Skip to content

Embed URL

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
(BAD CODE) Microboard
?php
# Configuration.
define('DATABASE', 'REDACTED'); # MySQLi host.
define('SERVER', 'REDACTED'); # MySQLi host.
define('USERNAME', 'REDACTED'); # MySQL user.
define('PASSWORD', 'REDACTED'); # MySQL password
define('TITLE', 'Microboard'); # Site title.
define('DEFAULT_NAME', 'Anonymous'); # Default poster name for no name/tripcode.
define('STYLESHEET', 'vchan.css'); # CSS file for styling.
define('ADMIN_CAP', 'jD@J6H6='); # The capcode password, use this as your tripcode when posting as admin.
define('ADMIN_CAP2', '<font color="red">## Administrator ##</font>'); #The capcode
define('TABLE', 'microboard'); # The SQL table used by the board
define('USE_ADS', true); #Should you use ads?
$boards = array(
0 => 'General',
1 => 'Meta',
);
$ads = array( # Ads go here.
'<a href="http://dev.vchan.tk/">Need a forum script? We\'ve got one!</a>',
'<a href="http://vchan.tk/">Pokemon! Gotta catch `em all!</a>'
);
global $boards;
# End configuration. Beneath is some legal shit.
/*
*
* index.php
*
* Copyright 2011 vocalon <vocalon@gmail.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
* MA 02110-1301, USA.
*
*
*/
# Microboard
# Lightweight 2ch-style *chan board
#
# Only requires this file and a MySQLi database to work, on the bare minimum.
# For better looks, set "STYLESHEET" to "micro.css".
#
# The database will be automatically generated.
function tripcode($plain)
{
$salt = substr($plain."H.",1,2);
$salt = preg_replace("|[^\.-z]|",".",$salt);
$salt = strtr($salt,":;<=>?@[\\]^_`","ABCDEFGabcdef");
return substr(crypt($plain,$salt),-10);
}
function get_name($name)
{
$nnt = explode('#', $name, 2);
if(!empty($nnt[1]))
{
if($nnt[1] === ADMIN_CAP)
{ $trip = ADMIN_CAP2; $_SESSION['admin'] = true;}
else {
$trip = '!'.tripcode($nnt[1]);
$_SESSION['admin'] = false;
}
} else {
$trip = '';
}
if(empty($nnt[0]))
{
$name = DEFAULT_NAME;
}
$_name = '<b>'.$name.'</b>'.$trip;
return $_name;
}
$db = new mysqli (SERVER, USERNAME, PASSWORD, DATABASE);
$sql = 'CREATE TABLE IF NOT EXISTS `'.TABLE.'` (
`id` INT NOT NULL AUTO_INCREMENT ,
`headline` TEXT NOT NULL ,
`body` TEXT NOT NULL ,
`name` TEXT NOT NULL ,
`parent` INT NOT NULL ,
`time` TEXT NOT NULL ,
`board` TEXT NOT NULL ,
`sticky` INT NOT NULL ,
`locked` INT NOT NULL ,
PRIMARY KEY ( `id` )
) ENGINE = InnoDB;';
$db->query($sql) or die('Could not create table.');
session_start();
if(!isset($_SESSION['name']))
{
$_SESSION['name'] = DEFAULT_NAME; # Do they have a name?
}
if(isset($_POST['body']))
{
if(isset($_POST['headline']))
{
if(empty($_POST['headline']))
{
die('The headline cannot be blank.');
}
$headline = htmlspecialchars($_POST['headline']);
}
if(empty($_POST['body']))
{
die('The body cannot be blank.'); # They have no post!
}
$body = htmlspecialchars($_POST['body']);
$name = htmlspecialchars($_POST['name']);
$_SESSION['name'] = $name;
if(!isset($_POST['parent']))
{
$parent = 0;
} else {
$parent = $_POST['parent'];
}
$body = preg_replace('/\n/', '<br />', $body);
$sql = 'INSERT INTO '.TABLE.' (headline, body, name, time, parent, board, sticky, locked) ';
$sql .= 'VALUES ("'.$headline.'", "'.$body.'", "'.$db->real_escape_string(get_name($name)).'", "'.time().'", "'.$parent.'", "'.$_POST['board'].'", "0", "0")';
if($parent != 0)
{
$sql2 = 'UPDATE '.TABLE.' SET time="'.time().'" WHERE id="'.$parent.'"';
}
$db->query($sql) or die($db->error);
if(isset($sql2))
{
$db->query($sql2) or die($db->error);
}
}
if(isset($_GET['admin']))
{
if($_SESSION['admin'] == true)
{
switch($_GET['admin'])
{
case 'delete':
$sql = 'DELETE FROM '.TABLE.' WHERE id="'.$_GET['post'].'"';
$sql2 = 'DELETE FROM '.TABLE.' WHERE parent="'.$_GET['post'].'"';
$db->query($sql) or die($db->error);
$db->query($sql2) or die($db->error);
break;
case 'sticky':
$sql = 'UPDATE '.TABLE.' SET sticky="1" WHERE id="'.$_GET['post'].'"';
$db->query($sql) or die($db->error);
break;
case 'lock':
$sql = 'UPDATE '.TABLE.' SET locked="1" WHERE id="'.$_GET['post'].'"';
$db->query($sql) or die($db->error);
break;
default:
die('No action selected!');
break;
}
} else {
die('You are not an admin!');
}
}
if(isset($_GET['board']))
{
$query = 'SELECT * FROM '.TABLE.' WHERE board="'.$_GET['board'].'"';
$result = $db->query($query) or die($db->error);
}
if(isset($_GET['read']))
{
$query = 'SELECT * FROM '.TABLE.' WHERE id="'.$_GET['read'].'"';
$result = $db->query($query) or die('Database error.');
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title><?php echo TITLE; ?></title>
<link rel="stylesheet" type="text/css" href="<?php echo STYLESHEET; ?>" />
<meta http-equiv="content-type" content="text/html;charset=utf-8" />
<script>
function toggle(){
var div1 = document.getElementById('div1')
if (div1.style.display == 'none') {
div1.style.display = 'block'
} else {
div1.style.display = 'none'
}
}
</script>
</head>
<body>
<?php
echo '<h1><a href="'.$_SERVER['PHP_SELF'].'">'.TITLE.'</a></h1>';
echo '<input type="button" onClick=toggle() value="New Post">';
?>
<div id="div1" style="display: none;">
<form method="POST" class="form">
<?
if(!isset($_GET['read'])) # Are we at the index?
{
echo '<b>Headline: </b><input type="text" name="headline" maxlength=150 /><br />';
}
?>
<b><a name="form">Name:</a> </b><input type="text" name="name" value="<?php echo $_SESSION['name']; ?>" maxlength=25 /><br />
<b>Comment: </b>
<textarea name="body"></textarea>
<input type="submit" value="Post" />
<select name="board">
<?php
print_r(var_dump($boards));
for($i = 0; $i > 50; $i + 1)
{
echo '<option value="'.$i.'">';
echo $boards[''.''.$i.''.''];
echo '</option>';
}
echo '</select></div>';
if(isset($_GET['read']))
{
if($result->num_rows != 1)
{
die('<h4>404!</h4>');
}
while($row = $result->fetch_array())
{
echo '<h3>'.$row['headline'].'</h3>';
echo '<div class="name">'.$row['name'].'<span style="float: right;">'.date("D, m-d-Y", $row['time']).' ';
if($_SESSION['admin'])
{
echo '<a href="?admin=delete&post='.$row['id'].'" title="Delete thread">[D]</a>';
echo '<a href="?admin=lock&post='.$row['id'].'" title="Lock thread">[L]</a>';
echo '<a href="?admin=sticky&post='.$row['id'].'" title="Sticky thread">[S]</a>';
}
echo '</span></div>';
echo '<div class="body">'.$row['body'].'';
echo '</div>';
echo '<p>';
if(USE_ADS == true)
{
$ad = array_rand($ads, 1);
echo '<b><span style="font-size: 10px;">Advertisement:</b> ' . $ads[$ad] . '</span>';
}
echo '</p>';
$parent = $row['id'];
$get_replies = 'SELECT * FROM '.TABLE.' WHERE parent="'.$parent.'" ORDER BY id ASC';
$res = $db->query($get_replies) or die('Could not retrieve replies. Error: '.$db->error);
while($replies = $res->fetch_array())
{
echo '<div class="post">';
echo '<div class="name">'.$replies['name'].'<span style="float: right;">'.date("D, m-d-Y H:i:s", $replies['time']).'</div>';
echo '<div class="body">'.$replies['body'].'</div>';
echo '</div>';
}
if($row['locked'] == 1)
{
die('This topic is locked.');
}
}
echo '<input type="hidden" value="'.$parent.'" name="parent" />';
echo '</form>';
} else {
$sql = 'SELECT * FROM '.TABLE.' WHERE parent="0" ORDER BY sticky DESC, time DESC';
$result = $db->query($sql) or die('Could not retrieve threads.');
$parent = 0;
echo '<ul>';
echo '<div class="name">Boards</div>';
for($i = 0; $i >= 50; $i += 1)
{
echo '<li><a href="?board='.$i.'">'.$boards[$i].'</a></li>';
}
echo '</ul>';
echo '<ul><div class="name">Threads</div>';
while($row = $result->fetch_array())
{
echo '<li><a href="?read='.$row['id'].'">'.$row['headline'].'</a>';
if($row['sticky'] == 1)
{
echo '<span style="float: right;">[STICKY]</span>';
}
if($row['locked'] == 1)
{
echo '<span style="float: right;">[LOCKED]</span>';
}
echo '</li>';
}
echo '</ul>';
}
if(USE_ADS == true)
{
$ad = array_rand($ads, 1);
echo '<p><b><span style="font-size: 10px;">Advertisement:</b> ' . $ads[$ad] . '</span></p>';
}
?>
</body>
<div class="extra">
<a href="http://dev.vchan.tk/">Microboard 2011 &copy;</a>
</div>
</html>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.