2021-10-26 07:06:37 +02:00
|
|
|
<?php
|
|
|
|
session_start();
|
2023-12-30 13:07:39 +01:00
|
|
|
if (! isset($_SESSION['last_access']) || (time() - $_SESSION['last_access']) > 60) {
|
|
|
|
$_SESSION['last_access'] = time();
|
|
|
|
}
|
2021-10-26 07:06:37 +02:00
|
|
|
|
2023-12-25 16:29:48 +01:00
|
|
|
if (isset($_POST['command']) && $_POST['command'] == 'Logout') {
|
|
|
|
$past = time() - 3600;
|
2023-12-30 13:07:39 +01:00
|
|
|
foreach ($_COOKIE as $key => $value) {
|
|
|
|
setcookie($key, $value, $past, '/');
|
2023-12-25 16:29:48 +01:00
|
|
|
}
|
|
|
|
$_SESSION = array();
|
|
|
|
session_destroy();
|
2024-03-05 13:52:34 +01:00
|
|
|
unset($_COOKIE['mail_name']);
|
2024-10-08 17:33:27 +02:00
|
|
|
setcookie('mail_name', '', -1, '/');
|
2023-12-25 16:29:48 +01:00
|
|
|
$logmeout = true;
|
|
|
|
} else {
|
|
|
|
$logmeout = false;
|
|
|
|
}
|
|
|
|
|
2024-10-08 17:33:27 +02:00
|
|
|
include("config.inc.php");
|
|
|
|
include("newsportal.php");
|
2021-10-26 07:06:37 +02:00
|
|
|
|
2023-12-30 13:07:39 +01:00
|
|
|
$ip_pass = false;
|
|
|
|
if (! isset($_SESSION['remote_address'])) {
|
|
|
|
$_SESSION['remote_address'] = $_SERVER['REMOTE_ADDR'];
|
|
|
|
$_SESSION['start_address'] = $_SESSION['remote_address'];
|
|
|
|
$ip_pass = true;
|
|
|
|
} else {
|
|
|
|
if ($_SERVER['REMOTE_ADDR'] != $_SESSION['start_address']) {
|
|
|
|
$ip_pass = false;
|
|
|
|
} else {
|
|
|
|
$ip_pass = true;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2023-12-25 16:29:48 +01:00
|
|
|
if ($logmeout) {
|
|
|
|
include "head.inc";
|
|
|
|
echo "<center>";
|
|
|
|
echo "<hr><p>You have been logged out</p>";
|
|
|
|
echo '</center>';
|
|
|
|
echo '<br />';
|
|
|
|
include "tail.inc";
|
|
|
|
exit(0);
|
|
|
|
}
|
|
|
|
|
2023-08-20 00:33:05 +02:00
|
|
|
if (isset($_COOKIE['tzo'])) {
|
|
|
|
$offset = $_COOKIE['tzo'];
|
|
|
|
} else {
|
|
|
|
$offset = $CONFIG['timezone'];
|
|
|
|
}
|
|
|
|
if (! isset($_POST['command'])) {
|
|
|
|
$_POST['command'] = null;
|
|
|
|
}
|
2021-10-26 07:06:37 +02:00
|
|
|
|
2023-08-20 00:33:05 +02:00
|
|
|
$keyfile = $spooldir . '/keys.dat';
|
2021-10-26 07:06:37 +02:00
|
|
|
$keys = unserialize(file_get_contents($keyfile));
|
2023-12-25 16:29:48 +01:00
|
|
|
|
2023-08-20 00:33:05 +02:00
|
|
|
$title .= ' - User Configuration';
|
2021-10-26 07:06:37 +02:00
|
|
|
include "head.inc";
|
|
|
|
|
2023-09-04 15:06:43 +02:00
|
|
|
if (disable_page_by_user_agent($client_device, "bot", "User")) {
|
|
|
|
echo "<center>Page Disabled</center>";
|
|
|
|
include "tail.inc";
|
|
|
|
exit();
|
|
|
|
}
|
|
|
|
|
2023-08-20 00:33:05 +02:00
|
|
|
$logged_in = false;
|
|
|
|
if (! isset($_POST['username'])) {
|
2021-10-26 07:06:37 +02:00
|
|
|
$_POST['username'] = $_COOKIE['mail_name'];
|
2023-08-20 00:33:05 +02:00
|
|
|
}
|
2024-07-21 15:19:35 +02:00
|
|
|
$name = trim(strtolower($_POST['username']));
|
2023-08-20 00:33:05 +02:00
|
|
|
if (! isset($_POST['password'])) {
|
|
|
|
$_POST['password'] = null;
|
|
|
|
}
|
|
|
|
if (! isset($_COOKIE['mail_auth'])) {
|
|
|
|
$_COOKIE['mail_auth'] = null;
|
|
|
|
}
|
2024-07-21 15:19:35 +02:00
|
|
|
$logged_in = verify_logged_in(trim(strtolower($_POST['username'])));
|
2024-10-08 17:33:27 +02:00
|
|
|
if (!$logged_in) {
|
2024-07-21 15:19:35 +02:00
|
|
|
if ((password_verify($name . $keys[0] . get_user_config($name, 'encryptionkey'), $_COOKIE['mail_auth'])) || (password_verify($name . $keys[1] . get_user_config($name, 'encryptionkey'), $_COOKIE['mail_auth']))) {
|
2023-08-20 00:33:05 +02:00
|
|
|
$logged_in = true;
|
|
|
|
} else {
|
2024-07-21 15:19:35 +02:00
|
|
|
if (check_bbs_auth($_POST['username'], $_POST['password'])) {
|
|
|
|
if ($ip_pass) {
|
|
|
|
$_SESSION['pass'] = true;
|
|
|
|
}
|
2024-07-30 15:31:32 +02:00
|
|
|
set_user_logged_in_cookies(trim($_POST['username']), $keys);
|
2024-07-21 15:19:35 +02:00
|
|
|
$logged_in = true;
|
|
|
|
} else {
|
|
|
|
echo 'Authentication Required';
|
