novabbs
/
rocksolid-light
2
0
Fork 1
Code Issues 14 Pull Requests Releases Wiki Activity

Only changes to indentation. No other changes.

This commit is contained in:
Retro_Guy 2023-08-19 15:33:05 -07:00
parent 747227931a
commit 17e8a5dd5e
21 changed files with 5982 additions and 5758 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

297
Rocksolid_Light/rocksolid/article-flat.php
View File

@ -1,79 +1,82 @@
<?php
session_start();
header("Expires: ".gmdate("D, d M Y H:i:s",time()+(600))." GMT");
header("Cache-Control: max-age=100");
header("Pragma: cache");
session_start();
header("Expires: " . gmdate("D, d M Y H:i:s", time() + (600)) . " GMT");
header("Cache-Control: max-age=100");
header("Pragma: cache");
include "config.inc.php";
include "auth.inc";
include "$file_newsportal";
include "config.inc.php";
include "auth.inc";
include "$file_newsportal";
$logfile=$logdir.'/newsportal.log';
throttle_hits();
write_access_log();
if(isset($_COOKIE['mail_name'])) {
if($userdata = get_user_mail_auth_data($_COOKIE['mail_name'])) {
$userfile=$spooldir.'/'.strtolower($_COOKIE['mail_name']).'-articleviews.dat';
$logfile = $logdir . '/newsportal.log';
throttle_hits();
write_access_log();
if (isset($_COOKIE['mail_name'])) {
if ($userdata = get_user_mail_auth_data($_COOKIE['mail_name'])) {
$userfile = $spooldir . '/' . strtolower($_COOKIE['mail_name']) . '-articleviews.dat';
}
}
// register parameters
$id=$_REQUEST["id"];
$group=_rawurldecode($_REQUEST["group"]);
// Switch to correct section in case group has been moved and link is to old section
$findsection = get_section_by_group($group);
if(trim($findsection) !== $config_name) {
}
// register parameters
$id = $_REQUEST["id"];
$group = _rawurldecode($_REQUEST["group"]);
// Switch to correct section in case group has been moved and link is to old section
$findsection = get_section_by_group($group);
if (trim($findsection) !== $config_name) {
if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on')
$link = "https";
else $link = "http";
$link .= "://";
$link .= $_SERVER['HTTP_HOST'];
$link .= $_SERVER['REQUEST_URI'];
$newurl = preg_replace("|/$config_name/|", "/$findsection/", $link);
header("Location:$newurl");
die();
}
if(strpos($id, '@') !== false) {
if($CONFIG['article_database'] == '1') {
$database = $spooldir.'/articles-overview.db3';
$articles_dbh = overview_db_open($database);
$articles_query = $articles_dbh->prepare('SELECT * FROM overview WHERE msgid=:messageid');
$articles_query->execute(['messageid' => $id]);
$found = 0;
while ($row = $articles_query->fetch()) {
$id = $row['number'];
$group = $row['newsgroup'];
$found = 1;
break;
}
$dbh = null;
if($found) {
$newurl = 'article-flat.php?id='.$id.'&group='.$group.'#'.$id;
header("Location: $newurl");
die();
}
$link = "https";
else
$link = "http";
$link .= "://";
$link .= $_SERVER['HTTP_HOST'];
$link .= $_SERVER['REQUEST_URI'];
$newurl = preg_replace("|/$config_name/|", "/$findsection/", $link);
header("Location:$newurl");
die();
}
if (strpos($id, '@') !== false) {
if ($CONFIG['article_database'] == '1') {
$database = $spooldir . '/articles-overview.db3';
$articles_dbh = overview_db_open($database);
$articles_query = $articles_dbh->prepare('SELECT * FROM overview WHERE msgid=:messageid');
$articles_query->execute([
'messageid' => $id
]);
$found = 0;
while ($row = $articles_query->fetch()) {
$id = $row['number'];
$group = $row['newsgroup'];
$found = 1;
break;
}
$dbh = null;
if ($found) {
$newurl = 'article-flat.php?id=' . $id . '&group=' . $group . '#' . $id;
header("Location: $newurl");
die();
}
}
}
}
if(isset($_REQUEST["first"]))
$first=$_REQUEST["first"];
if (isset($_REQUEST["first"]))
$first = $_REQUEST["first"];
$_SESSION['rsactive'] = true;
$_SESSION['rsactive'] = true;
if(!isset($_SERVER['REQUEST_STRING'])) {
$_SERVER['REQUEST_STRING'] = '';
}
$location = $_SERVER['REQUEST_URI'].$_SERVER['REQUEST_STRING'];
$_SESSION['return_page'] = $location.'#'.$id;
if (! isset($_SERVER['REQUEST_STRING'])) {
$_SERVER['REQUEST_STRING'] = '';
}
$location = $_SERVER['REQUEST_URI'] . $_SERVER['REQUEST_STRING'];
$_SESSION['return_page'] = $location . '#' . $id;
// file_put_contents($accessfile, "\n".format_log_date()." ".$config_name." ".$group.":".$id, FILE_APPEND);
if($userdata) {
// file_put_contents($accessfile, "\n".format_log_date()." ".$config_name." ".$group.":".$id, FILE_APPEND);
if ($userdata) {
$userdata[$group] = time();
file_put_contents($userfile, serialize($userdata));
}
if(isset($frames_on) && $frames_on === true) {
?>
}
if (isset($frames_on) && $frames_on === true) {
?>
<script>
var contentURL=window.location.pathname+window.location.search+window.location.hash;
if ( window.self !== window.top ) {
@ -86,102 +89,94 @@ if(isset($frames_on) && $frames_on === true) {
<?php
}
$message=message_read($id,0,$group);
$message = message_read($id, 0, $group);
if (!$message) {
header ("HTTP/1.0 404 Not Found");
$subject=$title;
$title.=' - Article not found';
if($ns!=false)
nntp_close($ns);
} else {
$subject=htmlspecialchars($message->header->subject);
header("Last-Modified: ".date("r", $message->header->date));
$title.= ' - '.$group.' - '.$subject;
}
include "head.inc";
echo '<h1 class="np_thread_headline">';
echo '<a href="'.$file_index.'" target='.$frame['menu'].'>'.basename(getcwd()).'</a> / ';
echo '<a href="'.$file_thread.'?group='.rawurlencode($group).'" target='.$frame["content"].'>'.htmlspecialchars(group_display_name($group)).'</a> / '.$subject.'</h1>';
if(!$message) {
echo "Article not found";
include "tail.inc";
exit(0);
if (! $message) {
header("HTTP/1.0 404 Not Found");
$subject = $title;
$title .= ' - Article not found';
if ($ns != false)
nntp_close($ns);
} else {
$subject = htmlspecialchars($message->header->subject);
header("Last-Modified: " . date("r", $message->header->date));
$title .= ' - ' . $group . ' - ' . $subject;
}
if($message) {
// load thread-data and get IDs of the actual subthread
$thread=thread_load($group);
$subthread=thread_getsubthreadids($message->header->id,$thread);
if($thread_articles == false) {
sort($subthread);
}
// If no page is set, lets look, if we can calculate the page by
// the message-number
if(!isset($first)) {
$first=intval(array_search($id,$subthread)/$articleflat_articles_per_page)*
$articleflat_articles_per_page+1;
}
include "head.inc";
echo '<h1 class="np_thread_headline">';
echo '<a href="' . $file_index . '" target=' . $frame['menu'] . '>' . basename(getcwd()) . '</a> / ';
echo '<a href="' . $file_thread . '?group=' . rawurlencode($group) . '" target=' . $frame["content"] . '>' . htmlspecialchars(group_display_name($group)) . '</a> / ' . $subject . '</h1>';
// which articles are exactly on this page?
$pageids=array();
for($i=$first-1; (($i<count($subthread)) &&
($i<$first+$articleflat_articles_per_page-1)); $i++) {
$pageids[]=$subthread[$i];
}
if (! $message) {
echo "Article not found";
include "tail.inc";
exit(0);
}
// display the thread on top
// change some of the default threadstyle-values
$thread_show["replies"]=true;
$thread_show["threadsize"]=false;
$thread_show["lastdate"]=false;
$thread_show["latest"]=false;
$thread_show["author"]=true;
//message_thread($message->header->id,$group,$thread,$pageids);
message_thread($message->header->id,$group,$thread,false);
echo '<br>';
echo '<a name="start"></a>';
// navigation line
echo '<table cellpadding="0" cellspacing="0" width="100%" class="np_buttonbar"><tr>';
// Article List button
echo '<td>';
echo '<form action="'.$file_thread.'">';
echo '<input type="hidden" name="group" value="'.rawurlencode($group).'"/>';
echo '<button class="np_button_link" type="submit">'.htmlspecialchars(group_display_name($group)).'</button>';
echo '</form>';
echo '</td>';
// Pages
echo '<td class="np_pages" width="100%" align="right">';
echo articleflat_pageselect($group,$id,count($subthread),$first);
echo '</td></tr></table>';
foreach($pageids as $subid) {
flush();
$message=message_read($subid,0,$group);
echo '<a name="'.$subid.'"> </a>';
message_show($group,$subid,0,$message,$articleflat_chars_per_articles);
if ((!$CONFIG['readonly']) && ($message)) {
echo '<form action="'.$file_post.'">'.
'<input type="hidden" name="id" value="'.urlencode($subid).'">'.
'<input type="hidden" name="type" value="reply">'.
'<input type="hidden" name="group" value="'.urlencode($group).'">'.
'<input type="submit" value="'.$text_article["button_answer"].
'">'.
'</form>';
if ($message) {
// load thread-data and get IDs of the actual subthread
$thread = thread_load($group);
$subthread = thread_getsubthreadids($message->header->id, $thread);
if ($thread_articles == false) {
sort($subthread);
}
}
// navigation line
echo '<table cellpadding="0" cellspacing="0" width="100%" class="np_buttonbar"><tr>';
// Article List button
// If no page is set, lets look, if we can calculate the page by
// the message-number
if (! isset($first)) {
$first = intval(array_search($id, $subthread) / $articleflat_articles_per_page) * $articleflat_articles_per_page + 1;
}
// which articles are exactly on this page?
$pageids = array();
for ($i = $first - 1; (($i < count($subthread)) && ($i < $first + $articleflat_articles_per_page - 1)); $i ++) {
$pageids[] = $subthread[$i];
}
// display the thread on top
// change some of the default threadstyle-values
$thread_show["replies"] = true;
$thread_show["threadsize"] = false;
$thread_show["lastdate"] = false;
$thread_show["latest"] = false;
$thread_show["author"] = true;
// message_thread($message->header->id,$group,$thread,$pageids);
message_thread($message->header->id, $group, $thread, false);
echo '<br>';
echo '<a name="start"></a>';
// navigation line
echo '<table cellpadding="0" cellspacing="0" width="100%" class="np_buttonbar"><tr>';
// Article List button
echo '<td>';
echo '<form action="'.$file_thread.'">';
echo '<input type="hidden" name="group" value="'.rawurlencode($group).'"/>';
echo '<button class="np_button_link" type="submit">'.htmlspecialchars(group_display_name($group)).'</button>';
echo '<form action="' . $file_thread . '">';
echo '<input type="hidden" name="group" value="' . rawurlencode($group) . '"/>';
echo '<button class="np_button_link" type="submit">' . htmlspecialchars(group_display_name($group)) . '</button>';
echo '</form>';
echo '</td>';
// Pages
// Pages
echo '<td class="np_pages" width="100%" align="right">';
echo articleflat_pageselect($group,$id,count($subthread),$first);
echo articleflat_pageselect($group, $id, count($subthread), $first);
echo '</td></tr></table>';
foreach ($pageids as $subid) {
flush();
$message = message_read($subid, 0, $group);
echo '<a name="' . $subid . '"> </a>';
message_show($group, $subid, 0, $message, $articleflat_chars_per_articles);
if ((! $CONFIG['readonly']) && ($message)) {
echo '<form action="' . $file_post . '">' . '<input type="hidden" name="id" value="' . urlencode($subid) . '">' . '<input type="hidden" name="type" value="reply">' . '<input type="hidden" name="group" value="' . urlencode($group) . '">' . '<input type="submit" value="' . $text_article["button_answer"] . '">' . '</form>';
}
}
// navigation line
echo '<table cellpadding="0" cellspacing="0" width="100%" class="np_buttonbar"><tr>';
// Article List button
echo '<td>';
echo '<form action="' . $file_thread . '">';
echo '<input type="hidden" name="group" value="' . rawurlencode($group) . '"/>';
echo '<button class="np_button_link" type="submit">' . htmlspecialchars(group_display_name($group)) . '</button>';
echo '</form>';
echo '</td>';
// Pages
echo '<td class="np_pages" width="100%" align="right">';
echo articleflat_pageselect($group, $id, count($subthread), $first);
echo '</td></tr></table>';
}
include "tail.inc";

111
Rocksolid_Light/rocksolid/article.php
View File

@ -1,23 +1,23 @@
<?php
session_start();
header("Expires: ".gmdate("D, d M Y H:i:s",time()+(3600*24))." GMT");
session_start();
header("Expires: " . gmdate("D, d M Y H:i:s", time() + (3600 * 24)) . " GMT");
include "config.inc.php";
include "auth.inc";
include "$file_newsportal";
include "config.inc.php";
include "auth.inc";
include "$file_newsportal";
throttle_hits();
throttle_hits();
// register parameters
$id=$_REQUEST["id"];
$group=_rawurldecode($_REQUEST["group"]);
// register parameters
$id = $_REQUEST["id"];
$group = _rawurldecode($_REQUEST["group"]);
$thread_show["replies"]=true;
$thread_show["lastdate"]=false;
$thread_show["threadsize"]=false;
$thread_show["replies"] = true;
$thread_show["lastdate"] = false;
$thread_show["threadsize"] = false;
if(isset($frames_on) && $frames_on === true) {
?>
if (isset($frames_on) && $frames_on === true) {
?>
<script>
var contentURL=window.location.pathname+window.location.search+window.location.hash;
if ( window.self !== window.top ) {
@ -30,55 +30,52 @@ if(isset($frames_on) && $frames_on === true) {
<?php
}
$location = $_SERVER['REQUEST_URI'].$_SERVER['REQUEST_STRING'];
preg_match('/id=(.*)&/', $location, $hash);
$_SESSION['return_page'] = $location.'#'.$hash[1];
$location = $_SERVER['REQUEST_URI'] . $_SERVER['REQUEST_STRING'];
preg_match('/id=(.*)&/', $location, $hash);
$_SESSION['return_page'] = $location . '#' . $hash[1];
$message=message_read($id,0,$group);
if (!$message) {
header ("HTTP/1.0 404 Not Found");
$subject=$title;
$title.=' - Article not found';
if($ns!=false)
nntp_close($ns);
} else {
$subject=htmlspecialchars($message->header->subject);
header("Last-Modified: ".date("r", $message->header->date));
$title.= ' - '.$group.' - '.$subject;
}
include "head.inc";
$message = message_read($id, 0, $group);
if (! $message) {
header("HTTP/1.0 404 Not Found");
$subject = $title;
$title .= ' - Article not found';
if ($ns != false)
nntp_close($ns);
} else {
$subject = htmlspecialchars($message->header->subject);
header("Last-Modified: " . date("r", $message->header->date));
$title .= ' - ' . $group . ' - ' . $subject;
}
include "head.inc";
// has the user read-rights on this article?
if((function_exists("npreg_group_has_read_access") &&
!npreg_group_has_read_access($group)) ||
(function_exists("npreg_group_is_visible") &&
!npreg_group_is_visible($group))) {
// has the user read-rights on this article?
if ((function_exists("npreg_group_has_read_access") && ! npreg_group_has_read_access($group)) || (function_exists("npreg_group_is_visible") && ! npreg_group_is_visible($group))) {
die("access denied");
}
}
echo '<h1 class="np_thread_headline">';
echo '<a href="'.$file_index.'" target='.$frame['menu'].'>'.basename(getcwd()).'</a> / ';
echo '<a href="'.$file_thread.'?group='.rawurlencode($group).'" target='.$frame["content"].'>'.htmlspecialchars(group_display_name($group)).'</a> / '.$subject.'</h1>';
echo '<table cellpadding="0" cellspacing="0" width="100%" class="np_buttonbar"><tr>';
echo '<h1 class="np_thread_headline">';
echo '<a href="' . $file_index . '" target=' . $frame['menu'] . '>' . basename(getcwd()) . '</a> / ';
echo '<a href="' . $file_thread . '?group=' . rawurlencode($group) . '" target=' . $frame["content"] . '>' . htmlspecialchars(group_display_name($group)) . '</a> / ' . $subject . '</h1>';
echo '<table cellpadding="0" cellspacing="0" width="100%" class="np_buttonbar"><tr>';
// Article List button
echo '<td>';
echo '<form action="'.$file_thread.'">';
echo '<input type="hidden" name="group" value="'.rawurlencode($group).'"/>';
echo '<button class="np_button_link" type="submit">'.htmlspecialchars(group_display_name($group)).'</button>';
echo '</form>';
echo '</td>';
echo '</tr></table>';
echo '<td>';
echo '<form action="' . $file_thread . '">';
echo '<input type="hidden" name="group" value="' . rawurlencode($group) . '"/>';
echo '<button class="np_button_link" type="submit">' . htmlspecialchars(group_display_name($group)) . '</button>';
echo '</form>';
echo '</td>';
echo '</tr></table>';
if (!$message)
if (! $message)
// article not found
echo $text_error["article_not_found"];
else {
if($article_showthread)
$thread=thread_cache_load($group);
//echo "<br>";
message_show($group,$id,0,$message);
if($article_showthread)
message_thread($message->header->id,$group,$thread);
}
include "tail.inc";
else {
if ($article_showthread)
$thread = thread_cache_load($group);
// echo "<br>";
message_show($group, $id, 0, $message);
if ($article_showthread)
message_thread($message->header->id, $group, $thread);
}
include "tail.inc";
?>

74
Rocksolid_Light/rocksolid/index.php
View File

@ -1,12 +1,12 @@
<?php
<?php
session_start();
$_SESSION['isframed'] = 1;
include "config.inc.php";
include "auth.inc";
include "config.inc.php";
include "auth.inc";
if (isset($frames_on) && $frames_on === true) {
?>
?>
<script>
var contentURL=window.location.pathname+window.location.search+window.location.hash;
if ( window.self !== window.top ) {
@ -18,56 +18,56 @@ if (isset($frames_on) && $frames_on === true) {
</script>
<?php
}
$title.=' - '.basename(getcwd());
$title .= ' - ' . basename(getcwd());
include "head.inc";
echo '<h1 class="np_thread_headline">'.basename(getcwd()).'</h1>';
echo '<h1 class="np_thread_headline">' . basename(getcwd()) . '</h1>';
echo '<table cellpadding="0" cellspacing="0" class="np_buttonbar"><tr>';
// View Latest button
if (isset($overboard) && ($overboard == true)) {
if (isset($overboard) && ($overboard == true)) {
echo '<td>';
echo '<form target="'.$frame['content'].'" action="overboard.php">';
echo '<button class="np_button_link" type="submit">'.$text_thread["button_overboard"].'</button>';
echo '<form target="' . $frame['content'] . '" action="overboard.php">';
echo '<button class="np_button_link" type="submit">' . $text_thread["button_overboard"] . '</button>';
echo '</form>';
echo '</td>';
} else {
// echo htmlspecialchars($CONFIG['title_full']);
}
} else {
// echo htmlspecialchars($CONFIG['title_full']);
}
// Search button
echo '<td>';
echo '<form target="'.$frame['content'].'" action="search.php">';
echo '<button class="np_button_link" type="submit">'.$text_thread["button_search"].'</button>';
echo '</form>';
echo '</td>';
echo '<td width=100%></td></tr></table>';
echo '<td>';
echo '<form target="' . $frame['content'] . '" action="search.php">';
echo '<button class="np_button_link" type="submit">' . $text_thread["button_search"] . '</button>';
echo '</form>';
echo '</td>';
echo '<td width=100%></td></tr></table>';
include("$file_newsportal");
include ("$file_newsportal");
flush();
if(isset($_GET['unsub'])) {
if(isset($_COOKIE['mail_name'])) {
if($userdata = get_user_mail_auth_data($_COOKIE['mail_name'])) {
$userfile=$spooldir.'/'.strtolower($_COOKIE['mail_name']).'-articleviews.dat';
$newsubs = array();
foreach($userdata as $key => $usertime) {
if($key !== $_GET['unsub']) {
$newsubs[$key] = $usertime;
if (isset($_GET['unsub'])) {
if (isset($_COOKIE['mail_name'])) {
if ($userdata = get_user_mail_auth_data($_COOKIE['mail_name'])) {
$userfile = $spooldir . '/' . strtolower($_COOKIE['mail_name']) . '-articleviews.dat';
$newsubs = array();
foreach ($userdata as $key => $usertime) {
if ($key !== $_GET['unsub']) {
$newsubs[$key] = $usertime;
}
}
$userfile = $spooldir . '/' . strtolower($_COOKIE['mail_name']) . '-articleviews.dat';
file_put_contents($userfile, serialize($newsubs));
}
}
$userfile=$spooldir.'/'.strtolower($_COOKIE['mail_name']).'-articleviews.dat';
file_put_contents($userfile, serialize($newsubs));
}
}
}
$newsgroups=groups_read($server,$port);
$newsgroups = groups_read($server, $port);
echo '<div class="np_index_groups">';
if(isset($frames_on) && $frames_on === true) {
groups_show_frames($newsgroups);
if (isset($frames_on) && $frames_on === true) {
groups_show_frames($newsgroups);
} else {
groups_show($newsgroups);
groups_show($newsgroups);
}
echo '</div>';
$sessions_data = file_get_contents($spooldir.'/sessions.dat');
echo '<h1 class="np_thread_headline">'.$sessions_data.'</h1>';
$sessions_data = file_get_contents($spooldir . '/sessions.dat');
echo '<h1 class="np_thread_headline">' . $sessions_data . '</h1>';
include "tail.inc";
?>

2782
Rocksolid_Light/rocksolid/newsportal.php
View File

File diff suppressed because it is too large Load Diff

589
Rocksolid_Light/rocksolid/overboard.php
View File

@ -1,44 +1,45 @@
<?php
session_start();
header("Expires: ".gmdate("D, d M Y H:i:s",time()+(600))." GMT");
header("Cache-Control: max-age=100");
header("Pragma: cache");
/* rocksolid overboard - overboard for rslight
* Download: https://news.novabbs.com/getrslight
*
* E-Mail: retroguy@novabbs.com
* Web: https://news.novabbs.com
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
session_start();
header("Expires: " . gmdate("D, d M Y H:i:s", time() + (600)) . " GMT");
header("Cache-Control: max-age=100");
header("Pragma: cache");
/*
* rocksolid overboard - overboard for rslight
* Download: https://news.novabbs.com/getrslight
*
* E-Mail: retroguy@novabbs.com
* Web: https://news.novabbs.com
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
?>
<?php
include "config.inc.php";
include "auth.inc";
include "$file_newsportal";
include "config.inc.php";
include "auth.inc";
include "$file_newsportal";
throttle_hits();
write_access_log();
if(isset($_COOKIE['mail_name'])) {
if($userdata = get_user_mail_auth_data($_COOKIE['mail_name'])) {
$userfile=$spooldir.'/'.strtolower($_COOKIE['mail_name']).'-articleviews.dat';
throttle_hits();
write_access_log();
if (isset($_COOKIE['mail_name'])) {
if ($userdata = get_user_mail_auth_data($_COOKIE['mail_name'])) {
$userfile = $spooldir . '/' . strtolower($_COOKIE['mail_name']) . '-articleviews.dat';
}
}
if(isset($frames_on) && $frames_on === true) {
?>
}
if (isset($frames_on) && $frames_on === true) {
?>
<script>
var contentURL=window.location.pathname+window.location.search+window.location.hash;
if ( window.self !== window.top ) {
@ -52,19 +53,19 @@ if(isset($frames_on) && $frames_on === true) {
<?php
}
if (isset($_GET['thisgroup'])) {
$title.=" - "._rawurldecode(_rawurldecode($_GET['thisgroup']))." - latest messages";
$title .= " - " . _rawurldecode(_rawurldecode($_GET['thisgroup'])) . " - latest messages";
} else {
$title.=" - ".$config_name." - overboard";
$title .= " - " . $config_name . " - overboard";
}
include "head.inc";
$CONFIG = include($config_file);
$logfile=$logdir.'/overboard.log';
$CONFIG = include ($config_file);
$logfile = $logdir . '/overboard.log';
# How many days old should articles be displayed?
if (isset($_GET['thisgroup'])) {
$article_age = 30;
$article_age = 30;
} else {
$article_age = 30;
$article_age = 30;
}
$version = 1.1;
@ -78,355 +79,361 @@ $maxdisplay = 1000;
# How many characters of the body to display per article
$snippetlength = 240;
$spoolpath_regexp = '/'.preg_replace('/\//', '\\/', $spoolpath).'/';
$spoolpath_regexp = '/' . preg_replace('/\//', '\\/', $spoolpath) . '/';
$thissite = '.';
$groupconfig=$file_groups;
$cachefile=$spooldir."/".$config_name."-overboard.dat";
$groupconfig = $file_groups;
$cachefile = $spooldir . "/" . $config_name . "-overboard.dat";
$oldest = (time() - (86400 * $article_age));
$prune = false;
if (isset($_GET['time'])) {
$user_time = $_GET['time'];
if(is_numeric($user_time)) {
if(($user_time > time()) || ($user_time < $oldest)) {
unset($user_time);
$user_time = $_GET['time'];
if (is_numeric($user_time)) {
if (($user_time > time()) || ($user_time < $oldest)) {
unset($user_time);
}
} else {
unset($user_time);
}
} else {
unset($user_time);
}
}
if (isset($_GET['thisgroup'])) {
$_GET['thisgroup'] = _rawurldecode($_GET['thisgroup']);
if(get_section_by_group($_GET['thisgroup']) == false) {
echo "Group not found";
exit(1);
}
$grouplist = array();
$grouplist[0] = _rawurldecode(_rawurldecode($_GET['thisgroup']));
$cachefile=$spooldir."/".$grouplist[0]."-overboard.dat";
if($userdata) {
$userdata[$grouplist[0]] = time();
file_put_contents($userfile, serialize($userdata));
}
$_GET['thisgroup'] = _rawurldecode($_GET['thisgroup']);
if (get_section_by_group($_GET['thisgroup']) == false) {
echo "Group not found";
exit(1);
}
$grouplist = array();
$grouplist[0] = _rawurldecode(_rawurldecode($_GET['thisgroup']));
$cachefile = $spooldir . "/" . $grouplist[0] . "-overboard.dat";
if ($userdata) {
$userdata[$grouplist[0]] = time();
file_put_contents($userfile, serialize($userdata));
}
} else {
$grouplist = file($groupconfig, FILE_IGNORE_NEW_LINES);
$grouplist = file($groupconfig, FILE_IGNORE_NEW_LINES);
}
show_overboard_header($grouplist);
$results=0;
$results = 0;
if(!isset($this_overboard['version'])) {
if (! isset($this_overboard['version'])) {
$this_overboard['version'] = '0';
}
if(is_file($cachefile)) {
$stats = stat($cachefile);
$this_overboard = unserialize(file_get_contents($cachefile));
$cachedate = ($this_overboard['lastmessage'] - 86400);
$oldest = $cachedate;
if (is_file($cachefile)) {
$stats = stat($cachefile);
$this_overboard = unserialize(file_get_contents($cachefile));
$cachedate = ($this_overboard['lastmessage'] - 86400);
$oldest = $cachedate;
} else {
$cachedate = ($oldest - 86400);
$cachedate = ($oldest - 86400);
}
if($this_overboard['version'] !== $version) {
unset($this_overboard);
if(is_file($cachefile)) {
unlink($cachefile);
}
$this_overboard['version'] = $version;
$cachedate = ($oldest - 86400);
if ($this_overboard['version'] !== $version) {
unset($this_overboard);
if (is_file($cachefile)) {
unlink($cachefile);
}
$this_overboard['version'] = $version;
$cachedate = ($oldest - 86400);
}
# Iterate through groups
$database = $spooldir.'/articles-overview.db3';
$database = $spooldir . '/articles-overview.db3';
$table = 'overview';
$dbh = overview_db_open($database, $table);
$query = $dbh->prepare('SELECT * FROM '.$table.' WHERE newsgroup=:findgroup AND date >= '.$cachedate.' ORDER BY date DESC LIMIT '.$maxdisplay);
$query = $dbh->prepare('SELECT * FROM ' . $table . ' WHERE newsgroup=:findgroup AND date >= ' . $cachedate . ' ORDER BY date DESC LIMIT ' . $maxdisplay);
$articles = array();
$db_articles = array();
foreach($grouplist as $findgroup) {
$groups = preg_split("/(\ |\t)/", $findgroup, 2);
$findgroup = $groups[0];
foreach ($grouplist as $findgroup) {
$groups = preg_split("/(\ |\t)/", $findgroup, 2);
$findgroup = $groups[0];
$overboard_noshow = explode(' ', $CONFIG['overboard_noshow']);
foreach($overboard_noshow as $noshow) {
if ((strpos($findgroup, $noshow) !== false) && !isset($_GET['thisgroup'])) {
continue 2;
}
}
$thisgroup = preg_replace('/\./', '/', $findgroup);
if($dbh) {
$query->execute(['findgroup' => $findgroup]);
$i=0;
while (($overviewline = $query->fetch()) !== false) {
$articles[] = $spoolpath.$thisgroup.'/'.$overviewline['number'];
$db_articles[] = $findgroup.':'.$overviewline['number'].':'.$overviewline['date'].':'.$overviewline['name'];
$i++;
if($i > $maxdisplay) {
break;
}
}
}
$overboard_noshow = explode(' ', $CONFIG['overboard_noshow']);
foreach ($overboard_noshow as $noshow) {
if ((strpos($findgroup, $noshow) !== false) && ! isset($_GET['thisgroup'])) {
continue 2;
}
}
$thisgroup = preg_replace('/\./', '/', $findgroup);
if ($dbh) {
$query->execute([
'findgroup' => $findgroup
]);
$i = 0;
while (($overviewline = $query->fetch()) !== false) {
$articles[] = $spoolpath . $thisgroup . '/' . $overviewline['number'];
$db_articles[] = $findgroup . ':' . $overviewline['number'] . ':' . $overviewline['date'] . ':' . $overviewline['name'];
$i ++;
if ($i > $maxdisplay) {
break;
}
}
}
}
$dbh = null;
$files = array();
if($CONFIG['article_database'] == '1') {
foreach($db_articles as $article) {
$order=explode(':', $article);
$files[$order[2]] = $article;
}
} else {
foreach($articles as $article) {
if(is_dir($article)) {
continue;
if ($CONFIG['article_database'] == '1') {
foreach ($db_articles as $article) {
$order = explode(':', $article);
$files[$order[2]] = $article;
}
} else {
foreach ($articles as $article) {
if (is_dir($article)) {
continue;
}
$files[filemtime($article)] = $article;
}
$files[filemtime($article)] = $article;
}
}
krsort($files);
foreach($files as $article) {
if($CONFIG['article_database'] == '1') {
$data = explode(':', $article);
$articledata = np_get_db_article($data[1], $data[0], 0);
foreach ($files as $article) {
if ($CONFIG['article_database'] == '1') {
$data = explode(':', $article);
$articledata = np_get_db_article($data[1], $data[0], 0);
} else {
$articledata = file_get_contents($article);
$articledata = file_get_contents($article);
}
$bodystart = strpos($articledata, $localeol);
$header = substr($articledata, 0, $bodystart);
# Find group name and article number
if($CONFIG['article_database'] == '1') {
$group = $data[0];
$articlenumber = $data[1];
$groupname = $group;
if ($CONFIG['article_database'] == '1') {
$group = $data[0];
$articlenumber = $data[1];
$groupname = $group;
} else {
$group = preg_replace($spoolpath_regexp, '', $article);
$group = preg_replace('/\//', '.', $group);
$findme = strrpos($group, '.');
$groupname = substr($group, 0, $findme);
$articlenumber = substr($group, $findme+1);
$group = preg_replace($spoolpath_regexp, '', $article);
$group = preg_replace('/\//', '.', $group);
$findme = strrpos($group, '.');
$groupname = substr($group, 0, $findme);
$articlenumber = substr($group, $findme + 1);
}
preg_match('/Message-ID:.*/i', $header, $articleid);
$getid = explode(": ", $articleid[0]);
$thismsgid = $getid[1];
if(isset($this_overboard['msgids'][$thismsgid])) {
continue;
if (isset($this_overboard['msgids'][$thismsgid])) {
continue;
}
$isref = preg_match('/References:.*/i', $header, $ref);
if($isref) {
$getrefs = explode(': ', $ref[0]);
$ref = preg_split("/[\s]+/", $getrefs[1]);
if($getrefs[1] && $refid = get_data_from_msgid($ref[0])) {
// Check that article to link is new enough for newsportal to display
$groupinfo = file($spooldir.'/'.$refid["newsgroup"].'-info.txt');
$range = explode(' ', $groupinfo[1]);
if($refid['number'] > (intval($range[0]) - 1)) {
$threadref = $ref[0];
if ($isref) {
$getrefs = explode(': ', $ref[0]);
$ref = preg_split("/[\s]+/", $getrefs[1]);
if ($getrefs[1] && $refid = get_data_from_msgid($ref[0])) {
// Check that article to link is new enough for newsportal to display
$groupinfo = file($spooldir . '/' . $refid["newsgroup"] . '-info.txt');
$range = explode(' ', $groupinfo[1]);
if ($refid['number'] > (intval($range[0]) - 1)) {
$threadref = $ref[0];
} else {
$threadref = false;
}
} else {
$threadref = false;
$threadref = false;
}
} else {
$threadref = false;
}
} else {
$threadref = false;
}
$target = get_data_from_msgid($thismsgid);
if($target['date'] > time()) {
continue;
if ($target['date'] > time()) {
continue;
}
if(!isset($this_overboard['lastmessage'])) {
if (! isset($this_overboard['lastmessage'])) {
$this_overboard['lastmessage'] = 0;
}
if($target['date'] > $this_overboard['lastmessage']) {
$this_overboard['lastmessage'] = $target['date'];
if ($target['date'] > $this_overboard['lastmessage']) {
$this_overboard['lastmessage'] = $target['date'];
}
if(!isset($this_overboard['threads'][$target['date']])) {
$this_overboard['threads'][$target['date']] = $thismsgid;
$this_overboard['msgids'][$thismsgid] = $target;
if($threadref) {
$this_overboard['threadlink'][$thismsgid] = $threadref;
}
if($results++ > ($maxdisplay - 2)) {
break;
}
if (! isset($this_overboard['threads'][$target['date']])) {
$this_overboard['threads'][$target['date']] = $thismsgid;
$this_overboard['msgids'][$thismsgid] = $target;
if ($threadref) {
$this_overboard['threadlink'][$thismsgid] = $threadref;
}
if ($results ++ > ($maxdisplay - 2)) {
break;
}
}
}
file_put_contents($cachefile, serialize($this_overboard));
if(isset($user_time)) {
$oldest = ($user_time - 900);
if (isset($user_time)) {
$oldest = ($user_time - 900);
} else {
$oldest = (time() - (86400 * $article_age));
$oldest = (time() - (86400 * $article_age));
}
$results = display_threads($this_overboard['threads'], $oldest);
show_overboard_footer(null, $results, null);
echo '</body></html>';
expire_overboard($cachefile);
function expire_overboard($cachefile) {
global $article_age, $logfile, $config_name, $prune, $this_overboard;
if(!isset($this_overboard['expire'])) {
$this_overboard['expire'] = time();
}
if($this_overboard['expire'] < (time() - 86400)) {
$prune = true;
foreach($this_overboard['msgids'] as $key => $value) {
$target = $this_overboard['msgids'][$key];
if($target['date'] < (time() - (86400 * $article_age))) {
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Expiring: ".$target['newsgroup'].":".$target['number'], FILE_APPEND);
unset($this_overboard['threads'][$target['date']]);
unset($this_overboard['msgids'][$key]);
unset($this_overboard['threadlink'][$key]);
}
}
$this_overboard['expire'] = time();
function expire_overboard($cachefile)
{
global $article_age, $logfile, $config_name, $prune, $this_overboard;
if (! isset($this_overboard['expire'])) {
$this_overboard['expire'] = time();
}
if($prune) {
file_put_contents($cachefile, serialize($this_overboard));
if ($this_overboard['expire'] < (time() - 86400)) {
$prune = true;
foreach ($this_overboard['msgids'] as $key => $value) {
$target = $this_overboard['msgids'][$key];
if ($target['date'] < (time() - (86400 * $article_age))) {
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Expiring: " . $target['newsgroup'] . ":" . $target['number'], FILE_APPEND);
unset($this_overboard['threads'][$target['date']]);
unset($this_overboard['msgids'][$key]);
unset($this_overboard['threadlink'][$key]);
}
}
$this_overboard['expire'] = time();
}
if ($prune) {
file_put_contents($cachefile, serialize($this_overboard));
}
}
function display_threads($threads, $oldest) {
global $CONFIG,$thissite, $logfile, $config_name, $snippetlength, $maxdisplay, $prune, $this_overboard;
function display_threads($threads, $oldest)
{
global $CONFIG, $thissite, $logfile, $config_name, $snippetlength, $maxdisplay, $prune, $this_overboard;
echo '<table cellspacing="0" width="100%" class="np_results_table">';
if(!isset($threads)) {
$threads = (object)[];
if (! isset($threads)) {
$threads = (object) [];
} else {
krsort($threads);
krsort($threads);
}
$results = 0;
foreach($threads as $key => $value) {
$target = $this_overboard['msgids'][$value];
if(!isset($target['msgid'])) {
$target = get_data_from_msgid($value);
}
if($target['date'] < $oldest) {
continue;
}
if($results > $maxdisplay) {
$prune = true;
unset($this_overboard['threads'][$target['date']]);
unset($this_overboard['threadlink'][$value]);
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Pruning: ".$target['newsgroup'].":".$target['number'], FILE_APPEND);
}
$article = get_db_data_from_msgid($target['msgid'], $target['newsgroup'], 1);
$poster = get_poster_name(mb_decode_mimeheader($target['name']));
$groupurl = $thissite."/thread.php?group="._rawurlencode($target['newsgroup']);
if(($results % 2) == 0){
echo '<tr class="np_result_line2"><td class="np_result_line2" style="word-wrap:break-word";>';
} else {
echo '<tr class="np_result_line1"><td class="np_result_line1" style="word-wrap:break-word";>';
foreach ($threads as $key => $value) {
$target = $this_overboard['msgids'][$value];
if (! isset($target['msgid'])) {
$target = get_data_from_msgid($value);
}
$url = $thissite."/article-flat.php?id=".$target['number']."&group="._rawurlencode($target['newsgroup'])."#".$target['number'];
if ($target['date'] < $oldest) {
continue;
}
if ($results > $maxdisplay) {
$prune = true;
unset($this_overboard['threads'][$target['date']]);
unset($this_overboard['threadlink'][$value]);
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Pruning: " . $target['newsgroup'] . ":" . $target['number'], FILE_APPEND);
}
$article = get_db_data_from_msgid($target['msgid'], $target['newsgroup'], 1);
$poster = get_poster_name(mb_decode_mimeheader($target['name']));
$groupurl = $thissite . "/thread.php?group=" . _rawurlencode($target['newsgroup']);
if (($results % 2) == 0) {
echo '<tr class="np_result_line2"><td class="np_result_line2" style="word-wrap:break-word";>';
} else {
echo '<tr class="np_result_line1"><td class="np_result_line1" style="word-wrap:break-word";>';
}
$url = $thissite . "/article-flat.php?id=" . $target['number'] . "&group=" . _rawurlencode($target['newsgroup']) . "#" . $target['number'];
echo '<p class=np_ob_subject>';
echo '<b><a href="'.$url.'"><span>'.mb_decode_mimeheader($target['subject']).'</span></a></b>';
if(isset($this_overboard['threadlink'][$value])) {
$thread = get_data_from_msgid($this_overboard['threadlink'][$value]);
echo '<font class="np_ob_group"><a href="article-flat.php?id='.$thread['number'].'&group='.rawurlencode($thread['newsgroup']).'#'.$thread['number'].'"> (thread)</a></font>';
}
echo '<b><a href="' . $url . '"><span>' . mb_decode_mimeheader($target['subject']) . '</span></a></b>';
if (isset($this_overboard['threadlink'][$value])) {
$thread = get_data_from_msgid($this_overboard['threadlink'][$value]);
echo '<font class="np_ob_group"><a href="article-flat.php?id=' . $thread['number'] . '&group=' . rawurlencode($thread['newsgroup']) . '#' . $thread['number'] . '"> (thread)</a></font>';
}
echo '</p>';
echo '</p><p class=np_ob_group>';
echo '<a href="'.$groupurl.'"><span class="visited">'.$target['newsgroup'].'</span></a>';
echo '<a href="' . $groupurl . '"><span class="visited">' . $target['newsgroup'] . '</span></a>';
echo '</p>';
echo '<p class=np_ob_posted_date>Posted: '.get_date_interval(date("D, j M Y H:i T",$target['date'])).' by: '.create_name_link($poster['name'], $poster['from']).'</p>';
if($CONFIG['article_database'] == '1') {
echo '<p class=np_ob_posted_date>Posted: ' . get_date_interval(date("D, j M Y H:i T", $target['date'])) . ' by: ' . create_name_link($poster['name'], $poster['from']) . '</p>';
if ($CONFIG['article_database'] == '1') {
echo htmlentities(substr($article['search_snippet'], 0, $snippetlength));
}
$results++;
$results ++;
}
echo "</table>";
return($results);
return ($results);
}
function show_overboard_header($grouplist) {
global $text_thread, $frame, $text_article, $file_index, $file_thread, $user_time;
function show_overboard_header($grouplist)
{
global $text_thread, $frame, $text_article, $file_index, $file_thread, $user_time;
if (isset($_GET['thisgroup'])) {
echo '<h1 class="np_thread_headline">';
echo '<a href="'.$file_index.'" target='.$frame['menu'].'>'.basename(getcwd()).'</a> / ';
echo '<a href="'.$file_thread.'?group='.rawurlencode($grouplist[0]).'" target='.$frame["content"].'>'.htmlspecialchars(group_displaY_name($grouplist[0])).'</a> / ';
if (isset($_GET['thisgroup'])) {
echo '<h1 class="np_thread_headline">';
echo '<a href="' . $file_index . '" target=' . $frame['menu'] . '>' . basename(getcwd()) . '</a> / ';
echo '<a href="' . $file_thread . '?group=' . rawurlencode($grouplist[0]) . '" target=' . $frame["content"] . '>' . htmlspecialchars(group_displaY_name($grouplist[0])) . '</a> / ';
if (isset($user_time)) {
echo ' new messages</h1>';
} else {
echo ' latest</h1>';
}
echo '<table cellpadding="0" cellspacing="0" class="np_buttonbar"><tr>';
// Refresh button
echo '<td>';
echo '<form action="overboard.php">';
echo '<input type="hidden" name="thisgroup" value="' . $_GET['thisgroup'] . '"/>';
if (isset($user_time)) {
echo '<button class="np_button_link" type="submit">overboard</button>';
} else {
echo '<button class="np_button_link" type="submit">' . $text_article["refresh"] . '</button>';
}
echo '</form>';
echo '</td>';
// Article List button
echo '<td>';
echo '<form action="' . $file_thread . '">';
echo '<input type="hidden" name="group" value="' . $grouplist[0] . '"/>';
echo '<button class="np_button_link" type="submit">' . htmlspecialchars(group_display_name($grouplist[0])) . '</button>';
echo '</form>';
echo '</td>';
// Newsgroups button (hidden)
if (isset($frames_on) && $frames_on === true) {
echo '<td>';
echo '<form action="' . $file_index . '">';
echo '<button class="np_button_hidden" type="submit">' . $text_thread["button_grouplist"] . '</button>';
echo '</form>';
echo '</td>';
}
echo '<td width=100%></td></tr></table>';
} else {
echo '<h1 class="np_thread_headline">';
echo '<a href="' . $file_index . '" target=' . $frame['menu'] . '>' . basename(getcwd()) . '</a> / ';
echo 'latest messages</h1>';
echo '<table cellpadding="0" cellspacing="0" class="np_buttonbar"><tr>';
// Refresh button
echo '<td>';
echo '<form action="overboard.php">';
echo '<button class="np_button_link" type="submit">' . $text_article["refresh"] . '</button>';
echo '</form>';
echo '</td>';
// Newsgroups button (hidden)
if (isset($frames_on) && $frames_on === true) {
echo '<td>';
echo '<form action="' . $file_index . '">';
echo '<button class="np_button_hidden" type="submit">' . $text_thread["button_grouplist"] . '</button>';
echo '</form>';
echo '</td>';
}
echo '<td width=100%></td></tr></table>';
}
}
function show_overboard_footer($stats, $results, $iscached)
{
global $user_time, $rslight_version;
if (isset($user_time)) {
echo ' new messages</h1>';
$recent = 'new';
} else {
echo ' latest</h1>';
$recent = 'recent';
}
echo '<table cellpadding="0" cellspacing="0" class="np_buttonbar"><tr>';
// Refresh button
echo '<td>';
echo '<form action="overboard.php">';
echo '<input type="hidden" name="thisgroup" value="'.$_GET['thisgroup'].'"/>';
if (isset($user_time)) {
echo '<button class="np_button_link" type="submit">overboard</button>';
if ($results == '1') {
$arts = 'article';
} else {
echo '<button class="np_button_link" type="submit">'.$text_article["refresh"].'</button>';
}
echo '</form>';
echo '</td>';
// Article List button
echo '<td>';
echo '<form action="'.$file_thread.'">';
echo '<input type="hidden" name="group" value="'.$grouplist[0].'"/>';
echo '<button class="np_button_link" type="submit">'.htmlspecialchars(group_display_name($grouplist[0])).'</button>';
echo '</form>';
echo '</td>';
// Newsgroups button (hidden)
if(isset($frames_on) && $frames_on === true) {
echo '<td>';
echo '<form action="'.$file_index.'">';
echo '<button class="np_button_hidden" type="submit">'.$text_thread["button_grouplist"].'</button>';
echo '</form>';
echo '</td>';
}
echo '<td width=100%></td></tr></table>';
} else {
echo '<h1 class="np_thread_headline">';
echo '<a href="'.$file_index.'" target='.$frame['menu'].'>'.basename(getcwd()).'</a> / ';
echo 'latest messages</h1>';
echo '<table cellpadding="0" cellspacing="0" class="np_buttonbar"><tr>';
// Refresh button
echo '<td>';
echo '<form action="overboard.php">';
echo '<button class="np_button_link" type="submit">'.$text_article["refresh"].'</button>';
echo '</form>';
echo '</td>';
// Newsgroups button (hidden)
if(isset($frames_on) && $frames_on === true) {
echo '<td>';
echo '<form action="'.$file_index.'">';
echo '<button class="np_button_hidden" type="submit">'.$text_thread["button_grouplist"].'</button>';
echo '</form>';
echo '</td>';
}
echo '<td width=100%></td></tr></table>';
}
}
function show_overboard_footer($stats, $results, $iscached) {
global $user_time,$rslight_version;
if(isset($user_time)) {
$recent = 'new';
} else {
$recent = 'recent';
}
if($results == '1') {
$arts = 'article';
} else {
$arts = 'articles';
$arts = 'articles';
}
echo '</table>';
echo "<p class=np_ob_tail><b>".$results."</b> ".$recent." ".$arts." found.</p>\r\n";
#echo "<center><i>Rocksolid Overboard</i> version ".$version;
echo "<p class=np_ob_tail><b>" . $results . "</b> " . $recent . " " . $arts . " found.</p>\r\n";
# echo "<center><i>Rocksolid Overboard</i> version ".$version;
include "tail.inc";
if($iscached) {
echo "<p class=np_ob_tail><font size='1em'>cached copy: ".date("D M j G:i:s T Y", $stats[9])."</font></p>\r\n";
if ($iscached) {
echo "<p class=np_ob_tail><font size='1em'>cached copy: " . date("D M j G:i:s T Y", $stats[9]) . "</font></p>\r\n";
}
}
?>

