Browse Source

Add account system

When TINYIB_ADMINPASS is set, a super-administrator account with the
username 'admin' is created using the provided password.

WHEN TINYIB_MODPASS is set, a moderator account with the username 'mod'
is created using the provided password.
shortcut
Trevor Slocum 6 months ago
parent
commit
1256e7cca0
  1. 8
      .gitignore
  2. 6
      .htaccess
  3. 17
      README.md
  4. 290
      imgboard.php
  5. 23
      inc/database/database.php
  6. 328
      inc/database/flatfile.php
  7. 154
      inc/database/flatfile_link.php
  8. 41
      inc/database/mysql.php
  9. 45
      inc/database/mysql_link.php
  10. 49
      inc/database/mysqli.php
  11. 47
      inc/database/mysqli_link.php
  12. 37
      inc/database/pdo.php
  13. 97
      inc/database/pdo_link.php
  14. 37
      inc/database/sqlite.php
  15. 90
      inc/database/sqlite3.php
  16. 88
      inc/database/sqlite3_link.php
  17. 87
      inc/database/sqlite_link.php
  18. 12
      inc/defines.php
  19. 43
      inc/functions.php
  20. 103
      inc/html.php
  21. 503
      locale/en/tinyib.po
  22. 32
      settings.default.php

8
.gitignore

@ -1,8 +1,12 @@
settings.php
*.html
*.db
.posts
.posts.lock
.accounts*
.bans*
.keywords*
.logs*
.posts*
.reports*
.project
.settings/
.idea/

6
.htaccess

@ -33,5 +33,11 @@ AddOutputFilterByType DEFLATE text/text text/html text/plain text/xml text/css a
</Ifmodule>
<IfModule mod_alias.c>
RedirectMatch 404 (.*)\.accounts$
RedirectMatch 404 (.*)\.bans$
RedirectMatch 404 (.*)\.keywords$
RedirectMatch 404 (.*)\.logs$
RedirectMatch 404 (.*)\.posts$
RedirectMatch 404 (.*)\.reports$
RedirectMatch 404 (.*)\.tinyib.db$
</Ifmodule>

17
README.md

@ -14,7 +14,7 @@ See [DEMOS.md](https://code.rocketnine.space/tslocum/tinyib/src/branch/master/DE
- GIF, JPG, PNG, SWF, MP4 and WebM upload.
- YouTube, Vimeo and SoundCloud embedding.
- CAPTCHA
- CAPTCHA:
- A simple, self-hosted implementation is included.
- [hCaptcha](https://hcaptcha.com) is supported.
- [ReCAPTCHA](https://www.google.com/recaptcha/about/) is supported. (But [not recommended](https://nearcyan.com/you-probably-dont-need-recaptcha/))
@ -24,8 +24,10 @@ See [DEMOS.md](https://code.rocketnine.space/tslocum/tinyib/src/branch/master/DE
- Report posts.
- Block keywords.
- Management panel:
- Administrators and moderators use separate passwords.
- Moderators are only able to sticky threads, lock threads, delete posts, and approve posts when necessary. (See ``TINYIB_REQMOD``)
- Account system:
- Super administrators (all privileges)
- Administrators (all privileges except account management)
- Moderators (only able to sticky threads, lock threads, approve posts and delete posts)
- Ban offensive/abusive posters across all boards.
- Post using raw HTML.
- Upgrade automatically when installed via git. (Tested on Linux only)
@ -62,8 +64,7 @@ support in mind.
- This library is usually installed by default.
- If you plan on disabling image uploads to use TinyIB as a text board only, this library is not required.
- [cURL Library](https://www.php.net/manual/en/book.curl.php)
- This is recommended, but is not strictly required except:
- When `TINYIB_CAPTCHA` is set to `hcaptcha` or `recaptcha`.
- This is recommended, but is not strictly required except when `TINYIB_CAPTCHA` is set to `hcaptcha` or `recaptcha`.
2. CD to the directory you wish to install TinyIB.
3. Run the command:
- `git clone https://code.rocketnine.space/tslocum/tinyib.git ./`
@ -149,8 +150,8 @@ Translation is handled [online](https://hosted.weblate.org/projects/tinyib/tinyi
## Contribute
**Note:** Please do not submit translations as patches. See above.
**Note:** Please do not submit translations via pull requests. See above.
1. Fork TinyIB using [git](https://git-scm.com/downloads).
1. [Fork TinyIB.](https://code.rocketnine.space/repo/fork/6)
2. Commit code changes to your forked repository.
3. Send your patches to trevor@rocketnine.space via [git send-email](https://git-send-email.io/).
3. [Submit a pull request.](https://code.rocketnine.space/tslocum/tinyib/pulls)

