diff --git a/boards.php b/boards.php
old mode 100644
new mode 100755
index f5d440d4d..79a513c06
--- a/boards.php
+++ b/boards.php
@@ -15,17 +15,19 @@
$total_posts = 0;
foreach ($boards as $i => $board) {
-
- //$query = prepare(sprintf("SELECT (SELECT MAX(id) from ``posts_%s``) AS max, (SELECT MAX(id) FROM ``posts_%s`` WHERE FROM_UNIXTIME(time) < DATE_SUB(NOW(), INTERVAL 1 HOUR)) AS oldmax, (SELECT MAX(id) from ``posts_%s``) AS max_d, (SELECT MAX(id) FROM ``posts_%s`` WHERE FROM_UNIXTIME(time) < DATE_SUB(NOW(), INTERVAL 1 DAY)) AS oldmax_d, (SELECT count(id) FROM ``posts_%s``) AS count;", $board['uri'], $board['uri'], $board['uri'], $board['uri'], $board['uri']));
-
- $query = prepare(sprintf("
-SELECT MAX(id) max, (SELECT COUNT(*) FROM ``posts_%s`` WHERE FROM_UNIXTIME(time) > DATE_SUB(NOW(), INTERVAL 1 DAY)) ppd,
-(SELECT COUNT(*) FROM ``posts_%s`` WHERE FROM_UNIXTIME(time) > DATE_SUB(NOW(), INTERVAL 1 HOUR)) pph,
-(SELECT count(id) FROM ``posts_%s``) count,
-(SELECT COUNT(DISTINCT ip) FROM ``posts_%s`` WHERE FROM_UNIXTIME(time) > DATE_SUB(NOW(), INTERVAL 3 DAY)) uniq_ip
- FROM ``posts_%s``
-", $board['uri'], $board['uri'], $board['uri'], $board['uri'], $board['uri']));
+ $query = prepare("
+ SELECT
+ (SELECT coalesce((SELECT max(`id`) FROM ``posts`` WHERE `board` = :board),0)) max,
+ (SELECT COUNT(*) FROM ``posts`` WHERE `board` = :board AND FROM_UNIXTIME(time) > DATE_SUB(NOW(), INTERVAL 1 DAY)) ppd,
+ (SELECT COUNT(*) FROM ``posts`` WHERE `board` = :board AND FROM_UNIXTIME(time) > DATE_SUB(NOW(), INTERVAL 1 HOUR)) pph,
+ (SELECT count(id) FROM ``posts`` WHERE `board` = :board) count,
+ (SELECT COUNT(DISTINCT ip) FROM ``posts`` WHERE `board` = :board AND FROM_UNIXTIME(time) > DATE_SUB(NOW(), INTERVAL 3 DAY)) uniq_ip
+ FROM ``posts``
+ WHERE `board` = :board");
+ $query->bindValue(':board', $board['uri']);
+ $pdo->beginTransaction();
$query->execute() or error(db_error($query));
+ $pdo->commit();
$r = $query->fetch(PDO::FETCH_ASSOC);
$pph = $r['pph'];
diff --git a/create.php b/create.php
index 43d3671e8..c86581db1 100644
--- a/create.php
+++ b/create.php
@@ -111,9 +111,6 @@
$query->bindValue(':subtitle', $_POST['subtitle']);
$query->execute() or error(db_error($query));
-$query = Element('posts.sql', array('board' => $uri));
-query($query) or error(db_error());
-
if (!openBoard($_POST['uri']))
error(_("Couldn't open board after creation."));
if ($config['cache']['enabled'])
diff --git a/expire.php b/expire.php
old mode 100644
new mode 100755
index 86d8ffabb..42d81023d
--- a/expire.php
+++ b/expire.php
@@ -19,12 +19,14 @@
}
// last post
- $query = prepare(sprintf("SELECT MAX(time) AS time FROM posts_%s", $board));
+ $query = prepare("SELECT MAX(time) AS time FROM posts WHERE `board` = :board");
+ $query->bindValue(':board', $board);
$query->execute();
$row = $query->fetch();
//count posts
- $query = prepare(sprintf("SELECT COUNT(id) AS count FROM posts_%s", $board));
+ $query = prepare("SELECT COUNT(id) AS count FROM posts WHERE `board` = :board", $board);
+ $query->bindValue(':board', $board);
$query->execute();
$count = $query->fetch();
@@ -79,8 +81,10 @@
cache::delete('all_boards');
}
- // Delete posting table
- $query = query(sprintf('DROP TABLE IF EXISTS ``posts_%s``', $board['uri'])) or error(db_error());
+ // Delete posts
+ $query = prepare('DELETE FROM ``posts`` WHERE `board` = :board');
+ $query->bindValue(':board', $board['uri']);
+ $query->execute() or error(db_error($query));
// Clear reports
$query = prepare('DELETE FROM ``reports`` WHERE `board` = :id');
diff --git a/inc/functions.php b/inc/functions.php
index 85146834b..780f17bbc 100755
--- a/inc/functions.php
+++ b/inc/functions.php
@@ -744,8 +744,10 @@ function displayBan($ban) {
if ($ban['post'] && isset($ban['post']['board'], $ban['post']['id'])) {
if (openBoard($ban['post']['board'])) {
- $query = query(sprintf("SELECT `files` FROM ``posts_%s`` WHERE `id` = " .
- (int)$ban['post']['id'], $board['uri']));
+ $query = prepare("SELECT `files` FROM ``posts`` WHERE `board` = :board AND `id` = :id");
+ $query->bindValue(':board', $board['uri']);
+ $query->bindValue(':id', (int)$ban['post']['id'], PDO::PARAM_INT);
+ $query->execute() or error(db_error());
if ($_post = $query->fetch(PDO::FETCH_ASSOC)) {
$ban['post'] = array_merge($ban['post'], $_post);
}
@@ -842,8 +844,9 @@ function threadLocked($id) {
if (event('check-locked', $id))
return true;
- $query = prepare(sprintf("SELECT `locked` FROM ``posts_%s`` WHERE `id` = :id AND `thread` IS NULL LIMIT 1", $board['uri']));
+ $query = prepare("SELECT `locked` FROM ``posts`` WHERE `board` = :board AND `id` = :id AND `thread` IS NULL LIMIT 1");
$query->bindValue(':id', $id, PDO::PARAM_INT);
+ $query->bindValue(':board', $board['uri']);
$query->execute() or error(db_error());
if (($locked = $query->fetchColumn()) === false) {
@@ -860,8 +863,9 @@ function threadSageLocked($id) {
if (event('check-sage-locked', $id))
return true;
- $query = prepare(sprintf("SELECT `sage` FROM ``posts_%s`` WHERE `id` = :id AND `thread` IS NULL LIMIT 1", $board['uri']));
+ $query = prepare("SELECT `sage` FROM ``posts`` WHERE `board` = :board AND `id` = :id AND `thread` IS NULL LIMIT 1");
$query->bindValue(':id', $id, PDO::PARAM_INT);
+ $query->bindValue(':board', $board['uri'], PDO::PARAM_INT);
$query->execute() or error(db_error());
if (($sagelocked = $query->fetchColumn()) === false) {
@@ -875,8 +879,9 @@ function threadSageLocked($id) {
function threadExists($id) {
global $board;
- $query = prepare(sprintf("SELECT 1 FROM ``posts_%s`` WHERE `id` = :id AND `thread` IS NULL LIMIT 1", $board['uri']));
+ $query = prepare("SELECT 1 FROM ``posts`` WHERE `board` = :board AND `id` = :id AND `thread` IS NULL LIMIT 1");
$query->bindValue(':id', $id, PDO::PARAM_INT);
+ $query->bindValue(':board', $board['uri']);
$query->execute() or error(db_error());
if ($query->rowCount()) {
@@ -904,7 +909,10 @@ function insertFloodPost(array $post) {
function post(array $post) {
global $pdo, $board;
- $query = prepare(sprintf("INSERT INTO ``posts_%s`` VALUES ( NULL, :thread, :subject, :email, :name, :trip, :capcode, :body, :body_nomarkup, :time, :time, :files, :num_files, :filehash, :password, :ip, :sticky, :locked, 0, :embed, NULL)", $board['uri']));
+
+ $query = prepare("INSERT INTO ``posts`` (`board`, `thread`, `subject`, `email`, `name`, `trip`, `capcode`, `body`, `body_nomarkup`, `time`, `bump`, `files`, `num_files`, `filehash`, `password`, `ip`, `sticky`, `locked`, `sage`, `embed`) VALUES (:board, :thread, :subject, :email, :name, :trip, :capcode, :body, :body_nomarkup, :time, :time, :files, :num_files, :filehash, :password, :ip, :sticky, :locked, 0, :embed)");
+
+ $query->bindValue(':board', $board['uri']);
// Basic stuff
if (!empty($post['subject'])) {
@@ -973,12 +981,25 @@ function post(array $post) {
$query->bindValue(':filehash', null, PDO::PARAM_NULL);
}
+ $pdo->beginTransaction();
if (!$query->execute()) {
undoImage($post);
error(db_error($query));
}
+ $lastInsertId = $pdo->lastInsertId();
+
+ $query = prepare("SELECT `id` FROM ``posts`` WHERE `id` = :id");
+ $query->bindValue(':id', $lastInsertId);
- return $pdo->lastInsertId();
+ if(!$query->execute()) {
+ undoImage($post);
+ error(db_error($query));
+ }
+ $lastIdForBoard = $query->fetch(PDO::FETCH_COLUMN);
+
+ $pdo->commit();
+
+ return $lastIdForBoard;
}
function bumpThread($id) {
@@ -990,9 +1011,10 @@ function bumpThread($id) {
if ($config['try_smarter'])
$build_pages[] = thread_find_page($id);
- $query = prepare(sprintf("UPDATE ``posts_%s`` SET `bump` = :time WHERE `id` = :id AND `thread` IS NULL", $board['uri']));
+ $query = prepare("UPDATE ``posts`` SET `bump` = :time WHERE `id` = :id AND `thread` IS NULL AND `board` = :board");
$query->bindValue(':time', time(), PDO::PARAM_INT);
$query->bindValue(':id', $id, PDO::PARAM_INT);
+ $query->bindValue(':board', $board['uri']);
$query->execute() or error(db_error($query));
}
@@ -1000,8 +1022,9 @@ function bumpThread($id) {
function deleteFile($id, $remove_entirely_if_already=true, $file=null) {
global $board, $config;
- $query = prepare(sprintf("SELECT `thread`, `files`, `num_files` FROM ``posts_%s`` WHERE `id` = :id LIMIT 1", $board['uri']));
+ $query = prepare("SELECT `thread`, `files`, `num_files` FROM ``posts`` WHERE `id` = :id AND `board` = :board LIMIT 1");
$query->bindValue(':id', $id, PDO::PARAM_INT);
+ $query->bindValue(':board', $board['uri']);
$query->execute() or error(db_error($query));
if (!$post = $query->fetch(PDO::FETCH_ASSOC))
error($config['error']['invalidpost']);
@@ -1011,7 +1034,7 @@ function deleteFile($id, $remove_entirely_if_already=true, $file=null) {
if ($files[0]->file == 'deleted' && $post['num_files'] == 1 && !$post['thread'])
return; // Can't delete OP's image completely.
