Add account system

When TINYIB_ADMINPASS is set, a super-administrator account with the
username 'admin' is created using the provided password.

WHEN TINYIB_MODPASS is set, a moderator account with the username 'mod'
is created using the provided password.
This commit is contained in:
Trevor Slocum 2021-04-04 13:01:56 -07:00
parent 421503ee01
commit 1256e7cca0
22 changed files with 1481 additions and 682 deletions

8
.gitignore vendored
View File

@ -1,8 +1,12 @@
settings.php
*.html
*.db
.posts
.posts.lock
.accounts*
.bans*
.keywords*
.logs*
.posts*
.reports*
.project
.settings/
.idea/

View File

@ -33,5 +33,11 @@ AddOutputFilterByType DEFLATE text/text text/html text/plain text/xml text/css a
</Ifmodule>
<IfModule mod_alias.c>
RedirectMatch 404 (.*)\.accounts$
RedirectMatch 404 (.*)\.bans$
RedirectMatch 404 (.*)\.keywords$
RedirectMatch 404 (.*)\.logs$
RedirectMatch 404 (.*)\.posts$
RedirectMatch 404 (.*)\.reports$
RedirectMatch 404 (.*)\.tinyib.db$
</Ifmodule>

View File

@ -14,7 +14,7 @@ See [DEMOS.md](https://code.rocketnine.space/tslocum/tinyib/src/branch/master/DE
- GIF, JPG, PNG, SWF, MP4 and WebM upload.
- YouTube, Vimeo and SoundCloud embedding.
- CAPTCHA
- CAPTCHA:
- A simple, self-hosted implementation is included.
- [hCaptcha](https://hcaptcha.com) is supported.
- [ReCAPTCHA](https://www.google.com/recaptcha/about/) is supported. (But [not recommended](https://nearcyan.com/you-probably-dont-need-recaptcha/))
@ -24,8 +24,10 @@ See [DEMOS.md](https://code.rocketnine.space/tslocum/tinyib/src/branch/master/DE
- Report posts.
- Block keywords.
- Management panel:
- Administrators and moderators use separate passwords.
- Moderators are only able to sticky threads, lock threads, delete posts, and approve posts when necessary. (See ``TINYIB_REQMOD``)
- Account system:
- Super administrators (all privileges)
- Administrators (all privileges except account management)
- Moderators (only able to sticky threads, lock threads, approve posts and delete posts)
- Ban offensive/abusive posters across all boards.
- Post using raw HTML.
- Upgrade automatically when installed via git. (Tested on Linux only)
@ -62,8 +64,7 @@ support in mind.
- This library is usually installed by default.
- If you plan on disabling image uploads to use TinyIB as a text board only, this library is not required.
- [cURL Library](https://www.php.net/manual/en/book.curl.php)
- This is recommended, but is not strictly required except:
- When `TINYIB_CAPTCHA` is set to `hcaptcha` or `recaptcha`.
- This is recommended, but is not strictly required except when `TINYIB_CAPTCHA` is set to `hcaptcha` or `recaptcha`.
2. CD to the directory you wish to install TinyIB.
3. Run the command:
- `git clone https://code.rocketnine.space/tslocum/tinyib.git ./`
@ -149,8 +150,8 @@ Translation is handled [online](https://hosted.weblate.org/projects/tinyib/tinyi
## Contribute
**Note:** Please do not submit translations as patches. See above.
**Note:** Please do not submit translations via pull requests. See above.
1. Fork TinyIB using [git](https://git-scm.com/downloads).
1. [Fork TinyIB.](https://code.rocketnine.space/repo/fork/6)
2. Commit code changes to your forked repository.
3. Send your patches to trevor@rocketnine.space via [git send-email](https://git-send-email.io/).
3. [Submit a pull request.](https://code.rocketnine.space/tslocum/tinyib/pulls)

View File

@ -34,10 +34,8 @@ ini_set("display_errors", 1);
session_start();
setcookie(session_name(), session_id(), time() + 2592000);
ob_implicit_flush();
if (function_exists('ob_get_level')) {
while (ob_get_level() > 0) {
ob_end_flush();
}
while (ob_get_level() > 0) {
ob_end_flush();
}
function fancyDie($message) {
@ -53,6 +51,7 @@ if (!file_exists('settings.php')) {
}
require 'settings.php';
require 'inc/defines.php';
global $tinyib_capcodes, $tinyib_embeds, $tinyib_hidefields, $tinyib_hidefieldsop;
if (!defined('TINYIB_LOCALE') || TINYIB_LOCALE == '') {
function __($string) {
@ -67,12 +66,65 @@ if (!defined('TINYIB_LOCALE') || TINYIB_LOCALE == '') {
$translator->register();
}
if (TINYIB_TRIPSEED == '' || TINYIB_ADMINPASS == '') {
fancyDie(__('TINYIB_TRIPSEED and TINYIB_ADMINPASS must be configured.'));
}
if ((TINYIB_CAPTCHA === 'hcaptcha' || TINYIB_MANAGECAPTCHA === 'hcaptcha') && (TINYIB_HCAPTCHA_SITE == '' || TINYIB_HCAPTCHA_SECRET == '')) {
fancyDie(__('TINYIB_HCAPTCHA_SITE and TINYIB_HCAPTCHA_SECRET must be configured.'));
}
if ((TINYIB_CAPTCHA === 'recaptcha' || TINYIB_MANAGECAPTCHA === 'recaptcha') && (TINYIB_RECAPTCHA_SITE == '' || TINYIB_RECAPTCHA_SECRET == '')) {
fancyDie(__('TINYIB_RECAPTCHA_SITE and TINYIB_RECAPTCHA_SECRET must be configured.'));
}
if (TINYIB_TIMEZONE != '') {
date_default_timezone_set(TINYIB_TIMEZONE);
}
$bcrypt_salt = '$2y$12$' . str_pad(str_replace('=', '/', str_replace('+', '.', substr(base64_encode(TINYIB_TRIPSEED), 0, 22))), 22, '/');
$database_modes = array('flatfile', 'mysql', 'mysqli', 'sqlite', 'sqlite3', 'pdo');
if (!in_array(TINYIB_DBMODE, $database_modes)) {
fancyDie(__('Unknown database mode specified.'));
}
if (TINYIB_DBMODE == 'pdo' && TINYIB_DBDRIVER == 'pgsql') {
$accounts_sql = 'CREATE TABLE "' . TINYIB_DBACCOUNTS . '" (
"id" bigserial NOT NULL,
"username" varchar(255) NOT NULL,
"password" text NOT NULL,
"role" integer NOT NULL,
"lastactive" integer NOT NULL,
PRIMARY KEY ("id")
);';
$bans_sql = 'CREATE TABLE "' . TINYIB_DBBANS . '" (
"id" bigserial NOT NULL,
"ip" varchar(255) NOT NULL,
"timestamp" integer NOT NULL,
"expire" integer NOT NULL,
"reason" text NOT NULL,
PRIMARY KEY ("id")
);
CREATE INDEX ON "' . TINYIB_DBBANS . '"("ip");';
$keywords_sql = 'CREATE TABLE "' . TINYIB_DBKEYWORDS . '" (
"id" bigserial NOT NULL,
"text" varchar(255) NOT NULL,
"action" varchar(255) NOT NULL,
PRIMARY KEY ("id")
);';
$logs_sql = 'CREATE TABLE "' . TINYIB_DBLOGS . '" (
"id" bigserial NOT NULL,
"timestamp" integer NOT NULL,
"account" integer NOT NULL,
"message" text NOT NULL,
PRIMARY KEY ("id")
);
CREATE INDEX ON "' . TINYIB_DBLOGS . '"("account");';
$posts_sql = 'CREATE TABLE "' . TINYIB_DBPOSTS . '" (
"id" bigserial NOT NULL,
"parent" integer NOT NULL,
@ -106,30 +158,48 @@ if (TINYIB_DBMODE == 'pdo' && TINYIB_DBDRIVER == 'pgsql') {
CREATE INDEX ON "' . TINYIB_DBPOSTS . '"("stickied");
CREATE INDEX ON "' . TINYIB_DBPOSTS . '"("moderated");';
$bans_sql = 'CREATE TABLE "' . TINYIB_DBBANS . '" (
"id" bigserial NOT NULL,
"ip" varchar(255) NOT NULL,
"timestamp" integer NOT NULL,
"expire" integer NOT NULL,
"reason" text NOT NULL,
PRIMARY KEY ("id")
);
CREATE INDEX ON "' . TINYIB_DBBANS . '"("ip");';
$reports_sql = 'CREATE TABLE "' . TINYIB_DBREPORTS . '" (
"id" bigserial NOT NULL,
"ip" varchar(255) NOT NULL,
"post" integer NOT NULL,
PRIMARY KEY ("id")
);';
$keywords_sql = 'CREATE TABLE "' . TINYIB_DBKEYWORDS . '" (
"id" bigserial NOT NULL,
"text" varchar(255) NOT NULL,
"action" varchar(255) NOT NULL,
PRIMARY KEY ("id")
);';
} else {
$accounts_sql = "CREATE TABLE `" . TINYIB_DBACCOUNTS . "` (
`id` mediumint(7) unsigned NOT NULL auto_increment,
`username` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL,
`password` text CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL,
`role` mediumint(7) unsigned NOT NULL,
`lastactive` int(20) unsigned NOT NULL,
PRIMARY KEY (`id`)
)";
$bans_sql = "CREATE TABLE `" . TINYIB_DBBANS . "` (
`id` mediumint(7) unsigned NOT NULL auto_increment,
`ip` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL,
`timestamp` int(20) NOT NULL,
`expire` int(20) NOT NULL,
`reason` text CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL,
PRIMARY KEY (`id`),
KEY `ip` (`ip`)
)";
$keywords_sql = "CREATE TABLE `" . TINYIB_DBKEYWORDS . "` (
`id` mediumint(7) unsigned NOT NULL auto_increment,
`text` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL,
`action` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL,
PRIMARY KEY (`id`)
)";
$logs_sql = "CREATE TABLE `" . TINYIB_DBLOGS . "` (
`id` mediumint(7) unsigned NOT NULL auto_increment,
`timestamp` int(20),
`account` mediumint(7) unsigned NOT NULL,
`message` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL,
PRIMARY KEY (`id`),
KEY `account` (`account`)
)";
$posts_sql = "CREATE TABLE `" . TINYIB_DBPOSTS . "` (
`id` mediumint(7) unsigned NOT NULL auto_increment,
`parent` mediumint(7) unsigned NOT NULL,
@ -162,29 +232,12 @@ if (TINYIB_DBMODE == 'pdo' && TINYIB_DBDRIVER == 'pgsql') {
KEY `moderated` (`moderated`)
)";
$bans_sql = "CREATE TABLE `" . TINYIB_DBBANS . "` (
`id` mediumint(7) unsigned NOT NULL auto_increment,
`ip` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL,
`timestamp` int(20) NOT NULL,
`expire` int(20) NOT NULL,
`reason` text CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL,
PRIMARY KEY (`id`),
KEY `ip` (`ip`)
)";
$reports_sql = "CREATE TABLE `" . TINYIB_DBREPORTS . "` (
`id` mediumint(7) unsigned NOT NULL auto_increment,
`ip` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL,
`post` int(20) NOT NULL,
PRIMARY KEY (`id`)
)";
$keywords_sql = "CREATE TABLE `" . TINYIB_DBKEYWORDS . "` (
`id` mediumint(7) unsigned NOT NULL auto_increment,
`text` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL,
`action` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL,
PRIMARY KEY (`id`)
)";
}
// Check directories are writable by the script
@ -198,29 +251,11 @@ foreach ($writedirs as $dir) {
}
}
$includes = array('inc/functions.php', 'inc/html.php', 'inc/database/' . TINYIB_DBMODE . '_link.php', 'inc/database/' . TINYIB_DBMODE . '.php');
$includes = array('inc/functions.php', 'inc/html.php', 'inc/database/' . TINYIB_DBMODE . '_link.php', 'inc/database/' . TINYIB_DBMODE . '.php', 'inc/database/database.php');
foreach ($includes as $include) {
require $include;
}
if (TINYIB_TRIPSEED == '' || TINYIB_ADMINPASS == '') {
fancyDie(__('TINYIB_TRIPSEED and TINYIB_ADMINPASS must be configured.'));
}
if ((TINYIB_CAPTCHA === 'hcaptcha' || TINYIB_MANAGECAPTCHA === 'hcaptcha') && (TINYIB_HCAPTCHA_SITE == '' || TINYIB_HCAPTCHA_SECRET == '')) {
fancyDie(__('TINYIB_HCAPTCHA_SITE and TINYIB_HCAPTCHA_SECRET must be configured.'));
}
if ((TINYIB_CAPTCHA === 'recaptcha' || TINYIB_MANAGECAPTCHA === 'recaptcha') && (TINYIB_RECAPTCHA_SITE == '' || TINYIB_RECAPTCHA_SECRET == '')) {
fancyDie(__('TINYIB_RECAPTCHA_SITE and TINYIB_RECAPTCHA_SECRET must be configured.'));
}
if (TINYIB_TIMEZONE != '') {
date_default_timezone_set(TINYIB_TIMEZONE);
}
$bcrypt_salt = '$2y$12$' . str_pad(str_replace('=', '/', str_replace('+', '.', substr(base64_encode(TINYIB_TRIPSEED), 0, 22))), 22, '/');
$redirect = true;
// Check if the request is to make a post
if (!isset($_GET['delete']) && !isset($_GET['manage']) && (isset($_POST['name']) || isset($_POST['email']) || isset($_POST['subject']) || isset($_POST['message']) || isset($_POST['file']) || isset($_POST['embed']) || isset($_POST['password']))) {
@ -228,7 +263,8 @@ if (!isset($_GET['delete']) && !isset($_GET['manage']) && (isset($_POST['name'])
fancyDie(__('Posting is currently disabled.<br>Please try again in a few moments.'));
}
list($loggedin, $isadmin) = manageCheckLogIn(false);
list($account, $loggedin, $isadmin) = manageCheckLogIn(false);
$rawpost = isRawPost();
$rawposttext = '';
if (!$loggedin) {
@ -512,7 +548,7 @@ if (!isset($_GET['delete']) && !isset($_GET['manage']) && (isset($_POST['name'])
$json_posts = array();
$posts = postsInThreadByID($thread_id);
if ($new_since > 0) {
foreach ($posts as $i => $post) {
foreach ($posts as $i => $post) {
if ($post['id'] <= $new_since) {
continue;
}
@ -554,9 +590,9 @@ if (!isset($_GET['delete']) && !isset($_GET['manage']) && (isset($_POST['name'])
$post = postByID($_POST['delete']);
if ($post) {
list($loggedin, $isadmin) = manageCheckLogIn(false);
list($account, $loggedin, $isadmin) = manageCheckLogIn(false);
if ($loggedin && $_POST['password'] == '') {
if (!empty($account) && $_POST['password'] == '') {
// Redirect to post moderation page
echo '--&gt; --&gt; --&gt;<meta http-equiv="refresh" content="0;url=' . basename($_SERVER['PHP_SELF']) . '?manage&moderate=' . $_POST['delete'] . '">';
} elseif ($post['password'] != '' && (hashData($_POST['password']) == $post['password'] || md5(md5($_POST['password'])) == $post['password'])) {
@ -592,7 +628,7 @@ if (!isset($_GET['delete']) && !isset($_GET['manage']) && (isset($_POST['name'])
die('--&gt; --&gt; --&gt;<meta http-equiv="refresh" content="0;url=imgboard.php">');
}
list($loggedin, $isadmin) = manageCheckLogIn(true);
list($account, $loggedin, $isadmin) = manageCheckLogIn(true);
if ($loggedin) {
if ($isadmin) {
@ -608,6 +644,57 @@ if (!isset($_GET['delete']) && !isset($_GET['manage']) && (isset($_POST['name'])
fancyDie(__('Reporting is disabled.'));
}
$text .= manageReportsPage($_GET['reports']);
} elseif (isset($_GET['accounts'])) {
if ($account['role'] != TINYIB_SUPER_ADMINISTRATOR) {
fancyDie(__('Access denied'));
}
$id = intval($_GET['accounts']);
if (isset($_POST['id'])) {
$id = intval($_POST['id']);
}
$a = array('id' => 0);
if ($id > 0) {
$a = accountByID($id);
if (empty($a)) {
fancyDie(__('Account not found.'));
}
if ($a['username'] == 'admin' && TINYIB_ADMINPASS != '') {
fancyDie(__('This account may not be updated while TINYIB_ADMINPASS is set.'));
} else if ($a['username'] == 'mod' && TINYIB_MODPASS != '') {
fancyDie(__('This account may not be updated while TINYIB_MODPASS is set.'));
}
}
if (isset($_POST['id'])) {
if ($id == 0 && $_POST['password'] == '') {
fancyDie(__('A password is required.'));
}
$a['username'] = $_POST['username'];
if ($_POST['password'] != '') {
$a['password'] = $_POST['password'];
}
$a['role'] = intval($_POST['role']);
if ($a['role'] !== TINYIB_SUPER_ADMINISTRATOR && $a['role'] != TINYIB_ADMINISTRATOR && $a['role'] != TINYIB_MODERATOR && $a['role'] != TINYIB_DISABLED) {
fancyDie(__('Invalid role.'));
}
if ($id == 0) {
insertAccount($a);
$text .= manageInfo(__('Added account'));
} else {
updateAccount($a);
$text .= manageInfo(__('Updated account'));
}
}
$onload = manageOnLoad('accounts');
$text .= manageAccountForm($_GET['accounts']);
if (intval($_GET['accounts']) == 0) {
$text .= manageAccountsTable();
}
} elseif (isset($_GET['bans'])) {
clearExpiredBans();
@ -690,22 +777,49 @@ if (!isset($_GET['delete']) && !isset($_GET['manage']) && (isset($_POST['name'])
<p>If you installed TinyIB without Git, you must <a href="https://code.rocketnine.space/tslocum/tinyib">update manually</a>. If you did install with Git, ensure the script has read and write access to the <b>.git</b> folder.</p>';
}
} elseif (isset($_GET['dbmigrate'])) {
if (TINYIB_DBMIGRATE !== '' && TINYIB_DBMIGRATE !== false) {
if (TINYIB_DBMIGRATE !== '' && TINYIB_DBMIGRATE !== false && TINYIB_DBMODE != TINYIB_DBMIGRATE) {
$mysql_modes = array('mysql', 'mysqli');
if (in_array(TINYIB_DBMODE, $mysql_modes) && in_array(TINYIB_DBMIGRATE, $mysql_modes)) {
fancyDie('TINYIB_DBMODE and TINYIB_DBMIGRATE are both set to MySQL database modes. No migration is necessary.');
}
$sqlite_modes = array('sqlite', 'sqlite3');
if (in_array(TINYIB_DBMODE, $sqlite_modes) && in_array(TINYIB_DBMIGRATE, $sqlite_modes)) {
fancyDie('TINYIB_DBMODE and TINYIB_DBMIGRATE are both set to SQLite database modes. No migration is necessary.');
}
if (!in_array(TINYIB_DBMIGRATE, $database_modes)) {
fancyDie(__('Unknown database mode specified.'));
}
if (isset($_GET['go'])) {
if (TINYIB_DBMODE == TINYIB_DBMIGRATE) {
fancyDie('Set TINYIB_DBMIGRATE to the desired TINYIB_DBMODE and enter in any database related settings in settings.php before migrating.');
}
$mysql_modes = array('mysql', 'mysqli');
if (in_array(TINYIB_DBMODE, $mysql_modes) && in_array(TINYIB_DBMIGRATE, $mysql_modes)) {
fancyDie('TINYIB_DBMODE and TINYIB_DBMIGRATE are both set to MySQL database modes. No migration is necessary.');
}
if (!in_array(TINYIB_DBMIGRATE, $database_modes)) {
fancyDie(__('Unknown database mode specified.'));
}
require 'inc/database/' . TINYIB_DBMIGRATE . '_link.php';
echo '<p>Migrating accounts...</p>';
$accounts = allAccounts();
foreach ($accounts as $account) {
migrateAccount($account);
}
echo '<p>Migrating bans...</p>';
$bans = allBans();
foreach ($bans as $ban) {
migrateBan($ban);
}
echo '<p>Migrating keywords...</p>';
$keywords = allKeywords();
foreach ($keywords as $keyword) {
migrateKeyword($keyword);
}
echo '<p>Migrating logs...</p>';
$logs = allLogs();
foreach ($logs as $log) {
migrateLog($log);
}
echo '<p>Migrating posts...</p>';
$threads = allThreads();
foreach ($threads as $thread) {
$posts = postsInThreadByID($thread['id']);
@ -714,17 +828,18 @@ if (!isset($_GET['delete']) && !isset($_GET['manage']) && (isset($_POST['name'])
}
}
$bans = allBans();
foreach ($bans as $ban) {
migrateBan($ban);
echo '<p>Migrating reports...</p>';
$reports = allReports();
foreach ($reports as $report) {
migrateReport($report);
}
echo '<p><b>Database migration complete</b>. Set TINYIB_DBMODE to mysqli and TINYIB_DBMIGRATE to false, then click <b>Rebuild All</b> above and ensure everything looks the way it should.</p>';
echo '<p><b>Database migration complete</b>. Set TINYIB_DBMODE to the new database mode and TINYIB_DBMIGRATE to false, then click <b>Rebuild All</b> above and ensure everything looks and works as it should.</p>';
} else {
$text .= '<p>Your original database will not be deleted. If the migration fails, disable the tool and your board will be unaffected. See the <a href="https://code.rocketnine.space/tslocum/tinyib/src/branch/master/README.md" target="_blank">README</a> <small>(<a href="README.md" target="_blank">alternate link</a>)</small> for instructions.</a><br><br><a href="?manage&dbmigrate&go"><b>Start the migration</b></a></p>';
}
} else {
fancyDie('Set TINYIB_DBMIGRATE to true in settings.php to use this feature.');
fancyDie('Set TINYIB_DBMIGRATE to the desired TINYIB_DBMODE and enter in any database related settings in settings.php before migrating.');
}
}
}
@ -813,10 +928,25 @@ if (!isset($_GET['delete']) && !isset($_GET['manage']) && (isset($_POST['name'])
} elseif (isset($_GET["rawpost"])) {
$onload = manageOnLoad("rawpost");
$text .= buildPostForm(0, true);
}
} elseif (isset($_GET['changepassword'])) {
if ($account['username'] == 'admin' && TINYIB_ADMINPASS != '') {
fancyDie(__('This account may not be updated while TINYIB_ADMINPASS is set.'));
} else if ($account['username'] == 'mod' && TINYIB_MODPASS != '') {
fancyDie(__('This account may not be updated while TINYIB_MODPASS is set.'));
}
if ($text == '') {
$text = manageStatus();
if (isset($_POST['password'])) {
if ($_POST['password'] == '') {
fancyDie(__('A password is required.'));
}
$account['password'] = $_POST['password'];
updateAccount($account);
$text .= manageInfo(__('Password updated'));
}
$text .= manageChangePasswordForm();
}
} else {
$onload = manageOnLoad('login');
@ -830,4 +960,4 @@ if (!isset($_GET['delete']) && !isset($_GET['manage']) && (isset($_POST['name'])
if ($redirect) {
echo '--&gt; --&gt; --&gt;<meta http-equiv="refresh" content="' . (isset($slow_redirect) ? '3' : '0') . ';url=' . (is_string($redirect) ? $redirect : TINYIB_INDEX) . '">';
}
}

