Subversion Repositories SvarDOS

Rev

Rev 1233 | Rev 1645 | Go to most recent revision | Only display areas with differences | Ignore whitespace | Details | Blame | Last modification | View Log | RSS feed

Rev 1233 Rev 1242
1
<?php
1
<?php
2
//
2
//
3
// mateuszbb - minimalistic bulletinboard-like forum
3
// mateuszbb - minimalist bulletin board forum. MIT license.
-
 
4
//
-
 
5
// VERSION 20230523
-
 
6
//
4
// Copyright (C) 2021-2023 Mateusz Viste
7
// Copyright (C) 2021-2023 Mateusz Viste
5
//
8
//
-
 
9
// Permission is hereby granted, free of charge, to any person obtaining a copy
-
 
10
// of this software and associated documentation files (the “Software”), to
-
 
11
// deal in the Software without restriction, including without limitation the
-
 
12
// rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
-
 
13
// sell copies of the Software, and to permit persons to whom the Software is
-
 
14
// furnished to do so, subject to the following conditions:
-
 
15
//
-
 
16
//The above copyright notice and this permission notice shall be included in
-
 
17
// all copies or substantial portions of the Software.
-
 
18
//
-
 
19
// THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-
 
20
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-
 
21
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-
 
22
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-
 
23
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
-
 
24
// FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
-
 
25
// IN THE SOFTWARE.
6
 
26
 
7
global $TRIP_SALT;
27
global $TRIP_SALT;
8
global $INITYEAR;
28
global $INITYEAR;
9
global $DATADIR;
29
global $DATADIR;
10
global $NICE_URLS;
30
global $NICE_URLS;
11
global $STR;
31
global $STR;
12
global $LANG;
32
global $LANG;
-
 
33
global $TZ;
-
 
34
global $DATE_FORMAT;
-
 
35
global $MAINPAGE_MAXTHREADS;
-
 
36
global $MAINPAGE_MAXINACT;
-
 
37
global $LOCK_DELAY;
-
 
38
global $EDIT_ALLOWED_MINUTES;
-
 
39
global $MAXDAILYPOSTS;
13
 
40
 
14
include 'mateuszbb-config.php';
41
include 'mateuszbb-config.php';
15
 
42
 
16
 
43
 
17
// *** TRANSLATION STRINGS *****************************************
44
// *** TRANSLATION STRINGS *****************************************
18
 
45
 
19
$STR = array();
46
$STR = array();
20
$STR['en']['opnewthread'] = 'open a new thread';
47
$STR['en']['opnewthread'] = 'open a new thread';
21
$STR['en']['newthread']   = 'New thread';
48
$STR['en']['newthread']   = 'New thread';
22
$STR['en']['latestentry'] = 'latest entry:';
49
$STR['en']['latestentry'] = 'latest entry:';
23
$STR['en']['searchterm']  = 'searched term:';
50
$STR['en']['searchterm']  = 'searched term:';
24
$STR['en']['noresults']   = 'No results';
51
$STR['en']['noresults']   = 'No results';
25
$STR['en']['reply']       = 'reply';
52
$STR['en']['reply']       = 'reply';
26
$STR['en']['jumptoend']   = 'jump to end';
53
$STR['en']['jumptoend']   = 'jump to end';
27
$STR['en']['listthreads'] = 'list of threads';
54
$STR['en']['listthreads'] = 'list of threads';
28
$STR['en']['author']      = 'author:';
55
$STR['en']['author']      = 'author:';
29
$STR['en']['address']     = 'address:';
56
$STR['en']['address']     = 'address:';
30
$STR['en']['date']        = 'date:';
57
$STR['en']['date']        = 'date:';
31
$STR['en']['nameornick']  = 'your name or nick';
58
$STR['en']['nameornick']  = 'your name or nick';
32
$STR['en']['threadsubj']  = 'subject';
59
$STR['en']['threadsubj']  = 'subject';
33
$STR['en']['yourmsg']     = 'Your message';
60
$STR['en']['yourmsg']     = 'Your message';
34
$STR['en']['cancel']      = 'cancel';
61
$STR['en']['cancel']      = 'cancel';
35
$STR['en']['send']        = 'send';
62
$STR['en']['send']        = 'send';
36
$STR['en']['archives']    = 'archives';
63
$STR['en']['archives']    = 'archives';
37
$STR['en']['backtocur']   = 'go back to current threads';
64
$STR['en']['backtocur']   = 'go back to current threads';
38
$STR['en']['search']      = 'search';
65
$STR['en']['search']      = 'search';
39
$STR['en']['password']    = 'password';
66
$STR['en']['password']    = 'password';
40
$STR['en']['optional']    = 'optional';
67
$STR['en']['optional']    = 'optional';
41
$STR['en']['passhelp']    = 'Providing a password here will generate a unique digital signature on your message.';
68
$STR['en']['passhelp']    = 'Providing a password here will generate a unique digital signature on your message.';
-
 
69
$STR['en']['locked']      = "Thread locked due to inactivity since over {$LOCK_DELAY} days.";
42
$STR['en']['captcha'][1]  = 'check the FIRST box';
70
$STR['en']['captcha'][1]  = 'check the FIRST box';
43
$STR['en']['captcha'][2]  = 'check the MIDDLE box';
71
$STR['en']['captcha'][2]  = 'check the MIDDLE box';
44
$STR['en']['captcha'][3]  = 'check the LAST box';
72
$STR['en']['captcha'][3]  = 'check the LAST box';
45
$STR['en']['captcha'][4]  = 'check the FIRST and LAST boxes';
73
$STR['en']['captcha'][4]  = 'check the FIRST and LAST boxes';
46
$STR['en']['captcha'][5]  = 'check the TWO LAST boxes';
74
$STR['en']['captcha'][5]  = 'check the TWO LAST boxes';
47
 
75
 
48
// PL translations by Mateusz Viste
76
// PL translations by Mateusz Viste
49
$STR['pl']['opnewthread'] = 'stwórz nowy wątek';
77
$STR['pl']['opnewthread'] = 'stwórz nowy wątek';
50
$STR['pl']['newthread']   = 'Nowy wątek';
78
$STR['pl']['newthread']   = 'Nowy wątek';
51
$STR['pl']['latestentry'] = 'ostatni wpis:';
79
$STR['pl']['latestentry'] = 'ostatni wpis:';
52
$STR['pl']['searchterm']  = 'szukane wyrażenie:';
80
$STR['pl']['searchterm']  = 'szukane wyrażenie:';
53
$STR['pl']['noresults']   = 'Brak wyników';
81
$STR['pl']['noresults']   = 'Brak wyników';
54
$STR['pl']['reply']       = 'odpowiedz';
82
$STR['pl']['reply']       = 'odpowiedz';
55
$STR['pl']['jumptoend']   = 'skocz do końca';
83
$STR['pl']['jumptoend']   = 'skocz do końca';
56
$STR['pl']['listthreads'] = 'lista wątków';
84
$STR['pl']['listthreads'] = 'lista wątków';
57
$STR['pl']['author']      = 'autor:';
85
$STR['pl']['author']      = 'autor:';
58
$STR['pl']['address']     = 'adres:';
86
$STR['pl']['address']     = 'adres:';
59
$STR['pl']['date']        = 'data:';
87
$STR['pl']['date']        = 'data:';
60
$STR['pl']['nameornick']  = 'imię, nazwisko lub pseudonim';
88
$STR['pl']['nameornick']  = 'imię, nazwisko lub pseudonim';
61
$STR['pl']['threadsubj']  = 'tytuł wątku';
89
$STR['pl']['threadsubj']  = 'tytuł wątku';
62
$STR['pl']['yourmsg']     = 'Twoja wiadomość';
90
$STR['pl']['yourmsg']     = 'Twoja wiadomość';
63
$STR['pl']['cancel']      = 'anuluj';
91
$STR['pl']['cancel']      = 'anuluj';
64
$STR['pl']['send']        = 'wyślij';
92
$STR['pl']['send']        = 'wyślij';
65
$STR['pl']['archives']    = 'archiwum';
93
$STR['pl']['archives']    = 'archiwum';
66
$STR['pl']['backtocur']   = 'powrót do bieżących wątków';
94
$STR['pl']['backtocur']   = 'powrót do bieżących wątków';
67
$STR['pl']['search']      = 'szukaj';
95
$STR['pl']['search']      = 'szukaj';
68
$STR['pl']['password']    = 'hasło';
96
$STR['pl']['password']    = 'hasło';
69
$STR['pl']['optional']    = 'opcjonale';
97
$STR['pl']['optional']    = 'opcjonalne';
70
$STR['pl']['passhelp']    = 'Podanie hasła pozwoli wygenerować unikalny podpis elektroniczny przy twojej wiadomości.';
98
$STR['pl']['passhelp']    = 'Podanie hasła pozwoli wygenerować unikalny podpis elektroniczny przy twojej wiadomości.';
-
 
99
$STR['pl']['locked']      = "Wątek zamknięty z powodu braku aktywności od ponad {$LOCK_DELAY} dni.";
71
$STR['pl']['captcha'][1]  = 'zaznacz PIERWSZE pole';
100
$STR['pl']['captcha'][1]  = 'zaznacz PIERWSZE pole';
72
$STR['pl']['captcha'][2]  = 'zaznacz ŚRODKOWE pole';
101
$STR['pl']['captcha'][2]  = 'zaznacz ŚRODKOWE pole';
73
$STR['pl']['captcha'][3]  = 'zaznacz OSTATNIE pole';
102
$STR['pl']['captcha'][3]  = 'zaznacz OSTATNIE pole';
74
$STR['pl']['captcha'][4]  = 'zaznacz PIERWSZE i OSTATNIE pole';
103
$STR['pl']['captcha'][4]  = 'zaznacz PIERWSZE i OSTATNIE pole';
75
$STR['pl']['captcha'][5]  = 'zaznacz DWA OSTATNIE pola';
104
$STR['pl']['captcha'][5]  = 'zaznacz DWA OSTATNIE pola';
76
 
105
 
77
// pt-BR translations courtesty of Luzemário Dantas
106
// pt-BR translations courtesty of Luzemário Dantas
78
$STR['pt']['opnewthread'] = 'abrir novo tópico';
107
$STR['pt']['opnewthread'] = 'abrir novo tópico';
79
$STR['pt']['newthread']   = 'Novo tópico';
108
$STR['pt']['newthread']   = 'Novo tópico';
80
$STR['pt']['latestentry'] = 'entrada mais recente:';
109
$STR['pt']['latestentry'] = 'entrada mais recente:';
81
$STR['pt']['searchterm']  = 'termo pesquisado:';
110
$STR['pt']['searchterm']  = 'termo pesquisado:';
82
$STR['pt']['noresults']   = 'Sem resultados';
111
$STR['pt']['noresults']   = 'Sem resultados';
83
$STR['pt']['reply']       = 'responder';
112
$STR['pt']['reply']       = 'responder';
84
$STR['pt']['jumptoend']   = 'ir para o final';
113
$STR['pt']['jumptoend']   = 'ir para o final';
85
$STR['pt']['listthreads'] = 'lista de tópicos';
114
$STR['pt']['listthreads'] = 'lista de tópicos';
86
$STR['pt']['author']      = 'autor:';
115
$STR['pt']['author']      = 'autor:';
87
$STR['pt']['address']     = 'endereço:';
116
$STR['pt']['address']     = 'endereço:';
88
$STR['pt']['date']        = 'data:';
117
$STR['pt']['date']        = 'data:';
89
$STR['pt']['nameornick']  = 'seu nome ou apelido';
118
$STR['pt']['nameornick']  = 'seu nome ou apelido';
90
$STR['pt']['threadsubj']  = 'assunto';
119
$STR['pt']['threadsubj']  = 'assunto';
91
$STR['pt']['yourmsg']     = 'Sua mensagem';
120
$STR['pt']['yourmsg']     = 'Sua mensagem';
92
$STR['pt']['cancel']      = 'cancelar';
121
$STR['pt']['cancel']      = 'cancelar';
93
$STR['pt']['send']        = 'enviar';
122
$STR['pt']['send']        = 'enviar';
94
$STR['pt']['archives']    = 'arquivos';
123
$STR['pt']['archives']    = 'arquivos';
95
$STR['pt']['backtocur']   = 'voltar ao tópico atuai';
124
$STR['pt']['backtocur']   = 'voltar ao tópico atuai';
96
$STR['pt']['search']      = 'pesquisar';
125
$STR['pt']['search']      = 'pesquisar';
97
$STR['pt']['password']    = 'senha';
126
$STR['pt']['password']    = 'senha';
98
$STR['pt']['optional']    = 'opcional';
127
$STR['pt']['optional']    = 'opcional';
99
$STR['pt']['passhelp']    = 'Fornecer uma senha aqui vai gerar uma assinatura digital única na sua mensagem.';
128
$STR['pt']['passhelp']    = 'Fornecer uma senha aqui vai gerar uma assinatura digital única na sua mensagem.';
-
 
129
$STR['pt']['locked']      = "Este tópico está bloqueado porque está inativo há mais de {$LOCK_DELAY} dias."; // translated by google translate, wording might be poor
100
$STR['pt']['captcha'][1]  = 'marque a PRIMEIRA caixa';
130
$STR['pt']['captcha'][1]  = 'marque a PRIMEIRA caixa';
101
$STR['pt']['captcha'][2]  = 'marque a caixa do MEIO';
131
$STR['pt']['captcha'][2]  = 'marque a caixa do MEIO';
102
$STR['pt']['captcha'][3]  = 'marque a ÚLTIMA caixa';
132
$STR['pt']['captcha'][3]  = 'marque a ÚLTIMA caixa';
103
$STR['pt']['captcha'][4]  = 'marque a PRIMEIRA e ÚLTIMA caixas';
133
$STR['pt']['captcha'][4]  = 'marque a PRIMEIRA e ÚLTIMA caixas';
104
$STR['pt']['captcha'][5]  = 'marque as DUAS ÚLTIMAS caixas';
134
$STR['pt']['captcha'][5]  = 'marque as DUAS ÚLTIMAS caixas';
105
 
135
 
106
// *****************************************************************
136
// *****************************************************************
107
 
137
 
108
 
138
 
109
function data_dluga($timestamp) {
139
function data_dluga($timestamp) {
110
  date_default_timezone_set('UTC');
140
  global $DATE_FORMAT;
111
  return(date('d.m.Y, H:i:s', $timestamp) . ' UTC');
141
  return(date($DATE_FORMAT, $timestamp));
112
}
142
}
113
 
143
 
114
 
144
 
115
function selfurl($params = '') {
145
function selfurl($params = '') {
116
  global $SELFURL;
146
  global $SELFURL;
117
  $r = $SELFURL;
147
  $r = $SELFURL;
118
  if (!empty($params)) {
148
  if (!empty($params)) {
119
    if (strrchr($SELFURL, '?')) {
149
    if (strrchr($SELFURL, '?')) {
120
      $r .= '&';
150
      $r .= '&';
121
    } else {
151
    } else {
122
      $r .= '?';
152
      $r .= '?';
123
    }
153
    }
124
    $r .= $params;
154
    $r .= $params;
125
  }
155
  }
126
  return($r);
156
  return($r);
127
}
157
}
128
 
158
 
129
 
159
 
130
// returns an array with the list of languages requested by the browser, in
160
// returns an array with the list of languages requested by the browser, in
131
// the order of preference
161
// the order of preference
132
function getpreflang() {
162
function getpreflang() {
133
  $res = array();
163
  $res = array();
134
  if (! isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) return($res);
164
  if (! isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) return($res);
135
  $langlist = explode(',', $_SERVER['HTTP_ACCEPT_LANGUAGE']);
165
  $langlist = explode(',', $_SERVER['HTTP_ACCEPT_LANGUAGE']);
136
  foreach ($langlist as $lang) {
166
  foreach ($langlist as $lang) {
137
    $res[] = strtolower(substr($lang, 0, 2));
167
    $res[] = strtolower(substr($lang, 0, 2));
138
  }
168
  }
139
  return(array_unique($res));
169
  return(array_unique($res));
140
}
170
}
141
 
171
 
142
 
172
 
143
function mateuszbb_rss() {
173
function mateuszbb_rss() {
144
  global $DATADIR;
174
  global $DATADIR;
145
  global $RSS_TITLE;
175
  global $RSS_TITLE;
-
 
176
  global $NICE_URLS;
146
 
177
 
147
  $db = new SQLite3($DATADIR . 'mateuszbb.sqlite3', SQLITE3_OPEN_READONLY);
178
  $db = new SQLite3($DATADIR . 'mateuszbb.sqlite3', SQLITE3_OPEN_READONLY);
148
  if (! $db) {
179
  if (! $db) {
149
    echo "SQL ERROR: ACCESS DENIED\n";
180
    echo "SQL ERROR: ACCESS DENIED\n";
150
    return false;
181
    return false;
151
  }
182
  }
152
  $sqlres = $db->query('SELECT thread, msgid, author FROM rss ORDER BY msgid DESC, thread DESC LIMIT 100;');
183
  $sqlres = $db->query('SELECT thread, msgid, author FROM rss ORDER BY msgid DESC, thread DESC LIMIT 100;');
153
  if (! $sqlres) {
184
  if (! $sqlres) {
154
    echo "SQL ERROR: QUERY FAILED\n";
185
    echo "SQL ERROR: QUERY FAILED\n";
155
    return false;
186
    return false;
156
  }
187
  }
157
 
188
 
158
  header('content-type: application/rss+xml');
189
  header('content-type: application/rss+xml');
159
 
190
 
160
  echo '<?xml version="1.0" encoding="utf-8" ?>' . "\n";
191
  echo '<?xml version="1.0" encoding="utf-8" ?>' . "\n";
161
  echo '<rss version="2.0">' . "\n";
192
  echo '<rss version="2.0">' . "\n";
162
  echo "<channel>\n";
193
  echo "<channel>\n";
163
  echo "<title>" . htmlspecialchars($RSS_TITLE, ENT_XML1) . "</title>\n";
194
  echo "<title>" . htmlspecialchars($RSS_TITLE, ENT_XML1) . "</title>\n";
164
  echo "<link>" . selfurl(). "</link>\n";
195
  echo "<link>" . selfurl(). "</link>\n";
165
 
196
 
166
  while ($row = $sqlres->fetchArray()) {
197
  while ($row = $sqlres->fetchArray()) {
167
    $rawtitle = file_get_contents($DATADIR . 'threads/' . $row['thread'] . '/title.txt');
198
    $rawtitle = file_get_contents($DATADIR . 'threads/' . $row['thread'] . '/title.txt');
168
    if (empty($rawtitle)) continue;
199
    if (empty($rawtitle)) continue;
169
    $title = htmlspecialchars($rawtitle, ENT_XML1, 'UTF-8');
200
    $title = htmlspecialchars($rawtitle, ENT_XML1, 'UTF-8');
170
    $author = htmlspecialchars($row['author'], ENT_XML1, 'UTF-8');
201
    $author = htmlspecialchars($row['author'], ENT_XML1, 'UTF-8');
171
    if ($NICE_URLS) {
202
    if ($NICE_URLS) {
172
      $link = selfurl();
203
      $link = selfurl();
173
      if (substr($link, -1) !== '/') $link .= '/';
204
      if (substr($link, -1) !== '/') $link .= '/';
174
      $link .= "{$row['thread']}";
205
      $link .= "{$row['thread']}";
175
    } else {
206
    } else {
176
      $link = selfurl('thread=' . $row['thread']);
207
      $link = selfurl('thread=' . $row['thread']);
177
    }
208
    }
178
    $link .= '#' . $row['msgid'];
209
    $link .= '#' . $row['msgid'];
179
    echo "<item>\n";
210
    echo "<item>\n";
180
    echo "<title>{$author} @ '{$title}'</title>\n";
211
    echo "<title>{$author} @ '{$title}'</title>\n";
181
    echo "<link>" . htmlspecialchars($link, ENT_XML1) . "</link>\n";
212
    echo "<link>" . htmlspecialchars($link, ENT_XML1) . "</link>\n";
182
    echo "<description>{$author} @ '{$title}'</description>\n";
213
    echo "<description>{$author} @ '{$title}'</description>\n";
183
    echo "<pubDate>" . date('r', $row['msgid']) . "</pubDate>\n";
214
    echo "<pubDate>" . date('r', $row['msgid']) . "</pubDate>\n";
184
    echo "<guid>" . htmlspecialchars($link, ENT_XML1) . "</guid>\n";
215
    echo "<guid>" . htmlspecialchars($link, ENT_XML1) . "</guid>\n";
185
    echo "</item>\n";
216
    echo "</item>\n";
186
  }
217
  }
187
  $db->close();
218
  $db->close();
188
 
219
 
189
  echo "</channel>\n";
220
  echo "</channel>\n";
190
  echo "</rss>\n";
221
  echo "</rss>\n";
191
  return true;
222
  return true;
192
}
223
}
193
 
224
 
194
 
225
 
195
function formularz($thread = '') {
226
function formularz($thread = 0, $postid = 0, $msg = '') {
196
  global $STR;
227
  global $STR;
197
  global $LANG;
228
  global $LANG;
-
 
229
  global $NICE_URLS;
198
 
230
 
199
  if (empty($thread)) {
231
  if ($thread == 0) {
200
    echo '<form class="minibb" method="POST" action="' . selfurl() . '#title" id="formularz">' . "\n";
232
    echo '<form class="minibb" method="POST" action="' . selfurl() . '#title" id="formularz">' . "\n";
201
    echo '<input type="hidden" name="action" value="createthread">' . "\n";
233
    echo '<input type="hidden" name="action" value="createthread">' . "\n";
202
  } else {
234
  } else {
203
    echo '<form class="minibb" method="POST" action="' . selfurl() . '" id="formularz">' . "\n";
235
    echo '<form class="minibb" method="POST" action="' . selfurl() . '" id="formularz">' . "\n";
204
    echo '<input type="hidden" name="action" value="newpost">' . "\n";
-
 
205
    echo '<input type="hidden" name="thread" value="' . $thread . '">' . "\n";
236
    echo '<input type="hidden" name="thread" value="' . $thread . '">' . "\n";
-
 
237
    if ($postid > 0) {
-
 
238
      echo '<input type="hidden" name="action" value="editpost">' . "\n";
-
 
239
      echo '<input type="hidden" name="postid" value="' . $postid . '">' . "\n";
-
 
240
    } else {
-
 
241
      echo '<input type="hidden" name="action" value="newpost">' . "\n";
-
 
242
    }
206
  }
243
  }
207
 
244
 
208
  echo '<div class="minibb-formfields">' . "\n";
245
  echo '<div class="minibb-formfields">' . "\n";
209
  echo '<div class="minibb-formlabelgroup"><p>' . $STR[$LANG]['nameornick'] . '</p><input type="text" name="login" pattern=".*[^\s].*" minlength="1" maxlength="40" title="' . $STR[$LANG]['nameornick'] . '" required></div><div class="minibb-formlabelgroup"><p>' . $STR[$LANG]['password'] . ' (<span title="' . $STR[$LANG]['passhelp'] . '" style="text-decoration-line: underline; text-decoration-style: dotted;">' . $STR[$LANG]['optional'] . '</span>)</p><input type="password" name="pass" maxlength="40"></div>' . "\n";
246
  echo '<div class="minibb-formlabelgroup"><p>' . $STR[$LANG]['nameornick'] . '</p><input type="text" name="username" pattern=".*[^\s].*" minlength="1" maxlength="40" autofill="username" title="' . $STR[$LANG]['nameornick'];
-
 
247
  if (!empty($msg)) echo '" value="' . htmlspecialchars($msg['author']) . '"';
210
  if (empty($thread)) {
248
  echo '" required></div><div class="minibb-formlabelgroup"><p>' . $STR[$LANG]['password'] . ' (<span title="' . $STR[$LANG]['passhelp'] . '" style="text-decoration-line: underline; text-decoration-style: dotted;">' . $STR[$LANG]['optional'] . '</span>)</p><input type="password" name="password" maxlength="40" autofill="current-password"></div>' . "\n";
-
 
249
  if ($thread == 0) {
211
    echo '<div class="minibb-formlabelgroup" style="width: 100%;">' . "\n";
250
    echo '<div class="minibb-formlabelgroup" style="width: 100%;">' . "\n";
212
    echo "<p>" . $STR[$LANG]['threadsubj'] . "</p>\n";
251
    echo "<p>" . $STR[$LANG]['threadsubj'] . "</p>\n";
213
    echo '<input type="text" name="title" title="' . $STR[$LANG]['threadsubj'] . '" maxlength="64" pattern=".*[^\s].*" required>' . "\n";
252
    echo '<input type="text" name="title" title="' . $STR[$LANG]['threadsubj'] . '" maxlength="64" pattern=".*[^\s].*" required>' . "\n";
214
    echo "</div>\n";
253
    echo "</div>\n";
215
  }
254
  }
216
  echo '<textarea name="msg" placeholder="' . $STR[$LANG]['yourmsg'] . '">' . "\n";
255
  echo '<textarea name="msg" placeholder="' . $STR[$LANG]['yourmsg'] . '">' . "\n";
-
 
256
  if (!empty($msg)) echo htmlspecialchars($msg['msg']);
217
  echo '</textarea><br>' . "\n";
257
  echo "</textarea><br>\n";
218
  echo '</div>' . "\n";
258
  echo "</div>\n";
219
  // --- CAPTCHA ---
259
  // --- CAPTCHA ---
220
  $capid = rand(1, 5);
260
  $capid = rand(1, 5);
221
  echo '<div class="minibb-formcaptcha">' . $STR[$LANG]['captcha'][$capid] . ': <input type="checkbox" name=c1> <input type="checkbox" name=c2> <input type="checkbox" name=c3>' . "\n";
261
  echo '<div class="minibb-formcaptcha">' . $STR[$LANG]['captcha'][$capid] . ': <span class="minibb-cboxgroup"><input type="checkbox" name=c1><input type="checkbox" name=c2><input type="checkbox" name=c3></span>' . "\n";
222
  echo '<input type="hidden" name="capid" value="' . $capid . '">';
262
  echo '<input type="hidden" name="capid" value="' . $capid . '">';
223
  // ---------------
263
  // ---------------
224
  echo '<div class="minibb-formbtns">';
264
  echo '<div class="minibb-formbtns">' . "\n";
-
 
265
  $link = selfurl();
-
 
266
  if ($postid > 0) {
-
 
267
    $link = selfurl("thread=" . $thread);
-
 
268
    if ($NICE_URLS) $link = $thread;
-
 
269
    $link .= '#' . $postid;
-
 
270
  }
225
  echo '<a href="' . selfurl() . '">' . $STR[$LANG]['cancel'] . '</a> <input type="submit" value="' . $STR[$LANG]['send'] . '">' . "\n";
271
  echo '<a href="' . $link . '">' . $STR[$LANG]['cancel'] . '</a> <input type="submit" value="' . $STR[$LANG]['send'] . '">' . "\n";
-
 
