Add TINYIB_REQMOD setting, allowing moderation to be required for new posts
This commit is contained in:
Trevor Slocum
parent
4559c24236
commit
2f54b75570
|
|
@ -9,6 +9,8 @@ To allow new threads without requiring an image, see the [Text Board Mode](https
|
|||
|
||||
For demos see the [TinyIB Installations](https://github.com/tslocum/TinyIB/wiki) page. [](http://githalytics.com/tslocum/TinyIB)
|
||||
|
||||
**Note to those who have recently upgraded:** Are you unable to create new posts? Run the SQL on [this page](https://github.com/tslocum/TinyIB/wiki/NewSQLStructure) to finish the upgrade process.
|
||||
|
||||
Features
|
||||
------------
|
||||
- GIF, JPG, PNG, SWF and WebA/WebM upload.
|
||||
|
|
@ -16,7 +18,7 @@ Features
|
|||
- Delete post via password.
|
||||
- Management panel:
|
||||
- Administrators and moderators use separate passwords.
|
||||
- Moderators are only able to delete posts.
|
||||
- Moderators are only able to delete posts, or approve them when necessary. (See ``TINYIB_REQMOD``)
|
||||
- Ban offensive/abusive posters across all boards.
|
||||
- Post using raw HTML.
|
||||
- Upgrade automatically when installed via git. (Tested on Linux only)
|
||||
|
|
@ -38,6 +40,11 @@ Installing
|
|||
- Ensure your web host is running Linux.
|
||||
- Install [mediainfo](http://mediaarea.net/en/MediaInfo) and [ffmpegthumbnailer](https://code.google.com/p/ffmpegthumbnailer/). On Ubuntu, run ``sudo apt-get install mediainfo ffmpegthumbnailer``.
|
||||
- Set ``TINYIB_WEBM`` to ``true``.
|
||||
- To require moderation before displaying posts:
|
||||
- Ensure your ``TINYIB_DBMODE`` is set to ``mysql``, ``mysqli``, or ``pdo``.
|
||||
- Set ``TINYIB_REQMOD`` to ``files`` to require moderation for posts with files attached.
|
||||
- Set ``TINYIB_REQMOD`` to ``all`` to require moderation for all posts.
|
||||
- Moderate posts by visiting the management panel.
|
||||
- When setting ``TINYIB_DBMODE`` to ``pdo``, note that PDO mode has been tested on **MySQL databases only**. Theoretically it will work with any applicable driver, but this is not guaranteed. If you use an alternative driver, please report back regarding how it works.
|
||||
6. [CHMOD](http://en.wikipedia.org/wiki/Chmod) write permissions to these directories:
|
||||
- ./ (the directory containing TinyIB)
|
||||
|
|
|
|||
64
imgboard.php
64
imgboard.php
|
|
@ -238,28 +238,37 @@ if (isset($_POST['message']) || isset($_POST['file'])) {
|
|||
echo $post['file_original'] . ' uploaded.<br>';
|
||||
}
|
||||
|
||||
if (!$loggedin && (($post['file'] != '' && TINYIB_REQMOD == 'files') || TINYIB_REQMOD == 'all')) {
|
||||
$post['moderated'] = '0';
|
||||
echo 'Your ' . ($post['parent'] == TINYIB_NEWTHREAD ? 'thread' : 'post') . ' will be shown <b>once it has been approved</b>.<br>';
|
||||
$slow_redirect = true;
|
||||
}
|
||||
|
||||
$post['id'] = insertPost($post);
|
||||
if (strtolower($post['email']) == 'noko') {
|
||||
$redirect = 'res/' . ($post['parent'] == TINYIB_NEWTHREAD ? $post['id'] : $post['parent']) . '.html#' . $post['id'];
|
||||
}
|
||||
|
||||
trimThreads();
|
||||
|
||||
echo 'Updating thread...<br>';
|
||||
if ($post['parent'] != TINYIB_NEWTHREAD) {
|
||||
rebuildThread($post['parent']);
|
||||
|
||||
if (strtolower($post['email']) != 'sage') {
|
||||
if (TINYIB_MAXREPLIES == 0 || numRepliesToThreadByID($post['parent']) <= TINYIB_MAXREPLIES) {
|
||||
bumpThreadByID($post['parent']);
|
||||
}
|
||||
if ($post['moderated'] == '1') {
|
||||
if (strtolower($post['email']) == 'noko') {
|
||||
$redirect = 'res/' . ($post['parent'] == TINYIB_NEWTHREAD ? $post['id'] : $post['parent']) . '.html#' . $post['id'];
|
||||
}
|
||||
} else {
|
||||
rebuildThread($post['id']);
|
||||
}
|
||||
|
||||
echo 'Updating index...<br>';
|
||||
rebuildIndexes();
|
||||
trimThreads();
|
||||
|
||||
echo 'Updating thread...<br>';
|
||||
if ($post['parent'] != TINYIB_NEWTHREAD) {
|
||||
rebuildThread($post['parent']);
|
||||
|
||||
if (strtolower($post['email']) != 'sage') {
|
||||
if (TINYIB_MAXREPLIES == 0 || numRepliesToThreadByID($post['parent']) <= TINYIB_MAXREPLIES) {
|
||||
bumpThreadByID($post['parent']);
|
||||
}
|
||||
}
|
||||
} else {
|
||||
rebuildThread($post['id']);
|
||||
}
|
||||
|
||||
echo 'Updating index...<br>';
|
||||
rebuildIndexes();
|
||||
}
|
||||
// Check if the request is to delete a post and/or its associated image
|
||||
} elseif (isset($_GET['delete']) && !isset($_GET['manage'])) {
