OP creation rate-limiting

- minimum time between OP is 30 seconds

inc/config.php

@@ -340,6 +340,8 @@
 	 * Read more: http://tinyboard.org/docs/index.php?p=Config/Filters
 	 */
 
+	// Minimum time between between each post.
+	$config['flood_time_any'] = 40;
 	// Minimum time between between each post by the same IP address.
 	$config['flood_time'] = 10;
 	// Minimum time between between each post with the exact same content AND same IP address.
@@ -378,6 +380,17 @@
 		'message' => &$config['error']['flood']
 	);
 
+	$config['filters'][] = array(
+		'condition' => array(
+            'OP' => true,
+            'flood-time-any' => &$config['flood_time_any']
+		),
+        'noip' => true,
+        'find-time' => 60 * 60 * 1,
+		'action' => 'reject',
+		'message' => 'Hmmm'
+	);
+
 	// Example: Minimum time between posts with the same file hash.
 	// $config['filters'][] = array(
 	// 	'condition' => array(

inc/filters.php

@@ -68,6 +68,7 @@ class Filter {
 					$flood_check_matched[] = $flood_post;
 				}
 				
+                // is there any reason for this assignment?
 				$this->flood_check = $flood_check_matched;
 				
 				return !empty($this->flood_check);
@@ -78,6 +79,13 @@ class Filter {
 					}
 				}
 				return false;
+			case 'flood-time-any':
+				foreach ($this->flood_check as $flood_post) {
+					if (time() - $flood_post['time'] <= $match) {
+						return true;
+					}
+				}
+				return false;
 			case 'flood-count':
 				$count = 0;
 				foreach ($this->flood_check as $flood_post) {
@@ -178,7 +186,9 @@ class Filter {
 			if ($condition[0] == '!') {
 				$NOT = true;
 				$condition = substr($condition, 1);
-			} else $NOT = false;
+            } else {
+                $NOT = false;
+            }
 			
 			if ($this->match($condition, $value) == $NOT)
 				return false;
@@ -216,12 +226,18 @@ function do_filters(array $post) {
 	
 	if (!isset($config['filters']) || empty($config['filters']))
 		return;
+
+    // look at the flood table regardless of IP
+    $noip = false;
 	
 	foreach ($config['filters'] as $filter) {
-		if (isset($filter['condition']['flood-match'])) {
+		if (isset($filter['condition']['flood-match']) && (!isset($filter['noip']) || $filter['noip'] == false)) {
 			$has_flood = true;
 			break;
-		}
+        } else if ($filter['noip'] == true) {
+            $noip = true;
+            $find_time = time() - $filter['find-time'];
+        }
 	}
 	
 	if (isset($has_flood)) {
@@ -237,6 +253,11 @@ function do_filters(array $post) {
 		}
 		$query->execute() or error(db_error($query));
 		$flood_check = $query->fetchAll(PDO::FETCH_ASSOC);
+	} else if ($noip) {
+        print_err("SELECT * FROM flood WHERE time > " . strval($find_time));
+        $query = prepare("SELECT * FROM ``flood`` WHERE `time` > $find_time");
+		$query->execute() or error(db_error($query));
+		$flood_check = $query->fetchAll(PDO::FETCH_ASSOC);
 	} else {
 		$flood_check = false;
 	}

inc/instance-config.php

@@ -96,9 +96,12 @@ $config['db']['password'] = '';
 $config['cookies']['mod'] = 'mod';
 $config['cookies']['salt'] = 'MGYwNjhlNjU5Y2QxNWU3YjQ3MzQ1Yj';
 
-$config['flood_time'] = 30;
+
-$config['flood_time_ip'] = 60;
+$config['flood_cache'] = 60 * 60 * 1; // 1 hours
-$config['flood_time_same'] = 60;
+$config['flood_time_any'] = 20; // in seconds
+$config['flood_time'] = 0;
+$config['flood_time_ip'] = 0;
+$config['flood_time_same'] = 0;
 $config['max_body'] = 100000;
 $config['reply_limit'] = 250;
 $config['max_links'] = 40;