2020-11-29 01:55:31 +01:00
< ? php
2023-08-20 00:33:05 +02:00
/*
* rslight NNTP <-> HTTP Gateway
* Download : https :// news . novabbs . com / getrslight
2020-11-29 01:55:31 +01:00
*
2023-08-20 00:33:05 +02:00
* Based on Newsportal by Florian Amrhein
2020-11-29 01:55:31 +01:00
*
2023-08-20 00:33:05 +02:00
* E - Mail : retroguy @ novabbs . com
* Web : https :// news . novabbs . com
2020-11-29 01:55:31 +01:00
*
2023-08-20 00:33:05 +02:00
* This program is free software ; you can redistribute it and / or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation ; either version 2 of the License , or
* ( at your option ) any later version .
2020-11-29 01:55:31 +01:00
*
2023-08-20 00:33:05 +02:00
* This program is distributed in the hope that it will be useful ,
* but WITHOUT ANY WARRANTY ; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
* GNU General Public License for more details .
2020-11-29 01:55:31 +01:00
*
2023-08-20 00:33:05 +02:00
* You should have received a copy of the GNU General Public License
* along with this program ; if not , write to the Free Software
* Foundation , Inc . , 59 Temple Place , Suite 330 , Boston , MA 02111 - 1307 USA
2020-11-29 01:55:31 +01:00
*/
session_start ();
include " config.inc.php " ;
2023-08-20 00:33:05 +02:00
$CONFIG = include ( $config_file );
@ $fieldnamedecrypt = $_REQUEST [ 'fielddecrypt' ];
// @$newsgroups=$_REQUEST["newsgroups"];
// @$group=$_REQUEST["group"];
@ $type = $_REQUEST [ " type " ];
@ $subject = stripslashes ( $_POST [ md5 ( $fieldnamedecrypt . " subject " )]);
@ $name = $_POST [ md5 ( $fieldnamedecrypt . " name " )];
@ $email = $_POST [ md5 ( $fieldnamedecrypt . " email " )];
@ $body = stripslashes ( $_POST [ md5 ( $fieldnamedecrypt . " body " )]);
@ $abspeichern = $_REQUEST [ " abspeichern " ];
@ $references = $_REQUEST [ " references " ];
@ $id = $_REQUEST [ " id " ];
if ( ! isset ( $group ))
$group = $newsgroups ;
2020-11-29 01:55:31 +01:00
include " auth.inc " ;
2023-08-20 00:33:05 +02:00
if ( $post_captcha )
include " lib/captcha/captcha.php " ;
2020-11-29 01:55:31 +01:00
// Save name in cookies
2023-08-20 00:33:05 +02:00
if (( $setcookies == true ) && ( isset ( $abspeichern )) && ( $abspeichern == " ja " )) {
setcookie ( " cookie_name " , stripslashes ( $name ), time () + ( 3600 * 24 * 90 ), " / " );
}
if (( isset ( $post_server )) && ( $post_server != " " ))
$server = $post_server ;
if (( isset ( $post_port )) && ( $post_port != " " ))
$port = $post_port ;
2020-11-29 01:55:31 +01:00
include $file_newsportal ;
2021-04-02 08:47:24 +02:00
include " head.inc " ;
2023-09-04 15:06:43 +02:00
if ( disable_page_by_user_agent ( $client_device , " bot " , " Post " )) {
echo " <center>Page Disabled</center> " ;
include " tail.inc " ;
exit ();
}
2023-08-20 00:33:05 +02:00
global $synchro_user , $synchro_pass ;
2020-11-29 01:55:31 +01:00
// check to which groups the user is allowed to post to
2023-08-20 00:33:05 +02:00
$thisgroup = _rawurldecode ( $_REQUEST [ 'group' ]);
if ( $testgroup ) {
$newsgroups = testgroups ( $thisgroup );
2020-11-29 01:55:31 +01:00
} else {
2023-08-20 00:33:05 +02:00
$newsgroups = $thisgroup ;
2020-11-29 01:55:31 +01:00
}
2022-07-25 03:24:08 +02:00
$returngroup = preg_split ( " /( | \ ,)/ " , $newsgroups , 2 );
2023-08-20 00:33:05 +02:00
echo '<h1 class="np_thread_headline">' ;
echo '<a href="' . $file_index . '" target=' . $frame [ 'menu' ] . '>' . basename ( getcwd ()) . '</a> / ' ;
echo '<a href="' . $file_thread . '?group=' . rawurlencode ( $thisgroup ) . '" target=' . $frame [ " content " ] . '>' . htmlspecialchars ( group_display_name ( $thisgroup )) . '</a>' ;
if ( isset ( $type ) && $type == 'post' ) {
echo ' / ' . $subject . '</h1>' ;
} else {
2021-02-24 09:52:20 +01:00
echo '</h1>' ;
2023-08-20 00:33:05 +02:00
}
2023-04-22 20:29:58 +02:00
2020-11-29 01:55:31 +01:00
// has the user write-rights on the newsgroups?
