0
/
leftypol_lainchan
1
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

Merge branch 'master' of github.com:vichan-devel/vichan

This commit is contained in:
czaks 2016-05-05 10:54:09 +02:00
parent 186ad5ca86 19b70663d7
commit d310abc95c
5 changed files with 17 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
inc/functions.php
View File

@ -880,7 +880,7 @@ function displayBan($ban) {
Element('page.html', array( Element('page.html', array(
'title' => _('Banned!'), 'title' => _('Banned!'),
'config' => $config, 'config' => $config,
'nojavascript' => true, 'boardlist' => createBoardlist($mod),
'body' => Element('banned.html', array( 'body' => Element('banned.html', array(
'config' => $config, 'config' => $config,
'ban' => $ban, 'ban' => $ban,

4
inc/mod/pages.php
View File

@ -15,7 +15,7 @@ function mod_page($title, $template, $args, $subtitle = false) {
'hide_dashboard_link' => $template == 'mod/dashboard.html', 'hide_dashboard_link' => $template == 'mod/dashboard.html',
'title' => $title, 'title' => $title,
'subtitle' => $subtitle, 'subtitle' => $subtitle,
'nojavascript' => true, 'boardlist' => createBoardlist($mod),
'body' => Element($template, 'body' => Element($template,
array_merge( array_merge(
array('config' => $config, 'mod' => $mod), array('config' => $config, 'mod' => $mod),
@ -846,7 +846,7 @@ function mod_page_ip($ip) {
$args['security_token'] = make_secure_link_token('IP/' . $ip); $args['security_token'] = make_secure_link_token('IP/' . $ip);
mod_page(sprintf('%s: %s', _('IP'), $ip), 'mod/view_ip.html', $args, $args['hostname']); mod_page(sprintf('%s: %s', _('IP'), htmlspecialchars($ip)), 'mod/view_ip.html', $args, $args['hostname']);
} }
function mod_ban() { function mod_ban() {

10
mod.php
View File

@ -12,16 +12,6 @@ require_once 'inc/mod/auth.php';
if ($config['debug']) if ($config['debug'])
$parse_start_time = microtime(true); $parse_start_time = microtime(true);
// Fix for magic quotes
if (get_magic_quotes_gpc()) {
function strip_array($var) {
return is_array($var) ? array_map('strip_array', $var) : stripslashes($var);
}
$_GET = strip_array($_GET);
$_POST = strip_array($_POST);
}
$query = isset($_SERVER['QUERY_STRING']) ? rawurldecode($_SERVER['QUERY_STRING']) : ''; $query = isset($_SERVER['QUERY_STRING']) ? rawurldecode($_SERVER['QUERY_STRING']) : '';
$pages = array( $pages = array(

29
post.php
View File

@ -7,16 +7,6 @@ require_once 'inc/functions.php';
require_once 'inc/anti-bot.php'; require_once 'inc/anti-bot.php';
require_once 'inc/bans.php'; require_once 'inc/bans.php';
// Fix for magic quotes
if (get_magic_quotes_gpc()) {
function strip_array($var) {
return is_array($var) ? array_map('strip_array', $var) : stripslashes($var);
}
$_GET = strip_array($_GET);
$_POST = strip_array($_POST);
}
if ((!isset($_POST['mod']) || !$_POST['mod']) && $config['board_locked']) { if ((!isset($_POST['mod']) || !$_POST['mod']) && $config['board_locked']) {
error("Board is locked"); error("Board is locked");
} }
@ -447,7 +437,7 @@ if (isset($_POST['delete'])) {
$i = 0; $i = 0;
foreach ($_FILES as $key => $file) { foreach ($_FILES as $key => $file) {
if ($file['size'] && $file['tmp_name']) { if ($file['size'] && $file['tmp_name']) {
$file['filename'] = urldecode(get_magic_quotes_gpc() ? stripslashes($file['name']) : $file['name']); $file['filename'] = urldecode($file['name']);
$file['extension'] = strtolower(mb_substr($file['filename'], mb_strrpos($file['filename'], '.') + 1)); $file['extension'] = strtolower(mb_substr($file['filename'], mb_strrpos($file['filename'], '.') + 1));
if (isset($config['filename_func'])) if (isset($config['filename_func']))
$file['file_id'] = $config['filename_func']($file); $file['file_id'] = $config['filename_func']($file);
@ -625,12 +615,14 @@ if (isset($_POST['delete'])) {
if ($post['has_file']) { if ($post['has_file']) {
foreach ($post['files'] as $key => &$file) { foreach ($post['files'] as $key => &$file) {
if ($file['is_an_image'] && $config['ie_mime_type_detection'] !== false) { if ($file['is_an_image']) {
// Check IE MIME type detection XSS exploit if ($config['ie_mime_type_detection'] !== false) {
$buffer = file_get_contents($upload, null, null, null, 255); // Check IE MIME type detection XSS exploit
if (preg_match($config['ie_mime_type_detection'], $buffer)) { $buffer = file_get_contents($upload, null, null, null, 255);
undoImage($post); if (preg_match($config['ie_mime_type_detection'], $buffer)) {
error($config['error']['mime_exploit']); undoImage($post);
error($config['error']['mime_exploit']);
}
} }
require_once 'inc/image.php'; require_once 'inc/image.php';
@ -639,6 +631,9 @@ if (isset($_POST['delete'])) {
if (!$size = @getimagesize($file['tmp_name'])) { if (!$size = @getimagesize($file['tmp_name'])) {
error($config['error']['invalidimg']); error($config['error']['invalidimg']);
} }
if (!in_array($size[2], array(IMAGETYPE_PNG, IMAGETYPE_GIF, IMAGETYPE_JPEG, IMAGETYPE_BMP))) {
error($config['error']['invalidimg']);
}
if ($size[0] > $config['max_width'] || $size[1] > $config['max_height']) { if ($size[0] > $config['max_width'] || $size[1] > $config['max_height']) {
error($config['error']['maxsize']); error($config['error']['maxsize']);
} }

2
templates/page.html
View File

@ -9,6 +9,8 @@
<title>{{ title }}</title> <title>{{ title }}</title>
</head> </head>
<body> <body>
{{ boardlist.top }}
{% if pm %}<div class="top_notice">You have <a href="?/PM/{{ pm.id }}">an unread PM</a>{% if pm.waiting > 0 %}, plus {{ pm.waiting }} more waiting{% endif %}.</div><hr>{% endif %} {% if pm %}<div class="top_notice">You have <a href="?/PM/{{ pm.id }}">an unread PM</a>{% if pm.waiting > 0 %}, plus {{ pm.waiting }} more waiting{% endif %}.</div><hr>{% endif %}
<header> <header>
<h1>{{ title }}</h1> <h1>{{ title }}</h1>