diff --git a/Rocksolid_Light/common/head.inc b/Rocksolid_Light/common/head.inc index 6010a8a..551b5e0 100644 --- a/Rocksolid_Light/common/head.inc +++ b/Rocksolid_Light/common/head.inc @@ -1,11 +1,11 @@ - - -<?php echo htmlspecialchars($title); ?> - - -'; +echo ''; +echo ''.htmlspecialchars($title).''; +echo ''; +echo ''; + if(file_exists($config_dir.'/googleanalytics.conf')) { include $config_dir.'/googleanalytics.conf'; } diff --git a/Rocksolid_Light/common/header.php b/Rocksolid_Light/common/header.php index c1753fc..61ec09a 100644 --- a/Rocksolid_Light/common/header.php +++ b/Rocksolid_Light/common/header.php @@ -32,7 +32,7 @@ if(!isset($_SESSION['theme']) && file_exists($config_dir.'/userconfig/'.$user.'. } if(trim($_SESSION['theme']) !== '') { - echo ''; + echo ''; } else { echo ''; } diff --git a/Rocksolid_Light/common/nodelist.php b/Rocksolid_Light/common/nodelist.php index 2adaa26..b58099c 100644 --- a/Rocksolid_Light/common/nodelist.php +++ b/Rocksolid_Light/common/nodelist.php @@ -12,13 +12,12 @@ echo '
'; echo 'novaBBS:
www.novabbs.com
'; echo '
'; -echo "Newsreader Access (most text newsgroups available, use 'list'):
"; +echo 'Newsreader Access:
'; echo 'v77lu6t26velvaddm4gibyzd5sogskuczp7vwoc4vxmukvvaucva.b32.i2p
'; echo 'zkcvkb5xprurx5dvpanhyivneuzah6k6xayxgxd4h2ekklxgoi2x5aad.onion:119
'; echo 'news.novabbs.org:119 or 563
'; echo '
'; echo 'Create NNTP Account: Use one of the Rocksolid Light links above to create account.
'; -echo 'Log into NNTP server with your username/password to post
'; echo 'NNTP Peering also available in i2p/tor/clearnet
'; echo '
'; echo 'Rocksolid is also available from any usenet news provider carrying the rocksolid.* hierarchy
'; diff --git a/Rocksolid_Light/common/register.php b/Rocksolid_Light/common/register.php index de97eab..38cc898 100644 --- a/Rocksolid_Light/common/register.php +++ b/Rocksolid_Light/common/register.php @@ -34,10 +34,10 @@ if (isset($_COOKIE["ts_limit"])) { echo 'Register Username '; echo ''; echo 'Username:'; - echo ''; + echo ''; echo ''; echo 'Email:'; - echo ''; + echo ''; echo ''; echo 'Password:'; echo ''; diff --git a/Rocksolid_Light/rocksolid/article-flat.php b/Rocksolid_Light/rocksolid/article-flat.php index ed517c4..24a1662 100644 --- a/Rocksolid_Light/rocksolid/article-flat.php +++ b/Rocksolid_Light/rocksolid/article-flat.php @@ -20,14 +20,20 @@ // register parameters $id=$_REQUEST["id"]; $group=_rawurldecode($_REQUEST["group"]); - + +// Switch to correct section in case group has been moved and link is to old section $findsection = get_section_by_group($group); if(trim($findsection) !== $config_name) { - $newurl = preg_replace("|/$config_name/|", "/$findsection/", $_SERVER['REQUEST_URI']); - header("Location: $newurl"); - die(); - } - + if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on') + $link = "https"; + else $link = "http"; + $link .= "://"; + $link .= $_SERVER['HTTP_HOST']; + $link .= $_SERVER['REQUEST_URI']; + $newurl = preg_replace("|/$config_name/|", "/$findsection/", $link); + header("Location:$newurl"); + die(); + } if(strpos($id, '@') !== false) { if($CONFIG['article_database'] == '1') { $database = $spooldir.'/articles-overview.db3'; diff --git a/Rocksolid_Light/rocksolid/config.inc.php b/Rocksolid_Light/rocksolid/config.inc.php index a0d3d1f..9d6a3d6 100644 --- a/Rocksolid_Light/rocksolid/config.inc.php +++ b/Rocksolid_Light/rocksolid/config.inc.php @@ -29,12 +29,10 @@ $CONFIG = include($config_file); $logdir=$spooldir.'/log'; $lockdir=$spooldir.'/lock'; -$ssldir=$config_dir.'/ssl'; if(!file_exists($config_dir.'/debug')) { ini_set('error_reporting', E_ERROR ); } - /* Permanent configuration changes */ @mkdir($logdir,0755,'recursive'); @mkdir($spooldir.'/upload',0755,'recursive'); diff --git a/Rocksolid_Light/rocksolid/head.inc b/Rocksolid_Light/rocksolid/head.inc index 49a47ef..b6652fc 100644 --- a/Rocksolid_Light/rocksolid/head.inc +++ b/Rocksolid_Light/rocksolid/head.inc @@ -1,9 +1,9 @@ '; echo ''.htmlspecialchars($title).''; echo ''; echo ''; -include "config.inc.php"; if(file_exists($config_dir.'/googleanalytics.conf')) { include $config_dir.'/googleanalytics.conf'; @@ -17,5 +17,4 @@ if(isset($frames_on) && $frames_on === false) { } } echo '
'; -echo ''; -?> +echo ''; \ No newline at end of file diff --git a/Rocksolid_Light/rocksolid/newsportal.php b/Rocksolid_Light/rocksolid/newsportal.php index 7f42e30..2241dce 100644 --- a/Rocksolid_Light/rocksolid/newsportal.php +++ b/Rocksolid_Light/rocksolid/newsportal.php @@ -88,6 +88,7 @@ function nntp_open($nserver=0,$nport=0) { function nntp2_open($nserver=0,$nport=0) { global $text_error,$CONFIG; // echo "
NNTP OPEN
