Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Newer
Older
100644 289 lines (245 sloc) 10.136 kb
9bbf3ca Trevor Slocum first commit
authored
1 <?php
2 # TinyIB
3 #
a88d028 Trevor Slocum Settings are now stored in a separate file
authored
4 # https://github.com/tslocum/TinyIB
9bbf3ca Trevor Slocum first commit
authored
5
6 error_reporting(E_ALL);
7 ini_set("display_errors", 1);
8 session_start();
9
10 if (get_magic_quotes_gpc()) {
11 foreach ($_GET as $key => $val) { $_GET[$key] = stripslashes($val); }
12 foreach ($_POST as $key => $val) { $_POST[$key] = stripslashes($val); }
13 }
14 if (get_magic_quotes_runtime()) { set_magic_quotes_runtime(0); }
15
16 function fancyDie($message) {
26410cd Trevor Slocum Numerous feature additions and code re-writes
authored
17 die('<body text="#800000" bgcolor="#FFFFEE" align="center"><br><div style="display: inline-block; background-color: #F0E0D6;font-size: 1.25em;font-family: Tahoma, Geneva, sans-serif;padding: 7px;border: 1px solid #D9BFB7;border-left: none;border-top: none;">' . $message . '</div><br><br>- <a href="javascript:history.go(-1)">Click here to go back</a> -</body>');
9bbf3ca Trevor Slocum first commit
authored
18 }
19
a88d028 Trevor Slocum Settings are now stored in a separate file
authored
20 if (!file_exists('settings.php')) {
21 fancyDie('Please rename the file settings.default.php to settings.php');
22 }
23 require 'settings.php';
24
9bbf3ca Trevor Slocum first commit
authored
25 // Check directories are writable by the script
26 $writedirs = array("res", "src", "thumb");
f0540cd Trevor Slocum Moving settings to constants rather than variables
authored
27 if (TINYIB_DBMODE == 'flatfile') { $writedirs[] = "inc/flatfile"; }
9bbf3ca Trevor Slocum first commit
authored
28 foreach ($writedirs as $dir) {
29 if (!is_writable($dir)) {
26410cd Trevor Slocum Numerous feature additions and code re-writes
authored
30 fancyDie("Directory '" . $dir . "' can not be written to. Please modify its permissions.");
9bbf3ca Trevor Slocum first commit
authored
31 }
32 }
33
26410cd Trevor Slocum Numerous feature additions and code re-writes
authored
34 $includes = array("inc/defines.php", "inc/functions.php", "inc/html.php");
730ddf4 Trevor Slocum Better looking error page
authored
35 if (in_array(TINYIB_DBMODE, array('flatfile', 'mysql', 'sqlite'))) {
36 $includes[] = 'inc/database_' . TINYIB_DBMODE . '.php';
9bbf3ca Trevor Slocum first commit
authored
37 } else {
38 fancyDie("Unknown database mode specificed");
39 }
40
41 foreach ($includes as $include) {
42 include $include;
43 }
44
f0540cd Trevor Slocum Moving settings to constants rather than variables
authored
45 if (TINYIB_TRIPSEED == '' || TINYIB_ADMINPASS == '') {
26410cd Trevor Slocum Numerous feature additions and code re-writes
authored
46 fancyDie('TINYIB_TRIPSEED and TINYIB_ADMINPASS must be configured');
9bbf3ca Trevor Slocum first commit
authored
47 }
48
49 $redirect = true;
50 // Check if the request is to make a post
fd87a2e Trevor Slocum minor code cleanup
authored
51 if (isset($_POST['message']) || isset($_POST['file'])) {
18432ee Trevor Slocum Moving code from imgboard.php to functions.php
authored
52 list($loggedin, $isadmin) = manageCheckLogIn();
26410cd Trevor Slocum Numerous feature additions and code re-writes
authored
53 $rawpost = isRawPost();
be532e1 Trevor Slocum Post linking using >>#### and some minor fixes
authored
54 if (!$loggedin) {
55 checkBanned();
29d2d6a Trevor Slocum minor code cleanup
authored
56 checkMessageSize();
be532e1 Trevor Slocum Post linking using >>#### and some minor fixes
authored
57 checkFlood();
9bbf3ca Trevor Slocum first commit
authored
58 }
59
26410cd Trevor Slocum Numerous feature additions and code re-writes
authored
60 $post = newPost(setParent());
9bbf3ca Trevor Slocum first commit
authored
61 $post['ip'] = $_SERVER['REMOTE_ADDR'];
62
fd87a2e Trevor Slocum minor code cleanup
authored
63 list($post['name'], $post['tripcode']) = nameAndTripcode($_POST['name']);
9bbf3ca Trevor Slocum first commit
authored
64
65 $post['name'] = cleanString(substr($post['name'], 0, 75));
fd87a2e Trevor Slocum minor code cleanup
authored
66 $post['email'] = cleanString(str_replace('"', '&quot;', substr($_POST['email'], 0, 75)));
67 $post['subject'] = cleanString(substr($_POST['subject'], 0, 75));
26410cd Trevor Slocum Numerous feature additions and code re-writes
authored
68 if ($rawpost) {
69 $rawposttext = ($isadmin) ? ' <span style="color: red;">## Admin</span>' : ' <span style="color: purple;">## Mod</span>';
fd87a2e Trevor Slocum minor code cleanup
authored
70 $post['message'] = $_POST['message']; // Treat message as raw HTML
a1975b4 Trevor Slocum Added raw posting ability for mods and admins
authored
71 } else {
26410cd Trevor Slocum Numerous feature additions and code re-writes
authored
72 $rawposttext = '';
fd87a2e Trevor Slocum minor code cleanup
authored
73 $post['message'] = str_replace("\n", '<br>', colorQuote(postLink(cleanString(rtrim($_POST['message'])))));
a1975b4 Trevor Slocum Added raw posting ability for mods and admins
authored
74 }
239a12c Trevor Slocum code clean up
authored
75 $post['password'] = ($_POST['password'] != '') ? md5(md5($_POST['password'])) : '';
26410cd Trevor Slocum Numerous feature additions and code re-writes
authored
76 $post['nameblock'] = nameBlock($post['name'], $post['tripcode'], $post['email'], time(), $rawposttext);
9bbf3ca Trevor Slocum first commit
authored
77
78 if (isset($_FILES['file'])) {
79 if ($_FILES['file']['name'] != "") {
18432ee Trevor Slocum Moving code from imgboard.php to functions.php
authored
80 validateFileUpload();
9bbf3ca Trevor Slocum first commit
authored
81
82 if (!is_file($_FILES['file']['tmp_name']) || !is_readable($_FILES['file']['tmp_name'])) {
83 fancyDie("File transfer failure. Please retry the submission.");
84 }
85
26410cd Trevor Slocum Numerous feature additions and code re-writes
authored
86 if ((TINYIB_MAXKB > 0) && (filesize($_FILES['file']['tmp_name']) > (TINYIB_MAXKB * 1024))) {
87 fancyDie("That file is larger than " . TINYIB_MAXKBDESC . ".");
88 }
89
90 $post['file_original'] = htmlentities(substr($_FILES['file']['name'], 0, 50), ENT_QUOTES);
9bbf3ca Trevor Slocum first commit
authored
91 $post['file_hex'] = md5_file($_FILES['file']['tmp_name']);
92 $post['file_size'] = $_FILES['file']['size'];
93 $post['file_size_formatted'] = convertBytes($post['file_size']);
94 $file_type = strtolower(preg_replace('/.*(\..+)/', '\1', $_FILES['file']['name'])); if ($file_type == '.jpeg') { $file_type = '.jpg'; }
26410cd Trevor Slocum Numerous feature additions and code re-writes
authored
95 $file_name = time() . substr(microtime(), 2, 3);
9bbf3ca Trevor Slocum first commit
authored
96 $post['file'] = $file_name . $file_type;
26410cd Trevor Slocum Numerous feature additions and code re-writes
authored
97 $post['thumb'] = $file_name . "s" . $file_type;
9bbf3ca Trevor Slocum first commit
authored
98 $file_location = "src/" . $post['file'];
26410cd Trevor Slocum Numerous feature additions and code re-writes
authored
