From bcef3fbc8ff86d7f072e0d552d1033e1f5ab9573 Mon Sep 17 00:00:00 2001
From: Shish <shish@shishnet.org>
Date: Mon, 29 Aug 2016 09:21:23 +0100
Subject: [PATCH 01/36] have tag sanitisation process ignore tags which are too
 long, fixes #565

---
 core/imageboard.pack.php | 5 +++++
 ext/tag_edit/test.php    | 7 +++++++
 2 files changed, 12 insertions(+)

diff --git a/core/imageboard.pack.php b/core/imageboard.pack.php
index b619f3d5..0827b411 100644
--- a/core/imageboard.pack.php
+++ b/core/imageboard.pack.php
@@ -1102,6 +1102,11 @@ class Tag {
 			$tag = preg_replace("/^(\.+[\/\\\\])+/", "", $tag);   # trailing slashes?
 			$tag = trim($tag, ", \t\n\r\0\x0B");
 
+			if(mb_strlen($tag, 'UTF-8') > 255){
+				flash_message("The tag below is longer than 255 characters, please use a shorter tag.\n$tag\n");
+				continue;
+			}
+
 			if(!empty($tag)) {
 				$tag_array[] = $tag;
 			}
diff --git a/ext/tag_edit/test.php b/ext/tag_edit/test.php
index 498d29f4..8099a702 100644
--- a/ext/tag_edit/test.php
+++ b/ext/tag_edit/test.php
@@ -21,6 +21,13 @@ class TagEditTest extends ShimmiePHPUnitTestCase {
 		$this->log_out();
 	}
 
+	public function testTagEdit_tooLong() {
+		$this->log_in_as_user();
+		$image_id = $this->post_image("tests/pbx_screenshot.jpg", str_repeat("a", 500));
+		$this->get_page("post/view/$image_id");
+		$this->assert_title("Image $image_id: tagme");
+	}
+
 	public function testSourceEdit() {
 		$this->log_in_as_user();
 		$image_id = $this->post_image("tests/pbx_screenshot.jpg", "pbx");

From bb64d12d9d71bb79d5ab0a57882353a09fd085af Mon Sep 17 00:00:00 2001
From: im-mi <im.mi.mail.mi@gmail.com>
Date: Thu, 1 Sep 2016 00:35:52 -0400
Subject: [PATCH 02/36] Use TextFormattingEvent instead of raw BBCode formatter

---
 ext/pools/theme.php | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/ext/pools/theme.php b/ext/pools/theme.php
index 5edb3625..65194103 100644
--- a/ext/pools/theme.php
+++ b/ext/pools/theme.php
@@ -154,8 +154,9 @@ class PoolsTheme extends Themelet {
 				}
 			}
 
-			$bb = new BBCode();
-			$page->add_block(new Block(html_escape($pool['title']), $bb->format($pool['description']), "main", 10));
+			$tfe = new TextFormattingEvent($pool['description']);
+			send_event($tfe);
+			$page->add_block(new Block(html_escape($pool['title']), $tfe->formatted, "main", 10));
 		}
 	}
 

From 10e8fc50d3ae1a282aa5789bdd6b119888728af0 Mon Sep 17 00:00:00 2001
From: im-mi <im.mi.mail.mi@gmail.com>
Date: Thu, 1 Sep 2016 03:23:52 -0400
Subject: [PATCH 03/36] Fix "starts-with" header in tag list when escaping
 required

This fixes the "starts-with" headers* on the tags/alphabetic page. Before, the headers would be wrong if they started with an escaped character.

This also escapes the resulting header so that it no longer generates invalid HTML in such cases.

* Note that these headers are only visible when paged tag lists is disabled.
---
 ext/tag_list/main.php | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/ext/tag_list/main.php b/ext/tag_list/main.php
index aff12bb6..c97ebac4 100644
--- a/ext/tag_list/main.php
+++ b/ext/tag_list/main.php
@@ -297,13 +297,15 @@ class TagList extends Extension {
 		
 		$lastLetter = "";
 		foreach($tag_data as $row) {
-			$h_tag = html_escape($row['tag']);
-			$count = $row['count'];
-			if($lastLetter != mb_strtolower(substr($h_tag, 0, count($starts_with)+1))) {
-				$lastLetter = mb_strtolower(substr($h_tag, 0, count($starts_with)+1));
-				$html .= "<p>$lastLetter<br>";
+			$tag = $row['tag'];
+			if($lastLetter != mb_strtolower(substr($tag, 0, count($starts_with)+1))) {
+				$lastLetter = mb_strtolower(substr($tag, 0, count($starts_with)+1));
+				$h_lastLetter = html_escape($lastLetter); 
+				$html .= "<p>$h_lastLetter<br>";
 			}
-			$link = $this->tag_link($row['tag']);
+			$link = $this->tag_link($tag);
+			$h_tag = html_escape($tag);
+			$count = $row['count'];
 			$html .= "<a href='$link'>$h_tag&nbsp;($count)</a>\n";
 		}
 

From b554e7505bda81b4a9417982f5fa6e1647e2b1e4 Mon Sep 17 00:00:00 2001
From: im-mi <im.mi.mail.mi@gmail.com>
Date: Thu, 1 Sep 2016 21:57:53 -0400
Subject: [PATCH 04/36] Added zoom support to webm

---
 ext/handle_video/theme.php | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/ext/handle_video/theme.php b/ext/handle_video/theme.php
index 159283b1..171582d5 100644
--- a/ext/handle_video/theme.php
+++ b/ext/handle_video/theme.php
@@ -42,7 +42,12 @@ class VideoFileHandlerTheme extends Themelet {
 				$html .= $html_fallback;
 			} else {
 				$html .= "
-					<video controls " . ($autoplay ? 'autoplay' : '') . " width=\"100%\" " . ($loop ? 'loop' : '') . ">
+					<video controls class='shm-main-image' id='main_image' alt='main image'"
+						. ($autoplay ? ' autoplay' : '')
+						. ($loop ? ' loop' : '')
+						. " data-width='{$image->width}' "
+						. " data-height='{$image->height}'>
+
 						<source src='{$ilink}' type='{$supportedExts[$ext]}'>
 
 						<!-- If browser doesn't support filetype, fallback to flash -->

From eeb0c2b9741d729aa963761d86ec5b0ffcd57226 Mon Sep 17 00:00:00 2001
From: im-mi <im.mi.mail.mi@gmail.com>
Date: Fri, 2 Sep 2016 00:36:34 -0400
Subject: [PATCH 05/36] Only allow click-to-zoom on img

---
 ext/handle_pixel/script.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ext/handle_pixel/script.js b/ext/handle_pixel/script.js
index b85094cc..1857c178 100644
--- a/ext/handle_pixel/script.js
+++ b/ext/handle_pixel/script.js
@@ -28,7 +28,7 @@ $(function() {
 		zoom(this.options[this.selectedIndex].value);
 	});
 
-	$(".shm-main-image").click(function(e) {
+	$("img.shm-main-image").click(function(e) {
 		switch(Cookies.get("ui-image-zoom")) {
 			case "full": zoom("width"); break;
 			default: zoom("full"); break;

From f26fc5925b405c745c34b47ff13c486bb962dfbc Mon Sep 17 00:00:00 2001
From: im-mi <im.mi.mail.mi@gmail.com>
Date: Thu, 1 Sep 2016 23:08:28 -0400
Subject: [PATCH 06/36] Added zoom support to ico

---
 ext/handle_ico/theme.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/ext/handle_ico/theme.php b/ext/handle_ico/theme.php
index aa092709..3741096f 100644
--- a/ext/handle_ico/theme.php
+++ b/ext/handle_ico/theme.php
@@ -4,7 +4,8 @@ class IcoFileHandlerTheme extends Themelet {
 	public function display_image(Page $page, Image $image) {
 		$ilink = make_link("get_ico/{$image->id}/{$image->id}.ico");
 		$html = "
-			<img id='main_image' src='$ilink'>
+			<img id='main_image' class='shm-main-image' alt='main image' src='$ilink'
+			data-width='{$image->width}' data-height='{$image->height}'>
 		";
 		$page->add_block(new Block("Image", $html, "main", 10));
 	}

From 84dbc3abff595a4781169bdc6945546cb69bff7f Mon Sep 17 00:00:00 2001
From: im-mi <im.mi.mail.mi@gmail.com>
Date: Thu, 1 Sep 2016 22:48:33 -0400
Subject: [PATCH 07/36] Re-apply zoom upon window resize

---
 ext/handle_pixel/script.js | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/ext/handle_pixel/script.js b/ext/handle_pixel/script.js
index 1857c178..16faa878 100644
--- a/ext/handle_pixel/script.js
+++ b/ext/handle_pixel/script.js
@@ -27,6 +27,11 @@ $(function() {
 	$(".shm-zoomer").change(function(e) {
 		zoom(this.options[this.selectedIndex].value);
 	});
+	$(window).resize(function(e) {
+		$(".shm-zoomer").each(function (e) {
+			zoom(this.options[this.selectedIndex].value)
+		});
+	});
 
 	$("img.shm-main-image").click(function(e) {
 		switch(Cookies.get("ui-image-zoom")) {

From 35d2f8682ccfd91b725b41b6f70317b7d8ef3750 Mon Sep 17 00:00:00 2001
From: im-mi <im.mi.mail.mi@gmail.com>
Date: Thu, 1 Sep 2016 23:34:18 -0400
Subject: [PATCH 08/36] Don't save zoom mode cookie upon window resize

---
 ext/handle_pixel/script.js | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/ext/handle_pixel/script.js b/ext/handle_pixel/script.js
index 16faa878..e127e42f 100644
--- a/ext/handle_pixel/script.js
+++ b/ext/handle_pixel/script.js
@@ -1,5 +1,7 @@
 $(function() {
-	function zoom(zoom_type) {
+	function zoom(zoom_type, save_cookie) {
+		save_cookie = save_cookie === undefined ? true : save_cookie;
+		
 		var img = $('.shm-main-image');
 		
 		if(zoom_type == "full") {
@@ -21,7 +23,9 @@ $(function() {
 		
 		$(".shm-zoomer").val(zoom_type);
 		
-		Cookies.set("ui-image-zoom", zoom_type, {expires: 365});
+		if (save_cookie) {
+			Cookies.set("ui-image-zoom", zoom_type, {expires: 365});
+		}
 	}
 
 	$(".shm-zoomer").change(function(e) {
@@ -29,7 +33,7 @@ $(function() {
 	});
 	$(window).resize(function(e) {
 		$(".shm-zoomer").each(function (e) {
-			zoom(this.options[this.selectedIndex].value)
+			zoom(this.options[this.selectedIndex].value, false)
 		});
 	});
 

From 49d6fa99da2e52f3db89fd84802049f1dfa7c58c Mon Sep 17 00:00:00 2001
From: im-mi <im.mi.mail.mi@gmail.com>
Date: Fri, 2 Sep 2016 05:08:58 -0400
Subject: [PATCH 09/36] Clear the mass tagger's selection on load .. in case it
 was autocompleted by the browser.

---
 ext/mass_tagger/script.js | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/ext/mass_tagger/script.js b/ext/mass_tagger/script.js
index 7a028e01..26b3e61c 100644
--- a/ext/mass_tagger/script.js
+++ b/ext/mass_tagger/script.js
@@ -34,3 +34,8 @@ function toggle_tag( button, id ) {
 		list.val(string);
 	}
 }
+
+$(function () {
+	// Clear the selection, in case it was autocompleted by the browser.
+	$('#mass_tagger_ids').val("");
+});

From d2540a9619670e10eca8d9cec6bf2abefc955837 Mon Sep 17 00:00:00 2001
From: im-mi <im.mi.mail.mi@gmail.com>
Date: Fri, 2 Sep 2016 05:14:55 -0400
Subject: [PATCH 10/36] Use CSS for mass tagger button styling

---
 ext/mass_tagger/script.js | 4 ++--
 ext/mass_tagger/style.css | 3 +++
 2 files changed, 5 insertions(+), 2 deletions(-)
 create mode 100644 ext/mass_tagger/style.css

diff --git a/ext/mass_tagger/script.js b/ext/mass_tagger/script.js
index 26b3e61c..0e4dbcd9 100644
--- a/ext/mass_tagger/script.js
+++ b/ext/mass_tagger/script.js
@@ -24,12 +24,12 @@ function toggle_tag( button, id ) {
     var string = list.val();
     
     if( (string.indexOf(id) == 0) || (string.indexOf(":"+id) > -1) ) {
-		$(button).css('border', 'none');
+		$(button).removeClass('mass-tagger-selected');
 		string = string.replace(id, '');
 		list.val(string);
 	}
 	else {
-		$(button).css('border', '3px solid blue');
+		$(button).addClass('mass-tagger-selected');
 		string += id;
 		list.val(string);
 	}
diff --git a/ext/mass_tagger/style.css b/ext/mass_tagger/style.css
new file mode 100644
index 00000000..c0a2ea6c
--- /dev/null
+++ b/ext/mass_tagger/style.css
@@ -0,0 +1,3 @@
+.mass-tagger-selected {
+	border: 3px solid blue;
+}
\ No newline at end of file

From 15ffdff3875828ee61dae665b765cefbde274ffa Mon Sep 17 00:00:00 2001
From: im-mi <im.mi.mail.mi@gmail.com>
Date: Fri, 2 Sep 2016 02:16:07 -0400
Subject: [PATCH 11/36] Fix .ico when size is 256 x 256

---
 ext/handle_ico/main.php | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/ext/handle_ico/main.php b/ext/handle_ico/main.php
index 83cd9d56..8bb9932f 100644
--- a/ext/handle_ico/main.php
+++ b/ext/handle_ico/main.php
@@ -72,8 +72,10 @@ class IcoFileHandler extends Extension {
 		$subheader = unpack("cwidth/cheight/ccolours/cnull/splanes/sbpp/lsize/loffset", fread($fp, 16));
 		fclose($fp);
 
-		$image->width = $subheader['width'];
-		$image->height = $subheader['height'];
+		$width = $subheader['width'];
+		$height = $subheader['height'];
+		$image->width = width == 0 ? 256 : width;
+		$image->height = height == 0 ? 256 : height;
 
 		$image->filesize  = $metadata['size'];
 		$image->hash      = $metadata['hash'];

From 3051334d8f153862a3e1b1a6de65c08b31ede52d Mon Sep 17 00:00:00 2001
From: Shish <shish@shishnet.org>
Date: Fri, 2 Sep 2016 16:19:02 +0100
Subject: [PATCH 12/36] be explicit that variables are variables

---
 ext/handle_ico/main.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/ext/handle_ico/main.php b/ext/handle_ico/main.php
index 8bb9932f..4e53c249 100644
--- a/ext/handle_ico/main.php
+++ b/ext/handle_ico/main.php
@@ -74,8 +74,8 @@ class IcoFileHandler extends Extension {
 
 		$width = $subheader['width'];
 		$height = $subheader['height'];
-		$image->width = width == 0 ? 256 : width;
-		$image->height = height == 0 ? 256 : height;
+		$image->width = $width == 0 ? 256 : $width;
+		$image->height = $height == 0 ? 256 : $height;
 
 		$image->filesize  = $metadata['size'];
 		$image->hash      = $metadata['hash'];

From 17f71094f22106a4baf760b6f55a0c627ab7e6f2 Mon Sep 17 00:00:00 2001
From: im-mi <im.mi.mail.mi@gmail.com>
Date: Sat, 3 Sep 2016 04:39:40 -0400
Subject: [PATCH 13/36] Use the size of the outermost svg element ... in case
 there are nested svg elements.

