0
/
leftypol_lainchan
1
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity
3,738 Commits 4 Branches 0 Tags 137 MiB
Commit Graph

1646 Commits

Author SHA1 Message Date
czaks a5e22f6d63 split route and controller parts from smart build 2016-05-08 02:50:44 +02:00
Fredrick Brennan 505adffcdc Cyclical threads ♺ 2016-05-06 16:39:20 +02:00
czaks ab02a42725 maybe we can try to load Parsedown, after all we can silence the error 2016-05-06 16:27:43 +02:00
8chan d788131202 Allow a board called news to exist 2016-05-06 16:26:17 +02:00
czaks d726eaf195 we don't have a htmlpurifier yet ;_; 2016-05-06 16:07:21 +02:00
Fredrick Brennan 95b1e103cb Edit static pages commit 2016-05-06 16:03:55 +02:00
8chan 7911c374e8 Public action logs commit (log.php) 
Note: In a previous commit, I began making inc/mod/auth.php more modular with the check_login() function. Including it does NOT check mod login by default anymore like it does on vichan. You have to call check_login(). I've finally included it in inc/functions.php. If you have any custom pages that use inc/mod/auth.php, just including functions.php is enough now.

===================================
Also: backports 351375185e5 (early 404)
 2016-05-06 15:44:26 +02:00
8chan 6dd1420f91 Add event to quote backlinks 2016-05-06 15:15:17 +02:00
8chan ce3ce4f1b6 Fix *0 secure tripcodes caused by accidentally feeding + signs to crypt() 2016-05-06 15:14:55 +02:00
8chan 7831da83fc New event: rebuildpost, allows you to bind events to ?/edit 2016-05-06 15:13:27 +02:00
Fredrick Brennan b476b66007 [BUG] Image reject repost board option now also affects YT embeds 2016-05-06 15:12:08 +02:00
czaks 126ee42b9d better rules for stripping combined chars, based on 45c0d327619 by @ctrlcctrlv 2016-05-06 14:34:42 +02:00
czaks 33ef3f9b01 synchronize catalog_link 2016-05-06 14:14:22 +02:00
8chan 7a7574bdca SECURITY / XSS : ?/edit allowed arbitrary HTML to be added by any user thru addition of <tinyboard raw html>1</tinyboard> 
This allowed ANY user with ?/edit privilege to also have raw_html regardless of whether they had $config['mod']['rawhtml']

Now, any changes to <tinyboard> markup modifiers via ?/edit are not allowed. They are removed at read time, and before write they are removed again and the ones in the database (which should be clean...) are inserted instead.

Please immediately apply this patch to your instance if you are running any version of 8chan/infinity.
 2016-05-06 12:43:25 +02:00
8chan 6da7f4d25a No more country flags in <title> 2016-05-06 12:40:37 +02:00
8chan 632d0a76d0 Display placeholder if no file in catalog/theme.php; czaks: fix the code a bit 2016-05-06 12:37:00 +02:00
8chan 6b04b3c671 Fix post deletion 2016-05-05 13:21:09 +02:00
Fredrick Brennan 8943bb0bb3 Rewrite report system due to flooding 2016-05-05 12:57:52 +02:00
czaks cd01191072 those parts are extraneous 2016-05-05 11:45:29 +02:00
8chan 3eb755ee7e Move login check in inc/mod/auth.php to a function 
This allows pages like create.php to not include inc/mod/pages.php while still being able to use the mod auth functions (like generating salts and passwords)
 2016-05-05 11:40:52 +02:00
8chan Admin 93f748e6a8 Security: capitalization of mods username is significant 2016-05-05 11:39:12 +02:00
czaks d310abc95c Merge branch 'master' of github.com:vichan-devel/vichan 2016-05-05 10:54:09 +02:00
czaks abe4bdd6ae fixup 2016-05-05 10:52:58 +02:00
czaks 77176faece enable javascript in mod panel 2016-05-05 09:56:54 +02:00
czaks a42256b296 locale cache: fix a bug when perms are done wrong 2016-05-05 08:43:34 +02:00
czaks 36b78e5f98 fix for editor highlighting 2016-05-05 08:40:13 +02:00
czaks dcf5d699bd simplify the md5 execution logic 2016-05-05 08:22:19 +02:00
czaks 9768161327 simplify the code a bit 2016-05-05 07:51:55 +02:00
czaks 7c3126866c ease the migration process for the previous security patch (by introducing another migration); restore php 5.4 compatibility (introducing a polyfill system) 2016-05-05 06:43:22 +02:00
czaks caaf741691 [SECURITY] keep up with modern password hashing standards 2016-04-22 05:35:43 +02:00
Matthieu d2de4419bd Added: config option to hide email in post. (prevent emailfag but let the possibility to sage and noko) 2016-01-26 00:50:55 +01:00
czaks 6d4e756240 fix a bug for some bad database state. thanks Seisatsu for testing 2015-09-11 12:49:42 +02:00
czaks 706feeddff fix cache_config: webms were thumbnailed twice and with the latest addition, they couldn`t resize at all 2015-08-11 04:51:27 +02:00
czaks a54488d900 Merge branch 'master' of github.com:vichan-devel/Tinyboard 2015-08-11 03:47:54 +02:00
czaks 1136cc0e44 reflect in readme, that we support .mp4 files as well now 2015-08-11 03:47:44 +02:00
czaks ccd00c497c a stricter check for webm processing 2015-08-11 03:46:02 +02:00
Marcin Łabanowski 11d4cb0f4f Merge pull request #155 from 27chan/patch-7 
Add extension mp4
 2015-08-11 03:44:51 +02:00
Marcin Łabanowski b0eb49de82 Merge pull request #160 from 27chan/patch-10 
Add extension mp4
 2015-08-11 03:39:22 +02:00
27chan 219c1987a9 Add extension mp4 2015-08-10 22:25:09 -03:00
27chan f1cbbbc15a Add extension mp4 2015-08-10 22:15:21 -03:00
27chan 601c8cebc9 Add extension mp4 2015-08-10 22:13:42 -03:00
czaks d3d167affb SECURITY: XSS fix for youtube.js/metacafe embed 2015-07-08 16:26:58 +02:00
Anonke 3f29bdfac9 the poster IDs were showing in API despite being disabled 2015-05-30 20:46:43 +02:00
czaks 2d9214ac63 version check should point at engine.vichan.net and not tinyboard.org actually 2015-04-23 08:18:36 +02:00
czaks 4c1d2f924c fix error while installing themes; thanks xixi 2015-04-23 07:57:52 +02:00
Marcin Łabanowski 4014682882 fileboard support 2015-04-22 06:06:34 +02:00
czaks 1b16e97f67 [code] fix regexps 2015-04-12 03:08:40 +02:00
czaks 197d5f236f [code] tag support 2015-04-12 01:14:35 +02:00
8chan f2848f2242 Update GeoIP database 2015-04-10 15:03:35 +02:00
czaks 11dfc8bbdc fs cache backend: silence the error 2015-04-06 22:51:02 +02:00