126ee42b9d
better rules for stripping combined chars, based on 45c0d327619 by @ctrlcctrlv
2016-05-06 14:34:42 +02:00
33ef3f9b01
synchronize catalog_link
2016-05-06 14:14:22 +02:00
7a7574bdca
SECURITY / XSS : ?/edit allowed arbitrary HTML to be added by any user thru addition of <tinyboard raw html>1</tinyboard>
...
This allowed ANY user with ?/edit privilege to also have raw_html regardless of whether they had $config['mod']['rawhtml']
Now, any changes to <tinyboard> markup modifiers via ?/edit are not allowed. They are removed at read time, and before write they are removed again and the ones in the database (which should be clean...) are inserted instead.
Please immediately apply this patch to your instance if you are running any version of 8chan/infinity.
2016-05-06 12:43:25 +02:00
6da7f4d25a
No more country flags in <title>
2016-05-06 12:40:37 +02:00
632d0a76d0
Display placeholder if no file in catalog/theme.php; czaks: fix the code a bit
2016-05-06 12:37:00 +02:00
6b04b3c671
Fix post deletion
2016-05-05 13:21:09 +02:00
8943bb0bb3
Rewrite report system due to flooding
2016-05-05 12:57:52 +02:00
cd01191072
those parts are extraneous
2016-05-05 11:45:29 +02:00
3eb755ee7e
Move login check in inc/mod/auth.php to a function
...
This allows pages like create.php to not include inc/mod/pages.php while still being able to use the mod auth functions (like generating salts and passwords)
2016-05-05 11:40:52 +02:00
93f748e6a8
Security: capitalization of mods username is significant
2016-05-05 11:39:12 +02:00
d310abc95c
Merge branch 'master' of github.com:vichan-devel/vichan
2016-05-05 10:54:09 +02:00
abe4bdd6ae
fixup
2016-05-05 10:52:58 +02:00
77176faece
enable javascript in mod panel
2016-05-05 09:56:54 +02:00
a42256b296
locale cache: fix a bug when perms are done wrong
2016-05-05 08:43:34 +02:00
36b78e5f98
fix for editor highlighting
2016-05-05 08:40:13 +02:00
dcf5d699bd
simplify the md5 execution logic
2016-05-05 08:22:19 +02:00
9768161327
simplify the code a bit
2016-05-05 07:51:55 +02:00
7c3126866c
ease the migration process for the previous security patch (by introducing another migration); restore php 5.4 compatibility (introducing a polyfill system)
2016-05-05 06:43:22 +02:00
caaf741691
[SECURITY] keep up with modern password hashing standards
2016-04-22 05:35:43 +02:00
9f00630b40
Display banned post contents if reason does not contain cp
2016-02-11 15:21:54 +00:00
d2de4419bd
Added: config option to hide email in post. (prevent emailfag but let the possibility to sage and noko)
2016-01-26 00:50:55 +01:00
d46428b5b7
Trim leading newlines and trailing whitespace from code blocks.
2016-01-03 21:05:31 +00:00
692ca79d8b
Don't include post messages in public banlist
2015-10-17 23:57:36 +01:00
166ba2a0a2
Merge remote-tracking branch 'vichan/master'
2015-09-12 21:03:54 +01:00
6d4e756240
fix a bug for some bad database state. thanks Seisatsu for testing
2015-09-11 12:49:42 +02:00
706feeddff
fix cache_config: webms were thumbnailed twice and with the latest addition, they couldn`t resize at all
2015-08-11 04:51:27 +02:00
a54488d900
Merge branch 'master' of github.com:vichan-devel/Tinyboard
2015-08-11 03:47:54 +02:00
1136cc0e44
reflect in readme, that we support .mp4 files as well now
2015-08-11 03:47:44 +02:00
ccd00c497c
a stricter check for webm processing
2015-08-11 03:46:02 +02:00
11d4cb0f4f
Merge pull request #155 from 27chan/patch-7
...
Add extension mp4
2015-08-11 03:44:51 +02:00
b0eb49de82
Merge pull request #160 from 27chan/patch-10
...