676
Rocksolid_Light/rocksolid/post.php
View File

@ -1,388 +1,399 @@
<?php
/* rslight NNTP<->HTTP Gateway
* Download: https://news.novabbs.com/getrslight
/*
* rslight NNTP<->HTTP Gateway
* Download: https://news.novabbs.com/getrslight
*
* Based on Newsportal by Florian Amrhein
* Based on Newsportal by Florian Amrhein
*
* E-Mail: retroguy@novabbs.com
* Web: https://news.novabbs.com
* E-Mail: retroguy@novabbs.com
* Web: https://news.novabbs.com
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
session_start();
include "config.inc.php";
$CONFIG = include($config_file);
$CONFIG = include ($config_file);
@$fieldnamedecrypt=$_REQUEST['fielddecrypt'];
//@$newsgroups=$_REQUEST["newsgroups"];
//@$group=$_REQUEST["group"];
@$type=$_REQUEST["type"];
@$subject=stripslashes($_POST[md5($fieldnamedecrypt."subject")]);
@$name=$_POST[md5($fieldnamedecrypt."name")];
@$email=$_POST[md5($fieldnamedecrypt."email")];
@$body=stripslashes($_POST[md5($fieldnamedecrypt."body")]);
@$abspeichern=$_REQUEST["abspeichern"];
@$references=$_REQUEST["references"];
@$id=$_REQUEST["id"];
if (!isset($group)) $group=$newsgroups;
@$fieldnamedecrypt = $_REQUEST['fielddecrypt'];
// @$newsgroups=$_REQUEST["newsgroups"];
// @$group=$_REQUEST["group"];
@$type = $_REQUEST["type"];
@$subject = stripslashes($_POST[md5($fieldnamedecrypt . "subject")]);
@$name = $_POST[md5($fieldnamedecrypt . "name")];
@$email = $_POST[md5($fieldnamedecrypt . "email")];
@$body = stripslashes($_POST[md5($fieldnamedecrypt . "body")]);
@$abspeichern = $_REQUEST["abspeichern"];
@$references = $_REQUEST["references"];
@$id = $_REQUEST["id"];
if (! isset($group))
$group = $newsgroups;
include "auth.inc";
if($post_captcha)
include "lib/captcha/captcha.php";
if ($post_captcha)
include "lib/captcha/captcha.php";
// Save name in cookies
if (($setcookies==true) && (isset($abspeichern)) && ($abspeichern=="ja")) {
setcookie("cookie_name",stripslashes($name),time()+(3600*24*90),"/");
}
if ((isset($post_server)) && ($post_server!=""))
$server=$post_server;
if ((isset($post_port)) && ($post_port!=""))
$port=$post_port;
if (($setcookies == true) && (isset($abspeichern)) && ($abspeichern == "ja")) {
setcookie("cookie_name", stripslashes($name), time() + (3600 * 24 * 90), "/");
}
if ((isset($post_server)) && ($post_server != ""))
$server = $post_server;
if ((isset($post_port)) && ($post_port != ""))
$port = $post_port;
include $file_newsportal;
include "head.inc";
global $synchro_user,$synchro_pass;
global $synchro_user, $synchro_pass;
// check to which groups the user is allowed to post to
$thisgroup=_rawurldecode($_REQUEST['group']);
if($testgroup) {
$newsgroups=testgroups($thisgroup);
$thisgroup = _rawurldecode($_REQUEST['group']);
if ($testgroup) {
$newsgroups = testgroups($thisgroup);
} else {
$newsgroups=$thisgroup;
$newsgroups = $thisgroup;
}
$returngroup = preg_split("/( |\,)/", $newsgroups, 2);
echo '<h1 class="np_thread_headline">';
echo '<a href="'.$file_index.'" target='.$frame['menu'].'>'.basename(getcwd()).'</a> / ';
echo '<a href="'.$file_thread.'?group='.rawurlencode($thisgroup).'" target='.$frame["content"].'>'.htmlspecialchars(group_display_name($thisgroup)).'</a>';
if(isset($type) && $type == 'post') {
echo ' / '.$subject.'</h1>';
} else {
echo '<h1 class="np_thread_headline">';
echo '<a href="' . $file_index . '" target=' . $frame['menu'] . '>' . basename(getcwd()) . '</a> / ';
echo '<a href="' . $file_thread . '?group=' . rawurlencode($thisgroup) . '" target=' . $frame["content"] . '>' . htmlspecialchars(group_display_name($thisgroup)) . '</a>';
if (isset($type) && $type == 'post') {
echo ' / ' . $subject . '</h1>';
} else {
echo '</h1>';
}
}
// has the user write-rights on the newsgroups?
if((function_exists("npreg_group_has_read_access") &&
!npreg_group_has_read_access($newsgroups)) ||
(function_exists("npreg_group_has_write_access") &&
!npreg_group_has_write_access($newsgroups))) {
die("access denied");
if ((function_exists("npreg_group_has_read_access") && ! npreg_group_has_read_access($newsgroups)) || (function_exists("npreg_group_has_write_access") && ! npreg_group_has_write_access($newsgroups))) {
die("access denied");
}
// Load name from cookies
if ($setcookies) {
if ((isset($_COOKIE["cookie_name"])) && (!isset($name)))
$name=$_COOKIE["cookie_name"];
// if ((isset($_COOKIE["cookie_email"])) && (!isset($email)))
// $email=$_COOKIE["cookie_email"];
if ((isset($_COOKIE["cookie_name"])) && (! isset($name)))
$name = $_COOKIE["cookie_name"];
// if ((isset($_COOKIE["cookie_email"])) && (!isset($email)))
// $email=$_COOKIE["cookie_email"];
}
// Load name and email from the registration system, if available
if(function_exists("npreg_get_name")) {
$name=npreg_get_name();
if (function_exists("npreg_get_name")) {
$name = npreg_get_name();
}
if(function_exists("npreg_get_email")) {
$email=npreg_get_email();
$form_noemail=true;
if (function_exists("npreg_get_email")) {
$email = npreg_get_email();
$form_noemail = true;
}
if(!strcmp($name, $CONFIG['anonusername']) && (isset($CONFIG['anonuser']))) {
$userpass = $CONFIG['anonuserpass'];
$email=$name.$CONFIG['email_tail'];
if (! strcmp($name, $CONFIG['anonusername']) && (isset($CONFIG['anonuser']))) {
$userpass = $CONFIG['anonuserpass'];
$email = $name . $CONFIG['email_tail'];
} else {
$userpass = $email;
$request="email";
$get_email = get_user_config($name,$request);
if($get_email === FALSE) {
$email=$name.$CONFIG['email_tail'];
} else {
$email=trim($get_email);
}
$userpass = $email;
$request = "email";
$get_email = get_user_config($name, $request);
if ($get_email === FALSE) {
$email = $name . $CONFIG['email_tail'];
} else {
$email = trim($get_email);
}
}
if (isset($CONFIG['synchronet']) && ($CONFIG['synchronet'] == true)) {
$synchro_user=$name;
$synchro_pass=$userpass;
}
if($name=="")
$name=$_SERVER['REMOTE_USER'];
if((!isset($references)) || ($references=="")) {
$references=false;
$synchro_user = $name;
$synchro_pass = $userpass;
}
if (!isset($type)) {
$type="new";
if ($name == "")
$name = $_SERVER['REMOTE_USER'];
if ((! isset($references)) || ($references == "")) {
$references = false;
}
if ($type=="new") {
$subject="";
$bodyzeile="";
$show=1;
if (! isset($type)) {
$type = "new";
}
if ($type == "new") {
$subject = "";
$bodyzeile = "";
$show = 1;
}
// Is there a new article to post to the newsserver?
if ($type=="post") {
$show=0;
if (!$CONFIG['synchronet']) {
if (check_bbs_auth(trim($name), $userpass) == FALSE) {
$type="retry";
$error=$text_error["auth_error"];
}
}
// error handling
if (trim($body)=="") {
$type="retry";
$error=$text_post["missing_message"];
}
if ((trim($email)=="") && (!isset($anonym_address))) {
$type="retry";
$error=$text_post["missing_email"];
}
if (($email) && (!validate_email(trim($email)))) {
$type="retry";
$error=$text_post["error_wrong_email"];
}
if (trim($name)=="") {
$type="retry";
$error=$text_post["missing_name"];
}
if (trim($subject)=="") {
$type="retry";
$error=$text_post["missing_subject"];
}
// captcha-check
if(($post_captcha) && (captcha::check()==false)) {
$type="retry";
$error=$text_post["captchafail"];
}
if ($type=="post") {
$name = trim($name);
if (!$CONFIG['readonly']) {
// post article to the newsserver
if($references)
$references_array=explode(" ",$references);
else
$references_array=false;
if(($email=="") && (isset($anonym_address)))
$nemail=$anonym_address;
else
$nemail=$email;
$rate_limit = get_user_config($name, 'rate_limit');
if(($rate_limit !== FALSE) && ($rate_limit > 0)) {
$CONFIG['rate_limit'] = $rate_limit;
if ($type == "post") {
$show = 0;
if (! $CONFIG['synchronet']) {
if (check_bbs_auth(trim($name), $userpass) == FALSE) {
$type = "retry";
$error = $text_error["auth_error"];
}
if($CONFIG['rate_limit'] == true) {
$postsremaining = check_rate_limit($name);
if($postsremaining < 1) {
$wait = check_rate_limit($name,0,1);
echo 'You have reached the limit of '.$CONFIG['rate_limit'].' posts per hour.<br />Please wait '.round($wait).' minutes before posting again.';
echo '<p><a href="'.$file_thread.'?group='.urlencode($returngroup[0]).'">'.$text_post["button_back"].'</a> '.$text_post["button_back2"].' '.group_display_name($returngroup[0]).'</p>';
return;
}
}
if(isset($_FILES["photo"]) && $_FILES["photo"]["error"] == 0) {
$_FILES['photo']['name'] = preg_replace('/[^a-zA-Z0-9\.]/', '_', $_FILES['photo']['name']);
// There is an attachment to handle
$message=message_post(quoted_printable_encode($subject),
$nemail." (".quoted_printable_encode($name).")",
$newsgroups,$references_array,addslashes($body),$_POST['encryptthis'],$_POST['encryptto'],strtolower($name),null,true);
} else {
$message=message_post(quoted_printable_encode($subject),
$nemail." (".quoted_printable_encode($name).")",
$newsgroups,$references_array,addslashes($body),$_POST['encryptthis'],$_POST['encryptto'],strtolower($name));
}
// Article sent without errors, or duplicate?
if ((substr($message,0,3)=="240") ||
(substr($message,0,7)=="441 435")) {
echo '<h1 class="np_post_headline"><'.$text_post["message_posted"].'></h1>';
echo '<p>'.$text_post["message_posted2"].'</p>';
if(isset($CONFIG['auto_return']) && ($CONFIG['auto_return'] == true)) {
echo '<meta http-equiv="refresh" content="0;url='.$file_thread.'?group='.urlencode($returngroup[0]).'"';
}
if($CONFIG['rate_limit'] == true) {
$postsremaining = check_rate_limit($name,1);
echo 'You have '.$postsremaining.' posts remaining of '.$CONFIG['rate_limit'].' posts per hour.<br />';
if($postsremaining < 1) {
$wait = check_rate_limit($name,0,1);
echo 'Please wait '.round($wait).' minutes before posting again.<br />';
}
}
// echo '<p><a href="'.$file_thread.'?group='.urlencode($returngroup[0]).'">'.$text_post["button_back"].'</a> '.$text_post["button_back2"].' '.group_display_name($returngroup[0]).'</p>';
if(isset($_REQUEST['returngroup']) && $_REQUEST['returngroup'] !== '') {
echo '<p><a href="'.$file_thread.'?group='.$_REQUEST['returngroup'].'">Your post will appear in '.group_display_name($_REQUEST['returngroup']).'</a></p>';
}
if(isset($_SESSION['return_page'])) {
echo '<p><a href="'.$_SESSION['return_page'].'">Back to Previous Page</a></p>';
} else {
echo '<p><a href="'.$file_thread.'?group='.$_REQUEST['returngroup'].'">Back</a></p>';
}
} else {
// article not accepted by the newsserver
$type="retry";
$error=$text_post["error_newsserver"]."<br><pre>$message</pre>";
}
} else {
echo $text_post["error_readonly"];
// error handling
if (trim($body) == "") {
$type = "retry";
$error = $text_post["missing_message"];
}
if ((trim($email) == "") && (! isset($anonym_address))) {
$type = "retry";
$error = $text_post["missing_email"];
}
if (($email) && (! validate_email(trim($email)))) {
$type = "retry";
$error = $text_post["error_wrong_email"];
}
if (trim($name) == "") {
$type = "retry";
$error = $text_post["missing_name"];
}
if (trim($subject) == "") {
$type = "retry";
$error = $text_post["missing_subject"];
}
// captcha-check
if (($post_captcha) && (captcha::check() == false)) {
$type = "retry";
$error = $text_post["captchafail"];
}
if ($type == "post") {
$name = trim($name);
if (! $CONFIG['readonly']) {
// post article to the newsserver
if ($references)
$references_array = explode(" ", $references);
else
$references_array = false;
if (($email == "") && (isset($anonym_address)))
$nemail = $anonym_address;
else
$nemail = $email;
$rate_limit = get_user_config($name, 'rate_limit');
if (($rate_limit !== FALSE) && ($rate_limit > 0)) {
$CONFIG['rate_limit'] = $rate_limit;
}
if ($CONFIG['rate_limit'] == true) {
$postsremaining = check_rate_limit($name);
if ($postsremaining < 1) {
$wait = check_rate_limit($name, 0, 1);
echo 'You have reached the limit of ' . $CONFIG['rate_limit'] . ' posts per hour.<br />Please wait ' . round($wait) . ' minutes before posting again.';
echo '<p><a href="' . $file_thread . '?group=' . urlencode($returngroup[0]) . '">' . $text_post["button_back"] . '</a> ' . $text_post["button_back2"] . ' ' . group_display_name($returngroup[0]) . '</p>';
return;
}
}
if (isset($_FILES["photo"]) && $_FILES["photo"]["error"] == 0) {
$_FILES['photo']['name'] = preg_replace('/[^a-zA-Z0-9\.]/', '_', $_FILES['photo']['name']);
// There is an attachment to handle
$message = message_post(quoted_printable_encode($subject), $nemail . " (" . quoted_printable_encode($name) . ")", $newsgroups, $references_array, addslashes($body), $_POST['encryptthis'], $_POST['encryptto'], strtolower($name), null, true);
} else {
$message = message_post(quoted_printable_encode($subject), $nemail . " (" . quoted_printable_encode($name) . ")", $newsgroups, $references_array, addslashes($body), $_POST['encryptthis'], $_POST['encryptto'], strtolower($name));
}
// Article sent without errors, or duplicate?
if ((substr($message, 0, 3) == "240") || (substr($message, 0, 7) == "441 435")) {
echo '<h1 class="np_post_headline"><' . $text_post["message_posted"] . '></h1>';
echo '<p>' . $text_post["message_posted2"] . '</p>';
if (isset($CONFIG['auto_return']) && ($CONFIG['auto_return'] == true)) {
echo '<meta http-equiv="refresh" content="0;url=' . $file_thread . '?group=' . urlencode($returngroup[0]) . '"';
}
if ($CONFIG['rate_limit'] == true) {
$postsremaining = check_rate_limit($name, 1);
echo 'You have ' . $postsremaining . ' posts remaining of ' . $CONFIG['rate_limit'] . ' posts per hour.<br />';
if ($postsremaining < 1) {
$wait = check_rate_limit($name, 0, 1);
echo 'Please wait ' . round($wait) . ' minutes before posting again.<br />';
}
}
// echo '<p><a href="'.$file_thread.'?group='.urlencode($returngroup[0]).'">'.$text_post["button_back"].'</a> '.$text_post["button_back2"].' '.group_display_name($returngroup[0]).'</p>';
if (isset($_REQUEST['returngroup']) && $_REQUEST['returngroup'] !== '') {
echo '<p><a href="' . $file_thread . '?group=' . $_REQUEST['returngroup'] . '">Your post will appear in ' . group_display_name($_REQUEST['returngroup']) . '</a></p>';
}
if (isset($_SESSION['return_page'])) {
echo '<p><a href="' . $_SESSION['return_page'] . '">Back to Previous Page</a></p>';
} else {
echo '<p><a href="' . $file_thread . '?group=' . $_REQUEST['returngroup'] . '">Back</a></p>';
}
} else {
// article not accepted by the newsserver
$type = "retry";
$error = $text_post["error_newsserver"] . "<br><pre>$message</pre>";
}
} else {
echo $text_post["error_readonly"];
}
}
}
}
// A reply of an other article.
if ($type=="reply") {
$message=message_read($id,0,$newsgroups);
$head=$message->header;
if ($type == "reply") {
$message = message_read($id, 0, $newsgroups);
$head = $message->header;
$body=explode("\n",$message->body[0]);
nntp_close($ns);
if ($head->name != "") {
$bodyzeile=$head->name;
} else {
$bodyzeile=$head->from;
}
// For Synchronet use
$fromname=$bodyzeile;
$bodyzeile=$text_post["wrote_prefix"].$bodyzeile.
$text_post["wrote_suffix"]."\n\n";
for ($i=0; $i<=count($body)-1; $i++) {
if((isset($cutsignature)) && ($cutsignature==true) &&
($body[$i]=='-- '))
break;
if (trim($body[$i])!="") {
if($body[$i][0]=='>')
$bodyzeile.=">".$body[$i]."\n";
else
$bodyzeile.="> ".$body[$i]."\n";
$body = explode("\n", $message->body[0]);
nntp_close($ns);
if ($head->name != "") {
$bodyzeile = $head->name;
} else {
$bodyzeile.="\n";
$bodyzeile = $head->from;
}
}
$subject=$head->subject;
if (isset($head->followup) && ($head->followup != "")) {
$newsgroups=$head->followup;
} else {
if($testgroup) {
$newsgroups=testgroups($head->newsgroups);
// For Synchronet use
$fromname = $bodyzeile;
$bodyzeile = $text_post["wrote_prefix"] . $bodyzeile . $text_post["wrote_suffix"] . "\n\n";
for ($i = 0; $i <= count($body) - 1; $i ++) {
if ((isset($cutsignature)) && ($cutsignature == true) && ($body[$i] == '-- '))
break;
if (trim($body[$i]) != "") {
if ($body[$i][0] == '>')
$bodyzeile .= ">" . $body[$i] . "\n";
else
$bodyzeile .= "> " . $body[$i] . "\n";
} else {
$bodyzeile .= "\n";
}
}
$subject = $head->subject;
if (isset($head->followup) && ($head->followup != "")) {
$newsgroups = $head->followup;
} else {
$newsgroups=$head->newsgroups;
if ($testgroup) {
$newsgroups = testgroups($head->newsgroups);
} else {
$newsgroups = $head->newsgroups;
}
}
}
splitSubject($subject);
$subject="Re: ".$subject;
// Cut off old parts of a subject
// for example: 'foo (was: bar)' becomes 'foo'.
$subject=preg_replace('/(\(wa[sr]: .*\))$/i','',$subject);
$show=1;
$references=false;
if (isset($head->references[0])) {
for ($i=0; $i<=count($head->references)-1; $i++) {
$references .= $head->references[$i]." ";
splitSubject($subject);
$subject = "Re: " . $subject;
// Cut off old parts of a subject
// for example: 'foo (was: bar)' becomes 'foo'.
$subject = preg_replace('/(\(wa[sr]: .*\))$/i', '', $subject);
$show = 1;
$references = false;
if (isset($head->references[0])) {
for ($i = 0; $i <= count($head->references) - 1; $i ++) {
$references .= $head->references[$i] . " ";
}
}
}
$references .= $head->id;
$references .= $head->id;
}
if ($type=="retry") {
$show=1;
$bodyzeile=$body;
if ($type == "retry") {
$show = 1;
$bodyzeile = $body;
}
if ($show==1) {
if ($show == 1) {
if ($newsgroups == "") {
echo $text_post["followup_not_allowed"];
echo " " . $newsgroups;
} else {
// show post form
$fieldencrypt = md5(rand(1, 10000000));
echo '<h1 class="np_post_headline">' . $text_post["group_head"] . group_display_name($newsgroups) . $text_post["group_tail"] . '</h1>';
if ($newsgroups == "") {
echo $text_post["followup_not_allowed"];
echo " ".$newsgroups;
} else {
// show post form
$fieldencrypt=md5(rand(1,10000000));
echo '<h1 class="np_post_headline">'.$text_post["group_head"].group_display_name($newsgroups)
.$text_post["group_tail"].'</h1>';
if (isset($error))
echo "<p>$error</p>";
?>
if (isset($error)) echo "<p>$error</p>"; ?>
<form action="<?php echo $file_post?>" method="post" name="postform"
enctype="multipart/form-data">
<form action="<?php echo $file_post?>" method="post" name="postform" enctype="multipart/form-data">
<div class="np_post_header">
<table>
<tr><td align="right"><b><?php echo $text_header["subject"] ?></b></td>
<td><input class="post" type="text" name="<?php echo md5($fieldencrypt."subject")?>" value="<?php
echo htmlspecialchars($subject);?>" size="40" maxlength="80"></td></tr>
<tr><td align="right"><b><?php echo $text_post["name"]?></b></td>
<td align="left">
<div class="np_post_header">
<table>
<tr>
<td align="right"><b><?php echo $text_header["subject"] ?></b></td>
<td><input class="post" type="text"
name="<?php echo md5($fieldencrypt."subject")?>"
value="<?php
echo htmlspecialchars($subject);
?>" size="40"
maxlength="80"></td>
</tr>
<tr>
<td align="right"><b><?php echo $text_post["name"]?></b></td>
<td align="left">
<?php
if ( !isset($name) && $CONFIG['anonuser'])
$name = $CONFIG['anonusername'];
if($form_noname===true) {
echo htmlspecialchars($name);
} else {
echo '<input class="post" type="text" name="'.md5($fieldencrypt."name").'"';
if (isset($name)) echo 'value="'.
htmlspecialchars(stripslashes($name)).'"';
echo 'size="40" maxlength="40">';
if($CONFIG['anonuser'])
echo '&nbsp;or "'.$CONFIG['anonusername'].'" with no password';
}
?>
</td></tr>
<tr><td align="right"><b><?php echo $text_post["password"]?></b></td>
<td align="left">
if (! isset($name) && $CONFIG['anonuser'])
$name = $CONFIG['anonusername'];
if ($form_noname === true) {
echo htmlspecialchars($name);
} else {
echo '<input class="post" type="text" name="' . md5($fieldencrypt . "name") . '"';
if (isset($name))
echo 'value="' . htmlspecialchars(stripslashes($name)) . '"';
echo 'size="40" maxlength="40">';
if ($CONFIG['anonuser'])
echo '&nbsp;or "' . $CONFIG['anonusername'] . '" with no password';
}
?>
</td>
</tr>
<tr>
<td align="right"><b><?php echo $text_post["password"]?></b></td>
<td align="left">
<?php
echo '<input class="post" type="password" name="'.md5($fieldencrypt."email").'"';
// if (isset($email)) echo 'value="'.htmlspecialchars(stripslashes($email)).'"';
echo 'size="40" maxlength="40">';
?>
</td</tr>
echo '<input class="post" type="password" name="' . md5($fieldencrypt . "email") . '"';
// if (isset($email)) echo 'value="'.htmlspecialchars(stripslashes($email)).'"';
echo 'size="40" maxlength="40">';
?>
</td
</tr>
<?php
// May we post encrypted messages to this group?
if(check_encryption_groups($newsgroups)) { ?>
<tr><td align="left">
<input type="checkbox" name="encryptthis" value="encrypt">
<b>Encrypt to:</b>
</td>
<td><input type="text" name="encryptto" value="<?php echo $fromname;?>"></td>
</tr>
<?php
}
?>
// May we post encrypted messages to this group?
if (check_encryption_groups($newsgroups)) {
?>
<tr>
<td align="left"><input type="checkbox" name="encryptthis"
value="encrypt"> <b>Encrypt to:</b></td>
<td><input type="text" name="encryptto"
value="<?php echo $fromname;?>"></td>
</tr>
<?php
}
?>
</table>
</div>
</div>
<div class="np_post_body">
<table>
<tr><td><b><?php echo $text_post["message"];?></b><br>
<textarea class="postbody" id="postbody" name="<?php echo md5($fieldencrypt."body")?>" wrap="soft"><?php
if ((isset($bodyzeile)) && ($post_autoquote))
echo htmlspecialchars($bodyzeile);
if(is_string($body))
echo htmlspecialchars($body);
?>
</textarea></td></tr>
<tr><td>
<div class="np_post_body">
<table>
<tr>
<td><b><?php echo $text_post["message"];?></b><br> <textarea
class="postbody" id="postbody"
name="<?php echo md5($fieldencrypt."body")?>" wrap="soft"><?php
if ((isset($bodyzeile)) && ($post_autoquote))
echo htmlspecialchars($bodyzeile);
if (is_string($body))
echo htmlspecialchars($body);
?>
</textarea></td>
</tr>
<tr>
<td>
<?php if(!$post_autoquote) { ?>
<input type="hidden" id="hidebody" value="<?php
if (isset($bodyzeile)) echo htmlspecialchars(stripslashes($bodyzeile)); ?>">
<input type="hidden" id="hidebody"
value="<?php
if (isset($bodyzeile))
echo htmlspecialchars(stripslashes($bodyzeile));
?>">
<script language="JavaScript">
<script language="JavaScript">
<!--
function quoten() {
document.getElementById("postbody").value=document.getElementById("hidebody").value;
@ -393,31 +404,40 @@ function quoten() {
<?php } ?>
<input type="submit" value="<?php echo $text_post["button_post"];?>">
<input type="submit" value="<?php echo $text_post["button_post"];?>">
<?php if ($setcookies==true) { ?>
&nbsp;<input tabindex="100" type="Button" name="quote" value="<?php echo $text_post["quote"]?>" onclick="quoten(); this.style.visibility= 'hidden';">
&nbsp;<input type="checkbox" name="abspeichern" value="ja" checked>
&nbsp;<input tabindex="100" type="Button" name="quote"
value="<?php echo $text_post["quote"]?>"
onclick="quoten(); this.style.visibility= 'hidden';"> &nbsp;<input
type="checkbox" name="abspeichern" value="ja" checked>
<?php echo $text_post["remember"];?>
<?php } ?>
&nbsp;<input type="file" name="photo" id="fileSelect" value="fileSelect" accept="image/*,audio/*,text/*,application/pdf">
</td>
</tr>
&nbsp;<input type="file" name="photo" id="fileSelect" value="fileSelect"
accept="image/*,audio/*,text/*,application/pdf">
</td>
</tr>
<?php if($post_captcha) {
echo '<tr><td>';
echo captcha::form($text_post["captchainfo1"],$text_post["captchainfo2"]);
echo '</td></tr>';
} ?>
<?php
if ($post_captcha) {
echo '<tr><td>';
echo captcha::form($text_post["captchainfo1"], $text_post["captchainfo2"]);
echo '</td></tr>';
}
?>
</table>
</div>
<input type="hidden" name="type" value="post">
<input type="hidden" name="newsgroups" value="<?php echo htmlspecialchars($newsgroups); ?>">
<input type="hidden" name="references" value="<?php echo htmlentities($references); ?>">
<input type="hidden" name="group" value="<?php echo htmlspecialchars($newsgroups); ?>">
<input type="hidden" name="returngroup" value="<?php echo htmlspecialchars($head->followup); ?>">
<input type="hidden" name="fielddecrypt" value="<?php echo htmlspecialchars($fieldencrypt);?>">
</div>
<input type="hidden" name="type" value="post"> <input type="hidden"
name="newsgroups" value="<?php echo htmlspecialchars($newsgroups); ?>">
<input type="hidden" name="references"
value="<?php echo htmlentities($references); ?>"> <input type="hidden"
name="group" value="<?php echo htmlspecialchars($newsgroups); ?>"> <input
type="hidden" name="returngroup"
value="<?php echo htmlspecialchars($head->followup); ?>"> <input
type="hidden" name="fielddecrypt"
value="<?php echo htmlspecialchars($fieldencrypt);?>">
</form>
<?php } } ?>

