2014-08-19 00:38:41 +02:00
<! DOCTYPE html >
2014-01-25 22:12:05 +01:00
< ? php
2014-08-20 19:30:17 +02:00
// Ninechan v1.10.2
2014-08-19 00:38:41 +02:00
// Configuration files
require 'config.php' ; // Include Configuration
include 'lang/' . $ninechan [ 'lang' ] . '.php' ; // Include Language file
// Error Reporting
error_reporting ( $ninechan [ 'exposeerrors' ] ? - 1 : 0 );
// Check dependencies
2014-08-20 19:30:17 +02:00
if ( version_compare ( phpversion (), '5.3.0' , '<' )) // PHP 5.3 or higher
die ( L_PHP_OUTDATED );
if ( ! extension_loaded ( 'mysqli' )) // MySQL Improved
die ( L_SQL_FUNCTION );
/* if ( file_exists ( " updatedb.php " )) // Ninechan Updater
die ( L_UDB_EXISTS );
*/
2014-08-19 00:38:41 +02:00
// Connect to SQL
$sqldb = new mysqli ( $sql [ 'host' ], $sql [ 'user' ], $sql [ 'pass' ], $sql [ 'data' ]);
if ( $sqldb -> connect_errno ) { // Catch connection error
2014-08-20 19:30:17 +02:00
die ( L_SQL_CONNECT );
2014-08-19 00:38:41 +02:00
}
2014-08-20 19:30:17 +02:00
2014-08-19 00:38:41 +02:00
// Initialise Database
$sqldb -> query ( " CREATE TABLE IF NOT EXISTS ` " . $sql [ 'data' ] . " `.` " . $sql [ 'table' ] . " ` (`id` int(11) NOT NULL AUTO_INCREMENT,`title` text NOT NULL,`name` text NOT NULL,`trip` text NOT NULL,`email` text NOT NULL,`date` text NOT NULL,`content` text NOT NULL,`password` text NOT NULL,`ip` text NOT NULL,`op` int(11) NOT NULL,`tid` int(11) NOT NULL,`locked` int(11) NOT NULL,`ban` int(11) NOT NULL,`del` int(11) NOT NULL,PRIMARY KEY (`id`)) ENGINE=InnoDB DEFAULT CHARSET=latin1; " ); //-- Create database table when it doesn't exist
// Functions
// Cleaning posts
function removeSpecialChars ( $data ) {
$data = htmlentities ( $data , ENT_QUOTES | ENT_IGNORE , " UTF-8 " );
$data = stripslashes ( $data );
return $data ;
}
// Parsing tripcodes
function parseTrip ( $name ) {
if ( preg_match ( " /(#|!)(.*)/ " , $name , $matches )) {
$cap = $matches [ 2 ];
$cap = mb_convert_encoding ( $cap , 'SJIS' , 'UTF-8' );
$cap = str_replace ( '#' , '' , $cap );
$cap = str_replace ( '&' , '&' , $cap );
$cap = str_replace ( '"' , '"' , $cap );
$cap = str_replace ( " ' " , ''' , $cap );
$cap = str_replace ( '<' , '<' , $cap );
$cap = str_replace ( '>' , '>' , $cap );
$salt = substr ( $cap . 'H.' , 1 , 2 );
$salt = preg_replace ( '/[^.\/0-9:;<=>?@A-Z\[\\\]\^_`a-z]/' , '.' , $salt );
$salt = strtr ( $salt , ':;<=>?@[\]^_`' , 'ABCDEFGabcdef' );
$trip = substr ( crypt ( $cap , $salt ), - 10 );
2014-05-06 05:14:18 +02:00
return $trip ;
2014-01-30 01:35:33 +01:00
}
}
2014-08-19 00:38:41 +02:00
// Parsing BBcodes
2014-02-10 19:16:56 +01:00
function parseBBcode ( $content ){
2014-08-19 00:38:41 +02:00
$bbcodecatch = array ( '/\[b\](.*?)\[\/b\]/is' , '/\[i\](.*?)\[\/i\]/is' , '/\[u\](.*?)\[\/u\]/is' , '/\[url\=(.*?)\](.*?)\[\/url\]/is' , '/\[url\](.*?)\[\/url\]/is' , '/\[spoiler\](.*?)\[\/spoiler\]/is' , '/>>(.*[0-9])/i' , '/^>(.*?)$/im' , '/^.*(youtu.be|youtube.com\/embed\/|watch\?v=|\&v=)([^!<>@&#\/\s]*)/is' );
$bbcodereplace = array ( '<b>$1</b>' , '<i>$1</i>' , '<u>$1</u>' , '<a href="$1" rel="nofollow" title="$2 - $1">$2</a>' , '<a href="$1" rel="nofollow" title="$1">$1</a>' , '<span class="spoiler">$1</span>' , '<a class="lquote" href="#$1">>>$1</a>' , '<span class="quote">>$1</span>' , '<object type="application/x-shockwave-flash" style="width:425px; height:350px;" data="http://www.youtube.com/v/$2"><param name="movie" value="http://www.youtube.com/v/$2" /></object>' );
$content = preg_replace ( $bbcodecatch , $bbcodereplace , $content );
2014-03-12 00:00:47 +01:00
return nl2br ( $content );
2014-02-10 19:16:56 +01:00
}
2014-08-19 00:38:41 +02:00
// Generating Random Password
2014-05-06 05:14:18 +02:00
function generatePassword () {
$chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-_@#$!*\/[]{}=+' ;
for ( $i = 0 , $pass = '' ; $i < 34 ; $i ++ ) {
$index = rand ( 0 , mb_strlen ( $chars ) - 1 );
$pass .= mb_substr ( $chars , $index , 1 );
}
return $pass ;
}
2014-08-19 00:38:41 +02:00
// Banning a post
function banPost ( $id , $ban ) {
global $sql , $sqldb ;
2014-08-20 19:30:17 +02:00
$sqldb -> query ( " UPDATE ` " . $sql [ 'data' ] . " `.` " . $sql [ 'table' ] . " ` SET `ban`=' " . ( $ban ? '1' : '0' ) . " ' WHERE `id`=' " . $id . " ' " );
2014-02-10 19:16:56 +01:00
}
2014-08-19 00:38:41 +02:00
// Removing a post
function delPost ( $id , $del ) {
global $sql , $sqldb ;
2014-08-20 19:30:17 +02:00
$sqldb -> query ( " UPDATE ` " . $sql [ 'data' ] . " `.` " . $sql [ 'table' ] . " ` SET `del`=' " . ( $del ? '1' : '0' ) . " ' WHERE `id`=' " . $id . " ' " );
2014-02-10 19:16:56 +01:00
}
2014-08-19 00:38:41 +02:00
// Removing every post in the thread
function pruneThread ( $id , $prune ) {
global $sql , $sqldb ;
2014-08-20 19:30:17 +02:00
$sqldb -> query ( " UPDATE ` " . $sql [ 'data' ] . " `.` " . $sql [ 'table' ] . " ` SET `del`=' " . ( $prune ? '1' : '0' ) . " ' WHERE `tid`=' " . $id . " ' " );
2014-02-10 19:16:56 +01:00
}
2014-08-19 00:38:41 +02:00
// Locking a thread
function lockThread ( $id , $lock ) {
global $sql , $sqldb ;
2014-08-20 19:30:17 +02:00
$sqldb -> query ( " UPDATE ` " . $sql [ 'data' ] . " `.` " . $sql [ 'table' ] . " ` SET `locked`=' " . ( $lock ? '1' : '0' ) . " ' WHERE `tid`=' " . $id . " ' " );
2014-05-06 05:14:18 +02:00
}
2014-08-19 00:38:41 +02:00
// reCAPTCHA
if ( $ninechan [ 'recaptcha' ])
require $ninechan [ 'recaptchalib' ];
// Session
session_start (); // Start a session
$auth = @ $_SESSION [ 'mod' ]; // Set an alias for mod
2014-01-25 22:12:05 +01:00
?>
< html >
2014-08-19 00:38:41 +02:00
< head >
< meta http - equiv = " Content-type " content = " text/html; charset=<?= $ninechan['charset'] ;?> " />
2014-08-20 19:30:17 +02:00
< title >< ? = $ninechan [ 'title' ]; ?> </title><?=($ninechan['desc'] ? '<meta name="description" content="'.$ninechan['desc'].'" />' : null);?>
2014-08-19 00:38:41 +02:00
< script type = " text/javascript " >
/// Apologies for my shitty Javascript
// Function to write to a cookie
function setCookie ( name , content , expire ) {
if ( expire == " forever " ){ var expire = 60 * 60 * 24 * 365 * 99 ;}
if ( expire == " default " ){ var expire = 60 * 60 * 24 * 7 ;}
2014-08-20 19:30:17 +02:00
document . cookie = '<?=$ninechan[' cookieprefix '];?>' + name + '=' + content + ';max-age=' + expire ;
2014-05-06 05:14:18 +02:00
}
2014-08-19 00:38:41 +02:00
// Function to delete a cookie
function delCookie ( name ) {
2014-08-20 19:30:17 +02:00
document . cookie = '<?=$ninechan[' cookieprefix '];?>' + name + '=;max-age=1;path=/'
2014-05-06 05:14:18 +02:00
}
2014-08-19 00:38:41 +02:00
// Function to get data from a cookie
function getCookie ( name ) {
2014-08-20 19:30:17 +02:00
return ( name = new RegExp ( '(?:^|;\\s*)' + ( '' + '<?=$ninechan[' cookieprefix '];?>' + name ) . replace ( / [ - [ \ ]{}() *+ ? . , \\ ^ $ | #\s]/g, '\\$&') + '=([^;]*)').exec(document.cookie)) && name[1];
2014-05-06 05:14:18 +02:00
}
2014-08-19 00:38:41 +02:00
// Get main style
function getMainStyle () {
var i , a ;
for ( i = 0 ; ( a = document . getElementsByTagName ( 'link' )[ i ]); i ++ ) {
if ( a . getAttribute ( 'rel' ) . indexOf ( 'style' ) != - 1 && a . getAttribute ( 'rel' ) . indexOf ( 'alt' ) == - 1 && a . getAttribute ( 'title' )) {
return a . getAttribute ( 'title' );
}
2014-05-06 05:14:18 +02:00
}
2014-08-19 00:38:41 +02:00
return null ;
2014-05-06 05:14:18 +02:00
}
2014-08-19 00:38:41 +02:00
// Get the currently active style
function getActiveStyle () {
var i , a ;
for ( i = 0 ; ( a = document . getElementsByTagName ( 'link' )[ i ]); i ++ ) {
if ( a . getAttribute ( 'rel' ) . indexOf ( 'style' ) != - 1 && a . getAttribute ( 'title' ) && ! a . disabled ) {
return a . getAttribute ( 'title' );
2014-05-06 05:14:18 +02:00
}
}
2014-08-19 00:38:41 +02:00
return null ;
}
// Switch to another style
function setStyle ( title ) {
var i , a , main ;
var titleFound = false ;
setCookie ( 'style' , title , 'forever' );
for ( i = 0 ; ( a = document . getElementsByTagName ( 'link' )[ i ]); i ++ ) {
if ( a . getAttribute ( 'rel' ) . indexOf ( 'style' ) != - 1 && a . getAttribute ( 'title' )) {
a . disabled = true ;
if ( a . getAttribute ( 'title' ) == title ) {
a . disabled = false ;
titleFound = true ;
2014-05-06 05:14:18 +02:00
}
}
}
2014-08-19 00:38:41 +02:00
if ( ! titleFound && title != null ) {
setStyle ( getMainStyle ());
2014-05-06 05:14:18 +02:00
}
}
2014-08-19 00:38:41 +02:00
// Initiate Frontend Javascript Data
function init () {
if ( getCookie ( 'style' ) == null )
setStyle ( getMainStyle ());
else
setStyle ( getCookie ( 'style' ));
2014-05-06 05:14:18 +02:00
}
2014-08-19 00:38:41 +02:00
</ script >
< ? php
if ( $ninechan [ 'styles' ]) { // Check if styles are enabled
2014-08-20 19:30:17 +02:00
foreach ( $ninechan [ 'styles' ] as $styleUrl => $styleName ) { // Get styles from array
2014-08-19 00:38:41 +02:00
reset ( $ninechan [ 'styles' ]); // Reset Array
$mainStyle = key ( $ninechan [ 'styles' ]); // Get first entry
$alternate = ( $styleUrl == $mainStyle ) ? '' : 'alternate ' ; // Append alternate to the rel of the non-main styles
print '<link rel="' . $alternate . 'stylesheet" type="text/css" href="' . $styleUrl . '" title="' . $styleName . '" />' . " \r \n " ; // List every style
2014-05-06 05:14:18 +02:00
}
}
2014-08-19 00:38:41 +02:00
?>
</ head >
< body onload = " init(); " >
< h1 >< a href = " ./ " >< ? = $ninechan [ 'title' ]; ?> </a></h1>
< ? = ( $ninechan [ 'desc' ] ? ' <i>' . $ninechan [ 'desc' ] . '</i>' : null ); ?>
< hr />
< ? php
if ( $ninechan [ 'closed' ]) { // Exit if board is set as closed in the config file
print L_BOARD_CLOSED . " <br /><i> " . L_REASON . " : " . $ninechan [ 'closedreason' ] . " </i> " ;
exit ;
2014-05-06 05:14:18 +02:00
}
2014-08-20 19:30:17 +02:00
$banCheck = ( $sqldb -> query ( " SELECT * FROM ` " . $sql [ 'data' ] . " `.` " . $sql [ 'table' ] . " ` WHERE `ip`=' " . base64_encode ( $_SERVER [ 'REMOTE_ADDR' ]) . " ' AND `ban`='1' " ) -> num_rows ? true : false ); // Check if poster IP is banned, using num_rows because COUNT(*) didn't want to work or I did something wrong
if ( $banCheck )
print '<div class="banmsg">' . L_USERBANNEDMSG . '</div><hr />' ;
if ( ! isset ( $_COOKIE [ $ninechan [ 'cookieprefix' ] . 'pass' ])) // Check if pass cookie is set if not set it
setcookie ( $ninechan [ 'cookieprefix' ] . " pass " , generatePassword (), time () + $ninechan [ 'cookielifetime' ], " / " , $_SERVER [ 'SERVER_NAME' ]); // Generate random password
2014-08-19 00:38:41 +02:00
if ( isset ( $_GET [ 'v' ])) {
switch ( $_GET [ 'v' ]) {
// Main index
case 'index' :
print '<h2>' . L_THREADS . '</h2>' ; // Section title
print '<h3><a href="?v=post">' . L_NEWTHREAD . '</a></h3>' ; // New thread link
// Query to get OP posts
$getThreads = $sqldb -> query ( " SELECT * FROM ` " . $sql [ 'data' ] . " `.` " . $sql [ 'table' ] . " ` WHERE `del`='0' AND `op`='1' ORDER BY `date` DESC " . ( $ninechan [ 'sage' ] ? " LIMIT " . $ninechan [ 'sagelimit' ] : null ));
// List posts
if ( ! $getThreads -> num_rows ) { // Check if there's more than 1 post
print '<h3>' . L_EMPTY . '</h3>' ; // Return L_EMPTY otherwise
} else {
print '<ol>' ;
while ( $thread = $getThreads -> fetch_array ( MYSQLI_ASSOC )) {
print '<li><a href="?v=thread&t=' . $thread [ 'tid' ] . '">' . $thread [ 'title' ] . '</a>' ;
}
print '</ol>' ;
}
print '<h3><a href="?v=post">' . L_NEWTHREAD . '</a></h3>' ; // New thread link
break ;
// Thread view
case 'thread' :
if ( ! isset ( $_GET [ 't' ]) || ! is_numeric ( $_GET [ 't' ])) { // Just return L_NONEXISTENT if t is invalid
print L_NONEXISTENT ;
break ;
}
$getThread = $sqldb -> query ( " SELECT * FROM ` " . $sql [ 'data' ] . " `.` " . $sql [ 'table' ] . " ` WHERE `tid`=' " . $sqldb -> real_escape_string ( preg_replace ( '/\D/' , '' , $_GET [ 't' ])) . " ' AND `del`='0' ORDER BY `id` " );
if ( ! $getThread -> num_rows ) { // Check if requested thread exists
print L_NONEXISTENT ; // If not return L_NONEXISTENT
break ;
} else {
$threadData = array (); // Assign array to variable so we can store things in it later
while ( $post = $getThread -> fetch_array ( MYSQLI_ASSOC )) {
$postData = null ; // Make sure $postData isn't set
$postData = array (); // Then apply an array
if ( $post [ 'op' ]) { // Assign thread variables
$threadData [ 'id' ] = $post [ 'tid' ];
$threadData [ 'lock' ] = $post [ 'locked' ];
print '<h2>' . L_THREAD . ': ' . $post [ 'title' ] . '</h2>' ; // Print L_THREAD and the name of the thread
if ( $threadData [ 'lock' ]) // Check if thread is locked and if true display message
print '<h3>' . L_LOCKED . '</h3>' ;
else // otherwise print reply button
print '<h3><a href=?v=post&t=' . $post [ 'tid' ] . '>' . L_NEWREPLY . '</a></h3>' ;
// Mod tools
if ( $auth == $ninechan [ 'modpass' ]) {
print '<font size="2">[<a href=?v=mod&del=purge&id=' . $threadData [ 'id' ] . '>' . L_PURGE . '</a>]' ;
if ( $threadData [ 'lock' ]) {
print ' [<a href="?v=mod&lock=false&id=' . $threadData [ 'id' ] . '">' . L_UNLOCK . '</a>]</font>' ;
} else {
print ' [<a href="?v=mod&lock=true&id=' . $threadData [ 'id' ] . '">' . L_LOCK . '</a>]</font>' ;
}
}
}
// Assign post variables
$postData [ 'name' ] = null ;
$postData [ 'trip' ] = null ;
$postData [ 'del' ] = null ;
// Didn't feel like redoing this part, sorry [
if ( $ninechan [ 'forcedanon' ]){
$postData [ 'name' ] = $ninechan [ 'anonname' ];
$postData [ 'trip' ] = null ;
} elseif ( $ninechan [ 'modsareanon' ] == 1 && in_array ( $row [ 'trip' ], $ninechan [ 'modtrip' ])){ //-- Check if forced anon for mods is enabled
$postData [ 'name' ] = $ninechan [ 'anonname' ];
$postData [ 'trip' ] = null ;
} elseif ( $ninechan [ 'modsareanon' ] == 2 && in_array ( $row [ 'trip' ], $ninechan [ 'modtrip' ])){ //-- Check if forced trip anon for mods is enabled
$postData [ 'name' ] = $post [ 'name' ];
$postData [ 'trip' ] = null ;
} elseif ( $ninechan [ 'adminsareanon' ] == 1 && in_array ( $row [ 'trip' ], $ninechan [ 'admintrip' ])){ //-- Check if forced anon for admins is enabled
$postData [ 'name' ] = $ninechan [ 'anonname' ];
$postData [ 'trip' ] = null ;
} elseif ( $ninechan [ 'adminsareanon' ] == 2 && in_array ( $row [ 'trip' ], $ninechan [ 'admintrip' ])){ //-- Check if forced trip anon for admins is enabled
$postData [ 'name' ] = $post [ 'name' ];
$postData [ 'trip' ] = null ;
} else {
if ( empty ( $post [ 'name' ])){
$postData [ 'name' ] = $ninechan [ 'anonname' ];
} else {
$postData [ 'name' ] = $post [ 'name' ];
}
if ( ! empty ( $post [ 'trip' ])){
$postData [ 'trip' ] = ' <span class="trip">!' . $post [ 'trip' ] . '</span>' ;
} else {
$postData [ 'trip' ] = null ;
}
}
// ]
print '<fieldset id="' . $post [ 'id' ] . '">' ;
print '<legend><b>' . $post [ 'title' ] . '</b> <a href="#' . $post [ 'id' ] . '">' . L_BY . '</a> <b>' ;
2014-08-19 01:01:39 +02:00
if ( ! empty ( $post [ 'email' ]))
2014-08-19 00:38:41 +02:00
print '<a href="mailto:' . $post [ 'email' ] . '">' . $postData [ 'name' ] . $postData [ 'trip' ] . '</a>' ;
else
print $postData [ 'name' ] . $postData [ 'trip' ];
if ( in_array ( $post [ 'trip' ], $ninechan [ 'admintrip' ])) // Check if tripcode is Admin
print ' <span class="admincap">## Admin</span>' ;
elseif ( in_array ( $post [ 'trip' ], $ninechan [ 'modtrip' ])) // Check if tripcode is Mod
print ' <span class="modcap">## Mod</span>' ;
print '</b></legend>' ;
print parseBBcode ( $post [ 'content' ]); // Parse BBcodes on post content
print '<br /><br />' ;
print ( $post [ 'ban' ] ? '<b><font size="2" class="ban">' . L_POSTBANNED . '</font></b><br />' : null );
if ( $auth == $ninechan [ 'modpass' ]) {
print '<font size=2>[<a href="?v=mod&del=true&id=' . $post [ 'id' ] . '&t=' . $post [ 'tid' ] . '">' . L_DELETE . '</a>] [<a href="?v=mod&ban=' . ( $post [ 'ban' ] ? 'false' : 'true' ) . '&id=' . $post [ 'id' ] . '&t=' . $post [ 'tid' ] . '">' . ( $post [ 'ban' ] ? L_UNBAN : L_BAN ) . '</a>] [IP: ' . base64_decode ( $post [ 'ip' ]) . ']</font><br />' ; //-- Regular mod tools
}
print '<font size=2><i>' . date ( $ninechan [ 'dateFormat' ], $post [ 'date' ]) . ' <a href="#' . $post [ 'id' ] . '">No.</a> <a href="?v=post&t=' . $post [ 'tid' ] . '&text=>>' . $post [ 'id' ] . '">' . $post [ 'id' ] . '</a> [<a href="?v=del&id=' . $post [ 'id' ] . '" title="' . L_DELPOST . '">X</a>]</i></font>' ;
print '</fieldset>' ;
}
// Mod tools
if ( $auth == $ninechan [ 'modpass' ]) {
print '<font size="2">[<a href=?v=mod&del=purge&id=' . $threadData [ 'id' ] . '>' . L_PURGE . '</a>]' ;
if ( $threadData [ 'lock' ]) {
print ' [<a href="?v=mod&lock=false&id=' . $threadData [ 'id' ] . '">' . L_UNLOCK . '</a>]</font>' ;
} else {
print ' [<a href="?v=mod&lock=true&id=' . $threadData [ 'id' ] . '">' . L_LOCK . '</a>]</font>' ;
}
}
if ( $threadData [ 'lock' ]) // Check if thread is locked and if true display message
print '<h3>' . L_LOCKED . '</h3>' ;
else // otherwise print reply button
print '<h3><a href=?v=post&t=' . $threadData [ 'id' ] . '>' . L_NEWREPLY . '</a></h3>' ;
}
break ;
// Posting
case 'post' :
2014-08-20 19:30:17 +02:00
if ( $banCheck ) {
print '<h2>' . L_USERBANNED . '</h2>' ;
break ;
}
2014-08-19 00:38:41 +02:00
$postData = array (); // Assign array to variable so we can store things in it later
print '<form method="post" action="?v=submit">' ;
print '<table id="postForm" class="postForm">' ;
if ( isset ( $_GET [ 't' ])) {
if ( ! is_numeric ( $_GET [ 't' ])) {
header ( 'Location: ./' );
print '<meta http-equiv="refresh" content="0; url=./" />' ; // fallback
}
$getData = $sqldb -> query ( " SELECT * FROM ` " . $sql [ 'data' ] . " `.` " . $sql [ 'table' ] . " ` WHERE `tid`=' " . $sqldb -> real_escape_string ( preg_replace ( '/\D/' , '' , $_GET [ 't' ])) . " ' and op='1' ORDER BY `id` LIMIT 1 " );
while ( $data = $getData -> fetch_array ( MYSQLI_ASSOC )) {
$postData [ 'lock' ] = $data [ 'locked' ];
if ( $postData [ 'lock' ]) {
print '<h2>' . L_LOCKEDMSG . '</h2>' ;
print '<meta http-equiv="refresh" content="2; URL="./?v=thread&t=' . $data [ 'tid' ] . '" />' ;
} else {
print '<h2>' . L_RETO . ' ' . $data [ 'title' ] . ' [' . $data [ 'tid' ] . ']</h2>' ;
print '<input type="hidden" name="tid" value="' . $_GET [ 't' ] . '" />' ;
$postData [ 'title' ] = 'Re: ' . $data [ 'title' ];
}
}
} else {
print '<h2>' . L_NEWTHREAD . '</h2>' ;
$postData [ 'title' ] = null ;
$postData [ 'lock' ] = false ;
}
if ( isset ( $_GET [ 'text' ])) {
$postData [ 'text' ] = $_GET [ 'text' ] . " \r \n " ;
} else {
$postData [ 'text' ] = null ;
}
if ( ! $postData [ 'lock' ]) { //-- Only display post page if thread isn't locked
print ( '<tr><td>' . L_NAME . '</td><td><input name="name" type="text" value="' .@ $_COOKIE [ $ninechan [ 'cookieprefix' ] . 'name' ] . '" /></td></tr>' );
print ( '<tr><td>' . L_EMAIL . '</td><td><input name="email" type="text" value="' .@ $_COOKIE [ $ninechan [ 'cookieprefix' ] . 'email' ] . '" /></td></tr>' );
print ( '<tr><td>' . L_TITLE . '</td><td><input name="title" type="text" value="' . $postData [ 'title' ] . '" /></td></tr>' );
print ( '<tr><td>' . L_COMMENT . '</td><td><textarea name="content" rows="6" cols="48">' . $postData [ 'text' ] . '</textarea></td></tr>' );
if ( $ninechan [ 'recaptcha' ]){ //-- Display reCAPTCHA if enabled in config
print ( '<tr><td>' . L_VERIFICATION . '</td><td>' . recaptcha_get_html ( $ninechan [ 'recaptchapublic' ]) . '</td></tr>' );
}
print ( '<tr><td>' . L_PASSWORD . '</td><td><input name="password" type="password" placeholder="' . L_PASSWORDCONTEXT . '" value="' .@ $_COOKIE [ $ninechan [ 'cookieprefix' ] . 'pass' ] . '" /> <input value="' . L_SUBMIT . '" type="submit" /></td></tr>' );
print ( '</table></form>' );
}
break ;
// Submitting posts
case 'submit' :
2014-08-20 19:30:17 +02:00
if ( $banCheck ) {
print '<h2>' . L_USERBANNED . '</h2>' ;
break ;
}
2014-08-19 00:38:41 +02:00
$submitData = array (); // Assign array to variable so we can store things in it later
// Check ReCAPTCHA
if ( $ninechan [ 'recaptcha' ]) {
$recaptcha = recaptcha_check_answer ( $ninechan [ 'recaptchaprivate' ], $_SERVER [ 'REMOTE_ADDR' ], $_POST [ 'recaptcha_challenge_field' ], $_POST [ 'recaptcha_response_field' ]); // ReCAPTCHA data
if ( ! $recaptcha -> is_valid ) { // If ReCAPTCHA is invalid die and display error message
print '<h2>' . L_INVALIDCAPTCHA . '</h2><meta http-equiv="refresh" content="2; URL=' . $_SERVER [ 'PHP_SELF' ] . '" />' ;
break ;
}
}
// Assign variables
$submitData [ 'title' ] = removeSpecialChars ( $_POST [ 'title' ]);
$submitData [ 'content' ] = removeSpecialChars ( $_POST [ 'content' ]);
$submitData [ 'name' ] = removeSpecialChars ( $_POST [ 'name' ]);
2014-08-20 19:30:17 +02:00
$submitData [ 'nameNT' ] = ( strlen ( strstr ( $submitData [ 'name' ], " # " , true )) ? strstr ( $submitData [ 'name' ], " # " , true ) : $submitData [ 'name' ]);
2014-08-19 00:38:41 +02:00
$submitData [ 'trip' ] = parseTrip ( $_POST [ 'name' ]);
$submitData [ 'email' ] = ( $_POST [ 'email' ] == 'noko' ? null : removeSpecialChars ( $_POST [ 'email' ]));
$submitData [ 'date' ] = time ();
$submitData [ 'password' ] = md5 ( strlen ( $_POST [ 'password' ]) ? $_POST [ 'password' ] : generatePassword ());
$submitData [ 'ip' ] = base64_encode ( $_SERVER [ 'REMOTE_ADDR' ]);
$submitData [ 'op' ] = ( isset ( $_POST [ 'tid' ]) ? 0 : 1 );
$submitData [ 'id' ] = ( $submitData [ 'op' ] ? ( $sqldb -> query ( " SELECT MAX(tid) AS tid FROM " . $sql [ 'table' ] . " LIMIT 1 " ) -> fetch_array ( MYSQLI_ASSOC )[ 'tid' ] + 1 ) : removeSpecialChars ( $_POST [ 'tid' ]));
$submitData [ 'noredir' ] = ( $submitData [ 'email' ] == 'noko' ? true : false );
// Assign cookies
2014-08-20 19:30:17 +02:00
setcookie ( $ninechan [ 'cookieprefix' ] . " name " , $submitData [ 'name' ], time () + $ninechan [ 'cookielifetime' ], $ninechan [ 'cookiepath' ], $_SERVER [ 'SERVER_NAME' ]);
setcookie ( $ninechan [ 'cookieprefix' ] . " email " , $submitData [ 'email' ], time () + $ninechan [ 'cookielifetime' ], $ninechan [ 'cookiepath' ], $_SERVER [ 'SERVER_NAME' ]);
setcookie ( $ninechan [ 'cookieprefix' ] . " pass " , $submitData [ 'password' ], time () + $ninechan [ 'cookielifetime' ], $ninechan [ 'cookiepath' ], $_SERVER [ 'SERVER_NAME' ]);
2014-08-19 00:38:41 +02:00
// Check if title is valid
if ( strlen ( $submitData [ 'title' ]) <= $ninechan [ 'titleminlength' ]) { // Check if too short
print '<h2>' . L_TITLETOOSHORT . '</h2>' ;
print '<meta http-equiv="refresh" content="2; URL=' . $_SERVER [ 'PHP_SELF' ] . '" />' ;
break ;
}
if ( strlen ( $submitData [ 'title' ]) >= $ninechan [ 'titlemaxlength' ]) { // Check if too long
print '<h2>' . L_TITLETOOLONG . '</h2>' ;
print '<meta http-equiv="refresh" content="2; URL=' . $_SERVER [ 'PHP_SELF' ] . '" />' ;
break ;
}
// Check if comment is valid
if ( strlen ( $submitData [ 'content' ]) <= $ninechan [ 'commentminlength' ]) { // Check if too short
print '<h2>' . L_COMMENTTOOSHORT . '</h2>' ;
print '<meta http-equiv="refresh" content="2; URL=' . $_SERVER [ 'PHP_SELF' ] . '" />' ;
break ;
}
if ( strlen ( $submitData [ 'content' ]) >= $ninechan [ 'commentmaxlength' ]) { // Check if too long
print '<h2>' . L_COMMENTTOOLONG . '</h2>' ;
print '<meta http-equiv="refresh" content="2; URL=' . $_SERVER [ 'PHP_SELF' ] . '" />' ;
break ;
}
$sqldb -> query ( " INSERT INTO ` " . $sql [ 'data' ] . " `.` " . $sql [ 'table' ] . " ` (`title`,`name`,`trip`,`email`,`date`,`content`,`password`,`ip`,`op`,`tid`) VALUES (' " . $submitData [ 'title' ] . " ',' " . $submitData [ 'nameNT' ] . " ',' " . $submitData [ 'trip' ] . " ',' " . $submitData [ 'email' ] . " ',' " . $submitData [ 'date' ] . " ',' " . $submitData [ 'content' ] . " ',' " . $submitData [ 'password' ] . " ',' " . $submitData [ 'ip' ] . " ',' " . $submitData [ 'op' ] . " ',' " . $submitData [ 'id' ] . " ') " );
print '<h1>' . L_POSTED . '</h1>' ;
print '<meta http-equiv="refresh" content="1; URL=' . ( $submitData [ 'noredir' ] ? '?v=index' : '?v=thread&t=' . $submitData [ 'id' ]) . '" />' ;
break ;
case 'del' :
2014-08-20 19:30:17 +02:00
if ( $banCheck ) {
print '<h2>' . L_USERBANNED . '</h2>' ;
break ;
}
2014-08-19 00:38:41 +02:00
$deletionData = array (); // Assign array to variable so we can store things in it later
if ( isset ( $_POST [ 'id' ])) {
$getData = $sqldb -> query ( " SELECT * FROM ` " . $sql [ 'data' ] . " `.` " . $sql [ 'table' ] . " ` WHERE `id`=' " . $sqldb -> real_escape_string ( preg_replace ( '/\D/' , '' , $_POST [ 'id' ])) . " ' ORDER BY `id` LIMIT 1 " );
if ( ! $getData -> num_rows ) {
header ( 'Location: ./' );
print '<meta http-equiv="refresh" content="0; url=./" />' ; // fallback
}
while ( $del = $threads -> fetch_array ( MYSQLI_ASSOC )) {
if ( $del [ 'locked' ]) {
print ( '<h2>' . L_LOCKEDMSG_2 . '</h2><meta http-equiv="refresh" content="2; URL="?v=index" />' );
} else {
if ( $del [ 'password' ] == md5 ( $_POST [ 'password' ])){
delPost ( $del [ 'id' ], true );
print ( '<h2>' . L_DEL_SUCCEED . '</h2><meta http-equiv="refresh" content="2; URL="?v=index" />' );
} else {
print ( '<h2>' . L_DEL_FAILED . '</h2><meta http-equiv="refresh" content="2; URL="?v=del&id=' . $del [ 'id' ] . '" />' );
}
}
}
} elseif ( isset ( $_GET [ 'id' ])) {
if ( ! is_numeric ( $_GET [ 'id' ])) {
header ( 'Location: ./' );
print '<meta http-equiv="refresh" content="0; url=./" />' ; // fallback
}
$getData = $sqldb -> query ( " SELECT * FROM ` " . $sql [ 'data' ] . " `.` " . $sql [ 'table' ] . " ` WHERE `id`=' " . $sqldb -> real_escape_string ( preg_replace ( '/\D/' , '' , $_POST [ 'id' ])) . " ' ORDER BY `id` LIMIT 1 " );
if ( ! $getData -> num_rows ) {
header ( 'Location: ./' );
print '<meta http-equiv="refresh" content="0; url=./" />' ; // fallback
}
print '<form method="post" action="?v=del">' ;
while ( $row = $threads -> fetch_array ( MYSQLI_ASSOC )) { //-- Check if thread isn't locked
if ( isset ( $_GET [ 'id' ])) {
$deletionData [ 'lock' ] = $row [ 'locked' ];
}
if ( $deletionData [ 'lock' ]) {
print '<h2>' . L_LOCKEDMSG_2 . '</h2><meta http-equiv="refresh" content="2; URL="?v=index" />' ;
break ;
} else {
print ( '<h2>' . L_DELPOST . ' ' . $row [ 'id' ] . '</h2><input type="hidden" name="id" value="' . $_GET [ 'id' ] . '" />' );
}
}
print '<table id="postForm" class="postForm">' ;
print '<tr><td>' . L_PASSWORD . '</td><td><input name="password" type="password" placeholder="' . L_PASSWORDCONTEXT . '" value="' .@ $_COOKIE [ $ninechan [ 'cookieprefix' ] . 'pass' ] . '" /> <input value="' . L_SUBMIT . '" type="submit" /></td></tr>' ;
print '</table>' ;
print '</form>' ;
}
break ;
// Moderator Authentication
case 'mod' :
if ( $auth == $ninechan [ 'modpass' ]) { // Check if authenticated
if ( isset ( $_POST [ 'modkill' ])) { // POST request modkill is set...
session_destroy (); // ...kill moderator session...
header ( 'Location: ?v=mod' ); // ...and redirect to ?v=mod
print '<meta http-equiv="refresh" content="0; url=?v=mod" />' ; // fallback
}
2014-08-20 19:30:17 +02:00
2014-08-19 00:38:41 +02:00
print '<h2>' . L_MODLOGOUT . '</h2>' ; // Page title
print '<form method="post" action="' . $_SERVER [ 'PHP_SELF' ] . '?v=mod">' ; // Print logout form
print L_MODTOOLS . '<br />' ;
print '<input type="submit" value="' . L_LOGOUT . '" name="modkill" />' ;
print '</form>' ;
2014-08-20 19:30:17 +02:00
if ( isset ( $_GET [ 'ban' ]) && isset ( $_GET [ 'id' ]) && isset ( $_GET [ 't' ])) { // Ban handler
if ( $_GET [ 'ban' ] == " true " )
banPost ( $_GET [ 'id' ], true );
else
banPost ( $_GET [ 'id' ], false );
2014-08-19 00:38:41 +02:00
header ( 'Location: ?v=thread&t=' . $_GET [ 't' ]);
print '<meta http-equiv="refresh" content="0; url=?v=thread&t=' . $_GET [ 't' ] . '" />' ; // fallback
}
2014-08-20 19:30:17 +02:00
if ( isset ( $_GET [ 'del' ]) && isset ( $_GET [ 'id' ])) { // Deletion handler
if ( $_GET [ 'del' ] == " purge " ) {
pruneThread ( $_GET [ 'id' ], true );
2014-08-19 00:38:41 +02:00
header ( 'Location: ?v=index' );
print '<meta http-equiv="refresh" content="0; url=?v=index" />' ; // fallback
} else {
2014-08-20 19:30:17 +02:00
if ( $_GET [ 'del' ] == " true " )
delPost ( $_GET [ 'id' ], true );
else
delPost ( $_GET [ 'id' ], false );
2014-08-19 00:38:41 +02:00
header ( 'Location: ?v=thread&t=' . $_GET [ 't' ]);
print '<meta http-equiv="refresh" content="0; url=?v=thread&t=' . $_GET [ 't' ] . '" />' ; // fallback
}
}
2014-08-20 19:30:17 +02:00
if ( isset ( $_GET [ 'lock' ]) && isset ( $_GET [ 'id' ])) { // Lock handler
if ( $_GET [ 'lock' ] == " true " )
lockThread ( $_GET [ 'id' ], true );
else
lockThread ( $_GET [ 'id' ], false );
2014-08-19 00:38:41 +02:00
header ( 'Location: ?v=thread&t=' . $_GET [ 'id' ]);
print '<meta http-equiv="refresh" content="0; url=?v=thread&t=' . $_GET [ 'id' ] . '" />' ; // fallback
}
} else { // Else display login screen
2014-08-20 19:30:17 +02:00
if ( isset ( $_POST [ 'modpass' ])) {
if ( $_POST [ 'modpass' ] == $ninechan [ 'modpass' ])
$_SESSION [ 'mod' ] = $ninechan [ 'modpass' ];
2014-08-19 00:38:41 +02:00
header ( 'Location: ?v=mod' );
2014-08-20 19:30:17 +02:00
print '<meta http-equiv="refresh" content="0; url=?v=mod" />' ; // fallback
2014-08-19 00:38:41 +02:00
}
2014-08-20 19:30:17 +02:00
2014-08-19 00:38:41 +02:00
print '<h2>' . L_MODLOGIN . '</h2>' ;
print '<form method="post" action="' . $_SERVER [ 'PHP_SELF' ] . '?v=mod">' ;
print '<input type="password" name="modpass" /><input type="submit" value="' . L_LOGIN . '" />' ;
print '</form>' ;
}
break ;
// Default action
default :
header ( 'Location: ?v=index' ); // If invalid option is set redirect to index
print '<meta http-equiv="refresh" content="0; url=?v=index" />' ; // Fallback because I've had experiences where header() didn't work properly
break ;
2014-02-10 19:16:56 +01:00
}
2014-08-19 00:38:41 +02:00
} else {
header ( 'Location: ?v=index' ); // If invalid option is set redirect to index
print '<meta http-equiv="refresh" content="0; url=?v=index" />' ; // Fallback because I've had experiences where header() didn't work properly
2014-02-10 19:16:56 +01:00
}
2014-08-19 00:38:41 +02:00
if ( $ninechan [ 'styles' ]) { // Check if styles are enabled
print '<h6>' ;
2014-08-20 19:30:17 +02:00
foreach ( $ninechan [ 'styles' ] as $styleUrl => $styleName ) { // Get styles from array
2014-08-19 00:38:41 +02:00
print '[<a href="javascript:;" onclick="setStyle(\'' . $styleName . '\');">' . $styleName . '</a>] ' ; // List every style
2014-05-06 05:14:18 +02:00
}
2014-08-19 00:38:41 +02:00
print '</h6>' ;
2014-05-06 05:14:18 +02:00
}
2014-08-19 00:38:41 +02:00
?>
<!-- Please retain the full copyright notice below including the link to flashii . net . This not only gives respect to the amount of time given freely by the developer but also helps build interest , traffic and use of ninechan . -->
2014-12-06 01:08:26 +01:00
< h6 >< a href = " http://ninechan.flash.moe/ " target = " _blank " > ninechan </ a > < ? = ( $ninechan [ 'showversion' ] ? '1.10.2e ' : null ); ?> © <a href="http://flash.moe/" target="_blank">Flashwave</a></h6>
2014-08-19 00:38:41 +02:00
</ body >
2014-01-25 22:12:05 +01:00
</ html >