diff --git a/imgboard.php b/imgboard.php
index d3d59f5..99bab4f 100644
--- a/imgboard.php
+++ b/imgboard.php
@@ -230,9 +230,11 @@ if (!isset($_GET['delete']) && !isset($_GET['manage']) && (isset($_POST['name'])
if (!$loggedin) {
checkCAPTCHA(TINYIB_CAPTCHA);
checkBanned();
- checkMessageSize();
checkFlood();
}
+ if (!$rawpost) {
+ checkMessageSize();
+ }
$post = newPost(setParent());
$hide_fields = $post['parent'] == TINYIB_NEWTHREAD ? $tinyib_hidefieldsop : $tinyib_hidefields;
@@ -250,12 +252,21 @@ if (!isset($_GET['delete']) && !isset($_GET['manage']) && (isset($_POST['name'])
if ($rawpost || !in_array('name', $hide_fields)) {
list($post['name'], $post['tripcode']) = nameAndTripcode($_POST['name']);
$post['name'] = cleanString(substr($post['name'], 0, 75));
+ if (!$rawpost && TINYIB_MAXNAME > 0) {
+ $post['name'] = substr($post['name'], 0, TINYIB_MAXNAME);
+ }
}
if ($rawpost || !in_array('email', $hide_fields)) {
$post['email'] = cleanString(str_replace('"', '"', substr($_POST['email'], 0, 75)));
+ if (!$rawpost && TINYIB_MAXEMAIL > 0) {
+ $post['email'] = substr($post['email'], 0, TINYIB_MAXEMAIL);
+ }
}
if ($rawpost || !in_array('subject', $hide_fields)) {
$post['subject'] = cleanString(substr($_POST['subject'], 0, 75));
+ if (!$rawpost && TINYIB_MAXSUBJECT > 0) {
+ $post['subject'] = substr($post['subject'], 0, TINYIB_MAXSUBJECT);
+ }
}
if ($rawpost || !in_array('message', $hide_fields)) {
$post['message'] = $_POST['message'];
diff --git a/inc/defines.php b/inc/defines.php
index 30a29c9..bbe4645 100644
--- a/inc/defines.php
+++ b/inc/defines.php
@@ -19,6 +19,18 @@ if (!defined('TINYIB_INDEX')) {
if (!defined('TINYIB_MAXREPLIES')) {
define('TINYIB_MAXREPLIES', 0);
}
+if (!defined('TINYIB_MAXNAME')) {
+ define('TINYIB_MAXNAME', 75);
+}
+if (!defined('TINYIB_MAXEMAIL')) {
+ define('TINYIB_MAXEMAIL', 320);
+}
+if (!defined('TINYIB_MAXSUBJECT')) {
+ define('TINYIB_MAXSUBJECT', 75);
+}
+if (!defined('TINYIB_MAXMESSAGE')) {
+ define('TINYIB_MAXMESSAGE', 8000);
+}
if (!defined('TINYIB_MAXWOP')) {
define('TINYIB_MAXWOP', TINYIB_MAXW);
}
diff --git a/inc/functions.php b/inc/functions.php
index 185e192..0bb911b 100644
--- a/inc/functions.php
+++ b/inc/functions.php
@@ -307,8 +307,8 @@ function checkFlood() {
}
function checkMessageSize() {
- if (strlen($_POST["message"]) > 8000) {
- fancyDie(sprintf(__('Please shorten your message, or post it in multiple parts. Your message is %1$d characters long, and the maximum allowed is %2$d.'), strlen($_POST["message"]), 8000));
+ if (TINYIB_MAXMESSAGE > 0 && strlen($_POST['message']) > TINYIB_MAXMESSAGE) {
+ fancyDie(sprintf(__('Please shorten your message, or post it in multiple parts. Your message is %1$d characters long, and the maximum allowed is %2$d.'), strlen($_POST['message']), TINYIB_MAXMESSAGE));
}
}
diff --git a/inc/html.php b/inc/html.php
index f6b71ae..b98ea85 100644
--- a/inc/html.php
+++ b/inc/html.php
@@ -91,6 +91,23 @@ function buildPostForm($parent, $raw_post = false) {
$form_extra = '$txt_info_2
-
@@ -255,7 +277,7 @@ EOF;
$txt_email
-
@@ -269,7 +291,7 @@ EOF;
$txt_subject
-
@@ -283,7 +305,7 @@ EOF;
$txt_message
-
+
EOF;
diff --git a/settings.default.php b/settings.default.php
index 9368de5..9a0bdec 100644
--- a/settings.default.php
+++ b/settings.default.php
@@ -47,6 +47,10 @@ $tinyib_capcodes = array(array('Admin', 'red'), array('Mod', 'purple')); // Admi
define('TINYIB_DELAY', 30); // Delay (in seconds) between posts from the same IP address to help control flooding [0 to disable]
define('TINYIB_MAXTHREADS', 100); // Oldest threads are discarded when the thread count passes this limit [0 to disable]
define('TINYIB_MAXREPLIES', 0); // Maximum replies before a thread stops bumping [0 to disable]
+define('TINYIB_MAXNAME', 75); // Maximum name length [0 to disable]
+define('TINYIB_MAXEMAIL', 320); // Maximum email length [0 to disable]
+define('TINYIB_MAXSUBJECT', 75); // Maximum subject length [0 to disable]
+define('TINYIB_MAXMESSAGE', 8000); // Maximum message length [0 to disable]
// Upload types
// Empty array to disable