- $query = prepare(sprintf("UPDATE ``posts_%s`` SET `files` = :file WHERE `id` = :id", $board['uri']));
+ $query = prepare("UPDATE ``posts`` SET `files` = :file WHERE `id` = :id AND `board` = :board");
if (($file && $file_to_delete->file == 'deleted') && $remove_entirely_if_already) {
// Already deleted; remove file fully
$files[$file] = null;
@@ -1032,6 +1055,7 @@ function deleteFile($id, $remove_entirely_if_already=true, $file=null) {
$query->bindValue(':file', json_encode($files), PDO::PARAM_STR);
$query->bindValue(':id', $id, PDO::PARAM_INT);
+ $query->bindValue(':board', $board['uri']);
$query->execute() or error(db_error($query));
if ($post['thread'])
@@ -1044,8 +1068,9 @@ function deleteFile($id, $remove_entirely_if_already=true, $file=null) {
function rebuildPost($id) {
global $board;
- $query = prepare(sprintf("SELECT `body_nomarkup`, `thread` FROM ``posts_%s`` WHERE `id` = :id", $board['uri']));
+ $query = prepare("SELECT `body_nomarkup`, `thread` FROM ``posts`` WHERE `id` = :id AND `board` = :board");
$query->bindValue(':id', $id, PDO::PARAM_INT);
+ $query->bindValue(':board', $board['uri']);
$query->execute() or error(db_error($query));
if ((!$post = $query->fetch(PDO::FETCH_ASSOC)) || !$post['body_nomarkup'])
@@ -1053,9 +1078,10 @@ function rebuildPost($id) {
markup($body = &$post['body_nomarkup']);
- $query = prepare(sprintf("UPDATE ``posts_%s`` SET `body` = :body WHERE `id` = :id", $board['uri']));
+ $query = prepare("UPDATE ``posts`` SET `body` = :body WHERE `id` = :id AND `board` = :board");
$query->bindValue(':body', $body);
$query->bindValue(':id', $id, PDO::PARAM_INT);
+ $query->bindValue(':board', $board['uri']);
$query->execute() or error(db_error($query));
buildThread($post['thread'] ? $post['thread'] : $id);
@@ -1068,8 +1094,9 @@ function deletePost($id, $error_if_doesnt_exist=true, $rebuild_after=true) {
global $board, $config;
// Select post and replies (if thread) in one query
- $query = prepare(sprintf("SELECT `id`,`thread`,`files` FROM ``posts_%s`` WHERE `id` = :id OR `thread` = :id", $board['uri']));
+ $query = prepare("SELECT `id`,`thread`,`files` FROM ``posts`` WHERE `board` = :board AND (`id` = :id OR `thread` = :id)");
$query->bindValue(':id', $id, PDO::PARAM_INT);
+ $query->bindValue(':board', $board['uri']);
$query->execute() or error(db_error($query));
if ($query->rowCount() < 1) {
@@ -1112,8 +1139,9 @@ function deletePost($id, $error_if_doesnt_exist=true, $rebuild_after=true) {
}
- $query = prepare(sprintf("DELETE FROM ``posts_%s`` WHERE `id` = :id OR `thread` = :id", $board['uri']));
+ $query = prepare("DELETE FROM ``posts`` WHERE `board` = :board AND (`id` = :id OR `thread` = :id)");
$query->bindValue(':id', $id, PDO::PARAM_INT);
+ $query->bindValue(':board', $board['uri']);
$query->execute() or error(db_error($query));
$query = prepare("SELECT `board`, `post` FROM ``cites`` WHERE `target_board` = :board AND (`target` = " . implode(' OR `target` = ', $ids) . ") ORDER BY `board`");
@@ -1148,7 +1176,8 @@ function clean() {
$offset = round($config['max_pages']*$config['threads_per_page']);
// I too wish there was an easier way of doing this...
- $query = prepare(sprintf("SELECT `id` FROM ``posts_%s`` WHERE `thread` IS NULL ORDER BY `sticky` DESC, `bump` DESC LIMIT :offset, 9001", $board['uri']));
+ $query = prepare("SELECT `id` FROM ``posts`` WHERE `board` = :board AND `thread` IS NULL ORDER BY `sticky` DESC, `bump` DESC LIMIT :offset, 9001");
+ $query->bindValue(':board', $board['uri']);
$query->bindValue(':offset', $offset, PDO::PARAM_INT);
$query->execute() or error(db_error($query));
@@ -1160,7 +1189,7 @@ function clean() {
function thread_find_page($thread) {
global $config, $board;
- $query = query(sprintf("SELECT `id` FROM ``posts_%s`` WHERE `thread` IS NULL ORDER BY `sticky` DESC, `bump` DESC", $board['uri'])) or error(db_error($query));
+ $query = query(sprintf("SELECT `id` FROM ``posts`` WHERE `thread` IS NULL AND `board` = '%s' ORDER BY `sticky` DESC, `bump` DESC", $board['uri'])) or error(db_error($query));
$threads = $query->fetchAll(PDO::FETCH_COLUMN);
if (($index = array_search($thread, $threads)) === false)
return false;
@@ -1173,7 +1202,8 @@ function index($page, $mod=false) {
$body = '';
$offset = round($page*$config['threads_per_page']-$config['threads_per_page']);
- $query = prepare(sprintf("SELECT * FROM ``posts_%s`` WHERE `thread` IS NULL ORDER BY `sticky` DESC, `bump` DESC LIMIT :offset,:threads_per_page", $board['uri']));
+ $query = prepare("SELECT * FROM ``posts`` WHERE `thread` IS NULL AND `board` = :board ORDER BY `sticky` DESC, `bump` DESC LIMIT :offset,:threads_per_page");
+ $query->bindValue(':board', $board['uri']);
$query->bindValue(':offset', $offset, PDO::PARAM_INT);
$query->bindValue(':threads_per_page', $config['threads_per_page'], PDO::PARAM_INT);
$query->execute() or error(db_error($query));
@@ -1199,8 +1229,9 @@ function index($page, $mod=false) {
}
}
if (!isset($cached)) {
- $posts = prepare(sprintf("SELECT * FROM ``posts_%s`` WHERE `thread` = :id ORDER BY `id` DESC LIMIT :limit", $board['uri']));
+ $posts = prepare("SELECT * FROM ``posts`` WHERE `thread` = :id AND `board` = :board ORDER BY `id` DESC LIMIT :limit");
$posts->bindValue(':id', $th['id']);
+ $posts->bindValue(':board', $board['uri']);
$posts->bindValue(':limit', ($th['sticky'] ? $config['threads_preview_sticky'] : $config['threads_preview']), PDO::PARAM_INT);
$posts->execute() or error(db_error($posts));
@@ -1304,7 +1335,9 @@ function getPages($mod=false) {
$count = $board['thread_count'];
} else {
// Count threads
- $query = query(sprintf("SELECT COUNT(*) FROM ``posts_%s`` WHERE `thread` IS NULL", $board['uri'])) or error(db_error());
+ $query = prepare("SELECT COUNT(*) FROM ``posts`` WHERE `thread` IS NULL AND `board` = :board");
+ $query->bindValue(':board', $board['uri']);
+ $query->execute() or error(db_error());
$count = $query->fetchColumn();
}
$count = floor(($config['threads_per_page'] + $count - 1) / $config['threads_per_page']);
@@ -1381,8 +1414,9 @@ function checkRobot($body) {
// Returns an associative array with 'replies' and 'images' keys
function numPosts($id) {
global $board;
- $query = prepare(sprintf("SELECT COUNT(*) AS `replies`, SUM(`num_files`) AS `images` FROM ``posts_%s`` WHERE `thread` = :thread", $board['uri'], $board['uri']));
+ $query = prepare("SELECT COUNT(*) AS `replies`, SUM(`num_files`) AS `images` FROM ``posts`` WHERE `thread` = :thread AND `board` = :board");
$query->bindValue(':thread', $id, PDO::PARAM_INT);
+ $query->bindValue(':board', $board['uri']);
$query->execute() or error(db_error($query));
return $query->fetch(PDO::FETCH_ASSOC);
@@ -1766,8 +1800,10 @@ function markup(&$body, $track_cites = false) {
}
$search_cites = array_unique($search_cites);
- $query = query(sprintf('SELECT `thread`, `id` FROM ``posts_%s`` WHERE ' .
- implode(' OR ', $search_cites), $board['uri'])) or error(db_error());
+ $query = prepare('SELECT `thread`, `id` FROM ``posts`` WHERE `board` = :board ' .
+ implode(' OR ', $search_cites));
+ $query->bindValue(':board', $board['uri']);
+ $query->execute() or error(db_error());
$cited_posts = array();
while ($cited = $query->fetch(PDO::FETCH_ASSOC)) {
@@ -1851,8 +1887,10 @@ function markup(&$body, $track_cites = false) {
if (!empty($clauses)) {
$cited_posts[$_board] = array();
- $query = query(sprintf('SELECT `thread`, `id` FROM ``posts_%s`` WHERE ' .
- implode(' OR ', $clauses), $board['uri'])) or error(db_error());
+ $query = prepare('SELECT `thread`, `id` FROM ``posts`` WHERE `board` = :board ' .
+ implode(' OR ', $clauses));
+ $query->bindValue(':board', $board['uri']);
+ $query->execute() or error(db_error());
while ($cite = $query->fetch(PDO::FETCH_ASSOC)) {
$cited_posts[$_board][$cite['id']] = $config['root'] . $board['dir'] . $config['dir']['res'] .
@@ -1996,8 +2034,9 @@ function buildThread($id, $return = false, $mod = false) {
cache::delete("thread_{$board['uri']}_{$id}");
}
- $query = prepare(sprintf("SELECT * FROM ``posts_%s`` WHERE (`thread` IS NULL AND `id` = :id) OR `thread` = :id ORDER BY `thread`,`id`", $board['uri']));
+ $query = prepare("SELECT * FROM ``posts`` WHERE `board` = :board AND ((`thread` IS NULL AND `id` = :id) OR `thread` = :id) ORDER BY `thread`,`id`");
$query->bindValue(':id', $id, PDO::PARAM_INT);
+ $query->bindValue(':board', $board['uri']);
$query->execute() or error(db_error($query));
while ($post = $query->fetch(PDO::FETCH_ASSOC)) {
@@ -2060,8 +2099,9 @@ function buildThread50($id, $return = false, $mod = false, $thread = null, $anti
$antibot->reset();
if (!$thread) {
- $query = prepare(sprintf("SELECT * FROM ``posts_%s`` WHERE (`thread` IS NULL AND `id` = :id) OR `thread` = :id ORDER BY `thread`,`id` DESC LIMIT :limit", $board['uri']));
+ $query = prepare("SELECT * FROM ``posts`` WHERE `board` = :board AND (`thread` IS NULL AND `id` = :id) OR `thread` = :id ORDER BY `thread`,`id` DESC LIMIT :limit");
$query->bindValue(':id', $id, PDO::PARAM_INT);
+ $query->bindValue(':board', $board['uri']);
$query->bindValue(':limit', $config['noko50_count']+1, PDO::PARAM_INT);
$query->execute() or error(db_error($query));
@@ -2083,8 +2123,9 @@ function buildThread50($id, $return = false, $mod = false, $thread = null, $anti
if ($query->rowCount() == $config['noko50_count']+1) {
- $count = prepare(sprintf("SELECT COUNT(`id`) as `num` FROM ``posts_%s`` WHERE `thread` = :thread UNION ALL
- SELECT SUM(`num_files`) FROM ``posts_%s`` WHERE `files` IS NOT NULL AND `thread` = :thread", $board['uri'], $board['uri']));
+ $count = prepare("SELECT COUNT(`id`) as `num` FROM ``posts`` WHERE `board` = :board AND `thread` = :thread UNION ALL
+ SELECT SUM(`num_files`) FROM ``posts`` WHERE `board` = :board AND `files` IS NOT NULL AND `thread` = :thread");
+ $count->bindValue(':board', $board['uri']);
$count->bindValue(':thread', $id, PDO::PARAM_INT);
$count->execute() or error(db_error($count));
@@ -2225,7 +2266,8 @@ function fraction($numerator, $denominator, $sep) {
function getPostByHash($hash) {
global $board;
- $query = prepare(sprintf("SELECT `id`,`thread` FROM ``posts_%s`` WHERE `filehash` = :hash", $board['uri']));
+ $query = prepare("SELECT `id`,`thread` FROM ``posts`` WHERE `board` = :board AND `filehash` = :hash");
+ $query->bindValue(':board', $board['uri']);
$query->bindValue(':hash', $hash, PDO::PARAM_STR);
$query->execute() or error(db_error($query));
@@ -2238,7 +2280,8 @@ function getPostByHash($hash) {
function getPostByHashInThread($hash, $thread) {
global $board;
- $query = prepare(sprintf("SELECT `id`,`thread` FROM ``posts_%s`` WHERE `filehash` = :hash AND ( `thread` = :thread OR `id` = :thread )", $board['uri']));
+ $query = prepare("SELECT `id`,`thread` FROM ``posts`` WHERE `board` = :board AND `filehash` = :hash AND ( `thread` = :thread OR `id` = :thread )");
+ $query->bindValue(':board', $board['uri']);
$query->bindValue(':hash', $hash, PDO::PARAM_STR);
$query->bindValue(':thread', $thread, PDO::PARAM_INT);
$query->execute() or error(db_error($query));
diff --git a/inc/instance-config.php b/inc/instance-config.php
index 73e84b7cd..6a4ef8293 100644
--- a/inc/instance-config.php
+++ b/inc/instance-config.php
@@ -353,7 +353,9 @@ function purify($s){
openBoard($b);
buildIndex();
buildJavascript();
- $query = query(sprintf("SELECT `id` FROM ``posts_%s`` WHERE `thread` IS NULL", $b)) or error(db_error());
+ $query = prepare("SELECT `id` FROM ``posts`` WHERE `board` = :board AND `thread` IS NULL");
+ $query->bindValue(':board', $b);
+ $query->execute() or error(db_error());
while ($post = $query->fetch(PDO::FETCH_ASSOC)) {
buildThread($post['id']);
}
diff --git a/inc/mod/pages.php b/inc/mod/pages.php
old mode 100644
new mode 100755
index 35773e7cd..dcfa430b6
--- a/inc/mod/pages.php
+++ b/inc/mod/pages.php
@@ -271,26 +271,35 @@ function mod_search($type, $search_query_escaped, $page_no = 1) {
// Compile SQL query
if ($type == 'posts') {
- $query = '';
+ $query = 'SELECT * FROM ``posts`` WHERE ';
$boards = listBoards();
if (empty($boards))
error(_('There are no boards to search!'));
+ $sql_boards = '(';
+ $allowed_boards = false;
+ $first = true;
foreach ($boards as $board) {
openBoard($board['uri']);
- if (!hasPermission($config['mod']['search_posts'], $board['uri']))
+ if (!hasPermission($config['mod']['search_posts'], $board['uri'])) {
continue;
-
- if (!empty($query))
- $query .= ' UNION ALL ';
- $query .= sprintf("SELECT *, '%s' AS `board` FROM ``posts_%s`` WHERE %s", $board['uri'], $board['uri'], $sql_like);
+ }
+
+ if($first) {
+ $sql_boards .= sprintf(" `board` = '%s' ", $board['uri']);
+ } else {
+ $sql_boards .= sprintf(" OR `board` = '%s' ", $board['uri']);
+ }
+ $first = false;
+ $allowed_boards = true;
}
+ $sql_boards .= ") AND ";
// You weren't allowed to search any boards
- if (empty($query))
+ if ($allowed_boards == false)
error($config['error']['noaccess']);
- $query .= ' ORDER BY `sticky` DESC, `id` DESC';
+ $query .= $sql_boards . $sql_like . ' ORDER BY `sticky` DESC, `id` DESC';
}
if ($type == 'IP_notes') {
@@ -378,8 +387,10 @@ function mod_edit_board($boardName) {
modLog('Deleted board: ' . sprintf($config['board_abbreviation'], $board['uri']), false);
- // Delete posting table
- $query = query(sprintf('DROP TABLE IF EXISTS ``posts_%s``', $board['uri'])) or error(db_error());
+ // Delete posts
+ $query = prepare('DELETE FROM ``posts`` WHERE `board` = :board');
+ $query->bindValue(':board', $board['uri']);
+ $query->execute() or error(db_error($query));
// Clear reports
$query = prepare('DELETE FROM ``reports`` WHERE `board` = :id');
@@ -496,7 +507,7 @@ function mod_new_board() {
error(sprintf($config['error']['boardexists'], $board['url']));
}
- $query = prepare('INSERT INTO ``boards`` VALUES (:uri, :title, :subtitle)');
+ $query = prepare('INSERT INTO ``boards`` (`uri`, `title`, `subtitle`) VALUES (:uri, :title, :subtitle)');
$query->bindValue(':uri', $_POST['uri']);
$query->bindValue(':title', $_POST['title']);
$query->bindValue(':subtitle', $_POST['subtitle']);
@@ -507,13 +518,6 @@ function mod_new_board() {
if (!openBoard($_POST['uri']))
error(_("Couldn't open board after creation."));
- $query = Element('posts.sql', array('board' => $board['uri']));
-
- if (mysql_version() < 50503)
- $query = preg_replace('/(CHARSET=|CHARACTER SET )utf8mb4/', '$1utf8', $query);
-
- query($query) or error(db_error());
-
if ($config['cache']['enabled'])
cache::delete('all_boards');
@@ -822,7 +826,8 @@ function mod_page_ip($ip) {
openBoard($board['uri']);
if (!hasPermission($config['mod']['show_ip'], $board['uri']))
continue;
- $query = prepare(sprintf('SELECT * FROM ``posts_%s`` WHERE `ip` = :ip ORDER BY `sticky` DESC, `id` DESC LIMIT :limit', $board['uri']));
+ $query = prepare('SELECT * FROM ``posts`` WHERE `board` = :board AND `ip` = :ip ORDER BY `sticky` DESC, `id` DESC LIMIT :limit');
+ $query->bindValue(':board', $board['uri']);
$query->bindValue(':ip', $ip);
$query->bindValue(':limit', $config['mod']['ip_recentposts'], PDO::PARAM_INT);
$query->execute() or error(db_error($query));
@@ -1085,8 +1090,10 @@ function mod_ban_appeals() {
if ($ban['post'] && isset($ban['post']['board'], $ban['post']['id'])) {
if (openBoard($ban['post']['board'])) {
- $query = query(sprintf("SELECT `num_files`, `files` FROM ``posts_%s`` WHERE `id` = " .
- (int)$ban['post']['id'], $board['uri']));
+ $query = prepare("SELECT `num_files`, `files` FROM ``posts`` WHERE `board` = :board AND `id` = :id");
+ $query->bindValue(':board', $board['uri']);
+ $query->bindValue(':id', (int)$ban['post']['id']);
+ $query->execute() or error(db_error());
if ($_post = $query->fetch(PDO::FETCH_ASSOC)) {
$_post['files'] = $_post['files'] ? json_decode($_post['files']) : array();
$ban['post'] = array_merge($ban['post'], $_post);
@@ -1126,7 +1133,8 @@ function mod_lock($board, $unlock, $post) {
if (!hasPermission($config['mod']['lock'], $board))
error($config['error']['noaccess']);
- $query = prepare(sprintf('UPDATE ``posts_%s`` SET `locked` = :locked WHERE `id` = :id AND `thread` IS NULL', $board));
+ $query = prepare('UPDATE ``posts`` SET `locked` = :locked WHERE `id` = :id AND `board` = :board AND `thread` IS NULL');
+ $query->bindValue(':board', $board);
$query->bindValue(':id', $post);
$query->bindValue(':locked', $unlock ? 0 : 1);
$query->execute() or error(db_error($query));
@@ -1160,7 +1168,8 @@ function mod_sticky($board, $unsticky, $post) {
if (!hasPermission($config['mod']['sticky'], $board))
error($config['error']['noaccess']);
- $query = prepare(sprintf('UPDATE ``posts_%s`` SET `sticky` = :sticky WHERE `id` = :id AND `thread` IS NULL', $board));
+ $query = prepare('UPDATE ``posts`` SET `sticky` = :sticky WHERE `board` = :board AND `id` = :id AND `thread` IS NULL');
+ $query->bindValue(':board', $board);
$query->bindValue(':id', $post);
$query->bindValue(':sticky', $unsticky ? 0 : 1);
$query->execute() or error(db_error($query));
@@ -1182,7 +1191,8 @@ function mod_bumplock($board, $unbumplock, $post) {
if (!hasPermission($config['mod']['bumplock'], $board))
error($config['error']['noaccess']);
- $query = prepare(sprintf('UPDATE ``posts_%s`` SET `sage` = :bumplock WHERE `id` = :id AND `thread` IS NULL', $board));
+ $query = prepare('UPDATE ``posts`` SET `sage` = :bumplock WHERE `board` = :board AND `id` = :id AND `thread` IS NULL');
+ $query->bindValue(':board', $board);
$query->bindValue(':id', $post);
$query->bindValue(':bumplock', $unbumplock ? 0 : 1);
$query->execute() or error(db_error($query));
@@ -1204,7 +1214,8 @@ function mod_move_reply($originBoard, $postID) {
if (!hasPermission($config['mod']['move'], $originBoard))
error($config['error']['noaccess']);
- $query = prepare(sprintf('SELECT * FROM ``posts_%s`` WHERE `id` = :id', $originBoard));
+ $query = prepare('SELECT * FROM ``posts`` WHERE `board` = :board AND `id` = :id');
+ $query->bindValue(':board', $originBoard);
$query->bindValue(':id', $postID);
$query->execute() or error(db_error($query));
if (!$post = $query->fetch(PDO::FETCH_ASSOC))
@@ -1214,7 +1225,8 @@ function mod_move_reply($originBoard, $postID) {
$targetBoard = $_POST['board'];
if ($_POST['target_thread']) {
- $query = prepare(sprintf('SELECT * FROM ``posts_%s`` WHERE `id` = :id', $targetBoard));
+ $query = prepare('SELECT * FROM ``posts`` WHERE `board` = :board AND `id` = :id');
+ $query->bindValue(':board', $targetBoard);
$query->bindValue(':id', $_POST['target_thread']);
$query->execute() or error(db_error($query)); // If it fails, thread probably does not exist
$post['op'] = false;
@@ -1275,7 +1287,8 @@ function mod_move_reply($originBoard, $postID) {
openBoard($targetBoard);
// Find new thread on our target board
- $query = prepare(sprintf('SELECT thread FROM ``posts_%s`` WHERE `id` = :id', $targetBoard));
+ $query = prepare('SELECT thread FROM ``posts`` WHERE `board` = :board AND `id` = :id');
+ $query->bindValue(':board', $targetBoard);
$query->bindValue(':id', $newID);
$query->execute() or error(db_error($query));
$post = $query->fetch(PDO::FETCH_ASSOC);
@@ -1304,7 +1317,8 @@ function mod_move($originBoard, $postID) {
if (!hasPermission($config['mod']['move'], $originBoard))
error($config['error']['noaccess']);
- $query = prepare(sprintf('SELECT * FROM ``posts_%s`` WHERE `id` = :id AND `thread` IS NULL', $originBoard));
+ $query = prepare('SELECT * FROM ``posts`` WHERE `board` = :board AND `id` = :id AND `thread` IS NULL');
+ $query->bindValue(':board', $originBoard);
$query->bindValue(':id', $postID);
$query->execute() or error(db_error($query));
if (!$post = $query->fetch(PDO::FETCH_ASSOC))
@@ -1358,7 +1372,8 @@ function mod_move($originBoard, $postID) {
// go back to the original board to fetch replies
openBoard($originBoard);
- $query = prepare(sprintf('SELECT * FROM ``posts_%s`` WHERE `thread` = :id ORDER BY `id`', $originBoard));
+ $query = prepare('SELECT * FROM ``posts`` WHERE `board` = :board AND `thread` = :id ORDER BY `id`');
+ $query->bindValue(':board', $originBoard);
$query->bindValue(':id', $postID, PDO::PARAM_INT);
$query->execute() or error(db_error($query));
@@ -1447,7 +1462,8 @@ function mod_move($originBoard, $postID) {
if ($shadow) {
// lock old thread
- $query = prepare(sprintf('UPDATE ``posts_%s`` SET `locked` = 1 WHERE `id` = :id', $originBoard));
+ $query = prepare('UPDATE ``posts`` SET `locked` = 1 WHERE `board` = :board AND `id` = :id');
+ $query->bindValue(':board', $originBoard);
$query->bindValue(':id', $postID, PDO::PARAM_INT);
$query->execute() or error(db_error($query));
@@ -1506,8 +1522,9 @@ function mod_ban_post($board, $delete, $post, $token = false) {
$security_token = make_secure_link_token($board . '/ban/' . $post);
- $query = prepare(sprintf('SELECT ' . ($config['ban_show_post'] ? '*' : '`ip`, `thread`') .
- ' FROM ``posts_%s`` WHERE `id` = :id', $board));
+ $query = prepare('SELECT ' . ($config['ban_show_post'] ? '*' : '`ip`, `thread`') .
+ ' FROM ``posts`` WHERE `board` = :board AND `id` = :id');
+ $query->bindValue(':board', $board);
$query->bindValue(':id', $post);
$query->execute() or error(db_error($query));
if (!$_post = $query->fetch(PDO::FETCH_ASSOC))
@@ -1534,7 +1551,8 @@ function mod_ban_post($board, $delete, $post, $token = false) {
$_POST['message'] = preg_replace('/[\r\n]/', '', $_POST['message']);
$_POST['message'] = str_replace('%length%', $length_english, $_POST['message']);
$_POST['message'] = str_replace('%LENGTH%', strtoupper($length_english), $_POST['message']);
- $query = prepare(sprintf('UPDATE ``posts_%s`` SET `body_nomarkup` = CONCAT(`body_nomarkup`, :body_nomarkup) WHERE `id` = :id', $board));
+ $query = prepare('UPDATE ``posts`` SET `body_nomarkup` = CONCAT(`body_nomarkup`, :body_nomarkup) WHERE `board` = :board AND `id` = :id');
+ $query->bindValue(':board', $board);
$query->bindValue(':id', $post);
$query->bindValue(':body_nomarkup', sprintf("\n%s", utf8tohtml($_POST['message'])));
$query->execute() or error(db_error($query));
@@ -1583,7 +1601,8 @@ function mod_edit_post($board, $edit_raw_html, $postID) {
$security_token = make_secure_link_token($board . '/edit' . ($edit_raw_html ? '_raw' : '') . '/' . $postID);
- $query = prepare(sprintf('SELECT * FROM ``posts_%s`` WHERE `id` = :id', $board));
+ $query = prepare('SELECT * FROM ``posts`` WHERE `board` = :board AND `id` = :id');
+ $query->bindValue(':board', $board);
$query->bindValue(':id', $postID);
$query->execute() or error(db_error($query));
@@ -1592,9 +1611,10 @@ function mod_edit_post($board, $edit_raw_html, $postID) {
if (isset($_POST['name'], $_POST['email'], $_POST['subject'], $_POST['body'])) {
if ($edit_raw_html)
- $query = prepare(sprintf('UPDATE ``posts_%s`` SET `name` = :name, `email` = :email, `subject` = :subject, `body` = :body, `body_nomarkup` = :body_nomarkup, `edited_at` = NOW() WHERE `id` = :id', $board));
+ $query = prepare('UPDATE ``posts`` SET `name` = :name, `email` = :email, `subject` = :subject, `body` = :body, `body_nomarkup` = :body_nomarkup, `edited_at` = NOW() WHERE `board` = :board AND `id` = :id');
else
- $query = prepare(sprintf('UPDATE ``posts_%s`` SET `name` = :name, `email` = :email, `subject` = :subject, `body_nomarkup` = :body, `edited_at` = NOW() WHERE `id` = :id', $board));
+ $query = prepare('UPDATE ``posts`` SET `name` = :name, `email` = :email, `subject` = :subject, `body_nomarkup` = :body, `edited_at` = NOW() WHERE `board` = :board AND `id` = :id');
+ $query->bindValue(':board', $board);
$query->bindValue(':id', $postID);
$query->bindValue('name', $_POST['name']);
$query->bindValue(':email', $_POST['email']);
@@ -1686,7 +1706,8 @@ function mod_spoiler_image($board, $post, $file) {
error($config['error']['noaccess']);
// Delete file thumbnail
- $query = prepare(sprintf("SELECT `files`, `thread` FROM ``posts_%s`` WHERE id = :id", $board));
+ $query = prepare("SELECT `files`, `thread` FROM ``posts`` WHERE `board` = :board AND `id` = :id");
+ $query->bindValue(':board', $board);
$query->bindValue(':id', $post, PDO::PARAM_INT);
$query->execute() or error(db_error($query));
$result = $query->fetch(PDO::FETCH_ASSOC);
@@ -1699,8 +1720,9 @@ function mod_spoiler_image($board, $post, $file) {
$files[$file]->thumbheight = $size_spoiler_image[1];
// Make thumbnail spoiler
- $query = prepare(sprintf("UPDATE ``posts_%s`` SET `files` = :files WHERE `id` = :id", $board));
+ $query = prepare("UPDATE ``posts`` SET `files` = :files WHERE `board` = :board AND `id` = :id");
$query->bindValue(':files', json_encode($files));
+ $query->bindValue(':board', $board);
$query->bindValue(':id', $post, PDO::PARAM_INT);
$query->execute() or error(db_error($query));
@@ -1735,7 +1757,8 @@ function mod_deletebyip($boardName, $post, $global = false) {
error($config['error']['noaccess']);
// Find IP address
- $query = prepare(sprintf('SELECT `ip` FROM ``posts_%s`` WHERE `id` = :id', $boardName));
+ $query = prepare('SELECT `ip` FROM ``posts`` WHERE `board` = :board AND `id` = :id');
+ $query->bindValue(':board', $boardName);
$query->bindValue(':id', $post);
$query->execute() or error(db_error($query));
if (!$ip = $query->fetchColumn())
@@ -1743,12 +1766,25 @@ function mod_deletebyip($boardName, $post, $global = false) {
$boards = $global ? listBoards() : array(array('uri' => $boardName));
- $query = '';
- foreach ($boards as $_board) {
- $query .= sprintf("SELECT `thread`, `id`, '%s' AS `board` FROM ``posts_%s`` WHERE `ip` = :ip UNION ALL ", $_board['uri'], $_board['uri']);
+ $query = 'SELECT `thread`, `id` FROM ``posts`` WHERE ';
+
+ if($global) {
+ $sql_boards = '';
+ } else {
+ $sql_boards = '(';
+ $first = true;
+ foreach ($boards as $_board) {
+ if($first) {
+ $sql_boards .= sprintf(" `board` = '%s' ", $_board['uri']);
+ } else {
+ $sql_boards .= sprintf(" OR `board` = '%s' ", $_board['uri']);
+ }
+ $first = false;
+ }
+ $sql_boards .= ") AND ";
}
- $query = preg_replace('/UNION ALL $/', '', $query);
-
+
+ $query .= $sql_boards . " `ip` = :ip";
$query = prepare($query);
$query->bindValue(':ip', $ip);
$query->execute() or error(db_error($query));
@@ -2239,7 +2275,9 @@ function mod_rebuild() {
}
if (isset($_POST['rebuild_thread'])) {
- $query = query(sprintf("SELECT `id` FROM ``posts_%s`` WHERE `thread` IS NULL", $board['uri'])) or error(db_error());
+ $query = prepare("SELECT `id` FROM ``posts`` WHERE `board` = :board AND `thread` IS NULL");
+ $query->bindValue(':board', $board['uri']);
+ $query->execute() or error(db_error());
while ($post = $query->fetch(PDO::FETCH_ASSOC)) {
$log[] = '' . sprintf($config['board_abbreviation'], $board['uri']) . ': Rebuilding thread #' . $post['id'];
buildThread($post['id']);
@@ -2291,7 +2329,9 @@ function mod_reports($global = false) {
foreach ($report_queries as $board => $posts) {
$report_posts[$board] = array();
- $query = query(sprintf('SELECT * FROM ``posts_%s`` WHERE `id` = ' . implode(' OR `id` = ', $posts), $board)) or error(db_error());
+ $query = prepare('SELECT * FROM ``posts`` WHERE `board` = :board AND `id` = ' . implode(' OR `id` = ', $posts));
+ $query->bindValue(':board', $board);
+ $query->execute() or error(db_error());
while ($post = $query->fetch(PDO::FETCH_ASSOC)) {
$report_posts[$board][$post['id']] = $post;
}
@@ -2406,17 +2446,24 @@ function mod_recent_posts($lim) {
if (in_array($board['uri'], $mod['boards']))
$mod_boards[] = $board;
}
+ $allboards = false;
} else {
$mod_boards = $boards;
+ $all_boards = true;
}
// Manually build an SQL query
- $query = 'SELECT * FROM (';
- foreach ($mod_boards as $board) {
- $query .= sprintf('SELECT *, %s AS `board` FROM ``posts_%s`` UNION ALL ', $pdo->quote($board['uri']), $board['uri']);
+ $query = 'SELECT * FROM ``posts`` WHERE ';
+ if(!$all_boards) {
+ $boards_uris = array();
+ foreach($mod_boards as $_board) {
+ $boards_uris[] = "'" . $_board['uri'] . "'";
+ }
+ $query .= ' (`board` = ';
+ $query .= implode(' OR `board` = ', $boards_uris);
+ $query .= ') AND ';
}
- // Remove the last "UNION ALL" seperator and complete the query
- $query = preg_replace('/UNION ALL $/', ') AS `all_posts` WHERE (`time` < :last_time OR NOT :last_time) ORDER BY `time` DESC LIMIT ' . $limit, $query);
+ $query .= ' (`time` < :last_time OR NOT :last_time) ORDER BY `time` DESC LIMIT ' . $limit;
$query = prepare($query);
$query->bindValue(':last_time', $last_time);
$query->execute() or error(db_error($query));
@@ -2773,12 +2820,7 @@ function mod_debug_recent_posts() {
$boards = listBoards();
// Manually build an SQL query
- $query = 'SELECT * FROM (';
- foreach ($boards as $board) {
- $query .= sprintf('SELECT *, %s AS `board` FROM ``posts_%s`` UNION ALL ', $pdo->quote($board['uri']), $board['uri']);
- }
- // Remove the last "UNION ALL" seperator and complete the query
- $query = preg_replace('/UNION ALL $/', ') AS `all_posts` ORDER BY `time` DESC LIMIT ' . $limit, $query);
+ $query = 'SELECT * FROM ``posts`` ORDER BY `time` DESC LIMIT ' . $limit;
$query = query($query) or error(db_error());
$posts = $query->fetchAll(PDO::FETCH_ASSOC);
diff --git a/install.php b/install.php
index 8b3815a24..6e7cf2e0b 100644
--- a/install.php
+++ b/install.php
@@ -1,7 +1,7 @@
vichan upgrade path.
query("CREATE TABLE IF NOT EXISTS ``search_queries`` ( `ip` varchar(39) NOT NULL, `time` int(11) NOT NULL, `query` text NOT NULL) ENGINE=MyISAM DEFAULT CHARSET=utf8;") or error(db_error());
@@ -842,8 +881,6 @@ function create_config_from_array(&$instance_config, &$array, $prefix = '') {
preg_match_all("/(^|\n)((SET|CREATE|INSERT).+)\n\n/msU", $sql, $queries);
$queries = $queries[2];
- $queries[] = Element('posts.sql', array('board' => 'b'));
-
$sql_errors = '';
foreach ($queries as $query) {
if ($mysql_version < 50503)
diff --git a/install.sql b/install.sql
old mode 100644
new mode 100755
index 70bb22605..a13f90ba0
--- a/install.sql
+++ b/install.sql
@@ -84,6 +84,43 @@ INSERT INTO `boards` VALUES
-- --------------------------------------------------------
+--
+-- Table structure for table `posts`
+--
+
+CREATE TABLE IF NOT EXISTS `posts` (
+ `id` int(11) unsigned NOT NULL AUTO_INCREMENT,
+ `board` varchar(58) NOT NULL,
+ `thread` int(11) DEFAULT NULL,
+ `subject` varchar(100) DEFAULT NULL,
+ `email` varchar(30) DEFAULT NULL,
+ `name` varchar(35) DEFAULT NULL,
+ `trip` varchar(15) DEFAULT NULL,
+ `capcode` varchar(50) DEFAULT NULL,
+ `body` text NOT NULL,
+ `body_nomarkup` text,
+ `time` int(11) NOT NULL,
+ `bump` int(11) DEFAULT NULL,
+ `files` text,
+ `num_files` int(11) DEFAULT '0',
+ `filehash` text CHARACTER SET ascii,
+ `password` varchar(20) DEFAULT NULL,
+ `ip` varchar(39) CHARACTER SET ascii NOT NULL,
+ `sticky` int(1) NOT NULL,
+ `locked` int(1) NOT NULL,
+ `sage` int(1) NOT NULL,
+ `embed` text,
+ `edited_at` DATETIME NULL,
+ PRIMARY KEY (`board`,`id`),
+ KEY `thread_id` (`thread`,`id`),
+ KEY `filehash` (`filehash`(40)),
+ KEY `time` (`time`),
+ KEY `ip` (`ip`),
+ KEY `list_threads` (`thread`,`sticky`,`bump`)
+) ENGINE=MyISAM DEFAULT CHARSET=utf8mb4 AUTO_INCREMENT=1;
+
+-- --------------------------------------------------------
+
--
-- Table structure for table `cites`
--
diff --git a/post.php b/post.php
old mode 100644
new mode 100755
index 080891ad3..ec66d03ba
--- a/post.php
+++ b/post.php
@@ -52,15 +52,17 @@ function strip_array($var) {
error($config['error']['nodelete']);
foreach ($delete as &$id) {
- $query = prepare(sprintf("SELECT `thread`, `time`,`password` FROM ``posts_%s`` WHERE `id` = :id", $board['uri']));
+ $query = prepare("SELECT `thread`, `time`,`password` FROM ``posts`` WHERE `id` = :id AND `board` = :board");
$query->bindValue(':id', $id, PDO::PARAM_INT);
+ $query->bindValue(':board', $board['uri']);
$query->execute() or error(db_error($query));
if ($post = $query->fetch(PDO::FETCH_ASSOC)) {
$thread = false;
if ($config['user_moderation'] && $post['thread']) {
- $thread_query = prepare(sprintf("SELECT `time`,`password` FROM ``posts_%s`` WHERE `id` = :id", $board['uri']));
+ $thread_query = prepare("SELECT `time`,`password` FROM ``posts`` WHERE `id` = :id AND `board` = :board");
$thread_query->bindValue(':id', $post['thread'], PDO::PARAM_INT);
+ $thread_query->bindValue(':board', $board['uri']);
$thread_query->execute() or error(db_error($query));
$thread = $thread_query->fetch(PDO::FETCH_ASSOC);
@@ -131,7 +133,8 @@ function strip_array($var) {
markup($reason);
foreach ($report as &$id) {
- $query = prepare(sprintf("SELECT `thread` FROM ``posts_%s`` WHERE `id` = :id", $board['uri']));
+ $query = prepare("SELECT `thread` FROM ``posts`` WHERE `board` = :board AND `id` = :id");
+ $query->bindValue(':board', $board['uri']);
$query->bindValue(':id', $id, PDO::PARAM_INT);
$query->execute() or error(db_error($query));
@@ -252,8 +255,9 @@ function strip_array($var) {
//Check if thread exists
if (!$post['op']) {
- $query = prepare(sprintf("SELECT `sticky`,`locked`,`sage` FROM ``posts_%s`` WHERE `id` = :id AND `thread` IS NULL LIMIT 1", $board['uri']));
+ $query = prepare("SELECT `sticky`,`locked`,`sage` FROM ``posts`` WHERE `id` = :id AND `thread` IS NULL AND `board` = :board LIMIT 1");
$query->bindValue(':id', $post['thread'], PDO::PARAM_INT);
+ $query->bindValue(':board', $board['uri']);
$query->execute() or error(db_error());
if (!$thread = $query->fetch(PDO::FETCH_ASSOC)) {
diff --git a/search.php b/search.php
old mode 100644
new mode 100755
index 39c03b7d6..65671658d
--- a/search.php
+++ b/search.php
@@ -126,7 +126,8 @@ function search_filters($m) {
$like = str_replace('%', '%%', $like);
- $query = prepare(sprintf("SELECT * FROM ``posts_%s`` WHERE " . $like . " ORDER BY `time` DESC LIMIT :limit", $board['uri']));
+ $query = prepare("SELECT * FROM ``posts`` WHERE `board` = :board AND " . $like . " ORDER BY `time` DESC LIMIT :limit");
+ $query->bindValue(':board', $board['uri']);
$query->bindValue(':limit', $search_limit, PDO::PARAM_INT);
$query->execute() or error(db_error($query));
diff --git a/templates/post_reply.html b/templates/post_reply.html
old mode 100644
new mode 100755
diff --git a/templates/post_thread.html b/templates/post_thread.html
old mode 100644
new mode 100755
index 51d1fb0c6..de26217a7
--- a/templates/post_thread.html
+++ b/templates/post_thread.html
@@ -16,7 +16,7 @@
{% include 'post/poster_id.html' %}
No.
- {{ post.id }}
+ {{ post.id }}
{% if post.sticky %}
{% if config.font_awesome %}
diff --git a/templates/posts.sql b/templates/posts.sql
deleted file mode 100644
index 01632033c..000000000
--- a/templates/posts.sql
+++ /dev/null
@@ -1,30 +0,0 @@
-CREATE TABLE IF NOT EXISTS ``posts_{{ board }}`` (
- `id` int(11) unsigned NOT NULL AUTO_INCREMENT,
- `thread` int(11) DEFAULT NULL,
- `subject` varchar(100) DEFAULT NULL,
- `email` varchar(30) DEFAULT NULL,
- `name` varchar(35) DEFAULT NULL,
- `trip` varchar(15) DEFAULT NULL,
- `capcode` varchar(50) DEFAULT NULL,
- `body` text NOT NULL,
- `body_nomarkup` text,
- `time` int(11) NOT NULL,
- `bump` int(11) DEFAULT NULL,
- `files` text DEFAULT NULL,
- `num_files` int(11) DEFAULT 0,
- `filehash` text CHARACTER SET ascii,
- `password` varchar(20) DEFAULT NULL,
- `ip` varchar(39) CHARACTER SET ascii NOT NULL,
- `sticky` int(1) NOT NULL,
- `locked` int(1) NOT NULL,
- `sage` int(1) NOT NULL,
- `embed` text,
- `edited_at` DATETIME NULL,
- UNIQUE KEY `id` (`id`),
- KEY `thread_id` (`thread`,`id`),
- KEY `filehash` (`filehash`(40)),
- KEY `time` (`time`),
- KEY `ip` (`ip`),
- KEY `list_threads` (`thread`, `sticky`, `bump`)
- ) ENGINE=MyISAM DEFAULT CHARSET=utf8mb4 AUTO_INCREMENT=1 ;
-
diff --git a/templates/themes/catalog/theme.php b/templates/themes/catalog/theme.php
index 5b9401679..8c194f74d 100644
--- a/templates/themes/catalog/theme.php
+++ b/templates/themes/catalog/theme.php
@@ -39,11 +39,12 @@ public function build($settings, $board_name) {
$recent_posts = array();
$stats = array();
- $query = query(sprintf("SELECT *, `id` AS `thread_id`,
- (SELECT COUNT(`id`) FROM ``posts_%s`` WHERE `thread` = `thread_id`) AS `reply_count`,
- (SELECT SUM(`num_files`) FROM ``posts_%s`` WHERE `thread` = `thread_id` AND `num_files` IS NOT NULL) AS `image_count`,
- '%s' AS `board` FROM ``posts_%s`` WHERE `thread` IS NULL ORDER BY `bump` DESC",
- $board_name, $board_name, $board_name, $board_name, $board_name)) or error(db_error());
+ $query = prepare("SELECT *, `id` AS `thread_id`,
+ (SELECT COUNT(`id`) FROM ``posts`` WHERE `board` = :board AND `thread` = `thread_id`) AS `reply_count`,
+ (SELECT SUM(`num_files`) FROM ``posts`` WHERE `board` = :board AND `thread` = `thread_id` AND `num_files` IS NOT NULL) AS `image_count`
+ FROM ``posts`` WHERE `board` = :board AND `thread` IS NULL ORDER BY `bump` DESC");
+ $query->bindValue(':board', $board_name);
+ $query->execute() or error(db_error());
while ($post = $query->fetch(PDO::FETCH_ASSOC)) {
$post['link'] = $config['root'] . $board['dir'] . $config['dir']['res'] . sprintf($config['file_page'], ($post['thread'] ? $post['thread'] : $post['id']));
diff --git a/templates/themes/recent/.theme.php.swp b/templates/themes/recent/.theme.php.swp
new file mode 100644
index 000000000..b94ee4935
Binary files /dev/null and b/templates/themes/recent/.theme.php.swp differ
diff --git a/templates/themes/recent/theme.php b/templates/themes/recent/theme.php
index b1153477a..f44d21365 100644
--- a/templates/themes/recent/theme.php
+++ b/templates/themes/recent/theme.php
@@ -38,15 +38,23 @@ public function homepage($settings) {
$boards = listBoards();
- $query = '';
+ $no_boards = true;
+ $first = true;
+ $query = "SELECT * FROM ``posts`` WHERE (";
foreach ($boards as &$_board) {
if (in_array($_board['uri'], $this->excluded))
continue;
- $query .= sprintf("SELECT *, '%s' AS `board` FROM ``posts_%s`` WHERE `files` IS NOT NULL UNION ALL ", $_board['uri'], $_board['uri']);
+ if($first == false) {
+ $query .= ' OR ';
+ }
+ $first = false;
+ $query .= sprintf(" `board` = '%s' ", $_board['uri']);
+
+ $no_boards = false;
}
- $query = preg_replace('/UNION ALL $/', 'ORDER BY `time` DESC LIMIT ' . (int)$settings['limit_images'], $query);
-
- if ($query == '') {
+ $query .= ') AND `files` IS NOT NULL ORDER BY `time` DESC LIMIT ' . (int)$settings['limit_images'];
+
+ if ($no_boards) {
error(_("Can't build the RecentPosts theme, because there are no boards to be fetched."));
}
@@ -79,14 +87,20 @@ public function homepage($settings) {
$recent_images[] = $post;
}
-
- $query = '';
+ $query = "SELECT * FROM ``posts`` WHERE (";
+ $first = true;
foreach ($boards as &$_board) {
if (in_array($_board['uri'], $this->excluded))
continue;
- $query .= sprintf("SELECT *, '%s' AS `board` FROM ``posts_%s`` UNION ALL ", $_board['uri'], $_board['uri']);
+
+ if($first == false) {
+ $query .= ' OR ';
+ }
+ $first = false;
+ $query .= sprintf(" `board` = '%s' ", $_board['uri']);
}
- $query = preg_replace('/UNION ALL $/', 'ORDER BY `time` DESC LIMIT ' . (int)$settings['limit_posts'], $query);
+ $query .= ') ORDER BY `time` DESC LIMIT ' . (int)$settings['limit_posts'];
+
$query = query($query) or error(db_error());
while ($post = $query->fetch(PDO::FETCH_ASSOC)) {
@@ -107,7 +121,7 @@ public function homepage($settings) {
foreach ($boards as &$_board) {
if (in_array($_board['uri'], $this->excluded))
continue;
- $query .= sprintf("SELECT MAX(`id`) AS `top` FROM ``posts_%s`` UNION ALL ", $_board['uri']);
+ $query .= sprintf("SELECT MAX(`id`) AS `top` FROM ``posts`` WHERE `board` = '%s' UNION ALL ", $_board['uri']);
}
$query = preg_replace('/UNION ALL $/', ') AS `posts_all`', $query);
$query = query($query) or error(db_error());
@@ -118,7 +132,7 @@ public function homepage($settings) {
foreach ($boards as &$_board) {
if (in_array($_board['uri'], $this->excluded))
continue;
- $query .= sprintf("SELECT `ip` FROM ``posts_%s`` UNION ALL ", $_board['uri']);
+ $query .= sprintf("SELECT `ip` FROM ``posts`` WHERE `board` = '%s' UNION ALL ", $_board['uri']);
}
$query = preg_replace('/UNION ALL $/', ') AS `posts_all`', $query);
$query = query($query) or error(db_error());
@@ -129,7 +143,7 @@ public function homepage($settings) {
foreach ($boards as &$_board) {
if (in_array($_board['uri'], $this->excluded))
continue;
- $query .= sprintf("SELECT `filesize` FROM ``posts_%s`` UNION ALL ", $_board['uri']);
+ $query .= sprintf("SELECT `filesize` FROM ``posts`` WHERE `board` = '%s' UNION ALL ", $_board['uri']);
}
$query = preg_replace('/UNION ALL $/', ') AS `posts_all`', $query);
$query = query($query) or error(db_error());
diff --git a/templates/themes/sitemap/theme.php b/templates/themes/sitemap/theme.php
index 3e048dd5a..db0736bfd 100644
--- a/templates/themes/sitemap/theme.php
+++ b/templates/themes/sitemap/theme.php
@@ -26,7 +26,9 @@ function sitemap_build($action, $settings, $board) {
$threads = array();
foreach ($boards as $board) {
- $query = query(sprintf("SELECT `id` AS `thread_id`, (SELECT `time` FROM ``posts_%s`` WHERE `thread` = `thread_id` OR `id` = `thread_id` ORDER BY `time` DESC LIMIT 1) AS `lastmod` FROM ``posts_%s`` WHERE `thread` IS NULL", $board, $board)) or error(db_error());
+ $query = prepare("SELECT `id` AS `thread_id`, (SELECT `time` FROM ``posts`` WHERE `board` = :board AND`thread` = `thread_id` OR `id` = `thread_id` ORDER BY `time` DESC LIMIT 1) AS `lastmod` FROM ``posts`` WHERE `board` = :board AND`thread` IS NULL");
+ $query->bindValue(':board', $board);
+ $query->execute() or error(db_error());
$threads[$board] = $query->fetchAll(PDO::FETCH_ASSOC);
}
diff --git a/templates/themes/ukko/theme.php b/templates/themes/ukko/theme.php
index 0f7c3e1a7..e93d50902 100644
--- a/templates/themes/ukko/theme.php
+++ b/templates/themes/ukko/theme.php
@@ -27,13 +27,26 @@ public function build($mod = false) {
'title' => sprintf($this->settings['subtitle'], $this->settings['thread_limit'])
);
- $query = '';
- foreach($boards as &$_board) {
- if(in_array($_board['uri'], explode(' ', $this->settings['exclude'])))
- continue;
- $query .= sprintf("SELECT *, '%s' AS `board` FROM ``posts_%s`` WHERE `thread` IS NULL UNION ALL ", $_board['uri'], $_board['uri']);
+ $query = 'SELECT * FROM ``posts`` WHERE ';
+ if($this->settings['exclude'] != '') {
+ $query .= '( ';
}
- $query = preg_replace('/UNION ALL $/', 'ORDER BY `bump` DESC', $query);
+ $first = true;
+ # It uses `board` != '%s' instead of `board` = '%s' because I'm assuming we
+ # don't want a query with >3000 comparisons
+ foreach ($boards as &$_board) {
+ if (in_array($_board['uri'], explode(' ', $this->settings['exclude']))) {
+ if($first == false) {
+ $query .= ' OR ';
+ }
+ $first = false;
+ $query .= sprintf(" `board` != '%s' ", $_board['uri']);
+ }
+ }
+ if($this->settings['exclude'] != '') {
+ $query .= ') AND ';
+ }
+ $query .= ' `thread` IS NULL ORDER BY `bump` DESC';
$query = query($query) or error(db_error());
$count = 0;
@@ -52,8 +65,9 @@ public function build($mod = false) {
$board['dir'] = $post['board'].'/';
$thread = new Thread($post, $mod ? '?/' : $config['root'], $mod);
- $posts = prepare(sprintf("SELECT * FROM ``posts_%s`` WHERE `thread` = :id ORDER BY `id` DESC LIMIT :limit", $post['board']));
+ $posts = prepare("SELECT * FROM ``posts`` WHERE `board` = :board AND `thread` = :id ORDER BY `id` DESC LIMIT :limit");
$posts->bindValue(':id', $post['id']);
+ $posts->bindValue(':board', $post['board']);
$posts->bindValue(':limit', ($post['sticky'] ? $config['threads_preview_sticky'] : $config['threads_preview']), PDO::PARAM_INT);
$posts->execute() or error(db_error($posts));
@@ -69,8 +83,9 @@ public function build($mod = false) {
}
if ($posts->rowCount() == ($post['sticky'] ? $config['threads_preview_sticky'] : $config['threads_preview'])) {
- $ct = prepare(sprintf("SELECT COUNT(`id`) as `num` FROM ``posts_%s`` WHERE `thread` = :thread UNION ALL SELECT COUNT(`id`) FROM ``posts_%s`` WHERE `files` IS NOT NULL AND `thread` = :thread", $post['board'], $post['board']));
+ $ct = prepare("SELECT COUNT(`id`) as `num` FROM ``posts`` WHERE `board` = :board AND `thread` = :thread UNION ALL SELECT COUNT(`id`) FROM ``posts`` WHERE `board` = :board AND `files` IS NOT NULL AND `thread` = :thread");
$ct->bindValue(':thread', $post['id'], PDO::PARAM_INT);
+ $ct->bindValue(':board', $post['board']);
$ct->execute() or error(db_error($count));
$c = $ct->fetch();
diff --git a/tools/delete-stray-images.php b/tools/delete-stray-images.php
index cf94dfe52..b5b50379f 100755
--- a/tools/delete-stray-images.php
+++ b/tools/delete-stray-images.php
@@ -18,7 +18,9 @@
openBoard($board['uri']);
- $query = query(sprintf("SELECT `file`, `thumb` FROM ``posts_%s`` WHERE `file` IS NOT NULL", $board['uri']));
+ $query = prepare("SELECT `file`, `thumb` FROM ``posts`` WHERE `board` = :board AND `file` IS NOT NULL");
+ $query->bindValue(':board', $board['uri']);
+ $query->execute();
$valid_src = array();
$valid_thumb = array();
diff --git a/tools/rebuild.php b/tools/rebuild.php
index 82df3e193..adeb8ed63 100755
--- a/tools/rebuild.php
+++ b/tools/rebuild.php
@@ -81,7 +81,9 @@
continue; // do no more
if($options['full']) {
- $query = query(sprintf("SELECT `id` FROM ``posts_%s``", $board['uri'])) or error(db_error());
+ $query = prepare("SELECT `id` FROM ``posts`` WHERE `board` = :board");
+ $query->bindValue(':board', $board['uri']);
+ $query->execute() or error(db_error());
while($post = $query->fetch()) {
if(!$options['quiet'])
echo "Rebuilding #{$post['id']}...\n";
@@ -89,7 +91,9 @@
}
}
- $query = query(sprintf("SELECT `id` FROM ``posts_%s`` WHERE `thread` IS NULL", $board['uri'])) or error(db_error());
+ $query = prepare("SELECT `id` FROM ``posts`` WHERE `thread` IS NULL AND `board` = :board");
+ $query->bindValue(':board', $board['uri']);
+ $query->execute() or error(db_error());
while($post = $query->fetch()) {
if(!$options['quiet'])
echo "Rebuilding #{$post['id']}...\n";
diff --git a/tools/recount-bumps.php b/tools/recount-bumps.php
index 06e8ca9f9..c3b8c2501 100644
--- a/tools/recount-bumps.php
+++ b/tools/recount-bumps.php
@@ -9,21 +9,25 @@
}
$board = $argv[1];
-$q = query(sprintf("SELECT `id`, `bump`, `time` FROM ``posts_%s``
- WHERE `thread` IS NULL", $board));
+$q = prepare("SELECT `id`, `bump`, `time` FROM ``posts``
+ WHERE `board` = :board AND `thread` IS NULL");
+$q->bindValue(':board', $board);
+$q->execute();
while ($val = $q->fetch()) {
- $lc = prepare(sprintf('SELECT MAX(`time`) AS `aq` FROM ``posts_%s``
- WHERE ((`thread` = :thread and
- `email` != "sage" ) OR `id` = :thread', $board));
+ $lc = prepare('SELECT MAX(`time`) AS `aq` FROM ``posts``
+ WHERE `board` = :board AND ((`thread` = :thread and
+ `email` != "sage" ) OR `id` = :thread');
+ $lc->bindValue(':board', $board);
$lc->bindValue(":thread", $val['id']);
$lc->execute();
$f = $lc->fetch();
if ($val['bump'] != $f['aq']) {
- $query = prepare(sprintf("UPDATE ``posts_%s`` SET `bump`=:bump
- WHERE `id`=:id", $board));
+ $query = prepare("UPDATE ``posts`` SET `bump`=:bump
+ WHERE `board` = :board AND `id`=:id");
$query->bindValue(":bump", $f['aq']);
+ $query->bindValue(":board", $board);
$query->bindValue(":id", $val['id']);
echo("Thread $val[id] - to be $val[bump] -> $f[aq]\n");
}
diff --git a/tools/stats.php b/tools/stats.php
index cec8d2ab2..be339aff3 100755
--- a/tools/stats.php
+++ b/tools/stats.php
@@ -20,7 +20,9 @@
printf("%10s || ", $f['uri']);
foreach ($variants as $iter) {
list($term, $time) = $iter;
- $qq = query(sprintf("SELECT COUNT(*) as count FROM ``posts_%s`` WHERE time > %d", $f['uri'], time()-$time));
+ $qq = prepare("SELECT COUNT(*) as count FROM ``posts`` WHERE `board` = :board AND time > :time");
+ $qq->bindValue(':board', $f['uri']);
+ $qq->bindValue(':time', time()-$time);
$c = $qq->fetch()['count'];
printf("%8d | ", $c);