forked from leftypol/leftypol
Merge branch 'master' of https://github.com/savetheinternet/Tinyboard
Conflicts: inc/functions.php inc/mod/pages.php install.php js/expand.js mod.php
This commit is contained in:
czaks
commit
96bcf5dd1e
15 changed files with 279 additions and 130 deletions
|
|
@ -1051,6 +1051,8 @@
|
|||
$config['mod']['createusers'] = ADMIN;
|
||||
// View the moderation log
|
||||
$config['mod']['modlog'] = ADMIN;
|
||||
// View IP addresses of other mods in ?/log
|
||||
$config['mod']['show_ip_modlog'] = ADMIN;
|
||||
// View relevant moderation log entries on IP address pages (ie. ban history, etc.)
|
||||
// Warning: Can be pretty resource exhaustive if your mod logs are huge.
|
||||
$config['mod']['modlog_ip'] = MOD;
|
||||
|
|
@ -1177,6 +1179,9 @@
|
|||
// 'type' => 'scp'
|
||||
//);
|
||||
|
||||
// Regex for board URIs
|
||||
$config['board_regex'] = '[0-9a-zA-Z$_\x{0080}-\x{FFFF}]{1,58}';
|
||||
|
||||
// Complex regular expression to catch URLs
|
||||
$config['url_regex'] = '/' . '(https?|ftp):\/\/' . '(([\w\-]+\.)+[a-zA-Z]{2,6}|\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})' . '(:\d+)?' . '(\/([\w\-~.#\/?=&;:+%!*\[\]@$\'()+,|\^]+)?)?' . '/';
|
||||
|
||||
|
|
|
|||
|
|
@ -51,12 +51,16 @@ function sql_open() {
|
|||
try {
|
||||
$options = array(
|
||||
PDO::ATTR_TIMEOUT => $config['db']['timeout'],
|
||||
PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8',
|
||||
PDO::MYSQL_ATTR_USE_BUFFERED_QUERY => true
|
||||
);
|
||||
if ($config['db']['persistent'])
|
||||
$options[PDO::ATTR_PERSISTENT] = true;
|
||||
return $pdo = new PDO($dsn, $config['db']['user'], $config['db']['password'], $options);
|
||||
$pdo = new PDO($dsn, $config['db']['user'], $config['db']['password'], $options);
|
||||
if (mysql_version() >= 50503)
|
||||
query('SET NAMES utf8mb4') or error(db_error());
|
||||
else
|
||||
query('SET NAMES utf8') or error(db_error());
|
||||
return $pdo;
|
||||
} catch(PDOException $e) {
|
||||
$message = $e->getMessage();
|
||||
|
||||
|
|
@ -65,10 +69,21 @@ function sql_open() {
|
|||
$message = str_replace($config['db']['password'], '<em>hidden</em>', $message);
|
||||
|
||||
// Print error
|
||||
error('Database error: ' . $message);
|
||||
error(_('Database error: ') . $message);
|
||||
}
|
||||
}
|
||||
|
||||
// 5.6.10 becomes 50610
|
||||
function mysql_version() {
|
||||
global $pdo;
|
||||
|
||||
$version = $pdo->getAttribute(PDO::ATTR_SERVER_VERSION);
|
||||
$v = explode('.', $version);
|
||||
if (count($v) != 3)
|
||||
return false;
|
||||
return (int) sprintf("%02d%02d%02d", $v[0], $v[1], $v[2]);
|
||||
}
|
||||
|
||||
function prepare($query) {
|
||||
global $pdo, $debug, $config;
|
||||
|
||||
|
|
|
|||
|
|
@ -235,7 +235,7 @@ function bidi_cleanup($str){
|
|||
function secure_link_confirm($text, $title, $confirm_message, $href) {
|
||||
global $config;
|
||||
|
||||
return '<a onclick="if (event.which==2) return true;if (confirm(\'' . htmlentities(addslashes($confirm_message)) . '\')) document.location=\'?/' . htmlentities(addslashes($href . '/' . make_secure_link_token($href))) . '\';return false;" title="' . htmlentities($title) . '" href="?/' . $href . '">' . $text . '</a>';
|
||||
return '<a onclick="if (event.which==2) return true;if (confirm(\'' . htmlentities(addslashes($confirm_message)) . '\')) document.location=\'?/' . htmlspecialchars(addslashes($href . '/' . make_secure_link_token($href))) . '\';return false;" title="' . htmlentities($title) . '" href="?/' . $href . '">' . $text . '</a>';
|
||||
}
|
||||
function secure_link($href) {
|
||||
return $href . '/' . make_secure_link_token($href);
|
||||
|
|
@ -299,7 +299,7 @@ class Post {
|
|||
// Fix internal links
|
||||
// Very complicated regex
|
||||
$this->body = preg_replace(
|
||||
'/<a((([a-zA-Z]+="[^"]+")|[a-zA-Z]+=[a-zA-Z]+|\s)*)href="' . preg_quote($config['root'], '/') . '(' . sprintf(preg_quote($config['board_path'], '/'), '\w+') . ')/',
|
||||
'/<a((([a-zA-Z]+="[^"]+")|[a-zA-Z]+=[a-zA-Z]+|\s)*)href="' . preg_quote($config['root'], '/') . '(' . sprintf(preg_quote($config['board_path'], '/'), $config['board_regex']) . ')/u',
|
||||
'<a $1href="?/$4',
|
||||
$this->body
|
||||
);
|
||||
|
|
@ -398,7 +398,7 @@ class Thread {
|
|||
// Fix internal links
|
||||
// Very complicated regex
|
||||
$this->body = preg_replace(
|
||||
'/<a((([a-zA-Z]+="[^"]+")|[a-zA-Z]+=[a-zA-Z]+|\s)*)href="' . preg_quote($config['root'], '/') . '(' . sprintf(preg_quote($config['board_path'], '/'), '\w+') . ')/',
|
||||
'/<a((([a-zA-Z]+="[^"]+")|[a-zA-Z]+=[a-zA-Z]+|\s)*)href="' . preg_quote($config['root'], '/') . '(' . sprintf(preg_quote($config['board_path'], '/'), $config['board_regex']) . ')/u',
|
||||
'<a $1href="?/$4',
|
||||
$this->body
|
||||
);
|
||||
|
|
|
|||
|
|
@ -99,18 +99,18 @@ function loadConfig() {
|
|||
'https?:\/\/' . $_SERVER['HTTP_HOST']) .
|
||||
preg_quote($config['root'], '/') .
|
||||
'(' .
|
||||
str_replace('%s', '\w+', preg_quote($config['board_path'], '/')) .
|
||||
str_replace('%s', $config['board_regex'], preg_quote($config['board_path'], '/')) .
|
||||
'(' .
|
||||
preg_quote($config['file_index'], '/') . '|' .
|
||||
str_replace('%d', '\d+', preg_quote($config['file_page'])) .
|
||||
')?' .
|
||||
'|' .
|
||||
str_replace('%s', '\w+', preg_quote($config['board_path'], '/')) .
|
||||
str_replace('%s', $config['board_regex'], preg_quote($config['board_path'], '/')) .
|
||||
preg_quote($config['dir']['res'], '/') .
|
||||
str_replace('%d', '\d+', preg_quote($config['file_page'], '/')) .
|
||||
'|' .
|
||||
preg_quote($config['file_mod'], '/') . '\?\/.+' .
