Fix commit 1c13ec98ba

- Unintentionally disabled that piece of code instead of removing adding
  the additional br tag that made double spaces between posts.
- add the postcontainers instead of post.reply (which is inside this
  container) to preserve the arrows

.gitignore

@@ -62,7 +62,7 @@ tf/
 /random/
 
 # Banners
-banners/*
+# banners/*
 !banners/lain-bottom.png
 
 #Fonts

inc/anti-bot.php

@@ -12,7 +12,12 @@ $logfile = "/tmp/lainchan_err.out";
 
 function print_err($s) {
   global $logfile;
-	file_put_contents($logfile, $s . "\n", FILE_APPEND);
+  $datetime = new Datetime();
+  file_put_contents(
+    $logfile,
+    $datetime->format(DateTime::ATOM) . " " . $s . "\n",
+    FILE_APPEND
+  );
 }
 
 function getStackTraceAsString() {
@@ -217,6 +222,13 @@ class AntiBot {
     // Use SHA1 for the hash
     return sha1($hash . $this->salt);
   }
+
+  public function printErrVars() { //DELETE ME
+    $inputs = $this->inputs;
+    ksort($inputs);
+
+    print_err("Antibot " . $this->hash() . " inputs: " . json_encode($inputs));
+  }
 }
 
 function _create_antibot($board, $thread) {
@@ -246,16 +258,56 @@ function _create_antibot($board, $thread) {
   $query->bindValue(':hash', $antibot->hash());
   $query->execute() or error(db_error($query));
 
+  //$antibot->printErrVars();
+
   return $antibot;
 }
 
+function dumpVars($extra_salt) {
+  global $config;
+
+  $json_repr = json_encode($_POST);
+  print_err("Check Spam POST data: " . $json_repr);
+
+  if ($json_repr === false) {
+    print_err("Could not jsonify POST data: " . json_last_error_message());
+  }
+
+    /*
+  foreach ($_POST as $name => $value) {
+        $is_valid_input = in_array($name, $config['spam']['valid_inputs']) ? "valid" : "invalid";
+        print_err(" $name: $value ($is_valid_input)");
+    }
+     */
+
+  if (!empty($extra_salt)) {
+    $extra_salt = implode(':', $extra_salt);
+  } else { 
+    $extra_salt = '';
+  }
+
+  print_err("extra_salt: $extra_salt");
+}
+
 function checkSpam(array $extra_salt = array()) {
   global $config, $pdo;
 
-	if (!isset($_POST['hash']))
-		return true;
+  #print_err("checkSpam start");
+  $extra_salt_orig = $extra_salt;
 
+  /*
+  if (!isset($_POST['hash'])) {
+    print_err("checkSpam: _POST array doesn't have key 'hash', check failed.");
+    dumpVars($extra_salt_orig);
+    return true;
+  }
+  */
+
+  if (isset($_POST['hash'])) {
     $hash = $_POST['hash'];
+  } else {
+    $hash = "";
+  }
 
   if (!empty($extra_salt)) {
     // create a salted hash of the "extra salt"
@@ -290,7 +342,14 @@ function checkSpam(array $extra_salt = array()) {
   // Use SHA1 for the hash
   $_hash = sha1($_hash . $extra_salt);
 
-	if ($hash != $_hash) {
+  if (empty($hash)) {
+    print_err("checkSpam: hash is either empty or was never present, check failed. Not flagging as spam however.");
+    dumpVars($extra_salt_orig);
+    // Ignore missing hash, because it was missing for some legitimate posters and bots tend to fill in any field.
+    return false;
+  } else if ($hash != $_hash) {
+    print_err("checkSpam: Hash values do not match! submitted hash value from POST data: $hash ; Computed hash value: $_hash");
+    dumpVars($extra_salt_orig);
     return true;
   }
 
@@ -299,7 +358,10 @@ function checkSpam(array $extra_salt = array()) {
   $query->execute() or error(db_error($query));
   if ((($passed = $query->fetchColumn(0)) === false) || ($passed > $config['spam']['hidden_inputs_max_pass'])) {
     // there was no database entry for this hash. most likely expired.
-		return true;
+    print_err("checkSpam: there was no database entry for this hash. most likely expired. $hash");
+    dumpVars($extra_salt_orig);
+    return $hash; // do not consider this a failure case. (I would rather a spam post than a false-positive tbqh)
+    //return true;
   }
 
   return $hash;

inc/api.php

@@ -45,7 +45,7 @@ class Api {
 
 		$this->threadsPageFields = array(
 			'id' => 'no',
-			'bump' => 'last_modified',
+			'bump' => 'bump',
 			'board' => 'board',
 		);
 
@@ -197,6 +197,7 @@ class Api {
 			$ips[] = $p->ip;
 		}
 		$apiPosts['posts'][0]['unique_ips'] = count(array_unique($ips));
+		$apiPosts['posts'][0]['last_modified'] = (empty($thread->posts) ? $thread : end($thread->posts))->time;
 
 		return $apiPosts;
 	}

inc/config.php

@@ -33,6 +33,8 @@
 
     // Enables captcha
     $config['securimage'] = false;
+    // Limits captcha to TOR users
+    $config['captcha_tor_only'] = false;
 
     // Global announcement -- the very simple version.
     // This used to be wrongly named $config['blotter'] (still exists as an alias).

inc/error.php

@@ -24,6 +24,42 @@ register_shutdown_function('fatal_error_handler');
 
 $error_recursion=false;
 
+
+
+/*
+ * Global anything is always a bad idea, but since all of this website's error handling comes
+ * down to calling this error function and quitting, we have no way of catching exceptions, for example
+ * during thumbnail creation.
+ *
+ * So push things to run in case of a crash into a list, and then run all of them in error.
+ *
+ * This will be exclusive to callbacks for posting a post callflow, not mod actions or anything else.
+ */
+function global_post_cleanup() {
+    global $post_cleanup_list;
+
+    foreach ($post_cleanup_list as $f) {
+        $f();
+    }
+
+    unset($post_cleanup_list);
+}
+
+function push_global_post_cleanup($f) {
+    global $post_cleanup_list;
+
+    if (!isset($post_cleanup_list)) {
+        $post_cleanup_list = array($f);
+    } else {
+        array_push($post_cleanup_list, $f);
+    }
+}
+
+function init_global_post_cleanup() {
+    global $post_cleanup_list;
+    $post_cleanup_list = array();
+}
+
 function error($message, $priority = true, $debug_stuff = false) {
     global $board, $mod, $config, $db_error, $error_recursion;
 
@@ -75,11 +111,14 @@ function error($message, $priority = true, $debug_stuff = false) {
             $data['debug']=$debug_stuff;
         }
         print json_encode($data);
+        global_post_cleanup();
         exit();
     }
 
     header($_SERVER['SERVER_PROTOCOL'] . ' 500 Internal Server Error');
 
+    global_post_cleanup();
+
     die(Element('page.html', array(
         'config' => $config,
         'title' => _('Error'),

inc/functions.php

@@ -2905,3 +2905,34 @@ function strategy_first($fun, $array) {
         return array('defer');
     }
 }
+
+function ipIsLocal($ip) {
+    // Define the local IP ranges commonly used in private networks
+    $localRanges = [
+        '10.0.0.0/8',       // Private network range 10.0.0.0 to 10.255.255.255
+        '172.16.0.0/12',    // Private network range 172.16.0.0 to 172.31.255.255
+        '192.168.0.0/16',   // Private network range 192.168.0.0 to 192.168.255.255
+        '127.0.0.0/8',      // Loopback range for localhost
+        '169.254.0.0/16'    // Link-local addresses
+    ];
+
+    foreach ($localRanges as $range) {
+        if (ipInRange($ip, $range)) {
+            return true;
+        }
+    }
+
+    return false;
+}
+
+function ipInRange($ip, $range) {
+    // Split the range to get the base IP and the netmask
+    list($baseIP, $netmask) = explode('/', $range);
+    // Convert IPs into long format for easy comparison
+    $ipLong = ip2long($ip);
+    $rangeLong = ip2long($baseIP);
+    $maskLong = ~((1 << (32 - $netmask)) - 1);
+
+    // Check if the IP is in the given range
+    return (($ipLong & $maskLong) == ($rangeLong & $maskLong));
+}

inc/image.php

@@ -171,12 +171,13 @@ class ImageBase extends ImageGD {
         $this->width = $width;
         $this->height = $height;
         
-		if (method_exists($this, 'resize'))
+        if (method_exists($this, 'resize')) {
             $this->resize();
-		else
+        } else {
             // use default GD functions
             $this->GD_resize();
         }
+    }
 }
 
 class ImageImagick extends ImageBase {
@@ -339,6 +340,24 @@ class ImageConvert extends ImageBase {
         $this->temp = false;
     }
 
+    // Returns true if there is a real error and false if it's just a warning
+    // (appilcable to the return text of the `gm convert` command only)
+    public static function actualErrorOrJustWarning($message_string) {
+        $warnings = array(
+            "known incorrect sRGB profile",
+            "iCCP: Not recognizing known sRGB profile that has been edited",
+            "sRGB: cHRM chunk does not match sRGB"
+        );
+
+        foreach ($warnings as $w) {
+            if (strpos($message_string, $w) !== False) {
+                return False;
+            }
+        }
+
+        return True;
+    }
+
     public function resize() {
         global $config;
         
@@ -390,20 +409,25 @@ class ImageConvert extends ImageBase {
                 $convert_args = str_replace('-auto-orient', '', $config['convert_args']);
             else
                 $convert_args = &$config['convert_args'];
-			if (($error = shell_exec_error(($this->gm ? 'gm ' : '') . 'convert ' .
-				sprintf($convert_args,
+
+            $full_convert_cmd =
+                ($this->gm ? 'gm ' : '') . 'convert ' .
+                sprintf(
+                    $convert_args,
                     $this->width,
                     $this->height,
                     escapeshellarg($this->src . '[0]'),
                     $this->width,
                     $this->height,
-					escapeshellarg($this->temp)))) || !file_exists($this->temp)) {
+                    escapeshellarg($this->temp)
+                );
 
-					if (strpos($error, "known incorrect sRGB profile") === false &&
-                                            strpos($error, "iCCP: Not recognizing known sRGB profile that has been edited") === false) {
+            if (($error = shell_exec_error($full_convert_cmd)) || !file_exists($this->temp)) {
+                if (ImageConvert::actualErrorOrJustWarning($error)) {
                     $this->destroy();
                     error(_('Failed to resize image!')." "._('Details: ').nl2br(htmlspecialchars($error)), null, array('convert_error' => $error));
                 }
+
                 if (!file_exists($this->temp)) {
                     $this->destroy();
                     error(_('Failed to resize image!'), null, $error);

inc/instance-config.php

@@ -22,6 +22,7 @@ $config['boards'] = array(
     'edu',
     'ga',
     'ent',
+    'music',
     '777',
     'posad',
     'i',
@@ -41,7 +42,7 @@ $config['prepended_foreign_boards'] = array(
 
 // Board categories. Only used in the "Categories" theme.
 $config['categories'] = array(
-  'Leftypol' => array(
+  'Boards' => array(
     'leftypol',
     'b',
     'WRK',
@@ -50,6 +51,7 @@ $config['categories'] = array(
     'edu',
     'ga',
     'ent',
+    'music',
     '777',
     'posad',
     'i',
@@ -64,19 +66,19 @@ $config['categories'] = array(
 // with non-board links.
 $config['custom_categories'] = array(
     'Links' => array(
-        'New Multitude' => 'https://newmultitude.org/',
-        'Booru image repository' => 'https://lefty.booru.org/',
-        'Leftypedia' => 'https://leftypedia.org/',
+        'New Multitude' => 'https://newmultitude.org',
+        'Booru image repository' => 'https://lefty.pictures',
         'Official chat room' => 'https://talk.leftychan.net/#/room/#welcome:matrix.leftychan.net',
-        'Gitea instance' => 'https://git.leftychan.net',
+        'Nukechan' => 'https://nukechan.net',
+        #'Gitea instance' => 'https://git.leftychan.net',
         'Rules' => 'rules.html',
         'Search' => 'search.php',
     ),
     'Learning resources and blogs' => array(
-        'Michael Roberts\' blog' => 'https://thenextrecession.wordpress.com/',
-        'A Critique Of Crisis Theory blog' => 'https://critiqueofcrisistheory.wordpress.com/',
-        'Leftypedia' => 'https://leftypedia.org/',
-        'Marxist Internet Archive' => 'https://www.marxists.org/'
+        'Michael Roberts\' blog' => 'https://thenextrecession.wordpress.com',
+        'A Critique Of Crisis Theory blog' => 'https://critiqueofcrisistheory.wordpress.com',
+        'Leftypedia' => 'https://wiki.leftypol.org',
+        'Marxist Internet Archive' => 'https://www.marxists.org'
     ),
 );
 
@@ -132,7 +134,8 @@ $config['post_date'] = '%F (%a) %T';
 
 $config['thread_subject_in_title'] = true;
 
-$config['spam']['enabled'] = false;
+$config['spam']['enabled'] = true;
+$config['spam']['hidden_inputs_expire'] = 60 * 60 * 24 * 120; //keep hashes for 120 days in the database just in case someone posts on a slow board.
 $config['spam_noticer']['enabled'] = true;
 $config['spam_noticer']['base_url'] = 'http://localhost:8300';
 $config['spam_noticer']['ui_url'] = 'https://spamnoticer.leftychan.net/static/index.html';
@@ -142,7 +145,8 @@ $config['spam_noticer']['website_name'] = "leftychan";
 /*
  * Basic captcha. See also: captchaconfig.php
  */
-$config['securimage'] = false;
+$config['securimage'] = true;
+$config['captcha_tor_only'] = true;
 
 /*
  * Permissions
@@ -209,6 +213,7 @@ $config['allowed_ext_files'][] = 'pdf';
 $config['allowed_ext_files'][] = 'txt';
 $config['allowed_ext_files'][] = 'epub';
 $config['allowed_ext_files'][] = 'djvu';
+$config['allowed_ext_files'][] = 'opus';
 // Compressed files
 $config['allowed_ext_files'][] = 'zip';
 $config['allowed_ext_files'][] = 'gz';
@@ -257,6 +262,7 @@ $config['user_flags'] = array (
     'egalitarianism' => 'Egalitarianism',
     'egoism' => 'Egoism',
     'eristocracy' => 'Έριστοκρατία',
+    'Eurasianism' => 'Eurasianism',
     'eureka' => 'Eureka',
     'eurocommunism' => 'Eurocommunism',
     'farc' => 'Las FARC',
@@ -280,9 +286,10 @@ $config['user_flags'] = array (
     'luck_o_the_irish' => 'Luck O\' The Irish',
     'luxemburg' => 'Luxemburg',
     'marx' => 'Marx',
+    'marxism_blackpilism' => 'Marxism Blackpillism',
     'mutualism' => 'Mutualism',
     'naxalite' => 'Naxalite',
-    'nazbol' => 'Nazbol',
+    'nazbol' => 'National Bolshevik',
     'nazi' => 'Nazi',
     'ndfp' => 'NDFP',
     'palestine' => 'Palestine',
@@ -309,13 +316,14 @@ $config['user_flags'] = array (
     'syndicalism' => 'Syndicalism',
     'tankie' => 'Tankie',
     'technocracy' => 'Technocracy',
+    'The_Other_Russia' => 'The Other Russia',
     'think' => 'Think',
     'transhumanism' => 'Transhumanism',
     'united_farm_workers' => 'United Farm Workers',
     'viet_cong' => 'Viet Cong',
     'ypg' => 'YPG',
     'yugoslavia' => 'Yugoslavia',
-    'zapatista' => 'Zapatista'
+    'zgang' => 'Z Gang'
 );
 
 
@@ -589,5 +597,5 @@ $config['filters'][] = array(
     'message' => 'New threads are being created too quickly. Wait [at most] 10 minutes'
 );
 
-$config['global_message'] = '<span><a href="https://talk.leftychan.net/#/room/#welcome:matrix.leftychan.net" class="">Matrix</a></span> &nbsp; <span><a href="ircs://irc.leftychan.net:6697/#leftychan" class="">IRC Chat</a></span> &nbsp; <span><a href="mumble://leftychan.net" class="">Mumble</a></span> &nbsp; <span><a href="https://t.me/+RegtyzzrE0M1NDMx" class="">Telegram</a></span> &nbsp; <span><a href="https://discord.gg/AcZeFKXPmZ" class="">Discord</a></span>';
+$config['global_message'] = '<span><a href="https://talk.leftychan.net/#/room/#welcome:matrix.leftychan.net">Matrix</a></span> &nbsp; <span><a href="ircs://irc.leftychan.net:6697/#leftychan">IRC Chat</a></span> &nbsp; <span><a href="mumble://leftychan.net">Mumble</a></span> &nbsp; <span><a href="https://t.me/+RegtyzzrE0M1NDMx">Telegram</a></span> &nbsp; <span><a href="https://discord.gg/AcZeFKXPmZ">Discord</a></span>';
 $config['debug'] = false;

inc/lib/securimage/securimage.php

@@ -338,6 +338,8 @@ class Securimage
 
     /*%*********************************************************************%*/
     // Properties
+    public $config_file;
+    public $gdnoisecolor;
 
     /**
      * The width of the captcha image
@@ -2232,9 +2234,9 @@ class Securimage
         $py       = array(); // y coordinates of poles
         $rad      = array(); // radius of distortion from pole
         $amp      = array(); // amplitude
-        $x        = ($this->image_width / 4); // lowest x coordinate of a pole
+        $x        = round($this->image_width / 4); // lowest x coordinate of a pole
         $maxX     = $this->image_width - $x;  // maximum x coordinate of a pole
-        $dx       = mt_rand($x / 10, $x);     // horizontal distance between poles
+        $dx       = mt_rand(intval($x / 10), $x);     // horizontal distance between poles
         $y        = mt_rand(20, $this->image_height - 20);  // random y coord
         $dy       = mt_rand(20, $this->image_height * 0.7); // y distance
         $minY     = 20;                                     // minimum y coordinate
@@ -2277,7 +2279,7 @@ class Securimage
                 $x *= $this->iscale;
                 $y *= $this->iscale;
                 if ($x >= 0 && $x < $width2 && $y >= 0 && $y < $height2) {
-                    $c = imagecolorat($this->tmpimg, $x, $y);
+                    $c = imagecolorat($this->tmpimg, intval($x), intval($y));
                 }
                 if ($c != $bgCol) { // only copy pixels of letters to preserve any background image
                     imagesetpixel($this->im, $ix, $iy, $c);
@@ -2298,7 +2300,7 @@ class Securimage
 
             $theta = ($this->frand() - 0.5) * M_PI * 0.33;
             $w = $this->image_width;
-            $len = mt_rand($w * 0.4, $w * 0.7);
+            $len = mt_rand(intval($w * 0.4), intval($w * 0.7));
             $lwid = mt_rand(0, 4);
 
             $k = $this->frand() * 0.6 + 0.2;
@@ -2318,7 +2320,7 @@ class Securimage
             for ($i = 0; $i < $n; ++ $i) {
                 $x = $x0 + $i * $dx + $amp * $dy * sin($k * $i * $step + $phi);
                 $y = $y0 + $i * $dy - $amp * $dx * sin($k * $i * $step + $phi);
-                imagefilledrectangle($this->im, $x, $y, $x + $lwid, $y + $lwid, $this->gdlinecolor);
+                imagefilledrectangle($this->im, intval($x), intval($y), intval($x + $lwid), intval($y + $lwid), $this->gdlinecolor);
             }
         }
     }

inc/mod/auth.php

@@ -6,6 +6,8 @@
 
 defined('TINYBOARD') or exit;
 
+require_once 'inc/mod/pages.php';
+
 // create a hash/salt pair for validate logins
 function mkhash($username, $password, $salt = false) {
 	global $config;

inc/mod/pages.php

@@ -1501,6 +1501,7 @@ function mod_move($originBoard, $postID) {
         } else {
             deletePost($postID);
             buildIndex();
+            rebuildThemes('post', $originBoard);
 
             openBoard($targetBoard);
             header('Location: ?/' . sprintf($config['board_path'], $newboard['uri']) . $config['dir']['res'] . link_for($op, false, $newboard), true, $config['redirect_http']);
@@ -1562,7 +1563,7 @@ function mod_merge($originBoard, $postID) {
             }
         }
 
-        if ($targetBoard === $originBoard){
+        if ($targetBoard === $originBoard) {
             // Just update the thread id for all posts in the original thread to new op
             $query = prepare(sprintf('UPDATE ``posts_%s`` SET `thread` = :newthread WHERE `id` = :oldthread OR `thread` = :oldthread', $originBoard));
             $query->bindValue(':newthread', $targetOp, PDO::PARAM_INT);
@@ -1586,8 +1587,7 @@ function mod_merge($originBoard, $postID) {
 
             // redirect
             header('Location: ?/' . sprintf($config['board_path'], $board['uri']) . $config['dir']['res'] . link_for($newpost) . '#' . $targetOp, true, $config['redirect_http']);
-        }
-            else {
+        } else {
             // Move thread to new board without shadow thread and then update the thread id for all posts in that thread to new op
             // indicate that the post is a thread
             if (count($boards) <= 1)
@@ -1726,6 +1726,7 @@ function mod_merge($originBoard, $postID) {
             deletePost($postID);
             modLog("Deleted post #{$postID}");
             buildIndex();
+            rebuildThemes('post', $originBoard);
 
             openBoard($targetBoard);
             // Just update the thread id for all posts in the original thread to new op

js/expand.js

@@ -28,14 +28,14 @@ $(document).ready(function(){
 					context: document.body,
 					success: function(data) {
 						var last_expanded = false;
-						$(data).find('div.post.reply').each(function() {
+						$(data).find('div.postcontainer').each(function() {
 							thread.find('div.hidden').remove();
 							var post_in_doc = thread.find('#' + $(this).attr('id'));
 							if(post_in_doc.length == 0) {
 								if(last_expanded) {
-									$(this).addClass('expanded').insertAfter(last_expanded).before('<br class="expanded">');
+									$(this).addClass('expanded').insertAfter(last_expanded);
 								} else {
-									$(this).addClass('expanded').insertAfter(thread.find('div.post:first')).after('<br class="expanded">');
+									$(this).addClass('expanded').insertAfter(thread.find('div.post:first'));
 								}
 								last_expanded = $(this);
 								$(document).trigger('new_post', this);

log.php

@@ -1,6 +1,6 @@
 <?php
-include 'inc/functions.php';
-include 'inc/mod/pages.php';
+require_once 'inc/functions.php';
+require_once 'inc/mod/pages.php';
 
 if (!isset($_GET['board']) || !preg_match("/{$config['board_regex']}/u", $_GET['board'])) {
 	http_response_code(400);

post.php

@@ -457,6 +457,8 @@ function validate_images(array $post_array) {
 function handle_post(){
     global $config,$dropped_post,$board, $mod,$pdo;
 
+    init_global_post_cleanup();
+
     if (!isset($_POST['body'], $_POST['board']) && !$dropped_post) {
         error($config['error']['bot']);
     }
@@ -511,7 +513,11 @@ function handle_post(){
             }
         }
 
-        if(isset($config['securimage']) && $config['securimage']){
+        if((isset($config['securimage']) && $config['securimage'])
+            && (
+                !(isset($config['captcha_tor_only']) && $config['captcha_tor_only'])
+                || ipIsLocal($_SERVER['REMOTE_ADDR'])
+                )){
 
             if(!isset($_POST['captcha'])){
                 error($config['error']['securimage']['missing']);
@@ -1032,6 +1038,17 @@ function handle_post(){
 
         $spam_noticer_result = checkWithSpamNoticer($config, $post, $board['uri']);
 
+        /*
+         * If we have an error with posting this later, send back the
+         * delete token to spamnoticer to remove the post from the recent
+         * posts table. (see error.php for the error cleanup function)
+         */
+        $f_spamnoticer_cleanup_on_err = function() use ($config, $delete_token) {
+            removeRecentPostFromSpamnoticer($config, array($delete_token));
+        };
+
+        push_global_post_cleanup($f_spamnoticer_cleanup_on_err);
+
         if ($spam_noticer_result->succeeded && $spam_noticer_result->noticed) {
           error($config['error']['spam_noticer'] . $spam_noticer_result->reason);
         }

stylesheets/bunker_like.css

@@ -6,7 +6,26 @@ body {
     background: #1D1F21;
     color: #ACACAC;
     font-family: Courier, monospace;
-	font-size: 13px;
+    font-size: 15px;
+}
+
+.theme-catalog .replies {
+    font-family: serif;
+}
+
+div.post div.body {
+    font-family: serif;
+}
+
+span.heading {
+    font-size: 15px;
+}
+
+.theme-catalog .replies .meta,
+.theme-catalog .replies .intro,
+div.post div.body a,
+div.post div.body .toolong {
+    font-family: Courier, monospace;
 }
 
