report-test.php
1 <?php 2 3 function report_get_style($board) { 4 $styles = array( 5 'Yotsuba' => STATIC_SERVER.'css/yotsuba.css', 6 'Yotsuba B' => STATIC_SERVER.'css/yotsublue.css', 7 'Futaba' => STATIC_SERVER.'css/futaba.css', 8 'Burichan' => STATIC_SERVER.'css/burichan.css', 9 ); 10 $board = mysql_real_escape_string($board); 11 $query = mysql_global_call("SELECT domain FROM boardlist where dir='$board'"); 12 list($domain) = mysql_fetch_row($query); 13 if(DEFAULT_BURICHAN == 1) 14 $styletitle = ($_COOKIE['ws_style']?$_COOKIE['ws_style']:'Yotsuba B'); 15 elseif($domain == 'may') 16 $styletitle = 'not4chan'; 17 else 18 $styletitle = ($_COOKIE['nws_style']?$_COOKIE['nws_style']:'Yotsuba'); 19 return $styles[$styletitle]; 20 } 21 22 function log_cleared_reporter($long_ip, $pwd, $pass_id, $cat_id, $weight) { 23 $sql = <<<SQL 24 INSERT INTO report_clear_log(long_ip, pwd, pass_id, category, weight) 25 VALUES(%d, '%s', '%s', %d, %F) 26 SQL; 27 28 return !!mysql_global_call($sql, $long_ip, $pwd, $pass_id, $cat_id, $weight); 29 } 30 31 function report_create_ban_req($board, $post_id, $template_id, $is_warn = false) { 32 $post_id = (int)$post_id; 33 $template_id = (int)$template_id; 34 35 if ($template_id < 1 || $post_id < 1 || !$board) { 36 return -1; 37 } 38 39 if (!preg_match('/^[a-z0-9]+$/', $board)) { 40 return -1; 41 } 42 43 // Get the post 44 $sql = "SELECT * FROM `%s` WHERE no = $post_id"; 45 $res = mysql_board_call($sql, $board); 46 $post = mysql_fetch_assoc($res); 47 48 if (!$post) { 49 return 2; 50 } 51 52 if (!$post['host']) { 53 return -2; 54 } 55 56 // Get the template 57 $sql = "SELECT * FROM ban_templates WHERE no = $template_id LIMIT 1"; 58 $res = mysql_global_call($sql); 59 $tpl = mysql_fetch_assoc($res); 60 61 if (!$tpl) { 62 return -3; 63 } 64 65 $reason = $tpl['publicreason']; 66 67 $reverse = gethostbyaddr($post['host']); 68 69 if ($is_warn) { 70 $warn_req = 1; 71 } 72 else if ($tpl['days'] === '0') { 73 $warn_req = 1; 74 } 75 else { 76 $warn_req = 0; 77 } 78 79 // Preserve the file 80 if ($post['ext'] != '') { 81 $img_filepath = IMG_DIR . "{$post['tim']}{$post['ext']}"; 82 $thumb_filepath = THUMB_DIR . "{$post['tim']}s.jpg"; 83 84 // Skip files for illegal reports 85 $sql = "SELECT COUNT(*) FROM reports WHERE board = '%s' AND no = $post_id AND cat = 2"; 86 $res = mysql_global_call($sql, $board); 87 $is_illegal = mysql_fetch_row($res)[0] > 0; 88 89 if (!$is_illegal && $tpl['save_post'] === 'everything') { 90 $salt = file_get_contents(SALTFILE); 91 $hash = sha1($board . $post['no'] . $salt); 92 93 if (file_exists($img_filepath)) { 94 copy( 95 $img_filepath, 96 BANIMG_ROOT . "$board/$hash{$post['ext']}" 97 ); 98 99 copy( 100 $thumb_filepath, 101 BANTHUMB_DIR . "{$hash}s.jpg" 102 ); 103 } 104 } 105 else { 106 $post['raw_md5'] = $post['md5']; 107 } 108 } 109 110 // Get the subject of the thread 111 if ($post['resto']) { 112 $sql = "SELECT sub FROM `%s` WHERE no = %d"; 113 $res = mysql_board_call($sql, $board, $post['resto']); 114 $_sub = mysql_fetch_assoc($res); 115 if ($_sub) { 116 $rel_sub = $_sub['sub']; 117 118 if (strpos($rel_sub, 'SPOILER<>') === 0) { 119 $rel_sub = substr($rel_sub, 9); 120 } 121 122 if ($rel_sub !== '') { 123 $post['rel_sub'] = $rel_sub; 124 } 125 } 126 } 127 128 // Insert the ban request 129 $tpl_name = $tpl['name']; 130 $tpl_global = $tpl['bantype'] !== 'local' ? 1 : 0; 131 132 $sql = <<<SQL 133 INSERT INTO ban_requests 134 SET host='%s', reverse='%s', pwd='%s', xff='%s', reason='', global = $tpl_global, tpl_name = '%s', 135 ban_template='%s', board='%s', janitor='%s', spost='%s', post_json='%s', warn_req = %d 136 SQL; 137 138 $post['board'] = $board; 139 $post_json = json_encode(generate_post_json($post, $post['resto'] ? $post['resto'] : $post['no'], [], true)); 140 141 $res = mysql_global_call($sql, 142 $post['host'], $reverse, $post['pwd'], $xff, $tpl_name, 143 $template_id, $board, 'Auto-ban', serialize($post), $post_json, $warn_req 144 ); 145 146 if (!$res) { 147 return -4; 148 } 149 150 return 1; 151 } 152 153 // FIXME: 154 // - cookie hackery to set the user name 155 // - the function can die and show an error 156 function report_delete_post($post_id) { 157 $post_id = (int)$post_id; 158 159 if (isset($_COOKIE['4chan_auser'])) { 160 $_old_auser = $_COOKIE['4chan_auser']; 161 } 162 else { 163 $_old_auser = false; 164 } 165 166 $_COOKIE['4chan_auser'] = 'Auto-ban'; 167 168 // post_id, pwd, $imgonly, automatic, children, die, lazy_rebuild, archived_deletion, tool 169 delete_post($post_id, '', 0, 2, 1, 0, false, false, 'ban-req'); 170 171 if ($_old_auser !== false) { 172 $_COOKIE['4chan_auser'] = $_old_auser; 173 } 174 else { 175 unset($_COOKIE['4chan_auser']); 176 } 177 } 178 179 function report_can_bypass_captcha($ip, $userpwd, $post) { 180 if (!$userpwd || !$post) { 181 return false; 182 } 183 184 if ($userpwd->ipLifetime() < 604800) { // 7 days 185 return false; 186 } 187 188 if (!$post['fsize']) { // only posts with images 189 return false; 190 } 191 192 $allowance = 3; 193 194 $long_ip = ip2long($ip); 195 196 if (!$long_ip) { 197 return false; 198 } 199 200 // Allow $allowance no-captcha reports for every hour of inactivity 201 $sql = <<<SQL 202 SELECT COUNT(*) as cnt FROM user_actions WHERE ip = $long_ip 203 AND action = 'report' 204 AND time > DATE_SUB(NOW(), INTERVAL 1 HOUR) 205 SQL; 206 207 $res = mysql_global_call($sql); 208 209 if (!$res) { 210 return false; 211 } 212 213 $row = mysql_fetch_row($res); 214 215 if (!$row || $row[0] >= $allowance) { 216 return false; 217 } 218 219 // Don't allow ips with 1 cleared reports in the past 72 hours 220 $sql = <<<SQL 221 SELECT COUNT(*) FROM report_clear_log 222 WHERE long_ip = $long_ip AND created_on > DATE_SUB(NOW(), INTERVAL 72 HOUR) 223 SQL; 224 225 $res = mysql_global_call($sql); 226 227 if (!$res) { 228 return false; 229 } 230 231 $count = (int)mysql_fetch_row($res)[0]; 232 233 if ($count >= 1) { 234 return false; 235 } 236 237 // Don't allow ips with recent warn/ban history 238 $sql = <<<SQL 239 SELECT no FROM banned_users 240 WHERE host = '%s' 241 AND now > DATE_SUB(NOW(), INTERVAL 30 DAY) 242 LIMIT 1 243 SQL; 244 245 $res = mysql_global_call($sql, $ip); 246 247 if (!$res) { 248 return false; 249 } 250 251 if (mysql_num_rows($res) > 0) { 252 return false; 253 } 254 255 return true; 256 } 257 258 function report_check_ip($board, $no, $check_ban = false, $is_illegal = false) { 259 global $captcha_bypass, $passid; 260 261 $board = mysql_real_escape_string($board); 262 263 $no = mysql_real_escape_string($no); 264 265 $ip = ip2long($_SERVER['REMOTE_ADDR']); 266 267 $pass_sql = false; 268 269 $pwd_sql = false; 270 271 // Check if already reported 272 // by IP 273 $rep_clauses = array("ip = '$ip'"); 274 275 // by 4chan pass 276 if ($captcha_bypass && $passid) { 277 $pass_sql = mysql_real_escape_string($passid); 278 $rep_clauses[] = "4pass_id = '$pass_sql'"; 279 } 280 281 // by password 282 $userpwd = UserPwd::getSession(); 283 284 if ($userpwd && $userpwd->getPwd()) { 285 $pwd_sql = mysql_real_escape_string($userpwd->getPwd()); 286 $rep_clauses[] = "pwd = '$pwd_sql'"; 287 } 288 289 $rep_clauses_sql = implode(' OR ', $rep_clauses); 290 291 $res = mysql_global_call("SELECT no FROM reports WHERE ($rep_clauses_sql) AND board = '$board' AND no = '$no'"); 292 293 if ($res && mysql_num_rows($res) > 0) { 294 fancydie('You have already reported this post.'); 295 } 296 297 // Check cooldown 298 $res = mysql_global_call("SELECT no FROM reports WHERE ($rep_clauses_sql) AND ts > DATE_SUB(NOW(), INTERVAL 15 SECOND) LIMIT 1"); 299 300 if ($res && mysql_num_rows($res) > 0) { 301 fancydie('You have to wait a while before reporting another post.'); 302 } 303 304 // Check hourly limits 305 $res = mysql_global_call("SELECT COUNT(*) FROM reports WHERE ($rep_clauses_sql) AND ts > DATE_SUB(NOW(), INTERVAL 1 HOUR) LIMIT 1"); 306 307 if ($res && mysql_fetch_row($res)[0] >= RENZOKU_REP_HOURLY) { 308 fancydie('You have to wait a while before reporting another post.'); 309 } 310 311 // Check daily limits 312 $res = mysql_global_call("SELECT COUNT(*) FROM reports WHERE ($rep_clauses_sql) AND ts > DATE_SUB(NOW(), INTERVAL 24 HOUR) LIMIT 1"); 313 314 if ($res && mysql_fetch_row($res)[0] >= RENZOKU_REP_DAILY) { 315 fancydie('You have to wait a while before reporting another post.'); 316 } 317 318 // Check if banned 319 if ($check_ban) { 320 $ip_sql = mysql_real_escape_string($_SERVER['REMOTE_ADDR']); 321 322 // by ip 323 $ban_clauses = array("host = '$ip_sql'"); 324 325 // by 4chan pass 326 if ($pass_sql) { 327 $ban_clauses[] = "4pass_id = '$pass_sql'"; 328 } 329 330 // by password 331 if ($pwd_sql) { 332 $ban_clauses[] = "password = '$pwd_sql'"; 333 } 334 335 $ban_clauses_sql = implode(' OR ', $ban_clauses); 336 337 $res = mysql_global_call("SELECT COUNT(*) FROM banned_users WHERE ($ban_clauses_sql) AND active = 1 AND (global = 1 OR board = '$board')"); 338 339 if ($res && mysql_fetch_row($res)[0] > 0) { 340 fancydie('You can\'t report posts because you are <a href="https://www.' . 341 L::d(BOARD_DIR) . 342 '/banned" target="_blank">banned</a>.'); 343 } 344 345 if ($captcha_bypass !== true) { 346 $longip = ip2long($_SERVER['REMOTE_ADDR']); 347 348 if (isset($_SERVER['HTTP_X_GEO_ASN'])) { 349 $asn = (int)$_SERVER['HTTP_X_GEO_ASN']; 350 } 351 else { 352 $_asninfo = GeoIP2::get_asn($_SERVER['REMOTE_ADDR']); 353 354 if ($_asninfo) { 355 $asn = (int)$_asninfo['asn']; 356 } 357 else { 358 $asn = 0; 359 } 360 } 361 362 if (isIPRangeBannedReport($longip, $asn, BOARD_DIR, $userpwd)) { 363 fancydie('Reporting from this IP range has been blocked due to abuse. [<a href="//www.' . 364 L::d(BOARD_DIR) . 365 '/faq#blocked" target="_blank">More Info</a>]<br>4chan Pass users can bypass this block. [<a href="https://www.4chan.org/pass" target="_blank">Learn More</a>]'); 366 } 367 } 368 } 369 } 370 371 function report_increment_counter() { 372 return; // broken lol 373 $count = @file_get_contents('reports/report.count'); 374 if(!$count) $count = 0; 375 $count++; 376 file_put_contents('reports/report.count',$count); 377 } 378 379 function report_post_exists($no) { 380 $query=mysql_board_call("SELECT COUNT(*) FROM `".SQLLOG."` WHERE no='$no'"); 381 return mysql_result($query,0,0); 382 } 383 384 function report_is_capcoded_post( $no ) 385 { 386 $query = mysql_board_call( "SELECT COUNT(*) FROM `%s` WHERE capcode != 'none' AND no=%d", SQLLOG, $no ); 387 return mysql_result( $query, 0, 0 ); 388 } 389 390 function report_check_autodelete($board,$no) { 391 $query = mysql_global_do("SELECT COUNT(*) FROM reports WHERE board='$board' AND no='$no'"); 392 $count = mysql_result($query,0,0); 393 394 if(defined('REPORTS_AUTODELETE') && $count >= REPORTS_AUTODELETE) { 395 report_do_autodelete($board,$no,1); 396 return; 397 } 398 399 $query = mysql_global_do("SELECT COUNT(*) FROM reports WHERE cat='2' AND board='$board' AND no='$no'"); 400 $count = mysql_result($query,0,0); 401 if(defined('REPORTS_AUTODELETE_ILLEGAL') && $count >= REPORTS_AUTODELETE_ILLEGAL) { 402 report_do_autodelete($board,$no,2); 403 return; 404 } 405 } 406 function report_do_autodelete($board,$no,$cat) { 407 $query = mysql_board_call("SELECT * FROM `".SQLLOG."` WHERE no='$no'"); 408 $row = mysql_fetch_assoc($query); 409 if(!$row) return; 410 $auser = 'Auto-del'; 411 $adfsize=($row['fsize']>0)?1:0; 412 $adname=str_replace('</span> <span class="postertrip">!','#',$row['name']); 413 $imgonly = 0; 414 $row['sub'] = mysql_escape_string($row['sub']); 415 $row['com'] = mysql_escape_string($row['com']); 416 $row['filename'] = mysql_escape_string($row['filename']); 417 mysql_global_do("INSERT INTO ".SQLLOGDEL." (imgonly,postno,board,name,sub,com,img,filename,admin) values('$imgonly','$no','".SQLLOG."','$adname','{$row['sub']}','{$row['com']}','$adfsize','{$row['filename']}','$auser')"); 418 delete_post($no, '', 0, 1, 1); 419 } 420 function report_log_action($board,$no) { 421 mysql_global_call("insert into user_actions (ip,board,action,postno,time) values (%d,'%s','report',%d,now())", ip2long($_SERVER["REMOTE_ADDR"]), $board, $no); 422 } 423 424 function report_post_sticky($no) { 425 $query=mysql_board_call("SELECT sticky FROM `".SQLLOG."` WHERE no='$no'"); 426 return mysql_result($query,0,0); 427 } 428 429 function report_check_post($board, $post_id) { 430 $sql = "SELECT * FROM `%s` WHERE no = %d"; 431 432 $res = mysql_board_call($sql, $board, $post_id); 433 434 if (!$res) { 435 fancydie(S_POST_DEAD); 436 } 437 438 $post = mysql_fetch_assoc($res); 439 440 if (!$post) { 441 fancydie(S_POST_DEAD); 442 } 443 444 if ($post['sticky']) { 445 fancydie(S_CANNOTREPORTSTICKY); 446 } 447 448 if ($post['capcode'] !== 'none') { 449 fancydie(S_CANNOTREPORT); 450 } 451 452 return $post; 453 } 454 455 function get_report_categories($board, $post_id, $is_worksafe) { 456 $query = "SELECT * FROM report_categories ORDER BY board ASC"; 457 458 $res = mysql_global_call($query); 459 460 if (!$res) { 461 return false; 462 } 463 464 $query = "SELECT resto, fsize, filedeleted FROM `%s` WHERE no = %d"; 465 466 $res2 = mysql_board_call($query, $board, $post_id); 467 468 if (!$res2) { 469 return false; 470 } 471 472 $post = mysql_fetch_assoc($res2); 473 474 if (!$post) { 475 return false; 476 } 477 478 $is_op = !$post['resto']; 479 $has_image = $post['fsize'] && !$post['filedeleted']; 480 481 // ID of the category which will be used for the Illegal radio button 482 $illegal_cat_id = 31; 483 484 // Rule violations + one illegal category 485 $data = array('rule' => null, 'illegal' => null); 486 487 // Sorting, board specific categories go on top 488 $data_rule_top = array(); 489 $data_rule_bottom = array(); 490 491 $match_board = ',' . $board . ','; 492 493 while ($cat = mysql_fetch_assoc($res)) { 494 if ($cat['id'] == $illegal_cat_id) { 495 $data['illegal'] = $cat; 496 continue; 497 } 498 499 if ($cat['board'] !== '') { 500 if ($cat['board'] === '_ws_') { 501 if (!$is_worksafe) { 502 continue; 503 } 504 } 505 else if ($cat['board'] === '_nws_') { 506 if ($is_worksafe) { 507 continue; 508 } 509 } 510 else if ($cat['board'] !== $board) { 511 continue; 512 } 513 } 514 515 if ($cat['op_only'] && !$is_op) { 516 continue; 517 } 518 519 if ($cat['reply_only'] && $is_op) { 520 continue; 521 } 522 523 if ($cat['image_only'] && !$has_image) { 524 continue; 525 } 526 527 if ($cat['exclude_boards'] && strpos(",{$cat['exclude_boards']},", $match_board) !== false) { 528 continue; 529 } 530 531 if ($cat['board']) { 532 $data_rule_top[$cat['id']] = $cat; 533 } 534 else { 535 $data_rule_bottom[$cat['id']] = $cat; 536 } 537 } 538 539 $data['rule'] = $data_rule_top + $data_rule_bottom; 540 541 return $data; 542 } 543 544 /** 545 * Checks if the report should have a different priority 546 * based on the number of cleared reports in the past X days and ban history. 547 */ 548 function is_report_filtered($filter_thres, $ip, $long_ip, $pass_id = null, $pwd = null) { 549 if ($filter_thres < 1) { 550 return false; 551 } 552 553 // only count reports made in the past X days 554 $cleared_days_lim = 2; 555 // number of cleared reports for the IP to be considered 'abusive' 556 $cleared_count_lim = (int)$filter_thres; 557 // only count bans made in the past X days 558 $ban_days_lim = 30; 559 // number of bans/warnings for the IP to be considered 'abusive' 560 $ban_count_lim = 3; 561 562 $rep_abuse_tpl = 190; // ban template for report abusing 563 564 $long_ip = (int)$long_ip; 565 566 $ban_clauses = array(); 567 $rep_clauses = array(); 568 569 // 4chan Pass 570 if ($pass_id) { 571 $pass_id_sql = mysql_real_escape_string($pass_id); 572 $ban_clauses[] = "4pass_id = '$pass_id_sql'"; 573 $rep_clauses[] = "pass_id = '$pass_id_sql'"; 574 575 $pwd_and_ban = "4pass_id != '$pass_id_sql'"; 576 $pwd_and_rep = "pass_id != '$pass_id_sql'"; 577 } 578 // IP 579 else { 580 $ip_sql = mysql_real_escape_string($ip); 581 $ban_clauses[] = "host = '$ip_sql'"; 582 $rep_clauses[] = "long_ip = $long_ip"; 583 584 $pwd_and_ban = "host != '$ip_sql'"; 585 $pwd_and_rep = "long_ip != $long_ip"; 586 } 587 588 // Password 589 if ($pwd) { 590 $pwd_sql = mysql_real_escape_string($pwd); 591 $ban_clauses[] = "password = '$pwd_sql' AND $pwd_and_ban"; 592 $rep_clauses[] = "pwd = '$pwd_sql' AND $pwd_and_rep"; 593 } 594 595 // --- 596 // Check cleared reports 597 // --- 598 $clear_count = 0; 599 600 foreach ($rep_clauses as $clause) { 601 $query = <<<SQL 602 SELECT COUNT(*) FROM report_clear_log 603 WHERE $clause AND created_on > DATE_SUB(NOW(), INTERVAL $cleared_days_lim DAY) 604 SQL; 605 606 $res = mysql_global_call($query); 607 608 if (!$res) { 609 return false; 610 } 611 612 $clear_count += (int)mysql_fetch_row($res)[0]; 613 614 if ($clear_count >= $cleared_count_lim) { 615 return true; 616 } 617 } 618 619 // --- 620 // Check ban history 621 // --- 622 $ban_count = 0; 623 624 foreach ($ban_clauses as $clause) { 625 $query = <<<SQL 626 SELECT COUNT(*) FROM banned_users 627 WHERE active = 0 AND $clause AND template_id = $rep_abuse_tpl 628 AND now > DATE_SUB(NOW(), INTERVAL $ban_days_lim DAY) 629 SQL; 630 631 $res = mysql_global_call($query); 632 633 if (!$res) { 634 return false; 635 } 636 637 $ban_count += (int)mysql_fetch_row($res)[0]; 638 639 if ($ban_count >= $ban_count_lim) { 640 return true; 641 } 642 } 643 644 return false; 645 } 646 647 function report_get_rel_sub($board, $thread_id) { 648 if (!$board || !$thread_id) { 649 return ''; 650 } 651 652 $thread_id = (int)$thread_id; 653 654 $query = "SELECT sub FROM `%s` WHERE no = $thread_id"; 655 656 $res = mysql_board_call($query, $board); 657 658 if (!$res || mysql_num_rows($res) !== 1) { 659 return ''; 660 } 661 662 return mysql_fetch_row($res)[0]; 663 } 664 665 function report_submit($board, $no, $cat_id) { 666 global $log, $passid; 667 668 $board = mysql_real_escape_string($board); 669 $no = (int)$no; 670 $long_ip = ip2long($_SERVER['REMOTE_ADDR']); 671 672 // check if the category is valid 673 $cats = get_report_categories($board, $no, DEFAULT_BURICHAN == 1); 674 675 if ($cats['illegal']['id'] == $cat_id) { 676 $old_cat = 2; // todo: remove later 677 $old_field = 'num_illegal'; // todo: remove later 678 $rep_cat = $cats['illegal']; 679 } 680 else if (isset($cats['rule'][$cat_id])) { 681 $old_cat = 1; 682 $old_field = 'num_rule'; 683 $rep_cat = $cats['rule'][$cat_id]; 684 } 685 else { 686 fancydie('Invalid category selected.'); 687 } 688 689 if (!$no) { 690 fancydie(S_POST_DEAD); 691 } 692 693 log_cache(0, $no, 2); 694 695 if ($log[$no]['archived']) { 696 $extra = array('archived' => 1); 697 $is_archived = true; 698 } 699 else { 700 $extra = array(); 701 $is_archived = false; 702 } 703 704 $resto = (int)$log[$no]['resto']; 705 706 $post_data = generate_post_json($log[$no], $log[$no]['resto'] ? $log[$no]['resto'] : $no, $extra); 707 708 if ($log[$no]['resto']) { 709 $rel_sub = report_get_rel_sub($board, $log[$no]['resto']); 710 711 if ($rel_sub !== '') { 712 $post_data['rel_sub'] = $rel_sub; 713 } 714 } 715 716 $json = json_encode($post_data); 717 718 $weight = $rep_cat['weight']; 719 720 $is_staff = has_level('janitor'); 721 722 $req_sig = spam_filter_get_req_sig(); 723 724 $userpwd = UserPwd::getSession(); 725 726 if ($userpwd) { 727 $pwd = $userpwd->getPwd(); 728 $is_new_pwd = $userpwd->isNew(); 729 $is_known_pwd = $userpwd->isUserKnownOrVerified(60); 730 } 731 else { 732 $pwd = null; 733 $is_new_pwd = true; 734 $is_known_pwd = false; 735 } 736 737 if (!$is_staff) { 738 $ignore_reason = 0; 739 740 $_threat_score = spam_filter_get_threat_score(null, true, false); 741 742 if (!$is_known_pwd) { 743 $ignore_reason = 1; 744 } 745 else if ($_threat_score >= 0.4) { 746 $ignore_reason = 2; 747 } 748 else if ($rep_cat['filtered']) { 749 if (is_report_filtered($rep_cat['filtered'], $_SERVER['REMOTE_ADDR'], $long_ip, $passid, $is_new_pwd ? null : $pwd)) { 750 $ignore_reason = 3; 751 } 752 } 753 } 754 755 if ($ignore_reason > 0) { 756 $weight = 0.5; 757 if ($ignore_reason == 2) { 758 $_bot_headers = spam_filter_format_http_headers($log[$no]['com'], '', '', $_threat_score, $req_sig); 759 log_spam_filter_trigger('ignore_report_score', $board, $no, $_SERVER['REMOTE_ADDR'], $ignore_reason, $_bot_headers); 760 } 761 } 762 763 // Check if the post was already reported and cleared 764 $is_cleared = 0; 765 $cleared_by = ''; 766 767 $query = "SELECT cleared_by FROM reports WHERE board = '$board' AND no = $no AND cleared = 1 LIMIT 1"; 768 769 $res = mysql_global_call($query); 770 771 if ($res) { 772 $row = mysql_fetch_row($res); 773 774 if ($row) { 775 $is_cleared = 1; 776 $cleared_by = $row[0]; 777 log_cleared_reporter($long_ip, $pwd, $passid, $rep_cat['id'], $weight); 778 } 779 } 780 /* 781 if ($board === 'test' && $resto && !$is_archived) { 782 if ($cat_id == 39) { 783 $template_id = 6; // Global 5 - NWS on Worksafe Board 784 } 785 else if ($cat_id == 35) { 786 $template_id = 226; // Global 3 - Loli/shota pornography 787 } 788 else { 789 $template_id = 0; 790 } 791 792 if ($template_id && $userpwd && $userpwd->isUserKnown(1440)) { 793 $_res = mysql_board_call("SELECT email FROM `$board` WHERE no = $no LIMIT 1"); 794 $_ua = mysql_fetch_row($_res)[0]; 795 $_userinfo = decode_user_meta($_ua); 796 797 if ($_userinfo['is_new']) { 798 $_ret = report_create_ban_req($board, $no, $template_id); 799 800 if ($_ret < 0) { 801 fancydie('Error: ' . $_ret); 802 } 803 804 report_delete_post($no); 805 806 if ($userpwd) { 807 $userpwd->updateReportActivity(); 808 $userpwd->setCookie('.' . MAIN_DOMAIN); 809 } 810 811 fancydie('Report submitted! This window will close in 3 seconds...', 1); 812 return; 813 } 814 } 815 }*/ 816 817 $is_ws = DEFAULT_BURICHAN == 1 ? 1 : 0; 818 819 $query = <<<SQL 820 INSERT IGNORE INTO reports 821 SET ip = %d, pwd = '%s', 4pass_id = '%s', req_sig = '%s', board = '%s', no = %d, resto = %d, 822 cat = %d, weight = %F, report_category = %d, ws = $is_ws, post_ip = %d, post_json = '%s', 823 cleared = $is_cleared, cleared_by = '%s' 824 SQL; 825 826 $res = mysql_global_call($query, 827 $long_ip, $pwd, $passid, $req_sig, $board, $no, $resto, 828 $old_cat, $weight, $rep_cat['id'], ip2long($log[$no]['host']), $json, $cleared_by 829 ); 830 831 if (!$res) { 832 fancydie('There was an error submitting your report. Please try again.'); 833 } 834 835 $query = <<<SQL 836 INSERT INTO `reports_for_posts` (`board`, `postid`, `threadid`, `$old_field`, `max_cat`) 837 VALUES ('$board', $no, $resto, 1, $old_cat) 838 ON DUPLICATE KEY UPDATE $old_field = $old_field + 1, max_cat = IF(num_illegal >= num_rule, 2, 1) 839 SQL; 840 841 $res = mysql_global_call($query); 842 843 report_log_action($board, $no); 844 845 if ($userpwd) { 846 $userpwd->updateReportActivity(); 847 $userpwd->setCookie('.' . MAIN_DOMAIN); 848 } 849 850 fancydie('Report submitted! This window will close in 3 seconds...', 1); 851 }