|
||||
')([#?](.+)?)?$/i';
|
||||
')([#?](.+)?)?$/ui';
|
||||
} else {
|
||||
// CLI mode
|
||||
$config['referer_match'] = '//';
|
||||
|
|
@ -367,6 +367,11 @@ function boardTitle($uri) {
|
|||
function purge($uri) {
|
||||
global $config, $debug;
|
||||
|
||||
// Fix for Unicode
|
||||
$uri = urlencode($uri);
|
||||
$uri = str_replace("%2F", "/", $uri);
|
||||
$uri = str_replace("%3A", ":", $uri);
|
||||
|
||||
if (preg_match($config['referer_match'], $config['root']) && isset($_SERVER['REQUEST_URI'])) {
|
||||
$uri = (str_replace('\\', '/', dirname($_SERVER['REQUEST_URI'])) == '/' ? '/' : str_replace('\\', '/', dirname($_SERVER['REQUEST_URI'])) . '/') . $uri;
|
||||
} else {
|
||||
|
|
@ -1429,6 +1434,9 @@ function markup(&$body, $track_cites = false) {
|
|||
$body = str_replace("\r", '', $body);
|
||||
$body = utf8tohtml($body);
|
||||
|
||||
if (mysql_version() < 50503)
|
||||
$body = mb_encode_numericentity($body, array(0x010000, 0xffffff, 0, 0xffffff), 'UTF-8');
|
||||
|
||||
foreach ($config['markup'] as $markup) {
|
||||
if (is_string($markup[1])) {
|
||||
$body = preg_replace($markup[0], $markup[1], $body);
|
||||
|
|
@ -1495,7 +1503,7 @@ function markup(&$body, $track_cites = false) {
|
|||
}
|
||||
|
||||
// Cross-board linking
|
||||
if (preg_match_all('/(^|\s)>>>\/([\w.+]+?)\/(\d+)?([\s,.)?]|$)/m', $body, $cites, PREG_SET_ORDER | PREG_OFFSET_CAPTURE)) {
|
||||
if (preg_match_all('/(^|\s)>>>\/(' . $config['board_regex'] . 'f?)\/(\d+)?([\s,.)?]|$)/um', $body, $cites, PREG_SET_ORDER | PREG_OFFSET_CAPTURE)) {
|
||||
if (count($cites[0]) > $config['max_cites']) {
|
||||
error($config['error']['toomanycross']);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -443,8 +443,8 @@ function mod_new_board() {
|
|||
if ($_POST['title'] == '')
|
||||
error(sprintf($config['error']['required'], 'title'));
|
||||
|
||||
#if (!preg_match('/^\w+$/', $_POST['uri']))
|
||||
# error(sprintf($config['error']['invalidfield'], 'URI'));
|
||||
if (!preg_match('/^' . $config['board_regex'] . '$/u', $_POST['uri']))
|
||||
error(sprintf($config['error']['invalidfield'], 'URI'));
|
||||
|
||||
if (openBoard($_POST['uri'])) {
|
||||
error(sprintf($config['error']['boardexists'], $board['url']));
|
||||
|
|
@ -744,7 +744,8 @@ function mod_page_ip($ip) {
|
|||
$boards = listBoards();
|
||||
foreach ($boards as $board) {
|
||||
openBoard($board['uri']);
|
||||
|
||||
if (!hasPermission($config['mod']['show_ip'], $board['uri']))
|
||||
continue;
|
||||
$query = prepare(sprintf('SELECT * FROM `posts_%s` WHERE `ip` = :ip ORDER BY `sticky` DESC, `id` DESC LIMIT :limit', $board['uri']));
|
||||
$query->bindValue(':ip', $ip);
|
||||
$query->bindValue(':limit', $config['mod']['ip_recentposts'], PDO::PARAM_INT);
|
||||
|
|
@ -1418,7 +1419,7 @@ function mod_user($uid) {
|
|||
|
||||
$boards = array();
|
||||
foreach ($_POST as $name => $value) {
|
||||
if (preg_match('/^board_(\w+)$/', $name, $matches) && in_array($matches[1], $_boards))
|
||||
if (preg_match('/^board_(' . $config['board_regex'] . ')$/u', $name, $matches) && in_array($matches[1], $_boards))
|
||||
$boards[] = $matches[1];
|
||||
}
|
||||
}
|
||||
|
|
@ -1539,7 +1540,7 @@ function mod_user_new() {
|
|||
|
||||
$boards = array();
|
||||
foreach ($_POST as $name => $value) {
|
||||
if (preg_match('/^board_(\w+)$/', $name, $matches) && in_array($matches[1], $_boards))
|
||||
if (preg_match('/^board_(' . $config['board_regex'] . ')$/u', $name, $matches) && in_array($matches[1], $_boards))
|
||||
$boards[] = $matches[1];
|
||||
}
|
||||
}
|
||||
|
|
@ -2133,7 +2134,7 @@ function mod_debug_antispam() {
|
|||
$where .= ' AND `thread` = ' . $pdo->quote($_POST['thread']);
|
||||
|
||||
if (isset($_POST['purge'])) {
|
||||
$query = prepare('UPDATE `antispam` SET `expires` = UNIX_TIMESTAMP() + :expires WHERE' . $where);
|
||||
$query = prepare(', DATE `antispam` SET `expires` = UNIX_TIMESTAMP() + :expires WHERE' . $where);
|
||||
$query->bindValue(':expires', $config['spam']['hidden_inputs_expire']);
|
||||
$query->execute() or error(db_error());
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue