From be532e13b08a339deb9216114bfd0ea6012c65f0 Mon Sep 17 00:00:00 2001
From: tslocum <tslocum@gmail.com>
Date: Fri, 7 Jan 2011 00:56:59 -0800
Subject: [PATCH] Post linking using >>#### and some minor fixes

---
 imgboard.php           | 15 +++++-----
 inc/database_mysql.php | 64 ++++++++++++++++++++++++++++--------------
 inc/functions.php      | 12 ++++++++
 3 files changed, 63 insertions(+), 28 deletions(-)

diff --git a/imgboard.php b/imgboard.php
index 7cd69f8..99e9231 100644
--- a/imgboard.php
+++ b/imgboard.php
@@ -55,15 +55,16 @@ $redirect = true;
 if (isset($_POST["message"]) || isset($_POST["file"])) {
 	list($loggedin, $isadmin) = manageCheckLogIn();
 	$modpost = isModPost();
-	checkBanned();
-	checkFlood();
-	
-	if (strlen($_POST["message"]) > 8000) {
-		fancyDie("Please shorten your message, or post it in multiple parts. Your message is " . strlen($_POST["message"]) . " characters long, and the maximum allowed is 8000.");
+	if (!$loggedin) {
+		checkBanned();
+		checkFlood();
+		if (strlen($_POST["message"]) > 8000) {
+			fancyDie("Please shorten your message, or post it in multiple parts. Your message is " . strlen($_POST["message"]) . " characters long, and the maximum allowed is 8000.");
+		}
 	}
 	
 	$post = newPost();
-	$post['parent'] =setParent();
+	$post['parent'] = setParent();
 	$post['ip'] = $_SERVER['REMOTE_ADDR'];
 	
 	list($post['name'], $post['tripcode']) = nameAndTripcode($_POST["name"]);
@@ -76,7 +77,7 @@ if (isset($_POST["message"]) || isset($_POST["file"])) {
 		$post['message'] = $_POST["message"]; // Treat message as raw HTML
 	} else {
 		$modposttext = '';
-		$post['message'] = str_replace("\n", "<br>", colorQuote(cleanString(rtrim($_POST["message"]))));
+		$post['message'] = str_replace("\n", "<br>", colorQuote(postLink(cleanString(rtrim($_POST["message"])))));
 	}
 	$post['password'] = ($_POST['password'] != '') ? md5(md5($_POST['password'])) : '';
 	if (strtolower($post['email']) == "noko") {
diff --git a/inc/database_mysql.php b/inc/database_mysql.php
index 3c06449..2fb6876 100644
--- a/inc/database_mysql.php
+++ b/inc/database_mysql.php
@@ -62,8 +62,10 @@ function uniquePosts() {
 
 function postByID($id) {
 	$result = mysql_query("SELECT * FROM `" . TINYIB_DBPOSTS . "` WHERE `id` = '" . mysql_real_escape_string($id) . "' LIMIT 1");
-	while ($post = mysql_fetch_assoc($result)) {
-		return $post;
+	if ($result) {
+		while ($post = mysql_fetch_assoc($result)) {
+			return $post;
+		}
 	}
 }
 
@@ -87,8 +89,10 @@ function countThreads() {
 function allThreads() {	
 	$threads = array();
 	$result = mysql_query("SELECT * FROM `" . TINYIB_DBPOSTS . "` WHERE `parent` = 0 ORDER BY `bumped` DESC");
-	while ($thread = mysql_fetch_assoc($result)) {
-		$threads[] = $thread;
+	if ($result) {
+		while ($thread = mysql_fetch_assoc($result)) {
+			$threads[] = $thread;
+		}
 	}
 	return $threads;
 }
@@ -96,8 +100,10 @@ function allThreads() {
 function postsInThreadByID($id) {	
 	$posts = array();
 	$result = mysql_query("SELECT * FROM `" . TINYIB_DBPOSTS . "` WHERE `id` = " . $id . " OR `parent` = " . $id . " ORDER BY `id` ASC");
-	while ($post = mysql_fetch_assoc($result)) {
-		$posts[] = $post;
+	if ($result) {
+		while ($post = mysql_fetch_assoc($result)) {
+			$posts[] = $post;
+		}
 	}
 	return $posts;
 }
@@ -105,8 +111,10 @@ function postsInThreadByID($id) {
 function latestRepliesInThreadByID($id) {	
 	$posts = array();
 	$replies = mysql_query("SELECT * FROM `" . TINYIB_DBPOSTS . "` WHERE `parent` = " . $id . " ORDER BY `id` DESC LIMIT 3");
+	if ($replies) {
 		while ($post = mysql_fetch_assoc($replies)) {
-		$posts[] = $post;
+			$posts[] = $post;
+		}
 	}
 	return $posts;
 }
@@ -114,8 +122,10 @@ function latestRepliesInThreadByID($id) {
 function postsByHex($hex) {	
 	$posts = array();
 	$result = mysql_query("SELECT `id`, `parent` FROM `" . TINYIB_DBPOSTS . "` WHERE `file_hex` = '" . mysql_real_escape_string($hex) . "' LIMIT 1");
-	while ($post = mysql_fetch_assoc($result)) {
-		$posts[] = $post;
+	if ($result) {
+		while ($post = mysql_fetch_assoc($result)) {
+			$posts[] = $post;
+		}
 	}
 	return $posts;
 }
@@ -142,39 +152,49 @@ function deletePostByID($id) {
 function trimThreads() {
 	if (TINYIB_MAXTHREADS > 0) {
 		$result = mysql_query("SELECT `id` FROM `" . TINYIB_DBPOSTS . "` WHERE `parent` = 0 ORDER BY `bumped` DESC LIMIT " . TINYIB_MAXTHREADS. ", 10");
-		while ($post = mysql_fetch_assoc($result)) {
-			deletePostByID($post['id']);
+		if ($result) {
+			while ($post = mysql_fetch_assoc($result)) {
+				deletePostByID($post['id']);
+			}
 		}
 	}
 }
 
 function lastPostByIP() {	
 	$replies = mysql_query("SELECT * FROM `" . TINYIB_DBPOSTS . "` WHERE `ip` = '" . $_SERVER['REMOTE_ADDR'] . "' ORDER BY `id` DESC LIMIT 1");
-	while ($post = mysql_fetch_assoc($replies)) {
-		return $post;
+	if ($replies) {
+		while ($post = mysql_fetch_assoc($replies)) {
+			return $post;
+		}
 	}
 }
 
 # Ban Functions
 function banByID($id) {
 	$result = mysql_query("SELECT * FROM `" . TINYIB_DBBANS . "` WHERE `id` = '" . mysql_real_escape_string($id) . "' LIMIT 1");
-	while ($ban = mysql_fetch_assoc($result)) {
-		return $ban;
+	if ($result) {
+		while ($ban = mysql_fetch_assoc($result)) {
+			return $ban;
+		}
 	}
 }
 
 function banByIP($ip) {
 	$result = mysql_query("SELECT * FROM `" . TINYIB_DBBANS . "` WHERE `ip` = '" . mysql_real_escape_string($ip) . "' LIMIT 1");
-	while ($ban = mysql_fetch_assoc($result)) {
-		return $ban;
+	if ($result) {
+		while ($ban = mysql_fetch_assoc($result)) {
+			return $ban;
+		}
 	}
 }
 
 function allBans() {
 	$bans = array();
 	$result = mysql_query("SELECT * FROM `" . TINYIB_DBBANS . "` ORDER BY `timestamp` DESC");
-	while ($ban = mysql_fetch_assoc($result)) {
-		$bans[] = $ban;
+	if ($result) {
+		while ($ban = mysql_fetch_assoc($result)) {
+			$bans[] = $ban;
+		}
 	}
 	return $bans;
 }
@@ -186,8 +206,10 @@ function insertBan($ban) {
 
 function clearExpiredBans() {
 	$result = mysql_query("SELECT * FROM `" . TINYIB_DBBANS . "` WHERE `expire` > 0 AND `expire` <= " . time());
-	while ($ban = mysql_fetch_assoc($result)) {
-		mysql_query("DELETE FROM `" . TINYIB_DBBANS . "` WHERE `id` = " . $ban['id'] . " LIMIT 1");
+	if ($result) {
+		while ($ban = mysql_fetch_assoc($result)) {
+			mysql_query("DELETE FROM `" . TINYIB_DBBANS . "` WHERE `id` = " . $ban['id'] . " LIMIT 1");
+		}
 	}
 }
 
diff --git a/inc/functions.php b/inc/functions.php
index 222f68e..d599089 100644
--- a/inc/functions.php
+++ b/inc/functions.php
@@ -153,6 +153,18 @@ function fixLinksInRes($html) {
 	return str_replace($search, $replace, $html);
 }
 
+function _postLink($matches) {
+	$post = postByID($matches[1]);
+	if ($post) {
+		return '<a href="res/' . ($post['parent'] == 0 ? $post['id'] : $post['parent']) . '.html#' . $matches[1] . '">' . $matches[0] . '</a>';
+	}
+	return $matches[0];
+}
+
+function postLink($message) {
+	return preg_replace_callback('/&gt;&gt;([0-9]+)/', '_postLink', $message);
+}
+
 function colorQuote($message) {
 	if (substr($message, -1, 1) != "\n") { $message .= "\n"; }
 	return preg_replace('/^(&gt;[^\>](.*))\n/m', '<span class="unkfunc">\\1</span>' . "\n", $message);