function nel_make_thread_sticky($dataforce, $sub, $dbh)
{
    $id = $sub[1];
    $result = $dbh->query('SELECT response_to,has_file,post_time FROM ' . POSTTABLE . ' WHERE post_number=' . $id . '');
    $post_data = $result->fetch(PDO::FETCH_ASSOC);
    unset($result);
    $dbh->query('UPDATE ' . POSTTABLE . ' SET response_to=0, sticky=1, last_update=' . $post_data['post_time'] . ' WHERE post_number=' . $id . '');
    nel_create_thread_directories($id);
    if ($post_data['has_file']) {
        $dbh->query('UPDATE ' . FILETABLE . ' SET parent_thread=0 WHERE post_ref=' . $id . '');
        $result = $dbh->query('SELECT filename,extension,preview_name FROM ' . FILETABLE . ' WHERE post_ref=' . $id);
        $file_data = $result->fetchAll(PDO::FETCH_ASSOC);
        unset($result);
        $file_count = count($file_data);
        $line = 0;
        while ($line < $file_count) {
            nel_move_file(SRC_PATH . $post_data['response_to'] . '/' . $file_data[$line]['filename'] . $file_data[$line]['extension'], SRC_PATH . $id . '/' . $file_data[$line]['filename'] . $file_data[$line]['extension']);
            nel_move_file(THUMB_PATH . $post_data['response_to'] . '/' . $file_data[$line]['preview_name'], THUMB_PATH . $id . '/' . $file_data[$line]['preview_name']);
            ++$line;
        }
    }
    $result = $dbh->query('SELECT post_count FROM ' . POSTTABLE . ' WHERE post_number=' . $post_data['response_to'] . '');
    $pcount = $result->fetch(PDO::FETCH_ASSOC);
    unset($result);
    $result = $dbh->query('SELECT post_number,post_time FROM ' . POSTTABLE . ' WHERE response_to=' . $post_data['response_to'] . ' ORDER BY post_number desc');
    $ptimes = $result->fetchAll(PDO::FETCH_ASSOC);
    unset($result);
    $dbh->query('UPDATE ' . POSTTABLE . ' SET post_count=' . ($pcount['post_count'] - 1) . ', last_update=' . $ptimes[0]['post_time'] . ', last_response=' . $ptimes[0]['post_number'] . ' WHERE post_number=' . $post_data['response_to'] . '');
    preg_replace('#p' . $id . 't' . $post_data['response_to'] . '#', 'p' . $id . 't0', $dataforce['post_links']);
    nel_update_archive_status($dataforce, $dbh);
    if (!empty($_SESSION)) {
        $temp = $_SESSION['ignore_login'];
        $_SESSION['ignore_login'] = TRUE;
    }
    if (!file_exists(PAGE_PATH . $id . '/' . $id . '.html')) {
        $dataforce['response_id'] = $id;
        nel_regen($dataforce, $dataforce['response_id'], 'thread', FALSE, $dbh);
    }
    nel_cache_links();
    $dataforce['archive_update'] = TRUE;
    nel_regen($dataforce, NULL, 'main', FALSE, $dbh);
    if (!empty($_SESSION)) {
        $_SESSION['ignore_login'] = $temp;
    }
}
Exemple #2
0
function nel_process_new_post($dataforce, $plugins, $dbh)
{
    global $enabled_types, $fgsfds, $plugins;
    $new_thread_dir = '';
    // Get time
    $time = get_millisecond_time();
    $reply_delay = $time - BS_REPLY_DELAY * 1000;
    // Check if post is ok
    $post_count = nel_is_post_ok($dataforce, $time, $dbh);
    // Process FGSFDS
    if (!is_null($dataforce['fgsfds'])) {
        if (utf8_strripos($dataforce['fgsfds'], 'noko') !== FALSE) {
            $fgsfds['noko'] = TRUE;
        }
        if (utf8_strripos($dataforce['fgsfds'], 'sage') !== FALSE) {
            $fgsfds['sage'] = TRUE;
        }
        $fgsfds = $plugins->plugin_hook('fgsfds_field', FALSE, array($fgsfds));
    }
    // Start collecting file info
    $files = nel_process_file_info();
    $there_is_no_spoon = TRUE;
    $poster_info = array('name' => $dataforce['name'], 'email' => $dataforce['email'], 'subject' => $dataforce['subject'], 'comment' => $dataforce['comment'], 'tripcode' => '', 'secure_tripcode' => '');
    if (!empty($files)) {
        $files_count = count($files);
        $there_is_no_spoon = FALSE;
    } else {
        $files = array();
        $files_count = 0;
        if (!$poster_info['comment']) {
            nel_derp(10, array('origin' => 'POST'));
        }
        if (BS1_REQUIRE_IMAGE_ALWAYS) {
            nel_derp(8, array('origin' => 'POST'));
        }
        if (BS1_REQUIRE_IMAGE_START && $dataforce['response_to'] === 0) {
            nel_derp(9, array('origin' => 'POST'));
        }
    }
    // Cancer-fighting tools and lulz
    if (utf8_strlen($poster_info['comment']) > BS_MAX_COMMENT_LENGTH || utf8_strlen($poster_info['name']) > BS_MAX_NAME_LENGTH || utf8_strlen($poster_info['email']) > BS_MAX_EMAIL_LENGTH || utf8_strlen($poster_info['subject']) > BS_MAX_SUBJECT_LENGTH || utf8_strlen($dataforce['file_source']) > BS_MAX_SOURCE_LENGTH || utf8_strlen($dataforce['file_license']) > BS_MAX_LICENSE_LENGTH) {
        nel_derp(11, array('origin' => 'POST'));
    }
    if (isset($dataforce['pass'])) {
        $cpass = $dataforce['pass'];
        $hashed_pass = nel_hash($dataforce['pass'], $plugins);
        $dataforce['pass'] = utf8_substr($hashed_pass, 0, 16);
    } else {
        $cpass = utf8_substr(rand(), 0, 8);
    }
    nel_banned_text($poster_info['comment'], $files);
    // Name and tripcodes
    $modpostc = 0;
    $cookie_name = $poster_info['name'];
    if ($poster_info['name'] !== '' && !BS1_FORCE_ANONYMOUS) {
        nel_banned_name($poster_info['name'], $files);
        $faggotry = utf8_strpos($poster_info['name'], nel_stext('THREAD_MODPOST'));
        if ($faggotry) {
            $poster_info['name'] = nel_stext('FAKE_STAFF_ATTEMPT');
        }
        $faggotry = utf8_strpos($poster_info['name'], nel_stext('THREAD_ADMINPOST'));
        if ($faggotry) {
            $poster_info['name'] = nel_stext('FAKE_STAFF_ATTEMPT');
        }
        $faggotry = utf8_strpos($poster_info['name'], nel_stext('THREAD_JANPOST'));
        if ($faggotry) {
            $poster_info['name'] = nel_stext('FAKE_STAFF_ATTEMPT');
        }
        preg_match('/^([^#]*)(#(?!#))?([^#]*)(##)?(.*)$/', $poster_info['name'], $name_pieces);
        $poster_info['name'] = $name_pieces[1];
        if ($name_pieces[5] !== '') {
            if ($name_pieces[5] === $_SESSION['settings']['staff_trip']) {
                if ($_SESSION['perms']['perm_post']) {
                    if ($_SESSION['settings']['staff_type'] === 'admin') {
                        $modpostc = 3;
                    } else {
                        if ($_SESSION['settings']['staff_type'] === 'moderator') {
                            $modpostc = 2;
                        } else {
                            if ($_SESSION['settings']['staff_type'] === 'janitor') {
                                $modpostc = 1;
                            }
                        }
                    }
                }
                if ($_SESSION['perms']['perm_sticky'] && utf8_strripos($dataforce['fgsfds'], 'sticky') !== FALSE) {
                    $fgsfds['sticky'] = TRUE;
                }
                if ($modpostc > 0) {
                    break;
                }
            }
        }
        if ($name_pieces[3] !== '' && BS1_ALLOW_TRIPKEYS) {
            $cap = utf8_strtr($name_pieces[3], '&amp;', '&');
            $cap = utf8_strtr($cap, '&#44;', ',');
            $salt = utf8_substr($cap . 'H.', 1, 2);
            $salt = preg_replace('#[^\\.-z]#', '.#', $salt);
            $salt = utf8_strtr($salt, ':;<=>?@[\\]^_`', 'ABCDEFGabcdef');
            $poster_info['tripcode'] = utf8_substr(crypt($cap, $salt), -10);
        }
        $poster_info = $plugins->plugin_hook('tripcode-processing', TRUE, array($poster_info, $name_pieces));
        if ($name_pieces[5] !== '' || $modpostc > 0) {
            $trip = nel_hash($name_pieces[5], $plugins);
            $poster_info['secure_tripcode'] = utf8_substr(crypt($trip, '42'), -12);
        }
        $poster_info = $plugins->plugin_hook('secure-tripcode-processing', TRUE, array($poster_info, $name_pieces, $modpostc));
        if ($name_pieces[1] === '' || !empty($_SESSION) && $_SESSION['perms']['perm_post_anon']) {
            $poster_info['name'] = nel_stext('THREAD_NONAME');
            $poster_info['email'] = '';
        }
    } else {
        $poster_info['name'] = nel_stext('THREAD_NONAME');
        $poster_info['email'] = '';
    }
    // Cookies OM NOM NOM NOM
    setcookie('pwd-' . CONF_BOARD_DIR, $cpass, time() + 30 * 24 * 3600, '/');
    // 1 month cookie expiration
    setcookie('name-' . CONF_BOARD_DIR, $cookie_name, time() + 30 * 24 * 3600, '/');
    // 1 month cookie expiration
    $poster_info = $plugins->plugin_hook('after-post-info-processing', TRUE, array($poster_info));
    $i = 0;
    while ($i < $files_count) {
        if (file_exists($files[$i]['dest'])) {
            $files[$i]['md5'] = md5_file($files[$i]['dest']);
            nel_banned_md5($files[$i]['md5'], $files[$i]);
            $prepared = $dbh->prepare('SELECT post_ref FROM ' . FILETABLE . ' WHERE md5=:md5 LIMIT 1');
            $prepared->bindParam(':md5', $files[$i]['md5'], PDO::PARAM_STR);
            if ($prepared->execute()) {
                $post_ref = $prepared->fetchColumn();
                unset($prepared);
                if ($dataforce['response_to'] === 0) {
                    $prepared = $dbh->prepare('SELECT COUNT(*) FROM ' . POSTTABLE . ' WHERE post_number=:postref AND response_to=0');
                    $prepared->bindParam(':postref', $post_ref, PDO::PARAM_INT);
                } else {
                    $prepared = $dbh->prepare('SELECT COUNT(*) FROM ' . POSTTABLE . ' WHERE post_number=:postref AND response_to=:respto');
                    $prepared->bindParam(':postref', $post_ref, PDO::PARAM_INT);
                    $prepared->bindParam(':respto', $dataforce['response_to'], PDO::PARAM_INT);
                }
                if ($prepared->execute()) {
                    $same_thread = $prepared->fetchColumn();
                    if ($same_thread > 0) {
                        nel_derp(12, array('origin' => 'POST', 'bad-filename' => $files[i]['basic_filename'] . $files[i]['ext'], 'files' => $files));
                    }
                }
                unset($prepared);
            }
        }
        ++$i;
    }
    //
    // Go ahead and put post into database
    //
    $prepared = $dbh->prepare('INSERT INTO ' . POSTTABLE . ' 
	(name, tripcode, secure_tripcode, email, subject, comment, host, password, post_time, last_update, response_to, last_response, post_count, sticky, mod_post, mod_comment, archive_status, locked) VALUES 
	(:name, :tripcode, :secure_tripcode, :email, :subject, :comment, :host, :password, :time, :last_update, :respto, 0, 1, :sticky, :modpost, :mcomment, 0, 0)');
    $prepared->bindValue(':name', $poster_info['name'], PDO::PARAM_STR);
    if ($poster_info['tripcode'] === '') {
        $prepared->bindValue(':tripcode', NULL, PDO::PARAM_NULL);
    } else {
        $prepared->bindValue(':tripcode', $poster_info['tripcode'], PDO::PARAM_STR);
    }
    if ($poster_info['secure_tripcode'] === '') {
        $prepared->bindValue(':secure_tripcode', NULL, PDO::PARAM_NULL);
    } else {
        $prepared->bindValue(':secure_tripcode', $poster_info['secure_tripcode'], PDO::PARAM_STR);
    }
    $prepared->bindValue(':email', $poster_info['email'], PDO::PARAM_STR);
    $prepared->bindValue(':subject', $poster_info['subject'], PDO::PARAM_STR);
    $prepared->bindValue(':comment', $poster_info['comment'], PDO::PARAM_STR);
    $prepared->bindValue(':host', @inet_pton($_SERVER["REMOTE_ADDR"]), PDO::PARAM_STR);
    $prepared->bindValue(':password', $dataforce['pass'], PDO::PARAM_STR);
    $prepared->bindValue(':time', $time, PDO::PARAM_STR);
    $prepared->bindValue(':last_update', $time, PDO::PARAM_STR);
    $prepared->bindValue(':respto', $dataforce['response_to'], PDO::PARAM_INT);
    if ($fgsfds['sticky']) {
        $prepared->bindValue(':sticky', 1, PDO::PARAM_INT);
    } else {
        $prepared->bindValue(':sticky', 0, PDO::PARAM_INT);
    }
    $prepared->bindValue(':modpost', $modpostc, PDO::PARAM_INT);
    $prepared->bindValue(':mcomment', NULL, PDO::PARAM_NULL);
    $prepared->execute();
    unset($prepared);
    $result = $dbh->query('SELECT post_number FROM ' . POSTTABLE . ' WHERE post_time=' . $time . ' AND response_to=' . $dataforce['response_to'] . '');
    $row = $result->fetch();
    $post_number = $row[0];
    unset($result);
    if ($dataforce['response_to'] === 0) {
        $fgsfds['noko_topic'] = $post_number;
        $new_thread_dir = $post_number;
        nel_create_thread_directories($new_thread_dir);
    } else {
        $fgsfds['noko_topic'] = $dataforce['response_to'];
        $new_thread_dir = $dataforce['response_to'];
    }
    $srcpath = SRC_PATH . $new_thread_dir . '/';
    $thumbpath = THUMB_PATH . $new_thread_dir . '/';
    //
    // Make thumbnails and do final file processing
    //
    $i = 0;
    while ($i < $files_count) {
        $files[$i]['im_x'] = 0;
        $files[$i]['im_y'] = 0;
        $files[$i]['pre_x'] = 0;
        $files[$i]['pre_y'] = 0;
        if ($files[$i]['subtype'] === 'SWF' || $files[$i]['supertype'] === 'GRAPHICS' && !BS1_USE_MAGICK) {
            $dim = getimagesize($files[$i]['dest']);
            $files[$i]['im_x'] = $dim[0];
            $files[$i]['im_y'] = $dim[1];
            $ratio = min(BS_MAX_HEIGHT / $files[$i]['im_y'], BS_MAX_WIDTH / $files[$i]['im_x']);
            $files[$i]['pre_x'] = $files[$i]['im_x'] > BS_MAX_WIDTH ? intval($ratio * $files[$i]['im_x']) : $files[$i]['im_x'];
            $files[$i]['pre_y'] = $files[$i]['im_y'] > BS_MAX_HEIGHT ? intval($ratio * $files[$i]['im_y']) : $files[$i]['im_y'];
        }
        if (BS1_USE_THUMB && $files[$i]['supertype'] === 'GRAPHICS') {
            exec("convert -version", $out, $rescode);
            if ($rescode === 0 && BS1_USE_MAGICK) {
                $cmd_getinfo = 'identify -format "%wx%h" ' . escapeshellarg($files[$i]['dest'] . '[0]');
                exec($cmd_getinfo, $res);
                $dims = explode('x', $res[0]);
                $files[$i]['im_x'] = $dims[0];
                $files[$i]['im_y'] = $dims[1];
                $ratio = min(BS_MAX_HEIGHT / $files[$i]['im_y'], BS_MAX_WIDTH / $files[$i]['im_x']);
                $files[$i]['pre_x'] = $files[$i]['im_x'] > BS_MAX_WIDTH ? intval($ratio * $files[$i]['im_x']) : $files[$i]['im_x'];
                $files[$i]['pre_y'] = $files[$i]['im_y'] > BS_MAX_HEIGHT ? intval($ratio * $files[$i]['im_y']) : $files[$i]['im_y'];
                if ($files[$i]['subtype'] === 'GIF') {
                    $files[$i]['thumbfile'] = $files[$i]['basic_filename'] . '-preview.gif';
                    $cmd_coalesce = 'convert ' . escapeshellarg($files[$i]['dest']) . ' -coalesce ' . escapeshellarg($thumbpath . 'tmp' . $files[$i]['thumbfile']);
                    $cmd_resize = 'convert ' . escapeshellarg($thumbpath . 'tmp' . $files[$i]['thumbfile']) . ' -resize ' . BS_MAX_WIDTH . 'x' . BS_MAX_HEIGHT . '\\> -layers optimize ' . escapeshellarg($thumbpath . $files[$i]['thumbfile']);
                    exec($cmd_coalesce);
                    exec($cmd_resize);
                    unlink($thumbpath . 'tmp' . $files[$i]['thumbfile']);
                    chmod($thumbpath . $files[$i]['thumbfile'], 0644);
                } else {
                    if (BS1_USE_PNG_THUMB) {
                        $files[$i]['thumbfile'] = $files[$i]['basic_filename'] . '-preview.png';
                        $cmd_resize = 'convert ' . escapeshellarg($files[$i]['dest']) . ' -resize ' . BS_MAX_WIDTH . 'x' . BS_MAX_HEIGHT . '\\> -quality 00 -sharpen 0x0.5 ' . escapeshellarg($thumbpath . $files[$i]['thumbfile']);
                    } else {
                        $files[$i]['thumbfile'] = $files[$i]['basic_filename'] . '-preview.jpg';
                        $cmd_resize = 'convert ' . escapeshellarg($files[$i]['dest']) . ' -resize ' . BS_MAX_WIDTH . 'x' . BS_MAX_HEIGHT . '\\> -quality ' . BS_JPEG_QUALITY . ' -sharpen 0x0.5 ' . escapeshellarg($thumbpath . $files[$i]['thumbfile']);
                    }
                    exec($cmd_resize);
                    chmod($thumbpath . $files[$i]['thumbfile'], 0644);
                }
            } else {
                // Test is really only for GIF support, which had a long absence
                // If your GD is somehow so old (or dumb) it can't do JPEG or PNG get a new host. Srsly.
                $gd_test = gd_info();
                switch ($files[$i]['subtype']) {
                    case 'JPEG':
                        $image = imagecreatefromjpeg($files[$i]['dest']);
                        break;
                    case 'GIF':
                        if ($gd_test['GIF Read Support']) {
                            $image = imagecreatefromgif($files[$i]['dest']);
                        }
                        break;
                    case 'PNG':
                        $image = imagecreatefrompng($files[$i]['dest']);
                        break;
                }
                $files[$i]['thumbnail'] = imagecreatetruecolor($files[$i]['pre_x'], $files[$i]['pre_y']);
                $files[$i]['thumbfile'] = $files[$i]['basic_filename'] . '-preview.jpg';
                imagecopyresampled($files[$i]['thumbnail'], $image, 0, 0, 0, 0, $files[$i]['pre_x'], $files[$i]['pre_y'], $files[$i]['im_x'], $files[$i]['im_y']);
                if (BS1_USE_PNG_THUMB) {
                    imagepng($files[$i]['thumbnail'], $thumbpath . $files[$i]['thumbfile'], -1);
                    // Quality
                } else {
                    imagejpeg($files[$i]['thumbnail'], $thumbpath . $files[$i]['thumbfile'], BS_JPEG_QUALITY);
                }
            }
        }
        clearstatcache();
        if (!file_exists($srcpath . $files[$i]['basic_filename'] . $files[$i]['ext'])) {
            rename($files[$i]['dest'], $srcpath . $files[$i]['basic_filename'] . '.' . $files[$i]['ext']);
        } else {
            $files[$i]['basic_filename'] = "cc" . utf8_substr($time, -4) . "--" . $files[$i]['basic_filename'];
            rename($files[$i]['dest'], $srcpath . $files[$i]['basic_filename'] . '.' . $files[$i]['ext']);
        }
        ++$i;
    }
    //
    // Update post info and add file data if applicable
    //
    if ($dataforce['response_to'] === 0) {
        $parent_id = $post_number;
    } else {
        $parent_id = $dataforce['response_to'];
    }
    if ($dataforce['response_to'] !== 0 && !$fgsfds['sage'] && $post_count < BS_MAX_BUMPS) {
        ++$post_count;
        $dbh->query('UPDATE ' . POSTTABLE . ' SET last_update=' . $time . ', last_response=' . $post_number . ', post_count=' . $post_count . ' WHERE post_number=' . $dataforce['response_to'] . '');
        $dbh->query('UPDATE ' . POSTTABLE . ' SET last_update=0 WHERE post_number=' . $post_number . '');
        $parent_id = $dataforce['response_to'];
    }
    if (!$there_is_no_spoon) {
        $i = 0;
        while ($i < $files_count) {
            $dbh->query('UPDATE ' . POSTTABLE . ' SET has_file=1 WHERE post_number=' . $post_number . '');
            $prepared = $dbh->prepare('INSERT INTO ' . FILETABLE . ' (parent_thread,post_ref,file_order,supertype,subtype,mime,filename,extension,filesize,md5,source,license)
				VALUES (' . '' . $parent_id . ',' . '' . $post_number . ',' . '"' . ($i + 1) . '",' . '"' . $files[$i]['supertype'] . '",' . '"' . $files[$i]['subtype'] . '",' . '"' . $files[$i]['mime'] . '",' . '"' . $files[$i]['basic_filename'] . '",' . '"' . $files[$i]['ext'] . '",' . '"' . $files[$i]['fsize'] . '",' . '"' . $files[$i]['md5'] . '",' . '"' . $files[$i]['file_source'] . '",' . '"' . $files[$i]['file_license'] . '")');
            $prepared->execute();
            unset($prepared);
            if ($files[$i]['supertype'] === 'GRAPHICS') {
                $dbh->query('UPDATE ' . FILETABLE . ' SET image_width=' . $files[$i]['im_x'] . ', image_height=' . $files[$i]['im_y'] . ', preview_name="' . $files[$i]['thumbfile'] . '", preview_width=' . $files[$i]['pre_x'] . ', preview_height=' . $files[$i]['pre_y'] . ', md5="' . $files[$i]['md5'] . '" WHERE post_ref=' . $post_number . ' AND file_order=' . ($i + 1) . '');
            } else {
                if ($files[$i]['subtype'] === 'SWF') {
                    $dbh->query('UPDATE ' . FILETABLE . ' SET image_width=' . $files[$i]['im_x'] . ', image_height=' . $files[$i]['im_y'] . ', md5="' . $files[$i]['md5'] . '" WHERE post_ref=' . $post_number . ' AND file_order=' . ($i + 1) . '');
                }
            }
            ++$i;
        }
    }
    //
    // Run the archiving routine if this is a new thread or deleted/expired thread
    //
    nel_update_archive_status($dataforce, $dbh);
    //
    // Generate response page if it doesn't exist, otherwise update
    //
    if (!empty($_SESSION)) {
        $temp = $_SESSION['ignore_login'];
    }
    $return_res = $dataforce['response_to'] === 0 ? $new_thread_dir : $dataforce['response_to'];
    nel_regen($dataforce, $return_res, 'thread', FALSE, $dbh);
    $dataforce['archive_update'] = TRUE;
    nel_regen($dataforce, NULL, 'main', FALSE, $dbh);
    if (!empty($_SESSION)) {
        $_SESSION['ignore_login'] = $temp;
    }
    return $return_res;
}