From 928a9a96c30f6a245072314b326a92227125b6c6 Mon Sep 17 00:00:00 2001
From: takashi <tak4noreply@example.com>
Date: Tue, 29 Aug 2023 14:38:30 +0000
Subject: [PATCH] 	v0.9.3

- Fix bug "thread-list includes future post".
- Add "spoof post timestamp".
- Remove "autoincrement postid"
- Change fallback-post-title.
- Update default style.
---
 README.md            |  2 +-
 config-default.php   |  1 -
 data-post.php        | 45 ++++++++++++++------------------------------
 public/style.css     | 13 ++++++++-----
 public/theme/076.css |  2 +-
 validate.php         |  4 ++--
 view/post.php        |  2 +-
 7 files changed, 27 insertions(+), 42 deletions(-)

diff --git a/README.md b/README.md
index 01f9b57..71a38c0 100644
--- a/README.md
+++ b/README.md
@@ -1,4 +1,4 @@
-# BIBIS, v0.9.2
+# BIBIS, v0.9.3
 美々蝶々の BBS です。
 
 ## 従属ソフト
diff --git a/config-default.php b/config-default.php
index ff97b6a..28beeb7 100644
--- a/config-default.php
+++ b/config-default.php
@@ -6,7 +6,6 @@ default_config('USERS_TSV', DATA_ROOT . 'users.tsv');
 default_config('LIMIT_TSV', DATA_ROOT . 'repeating-limit.tsv');
 default_config('PROFILE_DIR', DATA_ROOT . 'profile/');
 default_config('POST_DIR', DATA_ROOT . 'post/');
-default_config('POST_LOCK_TXT', DATA_ROOT . 'post-lock.txt');
 default_config('ATTACHMENT_DIR', DATA_ROOT . 'attachment/');
 
 default_config('SITENAME', 'BIBIS');
diff --git a/data-post.php b/data-post.php
index 3bfaf22..4d69e35 100644
--- a/data-post.php
+++ b/data-post.php
@@ -8,7 +8,7 @@
 //  "{$datetime}.id{$id}.us{$userid}.to{未使用}.th{$thread_id}.txt"
 // 内訳:
 //  $datetime: 投稿日時(ISO形式、タイムゾーンは「Z」固定)
-//  $id: 投稿ID(0から始まり1づつ増える・又は・md5ハッシュ)
+//  $id: 投稿ID(md5ハッシュ)
 //  $userid: 投稿者$id (ゲストの場合「-」が入る)
 //  {未使用}: 現在は常に「-」が入る
 //  $thread_id: 返信先スレッドの投稿ID (返信以外なら「-」が入る)
@@ -100,7 +100,7 @@ function get_post_metadata($file, $deleted = false) {
 	if ($thread_id > '') {
 		$thread_title = load_post_title_by_id($thread_id);
 		if (!$thread_title > '') {
-			$thread_title = '無題#' . $thread_id;
+			$thread_title = '無題#' . mb_substr($thread_id, 0, 7);
 		}
 	}
 
@@ -259,21 +259,16 @@ function add_post($userid, $title, $body, $attachment_id, $file_hash, &$post_id_
 	}
 	$text .= '-' . PHP_EOL . $body . PHP_EOL;
 
-	$fp_lock = start_post_lock();
-	if ($fp_lock === false) { return ['ファイルの取得に失敗。']; }
-	if (ENABLE_SPOOF_TIME) {
-		$id = md5(mt_rand(0, 9) . count_post() . $userid . $title . $body);
-	} else {
-		$id = count_post() + 1;
-	}
+	$id = md5(bin2hex(random_bytes(256)) . $userid . $title . $body);
 
 	if ($spooftime) {
 		$dto = new DateTime('+' . (mt_rand(60 * 60 * 3, 60 * 60 * 27 - 1)) . 'seconds');
-		$datetime = $dto->format('Y-m-d\\TH:i:s\\Z');
-		$dto = null;
 	} else {
-		$datetime = date('Y-m-d\\TH:i:s\\Z');
+		$dto = new DateTime();
 	}
+	$datetime = $dto->format('Y-m-d\\TH:i:s\\Z');
+	$timestamp = $dto->getTimestamp();
+	$dto = null;
 	$file = "{$datetime}.id{$id}.us{$userid}.to-.th{$thread_id}.txt";
 
 	if ($body !== '.' || $file_hash === '') {
@@ -290,6 +285,7 @@ function add_post($userid, $title, $body, $attachment_id, $file_hash, &$post_id_
 	if ($result === false) { return ['書き込みの保存に失敗。']; }
 
 	@chmod(POST_DIR . $file, 0600);
+	@touch(POST_DIR . $file, $timestamp, $timestamp);
 
 	if ($body !== '.' || $file_hash === '') {
 		add_repeating_info(make_repeating_info($body, $datetime));
@@ -298,9 +294,6 @@ function add_post($userid, $title, $body, $attachment_id, $file_hash, &$post_id_
 		add_repeating_info(make_repeating_info($body, $datetime, $file_hash));
 	}
 
-	end_post_lock($fp_lock); // ここのエラーは無視
-	$fp_lock = null;
-
 	$post_id_ref = $id;
 	return [];
 }
@@ -371,7 +364,11 @@ function load_threads() {
 	$threads = [];
 
 	foreach ($files as $filepath) {
-		$thread_id = get_post_metadata(basename($filepath))['thread_id'];
+		$metadata = get_post_metadata(basename($filepath));
+		$is_future = $metadata['is_future'];
+		$thread_id = $metadata['thread_id'];
+		$metadata = null;
+		if ($is_future) { continue; }
 		if ($thread_id === '') { continue; }
 
 		if (isset($threads[$thread_id])) {
@@ -387,7 +384,7 @@ function load_threads() {
 			$thread['title'] = $parent['title'];
 		}
 		else {
-			$thread['title'] = '無題#' . $thread_id;
+			$thread['title'] = '無題#' . mb_substr($thread_id, 0, 7);
 		}
 		$thread['detail_url'] = $parent['detail_url'];
 
@@ -470,20 +467,6 @@ function check_repeating_info($body, $datetime, $file_hash = '') {
 
 // Util
 
-function start_post_lock() {
-	$fp = @fopen(POST_LOCK_TXT, 'w');
-	if ($fp === false || !flock($fp, LOCK_EX)) { return false; }
-	return $fp;
-}
-
-function end_post_lock($fp) {
-	if (!fwrite($fp, '') || !fflush($fp)) { return false; }
-	@flock($fp, LOCK_UN);
-	@fclose($fp);
-
-	return true;
-}
-
 function count_post() {
 	$pattern = '2*Z*.txt';
 	$files = glob(POST_DIR . '2*Z*.txt');
diff --git a/public/style.css b/public/style.css
index 1f18099..71e3ea8 100644
--- a/public/style.css
+++ b/public/style.css
@@ -1,5 +1,5 @@
 /** theme: default **/
-/** bibis-version: 0.9.2 **/
+/** bibis-version: 0.9.3 **/
 /*
 Copying and distribution of this file, with or without modification,
 are permitted in any medium without royalty provided the copyright
@@ -58,15 +58,17 @@ ul
 
 dd ul
 	{
-	border-bottom: thin solid #000;
-	border-top: thin solid #000;
-	margin: 0.5em 0;
+	background: #12110c;
+	border-bottom: thin solid #12110c;
+	border-top: thin solid #12110c;
+	color: #fff;
+	margin: 0.5em 0 0;
 	}
 
 dl
 	{
 	display: block; /*dillo*/
-	padding: 0.5em 1em;
+	padding: 0.5em 1em 0;
 	}
 
 dt
@@ -77,6 +79,7 @@ dt
 dd
 	{
 	clear: both; /* see: .post-time */
+	padding-bottom: 0.5em;
 	}
 
 p
diff --git a/public/theme/076.css b/public/theme/076.css
index d3d56c4..1289712 100644
--- a/public/theme/076.css
+++ b/public/theme/076.css
@@ -1,5 +1,5 @@
 /** theme: 076-like **/
-/** bibis-version: 0.9.2 **/
+/** bibis-version: 0.9.3 **/
 /*
 Copying and distribution of this file, with or without modification,
 are permitted in any medium without royalty provided the copyright
diff --git a/validate.php b/validate.php
index 5e628be..c84d6f1 100644
--- a/validate.php
+++ b/validate.php
@@ -39,8 +39,8 @@ function sanitize_bio($s) {
 
 function validate_post_id($s) {
 	if (
-		((string)(int)$s !== $s || $s < 0)
-		&& !preg_match('/[0-9a-z]{32}/', $s)
+		((string)(int)$s !== $s || $s < 0) // <= v0.9.2
+		&& !preg_match('/[0-9a-z]{32}/', $s) // >= v0.9.2
 	) {
 		return ['投稿 ID が不正。'];
 	}
diff --git a/view/post.php b/view/post.php
index 7f88ac0..c1a2515 100644
--- a/view/post.php
+++ b/view/post.php
@@ -11,7 +11,7 @@ $total_view = $total > 1 ? " ($total)" : '';
 <?php if ($title > ''): ?>
 <h2>件名:<?= htmlspecialchars("$title{$total_view}") ?></h2>
 <?php elseif ($post['thread_id'] <= ''): ?>
-<h2><?= htmlspecialchars("無題#{$post['id']}{$total_view}") ?></h2>
+<h2><?= htmlspecialchars('無題#' . mb_substr($post['id'], 0, 7) . $total_view) ?></h2>
 <?php endif; ?>
 <?php
 view_post($post, ['res_num' => $post['thread_id'] > '' ? 0 : 1, 'is_single' => true, 'link_to_thread' => true]);