3 years ago · 55e275f02b
parent d99e1aa2be
commit 55e275f02b
1 changed files with 164 additions and 162 deletions
--- a/bbs.php
+++ b/bbs.php
@ -54,191 +54,193 @@
 	 * );
 	 */
 	require_once('vars.php');
-?>
-<!DOCTYPE html
-	PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
-	"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
-<head>
-	<meta http-equiv="content-type" content="text/html;charset=utf-8" />
-	<meta name="viewport" content="width=device-width, initial-scale=1" />
-
-	<title>BBS | ピケ.コム</title>
-</head>
-<body>
-	<p>
-		[<a href="#bottom">bottom</a>]
-	</p>

-	<?php
-		// Adds a post to the database
-		function post($name, $comment, $img, $save_cookie) {
-			$extensions = [
-				'image/bmp' => '.bmp',
-				'image/gif' => '.gif',
-				'image/jpeg' => '.jpg',
-				'image/pjpeg' => '.jpg',
-				'image/png' => '.png'
-			];
-
-			// Validate and move the uploaded image file, if necessary
-			if(!empty($img['tmp_name'])) {
-				if ((($img['type'] == 'image/gif') || ($img['type'] == 'image/jpeg') || ($img['type'] == 'image/pjpeg')
-				|| ($img['type'] == 'image/png') || ($img['type'] == 'image/bmp'))
-				&& ($img['size'] > 0) && ($img['size'] <= MAX_FILE_SIZE)) {
-					if($img['error'] == 0) {
-						// Move the file to the target upload folder
-						$target = UPLOAD_PATH . time() . $extensions[$img['type']];
-						if(!move_uploaded_file($img['tmp_name'], $target)) {
-							// The new image file move failed, so delete the temporary file and return an error
-							@unlink($img['tmp_name']);
-							return 'Unable to upload image, please contact the webmaster.';
-						}
+	//// Functions: ////
+
+	// Adds a post to the database
+	function post($name, $comment, $img, $save_cookie) {
+		$extensions = [
+			'image/bmp' => '.bmp',
+			'image/gif' => '.gif',
+			'image/jpeg' => '.jpg',
+			'image/pjpeg' => '.jpg',
+			'image/png' => '.png'
+		];
+
+		// Validate and move the uploaded image file, if necessary
+		if(!empty($img['tmp_name'])) {
+			if ((($img['type'] == 'image/gif') || ($img['type'] == 'image/jpeg') || ($img['type'] == 'image/pjpeg')
+			|| ($img['type'] == 'image/png') || ($img['type'] == 'image/bmp'))
+			&& ($img['size'] > 0) && ($img['size'] <= MAX_FILE_SIZE)) {
+				if($img['error'] == 0) {
+					// Move the file to the target upload folder
+					$target = UPLOAD_PATH . time() . $extensions[$img['type']];
+					if(!move_uploaded_file($img['tmp_name'], $target)) {
+						// The new image file move failed, so delete the temporary file and return an error
+						@unlink($img['tmp_name']);
+						return 'Unable to upload image, please contact the webmaster.';
 					}
-				} else {
-					// The image is not valid, so delete the temporary file and return an error
-					@unlink($img['tmp_name']);
-					return 'Your image must be a PNG, GIF, JPEG, or BMP image file no greater than ' . (MAX_FILE_SIZE >> 10) . ' KiB.';
 				}
+			} else {
+				// The image is not valid, so delete the temporary file and return an error
+				@unlink($img['tmp_name']);
+				return 'Your image must be a PNG, GIF, JPEG, or BMP image file no greater than ' . (MAX_FILE_SIZE >> 10) . ' KiB.';
 			}
+		}

-			if(empty($comment) && empty($target))
-				return 'You must include an image and/or a comment';
+		if(empty($comment) && empty($target))
+			return 'You must include an image and/or a comment';

-			if($save_cookie) {
-				$uid = $_COOKIE['uid'];
-				if(empty($uid)) {
-					$uid = sha1(time() . $img['tmp_name'] . $_SERVER['REMOTE_ADDR'] . UID_SALT);
-					setcookie("uid", $uid, 0x7FFFFFFF);
-				}
+		if($save_cookie) {
+			$uid = $_COOKIE['uid'];
+			if(empty($uid)) {
+				$uid = sha1(time() . $img['tmp_name'] . $_SERVER['REMOTE_ADDR'] . UID_SALT);
+				setcookie("uid", $uid, 0x7FFFFFFF);
 			}
-
-			// Add post to database
-			$query = "INSERT INTO posts (user_id, name, comment, img) VALUES ($1, $2, $3, $4)";
-			$params = [
-				empty($uid) ? NULL : $uid,
-				empty($name) ? 'Anonymous' : htmlspecialchars($name),
-				empty($comment) ? NULL : htmlspecialchars($comment),
-				empty($target) ? NULL : basename($target)
-			];
-			webhook($params[1], $params[2], 'http://' . $_SERVER['SERVER_NAME'] . dirname($_SERVER['PHP_SELF']) . '/' . $target); // Send to discord for moderation
-			pg_query_params($query, $params) or die('Query failed: ' . pg_last_error());
-
-			return ""; // Success, no error
-		}
-
-		// Regex callback, makes >>quotes into links
-		function quote_link($match) {
-			$query = "SELECT post_id FROM posts WHERE post_id=$1";
-			$result = pg_query_params($query, [$match[1]]) or die('Query failed: ' . pg_last_error());
-			$row_count = pg_num_rows($result);
-			pg_free_result($result);
-			if($row_count > 0)
-				return "<a href=\"#p{$match[1]}\">{$match[0]}</a>";
-			else
-				return "<del>{$match[0]}</del>";
 		}

-		// Prints the post list
-		function show_posts() {
-			$query = 'SELECT post_id, user_id, name, comment, img, TO_CHAR(post_time, \'YYYY-MM-DD HH24:MI (TZ)\') AS post_time FROM posts';
-			$result = pg_query($query) or die('Query failed: ' . pg_last_error());
-
-			// Clean up old posts
-			$row_count = pg_num_rows($result);
-			if($row_count > MAX_POSTS) {
-				for($i = 0; $i < $row_count - MAX_POSTS; $i++) {
-					$row = pg_fetch_array($result);
-					cleanup($row['post_id']);
-				}
-			}
+		// Add post to database
+		$query = "INSERT INTO posts (user_id, name, comment, img) VALUES ($1, $2, $3, $4)";
+		$params = [
+			empty($uid) ? NULL : $uid,
+			empty($name) ? 'Anonymous' : htmlspecialchars($name),
+			empty($comment) ? NULL : htmlspecialchars($comment),
+			empty($target) ? NULL : basename($target)
+		];
+		webhook($params[1], $params[2], 'http://' . $_SERVER['SERVER_NAME'] . dirname($_SERVER['PHP_SELF']) . '/' . $target); // Send to discord for moderation
+		pg_query_params($query, $params) or die('Query failed: ' . pg_last_error());
+
+		return ""; // Success, no error
+	}

-			// Print posts
-			$show_delete = FALSE;
-			echo '<form action="' . $_SERVER['PHP_SELF'] .'#bottom" method="post">';
-			while ($row = pg_fetch_array($result)) {
-				echo "<fieldset id=\"p{$row['post_id']}\">";
+	// Regex callback, makes >>quotes into links
+	function quote_link($match) {
+		$query = "SELECT post_id FROM posts WHERE post_id=$1";
+		$result = pg_query_params($query, [$match[1]]) or die('Query failed: ' . pg_last_error());
+		$row_count = pg_num_rows($result);
+		pg_free_result($result);
+		if($row_count > 0)
+			return "<a href=\"#p{$match[1]}\">{$match[0]}</a>";
+		else
+			return "<del>{$match[0]}</del>";
+	}

-				echo '<legend>';
-				if((!empty($row['user_id']) && ($row['user_id'] == $_COOKIE['uid'])) || (!empty(ADMIN_ID) && ($_COOKIE['uid'] == ADMIN_ID))) {
-					echo '<input type="checkbox" name="delete[]" value="' . $row['post_id'] . '" /> ';
-					$show_delete = TRUE;
-				}
-				echo "<strong>{$row['name']}</strong> {$row['post_time']} ";
-				echo "<a href=\"#p{$row['post_id']}\">#{$row['post_id']}</a>";
-				echo '</legend>';
-
-				if(!empty($row['img'])){
-					echo '<a href="' . UPLOAD_PATH . $row['img'] . '" target="_blank">';
-					echo '<img src="' . UPLOAD_PATH . $row['img'] . '" alt="' . $row['img'] . '" />';
-					echo '</a>';
-				}
+	// Prints the post list
+	function show_posts() {
+		$query = 'SELECT post_id, user_id, name, comment, img, TO_CHAR(post_time, \'YYYY-MM-DD HH24:MI (TZ)\') AS post_time FROM posts';
+		$result = pg_query($query) or die('Query failed: ' . pg_last_error());
+
+		// Clean up old posts
+		$row_count = pg_num_rows($result);
+		if($row_count > MAX_POSTS) {
+			for($i = 0; $i < $row_count - MAX_POSTS; $i++) {
+				$row = pg_fetch_array($result);
+				cleanup($row['post_id']);
+			}
+		}

-				// Process quotes, links, and newlines
-				if(!empty($row['comment'])) {
-					$comment = $row['comment'];
-					$comment = preg_replace('/^>[^>].*/m', '<strong>$0</strong>', $comment);
-					$comment = preg_replace('/https?:\/\/[^\s]+/m', '<a href="$0">$0</a>', $comment);
-					$comment = preg_replace_callback('/>>\s*(\d+)/', quote_link, $comment);
-					$comment = str_replace("\n", "<br />", $comment);
-					echo "<p>$comment</p>";
-				}
+		// Print posts
+		$show_delete = FALSE;
+		echo '<form action="' . $_SERVER['PHP_SELF'] .'#bottom" method="post">';
+		while ($row = pg_fetch_array($result)) {
+			echo "<fieldset id=\"p{$row['post_id']}\">";

-				echo '</fieldset>';
+			echo '<legend>';
+			if((!empty($row['user_id']) && ($row['user_id'] == $_COOKIE['uid'])) || (!empty(ADMIN_ID) && ($_COOKIE['uid'] == ADMIN_ID))) {
+				echo '<input type="checkbox" name="delete[]" value="' . $row['post_id'] . '" /> ';
+				$show_delete = TRUE;
+			}
+			echo "<strong>{$row['name']}</strong> {$row['post_time']} ";
+			echo "<a href=\"#p{$row['post_id']}\">#{$row['post_id']}</a>";
+			echo '</legend>';
+
+			if(!empty($row['img'])){
+				echo '<a href="' . UPLOAD_PATH . $row['img'] . '" target="_blank">';
+				echo '<img src="' . UPLOAD_PATH . $row['img'] . '" alt="' . $row['img'] . '" />';
+				echo '</a>';
 			}

-			pg_free_result($result);
+			// Process quotes, links, and newlines
+			if(!empty($row['comment'])) {
+				$comment = $row['comment'];
+				$comment = preg_replace('/^>[^>].*/m', '<strong>$0</strong>', $comment);
+				$comment = preg_replace('/https?:\/\/[^\s]+/m', '<a href="$0">$0</a>', $comment);
+				$comment = preg_replace_callback('/>>\s*(\d+)/', quote_link, $comment);
+				$comment = str_replace("\n", "<br />", $comment);
+				echo "<p>$comment</p>";
+			}

-			if($show_delete)
-				echo '<p><input type="submit" name="submit" value="Delete" /></p>';
-			echo '</form>';
+			echo '</fieldset>';
 		}

-		// Removes a post from the database and its image
-		function cleanup($id, $force = FALSE) {
-			$query = "SELECT user_id, img FROM posts WHERE post_id=$1";
-			$result = pg_query_params($query, [$id]) or die('Query failed: ' . pg_last_error());
-			$row = pg_fetch_array($result);
-			pg_free_result($result);
-			if($force || $row['user_id'] == $_COOKIE['uid'] || (!empty(ADMIN_ID) && ($_COOKIE['uid'] == ADMIN_ID))) {
-				unlink(UPLOAD_PATH . $row['img']);
-				$query = "DELETE FROM posts WHERE post_id=$1";
-				pg_query_params($query, [$id]) or die('Query failed: ' . pg_last_error());
-			}
+		pg_free_result($result);
+
+		if($show_delete)
+			echo '<p><input type="submit" name="submit" value="Delete" /></p>';
+		echo '</form>';
+	}
+
+	// Removes a post from the database and its image
+	function cleanup($id, $force = FALSE) {
+		$query = "SELECT user_id, img FROM posts WHERE post_id=$1";
+		$result = pg_query_params($query, [$id]) or die('Query failed: ' . pg_last_error());
+		$row = pg_fetch_array($result);
+		pg_free_result($result);
+		if($force || $row['user_id'] == $_COOKIE['uid'] || (!empty(ADMIN_ID) && ($_COOKIE['uid'] == ADMIN_ID))) {
+			unlink(UPLOAD_PATH . $row['img']);
+			$query = "DELETE FROM posts WHERE post_id=$1";
+			pg_query_params($query, [$id]) or die('Query failed: ' . pg_last_error());
 		}
+	}

-		// Sends a webhook to Discord
-		function webhook($name, $message, $img) {
-			if(empty(DISCORD_WEBHOOK))
-				return;
-
-			$data = [
-				'username' => $name,
-				'embeds' => [
-					[
-						'title' => "New Post",
-						'url' => 'http://' . $_SERVER['SERVER_NAME'] . $_SERVER['PHP_SELF'] . '#bottom',
-						'description' => $message,
-						'image' => [
-							'url' => $img
-						]
+	// Sends a webhook to Discord
+	function webhook($name, $message, $img) {
+		if(empty(DISCORD_WEBHOOK))
+			return;
+
+		$data = [
+			'username' => $name,
+			'embeds' => [
+				[
+					'title' => "New Post",
+					'url' => 'http://' . $_SERVER['SERVER_NAME'] . $_SERVER['PHP_SELF'] . '#bottom',
+					'description' => $message,
+					'image' => [
+						'url' => $img
 					]
 				]
-			];
-
-			$curl = curl_init(DISCORD_WEBHOOK);
-			curl_setopt($curl, CURLOPT_HEADER, false);
-			curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
-			curl_setopt($curl, CURLOPT_HTTPHEADER, array("Content-Type: application/json"));
-			curl_setopt($curl, CURLOPT_POST, true);
-			curl_setopt($curl, CURLOPT_POSTFIELDS, json_encode($data));
-			curl_exec($curl);
-			$status = curl_getinfo($curl, CURLINFO_HTTP_CODE);
-			curl_close($curl);
-			if($status != 204)
-				die("Error: Sending webhook failed with status $status.");
-		}
+			]
+		];
+
+		$curl = curl_init(DISCORD_WEBHOOK);
+		curl_setopt($curl, CURLOPT_HEADER, false);
+		curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
+		curl_setopt($curl, CURLOPT_HTTPHEADER, array("Content-Type: application/json"));
+		curl_setopt($curl, CURLOPT_POST, true);
+		curl_setopt($curl, CURLOPT_POSTFIELDS, json_encode($data));
+		curl_exec($curl);
+		$status = curl_getinfo($curl, CURLINFO_HTTP_CODE);
+		curl_close($curl);
+		if($status != 204)
+			die("Error: Sending webhook failed with status $status.");
+	}
+?>
+<!DOCTYPE html
+	PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+	"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+<head>
+	<meta http-equiv="content-type" content="text/html;charset=utf-8" />
+	<meta name="viewport" content="width=device-width, initial-scale=1" />

+	<title>BBS | ピケ.コム</title>
+</head>
+<body>
+	<p>
+		[<a href="#bottom">bottom</a>]
+	</p>
+
+	<?php
 		// Connect to the database
 		$dbc = pg_connect("host=$DB_HOST dbname=$DB_NAME user=$DB_USER password=$DB_PASSWORD")
 				or die('Could not connect: ' . pg_last_error());