272
  echo "</div>\n";
226
  echo '</div>';
273
  echo "</div>\n";
227
  echo '</form>';
274
  echo '</form>';
228
}
275
}
229
 
276
 
230
function wyswietl_watek_w_liscie($threadid, $tytul, $lastauthor, $lastupdate) {
277
function wyswietl_watek_w_liscie($threadid, $tytul, $lastauthor, $lastupdate) {
231
  global $NICE_URLS;
278
  global $NICE_URLS;
232
  global $STR;
279
  global $STR;
233
  global $LANG;
280
  global $LANG;
234
 
281
 
235
  echo '<a href="';
282
  echo '<a href="';
236
  if (!$NICE_URLS) {
283
  if (!$NICE_URLS) {
237
    echo selfurl("thread=$threadid");
284
    echo selfurl("thread=$threadid");
238
  } else {
285
  } else {
239
    echo $threadid;
286
    echo $threadid;
240
  }
287
  }
241
  echo '" class="minibb-threaditem">' . "\n";
288
  echo '" class="minibb-threaditem">' . "\n";
242
  echo '<h2>' . htmlspecialchars($tytul) . "</h2>\n";
289
  echo '<h2>' . htmlspecialchars($tytul) . "</h2>\n";
243
  echo '<p>' . $STR[$LANG]['latestentry'] . ' ' . htmlspecialchars($lastauthor) . ', ' . htmlspecialchars(data_dluga($lastupdate)) . "</p>\n";
290
  echo '<p>' . $STR[$LANG]['latestentry'] . ' ' . htmlspecialchars($lastauthor) . ', ' . htmlspecialchars(data_dluga($lastupdate)) . "</p>\n";
244
  echo "</a>\n";
291
  echo "</a>\n";
245
}
292
}
246
 
293
 
247
function sprawdz_captcha($CAPARR) {
294
function sprawdz_captcha($CAPARR) {
248
  //echo "<!-- capid={$CAPARR['capid']} c1={$CAPARR['c1']} c2={$CAPARR['c2']} c3={$CAPARR['c3']}-->\n";
295
  //echo "<!-- capid={$CAPARR['capid']} c1={$CAPARR['c1']} c2={$CAPARR['c2']} c3={$CAPARR['c3']}-->\n";
249
  switch ($CAPARR['capid']) {
296
  switch ($CAPARR['capid']) {
250
    case 1:
297
    case 1:
251
      if (($CAPARR['c1']) && (!$CAPARR['c2']) && (!$CAPARR['c3'])) return(true);
298
      if (($CAPARR['c1']) && (!$CAPARR['c2']) && (!$CAPARR['c3'])) return(true);
252
      break;
299
      break;
253
    case 2:
300
    case 2:
254
      if ((!$CAPARR['c1']) && ($CAPARR['c2']) && (!$CAPARR['c3'])) return(true);
301
      if ((!$CAPARR['c1']) && ($CAPARR['c2']) && (!$CAPARR['c3'])) return(true);
255
      break;
302
      break;
256
    case 3:
303
    case 3:
257
      if ((!$CAPARR['c1']) && (!$CAPARR['c2']) && ($CAPARR['c3'])) return(true);
304
      if ((!$CAPARR['c1']) && (!$CAPARR['c2']) && ($CAPARR['c3'])) return(true);
258
      break;
305
      break;
259
    case 4:
306
    case 4:
260
      if (($CAPARR['c1']) && (!$CAPARR['c2']) && ($CAPARR['c3'])) return(true);
307
      if (($CAPARR['c1']) && (!$CAPARR['c2']) && ($CAPARR['c3'])) return(true);
261
      break;
308
      break;
262
    case 5:
309
    case 5:
263
      if ((!$CAPARR['c1']) && ($CAPARR['c2']) && ($CAPARR['c3'])) return(true);
310
      if ((!$CAPARR['c1']) && ($CAPARR['c2']) && ($CAPARR['c3'])) return(true);
264
      break;
311
      break;
265
  }
312
  }
266
  return(false);
313
  return(false);
267
}
314
}
268
 
315
 
269
 
316
 
270
// zwraca akcję na podstawie globalnych POST lub GET
317
// zwraca akcję na podstawie globalnych POST lub GET
271
function getvar_action() {
318
function getvar_action() {
272
  if (!empty($_POST['action'])) return $_POST['action'];
319
  if (!empty($_POST['action'])) return $_POST['action'];
273
  if (!empty($_GET['action'])) return $_GET['action'];
320
  if (!empty($_GET['action'])) return $_GET['action'];
274
  return('');
321
  return('');
275
}
322
}
276
 
323
 
277
function getvar_thread() {
324
function getvar_thread() {
278
  if (!empty($_POST['thread'])) return intval($_POST['thread']);
325
  if (!empty($_POST['thread'])) return intval($_POST['thread']);
279
  if (!empty($_GET['thread'])) return intval($_GET['thread']);
326
  if (!empty($_GET['thread'])) return intval($_GET['thread']);
280
  return(-1);
327
  return(-1);
281
}
328
}
282
 
329
 
283
function getvar_archiveyear() {
330
function getvar_archiveyear() {
284
  if (!empty($_POST['arch'])) return intval($_POST['arch']);
331
  if (!empty($_POST['arch'])) return intval($_POST['arch']);
285
  if (!empty($_GET['arch'])) return intval($_GET['arch']);
332
  if (!empty($_GET['arch'])) return intval($_GET['arch']);
286
  return(-1);
333
  return(-1);
287
}
334
}
288
 
335
 
289
 
336
 
290
// funkcja która zapisuje nowe wiadomości
337
// funkcja która zapisuje nowe wiadomości
291
function mateuszbb_preprocess() {
338
function mateuszbb_preprocess() {
292
global $TRIP_SALT;
339
global $TRIP_SALT;
293
global $DATADIR;
340
global $DATADIR;
294
global $NICE_URLS;
341
global $NICE_URLS;
295
global $ERRSTR; // zmienna zawierająca komunikat błędu (jeśli jakiś wystąpił)
342
global $ERRSTR; // zmienna zawierająca komunikat błędu (jeśli jakiś wystąpił)
296
global $STR;
343
global $STR;
297
global $LANG;
344
global $LANG;
-
 
345
global $MAXDAILYPOSTS;
-
 
346
global $EDIT_ALLOWED_MINUTES;
298
 
347
 
299
$action = getvar_action();
348
$action = getvar_action();
300
$thread = getvar_thread();
349
$thread = getvar_thread();
301
$archiveyear = getvar_archiveyear();
350
$archiveyear = getvar_archiveyear();
302
 
351
 
-
 
352
// negotiate language, unless forced by configuration
303
// negotiate language
353
if (empty($LANG)) {
304
$LANG = 'en'; // preselect english as default language
354
  $LANG = 'en'; // preselect english as default language
305
foreach (getpreflang() as $l) {
355
  foreach (getpreflang() as $l) {
306
  if (!empty($STR[$l])) {
356
    if (!empty($STR[$l])) {
307
    $LANG = $l;
357
      $LANG = $l;
308
    break;
358
      break;
-
 
359
    }
309
  }
360
  }
-
 
361
} else { // if language forced by configuration then make sure it is supported
-
 
362
  if (empty($STR[$LANG])) $LANG = 'en'; // fall back to 'en' on error
310
}
363
}
311
 
364
 
312
// write access: check how many messages the user posted during last 24h
365
// write access: check how many messages the user posted during last 24h
313
if (($action === 'createthread') || ($action === 'newpost')) {
366
if (($action === 'createthread') || ($action === 'newpost')) {
314
   $db = new SQLite3($DATADIR . 'mateuszbb.sqlite3');
367
  $db = new SQLite3($DATADIR . 'mateuszbb.sqlite3');
315
   if ($db) {
368
  if ($db) {
316
     $db->exec('DELETE FROM ip_msg_counters24h WHERE msgid < strftime(\'%s\', \'now\') - 24*3600;');
369
    $db->exec('DELETE FROM ip_msg_counters24h WHERE msgid < strftime(\'%s\', \'now\') - 24*3600;');
317
     $count24h = intval($db->querySingle("SELECT count(*) FROM ip_msg_counters24h WHERE ipaddr = '{$_SERVER['REMOTE_ADDR']}'"));
370
    $count24h = intval($db->querySingle("SELECT count(*) FROM ip_msg_counters24h WHERE ipaddr = '{$_SERVER['REMOTE_ADDR']}'"));
318
     $db->close();
371
    $db->close();
319
     if ($count24h >= 10) {
372
    if ($count24h >= $MAXDAILYPOSTS) {
320
       $ERRSTR = "BŁĄD: Z TWOJEGO ADRESU NAPISANO JUŻ {$count24h} WIADOMOŚCI W PRZECIĄGU OSTATNICH 24H. SPRÓBUJ PONOWNIE ZA JAKIŚ CZAS.";
373
      $ERRSTR = "BŁĄD: Z TWOJEGO ADRESU NAPISANO JUŻ {$count24h} WIADOMOŚCI W PRZECIĄGU OSTATNICH 24H. SPRÓBUJ PONOWNIE ZA JAKIŚ CZAS.";
321
       $action = '';
374
      $action = '';
322
     }
375
    }
323
   }
376
  }
324
}
377
}
325
 
378
 
-
 
379
// edit post becomes newpost, it was different just to avoid 24h counters
-
 
380
if ($action === 'editpost') $action = 'newpost';
-
 
381
 
326
// new thread creation (+switch to read thread)
382
// new thread creation (+switch to read thread)
327
if ($action === 'createthread') {
383
if ($action === 'createthread') {
328
  // captcha check
384
  // captcha check
329
  if (!sprawdz_captcha($_POST)) {
385
  if (!sprawdz_captcha($_POST)) {
330
    echo "<p>BŁĄD: NIEPRAWIDŁOWE CAPTCHA</p>\n";
386
    echo "<p>BŁĄD: NIEPRAWIDŁOWE CAPTCHA</p>\n";
331
    goto DONE;
387
    goto DONE;
332
  }
388
  }
333
  //
389
  //
334
  $thread = time();
390
  $thread = time();
335
  if (empty($_POST['login']) || (empty($_POST['msg'])) || (empty($_POST['title']))) {
391
  if (empty($_POST['username']) || (empty($_POST['msg'])) || (empty($_POST['title']))) {
336
    echo '<p>BŁĄD: pusty nick, wiadomość lub tytuł</p>' . "\n";
392
    echo '<p>BŁĄD: pusty nick, wiadomość lub tytuł</p>' . "\n";
337
    goto DONE;
393
    goto DONE;
338
  }
394
  }
339
  if (!mkdir($DATADIR . 'threads/' . $thread, 0755, true)) {
395
  if (!mkdir($DATADIR . 'threads/' . $thread, 0755, true)) {
340
    echo '<p>BŁĄD: nie zdołano utworzyć wątku nr ' . $thread . "</p>\n";
396
    echo '<p>BŁĄD: nie zdołano utworzyć wątku nr ' . $thread . "</p>\n";
341
    goto DONE;
397
    goto DONE;
342
  }
398
  }
343
  // zapisz tytuł
399
  // zapisz tytuł
344
  file_put_contents($DATADIR . 'threads/' . $thread . '/title.txt', trim($_POST['title']));
400
  file_put_contents($DATADIR . 'threads/' . $thread . '/title.txt', trim($_POST['title']));
345
  // ustaw co trzeba żeby zapisać wiadomość
401
  // ustaw co trzeba żeby zapisać wiadomość
346
  $action = 'newpost';
402
  $action = 'newpost';
347
}
403
}
348
 
404
 
349
// nowy post do istniejącego wątku
405
// nowy post do istniejącego wątku
350
if (($action === 'newpost') && ($thread >= 0) && (!empty($_POST['msg'])) && (!empty($_POST['login']))) {
406
if (($action === 'newpost') && ($thread >= 0) && (!empty($_POST['msg'])) && (!empty($_POST['username']))) {
-
 
407
  // is it really about a NEW post or about EDITING an existing one?
-
 
408
  if (empty($_POST['postid'])) {
351
  $postid = time();
409
    $postid = time();
-
 
410
  } else { // editing an existing post
-
 
411
    $msg = loadmsg($_POST['thread'], $_POST['postid']);
-
 
412
    if (!is_art_edition_allowed($_POST['postid'], $msg)) {
-
 
413
      $action = '';
-
 
414
      $ERRSTR = "NOT ALLOWED";
-
 
415
      goto DONE;
-
 
416
    }
-
 
417
    $postid = $_POST['postid'];
-
 
418
  }
-
 
419
 
352
  if (!sprawdz_captcha($_POST)) {
420
  if (!sprawdz_captcha($_POST)) {
353
    $ERRSTR = "BŁĄD: NIEPRAWIDŁOWE CAPTCHA";
421
    $ERRSTR = "BŁĄD: NIEPRAWIDŁOWE CAPTCHA";
354
    goto DONE;
422
    goto DONE;
355
  }
423
  }
356
  // nadpisz lastauthor i lastupdate
424
  // nadpisz lastauthor i lastupdate
357
  $lastupdate = array('lastupdate' => $postid, 'lastauthor' => trim($_POST['login']));
425
  $lastupdate = array('lastupdate' => $postid, 'lastauthor' => trim($_POST['username']));
358
  file_put_contents($DATADIR . 'threads/' . $thread . '/lastupdate', serialize($lastupdate));
426
  file_put_contents($DATADIR . 'threads/' . $thread . '/lastupdate', serialize($lastupdate));
359
  // oblicz tripkod, jeśli hasło zostało ustawione
427
  // oblicz tripkod, jeśli hasło zostało ustawione
360
  $tripsig = '';
428
  $tripsig = '';
361
  if (!empty(trim($_POST['pass']))) {
429
  if (!empty(trim($_POST['password']))) {
362
    $tripsig = hash('whirlpool', trim($_POST['login']) . '#' . trim($_POST['pass']) . $TRIP_SALT);
430
    $tripsig = hash('whirlpool', trim($_POST['username']) . '#' . trim($_POST['password']) . $TRIP_SALT);
-
 
431
  }
-
 
432
  // wygeneruj klucz do edycji postu i prześlij go przeglądarce przez ciasteczko (chyba że przeglądarka już ma klucz)
-
 
433
  if (!empty($EDIT_ALLOWED_MINUTES)) {
-
 
434
    if (!empty($_COOKIE['mateuszbbkey'])) {
-
 
435
      $artkey = $_COOKIE['mateuszbbkey'];
-
 
436
    } else {
-
 
437
      $artkey = bin2hex(random_bytes(128));
-
 
438
      setcookie('mateuszbbkey', $artkey, array('secure' => true, 'httponly' => true, 'samesite' => 'Lax'));
-
 
439
    }
363
  }
440
  }
364
  // zapisz wiadomość
441
  // zapisz wiadomość
365
  $msg = array('author' => trim($_POST['login']), 'ip' => $_SERVER['REMOTE_ADDR'], 'trip' => $tripsig, 'msg' => trim($_POST['msg']));
442
  $msg = array('author' => trim($_POST['username']), 'ip' => $_SERVER['REMOTE_ADDR'], 'trip' => $tripsig, 'msg' => trim($_POST['msg']), 'key' => password_hash($artkey, PASSWORD_DEFAULT));
366
  file_put_contents($DATADIR . 'threads/' . $thread . '/' . $postid, serialize($msg));
443
  file_put_contents($DATADIR . 'threads/' . $thread . '/' . $postid, serialize($msg));
367
  // zaktualizuj metadane dot. ostatniego wpisu, ostatniego autora i ilości wpisów dla tego IP w ciągu ostatniej godziny
444
  // zaktualizuj metadane dot. ostatniego wpisu, ostatniego autora i ilości wpisów dla tego IP w ciągu ostatniej godziny, ale tylko dla nowych wpisów (nie dla edycji)
-
 
445
  if (empty($_POST['postid'])) {
368
  $db = new SQLite3($DATADIR . 'mateuszbb.sqlite3');
446
    $db = new SQLite3($DATADIR . 'mateuszbb.sqlite3');
369
  if ($db) {
447
    if ($db) {
370
    $db->exec('CREATE TABLE IF NOT EXISTS newest (thread INTEGER PRIMARY KEY, lastupdate INTEGER NOT NULL, lastauthor TEXT NOT NULL);');
448
      $db->exec('CREATE TABLE IF NOT EXISTS newest (thread INTEGER PRIMARY KEY, lastupdate INTEGER NOT NULL, lastauthor TEXT NOT NULL);');
371
    $db->exec('CREATE INDEX IF NOT EXISTS lastupdated ON newest (lastupdate);');
449
      $db->exec('CREATE INDEX IF NOT EXISTS lastupdated ON newest (lastupdate);');
372
    $db->exec('CREATE TABLE IF NOT EXISTS ip_msg_counters24h (threadid INTEGER NOT NULL, msgid INTEGER NOT NULL, ipaddr TEXT NOT NULL);');
450
      $db->exec('CREATE TABLE IF NOT EXISTS ip_msg_counters24h (threadid INTEGER NOT NULL, msgid INTEGER NOT NULL, ipaddr TEXT NOT NULL);');
373
    $db->exec('CREATE TABLE IF NOT EXISTS rss (thread INTEGER NOT NULL, msgid INTEGER NOT NULL, author TEXT NOT NULL);');
451
      $db->exec('CREATE TABLE IF NOT EXISTS rss (thread INTEGER NOT NULL, msgid INTEGER NOT NULL, author TEXT NOT NULL);');
374
    $db->exec('CREATE INDEX IF NOT EXISTS rss_msgid ON rss (msgid);');
452
      $db->exec('CREATE INDEX IF NOT EXISTS rss_msgid ON rss (msgid);');
375
    $login_escaped = $db->escapeString(trim($_POST['login']));
453
      $login_escaped = $db->escapeString(trim($_POST['username']));
376
    $db->exec("INSERT OR REPLACE INTO newest (thread, lastupdate, lastauthor) VALUES ({$thread}, {$postid}, '{$login_escaped}');");
454
      $db->exec("INSERT OR REPLACE INTO newest (thread, lastupdate, lastauthor) VALUES ({$thread}, {$postid}, '{$login_escaped}');");
377
    $db->exec("INSERT INTO rss (thread, msgid, author) VALUES ({$thread}, {$postid}, '{$login_escaped}');");
455
      $db->exec("INSERT INTO rss (thread, msgid, author) VALUES ({$thread}, {$postid}, '{$login_escaped}');");
378
    $db->exec("INSERT INTO ip_msg_counters24h (threadid, msgid, ipaddr) VALUES ({$thread}, {$postid}, '{$_SERVER['REMOTE_ADDR']}');");
456
      $db->exec("INSERT INTO ip_msg_counters24h (threadid, msgid, ipaddr) VALUES ({$thread}, {$postid}, '{$_SERVER['REMOTE_ADDR']}');");
379
    $db->close();
457
      $db->close();
380
  } else {
458
    } else {
381
    echo "SQL ERROR WHILE WRITING STATS\n";
459
      echo "SQL ERROR WHILE WRITING STATS\n";
-
 
460
    }
382
  }
461
  }
383
  // przekieruj
462
  // przekieruj
384
  if ($NICE_URLS) {
463
  if ($NICE_URLS) {
385
    $newurl = "{$thread}#{$postid}";
464
    $newurl = "{$thread}#{$postid}";
386
  } else {
465
  } else {
387
    $newurl = selfurl("thread={$thread}") . "#{$postid}";
466
    $newurl = selfurl("thread={$thread}") . "#{$postid}";
388
  }
467
  }
389
  header("Location: {$newurl}");
468
  header("Location: {$newurl}");
390
  echo "<html><head></head><body><a href=\"{$newurl}\">KLIKNIJ TUTAJ</a></body></html>\n";
469
  echo "<html><head></head><body><a href=\"{$newurl}\">KLIKNIJ TUTAJ</a></body></html>\n";
391
  exit();
470
  exit();
392
}
471
}
393
 
472
 
394
DONE:
473
DONE:
395
 
474
 
396
}
475
}
397
 
476
 
398
 
477
 
399
function mateuszbb_tytulwatku($id) {
478
function mateuszbb_tytulwatku($id) {
400
  global $DATADIR;
479
  global $DATADIR;
401
  return file_get_contents($DATADIR . 'threads/' . $id . '/title.txt');
480
  return file_get_contents($DATADIR . 'threads/' . $id . '/title.txt');
402
}
481
}
403
 
482
 
404
 
483
 
-
 
484
// returns an array of last n threads with most recent activity that had activity
-
 
485
// in last maxinact days. returns false on error or empty set.
-
 
486
// the returned result, when not false, is an array of arrays, where each
-
 
487
// leaf array represents one thread
-
 
488
function mateuszbb_getactivethreads($n, $maxinact = -1) {
-
 
489
  global $DATADIR;
-
 
490
  $result = array();
-
 
491
 
-
 
492
  $db = new SQLite3($DATADIR . 'mateuszbb.sqlite3', SQLITE3_OPEN_READONLY);
-
 
493
  if (! $db) return(false);
-
 
494
 
-
 
495
  $minupdatedate = 0;
-
 
496
  if ($maxinact >= 0) $minupdatedate = time() - (intval($maxinact) * 86400);
-
 
497
 
-
 
498
  $sqlquery = 'SELECT thread, lastupdate, lastauthor FROM newest WHERE lastupdate > ' . $minupdatedate . ' ORDER BY lastupdate DESC LIMIT ' . intval($n) . ';';
-
 
499
 
-
 
500
  $sqlres = $db->query($sqlquery);
-
 
501
  if (! $sqlres) {
-
 
502
    $db->close();
-
 
503
    return(false);
-
 
504
  }
-
 
505
 
-
 
506
  // kopiuj wpisy do nowej tablicy
-
 
507
  while ($row = $sqlres->fetchArray()) {
-
 
508
    $result[] = $row;
-
 
509
  }
-
 
510
 
-
 
511
  $db->close();
-
 
512
  return($result);
-
 
513
}
-
 
514
 
-
 
515
 
-
 
516
// returns true if post can be edited by current user
-
 
517
function is_art_edition_allowed($timestamp, $msg) {
-
 
518
  global $EDIT_ALLOWED_MINUTES;
-
 
519
  if ($EDIT_ALLOWED_MINUTES >= 0) {
-
 
520
    if (((time() - $timestamp) / 60) >= $EDIT_ALLOWED_MINUTES) return(false); // only posts from last x minutes can be edited
-
 
521
  }
-
 
522
  if (empty($_COOKIE['mateuszbbkey'])) return(false);
-
 
523
  if (empty($msg['key'])) return(false);
-
 
524
  return(password_verify($_COOKIE['mateuszbbkey'], $msg['key']));
-
 
525
}
-
 
526
 
-
 
527
 
-
 
528
function loadmsg($threadid, $postid) {
-
 
529
  global $DATADIR;
-
 
530
  $fname = $DATADIR . 'threads/' . $threadid . '/' . $postid;
-
 
531
  if (!file_exists($fname)) return(false);
-
 
532
  return(unserialize(file_get_contents($fname)));
-
 
533
}
-
 
534
 
-
 
535
 
405
// wyświetlanie UI itd
536
// wyświetlanie UI itd
406
function mateuszbb_start() {
537
function mateuszbb_start() {
407
global $TRIP_SALT;
538
global $TRIP_SALT;
408
global $ERRSTR;
539
global $ERRSTR;
409
global $DATADIR;
540
global $DATADIR;
410
global $INITYEAR;
541
global $INITYEAR;
411
global $LANG;
542
global $LANG;
412
global $STR;
543
global $STR;
413
global $NICE_URLS;
544
global $NICE_URLS;
414
global $SEARCH_API_URL;
545
global $SEARCH_API_URL;
-
 
546
global $TZ;
-
 
547
global $LOCK_DELAY;
-
 
548
global $MAINPAGE_MAXTHREADS;
-
 
549
global $MAINPAGE_MAXINACT;
415
 
550
 
416
// read global variables
551
// read global variables
417
$action = getvar_action();
552
$action = getvar_action();
418
$thread = getvar_thread();
553
$thread = getvar_thread();
419
$archiveyear = getvar_archiveyear();
554
$archiveyear = getvar_archiveyear();
420
 
555
 
-
 
556
// ustaw strefę czasową, jeśli jakaś jest skonfigurowana
-
 
557
if (!empty($TZ)) date_default_timezone_set($TZ);
-
 
558
 
421
// wyświetl błąd, jeśli jakiś wystąpił w mateuszbb_preprocess()
559
// wyświetl błąd, jeśli jakiś wystąpił w mateuszbb_preprocess()
422
if (!empty($ERRSTR)) {
560
if (!empty($ERRSTR)) {
423
  echo "<p class=\"minibb-errstr\">{$ERRSTR}</p>\n";
561
  echo "<p class=\"minibb-errstr\">{$ERRSTR}</p>\n";
424
  $action = '';
562
  $action = '';
425
  echo '<p><a href="./">Wróć do głównej strony</a></p>' . "\n";
563
  echo '<p><a href="./">Wróć do głównej strony</a></p>' . "\n";
426
  goto DONE;
564
  goto DONE;
427
}
565
}
428
 
566
 
429
// szukanie
567
// szukanie
430
if (isset($_POST['szukaj']) && (!empty(trim($_POST['szukaj'])))) {
568
if (isset($_POST['szukaj']) && (!empty(trim($_POST['szukaj'])))) {
431
  $q = trim($_POST['szukaj']);
569
  $q = trim($_POST['szukaj']);
432
  $query = $SEARCH_API_URL . urlencode($q);
570
  $query = $SEARCH_API_URL . urlencode($q);
433
  echo '<p>' . $STR[$LANG]['searchterm'] . ' ' . htmlentities($q) . '</p>';
571
  echo '<p>' . $STR[$LANG]['searchterm'] . ' ' . htmlentities($q) . '</p>';
434
  $results = file_get_contents($query);
572
  $results = file_get_contents($query);
435
  $resarr = json_decode($results, true)['items'];
573
  $resarr = json_decode($results, true)['items'];
436
 
574
 
437
  $licznik = 0;
575
  $licznik = 0;
438
  foreach ($resarr as $r) {
576
  foreach ($resarr as $r) {
439
    if (mb_substr($r['link'], -1) === '/') continue;
577
    if (mb_substr($r['link'], -1) === '/') continue;
440
    echo '<a href=' . $r['link'] . ' class="minibb-searchresult">';
578
    echo '<a href=' . $r['link'] . ' class="minibb-searchresult">';
441
    echo "<div><h1>{$r['title']}</h1><p>{$r['htmlSnippet']}</p></div></a>\n";
579
    echo "<div><h1>{$r['title']}</h1><p>{$r['htmlSnippet']}</p></div></a>\n";
442
    $licznik++;
580
    $licznik++;
443
  }
581
  }
444
 
582
 
445
  if ($licznik == 0) echo "<p>" . $STR[$LANG]['noresults'] . "</p>\n";
583
  if ($licznik == 0) echo "<p>" . $STR[$LANG]['noresults'] . "</p>\n";
446
 
584
 
447
  goto DONE;
585
  goto DONE;
448
}
586
}
449
 
587
 
-
 
588
// edit post
-
 
589
if ($action === 'editpostform') {
-
 
590
  $msg = loadmsg($_POST['thread'], $_POST['post']);
-
 
591
  if (is_art_edition_allowed($_POST['post'], $msg)) {
-
 
592
    formularz(intval($_POST['thread']), intval($_POST['post']), $msg);
-
 
593
  } else {
-
 
594
    echo "<p>Link expired</p>\n";
-
 
595
  }
-
 
596
  GOTO DONE;
-
 
597
}
-
 
598
 
450
// new thread form
599
// new thread form
451
if ($action === 'newthread') {
600
if ($action === 'newthread') {
452
  echo '<h2 class="minibb-threadtitle">' . $STR[$LANG]['newthread'] . '</h2>' . "\n";
601
  echo '<h2 class="minibb-threadtitle">' . $STR[$LANG]['newthread'] . '</h2>' . "\n";
453
  formularz();
602
  formularz();
454
  goto DONE;
603
  goto DONE;
455
}
604
}
456
 
605
 
457
// zobacz listę wątków
606
// zobacz listę wątków (main page)
458
if ((empty($action)) && ($thread < 0) && ($archiveyear <= 0)) {
607
if ((empty($action)) && ($thread < 0) && ($archiveyear <= 0)) {
-
 
608
  // display the main page header if any is defined
-
 
609
  if (file_exists($DATADIR . 'mateuszbb-main-head.html')) {
-
 
610
    readfile($DATADIR . 'mateuszbb-main-head.html');
-
 
611
  }
-
 
612
  // list wątków
459
  echo '<div class="minibb-toolbar" style="justify-content: space-between;">';
613
  echo '<div class="minibb-toolbar" style="justify-content: space-between;">';
460
  echo '<form action="' . selfurl() . '" method="POST"><input type="text" name="szukaj" placeholder="' . $STR[$LANG]['search'] . '"></form>';
614
  echo '<form action="' . selfurl() . '" method="POST"><input type="text" name="szukaj" placeholder="' . $STR[$LANG]['search'] . '"></form>';
461
  echo '<a href="' . selfurl('action=newthread') . '#formularz">' . $STR[$LANG]['opnewthread'] . '</a>';
615
  echo '<a href="' . selfurl('action=newthread') . '#formularz">' . $STR[$LANG]['opnewthread'] . '</a>';
462
  echo "</div>\n";
616
  echo "</div>\n";
463
  $db = new SQLite3($DATADIR . 'mateuszbb.sqlite3', SQLITE3_OPEN_READONLY);
-
 
464
  if ($db) {
617
 
465
    $sqlres = $db->query('SELECT thread, lastupdate, lastauthor FROM newest ORDER BY lastupdate DESC LIMIT 30;');
618
  $lista_watkow = mateuszbb_getactivethreads($MAINPAGE_MAXTHREADS, $MAINPAGE_MAXINACT);
466
    if (!$sqlres) {
619
  if ($lista_watkow === false) {
467
      echo "SQL ERROR\n";
620
    echo "<p>NO ENTRIES FOUND</p>";
468
    } else {
621
  } else {
469
      while ($row = $sqlres->fetchArray()) {
622
    foreach ($lista_watkow as $row) {
470
        $title = mateuszbb_tytulwatku($row['thread']);
623
      $title = mateuszbb_tytulwatku($row['thread']);
471
        if (empty($title)) {
624
      if (empty($title)) {
472
          echo "<!-- BŁĄD: nie zdołano załadować wątku nr {$row['thread']} -->\n";
625
        echo "<!-- BŁĄD: nie zdołano załadować wątku nr {$row['thread']} -->\n";
473
          continue;
626
        continue;
474
        }
-
 
475
        wyswietl_watek_w_liscie($row['thread'], $title, $row['lastauthor'], $row['lastupdate']);
-
 
476
      }
627
      }
-
 
628
      wyswietl_watek_w_liscie($row['thread'], $title, $row['lastauthor'], $row['lastupdate']);
477
    }
629
    }
478
    $db->close();
-
 
479
  } else {
-
 
480
    echo "<p>BŁĄD DOSTĘPU DO BAZY DANYCH</p>";
-
 
481
  }
630
  }
482
 
631
 
483
  echo '<div style="display: flex; justify-content: space-between; font-size: 0.9em; opacity: 0.8; margin: 0.6em 0.5em 0 0.5em;">' . "\n";
632
  echo '<div style="display: flex; justify-content: space-between; font-size: 0.9em; opacity: 0.8; margin: 0.6em 0.5em 0 0.5em;">' . "\n";
484
  echo '<div>' . $STR[$LANG]['archives'] . ':';
633
  echo '<div>' . $STR[$LANG]['archives'] . ':';
485
  for ($y = $INITYEAR; $y <= intval(gmdate('Y')); $y++) {
634
  for ($y = $INITYEAR; $y <= intval(gmdate('Y')); $y++) {
486
    if ($NICE_URLS) {
635
    if ($NICE_URLS) {
487
      echo " <a href=\"{$y}\">{$y}</a>";
636
      echo " <a href=\"{$y}\">{$y}</a>";
488
    } else {
637
    } else {
489
      echo ' <a href="' . selfurl("arch={$y}") . '">' . $y . '</a>';
638
      echo ' <a href="' . selfurl("arch={$y}") . '">' . $y . '</a>';
490
    }
639
    }
491
  }
640
  }
492
  echo "</div>\n";
641
  echo "</div>\n";
493
  echo '<a href="rss.php"><img style="height: 1em;" src="mateuszbb_rss.svg"></a>' . "\n";
642
  echo '<a href="rss.php"><img style="height: 1em;" src="mateuszbb_rss.svg" alt="RSS"></a>' . "\n";
494
  echo "</div>\n";
643
  echo "</div>\n";
495
 
644
 
496
  // display the main page footer if any is defined
645
  // display the main page footer if any is defined
497
  if (file_exists('mateuszforum-mainfooter.htm')) {
646
  if (file_exists($DATADIR . 'mateuszbb-main-foot.html')) {
498
    readfile('mateuszbb-mainfooter.htm');
647
    readfile($DATADIR . 'mateuszbb-main-foot.html');
499
  }
648
  }
500
 
649
 
501
  goto DONE;
650
  goto DONE;
502
}
651
}
503
 
652
 
504
// wyświetl archiwum
653
// wyświetl archiwum
505
if ($archiveyear > 0) {
654
if ($archiveyear > 0) {
506
  echo '<div class="minibb-toolbar" id="title"><a href="' . selfurl() . '">' . $STR[$LANG]['backtocur'] . '</a></div>' . "\n";
655
  echo '<div class="minibb-toolbar" id="title"><a href="' . selfurl() . '">' . $STR[$LANG]['backtocur'] . '</a></div>' . "\n";
507
  echo '<h2 class="minibb-threadtitle">' . $STR[$LANG]['archives'] . " {$archiveyear}</h2>\n";
656
  echo '<h2 class="minibb-threadtitle">' . $STR[$LANG]['archives'] . " {$archiveyear}</h2>\n";
508
  $threads = scandir($DATADIR . 'threads/', SCANDIR_SORT_ASCENDING);
657
  $threads = scandir($DATADIR . 'threads/', SCANDIR_SORT_ASCENDING);
509
  foreach ($threads as $t) {
658
  foreach ($threads as $t) {
510
    if (!preg_match('/^[0-9][0-9]*$/', $t)) continue; // skip anything that is not a thread id
659
    if (!preg_match('/^[0-9][0-9]*$/', $t)) continue; // skip anything that is not a thread id
511
    if (intval(gmdate('Y', $t)) != $archiveyear) continue; // skip threads out of the targeted year
660
    if (intval(gmdate('Y', $t)) != $archiveyear) continue; // skip threads out of the targeted year
512
    $title = file_get_contents($DATADIR . 'threads/' . $t . '/title.txt');
661
    $title = file_get_contents($DATADIR . 'threads/' . $t . '/title.txt');
513
    $link = $t;
662
    $link = $t;
514
    if (! $NICE_URLS) $link = selfurl("thread={$t}");
663
    if (! $NICE_URLS) $link = selfurl("thread={$t}");
515
    echo '<span style="font-family: monospace;">[' . gmdate("Y-m-d", $t) . "]</span> <a href=\"{$link}\">{$title}</a><br>\n";
664
    echo '<span style="font-family: monospace;">[' . gmdate("Y-m-d", $t) . "]</span> <a href=\"{$link}\">{$title}</a><br>\n";
516
  }
665
  }
517
  goto DONE;
666
  goto DONE;
518
}
667
}
519
 
668
 
520
// zobacz wątek
669
// zobacz wątek
521
if ((empty($action)) && ($thread >= 0)) {
670
if ((empty($action)) && ($thread >= 0)) {
522
  // załaduj listę postów (i zapamiętaj ostatnią pozycję)
671
  // załaduj listę postów (i zapamiętaj ostatnią pozycję)
523
  $listapostow = scandir($DATADIR . 'threads/' . $thread . '/');
672
  $listapostow = scandir($DATADIR . 'threads/' . $thread . '/');
524
  // usuń pozycje które nie są żadnym msgid (np. title.txt) i zapamiętaj ostatni msgid
673
  // usuń pozycje które nie są żadnym msgid (np. title.txt) i zapamiętaj ostatni msgid
525
  $posty = array();
674
  $posty = array();
526
  foreach ($listapostow as $p) {
675
  foreach ($listapostow as $p) {
527
    if (!preg_match('/^[0-9][0-9]*$/', $p)) continue; // skip anything that is not a messageid
676
    if (!preg_match('/^[0-9][0-9]*$/', $p)) continue; // skip anything that is not a messageid
528
    $posty[] = $p;
677
    $posty[] = $p;
529
    $ostatnipost = $p;
678
    $ostatnipost = $p;
530
  }
679
  }
-
 
680
  // is this thread locked?
-
 
681
  $islocked = false;
-
 
682
  if (($LOCK_DELAY >= 0) && ((time() - intval($ostatnipost)) / 86400 >= $LOCK_DELAY)) $islocked = true;
531
  // toolbar (ostatni wątek / odpowiedz / powrót do forum)
683
  // toolbar (ostatni wątek / odpowiedz / powrót do forum)
532
  echo '<div class="minibb-toolbar" id="title">';
684
  echo '<div class="minibb-toolbar" id="title">';
-
 
685
  echo '<a href="#' . $ostatnipost . '">' . $STR[$LANG]['jumptoend'] . '</a>';
-
 
686
  if (! $islocked) echo ' <a href="#formularz">' . $STR[$LANG]['reply'] . '</a>';
533
  echo '<a href="#' . $ostatnipost . '">' . $STR[$LANG]['jumptoend'] . '</a> <a href="#formularz">' . $STR[$LANG]['reply'] . '</a> <a href="' . selfurl() . '">' . $STR[$LANG]['listthreads'] . '</a></div>' . "\n";
687
  echo ' <a href="' . selfurl() . '">' . $STR[$LANG]['listthreads'] . '</a></div>' . "\n";
534
  // wyświetl tytuł wątku
688
  // wyświetl tytuł wątku
535
  echo '<h2 class="minibb-threadtitle">' . htmlspecialchars(file_get_contents($DATADIR . 'threads/' . $thread . '/title.txt')) . "</h2>\n";
689
  echo '<h2 class="minibb-threadtitle">' . htmlspecialchars(file_get_contents($DATADIR . 'threads/' . $thread . '/title.txt')) . "</h2>\n";
-
 
690
  // "thread is locked"
-
 
691
  if ($islocked) echo '<p class="minibb-islockedmsg">' . $STR[$LANG]['locked'] . "</p>\n";
536
  // wyświetl listę wątków
692
  // wyświetl listę postów
537
  foreach ($posty as $p) {
693
  foreach ($posty as $p) {
538
    $msg = unserialize(file_get_contents($DATADIR . 'threads/' . $thread . '/' . $p));
694
    $msg = loadmsg($thread, $p);
539
    echo '<div class="minibb-post" id="' . $p . '">' . "\n";
695
    echo '<div class="minibb-post" id="' . $p . '">' . "\n";
540
    echo '<div class="minibb-postheader"><a href="#' . $p . '" style="text-decoration: inherit; color: inherit;"><div class="minibb-postauthor">' . "\n";
696
    echo '<div class="minibb-postheader"><a href="#' . $p . '" style="text-decoration: inherit; color: inherit;"><div class="minibb-postauthor">' . "\n";
541
    echo $STR[$LANG]['author'] . ' ' . htmlspecialchars($msg['author']) . "<br>\n";
697
    echo $STR[$LANG]['author'] . ' ' . htmlspecialchars($msg['author']) . "<br>\n";
542
    echo $STR[$LANG]['address'] . ' ' . htmlspecialchars($msg['ip']) . "<br>\n";
698
    echo $STR[$LANG]['address'] . ' ' . htmlspecialchars($msg['ip']) . "<br>\n";
543
    echo $STR[$LANG]['date'] . ' ' . htmlspecialchars(data_dluga($p)) . "</div></a>\n";
699
    echo $STR[$LANG]['date'] . ' ' . htmlspecialchars(data_dluga($p)) . "</div></a>\n";
544
    if (!empty($msg['trip'])) {
700
    if (!empty($msg['trip'])) {
545
      echo '<div class="minibb-trip">';
701
      echo '<div class="minibb-trip">';
546
      echo chunk_split($msg['trip'], 16, "\n");
702
      echo chunk_split($msg['trip'], 16, "\n");
547
      echo "</div>\n";
703
      echo "</div>\n";
548
    }
704
    }
549
    echo "</div>\n";
705
    echo "</div>\n";
550
 
706
 
551
    // symbole html
707
    // symbole html
552
    $bodyprocessed = htmlspecialchars($msg['msg']);
708
    $bodyprocessed = htmlspecialchars($msg['msg']);
553
 
709
 
-
 
710
    // ludzie czasem dodają znaczniki [img] do obrazków, usuń je (ale tylko jeśli są na początku linii)
-
 
711
    $bodyprocessed = preg_replace('~^(\[img\])(.*)(\[/img\])~m', '$2', $bodyprocessed);
-
 
712
 
554
    // dodaj podgląd pod linki do obrazków, ale tylko jeśli link jest sam w linijce
713
    // dodaj podgląd pod linki do obrazków, ale tylko jeśli link jest sam w linijce
555
    $bodyprocessed = preg_replace('~^(http[s]?://[^<>[:space:]]+[[:alnum:]/]\.(jpg|png))($|[\r\n])~m', "$1\n<img src=\"$1\">\n", $bodyprocessed);
714
    $bodyprocessed = preg_replace('~^(http[s]?://[^<>[:space:]]+[[:alnum:]/]\.(jpg|png))($|[\r\n]{1,2})~m', "$1\n<img src=\"$1\">\n", $bodyprocessed);
556
 
715
 
557
    // olinkuj linki
716
    // olinkuj linki
558
    $bodyprocessed = preg_replace("~([^\"]|^)(http[s]?://[^<>[:space:]]+[[:alnum:]/])~", "$1<a href=\"$2\">$2</a>", $bodyprocessed);
717
    $bodyprocessed = preg_replace("~([^\"]|^)(http[s]?://[^<>[:space:]]+[[:alnum:]/=])~", "$1<a href=\"$2\">$2</a>", $bodyprocessed);
559
 
718
 
560
    // oflaguj cytaty (linijki zaczynające się od ">")
719
    // oflaguj cytaty (linijki zaczynające się od ">")
561
    $bodyprocessed = preg_replace('/^(&gt; .*)[\r]?\n/m', '<blockquote>$1</blockquote>', $bodyprocessed);
720
    $bodyprocessed = preg_replace('/^(&gt;.*)[\r]?\n/m', '<blockquote>$1</blockquote>', $bodyprocessed);
562
 
721
 
-
 
722
    echo '<div class="minibb-postbody">';
-
 
723
    // czy mogę edytować?
-
 
724
    if (is_art_edition_allowed($p, $msg)) {
563
    echo '<div class="minibb-postbody">' . $bodyprocessed . '</div>' . "\n";
725
      echo '<form class="editbtn" method="POST" action="' . selfurl() . '"><input type="hidden" name="action" value="editpostform"><input type="hidden" name="post" value="' . $p . '"><input type="hidden" name="thread" value="' . $thread . '"><input type="submit" value="EDIT"></form>';
-
 
726
    }
-
 
727
    echo $bodyprocessed . "</div>\n";
564
    echo "</div>\n";
728
    echo "</div>\n";
565
  }
729
  }
566
  // formularz odpowiedzi i do domu
730
  // formularz odpowiedzi albo komunikat o zamknięciu
-
 
731
  if ($islocked) {
-
 
732
    echo '<p class="minibb-islockedmsg">' . $STR[$LANG]['locked'] . "</p>\n";
-
 
733
  } else {
567
  formularz($thread);
734
    formularz($thread);
-
 
735
  }
568
  goto DONE;
736
  goto DONE;
569
}
737
}
570
 
738
 
571
DONE:
739
DONE:
572
}
740
}
573
?>
741
?>
574
 
742