Add extension mp4
2015-08-11 03:39:22 +02:00
219c1987a9
Add extension mp4
2015-08-10 22:25:09 -03:00
f1cbbbc15a
Add extension mp4
2015-08-10 22:15:21 -03:00
601c8cebc9
Add extension mp4
2015-08-10 22:13:42 -03:00
d3d167affb
SECURITY: XSS fix for youtube.js/metacafe embed
2015-07-08 16:26:58 +02:00
b25b443e55
Fix a few fatal errors
2015-06-13 22:34:14 +02:00
3f29bdfac9
the poster IDs were showing in API despite being disabled
2015-05-30 20:46:43 +02:00
4b40f69a4e
Merge remote-tracking branch 'upstream/master' into vichan-merge
2015-05-29 01:34:53 -07:00
61d9dacdfb
When banning/deleting a post, return to the thread, not the board index (unless deleting the OP)
2015-05-10 13:22:53 +01:00
649255c9b9
When deleting a post, return to the thread, not the board index (unless deleting the OP)
2015-05-10 03:01:55 +01:00
4184fdec6e
Pass the thread ID when banning/deleting
2015-05-10 02:56:48 +01:00
2d9214ac63
version check should point at engine.vichan.net and not tinyboard.org actually
2015-04-23 08:18:36 +02:00
4c1d2f924c
fix error while installing themes; thanks xixi
2015-04-23 07:57:52 +02:00
4014682882
fileboard support
2015-04-22 06:06:34 +02:00
1b16e97f67
[code] fix regexps
2015-04-12 03:08:40 +02:00
197d5f236f
[code] tag support
2015-04-12 01:14:35 +02:00
f2848f2242
Update GeoIP database
2015-04-10 15:03:35 +02:00
11dfc8bbdc
fs cache backend: silence the error
2015-04-06 22:51:02 +02:00
094f60d34d
try_smarter: fix two bugs. 1. uncovered by the second, during a bump only the page the thread was on and first page were rebuild, despite threads rearranging their positions on the remaining pages. happening always. 2. during smart build, the page wasn`t ordered to be rebuilt
2015-04-06 18:59:33 +02:00
8fcb9195c8
Merge pull request #137 from lewdchan/master
...
made the define_groups function play nice on hhvm
2015-04-05 20:51:51 +02:00
c50635c700
Merge branch 'master' of github.com:vichan-devel/Tinyboard
2015-04-05 20:37:40 +02:00
9831b582fa
groups were not defined
2015-04-05 20:25:57 +02:00
6fd4eb2add
fix a locale issue
2015-04-05 20:23:57 +02:00
f053450edf
cache_config: fix debug notice
2015-04-05 20:04:27 +02:00
45f11d1d78
indent the file (inc/functions.php) after the latest changes
2015-04-05 19:12:41 +02:00
dc2928a14d
cache_config preliminary release
2015-04-05 18:48:53 +02:00
1d28b4be4d
cache.php: fs cache
2015-04-05 17:13:55 +02:00
b78b3db010
uncache themes on settings change
2015-04-05 16:59:04 +02:00
758cb94e01
optimization: locale caching, so we don`t have to reparse instance-config every single time
2015-04-05 16:52:35 +02:00
71ef3430fc
optimization: get rid of one more sql query related to installed themes
2015-04-05 16:38:16 +02:00
34eeaccea9
optimization: we don`t need bans.php most of the time and bans.php has big dependencies
2015-04-05 16:31:20 +02:00
cbbebcd20c
optimization: if gettext.so is loaded, we don`t need the fallback implementation
2015-04-05 16:26:32 +02:00
fa2e6cfa80
made the define_groups function play nice on hhvm
2015-04-05 20:14:58 +09:30
8cf28682e7
Removed tab at start of api.php to fix ban list and possibly other stuff
2015-04-03 08:03:15 -04:00
67db118f1e
Revert "Revert "smart_build: buildThread" (for a moment, something b0rks)"
...
This reverts commit b246daa191
2015-04-02 20:30:57 +02:00
99706835c2
Revert "Revert "smart_build for buildIndex""
...
This reverts commit cfb2f55b7a
2015-04-02 20:29:43 +02:00
cfb2f55b7a
Revert "smart_build for buildIndex"
...
This reverts commit 55277ce383
2015-04-02 19:36:55 +02:00
b246daa191
Revert "smart_build: buildThread" (for a moment, something b0rks)
...
This reverts commit f2a74812f0
2015-04-01 18:44:01 +02:00
f2a74812f0
smart_build: buildThread
2015-04-01 18:43:48 +02:00
14671e0535
functions.php fix: after_open_board support; so that we may disable smart_build immediately after open_board
2015-04-01 18:13:32 +02:00
55277ce383
smart_build for buildIndex
2015-04-01 18:11:08 +02:00
d4892aca12
fix one of the previous commits: fix api_global
2015-04-01 17:30:06 +02:00
e4e01e4573
smart build: define configuration variables
2015-04-01 17:16:30 +02:00
4030c42bb4
add a global_api variable for buildIndex
2015-04-01 17:07:24 +02:00
deefe8299b
unlink a .gz version of a file if it exists
2015-04-01 16:56:17 +02:00
7fd8c75450
don`t rebuild a page, when not needed, even if it doesn`t exist
2015-04-01 16:53:28 +02:00
5a9af83ba6
better slugify support for api
2015-03-31 05:50:52 +02:00
e35d261ff4
enable embed field for api
2015-03-31 05:32:38 +02:00
4a22ee9245
Extra files and IDs in API
...