"; + echo "NS: ".$nserver." PORT: ".$nport; $authorize=((isset($CONFIG['remote_auth_user'])) && (isset($CONFIG['remote_auth_pass'])) && ($CONFIG['remote_auth_user'] != "")); if ($nserver==0) $nserver=$CONFIG['remote_server']; @@ -350,18 +351,15 @@ function get_section_by_group($groupname) { continue; } $section = ""; - $glfp=fopen($config_dir.$menuitem[0]."/groups.txt", 'r'); - while($gl=fgets($glfp)) { + $gldata = file($config_dir.$menuitem[0]."/groups.txt"); + foreach($gldata as $gl) { $group_name = preg_split("/( |\t)/", $gl, 2); if(strtolower(trim($groupname)) == strtolower(trim($group_name[0]))) { - fclose($glfp); $section=$menuitem[0]; - fclose($glfp); return $section; } } } - fclose($glfp); return false; } @@ -475,13 +473,14 @@ function groups_read($server,$port,$load=0) { } else { $ns=nntp_open($server,$port); if ($ns == false) return false; - $gf=fopen($file_groups,"r"); +// $gf=fopen($file_groups,"r"); + $gfdata = file($file_groups); // if we want to mark groups with new articles with colors, wie will later // need the format of the overview $overviewformat=thread_overview_read($ns); - while (!feof($gf)) { + foreach($gfdata as $gf) { $gruppe=new newsgroupType; - $tmp=trim(line_read($gf)); + $tmp=trim($gf); $tmp=preg_replace('/\t/', ' ', $tmp); if(substr($tmp,0,1)==":") { $gruppe->text=substr($tmp,1); @@ -502,6 +501,7 @@ function groups_read($server,$port,$load=0) { $neu=line_read($ns); do { $response=$neu; + echo $response; if ($neu != ".") $neu=line_read($ns); } while ($neu != "."); $desc=strrchr($response,"\t"); @@ -550,12 +550,9 @@ function groups_read($server,$port,$load=0) { $newsgroups[]=$gruppe; } } - fclose($gf); nntp_close($ns); // write the data to the cachefile - $file=fopen($cachefile,"w"); - fputs($file,serialize($newsgroups)); - fclose($file); + file_put_contents($cachefile, serialize($newsgroups)); } if ($load == 0) { return $newsgroups; @@ -618,11 +615,10 @@ function groups_show($gruppen) { $groupdisplay.='

'.$g->description.'

'; // Subscribed features $filename = $spooldir."/".$g->name."-lastarticleinfo.dat"; - if($file=@fopen($filename,"r")) { - $lastarticleinfo=unserialize(fread($file,filesize($filename))); - fclose($file); + if(is_file($filename)) { + $lastarticleinfo = unserialize(file_get_contents($filename)); } else { - $lastarticleinfo->date = 0; + $lastarticleinfo['date'] = 0; } if(isset($userdata[$g->name])) { $groupdisplay.='

'; @@ -660,7 +656,7 @@ function groups_show($gruppen) { } $dbh = null; if($found) { - $lastarticleinfo->date = $row['date']; + $lastarticleinfo['date'] = $row['date']; // Put this in a function already! $fromoutput = explode("<", html_entity_decode($row['name'])); // Just an email address? @@ -673,16 +669,16 @@ function groups_show($gruppen) { $fromoutput[0] = $fromaddress[1]; } if((isset($CONFIG['hide_email']) && $CONFIG['hide_email'] == true) && (strpos($fromoutput[0], '@') !== false)) { - $lastarticleinfo->name = truncate_email($fromoutput[0]); + $lastarticleinfo['name'] = truncate_email($fromoutput[0]); } else { - $lastarticleinfo->name = $fromoutput[0]; + $lastarticleinfo['name'] = $fromoutput[0]; } } } - $groupdisplay.=get_date_interval(date("D, j M Y H:i T",$lastarticleinfo->date)); + $groupdisplay.=get_date_interval(date("D, j M Y H:i T",$lastarticleinfo['date'])); $groupdisplay.='
'; $groupdisplay.='by: '; - $groupdisplay.=create_name_link($lastarticleinfo->name, $lastarticleinfo->from); + $groupdisplay.=create_name_link(mb_decode_mimeheader($lastarticleinfo['name']), $lastarticleinfo['from']); $groupdisplay.='
'; } $groupdisplay.="\n"; @@ -752,7 +748,7 @@ function groups_show_frames($gruppen) { } /* - * gets a list of aviable articles in the group $groupname + * gets a list of available articles in the group $groupname */ /* function getArticleList(&$ns,$groupname) { @@ -903,9 +899,9 @@ function recode_charset($text,$source=false,$dest=false) { global $iconv_enable,$www_charset; if($dest==false) $dest=$www_charset; - if($iconv_enable) { + if(($iconv_enable) && ($source!=false)) { $return=iconv($source, - $dest."//TRANSLIT//IGNORE",$text); + $dest."//TRANSLIT",$text); if($return!