0
/
leftypol_lainchan
1
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

Merge pull request #92 from Macil/fixes 

Miscellaneous bugfixes
This commit is contained in:
Michael 2013-01-18 23:02:24 -08:00
parent ced540a66e 3a9ed90c58
commit 6aac2472e6
6 changed files with 34 additions and 51 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
inc/display.php
View File

@ -216,7 +216,7 @@ function truncate($body, $url, $max_lines = false, $max_chars = false) {
function secure_link_confirm($text, $title, $confirm_message, $href) { function secure_link_confirm($text, $title, $confirm_message, $href) {
global $config; global $config;
return '<a onclick="if (confirm(\'' . htmlentities(addslashes($confirm_message)) . '\')) document.location=\'?/' . htmlentities(addslashes($href . '/' . make_secure_link_token($href))) . '\';return false;" title="' . htmlentities($title) . '" href="?/' . $href . '">' . $text . '</a>'; return '<a onclick="if (event.which==2) return true;if (confirm(\'' . htmlentities(addslashes($confirm_message)) . '\')) document.location=\'?/' . htmlentities(addslashes($href . '/' . make_secure_link_token($href))) . '\';return false;" title="' . htmlentities($title) . '" href="?/' . $href . '">' . $text . '</a>';
} }
function secure_link($href) { function secure_link($href) {
return $href . '/' . make_secure_link_token($href); return $href . '/' . make_secure_link_token($href);
@ -350,8 +350,8 @@ class Thread {
// Fix internal links // Fix internal links
// Very complicated regex // Very complicated regex
$this->body = preg_replace( $this->body = preg_replace(
'/<a(([a-zA-Z]+="[^"]+")|[a-zA-Z]+=[a-zA-Z]+|\s)*href="' . preg_quote($config['root'], '/') . '(' . sprintf(preg_quote($config['board_path'], '/'), '\w+') . ')/', '/<a((([a-zA-Z]+="[^"]+")|[a-zA-Z]+=[a-zA-Z]+|\s)*)href="' . preg_quote($config['root'], '/') . '(' . sprintf(preg_quote($config['board_path'], '/'), '\w+') . ')/',
'<a href="?/$3', '<a $1href="?/$4',
$this->body $this->body
); );
} }

4
inc/functions.php
View File

@ -527,7 +527,7 @@ function checkFlood($post) {
$query = prepare(sprintf("SELECT * FROM `posts_%s` WHERE (`ip` = :ip AND `time` >= :floodtime) OR (`ip` = :ip AND `body` != '' AND `body` = :body AND `time` >= :floodsameiptime) OR (`body` != '' AND `body` = :body AND `time` >= :floodsametime) LIMIT 1", $board['uri'])); $query = prepare(sprintf("SELECT * FROM `posts_%s` WHERE (`ip` = :ip AND `time` >= :floodtime) OR (`ip` = :ip AND `body` != '' AND `body` = :body AND `time` >= :floodsameiptime) OR (`body` != '' AND `body` = :body AND `time` >= :floodsametime) LIMIT 1", $board['uri']));
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']); $query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
$query->bindValue(':body', $post['body'], PDO::PARAM_INT); $query->bindValue(':body', $post['body']);
$query->bindValue(':floodtime', time()-$config['flood_time'], PDO::PARAM_INT); $query->bindValue(':floodtime', time()-$config['flood_time'], PDO::PARAM_INT);
$query->bindValue(':floodsameiptime', time()-$config['flood_time_ip'], PDO::PARAM_INT); $query->bindValue(':floodsameiptime', time()-$config['flood_time_ip'], PDO::PARAM_INT);
$query->bindValue(':floodsametime', time()-$config['flood_time_same'], PDO::PARAM_INT); $query->bindValue(':floodsametime', time()-$config['flood_time_same'], PDO::PARAM_INT);
@ -697,7 +697,7 @@ function threadExists($id) {
function post(array $post) { function post(array $post) {
global $pdo, $board; global $pdo, $board;
$query = prepare(sprintf("INSERT INTO `posts_%s` VALUES ( NULL, :thread, :subject, :email, :name, :trip, :capcode, :body, :body_nomarkup, :time, :time, :thumb, :thumbwidth, :thumbheight, :file, :width, :height, :filesize, :filename, :filehash, :password, :ip, :sticky, :locked, 0, :embed)", $board['uri'])); $query = prepare(sprintf("INSERT INTO `posts_%s` (`id`, `thread`, `subject`, `email`, `name`, `trip`, `capcode`, `body`, `body_nomarkup`, `time`, `bump`, `thumb`, `thumbwidth`, `thumbheight`, `file`, `filewidth`, `fileheight`, `filesize`, `filename`, `filehash`, `password`, `ip`, `sticky`, `locked`, `sage`, `embed`) VALUES ( NULL, :thread, :subject, :email, :name, :trip, :capcode, :body, :body_nomarkup, :time, :time, :thumb, :thumbwidth, :thumbheight, :file, :width, :height, :filesize, :filename, :filehash, :password, :ip, :sticky, :locked, 0, :embed)", $board['uri']));
// Basic stuff // Basic stuff
if (!empty($post['subject'])) { if (!empty($post['subject'])) {

37
inc/mod/pages.php
View File

@ -64,6 +64,7 @@ function mod_confirm($request) {
} }
function mod_logout() { function mod_logout() {
global $config;
destroyCookies(); destroyCookies();
header('Location: ?/', true, $config['redirect_http']); header('Location: ?/', true, $config['redirect_http']);
@ -706,7 +707,7 @@ function mod_sticky($board, $unsticky, $post) {
$query->bindValue(':sticky', $unsticky ? 0 : 1); $query->bindValue(':sticky', $unsticky ? 0 : 1);
$query->execute() or error(db_error($query)); $query->execute() or error(db_error($query));
if ($query->rowCount()) { if ($query->rowCount()) {
modLog(($unlock ? 'Unstickied' : 'Stickied') . " thread #{$post}"); modLog(($unsticky ? 'Unstickied' : 'Stickied') . " thread #{$post}");
buildThread($post); buildThread($post);
buildIndex(); buildIndex();
} }
@ -728,7 +729,7 @@ function mod_bumplock($board, $unbumplock, $post) {
$query->bindValue(':bumplock', $unbumplock ? 0 : 1); $query->bindValue(':bumplock', $unbumplock ? 0 : 1);
$query->execute() or error(db_error($query)); $query->execute() or error(db_error($query));
if ($query->rowCount()) { if ($query->rowCount()) {
modLog(($unlock ? 'Unbumplocked' : 'Bumplocked') . " thread #{$post}"); modLog(($unbumplock ? 'Unbumplocked' : 'Bumplocked') . " thread #{$post}");
buildThread($post); buildThread($post);
buildIndex(); buildIndex();
} }
@ -1019,13 +1020,6 @@ function mod_deletefile($board, $post) {
// Record the action // Record the action
modLog("Deleted file from post #{$post}"); modLog("Deleted file from post #{$post}");
$query = prepare(sprintf('SELECT `thread` FROM `posts_%s` WHERE `id` = :id', $board));
$query->bindValue(':id', $post);
$query->execute() or error(db_error($query));
$thread = $query->fetchColumn();
// Rebuild thread
buildThread($thread ? $thread : $post);
// Rebuild board // Rebuild board
buildIndex(); buildIndex();
@ -1058,7 +1052,7 @@ function mod_deletebyip($boardName, $post, $global = false) {
$query = ''; $query = '';
foreach ($boards as $_board) { foreach ($boards as $_board) {
$query .= sprintf("SELECT `id`, '%s' AS `board` FROM `posts_%s` WHERE `ip` = :ip UNION ALL ", $_board['uri'], $_board['uri']); $query .= sprintf("SELECT `thread`, `id`, '%s' AS `board` FROM `posts_%s` WHERE `ip` = :ip UNION ALL ", $_board['uri'], $_board['uri']);
} }
$query = preg_replace('/UNION ALL $/', '', $query); $query = preg_replace('/UNION ALL $/', '', $query);
@ -1069,18 +1063,27 @@ function mod_deletebyip($boardName, $post, $global = false) {
if ($query->rowCount() < 1) if ($query->rowCount() < 1)
error($config['error']['invalidpost']); error($config['error']['invalidpost']);
$boards = array(); set_time_limit($config['mod']['rebuild_timelimit']);
$threads_to_rebuild = array();
$threads_deleted = array();
while ($post = $query->fetch()) { while ($post = $query->fetch()) {
openBoard($post['board']); openBoard($post['board']);
$boards[] = $post['board'];
deletePost($post['id'], false); deletePost($post['id'], false, false);
if ($post['thread'])
$threads_to_rebuild[$post['board']][$post['thread']] = true;
else
$threads_deleted[$post['board']][$post['id']] = true;
} }
$boards = array_unique($boards); foreach ($threads_to_rebuild as $_board => $_threads) {
foreach ($boards as $_board) {
openBoard($_board); openBoard($_board);
foreach ($_threads as $_thread => $_dummy) {
if ($_dummy && !isset($threads_deleted[$_board][$_thread]))
buildThread($_thread);
}
buildIndex(); buildIndex();
} }
@ -1412,6 +1415,8 @@ function mod_rebuild() {
error($config['error']['noaccess']); error($config['error']['noaccess']);
if (isset($_POST['rebuild'])) { if (isset($_POST['rebuild'])) {
set_time_limit($config['mod']['rebuild_timelimit']);
$log = array(); $log = array();
$boards = listBoards(); $boards = listBoards();
$rebuilt_scripts = array(); $rebuilt_scripts = array();

34
post.php
View File

@ -407,34 +407,12 @@ if (isset($_POST['delete'])) {
require_once 'inc/image.php'; require_once 'inc/image.php';
if ($config['thumb_method'] == 'imagick') { // find dimensions of an image using GD
// This is tricky, because Imagick won't let us find if (!$size = @getimagesize($upload)) {
// an image's dimensions without loading it all into error($config['error']['invalidimg']);
// memory first, unlike GD which provides the }
// getimagesize() to do exactly that. This section if ($size[0] > $config['max_width'] || $size[1] > $config['max_height']) {
// is why GD is required, even when using Imagick error($config['error']['maxsize']);
// instead. There doesn't seem to be an alternative.
// Necessary for security, as Imagick even ignores
// PHP's memory limit.
// first try GD's getimagesize()
if ($size = @getimagesize($upload)) {
if ($size[0] > $config['max_width'] || $size[1] > $config['max_height']) {
error($config['error']['maxsize']);
}
} else {
// GD failed
// TODO?
}
} else {
// find dimensions of an image using GD
if (!$size = @getimagesize($upload)) {
error($config['error']['invalidimg']);
}
if ($size[0] > $config['max_width'] || $size[1] > $config['max_height']) {
error($config['error']['maxsize']);
}
} }
// create image object // create image object

2
templates/post_reply.html
View File

@ -63,7 +63,7 @@
, {{ post.ratio }} , {{ post.ratio }}
{% endif %} {% endif %}
{% endif %} {% endif %}
{% if config.show_filename %} {% if config.show_filename and post.filename %}
, ,
{% if post.filename|length > config.max_filename_display %} {% if post.filename|length > config.max_filename_display %}
<span title="{{ post.filename }}">{{ post.filename|truncate(config.max_filename_display) }}</span> <span title="{{ post.filename }}">{{ post.filename|truncate(config.max_filename_display) }}</span>

2
templates/post_thread.html
View File

@ -20,7 +20,7 @@
, {{ post.ratio }} , {{ post.ratio }}
{% endif %} {% endif %}
{% endif %} {% endif %}
{% if config.show_filename %} {% if config.show_filename and post.filename %}
, ,
{% if post.filename|length > config.max_filename_display %} {% if post.filename|length > config.max_filename_display %}
<span title="{{ post.filename }}">{{ post.filename|truncate(config.max_filename_display) }}</span> <span title="{{ post.filename }}">{{ post.filename|truncate(config.max_filename_display) }}</span>