2023-08-20 00:33:05 +02:00
if (( function_exists ( " npreg_group_has_read_access " ) && ! npreg_group_has_read_access ( $newsgroups )) || ( function_exists ( " npreg_group_has_write_access " ) && ! npreg_group_has_write_access ( $newsgroups ))) {
die ( " access denied " );
2020-11-29 01:55:31 +01:00
}
// Load name from cookies
if ( $setcookies ) {
2023-08-20 00:33:05 +02:00
if (( isset ( $_COOKIE [ " cookie_name " ])) && ( ! isset ( $name )))
$name = $_COOKIE [ " cookie_name " ];
// if ((isset($_COOKIE["cookie_email"])) && (!isset($email)))
// $email=$_COOKIE["cookie_email"];
2020-11-29 01:55:31 +01:00
}
// Load name and email from the registration system, if available
2023-08-20 00:33:05 +02:00
if ( function_exists ( " npreg_get_name " )) {
$name = npreg_get_name ();
2020-11-29 01:55:31 +01:00
}
2023-08-20 00:33:05 +02:00
if ( function_exists ( " npreg_get_email " )) {
$email = npreg_get_email ();
$form_noemail = true ;
2020-11-29 01:55:31 +01:00
}
2023-08-20 00:33:05 +02:00
if ( ! strcmp ( $name , $CONFIG [ 'anonusername' ]) && ( isset ( $CONFIG [ 'anonuser' ]))) {
$userpass = $CONFIG [ 'anonuserpass' ];
$email = $name . $CONFIG [ 'email_tail' ];
2020-11-29 01:55:31 +01:00
} else {
2023-08-20 00:33:05 +02:00
$userpass = $email ;
$request = " email " ;
$get_email = get_user_config ( $name , $request );
if ( $get_email === FALSE ) {
$email = $name . $CONFIG [ 'email_tail' ];
} else {
$email = trim ( $get_email );
}
2020-11-29 01:55:31 +01:00
}
if ( isset ( $CONFIG [ 'synchronet' ]) && ( $CONFIG [ 'synchronet' ] == true )) {
2023-08-20 00:33:05 +02:00
$synchro_user = $name ;
$synchro_pass = $userpass ;
}
2020-11-29 01:55:31 +01:00
2023-08-20 00:33:05 +02:00
if ( $name == " " )
$name = $_SERVER [ 'REMOTE_USER' ];
2020-11-29 01:55:31 +01:00
2023-08-20 00:33:05 +02:00
if (( ! isset ( $references )) || ( $references == " " )) {
$references = false ;
2020-11-29 01:55:31 +01:00
}
2023-08-20 00:33:05 +02:00
if ( ! isset ( $type )) {
$type = " new " ;
2020-11-29 01:55:31 +01:00
}
2023-08-20 00:33:05 +02:00
if ( $type == " new " ) {
$subject = " " ;
$bodyzeile = " " ;
$show = 1 ;
2020-11-29 01:55:31 +01:00
}
// Is there a new article to post to the newsserver?
