diff options
Diffstat (limited to 'cgi')
| -rw-r--r-- | cgi/formatting.py | 8 | ||||
| -rw-r--r-- | cgi/framework.py | 12 | ||||
| -rw-r--r-- | cgi/manage.py | 235 | ||||
| -rw-r--r-- | cgi/post.py | 13 | ||||
| -rw-r--r-- | cgi/templates/manage/menu.html | 3 | ||||
| -rw-r--r-- | cgi/templates/manage/mod.html | 15 | ||||
| -rw-r--r-- | cgi/templates/manage/news.html | 52 | ||||
| -rw-r--r-- | cgi/templates/manage/recent.html | 67 | ||||
| -rw-r--r-- | cgi/templates/manage/recyclebin.html | 4 | ||||
| -rwxr-xr-x | cgi/weabot.py | 18 |
10 files changed, 241 insertions, 186 deletions
diff --git a/cgi/formatting.py b/cgi/formatting.py index 0003f5c..47922c9 100644 --- a/cgi/formatting.py +++ b/cgi/formatting.py @@ -36,14 +36,6 @@ def format_post(message, ip, parentid, parent_timestamp=0): if Settings.USE_HTML: message = onlyAllowedHTML(message) - # [code] tag - if board["dir"] == "tech": - message = re.compile(r"\[code\](.+)\[/code\]", re.DOTALL | - re.IGNORECASE).sub(r"<pre><code>\1</code></pre>", message) - if board["allow_spoilers"]: - message = re.compile(r"\[spoiler\](.+)\[/spoiler\]", re.DOTALL | - re.IGNORECASE).sub(r'<span class="spoil">\1</span>', message) - if Settings.VIDEO_THUMBS: (message, affected) = videoThumbs(message) # if affected: diff --git a/cgi/framework.py b/cgi/framework.py index 898d6a1..94f6f30 100644 --- a/cgi/framework.py +++ b/cgi/framework.py @@ -24,8 +24,7 @@ def setBoard(dir): if not dir: raise UserError, _("The specified board is invalid.") logging.debug("Seteando el board " + dir) - board = FetchOne( - "SELECT * FROM `boards` WHERE `dir` = '%s' LIMIT 1" % _mysql.escape_string(dir)) + board = FetchOne("SELECT * FROM `boards` WHERE `dir` = '%s' LIMIT 1" % _mysql.escape_string(dir)) if not board: raise UserError, _("The specified board is invalid.") @@ -96,7 +95,8 @@ def addressIsProxy(ip): def addressIsES(ip): ES = ['AR', 'BO', 'CL', 'CO', 'CR', 'CU', 'EC', 'ES', 'GF', - 'GY', 'GT', 'HN', 'MX', 'NI', 'PA', 'PE', 'PY', 'PR', 'SR', 'UY', 'VE', 'v6'] # 'BR', + 'GY', 'GT', 'HN', 'MX', 'NI', 'PA', 'PE', 'PY', 'PR', + 'SR', 'UY', 'VE', 'v6'] # 'BR', return getCountry(ip) in ES @@ -176,10 +176,10 @@ def formatDate(t=None, home=False): if not home: try: board = Settings._.BOARD - if board["dir"] == 'world': - daylist = days['en'] - elif board["dir"] == '2d': + if board["dir"] == '2d': daylist = days['jp'] + elif board["dir"] == 'world': + daylist = days['en'] except: pass diff --git a/cgi/manage.py b/cgi/manage.py index f30674a..9818247 100644 --- a/cgi/manage.py +++ b/cgi/manage.py @@ -24,8 +24,7 @@ def manage(self, path_split): if 'username' in self.formdata and 'password' in self.formdata: # If no admin accounts available, create admin:admin - first_admin = FetchOne( - "SELECT 1 FROM `staff` WHERE `rights` = 0 LIMIT 1", 0) + first_admin = FetchOne("SELECT 1 FROM `staff` WHERE `rights` = 0 LIMIT 1", 0) if not first_admin: InsertDb("INSERT INTO `staff` (`username`, `password`, `added`, `rights`) VALUES ('admin', '" + _mysql.escape_string(genPasswdHash("admin")) + "', 0, 0)") @@ -178,17 +177,18 @@ def manage(self, path_split): template_values = {"mode": 1, 'boards': boardlist()} elif len(path_split) > 4: parentid = int(path_split[4]) - posts = FetchAll('SELECT id, timestamp, timestamp_formatted, name, message, file, thumb, IS_DELETED, locked, subject, length, INET6_NTOA(ip) AS ip FROM `posts` WHERE (parentid = %d OR id = %d) AND boardid = %s ORDER BY `id` ASC' % ( - parentid, parentid, board['id'])) + # make sure it's the full thread + check = FetchOne("SELECT `parentid` FROM `posts` WHERE `id` = %s AND `boardid` = %s LIMIT 1" % (parentid, board['id'])) + if check['parentid'] != "0": + parentid = int(check['parentid']) + + posts = FetchAll('SELECT id, timestamp, timestamp_formatted, name, message, file, thumb, IS_DELETED, locked, subject, length, INET6_NTOA(ip) AS ip FROM `posts` WHERE (parentid = %d OR id = %d) AND boardid = %s ORDER BY `id` ASC' % (parentid, parentid, board['id'])) template_filename = "mod.html" - template_values = {"mode": 3, - "dir": board["dir"], "posts": posts} + template_values = {"mode": 3, "dir": board["dir"], "posts": posts} else: - threads = FetchAll( - "SELECT * FROM `posts` WHERE boardid = %s AND parentid = 0 ORDER BY `bumped` DESC" % board["id"]) + threads = FetchAll("SELECT * FROM `posts` WHERE boardid = %s AND parentid = 0 ORDER BY `bumped` DESC" % board["id"]) template_filename = "mod.html" - template_values = {"mode": 2, - "dir": board["dir"], "threads": threads} + template_values = {"mode": 2, "dir": board["dir"], "threads": threads} elif path_split[2] == "recent": posts = FetchAll("SELECT posts.id, posts.subject, dir, boards.board_type, parentid, file, thumb, timestamp_formatted, timestamp, posts.message, INET6_NTOA(ip) AS ip, posts.name, email, tripcode, boards.name AS board_name FROM posts INNER JOIN boards ON posts.boardid = boards.id WHERE posts.timestamp > UNIX_TIMESTAMP() - 86400 ORDER BY timestamp DESC") template_filename = "recent.html" @@ -205,28 +205,27 @@ def manage(self, path_split): member_rights = '3' if path_split[3] == 'edit': - if len(path_split) > 4: - member = FetchOne( - 'SELECT * FROM `staff` WHERE `id` = ' + _mysql.escape_string(path_split[4]) + ' LIMIT 1') - if member: - member_username = member['username'] - member_rights = member['rights'] - action = 'edit/' + member['id'] - - try: - if self.formdata.get('user'): - if self.formdata['rights'] in ['0', '1', '2', '3']: - action_taken = True - - UpdateDb("UPDATE `staff` SET `username` = '" + _mysql.escape_string( - self.formdata['user']) + "', `rights` = " + self.formdata['rights'] + " WHERE `id` = " + member['id'] + " LIMIT 1") - message = _( - 'Staff member updated.') - logAction(staff_account['username'], _( - 'Updated staff account for %s') % self.formdata['user']) - template_filename = "message.html" - except: - pass + if len(path_split) > 4: + member = FetchOne('SELECT * FROM `staff` WHERE `id` = ' + _mysql.escape_string(path_split[4]) + ' LIMIT 1') + if member: + member_username = member['username'] + member_rights = member['rights'] + action = 'edit/' + member['id'] + + try: + if self.formdata.get('user'): + if self.formdata['rights'] in ['0', '1', '2', '3']: + action_taken = True + + UpdateDb("UPDATE `staff` SET `username` = '" + _mysql.escape_string( + self.formdata['user']) + "', `rights` = " + self.formdata['rights'] + " WHERE `id` = " + member['id'] + " LIMIT 1") + message = _( + 'Staff member updated.') + logAction(staff_account['username'], _( + 'Updated staff account for %s') % self.formdata['user']) + template_filename = "message.html" + except: + pass else: action = 'add' try: @@ -275,8 +274,7 @@ def manage(self, path_split): action_taken = True message = '<a href="' + Settings.CGI_URL + 'manage/staff/delete_confirmed/' + \ - path_split[4] + '">' + _( - 'Click here to confirm the deletion of that staff member') + '</a>' + path_split[4] + '">' + _('Click here to confirm the deletion of that staff member') + '</a>' template_filename = "message.html" elif path_split[3] == 'delete_confirmed': if not moderator: @@ -332,8 +330,7 @@ def manage(self, path_split): pass template_filename = "delete.html" - template_values = { - 'do_ban': do_ban, 'curboard': path_split[3], 'postid': path_split[4]} + template_values = {'do_ban': do_ban, 'curboard': path_split[3], 'postid': path_split[4]} elif path_split[2] == 'delete_confirmed': if not moderator: return @@ -453,7 +450,8 @@ def manage(self, path_split): elif path_split[2] == 'move': raise NotImplementedError - if not moderator: + #if not moderator: + if not administrator: return oldboardid = "" @@ -532,15 +530,13 @@ def manage(self, path_split): post['name'] = board['anonymous'] # fix date and (re)add post ID if necessary - post['timestamp_formatted'] = formatTimestamp( - post['timestamp']) + post['timestamp_formatted'] = formatTimestamp(post['timestamp']) if board["useid"] != '0': if post["parentid"]: tym = parent_time else: tym = post["timestamp"] - post['timestamp_formatted'] += ' ID:' + iphash(inet_ntoa(long( - post['ip'])), post, tym, board["useid"], False, '', False, False, (board["countrycode"] in ['1', '2'])) + post['timestamp_formatted'] += ' ID:' + iphash(post['ip'], post, tym, board["useid"], False, '', False, False, (board["countrycode"] in ['1', '2'])) # insert new post and get its new ID new_id = post.insert() @@ -604,10 +600,8 @@ def manage(self, path_split): # lock original, set expiration to 1 day exp = timestamp()+86400 - exp_format = datetime.datetime.fromtimestamp( - exp).strftime("%d/%m") - sql = "UPDATE `posts` SET `locked`=1, `expires`={exp}, `expires_formatted`=\"{exp_format}\" WHERE `boardid`=\"{oldboard}\" AND id=\"{oldthread}\"".format( - exp=exp, exp_format=exp_format, oldboard=oldboardid, oldthread=oldthread) + exp_format = datetime.datetime.fromtimestamp(exp).strftime("%d/%m") + sql = "UPDATE `posts` SET `locked`=1, `expires`={exp}, `expires_formatted`=\"{exp_format}\" WHERE `boardid`=\"{oldboard}\" AND id=\"{oldthread}\"".format(exp=exp, exp_format=exp_format, oldboard=oldboardid, oldthread=oldthread) UpdateDb(sql) # insert notice message @@ -616,11 +610,9 @@ def manage(self, path_split): board = setBoard(oldboard) if board['board_type'] == '1': - thread_url = "/{newboard}/read/{newthread}".format( - newboard=newboard, newthread=newthread) + thread_url = "/{newboard}/read/{newthread}".format(newboard=newboard, newthread=newthread) else: - thread_url = "/{newboard}/res/{newthread}.html".format( - newboard=newboard, newthread=newthread) + thread_url = "/{newboard}/res/{newthread}.html".format(newboard=newboard, newthread=newthread) notice_post = Post(board["id"]) notice_post["parentid"] = oldthread @@ -643,8 +635,7 @@ def manage(self, path_split): message += "done" - logAction(staff_account['username'], "Movido hilo %s/%s a %s/%s." % - (oldboard, oldthread, newboard, newthread)) + logAction(staff_account['username'], "Movido hilo %s/%s a %s/%s." % (oldboard, oldthread, newboard, newthread)) else: template_filename = "move.html" template_values = {'boards': boardlist( @@ -1048,10 +1039,8 @@ def manage(self, path_split): else: regenerateFrontPages() - message = "Eliminado post %s permanentemente." % ( - '/' + board['dir'] + '/' + post['id']) - logAction( - staff_account['username'], message + ' Contenido: ' + post['message'] + ' IP: ' + post['ip']) + message = "Post %s eliminado permanentemente" % ('/' + board['dir'] + '/' + post['id']) + logAction(staff_account['username'], message + ' desde papelera. Contenido: ' + post['message'] + ' IP: ' + post['ip']) # Delete more than 1 post if 'deleteall' in self.formdata.keys(): @@ -1073,14 +1062,13 @@ def manage(self, path_split): board = setBoard(dir) deletePost(int(postid), None) if post['parentid'] != '0': - threadUpdated(post['parentid']) + threadUpdated(post['parentid']) else: - regenerateFrontPages() + regenerateFrontPages() deleted += 1 # Delete post end - logAction(staff_account['username'], _( - 'Permadeleted %s post(s).') % str(deleted)) + logAction(staff_account['username'], _('Permadeleted %s post(s).') % str(deleted)) message = _('Permadeleted %s post(s).') % str(deleted) # Start @@ -1257,11 +1245,15 @@ def manage(self, path_split): elif path_split[2] == 'trim': if not administrator: return + board = setBoard(path_split[3]) trimThreads() self.output = "done trimming" return elif path_split[2] == 'setexpires': + if not administrator: + return + board = setBoard(path_split[3]) parentid = int(path_split[4]) days = int(path_split[5]) @@ -1281,18 +1273,25 @@ def manage(self, path_split): elif path_split[2] == 'fixflood': if not administrator: return + board = setBoard('zonavip') threads = FetchAll( "SELECT * FROM posts WHERE boardid = %s AND parentid = 0 AND subject LIKE 'querido mod%%'" % board['id']) + for thread in threads: self.output += "%s<br>" % thread['id'] #deletePost(thread['id'], None) return elif path_split[2] == 'fixico': + if not administrator: + return + board = setBoard(path_split[3]) + + if board['dir'] != 'noticias': + return - threads = FetchAll( - "SELECT * FROM posts WHERE boardid = %s AND parentid = 0 AND message NOT LIKE '<img%%'" % board['id']) + threads = FetchAll("SELECT * FROM posts WHERE boardid = %s AND parentid = 0 AND message NOT LIKE '<img%%'" % board['id']) for t in threads: img_src = '<img src="%s" alt="ico" /><br />' % getRandomIco() newmessage = img_src + t["message"] @@ -1301,6 +1300,9 @@ def manage(self, path_split): self.output = repr(threads) return elif path_split[2] == 'fixkako': + if not administrator: + return + board = setBoard(path_split[3]) threads = FetchAll( @@ -1330,6 +1332,9 @@ def manage(self, path_split): else: self.output += 'El hilo no existe.<br />' elif path_split[2] == 'fixexpires': + if not administrator: + return + board = setBoard(path_split[3]) if int(board["maxage"]): @@ -1354,6 +1359,9 @@ def manage(self, path_split): self.output = "done" return elif path_split[2] == 'fixid': + if not administrator: + return + board = setBoard(path_split[3]) posts = FetchAll( 'SELECT * FROM `posts` WHERE `boardid` = %s' % board['id']) @@ -1373,10 +1381,11 @@ def manage(self, path_split): UpdateDb(query) return elif path_split[2] == 'fixname': + return board = setBoard(path_split[3]) #posts = FetchAll('SELECT * FROM `posts` WHERE `boardid` = %s' % board['id']) - posts = FetchAll( - 'SELECT * FROM `posts` WHERE `name` LIKE \'%s\'' % '%%') + #posts = FetchAll('SELECT * FROM `posts` WHERE `name` LIKE \'%s\'' % '%%') + #posts = FetchAll('SELECT * FROM `posts` WHERE `name` = \'%s\'' % path_split[4]) new_name = board['anonymous'] self.output = new_name + "<br />" for post in posts: @@ -1386,6 +1395,9 @@ def manage(self, path_split): UpdateDb(query) return elif path_split[2] == 'setsub': + if not administrator: + return + board = setBoard(path_split[3]) thread = FetchOne( 'SELECT * FROM `posts` WHERE `parentid` = 0 AND `boardid` = %s' % board['id']) @@ -1396,6 +1408,9 @@ def manage(self, path_split): UpdateDb(query) return elif path_split[2] == 'fixlength': + if not administrator: + return + board = setBoard(path_split[3]) threads = FetchAll( 'SELECT * FROM `posts` WHERE parentid = 0 AND `boardid` = %s' % board['id']) @@ -1407,6 +1422,9 @@ def manage(self, path_split): self.output = 'done' return elif path_split[2] == 'archive': + if not administrator: + return + t = time.time() board = setBoard(path_split[3]) postid = int(path_split[4]) @@ -1736,14 +1754,11 @@ def manage(self, path_split): to_name = "%s ★" % staff_account['username'] timestamp_formatted = formatDate(t) if type > 0: - timestamp_formatted = re.sub( - r"\(.+", "", timestamp_formatted) + timestamp_formatted = re.sub(r"\(.+", "", timestamp_formatted) else: - timestamp_formatted = re.sub( - r"\(...\)", " ", timestamp_formatted) + timestamp_formatted = re.sub(r"\(...\)", " ", timestamp_formatted) - UpdateDb("INSERT INTO `news` (type, staffid, staff_name, title, message, name, timestamp, timestamp_formatted) VALUES (%d, '%s', '%s', '%s', '%s', '%s', '%d', '%s')" % ( - type, staff_account['id'], staff_account['username'], _mysql.escape_string(title), _mysql.escape_string(message), to_name, timestamp(t), timestamp_formatted)) + UpdateDb("INSERT INTO `news` (type, staffid, staff_name, title, message, name, timestamp, timestamp_formatted) VALUES (%d, '%s', '%s', '%s', '%s', '%s', '%d', '%s')" % (type, staff_account['id'], staff_account['username'], _mysql.escape_string(title), _mysql.escape_string(message), to_name, timestamp(t), timestamp_formatted)) regenerateNews() regenerateHome() @@ -1752,8 +1767,7 @@ def manage(self, path_split): if path_split[3] == 'delete': # Eliminar un post id = int(path_split[4]) - UpdateDb( - "DELETE FROM `news` WHERE id = %d AND type = %d" % (id, type)) + UpdateDb("DELETE FROM `news` WHERE id = %d AND type = %d" % (id, type)) regenerateNews() regenerateHome() message = _("Deleted successfully.") @@ -1780,8 +1794,7 @@ def manage(self, path_split): try: # Cut long lines message = self.formdata["message"] - message = clickableURLs( - cgi.escape(message).rstrip()[0:8000]) + message = clickableURLs(cgi.escape(message).rstrip()[0:8000]) message = onlyAllowedHTML(message) if Settings.USE_MARKDOWN: message = markdown(message) @@ -1805,25 +1818,21 @@ def manage(self, path_split): if path_split[3] == 'delete': if not administrator: # We check that if he's not admin, he shouldn't be able to delete other people's posts - post = FetchOne("SELECT `staffid` FROM `news` WHERE id = '" + - _mysql.escape_string(path_split[4])+"' AND type = '0'") + post = FetchOne("SELECT `staffid` FROM `news` WHERE id = '" + _mysql.escape_string(path_split[4]) +"' AND type = '0'") if post['staffid'] != staff_account['id']: self.error(_('That post is not yours.')) return # Delete! - UpdateDb("DELETE FROM `news` WHERE id = '" + - _mysql.escape_string(path_split[4]) + "' AND type = '0'") + UpdateDb("DELETE FROM `news` WHERE id = '" + _mysql.escape_string(path_split[4]) + "' AND type = '0'") message = _("Deleted successfully.") template_filename = "message.html" else: # If he's not admin, show only his own posts if administrator: - posts = FetchAll( - "SELECT * FROM `news` WHERE type = '0' ORDER BY `timestamp` DESC") + posts = FetchAll("SELECT * FROM `news` WHERE type = '0' ORDER BY `timestamp` DESC") else: - posts = FetchAll("SELECT * FROM `news` WHERE staffid = '" + - staff_account['id']+"' AND type = '0' ORDER BY `timestamp` DESC") + posts = FetchAll("SELECT * FROM `news` WHERE staffid = '" + staff_account['id']+"' AND type = '0' ORDER BY `timestamp` DESC") template_filename = "news.html" template_values = {'action': 'newschannel', 'posts': posts} @@ -2016,15 +2025,66 @@ def manage(self, path_split): # Generate form... template_filename = "ipdelete.html" template_values = {'boards': boardlist()} + elif path_split[2] == 'goto': + board = setBoard(path_split[3]) + board_type = board['board_type'] + + try: + pid = int(path_split[4]) + except ValueError: + raise UserError, "ID no válida." + + if board_type == '1': + first = get_parent_post(pid, board['id']) + url = "/" + board['dir'] + "/read/" + first['timestamp'] + "/" + else: + url = "/" + board['dir'] + "/res/" + str(pid) + ".html" + + self.output = '<meta http-equiv="refresh" content="0;url=%s" />' % url + elif path_split[2] == 'fixquote': + # when a mod deletes a post permanently messing with quote numbers + if not administrator: + return + + board = setBoard(path_split[3]) + if board['board_type'] == 1: + return + + pid = int(path_split[4]) + parent = FetchOne("SELECT `parentid` FROM `posts` \ + WHERE `id` = %s AND `boardid` = %s LIMIT 1" % (pid, board['id'])) + parent = parent['parentid'] + + ranges = '`id` >= ' + str(pid) + if len(path_split) > 5: + ranges += ' AND `id` <= ' + path_split[5] + + posts = FetchAll('SELECT `id`, `message` FROM `posts` \ + WHERE `boardid` = %s AND %s AND `parentid` = %s AND \ + `message` LIKE \'%%">>>%%\'' % (board['id'], ranges, parent)) + + def fix_num(capture): + qnum = str(int(capture.group(2)) - 1) + return '/'+board['dir']+'/read/' + capture.group(1) + '/' + qnum + '">>>' + qnum + + for post in posts: + rx = r'/'+board['dir']+'/read/(\d+)/(\d+)">>>(\d+)' + new_msg = re.sub(rx, fix_num, post['message']) + self.output += post['message'] + '<hr>' + new_msg + '<hr><hr>' + + query = "UPDATE `posts` SET `message` = '%s' WHERE `boardid` = %s AND `id` = %s" % (new_msg, board['id'], post['id']) + UpdateDb(query) + + # reflect changes + threadUpdated(parent) elif path_split[2] == 'search': if not administrator: return search_logs = FetchAll( - 'SELECT `id`,`timestamp`,`keyword`,`ita`,INET_NTOA(`ip`) AS `ip`,`res` FROM `search_log` ORDER BY `timestamp` DESC LIMIT 250') + 'SELECT `id`,`timestamp`,`keyword`,`ita`,INET_NTOA(`ip`) AS `ip`,`res` FROM `search_log` ORDER BY `timestamp` DESC LIMIT 256') for log in search_logs: #log['ip'] = str(inet_ntoa(log['ip'])) - log['timestamp_formatted'] = formatTimestamp( - log['timestamp']) + log['timestamp_formatted'] = formatTimestamp(log['timestamp']) if log['keyword'].startswith('k '): log['keyword'] = log['keyword'][2:] log['archive'] = True @@ -2035,9 +2095,7 @@ def manage(self, path_split): else: # Main page. reports = FetchOne("SELECT COUNT(1) FROM `reports`", 0)[0] - posts = FetchAll( - "SELECT * FROM `news` WHERE type = '0' ORDER BY `timestamp` DESC") - + posts = FetchAll("SELECT * FROM `news` WHERE type = '0' ORDER BY `timestamp` DESC") template_filename = "manage.html" template_values = {'reports': reports, 'posts': posts} @@ -2064,8 +2122,7 @@ def manage(self, path_split): 'added': formatTimestamp(staff_account['added']), }) - self.output += renderTemplate("manage/" + - template_filename, template_values) + self.output += renderTemplate("manage/" + template_filename, template_values) def switchBoard(new_type): diff --git a/cgi/post.py b/cgi/post.py index f40537d..e9fe083 100644 --- a/cgi/post.py +++ b/cgi/post.py @@ -953,15 +953,14 @@ def flood_check(t,post,boardid): board = Settings._.BOARD if not post["parentid"]: - maxtime = t - int(board['threadsecs']) - #lastpost = FetchOne("SELECT COUNT(*) FROM `posts` WHERE `ip` = '%s' and `parentid` = 0 and `boardid` = '%s' and IS_DELETED = 0 AND timestamp > %d" % (str(post["ip"]), boardid, maxtime), 0) + maxtime = round(t - int(board['threadsecs'])) + #lastpost = FetchOne("SELECT COUNT(*) FROM `posts` WHERE `ip` = INET6_ATON('%s') and `parentid` = 0 and `boardid` = '%s' and IS_DELETED = 0 AND timestamp > %d" % (str(post["ip"]), boardid, int(maxtime)), 0) # NO MATTER THE IP - lastpost = FetchOne("SELECT COUNT(*) FROM `posts` WHERE `parentid` = 0 and `boardid` = '%s' and IS_DELETED = 0 AND timestamp > %d" % (boardid, maxtime), 0) - pass + lastpost = FetchOne("SELECT COUNT(*) FROM `posts` WHERE `parentid` = 0 and `boardid` = '%s' and IS_DELETED = 0 AND timestamp > %d" % (boardid, int(maxtime)), 0) else: - maxtime = t - int(board['postsecs']) - lastpost = FetchOne("SELECT COUNT(*) FROM `posts` WHERE `ip` = '%s' and `parentid` != 0 and `boardid` = '%s' and IS_DELETED = 0 AND timestamp > %d" % (str(post["ip"]), boardid, maxtime), 0) + maxtime = round(t - int(board['postsecs'])) + lastpost = FetchOne("SELECT COUNT(*) FROM `posts` WHERE `ip` = INET6_ATON('%s') and `parentid` != 0 and `boardid` = '%s' and IS_DELETED = 0 AND timestamp > %d" % (str(post["ip"]), boardid, int(maxtime)), 0) if int(lastpost[0]): if post["parentid"]: @@ -969,7 +968,7 @@ def flood_check(t,post,boardid): else: lastpost = FetchOne("SELECT `timestamp` FROM `posts` WHERE `parentid`=0 and `boardid`='%s' and IS_DELETED = 0 ORDER BY `timestamp` DESC" % (boardid), 0) wait = int(int(board['threadsecs']) - (t - int(lastpost[0]))) - raise UserError, "Por favor espera " + str(wait) + " segundos antes de crear otro hilo." + raise UserError, "Espera " + str(wait) + " segundos antes de crear otro hilo." def cut_home_msg(message, boardlength=0): short_message = message.replace("<br />", " ") diff --git a/cgi/templates/manage/menu.html b/cgi/templates/manage/menu.html index 20d996d..e0d28fa 100644 --- a/cgi/templates/manage/menu.html +++ b/cgi/templates/manage/menu.html @@ -1,5 +1,4 @@ -<style>#adminmenu {text-align:center;}#adminmenu table {display:inline-block;font-size:10pt;margin-top:2px;text-align:left;} -#adminmenu a {font-weight:bold;}label {vertical-align:top;}dd p {margin:0;}</style> +<link rel="stylesheet" href="#{static_url}css/spc/manage.css" /> <script type="text/javascript" src="/static/js/manage.js"></script> <input type="hidden" name="board" value="" /> <?py if int(rights) < 4: ?> diff --git a/cgi/templates/manage/mod.html b/cgi/templates/manage/mod.html index 1cbaddf..c76965e 100644 --- a/cgi/templates/manage/mod.html +++ b/cgi/templates/manage/mod.html @@ -26,7 +26,7 @@ <td>#{i}</td> <td>#{thread['id']}</td> <td><a href="#{cgi_url}manage/mod/#{dir}/#{thread['id']}"><b>#{thread['subject']}</b></a></td> - <td class="date" data-unix="${thread['timestamp']}">#{thread['timestamp_formatted'][:21]}</td> + <td class="date">#{thread['timestamp_formatted'][:21]}</td> <td>${thread['message'][:200]}</td> <td>#{thread['length']}</td> <td style="white-space:nowrap;"> @@ -46,9 +46,14 @@ <?py elif mode == 3: ?> <table class="managertable"> <tr><th colspan="8" style="font-size:16pt;">Hilo: ${posts[0]['subject']} (#{posts[0]['length']})</th></tr> -<tr><td colspan="8" style="font-size:14pt;text-align:center;"><a href="#{cgi_url}manage/lock/#{dir}/#{posts[0]['id']}">#{"Abrir hilo" if posts[0]['locked'] == "1" else "Cerrar hilo"}</a> / -<a href="#{cgi_url}manage/permasage/#{dir}/#{posts[0]['id']}">#{"Quitar permasage" if posts[0]['locked'] == "2" else "Permasage"}</a> / -<a href="#{cgi_url}manage/move/#{dir}/#{posts[0]['id']}">Mover hilo</a></td></tr> +<tr> + <td colspan="8" style="font-size:14pt;text-align:center;"> + <a href="#{cgi_url}manage/goto/${dir}/#{posts[0]['id']}">Ver en BaI</a> / + <a href="#{cgi_url}manage/lock/#{dir}/#{posts[0]['id']}">#{"Abrir hilo" if posts[0]['locked'] == "1" else "Cerrar hilo"}</a> / + <a href="#{cgi_url}manage/permasage/#{dir}/#{posts[0]['id']}">#{"Quitar permasage" if posts[0]['locked'] == "2" else "Permasage"}</a> / + <a href="#{cgi_url}manage/move/#{dir}/#{posts[0]['id']}">Mover hilo</a> + </td> +</tr> <tr> <th>#</th> <th>ID</th> @@ -64,7 +69,7 @@ <tr> <td>#{i}</td> <td>#{p['id']}</td> - <td class="date" data-unix="${p['timestamp']}">${p['timestamp_formatted']}</td> + <td class="date">${p['timestamp_formatted']}</td> <td><span class="postername">${p['name']}</span></td> <td>${p['message']}</td> <td> diff --git a/cgi/templates/manage/news.html b/cgi/templates/manage/news.html index 33b8f49..feec2a5 100644 --- a/cgi/templates/manage/news.html +++ b/cgi/templates/manage/news.html @@ -13,32 +13,42 @@ <form action="#{cgi_url}manage/newschannel/add" method="post"> <?py #endif ?> <table> -<?py if action != 2: ?> -<tr><td class="postblock">Anónimo</td><td><input type="checkbox" name="anonymous" id="anon" value="1"#{checked(action != 0)} /><label for="anon"></label></td></tr> -<tr><td class="postblock">Título</td><td><input type="text" name="title" style="width:100%;" /></td></tr> -<?py #endif ?> -<tr><td class="postblock">Cuerpo<br /><br /><small style="font-weight:normal">HTML: Usar<br />con cuidado</small></td><td><textarea cols="48" rows="5" name="message" style="width:100%;"></textarea></td></tr> -<tr><td colspan="2"><input type="submit" name="submit" style="width:100%;" value="Publicar" /></td></tr> + <?py if action != 2: ?