="") return $return; else @@ -1100,7 +1096,7 @@ function check_bbs_auth($username, $password) { // Create accounts for $anonymous and $CONFIG['server_auth_user'] if not exist if($username == strtolower($CONFIG['anonusername'])) { if(filemtime($config_dir."rslight.inc.php") > filemtime($userFilename)) { - if ($userFileHandle = @fopen($userFilename, 'w+')) + if ($userFileHandle = fopen($userFilename, 'w+')) { fwrite($userFileHandle, password_hash($CONFIG['anonuserpass'], PASSWORD_DEFAULT)); fclose($userFileHandle); @@ -1109,7 +1105,7 @@ function check_bbs_auth($username, $password) { } if($username == strtolower($CONFIG['server_auth_user'])) { if(filemtime($config_dir."rslight.inc.php") > filemtime($userFilename)) { - if ($userFileHandle = @fopen($userFilename, 'w+')) + if ($userFileHandle = fopen($userFilename, 'w+')) { fwrite($userFileHandle, password_hash($CONFIG['server_auth_pass'], PASSWORD_DEFAULT)); fclose($userFileHandle); @@ -1121,7 +1117,7 @@ function check_bbs_auth($username, $password) { return FALSE; } - if ($userFileHandle = @fopen($userFilename, 'r')) + if ($userFileHandle = fopen($userFilename, 'r')) { $userFileInfo = fread($userFileHandle, filesize($userFilename)); fclose($userFileHandle); @@ -1171,7 +1167,7 @@ function check_encryption_groups($request) { return TRUE; } } - fclose($userFileHandle); + fclose($groupsFileHandle); } else { return FALSE; } @@ -1602,7 +1598,7 @@ $logfile=$logdir.'/newsportal.log'; // $loadrate = allowed article request per second $loadrate = .15; - $rate = ($_SESSION['views'] / (time() - $_SESSION['starttime'])); + $rate = fdiv($_SESSION['views'], (time() - $_SESSION['starttime'])); if (($rate > $loadrate) && ($_SESSION['views'] > 5)) { header("HTTP/1.0 429 Too Many Requests"); if(!isset($_SESSION['throttled'])) { diff --git a/Rocksolid_Light/rocksolid/overboard.php b/Rocksolid_Light/rocksolid/overboard.php index 105ec7b..0a851c3 100755 --- a/Rocksolid_Light/rocksolid/overboard.php +++ b/Rocksolid_Light/rocksolid/overboard.php @@ -210,9 +210,9 @@ foreach($files as $article) { $ref = preg_split("/[\s]+/", $getrefs[1]); if($getrefs[1] && $refid = get_data_from_msgid($ref[0])) { // Check that article to link is new enough for newsportal to display - $groupinfo = file($spooldir.'/'.$refid[newsgroup].'-info.txt'); + $groupinfo = file($spooldir.'/'.$refid["newsgroup"].'-info.txt'); $range = explode(' ', $groupinfo[1]); - if($refid[number] > ($range[0] - 1)) { + if($refid['number'] > (intval($range[0]) - 1)) { $threadref = $ref[0]; } else { $threadref = false; @@ -274,6 +274,9 @@ function expire_overboard($cachefile) { function display_threads($threads, $oldest) { global $thissite, $logfile, $config_name, $snippetlength, $maxdisplay, $prune, $this_overboard; echo ''; + if(!isset($threads)) { + $threads = (object)[]; + } krsort($threads); $results = 0; foreach($threads as $key => $value) { @@ -303,7 +306,7 @@ function display_threads($threads, $oldest) { echo ''.mb_decode_mimeheader($target['subject']).''; if(isset($this_overboard['threadlink'][$value])) { $thread = get_data_from_msgid($this_overboard['threadlink'][$value]); - echo ' (thread)'; + echo ' (thread)'; } echo '

'; echo '

'; @@ -323,7 +326,7 @@ function show_overboard_header($grouplist) { if (isset($_GET['thisgroup'])) { echo '

'; echo ''.basename(getcwd()).' / '; - echo ''.htmlspecialchars(group_displaY_name($grouplist[0])).' / '; + echo ''.htmlspecialchars(group_displaY_name($grouplist[0])).' / '; if (isset($user_time)) { echo ' new messages

'; } else { @@ -382,7 +385,7 @@ if (isset($_GET['thisgroup'])) { } function show_overboard_footer($stats, $results, $iscached) { - global $CONFIG,$user_time,$rslight_version; + global $user_time,$rslight_version; if(isset($user_time)) { $recent = 'new'; } else { diff --git a/Rocksolid_Light/rocksolid/post.php b/Rocksolid_Light/rocksolid/post.php index 516704b..9ed26d1 100644 --- a/Rocksolid_Light/rocksolid/post.php +++ b/Rocksolid_Light/rocksolid/post.php @@ -37,9 +37,6 @@ $CONFIG = include($config_file); @$abspeichern=$_REQUEST["abspeichern"]; @$references=$_REQUEST["references"]; @$id=$_REQUEST["id"]; - -$name = trim($name); - if (!isset($group)) $group=$newsgroups; include "auth.inc"; @@ -56,14 +53,6 @@ if ((isset($post_port)) && ($post_port!="")) $port=$post_port; include $file_newsportal; - - $findsection = get_section_by_group($_REQUEST["group"]); - if(trim($findsection) !== $config_name) { - $newurl = preg_replace("|/$config_name/|", "/$findsection/", $_SERVER['REQUEST_URI']); - header("Location: $newurl"); - die(); - } - include "head.inc"; global $synchro_user,$synchro_pass; // check to which groups the user is allowed to post to @@ -105,9 +94,11 @@ $returngroup = preg_split("/( |\,)/", $newsgroups, 2); echo ''; } // Pages +/* echo '
'; echo articleflat_pageselect($thisgroup,$id,count($subthread),$first); echo '
'; +*/ // has the user write-rights on the newsgroups? if((function_exists("npreg_group_has_read_access") && !npreg_group_has_read_access($newsgroups)) || @@ -207,7 +198,6 @@ if ($type=="post") { $error=$text_post["captchafail"]; } - if ($type=="post") { if (!$CONFIG['readonly']) { // post article to the newsserver @@ -231,9 +221,9 @@ if ($type=="post") { echo '

'.$text_post["button_back"].' '.$text_post["button_back2"].' '.group_display_name($returngroup[0]).'

