From c3a1960427b4c99f0655a34bf2ebd308276eee52 Mon Sep 17 00:00:00 2001 From: Zankaria Date: Fri, 21 Feb 2025 12:33:28 +0100 Subject: [PATCH 1/3] filters.php: trim --- inc/filters.php | 48 ++++++++++++++++++++++++------------------------ 1 file changed, 24 insertions(+), 24 deletions(-) diff --git a/inc/filters.php b/inc/filters.php index 2a66cd2a..47e3e56a 100644 --- a/inc/filters.php +++ b/inc/filters.php @@ -10,17 +10,17 @@ class Filter { public $flood_check; private $condition; private $post; - + public function __construct(array $arr) { foreach ($arr as $key => $value) - $this->$key = $value; + $this->$key = $value; } - + public function match($condition, $match) { $condition = strtolower($condition); $post = &$this->post; - + switch($condition) { case 'custom': if (!is_callable($match)) @@ -29,11 +29,11 @@ class Filter { case 'flood-match': if (!is_array($match)) error('Filter condition "flood-match" must be an array.'); - + // Filter out "flood" table entries which do not match this filter. - + $flood_check_matched = array(); - + foreach ($this->flood_check as $flood_post) { foreach ($match as $flood_match_arg) { switch ($flood_match_arg) { @@ -69,10 +69,10 @@ class Filter { } $flood_check_matched[] = $flood_post; } - + // is there any reason for this assignment? $this->flood_check = $flood_check_matched; - + return !empty($this->flood_check); case 'flood-time': foreach ($this->flood_check as $flood_post) { @@ -135,7 +135,7 @@ class Filter { error('Unknown filter condition: ' . $condition); } } - + public function action() { global $board; @@ -147,34 +147,34 @@ class Filter { $query->bindValue(':time', time()); $query->bindValue(':body', "Autoban message: ".$this->post['body']); $query->execute() or error(db_error($query)); - } + } if (isset ($this->action)) switch($this->action) { case 'reject': error(isset($this->message) ? $this->message : 'Posting blocked by filter.'); case 'ban': if (!isset($this->reason)) error('The ban action requires a reason.'); - + $this->expires = isset($this->expires) ? $this->expires : false; $this->reject = isset($this->reject) ? $this->reject : true; $this->all_boards = isset($this->all_boards) ? $this->all_boards : false; - + Bans::new_ban($_SERVER['REMOTE_ADDR'], $this->reason, $this->expires, $this->all_boards ? false : $board['uri'], -1); if ($this->reject) { if (isset($this->message)) error($message); - + checkBan($board['uri']); exit; } - + break; default: error('Unknown filter action: ' . $this->action); } } - + public function check(array $post) { $this->post = $post; foreach ($this->condition as $condition => $value) { @@ -184,7 +184,7 @@ class Filter { } else { $NOT = false; } - + if ($this->match($condition, $value) == $NOT) return false; } @@ -194,11 +194,11 @@ class Filter { function purge_flood_table() { global $config; - + // Determine how long we need to keep a cache of posts for flood prevention. Unfortunately, it is not // aware of flood filters in other board configurations. You can solve this problem by settings the // config variable $config['flood_cache'] (seconds). - + if (isset($config['flood_cache'])) { $max_time = &$config['flood_cache']; } else { @@ -208,9 +208,9 @@ function purge_flood_table() { $max_time = max($max_time, $filter['condition']['flood-time']); } } - + $time = time() - $max_time; - + query("DELETE FROM ``flood`` WHERE `time` < $time") or error(db_error()); } @@ -219,7 +219,7 @@ function do_filters(array $post) { if (!isset($config['filters']) || empty($config['filters'])) return; - + foreach ($config['filters'] as $filter) { if (isset($filter['condition']['flood-match'])) { $has_flood = true; @@ -232,7 +232,7 @@ function do_filters(array $post) { } else { $flood_check = false; } - + foreach ($config['filters'] as $filter_array) { $filter = new Filter($filter_array); $filter->flood_check = $flood_check; @@ -240,7 +240,7 @@ function do_filters(array $post) { $filter->action(); } } - + purge_flood_table(); } From e753588aeb494186c834032f45255b1cc50f7cc4 Mon Sep 17 00:00:00 2001 From: Zankaria Date: Fri, 21 Feb 2025 12:35:13 +0100 Subject: [PATCH 2/3] filters.php: use IpNoteQueries --- inc/filters.php | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/inc/filters.php b/inc/filters.php index 47e3e56a..97cbc524 100644 --- a/inc/filters.php +++ b/inc/filters.php @@ -4,6 +4,9 @@ * Copyright (c) 2010-2013 Tinyboard Development Group */ +use Vichan\Context; +use Vichan\Data\IpNoteQueries; + defined('TINYBOARD') or exit; class Filter { @@ -136,17 +139,13 @@ class Filter { } } - public function action() { + public function action(Context $ctx) { global $board; $this->add_note = isset($this->add_note) ? $this->add_note : false; if ($this->add_note) { - $query = prepare('INSERT INTO ``ip_notes`` VALUES (NULL, :ip, :mod, :time, :body)'); - $query->bindValue(':ip', $_SERVER['REMOTE_ADDR']); - $query->bindValue(':mod', -1); - $query->bindValue(':time', time()); - $query->bindValue(':body', "Autoban message: ".$this->post['body']); - $query->execute() or error(db_error($query)); + $note_queries = $ctx->get(IpNoteQueries::class); + $note_queries->add($_SERVER['REMOTE_ADDR'], -1, 'Autoban message: ' . $this->post['body']); } if (isset ($this->action)) switch($this->action) { case 'reject': @@ -214,7 +213,7 @@ function purge_flood_table() { query("DELETE FROM ``flood`` WHERE `time` < $time") or error(db_error()); } -function do_filters(array $post) { +function do_filters(Context $ctx, array $post) { global $config; if (!isset($config['filters']) || empty($config['filters'])) @@ -237,7 +236,7 @@ function do_filters(array $post) { $filter = new Filter($filter_array); $filter->flood_check = $flood_check; if ($filter->check($post)) { - $filter->action(); + $filter->action($ctx); } } From 94b5c8251770bb215d745c115ad509e8f3071339 Mon Sep 17 00:00:00 2001 From: Zankaria Date: Fri, 21 Feb 2025 12:35:28 +0100 Subject: [PATCH 3/3] post.php: pass Context to filters --- post.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/post.php b/post.php index c2bd406d..6e7c6ab6 100644 --- a/post.php +++ b/post.php @@ -1315,7 +1315,7 @@ function handle_post(Context $ctx) if (!hasPermission($config['mod']['bypass_filters'], $board['uri']) && !$dropped_post) { require_once 'inc/filters.php'; - do_filters($post); + do_filters($ctx, $post); } if ($post['has_file']) { @@ -1631,7 +1631,7 @@ function handle_post(Context $ctx) // Do filters again if OCRing if ($config['tesseract_ocr'] && !hasPermission($config['mod']['bypass_filters'], $board['uri']) && !$dropped_post) { - do_filters($post); + do_filters($ctx, $post); } if (!hasPermission($config['mod']['postunoriginal'], $board['uri']) && $config['robot_enable'] && checkRobot($post['body_nomarkup']) && !$dropped_post) {