mirror_php/Tinyboard
1
0
Fork 0
mirror of https://github.com/Circlepuller/Tinyboard.git synced 2025-04-22 15:21:57 +02:00
Code Issues Projects Releases Wiki Activity

Bug squashing!

Browse Source
This commit is contained in:
Daniel Saunders 2018-11-29 23:19:11 -05:00
parent bda344e1db
commit 3aad999359
4 changed files with 23 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
inc/bans.php
View File

@ -43,31 +43,31 @@ class Bans {
if (isset($matches[2])) {
// Years
$expire += $matches[2]*60*60*24*365;
$expire += (int)$matches[2]*60*60*24*365;
}
if (isset($matches[4])) {
// Months
$expire += $matches[4]*60*60*24*30;
$expire += (int)$matches[4]*60*60*24*30;
}
if (isset($matches[6])) {
// Weeks
$expire += $matches[6]*60*60*24*7;
$expire += (int)$matches[6]*60*60*24*7;
}
if (isset($matches[8])) {
// Days
$expire += $matches[8]*60*60*24;
$expire += (int)$matches[8]*60*60*24;
}
if (isset($matches[10])) {
// Hours
$expire += $matches[10]*60*60;
$expire += (int)$matches[10]*60*60;
}
if (isset($matches[12])) {
// Minutes
$expire += $matches[12]*60;
$expire += (int)$matches[12]*60;
}
if (isset($matches[14])) {
// Seconds
$expire += $matches[14];
$expire += (int)$matches[14];
}
return time() + $expire;

2
inc/functions.php
View File

@ -1063,7 +1063,7 @@ function post(array $post) {
}
if ($post['mod'] && isset($post['capcode']) && $post['capcode']) {
$query->bindValue(':capcode', $post['capcode'], PDO::PARAM_INT);
$query->bindValue(':capcode', $post['capcode'], PDO::PARAM_STR);
} else {
$query->bindValue(':capcode', null, PDO::PARAM_NULL);
}

4
inc/mod/auth.php
View File

@ -101,8 +101,8 @@ function login($username, $password) {
}
return $mod = array(
'id' => $user['id'],
'type' => $user['type'],
'id' => (int)$user['id'],
'type' => (int)$user['type'],
'username' => $username,
'hash' => mkhash($username, $user['password']),
'boards' => explode(',', $user['boards'])

19
post.php
View File

@ -7,9 +7,7 @@ require_once 'inc/functions.php';
require_once 'inc/anti-bot.php';
require_once 'inc/bans.php';
if ((!isset($_POST['mod']) || !$_POST['mod']) && $config['board_locked']) {
error("Board is locked");
}
$is_mod = isset($_POST['mod']) && $_POST['mod'];
if (isset($_POST['delete'])) {
// Delete
@ -34,6 +32,10 @@ if (isset($_POST['delete'])) {
// Check if board exists
if (!openBoard($_POST['board']))
error($config['error']['noboard']);
// Check if board locked
if (!$is_mod && $config['board_locked'])
error("Board is locked");
// Check if banned
checkBan($board['uri']);
@ -85,7 +87,6 @@ if (isset($_POST['delete'])) {
buildIndex();
$is_mod = isset($_POST['mod']) && $_POST['mod'];
$root = $is_mod ? $config['root'] . $config['file_mod'] . '?/' : $config['root'];
if (!isset($_POST['json_response'])) {
@ -117,6 +118,10 @@ if (isset($_POST['delete'])) {
// Check if board exists
if (!openBoard($_POST['board']))
error($config['error']['noboard']);
// Check if board locked
if (!$is_mod && $config['board_locked'])
error("Board is locked");
// Check if banned
checkBan($board['uri']);
@ -164,13 +169,12 @@ if (isset($_POST['delete'])) {
$query = prepare("INSERT INTO ``reports`` VALUES (NULL, :time, :ip, :board, :post, :reason)");
$query->bindValue(':time', time(), PDO::PARAM_INT);
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR'], PDO::PARAM_STR);
$query->bindValue(':board', $board['uri'], PDO::PARAM_INT);
$query->bindValue(':board', $board['uri'], PDO::PARAM_STR);
$query->bindValue(':post', $id, PDO::PARAM_INT);
$query->bindValue(':reason', $reason, PDO::PARAM_STR);
$query->execute() or error(db_error($query));
}
$is_mod = isset($_POST['mod']) && $_POST['mod'];
$root = $is_mod ? $config['root'] . $config['file_mod'] . '?/' : $config['root'];
if (!isset($_POST['json_response'])) {
@ -189,6 +193,9 @@ if (isset($_POST['delete'])) {
// Check if board exists
if (!openBoard($post['board']))
error($config['error']['noboard']);
if (!$is_mod && $config['board_locked'])
error("Board is locked");
if (!isset($_POST['name']))
$_POST['name'] = $config['anonymous'];