harmacist/vichan
1
0
Fork 0
forked from GithubBackups/vichan
Code Pull Requests Activity

8chan.co proprietary changes

Browse Source
This commit is contained in:
8chan 2014-05-17 20:01:14 +00:00
parent 07af40e01e
commit ed6fae6b09
4 changed files with 559 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

120
claim.php Normal file
View File

@ -0,0 +1,120 @@
<?php
include "inc/functions.php";
include "inc/mod/auth.php";
function last_activity($board) {
// last post
$query = prepare(sprintf("SELECT MAX(time) AS time FROM posts_%s", $board));
$query->execute();
$row = $query->fetch();
$ago = (new DateTime)->sub(new DateInterval('PT72H'));
$mod_ago = (new DateTime)->sub(new DateInterval('PT168H'));
$last_activity_date = new DateTime();
$last_mod_date = new DateTime();
$last_activity_date->setTimestamp($row['time']);
$query = query("SELECT id, username FROM mods WHERE boards = '$board'");
$mods = $query->fetchAll();
if ($mods) {
$mod = $mods[0]['id'];
$query = query("SELECT MAX(time) AS time FROM modlogs WHERE `mod` = $mod");
$a = $query->fetchAll(PDO::FETCH_COLUMN);
if ($a[0]) {
$last_mod_date->setTimestamp($a[0]);
if (!$row['time'])
$last_activity_date->setTimestamp($a[0]);
} else {// no one ever logged in, try board creation time
$query = query("SELECT UNIX_TIMESTAMP(time) AS time FROM board_create WHERE uri = '$board'");
$crt = $query->fetchAll(PDO::FETCH_COLUMN);
$last_activity_date->setTimestamp($crt[0]);
$last_mod_date = false;
}
}
if ($mods and ($last_activity_date < $ago or ($last_mod_date and $last_mod_date < $mod_ago))) {
return array($last_activity_date, $last_mod_date, $mods);
}
else {
return false;
}
}
// Find out the last activity for our board
if (!isset($_GET['claim'])) {
$title = "Boards that need new owners";
$q = query("SELECT uri FROM boards");
$body = '<p>The following boards have been abandoned by their owners or have less than one post in a seventy-two hour period. Think you can do a better job? Claim one! Note: You can only reclaim one board per IP per day. Choose carefully!</p><table class="modlog" style="width:auto"><thead><tr><th>Board</th><th>Last activity</th><th>Last mod login</th><th>Reclaim</th></thead></tr><tbody>';
$boards = $q->fetchAll(PDO::FETCH_COLUMN);
$delete = array();
foreach($boards as $board) {
$last_activity = last_activity($board);
if ($last_activity) {
list($last_activity_date, $last_mod_date, $mods) = $last_activity;
$delete[] = array('board' => $board, 'last_activity' => $last_activity_date, 'last_mod' => $last_mod_date);
$last_mod_f = $last_mod_date ? $last_mod_date->format('Y-m-d H:i:s') : '<em>never</em>';
$body .= "<tr><td><a href='/{$board}/'>/{$board}/</a></td><td>{$last_activity_date->format('Y-m-d H:i:s')}</td><td>{$last_mod_f}</td><td><form style='margin-bottom:0!important'><input type='hidden' name='claim' value='{$board}'><input type='submit' value='Claim!'></form></td></tr>";
}
}
$body .= "</table>";
}
else {
$query = prepare('SELECT `last` FROM ``claim`` WHERE `ip` = :ip');
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
$query->execute();
$r_last = $query->fetch(PDO::FETCH_ASSOC);
$last = new DateTime($r_last['last'], new DateTimeZone('UTC'));
$ago = (new DateTime('',new DateTimeZone('UTC')))->sub(new DateInterval('P1D'));
if ($last > $ago and $r_last) {
error('You already claimed a board today');
}
openBoard($_GET['claim']);
$title = "Claiming board /{$board['uri']}/";
$last_activity = last_activity($board['uri']);
if ($last_activity) {
list($last_activity_date, $last_mod_date, $mods) = $last_activity;
$query = prepare('INSERT INTO ``claim``(`ip`, `last`) VALUES(:ip, NOW()) ON DUPLICATE KEY UPDATE `last`=NOW()');
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
$query->execute();
$password = base64_encode(openssl_random_pseudo_bytes(9));
$salt = generate_salt();
$hashed = hash('sha256', $salt . sha1($password));
$query = prepare('UPDATE ``mods`` SET `password` = :hashed, `salt` = :salt WHERE BINARY username = :mod');
$query->bindValue(':hashed', $hashed);
$query->bindValue(':salt', $salt);
$query->bindValue(':mod', $mods[0]['username']);
$query->execute();
query(sprintf("UPDATE posts_%s SET ip = '127.0.0.1'", $board['uri']));
$query = prepare("DELETE FROM bans WHERE board = :board");
$query->bindValue(":board", $board['uri']);
$query->execute();
$body = "<p>Please read the following instructions carefully:</p>
<p>The username of the admin of this board is <strong>{$mods[0]['username']}</strong>. Please write this down, you will need it to log in. It cannot be changed.</p>
<p>A new password has been generated for this board. It is <tt>{$password}</tt> . Please write this down, you will need it to log in. <em>If you forget your password, it cannot be changed. You must wait to reclaim the board again! Do not lose it.</em></p>
<p>The URL you use to manage your board is <a href='/mod.php'>8chan.co/mod.php</a>. Log in using the details above. Note: The board can still be claimed by another user until you log in for the first time or if it still meets the inactivity criteria, so post something!</p>
<p>
";
} else {
error('Board active or does not exist, cannot be reclaimed.');
}
}
$config['default_stylesheet'] = array('Yotsuba B', $config['stylesheets']['Yotsuba B']);
echo Element("page.html", array("config" => $config, "body" => $body, "title" => $title));

120
create.php Normal file
View File

@ -0,0 +1,120 @@
<?php
include "inc/functions.php";
include "inc/ayah/ayah.php";
include "inc/mod/auth.php";
checkBan('*');
$bannedWords = array('loli', '/^cake$/', '8ch', '/^cp$/', 'child');
$ayah = new AYAH();
if (!isset($_POST['uri'], $_POST['title'], $_POST['subtitle'], $_POST['username'], $_POST['password'])) {
$publisher_html = $ayah->getPublisherHTML();
$password = base64_encode(openssl_random_pseudo_bytes(9));
$body = <<<EOT
<p>Did you know? Many boards with popular names on 8chan.co are abandoned and can be claimed by you. <a href="/claim.php">Click here to see the list and claim yours!</a></p>
<form method="POST">
<table class="modlog" style="width:auto">
<tbody>
<tr><th>URI</th><td>/<input name="uri" type="text" size="5">/ <span class="unimportant">(must be all lowercase or numbers and < 10 chars)</td></tr>
<tr><th>Title</th><td><input name="title" type="text"> <span class="unimportant">(must be < 40 chars)</td></tr>
<tr><th>Subtitle</th><td><input name="subtitle" type="text"> <span class="unimportant">(must be < 200 chars)</td></tr>
<tr><th>Username</th><td><input name="username" type="text"> <span class="unimportant">(must contain only alphanumeric, periods and underscores)</span></td></tr>
<tr><th>Password</th><td><input name="password" type="text" value="{$password}" readonly> <span class="unimportant">(write this down)</span></td></tr>
<tr><th>Game</th><td>{$publisher_html}</td></tr>
</tbody>
</table>
<ul style="padding:0;text-align:center;list-style:none"><li><input type="submit" value="Create board"></li></ul>
</form>
EOT;
echo Element("page.html", array("config" => $config, "body" => $body, "title" => "Create your board", "subtitle" => "before someone else does"));
}
else {
$uri = $_POST['uri'];
$title = $_POST['title'];
$subtitle = $_POST['subtitle'];
$username = $_POST['username'];
$password = $_POST['password'];
$score = $ayah->scoreResult();
if (!preg_match('/^[a-z0-9]{1,10}$/', $uri))
error('Invalid URI');
if (!(strlen($title) < 40))
error('Invalid title');
if (!(strlen($subtitle) < 200))
error('Invalid subtitle');
if (!preg_match('/^[a-zA-Z0-9._]{1,30}$/', $username))
error('Invalid username');
if (!$score)
error('You failed the game');
foreach (listBoards() as $i => $board) {
if ($board['uri'] == $uri)
error('Board already exists!');
}
foreach ($bannedWords as $i => $w) {
if ($w[0] !== '/') {
if (strpos($uri,$w) !== false)
error("Cannot create board with banned word $w");
} else {
if (preg_match($w,$uri))
error("Cannot create board matching banned pattern $w");
}
}
$query = prepare('SELECT * FROM ``mods``');
$query->execute() or error(db_error($query));
$users = $query->fetchAll(PDO::FETCH_ASSOC);
foreach ($users as $i => $user) {
if ($user['username'] == $username)
error('Username taken!');
}
$salt = generate_salt();
$password = hash('sha256', $salt . sha1($password));
$query = prepare('INSERT INTO ``mods`` VALUES (NULL, :username, :password, :salt, :type, :boards)');
$query->bindValue(':username', $username);
$query->bindValue(':password', $password);
$query->bindValue(':salt', $salt);
$query->bindValue(':type', 20);
$query->bindValue(':boards', $uri);
$query->execute() or error(db_error($query));
$query = prepare('INSERT INTO ``boards`` VALUES (:uri, :title, :subtitle)');
$query->bindValue(':uri', $_POST['uri']);
$query->bindValue(':title', $_POST['title']);
$query->bindValue(':subtitle', $_POST['subtitle']);
$query->execute() or error(db_error($query));
$query = Element('posts.sql', array('board' => $uri));
query($query) or error(db_error());
if (!openBoard($_POST['uri']))
error(_("Couldn't open board after creation."));
if ($config['cache']['enabled'])
cache::delete('all_boards');
// Build the board
buildIndex();
rebuildThemes('boards');
query("INSERT INTO ``board_create``(uri) VALUES('$uri')") or error(db_error());
$body = <<<EOT
<p>Your new board is created and is live at <a href="/{$uri}">/{$uri}/</a>.</p>
<p>Make sure you don't forget your password, <tt>{$_POST['password']}</tt>!</p>
<p>You can manage your site at <a href="http://8chan.co/mod.php?/">http://8chan.co/mod.php?/</a>.</p>
EOT;
echo Element("page.html", array("config" => $config, "body" => $body, "title" => "Success", "subtitle" => "This was a triumph"));
}

139
expire.php Normal file
View File

@ -0,0 +1,139 @@
<?php
include "inc/functions.php";
if (!(php_sapi_name() == "cli")) {
die('nope');
}
$q = query("SELECT uri FROM boards");
$boards = $q->fetchAll(PDO::FETCH_COLUMN);
$now = new DateTime();
$ago = (new DateTime)->sub(new DateInterval('P30D'));
$mod_ago = (new DateTime)->sub(new DateInterval('P30D'));
// Find out the last activity for our board
$delete = array();
foreach($boards as $board) {
// last post
$query = prepare(sprintf("SELECT MAX(time) AS time FROM posts_%s", $board));
$query->execute();
$row = $query->fetch();
//count posts
$query = prepare(sprintf("SELECT COUNT(id) AS count FROM posts_%s", $board));
$query->execute();
$count = $query->fetch();
$last_activity_date = new DateTime();
$last_mod_date = new DateTime();
$last_activity_date->setTimestamp($row['time']);
$query = query("SELECT id, username FROM mods WHERE boards = '$board'");
$mods = $query->fetchAll();
if ($mods) {
$mod = $mods[0]['id'];
$query = query("SELECT MAX(time) AS time FROM modlogs WHERE `mod` = $mod");
$a = $query->fetchAll(PDO::FETCH_COLUMN);
if ($a[0]) {
$last_mod_date->setTimestamp($a[0]);
if (!$row['time'])
$last_activity_date->setTimestamp($a[0]);
} else {// no one ever logged in, try board creation time
$query = query("SELECT UNIX_TIMESTAMP(time) AS time FROM board_create WHERE uri = '$board'");
$crt = $query->fetchAll(PDO::FETCH_COLUMN);
$last_activity_date->setTimestamp($crt[0]);
$last_mod_date = false;
}
}
#if (($last_activity_date < $ago or ($last_mod_date and $last_mod_date < $mod_ago)) and (int)$count['count'] < 30) {
if (($last_activity_date < $ago or ($last_mod_date and $last_mod_date < $mod_ago))) {
echo $board, ' ', $last_activity_date->format('Y-m-d H:i:s'), ' ', ($last_mod_date ? $last_mod_date->format('Y-m-d H:i:s') : 'false'), ' ', $count['count'], "\r\n";
$delete[] = array('board' => $board, 'last_activity' => $last_activity_date, 'last_mod' => $last_mod_date, 'mod' => isset($mods[0]['username']) ? $mods[0]['username'] : false, 'count' => $count['count']);
}
}
if ($argc > 1) {
$f = fopen('rip.txt', 'a');
fwrite($f, "--\r\n");
foreach($delete as $i => $d){
$s = "RIP /".$d['board']."/, created by ".$d['mod']?$d['mod']:'?'." and last active on ".$d['last_activity']->format('Y-m-d H:i:s.').($d['last_mod'] ? ' Mod last active on ' . $d['last_mod']->format('Y-m-d H:i:s.') : ' Mod never active.') . " Number of posts: {$d['count']}." . "\r\n";
fwrite($f, $s);
openBoard($d['board']);
$query = prepare('DELETE FROM ``boards`` WHERE `uri` = :uri');
$query->bindValue(':uri', $board['uri']);
$query->execute() or error(db_error($query));
if ($config['cache']['enabled']) {
cache::delete('board_' . $board['uri']);
cache::delete('all_boards');
}
// Delete posting table
$query = query(sprintf('DROP TABLE IF EXISTS ``posts_%s``', $board['uri'])) or error(db_error());
// Clear reports
$query = prepare('DELETE FROM ``reports`` WHERE `board` = :id');
$query->bindValue(':id', $board['uri'], PDO::PARAM_INT);
$query->execute() or error(db_error($query));
// Delete from table
$query = prepare('DELETE FROM ``boards`` WHERE `uri` = :uri');
$query->bindValue(':uri', $board['uri'], PDO::PARAM_INT);
$query->execute() or error(db_error($query));
$query = prepare("SELECT `board`, `post` FROM ``cites`` WHERE `target_board` = :board ORDER BY `board`");
$query->bindValue(':board', $board['uri']);
$query->execute() or error(db_error($query));
while ($cite = $query->fetch(PDO::FETCH_ASSOC)) {
if ($board['uri'] != $cite['board']) {
if (!isset($tmp_board))
$tmp_board = $board;
openBoard($cite['board']);
rebuildPost($cite['post']);
}
}
if (isset($tmp_board))
$board = $tmp_board;
$query = prepare('DELETE FROM ``cites`` WHERE `board` = :board OR `target_board` = :board');
$query->bindValue(':board', $board['uri']);
$query->execute() or error(db_error($query));
$query = prepare('DELETE FROM ``antispam`` WHERE `board` = :board');
$query->bindValue(':board', $board['uri']);
$query->execute() or error(db_error($query));
// Remove board from users/permissions table
$query = query('SELECT `id`,`boards` FROM ``mods``') or error(db_error());
while ($user = $query->fetch(PDO::FETCH_ASSOC)) {
$user_boards = explode(',', $user['boards']);
if (in_array($board['uri'], $user_boards)) {
unset($user_boards[array_search($board['uri'], $user_boards)]);
$_query = prepare('UPDATE ``mods`` SET `boards` = :boards WHERE `id` = :id');
$_query->bindValue(':boards', implode(',', $user_boards));
$_query->bindValue(':id', $user['id']);
$_query->execute() or error(db_error($_query));
}
}
// Delete entire board directory
rrmdir($board['uri'] . '/');
if ($d['mod']) {
$query = prepare('DELETE FROM ``mods`` WHERE `username` = :id');
$query->bindValue(':id', $d['mod']);
$query->execute() or error(db_error($query));
}
}
fclose($f);
}
apc_delete('all_boards_uri');
apc_delete('all_boards');
rebuildThemes('boards');
$query = query('DELETE FROM board_create WHERE uri NOT IN (SELECT uri FROM boards);') or error(db_error());

191
inc/instance-config.php
View File

@ -14,7 +14,9 @@ require_once "htmlpurifier-4.5.0/library/HTMLPurifier.auto.php";
$config['db']['database'] = '8chan'; $config['db']['database'] = '8chan';
$config['db']['prefix'] = ''; $config['db']['prefix'] = '';
$config['db']['user'] = 'root'; $config['db']['user'] = 'root';
$config['db']['password'] = 'pVFM1N5K'; $config['db']['password'] = 'REMOVED';
$config['timezone'] = 'UTC';
$config['cache']['enabled'] = 'apc';
$config['cookies']['mod'] = 'mod'; $config['cookies']['mod'] = 'mod';
@ -23,10 +25,9 @@ require_once "htmlpurifier-4.5.0/library/HTMLPurifier.auto.php";
$config['flood_time'] = 10; $config['flood_time'] = 10;
$config['flood_time_ip'] = 120; $config['flood_time_ip'] = 120;
$config['flood_time_same'] = 30; $config['flood_time_same'] = 30;
$config['max_body'] = 1800; $config['max_body'] = 5000;
$config['reply_limit'] = 250; $config['reply_limit'] = 250;
$config['max_links'] = 20; $config['max_links'] = 20;
$config['max_filesize'] = 10485760;
$config['thumb_width'] = 255; $config['thumb_width'] = 255;
$config['thumb_height'] = 255; $config['thumb_height'] = 255;
$config['max_width'] = 10000; $config['max_width'] = 10000;
@ -38,18 +39,28 @@ require_once "htmlpurifier-4.5.0/library/HTMLPurifier.auto.php";
$config['secure_trip_salt'] = 'REMOVED'; $config['secure_trip_salt'] = 'REMOVED';
// Image shit // Image shit
$config['thumb_method'] = 'gm'; $config['thumb_method'] = 'gm+gifsicle';
$config['thumb_ext'] = '';
$config['thumb_keep_animation_frames'] = 100;
$config['show_ratio'] = true; $config['show_ratio'] = true;
$config['allow_upload_by_url'] = true; $config['allow_upload_by_url'] = true;
$config['max_filesize'] = 1024 * 1024; // 10MB $config['max_filesize'] = 1024 * 1024 * 2; // 2MB
$config['disable_images'] = false; $config['disable_images'] = false;
$config['spoiler_images'] = true; $config['spoiler_images'] = true;
$config['image_reject_repost'] = false;
$config['allowed_ext_files'][] = 'webm';
// Mod shit // Mod shit
$config['mod']['groups'][25] = 'Supermod'; $config['mod']['groups'][25] = 'Supermod';
define_groups(); define_groups();
$config['mod']['capcode'][MOD] = array('Board Moderator'); $config['mod']['capcode'][MOD] = array('Board Moderator');
$config['mod']['capcode'][SUPERMOD] = array('Global Moderator'); $config['mod']['capcode'][SUPERMOD] = array('Global Moderator');
$config['custom_capcode']['Admin'] = array(
'<span class="capcode" style="color:blue;font-weight:bold"> <i class="fa fa-wheelchair"></i> %s</span>',
);
$config['custom_capcode']['Bear'] = array(
'<span class="capcode" style="color:brown;font-weight:bold"> <img src="/static/paw.svg" height="12" width="12"> %s</span>',
);
//$config['mod']['view_banlist'] = SUPERMOD; //$config['mod']['view_banlist'] = SUPERMOD;
$config['mod']['manageusers'] = SUPERMOD; $config['mod']['manageusers'] = SUPERMOD;
$config['mod']['noticeboard_post'] = SUPERMOD; $config['mod']['noticeboard_post'] = SUPERMOD;
@ -58,22 +69,56 @@ require_once "htmlpurifier-4.5.0/library/HTMLPurifier.auto.php";
$config['mod']['debug_antispam'] = ADMIN; $config['mod']['debug_antispam'] = ADMIN;
// Board shit // Board shit
$config['url_banner'] = '/banners.php';
//$config['default_stylesheet'] = array('Notsuba', 'notsuba.css'); //$config['default_stylesheet'] = array('Notsuba', 'notsuba.css');
$config['additional_javascript'][] = 'js/jquery.min.js'; $config['additional_javascript'][] = 'js/jquery.min.js';
$config['additional_javascript'][] = 'js/jquery.tablesorter.min.js'; $config['additional_javascript'][] = 'js/jquery.tablesorter.min.js';
$config['additional_javascript'][] = 'js/post-hover.js';
$config['additional_javascript'][] = 'js/update_boards.js'; $config['additional_javascript'][] = 'js/update_boards.js';
$config['additional_javascript'][] = 'js/show-op.js';
$config['additional_javascript'][] = 'js/hide-threads.js';
//$config['additional_javascript'][] = 'js/smartphone-spoiler.js';
$config['additional_javascript'][] = 'js/inline-expanding.js';
$config['additional_javascript'][] = 'js/show-backlinks.js';
$config['additional_javascript'][] = 'js/catalog-link.js';
$config['additional_javascript'][] = 'js/webm-settings.js';
$config['additional_javascript'][] = 'js/expand-video.js';
$config['additional_javascript'][] = 'js/treeview.js';
$config['additional_javascript'][] = 'js/quick-post-controls.js';
$config['additional_javascript'][] = 'js/expand-too-long.js';
//$config['additional_javascript'][] = 'js/auto-reload.js';
$config['additional_javascript'][] = 'js/settings.js';
$config['additional_javascript'][] = 'js/fix-report-delete-submit.js';
$config['additional_javascript'][] = 'js/hide-images.js';
$config['additional_javascript'][] = 'js/expand-all-images.js';
$config['additional_javascript'][] = 'js/local-time.js';
$config['font_awesome_css'] = '//netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css';
$config['stylesheets_board'] = true; $config['stylesheets_board'] = true;
$config['markup'][] = array("/^[ |\t]*==(.+?)==[ |\t]*$/m", "<span class=\"heading\">\$1</span>"); $config['markup'][] = array("/^[ |\t]*==(.+?)==[ |\t]*$/m", "<span class=\"heading\">\$1</span>");
$config['markup'][] = array("/\[spoiler\](.+?)\[\/spoiler\]/", "<span class=\"spoiler\">\$1</span>"); $config['markup'][] = array("/\[spoiler\](.+?)\[\/spoiler\]/", "<span class=\"spoiler\">\$1</span>");
$config['markup'][] = array("/~~(.+?)~~/", "<s>\$1</s>");
$config['boards'] = array(array('<i class="icon-home" title="Home"></i>' => '/', '<i class="icon-tags" title="Boards"></i>' => '/boards.php', '<i class="icon-question" title="FAQ"></i>' => '/faq.html', '<i class="icon-random" title="Random"></i>' => '/random.php', '<i class="icon-cog" title="Manage board"></i>' => '/mod.php', '<i class="icon-quote-right" title="Chat"></i>' => 'https://qchat.rizon.net/?channels=#8chan'), array('b' => '/b', 'meta' => '/meta')); $config['boards'] = array(array('<i class="fa fa-home" title="Home"></i>' => '/', '<i class="fa fa-tags" title="Boards"></i>' => '/boards.html', '<i class="fa fa-question" title="FAQ"></i>' => '/faq.html', '<i class="fa fa-random" title="Random"></i>' => '/random.php', '<i class="fa fa-plus" title="New board"></i>' => '/create.php', '<i class="fa fa-search" title="Search"></i>' => '/search.php', '<i class="fa fa-chain-broken" title="Claim board"></i>' => '/claim.php', '<i class="fa fa-cog" title="Manage board"></i>' => '/mod.php', '<i class="fa fa-quote-right" title="Chat"></i>' => 'https://qchat.rizon.net/?channels=#8chan'), array('b', 'meta', 'int'), array('über'));
$config['footer'][] = 'Proprietary Tinyboard changes &amp; 8chan.co trademark and logo &copy; 2013-2014 <a href="https://blog.8chan.co">Fredrick Brennan</a>';
$config['footer'][] = 'To make a DMCA request or report illegal content, please email <a href="mailto:admin@8chan.co">admin@8chan.co</a> or use the "Global Report" functionality on every page.';
$config['search']['enable'] = true;
//$config['debug'] = true; //$config['debug'] = true;
$config['flood_time'] = 2;
// Minimum time between between each post with the exact same content AND same IP address.
$config['flood_time_ip'] = 120;
// Same as above but by a different IP address. (Same content, not necessarily same IP address.)
$config['flood_time_same'] = 30;
if (!function_exists('prettify_textarea')){ if (!function_exists('prettify_textarea')){
function prettify_textarea($s){ function prettify_textarea($s){
return str_replace("\t", '&#09;', str_replace("\n", '&#13;&#10;', $s)); return str_replace("\t", '&#09;', str_replace("\n", '&#13;&#10;', htmlentities($s)));
} }
} }
@ -86,6 +131,69 @@ require_once "htmlpurifier-4.5.0/library/HTMLPurifier.auto.php";
} }
} }
$config['mod']['custom_pages']['/banners/(\%b)'] = function($b) {
global $config, $mod, $board;
require_once 'inc/image.php';
if (!in_array($b, $mod['boards']) and $mod['boards'][0] != '*')
error($config['error']['noaccess']);
if (!openBoard($b))
error("Could not open board!");
$dir = 'static/banners/'.$b;
if (!is_dir($dir)){
mkdir($dir, 0777, true);
}
if (isset($_FILES['file'])){
$upload = $_FILES['file']['tmp_name'];
$banners = array_diff(scandir($dir), array('..', '.'));
if (!is_readable($upload))
error($config['error']['nomove']);
$id = time() . substr(microtime(), 2, 3);
$extension = strtolower(mb_substr($_FILES['file']['name'], mb_strrpos($_FILES['file']['name'], '.') + 1));
if (!in_array($extension, array('jpg','jpeg','png','gif'))){
error('Not an image extension.');
}
if (filesize($upload) > 512000){
error('File too large!');
}
if (!$size = @getimagesize($upload)) {
error($config['error']['invalidimg']);
}
if ($size[0] != 300 or $size[1] != 100){
error('Image wrong size!');
}
if (sizeof($banners) >= 20) {
error('Too many banners.');
}
copy($upload, "$dir/$id.$extension");
}
if (isset($_POST['delete'])){
foreach ($_POST['delete'] as $i => $d){
if (!preg_match('/[0-9+]\.(png|jpeg|jpg|gif)/', $d)){
error('Nice try.');
}
unlink("$dir/$d");
}
}
$banners = array_diff(scandir($dir), array('..', '.'));
mod_page(_('Edit banners'), 'mod/banners.html', array('board'=>$board,'banners'=>$banners,'token'=>make_secure_link_token('banners/'.$board['uri'])));
};
$config['mod']['custom_pages']['/settings/(\%b)'] = function($b) { $config['mod']['custom_pages']['/settings/(\%b)'] = function($b) {
global $config, $mod; global $config, $mod;
@ -95,6 +203,8 @@ require_once "htmlpurifier-4.5.0/library/HTMLPurifier.auto.php";
if (!openBoard($b)) if (!openBoard($b))
error("Could not open board!"); error("Could not open board!");
$possible_languages = array_diff(scandir('inc/locale/'), array('..', '.', '.tx', 'README.md'));
if ($_SERVER['REQUEST_METHOD'] == 'POST') { if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$title = $_POST['title']; $title = $_POST['title'];
$subtitle = $_POST['subtitle']; $subtitle = $_POST['subtitle'];
@ -104,10 +214,54 @@ require_once "htmlpurifier-4.5.0/library/HTMLPurifier.auto.php";
$force_image_op = isset($_POST['force_image_op']) ? 'true' : 'false'; $force_image_op = isset($_POST['force_image_op']) ? 'true' : 'false';
$disable_images = isset($_POST['disable_images']) ? 'true' : 'false'; $disable_images = isset($_POST['disable_images']) ? 'true' : 'false';
$poster_ids = isset($_POST['poster_ids']) ? 'true' : 'false'; $poster_ids = isset($_POST['poster_ids']) ? 'true' : 'false';
$show_sages = isset($_POST['show_sages']) ? 'true' : 'false';
$auto_unicode = isset($_POST['auto_unicode']) ? 'true' : 'false';
$code_tags = isset($_POST['code_tags']) ? '$config[\'additional_javascript\'][] = \'js/code_tags/run_prettify.js\';$config[\'markup\'][] = array("/\[code\](.+?)\[\/code\]/ms", "<code><pre class=\'prettyprint\' style=\'display:inline-block\'>\$1</pre></code>");' : ''; $code_tags = isset($_POST['code_tags']) ? '$config[\'additional_javascript\'][] = \'js/code_tags/run_prettify.js\';$config[\'markup\'][] = array("/\[code\](.+?)\[\/code\]/ms", "<code><pre class=\'prettyprint\' style=\'display:inline-block\'>\$1</pre></code>");' : '';
$mathjax = isset($_POST['mathjax']) ? '$config[\'mathjax\'] = true;$config[\'additional_javascript\'][] = \'js/mathjax-MathJax-727332c/MathJax.js?config=TeX-AMS_HTML-full\';' : ''; $mathjax = isset($_POST['mathjax']) ? '$config[\'mathjax\'] = true;$config[\'additional_javascript\'][] = \'js/mathjax-MathJax-727332c/MathJax.js?config=TeX-AMS_HTML-full\';' : '';
$oekaki_js = <<<OEKAKI
\$config['additional_javascript'][] = 'js/jquery-ui.custom.min.js';
\$config['additional_javascript'][] = 'js/ajax.js';
\$config['additional_javascript'][] = 'js/wPaint/lib/wColorPicker.min.js';
\$config['additional_javascript'][] = 'js/wPaint/wPaint.min.js';
\$config['additional_javascript'][] = 'js/wPaint/plugins/main/wPaint.menu.main.min.js';
\$config['additional_javascript'][] = 'js/wPaint/plugins/text/wPaint.menu.text.min.js';
\$config['additional_javascript'][] = 'js/wPaint/plugins/shapes/wPaint.menu.main.shapes.min.js';
\$config['additional_javascript'][] = 'js/wPaint/plugins/file/wPaint.menu.main.file.min.js';
\$config['additional_javascript'][] = 'js/wpaint.js';
\$config['additional_javascript'][] = 'js/upload-selection.js';
OEKAKI;
$oekaki = isset($_POST['oekaki']) ? $oekaki_js : '';
if ($_POST['locale'] !== 'en' && in_array($_POST['locale'], $possible_languages)) {
$locale = "\$config['locale'] = '{$_POST['locale']}.UTF-8';
\$config['file_script'] = '$b/main.js';";
} else {
$locale = '';
}
if (isset($_POST['max_images']) && (int)$_POST['max_images'] && (int)$_POST['max_images'] <= 5) {
$_POST['max_images'] = (int)$_POST['max_images'];
$multiimage = "\$config['max_images'] = {$_POST['max_images']};
\$config['file_script'] = '$b/main.js';
\$config['additional_javascripts'][] = 'js/multi-image.js';";
} else {
$multiimage = '';
}
$anonymous = base64_encode($_POST['anonymous']); $anonymous = base64_encode($_POST['anonymous']);
$blotter = base64_encode(purify(html_entity_decode($_POST['blotter']))); $blotter = base64_encode(purify(html_entity_decode($_POST['blotter'])));
$add_to_config = @file_get_contents($b.'/extra_config.php');
$replace = '';
if (isset($_POST['replace'])) {
if (count($_POST['replace']) == count($_POST['with'])) {
foreach ($_POST['replace'] as $i => $r ) {
if ($r !== '') {
$w = $_POST['with'][$i];
$replace .= '$config[\'wordfilters\'][] = array(base64_decode(\'' . base64_encode($r) . '\'), base64_decode(\'' . base64_encode($w) . '\'));';
}
}
}
}
if (!(strlen($title) < 40)) if (!(strlen($title) < 40))
error('Invalid title'); error('Invalid title');
@ -120,6 +274,7 @@ require_once "htmlpurifier-4.5.0/library/HTMLPurifier.auto.php";
$query->bindValue(':uri', $b); $query->bindValue(':uri', $b);
$query->execute() or error(db_error($query)); $query->execute() or error(db_error($query));
$config_file = <<<EOT $config_file = <<<EOT
<?php <?php
\$config['country_flags'] = $country_flags; \$config['country_flags'] = $country_flags;
@ -128,20 +283,32 @@ require_once "htmlpurifier-4.5.0/library/HTMLPurifier.auto.php";
\$config['force_image_op'] = $force_image_op; \$config['force_image_op'] = $force_image_op;
\$config['disable_images'] = $disable_images; \$config['disable_images'] = $disable_images;
\$config['poster_ids'] = $poster_ids; \$config['poster_ids'] = $poster_ids;
\$config['show_sages'] = $show_sages;
\$config['auto_unicode'] = $auto_unicode;
\$config['anonymous'] = base64_decode('$anonymous'); \$config['anonymous'] = base64_decode('$anonymous');
\$config['blotter'] = base64_decode('$blotter'); \$config['blotter'] = base64_decode('$blotter');
\$config['stylesheets']['Custom'] = 'board/$b.css'; \$config['stylesheets']['Custom'] = 'board/$b.css';
\$config['default_stylesheet'] = array('Custom', \$config['stylesheets']['Custom']); \$config['default_stylesheet'] = array('Custom', \$config['stylesheets']['Custom']);
$code_tags $code_tags $mathjax $oekaki $replace $multiimage
$mathjax
if (\$config['disable_images']) if (\$config['disable_images'])
\$config['max_pages'] = 10000; \$config['max_pages'] = 10000;
$locale
$add_to_config
EOT; EOT;
file_write($b.'/config.php', $config_file); file_write($b.'/config.php', $config_file);
file_write('stylesheets/board/'.$b.'.css', $_POST['css']); file_write('stylesheets/board/'.$b.'.css', $_POST['css']);
file_write($b.'/rules.html', Element('page.html', array('title'=>'Rules', 'subtitle'=>'', 'config'=>$config, 'body'=>'<div class="ban">'.purify($_POST['rules']).'</div>'))); file_write($b.'/rules.html', Element('page.html', array('title'=>'Rules', 'subtitle'=>'', 'config'=>$config, 'body'=>'<div class="ban">'.purify($_POST['rules']).'</div>')));
file_write($b.'/rules.txt', $_POST['rules']); file_write($b.'/rules.txt', $_POST['rules']);
openBoard($b);
buildIndex();
buildJavascript();
$query = query(sprintf("SELECT `id` FROM ``posts_%s`` WHERE `thread` IS NULL", $b)) or error(db_error());
while ($post = $query->fetch(PDO::FETCH_ASSOC)) {
buildThread($post['id']);
}
modLog('Edited board settings', $b);
} }
$query = prepare('SELECT * FROM boards WHERE uri = :board'); $query = prepare('SELECT * FROM boards WHERE uri = :board');
@ -154,7 +321,9 @@ EOT;
openBoard($b); openBoard($b);
buildIndex(); if ($config['cache']['enabled'])
cache::delete('board_' . $board['uri']);
cache::delete('all_boards');
mod_page(_('Board configuration'), 'mod/settings.html', array('board'=>$board, 'rules'=>prettify_textarea($rules), 'css'=>prettify_textarea($css), 'token'=>make_secure_link_token('settings/'.$board['uri']))); mod_page(_('Board configuration'), 'mod/settings.html', array('board'=>$board, 'rules'=>prettify_textarea($rules), 'css'=>prettify_textarea($css), 'token'=>make_secure_link_token('settings/'.$board['uri']), 'languages'=>$possible_languages));
}; };