natto1784/aslichan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

merge into: natto1784:master
Branches Tags
natto1784:personal natto1784:master
...
pull from: natto1784:personal
Branches Tags
natto1784:personal natto1784:master

9 Commits
master ... personal

Author SHA1 Message Date
natto1784
9e4b8fad4d mass replace REMOTE_ADDR with HTTP_X_REAL_IP 
Signed-off-by: natto1784 <natto@weirdnatto.in>
 2022-11-18 13:59:50 +05:30
natto1784
160b6feb8a inc/config: add own config 
Signed-off-by: natto1784 <natto@weirdnatto.in>
 2022-11-18 11:57:21 +05:30
natto1784
5fd115fe42 templates/themes/catalog: remove old list of styles 
Signed-off-by: natto1784 <natto@weirdnatto.in>
 2022-11-18 11:56:41 +05:30
natto1784
be53257159 templates/themes/index: add stylesheet options 
Signed-off-by: natto1784 <natto@weirdnatto.in>
 2022-11-18 11:55:50 +05:30
natto1784
169e87fab8 make board names bigger 
Signed-off-by: natto1784 <natto@weirdnatto.in>
 2022-11-18 11:40:47 +05:30
natto1784
d6251f2614 fix templates/themes/index.html 
Signed-off-by: natto1784 <natto@weirdnatto.in>
 2022-11-18 11:33:25 +05:30
natto1784
a0791f8aec fix index theme's yt embed 
Signed-off-by: natto1784 <natto@weirdnatto.in>
 2022-11-18 10:23:53 +05:30
natto1784
a8d10f8bfc add Dockerfile 
Signed-off-by: natto1784 <natto@weirdnatto.in>
 2022-11-18 09:48:18 +05:30
natto1784
103cc7d78e correct the banner script based on how lainchan does it 
Signed-off-by: natto1784 <natto@weirdnatto.in>
 2022-11-18 09:43:43 +05:30
11 changed files with 166 additions and 96 deletions
Expand all files Collapse all files

13
Dockerfile Normal file
View File

@@ -0,0 +1,13 @@
FROM php:8.1.12-cli
RUN apt-get update && apt-get install -y libfreetype6-dev libjpeg62-turbo-dev libpng-dev imagemagick graphicsmagick gifsicle libwebp-dev libonig-dev ffmpeg
RUN docker-php-ext-configure gd --enable-gd --with-freetype --with-jpeg --with-webp
RUN docker-php-ext-install gd mbstring pdo pdo_mysql gettext
RUN mkdir /app
RUN echo 'upload_max_filesize = 64M\n\
post_max_size = 64M\n'\
>> /usr/local/etc/php/conf.d/my.ini
WORKDIR /app
CMD ["php", "-S", "0.0.0.0:8080"]

8
b.php
View File

@@ -4,16 +4,16 @@ $files = scandir($dir);
$images = array_diff($files, array('.', '..')); $images = array_diff($files, array('.', '..'));
$name = $images[array_rand($images)]; $name = $images[array_rand($images)];
// open the file in a binary mode // open the file in a binary mode
$fp = fopen($dir . $name, 'rb'); $ext = pathinfo($name, PATHINFO_EXTENSION);
// send the right headers // send the right headers
header('Cache-Control: no-cache, no-store, must-revalidate'); // HTTP 1.1 header('Cache-Control: no-cache, no-store, must-revalidate'); // HTTP 1.1
header('Pragma: no-cache'); // HTTP 1.0 header('Pragma: no-cache'); // HTTP 1.0
header('Expires: 0'); // Proxies header('Expires: 0'); // Proxies
header('Content-Type: ' . $fp['type']); header("Content-type: image/" . $ext);
header('Content-Length: ' . $fp['bytes']); header("Content-Disposition: inline; filename=" . $name);
// dump the picture and stop the script // dump the picture and stop the script
fpassthru($fp); readfile($dir.$name);
exit; exit;
?> ?>

12
inc/filters.php
View File

@@ -38,7 +38,7 @@ class Filter {
foreach ($match as $flood_match_arg) { foreach ($match as $flood_match_arg) {
switch ($flood_match_arg) { switch ($flood_match_arg) {
case 'ip': case 'ip':
if ($flood_post['ip'] != $_SERVER['REMOTE_ADDR']) if ($flood_post['ip'] != $_SERVER['HTTP_X_REAL_IP'])
continue 3; continue 3;
break; break;
case 'body': case 'body':
@@ -117,7 +117,7 @@ class Filter {
} }
return false; return false;
case 'ip': case 'ip':
return preg_match($match, $_SERVER['REMOTE_ADDR']); return preg_match($match, $_SERVER['HTTP_X_REAL_IP']);
case 'op': case 'op':
return $post['op'] == $match; return $post['op'] == $match;
case 'has_file': case 'has_file':
@@ -137,7 +137,7 @@ class Filter {
$this->add_note = isset($this->add_note) ? $this->add_note : false; $this->add_note = isset($this->add_note) ? $this->add_note : false;
if ($this->add_note) { if ($this->add_note) {
$query = prepare('INSERT INTO ``ip_notes`` VALUES (NULL, :ip, :mod, :time, :body)'); $query = prepare('INSERT INTO ``ip_notes`` VALUES (NULL, :ip, :mod, :time, :body)');
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']); $query->bindValue(':ip', $_SERVER['HTTP_X_REAL_IP']);
$query->bindValue(':mod', -1); $query->bindValue(':mod', -1);
$query->bindValue(':time', time()); $query->bindValue(':time', time());
$query->bindValue(':body', "Autoban message: ".$this->post['body']); $query->bindValue(':body', "Autoban message: ".$this->post['body']);
@@ -154,7 +154,7 @@ class Filter {
$this->reject = isset($this->reject) ? $this->reject : true; $this->reject = isset($this->reject) ? $this->reject : true;
$this->all_boards = isset($this->all_boards) ? $this->all_boards : false; $this->all_boards = isset($this->all_boards) ? $this->all_boards : false;
Bans::new_ban($_SERVER['REMOTE_ADDR'], $this->reason, $this->expires, $this->all_boards ? false : $board['uri'], -1); Bans::new_ban($_SERVER['HTTP_X_REAL_IP'], $this->reason, $this->expires, $this->all_boards ? false : $board['uri'], -1);
if ($this->reject) { if ($this->reject) {
if (isset($this->message)) if (isset($this->message))
@@ -223,12 +223,12 @@ function do_filters(array $post) {
if (isset($has_flood)) { if (isset($has_flood)) {
if ($post['has_file']) { if ($post['has_file']) {
$query = prepare("SELECT * FROM ``flood`` WHERE `ip` = :ip OR `posthash` = :posthash OR `filehash` = :filehash"); $query = prepare("SELECT * FROM ``flood`` WHERE `ip` = :ip OR `posthash` = :posthash OR `filehash` = :filehash");
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']); $query->bindValue(':ip', $_SERVER['HTTP_X_REAL_IP']);
$query->bindValue(':posthash', make_comment_hex($post['body_nomarkup'])); $query->bindValue(':posthash', make_comment_hex($post['body_nomarkup']));
$query->bindValue(':filehash', $post['filehash']); $query->bindValue(':filehash', $post['filehash']);
} else { } else {
$query = prepare("SELECT * FROM ``flood`` WHERE `ip` = :ip OR `posthash` = :posthash"); $query = prepare("SELECT * FROM ``flood`` WHERE `ip` = :ip OR `posthash` = :posthash");
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']); $query->bindValue(':ip', $_SERVER['HTTP_X_REAL_IP']);
$query->bindValue(':posthash', make_comment_hex($post['body_nomarkup'])); $query->bindValue(':posthash', make_comment_hex($post['body_nomarkup']));
} }
$query->execute() or error(db_error($query)); $query->execute() or error(db_error($query));

44
inc/functions.php
View File

@@ -46,8 +46,8 @@ function loadConfig() {
$boardsuffix = isset($board['uri']) ? $board['uri'] : ''; $boardsuffix = isset($board['uri']) ? $board['uri'] : '';
if (!isset($_SERVER['REMOTE_ADDR'])) if (!isset($_SERVER['HTTP_X_REAL_IP']))
$_SERVER['REMOTE_ADDR'] = '0.0.0.0'; $_SERVER['HTTP_X_REAL_IP'] = '0.0.0.0';
if (file_exists('tmp/cache/cache_config.php')) { if (file_exists('tmp/cache/cache_config.php')) {
require_once('tmp/cache/cache_config.php'); require_once('tmp/cache/cache_config.php');
@@ -257,11 +257,11 @@ function loadConfig() {
// Keep the original address to properly comply with other board configurations // Keep the original address to properly comply with other board configurations
if (!isset($__ip)) if (!isset($__ip))
$__ip = $_SERVER['REMOTE_ADDR']; $__ip = $_SERVER['HTTP_X_REAL_IP'];
// ::ffff:0.0.0.0 // ::ffff:0.0.0.0
if (preg_match('/^\:\:(ffff\:)?(\d+\.\d+\.\d+\.\d+)$/', $__ip, $m)) if (preg_match('/^\:\:(ffff\:)?(\d+\.\d+\.\d+\.\d+)$/', $__ip, $m))
$_SERVER['REMOTE_ADDR'] = $m[2]; $_SERVER['HTTP_X_REAL_IP'] = $m[2];
if ($config['verbose_errors']) { if ($config['verbose_errors']) {
set_error_handler('verbose_error_handler'); set_error_handler('verbose_error_handler');
@@ -354,9 +354,9 @@ function fatal_error_handler() {
} }
function _syslog($priority, $message) { function _syslog($priority, $message) {
if (isset($_SERVER['REMOTE_ADDR'], $_SERVER['REQUEST_METHOD'], $_SERVER['REQUEST_URI'])) { if (isset($_SERVER['HTTP_X_REAL_IP'], $_SERVER['REQUEST_METHOD'], $_SERVER['REQUEST_URI'])) {
// CGI // CGI
syslog($priority, $message . ' - client: ' . $_SERVER['REMOTE_ADDR'] . ', request: "' . $_SERVER['REQUEST_METHOD'] . ' ' . $_SERVER['REQUEST_URI'] . '"'); syslog($priority, $message . ' - client: ' . $_SERVER['HTTP_X_REAL_IP'] . ', request: "' . $_SERVER['REQUEST_METHOD'] . ' ' . $_SERVER['REQUEST_URI'] . '"');
} else { } else {
syslog($priority, $message); syslog($priority, $message);
} }
@@ -844,7 +844,7 @@ function displayBan($ban) {
Bans::seen($ban['id']); Bans::seen($ban['id']);
} }
$ban['ip'] = $_SERVER['REMOTE_ADDR']; $ban['ip'] = $_SERVER['HTTP_X_REAL_IP'];
if ($ban['post'] && isset($ban['post']['board'], $ban['post']['id'])) { if ($ban['post'] && isset($ban['post']['board'], $ban['post']['id'])) {
if (openBoard($ban['post']['board'])) { if (openBoard($ban['post']['board'])) {
@@ -896,7 +896,7 @@ function displayBan($ban) {
function checkBan($board = false) { function checkBan($board = false) {
global $config; global $config;
if (!isset($_SERVER['REMOTE_ADDR'])) { if (!isset($_SERVER['HTTP_X_REAL_IP'])) {
// Server misconfiguration // Server misconfiguration
return; return;
} }
@@ -906,7 +906,7 @@ function checkBan($board = false) {
$ips = array(); $ips = array();
$ips[] = $_SERVER['REMOTE_ADDR']; $ips[] = $_SERVER['HTTP_X_REAL_IP'];
if ($config['proxy_check'] && isset($_SERVER['HTTP_X_FORWARDED_FOR'])) { if ($config['proxy_check'] && isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$ips = array_merge($ips, explode(", ", $_SERVER['HTTP_X_FORWARDED_FOR'])); $ips = array_merge($ips, explode(", ", $_SERVER['HTTP_X_FORWARDED_FOR']));
@@ -1004,7 +1004,7 @@ function insertFloodPost(array $post) {
global $board; global $board;
$query = prepare("INSERT INTO ``flood`` VALUES (NULL, :ip, :board, :time, :posthash, :filehash, :isreply)"); $query = prepare("INSERT INTO ``flood`` VALUES (NULL, :ip, :board, :time, :posthash, :filehash, :isreply)");
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']); $query->bindValue(':ip', $_SERVER['HTTP_X_REAL_IP']);
$query->bindValue(':board', $board['uri']); $query->bindValue(':board', $board['uri']);
$query->bindValue(':time', time()); $query->bindValue(':time', time());
$query->bindValue(':posthash', make_comment_hex($post['body_nomarkup'])); $query->bindValue(':posthash', make_comment_hex($post['body_nomarkup']));
@@ -1044,7 +1044,7 @@ function post(array $post) {
$query->bindValue(':body_nomarkup', $post['body_nomarkup']); $query->bindValue(':body_nomarkup', $post['body_nomarkup']);
$query->bindValue(':time', isset($post['time']) ? $post['time'] : time(), PDO::PARAM_INT); $query->bindValue(':time', isset($post['time']) ? $post['time'] : time(), PDO::PARAM_INT);
$query->bindValue(':password', $post['password']); $query->bindValue(':password', $post['password']);
$query->bindValue(':ip', isset($post['ip']) ? $post['ip'] : $_SERVER['REMOTE_ADDR']); $query->bindValue(':ip', isset($post['ip']) ? $post['ip'] : $_SERVER['HTTP_X_REAL_IP']);
if ($post['op'] && $post['mod'] && isset($post['sticky']) && $post['sticky']) { if ($post['op'] && $post['mod'] && isset($post['sticky']) && $post['sticky']) {
$query->bindValue(':sticky', true, PDO::PARAM_INT); $query->bindValue(':sticky', true, PDO::PARAM_INT);
@@ -1595,7 +1595,7 @@ function muteTime() {
// Find number of mutes in the past X hours // Find number of mutes in the past X hours
$query = prepare("SELECT COUNT(*) FROM ``mutes`` WHERE `time` >= :time AND `ip` = :ip"); $query = prepare("SELECT COUNT(*) FROM ``mutes`` WHERE `time` >= :time AND `ip` = :ip");
$query->bindValue(':time', time()-($config['robot_mute_hour']*3600), PDO::PARAM_INT); $query->bindValue(':time', time()-($config['robot_mute_hour']*3600), PDO::PARAM_INT);
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']); $query->bindValue(':ip', $_SERVER['HTTP_X_REAL_IP']);
$query->execute() or error(db_error($query)); $query->execute() or error(db_error($query));
if (!$result = $query->fetchColumn()) if (!$result = $query->fetchColumn())
@@ -1607,7 +1607,7 @@ function mute() {
// Insert mute // Insert mute
$query = prepare("INSERT INTO ``mutes`` VALUES (:ip, :time)"); $query = prepare("INSERT INTO ``mutes`` VALUES (:ip, :time)");
$query->bindValue(':time', time(), PDO::PARAM_INT); $query->bindValue(':time', time(), PDO::PARAM_INT);
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']); $query->bindValue(':ip', $_SERVER['HTTP_X_REAL_IP']);
$query->execute() or error(db_error($query)); $query->execute() or error(db_error($query));
return muteTime(); return muteTime();
@@ -1618,7 +1618,7 @@ function checkMute() {
if ($config['cache']['enabled']) { if ($config['cache']['enabled']) {
// Cached mute? // Cached mute?
if (($mute = cache::get("mute_${_SERVER['REMOTE_ADDR']}")) && ($mutetime = cache::get("mutetime_${_SERVER['REMOTE_ADDR']}"))) { if (($mute = cache::get("mute_${_SERVER['HTTP_X_REAL_IP']}")) && ($mutetime = cache::get("mutetime_${_SERVER['HTTP_X_REAL_IP']}"))) {
error(sprintf($config['error']['youaremuted'], $mute['time'] + $mutetime - time())); error(sprintf($config['error']['youaremuted'], $mute['time'] + $mutetime - time()));
} }
} }
@@ -1627,7 +1627,7 @@ function checkMute() {
if ($mutetime > 0) { if ($mutetime > 0) {
// Find last mute time // Find last mute time
$query = prepare("SELECT `time` FROM ``mutes`` WHERE `ip` = :ip ORDER BY `time` DESC LIMIT 1"); $query = prepare("SELECT `time` FROM ``mutes`` WHERE `ip` = :ip ORDER BY `time` DESC LIMIT 1");
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']); $query->bindValue(':ip', $_SERVER['HTTP_X_REAL_IP']);
$query->execute() or error(db_error($query)); $query->execute() or error(db_error($query));
if (!$mute = $query->fetch(PDO::FETCH_ASSOC)) { if (!$mute = $query->fetch(PDO::FETCH_ASSOC)) {
@@ -1637,8 +1637,8 @@ function checkMute() {
if ($mute['time'] + $mutetime > time()) { if ($mute['time'] + $mutetime > time()) {
if ($config['cache']['enabled']) { if ($config['cache']['enabled']) {
cache::set("mute_${_SERVER['REMOTE_ADDR']}", $mute, $mute['time'] + $mutetime - time()); cache::set("mute_${_SERVER['HTTP_X_REAL_IP']}", $mute, $mute['time'] + $mutetime - time());
cache::set("mutetime_${_SERVER['REMOTE_ADDR']}", $mutetime, $mute['time'] + $mutetime - time()); cache::set("mutetime_${_SERVER['HTTP_X_REAL_IP']}", $mutetime, $mute['time'] + $mutetime - time());
} }
// Not expired yet // Not expired yet
error(sprintf($config['error']['youaremuted'], $mute['time'] + $mutetime - time())); error(sprintf($config['error']['youaremuted'], $mute['time'] + $mutetime - time()));
@@ -1879,16 +1879,16 @@ function checkDNSBL() {
if (isIPv6()) if (isIPv6())
return; // No IPv6 support yet. return; // No IPv6 support yet.
if (!isset($_SERVER['REMOTE_ADDR'])) if (!isset($_SERVER['HTTP_X_REAL_IP']))
return; // Fix your web server configuration return; // Fix your web server configuration
if (preg_match("/^(::(ffff:)?)?(127\.|192\.168\.|10\.|172\.(1[6-9]|2[0-9]|3[0-1])\.|0\.|255\.)/", $_SERVER['REMOTE_ADDR'])) if (preg_match("/^(::(ffff:)?)?(127\.|192\.168\.|10\.|172\.(1[6-9]|2[0-9]|3[0-1])\.|0\.|255\.)/", $_SERVER['HTTP_X_REAL_IP']))
return; // It's pointless to check for local IP addresses in dnsbls, isn't it? return; // It's pointless to check for local IP addresses in dnsbls, isn't it?
if (in_array($_SERVER['REMOTE_ADDR'], $config['dnsbl_exceptions'])) if (in_array($_SERVER['HTTP_X_REAL_IP'], $config['dnsbl_exceptions']))
return; return;
$ipaddr = ReverseIPOctets($_SERVER['REMOTE_ADDR']); $ipaddr = ReverseIPOctets($_SERVER['HTTP_X_REAL_IP']);
foreach ($config['dnsbl'] as $blacklist) { foreach ($config['dnsbl'] as $blacklist) {
if (!is_array($blacklist)) if (!is_array($blacklist))
@@ -1921,7 +1921,7 @@ function checkDNSBL() {
} }
function isIPv6() { function isIPv6() {
return strstr($_SERVER['REMOTE_ADDR'], ':') !== false; return strstr($_SERVER['HTTP_X_REAL_IP'], ':') !== false;
} }
function ReverseIPOctets($ip) { function ReverseIPOctets($ip) {

54
inc/own.php Normal file
View File

@@ -0,0 +1,54 @@
<?php
$config['page_nav_top'] = true;
$config['global_message'] = 'alo';
$config['country_flags'] = false;
$config['allow_no_country'] = false;
$config['thumb_method'] = 'convert';
$config['additional_javascript'][] = 'js/multi-image.js';
$config['additional_javascript'][] = '../js/image-hover.js';
$config['additional_javascript'][] = '../js/show-backlinks.js';
$config['additional_javascript'][] = '../js/style-select.js';
$config['max_images'] = 5;
$config['stylesheets']['Futaba'] = 'futaba.css';
$config['stylesheets']['Dark'] = 'dark.css';
$config['stylesheets']['Gentoochan'] = 'gentoochan.css';
$config['stylesheets']['Nigrachan'] = 'nigrachan.css';
$config['stylesheets']['Ricechan'] = 'ricechan.css';
$config['stylesheets']['Photon'] = 'photon.css';
$config['stylesheets']['Wasabi'] = 'wasabi.css';
$config['stylesheets']['Miku'] = 'miku.css';
$config['allowed_ext'][] = 'svg';
$config['allowed_ext'][] = 'webp';
$config['allowed_ext_files'][] = 'mp4';
$config['allowed_ext_files'][] = 'webm';
$config['webm']['use_ffmpeg'] = true;
$config['webm']['allow_audio'] = true;
$config['max_filesize'] = 50 * 1024 * 1024;
$config['image_identification'] = true;
$config['image_identification_imgops'] = true;
$config['image_identification_exif'] = true;
$config['image_identification_google'] = true;
$config['image_identification_yandex'] = true;
$config['image_identification_iqdb'] = true;
$config['anonymous'] = array('anon', 'asli', 'gujjar', 'pankaj', 'sunil');
$config['timezone'] = 'Asia/Kolkata';
$config['post_date'] = '%d/%m/%y (%a) %H:%M:%S';
$config['boardlist_wrap_bracket'] = true;
$config['page_nav_top'] = true;
$config['enable_embedding'] = true;
$config['boards'] = array(array('home' => '/' ), array('b'));
?>

19
post.php
View File

@@ -9,8 +9,8 @@ $dropped_post = false;
// Is it a post coming from NNTP? Let's extract it and pretend it's a normal post. // Is it a post coming from NNTP? Let's extract it and pretend it's a normal post.
if (isset($_GET['Newsgroups']) && $config['nntpchan']['enabled']) { if (isset($_GET['Newsgroups']) && $config['nntpchan']['enabled']) {
if ($_SERVER['REMOTE_ADDR'] != $config['nntpchan']['trusted_peer']) { if ($_SERVER['HTTP_X_REAL_IP'] != $config['nntpchan']['trusted_peer']) {
error("NNTPChan: Forbidden. $_SERVER[REMOTE_ADDR] is not a trusted peer"); error("NNTPChan: Forbidden. $_SERVER[HTTP_X_REAL_IP] is not a trusted peer");
} }
$_POST = array(); $_POST = array();
@@ -327,7 +327,7 @@ if (isset($_POST['delete'])) {
$post = $query->fetch(PDO::FETCH_ASSOC); $post = $query->fetch(PDO::FETCH_ASSOC);
$error = event('report', array('ip' => $_SERVER['REMOTE_ADDR'], 'board' => $board['uri'], 'post' => $post, 'reason' => $reason, 'link' => link_for($post))); $error = event('report', array('ip' => $_SERVER['HTTP_X_REAL_IP'], 'board' => $board['uri'], 'post' => $post, 'reason' => $reason, 'link' => link_for($post)));
if ($error) { if ($error) {
error($error); error($error);
@@ -340,7 +340,7 @@ if (isset($_POST['delete'])) {
); );
$query = prepare("INSERT INTO ``reports`` VALUES (NULL, :time, :ip, :board, :post, :reason)"); $query = prepare("INSERT INTO ``reports`` VALUES (NULL, :time, :ip, :board, :post, :reason)");
$query->bindValue(':time', time(), PDO::PARAM_INT); $query->bindValue(':time', time(), PDO::PARAM_INT);
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR'], PDO::PARAM_STR); $query->bindValue(':ip', $_SERVER['HTTP_X_REAL_IP'], PDO::PARAM_STR);
$query->bindValue(':board', $board['uri'], PDO::PARAM_STR); $query->bindValue(':board', $board['uri'], PDO::PARAM_STR);
$query->bindValue(':post', $id, PDO::PARAM_INT); $query->bindValue(':post', $id, PDO::PARAM_INT);
$query->bindValue(':reason', $reason, PDO::PARAM_STR); $query->bindValue(':reason', $reason, PDO::PARAM_STR);
@@ -404,7 +404,7 @@ if (isset($_POST['delete'])) {
$resp = json_decode(file_get_contents(sprintf('https://www.recaptcha.net/recaptcha/api/siteverify?secret=%s&response=%s&remoteip=%s', $resp = json_decode(file_get_contents(sprintf('https://www.recaptcha.net/recaptcha/api/siteverify?secret=%s&response=%s&remoteip=%s',
$config['recaptcha_private'], $config['recaptcha_private'],
urlencode($_POST['g-recaptcha-response']), urlencode($_POST['g-recaptcha-response']),
$_SERVER['REMOTE_ADDR'])), true); $_SERVER['HTTP_X_REAL_IP'])), true);
if (!$resp['success']) { if (!$resp['success']) {
error($config['error']['captcha']); error($config['error']['captcha']);
@@ -756,11 +756,10 @@ if (isset($_POST['delete'])) {
$part8 = base_convert(($iparr[2] * 256) + $iparr[3], 10, 16); $part8 = base_convert(($iparr[2] * 256) + $iparr[3], 10, 16);
return '::ffff:'.$part7.':'.$part8; return '::ffff:'.$part7.':'.$part8;
} }
if ($country_code = geoip_country_code_by_addr_v6($gi, ipv4to6($_SERVER['HTTP_X_REAL_IP']))) {
if ($country_code = geoip_country_code_by_addr_v6($gi, ipv4to6($_SERVER['REMOTE_ADDR']))) {
if (!in_array(strtolower($country_code), array('eu', 'ap', 'o1', 'a1', 'a2'))) if (!in_array(strtolower($country_code), array('eu', 'ap', 'o1', 'a1', 'a2')))
$post['body'] .= "\n<tinyboard flag>".strtolower($country_code)."</tinyboard>". $post['body'] .= "\n<tinyboard flag>".strtolower($country_code)."</tinyboard>".
"\n<tinyboard flag alt>".geoip_country_name_by_addr_v6($gi, ipv4to6($_SERVER['REMOTE_ADDR']))."</tinyboard>"; "\n<tinyboard flag alt>".geoip_country_name_by_addr_v6($gi, ipv4to6($_SERVER['HTTP_X_REAL_IP']))."</tinyboard>";
} }
} }
@@ -1216,7 +1215,7 @@ if (isset($_POST['delete'])) {
// Any telegrams to show? // Any telegrams to show?
$query = prepare('SELECT * FROM ``telegrams`` WHERE ``ip`` = :ip AND ``seen`` = 0'); $query = prepare('SELECT * FROM ``telegrams`` WHERE ``ip`` = :ip AND ``seen`` = 0');
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']); $query->bindValue(':ip', $_SERVER['HTTP_X_REAL_IP']);
$query->execute() or error(db_error($query)); $query->execute() or error(db_error($query));
$telegrams = $query->fetchAll(PDO::FETCH_ASSOC); $telegrams = $query->fetchAll(PDO::FETCH_ASSOC);
@@ -1275,7 +1274,7 @@ if (isset($_POST['delete'])) {
$ban_id = (int)$_POST['ban_id']; $ban_id = (int)$_POST['ban_id'];
$bans = Bans::find($_SERVER['REMOTE_ADDR']); $bans = Bans::find($_SERVER['HTTP_X_REAL_IP']);
foreach ($bans as $_ban) { foreach ($bans as $_ban) {
if ($_ban['id'] == $ban_id) { if ($_ban['id'] == $ban_id) {
$ban = $_ban; $ban = $_ban;

4
search.php
View File

@@ -22,7 +22,7 @@
$_body = ''; $_body = '';
$query = prepare("SELECT COUNT(*) FROM ``search_queries`` WHERE `ip` = :ip AND `time` > :time"); $query = prepare("SELECT COUNT(*) FROM ``search_queries`` WHERE `ip` = :ip AND `time` > :time");
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']); $query->bindValue(':ip', $_SERVER['HTTP_X_REAL_IP']);
$query->bindValue(':time', time() - ($queries_per_minutes[1] * 60)); $query->bindValue(':time', time() - ($queries_per_minutes[1] * 60));
$query->execute() or error(db_error($query)); $query->execute() or error(db_error($query));
if($query->fetchColumn() > $queries_per_minutes[0]) if($query->fetchColumn() > $queries_per_minutes[0])
@@ -36,7 +36,7 @@
$query = prepare("INSERT INTO ``search_queries`` VALUES (:ip, :time, :query)"); $query = prepare("INSERT INTO ``search_queries`` VALUES (:ip, :time, :query)");
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']); $query->bindValue(':ip', $_SERVER['HTTP_X_REAL_IP']);
$query->bindValue(':time', time()); $query->bindValue(':time', time());
$query->bindValue(':query', $phrase); $query->bindValue(':query', $phrase);
$query->execute() or error(db_error($query)); $query->execute() or error(db_error($query));

2
stylesheets/style.css
View File

@@ -975,7 +975,7 @@ span.pln {
div.boardlist { div.boardlist {
margin-top: 3px; margin-top: 3px;
color: #89A; color: #89A;
font-size: 9pt; font-size: 15pt;
} }
div.boardlist.bottom { div.boardlist.bottom {

7
templates/themes/catalog/catalog.html
View File

@@ -80,13 +80,6 @@
<br>Tinyboard Copyright &copy; 2010-2014 Tinyboard Development Group <br>Tinyboard Copyright &copy; 2010-2014 Tinyboard Development Group
<br><a href="https://engine.vichan.net/">vichan</a> Copyright &copy; 2012-2018 vichan-devel</p> <br><a href="https://engine.vichan.net/">vichan</a> Copyright &copy; 2012-2018 vichan-devel</p>
</footer> </footer>
<script type="text/javascript">{% verbatim %}
var styles = {
{% endverbatim %}
{% for name, uri in config.stylesheets %}{% verbatim %}'{% endverbatim %}{{ name|addslashes }}{% verbatim %}' : '{% endverbatim %}/stylesheets/{{ uri|addslashes }}{% verbatim %}',
{% endverbatim %}{% endfor %}{% verbatim %}
}; onready(init);
{% endverbatim %}</script>
<script type="text/javascript">{% verbatim %} <script type="text/javascript">{% verbatim %}
ready(); ready();

16
templates/themes/index/index.css
View File

@@ -58,11 +58,17 @@
max-width: 300px; max-width: 300px;
} }
.videoofnow { .videoofnow {
display: block; max-width: 100%;
margin-left: auto; position: relative;
margin-right: auto; height: 0;
max-width: 500px; padding-bottom: 56.25%;
max-height: 300px; }
.videoofnow iframe {
position: absolute;
top: 0;
left: 0;
width: 100%;
height: 100%;
} }
.quoteofnow { .quoteofnow {
text-align: center; text-align: center;

9
templates/themes/index/index.html
View File

@@ -27,7 +27,7 @@
{% for board in boards %} {% for board in boards %}
<li class="boardlinksurl"> <li class="boardlinksurl">
<a href="{{ config.board_path|sprintf(board.uri) }}"> <a href="{{ config.board_path|sprintf(board.uri) }}">
{{ board.title|e }} /{{ board.uri }}/ - {{ board.title|e }}
</a> </a>
</li> </li>
{% endfor %} {% endfor %}
@@ -42,7 +42,9 @@
<br> <br>
<div class="quoteofnow">{{ settings.quoteofnow }}</div> <div class="quoteofnow">{{ settings.quoteofnow }}</div>
<br> <br>
<iframe class ="videoofnow" width="560" height="315" src="{{ settings.videoofnow }}"></iframe> <div class="videoofnow">
<iframe src="{{ settings.videoofnow }}"></iframe>
</div>
<br> <br>
</div> </div>
<div class="ban"> <div class="ban">
@@ -104,6 +106,9 @@
<br>Tinyboard Copyright &copy; 2010-2014 Tinyboard Development Group <br>Tinyboard Copyright &copy; 2010-2014 Tinyboard Development Group
<br><a href="https://engine.vichan.net/">vichan</a> Copyright &copy; 2012-2018 vichan-devel <br><a href="https://engine.vichan.net/">vichan</a> Copyright &copy; 2012-2018 vichan-devel
</footer> </footer>
<script type="text/javascript">{% verbatim %}
ready();
{% endverbatim %}</script>
</body> </body>
</html> </html>
{% endfilter %} {% endfilter %}