From 1256e7cca0ce0ce980294aee0c1f05dba81ce8c4 Mon Sep 17 00:00:00 2001 From: Trevor Slocum Date: Sun, 4 Apr 2021 13:01:56 -0700 Subject: [PATCH] Add account system When TINYIB_ADMINPASS is set, a super-administrator account with the username 'admin' is created using the provided password. WHEN TINYIB_MODPASS is set, a moderator account with the username 'mod' is created using the provided password. --- .gitignore | 8 +- .htaccess | 6 + README.md | 17 +- imgboard.php | 298 +++++++++++++------ inc/database/database.php | 23 ++ inc/database/flatfile.php | 328 +++++++++++++-------- inc/database/flatfile_link.php | 154 ++++++---- inc/database/mysql.php | 41 +++ inc/database/mysql_link.php | 45 +-- inc/database/mysqli.php | 49 ++++ inc/database/mysqli_link.php | 49 ++-- inc/database/pdo.php | 37 +++ inc/database/pdo_link.php | 97 ++++--- inc/database/sqlite.php | 37 +++ inc/database/sqlite3.php | 90 +++--- inc/database/sqlite3_link.php | 90 ++++-- inc/database/sqlite_link.php | 87 ++++-- inc/defines.php | 12 + inc/functions.php | 51 ++-- inc/html.php | 103 ++++++- locale/en/tinyib.po | 509 ++++++++++++++++++++------------- settings.default.php | 32 ++- 22 files changed, 1481 insertions(+), 682 deletions(-) create mode 100644 inc/database/database.php diff --git a/.gitignore b/.gitignore index 1fdc41a..959a977 100644 --- a/.gitignore +++ b/.gitignore @@ -1,8 +1,12 @@ settings.php *.html *.db -.posts -.posts.lock +.accounts* +.bans* +.keywords* +.logs* +.posts* +.reports* .project .settings/ .idea/ diff --git a/.htaccess b/.htaccess index d569143..2a9a07e 100644 --- a/.htaccess +++ b/.htaccess @@ -33,5 +33,11 @@ AddOutputFilterByType DEFLATE text/text text/html text/plain text/xml text/css a +RedirectMatch 404 (.*)\.accounts$ +RedirectMatch 404 (.*)\.bans$ +RedirectMatch 404 (.*)\.keywords$ +RedirectMatch 404 (.*)\.logs$ RedirectMatch 404 (.*)\.posts$ +RedirectMatch 404 (.*)\.reports$ +RedirectMatch 404 (.*)\.tinyib.db$ diff --git a/README.md b/README.md index efbd8a5..47929a9 100644 --- a/README.md +++ b/README.md @@ -14,7 +14,7 @@ See [DEMOS.md](https://code.rocketnine.space/tslocum/tinyib/src/branch/master/DE - GIF, JPG, PNG, SWF, MP4 and WebM upload. - YouTube, Vimeo and SoundCloud embedding. - - CAPTCHA + - CAPTCHA: - A simple, self-hosted implementation is included. - [hCaptcha](https://hcaptcha.com) is supported. - [ReCAPTCHA](https://www.google.com/recaptcha/about/) is supported. (But [not recommended](https://nearcyan.com/you-probably-dont-need-recaptcha/)) @@ -24,8 +24,10 @@ See [DEMOS.md](https://code.rocketnine.space/tslocum/tinyib/src/branch/master/DE - Report posts. - Block keywords. - Management panel: - - Administrators and moderators use separate passwords. - - Moderators are only able to sticky threads, lock threads, delete posts, and approve posts when necessary. (See ``TINYIB_REQMOD``) + - Account system: + - Super administrators (all privileges) + - Administrators (all privileges except account management) + - Moderators (only able to sticky threads, lock threads, approve posts and delete posts) - Ban offensive/abusive posters across all boards. - Post using raw HTML. - Upgrade automatically when installed via git. (Tested on Linux only) @@ -62,8 +64,7 @@ support in mind. - This library is usually installed by default. - If you plan on disabling image uploads to use TinyIB as a text board only, this library is not required. - [cURL Library](https://www.php.net/manual/en/book.curl.php) - - This is recommended, but is not strictly required except: - - When `TINYIB_CAPTCHA` is set to `hcaptcha` or `recaptcha`. + - This is recommended, but is not strictly required except when `TINYIB_CAPTCHA` is set to `hcaptcha` or `recaptcha`. 2. CD to the directory you wish to install TinyIB. 3. Run the command: - `git clone https://code.rocketnine.space/tslocum/tinyib.git ./` @@ -149,8 +150,8 @@ Translation is handled [online](https://hosted.weblate.org/projects/tinyib/tinyi ## Contribute -**Note:** Please do not submit translations as patches. See above. +**Note:** Please do not submit translations via pull requests. See above. - 1. Fork TinyIB using [git](https://git-scm.com/downloads). + 1. [Fork TinyIB.](https://code.rocketnine.space/repo/fork/6) 2. Commit code changes to your forked repository. - 3. Send your patches to trevor@rocketnine.space via [git send-email](https://git-send-email.io/). + 3. [Submit a pull request.](https://code.rocketnine.space/tslocum/tinyib/pulls) diff --git a/imgboard.php b/imgboard.php index bc2b288..634dbd5 100644 --- a/imgboard.php +++ b/imgboard.php @@ -34,10 +34,8 @@ ini_set("display_errors", 1); session_start(); setcookie(session_name(), session_id(), time() + 2592000); ob_implicit_flush(); -if (function_exists('ob_get_level')) { - while (ob_get_level() > 0) { - ob_end_flush(); - } +while (ob_get_level() > 0) { + ob_end_flush(); } function fancyDie($message) { @@ -53,6 +51,7 @@ if (!file_exists('settings.php')) { } require 'settings.php'; require 'inc/defines.php'; +global $tinyib_capcodes, $tinyib_embeds, $tinyib_hidefields, $tinyib_hidefieldsop; if (!defined('TINYIB_LOCALE') || TINYIB_LOCALE == '') { function __($string) { @@ -67,12 +66,65 @@ if (!defined('TINYIB_LOCALE') || TINYIB_LOCALE == '') { $translator->register(); } +if (TINYIB_TRIPSEED == '' || TINYIB_ADMINPASS == '') { + fancyDie(__('TINYIB_TRIPSEED and TINYIB_ADMINPASS must be configured.')); +} + +if ((TINYIB_CAPTCHA === 'hcaptcha' || TINYIB_MANAGECAPTCHA === 'hcaptcha') && (TINYIB_HCAPTCHA_SITE == '' || TINYIB_HCAPTCHA_SECRET == '')) { + fancyDie(__('TINYIB_HCAPTCHA_SITE and TINYIB_HCAPTCHA_SECRET must be configured.')); +} + +if ((TINYIB_CAPTCHA === 'recaptcha' || TINYIB_MANAGECAPTCHA === 'recaptcha') && (TINYIB_RECAPTCHA_SITE == '' || TINYIB_RECAPTCHA_SECRET == '')) { + fancyDie(__('TINYIB_RECAPTCHA_SITE and TINYIB_RECAPTCHA_SECRET must be configured.')); +} + +if (TINYIB_TIMEZONE != '') { + date_default_timezone_set(TINYIB_TIMEZONE); +} + +$bcrypt_salt = '$2y$12$' . str_pad(str_replace('=', '/', str_replace('+', '.', substr(base64_encode(TINYIB_TRIPSEED), 0, 22))), 22, '/'); + $database_modes = array('flatfile', 'mysql', 'mysqli', 'sqlite', 'sqlite3', 'pdo'); if (!in_array(TINYIB_DBMODE, $database_modes)) { fancyDie(__('Unknown database mode specified.')); } if (TINYIB_DBMODE == 'pdo' && TINYIB_DBDRIVER == 'pgsql') { + $accounts_sql = 'CREATE TABLE "' . TINYIB_DBACCOUNTS . '" ( + "id" bigserial NOT NULL, + "username" varchar(255) NOT NULL, + "password" text NOT NULL, + "role" integer NOT NULL, + "lastactive" integer NOT NULL, + PRIMARY KEY ("id") + );'; + + $bans_sql = 'CREATE TABLE "' . TINYIB_DBBANS . '" ( + "id" bigserial NOT NULL, + "ip" varchar(255) NOT NULL, + "timestamp" integer NOT NULL, + "expire" integer NOT NULL, + "reason" text NOT NULL, + PRIMARY KEY ("id") + ); + CREATE INDEX ON "' . TINYIB_DBBANS . '"("ip");'; + + $keywords_sql = 'CREATE TABLE "' . TINYIB_DBKEYWORDS . '" ( + "id" bigserial NOT NULL, + "text" varchar(255) NOT NULL, + "action" varchar(255) NOT NULL, + PRIMARY KEY ("id") + );'; + + $logs_sql = 'CREATE TABLE "' . TINYIB_DBLOGS . '" ( + "id" bigserial NOT NULL, + "timestamp" integer NOT NULL, + "account" integer NOT NULL, + "message" text NOT NULL, + PRIMARY KEY ("id") + ); + CREATE INDEX ON "' . TINYIB_DBLOGS . '"("account");'; + $posts_sql = 'CREATE TABLE "' . TINYIB_DBPOSTS . '" ( "id" bigserial NOT NULL, "parent" integer NOT NULL, @@ -106,30 +158,48 @@ if (TINYIB_DBMODE == 'pdo' && TINYIB_DBDRIVER == 'pgsql') { CREATE INDEX ON "' . TINYIB_DBPOSTS . '"("stickied"); CREATE INDEX ON "' . TINYIB_DBPOSTS . '"("moderated");'; - $bans_sql = 'CREATE TABLE "' . TINYIB_DBBANS . '" ( - "id" bigserial NOT NULL, - "ip" varchar(255) NOT NULL, - "timestamp" integer NOT NULL, - "expire" integer NOT NULL, - "reason" text NOT NULL, - PRIMARY KEY ("id") - ); - CREATE INDEX ON "' . TINYIB_DBBANS . '"("ip");'; - $reports_sql = 'CREATE TABLE "' . TINYIB_DBREPORTS . '" ( "id" bigserial NOT NULL, "ip" varchar(255) NOT NULL, "post" integer NOT NULL, PRIMARY KEY ("id") );'; - - $keywords_sql = 'CREATE TABLE "' . TINYIB_DBKEYWORDS . '" ( - "id" bigserial NOT NULL, - "text" varchar(255) NOT NULL, - "action" varchar(255) NOT NULL, - PRIMARY KEY ("id") - );'; } else { + $accounts_sql = "CREATE TABLE `" . TINYIB_DBACCOUNTS . "` ( + `id` mediumint(7) unsigned NOT NULL auto_increment, + `username` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL, + `password` text CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL, + `role` mediumint(7) unsigned NOT NULL, + `lastactive` int(20) unsigned NOT NULL, + PRIMARY KEY (`id`) + )"; + + $bans_sql = "CREATE TABLE `" . TINYIB_DBBANS . "` ( + `id` mediumint(7) unsigned NOT NULL auto_increment, + `ip` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL, + `timestamp` int(20) NOT NULL, + `expire` int(20) NOT NULL, + `reason` text CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL, + PRIMARY KEY (`id`), + KEY `ip` (`ip`) + )"; + + $keywords_sql = "CREATE TABLE `" . TINYIB_DBKEYWORDS . "` ( + `id` mediumint(7) unsigned NOT NULL auto_increment, + `text` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL, + `action` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL, + PRIMARY KEY (`id`) + )"; + + $logs_sql = "CREATE TABLE `" . TINYIB_DBLOGS . "` ( + `id` mediumint(7) unsigned NOT NULL auto_increment, + `timestamp` int(20), + `account` mediumint(7) unsigned NOT NULL, + `message` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL, + PRIMARY KEY (`id`), + KEY `account` (`account`) + )"; + $posts_sql = "CREATE TABLE `" . TINYIB_DBPOSTS . "` ( `id` mediumint(7) unsigned NOT NULL auto_increment, `parent` mediumint(7) unsigned NOT NULL, @@ -162,29 +232,12 @@ if (TINYIB_DBMODE == 'pdo' && TINYIB_DBDRIVER == 'pgsql') { KEY `moderated` (`moderated`) )"; - $bans_sql = "CREATE TABLE `" . TINYIB_DBBANS . "` ( - `id` mediumint(7) unsigned NOT NULL auto_increment, - `ip` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL, - `timestamp` int(20) NOT NULL, - `expire` int(20) NOT NULL, - `reason` text CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL, - PRIMARY KEY (`id`), - KEY `ip` (`ip`) - )"; - $reports_sql = "CREATE TABLE `" . TINYIB_DBREPORTS . "` ( `id` mediumint(7) unsigned NOT NULL auto_increment, `ip` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL, `post` int(20) NOT NULL, PRIMARY KEY (`id`) )"; - - $keywords_sql = "CREATE TABLE `" . TINYIB_DBKEYWORDS . "` ( - `id` mediumint(7) unsigned NOT NULL auto_increment, - `text` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL, - `action` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL, - PRIMARY KEY (`id`) - )"; } // Check directories are writable by the script @@ -198,29 +251,11 @@ foreach ($writedirs as $dir) { } } -$includes = array('inc/functions.php', 'inc/html.php', 'inc/database/' . TINYIB_DBMODE . '_link.php', 'inc/database/' . TINYIB_DBMODE . '.php'); +$includes = array('inc/functions.php', 'inc/html.php', 'inc/database/' . TINYIB_DBMODE . '_link.php', 'inc/database/' . TINYIB_DBMODE . '.php', 'inc/database/database.php'); foreach ($includes as $include) { require $include; } -if (TINYIB_TRIPSEED == '' || TINYIB_ADMINPASS == '') { - fancyDie(__('TINYIB_TRIPSEED and TINYIB_ADMINPASS must be configured.')); -} - -if ((TINYIB_CAPTCHA === 'hcaptcha' || TINYIB_MANAGECAPTCHA === 'hcaptcha') && (TINYIB_HCAPTCHA_SITE == '' || TINYIB_HCAPTCHA_SECRET == '')) { - fancyDie(__('TINYIB_HCAPTCHA_SITE and TINYIB_HCAPTCHA_SECRET must be configured.')); -} - -if ((TINYIB_CAPTCHA === 'recaptcha' || TINYIB_MANAGECAPTCHA === 'recaptcha') && (TINYIB_RECAPTCHA_SITE == '' || TINYIB_RECAPTCHA_SECRET == '')) { - fancyDie(__('TINYIB_RECAPTCHA_SITE and TINYIB_RECAPTCHA_SECRET must be configured.')); -} - -if (TINYIB_TIMEZONE != '') { - date_default_timezone_set(TINYIB_TIMEZONE); -} - -$bcrypt_salt = '$2y$12$' . str_pad(str_replace('=', '/', str_replace('+', '.', substr(base64_encode(TINYIB_TRIPSEED), 0, 22))), 22, '/'); - $redirect = true; // Check if the request is to make a post if (!isset($_GET['delete']) && !isset($_GET['manage']) && (isset($_POST['name']) || isset($_POST['email']) || isset($_POST['subject']) || isset($_POST['message']) || isset($_POST['file']) || isset($_POST['embed']) || isset($_POST['password']))) { @@ -228,7 +263,8 @@ if (!isset($_GET['delete']) && !isset($_GET['manage']) && (isset($_POST['name']) fancyDie(__('Posting is currently disabled.
Please try again in a few moments.')); } - list($loggedin, $isadmin) = manageCheckLogIn(false); + list($account, $loggedin, $isadmin) = manageCheckLogIn(false); + $rawpost = isRawPost(); $rawposttext = ''; if (!$loggedin) { @@ -512,7 +548,7 @@ if (!isset($_GET['delete']) && !isset($_GET['manage']) && (isset($_POST['name']) $json_posts = array(); $posts = postsInThreadByID($thread_id); if ($new_since > 0) { - foreach ($posts as $i => $post) { + foreach ($posts as $i => $post) { if ($post['id'] <= $new_since) { continue; } @@ -554,9 +590,9 @@ if (!isset($_GET['delete']) && !isset($_GET['manage']) && (isset($_POST['name']) $post = postByID($_POST['delete']); if ($post) { - list($loggedin, $isadmin) = manageCheckLogIn(false); + list($account, $loggedin, $isadmin) = manageCheckLogIn(false); - if ($loggedin && $_POST['password'] == '') { + if (!empty($account) && $_POST['password'] == '') { // Redirect to post moderation page echo '--> --> -->'; } elseif ($post['password'] != '' && (hashData($_POST['password']) == $post['password'] || md5(md5($_POST['password'])) == $post['password'])) { @@ -592,7 +628,7 @@ if (!isset($_GET['delete']) && !isset($_GET['manage']) && (isset($_POST['name']) die('--> --> -->'); } - list($loggedin, $isadmin) = manageCheckLogIn(true); + list($account, $loggedin, $isadmin) = manageCheckLogIn(true); if ($loggedin) { if ($isadmin) { @@ -608,6 +644,57 @@ if (!isset($_GET['delete']) && !isset($_GET['manage']) && (isset($_POST['name']) fancyDie(__('Reporting is disabled.')); } $text .= manageReportsPage($_GET['reports']); + } elseif (isset($_GET['accounts'])) { + if ($account['role'] != TINYIB_SUPER_ADMINISTRATOR) { + fancyDie(__('Access denied')); + } + + $id = intval($_GET['accounts']); + if (isset($_POST['id'])) { + $id = intval($_POST['id']); + } + $a = array('id' => 0); + if ($id > 0) { + $a = accountByID($id); + if (empty($a)) { + fancyDie(__('Account not found.')); + } + + if ($a['username'] == 'admin' && TINYIB_ADMINPASS != '') { + fancyDie(__('This account may not be updated while TINYIB_ADMINPASS is set.')); + } else if ($a['username'] == 'mod' && TINYIB_MODPASS != '') { + fancyDie(__('This account may not be updated while TINYIB_MODPASS is set.')); + } + } + + if (isset($_POST['id'])) { + if ($id == 0 && $_POST['password'] == '') { + fancyDie(__('A password is required.')); + } + + $a['username'] = $_POST['username']; + if ($_POST['password'] != '') { + $a['password'] = $_POST['password']; + } + $a['role'] = intval($_POST['role']); + if ($a['role'] !== TINYIB_SUPER_ADMINISTRATOR && $a['role'] != TINYIB_ADMINISTRATOR && $a['role'] != TINYIB_MODERATOR && $a['role'] != TINYIB_DISABLED) { + fancyDie(__('Invalid role.')); + } + + if ($id == 0) { + insertAccount($a); + $text .= manageInfo(__('Added account')); + } else { + updateAccount($a); + $text .= manageInfo(__('Updated account')); + } + } + + $onload = manageOnLoad('accounts'); + $text .= manageAccountForm($_GET['accounts']); + if (intval($_GET['accounts']) == 0) { + $text .= manageAccountsTable(); + } } elseif (isset($_GET['bans'])) { clearExpiredBans(); @@ -690,22 +777,49 @@ if (!isset($_GET['delete']) && !isset($_GET['manage']) && (isset($_POST['name'])

If you installed TinyIB without Git, you must update manually. If you did install with Git, ensure the script has read and write access to the .git folder.

'; } } elseif (isset($_GET['dbmigrate'])) { - if (TINYIB_DBMIGRATE !== '' && TINYIB_DBMIGRATE !== false) { + if (TINYIB_DBMIGRATE !== '' && TINYIB_DBMIGRATE !== false && TINYIB_DBMODE != TINYIB_DBMIGRATE) { + $mysql_modes = array('mysql', 'mysqli'); + if (in_array(TINYIB_DBMODE, $mysql_modes) && in_array(TINYIB_DBMIGRATE, $mysql_modes)) { + fancyDie('TINYIB_DBMODE and TINYIB_DBMIGRATE are both set to MySQL database modes. No migration is necessary.'); + } + + $sqlite_modes = array('sqlite', 'sqlite3'); + if (in_array(TINYIB_DBMODE, $sqlite_modes) && in_array(TINYIB_DBMIGRATE, $sqlite_modes)) { + fancyDie('TINYIB_DBMODE and TINYIB_DBMIGRATE are both set to SQLite database modes. No migration is necessary.'); + } + + if (!in_array(TINYIB_DBMIGRATE, $database_modes)) { + fancyDie(__('Unknown database mode specified.')); + } + if (isset($_GET['go'])) { - if (TINYIB_DBMODE == TINYIB_DBMIGRATE) { - fancyDie('Set TINYIB_DBMIGRATE to the desired TINYIB_DBMODE and enter in any database related settings in settings.php before migrating.'); - } - - $mysql_modes = array('mysql', 'mysqli'); - if (in_array(TINYIB_DBMODE, $mysql_modes) && in_array(TINYIB_DBMIGRATE, $mysql_modes)) { - fancyDie('TINYIB_DBMODE and TINYIB_DBMIGRATE are both set to MySQL database modes. No migration is necessary.'); - } - - if (!in_array(TINYIB_DBMIGRATE, $database_modes)) { - fancyDie(__('Unknown database mode specified.')); - } require 'inc/database/' . TINYIB_DBMIGRATE . '_link.php'; + echo '

Migrating accounts...

'; + $accounts = allAccounts(); + foreach ($accounts as $account) { + migrateAccount($account); + } + + echo '

Migrating bans...

'; + $bans = allBans(); + foreach ($bans as $ban) { + migrateBan($ban); + } + + echo '

Migrating keywords...

'; + $keywords = allKeywords(); + foreach ($keywords as $keyword) { + migrateKeyword($keyword); + } + + echo '

Migrating logs...

'; + $logs = allLogs(); + foreach ($logs as $log) { + migrateLog($log); + } + + echo '

Migrating posts...

'; $threads = allThreads(); foreach ($threads as $thread) { $posts = postsInThreadByID($thread['id']); @@ -714,17 +828,18 @@ if (!isset($_GET['delete']) && !isset($_GET['manage']) && (isset($_POST['name']) } } - $bans = allBans(); - foreach ($bans as $ban) { - migrateBan($ban); + echo '

Migrating reports...

'; + $reports = allReports(); + foreach ($reports as $report) { + migrateReport($report); } - echo '

Database migration complete. Set TINYIB_DBMODE to mysqli and TINYIB_DBMIGRATE to false, then click Rebuild All above and ensure everything looks the way it should.

'; + echo '

Database migration complete. Set TINYIB_DBMODE to the new database mode and TINYIB_DBMIGRATE to false, then click Rebuild All above and ensure everything looks and works as it should.

'; } else { $text .= '

Your original database will not be deleted. If the migration fails, disable the tool and your board will be unaffected. See the README (alternate link) for instructions.

Start the migration

'; } } else { - fancyDie('Set TINYIB_DBMIGRATE to true in settings.php to use this feature.'); + fancyDie('Set TINYIB_DBMIGRATE to the desired TINYIB_DBMODE and enter in any database related settings in settings.php before migrating.'); } } } @@ -813,10 +928,25 @@ if (!isset($_GET['delete']) && !isset($_GET['manage']) && (isset($_POST['name']) } elseif (isset($_GET["rawpost"])) { $onload = manageOnLoad("rawpost"); $text .= buildPostForm(0, true); - } + } elseif (isset($_GET['changepassword'])) { + if ($account['username'] == 'admin' && TINYIB_ADMINPASS != '') { + fancyDie(__('This account may not be updated while TINYIB_ADMINPASS is set.')); + } else if ($account['username'] == 'mod' && TINYIB_MODPASS != '') { + fancyDie(__('This account may not be updated while TINYIB_MODPASS is set.')); + } - if ($text == '') { - $text = manageStatus(); + if (isset($_POST['password'])) { + if ($_POST['password'] == '') { + fancyDie(__('A password is required.')); + } + + $account['password'] = $_POST['password']; + updateAccount($account); + + $text .= manageInfo(__('Password updated')); + } + + $text .= manageChangePasswordForm(); } } else { $onload = manageOnLoad('login'); @@ -830,4 +960,4 @@ if (!isset($_GET['delete']) && !isset($_GET['manage']) && (isset($_POST['name']) if ($redirect) { echo '--> --> -->'; -} \ No newline at end of file +} diff --git a/inc/database/database.php b/inc/database/database.php new file mode 100644 index 0000000..9fd76cc --- /dev/null +++ b/inc/database/database.php @@ -0,0 +1,23 @@ + 'admin', 'password' => TINYIB_ADMINPASS, 'role' => TINYIB_SUPER_ADMINISTRATOR); + insertAccount($admin); + } +} + +if (TINYIB_MODPASS != '') { + $mod = accountByUsername('mod'); + if (!empty($mod)) { + $mod['password'] = TINYIB_MODPASS; + updateAccount($mod); + } else { + $mod = array('username' => 'mod', 'password' => TINYIB_MODPASS, 'role' => TINYIB_MODERATOR); + insertAccount($mod); + } +} diff --git a/inc/database/flatfile.php b/inc/database/flatfile.php index 05d2302..246faba 100644 --- a/inc/database/flatfile.php +++ b/inc/database/flatfile.php @@ -3,6 +3,218 @@ if (!defined('TINYIB_BOARD')) { die(''); } +// Account functions +function accountByID($id) { + $rows = $GLOBALS['db']->selectWhere(ACCOUNTS_FILE, new SimpleWhereClause(ACCOUNT_ID, '=', $id, INTEGER_COMPARISON), 1); + if (isset($rows[0])) { + return $rows[0]; + } + return array(); +} + +function accountByUsername($username) { + $rows = $GLOBALS['db']->selectWhere(ACCOUNTS_FILE, new SimpleWhereClause(ACCOUNT_USERNAME, '=', $username, STRING_COMPARISON), 1); + if (isset($rows[0])) { + return $rows[0]; + } + return array(); +} + +function allAccounts() { + $rows = $GLOBALS['db']->selectWhere(ACCOUNTS_FILE, NULL, -1, array(new OrderBy(ACCOUNT_ROLE, ASCENDING, INTEGER_COMPARISON), new OrderBy(ACCOUNT_USERNAME, ASCENDING, STRING_COMPARISON))); + return convertAccountsToSQLStyle($rows); +} + +function convertAccountsToSQLStyle($accounts, $single = false) { + $newaccounts = array(); + foreach ($accounts as $a) { + $account = array(); + $account['id'] = $a[ACCOUNT_ID]; + $account['username'] = $a[ACCOUNT_USERNAME]; + $account['password'] = $a[ACCOUNT_PASSWORD]; + $account['role'] = $a[ACCOUNT_ROLE]; + $account['lastactive'] = $a[ACCOUNT_LASTACTIVE]; + + if ($single) { + return $account; + } + $newaccounts[] = $account; + } + return $newaccounts; +} + +function insertAccount($a) { + $account = array(); + $account[ACCOUNT_ID] = '0'; + $account[ACCOUNT_USERNAME] = $a['username']; + $account[ACCOUNT_PASSWORD] = hashData($a['password']); + $account[ACCOUNT_ROLE] = $a['role']; + $account[ACCOUNT_LASTACTIVE] = 0; + + $GLOBALS['db']->insertWithAutoId(ACCOUNTS_FILE, ACCOUNT_ID, $account); +} + +function updateAccount($a) { + $account = array(); + $account[ACCOUNT_ID] = $a['id']; + $account[ACCOUNT_USERNAME] = $a['username']; + $account[ACCOUNT_PASSWORD] = hashData($a['password']); + $account[ACCOUNT_ROLE] = $a['role']; + $account[ACCOUNT_LASTACTIVE] = $a['lastactive']; + + $GLOBALS['db']->updateRowById(ACCOUNTS_FILE, ACCOUNT_ID, $account); +} + +function deleteAccountByID($id) { + $GLOBALS['db']->deleteWhere(ACCOUNTS_FILE, new SimpleWhereClause(ACCOUNT_ID, '=', $id, INTEGER_COMPARISON)); +} + +// Ban functions +function banByID($id) { + return convertBansToSQLStyle($GLOBALS['db']->selectWhere(BANS_FILE, new SimpleWhereClause(BAN_ID, '=', $id, INTEGER_COMPARISON), 1), true); +} + +function banByIP($ip) { + $compClause = new OrWhereClause(); + $compClause->add(new SimpleWhereClause(BAN_IP, '=', $ip, STRING_COMPARISON)); + $compClause->add(new SimpleWhereClause(BAN_IP, '=', hashData($ip), STRING_COMPARISON)); + return convertBansToSQLStyle($GLOBALS['db']->selectWhere(BANS_FILE, $compClause, 1), true); +} + +function allBans() { + $rows = $GLOBALS['db']->selectWhere(BANS_FILE, NULL, -1, new OrderBy(BAN_TIMESTAMP, DESCENDING, INTEGER_COMPARISON)); + return convertBansToSQLStyle($rows); +} + +function convertBansToSQLStyle($bans, $single = false) { + $newbans = array(); + foreach ($bans as $oldban) { + $ban = array(); + $ban['id'] = $oldban[BAN_ID]; + $ban['ip'] = $oldban[BAN_IP]; + $ban['timestamp'] = $oldban[BAN_TIMESTAMP]; + $ban['expire'] = $oldban[BAN_EXPIRE]; + $ban['reason'] = $oldban[BAN_REASON]; + + if ($single) { + return $ban; + } + $newbans[] = $ban; + } + return $newbans; +} + +function insertBan($newban) { + $ban = array(); + $ban[BAN_ID] = '0'; + $ban[BAN_IP] = hashData($newban['ip']); + $ban[BAN_TIMESTAMP] = time(); + $ban[BAN_EXPIRE] = $newban['expire']; + $ban[BAN_REASON] = $newban['reason']; + + return $GLOBALS['db']->insertWithAutoId(BANS_FILE, BAN_ID, $ban); +} + +function clearExpiredBans() { + $compClause = new AndWhereClause(); + $compClause->add(new SimpleWhereClause(BAN_EXPIRE, '>', 0, INTEGER_COMPARISON)); + $compClause->add(new SimpleWhereClause(BAN_EXPIRE, '<=', time(), INTEGER_COMPARISON)); + + $bans = $GLOBALS['db']->selectWhere(BANS_FILE, $compClause, -1); + foreach ($bans as $ban) { + deleteBanByID($ban[BAN_ID]); + } +} + +function deleteBanByID($id) { + $GLOBALS['db']->deleteWhere(BANS_FILE, new SimpleWhereClause(BAN_ID, '=', $id, INTEGER_COMPARISON)); +} + +// Keyword functions +function keywordByID($id) { + $clause = new SimpleWhereClause(KEYWORD_ID, '=', $id, INTEGER_COMPARISON); + return convertKeywordsToSQLStyle($GLOBALS['db']->selectWhere(KEYWORDS_FILE, $clause, 1), true); +} + +function keywordByText($text) { + $text = strtolower($text); + $clause = new SimpleWhereClause(KEYWORD_TEXT, '=', $text, STRING_COMPARISON); + return convertKeywordsToSQLStyle($GLOBALS['db']->selectWhere(KEYWORDS_FILE, $clause, 1), true); +} + +function allKeywords() { + $rows = $GLOBALS['db']->selectWhere(KEYWORDS_FILE, NULL, -1, new OrderBy(KEYWORD_TEXT, ASCENDING, INTEGER_COMPARISON)); + return convertKeywordsToSQLStyle($rows); +} + +function convertKeywordsToSQLStyle($keywords, $single = false) { + $newkeywords = array(); + foreach ($keywords as $oldkeyword) { + $keyword = array(); + $keyword['id'] = $oldkeyword[KEYWORD_ID]; + $keyword['text'] = $oldkeyword[KEYWORD_TEXT]; + $keyword['action'] = $oldkeyword[KEYWORD_ACTION]; + + if ($single) { + return $keyword; + } + $newkeywords[] = $keyword; + } + return $newkeywords; +} + +function insertKeyword($newkeyword) { + $newkeyword['text'] = strtolower($newkeyword['text']); + + $keyword = array(); + $keyword[KEYWORD_ID] = '0'; + $keyword[KEYWORD_TEXT] = $newkeyword['text']; + $keyword[KEYWORD_ACTION] = $newkeyword['action']; + + $GLOBALS['db']->insertWithAutoId(KEYWORDS_FILE, KEYWORD_ID, $keyword); +} + +function deleteKeyword($id) { + $GLOBALS['db']->deleteWhere(KEYWORDS_FILE, new SimpleWhereClause(KEYWORD_ID, '=', $id, INTEGER_COMPARISON)); +} + +// Log functions +function allLogs() { + $rows = $GLOBALS['db']->selectWhere(LOGS_FILE, NULL, -1, new OrderBy(LOG_ID, DESCENDING, INTEGER_COMPARISON)); + return convertLogsToSQLStyle($rows); +} + +function convertLogsToSQLStyle($logs, $single = false) { + $newlogs = array(); + foreach ($logs as $l) { + $log = array(); + $log['id'] = $l[LOG_ID]; + $log['timestamp'] = $l[LOG_TIMESTAMP]; + $log['account'] = $l[LOG_ACCOUNT]; + $log['message'] = $l[LOG_MESSAGE]; + + if ($single) { + return $log; + } + $newlogs[] = $log; + } + return $newlogs; +} + +function insertLog($l) { + $log = array(); + $log['id'] = '0'; + $log['timestamp'] = $l[LOG_TIMESTAMP]; + $log['account'] = $l[LOG_ACCOUNT]; + $log['message'] = $l[LOG_MESSAGE]; + + $GLOBALS['db']->insertWithAutoId(LOGS_FILE, LOG_ID, $log); +} + +function deleteLog($id) { + $GLOBALS['db']->deleteWhere(LOGS_FILE, new SimpleWhereClause(LOG_ID, '=', $id, INTEGER_COMPARISON)); +} + // Post functions function uniquePosts() { return 0; // Unsupported by this database option @@ -96,7 +308,7 @@ function countThreads() { return count($rows); } -function convertPostsToSQLStyle($posts, $singlepost = false) { +function convertPostsToSQLStyle($posts, $single = false) { $newposts = array(); foreach ($posts as $oldpost) { $post = newPost(); @@ -129,7 +341,7 @@ function convertPostsToSQLStyle($posts, $singlepost = false) { $post['parent'] = TINYIB_NEWTHREAD; } - if ($singlepost) { + if ($single) { return $post; } $newposts[] = $post; @@ -201,67 +413,6 @@ function lastPostByIP() { return convertPostsToSQLStyle($rows, true); } -// Ban functions -function banByID($id) { - return convertBansToSQLStyle($GLOBALS['db']->selectWhere(BANS_FILE, new SimpleWhereClause(BAN_ID, '=', $id, INTEGER_COMPARISON), 1), true); -} - -function banByIP($ip) { - $compClause = new OrWhereClause(); - $compClause->add(new SimpleWhereClause(BAN_IP, '=', $ip, STRING_COMPARISON)); - $compClause->add(new SimpleWhereClause(BAN_IP, '=', hashData($ip), STRING_COMPARISON)); - return convertBansToSQLStyle($GLOBALS['db']->selectWhere(BANS_FILE, $compClause, 1), true); -} - -function allBans() { - $rows = $GLOBALS['db']->selectWhere(BANS_FILE, NULL, -1, new OrderBy(BAN_TIMESTAMP, DESCENDING, INTEGER_COMPARISON)); - return convertBansToSQLStyle($rows); -} - -function convertBansToSQLStyle($bans, $singleban = false) { - $newbans = array(); - foreach ($bans as $oldban) { - $ban = array(); - $ban['id'] = $oldban[BAN_ID]; - $ban['ip'] = $oldban[BAN_IP]; - $ban['timestamp'] = $oldban[BAN_TIMESTAMP]; - $ban['expire'] = $oldban[BAN_EXPIRE]; - $ban['reason'] = $oldban[BAN_REASON]; - - if ($singleban) { - return $ban; - } - $newbans[] = $ban; - } - return $newbans; -} - -function insertBan($newban) { - $ban = array(); - $ban[BAN_ID] = '0'; - $ban[BAN_IP] = hashData($newban['ip']); - $ban[BAN_TIMESTAMP] = time(); - $ban[BAN_EXPIRE] = $newban['expire']; - $ban[BAN_REASON] = $newban['reason']; - - return $GLOBALS['db']->insertWithAutoId(BANS_FILE, BAN_ID, $ban); -} - -function clearExpiredBans() { - $compClause = new AndWhereClause(); - $compClause->add(new SimpleWhereClause(BAN_EXPIRE, '>', 0, INTEGER_COMPARISON)); - $compClause->add(new SimpleWhereClause(BAN_EXPIRE, '<=', time(), INTEGER_COMPARISON)); - - $bans = $GLOBALS['db']->selectWhere(BANS_FILE, $compClause, -1); - foreach ($bans as $ban) { - deleteBanByID($ban[BAN_ID]); - } -} - -function deleteBanByID($id) { - $GLOBALS['db']->deleteWhere(BANS_FILE, new SimpleWhereClause(BAN_ID, '=', $id, INTEGER_COMPARISON)); -} - // Report functions function reportByIP($post, $ip) { $ipClause = new OrWhereClause(); @@ -284,7 +435,7 @@ function allReports() { return convertReportsToSQLStyle($rows); } -function convertReportsToSQLStyle($reports, $singlereport = false) { +function convertReportsToSQLStyle($reports, $single = false) { $newreports = array(); foreach ($reports as $oldreport) { $report = array(); @@ -292,7 +443,7 @@ function convertReportsToSQLStyle($reports, $singlereport = false) { $report['ip'] = $oldreport[REPORT_IP]; $report['post'] = $oldreport[REPORT_POST]; - if ($singlereport) { + if ($single) { return $report; } $newreports[] = $report; @@ -320,50 +471,3 @@ function deleteReportsByIP($ip) { $GLOBALS['db']->deleteWhere(REPORTS_FILE, $ipClause); } - -// Keyword functions -function keywordByID($id) { - $clause = new SimpleWhereClause(KEYWORD_ID, '=', $id, INTEGER_COMPARISON); - return convertKeywordsToSQLStyle($GLOBALS['db']->selectWhere(KEYWORDS_FILE, $clause, 1), true); -} -function keywordByText($text) { - $text = strtolower($text); - $clause = new SimpleWhereClause(KEYWORD_TEXT, '=', $text, STRING_COMPARISON); - return convertKeywordsToSQLStyle($GLOBALS['db']->selectWhere(KEYWORDS_FILE, $clause, 1), true); -} - -function allKeywords() { - $rows = $GLOBALS['db']->selectWhere(KEYWORDS_FILE, NULL, -1, new OrderBy(KEYWORD_TEXT, ASCENDING, INTEGER_COMPARISON)); - return convertKeywordsToSQLStyle($rows); -} - -function convertKeywordsToSQLStyle($keywords, $singlekeyword = false) { - $newkeywords = array(); - foreach ($keywords as $oldkeyword) { - $keyword = array(); - $keyword['id'] = $oldkeyword[KEYWORD_ID]; - $keyword['text'] = $oldkeyword[KEYWORD_TEXT]; - $keyword['action'] = $oldkeyword[KEYWORD_ACTION]; - - if ($singlekeyword) { - return $keyword; - } - $newkeywords[] = $keyword; - } - return $newkeywords; -} - -function insertKeyword($newkeyword) { - $newkeyword['text'] = strtolower($newkeyword['text']); - - $keyword = array(); - $keyword[KEYWORD_ID] = '0'; - $keyword[KEYWORD_TEXT] = $newkeyword['text']; - $keyword[KEYWORD_ACTION] = $newkeyword['action']; - - $GLOBALS['db']->insertWithAutoId(KEYWORDS_FILE, KEYWORD_ID, $keyword); -} - -function deleteKeyword($id) { - $GLOBALS['db']->deleteWhere(KEYWORDS_FILE, new SimpleWhereClause(KEYWORD_ID, '=', $id, INTEGER_COMPARISON)); -} diff --git a/inc/database/flatfile_link.php b/inc/database/flatfile_link.php index bd961d7..1a1dbc2 100644 --- a/inc/database/flatfile_link.php +++ b/inc/database/flatfile_link.php @@ -3,6 +3,35 @@ if (!defined('TINYIB_BOARD')) { die(''); } +// Accounts table +define('ACCOUNTS_FILE', '.accounts'); +define('ACCOUNT_ID', 0); +define('ACCOUNT_USERNAME', 1); +define('ACCOUNT_PASSWORD', 2); +define('ACCOUNT_ROLE', 3); +define('ACCOUNT_LASTACTIVE', 4); + +// Bans table +define('BANS_FILE', '.bans'); +define('BAN_ID', 0); +define('BAN_IP', 1); +define('BAN_TIMESTAMP', 2); +define('BAN_EXPIRE', 3); +define('BAN_REASON', 4); + +// Keywords table +define('KEYWORDS_FILE', '.keywords'); +define('KEYWORD_ID', 0); +define('KEYWORD_TEXT', 1); +define('KEYWORD_ACTION', 2); + +// Log table +define('LOGS_FILE', '.logs'); +define('LOG_ID', 0); +define('LOG_TIMESTAMP', 1); +define('LOG_ACCOUNT', 2); +define('LOG_MESSAGE', 3); + // Posts table define('POSTS_FILE', '.posts'); define('POST_ID', 0); @@ -31,26 +60,12 @@ define('POST_STICKIED', 22); define('POST_LOCKED', 23); define('POST_MODERATED', 24); -// Bans table -define('BANS_FILE', '.bans'); -define('BAN_ID', 0); -define('BAN_IP', 1); -define('BAN_TIMESTAMP', 2); -define('BAN_EXPIRE', 3); -define('BAN_REASON', 4); - // Reports table define('REPORTS_FILE', '.reports'); define('REPORT_ID', 0); define('REPORT_IP', 1); define('REPORT_POST', 2); -// Keywords table -define('KEYWORDS_FILE', '.keywords'); -define('KEYWORD_ID', 0); -define('KEYWORD_TEXT', 1); -define('KEYWORD_ACTION', 2); - require_once 'flatfile/flatfile.php'; $db = new Flatfile(); $db->datadir = 'inc/database/flatfile/'; @@ -60,59 +75,78 @@ if (file_exists('inc/flatfile/' . POSTS_FILE)) { } if (function_exists('insertPost')) { - function migratePost($newpost) { - $post = array(); - $post[POST_ID] = $newpost['id']; - $post[POST_PARENT] = $newpost['parent']; - $post[POST_TIMESTAMP] = $newpost['timestamp']; - $post[POST_BUMPED] = $newpost['bumped']; - $post[POST_IP] = $newpost['ip']; - $post[POST_NAME] = $newpost['name']; - $post[POST_TRIPCODE] = $newpost['tripcode']; - $post[POST_EMAIL] = $newpost['email']; - $post[POST_NAMEBLOCK] = $newpost['nameblock']; - $post[POST_SUBJECT] = $newpost['subject']; - $post[POST_MESSAGE] = $newpost['message']; - $post[POST_PASSWORD] = $newpost['password']; - $post[POST_FILE] = $newpost['file']; - $post[POST_FILE_HEX] = $newpost['file_hex']; - $post[POST_FILE_ORIGINAL] = $newpost['file_original']; - $post[POST_FILE_SIZE] = $newpost['file_size']; - $post[POST_FILE_SIZE_FORMATTED] = $newpost['file_size_formatted']; - $post[POST_IMAGE_WIDTH] = $newpost['image_width']; - $post[POST_IMAGE_HEIGHT] = $newpost['image_height']; - $post[POST_THUMB] = $newpost['thumb']; - $post[POST_THUMB_WIDTH] = $newpost['thumb_width']; - $post[POST_THUMB_HEIGHT] = $newpost['thumb_height']; - $post[POST_MODERATED] = $newpost['moderated']; - $post[POST_STICKIED] = $newpost['stickied']; - $post[POST_LOCKED] = $newpost['locked']; - $GLOBALS['db']->insertWithAutoId(POSTS_FILE, POST_ID, $post); + function