2023-08-20 00:33:05 +02:00
if ( $type == " post " ) {
$show = 0 ;
if ( ! $CONFIG [ 'synchronet' ]) {
if ( check_bbs_auth ( trim ( $name ), $userpass ) == FALSE ) {
$type = " retry " ;
$error = $text_error [ " auth_error " ];
2020-12-04 07:12:04 +01:00
}
2023-04-14 03:52:30 +02:00
}
2023-08-20 00:33:05 +02:00
// error handling
if ( trim ( $body ) == " " ) {
$type = " retry " ;
$error = $text_post [ " missing_message " ];
}
if (( trim ( $email ) == " " ) && ( ! isset ( $anonym_address ))) {
$type = " retry " ;
$error = $text_post [ " missing_email " ];
}
if (( $email ) && ( ! validate_email ( trim ( $email )))) {
$type = " retry " ;
$error = $text_post [ " error_wrong_email " ];
}
if ( trim ( $name ) == " " ) {
$type = " retry " ;
$error = $text_post [ " missing_name " ];
}
if ( trim ( $subject ) == " " ) {
$type = " retry " ;
$error = $text_post [ " missing_subject " ];
}
// captcha-check
if (( $post_captcha ) && ( captcha :: check () == false )) {
$type = " retry " ;
$error = $text_post [ " captchafail " ];
}
if ( $type == " post " ) {
$name = trim ( $name );
if ( ! $CONFIG [ 'readonly' ]) {
// post article to the newsserver
if ( $references )
$references_array = explode ( " " , $references );
else
$references_array = false ;
if (( $email == " " ) && ( isset ( $anonym_address )))
$nemail = $anonym_address ;
else
$nemail = $email ;
$rate_limit = get_user_config ( $name , 'rate_limit' );
if (( $rate_limit !== FALSE ) && ( $rate_limit > 0 )) {
$CONFIG [ 'rate_limit' ] = $rate_limit ;
}
if ( $CONFIG [ 'rate_limit' ] == true ) {
$postsremaining = check_rate_limit ( $name );
if ( $postsremaining < 1 ) {
$wait = check_rate_limit ( $name , 0 , 1 );
echo 'You have reached the limit of ' . $CONFIG [ 'rate_limit' ] . ' posts per hour.<br />Please wait ' . round ( $wait ) . ' minutes before posting again.' ;
echo '<p><a href="' . $file_thread . '?group=' . urlencode ( $returngroup [ 0 ]) . '">' . $text_post [ " button_back " ] . '</a> ' . $text_post [ " button_back2 " ] . ' ' . group_display_name ( $returngroup [ 0 ]) . '</p>' ;
return ;
}
}
if ( isset ( $_FILES [ " photo " ]) && $_FILES [ " photo " ][ " error " ] == 0 ) {
$_FILES [ 'photo' ][ 'name' ] = preg_replace ( '/[^a-zA-Z0-9\.]/' , '_' , $_FILES [ 'photo' ][ 'name' ]);
// There is an attachment to handle
$message = message_post ( quoted_printable_encode ( $subject ), $nemail . " ( " . quoted_printable_encode ( $name ) . " ) " , $newsgroups , $references_array , addslashes ( $body ), $_POST [ 'encryptthis' ], $_POST [ 'encryptto' ], strtolower ( $name ), null , true );
} else {
$message = message_post ( quoted_printable_encode ( $subject ), $nemail . " ( " . quoted_printable_encode ( $name ) . " ) " , $newsgroups , $references_array , addslashes ( $body ), $_POST [ 'encryptthis' ], $_POST [ 'encryptto' ], strtolower ( $name ));
}
// Article sent without errors, or duplicate?