547
Rocksolid_Light/rocksolid/search.php
View File

@ -2,7 +2,7 @@
session_cache_limiter('public');
session_start();
header("Expires: ".gmdate("D, d M Y H:i:s",time()+(600))." GMT");
header("Expires: " . gmdate("D, d M Y H:i:s", time() + (600)) . " GMT");
header("Cache-Control: max-age=100");
header("Pragma: cache");
@ -13,78 +13,78 @@ throttle_hits();
$snippet_size = 100;
if(isset($_REQUEST['data']) && $_REQUEST['data'] == '') {
unset($_REQUEST['data']);
if (isset($_REQUEST['data']) && $_REQUEST['data'] == '') {
unset($_REQUEST['data']);
}
if((!isset($_POST['key']) || !password_verify($CONFIG['thissitekey'], $_POST['key'])) || ((strlen(trim($_REQUEST['terms'])) < 2) && !$_REQUEST['data'])) {
include "head.inc";
if ((! isset($_POST['key']) || ! password_verify($CONFIG['thissitekey'], $_POST['key'])) || ((strlen(trim($_REQUEST['terms'])) < 2) && ! $_REQUEST['data'])) {
include "head.inc";
echo '<h1 class="np_thread_headline">';
echo '<a href="'.$file_index.'" target='.$frame['menu'].'>'.basename(getcwd()).'</a> / ';
echo 'search</h1>';
echo '<table cellpadding="0" cellspacing="0" class="np_buttonbar"><tr>';
if(isset($_GET['group'])) {
$searching = $_GET['group'];
} else {
$searching = $config_name;
}
echo '<body>';
echo '<table width=100% border="0" align="center" cellpadding="0" cellspacing="1">';
echo '<tr>';
echo '<form name="form1" method="post" action="search.php">';
echo '<td>';
echo '<table width="100%" align="center" border="0" cellpadding="3" cellspacing="1">';
echo '<tr>';
echo '<td colspan="3">Searching <strong>'.$searching.'</strong></td>';
echo '</tr>';
echo '<tr></tr>';
echo '<tr>';
if(!isset($_REQUEST['data'])) {
echo '<td>Search Terms:&nbsp';
} else {
echo '<td>Search Poster:&nbsp';
}
if(isset($_GET['terms'])) {
echo '<input name="terms" type="text" id="terms" value="'.$_GET['terms'].'"></td>';
} else {
echo '<input name="terms" type="text" id="terms"></td>';
}
echo '</tr><tr></tr><tr><td>';
echo '<h1 class="np_thread_headline">';
echo '<a href="' . $file_index . '" target=' . $frame['menu'] . '>' . basename(getcwd()) . '</a> / ';
echo 'search</h1>';
echo '<table cellpadding="0" cellspacing="0" class="np_buttonbar"><tr>';
if (isset($_GET['group'])) {
$searching = $_GET['group'];
} else {
$searching = $config_name;
}
echo '<body>';
echo '<table width=100% border="0" align="center" cellpadding="0" cellspacing="1">';
echo '<tr>';
echo '<form name="form1" method="post" action="search.php">';
echo '<td>';
echo '<table width="100%" align="center" border="0" cellpadding="3" cellspacing="1">';
echo '<tr>';
echo '<td colspan="3">Searching <strong>' . $searching . '</strong></td>';
echo '</tr>';
echo '<tr></tr>';
echo '<tr>';
if (! isset($_REQUEST['data'])) {
echo '<td>Search Terms:&nbsp';
} else {
echo '<td>Search Poster:&nbsp';
}
if (isset($_GET['terms'])) {
echo '<input name="terms" type="text" id="terms" value="' . $_GET['terms'] . '"></td>';
} else {
echo '<input name="terms" type="text" id="terms"></td>';
}
echo '</tr><tr></tr><tr><td>';
if (isset($_GET['searchpoint']) && $_GET['searchpoint'] == 'Poster') {
if($CONFIG['article_database'] == '1') {
echo '<input type="radio" name="searchpoint" value="body"/>Body&nbsp;';
}
echo '<input type="radio" name="searchpoint" value="subject"/>Subject&nbsp;';
echo '<input type="radio" name="searchpoint" value="name" checked="checked"/>Poster&nbsp;';
echo '<input type="radio" name="searchpoint" value="msgid"/>Message-ID';
} else {
if($CONFIG['article_database'] == '1') {
echo '&nbsp;<input type="radio" name="searchpoint" value="body" checked="checked"/>Body&nbsp;';
}
echo '<input type="radio" name="searchpoint" value="subject"/>Subject&nbsp;';
echo '<input type="radio" name="searchpoint" value="name"/>Poster&nbsp;';
echo '<input type="radio" name="searchpoint" value="msgid"/>Message-ID';
if (isset($_GET['searchpoint']) && $_GET['searchpoint'] == 'Poster') {
if ($CONFIG['article_database'] == '1') {
echo '<input type="radio" name="searchpoint" value="body"/>Body&nbsp;';
}
echo '<input type="radio" name="searchpoint" value="subject"/>Subject&nbsp;';
echo '<input type="radio" name="searchpoint" value="name" checked="checked"/>Poster&nbsp;';
echo '<input type="radio" name="searchpoint" value="msgid"/>Message-ID';
} else {
if ($CONFIG['article_database'] == '1') {
echo '&nbsp;<input type="radio" name="searchpoint" value="body" checked="checked"/>Body&nbsp;';
}
echo '<input type="radio" name="searchpoint" value="subject"/>Subject&nbsp;';
echo '<input type="radio" name="searchpoint" value="name"/>Poster&nbsp;';
echo '<input type="radio" name="searchpoint" value="msgid"/>Message-ID';
}
echo '</td></tr>';
echo '<tr>';
echo '<td><input name="command" type="hidden" id="command" value="Search" readonly="readonly"></td>';
if (isset($_GET['group'])) {
echo '<input type="hidden" name="group" value="' . $_GET['group'] . '">';
}
echo '<input type="hidden" name="key" value="' . password_hash($CONFIG['thissitekey'], PASSWORD_DEFAULT) . '">';
if (isset($_GET['data'])) {
echo '<input type="hidden" name="data" value="' . $_GET['data'] . '">';
}
echo '</tr><tr></tr><tr>';
echo '<td><input type="submit" name="Submit" value="Search"></td>';
echo '</tr><tr><td><td></td><td></td></table></td></form></tr></table></body></html>';
exit(0);
}
echo '</td></tr>';
echo '<tr>';
echo '<td><input name="command" type="hidden" id="command" value="Search" readonly="readonly"></td>';
if(isset($_GET['group'])) {
echo '<input type="hidden" name="group" value="'.$_GET['group'].'">';
}
echo '<input type="hidden" name="key" value="'.password_hash($CONFIG['thissitekey'], PASSWORD_DEFAULT).'">';
if(isset($_GET['data'])) {
echo '<input type="hidden" name="data" value="'.$_GET['data'].'">';
}
echo '</tr><tr></tr><tr>';
echo '<td><input type="submit" name="Submit" value="Search"></td>';
echo '</tr><tr><td><td></td><td></td></table></td></form></tr></table></body></html>';
exit(0);
}
if(isset($frames_on) && $frames_on === true) {
?>
if (isset($frames_on) && $frames_on === true) {
?>
<script>
var contentURL=window.location.pathname+window.location.search+window.location.hash;
if ( window.self !== window.top ) {
@ -103,38 +103,38 @@ $maxdisplay = 1000;
$thissite = '.';
$groupconfig=$config_path."/groups.txt";
$groupconfig = $config_path . "/groups.txt";
$title.=' - search results for: '.$_POST['terms'];
$title .= ' - search results for: ' . $_POST['terms'];
include "head.inc";
ob_start();
if (isset($_POST['thisgroup'])) {
echo '<h1 class="np_thread_headline">'.$grouplist[0].' (latest)</h1>';
echo '<h1 class="np_thread_headline">' . $grouplist[0] . ' (latest)</h1>';
echo '<table cellpadding="0" cellspacing="0" width="100%" class="np_buttonbar"><tr>';
// Article List button
// Article List button
echo '<td>';
echo '<form action="'.$file_thread.'">';
echo '<input type="hidden" name="group" value="'.$grouplist[0].'"/>';
echo '<button class="np_button_link" type="submit">'.$text_article["back_to_group"].'</button>';
echo '<form action="' . $file_thread . '">';
echo '<input type="hidden" name="group" value="' . $grouplist[0] . '"/>';
echo '<button class="np_button_link" type="submit">' . $text_article["back_to_group"] . '</button>';
echo '</form>';
echo '</td>';
// Newsgroups button (hidden)
// Newsgroups button (hidden)
echo '<td>';
echo '<form action="'.$file_index.'">';
echo '<button class="np_button_hidden" type="submit">'.$text_thread["button_grouplist"].'</button>';
echo '<form action="' . $file_index . '">';
echo '<button class="np_button_hidden" type="submit">' . $text_thread["button_grouplist"] . '</button>';
echo '</form>';
echo '</td>';
echo '</tr></table>';
} else {
} else {
echo '<h1 class="np_thread_headline">';
echo '<a href="'.$file_index.'" target='.$frame['menu'].'>'.basename(getcwd()).'</a> / ';
echo 'search results for: '.$_POST['terms'].'</h1>';
echo '<a href="' . $file_index . '" target=' . $frame['menu'] . '>' . basename(getcwd()) . '</a> / ';
echo 'search results for: ' . $_POST['terms'] . '</h1>';
echo '<table cellpadding="0" cellspacing="0" width="100%" class="np_buttonbar"><tr>';
// Newsgroups button (hidden)
// Newsgroups button (hidden)
echo '<td>';
echo '<form action="'.$file_index.'">';
echo '<button class="np_button_hidden" type="submit">'.$text_thread["button_grouplist"].'</button>';
echo '<form action="' . $file_index . '">';
echo '<button class="np_button_hidden" type="submit">' . $text_thread["button_grouplist"] . '</button>';
echo '</form>';
echo '</td>';
echo '</tr></table>';
@ -143,117 +143,119 @@ echo '<table cellspacing="0" width="100%" class="np_results_table">';
# Iterate through groups
$results=0;
if(isset($_COOKIE['tzo'])) {
$offset=$_COOKIE['tzo'];
} else {
$offset=$CONFIG['timezone'];
}
$overview = array();
if(!isset($group)) {
$results = 0;
if (isset($_COOKIE['tzo'])) {
$offset = $_COOKIE['tzo'];
} else {
$offset = $CONFIG['timezone'];
}
$overview = array();
if (! isset($group)) {
$group = null;
}
if($_POST['searchpoint'] == 'body') {
}
if ($_POST['searchpoint'] == 'body') {
$overview = get_body_search($group, $_POST['terms']);
} else {
if(isset($_REQUEST['data'])) {
$overview = get_header_search($group, base64_decode(urldecode($_REQUEST['data'])));
} else {
if (isset($_REQUEST['data'])) {
$overview = get_header_search($group, base64_decode(urldecode($_REQUEST['data'])));
} else {
$overview = get_header_search($group, $_POST['terms']);
$overview = get_header_search($group, $_POST['terms']);
}
}
foreach($overview as $overviewline) {
/* Find section for links */
$menulist = file($config_dir."menu.conf", FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
}
foreach ($overview as $overviewline) {
/* Find section for links */
$menulist = file($config_dir . "menu.conf", FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
foreach($menulist as $menu) {
if($menu[0] == '#') {
continue;
}
$menuitem=explode(':', $menu);
$glfp=fopen($config_dir.$menuitem[0]."/groups.txt", 'r');
$section="";
while($gl=fgets($glfp)) {
$group_name = preg_split("/( |\t)/", $gl, 2);
if(stripos(trim($overviewline['newsgroup']), trim($group_name[0])) !== false) {
$section=$menuitem[0];
break 2;
foreach ($menulist as $menu) {
if ($menu[0] == '#') {
continue;
}
$menuitem = explode(':', $menu);
$glfp = fopen($config_dir . $menuitem[0] . "/groups.txt", 'r');
$section = "";
while ($gl = fgets($glfp)) {
$group_name = preg_split("/( |\t)/", $gl, 2);
if (stripos(trim($overviewline['newsgroup']), trim($group_name[0])) !== false) {
$section = $menuitem[0];
break 2;
}
}
}
}
fclose($glfp);
# Generate link
$url = "../".$section."/article-flat.php?id=".$overviewline['number']."&group="._rawurlencode($overviewline['newsgroup'])."#".$overviewline['number'];
$groupurl = "../".$section."/thread.php?group="._rawurlencode($overviewline['newsgroup']);
$fromoutput = explode("<", html_entity_decode($overviewline['name']));
# Generate link
$url = "../" . $section . "/article-flat.php?id=" . $overviewline['number'] . "&group=" . _rawurlencode($overviewline['newsgroup']) . "#" . $overviewline['number'];
$groupurl = "../" . $section . "/thread.php?group=" . _rawurlencode($overviewline['newsgroup']);
$fromoutput = explode("<", html_entity_decode($overviewline['name']));
// Use local timezone if possible
$ts = new DateTime(date($text_header["date_format"], $overviewline['date']), new DateTimeZone('UTC'));
$ts->add(DateInterval::createFromDateString($offset.' minutes'));
// Use local timezone if possible
$ts = new DateTime(date($text_header["date_format"], $overviewline['date']), new DateTimeZone('UTC'));
$ts->add(DateInterval::createFromDateString($offset . ' minutes'));
if($offset != 0) {
$newdate = $ts->format('D, j M Y H:i');
} else {
$newdate = $ts->format($text_header["date_format"]);
}
if ($offset != 0) {
$newdate = $ts->format('D, j M Y H:i');
} else {
$newdate = $ts->format($text_header["date_format"]);
}
unset($ts);
$fromline=address_decode(headerDecode($overviewline['name']),"nowhere");
unset($ts);
if (!isset($fromline[0]["personal"])) {
$lastname=$fromline[0]["mailbox"];;
} else {
$lastname=$fromline[0]["personal"];
}
$fromline = address_decode(headerDecode($overviewline['name']), "nowhere");
if(($results % 2) != 0){
echo '<tr class="np_result_line1"><td class="np_result_line1" style="word-wrap:break-word";>';
} else {
echo '<tr class="np_result_line2"><td class="np_result_line2" style="word-wrap:break-word";>';
}
if (! isset($fromline[0]["personal"])) {
$lastname = $fromline[0]["mailbox"];
;
} else {
$lastname = $fromline[0]["personal"];
}
echo '<p class=np_ob_subject>';
echo '<b><a href="'.$url.'">'.htmlspecialchars(mb_decode_mimeheader($overviewline['subject']))."</a></b>\r\n";
echo '</p><p class=np_ob_group>';
echo '<a href="'.$groupurl.'">'.$overviewline['newsgroup'].'</a>';
echo '</p>';
$fromline = address_decode($overviewline['name'],"nowhere");
if (!isset($fromline[0]["host"])) $fromline[0]["host"]="";
$name_from=$fromline[0]["mailbox"]."@".$fromline[0]["host"];
$name_username=$fromline[0]["mailbox"];
if (!isset($fromline[0]["personal"])) {
$poster_name=$fromline[0]["mailbox"];
} else {
$poster_name=$fromline[0]["personal"];
}
if(trim($poster_name) == '') {
$fromoutput = explode("<", html_entity_decode($c->name));
if(strlen($fromoutput[0]) < 1) {
$poster_name = $fromoutput[1];
} else {
$poster_name = $fromoutput[0];
}
}
$poster_name = trim(mb_decode_mimeheader($poster_name), " \n\r\t\v\0\"");
echo '<p class=np_ob_posted_date>Posted: '.$newdate.' by: '.create_name_link($poster_name, $name_from).'</p>';
if($_POST['searchpoint'] == 'body') {
$snip = strip_tags(quoted_printable_decode($overviewline['snippet']), '<strong><font><i>');
} else {
$snip = strip_tags(quoted_printable_decode($overviewline['search_snippet']), '<strong><font><i>');
$snip = substr($snip, 0, $snippet_size);
}
echo $snip;
echo '</td></tr>';
if($results++ > ($maxdisplay - 2))
break;
if (($results % 2) != 0) {
echo '<tr class="np_result_line1"><td class="np_result_line1" style="word-wrap:break-word";>';
} else {
echo '<tr class="np_result_line2"><td class="np_result_line2" style="word-wrap:break-word";>';
}
echo '<p class=np_ob_subject>';
echo '<b><a href="' . $url . '">' . htmlspecialchars(mb_decode_mimeheader($overviewline['subject'])) . "</a></b>\r\n";
echo '</p><p class=np_ob_group>';
echo '<a href="' . $groupurl . '">' . $overviewline['newsgroup'] . '</a>';
echo '</p>';
$fromline = address_decode($overviewline['name'], "nowhere");
if (! isset($fromline[0]["host"]))
$fromline[0]["host"] = "";
$name_from = $fromline[0]["mailbox"] . "@" . $fromline[0]["host"];
$name_username = $fromline[0]["mailbox"];
if (! isset($fromline[0]["personal"])) {
$poster_name = $fromline[0]["mailbox"];
} else {
$poster_name = $fromline[0]["personal"];
}
if (trim($poster_name) == '') {
$fromoutput = explode("<", html_entity_decode($c->name));
if (strlen($fromoutput[0]) < 1) {
$poster_name = $fromoutput[1];
} else {
$poster_name = $fromoutput[0];
}
}
$poster_name = trim(mb_decode_mimeheader($poster_name), " \n\r\t\v\0\"");
echo '<p class=np_ob_posted_date>Posted: ' . $newdate . ' by: ' . create_name_link($poster_name, $name_from) . '</p>';
if ($_POST['searchpoint'] == 'body') {
$snip = strip_tags(quoted_printable_decode($overviewline['snippet']), '<strong><font><i>');
} else {
$snip = strip_tags(quoted_printable_decode($overviewline['search_snippet']), '<strong><font><i>');
$snip = substr($snip, 0, $snippet_size);
}
echo $snip;
echo '</td></tr>';
if ($results ++ > ($maxdisplay - 2))
break;
}
echo '</table>';
echo "<p class=np_ob_tail><b>".$results."</b> matching articles found.</p>\r\n";
#echo "<center><i>Rocksolid Overboard</i> version ".$version;
echo "<p class=np_ob_tail><b>" . $results . "</b> matching articles found.</p>\r\n";
# echo "<center><i>Rocksolid Overboard</i> version ".$version;
include "tail.inc";
$thispage = ob_get_contents();
@ -262,129 +264,130 @@ ob_end_clean();
echo $thispage;
function get_body_search($group, $terms) {
GLOBAL $CONFIG, $config_name, $spooldir, $snippet_size;
$terms = preg_replace("/'/", ' ', $terms);
$terms = trim($terms);
if($terms[0] !== '"' || substr($terms, -1) !== '"') {
$terms = preg_replace('/"/', '', $terms);
$terms = preg_replace("/\ /", '" "', $terms);
$terms = preg_replace('/"NEAR"/', 'NEAR', $terms);
$terms = preg_replace('/"AND"/', 'AND', $terms);
$terms = preg_replace('/"OR"/', 'OR', $terms);
$terms = preg_replace('/"NOT"/', 'NOT', $terms);
$terms = '"'.$terms.'"';
}
if(isset($_POST['group'])) {
$grouplist[0] = $_POST['group'];
} else {
$local_groupfile=$spooldir."/".$config_name."/local_groups.txt";
$grouplist = file($local_groupfile, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
function get_body_search($group, $terms)
{
GLOBAL $CONFIG, $config_name, $spooldir, $snippet_size;
$terms = preg_replace("/'/", ' ', $terms);
$terms = trim($terms);
if ($terms[0] !== '"' || substr($terms, - 1) !== '"') {
$terms = preg_replace('/"/', '', $terms);
$terms = preg_replace("/\ /", '" "', $terms);
$terms = preg_replace('/"NEAR"/', 'NEAR', $terms);
$terms = preg_replace('/"AND"/', 'AND', $terms);
$terms = preg_replace('/"OR"/', 'OR', $terms);
$terms = preg_replace('/"NOT"/', 'NOT', $terms);
$terms = '"' . $terms . '"';
}
foreach($grouplist as $thisgroup) {
$name = explode(':', $thisgroup);
$group=$name[0];
$database = $spooldir.'/'.$group.'-articles.db3';
if(!is_file($database)) {
continue;
}
$dbh = article_db_open($database);
$stmt = $dbh->prepare("SELECT snippet(search_fts, 6, '<strong><font class=search_result><i>', '</i></font></strong>', '...', $snippet_size) as snippet, newsgroup, number, name, date, subject, rank FROM search_fts WHERE search_fts MATCH 'search_snippet:$terms' ORDER BY rank");
$stmt->execute();
if (isset($_POST['group'])) {
$grouplist[0] = $_POST['group'];
} else {
$local_groupfile = $spooldir . "/" . $config_name . "/local_groups.txt";
$grouplist = file($local_groupfile, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
}
foreach ($grouplist as $thisgroup) {
$name = explode(':', $thisgroup);
$group = $name[0];
$database = $spooldir . '/' . $group . '-articles.db3';
if (! is_file($database)) {
continue;
}
$dbh = article_db_open($database);
$stmt = $dbh->prepare("SELECT snippet(search_fts, 6, '<strong><font class=search_result><i>', '</i></font></strong>', '...', $snippet_size) as snippet, newsgroup, number, name, date, subject, rank FROM search_fts WHERE search_fts MATCH 'search_snippet:$terms' ORDER BY rank");
$stmt->execute();
while ($row = $stmt->fetch()) {
$overview[] = $row;
}
$dbh = null;
while ($row = $stmt->fetch()) {
$overview[] = $row;
}
$dbh = null;
}
// do not perform a usort of an empty search result
if ($overview != null)
{
usort($overview,
function($a, $b) {
return $a['rank'] <=> $b['rank'];
});
if ($overview != null) {
usort($overview, function ($a, $b) {
return $a['rank'] <=> $b['rank'];
});
}
return $overview;
return $overview;
}
function get_header_search($group, $terms) {
GLOBAL $CONFIG, $config_name, $spooldir, $snippet_size;
$terms = preg_replace('/\%/', '\%', $terms);
$searchterms = "%".$terms."%";
if(isset($_POST['group']) && $_POST['searchpoint'] != 'msgid') {
$grouplist[0] = $_POST['group'];
} elseif($_POST['searchpoint'] != 'msgid') {
$local_groupfile=$spooldir."/".$config_name."/local_groups.txt";
function get_header_search($group, $terms)
{
GLOBAL $CONFIG, $config_name, $spooldir, $snippet_size;
$terms = preg_replace('/\%/', '\%', $terms);
$searchterms = "%" . $terms . "%";
if (isset($_POST['group']) && $_POST['searchpoint'] != 'msgid') {
$grouplist[0] = $_POST['group'];
} elseif ($_POST['searchpoint'] != 'msgid') {
$local_groupfile = $spooldir . "/" . $config_name . "/local_groups.txt";
$grouplist = file($local_groupfile, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
} else {
$local_groupfile=$spooldir."/spoolnews/groups.txt";
$local_groupfile = $spooldir . "/spoolnews/groups.txt";
$grouplist = file($local_groupfile, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
}
# Prepare search database
$database = $spooldir.'/articles-overview.db3';
$database = $spooldir . '/articles-overview.db3';
$table = 'overview';
$dbh = overview_db_open($database, $table);
$overview = array();
foreach($grouplist as $thisgroup) {
$name = explode(':', $thisgroup);
$group=$name[0];
$article_database = $spooldir.'/'.$group.'-articles.db3';
if(!is_file($article_database)) {
foreach ($grouplist as $thisgroup) {
$name = explode(':', $thisgroup);
$group = $name[0];
$article_database = $spooldir . '/' . $group . '-articles.db3';
if (! is_file($article_database)) {
continue;
}
$article_dbh = article_db_open($article_database);
$article_stmt = $article_dbh->prepare("SELECT * FROM articles WHERE number=:number");
if(is_multibyte($_POST['terms'])) {
}
$article_dbh = article_db_open($article_database);
$article_stmt = $article_dbh->prepare("SELECT * FROM articles WHERE number=:number");
if (is_multibyte($_POST['terms'])) {
$stmt = $dbh->prepare("SELECT * FROM $table WHERE newsgroup=:group");
$stmt->bindParam(':group', $group);
$stmt->execute();
while($found = $stmt->fetch()) {
if(stripos(mb_decode_mimeheader($found[$_POST['searchpoint']]), $_POST['terms']) !== false) {
$article_stmt->bindParam(':number', $found['number']);
$article_stmt->execute();
$found_snip = $article_stmt->fetch();
$found['search_snippet'] = $found_snip['search_snippet'];
$found['sort_date'] = $found_snip['date'];
$overview[] = $found;
}
}
} else {
$stmt = $dbh->prepare("SELECT * FROM $table WHERE newsgroup=:group AND ".$_POST['searchpoint']." like :terms ESCAPE '\' ORDER BY date DESC");
$stmt->bindParam(':group', $group);
$stmt->bindParam(':terms', $searchterms);
$check = "/([a-z]|[0-9]|\!|#|\$|\%|\&|\'|\*|\+|\-|\/|\=|\?|\^|\_|\"|\`|\{|\||\}|\~|\;)".trim($searchterms, '\%')."/i";
$stmt->execute();
while($found = $stmt->fetch()) {
if(isset($_REQUEST['data']) && ($_REQUEST['searchpoint'] == 'name')) {
if(preg_match($check, $found['name'])) {
continue;
while ($found = $stmt->fetch()) {
if (stripos(mb_decode_mimeheader($found[$_POST['searchpoint']]), $_POST['terms']) !== false) {
$article_stmt->bindParam(':number', $found['number']);
$article_stmt->execute();
$found_snip = $article_stmt->fetch();
$found['search_snippet'] = $found_snip['search_snippet'];
$found['sort_date'] = $found_snip['date'];
$overview[] = $found;
}
}
$article_stmt->bindParam(':number', $found['number']);
$article_stmt->execute();
$found_snip = $article_stmt->fetch();
$found['search_snippet'] = $found_snip['search_snippet'];
$found['sort_date'] = $found_snip['date'];
$overview[] = $found;
}
}
$article_dbh = null;
} else {
$stmt = $dbh->prepare("SELECT * FROM $table WHERE newsgroup=:group AND " . $_POST['searchpoint'] . " like :terms ESCAPE '\' ORDER BY date DESC");
$stmt->bindParam(':group', $group);
$stmt->bindParam(':terms', $searchterms);
$check = "/([a-z]|[0-9]|\!|#|\$|\%|\&|\'|\*|\+|\-|\/|\=|\?|\^|\_|\"|\`|\{|\||\}|\~|\;)" . trim($searchterms, '\%') . "/i";
$stmt->execute();
while ($found = $stmt->fetch()) {
if (isset($_REQUEST['data']) && ($_REQUEST['searchpoint'] == 'name')) {
if (preg_match($check, $found['name'])) {
continue;
}
}
$article_stmt->bindParam(':number', $found['number']);
$article_stmt->execute();
$found_snip = $article_stmt->fetch();
$found['search_snippet'] = $found_snip['search_snippet'];
$found['sort_date'] = $found_snip['date'];
$overview[] = $found;
}
}
$article_dbh = null;
}
$dbh = null;
usort($overview, function($b, $a) {
return $a['sort_date'] <=> $b['sort_date'];
});
return $overview;
$dbh = null;
usort($overview, function ($b, $a) {
return $a['sort_date'] <=> $b['sort_date'];
});
return $overview;
}
function highlightStr($haystack, $needle) {
function highlightStr($haystack, $needle)
{
preg_match_all("/$needle+/i", $haystack, $matches);
if (is_array($matches[0]) && count($matches[0]) >= 1) {
foreach ($matches[0] as $match) {
$haystack = str_replace($match, '<b>'.$match.'</b>', $haystack);
}
foreach ($matches[0] as $match) {
$haystack = str_replace($match, '<b>' . $match . '</b>', $haystack);
}
}
return $haystack;
}

261
Rocksolid_Light/rocksolid/thread.php
View File

@ -1,55 +1,53 @@
<?php
<?php
session_start();
$_SESSION['group'] = $_SERVER['REQUEST_URI'];
$_SESSION['rsactive'] = true;
include "config.inc.php";
include("$file_newsportal");
include ("$file_newsportal");
include "auth.inc";
$logfile=$logdir.'/newsportal.log';
$logfile = $logdir . '/newsportal.log';
throttle_hits();
write_access_log();
// register parameters
$group=_rawurldecode($_REQUEST["group"]);
if(isset($_REQUEST["first"]))
$first=intval($_REQUEST["first"]);
if(isset($_REQUEST["last"]))
$last=intval($_REQUEST["last"]);
// Switch to correct section in case group has been moved and link is to old section
$findsection = get_section_by_group($group);
if(trim($findsection) !== $config_name) {
$group = _rawurldecode($_REQUEST["group"]);
if (isset($_REQUEST["first"]))
$first = intval($_REQUEST["first"]);
if (isset($_REQUEST["last"]))
$last = intval($_REQUEST["last"]);
// Switch to correct section in case group has been moved and link is to old section
$findsection = get_section_by_group($group);
if (trim($findsection) !== $config_name) {
if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on')
$link = "https";
else $link = "http";
$link .= "://";
$link .= $_SERVER['HTTP_HOST'];
$link .= $_SERVER['REQUEST_URI'];
$newurl = preg_replace("|/$config_name/|", "/$findsection/", $link);
header("Location:$newurl");
die();
}
if(isset($_COOKIE['mail_name'])) {
if($userdata = get_user_mail_auth_data($_COOKIE['mail_name'])) {
$userfile=$spooldir.'/'.strtolower($_COOKIE['mail_name']).'-articleviews.dat';
$link = "https";
else
$link = "http";
$link .= "://";
$link .= $_SERVER['HTTP_HOST'];
$link .= $_SERVER['REQUEST_URI'];
$newurl = preg_replace("|/$config_name/|", "/$findsection/", $link);
header("Location:$newurl");
die();
}
if (isset($_COOKIE['mail_name'])) {
if ($userdata = get_user_mail_auth_data($_COOKIE['mail_name'])) {
$userfile = $spooldir . '/' . strtolower($_COOKIE['mail_name']) . '-articleviews.dat';
}
}
$thread_show["latest"]=true;
$title.= ' - '.$group;
}
$thread_show["latest"] = true;
$title .= ' - ' . $group;
include "head.inc";
$CONFIG = include($config_file);
$CONFIG = include ($config_file);
if((!function_exists("npreg_group_has_read_access") ||
npreg_group_has_read_access($group)) &&
(!function_exists("npreg_group_is_visible") ||
npreg_group_is_visible($group))) {
if ((! function_exists("npreg_group_has_read_access") || npreg_group_has_read_access($group)) && (! function_exists("npreg_group_is_visible") || npreg_group_is_visible($group))) {
if(isset($frames_on) && $frames_on === true) {
?>
if (isset($frames_on) && $frames_on === true) {
?>
<script>
var contentURL=window.location.pathname+window.location.search+window.location.hash;
if ( window.self !== window.top ) {
@ -59,108 +57,105 @@ if(isset($frames_on) && $frames_on === true) {
}
top.history.replaceState({}, 'Title', 'index.php?content='+encodeURIComponent(contentURL));
</script>
<?php
}
if($userdata) {
$userdata[$group] = time();
file_put_contents($userfile, serialize($userdata));
}
if(!isset($_SERVER['REQUEST_STRING'])) {
$_SERVER['REQUEST_STRING'] = '';
}
$_SESSION['return_page'] = $_SERVER['REQUEST_URI'].$_SERVER['REQUEST_STRING'];
echo '<a name="top"></a>';
echo '<h1 class="np_thread_headline">';
echo '<a href="'.$file_index.'" target='.$frame['menu'].'>'.basename(getcwd()).'</a> / ';
echo htmlspecialchars(group_display_name($group)).'</h1>';
echo '<table cellpadding="0" cellspacing="0" width="100%" class="np_buttonbar"><tr>';
// View Latest button
if (isset($overboard) && ($overboard == true)) {
echo '<td>';
echo '<form action="overboard.php">';
echo '<input type="hidden" name="thisgroup" value="'._rawurlencode($group).'"/>';
echo '<button class="np_button_link" type="submit">'.$text_thread["button_latest"].'</button>';
echo '</form>';
echo '</td>';
}
if (!$CONFIG['readonly'] &&
(!function_exists("npreg_group_has_write_access") ||
npreg_group_has_write_access($group)))
{
// New Thread button
echo '<td>';
echo '<form action="'.$file_post.'">';
echo '<input type="hidden" name="group" value="'.urlencode($group).'"/>';
echo '<button class="np_button_link" type="submit">'.$text_thread["button_write"].'</button>';
echo '</form>';
echo '</td>';
}
// Search button
echo '<td>';
echo '<form target="'.$frame['content'].'" action="search.php">';
echo '<button class="np_button_link" type="submit">'.$text_thread["button_search"].'</button>';
echo '<input type="hidden" name="group" value="'.urlencode($group).'"/>';
echo '</form>';
echo '</td>';
// Newsgroups button (hidden)
if(isset($frames_on) && $frames_on === true) {
echo '<td>';
echo '<form action="'.$file_index.'">';
echo '<button class="np_button_hidden" type="submit">'.$text_thread["button_grouplist"].'</button>';
echo '</form>';
echo '</td>';
}
// $ns=nntp_open($server,$port);
flush();
$headers = thread_load($group);
if($headers) {
$article_count=count($headers);
}
if ($articles_per_page != 0) {
if ((!isset($first)) || (!isset($last))) {
if ($startpage=="first") {
$first=1;
$last=$articles_per_page;
} else {
$first=$article_count - (($article_count -1) % $articles_per_page);
$last=$article_count;
}
<?php
}
echo '<td class="np_pages" width="100%" align="right">';
// Show the replies to an article in the thread view?
if($thread_show["replies"]) {
// yes, so the counting of the shown articles is very easy
$pagecount=count($headers);
} else {
// oh no, the replies will not be shown, this makes life hard...
$pagecount=0;
if(($headers) && (count($headers) > 0 && is_array($headers))) {
foreach($headers as $h) {
if($h->isAnswer==false)
$pagecount++;
if ($userdata) {
$userdata[$group] = time();
file_put_contents($userfile, serialize($userdata));
}
if (! isset($_SERVER['REQUEST_STRING'])) {
$_SERVER['REQUEST_STRING'] = '';
}
$_SESSION['return_page'] = $_SERVER['REQUEST_URI'] . $_SERVER['REQUEST_STRING'];
echo '<a name="top"></a>';
echo '<h1 class="np_thread_headline">';
echo '<a href="' . $file_index . '" target=' . $frame['menu'] . '>' . basename(getcwd()) . '</a> / ';
echo htmlspecialchars(group_display_name($group)) . '</h1>';
echo '<table cellpadding="0" cellspacing="0" width="100%" class="np_buttonbar"><tr>';
// View Latest button
if (isset($overboard) && ($overboard == true)) {
echo '<td>';
echo '<form action="overboard.php">';
echo '<input type="hidden" name="thisgroup" value="' . _rawurlencode($group) . '"/>';
echo '<button class="np_button_link" type="submit">' . $text_thread["button_latest"] . '</button>';
echo '</form>';
echo '</td>';
}
if (! $CONFIG['readonly'] && (! function_exists("npreg_group_has_write_access") || npreg_group_has_write_access($group))) {
// New Thread button
echo '<td>';
echo '<form action="' . $file_post . '">';
echo '<input type="hidden" name="group" value="' . urlencode($group) . '"/>';
echo '<button class="np_button_link" type="submit">' . $text_thread["button_write"] . '</button>';
echo '</form>';
echo '</td>';
}
// Search button
echo '<td>';
echo '<form target="' . $frame['content'] . '" action="search.php">';
echo '<button class="np_button_link" type="submit">' . $text_thread["button_search"] . '</button>';
echo '<input type="hidden" name="group" value="' . urlencode($group) . '"/>';
echo '</form>';
echo '</td>';
// Newsgroups button (hidden)
if (isset($frames_on) && $frames_on === true) {
echo '<td>';
echo '<form action="' . $file_index . '">';
echo '<button class="np_button_hidden" type="submit">' . $text_thread["button_grouplist"] . '</button>';
echo '</form>';
echo '</td>';
}
// $ns=nntp_open($server,$port);
flush();
$headers = thread_load($group);
if ($headers) {
$article_count = count($headers);
}
if ($articles_per_page != 0) {
if ((! isset($first)) || (! isset($last))) {
if ($startpage == "first") {
$first = 1;
$last = $articles_per_page;
} else {
$first = $article_count - (($article_count - 1) % $articles_per_page);
$last = $article_count;
}
}
}
echo '<td class="np_pages" width="100%" align="right">';
// Show the replies to an article in the thread view?
if ($thread_show["replies"]) {
// yes, so the counting of the shown articles is very easy
$pagecount = count($headers);
} else {
// oh no, the replies will not be shown, this makes life hard...
$pagecount = 0;
if (($headers) && (count($headers) > 0 && is_array($headers))) {
foreach ($headers as $h) {
if ($h->isAnswer == false)
$pagecount ++;
}
}
}
thread_pageselect($group, $pagecount, $first);
echo '</td>';
} else {
$first = 0;
$last = $article_count;
}
thread_pageselect($group,$pagecount,$first);
echo '</td>';
} else {
$first=0;
$last=$article_count;
}
echo '</tr></table>';
thread_show($headers,$group,$first,$last);
echo '<table cellpadding="0" cellspacing="0" width="100%" class="np_buttonbar"><tr>';
echo '<td class="np_pages" width="100%" align="right">';
thread_pageselect($group,$pagecount,$first);
echo '</td></tr></table>';
echo '</tr></table>';
thread_show($headers, $group, $first, $last);
echo '<table cellpadding="0" cellspacing="0" width="100%" class="np_buttonbar"><tr>';
echo '<td class="np_pages" width="100%" align="right">';
thread_pageselect($group, $pagecount, $first);
echo '</td></tr></table>';
} else {
echo $text_register["no_access_group"];
echo $text_register["no_access_group"];
}
$sessions_data = file_get_contents($spooldir.'/sessions.dat');
echo '<h1 class="np_thread_headline">'.$sessions_data.'</h1>';
include "tail.inc";
$sessions_data = file_get_contents($spooldir . '/sessions.dat');
echo '<h1 class="np_thread_headline">' . $sessions_data . '</h1>';
include "tail.inc";
?>