|
|
|
}
|
2021-10-26 07:06:37 +02:00
|
|
|
}
|
2023-08-20 00:33:05 +02:00
|
|
|
}
|
2023-09-04 15:06:43 +02:00
|
|
|
|
2024-04-05 14:41:44 +02:00
|
|
|
if (isset($_REQUEST['command']) && $_REQUEST['command'] == 'Configuration') {
|
2023-07-13 18:17:38 +02:00
|
|
|
echo '<h1 class="np_thread_headline">';
|
2023-08-20 00:33:05 +02:00
|
|
|
echo '<a href="user.php" target=' . $frame['menu'] . '>Configuration</a> / ';
|
|
|
|
echo htmlspecialchars($_POST['username']) . '</h1>';
|
|
|
|
} else {
|
2023-07-13 18:17:38 +02:00
|
|
|
echo '<h1 class="np_thread_headline">';
|
2023-08-20 00:33:05 +02:00
|
|
|
echo '<a href="user.php" target=' . $frame['menu'] . '>user login</a> / ';
|
|
|
|
echo htmlspecialchars($_POST['username']) . '</h1>';
|
|
|
|
}
|
2021-10-26 07:06:37 +02:00
|
|
|
echo '<table cellpadding="0" cellspacing="0" class="np_buttonbar"><tr>';
|
|
|
|
// Mail button
|
2023-08-20 00:33:05 +02:00
|
|
|
if ($logged_in == true) {
|
|
|
|
echo '<td>';
|
|
|
|
echo '<form target="' . $frame['content'] . '" method="post" action="mail.php">';
|
|
|
|
echo '<input name="command" type="hidden" id="command" value="Mail" readonly="readonly">';
|
|
|
|
echo "<input type='hidden' name='username' value='" . $_POST['username'] . "' />";
|
|
|
|
echo '<button class="np_button_link" type="submit">Mail</button>';
|
|
|
|
echo '</form>';
|
|
|
|
echo '</td>';
|
|
|
|
// Files button
|
|
|
|
echo '<td>';
|
|
|
|
echo '<form target="' . $frame['content'] . '" method="post" action="files.php">';
|
|
|
|
echo '<input name="command" type="hidden" id="command" value="Files" readonly="readonly">';
|
|
|
|
echo "<input type='hidden' name='username' value='" . $_POST['username'] . "' />";
|
|
|
|
echo '<button class="np_button_link" type="submit">Files</button>';
|
|
|
|
echo '</form>';
|
|
|
|
echo '</td>';
|
|
|
|
// Configuration button
|
|
|
|
echo '<td>';
|
|
|
|
echo '<form target="' . $frame['content'] . '" method="post" action="user.php">';
|
|
|
|
echo '<input name="command" type="hidden" id="command" value="Configuration" readonly="readonly">';
|
|
|
|
echo "<input type='hidden' name='username' value='" . $_POST['username'] . "' />";
|
|
|
|
echo '<button class="np_button_link" type="submit">Configuration</button>';
|
|
|
|
echo '</form>';
|
|
|
|
echo '</td>';
|
2024-07-17 15:34:24 +02:00
|
|
|
}
|
|
|
|
if ((isset($_COOKIE["mail_name"]))) {
|
2024-10-08 17:33:27 +02:00
|
|
|
// Logout button
|
|
|
|
echo '<td>';
|
|
|
|
echo '<form target="' . $frame['content'] . '" method="post" action="user.php">';
|
|
|
|
echo '<input name="command" type="hidden" id="command" value="Logout" readonly="readonly">';
|
|
|
|
echo "<input type='hidden' name='username' value='" . $_POST['username'] . "' />";
|
|
|
|
echo '<button class="np_button_link" type="submit">Logout</button>';
|
|
|
|
echo '</form>';
|
|
|
|
echo '</td>';
|
2023-08-20 00:33:05 +02:00
|
|
|
}
|
|
|
|
echo '<td width=100%></td></tr></table>';
|
2021-10-26 07:06:37 +02:00
|
|
|
|
2023-08-20 00:33:05 +02:00
|
|
|
if (isset($_POST['username'])) {
|
|
|
|
$name = $_POST['username'];
|
|
|
|
// Save name in cookie
|
|
|
|
if ($setcookies == true) {
|
2023-12-23 14:43:34 +01:00
|
|
|
setcookie("mail_name", stripslashes($name), time() + (3600 * 24 * 90), '/');
|
2023-08-20 00:33:05 +02:00
|
|
|
}
|
2021-10-26 07:06:37 +02:00
|
|
|
} else {
|
2023-08-20 00:33:05 +02:00
|
|
|
if ($setcookies) {
|
|
|
|
if ((isset($_COOKIE["mail_name"])) && (! isset($name))) {
|
|
|
|
$name = $_COOKIE["mail_name"];
|
|
|
|
} else {
|
|
|
|
$name = '';
|
|
|
|
}
|
2021-10-26 07:06:37 +02:00
|
|
|
}
|
|
|
|
}
|
2023-08-20 00:33:05 +02:00
|
|
|
if ($logged_in !== true) {
|
|
|
|
echo '<table border="0" align="center" cellpadding="0" cellspacing="1">';
|
|
|
|
echo '<form name="form1" method="post" action="user.php" enctype="multipart/form-data">';
|
|
|
|
echo '<tr><td><strong>Please Login<br /></strong></td></tr>';
|
|
|