'; return; } - } + } if(isset($_FILES["photo"]) && $_FILES["photo"]["error"] == 0) { - $_FILES[photo][name] = preg_replace('/[^a-zA-Z0-9\.]/', '_', $_FILES[photo][name]); + $_FILES['photo']['name'] = preg_replace('/[^a-zA-Z0-9\.]/', '_', $_FILES['photo']['name']); // There is an attachment to handle $message=message_post_with_attachment(quoted_printable_encode($subject), $nemail." (".quoted_printable_encode($name).")", diff --git a/Rocksolid_Light/rocksolid/search.php b/Rocksolid_Light/rocksolid/search.php index 6f39dbd..cc1c479 100644 --- a/Rocksolid_Light/rocksolid/search.php +++ b/Rocksolid_Light/rocksolid/search.php @@ -41,7 +41,7 @@ include "head.inc"; } else { echo 'Search Poster: '; } - echo ''; + echo ''; echo ''; if ($_GET['searchpoint'] == 'Poster') { @@ -97,7 +97,7 @@ $thissite = '.'; $groupconfig=$config_path."/groups.txt"; -$title.=' - search results for: '.$_POST[terms]; +$title.=' - search results for: '.$_POST['terms']; include "head.inc"; ob_start(); diff --git a/Rocksolid_Light/rocksolid/tail.inc b/Rocksolid_Light/rocksolid/tail.inc index b5e66b2..499d884 100644 --- a/Rocksolid_Light/rocksolid/tail.inc +++ b/Rocksolid_Light/rocksolid/tail.inc @@ -3,7 +3,7 @@ echo '
'; $pubkeyfile = getcwd().'/../tmp/pubkey.txt'; if(is_file($pubkeyfile) && (isset($CONFIG['site_shortname']) && $CONFIG['site_shortname'] != '')) { echo ''; - echo ''.$CONFIG[site_shortname].''; + echo ''.$CONFIG['site_shortname'].''; echo '
'; echo ''; } @@ -15,4 +15,4 @@ echo 'i2p'; echo 'tor'; echo ''; echo '
'; -?> +?> \ No newline at end of file diff --git a/Rocksolid_Light/rocksolid/thread.php b/Rocksolid_Light/rocksolid/thread.php index 7043730..4ba17df 100644 --- a/Rocksolid_Light/rocksolid/thread.php +++ b/Rocksolid_Light/rocksolid/thread.php @@ -19,14 +19,19 @@ if(isset($_REQUEST["first"])) $first=intval($_REQUEST["first"]); if(isset($_REQUEST["last"])) $last=intval($_REQUEST["last"]); - +// Switch to correct section in case group has been moved and link is to old section $findsection = get_section_by_group($group); if(trim($findsection) !== $config_name) { - $newurl = preg_replace("|/$config_name/|", "/$findsection/", $_SERVER['REQUEST_URI']); - header("Location: $newurl"); - die(); - } - + if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on') + $link = "https"; + else $link = "http"; + $link .= "://"; + $link .= $_SERVER['HTTP_HOST']; + $link .= $_SERVER['REQUEST_URI']; + $newurl = preg_replace("|/$config_name/|", "/$findsection/", $link); + header("Location:$newurl"); + die(); + } if(isset($_COOKIE['mail_name'])) { if($userdata = get_user_mail_auth_data($_COOKIE['mail_name'])) { $userfile=$spooldir.'/'.strtolower($_COOKIE['mail_name']).'-articleviews.dat'; diff --git a/Rocksolid_Light/rslight/scripts/cron.php b/Rocksolid_Light/rslight/scripts/cron.php index ccb03a4..9c57d88 100755 --- a/Rocksolid_Light/rslight/scripts/cron.php +++ b/Rocksolid_Light/rslight/scripts/cron.php @@ -8,7 +8,9 @@ # Start or verify NNTP server if(isset($CONFIG['enable_nntp']) && $CONFIG['enable_nntp'] == true) { # Create group list for nntp.php - $fp1=fopen($spooldir."/".$config_name."/groups.txt", 'w'); + $fp1=$spooldir."/".$config_name."/groups.txt"; + unlink($fp1); + touch($fp1); foreach($menulist as $menu) { if(($menu[0] == '#') || trim($menu) == "") { continue; @@ -21,11 +23,10 @@ continue; } $ok_group = preg_split("/( |\t)/", trim($ok_group), 2); - fputs($fp1, $ok_group[0]."\r\n"); + file_put_contents($fp1, $ok_group[0]."\r\n", FILE_APPEND); } } } - fclose($fp1); exec($CONFIG['php_exec']." ".$config_dir."/scripts/nntp.php > /dev/null 2>&1"); if(is_numeric($CONFIG['local_ssl_port'])) { exec($CONFIG['php_exec']." ".$config_dir."/scripts/nntp-ssl.php > /dev/null 2>&1"); @@ -60,7 +61,7 @@ @mkdir($logdir,0755,'recursive'); @mkdir($lockdir,0755,'recursive'); - + if(isset($CONFIG['enable_nocem']) && $CONFIG['enable_nocem'] == true) { @mkdir($spooldir."nocem",0755,'recursive'); exec($CONFIG['php_exec']." ".$config_dir."/scripts/nocem.php"); diff --git a/Rocksolid_Light/rslight/scripts/nntp-ssl.php b/Rocksolid_Light/rslight/scripts/nntp-ssl.php index e679cbe..e30b2e0 100755 --- a/Rocksolid_Light/rslight/scripts/nntp-ssl.php +++ b/Rocksolid_Light/rslight/scripts/nntp-ssl.php @@ -57,7 +57,7 @@ { GLOBAL $__server_listening; GLOBAL -$CONFIG,$logdir,$lockdir,$ssldir,$webserver_uid,$webserver_gid,$installed_path, +$CONFIG,$logdir,$lockdir,$webserver_uid,$webserver_gid,$installed_path, $config_path,$groupconfig,$workpath,$path,$spooldir,$nntp_group,$auth_ok; $logfile=$logdir.'/nntp.log'; $lockfile = $lockdir . '/rslight-nntp-ssl.lock'; @@ -73,10 +73,10 @@ $config_path,$groupconfig,$workpath,$path,$spooldir,$nntp_group,$auth_ok; $auth_ok = 0; $user = ""; $pass = ""; - - $pemfile = $ssldir.'/server.pem'; - create_node_ssl_cert($pemfile); - + $pemfile = $spooldir.'/server.pem'; + if(!is_file($pemfile)) { + create_certificate($pemfile); + } $context = stream_context_create(); stream_context_set_option($context, 'ssl', 'local_cert', $pemfile); stream_context_set_option($context, 'ssl', 'allow_self_signed', true); @@ -159,4 +159,32 @@ $config_path,$groupconfig,$workpath,$path,$spooldir,$nntp_group,$auth_ok; fclose($csock); } } + +function create_certificate($pemfile) { +global $CONFIG; +$certificateData = array( + "countryName" => "US", + "stateOrProvinceName" => "New York", + "localityName" => "New York City", + "organizationName" => "Rocksolid", + "organizationalUnitName" => "Rocksolid Light", + "commonName" => $CONFIG['organization'], + "emailAddress" => "rocksolid@example.com" +); + +// Generate certificate +$privateKey = openssl_pkey_new(); +$certificate = openssl_csr_new($certificateData, $privateKey); +$certificate = openssl_csr_sign($certificate, null, $privateKey, 365); + +// Generate PEM file +$pem_passphrase = null; // empty for no passphrase +$pem = array(); +openssl_x509_export($certificate, $pem[0]); +openssl_pkey_export($privateKey, $pem[1], $pem_passphrase); +$pem = implode($pem); + +// Save PEM file +file_put_contents($pemfile, $pem); +} ?> diff --git a/Rocksolid_Light/rslight/scripts/rslight-lib.php b/Rocksolid_Light/rslight/scripts/rslight-lib.php index 023803b..c4d0d8f 100755 --- a/Rocksolid_Light/rslight/scripts/rslight-lib.php +++ b/Rocksolid_Light/rslight/scripts/rslight-lib.php @@ -24,7 +24,7 @@ /* Send instructions. */ $msg = "200 Rocksolid Light NNTP Server ready (no posting)\r\n"; fwrite($msgsock, $msg, strlen($msg)); - do { + do { $msg=""; set_time_limit(30); $buf = fgets($msgsock, 2048); @@ -216,7 +216,7 @@ set_time_limit(0); if ($command[0] == 'quit') { $msg = "205 closing connection - goodbye!\r\n"; fwrite($msgsock, $msg, strlen($msg)); - socket_close($msgsock); +// socket_close($msgsock); exit(0); } file_put_contents($logfile, "\n".format_log_date()." Syntax error: ".$buf, FILE_APPEND); @@ -353,7 +353,7 @@ function process_post($message, $group) { } } } - rewind($message); +// rewind($message); /* * SPAM CHECK */ @@ -599,11 +599,11 @@ function get_title($mode) { $msg="481 descriptions unavailable\r\n"; return $msg; } - $title = file_get_contents($spooldir."/".$mode."-title", IGNORE_NEW_LINES); + $title = file_get_contents($spooldir."/".$mode."-title"); $msg="282 list of group and description follows\r\n"; $msg.=$title; - $msg.=".\r\n"; + $msg.="\r\n.\r\n"; return $msg; } @@ -1073,13 +1073,6 @@ $date_i,$mid_i,$references_i,$bytes_i,$lines_i,$xref_i,$body) { } $nocem_check="@@NCM"; $article_date=strtotime($date_i); - # Check if group exists. Open it if it does - fputs($ns, "group ".$nntp_group."\r\n"); - $response = line_read($ns); - if (strcmp(substr($response,0,3),"411") == 0) { - unlink($sn_lockfile); - return(1); - } $grouplist = file($local_groupfile, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES); foreach($grouplist as $findgroup) { $name = explode(':', $findgroup); @@ -1218,7 +1211,7 @@ function create_node_ssl_cert($pemfile) { $uinfo=posix_getpwnam($CONFIG['webserver_user']); $pubkeyfile = $ssldir.'/pubkey.pem'; $pubkeytxtfile = $webtmp.'/pubkey.txt'; - $ssltime = filectime($letsencrypt['path'])."fullchain.pem"; + $ssltime = filectime($letsencrypt['path'])."fullchain.pem"; if(isset($letsencrypt['path'])) { if($ssltime > filectime($pemfile)) { touch($config_dir.'/ssl.reload'); @@ -1226,53 +1219,53 @@ function create_node_ssl_cert($pemfile) { } if(!file_exists($config_dir.'/ssl.reload')) { - if((is_file($pemfile)) && (is_file($pubkeyfile)) && (is_file($pubkeytxtfile))) { - if(md5_file($pubkeyfile) == md5_file($pubkeytxtfile)) { - return; - } - } + if((is_file($pemfile)) && (is_file($pubkeyfile)) && (is_file($pubkeytxtfile))) { + if(md5_file($pubkeyfile) == md5_file($pubkeytxtfile)) { + return; + } + } } @unlink($config_dir.'/ssl.reload'); unlink($pemfile); unlink($pubkeyfile); unlink($pubkeytxtfile); -/* Use letsencrypt */ + /* Use letsencrypt */ if((isset($letsencrypt['server.pem'])) && (isset($letsencrypt['pubkey.pem']))) { file_put_contents($pemfile, $letsencrypt['server.pem'].