690
Rocksolid_Light/rslight/scripts/interBBS_mail.php
View File

@ -1,36 +1,35 @@
<?php
include "config.inc.php";
include ("$file_newsportal");
include $config_dir."/gpg.conf";
include $config_dir . "/gpg.conf";
$logfile = $logdir.'/mail.log';
$logfile = $logdir . '/mail.log';
$lockfile = $lockdir . '/rslight-bbsmail.lock';
$pid = file_get_contents($lockfile);
if (posix_getsid($pid) === false || !is_file($lockfile)) {
if (posix_getsid($pid) === false || ! is_file($lockfile)) {
print "Starting BBSmail...\n";
file_put_contents($lockfile, getmypid()); // create lockfile
} else {
print "BBSmail currently running\n";
exit;
exit();
}
$bbsmail_path=$spooldir."/bbsmail/";
if(!is_dir($bbsmail_path.'in')) {
mkdir($bbsmail_path.'in', 0700, true);
$bbsmail_path = $spooldir . "/bbsmail/";
if (! is_dir($bbsmail_path . 'in')) {
mkdir($bbsmail_path . 'in', 0700, true);
}
if(!is_dir($bbsmail_path.'failed')) {
mkdir($bbsmail_path.'failed', 0700, true);
if (! is_dir($bbsmail_path . 'failed')) {
mkdir($bbsmail_path . 'failed', 0700, true);
}
if(!is_dir($bbsmail_path.'processed')) {
mkdir($bbsmail_path.'processed', 0700, true);
if (! is_dir($bbsmail_path . 'processed')) {
mkdir($bbsmail_path . 'processed', 0700, true);
}
prune_dir_by_days($bbsmail_path.'failed', 30);
prune_dir_by_days($bbsmail_path.'processed', 30);
prune_dir_by_days($bbsmail_path . 'failed', 30);
prune_dir_by_days($bbsmail_path . 'processed', 30);
// Set up gnupg
putenv("GNUPGHOME=".$rslight_gpg['gnupghome']);
putenv("GNUPGHOME=" . $rslight_gpg['gnupghome']);
$res = gnupg_init();
$gnupg_summary = array(
@ -56,340 +55,363 @@ $gnupg_validity = array(
"5" => "Validity: ULTIMATE"
);
/***** Receive mail *****/
unset($messages);
$messages = array_diff(scandir($bbsmail_path.'/in/'), array('..', '.'));
foreach($messages as $message) {
$filename = explode($bbsmail_path.'/in/', $message);
$filename = $filename[0];
// Put message data into array $inspect[]
if(($inspect = inspect_message($bbsmail_path.'/in/'.$message, $filename)) == false) {
continue;
}
if($inspect['type'] == 'mailkey') {
if(($info = verify_gpg_signature($res, $inspect['body'])) == true) {
echo 'GOOD signature in: "'.$filename.'"'."\n";
file_put_contents($logfile, "\n".format_log_date()." ".$config_name.' GOOD signature in: "'.$filename.'"', FILE_APPEND);
// Do we already have this key?
if(gnupg_keyinfo($res, $inspect['mailkey_domain']) !== false) { // Yes, we do
file_put_contents($logfile, "\n".format_log_date()." ".$config_name.' Key already in keyring for: '.$inspect['mailkey_domain'], FILE_APPEND);
rename($bbsmail_path.'/in/'.$message, $bbsmail_path.'processed/'.$message);
} else { // No, we don't
file_put_contents($logfile, "\n".format_log_date()." ".$config_name.' Key not found in keyring for: '.$inspect['mailkey_domain'], FILE_APPEND);
}
} else {
echo 'BAD or UNKNOWN signature in: "'.$filename.'"'."\n";
file_put_contents($logfile, "\n".format_log_date()." ".$config_name.' BAD or UNKNOWN signature in: "'.$filename.'"', FILE_APPEND);
get_key_from_message($res, $inspect, $message);
}
}
if($inspect['type'] == 'bbsmail') {
$info = gnupg_decryptverify($res,$inspect['body'],$plaintext);
if($info !== false) {
if($info[0]['summary'] > 3) {
echo $gnupg_summary[$info[0]['summary']]." in: ".$filename."\n";
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." ".$gnupg_summary[$info[0]['summary']]." in: ".$filename, FILE_APPEND);
$inspect['mailkey_domain'] = preg_split('/@/', $inspect['from'], 2);
$inspect['mailkey_domain'] = $inspect['mailkey_domain'][1];
/**
* *** Receive mail ****
*/
unset($messages);
$messages = array_diff(scandir($bbsmail_path . '/in/'), array(
'..',
'.'
));
foreach ($messages as $message) {
$filename = explode($bbsmail_path . '/in/', $message);
$filename = $filename[0];
// Put message data into array $inspect[]
if (($inspect = inspect_message($bbsmail_path . '/in/' . $message, $filename)) == false) {
continue;
}
if ($inspect['type'] == 'mailkey') {
if (($info = verify_gpg_signature($res, $inspect['body'])) == true) {
echo 'GOOD signature in: "' . $filename . '"' . "\n";
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . ' GOOD signature in: "' . $filename . '"', FILE_APPEND);
// Do we already have this key?
if (gnupg_keyinfo($res, $inspect['mailkey_domain']) !== false) { // Yes, we do
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . ' Key already in keyring for: ' . $inspect['mailkey_domain'], FILE_APPEND);
rename($bbsmail_path . '/in/' . $message, $bbsmail_path . 'processed/' . $message);
} else { // No, we don't
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . ' Key not found in keyring for: ' . $inspect['mailkey_domain'], FILE_APPEND);
}
} else {
echo 'BAD or UNKNOWN signature in: "' . $filename . '"' . "\n";
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . ' BAD or UNKNOWN signature in: "' . $filename . '"', FILE_APPEND);
get_key_from_message($res, $inspect, $message);
}
}
if ($inspect['type'] == 'bbsmail') {
$info = gnupg_decryptverify($res, $inspect['body'], $plaintext);
if ($info !== false) {
if ($info[0]['summary'] > 3) {
echo $gnupg_summary[$info[0]['summary']] . " in: " . $filename . "\n";
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " " . $gnupg_summary[$info[0]['summary']] . " in: " . $filename, FILE_APPEND);
$inspect['mailkey_location'] = $inspect['mailkey_domain'].'/pubkey/server_pubkey.txt';
get_key_from_message($res, $inspect, $message);
if(strpos($filename, '-retry') !== false) {
rename($bbsmail_path.'/in/'.$message, $bbsmail_path.'failed/'.$message);
} else {
rename($bbsmail_path.'/in/'.$message, $bbsmail_path.'/in/'.$message.'-retry');
}
} else {
echo 'GOOD signature in: "'.$filename.'"'."\n";
file_put_contents($logfile, "\n".format_log_date()." ".$config_name.' GOOD signature in: "'.$filename.'"', FILE_APPEND);
// Now let's get and import the mail message
// Does the @from match the signature domain?
$inspect = inspect_bbsmail($res, $plaintext);
$keyinfo = gnupg_keyinfo($res, $info[0]['fingerprint']);
$signature_domain = preg_replace('/rslight@/', '', $keyinfo[0]['uids'][0]['uid']);
$info = preg_split('/\@/', $inspect['bbsmail_from'], 2);
$bbsmail_domain = $info[1];
if(($signature_domain == $bbsmail_domain) && ($signature_domain == $inspect['bbsmail_domain'])) { // Yes, the domains match
echo "THE DOMAINS MATCH. OK TO IMPORT MESSAGE\n";
echo $plaintext;
print_r($inspect);
$mail_from = $inspect['bbsmail_sender'].'@'.$inspect['bbsmail_domain'];
$info = preg_split('/@/', $inspect['bbsmail_recipient'], 2);
$rcpt_to = $info[0];
$date = strtotime($inspect['bbsmail_date']);
if(!isset($inspect['bbsmail_sender']) || !isset($inspect['bbsmail_recipient']) || !isset($inspect['bbsmail_sender']) || !isset($inspect['bbsmail_body'])) {
echo "Incomplete Headers... Aborting Message Import\n";
} else {
if(import_user_message($mail_from, $rcpt_to, $date, $inspect['bbsmail_subject'], $inspect['bbsmail_body'])) {
rename($bbsmail_path.'/in/'.$message, $bbsmail_path.'processed/'.$message);
}
}
} else { // No, the domains DO NOT MATCH
echo "DOMAIN MISMATCH\n";
file_put_contents($logfile, "\nComparing sig_dom: ".$signature_domain." bbsmail_domain: ".$bbsmail_domain." ins[bbs_dom]: ".$inspect['bbsmail_domain'], FILE_APPEND);
file_put_contents($logfile, "\n".format_log_date()." ".$config_name.' DOMAIN MISMATCH in: "'.$filename.'" '.$error, FILE_APPEND);
rename($bbsmail_path.'/in/'.$message, $bbsmail_path.'failed/'.$message);
}
}
} else {
$error = gnupg_geterrorinfo($res);
print_r($error);
echo 'BAD signature in: "'.$filename.'"'."\n";
echo $error['generic_message'].': '.$error['gpgme_message']."\n";
file_put_contents($logfile, "\n".format_log_date()." ".$config_name.' BAD signature in: "'.$filename.'" '.$error['generic_message'].': '.$error['gpgme_message'], FILE_APPEND);
$inspect['mailkey_domain'] = preg_replace('/rslight@/', '', $inspect['from']);
$inspect['mailkey_location'] = $inspect['mailkey_domain'].'/pubkey/server_pubkey.txt';
get_key_from_message($res, $inspect, $message);
if(strpos($filename, '-retry') !== false) {
rename($bbsmail_path.'/in/'.$message, $bbsmail_path.'failed/'.$message);
} else {
rename($bbsmail_path.'/in/'.$message, $bbsmail_path.'/in/'.$message.'-retry');
}
}
}
}
/***** Send key to group *****/
$inspect['mailkey_domain'] = preg_split('/@/', $inspect['from'], 2);
$inspect['mailkey_domain'] = $inspect['mailkey_domain'][1];
$inspect['mailkey_location'] = $inspect['mailkey_domain'] . '/pubkey/server_pubkey.txt';
get_key_from_message($res, $inspect, $message);
if (strpos($filename, '-retry') !== false) {
rename($bbsmail_path . '/in/' . $message, $bbsmail_path . 'failed/' . $message);
} else {
rename($bbsmail_path . '/in/' . $message, $bbsmail_path . '/in/' . $message . '-retry');
}
} else {
echo 'GOOD signature in: "' . $filename . '"' . "\n";
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . ' GOOD signature in: "' . $filename . '"', FILE_APPEND);
// Now let's get and import the mail message
// Does the @from match the signature domain?
$inspect = inspect_bbsmail($res, $plaintext);
$keyinfo = gnupg_keyinfo($res, $info[0]['fingerprint']);
$signature_domain = preg_replace('/rslight@/', '', $keyinfo[0]['uids'][0]['uid']);
$info = preg_split('/\@/', $inspect['bbsmail_from'], 2);
$bbsmail_domain = $info[1];
if (($signature_domain == $bbsmail_domain) && ($signature_domain == $inspect['bbsmail_domain'])) { // Yes, the domains match
echo "THE DOMAINS MATCH. OK TO IMPORT MESSAGE\n";
echo $plaintext;
print_r($inspect);
$mail_from = $inspect['bbsmail_sender'] . '@' . $inspect['bbsmail_domain'];
$info = preg_split('/@/', $inspect['bbsmail_recipient'], 2);
$rcpt_to = $info[0];
$date = strtotime($inspect['bbsmail_date']);
if (! isset($inspect['bbsmail_sender']) || ! isset($inspect['bbsmail_recipient']) || ! isset($inspect['bbsmail_sender']) || ! isset($inspect['bbsmail_body'])) {
echo "Incomplete Headers... Aborting Message Import\n";
} else {
if (import_user_message($mail_from, $rcpt_to, $date, $inspect['bbsmail_subject'], $inspect['bbsmail_body'])) {
rename($bbsmail_path . '/in/' . $message, $bbsmail_path . 'processed/' . $message);
}
}
} else { // No, the domains DO NOT MATCH
echo "DOMAIN MISMATCH\n";
file_put_contents($logfile, "\nComparing sig_dom: " . $signature_domain . " bbsmail_domain: " . $bbsmail_domain . " ins[bbs_dom]: " . $inspect['bbsmail_domain'], FILE_APPEND);
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . ' DOMAIN MISMATCH in: "' . $filename . '" ' . $error, FILE_APPEND);
rename($bbsmail_path . '/in/' . $message, $bbsmail_path . 'failed/' . $message);
}
}
} else {
$error = gnupg_geterrorinfo($res);
print_r($error);
echo 'BAD signature in: "' . $filename . '"' . "\n";
echo $error['generic_message'] . ': ' . $error['gpgme_message'] . "\n";
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . ' BAD signature in: "' . $filename . '" ' . $error['generic_message'] . ': ' . $error['gpgme_message'], FILE_APPEND);
$inspect['mailkey_domain'] = preg_replace('/rslight@/', '', $inspect['from']);
$inspect['mailkey_location'] = $inspect['mailkey_domain'] . '/pubkey/server_pubkey.txt';
get_key_from_message($res, $inspect, $message);
if (strpos($filename, '-retry') !== false) {
rename($bbsmail_path . '/in/' . $message, $bbsmail_path . 'failed/' . $message);
} else {
rename($bbsmail_path . '/in/' . $message, $bbsmail_path . '/in/' . $message . '-retry');
}
}
}
}
/**
* *** Send key to group ****
*/
// How often to send key to group
// in seconds (default 1 month)
$mail_update_time = 2592000;
$do_mail_update = false;
if(filemtime($spooldir.'/bbs-mail-update-timer') + $mail_update_time > time()) { //false
if(is_file($config_dir.'/bbs-mail-debug')) { //true
if (filemtime($spooldir . '/bbs-mail-update-timer') + $mail_update_time > time()) { // false
if (is_file($config_dir . '/bbs-mail-debug')) { // true
$do_mail_update = true;
}
} else { //true
} else { // true
$do_mail_update = true;
}
if($do_mail_update == true) {
echo "Sending keys to ".$rslight_gpg['nntp_group']."\n";
if ($do_mail_update == true) {
echo "Sending keys to " . $rslight_gpg['nntp_group'] . "\n";
send_keys_to_group($res, $rslight_gpg);
touch($spooldir.'/bbs-mail-update-timer');
touch($spooldir . '/bbs-mail-update-timer');
}
function import_user_message($from, $rcpt, $date, $subject, $message) {
function import_user_message($from, $rcpt, $date, $subject, $message)
{
global $config_dir, $spooldir;
if(($to = get_config_value('aliases.conf', strtolower($rcpt))) == false) {
if (($to = get_config_value('aliases.conf', strtolower($rcpt))) == false) {
$to = strtolower($rcpt);
}
$to = trim($to);
if(strlen($subject) < 1) {
if (strlen($subject) < 1) {
$subject = "(no subject)";
}
$database = $spooldir.'/mail.db3';
$database = $spooldir . '/mail.db3';
$dbh = mail_db_open($database);
if(!$dbh) {
if (! $dbh) {
echo "Database error\n";
return false;
}
$msgid = '<'.md5(strtolower($to).strtolower($from).strtolower($subject).strtolower($message)).'>';
$msgid = '<' . md5(strtolower($to) . strtolower($from) . strtolower($subject) . strtolower($message)) . '>';
$sql = 'INSERT OR IGNORE INTO messages(msgid, mail_from, rcpt_to, rcpt_target, date, subject, message, from_hide, to_hide, mail_viewed, rcpt_viewed) VALUES(?,?,?,?,?,?,?,?,?,?,?)';
$stmt = $dbh->prepare($sql);
$target = "local";
$mail_viewed = null;
$rcpt_viewed = null;
$q = $stmt->execute([$msgid, $from, $to, $target, intval($date), $subject, $message, null, null, $mail_viewed, $rcpt_viewed]);
$q = $stmt->execute([
$msgid,
$from,
$to,
$target,
intval($date),
$subject,
$message,
null,
null,
$mail_viewed,
$rcpt_viewed
]);
$dbh = null;
return true;
}
function get_key_from_message($res, $inspect, $message) {
function get_key_from_message($res, $inspect, $message)
{
global $logfile, $config_name, $bbsmail_path;
$filename = explode($bbsmail_path.'/in/', $message);
$filename = explode($bbsmail_path . '/in/', $message);
$filename = $filename[0];
// Let's try to get the key
echo "Let's try to get the key\n";
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Let's try to get the key", FILE_APPEND);
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Let's try to get the key", FILE_APPEND);
// Display stuff for testing
echo "Domain: ".$inspect['mailkey_domain']."\n";
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Domain: ".$inspect['mailkey_domain'], FILE_APPEND);
echo "Location: ".$inspect['mailkey_location']."\n";
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Location: ".$inspect['mailkey_location'], FILE_APPEND);
$location = "http://".$inspect['mailkey_location'];
echo "Domain: " . $inspect['mailkey_domain'] . "\n";
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Domain: " . $inspect['mailkey_domain'], FILE_APPEND);
echo "Location: " . $inspect['mailkey_location'] . "\n";
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Location: " . $inspect['mailkey_location'], FILE_APPEND);
$location = "http://" . $inspect['mailkey_location'];
$import = gnupg_import($res, file_get_contents($location));
if($import) {
echo "IMPORTED: ".$import['fingerprint']."\n";
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." IMPORTED: ".$import['fingerprint'], FILE_APPEND);
if ($import) {
echo "IMPORTED: " . $import['fingerprint'] . "\n";
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " IMPORTED: " . $import['fingerprint'], FILE_APPEND);
// Verify that domain in IMPORTED KEY matches exactly: "Location" and "Domain" in MAILKEY message
// If it DOES NOT, then DELETE the new key immediately
$keyinfo = gnupg_keyinfo($res, $import['fingerprint']);
$imported_domain = preg_replace('/rslight@/', '', $keyinfo[0]['uids'][0]['uid']);
$mailkey_location = explode('/', $inspect['mailkey_location']);
if(($imported_domain == $inspect['mailkey_domain']) && ($imported_domain == $mailkey_location[0])) {
echo "Domain Match: ".$imported_domain."\n";
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Domain Match: ".$imported_domain, FILE_APPEND);
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." New PGP Key added for: ".$imported_domain." Domain: ".$imported_domain."\nFingerprint: ".$import['fingerprint'], FILE_APPEND);
send_admin_message('admin', 'admin', 'New PGP Key added for: '.$imported_domain, 'Domain: '.$imported_domain."\nFingerprint: ".$import['fingerprint']."\n");
if (($imported_domain == $inspect['mailkey_domain']) && ($imported_domain == $mailkey_location[0])) {
echo "Domain Match: " . $imported_domain . "\n";
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Domain Match: " . $imported_domain, FILE_APPEND);
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " New PGP Key added for: " . $imported_domain . " Domain: " . $imported_domain . "\nFingerprint: " . $import['fingerprint'], FILE_APPEND);
send_admin_message('admin', 'admin', 'New PGP Key added for: ' . $imported_domain, 'Domain: ' . $imported_domain . "\nFingerprint: " . $import['fingerprint'] . "\n");
return true;
} else {
echo "Domain MIS-MATCH: ".$imported_domain." DELETING...\n";
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Domain MIS-MATCH: ".$imported_domain." DELETING...", FILE_APPEND);
if(gnupg_deletekey($res, $import['fingerprint'])) {
echo "SUCCESS Deleting ".$import['fingerprint']."\n";
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." SUCCESS Deleting ".$import['fingerprint'], FILE_APPEND);
echo "Domain MIS-MATCH: " . $imported_domain . " DELETING...\n";
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Domain MIS-MATCH: " . $imported_domain . " DELETING...", FILE_APPEND);
if (gnupg_deletekey($res, $import['fingerprint'])) {
echo "SUCCESS Deleting " . $import['fingerprint'] . "\n";
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " SUCCESS Deleting " . $import['fingerprint'], FILE_APPEND);
} else {
echo "WARNING!: FAILED to Delete ".$import['fingerprint']."\n";
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." WARNING!: FAILED to Delete ".$import['fingerprint'], FILE_APPEND);
echo "WARNING!: FAILED to Delete " . $import['fingerprint'] . "\n";
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " WARNING!: FAILED to Delete " . $import['fingerprint'], FILE_APPEND);
}
return false;
}
} else {
echo "Failed to import key from ".$location."\n";
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Failed to import key from ".$location, FILE_APPEND);
if(strpos($filename, '-retry') !== false) {
rename($bbsmail_path.'/in/'.$filename, $bbsmail_path.'failed/'.$filename);
echo "Failed to import key from " . $location . "\n";
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Failed to import key from " . $location, FILE_APPEND);
if (strpos($filename, '-retry') !== false) {
rename($bbsmail_path . '/in/' . $filename, $bbsmail_path . 'failed/' . $filename);
} else {
rename($bbsmail_path.'/in/'.$filename, $bbsmail_path.'/in/'.$filename.'-retry');
rename($bbsmail_path . '/in/' . $filename, $bbsmail_path . '/in/' . $filename . '-retry');
}
return false;
}
}
function inspect_bbsmail($res, $plaintext) {
function inspect_bbsmail($res, $plaintext)
{
$bbsmail_header = 0;
$bbsmail_body = 0;
$message_body = 0;
$plaintext = explode("\n", $plaintext);
foreach($plaintext as $line) {
if(strpos($line, '@@BEGIN BBSMAIL HEADERS') !== false) {
$bbsmail_header = 1;
}
if($bbsmail_header == 1) {
if(strpos($line, 'From: ') !== false) {
$bbsmail = explode("From: ", $line);
$return_data['bbsmail_from'] = trim($bbsmail[1]);
} else {
if(strpos($line, 'Version: ') !== false) {
$bbsmail = explode("Version: ", $line);
$return_data['bbsmail_version'] = trim($bbsmail[1]);
} else {
if(strpos($line, 'Notice-ID: ') !== false) {
$bbsmail = explode("Notice-ID: ", $line);
$return_data['bbsmail_notice-id'] = trim($bbsmail[1]);
}
}
}
if(strpos($line, 'Key: ') !== false) {
$bbsmail = explode("Key: ", $line);
$return_data['bbsmail_key'] = trim($bbsmail[1]);
} else {
if(strpos($line, 'Location: ') !== false) {
$bbsmail = explode("Location: ", $line);
$return_data['bbsmail_location'] = trim($bbsmail[1]);
} else {
if(strpos($line, 'Domain: ') !== false) {
$bbsmail = explode("Domain: ", $line);
$return_data['bbsmail_domain'] = trim($bbsmail[1]);
}
}
}
}
if(strpos($line, '@@BEGIN BBSMAIL BODY') !== false) {
$bbsmail_header = 0;
$bbsmail_body = 1;
continue;
}
if($bbsmail_body == 1) {
if(strpos($line, '@@END BBSMAIL BODY') !== false) {
break;
}
if($message_body == 1) {
$return_data['bbsmail_body'].=$line."\n";
continue;
}
if(strpos($line, 'Sender: ') !== false) {
$bbsmail = explode("Sender: ", $line);
$return_data['bbsmail_sender'] = trim($bbsmail[1]);
} else {
if(strpos($line, 'Recipient: ') !== false) {
$bbsmail = explode("Recipient: ", $line);
$return_data['bbsmail_recipient'] = trim($bbsmail[1]);
} else {
if(strpos($line, 'Date: ') !== false) {
$bbsmail = explode("Date: ", $line);
$return_data['bbsmail_date'] = trim($bbsmail[1]);
} else {
if(strpos($line, 'Subject: ') !== false) {
$bbsmail = explode("Subject: ", $line);
$return_data['bbsmail_subject'] = trim($bbsmail[1]);
} else {
if(strpos($line, 'Body: ') !== false) {
$bbsmail = explode("Body: ", $line);
$return_data['bbsmail_body'] = $bbsmail[1]."\n";
$message_body = 1;
}
}
}
}
}
}
if(trim($line) == '.') {
$line = ' ';
}
if($bbsmail_body == 1) {
if(!isset($return_data['body'])) {
$line = ltrim($line);
foreach ($plaintext as $line) {
if (strpos($line, '@@BEGIN BBSMAIL HEADERS') !== false) {
$bbsmail_header = 1;
}
if ($bbsmail_header == 1) {
if (strpos($line, 'From: ') !== false) {
$bbsmail = explode("From: ", $line);
$return_data['bbsmail_from'] = trim($bbsmail[1]);
} else {
if (strpos($line, 'Version: ') !== false) {
$bbsmail = explode("Version: ", $line);
$return_data['bbsmail_version'] = trim($bbsmail[1]);
} else {
if (strpos($line, 'Notice-ID: ') !== false) {
$bbsmail = explode("Notice-ID: ", $line);
$return_data['bbsmail_notice-id'] = trim($bbsmail[1]);
}
}
}
return($return_data);
if (strpos($line, 'Key: ') !== false) {
$bbsmail = explode("Key: ", $line);
$return_data['bbsmail_key'] = trim($bbsmail[1]);
} else {
if (strpos($line, 'Location: ') !== false) {
$bbsmail = explode("Location: ", $line);
$return_data['bbsmail_location'] = trim($bbsmail[1]);
} else {
if (strpos($line, 'Domain: ') !== false) {
$bbsmail = explode("Domain: ", $line);
$return_data['bbsmail_domain'] = trim($bbsmail[1]);
}
}
}
}
if (strpos($line, '@@BEGIN BBSMAIL BODY') !== false) {
$bbsmail_header = 0;
$bbsmail_body = 1;
continue;
}
if ($bbsmail_body == 1) {
if (strpos($line, '@@END BBSMAIL BODY') !== false) {
break;
}
if ($message_body == 1) {
$return_data['bbsmail_body'] .= $line . "\n";
continue;
}
if (strpos($line, 'Sender: ') !== false) {
$bbsmail = explode("Sender: ", $line);
$return_data['bbsmail_sender'] = trim($bbsmail[1]);
} else {
if (strpos($line, 'Recipient: ') !== false) {
$bbsmail = explode("Recipient: ", $line);
$return_data['bbsmail_recipient'] = trim($bbsmail[1]);
} else {
if (strpos($line, 'Date: ') !== false) {
$bbsmail = explode("Date: ", $line);
$return_data['bbsmail_date'] = trim($bbsmail[1]);
} else {
if (strpos($line, 'Subject: ') !== false) {
$bbsmail = explode("Subject: ", $line);
$return_data['bbsmail_subject'] = trim($bbsmail[1]);
} else {
if (strpos($line, 'Body: ') !== false) {
$bbsmail = explode("Body: ", $line);
$return_data['bbsmail_body'] = $bbsmail[1] . "\n";
$message_body = 1;
}
}
}
}
}
}
if (trim($line) == '.') {
$line = ' ';
}
if ($bbsmail_body == 1) {
if (! isset($return_data['body'])) {
$line = ltrim($line);
}
}
}
return ($return_data);
}
function inspect_message($message, $filename) {
function inspect_message($message, $filename)
{
global $logfile, $config_name, $bbsmail_path;
$header = array();
$body = array();
$return_data = array();
if(strpos($message, 'bbsmail-MAILKEY notice')) {
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Found MAILKEY message ".$filename, FILE_APPEND);
if (strpos($message, 'bbsmail-MAILKEY notice')) {
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Found MAILKEY message " . $filename, FILE_APPEND);
} else {
if(strpos($message, 'bbsmail-BBSMAIL notice')) {
if (strpos($message, 'bbsmail-BBSMAIL notice')) {
$return_data['type'] = 'bbsmail';
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Found BBSMAIL message ".$filename, FILE_APPEND);
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Found BBSMAIL message " . $filename, FILE_APPEND);
} else {
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Found UNKNOWN message ".$filename, FILE_APPEND);
rename($bbsmail_path.'/in/'.$filename, $bbsmail_path.'failed/'.$filename);
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Found UNKNOWN message " . $filename, FILE_APPEND);
rename($bbsmail_path . '/in/' . $filename, $bbsmail_path . 'failed/' . $filename);
return false;
}
}
$raw_message = file($message);
$is_header = 1;
$mailkey_header = 0;
$mailkey_body = 0;
foreach($raw_message as $line) {
if(trim($line) == '' && $is_header == 1) {
foreach ($raw_message as $line) {
if (trim($line) == '' && $is_header == 1) {
$is_header = 0;
continue;
}
if($is_header == 1) {
$return_data['header'].=$line;
if(strpos($line, 'From: ') !== false) {
if ($is_header == 1) {
$return_data['header'] .= $line;
if (strpos($line, 'From: ') !== false) {
$from_line = explode("From: ", $line);
$from = trim($from_line[1]);
$return_data['from'] = $from;
}
if(strpos($line, 'Subject: ') !== false) {
if (strpos($line, 'Subject: ') !== false) {
$subject_line = explode("Subject: ", $line);
$subject = trim($subject_line[1]);
if(strpos($subject, '@@RSL MAILKEY notice') !== false) {
if (strpos($subject, '@@RSL MAILKEY notice') !== false) {
$return_data['type'] = 'mailkey';
} else {
if(strpos($subject, '@@RSL BBSMAIL notice') !== false) {
if (strpos($subject, '@@RSL BBSMAIL notice') !== false) {
$return_data['type'] = 'bbsmail';
} else {
return false;
@ -398,133 +420,135 @@ function inspect_message($message, $filename) {
}
$header[] = $line;
} else {
$return_data['body'].=$line;
if($return_data['type'] == 'mailkey') {
if(strpos($line, '@@BEGIN MAILKEY HEADERS') !== false) {
$return_data['body'] .= $line;
if ($return_data['type'] == 'mailkey') {
if (strpos($line, '@@BEGIN MAILKEY HEADERS') !== false) {
$mailkey_header = 1;
}
if($mailkey_header == 1) {
if(strpos($line, 'From: ') !== false) {
if ($mailkey_header == 1) {
if (strpos($line, 'From: ') !== false) {
$mailkey = explode("From: ", $line);
$return_data['mailkey_from'] = trim($mailkey[1]);
} else {
if(strpos($line, 'Version: ') !== false) {
if (strpos($line, 'Version: ') !== false) {
$mailkey = explode("Version: ", $line);
$return_data['mailkey_version'] = trim($mailkey[1]);
} else {
if(strpos($line, 'Notice-ID: ') !== false) {
if (strpos($line, 'Notice-ID: ') !== false) {
$mailkey = explode("Notice-ID: ", $line);
$return_data['mailkey_notice-id'] = trim($mailkey[1]);
}
}
}
}
if(strpos($line, '@@BEGIN MAILKEY BODY') !== false) {
if (strpos($line, '@@BEGIN MAILKEY BODY') !== false) {
$mailkey_body = 1;
$mailkey_header = 0;
}
if($mailkey_body == 1) {
if(strpos($line, 'Key: ') !== false) {
if ($mailkey_body == 1) {
if (strpos($line, 'Key: ') !== false) {
$mailkey = explode("Key: ", $line);
$return_data['mailkey_key'] = trim($mailkey[1]);
} else {
if(strpos($line, 'Location: ') !== false) {
if (strpos($line, 'Location: ') !== false) {
$mailkey = explode("Location: ", $line);
$return_data['mailkey_location'] = trim($mailkey[1]);
} else {
if(strpos($line, 'Domain: ') !== false) {
if (strpos($line, 'Domain: ') !== false) {
$mailkey = explode("Domain: ", $line);
$return_data['mailkey_domain'] = trim($mailkey[1]);
}
}
}
}
if(trim($line) == '.') {
if (trim($line) == '.') {
$line = ' ';
}
}
}
}
return($return_data);
return ($return_data);
}
function send_keys_to_group($res, $rslight_gpg) {
function send_keys_to_group($res, $rslight_gpg)
{
global $spooldir, $config_name, $logfile, $mail_update_time, $CONFIG, $rslight_version;
$cwd = getcwd();
$keydir = preg_replace('/spoolnews/','pubkey/',$cwd);
$keydir = preg_replace('/spoolnews/', 'pubkey/', $cwd);
$key_location = "/pubkey/server_pubkey.txt";
$signing_key = trim(file_get_contents($keydir.'/server_fingerprint.txt'));
$signing_key = trim(file_get_contents($keydir . '/server_fingerprint.txt'));
$fingerprint_clean = preg_replace('/\ /', '', $signing_key);
if(gnupg_keyinfo($res, $fingerprint_clean) == false) { // We have no private key, abort.
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Private Key not Found", FILE_APPEND);
if (gnupg_keyinfo($res, $fingerprint_clean) == false) { // We have no private key, abort.
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Private Key not Found", FILE_APPEND);
return false;
}
gnupg_addsignkey($res,$fingerprint_clean)."\n";
$start="@@BEGIN MAILKEY HEADERS";
$begin="@@BEGIN MAILKEY BODY";
$end="@@END MAILKEY BODY";
/* Get days since last sent for creating message-id
* (Don't allow posting more than once per day)
*/
gnupg_addsignkey($res, $fingerprint_clean) . "\n";
$start = "@@BEGIN MAILKEY HEADERS";
$begin = "@@BEGIN MAILKEY BODY";
$end = "@@END MAILKEY BODY";
/*
* Get days since last sent for creating message-id
* (Don't allow posting more than once per day)
*/
$date1 = date_create(date("Y-m-d", time() - $mail_update_time));
$date2 = date_create(date("Y-m-d", time()));
$diff_days = date_diff($date1,$date2);
$outgoing_dir = $spooldir.'/'.$config_name.'/outgoing';
if(!is_dir($outgoing_dir)) {
$diff_days = date_diff($date1, $date2);
$outgoing_dir = $spooldir . '/' . $config_name . '/outgoing';
if (! is_dir($outgoing_dir)) {
mkdir($outgoing_dir, 0700, true);
}
$domain = $rslight_gpg['domain_name'];
$organization = $CONFIG['organization'];
$from = $rslight_gpg['from_email'];
$contact = $rslight_gpg['contact'];
$outgoing_file = tempnam($outgoing_dir, 'bbsmail-');
$body='';
$body.="You may use this to import the public key for $domain.\n";
$body.="This message is automatically generated by $from.\n";
$body.="for inter-bbs mail exchange for Rocksolid Light.\n\n";
$body.="This message was signed using the following key:\n";
$body.="$signing_key\n\n";
$body.="The GPG key needed to verify the signature of messages\n";
$body.="issued by $from is available at:\n";
$body.="$domain$key_location\n\n";
$body.="For information contact $contact.\n\n";
$body.=$start."\n";
$body.=' Version: '.$rslight_version."\n";
$body.=' From: '.$from."\n";
$hashtail = hash('crc32', $domain.$organization.$from.$rslight_gpg['nntp_group']);
$thishash = hash('crc32', $body.$diff_days->format("%a").$hashtail).hash('crc32', $signing_key);
$body.=" Notice-ID: ".$thishash."\n";
$body.=$begin."\n";
$body.=" Key: ".$signing_key."\n";
$body.=" Location: ".$domain.$key_location."\n";
$body.=" Domain: ".$domain."\n";
$body.=$end."\n";
$header='';
$header.="From: $from\n";
$header.="Newsgroups: ".$rslight_gpg['nntp_group']."\n";
$header.="Subject: @@RSL MAILKEY notice ".$thishash."\n";
$header.="Message-ID: <$thishash@$domain>\n";
$header.="Content-Type: text/plain; charset=utf-8; format=flowed\n";
$header.="Content-Transfer-Encoding: 8bit\n";
$header.="Organization: $organization\n\n";
$body = '';
$body .= "You may use this to import the public key for $domain.\n";
$body .= "This message is automatically generated by $from.\n";
$body .= "for inter-bbs mail exchange for Rocksolid Light.\n\n";
$body .= "This message was signed using the following key:\n";
$body .= "$signing_key\n\n";
$body .= "The GPG key needed to verify the signature of messages\n";
$body .= "issued by $from is available at:\n";
$body .= "$domain$key_location\n\n";
$body .= "For information contact $contact.\n\n";
$body .= $start . "\n";
$body .= ' Version: ' . $rslight_version . "\n";
$body .= ' From: ' . $from . "\n";
$hashtail = hash('crc32', $domain . $organization . $from . $rslight_gpg['nntp_group']);
$thishash = hash('crc32', $body . $diff_days->format("%a") . $hashtail) . hash('crc32', $signing_key);
$body .= " Notice-ID: " . $thishash . "\n";
$body .= $begin . "\n";
$body .= " Key: " . $signing_key . "\n";
$body .= " Location: " . $domain . $key_location . "\n";
$body .= " Domain: " . $domain . "\n";
$body .= $end . "\n";
$header = '';
$header .= "From: $from\n";
$header .= "Newsgroups: " . $rslight_gpg['nntp_group'] . "\n";
$header .= "Subject: @@RSL MAILKEY notice " . $thishash . "\n";
$header .= "Message-ID: <$thishash@$domain>\n";
$header .= "Content-Type: text/plain; charset=utf-8; format=flowed\n";
$header .= "Content-Transfer-Encoding: 8bit\n";
$header .= "Organization: $organization\n\n";
$signed_body = gnupg_sign($res, $body);
file_put_contents($outgoing_file, $header.$signed_body);
echo "Posted <".$thishash."@".$domain.">\n\n";
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Mail Sent: <".$thishash."@".$domain.">", FILE_APPEND);
file_put_contents($outgoing_file, $header . $signed_body);
echo "Posted <" . $thishash . "@" . $domain . ">\n\n";
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Mail Sent: <" . $thishash . "@" . $domain . ">", FILE_APPEND);
return true;
}

221
Rocksolid_Light/rslight/scripts/nntp-ssl.php
View File

@ -1,18 +1,18 @@
<?php
include "config.inc.php";
include ("$file_newsportal");
include $config_dir."/scripts/rslight-lib.php";
if(file_exists($config_dir."/nntp.disable")) {
clearstatcache(true, $config_dir."/nntp.disable");
$parent_pid = file_get_contents($lockdir.'/rslight-nntp.lock', IGNORE_NEW_LINES);
posix_kill($parent_pid, SIGTERM);
exit;
include ("$file_newsportal");
include $config_dir . "/scripts/rslight-lib.php";
if (file_exists($config_dir . "/nntp.disable")) {
clearstatcache(true, $config_dir . "/nntp.disable");
$parent_pid = file_get_contents($lockdir . '/rslight-nntp.lock', IGNORE_NEW_LINES);
posix_kill($parent_pid, SIGTERM);
exit();
}
/**
* Listens for requests and forks on each connection
*/
* Listens for requests and forks on each connection
*/
$__server_listening = true;
//error_reporting(E_ALL);
// error_reporting(E_ALL);
set_time_limit(0);
ob_implicit_flush();
declare(ticks = 1);
@ -24,167 +24,154 @@
pcntl_signal(SIGINT, 'sig_handler');
pcntl_signal(SIGCHLD, 'sig_handler');
if(isset($CONFIG['enable_all_networks']) && $CONFIG['enable_all_networks'] == true) {
$bind="0.0.0.0";
if (isset($CONFIG['enable_all_networks']) && $CONFIG['enable_all_networks'] == true) {
$bind = "0.0.0.0";
} else {
$bind=$CONFIG['local_server'];
$bind = $CONFIG['local_server'];
}
server_loop($bind, $CONFIG['local_ssl_port']);
/**
* Change the identity to a non-priv user
*/
function change_identity( $uid, $gid )
* Change the identity to a non-priv user
*/
function change_identity($uid, $gid)
{
if( !posix_setgid( $gid ) )
{
if (! posix_setgid($gid)) {
print "Unable to setgid to " . $gid . "!\n";
exit;
exit();
}
if( !posix_setuid( $uid ) )
{
if (! posix_setuid($uid)) {
print "Unable to setuid to " . $uid . "!\n";
exit;
exit();
}
}
/**
* Creates a server socket and listens for incoming client connections
* @param string $address The address to listen on
* @param int $port The port to listen on
*/
* Creates a server socket and listens for incoming client connections
*
* @param string $address
* The address to listen on
* @param int $port
* The port to listen on
*/
function server_loop($address, $port)
{
GLOBAL $__server_listening;
GLOBAL
$CONFIG,$logdir,$lockdir,$webserver_uid,$webserver_gid,$installed_path,
$config_path,$groupconfig,$workpath,$path,$spooldir,$ssldir,$nntp_group,$auth_ok;
$logfile=$logdir.'/nntp.log';
$lockfile = $lockdir . '/rslight-nntp-ssl.lock';
$pid = file_get_contents($lockfile);
if (posix_getsid($pid) === false || !is_file($lockfile)) {
print "Starting Rocksolid Light NNTP Server...\n";
file_put_contents($lockfile, getmypid()); // create lockfile
} else {
print "Rocksolid Light NNTP Server currently running\n";
exit;
}
GLOBAL $CONFIG, $logdir, $lockdir, $webserver_uid, $webserver_gid, $installed_path, $config_path, $groupconfig, $workpath, $path, $spooldir, $ssldir, $nntp_group, $auth_ok;
$logfile = $logdir . '/nntp.log';
$lockfile = $lockdir . '/rslight-nntp-ssl.lock';
$pid = file_get_contents($lockfile);
if (posix_getsid($pid) === false || ! is_file($lockfile)) {
print "Starting Rocksolid Light NNTP Server...\n";
file_put_contents($lockfile, getmypid()); // create lockfile
} else {
print "Rocksolid Light NNTP Server currently running\n";
exit();
}
$auth_ok = 0;
$user = "";
$pass = "";
$pemfile = $ssldir.'/server.pem';
if(!is_file($pemfile)) {
create_node_ssl_cert($pemfile);
}
$context = stream_context_create();
stream_context_set_option($context, 'ssl', 'local_cert', $pemfile);
stream_context_set_option($context, 'ssl', 'allow_self_signed', true);
stream_context_set_option($context, 'ssl', 'verify_peer', false);
stream_context_set_option($context, 'ssl', 'verify_peer_name', false);
stream_context_set_option($context, 'ssl', 'ciphers', 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384');
$sock = stream_socket_server(
'tcp://'.$address.':'.$port,
$errno,
$errstr,
STREAM_SERVER_BIND|STREAM_SERVER_LISTEN,
$context
);
/* Change to non root user */
$uinfo=posix_getpwnam($CONFIG['webserver_user']);
change_identity($uinfo["uid"],$uinfo["gid"]);
/* Everything below runs as $CONFIG['webserver_user'] */
$auth_ok = 0;
$user = "";
$pass = "";
$pemfile = $ssldir . '/server.pem';
if (! is_file($pemfile)) {
create_node_ssl_cert($pemfile);
}
$context = stream_context_create();
stream_context_set_option($context, 'ssl', 'local_cert', $pemfile);
stream_context_set_option($context, 'ssl', 'allow_self_signed', true);
stream_context_set_option($context, 'ssl', 'verify_peer', false);
stream_context_set_option($context, 'ssl', 'verify_peer_name', false);
stream_context_set_option($context, 'ssl', 'ciphers', 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384');
$sock = stream_socket_server('tcp://' . $address . ':' . $port, $errno, $errstr, STREAM_SERVER_BIND | STREAM_SERVER_LISTEN, $context);
/* Change to non root user */
$uinfo = posix_getpwnam($CONFIG['webserver_user']);
change_identity($uinfo["uid"], $uinfo["gid"]);
/* Everything below runs as $CONFIG['webserver_user'] */
echo "waiting for clients to connect\n";
while ($__server_listening)
{
while ($__server_listening) {
$connection = stream_socket_accept($sock);
if ($connection === false)
{
if ($connection === false) {
usleep(100);
}elseif ($connection > 0)
{
} elseif ($connection > 0) {
handle_client($sock, $connection);
}else
{
echo "error: ".socket_strerror($connection);
file_put_contents($logfile, "\n".format_log_date()." error: ".socket_strerror($connection), FILE_APPEND);
die;
} else {
echo "error: " . socket_strerror($connection);
file_put_contents($logfile, "\n" . format_log_date() . " error: " . socket_strerror($connection), FILE_APPEND);
die();
}
}
}
/**
* Signal handler
*/
* Signal handler
*/
function sig_handler($sig)
{
switch($sig)
{
switch ($sig) {
case SIGTERM:
case SIGINT:
exit();
break;
break;
case SIGCHLD:
pcntl_waitpid(-1, $status);
break;
pcntl_waitpid(- 1, $status);
break;
}
}
/**
* Handle a new client connection
*/
* Handle a new client connection
*/
function handle_client($ssock, $csock)
{
GLOBAL $__server_listening;
$pid = pcntl_fork();
if ($pid == -1)
{
if ($pid == - 1) {
/* fork failed */
echo "fork failure!\n";
die;
}elseif ($pid == 0)
{
die();
} elseif ($pid == 0) {
/* child process */
$__server_listening = false;
fclose($ssock);
interact($csock, true);
fclose($csock);
}else
{
} else {
fclose($csock);
}
}
function create_certificate($pemfile) {
global $CONFIG;
$certificateData = array(
"countryName" => "US",
"stateOrProvinceName" => "New York",
"localityName" => "New York City",
"organizationName" => "Rocksolid",
"organizationalUnitName" => "Rocksolid Light",
"commonName" => $CONFIG['organization'],
"emailAddress" => "rocksolid@example.com"
);
// Generate certificate
$privateKey = openssl_pkey_new();
$certificate = openssl_csr_new($certificateData, $privateKey);
$certificate = openssl_csr_sign($certificate, null, $privateKey, 365);
function create_certificate($pemfile)
{
global $CONFIG;
$certificateData = array(
"countryName" => "US",
"stateOrProvinceName" => "New York",
"localityName" => "New York City",
"organizationName" => "Rocksolid",
"organizationalUnitName" => "Rocksolid Light",
"commonName" => $CONFIG['organization'],
"emailAddress" => "rocksolid@example.com"
);
// Generate PEM file
$pem_passphrase = null; // empty for no passphrase
$pem = array();
openssl_x509_export($certificate, $pem[0]);
openssl_pkey_export($privateKey, $pem[1], $pem_passphrase);
$pem = implode($pem);
// Generate certificate
$privateKey = openssl_pkey_new();
$certificate = openssl_csr_new($certificateData, $privateKey);
$certificate = openssl_csr_sign($certificate, null, $privateKey, 365);
// Save PEM file
file_put_contents($pemfile, $pem);
}
?>
// Generate PEM file
$pem_passphrase = null; // empty for no passphrase
$pem = array();
openssl_x509_export($certificate, $pem[0]);
openssl_pkey_export($privateKey, $pem[1], $pem_passphrase);
$pem = implode($pem);
// Save PEM file
file_put_contents($pemfile, $pem);
}
?>

149
Rocksolid_Light/rslight/scripts/nntp.php
View File

@ -1,18 +1,18 @@
<?php
include "config.inc.php";
include ("$file_newsportal");
include $config_dir."/scripts/rslight-lib.php";
if(file_exists($config_dir."/nntp.disable")) {
clearstatcache(true, $config_dir."/nntp.disable");
$parent_pid = file_get_contents($lockdir.'/rslight-nntp.lock', IGNORE_NEW_LINES);
posix_kill($parent_pid, SIGTERM);
exit;
include ("$file_newsportal");
include $config_dir . "/scripts/rslight-lib.php";
if (file_exists($config_dir . "/nntp.disable")) {
clearstatcache(true, $config_dir . "/nntp.disable");
$parent_pid = file_get_contents($lockdir . '/rslight-nntp.lock', IGNORE_NEW_LINES);
posix_kill($parent_pid, SIGTERM);
exit();
}
/**
* Listens for requests and forks on each connection
*/
* Listens for requests and forks on each connection
*/
$__server_listening = true;
//error_reporting(E_ALL);
// error_reporting(E_ALL);
set_time_limit(0);
ob_implicit_flush();
declare(ticks = 1);
@ -24,128 +24,115 @@
pcntl_signal(SIGINT, 'sig_handler');
pcntl_signal(SIGCHLD, 'sig_handler');
if(isset($CONFIG['enable_all_networks']) && $CONFIG['enable_all_networks'] == true) {
$bind="0.0.0.0";
if (isset($CONFIG['enable_all_networks']) && $CONFIG['enable_all_networks'] == true) {
$bind = "0.0.0.0";
} else {
$bind=$CONFIG['local_server'];
$bind = $CONFIG['local_server'];
}
server_loop($bind, $CONFIG['local_port']);
/**
* Change the identity to a non-priv user
*/
function change_identity( $uid, $gid )
* Change the identity to a non-priv user
*/
function change_identity($uid, $gid)
{
if( !posix_setgid( $gid ) )
{
if (! posix_setgid($gid)) {
print "Unable to setgid to " . $gid . "!\n";
exit;
exit();
}
if( !posix_setuid( $uid ) )
{
if (! posix_setuid($uid)) {
print "Unable to setuid to " . $uid . "!\n";
exit;
exit();
}
}
/**
* Creates a server socket and listens for incoming client connections
* @param string $address The address to listen on
* @param int $port The port to listen on
*/
* Creates a server socket and listens for incoming client connections
*
* @param string $address
* The address to listen on
* @param int $port
* The port to listen on
*/
function server_loop($address, $port)
{
GLOBAL $__server_listening;
GLOBAL
$CONFIG,$logdir,$lockdir,$webserver_uid,$webserver_gid,$installed_path,
$config_path,$groupconfig,$workpath,$path,$spooldir,$nntp_group,$auth_ok;
$logfile=$logdir.'/nntp.log';
$lockfile = $lockdir . '/rslight-nntp.lock';
$pid = file_get_contents($lockfile);
if (posix_getsid($pid) === false || !is_file($lockfile)) {
print "Starting Rocksolid Light NNTP Server...\n";
file_put_contents($lockfile, getmypid()); // create lockfile
} else {
print "Rocksolid Light NNTP Server currently running\n";
exit;
}
GLOBAL $CONFIG, $logdir, $lockdir, $webserver_uid, $webserver_gid, $installed_path, $config_path, $groupconfig, $workpath, $path, $spooldir, $nntp_group, $auth_ok;
$logfile = $logdir . '/nntp.log';
$lockfile = $lockdir . '/rslight-nntp.lock';
$pid = file_get_contents($lockfile);
if (posix_getsid($pid) === false || ! is_file($lockfile)) {
print "Starting Rocksolid Light NNTP Server...\n";
file_put_contents($lockfile, getmypid()); // create lockfile
} else {
print "Rocksolid Light NNTP Server currently running\n";
exit();
}
$auth_ok = 0;
$user = "";
$pass = "";
$sock = stream_socket_server(
'tcp://'.$address.':'.$port,
$errno,
$errstr,
STREAM_SERVER_BIND|STREAM_SERVER_LISTEN
);
/* Change to non root user */
$uinfo=posix_getpwnam($CONFIG['webserver_user']);
change_identity($uinfo["uid"],$uinfo["gid"]);
/* Everything below runs as $CONFIG['webserver_user'] */
$auth_ok = 0;
$user = "";
$pass = "";
$sock = stream_socket_server('tcp://' . $address . ':' . $port, $errno, $errstr, STREAM_SERVER_BIND | STREAM_SERVER_LISTEN);
/* Change to non root user */
$uinfo = posix_getpwnam($CONFIG['webserver_user']);
change_identity($uinfo["uid"], $uinfo["gid"]);
/* Everything below runs as $CONFIG['webserver_user'] */
echo "waiting for clients to connect\n";
while ($__server_listening)
{
while ($__server_listening) {
$connection = stream_socket_accept($sock);
if ($connection === false)
{
if ($connection === false) {
usleep(100);
}elseif ($connection > 0)
{
} elseif ($connection > 0) {
handle_client($sock, $connection);
}else
{
echo "error: ".socket_strerror($connection);
file_put_contents($logfile, "\n".format_log_date()." error: ".socket_strerror($connection), FILE_APPEND);
die;
} else {
echo "error: " . socket_strerror($connection);
file_put_contents($logfile, "\n" . format_log_date() . " error: " . socket_strerror($connection), FILE_APPEND);
die();
}
}
}
/**
* Signal handler
*/
* Signal handler
*/
function sig_handler($sig)
{
switch($sig)
{
switch ($sig) {
case SIGTERM:
case SIGINT:
exit();
break;
break;
case SIGCHLD:
pcntl_waitpid(-1, $status);
break;
pcntl_waitpid(- 1, $status);
break;
}
}
/**
* Handle a new client connection
*/
* Handle a new client connection
*/
function handle_client($ssock, $csock)
{
GLOBAL $__server_listening;
$pid = pcntl_fork();
if ($pid == -1)
{
if ($pid == - 1) {
/* fork failed */
echo "fork failure!\n";
die;
}elseif ($pid == 0)
{
die();
} elseif ($pid == 0) {
/* child process */
$__server_listening = false;
fclose($ssock);
interact($csock, false);
fclose($csock);
}else
{
} else {
fclose($csock);
}
}
?>
?>

287
Rocksolid_Light/rslight/scripts/nocem.php
View File

@ -1,151 +1,160 @@
<?php
include "config.inc.php";
include ("$file_newsportal");
include $config_dir . "/gpg.conf";
include "config.inc.php";
include ("$file_newsportal");
include $config_dir."/gpg.conf";
if(!isset($CONFIG['enable_nocem']) || $CONFIG['enable_nocem'] != true) {
exit;
}
if (! isset($CONFIG['enable_nocem']) || $CONFIG['enable_nocem'] != true) {
exit();
}
$lockfile = $lockdir . '/rslight-spoolnews.lock';
$pid = file_get_contents($lockfile);
if (posix_getsid($pid) === false || !is_file($lockfile)) {
$lockfile = $lockdir . '/rslight-spoolnews.lock';
$pid = file_get_contents($lockfile);
if (posix_getsid($pid) === false || ! is_file($lockfile)) {
print "Starting nocem...\n";
file_put_contents($lockfile, getmypid()); // create lockfile
} else {
} else {
print "nocem currently running\n";
exit;
}
putenv("GNUPGHOME=".$rslight_gpg['gnupghome']);
$res = gnupg_init();
$webserver_group=$CONFIG['webserver_user'];
$logfile=$logdir.'/nocem.log';
@mkdir($spooldir."/nocem/processed",0755,'recursive');
@mkdir($spooldir."/nocem/failed",0755,'recursive');
$nocem_path=$spooldir."/nocem/";
$messages=scandir($nocem_path);
$begin="@@BEGIN NCM BODY";
$end="@@END NCM BODY";
foreach($messages as $message) {
$nocem_file=$nocem_path.$message;
if(!is_file($nocem_file)) {
continue;
}
$signed_text=file_get_contents($nocem_file);
if(verify_gpg_signature($res, $signed_text) == 1) {
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Good signature in: ".$message, FILE_APPEND);
echo "Good signature in: ".$message."\r\n";
} else {
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Bad signature in: ".$message, FILE_APPEND);
echo "Bad signature in: ".$message."\r\n";
rename($nocem_file, $nocem_path."failed/".$message);
continue;
}
$nocem_list=file($nocem_file, FILE_IGNORE_NEW_LINES);
$start=0;
foreach($nocem_list as $nocem_line) {
if(strpos($nocem_line, $begin) !== false) {
$start=1;
continue;
}
if(strpos($nocem_line, $end) !== false) {
break;
}
if((isset($nocem_line[0]) && $nocem_line[0] == '<') && $start == 1) {
$found = explode(' ', $nocem_line);
$msgid = $found[0];
foreach($found as $found_group) {
delete_message($msgid, $found_group);
}
}
}
rename($nocem_file, $nocem_path."processed/".$message);
}
unlink($lockfile);
exit;
function delete_message($messageid, $group) {
global $logfile,$config_dir,$spooldir, $CONFIG, $webserver_group;
/* Find section */
$menulist = file($config_dir."menu.conf", FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
foreach($menulist as $menu) {
if($menu[0] == '#') {
continue;
}
$menuitem=explode(':', $menu);
$glfp=fopen($config_dir.$menuitem[0]."/groups.txt", 'r');
$section="";
while($gl=fgets($glfp)) {
$group_name = preg_split("/( |\t)/", $gl, 2);
if(strtolower(trim($group)) == strtolower(trim($group_name[0]))) {
$config_name=$menuitem[0];
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." FOUND: ".$messageid." IN: ".$config_name.'/'.$group, FILE_APPEND);
break 2;
}
}
}
if($CONFIG['article_database'] == '1') {
$database = $spooldir.'/'.$group.'-articles.db3';
if(is_file($database)) {
$articles_dbh = article_db_open($database);
$articles_query = $articles_dbh->prepare('DELETE FROM articles WHERE msgid=:messageid');
$articles_query->execute(['messageid' => $messageid]);
$articles_dbh = null;
}
}
// Handle overview and history
$database = $spooldir.'/articles-overview.db3';
$dbh = overview_db_open($database);
$stmt_del = $dbh->prepare('DELETE FROM overview WHERE newsgroup=:newsgroup AND msgid=:msgid');
$query = $dbh->prepare('SELECT * FROM overview WHERE newsgroup=:newsgroup AND msgid=:msgid');
$query->execute([':newsgroup' => $group, ':msgid' => $messageid]);
$grouppath = preg_replace('/\./', '/', $group);
$status = "deleted";
$statusdate = time();
$statusreason = "nocem";
$statusnotes = null;
while($row = $query->fetch()) {
if(is_file($spooldir.'/articles/'.$grouppath.'/'.$row['number'])) {
unlink($spooldir.'/articles/'.$grouppath.'/'.$row['number']);
}
delete_message_from_overboard($config_name, $group, $messageid);
add_to_history($group, $row['number'], $row['msgid'], $status, $statusdate, $statusreason, $statusnotes);
thread_cache_removearticle($group, $row['number']);
}
$stmt_del->execute([':newsgroup' => $group, ':msgid' => $messageid]);
$dbh = null;
return;
exit();
}
function delete_message_from_overboard($config_name, $group, $messageid) {
GLOBAL $spooldir;
$cachefile=$spooldir."/".$config_name."-overboard.dat";
if(is_file($cachefile)) {
$cached_overboard = unserialize(file_get_contents($cachefile));
if($target = $cached_overboard['msgids'][$messageid]) {
unset($cached_overboard['threads'][$target['date']]);
unset($cached_overboard['msgids'][$messageid]);
unset($cached_overboard['threadlink'][$messageid]);
file_put_contents($cachefile, serialize($cached_overboard));
putenv("GNUPGHOME=" . $rslight_gpg['gnupghome']);
$res = gnupg_init();
$webserver_group = $CONFIG['webserver_user'];
$logfile = $logdir . '/nocem.log';
@mkdir($spooldir . "/nocem/processed", 0755, 'recursive');
@mkdir($spooldir . "/nocem/failed", 0755, 'recursive');
$nocem_path = $spooldir . "/nocem/";
$messages = scandir($nocem_path);
$begin = "@@BEGIN NCM BODY";
$end = "@@END NCM BODY";
foreach ($messages as $message) {
$nocem_file = $nocem_path . $message;
if (! is_file($nocem_file)) {
continue;
}
}
$cachefile=$spooldir."/".$group."-overboard.dat";
if(is_file($cachefile)) {
$cached_overboard = unserialize(file_get_contents($cachefile));
if($target = $cached_overboard['msgids'][$messageid]) {
unset($cached_overboard['threads'][$target['date']]);
unset($cached_overboard['msgids'][$messageid]);
unset($cached_overboard['threadlink'][$messageid]);
file_put_contents($cachefile, serialize($cached_overboard));
$signed_text = file_get_contents($nocem_file);
if (verify_gpg_signature($res, $signed_text) == 1) {
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Good signature in: " . $message, FILE_APPEND);
echo "Good signature in: " . $message . "\r\n";
} else {
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Bad signature in: " . $message, FILE_APPEND);
echo "Bad signature in: " . $message . "\r\n";
rename($nocem_file, $nocem_path . "failed/" . $message);
continue;
}
$nocem_list = file($nocem_file, FILE_IGNORE_NEW_LINES);
$start = 0;
foreach ($nocem_list as $nocem_line) {
if (strpos($nocem_line, $begin) !== false) {
$start = 1;
continue;
}
if (strpos($nocem_line, $end) !== false) {
break;
}
if ((isset($nocem_line[0]) && $nocem_line[0] == '<') && $start == 1) {
$found = explode(' ', $nocem_line);
$msgid = $found[0];
foreach ($found as $found_group) {
delete_message($msgid, $found_group);
}
}
}
rename($nocem_file, $nocem_path . "processed/" . $message);
}
unlink($lockfile);
exit();
function delete_message($messageid, $group)
{
global $logfile, $config_dir, $spooldir, $CONFIG, $webserver_group;
/* Find section */
$menulist = file($config_dir . "menu.conf", FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
foreach ($menulist as $menu) {
if ($menu[0] == '#') {
continue;
}
$menuitem = explode(':', $menu);
$glfp = fopen($config_dir . $menuitem[0] . "/groups.txt", 'r');
$section = "";
while ($gl = fgets($glfp)) {
$group_name = preg_split("/( |\t)/", $gl, 2);
if (strtolower(trim($group)) == strtolower(trim($group_name[0]))) {
$config_name = $menuitem[0];
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " FOUND: " . $messageid . " IN: " . $config_name . '/' . $group, FILE_APPEND);
break 2;
}
}
}
if ($CONFIG['article_database'] == '1') {
$database = $spooldir . '/' . $group . '-articles.db3';
if (is_file($database)) {
$articles_dbh = article_db_open($database);
$articles_query = $articles_dbh->prepare('DELETE FROM articles WHERE msgid=:messageid');
$articles_query->execute([
'messageid' => $messageid
]);
$articles_dbh = null;
}
}
// Handle overview and history
$database = $spooldir . '/articles-overview.db3';
$dbh = overview_db_open($database);
$stmt_del = $dbh->prepare('DELETE FROM overview WHERE newsgroup=:newsgroup AND msgid=:msgid');
$query = $dbh->prepare('SELECT * FROM overview WHERE newsgroup=:newsgroup AND msgid=:msgid');
$query->execute([
':newsgroup' => $group,
':msgid' => $messageid
]);
$grouppath = preg_replace('/\./', '/', $group);
$status = "deleted";
$statusdate = time();
$statusreason = "nocem";
$statusnotes = null;
while ($row = $query->fetch()) {
if (is_file($spooldir . '/articles/' . $grouppath . '/' . $row['number'])) {
unlink($spooldir . '/articles/' . $grouppath . '/' . $row['number']);
}
delete_message_from_overboard($config_name, $group, $messageid);
add_to_history($group, $row['number'], $row['msgid'], $status, $statusdate, $statusreason, $statusnotes);
thread_cache_removearticle($group, $row['number']);
}
$stmt_del->execute([
':newsgroup' => $group,
':msgid' => $messageid
]);
$dbh = null;
return;
}
function delete_message_from_overboard($config_name, $group, $messageid)
{
GLOBAL $spooldir;
$cachefile = $spooldir . "/" . $config_name . "-overboard.dat";
if (is_file($cachefile)) {
$cached_overboard = unserialize(file_get_contents($cachefile));
if ($target = $cached_overboard['msgids'][$messageid]) {
unset($cached_overboard['threads'][$target['date']]);
unset($cached_overboard['msgids'][$messageid]);
unset($cached_overboard['threadlink'][$messageid]);
file_put_contents($cachefile, serialize($cached_overboard));
}
}
$cachefile = $spooldir . "/" . $group . "-overboard.dat";
if (is_file($cachefile)) {
$cached_overboard = unserialize(file_get_contents($cachefile));
if ($target = $cached_overboard['msgids'][$messageid]) {
unset($cached_overboard['threads'][$target['date']]);
unset($cached_overboard['msgids'][$messageid]);
unset($cached_overboard['threadlink'][$messageid]);
file_put_contents($cachefile, serialize($cached_overboard));
}
}
}
}
?>

2120
Rocksolid_Light/rslight/scripts/rslight-lib.php
View File

File diff suppressed because it is too large Load Diff

201
Rocksolid_Light/rslight/scripts/rss-feeds.php
View File

@ -1,104 +1,107 @@
#!/usr/local/bin/php
<?php
chdir('../rocksolid/');
include "config.inc.php";
include "newsportal.php";
chdir('../rocksolid/');
include "config.inc.php";
include "newsportal.php";
$maxlen = 500;
$rssdir = $config_dir.'/rss/';
$rssfiles = array();
if(isset($argv[1])) {
$rssfiles[0] = $argv[1];
} else {
$rssfiles = array_diff(scandir($rssdir), array('..', '.'));
}
foreach($rssfiles as $rssfile) {
if(!is_file($config_dir.'/rss/'.$rssfile)) {
continue;
}
$body = '';
unset($RSS);
$RSS = get_rss_config($config_dir.'/rss/'.$rssfile);
if($RSS['enable'] !== '1') {
continue;
}
if(filemtime($spooldir.'/'.$rssfile.'-rss-timer') + $RSS['timer'] > time()) {
if(!is_file($rssdir.'/debug')) {
continue;
}
}
$xmlData = file_get_contents($RSS['url']);
$xml = simplexml_load_string($xmlData, 'SimpleXMLElement', LIBXML_NOCDATA);
if($RSS['root'] != '') {
$xmlstart = $xml->{$RSS['root']};
} else {
$xmlstart = $xml;
}
foreach($xmlstart->{$RSS['item']} as $item)
{
if(trim($item->{$RSS['link']}) == '') {
$item->{$RSS['link']} = $item->{$RSS['link']}[href];
} else {
$item->{$RSS['link']} = $item->{$RSS['link']};
}
$body.=$item->{$RSS['title']}."\n";
if(isset($RSS['urlprefix']) && ($RSS['urlprefix'] !== '')) {
$url = $RSS['urlprefix'].$item->{$RSS['link']};
} else {
$url = $item->{$RSS['link']};
}
if(isset($RSS['urlprefixalt']) && ($RSS['urlprefixalt'] !== '')) {
$urlalt = $RSS['urlprefixalt'].$item->{$RSS['link']};
} else {
$urlalt = '';
}
if(substr($url,0,4) !== "http") {
$urlprefix = explode('/', $RSS['url']);
$url = $urlprefix[0].'/'.$urlprefix[1].'/'.$urlprefix[2].$item->{$RSS['link']};
}
$body.=$url."\n";
if($urlalt !== '') {
$body.=$urlalt."\n";
}
if(isset($RSS['date_namespaceuri']) && ($RSS['date_namespaceuri'] !== '')) {
$dc_date = $item->children($RSS['date_namespaceuri']);
$body.=date("F j, Y, g:i A", strtotime($dc_date));
} else {
$body.=date("F j, Y, g:i A", strtotime($item->{$RSS['date']}));
}
$body.="\n";
if(strlen($item->{$RSS['content']}) > $maxlen) {
$content=substr(trim(strip_tags($item->{$RSS['content']})),0,$maxlen);
$dots = '...';
} else {
$content=trim(strip_tags($item->{$RSS['content']}));
$dots = '';
}
$content = preg_replace('#\R+#', "\n", $content);
$body.=$content.$dots;
$body.="\n--------------------\n";
}
if(strpos($RSS['postfrom'], '@') === false) {
$RSS['postfrom'] = $RSS['postfrom'].$CONFIG['email_tail'];
}
if(isset($RSS['followupto']) && ($RSS['followupto'] !== '')) {
$followupto = $RSS['followupto'];
} else {
$followupto = null;
}
$body = strip_tags($body);
$maxlen = 500;
$rssdir = $config_dir . '/rss/';
$rssfiles = array();
if (isset($argv[1])) {
$rssfiles[0] = $argv[1];
} else {
$rssfiles = array_diff(scandir($rssdir), array(
'..',
'.'
));
}
foreach ($rssfiles as $rssfile) {
if (! is_file($config_dir . '/rss/' . $rssfile)) {
continue;
}
$body = '';
unset($RSS);
$RSS = get_rss_config($config_dir . '/rss/' . $rssfile);
if ($RSS['enable'] !== '1') {
continue;
}
if (filemtime($spooldir . '/' . $rssfile . '-rss-timer') + $RSS['timer'] > time()) {
if (! is_file($rssdir . '/debug')) {
continue;
}
}
$xmlData = file_get_contents($RSS['url']);
$xml = simplexml_load_string($xmlData, 'SimpleXMLElement', LIBXML_NOCDATA);
if ($RSS['root'] != '') {
$xmlstart = $xml->{$RSS['root']};
} else {
$xmlstart = $xml;
}
foreach ($xmlstart->{$RSS['item']} as $item) {
if (trim($item->{$RSS['link']}) == '') {
$item->{$RSS['link']} = $item->{$RSS['link']}[href];
} else {
$item->{$RSS['link']} = $item->{$RSS['link']};
}
$body .= $item->{$RSS['title']} . "\n";
if (isset($RSS['urlprefix']) && ($RSS['urlprefix'] !== '')) {
$url = $RSS['urlprefix'] . $item->{$RSS['link']};
} else {
$url = $item->{$RSS['link']};
}
if (isset($RSS['urlprefixalt']) && ($RSS['urlprefixalt'] !== '')) {
$urlalt = $RSS['urlprefixalt'] . $item->{$RSS['link']};
} else {
$urlalt = '';
}
if (substr($url, 0, 4) !== "http") {
$urlprefix = explode('/', $RSS['url']);
$url = $urlprefix[0] . '/' . $urlprefix[1] . '/' . $urlprefix[2] . $item->{$RSS['link']};
}
$body .= $url . "\n";
if ($urlalt !== '') {
$body .= $urlalt . "\n";
}
if (isset($RSS['date_namespaceuri']) && ($RSS['date_namespaceuri'] !== '')) {
$dc_date = $item->children($RSS['date_namespaceuri']);
$body .= date("F j, Y, g:i A", strtotime($dc_date));
} else {
$body .= date("F j, Y, g:i A", strtotime($item->{$RSS['date']}));
}
$body .= "\n";
if (strlen($item->{$RSS['content']}) > $maxlen) {
$content = substr(trim(strip_tags($item->{$RSS['content']})), 0, $maxlen);
$dots = '...';
} else {
$content = trim(strip_tags($item->{$RSS['content']}));
$dots = '';
}
$content = preg_replace('#\R+#', "\n", $content);
$body .= $content . $dots;
$body .= "\n--------------------\n";
}
if (strpos($RSS['postfrom'], '@') === false) {
$RSS['postfrom'] = $RSS['postfrom'] . $CONFIG['email_tail'];
}
if (isset($RSS['followupto']) && ($RSS['followupto'] !== '')) {
$followupto = $RSS['followupto'];
} else {
$followupto = null;
}
$body = strip_tags($body);
if(is_file($rssdir.'/debug')) {
print_r($xml);
echo $body;
} else {
echo message_post($RSS['message_subject'], $RSS['postfrom'], $RSS['newsgroup'], null, $body, null, null, null, $followupto)."\n";
touch($spooldir.'/'.$rssfile.'-rss-timer');
}
}
function get_rss_config($rssfile) {
$RSS = include($rssfile);
return($RSS);
}
if (is_file($rssdir . '/debug')) {
print_r($xml);
echo $body;
} else {
echo message_post($RSS['message_subject'], $RSS['postfrom'], $RSS['newsgroup'], null, $body, null, null, null, $followupto) . "\n";
touch($spooldir . '/' . $rssfile . '-rss-timer');
}
}
function get_rss_config($rssfile)
{
$RSS = include ($rssfile);
return ($RSS);
}
?>

131
Rocksolid_Light/rslight/scripts/send.php
View File

@ -1,25 +1,25 @@
<?php
/* spoolnews NNTP news spool creator
* Download: https://news.novabbs.com/getrslight
/*
* spoolnews NNTP news spool creator
* Download: https://news.novabbs.com/getrslight
*
* E-Mail: retroguy@novabbs.com
* Web: https://news.novabbs.com
* E-Mail: retroguy@novabbs.com
* Web: https://news.novabbs.com
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
set_time_limit(900);
include "config.inc.php";
@ -28,23 +28,23 @@ include ("$file_newsportal");
if ($CONFIG['remote_server'] == '') {
exit();
}
$logfile=$logdir.'/spoolnews.log';
$logfile = $logdir . '/spoolnews.log';
@mkdir($spooldir."/".$config_name,0755,'recursive');
@mkdir($spooldir . "/" . $config_name, 0755, 'recursive');
$lockfile = $lockdir . '/rslight-send.lock';
$pid = file_get_contents($lockfile);
if (posix_getsid($pid) === false || !is_file($lockfile)) {
print "Starting Send...\n";
file_put_contents($lockfile, getmypid()); // create lockfile
if (posix_getsid($pid) === false || ! is_file($lockfile)) {
print "Starting Send...\n";
file_put_contents($lockfile, getmypid()); // create lockfile
} else {
print "Send currently running\n";
exit;
print "Send currently running\n";
exit();
}
$ns=nntp2_open($CONFIG['remote_server'], $CONFIG['remote_port']);
if($ns == false) {
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Failed to connect to ".$CONFIG['remote_server'].":".$CONFIG['remote_port'], FILE_APPEND);
exit();
$ns = nntp2_open($CONFIG['remote_server'], $CONFIG['remote_port']);
if ($ns == false) {
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Failed to connect to " . $CONFIG['remote_server'] . ":" . $CONFIG['remote_port'], FILE_APPEND);
exit();
}
echo "\nPosting articles\r\n";
post_articles($ns, $spooldir);
@ -52,45 +52,46 @@ nntp_close($ns);
unlink($lockfile);
echo "\nSend Done\r\n";
function post_articles($ns, $spooldir) {
global $logfile,$config_name;
if(!is_dir($spooldir."/".$config_name."/outgoing/")) {
return "No messages to send\r\n";
}
$outgoing_dir = $spooldir."/".$config_name."/outgoing/";
$messages = scandir($outgoing_dir);
foreach($messages as $message) {
if(!is_file($outgoing_dir.$message)) {
continue;
function post_articles($ns, $spooldir)
{
global $logfile, $config_name;
if (! is_dir($spooldir . "/" . $config_name . "/outgoing/")) {
return "No messages to send\r\n";
}
echo "Sending: ".$outgoing_dir.$message."\r\n";
fputs($ns, "MODE READER\r\n");
$response = line_read($ns);
if (strcmp(substr($response,0,3),"200") != 0) {
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Unexpected response to MODE command: ".$response, FILE_APPEND);
return $response;
$outgoing_dir = $spooldir . "/" . $config_name . "/outgoing/";
$messages = scandir($outgoing_dir);
foreach ($messages as $message) {
if (! is_file($outgoing_dir . $message)) {
continue;
}
echo "Sending: " . $outgoing_dir . $message . "\r\n";
fputs($ns, "MODE READER\r\n");
$response = line_read($ns);
if (strcmp(substr($response, 0, 3), "200") != 0) {
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Unexpected response to MODE command: " . $response, FILE_APPEND);
return $response;
}
fputs($ns, "POST\r\n");
$response = line_read($ns);
if (strcmp(substr($response, 0, 3), "340") != 0) {
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Unexpected response to POST command: " . $response, FILE_APPEND);
return $response;
}
$message_fp = fopen($outgoing_dir . $message, "rb");
while (($msgline = fgets($message_fp, 4096)) !== false) {
fputs($ns, $msgline);
}
fputs($ns, ".\r\n");
fclose($message_fp);
$response = line_read($ns);
if (strcmp(substr($response, 0, 3), "240") == 0) {
unlink($outgoing_dir . $message);
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Posted: " . $message . ": " . $response, FILE_APPEND);
} else {
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Failed to POST: " . $message . ": " . $response, FILE_APPEND);
continue;
}
}
fputs($ns, "POST\r\n");
$response = line_read($ns);
if (strcmp(substr($response,0,3),"340") != 0) {
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Unexpected response to POST command: ".$response, FILE_APPEND);
return $response;
}
$message_fp = fopen($outgoing_dir.$message, "rb");
while (($msgline = fgets($message_fp, 4096)) !== false) {
fputs($ns, $msgline);
}
fputs($ns, ".\r\n");
fclose($message_fp);
$response = line_read($ns);
if (strcmp(substr($response,0,3),"240") == 0) {
unlink($outgoing_dir.$message);
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Posted: ".$message.": ".$response, FILE_APPEND);
} else {
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Failed to POST: ".$message.": ".$response, FILE_APPEND);
continue;
}
}
return "Messages sent\r\n";
return "Messages sent\r\n";
}
?>