99 $thumb_location = "thumb/" . $post['thumb'];
9bbf3ca Trevor Slocum first commit
authored
100
b908d03 Trevor Slocum removed use of mime_content_type() as getimagesize is sufficient
authored
101 if (!($file_type == '.jpg' || $file_type == '.gif' || $file_type == '.png')) {
9bbf3ca Trevor Slocum first commit
authored
102 fancyDie("Only GIF, JPG, and PNG files are allowed.");
103 }
104
b908d03 Trevor Slocum removed use of mime_content_type() as getimagesize is sufficient
authored
105 if (!@getimagesize($_FILES['file']['tmp_name'])) {
106 fancyDie("Failed to read the size of the uploaded file. Please retry the submission.");
107 }
108 $file_info = getimagesize($_FILES['file']['tmp_name']);
109 $file_mime = $file_info['mime'];
9bbf3ca Trevor Slocum first commit
authored
110
b908d03 Trevor Slocum removed use of mime_content_type() as getimagesize is sufficient
authored
111 if (!($file_mime == "image/jpeg" || $file_mime == "image/gif" || $file_mime == "image/png")) {
112 fancyDie("Only GIF, JPG, and PNG files are allowed.");
113 }
114
18432ee Trevor Slocum Moving code from imgboard.php to functions.php
authored
115 checkDuplicateImage($post['file_hex']);
9bbf3ca Trevor Slocum first commit
authored
116
117 if (!move_uploaded_file($_FILES['file']['tmp_name'], $file_location)) {
118 fancyDie("Could not copy uploaded file.");
119 }
120
121 if ($_FILES['file']['size'] != filesize($file_location)) {
122 fancyDie("File transfer failure. Please go back and try again.");
123 }
124
18432ee Trevor Slocum Moving code from imgboard.php to functions.php
authored
125 $post['image_width'] = $file_info[0]; $post['image_height'] = $file_info[1];
9bbf3ca Trevor Slocum first commit
authored
126
18432ee Trevor Slocum Moving code from imgboard.php to functions.php
authored
127 list($thumb_maxwidth, $thumb_maxheight) = thumbnailDimensions($post['image_width'], $post['image_height']);
26410cd Trevor Slocum Numerous feature additions and code re-writes
authored
128
18432ee Trevor Slocum Moving code from imgboard.php to functions.php
authored
129 if (!createThumbnail($file_location, $thumb_location, $thumb_maxwidth, $thumb_maxheight)) {
9bbf3ca Trevor Slocum first commit
authored
130 fancyDie("Could not create thumbnail.");
131 }
132
b908d03 Trevor Slocum removed use of mime_content_type() as getimagesize is sufficient
authored
133 $thumb_info = getimagesize($thumb_location);
18432ee Trevor Slocum Moving code from imgboard.php to functions.php
authored
134 $post['thumb_width'] = $thumb_info[0]; $post['thumb_height'] = $thumb_info[1];
b908d03 Trevor Slocum removed use of mime_content_type() as getimagesize is sufficient
authored
135 }
9bbf3ca Trevor Slocum first commit
authored
136 }
137
138 if ($post['file'] == '') { // No file uploaded
26410cd Trevor Slocum Numerous feature additions and code re-writes
authored
139 if ($post['parent'] == TINYIB_NEWTHREAD) {
9bbf3ca Trevor Slocum first commit
authored
140 fancyDie("An image is required to start a thread.");
141 }
142 if (str_replace('<br>', '', $post['message']) == "") {
143 fancyDie("Please enter a message and/or upload an image to make a reply.");
144 }
26410cd Trevor Slocum Numerous feature additions and code re-writes
authored
145 } else {
146 echo $post['file_original'] . ' uploaded.<br>';
9bbf3ca Trevor Slocum first commit
authored
147 }
148
149 $post['id'] = insertPost($post);
fd87a2e Trevor Slocum minor code cleanup
authored
150 if (strtolower($post['email']) == 'noko') {
26410cd Trevor Slocum Numerous feature additions and code re-writes
authored
