mirror of
https://github.com/Daichimarukana/uwuzu.git
synced 2026-06-05 03:24:41 +00:00
uwuzu v1.3.4 new_planet
This commit is contained in:
Daichimarukana
+92
-35
@@ -3,7 +3,7 @@ $serversettings_file = "../server/serversettings.ini";
|
||||
$serversettings = parse_ini_file($serversettings_file, true);
|
||||
|
||||
$mojisizefile = "../server/textsize.txt";
|
||||
$mojisize = (int)htmlspecialchars(file_get_contents($mojisizefile), ENT_QUOTES, 'UTF-8');
|
||||
$mojisize = (int)htmlentities(file_get_contents($mojisizefile), ENT_QUOTES, 'UTF-8');
|
||||
|
||||
//投稿及び返信レート制限↓(分):デフォで60件/分まで
|
||||
$max_ueuse_rate_limit = 60;
|
||||
@@ -190,7 +190,18 @@ $notificationcount = $notiData['notification_count'];
|
||||
|
||||
//-----------------URLから取得----------------
|
||||
if(isset($_GET['text'])) {
|
||||
$ueuse = htmlspecialchars($_GET['text'], ENT_QUOTES, 'UTF-8', false);
|
||||
$ueuse = htmlentities($_GET['text'], ENT_QUOTES, 'UTF-8', false);
|
||||
}elseif(isset($_COOKIE['ueuse'])) {
|
||||
$ueuse = htmlentities($_COOKIE['ueuse'], ENT_QUOTES, 'UTF-8', false);
|
||||
}
|
||||
//-----------------絵文字の取得----------------
|
||||
if (!empty($pdo)) {
|
||||
$custom_emoji_Query = "SELECT emojifile,emojiname,emojiinfo,emojidate FROM emoji ORDER BY emojidate DESC";
|
||||
$custom_emoji_array = $pdo->query($custom_emoji_Query);
|
||||
|
||||
while ($row = $custom_emoji_array->fetch(PDO::FETCH_ASSOC)) {
|
||||
$custom_emoji[] = $row;
|
||||
}
|
||||
}
|
||||
|
||||
//-------------------------------------------
|
||||
@@ -222,10 +233,10 @@ function get_mentions_userid($postText) {
|
||||
}
|
||||
|
||||
if( !empty($_POST['btn_submit']) ) {
|
||||
$ueuse = htmlspecialchars($_POST['ueuse'], ENT_QUOTES, 'UTF-8', false);
|
||||
$ueuse = htmlentities($_POST['ueuse'], ENT_QUOTES, 'UTF-8', false);
|
||||
|
||||
if(isset($_POST['nsfw_chk'])){
|
||||
$nsfw_chk = htmlspecialchars($_POST['nsfw_chk'], ENT_QUOTES, 'UTF-8', false);
|
||||
$nsfw_chk = htmlentities($_POST['nsfw_chk'], ENT_QUOTES, 'UTF-8', false);
|
||||
}else{
|
||||
$nsfw_chk = "false";
|
||||
}
|
||||
@@ -241,8 +252,8 @@ if( !empty($_POST['btn_submit']) ) {
|
||||
$error_message[] = '内容を入力してください。(INPUT_PLEASE)';
|
||||
} else {
|
||||
// 文字数を確認
|
||||
if( (int)htmlspecialchars(file_get_contents($mojisizefile), ENT_QUOTES, 'UTF-8', false) < mb_strlen($ueuse, 'UTF-8') ) {
|
||||
$error_message[] = '内容は'.htmlspecialchars(file_get_contents($mojisizefile), ENT_QUOTES, 'UTF-8', false).'文字以内で入力してください。(INPUT_OVER_MAX_COUNT)';
|
||||
if( (int)htmlentities(file_get_contents($mojisizefile), ENT_QUOTES, 'UTF-8', false) < mb_strlen($ueuse, 'UTF-8') ) {
|
||||
$error_message[] = '内容は'.htmlentities(file_get_contents($mojisizefile), ENT_QUOTES, 'UTF-8', false).'文字以内で入力してください。(INPUT_OVER_MAX_COUNT)';
|
||||
}
|
||||
|
||||
// 禁止url確認
|
||||
@@ -476,6 +487,8 @@ if( !empty($_POST['btn_submit']) ) {
|
||||
}
|
||||
|
||||
if( empty($error_message) ) {
|
||||
//一時保存していたユーズ内容の削除
|
||||
setcookie("ueuse", "", time() - 30);
|
||||
|
||||
// 書き込み日時を取得
|
||||
$datetime = date("Y-m-d H:i:s");
|
||||
@@ -490,21 +503,21 @@ if( !empty($_POST['btn_submit']) ) {
|
||||
// SQL作成
|
||||
$stmt = $pdo->prepare("INSERT INTO ueuse (username, account, uniqid, ueuse, photo1, photo2, photo3, photo4, video1, datetime, abi, nsfw) VALUES (:username, :account, :uniqid, :ueuse, :photo1, :photo2, :photo3, :photo4, :video1, :datetime, :abi, :nsfw)");
|
||||
|
||||
$stmt->bindParam(':username', htmlspecialchars($username, ENT_QUOTES, 'UTF-8', false), PDO::PARAM_STR);
|
||||
$stmt->bindParam(':account', htmlspecialchars($userid, ENT_QUOTES, 'UTF-8', false), PDO::PARAM_STR);
|
||||
$stmt->bindParam(':uniqid', htmlspecialchars($uniqid, ENT_QUOTES, 'UTF-8', false), PDO::PARAM_STR);
|
||||
$stmt->bindParam(':ueuse', htmlspecialchars($ueuse, ENT_QUOTES, 'UTF-8', false), PDO::PARAM_STR);
|
||||
$stmt->bindParam(':username', htmlentities($username, ENT_QUOTES, 'UTF-8', false), PDO::PARAM_STR);
|
||||
$stmt->bindParam(':account', htmlentities($userid, ENT_QUOTES, 'UTF-8', false), PDO::PARAM_STR);
|
||||
$stmt->bindParam(':uniqid', htmlentities($uniqid, ENT_QUOTES, 'UTF-8', false), PDO::PARAM_STR);
|
||||
$stmt->bindParam(':ueuse', htmlentities($ueuse, ENT_QUOTES, 'UTF-8', false), PDO::PARAM_STR);
|
||||
|
||||
$stmt->bindParam(':photo1', htmlspecialchars($photo1, ENT_QUOTES, 'UTF-8', false), PDO::PARAM_STR);
|
||||
$stmt->bindParam(':photo2', htmlspecialchars($photo2, ENT_QUOTES, 'UTF-8', false), PDO::PARAM_STR);
|
||||
$stmt->bindParam(':photo3', htmlspecialchars($photo3, ENT_QUOTES, 'UTF-8', false), PDO::PARAM_STR);
|
||||
$stmt->bindParam(':photo4', htmlspecialchars($photo4, ENT_QUOTES, 'UTF-8', false), PDO::PARAM_STR);
|
||||
$stmt->bindParam(':video1', htmlspecialchars($video1, ENT_QUOTES, 'UTF-8', false), PDO::PARAM_STR);
|
||||
$stmt->bindParam(':datetime', htmlspecialchars($datetime, ENT_QUOTES, 'UTF-8', false), PDO::PARAM_STR);
|
||||
$stmt->bindParam(':photo1', htmlentities($photo1, ENT_QUOTES, 'UTF-8', false), PDO::PARAM_STR);
|
||||
$stmt->bindParam(':photo2', htmlentities($photo2, ENT_QUOTES, 'UTF-8', false), PDO::PARAM_STR);
|
||||
$stmt->bindParam(':photo3', htmlentities($photo3, ENT_QUOTES, 'UTF-8', false), PDO::PARAM_STR);
|
||||
$stmt->bindParam(':photo4', htmlentities($photo4, ENT_QUOTES, 'UTF-8', false), PDO::PARAM_STR);
|
||||
$stmt->bindParam(':video1', htmlentities($video1, ENT_QUOTES, 'UTF-8', false), PDO::PARAM_STR);
|
||||
$stmt->bindParam(':datetime', htmlentities($datetime, ENT_QUOTES, 'UTF-8', false), PDO::PARAM_STR);
|
||||
|
||||
$stmt->bindParam(':nsfw', htmlspecialchars($save_nsfw, ENT_QUOTES, 'UTF-8', false), PDO::PARAM_STR);
|
||||
$stmt->bindParam(':nsfw', htmlentities($save_nsfw, ENT_QUOTES, 'UTF-8', false), PDO::PARAM_STR);
|
||||
|
||||
$stmt->bindParam(':abi', htmlspecialchars($abi, ENT_QUOTES, 'UTF-8', false), PDO::PARAM_STR);
|
||||
$stmt->bindParam(':abi', htmlentities($abi, ENT_QUOTES, 'UTF-8', false), PDO::PARAM_STR);
|
||||
|
||||
// SQLクエリの実行
|
||||
$res = $stmt->execute();
|
||||
@@ -524,21 +537,21 @@ if( !empty($_POST['btn_submit']) ) {
|
||||
$datetime = date("Y-m-d H:i:s");
|
||||
$msg = "" . $ueuse . "";
|
||||
$title = "" . $userid . "さんにメンションされました!";
|
||||
$url = "/!" . $uniqid . "~" . $userid . "";
|
||||
$url = "/!" . $uniqid . "";
|
||||
$userchk = 'none';
|
||||
|
||||
// 通知用SQL作成
|
||||
$stmt = $pdo->prepare("INSERT INTO notification (fromuserid, touserid, msg, url, datetime, userchk, title) VALUES (:fromuserid, :touserid, :msg, :url, :datetime, :userchk, :title)");
|
||||
|
||||
|
||||
$stmt->bindParam(':fromuserid', htmlspecialchars($fromuserid, ENT_QUOTES, 'UTF-8', false), PDO::PARAM_STR);
|
||||
$stmt->bindParam(':touserid', htmlspecialchars($touserid, ENT_QUOTES, 'UTF-8', false), PDO::PARAM_STR);
|
||||
$stmt->bindParam(':msg', htmlspecialchars($msg, ENT_QUOTES, 'UTF-8', false), PDO::PARAM_STR);
|
||||
$stmt->bindParam(':url', htmlspecialchars($url, ENT_QUOTES, 'UTF-8', false), PDO::PARAM_STR);
|
||||
$stmt->bindParam(':userchk', htmlspecialchars($userchk, ENT_QUOTES, 'UTF-8', false), PDO::PARAM_STR);
|
||||
$stmt->bindParam(':title', htmlspecialchars($title, ENT_QUOTES, 'UTF-8', false), PDO::PARAM_STR);
|
||||
$stmt->bindParam(':fromuserid', htmlentities($fromuserid, ENT_QUOTES, 'UTF-8', false), PDO::PARAM_STR);
|
||||
$stmt->bindParam(':touserid', htmlentities($touserid, ENT_QUOTES, 'UTF-8', false), PDO::PARAM_STR);
|
||||
$stmt->bindParam(':msg', htmlentities($msg, ENT_QUOTES, 'UTF-8', false), PDO::PARAM_STR);
|
||||
$stmt->bindParam(':url', htmlentities($url, ENT_QUOTES, 'UTF-8', false), PDO::PARAM_STR);
|
||||
$stmt->bindParam(':userchk', htmlentities($userchk, ENT_QUOTES, 'UTF-8', false), PDO::PARAM_STR);
|
||||
$stmt->bindParam(':title', htmlentities($title, ENT_QUOTES, 'UTF-8', false), PDO::PARAM_STR);
|
||||
|
||||
$stmt->bindParam(':datetime', htmlspecialchars($datetime, ENT_QUOTES, 'UTF-8', false), PDO::PARAM_STR);
|
||||
$stmt->bindParam(':datetime', htmlentities($datetime, ENT_QUOTES, 'UTF-8', false), PDO::PARAM_STR);
|
||||
|
||||
// SQLクエリの実行
|
||||
$res = $stmt->execute();
|
||||
@@ -590,7 +603,7 @@ $pdo = null;
|
||||
<html lang="ja">
|
||||
<head>
|
||||
<meta charset="utf-8">
|
||||
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js"></script>
|
||||
<script src="../js/jquery-min.js"></script>
|
||||
<script src="../js/unsupported.js"></script>
|
||||
<script src="../js/console_notice.js"></script>
|
||||
<script src="../js/nsfw_event.js"></script>
|
||||
@@ -608,7 +621,7 @@ if ("serviceWorker" in navigator) {
|
||||
<link rel="apple-touch-icon" type="image/png" href="../favicon/apple-touch-icon-180x180.png">
|
||||
<link rel="icon" type="image/png" href="../favicon/icon-192x192.png">
|
||||
<link rel="stylesheet" href="../css/home.css">
|
||||
<title>ローカルタイムライン - <?php echo htmlspecialchars($serversettings["serverinfo"]["server_name"], ENT_QUOTES, 'UTF-8');?></title>
|
||||
<title>ローカルタイムライン - <?php echo htmlentities($serversettings["serverinfo"]["server_name"], ENT_QUOTES, 'UTF-8', false);?></title>
|
||||
|
||||
</head>
|
||||
|
||||
@@ -674,7 +687,7 @@ if ("serviceWorker" in navigator) {
|
||||
<?php if(!($role ==="ice")){?>
|
||||
<form method="post" enctype="multipart/form-data">
|
||||
<div class="sendbox">
|
||||
<textarea id="ueuse" placeholder="いまどうしてる?" name="ueuse"><?php if( !empty($ueuse) ){ echo htmlspecialchars($ueuse, ENT_QUOTES, 'UTF-8'); } ?></textarea>
|
||||
<textarea id="ueuse" placeholder="いまどうしてる?" name="ueuse"><?php if( !empty($ueuse) ){ echo htmlentities($ueuse, ENT_QUOTES, 'UTF-8', false); } ?></textarea>
|
||||
|
||||
<div class="fxbox">
|
||||
<label for="upload_images" id="images" title="画像1">
|
||||
@@ -703,10 +716,33 @@ if ("serviceWorker" in navigator) {
|
||||
<label for="nsfw_chk" class="nsfw_label" title="投稿をNSFW指定にする"><svg><use xlink:href="../img/sysimage/eye_1.svg#eye"></use></svg></label>
|
||||
</div>
|
||||
|
||||
<div class="moji_cnt" id="moji_cnt"><?php echo $mojisize; ?></div>
|
||||
|
||||
<label for="emoji_picker_btn" title="カスタム絵文字">
|
||||
<svg><use xlink:href="../img/sysimage/menuicon/emoji.svg#emoji"></use></svg>
|
||||
<input id="emoji_picker_btn" type='checkbox' value="false" style="display:none;"/>
|
||||
</label>
|
||||
|
||||
<div class="moji_cnt" id="moji_cnt"><?php echo htmlentities($mojisize, ENT_QUOTES, 'UTF-8', false); ?></div>
|
||||
|
||||
<input type="submit" class="ueusebtn" id='ueusebtn' name="btn_submit" value="ユーズする">
|
||||
</div>
|
||||
|
||||
<div class="emoji_picker" id="emoji_picker" style="display:none;">
|
||||
<p>カスタム絵文字</p>
|
||||
<div class="emoji_picker_flex">
|
||||
<?php
|
||||
if(!empty($custom_emoji)){
|
||||
foreach ($custom_emoji as $value) {
|
||||
echo '<div class="one_emoji">';
|
||||
echo '<img src="../' . htmlentities($value["emojifile"], ENT_QUOTES, 'UTF-8', false) . '" alt=":'.htmlentities($value["emojiname"], ENT_QUOTES, 'UTF-8', false).':" title=":'.htmlentities($value["emojiname"], ENT_QUOTES, 'UTF-8', false).':">';
|
||||
echo '</div>';
|
||||
}
|
||||
}else{
|
||||
echo '<div class="tokonone" id="noemoji"><p>カスタム絵文字がありません</p></div>';
|
||||
}
|
||||
?>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</form>
|
||||
<?php }?>
|
||||
@@ -769,7 +805,21 @@ if ("serviceWorker" in navigator) {
|
||||
$('#moji_cnt').html(mojicount);
|
||||
$('#ueusebtn').prop('disabled', true);
|
||||
}
|
||||
document.cookie = "ueuse=" + encodeURIComponent($(this).val()) + "; Secure; SameSite=Lax; path=/home;";
|
||||
})
|
||||
$("#emoji_picker_btn").click(function () {
|
||||
if ($("#emoji_picker_btn").prop("checked") == true) {
|
||||
$("#emoji_picker").show();
|
||||
} else {
|
||||
$("#emoji_picker").hide();
|
||||
}
|
||||
});
|
||||
$(".one_emoji").click(function (event) {
|
||||
event.preventDefault();
|
||||
var children = $(this).children("img");
|
||||
var custom_emojiname = children.attr("title");
|
||||
$("#ueuse").val($("#ueuse").val() + custom_emojiname);
|
||||
});
|
||||
</script>
|
||||
|
||||
<section class="inner">
|
||||
@@ -793,8 +843,8 @@ if ("serviceWorker" in navigator) {
|
||||
<div class="modal-content">
|
||||
<p>ユーズを削除しますか?</p>
|
||||
<form class="btn_area" method="post" id="deleteForm">
|
||||
<input type="button" id="deleteButton" class="fbtn_no" name="delete" value="削除">
|
||||
<input type="button" id="cancelButton" class="fbtn" value="キャンセル">
|
||||
<input type="button" id="deleteButton" class="fbtn" name="delete" value="削除">
|
||||
<input type="button" id="cancelButton" class="fbtn_no" value="キャンセル">
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
@@ -805,18 +855,25 @@ if ("serviceWorker" in navigator) {
|
||||
<h1>ユーズに追記しますか?</h1>
|
||||
<p>※追記は削除出来ません。</p>
|
||||
<form method="post" id="AbiForm">
|
||||
<textarea id="abitexts" placeholder="なに追記する~?" name="abi"><?php if( !empty($_SESSION['abi']) ){ echo htmlspecialchars( $_SESSION['abi'], ENT_QUOTES, 'UTF-8'); } ?></textarea>
|
||||
<textarea id="abitexts" placeholder="なに追記する~?" name="abi"><?php if( !empty($_SESSION['abi']) ){ echo htmlentities( $_SESSION['abi'], ENT_QUOTES, 'UTF-8', false); } ?></textarea>
|
||||
<div class="btn_area">
|
||||
<input type="submit" id="AbiAddButton" class="fbtn_no" name="abi" value="追記">
|
||||
<input type="button" id="AbiCancelButton" class="fbtn" value="キャンセル">
|
||||
<input type="submit" id="AbiAddButton" class="fbtn" name="abi" value="追記">
|
||||
<input type="button" id="AbiCancelButton" class="fbtn_no" value="キャンセル">
|
||||
</div>
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div id="Big_ImageModal" class="Image_modal">
|
||||
<div class="modal-content">
|
||||
<img id="Big_ImageMain" href="">
|
||||
</div>
|
||||
</div>
|
||||
|
||||
|
||||
<?php require('../require/rightbox.php');?>
|
||||
<?php require('../require/botbox.php');?>
|
||||
<?php require('../require/noscript_modal.php');?>
|
||||
|
||||
</body>
|
||||
|
||||
|
||||
Reference in New Issue
Block a user