']);
 		$content['antibot'] = $antibot;
+
 		file_write($filename, Element('index.html', $content));
 		
-		if (isset($md5) && $md5 == md5_file($filename)) {
-			break;
-		}
 		$page++;
 	}
 	if ($page < $config['max_pages']) {
@ -1364,8 +1363,8 @@ function unicodify($body) {
 	// En and em- dashes are rendered exactly the same in
 	// most monospace fonts (they look the same in code
 	// editors).
-	$body = str_replace('---', '&ndash;', $body); // em dash
-	$body = str_replace('--', '&mdash;', $body); // en dash
+	$body = str_replace('--', '&ndash;', $body); // en dash
+	$body = str_replace('---', '&mdash;', $body); // em dash
 	
 	return $body;
 }
--- a/inc/mod/pages.php
+++ b/inc/mod/pages.php
@ -986,6 +986,45 @@ function mod_ban_post($board, $delete, $post, $token = false) {
 	mod_page(_('New ban'), 'mod/ban_form.html', $args);
 }

+function mod_edit_post($board, $postID) {
+	global $config, $mod;
+
+	if (!openBoard($board))
+		error($config['error']['noboard']);
+
+	if (!hasPermission($config['mod']['editpost'], $board))
+		error($config['error']['noaccess']);
+
+	$security_token = make_secure_link_token($board . '/edit/' . $postID);
+	
+	$query = prepare(sprintf('SELECT * FROM `posts_%s` WHERE `id` = :id', $board));
+	$query->bindValue(':id', $postID);
+	$query->execute() or error(db_error($query));
+
+	if (!$post = $query->fetch(PDO::FETCH_ASSOC))
+		error($config['error']['404']);
+	
+	if (isset($_POST['name'], $_POST['email'], $_POST['subject'], $_POST['body'])) {
+		$query = prepare(sprintf('UPDATE `posts_%s` SET `name` = :name, `email` = :email, `subject` = :subject, `body_nomarkup` = :body WHERE `id` = :id', $board));
+		$query->bindValue(':id', $postID);
+		$query->bindValue('name', $_POST['name']);
+		$query->bindValue(':email', $_POST['email']);
+		$query->bindValue(':subject', $_POST['subject']);
+		$query->bindValue(':body', $_POST['body']);
+		$query->execute() or error(db_error($query));
+		
+		rebuildPost($postID);
+		buildIndex();
+		
+		header('Location: ?/' . sprintf($config['board_path'], $board) . $config['dir']['res'] . sprintf($config['file_page'], $post['thread'] ? $post['thread'] : $postID) . '#' . $postID, true, $config['redirect_http']);
+	} else {
+		if ($config['minify_html'])
+			$post['body_nomarkup'] = str_replace("\n", '&#010;', $post['body_nomarkup']);
+		
+		mod_page(_('Edit post'), 'mod/edit_post_form.html', array('token' => $security_token, 'post' => $post));
+	}
+}
+
 function mod_delete($board, $post) {
 	global $config, $mod;
 	
--- a/mod.php
+++ b/mod.php
@ -61,6 +61,7 @@ $pages = array(
 	'/ban'					=> 'secure_POST ban',	// new ban
 	'/([\w+.]+)/ban(&delete)?/(\d+)'		=> 'secure_POST ban_post', // ban poster
 	'/([\w+.]+)/move/(\d+)'			=> 'secure_POST move',	// move thread
+	'/([\w+.]+)/edit/(\d+)'			=> 'secure_POST edit_post', // edit post
 	'/([\w+.]+)/delete/(\d+)'			=> 'secure delete',	// delete post
 	'/([\w+.]+)/deletefile/(\d+)'		=> 'secure deletefile',	// delete file from post
 	'/([\w+.]+)/deletebyip/(\d+)(/global)?'	=> 'secure deletebyip',	// delete all posts by IP address
--- a/post.php
+++ b/post.php
@ -427,6 +427,81 @@ if (isset($_POST['delete'])) {
 				error($config['error']['maxsize']);
 			}
 			
+			// The following code corrects the image orientation based on EXIF.
+			// Currently only works with the 'convert' option selected but it could easily be expanded to work with the rest if you can be bothered.
+			if ($config['thumb_method'] == 'convert') {
+				if ($post['extension'] == 'jpg' || $post['extension'] == 'jpeg') {
+					$exif = exif_read_data($upload);
+					if (isset($exif['Orientation'])) {
+						switch($exif['Orientation']) {
+							case 1:
+								// Normal
+								$args = false;
+								break;
+							case 2:
+								// 888888
+								//     88
+								//   8888
+								//     88
+								//     88
+								
+								$args = '-flop';
+								break;
+							case 3:
+								
+								//     88
+								//     88
+								//   8888
+								//     88
+								// 888888
+								
+								$args = '-flip -flop';
+								break;
+							case 4:
+								// 88
+								// 88
+								// 8888
+								// 88
+								// 888888
+								
+								$args = '-flip';
+								break;
+							case 5:
+								// 8888888888
+								// 88  88
+								// 88
+								
+								$args = '-rotate 90 -flop';
+								break;
+							case 6:
+								// 88
+								// 88  88
+								// 8888888888
+								
+								$args = '-rotate 90';
+								break;
+							case 7:
+								//         88
+								//     88  88
+								// 8888888888
+								
+								$args = '-rotate "-90" -flop';
+								break;
+							case 8:
+								// 8888888888
+								//     88  88
+								//         88
+								
+								$args = '-rotate "-90"';
+								break;
+						}
+						
+						if ($args)
+							shell_exec('convert ' . escapeshellarg($upload) . ' ' . $args . ' ' . escapeshellarg($upload));
+					}
+				}
+			}
+			
 			// create image object
 			$image = new Image($upload, $post['extension']);
 			
--- a/templates/mod/edit_post_form.html
+++ b/templates/mod/edit_post_form.html
@ -0,0 +1,39 @@
+<form action="" method="post">
+	<input type="hidden" name="token" value="{{ token }}">
+	
+	<table>
+		<tr>
+			<th>
+				{% trans %}Name{% endtrans %}
+			</th>
+			<td>
+				<input type="text" name="name" size="25" maxlength="35" autocomplete="off" value="{{ post.name }}">
+			</td>
+		</tr>
+		<tr>
+			<th>
+				{% trans %}Email{% endtrans %}
+			</th>
+			<td>
+				<input type="text" name="email" size="25" maxlength="40" autocomplete="off" value="{{ post.email }}">
+			</td>
+		</tr>
+		<tr>
+			<th>
+				{% trans %}Subject{% endtrans %}
+			</th>
+			<td>
+				<input style="float:left;" type="text" name="subject" size="25" maxlength="100" autocomplete="off" value="{{ post.subject }}">
+				<input accesskey="s" style="margin-left:2px;" type="submit" name="post" value="{% trans %}Update{% endtrans %}">
+			</td>
+		</tr>
+		<tr>
+			<th>
+				{% trans %}Comment{% endtrans %}
+			</th>
+			<td>
+				<textarea name="body" id="body" rows="5" cols="35">{{ post.body_nomarkup }}</textarea>
+			</td>
+		</tr>
+	</table>
+</form>