23
inc/database/database.php Normal file
View File

@ -0,0 +1,23 @@
<?php
if (TINYIB_ADMINPASS != '') {
$admin = accountByUsername('admin');
if (!empty($admin)) {
$admin['password'] = TINYIB_ADMINPASS;
updateAccount($admin);
} else {
$admin = array('username' => 'admin', 'password' => TINYIB_ADMINPASS, 'role' => TINYIB_SUPER_ADMINISTRATOR);
insertAccount($admin);
}
}
if (TINYIB_MODPASS != '') {
$mod = accountByUsername('mod');
if (!empty($mod)) {
$mod['password'] = TINYIB_MODPASS;
updateAccount($mod);
} else {
$mod = array('username' => 'mod', 'password' => TINYIB_MODPASS, 'role' => TINYIB_MODERATOR);
insertAccount($mod);
}
}

View File

@ -3,6 +3,218 @@ if (!defined('TINYIB_BOARD')) {
die('');
}
// Account functions
function accountByID($id) {
$rows = $GLOBALS['db']->selectWhere(ACCOUNTS_FILE, new SimpleWhereClause(ACCOUNT_ID, '=', $id, INTEGER_COMPARISON), 1);
if (isset($rows[0])) {
return $rows[0];
}
return array();
}
function accountByUsername($username) {
$rows = $GLOBALS['db']->selectWhere(ACCOUNTS_FILE, new SimpleWhereClause(ACCOUNT_USERNAME, '=', $username, STRING_COMPARISON), 1);
if (isset($rows[0])) {
return $rows[0];
}
return array();
}
function allAccounts() {
$rows = $GLOBALS['db']->selectWhere(ACCOUNTS_FILE, NULL, -1, array(new OrderBy(ACCOUNT_ROLE, ASCENDING, INTEGER_COMPARISON), new OrderBy(ACCOUNT_USERNAME, ASCENDING, STRING_COMPARISON)));
return convertAccountsToSQLStyle($rows);
}
function convertAccountsToSQLStyle($accounts, $single = false) {
$newaccounts = array();
foreach ($accounts as $a) {
$account = array();
$account['id'] = $a[ACCOUNT_ID];
$account['username'] = $a[ACCOUNT_USERNAME];
$account['password'] = $a[ACCOUNT_PASSWORD];
$account['role'] = $a[ACCOUNT_ROLE];
$account['lastactive'] = $a[ACCOUNT_LASTACTIVE];
if ($single) {
return $account;
}
$newaccounts[] = $account;
}
return $newaccounts;
}
function insertAccount($a) {
$account = array();
$account[ACCOUNT_ID] = '0';
$account[ACCOUNT_USERNAME] = $a['username'];
$account[ACCOUNT_PASSWORD] = hashData($a['password']);
$account[ACCOUNT_ROLE] = $a['role'];
$account[ACCOUNT_LASTACTIVE] = 0;
$GLOBALS['db']->insertWithAutoId(ACCOUNTS_FILE, ACCOUNT_ID, $account);
}
function updateAccount($a) {
$account = array();
$account[ACCOUNT_ID] = $a['id'];
$account[ACCOUNT_USERNAME] = $a['username'];
$account[ACCOUNT_PASSWORD] = hashData($a['password']);
$account[ACCOUNT_ROLE] = $a['role'];
$account[ACCOUNT_LASTACTIVE] = $a['lastactive'];
$GLOBALS['db']->updateRowById(ACCOUNTS_FILE, ACCOUNT_ID, $account);
}
function deleteAccountByID($id) {
$GLOBALS['db']->deleteWhere(ACCOUNTS_FILE, new SimpleWhereClause(ACCOUNT_ID, '=', $id, INTEGER_COMPARISON));
}
// Ban functions
function banByID($id) {
return convertBansToSQLStyle($GLOBALS['db']->selectWhere(BANS_FILE, new SimpleWhereClause(BAN_ID, '=', $id, INTEGER_COMPARISON), 1), true);
}
function banByIP($ip) {
$compClause = new OrWhereClause();
$compClause->add(new SimpleWhereClause(BAN_IP, '=', $ip, STRING_COMPARISON));
$compClause->add(new SimpleWhereClause(BAN_IP, '=', hashData($ip), STRING_COMPARISON));
return convertBansToSQLStyle($GLOBALS['db']->selectWhere(BANS_FILE, $compClause, 1), true);
}
function allBans() {
$rows = $GLOBALS['db']->selectWhere(BANS_FILE, NULL, -1, new OrderBy(BAN_TIMESTAMP, DESCENDING, INTEGER_COMPARISON));
return convertBansToSQLStyle($rows);
}
function convertBansToSQLStyle($bans, $single = false) {
$newbans = array();
foreach ($bans as $oldban) {
$ban = array();
$ban['id'] = $oldban[BAN_ID];
$ban['ip'] = $oldban[BAN_IP];
$ban['timestamp'] = $oldban[BAN_TIMESTAMP];
$ban['expire'] = $oldban[BAN_EXPIRE];
$ban['reason'] = $oldban[BAN_REASON];
if ($single) {
return $ban;
}
$newbans[] = $ban;
}
return $newbans;
}
function insertBan($newban) {
$ban = array();
$ban[BAN_ID] = '0';
$ban[BAN_IP] = hashData($newban['ip']);
$ban[BAN_TIMESTAMP] = time();
$ban[BAN_EXPIRE] = $newban['expire'];
$ban[BAN_REASON] = $newban['reason'];
return $GLOBALS['db']->insertWithAutoId(BANS_FILE, BAN_ID, $ban);
}
function clearExpiredBans() {
$compClause = new AndWhereClause();
$compClause->add(new SimpleWhereClause(BAN_EXPIRE, '>', 0, INTEGER_COMPARISON));
$compClause->add(new SimpleWhereClause(BAN_EXPIRE, '<=', time(), INTEGER_COMPARISON));
$bans = $GLOBALS['db']->selectWhere(BANS_FILE, $compClause, -1);
foreach ($bans as $ban) {
deleteBanByID($ban[BAN_ID]);
}
}
function deleteBanByID($id) {
$GLOBALS['db']->deleteWhere(BANS_FILE, new SimpleWhereClause(BAN_ID, '=', $id, INTEGER_COMPARISON));
}
// Keyword functions
function keywordByID($id) {
$clause = new SimpleWhereClause(KEYWORD_ID, '=', $id, INTEGER_COMPARISON);
return convertKeywordsToSQLStyle($GLOBALS['db']->selectWhere(KEYWORDS_FILE, $clause, 1), true);
}
function keywordByText($text) {
$text = strtolower($text);
$clause = new SimpleWhereClause(KEYWORD_TEXT, '=', $text, STRING_COMPARISON);
return convertKeywordsToSQLStyle($GLOBALS['db']->selectWhere(KEYWORDS_FILE, $clause, 1), true);
}
function allKeywords() {
$rows = $GLOBALS['db']->selectWhere(KEYWORDS_FILE, NULL, -1, new OrderBy(KEYWORD_TEXT, ASCENDING, INTEGER_COMPARISON));
return convertKeywordsToSQLStyle($rows);
}
function convertKeywordsToSQLStyle($keywords, $single = false) {
$newkeywords = array();
foreach ($keywords as $oldkeyword) {
$keyword = array();
$keyword['id'] = $oldkeyword[KEYWORD_ID];
$keyword['text'] = $oldkeyword[KEYWORD_TEXT];
$keyword['action'] = $oldkeyword[KEYWORD_ACTION];
if ($single) {
return $keyword;
}
$newkeywords[] = $keyword;
}
return $newkeywords;
}
function insertKeyword($newkeyword) {
$newkeyword['text'] = strtolower($newkeyword['text']);
$keyword = array();
$keyword[KEYWORD_ID] = '0';
$keyword[KEYWORD_TEXT] = $newkeyword['text'];
$keyword[KEYWORD_ACTION] = $newkeyword['action'];
$GLOBALS['db']->insertWithAutoId(KEYWORDS_FILE, KEYWORD_ID, $keyword);
}
function deleteKeyword($id) {
$GLOBALS['db']->deleteWhere(KEYWORDS_FILE, new SimpleWhereClause(KEYWORD_ID, '=', $id, INTEGER_COMPARISON));
}
// Log functions
function allLogs() {
$rows = $GLOBALS['db']->selectWhere(LOGS_FILE, NULL, -1, new OrderBy(LOG_ID, DESCENDING, INTEGER_COMPARISON));
return convertLogsToSQLStyle($rows);
}
function convertLogsToSQLStyle($logs, $single = false) {
$newlogs = array();
foreach ($logs as $l) {
$log = array();
$log['id'] = $l[LOG_ID];
$log['timestamp'] = $l[LOG_TIMESTAMP];
$log['account'] = $l[LOG_ACCOUNT];
$log['message'] = $l[LOG_MESSAGE];
if ($single) {
return $log;
}
$newlogs[] = $log;
}
return $newlogs;
}
function insertLog($l) {
$log = array();
$log['id'] = '0';
$log['timestamp'] = $l[LOG_TIMESTAMP];
$log['account'] = $l[LOG_ACCOUNT];
$log['message'] = $l[LOG_MESSAGE];
$GLOBALS['db']->insertWithAutoId(LOGS_FILE, LOG_ID, $log);
}
function deleteLog($id) {
$GLOBALS['db']->deleteWhere(LOGS_FILE, new SimpleWhereClause(LOG_ID, '=', $id, INTEGER_COMPARISON));
}
// Post functions
function uniquePosts() {
return 0; // Unsupported by this database option
@ -96,7 +308,7 @@ function countThreads() {
return count($rows);
}
function convertPostsToSQLStyle($posts, $singlepost = false) {
function convertPostsToSQLStyle($posts, $single = false) {
$newposts = array();
foreach ($posts as $oldpost) {
$post = newPost();
@ -129,7 +341,7 @@ function convertPostsToSQLStyle($posts, $singlepost = false) {
$post['parent'] = TINYIB_NEWTHREAD;
}
if ($singlepost) {
if ($single) {
return $post;
}
$newposts[] = $post;
@ -201,67 +413,6 @@ function lastPostByIP() {
return convertPostsToSQLStyle($rows, true);
}
// Ban functions
function banByID($id) {
return convertBansToSQLStyle($GLOBALS['db']->selectWhere(BANS_FILE, new SimpleWhereClause(BAN_ID, '=', $id, INTEGER_COMPARISON), 1), true);
}
function banByIP($ip) {
$compClause = new OrWhereClause();
$compClause->add(new SimpleWhereClause(BAN_IP, '=', $ip, STRING_COMPARISON));
$compClause->add(new SimpleWhereClause(BAN_IP, '=', hashData($ip), STRING_COMPARISON));
return convertBansToSQLStyle($GLOBALS['db']->selectWhere(BANS_FILE, $compClause, 1), true);
}
function allBans() {
$rows = $GLOBALS['db']->selectWhere(BANS_FILE, NULL, -1, new OrderBy(BAN_TIMESTAMP, DESCENDING, INTEGER_COMPARISON));
return convertBansToSQLStyle($rows);
}
function convertBansToSQLStyle($bans, $singleban = false) {
$newbans = array();
foreach ($bans as $oldban) {
$ban = array();
$ban['id'] = $oldban[BAN_ID];
$ban['ip'] = $oldban[BAN_IP];
$ban['timestamp'] = $oldban[BAN_TIMESTAMP];
$ban['expire'] = $oldban[BAN_EXPIRE];
$ban['reason'] = $oldban[BAN_REASON];
if ($singleban) {
return $ban;
}
$newbans[] = $ban;
}
return $newbans;
}
function insertBan($newban) {
$ban = array();
$ban[BAN_ID] = '0';
$ban[BAN_IP] = hashData($newban['ip']);
$ban[BAN_TIMESTAMP] = time();
$ban[BAN_EXPIRE] = $newban['expire'];
$ban[BAN_REASON] = $newban['reason'];
return $GLOBALS['db']->insertWithAutoId(BANS_FILE, BAN_ID, $ban);
}
function clearExpiredBans() {
$compClause = new AndWhereClause();
$compClause->add(new SimpleWhereClause(BAN_EXPIRE, '>', 0, INTEGER_COMPARISON));
$compClause->add(new SimpleWhereClause(BAN_EXPIRE, '<=', time(), INTEGER_COMPARISON));
$bans = $GLOBALS['db']->selectWhere(BANS_FILE, $compClause, -1);
foreach ($bans as $ban) {
deleteBanByID($ban[BAN_ID]);
}
}
function deleteBanByID($id) {
$GLOBALS['db']->deleteWhere(BANS_FILE, new SimpleWhereClause(BAN_ID, '=', $id, INTEGER_COMPARISON));
}
// Report functions
function reportByIP($post, $ip) {
$ipClause = new OrWhereClause();
@ -284,7 +435,7 @@ function allReports() {
return convertReportsToSQLStyle($rows);
}
function convertReportsToSQLStyle($reports, $singlereport = false) {
function convertReportsToSQLStyle($reports, $single = false) {
$newreports = array();
foreach ($reports as $oldreport) {
$report = array();
@ -292,7 +443,7 @@ function convertReportsToSQLStyle($reports, $singlereport = false) {
$report['ip'] = $oldreport[REPORT_IP];
$report['post'] = $oldreport[REPORT_POST];
if ($singlereport) {
if ($single) {
return $report;
}
$newreports[] = $report;
@ -320,50 +471,3 @@ function deleteReportsByIP($ip) {
$GLOBALS['db']->deleteWhere(REPORTS_FILE, $ipClause);
}
// Keyword functions
function keywordByID($id) {
$clause = new SimpleWhereClause(KEYWORD_ID, '=', $id, INTEGER_COMPARISON);
return convertKeywordsToSQLStyle($GLOBALS['db']->selectWhere(KEYWORDS_FILE, $clause, 1), true);
}
function keywordByText($text) {
$text = strtolower($text);
$clause = new SimpleWhereClause(KEYWORD_TEXT, '=', $text, STRING_COMPARISON);
return convertKeywordsToSQLStyle($GLOBALS['db']->selectWhere(KEYWORDS_FILE, $clause, 1), true);
}
function allKeywords() {
$rows = $GLOBALS['db']->selectWhere(KEYWORDS_FILE, NULL, -1, new OrderBy(KEYWORD_TEXT, ASCENDING, INTEGER_COMPARISON));
return convertKeywordsToSQLStyle($rows);
}
function convertKeywordsToSQLStyle($keywords, $singlekeyword = false) {
$newkeywords = array();
foreach ($keywords as $oldkeyword) {
$keyword = array();
$keyword['id'] = $oldkeyword[KEYWORD_ID];
$keyword['text'] = $oldkeyword[KEYWORD_TEXT];
$keyword['action'] = $oldkeyword[KEYWORD_ACTION];
if ($singlekeyword) {
return $keyword;
}
$newkeywords[] = $keyword;
}
return $newkeywords;
}
function insertKeyword($newkeyword) {
$newkeyword['text'] = strtolower($newkeyword['text']);
$keyword = array();
$keyword[KEYWORD_ID] = '0';
$keyword[KEYWORD_TEXT] = $newkeyword['text'];
$keyword[KEYWORD_ACTION] = $newkeyword['action'];
$GLOBALS['db']->insertWithAutoId(KEYWORDS_FILE, KEYWORD_ID, $keyword);
}
function deleteKeyword($id) {
$GLOBALS['db']->deleteWhere(KEYWORDS_FILE, new SimpleWhereClause(KEYWORD_ID, '=', $id, INTEGER_COMPARISON));
}

View File

@ -3,6 +3,35 @@ if (!defined('TINYIB_BOARD')) {
die('');
}
// Accounts table
define('ACCOUNTS_FILE', '.accounts');
define('ACCOUNT_ID', 0);
define('ACCOUNT_USERNAME', 1);
define('ACCOUNT_PASSWORD', 2);
define('ACCOUNT_ROLE', 3);
define('ACCOUNT_LASTACTIVE', 4);
// Bans table
define('BANS_FILE', '.bans');
define('BAN_ID', 0);
define('BAN_IP', 1);
define('BAN_TIMESTAMP', 2);
define('BAN_EXPIRE', 3);
define('BAN_REASON', 4);
// Keywords table
define('KEYWORDS_FILE', '.keywords');
define('KEYWORD_ID', 0);
define('KEYWORD_TEXT', 1);
define('KEYWORD_ACTION', 2);
// Log table
define('LOGS_FILE', '.logs');
define('LOG_ID', 0);
define('LOG_TIMESTAMP', 1);
define('LOG_ACCOUNT', 2);
define('LOG_MESSAGE', 3);
// Posts table
define('POSTS_FILE', '.posts');
define('POST_ID', 0);
@ -31,26 +60,12 @@ define('POST_STICKIED', 22);
define('POST_LOCKED', 23);
define('POST_MODERATED', 24);
// Bans table
define('BANS_FILE', '.bans');
define('BAN_ID', 0);
define('BAN_IP', 1);
define('BAN_TIMESTAMP', 2);
define('BAN_EXPIRE', 3);
define('BAN_REASON', 4);
// Reports table
define('REPORTS_FILE', '.reports');
define('REPORT_ID', 0);
define('REPORT_IP', 1);
define('REPORT_POST', 2);
// Keywords table
define('KEYWORDS_FILE', '.keywords');
define('KEYWORD_ID', 0);
define('KEYWORD_TEXT', 1);
define('KEYWORD_ACTION', 2);
require_once 'flatfile/flatfile.php';
$db = new Flatfile();
$db->datadir = 'inc/database/flatfile/';
@ -60,59 +75,78 @@ if (file_exists('inc/flatfile/' . POSTS_FILE)) {
}
if (function_exists('insertPost')) {
function migratePost($newpost) {
$post = array();
$post[POST_ID] = $newpost['id'];
$post[POST_PARENT] = $newpost['parent'];
$post[POST_TIMESTAMP] = $newpost['timestamp'];
$post[POST_BUMPED] = $newpost['bumped'];
$post[POST_IP] = $newpost['ip'];
$post[POST_NAME] = $newpost['name'];
$post[POST_TRIPCODE] = $newpost['tripcode'];
$post[POST_EMAIL] = $newpost['email'];
$post[POST_NAMEBLOCK] = $newpost['nameblock'];
$post[POST_SUBJECT] = $newpost['subject'];
$post[POST_MESSAGE] = $newpost['message'];
$post[POST_PASSWORD] = $newpost['password'];
$post[POST_FILE] = $newpost['file'];
$post[POST_FILE_HEX] = $newpost['file_hex'];
$post[POST_FILE_ORIGINAL] = $newpost['file_original'];
$post[POST_FILE_SIZE] = $newpost['file_size'];
$post[POST_FILE_SIZE_FORMATTED] = $newpost['file_size_formatted'];
$post[POST_IMAGE_WIDTH] = $newpost['image_width'];
$post[POST_IMAGE_HEIGHT] = $newpost['image_height'];
$post[POST_THUMB] = $newpost['thumb'];
$post[POST_THUMB_WIDTH] = $newpost['thumb_width'];
$post[POST_THUMB_HEIGHT] = $newpost['thumb_height'];
$post[POST_MODERATED] = $newpost['moderated'];
$post[POST_STICKIED] = $newpost['stickied'];
$post[POST_LOCKED] = $newpost['locked'];
$GLOBALS['db']->insertWithAutoId(POSTS_FILE, POST_ID, $post);
function migrateAccount($a) {
$account = array();
$account[ACCOUNT_ID] = $a['id'];
$account[ACCOUNT_USERNAME] = $a['username'];
$account[ACCOUNT_PASSWORD] = $a['password'];
$account[ACCOUNT_ROLE] = $a['role'];
$account[ACCOUNT_LASTACTIVE] = $a['lastactive'];
$GLOBALS['db']->insertWithAutoId(ACCOUNTS_FILE, ACCOUNT_ID, $account);
}
function migrateBan($newban) {
function migrateBan($b) {
$ban = array();
$ban[BAN_ID] = $newban['id'];
$ban[BAN_IP] = $newban['ip'];
$ban[BAN_TIMESTAMP] = $newban['timestamp'];
$ban[BAN_EXPIRE] = $newban['expire'];
$ban[BAN_REASON] = $newban['reason'];
$ban[BAN_ID] = $b['id'];
$ban[BAN_IP] = $b['ip'];
$ban[BAN_TIMESTAMP] = $b['timestamp'];
$ban[BAN_EXPIRE] = $b['expire'];
$ban[BAN_REASON] = $b['reason'];
$GLOBALS['db']->insertWithAutoId(BANS_FILE, BAN_ID, $ban);
}
function migrateReport($newreport) {
$report = array();
$report[REPORT_ID] = $newreport['id'];
$report[REPORT_IP] = $newreport['ip'];
$report[REPORT_POST] = $newreport['post'];
$GLOBALS['db']->insertWithAutoId(REPORTS_FILE, REPORT_ID, $report);
}
function migrateKeyword($newkeyword) {
function migrateKeyword($k) {
$keyword = array();
$keyword[KEYWORD_ID] = $newkeyword['id'];
$keyword[KEYWORD_TEXT] = $newkeyword['text'];
$keyword[KEYWORD_ACTION] = $newkeyword['action'];
$keyword[KEYWORD_ID] = $k['id'];
$keyword[KEYWORD_TEXT] = $k['text'];
$keyword[KEYWORD_ACTION] = $k['action'];
$GLOBALS['db']->insertWithAutoId(KEYWORDS_FILE, KEYWORD_ID, $keyword);
}
function migrateLog($l) {
$log = array();
$log[LOG_ID] = $l['id'];
$log[LOG_TIMESTAMP] = $l['timestamp'];
$log[LOG_ACCOUNT] = $l['account'];
$log[LOG_MESSAGE] = $l['message'];
$GLOBALS['db']->insertWithAutoId(LOGS_FILE, LOG_ID, $log);
}
function migratePost($p) {
$post = array();
$post[POST_ID] = $p['id'];
$post[POST_PARENT] = $p['parent'];
$post[POST_TIMESTAMP] = $p['timestamp'];
$post[POST_BUMPED] = $p['bumped'];
$post[POST_IP] = $p['ip'];
$post[POST_NAME] = $p['name'];
$post[POST_TRIPCODE] = $p['tripcode'];
$post[POST_EMAIL] = $p['email'];
$post[POST_NAMEBLOCK] = $p['nameblock'];
$post[POST_SUBJECT] = $p['subject'];
$post[POST_MESSAGE] = $p['message'];
$post[POST_PASSWORD] = $p['password'];
$post[POST_FILE] = $p['file'];
$post[POST_FILE_HEX] = $p['file_hex'];
$post[POST_FILE_ORIGINAL] = $p['file_original'];
$post[POST_FILE_SIZE] = $p['file_size'];
$post[POST_FILE_SIZE_FORMATTED] = $p['file_size_formatted'];
$post[POST_IMAGE_WIDTH] = $p['image_width'];
$post[POST_IMAGE_HEIGHT] = $p['image_height'];
$post[POST_THUMB] = $p['thumb'];
$post[POST_THUMB_WIDTH] = $p['thumb_width'];
$post[POST_THUMB_HEIGHT] = $p['thumb_height'];
$post[POST_MODERATED] = $p['moderated'];
$post[POST_STICKIED] = $p['stickied'];
$post[POST_LOCKED] = $p['locked'];
$GLOBALS['db']->insertWithAutoId(POSTS_FILE, POST_ID, $post);
}
function migrateReport($r) {
$report = array();
$report[REPORT_ID] = $r['id'];
$report[REPORT_IP] = $r['ip'];
$report[REPORT_POST] = $r['post'];
$GLOBALS['db']->insertWithAutoId(REPORTS_FILE, REPORT_ID, $report);
}
}

View File

@ -3,6 +3,47 @@ if (!defined('TINYIB_BOARD')) {
die('');
}
// Account functions
function accountByID($id) {
$result = mysql_query("SELECT * FROM `" . TINYIB_DBACCOUNTS . "` WHERE `id` = '" . mysql_real_escape_string($id) . "' LIMIT 1");
if ($result) {
while ($account = mysql_fetch_assoc($result)) {
return $account;
}
}
}
function accountByUsername($username) {
$result = mysql_query("SELECT * FROM `" . TINYIB_DBACCOUNTS . "` WHERE `username` = '" . mysql_real_escape_string($username) . "' LIMIT 1");
if ($result) {
while ($account = mysql_fetch_assoc($result)) {
return $account;
}
}
}
function allAccounts($username) {
$result = mysql_query("SELECT * FROM `" . TINYIB_DBACCOUNTS . "` ORDER BY `role` ASC, `username` ASC");
if ($result) {
while ($account = mysql_fetch_assoc($result)) {
return $account;
}
}
}
function insertAccount($account) {
mysql_query("INSERT INTO `" . TINYIB_DBACCOUNTS . "` (`username`, `password`, `role`, `lastactive`) VALUES (" . $account['username'] . ", '" . hashData($account['password']) . "', '" . mysql_real_escape_string($account['role']) . "', '0')");
return mysql_insert_id();
}
function updateAccount($account) {
mysql_query("UPDATE `" . TINYIB_DBACCOUNTS . "` SET `username` = " . $account['username'] . ", `password` = '" . hashData($account['password']) . "', `role` = '" . mysql_real_escape_string($account['role']) . "', `lastactive` = " . mysql_real_escape_string($account['lastactive']) . " WHERE `id` = '" . mysql_real_escape_string($account['id']) . "'");
}
function deleteAccountByID($id) {
mysql_query("DELETE FROM `" . TINYIB_DBACCOUNTS . "` WHERE `id` = '" . mysql_real_escape_string($id) . "'");
}
// Post functions
function uniquePosts() {
$row = mysql_fetch_row(mysql_query("SELECT COUNT(DISTINCT(`ip`)) FROM " . TINYIB_DBPOSTS));

View File

@ -17,26 +17,31 @@ if (!$db_selected) {
}
mysql_query("SET NAMES 'utf8mb4'");
// Create the posts table if it does not exist
if (mysql_num_rows(mysql_query("SHOW TABLES LIKE '" . TINYIB_DBPOSTS . "'")) == 0) {
mysql_query($posts_sql);
// Create tables (when necessary)
if (mysql_num_rows(mysql_query("SHOW TABLES LIKE '" . TINYIB_DBACCOUNTS . "'")) == 0) {
mysql_query($accounts_sql);
}
// Create the bans table if it does not exist
if (mysql_num_rows(mysql_query("SHOW TABLES LIKE '" . TINYIB_DBBANS . "'")) == 0) {
mysql_query($bans_sql);
}
// Create the reports table if it does not exist
if (mysql_num_rows(mysql_query("SHOW TABLES LIKE '" . TINYIB_DBREPORTS . "'")) == 0) {
mysql_query($reports_sql);
}
// Create the keywords table if it does not exist
if (mysql_num_rows(mysql_query("SHOW TABLES LIKE '" . TINYIB_DBKEYWORDS . "'")) == 0) {
mysql_query($keywords_sql);
}
if (mysql_num_rows(mysql_query("SHOW TABLES LIKE '" . TINYIB_DBLOGS . "'")) == 0) {
mysql_query($logs_sql);
}
if (mysql_num_rows(mysql_query("SHOW TABLES LIKE '" . TINYIB_DBPOSTS . "'")) == 0) {
mysql_query($posts_sql);
}
if (mysql_num_rows(mysql_query("SHOW TABLES LIKE '" . TINYIB_DBREPORTS . "'")) == 0) {
mysql_query($reports_sql);
}
if (mysql_num_rows(mysql_query("SHOW COLUMNS FROM `" . TINYIB_DBPOSTS . "` LIKE 'stickied'")) == 0) {
mysql_query("ALTER TABLE `" . TINYIB_DBPOSTS . "` ADD COLUMN stickied TINYINT(1) NOT NULL DEFAULT '0'");
}
@ -51,19 +56,27 @@ mysql_query("ALTER TABLE `" . TINYIB_DBPOSTS . "` MODIFY ip VARCHAR(255) NOT NUL
mysql_query("ALTER TABLE `" . TINYIB_DBBANS . "` MODIFY ip VARCHAR(255) NOT NULL DEFAULT ''");
if (function_exists('insertPost')) {
function migratePost($post) {
mysql_query("INSERT INTO " . TINYIB_DBPOSTS . " (id, parent, timestamp, bumped, ip, name, tripcode, email, nameblock, subject, message, password, file, file_hex, file_original, file_size, file_size_formatted, image_width, image_height, thumb, thumb_width, thumb_height, moderated, stickied, locked) VALUES (" . $post['id'] . ", " . $post['parent'] . ", " . $post['timestamp'] . ", " . $post['bumped'] . ", '" . mysql_real_escape_string($post['ip']) . "', '" . mysql_real_escape_string($post['name']) . "', '" . mysql_real_escape_string($post['tripcode']) . "', '" . mysql_real_escape_string($post['email']) . "', '" . mysql_real_escape_string($post['nameblock']) . "', '" . mysql_real_escape_string($post['subject']) . "', '" . mysql_real_escape_string($post['message']) . "', '" . mysql_real_escape_string($post['password']) . "', '" . $post['file'] . "', '" . $post['file_hex'] . "', '" . mysql_real_escape_string($post['file_original']) . "', " . $post['file_size'] . ", '" . $post['file_size_formatted'] . "', " . $post['image_width'] . ", " . $post['image_height'] . ", '" . $post['thumb'] . "', " . $post['thumb_width'] . ", " . $post['thumb_height'] . ", " . $post['moderated'] . ", " . $post['stickied'] . ", " . $post['locked'] . ")");
function migrateAccount($account) {
mysql_query("INSERT INTO " . TINYIB_DBACCOUNTS . " (id, username, password, role, lastactive) VALUES ('" . mysql_real_escape_string($account['id']) . "', '" . mysql_real_escape_string($account['username']) . "', '" . mysql_real_escape_string($account['password']) . "', '" . mysql_real_escape_string($account['role']) . "', '" . mysql_real_escape_string($account['lastactive']) . "')");
}
function migrateBan($ban) {
mysql_query("INSERT INTO " . TINYIB_DBBANS . " (id, ip, timestamp, expire, reason) VALUES (" . mysql_real_escape_string($ban['id']) . "', '" . mysql_real_escape_string($ban['ip']) . "', '" . mysql_real_escape_string($ban['timestamp']) . "', '" . mysql_real_escape_string($ban['expire']) . "', '" . mysql_real_escape_string($ban['reason']) . "')");
}
function migrateReport($report) {
mysql_query("INSERT INTO " . TINYIB_DBREPORTS . " (id, ip, post) VALUES ('" . mysql_real_escape_string($report['id']) . "', '" . mysql_real_escape_string($report['ip']) . "', '" . mysql_real_escape_string($report['post']) . "')");
}
function migrateKeyword($keyword) {
mysql_query("INSERT INTO " . TINYIB_DBKEYWORDS . " (id, text, action) VALUES ('" . mysql_real_escape_string($keyword['id']) . "', '" . mysql_real_escape_string($keyword['text']) . "', '" . mysql_real_escape_string($keyword['action']) . "')");
}
function migrateLog($log) {
mysql_query("INSERT INTO " . TINYIB_DBLOGS . " (id, timestamp, account, message) VALUES ('" . mysql_real_escape_string($log['id']) . "', '" . mysql_real_escape_string($log['timestamp']) . "', '" . mysql_real_escape_string($log['account']) . "', '" . mysql_real_escape_string($log['message']) . "')");
}
function migratePost($post) {
mysql_query("INSERT INTO " . TINYIB_DBPOSTS . " (id, parent, timestamp, bumped, ip, name, tripcode, email, nameblock, subject, message, password, file, file_hex, file_original, file_size, file_size_formatted, image_width, image_height, thumb, thumb_width, thumb_height, moderated, stickied, locked) VALUES (" . $post['id'] . ", " . $post['parent'] . ", " . $post['timestamp'] . ", " . $post['bumped'] . ", '" . mysql_real_escape_string($post['ip']) . "', '" . mysql_real_escape_string($post['name']) . "', '" . mysql_real_escape_string($post['tripcode']) . "', '" . mysql_real_escape_string($post['email']) . "', '" . mysql_real_escape_string($post['nameblock']) . "', '" . mysql_real_escape_string($post['subject']) . "', '" . mysql_real_escape_string($post['message']) . "', '" . mysql_real_escape_string($post['password']) . "', '" . $post['file'] . "', '" . $post['file_hex'] . "', '" . mysql_real_escape_string($post['file_original']) . "', " . $post['file_size'] . ", '" . $post['file_size_formatted'] . "', " . $post['image_width'] . ", " . $post['image_height'] . ", '" . $post['thumb'] . "', " . $post['thumb_width'] . ", " . $post['thumb_height'] . ", " . $post['moderated'] . ", " . $post['stickied'] . ", " . $post['locked'] . ")");
}
function migrateReport($report) {
mysql_query("INSERT INTO " . TINYIB_DBREPORTS . " (id, ip, post) VALUES ('" . mysql_real_escape_string($report['id']) . "', '" . mysql_real_escape_string($report['ip']) . "', '" . mysql_real_escape_string($report['post']) . "')");
}
}

View File

@ -3,6 +3,55 @@ if (!defined('TINYIB_BOARD')) {
die('');
}
// Account functions
function accountByID($id) {
global $link;
$result = mysqli_query($link, "SELECT * FROM `" . TINYIB_DBACCOUNTS . "` WHERE `id` = '" . mysqli_real_escape_string($link, $id) . "' LIMIT 1");
if ($result) {
while ($account = mysqli_fetch_assoc($result)) {
return $account;
}
}
}
function accountByUsername($username) {
global $link;
$result = mysqli_query($link, "SELECT * FROM `" . TINYIB_DBACCOUNTS . "` WHERE `username` = '" . mysqli_real_escape_string($link, $username) . "' LIMIT 1");
if ($result) {
while ($account = mysqli_fetch_assoc($result)) {
return $account;
}
}
}
function allAccounts() {
global $link;
$accounts = array();
$result = mysqli_query($link, "SELECT * FROM `" . TINYIB_DBACCOUNTS . "` ORDER BY `role` ASC, `username` ASC");
if ($result) {
while ($account = mysqli_fetch_assoc($result)) {
$accounts[] = $account;
}
}
return $accounts;
}
function insertAccount($account) {
global $link;
mysqli_query($link, "INSERT INTO `" . TINYIB_DBACCOUNTS . "` (`username`, `password`, `role`, `lastactive`) VALUES ('" . mysqli_real_escape_string($link, $account['username']) . "', '" . mysqli_real_escape_string($link, hashData($account['password'])) . "', '" . mysqli_real_escape_string($link, $account['role']) . "', '0')");
return mysqli_insert_id($link);
}
function updateAccount($account) {
global $link;
mysqli_query($link, "UPDATE `" . TINYIB_DBACCOUNTS . "` SET `username` = '" . mysqli_real_escape_string($link, $account['username']) . "', `password` = '" . mysqli_real_escape_string($link, hashData($account['password'])) . "', `role` = '" . mysqli_real_escape_string($link, $account['role']) . "', `lastactive` = " . mysqli_real_escape_string($link, $account['lastactive']) . " WHERE `id` = " . mysqli_real_escape_string($link, $account['id']) . " LIMIT 1");
}
function deleteAccountByID($id) {
global $link;
mysqli_query($link, "DELETE FROM `" . TINYIB_DBACCOUNTS . "` WHERE `id` = " . mysqli_real_escape_string($link, $id) . " LIMIT 1");
}
// Post functions
function uniquePosts() {
global $link;

View File

@ -17,26 +17,31 @@ if (!$db_selected) {
}
mysqli_query($link, "SET NAMES 'utf8mb4'");
// Create the posts table if it does not exist
if (mysqli_num_rows(mysqli_query($link, "SHOW TABLES LIKE '" . TINYIB_DBPOSTS . "'")) == 0) {
mysqli_query($link, $posts_sql);
// Create tables (when necessary)
if (mysqli_num_rows(mysqli_query($link, "SHOW TABLES LIKE '" . TINYIB_DBACCOUNTS . "'")) == 0) {
mysqli_query($link, $accounts_sql);
}
// Create the bans table if it does not exist
if (mysqli_num_rows(mysqli_query($link, "SHOW TABLES LIKE '" . TINYIB_DBBANS . "'")) == 0) {
mysqli_query($link, $bans_sql);
}
// Create the reports table if it does not exist
if (mysqli_num_rows(mysqli_query($link, "SHOW TABLES LIKE '" . TINYIB_DBREPORTS . "'")) == 0) {
mysqli_query($link, $reports_sql);
}
// Create the keywords table if it does not exist
if (mysqli_num_rows(mysqli_query($link, "SHOW TABLES LIKE '" . TINYIB_DBKEYWORDS . "'")) == 0) {
mysqli_query($link, $keywords_sql);
}
if (mysqli_num_rows(mysqli_query($link, "SHOW TABLES LIKE '" . TINYIB_DBLOGS . "'")) == 0) {
mysqli_query($link, $logs_sql);
}
if (mysqli_num_rows(mysqli_query($link, "SHOW TABLES LIKE '" . TINYIB_DBPOSTS . "'")) == 0) {
mysqli_query($link, $posts_sql);
}
if (mysqli_num_rows(mysqli_query($link, "SHOW TABLES LIKE '" . TINYIB_DBREPORTS . "'")) == 0) {
mysqli_query($link, $reports_sql);
}
if (mysqli_num_rows(mysqli_query($link, "SHOW COLUMNS FROM `" . TINYIB_DBPOSTS . "` LIKE 'stickied'")) == 0) {
mysqli_query($link, "ALTER TABLE `" . TINYIB_DBPOSTS . "` ADD COLUMN stickied TINYINT(1) NOT NULL DEFAULT '0'");
}
@ -51,9 +56,9 @@ mysqli_query($link, "ALTER TABLE `" . TINYIB_DBPOSTS . "` MODIFY ip VARCHAR(255)
mysqli_query($link, "ALTER TABLE `" . TINYIB_DBBANS . "` MODIFY ip VARCHAR(255) NOT NULL DEFAULT ''");
if (function_exists('insertPost')) {
function migratePost($post) {
function migrateAccount($account) {
global $link;
mysqli_query($link, "INSERT INTO `" . TINYIB_DBPOSTS . "` (`id`, `parent`, `timestamp`, `bumped`, `ip`, `name`, `tripcode`, `email`, `nameblock`, `subject`, `message`, `password`, `file`, `file_hex`, `file_original`, `file_size`, `file_size_formatted`, `image_width`, `image_height`, `thumb`, `thumb_width`, `thumb_height`, `moderated`, `stickied`, `locked`) VALUES (" . $post['id'] . ", " . $post['parent'] . ", " . $post['timestamp'] . ", " . $post['bumped'] . ", '" . mysqli_real_escape_string($link, $post['ip']) . "', '" . mysqli_real_escape_string($link, $post['name']) . "', '" . mysqli_real_escape_string($link, $post['tripcode']) . "', '" . mysqli_real_escape_string($link, $post['email']) . "', '" . mysqli_real_escape_string($link, $post['nameblock']) . "', '" . mysqli_real_escape_string($link, $post['subject']) . "', '" . mysqli_real_escape_string($link, $post['message']) . "', '" . mysqli_real_escape_string($link, $post['password']) . "', '" . $post['file'] . "', '" . $post['file_hex'] . "', '" . mysqli_real_escape_string($link, $post['file_original']) . "', " . $post['file_size'] . ", '" . $post['file_size_formatted'] . "', " . $post['image_width'] . ", " . $post['image_height'] . ", '" . $post['thumb'] . "', " . $post['thumb_width'] . ", " . $post['thumb_height'] . ", " . $post['moderated'] . ", " . $post['stickied'] . ", " . $post['locked'] . ")");
sqlite_query($GLOBALS["db"], "INSERT INTO " . TINYIB_DBACCOUNTS . " (id, username, password, role, lastactive) VALUES (" . mysqli_real_escape_string($link, $account['id']) . "', '" . mysqli_real_escape_string($link, $account['username']) . "', '" . mysqli_real_escape_string($link, $account['password']) . "', '" . mysqli_real_escape_string($link, $account['role']) . "', '" . mysqli_real_escape_string($link, $account['lastactive']) . "')");
}
function migrateBan($ban) {
@ -61,13 +66,23 @@ if (function_exists('insertPost')) {
sqlite_query($GLOBALS["db"], "INSERT INTO " . TINYIB_DBBANS . " (id, ip, timestamp, expire, reason) VALUES (" . mysqli_real_escape_string($link, $ban['id']) . "', '" . mysqli_real_escape_string($link, $ban['ip']) . "', '" . mysqli_real_escape_string($link, $ban['timestamp']) . "', '" . mysqli_real_escape_string($link, $ban['expire']) . "', '" . mysqli_real_escape_string($link, $ban['reason']) . "')");
}
function migrateReport($report) {
global $link;
sqlite_query($GLOBALS["db"], "INSERT INTO " . TINYIB_DBREPORTS . " (id, ip, post) VALUES ('" . mysqli_real_escape_string($link, $report['id']) . "', '" . mysqli_real_escape_string($link, $report['ip']) . "', '" . mysqli_real_escape_string($link, $report['post']) . "')");
}
function migrateKeyword($keyword) {
global $link;
sqlite_query($GLOBALS["db"], "INSERT INTO " . TINYIB_DBKEYWORDS . " (id, text, action) VALUES ('" . mysqli_real_escape_string($link, $keyword['id']) . "', '" . mysqli_real_escape_string($link, $keyword['text']) . "', '" . mysqli_real_escape_string($link, $keyword['action']) . "')");
}
function migrateLog($log) {
global $link;
sqlite_query($GLOBALS["db"], "INSERT INTO " . TINYIB_DBLOGS . " (id, timestamp, account, message) VALUES ('" . mysqli_real_escape_string($link, $log['id']) . "', '" . mysqli_real_escape_string($link, $log['timestamp']) . "', '" . mysqli_real_escape_string($link, $log['account']) . "', '" . mysqli_real_escape_string($link, $log['message']) . "')");
}
function migratePost($post) {
global $link;
mysqli_query($link, "INSERT INTO `" . TINYIB_DBPOSTS . "` (`id`, `parent`, `timestamp`, `bumped`, `ip`, `name`, `tripcode`, `email`, `nameblock`, `subject`, `message`, `password`, `file`, `file_hex`, `file_original`, `file_size`, `file_size_formatted`, `image_width`, `image_height`, `thumb`, `thumb_width`, `thumb_height`, `moderated`, `stickied`, `locked`) VALUES (" . $post['id'] . ", " . $post['parent'] . ", " . $post['timestamp'] . ", " . $post['bumped'] . ", '" . mysqli_real_escape_string($link, $post['ip']) . "', '" . mysqli_real_escape_string($link, $post['name']) . "', '" . mysqli_real_escape_string($link, $post['tripcode']) . "', '" . mysqli_real_escape_string($link, $post['email']) . "', '" . mysqli_real_escape_string($link, $post['nameblock']) . "', '" . mysqli_real_escape_string($link, $post['subject']) . "', '" . mysqli_real_escape_string($link, $post['message']) . "', '" . mysqli_real_escape_string($link, $post['password']) . "', '" . $post['file'] . "', '" . $post['file_hex'] . "', '" . mysqli_real_escape_string($link, $post['file_original']) . "', " . $post['file_size'] . ", '" . $post['file_size_formatted'] . "', " . $post['image_width'] . ", " . $post['image_height'] . ", '" . $post['thumb'] . "', " . $post['thumb_width'] . ", " . $post['thumb_height'] . ", " . $post['moderated'] . ", " . $post['stickied'] . ", " . $post['locked'] . ")");
}
function migrateReport($report) {
global $link;
sqlite_query($GLOBALS["db"], "INSERT INTO " . TINYIB_DBREPORTS . " (id, ip, post) VALUES ('" . mysqli_real_escape_string($link, $report['id']) . "', '" . mysqli_real_escape_string($link, $report['ip']) . "', '" . mysqli_real_escape_string($link, $report['post']) . "')");
}
}

View File

@ -3,6 +3,43 @@ if (!defined('TINYIB_BOARD')) {
die('');
}
// Account functions
function accountByID($id) {
$result = pdoQuery("SELECT * FROM " . TINYIB_DBACCOUNTS . " WHERE id = ?", array($id));
return $result->fetch(PDO::FETCH_ASSOC);
}
function accountByUsername($username) {
$result = pdoQuery("SELECT * FROM " . TINYIB_DBACCOUNTS . " WHERE username = ? LIMIT 1", array($username));
return $result->fetch(PDO::FETCH_ASSOC);
}
function allAccounts() {
$accounts = array();
$results = pdoQuery("SELECT * FROM " . TINYIB_DBACCOUNTS . " ORDER BY role ASC, username ASC");
while ($row = $results->fetch(PDO::FETCH_ASSOC)) {
$accounts[] = $row;
}
return $accounts;
}
function insertAccount($account) {
global $dbh;
$stm = $dbh->prepare("INSERT INTO " . TINYIB_DBACCOUNTS . " (username, password, role, lastactive) VALUES (?, ?, ?, ?)");
$stm->execute(array($account['username'], hashData($account['password']), $account['role'], 0));
return $dbh->lastInsertId();
}
function updateAccount($account) {
global $dbh;
$stm = $dbh->prepare("UPDATE " . TINYIB_DBACCOUNTS . " SET username = ?, password = ?, role = ?, lastactive = ? WHERE id = ?");
$stm->execute(array($account['username'], hashData($account['password']), $account['role'], $account['lastactive'], $account['id']));
}
function deleteAccountByID($id) {
pdoQuery("DELETE FROM " . TINYIB_DBACCOUNTS . " WHERE id = ?", array($id));
}
// Post functions
function uniquePosts() {
$result = pdoQuery("SELECT COUNT(DISTINCT(ip)) FROM " . TINYIB_DBPOSTS);

View File

@ -28,19 +28,40 @@ try {
fancyDie("Failed to connect to the database: " . $e->getMessage());
}
// Create the posts table if it does not exist
// Create tables (when necessary)
if (TINYIB_DBDRIVER === 'pgsql') {
$query = "SELECT COUNT(*) FROM pg_catalog.pg_tables WHERE tablename LIKE " . $dbh->quote(TINYIB_DBPOSTS);
$posts_exists = $dbh->query($query)->fetchColumn() != 0;
$query = "SELECT COUNT(*) FROM pg_catalog.pg_tables WHERE tablename LIKE " . $dbh->quote(TINYIB_DBACCOUNTS);
$accounts_exists = $dbh->query($query)->fetchColumn() != 0;
} else {
$dbh->query("SHOW TABLES LIKE " . $dbh->quote(TINYIB_DBPOSTS));
$posts_exists = $dbh->query("SELECT FOUND_ROWS()")->fetchColumn() != 0;
$dbh->query("SHOW TABLES LIKE " . $dbh->quote(TINYIB_DBACCOUNTS));
$accounts_exists = $dbh->query("SELECT FOUND_ROWS()")->fetchColumn() != 0;
}
if (!$posts_exists) {
$dbh->exec($posts_sql);
if (!$accounts_exists) {
$dbh->exec($accounts_sql);
}
if (TINYIB_DBDRIVER === 'pgsql') {
$query = "SELECT COUNT(*) FROM pg_catalog.pg_tables WHERE tablename LIKE " . $dbh->quote(TINYIB_DBLOGS);
$logs_exists = $dbh->query($query)->fetchColumn() != 0;
} else {
$dbh->query("SHOW TABLES LIKE " . $dbh->quote(TINYIB_DBLOGS));
$logs_exists = $dbh->query("SELECT FOUND_ROWS()")->fetchColumn() != 0;
}
if (!$logs_exists) {
$dbh->exec($logs_sql);
}
if (TINYIB_DBDRIVER === 'pgsql') {
$query = "SELECT COUNT(*) FROM pg_catalog.pg_tables WHERE tablename LIKE " . $dbh->quote(TINYIB_DBKEYWORDS);
$keywords_exists = $dbh->query($query)->fetchColumn() != 0;
} else {
$dbh->query("SHOW TABLES LIKE " . $dbh->quote(TINYIB_DBKEYWORDS));
$keywords_exists = $dbh->query("SELECT FOUND_ROWS()")->fetchColumn() != 0;
}
if (!$keywords_exists) {
$dbh->exec($keywords_sql);
}
// Create the bans table if it does not exist
if (TINYIB_DBDRIVER === 'pgsql') {
$query = "SELECT COUNT(*) FROM pg_catalog.pg_tables WHERE tablename LIKE " . $dbh->quote(TINYIB_DBBANS);
$bans_exists = $dbh->query($query)->fetchColumn() != 0;
@ -52,7 +73,17 @@ if (!$bans_exists) {
$dbh->exec($bans_sql);
}
// Create the reports table if it does not exist
if (TINYIB_DBDRIVER === 'pgsql') {
$query = "SELECT COUNT(*) FROM pg_catalog.pg_tables WHERE tablename LIKE " . $dbh->quote(TINYIB_DBPOSTS);
$posts_exists = $dbh->query($query)->fetchColumn() != 0;
} else {
$dbh->query("SHOW TABLES LIKE " . $dbh->quote(TINYIB_DBPOSTS));
$posts_exists = $dbh->query("SELECT FOUND_ROWS()")->fetchColumn() != 0;
}
if (!$posts_exists) {
$dbh->exec($posts_sql);
}
if (TINYIB_DBDRIVER === 'pgsql') {
$query = "SELECT COUNT(*) FROM pg_catalog.pg_tables WHERE tablename LIKE " . $dbh->quote(TINYIB_DBREPORTS);
$reports_exists = $dbh->query($query)->fetchColumn() != 0;
@ -64,18 +95,6 @@ if (!$reports_exists) {
$dbh->exec($reports_sql);
}
// Create the keywords table if it does not exist
if (TINYIB_DBDRIVER === 'pgsql') {
$query = "SELECT COUNT(*) FROM pg_catalog.pg_tables WHERE tablename LIKE " . $dbh->quote(TINYIB_DBKEYWORDS);
$keywords_exists = $dbh->query($query)->fetchColumn() != 0;
} else {
$dbh->query("SHOW TABLES LIKE " . $dbh->quote(TINYIB_DBKEYWORDS));
$keywords_exists = $dbh->query("SELECT FOUND_ROWS()")->fetchColumn() != 0;
}
if (!$keywords_exists) {
$dbh->exec($keywords_sql);
}
if (TINYIB_DBDRIVER === 'pgsql') {
$query = "SELECT column_name FROM information_schema.columns WHERE table_name='" . TINYIB_DBPOSTS . "' and column_name='moderated'";
$moderated_exists = $dbh->query($query)->fetchColumn() != 0;
@ -137,6 +156,30 @@ function pdoQuery($sql, $params = false) {
}
if (function_exists('insertPost')) {
function migrateAccount($account) {
global $dbh;
$stm = $dbh->prepare("INSERT INTO " . TINYIB_DBACCOUNTS . " (id, username, password, role, lastactive) VALUES (?, ?, ?, ?, ?)");
$stm->execute(array($account['id'], $account['username'], $account['password'], $account['role'], $account['lastactive']));
}
function migrateBan($ban) {
global $dbh;
$stm = $dbh->prepare("INSERT INTO " . TINYIB_DBBANS . " (id, ip, timestamp, expire, reason) VALUES (?, ?, ?, ?, ?)");
$stm->execute(array($ban['id'], $ban['ip'], $ban['timestamp'], $ban['expire'], $ban['reason']));
}
function migrateKeyword($keyword) {
global $dbh;
$stm = $dbh->prepare("INSERT INTO " . TINYIB_DBKEYWORDS . " (id, text, action) VALUES (?, ?, ?)");
$stm->execute(array($keyword['id'], $keyword['text'], $keyword['action']));
}
function migrateLog($log) {
global $dbh;
$stm = $dbh->prepare("INSERT INTO " . TINYIB_DBLOGS . " (id, timestamp, account, message) VALUES (?, ?, ?, ?)");
$stm->execute(array($log['id'], $log['timestamp'], $log['account'], $log['message']));
}
function migratePost($post) {
global $dbh;
$stm = $dbh->prepare("INSERT INTO " . TINYIB_DBPOSTS . " (id, parent, timestamp, bumped, ip, name, tripcode, email, nameblock, subject, message, password, file, file_hex, file_original, file_size, file_size_formatted, image_width, image_height, thumb, thumb_width, thumb_height, moderated, stickied, locked) " .
@ -147,21 +190,9 @@ if (function_exists('insertPost')) {
$post['image_width'], $post['image_height'], $post['thumb'], $post['thumb_width'], $post['thumb_height'], $post['moderated'], $post['stickied'], $post['locked']));
}
function migrateBan($ban) {
global $dbh;
$stm = $dbh->prepare("INSERT INTO " . TINYIB_DBBANS . " (id, ip, timestamp, expire, reason) VALUES (?, ?, ?, ?, ?)");
$stm->execute(array($ban['id'], $ban['ip'], $ban['timestamp'], $ban['expire'], $ban['reason']));
}
function migrateReport($report) {
global $dbh;
$stm = $dbh->prepare("INSERT INTO " . TINYIB_DBREPORTS . " (id, ip, post) VALUES (?, ?, ?)");
$stm->execute(array($report['id'], $report['ip'], $report['post']));
}
function migrateKeyword($keyword) {
global $dbh;
$stm = $dbh->prepare("INSERT INTO " . TINYIB_DBKEYWORDS . " (id, text, action) VALUES (?, ?, ?)");
$stm->execute(array($keyword['id'], $keyword['text'], $keyword['action']));
}
}

View File

@ -3,6 +3,43 @@ if (!defined('TINYIB_BOARD')) {
die('');
}
// Account functions
function accountByID($id) {
$result = sqlite_fetch_all(sqlite_query($GLOBALS["db"], "SELECT * FROM " . TINYIB_DBACCOUNTS . " WHERE id = '" . sqlite_escape_string($id) . "' LIMIT 1"), SQLITE_ASSOC);
foreach ($result as $account) {
return $account;
}
}
function accountByUsername($username) {
$result = sqlite_fetch_all(sqlite_query($GLOBALS["db"], "SELECT * FROM " . TINYIB_DBACCOUNTS . " WHERE username = '" . sqlite_escape_string($username) . "' LIMIT 1"), SQLITE_ASSOC);
foreach ($result as $account) {
return $account;
}
}
function allAccounts() {
$accounts = array();
$result = sqlite_fetch_all(sqlite_query($GLOBALS["db"], "SELECT * FROM " . TINYIB_DBACCOUNTS . " ORDER BY role ASC, username ASC"), SQLITE_ASSOC);
foreach ($result as $account) {
$accounts[] = $account;
}
return $accounts;
}
function insertAccount($account) {
sqlite_query($GLOBALS["db"], "INSERT INTO " . TINYIB_DBACCOUNTS . " (username, password, role, lastactive) VALUES ('" . sqlite_escape_string($account['username']) . "', '" . sqlite_escape_string(hashData($account['password'])) . "', '" . sqlite_escape_string($account['role']) . "', '0')");
return sqlite_last_insert_rowid($GLOBALS["db"]);
}
function updateAccount($account) {
sqlite_query($GLOBALS["db"], "UPDATE " . TINYIB_DBACCOUNTS . " SET username = '" . sqlite_escape_string($account['username']) . "', password = '" . sqlite_escape_string(hashData($account['password'])) . "', role = '" . sqlite_escape_string($account['role']) . "', lastactive = '" . sqlite_escape_string($account['lastactive']) . "' WHERE id = " . sqlite_escape_string($account['id']));
}
function deleteAccountByID($id) {
sqlite_query($GLOBALS["db"], "DELETE FROM " . TINYIB_DBACCOUNTS . " WHERE id = " . sqlite_escape_string($id));
}
// Post functions
function uniquePosts() {
return sqlite_fetch_single(sqlite_query($GLOBALS["db"], "SELECT COUNT(ip) FROM (SELECT DISTINCT ip FROM " . TINYIB_DBPOSTS . ")"));

View File

@ -3,6 +3,50 @@ if (!defined('TINYIB_BOARD')) {
die('');
}
// Account functions
function accountByID($id) {
global $db;
$result = $db->query("SELECT * FROM " . TINYIB_DBACCOUNTS . " WHERE id = '" . $db->escapeString($id) . "' LIMIT 1");
while ($account = $result->fetchArray()) {
return $account;
}
}
function accountByUsername($username) {
global $db;
$result = $db->query("SELECT * FROM " . TINYIB_DBACCOUNTS . " WHERE username = '" . $db->escapeString($username) . "' LIMIT 1");
while ($account = $result->fetchArray()) {
return $account;
}
}
function allAccounts() {
global $db;
$accounts = array();
$result = $db->query("SELECT * FROM " . TINYIB_DBACCOUNTS . " ORDER BY role ASC, username ASC");
while ($account = $result->fetchArray()) {
$accounts[] = $account;
}
return $accounts;
}
function insertAccount($account) {
global $db;
$db->exec("INSERT INTO " . TINYIB_DBACCOUNTS . " (username, password, role, lastactive) VALUES ('" . $db->escapeString($account['username']) . "', '" . $db->escapeString(hashData($account['password'])) . "', '" . $db->escapeString($account['role']) . "', '0')");
return $db->lastInsertRowID();
}
function updateAccount($account) {
global $db;
$db->exec("UPDATE " . TINYIB_DBACCOUNTS . " SET username = '" . $db->escapeString($account['username']) . "', password = '" . $db->escapeString(hashData($account['password'])) . "', role = '" . $db->escapeString($account['role']) . "', lastactive = '" . $db->escapeString($account['lastactive']) . "' WHERE id = " . $db->escapeString($account['id']));
return $db->lastInsertRowID();
}
function deleteAccountByID($id) {
global $db;
$db->exec("DELETE FROM " . TINYIB_DBACCOUNTS . " WHERE id = " . $db->escapeString($id));
}
// Post functions
function uniquePosts() {
global $db;
@ -132,52 +176,6 @@ function lastPostByIP() {
}
}
// Ban functions
function banByID($id) {
global $db;
$result = $db->query("SELECT * FROM " . TINYIB_DBBANS . " WHERE id = '" . $db->escapeString($id) . "' LIMIT 1");
while ($ban = $result->fetchArray()) {
return $ban;
}
}
function banByIP($ip) {
global $db;
$result = $db->query("SELECT * FROM " . TINYIB_DBBANS . " WHERE ip = '" . $db->escapeString($ip) . "' OR ip = '" . $db->escapeString(hashData($ip)) . "' LIMIT 1");
while ($ban = $result->fetchArray()) {
return $ban;
}
}
function allBans() {
global $db;
$bans = array();
$result = $db->query("SELECT * FROM " . TINYIB_DBBANS . " ORDER BY timestamp DESC");
while ($ban = $result->fetchArray()) {
$bans[] = $ban;
}
return $bans;
}
function insertBan($ban) {
global $db;
$db->exec("INSERT INTO " . TINYIB_DBBANS . " (ip, timestamp, expire, reason) VALUES ('" . $db->escapeString(hashData($ban['ip'])) . "', " . time() . ", '" . $db->escapeString($ban['expire']) . "', '" . $db->escapeString($ban['reason']) . "')");
return $db->lastInsertRowID();
}
function clearExpiredBans() {
global $db;
$result = $db->query("SELECT * FROM " . TINYIB_DBBANS . " WHERE expire > 0 AND expire <= " . time());
while ($ban = $result->fetchArray()) {
$db->exec("DELETE FROM " . TINYIB_DBBANS . " WHERE id = " . $ban['id']);
}
}
function deleteBanByID($id) {
global $db;
$db->exec("DELETE FROM " . TINYIB_DBBANS . " WHERE id = " . $db->escapeString($id));
}
// Report functions
function reportByIP($post, $ip) {
global $db;

View File

@ -12,7 +12,48 @@ if (!$db) {
fancyDie("Could not connect to database: " . $db->lastErrorMsg());
}
// Create the posts table if it does not exist
// Create tables (when necessary)
$result = $db->query("SELECT name FROM sqlite_master WHERE type='table' AND name='" . TINYIB_DBACCOUNTS . "'");
if (!$result->fetchArray()) {
$db->exec("CREATE TABLE " . TINYIB_DBACCOUNTS . " (
id INTEGER PRIMARY KEY,
username TEXT NOT NULL,
password TEXT NOT NULL,
role INTEGER NOT NULL,
lastactive TIMESTAMP NOT NULL
)");
}
$result = $db->query("SELECT name FROM sqlite_master WHERE type='table' AND name='" . TINYIB_DBBANS . "'");
if (!$result->fetchArray()) {
$db->exec("CREATE TABLE " . TINYIB_DBBANS . " (
id INTEGER PRIMARY KEY,
ip TEXT NOT NULL,
timestamp TIMESTAMP NOT NULL,
expire TIMESTAMP NOT NULL,
reason TEXT NOT NULL
)");
}
$result = $db->query("SELECT name FROM sqlite_master WHERE type='table' AND name='" . TINYIB_DBKEYWORDS . "'");
if (!$result->fetchArray()) {
$db->exec("CREATE TABLE " . TINYIB_DBKEYWORDS . " (
id INTEGER PRIMARY KEY,
text TEXT NOT NULL,
action TEXT NOT NULL
)");
}
$result = $db->query("SELECT name FROM sqlite_master WHERE type='table' AND name='" . TINYIB_DBLOGS . "'");
if (!$result->fetchArray()) {
$db->exec("CREATE TABLE " . TINYIB_DBLOGS . " (
id INTEGER PRIMARY KEY,
timestamp TIMESTAMP NOT NULL,
account INTEGER NOT NULL,
message TEXT NOT NULL
)");
}
$result = $db->query("SELECT name FROM sqlite_master WHERE type='table' AND name='" . TINYIB_DBPOSTS . "'");
if (!$result->fetchArray()) {
$db->exec("CREATE TABLE " . TINYIB_DBPOSTS . " (
@ -44,19 +85,6 @@ if (!$result->fetchArray()) {
)");
}
// Create the bans table if it does not exist
$result = $db->query("SELECT name FROM sqlite_master WHERE type='table' AND name='" . TINYIB_DBBANS . "'");
if (!$result->fetchArray()) {
$db->exec("CREATE TABLE " . TINYIB_DBBANS . " (
id INTEGER PRIMARY KEY,
ip TEXT NOT NULL,
timestamp TIMESTAMP NOT NULL,
expire TIMESTAMP NOT NULL,
reason TEXT NOT NULL
)");
}
// Create the reports table if it does not exist
$result = $db->query("SELECT name FROM sqlite_master WHERE type='table' AND name='" . TINYIB_DBREPORTS . "'");
if (!$result->fetchArray()) {
$db->exec("CREATE TABLE " . TINYIB_DBREPORTS . " (
@ -66,16 +94,6 @@ if (!$result->fetchArray()) {
)");
}
// Create the keywords table if it does not exist
$result = $db->query("SELECT name FROM sqlite_master WHERE type='table' AND name='" . TINYIB_DBKEYWORDS . "'");
if (!$result->fetchArray()) {
$db->exec("CREATE TABLE " . TINYIB_DBKEYWORDS . " (
id INTEGER PRIMARY KEY,
text TEXT NOT NULL,
action TEXT NOT NULL
)");
}
// Add moderated column if it isn't present
@$db->exec("ALTER TABLE " . TINYIB_DBPOSTS . " ADD COLUMN moderated INTEGER NOT NULL DEFAULT '0'");
@ -86,9 +104,9 @@ if (!$result->fetchArray()) {
@$db->exec("ALTER TABLE " . TINYIB_DBPOSTS . " ADD COLUMN locked INTEGER NOT NULL DEFAULT '0'");
if (function_exists('insertPost')) {
function migratePost($post) {
function migrateAccount($account) {
global $db;
$db->exec("INSERT INTO " . TINYIB_DBPOSTS . " (id, parent, timestamp, bumped, ip, name, tripcode, email, nameblock, subject, message, password, file, file_hex, file_original, file_size, file_size_formatted, image_width, image_height, thumb, thumb_width, thumb_height, moderated, stickied, locked) VALUES (" . $post['id'] . ", " . $post['parent'] . ", " . $post['timestamp'] . ", " . $post['bumped'] . ", '" . $db->escapeString($post['ip']) . "', '" . $db->escapeString($post['name']) . "', '" . $db->escapeString($post['tripcode']) . "', '" . $db->escapeString($post['email']) . "', '" . $db->escapeString($post['nameblock']) . "', '" . $db->escapeString($post['subject']) . "', '" . $db->escapeString($post['message']) . "', '" . $db->escapeString($post['password']) . "', '" . $post['file'] . "', '" . $post['file_hex'] . "', '" . $db->escapeString($post['file_original']) . "', " . $post['file_size'] . ", '" . $post['file_size_formatted'] . "', " . $post['image_width'] . ", " . $post['image_height'] . ", '" . $post['thumb'] . "', " . $post['thumb_width'] . ", " . $post['thumb_height'] . ", " . $post['moderated'] . ", " . $post['stickied'] . ", " . $post['locked'] . ")");
$db->exec("INSERT INTO " . TINYIB_DBACCOUNTS . " (id, username, password, role, lastactive) VALUES (" . $db->escapeString($account['id']) . ", '" . $db->escapeString($account['username']) . "', " . $db->escapeString($account['password']) . ", " . $db->escapeString($account['role']) . ", '" . $db->escapeString($account['lastactive']) . "')");
}
function migrateBan($ban) {
@ -96,13 +114,23 @@ if (function_exists('insertPost')) {
$db->exec("INSERT INTO " . TINYIB_DBBANS . " (id, ip, timestamp, expire, reason) VALUES (" . $db->escapeString($ban['id']) . ", '" . $db->escapeString($ban['ip']) . "', " . $db->escapeString($ban['timestamp']) . ", " . $db->escapeString($ban['expire']) . ", '" . $db->escapeString($ban['reason']) . "')");
}
function migrateReport($report) {
global $db;
$db->exec("INSERT INTO " . TINYIB_DBREPORTS . " (id, ip, post) VALUES ('" . $db->escapeString($report['id']) . "', '" . $db->escapeString($report['ip']) . "', '" . $db->escapeString($report['post']) . "')");
}
function migrateKeyword($keyword) {
global $db;
$db->exec("INSERT INTO " . TINYIB_DBKEYWORDS . " (id, text, action) VALUES ('" . $db->escapeString($keyword['id']) . "', '" . $db->escapeString($keyword['text']) . "', '" . $db->escapeString($keyword['action']) . "')");
}
function migrateLog($log) {
global $db;
$db->exec("INSERT INTO " . TINYIB_DBLOGS . " (id, timestamp, account, message) VALUES ('" . $db->escapeString($log['id']) . "', '" . $db->escapeString($log['timestamp']) . "', '" . $db->escapeString($log['account']) . "', '" . $db->escapeString($log['message']) . "')");
}
function migratePost($post) {
global $db;
$db->exec("INSERT INTO " . TINYIB_DBPOSTS . " (id, parent, timestamp, bumped, ip, name, tripcode, email, nameblock, subject, message, password, file, file_hex, file_original, file_size, file_size_formatted, image_width, image_height, thumb, thumb_width, thumb_height, moderated, stickied, locked) VALUES (" . $post['id'] . ", " . $post['parent'] . ", " . $post['timestamp'] . ", " . $post['bumped'] . ", '" . $db->escapeString($post['ip']) . "', '" . $db->escapeString($post['name']) . "', '" . $db->escapeString($post['tripcode']) . "', '" . $db->escapeString($post['email']) . "', '" . $db->escapeString($post['nameblock']) . "', '" . $db->escapeString($post['subject']) . "', '" . $db->escapeString($post['message']) . "', '" . $db->escapeString($post['password']) . "', '" . $post['file'] . "', '" . $post['file_hex'] . "', '" . $db->escapeString($post['file_original']) . "', " . $post['file_size'] . ", '" . $post['file_size_formatted'] . "', " . $post['image_width'] . ", " . $post['image_height'] . ", '" . $post['thumb'] . "', " . $post['thumb_width'] . ", " . $post['thumb_height'] . ", " . $post['moderated'] . ", " . $post['stickied'] . ", " . $post['locked'] . ")");
}
function migrateReport($report) {
global $db;
$db->exec("INSERT INTO " . TINYIB_DBREPORTS . " (id, ip, post) VALUES ('" . $db->escapeString($report['id']) . "', '" . $db->escapeString($report['ip']) . "', '" . $db->escapeString($report['post']) . "')");
}
}

View File

@ -11,7 +11,48 @@ if (!$db = sqlite_open(TINYIB_DBPATH, 0666, $error)) {
fancyDie("Could not connect to database: " . $error);
}
// Create the posts table if it does not exist
// Create tables (when necessary)
$result = sqlite_query($db, "SELECT name FROM sqlite_master WHERE type='table' AND name='" . TINYIB_DBACCOUNTS . "'");
if (sqlite_num_rows($result) == 0) {
sqlite_query($db, "CREATE TABLE " . TINYIB_DBACCOUNTS . " (
id INTEGER PRIMARY KEY,
username TEXT NOT NULL,
password TEXT NOT NULL,
role INTEGER NOT NULL,
lastactive TIMESTAMP NOT NULL
)");
}
$result = sqlite_query($db, "SELECT name FROM sqlite_master WHERE type='table' AND name='" . TINYIB_DBBANS . "'");
if (sqlite_num_rows($result) == 0) {
sqlite_query($db, "CREATE TABLE " . TINYIB_DBBANS . " (
id INTEGER PRIMARY KEY,
ip TEXT NOT NULL,
timestamp TIMESTAMP NOT NULL,
expire TIMESTAMP NOT NULL,
reason TEXT NOT NULL
)");
}
$result = sqlite_query($db, "SELECT name FROM sqlite_master WHERE type='table' AND name='" . TINYIB_DBKEYWORDS . "'");
if (sqlite_num_rows($result) == 0) {
sqlite_query($db, "CREATE TABLE " . TINYIB_DBKEYWORDS . " (
id INTEGER PRIMARY KEY,
text TEXT NOT NULL,
action TEXT NOT NULL
)");
}
$result = sqlite_query($db, "SELECT name FROM sqlite_master WHERE type='table' AND name='" . TINYIB_DBLOGS . "'");
if (sqlite_num_rows($result) == 0) {
sqlite_query($db, "CREATE TABLE " . TINYIB_DBLOGS . " (
id INTEGER PRIMARY KEY,
timestamp TIMESTAMP NOT NULL,
account INTEGER NOT NULL,
message TEXT NOT NULL
)");
}
$result = sqlite_query($db, "SELECT name FROM sqlite_master WHERE type='table' AND name='" . TINYIB_DBPOSTS . "'");
if (sqlite_num_rows($result) == 0) {
sqlite_query($db, "CREATE TABLE " . TINYIB_DBPOSTS . " (
@ -42,20 +83,6 @@ if (sqlite_num_rows($result) == 0) {
locked INTEGER NOT NULL DEFAULT '0'
)");
}
// Create the bans table if it does not exist
$result = sqlite_query($db, "SELECT name FROM sqlite_master WHERE type='table' AND name='" . TINYIB_DBBANS . "'");
if (sqlite_num_rows($result) == 0) {
sqlite_query($db, "CREATE TABLE " . TINYIB_DBBANS . " (
id INTEGER PRIMARY KEY,
ip TEXT NOT NULL,
timestamp TIMESTAMP NOT NULL,
expire TIMESTAMP NOT NULL,
reason TEXT NOT NULL
)");
}
// Create the reports table if it does not exist
$result = sqlite_query($db, "SELECT name FROM sqlite_master WHERE type='table' AND name='" . TINYIB_DBREPORTS . "'");
if (sqlite_num_rows($result) == 0) {
sqlite_query($db, "CREATE TABLE " . TINYIB_DBREPORTS . " (
@ -65,16 +92,6 @@ if (sqlite_num_rows($result) == 0) {
)");
}
// Create the keywords table if it does not exist
$result = sqlite_query($db, "SELECT name FROM sqlite_master WHERE type='table' AND name='" . TINYIB_DBKEYWORDS . "'");
if (sqlite_num_rows($result) == 0) {
sqlite_query($db, "CREATE TABLE " . TINYIB_DBKEYWORDS . " (
id INTEGER PRIMARY KEY,
text TEXT NOT NULL,
action TEXT NOT NULL
)");
}
// Add moderated column if it isn't present
sqlite_query($db, "ALTER TABLE " . TINYIB_DBPOSTS . " ADD COLUMN moderated INTEGER NOT NULL DEFAULT '0'");
@ -85,19 +102,27 @@ sqlite_query($db, "ALTER TABLE " . TINYIB_DBPOSTS . " ADD COLUMN stickied INTEGE
sqlite_query($db, "ALTER TABLE " . TINYIB_DBPOSTS . " ADD COLUMN locked INTEGER NOT NULL DEFAULT '0'");
if (function_exists('insertPost')) {
function migratePost($post) {
sqlite_query($GLOBALS["db"], "INSERT INTO " . TINYIB_DBPOSTS . " (id, parent, timestamp, bumped, ip, name, tripcode, email, nameblock, subject, message, password, file, file_hex, file_original, file_size, file_size_formatted, image_width, image_height, thumb, thumb_width, thumb_height, moderated, stickied, locked) VALUES (" . $post['id'] . ", " . $post['parent'] . ", " . $post['timestamp'] . ", " . $post['bumped'] . ", '" . sqlite_escape_string($post['ip']) . "', '" . sqlite_escape_string($post['name']) . "', '" . sqlite_escape_string($post['tripcode']) . "', '" . sqlite_escape_string($post['email']) . "', '" . sqlite_escape_string($post['nameblock']) . "', '" . sqlite_escape_string($post['subject']) . "', '" . sqlite_escape_string($post['message']) . "', '" . sqlite_escape_string($post['password']) . "', '" . $post['file'] . "', '" . $post['file_hex'] . "', '" . sqlite_escape_string($post['file_original']) . "', " . $post['file_size'] . ", '" . $post['file_size_formatted'] . "', " . $post['image_width'] . ", " . $post['image_height'] . ", '" . $post['thumb'] . "', " . $post['thumb_width'] . ", " . $post['thumb_height'] . ", " . $post['moderated'] . ", " . $post['stickied'] . ", " . $post['locked'] . ")");
function migrateAccount($account) {
sqlite_query($GLOBALS["db"], "INSERT INTO " . TINYIB_DBACCOUNTS . " (id, username, password, role, lastactive) VALUES (" . sqlite_escape_string($account['id']) . "', '" . sqlite_escape_string($account['username']) . "', '" . sqlite_escape_string($account['password']) . "', '" . sqlite_escape_string($account['role']) . "', '" . sqlite_escape_string($account['lastactive']) . "')");
}
function migrateBan($ban) {
sqlite_query($GLOBALS["db"], "INSERT INTO " . TINYIB_DBBANS . " (id, ip, timestamp, expire, reason) VALUES (" . sqlite_escape_string($ban['id']) . "', '" . sqlite_escape_string($ban['ip']) . "', '" . sqlite_escape_string($ban['timestamp']) . "', '" . sqlite_escape_string($ban['expire']) . "', '" . sqlite_escape_string($ban['reason']) . "')");
}
function migrateReport($report) {
sqlite_query($GLOBALS["db"], "INSERT INTO " . TINYIB_DBREPORTS . " (id, ip, post) VALUES ('" . sqlite_escape_string($report['id']) . "', '" . sqlite_escape_string($report['ip']) . "', '" . sqlite_escape_string($report['post']) . "')");
}
function migrateKeyword($keyword) {
sqlite_query($GLOBALS["db"], "INSERT INTO " . TINYIB_DBKEYWORDS . " (id, text, action) VALUES ('" . sqlite_escape_string($keyword['id']) . "', '" . sqlite_escape_string($keyword['text']) . "', '" . sqlite_escape_string($keyword['action']) . "')");
}
function migrateLog($log) {
sqlite_query($GLOBALS["db"], "INSERT INTO " . TINYIB_DBLOGS . " (id, timestamp, account, message) VALUES ('" . sqlite_escape_string($log['id']) . "', '" . sqlite_escape_string($log['timestamp']) . "', '" . sqlite_escape_string($log['account']) . "', '" . sqlite_escape_string($log['message']) . "')");
}
function migratePost($post) {
sqlite_query($GLOBALS["db"], "INSERT INTO " . TINYIB_DBPOSTS . " (id, parent, timestamp, bumped, ip, name, tripcode, email, nameblock, subject, message, password, file, file_hex, file_original, file_size, file_size_formatted, image_width, image_height, thumb, thumb_width, thumb_height, moderated, stickied, locked) VALUES (" . $post['id'] . ", " . $post['parent'] . ", " . $post['timestamp'] . ", " . $post['bumped'] . ", '" . sqlite_escape_string($post['ip']) . "', '" . sqlite_escape_string($post['name']) . "', '" . sqlite_escape_string($post['tripcode']) . "', '" . sqlite_escape_string($post['email']) . "', '" . sqlite_escape_string($post['nameblock']) . "', '" . sqlite_escape_string($post['subject']) . "', '" . sqlite_escape_string($post['message']) . "', '" . sqlite_escape_string($post['password']) . "', '" . $post['file'] . "', '" . $post['file_hex'] . "', '" . sqlite_escape_string($post['file_original']) . "', " . $post['file_size'] . ", '" . $post['file_size_formatted'] . "', " . $post['image_width'] . ", " . $post['image_height'] . ", '" . $post['thumb'] . "', " . $post['thumb_width'] . ", " . $post['thumb_height'] . ", " . $post['moderated'] . ", " . $post['stickied'] . ", " . $post['locked'] . ")");
}
function migrateReport($report) {
sqlite_query($GLOBALS["db"], "INSERT INTO " . TINYIB_DBREPORTS . " (id, ip, post) VALUES ('" . sqlite_escape_string($report['id']) . "', '" . sqlite_escape_string($report['ip']) . "', '" . sqlite_escape_string($report['post']) . "')");
}
}

View File

@ -8,6 +8,12 @@ define('TINYIB_INDEXPAGE', false);
define('TINYIB_RESPAGE', true);
define('TINYIB_WORDBREAK_IDENTIFIER', '@!@TINYIB_WORDBREAK@!@');
// Account roles
define('TINYIB_SUPER_ADMINISTRATOR', 1);
define('TINYIB_ADMINISTRATOR', 2);
define('TINYIB_MODERATOR', 3);
define('TINYIB_DISABLED', 99);
// The following are provided for backward compatibility and should not be relied upon
// Copy new settings from settings.default.php to settings.php
if (!defined('TINYIB_LOCALE')) {
@ -94,12 +100,18 @@ if (!defined('TINYIB_DATEFMT')) {
if (!defined('TINYIB_DBMIGRATE')) {
define('TINYIB_DBMIGRATE', false);
}
if (!defined('TINYIB_DBACCOUNTS')) {
define('TINYIB_DBACCOUNTS', 'accounts');
}
if (!defined('TINYIB_DBREPORTS')) {
define('TINYIB_DBREPORTS', TINYIB_BOARD . '_reports');
}
if (!defined('TINYIB_DBKEYWORDS')) {
define('TINYIB_DBKEYWORDS', TINYIB_BOARD . '_keywords');
}
if (!defined('TINYIB_DBLOGS')) {
define('TINYIB_DBLOGS', 'logs');
}
if (!defined('TINYIB_DBPORT')) {
define('TINYIB_DBPORT', 3306);
}

View File

@ -11,9 +11,9 @@ if (!function_exists('array_column')) {
}
}
function hashData($data) {
function hashData($data, $force = false) {
global $bcrypt_salt;
if (substr($data, 0, 4) == '$2y$') {
if (substr($data, 0, 4) == '$2y$' && !$force) {
return $data;
}
return crypt($data, $bcrypt_salt);
@ -336,6 +336,7 @@ function checkMessageSize() {
}
function manageCheckLogIn($requireKey) {
$account = array();
$loggedin = false;
$isadmin = false;
@ -344,40 +345,44 @@ function manageCheckLogIn($requireKey) {
$key = $_SESSION['tinyib_key'];
}
if (TINYIB_MANAGEKEY != '' && $key !== hashData(TINYIB_MANAGEKEY)) {
$_SESSION['tinyib'] = '';
$_SESSION['tinyib_key'] = '';
$_SESSION['tinyib_account'] = '';
session_destroy();
if ($requireKey) {
fancyDie(__('Invalid key.'));
}
return array($loggedin, $isadmin);
return array($account, $loggedin, $isadmin);
}
if (isset($_POST['managepassword'])) {
if (isset($_POST['username']) && isset($_POST['managepassword']) && $_POST['username'] != '' && $_POST['managepassword'] != '') {
checkCAPTCHA(TINYIB_MANAGECAPTCHA);
if ($_POST['managepassword'] === TINYIB_ADMINPASS) {
$_SESSION['tinyib'] = hashData(TINYIB_ADMINPASS);
$_SESSION['tinyib_key'] = hashData(TINYIB_MANAGEKEY);
} elseif (TINYIB_MODPASS != '' && $_POST['managepassword'] === TINYIB_MODPASS) {
$_SESSION['tinyib'] = hashData(TINYIB_MODPASS);
$_SESSION['tinyib_key'] = hashData(TINYIB_MANAGEKEY);
} else {
fancyDie(__('Invalid password.'));
$account = accountByUsername($_POST['username']);
if (hashData($_POST['managepassword'], true) !== $account['password']) {
fancyDie(__('Invalid username or password.'));
}
$_SESSION['tinyib_key'] = hashData(TINYIB_MANAGEKEY);
$_SESSION['tinyib_username'] = $account['username'];
$_SESSION['tinyib_password'] = $account['password'];
}
if (isset($_SESSION['tinyib_username']) && isset($_SESSION['tinyib_password'])) {
$a = accountByUsername($_SESSION['tinyib_username']);
if (!empty($a) && $a['password'] == $_SESSION['tinyib_password']) {
$account = $a;
$loggedin = true;
if ($account['role'] == TINYIB_SUPER_ADMINISTRATOR || $account['role'] == TINYIB_ADMINISTRATOR) {
$isadmin = true;
}
$account['lastactive'] = time();
updateAccount($account);
}
}
if (isset($_SESSION['tinyib'])) {
if ($_SESSION['tinyib'] === hashData(TINYIB_ADMINPASS)) {
$loggedin = true;
$isadmin = true;
} elseif (TINYIB_MODPASS != '' && $_SESSION['tinyib'] === hashData(TINYIB_MODPASS)) {
$loggedin = true;
}
}
return array($loggedin, $isadmin);
return array($account, $loggedin, $isadmin);
}
function setParent() {

View File

@ -753,7 +753,7 @@ function rebuildThread($id) {
}
function adminBar() {
global $loggedin, $isadmin, $returnlink;
global $account, $loggedin, $isadmin, $returnlink;
$return = '[<a href="' . $returnlink . '" style="text-decoration: underline;">' . __('Return') . '</a>]';
if (!$loggedin) {
@ -765,6 +765,9 @@ function adminBar() {
if (TINYIB_REPORT) {
$output .= '<a href="?manage&reports">' . __('Reports') . '</a>] [';
}
if ($account['role'] == TINYIB_SUPER_ADMINISTRATOR) {
$output .= '<a href="?manage&accounts">' . __('Accounts') . '</a>] [';
}
$output .= '<a href="?manage&bans">' . __('Bans') . '</a>] [';
$output .= '<a href="?manage&keywords">' . __('Keywords') . '</a>] [';
}
@ -778,6 +781,7 @@ function adminBar() {
if ($isadmin && TINYIB_DBMIGRATE) {
$output .= '<a href="?manage&dbmigrate"><b>' . __('Migrate Database') . '</b></a>] [';
}
$output .= '<a href="?manage&changepassword">' . __('Change password') . '</a>] [';
$output .= '<a href="?manage&logout">' . __('Log Out') . '</a>] &middot; ' . $return;
return $output;
}
@ -812,6 +816,8 @@ function manageOnLoad($page) {
return ' onload="document.tinyib.text.focus();"';
case 'rawpost':
return ' onload="document.tinyib.message.focus();"';
case 'accounts':
return ' onload="document.tinyib.username.focus();"';
case 'bans':
return ' onload="document.tinyib.ip.focus();"';
}
@ -819,7 +825,7 @@ function manageOnLoad($page) {
function manageLogInForm() {
$txt_login = __('Log In');
$txt_login_prompt = __('Enter an administrator or moderator password');
$txt_login_prompt = __('Enter a username and password');
$captcha_inner_html = '';
if (TINYIB_MANAGECAPTCHA === 'hcaptcha') {
$captcha_inner_html = '
@ -857,7 +863,8 @@ function manageLogInForm() {
<fieldset>
<legend align="center">$txt_login_prompt</legend>
<div class="login">
<input type="password" id="managepassword" name="managepassword"><br>
<input type="text" id="username" name="username" placeholder="Username"><br>
<input type="password" id="managepassword" name="managepassword" placeholder="Password"><br>
$captcha_inner_html
<input type="submit" value="$txt_login" class="managebutton">
</div>
@ -935,6 +942,96 @@ function manageReportsPage($ip) {
EOF;
}
function manageChangePasswordForm() {
$txt_header = __('Change password');
$txt_submit = __('Submit');
return <<<EOF
<form id="tinyib" name="tinyib" method="post" action="?manage&changepassword">
<fieldset>
<legend>$txt_header</legend>
<input type="password" name="password" id="password" value="">
<input type="submit" value="$txt_submit" class="managebutton">
<legend>
</fieldset>
</form><br>
EOF;
}
function manageAccountForm($id=0) {
$a = array(
'id' => 0,
'username' => '',
'password' => '',
'role' => 0,
);
$txt_header = __('Add an account');
$txt_password_hint = '';
if ($id > 0){
$txt_header = __('Update an account');
$txt_password_hint = '(' . __('Leave blank to maintain current password') . ')';
$a = accountByID($id);
}
$a['id'] = htmlentities($a['id'], ENT_QUOTES);
$a['username'] = htmlentities($a['username'], ENT_QUOTES);
$txt_username = __('Username');
$txt_password = __('Password');
$txt_role = __('Role');
$return = <<<EOF
<form id="tinyib" name="tinyib" method="post" action="?manage&accounts">
<input type="hidden" name="id" value="{$a['id']}">
<fieldset>
<legend>$txt_header</legend>
<label for="username">$txt_username</label> <input type="text" name="username" id="username" value="{$a['username']}"><br>
<label for="password">$txt_password</label> <input type="password" name="password" id="password" value=""> <small>$txt_password_hint</small><br>
<label for="role">$txt_role</label> <select name="role" id="role">
EOF;
$return .= '<option value="0" ' . ($a['role'] == 0 ? ' selected' : '') . '>' . __('Choose a role') . '</option>';
$return .= '<option value="1" ' . ($a['role'] == 1 ? ' selected' : '') . '>' . __('Super-administrator') . '</option>';
$return .= '<option value="2" ' . ($a['role'] == 2 ? ' selected' : '') . '>' . __('Administrator') . '</option>';
$return .= '<option value="3" ' . ($a['role'] == 3 ? ' selected' : '') . '>' . __('Moderator') . '</option>';
$return .= '<option value="99" ' . ($a['role'] == 99 ? ' selected' : '') . '>' . __('Disabled') . '</option>';
$txt_submit = __('Submit');
$return .= <<<EOF
</select><br>
<input type="submit" value="$txt_submit" class="managebutton">
<legend>
</fieldset>
</form><br>
EOF;
return $return;
}
function manageAccountsTable() {
$text = '';
$allaccounts = allAccounts();
if (count($allaccounts) > 0) {
$text .= '<table border="1"><tr><th>' . __('Username') . '</th><th>' . __('Role') . '</th><th>' . __('Last active') . '</th><th>&nbsp;</th></tr>';
foreach ($allaccounts as $account) {
$lastactive = ($account['lastactive'] > 0) ? strftime(TINYIB_DATEFMT, $account['lastactive']) : __('Never');
$text .= '<tr><td>' . htmlentities($account['username']) . '</td><td>';
switch (intval($account['role'])) {
case TINYIB_SUPER_ADMINISTRATOR:
$text .= __('Super-administrator');
break;
case TINYIB_ADMINISTRATOR:
$text .= __('Administrator');
break;
case TINYIB_MODERATOR:
$text .= __('Moderator');
break;
case TINYIB_DISABLED:
$text .= __('Disabled');
break;
}
$text .= '</td><td>' . $lastactive . '</td><td><a href="?manage&accounts=' . $account['id'] . '">' . __('update') . '</a></td></tr>';
}
$text .= '</table>';
}
return $text;
}
function manageBanForm() {
$txt_ban = __('Add a ban');
$txt_ban_ip = __('IP Address');

File diff suppressed because it is too large Load Diff

View File

@ -18,13 +18,6 @@ click Rebuild All in the management panel.
// Internationalization
define('TINYIB_LOCALE', ''); // Locale (see README for instructions)
// Management panel
define('TINYIB_MANAGEKEY', ''); // When set, the [Manage] link is hidden and the management panel may only be accessed via imgboard.php?manage=TINYIB_MANAGEKEY ['' to disable]
// Administrator/moderator credentials
define('TINYIB_ADMINPASS', ''); // Administrators have full access to the board
define('TINYIB_MODPASS', ''); // Moderators only have access to delete (and moderate if TINYIB_REQMOD is set) posts ['' to disable]
// Board description and behavior
// Warning: Enabling reCAPTCHA will cause all visitors to be tracked by Google. See https://nearcyan.com/you-probably-dont-need-recaptcha/
define('TINYIB_BOARD', 'b'); // Unique identifier for this board using only letters and numbers
@ -118,15 +111,30 @@ define('TINYIB_HCAPTCHA_SECRET', ''); // Secret key
define('TINYIB_RECAPTCHA_SITE', ''); // Site key
define('TINYIB_RECAPTCHA_SECRET', '');// Secret key
// Management panel
define('TINYIB_MANAGEKEY', ''); // When set, the [Manage] link is hidden and the management panel may only be accessed via imgboard.php?manage=TINYIB_MANAGEKEY ['' to disable]
// Administrator and moderator passwords
// When TINYIB_ADMINPASS is set, an administrator account is created with username "admin"
// When TINYIB_MODPASS is set, a moderator account is created with username "moderator"
// These settings are for installation and anti-lockout purposes only
// Once the account(s) are created, blank both of these settings
define('TINYIB_ADMINPASS', ''); // Administrator password
define('TINYIB_MODPASS', ''); // Moderator password ['' to disable]
// Database
// Recommended database modes from best to worst:
// pdo, mysqli, mysql, sqlite3, sqlite (deprecated), flatfile (only useful if you need portability or lack any kind of database)
define('TINYIB_DBMODE', 'flatfile'); // Mode
define('TINYIB_DBMIGRATE', false); // Enable database migration tool (see README for instructions)
define('TINYIB_DBBANS', 'bans'); // Bans table name (use the same table across boards for global bans)
define('TINYIB_DBKEYWORDS', 'keywords'); // Keywords table name (use the same table across boards for global keywords)
define('TINYIB_DBPOSTS', TINYIB_BOARD . '_posts'); // Posts table name
define('TINYIB_DBREPORTS', TINYIB_BOARD . '_reports'); // Reports table name
// Table names
// Use the same table name across boards for global accounts, bans, etc.
define('TINYIB_DBACCOUNTS', 'accounts'); // Staff accounts
define('TINYIB_DBBANS', 'bans'); // Bans
define('TINYIB_DBKEYWORDS', 'keywords'); // Keywords
define('TINYIB_DBLOGS', 'logs'); // Staff logs
define('TINYIB_DBPOSTS', TINYIB_BOARD . '_posts'); // Posts
define('TINYIB_DBREPORTS', TINYIB_BOARD . '_reports'); // Reports
// See README for migration instructions
define('TINYIB_DBMIGRATE', false); // Enable database migration tool
// Database configuration - MySQL / pgSQL
// The following only apply when TINYIB_DBMODE is set to mysql, mysqli or pdo with default (blank) TINYIB_DBDSN