--- wakaba-old.pl	2012-02-06 03:50:56.000000000 -0800
+++ wakaba.pl	2013-07-17 12:23:59.000000000 -0700
@@ -207,6 +207,12 @@
 	my $admin=$query->param("admin");
 	do_nuke_database($admin);
 }
+elsif($task eq "approvepost")
+{
+	my $admin=$query->param("admin");
+	my $num=$query->param("num");
+	do_approve_post($admin,$num);
+}
 
 $dbh->disconnect();
 
@@ -277,7 +283,7 @@
 	if($page==0) { $filename=HTML_SELF; }
 	else { $filename=$page.PAGE_EXT; }
 
-	# do abbrevations and such
+	# do abbreviations and such
 	foreach my $thread (@threads)
 	{
 		# split off the parent post, and count the replies and images
@@ -296,7 +302,7 @@
 			$curr_images-- if($$post{image});
 			$curr_replies--;
 		}
-
+		
 		# write the shortened list of replies back
 		$$thread{posts}=[$parent,@replies];
 		$$thread{omit}=$replies-$curr_replies;
@@ -346,7 +352,7 @@
 
 	$sth=$dbh->prepare("SELECT * FROM ".SQL_TABLE." WHERE num=? OR parent=? ORDER BY num ASC;") or make_error(S_SQLFAIL);
 	$sth->execute($thread,$thread) or make_error(S_SQLFAIL);
-
+	
 	while($row=get_decoded_hashref($sth)) { push(@thread,$row); }
 
 	make_error(S_NOTHREADERR) if($thread[0]{parent});
@@ -482,6 +488,9 @@
 
 	# check for bans
 	ban_check($numip,$c_name,$subject,$comment) unless $whitelisted;
+	
+	# auto approve post for display if whitelisted
+	my $approved= $whitelisted ? 1 : 0;
 
 	# spam check
 	spam_engine(
@@ -552,10 +561,10 @@
 	my ($filename,$md5,$width,$height,$thumbnail,$tn_width,$tn_height)=process_file($file,$uploadname,$time) if($file);
 
 	# finally, write to the database
-	my $sth=$dbh->prepare("INSERT INTO ".SQL_TABLE." VALUES(null,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?);") or make_error(S_SQLFAIL);
+	my $sth=$dbh->prepare("INSERT INTO ".SQL_TABLE." VALUES(null,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?);") or make_error($dbh->errstr);
 	$sth->execute($parent,$time,$lasthit,$numip,
 	$date,$name,$trip,$email,$subject,$password,$comment,
-	$filename,$size,$md5,$width,$height,$thumbnail,$tn_width,$tn_height) or make_error(S_SQLFAIL);
+	$filename,$size,$md5,$width,$height,$thumbnail,$tn_width,$tn_height,$approved) or make_error($dbh->errstr);
 
 	if($parent) # bumping
 	{
@@ -1513,6 +1522,27 @@
 	make_http_forward(HTML_SELF,ALTERNATE_REDIRECT);
 }
 
+sub do_approve_post($$)
+{
+	my ($admin,$num)=@_;
+	my ($row,$sth);
+	
+	check_password($admin,ADMIN_PASS);
+	
+	$sth=$dbh->prepare("SELECT approved FROM ".SQL_TABLE." WHERE num = ?") or make_error(S_SQLFAIL);
+	$sth->execute($num) or make_error(S_SQLFAIL);
+	
+	while($row=get_decoded_hashref($sth))
+	{
+		my $approved = $$row{approved}==1 ? 0 : 1;
+		$sth=$dbh->prepare("UPDATE ".SQL_TABLE." SET approved=? WHERE num=?;") or make_error(S_SQLFAIL);
+		$sth->execute($approved,$num) or make_error(S_SQLFAIL);
+	}
+	
+	do_rebuild_cache($admin);
+	make_http_forward(get_script_name()."?admin=$admin&task=mpanel",ALTERNATE_REDIRECT);
+}
+
 sub check_password($$)
 {
 	my ($admin,$password)=@_;
@@ -1672,7 +1702,8 @@
 	"height INTEGER,".			# Height of image in pixels
 	"thumbnail TEXT,".			# Thumbnail filename with path and extension
 	"tn_width TEXT,".			# Thumbnail width in pixels
-	"tn_height TEXT".			# Thumbnail height in pixels
+	"tn_height TEXT,".			# Thumbnail height in pixels
+	"approved TINYINT".			# Approval status
 
 	");") or make_error(S_SQLFAIL);
 	$sth->execute() or make_error(S_SQLFAIL);