|
echo '<tr><td>Username:</td><td><input name="username" type="text" id="username" value="' . $name . '"></td></tr>';
|
|
|
|
echo '<tr><td>Password:</td><td><input name="password" type="password" id="password"></td></tr>';
|
|
|
|
echo '<td><input name="command" type="hidden" id="command" value="Login" readonly="readonly"></td>';
|
|
|
|
echo '<input type="hidden" name="key" value="' . password_hash($CONFIG['thissitekey'] . $name, PASSWORD_DEFAULT) . '">';
|
|
|
|
echo '<td> </td>';
|
|
|
|
echo '<td><input type="submit" name="Submit" value="Login"></td>';
|
|
|
|
echo '</tr>';
|
|
|
|
echo '</form>';
|
|
|
|
echo '</table>';
|
|
|
|
exit(0);
|
|
|
|
}
|
2021-10-26 07:06:37 +02:00
|
|
|
|
2023-08-20 00:33:05 +02:00
|
|
|
$user = strtolower($_POST['username']);
|
|
|
|
$_SESSION['username'] = $user;
|
|
|
|
unset($user_config);
|
|
|
|
$userfile = $spooldir . '/' . $user . '-articleviews.dat';
|
|
|
|
if (is_file($userfile)) {
|
|
|
|
$userdata = unserialize(file_get_contents($userfile));
|
|
|
|
}
|
2024-10-08 17:33:27 +02:00
|
|
|
if (!file_exists($config_dir . '/userconfig/' . $user . '.config')) {
|
|
|
|
$user_config = array();
|
|
|
|
file_put_contents($config_dir . '/userconfig/' . $user . '.config', serialize($user_array));
|
|
|
|
}
|
|
|
|
|
2023-07-13 18:17:38 +02:00
|
|
|
// Show Logged-In Message
|
2023-08-20 00:33:05 +02:00
|
|
|
if ($_POST['command'] != 'Configuration' && $_POST['command'] != 'SaveConfig') {
|
2023-09-22 12:09:32 +02:00
|
|
|
if (isset($_POST['source'])) {
|
|
|
|
$link = explode(':', $_POST['source']);
|
|
|
|
$golink = '<a href="' . $link[1] . '">Continue to ' . $link[0] . '</a>';
|
2024-03-17 19:22:00 +01:00
|
|
|
} else {
|
|
|
|
$golink = '';
|
2023-09-22 12:09:32 +02:00
|
|
|
}
|
2023-07-13 18:17:38 +02:00
|
|
|
echo "<center>";
|
2023-08-20 00:33:05 +02:00
|
|
|
echo "<hr><p>You are logged in as " . $_POST['username'] . "</p>";
|
2023-09-22 12:09:32 +02:00
|
|
|
echo "<p>" . $golink . "</p>";
|
2023-07-13 18:17:38 +02:00
|
|
|
echo '</center>';
|
2023-08-20 00:33:05 +02:00
|
|
|
}
|
2024-03-10 17:50:20 +01:00
|
|
|
|
2021-10-26 07:06:37 +02:00
|
|
|
// Apply Config
|
2023-08-20 00:33:05 +02:00
|
|
|
if (isset($_POST['command']) && $_POST['command'] == 'SaveConfig') {
|
2024-03-10 17:50:20 +01:00
|
|
|
// Confirm password
|
|
|
|
if (! check_bbs_auth($user, $_POST['confirm_password'])) {
|
|
|
|
$message = '<b>Password Incorrect</b><br />Please try again';
|
|
|
|
retry_configuration($message);
|
|
|
|
}
|
2024-02-20 00:33:44 +01:00
|
|
|
if ($OVERRIDES['disable_change_name'] != true) {
|
2024-02-21 14:09:28 +01:00
|
|
|
if (trim($_POST['display_name']) == '') {
|
|
|
|
$_POST['display_name'] = $user;
|
|
|
|
}
|
|
|
|
if (trim($_POST['display_email']) == '') {
|
|
|
|
$_POST['display_email'] = get_user_config($user, 'email');
|
|
|
|
}
|
|
|
|
// Don't allow using already existing username or alias
|
|
|
|
$value = get_user_config($_POST['display_name'], 'encryptionkey');
|
|
|
|
if (! $value) {
|
|
|
|
$value = get_config_file_value($config_dir . '/aliases.conf', strtolower($_POST['display_name']));
|
|
|
|
// Alias exists if $value is true
|
|
|
|
if (strtolower($value) == $user) {
|
|
|
|
// But it's our alias so it's ok to use
|
|
|
|
$value = false;
|
|
|
|
}
|
|
|
|
}
|
2024-03-10 17:50:20 +01:00
|
|
|
if (isset($OVERRIDES['reserved_names'])) {
|
|
|
|
$reserved_names = $OVERRIDES['reserved_names'];
|
2024-03-02 18:54:28 +01:00
|
|
|
} else {
|
2024-03-10 17:50:20 +01:00
|
|
|
$reserved_names = array(
|
|
|
|
"admin",
|
|
|
|
"sysop"
|
|
|
|
);
|
2024-03-02 18:54:28 +01:00
|
|
|
}
|
2024-03-10 17:50:20 +01:00
|
|
|
if (isset($OVERRIDES['duplicate_aliases'])) {
|
2024-03-02 18:54:28 +01:00
|
|
|
$dupe_ok = $OVERRIDES['duplicate_aliases'];
|
|
|
|
} else {
|
|
|
|
$dupe_ok = false;
|
2024-03-10 17:50:20 +01:00
|
|
|
}
|
|
|
|
foreach ($reserved_names as $name) {
|
|
|
|
if (strtolower($_POST['display_name']) == strtolower($name)) {
|
2024-03-02 18:54:28 +01:00
|
|
|
// It's a reserved alias
|
2024-03-10 17:50:20 +01:00
|
|
|
$message = '<b>' . $_POST['display_name'] . "</b> is unavailable.<br />Please try again";
|
|
|
|
retry_configuration($message);
|
2024-03-02 18:54:28 +01:00
|
|
|
}
|
|
|
|
}
|
2024-02-21 14:09:28 +01:00
|
|
|
if ($value && (strtolower($_POST['display_name']) != $user)) {
|
|
|
|
// It's someone else's username or alias
|
2024-03-10 17:50:20 +01:00
|
|
|
$message = '<b>' . $_POST['display_name'] . "</b> is unavailable.<br />Please try again";
|
|
|
|
retry_configuration($message);
|
2024-02-21 14:09:28 +01:00
|
|
|
}
|
|
|
|
// Validate email format
|
|
|
|
if (filter_var($_POST['display_email'], FILTER_VALIDATE_EMAIL) == false) {
|
|
|
|
// Email address format invalid. Format is important but does not need to be a real address
|
2024-03-10 17:50:20 +01:00
|
|
|
$message = '</b> Display email format appears incorrect:<br><b>' . $_POST['display_email'] . '</b><br />Please try again';
|
|
|
|
retry_configuration($message);
|
2024-02-21 14:09:28 +01:00
|
|
|
}
|
2024-02-20 15:58:13 +01:00
|
|
|
// Check if email already exists in user database
|
2024-02-21 14:09:28 +01:00
|
|
|
if ($founduser = check_registered_email_addresses(trim($_POST['display_email']))) {
|
2024-02-20 15:58:13 +01:00
|
|
|
// Email exists in database
|
|
|
|
if (strtolower($user) != strtolower($founduser)) {
|
|
|
|
// It's someone else's email
|
2024-03-10 17:50:20 +01:00
|
|
|
$message = '<b>' . $_POST['display_email'] . "</b> is unavailable.<br />Please try again";
|
|
|
|
retry_configuration($message);
|
2024-02-20 15:58:13 +01:00
|
|
|
}
|
|
|
|
}
|
2024-03-10 17:50:20 +01:00
|
|
|
// New passwords do not match
|
|
|
|
if ($_POST['password'] !== $_POST['password2']) {
|
|
|
|
$message = '<b> New password entries do not match</b><br />Please try again';
|
|
|
|
retry_configuration($message);
|
|
|
|
}
|
2024-03-02 18:54:28 +01:00
|
|
|
$user_config['display_name'] = trim($_POST['display_name']);
|
|
|
|
$user_config['display_email'] = trim($_POST['display_email']);
|
|
|
|
// Apply alias into $config_dir/aliases_conf
|
2024-03-10 17:50:20 +01:00
|
|
|
if (strtolower($user_config['display_name'] != strtolower($_POST['username']))) {
|
2024-03-02 18:54:28 +01:00
|
|
|
$value_unique = true;
|
2024-03-10 17:50:20 +01:00
|
|
|
if ($dupe_ok) {
|
|
|
|
foreach ($dupe_ok as $dupe) {
|
|
|
|
if ($dupe == strtolower($_POST['username'])) {
|
2024-03-02 18:54:28 +01:00
|
|
|
$value_unique = false;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
save_config_value($config_dir . '/aliases.conf', strtolower($user_config['display_name']), strtolower($_POST['username']), $value_unique);
|
|
|
|
}
|
2024-02-20 00:33:44 +01:00
|
|
|
}
|
2023-08-20 00:33:05 +02:00
|
|
|
$user_config['signature'] = $_POST['signature'];
|
2024-04-30 16:34:53 +02:00
|
|
|
$user_config['xface'] = preg_replace("/[\n\r]/", "", $_POST['xface']);
|
2023-08-20 00:33:05 +02:00
|
|
|
$user_config['timezone'] = $_POST['timezone'];
|
2024-03-10 17:50:20 +01:00
|
|
|
$user_config['theme'] = $_POST['theme'];
|
2024-03-04 17:47:34 +01:00
|
|
|
$user_config['hide_unsub'] = $_POST['hide_unsub'];
|
2024-10-08 17:33:27 +02:00
|
|
|
$user_config['send_mail_to_email'] = $_POST['send_mail_to_email'];
|
2023-08-20 00:33:05 +02:00
|
|
|
file_put_contents($config_dir . '/userconfig/' . $user . '.config', serialize($user_config));
|
|
|
|
$_SESSION['theme'] = $user_config['theme'];
|
|
|
|
$mysubs = explode("\n", $_POST['subscribed']);
|
|
|
|
foreach ($mysubs as $sub) {
|
2024-03-03 21:55:26 +01:00
|
|
|
$sub = trim($sub);
|
|
|
|
if ($sub == '') {
|
2023-08-20 00:33:05 +02:00
|
|
|
continue;
|
|
|
|
}
|
|
|
|
if (! isset($userdata[$sub])) {
|
2022-01-12 00:19:54 +01:00
|
|
|
$userdata[$sub] = 0;
|
2023-08-20 00:33:05 +02:00
|
|
|
}
|
|
|
|
$newsubs[$sub] = $userdata[$sub];
|