---
 ext/handle_svg/main.php | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/ext/handle_svg/main.php b/ext/handle_svg/main.php
index 872d59d4..6db9ad1d 100644
--- a/ext/handle_svg/main.php
+++ b/ext/handle_svg/main.php
@@ -101,6 +101,9 @@ class MiniSVGParser {
 	/** @var int */
 	public $height=0;
 
+	/** @var int */
+	private $xml_depth=0;
+
 	/** @param string $file */
 	function __construct($file) {
 		$xml_parser = xml_parser_create();
@@ -110,13 +113,15 @@ class MiniSVGParser {
 	}
 
 	function startElement($parser, $name, $attrs) {
-		if($name == "SVG") {
+		if($name == "SVG" && $this->xml_depth == 0) {
 			$this->width = int_escape($attrs["WIDTH"]);
 			$this->height = int_escape($attrs["HEIGHT"]);
 		}
+		$this->xml_depth++;
 	}
 
 	function endElement($parser, $name) {
+		$this->xml_depth--;
 	}
 }
 

From d9903a969d2b2d6479a07994290013fa9980f68c Mon Sep 17 00:00:00 2001
From: im-mi <im.mi.mail.mi@gmail.com>
Date: Sat, 3 Sep 2016 04:50:15 -0400
Subject: [PATCH 14/36] Added zoom support to svg

---
 ext/handle_svg/theme.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/ext/handle_svg/theme.php b/ext/handle_svg/theme.php
index 76d76aa3..8e87ee1d 100644
--- a/ext/handle_svg/theme.php
+++ b/ext/handle_svg/theme.php
@@ -5,8 +5,8 @@ class SVGFileHandlerTheme extends Themelet {
 		$ilink = make_link("get_svg/{$image->id}/{$image->id}.svg");
 //		$ilink = $image->get_image_link();
 		$html = "
-			<object data='$ilink' type='image/svg+xml' width='{$image->width}' height='{$image->height}'>
-			    <embed src='$ilink' type='image/svg+xml' width='{$image->width}' height='{$image->height}' />
+			<object data='$ilink' type='image/svg+xml' data-width='{$image->width}' data-height='{$image->height}' id='main_image' class='shm-main-image'>
+				<embed src='$ilink' type='image/svg+xml' />
 			</object>
 		";
 		$page->add_block(new Block("Image", $html, "main", 10));

From d39b084537135b6cdff91f067834f4532b4e2fdf Mon Sep 17 00:00:00 2001
From: im-mi <im.mi.mail.mi@gmail.com>
Date: Sat, 3 Sep 2016 13:37:26 -0400
Subject: [PATCH 15/36] Properly end attribute list of tag on upload form

---
 ext/upload/theme.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ext/upload/theme.php b/ext/upload/theme.php
index 76c6e438..b041e5b0 100644
--- a/ext/upload/theme.php
+++ b/ext/upload/theme.php
@@ -59,7 +59,7 @@ class UploadTheme extends Themelet {
 				$upload_list .= "
 					<tr>
 						<td colspan='2'><input type='file' name='data$i'></td>
-						<td colspan='2'><input type='text' name='url$i'</td>
+						<td colspan='2'><input type='text' name='url$i'></td>
 						<td colspan='2'><input type='text' name='tags$i' class='autocomplete_tags' autocomplete='off'></td>
 					</tr>
 				";

From 10d47409adf897e86015856a7c8b2e9a22f0cf85 Mon Sep 17 00:00:00 2001
From: im-mi <im.mi.mail.mi@gmail.com>
Date: Sat, 3 Sep 2016 13:48:20 -0400
Subject: [PATCH 16/36] Added doctype to home page

---
 ext/home/theme.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/ext/home/theme.php b/ext/home/theme.php
index 7abe784f..07ef10a2 100644
--- a/ext/home/theme.php
+++ b/ext/home/theme.php
@@ -6,6 +6,7 @@ class HomeTheme extends Themelet {
 		$page->add_auto_html_headers();
 		$hh = $page->get_all_html_headers();
 		$page->set_data(<<<EOD
+<!doctype html>
 <html>
 	<head>
 		<title>$sitename</title>

From ac53fe52dec4a1fd85093530bd1a96b24d609981 Mon Sep 17 00:00:00 2001
From: im-mi <im.mi.mail.mi@gmail.com>
Date: Sat, 3 Sep 2016 14:06:15 -0400
Subject: [PATCH 17/36] Removed obsolete language specification from <script>

---
 ext/pools/theme.php | 6 +++---
 ext/setup/main.php  | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/ext/pools/theme.php b/ext/pools/theme.php
index 65194103..78b6699b 100644
--- a/ext/pools/theme.php
+++ b/ext/pools/theme.php
@@ -215,7 +215,7 @@ class PoolsTheme extends Themelet {
 
 		if($user->id == $pool['user_id'] || $user->is_admin()){
 			$editor .= "
-				<script language='javascript' type='text/javascript'>
+				<script type='text/javascript'>
 				<!--
 				function confirm_action() {
 					return confirm('Are you sure that you want to delete this pool?');
@@ -232,7 +232,7 @@ class PoolsTheme extends Themelet {
 
 		if($check_all) {
 			$editor .= "
-				<script language='javascript' type='text/javascript'>
+				<script type='text/javascript'>
 				<!--
 				function setAll(value) {
 					$('[name=\"check[]\"]').attr('checked', value);
@@ -258,7 +258,7 @@ class PoolsTheme extends Themelet {
 
 		$this->display_top($pool, "Importing Posts", true);
 		$pool_images = "
-			<script language='javascript' type='text/javascript'>
+			<script type='text/javascript'>
 			<!--
 			function confirm_action() {
 				return confirm('Are you sure you want to add selected posts to this pool?');
diff --git a/ext/setup/main.php b/ext/setup/main.php
index 751b202f..6bef9dcf 100644
--- a/ext/setup/main.php
+++ b/ext/setup/main.php
@@ -262,7 +262,7 @@ class Setup extends Extension {
                 $full = (@$_SERVER["HTTPS"] ? "https://" : "http://") . $host . $_SERVER["PHP_SELF"];
 		$test_url = str_replace("/index.php", "/nicetest", $full);
 
-		$nicescript = "<script language='javascript'>
+		$nicescript = "<script type='text/javascript'>
 			function getHTTPObject() {
 				if (window.XMLHttpRequest){
 					return new XMLHttpRequest();

