0
/
leftypol_lainchan
1
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'upstream/config' into frontpage2

This commit is contained in:
Comatoast 2021-02-07 11:46:56 -08:00
parent c988f303c0 b962f6a128
commit 372919e849
7 changed files with 1873 additions and 1723 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2944
inc/config.php
View File

File diff suppressed because it is too large Load Diff

482
inc/filters.php
View File

@ -9,245 +9,271 @@ defined('TINYBOARD') or exit;
require_once 'inc/anti-bot.php';
class Filter {
public $flood_check;
private $condition;
private $post;
public function __construct(array $arr) {
foreach ($arr as $key => $value)
$this->$key = $value;
}
public function match($condition, $match) {
$condition = strtolower($condition);
public $flood_check;
private $condition;
private $post;
public function __construct(array $arr) {
foreach ($arr as $key => $value)
$this->$key = $value;
}
public function match($condition, $match) {
print_err("Filter condition: " . $condition);
$condition = strtolower($condition);
$post = &$this->post;
switch($condition) {
case 'custom':
if (!is_callable($match))
error('Custom condition for filter is not callable!');
return $match($post);
case 'flood-match':
if (!is_array($match))
error('Filter condition "flood-match" must be an array.');
// Filter out "flood" table entries which do not match this filter.
$flood_check_matched = array();
foreach ($this->flood_check as $flood_post) {
foreach ($match as $flood_match_arg) {
switch ($flood_match_arg) {
case 'ip':
if ($flood_post['ip'] != $_SERVER['REMOTE_ADDR'])
continue 3;
break;
case 'body':
if ($flood_post['posthash'] != make_comment_hex($post['body_nomarkup']))
continue 3;
break;
case 'file':
if (!isset($post['filehash']))
return false;
if ($flood_post['filehash'] != $post['filehash'])
continue 3;
break;
case 'board':
if ($flood_post['board'] != $post['board'])
continue 3;
break;
case 'isreply':
if ($flood_post['isreply'] == $post['op'])
continue 3;
break;
default:
error('Invalid filter flood condition: ' . $flood_match_arg);
}
}
$flood_check_matched[] = $flood_post;
}
$this->flood_check = $flood_check_matched;
return !empty($this->flood_check);
case 'flood-time':
foreach ($this->flood_check as $flood_post) {
if (time() - $flood_post['time'] <= $match) {
return true;
}
}
return false;
case 'flood-count':
$count = 0;
foreach ($this->flood_check as $flood_post) {
if (time() - $flood_post['time'] <= $this->condition['flood-time']) {
++$count;
}
}
return $count >= $match;
case 'name':
return preg_match($match, $post['name']);
case 'trip':
return $match === $post['trip'];
case 'email':
return preg_match($match, $post['email']);
case 'subject':
return preg_match($match, $post['subject']);
case 'body':
return preg_match($match, $post['body_nomarkup']);
case 'filehash':
return $match === $post['filehash'];
case 'filename':
if (!$post['files'])
return false;
$post = &$this->post;
switch($condition) {
case 'custom':
if (!is_callable($match))
error('Custom condition for filter is not callable!');
return $match($post);
case 'flood-match':
if (!is_array($match))
error('Filter condition "flood-match" must be an array.');
// Filter out "flood" table entries which do not match this filter.
$flood_check_matched = array();
foreach ($this->flood_check as $flood_post) {
foreach ($match as $flood_match_arg) {
switch ($flood_match_arg) {
case 'ip':
if ($flood_post['ip'] != $_SERVER['REMOTE_ADDR'])
continue 3;
break;
case 'body':
if ($flood_post['posthash'] != make_comment_hex($post['body_nomarkup']))
continue 3;
break;
case 'file':
if (!isset($post['filehash']))
return false;
if ($flood_post['filehash'] != $post['filehash'])
continue 3;
break;
case 'board':
if ($flood_post['board'] != $post['board'])
continue 3;
break;
case 'isreply':
if ($flood_post['isreply'] == $post['op'])
continue 3;
break;
default:
error('Invalid filter flood condition: ' . $flood_match_arg);
}
}
$flood_check_matched[] = $flood_post;
}
// is there any reason for this assignment?
$this->flood_check = $flood_check_matched;
return !empty($this->flood_check);
case 'flood-time-any':
foreach ($this->flood_check as $flood_post) {
if (time() - $flood_post['time'] <= $match) {
print_err("rejecting post with flood id: " . $flood_post['id']);
return true;
}
}
return false;
case 'flood-time':
foreach ($this->flood_check as $flood_post) {
if (time() - $flood_post['time'] <= $match) {
return true;
}
}
return false;
case 'flood-count':
$count = 0;
foreach ($this->flood_check as $flood_post) {
if (time() - $flood_post['time'] <= $this->condition['flood-time']) {
++$count;
}
}
return $count >= $match;
case 'name':
return preg_match($match, $post['name']);
case 'trip':
return $match === $post['trip'];
case 'email':
return preg_match($match, $post['email']);
case 'subject':
return preg_match($match, $post['subject']);
case 'body':
return preg_match($match, $post['body_nomarkup']);
case 'filehash':
return $match === $post['filehash'];
case 'filename':
if (!$post['files'])
return false;
foreach ($post['files'] as $file) {
if (preg_match($match, $file['filename'])) {
return true;
}
}
return false;
case 'extension':
if (!$post['files'])
return false;
foreach ($post['files'] as $file) {
if (preg_match($match, $file['filename'])) {
return true;
}
}
return false;
case 'extension':
if (!$post['files'])
return false;
foreach ($post['files'] as $file) {
if (preg_match($match, $file['extension'])) {
return true;
}
}
return false;
case 'ip':
return preg_match($match, $_SERVER['REMOTE_ADDR']);
case 'op':
return $post['op'] == $match;
case 'has_file':
return $post['has_file'] == $match;
case 'board':
return $post['board'] == $match;
case 'password':
return $post['password'] == $match;
default:
error('Unknown filter condition: ' . $condition);
}
}
public function action() {
global $board;
foreach ($post['files'] as $file) {
if (preg_match($match, $file['extension'])) {
return true;
}
}
return false;
case 'ip':
return preg_match($match, $_SERVER['REMOTE_ADDR']);
case 'op':
return $post['op'] == $match;
case 'has_file':
return $post['has_file'] == $match;
case 'board':
return $post['board'] == $match;
case 'password':
return $post['password'] == $match;
default:
error('Unknown filter condition: ' . $condition);
}
}
public function action() {
global $board;
$this->add_note = isset($this->add_note) ? $this->add_note : false;
if ($this->add_note) {
$query = prepare('INSERT INTO ``ip_notes`` VALUES (NULL, :ip, :mod, :time, :body)');
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
$query->bindValue(':mod', -1);
$query->bindValue(':time', time());
$query->bindValue(':body', "Autoban message: ".$this->post['body']);
$query->execute() or error(db_error($query));
}
if (isset ($this->action)) switch($this->action) {
case 'reject':
error(isset($this->message) ? $this->message : 'Posting blocked by filter.');
case 'ban':
if (!isset($this->reason))
error('The ban action requires a reason.');
$this->expires = isset($this->expires) ? $this->expires : false;
$this->reject = isset($this->reject) ? $this->reject : true;
$this->all_boards = isset($this->all_boards) ? $this->all_boards : false;
Bans::new_ban($_SERVER['REMOTE_ADDR'], $this->reason, $this->expires, $this->all_boards ? false : $board['uri'], -1);
$this->add_note = isset($this->add_note) ? $this->add_note : false;
if ($this->add_note) {
$query = prepare('INSERT INTO ``ip_notes`` VALUES (NULL, :ip, :mod, :time, :body)');
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
$query->bindValue(':mod', -1);
$query->bindValue(':time', time());
$query->bindValue(':body', "Autoban message: ".$this->post['body']);
$query->execute() or error(db_error($query));
}
if (isset ($this->action)) switch($this->action) {
case 'reject':
error(isset($this->message) ? $this->message : 'Posting blocked by filter.');
case 'ban':
if (!isset($this->reason))
error('The ban action requires a reason.');
$this->expires = isset($this->expires) ? $this->expires : false;
$this->reject = isset($this->reject) ? $this->reject : true;
$this->all_boards = isset($this->all_boards) ? $this->all_boards : false;
Bans::new_ban($_SERVER['REMOTE_ADDR'], $this->reason, $this->expires, $this->all_boards ? false : $board['uri'], -1);
if ($this->reject) {
if (isset($this->message))
error($message);
checkBan($board['uri']);
exit;
}
break;
default:
error('Unknown filter action: ' . $this->action);
}
}
public function check(array $post) {
$this->post = $post;
foreach ($this->condition as $condition => $value) {
if ($condition[0] == '!') {
$NOT = true;
$condition = substr($condition, 1);
} else $NOT = false;
if ($this->match($condition, $value) == $NOT)
return false;
}
return true;
}
if ($this->reject) {
if (isset($this->message))
error($message);
checkBan($board['uri']);
exit;
}
break;
default:
error('Unknown filter action: ' . $this->action);
}
}
public function check(array $post) {
$this->post = $post;
foreach ($this->condition as $condition => $value) {
if ($condition[0] == '!') {
$NOT = true;
$condition = substr($condition, 1);
} else {
$NOT = false;
}
if ($this->match($condition, $value) == $NOT)
return false;
}
return true;
}
}
function purge_flood_table() {
global $config;
// Determine how long we need to keep a cache of posts for flood prevention. Unfortunately, it is not
// aware of flood filters in other board configurations. You can solve this problem by settings the
// config variable $config['flood_cache'] (seconds).
if (isset($config['flood_cache'])) {
$max_time = &$config['flood_cache'];
} else {
$max_time = 0;
foreach ($config['filters'] as $filter) {
if (isset($filter['condition']['flood-time']))
$max_time = max($max_time, $filter['condition']['flood-time']);
}
}
$time = time() - $max_time;
query("DELETE FROM ``flood`` WHERE `time` < $time") or error(db_error());
global $config;
// Determine how long we need to keep a cache of posts for flood prevention. Unfortunately, it is not
// aware of flood filters in other board configurations. You can solve this problem by settings the
// config variable $config['flood_cache'] (seconds).
if (isset($config['flood_cache'])) {
$max_time = &$config['flood_cache'];
} else {
$max_time = 0;
foreach ($config['filters'] as $filter) {
if (isset($filter['condition']['flood-time']))
$max_time = max($max_time, $filter['condition']['flood-time']);
}
}
$time = time() - $max_time;
query("DELETE FROM ``flood`` WHERE `time` < $time") or error(db_error());
}
function do_filters(array $post) {
global $config;
global $config;
print_err("do_filters begin");
if (!isset($config['filters']) || empty($config['filters']))
return;
foreach ($config['filters'] as $filter) {
if (isset($filter['condition']['flood-match'])) {
$has_flood = true;
break;
}
}
if (isset($has_flood)) {
if ($post['has_file']) {
$query = prepare("SELECT * FROM ``flood`` WHERE `ip` = :ip OR `posthash` = :posthash OR `filehash` = :filehash");
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
$query->bindValue(':posthash', make_comment_hex($post['body_nomarkup']));
$query->bindValue(':filehash', $post['filehash']);
} else {
$query = prepare("SELECT * FROM ``flood`` WHERE `ip` = :ip OR `posthash` = :posthash");
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
$query->bindValue(':posthash', make_comment_hex($post['body_nomarkup']));
}
$query->execute() or error(db_error($query));
$flood_check = $query->fetchAll(PDO::FETCH_ASSOC);
} else {
$flood_check = false;
}
foreach ($config['filters'] as $filter_array) {
$filter = new Filter($filter_array);
$filter->flood_check = $flood_check;
if ($filter->check($post))
$filter->action();
}
purge_flood_table();
print_err("do_filters begin");
if (!isset($config['filters']) || empty($config['filters']))
return;
// look at the flood table regardless of IP
$noip = false;
foreach ($config['filters'] as $filter) {
if (isset($filter['condition']['flood-match']) && (!isset($filter['noip']) || $filter['noip'] == false)) {
$has_flood = true;
break;
} else if ($filter['noip'] == true) {
print_err("filters noip is true");
$noip = true;
$find_time = time() - $filter['find-time'];
}
}
if ($noip) {
print_err("SELECT * FROM flood WHERE time > " . strval($find_time));
$query = prepare("SELECT * FROM ``flood`` WHERE `time` > $find_time");
$query->execute() or error(db_error($query));
$flood_check = $query->fetchAll(PDO::FETCH_ASSOC);
} else if (isset($has_flood)) {
if ($post['has_file']) {
$query = prepare("SELECT * FROM ``flood`` WHERE `ip` = :ip OR `posthash` = :posthash OR `filehash` = :filehash");
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
$query->bindValue(':posthash', make_comment_hex($post['body_nomarkup']));
$query->bindValue(':filehash', $post['filehash']);
} else {
$query = prepare("SELECT * FROM ``flood`` WHERE `ip` = :ip OR `posthash` = :posthash");
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
$query->bindValue(':posthash', make_comment_hex($post['body_nomarkup']));
}
$query->execute() or error(db_error($query));
$flood_check = $query->fetchAll(PDO::FETCH_ASSOC);
} else {
$flood_check = false;
}
foreach ($config['filters'] as $filter_array) {
print_err("creating new filter, running check");
$filter = new Filter($filter_array);
$filter->flood_check = $flood_check;
if ($filter->check($post)) {
$filter->action();
}
}
purge_flood_table();
}

3
inc/instance-config.php
View File

@ -82,6 +82,9 @@ $config['db']['password'] = '';
$config['cookies']['mod'] = 'mod';
$config['cookies']['salt'] = 'MGYwNjhlNjU5Y2QxNWU3YjQ3MzQ1Yj';
$config['flood_cache'] = 60 * 15; // 15 minutes. The oldest a post can be in the flood table
$config['flood_time_any'] = 40; // time between thread creation
$config['flood_time'] = 30;
$config['flood_time_ip'] = 60;
$config['flood_time_same'] = 60;

22
inc/mod/pages.php
View File

@ -28,6 +28,12 @@ function mod_page($title, $template, $args, $subtitle = false) {
);
}
function clone_wrapped_with_exist_check($clonefn, $src, $dest) {
if (file_exists($src)) {
$clonefn($src, $dest);
}
}
function mod_login($redirect = false) {
global $config;
@ -1353,9 +1359,9 @@ function mod_move($originBoard, $postID) {
// copy image
foreach ($post['files'] as $i => &$file) {
if ($file['file'] !== 'deleted')
$clone($file['file_path'], sprintf($config['board_path'], $board['uri']) . $config['dir']['img'] . $file['file']);
clone_wrapped_with_exist_check($clone, $file['file_path'], sprintf($config['board_path'], $board['uri']) . $config['dir']['img'] . $file['file']);
if (isset($file['thumb']) && !in_array($file['thumb'], array('spoiler', 'deleted', 'file')))
$clone($file['thumb_path'], sprintf($config['board_path'], $board['uri']) . $config['dir']['thumb'] . $file['thumb']);
clone_wrapped_with_exist_check($clone, $file['thumb_path'], sprintf($config['board_path'], $board['uri']) . $config['dir']['thumb'] . $file['thumb']);
}
}
@ -1416,8 +1422,8 @@ function mod_move($originBoard, $postID) {
if ($post['has_file']) {
// copy image
foreach ($post['files'] as $i => &$file) {
$clone($file['file_path'], sprintf($config['board_path'], $board['uri']) . $config['dir']['img'] . $file['file']);
$clone($file['thumb_path'], sprintf($config['board_path'], $board['uri']) . $config['dir']['thumb'] . $file['thumb']);
clone_wrapped_with_exist_check($clone, $file['file_path'], sprintf($config['board_path'], $board['uri']) . $config['dir']['img'] . $file['file']);
clone_wrapped_with_exist_check($clone, $file['thumb_path'], sprintf($config['board_path'], $board['uri']) . $config['dir']['thumb'] . $file['thumb']);
}
}
// insert reply
@ -1610,9 +1616,9 @@ function mod_merge($originBoard, $postID) {
// copy image
foreach ($post['files'] as $i => &$file) {
if ($file['file'] !== 'deleted')
$clone($file['file_path'], sprintf($config['board_path'], $board['uri']) . $config['dir']['img'] . $file['file']);
clone_wrapped_with_exist_check($clone, $file['file_path'], sprintf($config['board_path'], $board['uri']) . $config['dir']['img'] . $file['file']);
if (isset($file['thumb']) && !in_array($file['thumb'], array('spoiler', 'deleted', 'file')))
$clone($file['thumb_path'], sprintf($config['board_path'], $board['uri']) . $config['dir']['thumb'] . $file['thumb']);
clone_wrapped_with_exist_check($clone, $file['thumb_path'], sprintf($config['board_path'], $board['uri']) . $config['dir']['thumb'] . $file['thumb']);
}
}
@ -1673,8 +1679,8 @@ function mod_merge($originBoard, $postID) {
if ($post['has_file']) {
// copy image
foreach ($post['files'] as $i => &$file) {
$clone($file['file_path'], sprintf($config['board_path'], $board['uri']) . $config['dir']['img'] . $file['file']);
$clone($file['thumb_path'], sprintf($config['board_path'], $board['uri']) . $config['dir']['thumb'] . $file['thumb']);
clone_wrapped_with_exist_check($clone, $file['file_path'], sprintf($config['board_path'], $board['uri']) . $config['dir']['img'] . $file['file']);
clone_wrapped_with_exist_check($clone, $file['thumb_path'], sprintf($config['board_path'], $board['uri']) . $config['dir']['thumb'] . $file['thumb']);
}
}
// insert reply

2
templates/themes/catalog/theme.php
View File

@ -50,7 +50,7 @@
elseif ($action == 'rebuild') {
print_err("catalog_build calling Catalog.build 2");
$b->build($settings, $board);
if($settings['has_overboard']) {
if(isset($settings['has_overboard']) && $settings['has_overboard']) {
$b->buildOverboardCatalog($settings, $boards);
}
}

51
templates/themes/categories/news.html
View File

@ -25,12 +25,53 @@
{% endfor %}
{% endif %}
</div>
{% if stats %}
<div class="ban" style="border: none; background: none;">
<h1 id="post-statistics">
{% trans "Post Statistics" %}
</h1>
</div>
<table class="modlog" style="width: 50%; text-align: left;">
<thead>
<tr>
<th>{% trans "Board" %}</th>
<th>{% trans "PPH" %}</th>
<th>{% trans "Recent IPs" %}</th>
</tr>
</thead>
<tbody>
<tr>
<td class="minimal">
<span>{% trans "Total" %}</span>
</td>
<td class="minimal">
<span>{{ stats.pph }}</span>
</td>
<td class="minimal">
<span>{{ stats.recent_ips }}</span>
</td>
</tr>
{% for boardStat in stats.boards %}
<tr>
<td class="minimal">
<span>{{ boardStat.title }}</span>
</td>
<td class="minimal">
<span>{{ boardStat.pph }}</span>
</td>
<td class="minimal">
<span>{{ boardStat.recent_ips }}</span>
</td>
</tr>
{% endfor %}
</tbody>
</table>
{% endif %}
<footer>
<p class="unimportant" style="margin-top:20px;text-align:center;">- Tinyboard +
<a href="https://engine.vichan.net/">vichan</a> {{ config.version }} -
<br>Tinyboard Copyright &copy; 2010-2014 Tinyboard Development Group
<br><a href="https://engine.vichan.net/">vichan</a> Copyright &copy; 2012-2016 vichan-devel
<p class="unimportant" style="margin-top:20px;text-align:center;">- Tinyboard +
<a href="https://engine.vichan.net/">vichan</a> {{ config.version }} -
<br>Tinyboard Copyright &copy; 2010-2014 Tinyboard Development Group
<br><a href="https://engine.vichan.net/">vichan</a> Copyright &copy; 2012-2016 vichan-devel
<br><br>
<br><b>Leftypol.org is not currently under investigation by any Federal, State, or Local Authorities.</b></p>
</footer>

92
templates/themes/categories/theme.php
View File

@ -1,12 +1,12 @@
<?php
require 'info.php';
function categories_build($action, $settings, $board) {
// Possible values for $action:
// - all (rebuild everything, initialization)
// - news (news has been updated)
// - boards (board list changed)
Categories::build($action, $settings);
}
@ -15,21 +15,28 @@
public static function build($action, $settings) {
global $config;
if ($action == 'all')
if ($action == 'all' ||
$action == 'boards' ||
$action == 'news' ||
$action == 'post' ||
$action == 'post-thread' ||
$action == 'post-delete'){
file_write($config['dir']['home'] . $settings['file_main'], Categories::homepage($settings));
if ($action == 'all' || $action == 'boards')
file_write($config['dir']['home'] . $settings['file_sidebar'], Categories::sidebar($settings));
if ($action == 'all' || $action == 'news')
file_write($config['dir']['home'] . $settings['file_news'], Categories::news($settings));
}
if ($action == 'all'){
file_write($config['dir']['home'] . $settings['file_sidebar'], Categories::sidebar($settings));
}
}
// Build homepage
public static function homepage($settings) {
global $config;
$query = query("SELECT * FROM ``news`` ORDER BY `time` DESC") or error(db_error());
$news = $query->fetchAll(PDO::FETCH_ASSOC);
$stats = Categories::getPostStatistics($settings);
return Element(
'themes/categories/frames.html',
Array(
@ -37,31 +44,33 @@
'settings' => $settings,
'categories' => Categories::getCategories($config),
'news' => $news,
'stats' => $stats,
'boardlist' => createBoardlist(false)
)
);
}
// Build news page
public static function news($settings) {
global $config;
$query = query("SELECT * FROM ``news`` ORDER BY `time` DESC") or error(db_error());
$news = $query->fetchAll(PDO::FETCH_ASSOC);
$stats = Categories::getPostStatistics($settings);
return Element('themes/categories/news.html', Array(
'settings' => $settings,
'config' => $config,
'news' => $news,
'stats' => $stats,
'boardlist' => createBoardlist(false)
));
}
// Build sidebar
public static function sidebar($settings) {
global $config, $board;
return Element('themes/categories/sidebar.html', Array(
'settings' => $settings,
'config' => $config,
@ -71,7 +80,7 @@
private static function getCategories($config) {
$categories = $config['categories'];
foreach ($categories as &$boards) {
foreach ($boards as &$board) {
$title = boardTitle($board);
@ -83,6 +92,57 @@
return $categories;
}
private static function getPostStatistics($settings) {
global $config;
if (!isset($config['boards'])) {
return null;
}
$stats = [];
$unique = [];
foreach (array_merge(... $config['boards']) as $uri) {
$_board = getBoardInfo($uri);
if (!$_board) {
// board doesn't exist.
continue;
}
$boardStat['title'] = $_board['title'];
$pph_query = query(
sprintf("SELECT COUNT(*) AS count FROM ``posts_%s`` WHERE time > %d",
$_board['uri'],
time()-3600)
) or error(db_error());
$boardStat['pph'] = $pph_query->fetch()['count'];
$unique_query = query(
sprintf("SELECT DISTINCT ip FROM ``posts_%s`` WHERE time > %d",
$_board['uri'],
time()-3600)
) or error(db_error());
$unique_ips = $unique_query->fetchAll();
$boardStat['recent_ips'] = count($unique_ips);
foreach ($unique_ips as $_k => $row) {
$unique[$row['ip']] = true;
}
$stats['boards'][] = $boardStat;
}
$stats['recent_ips'] = count($unique);
$stats['pph'] = array_sum(array_column($stats['boards'], 'pph'));
return $stats;
}
};
?>