151 $redirect = 'res/' . ($post['parent'] == TINYIB_NEWTHREAD ? $post['id'] : $post['parent']) . '.html#' . $post['id'];
f5f755b Trevor Slocum noko support
authored
152 }
9bbf3ca Trevor Slocum first commit
authored
153 trimThreads();
154 echo 'Updating thread page...<br>';
26410cd Trevor Slocum Numerous feature additions and code re-writes
authored
155 if ($post['parent'] != TINYIB_NEWTHREAD) {
9bbf3ca Trevor Slocum first commit
authored
156 rebuildThread($post['parent']);
157
fd87a2e Trevor Slocum minor code cleanup
authored
158 if (strtolower($post['email']) != 'sage') {
9bbf3ca Trevor Slocum first commit
authored
159 bumpThreadByID($post['parent']);
160 }
161 } else {
162 rebuildThread($post['id']);
163 }
164
165 echo 'Updating thread index...<br>';
166 rebuildIndexes();
167 // Check if the request is to delete a post and/or its associated image
168 } elseif (isset($_GET['delete']) && !isset($_GET['manage'])) {
fd87a2e Trevor Slocum minor code cleanup
authored
169 if (!isset($_POST['delete'])) { fancyDie('Tick the box next to a post and click "Delete" to delete it.'); }
170
171 $post = postByID($_POST['delete']);
172 if ($post) {
173 list($loggedin, $isadmin) = manageCheckLogIn();
174
175 if ($loggedin && $_POST['password'] == '') {
176 // Redirect to post moderation page
177 echo '--&gt; --&gt; --&gt;<meta http-equiv="refresh" content="0;url=' . basename($_SERVER['PHP_SELF']) . '?manage&moderate=' . $_POST['delete'] . '">';
178 } elseif ($post['password'] != '' && md5(md5($_POST['password'])) == $post['password']) {
179 deletePostByID($post['id']);
180 if ($post['parent'] == TINYIB_NEWTHREAD) { threadUpdated($post['id']); } else { threadUpdated($post['parent']); }
181 fancyDie('Post deleted.');
9bbf3ca Trevor Slocum first commit
authored
182 } else {
fd87a2e Trevor Slocum minor code cleanup
authored
183 fancyDie('Invalid password.');
9bbf3ca Trevor Slocum first commit
authored
184 }
185 } else {
fd87a2e Trevor Slocum minor code cleanup
authored
186 fancyDie('Sorry, an invalid post identifier was sent. Please go back, refresh the page, and try again.');
9bbf3ca Trevor Slocum first commit
authored
187 }
fd87a2e Trevor Slocum minor code cleanup
authored
188
9bbf3ca Trevor Slocum first commit
authored
189 $redirect = false;
190 // Check if the request is to access the management area
fd87a2e Trevor Slocum minor code cleanup
authored
191 } elseif (isset($_GET['manage'])) {
192 $text = ''; $onload = ''; $navbar = '&nbsp;';
9bbf3ca Trevor Slocum first commit
authored
193 $redirect = false; $loggedin = false; $isadmin = false;
194 $returnlink = basename($_SERVER['PHP_SELF']);
195
196 list($loggedin, $isadmin) = manageCheckLogIn();
197
198 if ($loggedin) {
199 if ($isadmin) {
fd87a2e Trevor Slocum minor code cleanup
authored
200 if (isset($_GET['rebuildall'])) {
9bbf3ca Trevor Slocum first commit
authored
201 $allthreads = allThreads();
202 foreach ($allthreads as $thread) {
fd87a2e Trevor Slocum minor code cleanup
authored
203 rebuildThread($thread['id']);
9bbf3ca Trevor Slocum first commit
authored
204 }
205 rebuildIndexes();
26410cd Trevor Slocum Numerous feature additions and code re-writes
authored
206 $text .= manageInfo('Rebuilt board.');
fd87a2e Trevor Slocum minor code cleanup
authored
207 } elseif (isset($_GET['bans'])) {
9bbf3ca Trevor Slocum first commit
authored
208 clearExpiredBans();
209
210 if (isset($_POST['ip'])) {
211 if ($_POST['ip'] != '') {
212 $banexists = banByIP($_POST['ip']);
213 if ($banexists) {
214 fancyDie('Sorry, there is already a ban on record for that IP address.');
215 }
216
217 $ban = array();
218 $ban['ip'] = $_POST['ip'];
219 $ban['expire'] = ($_POST['expire'] > 0) ? (time() + $_POST['expire']) : 0;
220 $ban['reason'] = $_POST['reason'];
221
222 insertBan($ban);
26410cd Trevor Slocum Numerous feature additions and code re-writes
authored
223 $text .= manageInfo('Ban record added for ' . $ban['ip']);
9bbf3ca Trevor Slocum first commit
authored
224 }
225 } elseif (isset($_GET['lift'])) {
226 $ban = banByID($_GET['lift']);
227 if ($ban) {
228 deleteBanByID($_GET['lift']);
26410cd Trevor Slocum Numerous feature additions and code re-writes
authored
229 $text .= manageInfo('Ban record lifted for ' . $ban['ip']);
9bbf3ca Trevor Slocum first commit
authored
230 }
231 }
232
233 $onload = manageOnLoad('bans');
234 $text .= manageBanForm();
235 $text .= manageBansTable();
236 }
237 }
238
fd87a2e Trevor Slocum minor code cleanup
authored
239 if (isset($_GET['delete'])) {
9bbf3ca Trevor Slocum first commit
authored
240 $post = postByID($_GET['delete']);
241 if ($post) {
242 deletePostByID($post['id']);
243 rebuildIndexes();
26410cd Trevor Slocum Numerous feature additions and code re-writes
authored
244 if ($post['parent'] != TINYIB_NEWTHREAD) {
9bbf3ca Trevor Slocum first commit
authored
245 rebuildThread($post['parent']);
246 }
26410cd Trevor Slocum Numerous feature additions and code re-writes
authored
247 $text .= manageInfo('Post No.' . $post['id'] . ' deleted.');
9bbf3ca Trevor Slocum first commit
authored
248 } else {
249 fancyDie("Sorry, there doesn't appear to be a post with that ID.");
250 }
fd87a2e Trevor Slocum minor code cleanup
authored
251 } elseif (isset($_GET['moderate'])) {
9bbf3ca Trevor Slocum first commit
authored
252 if ($_GET['moderate'] > 0) {
253 $post = postByID($_GET['moderate']);
254 if ($post) {
255 $text .= manageModeratePost($post);
256 } else {
257 fancyDie("Sorry, there doesn't appear to be a post with that ID.");
258 }
259 } else {
260 $onload = manageOnLoad('moderate');
261 $text .= manageModeratePostForm();
262 }
26410cd Trevor Slocum Numerous feature additions and code re-writes
authored
263 } elseif (isset($_GET["rawpost"])) {
264 $onload = manageOnLoad("rawpost");
265 $text .= manageRawPostForm();
9bbf3ca Trevor Slocum first commit
authored
266 } elseif (isset($_GET["logout"])) {
267 $_SESSION['tinyib'] = '';
268 session_destroy();
269 die('--&gt; --&gt; --&gt;<meta http-equiv="refresh" content="0;url=' . $returnlink . '?manage">');
270 }
01eb358 Trevor Slocum minor touch-ups, manage pages now use the same HTML as board pages
authored
271 if ($text == '') {
26410cd Trevor Slocum Numerous feature additions and code re-writes
authored
272 $text = manageStatus();
01eb358 Trevor Slocum minor touch-ups, manage pages now use the same HTML as board pages
authored
273 }
9bbf3ca Trevor Slocum first commit
authored
274 } else {
275 $onload = manageOnLoad('login');
276 $text .= manageLogInForm();
277 }
278
279 echo managePage($text, $onload);
fd87a2e Trevor Slocum minor code cleanup
authored
280 } elseif (!file_exists('index.html') || countThreads() == 0) {
9bbf3ca Trevor Slocum first commit
authored
281 rebuildIndexes();
282 }
283
284 if ($redirect) {
239a12c Trevor Slocum code clean up
authored
285 echo '--&gt; --&gt; --&gt;<meta http-equiv="refresh" content="0;url=' . (is_string($redirect) ? $redirect : 'index.html') . '">';
9bbf3ca Trevor Slocum first commit
authored
286 }
287
fd87a2e Trevor Slocum minor code cleanup
authored
288 ?>
Something went wrong with that request. Please try again.