From fe9573a38593d7ee98dd07ae0625b065d292f9b9 Mon Sep 17 00:00:00 2001 From: RealAngeleno Date: Tue, 31 Oct 2023 21:59:12 -0700 Subject: [PATCH 1/2] allow disabling post deletion for old posts --- inc/config.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/inc/config.php b/inc/config.php index 9cf3eec5..da0fa3c1 100644 --- a/inc/config.php +++ b/inc/config.php @@ -541,6 +541,8 @@ $config['allow_delete'] = true; // How long after posting should you have to wait before being able to delete that post? (In seconds.) $config['delete_time'] = 10; + // How long should a user be able to delete their post for? (In seconds. Set to 0 to disable.) + $config['max_delete_time'] = 0; // Reply limit (stops bumping thread when this is reached). $config['reply_limit'] = 250; @@ -1187,6 +1189,7 @@ $config['error']['fileexists'] = _('That file already exists!'); $config['error']['fileexistsinthread'] = _('That file already exists in this thread!'); $config['error']['delete_too_soon'] = _('You\'ll have to wait another %s before deleting that.'); + $config['error']['delete_too_late'] = _('You cannot delete a post this old.'); $config['error']['mime_exploit'] = _('MIME type detection XSS exploit (IE) detected; post discarded.'); $config['error']['invalid_embed'] = _('Couldn\'t make sense of the URL of the video you tried to embed.'); $config['error']['captcha'] = _('You seem to have mistyped the verification.'); From d057c6d660ccd4c58f6bb0992a9801ff4f572978 Mon Sep 17 00:00:00 2001 From: RealAngeleno Date: Tue, 31 Oct 2023 22:03:09 -0700 Subject: [PATCH 2/2] logic for preventing deletion of old posts --- post.php | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/post.php b/post.php index e2585a36..9ad8f844 100644 --- a/post.php +++ b/post.php @@ -227,6 +227,10 @@ if (isset($_POST['delete'])) { $thread = $thread_query->fetch(PDO::FETCH_ASSOC); } + if ($post['time'] < time() - $config['max_delete_time'] && $config['max_delete_time'] != false) { + error(sprintf($config['error']['delete_too_late'], until($post['time'] + $config['max_delete_time']))); + } + if ($password != '' && $post['password'] != $password && (!$thread || $thread['password'] != $password)) error($config['error']['invalidpassword']);