Conflicts:
inc/api.php
2015-03-31 05:28:08 +02:00
300e9e7e71
fix some png images being discarded
2015-03-31 05:20:00 +02:00
5d8e023fc4
remove tinyboard special markup from slugs; thanks stigma for reporting
2015-03-30 06:26:53 +02:00
6b21689dcd
Fix errors about uninitialized config during install
2015-03-27 14:30:43 +01:00
10f93d0d43
implement a protection against transparent proxies
2015-03-24 05:19:25 +01:00
3851087dce
slug size should be configurable
2015-03-12 00:03:22 +01:00
10a8219965
enable a `basic` cache by default; notify me if it breaks your chan
2015-03-12 00:00:59 +01:00
bf1b6103cf
Merge branch 'master' of github.com:vichan-devel/Tinyboard
2015-03-10 14:22:47 +01:00
6c4d3941fa
api fix
2015-03-10 14:22:29 +01:00
4bf525599e
...
2015-03-10 14:19:36 +01:00
a2544bc596
... (cites)
2015-03-10 14:16:27 +01:00
50b80e9e24
... (slug api)
2015-03-10 14:06:44 +01:00
9f34d334d3
..
2015-03-10 13:52:31 +01:00
2f7aeec531
...
2015-03-10 13:48:33 +01:00
58b60f0aa4
...
2015-03-10 13:46:34 +01:00
7623de9e2f
... (cache)
2015-03-10 13:42:10 +01:00
d690567b44
... (minor fix for locales)
2015-03-10 13:16:16 +01:00
0062125f5c
...
2015-03-10 13:09:53 +01:00
fe7e9c5103
...
2015-03-10 13:03:47 +01:00
429c9f890f
...
2015-03-10 13:02:38 +01:00
f4bba2e9ed
...
2015-03-10 12:57:06 +01:00
bdb6001f3f
support for slugified links; may introduce a few bugs
2015-03-10 12:48:59 +01:00
bffe03e651
rearrange config processing a bit
2015-02-27 21:16:03 +01:00
a93f168c79
Merge branch 'master' of github.com:vichan-devel/Tinyboard
2015-02-26 21:44:52 +01:00
0ab8890b67
tools/rebuild: show currently rebuilded themes
2015-02-26 21:44:39 +01:00
aa0d606651
Add in E Z board locking
2015-02-15 21:23:26 -05:00
473e30382c
Remove instance config
2015-01-24 23:49:59 +01:00
daad519b85
config[php_md5] feature
2014-10-24 13:24:33 +02:00
24548e377c
update locales
2014-10-18 13:54:27 +02:00
49079e57fb
Fix expanded tabs
2014-10-18 13:43:25 +02:00
d266908ca9
Fix API: Swap image width/height, make replies an integer, fix original filename
2014-10-18 13:43:25 +02:00
6052ed8d3d
SECURITY: imagemagick/graphicsmagick was ignoring all errors
...
So, in a much older patch I had a problem where an incorrect RGB
profile would make image uploads fail. I fixed this by using strpos
against the error message...but didn't check the return value
correctly.
That means that any error from gm/im was ignored. This caused people
to upload too large images and flood /b/ with 1 x 10000 pixel images
My fault, patched now. Sorry about that.
Conflicts:
inc/image.php
2014-10-12 10:23:03 +02:00
803c76a800
.x.x less confusing...will change to less_ip eventually
2014-10-11 20:37:58 +02:00
5d1b426fa3
fix bans.php on removing a ban by a semi-privileged mod
2014-10-11 20:13:05 +02:00
3a552e5b76
hopefully fix locales
2014-10-09 04:09:30 +02:00
dfd05e88f9
possible fix of themes` interactions
2014-10-09 03:57:18 +02:00
ef3bb46876
bans.php: surpress error
2014-10-09 02:00:31 +02:00
9b3fa77719
new banlist implementation; also includes a public banlist
2014-10-08 23:23:59 +02:00
c4dc3f4d47
Fix spoiler image not working
2014-10-07 04:33:57 +02:00
c7351dff09
4 times "elseif" is not the way
...
and precalc. value sometimes help if well commentent
2014-10-07 00:16:02 +02:00
aba8d27ace
wasn't aware of DNS function
2014-10-05 23:20:06 +02:00
1e95e58811
don't break if dns_system is true
2014-10-05 23:20:06 +02:00
8b9932218f
add forward-confirmed reverse DNS
2014-10-05 23:20:06 +02:00
8518164352
sync locales with transifex
2014-10-05 18:38:25 +02:00
97a25dad03
Merge pull request #102 from cable6-dev/bugfix-genwebmerror
...
[bugfix]$config['error']['genwebmerror'] wasn't set in config.php
2014-10-05 17:56:46 +02:00
d01d892896
Merge pull request #100 from cable6-dev/feature-hide-sage
...
Added an option to hide sages
2014-10-05 17:53:32 +02:00
42868c672a
Merge pull request #103 from cable6-dev/bug-fix-check_spoiler_size
...
Check spoiler_image size before ussuming it is 128×128px
2014-10-05 17:53:08 +02:00
3c2529e157
[bugfix]$config['error']['genwebmerror'] wasn't set in config.php
2014-10-05 15:35:52 +00:00
296e4fd5fa
Added an option to hide sages
2014-10-05 15:29:37 +00:00
fe60590d19
Check spoiler_image size before ussuming it is 128×128px
2014-10-05 15:26:28 +00:00
9cee5f6c61
[bugfix]ban appeals (was also present in tinyboard)
2014-10-05 12:53:02 +00:00
7c7a465966
Implement syntax highlighting
2014-09-28 23:06:18 +00:00
ef53af04ec
fix a recently added md5 api field
2014-09-27 11:31:30 +02:00
d27cddaacc
Add file hash to API
...
The API currently lacks the Base64 encoded file hash 4chan's API provides, which assists in file de-duplication by archive software.
2014-09-26 13:28:04 +02:00
7ea5b129e6
Fix thumbnail width/height in API
...
The API currently has the thumbnail widths and heights switched around
2014-09-26 13:27:49 +02:00
3b2f448102
restore compatibility with php < 5.5; fixes vichan-devel#86
2014-09-24 12:26:15 +02:00
ba49bc6c37
update locales
2014-09-24 03:48:46 +02:00
92183e8e39
add portuguese (portugal) translation by Chorizo
2014-09-21 08:37:16 +02:00
a1f26e8fd1
update locales
2014-09-21 04:52:18 +02:00
7288f1dec7
Fix last commit
2014-09-20 16:49:32 +00:00
23c73ca839
Allow the user to decide whether or not he wants to display his country
2014-09-20 16:35:28 +00:00
9070b061ee
Bug fix: users were banned from /0/ if they had a ban anywhere else
...
Conflicts:
inc/bans.php
2014-09-20 15:39:47 +00:00
4da5f4ec90
Merge pull request #79 from marlencrabapple/master
...
FFmpeg support for WebM uploads
2014-09-17 20:50:21 +02:00
306f4ef46b
Added escapeshellarg() for WebM thumbnail generation.
2014-09-15 16:57:06 -07:00
0a9de3deb5
FFmpeg support for WebMs. Fixes threads with large amounts of WebM's causing crashes for some users.
2014-09-15 16:34:36 -07:00
c1ecef3772
Added support for BSD md5 incase md5sum isn't available.
2014-09-15 16:33:37 -07:00
66e026b361
?/bans: fix pagination - can now see all bans on all boards if > $config[mod][banlist_page]
...
Conflicts:
inc/bans.php
2014-09-13 16:43:46 +00:00
53ada6a5ff
added option for showing the mod in ban page.
...
also fixes issue where the Staff is not shown in ban appeals.
2014-09-01 06:30:33 +08:00
1b62fbea6f
added support for statcounter.com tracking code
2014-08-24 23:33:53 +02:00
d78dcd6ed6
fix a bug reported by Dudeman on #v-d
2014-08-21 04:27:47 +02:00
e28f233e3d
Close #51 : Prevent players from cheating the dice roller by using markup
2014-08-10 15:38:02 +00:00
1ea3da1db6
Merge Barrucadu/diceroll into master
2014-08-10 15:35:11 +00:00
czaks
8chan
Michael Walker
Matthieu
27chan
Matěj Grabovský
Anonke
Simon McFarlane
Jayme Brereton
Jason Puglisi
yeltsew7
clsr
wopot
Bui
kaf
hatstand0
Ian Bradley
Juan Tamad
Tomasz Konojacki