forked from leftypol/leftypol
mod.php: trim
This commit is contained in:
parent
37d275468e
commit
22a8eae666
1 changed files with 19 additions and 20 deletions
39
mod.php
39
mod.php
|
|
@ -27,16 +27,16 @@ $pages = array(
|
|||
'/' => 'dashboard', // dashboard
|
||||
'/confirm/(.+)' => 'confirm', // confirm action (if javascript didn't work)
|
||||
'/logout' => 'secure logout', // logout
|
||||
|
||||
|
||||
'/users' => 'users', // manage users
|
||||
'/users/(\d+)/(promote|demote)' => 'secure user_promote', // prmote/demote user
|
||||
'/users/(\d+)' => 'secure_POST user', // edit user
|
||||
'/users/new' => 'secure_POST user_new', // create a new user
|
||||
|
||||
|
||||
'/new_PM/([^/]+)' => 'secure_POST new_pm', // create a new pm
|
||||
'/PM/(\d+)(/reply)?' => 'pm', // read a pm
|
||||
'/inbox' => 'inbox', // pm inbox
|
||||
|
||||
|
||||
'/log' => 'log', // modlog
|
||||
'/log/(\d+)' => 'log', // modlog
|
||||
'/log:([^/:]+)' => 'user_log', // modlog
|
||||
|
|
@ -52,26 +52,26 @@ $pages = array(
|
|||
'/edit_page/(\d+)' => 'secure_POST edit_page',
|
||||
'/edit_pages/delete/([a-z0-9]+)' => 'secure delete_page',
|
||||
'/edit_pages/delete/([a-z0-9]+)/(\%b)' => 'secure delete_page_board',
|
||||
|
||||
|
||||
'/noticeboard' => 'secure_POST noticeboard', // view noticeboard
|
||||
'/noticeboard/(\d+)' => 'secure_POST noticeboard', // view noticeboard
|
||||
'/noticeboard/delete/(\d+)' => 'secure noticeboard_delete', // delete from noticeboard
|
||||
|
||||
|
||||
'/edit/(\%b)' => 'secure_POST edit_board', // edit board details
|
||||
'/new-board' => 'secure_POST new_board', // create a new board
|
||||
|
||||
|
||||
'/rebuild' => 'secure_POST rebuild', // rebuild static files
|
||||
'/reports' => 'reports', // report queue
|
||||
'/reports/(\d+)/dismiss(all)?' => 'secure report_dismiss', // dismiss a report
|
||||
|
||||
|
||||
'/IP/([\w.:]+)' => 'secure_POST ip', // view ip address
|
||||
'/IP/([\w.:]+)/remove_note/(\d+)' => 'secure ip_remove_note', // remove note from ip address
|
||||
|
||||
|
||||
'/ban' => 'secure_POST ban', // new ban
|
||||
'/bans' => 'secure_POST bans', // ban list
|
||||
'/bans.json' => 'secure bans_json', // ban list JSON
|
||||
'/ban-appeals' => 'secure_POST ban_appeals', // view ban appeals
|
||||
|
||||
|
||||
'/recent/(\d+)' => 'recent_posts', // view recent posts
|
||||
'/recent/(\d+)/([\w,]+?)' => 'recent_posts', // view recent posts
|
||||
'/recent/(\d+)/([\w,]+?)/(json)?' => 'recent_posts', // view recent posts JSON
|
||||
|
|
@ -94,21 +94,21 @@ $pages = array(
|
|||
'/(\%b)/(un)?sticky/(\d+)' => 'secure sticky', // sticky thread
|
||||
'/(\%b)/(un)?cycle/(\d+)' => 'secure cycle', // cycle thread
|
||||
'/(\%b)/bump(un)?lock/(\d+)' => 'secure bumplock', // "bumplock" thread
|
||||
|
||||
|
||||
'/themes' => 'themes_list', // manage themes
|
||||
'/themes/(\w+)' => 'secure_POST theme_configure', // configure/reconfigure theme
|
||||
'/themes/(\w+)/rebuild' => 'secure theme_rebuild', // rebuild theme
|
||||
'/themes/(\w+)/uninstall' => 'secure theme_uninstall', // uninstall theme
|
||||
|
||||
|
||||
'/config' => 'secure_POST config', // config editor
|
||||
'/config/(\%b)' => 'secure_POST config', // config editor
|
||||
|
||||
|
||||
// these pages aren't listed in the dashboard without $config['debug']
|
||||
'/debug/antispam' => 'debug_antispam',
|
||||
'/debug/recent' => 'debug_recent_posts',
|
||||
'/debug/apc' => 'debug_apc',
|
||||
'/debug/sql' => 'secure_POST debug_sql',
|
||||
|
||||
|
||||
// This should always be at the end:
|
||||
'/(\%b)/' => 'view_board',
|
||||
'/(\%b)/' . preg_quote($config['file_index'], '!') => 'view_board',
|
||||
|
|
@ -151,7 +151,7 @@ $pages = $new_pages;
|
|||
foreach ($pages as $uri => $handler) {
|
||||
if (preg_match($uri, $query, $matches)) {
|
||||
$matches = array_slice($matches, 1);
|
||||
|
||||
|
||||
if (isset($matches['board'])) {
|
||||
$board_match = $matches['board'];
|
||||
unset($matches['board']);
|
||||
|
|
@ -160,12 +160,12 @@ foreach ($pages as $uri => $handler) {
|
|||
$matches[$key] = $board_match[1];
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
if (is_string($handler) && preg_match('/^secure(_POST)? /', $handler, $m)) {
|
||||
$secure_post_only = isset($m[1]);
|
||||
if (!$secure_post_only || $_SERVER['REQUEST_METHOD'] == 'POST') {
|
||||
$token = isset($matches['token']) ? $matches['token'] : (isset($_POST['token']) ? $_POST['token'] : false);
|
||||
|
||||
|
||||
if ($token === false) {
|
||||
if ($secure_post_only)
|
||||
error($config['error']['csrf']);
|
||||
|
|
@ -174,7 +174,7 @@ foreach ($pages as $uri => $handler) {
|
|||
exit;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
// CSRF-protected page; validate security token
|
||||
$actual_query = preg_replace('!/([a-f0-9]{8})$!', '', $query);
|
||||
if ($token != make_secure_link_token(substr($actual_query, 1))) {
|
||||
|
|
@ -183,7 +183,7 @@ foreach ($pages as $uri => $handler) {
|
|||
}
|
||||
$handler = preg_replace('/^secure(_POST)? /', '', $handler);
|
||||
}
|
||||
|
||||
|
||||
if ($config['debug']) {
|
||||
$debug['mod_page'] = array(
|
||||
'req' => $query,
|
||||
|
|
@ -213,10 +213,9 @@ foreach ($pages as $uri => $handler) {
|
|||
} else {
|
||||
error("Mod page '$handler' not a string, and not callable!");
|
||||
}
|
||||
|
||||
|
||||
exit;
|
||||
}
|
||||
}
|
||||
|
||||
error($config['error']['404']);
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue