[Burichan]  [Futaba]  [Kusabax]  -  [WT]  [Home] [Manage]

[Return]
Posting mode: Reply
Name
Email
Subject   (reply to 6960)
Message
File
Password  (for post and file deletion)
  • Supported file types are: GIF, JPG, PNG
  • Maximum file size allowed is 1000 KB.
  • Images greater than 200x200 pixels will be thumbnailed.
  • Currently 148 unique user posts. View catalog


File 135085433549.jpg - (23.58KB , 310x206 , engine_repair.jpg )
6960 No. 6960
First of all, some PHP engines still can't into animated GIFs. We get -1 as bgrnd and the whole script halts. The solution, clearly displayed in the sourceforge bug tracker, is not implemented yet.

Second, it's not bad if user can open a thread on an oekaki board without oekaki. Most oekaki boards are in fact original content boards with the oekaki option enabled. Yes, one can open a thread with ANY file just by using a simple crafted .html file, but it's not a very good way. Actually, if admin encourages this, (s)he must be able to enable the file upload window for oekaki boards. The solution is here:

In file dwoo\templates\oek_reply_header.tpl change line 28 from
{if $replythread neq 0 || $.get.postoek neq ''}
to the following:
{if $replythread neq 0 || $.get.postoek neq '' || $board.compactlist neq 0}
in order to activate the option.

In file inc\classes\manage.class.php change lines 2560 and 2566 from
$tpl_page .= '<label for="compactlist">'. _gettext('Compact list') .':</label>
* * *
<div class="desc">'. _gettext('Text boards only. If enabled, the list of threads displayed on the front page will be formatted differently to be compact.') . '</div><br />';
to the following:
$tpl_page .= '<label for="compactlist">'. _gettext('Alternate View') .':</label>
* * *
<div class="desc">'. _gettext('Text and Oekaki boards only. If enabled for a Text board, the list of threads displayed on the front page will be formatted differently to be compact. If enabled for an Oekaki board, post form on the front page shows the file upload field. Remember advanced users can open threads without Oekaki either way.') . '</div><br />';
in order to inform board admins about the option.

Also, admins obviously can use both quick hacks (the anigif bug fix and the oekaki option) just by applying these patches manually on the last release.
Expand all images
>> No. 6969
1) Save main page of a /common board on somerandomchan.com;
2) Edit the file;
3) Find input type="hidden" name="board" value="common";
4) Replace it with input type="hidden" name="board" value="oekaki";

Remember most web debuggin' tools allow to do it "on the fly" WITHOUT any file saving so referers are kept intact.

5) Open the file and begin a new thread;
6) Enjoy watching your thread on /oekaki instead of /common;
7) ????????
8) PROFIT!!!!!!!

It's not a hole because ALL client-side restrictions can be hacked. Even ShiPro can be patched to upload the file instead of drawing. It's a native Web limitation.

So all of this is an interface fix rather than a scriptkiddies protection. You allow to do this, you set "Alternate view" checkbox and don't ban for those threads. Or you don't allow to do this, you clear "Alternate view" checkbox and ban for those threads.
>> No. 6970
I see. "ANY" means "not oekaki temporary file only, but any of allowed types". Not "any binary". Sorry, I've probably caused some panic :)
>> No. 6979
I can add another feature. If (file size) < (max size / 10) and (image size) < (thumbnail size), no thumbnail is generated but the original image itself is inserted into a thread. So small anigifs are kept intact and don't require a click to play'em.

Do anyone want me to do this and place the code here?
>> No. 6992
>>6960
CORRECTION: It's not in /oek_reply_header.tpl, it's in oek_post_box.tpl
>> No. 7035
I want to add my ready-for-use feature, too. I call it "Captchalogue mod" ("Captcha" + "ip catalogue"). To enable it, change config.php and posting.class.php.
existing lines
existing lines
existing lines

you must add these lines
you must add these lines

existing lines
existing lines
existing lines

>> No. 7036

// Limitations
$cf['KU_NEWTHREADDELAY'] = 30; // Minimum time in seconds a user must wait before posting a new thread again
$cf['KU_REPLYDELAY'] = 7; // Minimum time in seconds a user must wait before posting a reply again
$cf['KU_LINELENGTH'] = 150; // Used when cutting long post messages on pages and placing the message too long notification

$cf['KU_CAPTCHALOGIN'] = 200; // CAPTCHALOGUE MOD: Maximum time in seconds to post in the same thread without captcha.

// Image handling

>> No. 7037
function CheckCaptcha() {
global $board_class;

// CAPTCHALOGUE MOD: Checking maximum time to post in the same thread without captcha.
global $tc_db;
/* Get the timestamp of the last time a post in this thread was made by this IP address */
$result = $tc_db->GetOne("SELECT MAX(timestamp) FROM `" . KU_DBPREFIX . "posts` WHERE `boardid` = " . $board_class->board['id'] . " AND `parentid` != 0 AND `parentid` = " . $tc_db->qstr($_POST['replythread']) . " AND `ipmd5` = '" . md5($_SERVER['REMOTE_ADDR']) . "' AND `timestamp` > " . (time() - KU_CAPTCHALOGIN));
/* If they have posted before and it was recorded... */
if (isset($result)) {
/* If the time was shorter than the maximum time distance */
if (time() - $result <= KU_CAPTCHALOGIN) {
return;//Ignore new captcha entered because old one is still valid.
}
}
// CAPTCHALOGUE MOD ENDED

/* If the board has captcha's enabled... */
if ($board_class->board['enablecaptcha'] == 1) {
if ($board_class->board['type'] == 1 && $_POST['replythread']) {
/* Check if they entered the correct code. If not... */

>> No. 7038
I think $tc_db->qstr is safe enough because it's used ten lines later the exactly same way.

This mod allows to post more than one message in a thread without re-entering captcha/recaptcha. The thread must exist and must have at least one reply made few minutes ago from the same IP (OP doesn't count because it's not a reply). So one need to type captcha once for multiple quick replies and to type captcha twice if he have to create a new thread first.
However, this mod does not allow to create new threads without captcha and to flood a thread from different IPs (proxy/tor). The worst thing it allows is to do is to flood the thread to auto-sage limit and beyond, but all those posts can be deleted with one click because they're forced to have the same IP.
Also, it does not affect min. post time limit ("7" in the example). But it doesn't work because of a bug, BTW. KU_NEWTHREADDELAY works via $tc_db->GetOne and it's OK. My mod works via $tc_db->GetOne and it's OK, too. KU_REPLYDELAY works different way... wait, I can't say it WORKS different way because it DOESN'T WORK. I don't really care. Just warning: don't blame my mod, KU_REPLYDELAY does not work already. If it do, both time limits will work: user must not post with flooding rate but can bypass captcha if answers quickly.
Of course, captcha field is shown either way. We can't predict future. But user should be aware it's no need to fill it if he already posted to the thread minute ago.
>> No. 7039
To disable it, set captcha login time = 0. If it will become a standard feature, I suggest to set default value to 0 so it'll be disabled by default.
Most people just don't understand how it works.
>> No. 7040
Another quick and (hopefully) elegant hack.
Requested here: http://kusabax.cultnet.net/sup/res/59988.html#59988

config.php:
// Limitations
$cf['KU_NEWTHREADDELAY'] = 30; // Minimum time in seconds a user must wait before posting a new thread again
$cf['KU_REPLYDELAY'] = 7; // Minimum time in seconds a user must wait before posting a reply again
$cf['KU_LINELENGTH'] = 150; // Used when cutting long post messages on pages and placing the message too long notification

$cf['KU_DELETEDELAY'] = 300; // BUMPENSTAIN MOD: Prevents "blind bumps". Set a minimal time before post and it's deletion (unless another post has already been made recently) here.

// Image handling
$cf['KU_THUMBWIDTH'] = 200; // Maximum thumbnail width

>> No. 7041
board.php:

} else {
if ($post_class->Delete()) {
if ($post_class->post_parentid != '0') {
$board_class->RegenerateThreads($post_class->post['parentid']);
}
$board_class->RegeneratePages();
echo _gettext('Post successfully deleted.') . '<br />';
} else {
echo _gettext('There was an error in trying to delete your post') . '<br />';
echo _gettext('Maybe you\'re trying to delete it too soon without posting something for replace') . '<br />'; // BUMPENSTAIN MOD
}
}
} else {
echo _gettext('Incorrect password.') . '<br />';
}

>> No. 7045
Hope it works, this time I can't pay attention, too much extra job today, sorry.
>> No. 7046
>>7045
It doesn't work properly, I still can delete my own posts. Looks like it works 1 time, but the rest of posts can be deleted while the first one cannot. Strange... could you take a look into it? =)
>> No. 7047
No haste this time. Haste kills.

board-post.class.php:
$tc_db->Execute("DELETE FROM `".KU_DBPREFIX."watchedthreads` WHERE `threadid` = ".$tc_db->qstr($this->post['id'])." AND `board` = '".$this->board['name']."'");
$tc_db->Execute("UPDATE `".KU_DBPREFIX."posts` SET `IS_DELETED` = 1 , `deleted_timestamp` = '" . time() . "' WHERE `boardid` = '" . $this->board['id'] . "' AND `id` = ".$tc_db->qstr($this->post['id']));
clearPostCache($this->post['id'], $this->board['name']);

return $i.' ';
} else {

// BUMPENSTAIN MOD: BEGIN
$result = $tc_db->GetOne("SELECT MAX(timestamp) FROM `" . KU_DBPREFIX . "posts` WHERE `boardid` = '" . $this->board['id'] . "' AND `IS_DELETED` = 0 AND `id` != ".$tc_db->qstr($this->post['id']) . " AND `timestamp` > " . (time() - KU_DELETEDELAY) . " AND (`id` = ".$tc_db->qstr($this->post['parentid'])." OR `parentid` = ".$tc_db->qstr($this->post['parentid']).")");
if (!isset($result) || (time() - $result > KU_DELETEDELAY)) {//Order does matter
if (time() - $this->post['timestamp'] <= KU_DELETEDELAY) {
return false;
}
}
// BUMPENSTAIN MOD: END
$this->DeleteFile(false);
$tc_db->Execute("UPDATE `".KU_DBPREFIX."posts` SET `IS_DELETED` = 1 , `deleted_timestamp` = '" . time() . "' WHERE `boardid` = '" . $this->board['id'] . "' AND `id` = ".$tc_db->qstr($this->post['id']));
clearPostCache($this->post['id'], $this->board['name']);

return true;
}
}

function DeleteFile($update_to_removed = true, $whole_thread = false) {
global $tc_db;

>> No. 7048
>>7047
Now worked perfectly, thank you very much!
If it's not requesting too much, could you take a look into this?: >>/sup/59933
I'm sure it's not difficult to implement, and may be interesting for everybody. It's just to add the thread title (or an extract of the post if there's no title) to the catalog. Thanks again!
>> No. 7051
File 138660450859.png - (95.64KB , 1078x496 , xsxs.png )
7051
>>7047
Oh, I'm bringing you more work, haha. This: >>/sup/60266
If you have time, you know what to do =)
Thanks for your help!
>> No. 7072
<a href=http://www.andresramirezgaviria.com/file/#qcss7>url</a> provigil generic side effects - provigil medicine reviews
>> No. 7083
<a href=http://djsonny.com/#0vljs4>clicking here</a> buy retin a no prescription online - retin a micro official site
>> No. 7084
File 140498107423.gif - (28.82KB , 1268x1090 , classes - posting class dot php.gif )
7084
>>7038
>Also, it does not affect min. post time limit ("7" in the example). But it doesn't work because of a bug, BTW.

Why don't just fix it already? Pic related. Idiotic code is properly marked with a proper font.


Delete post []
Password  
Report post
Reason