From 3515b56a566d8b56176d5e60f827cc8a7f66be4e Mon Sep 17 00:00:00 2001 From: 8chan Date: Wed, 24 Sep 2014 20:17:59 +0000 Subject: [PATCH 01/36] Add extra non-synced file for 8chan.co secrets (passwords etc) From 102559751a499642dd3f04a7b1313100e6a81543 Mon Sep 17 00:00:00 2001 From: 8chan Date: Wed, 24 Sep 2014 20:19:58 +0000 Subject: [PATCH 02/36] Require secrets.php --- inc/instance-config.php | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/inc/instance-config.php b/inc/instance-config.php index e2410fea..2f014fa9 100644 --- a/inc/instance-config.php +++ b/inc/instance-config.php @@ -7,9 +7,8 @@ * * You can copy values from config.php (defaults) and paste them here. */ -require_once "lib/htmlpurifier-4.5.0/library/HTMLPurifier.auto.php"; -require_once "8chan-functions.php"; - + require_once "lib/htmlpurifier-4.5.0/library/HTMLPurifier.auto.php"; + require_once "8chan-functions.php"; $config['db']['server'] = 'localhost'; $config['db']['database'] = '8chan'; @@ -43,6 +42,8 @@ require_once "8chan-functions.php"; $config['thread_subject_in_title'] = true; $config['spam']['hidden_inputs_max_pass'] = 128; + require_once "secrets.php"; + // Image shit $config['thumb_method'] = 'gm+gifsicle'; $config['thumb_ext'] = ''; From 9d8ba968cb1b2f4bf0419d7d11860768f3a7e467 Mon Sep 17 00:00:00 2001 From: 8chan Date: Wed, 24 Sep 2014 20:23:38 +0000 Subject: [PATCH 03/36] Include secrets file. --- inc/instance-config.php | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/inc/instance-config.php b/inc/instance-config.php index e2410fea..2f014fa9 100644 --- a/inc/instance-config.php +++ b/inc/instance-config.php @@ -7,9 +7,8 @@ * * You can copy values from config.php (defaults) and paste them here. */ -require_once "lib/htmlpurifier-4.5.0/library/HTMLPurifier.auto.php"; -require_once "8chan-functions.php"; - + require_once "lib/htmlpurifier-4.5.0/library/HTMLPurifier.auto.php"; + require_once "8chan-functions.php"; $config['db']['server'] = 'localhost'; $config['db']['database'] = '8chan'; @@ -43,6 +42,8 @@ require_once "8chan-functions.php"; $config['thread_subject_in_title'] = true; $config['spam']['hidden_inputs_max_pass'] = 128; + require_once "secrets.php"; + // Image shit $config['thumb_method'] = 'gm+gifsicle'; $config['thumb_ext'] = ''; From eee2cf82d48a43ce3201b7154e6939a09f7441be Mon Sep 17 00:00:00 2001 From: TheHowl Date: Wed, 24 Sep 2014 22:35:59 +0200 Subject: [PATCH 04/36] Make ayah optional --- create.php | 16 ++++++++++------ inc/config.php | 4 ++++ 2 files changed, 14 insertions(+), 6 deletions(-) diff --git a/create.php b/create.php index f01a97cb..6a91ba00 100644 --- a/create.php +++ b/create.php @@ -1,15 +1,17 @@ getPublisherHTML(); +$publisher_html = ($config["use_ayah"] ? "Game" . $ayah->getPublisherHTML() . "" : ""); $password = base64_encode(openssl_random_pseudo_bytes(9)); $body = <<Subtitle (must be < 200 chars) Username (must contain only alphanumeric, periods and underscores) Password (write this down) -Game{$publisher_html} +{$publisher_html}
@@ -38,7 +40,9 @@ $title = $_POST['title']; $subtitle = $_POST['subtitle']; $username = $_POST['username']; $password = $_POST['password']; -$score = $ayah->scoreResult(); +if ($config["use_ayah"]) { + $score = $ayah->scoreResult(); +} if (!preg_match('/^[a-z0-9]{1,10}$/', $uri)) error('Invalid URI'); @@ -48,7 +52,7 @@ if (!(strlen($subtitle) < 200)) error('Invalid subtitle'); if (!preg_match('/^[a-zA-Z0-9._]{1,30}$/', $username)) error('Invalid username'); -if (!$score) +if ($config["use_ayah"] && !