|
||||
if (!isset($_POST['delete'])) {
|
||||
|
|
@ -432,6 +441,23 @@ if (isset($_POST['message']) || isset($_POST['file'])) {
|
|||
} else {
|
||||
fancyDie("Sorry, there doesn't appear to be a post with that ID.");
|
||||
}
|
||||
} elseif (isset($_GET['approve'])) {
|
||||
if ($_GET['approve'] > 0) {
|
||||
$post = postByID($_GET['approve']);
|
||||
if ($post) {
|
||||
approvePostByID($post['id']);
|
||||
$thread_id = $post['parent'] == TINYIB_NEWTHREAD ? $post['id'] : $post['parent'];
|
||||
|
||||
if (strtolower($post['email']) != 'sage' && (TINYIB_MAXREPLIES == 0 || numRepliesToThreadByID($thread_id) <= TINYIB_MAXREPLIES)) {
|
||||
bumpThreadByID($thread_id);
|
||||
}
|
||||
threadUpdated($thread_id);
|
||||
|
||||
$text .= manageInfo('Post No.' . $post['id'] . ' approved.');
|
||||
} else {
|
||||
fancyDie("Sorry, there doesn't appear to be a post with that ID.");
|
||||
}
|
||||
}
|
||||
} elseif (isset($_GET['moderate'])) {
|
||||
if ($_GET['moderate'] > 0) {
|
||||
$post = postByID($_GET['moderate']);
|
||||
|
|
@ -466,5 +492,5 @@ if (isset($_POST['message']) || isset($_POST['file'])) {
|
|||
}
|
||||
|
||||
if ($redirect) {
|
||||
echo '--> --> --><meta http-equiv="refresh" content="0;url=' . (is_string($redirect) ? $redirect : 'index.html') . '">';
|
||||
echo '--> --> --><meta http-equiv="refresh" content="' . (isset($slow_redirect) ? '3' : '0') . ';url=' . (is_string($redirect) ? $redirect : 'index.html') . '">';
|
||||
}
|
||||
|
|
|
|||
|
|
@ -150,7 +150,7 @@ function numRepliesToThreadByID($id) {
|
|||
return count($rows);
|
||||
}
|
||||
|
||||
function postsInThreadByID($id) {
|
||||
function postsInThreadByID($id, $moderated_only = true) {
|
||||
$compClause = new OrWhereClause();
|
||||
$compClause->add(new SimpleWhereClause(POST_ID, '=', $id, INTEGER_COMPARISON));
|
||||
$compClause->add(new SimpleWhereClause(POST_PARENT, '=', $id, INTEGER_COMPARISON));
|
||||
|
|
@ -164,13 +164,13 @@ function postsByHex($hex) {
|
|||
return convertPostsToSQLStyle($rows);
|
||||
}
|
||||
|
||||
function latestPosts() {
|
||||
function latestPosts($moderated = true) {
|
||||
$rows = $GLOBALS['db']->selectWhere(POSTS_FILE, NULL, 10, new OrderBy(POST_TIMESTAMP, DESCENDING, INTEGER_COMPARISON));
|
||||
return convertPostsToSQLStyle($rows);
|
||||
}
|
||||
|
||||
function deletePostByID($id) {
|
||||
$posts = postsInThreadByID($id);
|
||||
$posts = postsInThreadByID($id, false);
|
||||
foreach ($posts as $post) {
|
||||
if ($post['id'] != $id) {
|
||||
deletePostImages($post);
|
||||
|
|
|
|||
|
|
@ -42,25 +42,29 @@ function postByID($id) {
|
|||
}
|
||||
|
||||
function threadExistsByID($id) {
|
||||
return mysql_result(mysql_query("SELECT COUNT(*) FROM `" . TINYIB_DBPOSTS . "` WHERE `id` = '" . mysql_real_escape_string($id) . "' AND `parent` = 0 LIMIT 1"), 0, 0) > 0;
|
||||
return mysql_result(mysql_query("SELECT COUNT(*) FROM `" . TINYIB_DBPOSTS . "` WHERE `id` = '" . mysql_real_escape_string($id) . "' AND `parent` = 0 AND `moderated` = 1 LIMIT 1"), 0, 0) > 0;
|
||||
}
|
||||
|
||||
function insertPost($post) {
|
||||
mysql_query("INSERT INTO `" . TINYIB_DBPOSTS . "` (`parent`, `timestamp`, `bumped`, `ip`, `name`, `tripcode`, `email`, `nameblock`, `subject`, `message`, `password`, `file`, `file_hex`, `file_original`, `file_size`, `file_size_formatted`, `image_width`, `image_height`, `thumb`, `thumb_width`, `thumb_height`) VALUES (" . $post['parent'] . ", " . time() . ", " . time() . ", '" . $_SERVER['REMOTE_ADDR'] . "', '" . mysql_real_escape_string($post['name']) . "', '" . mysql_real_escape_string($post['tripcode']) . "', '" . mysql_real_escape_string($post['email']) . "', '" . mysql_real_escape_string($post['nameblock']) . "', '" . mysql_real_escape_string($post['subject']) . "', '" . mysql_real_escape_string($post['message']) . "', '" . mysql_real_escape_string($post['password']) . "', '" . $post['file'] . "', '" . $post['file_hex'] . "', '" . mysql_real_escape_string($post['file_original']) . "', " . $post['file_size'] . ", '" . $post['file_size_formatted'] . "', " . $post['image_width'] . ", " . $post['image_height'] . ", '" . $post['thumb'] . "', " . $post['thumb_width'] . ", " . $post['thumb_height'] . ")");
|
||||
mysql_query("INSERT INTO `" . TINYIB_DBPOSTS . "` (`parent`, `timestamp`, `bumped`, `ip`, `name`, `tripcode`, `email`, `nameblock`, `subject`, `message`, `password`, `file`, `file_hex`, `file_original`, `file_size`, `file_size_formatted`, `image_width`, `image_height`, `thumb`, `thumb_width`, `thumb_height`, `moderated`) VALUES (" . $post['parent'] . ", " . time() . ", " . time() . ", '" . $_SERVER['REMOTE_ADDR'] . "', '" . mysql_real_escape_string($post['name']) . "', '" . mysql_real_escape_string($post['tripcode']) . "', '" . mysql_real_escape_string($post['email']) . "', '" . mysql_real_escape_string($post['nameblock']) . "', '" . mysql_real_escape_string($post['subject']) . "', '" . mysql_real_escape_string($post['message']) . "', '" . mysql_real_escape_string($post['password']) . "', '" . $post['file'] . "', '" . $post['file_hex'] . "', '" . mysql_real_escape_string($post['file_original']) . "', " . $post['file_size'] . ", '" . $post['file_size_formatted'] . "', " . $post['image_width'] . ", " . $post['image_height'] . ", '" . $post['thumb'] . "', " . $post['thumb_width'] . ", " . $post['thumb_height'] . ", " . $post['moderated'] . ")");
|
||||
return mysql_insert_id();
|
||||
}
|
||||
|
||||
function approvePostByID($id) {
|
||||
mysql_query("UPDATE `" . TINYIB_DBPOSTS . "` SET `moderated` = 1 WHERE `id` = " . $id . " LIMIT 1");
|
||||
}
|
||||
|
||||
function bumpThreadByID($id) {
|
||||
mysql_query("UPDATE `" . TINYIB_DBPOSTS . "` SET `bumped` = " . time() . " WHERE `id` = " . $id . " LIMIT 1");
|
||||
}
|
||||
|
||||
function countThreads() {
|
||||
return mysql_result(mysql_query("SELECT COUNT(*) FROM `" . TINYIB_DBPOSTS . "` WHERE `parent` = 0"), 0, 0);
|
||||
return mysql_result(mysql_query("SELECT COUNT(*) FROM `" . TINYIB_DBPOSTS . "` WHERE `parent` = 0 AND `moderated` = 1"), 0, 0);
|
||||
}
|
||||
|
||||
function allThreads() {
|
||||
$threads = array();
|
||||
$result = mysql_query("SELECT * FROM `" . TINYIB_DBPOSTS . "` WHERE `parent` = 0 ORDER BY `bumped` DESC");
|
||||
$result = mysql_query("SELECT * FROM `" . TINYIB_DBPOSTS . "` WHERE `parent` = 0 AND `moderated` = 1 ORDER BY `bumped` DESC");
|
||||
if ($result) {
|
||||
while ($thread = mysql_fetch_assoc($result)) {
|
||||
$threads[] = $thread;
|
||||
|
|
@ -70,12 +74,12 @@ function allThreads() {
|
|||
}
|
||||
|
||||
function numRepliesToThreadByID($id) {
|
||||
return mysql_result(mysql_query("SELECT COUNT(*) FROM `" . TINYIB_DBPOSTS . "` WHERE `parent` = " . $id), 0, 0);
|
||||
return mysql_result(mysql_query("SELECT COUNT(*) FROM `" . TINYIB_DBPOSTS . "` WHERE `parent` = " . $id . " AND `moderated` = 1"), 0, 0);
|
||||
}
|
||||
|
||||
function postsInThreadByID($id) {
|
||||
function postsInThreadByID($id, $moderated_only = true) {
|
||||
$posts = array();
|
||||
$result = mysql_query("SELECT * FROM `" . TINYIB_DBPOSTS . "` WHERE `id` = " . $id . " OR `parent` = " . $id . " ORDER BY `id` ASC");
|
||||
$result = mysql_query("SELECT * FROM `" . TINYIB_DBPOSTS . "` WHERE (`id` = " . $id . " OR `parent` = " . $id . ")" . ($moderated_only ? " AND `moderated` = 1" : "") . " ORDER BY `id` ASC");
|
||||
if ($result) {
|
||||
while ($post = mysql_fetch_assoc($result)) {
|
||||
$posts[] = $post;
|
||||
|
|
@ -86,7 +90,7 @@ function postsInThreadByID($id) {
|
|||
|
||||
function postsByHex($hex) {
|
||||
$posts = array();
|
||||
$result = mysql_query("SELECT `id`, `parent` FROM `" . TINYIB_DBPOSTS . "` WHERE `file_hex` = '" . mysql_real_escape_string($hex) . "' LIMIT 1");
|
||||
$result = mysql_query("SELECT `id`, `parent` FROM `" . TINYIB_DBPOSTS . "` WHERE `file_hex` = '" . mysql_real_escape_string($hex) . "' AND `moderated` = 1 LIMIT 1");
|
||||
if ($result) {
|
||||
while ($post = mysql_fetch_assoc($result)) {
|
||||
$posts[] = $post;
|
||||
|
|
@ -95,9 +99,9 @@ function postsByHex($hex) {
|
|||
return $posts;
|
||||
}
|
||||
|
||||
function latestPosts() {
|
||||
function latestPosts($moderated = true) {
|
||||
$posts = array();
|
||||
$result = mysql_query("SELECT * FROM `" . TINYIB_DBPOSTS . "` ORDER BY `timestamp` DESC LIMIT 10");
|
||||
$result = mysql_query("SELECT * FROM `" . TINYIB_DBPOSTS . "` WHERE `moderated` = " . ($moderated ? '1' : '0') . " ORDER BY `timestamp` DESC LIMIT 10");
|
||||
if ($result) {
|
||||
while ($post = mysql_fetch_assoc($result)) {
|
||||
$posts[] = $post;
|
||||
|
|
@ -107,7 +111,7 @@ function latestPosts() {
|
|||
}
|
||||
|
||||
function deletePostByID($id) {
|
||||
$posts = postsInThreadByID($id);
|
||||
$posts = postsInThreadByID($id, false);
|
||||
foreach ($posts as $post) {
|
||||
if ($post['id'] != $id) {
|
||||
deletePostImages($post);
|
||||
|
|
@ -127,7 +131,7 @@ function deletePostByID($id) {
|
|||
|
||||
function trimThreads() {
|
||||
if (TINYIB_MAXTHREADS > 0) {
|
||||
$result = mysql_query("SELECT `id` FROM `" . TINYIB_DBPOSTS . "` WHERE `parent` = 0 ORDER BY `bumped` DESC LIMIT " . TINYIB_MAXTHREADS . ", 10");
|
||||
$result = mysql_query("SELECT `id` FROM `" . TINYIB_DBPOSTS . "` WHERE `parent` = 0 AND `moderated` = 1 ORDER BY `bumped` DESC LIMIT " . TINYIB_MAXTHREADS . ", 10");
|
||||
if ($result) {
|
||||
while ($post = mysql_fetch_assoc($result)) {
|
||||
deletePostByID($post['id']);
|
||||
|
|
|
|||
|
|
@ -45,15 +45,20 @@ function postByID($id) {
|
|||
|
||||
function threadExistsByID($id) {
|
||||
global $link;
|
||||
return mysqli_result(mysqli_query($link, "SELECT COUNT(*) FROM `" . TINYIB_DBPOSTS . "` WHERE `id` = '" . mysqli_real_escape_string($link, $id) . "' AND `parent` = 0 LIMIT 1"), 0, 0) > 0;
|
||||
return mysqli_result(mysqli_query($link, "SELECT COUNT(*) FROM `" . TINYIB_DBPOSTS . "` WHERE `id` = '" . mysqli_real_escape_string($link, $id) . "' AND `parent` = 0 AND `moderated` = 0 LIMIT 1"), 0, 0) > 0;
|
||||
}
|
||||
|
||||
function insertPost($post) {
|
||||
global $link;
|
||||
mysqli_query($link, "INSERT INTO `" . TINYIB_DBPOSTS . "` (`parent`, `timestamp`, `bumped`, `ip`, `name`, `tripcode`, `email`, `nameblock`, `subject`, `message`, `password`, `file`, `file_hex`, `file_original`, `file_size`, `file_size_formatted`, `image_width`, `image_height`, `thumb`, `thumb_width`, `thumb_height`) VALUES (" . $post['parent'] . ", " . time() . ", " . time() . ", '" . $_SERVER['REMOTE_ADDR'] . "', '" . mysqli_real_escape_string($link, $post['name']) . "', '" . mysqli_real_escape_string($link, $post['tripcode']) . "', '" . mysqli_real_escape_string($link, $post['email']) . "', '" . mysqli_real_escape_string($link, $post['nameblock']) . "', '" . mysqli_real_escape_string($link, $post['subject']) . "', '" . mysqli_real_escape_string($link, $post['message']) . "', '" . mysqli_real_escape_string($link, $post['password']) . "', '" . $post['file'] . "', '" . $post['file_hex'] . "', '" . mysqli_real_escape_string($link, $post['file_original']) . "', " . $post['file_size'] . ", '" . $post['file_size_formatted'] . "', " . $post['image_width'] . ", " . $post['image_height'] . ", '" . $post['thumb'] . "', " . $post['thumb_width'] . ", " . $post['thumb_height'] . ")");
|
||||
mysqli_query($link, "INSERT INTO `" . TINYIB_DBPOSTS . "` (`parent`, `timestamp`, `bumped`, `ip`, `name`, `tripcode`, `email`, `nameblock`, `subject`, `message`, `password`, `file`, `file_hex`, `file_original`, `file_size`, `file_size_formatted`, `image_width`, `image_height`, `thumb`, `thumb_width`, `thumb_height`, `moderated`) VALUES (" . $post['parent'] . ", " . time() . ", " . time() . ", '" . $_SERVER['REMOTE_ADDR'] . "', '" . mysqli_real_escape_string($link, $post['name']) . "', '" . mysqli_real_escape_string($link, $post['tripcode']) . "', '" . mysqli_real_escape_string($link, $post['email']) . "', '" . mysqli_real_escape_string($link, $post['nameblock']) . "', '" . mysqli_real_escape_string($link, $post['subject']) . "', '" . mysqli_real_escape_string($link, $post['message']) . "', '" . mysqli_real_escape_string($link, $post['password']) . "', '" . $post['file'] . "', '" . $post['file_hex'] . "', '" . mysqli_real_escape_string($link, $post['file_original']) . "', " . $post['file_size'] . ", '" . $post['file_size_formatted'] . "', " . $post['image_width'] . ", " . $post['image_height'] . ", '" . $post['thumb'] . "', " . $post['thumb_width'] . ", " . $post['thumb_height'] . ", " . $post['moderated'] . ")");
|
||||
return mysqli_insert_id($link);
|
||||
}
|
||||
|
||||
function approvePostByID($id) {
|
||||
global $link;
|
||||
mysqli_query($link, "UPDATE `" . TINYIB_DBPOSTS . "` SET `moderated` = 1 WHERE `id` = " . $id . " LIMIT 1");
|
||||
}
|
||||
|
||||
function bumpThreadByID($id) {
|
||||
global $link;
|
||||
mysqli_query($link, "UPDATE `" . TINYIB_DBPOSTS . "` SET `bumped` = " . time() . " WHERE `id` = " . $id . " LIMIT 1");
|
||||
|
|
@ -61,13 +66,13 @@ function bumpThreadByID($id) {
|
|||
|
||||
function countThreads() {
|
||||
global $link;
|
||||
return mysqli_result(mysqli_query($link, "SELECT COUNT(*) FROM `" . TINYIB_DBPOSTS . "` WHERE `parent` = 0"), 0, 0);
|
||||
return mysqli_result(mysqli_query($link, "SELECT COUNT(*) FROM `" . TINYIB_DBPOSTS . "` WHERE `parent` = 0 AND `moderated` = 1"), 0, 0);
|
||||
}
|
||||
|
||||
function allThreads() {
|
||||
global $link;
|
||||
$threads = array();
|
||||
$result = mysqli_query($link, "SELECT * FROM `" . TINYIB_DBPOSTS . "` WHERE `parent` = 0 ORDER BY `bumped` DESC");
|
||||
$result = mysqli_query($link, "SELECT * FROM `" . TINYIB_DBPOSTS . "` WHERE `parent` = 0 AND `moderated` = 1 ORDER BY `bumped` DESC");
|
||||
if ($result) {
|
||||
while ($thread = mysqli_fetch_assoc($result)) {
|
||||
$threads[] = $thread;
|
||||
|
|
@ -78,13 +83,13 @@ function allThreads() {
|
|||
|
||||
function numRepliesToThreadByID($id) {
|
||||
global $link;
|
||||
return mysqli_result(mysqli_query($link, "SELECT COUNT(*) FROM `" . TINYIB_DBPOSTS . "` WHERE `parent` = " . $id), 0, 0);
|
||||
return mysqli_result(mysqli_query($link, "SELECT COUNT(*) FROM `" . TINYIB_DBPOSTS . "` WHERE `parent` = " . $id . " AND `moderated` = 1"), 0, 0);
|
||||
}
|
||||
|
||||
function postsInThreadByID($id) {
|
||||
function postsInThreadByID($id, $moderated_only = true) {
|
||||
global $link;
|
||||
$posts = array();
|
||||
$result = mysqli_query($link, "SELECT * FROM `" . TINYIB_DBPOSTS . "` WHERE `id` = " . $id . " OR `parent` = " . $id . " ORDER BY `id` ASC");
|
||||
$result = mysqli_query($link, "SELECT * FROM `" . TINYIB_DBPOSTS . "` WHERE (`id` = " . $id . " OR `parent` = " . $id . ")" . ($moderated_only ? " AND `moderated` = 1" : "") . " ORDER BY `id` ASC");
|
||||
if ($result) {
|
||||
while ($post = mysqli_fetch_assoc($result)) {
|
||||
$posts[] = $post;
|
||||
|
|
@ -96,7 +101,7 @@ function postsInThreadByID($id) {
|
|||
function postsByHex($hex) {
|
||||
global $link;
|
||||
$posts = array();
|
||||
$result = mysqli_query($link, "SELECT `id`, `parent` FROM `" . TINYIB_DBPOSTS . "` WHERE `file_hex` = '" . mysqli_real_escape_string($link, $hex) . "' LIMIT 1");
|
||||
$result = mysqli_query($link, "SELECT `id`, `parent` FROM `" . TINYIB_DBPOSTS . "` WHERE `file_hex` = '" . mysqli_real_escape_string($link, $hex) . "' AND `moderated` = 1 LIMIT 1");
|
||||
if ($result) {
|
||||
while ($post = mysqli_fetch_assoc($result)) {
|
||||
$posts[] = $post;
|
||||
|
|
@ -105,10 +110,10 @@ function postsByHex($hex) {
|
|||
return $posts;
|
||||
}
|
||||
|
||||
function latestPosts() {
|
||||
function latestPosts($moderated = true) {
|
||||
global $link;
|
||||
$posts = array();
|
||||
$result = mysqli_query($link, "SELECT * FROM `" . TINYIB_DBPOSTS . "` ORDER BY `timestamp` DESC LIMIT 10");
|
||||
$result = mysqli_query($link, "SELECT * FROM `" . TINYIB_DBPOSTS . "` WHERE `moderated` = " . ($moderated ? '1' : '0') . " ORDER BY `timestamp` DESC LIMIT 10");
|
||||
if ($result) {
|
||||
while ($post = mysqli_fetch_assoc($result)) {
|
||||
$posts[] = $post;
|
||||
|
|
@ -119,7 +124,7 @@ function latestPosts() {
|
|||
|
||||
function deletePostByID($id) {
|
||||
global $link;
|
||||
$posts = postsInThreadByID($id);
|
||||
$posts = postsInThreadByID($id, false);
|
||||
foreach ($posts as $post) {
|
||||
if ($post['id'] != $id) {
|
||||
deletePostImages($post);
|
||||
|
|
@ -140,7 +145,7 @@ function deletePostByID($id) {
|
|||
function trimThreads() {
|
||||
global $link;
|
||||
if (TINYIB_MAXTHREADS > 0) {
|
||||
$result = mysqli_query($link, "SELECT `id` FROM `" . TINYIB_DBPOSTS . "` WHERE `parent` = 0 ORDER BY `bumped` DESC LIMIT " . TINYIB_MAXTHREADS . ", 10");
|
||||
$result = mysqli_query($link, "SELECT `id` FROM `" . TINYIB_DBPOSTS . "` WHERE `parent` = 0 AND `moderated` = 1 ORDER BY `bumped` DESC LIMIT " . TINYIB_MAXTHREADS . ", 10");
|
||||
if ($result) {
|
||||
while ($post = mysqli_fetch_assoc($result)) {
|
||||
deletePostByID($post['id']);
|
||||
|
|
|
|||
|
|
@ -63,35 +63,39 @@ function postByID($id) {
|
|||
}
|
||||
|
||||
function threadExistsByID($id) {
|
||||
$result = pdoQuery("SELECT COUNT(*) FROM " . TINYIB_DBPOSTS . " WHERE id = ? AND parent = 0", array($id));
|
||||
$result = pdoQuery("SELECT COUNT(*) FROM " . TINYIB_DBPOSTS . " WHERE id = ? AND parent = 0 AND moderated = 1", array($id));
|
||||
return $result->fetchColumn() != 0;
|
||||
}
|
||||
|
||||
function insertPost($post) {
|
||||
global $dbh;
|
||||
$now = time();
|
||||
$stm = $dbh->prepare("INSERT INTO " . TINYIB_DBPOSTS . " (parent, timestamp, bumped, ip, name, tripcode, email, nameblock, subject, message, password, file, file_hex, file_original, file_size, file_size_formatted, image_width, image_height, thumb, thumb_width, thumb_height) " .
|
||||
" VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");
|
||||
$stm = $dbh->prepare("INSERT INTO " . TINYIB_DBPOSTS . " (parent, timestamp, bumped, ip, name, tripcode, email, nameblock, subject, message, password, file, file_hex, file_original, file_size, file_size_formatted, image_width, image_height, thumb, thumb_width, thumb_height, moderated) " .
|
||||
" VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");
|
||||
$stm->execute(array($post['parent'], $now, $now, $_SERVER['REMOTE_ADDR'], $post['name'], $post['tripcode'], $post['email'],
|
||||
$post['nameblock'], $post['subject'], $post['message'], $post['password'],
|
||||
$post['file'], $post['file_hex'], $post['file_original'], $post['file_size'], $post['file_size_formatted'],
|
||||
$post['image_width'], $post['image_height'], $post['thumb'], $post['thumb_width'], $post['thumb_height']));
|
||||
$post['image_width'], $post['image_height'], $post['thumb'], $post['thumb_width'], $post['thumb_height'], $post['moderated']));
|
||||
return $dbh->lastInsertId();
|
||||
}
|
||||
|
||||
function approvePostByID($id) {
|
||||
pdoQuery("UPDATE " . TINYIB_DBPOSTS . " SET moderated = ? WHERE id = ?", array('1', $id));
|
||||
}
|
||||
|
||||
function bumpThreadByID($id) {
|
||||
$now = time();
|
||||
pdoQuery("UPDATE " . TINYIB_DBPOSTS . " SET bumped = ? WHERE id = ?", array($now, $id));
|
||||
}
|
||||
|
||||
function countThreads() {
|
||||
$result = pdoQuery("SELECT COUNT(*) FROM " . TINYIB_DBPOSTS . " WHERE parent = 0");
|
||||
$result = pdoQuery("SELECT COUNT(*) FROM " . TINYIB_DBPOSTS . " WHERE parent = 0 AND moderated = 1");
|
||||
return (int)$result->fetchColumn();
|
||||
}
|
||||
|
||||
function allThreads() {
|
||||
$threads = array();
|
||||
$results = pdoQuery("SELECT * FROM " . TINYIB_DBPOSTS . " WHERE parent = 0 ORDER BY bumped DESC");
|
||||
$results = pdoQuery("SELECT * FROM " . TINYIB_DBPOSTS . " WHERE parent = 0 AND moderated = 1 ORDER BY bumped DESC");
|
||||
while ($row = $results->fetch()) {
|
||||
$threads[] = $row;
|
||||
}
|
||||
|
|
@ -99,13 +103,13 @@ function allThreads() {
|
|||
}
|
||||
|
||||
function numRepliesToThreadByID($id) {
|
||||
$result = pdoQuery("SELECT COUNT(*) FROM " . TINYIB_DBPOSTS . " WHERE parent = ?", array($id));
|
||||
$result = pdoQuery("SELECT COUNT(*) FROM " . TINYIB_DBPOSTS . " WHERE parent = ? AND moderated = 1", array($id));
|
||||
return (int)$result->fetchColumn();
|
||||
}
|
||||
|
||||
function postsInThreadByID($id) {
|
||||
function postsInThreadByID($id, $moderated_only = true) {
|
||||
$posts = array();
|
||||
$results = pdoQuery("SELECT * FROM " . TINYIB_DBPOSTS . " WHERE id = ? OR parent = ? ORDER BY id ASC", array($id, $id));
|
||||
$results = pdoQuery("SELECT * FROM " . TINYIB_DBPOSTS . " WHERE (id = ? OR parent = ?)" . ($moderated_only ? " AND moderated = 1" : "") . " ORDER BY id ASC", array($id, $id));
|
||||
while ($row = $results->fetch(PDO::FETCH_ASSOC)) {
|
||||
$posts[] = $row;
|
||||
}
|
||||
|
|
@ -114,16 +118,16 @@ function postsInThreadByID($id) {
|
|||
|
||||
function postsByHex($hex) {
|
||||
$posts = array();
|
||||
$results = pdoQuery("SELECT * FROM " . TINYIB_DBPOSTS . " WHERE file_hex = ? LIMIT 1", array($hex));
|
||||
$results = pdoQuery("SELECT * FROM " . TINYIB_DBPOSTS . " WHERE file_hex = ? AND moderated = 1 LIMIT 1", array($hex));
|
||||
while ($row = $results->fetch(PDO::FETCH_ASSOC)) {
|
||||
$posts[] = $row;
|
||||
}
|
||||
return $posts;
|
||||
}
|
||||
|
||||
function latestPosts() {
|
||||
function latestPosts($moderated = true) {
|
||||
$posts = array();
|
||||
$results = pdoQuery("SELECT * FROM " . TINYIB_DBPOSTS . " ORDER BY timestamp DESC LIMIT 10");
|
||||
$results = pdoQuery("SELECT * FROM " . TINYIB_DBPOSTS . " WHERE moderated = ? ORDER BY timestamp DESC LIMIT 10", array($moderated ? '1' : '0'));
|
||||
while ($row = $results->fetch(PDO::FETCH_ASSOC)) {
|
||||
$posts[] = $row;
|
||||
}
|
||||
|
|
@ -131,7 +135,7 @@ function latestPosts() {
|
|||
}
|
||||
|
||||
function deletePostByID($id) {
|
||||
$posts = postsInThreadByID($id);
|
||||
$posts = postsInThreadByID($id, false);
|
||||
foreach ($posts as $post) {
|
||||
if ($post['id'] != $id) {
|
||||
deletePostImages($post);
|
||||
|
|
@ -152,7 +156,7 @@ function deletePostByID($id) {
|
|||
function trimThreads() {
|
||||
$limit = (int)TINYIB_MAXTHREADS;
|
||||
if ($limit > 0) {
|
||||
$results = pdoQuery("SELECT id FROM " . TINYIB_DBPOSTS . " WHERE parent = 0 ORDER BY bumped LIMIT 100 OFFSET " . $limit
|
||||
$results = pdoQuery("SELECT id FROM " . TINYIB_DBPOSTS . " WHERE parent = 0 AND moderated = 1 ORDER BY bumped LIMIT 100 OFFSET " . $limit
|
||||
);
|
||||
# old mysql, sqlite3: SELECT id FROM $table ORDER BY bumped LIMIT $limit,100
|
||||
# mysql, postgresql, sqlite3: SELECT id FROM $table ORDER BY bumped LIMIT 100 OFFSET $limit
|
||||
|
|
|
|||
|
|
@ -94,7 +94,7 @@ function numRepliesToThreadByID($id) {
|
|||
return sqlite_fetch_single(sqlite_query($GLOBALS["db"], "SELECT COUNT(*) FROM " . TINYIB_DBPOSTS . " WHERE parent = " . $id));
|
||||
}
|
||||
|
||||
function postsInThreadByID($id) {
|
||||
function postsInThreadByID($id, $moderated_only = true) {
|
||||
$posts = array();
|
||||
$result = sqlite_fetch_all(sqlite_query($GLOBALS["db"], "SELECT * FROM " . TINYIB_DBPOSTS . " WHERE id = " . $id . " OR parent = " . $id . " ORDER BY id ASC"), SQLITE_ASSOC);
|
||||
foreach ($result as $post) {
|
||||
|
|
@ -112,7 +112,7 @@ function postsByHex($hex) {
|
|||
return $posts;
|
||||
}
|
||||
|
||||
function latestPosts() {
|
||||
function latestPosts($moderated = true) {
|
||||
$posts = array();
|
||||
$result = sqlite_fetch_all(sqlite_query($GLOBALS["db"], "SELECT * FROM " . TINYIB_DBPOSTS . " ORDER BY timestamp DESC LIMIT 10"), SQLITE_ASSOC);
|
||||
foreach ($result as $post) {
|
||||
|
|
@ -122,7 +122,7 @@ function latestPosts() {
|
|||
}
|
||||
|
||||
function deletePostByID($id) {
|
||||
$posts = postsInThreadByID($id);
|
||||
$posts = postsInThreadByID($id, false);
|
||||
foreach ($posts as $post) {
|
||||
if ($post['id'] != $id) {
|
||||
deletePostImages($post);
|
||||
|
|
|
|||
|
|
@ -27,6 +27,9 @@ if (!defined('TINYIB_SWF')) {
|
|||
if (!defined('TINYIB_WEBM')) {
|
||||
define('TINYIB_WEBM', false);
|
||||
}
|
||||
if (!defined('TINYIB_REQMOD')) {
|
||||
define('TINYIB_REQMOD', 'disable');
|
||||
}
|
||||
if (!defined('TINYIB_DBMIGRATE')) {
|
||||
define('TINYIB_DBMIGRATE', false);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -26,6 +26,8 @@ $posts_sql = "CREATE TABLE `" . TINYIB_DBPOSTS . "` (
|
|||
`thumb` varchar(255) NOT NULL,
|
||||
`thumb_width` smallint(5) unsigned NOT NULL default '0',
|
||||
`thumb_height` smallint(5) unsigned NOT NULL default '0',
|
||||
`stickied` tinyint(1) NOT NULL default '0',
|
||||
`moderated` tinyint(1) NOT NULL default '1',
|
||||
PRIMARY KEY (`id`),
|
||||
KEY `parent` (`parent`),
|
||||
KEY `bumped` (`bumped`)
|
||||
|
|
@ -81,7 +83,9 @@ function newPost($parent = TINYIB_NEWTHREAD) {
|
|||
'image_height' => '0',
|
||||
'thumb' => '',
|
||||
'thumb_width' => '0',
|
||||
'thumb_height' => '0');
|
||||
'thumb_height' => '0',
|
||||
'stickied' => '0',
|
||||
'moderated' => '1');
|
||||
}
|
||||
|
||||
function convertBytes($number) {
|
||||
|
|
|
|||
55
inc/html.php
55
inc/html.php
|
|
@ -8,6 +8,12 @@ function pageHeader() {
|
|||
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
|
||||
<html>
|
||||
<head>
|
||||
<meta http-equiv="content-type" content="text/html;charset=UTF-8">
|
||||
<meta http-equiv="cache-control" content="max-age=0">
|
||||
<meta http-equiv="cache-control" content="no-cache">
|
||||
<meta http-equiv="expires" content="0">
|
||||
<meta http-equiv="expires" content="Tue, 01 Jan 1980 1:00:00 GMT">
|
||||
<meta http-equiv="pragma" content="no-cache">
|
||||
<title>
|
||||
EOF;
|
||||
$return .= TINYIB_BOARDDESC . <<<EOF
|
||||
|
|
@ -17,12 +23,6 @@ EOF;
|
|||
<link rel="stylesheet" type="text/css" href="css/futaba.css" title="Futaba">
|
||||
<link rel="alternate stylesheet" type="text/css" href="css/burichan.css" title="Burichan">
|
||||
<script src="js/tinyib.js"></script>
|
||||
<meta http-equiv="content-type" content="text/html;charset=UTF-8">
|
||||
<meta http-equiv="cache-control" content="max-age=0">
|
||||
<meta http-equiv="cache-control" content="no-cache">
|
||||
<meta http-equiv="expires" content="0">
|
||||
<meta http-equiv="expires" content="Tue, 01 Jan 1980 1:00:00 GMT">
|
||||
<meta http-equiv="pragma" content="no-cache">
|
||||
</head>
|
||||
EOF;
|
||||
return $return;
|
||||
|
|
@ -207,10 +207,15 @@ EOF;
|
|||
|
||||
$max_file_size_input_html = '';
|
||||
$max_file_size_rules_html = '';
|
||||
$reqmod_html = '';
|
||||
$filetypes_html = '';
|
||||
$file_input_html = '';
|
||||
$unique_posts_html = '';
|
||||
|
||||
if (TINYIB_REQMOD != 'disable') {
|
||||
$reqmod_html = '<li>All posts' . (TINYIB_REQMOD == 'files' ? ' with a file attached' : '') . ' will be moderated before being shown.</li>';
|
||||
}
|
||||
|
||||
if (TINYIB_PIC || TINYIB_WEBM || TINYIB_SWF) {
|
||||
if (TINYIB_MAXKB > 0) {
|
||||
$max_file_size_input_html = '<input type="hidden" name="MAX_FILE_SIZE" value="' . strval(TINYIB_MAXKB * 1024) . '">';
|
||||
|
|
@ -303,6 +308,7 @@ EOF;
|
|||
<tr>
|
||||
<td colspan="2" class="rules">
|
||||
<ul>
|
||||
$reqmod_html
|
||||
$filetypes_html
|
||||
$max_file_size_rules_html
|
||||
$thumbnails_html
|
||||
|
|
@ -642,8 +648,41 @@ function manageStatus() {
|
|||
EOF;
|
||||
}
|
||||
|
||||
$reqmod_html = '';
|
||||
|
||||
if (TINYIB_REQMOD != 'disable') {
|
||||
$reqmod_post_html = '';
|
||||
|
||||
$reqmod_posts = latestPosts(false);
|
||||
foreach ($reqmod_posts as $post) {
|
||||
if ($reqmod_post_html != '') {
|
||||
$reqmod_post_html .= '<tr><td colspan="2"><hr></td></tr>';
|
||||
}
|
||||
$reqmod_post_html .= '<tr><td>' . buildPost($post, TINYIB_INDEXPAGE) . '</td><td valign="top" align="right">
|
||||
<table border="0"><tr><td>
|
||||
<form method="get" action="?"><input type="hidden" name="manage" value=""><input type="hidden" name="approve" value="' . $post['id'] . '"><input type="submit" value="Approve" class="managebutton"></form>
|
||||
</td><td>
|
||||
<form method="get" action="?"><input type="hidden" name="manage" value=""><input type="hidden" name="moderate" value="' . $post['id'] . '"><input type="submit" value="More Info" class="managebutton"></form>
|
||||
</td></tr><tr><td align="right" colspan="2">
|
||||
<form method="get" action="?"><input type="hidden" name="manage" value=""><input type="hidden" name="delete" value="' . $post['id'] . '"><input type="submit" value="Delete" class="managebutton"></form>
|
||||
</td></tr></table>
|
||||
</td></tr>';
|
||||
}
|
||||
|
||||
if ($reqmod_post_html != '') {
|
||||
$reqmod_html = <<<EOF
|
||||
<fieldset>
|
||||
<legend>Pending posts</legend>
|
||||
<table border="0" cellspacing="0" cellpadding="0" width="100%">
|
||||
$reqmod_post_html
|
||||
</table>
|
||||
</fieldset>
|
||||
EOF;
|
||||
}
|
||||
}
|
||||
|
||||
$post_html = '';
|
||||
$posts = latestPosts();
|
||||
$posts = latestPosts(true);
|
||||
$i = 0;
|
||||
foreach ($posts as $post) {
|
||||
if ($post_html != '') {
|
||||
|
|
@ -680,6 +719,8 @@ EOF;
|
|||
</tbody>
|
||||
</table>
|
||||
</fieldset>
|
||||
|
||||
$reqmod_html
|
||||
|
||||
<fieldset>
|
||||
<legend>Recent posts</legend>
|
||||
|
|
|
|||
|
|
@ -20,6 +20,7 @@ define('TINYIB_LOGO', ""); // Logo HTML
|
|||
define('TINYIB_TRIPSEED', ""); // Enter some random text - Used when generating secure tripcodes - Must not change once set
|
||||
define('TINYIB_ADMINPASS', ""); // Text entered at the manage prompt to gain administrator access
|
||||
define('TINYIB_MODPASS', ""); // Moderators only have access to delete posts ["" to disable]
|
||||
define('TINYIB_REQMOD', "disable"); // Require moderation before displaying posts: disable / files / all (see README for instructions, only MySQL is supported)
|
||||
define('TINYIB_DBMODE', "flatfile"); // Choose: flatfile / mysql / mysqli / sqlite / pdo (flatfile is not recommended for popular sites)
|
||||
define('TINYIB_DBMIGRATE', false); // Enable database migration tool (see README for instructions)
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue