diff --git a/create.php b/create.php index f01a97cb..4319ea70 100644 --- a/create.php +++ b/create.php @@ -3,13 +3,33 @@ include "inc/functions.php"; include "inc/lib/ayah/ayah.php"; include "inc/mod/auth.php"; +$cbRecaptcha = false; +//don't load recaptcha LIB unless its enabled! +if ($config['cbRecaptcha']){ +$cbRecaptcha = true; +include "inc/lib/recaptcha/recaptchalib.php"; +} + + checkBan('*'); $bannedWords = array('/^cake$/', '8ch', '/^cp$/', 'child', '/^inc$/', '/^static$/', '/^templates$/', '/^js$/', '/^stylesheets$/', '/^tools$/'); -$ayah = new AYAH(); +$ayah = (($config['ayah_enabled']) ? new AYAH() : false); if (!isset($_POST['uri'], $_POST['title'], $_POST['subtitle'], $_POST['username'], $_POST['password'])) { -$publisher_html = $ayah->getPublisherHTML(); +if (!$ayah){ + $game_html = ''; +} else { + $game_html = 'Game' . $ayah->getPublisherHTML() . ''; +} + +if (!$cbRecaptcha){ + $recapcha_html = ''; +} else { + $recapcha_html = 'reCaptcha' . recaptcha_get_html($config['recaptcha_public']) . ''; +} + + $password = base64_encode(openssl_random_pseudo_bytes(9)); $body = <<Subtitle (must be < 200 chars) Username (must contain only alphanumeric, periods and underscores) Password (write this down) -Game{$publisher_html} +{$game_html} +{$recapcha_html} @@ -38,8 +59,27 @@ $title = $_POST['title']; $subtitle = $_POST['subtitle']; $username = $_POST['username']; $password = $_POST['password']; -$score = $ayah->scoreResult(); + $resp = ($cbRecaptcha) ? recaptcha_check_answer ($config['recaptcha_private'], + $_SERVER["REMOTE_ADDR"], + $_POST["recaptcha_challenge_field"], + $_POST["recaptcha_response_field"]):false; + +if ($resp != false){ +$passedCaptcha = $resp->is_valid; +} else { +$passedCaptcha = true; +} + +if (!$ayah){ +$score = true; +} else { +$score = $ayah->scoreResult(); +} +if (!$score) + error('You failed the game'); +if (!$passedCaptcha) + error('You failed to enter the reCaptcha correctly'); if (!preg_match('/^[a-z0-9]{1,10}$/', $uri)) error('Invalid URI'); if (!(strlen($title) < 40)) @@ -48,8 +88,7 @@ if (!(strlen($subtitle) < 200)) error('Invalid subtitle'); if (!preg_match('/^[a-zA-Z0-9._]{1,30}$/', $username)) error('Invalid username'); -if (!$score) - error('You failed the game'); + foreach (listBoards() as $i => $board) { if ($board['uri'] == $uri) error('Board already exists!'); @@ -64,12 +103,13 @@ foreach ($bannedWords as $i => $w) { error("Cannot create board matching banned pattern $w"); } } -$query = prepare('SELECT * FROM ``mods``'); +$query = prepare('SELECT ``username`` FROM ``mods`` WHERE ``username`` = :username'); +$query->bindValue(':username', $username); $query->execute() or error(db_error($query)); $users = $query->fetchAll(PDO::FETCH_ASSOC); -foreach ($users as $i => $user) { - if ($user['username'] == $username) - error('Username taken!'); + +if (sizeof($users) > 0){ +error('The username you\'ve tried to enter already exists!'); } $salt = generate_salt(); @@ -112,9 +152,10 @@ $body = <<Make sure you don't forget your password, {$_POST['password']}!

-

You can manage your site at http://8chan.co/mod.php?/.

+

You can manage your board at http://8chan.co/mod.php?/.

EOT; echo Element("page.html", array("config" => $config, "body" => $body, "title" => "Success", "subtitle" => "This was a triumph")); } +?> \ No newline at end of file diff --git a/inc/api.php b/inc/api.php index a8ae9eed..3769a9c9 100644 --- a/inc/api.php +++ b/inc/api.php @@ -41,8 +41,8 @@ class Api { ); $this->fileFields = array( - 'thumbheight' => 'tn_w', - 'thumbwidth' => 'tn_h', + 'thumbheight' => 'tn_h', + 'thumbwidth' => 'tn_w', 'height' => 'w', 'width' => 'h', 'size' => 'fsize', @@ -113,6 +113,7 @@ class Api { $apiPost['ext'] = substr($file->file, $dotPos); $dotPos = strrpos($file->file, '.'); $apiPost['tim'] = substr($file->file, 0, $dotPos); + $apiPost['md5'] = base64_encode(md5_file($file->file_path, true)); } return $apiPost; diff --git a/inc/config.php b/inc/config.php index e88f4935..8fd42f87 100644 --- a/inc/config.php +++ b/inc/config.php @@ -277,8 +277,21 @@ 'no_country' ); + + + /* Uses are you a human to stop automated requests to make boards disabled by default + * if you wish to use 'are you a human' to block automated board creation requests + + * to use AYAH you must enter your 'AYAH_PUBLISHER_KEY' and your 'AYAH_SCORING_KEY' in + * the configuration file for AYAH. The config file for AYAH + * is located in the following directory:'/inc/lib/ayah/ayah_config.php' + */ + $config['ayah_enabled'] = false; + // Enable reCaptcha to make spam even harder. Rarely necessary. $config['recaptcha'] = false; + // Enable reCaptcha on create.php to prevent automated requests. + $config['cbRecaptcha'] = false; // Public and private key pair from https://www.google.com/recaptcha/admin/create $config['recaptcha_public'] = '6LcXTcUSAAAAAKBxyFWIt2SO8jwx4W7wcSMRoN3f'; diff --git a/inc/instance-config.php b/inc/instance-config.php index 2f014fa9..132f40e9 100644 --- a/inc/instance-config.php +++ b/inc/instance-config.php @@ -80,6 +80,7 @@ $config['mod']['recent_reports'] = 65535; // Board shit + $config['ayah_enabled'] = true; $config['url_banner'] = '/banners.php'; //$config['default_stylesheet'] = array('Notsuba', 'notsuba.css'); $config['additional_javascript'][] = 'js/jquery.min.js'; @@ -91,7 +92,8 @@ $config['additional_javascript'][] = 'js/favorites.js'; $config['additional_javascript'][] = 'js/show-op.js'; $config['additional_javascript'][] = 'js/hide-threads.js'; - //$config['additional_javascript'][] = 'js/smartphone-spoiler.js'; + $config['additional_javascript'][] = 'js/mobile-style.js' + $config['additional_javascript'][] = 'js/smartphone-spoiler.js'; $config['additional_javascript'][] = 'js/inline-expanding.js'; $config['additional_javascript'][] = 'js/show-backlinks.js'; $config['additional_javascript'][] = 'js/catalog-link.js'; @@ -116,6 +118,7 @@ $config['additional_javascript'][] = 'js/forced-anon.js'; $config['additional_javascript'][] = 'js/toggle-locked-threads.js'; $config['additional_javascript'][] = 'js/toggle-images.js'; + $config['additional_javascript'][] = 'js/threadscroll.js'; $config['font_awesome_css'] = '//netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css'; @@ -127,7 +130,7 @@ $config['markup'][] = array("/\[spoiler\](.+?)\[\/spoiler\]/", "\$1"); $config['markup'][] = array("/~~(.+?)~~/", "\$1"); - $config['boards'] = array(array('' => '/', '' => '/boards.html', '' => '/faq.html', '' => '/random.php', '' => '/create.php', '' => '/search.php', '' => '/mod.php', '' => 'https://qchat.rizon.net/?channels=#8chan'), array('b', 'meta', 'int'), array('v', 'a', 'tg', 'fit', 'pol', 'tech', 'mu', 'co', 'sp', 'boards'), array(''=>'https://twitter.com/infinitechan')); + $config['boards'] = array(array('' => '/', '' => '/boards.html', '' => '/faq.html', '' => '/random.php', '' => '/create.php', '' => '/search.php', '' => '/mod.php', '' => 'https://qchat.rizon.net/?channels=#8chan'), array('b', 'meta', 'int'), array('v', 'a', 'tg', 'fit', 'pol', 'tech', 'mu', 'co', 'sp', 'boards'), array(''=>'https://twitter.com/infinitechan')); $config['footer'][] = 'Contribute to 8chan.co development at github'; $config['footer'][] = 'To make a DMCA request or report illegal content, please email admin@8chan.co or use the "Global Report" functionality on every page.'; diff --git a/inc/mod/pages.php b/inc/mod/pages.php index f7ccf1a6..ae841c7c 100644 --- a/inc/mod/pages.php +++ b/inc/mod/pages.php @@ -1799,12 +1799,25 @@ function mod_user($uid) { $log = array(); } + if ($mod['type'] >= ADMIN){ + $boards = listBoards(); + } else { + $boards2 = explode(',', $user['boards']); + + foreach($boards2 as $string){ + + $boards[] = array("uri"=>$string, "title"=>"MY BOARD"); + + } + + + } $user['boards'] = explode(',', $user['boards']); mod_page(_('Edit user'), 'mod/user.html', array( 'user' => $user, 'logs' => $log, - 'boards' => listBoards(), + 'boards' => $boards, 'token' => make_secure_link_token('users/' . $user['id']) )); } diff --git a/install.sql b/install.sql index 969107a2..b8d95444 100644 --- a/install.sql +++ b/install.sql @@ -68,6 +68,11 @@ CREATE TABLE IF NOT EXISTS `boards` ( PRIMARY KEY (`uri`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8mb4; +CREATE TABLE IF NOT EXISTS `board_create` ( + `time` text NOT NULL, + `uri` text NOT NULL +) ENGINE=InnoDB DEFAULT CHARSET=utf8; + -- -- Dumping data for table `boards` -- @@ -220,6 +225,7 @@ CREATE TABLE IF NOT EXISTS `reports` ( `board` varchar(58) CHARACTER SET utf8 DEFAULT NULL, `post` int(11) NOT NULL, `reason` text NOT NULL, + `global` tinyint(1) NOT NULL DEFAULT '0', PRIMARY KEY (`id`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8mb4 AUTO_INCREMENT=1 ; diff --git a/js/auto-reload.js b/js/auto-reload.js index 4e786be1..bfb54d6e 100644 --- a/js/auto-reload.js +++ b/js/auto-reload.js @@ -16,8 +16,16 @@ * */ + +au = false; auto_reload_enabled = true; // for watch.js to interop +function makeIcon(){ + if(au) return; + au = true; + $("link[rel='icon']").attr("href", "../static/favicon_au.png"); +} + $(document).ready(function(){ if($('div.banner').length == 0) return; // not index @@ -28,7 +36,7 @@ $(document).ready(function(){ var poll_interval; // Add an update link - $('.boardlist.bottom').prev().after("["+_("Update thread")+"]"); + $('.boardlist.bottom').prev().after("["+_("Update thread")+"] ()"); // Grab the settings var settings = new script_settings('auto-reload'); @@ -39,6 +47,7 @@ $(document).ready(function(){ // number of ms to wait before reloading var poll_interval_delay = poll_interval_mindelay_bottom; + var poll_current_time = poll_interval_delay; var end_of_page = false; @@ -70,6 +79,14 @@ $(document).ready(function(){ window_active = false; }); + var timer_update = function() { + $('#update_secs').text(poll_current_time/1000); + } + + var decrement_timer = function() { + poll_current_time = poll_current_time - 1000; + } + var recheck_activated = function() { if (new_posts && window_active && $(window).scrollTop() + $(window).height() >= @@ -89,6 +106,7 @@ $(document).ready(function(){ if($('#' + id).length == 0) { if (!new_posts) { first_new_post = this; + makeIcon(); } $(this).insertAfter($('div.post:last').next()).after('
'); new_posts++; @@ -117,6 +135,7 @@ $(document).ready(function(){ } poll_interval = setTimeout(poll, poll_interval_delay); + poll_current_time = poll_interval_delay; }; $(window).scroll(function() { @@ -130,11 +149,15 @@ $(document).ready(function(){ clearTimeout(poll_interval); poll_interval = setTimeout(poll, poll_interval_shortdelay); + poll_current_time = poll_interval_shortdelay; end_of_page = true; }).trigger('scroll'); $('#update_thread').on('click', poll); + setInterval(timer_update, 1000); + setInterval(decrement_timer, 1000); - poll_interval = setTimeout(poll, poll_interval_delay); + poll_interval = setInterval(poll, poll_interval_delay); + timer_update(); }); diff --git a/js/image-hover.js b/js/image-hover.js new file mode 100644 index 00000000..c752a2cf --- /dev/null +++ b/js/image-hover.js @@ -0,0 +1,98 @@ +/* + Copyright (C) 2014 undido + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . + expands images and webm on hover +*/ + +$(document).ready(function(){ + var mouseisOnImage = false; + var mouseexitedImage = false; + var imageHover = (localStorage['imagehover']) ? true:false; + + imageHover = !imageHover; + + var imageEnter = function(){ + if (!imageHover) + return; + + mouseexitedImage = false; + mouseisOnImage = false; + + isVideo = (($(this).prop("tagName") == "VIDEO") ? true:($(this).parent().attr("href").indexOf("player.php?v=") > -1) ? true:false); + maxWidth = document.body.offsetWidth-(document.body.offsetWidth * 0.25); + maxHeight = document.documentElement.clientHeight; + stylez = "z-index:1000;z-index: 1000;position: fixed;top: 0;right: 0;"; + if (!isVideo){ + fileInfo = $(this).parent().parent().children(".fileinfo").children(".unimportant").text(); + isSpoiler = (fileInfo.indexOf("Spoiler") > -1) ? true:false; + imageD = ((isSpoiler) ? fileInfo.split(",")[2]:fileInfo.split(",")[1]); + imageWidth = parseInt(imageD.split("x")[0]); + imageHeight = parseInt(imageD.split("x")[1]); + + widStyle = "max-width:" + maxWidth + "px;"; + heiStyle = ((maxHeight < imageHeight) ? "height:"+maxHeight+"px;":""); + $imgH = $("", {"src":$(this).parent().attr("href"), "style":stylez + ((imageWidth > maxWidth) ? widStyle:"")+heiStyle, "id":"hover-image"}); + } else { + fileInfo = $(this).parent().parent().children(".fileinfo").children(".unimportant").text(); + isSpoiler = (fileInfo.indexOf("Spoiler") > -1) ? true:false; + imageD = ((isSpoiler) ? fileInfo.split(",")[2]:fileInfo.split(",")[1]); + videoWidth = parseInt(imageD.split("x")[0]); + videoHeight = parseInt(imageD.split("x")[1]); + + widStyle = "width:" + ((maxWidth > videoWidth) ? videoWidth:maxWidth) + "px;" + "height:" + ((maxHeight < videoHeight) ? "100%": videoHeight+"px;"); + $imgH = $("