From 91fea63319ae370149c82fba2b10a94e5f3a6122 Mon Sep 17 00:00:00 2001
From: im-mi <im.mi.mail.mi@gmail.com>
Date: Sat, 3 Sep 2016 14:24:51 -0400
Subject: [PATCH 18/36] Removed stray end tag

---
 ext/image_view_counter/main.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ext/image_view_counter/main.php b/ext/image_view_counter/main.php
index 8cd9d409..95613632 100644
--- a/ext/image_view_counter/main.php
+++ b/ext/image_view_counter/main.php
@@ -37,7 +37,7 @@ class ImageViewCounter extends Extension {
 			$event->add_part(
 				"<tr><th>Views:</th><td>". 
 				$this->get_view_count($event->image->id) .
-				"</th></tr>", 38);
+				"</tr>", 38);
 	}
 
 	# Installs DB table

From e5cfea028ac07973942de9d3ee5a5b432122543f Mon Sep 17 00:00:00 2001
From: im-mi <im.mi.mail.mi@gmail.com>
Date: Sat, 3 Sep 2016 14:43:23 -0400
Subject: [PATCH 19/36] Fixed mass source set's broken dialog

---
 ext/tag_edit/theme.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ext/tag_edit/theme.php b/ext/tag_edit/theme.php
index 5536a8bf..498cfcd1 100644
--- a/ext/tag_edit/theme.php
+++ b/ext/tag_edit/theme.php
@@ -24,7 +24,7 @@ class TagEditTheme extends Themelet {
 		$html = make_form(make_link("tag_edit/mass_source_set"), "POST") . "
 				<input type='hidden' name='tags' value='$h_terms'>
 				<input type='text' name='source' value=''>
-				<input type='submit' value='Set Source For All' onclick='return confirm(\"This will mass-edit all sources on the page.\nAre you sure you want to do this?\")'>
+				<input type='submit' value='Set Source For All' onclick='return confirm(\"This will mass-edit all sources on the page.\\nAre you sure you want to do this?\")'>
 			</form>
 		";
 		return $html;

From 73ff0e669d7ef19e36f74d8b9bafe65657a0b9c0 Mon Sep 17 00:00:00 2001
From: im-mi <im.mi.mail.mi@gmail.com>
Date: Tue, 6 Sep 2016 08:34:20 -0400
Subject: [PATCH 20/36] Use generic NavBlock instead of "Index" block on pool
 pages

---
 ext/pools/theme.php | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/ext/pools/theme.php b/ext/pools/theme.php
index 65194103..b02b8bec 100644
--- a/ext/pools/theme.php
+++ b/ext/pools/theme.php
@@ -136,14 +136,13 @@ class PoolsTheme extends Themelet {
 		$page->set_title($heading);
 		$page->set_heading($heading);
 
-		$nav_html = '<a href="'.make_link().'">Index</a>';
 		$poolnav_html = '
 			<a href="'.make_link("pool/list").'">Pool Index</a>
 			<br><a href="'.make_link("pool/new").'">Create Pool</a>
 			<br><a href="'.make_link("pool/updated").'">Pool Changes</a>
 		';
 
-		$page->add_block(new Block($nav_html, null, "left", 5, "indexnavleft"));
+		$page->add_block(new NavBlock());
 		$page->add_block(new Block("Pool Navigation", $poolnav_html, "left", 10));
 
 		if(count($pools) == 1) {

From e8c6f655b074c600382e0a0b3455258fe4a434a5 Mon Sep 17 00:00:00 2001
From: im-mi <im.mi.mail.mi@gmail.com>
Date: Wed, 7 Sep 2016 08:41:33 -0400
Subject: [PATCH 21/36] Don't use javascript for pool search placeholder

---
 ext/pools/theme.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ext/pools/theme.php b/ext/pools/theme.php
index 65194103..a792a05f 100644
--- a/ext/pools/theme.php
+++ b/ext/pools/theme.php
@@ -195,7 +195,7 @@ class PoolsTheme extends Themelet {
 		global $user;
 
 		$editor = "\n".make_form( make_link('pool/import') ).'
-				<input type="text" name="pool_tag" id="edit_pool_tag" value="Please enter a tag" onclick="this.value=\'\';"/>
+				<input type="text" name="pool_tag" id="edit_pool_tag" placeholder="Please enter a tag"/>
 				<input type="submit" name="edit" id="edit_pool_import_btn" value="Import"/>
 				<input type="hidden" name="pool_id" value="'.$pool['id'].'">
 			</form>

From e110b558b886c9ce2db08bfe55b598c9adbf166f Mon Sep 17 00:00:00 2001
From: im-mi <im.mi.mail.mi@gmail.com>
Date: Sun, 11 Sep 2016 23:26:20 -0400
Subject: [PATCH 22/36] Hide the rating editor outside of edit mode

---
 ext/rating/theme.php | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/ext/rating/theme.php b/ext/rating/theme.php
index 889988d6..756304e8 100644
--- a/ext/rating/theme.php
+++ b/ext/rating/theme.php
@@ -10,13 +10,17 @@ class RatingsTheme extends Themelet {
 		$s_checked = $rating == 's' ? " checked" : "";
 		$q_checked = $rating == 'q' ? " checked" : "";
 		$e_checked = $rating == 'e' ? " checked" : "";
+		$human_rating = Ratings::rating_to_human($rating);
 		$html = "
 			<tr>
 				<th>Rating</th>
 				<td>
-					<input type='radio' name='rating' value='s' id='s'$s_checked><label for='s'>Safe</label>
-					<input type='radio' name='rating' value='q' id='q'$q_checked><label for='q'>Questionable</label>
-					<input type='radio' name='rating' value='e' id='e'$e_checked><label for='e'>Explicit</label>
+					<span class='view'>$human_rating</span>
+					<span class='edit'>
+						<input type='radio' name='rating' value='s' id='s'$s_checked><label for='s'>Safe</label>
+						<input type='radio' name='rating' value='q' id='q'$q_checked><label for='q'>Questionable</label>
+						<input type='radio' name='rating' value='e' id='e'$e_checked><label for='e'>Explicit</label>
+					</span>
 				</td>
 			</tr>
 		";

From 001a1176cce84d46dd94c2487db49d4c8ea52f5a Mon Sep 17 00:00:00 2001
From: im-mi <im.mi.mail.mi@gmail.com>
Date: Sun, 11 Sep 2016 23:34:56 -0400
Subject: [PATCH 23/36] Show image rating in image info box even when not
 logged in

---
 ext/rating/main.php | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/ext/rating/main.php b/ext/rating/main.php
index 22b331d8..2dc8b189 100644
--- a/ext/rating/main.php
+++ b/ext/rating/main.php
@@ -103,9 +103,7 @@ class Ratings extends Extension {
 	}
 	
 	public function onImageInfoBoxBuilding(ImageInfoBoxBuildingEvent $event) {
-		if($this->can_rate()) {
-			$event->add_part($this->theme->get_rater_html($event->image->id, $event->image->rating), 80);
-		}
+		$event->add_part($this->theme->get_rater_html($event->image->id, $event->image->rating), 80);
 	}
 	
 	public function onImageInfoSet(ImageInfoSetEvent $event) {

From 4dcee0eede9c3830a4af737ffa78764f182f3c80 Mon Sep 17 00:00:00 2001
From: im-mi <im.mi.mail.mi@gmail.com>
Date: Sun, 11 Sep 2016 23:32:13 -0400
Subject: [PATCH 24/36] Removed trailing period from "Parent: None." for
 consistency

---
 ext/relatationships/theme.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ext/relatationships/theme.php b/ext/relatationships/theme.php
index abc4302e..c53483c1 100644
--- a/ext/relatationships/theme.php
+++ b/ext/relatationships/theme.php
@@ -30,7 +30,7 @@ class RelationshipsTheme extends Themelet {
 		global $user;
 
 		$h_parent_id = $image->parent_id;
-		$s_parent_id = $h_parent_id ?: "None.";
+		$s_parent_id = $h_parent_id ?: "None";
 
 		$html = "<tr>\n".
 		        "	<th>Parent</th>\n".