$letsencrypt['privkey']); file_put_contents($pubkeyfile, $letsencrypt['pubkey.pem']); file_put_contents($pubkeytxtfile, $letsencrypt['pubkey.pem']); - touch($pemfile, $ssltime); - touch($pubkeyfile, $ssltime); - touch($pubkeytxtfile, $ssltime); + touch($pemfile, $ssltime); + touch($pubkeyfile, $ssltime); + touch($pubkeytxtfile, $ssltime); } else { -/* Create self signed cert */ - $certificateData = array( - "countryName" => "US", - "stateOrProvinceName" => "New York", - "localityName" => "New York City", - "organizationName" => "Rocksolid", - "organizationalUnitName" => "Rocksolid Light", - "commonName" => $CONFIG['organization'], - "emailAddress" => "rocksolid@example.com" - ); - - // Generate certificate - $privateKey = openssl_pkey_new(); - $certificate = openssl_csr_new($certificateData, $privateKey); - $certificate = openssl_csr_sign($certificate, null, $privateKey, 365); - - // Generate PEM file - $pem_passphrase = null; // empty for no passphrase - $pem = array(); - openssl_x509_export($certificate, $pem[0]); - openssl_pkey_export($privateKey, $pem[1], $pem_passphrase); - $pem = implode($pem); - $pubkey=openssl_pkey_get_details($privateKey); - - // Save PEM file - file_put_contents($pemfile, $pem); - file_put_contents($pubkeyfile, $pubkey['key']); - file_put_contents($pubkeytxtfile, $pubkey['key']); + /* Create self signed cert */ + $certificateData = array( + "countryName" => "US", + "stateOrProvinceName" => "New York", + "localityName" => "New York City", + "organizationName" => "Rocksolid", + "organizationalUnitName" => "Rocksolid Light", + "commonName" => $CONFIG['organization'], + "emailAddress" => "rocksolid@example.com" + ); + + // Generate certificate + $privateKey = openssl_pkey_new(); + $certificate = openssl_csr_new($certificateData, $privateKey); + $certificate = openssl_csr_sign($certificate, null, $privateKey, 365); + + // Generate PEM file + $pem_passphrase = null; // empty for no passphrase + $pem = array(); + openssl_x509_export($certificate, $pem[0]); + openssl_pkey_export($privateKey, $pem[1], $pem_passphrase); + $pem = implode($pem); + $pubkey=openssl_pkey_get_details($privateKey); + + // Save PEM file + file_put_contents($pemfile, $pem); + file_put_contents($pubkeyfile, $pubkey['key']); + file_put_contents($pubkeytxtfile, $pubkey['key']); } chown($pemfile, $uinfo["uid"]); chown($pubkeyfile, $uinfo["uid"]); diff --git a/Rocksolid_Light/rslight/scripts/send.php b/Rocksolid_Light/rslight/scripts/send.php index 5052a79..e182802 100755 --- a/Rocksolid_Light/rslight/scripts/send.php +++ b/Rocksolid_Light/rslight/scripts/send.php @@ -32,13 +32,11 @@ $logfile=$logdir.'/spoolnews.log'; $lockfile = $lockdir . '/rslight-send.lock'; $pid = file_get_contents($lockfile); if (posix_getsid($pid) === false || !is_file($lockfile)) { - file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Starting Send...", FILE_APPEND); print "Starting Send...\n"; file_put_contents($lockfile, getmypid()); // create lockfile } else { - file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Send currently running...", FILE_APPEND); - print "Send currently running\n"; - exit; + print "Send currently running\n"; + exit; } $ns=nntp2_open($CONFIG['remote_server'], $CONFIG['remote_port']); if($ns == false) { @@ -49,24 +47,19 @@ echo "\nPosting articles\r\n"; post_articles($ns, $spooldir); nntp_close($ns); unlink($lockfile); -file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Exiting Send...", FILE_APPEND); echo "\nSend Done\r\n"; function post_articles($ns, $spooldir) { global $logfile,$config_name; if(!is_dir($spooldir."/".$config_name."/outgoing/")) { - file_put_contents($logfile, "\n".format_log_date()." ".$config_name." No messages to send", FILE_APPEND); - return "No messages to send\r\n"; + return "No messages to send\r\n"; } $outgoing_dir = $spooldir."/".$config_name."/outgoing/"; - $failed_dir = $outgoing_dir.'/failed'; - @mkdir($failed_dir); $messages = scandir($outgoing_dir); foreach($messages as $message) { if(!is_file($outgoing_dir.$message)) { continue; } - file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Sending: ".$outgoing_dir.$message, FILE_APPEND); echo "Sending: ".$outgoing_dir.$message."\r\n"; fputs($ns, "MODE READER\r\n"); $response = line_read($ns); @@ -92,7 +85,6 @@ function post_articles($ns, $spooldir) { file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Posted: ".$message.": ".$response, FILE_APPEND); } else { file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Failed to POST: ".$message.": ".$response, FILE_APPEND); - rename($outgoing_dir.$message, $failed_dir.'/'.$message); continue; } } diff --git a/Rocksolid_Light/rslight/scripts/setuphelper.php b/Rocksolid_Light/rslight/scripts/setuphelper.php index 82aa8db..6c2feb7 100644 --- a/Rocksolid_Light/rslight/scripts/setuphelper.php +++ b/Rocksolid_Light/rslight/scripts/setuphelper.php @@ -24,7 +24,6 @@ return [ 'server_auth_pass' => 'The password for the local server user', # Site configuration -'site_shortname' => 'Must be unique from other rslight sites. Blank to disable', 'rslight_title' => 'The tagline at the top of the web page', 'title_full' => 'The site title in the client browser bar', 'hide_email' => 'Truncate email addresses in From header (1=true, blank=false)', diff --git a/Rocksolid_Light/rslight/scripts/spoolnews.php b/Rocksolid_Light/rslight/scripts/spoolnews.php index db2af16..ae1374a 100755 --- a/Rocksolid_Light/rslight/scripts/spoolnews.php +++ b/Rocksolid_Light/rslight/scripts/spoolnews.php @@ -23,8 +23,6 @@ include "config.inc.php"; include ("$file_newsportal"); -set_time_limit(900); - $remote_groupfile=$spooldir."/".$config_name."/".$CONFIG['remote_server'].":".$CONFIG['remote_port'].".txt"; $file_groups=$config_path."groups.txt"; $local_groupfile=$spooldir."/".$config_name."/local_groups.txt"; @@ -57,21 +55,18 @@ if (posix_getsid($pid) === false || !is_file($lockfile)) { print "Spoolnews currently running\n"; exit; } - $sem = $spooldir."/".$config_name.".reload"; if(is_file($sem)) { unlink($remote_groupfile); unlink($sem); $maxfirstrequest = 20; } - if(filemtime($spooldir.'/'.$config_name.'-thread-timer')+600 < time()) { $timer=true; touch($spooldir.'/'.$config_name.'-thread-timer'); } else { $timer=false; } - # Check for groups file, create if necessary create_spool_groups($file_groups, $remote_groupfile); create_spool_groups($file_groups, $local_groupfile); @@ -195,7 +190,6 @@ function get_articles($ns, $group) { # Pull articles and save them in our spool @mkdir($grouppath,0755,'recursive'); $i=0; - $nsfail=0; while ($article <= $detail[3]) { if(!is_numeric($article)) { file_put_contents($logfile, "\n".format_log_date()." ".$config_name." DEBUG This should show server group:article number: ".$CONFIG['remote_server']." ".$group.":".$article, FILE_APPEND); @@ -209,8 +203,9 @@ function get_articles($ns, $group) { fputs($ns, "stat ".$article."\r\n"); $response = line_read($ns); $this_msgid = explode(' ', $response); - $group_overviewfp=fopen($spooldir."/".$group."-overview", 'r'); - while($group_overview=fgets($group_overviewfp, 2048)) { + $group_overviewfile = $spooldir."/".$group."-overview"; + $gover = file($group_overviewfile); + foreach($gover as $group_overview) { $overview_msgid = explode("\t", $group_overview); if(strpos($overview_msgid[4], $this_msgid[2]) !== false) { echo "\nDuplicate Message-ID for: ".$CONFIG['remote_server']." ".$group.":".$article."\n"; @@ -220,7 +215,6 @@ function get_articles($ns, $group) { break; } } - fclose($group_overviewfp); if($duplicate == 1) { continue; } @@ -314,12 +308,7 @@ function get_articles($ns, $group) { file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Lost connection to ".$CONFIG['remote_server'].":".$CONFIG['remote_port']." retrieving article ".$article, FILE_APPEND); @fclose($articleHandle); unlink($grouppath."/".$local); - $nsfail++; - if($nsfail > 3){ - break; - } else { - continue; - } + continue; } $response=str_replace("\n","",str_replace("\r","",$response)); } @@ -375,14 +364,13 @@ function get_articles($ns, $group) { fputs($ns, "XGTITLE ".$group."\r\n"); $response = line_read($ns); if (strcmp(substr($response,0,3),"282") == 0) { - $overviewHandle = fopen($workpath.$group."-title", 'w'); + $titlefile = $workpath.$group."-title"; $response = line_read($ns); while(strcmp($response,".") != 0) { - fputs($overviewHandle, $response."\r\n"); + file_put_contents($titlefile, $response); $response = line_read($ns); } - @fclose($overviewHandle); } } # Save config @@ -463,15 +451,15 @@ function get_high_watermark($group) { function get_article_list($thisgroup) { global $spooldir; - $group_overviewfp=fopen($spooldir."/".$thisgroup."-overview", 'r'); + $group_overview_file = $spooldir."/".$thisgroup."