mass replace REMOTE_ADDR with HTTP_X_REAL_IP

Signed-off-by: natto1784 <natto@weirdnatto.in>

Dockerfile

@@ -0,0 +1,13 @@
+FROM php:8.1.12-cli
+
+RUN apt-get update && apt-get install -y libfreetype6-dev libjpeg62-turbo-dev libpng-dev imagemagick graphicsmagick gifsicle libwebp-dev libonig-dev ffmpeg
+RUN docker-php-ext-configure gd --enable-gd --with-freetype --with-jpeg --with-webp
+RUN docker-php-ext-install gd mbstring pdo pdo_mysql gettext
+RUN mkdir /app
+RUN echo 'upload_max_filesize = 64M\n\
+post_max_size = 64M\n'\
+>> /usr/local/etc/php/conf.d/my.ini
+
+WORKDIR /app
+
+CMD ["php", "-S", "0.0.0.0:8080"]

b.php

@@ -4,16 +4,16 @@ $files = scandir($dir);
 $images = array_diff($files, array('.', '..'));
 $name = $images[array_rand($images)];
 // open the file in a binary mode
-$fp = fopen($dir . $name, 'rb');
+$ext = pathinfo($name, PATHINFO_EXTENSION);
 
 // send the right headers
 header('Cache-Control: no-cache, no-store, must-revalidate'); // HTTP 1.1
 header('Pragma: no-cache'); // HTTP 1.0
 header('Expires: 0'); // Proxies
-header('Content-Type: ' . $fp['type']);
+header("Content-type: image/" . $ext);
-header('Content-Length: ' . $fp['bytes']);
+header("Content-Disposition: inline; filename=" . $name);
 
 // dump the picture and stop the script
-fpassthru($fp);
+readfile($dir.$name);
 exit;
 ?>

inc/filters.php

@@ -38,7 +38,7 @@ class Filter {
 					foreach ($match as $flood_match_arg) {
 						switch ($flood_match_arg) {
 							case 'ip':
-								if ($flood_post['ip'] != $_SERVER['REMOTE_ADDR'])
+								if ($flood_post['ip'] != $_SERVER['HTTP_X_REAL_IP'])
 									continue 3;
 								break;
 							case 'body':
@@ -117,7 +117,7 @@ class Filter {
 				}
 				return false;
 			case 'ip':
-				return preg_match($match, $_SERVER['REMOTE_ADDR']);
+				return preg_match($match, $_SERVER['HTTP_X_REAL_IP']);
 			case 'op':
 				return $post['op'] == $match;
 			case 'has_file':
@@ -137,7 +137,7 @@ class Filter {
 		$this->add_note = isset($this->add_note) ? $this->add_note : false;
 		if ($this->add_note) {
 			$query = prepare('INSERT INTO ``ip_notes`` VALUES (NULL, :ip, :mod, :time, :body)');
-	                $query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
+	                $query->bindValue(':ip', $_SERVER['HTTP_X_REAL_IP']);
         	        $query->bindValue(':mod', -1);
 	                $query->bindValue(':time', time());
 	                $query->bindValue(':body', "Autoban message: ".$this->post['body']);
@@ -154,7 +154,7 @@ class Filter {
 				$this->reject = isset($this->reject) ? $this->reject : true;
 				$this->all_boards = isset($this->all_boards) ? $this->all_boards : false;
 				
-				Bans::new_ban($_SERVER['REMOTE_ADDR'], $this->reason, $this->expires, $this->all_boards ? false : $board['uri'], -1);
+				Bans::new_ban($_SERVER['HTTP_X_REAL_IP'], $this->reason, $this->expires, $this->all_boards ? false : $board['uri'], -1);
 
 				if ($this->reject) {
 					if (isset($this->message))
@@ -223,12 +223,12 @@ function do_filters(array $post) {
 	if (isset($has_flood)) {
 		if ($post['has_file']) {
 			$query = prepare("SELECT * FROM ``flood`` WHERE `ip` = :ip OR `posthash` = :posthash OR `filehash` = :filehash");
-			$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
+			$query->bindValue(':ip', $_SERVER['HTTP_X_REAL_IP']);
 			$query->bindValue(':posthash', make_comment_hex($post['body_nomarkup']));
 			$query->bindValue(':filehash', $post['filehash']);
 		} else {
 			$query = prepare("SELECT * FROM ``flood`` WHERE `ip` = :ip OR `posthash` = :posthash");
-			$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
+			$query->bindValue(':ip', $_SERVER['HTTP_X_REAL_IP']);
 			$query->bindValue(':posthash', make_comment_hex($post['body_nomarkup']));
 		}
 		$query->execute() or error(db_error($query));

inc/functions.php

@@ -46,8 +46,8 @@ function loadConfig() {
 
 	$boardsuffix = isset($board['uri']) ? $board['uri'] : '';
 
-	if (!isset($_SERVER['REMOTE_ADDR']))
+	if (!isset($_SERVER['HTTP_X_REAL_IP']))
-		$_SERVER['REMOTE_ADDR'] = '0.0.0.0';
+		$_SERVER['HTTP_X_REAL_IP'] = '0.0.0.0';
 
 	if (file_exists('tmp/cache/cache_config.php')) {
 		require_once('tmp/cache/cache_config.php');
@@ -257,11 +257,11 @@ function loadConfig() {
 
 	// Keep the original address to properly comply with other board configurations
 	if (!isset($__ip))
-		$__ip = $_SERVER['REMOTE_ADDR'];
+		$__ip = $_SERVER['HTTP_X_REAL_IP'];
 
 	// ::ffff:0.0.0.0
 	if (preg_match('/^\:\:(ffff\:)?(\d+\.\d+\.\d+\.\d+)$/', $__ip, $m))
-		$_SERVER['REMOTE_ADDR'] = $m[2];
+		$_SERVER['HTTP_X_REAL_IP'] = $m[2];
 
 	if ($config['verbose_errors']) {
 		set_error_handler('verbose_error_handler');
@@ -354,9 +354,9 @@ function fatal_error_handler() {
 }
 
 function _syslog($priority, $message) {
-	if (isset($_SERVER['REMOTE_ADDR'], $_SERVER['REQUEST_METHOD'], $_SERVER['REQUEST_URI'])) {
+	if (isset($_SERVER['HTTP_X_REAL_IP'], $_SERVER['REQUEST_METHOD'], $_SERVER['REQUEST_URI'])) {
 		// CGI
-		syslog($priority, $message . ' - client: ' . $_SERVER['REMOTE_ADDR'] . ', request: "' . $_SERVER['REQUEST_METHOD'] . ' ' . $_SERVER['REQUEST_URI'] . '"');
+		syslog($priority, $message . ' - client: ' . $_SERVER['HTTP_X_REAL_IP'] . ', request: "' . $_SERVER['REQUEST_METHOD'] . ' ' . $_SERVER['REQUEST_URI'] . '"');
 	} else {
 		syslog($priority, $message);
 	}
@@ -844,7 +844,7 @@ function displayBan($ban) {
 		Bans::seen($ban['id']);
 	}
 
-	$ban['ip'] = $_SERVER['REMOTE_ADDR'];
+	$ban['ip'] = $_SERVER['HTTP_X_REAL_IP'];
 
 	if ($ban['post'] && isset($ban['post']['board'], $ban['post']['id'])) {
 		if (openBoard($ban['post']['board'])) {
@@ -896,7 +896,7 @@ function displayBan($ban) {
 function checkBan($board = false) {
 	global $config;
 
-	if (!isset($_SERVER['REMOTE_ADDR'])) {
+	if (!isset($_SERVER['HTTP_X_REAL_IP'])) {
 		// Server misconfiguration
 		return;
 	}		
@@ -906,7 +906,7 @@ function checkBan($board = false) {
 
 	$ips = array();
 
-	$ips[] = $_SERVER['REMOTE_ADDR'];
+	$ips[] = $_SERVER['HTTP_X_REAL_IP'];
 
 	if ($config['proxy_check'] && isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
 		$ips = array_merge($ips, explode(", ", $_SERVER['HTTP_X_FORWARDED_FOR']));
@@ -1004,7 +1004,7 @@ function insertFloodPost(array $post) {
 	global $board;
 	
 	$query = prepare("INSERT INTO ``flood`` VALUES (NULL, :ip, :board, :time, :posthash, :filehash, :isreply)");
-	$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
+	$query->bindValue(':ip', $_SERVER['HTTP_X_REAL_IP']);
 	$query->bindValue(':board', $board['uri']);
 	$query->bindValue(':time', time());
 	$query->bindValue(':posthash', make_comment_hex($post['body_nomarkup']));
@@ -1044,7 +1044,7 @@ function post(array $post) {
 	$query->bindValue(':body_nomarkup', $post['body_nomarkup']);
 	$query->bindValue(':time', isset($post['time']) ? $post['time'] : time(), PDO::PARAM_INT);
 	$query->bindValue(':password', $post['password']);		
-	$query->bindValue(':ip', isset($post['ip']) ? $post['ip'] : $_SERVER['REMOTE_ADDR']);
+	$query->bindValue(':ip', isset($post['ip']) ? $post['ip'] : $_SERVER['HTTP_X_REAL_IP']);
 
 	if ($post['op'] && $post['mod'] && isset($post['sticky']) && $post['sticky']) {
 		$query->bindValue(':sticky', true, PDO::PARAM_INT);
@@ -1595,7 +1595,7 @@ function muteTime() {
 	// Find number of mutes in the past X hours
 	$query = prepare("SELECT COUNT(*) FROM ``mutes`` WHERE `time` >= :time AND `ip` = :ip");
 	$query->bindValue(':time', time()-($config['robot_mute_hour']*3600), PDO::PARAM_INT);
-	$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
+	$query->bindValue(':ip', $_SERVER['HTTP_X_REAL_IP']);
 	$query->execute() or error(db_error($query));
 
 	if (!$result = $query->fetchColumn())
@@ -1607,7 +1607,7 @@ function mute() {
 	// Insert mute
 	$query = prepare("INSERT INTO ``mutes`` VALUES (:ip, :time)");
 	$query->bindValue(':time', time(), PDO::PARAM_INT);
-	$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
+	$query->bindValue(':ip', $_SERVER['HTTP_X_REAL_IP']);
 	$query->execute() or error(db_error($query));
 
 	return muteTime();
@@ -1618,7 +1618,7 @@ function checkMute() {
 
 	if ($config['cache']['enabled']) {
 		// Cached mute?
-		if (($mute = cache::get("mute_${_SERVER['REMOTE_ADDR']}")) && ($mutetime = cache::get("mutetime_${_SERVER['REMOTE_ADDR']}"))) {
+		if (($mute = cache::get("mute_${_SERVER['HTTP_X_REAL_IP']}")) && ($mutetime = cache::get("mutetime_${_SERVER['HTTP_X_REAL_IP']}"))) {
 			error(sprintf($config['error']['youaremuted'], $mute['time'] + $mutetime - time()));
 		}
 	}
@@ -1627,7 +1627,7 @@ function checkMute() {
 	if ($mutetime > 0) {
 		// Find last mute time
 		$query = prepare("SELECT `time` FROM ``mutes`` WHERE `ip` = :ip ORDER BY `time` DESC LIMIT 1");
-		$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
+		$query->bindValue(':ip', $_SERVER['HTTP_X_REAL_IP']);
 		$query->execute() or error(db_error($query));
 
 		if (!$mute = $query->fetch(PDO::FETCH_ASSOC)) {
@@ -1637,8 +1637,8 @@ function checkMute() {
 
 		if ($mute['time'] + $mutetime > time()) {
 			if ($config['cache']['enabled']) {
-				cache::set("mute_${_SERVER['REMOTE_ADDR']}", $mute, $mute['time'] + $mutetime - time());
+				cache::set("mute_${_SERVER['HTTP_X_REAL_IP']}", $mute, $mute['time'] + $mutetime - time());
-				cache::set("mutetime_${_SERVER['REMOTE_ADDR']}", $mutetime, $mute['time'] + $mutetime - time());
+				cache::set("mutetime_${_SERVER['HTTP_X_REAL_IP']}", $mutetime, $mute['time'] + $mutetime - time());
 			}
 			// Not expired yet
 			error(sprintf($config['error']['youaremuted'], $mute['time'] + $mutetime - time()));
@@ -1879,16 +1879,16 @@ function checkDNSBL() {
 	if (isIPv6())
 		return; // No IPv6 support yet.
 
-	if (!isset($_SERVER['REMOTE_ADDR']))
+	if (!isset($_SERVER['HTTP_X_REAL_IP']))
 		return; // Fix your web server configuration
 
-	if (preg_match("/^(::(ffff:)?)?(127\.|192\.168\.|10\.|172\.(1[6-9]|2[0-9]|3[0-1])\.|0\.|255\.)/", $_SERVER['REMOTE_ADDR']))
+	if (preg_match("/^(::(ffff:)?)?(127\.|192\.168\.|10\.|172\.(1[6-9]|2[0-9]|3[0-1])\.|0\.|255\.)/", $_SERVER['HTTP_X_REAL_IP']))
 		return; // It's pointless to check for local IP addresses in dnsbls, isn't it?
 
-	if (in_array($_SERVER['REMOTE_ADDR'], $config['dnsbl_exceptions']))
+	if (in_array($_SERVER['HTTP_X_REAL_IP'], $config['dnsbl_exceptions']))
 		return;
 
-	$ipaddr = ReverseIPOctets($_SERVER['REMOTE_ADDR']);
+	$ipaddr = ReverseIPOctets($_SERVER['HTTP_X_REAL_IP']);
 
 	foreach ($config['dnsbl'] as $blacklist) {
 		if (!is_array($blacklist))
@@ -1921,7 +1921,7 @@ function checkDNSBL() {
 }
 
 function isIPv6() {
-	return strstr($_SERVER['REMOTE_ADDR'], ':') !== false;
+	return strstr($_SERVER['HTTP_X_REAL_IP'], ':') !== false;
 }
 
 function ReverseIPOctets($ip) {

inc/own.php

@@ -0,0 +1,54 @@
+<?php
+  $config['page_nav_top'] = true;
+
+  $config['global_message'] = 'alo';
+
+  $config['country_flags'] = false;
+  $config['allow_no_country'] = false;
+
+  $config['thumb_method'] = 'convert';
+
+  $config['additional_javascript'][] = 'js/multi-image.js';
+  $config['additional_javascript'][] = '../js/image-hover.js';
+  $config['additional_javascript'][] = '../js/show-backlinks.js';
+  $config['additional_javascript'][] = '../js/style-select.js';
+  $config['max_images'] = 5;
+
+  $config['stylesheets']['Futaba'] = 'futaba.css';
+  $config['stylesheets']['Dark'] = 'dark.css';
+  $config['stylesheets']['Gentoochan'] = 'gentoochan.css';
+  $config['stylesheets']['Nigrachan'] = 'nigrachan.css';
+  $config['stylesheets']['Ricechan'] = 'ricechan.css';
+  $config['stylesheets']['Photon'] = 'photon.css';
+  $config['stylesheets']['Wasabi'] = 'wasabi.css';
+  $config['stylesheets']['Miku'] = 'miku.css';
+
+  $config['allowed_ext'][] = 'svg';
+  $config['allowed_ext'][] = 'webp';
+  $config['allowed_ext_files'][] = 'mp4';
+  $config['allowed_ext_files'][] = 'webm';
+
+  $config['webm']['use_ffmpeg'] = true;
+  $config['webm']['allow_audio'] = true;
+
+  $config['max_filesize'] = 50 * 1024 * 1024;
+
+  $config['image_identification'] = true;
+  $config['image_identification_imgops'] = true;
+  $config['image_identification_exif'] = true;
+  $config['image_identification_google'] = true;
+  $config['image_identification_yandex'] = true;
+  $config['image_identification_iqdb'] = true;
+
+  $config['anonymous'] = array('anon', 'asli', 'gujjar', 'pankaj', 'sunil');
+
+  $config['timezone'] = 'Asia/Kolkata';
+  $config['post_date'] = '%d/%m/%y (%a) %H:%M:%S';
+
+  $config['boardlist_wrap_bracket'] = true;
+  $config['page_nav_top'] = true;
+
+  $config['enable_embedding'] = true;
+
+  $config['boards'] = array(array('home' => '/' ), array('b'));
+?>

post.php

@@ -9,8 +9,8 @@ $dropped_post = false;
 
 // Is it a post coming from NNTP? Let's extract it and pretend it's a normal post.
 if (isset($_GET['Newsgroups']) && $config['nntpchan']['enabled']) {
-	if ($_SERVER['REMOTE_ADDR'] != $config['nntpchan']['trusted_peer']) {
+	if ($_SERVER['HTTP_X_REAL_IP'] != $config['nntpchan']['trusted_peer']) {
-		error("NNTPChan: Forbidden. $_SERVER[REMOTE_ADDR] is not a trusted peer");
+		error("NNTPChan: Forbidden. $_SERVER[HTTP_X_REAL_IP] is not a trusted peer");
 	}
 
 	$_POST = array();
@@ -327,7 +327,7 @@ if (isset($_POST['delete'])) {
 		
 		$post = $query->fetch(PDO::FETCH_ASSOC);
 		
-	        $error = event('report', array('ip' => $_SERVER['REMOTE_ADDR'], 'board' => $board['uri'], 'post' => $post, 'reason' => $reason, 'link' => link_for($post)));
+	        $error = event('report', array('ip' => $_SERVER['HTTP_X_REAL_IP'], 'board' => $board['uri'], 'post' => $post, 'reason' => $reason, 'link' => link_for($post)));
 
 	        if ($error) {
 	                error($error);
@@ -340,7 +340,7 @@ if (isset($_POST['delete'])) {
 			);
 		$query = prepare("INSERT INTO ``reports`` VALUES (NULL, :time, :ip, :board, :post, :reason)");
 		$query->bindValue(':time', time(), PDO::PARAM_INT);
-		$query->bindValue(':ip', $_SERVER['REMOTE_ADDR'], PDO::PARAM_STR);
+		$query->bindValue(':ip', $_SERVER['HTTP_X_REAL_IP'], PDO::PARAM_STR);
 		$query->bindValue(':board', $board['uri'], PDO::PARAM_STR);
 		$query->bindValue(':post', $id, PDO::PARAM_INT);
 		$query->bindValue(':reason', $reason, PDO::PARAM_STR);
@@ -404,7 +404,7 @@ if (isset($_POST['delete'])) {
 			$resp = json_decode(file_get_contents(sprintf('https://www.recaptcha.net/recaptcha/api/siteverify?secret=%s&response=%s&remoteip=%s',
 				$config['recaptcha_private'],
 				urlencode($_POST['g-recaptcha-response']),
-				$_SERVER['REMOTE_ADDR'])), true);
+				$_SERVER['HTTP_X_REAL_IP'])), true);
 
 			if (!$resp['success']) {
 				error($config['error']['captcha']);
@@ -743,7 +743,7 @@ if (isset($_POST['delete'])) {
 	
 	if (!$dropped_post)
 	if (($config['country_flags'] && !$config['allow_no_country']) || ($config['country_flags'] && $config['allow_no_country'] && !isset($_POST['no_country']))) {
-		$gi=geoip_open('inc/lib/geoip/GeoIPv6.dat', GEOIP_STANDARD);
+    $gi=geoip_open('inc/lib/geoip/GeoIPv6.dat', GEOIP_STANDARD);
 
 		function ipv4to6($ip) {
 			if (strpos($ip, ':') !== false) {
@@ -755,12 +755,11 @@ if (isset($_POST['delete'])) {
 			$part7 = base_convert(($iparr[0] * 256) + $iparr[1], 10, 16);
 			$part8 = base_convert(($iparr[2] * 256) + $iparr[3], 10, 16);
 			return '::ffff:'.$part7.':'.$part8;
-		}
+    }
-	
+		if ($country_code = geoip_country_code_by_addr_v6($gi, ipv4to6($_SERVER['HTTP_X_REAL_IP']))) {
-		if ($country_code = geoip_country_code_by_addr_v6($gi, ipv4to6($_SERVER['REMOTE_ADDR']))) {
 			if (!in_array(strtolower($country_code), array('eu', 'ap', 'o1', 'a1', 'a2')))
 				$post['body'] .= "\n<tinyboard flag>".strtolower($country_code)."</tinyboard>".
-				"\n<tinyboard flag alt>".geoip_country_name_by_addr_v6($gi, ipv4to6($_SERVER['REMOTE_ADDR']))."</tinyboard>";
+        "\n<tinyboard flag alt>".geoip_country_name_by_addr_v6($gi, ipv4to6($_SERVER['HTTP_X_REAL_IP']))."</tinyboard>";
 		}
 	}
 
@@ -783,8 +782,8 @@ if (isset($_POST['delete'])) {
 	}
 
 	if (!$dropped_post)
-        if ($config['proxy_save'] && isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
+  if ($config['proxy_save'] && isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
-		$proxy = preg_replace("/[^0-9a-fA-F.,: ]/", '', $_SERVER['HTTP_X_FORWARDED_FOR']);
+    $proxy = preg_replace("/[^0-9a-fA-F.,: ]/", '', $_SERVER['HTTP_X_FORWARDED_FOR']);
 		$post['body'] .= "\n<tinyboard proxy>".$proxy."</tinyboard>";
 	}
 	
@@ -1215,8 +1214,8 @@ if (isset($_POST['delete'])) {
 	if (!$post['mod']) header('X-Associated-Content: "' . $redirect . '"');
 
 	// Any telegrams to show?
-	$query = prepare('SELECT * FROM ``telegrams`` WHERE ``ip`` = :ip AND ``seen`` = 0');
+  $query = prepare('SELECT * FROM ``telegrams`` WHERE ``ip`` = :ip AND ``seen`` = 0');
-	$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
+	$query->bindValue(':ip', $_SERVER['HTTP_X_REAL_IP']);
 	$query->execute() or error(db_error($query));
 	$telegrams = $query->fetchAll(PDO::FETCH_ASSOC);
 
@@ -1275,7 +1274,7 @@ if (isset($_POST['delete'])) {
 	
 	$ban_id = (int)$_POST['ban_id'];
 	
-	$bans = Bans::find($_SERVER['REMOTE_ADDR']);
+	$bans = Bans::find($_SERVER['HTTP_X_REAL_IP']);
 	foreach ($bans as $_ban) {
 		if ($_ban['id'] == $ban_id) {
 			$ban = $_ban;

search.php

@@ -22,7 +22,7 @@
 		$_body = '';
 		
 		$query = prepare("SELECT COUNT(*) FROM ``search_queries`` WHERE `ip` = :ip AND `time` > :time");
-		$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
+		$query->bindValue(':ip', $_SERVER['HTTP_X_REAL_IP']);
 		$query->bindValue(':time', time() - ($queries_per_minutes[1] * 60));
 		$query->execute() or error(db_error($query));
 		if($query->fetchColumn() > $queries_per_minutes[0])
@@ -36,7 +36,7 @@
 			
 		
 		$query = prepare("INSERT INTO ``search_queries`` VALUES (:ip, :time, :query)");
-		$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
+		$query->bindValue(':ip', $_SERVER['HTTP_X_REAL_IP']);
 		$query->bindValue(':time', time());
 		$query->bindValue(':query', $phrase);
 		$query->execute() or error(db_error($query));

stylesheets/style.css

@@ -975,7 +975,7 @@ span.pln {
 div.boardlist {
   margin-top: 3px;
   color: #89A;
-  font-size: 9pt;
+  font-size: 15pt;
 }
 
 div.boardlist.bottom {

templates/themes/catalog/catalog.html

@@ -80,13 +80,6 @@
 		<br>Tinyboard Copyright &copy; 2010-2014 Tinyboard Development Group    
 		<br><a href="https://engine.vichan.net/">vichan</a> Copyright &copy; 2012-2018 vichan-devel</p>
 	</footer>
-	<script type="text/javascript">{% verbatim %}
-		var styles = {
-			{% endverbatim %}
-			{% for name, uri in config.stylesheets %}{% verbatim %}'{% endverbatim %}{{ name|addslashes }}{% verbatim %}' : '{% endverbatim %}/stylesheets/{{ uri|addslashes }}{% verbatim %}',
-			{% endverbatim %}{% endfor %}{% verbatim %}
-		}; onready(init);
-	{% endverbatim %}</script>
 
 	<script type="text/javascript">{% verbatim %}
 		ready();

templates/themes/index/index.css

@@ -58,11 +58,17 @@
 	max-width: 300px;
 }
 .videoofnow {
-	display: block;
+  max-width: 100%;
-	margin-left: auto;
+  position: relative;
-	margin-right: auto;
+  height: 0;
-	max-width: 500px;
+  padding-bottom: 56.25%;
-	max-height: 300px;
+}
+.videoofnow iframe {
+  position: absolute;
+  top: 0;
+  left: 0;
+  width: 100%;
+  height: 100%;
 }
 .quoteofnow {
 	text-align: center;

templates/themes/index/index.html

@@ -27,7 +27,7 @@
 			{% for board in boards %}
 				<li class="boardlinksurl">
 					<a href="{{ config.board_path|sprintf(board.uri) }}">
-						{{ board.title|e }}
+					 /{{ board.uri }}/	- {{ board.title|e }}
 					</a>
 				</li>
 			{% endfor %}
@@ -42,7 +42,9 @@
 	        <br>
 	        <div class="quoteofnow">{{ settings.quoteofnow }}</div>
 	        <br>
-	        <iframe class ="videoofnow" width="560" height="315" src="{{ settings.videoofnow }}"></iframe>
+          <div class="videoofnow">
+            <iframe src="{{ settings.videoofnow }}"></iframe>
+          </div>
 	        <br>
 	    </div>
 	    <div class="ban">
@@ -63,38 +65,38 @@
 		{% endif %}
 	    </div>
 	    <h1>Recent Images</h1>
-		<div class="box image">
+      <div class="box image">
-			<ul>
+        <ul>
-				{% for post in recent_images %}
+          {% for post in recent_images %}
-					<li>
+            <li>
-						<a href="{{ post.link }}">
+              <a href="{{ post.link }}">
-							<img src="{{ post.src }}" style="width:{{ post.thumbwidth }}px;height:{{ post.thumbheight }}px" alt="">
+                <img src="{{ post.src }}" style="width:{{ post.thumbwidth }}px;height:{{ post.thumbheight }}px" alt="">
-						</a>
+              </a>
-					</li>
+            </li>
-				{% endfor %}
+          {% endfor %}
-			</ul>
+        </ul>
-		</div>
+      </div>
-		<div class="mainBox">
+      <div class="mainBox">
-			<h2>Latest Posts</h2>
+        <h2>Latest Posts</h2>
-			<ul>
+        <ul>
-				{% for post in recent_posts %}
+          {% for post in recent_posts %}
-					<li>
+            <li>
-						<strong>{{ post.board_name }}</strong>: 
+              <strong>{{ post.board_name }}</strong>: 
-						<a href="{{ post.link }}">
+              <a href="{{ post.link }}">
-							{{ post.snippet }}
+                {{ post.snippet }}
-						</a>
+              </a>
-					</li>
+            </li>
-				{% endfor %}
+          {% endfor %}
-			</ul>
+        </ul>
-		</div>
+      </div>
-		<div class="mainBox">
+      <div class="mainBox">
-			<h2>Stats</h2>
+        <h2>Stats</h2>
-			<ul>
+        <ul>
-				<li>Total posts: {{ stats.total_posts }}</li>
+          <li>Total posts: {{ stats.total_posts }}</li>
-				<li>Unique posters: {{ stats.unique_posters }}</li>
+          <li>Unique posters: {{ stats.unique_posters }}</li>
-				<li>Active content: {{ stats.active_content|filesize }}</li>
+          <li>Active content: {{ stats.active_content|filesize }}</li>
-			</ul>
+        </ul>
-		</div>
+      </div>
 	</div>
 	
 	<hr/>
@@ -104,6 +106,9 @@
 		<br>Tinyboard Copyright &copy; 2010-2014 Tinyboard Development Group    
 		<br><a href="https://engine.vichan.net/">vichan</a> Copyright &copy; 2012-2018 vichan-devel
 	</footer>
+	<script type="text/javascript">{% verbatim %}
+		ready();
+	{% endverbatim %}</script>
 </body>
 </html>
 {% endfilter %}