if (( substr ( $message , 0 , 3 ) == " 240 " ) || ( substr ( $message , 0 , 7 ) == " 441 435 " )) {
echo '<h1 class="np_post_headline"><' . $text_post [ " message_posted " ] . '></h1>' ;
echo '<p>' . $text_post [ " message_posted2 " ] . '</p>' ;
if ( isset ( $CONFIG [ 'auto_return' ]) && ( $CONFIG [ 'auto_return' ] == true )) {
echo '<meta http-equiv="refresh" content="0;url=' . $file_thread . '?group=' . urlencode ( $returngroup [ 0 ]) . '"' ;
}
if ( $CONFIG [ 'rate_limit' ] == true ) {
$postsremaining = check_rate_limit ( $name , 1 );
echo 'You have ' . $postsremaining . ' posts remaining of ' . $CONFIG [ 'rate_limit' ] . ' posts per hour.<br />' ;
if ( $postsremaining < 1 ) {
$wait = check_rate_limit ( $name , 0 , 1 );
echo 'Please wait ' . round ( $wait ) . ' minutes before posting again.<br />' ;
}
}
// echo '<p><a href="'.$file_thread.'?group='.urlencode($returngroup[0]).'">'.$text_post["button_back"].'</a> '.$text_post["button_back2"].' '.group_display_name($returngroup[0]).'</p>';
if ( isset ( $_REQUEST [ 'returngroup' ]) && $_REQUEST [ 'returngroup' ] !== '' ) {
echo '<p><a href="' . $file_thread . '?group=' . $_REQUEST [ 'returngroup' ] . '">Your post will appear in ' . group_display_name ( $_REQUEST [ 'returngroup' ]) . '</a></p>' ;
}
if ( isset ( $_SESSION [ 'return_page' ])) {
echo '<p><a href="' . $_SESSION [ 'return_page' ] . '">Back to Previous Page</a></p>' ;
} else {
echo '<p><a href="' . $file_thread . '?group=' . $_REQUEST [ 'returngroup' ] . '">Back</a></p>' ;
}
} else {
// article not accepted by the newsserver
$type = " retry " ;
$error = $text_post [ " error_newsserver " ] . " <br><pre> $message </pre> " ;
}
} else {
echo $text_post [ " error_readonly " ];
}
2020-11-29 01:55:31 +01:00
}
}
// A reply of an other article.
2023-08-20 00:33:05 +02:00
if ( $type == " reply " ) {
$message = message_read ( $id , 0 , $newsgroups );
$head = $message -> header ;
$body = explode ( " \n " , $message -> body [ 0 ]);
nntp_close ( $ns );
if ( $head -> name != " " ) {
$bodyzeile = $head -> name ;
2020-11-29 01:55:31 +01:00
} else {
2023-08-20 00:33:05 +02:00
$bodyzeile = $head -> from ;
2020-11-29 01:55:31 +01:00
}
2023-08-20 00:33:05 +02:00
// For Synchronet use
$fromname = $bodyzeile ;
$bodyzeile = $text_post [ " wrote_prefix " ] . $bodyzeile . $text_post [ " wrote_suffix " ] . " \n \n " ;
for ( $i = 0 ; $i <= count ( $body ) - 1 ; $i ++ ) {
if (( isset ( $cutsignature )) && ( $cutsignature == true ) && ( $body [ $i ] == '-- ' ))
break ;
if ( trim ( $body [ $i ]) != " " ) {
if ( $body [ $i ][ 0 ] == '>' )
$bodyzeile .= " > " . $body [ $i ] . " \n " ;
else
$bodyzeile .= " > " . $body [ $i ] . " \n " ;
} else {
$bodyzeile .= " \n " ;
}
}
$subject = $head -> subject ;
if ( isset ( $head -> followup ) && ( $head -> followup != " " )) {
$newsgroups = $head -> followup ;
2020-11-29 01:55:31 +01:00
} else {
2023-08-20 00:33:05 +02:00
if ( $testgroup ) {
$newsgroups = testgroups ( $head -> newsgroups );
} else {
$newsgroups = $head -> newsgroups ;
}
2020-11-29 01:55:31 +01:00
}
2023-08-20 00:33:05 +02:00
splitSubject ( $subject );
$subject = " Re: " . $subject ;
// Cut off old parts of a subject
// for example: 'foo (was: bar)' becomes 'foo'.