migrateAccount($a) { + $account = array(); + $account[ACCOUNT_ID] = $a['id']; + $account[ACCOUNT_USERNAME] = $a['username']; + $account[ACCOUNT_PASSWORD] = $a['password']; + $account[ACCOUNT_ROLE] = $a['role']; + $account[ACCOUNT_LASTACTIVE] = $a['lastactive']; + $GLOBALS['db']->insertWithAutoId(ACCOUNTS_FILE, ACCOUNT_ID, $account); } - function migrateBan($newban) { + function migrateBan($b) { $ban = array(); - $ban[BAN_ID] = $newban['id']; - $ban[BAN_IP] = $newban['ip']; - $ban[BAN_TIMESTAMP] = $newban['timestamp']; - $ban[BAN_EXPIRE] = $newban['expire']; - $ban[BAN_REASON] = $newban['reason']; + $ban[BAN_ID] = $b['id']; + $ban[BAN_IP] = $b['ip']; + $ban[BAN_TIMESTAMP] = $b['timestamp']; + $ban[BAN_EXPIRE] = $b['expire']; + $ban[BAN_REASON] = $b['reason']; $GLOBALS['db']->insertWithAutoId(BANS_FILE, BAN_ID, $ban); } - function migrateReport($newreport) { - $report = array(); - $report[REPORT_ID] = $newreport['id']; - $report[REPORT_IP] = $newreport['ip']; - $report[REPORT_POST] = $newreport['post']; - $GLOBALS['db']->insertWithAutoId(REPORTS_FILE, REPORT_ID, $report); - } - - function migrateKeyword($newkeyword) { + function migrateKeyword($k) { $keyword = array(); - $keyword[KEYWORD_ID] = $newkeyword['id']; - $keyword[KEYWORD_TEXT] = $newkeyword['text']; - $keyword[KEYWORD_ACTION] = $newkeyword['action']; + $keyword[KEYWORD_ID] = $k['id']; + $keyword[KEYWORD_TEXT] = $k['text']; + $keyword[KEYWORD_ACTION] = $k['action']; $GLOBALS['db']->insertWithAutoId(KEYWORDS_FILE, KEYWORD_ID, $keyword); } + + function migrateLog($l) { + $log = array(); + $log[LOG_ID] = $l['id']; + $log[LOG_TIMESTAMP] = $l['timestamp']; + $log[LOG_ACCOUNT] = $l['account']; + $log[LOG_MESSAGE] = $l['message']; + $GLOBALS['db']->insertWithAutoId(LOGS_FILE, LOG_ID, $log); + } + + function migratePost($p) { + $post = array(); + $post[POST_ID] = $p['id']; + $post[POST_PARENT] = $p['parent']; + $post[POST_TIMESTAMP] = $p['timestamp']; + $post[POST_BUMPED] = $p['bumped']; + $post[POST_IP] = $p['ip']; + $post[POST_NAME] = $p['name']; + $post[POST_TRIPCODE] = $p['tripcode']; + $post[POST_EMAIL] = $p['email']; + $post[POST_NAMEBLOCK] = $p['nameblock']; + $post[POST_SUBJECT] = $p['subject']; + $post[POST_MESSAGE] = $p['message']; + $post[POST_PASSWORD] = $p['password']; + $post[POST_FILE] = $p['file']; + $post[POST_FILE_HEX] = $p['file_hex']; + $post[POST_FILE_ORIGINAL] = $p['file_original']; + $post[POST_FILE_SIZE] = $p['file_size']; + $post[POST_FILE_SIZE_FORMATTED] = $p['file_size_formatted']; + $post[POST_IMAGE_WIDTH] = $p['image_width']; + $post[POST_IMAGE_HEIGHT] = $p['image_height']; + $post[POST_THUMB] = $p['thumb']; + $post[POST_THUMB_WIDTH] = $p['thumb_width']; + $post[POST_THUMB_HEIGHT] = $p['thumb_height']; + $post[POST_MODERATED] = $p['moderated']; + $post[POST_STICKIED] = $p['stickied']; + $post[POST_LOCKED] = $p['locked']; + $GLOBALS['db']->insertWithAutoId(POSTS_FILE, POST_ID, $post); + } + + function migrateReport($r) { + $report = array(); + $report[REPORT_ID] = $r['id']; + $report[REPORT_IP] = $r['ip']; + $report[REPORT_POST] = $r['post']; + $GLOBALS['db']->insertWithAutoId(REPORTS_FILE, REPORT_ID, $report); + } } diff --git a/inc/database/mysql.php b/inc/database/mysql.php index 8babfed..c9abc90 100644 --- a/inc/database/mysql.php +++ b/inc/database/mysql.php @@ -3,6 +3,47 @@ if (!defined('TINYIB_BOARD')) { die(''); } +// Account functions +function accountByID($id) { + $result = mysql_query("SELECT * FROM `" . TINYIB_DBACCOUNTS . "` WHERE `id` = '" . mysql_real_escape_string($id) . "' LIMIT 1"); + if ($result) { + while ($account = mysql_fetch_assoc($result)) { + return $account; + } + } +} + +function accountByUsername($username) { + $result = mysql_query("SELECT * FROM `" . TINYIB_DBACCOUNTS . "` WHERE `username` = '" . mysql_real_escape_string($username) . "' LIMIT 1"); + if ($result) { + while ($account = mysql_fetch_assoc($result)) { + return $account; + } + } +} + +function allAccounts($username) { + $result = mysql_query("SELECT * FROM `" . TINYIB_DBACCOUNTS . "` ORDER BY `role` ASC, `username` ASC"); + if ($result) { + while ($account = mysql_fetch_assoc($result)) { + return $account; + } + } +} + +function insertAccount($account) { + mysql_query("INSERT INTO `" . TINYIB_DBACCOUNTS . "` (`username`, `password`, `role`, `lastactive`) VALUES (" . $account['username'] . ", '" . hashData($account['password']) . "', '" . mysql_real_escape_string($account['role']) . "', '0')"); + return mysql_insert_id(); +} + +function updateAccount($account) { + mysql_query("UPDATE `" . TINYIB_DBACCOUNTS . "` SET `username` = " . $account['username'] . ", `password` = '" . hashData($account['password']) . "', `role` = '" . mysql_real_escape_string($account['role']) . "', `lastactive` = " . mysql_real_escape_string($account['lastactive']) . " WHERE `id` = '" . mysql_real_escape_string($account['id']) . "'"); +} + +function deleteAccountByID($id) { + mysql_query("DELETE FROM `" . TINYIB_DBACCOUNTS . "` WHERE `id` = '" . mysql_real_escape_string($id) . "'"); +} + // Post functions function uniquePosts() { $row = mysql_fetch_row(mysql_query("SELECT COUNT(DISTINCT(`ip`)) FROM " . TINYIB_DBPOSTS)); diff --git a/inc/database/mysql_link.php b/inc/database/mysql_link.php index 95a96e2..7c821c1 100644 --- a/inc/database/mysql_link.php +++ b/inc/database/mysql_link.php @@ -17,26 +17,31 @@ if (!$db_selected) { } mysql_query("SET NAMES 'utf8mb4'"); -// Create the posts table if it does not exist -if (mysql_num_rows(mysql_query("SHOW TABLES LIKE '" . TINYIB_DBPOSTS . "'")) == 0) { - mysql_query($posts_sql); +// Create tables (when necessary) +if (mysql_num_rows(mysql_query("SHOW TABLES LIKE '" . TINYIB_DBACCOUNTS . "'")) == 0) { + mysql_query($accounts_sql); } -// Create the bans table if it does not exist if (mysql_num_rows(mysql_query("SHOW TABLES LIKE '" . TINYIB_DBBANS . "'")) == 0) { mysql_query($bans_sql); } -// Create the reports table if it does not exist -if (mysql_num_rows(mysql_query("SHOW TABLES LIKE '" . TINYIB_DBREPORTS . "'")) == 0) { - mysql_query($reports_sql); -} - -// Create the keywords table if it does not exist if (mysql_num_rows(mysql_query("SHOW TABLES LIKE '" . TINYIB_DBKEYWORDS . "'")) == 0) { mysql_query($keywords_sql); } +if (mysql_num_rows(mysql_query("SHOW TABLES LIKE '" . TINYIB_DBLOGS . "'")) == 0) { + mysql_query($logs_sql); +} + +if (mysql_num_rows(mysql_query("SHOW TABLES LIKE '" . TINYIB_DBPOSTS . "'")) == 0) { + mysql_query($posts_sql); +} + +if (mysql_num_rows(mysql_query("SHOW TABLES LIKE '" . TINYIB_DBREPORTS . "'")) == 0) { + mysql_query($reports_sql); +} + if (mysql_num_rows(mysql_query("SHOW COLUMNS FROM `" . TINYIB_DBPOSTS . "` LIKE 'stickied'")) == 0) { mysql_query("ALTER TABLE `" . TINYIB_DBPOSTS . "` ADD COLUMN stickied TINYINT(1) NOT NULL DEFAULT '0'"); } @@ -51,19 +56,27 @@ mysql_query("ALTER TABLE `" . TINYIB_DBPOSTS . "` MODIFY ip VARCHAR(255) NOT NUL mysql_query("ALTER TABLE `" . TINYIB_DBBANS . "` MODIFY ip VARCHAR(255) NOT NULL DEFAULT ''"); if (function_exists('insertPost')) { - function migratePost($post) { - mysql_query("INSERT INTO " . TINYIB_DBPOSTS . " (id, parent, timestamp, bumped, ip, name, tripcode, email, nameblock, subject, message, password, file, file_hex, file_original, file_size, file_size_formatted, image_width, image_height, thumb, thumb_width, thumb_height, moderated, stickied, locked) VALUES (" . $post['id'] . ", " . $post['parent'] . ", " . $post['timestamp'] . ", " . $post['bumped'] . ", '" . mysql_real_escape_string($post['ip']) . "', '" . mysql_real_escape_string($post['name']) . "', '" . mysql_real_escape_string($post['tripcode']) . "', '" . mysql_real_escape_string($post['email']) . "', '" . mysql_real_escape_string($post['nameblock']) . "', '" . mysql_real_escape_string($post['subject']) . "', '" . mysql_real_escape_string($post['message']) . "', '" . mysql_real_escape_string($post['password']) . "', '" . $post['file'] . "', '" . $post['file_hex'] . "', '" . mysql_real_escape_string($post['file_original']) . "', " . $post['file_size'] . ", '" . $post['file_size_formatted'] . "', " . $post['image_width'] . ", " . $post['image_height'] . ", '" . $post['thumb'] . "', " . $post['thumb_width'] . ", " . $post['thumb_height'] . ", " . $post['moderated'] . ", " . $post['stickied'] . ", " . $post['locked'] . ")"); + function migrateAccount($account) { + mysql_query("INSERT INTO " . TINYIB_DBACCOUNTS . " (id, username, password, role, lastactive) VALUES ('" . mysql_real_escape_string($account['id']) . "', '" . mysql_real_escape_string($account['username']) . "', '" . mysql_real_escape_string($account['password']) . "', '" . mysql_real_escape_string($account['role']) . "', '" . mysql_real_escape_string($account['lastactive']) . "')"); } function migrateBan($ban) { mysql_query("INSERT INTO " . TINYIB_DBBANS . " (id, ip, timestamp, expire, reason) VALUES (" . mysql_real_escape_string($ban['id']) . "', '" . mysql_real_escape_string($ban['ip']) . "', '" . mysql_real_escape_string($ban['timestamp']) . "', '" . mysql_real_escape_string($ban['expire']) . "', '" . mysql_real_escape_string($ban['reason']) . "')"); } - function migrateReport($report) { - mysql_query("INSERT INTO " . TINYIB_DBREPORTS . " (id, ip, post) VALUES ('" . mysql_real_escape_string($report['id']) . "', '" . mysql_real_escape_string($report['ip']) . "', '" . mysql_real_escape_string($report['post']) . "')"); - } - function migrateKeyword($keyword) { mysql_query("INSERT INTO " . TINYIB_DBKEYWORDS . " (id, text, action) VALUES ('" . mysql_real_escape_string($keyword['id']) . "', '" . mysql_real_escape_string($keyword['text']) . "', '" . mysql_real_escape_string($keyword['action']) . "')"); } + + function migrateLog($log) { + mysql_query("INSERT INTO " . TINYIB_DBLOGS . " (id, timestamp, account, message) VALUES ('" . mysql_real_escape_string($log['id']) . "', '" . mysql_real_escape_string($log['timestamp']) . "', '" . mysql_real_escape_string($log['account']) . "', '" . mysql_real_escape_string($log['message']) . "')"); + } + + function migratePost($post) { + mysql_query("INSERT INTO " . TINYIB_DBPOSTS . " (id, parent, timestamp, bumped, ip, name, tripcode, email, nameblock, subject, message, password, file, file_hex, file_original, file_size, file_size_formatted, image_width, image_height, thumb, thumb_width, thumb_height, moderated, stickied, locked) VALUES (" . $post['id'] . ", " . $post['parent'] . ", " . $post['timestamp'] . ", " . $post['bumped'] . ", '" . mysql_real_escape_string($post['ip']) . "', '" . mysql_real_escape_string($post['name']) . "', '" . mysql_real_escape_string($post['tripcode']) . "', '" . mysql_real_escape_string($post['email']) . "', '" . mysql_real_escape_string($post['nameblock']) . "', '" . mysql_real_escape_string($post['subject']) . "', '" . mysql_real_escape_string($post['message']) . "', '" . mysql_real_escape_string($post['password']) . "', '" . $post['file'] . "', '" . $post['file_hex'] . "', '" . mysql_real_escape_string($post['file_original']) . "', " . $post['file_size'] . ", '" . $post['file_size_formatted'] . "', " . $post['image_width'] . ", " . $post['image_height'] . ", '" . $post['thumb'] . "', " . $post['thumb_width'] . ", " . $post['thumb_height'] . ", " . $post['moderated'] . ", " . $post['stickied'] . ", " . $post['locked'] . ")"); + } + + function migrateReport($report) { + mysql_query("INSERT INTO " . TINYIB_DBREPORTS . " (id, ip, post) VALUES ('" . mysql_real_escape_string($report['id']) . "', '" . mysql_real_escape_string($report['ip']) . "', '" . mysql_real_escape_string($report['post']) . "')"); + } } diff --git a/inc/database/mysqli.php b/inc/database/mysqli.php index 04bd1f8..a24e670 100644 --- a/inc/database/mysqli.php +++ b/inc/database/mysqli.php @@ -3,6 +3,55 @@ if (!defined('TINYIB_BOARD')) { die(''); } +// Account functions +function accountByID($id) { + global $link; + $result = mysqli_query($link, "SELECT * FROM `" . TINYIB_DBACCOUNTS . "` WHERE `id` = '" . mysqli_real_escape_string($link, $id) . "' LIMIT 1"); + if ($result) { + while ($account = mysqli_fetch_assoc($result)) { + return $account; + } + } +} + +function accountByUsername($username) { + global $link; + $result = mysqli_query($link, "SELECT * FROM `" . TINYIB_DBACCOUNTS . "` WHERE `username` = '" . mysqli_real_escape_string($link, $username) . "' LIMIT 1"); + if ($result) { + while ($account = mysqli_fetch_assoc($result)) { + return $account; + } + } +} + +function allAccounts() { + global $link; + $accounts = array(); + $result = mysqli_query($link, "SELECT * FROM `" . TINYIB_DBACCOUNTS . "` ORDER BY `role` ASC, `username` ASC"); + if ($result) { + while ($account = mysqli_fetch_assoc($result)) { + $accounts[] = $account; + } + } + return $accounts; +} + +function insertAccount($account) { + global $link; + mysqli_query($link, "INSERT INTO `" . TINYIB_DBACCOUNTS . "` (`username`, `password`, `role`, `lastactive`) VALUES ('" . mysqli_real_escape_string($link, $account['username']) . "', '" . mysqli_real_escape_string($link, hashData($account['password'])) . "', '" . mysqli_real_escape_string($link, $account['role']) . "', '0')"); + return mysqli_insert_id($link); +} + +function updateAccount($account) { + global $link; + mysqli_query($link, "UPDATE `" . TINYIB_DBACCOUNTS . "` SET `username` = '" . mysqli_real_escape_string($link, $account['username']) . "', `password` = '" . mysqli_real_escape_string($link, hashData($account['password'])) . "', `role` = '" . mysqli_real_escape_string($link, $account['role']) . "', `lastactive` = " . mysqli_real_escape_string($link, $account['lastactive']) . " WHERE `id` = " . mysqli_real_escape_string($link, $account['id']) . " LIMIT 1"); +} + +function deleteAccountByID($id) { + global $link; + mysqli_query($link, "DELETE FROM `" . TINYIB_DBACCOUNTS . "` WHERE `id` = " . mysqli_real_escape_string($link, $id) . " LIMIT 1"); +} + // Post functions function uniquePosts() { global $link; diff --git a/inc/database/mysqli_link.php b/inc/database/mysqli_link.php index c9b2893..4ed2319 100644 --- a/inc/database/mysqli_link.php +++ b/inc/database/mysqli_link.php @@ -17,26 +17,31 @@ if (!$db_selected) { } mysqli_query($link, "SET NAMES 'utf8mb4'"); -// Create the posts table if it does not exist -if (mysqli_num_rows(mysqli_query($link, "SHOW TABLES LIKE '" . TINYIB_DBPOSTS . "'")) == 0) { - mysqli_query($link, $posts_sql); +// Create tables (when necessary) +if (mysqli_num_rows(mysqli_query($link, "SHOW TABLES LIKE '" . TINYIB_DBACCOUNTS . "'")) == 0) { + mysqli_query($link, $accounts_sql); } -// Create the bans table if it does not exist if (mysqli_num_rows(mysqli_query($link, "SHOW TABLES LIKE '" . TINYIB_DBBANS . "'")) == 0) { mysqli_query($link, $bans_sql); } -// Create the reports table if it does not exist -if (mysqli_num_rows(mysqli_query($link, "SHOW TABLES LIKE '" . TINYIB_DBREPORTS . "'")) == 0) { - mysqli_query($link, $reports_sql); -} - -// Create the keywords table if it does not exist if (mysqli_num_rows(mysqli_query($link, "SHOW TABLES LIKE '" . TINYIB_DBKEYWORDS . "'")) == 0) { mysqli_query($link, $keywords_sql); } +if (mysqli_num_rows(mysqli_query($link, "SHOW TABLES LIKE '" . TINYIB_DBLOGS . "'")) == 0) { + mysqli_query($link, $logs_sql); +} + +if (mysqli_num_rows(mysqli_query($link, "SHOW TABLES LIKE '" . TINYIB_DBPOSTS . "'")) == 0) { + mysqli_query($link, $posts_sql); +} + +if (mysqli_num_rows(mysqli_query($link, "SHOW TABLES LIKE '" . TINYIB_DBREPORTS . "'")) == 0) { + mysqli_query($link, $reports_sql); +} + if (mysqli_num_rows(mysqli_query($link, "SHOW COLUMNS FROM `" . TINYIB_DBPOSTS . "` LIKE 'stickied'")) == 0) { mysqli_query($link, "ALTER TABLE `" . TINYIB_DBPOSTS . "` ADD COLUMN stickied TINYINT(1) NOT NULL DEFAULT '0'"); } @@ -51,9 +56,9 @@ mysqli_query($link, "ALTER TABLE `" . TINYIB_DBPOSTS . "` MODIFY ip VARCHAR(255) mysqli_query($link, "ALTER TABLE `" . TINYIB_DBBANS . "` MODIFY ip VARCHAR(255) NOT NULL DEFAULT ''"); if (function_exists('insertPost')) { - function migratePost($post) { + function migrateAccount($account) { global $link; - mysqli_query($link, "INSERT INTO `" . TINYIB_DBPOSTS . "` (`id`, `parent`, `timestamp`, `bumped`, `ip`, `name`, `tripcode`, `email`, `nameblock`, `subject`, `message`, `password`, `file`, `file_hex`, `file_original`, `file_size`, `file_size_formatted`, `image_width`, `image_height`, `thumb`, `thumb_width`, `thumb_height`, `moderated`, `stickied`, `locked`) VALUES (" . $post['id'] . ", " . $post['parent'] . ", " . $post['timestamp'] . ", " . $post['bumped'] . ", '" . mysqli_real_escape_string($link, $post['ip']) . "', '" . mysqli_real_escape_string($link, $post['name']) . "', '" . mysqli_real_escape_string($link, $post['tripcode']) . "', '" . mysqli_real_escape_string($link, $post['email']) . "', '" . mysqli_real_escape_string($link, $post['nameblock']) . "', '" . mysqli_real_escape_string($link, $post['subject']) . "', '" . mysqli_real_escape_string($link, $post['message']) . "', '" . mysqli_real_escape_string($link, $post['password']) . "', '" . $post['file'] . "', '" . $post['file_hex'] . "', '" . mysqli_real_escape_string($link, $post['file_original']) . "', " . $post['file_size'] . ", '" . $post['file_size_formatted'] . "', " . $post['image_width'] . ", " . $post['image_height'] . ", '" . $post['thumb'] . "', " . $post['thumb_width'] . ", " . $post['thumb_height'] . ", " . $post['moderated'] . ", " . $post['stickied'] . ", " . $post['locked'] . ")"); + sqlite_query($GLOBALS["db"], "INSERT INTO " . TINYIB_DBACCOUNTS . " (id, username, password, role, lastactive) VALUES (" . mysqli_real_escape_string($link, $account['id']) . "', '" . mysqli_real_escape_string($link, $account['username']) . "', '" . mysqli_real_escape_string($link, $account['password']) . "', '" . mysqli_real_escape_string($link, $account['role']) . "', '" . mysqli_real_escape_string($link, $account['lastactive']) . "')"); } function migrateBan($ban) { @@ -61,13 +66,23 @@ if (function_exists('insertPost')) { sqlite_query($GLOBALS["db"], "INSERT INTO " . TINYIB_DBBANS . " (id, ip, timestamp, expire, reason) VALUES (" . mysqli_real_escape_string($link, $ban['id']) . "', '" . mysqli_real_escape_string($link, $ban['ip']) . "', '" . mysqli_real_escape_string($link, $ban['timestamp']) . "', '" . mysqli_real_escape_string($link, $ban['expire']) . "', '" . mysqli_real_escape_string($link, $ban['reason']) . "')"); } - function migrateReport($report) { - global $link; - sqlite_query($GLOBALS["db"], "INSERT INTO " . TINYIB_DBREPORTS . " (id, ip, post) VALUES ('" . mysqli_real_escape_string($link, $report['id']) . "', '" . mysqli_real_escape_string($link, $report['ip']) . "', '" . mysqli_real_escape_string($link, $report['post']) . "')"); - } - function migrateKeyword($keyword) { global $link; sqlite_query($GLOBALS["db"], "INSERT INTO " . TINYIB_DBKEYWORDS . " (id, text, action) VALUES ('" . mysqli_real_escape_string($link, $keyword['id']) . "', '" . mysqli_real_escape_string($link, $keyword['text']) . "', '" . mysqli_real_escape_string($link, $keyword['action']) . "')"); } + + function migrateLog($log) { + global $link; + sqlite_query($GLOBALS["db"], "INSERT INTO " . TINYIB_DBLOGS . " (id, timestamp, account, message) VALUES ('" . mysqli_real_escape_string($link, $log['id']) . "', '" . mysqli_real_escape_string($link, $log['timestamp']) . "', '" . mysqli_real_escape_string($link, $log['account']) . "', '" . mysqli_real_escape_string($link, $log['message']) . "')"); + } + + function migratePost($post) { + global $link; + mysqli_query($link, "INSERT INTO `" . TINYIB_DBPOSTS . "` (`id`, `parent`, `timestamp`, `bumped`, `ip`, `name`, `tripcode`, `email`, `nameblock`, `subject`, `message`, `password`, `file`, `file_hex`, `file_original`, `file_size`, `file_size_formatted`, `image_width`, `image_height`, `thumb`, `thumb_width`, `thumb_height`, `moderated`, `stickied`, `locked`) VALUES (" . $post['id'] . ", " . $post['parent'] . ", " . $post['timestamp'] . ", " . $post['bumped'] . ", '" . mysqli_real_escape_string($link, $post['ip']) . "', '" . mysqli_real_escape_string($link, $post['name']) . "', '" . mysqli_real_escape_string($link, $post['tripcode']) . "', '" . mysqli_real_escape_string($link, $post['email']) . "', '" . mysqli_real_escape_string($link, $post['nameblock']) . "', '" . mysqli_real_escape_string($link, $post['subject']) . "', '" . mysqli_real_escape_string($link, $post['message']) . "', '" . mysqli_real_escape_string($link, $post['password']) . "', '" . $post['file'] . "', '" . $post['file_hex'] . "', '" . mysqli_real_escape_string($link, $post['file_original']) . "', " . $post['file_size'] . ", '" . $post['file_size_formatted'] . "', " . $post['image_width'] . ", " . $post['image_height'] . ", '" . $post['thumb'] . "', " . $post['thumb_width'] . ", " . $post['thumb_height'] . ", " . $post['moderated'] . ", " . $post['stickied'] . ", " . $post['locked'] . ")"); + } + + function migrateReport($report) { + global $link; + sqlite_query($GLOBALS["db"], "INSERT INTO " . TINYIB_DBREPORTS . " (id, ip, post) VALUES ('" . mysqli_real_escape_string($link, $report['id']) . "', '" . mysqli_real_escape_string($link, $report['ip']) . "', '" . mysqli_real_escape_string($link, $report['post']) . "')"); + } } diff --git a/inc/database/pdo.php b/inc/database/pdo.php index fad1375..c196f69 100644 --- a/inc/database/pdo.php +++ b/inc/database/pdo.php @@ -3,6 +3,43 @@ if (!defined('TINYIB_BOARD')) { die(''); } +// Account functions +function accountByID($id) { + $result = pdoQuery("SELECT * FROM " . TINYIB_DBACCOUNTS . " WHERE id = ?", array($id)); + return $result->fetch(PDO::FETCH_ASSOC); +} + +function accountByUsername($username) { + $result = pdoQuery("SELECT * FROM " . TINYIB_DBACCOUNTS . " WHERE username = ? LIMIT 1", array($username)); + return $result->fetch(PDO::FETCH_ASSOC); +} + +function allAccounts() { + $accounts = array(); + $results = pdoQuery("SELECT * FROM " . TINYIB_DBACCOUNTS . " ORDER BY role ASC, username ASC"); + while ($row = $results->fetch(PDO::FETCH_ASSOC)) { + $accounts[] = $row; + } + return $accounts; +} + +function insertAccount($account) { + global $dbh; + $stm = $dbh->prepare("INSERT INTO " . TINYIB_DBACCOUNTS . " (username, password, role, lastactive) VALUES (?, ?, ?, ?)"); + $stm->execute(array($account['username'], hashData($account['password']), $account['role'], 0)); + return $dbh->lastInsertId(); +} + +function updateAccount($account) { + global $dbh; + $stm = $dbh->prepare("UPDATE " . TINYIB_DBACCOUNTS . " SET username = ?, password = ?, role = ?, lastactive = ? WHERE id = ?"); + $stm->execute(array($account['username'], hashData($account['password']), $account['role'], $account['lastactive'], $account['id'])); +} + +function deleteAccountByID($id) { + pdoQuery("DELETE FROM " . TINYIB_DBACCOUNTS . " WHERE id = ?", array($id)); +} + // Post functions function uniquePosts() { $result = pdoQuery("SELECT COUNT(DISTINCT(ip)) FROM " . TINYIB_DBPOSTS); diff --git a/inc/database/pdo_link.php b/inc/database/pdo_link.php index a48d568..f768a87 100644 --- a/inc/database/pdo_link.php +++ b/inc/database/pdo_link.php @@ -28,19 +28,40 @@ try { fancyDie("Failed to connect to the database: " . $e->getMessage()); } -// Create the posts table if it does not exist +// Create tables (when necessary) if (TINYIB_DBDRIVER === 'pgsql') { - $query = "SELECT COUNT(*) FROM pg_catalog.pg_tables WHERE tablename LIKE " . $dbh->quote(TINYIB_DBPOSTS); - $posts_exists = $dbh->query($query)->fetchColumn() != 0; + $query = "SELECT COUNT(*) FROM pg_catalog.pg_tables WHERE tablename LIKE " . $dbh->quote(TINYIB_DBACCOUNTS); + $accounts_exists = $dbh->query($query)->fetchColumn() != 0; } else { - $dbh->query("SHOW TABLES LIKE " . $dbh->quote(TINYIB_DBPOSTS)); - $posts_exists = $dbh->query("SELECT FOUND_ROWS()")->fetchColumn() != 0; + $dbh->query("SHOW TABLES LIKE " . $dbh->quote(TINYIB_DBACCOUNTS)); + $accounts_exists = $dbh->query("SELECT FOUND_ROWS()")->fetchColumn() != 0; } -if (!$posts_exists) { - $dbh->exec($posts_sql); +if (!$accounts_exists) { + $dbh->exec($accounts_sql); +} + +if (TINYIB_DBDRIVER === 'pgsql') { + $query = "SELECT COUNT(*) FROM pg_catalog.pg_tables WHERE tablename LIKE " . $dbh->quote(TINYIB_DBLOGS); + $logs_exists = $dbh->query($query)->fetchColumn() != 0; +} else { + $dbh->query("SHOW TABLES LIKE " . $dbh->quote(TINYIB_DBLOGS)); + $logs_exists = $dbh->query("SELECT FOUND_ROWS()")->fetchColumn() != 0; +} +if (!$logs_exists) { + $dbh->exec($logs_sql); +} + +if (TINYIB_DBDRIVER === 'pgsql') { + $query = "SELECT COUNT(*) FROM pg_catalog.pg_tables WHERE tablename LIKE " . $dbh->quote(TINYIB_DBKEYWORDS); + $keywords_exists = $dbh->query($query)->fetchColumn() != 0; +} else { + $dbh->query("SHOW TABLES LIKE " . $dbh->quote(TINYIB_DBKEYWORDS)); + $keywords_exists = $dbh->query("SELECT FOUND_ROWS()")->fetchColumn() != 0; +} +if (!$keywords_exists) { + $dbh->exec($keywords_sql); } -// Create the bans table if it does not exist if (TINYIB_DBDRIVER === 'pgsql') { $query = "SELECT COUNT(*) FROM pg_catalog.pg_tables WHERE tablename LIKE " . $dbh->quote(TINYIB_DBBANS); $bans_exists = $dbh->query($query)->fetchColumn() != 0; @@ -52,7 +73,17 @@ if (!$bans_exists) { $dbh->exec($bans_sql); } -// Create the reports table if it does not exist +if (TINYIB_DBDRIVER === 'pgsql') { + $query = "SELECT COUNT(*) FROM pg_catalog.pg_tables WHERE tablename LIKE " . $dbh->quote(TINYIB_DBPOSTS); + $posts_exists = $dbh->query($query)->fetchColumn() != 0; +} else { + $dbh->query("SHOW TABLES LIKE " . $dbh->quote(TINYIB_DBPOSTS)); + $posts_exists = $dbh->query("SELECT FOUND_ROWS()")->fetchColumn() != 0; +} +if (!$posts_exists) { + $dbh->exec($posts_sql); +} + if (TINYIB_DBDRIVER === 'pgsql') { $query = "SELECT COUNT(*) FROM pg_catalog.pg_tables WHERE tablename LIKE " . $dbh->quote(TINYIB_DBREPORTS); $reports_exists = $dbh->query($query)->fetchColumn() != 0; @@ -64,18 +95,6 @@ if (!$reports_exists) { $dbh->exec($reports_sql); } -// Create the keywords table if it does not exist -if (TINYIB_DBDRIVER === 'pgsql') { - $query = "SELECT COUNT(*) FROM pg_catalog.pg_tables WHERE tablename LIKE " . $dbh->quote(TINYIB_DBKEYWORDS); - $keywords_exists = $dbh->query($query)->fetchColumn() != 0; -} else { - $dbh->query("SHOW TABLES LIKE " . $dbh->quote(TINYIB_DBKEYWORDS)); - $keywords_exists = $dbh->query("SELECT FOUND_ROWS()")->fetchColumn() != 0; -} -if (!$keywords_exists) { - $dbh->exec($keywords_sql); -} - if (TINYIB_DBDRIVER === 'pgsql') { $query = "SELECT column_name FROM information_schema.columns WHERE table_name='" . TINYIB_DBPOSTS . "' and column_name='moderated'"; $moderated_exists = $dbh->query($query)->fetchColumn() != 0; @@ -137,6 +156,30 @@ function pdoQuery($sql, $params = false) { } if (function_exists('insertPost')) { + function migrateAccount($account) { + global $dbh; + $stm = $dbh->prepare("INSERT INTO " . TINYIB_DBACCOUNTS . " (id, username, password, role, lastactive) VALUES (?, ?, ?, ?, ?)"); + $stm->execute(array($account['id'], $account['username'], $account['password'], $account['role'], $account['lastactive'])); + } + + function migrateBan($ban) { + global $dbh; + $stm = $dbh->prepare("INSERT INTO " . TINYIB_DBBANS . " (id, ip, timestamp, expire, reason) VALUES (?, ?, ?, ?, ?)"); + $stm->execute(array($ban['id'], $ban['ip'], $ban['timestamp'], $ban['expire'], $ban['reason'])); + } + + function migrateKeyword($keyword) { + global $dbh; + $stm = $dbh->prepare("INSERT INTO " . TINYIB_DBKEYWORDS . " (id, text, action) VALUES (?, ?, ?)"); + $stm->execute(array($keyword['id'], $keyword['text'], $keyword['action'])); + } + + function migrateLog($log) { + global $dbh; + $stm = $dbh->prepare("INSERT INTO " . TINYIB_DBLOGS . " (id, timestamp, account, message) VALUES (?, ?, ?, ?)"); + $stm->execute(array($log['id'], $log['timestamp'], $log['account'], $log['message'])); + } + function migratePost($post) { global $dbh; $stm = $dbh->prepare("INSERT INTO " . TINYIB_DBPOSTS . " (id, parent, timestamp, bumped, ip, name, tripcode, email, nameblock, subject, message, password, file, file_hex, file_original, file_size, file_size_formatted, image_width, image_height, thumb, thumb_width, thumb_height, moderated, stickied, locked) " . @@ -147,21 +190,9 @@ if (function_exists('insertPost')) { $post['image_width'], $post['image_height'], $post['thumb'], $post['thumb_width'], $post['thumb_height'], $post['moderated'], $post['stickied'], $post['locked'])); } - function migrateBan($ban) { - global $dbh; - $stm = $dbh->prepare("INSERT INTO " . TINYIB_DBBANS . " (id, ip, timestamp, expire, reason) VALUES (?, ?, ?, ?, ?)"); - $stm->execute(array($ban['id'], $ban['ip'], $ban['timestamp'], $ban['expire'], $ban['reason'])); - } - function migrateReport($report) { global $dbh; $stm = $dbh->prepare("INSERT INTO " . TINYIB_DBREPORTS . " (id, ip, post) VALUES (?, ?, ?)"); $stm->execute(array($report['id'], $report['ip'], $report['post'])); } - - function migrateKeyword($keyword) { - global $dbh; - $stm = $dbh->prepare("INSERT INTO " . TINYIB_DBKEYWORDS . " (id, text, action) VALUES (?, ?, ?)"); - $stm->execute(array($keyword['id'], $keyword['text'], $keyword['action'])); - } } diff --git a/inc/database/sqlite.php b/inc/database/sqlite.php index a538c20..a8d6e0a 100644 --- a/inc/database/sqlite.php +++ b/inc/database/sqlite.php @@ -3,6 +3,43 @@ if (!defined('TINYIB_BOARD')) { die(''); } +// Account functions +function accountByID($id) { + $result = sqlite_fetch_all(sqlite_query($GLOBALS["db"], "SELECT * FROM " . TINYIB_DBACCOUNTS . " WHERE id = '" . sqlite_escape_string($id) . "' LIMIT 1"), SQLITE_ASSOC); + foreach ($result as $account) { + return $account; + } +} + +function accountByUsername($username) { + $result = sqlite_fetch_all(sqlite_query($GLOBALS["db"], "SELECT * FROM " . TINYIB_DBACCOUNTS . " WHERE username = '" . sqlite_escape_string($username) . "' LIMIT 1"), SQLITE_ASSOC); + foreach ($result as $account) { + return $account; + } +} + +function allAccounts() { + $accounts = array(); + $result = sqlite_fetch_all(sqlite_query($GLOBALS["db"], "SELECT * FROM " . TINYIB_DBACCOUNTS . " ORDER BY role ASC, username ASC"), SQLITE_ASSOC); + foreach ($result as $account) { + $accounts[] = $account; + } + return $accounts; +} + +function insertAccount($account) { + sqlite_query($GLOBALS["db"], "INSERT INTO " . TINYIB_DBACCOUNTS . " (username, password, role, lastactive) VALUES ('" . sqlite_escape_string($account['username']) . "', '" . sqlite_escape_string(hashData($account['password'])) . "', '" . sqlite_escape_string($account['role']) . "', '0')"); + return sqlite_last_insert_rowid($GLOBALS["db"]); +} + +function updateAccount($account) { + sqlite_query($GLOBALS["db"], "UPDATE " . TINYIB_DBACCOUNTS . " SET username = '" . sqlite_escape_string($account['username']) . "', password = '" . sqlite_escape_string(hashData($account['password'])) . "', role = '" . sqlite_escape_string($account['role']) . "', lastactive = '" . sqlite_escape_string($account['lastactive']) . "' WHERE id = " . sqlite_escape_string($account['id'])); +} + +function deleteAccountByID($id) { + sqlite_query($GLOBALS["db"], "DELETE FROM " . TINYIB_DBACCOUNTS . " WHERE id = " . sqlite_escape_string($id)); +} + // Post functions function uniquePosts() { return sqlite_fetch_single(sqlite_query($GLOBALS["db"], "SELECT COUNT(ip) FROM (SELECT DISTINCT ip FROM " . TINYIB_DBPOSTS . ")")); diff --git a/inc/database/sqlite3.php b/inc/database/sqlite3.php index 2edcf1b..425ca46 100644 --- a/inc/database/sqlite3.php +++ b/inc/database/sqlite3.php @@ -3,6 +3,50 @@ if (!defined('TINYIB_BOARD')) { die(''); } +// Account functions +function accountByID($id) { + global $db; + $result = $db->query("SELECT * FROM " . TINYIB_DBACCOUNTS . " WHERE id = '" . $db->escapeString($id) . "' LIMIT 1"); + while ($account = $result->fetchArray()) { + return $account; + } +} + +function accountByUsername($username) { + global $db; + $result = $db->query("SELECT * FROM " . TINYIB_DBACCOUNTS . " WHERE username = '" . $db->escapeString($username) . "' LIMIT 1"); + while ($account = $result->fetchArray()) { + return $account; + } +} + +function allAccounts() { + global $db; + $accounts = array(); + $result = $db->query("SELECT * FROM " . TINYIB_DBACCOUNTS . " ORDER BY role ASC, username ASC"); + while ($account = $result->fetchArray()) { + $accounts[] = $account; + } + return $accounts; +} + +function insertAccount($account) { + global $db; + $db->exec("INSERT INTO " . TINYIB_DBACCOUNTS . " (username, password, role, lastactive) VALUES ('" . $db->escapeString($account['username']) . "', '" . $db->escapeString(hashData($account['password'])) . "', '" . $db->escapeString($account['role']) . "', '0')"); + return $db->lastInsertRowID(); +} + +function updateAccount($account) { + global $db; + $db->exec("UPDATE " . TINYIB_DBACCOUNTS . " SET username = '" . $db->escapeString($account['username']) . "', password = '" . $db->escapeString(hashData($account['password'])) . "', role = '" . $db->escapeString($account['role']) . "', lastactive = '" . $db->escapeString($account['lastactive']) . "' WHERE id = " . $db->escapeString($account['id'])); + return $db->lastInsertRowID(); +} + +function deleteAccountByID($id) { + global $db; + $db->exec("DELETE FROM " . TINYIB_DBACCOUNTS . " WHERE id = " . $db->escapeString($id)); +} + // Post functions function uniquePosts() { global $db; @@ -132,52 +176,6 @@ function lastPostByIP() { } } -// Ban functions -function banByID($id) { - global $db; - $result = $db->query("SELECT * FROM " . TINYIB_DBBANS . " WHERE id = '" . $db->escapeString($id) . "' LIMIT 1"); - while ($ban = $result->fetchArray()) { - return $ban; - } -} - -function banByIP($ip) { - global $db; - $result = $db->query("SELECT * FROM " . TINYIB_DBBANS . " WHERE ip = '" . $db->escapeString($ip) . "' OR ip = '" . $db->escapeString(hashData($ip)) . "' LIMIT 1"); - while ($ban = $result->fetchArray()) { - return $ban; - } -} - -function allBans() { - global $db; - $bans = array(); - $result = $db->query("SELECT * FROM " . TINYIB_DBBANS . " ORDER BY timestamp DESC"); - while ($ban = $result->fetchArray()) { - $bans[] = $ban; - } - return $bans; -} - -function insertBan($ban) { - global $db; - $db->exec("INSERT INTO " . TINYIB_DBBANS . " (ip, timestamp, expire, reason) VALUES ('" . $db->escapeString(hashData($ban['ip'])) . "', " . time() . ", '" . $db->escapeString($ban['expire']) . "', '" . $db->escapeString($ban['reason']) . "')"); - return $db->lastInsertRowID(); -} - -function clearExpiredBans() { - global $db; - $result = $db->query("SELECT * FROM " . TINYIB_DBBANS . " WHERE expire > 0 AND expire <= " . time()); - while ($ban = $result->fetchArray()) { - $db->exec("DELETE FROM " . TINYIB_DBBANS . " WHERE id = " . $ban['id']); - } -} - -function deleteBanByID($id) { - global $db; - $db->exec("DELETE FROM " . TINYIB_DBBANS . " WHERE id = " . $db->escapeString($id)); -} - // Report functions function reportByIP($post, $ip) { global $db; diff --git a/inc/database/sqlite3_link.php b/inc/database/sqlite3_link.php index a5fb17f..783726b 100644 --- a/inc/database/sqlite3_link.php +++ b/inc/database/sqlite3_link.php @@ -12,7 +12,48 @@ if (!$db) { fancyDie("Could not connect to database: " . $db->lastErrorMsg()); } -// Create the posts table if it does not exist +// Create tables (when necessary) +$result = $db->query("SELECT name FROM sqlite_master WHERE type='table' AND name='" . TINYIB_DBACCOUNTS . "'"); +if (!$result->fetchArray()) { + $db->exec("CREATE TABLE " . TINYIB_DBACCOUNTS . " ( + id INTEGER PRIMARY KEY, + username TEXT NOT NULL, + password TEXT NOT NULL, + role INTEGER NOT NULL, + lastactive TIMESTAMP NOT NULL + )"); +} + +$result = $db->query("SELECT name FROM sqlite_master WHERE type='table' AND name='" . TINYIB_DBBANS . "'"); +if (!$result->fetchArray()) { + $db->exec("CREATE TABLE " . TINYIB_DBBANS . " ( + id INTEGER PRIMARY KEY, + ip TEXT NOT NULL, + timestamp TIMESTAMP NOT NULL, + expire TIMESTAMP NOT NULL, + reason TEXT NOT NULL + )"); +} + +$result = $db->query("SELECT name FROM sqlite_master WHERE type='table' AND name='" . TINYIB_DBKEYWORDS . "'"); +if (!$result->fetchArray()) { + $db->exec("CREATE TABLE " . TINYIB_DBKEYWORDS . " ( + id INTEGER PRIMARY KEY, + text TEXT NOT NULL, + action TEXT NOT NULL + )"); +} + +$result = $db->query("SELECT name FROM sqlite_master WHERE type='table' AND name='" . TINYIB_DBLOGS . "'"); +if (!$result->fetchArray()) { + $db->exec("CREATE TABLE " . TINYIB_DBLOGS . " ( + id INTEGER PRIMARY KEY, + timestamp TIMESTAMP NOT NULL, + account INTEGER NOT NULL, + message TEXT NOT NULL + )"); +} + $result = $db->query("SELECT name FROM sqlite_master WHERE type='table' AND name='" . TINYIB_DBPOSTS . "'"); if (!$result->fetchArray()) { $db->exec("CREATE TABLE " . TINYIB_DBPOSTS . " ( @@ -44,19 +85,6 @@ if (!$result->fetchArray()) { )"); } -// Create the bans table if it does not exist -$result = $db->query("SELECT name FROM sqlite_master WHERE type='table' AND name='" . TINYIB_DBBANS . "'"); -if (!$result->fetchArray()) { - $db->exec("CREATE TABLE " . TINYIB_DBBANS . " ( - id INTEGER PRIMARY KEY, - ip TEXT NOT NULL, - timestamp TIMESTAMP NOT NULL, - expire TIMESTAMP NOT NULL, - reason TEXT NOT NULL - )"); -} - -// Create the reports table if it does not exist $result = $db->query("SELECT name FROM sqlite_master WHERE type='table' AND name='" . TINYIB_DBREPORTS . "'"); if (!$result->fetchArray()) { $db->exec("CREATE TABLE " . TINYIB_DBREPORTS . " ( @@ -66,16 +94,6 @@ if (!$result->fetchArray()) { )"); } -// Create the keywords table if it does not exist -$result = $db->query("SELECT name FROM sqlite_master WHERE type='table' AND name='" . TINYIB_DBKEYWORDS . "'"); -if (!$result->fetchArray()) { - $db->exec("CREATE TABLE " . TINYIB_DBKEYWORDS . " ( - id INTEGER PRIMARY KEY, - text TEXT NOT NULL, - action TEXT NOT NULL - )"); -} - // Add moderated column if it isn't present @$db->exec("ALTER TABLE " . TINYIB_DBPOSTS . " ADD COLUMN moderated INTEGER NOT NULL DEFAULT '0'"); @@ -86,9 +104,9 @@ if (!$result->fetchArray()) { @$db->exec("ALTER TABLE " . TINYIB_DBPOSTS . " ADD COLUMN locked INTEGER NOT NULL DEFAULT '0'"); if (function_exists('insertPost')) { - function migratePost($post) { + function migrateAccount($account) { global $db; - $db->exec("INSERT INTO " . TINYIB_DBPOSTS . " (id, parent, timestamp, bumped, ip, name, tripcode, email, nameblock, subject, message, password, file, file_hex, file_original, file_size, file_size_formatted, image_width, image_height, thumb, thumb_width, thumb_height, moderated, stickied, locked) VALUES (" . $post['id'] . ", " . $post['parent'] . ", " . $post['timestamp'] . ", " . $post['bumped'] . ", '" . $db->escapeString($post['ip']) . "', '" . $db->escapeString($post['name']) . "', '" . $db->escapeString($post['tripcode']) . "', '" . $db->escapeString($post['email']) . "', '" . $db->escapeString($post['nameblock']) . "', '" . $db->escapeString($post['subject']) . "', '" . $db->escapeString($post['message']) . "', '" . $db->escapeString($post['password']) . "', '" . $post['file'] . "', '" . $post['file_hex'] . "', '" . $db->escapeString($post['file_original']) . "', " . $post['file_size'] . ", '" . $post['file_size_formatted'] . "', " . $post['image_width'] . ", " . $post['image_height'] . ", '" . $post['thumb'] . "', " . $post['thumb_width'] . ", " . $post['thumb_height'] . ", " . $post['moderated'] . ", " . $post['stickied'] . ", " . $post['locked'] . ")"); + $db->exec("INSERT INTO " . TINYIB_DBACCOUNTS . " (id, username, password, role, lastactive) VALUES (" . $db->escapeString($account['id']) . ", '" . $db->escapeString($account['username']) . "', " . $db->escapeString($account['password']) . ", " . $db->escapeString($account['role']) . ", '" . $db->escapeString($account['lastactive']) . "')"); } function migrateBan($ban) { @@ -96,13 +114,23 @@ if (function_exists('insertPost')) { $db->exec("INSERT INTO " . TINYIB_DBBANS . " (id, ip, timestamp, expire, reason) VALUES (" . $db->escapeString($ban['id']) . ", '" . $db->escapeString($ban['ip']) . "', " . $db->escapeString($ban['timestamp']) . ", " . $db->escapeString($ban['expire']) . ", '" . $db->escapeString($ban['reason']) . "')"); } - function migrateReport($report) { - global $db; - $db->exec("INSERT INTO " . TINYIB_DBREPORTS . " (id, ip, post) VALUES ('" . $db->escapeString($report['id']) . "', '" . $db->escapeString($report['ip']) . "', '" . $db->escapeString($report['post']) . "')"); - } - function migrateKeyword($keyword) { global $db; $db->exec("INSERT INTO " . TINYIB_DBKEYWORDS . " (id, text, action) VALUES ('" . $db->escapeString($keyword['id']) . "', '" . $db->escapeString($keyword['text']) . "', '" . $db->escapeString($keyword['action']) . "')"); } + + function migrateLog($log) { + global $db; + $db->exec("INSERT INTO " . TINYIB_DBLOGS . " (id, timestamp, account, message) VALUES ('" . $db->escapeString($log['id']) . "', '" . $db->escapeString($log['timestamp']) . "', '" . $db->escapeString($log['account']) . "', '" . $db->escapeString($log['message']) . "')"); + } + + function migratePost($post) { + global $db; + $db->exec("INSERT INTO " . TINYIB_DBPOSTS . " (id, parent, timestamp, bumped, ip, name, tripcode, email, nameblock, subject, message, password, file, file_hex, file_original, file_size, file_size_formatted, image_width, image_height, thumb, thumb_width, thumb_height, moderated, stickied, locked) VALUES (" . $post['id'] . ", " . $post['parent'] . ", " . $post['timestamp'] . ", " . $post['bumped'] . ", '" . $db->escapeString($post['ip']) . "', '" . $db->escapeString($post['name']) . "', '" . $db->escapeString($post['tripcode']) . "', '" . $db->escapeString($post['email']) . "', '" . $db->escapeString($post['nameblock']) . "', '" . $db->escapeString($post['subject']) . "', '" . $db->escapeString($post['message']) . "', '" . $db->escapeString($post['password']) . "', '" . $post['file'] . "', '" . $post['file_hex'] . "', '" . $db->escapeString($post['file_original']) . "', " . $post['file_size'] . ", '" . $post['file_size_formatted'] . "', " . $post['image_width'] . ", " . $post['image_height'] . ", '" . $post['thumb'] . "', " . $post['thumb_width'] . ", " . $post['thumb_height'] . ", " . $post['moderated'] . ", " . $post['stickied'] . ", " . $post['locked'] . ")"); + } + + function migrateReport($report) { + global $db; + $db->exec("INSERT INTO " . TINYIB_DBREPORTS . " (id, ip, post) VALUES ('" . $db->escapeString($report['id']) . "', '" . $db->escapeString($report['ip']) . "', '" . $db->escapeString($report['post']) . "')"); + } } diff --git a/inc/database/sqlite_link.php b/inc/database/sqlite_link.php index 8d24602..382e725 100644 --- a/inc/database/sqlite_link.php +++ b/inc/database/sqlite_link.php @@ -11,7 +11,48 @@ if (!$db = sqlite_open(TINYIB_DBPATH, 0666, $error)) { fancyDie("Could not connect to database: " . $error); } -// Create the posts table if it does not exist +// Create tables (when necessary) +$result = sqlite_query($db, "SELECT name FROM sqlite_master WHERE type='table' AND name='" . TINYIB_DBACCOUNTS . "'"); +if (sqlite_num_rows($result) == 0) { + sqlite_query($db, "CREATE TABLE " . TINYIB_DBACCOUNTS . " ( + id INTEGER PRIMARY KEY, + username TEXT NOT NULL, + password TEXT NOT NULL, + role INTEGER NOT NULL, + lastactive TIMESTAMP NOT NULL + )"); +} + +$result = sqlite_query($db, "SELECT name FROM sqlite_master WHERE type='table' AND name='" . TINYIB_DBBANS . "'"); +if (sqlite_num_rows($result) == 0) { + sqlite_query($db, "CREATE TABLE " . TINYIB_DBBANS . " ( + id INTEGER PRIMARY KEY, + ip TEXT NOT NULL, + timestamp TIMESTAMP NOT NULL, + expire TIMESTAMP NOT NULL, + reason TEXT NOT NULL + )"); +} + +$result = sqlite_query($db, "SELECT name FROM sqlite_master WHERE type='table' AND name='" . TINYIB_DBKEYWORDS . "'"); +if (sqlite_num_rows($result) == 0) { + sqlite_query($db, "CREATE TABLE " . TINYIB_DBKEYWORDS . " ( + id INTEGER PRIMARY KEY, + text TEXT NOT NULL, + action TEXT NOT NULL + )"); +} + +$result = sqlite_query($db, "SELECT name FROM sqlite_master WHERE type='table' AND name='" . TINYIB_DBLOGS . "'"); +if (sqlite_num_rows($result) == 0) { + sqlite_query($db, "CREATE TABLE " . TINYIB_DBLOGS . " ( + id INTEGER PRIMARY KEY, + timestamp TIMESTAMP NOT NULL, + account INTEGER NOT NULL, + message TEXT NOT NULL + )"); +} + $result = sqlite_query($db, "SELECT name FROM sqlite_master WHERE type='table' AND name='" . TINYIB_DBPOSTS . "'"); if (sqlite_num_rows($result) == 0) { sqlite_query($db, "CREATE TABLE " . TINYIB_DBPOSTS . " ( @@ -42,20 +83,6 @@ if (sqlite_num_rows($result) == 0) { locked INTEGER NOT NULL DEFAULT '0' )"); } - -// Create the bans table if it does not exist -$result = sqlite_query($db, "SELECT name FROM sqlite_master WHERE type='table' AND name='" . TINYIB_DBBANS . "'"); -if (sqlite_num_rows($result) == 0) { - sqlite_query($db, "CREATE TABLE " . TINYIB_DBBANS . " ( - id INTEGER PRIMARY KEY, - ip TEXT NOT NULL, - timestamp TIMESTAMP NOT NULL, - expire TIMESTAMP NOT NULL, - reason TEXT NOT NULL - )"); -} - -// Create the reports table if it does not exist $result = sqlite_query($db, "SELECT name FROM sqlite_master WHERE type='table' AND name='" . TINYIB_DBREPORTS . "'"); if (sqlite_num_rows($result) == 0) { sqlite_query($db, "CREATE TABLE " . TINYIB_DBREPORTS . " ( @@ -65,16 +92,6 @@ if (sqlite_num_rows($result) == 0) { )"); } -// Create the keywords table if it does not exist -$result = sqlite_query($db, "SELECT name FROM sqlite_master WHERE type='table' AND name='" . TINYIB_DBKEYWORDS . "'"); -if (sqlite_num_rows($result) == 0) { - sqlite_query($db, "CREATE TABLE " . TINYIB_DBKEYWORDS . " ( - id INTEGER PRIMARY KEY, - text TEXT NOT NULL, - action TEXT NOT NULL - )"); -} - // Add moderated column if it isn't present sqlite_query($db, "ALTER TABLE " . TINYIB_DBPOSTS . " ADD COLUMN moderated INTEGER NOT NULL DEFAULT '0'"); @@ -85,19 +102,27 @@ sqlite_query($db, "ALTER TABLE " . TINYIB_DBPOSTS . " ADD COLUMN stickied INTEGE sqlite_query($db, "ALTER TABLE " . TINYIB_DBPOSTS . " ADD COLUMN locked INTEGER NOT NULL DEFAULT '0'"); if (function_exists('insertPost')) { - function migratePost($post) { - sqlite_query($GLOBALS["db"], "INSERT INTO " . TINYIB_DBPOSTS . " (id, parent, timestamp, bumped, ip, name, tripcode, email, nameblock, subject, message, password, file, file_hex, file_original, file_size, file_size_formatted, image_width, image_height, thumb, thumb_width, thumb_height, moderated, stickied, locked) VALUES (" . $post['id'] . ", " . $post['parent'] . ", " . $post['timestamp'] . ", " . $post['bumped'] . ", '" . sqlite_escape_string($post['ip']) . "', '" . sqlite_escape_string($post['name']) . "', '" . sqlite_escape_string($post['tripcode']) . "', '" . sqlite_escape_string($post['email']) . "', '" . sqlite_escape_string($post['nameblock']) . "', '" . sqlite_escape_string($post['subject']) . "', '" . sqlite_escape_string($post['message']) . "', '" . sqlite_escape_string($post['password']) . "', '" . $post['file'] . "', '" . $post['file_hex'] . "', '" . sqlite_escape_string($post['file_original']) . "', " . $post['file_size'] . ", '" . $post['file_size_formatted'] . "', " . $post['image_width'] . ", " . $post['image_height'] . ", '" . $post['thumb'] . "', " . $post['thumb_width'] . ", " . $post['thumb_height'] . ", " . $post['moderated'] . ", " . $post['stickied'] . ", " . $post['locked'] . ")"); + function migrateAccount($account) { + sqlite_query($GLOBALS["db"], "INSERT INTO " . TINYIB_DBACCOUNTS . " (id, username, password, role, lastactive) VALUES (" . sqlite_escape_string($account['id']) . "', '" . sqlite_escape_string($account['username']) . "', '" . sqlite_escape_string($account['password']) . "', '" . sqlite_escape_string($account['role']) . "', '" . sqlite_escape_string($account['lastactive']) . "')"); } function migrateBan($ban) { sqlite_query($GLOBALS["db"], "INSERT INTO " . TINYIB_DBBANS . " (id, ip, timestamp, expire, reason) VALUES (" . sqlite_escape_string($ban['id']) . "', '" . sqlite_escape_string($ban['ip']) . "', '" . sqlite_escape_string($ban['timestamp']) . "', '" . sqlite_escape_string($ban['expire']) . "', '" . sqlite_escape_string($ban['reason']) . "')"); } - function migrateReport($report) { - sqlite_query($GLOBALS["db"], "INSERT INTO " . TINYIB_DBREPORTS . " (id, ip, post) VALUES ('" . sqlite_escape_string($report['id']) . "', '" . sqlite_escape_string($report['ip']) . "', '" . sqlite_escape_string($report['post']) . "')"); - } - function migrateKeyword($keyword) { sqlite_query($GLOBALS["db"], "INSERT INTO " . TINYIB_DBKEYWORDS . " (id, text, action) VALUES ('" . sqlite_escape_string($keyword['id']) . "', '" . sqlite_escape_string($keyword['text']) . "', '" . sqlite_escape_string($keyword['action']) . "')"); } + + function migrateLog($log) { + sqlite_query($GLOBALS["db"], "INSERT INTO " . TINYIB_DBLOGS . " (id, timestamp, account, message) VALUES ('" . sqlite_escape_string($log['id']) . "', '" . sqlite_escape_string($log['timestamp']) . "', '" . sqlite_escape_string($log['account']) . "', '" . sqlite_escape_string($log['message']) . "')"); + } + + function migratePost($post) { + sqlite_query($GLOBALS["db"], "INSERT INTO " . TINYIB_DBPOSTS . " (id, parent, timestamp, bumped, ip, name, tripcode, email, nameblock, subject, message, password, file, file_hex, file_original, file_size, file_size_formatted, image_width, image_height, thumb, thumb_width, thumb_height, moderated, stickied, locked) VALUES (" . $post['id'] . ", " . $post['parent'] . ", " . $post['timestamp'] . ", " . $post['bumped'] . ", '" . sqlite_escape_string($post['ip']) . "', '" . sqlite_escape_string($post['name']) . "', '" . sqlite_escape_string($post['tripcode']) . "', '" . sqlite_escape_string($post['email']) . "', '" . sqlite_escape_string($post['nameblock']) . "', '" . sqlite_escape_string($post['subject']) . "', '" . sqlite_escape_string($post['message']) . "', '" . sqlite_escape_string($post['password']) . "', '" . $post['file'] . "', '" . $post['file_hex'] . "', '" . sqlite_escape_string($post['file_original']) . "', " . $post['file_size'] . ", '" . $post['file_size_formatted'] . "', " . $post['image_width'] . ", " . $post['image_height'] . ", '" . $post['thumb'] . "', " . $post['thumb_width'] . ", " . $post['thumb_height'] . ", " . $post['moderated'] . ", " . $post['stickied'] . ", " . $post['locked'] . ")"); + } + + function migrateReport($report) { + sqlite_query($GLOBALS["db"], "INSERT INTO " . TINYIB_DBREPORTS . " (id, ip, post) VALUES ('" . sqlite_escape_string($report['id']) . "', '" . sqlite_escape_string($report['ip']) . "', '" . sqlite_escape_string($report['post']) . "')"); + } } diff --git a/inc/defines.php b/inc/defines.php index 882360f..8554e8c 100644 --- a/inc/defines.php +++ b/inc/defines.php @@ -8,6 +8,12 @@ define('TINYIB_INDEXPAGE', false); define('TINYIB_RESPAGE', true); define('TINYIB_WORDBREAK_IDENTIFIER', '@!@TINYIB_WORDBREAK@!@'); +// Account roles +define('TINYIB_SUPER_ADMINISTRATOR', 1); +define('TINYIB_ADMINISTRATOR', 2); +define('TINYIB_MODERATOR', 3); +define('TINYIB_DISABLED', 99); + // The following are provided for backward compatibility and should not be relied upon // Copy new settings from settings.default.php to settings.php if (!defined('TINYIB_LOCALE')) { @@ -94,12 +100,18 @@ if (!defined('TINYIB_DATEFMT')) { if (!defined('TINYIB_DBMIGRATE')) { define('TINYIB_DBMIGRATE', false); } +if (!defined('TINYIB_DBACCOUNTS')) { + define('TINYIB_DBACCOUNTS', 'accounts'); +} if (!defined('TINYIB_DBREPORTS')) { define('TINYIB_DBREPORTS', TINYIB_BOARD . '_reports'); } if (!defined('TINYIB_DBKEYWORDS')) { define('TINYIB_DBKEYWORDS', TINYIB_BOARD . '_keywords'); } +if (!defined('TINYIB_DBLOGS')) { + define('TINYIB_DBLOGS', 'logs'); +} if (!defined('TINYIB_DBPORT')) { define('TINYIB_DBPORT', 3306); } diff --git a/inc/functions.php b/inc/functions.php index 6dd7dd0..722ad09 100644 --- a/inc/functions.php +++ b/inc/functions.php @@ -11,9 +11,9 @@ if (!function_exists('array_column')) { } } -function hashData($data) { +function hashData($data, $force = false) { global $bcrypt_salt; - if (substr($data, 0, 4) == '$2y$') { + if (substr($data, 0, 4) == '$2y$' && !$force) { return $data; } return crypt($data, $bcrypt_salt); @@ -336,6 +336,7 @@ function checkMessageSize() { } function manageCheckLogIn($requireKey) { + $account = array(); $loggedin = false; $isadmin = false; @@ -344,40 +345,44 @@ function manageCheckLogIn($requireKey) { $key = $_SESSION['tinyib_key']; } if (TINYIB_MANAGEKEY != '' && $key !== hashData(TINYIB_MANAGEKEY)) { - $_SESSION['tinyib'] = ''; $_SESSION['tinyib_key'] = ''; + $_SESSION['tinyib_account'] = ''; session_destroy(); if ($requireKey) { fancyDie(__('Invalid key.')); } - return array($loggedin, $isadmin); + + return array($account, $loggedin, $isadmin); } - if (isset($_POST['managepassword'])) { + if (isset($_POST['username']) && isset($_POST['managepassword']) && $_POST['username'] != '' && $_POST['managepassword'] != '') { checkCAPTCHA(TINYIB_MANAGECAPTCHA); - if ($_POST['managepassword'] === TINYIB_ADMINPASS) { - $_SESSION['tinyib'] = hashData(TINYIB_ADMINPASS); - $_SESSION['tinyib_key'] = hashData(TINYIB_MANAGEKEY); - } elseif (TINYIB_MODPASS != '' && $_POST['managepassword'] === TINYIB_MODPASS) { - $_SESSION['tinyib'] = hashData(TINYIB_MODPASS); - $_SESSION['tinyib_key'] = hashData(TINYIB_MANAGEKEY); - } else { - fancyDie(__('Invalid password.')); + $account = accountByUsername($_POST['username']); + if (hashData($_POST['managepassword'], true) !== $account['password']) { + fancyDie(__('Invalid username or password.')); + } + $_SESSION['tinyib_key'] = hashData(TINYIB_MANAGEKEY); + $_SESSION['tinyib_username'] = $account['username']; + $_SESSION['tinyib_password'] = $account['password']; + } + + if (isset($_SESSION['tinyib_username']) && isset($_SESSION['tinyib_password'])) { + $a = accountByUsername($_SESSION['tinyib_username']); + if (!empty($a) && $a['password'] == $_SESSION['tinyib_password']) { + $account = $a; + $loggedin = true; + if ($account['role'] == TINYIB_SUPER_ADMINISTRATOR || $account['role'] == TINYIB_ADMINISTRATOR) { + $isadmin = true; + } + + $account['lastactive'] = time(); + updateAccount($account); } } - if (isset($_SESSION['tinyib'])) { - if ($_SESSION['tinyib'] === hashData(TINYIB_ADMINPASS)) { - $loggedin = true; - $isadmin = true; - } elseif (TINYIB_MODPASS != '' && $_SESSION['tinyib'] === hashData(TINYIB_MODPASS)) { - $loggedin = true; - } - } - - return array($loggedin, $isadmin); + return array($account, $loggedin, $isadmin); } function setParent() { diff --git a/inc/html.php b/inc/html.php index eaa7524..f61f98d 100644 --- a/inc/html.php +++ b/inc/html.php @@ -753,7 +753,7 @@ function rebuildThread($id) { } function adminBar() { - global $loggedin, $isadmin, $returnlink; + global $account, $loggedin, $isadmin, $returnlink; $return = '[' . __('Return') . ']'; if (!$loggedin) { @@ -765,6 +765,9 @@ function adminBar() { if (TINYIB_REPORT) { $output .= '' . __('Reports') . '] ['; } + if ($account['role'] == TINYIB_SUPER_ADMINISTRATOR) { + $output .= '' . __('Accounts') . '] ['; + } $output .= '' . __('Bans') . '] ['; $output .= '' . __('Keywords') . '] ['; } @@ -778,6 +781,7 @@ function adminBar() { if ($isadmin && TINYIB_DBMIGRATE) { $output .= '' . __('Migrate Database') . '] ['; } + $output .= '' . __('Change password') . '] ['; $output .= '' . __('Log Out') . '] · ' . $return; return $output; } @@ -812,6 +816,8 @@ function manageOnLoad($page) { return ' onload="document.tinyib.text.focus();"'; case 'rawpost': return ' onload="document.tinyib.message.focus();"'; + case 'accounts': + return ' onload="document.tinyib.username.focus();"'; case 'bans': return ' onload="document.tinyib.ip.focus();"'; } @@ -819,7 +825,7 @@ function manageOnLoad($page) { function manageLogInForm() { $txt_login = __('Log In'); - $txt_login_prompt = __('Enter an administrator or moderator password'); + $txt_login_prompt = __('Enter a username and password'); $captcha_inner_html = ''; if (TINYIB_MANAGECAPTCHA === 'hcaptcha') { $captcha_inner_html = ' @@ -857,7 +863,8 @@ function manageLogInForm() {
$txt_login_prompt @@ -935,6 +942,96 @@ function manageReportsPage($ip) { EOF; } +function manageChangePasswordForm() { + $txt_header = __('Change password'); + $txt_submit = __('Submit'); + return << +
+ $txt_header + + + +
+
+EOF; +} + +function manageAccountForm($id=0) { + $a = array( + 'id' => 0, + 'username' => '', + 'password' => '', + 'role' => 0, + ); + $txt_header = __('Add an account'); + $txt_password_hint = ''; + if ($id > 0){ + $txt_header = __('Update an account'); + $txt_password_hint = '(' . __('Leave blank to maintain current password') . ')'; + $a = accountByID($id); + } + + $a['id'] = htmlentities($a['id'], ENT_QUOTES); + $a['username'] = htmlentities($a['username'], ENT_QUOTES); + + $txt_username = __('Username'); + $txt_password = __('Password'); + $txt_role = __('Role'); + $return = << + +
+ $txt_header +
+ $txt_password_hint
+ + +
+
+EOF; + return $return; +} + +function manageAccountsTable() { + $text = ''; + $allaccounts = allAccounts(); + if (count($allaccounts) > 0) { + $text .= ''; + foreach ($allaccounts as $account) { + $lastactive = ($account['lastactive'] > 0) ? strftime(TINYIB_DATEFMT, $account['lastactive']) : __('Never'); + $text .= ''; + } + $text .= '
' . __('Username') . '' . __('Role') . '' . __('Last active') . ' 
' . htmlentities($account['username']) . ''; + switch (intval($account['role'])) { + case TINYIB_SUPER_ADMINISTRATOR: + $text .= __('Super-administrator'); + break; + case TINYIB_ADMINISTRATOR: + $text .= __('Administrator'); + break; + case TINYIB_MODERATOR: + $text .= __('Moderator'); + break; + case TINYIB_DISABLED: + $text .= __('Disabled'); + break; + } + $text .= '' . $lastactive . '' . __('update') . '
'; + } + return $text; +} + function manageBanForm() { $txt_ban = __('Add a ban'); $txt_ban_ip = __('IP Address'); diff --git a/locale/en/tinyib.po b/locale/en/tinyib.po index 554449a..e721f45 100644 --- a/locale/en/tinyib.po +++ b/locale/en/tinyib.po @@ -1,8 +1,8 @@ msgid "" msgstr "" "Project-Id-Version: \n" -"POT-Creation-Date: 2021-03-13 19:12-0800\n" -"PO-Revision-Date: 2021-03-13 19:12-0800\n" +"POT-Creation-Date: 2021-04-04 13:04-0700\n" +"PO-Revision-Date: 2021-04-04 13:05-0700\n" "Last-Translator: \n" "Language-Team: \n" "Language: en\n" @@ -17,219 +17,255 @@ msgstr "" "X-Poedit-SearchPath-1: inc/functions.php\n" "X-Poedit-SearchPath-2: inc/html.php\n" -#: imgboard.php:46 +#: imgboard.php:44 msgid "Click here to go back" msgstr "" -#: imgboard.php:72 imgboard.php:704 +#: imgboard.php:70 +msgid "TINYIB_TRIPSEED and TINYIB_ADMINPASS must be configured." +msgstr "" + +#: imgboard.php:74 +msgid "TINYIB_HCAPTCHA_SITE and TINYIB_HCAPTCHA_SECRET must be configured." +msgstr "" + +#: imgboard.php:78 +msgid "TINYIB_RECAPTCHA_SITE and TINYIB_RECAPTCHA_SECRET must be configured." +msgstr "" + +#: imgboard.php:89 imgboard.php:792 msgid "Unknown database mode specified." msgstr "" -#: imgboard.php:197 +#: imgboard.php:250 #, php-format msgid "Directory '%s' can not be written to. Please modify its permissions." msgstr "" -#: imgboard.php:207 -msgid "TINYIB_TRIPSEED and TINYIB_ADMINPASS must be configured." -msgstr "" - -#: imgboard.php:211 -msgid "TINYIB_HCAPTCHA_SITE and TINYIB_HCAPTCHA_SECRET must be configured." -msgstr "" - -#: imgboard.php:215 -msgid "TINYIB_RECAPTCHA_SITE and TINYIB_RECAPTCHA_SECRET must be configured." -msgstr "" - -#: imgboard.php:228 +#: imgboard.php:263 msgid "Posting is currently disabled.
Please try again in a few moments." msgstr "" -#: imgboard.php:258 inc/functions.php:382 +#: imgboard.php:294 inc/functions.php:392 msgid "Invalid parent thread ID supplied, unable to create post." msgstr "" -#: imgboard.php:260 +#: imgboard.php:296 msgid "Replies are not allowed to locked threads." msgstr "" -#: imgboard.php:322 +#: imgboard.php:358 msgid "Your post contains a blocked keyword." msgstr "" -#: imgboard.php:363 +#: imgboard.php:399 msgid "Embedding a URL and uploading a file at the same time is not supported." msgstr "" -#: imgboard.php:369 +#: imgboard.php:405 #, php-format msgid "Invalid embed URL. Only %s URLs are supported." msgstr "" -#: imgboard.php:374 imgboard.php:383 inc/functions.php:408 -#: inc/functions.php:657 +#: imgboard.php:410 imgboard.php:419 inc/functions.php:416 +#: inc/functions.php:665 #, php-format msgid "That file is larger than %s." msgstr "" -#: imgboard.php:379 imgboard.php:389 +#: imgboard.php:415 imgboard.php:425 msgid "Failed to download file at specified URL." msgstr "" -#: imgboard.php:411 +#: imgboard.php:447 msgid "Error while processing audio/video." msgstr "" -#: imgboard.php:418 inc/functions.php:742 inc/functions.php:753 +#: imgboard.php:454 inc/functions.php:750 inc/functions.php:761 msgid "Could not create thumbnail." msgstr "" -#: imgboard.php:441 +#: imgboard.php:477 msgid "upload a file or embed a URL" msgstr "" -#: imgboard.php:443 +#: imgboard.php:479 msgid "upload a file" msgstr "" -#: imgboard.php:445 +#: imgboard.php:481 msgid "embed a URL" msgstr "" -#: imgboard.php:448 +#: imgboard.php:484 #, php-format msgid "Please %s to start a new thread." msgstr "" -#: imgboard.php:454 +#: imgboard.php:490 #, php-format msgid "Please enter a message and/or %s." msgstr "" -#: imgboard.php:456 +#: imgboard.php:492 msgid "Please enter a message." msgstr "" -#: imgboard.php:458 +#: imgboard.php:494 #, php-format msgid "Please %s." msgstr "" -#: imgboard.php:461 +#: imgboard.php:497 #, php-format msgid "%s uploaded." msgstr "" -#: imgboard.php:466 +#: imgboard.php:502 #, php-format msgid "Your %s will be shown once it has been approved." msgstr "" -#: imgboard.php:484 +#: imgboard.php:520 msgid "Updating thread..." msgstr "" -#: imgboard.php:497 +#: imgboard.php:533 msgid "Updating index..." msgstr "" -#: imgboard.php:503 +#: imgboard.php:539 msgid "Automatic refreshing is disabled." msgstr "" -#: imgboard.php:528 imgboard.php:608 +#: imgboard.php:564 imgboard.php:644 msgid "Reporting is disabled." msgstr "" -#: imgboard.php:533 imgboard.php:574 +#: imgboard.php:569 imgboard.php:610 msgid "" "Sorry, an invalid post identifier was sent. Please go back, refresh the " "page, and try again." msgstr "" -#: imgboard.php:538 +#: imgboard.php:574 msgid "You have already submitted a report for that post." msgstr "" -#: imgboard.php:544 +#: imgboard.php:580 msgid "Post reported." msgstr "" -#: imgboard.php:548 +#: imgboard.php:584 msgid "Tick the box next to a post and click \"Delete\" to delete it." msgstr "" -#: imgboard.php:552 +#: imgboard.php:588 msgid "" "Post deletion is currently disabled.
Please try again in a few moments." msgstr "" -#: imgboard.php:569 +#: imgboard.php:605 msgid "Post deleted." msgstr "" -#: imgboard.php:571 inc/functions.php:362 +#: imgboard.php:607 msgid "Invalid password." msgstr "" -#: imgboard.php:605 +#: imgboard.php:641 msgid "Rebuilt board." msgstr "" -#: imgboard.php:618 +#: imgboard.php:649 +msgid "Access denied" +msgstr "" + +#: imgboard.php:660 +msgid "Account not found." +msgstr "" + +#: imgboard.php:664 imgboard.php:933 +msgid "This account may not be updated while TINYIB_ADMINPASS is set." +msgstr "" + +#: imgboard.php:666 imgboard.php:935 +msgid "This account may not be updated while TINYIB_MODPASS is set." +msgstr "" + +#: imgboard.php:672 imgboard.php:940 +msgid "A password is required." +msgstr "" + +#: imgboard.php:681 +msgid "Invalid role." +msgstr "" + +#: imgboard.php:686 +msgid "Added account" +msgstr "" + +#: imgboard.php:689 +msgid "Updated account" +msgstr "" + +#: imgboard.php:705 msgid "Sorry, there is already a ban on record for that IP address." msgstr "" -#: imgboard.php:631 +#: imgboard.php:718 #, php-format msgid "Ban record added for %s" msgstr "" -#: imgboard.php:637 +#: imgboard.php:724 #, php-format msgid "Ban record lifted for %s" msgstr "" -#: imgboard.php:652 +#: imgboard.php:739 msgid "Sorry, that keyword has already been added." msgstr "" -#: imgboard.php:661 +#: imgboard.php:748 msgid "Keyword updated." msgstr "" -#: imgboard.php:664 +#: imgboard.php:751 msgid "Keyword added." msgstr "" -#: imgboard.php:668 +#: imgboard.php:755 msgid "Keyword deleted." msgstr "" -#: imgboard.php:740 +#: imgboard.php:856 #, php-format msgid "Post No.%d deleted." msgstr "" -#: imgboard.php:742 imgboard.php:758 imgboard.php:767 imgboard.php:782 -#: imgboard.php:796 imgboard.php:809 +#: imgboard.php:858 imgboard.php:874 imgboard.php:883 imgboard.php:898 +#: imgboard.php:912 imgboard.php:925 msgid "Sorry, there doesn't appear to be a post with that ID." msgstr "" -#: imgboard.php:756 +#: imgboard.php:872 #, php-format msgid "Post No.%d approved." msgstr "" -#: imgboard.php:785 imgboard.php:799 +#: imgboard.php:901 imgboard.php:915 msgid "Form data was lost. Please go back and try again." msgstr "" -#: imgboard.php:807 +#: imgboard.php:923 msgid "Reports cleared." msgstr "" +#: imgboard.php:946 +msgid "Password updated" +msgstr "" + #: inc/functions.php:291 msgid "Please enter the CAPTCHA text." msgstr "" @@ -247,592 +283,657 @@ msgid "" "%1$d characters long, and the maximum allowed is %2$d." msgstr "" -#: inc/functions.php:347 +#: inc/functions.php:353 msgid "Invalid key." msgstr "" -#: inc/functions.php:411 +#: inc/functions.php:364 +msgid "Invalid username or password." +msgstr "" + +#: inc/functions.php:419 #, php-format msgid "" "The uploaded file exceeds the upload_max_filesize directive (%s) in php.ini." msgstr "" -#: inc/functions.php:414 +#: inc/functions.php:422 msgid "The uploaded file was only partially uploaded." msgstr "" -#: inc/functions.php:417 +#: inc/functions.php:425 msgid "No file was uploaded." msgstr "" -#: inc/functions.php:420 +#: inc/functions.php:428 msgid "Missing a temporary folder." msgstr "" -#: inc/functions.php:423 +#: inc/functions.php:431 msgid "Failed to write file to disk" msgstr "" -#: inc/functions.php:426 +#: inc/functions.php:434 msgid "Unable to save the uploaded file." msgstr "" -#: inc/functions.php:434 +#: inc/functions.php:442 #, php-format msgid "" "Duplicate file uploaded. That file has already been posted here." msgstr "" -#: inc/functions.php:465 +#: inc/functions.php:473 msgid "" "Unable to read the uploaded file while creating its thumbnail. A common " "cause for this is an incorrect extension when the file is actually of a " "different type." msgstr "" -#: inc/functions.php:651 +#: inc/functions.php:659 msgid "File transfer failure. Please retry the submission." msgstr "" -#: inc/functions.php:673 +#: inc/functions.php:681 msgid "" "Failed to read the MIME type and size of the uploaded file. Please retry the " "submission." msgstr "" -#: inc/functions.php:687 inc/functions.php:692 +#: inc/functions.php:695 inc/functions.php:700 msgid "Could not copy uploaded file." msgstr "" -#: inc/functions.php:698 +#: inc/functions.php:706 msgid "File transfer failure. Please go back and try again." msgstr "" -#: inc/functions.php:717 +#: inc/functions.php:725 msgid "Sorry, your video appears to be corrupt." msgstr "" -#: inc/html.php:63 +#: inc/html.php:67 #, php-format msgid "Supported file type is %s" msgstr "" -#: inc/html.php:66 +#: inc/html.php:70 #, php-format msgid "Supported file types are %1$s and %2$s." msgstr "" -#: inc/html.php:83 inc/html.php:941 inc/html.php:979 +#: inc/html.php:87 inc/html.php:947 inc/html.php:995 inc/html.php:1042 +#: inc/html.php:1080 msgid "Submit" msgstr "" -#: inc/html.php:118 +#: inc/html.php:122 msgid "Reply to" msgstr "" -#: inc/html.php:119 +#: inc/html.php:123 msgid "0 to start a new thread" msgstr "" -#: inc/html.php:120 +#: inc/html.php:124 msgid "" "Text entered in the Message field will be posted as is with no formatting " "applied." msgstr "" -#: inc/html.php:121 +#: inc/html.php:125 msgid "Line-breaks must be specified with \"<br>\"." msgstr "" -#: inc/html.php:182 inc/html.php:847 +#: inc/html.php:186 inc/html.php:857 msgid "(enter the text below)" msgstr "" -#: inc/html.php:186 +#: inc/html.php:190 msgid "CAPTCHA" msgstr "" -#: inc/html.php:202 +#: inc/html.php:206 #, php-format msgid "Maximum file size allowed is %s." msgstr "" -#: inc/html.php:207 +#: inc/html.php:211 msgid "File" msgstr "" -#: inc/html.php:222 +#: inc/html.php:226 msgid "Embed" msgstr "" -#: inc/html.php:225 +#: inc/html.php:229 msgid "(paste a YouTube URL)" msgstr "" -#: inc/html.php:240 +#: inc/html.php:244 msgid "All posts are moderated before being shown." msgstr "" -#: inc/html.php:242 +#: inc/html.php:246 msgid "All posts with a file attached are moderated before being shown." msgstr "" -#: inc/html.php:252 +#: inc/html.php:256 #, php-format msgid "Images greater than %s will be thumbnailed." msgstr "" -#: inc/html.php:257 +#: inc/html.php:261 #, php-format msgid "Currently %s unique user posts." msgstr "" -#: inc/html.php:270 +#: inc/html.php:274 msgid "Name" msgstr "" -#: inc/html.php:284 +#: inc/html.php:288 msgid "E-mail" msgstr "" -#: inc/html.php:298 +#: inc/html.php:302 msgid "Subject" msgstr "" -#: inc/html.php:312 +#: inc/html.php:316 msgid "Message" msgstr "" -#: inc/html.php:331 inc/html.php:607 +#: inc/html.php:335 inc/html.php:611 inc/html.php:979 msgid "Password" msgstr "" -#: inc/html.php:332 +#: inc/html.php:336 msgid "(for post and file deletion)" msgstr "" -#: inc/html.php:383 inc/html.php:1154 inc/html.php:1181 +#: inc/html.php:387 inc/html.php:1255 inc/html.php:1282 msgid "Report" msgstr "" -#: inc/html.php:395 +#: inc/html.php:399 msgid "Stickied" msgstr "" -#: inc/html.php:399 +#: inc/html.php:403 msgid "Locked" msgstr "" -#: inc/html.php:412 +#: inc/html.php:416 msgid "Embed:" msgstr "" -#: inc/html.php:412 +#: inc/html.php:416 msgid "File:" msgstr "" -#: inc/html.php:509 +#: inc/html.php:513 msgid "Reply" msgstr "" -#: inc/html.php:515 +#: inc/html.php:519 msgid "Post truncated. Click Reply to view." msgstr "" -#: inc/html.php:526 +#: inc/html.php:530 msgid "1 post omitted. Click Reply to view." msgstr "" -#: inc/html.php:528 +#: inc/html.php:532 #, php-format msgid "%d posts omitted. Click Reply to view." msgstr "" -#: inc/html.php:544 inc/html.php:579 inc/html.php:591 +#: inc/html.php:548 inc/html.php:583 inc/html.php:595 msgid "Catalog" msgstr "" -#: inc/html.php:545 +#: inc/html.php:549 msgid "Manage" msgstr "" -#: inc/html.php:554 +#: inc/html.php:558 msgid "Previous" msgstr "" -#: inc/html.php:567 +#: inc/html.php:571 msgid "Next" msgstr "" -#: inc/html.php:591 inc/html.php:593 inc/html.php:754 +#: inc/html.php:595 inc/html.php:597 inc/html.php:758 msgid "Return" msgstr "" -#: inc/html.php:593 +#: inc/html.php:597 msgid "Posting mode: Reply" msgstr "" -#: inc/html.php:606 +#: inc/html.php:610 msgid "Style" msgstr "" -#: inc/html.php:608 inc/html.php:1156 inc/html.php:1184 inc/html.php:1208 -#: inc/html.php:1253 +#: inc/html.php:612 inc/html.php:1257 inc/html.php:1285 inc/html.php:1309 +#: inc/html.php:1354 msgid "Delete" msgstr "" -#: inc/html.php:609 +#: inc/html.php:613 msgid "Delete Post" msgstr "" -#: inc/html.php:759 inc/html.php:1296 +#: inc/html.php:763 inc/html.php:1397 msgid "Status" msgstr "" -#: inc/html.php:762 +#: inc/html.php:766 msgid "Reports" msgstr "" -#: inc/html.php:764 +#: inc/html.php:769 +msgid "Accounts" +msgstr "" + +#: inc/html.php:771 msgid "Bans" msgstr "" -#: inc/html.php:765 inc/html.php:1141 +#: inc/html.php:772 inc/html.php:1242 msgid "Keywords" msgstr "" -#: inc/html.php:767 +#: inc/html.php:774 msgid "Moderate Post" msgstr "" -#: inc/html.php:767 +#: inc/html.php:774 msgid "Raw Post" msgstr "" -#: inc/html.php:769 +#: inc/html.php:776 msgid "Rebuild All" msgstr "" -#: inc/html.php:772 inc/html.php:1143 +#: inc/html.php:779 inc/html.php:1244 msgid "Update" msgstr "" -#: inc/html.php:775 +#: inc/html.php:782 msgid "Migrate Database" msgstr "" -#: inc/html.php:777 +#: inc/html.php:784 inc/html.php:946 +msgid "Change password" +msgstr "" + +#: inc/html.php:785 msgid "Log Out" msgstr "" -#: inc/html.php:783 +#: inc/html.php:791 msgid "Manage mode" msgstr "" -#: inc/html.php:817 +#: inc/html.php:827 msgid "Log In" msgstr "" -#: inc/html.php:818 -msgid "Enter an administrator or moderator password" +#: inc/html.php:828 +msgid "Enter a username and password" msgstr "" -#: inc/html.php:892 +#: inc/html.php:903 msgid "Reported posts" msgstr "" -#: inc/html.php:895 +#: inc/html.php:906 #, php-format msgid "%1$d report by %2$s" msgstr "" -#: inc/html.php:897 +#: inc/html.php:908 #, php-format msgid "%1$d reports by %2$s" msgstr "" -#: inc/html.php:911 +#: inc/html.php:922 #, php-format msgid "%d reports" msgstr "" -#: inc/html.php:914 +#: inc/html.php:925 #, php-format msgid "Reported by %s" msgstr "" -#: inc/html.php:917 inc/html.php:1283 +#: inc/html.php:928 inc/html.php:1384 msgid "Moderate" msgstr "" -#: inc/html.php:921 +#: inc/html.php:932 msgid "There are currently no reported posts." msgstr "" -#: inc/html.php:935 +#: inc/html.php:967 +msgid "Add an account" +msgstr "" + +#: inc/html.php:970 +msgid "Update an account" +msgstr "" + +#: inc/html.php:971 +msgid "Leave blank to maintain current password" +msgstr "" + +#: inc/html.php:978 inc/html.php:1010 +msgid "Username" +msgstr "" + +#: inc/html.php:980 inc/html.php:1010 +msgid "Role" +msgstr "" + +#: inc/html.php:990 +msgid "Choose a role" +msgstr "" + +#: inc/html.php:991 inc/html.php:1016 +msgid "Super-administrator" +msgstr "" + +#: inc/html.php:992 inc/html.php:1019 +msgid "Administrator" +msgstr "" + +#: inc/html.php:993 inc/html.php:1022 +msgid "Moderator" +msgstr "" + +#: inc/html.php:994 inc/html.php:1025 +msgid "Disabled" +msgstr "" + +#: inc/html.php:1010 +msgid "Last active" +msgstr "" + +#: inc/html.php:1012 +msgid "Never" +msgstr "" + +#: inc/html.php:1028 +msgid "update" +msgstr "" + +#: inc/html.php:1036 msgid "Add a ban" msgstr "" -#: inc/html.php:936 inc/html.php:965 +#: inc/html.php:1037 inc/html.php:1066 msgid "IP Address" msgstr "" -#: inc/html.php:937 +#: inc/html.php:1038 msgid "Expire(sec)" msgstr "" -#: inc/html.php:938 inc/html.php:965 +#: inc/html.php:1039 inc/html.php:1066 msgid "Reason" msgstr "" -#: inc/html.php:939 +#: inc/html.php:1040 msgid "never" msgstr "" -#: inc/html.php:940 +#: inc/html.php:1041 msgid "optional" msgstr "" -#: inc/html.php:942 +#: inc/html.php:1043 msgid "1 hour" msgstr "" -#: inc/html.php:943 +#: inc/html.php:1044 msgid "1 day" msgstr "" -#: inc/html.php:944 +#: inc/html.php:1045 msgid "2 days" msgstr "" -#: inc/html.php:945 +#: inc/html.php:1046 msgid "1 week" msgstr "" -#: inc/html.php:946 +#: inc/html.php:1047 msgid "2 weeks" msgstr "" -#: inc/html.php:947 +#: inc/html.php:1048 msgid "1 month" msgstr "" -#: inc/html.php:965 +#: inc/html.php:1066 msgid "Set At" msgstr "" -#: inc/html.php:965 +#: inc/html.php:1066 msgid "Expires" msgstr "" -#: inc/html.php:967 +#: inc/html.php:1068 msgid "Does not expire" msgstr "" -#: inc/html.php:969 +#: inc/html.php:1070 msgid "lift" msgstr "" -#: inc/html.php:977 +#: inc/html.php:1078 msgid "Moderate a post" msgstr "" -#: inc/html.php:978 +#: inc/html.php:1079 msgid "Post ID" msgstr "" -#: inc/html.php:980 +#: inc/html.php:1081 msgid "Tip:" msgstr "" -#: inc/html.php:981 +#: inc/html.php:1082 msgid "" "While browsing the image board, you can easily moderate a post if you are " "logged in." msgstr "" -#: inc/html.php:982 +#: inc/html.php:1083 msgid "" "Tick the box next to a post and click \"Delete\" at the bottom of the page " "with a blank password." msgstr "" -#: inc/html.php:1001 +#: inc/html.php:1102 #, php-format msgid " A ban record already exists for %s" msgstr "" -#: inc/html.php:1004 +#: inc/html.php:1105 msgid "Only an administrator may ban an IP address." msgstr "" -#: inc/html.php:1006 +#: inc/html.php:1107 #, php-format msgid "IP address: %s" msgstr "" -#: inc/html.php:1009 +#: inc/html.php:1110 msgid "This will delete the entire thread below." msgstr "" -#: inc/html.php:1009 +#: inc/html.php:1110 msgid "This will delete the post below." msgstr "" -#: inc/html.php:1010 +#: inc/html.php:1111 msgid "Thread" msgstr "" -#: inc/html.php:1010 +#: inc/html.php:1111 msgid "Post" msgstr "" -#: inc/html.php:1016 +#: inc/html.php:1117 msgid "Un-sticky" msgstr "" -#: inc/html.php:1016 +#: inc/html.php:1117 msgid "Sticky" msgstr "" -#: inc/html.php:1017 +#: inc/html.php:1118 msgid "Return this thread to a normal state." msgstr "" -#: inc/html.php:1017 +#: inc/html.php:1118 msgid "Keep this thread at the top of the board." msgstr "" -#: inc/html.php:1031 +#: inc/html.php:1132 msgid "Unlock" msgstr "" -#: inc/html.php:1031 +#: inc/html.php:1132 msgid "Lock" msgstr "" -#: inc/html.php:1032 +#: inc/html.php:1133 msgid "Allow replying to this thread." msgstr "" -#: inc/html.php:1032 +#: inc/html.php:1133 msgid "Disallow replying to this thread." msgstr "" -#: inc/html.php:1053 +#: inc/html.php:1154 #, php-format msgid "Moderating No.%d" msgstr "" -#: inc/html.php:1054 inc/html.php:1176 +#: inc/html.php:1155 inc/html.php:1277 msgid "Action" msgstr "" -#: inc/html.php:1056 +#: inc/html.php:1157 msgid "Delete thread" msgstr "" -#: inc/html.php:1058 +#: inc/html.php:1159 msgid "Delete post" msgstr "" -#: inc/html.php:1060 +#: inc/html.php:1161 msgid "Ban poster" msgstr "" -#: inc/html.php:1065 +#: inc/html.php:1166 msgid "Clear reports" msgstr "" -#: inc/html.php:1066 inc/html.php:1223 +#: inc/html.php:1167 inc/html.php:1324 msgid "report" msgstr "" -#: inc/html.php:1066 inc/html.php:1223 +#: inc/html.php:1167 inc/html.php:1324 msgid "reports" msgstr "" -#: inc/html.php:1134 +#: inc/html.php:1235 msgid "Sorry, there doesn't appear to be a keyword with that ID." msgstr "" -#: inc/html.php:1140 inc/html.php:1176 +#: inc/html.php:1241 inc/html.php:1277 msgid "Keyword" msgstr "" -#: inc/html.php:1142 +#: inc/html.php:1243 msgid "Action:" msgstr "" -#: inc/html.php:1143 +#: inc/html.php:1244 msgid "Add" msgstr "" -#: inc/html.php:1157 inc/html.php:1190 +#: inc/html.php:1258 inc/html.php:1291 msgid "Delete and ban for 1 hour" msgstr "" -#: inc/html.php:1158 inc/html.php:1193 +#: inc/html.php:1259 inc/html.php:1294 msgid "Delete and ban for 1 day" msgstr "" -#: inc/html.php:1159 inc/html.php:1196 +#: inc/html.php:1260 inc/html.php:1297 msgid "Delete and ban for 2 days" msgstr "" -#: inc/html.php:1160 inc/html.php:1199 +#: inc/html.php:1261 inc/html.php:1300 msgid "Delete and ban for 1 week" msgstr "" -#: inc/html.php:1161 inc/html.php:1202 +#: inc/html.php:1262 inc/html.php:1303 msgid "Delete and ban for 2 weeks" msgstr "" -#: inc/html.php:1162 inc/html.php:1205 +#: inc/html.php:1263 inc/html.php:1306 msgid "Delete and ban for 1 month" msgstr "" -#: inc/html.php:1163 inc/html.php:1187 +#: inc/html.php:1264 inc/html.php:1288 msgid "Delete and ban permanently" msgstr "" -#: inc/html.php:1208 +#: inc/html.php:1309 msgid "Edit" msgstr "" -#: inc/html.php:1221 +#: inc/html.php:1322 msgid "thread" msgstr "" -#: inc/html.php:1221 +#: inc/html.php:1322 msgid "threads" msgstr "" -#: inc/html.php:1225 +#: inc/html.php:1326 msgid "ban" msgstr "" -#: inc/html.php:1225 +#: inc/html.php:1326 msgid "bans" msgstr "" -#: inc/html.php:1249 +#: inc/html.php:1350 msgid "Approve" msgstr "" -#: inc/html.php:1251 +#: inc/html.php:1352 msgid "More Info" msgstr "" -#: inc/html.php:1259 +#: inc/html.php:1360 msgid "Pending posts" msgstr "" -#: inc/html.php:1275 +#: inc/html.php:1376 msgid "Recent posts" msgstr "" -#: inc/html.php:1297 +#: inc/html.php:1398 msgid "Info" msgstr "" diff --git a/settings.default.php b/settings.default.php index 2e68bac..badca7f 100644 --- a/settings.default.php +++ b/settings.default.php @@ -18,13 +18,6 @@ click Rebuild All in the management panel. // Internationalization define('TINYIB_LOCALE', ''); // Locale (see README for instructions) -// Management panel -define('TINYIB_MANAGEKEY', ''); // When set, the [Manage] link is hidden and the management panel may only be accessed via imgboard.php?manage=TINYIB_MANAGEKEY ['' to disable] - -// Administrator/moderator credentials -define('TINYIB_ADMINPASS', ''); // Administrators have full access to the board -define('TINYIB_MODPASS', ''); // Moderators only have access to delete (and moderate if TINYIB_REQMOD is set) posts ['' to disable] - // Board description and behavior // Warning: Enabling reCAPTCHA will cause all visitors to be tracked by Google. See https://nearcyan.com/you-probably-dont-need-recaptcha/ define('TINYIB_BOARD', 'b'); // Unique identifier for this board using only letters and numbers @@ -118,15 +111,30 @@ define('TINYIB_HCAPTCHA_SECRET', ''); // Secret key define('TINYIB_RECAPTCHA_SITE', ''); // Site key define('TINYIB_RECAPTCHA_SECRET', '');// Secret key +// Management panel +define('TINYIB_MANAGEKEY', ''); // When set, the [Manage] link is hidden and the management panel may only be accessed via imgboard.php?manage=TINYIB_MANAGEKEY ['' to disable] +// Administrator and moderator passwords +// When TINYIB_ADMINPASS is set, an administrator account is created with username "admin" +// When TINYIB_MODPASS is set, a moderator account is created with username "moderator" +// These settings are for installation and anti-lockout purposes only +// Once the account(s) are created, blank both of these settings +define('TINYIB_ADMINPASS', ''); // Administrator password +define('TINYIB_MODPASS', ''); // Moderator password ['' to disable] + // Database // Recommended database modes from best to worst: // pdo, mysqli, mysql, sqlite3, sqlite (deprecated), flatfile (only useful if you need portability or lack any kind of database) define('TINYIB_DBMODE', 'flatfile'); // Mode -define('TINYIB_DBMIGRATE', false); // Enable database migration tool (see README for instructions) -define('TINYIB_DBBANS', 'bans'); // Bans table name (use the same table across boards for global bans) -define('TINYIB_DBKEYWORDS', 'keywords'); // Keywords table name (use the same table across boards for global keywords) -define('TINYIB_DBPOSTS', TINYIB_BOARD . '_posts'); // Posts table name -define('TINYIB_DBREPORTS', TINYIB_BOARD . '_reports'); // Reports table name +// Table names +// Use the same table name across boards for global accounts, bans, etc. +define('TINYIB_DBACCOUNTS', 'accounts'); // Staff accounts +define('TINYIB_DBBANS', 'bans'); // Bans +define('TINYIB_DBKEYWORDS', 'keywords'); // Keywords +define('TINYIB_DBLOGS', 'logs'); // Staff logs +define('TINYIB_DBPOSTS', TINYIB_BOARD . '_posts'); // Posts +define('TINYIB_DBREPORTS', TINYIB_BOARD . '_reports'); // Reports +// See README for migration instructions +define('TINYIB_DBMIGRATE', false); // Enable database migration tool // Database configuration - MySQL / pgSQL // The following only apply when TINYIB_DBMODE is set to mysql, mysqli or pdo with default (blank) TINYIB_DBDSN