 /* LINKS */
@@ -24,16 +43,16 @@ div.pages a.selected {
 
 /* INTRO */
 h1, div.title, header div.subtitle {
-	color: #663E11;
+    color: #FFB300;
     font-family: Courier, monospace;
 }
 h1 {
-	font-size: 24pt;
-	font-weight: normal;
+    font-size: 18pt;
+    font-weight: bold;
     letter-spacing: 0px;
 }
 header div.subtitle {
-	font-size: 12pt;
+    font-size: 10pt;
 }
 
 /* FORMS AND BUTTONS */
@@ -44,34 +63,51 @@ div.banner {
 form table {
     border: 1px dashed #117743;
     padding-right: 1px;
+    border-radius: 3px;
 }
 form table tr th {
     background: #282A2E;
     border: 1px solid #117743;
-	border-radius: 5px;
+    border-radius: 2px;
+    padding: 3px;
 }
+
 input[type="text"], input[type="password"], textarea, select {
     border: 1px double #07371F;
-	border-radius: 5px;
+    border-radius: 2px;
     background: #282A2E;
     color: #ACACAC;
     font-family: Courier, monospace;
+    margin: 0 1px;
+    padding: 3px !important;
+    box-sizing: border-box;
 }
+
 input[type="text"]:focus, input[type="password"]:focus, textarea:focus {
     box-shadow: 0px 0px 5px 2px #117743;
 }
+
 input[type="submit"] {
     border: 3px double #07371F;
-	border-radius: 5px;
-  background: #16171A;
+    border-radius: 2px;
+    background-color: #07371F;
     color: #ACACAC;
     font-family: Courier, monospace;
     font-weight: bold;
+    font-size: 16px;
 }
+
+input[type="submit"]:hover {
+    border-color: #117743;
+    background-color: #117743;
+}
+
 .dropzone {
     background: #16171A;
-	border: 3px double #07371F;
+    border: 1px solid #07371F;
     color: #ACACAC;
+    border-radius: 2px;
+    margin: 0 2px;
 }
 .dropzone .file-hint {
     color: #ACACAC;
@@ -113,12 +149,12 @@ fieldset {
 div.post.reply {
     background: #282A2E;
     border: 1px solid #117743;
-	border-radius: 5px;
+    border-radius: 2px;
 }
 div.post.reply.highlighted {
     background: rgba(59, 22, 43, 0.4);
     border: 1px solid #117743;
-	border-radius: 5px;
+    border-radius: 2px;
 }
 
 /* POST CONTENT */
@@ -159,8 +195,8 @@ hr {
 .theme-catalog div.thread, .theme-catalog div.thread:hover {
     background: #282A2E;
     border: 1px solid #117743;
-	border-radius: 5px;
-	font-size: 10pt;
+    border-radius: 2px;
+    font-size: 11pt;
 }
 
 /* OPTIONS */
@@ -225,7 +261,7 @@ table thead th {
 }
 
 .theme-catalog .thread .meta {
-    font-size: 10pt;
+    font-size: 13px;
 }
 
 .theme-catalog .thread.grid-size-small .replies {

stylesheets/jungle.css

@@ -20,7 +20,9 @@ body {
 
 .bar.top {
     position: relative;
-    width: 100vw;
+    width: calc(100% + 8px);
+    box-sizing: border-box;
+    padding: 0 .25em;
     left: -4px;
 }
 

templates/post_form.html

@@ -5,13 +5,10 @@
     method="post"
     data-max-images="{{ config.max_images }}"
     >
-{{ antibot.html() }}
 {% if id %}<input type="hidden" name="thread" value="{{ id }}">{% endif %}
-{{ antibot.html() }}
 {% if board.uri not in config.overboards|keys %}
 <input type="hidden" name="board" value="{{ board.uri }}">
 {% endif %}
-{{ antibot.html() }}
 {% if current_page %}
 	<input type="hidden" name="page" value="{{ current_page }}">
 {% endif %}
@@ -103,15 +100,38 @@
 		</tr>
 		{% endif %}
 		{% if config.securimage %}
-		<tr>
+            <tr class="post_form_captcha_row">
                 <th>
                     Captcha
+                    {% if config.captcha_tor_only %}
+                    <br/>
+                    <small>Tor Only</small>
+                    {% endif %}
                 </th>
                 <td>
                     <img name="captcha-img" id="captcha-img" src="/captcha.php" onClick="this.src='/captcha.php?'+Date.now();document.getElementById('captcha').value = '';"><br />
                     <input type="text" name="captcha" id="captcha" size="25" maxlength="10" autocomplete="off">
                 </td>
             </tr>
+            {% if config.captcha_tor_only %}
+            <script>
+                (() => {
+                    function isHiddenService() {
+                        const hostname = window.location.hostname;
+                        return hostname.endsWith('.onion') || hostname.endsWith('.i2p');
+                    }
+
+                    function removeCaptchaField() {
+                        document.querySelectorAll('.post_form_captcha_row')
+                            .forEach(e => e.parentNode.removeChild(e));
+                    }
+
+                    if (!isHiddenService()) {
+                        removeCaptchaField();
+                    }
+                })();
+            </script>
+            {% endif %}
 		{% endif %}
 		{% if config.user_flag %}
 			<tr>
@@ -204,7 +224,6 @@
 			</td>
 		</tr>{% endif %}
 	</table>
-{{ antibot.html(true) }}
 <input type="hidden" name="hash" value="{{ antibot.hash() }}">
 </form>
 

templates/themes/categories/frames.html

@@ -8,23 +8,18 @@
     <link rel="stylesheet" media="screen" href="/stylesheets/bunker_like.css">
     <style type="text/css">
         .sidebar {
-          grid-column: 1;
+          grid-column: 1 / 3;
           grid-row: 1 / 3;
-            width: 200px;
-            border-right-color: gray;
-            border-right-style: solid;
-            border-width: 2px;
-            margin-right: 15px;
         }
         
         .introduction {
-          grid-column: 2 / 9;
+          grid-column: 3 / 9;
           grid-row: 1;
           width: 100%;
          }
          
         .content {
-          grid-column: 2 / 9;
+          grid-column: 3 / 9;
           grid-row: 2;
           width: 100%;
           max-width: 100%;
@@ -33,8 +28,8 @@
 
         body {
             display: grid;
-            grid-template-columns: repeat(auto-fill,minmax(200px, 1fr));
-            gap: 20px;
+            grid-template-columns: repeat(auto-fill,minmax(120px, 20%));
+            min-height: 100vh;
         }
         
         .modlog {
@@ -71,6 +66,16 @@
             font-weight: bold;
         }
 
+        footer {
+            grid-column: 1 / 9;
+        }
+
+        div.news.ban {
+            width: 100%;
+            max-width: 100%;
+            box-sizing: border-box;
+        }
+        
         @media (max-width:768px) {
             body{
                 display: grid;

templates/themes/categories/news.html

@@ -25,7 +25,7 @@
 	</header>
 </div>
 <div class="content">
-	<div class="ban">
+	<div class="ban news">
 		{% if not news %}
 			<p style="text-align:center" class="unimportant">{% trans %}(No news to show.){% endtrans %}</p>
 		{% else %}
@@ -98,14 +98,14 @@
 				</tbody>
 			</table>
 		{% endif %}
-	<footer>
+</div>
+<footer>
   <p class="unimportant" style="margin-top:20px;text-align:center;">- Tinyboard +
   <a href="https://engine.vichan.net/">vichan</a> {{ config.version }} -
   <br>Tinyboard Copyright &copy; 2010-2014 Tinyboard Development Group
   <br><a href="https://engine.vichan.net/">vichan</a> Copyright &copy; 2012-2016 vichan-devel
   <br><br>
   <br><b>Leftychan.net is not currently under investigation by any Federal, State, or Local Authorities.</b></p>
-	</footer>
-</div>
+</footer>
 {% endapply %}