Created
August 1, 2012 08:29
-
-
Save meticulousMisnomer/3225001 to your computer and use it in GitHub Desktop.
(BAD CODE) Microboard
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
?php | |
# Configuration. | |
define('DATABASE', 'REDACTED'); # MySQLi host. | |
define('SERVER', 'REDACTED'); # MySQLi host. | |
define('USERNAME', 'REDACTED'); # MySQL user. | |
define('PASSWORD', 'REDACTED'); # MySQL password | |
define('TITLE', 'Microboard'); # Site title. | |
define('DEFAULT_NAME', 'Anonymous'); # Default poster name for no name/tripcode. | |
define('STYLESHEET', 'vchan.css'); # CSS file for styling. | |
define('ADMIN_CAP', 'jD@J6H6='); # The capcode password, use this as your tripcode when posting as admin. | |
define('ADMIN_CAP2', '<font color="red">## Administrator ##</font>'); #The capcode | |
define('TABLE', 'microboard'); # The SQL table used by the board | |
define('USE_ADS', true); #Should you use ads? | |
$boards = array( | |
0 => 'General', | |
1 => 'Meta', | |
); | |
$ads = array( # Ads go here. | |
'<a href="http://dev.vchan.tk/">Need a forum script? We\'ve got one!</a>', | |
'<a href="http://vchan.tk/">Pokemon! Gotta catch `em all!</a>' | |
); | |
global $boards; | |
# End configuration. Beneath is some legal shit. | |
/* | |
* | |
* index.php | |
* | |
* Copyright 2011 vocalon <vocalon@gmail.com> | |
* | |
* This program is free software; you can redistribute it and/or modify | |
* it under the terms of the GNU General Public License as published by | |
* the Free Software Foundation; either version 2 of the License, or | |
* (at your option) any later version. | |
* | |
* This program is distributed in the hope that it will be useful, | |
* but WITHOUT ANY WARRANTY; without even the implied warranty of | |
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
* GNU General Public License for more details. | |
* | |
* You should have received a copy of the GNU General Public License | |
* along with this program; if not, write to the Free Software | |
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, | |
* MA 02110-1301, USA. | |
* | |
* | |
*/ | |
# Microboard | |
# Lightweight 2ch-style *chan board | |
# | |
# Only requires this file and a MySQLi database to work, on the bare minimum. | |
# For better looks, set "STYLESHEET" to "micro.css". | |
# | |
# The database will be automatically generated. | |
function tripcode($plain) | |
{ | |
$salt = substr($plain."H.",1,2); | |
$salt = preg_replace("|[^\.-z]|",".",$salt); | |
$salt = strtr($salt,":;<=>?@[\\]^_`","ABCDEFGabcdef"); | |
return substr(crypt($plain,$salt),-10); | |
} | |
function get_name($name) | |
{ | |
$nnt = explode('#', $name, 2); | |
if(!empty($nnt[1])) | |
{ | |
if($nnt[1] === ADMIN_CAP) | |
{ $trip = ADMIN_CAP2; $_SESSION['admin'] = true;} | |
else { | |
$trip = '!'.tripcode($nnt[1]); | |
$_SESSION['admin'] = false; | |
} | |
} else { | |
$trip = ''; | |
} | |
if(empty($nnt[0])) | |
{ | |
$name = DEFAULT_NAME; | |
} | |
$_name = '<b>'.$name.'</b>'.$trip; | |
return $_name; | |
} | |
$db = new mysqli (SERVER, USERNAME, PASSWORD, DATABASE); | |
$sql = 'CREATE TABLE IF NOT EXISTS `'.TABLE.'` ( | |
`id` INT NOT NULL AUTO_INCREMENT , | |
`headline` TEXT NOT NULL , | |
`body` TEXT NOT NULL , | |
`name` TEXT NOT NULL , | |
`parent` INT NOT NULL , | |
`time` TEXT NOT NULL , | |
`board` TEXT NOT NULL , | |
`sticky` INT NOT NULL , | |
`locked` INT NOT NULL , | |
PRIMARY KEY ( `id` ) | |
) ENGINE = InnoDB;'; | |
$db->query($sql) or die('Could not create table.'); | |
session_start(); | |
if(!isset($_SESSION['name'])) | |
{ | |
$_SESSION['name'] = DEFAULT_NAME; # Do they have a name? | |
} | |
if(isset($_POST['body'])) | |
{ | |
if(isset($_POST['headline'])) | |
{ | |
if(empty($_POST['headline'])) | |
{ | |
die('The headline cannot be blank.'); | |
} | |
$headline = htmlspecialchars($_POST['headline']); | |
} | |
if(empty($_POST['body'])) | |
{ | |
die('The body cannot be blank.'); # They have no post! | |
} | |
$body = htmlspecialchars($_POST['body']); | |
$name = htmlspecialchars($_POST['name']); | |
$_SESSION['name'] = $name; | |
if(!isset($_POST['parent'])) | |
{ | |
$parent = 0; | |
} else { | |
$parent = $_POST['parent']; | |
} | |
$body = preg_replace('/\n/', '<br />', $body); | |
$sql = 'INSERT INTO '.TABLE.' (headline, body, name, time, parent, board, sticky, locked) '; | |
$sql .= 'VALUES ("'.$headline.'", "'.$body.'", "'.$db->real_escape_string(get_name($name)).'", "'.time().'", "'.$parent.'", "'.$_POST['board'].'", "0", "0")'; | |
if($parent != 0) | |
{ | |
$sql2 = 'UPDATE '.TABLE.' SET time="'.time().'" WHERE id="'.$parent.'"'; | |
} | |
$db->query($sql) or die($db->error); | |
if(isset($sql2)) | |
{ | |
$db->query($sql2) or die($db->error); | |
} | |
} | |
if(isset($_GET['admin'])) | |
{ | |
if($_SESSION['admin'] == true) | |
{ | |
switch($_GET['admin']) | |
{ | |
case 'delete': | |
$sql = 'DELETE FROM '.TABLE.' WHERE id="'.$_GET['post'].'"'; | |
$sql2 = 'DELETE FROM '.TABLE.' WHERE parent="'.$_GET['post'].'"'; | |
$db->query($sql) or die($db->error); | |
$db->query($sql2) or die($db->error); | |
break; | |
case 'sticky': | |
$sql = 'UPDATE '.TABLE.' SET sticky="1" WHERE id="'.$_GET['post'].'"'; | |
$db->query($sql) or die($db->error); | |
break; | |
case 'lock': | |
$sql = 'UPDATE '.TABLE.' SET locked="1" WHERE id="'.$_GET['post'].'"'; | |
$db->query($sql) or die($db->error); | |
break; | |
default: | |
die('No action selected!'); | |
break; | |
} | |
} else { | |
die('You are not an admin!'); | |
} | |
} | |
if(isset($_GET['board'])) | |
{ | |
$query = 'SELECT * FROM '.TABLE.' WHERE board="'.$_GET['board'].'"'; | |
$result = $db->query($query) or die($db->error); | |
} | |
if(isset($_GET['read'])) | |
{ | |
$query = 'SELECT * FROM '.TABLE.' WHERE id="'.$_GET['read'].'"'; | |
$result = $db->query($query) or die('Database error.'); | |
} | |
?> | |
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" | |
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> | |
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> | |
<head> | |
<title><?php echo TITLE; ?></title> | |
<link rel="stylesheet" type="text/css" href="<?php echo STYLESHEET; ?>" /> | |
<meta http-equiv="content-type" content="text/html;charset=utf-8" /> | |
<script> | |
function toggle(){ | |
var div1 = document.getElementById('div1') | |
if (div1.style.display == 'none') { | |
div1.style.display = 'block' | |
} else { | |
div1.style.display = 'none' | |
} | |
} | |
</script> | |
</head> | |
<body> | |
<?php | |
echo '<h1><a href="'.$_SERVER['PHP_SELF'].'">'.TITLE.'</a></h1>'; | |
echo '<input type="button" onClick=toggle() value="New Post">'; | |
?> | |
<div id="div1" style="display: none;"> | |
<form method="POST" class="form"> | |
<? | |
if(!isset($_GET['read'])) # Are we at the index? | |
{ | |
echo '<b>Headline: </b><input type="text" name="headline" maxlength=150 /><br />'; | |
} | |
?> | |
<b><a name="form">Name:</a> </b><input type="text" name="name" value="<?php echo $_SESSION['name']; ?>" maxlength=25 /><br /> | |
<b>Comment: </b> | |
<textarea name="body"></textarea> | |
<input type="submit" value="Post" /> | |
<select name="board"> | |
<?php | |
print_r(var_dump($boards)); | |
for($i = 0; $i > 50; $i + 1) | |
{ | |
echo '<option value="'.$i.'">'; | |
echo $boards[''.''.$i.''.'']; | |
echo '</option>'; | |
} | |
echo '</select></div>'; | |
if(isset($_GET['read'])) | |
{ | |
if($result->num_rows != 1) | |
{ | |
die('<h4>404!</h4>'); | |
} | |
while($row = $result->fetch_array()) | |
{ | |
echo '<h3>'.$row['headline'].'</h3>'; | |
echo '<div class="name">'.$row['name'].'<span style="float: right;">'.date("D, m-d-Y", $row['time']).' '; | |
if($_SESSION['admin']) | |
{ | |
echo '<a href="?admin=delete&post='.$row['id'].'" title="Delete thread">[D]</a>'; | |
echo '<a href="?admin=lock&post='.$row['id'].'" title="Lock thread">[L]</a>'; | |
echo '<a href="?admin=sticky&post='.$row['id'].'" title="Sticky thread">[S]</a>'; | |
} | |
echo '</span></div>'; | |
echo '<div class="body">'.$row['body'].''; | |
echo '</div>'; | |
echo '<p>'; | |
if(USE_ADS == true) | |
{ | |
$ad = array_rand($ads, 1); | |
echo '<b><span style="font-size: 10px;">Advertisement:</b> ' . $ads[$ad] . '</span>'; | |
} | |
echo '</p>'; | |
$parent = $row['id']; | |
$get_replies = 'SELECT * FROM '.TABLE.' WHERE parent="'.$parent.'" ORDER BY id ASC'; | |
$res = $db->query($get_replies) or die('Could not retrieve replies. Error: '.$db->error); | |
while($replies = $res->fetch_array()) | |
{ | |
echo '<div class="post">'; | |
echo '<div class="name">'.$replies['name'].'<span style="float: right;">'.date("D, m-d-Y H:i:s", $replies['time']).'</div>'; | |
echo '<div class="body">'.$replies['body'].'</div>'; | |
echo '</div>'; | |
} | |
if($row['locked'] == 1) | |
{ | |
die('This topic is locked.'); | |
} | |
} | |
echo '<input type="hidden" value="'.$parent.'" name="parent" />'; | |
echo '</form>'; | |
} else { | |
$sql = 'SELECT * FROM '.TABLE.' WHERE parent="0" ORDER BY sticky DESC, time DESC'; | |
$result = $db->query($sql) or die('Could not retrieve threads.'); | |
$parent = 0; | |
echo '<ul>'; | |
echo '<div class="name">Boards</div>'; | |
for($i = 0; $i >= 50; $i += 1) | |
{ | |
echo '<li><a href="?board='.$i.'">'.$boards[$i].'</a></li>'; | |
} | |
echo '</ul>'; | |
echo '<ul><div class="name">Threads</div>'; | |
while($row = $result->fetch_array()) | |
{ | |
echo '<li><a href="?read='.$row['id'].'">'.$row['headline'].'</a>'; | |
if($row['sticky'] == 1) | |
{ | |
echo '<span style="float: right;">[STICKY]</span>'; | |
} | |
if($row['locked'] == 1) | |
{ | |
echo '<span style="float: right;">[LOCKED]</span>'; | |
} | |
echo '</li>'; | |
} | |
echo '</ul>'; | |
} | |
if(USE_ADS == true) | |
{ | |
$ad = array_rand($ads, 1); | |
echo '<p><b><span style="font-size: 10px;">Advertisement:</b> ' . $ads[$ad] . '</span></p>'; | |
} | |
?> | |
</body> | |
<div class="extra"> | |
<a href="http://dev.vchan.tk/">Microboard 2011 ©</a> | |
</div> | |
</html> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment