Conflicts:
	inc/functions.php
	inc/mod/pages.php
	install.php
	js/expand.js
	mod.php
This commit is contained in:
czaks 2013-07-31 02:30:44 -04:00
commit 96bcf5dd1e
15 changed files with 279 additions and 130 deletions

View File

@ -17,16 +17,21 @@ license. It is written in PHP and has few dependencies.
Requirements
------------
1. PHP >= 5.2.5
2. [mbstring](http://www.php.net/manual/en/mbstring.installation.php)
(--enable-mbstring)
3. [PHP-GD](http://php.net/manual/en/book.image.php)
4. [PHP-PDO](http://php.net/manual/en/book.pdo.php)
(only MySQL is supported at the moment)
2. MySQL server
3. [mbstring](http://www.php.net/manual/en/mbstring.installation.php)
4. [PHP GD](http://www.php.net/manual/en/intro.image.php)
5. [PHP PDO](http://www.php.net/manual/en/intro.pdo.php)
We try to make sure Tinyboard is compatible with all major web servers and
operating systems. Tinyboard does not include an Apache ```.htaccess``` file nor does
it need one.
### Recommended
1. PHP >= 5.3
2. MySQL server >= 5.5.3
3. ImageMagick or command-line version (```convert``` and ```identify```)
4. [APC (Alternative PHP Cache)](http://php.net/manual/en/book.apc.php), [XCache](http://xcache.lighttpd.net/) or [Memcached](http://www.php.net/manual/en/intro.memcached.php)
Contributing
------------
You can contribute to Tinyboard by:
@ -65,7 +70,7 @@ find support from a variety of sources:
* Documentation can be found [here](http://tinyboard.org/docs/).
* You can join Tinyboard's IRC channel for support and general queries:
[irc.datnode.net #tinyboard](irc://irc.datnode.net/tinyboard).
* You can find enterprise-grade support at [tinyboard.org](http://tinyboard.org/#support).
* You may find help at [tinyboard.org](http://tinyboard.org/#help).
License
--------

View File

@ -1051,6 +1051,8 @@
$config['mod']['createusers'] = ADMIN;
// View the moderation log
$config['mod']['modlog'] = ADMIN;
// View IP addresses of other mods in ?/log
$config['mod']['show_ip_modlog'] = ADMIN;
// View relevant moderation log entries on IP address pages (ie. ban history, etc.)
// Warning: Can be pretty resource exhaustive if your mod logs are huge.
$config['mod']['modlog_ip'] = MOD;
@ -1177,6 +1179,9 @@
// 'type' => 'scp'
//);
// Regex for board URIs
$config['board_regex'] = '[0-9a-zA-Z$_\x{0080}-\x{FFFF}]{1,58}';
// Complex regular expression to catch URLs
$config['url_regex'] = '/' . '(https?|ftp):\/\/' . '(([\w\-]+\.)+[a-zA-Z]{2,6}|\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})' . '(:\d+)?' . '(\/([\w\-~.#\/?=&;:+%!*\[\]@$\'()+,|\^]+)?)?' . '/';

View File

@ -51,12 +51,16 @@ function sql_open() {
try {
$options = array(
PDO::ATTR_TIMEOUT => $config['db']['timeout'],
PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8',
PDO::MYSQL_ATTR_USE_BUFFERED_QUERY => true
);
if ($config['db']['persistent'])
$options[PDO::ATTR_PERSISTENT] = true;
return $pdo = new PDO($dsn, $config['db']['user'], $config['db']['password'], $options);
$pdo = new PDO($dsn, $config['db']['user'], $config['db']['password'], $options);
if (mysql_version() >= 50503)
query('SET NAMES utf8mb4') or error(db_error());
else
query('SET NAMES utf8') or error(db_error());
return $pdo;
} catch(PDOException $e) {
$message = $e->getMessage();
@ -65,10 +69,21 @@ function sql_open() {
$message = str_replace($config['db']['password'], '<em>hidden</em>', $message);
// Print error
error('Database error: ' . $message);
error(_('Database error: ') . $message);
}
}
// 5.6.10 becomes 50610
function mysql_version() {
global $pdo;
$version = $pdo->getAttribute(PDO::ATTR_SERVER_VERSION);
$v = explode('.', $version);
if (count($v) != 3)
return false;
return (int) sprintf("%02d%02d%02d", $v[0], $v[1], $v[2]);
}
function prepare($query) {
global $pdo, $debug, $config;

View File

@ -235,7 +235,7 @@ function bidi_cleanup($str){
function secure_link_confirm($text, $title, $confirm_message, $href) {
global $config;
return '<a onclick="if (event.which==2) return true;if (confirm(\'' . htmlentities(addslashes($confirm_message)) . '\')) document.location=\'?/' . htmlentities(addslashes($href . '/' . make_secure_link_token($href))) . '\';return false;" title="' . htmlentities($title) . '" href="?/' . $href . '">' . $text . '</a>';
return '<a onclick="if (event.which==2) return true;if (confirm(\'' . htmlentities(addslashes($confirm_message)) . '\')) document.location=\'?/' . htmlspecialchars(addslashes($href . '/' . make_secure_link_token($href))) . '\';return false;" title="' . htmlentities($title) . '" href="?/' . $href . '">' . $text . '</a>';
}
function secure_link($href) {
return $href . '/' . make_secure_link_token($href);
@ -299,7 +299,7 @@ class Post {
// Fix internal links
// Very complicated regex
$this->body = preg_replace(
'/<a((([a-zA-Z]+="[^"]+")|[a-zA-Z]+=[a-zA-Z]+|\s)*)href="' . preg_quote($config['root'], '/') . '(' . sprintf(preg_quote($config['board_path'], '/'), '\w+') . ')/',
'/<a((([a-zA-Z]+="[^"]+")|[a-zA-Z]+=[a-zA-Z]+|\s)*)href="' . preg_quote($config['root'], '/') . '(' . sprintf(preg_quote($config['board_path'], '/'), $config['board_regex']) . ')/u',
'<a $1href="?/$4',
$this->body
);
@ -398,7 +398,7 @@ class Thread {
// Fix internal links
// Very complicated regex
$this->body = preg_replace(
'/<a((([a-zA-Z]+="[^"]+")|[a-zA-Z]+=[a-zA-Z]+|\s)*)href="' . preg_quote($config['root'], '/') . '(' . sprintf(preg_quote($config['board_path'], '/'), '\w+') . ')/',
'/<a((([a-zA-Z]+="[^"]+")|[a-zA-Z]+=[a-zA-Z]+|\s)*)href="' . preg_quote($config['root'], '/') . '(' . sprintf(preg_quote($config['board_path'], '/'), $config['board_regex']) . ')/u',
'<a $1href="?/$4',
$this->body
);

View File

@ -99,18 +99,18 @@ function loadConfig() {
'https?:\/\/' . $_SERVER['HTTP_HOST']) .
preg_quote($config['root'], '/') .
'(' .
str_replace('%s', '\w+', preg_quote($config['board_path'], '/')) .
str_replace('%s', $config['board_regex'], preg_quote($config['board_path'], '/')) .
'(' .
preg_quote($config['file_index'], '/') . '|' .
str_replace('%d', '\d+', preg_quote($config['file_page'])) .
')?' .
'|' .
str_replace('%s', '\w+', preg_quote($config['board_path'], '/')) .
str_replace('%s', $config['board_regex'], preg_quote($config['board_path'], '/')) .
preg_quote($config['dir']['res'], '/') .
str_replace('%d', '\d+', preg_quote($config['file_page'], '/')) .
'|' .
preg_quote($config['file_mod'], '/') . '\?\/.+' .
')([#?](.+)?)?$/i';
')([#?](.+)?)?$/ui';
} else {
// CLI mode
$config['referer_match'] = '//';
@ -367,6 +367,11 @@ function boardTitle($uri) {
function purge($uri) {
global $config, $debug;
// Fix for Unicode
$uri = urlencode($uri);
$uri = str_replace("%2F", "/", $uri);
$uri = str_replace("%3A", ":", $uri);
if (preg_match($config['referer_match'], $config['root']) && isset($_SERVER['REQUEST_URI'])) {
$uri = (str_replace('\\', '/', dirname($_SERVER['REQUEST_URI'])) == '/' ? '/' : str_replace('\\', '/', dirname($_SERVER['REQUEST_URI'])) . '/') . $uri;
} else {
@ -1429,6 +1434,9 @@ function markup(&$body, $track_cites = false) {
$body = str_replace("\r", '', $body);
$body = utf8tohtml($body);
if (mysql_version() < 50503)
$body = mb_encode_numericentity($body, array(0x010000, 0xffffff, 0, 0xffffff), 'UTF-8');
foreach ($config['markup'] as $markup) {
if (is_string($markup[1])) {
$body = preg_replace($markup[0], $markup[1], $body);
@ -1495,7 +1503,7 @@ function markup(&$body, $track_cites = false) {
}
// Cross-board linking
if (preg_match_all('/(^|\s)&gt;&gt;&gt;\/([\w.+]+?)\/(\d+)?([\s,.)?]|$)/m', $body, $cites, PREG_SET_ORDER | PREG_OFFSET_CAPTURE)) {
if (preg_match_all('/(^|\s)&gt;&gt;&gt;\/(' . $config['board_regex'] . 'f?)\/(\d+)?([\s,.)?]|$)/um', $body, $cites, PREG_SET_ORDER | PREG_OFFSET_CAPTURE)) {
if (count($cites[0]) > $config['max_cites']) {
error($config['error']['toomanycross']);
}

View File

@ -443,8 +443,8 @@ function mod_new_board() {
if ($_POST['title'] == '')
error(sprintf($config['error']['required'], 'title'));
#if (!preg_match('/^\w+$/', $_POST['uri']))
# error(sprintf($config['error']['invalidfield'], 'URI'));
if (!preg_match('/^' . $config['board_regex'] . '$/u', $_POST['uri']))
error(sprintf($config['error']['invalidfield'], 'URI'));
if (openBoard($_POST['uri'])) {
error(sprintf($config['error']['boardexists'], $board['url']));
@ -744,7 +744,8 @@ function mod_page_ip($ip) {
$boards = listBoards();
foreach ($boards as $board) {
openBoard($board['uri']);
if (!hasPermission($config['mod']['show_ip'], $board['uri']))
continue;
$query = prepare(sprintf('SELECT * FROM `posts_%s` WHERE `ip` = :ip ORDER BY `sticky` DESC, `id` DESC LIMIT :limit', $board['uri']));
$query->bindValue(':ip', $ip);
$query->bindValue(':limit', $config['mod']['ip_recentposts'], PDO::PARAM_INT);
@ -1418,7 +1419,7 @@ function mod_user($uid) {
$boards = array();
foreach ($_POST as $name => $value) {
if (preg_match('/^board_(\w+)$/', $name, $matches) && in_array($matches[1], $_boards))
if (preg_match('/^board_(' . $config['board_regex'] . ')$/u', $name, $matches) && in_array($matches[1], $_boards))
$boards[] = $matches[1];
}
}
@ -1539,7 +1540,7 @@ function mod_user_new() {
$boards = array();
foreach ($_POST as $name => $value) {
if (preg_match('/^board_(\w+)$/', $name, $matches) && in_array($matches[1], $_boards))
if (preg_match('/^board_(' . $config['board_regex'] . ')$/u', $name, $matches) && in_array($matches[1], $_boards))
$boards[] = $matches[1];
}
}
@ -2133,7 +2134,7 @@ function mod_debug_antispam() {
$where .= ' AND `thread` = ' . $pdo->quote($_POST['thread']);
if (isset($_POST['purge'])) {
$query = prepare('UPDATE `antispam` SET `expires` = UNIX_TIMESTAMP() + :expires WHERE' . $where);
$query = prepare(', DATE `antispam` SET `expires` = UNIX_TIMESTAMP() + :expires WHERE' . $where);
$query->bindValue(':expires', $config['spam']['hidden_inputs_expire']);
$query->execute() or error(db_error());
}

View File

@ -1,7 +1,7 @@
<?php
// Installation/upgrade file
define('VERSION', 'v0.9.6-dev-9 + <a href="https://github.com/vichan-devel/Tinyboard/">vichan-devel-4.0.5-gold</a>');
define('VERSION', 'v0.9.6-dev-11 + <a href="https://int.vichan.net/devel/">vichan-devel-4.0.6</a>');
require 'inc/functions.php';
@ -255,6 +255,115 @@ if (file_exists($config['has_installed'])) {
case 'v0.9.6-dev-9':
case 'v0.9.6-dev-9 + <a href="https://github.com/vichan-devel/Tinyboard/">vichan-devel-4.0.3</a>':
case 'v0.9.6-dev-9 + <a href="https://github.com/vichan-devel/Tinyboard/">vichan-devel-4.0.4-gold</a>':
case 'v0.9.6-dev-9 + <a href="https://github.com/vichan-devel/Tinyboard/">vichan-devel-4.0.5-gold</a>':
sql_open();
function __query($sql) {
if (mysql_version() >= 50503)
return query($sql);
else
return query(str_replace('utf8mb4', 'utf8', $sql));
}
foreach ($boards as &$board) {
__query(sprintf("ALTER TABLE `posts_%s`
CHANGE `subject` `subject` VARCHAR(100) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL,
CHANGE `email` `email` VARCHAR(30) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL,
CHANGE `name` `name` VARCHAR(35) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL,
CHANGE `trip` `trip` VARCHAR(15) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL,
CHANGE `capcode` `capcode` VARCHAR(50) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL,
CHANGE `body` `body` TEXT CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL,
CHANGE `body_nomarkup` `body_nomarkup` TEXT CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL,
CHANGE `thumb` `thumb` VARCHAR(50) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL,
CHANGE `thumbwidth` `thumbwidth` INT(11) NULL DEFAULT NULL,
CHANGE `thumbheight` `thumbheight` INT(11) NULL DEFAULT NULL,
CHANGE `file` `file` VARCHAR(50) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL,
CHANGE `filename` `filename` TEXT CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL,
CHANGE `filehash` `filehash` TEXT CHARACTER SET ascii COLLATE ascii_general_ci NULL DEFAULT NULL,
CHANGE `password` `password` VARCHAR(20) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL,
CHANGE `ip` `ip` VARCHAR(39) CHARACTER SET ascii COLLATE ascii_general_ci NOT NULL,
CHANGE `embed` `embed` TEXT CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL,
DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;", $board['uri'])) or error(db_error());
}
__query("ALTER TABLE `antispam`
CHANGE `board` `board` VARCHAR( 120 ) CHARACTER SET ASCII COLLATE ascii_general_ci NOT NULL ,
CHANGE `hash` `hash` CHAR( 40 ) CHARACTER SET ASCII COLLATE ascii_bin NOT NULL ,
DEFAULT CHARACTER SET ASCII COLLATE ascii_bin;") or error(db_error());
__query("ALTER TABLE `bans`
CHANGE `ip` `ip` VARCHAR( 39 ) CHARACTER SET ASCII COLLATE ascii_general_ci NOT NULL ,
CHANGE `reason` `reason` TEXT CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL ,
CHANGE `board` `board` VARCHAR( 120 ) CHARACTER SET ASCII COLLATE ascii_general_ci NULL DEFAULT NULL,
DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;") or error(db_error());
__query("ALTER TABLE `boards`
CHANGE `uri` `uri` VARCHAR( 120 ) CHARACTER SET ASCII COLLATE ascii_general_ci NOT NULL ,
CHANGE `title` `title` TINYTEXT CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL ,
CHANGE `subtitle` `subtitle` TINYTEXT CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL,
DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;") or error(db_error());
__query("ALTER TABLE `cites`
CHANGE `board` `board` VARCHAR( 120 ) CHARACTER SET ASCII COLLATE ascii_general_ci NOT NULL ,
CHANGE `target_board` `target_board` VARCHAR( 120 ) CHARACTER SET ASCII COLLATE ascii_general_ci NOT NULL ,
DEFAULT CHARACTER SET ASCII COLLATE ascii_general_ci;") or error(db_error());
__query("ALTER TABLE `ip_notes`
CHANGE `ip` `ip` VARCHAR( 39 ) CHARACTER SET ASCII COLLATE ascii_general_ci NOT NULL ,
CHANGE `body` `body` TEXT CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL ,
DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;") or error(db_error());
__query("ALTER TABLE `modlogs`
CHANGE `ip` `ip` VARCHAR( 39 ) CHARACTER SET ASCII COLLATE ascii_general_ci NOT NULL ,
CHANGE `board` `board` VARCHAR( 120 ) CHARACTER SET ASCII COLLATE ascii_general_ci NULL DEFAULT NULL ,
CHANGE `text` `text` TEXT CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL ,
DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;") or error(db_error());
__query("ALTER TABLE `mods`
CHANGE `username` `username` VARCHAR( 30 ) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL ,
CHANGE `password` `password` CHAR( 64 ) CHARACTER SET ASCII COLLATE ascii_general_ci NOT NULL COMMENT 'SHA256',
CHANGE `salt` `salt` CHAR( 32 ) CHARACTER SET ASCII COLLATE ascii_general_ci NOT NULL ,
CHANGE `boards` `boards` TEXT CHARACTER SET ASCII COLLATE ascii_general_ci NOT NULL ,
DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;") or error(db_error());
__query("ALTER TABLE `mutes`
CHANGE `ip` `ip` VARCHAR( 39 ) CHARACTER SET ASCII COLLATE ascii_general_ci NOT NULL ,
DEFAULT CHARACTER SET ASCII COLLATE ascii_general_ci;") or error(db_error());
__query("ALTER TABLE `news`
CHANGE `name` `name` TEXT CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL ,
CHANGE `subject` `subject` TEXT CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL ,
CHANGE `body` `body` TEXT CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL ,
DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;") or error(db_error());
__query("ALTER TABLE `noticeboard`
CHANGE `subject` `subject` TEXT CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL ,
CHANGE `body` `body` TEXT CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL ,
DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;") or error(db_error());
__query("ALTER TABLE `pms`
CHANGE `message` `message` TEXT CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL ,
DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;") or error(db_error());
__query("ALTER TABLE `reports`
CHANGE `ip` `ip` VARCHAR( 39 ) CHARACTER SET ASCII COLLATE ascii_general_ci NOT NULL ,
CHANGE `board` `board` VARCHAR( 120 ) CHARACTER SET ASCII COLLATE ascii_general_ci NULL DEFAULT NULL ,
CHANGE `reason` `reason` TEXT CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL ,
DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;") or error(db_error());
__query("ALTER TABLE `robot`
CHANGE `hash` `hash` VARCHAR( 40 ) CHARACTER SET ASCII COLLATE ascii_bin NOT NULL COMMENT 'SHA1',
DEFAULT CHARACTER SET ASCII COLLATE ascii_bin;") or error(db_error());
__query("ALTER TABLE `theme_settings`
CHANGE `theme` `theme` VARCHAR( 40 ) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL ,
CHANGE `name` `name` VARCHAR( 40 ) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL ,
CHANGE `value` `value` TEXT CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL ,
DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;") or eror(db_error());
case 'v0.9.6-dev-10':
query("ALTER TABLE `antispam`
CHANGE `board` `board` VARCHAR( 58 ) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL;") or error(db_error());
query("ALTER TABLE `bans`
CHANGE `board` `board` VARCHAR( 58 ) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL;") or error(db_error());
query("ALTER TABLE `boards`
CHANGE `uri` `uri` VARCHAR( 58 ) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL;") or error(db_error());
query("ALTER TABLE `cites`
CHANGE `board` `board` VARCHAR( 58 ) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL ,
CHANGE `target_board` `target_board` VARCHAR( 58 ) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL ,
DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;") or error(db_error());
query("ALTER TABLE `modlogs`
CHANGE `board` `board` VARCHAR( 58 ) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL;") or error(db_error());
query("ALTER TABLE `mods`
CHANGE `boards` `boards` TEXT CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL;") or error(db_error());
query("ALTER TABLE `reports`
CHANGE `board` `board` VARCHAR( 58 ) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL;") or error(db_error());
case 'v0.9.6-dev-11':
case false:
// Update version number
file_write($config['has_installed'], VERSION);
@ -554,6 +663,10 @@ if ($step == 0) {
$sql = @file_get_contents('install.sql') or error("Couldn't load install.sql.");
sql_open();
if (mysql_version() < 50503)
$sql = str_replace('utf8', 'utf8mb4', $sql);
// This code is probably horrible, but what I'm trying
// to do is find all of the SQL queires and put them
// in an array.

View File

@ -1,25 +1,20 @@
-- phpMyAdmin SQL Dump
-- version 3.4.2
-- version 4.0.4.1
-- http://www.phpmyadmin.net
--
-- Host: localhost
-- Generation Time: Apr 12, 2012 at 11:22 PM
-- Server version: 5.1.61
-- PHP Version: 5.3.3-7+squeeze8
-- Generation Time: Jul 30, 2013 at 09:45 PM
-- Server version: 5.6.10
-- PHP Version: 5.3.15
SET SQL_MODE="NO_AUTO_VALUE_ON_ZERO";
SET SQL_MODE = "NO_AUTO_VALUE_ON_ZERO";
SET time_zone = "+00:00";
/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
/*!40101 SET NAMES utf8 */;
--
-- Database: `tinyboard`
--
-- --------------------------------------------------------
--
@ -27,15 +22,15 @@ SET time_zone = "+00:00";
--
CREATE TABLE IF NOT EXISTS `antispam` (
`board` varchar(255) NOT NULL,
`board` varchar(58) CHARACTER SET utf8 NOT NULL,
`thread` int(11) DEFAULT NULL,
`hash` char(40) NOT NULL,
`hash` char(40) COLLATE ascii_bin NOT NULL,
`created` int(11) NOT NULL,
`expires` int(11) DEFAULT NULL,
`passed` smallint(6) NOT NULL,
PRIMARY KEY (`hash`),
KEY `board` (`board`,`thread`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8;
) ENGINE=MyISAM DEFAULT CHARSET=ascii COLLATE=ascii_bin;
-- --------------------------------------------------------
@ -44,17 +39,17 @@ CREATE TABLE IF NOT EXISTS `antispam` (
--
CREATE TABLE IF NOT EXISTS `bans` (
`id` int(11) UNSIGNED NOT NULL AUTO_INCREMENT,
`ip` varchar(45) NOT NULL,
`id` int(11) unsigned NOT NULL AUTO_INCREMENT,
`ip` varchar(39) CHARACTER SET ascii NOT NULL,
`mod` int(11) NOT NULL COMMENT 'which mod made the ban',
`set` int(11) NOT NULL,
`expires` int(11) DEFAULT NULL,
`reason` text,
`board` varchar(120) DEFAULT NULL,
`board` varchar(58) CHARACTER SET utf8 DEFAULT NULL,
`seen` tinyint(1) NOT NULL,
PRIMARY KEY (`id`),
FULLTEXT KEY `ip` (`ip`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;
) ENGINE=MyISAM DEFAULT CHARSET=utf8mb4 AUTO_INCREMENT=1 ;
-- --------------------------------------------------------
@ -63,18 +58,18 @@ CREATE TABLE IF NOT EXISTS `bans` (
--
CREATE TABLE IF NOT EXISTS `boards` (
`uri` varchar(120) NOT NULL,
`uri` varchar(58) CHARACTER SET utf8 NOT NULL,
`title` tinytext NOT NULL,
`subtitle` tinytext,
PRIMARY KEY (`uri`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8;
) ENGINE=MyISAM DEFAULT CHARSET=utf8mb4;
--
-- Dumping data for table `boards`
--
INSERT INTO `boards` (`uri`, `title`, `subtitle`) VALUES
('b', 'Beta', 'In development.');
INSERT INTO `boards` VALUES
('b', 'Random', NULL);
-- --------------------------------------------------------
@ -83,9 +78,9 @@ INSERT INTO `boards` (`uri`, `title`, `subtitle`) VALUES
--
CREATE TABLE IF NOT EXISTS `cites` (
`board` varchar(8) NOT NULL,
`board` varchar(58) NOT NULL,
`post` int(11) NOT NULL,
`target_board` varchar(8) NOT NULL,
`target_board` varchar(58) NOT NULL,
`target` int(11) NOT NULL,
KEY `target` (`target_board`,`target`),
KEY `post` (`board`,`post`)
@ -98,14 +93,14 @@ CREATE TABLE IF NOT EXISTS `cites` (
--
CREATE TABLE IF NOT EXISTS `ip_notes` (
`id` int(11) UNSIGNED NOT NULL AUTO_INCREMENT,
`ip` varchar(45) NOT NULL,
`id` int(11) unsigned NOT NULL AUTO_INCREMENT,
`ip` varchar(39) CHARACTER SET ascii NOT NULL,
`mod` int(11) DEFAULT NULL,
`time` int(11) NOT NULL,
`body` text NOT NULL,
UNIQUE KEY `id` (`id`),
KEY `ip` (`ip`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;
) ENGINE=MyISAM DEFAULT CHARSET=utf8mb4 AUTO_INCREMENT=1 ;
-- --------------------------------------------------------
@ -115,12 +110,12 @@ CREATE TABLE IF NOT EXISTS `ip_notes` (
CREATE TABLE IF NOT EXISTS `modlogs` (
`mod` int(11) NOT NULL,
`ip` varchar(45) NOT NULL,
`board` varchar(120) DEFAULT NULL,
`ip` varchar(39) CHARACTER SET ascii NOT NULL,
`board` varchar(58) CHARACTER SET utf8 DEFAULT NULL,
`time` int(11) NOT NULL,
`text` text NOT NULL,
KEY `time` (`time`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8;
) ENGINE=MyISAM DEFAULT CHARSET=utf8mb4;
-- --------------------------------------------------------
@ -131,19 +126,19 @@ CREATE TABLE IF NOT EXISTS `modlogs` (
CREATE TABLE IF NOT EXISTS `mods` (
`id` smallint(6) unsigned NOT NULL AUTO_INCREMENT,
`username` varchar(30) NOT NULL,
`password` char(64) NOT NULL COMMENT 'SHA256',
`salt` char(32) NOT NULL,
`password` char(64) CHARACTER SET ascii NOT NULL COMMENT 'SHA256',
`salt` char(32) CHARACTER SET ascii NOT NULL,
`type` smallint(1) NOT NULL COMMENT '0: janitor, 1: mod, 2: admin',
`boards` text NOT NULL,
`boards` text CHARACTER SET utf8 NOT NULL,
PRIMARY KEY (`id`),
UNIQUE KEY `id` (`id`,`username`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=2 ;
) ENGINE=MyISAM DEFAULT CHARSET=utf8mb4 AUTO_INCREMENT=5 ;
--
-- Dumping data for table `mods`
--
INSERT INTO `mods` (`id`, `username`, `password`, `salt`, `type`, `boards`) VALUES
INSERT INTO `mods` VALUES
(1, 'admin', 'cedad442efeef7112fed0f50b011b2b9bf83f6898082f995f69dd7865ca19fb7', '4a44c6c55df862ae901b413feecb0d49', 2, '*');
-- --------------------------------------------------------
@ -153,10 +148,10 @@ INSERT INTO `mods` (`id`, `username`, `password`, `salt`, `type`, `boards`) VALU
--
CREATE TABLE IF NOT EXISTS `mutes` (
`ip` varchar(45) NOT NULL,
`ip` varchar(39) NOT NULL,
`time` int(11) NOT NULL,
KEY `ip` (`ip`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8;
) ENGINE=MyISAM DEFAULT CHARSET=ascii;
-- --------------------------------------------------------
@ -165,14 +160,14 @@ CREATE TABLE IF NOT EXISTS `mutes` (
--
CREATE TABLE IF NOT EXISTS `news` (
`id` int(11) UNSIGNED NOT NULL AUTO_INCREMENT,
`id` int(11) unsigned NOT NULL AUTO_INCREMENT,
`name` text NOT NULL,
`time` int(11) NOT NULL,
`subject` text NOT NULL,
`body` text NOT NULL,
UNIQUE KEY `id` (`id`),
KEY `time` (`time`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;
) ENGINE=MyISAM DEFAULT CHARSET=utf8mb4 AUTO_INCREMENT=1 ;
-- --------------------------------------------------------
@ -181,13 +176,13 @@ CREATE TABLE IF NOT EXISTS `news` (
--
CREATE TABLE IF NOT EXISTS `noticeboard` (
`id` int(11) UNSIGNED NOT NULL AUTO_INCREMENT,
`id` int(11) unsigned NOT NULL AUTO_INCREMENT,
`mod` int(11) NOT NULL,
`time` int(11) NOT NULL,
`subject` text NOT NULL,
`body` text NOT NULL,
UNIQUE KEY `id` (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;
) ENGINE=MyISAM DEFAULT CHARSET=utf8mb4 AUTO_INCREMENT=1 ;
-- --------------------------------------------------------
@ -196,14 +191,14 @@ CREATE TABLE IF NOT EXISTS `noticeboard` (
--
CREATE TABLE IF NOT EXISTS `pms` (
`id` int(11) UNSIGNED NOT NULL AUTO_INCREMENT,
`id` int(11) unsigned NOT NULL AUTO_INCREMENT,
`sender` int(11) NOT NULL,
`to` int(11) NOT NULL,
`message` text NOT NULL,
`time` int(11) NOT NULL,
`unread` tinyint(1) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;
) ENGINE=MyISAM DEFAULT CHARSET=utf8mb4 AUTO_INCREMENT=1 ;
-- --------------------------------------------------------
@ -212,14 +207,14 @@ CREATE TABLE IF NOT EXISTS `pms` (
--
CREATE TABLE IF NOT EXISTS `reports` (
`id` int(11) UNSIGNED NOT NULL AUTO_INCREMENT,
`id` int(11) unsigned NOT NULL AUTO_INCREMENT,
`time` int(11) NOT NULL,
`ip` varchar(45) NOT NULL,
`board` varchar(120) DEFAULT NULL,
`ip` varchar(39) CHARACTER SET ascii NOT NULL,
`board` varchar(58) CHARACTER SET utf8 DEFAULT NULL,
`post` int(11) NOT NULL,
`reason` text NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;
) ENGINE=MyISAM DEFAULT CHARSET=utf8mb4 AUTO_INCREMENT=1 ;
-- --------------------------------------------------------
@ -228,9 +223,9 @@ CREATE TABLE IF NOT EXISTS `reports` (
--
CREATE TABLE IF NOT EXISTS `robot` (
`hash` varchar(40) NOT NULL COMMENT 'SHA1',
`hash` varchar(40) COLLATE ascii_bin NOT NULL COMMENT 'SHA1',
PRIMARY KEY (`hash`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8;
) ENGINE=MyISAM DEFAULT CHARSET=ascii COLLATE=ascii_bin;
-- --------------------------------------------------------
@ -255,7 +250,7 @@ CREATE TABLE IF NOT EXISTS `theme_settings` (
`name` varchar(40) DEFAULT NULL,
`value` text,
KEY `theme` (`theme`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8;
) ENGINE=MyISAM DEFAULT CHARSET=utf8mb4;
/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;

View File

@ -3,7 +3,7 @@
* https://github.com/savetheinternet/Tinyboard/blob/master/js/expand.js
*
* Released under the MIT license
* Copyright (c) 2012 Michael Save <savetheinternet@tinyboard.org>
* Copyright (c) 2012-2013 Michael Save <savetheinternet@tinyboard.org>
*
* Usage:
* $config['additional_javascript'][] = 'js/jquery.min.js';
@ -35,10 +35,8 @@ $(document).ready(function(){
$(this).addClass('expanded').insertAfter(thread.find('div.post:first')).after('<br class="expanded">');
}
last_expanded = $(this);
$(document).trigger('new_post', this);
}
else {
} else {
last_expanded = post_in_doc;
}
});

View File

@ -21,7 +21,7 @@ onready(function(){
link[i].onclick = function(e) {
if (this.childNodes[0].className == 'hidden')
return false;
if (e.which == 2)
if (e.which == 2 || e.metaKey)
return true;
if (!this.dataset.src) {
this.dataset.expanded = 'true';

33
mod.php
View File

@ -18,7 +18,7 @@ if (get_magic_quotes_gpc()) {
$_POST = strip_array($_POST);
}
$query = isset($_SERVER['QUERY_STRING']) ? $_SERVER['QUERY_STRING'] : '';
$query = isset($_SERVER['QUERY_STRING']) ? urldecode($_SERVER['QUERY_STRING']) : '';
$pages = array(
'' => ':?/', // redirect to dashboard
@ -45,7 +45,7 @@ $pages = array(
'/news/(\d+)' => 'news', // view news
'/news/delete/(\d+)' => 'news_delete', // delete from news
'/edit/([\w+.]+)' => 'edit_board', // edit board details
'/edit/(\%b)' => 'edit_board', // edit board details
'/new-board' => 'new_board', // create a new board
'/rebuild' => 'rebuild', // rebuild static files
@ -63,15 +63,15 @@ $pages = array(
// CSRF-protected moderator actions
'/ban' => 'secure_POST ban', // new ban
'/([\w+.]+)/ban(&delete)?/(\d+)' => 'secure_POST ban_post', // ban poster
'/([\w+.]+)/move/(\d+)' => 'secure_POST move', // move thread
'/([\w+.]+)/edit(_raw)?/(\d+)' => 'secure_POST edit_post', // edit post
'/([\w+.]+)/delete/(\d+)' => 'secure delete', // delete post
'/([\w+.]+)/deletefile/(\d+)' => 'secure deletefile', // delete file from post
'/([\w+.]+)/deletebyip/(\d+)(/global)?' => 'secure deletebyip', // delete all posts by IP address
'/([\w+.]+)/(un)?lock/(\d+)' => 'secure lock', // lock thread
'/([\w+.]+)/(un)?sticky/(\d+)' => 'secure sticky', // sticky thread
'/([\w+.]+)/bump(un)?lock/(\d+)' => 'secure bumplock', // "bumplock" thread
'/(\%b)/ban(&delete)?/(\d+)' => 'secure_POST ban_post', // ban poster
'/(\%b)/move/(\d+)' => 'secure_POST move', // move thread
'/(\%b)/edit(_raw)?/(\d+)' => 'secure_POST edit_post', // edit post
'/(\%b)/delete/(\d+)' => 'secure delete', // delete post
'/(\%b)/deletefile/(\d+)' => 'secure deletefile', // delete file from post
'/(\%b)/deletebyip/(\d+)(/global)?' => 'secure deletebyip', // delete all posts by IP address
'/(\%b)/(un)?lock/(\d+)' => 'secure lock', // lock thread
'/(\%b)/(un)?sticky/(\d+)' => 'secure sticky', // sticky thread
'/(\%b)/bump(un)?lock/(\d+)' => 'secure bumplock', // "bumplock" thread
'/themes' => 'themes_list', // manage themes
'/themes/(\w+)' => 'theme_configure', // configure/reconfigure theme
@ -86,10 +86,10 @@ $pages = array(
'/debug/sql' => 'secure_POST debug_sql',
// This should always be at the end:
'/([\w+.]+)/' => 'view_board',
'/([\w+.]+)/' . preg_quote($config['file_index'], '!') => 'view_board',
'/([\w+.]+)/' . str_replace('%d', '(\d+)', preg_quote($config['file_page'], '!')) => 'view_board',
'/([\w+.]+)/' . preg_quote($config['dir']['res'], '!') .
'/(\%b)/' => 'view_board',
'/(\%b)/' . preg_quote($config['file_index'], '!') => 'view_board',
'/(\%b)/' . str_replace('%d', '(\d+)', preg_quote($config['file_page'], '!')) => 'view_board',
'/(\%b)/' . preg_quote($config['dir']['res'], '!') .
str_replace('%d', '(\d+)', preg_quote($config['file_page'], '!')) => 'view_thread',
);
@ -109,7 +109,8 @@ $new_pages = array();
foreach ($pages as $key => $callback) {
if (is_string($callback) && preg_match('/^secure /', $callback))
$key .= '(/(?P<token>[a-f0-9]{8}))?';
$new_pages[@$key[0] == '!' ? $key : '!^' . $key . '(?:&[^&=]+=[^&]*)*$!'] = $callback;
$key = str_replace('\%b', $config['board_regex'], $key);
$new_pages[@$key[0] == '!' ? $key : '!^' . $key . '(?:&[^&=]+=[^&]*)*$!u'] = $callback;
}
$pages = $new_pages;

View File

@ -172,7 +172,7 @@ if (isset($_POST['delete'])) {
error($config['error']['bot']);
// Check the referrer
if (!isset($_SERVER['HTTP_REFERER']) || !preg_match($config['referer_match'], $_SERVER['HTTP_REFERER']))
if (!isset($_SERVER['HTTP_REFERER']) || !preg_match($config['referer_match'], urldecode($_SERVER['HTTP_REFERER'])))
error($config['error']['referer']);
checkDNSBL();
@ -380,7 +380,10 @@ if (isset($_POST['delete'])) {
wordfilters($post['body']);
$post['body_nomarkup'] = $post['body'];
if (mysql_version() >= 50503)
$post['body_nomarkup'] = $post['body']; // Assume we're using the utf8mb4 charset
else
$post['body_nomarkup'] = preg_replace('/[\x{010000}-\x{ffffff}]/u', '', $post['body']); // MySQL's `utf8` charset only supports up to 3-byte symbols
if (!($mod && isset($post['raw']) && $post['raw']))
$post['tracked_cites'] = markup($post['body'], true);
@ -546,9 +549,9 @@ if (isset($_POST['delete'])) {
// Remove board directories before inserting them into the database.
if ($post['has_file']) {
$post['file_path'] = $post['file'];
$post['file'] = substr_replace($post['file'], '', 0, mb_strlen($board['dir'] . $config['dir']['img']));
$post['file'] = mb_substr($post['file'], mb_strlen($board['dir'] . $config['dir']['img']));
if ($is_an_image && $post['thumb'] != 'spoiler')
$post['thumb'] = substr_replace($post['thumb'], '', 0, mb_strlen($board['dir'] . $config['dir']['thumb']));
$post['thumb'] = mb_substr($post['thumb'], mb_strlen($board['dir'] . $config['dir']['thumb']));
}
$post = (object)$post;

View File

@ -18,7 +18,11 @@
{% endif %}
</td>
<td class="minimal">
<a href="?/IP/{{ log.ip }}">{{ log.ip }}</a>
{% if mod|hasPermission(config.mod.show_ip_modlog) %}
<a href="?/IP/{{ log.ip }}">{{ log.ip }}</a>
{% else %}
<em>hidden</em>
{% endif %}
</td>
<td class="minimal">
<span title="{{ log.time|date(config.post_date) }}">{{ log.time|ago }}</span>

View File

@ -88,7 +88,7 @@
</td>
</tr>
{% endif %}
{% if mod %}
{% if mod and ((not id and post.mod|hasPermission(config.mod.sticky, board.uri)) or (not id and post.mod|hasPermission(config.mod.lock, board.uri)) or post.mod|hasPermission(config.mod.rawhtml, board.uri)) %}
<tr>
<th>
{% trans %}Flags{% endtrans %}

View File

@ -1,32 +1,33 @@
CREATE TABLE IF NOT EXISTS `posts_{{ board }}` (
`id` int(11) UNSIGNED NOT NULL AUTO_INCREMENT,
`thread` int(11) DEFAULT NULL,
`subject` varchar(100) DEFAULT NULL,
`email` varchar(30) DEFAULT NULL,
`name` varchar(35) DEFAULT NULL,
`trip` varchar(15) DEFAULT NULL,
`capcode` varchar(50) DEFAULT NULL,
`body` text NOT NULL,
`body_nomarkup` text DEFAULT NULL,
`time` int(11) NOT NULL,
`bump` int(11) DEFAULT NULL,
`thumb` varchar(50) DEFAULT NULL,
`thumbwidth` int(11) DEFAULT NULL,
`thumbheight` int(11) DEFAULT NULL,
`file` varchar(50) DEFAULT NULL,
`filewidth` int(11) DEFAULT NULL,
`fileheight` int(11) DEFAULT NULL,
`filesize` int(11) DEFAULT NULL,
`filename` text DEFAULT NULL,
`filehash` text DEFAULT NULL,
`password` varchar(20) DEFAULT NULL,
`ip` varchar(45) NOT NULL,
`sticky` int(1) NOT NULL,
`locked` int(1) NOT NULL,
`sage` int(1) NOT NULL,
`embed` text,
UNIQUE KEY `id` (`id`),
KEY `thread_id` (`thread`, `id`),
KEY `time` (`time`),
FULLTEXT KEY `body` (`body`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;
`id` int(11) unsigned NOT NULL AUTO_INCREMENT,
`thread` int(11) DEFAULT NULL,
`subject` varchar(100) DEFAULT NULL,
`email` varchar(30) DEFAULT NULL,
`name` varchar(35) DEFAULT NULL,
`trip` varchar(15) DEFAULT NULL,
`capcode` varchar(50) DEFAULT NULL,
`body` text NOT NULL,
`body_nomarkup` text,
`time` int(11) NOT NULL,
`bump` int(11) DEFAULT NULL,
`thumb` varchar(50) DEFAULT NULL,
`thumbwidth` int(11) DEFAULT NULL,
`thumbheight` int(11) DEFAULT NULL,
`file` varchar(50) DEFAULT NULL,
`filewidth` int(11) DEFAULT NULL,
`fileheight` int(11) DEFAULT NULL,
`filesize` int(11) DEFAULT NULL,
`filename` text,
`filehash` text CHARACTER SET ascii,
`password` varchar(20) DEFAULT NULL,
`ip` varchar(39) CHARACTER SET ascii NOT NULL,
`sticky` int(1) NOT NULL,
`locked` int(1) NOT NULL,
`sage` int(1) NOT NULL,
`embed` text,
UNIQUE KEY `id` (`id`),
KEY `thread_id` (`thread`,`id`),
KEY `time` (`time`),
FULLTEXT KEY `body` (`body`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8mb4 AUTO_INCREMENT=1 ;