From d3110ea2d98925c3af9b9489bc7286e7bbf3965b Mon Sep 17 00:00:00 2001
From: Sanpaku <67713780+ithrts@users.noreply.github.com>
Date: Tue, 12 Oct 2021 07:30:29 +0200
Subject: [PATCH] captcha+ password+ quote+

some extra finishing touches to quote selection newlines
added a post.php generation time function
upgraded JS captcha functionality (keeping no-js captcha as before)
js/cookie post password
minor image margin change
---
 assets/css/Yotsuba B.css |  2 +-
 assets/js/main.js        | 74 +++++++++++++++++++++++++++++++++-------
 includes/functions.php   |  9 ++++-
 includes/inits.php       |  7 ++++
 post.php                 |  8 +++--
 templates/post-form.html | 17 +++++++--
 templates/reply.html     |  2 +-
 templates/thread.html    |  2 +-
 version                  |  2 +-
 9 files changed, 100 insertions(+), 23 deletions(-)

diff --git a/assets/css/Yotsuba B.css b/assets/css/Yotsuba B.css
index cd1df29..1837e84 100644
--- a/assets/css/Yotsuba B.css	
+++ b/assets/css/Yotsuba B.css	
@@ -117,7 +117,7 @@ div.container {
 
 div.post-image {
 	float: left;
-	margin: 4px 10px 10px 15px;
+	margin: 4px 15px 10px 15px;
 }
 
 div.post-image img {
diff --git a/assets/js/main.js b/assets/js/main.js
index 5de98b3..40a1293 100644
--- a/assets/js/main.js
+++ b/assets/js/main.js
@@ -1,17 +1,39 @@
 
 
 
-//captcha refresh code
+//captcha code
 document.addEventListener("DOMContentLoaded", function(event) { 
   if (captcha_required = true) {
     if (document.getElementById("captcha")) {
-    var refreshButton = document.querySelector("#captcha");
-      refreshButton.onclick = function() {
-        document.querySelector("#captcha").src = install_location + '/captcha.php?' + Date.now();
-        document.querySelector("#captcha-field").value = '';
+    //load JS version of captcha.
+    const captcha_image = document.querySelector("#captcha");
+    const captcha_field = document.querySelector("#captcha-field");
+    document.getElementById("load-captcha").onclick = function() {
+      if (document.querySelector("details.js-captcha").open == false) {
+        captcha.src = captcha.getAttribute('js-src') + '?' + Date.now();
+        captcha_field.value = '';
+        captcha_field.focus();
+      } else {
+        captcha.src = '';
+        captcha_field.value = '';
+      }
+    }
+      //refresh
+    captcha_image.onclick = function() {
+      captcha.src = install_location + '/captcha.php?' + Date.now();
+      captcha_field.value = '';
+      captcha_field.focus();
+    }
+    captcha_field.onclick = function() {
+      if (captcha.src == location.href || captcha.src == '') { //if empty, yes this is weird it goes to href when emptied out by js, but '' if never changed before.
+        document.querySelector("details.js-captcha").open = true;
+        captcha.src = install_location + '/captcha.php?' + Date.now();
+        captcha_field.value = '';
+        captcha_field.focus();
       }
     }
 
+    }
   }
 });
 
@@ -63,20 +85,42 @@ document.addEventListener("DOMContentLoaded", function(event) {
   }
 });
 
+//generate and save an insecure post deletion password
+document.addEventListener("DOMContentLoaded", function(event) {
+  if (document.getElementById("post_password")) { //only when post-form is on
+    if (localStorage.post_password != null) {
+      document.getElementById("post_password").value = localStorage.post_password;
+      let passwords = document.querySelectorAll("[type='password']");
+       for (const password of passwords) { 
+        password.value = localStorage.post_password;
+       }
+    } else {
+      localStorage.post_password = Math.random().toString(22).substr(2, 10); //generate
+      document.getElementById("post_password").value = localStorage.post_password;
+    }
+  }
+});
+
 //post quoting
 document.addEventListener("DOMContentLoaded", function(event) { 
-  if (document.querySelector('body.thread')) { //Only allow post-quoting if thread is open.
       //cite number + text if selected
       function cite(id) {
           const textArea = document.getElementById('body');
           if (!textArea) {
               return false;
-          }  
-              document.getElementById('post-form').scrollIntoView();
-              textArea.value += `>>${id}\n`;
-              const selection = window.getSelection().toString();
-          if (selection) {
+          }
+          document.getElementById('post-form').scrollIntoView();
+          textArea.value += `\n>>${id}\n`;
+          if (localStorage.getItem("text-selection")) {
+            var selection = localStorage.getItem("text-selection");
+          } else {
+            var selection = window.getSelection().toString();
+          }
+          textArea.value = textArea.value.replace(/^\n/, ''); //cleanup if post begins with newline 
+          if (selection != '') {
               textArea.value += `>${selection.split("\n").join("\n>")}\n`;
+              textArea.value = textArea.value.replace('> ', ''); //cleanup sometimes gets a space before the quote
+              textArea.value = textArea.value.replace('\n>\n', '\n'); //cleanup if it ends with \n>\n then remove cuz it does that if u doubleclick to select on edge
           }
               textArea.focus();
       }
@@ -88,6 +132,7 @@ document.addEventListener("DOMContentLoaded", function(event) {
           if (regex.test(hash) == true) { //if #q123
             var hash = hash.substr(1); //remove q
             cite(hash);
+            localStorage.removeItem("text-selection");
           }
       }
 
@@ -95,11 +140,14 @@ document.addEventListener("DOMContentLoaded", function(event) {
       const posts = document.querySelectorAll("[num]");
       for (const post of posts) { 
         post.addEventListener("click", (event) => {
-          event.preventDefault();
+          if (document.querySelector('body.thread')) {
+            event.preventDefault();
+          } else {
+            localStorage.setItem("text-selection", window.getSelection().toString());
+          }
           cite(post.getAttribute('num'));
         });
       }
-  };
 });
 
 
diff --git a/includes/functions.php b/includes/functions.php
index 2ac992e..2c9a799 100644
--- a/includes/functions.php
+++ b/includes/functions.php
@@ -135,7 +135,7 @@ function formatBytes($size) {
         return round($size, 1).$units[$i];
 }
 
-function PostSuccess($redirect = false, $auto = true) {
+function PostSuccess($redirect = false, $auto = true, $time= false) {
 
 	//TO DO: redirect to $post_board+thread parameter
 	require 'default.php'; //sets defaults
@@ -171,6 +171,13 @@ function PostSuccess($redirect = false, $auto = true) {
 	echo '<body current_page="message">';
 	echo '<div class="message">Sugoi!! Post success!!</div>';
 	echo '</body>';
+	echo '<div class="footer" style="position:absolute;bottom:20;width:99%;">';
+	if ($time != false) {
+		$end_time = microtime(true);
+		$generation_time = round($end_time - $time, 5);
+		echo '<p class="small">Post generated in ' . $generation_time . ' seconds.</p>';
+	}
+	echo '</div>';
 	echo '</html>';
 
 	exit();
diff --git a/includes/inits.php b/includes/inits.php
index 980bf43..5f7f4bd 100644
--- a/includes/inits.php
+++ b/includes/inits.php
@@ -117,6 +117,13 @@ if (isset($_GET["board"]) && htmlspecialchars($_GET["board"]) != '') {
 	}
 }
 
+if (!isset($_COOKIE['post_password'])) { //if no password cookie
+	$genpw = (rand() + time());
+	if (!isset(($_POST['password'])) || (($_POST['password']) == '')) {
+	$_POST['password'] = $genpw;
+	}
+	setcookie("post_password", $_POST['password'], 0,  $cookie_location, $domain, isset($_SERVER["HTTPS"]), true);
+}
 
 
 if (isset(($_POST['password'])) && (($_POST['password']) !== '')) {
diff --git a/post.php b/post.php
index c6a7136..f5186c4 100644
--- a/post.php
+++ b/post.php
@@ -2,6 +2,10 @@
 
 require 'require.php';
 
+if ($config['generated_in'] != true) {
+	$start_time = false;
+}
+
 if (!isset($_POST['board'])) {
 	//error('No board selected.');
 	$_POST['board'] = array_key_first($config['boards']); //set a board and allow seeing bans instead:
@@ -289,7 +293,7 @@ if ((isset($post_board)) && (isset($_POST['index']))) {
 	UpdateThreads($database_folder, $post_board, $current_count); //update recents.php and board bumps.
 	UpdateRecents($database_folder, $post_board, $current_count, $recent_replies);
 	include $path . '/includes/update-frontpage.php';
-	PostSuccess($prefix_folder . $main_file . '/?board=' . $post_board . '&thread=' . $counter . '#' . $counter, true);
+	PostSuccess($prefix_folder . $main_file . '/?board=' . $post_board . '&thread=' . $counter . '#' . $counter, true, $start_time);
 	
 	}
 
@@ -367,7 +371,7 @@ if ((isset($post_board)) && (isset($_POST['thread']))) {
 		UpdateThreads($database_folder, $post_board, $current_count); //update recents.php and board bumps.
 		UpdateRecents($database_folder, $post_board, $post_thread_number, $recent_replies); //update recents.php and board bumps.
 		include $path . '/includes/update-frontpage.php';
-		PostSuccess($prefix_folder . $main_file . '/?board=' . $post_board . '&thread=' . $post_thread_number . '#' . $current_count, true);
+		PostSuccess($prefix_folder . $main_file . '/?board=' . $post_board . '&thread=' . $post_thread_number . '#' . $current_count, true, $start_time);
 		
 		}
 }
diff --git a/templates/post-form.html b/templates/post-form.html
index 7c69f36..ae9fd54 100644
--- a/templates/post-form.html
+++ b/templates/post-form.html
@@ -64,10 +64,21 @@
 	} else {
 		echo '<textarea name="body" id="body" rows="5" cols="30"></textarea>';
 	}
-	echo '<input style="height:1;width:1;float:right;visibility:hidden;" type="text" id="username" name="username" value=""></td></tr>';
+	echo '<input style="height:1;width:1;z-index:-10;margin-left:-100px;margin-top:5px;position: absolute;" type="text" id="username" name="username" value=""></td></tr>';
 	?>
 	<?php if ($captcha_required == (true) && ($current_page == ('thread') && ($info_locked != 1 || $config['mod']['post_in_locked'] <= $mod_level) || $current_page == ('index') || $current_page == ('catalog'))) {
-		echo '<tr><th>Verification</th><td><img height="50" width="198" id="captcha" src="' . $prefix_folder . '/captcha.php' .'"/><br><input id="captcha-field" type="text" name="captcha" minlength="6" maxlength="6" autocomplete="off" required></td>
+		echo '<tr><th>Verification</th><td>
+			<details class="js-captcha"><summary id="load-captcha">View Verification</summary>
+			<span class="js-captcha">
+				<img title="Click Here To Refresh" height="50" width="198" id="captcha" js-src="' . $prefix_folder . '/captcha.php' .'"/><br>
+			</span>
+			</details>
+			<noscript>
+				<style>.js-captcha { display:none }</style>
+				<img height="50" width="198" id="captcha" src="' . $prefix_folder . '/captcha.php' .'"/><br>
+			</noscript>
+			<input id="captcha-field" type="text" name="captcha" minlength="6" maxlength="6" autocomplete="off" required>
+		</td>
 		';
 	}?>
 
@@ -89,7 +100,7 @@
 	    <table>
 	    	<tr>
 	    		<th>Password</th>
-	    		<td><input type="password" name="password" size="25" maxlength="256" value=""></td>
+	    		<td><input id="post_password" type="password" name="password" size="25" maxlength="256" value="<?php echo $_COOKIE['post_password']; ?>"></td>
 	    	</tr>
 	    	<tr>
 	    		<th>Options</th>
diff --git a/templates/reply.html b/templates/reply.html
index 8834cb4..5a96c74 100644
--- a/templates/reply.html
+++ b/templates/reply.html
@@ -45,7 +45,7 @@
 					    		<input type="hidden" name="thread" value="' . $post_number_op . '"/>
 					    		<input type="hidden" name="reply" value="' . $post_number_reply . '"/>
 					    		<tr>
-									<td><input type="password" id="password_' . $post_number_reply . '" name="password" maxlength="256" placeholder="Password"></td>
+									<td><input type="password" id="password_' . $post_number_reply . '" name="password" maxlength="256" placeholder="Password" value="' . $_COOKIE['post_password'] . '"></td>
 									<td><input type="submit" name="delete" value="Delete"></td>
 									<td><label for="file_' . $post_number_reply . '"><input type="checkbox" id="file_' . $post_number_reply . '" name="file">File only</label></td>
 								</tr>
diff --git a/templates/thread.html b/templates/thread.html
index b93dd42..c69beab 100644
--- a/templates/thread.html
+++ b/templates/thread.html
@@ -159,7 +159,7 @@
 					    		<input type="hidden" name="thread" value="' . $post_number_op . '"/>
 					    		<input type="hidden" name="reply" value="' . $post_number_op . '"/>
 					    		<tr>
-									<td><input type="password" id="password_' . $post_number_op . '" name="password" maxlength="256" placeholder="Password"></td>
+									<td><input type="password" id="password_' . $post_number_op . '" name="password" maxlength="256" placeholder="Password" value="'. $_COOKIE['post_password'] . '"></td>
 									<td><input type="submit" name="delete" value="Delete"></td>
 									<td><label for="file_' . $post_number_op . '"><input type="checkbox" id="file_' . $post_number_op . '" name="file">File only</label></td>
 								</tr>
diff --git a/version b/version
index 11d622a..9fd9e4f 100644
--- a/version
+++ b/version
@@ -1 +1 @@
-0.93
\ No newline at end of file
+0.94
\ No newline at end of file