-overview"; $ok_article=array(); - while($line = fgets($group_overviewfp)) { + $getline = file($group_overview_file); + foreach($getline as $line) { $art=explode("\t", $line); if(is_numeric($art[0])) { $ok_article[] = $art[0]; } } - fclose($group_overviewfp); return($ok_article); } diff --git a/Rocksolid_Light/spoolnews/files.php b/Rocksolid_Light/spoolnews/files.php index 633dffe..7e51f21 100644 --- a/Rocksolid_Light/spoolnews/files.php +++ b/Rocksolid_Light/spoolnews/files.php @@ -16,14 +16,13 @@ include "newsportal.php"; $getfh = fopen($getfilename, "rb"); $getfile = fread($getfh, filesize($getfilename)); fclose($getfh); - header('Content-type: '.$_REQUEST[contenttype]); - header('Content-disposition: filename="'.$_REQUEST[showfilename].'"'); + header('Content-type: '.$_REQUEST['contenttype']); + header('Content-disposition: filename="'.$_REQUEST['showfilename'].'"'); file_put_contents($logfile, "\n".format_log_date()." Requesting: ".$_REQUEST['showfile'], FILE_APPEND); echo $getfile; exit(0); } - $title.=' - Browse files'; include "head.inc"; echo ''; diff --git a/Rocksolid_Light/spoolnews/upload.php b/Rocksolid_Light/spoolnews/upload.php index 7e1576d..e443d98 100644 --- a/Rocksolid_Light/spoolnews/upload.php +++ b/Rocksolid_Light/spoolnews/upload.php @@ -43,24 +43,24 @@ include "head.inc"; echo '
'; if(isset($_FILES)) { - $_FILES[photo][name] = preg_replace('/[^a-zA-Z0-9\.]/', '_', $_FILES[photo][name]); + $_FILES['photo']['name'] = preg_replace('/[^a-zA-Z0-9\.]/', '_', $_FILES['photo']['name']); // Check auth here if(isset($_POST['key']) && password_verify($CONFIG['thissitekey'].$_POST['username'], $_POST['key'])) { if(check_bbs_auth($_POST['username'], $_POST['password'])) { - $userdir = $spooldir.'/upload/'.strtolower($_POST[username]); - $upload_to = $userdir.'/'.$_FILES[photo][name]; + $userdir = $spooldir.'/upload/'.strtolower($_POST['username']); + $upload_to = $userdir.'/'.$_FILES['photo']['name']; if(is_file($upload_to)) { - echo $_FILES[photo][name].' already exists in your folder'; + echo $_FILES['photo']['name'].' already exists in your folder'; } else { if(!is_dir($userdir)) { mkdir($userdir); } - $success = move_uploaded_file($_FILES[photo][tmp_name], $upload_to); + $success = move_uploaded_file($_FILES['photo']['tmp_name'], $upload_to); if ($success) { - file_put_contents($logfile, "\n".format_log_date()." Saved: ".strtolower($_POST['username'])."/".$_FILES[photo][name], FILE_APPEND); - echo 'Saved '.$_FILES[photo][name].' to your files folder'; + file_put_contents($logfile, "\n".format_log_date()." Saved: ".strtolower($_POST['username'])."/".$_FILES['photo']['name'], FILE_APPEND); + echo 'Saved '.$_FILES['photo']['name'].' to your files folder'; } else { - echo 'There was an error saving '.$_FILES[photo][name]; + echo 'There was an error saving '.$_FILES['photo']['name']; } } $authkey = password_hash($_POST['username'].$keys[0].get_user_config($_POST['username'],'encryptionkey'), PASSWORD_DEFAULT); diff --git a/Rocksolid_Light/spoolnews/user.php b/Rocksolid_Light/spoolnews/user.php index 672b7bf..45c22d6 100644 --- a/Rocksolid_Light/spoolnews/user.php +++ b/Rocksolid_Light/spoolnews/user.php @@ -124,9 +124,10 @@ echo '
'; $_SESSION['username'] = $user; unset($user_config); $userfile=$spooldir.'/'.$user.'-articleviews.dat'; - $userdata = unserialize(file_get_contents($userfile)); - ksort($userdata); - + if(is_file($userfile)) { + $userdata = unserialize(file_get_contents($userfile)); + ksort($userdata); + } // Apply Config if(isset($_POST['command']) && $_POST['command'] == 'SaveConfig') { $user_config['signature'] = $_POST['signature']; @@ -149,7 +150,7 @@ echo ''; file_put_contents($spooldir.'/'.$user.'-articleviews.dat', serialize($newsubs)); $userdata = unserialize(file_get_contents($userfile)); ksort($userdata); - echo 'Configuration Saved for '.$_POST[username]; + echo 'Configuration Saved for '.$_POST['username']; } else { $user_config = unserialize(file_get_contents($config_dir.'/userconfig/'.$user.'.config')); } @@ -163,7 +164,7 @@ echo ''; } $themes[] = $theme_dir; } - closedir($theme_dir); + closedir($theme_list); } } sort($themes); @@ -171,17 +172,17 @@ echo ''; // Show Config echo '

Configuration:

'; echo ''; - echo ''; + echo ''; echo ''; echo ''; // Signature echo ''; - echo ''; echo ''; // X-Face echo ''; - echo ''; echo ''; // Theme
Settings for '.$_POST[username].' (leave blank for none):
Settings for '.$_POST['username'].' (leave blank for none):
Signature:
X-Face: