Merge branch 'master' of https://github.com/savetheinternet/Tinyboard into vichan-devel-4.5
Conflicts: inc/config.php install.php post.php stylesheets/style.css
This commit is contained in:
@@ -156,7 +156,9 @@ function mod_dashboard() {
|
||||
if ($latest)
|
||||
$args['newer_release'] = $latest;
|
||||
}
|
||||
|
||||
|
||||
$args['logout_token'] = make_secure_link_token('logout');
|
||||
|
||||
mod_page(_('Dashboard'), 'mod/dashboard.html', $args);
|
||||
}
|
||||
|
||||
@@ -210,7 +212,7 @@ function mod_search($type, $search_query_escaped, $page_no = 1) {
|
||||
|
||||
// Array of phrases to match
|
||||
$match = array();
|
||||
|
||||
|
||||
// Exact phrases ("like this")
|
||||
if (preg_match_all('/"(.+?)"/', $query, $exact_phrases)) {
|
||||
$exact_phrases = $exact_phrases[1];
|
||||
@@ -230,14 +232,14 @@ function mod_search($type, $search_query_escaped, $page_no = 1) {
|
||||
|
||||
// Which `field` to search?
|
||||
if ($type == 'posts')
|
||||
$sql_field = array('body_nomarkup', 'filename', 'subject', 'filehash', 'ip', 'name', 'trip');
|
||||
$sql_field = array('body_nomarkup', 'filename', 'file', 'subject', 'filehash', 'ip', 'name', 'trip');
|
||||
if ($type == 'IP_notes')
|
||||
$sql_field = 'body';
|
||||
if ($type == 'bans')
|
||||
$sql_field = 'reason';
|
||||
if ($type == 'log')
|
||||
$sql_field = 'text';
|
||||
|
||||
|
||||
// Build the "LIKE 'this' AND LIKE 'that'" etc. part of the SQL query
|
||||
$sql_like = '';
|
||||
foreach ($match as $phrase) {
|
||||
@@ -254,16 +256,14 @@ function mod_search($type, $search_query_escaped, $page_no = 1) {
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
// Compile SQL query
|
||||
|
||||
if ($type == 'posts') {
|
||||
$query = '';
|
||||
|
||||
$boards = listBoards();
|
||||
if (empty($boards))
|
||||
error(_('There are no boards to search!'));
|
||||
|
||||
|
||||
foreach ($boards as $board) {
|
||||
openBoard($board['uri']);
|
||||
if (!hasPermission($config['mod']['search_posts'], $board['uri']))
|
||||
@@ -435,7 +435,10 @@ function mod_edit_board($boardName) {
|
||||
|
||||
header('Location: ?/', true, $config['redirect_http']);
|
||||
} else {
|
||||
mod_page(sprintf('%s: ' . $config['board_abbreviation'], _('Edit board'), $board['uri']), 'mod/board.html', array('board' => $board));
|
||||
mod_page(sprintf('%s: ' . $config['board_abbreviation'], _('Edit board'), $board['uri']), 'mod/board.html', array(
|
||||
'board' => $board,
|
||||
'token' => make_secure_link_token('edit/' . $board['uri'])
|
||||
));
|
||||
}
|
||||
}
|
||||
|
||||
@@ -505,7 +508,7 @@ function mod_new_board() {
|
||||
header('Location: ?/' . $board['uri'] . '/' . $config['file_index'], true, $config['redirect_http']);
|
||||
}
|
||||
|
||||
mod_page(_('New board'), 'mod/board.html', array('new' => true));
|
||||
mod_page(_('New board'), 'mod/board.html', array('new' => true, 'token' => make_secure_link_token('new-board')));
|
||||
}
|
||||
|
||||
function mod_noticeboard($page_no = 1) {
|
||||
@@ -548,11 +551,19 @@ function mod_noticeboard($page_no = 1) {
|
||||
if (empty($noticeboard) && $page_no > 1)
|
||||
error($config['error']['404']);
|
||||
|
||||
foreach ($noticeboard as &$entry) {
|
||||
$entry['delete_token'] = make_secure_link_token('noticeboard/delete/' . $entry['id']);
|
||||
}
|
||||
|
||||
$query = prepare("SELECT COUNT(*) FROM ``noticeboard``");
|
||||
$query->execute() or error(db_error($query));
|
||||
$count = $query->fetchColumn();
|
||||
|
||||
mod_page(_('Noticeboard'), 'mod/noticeboard.html', array('noticeboard' => $noticeboard, 'count' => $count));
|
||||
mod_page(_('Noticeboard'), 'mod/noticeboard.html', array(
|
||||
'noticeboard' => $noticeboard,
|
||||
'count' => $count,
|
||||
'token' => make_secure_link_token('noticeboard')
|
||||
));
|
||||
}
|
||||
|
||||
function mod_noticeboard_delete($id) {
|
||||
@@ -609,11 +620,15 @@ function mod_news($page_no = 1) {
|
||||
if (empty($news) && $page_no > 1)
|
||||
error($config['error']['404']);
|
||||
|
||||
foreach ($news as &$entry) {
|
||||
$entry['delete_token'] = make_secure_link_token('news/delete/' . $entry['id']);
|
||||
}
|
||||
|
||||
$query = prepare("SELECT COUNT(*) FROM ``news``");
|
||||
$query->execute() or error(db_error($query));
|
||||
$count = $query->fetchColumn();
|
||||
|
||||
mod_page(_('News'), 'mod/news.html', array('news' => $news, 'count' => $count));
|
||||
mod_page(_('News'), 'mod/news.html', array('news' => $news, 'count' => $count, 'token' => make_secure_link_token('news')));
|
||||
}
|
||||
|
||||
function mod_news_delete($id) {
|
||||
@@ -829,6 +844,8 @@ function mod_page_ip($ip) {
|
||||
$args['logs'] = array();
|
||||
}
|
||||
|
||||
$args['security_token'] = make_secure_link_token('IP/' . $ip);
|
||||
|
||||
mod_page(sprintf('%s: %s', _('IP'), $ip), 'mod/view_ip.html', $args, $args['hostname']);
|
||||
}
|
||||
|
||||
@@ -891,9 +908,86 @@ function mod_bans($page_no = 1) {
|
||||
$ban['single_addr'] = true;
|
||||
}
|
||||
|
||||
mod_page(_('Ban list'), 'mod/ban_list.html', array('bans' => $bans, 'count' => Bans::count()));
|
||||
mod_page(_('Ban list'), 'mod/ban_list.html', array(
|
||||
'bans' => $bans,
|
||||
'count' => Bans::count(),
|
||||
'token' => make_secure_link_token('bans')
|
||||
));
|
||||
}
|
||||
|
||||
function mod_ban_appeals() {
|
||||
global $config, $board;
|
||||
|
||||
if (!hasPermission($config['mod']['view_ban_appeals']))
|
||||
error($config['error']['noaccess']);
|
||||
|
||||
// Remove stale ban appeals
|
||||
query("DELETE FROM ``ban_appeals`` WHERE NOT EXISTS (SELECT 1 FROM ``bans`` WHERE `ban_id` = ``bans``.`id`)")
|
||||
or error(db_error());
|
||||
|
||||
if (isset($_POST['appeal_id']) && (isset($_POST['unban']) || isset($_POST['deny']))) {
|
||||
if (!hasPermission($config['mod']['ban_appeals']))
|
||||
error($config['error']['noaccess']);
|
||||
|
||||
$query = query("SELECT *, ``ban_appeals``.`id` AS `id` FROM ``ban_appeals``
|
||||
LEFT JOIN ``bans`` ON `ban_id` = ``bans``.`id`
|
||||
WHERE ``ban_appeals``.`id` = " . (int)$_POST['appeal_id']) or error(db_error());
|
||||
if (!$ban = $query->fetch(PDO::FETCH_ASSOC)) {
|
||||
error(_('Ban appeal not found!'));
|
||||
}
|
||||
|
||||
$ban['mask'] = Bans::range_to_string(array($ban['ipstart'], $ban['ipend']));
|
||||
|
||||
if (isset($_POST['unban'])) {
|
||||
modLog('Accepted ban appeal #' . $ban['id'] . ' for ' . $ban['mask']);
|
||||
Bans::delete($ban['ban_id'], true);
|
||||
query("DELETE FROM ``ban_appeals`` WHERE `id` = " . $ban['id']) or error(db_error());
|
||||
} else {
|
||||
modLog('Denied ban appeal #' . $ban['id'] . ' for ' . $ban['mask']);
|
||||
query("UPDATE ``ban_appeals`` SET `denied` = 1 WHERE `id` = " . $ban['id']) or error(db_error());
|
||||
}
|
||||
|
||||
header('Location: ?/ban-appeals', true, $config['redirect_http']);
|
||||
return;
|
||||
}
|
||||
|
||||
$query = query("SELECT *, ``ban_appeals``.`id` AS `id` FROM ``ban_appeals``
|
||||
LEFT JOIN ``bans`` ON `ban_id` = ``bans``.`id`
|
||||
WHERE `denied` != 1 ORDER BY `time`") or error(db_error());
|
||||
$ban_appeals = $query->fetchAll(PDO::FETCH_ASSOC);
|
||||
foreach ($ban_appeals as &$ban) {
|
||||
if ($ban['post'])
|
||||
$ban['post'] = json_decode($ban['post'], true);
|
||||
$ban['mask'] = Bans::range_to_string(array($ban['ipstart'], $ban['ipend']));
|
||||
|
||||
if ($ban['post'] && isset($ban['post']['board'], $ban['post']['id'])) {
|
||||
if (openBoard($ban['post']['board'])) {
|
||||
$query = query(sprintf("SELECT `thumb`, `file` FROM ``posts_%s`` WHERE `id` = " .
|
||||
(int)$ban['post']['id'], $board['uri']));
|
||||
if ($_post = $query->fetch(PDO::FETCH_ASSOC)) {
|
||||
$ban['post'] = array_merge($ban['post'], $_post);
|
||||
} else {
|
||||
$ban['post']['file'] = 'deleted';
|
||||
$ban['post']['thumb'] = false;
|
||||
}
|
||||
} else {
|
||||
$ban['post']['file'] = 'deleted';
|
||||
$ban['post']['thumb'] = false;
|
||||
}
|
||||
|
||||
if ($ban['post']['thread']) {
|
||||
$ban['post'] = new Post($ban['post']);
|
||||
} else {
|
||||
$ban['post'] = new Thread($ban['post'], null, false, false);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
mod_page(_('Ban appeals'), 'mod/ban_appeals.html', array(
|
||||
'ban_appeals' => $ban_appeals,
|
||||
'token' => make_secure_link_token('ban-appeals')
|
||||
));
|
||||
}
|
||||
|
||||
function mod_lock($board, $unlock, $post) {
|
||||
global $config;
|
||||
@@ -1675,7 +1769,12 @@ function mod_user($uid) {
|
||||
|
||||
$user['boards'] = explode(',', $user['boards']);
|
||||
|
||||
mod_page(_('Edit user'), 'mod/user.html', array('user' => $user, 'logs' => $log, 'boards' => listBoards()));
|
||||
mod_page(_('Edit user'), 'mod/user.html', array(
|
||||
'user' => $user,
|
||||
'logs' => $log,
|
||||
'boards' => listBoards(),
|
||||
'token' => make_secure_link_token('users/' . $user['id'])
|
||||
));
|
||||
}
|
||||
|
||||
function mod_user_new() {
|
||||
@@ -1728,7 +1827,7 @@ function mod_user_new() {
|
||||
return;
|
||||
}
|
||||
|
||||
mod_page(_('Edit user'), 'mod/user.html', array('new' => true, 'boards' => listBoards()));
|
||||
mod_page(_('New user'), 'mod/user.html', array('new' => true, 'boards' => listBoards(), 'token' => make_secure_link_token('users/new')));
|
||||
}
|
||||
|
||||
|
||||
@@ -1738,9 +1837,18 @@ function mod_users() {
|
||||
if (!hasPermission($config['mod']['manageusers']))
|
||||
error($config['error']['noaccess']);
|
||||
|
||||
$query = query("SELECT *, (SELECT `time` FROM ``modlogs`` WHERE `mod` = `id` ORDER BY `time` DESC LIMIT 1) AS `last`, (SELECT `text` FROM ``modlogs`` WHERE `mod` = `id` ORDER BY `time` DESC LIMIT 1) AS `action` FROM ``mods`` ORDER BY `type` DESC,`id`") or error(db_error());
|
||||
$query = query("SELECT
|
||||
*,
|
||||
(SELECT `time` FROM ``modlogs`` WHERE `mod` = `id` ORDER BY `time` DESC LIMIT 1) AS `last`,
|
||||
(SELECT `text` FROM ``modlogs`` WHERE `mod` = `id` ORDER BY `time` DESC LIMIT 1) AS `action`
|
||||
FROM ``mods`` ORDER BY `type` DESC,`id`") or error(db_error());
|
||||
$users = $query->fetchAll(PDO::FETCH_ASSOC);
|
||||
|
||||
foreach ($users as &$user) {
|
||||
$user['promote_token'] = make_secure_link_token("users/{$user['id']}/promote");
|
||||
$user['demote_token'] = make_secure_link_token("users/{$user['id']}/demote");
|
||||
}
|
||||
|
||||
mod_page(sprintf('%s (%d)', _('Manage users'), count($users)), 'mod/users.html', array('users' => $users));
|
||||
}
|
||||
|
||||
@@ -1832,7 +1940,10 @@ function mod_pm($id, $reply = false) {
|
||||
error($config['error']['404']); // deleted?
|
||||
|
||||
mod_page(sprintf('%s %s', _('New PM for'), $pm['to_username']), 'mod/new_pm.html', array(
|
||||
'username' => $pm['username'], 'id' => $pm['sender'], 'message' => quote($pm['message'])
|
||||
'username' => $pm['username'],
|
||||
'id' => $pm['sender'],
|
||||
'message' => quote($pm['message']),
|
||||
'token' => make_secure_link_token('new_PM/' . $pm['username'])
|
||||
));
|
||||
} else {
|
||||
mod_page(sprintf('%s – #%d', _('Private message'), $id), 'mod/pm.html', $pm);
|
||||
@@ -1904,7 +2015,11 @@ function mod_new_pm($username) {
|
||||
header('Location: ?/', true, $config['redirect_http']);
|
||||
}
|
||||
|
||||
mod_page(sprintf('%s %s', _('New PM for'), $username), 'mod/new_pm.html', array('username' => $username, 'id' => $id));
|
||||
mod_page(sprintf('%s %s', _('New PM for'), $username), 'mod/new_pm.html', array(
|
||||
'username' => $username,
|
||||
'id' => $id,
|
||||
'token' => make_secure_link_token('new_PM/' . $username)
|
||||
));
|
||||
}
|
||||
|
||||
function mod_rebuild() {
|
||||
@@ -1973,7 +2088,10 @@ function mod_rebuild() {
|
||||
return;
|
||||
}
|
||||
|
||||
mod_page(_('Rebuild'), 'mod/rebuild.html', array('boards' => listBoards()));
|
||||
mod_page(_('Rebuild'), 'mod/rebuild.html', array(
|
||||
'boards' => listBoards(),
|
||||
'token' => make_secure_link_token('rebuild')
|
||||
));
|
||||
}
|
||||
|
||||
function mod_reports() {
|
||||
@@ -2028,7 +2146,13 @@ function mod_reports() {
|
||||
}
|
||||
|
||||
// a little messy and inefficient
|
||||
$append_html = Element('mod/report.html', array('report' => $report, 'config' => $config, 'mod' => $mod));
|
||||
$append_html = Element('mod/report.html', array(
|
||||
'report' => $report,
|
||||
'config' => $config,
|
||||
'mod' => $mod,
|
||||
'token' => make_secure_link_token('reports/' . $report['id'] . '/dismiss'),
|
||||
'token_all' => make_secure_link_token('reports/' . $report['id'] . '/dismissall')
|
||||
));
|
||||
|
||||
// Bug fix for https://github.com/savetheinternet/Tinyboard/issues/21
|
||||
$po->body = truncate($po->body, $po->link(), $config['body_truncate'] - substr_count($append_html, '<br>'));
|
||||
@@ -2131,7 +2255,8 @@ function mod_config($board_config = false) {
|
||||
'readonly' => $readonly,
|
||||
'boards' => listBoards(),
|
||||
'board' => $board_config,
|
||||
'file' => $config_file
|
||||
'file' => $config_file,
|
||||
'token' => make_secure_link_token('config' . ($board_config ? '/' . $board_config : ''))
|
||||
));
|
||||
return;
|
||||
}
|
||||
@@ -2214,17 +2339,18 @@ function mod_config($board_config = false) {
|
||||
}
|
||||
}
|
||||
|
||||
header('Location: ?/config', true, $config['redirect_http']);
|
||||
header('Location: ?/config' . ($board_config ? '/' . $board_config : ''), true, $config['redirect_http']);
|
||||
|
||||
exit;
|
||||
}
|
||||
|
||||
|
||||
mod_page(_('Config editor') . ($board_config ? ': ' . sprintf($config['board_abbreviation'], $board_config) : ''),
|
||||
'mod/config-editor.html', array(
|
||||
'boards' => listBoards(),
|
||||
'board' => $board_config,
|
||||
'conf' => $conf,
|
||||
'file' => $config_file
|
||||
'file' => $config_file,
|
||||
'token' => make_secure_link_token('config' . ($board_config ? '/' . $board_config : ''))
|
||||
));
|
||||
}
|
||||
|
||||
@@ -2250,6 +2376,11 @@ function mod_themes_list() {
|
||||
}
|
||||
}
|
||||
closedir($dir);
|
||||
|
||||
foreach ($themes as $theme_name => &$theme) {
|
||||
$theme['rebuild_token'] = make_secure_link_token('themes/' . $theme_name . '/rebuild');
|
||||
$theme['uninstall_token'] = make_secure_link_token('themes/' . $theme_name . '/uninstall');
|
||||
}
|
||||
|
||||
mod_page(_('Manage themes'), 'mod/themes.html', array(
|
||||
'themes' => $themes,
|
||||
@@ -2320,7 +2451,7 @@ function mod_theme_configure($theme_name) {
|
||||
'theme_name' => $theme_name,
|
||||
'theme' => $theme,
|
||||
'result' => $result,
|
||||
'message' => $message,
|
||||
'message' => $message
|
||||
));
|
||||
return;
|
||||
}
|
||||
@@ -2331,6 +2462,7 @@ function mod_theme_configure($theme_name) {
|
||||
'theme_name' => $theme_name,
|
||||
'theme' => $theme,
|
||||
'settings' => $settings,
|
||||
'token' => make_secure_link_token('themes/' . $theme_name)
|
||||
));
|
||||
}
|
||||
|
||||
@@ -2455,3 +2587,24 @@ function mod_debug_sql() {
|
||||
mod_page(_('Debug: SQL'), 'mod/debug/sql.html', $args);
|
||||
}
|
||||
|
||||
function mod_debug_apc() {
|
||||
global $config;
|
||||
|
||||
if (!hasPermission($config['mod']['debug_apc']))
|
||||
error($config['error']['noaccess']);
|
||||
|
||||
if ($config['cache']['enabled'] != 'apc')
|
||||
error('APC is not enabled.');
|
||||
|
||||
$cache_info = apc_cache_info('user');
|
||||
|
||||
// $cached_vars = new APCIterator('user', '/^' . $config['cache']['prefix'] . '/');
|
||||
$cached_vars = array();
|
||||
foreach ($cache_info['cache_list'] as $var) {
|
||||
if ($config['cache']['prefix'] != '' && strpos(isset($var['key']) ? $var['key'] : $var['info'], $config['cache']['prefix']) !== 0)
|
||||
continue;
|
||||
$cached_vars[] = $var;
|
||||
}
|
||||
|
||||
mod_page(_('Debug: APC'), 'mod/debug/apc.html', array('cached_vars' => $cached_vars));
|
||||
}
|
||||
|
Reference in New Issue
Block a user