37
Rocksolid_Light/rslight/scripts/setup.inc.php
View File

@ -1,12 +1,13 @@
<html>
<head>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<META HTTP-EQUIV="Content-type" CONTENT="text/html; charset=<?=$www_charset?>">
<META HTTP-EQUIV="Content-type"
CONTENT="text/html; charset=<?=$www_charset?>">
<?php
if (file_exists('../common/mods/style.css')) {
echo '<link rel="stylesheet" type="text/css" href="../common/mods/style.css">';
echo '<link rel="stylesheet" type="text/css" href="../common/mods/style.css">';
} else {
echo '<link rel="stylesheet" type="text/css" href="../common/style.css">';
echo '<link rel="stylesheet" type="text/css" href="../common/style.css">';
}
?>
</head>
@ -14,30 +15,30 @@ if (file_exists('../common/mods/style.css')) {
<?php
include "config.inc.php";
include $config_dir.'/admin.inc.php';
include $config_dir . '/admin.inc.php';
$configdata = include($config_dir.'/scripts/setuphelper.php');
$configfile=$config_dir.'rslight.inc.php';
$configdata = include ($config_dir . '/scripts/setuphelper.php');
$configfile = $config_dir . 'rslight.inc.php';
echo 'Main Configuration';
echo '<table width=100% border="1" align="center" cellpadding="0" cellspacing="1">';
echo '<form name="config" method="post" action="setup.php">';
$pass = 'pass';
foreach($CONFIG as $key=>$item) {
if($key == 'configure') {
continue;
}
$guide=$configdata[$key];
echo '<tr><td>'.$guide.':&nbsp;&nbsp;</td><td>';
if(strpos($key, $pass)) {
echo '<input name="'.$key.'" type="password" id="'.$key.'" value="'.htmlspecialchars($item).'" size="50"><br />';
} else {
echo '<input name="'.$key.'" type="text" id="'.$key.'" value="'.htmlspecialchars($item).'" size="50"><br />';
foreach ($CONFIG as $key => $item) {
if ($key == 'configure') {
continue;
}
echo '</td></tr>';
$guide = $configdata[$key];
echo '<tr><td>' . $guide . ':&nbsp;&nbsp;</td><td>';
if (strpos($key, $pass)) {
echo '<input name="' . $key . '" type="password" id="' . $key . '" value="' . htmlspecialchars($item) . '" size="50"><br />';
} else {
echo '<input name="' . $key . '" type="text" id="' . $key . '" value="' . htmlspecialchars($item) . '" size="50"><br />';
}
echo '</td></tr>';
}
echo '</table>';
echo '<input type="hidden" name="configkey" value="'.$admin['key'].'">';
echo '<input type="hidden" name="configkey" value="' . $admin['key'] . '">';
echo '<input type="submit" name="configure" value="Save Configuration">';
echo '</form>';
?>

877
Rocksolid_Light/rslight/scripts/spoolnews.php
View File

@ -1,75 +1,75 @@
<?php
/* spoolnews NNTP news spool creator
* Download: https://news.novabbs.com/getrslight
/*
* spoolnews NNTP news spool creator
* Download: https://news.novabbs.com/getrslight
*
* E-Mail: retroguy@novabbs.com
* Web: https://news.novabbs.com
* E-Mail: retroguy@novabbs.com
* Web: https://news.novabbs.com
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
include "config.inc.php";
include ("$file_newsportal");
include $config_dir.'/gpg.conf';
include $config_dir . '/gpg.conf';
if ($CONFIG['remote_server'] != '') {
$remote_groupfile=$spooldir."/".$config_name."/".$CONFIG['remote_server'].":".$CONFIG['remote_port'].".txt";
$remote_groupfile = $spooldir . "/" . $config_name . "/" . $CONFIG['remote_server'] . ":" . $CONFIG['remote_port'] . ".txt";
}
$file_groups=$config_path."groups.txt";
$local_groupfile=$spooldir."/".$config_name."/local_groups.txt";
$logfile=$logdir.'/spoolnews.log';
$file_groups = $config_path . "groups.txt";
$local_groupfile = $spooldir . "/" . $config_name . "/local_groups.txt";
$logfile = $logdir . '/spoolnews.log';
# END MAIN CONFIGURATION
@mkdir($spooldir."/".$config_name,0755,'recursive');
@mkdir($spooldir . "/" . $config_name, 0755, 'recursive');
if(!isset($maxarticles_per_run)) {
$maxarticles_per_run = 100;
if (! isset($maxarticles_per_run)) {
$maxarticles_per_run = 100;
}
if(!isset($maxfirstrequest)) {
$maxfirstrequest = 100;
if (! isset($maxfirstrequest)) {
$maxfirstrequest = 100;
}
if(!isset($CONFIG['enable_nntp']) || $CONFIG['enable_nntp'] != true) {
$maxfirstrequest = $maxarticles;
$maxarticles_per_run = $maxfetch;
if (! isset($CONFIG['enable_nntp']) || $CONFIG['enable_nntp'] != true) {
$maxfirstrequest = $maxarticles;
$maxarticles_per_run = $maxfetch;
}
$workpath=$spooldir."/";
$path=$workpath."articles/";
$workpath = $spooldir . "/";
$path = $workpath . "articles/";
$lockfile = $lockdir . '/'.$config_name.'-spoolnews.lock';
$lockfile = $lockdir . '/' . $config_name . '-spoolnews.lock';
$pid = file_get_contents($lockfile);
if (posix_getsid($pid) === false || !is_file($lockfile)) {
print "Starting Spoolnews...\n";
file_put_contents($lockfile, getmypid()); // create lockfile
if (posix_getsid($pid) === false || ! is_file($lockfile)) {
print "Starting Spoolnews...\n";
file_put_contents($lockfile, getmypid()); // create lockfile
} else {
print "Spoolnews currently running\n";
exit;
print "Spoolnews currently running\n";
exit();
}
$sem = $spooldir."/".$config_name.".reload";
if(is_file($sem)) {
unlink($remote_groupfile);
unlink($sem);
$maxfirstrequest = 20;
$sem = $spooldir . "/" . $config_name . ".reload";
if (is_file($sem)) {
unlink($remote_groupfile);
unlink($sem);
$maxfirstrequest = 20;
}
if(filemtime($spooldir.'/'.$config_name.'-thread-timer')+600 < time()) {
$timer=true;
touch($spooldir.'/'.$config_name.'-thread-timer');
if (filemtime($spooldir . '/' . $config_name . '-thread-timer') + 600 < time()) {
$timer = true;
touch($spooldir . '/' . $config_name . '-thread-timer');
} else {
$timer=false;
$timer = false;
}
# Check for groups file, create if necessary
// only do remote server groups if necessary
@ -78,411 +78,434 @@ if ($CONFIG['remote_server'] != '') {
}
create_spool_groups($file_groups, $local_groupfile);
# Iterate through groups
$enable_rslight=0;
# Iterate through groups
$enable_rslight = 0;
# Refresh group list
$menulist = file($config_dir."menu.conf", FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
foreach($menulist as $menu) {
if(($menu[0] == '#') || (trim($menu) == "")) {
continue;
}
$menuitem = explode(':', $menu);
if(($menuitem[0] == $config_name) && ($menuitem[1] == '1')) {
groups_read($server,$port,1,true); // 'true' forces a refresh of the group list
$enable_rslight = 1;
echo "\nLoaded groups";
}
}
# Clean outgoing directory for LOCAL sections
if($CONFIG['remote_server'] == '') {
$outgoing_dir = $spooldir."/".$config_name."/outgoing/";
$files = scandir($outgoing_dir);
foreach($files as $file) {
$file_name = $outgoing_dir.$file;
if(is_file($file_name) && (filemtime($file_name) < (time()-3600))) {
unlink($file_name);
}
}
}
if ($CONFIG['remote_server'] != '')
{
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." remote_server: ".$CONFIG['remote_server'], FILE_APPEND);
$ns=nntp2_open($CONFIG['remote_server'], $CONFIG['remote_port']);
$ns2=nntp_open();
if(!$ns) {
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Failed to connect to ".$CONFIG['remote_server'].":".$CONFIG['remote_port'], FILE_APPEND);
exit();
}
$grouplist = file($config_dir.'/'.$config_name.'/groups.txt', FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
foreach($grouplist as $findgroup) {
if($findgroup[0] == ":") {
$menulist = file($config_dir . "menu.conf", FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
foreach ($menulist as $menu) {
if (($menu[0] == '#') || (trim($menu) == "")) {
continue;
}
$name = preg_split("/( |\t)/", $findgroup, 2);
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Retrieving articles for: ".$name[0]."...", FILE_APPEND);
echo "\nRetrieving articles for: ".$name[0]."...";
get_articles($ns, $name[0]);
if($enable_rslight == 1) {
if($timer) {
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Updating threads for: ".$name[0]."...", FILE_APPEND);
thread_load_newsserver($ns2,$name[0],0);
}
$menuitem = explode(':', $menu);
if (($menuitem[0] == $config_name) && ($menuitem[1] == '1')) {
groups_read($server, $port, 1, true); // 'true' forces a refresh of the group list
$enable_rslight = 1;
echo "\nLoaded groups";
}
}
nntp_close($ns2);
nntp_close($ns);
}
#expire_overview();
# Clean outgoing directory for LOCAL sections
if ($CONFIG['remote_server'] == '') {
$outgoing_dir = $spooldir . "/" . $config_name . "/outgoing/";
$files = scandir($outgoing_dir);
foreach ($files as $file) {
$file_name = $outgoing_dir . $file;
if (is_file($file_name) && (filemtime($file_name) < (time() - 3600))) {
unlink($file_name);
}
}
}
if ($CONFIG['remote_server'] != '') {
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " remote_server: " . $CONFIG['remote_server'], FILE_APPEND);
$ns = nntp2_open($CONFIG['remote_server'], $CONFIG['remote_port']);
$ns2 = nntp_open();
if (! $ns) {
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Failed to connect to " . $CONFIG['remote_server'] . ":" . $CONFIG['remote_port'], FILE_APPEND);
exit();
}
$grouplist = file($config_dir . '/' . $config_name . '/groups.txt', FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
foreach ($grouplist as $findgroup) {
if ($findgroup[0] == ":") {
continue;
}
$name = preg_split("/( |\t)/", $findgroup, 2);
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Retrieving articles for: " . $name[0] . "...", FILE_APPEND);
echo "\nRetrieving articles for: " . $name[0] . "...";
get_articles($ns, $name[0]);
if ($enable_rslight == 1) {
if ($timer) {
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Updating threads for: " . $name[0] . "...", FILE_APPEND);
thread_load_newsserver($ns2, $name[0], 0);
}
}
}
nntp_close($ns2);
nntp_close($ns);
}
# expire_overview();
unlink($lockfile);
echo "\nSpoolnews Done\n";
function get_articles($ns, $group) {
global $enable_rslight, $rslight_gpg, $spooldir, $CONFIG, $user_ban_file, $maxarticles_per_run, $maxfirstrequest, $workpath, $path, $remote_groupfile, $local_groupfile, $local, $logdir, $config_name, $logfile;
function get_articles($ns, $group)
{
global $enable_rslight, $rslight_gpg, $spooldir, $CONFIG, $user_ban_file, $maxarticles_per_run, $maxfirstrequest, $workpath, $path, $remote_groupfile, $local_groupfile, $local, $logdir, $config_name, $logfile;
if($ns == false) {
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Lost connection to ".$CONFIG['remote_server'].":".$CONFIG['remote_port'], FILE_APPEND);
exit();
}
$grouppath = $path.preg_replace('/\./', '/', $group);
$banned_names = file($user_ban_file, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
$nocem_check="@@NCM";
$bbsmail_check="@@RSL";
# Check if group exists. Open it if it does
fputs($ns, "group ".$group."\r\n");
$response = line_read($ns);
if (strcmp(substr($response,0,3),"211") != 0) {
echo "\n".$response;
return(1);
}
# Get config
$grouplist = file($remote_groupfile, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
foreach($grouplist as $findgroup) {
$name = explode(':', $findgroup);
if (strcmp($name[0], $group) == 0) {
if (is_numeric(trim($name[1]))) {
$article = $name[1] + 1;
} else {
$article = 1;
}
break;
}
}
if(isset($CONFIG['enable_nntp']) && $CONFIG['enable_nntp'] == true) {
// Get list of article numbers to find what number is next
$ok_article = get_article_list($group);
sort($ok_article);
$local = $ok_article[key(array_slice($ok_article, -1, 1, true))];
if(!is_numeric($local)) {
$local = 0;
}
$local = $local + 1;
if($local < 1) {
$local = 1;
}
while(is_deleted_post($group, $local)) {
$local++;
}
}
# Split group response line to get last article number
$detail = explode(" ", $response);
if (!isset($article)) {
$article = $detail[2];
}
if($article < $detail[3] - $maxfirstrequest) {
$article = $detail[3] - $maxfirstrequest;
}
if($article < $detail[2]) {
$article = $detail[2];
}
// Articles Database
if($CONFIG['article_database'] == '1') {
$article_dbh = article_db_open($spooldir.'/'.$group.'-articles.db3');
$article_sql = 'INSERT OR IGNORE INTO articles(newsgroup, number, msgid, date, name, subject, article, search_snippet) VALUES(?,?,?,?,?,?,?,?)';
$article_stmt = $article_dbh->prepare($article_sql);
}
// Create list of message-ids
$database = $spooldir.'/articles-overview.db3';
$table = 'overview';
$dbh = overview_db_open($database, $table);
$stmt = $dbh->prepare("SELECT * FROM $table WHERE newsgroup=:newsgroup");
$stmt->bindParam(':newsgroup', $nntp_group);
$stmt->execute();
while($row = $stmt->fetch()) {
$msgids[$row['msgid']] = true;
break;
}
$dbh = null;
// Overview database
$database = $spooldir.'/articles-overview.db3';
$table = 'overview';
$dbh = overview_db_open($database, $table);
$sql = 'INSERT OR IGNORE INTO overview(newsgroup, number, msgid, date, datestring, name, subject, refs, bytes, lines, xref) VALUES(?,?,?,?,?,?,?,?,?,?,?)';
$stmt = $dbh->prepare($sql);
// Get overview from server
$server_overview = array();
$re = false;
if(($detail[3] - $article) > $maxarticles_per_run) {
$getlast = $article + $maxarticles_per_run;
} else {
$getlast = $detail[3];
}
fputs($ns, "xover ".$article."-".$getlast."\r\n");
$response=line_read($ns); // and once more
if ((substr($response,0,3) != "224")) {
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Cannot get overview from ".$CONFIG['remote_server']." for ".$group, FILE_APPEND);
return false;
}
while(trim($response = line_read($ns)) !== '.') {
$ov = preg_split("/\t/", $response);
$server_msgids[$ov[0]] = $ov[4];
}
# Pull articles and save them in our spool
@mkdir($grouppath,0755,'recursive');
$i=0;
while ($article <= $detail[3]) {
if(!is_numeric($article)) {
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." DEBUG This should show server group:article number: ".$CONFIG['remote_server']." ".$group.":".$article, FILE_APPEND);
break;;
}
if($CONFIG['enable_nntp'] != true){
$local = $article;
}
if($msgids[$server_msgids[$article]] == true) {
echo "\nDuplicate Message-ID for: ".$group.":".$article;
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Duplicate Message-ID for: ".$group.":".$article, FILE_APPEND);
$article++;
continue;
}
fputs($ns, "article ".$article."\r\n");
$response = line_read($ns);
if (strcmp(substr($response,0,3),"220") != 0) {
echo "\n".$response;
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Unexpected response to ARTICLE command: ".$response, FILE_APPEND);
$article++;
continue;
}
$articleHandle = $grouppath."/".$local;
$response = line_read($ns);
$lines=0;
$bytes=0;
$ref=0;
$banned=0;
$is_header=1;
$body="";
while(strcmp($response,".") != 0)
{
$bytes = $bytes + mb_strlen($response, '8bit');
if(trim($response) == "" || $lines > 0) {
$is_header=0;
$lines++;
}
if($is_header == 1) {
$response = str_replace("\t", " ", $response);
// Find article date
if(stripos($response, "Date: ") === 0) {
$finddate=explode(': ', $response, 2);
$article_date = strtotime($finddate[1]);
}
// Get overview data
if(stripos($response, "Message-ID: ") === 0) {
$mid=explode(': ', $response, 2);
$ref=0;
}
if(stripos($response, "From: ") === 0) {
$from=explode(': ', $response, 2);
if(isset($CONFIG['enable_nntp']) && $CONFIG['enable_nntp'] == true) {
foreach($banned_names as $banned_name) {
if(stripos($from[1], $banned_name) !== false) {
$banned = 1;
}
}
}
$ref=0;
}
if(stripos($response, "Subject: ") === 0) {
$subject=explode('Subject: ', $response, 2);
$ref=0;
}
if(stripos($response, "Newsgroups: ") === 0) {
$response=str_ireplace($group,$group,$response);
$ref=0;
}
if(stripos($response, "Xref: ") === 0) {
if(isset($CONFIG['enable_nntp']) && $CONFIG['enable_nntp'] == true) {
$response="Xref: ".$CONFIG['pathhost']." ".$group.":".$local;
}
$xref=$response;
$ref=0;
}
if(stripos($response, "Content-Type: ") === 0) {
preg_match('/.*charset=.*/', $response, $te);
$content_type = explode("Content-Type: text/plain; charset=", $te[0]);
}
if(stripos($response, "References: ") === 0) {
$this_references=explode('References: ', $response);
$references = $this_references[1];
$ref=1;
}
if((stripos($response, ':') === false) && (strpos($response, '>'))) {
if($ref == 1) {
$references=$references.$response;
}
}
} else {
$body.=$response."\n";
}
file_put_contents($articleHandle, $response."\n", FILE_APPEND);
// Check here for broken $ns connection before continuing
$response=fgets($ns,1200);
if($response == false) {
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Lost connection to ".$CONFIG['remote_server'].":".$CONFIG['remote_port']." retrieving article ".$article, FILE_APPEND);
unlink($grouppath."/".$local);
break;
// continue;
}
$response=str_replace("\n","",str_replace("\r","",$response));
}
file_put_contents($articleHandle, $response."\n", FILE_APPEND);
$lines=$lines-1;
$bytes = $bytes + ($lines * 2);
// Don't spool article if $banned=1
if($banned == 1) {
unlink($grouppath."/".$local);
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Skipping: ".$CONFIG['remote_server']." ".$group.":".$article." user: ".$from[1]." is banned", FILE_APPEND);
$article++;
} else {
if((strpos($CONFIG['nocem_groups'], $group) !== false) && ($CONFIG['enable_nocem'] == true)) {
if(strpos($subject[1], $nocem_check) !== false) {
$nocem_file = tempnam($spooldir."/nocem", "nocem-".$group."-");
copy($grouppath."/".$local, $nocem_file);
}
}
if((strpos($rslight_gpg['nntp_group'], $group) !== false) && ($rslight_gpg['enable'] == '1')) {
if(strpos($subject[1], $bbsmail_check) !== false) {
$bbsmail_file = preg_replace('/@@RSL /', '', $subject[1]);
$bbsmail_filename = $spooldir."/bbsmail/in/bbsmail-".$bbsmail_file;
copy($grouppath."/".$local, $bbsmail_filename);
}
}
// Overview
$stmt->execute([$group, $local, $mid[1], $article_date, $finddate[1], $from[1], $subject[1], $references, $bytes, $lines, $xref]);
$references="";
if($CONFIG['article_database'] == '1') {
$this_article = file_get_contents($grouppath."/".$local);
// CREATE SEARCH SNIPPET
$this_snippet = get_search_snippet($body, $content_type[1]);
$article_stmt->execute([$group, $local, $mid[1], $article_date, $from[1], $subject[1], $this_article, $this_snippet]);
unlink($grouppath."/".$local);
} else {
if($article_date > time())
$article_date = time();
touch($grouppath."/".$local, $article_date);
}
echo "\nRetrieved: ".$group." ".$article;
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Wrote to spool: ".$CONFIG['remote_server']." ".$group.":".$article, FILE_APPEND);
$i++;
$article++;
$local++;
if($i > $maxarticles_per_run) {
break;
}
if ($ns == false) {
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Lost connection to " . $CONFIG['remote_server'] . ":" . $CONFIG['remote_port'], FILE_APPEND);
exit();
}
}
$article--;
// $local--;
// Update title
if(!is_file($workpath.$group."-title")) {
fputs($ns, "XGTITLE ".$group."\r\n");
$response = line_read($ns);
if (strcmp(substr($response,0,3),"282") == 0) {
$titlefile = $workpath.$group."-title";
$response = line_read($ns);
while(strcmp($response,".") != 0)
{
file_put_contents($titlefile, $response);
$response = line_read($ns);
}
}
}
# Save config
$grouplist = file($remote_groupfile, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
$saveconfig = fopen($remote_groupfile, 'w+');
foreach($grouplist as $savegroup) {
$name = explode(':', $savegroup);
if (strcmp($name[0], $group) == 0) {
fputs($saveconfig, $group.":".$article."\n");
} else {
fputs($saveconfig, $savegroup."\n");
}
}
fclose($saveconfig);
$grouplist = file($local_groupfile, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
$saveconfig = fopen($local_groupfile, 'w+');
foreach($grouplist as $savegroup) {
$name = explode(':', $savegroup);
if (strcmp($name[0], $group) == 0) {
fputs($saveconfig, $group.":".$local."\n");
} else {
fputs($saveconfig, $savegroup."\n");
}
}
fclose($saveconfig);
if($CONFIG['article_database'] == '1') {
$article_dbh = null;
}
$dbh = null;
}
function create_spool_groups($in_groups, $out_groups) {
$grouplist = file($in_groups, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
$groupout = fopen($out_groups, "a+");
foreach($grouplist as $group) {
if($group[0] == ":") {
continue;
$grouppath = $path . preg_replace('/\./', '/', $group);
$banned_names = file($user_ban_file, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
$nocem_check = "@@NCM";
$bbsmail_check = "@@RSL";
# Check if group exists. Open it if it does
fputs($ns, "group " . $group . "\r\n");
$response = line_read($ns);
if (strcmp(substr($response, 0, 3), "211") != 0) {
echo "\n" . $response;
return (1);
}
$thisgroup = preg_split("/( |\t)/", $group, 2);
fseek($groupout, 0);
$found=0;
while (($buffer = fgets($groupout)) !== false) {
if (stripos($buffer, $thisgroup[0]) !== false) {
$found = 1;
# Get config
$grouplist = file($remote_groupfile, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
foreach ($grouplist as $findgroup) {
$name = explode(':', $findgroup);
if (strcmp($name[0], $group) == 0) {
if (is_numeric(trim($name[1]))) {
$article = $name[1] + 1;
} else {
$article = 1;
}
break;
}
}
if (isset($CONFIG['enable_nntp']) && $CONFIG['enable_nntp'] == true) {
// Get list of article numbers to find what number is next
$ok_article = get_article_list($group);
sort($ok_article);
$local = $ok_article[key(array_slice($ok_article, - 1, 1, true))];
if (! is_numeric($local)) {
$local = 0;
}
$local = $local + 1;
if ($local < 1) {
$local = 1;
}
while (is_deleted_post($group, $local)) {
$local ++;
}
}
# Split group response line to get last article number
$detail = explode(" ", $response);
if (! isset($article)) {
$article = $detail[2];
}
if ($article < $detail[3] - $maxfirstrequest) {
$article = $detail[3] - $maxfirstrequest;
}
if ($article < $detail[2]) {
$article = $detail[2];
}
// Articles Database
if ($CONFIG['article_database'] == '1') {
$article_dbh = article_db_open($spooldir . '/' . $group . '-articles.db3');
$article_sql = 'INSERT OR IGNORE INTO articles(newsgroup, number, msgid, date, name, subject, article, search_snippet) VALUES(?,?,?,?,?,?,?,?)';
$article_stmt = $article_dbh->prepare($article_sql);
}
// Create list of message-ids
$database = $spooldir . '/articles-overview.db3';
$table = 'overview';
$dbh = overview_db_open($database, $table);
$stmt = $dbh->prepare("SELECT * FROM $table WHERE newsgroup=:newsgroup");
$stmt->bindParam(':newsgroup', $nntp_group);
$stmt->execute();
while ($row = $stmt->fetch()) {
$msgids[$row['msgid']] = true;
break;
}
}
if($found == 0) {
fwrite($groupout, $thisgroup[0]."\r\n");
continue;
$dbh = null;
// Overview database
$database = $spooldir . '/articles-overview.db3';
$table = 'overview';
$dbh = overview_db_open($database, $table);
$sql = 'INSERT OR IGNORE INTO overview(newsgroup, number, msgid, date, datestring, name, subject, refs, bytes, lines, xref) VALUES(?,?,?,?,?,?,?,?,?,?,?)';
$stmt = $dbh->prepare($sql);
// Get overview from server
$server_overview = array();
$re = false;
if (($detail[3] - $article) > $maxarticles_per_run) {
$getlast = $article + $maxarticles_per_run;
} else {
$getlast = $detail[3];
}
}
fclose($groupout);
return;
fputs($ns, "xover " . $article . "-" . $getlast . "\r\n");
$response = line_read($ns); // and once more
if ((substr($response, 0, 3) != "224")) {
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Cannot get overview from " . $CONFIG['remote_server'] . " for " . $group, FILE_APPEND);
return false;
}
while (trim($response = line_read($ns)) !== '.') {
$ov = preg_split("/\t/", $response);
$server_msgids[$ov[0]] = $ov[4];
}
# Pull articles and save them in our spool
@mkdir($grouppath, 0755, 'recursive');
$i = 0;
while ($article <= $detail[3]) {
if (! is_numeric($article)) {
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " DEBUG This should show server group:article number: " . $CONFIG['remote_server'] . " " . $group . ":" . $article, FILE_APPEND);
break;
;
}
if ($CONFIG['enable_nntp'] != true) {
$local = $article;
}
if ($msgids[$server_msgids[$article]] == true) {
echo "\nDuplicate Message-ID for: " . $group . ":" . $article;
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Duplicate Message-ID for: " . $group . ":" . $article, FILE_APPEND);
$article ++;
continue;
}
fputs($ns, "article " . $article . "\r\n");
$response = line_read($ns);
if (strcmp(substr($response, 0, 3), "220") != 0) {
echo "\n" . $response;
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Unexpected response to ARTICLE command: " . $response, FILE_APPEND);
$article ++;
continue;
}
$articleHandle = $grouppath . "/" . $local;
$response = line_read($ns);
$lines = 0;
$bytes = 0;
$ref = 0;
$banned = 0;
$is_header = 1;
$body = "";
while (strcmp($response, ".") != 0) {
$bytes = $bytes + mb_strlen($response, '8bit');
if (trim($response) == "" || $lines > 0) {
$is_header = 0;
$lines ++;
}
if ($is_header == 1) {
$response = str_replace("\t", " ", $response);
// Find article date
if (stripos($response, "Date: ") === 0) {
$finddate = explode(': ', $response, 2);
$article_date = strtotime($finddate[1]);
}
// Get overview data
if (stripos($response, "Message-ID: ") === 0) {
$mid = explode(': ', $response, 2);
$ref = 0;
}
if (stripos($response, "From: ") === 0) {
$from = explode(': ', $response, 2);
if (isset($CONFIG['enable_nntp']) && $CONFIG['enable_nntp'] == true) {
foreach ($banned_names as $banned_name) {
if (stripos($from[1], $banned_name) !== false) {
$banned = 1;
}
}
}
$ref = 0;
}
if (stripos($response, "Subject: ") === 0) {
$subject = explode('Subject: ', $response, 2);
$ref = 0;
}
if (stripos($response, "Newsgroups: ") === 0) {
$response = str_ireplace($group, $group, $response);
$ref = 0;
}
if (stripos($response, "Xref: ") === 0) {
if (isset($CONFIG['enable_nntp']) && $CONFIG['enable_nntp'] == true) {
$response = "Xref: " . $CONFIG['pathhost'] . " " . $group . ":" . $local;
}
$xref = $response;
$ref = 0;
}
if (stripos($response, "Content-Type: ") === 0) {
preg_match('/.*charset=.*/', $response, $te);
$content_type = explode("Content-Type: text/plain; charset=", $te[0]);
}
if (stripos($response, "References: ") === 0) {
$this_references = explode('References: ', $response);
$references = $this_references[1];
$ref = 1;
}
if ((stripos($response, ':') === false) && (strpos($response, '>'))) {
if ($ref == 1) {
$references = $references . $response;
}
}
} else {
$body .= $response . "\n";
}
file_put_contents($articleHandle, $response . "\n", FILE_APPEND);
// Check here for broken $ns connection before continuing
$response = fgets($ns, 1200);
if ($response == false) {
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Lost connection to " . $CONFIG['remote_server'] . ":" . $CONFIG['remote_port'] . " retrieving article " . $article, FILE_APPEND);
unlink($grouppath . "/" . $local);
break;
// continue;
}
$response = str_replace("\n", "", str_replace("\r", "", $response));
}
file_put_contents($articleHandle, $response . "\n", FILE_APPEND);
$lines = $lines - 1;
$bytes = $bytes + ($lines * 2);
// Don't spool article if $banned=1
if ($banned == 1) {
unlink($grouppath . "/" . $local);
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Skipping: " . $CONFIG['remote_server'] . " " . $group . ":" . $article . " user: " . $from[1] . " is banned", FILE_APPEND);
$article ++;
} else {
if ((strpos($CONFIG['nocem_groups'], $group) !== false) && ($CONFIG['enable_nocem'] == true)) {
if (strpos($subject[1], $nocem_check) !== false) {
$nocem_file = tempnam($spooldir . "/nocem", "nocem-" . $group . "-");
copy($grouppath . "/" . $local, $nocem_file);
}
}
if ((strpos($rslight_gpg['nntp_group'], $group) !== false) && ($rslight_gpg['enable'] == '1')) {
if (strpos($subject[1], $bbsmail_check) !== false) {
$bbsmail_file = preg_replace('/@@RSL /', '', $subject[1]);
$bbsmail_filename = $spooldir . "/bbsmail/in/bbsmail-" . $bbsmail_file;
copy($grouppath . "/" . $local, $bbsmail_filename);
}
}
// Overview
$stmt->execute([
$group,
$local,
$mid[1],
$article_date,
$finddate[1],
$from[1],
$subject[1],
$references,
$bytes,
$lines,
$xref
]);
$references = "";
if ($CONFIG['article_database'] == '1') {
$this_article = file_get_contents($grouppath . "/" . $local);
// CREATE SEARCH SNIPPET
$this_snippet = get_search_snippet($body, $content_type[1]);
$article_stmt->execute([
$group,
$local,
$mid[1],
$article_date,
$from[1],
$subject[1],
$this_article,
$this_snippet
]);
unlink($grouppath . "/" . $local);
} else {
if ($article_date > time())
$article_date = time();
touch($grouppath . "/" . $local, $article_date);
}
echo "\nRetrieved: " . $group . " " . $article;
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Wrote to spool: " . $CONFIG['remote_server'] . " " . $group . ":" . $article, FILE_APPEND);
$i ++;
$article ++;
$local ++;
if ($i > $maxarticles_per_run) {
break;
}
}
}
$article --;
// $local--;
// Update title
if (! is_file($workpath . $group . "-title")) {
fputs($ns, "XGTITLE " . $group . "\r\n");
$response = line_read($ns);
if (strcmp(substr($response, 0, 3), "282") == 0) {
$titlefile = $workpath . $group . "-title";
$response = line_read($ns);
while (strcmp($response, ".") != 0) {
file_put_contents($titlefile, $response);
$response = line_read($ns);
}
}
}
# Save config
$grouplist = file($remote_groupfile, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
$saveconfig = fopen($remote_groupfile, 'w+');
foreach ($grouplist as $savegroup) {
$name = explode(':', $savegroup);
if (strcmp($name[0], $group) == 0) {
fputs($saveconfig, $group . ":" . $article . "\n");
} else {
fputs($saveconfig, $savegroup . "\n");
}
}
fclose($saveconfig);
$grouplist = file($local_groupfile, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
$saveconfig = fopen($local_groupfile, 'w+');
foreach ($grouplist as $savegroup) {
$name = explode(':', $savegroup);
if (strcmp($name[0], $group) == 0) {
fputs($saveconfig, $group . ":" . $local . "\n");
} else {
fputs($saveconfig, $savegroup . "\n");
}
}
fclose($saveconfig);
if ($CONFIG['article_database'] == '1') {
$article_dbh = null;
}
$dbh = null;
}
function get_article_list($thisgroup) {
function create_spool_groups($in_groups, $out_groups)
{
$grouplist = file($in_groups, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
$groupout = fopen($out_groups, "a+");
foreach ($grouplist as $group) {
if ($group[0] == ":") {
continue;
}
$thisgroup = preg_split("/( |\t)/", $group, 2);
fseek($groupout, 0);
$found = 0;
while (($buffer = fgets($groupout)) !== false) {
if (stripos($buffer, $thisgroup[0]) !== false) {
$found = 1;
break;
}
}
if ($found == 0) {
fwrite($groupout, $thisgroup[0] . "\r\n");
continue;
}
}
fclose($groupout);
return;
}
function get_article_list($thisgroup)
{
global $spooldir;
$database = $spooldir."/articles-overview.db3";
$database = $spooldir . "/articles-overview.db3";
$table = 'overview';
$dbh = overview_db_open($database, $table);
$stmt = $dbh->prepare("SELECT * FROM $table WHERE newsgroup=:thisgroup ORDER BY number");
$stmt->execute(['thisgroup' => $thisgroup]);
$ok_article=array();
while($found = $stmt->fetch()) {
$stmt->execute([
'thisgroup' => $thisgroup
]);
$ok_article = array();
while ($found = $stmt->fetch()) {
$ok_article[] = $found['number'];
}
$dbh = null;
return(array_unique($ok_article));
return (array_unique($ok_article));
}
?>

204
Rocksolid_Light/spoolnews/files.php
View File

@ -1,134 +1,134 @@
<?php
include "config.inc.php";
include "newsportal.php";
$logfile=$logdir.'/files.log';
$logfile = $logdir . '/files.log';
if(isset($_COOKIE['tzo'])) {
$offset=$_COOKIE['tzo'];
} else {
$offset=$CONFIG['timezone'];
}
if (isset($_COOKIE['tzo'])) {
$offset = $_COOKIE['tzo'];
} else {
$offset = $CONFIG['timezone'];
}
if((isset($_REQUEST['command']) && $_REQUEST['command'] == 'Show') && password_verify($CONFIG['thissitekey'], $_REQUEST['key'])) {
$getfilename = $spooldir.'/upload/'.$_REQUEST['showfile'];
if ((isset($_REQUEST['command']) && $_REQUEST['command'] == 'Show') && password_verify($CONFIG['thissitekey'], $_REQUEST['key'])) {
$getfilename = $spooldir . '/upload/' . $_REQUEST['showfile'];
$getfh = fopen($getfilename, "rb");
$getfile = fread($getfh, filesize($getfilename));
fclose($getfh);
header('Content-type: '.$_REQUEST['contenttype']);
header('Content-disposition: filename="'.$_REQUEST['showfilename'].'"');
file_put_contents($logfile, "\n".format_log_date()." Requesting: ".$_REQUEST['showfile'], FILE_APPEND);
header('Content-type: ' . $_REQUEST['contenttype']);
header('Content-disposition: filename="' . $_REQUEST['showfilename'] . '"');
file_put_contents($logfile, "\n" . format_log_date() . " Requesting: " . $_REQUEST['showfile'], FILE_APPEND);
echo $getfile;
exit(0);
}
$title.=' - Browse files';
}
$title .= ' - Browse files';
include "head.inc";
echo '<h1 class="np_thread_headline">';
echo '<a href="../spoolnews/files.php" target='.$frame['menu'].'>files</a> / ';
echo htmlspecialchars($_COOKIE['mail_name']).'</h1>';
echo '<table cellpadding="0" cellspacing="0" class="np_buttonbar"><tr>';
echo '<h1 class="np_thread_headline">';
echo '<a href="../spoolnews/files.php" target=' . $frame['menu'] . '>files</a> / ';
echo htmlspecialchars($_COOKIE['mail_name']) . '</h1>';
echo '<table cellpadding="0" cellspacing="0" class="np_buttonbar"><tr>';
// Browse button
echo '<td>';
echo '<form target="'.$frame['content'].'" method="post" action="files.php">';
echo '<input name="command" type="hidden" id="command" value="Browse" readonly="readonly">';
echo '<button class="np_button_link" type="submit">Browse</button>';
echo '</form>';
echo '</td>';
echo '<td>';
echo '<form target="' . $frame['content'] . '" method="post" action="files.php">';
echo '<input name="command" type="hidden" id="command" value="Browse" readonly="readonly">';
echo '<button class="np_button_link" type="submit">Browse</button>';
echo '</form>';
echo '</td>';
// Upload button
echo '<td>';
echo '<form target="'.$frame['content'].'" method="post" action="upload.php">';
echo '<input name="command" type="hidden" id="command" value="Upload" readonly="readonly">';
echo '<button class="np_button_link" type="submit">Upload</button>';
echo '</form>';
echo '</td>';
echo '<td width=100%></td></tr></table>';
echo '<hr>';
echo '<td>';
echo '<form target="' . $frame['content'] . '" method="post" action="upload.php">';
echo '<input name="command" type="hidden" id="command" value="Upload" readonly="readonly">';
echo '<button class="np_button_link" type="submit">Upload</button>';
echo '</form>';
echo '</td>';
echo '<td width=100%></td></tr></table>';
echo '<hr>';
$directory = $spooldir.'/upload/';
$users = array();
if(is_dir($directory)) {
if($user_dir = opendir($directory)) {
while(($user_list = readdir($user_dir)) !== false) {
if($user_list == '.' || $user_list == '..') {
continue;
$directory = $spooldir . '/upload/';
$users = array();
if (is_dir($directory)) {
if ($user_dir = opendir($directory)) {
while (($user_list = readdir($user_dir)) !== false) {
if ($user_list == '.' || $user_list == '..') {
continue;
}
$users[] = $user_list;
}
$users[] = $user_list;
}
closedir($user_dir);
closedir($user_dir);
}
}
sort($users);
$found = 0;
if(count($users) > 0) {
}
sort($users);
$found = 0;
if (count($users) > 0) {
echo "<strong><small>Select a user directory to browse:</small></strong>";
echo '<form name="browse" method="post" action="files.php" enctype="multipart/form-data">';
echo '<input name="command" type="hidden" id="command" value="Browse" readonly="readonly">';
echo '<input type="hidden" name="key" value="'.password_hash($CONFIG['thissitekey'], PASSWORD_DEFAULT).'">';
echo '<select name="listbox">';
foreach($users as $user) {
$num = count(scandir($spooldir.'/upload/'.$user.'/')) - 2;
if($user == $_POST['listbox']) {
echo '<option value="'.$user.'" selected="selected">'.$user.' ('.$num.' files)</option>';
$found = 1;
} else {
echo '<option value="'.$user.'">'.$user.' ('.$num.' files)</option>';
}
echo '<input type="hidden" name="key" value="' . password_hash($CONFIG['thissitekey'], PASSWORD_DEFAULT) . '">';
echo '<select name="listbox">';
foreach ($users as $user) {
$num = count(scandir($spooldir . '/upload/' . $user . '/')) - 2;
if ($user == $_POST['listbox']) {
echo '<option value="' . $user . '" selected="selected">' . $user . ' (' . $num . ' files)</option>';
$found = 1;
} else {
echo '<option value="' . $user . '">' . $user . ' (' . $num . ' files)</option>';
}
}
echo '</select>';
echo '<input type="submit" name="Submit" value="Browse">';
echo '</form>';
}
}
if($found == 1 && password_verify($CONFIG['thissitekey'], $_REQUEST['key'])) {
if ($found == 1 && password_verify($CONFIG['thissitekey'], $_REQUEST['key'])) {
display_user_files($_POST['listbox'], $offset);
}
}
function display_user_files($user, $offset) {
global $CONFIG, $spooldir, $text_header;
$directory = $spooldir.'/upload/'.$user.'/';
if(is_dir($directory)) {
$files = scandir($directory);
}
natcasesort($files);
echo '<table cellspacing="0" class="np_thread_table">';
echo '<tr class="np_thread_head"><td class="np_thread_head">Filename</td><td>File Type</td><td>Date</td></tr>';
$i=0;
foreach($files as $file) {
if($file == '.' || $file == '..') {
continue;
function display_user_files($user, $offset)
{
global $CONFIG, $spooldir, $text_header;
$directory = $spooldir . '/upload/' . $user . '/';
if (is_dir($directory)) {
$files = scandir($directory);
}
$lineclass="np_thread_line".(($i%2)+1);
$thisfile = $spooldir.'/upload/'.$user.'/'.$file;
// Use local timezone if possible
$ts = new DateTime(date("D, j M Y H:i T", filectime($thisfile)), new DateTimeZone('UTC'));
$ts->add(DateInterval::createFromDateString($offset.' minutes'));
if($offset != 0) {
$newdate = $ts->format('j M Y');
} else {
$newdate = $ts->format('j M Y T');
natcasesort($files);
echo '<table cellspacing="0" class="np_thread_table">';
echo '<tr class="np_thread_head"><td class="np_thread_head">Filename</td><td>File Type</td><td>Date</td></tr>';
$i = 0;
foreach ($files as $file) {
if ($file == '.' || $file == '..') {
continue;
}
$lineclass = "np_thread_line" . (($i % 2) + 1);
$thisfile = $spooldir . '/upload/' . $user . '/' . $file;
// Use local timezone if possible
$ts = new DateTime(date("D, j M Y H:i T", filectime($thisfile)), new DateTimeZone('UTC'));
$ts->add(DateInterval::createFromDateString($offset . ' minutes'));
if ($offset != 0) {
$newdate = $ts->format('j M Y');
} else {
$newdate = $ts->format('j M Y T');
}
unset($ts);
echo '<tr class="' . $lineclass . '">';
$mime = mime_content_type($thisfile);
// Link
echo '<td class="' . $lineclass . '">';
echo '<form action="files.php" method="post" target="rslight_view">';
echo '<button class="np_filename_button_link" type="submit">' . $file . '</button>';
echo '<input type="hidden" name="showfile" value="' . $user . '/' . $file . '"/>';
echo '<input type="hidden" name="showfilename" value="' . $file . '"/>';
echo '<input type="hidden" name="key" value="' . password_hash($CONFIG['thissitekey'], PASSWORD_DEFAULT) . '">';
echo '<input type="hidden" name="contenttype" value="' . $mime . '">';
echo '<input name="command" type="hidden" id="command" value="Show" readonly="readonly">';
echo '</form>';
echo '</td>';
echo '<td class="' . $lineclass . '"><span class="np_thread_line_text">' . $mime . '</span></td>';
echo '<td class="' . $lineclass . '"><span class="np_thread_line_text">' . $newdate . '</span></td>';
echo '</tr>';
$i ++;
}
unset($ts);
echo '<tr class="'.$lineclass.'">';
$mime = mime_content_type($thisfile);
// Link
echo '<td class="'.$lineclass.'">';
echo '<form action="files.php" method="post" target="rslight_view">';
echo '<button class="np_filename_button_link" type="submit">'.$file.'</button>';
echo '<input type="hidden" name="showfile" value="'.$user.'/'.$file.'"/>';
echo '<input type="hidden" name="showfilename" value="'.$file.'"/>';
echo '<input type="hidden" name="key" value="'.password_hash($CONFIG['thissitekey'], PASSWORD_DEFAULT).'">';
echo '<input type="hidden" name="contenttype" value="'.$mime.'">';
echo '<input name="command" type="hidden" id="command" value="Show" readonly="readonly">';
echo '</form>';
echo '</td>';
echo '<td class="'.$lineclass.'"><span class="np_thread_line_text">'.$mime.'</span></td>';
echo '<td class="'.$lineclass.'"><span class="np_thread_line_text">'.$newdate.'</span></td>';
echo '</tr>';
$i++;
}
echo '</table>';
echo '</table>';
}
?>

886
Rocksolid_Light/spoolnews/mail.php
View File

@ -3,43 +3,43 @@ session_start();
include "config.inc.php";
include "newsportal.php";
include $config_dir."/gpg.conf";
include $config_dir . "/gpg.conf";
if(isset($_COOKIE['tzo'])) {
$offset=$_COOKIE['tzo'];
} else {
$offset=$CONFIG['timezone'];
}
if (isset($_COOKIE['tzo'])) {
$offset = $_COOKIE['tzo'];
} else {
$offset = $CONFIG['timezone'];
}
if(!isset($_POST['command'])) {
$_POST['command'] = null;
}
$logfile = $logdir.'/mail.log';
$keyfile = $spooldir.'/keys.dat';
$keys = unserialize(file_get_contents($keyfile));
if (! isset($_POST['command'])) {
$_POST['command'] = null;
}
$logfile = $logdir . '/mail.log';
$keyfile = $spooldir . '/keys.dat';
$keys = unserialize(file_get_contents($keyfile));
// How long should cookie allow user to stay logged in?
// 14400 = 4 hours
$auth_expire = 14400;
$logged_in = false;
if(!isset($_POST['username'])) {
$auth_expire = 14400;
$logged_in = false;
if (! isset($_POST['username'])) {
$_POST['username'] = $_COOKIE['mail_name'];
}
$name = $_POST['username'];
if(!isset($_POST['password'])) {
$_POST['password'] = null;
}
if(!isset($_COOKIE['mail_auth'])) {
$_COOKIE['mail_auth'] = null;
}
if((password_verify($_POST['username'].$keys[0].get_user_config($_POST['username'],'encryptionkey'), $_COOKIE['mail_auth'])) || (password_verify($_POST['username'].$keys[1].get_user_config($_POST['username'],'encryptionkey'), $_COOKIE['mail_auth']))) {
}
$name = $_POST['username'];
if (! isset($_POST['password'])) {
$_POST['password'] = null;
}
if (! isset($_COOKIE['mail_auth'])) {
$_COOKIE['mail_auth'] = null;
}
if ((password_verify($_POST['username'] . $keys[0] . get_user_config($_POST['username'], 'encryptionkey'), $_COOKIE['mail_auth'])) || (password_verify($_POST['username'] . $keys[1] . get_user_config($_POST['username'], 'encryptionkey'), $_COOKIE['mail_auth']))) {
$logged_in = true;
} else {
if(check_bbs_auth($_POST['username'], $_POST['password'])) {
$authkey = password_hash($_POST['username'].$keys[0].get_user_config($_POST['username'],'encryptionkey'), PASSWORD_DEFAULT);
?>
<script type="text/javascript">
} else {
if (check_bbs_auth($_POST['username'], $_POST['password'])) {
$authkey = password_hash($_POST['username'] . $keys[0] . get_user_config($_POST['username'], 'encryptionkey'), PASSWORD_DEFAULT);
?>
<script type="text/javascript">
if (navigator.cookieEnabled)
var authcookie = "<?php echo $authkey; ?>";
var savename = "<?php echo stripslashes($name); ?>";
@ -49,421 +49,455 @@ include $config_dir."/gpg.conf";
document.cookie = "mail_name="+savename+"; max-age="+name_expire+"; path=/";
</script>
<?php
$logged_in = true;
$logged_in = true;
}
}
$title.=' - Mail';
}
$title .= ' - Mail';
include "head.inc";
echo '<h1 class="np_thread_headline">';
echo '<a href="mail.php" target='.$frame['menu'].'>mail</a> / ';
echo htmlspecialchars($_POST['username']).'</h1>';
echo '<h1 class="np_thread_headline">';
echo '<a href="mail.php" target=' . $frame['menu'] . '>mail</a> / ';
echo htmlspecialchars($_POST['username']) . '</h1>';
echo '<table cellpadding="0" cellspacing="0" class="np_buttonbar"><tr>';
// New Message button
if($_POST['command'] !== 'Send') {
echo '<td>';
echo '<form target="'.$frame['content'].'" method="post" action="mail.php">';
echo '<input name="command" type="hidden" id="command" value="Send" readonly="readonly">';
echo "<input type='hidden' name='username' value='".$_POST['username']."' />";
echo '<button class="np_button_link" type="submit">New Message</button>';
echo '</form>';
echo '</td>';
}
// Delete Message button
if(isset($_POST['command']) && $_POST['command'] == 'Message') {
echo '<td>';
echo '<form target="'.$frame['content'].'" method="post" action="mail.php">';
echo '<input name="command" type="hidden" id="command" value="Delete" readonly="readonly">';
echo "<input type='hidden' name='username' value='".$_POST['username']."' />";
echo "<input type='hidden' name='id' value='".$_POST['id']."' />";
echo '<button class="np_button_link" type="submit">Delete This Message</button>';
echo '</form>';
echo '</td>';
}
echo '<td width=100%></td></tr></table>';
if(isset($_POST['username'])) {
$name = $_POST['username'];
// Save name in cookie
if ($setcookies==true) {
setcookie("mail_name",stripslashes($name),time()+(3600*24*90),"/");
}
} else {
if ($setcookies) {
if ((isset($_COOKIE["mail_name"])) && (!isset($name))) {
$name=$_COOKIE["mail_name"];
} else {
$name = '';
}
}
if ($_POST['command'] !== 'Send') {
echo '<td>';
echo '<form target="' . $frame['content'] . '" method="post" action="mail.php">';
echo '<input name="command" type="hidden" id="command" value="Send" readonly="readonly">';
echo "<input type='hidden' name='username' value='" . $_POST['username'] . "' />";
echo '<button class="np_button_link" type="submit">New Message</button>';
echo '</form>';
echo '</td>';
}
if($logged_in !== true) {
echo '<table border="0" align="center" cellpadding="0" cellspacing="1">';
echo '<form name="form1" method="post" action="user.php" enctype="multipart/form-data">';
//echo '<form name="form1" method="post" action="mail.php" enctype="multipart/form-data">';
echo '<tr><td><strong>Please Login<br /></strong></td></tr>';
echo '<tr><td>Username:</td><td><input name="username" type="text" id="username" value="'.$name.'"></td></tr>';
echo '<tr><td>Password:</td><td><input name="password" type="password" id="password"></td></tr>';
echo '<td><input name="command" type="hidden" id="command" value="Login" readonly="readonly"></td>';
echo '<input type="hidden" name="key" value="'.password_hash($CONFIG['thissitekey'].$name, PASSWORD_DEFAULT).'">';
echo '<td>&nbsp;</td>';
echo '<td><input type="submit" name="Submit" value="Login"></td>';
echo '</tr>';
echo '</form>';
echo '</table>';
exit(0);
}
// Delete Message button
if (isset($_POST['command']) && $_POST['command'] == 'Message') {
echo '<td>';
echo '<form target="' . $frame['content'] . '" method="post" action="mail.php">';
echo '<input name="command" type="hidden" id="command" value="Delete" readonly="readonly">';
echo "<input type='hidden' name='username' value='" . $_POST['username'] . "' />";
echo "<input type='hidden' name='id' value='" . $_POST['id'] . "' />";
echo '<button class="np_button_link" type="submit">Delete This Message</button>';
echo '</form>';
echo '</td>';
}
echo '<td width=100%></td></tr></table>';
$user = strtolower($_POST['username']);
if(isset($_POST['command']) && $_POST['command'] == 'Delete') {
$database = $spooldir.'/mail.db3';
$dbh = mail_db_open($database);
$query = $dbh->prepare('SELECT * FROM messages where id=:id');
$query->execute(['id' => $_POST['id']]);
while (($row = $query->fetch()) !== false) {
if(($row['mail_from'] != $user) && ($row['rcpt_to'] != $user)) {
continue;
}
$istrue = 'true';
if($row['mail_from'] == $user) {
$sql_update = $dbh->prepare('UPDATE messages SET from_hide=:from_hide WHERE id=:row_id');
$sql_update->execute(array(':from_hide' => $istrue, ':row_id' => $row['id']));
}
if($row['rcpt_to'] == $user) {
$sql_update = $dbh->prepare('UPDATE messages SET to_hide=:to_hide WHERE id=:row_id');
$sql_update->execute(array(':to_hide' => $istrue, ':row_id' => $row['id']));
}
if (isset($_POST['username'])) {
$name = $_POST['username'];
// Save name in cookie
if ($setcookies == true) {
setcookie("mail_name", stripslashes($name), time() + (3600 * 24 * 90), "/");
}
$dbh = null;
}
if(isset($_POST['command']) && $_POST['command'] == 'Message') {
$database = $spooldir.'/mail.db3';
$dbh = mail_db_open($database);
$query = $dbh->prepare('SELECT * FROM messages where id=:id');
$query->execute(['id' => $_POST['id']]);
while (($row = $query->fetch()) !== false) {
$ts = new DateTime(date("D, j M Y H:i T", $row["date"]), new DateTimeZone('UTC'));
$ts->add(DateInterval::createFromDateString($offset.' minutes'));
if($offset != 0) {
$newdate = $ts->format('D, j M Y H:i');
} else {
$newdate = $ts->format('D, j M Y H:i T');
}
unset($ts);
if(($row['mail_from'] != $user) && ($row['rcpt_to'] != $user)) {
continue;
}
$body = rtrim($row['message']).'<br /><br />';
echo '<div class="np_article_header">';
echo '<b>Subject:</b> '.$row['subject'].'<br />';
echo '<b>From:</b> '.$row['mail_from'].'<br />';
echo '<b>To:</b> '.$row['rcpt_to'].'<br />';
echo '<b>Date:</b> '.$newdate.'<br />';
echo '</div>';
echo '<div class="np_article_body">';
echo $body;
echo '<form action="mail.php" method="post">';
echo '<button class="np_button_link" type="submit">Reply</button>';
echo "<input type='hidden' name='id' value='".$row['id']."' />";
echo "<input type='hidden' name='username' value='".$_POST['username']."' />";
echo '<input name="command" type="hidden" id="command" value="Send" readonly="readonly">';
echo '</form>';
echo '</div>';
if($row['mail_from'] == $user) {
$sql_update = $dbh->prepare('UPDATE messages SET mail_viewed=? WHERE msgid=?');
$sql_update->execute(array('true', $row['msgid']));
}
if($row['rcpt_to'] == $user) {
$sql_update = $dbh->prepare('UPDATE messages SET rcpt_viewed=? WHERE msgid=?');
$sql_update->execute(array('true', $row['msgid']));
}
}
$dbh = null;
}
if (isset($_POST['sendMessage'])) {
if (isset($_POST['to']) && $_POST['to'] != '' && isset($_POST['from']) && $_POST['from'] != '' && isset($_POST['message']) && $_POST['message'] != '') {
if(($to = get_config_value('aliases.conf', strtolower($_POST['to']))) == false) {
$to = strtolower($_POST['to']);
}
$userlist = scandir($config_dir.'/users/');
$found = 0;
foreach($userlist as $user) {
if(trim($to) == trim($user)) {
$found = 1;
}
}
// Check if target is remote. If user enters @ our own domain, strip it (it's local)
$remote_target = 0;
if(strpos($to, '@') !== false) {
$info = preg_split('/@/', $to, 2);
if($info[1] == $rslight_gpg['domain_name']) { // domain is our domain
$to = $info[0];
foreach($userlist as $user) {
if(($to = get_config_value('aliases.conf', strtolower($info[0]))) == false) {
$to = strtolower($info[0]);
}
if(trim($to) == trim($user)) {
$found = 1;
}
}
} else { // domain is remote
$found = 1;
$remote_target = 1;
}
}
if($found == 0) {
echo 'User not found: '.$to;
} else {
$database = $spooldir.'/mail.db3';
$dbh = mail_db_open($database);
$from = $_POST['from'];
$subject = $_POST['subject'];
$message = $_POST['message'];
$date = time();
$message = $_POST['message'];
$msgid = '<'.md5(strtolower($to).strtolower($from).strtolower($subject).strtolower($message)).'>';
$sql = 'INSERT OR IGNORE INTO messages(msgid, mail_from, rcpt_to, rcpt_target, date, subject, message, from_hide, to_hide, mail_viewed, rcpt_viewed) VALUES(?,?,?,?,?,?,?,?,?,?,?)';
$stmt = $dbh->prepare($sql);
// For possible future use ($target is currently unused)
$target = "local";
$mail_viewed = "true";
$rcpt_viewed = null;
// $remote_target is handled here
if($q = $stmt->execute([$msgid, $from, $to, $target, $date, $subject, $message, null, null, $mail_viewed, $rcpt_viewed])) {
if($remote_target == 1) {
$remote_result = send_external_mail($from, $to, $date, $subject, $message);
if($remote_result == true) {
$return_val = "Message sent.";
} else {
$return_val = "Failed to Send. No Key for Destination";
}
}
$return_val = "Message sent.";
} else {
$return_val = "Failed to Send. Database Error";
}
// Act on return values for response to user
echo $return_val;
$dbh = null;
$user = $from;
}
}
} else {
if ($setcookies) {
if ((isset($_COOKIE["mail_name"])) && (! isset($name))) {
$name = $_COOKIE["mail_name"];
} else {
$name = '';
}
if(isset($_POST['command']) && $_POST['command'] == 'Send') {
if(isset($_POST['id'])) {
$database = $spooldir.'/mail.db3';
$dbh = mail_db_open($database);
$query = $dbh->prepare('SELECT * FROM messages where id=:id');
$query->execute(['id' => $_POST['id']]);
while (($row = $query->fetch()) !== false) {
$mail_to = $row['mail_from'];
if(strpos($row['subject'], 'Re: ') !== 0) {
$subject = 'Re: '.$row['subject'];
} else {
$subject = $row['subject'];
}
$body=explode("\n",$row['message']);
$message = $row['mail_from']." wrote:\n\n";
foreach($body as $line) {
if(trim($line) !== '') {
$line = '>'.$line;
}
$message.=$line;
}
}
$dbh = null;
}
echo '<h3>Send Message:</h3>';
echo "<form action='mail.php' method='POST'>";
echo '<table><tbody><tr>';
echo "<td>To: </td><td><input type='text' name='to' value='".$mail_to."'/></td>";
echo '</tr><tr>';
echo "<td>Subject: </td><td><input type='text' name='subject' value='".$subject."'/></td>";
echo '</tr><tr>';
echo "<td></td><td><textarea class='postbody' id='message' name='message'>$message</textarea></td>";
echo '</tr><tr>';
echo "<input type='hidden' name='from' value='".$user."' />";
echo "<input type='hidden' name='username' value='".$_POST['username']."' />";
echo "<td></td><td><input type='submit' value='Send Mail' name='sendMessage' /></td>";
echo '</tr></tbody></table></form>';
}
// Show My Messages
$database = $spooldir.'/mail.db3';
$dbh = mail_db_open($database);
echo '<hr><h1 class="np_thread_headline">My Messages:</h1>';
echo '<table cellspacing="0" width="100%" class="np_results_table">';
$query = $dbh->prepare('SELECT * FROM messages WHERE mail_from=:mail_from OR rcpt_to=:mail_from ORDER BY date DESC');
$query->execute(['mail_from' => $user]);
echo '<tr class="np_thread_head"><td class="np_thread_head">Subject</td><td class="np_thread_head">From</td><td class="np_thread_head">To</td><td class="np_thread_head">Date</td></tr>';
$i=1;
while (($row = $query->fetch()) !== false) {
if(($row['mail_from'] == $user) && ($row['from_hide'] == 'true')) {
continue;
}
if(($row['rcpt_to'] == $user) && ($row['to_hide'] == 'true')) {
continue;
}
if(($i % 2) != 0){
echo '<tr class="np_result_line1"><td class="np_result_line1" style="word-wrap:break-word";>';
} else {
echo '<tr class="np_result_line2"><td class="np_result_line2" style="word-wrap:break-word";>';
}
$button_link = 'np_mail_button_link';;
if(($row['mail_from'] == $user) && ($row['mail_viewed'] == 'true')) {
$button_link = 'np_mail_button_read';
} elseif(($row['rcpt_to'] == $user) && ($row['rcpt_viewed'] == 'true')) {
$button_link = 'np_mail_button_read';
}
// Use local timezone if possible
$ts = new DateTime(date("D, j M Y H:i T", $row["date"]), new DateTimeZone('UTC'));
$ts->add(DateInterval::createFromDateString($offset.' minutes'));
if($offset != 0) {
$newdate = $ts->format('D, j M Y H:i');
}
if ($logged_in !== true) {
echo '<table border="0" align="center" cellpadding="0" cellspacing="1">';
echo '<form name="form1" method="post" action="user.php" enctype="multipart/form-data">';
// echo '<form name="form1" method="post" action="mail.php" enctype="multipart/form-data">';
echo '<tr><td><strong>Please Login<br /></strong></td></tr>';
echo '<tr><td>Username:</td><td><input name="username" type="text" id="username" value="' . $name . '"></td></tr>';
echo '<tr><td>Password:</td><td><input name="password" type="password" id="password"></td></tr>';
echo '<td><input name="command" type="hidden" id="command" value="Login" readonly="readonly"></td>';
echo '<input type="hidden" name="key" value="' . password_hash($CONFIG['thissitekey'] . $name, PASSWORD_DEFAULT) . '">';
echo '<td>&nbsp;</td>';
echo '<td><input type="submit" name="Submit" value="Login"></td>';
echo '</tr>';
echo '</form>';
echo '</table>';
exit(0);
}
$user = strtolower($_POST['username']);
if (isset($_POST['command']) && $_POST['command'] == 'Delete') {
$database = $spooldir . '/mail.db3';
$dbh = mail_db_open($database);
$query = $dbh->prepare('SELECT * FROM messages where id=:id');
$query->execute([
'id' => $_POST['id']
]);
while (($row = $query->fetch()) !== false) {
if (($row['mail_from'] != $user) && ($row['rcpt_to'] != $user)) {
continue;
}
$istrue = 'true';
if ($row['mail_from'] == $user) {
$sql_update = $dbh->prepare('UPDATE messages SET from_hide=:from_hide WHERE id=:row_id');
$sql_update->execute(array(
':from_hide' => $istrue,
':row_id' => $row['id']
));
}
if ($row['rcpt_to'] == $user) {
$sql_update = $dbh->prepare('UPDATE messages SET to_hide=:to_hide WHERE id=:row_id');
$sql_update->execute(array(
':to_hide' => $istrue,
':row_id' => $row['id']
));
}
}
$dbh = null;
}
if (isset($_POST['command']) && $_POST['command'] == 'Message') {
$database = $spooldir . '/mail.db3';
$dbh = mail_db_open($database);
$query = $dbh->prepare('SELECT * FROM messages where id=:id');
$query->execute([
'id' => $_POST['id']
]);
while (($row = $query->fetch()) !== false) {
$ts = new DateTime(date("D, j M Y H:i T", $row["date"]), new DateTimeZone('UTC'));
$ts->add(DateInterval::createFromDateString($offset . ' minutes'));
if ($offset != 0) {
$newdate = $ts->format('D, j M Y H:i');
} else {
$newdate = $ts->format('D, j M Y H:i T');
}
unset($ts);
if (($row['mail_from'] != $user) && ($row['rcpt_to'] != $user)) {
continue;
}
$body = rtrim($row['message']) . '<br /><br />';
echo '<div class="np_article_header">';
echo '<b>Subject:</b> ' . $row['subject'] . '<br />';
echo '<b>From:</b> ' . $row['mail_from'] . '<br />';
echo '<b>To:</b> ' . $row['rcpt_to'] . '<br />';
echo '<b>Date:</b> ' . $newdate . '<br />';
echo '</div>';
echo '<div class="np_article_body">';
echo $body;
echo '<form action="mail.php" method="post">';
echo '<button class="np_button_link" type="submit">Reply</button>';
echo "<input type='hidden' name='id' value='" . $row['id'] . "' />";
echo "<input type='hidden' name='username' value='" . $_POST['username'] . "' />";
echo '<input name="command" type="hidden" id="command" value="Send" readonly="readonly">';
echo '</form>';
echo '</div>';
if ($row['mail_from'] == $user) {
$sql_update = $dbh->prepare('UPDATE messages SET mail_viewed=? WHERE msgid=?');
$sql_update->execute(array(
'true',
$row['msgid']
));
}
if ($row['rcpt_to'] == $user) {
$sql_update = $dbh->prepare('UPDATE messages SET rcpt_viewed=? WHERE msgid=?');
$sql_update->execute(array(
'true',
$row['msgid']
));
}
}
$dbh = null;
}
if (isset($_POST['sendMessage'])) {
if (isset($_POST['to']) && $_POST['to'] != '' && isset($_POST['from']) && $_POST['from'] != '' && isset($_POST['message']) && $_POST['message'] != '') {
if (($to = get_config_value('aliases.conf', strtolower($_POST['to']))) == false) {
$to = strtolower($_POST['to']);
}
$userlist = scandir($config_dir . '/users/');
$found = 0;
foreach ($userlist as $user) {
if (trim($to) == trim($user)) {
$found = 1;
}
}
// Check if target is remote. If user enters @ our own domain, strip it (it's local)
$remote_target = 0;
if (strpos($to, '@') !== false) {
$info = preg_split('/@/', $to, 2);
if ($info[1] == $rslight_gpg['domain_name']) { // domain is our domain
$to = $info[0];
foreach ($userlist as $user) {
if (($to = get_config_value('aliases.conf', strtolower($info[0]))) == false) {
$to = strtolower($info[0]);
}
if (trim($to) == trim($user)) {
$found = 1;
}
}
} else { // domain is remote
$found = 1;
$remote_target = 1;
}
}
if ($found == 0) {
echo 'User not found: ' . $to;
} else {
$database = $spooldir . '/mail.db3';
$dbh = mail_db_open($database);
$from = $_POST['from'];
$subject = $_POST['subject'];
$message = $_POST['message'];
$date = time();
$message = $_POST['message'];
$msgid = '<' . md5(strtolower($to) . strtolower($from) . strtolower($subject) . strtolower($message)) . '>';
$sql = 'INSERT OR IGNORE INTO messages(msgid, mail_from, rcpt_to, rcpt_target, date, subject, message, from_hide, to_hide, mail_viewed, rcpt_viewed) VALUES(?,?,?,?,?,?,?,?,?,?,?)';
$stmt = $dbh->prepare($sql);
// For possible future use ($target is currently unused)
$target = "local";
$mail_viewed = "true";
$rcpt_viewed = null;
// $remote_target is handled here
if ($q = $stmt->execute([
$msgid,
$from,
$to,
$target,
$date,
$subject,
$message,
null,
null,
$mail_viewed,
$rcpt_viewed
])) {
if ($remote_target == 1) {
$remote_result = send_external_mail($from, $to, $date, $subject, $message);
if ($remote_result == true) {
$return_val = "Message sent.";
} else {
$return_val = "Failed to Send. No Key for Destination";
}
}
$return_val = "Message sent.";
} else {
$return_val = "Failed to Send. Database Error";
}
// Act on return values for response to user
echo $return_val;
$dbh = null;
$user = $from;
}
}
}
if (isset($_POST['command']) && $_POST['command'] == 'Send') {
if (isset($_POST['id'])) {
$database = $spooldir . '/mail.db3';
$dbh = mail_db_open($database);
$query = $dbh->prepare('SELECT * FROM messages where id=:id');
$query->execute([
'id' => $_POST['id']
]);
while (($row = $query->fetch()) !== false) {
$mail_to = $row['mail_from'];
if (strpos($row['subject'], 'Re: ') !== 0) {
$subject = 'Re: ' . $row['subject'];
} else {
$subject = $row['subject'];
}
$body = explode("\n", $row['message']);
$message = $row['mail_from'] . " wrote:\n\n";
foreach ($body as $line) {
if (trim($line) !== '') {
$line = '>' . $line;
}
$message .= $line;
}
}
$dbh = null;
}
echo '<h3>Send Message:</h3>';
echo "<form action='mail.php' method='POST'>";
echo '<table><tbody><tr>';
echo "<td>To: </td><td><input type='text' name='to' value='" . $mail_to . "'/></td>";
echo '</tr><tr>';
echo "<td>Subject: </td><td><input type='text' name='subject' value='" . $subject . "'/></td>";
echo '</tr><tr>';
echo "<td></td><td><textarea class='postbody' id='message' name='message'>$message</textarea></td>";
echo '</tr><tr>';
echo "<input type='hidden' name='from' value='" . $user . "' />";
echo "<input type='hidden' name='username' value='" . $_POST['username'] . "' />";
echo "<td></td><td><input type='submit' value='Send Mail' name='sendMessage' /></td>";
echo '</tr></tbody></table></form>';
}
// Show My Messages
$database = $spooldir . '/mail.db3';
$dbh = mail_db_open($database);
echo '<hr><h1 class="np_thread_headline">My Messages:</h1>';
echo '<table cellspacing="0" width="100%" class="np_results_table">';
$query = $dbh->prepare('SELECT * FROM messages WHERE mail_from=:mail_from OR rcpt_to=:mail_from ORDER BY date DESC');
$query->execute([
'mail_from' => $user
]);
echo '<tr class="np_thread_head"><td class="np_thread_head">Subject</td><td class="np_thread_head">From</td><td class="np_thread_head">To</td><td class="np_thread_head">Date</td></tr>';
$i = 1;
while (($row = $query->fetch()) !== false) {
if (($row['mail_from'] == $user) && ($row['from_hide'] == 'true')) {
continue;
}
if (($row['rcpt_to'] == $user) && ($row['to_hide'] == 'true')) {
continue;
}
if (($i % 2) != 0) {
echo '<tr class="np_result_line1"><td class="np_result_line1" style="word-wrap:break-word";>';
} else {
$newdate = $ts->format('D, j M Y H:i T');
echo '<tr class="np_result_line2"><td class="np_result_line2" style="word-wrap:break-word";>';
}
$button_link = 'np_mail_button_link';
;
if (($row['mail_from'] == $user) && ($row['mail_viewed'] == 'true')) {
$button_link = 'np_mail_button_read';
} elseif (($row['rcpt_to'] == $user) && ($row['rcpt_viewed'] == 'true')) {
$button_link = 'np_mail_button_read';
}
// Use local timezone if possible
$ts = new DateTime(date("D, j M Y H:i T", $row["date"]), new DateTimeZone('UTC'));
$ts->add(DateInterval::createFromDateString($offset . ' minutes'));
if ($offset != 0) {
$newdate = $ts->format('D, j M Y H:i');
} else {
$newdate = $ts->format('D, j M Y H:i T');
}
unset($ts);
echo '<form action="mail.php" method="post">';
echo '<button class="'.$button_link.'" type="submit">'.$row["subject"].'</button>';
echo "<input type='hidden' name='id' value='".$row['id']."' />";
echo "<input type='hidden' name='username' value='".$_POST['username']."' />";
echo '<button class="' . $button_link . '" type="submit">' . $row["subject"] . '</button>';
echo "<input type='hidden' name='id' value='" . $row['id'] . "' />";
echo "<input type='hidden' name='username' value='" . $_POST['username'] . "' />";
echo '<input name="command" type="hidden" id="command" value="Message" readonly="readonly">';
echo '</form>';
echo '</td><td>'.$row["mail_from"].'</td><td>'.$row["rcpt_to"].'</td><td>'.$newdate.'</td></tr>';
$i++;
}
echo '</tbody></table><br />';
include "tail.inc";
function send_external_mail($sender, $recipient, $date, $subject, $message) {
global $rslight_gpg, $config_name, $spooldir, $rslight_version;
putenv("GNUPGHOME=".$rslight_gpg['gnupghome']);
$res = gnupg_init();
// Get target domain (then get key if necessary)
$info = preg_split('/@/', $recipient, 2);
$target['domain'] = $info[1];
if(gnupg_keyinfo($res, "rslight@".$target['domain']) == false) { // We don't have the key
$retrieve = retrieve_key($res, $target['domain']);
if($retrieve == false) { // We can't get the key
return false;
}
}
$cwd = getcwd();
$keydir = preg_replace('/spoolnews/','pubkey/',$cwd);
$key_location = "/pubkey/server_pubkey.txt";
$signing_key = trim(file_get_contents($keydir.'/server_fingerprint.txt'));
$fingerprint_clean = preg_replace('/\ /', '', $signing_key);
gnupg_addsignkey($res,$fingerprint_clean);
gnupg_adddecryptkey($res,$fingerprint_clean, '');
$keyinfo = gnupg_keyinfo($res, "rslight@".$target['domain']);
$target['fingerprint'] = $keyinfo[0]['subkeys'][0]['fingerprint'];
$encrypt_to_key = $target['fingerprint'];
gnupg_addencryptkey($res,$encrypt_to_key);
$mydate = gmdate("D, d M Y H:i:s \U\T\C",$date);
$outgoing_dir = $spooldir.'/'.$config_name.'/outgoing';
if(!is_dir($outgoing_dir)) {
mkdir($outgoing_dir, 0700, true);
}
$domain = $rslight_gpg['domain_name'];
$organization = $CONFIG['organization'];
$from = $rslight_gpg['from_email'];
$contact = $rslight_gpg['contact'];
$outgoing_file = tempnam($outgoing_dir, 'bbsmail-');
$start="@@BEGIN BBSMAIL HEADERS";
$begin="@@BEGIN BBSMAIL BODY";
$end="@@END BBSMAIL BODY";
$body='';
$body.="You may use this to import MAIL for $domain.\n\n";
$body.="This message was signed using the following key:\n";
$body.="$signing_key\n\n";
$body.="The GPG key needed to verify the signature of messages\n";
$body.="issued by $from is available at:\n";
$body.="$domain$key_location\n\n";
$body.="For information contact $contact.\n\n";
$body.=$start."\n";
$body.=' Version: '.$rslight_version."\n";
$body.=' From: '.$from."\n";
$hashtail = hash('crc32', $domain.$organization.$sender.$rslight_gpg['nntp_group']);
$thishash = hash('crc32', $message.$hashtail).hash('crc32', $signing_key);
$body.=" Notice-ID: ".$thishash."\n";
$body.=" Key: ".$signing_key."\n";
$body.=" Location: ".$domain.$key_location."\n";
$body.=" Domain: ".$domain."\n";
$body.=$begin."\n";
$body.=" Sender: ".$sender."\n";
$body.=" Recipient: ".$recipient."\n";
$body.=" Date: ".$mydate."\n";
$body.=" Subject: ".$subject."\n";
$body.=" Body: ".$message."\n";
$body.=$end."\n";
$header='';
$header.="From: $from\n";
$header.="Newsgroups: ".$rslight_gpg['nntp_group']."\n";
$header.="Subject: @@RSL BBSMAIL notice ".$thishash."\n";
$header.="Date: ".$mydate."\n";
$header.="Message-ID: <$thishash@$domain>\n";
$header.="Content-Type: text/plain; charset=utf-8; format=flowed\n";
$header.="Content-Transfer-Encoding: 8bit\n";
$header.="Organization: $organization\n\n";
$encrypted_text = gnupg_encryptsign($res, $body);
file_put_contents($outgoing_file, $header.$encrypted_text);
return true;
}
function retrieve_key($res, $domain) {
global $config_name, $logfile;
// Let's try to get the key
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." No KEY for posting. Trying to retrieve for ".$domain, FILE_APPEND);
echo '</td><td>' . $row["mail_from"] . '</td><td>' . $row["rcpt_to"] . '</td><td>' . $newdate . '</td></tr>';
$i ++;
}
echo '</tbody></table><br />';
include "tail.inc";
$location = "http://".$domain.'/pubkey/server_pubkey.txt';
$import = gnupg_import($res, file_get_contents($location));
if(isset($import['fingerprint'])) {
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." IMPORTED: ".$import['fingerprint'], FILE_APPEND);
// Verify that domain in IMPORTED KEY matches exactly: "Location" and "Domain" in MAILKEY message
// If it DOES NOT, then DELETE the new key immediately
$keyinfo = gnupg_keyinfo($res, $import['fingerprint']);
$imported_domain = preg_replace('/rslight@/', '', $keyinfo[0]['uids'][0]['uid']);
if(($imported_domain == $domain)) {
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Domain Match: ".$imported_domain, FILE_APPEND);
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." New PGP Key added for: ".$imported_domain." Domain: ".$imported_domain." Fingerprint: ".$import['fingerprint'], FILE_APPEND);
send_admin_message('admin', 'admin', 'New PGP Key added for: '.$imported_domain, 'Domain: '.$imported_domain."\nFingerprint: ".$import['fingerprint']."\n");
return true;
} else {
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Domain MIS-MATCH: ".$imported_domain." DELETING...", FILE_APPEND);
if(gnupg_deletekey($res, $import['fingerprint'])) {
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." SUCCESS Deleting ".$import['fingerprint'], FILE_APPEND);
} else {
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." WARNING!: FAILED to Delete ".$import['fingerprint'], FILE_APPEND);
}
return false;
}
} else {
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Failed to import key from ".$location, FILE_APPEND);
function send_external_mail($sender, $recipient, $date, $subject, $message)
{
global $rslight_gpg, $config_name, $spooldir, $rslight_version;
putenv("GNUPGHOME=" . $rslight_gpg['gnupghome']);
$res = gnupg_init();
// Get target domain (then get key if necessary)
$info = preg_split('/@/', $recipient, 2);
$target['domain'] = $info[1];
if (gnupg_keyinfo($res, "rslight@" . $target['domain']) == false) { // We don't have the key
$retrieve = retrieve_key($res, $target['domain']);
if ($retrieve == false) { // We can't get the key
return false;
}
}
$cwd = getcwd();
$keydir = preg_replace('/spoolnews/', 'pubkey/', $cwd);
$key_location = "/pubkey/server_pubkey.txt";
$signing_key = trim(file_get_contents($keydir . '/server_fingerprint.txt'));
$fingerprint_clean = preg_replace('/\ /', '', $signing_key);
gnupg_addsignkey($res, $fingerprint_clean);
gnupg_adddecryptkey($res, $fingerprint_clean, '');
$keyinfo = gnupg_keyinfo($res, "rslight@" . $target['domain']);
$target['fingerprint'] = $keyinfo[0]['subkeys'][0]['fingerprint'];
$encrypt_to_key = $target['fingerprint'];
gnupg_addencryptkey($res, $encrypt_to_key);
$mydate = gmdate("D, d M Y H:i:s \U\T\C", $date);
$outgoing_dir = $spooldir . '/' . $config_name . '/outgoing';
if (! is_dir($outgoing_dir)) {
mkdir($outgoing_dir, 0700, true);
}
$domain = $rslight_gpg['domain_name'];
$organization = $CONFIG['organization'];
$from = $rslight_gpg['from_email'];
$contact = $rslight_gpg['contact'];
$outgoing_file = tempnam($outgoing_dir, 'bbsmail-');
$start = "@@BEGIN BBSMAIL HEADERS";
$begin = "@@BEGIN BBSMAIL BODY";
$end = "@@END BBSMAIL BODY";
$body = '';
$body .= "You may use this to import MAIL for $domain.\n\n";
$body .= "This message was signed using the following key:\n";
$body .= "$signing_key\n\n";
$body .= "The GPG key needed to verify the signature of messages\n";
$body .= "issued by $from is available at:\n";
$body .= "$domain$key_location\n\n";
$body .= "For information contact $contact.\n\n";
$body .= $start . "\n";
$body .= ' Version: ' . $rslight_version . "\n";
$body .= ' From: ' . $from . "\n";
$hashtail = hash('crc32', $domain . $organization . $sender . $rslight_gpg['nntp_group']);
$thishash = hash('crc32', $message . $hashtail) . hash('crc32', $signing_key);
$body .= " Notice-ID: " . $thishash . "\n";
$body .= " Key: " . $signing_key . "\n";
$body .= " Location: " . $domain . $key_location . "\n";
$body .= " Domain: " . $domain . "\n";
$body .= $begin . "\n";
$body .= " Sender: " . $sender . "\n";
$body .= " Recipient: " . $recipient . "\n";
$body .= " Date: " . $mydate . "\n";
$body .= " Subject: " . $subject . "\n";
$body .= " Body: " . $message . "\n";
$body .= $end . "\n";
$header = '';
$header .= "From: $from\n";
$header .= "Newsgroups: " . $rslight_gpg['nntp_group'] . "\n";
$header .= "Subject: @@RSL BBSMAIL notice " . $thishash . "\n";
$header .= "Date: " . $mydate . "\n";
$header .= "Message-ID: <$thishash@$domain>\n";
$header .= "Content-Type: text/plain; charset=utf-8; format=flowed\n";
$header .= "Content-Transfer-Encoding: 8bit\n";
$header .= "Organization: $organization\n\n";
$encrypted_text = gnupg_encryptsign($res, $body);
file_put_contents($outgoing_file, $header . $encrypted_text);
return true;
}
function retrieve_key($res, $domain)
{
global $config_name, $logfile;
// Let's try to get the key
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " No KEY for posting. Trying to retrieve for " . $domain, FILE_APPEND);
$location = "http://" . $domain . '/pubkey/server_pubkey.txt';
$import = gnupg_import($res, file_get_contents($location));
if (isset($import['fingerprint'])) {
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " IMPORTED: " . $import['fingerprint'], FILE_APPEND);
// Verify that domain in IMPORTED KEY matches exactly: "Location" and "Domain" in MAILKEY message
// If it DOES NOT, then DELETE the new key immediately
$keyinfo = gnupg_keyinfo($res, $import['fingerprint']);
$imported_domain = preg_replace('/rslight@/', '', $keyinfo[0]['uids'][0]['uid']);
if (($imported_domain == $domain)) {
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Domain Match: " . $imported_domain, FILE_APPEND);
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " New PGP Key added for: " . $imported_domain . " Domain: " . $imported_domain . " Fingerprint: " . $import['fingerprint'], FILE_APPEND);
send_admin_message('admin', 'admin', 'New PGP Key added for: ' . $imported_domain, 'Domain: ' . $imported_domain . "\nFingerprint: " . $import['fingerprint'] . "\n");
return true;
} else {
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Domain MIS-MATCH: " . $imported_domain . " DELETING...", FILE_APPEND);
if (gnupg_deletekey($res, $import['fingerprint'])) {
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " SUCCESS Deleting " . $import['fingerprint'], FILE_APPEND);
} else {
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " WARNING!: FAILED to Delete " . $import['fingerprint'], FILE_APPEND);
}
return false;
}
} else {
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Failed to import key from " . $location, FILE_APPEND);
return false;
}
return false;
}

