Because thumbnails are not generated more than once per file, if you uploaded the same audio twice,
the file would end up hasthumb: true, but without geometry and this would cause errors during page rendering!
reference !185
option for lock reset and captcha reset, to pick what you want the lock mode and captcha mod to go back to at the end of the hour
also fix avuln in boardsettings where pph trigger/mode settings were not range checked
todo:
- handle iphashpermlevel to not send IP for users without perms (separate room? seems easiest)
- make sure lastpostId, reply adding, etc doesnt get all fucked up because of multi threads on one page
They were getting reset to their latest reply date, when a bumplocked thread should never have its
bump date reset to earlier than whatever the latest reply was when it was bumplocked, or the OP date
if all replies are deleted.
Still not accounting for bump limited thread (a uncommon edge case), and i think the simplest way to deal with that would
be set bumplocked:1 when its exceeded the board settings bump limit. More efficient, less work for me, and actually
serves a useful purpose because long threads could tell when they are bumplocked from going past bump limit.
The only decision then would be whether to set it permanently from that point forward, or only set it once,
so they could be unlocked by moderators if they want which would be an added side effect/feature of being able
to selectively unlock them.
wtf is this commit message, and the code for this section is a cluster fuck lmao
Update express-fileupload dependency to clean tempfiles on numFilesLimitHandler
Add a proper error message for max num files instead of allowing unlimited and limiting in board post method
If a user is board owner/mod, use higher capcode only if explicitly entered, else use board owner/mod capcode
Strip extra repititions
Default back to stafflevel for perm if theres a mismatch
***DO NOT USE***
This still has some issues and needs testing.
- needs updated nginx configs added, expects "TOR" in the x-country-code header under a separate vhost
- need to make sure bans work properly still
- need to implement system to prevent captcha ddos, since i cant just to IP ratelimit now
- im 99% sure post history of tor users is broken if viewed by non-global staff
- manual input ban form will also be broken for non-global staff
- could still use some improvement on the middleware having a little more complicated flor for tor users
But for the most part it works. Basically it will use the bypass id of a tor user as their "ip".
This prevents prolems like `/` giving 404 in devel mode (when
`static/html/index.html` is missing) or `/captcha` redirecting to
`/captcha/` (then breaking).