1  <?php
  2  // broom closet - yotsuba plugin
  3  // implementation of janitor discussion system.
  4  
  5  /* Features:
  6   * - "latest" mode - display last post number, etc, so that it can be polled by a script.
  7   * - force posting with logged-in moderator/janitor name.
  8   * - never expire posts.
  9   * - allow no-file posts.
 10   * - emit PHP instead of html in order to do admin-validation checking.
 11   * - give everyone a capcode, and give janitors a tooltip saying which board they're in charge of.
 12   */
 13  
 14  // Config enforcement... (too late to change it now)
 15  if( NO_TEXTONLY == 1 ) die( 'Config NO_TEXTONLY should be turned off!' );
 16  if( PHP_EXT == '.html' ) die( 'Config PHP_EXT should end in .php!' );
 17  if( PAGE_MAX > 0 ) die( 'Config PAGE_MAX should be 0!' );
 18  
 19  
 20  /*	register_callback('mode_default_case', 'broomcloset_mode');
 21  	register_callback('regist_before', 'broomcloset_regist');
 22  	register_callback('trim_db_before', 'broomcloset_trim');
 23  	register_callback('head_before', 'broomcloset_head');
 24  	register_callback('form_after', 'broomcloset_form');
 25  	register_callback('post_before', 'broomcloset_post');
 26  	register_callback('capcode', 'broomcloset_capcode');
 27  */
 28  
 29  // add the 'latest' mode
 30  function broomcloset_latest()
 31  {
 32  	//if (!valid('janitor_board')) die('');
 33  	$query = mysql_board_call( "SELECT * FROM `" . SQLLOG . "` ORDER BY no DESC LIMIT 1" );
 34  	if( $row = mysql_fetch_assoc( $query ) ) {
 35  		foreach( $row as &$val ) $val = addslashes( $val );
 36  		echo <<<EOJSON
 37  {"no":{$row['no']}}
 38  EOJSON;
 39  	}
 40  	die( '' );
 41  }
 42  
 43  function refresh_mod_cache()
 44  {
 45  	global $mod_cache;
 46  
 47  	if( !isset( $mod_cache ) ) {
 48      $admin_salt = file_get_contents('/www/keys/2014_admin.salt');
 49      
 50      if (!$admin_salt) {
 51        die('Internal Server Error (rmc0)');
 52      }
 53      
 54  		$query     = mysql_global_call( "SELECT id,username,allow,level from mod_users" );
 55  		$mod_cache = array();
 56  		while( list( $id, $username, $allow, $level ) = mysql_fetch_row( $query ) ) {
 57  			if( $allow ) {
 58          $hashed_bits = hash_hmac('sha256', $username, $admin_salt, true);
 59          
 60          $username = base64_encode($hashed_bits);
 61  			  
 62  				$mod_cache[$username] = array();
 63  				
 64  				$board = '';
 65  				
 66  				if( $level == 'janitor' ) {
 67  					$level = 'Janitor';
 68  					$color = '#4169E1';
 69  					$board = str_replace( ',janitor', '', $allow );
 70  				} elseif( $id == 2 ) {
 71  					$level = 'Admin';
 72  					$color = '#FF0000';
 73  				} elseif( $level == 'manager' ) { // disabled until mootapproval
 74  					$level = 'Manager';
 75  					$color = '#FF0080';
 76  				} else {
 77  					$level = 'Mod';
 78  					$color = '#800080';
 79  				}
 80  
 81  				$mod_cache[$username]['level'] = $level;
 82  				$mod_cache[$username]['color'] = $color;
 83  				$mod_cache[$username]['id']    = $id;
 84  				
 85  				if( $board )
 86  					$mod_cache[$username]['board'] = $board;
 87  			}
 88  		}
 89  	}
 90  }
 91  
 92  function broomcloset_name( $name )
 93  {
 94  	global $mod_cache;
 95  	refresh_mod_cache();
 96  	
 97  	if( !isset( $mod_cache[$name] ) ) { // user not found
 98  		return 'Anonymous';
 99  	}
100  	
101  	return 'Anonymous ## ' . $mod_cache[$name]['level'];
102  }
103  
104  
105  function broomcloset_style( $name )
106  {
107  	global $mod_cache;
108  	refresh_mod_cache();
109  	
110  	if( !isset( $mod_cache[$name] ) ) { // user not found
111  		return ' style="color:#aaa"';
112  	}
113  	
114  	if( $mod_cache[$name]['board'] ) {
115  		$tooltip = " style='color: {$mod_cache[$name]['color']}'";
116  	} else {
117  		$tooltip = " style='color: {$mod_cache[$name]['color']}'";
118  	}
119  
120  	return $tooltip;
121  }
122  
123  // auto-set name
124  function broomcloset_new_post( $caller )
125  {
126  	// set textonly to 1 - this is ok even if they're posting a picture
127  	// now imgboard won't complain about no picture EVER
128  	$caller['textonly'] = 1;
129  
130  	$caller['name'] = $_COOKIE['4chan_auser'];
131  	if( !has_level( 'janitor' ) ) die;
132  }
133  
134  function broomcloset_form( $dat )
135  { // modify the form to hide name, email, and textonly
136  	$newform = str_replace( '<tr><td></td><td class="postblock" align="left"><b>Name</b></td><td><input type=text name=name size="28"><span id="tdname"></span></td></tr>', '<input type=hidden name=name>', $dat );
137  	$newform = str_replace( '<tr><td></td><td class="postblock" align="left"><b>E-mail</b></td><td><input type=text name=email size="28"><span id="tdemail"></span></td></tr>', '<input type=hidden name=email>', $newform );
138  	$newform = str_replace( '[<label><input type=checkbox name=textonly value=on>No File</label>]', '', $newform );
139  	$newform = str_replace( 'name=sub size="35">', 'name=sub size="35"><span id="tdname"></span><span id="tdemail"></span>', $newform ); // move admin ext. placeholders next to subject
140  	return $newform;
141  }
142  
143  // this function is last because it screws up syntax coloring in my editor :(
144  function broomcloset_head( $dat )
145  {
146  	$dat .= <<<'BUTTCODE'
147  <?php if( !isset( $_COOKIE['4chan_auser'] ) || !isset( $_COOKIE['apass'] ) ) { http_response_code(403); die(); }
148  
149  require_once 'lib/admin.php';
150  require_once 'lib/auth.php';
151  
152  header('Content-Security-Policy: connect-src *.4chan.org *.4cdn.org');
153  header('X-Content-Security-Policy: connect-src *.4chan.org *.4cdn.org');
154  
155  auth_user();
156  
157  if( !has_level('janitor') ) { http_response_code(403); die(); } ?>
158  BUTTCODE;
159  
160  	return $dat;
161  }