$score) error('You failed the game'); foreach (listBoards() as $i => $board) { if ($board['uri'] == $uri) diff --git a/inc/config.php b/inc/config.php index e5216470..855a0be1 100644 --- a/inc/config.php +++ b/inc/config.php @@ -1616,3 +1616,7 @@ ''. ''. ''; + + // Set to true to use ayah. Requires to set inc/lib/ayah/ayah_config.php! + // Ayah is highly reccommended (it's also used only for creating boards) + $config["use_ayah"] = false; \ No newline at end of file From e092f5ad38b4f037e7c09b9600d01c9bf1ed0fe8 Mon Sep 17 00:00:00 2001 From: TheHowl Date: Wed, 24 Sep 2014 23:07:36 +0200 Subject: [PATCH 05/36] oh hey look I just fixed #8 search.php It was just a typo, an horrible typo. --- search.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/search.php b/search.php index 394aa3ff..71f4ae5e 100644 --- a/search.php +++ b/search.php @@ -15,7 +15,7 @@ $boards = listBoards(TRUE); } - $body = Element('search_form.html', Array('boards' => $boards, 'board' => isset($_GET['board']) ? $_GET['board'] : false, 'search' => isset($_GET['search']) ? str_replace('"', '"', utf8tohtml($_GET['search'])) : false)); + $body = Element('search_form.html', Array('boards' => $boards, 'b' => isset($_GET['board']) ? $_GET['board'] : false, 'search' => isset($_GET['search']) ? str_replace('"', '"', utf8tohtml($_GET['search'])) : false)); if(isset($_GET['search']) && !empty($_GET['search']) && isset($_GET['board']) && in_array($_GET['board'], $boards)) { $phrase = $_GET['search']; From 416a48838ca4f34d64f58a226f00d45a173a2a9e Mon Sep 17 00:00:00 2001 From: 8chan Date: Wed, 24 Sep 2014 21:29:12 +0000 Subject: [PATCH 06/36] Add timer to auto reload js --- inc/secrets.php | 4 ++++ js/auto-reload.js | 18 ++++++++++++++++-- 2 files changed, 20 insertions(+), 2 deletions(-) create mode 100644 inc/secrets.php diff --git a/inc/secrets.php b/inc/secrets.php new file mode 100644 index 00000000..b5d51a7c --- /dev/null +++ b/inc/secrets.php @@ -0,0 +1,4 @@ +["+_("Update thread")+"]"); + $('.boardlist.bottom').prev().after("["+_("Update thread")+"] ()"); // Grab the settings var settings = new script_settings('auto-reload'); @@ -39,6 +39,7 @@ $(document).ready(function(){ // number of ms to wait before reloading var poll_interval_delay = poll_interval_mindelay_bottom; + var poll_current_time = poll_interval_delay; var end_of_page = false; @@ -70,6 +71,14 @@ $(document).ready(function(){ window_active = false; }); + var timer_update = function() { + $('#update_secs').text(poll_current_time/1000); + } + + var decrement_timer = function() { + poll_current_time = poll_current_time - 1000; + } + var recheck_activated = function() { if (new_posts && window_active && $(window).scrollTop() + $(window).height() >= @@ -117,6 +126,7 @@ $(document).ready(function(){ } poll_interval = setTimeout(poll, poll_interval_delay); + poll_current_time = poll_interval_delay; }; $(window).scroll(function() { @@ -130,11 +140,15 @@ $(document).ready(function(){ clearTimeout(poll_interval); poll_interval = setTimeout(poll, poll_interval_shortdelay); + poll_current_time = poll_interval_shortdelay; end_of_page = true; }).trigger('scroll'); $('#update_thread').on('click', poll); + setInterval(timer_update, 1000); + setInterval(decrement_timer, 1000); - poll_interval = setTimeout(poll, poll_interval_delay); + poll_interval = setInterval(poll, poll_interval_delay); + timer_update(); }); From 14148b129243a9cdfa95b0298aaac9fcf668c9cf Mon Sep 17 00:00:00 2001 From: anonfagola Date: Wed, 24 Sep 2014 16:54:49 -0700 Subject: [PATCH 07/36] Made threadscroll.js a default additional JS --- inc/instance-config.php | 1 + 1 file changed, 1 insertion(+) diff --git a/inc/instance-config.php b/inc/instance-config.php index 2f014fa9..51e79716 100644 --- a/inc/instance-config.php +++ b/inc/instance-config.php @@ -116,6 +116,7 @@ $config['additional_javascript'][] = 'js/forced-anon.js'; $config['additional_javascript'][] = 'js/toggle-locked-threads.js'; $config['additional_javascript'][] = 'js/toggle-images.js'; + $config['additional_javascript'][] = 'js/threadscroll.js'; $config['font_awesome_css'] = '//netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css'; From 1187e6865f3ba02d67de380867a27bb2f5edfd2c Mon Sep 17 00:00:00 2001 From: anonfagola Date: Wed, 24 Sep 2014 17:10:04 -0700 Subject: [PATCH 08/36] Update random.php As we are only using URIs, made it listBoards(true) for performance reasons. --- random.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/random.php b/random.php index 050b6c82..b1a74e0d 100644 --- a/random.php +++ b/random.php @@ -2,7 +2,7 @@ include "inc/functions.php"; -$boards = listBoards(); +$boards = listBoards(true); $board = array_rand($boards); -header('Location: /'.$boards[$board]["uri"]); +header('Location: /'.$boards[$board]); From 01e54d0fd21d7d62ad981623b77b5b77661dcc10 Mon Sep 17 00:00:00 2001 From: anonfagola Date: Wed, 24 Sep 2014 17:26:01 -0700 Subject: [PATCH 09/36] Update install.sql Fix https://github.com/ctrlcctrlv/8chan/issues/41 --- install.sql | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/install.sql b/install.sql index 969107a2..38c3c804 100644 --- a/install.sql +++ b/install.sql @@ -68,6 +68,11 @@ CREATE TABLE IF NOT EXISTS `boards` ( PRIMARY KEY (`uri`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8mb4; +CREATE TABLE IF NOT EXISTS `board_create` ( + `time` text NOT NULL, + `uri` text NOT NULL +) ENGINE=InnoDB DEFAULT CHARSET=utf8; + -- -- Dumping data for table `boards` -- From eb6a07c19a6c9d825b9ae89595329243cc87bac1 Mon Sep 17 00:00:00 2001 From: Bui Date: Thu, 25 Sep 2014 09:32:34 +0900 Subject: [PATCH 10/36] add global column to reports table --- install.sql | 1 + 1 file changed, 1 insertion(+) diff --git a/install.sql b/install.sql index 969107a2..7310014b 100644 --- a/install.sql +++ b/install.sql @@ -220,6 +220,7 @@ CREATE TABLE IF NOT EXISTS `reports` ( `board` varchar(58) CHARACTER SET utf8 DEFAULT NULL, `post` int(11) NOT NULL, `reason` text NOT NULL, + `global` tinyint(1) NOT NULL, PRIMARY KEY (`id`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8mb4 AUTO_INCREMENT=1 ; From b3532ba54610aeddb5ee661528953fc0b44bdf84 Mon Sep 17 00:00:00 2001 From: Bui Date: Thu, 25 Sep 2014 09:48:46 +0900 Subject: [PATCH 11/36] allow mods to bypass DNSBL checks --- post.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/post.php b/post.php index 88189572..9e1141a7 100644 --- a/post.php +++ b/post.php @@ -200,8 +200,6 @@ if (isset($_POST['delete'])) { if ($config['referer_match'] !== false && (!isset($_SERVER['HTTP_REFERER']) || !preg_match($config['referer_match'], rawurldecode($_SERVER['HTTP_REFERER'])))) error($config['error']['referer']); - - checkDNSBL(); // Check if banned checkBan($board['uri']); @@ -243,6 +241,9 @@ if (isset($_POST['delete'])) { $post['antispam_hash'] = checkSpam(array($board['uri'], isset($post['thread']) ? $post['thread'] : ($config['try_smarter'] && isset($_POST['page']) ? 0 - (int)$_POST['page'] : null))); if ($post['antispam_hash'] === true) error($config['error']['spam']); + + // Check DNSBL + checkDNSBL(); } if ($config['robot_enable'] && $config['robot_mute']) { From abbb6c282d525bd8c713c0967c86c3591cbde413 Mon Sep 17 00:00:00 2001 From: Bui Date: Thu, 25 Sep 2014 10:07:55 +0900 Subject: [PATCH 12/36] Revert "allow mods to bypass DNSBL checks" This reverts commit b3532ba54610aeddb5ee661528953fc0b44bdf84. --- post.php | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/post.php b/post.php index 9e1141a7..88189572 100644 --- a/post.php +++ b/post.php @@ -200,6 +200,8 @@ if (isset($_POST['delete'])) { if ($config['referer_match'] !== false && (!isset($_SERVER['HTTP_REFERER']) || !preg_match($config['referer_match'], rawurldecode($_SERVER['HTTP_REFERER'])))) error($config['error']['referer']); + + checkDNSBL(); // Check if banned checkBan($board['uri']); @@ -241,9 +243,6 @@ if (isset($_POST['delete'])) { $post['antispam_hash'] = checkSpam(array($board['uri'], isset($post['thread']) ? $post['thread'] : ($config['try_smarter'] && isset($_POST['page']) ? 0 - (int)$_POST['page'] : null))); if ($post['antispam_hash'] === true) error($config['error']['spam']); - - // Check DNSBL - checkDNSBL(); } if ($config['robot_enable'] && $config['robot_mute']) { From 5bbfc85c0c79f11d3f83a65ef969b241b98f0ca3 Mon Sep 17 00:00:00 2001 From: anonfagola Date: Wed, 24 Sep 2014 18:23:15 -0700 Subject: [PATCH 13/36] Added icon changing when thread updated. makeIcon should also have the little *bleep* sound. --- js/auto-reload.js | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/js/auto-reload.js b/js/auto-reload.js index 548d947e..633e1673 100644 --- a/js/auto-reload.js +++ b/js/auto-reload.js @@ -16,8 +16,16 @@ * */ + +au = false; auto_reload_enabled = true; // for watch.js to interop +function makeIcon(){ + if(au) return; + au = true; + $("link[rel='icon']").attr("href", "favicon_au.png"); +} + $(document).ready(function(){ if($('div.banner').length == 0) return; // not index @@ -98,6 +106,7 @@ $(document).ready(function(){ if($('#' + id).length == 0) { if (!new_posts) { first_new_post = this; + makeIcon(); } $(this).insertAfter($('div.post:last').next()).after('
'); new_posts++; From 170b498121886c2637cfab63b58bbe92b2f681d0 Mon Sep 17 00:00:00 2001 From: anonfagola Date: Wed, 24 Sep 2014 18:26:21 -0700 Subject: [PATCH 14/36] Added favicon for auto updating. --- static/favicon_au.png | Bin 0 -> 337 bytes 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 static/favicon_au.png diff --git a/static/favicon_au.png b/static/favicon_au.png new file mode 100644 index 0000000000000000000000000000000000000000..44baded7115e2731c8c45a11aeb1c63a2baefd2f GIT binary patch literal 337 zcmeAS@N?(olHy`uVBq!ia0vp^0wB!61|;P_|4#%`jKx9jP7LeL$-D$|SkfJR9T^xl z_H+M9WCij$3p^r=85sBugD~Uq{1qucL8%hgh?3y^w370~qEv=}#LT=BJwMkFg)(D3 zQ$0figD*u3fvOI8x;Tbd_%EICTJVs9KuhpinLgbBwurX5M;5R?eEX5ZfJgaPviif@ zsqZJ9mH0fpt-#fJ$0D&Ge*;54cV1`FdndYS)`KJ3jJdT6&zaA4%})uQ;9ADtRaGaO)?L&)RJtV>KOCuL)~aNNQ`Er|kXBf?MDfcalck zwG+Z>tPOX?iXuB~rMy?`G>D1XGC*&f+-p*y!i~!l%R(C;QT?R+ENz47y aIr4udJ{SFB!ukg27Y0vPKbLh*2~7ZY*nbrO literal 0 HcmV?d00001 From 25bf9f88f5caaa05d839cc85d3a2306eb1b1111e Mon Sep 17 00:00:00 2001 From: anonfagola Date: Wed, 24 Sep 2014 18:27:17 -0700 Subject: [PATCH 15/36] Update auto-reload.js Changed favicon_au.png to static/favicon_au.png --- js/auto-reload.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/js/auto-reload.js b/js/auto-reload.js index 633e1673..bfb54d6e 100644 --- a/js/auto-reload.js +++ b/js/auto-reload.js @@ -23,7 +23,7 @@ auto_reload_enabled = true; // for watch.js to interop function makeIcon(){ if(au) return; au = true; - $("link[rel='icon']").attr("href", "favicon_au.png"); + $("link[rel='icon']").attr("href", "../static/favicon_au.png"); } $(document).ready(function(){ From 69e749b57aa49c26a26aab962ab6d3f5c46e51b0 Mon Sep 17 00:00:00 2001 From: undido Date: Thu, 25 Sep 2014 06:11:36 -0300 Subject: [PATCH 16/36] Added global column to 'reports' table --- install.sql | 1 + 1 file changed, 1 insertion(+) diff --git a/install.sql b/install.sql index 38c3c804..b8d95444 100644 --- a/install.sql +++ b/install.sql @@ -225,6 +225,7 @@ CREATE TABLE IF NOT EXISTS `reports` ( `board` varchar(58) CHARACTER SET utf8 DEFAULT NULL, `post` int(11) NOT NULL, `reason` text NOT NULL, + `global` tinyint(1) NOT NULL DEFAULT '0', PRIMARY KEY (`id`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8mb4 AUTO_INCREMENT=1 ; From 667606cdb422d2ca2ddbdf638ea49de11614be73 Mon Sep 17 00:00:00 2001 From: undido Date: Thu, 25 Sep 2014 06:15:25 -0300 Subject: [PATCH 17/36] Closed off php tag in random.php --- random.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/random.php b/random.php index 050b6c82..fdd1e349 100644 --- a/random.php +++ b/random.php @@ -6,3 +6,5 @@ $boards = listBoards(); $board = array_rand($boards); header('Location: /'.$boards[$board]["uri"]); + +?> \ No newline at end of file From 9c0436269f97244a8d3c31b22c4d27d4774927b8 Mon Sep 17 00:00:00 2001 From: undido Date: Thu, 25 Sep 2014 06:58:44 -0300 Subject: [PATCH 18/36] disable ayah 'game' on create.php by default added option to turn it on in /inc/config.php with explaination on where to put private keys at --- create.php | 15 ++++++++++++--- inc/config.php | 15 +++++++++++++++ 2 files changed, 27 insertions(+), 3 deletions(-) diff --git a/create.php b/create.php index f01a97cb..e0939549 100644 --- a/create.php +++ b/create.php @@ -6,10 +6,14 @@ include "inc/mod/auth.php"; checkBan('*'); $bannedWords = array('/^cake$/', '8ch', '/^cp$/', 'child', '/^inc$/', '/^static$/', '/^templates$/', '/^js$/', '/^stylesheets$/', '/^tools$/'); -$ayah = new AYAH(); +$ayah = (($config['playagame']) ? new AYAH() : false); if (!isset($_POST['uri'], $_POST['title'], $_POST['subtitle'], $_POST['username'], $_POST['password'])) { -$publisher_html = $ayah->getPublisherHTML(); +if (!$ayah){ + $game_html = ''; +} else { + $game_html = 'Game' . $ayah->getPublisherHTML() . ''; +} $password = base64_encode(openssl_random_pseudo_bytes(9)); $body = <<Subtitle (must be < 200 chars) Username (must contain only alphanumeric, periods and underscores) Password (write this down) -Game{$publisher_html} +{$game_html}
@@ -38,7 +42,11 @@ $title = $_POST['title']; $subtitle = $_POST['subtitle']; $username = $_POST['username']; $password = $_POST['password']; +if (!$ayah){ +$score = true; +} else { $score = $ayah->scoreResult(); +} if (!preg_match('/^[a-z0-9]{1,10}$/', $uri)) error('Invalid URI'); @@ -118,3 +126,4 @@ EOT; echo Element("page.html", array("config" => $config, "body" => $body, "title" => "Success", "subtitle" => "This was a triumph")); } +?> \ No newline at end of file diff --git a/inc/config.php b/inc/config.php index e88f4935..11770e57 100644 --- a/inc/config.php +++ b/inc/config.php @@ -277,6 +277,21 @@ 'no_country' ); + + + /*uses are you a human to stop automated requests to make boards disabled by default + if you wish to use 'are you a human' to block automated board creation requests + + to use AYAH you must enter your 'AYAH_PUBLISHER_KEY' and your 'AYAH_SCORING_KEY' in + the configuration file for AYAH. The config file for AYAH + is located in the following directory:'/inc/lib/ayah/ayah_config.php' + + */ + $config['playagame'] = false; + + + + // Enable reCaptcha to make spam even harder. Rarely necessary. $config['recaptcha'] = false; From ff68278111e710bb60089616695267f6073dcd99 Mon Sep 17 00:00:00 2001 From: undido Date: Thu, 25 Sep 2014 07:08:55 -0300 Subject: [PATCH 19/36] renamed playgame config field to ayah_enabled --- create.php | 4 ++-- inc/config.php | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/create.php b/create.php index e0939549..447a33c9 100644 --- a/create.php +++ b/create.php @@ -6,7 +6,7 @@ include "inc/mod/auth.php"; checkBan('*'); $bannedWords = array('/^cake$/', '8ch', '/^cp$/', 'child', '/^inc$/', '/^static$/', '/^templates$/', '/^js$/', '/^stylesheets$/', '/^tools$/'); -$ayah = (($config['playagame']) ? new AYAH() : false); +$ayah = (($config['ayah_enabled']) ? new AYAH() : false); if (!isset($_POST['uri'], $_POST['title'], $_POST['subtitle'], $_POST['username'], $_POST['password'])) { if (!$ayah){ @@ -120,7 +120,7 @@ $body = <<Make sure you don't forget your password, {$_POST['password']}!

-

You can manage your site at http://8chan.co/mod.php?/.

+

You can manage your board at http://8chan.co/mod.php?/.