$subject = preg_replace ( '/(\(wa[sr]: .*\))$/i' , '' , $subject );
$show = 1 ;
$references = false ;
if ( isset ( $head -> references [ 0 ])) {
for ( $i = 0 ; $i <= count ( $head -> references ) - 1 ; $i ++ ) {
$references .= $head -> references [ $i ] . " " ;
}
2020-11-29 01:55:31 +01:00
}
2023-08-20 00:33:05 +02:00
$references .= $head -> id ;
2020-11-29 01:55:31 +01:00
}
2023-08-20 00:33:05 +02:00
if ( $type == " retry " ) {
$show = 1 ;
$bodyzeile = $body ;
2020-11-29 01:55:31 +01:00
}
2023-08-20 00:33:05 +02:00
if ( $show == 1 ) {
2020-11-29 01:55:31 +01:00
2023-08-20 00:33:05 +02:00
if ( $newsgroups == " " ) {
echo $text_post [ " followup_not_allowed " ];
echo " " . $newsgroups ;
} else {
// show post form
$fieldencrypt = md5 ( rand ( 1 , 10000000 ));
echo '<h1 class="np_post_headline">' . $text_post [ " group_head " ] . group_display_name ( $newsgroups ) . $text_post [ " group_tail " ] . '</h1>' ;
if ( isset ( $error ))
echo " <p> $error </p> " ;
?>
< form action = " <?php echo $file_post ?> " method = " post " name = " postform "
enctype = " multipart/form-data " >
< div class = " np_post_header " >
< table >
< tr >
< td align = " right " >< b >< ? php echo $text_header [ " subject " ] ?> </b></td>
< td >< input class = " post " type = " text "
name = " <?php echo md5( $fieldencrypt . " subject " )?> "
value = " <?php
echo htmlspecialchars ( $subject );
?> " size="40"
maxlength = " 80 " ></ td >
</ tr >
< tr >
< td align = " right " >< b >< ? php echo $text_post [ " name " ] ?> </b></td>
< td align = " left " >
2020-11-29 01:55:31 +01:00
< ? php
2023-08-20 00:33:05 +02:00
if ( ! isset ( $name ) && $CONFIG [ 'anonuser' ])
$name = $CONFIG [ 'anonusername' ];
if ( $form_noname === true ) {
echo htmlspecialchars ( $name );
} else {
echo '<input class="post" type="text" name="' . md5 ( $fieldencrypt . " name " ) . '"' ;
if ( isset ( $name ))
echo 'value="' . htmlspecialchars ( stripslashes ( $name )) . '"' ;
echo 'size="40" maxlength="40">' ;
if ( $CONFIG [ 'anonuser' ])
echo ' or "' . $CONFIG [ 'anonusername' ] . '" with no password' ;
}
?>
</ td >
</ tr >
< tr >
< td align = " right " >< b >< ? php echo $text_post [ " password " ] ?> </b></td>
< td align = " left " >
2020-11-29 01:55:31 +01:00
< ? php
2023-08-20 00:33:05 +02:00
echo '<input class="post" type="password" name="' . md5 ( $fieldencrypt . " email " ) . '"' ;
// if (isset($email)) echo 'value="'.htmlspecialchars(stripslashes($email)).'"';
echo 'size="40" maxlength="40">' ;
?>
</ td
</ tr >
2020-11-29 01:55:31 +01:00
< ? php
2023-08-20 00:33:05 +02:00
// May we post encrypted messages to this group?
if ( check_encryption_groups ( $newsgroups )) {
?>
< tr >
< td align = " left " >< input type = " checkbox " name = " encryptthis "
value = " encrypt " > < b > Encrypt to :</ b ></ td >
< td >< input type = " text " name = " encryptto "
value = " <?php echo $fromname ;?> " ></ td >
</ tr >
< ? php
}
?>
2020-11-29 01:55:31 +01:00
</ table >
2023-08-20 00:33:05 +02:00
</ div >
< div class = " np_post_body " >
< table >
< tr >
< td >< b >< ? php echo $text_post [ " message " ]; ?> </b><br> <textarea
class = " postbody " id = " postbody "
name = " <?php echo md5( $fieldencrypt . " body " )?> " wrap = " soft " >< ? php
if (( isset ( $bodyzeile )) && ( $post_autoquote ))
echo htmlspecialchars ( $bodyzeile );
if ( is_string ( $body ))
echo htmlspecialchars ( $body );
?>
</ textarea ></ td >
</ tr >
< tr >
< td >
2020-11-29 01:55:31 +01:00
< ? php if ( ! $post_autoquote ) { ?>
2023-08-20 00:33:05 +02:00
< input type = " hidden " id = " hidebody "
value = " <?php
if ( isset ( $bodyzeile ))
echo htmlspecialchars ( stripslashes ( $bodyzeile ));
?> ">
2020-11-29 01:55:31 +01:00
2023-08-20 00:33:05 +02:00
< script language = " JavaScript " >
2020-11-29 01:55:31 +01:00
<!--
function quoten () {
document . getElementById ( " postbody " ) . value = document . getElementById ( " hidebody " ) . value ;
document . getElementById ( " hidebody " ) . value = " " ;
}
//-->
</ script >
< ? php } ?>
2023-08-20 00:33:05 +02:00
< input type = " submit " value = " <?php echo $text_post["button_post"] ;?> " >
2020-11-29 01:55:31 +01:00
< ? php if ( $setcookies == true ) { ?>
2023-08-20 00:33:05 +02:00
& nbsp ; < input tabindex = " 100 " type = " Button " name = " quote "
value = " <?php echo $text_post["quote"] ?> "
onclick = " quoten(); this.style.visibility= 'hidden'; " > & nbsp ; < input
type = " checkbox " name = " abspeichern " value = " ja " checked >
2020-11-29 01:55:31 +01:00
< ? php echo $text_post [ " remember " ]; ?>
< ? php } ?>
2023-08-20 00:33:05 +02:00
& nbsp ; < input type = " file " name = " photo " id = " fileSelect " value = " fileSelect "
accept = " image/*,audio/*,text/*,application/pdf " >
</ td >
</ tr >
< ? php
if ( $post_captcha ) {
echo '<tr><td>' ;
echo captcha :: form ( $text_post [ " captchainfo1 " ], $text_post [ " captchainfo2 " ]);
echo '</td></tr>' ;
}
?>
2021-12-02 05:02:31 +01:00
2020-11-29 01:55:31 +01:00
</ table >
2023-08-20 00:33:05 +02:00
</ div >
< input type = " hidden " name = " type " value = " post " > < input type = " hidden "
name = " newsgroups " value = " <?php echo htmlspecialchars( $newsgroups ); ?> " >
< input type = " hidden " name = " references "
value = " <?php echo htmlentities( $references ); ?> " > < input type = " hidden "
name = " group " value = " <?php echo htmlspecialchars( $newsgroups ); ?> " > < input
type = " hidden " name = " returngroup "
value = " <?php echo htmlspecialchars( $head->followup ); ?> " > < input
type = " hidden " name = " fielddecrypt "
value = " <?php echo htmlspecialchars( $fieldencrypt );?> " >
2020-11-29 01:55:31 +01:00
</ form >
< ? php } } ?>