290
imgboard.php

@ -34,10 +34,8 @@ ini_set("display_errors", 1);
session_start();
setcookie(session_name(), session_id(), time() + 2592000);
ob_implicit_flush();
if (function_exists('ob_get_level')) {
while (ob_get_level() > 0) {
ob_end_flush();
}
while (ob_get_level() > 0) {
ob_end_flush();
}
function fancyDie($message) {
@ -53,6 +51,7 @@ if (!file_exists('settings.php')) {
}
require 'settings.php';
require 'inc/defines.php';
global $tinyib_capcodes, $tinyib_embeds, $tinyib_hidefields, $tinyib_hidefieldsop;
if (!defined('TINYIB_LOCALE') || TINYIB_LOCALE == '') {
function __($string) {
@ -67,12 +66,65 @@ if (!defined('TINYIB_LOCALE') || TINYIB_LOCALE == '') {
$translator->register();
}
if (TINYIB_TRIPSEED == '' || TINYIB_ADMINPASS == '') {
fancyDie(__('TINYIB_TRIPSEED and TINYIB_ADMINPASS must be configured.'));
}
if ((TINYIB_CAPTCHA === 'hcaptcha' || TINYIB_MANAGECAPTCHA === 'hcaptcha') && (TINYIB_HCAPTCHA_SITE == '' || TINYIB_HCAPTCHA_SECRET == '')) {
fancyDie(__('TINYIB_HCAPTCHA_SITE and TINYIB_HCAPTCHA_SECRET must be configured.'));
}
if ((TINYIB_CAPTCHA === 'recaptcha' || TINYIB_MANAGECAPTCHA === 'recaptcha') && (TINYIB_RECAPTCHA_SITE == '' || TINYIB_RECAPTCHA_SECRET == '')) {
fancyDie(__('TINYIB_RECAPTCHA_SITE and TINYIB_RECAPTCHA_SECRET must be configured.'));
}
if (TINYIB_TIMEZONE != '') {
date_default_timezone_set(TINYIB_TIMEZONE);
}
$bcrypt_salt = '$2y$12$' . str_pad(str_replace('=', '/', str_replace('+', '.', substr(base64_encode(TINYIB_TRIPSEED), 0, 22))), 22, '/');
$database_modes = array('flatfile', 'mysql', 'mysqli', 'sqlite', 'sqlite3', 'pdo');
if (!in_array(TINYIB_DBMODE, $database_modes)) {
fancyDie(__('Unknown database mode specified.'));
}
if (TINYIB_DBMODE == 'pdo' && TINYIB_DBDRIVER == 'pgsql') {
$accounts_sql = 'CREATE TABLE "' . TINYIB_DBACCOUNTS . '" (
"id" bigserial NOT NULL,
"username" varchar(255) NOT NULL,
"password" text NOT NULL,
"role" integer NOT NULL,
"lastactive" integer NOT NULL,
PRIMARY KEY ("id")
);';
$bans_sql = 'CREATE TABLE "' . TINYIB_DBBANS . '" (
"id" bigserial NOT NULL,
"ip" varchar(255) NOT NULL,
"timestamp" integer NOT NULL,
"expire" integer NOT NULL,
"reason" text NOT NULL,
PRIMARY KEY ("id")
);
CREATE INDEX ON "' . TINYIB_DBBANS . '"("ip");';
$keywords_sql = 'CREATE TABLE "' . TINYIB_DBKEYWORDS . '" (
"id" bigserial NOT NULL,
"text" varchar(255) NOT NULL,
"action" varchar(255) NOT NULL,
PRIMARY KEY ("id")
);';
$logs_sql = 'CREATE TABLE "' . TINYIB_DBLOGS . '" (
"id" bigserial NOT NULL,
"timestamp" integer NOT NULL,
"account" integer NOT NULL,
"message" text NOT NULL,
PRIMARY KEY ("id")
);
CREATE INDEX ON "' . TINYIB_DBLOGS . '"("account");';
$posts_sql = 'CREATE TABLE "' . TINYIB_DBPOSTS . '" (
"id" bigserial NOT NULL,
"parent" integer NOT NULL,
@ -106,30 +158,48 @@ if (TINYIB_DBMODE == 'pdo' && TINYIB_DBDRIVER == 'pgsql') {
CREATE INDEX ON "' . TINYIB_DBPOSTS . '"("stickied");
CREATE INDEX ON "' . TINYIB_DBPOSTS . '"("moderated");';
$bans_sql = 'CREATE TABLE "' . TINYIB_DBBANS . '" (
"id" bigserial NOT NULL,
"ip" varchar(255) NOT NULL,
"timestamp" integer NOT NULL,
"expire" integer NOT NULL,
"reason" text NOT NULL,
PRIMARY KEY ("id")
);
CREATE INDEX ON "' . TINYIB_DBBANS . '"("ip");';
$reports_sql = 'CREATE TABLE "' . TINYIB_DBREPORTS . '" (
"id" bigserial NOT NULL,
"ip" varchar(255) NOT NULL,
"post" integer NOT NULL,
PRIMARY KEY ("id")
);';
$keywords_sql = 'CREATE TABLE "' . TINYIB_DBKEYWORDS . '" (
"id" bigserial NOT NULL,
"text" varchar(255) NOT NULL,
"action" varchar(255) NOT NULL,
PRIMARY KEY ("id")
);';
} else {
$accounts_sql = "CREATE TABLE `" . TINYIB_DBACCOUNTS . "` (
`id` mediumint(7) unsigned NOT NULL auto_increment,
`username` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL,
`password` text CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL,
`role` mediumint(7) unsigned NOT NULL,
`lastactive` int(20) unsigned NOT NULL,
PRIMARY KEY (`id`)
)";
$bans_sql = "CREATE TABLE `" . TINYIB_DBBANS . "` (
`id` mediumint(7) unsigned NOT NULL auto_increment,
`ip` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL,
`timestamp` int(20) NOT NULL,
`expire` int(20) NOT NULL,
`reason` text CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL,
PRIMARY KEY (`id`),
KEY `ip` (`ip`)
)";
$keywords_sql = "CREATE TABLE `" . TINYIB_DBKEYWORDS . "` (
`id` mediumint(7) unsigned NOT NULL auto_increment,
`text` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL,
`action` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL,
PRIMARY KEY (`id`)
)";
$logs_sql = "CREATE TABLE `" . TINYIB_DBLOGS . "` (
`id` mediumint(7) unsigned NOT NULL auto_increment,
`timestamp` int(20),
`account` mediumint(7) unsigned NOT NULL,
`message` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL,
PRIMARY KEY (`id`),
KEY `account` (`account`)
)";
$posts_sql = "CREATE TABLE `" . TINYIB_DBPOSTS . "` (
`id` mediumint(7) unsigned NOT NULL auto_increment,
`parent` mediumint(7) unsigned NOT NULL,
@ -162,29 +232,12 @@ if (TINYIB_DBMODE == 'pdo' && TINYIB_DBDRIVER == 'pgsql') {
KEY `moderated` (`moderated`)
)";
$bans_sql = "CREATE TABLE `" . TINYIB_DBBANS . "` (
`id` mediumint(7) unsigned NOT NULL auto_increment,
`ip` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL,
`timestamp` int(20) NOT NULL,
`expire` int(20) NOT NULL,
`reason` text CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL,
PRIMARY KEY (`id`),
KEY `ip` (`ip`)
)";
$reports_sql = "CREATE TABLE `" . TINYIB_DBREPORTS . "` (
`id` mediumint(7) unsigned NOT NULL auto_increment,
`ip` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL,
`post` int(20) NOT NULL,
PRIMARY KEY (`id`)
)";
$keywords_sql = "CREATE TABLE `" . TINYIB_DBKEYWORDS . "` (
`id` mediumint(7) unsigned NOT NULL auto_increment,
`text` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL,
`action` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL,
PRIMARY KEY (`id`)
)";
}
// Check directories are writable by the script
@ -198,29 +251,11 @@ foreach ($writedirs as $dir) {
}
}
$includes = array('inc/functions.php', 'inc/html.php', 'inc/database/' . TINYIB_DBMODE . '_link.php', 'inc/database/' . TINYIB_DBMODE . '.php');
$includes = array('inc/functions.php', 'inc/html.php', 'inc/database/' . TINYIB_DBMODE . '_link.php', 'inc/database/' . TINYIB_DBMODE . '.php', 'inc/database/database.php');
foreach ($includes as $include) {
require $include;
}
if (TINYIB_TRIPSEED == '' || TINYIB_ADMINPASS == '') {
fancyDie(__('TINYIB_TRIPSEED and TINYIB_ADMINPASS must be configured.'));
}
if ((TINYIB_CAPTCHA === 'hcaptcha' || TINYIB_MANAGECAPTCHA === 'hcaptcha') && (TINYIB_HCAPTCHA_SITE == '' || TINYIB_HCAPTCHA_SECRET == '')) {
fancyDie(__('TINYIB_HCAPTCHA_SITE and TINYIB_HCAPTCHA_SECRET must be configured.'));
}
if ((TINYIB_CAPTCHA === 'recaptcha' || TINYIB_MANAGECAPTCHA === 'recaptcha') && (TINYIB_RECAPTCHA_SITE == '' || TINYIB_RECAPTCHA_SECRET == '')) {
fancyDie(__('TINYIB_RECAPTCHA_SITE and TINYIB_RECAPTCHA_SECRET must be configured.'));
}
if (TINYIB_TIMEZONE != '') {
date_default_timezone_set(TINYIB_TIMEZONE);
}
$bcrypt_salt = '$2y$12$' . str_pad(str_replace('=', '/', str_replace('+', '.', substr(base64_encode(TINYIB_TRIPSEED), 0, 22))), 22, '/');
$redirect = true;
// Check if the request is to make a post
if (!isset($_GET['delete']) && !isset($_GET['manage']) && (isset($_POST['name']) || isset($_POST['email']) || isset($_POST['subject']) || isset($_POST['message']) || isset($_POST['file']) || isset($_POST['embed']) || isset($_POST['password']))) {
@ -228,7 +263,8 @@ if (!isset($_GET['delete']) && !isset($_GET['manage']) && (isset($_POST['name'])
fancyDie(__('Posting is currently disabled.<br>Please try again in a few moments.'));
}
list($loggedin, $isadmin) = manageCheckLogIn(false);
list($account, $loggedin, $isadmin) = manageCheckLogIn(false);
$rawpost = isRawPost();
$rawposttext = '';
if (!$loggedin) {
@ -512,7 +548,7 @@ if (!isset($_GET['delete']) && !isset($_GET['manage']) && (isset($_POST['name'])
$json_posts = array();
$posts = postsInThreadByID($thread_id);
if ($new_since > 0) {
foreach ($posts as $i => $post) {
foreach ($posts as $i => $post) {
if ($post['id'] <= $new_since) {
continue;
}
@ -554,9 +590,9 @@ if (!isset($_GET['delete']) && !isset($_GET['manage']) && (isset($_POST['name'])
$post = postByID($_POST['delete']);
if ($post) {
list($loggedin, $isadmin) = manageCheckLogIn(false);
list($account, $loggedin, $isadmin) = manageCheckLogIn(false);
if ($loggedin && $_POST['password'] == '') {
if (!empty($account) && $_POST['password'] == '') {
// Redirect to post moderation page
echo '--&gt; --&gt; --&gt;<meta http-equiv="refresh" content="0;url=' . basename($_SERVER['PHP_SELF']) . '?manage&moderate=' . $_POST['delete'] . '">';
} elseif ($post['password'] != '' && (hashData($_POST['password']) == $post['password'] || md5(md5($_POST['password'])) == $post['password'])) {
@ -592,7 +628,7 @@ if (!isset($_GET['delete']) && !isset($_GET['manage']) && (isset($_POST['name'])
die('--&gt; --&gt; --&gt;<meta http-equiv="refresh" content="0;url=imgboard.php">');
}
list($loggedin, $isadmin) = manageCheckLogIn(true);
list($account, $loggedin, $isadmin) = manageCheckLogIn(true);
if ($loggedin) {
if ($isadmin) {
@ -608,6 +644,57 @@ if (!isset($_GET['delete']) && !isset($_GET['manage']) && (isset($_POST['name'])
fancyDie(__('Reporting is disabled.'));
}
$text .= manageReportsPage($_GET['reports']);
} elseif (isset($_GET['accounts'])) {
if ($account['role'] != TINYIB_SUPER_ADMINISTRATOR) {
fancyDie(__('Access denied'));
}
$id = intval($_GET['accounts']);
if (isset($_POST['id'])) {
$id = intval($_POST['id']);
}
$a = array('id' => 0);
if ($id > 0) {
$a = accountByID($id);
if (empty($a)) {
fancyDie(__('Account not found.'));
}
if ($a['username'] == 'admin' && TINYIB_ADMINPASS != '') {
fancyDie(__('This account may not be updated while TINYIB_ADMINPASS is set.'));
} else if ($a['username'] == 'mod' && TINYIB_MODPASS != '') {
fancyDie(__('This account may not be updated while TINYIB_MODPASS is set.'));
}
}
if (isset($_POST['id'])) {
if ($id == 0 && $_POST['password'] == '') {
fancyDie(__('A password is required.'));
}
$a['username'] = $_POST['username'];
if ($_POST['password'] != '') {
$a['password'] = $_POST['password'];
}
$a['role'] = intval($_POST['role']);
if ($a['role'] !== TINYIB_SUPER_ADMINISTRATOR && $a['role'] != TINYIB_ADMINISTRATOR && $a['role'] != TINYIB_MODERATOR && $a['role'] != TINYIB_DISABLED) {
fancyDie(__('Invalid role.'));
}
if ($id == 0) {
insertAccount($a);
$text .= manageInfo(__('Added account'));
} else {
updateAccount($a);
$text .= manageInfo(__('Updated account'));
}
}
$onload = manageOnLoad('accounts');
$text .= manageAccountForm($_GET['accounts']);
if (intval($_GET['accounts']) == 0) {
$text .= manageAccountsTable();
}
} elseif (isset($_GET['bans'])) {
clearExpiredBans();
@ -690,22 +777,49 @@ if (!isset($_GET['delete']) && !isset($_GET['manage']) && (isset($_POST['name'])
<p>If you installed TinyIB without Git, you must <a href="https://code.rocketnine.space/tslocum/tinyib">update manually</a>. If you did install with Git, ensure the script has read and write access to the <b>.git</b> folder.</p>';
}
} elseif (isset($_GET['dbmigrate'])) {
if (TINYIB_DBMIGRATE !== '' && TINYIB_DBMIGRATE !== false) {
if (TINYIB_DBMIGRATE !== '' && TINYIB_DBMIGRATE !== false && TINYIB_DBMODE != TINYIB_DBMIGRATE) {
$mysql_modes = array('mysql', 'mysqli');
if (in_array(TINYIB_DBMODE, $mysql_modes) && in_array(TINYIB_DBMIGRATE, $mysql_modes)) {
fancyDie('TINYIB_DBMODE and TINYIB_DBMIGRATE are both set to MySQL database modes. No migration is necessary.');
}
$sqlite_modes = array('sqlite', 'sqlite3');
if (in_array(TINYIB_DBMODE, $sqlite_modes) && in_array(TINYIB_DBMIGRATE, $sqlite_modes)) {
fancyDie('TINYIB_DBMODE and TINYIB_DBMIGRATE are both set to SQLite database modes. No migration is necessary.');
}
if (!in_array(TINYIB_DBMIGRATE, $database_modes)) {
fancyDie(__('Unknown database mode specified.'));
}
if (isset($_GET['go'])) {
if (TINYIB_DBMODE == TINYIB_DBMIGRATE) {
fancyDie('Set TINYIB_DBMIGRATE to the desired TINYIB_DBMODE and enter in any database related settings in settings.php before migrating.');
require 'inc/database/' . TINYIB_DBMIGRATE . '_link.php';
echo '<p>Migrating accounts...</p>';
$accounts = allAccounts();
foreach ($accounts as $account) {
migrateAccount($account);
}
echo '<p>Migrating bans...</p>';
$bans = allBans();
foreach ($bans as $ban) {
migrateBan($ban);
}
$mysql_modes = array('mysql', 'mysqli');
if (in_array(TINYIB_DBMODE, $mysql_modes) && in_array(TINYIB_DBMIGRATE, $mysql_modes)) {
fancyDie('TINYIB_DBMODE and TINYIB_DBMIGRATE are both set to MySQL database modes. No migration is necessary.');
echo '<p>Migrating keywords...</p>';
$keywords = allKeywords();
foreach ($keywords as $keyword) {
migrateKeyword($keyword);
}
if (!in_array(TINYIB_DBMIGRATE, $database_modes)) {
fancyDie(__('Unknown database mode specified.'));
echo '<p>Migrating logs...</p>';
$logs = allLogs();
foreach ($logs as $log) {
migrateLog($log);
}
require 'inc/database/' . TINYIB_DBMIGRATE . '_link.php';
echo '<p>Migrating posts...</p>';
$threads = allThreads();
foreach ($threads as $thread) {
$posts = postsInThreadByID($thread['id']);
@ -714,17 +828,18 @@ if (!isset($_GET['delete']) && !isset($_GET['manage']) && (isset($_POST['name'])
}
}
$bans = allBans();
foreach ($bans as $ban) {
migrateBan($ban);
echo '<p>Migrating reports...</p>';
$reports = allReports();
foreach ($reports as $report) {
migrateReport($report);
}
echo '<p><b>Database migration complete</b>. Set TINYIB_DBMODE to mysqli and TINYIB_DBMIGRATE to false, then click <b>Rebuild All</b> above and ensure everything looks the way it should.</p>';
echo '<p><b>Database migration complete</b>. Set TINYIB_DBMODE to the new database mode and TINYIB_DBMIGRATE to false, then click <b>Rebuild All</b> above and ensure everything looks and works as it should.</p>';
} else {
$text .= '<p>Your original database will not be deleted. If the migration fails, disable the tool and your board will be unaffected. See the <a href="https://code.rocketnine.space/tslocum/tinyib/src/branch/master/README.md" target="_blank">README</a> <small>(<a href="README.md" target="_blank">alternate link</a>)</small> for instructions.</a><br><br><a href="?manage&dbmigrate&go"><b>Start the migration</b></a></p>';
}
} else {
fancyDie('Set TINYIB_DBMIGRATE to true in settings.php to use this feature.');
fancyDie('Set TINYIB_DBMIGRATE to the desired TINYIB_DBMODE and enter in any database related settings in settings.php before migrating.');
}
}
}
@ -813,10 +928,25 @@ if (!isset($_GET['delete']) && !isset($_GET['manage']) && (isset($_POST['name'])
} elseif (isset($_GET["rawpost"])) {
$onload = manageOnLoad("rawpost");
$text .= buildPostForm(0, true);
}
} elseif (isset($_GET['changepassword'])) {
if ($account['username'] == 'admin' && TINYIB_ADMINPASS != '') {
fancyDie(__('This account may not be updated while TINYIB_ADMINPASS is set.'));
} else if ($account['username'] == 'mod' && TINYIB_MODPASS != '') {
fancyDie(__('This account may not be updated while TINYIB_MODPASS is set.'));
}
if (isset($_POST['password'])) {
if ($_POST['password'] == '') {
fancyDie(__('A password is required.'));
}
$account['password'] = $_POST['password'];
updateAccount($account);
if ($text == '') {
$text = manageStatus();
$text .= manageInfo(__('Password updated'));
}
$text .= manageChangePasswordForm();
}
} else {
$onload = manageOnLoad('login');
@ -830,4 +960,4 @@ if (!isset($_GET['delete']) && !isset($_GET['manage']) && (isset($_POST['name'])
if ($redirect) {
echo '--&gt; --&gt; --&gt;<meta http-equiv="refresh" content="' . (isset($slow_redirect) ? '3' : '0') . ';url=' . (is_string($redirect) ? $redirect : TINYIB_INDEX) . '">';
}
}

23
inc/database/database.php

@ -0,0 +1,23 @@
<?php
if (TINYIB_ADMINPASS != '') {
$admin = accountByUsername('admin');
if (!empty($admin)) {
$admin['password'] = TINYIB_ADMINPASS;
updateAccount($admin);
} else {
$admin = array('username' => 'admin', 'password' => TINYIB_ADMINPASS, 'role' => TINYIB_SUPER_ADMINISTRATOR);
insertAccount($admin);
}
}
if (TINYIB_MODPASS != '') {
$mod = accountByUsername('mod');
if (!empty($mod)) {
$mod['password'] = TINYIB_MODPASS;
updateAccount($mod);
} else {
$mod = array('username' => 'mod', 'password' => TINYIB_MODPASS, 'role' => TINYIB_MODERATOR);
insertAccount($mod);
}
}

328
inc/database/flatfile.php

@ -3,6 +3,218 @@ if (!defined('TINYIB_BOARD')) {
die('');
}
// Account functions
function accountByID($id) {
$rows = $GLOBALS['db']->selectWhere(ACCOUNTS_FILE, new SimpleWhereClause(ACCOUNT_ID, '=', $id, INTEGER_COMPARISON), 1);
if (isset($rows[0])) {
return $rows[0];
}
return array();
}
function accountByUsername($username) {
$rows = $GLOBALS['db']->selectWhere(ACCOUNTS_FILE, new SimpleWhereClause(ACCOUNT_USERNAME, '=', $username, STRING_COMPARISON), 1);
if (isset($rows[0])) {
return $rows[0];
}
return array();
}
function allAccounts() {
$rows = $GLOBALS['db']->selectWhere(ACCOUNTS_FILE, NULL, -1, array(new OrderBy(ACCOUNT_ROLE, ASCENDING, INTEGER_COMPARISON), new OrderBy(ACCOUNT_USERNAME, ASCENDING, STRING_COMPARISON)));
return convertAccountsToSQLStyle($rows);
}
function convertAccountsToSQLStyle($accounts, $single = false) {
$newaccounts = array();
foreach ($accounts as $a) {
$account = array();
$account['id'] = $a[ACCOUNT_ID];
$account['username'] = $a[ACCOUNT_USERNAME];
$account['password'] = $a[ACCOUNT_PASSWORD];
$account['role'] = $a[ACCOUNT_ROLE];
$account['lastactive'] = $a[ACCOUNT_LASTACTIVE];
if ($single) {
return $account;
}
$newaccounts[] = $account;
}
return $newaccounts;
}
function insertAccount($a) {
$account = array();
$account[ACCOUNT_ID] = '0';
$account[ACCOUNT_USERNAME] = $a['username'];
$account[ACCOUNT_PASSWORD] = hashData($a['password']);
$account[ACCOUNT_ROLE] = $a['role'];
$account[ACCOUNT_LASTACTIVE] = 0;
$GLOBALS['db']->insertWithAutoId(ACCOUNTS_FILE, ACCOUNT_ID, $account);
}
function updateAccount($a) {
$account = array();
$account[ACCOUNT_ID] = $a['id'];
$account[ACCOUNT_USERNAME] = $a['username'];
$account[ACCOUNT_PASSWORD] = hashData($a['password']);
$account[ACCOUNT_ROLE] = $a['role'];
$account[ACCOUNT_LASTACTIVE] = $a['lastactive'];
$GLOBALS['db']->updateRowById(ACCOUNTS_FILE, ACCOUNT_ID, $account);
}
function deleteAccountByID($id) {
$GLOBALS['db']->deleteWhere(ACCOUNTS_FILE, new SimpleWhereClause(ACCOUNT_ID, '=', $id, INTEGER_COMPARISON));
}
// Ban functions
function banByID($id) {
return convertBansToSQLStyle($GLOBALS['db']->selectWhere(BANS_FILE, new SimpleWhereClause(BAN_ID, '=', $id, INTEGER_COMPARISON), 1), true);
}
function banByIP($ip) {
$compClause = new OrWhereClause();
$compClause->add(new SimpleWhereClause(BAN_IP, '=', $ip, STRING_COMPARISON));
$compClause->add(new SimpleWhereClause(BAN_IP, '=', hashData($ip), STRING_COMPARISON));
return convertBansToSQLStyle($GLOBALS['db']->selectWhere(BANS_FILE, $compClause, 1), true);
}
function allBans() {
$rows = $GLOBALS['db']->selectWhere(BANS_FILE, NULL, -1, new OrderBy(BAN_TIMESTAMP, DESCENDING, INTEGER_COMPARISON));
return convertBansToSQLStyle($rows);
}
function convertBansToSQLStyle($bans, $single = false) {
$newbans = array();
foreach ($bans as $oldban) {
$ban = array();
$ban['id'] = $oldban[BAN_ID];
$ban['ip'] = $oldban[BAN_IP];
$ban['timestamp'] = $oldban[BAN_TIMESTAMP];
$ban['expire'] = $oldban[BAN_EXPIRE];
$ban['reason'] = $oldban[BAN_REASON];
if ($single) {
return $ban;
}
$newbans[] = $ban;
}
return $newbans;
}
function insertBan($newban) {
$ban = array();
$ban[BAN_ID] = '0';
$ban[BAN_IP] = hashData($newban['ip']);
$ban[BAN_TIMESTAMP] = time();
$ban[BAN_EXPIRE] = $newban['expire'];
$ban[BAN_REASON] = $newban['reason'];
return $GLOBALS['db']->insertWithAutoId(BANS_FILE, BAN_ID, $ban);
}
function clearExpiredBans() {
$compClause = new AndWhereClause();
$compClause->add(new SimpleWhereClause(BAN_EXPIRE, '>', 0, INTEGER_COMPARISON));
$compClause->add(new SimpleWhereClause(BAN_EXPIRE, '<=', time(), INTEGER_COMPARISON));
$bans = $GLOBALS['db']->selectWhere(BANS_FILE, $compClause, -1);
foreach ($bans as $ban) {
deleteBanByID($ban[BAN_ID]);
}
}
function deleteBanByID($id) {
$GLOBALS['db']->deleteWhere(BANS_FILE, new SimpleWhereClause(BAN_ID, '=', $id, INTEGER_COMPARISON));
}
// Keyword functions
function keywordByID($id) {
$clause = new SimpleWhereClause(KEYWORD_ID, '=', $id, INTEGER_COMPARISON);
return convertKeywordsToSQLStyle($GLOBALS['db']->selectWhere(KEYWORDS_FILE, $clause, 1), true);
}
function keywordByText($text) {
$text = strtolower($text);
$clause = new SimpleWhereClause(KEYWORD_TEXT, '=', $text, STRING_COMPARISON);
return convertKeywordsToSQLStyle($GLOBALS['db']->selectWhere(KEYWORDS_FILE, $clause, 1), true);
}
function allKeywords() {
$rows = $GLOBALS['db']->selectWhere(KEYWORDS_FILE, NULL, -1, new OrderBy(KEYWORD_TEXT, ASCENDING, INTEGER_COMPARISON));
return convertKeywordsToSQLStyle($rows);
}
function convertKeywordsToSQLStyle($keywords, $single = false) {
$newkeywords = array();
foreach ($keywords as $oldkeyword) {
$keyword = array();
$keyword['id'] = $oldkeyword[KEYWORD_ID];
$keyword['text'] = $oldkeyword[KEYWORD_TEXT];
$keyword['action'] = $oldkeyword[KEYWORD_ACTION];
if ($single) {
return $keyword;
}
$newkeywords[] = $keyword;
}
return $newkeywords;
}
function insertKeyword($newkeyword) {
$newkeyword['text'] = strtolower($newkeyword['text']);
$keyword = array();
$keyword[KEYWORD_ID] = '0';
$keyword[KEYWORD_TEXT] = $newkeyword['text'];
$keyword[KEYWORD_ACTION] = $newkeyword['action'];
$GLOBALS['db']->insertWithAutoId(KEYWORDS_FILE, KEYWORD_ID, $keyword);
}
function deleteKeyword($id) {
$GLOBALS['db']->deleteWhere(KEYWORDS_FILE, new SimpleWhereClause(KEYWORD_ID, '=', $id, INTEGER_COMPARISON));
}
// Log functions
function allLogs() {
$rows = $GLOBALS['db']->selectWhere(LOGS_FILE, NULL, -1, new OrderBy(LOG_ID, DESCENDING, INTEGER_COMPARISON));
return convertLogsToSQLStyle($rows);
}
function convertLogsToSQLStyle($logs, $single = false) {
$newlogs = array();
foreach ($logs as $l) {
$log = array();
$log['id'] = $l[LOG_ID];
$log['timestamp'] = $l[LOG_TIMESTAMP];
$log['account'] = $l[LOG_ACCOUNT];
$log['message'] = $l[LOG_MESSAGE];
if ($single) {
return $log;
}
$newlogs[] = $log;
}
return $newlogs;
}
function insertLog($l) {
$log = array();
$log['id'] = '0';
$log['timestamp'] = $l[LOG_TIMESTAMP];
$log['account'] = $l[LOG_ACCOUNT];
$log['message'] = $l[LOG_MESSAGE];
$GLOBALS['db']->insertWithAutoId(LOGS_FILE, LOG_ID, $log);
}
function deleteLog($id) {
$GLOBALS['db']->deleteWhere(LOGS_FILE, new SimpleWhereClause(LOG_ID, '=', $id, INTEGER_COMPARISON));
}
// Post functions
function uniquePosts() {
return 0; // Unsupported by this database option
@ -96,7 +308,7 @@ function countThreads() {
return count($rows);
}
function convertPostsToSQLStyle($posts, $singlepost = false) {
function convertPostsToSQLStyle($posts, $single = false) {
$newposts = array();
foreach ($posts as $oldpost) {
$post = newPost();
@ -129,7 +341,7 @@ function convertPostsToSQLStyle($posts, $singlepost = false) {
$post['parent'] = TINYIB_NEWTHREAD;
}
if ($singlepost) {
if ($single) {
return $post;
}
$newposts[] = $post;
@ -201,67 +413,6 @@ function lastPostByIP() {
return convertPostsToSQLStyle($rows, true);
}
// Ban functions
function banByID($id) {
return convertBansToSQLStyle($GLOBALS['db']->selectWhere(BANS_FILE, new SimpleWhereClause(BAN_ID, '=', $id, INTEGER_COMPARISON), 1), true);
}
function banByIP($ip) {
$compClause = new OrWhereClause();
$compClause->add(new SimpleWhereClause(BAN_IP, '=', $ip, STRING_COMPARISON));
$compClause->add(new SimpleWhereClause(BAN_IP, '=', hashData($ip), STRING_COMPARISON));
return convertBansToSQLStyle($GLOBALS['db']->selectWhere(BANS_FILE, $compClause, 1), true);
}
function allBans() {
$rows = $GLOBALS['db']->selectWhere(BANS_FILE, NULL, -1, new OrderBy(BAN_TIMESTAMP, DESCENDING, INTEGER_COMPARISON));
return convertBansToSQLStyle($rows);
}
function convertBansToSQLStyle($bans, $singleban = false) {
$newbans = array();
foreach ($bans as $oldban) {
$ban = array();
$ban['id'] = $oldban[BAN_ID];
$ban['ip'] = $oldban[BAN_IP];
$ban['timestamp'] = $oldban[BAN_TIMESTAMP];
$ban['expire'] = $oldban[BAN_EXPIRE];
$ban['reason'] = $oldban[BAN_REASON];
if ($singleban) {
return $ban;
}
$newbans[] = $ban;
}
return $newbans;
}
function insertBan($newban) {
$ban = array();
$ban[BAN_ID] = '0';
$ban[BAN_IP] = hashData($newban['ip']);
$ban[BAN_TIMESTAMP] = time();
$ban[BAN_EXPIRE] = $newban['expire'];
$ban[BAN_REASON] = $newban['reason'];
return $GLOBALS['db']->insertWithAutoId(BANS_FILE, BAN_ID, $ban);
}
function clearExpiredBans() {
$compClause = new AndWhereClause();
$compClause->add(new SimpleWhereClause(BAN_EXPIRE, '>', 0, INTEGER_COMPARISON));
$compClause->add(new SimpleWhereClause(BAN_EXPIRE, '<=', time(), INTEGER_COMPARISON));
$bans = $GLOBALS['db']->selectWhere(BANS_FILE, $compClause, -1);
foreach ($bans as $ban) {
deleteBanByID($ban[BAN_ID]);
}
}
function deleteBanByID($id) {
$GLOBALS['db']->deleteWhere(BANS_FILE, new SimpleWhereClause(BAN_ID, '=', $id, INTEGER_COMPARISON));
}
// Report functions
function reportByIP($post, $ip) {
$ipClause = new OrWhereClause();
@ -284,7 +435,7 @@ function allReports() {
return convertReportsToSQLStyle($rows);
}
function convertReportsToSQLStyle($reports, $singlereport = false) {
function convertReportsToSQLStyle($reports, $single = false) {
$newreports = array();
foreach ($reports as $oldreport) {
$report = array();
@ -292,7 +443,7 @@ function convertReportsToSQLStyle($reports, $singlereport = false) {
$report['ip'] = $oldreport[REPORT_IP];
$report['post'] = $oldreport[REPORT_POST];
if ($singlereport) {
if ($single) {
return $report;
}
$newreports[] = $report;
@ -320,50 +471,3 @@ function deleteReportsByIP($ip) {
$GLOBALS['db']->deleteWhere(REPORTS_FILE, $ipClause);
}
// Keyword functions
function keywordByID($id) {
$clause = new SimpleWhereClause(KEYWORD_ID, '=', $id, INTEGER_COMPARISON);
return convertKeywordsToSQLStyle($GLOBALS['db']->selectWhere(KEYWORDS_FILE, $clause, 1), true);
}
function keywordByText($text) {
$text = strtolower($text);
$clause = new SimpleWhereClause(KEYWORD_TEXT, '=', $text, STRING_COMPARISON);
return convertKeywordsToSQLStyle($GLOBALS['db']->selectWhere(KEYWORDS_FILE, $clause, 1), true);
}
function allKeywords() {
$rows = $GLOBALS['db']->selectWhere(KEYWORDS_FILE, NULL, -1, new OrderBy(KEYWORD_TEXT, ASCENDING, INTEGER_COMPARISON));
return convertKeywordsToSQLStyle($rows);
}
function convertKeywordsToSQLStyle($keywords, $singlekeyword = false) {
$newkeywords = array();
foreach ($keywords as $oldkeyword) {
$keyword = array();
$keyword['id'] = $oldkeyword[KEYWORD_ID];
$keyword['text'] = $oldkeyword[KEYWORD_TEXT];
$keyword['action'] = $oldkeyword[KEYWORD_ACTION];
if ($singlekeyword) {
return $keyword;
}
$newkeywords[] = $keyword;
}
return $newkeywords;
}
function insertKeyword($newkeyword) {
$newkeyword['text'] = strtolower($newkeyword['text']);
$keyword = array();
$keyword[KEYWORD_ID] = '0';
$keyword[KEYWORD_TEXT] = $newkeyword['text'];
$keyword[KEYWORD_ACTION] = $newkeyword['action'];
$GLOBALS['db']->insertWithAutoId(KEYWORDS_FILE, KEYWORD_ID, $keyword);
}
function deleteKeyword($id) {
$GLOBALS['db']->deleteWhere(KEYWORDS_FILE, new SimpleWhereClause(KEYWORD_ID, '=', $id, INTEGER_COMPARISON));
}

154
inc/database/flatfile_link.php

@ -3,6 +3,35 @@ if (!defined('TINYIB_BOARD')) {
die('');
}
// Accounts table
define('ACCOUNTS_FILE', '.accounts');
define('ACCOUNT_ID', 0);
define('ACCOUNT_USERNAME', 1);
define('ACCOUNT_PASSWORD', 2);
define('ACCOUNT_ROLE', 3);
define('ACCOUNT_LASTACTIVE', 4);
// Bans table
define('BANS_FILE', '.bans');
define('BAN_ID', 0);
define('BAN_IP', 1);
define('BAN_TIMESTAMP', 2);
define('BAN_EXPIRE', 3);
define('BAN_REASON', 4);
// Keywords table
define('KEYWORDS_FILE', '.keywords');
define('KEYWORD_ID', 0);
define('KEYWORD_TEXT', 1);
define('KEYWORD_ACTION', 2);
// Log table
define('LOGS_FILE', '.logs');
define('LOG_ID', 0);
define('LOG_TIMESTAMP', 1);
define('LOG_ACCOUNT', 2);
define('LOG_MESSAGE', 3);
// Posts table
define('POSTS_FILE', '.posts');
define('POST_ID', 0);
@ -31,26 +60,12 @@ define('POST_STICKIED', 22);
define('POST_LOCKED', 23);
define('POST_MODERATED', 24);
// Bans table
define('BANS_FILE', '.bans');
define('BAN_ID', 0);
define('BAN_IP', 1);
define('BAN_TIMESTAMP', 2);
define('BAN_EXPIRE', 3);
define('BAN_REASON', 4);
// Reports table
define('REPORTS_FILE', '.reports');
define('REPORT_ID', 0);
define('REPORT_IP', 1);
define('REPORT_POST', 2);
// Keywords table
define('KEYWORDS_FILE', '.keywords');
define('KEYWORD_ID', 0);
define('KEYWORD_TEXT', 1);
define('KEYWORD_ACTION', 2);
require_once 'flatfile/flatfile.php';
$db = new Flatfile();
$db->datadir = 'inc/database/flatfile/';
@ -60,59 +75,78 @@ if (file_exists('inc/flatfile/' . POSTS_FILE)) {
}
if (function_exists('insertPost')) {
function migratePost($newpost) {
$post = array();
$post[POST_ID] = $newpost['id'];
$post[POST_PARENT] = $newpost['parent'];
$post[POST_TIMESTAMP] = $newpost['timestamp'];
$post[POST_BUMPED] = $newpost['bumped'];
$post[POST_IP] = $newpost['ip'];
$post[POST_NAME] = $newpost['name'];
$post[POST_TRIPCODE] = $newpost['tripcode'];
$post[POST_EMAIL] = $newpost['email'];
$post[POST_NAMEBLOCK] = $newpost['nameblock'];
$post[POST_SUBJECT] = $newpost['subject'];
$post[POST_MESSAGE] = $newpost['message'];
$post[POST_PASSWORD] = $newpost['password'];
$post[POST_FILE] = $newpost['file'];
$post[POST_FILE_HEX] = $newpost['file_hex'];
$post[POST_FILE_ORIGINAL] = $newpost['file_original'];
$post[POST_FILE_SIZE] = $newpost['file_size'];
$post[POST_FILE_SIZE_FORMATTED] = $newpost['file_size_formatted'];
$post[POST_IMAGE_WIDTH] = $newpost['image_width'];
$post[POST_IMAGE_HEIGHT] = $newpost['image_height'];
$post[POST_THUMB] = $newpost['thumb'];
$post[POST_THUMB_WIDTH] = $newpost['thumb_width'];
$post[POST_THUMB_HEIGHT] = $newpost['thumb_height'];
$post[POST_MODERATED] = $newpost['moderated'];
$post[POST_STICKIED] = $newpost['stickied'];
$post[POST_LOCKED] = $newpost['locked'];
$GLOBALS['db']->insertWithAutoId(POSTS_FILE, POST_ID, $post);
function migrateAccount($a) {
$account = array();
$account[ACCOUNT_ID] = $a['id'];
$account[ACCOUNT_USERNAME] = $a['username'];
$account[ACCOUNT_PASSWORD] = $a['password'];
$account[ACCOUNT_ROLE] = $a['role'];
$account[ACCOUNT_LASTACTIVE] = $a['lastactive'];
$GLOBALS['db']->insertWithAutoId(ACCOUNTS_FILE, ACCOUNT_ID, $account);
}
function migrateBan($newban) {
function migrateBan($b) {
$ban = array();
$ban[BAN_ID] = $newban['id'];
$ban[BAN_IP] = $newban['ip'];
$ban[BAN_TIMESTAMP] = $newban['timestamp'];
$ban[BAN_EXPIRE] = $newban['expire'];
$ban[BAN_REASON] = $newban['reason'];
$ban[BAN_ID] = $b['id'];
$ban[BAN_IP] = $b['ip'];
$ban[BAN_TIMESTAMP] = $b['timestamp'];
$ban[BAN_EXPIRE] = $b['expire'];
$ban[BAN_REASON] = $b['reason'];
$GLOBALS['db']->insertWithAutoId(BANS_FILE, BAN_ID, $ban);
}
function migrateReport($newreport) {
$report = array();
$report[REPORT_ID] = $newreport['id'];
$report[REPORT_IP] = $newreport['ip'];
$report[REPORT_POST] = $newreport['post'];
$GLOBALS['db']->insertWithAutoId(REPORTS_FILE, REPORT_ID, $report);
}
function migrateKeyword($newkeyword) {
function migrateKeyword($k) {
$keyword = array();
$keyword[KEYWORD_ID] = $newkeyword['id'];
$keyword[KEYWORD_TEXT] = $newkeyword['text'];
$keyword[KEYWORD_ACTION] = $newkeyword['action'];
$keyword[KEYWORD_ID] = $k['id'];
$keyword[KEYWORD_TEXT] = $k['text'];
$keyword[KEYWORD_ACTION] = $k['action'];
$GLOBALS['db']->insertWithAutoId(KEYWORDS_FILE, KEYWORD_ID, $keyword);
}
function migrateLog($l) {
$log = array();
$log[LOG_ID] = $l['id'];
$log[LOG_TIMESTAMP] = $l['timestamp'];
$log[LOG_ACCOUNT] = $l['account'];
$log[LOG_MESSAGE] = $l['message'];
$GLOBALS['db']->insertWithAutoId(LOGS_FILE, LOG_ID, $log);
}
function migratePost($p) {
$post = array();
$post[POST_ID] = $p['id'];
$post[POST_PARENT] = $p['parent'];
$post[POST_TIMESTAMP] = $p['timestamp'];
$post[POST_BUMPED] = $p['bumped'];
$post[POST_IP] = $p['ip'];
$post[POST_NAME] = $p['name'];
$post[POST_TRIPCODE] = $p['tripcode'];
$post[POST_EMAIL] = $p['email'];
$post[POST_NAMEBLOCK] = $p['nameblock'];
$post[POST_SUBJECT] = $p['subject'];
$post[POST_MESSAGE] = $p['message'];
$post[POST_PASSWORD] = $p['password'];
$post[POST_FILE] = $p['file'];
$post[POST_FILE_HEX] = $p['file_hex'];
$post[POST_FILE_ORIGINAL] = $p['file_original'];
$post[POST_FILE_SIZE] = $p['file_size'];
$post[POST_FILE_SIZE_FORMATTED] = $p['file_size_formatted'];
$post[POST_IMAGE_WIDTH] = $p['image_width'];
$post[POST_IMAGE_HEIGHT] = $p['image_height'];
$post[POST_THUMB] = $p['thumb'];
$post[POST_THUMB_WIDTH] = $p['thumb_width'];
$post[POST_THUMB_HEIGHT] = $p['thumb_height'];
$post[POST_MODERATED] = $p['moderated'];
$post[POST_STICKIED] = $p['stickied'];
$post[POST_LOCKED] = $p['locked'];
$GLOBALS['db']->insertWithAutoId(POSTS_FILE, POST_ID, $post);
}
function migrateReport($r) {
$report = array();
$report[REPORT_ID] = $r['id'];
$report[REPORT_IP] = $r['ip'];
$report[REPORT_POST] = $r['post'];
$GLOBALS['db']->insertWithAutoId(REPORTS_FILE, REPORT_ID, $report);
}
}

41
inc/database/mysql.php

@ -3,6 +3,47 @@ if (!defined('TINYIB_BOARD')) {
die('');
}
// Account functions
function accountByID($id) {
$result = mysql_query("SELECT * FROM `" . TINYIB_DBACCOUNTS . "` WHERE `id` = '" . mysql_real_escape_string($id) . "' LIMIT 1");
if ($result) {
while ($account = mysql_fetch_assoc($result)) {
return $account;
}
}
}
function accountByUsername($username) {
$result = mysql_query("SELECT * FROM `" . TINYIB_DBACCOUNTS . "` WHERE `username` = '" . mysql_real_escape_string($username) . "' LIMIT 1");
if ($result) {
while ($account = mysql_fetch_assoc($result)) {
return $account;
}
}
}
function allAccounts($username) {
$result = mysql_query("SELECT * FROM `" . TINYIB_DBACCOUNTS . "` ORDER BY `role` ASC, `username` ASC");
if ($result) {
while ($account = mysql_fetch_assoc($result)) {
return $account;
}
}
}
function insertAccount($account) {
mysql_query("INSERT INTO `" . TINYIB_DBACCOUNTS . "` (`username`, `password`, `role`, `lastactive`) VALUES (" . $account['username'] . ", '" . hashData($account['password']) . "', '" . mysql_real_escape_string($account['role']) . "', '0')");
return mysql_insert_id();
}
function updateAccount($account) {
mysql_query("UPDATE `" . TINYIB_DBACCOUNTS . "` SET `username` = " . $account['username'] . ", `password` = '" . hashData($account['password']) . "', `role` = '" . mysql_real_escape_string($account['role']) . "', `lastactive` = " . mysql_real_escape_string($account['lastactive']) . " WHERE `id` = '" . mysql_real_escape_string($account['id']) . "'");
}
function deleteAccountByID($id) {
mysql_query("DELETE FROM `" . TINYIB_DBACCOUNTS . "` WHERE `id` = '" . mysql_real_escape_string($id) . "'");
}
// Post functions
function uniquePosts() {
$row = mysql_fetch_row(mysql_query("SELECT COUNT(DISTINCT(`ip`)) FROM " . TINYIB_DBPOSTS));

45
inc/database/mysql_link.php

@ -17,26 +17,31 @@ if (!$db_selected) {
}
mysql_query("SET NAMES 'utf8mb4'");
// Create the posts table if it does not exist
if (mysql_num_rows(mysql_query("SHOW TABLES LIKE '" . TINYIB_DBPOSTS . "'")) == 0) {
mysql_query($posts_sql);
// Create tables (when necessary)
if (mysql_num_rows(mysql_query("SHOW TABLES LIKE '" . TINYIB_DBACCOUNTS . "'")) == 0) {
mysql_query($accounts_sql);
}
// Create the bans table if it does not exist
if (mysql_num_rows(mysql_query("SHOW TABLES LIKE '" . TINYIB_DBBANS . "'")) == 0) {
mysql_query($bans_sql);
}
// Create the reports table if it does not exist
if (mysql_num_rows(mysql_query("SHOW TABLES LIKE '" . TINYIB_DBREPORTS . "'")) == 0) {
mysql_query($reports_sql);
}
// Create the keywords table if it does not exist
if (mysql_num_rows(mysql_query("SHOW TABLES LIKE '" . TINYIB_DBKEYWORDS . "'")) == 0) {
mysql_query($keywords_sql);
}
if (mysql_num_rows(mysql_query("SHOW TABLES LIKE '" . TINYIB_DBLOGS . "'")) == 0) {
mysql_query($logs_sql);
}
if (mysql_num_rows(mysql_query("SHOW TABLES LIKE '" . TINYIB_DBPOSTS . "'")) == 0) {
mysql_query($posts_sql);
}
if (mysql_num_rows(mysql_query("SHOW TABLES LIKE '" . TINYIB_DBREPORTS . "'")) == 0) {
mysql_query($reports_sql);
}
if (mysql_num_rows(mysql_query("SHOW COLUMNS FROM `" . TINYIB_DBPOSTS . "` LIKE 'stickied'")) == 0) {
mysql_query("ALTER TABLE `" . TINYIB_DBPOSTS . "` ADD COLUMN stickied TINYINT(1) NOT NULL DEFAULT '0'");
}
@ -51,19 +56,27 @@ mysql_query("ALTER TABLE `" . TINYIB_DBPOSTS . "` MODIFY ip VARCHAR(255) NOT NUL
mysql_query("ALTER TABLE `" . TINYIB_DBBANS . "` MODIFY ip VARCHAR(255) NOT NULL DEFAULT ''");
if (function_exists('insertPost')) {
function migratePost($post) {
mysql_query("INSERT INTO " . TINYIB_DBPOSTS . " (id, parent, timestamp, bumped, ip, name, tripcode, email, nameblock, subject, message, password, file, file_hex, file_original, file_size, file_size_formatted, image_width, image_height, thumb, thumb_width, thumb_height, moderated, stickied, locked) VALUES (" . $post['id'] . ", " . $post['parent'] . ", " . $post['timestamp'] . ", " . $post['bumped'] . ", '" . mysql_real_escape_string($post['ip']) . "', '" . mysql_real_escape_string($post['name']) . "', '" . mysql_real_escape_string($post['tripcode']) . "', '" . mysql_real_escape_string($post['email']) . "', '" . mysql_real_escape_string($post['nameblock']) . "', '" . mysql_real_escape_string($post['subject']) . "', '" . mysql_real_escape_string($post['message']) . "', '" . mysql_real_escape_string($post['password']) . "', '" . $post['file'] . "', '" . $post['file_hex'] . "', '" . mysql_real_escape_string($post['file_original']) . "', " . $post['file_size'] . ", '" . $post['file_size_formatted'] . "', " . $post['image_width'] . ", " . $post['image_height'] . ", '" . $post['thumb'] . "', " . $post['thumb_width'] . ", " . $post['thumb_height'] . ", " . $post['moderated'] . ", " . $post['stickied'] . ", " . $post['locked'] . ")");
function migrateAccount($account) {
mysql_query("INSERT INTO " . TINYIB_DBACCOUNTS . " (id, username, password, role, lastactive) VALUES ('" . mysql_real_escape_string($account['id']) . "', '" . mysql_real_escape_string($account['username']) . "', '" . mysql_real_escape_string($account['password']) . "', '" . mysql_real_escape_string($account['role']) . "', '" . mysql_real_escape_string($account['lastactive']) . "')");
}
function migrateBan($ban) {
mysql_query("INSERT INTO " . TINYIB_DBBANS . " (id, ip, timestamp, expire, reason) VALUES (" . mysql_real_escape_string($ban['id']) . "', '" . mysql_real_escape_string($ban['ip']) . "', '" . mysql_real_escape_string($ban['timestamp']) . "', '" . mysql_real_escape_string($ban['expire']) . "', '" . mysql_real_escape_string($ban['reason']) . "')");
}
function migrateReport($report) {
mysql_query("INSERT INTO " . TINYIB_DBREPORTS . " (id, ip, post) VALUES ('" . mysql_real_escape_string($report['id']) . "', '" . mysql_real_escape_string($report['ip']) . "', '" . mysql_real_escape_string($report['post']) . "')");
}
function migrateKeyword($keyword) {
mysql_query("INSERT INTO " . TINYIB_DBKEYWORDS . " (id, text, action) VALUES ('" . mysql_real_escape_string($keyword['id']) . "', '" . mysql_real_escape_string($keyword['text']) . "', '" . mysql_real_escape_string($keyword['action']) . "')");
}
function migrateLog($log) {
mysql_query("INSERT INTO " . TINYIB_DBLOGS . " (id, timestamp, account, message) VALUES ('" . mysql_real_escape_string($log['id']) . "', '" . mysql_real_escape_string($log['timestamp']) . "', '" . mysql_real_escape_string($log['account']) . "', '" . mysql_real_escape_string($log['message']) . "')");
}
function migratePost($post) {
mysql_query("INSERT INTO " . TINYIB_DBPOSTS . " (id, parent, timestamp, bumped, ip, name, tripcode, email, nameblock, subject, message, password, file, file_hex, file_original, file_size, file_size_formatted, image_width, image_height, thumb, thumb_width, thumb_height, moderated, stickied, locked) VALUES (" . $post['id'] . ", " . $post['parent'] . ", " . $post['timestamp'] . ", " . $post['bumped'] . ", '" . mysql_real_escape_string($post['ip']) . "', '" . mysql_real_escape_string($post['name']) . "', '" . mysql_real_escape_string($post['tripcode']) . "', '" . mysql_real_escape_string($post['email']) . "', '" . mysql_real_escape_string($post['nameblock']) . "', '" . mysql_real_escape_string($post['subject']) . "', '" . mysql_real_escape_string($post['message']) . "', '" . mysql_real_escape_string($post['password']) . "', '" . $post['file'] . "', '" . $post['file_hex'] . "', '" . mysql_real_escape_string($post['file_original']) . "', " . $post['file_size'] . ", '" . $post['file_size_formatted'] . "', " . $post['image_width'] . ", " . $post['image_height'] . ", '" . $post['thumb'] . "', " . $post['thumb_width'] . ", " . $post['thumb_height'] . ", " . $post['moderated'] . ", " . $post['stickied'] . ", " . $post['locked'] . ")");
}
function migrateReport($report) {
mysql_query("INSERT INTO " . TINYIB_DBREPORTS . " (id, ip, post) VALUES ('" . mysql_real_escape_string($report['id']) . "', '" . mysql_real_escape_string($report['ip']) . "', '" . mysql_real_escape_string($report['post']) . "')");
}
}

49
inc/database/mysqli.php

@ -3,6 +3,55 @@ if (!defined('TINYIB_BOARD')) {
die('');
}
// Account functions
function accountByID($id) {
global $link;
$result = mysqli_query($link, "SELECT * FROM `" . TINYIB_DBACCOUNTS . "` WHERE `id` = '" . mysqli_real_escape_string($link, $id) . "' LIMIT 1");
if ($result) {
while ($account = mysqli_fetch_assoc($result)) {
return $account;
}
}
}
function accountByUsername($username) {
global $link;
$result = mysqli_query($link, "SELECT * FROM `" . TINYIB_DBACCOUNTS . "` WHERE `username` = '" . mysqli_real_escape_string($link, $username) . "' LIMIT 1");
if ($result) {
while ($account = mysqli_fetch_assoc($result)) {
return $account;
}
}
}
function allAccounts() {
global $link;
$accounts = array();
$result = mysqli_query($link, "SELECT * FROM `" . TINYIB_DBACCOUNTS . "` ORDER BY `role` ASC, `username` ASC");
if ($result) {
while ($account = mysqli_fetch_assoc($result)) {
$accounts[] = $account;
}
}
return $accounts;
}
function insertAccount($account) {
global $link;
mysqli_query($link, "INSERT INTO `" . TINYIB_DBACCOUNTS . "` (`username`, `password`, `role`, `lastactive`) VALUES ('" . mysqli_real_escape_string($link, $account['username']) . "', '" . mysqli_real_escape_string($link, hashData($account['password'])) . "', '" . mysqli_real_escape_string($link, $account['role']) . "', '0')");
return mysqli_insert_id($link);
}
function updateAccount($account) {
global $link;
mysqli_query($link, "UPDATE `" . TINYIB_DBACCOUNTS . "` SET `username` = '" . mysqli_real_escape_string($link, $account['username']) . "', `password` = '" . mysqli_real_escape_string($link, hashData($account['password'])) . "', `role` = '" . mysqli_real_escape_string($link, $account['role']) . "', `lastactive` = " . mysqli_real_escape_string($link, $account['lastactive']) . " WHERE `id` = " . mysqli_real_escape_string($link, $account['id']) . " LIMIT 1");
}
function deleteAccountByID($id) {
global $link;
mysqli_query($link, "DELETE FROM `" . TINYIB_DBACCOUNTS . "` WHERE `id` = " . mysqli_real_escape_string($link, $id) . " LIMIT 1");
}
// Post functions
function uniquePosts() {
global $link;

47
inc/database/mysqli_link.php

@ -17,26 +17,31 @@ if (!$db_selected) {
}
mysqli_query($link, "SET NAMES 'utf8mb4'");
// Create the posts table if it does not exist
if (mysqli_num_rows(mysqli_query($link, "SHOW TABLES LIKE '" . TINYIB_DBPOSTS . "'")) == 0) {
mysqli_query($link, $posts_sql);
// Create tables (when necessary)
if (mysqli_num_rows(mysqli_query($link, "SHOW TABLES LIKE '" . TINYIB_DBACCOUNTS . "'")) == 0) {
mysqli_query($link, $accounts_sql);
}
// Create the bans table if it does not exist
if (mysqli_num_rows(mysqli_query($link, "SHOW TABLES LIKE '" . TINYIB_DBBANS . "'")) == 0) {
mysqli_query($link, $bans_sql);
}
// Create the reports table if it does not exist
if (mysqli_num_rows(mysqli_query($link, "SHOW TABLES LIKE '" . TINYIB_DBREPORTS . "'")) == 0) {
mysqli_query($link, $reports_sql);
}
// Create the keywords table if it does not exist
if (mysqli_num_rows(mysqli_query($link, "SHOW TABLES LIKE '" . TINYIB_DBKEYWORDS . "'")) == 0) {
mysqli_query($link, $keywords_sql);
}
if (mysqli_num_rows(mysqli_query($link, "SHOW TABLES LIKE '" . TINYIB_DBLOGS . "'")) == 0) {
mysqli_query($link, $logs_sql);
}
if (mysqli_num_rows(mysqli_query($link, "SHOW TABLES LIKE '" . TINYIB_DBPOSTS . "'")) == 0) {
mysqli_query($link, $posts_sql);
}
if (mysqli_num_rows(mysqli_query($link, "SHOW TABLES LIKE '" . TINYIB_DBREPORTS . "'")) == 0) {
mysqli_query($link, $reports_sql);
}
if (mysqli_num_rows(mysqli_query($link, "SHOW COLUMNS FROM `" . TINYIB_DBPOSTS . "` LIKE 'stickied'")) == 0) {
mysqli_query($link, "ALTER TABLE `" . TINYIB_DBPOSTS . "` ADD COLUMN stickied TINYINT(1) NOT NULL DEFAULT '0'");
}
@ -51,9 +56,9 @@ mysqli_query($link, "ALTER TABLE `" . TINYIB_DBPOSTS . "` MODIFY ip VARCHAR(255)
mysqli_query($link, "ALTER TABLE `" . TINYIB_DBBANS . "` MODIFY ip VARCHAR(255) NOT NULL DEFAULT ''");
if (function_exists('insertPost')) {
function migratePost($post) {
function migrateAccount($account) {
global $link;
mysqli_query($link, "INSERT INTO `" . TINYIB_DBPOSTS . "` (`id`, `parent`, `timestamp`, `bumped`, `ip`, `name`, `tripcode`, `email`, `nameblock`, `subject`, `message`, `password`, `file`, `file_hex`, `file_original`, `file_size`, `file_size_formatted`, `image_width`, `image_height`, `thumb`, `thumb_width`, `thumb_height`, `moderated`, `stickied`, `locked`) VALUES (" . $post['id'] . ", " . $post['parent'] . ", " . $post['timestamp'] . ", " . $post['bumped'] . ", '" . mysqli_real_escape_string($link, $post['ip']) . "', '" . mysqli_real_escape_string($link, $post['name']) . "', '" . mysqli_real_escape_string($link, $post['tripcode']) . "', '" . mysqli_real_escape_string($link, $post['email']) . "', '" . mysqli_real_escape_string($link, $post['nameblock']) . "', '" . mysqli_real_escape_string($link, $post['subject']) . "', '" . mysqli_real_escape_string($link, $post['message']) . "', '" . mysqli_real_escape_string($link, $post['password']) . "', '" . $post['file'] . "', '" . $post['file_hex'] . "', '" . mysqli_real_escape_string($link, $post['file_original']) . "', " . $post['file_size'] . ", '" . $post['file_size_formatted'] . "', " . $post['image_width'] . ", " . $post['image_height'] . ", '" . $post['thumb'] . "', " . $post['thumb_width'] . ", " . $post['thumb_height'] . ", " . $post['moderated'] . ", " . $post['stickied'] . ", " . $post['locked'] . ")");
sqlite_query($GLOBALS["db"], "INSERT INTO " . TINYIB_DBACCOUNTS . " (id, username, password, role, lastactive) VALUES (" . mysqli_real_escape_string($link, $account['id']) . "', '" . mysqli_real_escape_string($link, $account['username']) . "', '" . mysqli_real_escape_string($link, $account['password']) . "', '" . mysqli_real_escape_string($link, $account['role']) . "', '" . mysqli_real_escape_string($link, $account['lastactive']) . "')");
}
function migrateBan($ban) {
@ -61,13 +66,23 @@ if (function_exists('insertPost')) {
sqlite_query($GLOBALS["db"], "INSERT INTO " . TINYIB_DBBANS . " (id, ip, timestamp, expire, reason) VALUES (" . mysqli_real_escape_string($link, $ban['id']) . "', '" . mysqli_real_escape_string($link, $ban['ip']) . "', '" . mysqli_real_escape_string($link, $ban['timestamp']) . "', '" . mysqli_real_escape_string($link, $ban['expire']) . "', '" . mysqli_real_escape_string($link, $ban['reason']) . "')");
}
function migrateReport($report) {
function migrateKeyword($keyword) {
global $link;
sqlite_query($GLOBALS["db"], "INSERT INTO " . TINYIB_DBREPORTS . " (id, ip, post) VALUES ('" . mysqli_real_escape_string($link, $report['id']) . "', '" . mysqli_real_escape_string($link, $report['ip']) . "', '" . mysqli_real_escape_string($link, $report['post']) . "')");
sqlite_query($GLOBALS["db"], "INSERT INTO " . TINYIB_DBKEYWORDS . " (id, text, action) VALUES ('" . mysqli_real_escape_string($link, $keyword['id']) . "', '" . mysqli_real_escape_string($link, $keyword['text']) . "', '" . mysqli_real_escape_string($link, $keyword['action']) . "')");
}
function migrateKeyword($keyword) {
function migrateLog($log) {
global $link;
sqlite_query($GLOBALS["db"], "INSERT INTO " . TINYIB_DBKEYWORDS . " (id, text, action) VALUES ('" . mysqli_real_escape_string($link, $keyword['id']) . "', '" . mysqli_real_escape_string($link, $keyword['text']) . "', '" . mysqli_real_escape_string($link, $keyword['action']) . "')");
sqlite_query($GLOBALS["db"], "INSERT INTO " . TINYIB_DBLOGS . " (id, timestamp, account, message) VALUES ('" . mysqli_real_escape_string($link, $log['id']) . "', '" . mysqli_real_escape_string($link, $log['timestamp']) . "', '" . mysqli_real_escape_string($link, $log['account']) . "', '" . mysqli_real_escape_string($link, $log['message']) . "')");
}
function migratePost($post) {
global $link;
mysqli_query($link, "INSERT INTO `" . TINYIB_DBPOSTS . "` (`id`, `parent`, `timestamp`, `bumped`, `ip`, `name`, `tripcode`, `email`, `nameblock`, `subject`, `message`, `password`, `file`, `file_hex`, `file_original`, `file_size`, `file_size_formatted`, `image_width`, `image_height`, `thumb`, `thumb_width`, `thumb_height`, `moderated`, `stickied`, `locked`) VALUES (" . $post['id'] . ", " . $post['parent'] . ", " . $post['timestamp'] . ", " . $post['bumped'] . ", '" . mysqli_real_escape_string($link, $post['ip']) . "', '" . mysqli_real_escape_string($link, $post['name']) . "', '" . mysqli_real_escape_string($link, $post['tripcode']) . "', '" . mysqli_real_escape_string($link, $post['email']) . "', '" . mysqli_real_escape_string($link, $post['nameblock']) . "', '" . mysqli_real_escape_string($link, $post['subject']) . "', '" . mysqli_real_escape_string($link, $post['message']) . "', '" . mysqli_real_escape_string($link, $post['password']) . "', '" . $post['file'] . "', '" . $post['file_hex'] . "', '" . mysqli_real_escape_string($link, $post['file_original']) . "', " . $post['file_size'] . ", '" . $post['file_size_formatted'] . "', " . $post['image_width'] . ", " . $post['image_height'] . ", '" . $post['thumb'] . "', " . $post['thumb_width'] . ", " . $post['thumb_height'] . ", " . $post['moderated'] . ", " . $post['stickied'] . ", " . $post['locked'] . ")");
}
function migrateReport($report) {
global $link;
sqlite_query($GLOBALS["db"], "INSERT INTO " . TINYIB_DBREPORTS . " (id, ip, post) VALUES ('" . mysqli_real_escape_string($link, $report['id']) . "', '" . mysqli_real_escape_string($link, $report['ip']) . "', '" . mysqli_real_escape_string($link, $report['post']) . "')");
}