From 3e52e332dec0fbb90375ac1f8846e4c67c126ca6 Mon Sep 17 00:00:00 2001
From: im-mi <im.mi.mail.mi@gmail.com>
Date: Tue, 13 Sep 2016 02:10:48 -0400
Subject: [PATCH 25/36] Only show image rater if user can rate

---
 ext/rating/main.php  | 2 +-
 ext/rating/theme.php | 6 +++++-
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/ext/rating/main.php b/ext/rating/main.php
index 2dc8b189..c3018331 100644
--- a/ext/rating/main.php
+++ b/ext/rating/main.php
@@ -103,7 +103,7 @@ class Ratings extends Extension {
 	}
 	
 	public function onImageInfoBoxBuilding(ImageInfoBoxBuildingEvent $event) {
-		$event->add_part($this->theme->get_rater_html($event->image->id, $event->image->rating), 80);
+		$event->add_part($this->theme->get_rater_html($event->image->id, $event->image->rating, $this->can_rate()), 80);
 	}
 	
 	public function onImageInfoSet(ImageInfoSetEvent $event) {
diff --git a/ext/rating/theme.php b/ext/rating/theme.php
index 756304e8..d3836c5d 100644
--- a/ext/rating/theme.php
+++ b/ext/rating/theme.php
@@ -6,7 +6,7 @@ class RatingsTheme extends Themelet {
 	 * @param string $rating
 	 * @return string
 	 */
-	public function get_rater_html(/*int*/ $image_id, /*string*/ $rating) {
+	public function get_rater_html(/*int*/ $image_id, /*string*/ $rating, /*bool*/ $can_rate) {
 		$s_checked = $rating == 's' ? " checked" : "";
 		$q_checked = $rating == 'q' ? " checked" : "";
 		$e_checked = $rating == 'e' ? " checked" : "";
@@ -15,12 +15,16 @@ class RatingsTheme extends Themelet {
 			<tr>
 				<th>Rating</th>
 				<td>
+		".($can_rate ? "
 					<span class='view'>$human_rating</span>
 					<span class='edit'>
 						<input type='radio' name='rating' value='s' id='s'$s_checked><label for='s'>Safe</label>
 						<input type='radio' name='rating' value='q' id='q'$q_checked><label for='q'>Questionable</label>
 						<input type='radio' name='rating' value='e' id='e'$e_checked><label for='e'>Explicit</label>
 					</span>
+		" : "
+					$human_rating
+		")."
 				</td>
 			</tr>
 		";

From c1083bbea1806e9d04674c62531f9f4867dd877e Mon Sep 17 00:00:00 2001
From: im-mi <im.mi.mail.mi@gmail.com>
Date: Wed, 14 Sep 2016 17:42:32 -0400
Subject: [PATCH 26/36] Fixed comment-delete code-injection vulnerability

---
 core/util.inc.php                  | 10 ++++++++++
 ext/comment/theme.php              | 13 ++++++++-----
 themes/danbooru/comment.theme.php  | 13 ++++++++-----
 themes/danbooru2/comment.theme.php | 13 ++++++++-----
 themes/futaba/comment.theme.php    | 13 ++++++++-----
 5 files changed, 42 insertions(+), 20 deletions(-)

diff --git a/core/util.inc.php b/core/util.inc.php
index 94cf1eb0..1d5460f9 100644
--- a/core/util.inc.php
+++ b/core/util.inc.php
@@ -15,6 +15,16 @@ function html_escape($input) {
 	return htmlentities($input, ENT_QUOTES, "UTF-8");
 }
 
+/**
+ * Unescape data that was made safe for printing into HTML
+ *
+ * @param $input
+ * @return string
+ */
+function html_unescape($input) {
+	return html_entity_decode($input, ENT_QUOTES, "UTF-8");
+}
+
 /**
  * Make sure some data is safe to be used in integer context
  *
diff --git a/ext/comment/theme.php b/ext/comment/theme.php
index 20e963f9..f017bdb3 100644
--- a/ext/comment/theme.php
+++ b/ext/comment/theme.php
@@ -259,8 +259,6 @@ class CommentListTheme extends Themelet {
 		else {
 			$h_userlink = '<a class="username" href="'.make_link('user/'.$h_name).'">'.$h_name.'</a>';
 		}
-		$stripped_nonl = str_replace("\n", "\\n", substr($tfe->stripped, 0, 50));
-		$stripped_nonl = str_replace("\r", "\\r", $stripped_nonl);
 
 		$hb = ($comment->owner_class == "hellbanned" ? "hb" : "");
 		if($trim) {
@@ -280,9 +278,14 @@ class CommentListTheme extends Themelet {
 			}
 			$h_reply = " - <a href='javascript: replyTo($i_image_id, $i_comment_id, \"$h_name\")'>Reply</a>";
 			$h_ip = $user->can("view_ip") ? "<br>".show_ip($comment->poster_ip, "Comment posted {$comment->posted}") : "";
-			$h_del = $user->can("delete_comment") ?
-				' - <a onclick="return confirm(\'Delete comment by '.$h_name.':\\n'.$stripped_nonl.'\');" '.
-				'href="'.make_link('comment/delete/'.$i_comment_id.'/'.$i_image_id).'">Del</a>' : '';
+			$h_del = "";
+			if ($user->can("delete_comment")) {
+				$comment_preview = substr(html_unescape($tfe->stripped), 0, 50);
+				$j_delete_confirm_message = json_encode("Delete comment by {$comment->owner_name}:\n$comment_preview");
+				$h_delete_script = html_escape("return confirm($j_delete_confirm_message);");
+				$h_delete_link = make_link("comment/delete/$i_comment_id/$i_image_id");
+				$h_del = " - <a onclick='$h_delete_script' href='$h_delete_link'>Del</a>";
+			}
 			$html = "
 				<div class=\"comment $hb\" id=\"c$i_comment_id\">
 					<div class=\"info\">
diff --git a/themes/danbooru/comment.theme.php b/themes/danbooru/comment.theme.php
index 5e959e10..e7187fe5 100644
--- a/themes/danbooru/comment.theme.php
+++ b/themes/danbooru/comment.theme.php
@@ -111,12 +111,15 @@ class CustomCommentListTheme extends CommentListTheme {
 		$i_image_id = int_escape($comment->image_id);
 		$h_posted = autodate($comment->posted);
 
-		$stripped_nonl = str_replace("\n", "\\n", substr($tfe->stripped, 0, 50));
-		$stripped_nonl = str_replace("\r", "\\r", $stripped_nonl);
 		$h_userlink = "<a class='username' href='".make_link("user/$h_name")."'>$h_name</a>";
-		$h_del = $user->can("delete_comment") ?
-			' - <a onclick="return confirm(\'Delete comment by '.$h_name.':\\n'.$stripped_nonl.'\');" '.
-			'href="'.make_link('comment/delete/'.$i_comment_id.'/'.$i_image_id).'">Del</a>' : '';
+		$h_del = "";
+		if ($user->can("delete_comment")) {
+			$comment_preview = substr(html_unescape($tfe->stripped), 0, 50);
+			$j_delete_confirm_message = json_encode("Delete comment by {$comment->owner_name}:\n$comment_preview");
+			$h_delete_script = html_escape("return confirm($j_delete_confirm_message);");
+			$h_delete_link = make_link("comment/delete/$i_comment_id/$i_image_id");
+			$h_del = " - <a onclick='$h_delete_script' href='$h_delete_link'>Del</a>";
+		}
 		//$h_imagelink = $trim ? "<a href='".make_link("post/view/$i_image_id")."'>&gt;&gt;&gt;</a>\n" : "";
 		if($trim) {
 			return "<p class='comment'>$h_userlink $h_del<br/>$h_posted<br/>$h_comment</p>";
diff --git a/themes/danbooru2/comment.theme.php b/themes/danbooru2/comment.theme.php
index 081537bb..a9fef1dd 100644
--- a/themes/danbooru2/comment.theme.php
+++ b/themes/danbooru2/comment.theme.php
@@ -101,12 +101,15 @@ class CustomCommentListTheme extends CommentListTheme {
 		$i_image_id = int_escape($comment->image_id);
 		$h_posted = autodate($comment->posted);
 
-		$stripped_nonl = str_replace("\n", "\\n", substr($tfe->stripped, 0, 50));
-		$stripped_nonl = str_replace("\r", "\\r", $stripped_nonl);
 		$h_userlink = "<a class='username' href='".make_link("user/$h_name")."'>$h_name</a>";
-		$h_del = $user->can("delete_comment") ?
-			' - <a onclick="return confirm(\'Delete comment by '.$h_name.':\\n'.$stripped_nonl.'\');" '.
-			'href="'.make_link('comment/delete/'.$i_comment_id.'/'.$i_image_id).'">Del</a>' : '';
+		$h_del = "";
+		if ($user->can("delete_comment")) {
+			$comment_preview = substr(html_unescape($tfe->stripped), 0, 50);
+			$j_delete_confirm_message = json_encode("Delete comment by {$comment->owner_name}:\n$comment_preview");
+			$h_delete_script = html_escape("return confirm($j_delete_confirm_message);");
+			$h_delete_link = make_link("comment/delete/$i_comment_id/$i_image_id");
+			$h_del = " - <a onclick='$h_delete_script' href='$h_delete_link'>Del</a>";
+		}
 		//$h_imagelink = $trim ? "<a href='".make_link("post/view/$i_image_id")."'>&gt;&gt;&gt;</a>\n" : "";
 		if($trim) {
 			return "<p class='comment'>$h_userlink $h_del<br/>$h_posted<br/>$h_comment</p>";
diff --git a/themes/futaba/comment.theme.php b/themes/futaba/comment.theme.php
index 29e0b157..bd8a97b8 100644
--- a/themes/futaba/comment.theme.php
+++ b/themes/futaba/comment.theme.php
@@ -70,13 +70,16 @@ class CustomCommentListTheme extends CommentListTheme {
 		$i_comment_id = int_escape($comment->comment_id);
 		$i_image_id = int_escape($comment->image_id);
 
-		$stripped_nonl = str_replace("\n", "\\n", substr($tfe->stripped, 0, 50));
-		$stripped_nonl = str_replace("\r", "\\r", $stripped_nonl);
 		$h_userlink = "<a href='".make_link("user/$h_name")."'>$h_name</a>";
 		$h_date = $comment->posted;
-		$h_del = $user->can("delete_comment") ?
-			' - <a onclick="return confirm(\'Delete comment by '.$h_name.':\\n'.$stripped_nonl.'\');" '.
-			'href="'.make_link('comment/delete/'.$i_comment_id.'/'.$i_image_id).'">Del</a>' : '';
+		$h_del = "";
+		if ($user->can("delete_comment")) {
+			$comment_preview = substr(html_unescape($tfe->stripped), 0, 50);
+			$j_delete_confirm_message = json_encode("Delete comment by {$comment->owner_name}:\n$comment_preview");
+			$h_delete_script = html_escape("return confirm($j_delete_confirm_message);");
+			$h_delete_link = make_link("comment/delete/$i_comment_id/$i_image_id");
+			$h_del = " - <a onclick='$h_delete_script' href='$h_delete_link'>Del</a>";
+		}
 		$h_reply = "[<a href='".make_link("post/view/$i_image_id")."'>Reply</a>]";
 
 		if($inner_id == 0) {

From a49c5745b0ad137eee1127e9e7da2967fd56950c Mon Sep 17 00:00:00 2001
From: im-mi <im.mi.mail.mi@gmail.com>
Date: Wed, 14 Sep 2016 18:08:12 -0400
Subject: [PATCH 27/36] Use html_escape instead of htmlspecialchars

---
 ext/tag_editcloud/main.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ext/tag_editcloud/main.php b/ext/tag_editcloud/main.php
index aca32af7..f9325aae 100644
--- a/ext/tag_editcloud/main.php
+++ b/ext/tag_editcloud/main.php
@@ -134,7 +134,7 @@ class TagEditCloud extends Extension {
 			}
 
 			$size = sprintf("%.2f", max($row['scaled'],0.5));
-			$js = htmlspecialchars('tageditcloud_toggle_tag(this,'.json_encode($full_tag).')',ENT_QUOTES); //Ugly, but it works
+			$js = html_escape('tageditcloud_toggle_tag(this,'.json_encode($full_tag).')'); //Ugly, but it works
 
 			if(array_search($row['tag'],$image->get_tag_array()) !== FALSE) {
 				if($used_first) {

From 891e52f4b9a81bc612fef5d8bb746ec030748884 Mon Sep 17 00:00:00 2001
From: im-mi <im.mi.mail.mi@gmail.com>
Date: Wed, 31 Aug 2016 18:08:24 -0400
Subject: [PATCH 28/36] Ignore arrow key navigation when modifier keys held

---
 ext/arrowkey_navigation/main.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/ext/arrowkey_navigation/main.php b/ext/arrowkey_navigation/main.php
index 75cc22bd..023ca87b 100644
--- a/ext/arrowkey_navigation/main.php
+++ b/ext/arrowkey_navigation/main.php
@@ -47,6 +47,7 @@ class ArrowkeyNavigation extends Extension {
 			(function($){
 				$(document).keyup(function(e) {
 					if($(e.target).is('input', 'textarea')){ return; }
+					if (e.metaKey || e.ctrlKey || e.altKey || e.shiftKey) { return; }
 					if (e.keyCode == 37) { window.location.href = '{$prev_url}'; }
 					else if (e.keyCode == 39) { window.location.href = '{$next_url}'; }
 				});

From 3bebe77addbdc6734c75b160b87312d9591c719b Mon Sep 17 00:00:00 2001
From: im-mi <im.mi.mail.mi@gmail.com>
Date: Sun, 14 Aug 2016 18:56:24 -0400
Subject: [PATCH 29/36] Made the random list searchable

---
 ext/random_list/main.php  | 38 ++++++++++++++++++++---------
 ext/random_list/theme.php | 51 +++++++++++++++++++++++++++++++++++++--
 2 files changed, 76 insertions(+), 13 deletions(-)

diff --git a/ext/random_list/main.php b/ext/random_list/main.php
index 609766fb..267c971a 100644
--- a/ext/random_list/main.php
+++ b/ext/random_list/main.php
@@ -15,24 +15,40 @@ class RandomList extends Extension {
 		global $config, $page;
 
 		if($event->page_matches("random")) {
+			if(isset($_GET['search'])) {
+				// implode(explode()) to resolve aliases and sanitise
+				$search = url_escape(Tag::implode(Tag::explode($_GET['search'], false)));
+				if(empty($search)) {
+					$page->set_mode("redirect");
+					$page->set_redirect(make_link("random"));
+				}
+				else {
+					$page->set_mode("redirect");
+					$page->set_redirect(make_link('random/'.$search));
+				}
+				return;
+			}
+
+			if($event->count_args() == 0) {
+				$search_terms = array();
+			}
+			else if($event->count_args() == 1) {
+				$search_terms = explode(' ', $event->get_arg(0));
+			}
+			else {
+				throw new SCoreException("Error: too many arguments.");
+			}
+
 			// set vars
-			$page->title = "Random Images";
 			$images_per_page = $config->get_int("random_images_list_count", 12);
 			$random_images = array();
-			$random_html = "<b>Refresh the page to view more images</b>
-			<div class='shm-image-list'>";
 
 			// generate random images
 			for ($i = 0; $i < $images_per_page; $i++)
-				array_push($random_images, Image::by_random());
+				array_push($random_images, Image::by_random($search_terms));
 
-			// create html to display images
-			foreach ($random_images as $image)
-				$random_html .= $this->theme->build_thumb_html($image);
-
-			// display it
-			$random_html .= "</div>";
-			$page->add_block(new Block("Random Images", $random_html));
+			$this->theme->set_page($search_terms);
+			$this->theme->display_page($page, $random_images);
 		}
 	}
 
diff --git a/ext/random_list/theme.php b/ext/random_list/theme.php
index b3baf1ad..c092b086 100644
--- a/ext/random_list/theme.php
+++ b/ext/random_list/theme.php
@@ -1,4 +1,51 @@
 <?php
-/* needed for access to build_thumb_html */
-class RandomListTheme extends Themelet {}
+
+class RandomListTheme extends Themelet {
+	protected $search_terms;
+
+	/**
+	 * @param string[] $search_terms
+	 */
+	public function set_page($search_terms) {
+		$this->search_terms = $search_terms;
+	}
+
+	/**
+	 * @param Page $page
+	 * @param Image[] $images
+	 */
+	public function display_page(Page $page, $images) {
+		$page->title = "Random Images";
+
+		$html = "<b>Refresh the page to view more images</b>
+		<div class='shm-image-list'>";
+
+		foreach ($images as $image)
+			$html .= $this->build_thumb_html($image);
+
+		$html .= "</div>";
+		$page->add_block(new Block("Random Images", $html));
+
+		$nav = $this->build_navigation($this->search_terms);
+		$page->add_block(new Block("Navigation", $nav, "left", 0));
+	}
+
+	/**
+	 * @param string[] $search_terms
+	 * @return string
+	 */
+	protected function build_navigation($search_terms) {
+		$h_search_string = html_escape(implode(" ", $search_terms));
+		$h_search_link = make_link("random");
+		$h_search = "
+			<p><form action='$h_search_link' method='GET'>
+				<input type='search' name='search' value='$h_search_string' placeholder='Search random list' class='autocomplete_tags' autocomplete='off' />
+				<input type='hidden' name='q' value='/random'>
+				<input type='submit' value='Find' style='display: none;' />
+			</form>
+		";
+
+		return $h_search;
+	}
+}
 

From f763fc13565a8cc04bb4a13ae7dd9cb407565477 Mon Sep 17 00:00:00 2001
From: im-mi <im.mi.mail.mi@gmail.com>
Date: Fri, 23 Sep 2016 12:31:02 -0400
Subject: [PATCH 30/36] React appropriately when there are no random list
 search results

---
 ext/random_list/main.php  |  7 +++++--
 ext/random_list/theme.php | 15 ++++++++++-----
 2 files changed, 15 insertions(+), 7 deletions(-)

diff --git a/ext/random_list/main.php b/ext/random_list/main.php
index 267c971a..46c49801 100644
--- a/ext/random_list/main.php
+++ b/ext/random_list/main.php
@@ -44,8 +44,11 @@ class RandomList extends Extension {
 			$random_images = array();
 
 			// generate random images
-			for ($i = 0; $i < $images_per_page; $i++)
-				array_push($random_images, Image::by_random($search_terms));
+			for ($i = 0; $i < $images_per_page; $i++) {
+				$random_image = Image::by_random($search_terms);
+				if (!$random_image) continue;
+				array_push($random_images, $random_image);
+			}
 
 			$this->theme->set_page($search_terms);
 			$this->theme->display_page($page, $random_images);
diff --git a/ext/random_list/theme.php b/ext/random_list/theme.php
index c092b086..dd0f1d25 100644
--- a/ext/random_list/theme.php
+++ b/ext/random_list/theme.php
@@ -17,13 +17,18 @@ class RandomListTheme extends Themelet {
 	public function display_page(Page $page, $images) {
 		$page->title = "Random Images";
 
-		$html = "<b>Refresh the page to view more images</b>
-		<div class='shm-image-list'>";
+		$html = "<b>Refresh the page to view more images</b>";
+		if (count($images)) {
+			$html .= "<div class='shm-image-list'>";
 
-		foreach ($images as $image)
-			$html .= $this->build_thumb_html($image);
+			foreach ($images as $image)
+				$html .= $this->build_thumb_html($image);
+
+			$html .= "</div>";
+		} else {
+			$html .= "<br/><br/>No images were found to match the search criteria";
+		}
 
-		$html .= "</div>";
 		$page->add_block(new Block("Random Images", $html));
 
 		$nav = $this->build_navigation($this->search_terms);

From 1dd0dfc5911444522ac38f74bfc919fa3b5efba8 Mon Sep 17 00:00:00 2001
From: im-mi <im.mi.mail.mi@gmail.com>
Date: Sat, 24 Sep 2016 14:03:14 -0400
Subject: [PATCH 31/36] Read ICO header with proper sign Fixes width/height
 being read incorrectly when >= 128

---
 ext/handle_ico/main.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/ext/handle_ico/main.php b/ext/handle_ico/main.php
index 4e53c249..b615a59d 100644
--- a/ext/handle_ico/main.php
+++ b/ext/handle_ico/main.php
@@ -67,9 +67,9 @@ class IcoFileHandler extends Extension {
 		$image = new Image();
 
 		$fp = fopen($filename, "r");
-		$header = unpack("snull/stype/scount", fread($fp, 6));
+		$header = unpack("Snull/Stype/Scount", fread($fp, 6));
 
-		$subheader = unpack("cwidth/cheight/ccolours/cnull/splanes/sbpp/lsize/loffset", fread($fp, 16));
+		$subheader = unpack("Cwidth/Cheight/Ccolours/Cnull/Splanes/Sbpp/Lsize/loffset", fread($fp, 16));
 		fclose($fp);
 
 		$width = $subheader['width'];
@@ -94,7 +94,7 @@ class IcoFileHandler extends Extension {
 	private function check_contents($file) {
 		if(!file_exists($file)) return false;
 		$fp = fopen($file, "r");
-		$header = unpack("snull/stype/scount", fread($fp, 6));
+		$header = unpack("Snull/Stype/Scount", fread($fp, 6));
 		fclose($fp);
 		return ($header['null'] == 0 && ($header['type'] == 0 || $header['type'] == 1));
 	}

From 05da5d0b4f14e45b0f19165483f4d2014dcdcaca Mon Sep 17 00:00:00 2001
From: im-mi <im.mi.mail.mi@gmail.com>
Date: Sun, 25 Sep 2016 15:25:12 -0400
Subject: [PATCH 32/36] Use Image->get_image_link() on ICO files

---
 ext/handle_ico/theme.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ext/handle_ico/theme.php b/ext/handle_ico/theme.php
index aa092709..9f68cc53 100644
--- a/ext/handle_ico/theme.php
+++ b/ext/handle_ico/theme.php
@@ -2,7 +2,7 @@
 
 class IcoFileHandlerTheme extends Themelet {
 	public function display_image(Page $page, Image $image) {
-		$ilink = make_link("get_ico/{$image->id}/{$image->id}.ico");
+		$ilink = $image->get_image_link();
 		$html = "
 			<img id='main_image' src='$ilink'>
 		";

From d4fda00dd993bbc71b9db73139d66916da68b2fe Mon Sep 17 00:00:00 2001
From: im-mi <im.mi.mail.mi@gmail.com>
Date: Sun, 25 Sep 2016 14:24:20 -0400
Subject: [PATCH 33/36] Check for existence of POST var tag_edit__owner before
 using it

---
 ext/tag_edit/main.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ext/tag_edit/main.php b/ext/tag_edit/main.php
index 508e18dc..2f270fd0 100644
--- a/ext/tag_edit/main.php
+++ b/ext/tag_edit/main.php
@@ -214,7 +214,7 @@ class TagEdit extends Extension {
 
 	public function onImageInfoSet(ImageInfoSetEvent $event) {
 		global $user;
-		if($user->can("edit_image_owner")) {
+		if($user->can("edit_image_owner") && isset($_POST['tag_edit__owner'])) {
 			$owner = User::by_name($_POST['tag_edit__owner']);
 			if ($owner instanceof User) {
 				send_event(new OwnerSetEvent($event->image, $owner));

From e6dd1b492cba7a33b20e402e5889d7f4ae483897 Mon Sep 17 00:00:00 2001
From: im-mi <im.mi.mail.mi@gmail.com>
Date: Sun, 25 Sep 2016 15:17:29 -0400
Subject: [PATCH 34/36] Sanitize ratings

---
 ext/rating/main.php | 21 ++++++++++++++++++++-
 1 file changed, 20 insertions(+), 1 deletion(-)

diff --git a/ext/rating/main.php b/ext/rating/main.php
index 22b331d8..17fa8b0d 100644
--- a/ext/rating/main.php
+++ b/ext/rating/main.php
@@ -110,7 +110,10 @@ class Ratings extends Extension {
 	
 	public function onImageInfoSet(ImageInfoSetEvent $event) {
 		if($this->can_rate() && isset($_POST["rating"])) {
-			send_event(new RatingSetEvent($event->image, $_POST['rating']));
+			$rating = $_POST["rating"];
+			if (Ratings::rating_is_valid($rating)) {
+				send_event(new RatingSetEvent($event->image, $rating));
+			}
 		}
 	}
 
@@ -211,6 +214,22 @@ class Ratings extends Extension {
 		}
 	}
 
+	/**
+	 * @param string $rating
+	 * @return bool
+	 */
+	public static function rating_is_valid(/*string*/ $rating) {
+		switch($rating) {
+			case "s":
+			case "q":
+			case "e":
+			case "u":
+				return true;
+			default:
+				return false;
+		}
+	}
+
 	/**
 	 * FIXME: this is a bit ugly and guessey, should have proper options
 	 *

From 8805f0dd182efdb107b1e717a03cb6d2dc04d598 Mon Sep 17 00:00:00 2001
From: im-mi <im.mi.mail.mi@gmail.com>
Date: Mon, 26 Sep 2016 11:15:08 -0400
Subject: [PATCH 35/36] Remove get_ico page It's no longer needed because ICO
 now uses Image->get_image_link()

---
 .htaccess               |  1 +
 ext/handle_ico/main.php | 14 --------------
 ext/handle_ico/test.php |  1 -
 3 files changed, 1 insertion(+), 15 deletions(-)

diff --git a/.htaccess b/.htaccess
index 8e33b6f3..30a33a42 100644
--- a/.htaccess
+++ b/.htaccess
@@ -53,6 +53,7 @@ AddType audio/ogg      oga ogg opus
 AddType image/jpeg     jpg jpeg
 AddType image/bmp      bmp
 AddType image/svg+xml  svg svgz
+AddType image/x-icon   ico ani cur
 AddType image/webp     webp
 AddType video/mp4      f4v f4p m4v mp4
 AddType video/ogg      ogv
diff --git a/ext/handle_ico/main.php b/ext/handle_ico/main.php
index b615a59d..beda9596 100644
--- a/ext/handle_ico/main.php
+++ b/ext/handle_ico/main.php
@@ -35,20 +35,6 @@ class IcoFileHandler extends Extension {
 		}
 	}
 
-	public function onPageRequest(PageRequestEvent $event) {
-		global $page;
-		if($event->page_matches("get_ico")) {
-			$id = int_escape($event->get_arg(0));
-			$image = Image::by_id($id);
-			$hash = $image->hash;
-			$ha = substr($hash, 0, 2);
-
-			$page->set_type("image/x-icon");
-			$page->set_mode("data");
-			$page->set_data(file_get_contents("images/$ha/$hash"));
-		}
-	}
-
 	/**
 	 * @param string $ext
 	 * @return bool
diff --git a/ext/handle_ico/test.php b/ext/handle_ico/test.php
index b019eed0..fa130100 100644
--- a/ext/handle_ico/test.php
+++ b/ext/handle_ico/test.php
@@ -4,7 +4,6 @@ class IcoHandlerTest extends ShimmiePHPUnitTestCase {
 		$this->log_in_as_user();
 		$image_id = $this->post_image("lib/static/favicon.ico", "shimmie favicon");
 		$this->get_page("post/view/$image_id"); // test for no crash
-		$this->get_page("get_ico/$image_id"); // test for no crash
 
 		# FIXME: test that the thumb works
 		# FIXME: test that it gets displayed properly

From d5fd6f6821b3cbce7fdb5ccadd85d1b7ec5a3fe0 Mon Sep 17 00:00:00 2001
From: im-mi <im.mi.mail.mi@gmail.com>
Date: Wed, 28 Sep 2016 10:26:13 -0400
Subject: [PATCH 36/36] url_escape tag info link tag

---
 ext/tag_list/theme.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ext/tag_list/theme.php b/ext/tag_list/theme.php
index 0e97abb5..725032f2 100644
--- a/ext/tag_list/theme.php
+++ b/ext/tag_list/theme.php
@@ -216,7 +216,7 @@ class TagListTheme extends Themelet {
 		$count = $row['calc_count'];
 		// if($n++) $display_html .= "\n<br/>";
 		if(!is_null($config->get_string('info_link'))) {
-			$link = html_escape(str_replace('$tag', $tag, $config->get_string('info_link')));
+			$link = html_escape(str_replace('$tag', url_escape($tag), $config->get_string('info_link')));
 			$display_html .= ' <a class="tag_info_link'.$tag_category_css.'" '.$tag_category_style.'href="'.$link.'">?</a>';
 		}
 		$link = $this->tag_link($row['tag']);