> + <tr> + <td class="postblock">Anónimo</td> + <td><input type="checkbox" name="anonymous" id="anon" value="1"#{checked(action != 0)} /><label for="anon"></label></td> + </tr> + <tr> + <td class="postblock">Título</td> + <td><input type="text" name="title" style="width:100%;" /></td> + </tr> + <?py #endif ?> + <tr> + <td class="postblock">Cuerpo<br /><br /><small style="font-weight:normal">HTML: Usar<br />con cuidado</small></td> + <td><textarea cols="48" rows="5" name="message" style="width:100%;"></textarea></td> + </tr> + <tr><td colspan="2"><input type="submit" name="submit" style="width:100%;" value="Publicar" /></td></tr> </table> </form> <?py if posts: ?> <hr /> <table class="managertable"> -<tr><th>ID</th><th>Fecha</th> -<?py if action != 2: ?><th>Título</th><?py #endif ?> -<?py if action != 2: ?><th>Mensaje</th> -<?py else: ?><th>Tweet</th> -<?py #endif ?> -<th></th></tr> -<?py for post in posts: ?> -<tr> -<td style="text-align:center">#{post['id']}</td> -<td>#{post['timestamp_formatted']}</td> -<?py if action != 2: ?><td>#{post['title']}</td><?py #endif ?> -<td>#{post['message']}</td> -<td>[<a href="#{cgi_url}manage/news/delete/#{post['id']}?type=#{action}">Eliminar</a>]</td> -</tr> -<?py #endfor ?> + <tr> + <th>ID</th> + <th>Fecha</th> + <?py if action != 2: ?><th>Título</th><?py #endif ?> + <th>${"Noticia" if action != 2 else Tweet}</th> + <th></th> + </tr> + <?py for post in posts: ?> + <tr> + <td style="text-align:center">#{post['id']}</td> + <td>#{post['timestamp_formatted']}</td> + <?py if action != 2: ?><td>#{post['title']}</td><?py #endif ?> + <td>#{post['message']}</td> + <td>[<a href="#{cgi_url}manage/#{'newschannel' if action == 'newschannel' else 'news'}/delete/#{post['id']}?type=#{action}">Eliminar</a>]</td> + </tr> + <?py #endfor ?> </table> <?py #endif ?> </center> diff --git a/cgi/templates/manage/recent.html b/cgi/templates/manage/recent.html index fd47592..13e5b42 100644 --- a/cgi/templates/manage/recent.html +++ b/cgi/templates/manage/recent.html @@ -12,42 +12,39 @@ <tbody> <?py for post in posts: ?> <tr> - <td> - <?py if post['file']: ?><a href="/${post['dir']}/src/#{post['file']}" target="_blank"><img - src="/${post['dir']}/mobile/${post['thumb']}" /></a> + <td style="text-align:center;"> + <?py if post['file']: ?> + <a href="/${post['dir']}/src/#{post['file']}" target="_blank"><img src="/${post['dir']}/mobile/${post['thumb']}" /></a> + <?py #endif ?> + </td> + <td class="recentpost"> + <div class="recentinfo"> + #{post['id']} + <?py if post['subject']: ?> + : <b><i>#{post['subject']}</i></b> <?py #endif ?> - </td> - <td> - <div class="recentPostHeader"> - ##{post['id']} <b>#{post['subject']}</b> en - <i>#{post['board_name']}</i> hace - <span name="timestamp" data-ts="#{post['timestamp']}">#{post['timestamp_formatted']}</span> - por <b>#{post['name']}</b> - <code>#{post['email']} #{post['tripcode']}</code> - </div> - <?py if post['dir'] == 'zonavip': ?> - <div class="message vip">#{post['message']}</div> - <?py else: ?> - <div class="message">#{post['message']}</div> - <?py #endif ?> - <div class="actions"> - <?py if post['parentid'] != '0': ?> - <a href="#{cgi_url}manage/mod/${post['dir']}?thread=#{post['parentid']}">Ver hilo completo</a> - <?py #endif ?> - <a href="#{cgi_url}manage/goto/?dir=${post['dir']}&type=#{post['board_type']}&thread=#{post['parentid']}">Ver - hilo en BaI</a> - </div> - </td> - <td> - <a href="#{cgi_url}manage/ipshow?ip=#{post['ip']}">#{post['ip']}</a> - </td> - <td> - <a title="Eliminar mensaje" href="#{cgi_url}manage/delete/#{post['dir']}/#{post['id']}"><img - src="/static/icons/comment_delete.png" /></a> - <a title="Banear" href="#{cgi_url}manage/ban?ip=#{post['ip']}"><img src="/static/icons/user_delete.png" /></a> - <a title="Eliminar y Banear" href="#{cgi_url}manage/delete/#{post['dir']}/#{post['id']}?ban=true"><img - src="/static/icons/cross.png" /></a> - </td> + : <b>#{post['name']}</b>#{post['tripcode']} + : Hace <span name="timestamp" data-ts="#{post['timestamp']}">#{post['timestamp_formatted']}</span> + @ #{post['board_name']} + </div> + <div class="recentmsg">#{post['message']}</div> + <div class="actions"> + <a href="#{cgi_url}manage/mod/${post['dir']}/#{post['parentid']}">Ver hilo completo</a> + <?py if post['board_type'] == '1': ?> + <a href="#{cgi_url}manage/goto/${post['dir']}/#{post['parentid']}">Ver hilo en BaI</a> + <?py else: ?> + <a href="/${post['dir']}/res/#{post['parentid'] if post['parentid'] != '0' else post['id']}.html">Ver hilo en BaI</a> + <?py #endif ?> + </div> + </td> + <td> + <a href="#{cgi_url}manage/ipshow?ip=#{post['ip']}">#{post['ip']}</a> + </td> + <td style="white-space:nowrap;"> + <a href="#{cgi_url}manage/delete/#{post['dir']}/#{post['id']}">Eliminar</a> + <a href="#{cgi_url}manage/delete/#{post['dir']}/#{post['id']}?ban=true">&</a> + <a href="#{cgi_url}manage/ban?ip=#{post['ip']}">Ban</a> + </td> </tr> <?py #endfor ?> </tbody> diff --git a/cgi/templates/manage/recyclebin.html b/cgi/templates/manage/recyclebin.html index b413c9c..bdc7e45 100644 --- a/cgi/templates/manage/recyclebin.html +++ b/cgi/templates/manage/recyclebin.html @@ -51,8 +51,8 @@ ${message} <tr> <td><a href="#{cgi_url}manage/recyclebin/#{currentpage}/delete/#{post['dir']}/#{post['id']}">X</a><br /><a href="#{cgi_url}manage/recyclebin/#{currentpage}/restore/#{post['dir']}/#{post['id']}">R</a></td> <td><input type="checkbox" name="!i#{post['dir']}/#{post['id']}" id="#{post['dir']}#{post['id']}" value="1" /><label for="#{post['dir']}#{post['id']}"></label></td> - <td>#{post['id']}</td> - <td class="date" data-unix="${post['timestamp']}">${post['timestamp_formatted']}</td> + <td><a href="#{cgi_url}manage/mod/${post['dir']}/#{post['id']}">#{post['id']}</a></td> + <td class="date">${post['timestamp_formatted']}</td> <td>${post['dir']}</td> <td>${post['IS_DELETED']}</td> <td>${post['ip']}</td> diff --git a/cgi/weabot.py b/cgi/weabot.py index eba4c72..8a9f82e 100755 --- a/cgi/weabot.py +++ b/cgi/weabot.py @@ -160,7 +160,7 @@ class weabot(object): # call post function (post_url, ttaken, unused) = self.make_post(ip, boarddir, parent, trap1, trap2, name, - email, subject, message, file, file_original, spoil, oek_file, password, noimage, mobile) + email, subject, message, file, file_original, spoil, oek_file, password, noimage, mobile) # make redirect self.output += make_redirect(post_url, ttaken) @@ -266,8 +266,7 @@ class weabot(object): if len(path_split) > 4 and path_split[4] and board['board_type'] == '1': # try: - self.output = dynamicRead( - int(path_split[3]), path_split[4], True) + self.output = dynamicRead(int(path_split[3]), path_split[4], True) # except: # self.output = threadPage(path_split[3], True) elif board['board_type'] == '1': @@ -313,10 +312,8 @@ class weabot(object): elif path_split[1] == "random": caught = True OpenDb() - board = FetchOne( - "SELECT `id`, `dir`, `board_type` FROM `boards` WHERE `secret` = 0 AND `id` <> 1 AND `id` <> 13 AND `id` <> 34 ORDER BY RAND() LIMIT 1") - thread = FetchOne( - "SELECT `id`, `timestamp` FROM `posts` WHERE `parentid` = 0 AND `boardid` = %s ORDER BY RAND() LIMIT 1" % board['id']) + board = FetchOne("SELECT `id`, `dir`, `board_type` FROM `boards` WHERE `secret` = 0 AND `id` <> 1 AND `id` <> 13 AND `id` <> 34 ORDER BY RAND() LIMIT 1") + thread = FetchOne("SELECT `id`, `timestamp` FROM `posts` WHERE `parentid` = 0 AND `boardid` = %s ORDER BY RAND() LIMIT 1" % board['id']) if board['board_type'] == '1': url = Settings.HOME_URL + \ board['dir'] + '/read/' + thread['timestamp'] + '/' @@ -380,8 +377,7 @@ class weabot(object): if addressIsBanned(self.environ['REMOTE_ADDR'], board["dir"], blind_only=True): raise UserError, '<meta http-equiv="refresh" content="0; url=/cgi/banned/%s">' % board["dir"] - self.output = dynamicRead( - int(path_split[3]), path_split[4]) + self.output = dynamicRead(int(path_split[3]), path_split[4]) elif path_split[1] == "preview": caught = True OpenDb() @@ -397,7 +393,7 @@ class weabot(object): import modapi caught = True self.headers = [("Content-Type", "application/json"), ("Access-Control-Allow-Origin", "*"), ("Access-Control-Allow-Methods", - "PUT, GET, POST, DELETE, OPTIONS"), ("Access-Control-Allow-Headers", "Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With")] + "PUT, GET, POST, DELETE, OPTIONS"), ("Access-Control-Allow-Headers", "Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With")] OpenDb() modapi.api(self, path_split) if not caught: @@ -602,7 +598,7 @@ class weabot(object): # make ID hash if board["useid"] != '0': post["timestamp_formatted"] += ' ID:' + iphash(ip, post, tim, board["useid"], mobile, - self.environ["HTTP_USER_AGENT"], cap_id, hide_end, (board["countrycode"] in ['1', '2'])) + self.environ["HTTP_USER_AGENT"], cap_id, hide_end, (board["countrycode"] in ['1', '2'])) # use for future file checks xfile = (file or oek_file) |