2009-09-20 02:53:15 +00:00
< ? php
# TinyIB
#
2010-11-30 00:24:15 +00:00
# https://github.com/tslocum/TinyIB
2009-09-20 02:53:15 +00:00
error_reporting ( E_ALL );
ini_set ( " display_errors " , 1 );
session_start ();
2015-10-28 04:37:16 +00:00
setcookie ( session_name (), session_id (), time () + 2592000 );
2012-12-28 07:00:14 +00:00
ob_implicit_flush ();
2014-11-04 23:53:06 +00:00
if ( function_exists ( 'ob_get_level' )) {
while ( ob_get_level () > 0 ) {
ob_end_flush ();
}
}
2009-09-20 02:53:15 +00:00
if ( get_magic_quotes_gpc ()) {
2014-06-24 19:51:22 +00:00
foreach ( $_GET as $key => $val ) {
$_GET [ $key ] = stripslashes ( $val );
}
foreach ( $_POST as $key => $val ) {
$_POST [ $key ] = stripslashes ( $val );
}
}
if ( get_magic_quotes_runtime ()) {
set_magic_quotes_runtime ( 0 );
2009-09-20 02:53:15 +00:00
}
function fancyDie ( $message ) {
2011-08-07 07:24:39 +00:00
die ( '<body text="#800000" bgcolor="#FFFFEE" align="center"><br><div style="display: inline-block; background-color: #F0E0D6;font-size: 1.25em;font-family: Tahoma, Geneva, sans-serif;padding: 7px;border: 1px solid #D9BFB7;border-left: none;border-top: none;">' . $message . '</div><br><br>- <a href="javascript:history.go(-1)">Click here to go back</a> -</body>' );
2009-09-20 02:53:15 +00:00
}
2010-11-30 00:24:15 +00:00
if ( ! file_exists ( 'settings.php' )) {
2016-09-24 03:59:09 +00:00
fancyDie ( 'Please copy the file settings.default.php to settings.php' );
2010-11-30 00:24:15 +00:00
}
require 'settings.php' ;
2015-10-05 20:21:05 +00:00
if ( TINYIB_TRIPSEED == '' || TINYIB_ADMINPASS == '' ) {
2016-07-19 21:14:54 +00:00
fancyDie ( 'TINYIB_TRIPSEED and TINYIB_ADMINPASS must be configured.' );
}
if ( TINYIB_CAPTCHA === 'recaptcha' && ( TINYIB_RECAPTCHA_SITE == '' || TINYIB_RECAPTCHA_SECRET == '' )) {
fancyDie ( 'TINYIB_RECAPTCHA_SITE and TINYIB_RECAPTCHA_SECRET must be configured.' );
2015-10-05 20:21:05 +00:00
}
2009-09-20 02:53:15 +00:00
// Check directories are writable by the script
$writedirs = array ( " res " , " src " , " thumb " );
2014-06-24 19:51:22 +00:00
if ( TINYIB_DBMODE == 'flatfile' ) {
$writedirs [] = " inc/flatfile " ;
}
2009-09-20 02:53:15 +00:00
foreach ( $writedirs as $dir ) {
if ( ! is_writable ( $dir )) {
2011-08-07 07:24:39 +00:00
fancyDie ( " Directory ' " . $dir . " ' can not be written to. Please modify its permissions. " );
2009-09-20 02:53:15 +00:00
}
}
2011-08-07 07:24:39 +00:00
$includes = array ( " inc/defines.php " , " inc/functions.php " , " inc/html.php " );
2014-07-26 10:22:53 +00:00
if ( in_array ( TINYIB_DBMODE , array ( 'flatfile' , 'mysql' , 'mysqli' , 'sqlite' , 'pdo' ))) {
2011-01-08 01:36:00 +00:00
$includes [] = 'inc/database_' . TINYIB_DBMODE . '.php' ;
2009-09-20 02:53:15 +00:00
} else {
2016-07-19 21:14:54 +00:00
fancyDie ( " Unknown database mode specified. " );
2009-09-20 02:53:15 +00:00
}
foreach ( $includes as $include ) {
include $include ;
}
$redirect = true ;
// Check if the request is to make a post
2011-09-06 06:53:37 +00:00
if ( isset ( $_POST [ 'message' ]) || isset ( $_POST [ 'file' ])) {
2014-07-20 19:12:00 +00:00
if ( TINYIB_DBMIGRATE ) {
fancyDie ( 'Posting is currently disabled.<br>Please try again in a few moments.' );
}
2010-12-03 10:31:51 +00:00
list ( $loggedin , $isadmin ) = manageCheckLogIn ();
2011-08-07 07:24:39 +00:00
$rawpost = isRawPost ();
2011-01-07 08:56:59 +00:00
if ( ! $loggedin ) {
2014-11-06 11:34:19 +00:00
checkCAPTCHA ();
2011-01-07 08:56:59 +00:00
checkBanned ();
2011-01-07 09:50:03 +00:00
checkMessageSize ();
2011-01-07 08:56:59 +00:00
checkFlood ();
2009-09-20 02:53:15 +00:00
}
2014-06-24 19:51:22 +00:00
2011-08-07 07:24:39 +00:00
$post = newPost ( setParent ());
2009-09-20 02:53:15 +00:00
$post [ 'ip' ] = $_SERVER [ 'REMOTE_ADDR' ];
2014-06-24 19:51:22 +00:00
2011-09-06 06:53:37 +00:00
list ( $post [ 'name' ], $post [ 'tripcode' ]) = nameAndTripcode ( $_POST [ 'name' ]);
2014-06-24 19:51:22 +00:00
2009-09-20 02:53:15 +00:00
$post [ 'name' ] = cleanString ( substr ( $post [ 'name' ], 0 , 75 ));
2011-09-06 06:53:37 +00:00
$post [ 'email' ] = cleanString ( str_replace ( '"' , '"' , substr ( $_POST [ 'email' ], 0 , 75 )));
$post [ 'subject' ] = cleanString ( substr ( $_POST [ 'subject' ], 0 , 75 ));
2011-08-07 07:24:39 +00:00
if ( $rawpost ) {
$rawposttext = ( $isadmin ) ? ' <span style="color: red;">## Admin</span>' : ' <span style="color: purple;">## Mod</span>' ;
2011-09-06 06:53:37 +00:00
$post [ 'message' ] = $_POST [ 'message' ]; // Treat message as raw HTML
2010-06-22 09:26:45 +00:00
} else {
2011-08-07 07:24:39 +00:00
$rawposttext = '' ;
2015-08-07 07:01:18 +00:00
$post [ 'message' ] = str_replace ( " \n " , '<br>' , makeLinksClickable ( colorQuote ( postLink ( cleanString ( rtrim ( $_POST [ 'message' ]))))));
2010-06-22 09:26:45 +00:00
}
2010-12-31 23:24:55 +00:00
$post [ 'password' ] = ( $_POST [ 'password' ] != '' ) ? md5 ( md5 ( $_POST [ 'password' ])) : '' ;
2011-08-07 07:24:39 +00:00
$post [ 'nameblock' ] = nameBlock ( $post [ 'name' ], $post [ 'tripcode' ], $post [ 'email' ], time (), $rawposttext );
2014-06-24 19:51:22 +00:00
2015-08-07 07:01:18 +00:00
if ( isset ( $_POST [ 'embed' ]) && trim ( $_POST [ 'embed' ]) != '' ) {
list ( $service , $embed ) = getEmbed ( trim ( $_POST [ 'embed' ]));
if ( empty ( $embed ) || ! isset ( $embed [ 'html' ]) || ! isset ( $embed [ 'title' ]) || ! isset ( $embed [ 'thumbnail_url' ])) {
2016-09-24 03:59:09 +00:00
fancyDie ( " Invalid embed URL. Only " . ( implode ( " / " , array_keys ( $tinyib_embeds ))) . " URLs are supported. " );
2015-08-07 07:01:18 +00:00
}
$post [ 'file_hex' ] = $service ;
2015-08-07 07:16:17 +00:00
$temp_file = time () . substr ( microtime (), 2 , 3 );
2015-08-07 07:01:18 +00:00
$file_location = " thumb/ " . $temp_file ;
file_put_contents ( $file_location , file_get_contents ( $embed [ 'thumbnail_url' ]));
$file_info = getimagesize ( $file_location );
$file_mime = $file_info [ 'mime' ];
$post [ 'image_width' ] = $file_info [ 0 ];
$post [ 'image_height' ] = $file_info [ 1 ];
if ( $file_mime == " image/jpeg " ) {
$post [ 'thumb' ] = $temp_file . '.jpg' ;
} else if ( $file_mime == " image/gif " ) {
$post [ 'thumb' ] = $temp_file . '.gif' ;
} else if ( $file_mime == " image/png " ) {
$post [ 'thumb' ] = $temp_file . '.png' ;
} else {
fancyDie ( " Error while processing audio/video. " );
}
$thumb_location = " thumb/ " . $post [ 'thumb' ];
list ( $thumb_maxwidth , $thumb_maxheight ) = thumbnailDimensions ( $post );
if ( ! createThumbnail ( $file_location , $thumb_location , $thumb_maxwidth , $thumb_maxheight )) {
fancyDie ( " Could not create thumbnail. " );
}
addVideoOverlay ( $thumb_location );
$thumb_info = getimagesize ( $thumb_location );
$post [ 'thumb_width' ] = $thumb_info [ 0 ];
$post [ 'thumb_height' ] = $thumb_info [ 1 ];
$post [ 'file_original' ] = cleanString ( $embed [ 'title' ]);
$post [ 'file' ] = str_ireplace ( array ( 'src="https://' , 'src="http://' ), 'src="//' , $embed [ 'html' ]);
} else if ( isset ( $_FILES [ 'file' ])) {
2009-09-20 02:53:15 +00:00
if ( $_FILES [ 'file' ][ 'name' ] != " " ) {
2010-12-03 10:31:51 +00:00
validateFileUpload ();
2014-06-24 19:51:22 +00:00
2009-09-20 02:53:15 +00:00
if ( ! is_file ( $_FILES [ 'file' ][ 'tmp_name' ]) || ! is_readable ( $_FILES [ 'file' ][ 'tmp_name' ])) {
fancyDie ( " File transfer failure. Please retry the submission. " );
}
2014-06-24 19:51:22 +00:00
2011-08-07 07:24:39 +00:00
if (( TINYIB_MAXKB > 0 ) && ( filesize ( $_FILES [ 'file' ][ 'tmp_name' ]) > ( TINYIB_MAXKB * 1024 ))) {
fancyDie ( " That file is larger than " . TINYIB_MAXKBDESC . " . " );
}
2014-06-24 19:51:22 +00:00
$post [ 'file_original' ] = trim ( htmlentities ( substr ( $_FILES [ 'file' ][ 'name' ], 0 , 50 ), ENT_QUOTES ));
2009-09-20 02:53:15 +00:00
$post [ 'file_hex' ] = md5_file ( $_FILES [ 'file' ][ 'tmp_name' ]);
$post [ 'file_size' ] = $_FILES [ 'file' ][ 'size' ];
$post [ 'file_size_formatted' ] = convertBytes ( $post [ 'file_size' ]);
2014-06-24 19:51:22 +00:00
2014-07-05 19:27:18 +00:00
// Uploaded file type
2014-06-24 19:51:22 +00:00
$file_type = strtolower ( preg_replace ( '/.*(\..+)/' , '\1' , $_FILES [ 'file' ][ 'name' ]));
if ( $file_type == '.jpeg' ) {
$file_type = '.jpg' ;
}
2014-07-05 19:27:18 +00:00
// Thumbnail type
if ( $file_type == '.webm' ) {
$thumb_type = '.jpg' ;
} else if ( $file_type == '.swf' ) {
$thumb_type = '.png' ;
} else {
$thumb_type = $file_type ;
}
2011-08-07 07:24:39 +00:00
$file_name = time () . substr ( microtime (), 2 , 3 );
2009-09-20 02:53:15 +00:00
$post [ 'file' ] = $file_name . $file_type ;
2014-07-05 19:27:18 +00:00
$post [ 'thumb' ] = $file_name . " s " . $thumb_type ;
2009-09-20 02:53:15 +00:00
$file_location = " src/ " . $post [ 'file' ];
2011-08-07 07:24:39 +00:00
$thumb_location = " thumb/ " . $post [ 'thumb' ];
2009-11-03 07:26:00 +00:00
2014-06-24 19:51:22 +00:00
checkDuplicateFile ( $post [ 'file_hex' ]);
2009-09-20 02:53:15 +00:00
if ( ! move_uploaded_file ( $_FILES [ 'file' ][ 'tmp_name' ], $file_location )) {
fancyDie ( " Could not copy uploaded file. " );
}
2014-06-24 19:51:22 +00:00
if ( $file_type == '.webm' ) {
$file_mime_output = shell_exec ( 'file --mime-type ' . $file_location );
$file_mime_split = explode ( ' ' , $file_mime_output );
$file_mime = strtolower ( trim ( array_pop ( $file_mime_split )));
} else {
if ( !@ getimagesize ( $file_location )) {
@ unlink ( $file_location );
fancyDie ( " Failed to read the size of the uploaded file. Please retry the submission. " );
}
$file_info = getimagesize ( $file_location );
$file_mime = $file_info [ 'mime' ];
}
2014-07-05 19:27:18 +00:00
if ( ! ( $file_mime == " image/jpeg " || $file_mime == " image/gif " || $file_mime == " image/png " || ( TINYIB_WEBM && ( $file_mime == " video/webm " || $file_mime == " audio/webm " )) || ( TINYIB_SWF && ( $file_mime == " application/x-shockwave-flash " )))) {
2014-06-24 19:51:22 +00:00
@ unlink ( $file_location );
2014-07-05 19:27:18 +00:00
fancyDie ( supportedFileTypes ());
2014-06-24 19:51:22 +00:00
}
2009-09-20 02:53:15 +00:00
if ( $_FILES [ 'file' ][ 'size' ] != filesize ( $file_location )) {
2014-06-24 19:51:22 +00:00
@ unlink ( $file_location );
2009-09-20 02:53:15 +00:00
fancyDie ( " File transfer failure. Please go back and try again. " );
}
2014-06-24 19:51:22 +00:00
if ( $file_mime == " audio/webm " || $file_mime == " video/webm " ) {
2016-09-24 03:59:09 +00:00
$post [ 'image_width' ] = max ( 0 , intval ( shell_exec ( 'mediainfo --Inform="Video;%Width%" ' . $file_location )));
$post [ 'image_height' ] = max ( 0 , intval ( shell_exec ( 'mediainfo --Inform="Video;%Height%" ' . $file_location )));
2014-06-24 19:51:22 +00:00
2016-09-24 03:59:09 +00:00
if ( $post [ 'image_width' ] > 0 && $post [ 'image_height' ] > 0 ) {
2014-06-24 19:51:22 +00:00
list ( $thumb_maxwidth , $thumb_maxheight ) = thumbnailDimensions ( $post );
2015-06-25 07:10:12 +00:00
shell_exec ( " ffmpegthumbnailer -s " . max ( $thumb_maxwidth , $thumb_maxheight ) . " -i $file_location -o $thumb_location " );
2014-06-24 19:51:22 +00:00
$thumb_info = getimagesize ( $thumb_location );
$post [ 'thumb_width' ] = $thumb_info [ 0 ];
$post [ 'thumb_height' ] = $thumb_info [ 1 ];
if ( $post [ 'thumb_width' ] <= 0 || $post [ 'thumb_height' ] <= 0 ) {
@ unlink ( $file_location );
@ unlink ( $thumb_location );
fancyDie ( " Sorry, your video appears to be corrupt. " );
}
2014-07-05 19:27:18 +00:00
addVideoOverlay ( $thumb_location );
2014-06-24 19:51:22 +00:00
}
2016-09-24 03:59:09 +00:00
$duration = intval ( shell_exec ( 'mediainfo --Inform="General;%Duration%" ' . $file_location ));
if ( $duration > 0 ) {
$mins = floor ( round ( $duration / 1000 ) / 60 );
$secs = str_pad ( floor ( round ( $duration / 1000 ) % 60 ), 2 , " 0 " , STR_PAD_LEFT );
2014-06-24 19:51:22 +00:00
2016-09-24 03:59:09 +00:00
$post [ 'file_original' ] = " $mins : $secs " . ( $post [ 'file_original' ] != '' ? ( ', ' . $post [ 'file_original' ]) : '' );
}
2014-06-24 19:51:22 +00:00
} else {
$file_info = getimagesize ( $file_location );
$post [ 'image_width' ] = $file_info [ 0 ];
$post [ 'image_height' ] = $file_info [ 1 ];
2014-07-05 19:27:18 +00:00
if ( $file_mime == " application/x-shockwave-flash " ) {
if ( ! copy ( 'swf_thumbnail.png' , $thumb_location )) {
@ unlink ( $file_location );
fancyDie ( " Could not create thumbnail. " );
}
2014-06-24 19:51:22 +00:00
2014-07-05 19:27:18 +00:00
addVideoOverlay ( $thumb_location );
} else {
list ( $thumb_maxwidth , $thumb_maxheight ) = thumbnailDimensions ( $post );
2014-06-24 19:51:22 +00:00
2014-07-05 19:27:18 +00:00
if ( ! createThumbnail ( $file_location , $thumb_location , $thumb_maxwidth , $thumb_maxheight )) {
@ unlink ( $file_location );
fancyDie ( " Could not create thumbnail. " );
}
}
2014-06-24 19:51:22 +00:00
}
2014-07-05 19:27:18 +00:00
$thumb_info = getimagesize ( $thumb_location );
$post [ 'thumb_width' ] = $thumb_info [ 0 ];
$post [ 'thumb_height' ] = $thumb_info [ 1 ];
2009-11-03 07:26:00 +00:00
}
2009-09-20 02:53:15 +00:00
}
2014-06-24 19:51:22 +00:00
2009-09-20 02:53:15 +00:00
if ( $post [ 'file' ] == '' ) { // No file uploaded
2015-08-07 07:01:18 +00:00
$allowed = " " ;
if ( TINYIB_PIC || TINYIB_SWF || TINYIB_WEBM ) {
$allowed = " file " ;
}
if ( TINYIB_EMBED ) {
if ( $allowed != " " ) {
$allowed .= " or " ;
}
$allowed .= " embed URL " ;
}
if ( $post [ 'parent' ] == TINYIB_NEWTHREAD && $allowed != " " && ! TINYIB_NOFILEOK ) {
fancyDie ( " A $allowed is required to start a thread. " );
2009-09-20 02:53:15 +00:00
}
if ( str_replace ( '<br>' , '' , $post [ 'message' ]) == " " ) {
2015-08-07 07:01:18 +00:00
fancyDie ( " Please enter a message " . ( $allowed != " " ? " and/or upload a $allowed " : " " ) . " . " );
2009-09-20 02:53:15 +00:00
}
2011-08-07 07:24:39 +00:00
} else {
echo $post [ 'file_original' ] . ' uploaded.<br>' ;
2009-09-20 02:53:15 +00:00
}
2014-06-24 19:51:22 +00:00
2014-10-17 01:12:52 +00:00
if ( ! $loggedin && (( $post [ 'file' ] != '' && TINYIB_REQMOD == 'files' ) || TINYIB_REQMOD == 'all' )) {
$post [ 'moderated' ] = '0' ;
echo 'Your ' . ( $post [ 'parent' ] == TINYIB_NEWTHREAD ? 'thread' : 'post' ) . ' will be shown <b>once it has been approved</b>.<br>' ;
$slow_redirect = true ;
2010-11-10 10:12:11 +00:00
}
2014-06-24 19:51:22 +00:00
2014-10-17 01:12:52 +00:00
$post [ 'id' ] = insertPost ( $post );
if ( $post [ 'moderated' ] == '1' ) {
if ( strtolower ( $post [ 'email' ]) == 'noko' ) {
$redirect = 'res/' . ( $post [ 'parent' ] == TINYIB_NEWTHREAD ? $post [ 'id' ] : $post [ 'parent' ]) . '.html#' . $post [ 'id' ];
}
trimThreads ();
2014-06-24 19:51:22 +00:00
2014-10-17 01:12:52 +00:00
echo 'Updating thread...<br>' ;
if ( $post [ 'parent' ] != TINYIB_NEWTHREAD ) {
rebuildThread ( $post [ 'parent' ]);
2014-06-24 19:51:22 +00:00
2014-10-17 01:12:52 +00:00
if ( strtolower ( $post [ 'email' ]) != 'sage' ) {
if ( TINYIB_MAXREPLIES == 0 || numRepliesToThreadByID ( $post [ 'parent' ]) <= TINYIB_MAXREPLIES ) {
bumpThreadByID ( $post [ 'parent' ]);
}
2013-04-16 02:50:52 +00:00
}
2014-10-17 01:12:52 +00:00
} else {
rebuildThread ( $post [ 'id' ]);
2009-09-20 02:53:15 +00:00
}
2014-06-24 19:51:22 +00:00
2014-10-17 01:12:52 +00:00
echo 'Updating index...<br>' ;
rebuildIndexes ();
}
2009-09-20 02:53:15 +00:00
// Check if the request is to delete a post and/or its associated image
} elseif ( isset ( $_GET [ 'delete' ]) && ! isset ( $_GET [ 'manage' ])) {
2014-06-24 19:51:22 +00:00
if ( ! isset ( $_POST [ 'delete' ])) {
fancyDie ( 'Tick the box next to a post and click "Delete" to delete it.' );
}
2011-09-06 06:53:37 +00:00
2014-07-20 19:12:00 +00:00
if ( TINYIB_DBMIGRATE ) {
fancyDie ( 'Post deletion is currently disabled.<br>Please try again in a few moments.' );
}
2011-09-06 06:53:37 +00:00
$post = postByID ( $_POST [ 'delete' ]);
if ( $post ) {
list ( $loggedin , $isadmin ) = manageCheckLogIn ();
2014-06-24 19:51:22 +00:00
2011-09-06 06:53:37 +00:00
if ( $loggedin && $_POST [ 'password' ] == '' ) {
// Redirect to post moderation page
echo '--> --> --><meta http-equiv="refresh" content="0;url=' . basename ( $_SERVER [ 'PHP_SELF' ]) . '?manage&moderate=' . $_POST [ 'delete' ] . '">' ;
} elseif ( $post [ 'password' ] != '' && md5 ( md5 ( $_POST [ 'password' ])) == $post [ 'password' ]) {
deletePostByID ( $post [ 'id' ]);
2014-06-24 19:51:22 +00:00
if ( $post [ 'parent' ] == TINYIB_NEWTHREAD ) {
threadUpdated ( $post [ 'id' ]);
} else {
threadUpdated ( $post [ 'parent' ]);
}
2011-09-06 06:53:37 +00:00
fancyDie ( 'Post deleted.' );
2009-09-20 02:53:15 +00:00
} else {
2011-09-06 06:53:37 +00:00
fancyDie ( 'Invalid password.' );
2009-09-20 02:53:15 +00:00
}
} else {
2011-09-06 06:53:37 +00:00
fancyDie ( 'Sorry, an invalid post identifier was sent. Please go back, refresh the page, and try again.' );
2009-09-20 02:53:15 +00:00
}
2011-09-06 06:53:37 +00:00
2009-09-20 02:53:15 +00:00
$redirect = false ;
// Check if the request is to access the management area
2011-09-06 06:53:37 +00:00
} elseif ( isset ( $_GET [ 'manage' ])) {
2014-06-24 19:51:22 +00:00
$text = '' ;
$onload = '' ;
$navbar = ' ' ;
$redirect = false ;
$loggedin = false ;
$isadmin = false ;
2009-09-20 02:53:15 +00:00
$returnlink = basename ( $_SERVER [ 'PHP_SELF' ]);
2014-06-24 19:51:22 +00:00
2009-09-20 02:53:15 +00:00
list ( $loggedin , $isadmin ) = manageCheckLogIn ();
2014-06-24 19:51:22 +00:00
2009-09-20 02:53:15 +00:00
if ( $loggedin ) {
if ( $isadmin ) {
2011-09-06 06:53:37 +00:00
if ( isset ( $_GET [ 'rebuildall' ])) {
2009-09-20 02:53:15 +00:00
$allthreads = allThreads ();
foreach ( $allthreads as $thread ) {
2011-09-06 06:53:37 +00:00
rebuildThread ( $thread [ 'id' ]);
2009-09-20 02:53:15 +00:00
}
rebuildIndexes ();
2011-08-07 07:24:39 +00:00
$text .= manageInfo ( 'Rebuilt board.' );
2011-09-06 06:53:37 +00:00
} elseif ( isset ( $_GET [ 'bans' ])) {
2009-09-20 02:53:15 +00:00
clearExpiredBans ();
2014-06-24 19:51:22 +00:00
2009-09-20 02:53:15 +00:00
if ( isset ( $_POST [ 'ip' ])) {
if ( $_POST [ 'ip' ] != '' ) {
$banexists = banByIP ( $_POST [ 'ip' ]);
if ( $banexists ) {
fancyDie ( 'Sorry, there is already a ban on record for that IP address.' );
}
2014-06-24 19:51:22 +00:00
2009-09-20 02:53:15 +00:00
$ban = array ();
$ban [ 'ip' ] = $_POST [ 'ip' ];
$ban [ 'expire' ] = ( $_POST [ 'expire' ] > 0 ) ? ( time () + $_POST [ 'expire' ]) : 0 ;
$ban [ 'reason' ] = $_POST [ 'reason' ];
2014-06-24 19:51:22 +00:00
2009-09-20 02:53:15 +00:00
insertBan ( $ban );
2011-08-07 07:24:39 +00:00
$text .= manageInfo ( 'Ban record added for ' . $ban [ 'ip' ]);
2009-09-20 02:53:15 +00:00
}
} elseif ( isset ( $_GET [ 'lift' ])) {
$ban = banByID ( $_GET [ 'lift' ]);
if ( $ban ) {
deleteBanByID ( $_GET [ 'lift' ]);
2011-08-07 07:24:39 +00:00
$text .= manageInfo ( 'Ban record lifted for ' . $ban [ 'ip' ]);
2009-09-20 02:53:15 +00:00
}
}
2014-06-24 19:51:22 +00:00
2009-09-20 02:53:15 +00:00
$onload = manageOnLoad ( 'bans' );
$text .= manageBanForm ();
$text .= manageBansTable ();
2013-04-16 01:53:16 +00:00
} else if ( isset ( $_GET [ 'update' ])) {
if ( is_dir ( '.git' )) {
$git_output = shell_exec ( 'git pull 2>&1' );
$text .= ' < blockquote class = " reply " style = " padding: 7px;font-size: 1.25em; " >
2015-06-25 07:10:12 +00:00
< pre style = " margin: 0;padding: 0; " > Attempting update ... ' . "\n\n" . $git_output . ' </ pre >
2013-04-16 01:53:16 +00:00
</ blockquote >
< p >< b > Note :</ b > If TinyIB updates and you have made custom modifications , < a href = " https://github.com/tslocum/TinyIB/commits/master " > review the changes </ a > which have been merged into your installation .
Ensure that your modifications do not interfere with any new / modified files .
See the < a href = " https://github.com/tslocum/TinyIB#readme " > README </ a > for more information .</ p > ' ;
} else {
$text .= ' < p >< b > TinyIB was not installed via Git .</ b ></ p >
< p > If you installed TinyIB without Git , you must < a href = " https://github.com/tslocum/TinyIB " > update manually </ a >. If you did install with Git , ensure the script has read and write access to the < b >. git </ b > folder .</ p > ' ;
}
2014-07-20 19:12:00 +00:00
} elseif ( isset ( $_GET [ 'dbmigrate' ])) {
if ( TINYIB_DBMIGRATE ) {
if ( isset ( $_GET [ 'go' ])) {
if ( TINYIB_DBMODE == 'flatfile' ) {
if ( function_exists ( 'mysqli_connect' )) {
$link = @ mysqli_connect ( TINYIB_DBHOST , TINYIB_DBUSERNAME , TINYIB_DBPASSWORD );
if ( ! $link ) {
fancyDie ( " Could not connect to database: " . (( is_object ( $link )) ? mysqli_error ( $link ) : (( $link_error = mysqli_connect_error ()) ? $link_error : '(unknown error)' )));
}
$db_selected = @ mysqli_query ( $link , " USE " . constant ( 'TINYIB_DBNAME' ));
if ( ! $db_selected ) {
fancyDie ( " Could not select database: " . (( is_object ( $link )) ? mysqli_error ( $link ) : (( $link_error = mysqli_connect_error ()) ? $link_error : '(unknown error' )));
}
if ( mysqli_num_rows ( mysqli_query ( $link , " SHOW TABLES LIKE ' " . TINYIB_DBPOSTS . " ' " )) == 0 ) {
if ( mysqli_num_rows ( mysqli_query ( $link , " SHOW TABLES LIKE ' " . TINYIB_DBBANS . " ' " )) == 0 ) {
mysqli_query ( $link , $posts_sql );
mysqli_query ( $link , $bans_sql );
$max_id = 0 ;
$threads = allThreads ();
foreach ( $threads as $thread ) {
$posts = postsInThreadByID ( $thread [ 'id' ]);
foreach ( $posts as $post ) {
2015-08-21 07:45:01 +00:00
mysqli_query ( $link , " INSERT INTO ` " . TINYIB_DBPOSTS . " ` (`id`, `parent`, `timestamp`, `bumped`, `ip`, `name`, `tripcode`, `email`, `nameblock`, `subject`, `message`, `password`, `file`, `file_hex`, `file_original`, `file_size`, `file_size_formatted`, `image_width`, `image_height`, `thumb`, `thumb_width`, `thumb_height`, `stickied`) VALUES ( " . $post [ 'id' ] . " , " . $post [ 'parent' ] . " , " . time () . " , " . time () . " , ' " . $_SERVER [ 'REMOTE_ADDR' ] . " ', ' " . mysqli_real_escape_string ( $link , $post [ 'name' ]) . " ', ' " . mysqli_real_escape_string ( $link , $post [ 'tripcode' ]) . " ', ' " . mysqli_real_escape_string ( $link , $post [ 'email' ]) . " ', ' " . mysqli_real_escape_string ( $link , $post [ 'nameblock' ]) . " ', ' " . mysqli_real_escape_string ( $link , $post [ 'subject' ]) . " ', ' " . mysqli_real_escape_string ( $link , $post [ 'message' ]) . " ', ' " . mysqli_real_escape_string ( $link , $post [ 'password' ]) . " ', ' " . $post [ 'file' ] . " ', ' " . $post [ 'file_hex' ] . " ', ' " . mysqli_real_escape_string ( $link , $post [ 'file_original' ]) . " ', " . $post [ 'file_size' ] . " , ' " . $post [ 'file_size_formatted' ] . " ', " . $post [ 'image_width' ] . " , " . $post [ 'image_height' ] . " , ' " . $post [ 'thumb' ] . " ', " . $post [ 'thumb_width' ] . " , " . $post [ 'thumb_height' ] . " , " . $post [ 'stickied' ] . " ) " );
2014-07-20 19:12:00 +00:00
$max_id = max ( $max_id , $post [ 'id' ]);
}
}
if ( $max_id > 0 && ! mysqli_query ( $link , " ALTER TABLE ` " . TINYIB_DBPOSTS . " ` AUTO_INCREMENT = " . ( $max_id + 1 ))) {
$text .= '<p><b>Warning:</b> Unable to update the AUTO_INCREMENT value for table ' . TINYIB_DBPOSTS . ', please set it to ' . ( $max_id + 1 ) . '.</p>' ;
}
$max_id = 0 ;
$bans = allBans ();
foreach ( $bans as $ban ) {
$max_id = max ( $max_id , $ban [ 'id' ]);
mysqli_query ( $link , " INSERT INTO ` " . TINYIB_DBBANS . " ` (`id`, `ip`, `timestamp`, `expire`, `reason`) VALUES (' " . mysqli_real_escape_string ( $link , $ban [ 'id' ]) . " ', ' " . mysqli_real_escape_string ( $link , $ban [ 'ip' ]) . " ', ' " . mysqli_real_escape_string ( $link , $ban [ 'timestamp' ]) . " ', ' " . mysqli_real_escape_string ( $link , $ban [ 'expire' ]) . " ', ' " . mysqli_real_escape_string ( $link , $ban [ 'reason' ]) . " ') " );
}
if ( $max_id > 0 && ! mysqli_query ( $link , " ALTER TABLE ` " . TINYIB_DBBANS . " ` AUTO_INCREMENT = " . ( $max_id + 1 ))) {
$text .= '<p><b>Warning:</b> Unable to update the AUTO_INCREMENT value for table ' . TINYIB_DBBANS . ', please set it to ' . ( $max_id + 1 ) . '.</p>' ;
}
$text .= '<p><b>Database migration complete</b>. Set TINYIB_DBMODE to mysqli and TINYIB_DBMIGRATE to false, then click <b>Rebuild All</b> above and ensure everything looks the way it should.</p>' ;
} else {
fancyDie ( 'Bans table (' . TINYIB_DBBANS . ') already exists! Please DROP this table and try again.' );
}
} else {
fancyDie ( 'Posts table (' . TINYIB_DBPOSTS . ') already exists! Please DROP this table and try again.' );
}
} else {
fancyDie ( 'Please install the <a href="http://php.net/manual/en/book.mysqli.php">MySQLi extension</a> and try again.' );
}
} else {
fancyDie ( 'Set TINYIB_DBMODE to flatfile and enter in your MySQL settings in settings.php before migrating.' );
}
} else {
$text .= '<p>This tool currently only supports migration from a flat file database to MySQL. Your original database will not be deleted. If the migration fails, disable the tool and your board will be unaffected. See the <a href="https://github.com/tslocum/TinyIB#migrating" target="_blank">README</a> <small>(<a href="README.md" target="_blank">alternate link</a>)</small> for instructions.</a><br><br><a href="?manage&dbmigrate&go"><b>Start the migration</b></a></p>' ;
}
} else {
fancyDie ( 'Set TINYIB_DBMIGRATE to true in settings.php to use this feature.' );
}
2009-09-20 02:53:15 +00:00
}
}
2014-06-24 19:51:22 +00:00
2011-09-06 06:53:37 +00:00
if ( isset ( $_GET [ 'delete' ])) {
2009-09-20 02:53:15 +00:00
$post = postByID ( $_GET [ 'delete' ]);
if ( $post ) {
deletePostByID ( $post [ 'id' ]);
rebuildIndexes ();
2011-08-07 07:24:39 +00:00
if ( $post [ 'parent' ] != TINYIB_NEWTHREAD ) {
2009-09-20 02:53:15 +00:00
rebuildThread ( $post [ 'parent' ]);
}
2011-08-07 07:24:39 +00:00
$text .= manageInfo ( 'Post No.' . $post [ 'id' ] . ' deleted.' );
2009-09-20 02:53:15 +00:00
} else {
fancyDie ( " Sorry, there doesn't appear to be a post with that ID. " );
}
2014-10-17 01:12:52 +00:00
} elseif ( isset ( $_GET [ 'approve' ])) {
if ( $_GET [ 'approve' ] > 0 ) {
$post = postByID ( $_GET [ 'approve' ]);
if ( $post ) {
approvePostByID ( $post [ 'id' ]);
$thread_id = $post [ 'parent' ] == TINYIB_NEWTHREAD ? $post [ 'id' ] : $post [ 'parent' ];
if ( strtolower ( $post [ 'email' ]) != 'sage' && ( TINYIB_MAXREPLIES == 0 || numRepliesToThreadByID ( $thread_id ) <= TINYIB_MAXREPLIES )) {
bumpThreadByID ( $thread_id );
}
threadUpdated ( $thread_id );
$text .= manageInfo ( 'Post No.' . $post [ 'id' ] . ' approved.' );
} else {
fancyDie ( " Sorry, there doesn't appear to be a post with that ID. " );
}
}
2011-09-06 06:53:37 +00:00
} elseif ( isset ( $_GET [ 'moderate' ])) {
2009-09-20 02:53:15 +00:00
if ( $_GET [ 'moderate' ] > 0 ) {
$post = postByID ( $_GET [ 'moderate' ]);
if ( $post ) {
$text .= manageModeratePost ( $post );
} else {
fancyDie ( " Sorry, there doesn't appear to be a post with that ID. " );
}
} else {
$onload = manageOnLoad ( 'moderate' );
$text .= manageModeratePostForm ();
}
2015-08-21 07:45:01 +00:00
} elseif ( isset ( $_GET [ 'sticky' ]) && isset ( $_GET [ 'setsticky' ])) {
if ( $_GET [ 'sticky' ] > 0 ) {
$post = postByID ( $_GET [ 'sticky' ]);
if ( $post && $post [ 'parent' ] == TINYIB_NEWTHREAD ) {
stickyThreadByID ( $post [ 'id' ], ( intval ( $_GET [ 'setsticky' ])));
threadUpdated ( $post [ 'id' ]);
$text .= manageInfo ( 'Thread No.' . $post [ 'id' ] . ' ' . ( intval ( $_GET [ 'setsticky' ]) == 1 ? 'stickied' : 'un-stickied' ) . '.' );
} else {
fancyDie ( " Sorry, there doesn't appear to be a thread with that ID. " );
}
} else {
fancyDie ( " Form data was lost. Please go back and try again. " );
}
2011-08-07 07:24:39 +00:00
} elseif ( isset ( $_GET [ " rawpost " ])) {
$onload = manageOnLoad ( " rawpost " );
$text .= manageRawPostForm ();
2009-09-20 02:53:15 +00:00
} elseif ( isset ( $_GET [ " logout " ])) {
$_SESSION [ 'tinyib' ] = '' ;
session_destroy ();
die ( '--> --> --><meta http-equiv="refresh" content="0;url=' . $returnlink . '?manage">' );
}
2009-09-22 21:29:27 +00:00
if ( $text == '' ) {
2011-08-07 07:24:39 +00:00
$text = manageStatus ();
2009-09-22 21:29:27 +00:00
}
2009-09-20 02:53:15 +00:00
} else {
$onload = manageOnLoad ( 'login' );
$text .= manageLogInForm ();
}
echo managePage ( $text , $onload );
2011-09-06 06:53:37 +00:00
} elseif ( ! file_exists ( 'index.html' ) || countThreads () == 0 ) {
2009-09-20 02:53:15 +00:00
rebuildIndexes ();
}
if ( $redirect ) {
2014-10-17 01:12:52 +00:00
echo '--> --> --><meta http-equiv="refresh" content="' . ( isset ( $slow_redirect ) ? '3' : '0' ) . ';url=' . ( is_string ( $redirect ) ? $redirect : 'index.html' ) . '">' ;
2009-09-20 02:53:15 +00:00
}