150
Rocksolid_Light/spoolnews/upload.php
View File

@ -2,111 +2,111 @@
include "config.inc.php";
include "newsportal.php";
$logfile=$logdir.'/files.log';
$logfile = $logdir . '/files.log';
$keyfile = $spooldir.'/keys.dat';
$keyfile = $spooldir . '/keys.dat';
$keys = unserialize(file_get_contents($keyfile));
$name = '';
$logged_in = false;
if(!isset($_POST['username'])) {
if (! isset($_POST['username'])) {
$_POST['username'] = $_COOKIE['mail_name'];
}
$name = $_POST['username'];
if(!isset($_POST['password'])) {
if (! isset($_POST['password'])) {
$_POST['password'] = null;
}
if(!isset($_COOKIE['mail_auth'])) {
if (! isset($_COOKIE['mail_auth'])) {
$_COOKIE['mail_auth'] = null;
}
if((password_verify($_POST['username'].$keys[0].get_user_config($_POST['username'],'encryptionkey'), $_COOKIE['mail_auth'])) || (password_verify($_POST['username'].$keys[1].get_user_config($_POST['username'],'encryptionkey'), $_COOKIE['mail_auth']))) {
if ((password_verify($_POST['username'] . $keys[0] . get_user_config($_POST['username'], 'encryptionkey'), $_COOKIE['mail_auth'])) || (password_verify($_POST['username'] . $keys[1] . get_user_config($_POST['username'], 'encryptionkey'), $_COOKIE['mail_auth']))) {
$logged_in = true;
}
$title.=' - Upload file';
$title .= ' - Upload file';
include "head.inc";
echo '<h1 class="np_thread_headline">';
echo '<a href="../spoolnews/files.php" target='.$frame['menu'].'>files</a> / ';
echo htmlspecialchars($_COOKIE['mail_name']).'</h1>';
echo '<table cellpadding="0" cellspacing="0" class="np_buttonbar"><tr>';
echo '<table cellpadding="0" cellspacing="0" class="np_buttonbar"><tr>';
echo '<h1 class="np_thread_headline">';
echo '<a href="../spoolnews/files.php" target=' . $frame['menu'] . '>files</a> / ';
echo htmlspecialchars($_COOKIE['mail_name']) . '</h1>';
echo '<table cellpadding="0" cellspacing="0" class="np_buttonbar"><tr>';
echo '<table cellpadding="0" cellspacing="0" class="np_buttonbar"><tr>';
// Browse button
echo '<td>';
echo '<form target="'.$frame['content'].'" method="post" action="files.php">';
echo '<input name="command" type="hidden" id="command" value="Browse" readonly="readonly">';
echo '<button class="np_button_link" type="submit">Browse</button>';
echo '</form>';
echo '</td>';
echo '<td>';
echo '<form target="' . $frame['content'] . '" method="post" action="files.php">';
echo '<input name="command" type="hidden" id="command" value="Browse" readonly="readonly">';
echo '<button class="np_button_link" type="submit">Browse</button>';
echo '</form>';
echo '</td>';
// Upload button
echo '<td>';
echo '<form target="'.$frame['content'].'" method="post" action="upload.php">';
echo '<input name="command" type="hidden" id="command" value="Upload" readonly="readonly">';
echo '<button class="np_button_link" type="submit">Upload</button>';
echo '</form>';
echo '</td>';
echo '<td width=100%></td></tr></table>';
echo '<hr>';
if(isset($_FILES['photo'])) {
$_FILES['photo']['name'] = preg_replace('/[^a-zA-Z0-9\.]/', '_', $_FILES['photo']['name']);
// Check auth here
if(isset($_POST['key']) && password_verify($CONFIG['thissitekey'].$_POST['username'], $_POST['key'])) {
if(check_bbs_auth($_POST['username'], $_POST['password'])) {
$userdir = $spooldir.'/upload/'.strtolower($_POST['username']);
$upload_to = $userdir.'/'.$_FILES['photo']['name'];
if(is_file($upload_to)) {
echo $_FILES['photo']['name'].' already exists in your folder';
} else {
if(!is_dir($userdir)) {
mkdir($userdir);
}
$success = move_uploaded_file($_FILES['photo']['tmp_name'], $upload_to);
if ($success) {
file_put_contents($logfile, "\n".format_log_date()." Saved: ".strtolower($_POST['username'])."/".$_FILES['photo']['name'], FILE_APPEND);
echo 'Saved '.$_FILES['photo']['name'].' to your files folder';
} else {
echo 'There was an error saving '.$_FILES['photo']['name'];
}
}
?>
<script type="text/javascript">
echo '<td>';
echo '<form target="' . $frame['content'] . '" method="post" action="upload.php">';
echo '<input name="command" type="hidden" id="command" value="Upload" readonly="readonly">';
echo '<button class="np_button_link" type="submit">Upload</button>';
echo '</form>';
echo '</td>';
echo '<td width=100%></td></tr></table>';
echo '<hr>';
if (isset($_FILES['photo'])) {
$_FILES['photo']['name'] = preg_replace('/[^a-zA-Z0-9\.]/', '_', $_FILES['photo']['name']);
// Check auth here
if (isset($_POST['key']) && password_verify($CONFIG['thissitekey'] . $_POST['username'], $_POST['key'])) {
if (check_bbs_auth($_POST['username'], $_POST['password'])) {
$userdir = $spooldir . '/upload/' . strtolower($_POST['username']);
$upload_to = $userdir . '/' . $_FILES['photo']['name'];
if (is_file($upload_to)) {
echo $_FILES['photo']['name'] . ' already exists in your folder';
} else {
if (! is_dir($userdir)) {
mkdir($userdir);
}
$success = move_uploaded_file($_FILES['photo']['tmp_name'], $upload_to);
if ($success) {
file_put_contents($logfile, "\n" . format_log_date() . " Saved: " . strtolower($_POST['username']) . "/" . $_FILES['photo']['name'], FILE_APPEND);
echo 'Saved ' . $_FILES['photo']['name'] . ' to your files folder';
} else {
echo 'There was an error saving ' . $_FILES['photo']['name'];
}
}
?>
<script type="text/javascript">
if (navigator.cookieEnabled)
var savename = "<?php echo stripslashes($name); ?>";
document.cookie = "mail_name="+savename+"; path=/";
</script>
<?php
} else {
echo 'Authentication Failed';
}
echo '<br /><br />';
} else {
echo 'Authentication Failed';
}
echo '<br /><br />';
}
}
echo '<table border="0" align="center" cellpadding="0" cellspacing="1">';
echo '<form name="form1" method="post" action="user.php" enctype="multipart/form-data">';
//echo '<form name="form1" method="post" action="upload.php" enctype="multipart/form-data">';
echo '<table border="0" align="center" cellpadding="0" cellspacing="1">';
echo '<form name="form1" method="post" action="user.php" enctype="multipart/form-data">';
// echo '<form name="form1" method="post" action="upload.php" enctype="multipart/form-data">';
if(!isset($_POST['username'])) {
$_POST['username'] = '';
}
if(!isset($_POST['password'])) {
$_POST['password'] = '';
}
if(!$logged_in && !check_bbs_auth($_POST['username'], $_POST['password'])) {
echo '<tr><td><strong>Please Login to Upload<br /></strong></td></tr>';
echo '<tr><td>Username:</td><td><input name="username" type="text" id="username" value="'.$name.'"></td></tr>';
echo '<tr><td>Password:</td><td><input name="password" type="password" id="password"></td></tr>';
echo '<td><input name="command" type="hidden" id="command" value="Upload" readonly="readonly"></td>';
echo '<td><input type="submit" name="Submit" value="Login"></td>';
if (! isset($_POST['username'])) {
$_POST['username'] = '';
}
if (! isset($_POST['password'])) {
$_POST['password'] = '';
}
if (! $logged_in && ! check_bbs_auth($_POST['username'], $_POST['password'])) {
echo '<tr><td><strong>Please Login to Upload<br /></strong></td></tr>';
echo '<tr><td>Username:</td><td><input name="username" type="text" id="username" value="' . $name . '"></td></tr>';
echo '<tr><td>Password:</td><td><input name="password" type="password" id="password"></td></tr>';
echo '<td><input name="command" type="hidden" id="command" value="Upload" readonly="readonly"></td>';
echo '<td><input type="submit" name="Submit" value="Login"></td>';
} else {
echo '<tr><td><strong>Logged in as '.$_POST['username'].'<br />(max size=2MB)</strong></td></tr>';
echo '<td><input name="command" type="hidden" id="command" value="Upload" readonly="readonly"></td>';
echo '<input type="hidden" name="key" value="'.password_hash($CONFIG['thissitekey'].$name, PASSWORD_DEFAULT).'">';
echo '<input type="hidden" name="username" value="'.$_POST['username'].'">';
echo '<input type="hidden" name="password" value="'.$_POST['password'].'">';
echo '<tr><td><input type="file" name="photo" id="fileSelect" value="fileSelect" accept="image/*,audio/*,text/*,application/*"></td>
echo '<tr><td><strong>Logged in as ' . $_POST['username'] . '<br />(max size=2MB)</strong></td></tr>';
echo '<td><input name="command" type="hidden" id="command" value="Upload" readonly="readonly"></td>';
echo '<input type="hidden" name="key" value="' . password_hash($CONFIG['thissitekey'] . $name, PASSWORD_DEFAULT) . '">';
echo '<input type="hidden" name="username" value="' . $_POST['username'] . '">';
echo '<input type="hidden" name="password" value="' . $_POST['password'] . '">';
echo '<tr><td><input type="file" name="photo" id="fileSelect" value="fileSelect" accept="image/*,audio/*,text/*,application/*"></td>
';
echo '<td>&nbsp;<input type="submit" name="Submit" value="Upload"></td>';
echo '<td>&nbsp;<input type="submit" name="Submit" value="Upload"></td>';
}
echo '</tr>';
echo '</form>';

450
Rocksolid_Light/spoolnews/user.php
View File

@ -4,62 +4,62 @@ session_start();
include "config.inc.php";
include "newsportal.php";
if(isset($_COOKIE['tzo'])) {
$offset=$_COOKIE['tzo'];
} else {
$offset=$CONFIG['timezone'];
}
if(!isset($_POST['command'])) {
$_POST['command'] = null;
}
$keyfile = $spooldir.'/keys.dat';
$keys = unserialize(file_get_contents($keyfile));
if($_POST['command'] == 'Logout') {
unset($_COOKIE['mail_name']);
setcookie('mail_name', null, -1, '/');
unset($_COOKIE['mail_auth']);
setcookie('mail_auth', null, -1, '/');
unset($_COOKIE['cookie_name']);
setcookie('cookie_name', null, -1, '/');
unset($_COOKIE['pkey']);
setcookie('pkey', null, -1, '/');
unset($_SESSION['theme']);
unset($_POST['username']);
include "head.inc";
echo "<center>";
echo "<hr><p>You have been logged out</p>";
echo '</center>';
echo '<br />';
include "tail.inc";
exit(0);
if (isset($_COOKIE['tzo'])) {
$offset = $_COOKIE['tzo'];
} else {
$offset = $CONFIG['timezone'];
}
$title.=' - User Configuration';
if (! isset($_POST['command'])) {
$_POST['command'] = null;
}
$keyfile = $spooldir . '/keys.dat';
$keys = unserialize(file_get_contents($keyfile));
if ($_POST['command'] == 'Logout') {
unset($_COOKIE['mail_name']);
setcookie('mail_name', null, - 1, '/');
unset($_COOKIE['mail_auth']);
setcookie('mail_auth', null, - 1, '/');
unset($_COOKIE['cookie_name']);
setcookie('cookie_name', null, - 1, '/');
unset($_COOKIE['pkey']);
setcookie('pkey', null, - 1, '/');
unset($_SESSION['theme']);
unset($_POST['username']);
include "head.inc";
echo "<center>";
echo "<hr><p>You have been logged out</p>";
echo '</center>';
echo '<br />';
include "tail.inc";
exit(0);
}
$title .= ' - User Configuration';
include "head.inc";
// How long should cookie allow user to stay logged in?
// 14400 = 4 hours
$auth_expire = 14400;
$logged_in = false;
if(!isset($_POST['username'])) {
$auth_expire = 14400;
$logged_in = false;
if (! isset($_POST['username'])) {
$_POST['username'] = $_COOKIE['mail_name'];
}
$name = $_POST['username'];
if(!isset($_POST['password'])) {
$_POST['password'] = null;
}
if(!isset($_COOKIE['mail_auth'])) {
$_COOKIE['mail_auth'] = null;
}
if(((get_user_mail_auth_data($_COOKIE['mail_name'])) && password_verify($_POST['username'].$keys[0].get_user_config($_POST['username'],'encryptionkey'), $_COOKIE['mail_auth'])) || (password_verify($_POST['username'].$keys[1].get_user_config($_POST['username'],'encryptionkey'), $_COOKIE['mail_auth']))) {
}
$name = $_POST['username'];
if (! isset($_POST['password'])) {
$_POST['password'] = null;
}
if (! isset($_COOKIE['mail_auth'])) {
$_COOKIE['mail_auth'] = null;
}
if (((get_user_mail_auth_data($_COOKIE['mail_name'])) && password_verify($_POST['username'] . $keys[0] . get_user_config($_POST['username'], 'encryptionkey'), $_COOKIE['mail_auth'])) || (password_verify($_POST['username'] . $keys[1] . get_user_config($_POST['username'], 'encryptionkey'), $_COOKIE['mail_auth']))) {
$logged_in = true;
} else {
if(check_bbs_auth($_POST['username'], $_POST['password'])) {
$authkey = password_hash($_POST['username'].$keys[0].get_user_config($_POST['username'],'encryptionkey'), PASSWORD_DEFAULT);
$pkey = hash('crc32', get_user_config($_POST['username'],'encryptionkey'));
set_user_config(strtolower($_POST['username']), "pkey", $pkey);
?>
<script type="text/javascript">
} else {
if (check_bbs_auth($_POST['username'], $_POST['password'])) {
$authkey = password_hash($_POST['username'] . $keys[0] . get_user_config($_POST['username'], 'encryptionkey'), PASSWORD_DEFAULT);
$pkey = hash('crc32', get_user_config($_POST['username'], 'encryptionkey'));
set_user_config(strtolower($_POST['username']), "pkey", $pkey);
?>
<script type="text/javascript">
if (navigator.cookieEnabled)
var authcookie = "<?php echo $authkey; ?>";
var savename = "<?php echo stripslashes($name); ?>";
@ -71,199 +71,197 @@ include "head.inc";
document.cookie = "pkey="+pkey+"; max-age="+name_expire+"; path=/";
</script>
<?php
$logged_in = true;
$logged_in = true;
} else {
echo 'Login failed.';
}
else
{
echo 'Login failed.';
}
}
if(isset($_POST['command']) && $_POST['command'] == 'Configuration') {
}
if (isset($_POST['command']) && $_POST['command'] == 'Configuration') {
echo '<h1 class="np_thread_headline">';
echo '<a href="user.php" target='.$frame['menu'].'>Configuration</a> / ';
echo htmlspecialchars($_POST['username']).'</h1>';
} else {
echo '<a href="user.php" target=' . $frame['menu'] . '>Configuration</a> / ';
echo htmlspecialchars($_POST['username']) . '</h1>';
} else {
echo '<h1 class="np_thread_headline">';
echo '<a href="user.php" target='.$frame['menu'].'>user login</a> / ';
echo htmlspecialchars($_POST['username']).'</h1>';
}
echo '<a href="user.php" target=' . $frame['menu'] . '>user login</a> / ';
echo htmlspecialchars($_POST['username']) . '</h1>';
}
echo '<table cellpadding="0" cellspacing="0" class="np_buttonbar"><tr>';
// Mail button
if($logged_in == true) {
echo '<td>';
echo '<form target="'.$frame['content'].'" method="post" action="mail.php">';
echo '<input name="command" type="hidden" id="command" value="Mail" readonly="readonly">';
echo "<input type='hidden' name='username' value='".$_POST['username']."' />";
echo '<button class="np_button_link" type="submit">Mail</button>';
echo '</form>';
echo '</td>';
// Files button
echo '<td>';
echo '<form target="'.$frame['content'].'" method="post" action="files.php">';
echo '<input name="command" type="hidden" id="command" value="Files" readonly="readonly">';
echo "<input type='hidden' name='username' value='".$_POST['username']."' />";
echo '<button class="np_button_link" type="submit">Files</button>';
echo '</form>';
echo '</td>';
// Configuration button
echo '<td>';
echo '<form target="'.$frame['content'].'" method="post" action="user.php">';
echo '<input name="command" type="hidden" id="command" value="Configuration" readonly="readonly">';
echo "<input type='hidden' name='username' value='".$_POST['username']."' />";
echo '<button class="np_button_link" type="submit">Configuration</button>';
echo '</form>';
echo '</td>';
// Logout button
echo '<td>';
echo '<form target="'.$frame['content'].'" method="post" action="user.php">';
echo '<input name="command" type="hidden" id="command" value="Logout" readonly="readonly">';
echo "<input type='hidden' name='username' value='".$_POST['username']."' />";
echo '<button class="np_button_link" type="submit">Logout</button>';
echo '</form>';
echo '</td>';
}
echo '<td width=100%></td></tr></table>';
if(isset($_POST['username'])) {
$name = $_POST['username'];
// Save name in cookie
if ($setcookies==true) {
setcookie("mail_name",stripslashes($name),time()+(3600*24*90));
}
} else {
if ($setcookies) {
if ((isset($_COOKIE["mail_name"])) && (!isset($name))) {
$name=$_COOKIE["mail_name"];
} else {
$name = '';
}
}
if ($logged_in == true) {
echo '<td>';
echo '<form target="' . $frame['content'] . '" method="post" action="mail.php">';
echo '<input name="command" type="hidden" id="command" value="Mail" readonly="readonly">';
echo "<input type='hidden' name='username' value='" . $_POST['username'] . "' />";
echo '<button class="np_button_link" type="submit">Mail</button>';
echo '</form>';
echo '</td>';
// Files button
echo '<td>';
echo '<form target="' . $frame['content'] . '" method="post" action="files.php">';
echo '<input name="command" type="hidden" id="command" value="Files" readonly="readonly">';
echo "<input type='hidden' name='username' value='" . $_POST['username'] . "' />";
echo '<button class="np_button_link" type="submit">Files</button>';
echo '</form>';
echo '</td>';
// Configuration button
echo '<td>';
echo '<form target="' . $frame['content'] . '" method="post" action="user.php">';
echo '<input name="command" type="hidden" id="command" value="Configuration" readonly="readonly">';
echo "<input type='hidden' name='username' value='" . $_POST['username'] . "' />";
echo '<button class="np_button_link" type="submit">Configuration</button>';
echo '</form>';
echo '</td>';
// Logout button
echo '<td>';
echo '<form target="' . $frame['content'] . '" method="post" action="user.php">';
echo '<input name="command" type="hidden" id="command" value="Logout" readonly="readonly">';
echo "<input type='hidden' name='username' value='" . $_POST['username'] . "' />";
echo '<button class="np_button_link" type="submit">Logout</button>';
echo '</form>';
echo '</td>';
}
if($logged_in !== true) {
echo '<table border="0" align="center" cellpadding="0" cellspacing="1">';
echo '<form name="form1" method="post" action="user.php" enctype="multipart/form-data">';
echo '<tr><td><strong>Please Login<br /></strong></td></tr>';
echo '<tr><td>Username:</td><td><input name="username" type="text" id="username" value="'.$name.'"></td></tr>';
echo '<tr><td>Password:</td><td><input name="password" type="password" id="password"></td></tr>';
echo '<td><input name="command" type="hidden" id="command" value="Login" readonly="readonly"></td>';
echo '<input type="hidden" name="key" value="'.password_hash($CONFIG['thissitekey'].$name, PASSWORD_DEFAULT).'">';
echo '<td>&nbsp;</td>';
echo '<td><input type="submit" name="Submit" value="Login"></td>';
echo '</tr>';
echo '</form>';
echo '</table>';
exit(0);
}
echo '<td width=100%></td></tr></table>';
$user = strtolower($_POST['username']);
$_SESSION['username'] = $user;
unset($user_config);
$userfile=$spooldir.'/'.$user.'-articleviews.dat';
if(is_file($userfile)) {
$userdata = unserialize(file_get_contents($userfile));
}
// Show Logged-In Message
if($_POST['command'] != 'Configuration' && $_POST['command'] != 'SaveConfig') {
echo "<center>";
echo "<hr><p>You are logged in as ".$_POST['username']."</p>";
echo '</center>';
}
// Apply Config
if(isset($_POST['command']) && $_POST['command'] == 'SaveConfig') {
$user_config['signature'] = $_POST['signature'];
$user_config['xface'] = $_POST['xface'];
$user_config['timezone'] = $_POST['timezone'];
$user_config['theme'] = $_POST['listbox'];
file_put_contents($config_dir.'/userconfig/'.$user.'.config', serialize($user_config));
$_SESSION['theme'] = $user_config['theme'];
$mysubs = explode("\n", $_POST['subscribed']);
foreach($mysubs as $sub) {
if(trim($sub) == '') {
continue;
}
$sub = trim($sub);
if(!isset($userdata[$sub])) {
$userdata[$sub] = 0;
}
$newsubs[$sub] = $userdata[$sub];
}
file_put_contents($spooldir.'/'.$user.'-articleviews.dat', serialize($newsubs));
$userdata = unserialize(file_get_contents($userfile));
if($userdata) {
ksort($userdata);
if (isset($_POST['username'])) {
$name = $_POST['username'];
// Save name in cookie
if ($setcookies == true) {
setcookie("mail_name", stripslashes($name), time() + (3600 * 24 * 90));
}
echo 'Configuration Saved for '.$_POST['username'];
} else {
$user_config = unserialize(file_get_contents($config_dir.'/userconfig/'.$user.'.config'));
}
// Get themes
$themedir = $rootdir.'/common/themes';
if(is_dir($themedir)) {
if($theme_list = opendir($themedir)) {
while(($theme_dir = readdir($theme_list)) !== false) {
if($theme_dir == '.' || $theme_dir == '..') {
continue;
} else {
if ($setcookies) {
if ((isset($_COOKIE["mail_name"])) && (! isset($name))) {
$name = $_COOKIE["mail_name"];
} else {
$name = '';
}
$themes[] = $theme_dir;
}
closedir($theme_list);
}
}
sort($themes);
if(isset($_POST['command']) && $_POST['command'] == 'Configuration') {
// Show Config
}
if ($logged_in !== true) {
echo '<table border="0" align="center" cellpadding="0" cellspacing="1">';
echo '<form name="form1" method="post" action="user.php" enctype="multipart/form-data">';
echo '<tr><td><strong>Please Login<br /></strong></td></tr>';
echo '<tr><td>Username:</td><td><input name="username" type="text" id="username" value="' . $name . '"></td></tr>';
echo '<tr><td>Password:</td><td><input name="password" type="password" id="password"></td></tr>';
echo '<td><input name="command" type="hidden" id="command" value="Login" readonly="readonly"></td>';
echo '<input type="hidden" name="key" value="' . password_hash($CONFIG['thissitekey'] . $name, PASSWORD_DEFAULT) . '">';
echo '<td>&nbsp;</td>';
echo '<td><input type="submit" name="Submit" value="Login"></td>';
echo '</tr>';
echo '</form>';
echo '</table>';
exit(0);
}
$user = strtolower($_POST['username']);
$_SESSION['username'] = $user;
unset($user_config);
$userfile = $spooldir . '/' . $user . '-articleviews.dat';
if (is_file($userfile)) {
$userdata = unserialize(file_get_contents($userfile));
}
// Show Logged-In Message
if ($_POST['command'] != 'Configuration' && $_POST['command'] != 'SaveConfig') {
echo "<center>";
echo "<hr><p>You are logged in as " . $_POST['username'] . "</p>";
echo '</center>';
}
// Apply Config
if (isset($_POST['command']) && $_POST['command'] == 'SaveConfig') {
$user_config['signature'] = $_POST['signature'];
$user_config['xface'] = $_POST['xface'];
$user_config['timezone'] = $_POST['timezone'];
$user_config['theme'] = $_POST['listbox'];
file_put_contents($config_dir . '/userconfig/' . $user . '.config', serialize($user_config));
$_SESSION['theme'] = $user_config['theme'];
$mysubs = explode("\n", $_POST['subscribed']);
foreach ($mysubs as $sub) {
if (trim($sub) == '') {
continue;
}
$sub = trim($sub);
if (! isset($userdata[$sub])) {
$userdata[$sub] = 0;
}
$newsubs[$sub] = $userdata[$sub];
}
file_put_contents($spooldir . '/' . $user . '-articleviews.dat', serialize($newsubs));
$userdata = unserialize(file_get_contents($userfile));
if ($userdata) {
ksort($userdata);
}
echo 'Configuration Saved for ' . $_POST['username'];
} else {
$user_config = unserialize(file_get_contents($config_dir . '/userconfig/' . $user . '.config'));
}
// Get themes
$themedir = $rootdir . '/common/themes';
if (is_dir($themedir)) {
if ($theme_list = opendir($themedir)) {
while (($theme_dir = readdir($theme_list)) !== false) {
if ($theme_dir == '.' || $theme_dir == '..') {
continue;
}
$themes[] = $theme_dir;
}
closedir($theme_list);
}
}
sort($themes);
if (isset($_POST['command']) && $_POST['command'] == 'Configuration') {
// Show Config
echo '<hr><h1 class="np_thread_headline">Configuration:</h1>';
echo '<table cellspacing="0" width="100%" class="np_results_table">';
echo '<tr class="np_thread_head"><td class="np_thread_head">Settings for '.$_POST['username'].' (leave blank for none):</td></tr>';
echo '<tr class="np_thread_head"><td class="np_thread_head">Settings for ' . $_POST['username'] . ' (leave blank for none):</td></tr>';
echo '<form method="post" action="user.php">';
echo '<tr class="np_result_line1">';
// Signature
echo '<td class="np_result_line1" style="word-wrap:break-word";>Signature:</td>';
echo '</tr><tr><td class="np_result_line1" style="word-wrap:break-word";><textarea class="configuration" id="signature" name="signature" rows="6" cols="70">'.$user_config['signature'];
echo '</textarea></td>';
echo '</tr>';
// X-Face
echo '<td class="np_result_line1" style="word-wrap:break-word";>X-Face:</td>';
echo '</tr><tr><td class="np_result_line1" style="word-wrap:break-word";><textarea class="configuration" id="xface" name="xface" rows="4" cols="80">'.$user_config['xface'];
echo '</textarea></td>';
echo '</tr>';
// Theme
echo '<td class="np_result_line1" style="word-wrap:break-word";>Theme: ('.$user_config['theme'].')</td>';
echo '</tr><tr><td class="np_result_line1" style="word-wrap:break-word">';
echo '<select name="listbox" class="theme_listbox" size="10">';
foreach ($themes as $theme) {
if($theme == $user_config['theme']) {
echo '<option value="'.$theme.'" selected="selected">'.$theme.'</option>';
} else {
echo '<option value="'.$theme.'">'.$theme.'</option>';
}
}
echo '</select>';
echo '</td>';
echo '</tr>';
// Subscriptions
echo '<td class="np_result_line1" style="word-wrap:break-word";>Subscribed:</td>';
echo '</tr><tr><td class="np_result_line1" style="word-wrap:break-word";><textarea class="configuration" id="subscribed" name="subscribed" rows="10" cols="40">';
foreach($userdata as $key => $value) {
echo $key."\n";
// Signature
echo '<td class="np_result_line1" style="word-wrap:break-word";>Signature:</td>';
echo '</tr><tr><td class="np_result_line1" style="word-wrap:break-word";><textarea class="configuration" id="signature" name="signature" rows="6" cols="70">' . $user_config['signature'];
echo '</textarea></td>';
echo '</tr>';
// X-Face
echo '<td class="np_result_line1" style="word-wrap:break-word";>X-Face:</td>';
echo '</tr><tr><td class="np_result_line1" style="word-wrap:break-word";><textarea class="configuration" id="xface" name="xface" rows="4" cols="80">' . $user_config['xface'];
echo '</textarea></td>';
echo '</tr>';
// Theme
echo '<td class="np_result_line1" style="word-wrap:break-word";>Theme: (' . $user_config['theme'] . ')</td>';
echo '</tr><tr><td class="np_result_line1" style="word-wrap:break-word">';
echo '<select name="listbox" class="theme_listbox" size="10">';
foreach ($themes as $theme) {
if ($theme == $user_config['theme']) {
echo '<option value="' . $theme . '" selected="selected">' . $theme . '</option>';
} else {
echo '<option value="' . $theme . '">' . $theme . '</option>';
}
echo '</textarea></td>';
echo '</tr>';
/*
// Timezone
echo '<td class="np_result_line1" style="word-wrap:break-word";>Timezone offset (+/- hours from UTC):</td>';
echo '</tr><tr><td class="np_result_line1" style="word-wrap:break-word";><input type="text" name="timezone" value="'.$user_config[timezone].'"></td>';
echo '</tr>';
*/
echo '<td class="np_result_line2" style="word-wrap:break-word";>';
echo '<button class="np_button_link" type="submit">Save Configuration</button>';
echo '<a href="'.$_SERVER['PHP_SELF'].'">Cancel</a>';
echo '</td></tr>';
echo '<input name="command" type="hidden" id="command" value="SaveConfig" readonly="readonly">';
}
echo '</select>';
echo '</td>';
echo '</tr>';
// Subscriptions
echo '<td class="np_result_line1" style="word-wrap:break-word";>Subscribed:</td>';
echo '</tr><tr><td class="np_result_line1" style="word-wrap:break-word";><textarea class="configuration" id="subscribed" name="subscribed" rows="10" cols="40">';
foreach ($userdata as $key => $value) {
echo $key . "\n";
}
echo '</textarea></td>';
echo '</tr>';
/*
* // Timezone
* echo '<td class="np_result_line1" style="word-wrap:break-word";>Timezone offset (+/- hours from UTC):</td>';
* echo '</tr><tr><td class="np_result_line1" style="word-wrap:break-word";><input type="text" name="timezone" value="'.$user_config[timezone].'"></td>';
* echo '</tr>';
*/
echo '<td class="np_result_line2" style="word-wrap:break-word";>';
echo '<button class="np_button_link" type="submit">Save Configuration</button>';
echo '<a href="' . $_SERVER['PHP_SELF'] . '">Cancel</a>';
echo '</td></tr>';
echo '<input name="command" type="hidden" id="command" value="SaveConfig" readonly="readonly">';
echo '</form>';
echo '</tbody></table><br />';
} else {
} else {
echo '<br />';
}
include "tail.inc";
}
include "tail.inc";
?>