2023-07-13 18:17:38 +02:00
|
|
|
}
|
2023-08-20 00:33:05 +02:00
|
|
|
file_put_contents($spooldir . '/' . $user . '-articleviews.dat', serialize($newsubs));
|
2024-04-05 14:41:44 +02:00
|
|
|
|
|
|
|
// Block posters
|
|
|
|
$blockfile = $spooldir . '/' . strtolower($_COOKIE['mail_name']) . '-blocked_posters.dat';
|
|
|
|
if (file_exists($blockfile)) {
|
|
|
|
$blocked_saved_config = unserialize(file_get_contents($blockfile));
|
|
|
|
} else {
|
|
|
|
$blocked_saved_config = null;
|
|
|
|
}
|
|
|
|
$block = preg_split("/\r\n|\n|\r/", $_POST['blocked_users_config']);
|
|
|
|
foreach ($block as $blocked_user) {
|
2024-10-08 17:33:27 +02:00
|
|
|
foreach ($blocked_saved_config as $key => $value) {
|
|
|
|
if ($key == $blocked_user) {
|
2024-04-05 14:41:44 +02:00
|
|
|
$newblocks[$key] = $value;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
file_put_contents($blockfile, serialize($newblocks));
|
|
|
|
// End Block posters
|
|
|
|
|
2023-08-20 00:33:05 +02:00
|
|
|
$userdata = unserialize(file_get_contents($userfile));
|
|
|
|
if ($userdata) {
|
|
|
|
ksort($userdata);
|
2021-10-26 07:06:37 +02:00
|
|
|
}
|
2024-10-08 17:33:27 +02:00
|
|
|
|
2024-03-10 17:50:20 +01:00
|
|
|
// Save new password
|
|
|
|
if ((trim($_POST['password']) != '') && ($_POST['password'] == $_POST['password2'])) {
|
|
|
|
$userFilename = $config_dir . '/users/' . strtolower($user);
|
|
|
|
file_put_contents($userFilename, password_hash($_POST['password'], PASSWORD_DEFAULT));
|
|
|
|
}
|
|
|
|
|
|
|
|
echo '<center>Configuration Saved for ' . $_POST['username'] . '</center>';
|
2023-08-20 00:33:05 +02:00
|
|
|
} else {
|
|
|
|
$user_config = unserialize(file_get_contents($config_dir . '/userconfig/' . $user . '.config'));
|
|
|
|
}
|
2021-11-09 22:05:46 +01:00
|
|
|
// Get themes
|
2023-08-20 00:33:05 +02:00
|
|
|
$themedir = $rootdir . '/common/themes';
|
|
|
|
if (is_dir($themedir)) {
|
|
|
|
if ($theme_list = opendir($themedir)) {
|
|
|
|
while (($theme_dir = readdir($theme_list)) !== false) {
|
2023-12-25 16:29:48 +01:00
|
|
|
if ($theme_dir == '.' || $theme_dir == '..' || ! is_dir($themedir . '/' . $theme_dir)) {
|
2023-08-20 00:33:05 +02:00
|
|
|
continue;
|
|
|
|
}
|
|
|
|
$themes[] = $theme_dir;
|
2021-11-09 22:05:46 +01:00
|
|
|
}
|
2023-08-20 00:33:05 +02:00
|
|
|
closedir($theme_list);
|
2021-11-09 22:05:46 +01:00
|
|
|
}
|
2023-08-20 00:33:05 +02:00
|
|
|
}
|
2024-02-19 19:39:22 +01:00
|
|
|
|
|
|
|
// Get settings for name and email
|
2024-02-20 00:33:44 +01:00
|
|
|
if ($OVERRIDES['disable_change_name'] != true) {
|
|
|
|
if (isset($user_config['display_name'])) {
|
|
|
|
$display_name = $user_config['display_name'];
|
|
|
|
} else {
|
|
|
|
$display_name = $_POST['username'];
|
|
|
|
}
|
|
|
|
if (isset($user_config['display_email'])) {
|
|
|
|
$display_email = $user_config['display_email'];
|
|
|
|
} else {
|
|
|
|
if (($display_email = get_user_config($_POST['username'], 'email')) == false) {
|
|
|
|
$display_email = $_POST['username'] . '@' . $CONFIG['email_tail'];
|
|
|
|
}
|
2024-02-19 19:39:22 +01:00
|
|
|
}
|
|
|
|
}
|
2023-08-20 00:33:05 +02:00
|
|
|
sort($themes);
|
2024-04-05 14:41:44 +02:00
|
|
|
if (isset($_REQUEST['command']) && $_REQUEST['command'] == 'Configuration') {
|
2024-03-10 17:50:20 +01:00
|
|
|
// Use modifications from retry configuration
|
|
|
|
if ($_POST['retry'] == "retry") {
|
|
|
|
$display_name = $_POST['display_name'];
|
|
|
|
$display_email = $_POST['display_email'];
|
|
|
|
$user_config['signature'] = $_POST['signature'];
|
2024-04-30 16:34:53 +02:00
|
|
|
$user_config['xface'] = preg_replace("/[\n\r]/", "", urldecode($_POST['xface']));
|
2024-03-10 17:50:20 +01:00
|
|
|
$user_config['hide_unsub'] = $_POST['hide_unsub'];
|
|
|
|
$user_config['subscribed'] = $_POST['subscribed'];
|
|
|
|
$user_config['theme'] = $_POST['theme'];
|
2024-04-05 14:41:44 +02:00
|
|
|
$user_config['blocked_users_config'] = $_POST['blocked_users_config'];
|
2024-10-08 17:33:27 +02:00
|
|
|
$user_config['send_mail_to_email'] = $_POST['send_mail_to_email'];
|
2024-03-10 17:50:20 +01:00
|
|
|
}
|
2023-08-20 00:33:05 +02:00
|
|
|
// Show Config
|
2024-02-19 19:39:22 +01:00
|
|
|
echo '<hr><h1 class="np_thread_headline"></h1>';
|
2021-10-26 07:06:37 +02:00
|
|
|
echo '<table cellspacing="0" width="100%" class="np_results_table">';
|
2024-02-19 19:39:22 +01:00
|
|
|
echo '<tr class="np_thread_head"><td class="np_thread_head"><h2>Settings for ' . $_POST['username'] . ':</h2></td></tr>';
|
2021-10-26 07:06:37 +02:00
|
|
|
echo '<form method="post" action="user.php">';
|
|
|
|
echo '<tr class="np_result_line1">';
|
2024-02-20 00:33:44 +01:00
|
|
|
if ($OVERRIDES['disable_change_name'] != true) {
|
|
|
|
// User Display Name
|
|
|
|
echo '<td class="np_result_line1" style="word-wrap:break-word";><h3>Display Name for posts: </h3>';
|
|
|
|
echo '<input name="display_name" type="text" id="username"value="' . $display_name . '" maxlength="40"></td>';
|
|
|
|
echo '</tr>';
|
|
|
|
// User Display Email
|
|
|
|
echo '<td class="np_result_line1" style="word-wrap:break-word";><h3>Display Email for posts: </h3>';
|
|
|
|
echo '<input name="display_email" type="text" id="username"value="' . $display_email . '" maxlength="40"></td>';
|
|
|
|
echo '</tr>';
|
2024-10-08 17:33:27 +02:00
|
|
|
// Send Mail by Email
|
|
|
|
if ($OVERRIDES['disable_mail_to_email'] !== true) {
|
|
|
|
echo '<td class="np_result_line1" style="word-wrap:break-word";><h3>Send Mail to my Internet Email: </h3>';
|
|
|
|
|
|
|
|
if (! isset($user_config['send_mail_to_email'])) {
|
|
|
|
$user_config['send_mail_to_email'] = 'false';
|
|
|
|
}
|
|
|
|
if ($user_config['send_mail_to_email'] == 'true') {
|
|
|
|
echo '<input type="radio" name="send_mail_to_email" id="send_mail_to_email" value="true" checked="checked">';
|
|
|
|
} else {
|
|
|
|
echo '<input type="radio" name="send_mail_to_email" id="send_mail_to_email" value="true">';
|
|
|
|
}
|
|
|
|
echo '<label for="send_mail_to_email"> Yes, Forward Mail to my Email</label><br />';
|
|
|
|
|
|
|
|
if ($user_config['send_mail_to_email'] == 'false') {
|
|
|
|
echo '<input type="radio" name="send_mail_to_email" id="send_mail_to_email" value="false" checked="checked">';
|
|
|
|
} else {
|
|
|
|
echo '<input type="radio" name="send_mail_to_email" id="send_mail_to_email" value="false">';
|
|
|
|
}
|
|
|
|
echo '<label for="send_mail_to_email"> No, Do Not Forward Mail to my Email</label><br />';
|
|
|
|
|
|
|
|
echo '</tr>';
|
|
|
|
}
|
|
|
|
echo '</td></tr>';
|
2024-02-20 00:33:44 +01:00
|
|
|
}
|
2023-08-20 00:33:05 +02:00
|
|
|
// Signature
|
2024-02-19 19:39:22 +01:00
|
|
|
echo '<td class="np_result_line1" style="word-wrap:break-word";><h3>Signature:</h3></td>';
|
2023-08-20 00:33:05 +02:00
|
|
|
echo '</tr><tr><td class="np_result_line1" style="word-wrap:break-word";><textarea class="configuration" id="signature" name="signature" rows="6" cols="70">' . $user_config['signature'];
|
|
|
|
echo '</textarea></td>';
|
|
|
|
echo '</tr>';
|
|
|
|
// X-Face
|
2024-04-02 21:28:26 +02:00
|
|
|
if ($OVERRIDES['disable_xface'] != true) {
|
|
|
|
echo '<td class="np_result_line1" style="word-wrap:break-word";><h3>X-Face:</h3></td>';
|
2024-05-11 17:11:02 +02:00
|
|
|
$xflink = $config_dir . 'xface.txt';
|
2024-10-08 17:33:27 +02:00
|
|
|
if (file_exists($xflink)) {
|
2024-05-11 17:11:02 +02:00
|
|
|
echo '</tr><td class="np_result_line1" style="word-wrap:break-word";>' . file_get_contents($xflink) . '</td><tr>';
|
|
|
|
}
|
2024-04-02 21:28:26 +02:00
|
|
|
echo '</tr><tr><td class="np_result_line1" style="word-wrap:break-word";><textarea class="configuration" id="xface" name="xface" rows="4" cols="80">' . $user_config['xface'];
|
|
|
|
echo '</textarea></td>';
|
|
|
|
}
|
2023-08-20 00:33:05 +02:00
|
|
|
echo '</tr>';
|
|
|
|
// Theme
|
2024-03-10 17:50:20 +01:00
|
|
|
if (isset($user_config['theme']) && trim($user_config['theme']) != '') {
|
2024-02-19 19:39:22 +01:00
|
|
|
echo '<td class="np_result_line1" style="word-wrap:break-word";><h3>Theme: (' . $user_config['theme'] . ')</h3></td>';
|
|
|
|
} else {
|
|
|
|
echo '<td class="np_result_line1" style="word-wrap:break-word";><h3>Theme:</h3></td>';
|
|
|
|
}
|
2023-08-20 00:33:05 +02:00
|
|
|
echo '</tr><tr><td class="np_result_line1" style="word-wrap:break-word">';
|
2024-03-10 17:50:20 +01:00
|
|
|
echo '<select name="theme" class="theme_listbox" size="10">';
|
2023-08-20 00:33:05 +02:00
|
|
|
foreach ($themes as $theme) {
|
|
|
|
if ($theme == $user_config['theme']) {
|
|
|
|
echo '<option value="' . $theme . '" selected="selected">' . $theme . '</option>';
|
|
|
|
} else {
|
|
|
|
echo '<option value="' . $theme . '">' . $theme . '</option>';
|
2022-01-12 00:19:54 +01:00
|
|
|
}
|
2023-08-20 00:33:05 +02:00
|
|
|
}
|
|
|
|
echo '</select>';
|
|
|
|
echo '</td>';
|
|
|
|
echo '</tr>';
|
|
|
|
// Subscriptions
|
2024-03-10 17:50:20 +01:00
|
|
|
if (! isset($user_config['hide_unsub'])) {
|
2024-03-04 17:47:34 +01:00
|
|
|
$user_config['hide_unsub'] = 'show';
|
|
|
|
}
|
2024-03-10 13:33:33 +01:00
|
|
|
echo '<td class="np_result_line1" style="word-wrap:break-word";><h3>Subscriptions:</h3></td>';
|
2024-03-04 17:47:34 +01:00
|
|
|
echo '<tr><td class="np_result_line1" style="word-wrap:break-word";>';
|
2024-03-10 13:33:33 +01:00
|
|
|
echo ' While viewing section pages:<br />';
|
2024-03-10 17:50:20 +01:00
|
|
|
|
|
|
|
if ($user_config['hide_unsub'] == 'hide') {
|
2024-03-04 17:47:34 +01:00
|
|
|
echo '<input type="radio" name="hide_unsub" id="hide" value="hide" checked="checked">';
|
|
|
|
} else {
|
|
|
|
echo '<input type="radio" name="hide_unsub" id="hide" value="hide">';
|
|
|
|
}
|
|
|
|
echo '<label for="hide_unsub"> Hide Unsubscribed Groups</label><br />';
|
2024-03-10 17:50:20 +01:00
|
|
|
|
|
|
|
if ($user_config['hide_unsub'] == 'show') {
|
2024-03-04 17:47:34 +01:00
|
|
|
echo '<input type="radio" name="hide_unsub" id="show" value="show" checked="checked">';
|
|
|
|
} else {
|
|
|
|
echo '<input type="radio" name="hide_unsub" id="show" value="show">';
|
|
|
|
}
|
|
|
|
echo '<label for="hide_unsub"> Show All Groups</label>';
|
|
|
|
echo '</td></tr>';
|
|
|
|
|
2024-03-10 13:33:33 +01:00
|
|
|
echo '<td class="np_result_line1" style="word-wrap:break-word";><h3>Subscribed groups:</h3></td>';
|
2023-08-20 00:33:05 +02:00
|
|
|
echo '</tr><tr><td class="np_result_line1" style="word-wrap:break-word";><textarea class="configuration" id="subscribed" name="subscribed" rows="10" cols="40">';
|
2024-03-10 17:50:20 +01:00
|
|
|
|
|
|
|
if (isset($user_config['subscribed'])) {
|
|
|
|
$userdata = $user_config['subscribed'];
|
|
|
|
print_r($user_config['subscribed']);
|
|
|
|
} else {
|
|
|
|
foreach ($userdata as $key => $value) {
|
|
|
|
if ($key == "DO.NOT.DELETE") {
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
echo $key . "\n";
|
2024-03-03 21:55:26 +01:00
|
|
|
}
|
2023-08-20 00:33:05 +02:00
|
|
|
}
|
|
|
|
echo '</textarea></td>';
|
|
|
|
echo '</tr>';
|
2024-04-05 14:41:44 +02:00
|
|
|
echo '</td></tr>';
|
|
|
|
|
|
|
|
// Blocklist
|
|
|
|
if ($userdata = get_user_mail_auth_data($_COOKIE['mail_name'])) {
|
|
|
|
$blockfile = $spooldir . '/' . strtolower($_COOKIE['mail_name']) . '-blocked_posters.dat';
|
|
|
|
if (file_exists($blockfile)) {
|
|
|
|
$blocked_users_config = unserialize(file_get_contents($blockfile));
|
|
|
|
} else {
|
|
|
|
$blocked_users_config = null;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
echo '<td class="np_result_line1" style="word-wrap:break-word";><h3>Blocklist:</h3> (you may only remove from this list)</td>';
|
|
|
|
echo '</tr><tr><td class="np_result_line1" style="word-wrap:break-word";><textarea class="configuration" id="blocked_users_config" name="blocked_users_config" rows="10" cols="40">';
|
|
|
|
if (isset($blocked_users_config)) {
|
|
|
|
$blockdata = $user_config['blocked_users_config'];
|
|
|
|
foreach ($blocked_users_config as $key => $value) {
|
|
|
|
echo $key . "\n";
|
2024-10-08 17:33:27 +02:00
|
|
|
// echo $value . "\n";
|
2024-04-05 14:41:44 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
echo '</textarea></td>';
|
|
|
|
echo '</tr>';
|
2024-03-10 17:50:20 +01:00
|
|
|
|
|
|
|
// User Display Name
|
|
|
|
echo '<tr>';
|
|
|
|
echo '<td class="np_result_line1" style="word-wrap:break-word";><h3>New password: </h3>';
|
|
|
|
echo '<input name="password" type="password" id="password" maxlength="40"></td>';
|
|
|
|
echo '</tr>';
|
|
|
|
// User Display Email
|
|
|
|
echo '<tr>';
|
|
|
|
echo '<td class="np_result_line1" style="word-wrap:break-word";><h3>Re-enter new password: </h3>';
|
|
|
|
echo '<input name="password2" type="password" id="password2" maxlength="40"></td>';
|
|
|
|
echo '</tr>';
|
|
|
|
|
2023-08-20 00:33:05 +02:00
|
|
|
/*
|
|
|
|
* // Timezone
|
|
|
|
* echo '<td class="np_result_line1" style="word-wrap:break-word";>Timezone offset (+/- hours from UTC):</td>';
|
|
|
|
* echo '</tr><tr><td class="np_result_line1" style="word-wrap:break-word";><input type="text" name="timezone" value="'.$user_config[timezone].'"></td>';
|
|
|
|
* echo '</tr>';
|
|
|
|
*/
|
2024-03-10 17:50:20 +01:00
|
|
|
// Password confirmation
|
|
|
|
echo '<tr>';
|
|
|
|
echo '<td class="np_result_line2" style="word-wrap:break-word";><h3>Current password: </h3><h4>(required)</h4>';
|
|
|
|
echo '<input name="confirm_password" type="password" id="confirm_password" maxlength="40"></td>';
|
|
|
|
echo '</tr>';
|
|
|
|
|
2023-08-20 00:33:05 +02:00
|
|
|
echo '<td class="np_result_line2" style="word-wrap:break-word";>';
|
|
|
|
echo '<button class="np_button_link" type="submit">Save Configuration</button>';
|
|
|
|
echo '<a href="' . $_SERVER['PHP_SELF'] . '">Cancel</a>';
|
|
|
|
echo '</td></tr>';
|
|
|
|
echo '<input name="command" type="hidden" id="command" value="SaveConfig" readonly="readonly">';
|
2021-10-26 07:06:37 +02:00
|
|
|
echo '</form>';
|
|
|
|
echo '</tbody></table><br />';
|
2023-08-20 00:33:05 +02:00
|
|
|
} else {
|
2023-07-13 18:17:38 +02:00
|
|
|
echo '<br />';
|
2023-08-20 00:33:05 +02:00
|
|
|
}
|
|
|
|
include "tail.inc";
|
2024-03-10 17:50:20 +01:00
|
|
|
|
|
|
|
function retry_configuration($message)
|
|
|
|
{
|
|
|
|
echo '<center>';
|
|
|
|
echo $message;
|
|
|
|
echo '<form target="' . $frame['content'] . '" method="post" action="user.php">';
|
|
|
|
echo '<input name="command" type="hidden" id="command" value="Configuration" readonly="readonly">';
|
|
|
|
echo "<input type='hidden' name='retry' value='retry' />";
|
|
|
|
echo "<input type='hidden' name='username' value='" . $_POST['username'] . "' />";
|
|
|
|
echo "<input type='hidden' name='display_name' value='" . $_POST['display_name'] . "' />";
|
|
|
|
echo "<input type='hidden' name='display_email' value='" . $_POST['display_email'] . "' />";
|
|
|
|
echo "<input type='hidden' name='signature' value='" . $_POST['signature'] . "' />";
|
|
|
|
echo "<input type='hidden' name='xface' value='" . urlencode($_POST['xface']) . "' />";
|
|
|
|
echo "<input type='hidden' name='hide_unsub' value='" . $_POST['hide_unsub'] . "' />";
|
|
|
|
echo "<input type='hidden' name='subscribed' value='" . $_POST['subscribed'] . "' />";
|
|
|
|
echo "<input type='hidden' name='theme' value='" . $_POST['theme'] . "' />";
|
2024-04-05 14:41:44 +02:00
|
|
|
echo "<input type='hidden' name='blocked_users_config' value'" . $_POST['blocked_users_config'] . "' />";
|
2024-10-08 17:33:27 +02:00
|
|
|
echo "<input type='hidden' name='send_mail_to_email' value'" . $_POST['send_mail_to_email'] . "' />";
|
2024-03-10 17:50:20 +01:00
|
|
|
echo '<button class="np_button_link" type="submit">Return to Configuration</button>';
|
|
|
|
echo '</center>';
|
|
|
|
exit();
|
|
|
|
}
|