EOT; diff --git a/inc/config.php b/inc/config.php index 11770e57..45394710 100644 --- a/inc/config.php +++ b/inc/config.php @@ -287,7 +287,7 @@ is located in the following directory:'/inc/lib/ayah/ayah_config.php' */ - $config['playagame'] = false; + $config['ayah_enabled'] = false; From c8315cf8f66dbf20096407944c24171b783b02db Mon Sep 17 00:00:00 2001 From: undido Date: Thu, 25 Sep 2014 07:23:10 -0300 Subject: [PATCH 20/36] Changed the way create.php checks for existing usernames to be less intensive on the database --- create.php | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/create.php b/create.php index 447a33c9..12914ee1 100644 --- a/create.php +++ b/create.php @@ -72,12 +72,13 @@ foreach ($bannedWords as $i => $w) { error("Cannot create board matching banned pattern $w"); } } -$query = prepare('SELECT * FROM ``mods``'); +$query = prepare('SELECT ``username`` FROM ``mods`` WHERE ``username`` = :username'); +$query->bindValue(':username', $username); $query->execute() or error(db_error($query)); $users = $query->fetchAll(PDO::FETCH_ASSOC); -foreach ($users as $i => $user) { - if ($user['username'] == $username) - error('Username taken!'); + +if (sizeof($users) > 0){ +error('The username you\'ve tried to enter already exists!'); } $salt = generate_salt(); From b24ec23cbb025e173a78fbe31a4bcd2d75332255 Mon Sep 17 00:00:00 2001 From: undido Date: Thu, 25 Sep 2014 07:57:51 -0300 Subject: [PATCH 21/36] inc/mod/pages.php only show your board in boardlist if you are ranked below admin --- inc/mod/pages.php | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/inc/mod/pages.php b/inc/mod/pages.php index f7ccf1a6..eadbfc3b 100644 --- a/inc/mod/pages.php +++ b/inc/mod/pages.php @@ -1799,12 +1799,25 @@ function mod_user($uid) { $log = array(); } + if ($mod['type'] >= ADMIN){ + $boards = listBoards(); + } else { + $boards2 = explode(',', $user['boards']); + + foreach($boards2 as $string){ + + $boards[] = array("uri"=>$string, "title"=>"MY BOARD"); + + } + + var_dump($boards); + } $user['boards'] = explode(',', $user['boards']); mod_page(_('Edit user'), 'mod/user.html', array( 'user' => $user, 'logs' => $log, - 'boards' => listBoards(), + 'boards' => $boards, 'token' => make_secure_link_token('users/' . $user['id']) )); } From 03b142b8476d09c00baa22424282e19e31cffab1 Mon Sep 17 00:00:00 2001 From: undido Date: Thu, 25 Sep 2014 08:06:16 -0300 Subject: [PATCH 22/36] removed var_dump --- inc/mod/pages.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/inc/mod/pages.php b/inc/mod/pages.php index eadbfc3b..ae841c7c 100644 --- a/inc/mod/pages.php +++ b/inc/mod/pages.php @@ -1810,7 +1810,7 @@ function mod_user($uid) { } - var_dump($boards); + } $user['boards'] = explode(',', $user['boards']); From 37ac3fbe9e79791cb962080cbe374e95e26a385a Mon Sep 17 00:00:00 2001 From: undido Date: Thu, 25 Sep 2014 08:18:27 -0300 Subject: [PATCH 23/36] Added recaptcha support to create.php --- create.php | 32 ++++++++++++++++++++++++++++++++ inc/config.php | 2 ++ 2 files changed, 34 insertions(+) diff --git a/create.php b/create.php index 12914ee1..1dddb28a 100644 --- a/create.php +++ b/create.php @@ -3,6 +3,14 @@ include "inc/functions.php"; include "inc/lib/ayah/ayah.php"; include "inc/mod/auth.php"; + +//don't load recaptcha LIB unless its enabled! +if ($config['cbRecaptcha']){ +$cbRecaptcha = true; +include "inc/lib/recaptcha/recaptchalib.php"; +} + + checkBan('*'); $bannedWords = array('/^cake$/', '8ch', '/^cp$/', 'child', '/^inc$/', '/^static$/', '/^templates$/', '/^js$/', '/^stylesheets$/', '/^tools$/'); @@ -14,6 +22,14 @@ if (!$ayah){ } else { $game_html = 'Game' . $ayah->getPublisherHTML() . ''; } + +if (!$cbRecaptcha){ + $recapcha_html = ''; +} else { + $recapcha_html = 'reCaptcha' . recaptcha_get_html($config['recaptcha_public']) . ''; +} + + $password = base64_encode(openssl_random_pseudo_bytes(9)); $body = <<Username (must contain only alphanumeric, periods and underscores) Password (write this down) {$game_html} +{$recapcha_html}
@@ -42,6 +59,18 @@ $title = $_POST['title']; $subtitle = $_POST['subtitle']; $username = $_POST['username']; $password = $_POST['password']; + + $resp = ($cbRecaptcha) ? recaptcha_check_answer ($config['recaptcha_private'], + $_SERVER["REMOTE_ADDR"], + $_POST["recaptcha_challenge_field"], + $_POST["recaptcha_response_field"]):false; + +if ($resp != false){ +$passedCaptcha = $resp->is_valid; +} else { +$passedCaptcha = true; +} + if (!$ayah){ $score = true; } else { @@ -58,6 +87,9 @@ if (!preg_match('/^[a-zA-Z0-9._]{1,30}$/', $username)) error('Invalid username'); if (!$score) error('You failed the game'); +if (!$passedCaptcha) + error('You failed to enter the reCaptcha correctly'); + foreach (listBoards() as $i => $board) { if ($board['uri'] == $uri) error('Board already exists!'); diff --git a/inc/config.php b/inc/config.php index 45394710..da51613f 100644 --- a/inc/config.php +++ b/inc/config.php @@ -294,6 +294,8 @@ // Enable reCaptcha to make spam even harder. Rarely necessary. $config['recaptcha'] = false; + // Enable reCaptcha on create.php to prevent automated requests. + $config['cbRecaptcha'] = false; // Public and private key pair from https://www.google.com/recaptcha/admin/create $config['recaptcha_public'] = '6LcXTcUSAAAAAKBxyFWIt2SO8jwx4W7wcSMRoN3f'; From 635364138fca619a97e93de32056b50a5214cb86 Mon Sep 17 00:00:00 2001 From: undido Date: Thu, 25 Sep 2014 08:38:44 -0300 Subject: [PATCH 24/36] forgot to define variable whoops --- create.php | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/create.php b/create.php index 1dddb28a..4319ea70 100644 --- a/create.php +++ b/create.php @@ -3,7 +3,7 @@ include "inc/functions.php"; include "inc/lib/ayah/ayah.php"; include "inc/mod/auth.php"; - +$cbRecaptcha = false; //don't load recaptcha LIB unless its enabled! if ($config['cbRecaptcha']){ $cbRecaptcha = true; @@ -76,7 +76,10 @@ $score = true; } else { $score = $ayah->scoreResult(); } - +if (!$score) + error('You failed the game'); +if (!$passedCaptcha) + error('You failed to enter the reCaptcha correctly'); if (!preg_match('/^[a-z0-9]{1,10}$/', $uri)) error('Invalid URI'); if (!(strlen($title) < 40)) @@ -85,10 +88,6 @@ if (!(strlen($subtitle) < 200)) error('Invalid subtitle'); if (!preg_match('/^[a-zA-Z0-9._]{1,30}$/', $username)) error('Invalid username'); -if (!$score) - error('You failed the game'); -if (!$passedCaptcha) - error('You failed to enter the reCaptcha correctly'); foreach (listBoards() as $i => $board) { if ($board['uri'] == $uri) From ebd85c1fd684a4182191b3d2d4216b013ddb8f20 Mon Sep 17 00:00:00 2001 From: hatstand0 Date: Thu, 25 Sep 2014 23:42:41 +1000 Subject: [PATCH 25/36] Fix thumbnail width/height in API The API currently has the thumbnail widths and heights switched around --- inc/api.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/inc/api.php b/inc/api.php index a8ae9eed..d7b28ee9 100644 --- a/inc/api.php +++ b/inc/api.php @@ -41,8 +41,8 @@ class Api { ); $this->fileFields = array( - 'thumbheight' => 'tn_w', - 'thumbwidth' => 'tn_h', + 'thumbheight' => 'tn_h', + 'thumbwidth' => 'tn_w', 'height' => 'w', 'width' => 'h', 'size' => 'fsize', From e26ce2c61057e4f0fbe58274d1fb8f9da90161be Mon Sep 17 00:00:00 2001 From: hatstand0 Date: Fri, 26 Sep 2014 00:09:14 +1000 Subject: [PATCH 26/36] Add file hash to API The API currently lacks the Base64 encoded file hash 4chan's API provides, which assists in file de-duplication by archive software. --- inc/api.php | 1 + 1 file changed, 1 insertion(+) diff --git a/inc/api.php b/inc/api.php index a8ae9eed..ae648b6b 100644 --- a/inc/api.php +++ b/inc/api.php @@ -113,6 +113,7 @@ class Api { $apiPost['ext'] = substr($file->file, $dotPos); $dotPos = strrpos($file->file, '.'); $apiPost['tim'] = substr($file->file, 0, $dotPos); + $apiPost['md5'] = base64_encode(md5_file($file->file_path, true)); } return $apiPost; From 77b2caa284089e0b90aa548cc71185063bd0abc9 Mon Sep 17 00:00:00 2001 From: anonfagola Date: Thu, 25 Sep 2014 10:46:33 -0700 Subject: [PATCH 27/36] Update instance-config.php Fix https://github.com/ctrlcctrlv/8chan/issues/62 --- inc/instance-config.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/inc/instance-config.php b/inc/instance-config.php index 51e79716..c682b963 100644 --- a/inc/instance-config.php +++ b/inc/instance-config.php @@ -91,7 +91,8 @@ $config['additional_javascript'][] = 'js/favorites.js'; $config['additional_javascript'][] = 'js/show-op.js'; $config['additional_javascript'][] = 'js/hide-threads.js'; - //$config['additional_javascript'][] = 'js/smartphone-spoiler.js'; + $config['additional_javascript'][] = 'js/mobile-style.js' + $config['additional_javascript'][] = 'js/smartphone-spoiler.js'; $config['additional_javascript'][] = 'js/inline-expanding.js'; $config['additional_javascript'][] = 'js/show-backlinks.js'; $config['additional_javascript'][] = 'js/catalog-link.js'; From 014f0eb12ad95bddb60d1e5b52c1770ace47e7d6 Mon Sep 17 00:00:00 2001 From: Ki11Deer Date: Thu, 25 Sep 2014 14:32:03 -0400 Subject: [PATCH 28/36] Update instance-config.php to fix Twitter alt text I am new here don't rape my face. --- inc/instance-config.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/inc/instance-config.php b/inc/instance-config.php index 51e79716..9dbb56df 100644 --- a/inc/instance-config.php +++ b/inc/instance-config.php @@ -128,7 +128,7 @@ $config['markup'][] = array("/\[spoiler\](.+?)\[\/spoiler\]/", "\$1"); $config['markup'][] = array("/~~(.+?)~~/", "\$1"); - $config['boards'] = array(array('' => '/', '' => '/boards.html', '' => '/faq.html', '' => '/random.php', '' => '/create.php', '' => '/search.php', '' => '/mod.php', '' => 'https://qchat.rizon.net/?channels=#8chan'), array('b', 'meta', 'int'), array('v', 'a', 'tg', 'fit', 'pol', 'tech', 'mu', 'co', 'sp', 'boards'), array(''=>'https://twitter.com/infinitechan')); + $config['boards'] = array(array('' => '/', '' => '/boards.html', '' => '/faq.html', '' => '/random.php', '' => '/create.php', '' => '/search.php', '' => '/mod.php', '' => 'https://qchat.rizon.net/?channels=#8chan'), array('b', 'meta', 'int'), array('v', 'a', 'tg', 'fit', 'pol', 'tech', 'mu', 'co', 'sp', 'boards'), array(''=>'https://twitter.com/infinitechan')); $config['footer'][] = 'Contribute to 8chan.co development at github'; $config['footer'][] = 'To make a DMCA request or report illegal content, please email admin@8chan.co or use the "Global Report" functionality on every page.'; From e20d79270f3486f2f65a7dd831a9bf5182a0dcc7 Mon Sep 17 00:00:00 2001 From: undido Date: Thu, 25 Sep 2014 16:20:16 -0300 Subject: [PATCH 29/36] Added image-hover.js javascript --- js/image-hover.js | 115 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 115 insertions(+) create mode 100644 js/image-hover.js diff --git a/js/image-hover.js b/js/image-hover.js new file mode 100644 index 00000000..77bc3490 --- /dev/null +++ b/js/image-hover.js @@ -0,0 +1,115 @@ + /* + Copyright (C) 2014 undido + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . + + expands images and webm on hover + + */ + $(document).ready(function(){ +var mouseisOnImage = false; +var mouseexitedImage = false; + +var imageHover = (localStorage['imagehover']) ? true:false; + + +imageHover = !imageHover; + + +var imageEnter = function(){ + + if (!imageHover) + return; + + + +mouseexitedImage = false; +mouseisOnImage = false; + +isVideo = (($(this).prop("tagName") == "VIDEO") ? true:($(this).parent().attr("href").indexOf("player.php?v=") > -1) ? true:false); +maxWidth = document.body.offsetWidth-(document.body.offsetWidth * 0.25); +maxHeight = document.documentElement.clientHeight; +stylez = "z-index:1000;z-index: 1000;position: fixed;top: 0;right: 0;"; +if (!isVideo){ +fileInfo = $(this).parent().parent().children(".fileinfo").children(".unimportant").text(); +isSpoiler = (fileInfo.indexOf("Spoiler") > -1) ? true:false; +imageD = ((isSpoiler) ? fileInfo.split(",")[2]:fileInfo.split(",")[1]); +imageWidth = parseInt(imageD.split("x")[0]); +imageHeight = parseInt(imageD.split("x")[1]); + +widStyle = "max-width:" + maxWidth + "px;"; +heiStyle = ((maxHeight < imageHeight) ? "height:"+maxHeight+"px;":""); +$imgH = $("", {"src":$(this).parent().attr("href"), "style":stylez + ((imageWidth > maxWidth) ? widStyle:"")+heiStyle, "id":"hover-image"}); +} else { +videoWidth = parseInt($(this).parent().parent().find(".unimportant").text().split(",")[1].split("x")[0]); +videoHeight = parseInt($(this).parent().parent().find(".unimportant").text().split(",")[1].split("x")[1]); + +widStyle = "width:" + ((maxWidth > videoWidth) ? videoWidth:maxWidth) + "px;" + "height:" + ((maxHeight < videoHeight) ? "100%": videoHeight+"px;"); +$imgH = $("