Example #1
0
            }
        }
    }
    $sm = sminit("popup.tpl");
    $sm->assign("text", $message);
    $sm->assign("timeout", 5);
    // 5s
    $sm->assign("title", "Moderation action");
    $sm->display("popup.tpl");
    die;
} elseif ($_GET['quicker'] == 1) {
    // First check if we even have the params we need
    if (!isset($_GET['board']) || !isset($_GET['post'])) {
        $message = "No post and/or board parameter, nothing to do!";
    } else {
        $db = new ThornModDBI();
        if ($db->checkban()) {
            THdie("ADbanned");
        }
        // Get the board name.
        $board_folder = trim($_GET['board']);
        // Check for local mod access or global mod/admin access.
        if (is_in_csl($board_folder, $_SESSION['mod_array']) != 1 && $_SESSION['admin'] != 1 && $_SESSION['mod_global'] != 1) {
            $message = "You are not permitted to moderate posts on this board";
        } else {
            // Set some stuff up.
            $board_id = $db->getboardnumber($board_folder);
            // Make sure we retrieved a valid board folder
            if ($board_folder == null) {
                $message = "That board does not exist!";
            } else {
Example #2
0
/*
	drydock imageboard script (http://code.573chan.org/)
	File:			lookups.php
	Description:	Some lookup utilities for moderator use
	
	Unless otherwise stated, this code is copyright 2008 
	by the drydock developers and is released under the
	Artistic License 2.0:
	http://www.opensource.org/licenses/artistic-license-2.0.php
*/
require_once "config.php";
require_once "common.php";
if (!$_SESSION['admin'] && !$_SESSION['moderator']) {
    THdie("Sorry, you do not have the proper permissions set to be here, or you are not logged in.");
} else {
    $db = new ThornModDBI();
    // Image lookup!
    if (isset($_GET['action']) && $_GET['action'] == "imglookup") {
        $url = trim($_GET['url']);
        // Generate a regex pattern that'll capture the image index
        // from the directory name
        $pattern = "/^" . preg_quote(THurl, '/') . "images\\/(\\d+)\\/.*\$/i";
        $matches = array();
        // use this as a preg_match param
        echo $pattern;
        // Die if we can't parse this properly
        if (preg_match($pattern, $url, $matches) == 0) {
            THdie("Invalid image URL '" . $url . "' specified.");
        }
        // $matches[1] should have the captured imgidx
        $post_location = $db->getpostfromimgidx($matches[1]);
Example #3
0
        if ($_POST['remimage' . strval($img['hash'])] != 0 && isset($_POST['remimage' . strval($img['hash'])])) {
            // Make the DB call to delete the image
            $db->deleteimage($postarray['imgidx'], strval($img['hash']), $img['extra_info']);
            // And delete the physical file
            $path = THpath . "images/" . $postarray['imgidx'] . "/";
            unlink($path . $img['name']);
            unlink($path . $img['tname']);
            // Log this action
            $actionstring = "Delete img\timgidx:" . $postarray['imgidx'] . "\tn:" . $img['name'];
            writelog($actionstring, "moderator");
        }
    }
}
if (isset($_POST['modban']) || isset($_POST['moddo'])) {
    if ($_POST['modban'] != "nil" || $_POST['moddo'] != "nil") {
        $moddb = new ThornModDBI();
        //Get post
        $targetid = $postarray['id'];
        // Find out if this is a thread
        if ($postarray['thread'] != 0) {
            $targetisthread = false;
        } else {
            $targetisthread = true;
        }
        if ($_POST['modban'] == "banip") {
            $moddb->banipfrompost($targetid, $targetisthread, 0, $_POST['privatebanreason'], $_POST['publicbanreason'], $_POST['adminbanreason'], $_POST['banduration'], $_SESSION['username'] . " via mod panel");
        } elseif ($_POST['modban'] == "bansub") {
            $moddb->banipfrompost($targetid, $targetisthread, 1, $_POST['privatebanreason'], $_POST['publicbanreason'], $_POST['adminbanreason'], $_POST['banduration'], $_SESSION['username'] . " via mod panel");
        } elseif ($_POST['modban'] == "banthread" && $adminpowers > 0) {
            $moddb->banipfromthread($targetid, $_POST['privatebanreason'], $_POST['publicbanreason'], $_POST['adminbanreason'], $_POST['banduration'], $_SESSION['username'] . " via mod panel (threadban)");
        }
Example #4
0
/**
 * Rebuild the cached wordfilters file (in unlinked/filters.php)
 */
function rebuild_filters()
{
    $to = array();
    $from = array();
    // Load stuff from the DB
    $db = new ThornModDBI();
    $db_filters = $db->fetchBCW(THbcw_filter);
    foreach ($db_filters as $row_item) {
        $to[] = $row_item['filterto'];
        $from[] = $row_item['filterfrom'];
    }
    // And write it to the wordfilter cache file.
    $fp_cache = fopen(THpath . "unlinked/filters.php", "w");
    if ($fp_cache) {
        fprintf($fp_cache, "<?php\n" . '$to' . " =\n");
        $string = var_export($to, true);
        fprintf($fp_cache, "%s;\n\n" . '$from' . " =\n", $string);
        $string = var_export($from, true);
        fprintf($fp_cache, "%s;\n?>", $string);
    } else {
        die("Could not open unlinked/filters.php for writing!");
    }
    fclose($fp_cache);
}
Example #5
0
 if (count($spamblacklist) > 0) {
     //The logic on this was entirely wrong.  If you want to filter out certain things, set up wordfilters.  This now (as of 12/16/12), stops the post.
     if (check_blacklist($_POST['body'], $spamblacklist)) {
         THdie("One of the phrases included in your post is not allowed.");
     }
     if (check_blacklist($_POST['link'], $spamblacklist)) {
         THdie("One of the phrases included in your post is not allowed.");
     }
     if (check_blacklist($_POST['nombre'], $spamblacklist)) {
         THdie("One of the phrases included in your post is not allowed.");
     }
 }
 // The "email" field will have a big "IF YOU ARE HUMAN DO NOT FILL THIS IN" next to it.  Bots might get tricked.
 if (THvc == 2 && isset($_POST['email']) && $_POST['email'] != "") {
     // get out spambot >:[
     $redhammer = new ThornModDBI();
     $redhammer->banip($longip, 0, "Suspected bot.", "", "Suspected bot.", $_POST['body'], 4, "autoban");
     THdie("Abnormal reply");
     // :getprophet:
 }
 // Prevent people from posting new threads if it's the mod or news board
 if ($binfo['id'] == THmodboard || $binfo['id'] == Thnewsboard) {
     THdie("POnonewth");
 }
 // Prevent people from posting to boards that require registration
 // when they're not logged in
 if ($binfo['requireregistration'] == true) {
     if ($_SESSION['username'] == false) {
         THdie("POnonewth");
     }
     // Set the posting username to be the user stored in our session info
Example #6
0
 * "lx" - Lookup ban (redirect to $_GET['a'] with $_GET['banselect'] set)
 * "b" - Edit boards
 * "g" - Rebuild config (gen. options edit)
 * "bl" - Add blotter post
 * "ble" - Edit blotter
 * "spa" - Add static page
 * "spx" - Delete static page
 * "spe" - Edit static page (receiver)
 */
require_once "config.php";
require_once "common.php";
require_once "rebuilds.php";
checkadmin();
//make sure the person trying to access this file is allowed to
//var_dump($_POST);
$db = new ThornModDBI();
if (isset($_GET['rebuild'])) {
    //all of these could have just changed
    rebuild_hovermenu();
    rebuild_linkbars();
    rebuild_rss();
    rebuild_htaccess();
    header("Location: " . THurl . "admin.php?a=g");
    die;
}
if (isset($_GET['profilepic'])) {
    if (isset($_GET['filename'])) {
        if (!file_exists('./unlinked/' . $_GET['filename'])) {
            die;
        }
        $pinfo = pathinfo('./unlinked/' . $_GET['filename']);
Example #7
0
/*
	drydock imageboard script (http://code.573chan.org/)
	File:			reports.php
	Description:	Show the most recent reports for moderator use
	
	Unless otherwise stated, this code is copyright 2008 
	by the drydock developers and is released under the
	Artistic License 2.0:
	http://www.opensource.org/licenses/artistic-license-2.0.php
*/
require_once "config.php";
require_once "common.php";
if (!$_SESSION['admin'] && !$_SESSION['moderator']) {
    THdie("Sorry, you do not have the proper permissions set to be here, or you are not logged in.");
} else {
    $db = new ThornModDBI();
    // Init some stuff
    if (isset($_GET['board'])) {
        $board_folder = trim($_GET['board']);
        //trim the board name from get
    } else {
        $board_folder = "";
    }
    $boardid = 0;
    $reports = array();
    $processed_reports = array();
    if ($board_folder && $db->getboardnumber($board_folder)) {
        $boardid = $db->getboardnumber($board_folder);
        // Filter by this boardid
        $reports = $db->gettopreports($boardid);
    } else {