diff --git a/index.php b/index.php
index 14c7697..8676ee6 100644
--- a/index.php
+++ b/index.php
@@ -26,6 +26,7 @@
*/
$start_time = microtime(true);
+ $captcha_str = substr(strtr(sha1($start_time), "1234567890", "ABCDEFGHgh"), 0, 6);
// Return source code
if(isset($_GET['source'])) {
@@ -71,7 +72,7 @@
//// Functions: ////
// Adds a post to the database
- function post($name, $email, $comment, $img, $save_cookie) {
+ function post($name, $email, $comment, $img, $save_cookie, $captcha, $captcha_answer) {
$extensions = [
'image/bmp' => '.bmp',
'image/gif' => '.gif',
@@ -95,6 +96,12 @@
$_COOKIE['email'] = $email;
}
+ if($captcha != $captcha_answer) {
+ if(!empty($img['tmp_name']))
+ @unlink($img['tmp_name']);
+ return 'Invalid CAPTCHA answer, copy the text on the left into the box';
+ }
+
// Validate and move the uploaded image file, if necessary
if(!empty($img['tmp_name'])) {
if((($img['type'] == 'image/gif') || ($img['type'] == 'image/jpeg') || ($img['type'] == 'image/pjpeg')
@@ -142,7 +149,7 @@
if(empty($comment) && empty($target))
return 'You must include an image and/or a comment';
-
+
// Check email
if(!empty($email)) {
if(!preg_match('/^[a-zA-Z0-9][a-zA-Z0-9\._\-&!?=#+]*@/', $email)) {
@@ -362,8 +369,10 @@
$comment = trim($_POST['comment']);
$img = $_FILES['img'];
$save_cookie = isset($_POST['save_cookie']);
+ $captcha = trim($_POST['captcha']);
+ $captcha_answer = trim($_POST['captcha_answer']);
- $err = post($name, $email, $comment, $img, $save_cookie);
+ $err = post($name, $email, $comment, $img, $save_cookie, $captcha, $captcha_answer);
if($err == "") {
# Redirect to latest post
$query = 'SELECT post_id FROM posts ORDER BY posts.post_time DESC LIMIT 1';
@@ -456,6 +465,14 @@
+
+
+
+
+
/>
@@ -482,6 +499,14 @@
|
(Limit: > 10; ?> KiB) |
+
+ |
+
+ |
+
|
/> (Allows deleting your own posts) |