novabbs
/
rocksolid-light
2
0
Fork 1
Code Issues 15 Pull Requests Releases Wiki Activity

Only changes to indentation. No other changes.

This commit is contained in:
Retro_Guy 2023-08-19 15:33:05 -07:00
parent 747227931a
commit 17e8a5dd5e
21 changed files with 5982 additions and 5758 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

297
Rocksolid_Light/rocksolid/article-flat.php
View File

@ -1,79 +1,82 @@
<?php <?php
session_start(); session_start();
header("Expires: ".gmdate("D, d M Y H:i:s",time()+(600))." GMT"); header("Expires: " . gmdate("D, d M Y H:i:s", time() + (600)) . " GMT");
header("Cache-Control: max-age=100"); header("Cache-Control: max-age=100");
header("Pragma: cache"); header("Pragma: cache");
include "config.inc.php"; include "config.inc.php";
include "auth.inc"; include "auth.inc";
include "$file_newsportal"; include "$file_newsportal";
$logfile=$logdir.'/newsportal.log'; $logfile = $logdir . '/newsportal.log';
throttle_hits(); throttle_hits();
write_access_log(); write_access_log();
if(isset($_COOKIE['mail_name'])) { if (isset($_COOKIE['mail_name'])) {
if($userdata = get_user_mail_auth_data($_COOKIE['mail_name'])) { if ($userdata = get_user_mail_auth_data($_COOKIE['mail_name'])) {
$userfile=$spooldir.'/'.strtolower($_COOKIE['mail_name']).'-articleviews.dat'; $userfile = $spooldir . '/' . strtolower($_COOKIE['mail_name']) . '-articleviews.dat';
} }
} }
// register parameters // register parameters
$id=$_REQUEST["id"]; $id = $_REQUEST["id"];
$group=_rawurldecode($_REQUEST["group"]); $group = _rawurldecode($_REQUEST["group"]);
// Switch to correct section in case group has been moved and link is to old section // Switch to correct section in case group has been moved and link is to old section
$findsection = get_section_by_group($group); $findsection = get_section_by_group($group);
if(trim($findsection) !== $config_name) { if (trim($findsection) !== $config_name) {
if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on') if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on')
$link = "https"; $link = "https";
else $link = "http"; else
$link .= "://"; $link = "http";
$link .= $_SERVER['HTTP_HOST']; $link .= "://";
$link .= $_SERVER['REQUEST_URI']; $link .= $_SERVER['HTTP_HOST'];
$newurl = preg_replace("|/$config_name/|", "/$findsection/", $link); $link .= $_SERVER['REQUEST_URI'];
header("Location:$newurl"); $newurl = preg_replace("|/$config_name/|", "/$findsection/", $link);
die(); header("Location:$newurl");
} die();
if(strpos($id, '@') !== false) { }
if($CONFIG['article_database'] == '1') { if (strpos($id, '@') !== false) {
$database = $spooldir.'/articles-overview.db3'; if ($CONFIG['article_database'] == '1') {
$articles_dbh = overview_db_open($database); $database = $spooldir . '/articles-overview.db3';
$articles_query = $articles_dbh->prepare('SELECT * FROM overview WHERE msgid=:messageid'); $articles_dbh = overview_db_open($database);
$articles_query->execute(['messageid' => $id]); $articles_query = $articles_dbh->prepare('SELECT * FROM overview WHERE msgid=:messageid');
$found = 0; $articles_query->execute([
while ($row = $articles_query->fetch()) { 'messageid' => $id
$id = $row['number']; ]);
$group = $row['newsgroup']; $found = 0;
$found = 1; while ($row = $articles_query->fetch()) {
break; $id = $row['number'];
} $group = $row['newsgroup'];
$dbh = null; $found = 1;
if($found) { break;
$newurl = 'article-flat.php?id='.$id.'&group='.$group.'#'.$id; }
header("Location: $newurl"); $dbh = null;
die(); if ($found) {
} $newurl = 'article-flat.php?id=' . $id . '&group=' . $group . '#' . $id;
header("Location: $newurl");
die();
}
} }
} }
if(isset($_REQUEST["first"])) if (isset($_REQUEST["first"]))
$first=$_REQUEST["first"]; $first = $_REQUEST["first"];
$_SESSION['rsactive'] = true; $_SESSION['rsactive'] = true;
if(!isset($_SERVER['REQUEST_STRING'])) { if (! isset($_SERVER['REQUEST_STRING'])) {
$_SERVER['REQUEST_STRING'] = ''; $_SERVER['REQUEST_STRING'] = '';
} }
$location = $_SERVER['REQUEST_URI'].$_SERVER['REQUEST_STRING']; $location = $_SERVER['REQUEST_URI'] . $_SERVER['REQUEST_STRING'];
$_SESSION['return_page'] = $location.'#'.$id; $_SESSION['return_page'] = $location . '#' . $id;
// file_put_contents($accessfile, "\n".format_log_date()." ".$config_name." ".$group.":".$id, FILE_APPEND); // file_put_contents($accessfile, "\n".format_log_date()." ".$config_name." ".$group.":".$id, FILE_APPEND);
if($userdata) { if ($userdata) {
$userdata[$group] = time(); $userdata[$group] = time();
file_put_contents($userfile, serialize($userdata)); file_put_contents($userfile, serialize($userdata));
} }
if(isset($frames_on) && $frames_on === true) { if (isset($frames_on) && $frames_on === true) {
?> ?>
<script> <script>
var contentURL=window.location.pathname+window.location.search+window.location.hash; var contentURL=window.location.pathname+window.location.search+window.location.hash;
if ( window.self !== window.top ) { if ( window.self !== window.top ) {
@ -86,102 +89,94 @@ if(isset($frames_on) && $frames_on === true) {
<?php <?php
} }
$message=message_read($id,0,$group); $message = message_read($id, 0, $group);
if (!$message) { if (! $message) {
header ("HTTP/1.0 404 Not Found"); header("HTTP/1.0 404 Not Found");
$subject=$title; $subject = $title;
$title.=' - Article not found'; $title .= ' - Article not found';
if($ns!=false) if ($ns != false)
nntp_close($ns); nntp_close($ns);
} else { } else {
$subject=htmlspecialchars($message->header->subject); $subject = htmlspecialchars($message->header->subject);
header("Last-Modified: ".date("r", $message->header->date)); header("Last-Modified: " . date("r", $message->header->date));
$title.= ' - '.$group.' - '.$subject; $title .= ' - ' . $group . ' - ' . $subject;
}
include "head.inc";
echo '<h1 class="np_thread_headline">';
echo '<a href="'.$file_index.'" target='.$frame['menu'].'>'.basename(getcwd()).'</a> / ';
echo '<a href="'.$file_thread.'?group='.rawurlencode($group).'" target='.$frame["content"].'>'.htmlspecialchars(group_display_name($group)).'</a> / '.$subject.'</h1>';
if(!$message) {
echo "Article not found";
include "tail.inc";
exit(0);
} }
include "head.inc";
if($message) { echo '<h1 class="np_thread_headline">';
// load thread-data and get IDs of the actual subthread echo '<a href="' . $file_index . '" target=' . $frame['menu'] . '>' . basename(getcwd()) . '</a> / ';
$thread=thread_load($group); echo '<a href="' . $file_thread . '?group=' . rawurlencode($group) . '" target=' . $frame["content"] . '>' . htmlspecialchars(group_display_name($group)) . '</a> / ' . $subject . '</h1>';
$subthread=thread_getsubthreadids($message->header->id,$thread);
if($thread_articles == false) {
sort($subthread);
}
// If no page is set, lets look, if we can calculate the page by
// the message-number
if(!isset($first)) {
$first=intval(array_search($id,$subthread)/$articleflat_articles_per_page)*
$articleflat_articles_per_page+1;
}
// which articles are exactly on this page? if (! $message) {
$pageids=array(); echo "Article not found";
for($i=$first-1; (($i<count($subthread)) && include "tail.inc";
($i<$first+$articleflat_articles_per_page-1)); $i++) { exit(0);
$pageids[]=$subthread[$i]; }
}
// display the thread on top if ($message) {
// change some of the default threadstyle-values // load thread-data and get IDs of the actual subthread
$thread_show["replies"]=true; $thread = thread_load($group);
$thread_show["threadsize"]=false; $subthread = thread_getsubthreadids($message->header->id, $thread);
$thread_show["lastdate"]=false; if ($thread_articles == false) {
$thread_show["latest"]=false; sort($subthread);
$thread_show["author"]=true;
//message_thread($message->header->id,$group,$thread,$pageids);
message_thread($message->header->id,$group,$thread,false);
echo '<br>';
echo '<a name="start"></a>';
// navigation line
echo '<table cellpadding="0" cellspacing="0" width="100%" class="np_buttonbar"><tr>';
// Article List button
echo '<td>';
echo '<form action="'.$file_thread.'">';
echo '<input type="hidden" name="group" value="'.rawurlencode($group).'"/>';
echo '<button class="np_button_link" type="submit">'.htmlspecialchars(group_display_name($group)).'</button>';
echo '</form>';
echo '</td>';
// Pages
echo '<td class="np_pages" width="100%" align="right">';
echo articleflat_pageselect($group,$id,count($subthread),$first);
echo '</td></tr></table>';
foreach($pageids as $subid) {
flush();
$message=message_read($subid,0,$group);
echo '<a name="'.$subid.'"> </a>';
message_show($group,$subid,0,$message,$articleflat_chars_per_articles);
if ((!$CONFIG['readonly']) && ($message)) {
echo '<form action="'.$file_post.'">'.
'<input type="hidden" name="id" value="'.urlencode($subid).'">'.
'<input type="hidden" name="type" value="reply">'.
'<input type="hidden" name="group" value="'.urlencode($group).'">'.
'<input type="submit" value="'.$text_article["button_answer"].
'">'.
'</form>';
} }
} // If no page is set, lets look, if we can calculate the page by
// navigation line // the message-number
echo '<table cellpadding="0" cellspacing="0" width="100%" class="np_buttonbar"><tr>'; if (! isset($first)) {
// Article List button $first = intval(array_search($id, $subthread) / $articleflat_articles_per_page) * $articleflat_articles_per_page + 1;
}
// which articles are exactly on this page?
$pageids = array();
for ($i = $first - 1; (($i < count($subthread)) && ($i < $first + $articleflat_articles_per_page - 1)); $i ++) {
$pageids[] = $subthread[$i];
}
// display the thread on top
// change some of the default threadstyle-values
$thread_show["replies"] = true;
$thread_show["threadsize"] = false;
$thread_show["lastdate"] = false;
$thread_show["latest"] = false;
$thread_show["author"] = true;
// message_thread($message->header->id,$group,$thread,$pageids);
message_thread($message->header->id, $group, $thread, false);
echo '<br>';
echo '<a name="start"></a>';
// navigation line
echo '<table cellpadding="0" cellspacing="0" width="100%" class="np_buttonbar"><tr>';
// Article List button
echo '<td>'; echo '<td>';
echo '<form action="'.$file_thread.'">'; echo '<form action="' . $file_thread . '">';
echo '<input type="hidden" name="group" value="'.rawurlencode($group).'"/>'; echo '<input type="hidden" name="group" value="' . rawurlencode($group) . '"/>';
echo '<button class="np_button_link" type="submit">'.htmlspecialchars(group_display_name($group)).'</button>'; echo '<button class="np_button_link" type="submit">' . htmlspecialchars(group_display_name($group)) . '</button>';
echo '</form>'; echo '</form>';
echo '</td>'; echo '</td>';
// Pages // Pages
echo '<td class="np_pages" width="100%" align="right">'; echo '<td class="np_pages" width="100%" align="right">';
echo articleflat_pageselect($group,$id,count($subthread),$first); echo articleflat_pageselect($group, $id, count($subthread), $first);
echo '</td></tr></table>';
foreach ($pageids as $subid) {
flush();
$message = message_read($subid, 0, $group);
echo '<a name="' . $subid . '"> </a>';
message_show($group, $subid, 0, $message, $articleflat_chars_per_articles);
if ((! $CONFIG['readonly']) && ($message)) {
echo '<form action="' . $file_post . '">' . '<input type="hidden" name="id" value="' . urlencode($subid) . '">' . '<input type="hidden" name="type" value="reply">' . '<input type="hidden" name="group" value="' . urlencode($group) . '">' . '<input type="submit" value="' . $text_article["button_answer"] . '">' . '</form>';
}
}
// navigation line
echo '<table cellpadding="0" cellspacing="0" width="100%" class="np_buttonbar"><tr>';
// Article List button
echo '<td>';
echo '<form action="' . $file_thread . '">';
echo '<input type="hidden" name="group" value="' . rawurlencode($group) . '"/>';
echo '<button class="np_button_link" type="submit">' . htmlspecialchars(group_display_name($group)) . '</button>';
echo '</form>';
echo '</td>';
// Pages
echo '<td class="np_pages" width="100%" align="right">';
echo articleflat_pageselect($group, $id, count($subthread), $first);
echo '</td></tr></table>'; echo '</td></tr></table>';
} }
include "tail.inc"; include "tail.inc";

111
Rocksolid_Light/rocksolid/article.php
View File

@ -1,23 +1,23 @@
<?php <?php
session_start(); session_start();
header("Expires: ".gmdate("D, d M Y H:i:s",time()+(3600*24))." GMT"); header("Expires: " . gmdate("D, d M Y H:i:s", time() + (3600 * 24)) . " GMT");
include "config.inc.php"; include "config.inc.php";
include "auth.inc"; include "auth.inc";
include "$file_newsportal"; include "$file_newsportal";
throttle_hits(); throttle_hits();
// register parameters // register parameters
$id=$_REQUEST["id"]; $id = $_REQUEST["id"];
$group=_rawurldecode($_REQUEST["group"]); $group = _rawurldecode($_REQUEST["group"]);
$thread_show["replies"]=true; $thread_show["replies"] = true;
$thread_show["lastdate"]=false; $thread_show["lastdate"] = false;
$thread_show["threadsize"]=false; $thread_show["threadsize"] = false;
if(isset($frames_on) && $frames_on === true) { if (isset($frames_on) && $frames_on === true) {
?> ?>
<script> <script>
var contentURL=window.location.pathname+window.location.search+window.location.hash; var contentURL=window.location.pathname+window.location.search+window.location.hash;
if ( window.self !== window.top ) { if ( window.self !== window.top ) {
@ -30,55 +30,52 @@ if(isset($frames_on) && $frames_on === true) {
<?php <?php
} }
$location = $_SERVER['REQUEST_URI'].$_SERVER['REQUEST_STRING']; $location = $_SERVER['REQUEST_URI'] . $_SERVER['REQUEST_STRING'];
preg_match('/id=(.*)&/', $location, $hash); preg_match('/id=(.*)&/', $location, $hash);
$_SESSION['return_page'] = $location.'#'.$hash[1]; $_SESSION['return_page'] = $location . '#' . $hash[1];
$message=message_read($id,0,$group); $message = message_read($id, 0, $group);
if (!$message) { if (! $message) {
header ("HTTP/1.0 404 Not Found"); header("HTTP/1.0 404 Not Found");
$subject=$title; $subject = $title;
$title.=' - Article not found'; $title .= ' - Article not found';
if($ns!=false) if ($ns != false)
nntp_close($ns); nntp_close($ns);
} else { } else {
$subject=htmlspecialchars($message->header->subject); $subject = htmlspecialchars($message->header->subject);
header("Last-Modified: ".date("r", $message->header->date)); header("Last-Modified: " . date("r", $message->header->date));
$title.= ' - '.$group.' - '.$subject; $title .= ' - ' . $group . ' - ' . $subject;
} }
include "head.inc"; include "head.inc";
// has the user read-rights on this article? // has the user read-rights on this article?
if((function_exists("npreg_group_has_read_access") && if ((function_exists("npreg_group_has_read_access") && ! npreg_group_has_read_access($group)) || (function_exists("npreg_group_is_visible") && ! npreg_group_is_visible($group))) {
!npreg_group_has_read_access($group)) ||
(function_exists("npreg_group_is_visible") &&
!npreg_group_is_visible($group))) {
die("access denied"); die("access denied");
} }
echo '<h1 class="np_thread_headline">'; echo '<h1 class="np_thread_headline">';
echo '<a href="'.$file_index.'" target='.$frame['menu'].'>'.basename(getcwd()).'</a> / '; echo '<a href="' . $file_index . '" target=' . $frame['menu'] . '>' . basename(getcwd()) . '</a> / ';
echo '<a href="'.$file_thread.'?group='.rawurlencode($group).'" target='.$frame["content"].'>'.htmlspecialchars(group_display_name($group)).'</a> / '.$subject.'</h1>'; echo '<a href="' . $file_thread . '?group=' . rawurlencode($group) . '" target=' . $frame["content"] . '>' . htmlspecialchars(group_display_name($group)) . '</a> / ' . $subject . '</h1>';
echo '<table cellpadding="0" cellspacing="0" width="100%" class="np_buttonbar"><tr>'; echo '<table cellpadding="0" cellspacing="0" width="100%" class="np_buttonbar"><tr>';
// Article List button // Article List button
echo '<td>'; echo '<td>';
echo '<form action="'.$file_thread.'">'; echo '<form action="' . $file_thread . '">';
echo '<input type="hidden" name="group" value="'.rawurlencode($group).'"/>'; echo '<input type="hidden" name="group" value="' . rawurlencode($group) . '"/>';
echo '<button class="np_button_link" type="submit">'.htmlspecialchars(group_display_name($group)).'</button>'; echo '<button class="np_button_link" type="submit">' . htmlspecialchars(group_display_name($group)) . '</button>';
echo '</form>'; echo '</form>';
echo '</td>'; echo '</td>';
echo '</tr></table>'; echo '</tr></table>';
if (!$message) if (! $message)
// article not found // article not found
echo $text_error["article_not_found"]; echo $text_error["article_not_found"];
else { else {
if($article_showthread) if ($article_showthread)
$thread=thread_cache_load($group); $thread = thread_cache_load($group);
//echo "<br>"; // echo "<br>";
message_show($group,$id,0,$message); message_show($group, $id, 0, $message);
if($article_showthread) if ($article_showthread)
message_thread($message->header->id,$group,$thread); message_thread($message->header->id, $group, $thread);
} }
include "tail.inc"; include "tail.inc";
?> ?>

74
Rocksolid_Light/rocksolid/index.php
View File

@ -1,12 +1,12 @@
<?php <?php
session_start(); session_start();
$_SESSION['isframed'] = 1; $_SESSION['isframed'] = 1;
include "config.inc.php"; include "config.inc.php";
include "auth.inc"; include "auth.inc";
if (isset($frames_on) && $frames_on === true) { if (isset($frames_on) && $frames_on === true) {
?> ?>
<script> <script>
var contentURL=window.location.pathname+window.location.search+window.location.hash; var contentURL=window.location.pathname+window.location.search+window.location.hash;
if ( window.self !== window.top ) { if ( window.self !== window.top ) {
@ -18,56 +18,56 @@ if (isset($frames_on) && $frames_on === true) {
</script> </script>
<?php <?php
} }
$title.=' - '.basename(getcwd()); $title .= ' - ' . basename(getcwd());
include "head.inc"; include "head.inc";
echo '<h1 class="np_thread_headline">'.basename(getcwd()).'</h1>'; echo '<h1 class="np_thread_headline">' . basename(getcwd()) . '</h1>';
echo '<table cellpadding="0" cellspacing="0" class="np_buttonbar"><tr>'; echo '<table cellpadding="0" cellspacing="0" class="np_buttonbar"><tr>';
// View Latest button // View Latest button
if (isset($overboard) && ($overboard == true)) { if (isset($overboard) && ($overboard == true)) {
echo '<td>'; echo '<td>';
echo '<form target="'.$frame['content'].'" action="overboard.php">'; echo '<form target="' . $frame['content'] . '" action="overboard.php">';
echo '<button class="np_button_link" type="submit">'.$text_thread["button_overboard"].'</button>'; echo '<button class="np_button_link" type="submit">' . $text_thread["button_overboard"] . '</button>';
echo '</form>'; echo '</form>';
echo '</td>'; echo '</td>';
} else { } else {
// echo htmlspecialchars($CONFIG['title_full']); // echo htmlspecialchars($CONFIG['title_full']);
} }
// Search button // Search button
echo '<td>'; echo '<td>';
echo '<form target="'.$frame['content'].'" action="search.php">'; echo '<form target="' . $frame['content'] . '" action="search.php">';
echo '<button class="np_button_link" type="submit">'.$text_thread["button_search"].'</button>'; echo '<button class="np_button_link" type="submit">' . $text_thread["button_search"] . '</button>';
echo '</form>'; echo '</form>';
echo '</td>'; echo '</td>';
echo '<td width=100%></td></tr></table>'; echo '<td width=100%></td></tr></table>';
include("$file_newsportal"); include ("$file_newsportal");
flush(); flush();
if(isset($_GET['unsub'])) { if (isset($_GET['unsub'])) {
if(isset($_COOKIE['mail_name'])) { if (isset($_COOKIE['mail_name'])) {
if($userdata = get_user_mail_auth_data($_COOKIE['mail_name'])) { if ($userdata = get_user_mail_auth_data($_COOKIE['mail_name'])) {
$userfile=$spooldir.'/'.strtolower($_COOKIE['mail_name']).'-articleviews.dat'; $userfile = $spooldir . '/' . strtolower($_COOKIE['mail_name']) . '-articleviews.dat';
$newsubs = array(); $newsubs = array();
foreach($userdata as $key => $usertime) { foreach ($userdata as $key => $usertime) {
if($key !== $_GET['unsub']) { if ($key !== $_GET['unsub']) {
$newsubs[$key] = $usertime; $newsubs[$key] = $usertime;
}
}
$userfile = $spooldir . '/' . strtolower($_COOKIE['mail_name']) . '-articleviews.dat';
file_put_contents($userfile, serialize($newsubs));
} }
}
$userfile=$spooldir.'/'.strtolower($_COOKIE['mail_name']).'-articleviews.dat';
file_put_contents($userfile, serialize($newsubs));
} }
}
} }
$newsgroups=groups_read($server,$port); $newsgroups = groups_read($server, $port);
echo '<div class="np_index_groups">'; echo '<div class="np_index_groups">';
if(isset($frames_on) && $frames_on === true) { if (isset($frames_on) && $frames_on === true) {
groups_show_frames($newsgroups); groups_show_frames($newsgroups);
} else { } else {
groups_show($newsgroups); groups_show($newsgroups);
} }
echo '</div>'; echo '</div>';
$sessions_data = file_get_contents($spooldir.'/sessions.dat'); $sessions_data = file_get_contents($spooldir . '/sessions.dat');
echo '<h1 class="np_thread_headline">'.$sessions_data.'</h1>'; echo '<h1 class="np_thread_headline">' . $sessions_data . '</h1>';
include "tail.inc"; include "tail.inc";
?> ?>

2782
Rocksolid_Light/rocksolid/newsportal.php
View File

File diff suppressed because it is too large Load Diff

589
Rocksolid_Light/rocksolid/overboard.php
View File

@ -1,44 +1,45 @@
<?php <?php
session_start(); session_start();
header("Expires: ".gmdate("D, d M Y H:i:s",time()+(600))." GMT"); header("Expires: " . gmdate("D, d M Y H:i:s", time() + (600)) . " GMT");
header("Cache-Control: max-age=100"); header("Cache-Control: max-age=100");
header("Pragma: cache"); header("Pragma: cache");
/* rocksolid overboard - overboard for rslight /*
* Download: https://news.novabbs.com/getrslight * rocksolid overboard - overboard for rslight
* * Download: https://news.novabbs.com/getrslight
* E-Mail: retroguy@novabbs.com *
* Web: https://news.novabbs.com * E-Mail: retroguy@novabbs.com
* * Web: https://news.novabbs.com
* This program is free software; you can redistribute it and/or modify *
* it under the terms of the GNU General Public License as published by * This program is free software; you can redistribute it and/or modify
* the Free Software Foundation; either version 2 of the License, or * it under the terms of the GNU General Public License as published by
* (at your option) any later version. * the Free Software Foundation; either version 2 of the License, or
* * (at your option) any later version.
* This program is distributed in the hope that it will be useful, *
* but WITHOUT ANY WARRANTY; without even the implied warranty of * This program is distributed in the hope that it will be useful,
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * but WITHOUT ANY WARRANTY; without even the implied warranty of
* GNU General Public License for more details. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* * GNU General Public License for more details.
* You should have received a copy of the GNU General Public License *
* along with this program; if not, write to the Free Software * You should have received a copy of the GNU General Public License
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * along with this program; if not, write to the Free Software
*/ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
?> ?>
<?php <?php
include "config.inc.php"; include "config.inc.php";
include "auth.inc"; include "auth.inc";
include "$file_newsportal"; include "$file_newsportal";
throttle_hits(); throttle_hits();
write_access_log(); write_access_log();
if(isset($_COOKIE['mail_name'])) { if (isset($_COOKIE['mail_name'])) {
if($userdata = get_user_mail_auth_data($_COOKIE['mail_name'])) { if ($userdata = get_user_mail_auth_data($_COOKIE['mail_name'])) {
$userfile=$spooldir.'/'.strtolower($_COOKIE['mail_name']).'-articleviews.dat'; $userfile = $spooldir . '/' . strtolower($_COOKIE['mail_name']) . '-articleviews.dat';
} }
} }
if(isset($frames_on) && $frames_on === true) { if (isset($frames_on) && $frames_on === true) {
?> ?>
<script> <script>
var contentURL=window.location.pathname+window.location.search+window.location.hash; var contentURL=window.location.pathname+window.location.search+window.location.hash;
if ( window.self !== window.top ) { if ( window.self !== window.top ) {
@ -52,19 +53,19 @@ if(isset($frames_on) && $frames_on === true) {
<?php <?php
} }
if (isset($_GET['thisgroup'])) { if (isset($_GET['thisgroup'])) {
$title.=" - "._rawurldecode(_rawurldecode($_GET['thisgroup']))." - latest messages"; $title .= " - " . _rawurldecode(_rawurldecode($_GET['thisgroup'])) . " - latest messages";
} else { } else {
$title.=" - ".$config_name." - overboard"; $title .= " - " . $config_name . " - overboard";
} }
include "head.inc"; include "head.inc";
$CONFIG = include($config_file); $CONFIG = include ($config_file);
$logfile=$logdir.'/overboard.log'; $logfile = $logdir . '/overboard.log';
# How many days old should articles be displayed? # How many days old should articles be displayed?
if (isset($_GET['thisgroup'])) { if (isset($_GET['thisgroup'])) {
$article_age = 30; $article_age = 30;
} else { } else {
$article_age = 30; $article_age = 30;
} }
$version = 1.1; $version = 1.1;
@ -78,355 +79,361 @@ $maxdisplay = 1000;
# How many characters of the body to display per article # How many characters of the body to display per article
$snippetlength = 240; $snippetlength = 240;
$spoolpath_regexp = '/'.preg_replace('/\//', '\\/', $spoolpath).'/'; $spoolpath_regexp = '/' . preg_replace('/\//', '\\/', $spoolpath) . '/';
$thissite = '.'; $thissite = '.';
$groupconfig=$file_groups; $groupconfig = $file_groups;
$cachefile=$spooldir."/".$config_name."-overboard.dat"; $cachefile = $spooldir . "/" . $config_name . "-overboard.dat";
$oldest = (time() - (86400 * $article_age)); $oldest = (time() - (86400 * $article_age));
$prune = false; $prune = false;
if (isset($_GET['time'])) { if (isset($_GET['time'])) {
$user_time = $_GET['time']; $user_time = $_GET['time'];
if(is_numeric($user_time)) { if (is_numeric($user_time)) {
if(($user_time > time()) || ($user_time < $oldest)) { if (($user_time > time()) || ($user_time < $oldest)) {
unset($user_time); unset($user_time);
}
} else {
unset($user_time);
} }
} else {
unset($user_time);
}
} }
if (isset($_GET['thisgroup'])) { if (isset($_GET['thisgroup'])) {
$_GET['thisgroup'] = _rawurldecode($_GET['thisgroup']); $_GET['thisgroup'] = _rawurldecode($_GET['thisgroup']);
if(get_section_by_group($_GET['thisgroup']) == false) { if (get_section_by_group($_GET['thisgroup']) == false) {
echo "Group not found"; echo "Group not found";
exit(1); exit(1);
} }
$grouplist = array(); $grouplist = array();
$grouplist[0] = _rawurldecode(_rawurldecode($_GET['thisgroup'])); $grouplist[0] = _rawurldecode(_rawurldecode($_GET['thisgroup']));
$cachefile=$spooldir."/".$grouplist[0]."-overboard.dat"; $cachefile = $spooldir . "/" . $grouplist[0] . "-overboard.dat";
if($userdata) { if ($userdata) {
$userdata[$grouplist[0]] = time(); $userdata[$grouplist[0]] = time();
file_put_contents($userfile, serialize($userdata)); file_put_contents($userfile, serialize($userdata));
} }
} else { } else {
$grouplist = file($groupconfig, FILE_IGNORE_NEW_LINES); $grouplist = file($groupconfig, FILE_IGNORE_NEW_LINES);
} }
show_overboard_header($grouplist); show_overboard_header($grouplist);
$results=0; $results = 0;
if(!isset($this_overboard['version'])) { if (! isset($this_overboard['version'])) {
$this_overboard['version'] = '0'; $this_overboard['version'] = '0';
} }
if(is_file($cachefile)) { if (is_file($cachefile)) {
$stats = stat($cachefile); $stats = stat($cachefile);
$this_overboard = unserialize(file_get_contents($cachefile)); $this_overboard = unserialize(file_get_contents($cachefile));
$cachedate = ($this_overboard['lastmessage'] - 86400); $cachedate = ($this_overboard['lastmessage'] - 86400);
$oldest = $cachedate; $oldest = $cachedate;
} else { } else {
$cachedate = ($oldest - 86400); $cachedate = ($oldest - 86400);
} }
if($this_overboard['version'] !== $version) { if ($this_overboard['version'] !== $version) {
unset($this_overboard); unset($this_overboard);
if(is_file($cachefile)) { if (is_file($cachefile)) {
unlink($cachefile); unlink($cachefile);
} }
$this_overboard['version'] = $version; $this_overboard['version'] = $version;
$cachedate = ($oldest - 86400); $cachedate = ($oldest - 86400);
} }
# Iterate through groups # Iterate through groups
$database = $spooldir.'/articles-overview.db3'; $database = $spooldir . '/articles-overview.db3';
$table = 'overview'; $table = 'overview';
$dbh = overview_db_open($database, $table); $dbh = overview_db_open($database, $table);
$query = $dbh->prepare('SELECT * FROM '.$table.' WHERE newsgroup=:findgroup AND date >= '.$cachedate.' ORDER BY date DESC LIMIT '.$maxdisplay); $query = $dbh->prepare('SELECT * FROM ' . $table . ' WHERE newsgroup=:findgroup AND date >= ' . $cachedate . ' ORDER BY date DESC LIMIT ' . $maxdisplay);
$articles = array(); $articles = array();
$db_articles = array(); $db_articles = array();
foreach($grouplist as $findgroup) { foreach ($grouplist as $findgroup) {
$groups = preg_split("/(\ |\t)/", $findgroup, 2); $groups = preg_split("/(\ |\t)/", $findgroup, 2);
$findgroup = $groups[0]; $findgroup = $groups[0];
$overboard_noshow = explode(' ', $CONFIG['overboard_noshow']); $overboard_noshow = explode(' ', $CONFIG['overboard_noshow']);
foreach($overboard_noshow as $noshow) { foreach ($overboard_noshow as $noshow) {
if ((strpos($findgroup, $noshow) !== false) && !isset($_GET['thisgroup'])) { if ((strpos($findgroup, $noshow) !== false) && ! isset($_GET['thisgroup'])) {
continue 2; continue 2;
} }
} }
$thisgroup = preg_replace('/\./', '/', $findgroup); $thisgroup = preg_replace('/\./', '/', $findgroup);
if($dbh) { if ($dbh) {
$query->execute(['findgroup' => $findgroup]); $query->execute([
$i=0; 'findgroup' => $findgroup
while (($overviewline = $query->fetch()) !== false) { ]);
$articles[] = $spoolpath.$thisgroup.'/'.$overviewline['number']; $i = 0;
$db_articles[] = $findgroup.':'.$overviewline['number'].':'.$overviewline['date'].':'.$overviewline['name']; while (($overviewline = $query->fetch()) !== false) {
$i++; $articles[] = $spoolpath . $thisgroup . '/' . $overviewline['number'];
if($i > $maxdisplay) { $db_articles[] = $findgroup . ':' . $overviewline['number'] . ':' . $overviewline['date'] . ':' . $overviewline['name'];
break; $i ++;
} if ($i > $maxdisplay) {
} break;
} }
}
}
} }
$dbh = null; $dbh = null;
$files = array(); $files = array();
if($CONFIG['article_database'] == '1') { if ($CONFIG['article_database'] == '1') {
foreach($db_articles as $article) { foreach ($db_articles as $article) {
$order=explode(':', $article); $order = explode(':', $article);
$files[$order[2]] = $article; $files[$order[2]] = $article;
} }
} else { } else {
foreach($articles as $article) { foreach ($articles as $article) {
if(is_dir($article)) { if (is_dir($article)) {
continue; continue;
}
$files[filemtime($article)] = $article;
} }
$files[filemtime($article)] = $article;
}
} }
krsort($files); krsort($files);
foreach($files as $article) { foreach ($files as $article) {
if($CONFIG['article_database'] == '1') { if ($CONFIG['article_database'] == '1') {
$data = explode(':', $article); $data = explode(':', $article);
$articledata = np_get_db_article($data[1], $data[0], 0); $articledata = np_get_db_article($data[1], $data[0], 0);
} else { } else {
$articledata = file_get_contents($article); $articledata = file_get_contents($article);
} }
$bodystart = strpos($articledata, $localeol); $bodystart = strpos($articledata, $localeol);
$header = substr($articledata, 0, $bodystart); $header = substr($articledata, 0, $bodystart);
# Find group name and article number # Find group name and article number
if($CONFIG['article_database'] == '1') { if ($CONFIG['article_database'] == '1') {
$group = $data[0]; $group = $data[0];
$articlenumber = $data[1]; $articlenumber = $data[1];
$groupname = $group; $groupname = $group;
} else { } else {
$group = preg_replace($spoolpath_regexp, '', $article); $group = preg_replace($spoolpath_regexp, '', $article);
$group = preg_replace('/\//', '.', $group); $group = preg_replace('/\//', '.', $group);
$findme = strrpos($group, '.'); $findme = strrpos($group, '.');
$groupname = substr($group, 0, $findme); $groupname = substr($group, 0, $findme);
$articlenumber = substr($group, $findme+1); $articlenumber = substr($group, $findme + 1);
} }
preg_match('/Message-ID:.*/i', $header, $articleid); preg_match('/Message-ID:.*/i', $header, $articleid);
$getid = explode(": ", $articleid[0]); $getid = explode(": ", $articleid[0]);
$thismsgid = $getid[1]; $thismsgid = $getid[1];
if(isset($this_overboard['msgids'][$thismsgid])) { if (isset($this_overboard['msgids'][$thismsgid])) {
continue; continue;
} }
$isref = preg_match('/References:.*/i', $header, $ref); $isref = preg_match('/References:.*/i', $header, $ref);
if($isref) { if ($isref) {
$getrefs = explode(': ', $ref[0]); $getrefs = explode(': ', $ref[0]);
$ref = preg_split("/[\s]+/", $getrefs[1]); $ref = preg_split("/[\s]+/", $getrefs[1]);
if($getrefs[1] && $refid = get_data_from_msgid($ref[0])) { if ($getrefs[1] && $refid = get_data_from_msgid($ref[0])) {
// Check that article to link is new enough for newsportal to display // Check that article to link is new enough for newsportal to display
$groupinfo = file($spooldir.'/'.$refid["newsgroup"].'-info.txt'); $groupinfo = file($spooldir . '/' . $refid["newsgroup"] . '-info.txt');
$range = explode(' ', $groupinfo[1]); $range = explode(' ', $groupinfo[1]);
if($refid['number'] > (intval($range[0]) - 1)) { if ($refid['number'] > (intval($range[0]) - 1)) {
$threadref = $ref[0]; $threadref = $ref[0];
} else {
$threadref = false;
}
} else { } else {
$threadref = false; $threadref = false;
} }
} else {
$threadref = false;
}
} else { } else {
$threadref = false; $threadref = false;
} }
$target = get_data_from_msgid($thismsgid); $target = get_data_from_msgid($thismsgid);
if($target['date'] > time()) { if ($target['date'] > time()) {
continue; continue;
} }
if(!isset($this_overboard['lastmessage'])) { if (! isset($this_overboard['lastmessage'])) {
$this_overboard['lastmessage'] = 0; $this_overboard['lastmessage'] = 0;
} }
if($target['date'] > $this_overboard['lastmessage']) { if ($target['date'] > $this_overboard['lastmessage']) {
$this_overboard['lastmessage'] = $target['date']; $this_overboard['lastmessage'] = $target['date'];
} }
if(!isset($this_overboard['threads'][$target['date']])) { if (! isset($this_overboard['threads'][$target['date']])) {
$this_overboard['threads'][$target['date']] = $thismsgid; $this_overboard['threads'][$target['date']] = $thismsgid;
$this_overboard['msgids'][$thismsgid] = $target; $this_overboard['msgids'][$thismsgid] = $target;
if($threadref) { if ($threadref) {
$this_overboard['threadlink'][$thismsgid] = $threadref; $this_overboard['threadlink'][$thismsgid] = $threadref;
} }
if($results++ > ($maxdisplay - 2)) { if ($results ++ > ($maxdisplay - 2)) {
break; break;
} }
} }
} }
file_put_contents($cachefile, serialize($this_overboard)); file_put_contents($cachefile, serialize($this_overboard));
if(isset($user_time)) { if (isset($user_time)) {
$oldest = ($user_time - 900); $oldest = ($user_time - 900);
} else { } else {
$oldest = (time() - (86400 * $article_age)); $oldest = (time() - (86400 * $article_age));
} }
$results = display_threads($this_overboard['threads'], $oldest); $results = display_threads($this_overboard['threads'], $oldest);
show_overboard_footer(null, $results, null); show_overboard_footer(null, $results, null);
echo '</body></html>'; echo '</body></html>';
expire_overboard($cachefile); expire_overboard($cachefile);
function expire_overboard($cachefile) { function expire_overboard($cachefile)
global $article_age, $logfile, $config_name, $prune, $this_overboard; {
if(!isset($this_overboard['expire'])) { global $article_age, $logfile, $config_name, $prune, $this_overboard;
$this_overboard['expire'] = time(); if (! isset($this_overboard['expire'])) {
} $this_overboard['expire'] = time();
if($this_overboard['expire'] < (time() - 86400)) {
$prune = true;
foreach($this_overboard['msgids'] as $key => $value) {
$target = $this_overboard['msgids'][$key];
if($target['date'] < (time() - (86400 * $article_age))) {
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Expiring: ".$target['newsgroup'].":".$target['number'], FILE_APPEND);
unset($this_overboard['threads'][$target['date']]);
unset($this_overboard['msgids'][$key]);
unset($this_overboard['threadlink'][$key]);
}
}
$this_overboard['expire'] = time();
} }
if($prune) { if ($this_overboard['expire'] < (time() - 86400)) {
file_put_contents($cachefile, serialize($this_overboard)); $prune = true;
foreach ($this_overboard['msgids'] as $key => $value) {
$target = $this_overboard['msgids'][$key];
if ($target['date'] < (time() - (86400 * $article_age))) {
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Expiring: " . $target['newsgroup'] . ":" . $target['number'], FILE_APPEND);
unset($this_overboard['threads'][$target['date']]);
unset($this_overboard['msgids'][$key]);
unset($this_overboard['threadlink'][$key]);
}
}
$this_overboard['expire'] = time();
}
if ($prune) {
file_put_contents($cachefile, serialize($this_overboard));
} }
} }
function display_threads($threads, $oldest) { function display_threads($threads, $oldest)
global $CONFIG,$thissite, $logfile, $config_name, $snippetlength, $maxdisplay, $prune, $this_overboard; {
global $CONFIG, $thissite, $logfile, $config_name, $snippetlength, $maxdisplay, $prune, $this_overboard;
echo '<table cellspacing="0" width="100%" class="np_results_table">'; echo '<table cellspacing="0" width="100%" class="np_results_table">';
if(!isset($threads)) { if (! isset($threads)) {
$threads = (object)[]; $threads = (object) [];
} else { } else {
krsort($threads); krsort($threads);
} }
$results = 0; $results = 0;
foreach($threads as $key => $value) { foreach ($threads as $key => $value) {
$target = $this_overboard['msgids'][$value]; $target = $this_overboard['msgids'][$value];
if(!isset($target['msgid'])) { if (! isset($target['msgid'])) {
$target = get_data_from_msgid($value); $target = get_data_from_msgid($value);
}
if($target['date'] < $oldest) {
continue;
}
if($results > $maxdisplay) {
$prune = true;
unset($this_overboard['threads'][$target['date']]);
unset($this_overboard['threadlink'][$value]);
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Pruning: ".$target['newsgroup'].":".$target['number'], FILE_APPEND);
}
$article = get_db_data_from_msgid($target['msgid'], $target['newsgroup'], 1);
$poster = get_poster_name(mb_decode_mimeheader($target['name']));
$groupurl = $thissite."/thread.php?group="._rawurlencode($target['newsgroup']);
if(($results % 2) == 0){
echo '<tr class="np_result_line2"><td class="np_result_line2" style="word-wrap:break-word";>';
} else {
echo '<tr class="np_result_line1"><td class="np_result_line1" style="word-wrap:break-word";>';
} }
$url = $thissite."/article-flat.php?id=".$target['number']."&group="._rawurlencode($target['newsgroup'])."#".$target['number']; if ($target['date'] < $oldest) {
continue;
}
if ($results > $maxdisplay) {
$prune = true;
unset($this_overboard['threads'][$target['date']]);
unset($this_overboard['threadlink'][$value]);
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Pruning: " . $target['newsgroup'] . ":" . $target['number'], FILE_APPEND);
}
$article = get_db_data_from_msgid($target['msgid'], $target['newsgroup'], 1);
$poster = get_poster_name(mb_decode_mimeheader($target['name']));
$groupurl = $thissite . "/thread.php?group=" . _rawurlencode($target['newsgroup']);
if (($results % 2) == 0) {
echo '<tr class="np_result_line2"><td class="np_result_line2" style="word-wrap:break-word";>';
} else {
echo '<tr class="np_result_line1"><td class="np_result_line1" style="word-wrap:break-word";>';
}
$url = $thissite . "/article-flat.php?id=" . $target['number'] . "&group=" . _rawurlencode($target['newsgroup']) . "#" . $target['number'];
echo '<p class=np_ob_subject>'; echo '<p class=np_ob_subject>';
echo '<b><a href="'.$url.'"><span>'.mb_decode_mimeheader($target['subject']).'</span></a></b>'; echo '<b><a href="' . $url . '"><span>' . mb_decode_mimeheader($target['subject']) . '</span></a></b>';
if(isset($this_overboard['threadlink'][$value])) { if (isset($this_overboard['threadlink'][$value])) {
$thread = get_data_from_msgid($this_overboard['threadlink'][$value]); $thread = get_data_from_msgid($this_overboard['threadlink'][$value]);
echo '<font class="np_ob_group"><a href="article-flat.php?id='.$thread['number'].'&group='.rawurlencode($thread['newsgroup']).'#'.$thread['number'].'"> (thread)</a></font>'; echo '<font class="np_ob_group"><a href="article-flat.php?id=' . $thread['number'] . '&group=' . rawurlencode($thread['newsgroup']) . '#' . $thread['number'] . '"> (thread)</a></font>';
} }
echo '</p>'; echo '</p>';
echo '</p><p class=np_ob_group>'; echo '</p><p class=np_ob_group>';
echo '<a href="'.$groupurl.'"><span class="visited">'.$target['newsgroup'].'</span></a>'; echo '<a href="' . $groupurl . '"><span class="visited">' . $target['newsgroup'] . '</span></a>';
echo '</p>'; echo '</p>';
echo '<p class=np_ob_posted_date>Posted: '.get_date_interval(date("D, j M Y H:i T",$target['date'])).' by: '.create_name_link($poster['name'], $poster['from']).'</p>'; echo '<p class=np_ob_posted_date>Posted: ' . get_date_interval(date("D, j M Y H:i T", $target['date'])) . ' by: ' . create_name_link($poster['name'], $poster['from']) . '</p>';
if($CONFIG['article_database'] == '1') { if ($CONFIG['article_database'] == '1') {
echo htmlentities(substr($article['search_snippet'], 0, $snippetlength)); echo htmlentities(substr($article['search_snippet'], 0, $snippetlength));
} }
$results++; $results ++;
} }
echo "</table>"; echo "</table>";
return($results); return ($results);
} }
function show_overboard_header($grouplist) { function show_overboard_header($grouplist)
global $text_thread, $frame, $text_article, $file_index, $file_thread, $user_time; {
global $text_thread, $frame, $text_article, $file_index, $file_thread, $user_time;
if (isset($_GET['thisgroup'])) { if (isset($_GET['thisgroup'])) {
echo '<h1 class="np_thread_headline">'; echo '<h1 class="np_thread_headline">';
echo '<a href="'.$file_index.'" target='.$frame['menu'].'>'.basename(getcwd()).'</a> / '; echo '<a href="' . $file_index . '" target=' . $frame['menu'] . '>' . basename(getcwd()) . '</a> / ';
echo '<a href="'.$file_thread.'?group='.rawurlencode($grouplist[0]).'" target='.$frame["content"].'>'.htmlspecialchars(group_displaY_name($grouplist[0])).'</a> / '; echo '<a href="' . $file_thread . '?group=' . rawurlencode($grouplist[0]) . '" target=' . $frame["content"] . '>' . htmlspecialchars(group_displaY_name($grouplist[0])) . '</a> / ';
if (isset($user_time)) {
echo ' new messages</h1>';
} else {
echo ' latest</h1>';
}
echo '<table cellpadding="0" cellspacing="0" class="np_buttonbar"><tr>';
// Refresh button
echo '<td>';
echo '<form action="overboard.php">';
echo '<input type="hidden" name="thisgroup" value="' . $_GET['thisgroup'] . '"/>';
if (isset($user_time)) {
echo '<button class="np_button_link" type="submit">overboard</button>';
} else {
echo '<button class="np_button_link" type="submit">' . $text_article["refresh"] . '</button>';
}
echo '</form>';
echo '</td>';
// Article List button
echo '<td>';
echo '<form action="' . $file_thread . '">';
echo '<input type="hidden" name="group" value="' . $grouplist[0] . '"/>';
echo '<button class="np_button_link" type="submit">' . htmlspecialchars(group_display_name($grouplist[0])) . '</button>';
echo '</form>';
echo '</td>';
// Newsgroups button (hidden)
if (isset($frames_on) && $frames_on === true) {
echo '<td>';
echo '<form action="' . $file_index . '">';
echo '<button class="np_button_hidden" type="submit">' . $text_thread["button_grouplist"] . '</button>';
echo '</form>';
echo '</td>';
}
echo '<td width=100%></td></tr></table>';
} else {
echo '<h1 class="np_thread_headline">';
echo '<a href="' . $file_index . '" target=' . $frame['menu'] . '>' . basename(getcwd()) . '</a> / ';
echo 'latest messages</h1>';
echo '<table cellpadding="0" cellspacing="0" class="np_buttonbar"><tr>';
// Refresh button
echo '<td>';
echo '<form action="overboard.php">';
echo '<button class="np_button_link" type="submit">' . $text_article["refresh"] . '</button>';
echo '</form>';
echo '</td>';
// Newsgroups button (hidden)
if (isset($frames_on) && $frames_on === true) {
echo '<td>';
echo '<form action="' . $file_index . '">';
echo '<button class="np_button_hidden" type="submit">' . $text_thread["button_grouplist"] . '</button>';
echo '</form>';
echo '</td>';
}
echo '<td width=100%></td></tr></table>';
}
}
function show_overboard_footer($stats, $results, $iscached)
{
global $user_time, $rslight_version;
if (isset($user_time)) { if (isset($user_time)) {
echo ' new messages</h1>'; $recent = 'new';
} else { } else {
echo ' latest</h1>'; $recent = 'recent';
} }
echo '<table cellpadding="0" cellspacing="0" class="np_buttonbar"><tr>'; if ($results == '1') {
// Refresh button $arts = 'article';
echo '<td>';
echo '<form action="overboard.php">';
echo '<input type="hidden" name="thisgroup" value="'.$_GET['thisgroup'].'"/>';
if (isset($user_time)) {
echo '<button class="np_button_link" type="submit">overboard</button>';
} else { } else {
echo '<button class="np_button_link" type="submit">'.$text_article["refresh"].'</button>'; $arts = 'articles';
}
echo '</form>';
echo '</td>';
// Article List button
echo '<td>';
echo '<form action="'.$file_thread.'">';
echo '<input type="hidden" name="group" value="'.$grouplist[0].'"/>';
echo '<button class="np_button_link" type="submit">'.htmlspecialchars(group_display_name($grouplist[0])).'</button>';
echo '</form>';
echo '</td>';
// Newsgroups button (hidden)
if(isset($frames_on) && $frames_on === true) {
echo '<td>';
echo '<form action="'.$file_index.'">';
echo '<button class="np_button_hidden" type="submit">'.$text_thread["button_grouplist"].'</button>';
echo '</form>';
echo '</td>';
}
echo '<td width=100%></td></tr></table>';
} else {
echo '<h1 class="np_thread_headline">';
echo '<a href="'.$file_index.'" target='.$frame['menu'].'>'.basename(getcwd()).'</a> / ';
echo 'latest messages</h1>';
echo '<table cellpadding="0" cellspacing="0" class="np_buttonbar"><tr>';
// Refresh button
echo '<td>';
echo '<form action="overboard.php">';
echo '<button class="np_button_link" type="submit">'.$text_article["refresh"].'</button>';
echo '</form>';
echo '</td>';
// Newsgroups button (hidden)
if(isset($frames_on) && $frames_on === true) {
echo '<td>';
echo '<form action="'.$file_index.'">';
echo '<button class="np_button_hidden" type="submit">'.$text_thread["button_grouplist"].'</button>';
echo '</form>';
echo '</td>';
}
echo '<td width=100%></td></tr></table>';
}
}
function show_overboard_footer($stats, $results, $iscached) {
global $user_time,$rslight_version;
if(isset($user_time)) {
$recent = 'new';
} else {
$recent = 'recent';
}
if($results == '1') {
$arts = 'article';
} else {
$arts = 'articles';
} }
echo '</table>'; echo '</table>';
echo "<p class=np_ob_tail><b>".$results."</b> ".$recent." ".$arts." found.</p>\r\n"; echo "<p class=np_ob_tail><b>" . $results . "</b> " . $recent . " " . $arts . " found.</p>\r\n";
#echo "<center><i>Rocksolid Overboard</i> version ".$version; # echo "<center><i>Rocksolid Overboard</i> version ".$version;
include "tail.inc"; include "tail.inc";
if($iscached) { if ($iscached) {
echo "<p class=np_ob_tail><font size='1em'>cached copy: ".date("D M j G:i:s T Y", $stats[9])."</font></p>\r\n"; echo "<p class=np_ob_tail><font size='1em'>cached copy: " . date("D M j G:i:s T Y", $stats[9]) . "</font></p>\r\n";
} }
} }
?> ?>

676
Rocksolid_Light/rocksolid/post.php
View File

@ -1,388 +1,399 @@
<?php <?php
/* rslight NNTP<->HTTP Gateway /*
* Download: https://news.novabbs.com/getrslight * rslight NNTP<->HTTP Gateway
* Download: https://news.novabbs.com/getrslight
* *
* Based on Newsportal by Florian Amrhein * Based on Newsportal by Florian Amrhein
* *
* E-Mail: retroguy@novabbs.com * E-Mail: retroguy@novabbs.com
* Web: https://news.novabbs.com * Web: https://news.novabbs.com
* *
* This program is free software; you can redistribute it and/or modify * This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* This program is distributed in the hope that it will be useful, * This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of * but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details. * GNU General Public License for more details.
* *
* You should have received a copy of the GNU General Public License * You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software * along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/ */
session_start(); session_start();
include "config.inc.php"; include "config.inc.php";
$CONFIG = include($config_file); $CONFIG = include ($config_file);
@$fieldnamedecrypt=$_REQUEST['fielddecrypt']; @$fieldnamedecrypt = $_REQUEST['fielddecrypt'];
//@$newsgroups=$_REQUEST["newsgroups"]; // @$newsgroups=$_REQUEST["newsgroups"];
//@$group=$_REQUEST["group"]; // @$group=$_REQUEST["group"];
@$type=$_REQUEST["type"]; @$type = $_REQUEST["type"];
@$subject=stripslashes($_POST[md5($fieldnamedecrypt."subject")]); @$subject = stripslashes($_POST[md5($fieldnamedecrypt . "subject")]);
@$name=$_POST[md5($fieldnamedecrypt."name")]; @$name = $_POST[md5($fieldnamedecrypt . "name")];
@$email=$_POST[md5($fieldnamedecrypt."email")]; @$email = $_POST[md5($fieldnamedecrypt . "email")];
@$body=stripslashes($_POST[md5($fieldnamedecrypt."body")]); @$body = stripslashes($_POST[md5($fieldnamedecrypt . "body")]);
@$abspeichern=$_REQUEST["abspeichern"]; @$abspeichern = $_REQUEST["abspeichern"];
@$references=$_REQUEST["references"]; @$references = $_REQUEST["references"];
@$id=$_REQUEST["id"]; @$id = $_REQUEST["id"];
if (!isset($group)) $group=$newsgroups; if (! isset($group))
$group = $newsgroups;
include "auth.inc"; include "auth.inc";
if($post_captcha) if ($post_captcha)
include "lib/captcha/captcha.php"; include "lib/captcha/captcha.php";
// Save name in cookies // Save name in cookies
if (($setcookies==true) && (isset($abspeichern)) && ($abspeichern=="ja")) { if (($setcookies == true) && (isset($abspeichern)) && ($abspeichern == "ja")) {
setcookie("cookie_name",stripslashes($name),time()+(3600*24*90),"/"); setcookie("cookie_name", stripslashes($name), time() + (3600 * 24 * 90), "/");
} }
if ((isset($post_server)) && ($post_server!="")) if ((isset($post_server)) && ($post_server != ""))
$server=$post_server; $server = $post_server;
if ((isset($post_port)) && ($post_port!="")) if ((isset($post_port)) && ($post_port != ""))
$port=$post_port; $port = $post_port;
include $file_newsportal; include $file_newsportal;
include "head.inc"; include "head.inc";
global $synchro_user,$synchro_pass; global $synchro_user, $synchro_pass;
// check to which groups the user is allowed to post to // check to which groups the user is allowed to post to
$thisgroup=_rawurldecode($_REQUEST['group']); $thisgroup = _rawurldecode($_REQUEST['group']);
if($testgroup) { if ($testgroup) {
$newsgroups=testgroups($thisgroup); $newsgroups = testgroups($thisgroup);
} else { } else {
$newsgroups=$thisgroup; $newsgroups = $thisgroup;
} }
$returngroup = preg_split("/( |\,)/", $newsgroups, 2); $returngroup = preg_split("/( |\,)/", $newsgroups, 2);
echo '<h1 class="np_thread_headline">'; echo '<h1 class="np_thread_headline">';
echo '<a href="'.$file_index.'" target='.$frame['menu'].'>'.basename(getcwd()).'</a> / '; echo '<a href="' . $file_index . '" target=' . $frame['menu'] . '>' . basename(getcwd()) . '</a> / ';
echo '<a href="'.$file_thread.'?group='.rawurlencode($thisgroup).'" target='.$frame["content"].'>'.htmlspecialchars(group_display_name($thisgroup)).'</a>'; echo '<a href="' . $file_thread . '?group=' . rawurlencode($thisgroup) . '" target=' . $frame["content"] . '>' . htmlspecialchars(group_display_name($thisgroup)) . '</a>';
if(isset($type) && $type == 'post') { if (isset($type) && $type == 'post') {
echo ' / '.$subject.'</h1>'; echo ' / ' . $subject . '</h1>';
} else { } else {
echo '</h1>'; echo '</h1>';
} }
// has the user write-rights on the newsgroups? // has the user write-rights on the newsgroups?
if((function_exists("npreg_group_has_read_access") && if ((function_exists("npreg_group_has_read_access") && ! npreg_group_has_read_access($newsgroups)) || (function_exists("npreg_group_has_write_access") && ! npreg_group_has_write_access($newsgroups))) {
!npreg_group_has_read_access($newsgroups)) || die("access denied");
(function_exists("npreg_group_has_write_access") &&
!npreg_group_has_write_access($newsgroups))) {
die("access denied");
} }
// Load name from cookies // Load name from cookies
if ($setcookies) { if ($setcookies) {
if ((isset($_COOKIE["cookie_name"])) && (!isset($name))) if ((isset($_COOKIE["cookie_name"])) && (! isset($name)))
$name=$_COOKIE["cookie_name"]; $name = $_COOKIE["cookie_name"];
// if ((isset($_COOKIE["cookie_email"])) && (!isset($email))) // if ((isset($_COOKIE["cookie_email"])) && (!isset($email)))
// $email=$_COOKIE["cookie_email"]; // $email=$_COOKIE["cookie_email"];
} }
// Load name and email from the registration system, if available // Load name and email from the registration system, if available
if(function_exists("npreg_get_name")) { if (function_exists("npreg_get_name")) {
$name=npreg_get_name(); $name = npreg_get_name();
} }
if(function_exists("npreg_get_email")) { if (function_exists("npreg_get_email")) {
$email=npreg_get_email(); $email = npreg_get_email();
$form_noemail=true; $form_noemail = true;
} }
if(!strcmp($name, $CONFIG['anonusername']) && (isset($CONFIG['anonuser']))) { if (! strcmp($name, $CONFIG['anonusername']) && (isset($CONFIG['anonuser']))) {
$userpass = $CONFIG['anonuserpass']; $userpass = $CONFIG['anonuserpass'];
$email=$name.$CONFIG['email_tail']; $email = $name . $CONFIG['email_tail'];
} else { } else {
$userpass = $email; $userpass = $email;
$request="email"; $request = "email";
$get_email = get_user_config($name,$request); $get_email = get_user_config($name, $request);
if($get_email === FALSE) { if ($get_email === FALSE) {
$email=$name.$CONFIG['email_tail']; $email = $name . $CONFIG['email_tail'];
} else { } else {
$email=trim($get_email); $email = trim($get_email);
} }
} }
if (isset($CONFIG['synchronet']) && ($CONFIG['synchronet'] == true)) { if (isset($CONFIG['synchronet']) && ($CONFIG['synchronet'] == true)) {
$synchro_user=$name; $synchro_user = $name;
$synchro_pass=$userpass; $synchro_pass = $userpass;
}
if($name=="")
$name=$_SERVER['REMOTE_USER'];
if((!isset($references)) || ($references=="")) {
$references=false;
} }
if (!isset($type)) { if ($name == "")
$type="new"; $name = $_SERVER['REMOTE_USER'];
if ((! isset($references)) || ($references == "")) {
$references = false;
} }
if ($type=="new") { if (! isset($type)) {
$subject=""; $type = "new";
$bodyzeile=""; }
$show=1;
if ($type == "new") {
$subject = "";
$bodyzeile = "";
$show = 1;
} }
// Is there a new article to post to the newsserver? // Is there a new article to post to the newsserver?
if ($type=="post") { if ($type == "post") {
$show=0; $show = 0;
if (!$CONFIG['synchronet']) { if (! $CONFIG['synchronet']) {
if (check_bbs_auth(trim($name), $userpass) == FALSE) { if (check_bbs_auth(trim($name), $userpass) == FALSE) {
$type="retry"; $type = "retry";
$error=$text_error["auth_error"]; $error = $text_error["auth_error"];
}
}
// error handling
if (trim($body)=="") {
$type="retry";
$error=$text_post["missing_message"];
}
if ((trim($email)=="") && (!isset($anonym_address))) {
$type="retry";
$error=$text_post["missing_email"];
}
if (($email) && (!validate_email(trim($email)))) {
$type="retry";
$error=$text_post["error_wrong_email"];
}
if (trim($name)=="") {
$type="retry";
$error=$text_post["missing_name"];
}
if (trim($subject)=="") {
$type="retry";
$error=$text_post["missing_subject"];
}
// captcha-check
if(($post_captcha) && (captcha::check()==false)) {
$type="retry";
$error=$text_post["captchafail"];
}
if ($type=="post") {
$name = trim($name);
if (!$CONFIG['readonly']) {
// post article to the newsserver
if($references)
$references_array=explode(" ",$references);
else
$references_array=false;
if(($email=="") && (isset($anonym_address)))
$nemail=$anonym_address;
else
$nemail=$email;
$rate_limit = get_user_config($name, 'rate_limit');
if(($rate_limit !== FALSE) && ($rate_limit > 0)) {
$CONFIG['rate_limit'] = $rate_limit;
} }
if($CONFIG['rate_limit'] == true) {
$postsremaining = check_rate_limit($name);
if($postsremaining < 1) {
$wait = check_rate_limit($name,0,1);
echo 'You have reached the limit of '.$CONFIG['rate_limit'].' posts per hour.<br />Please wait '.round($wait).' minutes before posting again.';
echo '<p><a href="'.$file_thread.'?group='.urlencode($returngroup[0]).'">'.$text_post["button_back"].'</a> '.$text_post["button_back2"].' '.group_display_name($returngroup[0]).'</p>';
return;
}
} }
if(isset($_FILES["photo"]) && $_FILES["photo"]["error"] == 0) { // error handling
$_FILES['photo']['name'] = preg_replace('/[^a-zA-Z0-9\.]/', '_', $_FILES['photo']['name']); if (trim($body) == "") {
// There is an attachment to handle $type = "retry";
$message=message_post(quoted_printable_encode($subject), $error = $text_post["missing_message"];
$nemail." (".quoted_printable_encode($name).")", }
$newsgroups,$references_array,addslashes($body),$_POST['encryptthis'],$_POST['encryptto'],strtolower($name),null,true); if ((trim($email) == "") && (! isset($anonym_address))) {
} else { $type = "retry";
$message=message_post(quoted_printable_encode($subject), $error = $text_post["missing_email"];
$nemail." (".quoted_printable_encode($name).")", }
$newsgroups,$references_array,addslashes($body),$_POST['encryptthis'],$_POST['encryptto'],strtolower($name)); if (($email) && (! validate_email(trim($email)))) {
} $type = "retry";
// Article sent without errors, or duplicate? $error = $text_post["error_wrong_email"];
if ((substr($message,0,3)=="240") || }
(substr($message,0,7)=="441 435")) { if (trim($name) == "") {
echo '<h1 class="np_post_headline"><'.$text_post["message_posted"].'></h1>'; $type = "retry";
echo '<p>'.$text_post["message_posted2"].'</p>'; $error = $text_post["missing_name"];
if(isset($CONFIG['auto_return']) && ($CONFIG['auto_return'] == true)) { }
echo '<meta http-equiv="refresh" content="0;url='.$file_thread.'?group='.urlencode($returngroup[0]).'"'; if (trim($subject) == "") {
} $type = "retry";
if($CONFIG['rate_limit'] == true) { $error = $text_post["missing_subject"];
$postsremaining = check_rate_limit($name,1); }
echo 'You have '.$postsremaining.' posts remaining of '.$CONFIG['rate_limit'].' posts per hour.<br />';
if($postsremaining < 1) { // captcha-check
$wait = check_rate_limit($name,0,1); if (($post_captcha) && (captcha::check() == false)) {
echo 'Please wait '.round($wait).' minutes before posting again.<br />'; $type = "retry";
} $error = $text_post["captchafail"];
} }
// echo '<p><a href="'.$file_thread.'?group='.urlencode($returngroup[0]).'">'.$text_post["button_back"].'</a> '.$text_post["button_back2"].' '.group_display_name($returngroup[0]).'</p>';
if(isset($_REQUEST['returngroup']) && $_REQUEST['returngroup'] !== '') { if ($type == "post") {
echo '<p><a href="'.$file_thread.'?group='.$_REQUEST['returngroup'].'">Your post will appear in '.group_display_name($_REQUEST['returngroup']).'</a></p>'; $name = trim($name);
} if (! $CONFIG['readonly']) {
if(isset($_SESSION['return_page'])) { // post article to the newsserver
echo '<p><a href="'.$_SESSION['return_page'].'">Back to Previous Page</a></p>'; if ($references)
} else { $references_array = explode(" ", $references);
echo '<p><a href="'.$file_thread.'?group='.$_REQUEST['returngroup'].'">Back</a></p>'; else
} $references_array = false;
} else { if (($email == "") && (isset($anonym_address)))
// article not accepted by the newsserver $nemail = $anonym_address;
$type="retry"; else
$error=$text_post["error_newsserver"]."<br><pre>$message</pre>"; $nemail = $email;
} $rate_limit = get_user_config($name, 'rate_limit');
} else { if (($rate_limit !== FALSE) && ($rate_limit > 0)) {
echo $text_post["error_readonly"]; $CONFIG['rate_limit'] = $rate_limit;
}
if ($CONFIG['rate_limit'] == true) {
$postsremaining = check_rate_limit($name);
if ($postsremaining < 1) {
$wait = check_rate_limit($name, 0, 1);
echo 'You have reached the limit of ' . $CONFIG['rate_limit'] . ' posts per hour.<br />Please wait ' . round($wait) . ' minutes before posting again.';
echo '<p><a href="' . $file_thread . '?group=' . urlencode($returngroup[0]) . '">' . $text_post["button_back"] . '</a> ' . $text_post["button_back2"] . ' ' . group_display_name($returngroup[0]) . '</p>';
return;
}
}
if (isset($_FILES["photo"]) && $_FILES["photo"]["error"] == 0) {
$_FILES['photo']['name'] = preg_replace('/[^a-zA-Z0-9\.]/', '_', $_FILES['photo']['name']);
// There is an attachment to handle
$message = message_post(quoted_printable_encode($subject), $nemail . " (" . quoted_printable_encode($name) . ")", $newsgroups, $references_array, addslashes($body), $_POST['encryptthis'], $_POST['encryptto'], strtolower($name), null, true);
} else {
$message = message_post(quoted_printable_encode($subject), $nemail . " (" . quoted_printable_encode($name) . ")", $newsgroups, $references_array, addslashes($body), $_POST['encryptthis'], $_POST['encryptto'], strtolower($name));
}
// Article sent without errors, or duplicate?
if ((substr($message, 0, 3) == "240") || (substr($message, 0, 7) == "441 435")) {
echo '<h1 class="np_post_headline"><' . $text_post["message_posted"] . '></h1>';
echo '<p>' . $text_post["message_posted2"] . '</p>';
if (isset($CONFIG['auto_return']) && ($CONFIG['auto_return'] == true)) {
echo '<meta http-equiv="refresh" content="0;url=' . $file_thread . '?group=' . urlencode($returngroup[0]) . '"';
}
if ($CONFIG['rate_limit'] == true) {
$postsremaining = check_rate_limit($name, 1);
echo 'You have ' . $postsremaining . ' posts remaining of ' . $CONFIG['rate_limit'] . ' posts per hour.<br />';
if ($postsremaining < 1) {
$wait = check_rate_limit($name, 0, 1);
echo 'Please wait ' . round($wait) . ' minutes before posting again.<br />';
}
}
// echo '<p><a href="'.$file_thread.'?group='.urlencode($returngroup[0]).'">'.$text_post["button_back"].'</a> '.$text_post["button_back2"].' '.group_display_name($returngroup[0]).'</p>';
if (isset($_REQUEST['returngroup']) && $_REQUEST['returngroup'] !== '') {
echo '<p><a href="' . $file_thread . '?group=' . $_REQUEST['returngroup'] . '">Your post will appear in ' . group_display_name($_REQUEST['returngroup']) . '</a></p>';
}
if (isset($_SESSION['return_page'])) {
echo '<p><a href="' . $_SESSION['return_page'] . '">Back to Previous Page</a></p>';
} else {
echo '<p><a href="' . $file_thread . '?group=' . $_REQUEST['returngroup'] . '">Back</a></p>';
}
} else {
// article not accepted by the newsserver
$type = "retry";
$error = $text_post["error_newsserver"] . "<br><pre>$message</pre>";
}
} else {
echo $text_post["error_readonly"];
}
} }
}
} }
// A reply of an other article. // A reply of an other article.
if ($type=="reply") { if ($type == "reply") {
$message=message_read($id,0,$newsgroups); $message = message_read($id, 0, $newsgroups);
$head=$message->header; $head = $message->header;
$body=explode("\n",$message->body[0]); $body = explode("\n", $message->body[0]);
nntp_close($ns); nntp_close($ns);
if ($head->name != "") { if ($head->name != "") {
$bodyzeile=$head->name; $bodyzeile = $head->name;
} else {
$bodyzeile=$head->from;
}
// For Synchronet use
$fromname=$bodyzeile;
$bodyzeile=$text_post["wrote_prefix"].$bodyzeile.
$text_post["wrote_suffix"]."\n\n";
for ($i=0; $i<=count($body)-1; $i++) {
if((isset($cutsignature)) && ($cutsignature==true) &&
($body[$i]=='-- '))
break;
if (trim($body[$i])!="") {
if($body[$i][0]=='>')
$bodyzeile.=">".$body[$i]."\n";
else
$bodyzeile.="> ".$body[$i]."\n";
} else { } else {
$bodyzeile.="\n"; $bodyzeile = $head->from;
} }
}
$subject=$head->subject; // For Synchronet use
if (isset($head->followup) && ($head->followup != "")) { $fromname = $bodyzeile;
$newsgroups=$head->followup;
} else { $bodyzeile = $text_post["wrote_prefix"] . $bodyzeile . $text_post["wrote_suffix"] . "\n\n";
if($testgroup) { for ($i = 0; $i <= count($body) - 1; $i ++) {
$newsgroups=testgroups($head->newsgroups); if ((isset($cutsignature)) && ($cutsignature == true) && ($body[$i] == '-- '))
break;
if (trim($body[$i]) != "") {
if ($body[$i][0] == '>')
$bodyzeile .= ">" . $body[$i] . "\n";
else
$bodyzeile .= "> " . $body[$i] . "\n";
} else {
$bodyzeile .= "\n";
}
}
$subject = $head->subject;
if (isset($head->followup) && ($head->followup != "")) {
$newsgroups = $head->followup;
} else { } else {
$newsgroups=$head->newsgroups; if ($testgroup) {
$newsgroups = testgroups($head->newsgroups);
} else {
$newsgroups = $head->newsgroups;
}
} }
} splitSubject($subject);
splitSubject($subject); $subject = "Re: " . $subject;
$subject="Re: ".$subject; // Cut off old parts of a subject
// Cut off old parts of a subject // for example: 'foo (was: bar)' becomes 'foo'.
// for example: 'foo (was: bar)' becomes 'foo'. $subject = preg_replace('/(\(wa[sr]: .*\))$/i', '', $subject);
$subject=preg_replace('/(\(wa[sr]: .*\))$/i','',$subject); $show = 1;
$show=1; $references = false;
$references=false; if (isset($head->references[0])) {
if (isset($head->references[0])) { for ($i = 0; $i <= count($head->references) - 1; $i ++) {
for ($i=0; $i<=count($head->references)-1; $i++) { $references .= $head->references[$i] . " ";
$references .= $head->references[$i]." "; }
} }
} $references .= $head->id;
$references .= $head->id;
} }
if ($type=="retry") { if ($type == "retry") {
$show=1; $show = 1;
$bodyzeile=$body; $bodyzeile = $body;
} }
if ($show==1) { if ($show == 1) {
if ($newsgroups == "") {
echo $text_post["followup_not_allowed"];
echo " " . $newsgroups;
} else {
// show post form
$fieldencrypt = md5(rand(1, 10000000));
echo '<h1 class="np_post_headline">' . $text_post["group_head"] . group_display_name($newsgroups) . $text_post["group_tail"] . '</h1>';
if ($newsgroups == "") { if (isset($error))
echo $text_post["followup_not_allowed"]; echo "<p>$error</p>";
echo " ".$newsgroups; ?>
} else {
// show post form
$fieldencrypt=md5(rand(1,10000000));
echo '<h1 class="np_post_headline">'.$text_post["group_head"].group_display_name($newsgroups)
.$text_post["group_tail"].'</h1>';
if (isset($error)) echo "<p>$error</p>"; ?> <form action="<?php echo $file_post?>" method="post" name="postform"
enctype="multipart/form-data">
<form action="<?php echo $file_post?>" method="post" name="postform" enctype="multipart/form-data"> <div class="np_post_header">
<table>
<div class="np_post_header"> <tr>
<table> <td align="right"><b><?php echo $text_header["subject"] ?></b></td>
<tr><td align="right"><b><?php echo $text_header["subject"] ?></b></td> <td><input class="post" type="text"
<td><input class="post" type="text" name="<?php echo md5($fieldencrypt."subject")?>" value="<?php name="<?php echo md5($fieldencrypt."subject")?>"
echo htmlspecialchars($subject);?>" size="40" maxlength="80"></td></tr> value="<?php
<tr><td align="right"><b><?php echo $text_post["name"]?></b></td> echo htmlspecialchars($subject);
<td align="left"> ?>" size="40"
maxlength="80"></td>
</tr>
<tr>
<td align="right"><b><?php echo $text_post["name"]?></b></td>
<td align="left">
<?php <?php
if ( !isset($name) && $CONFIG['anonuser']) if (! isset($name) && $CONFIG['anonuser'])
$name = $CONFIG['anonusername']; $name = $CONFIG['anonusername'];
if($form_noname===true) { if ($form_noname === true) {
echo htmlspecialchars($name); echo htmlspecialchars($name);
} else { } else {
echo '<input class="post" type="text" name="'.md5($fieldencrypt."name").'"'; echo '<input class="post" type="text" name="' . md5($fieldencrypt . "name") . '"';
if (isset($name)) echo 'value="'. if (isset($name))
htmlspecialchars(stripslashes($name)).'"'; echo 'value="' . htmlspecialchars(stripslashes($name)) . '"';
echo 'size="40" maxlength="40">'; echo 'size="40" maxlength="40">';
if($CONFIG['anonuser']) if ($CONFIG['anonuser'])
echo '&nbsp;or "'.$CONFIG['anonusername'].'" with no password'; echo '&nbsp;or "' . $CONFIG['anonusername'] . '" with no password';
} }
?> ?>
</td></tr> </td>
<tr><td align="right"><b><?php echo $text_post["password"]?></b></td> </tr>
<td align="left"> <tr>
<td align="right"><b><?php echo $text_post["password"]?></b></td>
<td align="left">
<?php <?php
echo '<input class="post" type="password" name="'.md5($fieldencrypt."email").'"'; echo '<input class="post" type="password" name="' . md5($fieldencrypt . "email") . '"';
// if (isset($email)) echo 'value="'.htmlspecialchars(stripslashes($email)).'"'; // if (isset($email)) echo 'value="'.htmlspecialchars(stripslashes($email)).'"';
echo 'size="40" maxlength="40">'; echo 'size="40" maxlength="40">';
?> ?>
</td</tr> </td
</tr>
<?php <?php
// May we post encrypted messages to this group? // May we post encrypted messages to this group?
if(check_encryption_groups($newsgroups)) { ?> if (check_encryption_groups($newsgroups)) {
<tr><td align="left"> ?>
<input type="checkbox" name="encryptthis" value="encrypt"> <tr>
<b>Encrypt to:</b> <td align="left"><input type="checkbox" name="encryptthis"
</td> value="encrypt"> <b>Encrypt to:</b></td>
<td><input type="text" name="encryptto" value="<?php echo $fromname;?>"></td> <td><input type="text" name="encryptto"
</tr> value="<?php echo $fromname;?>"></td>
<?php </tr>
} <?php
?> }
?>
</table> </table>
</div> </div>
<div class="np_post_body"> <div class="np_post_body">
<table> <table>
<tr><td><b><?php echo $text_post["message"];?></b><br> <tr>
<textarea class="postbody" id="postbody" name="<?php echo md5($fieldencrypt."body")?>" wrap="soft"><?php <td><b><?php echo $text_post["message"];?></b><br> <textarea
if ((isset($bodyzeile)) && ($post_autoquote)) class="postbody" id="postbody"
echo htmlspecialchars($bodyzeile); name="<?php echo md5($fieldencrypt."body")?>" wrap="soft"><?php
if(is_string($body)) if ((isset($bodyzeile)) && ($post_autoquote))
echo htmlspecialchars($body); echo htmlspecialchars($bodyzeile);
?> if (is_string($body))
</textarea></td></tr> echo htmlspecialchars($body);
<tr><td> ?>
</textarea></td>
</tr>
<tr>
<td>
<?php if(!$post_autoquote) { ?> <?php if(!$post_autoquote) { ?>
<input type="hidden" id="hidebody" value="<?php <input type="hidden" id="hidebody"
if (isset($bodyzeile)) echo htmlspecialchars(stripslashes($bodyzeile)); ?>"> value="<?php
if (isset($bodyzeile))
echo htmlspecialchars(stripslashes($bodyzeile));
?>">
<script language="JavaScript"> <script language="JavaScript">
<!-- <!--
function quoten() { function quoten() {
document.getElementById("postbody").value=document.getElementById("hidebody").value; document.getElementById("postbody").value=document.getElementById("hidebody").value;
@ -393,31 +404,40 @@ function quoten() {
<?php } ?> <?php } ?>
<input type="submit" value="<?php echo $text_post["button_post"];?>"> <input type="submit" value="<?php echo $text_post["button_post"];?>">
<?php if ($setcookies==true) { ?> <?php if ($setcookies==true) { ?>
&nbsp;<input tabindex="100" type="Button" name="quote" value="<?php echo $text_post["quote"]?>" onclick="quoten(); this.style.visibility= 'hidden';"> &nbsp;<input tabindex="100" type="Button" name="quote"
&nbsp;<input type="checkbox" name="abspeichern" value="ja" checked> value="<?php echo $text_post["quote"]?>"
onclick="quoten(); this.style.visibility= 'hidden';"> &nbsp;<input
type="checkbox" name="abspeichern" value="ja" checked>
<?php echo $text_post["remember"];?> <?php echo $text_post["remember"];?>
<?php } ?> <?php } ?>
&nbsp;<input type="file" name="photo" id="fileSelect" value="fileSelect" accept="image/*,audio/*,text/*,application/pdf"> &nbsp;<input type="file" name="photo" id="fileSelect" value="fileSelect"
</td> accept="image/*,audio/*,text/*,application/pdf">
</tr> </td>
</tr>
<?php if($post_captcha) { <?php
echo '<tr><td>';
echo captcha::form($text_post["captchainfo1"],$text_post["captchainfo2"]); if ($post_captcha) {
echo '</td></tr>'; echo '<tr><td>';
} ?> echo captcha::form($text_post["captchainfo1"], $text_post["captchainfo2"]);
echo '</td></tr>';
}
?>
</table> </table>
</div> </div>
<input type="hidden" name="type" value="post"> <input type="hidden" name="type" value="post"> <input type="hidden"
<input type="hidden" name="newsgroups" value="<?php echo htmlspecialchars($newsgroups); ?>"> name="newsgroups" value="<?php echo htmlspecialchars($newsgroups); ?>">
<input type="hidden" name="references" value="<?php echo htmlentities($references); ?>"> <input type="hidden" name="references"
<input type="hidden" name="group" value="<?php echo htmlspecialchars($newsgroups); ?>"> value="<?php echo htmlentities($references); ?>"> <input type="hidden"
<input type="hidden" name="returngroup" value="<?php echo htmlspecialchars($head->followup); ?>"> name="group" value="<?php echo htmlspecialchars($newsgroups); ?>"> <input
<input type="hidden" name="fielddecrypt" value="<?php echo htmlspecialchars($fieldencrypt);?>"> type="hidden" name="returngroup"
value="<?php echo htmlspecialchars($head->followup); ?>"> <input
type="hidden" name="fielddecrypt"
value="<?php echo htmlspecialchars($fieldencrypt);?>">
</form> </form>
<?php } } ?> <?php } } ?>

547
Rocksolid_Light/rocksolid/search.php
View File

@ -2,7 +2,7 @@
session_cache_limiter('public'); session_cache_limiter('public');
session_start(); session_start();
header("Expires: ".gmdate("D, d M Y H:i:s",time()+(600))." GMT"); header("Expires: " . gmdate("D, d M Y H:i:s", time() + (600)) . " GMT");
header("Cache-Control: max-age=100"); header("Cache-Control: max-age=100");
header("Pragma: cache"); header("Pragma: cache");
@ -13,78 +13,78 @@ throttle_hits();
$snippet_size = 100; $snippet_size = 100;
if(isset($_REQUEST['data']) && $_REQUEST['data'] == '') { if (isset($_REQUEST['data']) && $_REQUEST['data'] == '') {
unset($_REQUEST['data']); unset($_REQUEST['data']);
} }
if((!isset($_POST['key']) || !password_verify($CONFIG['thissitekey'], $_POST['key'])) || ((strlen(trim($_REQUEST['terms'])) < 2) && !$_REQUEST['data'])) { if ((! isset($_POST['key']) || ! password_verify($CONFIG['thissitekey'], $_POST['key'])) || ((strlen(trim($_REQUEST['terms'])) < 2) && ! $_REQUEST['data'])) {
include "head.inc"; include "head.inc";
echo '<h1 class="np_thread_headline">'; echo '<h1 class="np_thread_headline">';
echo '<a href="'.$file_index.'" target='.$frame['menu'].'>'.basename(getcwd()).'</a> / '; echo '<a href="' . $file_index . '" target=' . $frame['menu'] . '>' . basename(getcwd()) . '</a> / ';
echo 'search</h1>'; echo 'search</h1>';
echo '<table cellpadding="0" cellspacing="0" class="np_buttonbar"><tr>'; echo '<table cellpadding="0" cellspacing="0" class="np_buttonbar"><tr>';
if(isset($_GET['group'])) { if (isset($_GET['group'])) {
$searching = $_GET['group']; $searching = $_GET['group'];
} else { } else {
$searching = $config_name; $searching = $config_name;
} }
echo '<body>'; echo '<body>';
echo '<table width=100% border="0" align="center" cellpadding="0" cellspacing="1">'; echo '<table width=100% border="0" align="center" cellpadding="0" cellspacing="1">';
echo '<tr>'; echo '<tr>';
echo '<form name="form1" method="post" action="search.php">'; echo '<form name="form1" method="post" action="search.php">';
echo '<td>'; echo '<td>';
echo '<table width="100%" align="center" border="0" cellpadding="3" cellspacing="1">'; echo '<table width="100%" align="center" border="0" cellpadding="3" cellspacing="1">';
echo '<tr>'; echo '<tr>';
echo '<td colspan="3">Searching <strong>'.$searching.'</strong></td>'; echo '<td colspan="3">Searching <strong>' . $searching . '</strong></td>';
echo '</tr>'; echo '</tr>';
echo '<tr></tr>'; echo '<tr></tr>';
echo '<tr>'; echo '<tr>';
if(!isset($_REQUEST['data'])) { if (! isset($_REQUEST['data'])) {
echo '<td>Search Terms:&nbsp'; echo '<td>Search Terms:&nbsp';
} else { } else {
echo '<td>Search Poster:&nbsp'; echo '<td>Search Poster:&nbsp';
} }
if(isset($_GET['terms'])) { if (isset($_GET['terms'])) {
echo '<input name="terms" type="text" id="terms" value="'.$_GET['terms'].'"></td>'; echo '<input name="terms" type="text" id="terms" value="' . $_GET['terms'] . '"></td>';
} else { } else {
echo '<input name="terms" type="text" id="terms"></td>'; echo '<input name="terms" type="text" id="terms"></td>';
} }
echo '</tr><tr></tr><tr><td>'; echo '</tr><tr></tr><tr><td>';
if (isset($_GET['searchpoint']) && $_GET['searchpoint'] == 'Poster') { if (isset($_GET['searchpoint']) && $_GET['searchpoint'] == 'Poster') {
if($CONFIG['article_database'] == '1') { if ($CONFIG['article_database'] == '1') {
echo '<input type="radio" name="searchpoint" value="body"/>Body&nbsp;'; echo '<input type="radio" name="searchpoint" value="body"/>Body&nbsp;';
} }
echo '<input type="radio" name="searchpoint" value="subject"/>Subject&nbsp;'; echo '<input type="radio" name="searchpoint" value="subject"/>Subject&nbsp;';
echo '<input type="radio" name="searchpoint" value="name" checked="checked"/>Poster&nbsp;'; echo '<input type="radio" name="searchpoint" value="name" checked="checked"/>Poster&nbsp;';
echo '<input type="radio" name="searchpoint" value="msgid"/>Message-ID'; echo '<input type="radio" name="searchpoint" value="msgid"/>Message-ID';
} else { } else {
if($CONFIG['article_database'] == '1') { if ($CONFIG['article_database'] == '1') {
echo '&nbsp;<input type="radio" name="searchpoint" value="body" checked="checked"/>Body&nbsp;'; echo '&nbsp;<input type="radio" name="searchpoint" value="body" checked="checked"/>Body&nbsp;';
} }
echo '<input type="radio" name="searchpoint" value="subject"/>Subject&nbsp;'; echo '<input type="radio" name="searchpoint" value="subject"/>Subject&nbsp;';
echo '<input type="radio" name="searchpoint" value="name"/>Poster&nbsp;'; echo '<input type="radio" name="searchpoint" value="name"/>Poster&nbsp;';
echo '<input type="radio" name="searchpoint" value="msgid"/>Message-ID'; echo '<input type="radio" name="searchpoint" value="msgid"/>Message-ID';
}
echo '</td></tr>';
echo '<tr>';
echo '<td><input name="command" type="hidden" id="command" value="Search" readonly="readonly"></td>';
if (isset($_GET['group'])) {
echo '<input type="hidden" name="group" value="' . $_GET['group'] . '">';
}
echo '<input type="hidden" name="key" value="' . password_hash($CONFIG['thissitekey'], PASSWORD_DEFAULT) . '">';
if (isset($_GET['data'])) {
echo '<input type="hidden" name="data" value="' . $_GET['data'] . '">';
}
echo '</tr><tr></tr><tr>';
echo '<td><input type="submit" name="Submit" value="Search"></td>';
echo '</tr><tr><td><td></td><td></td></table></td></form></tr></table></body></html>';
exit(0);
} }
echo '</td></tr>';
echo '<tr>';
echo '<td><input name="command" type="hidden" id="command" value="Search" readonly="readonly"></td>';
if(isset($_GET['group'])) {
echo '<input type="hidden" name="group" value="'.$_GET['group'].'">';
}
echo '<input type="hidden" name="key" value="'.password_hash($CONFIG['thissitekey'], PASSWORD_DEFAULT).'">';
if(isset($_GET['data'])) {
echo '<input type="hidden" name="data" value="'.$_GET['data'].'">';
}
echo '</tr><tr></tr><tr>';
echo '<td><input type="submit" name="Submit" value="Search"></td>';
echo '</tr><tr><td><td></td><td></td></table></td></form></tr></table></body></html>';
exit(0);
}
if(isset($frames_on) && $frames_on === true) { if (isset($frames_on) && $frames_on === true) {
?> ?>
<script> <script>
var contentURL=window.location.pathname+window.location.search+window.location.hash; var contentURL=window.location.pathname+window.location.search+window.location.hash;
if ( window.self !== window.top ) { if ( window.self !== window.top ) {
@ -103,38 +103,38 @@ $maxdisplay = 1000;
$thissite = '.'; $thissite = '.';
$groupconfig=$config_path."/groups.txt"; $groupconfig = $config_path . "/groups.txt";
$title.=' - search results for: '.$_POST['terms']; $title .= ' - search results for: ' . $_POST['terms'];
include "head.inc"; include "head.inc";
ob_start(); ob_start();
if (isset($_POST['thisgroup'])) { if (isset($_POST['thisgroup'])) {
echo '<h1 class="np_thread_headline">'.$grouplist[0].' (latest)</h1>'; echo '<h1 class="np_thread_headline">' . $grouplist[0] . ' (latest)</h1>';
echo '<table cellpadding="0" cellspacing="0" width="100%" class="np_buttonbar"><tr>'; echo '<table cellpadding="0" cellspacing="0" width="100%" class="np_buttonbar"><tr>';
// Article List button // Article List button
echo '<td>'; echo '<td>';
echo '<form action="'.$file_thread.'">'; echo '<form action="' . $file_thread . '">';
echo '<input type="hidden" name="group" value="'.$grouplist[0].'"/>'; echo '<input type="hidden" name="group" value="' . $grouplist[0] . '"/>';
echo '<button class="np_button_link" type="submit">'.$text_article["back_to_group"].'</button>'; echo '<button class="np_button_link" type="submit">' . $text_article["back_to_group"] . '</button>';
echo '</form>'; echo '</form>';
echo '</td>'; echo '</td>';
// Newsgroups button (hidden) // Newsgroups button (hidden)
echo '<td>'; echo '<td>';
echo '<form action="'.$file_index.'">'; echo '<form action="' . $file_index . '">';
echo '<button class="np_button_hidden" type="submit">'.$text_thread["button_grouplist"].'</button>'; echo '<button class="np_button_hidden" type="submit">' . $text_thread["button_grouplist"] . '</button>';
echo '</form>'; echo '</form>';
echo '</td>'; echo '</td>';
echo '</tr></table>'; echo '</tr></table>';
} else { } else {
echo '<h1 class="np_thread_headline">'; echo '<h1 class="np_thread_headline">';
echo '<a href="'.$file_index.'" target='.$frame['menu'].'>'.basename(getcwd()).'</a> / '; echo '<a href="' . $file_index . '" target=' . $frame['menu'] . '>' . basename(getcwd()) . '</a> / ';
echo 'search results for: '.$_POST['terms'].'</h1>'; echo 'search results for: ' . $_POST['terms'] . '</h1>';
echo '<table cellpadding="0" cellspacing="0" width="100%" class="np_buttonbar"><tr>'; echo '<table cellpadding="0" cellspacing="0" width="100%" class="np_buttonbar"><tr>';
// Newsgroups button (hidden) // Newsgroups button (hidden)
echo '<td>'; echo '<td>';
echo '<form action="'.$file_index.'">'; echo '<form action="' . $file_index . '">';
echo '<button class="np_button_hidden" type="submit">'.$text_thread["button_grouplist"].'</button>'; echo '<button class="np_button_hidden" type="submit">' . $text_thread["button_grouplist"] . '</button>';
echo '</form>'; echo '</form>';
echo '</td>'; echo '</td>';
echo '</tr></table>'; echo '</tr></table>';
@ -143,117 +143,119 @@ echo '<table cellspacing="0" width="100%" class="np_results_table">';
# Iterate through groups # Iterate through groups
$results=0; $results = 0;
if(isset($_COOKIE['tzo'])) { if (isset($_COOKIE['tzo'])) {
$offset=$_COOKIE['tzo']; $offset = $_COOKIE['tzo'];
} else { } else {
$offset=$CONFIG['timezone']; $offset = $CONFIG['timezone'];
} }
$overview = array(); $overview = array();
if(!isset($group)) { if (! isset($group)) {
$group = null; $group = null;
} }
if($_POST['searchpoint'] == 'body') { if ($_POST['searchpoint'] == 'body') {
$overview = get_body_search($group, $_POST['terms']); $overview = get_body_search($group, $_POST['terms']);
} else { } else {
if(isset($_REQUEST['data'])) { if (isset($_REQUEST['data'])) {
$overview = get_header_search($group, base64_decode(urldecode($_REQUEST['data']))); $overview = get_header_search($group, base64_decode(urldecode($_REQUEST['data'])));
} else { } else {
$overview = get_header_search($group, $_POST['terms']); $overview = get_header_search($group, $_POST['terms']);
} }
} }
foreach($overview as $overviewline) { foreach ($overview as $overviewline) {
/* Find section for links */ /* Find section for links */
$menulist = file($config_dir."menu.conf", FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES); $menulist = file($config_dir . "menu.conf", FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
foreach($menulist as $menu) { foreach ($menulist as $menu) {
if($menu[0] == '#') { if ($menu[0] == '#') {
continue; continue;
} }
$menuitem=explode(':', $menu); $menuitem = explode(':', $menu);
$glfp=fopen($config_dir.$menuitem[0]."/groups.txt", 'r'); $glfp = fopen($config_dir . $menuitem[0] . "/groups.txt", 'r');
$section=""; $section = "";
while($gl=fgets($glfp)) { while ($gl = fgets($glfp)) {
$group_name = preg_split("/( |\t)/", $gl, 2); $group_name = preg_split("/( |\t)/", $gl, 2);
if(stripos(trim($overviewline['newsgroup']), trim($group_name[0])) !== false) { if (stripos(trim($overviewline['newsgroup']), trim($group_name[0])) !== false) {
$section=$menuitem[0]; $section = $menuitem[0];
break 2; break 2;
}
} }
}
} }
fclose($glfp); fclose($glfp);
# Generate link # Generate link
$url = "../".$section."/article-flat.php?id=".$overviewline['number']."&group="._rawurlencode($overviewline['newsgroup'])."#".$overviewline['number']; $url = "../" . $section . "/article-flat.php?id=" . $overviewline['number'] . "&group=" . _rawurlencode($overviewline['newsgroup']) . "#" . $overviewline['number'];
$groupurl = "../".$section."/thread.php?group="._rawurlencode($overviewline['newsgroup']); $groupurl = "../" . $section . "/thread.php?group=" . _rawurlencode($overviewline['newsgroup']);
$fromoutput = explode("<", html_entity_decode($overviewline['name'])); $fromoutput = explode("<", html_entity_decode($overviewline['name']));
// Use local timezone if possible // Use local timezone if possible
$ts = new DateTime(date($text_header["date_format"], $overviewline['date']), new DateTimeZone('UTC')); $ts = new DateTime(date($text_header["date_format"], $overviewline['date']), new DateTimeZone('UTC'));
$ts->add(DateInterval::createFromDateString($offset.' minutes')); $ts->add(DateInterval::createFromDateString($offset . ' minutes'));
if($offset != 0) { if ($offset != 0) {
$newdate = $ts->format('D, j M Y H:i'); $newdate = $ts->format('D, j M Y H:i');
} else { } else {
$newdate = $ts->format($text_header["date_format"]); $newdate = $ts->format($text_header["date_format"]);
} }
unset($ts); unset($ts);
$fromline=address_decode(headerDecode($overviewline['name']),"nowhere");
if (!isset($fromline[0]["personal"])) { $fromline = address_decode(headerDecode($overviewline['name']), "nowhere");
$lastname=$fromline[0]["mailbox"];;
} else {
$lastname=$fromline[0]["personal"];
}
if(($results % 2) != 0){ if (! isset($fromline[0]["personal"])) {
echo '<tr class="np_result_line1"><td class="np_result_line1" style="word-wrap:break-word";>'; $lastname = $fromline[0]["mailbox"];
} else { ;
echo '<tr class="np_result_line2"><td class="np_result_line2" style="word-wrap:break-word";>'; } else {
} $lastname = $fromline[0]["personal"];
}
echo '<p class=np_ob_subject>'; if (($results % 2) != 0) {
echo '<b><a href="'.$url.'">'.htmlspecialchars(mb_decode_mimeheader($overviewline['subject']))."</a></b>\r\n"; echo '<tr class="np_result_line1"><td class="np_result_line1" style="word-wrap:break-word";>';
echo '</p><p class=np_ob_group>'; } else {
echo '<a href="'.$groupurl.'">'.$overviewline['newsgroup'].'</a>'; echo '<tr class="np_result_line2"><td class="np_result_line2" style="word-wrap:break-word";>';
echo '</p>'; }
$fromline = address_decode($overviewline['name'],"nowhere"); echo '<p class=np_ob_subject>';
if (!isset($fromline[0]["host"])) $fromline[0]["host"]=""; echo '<b><a href="' . $url . '">' . htmlspecialchars(mb_decode_mimeheader($overviewline['subject'])) . "</a></b>\r\n";
$name_from=$fromline[0]["mailbox"]."@".$fromline[0]["host"]; echo '</p><p class=np_ob_group>';
$name_username=$fromline[0]["mailbox"]; echo '<a href="' . $groupurl . '">' . $overviewline['newsgroup'] . '</a>';
if (!isset($fromline[0]["personal"])) { echo '</p>';
$poster_name=$fromline[0]["mailbox"];
} else { $fromline = address_decode($overviewline['name'], "nowhere");
$poster_name=$fromline[0]["personal"]; if (! isset($fromline[0]["host"]))
} $fromline[0]["host"] = "";
if(trim($poster_name) == '') { $name_from = $fromline[0]["mailbox"] . "@" . $fromline[0]["host"];
$fromoutput = explode("<", html_entity_decode($c->name)); $name_username = $fromline[0]["mailbox"];
if(strlen($fromoutput[0]) < 1) { if (! isset($fromline[0]["personal"])) {
$poster_name = $fromoutput[1]; $poster_name = $fromline[0]["mailbox"];
} else { } else {
$poster_name = $fromoutput[0]; $poster_name = $fromline[0]["personal"];
} }
} if (trim($poster_name) == '') {
$poster_name = trim(mb_decode_mimeheader($poster_name), " \n\r\t\v\0\""); $fromoutput = explode("<", html_entity_decode($c->name));
echo '<p class=np_ob_posted_date>Posted: '.$newdate.' by: '.create_name_link($poster_name, $name_from).'</p>'; if (strlen($fromoutput[0]) < 1) {
if($_POST['searchpoint'] == 'body') { $poster_name = $fromoutput[1];
$snip = strip_tags(quoted_printable_decode($overviewline['snippet']), '<strong><font><i>'); } else {
} else { $poster_name = $fromoutput[0];
$snip = strip_tags(quoted_printable_decode($overviewline['search_snippet']), '<strong><font><i>'); }
$snip = substr($snip, 0, $snippet_size); }
} $poster_name = trim(mb_decode_mimeheader($poster_name), " \n\r\t\v\0\"");
echo $snip; echo '<p class=np_ob_posted_date>Posted: ' . $newdate . ' by: ' . create_name_link($poster_name, $name_from) . '</p>';
echo '</td></tr>'; if ($_POST['searchpoint'] == 'body') {
if($results++ > ($maxdisplay - 2)) $snip = strip_tags(quoted_printable_decode($overviewline['snippet']), '<strong><font><i>');
break; } else {
$snip = strip_tags(quoted_printable_decode($overviewline['search_snippet']), '<strong><font><i>');
$snip = substr($snip, 0, $snippet_size);
}
echo $snip;
echo '</td></tr>';
if ($results ++ > ($maxdisplay - 2))
break;
} }
echo '</table>'; echo '</table>';
echo "<p class=np_ob_tail><b>".$results."</b> matching articles found.</p>\r\n"; echo "<p class=np_ob_tail><b>" . $results . "</b> matching articles found.</p>\r\n";
#echo "<center><i>Rocksolid Overboard</i> version ".$version; # echo "<center><i>Rocksolid Overboard</i> version ".$version;
include "tail.inc"; include "tail.inc";
$thispage = ob_get_contents(); $thispage = ob_get_contents();
@ -262,129 +264,130 @@ ob_end_clean();
echo $thispage; echo $thispage;
function get_body_search($group, $terms) { function get_body_search($group, $terms)
GLOBAL $CONFIG, $config_name, $spooldir, $snippet_size; {
$terms = preg_replace("/'/", ' ', $terms); GLOBAL $CONFIG, $config_name, $spooldir, $snippet_size;
$terms = trim($terms); $terms = preg_replace("/'/", ' ', $terms);
if($terms[0] !== '"' || substr($terms, -1) !== '"') { $terms = trim($terms);
$terms = preg_replace('/"/', '', $terms); if ($terms[0] !== '"' || substr($terms, - 1) !== '"') {
$terms = preg_replace("/\ /", '" "', $terms); $terms = preg_replace('/"/', '', $terms);
$terms = preg_replace('/"NEAR"/', 'NEAR', $terms); $terms = preg_replace("/\ /", '" "', $terms);
$terms = preg_replace('/"AND"/', 'AND', $terms); $terms = preg_replace('/"NEAR"/', 'NEAR', $terms);
$terms = preg_replace('/"OR"/', 'OR', $terms); $terms = preg_replace('/"AND"/', 'AND', $terms);
$terms = preg_replace('/"NOT"/', 'NOT', $terms); $terms = preg_replace('/"OR"/', 'OR', $terms);
$terms = '"'.$terms.'"'; $terms = preg_replace('/"NOT"/', 'NOT', $terms);
} $terms = '"' . $terms . '"';
if(isset($_POST['group'])) {
$grouplist[0] = $_POST['group'];
} else {
$local_groupfile=$spooldir."/".$config_name."/local_groups.txt";
$grouplist = file($local_groupfile, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
} }
foreach($grouplist as $thisgroup) { if (isset($_POST['group'])) {
$name = explode(':', $thisgroup); $grouplist[0] = $_POST['group'];
$group=$name[0]; } else {
$database = $spooldir.'/'.$group.'-articles.db3'; $local_groupfile = $spooldir . "/" . $config_name . "/local_groups.txt";
if(!is_file($database)) { $grouplist = file($local_groupfile, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
continue; }
} foreach ($grouplist as $thisgroup) {
$dbh = article_db_open($database); $name = explode(':', $thisgroup);
$stmt = $dbh->prepare("SELECT snippet(search_fts, 6, '<strong><font class=search_result><i>', '</i></font></strong>', '...', $snippet_size) as snippet, newsgroup, number, name, date, subject, rank FROM search_fts WHERE search_fts MATCH 'search_snippet:$terms' ORDER BY rank"); $group = $name[0];
$stmt->execute(); $database = $spooldir . '/' . $group . '-articles.db3';
if (! is_file($database)) {
continue;
}
$dbh = article_db_open($database);
$stmt = $dbh->prepare("SELECT snippet(search_fts, 6, '<strong><font class=search_result><i>', '</i></font></strong>', '...', $snippet_size) as snippet, newsgroup, number, name, date, subject, rank FROM search_fts WHERE search_fts MATCH 'search_snippet:$terms' ORDER BY rank");
$stmt->execute();
while ($row = $stmt->fetch()) { while ($row = $stmt->fetch()) {
$overview[] = $row; $overview[] = $row;
} }
$dbh = null; $dbh = null;
} }
// do not perform a usort of an empty search result // do not perform a usort of an empty search result
if ($overview != null) if ($overview != null) {
{ usort($overview, function ($a, $b) {
usort($overview, return $a['rank'] <=> $b['rank'];
function($a, $b) { });
return $a['rank'] <=> $b['rank'];
});
} }
return $overview; return $overview;
} }
function get_header_search($group, $terms) { function get_header_search($group, $terms)
GLOBAL $CONFIG, $config_name, $spooldir, $snippet_size; {
$terms = preg_replace('/\%/', '\%', $terms); GLOBAL $CONFIG, $config_name, $spooldir, $snippet_size;
$searchterms = "%".$terms."%"; $terms = preg_replace('/\%/', '\%', $terms);
if(isset($_POST['group']) && $_POST['searchpoint'] != 'msgid') { $searchterms = "%" . $terms . "%";
$grouplist[0] = $_POST['group']; if (isset($_POST['group']) && $_POST['searchpoint'] != 'msgid') {
} elseif($_POST['searchpoint'] != 'msgid') { $grouplist[0] = $_POST['group'];
$local_groupfile=$spooldir."/".$config_name."/local_groups.txt"; } elseif ($_POST['searchpoint'] != 'msgid') {
$local_groupfile = $spooldir . "/" . $config_name . "/local_groups.txt";
$grouplist = file($local_groupfile, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES); $grouplist = file($local_groupfile, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
} else { } else {
$local_groupfile=$spooldir."/spoolnews/groups.txt"; $local_groupfile = $spooldir . "/spoolnews/groups.txt";
$grouplist = file($local_groupfile, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES); $grouplist = file($local_groupfile, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
} }
# Prepare search database # Prepare search database
$database = $spooldir.'/articles-overview.db3'; $database = $spooldir . '/articles-overview.db3';
$table = 'overview'; $table = 'overview';
$dbh = overview_db_open($database, $table); $dbh = overview_db_open($database, $table);
$overview = array(); $overview = array();
foreach($grouplist as $thisgroup) { foreach ($grouplist as $thisgroup) {
$name = explode(':', $thisgroup); $name = explode(':', $thisgroup);
$group=$name[0]; $group = $name[0];
$article_database = $spooldir.'/'.$group.'-articles.db3'; $article_database = $spooldir . '/' . $group . '-articles.db3';
if(!is_file($article_database)) { if (! is_file($article_database)) {
continue; continue;
} }
$article_dbh = article_db_open($article_database); $article_dbh = article_db_open($article_database);
$article_stmt = $article_dbh->prepare("SELECT * FROM articles WHERE number=:number"); $article_stmt = $article_dbh->prepare("SELECT * FROM articles WHERE number=:number");
if(is_multibyte($_POST['terms'])) { if (is_multibyte($_POST['terms'])) {
$stmt = $dbh->prepare("SELECT * FROM $table WHERE newsgroup=:group"); $stmt = $dbh->prepare("SELECT * FROM $table WHERE newsgroup=:group");
$stmt->bindParam(':group', $group); $stmt->bindParam(':group', $group);
$stmt->execute(); $stmt->execute();
while($found = $stmt->fetch()) { while ($found = $stmt->fetch()) {
if(stripos(mb_decode_mimeheader($found[$_POST['searchpoint']]), $_POST['terms']) !== false) { if (stripos(mb_decode_mimeheader($found[$_POST['searchpoint']]), $_POST['terms']) !== false) {
$article_stmt->bindParam(':number', $found['number']); $article_stmt->bindParam(':number', $found['number']);
$article_stmt->execute(); $article_stmt->execute();
$found_snip = $article_stmt->fetch(); $found_snip = $article_stmt->fetch();
$found['search_snippet'] = $found_snip['search_snippet']; $found['search_snippet'] = $found_snip['search_snippet'];
$found['sort_date'] = $found_snip['date']; $found['sort_date'] = $found_snip['date'];
$overview[] = $found; $overview[] = $found;
}
}
} else {
$stmt = $dbh->prepare("SELECT * FROM $table WHERE newsgroup=:group AND ".$_POST['searchpoint']." like :terms ESCAPE '\' ORDER BY date DESC");
$stmt->bindParam(':group', $group);
$stmt->bindParam(':terms', $searchterms);
$check = "/([a-z]|[0-9]|\!|#|\$|\%|\&|\'|\*|\+|\-|\/|\=|\?|\^|\_|\"|\`|\{|\||\}|\~|\;)".trim($searchterms, '\%')."/i";
$stmt->execute();
while($found = $stmt->fetch()) {
if(isset($_REQUEST['data']) && ($_REQUEST['searchpoint'] == 'name')) {
if(preg_match($check, $found['name'])) {
continue;
} }
}
$article_stmt->bindParam(':number', $found['number']);
$article_stmt->execute();
$found_snip = $article_stmt->fetch();
$found['search_snippet'] = $found_snip['search_snippet'];
$found['sort_date'] = $found_snip['date'];
$overview[] = $found;
} }
} } else {
$article_dbh = null; $stmt = $dbh->prepare("SELECT * FROM $table WHERE newsgroup=:group AND " . $_POST['searchpoint'] . " like :terms ESCAPE '\' ORDER BY date DESC");
$stmt->bindParam(':group', $group);
$stmt->bindParam(':terms', $searchterms);
$check = "/([a-z]|[0-9]|\!|#|\$|\%|\&|\'|\*|\+|\-|\/|\=|\?|\^|\_|\"|\`|\{|\||\}|\~|\;)" . trim($searchterms, '\%') . "/i";
$stmt->execute();
while ($found = $stmt->fetch()) {
if (isset($_REQUEST['data']) && ($_REQUEST['searchpoint'] == 'name')) {
if (preg_match($check, $found['name'])) {
continue;
}
}
$article_stmt->bindParam(':number', $found['number']);
$article_stmt->execute();
$found_snip = $article_stmt->fetch();
$found['search_snippet'] = $found_snip['search_snippet'];
$found['sort_date'] = $found_snip['date'];
$overview[] = $found;
}
}
$article_dbh = null;
} }
$dbh = null; $dbh = null;
usort($overview, function($b, $a) { usort($overview, function ($b, $a) {
return $a['sort_date'] <=> $b['sort_date']; return $a['sort_date'] <=> $b['sort_date'];
}); });
return $overview; return $overview;
} }
function highlightStr($haystack, $needle) { function highlightStr($haystack, $needle)
{
preg_match_all("/$needle+/i", $haystack, $matches); preg_match_all("/$needle+/i", $haystack, $matches);
if (is_array($matches[0]) && count($matches[0]) >= 1) { if (is_array($matches[0]) && count($matches[0]) >= 1) {
foreach ($matches[0] as $match) { foreach ($matches[0] as $match) {
$haystack = str_replace($match, '<b>'.$match.'</b>', $haystack); $haystack = str_replace($match, '<b>' . $match . '</b>', $haystack);
} }
} }
return $haystack; return $haystack;
} }

261
Rocksolid_Light/rocksolid/thread.php
View File

@ -1,55 +1,53 @@
<?php <?php
session_start(); session_start();
$_SESSION['group'] = $_SERVER['REQUEST_URI']; $_SESSION['group'] = $_SERVER['REQUEST_URI'];
$_SESSION['rsactive'] = true; $_SESSION['rsactive'] = true;
include "config.inc.php"; include "config.inc.php";
include("$file_newsportal"); include ("$file_newsportal");
include "auth.inc"; include "auth.inc";
$logfile=$logdir.'/newsportal.log'; $logfile = $logdir . '/newsportal.log';
throttle_hits(); throttle_hits();
write_access_log(); write_access_log();
// register parameters // register parameters
$group=_rawurldecode($_REQUEST["group"]); $group = _rawurldecode($_REQUEST["group"]);
if(isset($_REQUEST["first"])) if (isset($_REQUEST["first"]))
$first=intval($_REQUEST["first"]); $first = intval($_REQUEST["first"]);
if(isset($_REQUEST["last"])) if (isset($_REQUEST["last"]))
$last=intval($_REQUEST["last"]); $last = intval($_REQUEST["last"]);
// Switch to correct section in case group has been moved and link is to old section // Switch to correct section in case group has been moved and link is to old section
$findsection = get_section_by_group($group); $findsection = get_section_by_group($group);
if(trim($findsection) !== $config_name) { if (trim($findsection) !== $config_name) {
if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on') if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on')
$link = "https"; $link = "https";
else $link = "http"; else
$link .= "://"; $link = "http";
$link .= $_SERVER['HTTP_HOST']; $link .= "://";
$link .= $_SERVER['REQUEST_URI']; $link .= $_SERVER['HTTP_HOST'];
$newurl = preg_replace("|/$config_name/|", "/$findsection/", $link); $link .= $_SERVER['REQUEST_URI'];
header("Location:$newurl"); $newurl = preg_replace("|/$config_name/|", "/$findsection/", $link);
die(); header("Location:$newurl");
} die();
if(isset($_COOKIE['mail_name'])) { }
if($userdata = get_user_mail_auth_data($_COOKIE['mail_name'])) { if (isset($_COOKIE['mail_name'])) {
$userfile=$spooldir.'/'.strtolower($_COOKIE['mail_name']).'-articleviews.dat'; if ($userdata = get_user_mail_auth_data($_COOKIE['mail_name'])) {
$userfile = $spooldir . '/' . strtolower($_COOKIE['mail_name']) . '-articleviews.dat';
} }
} }
$thread_show["latest"]=true; $thread_show["latest"] = true;
$title.= ' - '.$group; $title .= ' - ' . $group;
include "head.inc"; include "head.inc";
$CONFIG = include($config_file); $CONFIG = include ($config_file);
if((!function_exists("npreg_group_has_read_access") || if ((! function_exists("npreg_group_has_read_access") || npreg_group_has_read_access($group)) && (! function_exists("npreg_group_is_visible") || npreg_group_is_visible($group))) {
npreg_group_has_read_access($group)) &&
(!function_exists("npreg_group_is_visible") ||
npreg_group_is_visible($group))) {
if(isset($frames_on) && $frames_on === true) { if (isset($frames_on) && $frames_on === true) {
?> ?>
<script> <script>
var contentURL=window.location.pathname+window.location.search+window.location.hash; var contentURL=window.location.pathname+window.location.search+window.location.hash;
if ( window.self !== window.top ) { if ( window.self !== window.top ) {
@ -59,108 +57,105 @@ if(isset($frames_on) && $frames_on === true) {
} }
top.history.replaceState({}, 'Title', 'index.php?content='+encodeURIComponent(contentURL)); top.history.replaceState({}, 'Title', 'index.php?content='+encodeURIComponent(contentURL));
</script> </script>
<?php <?php
}
if($userdata) {
$userdata[$group] = time();
file_put_contents($userfile, serialize($userdata));
}
if(!isset($_SERVER['REQUEST_STRING'])) {
$_SERVER['REQUEST_STRING'] = '';
}
$_SESSION['return_page'] = $_SERVER['REQUEST_URI'].$_SERVER['REQUEST_STRING'];
echo '<a name="top"></a>';
echo '<h1 class="np_thread_headline">';
echo '<a href="'.$file_index.'" target='.$frame['menu'].'>'.basename(getcwd()).'</a> / ';
echo htmlspecialchars(group_display_name($group)).'</h1>';
echo '<table cellpadding="0" cellspacing="0" width="100%" class="np_buttonbar"><tr>';
// View Latest button
if (isset($overboard) && ($overboard == true)) {
echo '<td>';
echo '<form action="overboard.php">';
echo '<input type="hidden" name="thisgroup" value="'._rawurlencode($group).'"/>';
echo '<button class="np_button_link" type="submit">'.$text_thread["button_latest"].'</button>';
echo '</form>';
echo '</td>';
}
if (!$CONFIG['readonly'] &&
(!function_exists("npreg_group_has_write_access") ||
npreg_group_has_write_access($group)))
{
// New Thread button
echo '<td>';
echo '<form action="'.$file_post.'">';
echo '<input type="hidden" name="group" value="'.urlencode($group).'"/>';
echo '<button class="np_button_link" type="submit">'.$text_thread["button_write"].'</button>';
echo '</form>';
echo '</td>';
}
// Search button
echo '<td>';
echo '<form target="'.$frame['content'].'" action="search.php">';
echo '<button class="np_button_link" type="submit">'.$text_thread["button_search"].'</button>';
echo '<input type="hidden" name="group" value="'.urlencode($group).'"/>';
echo '</form>';
echo '</td>';
// Newsgroups button (hidden)
if(isset($frames_on) && $frames_on === true) {
echo '<td>';
echo '<form action="'.$file_index.'">';
echo '<button class="np_button_hidden" type="submit">'.$text_thread["button_grouplist"].'</button>';
echo '</form>';
echo '</td>';
}
// $ns=nntp_open($server,$port);
flush();
$headers = thread_load($group);
if($headers) {
$article_count=count($headers);
}
if ($articles_per_page != 0) {
if ((!isset($first)) || (!isset($last))) {
if ($startpage=="first") {
$first=1;
$last=$articles_per_page;
} else {
$first=$article_count - (($article_count -1) % $articles_per_page);
$last=$article_count;
}
} }
echo '<td class="np_pages" width="100%" align="right">'; if ($userdata) {
// Show the replies to an article in the thread view? $userdata[$group] = time();
if($thread_show["replies"]) { file_put_contents($userfile, serialize($userdata));
// yes, so the counting of the shown articles is very easy }
$pagecount=count($headers); if (! isset($_SERVER['REQUEST_STRING'])) {
} else { $_SERVER['REQUEST_STRING'] = '';
// oh no, the replies will not be shown, this makes life hard... }
$pagecount=0; $_SESSION['return_page'] = $_SERVER['REQUEST_URI'] . $_SERVER['REQUEST_STRING'];
if(($headers) && (count($headers) > 0 && is_array($headers))) {
foreach($headers as $h) { echo '<a name="top"></a>';
if($h->isAnswer==false) echo '<h1 class="np_thread_headline">';
$pagecount++;
echo '<a href="' . $file_index . '" target=' . $frame['menu'] . '>' . basename(getcwd()) . '</a> / ';
echo htmlspecialchars(group_display_name($group)) . '</h1>';
echo '<table cellpadding="0" cellspacing="0" width="100%" class="np_buttonbar"><tr>';
// View Latest button
if (isset($overboard) && ($overboard == true)) {
echo '<td>';
echo '<form action="overboard.php">';
echo '<input type="hidden" name="thisgroup" value="' . _rawurlencode($group) . '"/>';
echo '<button class="np_button_link" type="submit">' . $text_thread["button_latest"] . '</button>';
echo '</form>';
echo '</td>';
}
if (! $CONFIG['readonly'] && (! function_exists("npreg_group_has_write_access") || npreg_group_has_write_access($group))) {
// New Thread button
echo '<td>';
echo '<form action="' . $file_post . '">';
echo '<input type="hidden" name="group" value="' . urlencode($group) . '"/>';
echo '<button class="np_button_link" type="submit">' . $text_thread["button_write"] . '</button>';
echo '</form>';
echo '</td>';
}
// Search button
echo '<td>';
echo '<form target="' . $frame['content'] . '" action="search.php">';
echo '<button class="np_button_link" type="submit">' . $text_thread["button_search"] . '</button>';
echo '<input type="hidden" name="group" value="' . urlencode($group) . '"/>';
echo '</form>';
echo '</td>';
// Newsgroups button (hidden)
if (isset($frames_on) && $frames_on === true) {
echo '<td>';
echo '<form action="' . $file_index . '">';
echo '<button class="np_button_hidden" type="submit">' . $text_thread["button_grouplist"] . '</button>';
echo '</form>';
echo '</td>';
}
// $ns=nntp_open($server,$port);
flush();
$headers = thread_load($group);
if ($headers) {
$article_count = count($headers);
}
if ($articles_per_page != 0) {
if ((! isset($first)) || (! isset($last))) {
if ($startpage == "first") {
$first = 1;
$last = $articles_per_page;
} else {
$first = $article_count - (($article_count - 1) % $articles_per_page);
$last = $article_count;
}
} }
} echo '<td class="np_pages" width="100%" align="right">';
// Show the replies to an article in the thread view?
if ($thread_show["replies"]) {
// yes, so the counting of the shown articles is very easy
$pagecount = count($headers);
} else {
// oh no, the replies will not be shown, this makes life hard...
$pagecount = 0;
if (($headers) && (count($headers) > 0 && is_array($headers))) {
foreach ($headers as $h) {
if ($h->isAnswer == false)
$pagecount ++;
}
}
}
thread_pageselect($group, $pagecount, $first);
echo '</td>';
} else {
$first = 0;
$last = $article_count;
} }
echo '</tr></table>';
thread_pageselect($group,$pagecount,$first); thread_show($headers, $group, $first, $last);
echo '</td>'; echo '<table cellpadding="0" cellspacing="0" width="100%" class="np_buttonbar"><tr>';
} else { echo '<td class="np_pages" width="100%" align="right">';
$first=0; thread_pageselect($group, $pagecount, $first);
$last=$article_count; echo '</td></tr></table>';
}
echo '</tr></table>';
thread_show($headers,$group,$first,$last);
echo '<table cellpadding="0" cellspacing="0" width="100%" class="np_buttonbar"><tr>';
echo '<td class="np_pages" width="100%" align="right">';
thread_pageselect($group,$pagecount,$first);
echo '</td></tr></table>';
} else { } else {
echo $text_register["no_access_group"]; echo $text_register["no_access_group"];
} }
$sessions_data = file_get_contents($spooldir.'/sessions.dat'); $sessions_data = file_get_contents($spooldir . '/sessions.dat');
echo '<h1 class="np_thread_headline">'.$sessions_data.'</h1>'; echo '<h1 class="np_thread_headline">' . $sessions_data . '</h1>';
include "tail.inc"; include "tail.inc";
?> ?>

690
Rocksolid_Light/rslight/scripts/interBBS_mail.php
View File

@ -1,36 +1,35 @@
<?php <?php
include "config.inc.php"; include "config.inc.php";
include ("$file_newsportal"); include ("$file_newsportal");
include $config_dir."/gpg.conf"; include $config_dir . "/gpg.conf";
$logfile = $logdir.'/mail.log'; $logfile = $logdir . '/mail.log';
$lockfile = $lockdir . '/rslight-bbsmail.lock'; $lockfile = $lockdir . '/rslight-bbsmail.lock';
$pid = file_get_contents($lockfile); $pid = file_get_contents($lockfile);
if (posix_getsid($pid) === false || !is_file($lockfile)) { if (posix_getsid($pid) === false || ! is_file($lockfile)) {
print "Starting BBSmail...\n"; print "Starting BBSmail...\n";
file_put_contents($lockfile, getmypid()); // create lockfile file_put_contents($lockfile, getmypid()); // create lockfile
} else { } else {
print "BBSmail currently running\n"; print "BBSmail currently running\n";
exit; exit();
} }
$bbsmail_path=$spooldir."/bbsmail/"; $bbsmail_path = $spooldir . "/bbsmail/";
if(!is_dir($bbsmail_path.'in')) { if (! is_dir($bbsmail_path . 'in')) {
mkdir($bbsmail_path.'in', 0700, true); mkdir($bbsmail_path . 'in', 0700, true);
} }
if(!is_dir($bbsmail_path.'failed')) { if (! is_dir($bbsmail_path . 'failed')) {
mkdir($bbsmail_path.'failed', 0700, true); mkdir($bbsmail_path . 'failed', 0700, true);
} }
if(!is_dir($bbsmail_path.'processed')) { if (! is_dir($bbsmail_path . 'processed')) {
mkdir($bbsmail_path.'processed', 0700, true); mkdir($bbsmail_path . 'processed', 0700, true);
} }
prune_dir_by_days($bbsmail_path.'failed', 30); prune_dir_by_days($bbsmail_path . 'failed', 30);
prune_dir_by_days($bbsmail_path.'processed', 30); prune_dir_by_days($bbsmail_path . 'processed', 30);
// Set up gnupg // Set up gnupg
putenv("GNUPGHOME=".$rslight_gpg['gnupghome']); putenv("GNUPGHOME=" . $rslight_gpg['gnupghome']);
$res = gnupg_init(); $res = gnupg_init();
$gnupg_summary = array( $gnupg_summary = array(
@ -56,340 +55,363 @@ $gnupg_validity = array(
"5" => "Validity: ULTIMATE" "5" => "Validity: ULTIMATE"
); );
/***** Receive mail *****/ /**
unset($messages); * *** Receive mail ****
$messages = array_diff(scandir($bbsmail_path.'/in/'), array('..', '.')); */
foreach($messages as $message) { unset($messages);
$filename = explode($bbsmail_path.'/in/', $message); $messages = array_diff(scandir($bbsmail_path . '/in/'), array(
$filename = $filename[0]; '..',
// Put message data into array $inspect[] '.'
if(($inspect = inspect_message($bbsmail_path.'/in/'.$message, $filename)) == false) { ));
continue; foreach ($messages as $message) {
} $filename = explode($bbsmail_path . '/in/', $message);
if($inspect['type'] == 'mailkey') { $filename = $filename[0];
if(($info = verify_gpg_signature($res, $inspect['body'])) == true) { // Put message data into array $inspect[]
echo 'GOOD signature in: "'.$filename.'"'."\n"; if (($inspect = inspect_message($bbsmail_path . '/in/' . $message, $filename)) == false) {
file_put_contents($logfile, "\n".format_log_date()." ".$config_name.' GOOD signature in: "'.$filename.'"', FILE_APPEND); continue;
// Do we already have this key? }
if(gnupg_keyinfo($res, $inspect['mailkey_domain']) !== false) { // Yes, we do if ($inspect['type'] == 'mailkey') {
file_put_contents($logfile, "\n".format_log_date()." ".$config_name.' Key already in keyring for: '.$inspect['mailkey_domain'], FILE_APPEND); if (($info = verify_gpg_signature($res, $inspect['body'])) == true) {
rename($bbsmail_path.'/in/'.$message, $bbsmail_path.'processed/'.$message); echo 'GOOD signature in: "' . $filename . '"' . "\n";
} else { // No, we don't file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . ' GOOD signature in: "' . $filename . '"', FILE_APPEND);
file_put_contents($logfile, "\n".format_log_date()." ".$config_name.' Key not found in keyring for: '.$inspect['mailkey_domain'], FILE_APPEND); // Do we already have this key?
} if (gnupg_keyinfo($res, $inspect['mailkey_domain']) !== false) { // Yes, we do
} else { file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . ' Key already in keyring for: ' . $inspect['mailkey_domain'], FILE_APPEND);
echo 'BAD or UNKNOWN signature in: "'.$filename.'"'."\n"; rename($bbsmail_path . '/in/' . $message, $bbsmail_path . 'processed/' . $message);
file_put_contents($logfile, "\n".format_log_date()." ".$config_name.' BAD or UNKNOWN signature in: "'.$filename.'"', FILE_APPEND); } else { // No, we don't
get_key_from_message($res, $inspect, $message); file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . ' Key not found in keyring for: ' . $inspect['mailkey_domain'], FILE_APPEND);
} }
} } else {
if($inspect['type'] == 'bbsmail') { echo 'BAD or UNKNOWN signature in: "' . $filename . '"' . "\n";
$info = gnupg_decryptverify($res,$inspect['body'],$plaintext); file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . ' BAD or UNKNOWN signature in: "' . $filename . '"', FILE_APPEND);
if($info !== false) { get_key_from_message($res, $inspect, $message);
if($info[0]['summary'] > 3) { }
echo $gnupg_summary[$info[0]['summary']]." in: ".$filename."\n"; }
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." ".$gnupg_summary[$info[0]['summary']]." in: ".$filename, FILE_APPEND); if ($inspect['type'] == 'bbsmail') {
$info = gnupg_decryptverify($res, $inspect['body'], $plaintext);
$inspect['mailkey_domain'] = preg_split('/@/', $inspect['from'], 2); if ($info !== false) {
$inspect['mailkey_domain'] = $inspect['mailkey_domain'][1]; if ($info[0]['summary'] > 3) {
echo $gnupg_summary[$info[0]['summary']] . " in: " . $filename . "\n";
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " " . $gnupg_summary[$info[0]['summary']] . " in: " . $filename, FILE_APPEND);
$inspect['mailkey_location'] = $inspect['mailkey_domain'].'/pubkey/server_pubkey.txt'; $inspect['mailkey_domain'] = preg_split('/@/', $inspect['from'], 2);
get_key_from_message($res, $inspect, $message); $inspect['mailkey_domain'] = $inspect['mailkey_domain'][1];
if(strpos($filename, '-retry') !== false) {
rename($bbsmail_path.'/in/'.$message, $bbsmail_path.'failed/'.$message); $inspect['mailkey_location'] = $inspect['mailkey_domain'] . '/pubkey/server_pubkey.txt';
} else { get_key_from_message($res, $inspect, $message);
rename($bbsmail_path.'/in/'.$message, $bbsmail_path.'/in/'.$message.'-retry'); if (strpos($filename, '-retry') !== false) {
} rename($bbsmail_path . '/in/' . $message, $bbsmail_path . 'failed/' . $message);
} else { } else {
echo 'GOOD signature in: "'.$filename.'"'."\n"; rename($bbsmail_path . '/in/' . $message, $bbsmail_path . '/in/' . $message . '-retry');
file_put_contents($logfile, "\n".format_log_date()." ".$config_name.' GOOD signature in: "'.$filename.'"', FILE_APPEND); }
// Now let's get and import the mail message } else {
// Does the @from match the signature domain? echo 'GOOD signature in: "' . $filename . '"' . "\n";
$inspect = inspect_bbsmail($res, $plaintext); file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . ' GOOD signature in: "' . $filename . '"', FILE_APPEND);
$keyinfo = gnupg_keyinfo($res, $info[0]['fingerprint']); // Now let's get and import the mail message
$signature_domain = preg_replace('/rslight@/', '', $keyinfo[0]['uids'][0]['uid']); // Does the @from match the signature domain?
$info = preg_split('/\@/', $inspect['bbsmail_from'], 2); $inspect = inspect_bbsmail($res, $plaintext);
$bbsmail_domain = $info[1]; $keyinfo = gnupg_keyinfo($res, $info[0]['fingerprint']);
$signature_domain = preg_replace('/rslight@/', '', $keyinfo[0]['uids'][0]['uid']);
if(($signature_domain == $bbsmail_domain) && ($signature_domain == $inspect['bbsmail_domain'])) { // Yes, the domains match $info = preg_split('/\@/', $inspect['bbsmail_from'], 2);
echo "THE DOMAINS MATCH. OK TO IMPORT MESSAGE\n"; $bbsmail_domain = $info[1];
echo $plaintext;
print_r($inspect); if (($signature_domain == $bbsmail_domain) && ($signature_domain == $inspect['bbsmail_domain'])) { // Yes, the domains match
echo "THE DOMAINS MATCH. OK TO IMPORT MESSAGE\n";
$mail_from = $inspect['bbsmail_sender'].'@'.$inspect['bbsmail_domain']; echo $plaintext;
$info = preg_split('/@/', $inspect['bbsmail_recipient'], 2); print_r($inspect);
$rcpt_to = $info[0];
$mail_from = $inspect['bbsmail_sender'] . '@' . $inspect['bbsmail_domain'];
$date = strtotime($inspect['bbsmail_date']); $info = preg_split('/@/', $inspect['bbsmail_recipient'], 2);
$rcpt_to = $info[0];
if(!isset($inspect['bbsmail_sender']) || !isset($inspect['bbsmail_recipient']) || !isset($inspect['bbsmail_sender']) || !isset($inspect['bbsmail_body'])) {
echo "Incomplete Headers... Aborting Message Import\n"; $date = strtotime($inspect['bbsmail_date']);
} else {
if(import_user_message($mail_from, $rcpt_to, $date, $inspect['bbsmail_subject'], $inspect['bbsmail_body'])) { if (! isset($inspect['bbsmail_sender']) || ! isset($inspect['bbsmail_recipient']) || ! isset($inspect['bbsmail_sender']) || ! isset($inspect['bbsmail_body'])) {
rename($bbsmail_path.'/in/'.$message, $bbsmail_path.'processed/'.$message); echo "Incomplete Headers... Aborting Message Import\n";
} } else {
} if (import_user_message($mail_from, $rcpt_to, $date, $inspect['bbsmail_subject'], $inspect['bbsmail_body'])) {
} else { // No, the domains DO NOT MATCH rename($bbsmail_path . '/in/' . $message, $bbsmail_path . 'processed/' . $message);
echo "DOMAIN MISMATCH\n"; }
file_put_contents($logfile, "\nComparing sig_dom: ".$signature_domain." bbsmail_domain: ".$bbsmail_domain." ins[bbs_dom]: ".$inspect['bbsmail_domain'], FILE_APPEND); }
file_put_contents($logfile, "\n".format_log_date()." ".$config_name.' DOMAIN MISMATCH in: "'.$filename.'" '.$error, FILE_APPEND); } else { // No, the domains DO NOT MATCH
rename($bbsmail_path.'/in/'.$message, $bbsmail_path.'failed/'.$message); echo "DOMAIN MISMATCH\n";
} file_put_contents($logfile, "\nComparing sig_dom: " . $signature_domain . " bbsmail_domain: " . $bbsmail_domain . " ins[bbs_dom]: " . $inspect['bbsmail_domain'], FILE_APPEND);
} file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . ' DOMAIN MISMATCH in: "' . $filename . '" ' . $error, FILE_APPEND);
} else { rename($bbsmail_path . '/in/' . $message, $bbsmail_path . 'failed/' . $message);
$error = gnupg_geterrorinfo($res); }
print_r($error); }
echo 'BAD signature in: "'.$filename.'"'."\n"; } else {
echo $error['generic_message'].': '.$error['gpgme_message']."\n"; $error = gnupg_geterrorinfo($res);
file_put_contents($logfile, "\n".format_log_date()." ".$config_name.' BAD signature in: "'.$filename.'" '.$error['generic_message'].': '.$error['gpgme_message'], FILE_APPEND); print_r($error);
$inspect['mailkey_domain'] = preg_replace('/rslight@/', '', $inspect['from']); echo 'BAD signature in: "' . $filename . '"' . "\n";
$inspect['mailkey_location'] = $inspect['mailkey_domain'].'/pubkey/server_pubkey.txt'; echo $error['generic_message'] . ': ' . $error['gpgme_message'] . "\n";
get_key_from_message($res, $inspect, $message); file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . ' BAD signature in: "' . $filename . '" ' . $error['generic_message'] . ': ' . $error['gpgme_message'], FILE_APPEND);
if(strpos($filename, '-retry') !== false) { $inspect['mailkey_domain'] = preg_replace('/rslight@/', '', $inspect['from']);
rename($bbsmail_path.'/in/'.$message, $bbsmail_path.'failed/'.$message); $inspect['mailkey_location'] = $inspect['mailkey_domain'] . '/pubkey/server_pubkey.txt';
} else { get_key_from_message($res, $inspect, $message);
rename($bbsmail_path.'/in/'.$message, $bbsmail_path.'/in/'.$message.'-retry'); if (strpos($filename, '-retry') !== false) {
} rename($bbsmail_path . '/in/' . $message, $bbsmail_path . 'failed/' . $message);
} } else {
} rename($bbsmail_path . '/in/' . $message, $bbsmail_path . '/in/' . $message . '-retry');
} }
}
/***** Send key to group *****/ }
}
/**
* *** Send key to group ****
*/
// How often to send key to group // How often to send key to group
// in seconds (default 1 month) // in seconds (default 1 month)
$mail_update_time = 2592000; $mail_update_time = 2592000;
$do_mail_update = false; $do_mail_update = false;
if(filemtime($spooldir.'/bbs-mail-update-timer') + $mail_update_time > time()) { //false if (filemtime($spooldir . '/bbs-mail-update-timer') + $mail_update_time > time()) { // false
if(is_file($config_dir.'/bbs-mail-debug')) { //true if (is_file($config_dir . '/bbs-mail-debug')) { // true
$do_mail_update = true; $do_mail_update = true;
} }
} else { //true } else { // true
$do_mail_update = true; $do_mail_update = true;
} }
if($do_mail_update == true) { if ($do_mail_update == true) {
echo "Sending keys to ".$rslight_gpg['nntp_group']."\n"; echo "Sending keys to " . $rslight_gpg['nntp_group'] . "\n";
send_keys_to_group($res, $rslight_gpg); send_keys_to_group($res, $rslight_gpg);
touch($spooldir.'/bbs-mail-update-timer'); touch($spooldir . '/bbs-mail-update-timer');
} }
function import_user_message($from, $rcpt, $date, $subject, $message) { function import_user_message($from, $rcpt, $date, $subject, $message)
{
global $config_dir, $spooldir; global $config_dir, $spooldir;
if(($to = get_config_value('aliases.conf', strtolower($rcpt))) == false) { if (($to = get_config_value('aliases.conf', strtolower($rcpt))) == false) {
$to = strtolower($rcpt); $to = strtolower($rcpt);
} }
$to = trim($to); $to = trim($to);
if(strlen($subject) < 1) { if (strlen($subject) < 1) {
$subject = "(no subject)"; $subject = "(no subject)";
} }
$database = $spooldir.'/mail.db3'; $database = $spooldir . '/mail.db3';
$dbh = mail_db_open($database); $dbh = mail_db_open($database);
if(!$dbh) { if (! $dbh) {
echo "Database error\n"; echo "Database error\n";
return false; return false;
} }
$msgid = '<'.md5(strtolower($to).strtolower($from).strtolower($subject).strtolower($message)).'>'; $msgid = '<' . md5(strtolower($to) . strtolower($from) . strtolower($subject) . strtolower($message)) . '>';
$sql = 'INSERT OR IGNORE INTO messages(msgid, mail_from, rcpt_to, rcpt_target, date, subject, message, from_hide, to_hide, mail_viewed, rcpt_viewed) VALUES(?,?,?,?,?,?,?,?,?,?,?)'; $sql = 'INSERT OR IGNORE INTO messages(msgid, mail_from, rcpt_to, rcpt_target, date, subject, message, from_hide, to_hide, mail_viewed, rcpt_viewed) VALUES(?,?,?,?,?,?,?,?,?,?,?)';
$stmt = $dbh->prepare($sql); $stmt = $dbh->prepare($sql);
$target = "local"; $target = "local";
$mail_viewed = null; $mail_viewed = null;
$rcpt_viewed = null; $rcpt_viewed = null;
$q = $stmt->execute([$msgid, $from, $to, $target, intval($date), $subject, $message, null, null, $mail_viewed, $rcpt_viewed]); $q = $stmt->execute([
$msgid,
$from,
$to,
$target,
intval($date),
$subject,
$message,
null,
null,
$mail_viewed,
$rcpt_viewed
]);
$dbh = null; $dbh = null;
return true; return true;
} }
function get_key_from_message($res, $inspect, $message) { function get_key_from_message($res, $inspect, $message)
{
global $logfile, $config_name, $bbsmail_path; global $logfile, $config_name, $bbsmail_path;
$filename = explode($bbsmail_path.'/in/', $message); $filename = explode($bbsmail_path . '/in/', $message);
$filename = $filename[0]; $filename = $filename[0];
// Let's try to get the key // Let's try to get the key
echo "Let's try to get the key\n"; echo "Let's try to get the key\n";
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Let's try to get the key", FILE_APPEND); file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Let's try to get the key", FILE_APPEND);
// Display stuff for testing // Display stuff for testing
echo "Domain: ".$inspect['mailkey_domain']."\n"; echo "Domain: " . $inspect['mailkey_domain'] . "\n";
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Domain: ".$inspect['mailkey_domain'], FILE_APPEND); file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Domain: " . $inspect['mailkey_domain'], FILE_APPEND);
echo "Location: ".$inspect['mailkey_location']."\n"; echo "Location: " . $inspect['mailkey_location'] . "\n";
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Location: ".$inspect['mailkey_location'], FILE_APPEND); file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Location: " . $inspect['mailkey_location'], FILE_APPEND);
$location = "http://".$inspect['mailkey_location']; $location = "http://" . $inspect['mailkey_location'];
$import = gnupg_import($res, file_get_contents($location)); $import = gnupg_import($res, file_get_contents($location));
if($import) { if ($import) {
echo "IMPORTED: ".$import['fingerprint']."\n"; echo "IMPORTED: " . $import['fingerprint'] . "\n";
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." IMPORTED: ".$import['fingerprint'], FILE_APPEND); file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " IMPORTED: " . $import['fingerprint'], FILE_APPEND);
// Verify that domain in IMPORTED KEY matches exactly: "Location" and "Domain" in MAILKEY message // Verify that domain in IMPORTED KEY matches exactly: "Location" and "Domain" in MAILKEY message
// If it DOES NOT, then DELETE the new key immediately // If it DOES NOT, then DELETE the new key immediately
$keyinfo = gnupg_keyinfo($res, $import['fingerprint']); $keyinfo = gnupg_keyinfo($res, $import['fingerprint']);
$imported_domain = preg_replace('/rslight@/', '', $keyinfo[0]['uids'][0]['uid']); $imported_domain = preg_replace('/rslight@/', '', $keyinfo[0]['uids'][0]['uid']);
$mailkey_location = explode('/', $inspect['mailkey_location']); $mailkey_location = explode('/', $inspect['mailkey_location']);
if(($imported_domain == $inspect['mailkey_domain']) && ($imported_domain == $mailkey_location[0])) { if (($imported_domain == $inspect['mailkey_domain']) && ($imported_domain == $mailkey_location[0])) {
echo "Domain Match: ".$imported_domain."\n"; echo "Domain Match: " . $imported_domain . "\n";
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Domain Match: ".$imported_domain, FILE_APPEND); file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Domain Match: " . $imported_domain, FILE_APPEND);
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." New PGP Key added for: ".$imported_domain." Domain: ".$imported_domain."\nFingerprint: ".$import['fingerprint'], FILE_APPEND); file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " New PGP Key added for: " . $imported_domain . " Domain: " . $imported_domain . "\nFingerprint: " . $import['fingerprint'], FILE_APPEND);
send_admin_message('admin', 'admin', 'New PGP Key added for: '.$imported_domain, 'Domain: '.$imported_domain."\nFingerprint: ".$import['fingerprint']."\n"); send_admin_message('admin', 'admin', 'New PGP Key added for: ' . $imported_domain, 'Domain: ' . $imported_domain . "\nFingerprint: " . $import['fingerprint'] . "\n");
return true; return true;
} else { } else {
echo "Domain MIS-MATCH: ".$imported_domain." DELETING...\n"; echo "Domain MIS-MATCH: " . $imported_domain . " DELETING...\n";
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Domain MIS-MATCH: ".$imported_domain." DELETING...", FILE_APPEND); file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Domain MIS-MATCH: " . $imported_domain . " DELETING...", FILE_APPEND);
if(gnupg_deletekey($res, $import['fingerprint'])) { if (gnupg_deletekey($res, $import['fingerprint'])) {
echo "SUCCESS Deleting ".$import['fingerprint']."\n"; echo "SUCCESS Deleting " . $import['fingerprint'] . "\n";
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." SUCCESS Deleting ".$import['fingerprint'], FILE_APPEND); file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " SUCCESS Deleting " . $import['fingerprint'], FILE_APPEND);
} else { } else {
echo "WARNING!: FAILED to Delete ".$import['fingerprint']."\n"; echo "WARNING!: FAILED to Delete " . $import['fingerprint'] . "\n";
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." WARNING!: FAILED to Delete ".$import['fingerprint'], FILE_APPEND); file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " WARNING!: FAILED to Delete " . $import['fingerprint'], FILE_APPEND);
} }
return false; return false;
} }
} else { } else {
echo "Failed to import key from ".$location."\n"; echo "Failed to import key from " . $location . "\n";
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Failed to import key from ".$location, FILE_APPEND); file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Failed to import key from " . $location, FILE_APPEND);
if(strpos($filename, '-retry') !== false) { if (strpos($filename, '-retry') !== false) {
rename($bbsmail_path.'/in/'.$filename, $bbsmail_path.'failed/'.$filename); rename($bbsmail_path . '/in/' . $filename, $bbsmail_path . 'failed/' . $filename);
} else { } else {
rename($bbsmail_path.'/in/'.$filename, $bbsmail_path.'/in/'.$filename.'-retry'); rename($bbsmail_path . '/in/' . $filename, $bbsmail_path . '/in/' . $filename . '-retry');
} }
return false; return false;
} }
} }
function inspect_bbsmail($res, $plaintext) { function inspect_bbsmail($res, $plaintext)
{
$bbsmail_header = 0; $bbsmail_header = 0;
$bbsmail_body = 0; $bbsmail_body = 0;
$message_body = 0; $message_body = 0;
$plaintext = explode("\n", $plaintext); $plaintext = explode("\n", $plaintext);
foreach($plaintext as $line) { foreach ($plaintext as $line) {
if(strpos($line, '@@BEGIN BBSMAIL HEADERS') !== false) { if (strpos($line, '@@BEGIN BBSMAIL HEADERS') !== false) {
$bbsmail_header = 1; $bbsmail_header = 1;
} }
if($bbsmail_header == 1) { if ($bbsmail_header == 1) {
if(strpos($line, 'From: ') !== false) { if (strpos($line, 'From: ') !== false) {
$bbsmail = explode("From: ", $line); $bbsmail = explode("From: ", $line);
$return_data['bbsmail_from'] = trim($bbsmail[1]); $return_data['bbsmail_from'] = trim($bbsmail[1]);
} else { } else {
if(strpos($line, 'Version: ') !== false) { if (strpos($line, 'Version: ') !== false) {
$bbsmail = explode("Version: ", $line); $bbsmail = explode("Version: ", $line);
$return_data['bbsmail_version'] = trim($bbsmail[1]); $return_data['bbsmail_version'] = trim($bbsmail[1]);
} else { } else {
if(strpos($line, 'Notice-ID: ') !== false) { if (strpos($line, 'Notice-ID: ') !== false) {
$bbsmail = explode("Notice-ID: ", $line); $bbsmail = explode("Notice-ID: ", $line);
$return_data['bbsmail_notice-id'] = trim($bbsmail[1]); $return_data['bbsmail_notice-id'] = trim($bbsmail[1]);
}
}
}
if(strpos($line, 'Key: ') !== false) {
$bbsmail = explode("Key: ", $line);
$return_data['bbsmail_key'] = trim($bbsmail[1]);
} else {
if(strpos($line, 'Location: ') !== false) {
$bbsmail = explode("Location: ", $line);
$return_data['bbsmail_location'] = trim($bbsmail[1]);
} else {
if(strpos($line, 'Domain: ') !== false) {
$bbsmail = explode("Domain: ", $line);
$return_data['bbsmail_domain'] = trim($bbsmail[1]);
}
}
}
}
if(strpos($line, '@@BEGIN BBSMAIL BODY') !== false) {
$bbsmail_header = 0;
$bbsmail_body = 1;
continue;
}
if($bbsmail_body == 1) {
if(strpos($line, '@@END BBSMAIL BODY') !== false) {
break;
}
if($message_body == 1) {
$return_data['bbsmail_body'].=$line."\n";
continue;
}
if(strpos($line, 'Sender: ') !== false) {
$bbsmail = explode("Sender: ", $line);
$return_data['bbsmail_sender'] = trim($bbsmail[1]);
} else {
if(strpos($line, 'Recipient: ') !== false) {
$bbsmail = explode("Recipient: ", $line);
$return_data['bbsmail_recipient'] = trim($bbsmail[1]);
} else {
if(strpos($line, 'Date: ') !== false) {
$bbsmail = explode("Date: ", $line);
$return_data['bbsmail_date'] = trim($bbsmail[1]);
} else {
if(strpos($line, 'Subject: ') !== false) {
$bbsmail = explode("Subject: ", $line);
$return_data['bbsmail_subject'] = trim($bbsmail[1]);
} else {
if(strpos($line, 'Body: ') !== false) {
$bbsmail = explode("Body: ", $line);
$return_data['bbsmail_body'] = $bbsmail[1]."\n";
$message_body = 1;
}
}
}
}
}
}
if(trim($line) == '.') {
$line = ' ';
}
if($bbsmail_body == 1) {
if(!isset($return_data['body'])) {
$line = ltrim($line);
} }
} }
} }
return($return_data); if (strpos($line, 'Key: ') !== false) {
$bbsmail = explode("Key: ", $line);
$return_data['bbsmail_key'] = trim($bbsmail[1]);
} else {
if (strpos($line, 'Location: ') !== false) {
$bbsmail = explode("Location: ", $line);
$return_data['bbsmail_location'] = trim($bbsmail[1]);
} else {
if (strpos($line, 'Domain: ') !== false) {
$bbsmail = explode("Domain: ", $line);
$return_data['bbsmail_domain'] = trim($bbsmail[1]);
}
}
}
}
if (strpos($line, '@@BEGIN BBSMAIL BODY') !== false) {
$bbsmail_header = 0;
$bbsmail_body = 1;
continue;
}
if ($bbsmail_body == 1) {
if (strpos($line, '@@END BBSMAIL BODY') !== false) {
break;
}
if ($message_body == 1) {
$return_data['bbsmail_body'] .= $line . "\n";
continue;
}
if (strpos($line, 'Sender: ') !== false) {
$bbsmail = explode("Sender: ", $line);
$return_data['bbsmail_sender'] = trim($bbsmail[1]);
} else {
if (strpos($line, 'Recipient: ') !== false) {
$bbsmail = explode("Recipient: ", $line);
$return_data['bbsmail_recipient'] = trim($bbsmail[1]);
} else {
if (strpos($line, 'Date: ') !== false) {
$bbsmail = explode("Date: ", $line);
$return_data['bbsmail_date'] = trim($bbsmail[1]);
} else {
if (strpos($line, 'Subject: ') !== false) {
$bbsmail = explode("Subject: ", $line);
$return_data['bbsmail_subject'] = trim($bbsmail[1]);
} else {
if (strpos($line, 'Body: ') !== false) {
$bbsmail = explode("Body: ", $line);
$return_data['bbsmail_body'] = $bbsmail[1] . "\n";
$message_body = 1;
}
}
}
}
}
}
if (trim($line) == '.') {
$line = ' ';
}
if ($bbsmail_body == 1) {
if (! isset($return_data['body'])) {
$line = ltrim($line);
}
}
}
return ($return_data);
} }
function inspect_message($message, $filename) { function inspect_message($message, $filename)
{
global $logfile, $config_name, $bbsmail_path; global $logfile, $config_name, $bbsmail_path;
$header = array(); $header = array();
$body = array(); $body = array();
$return_data = array(); $return_data = array();
if(strpos($message, 'bbsmail-MAILKEY notice')) { if (strpos($message, 'bbsmail-MAILKEY notice')) {
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Found MAILKEY message ".$filename, FILE_APPEND); file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Found MAILKEY message " . $filename, FILE_APPEND);
} else { } else {
if(strpos($message, 'bbsmail-BBSMAIL notice')) { if (strpos($message, 'bbsmail-BBSMAIL notice')) {
$return_data['type'] = 'bbsmail'; $return_data['type'] = 'bbsmail';
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Found BBSMAIL message ".$filename, FILE_APPEND); file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Found BBSMAIL message " . $filename, FILE_APPEND);
} else { } else {
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Found UNKNOWN message ".$filename, FILE_APPEND); file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Found UNKNOWN message " . $filename, FILE_APPEND);
rename($bbsmail_path.'/in/'.$filename, $bbsmail_path.'failed/'.$filename); rename($bbsmail_path . '/in/' . $filename, $bbsmail_path . 'failed/' . $filename);
return false; return false;
} }
} }
$raw_message = file($message); $raw_message = file($message);
$is_header = 1; $is_header = 1;
$mailkey_header = 0; $mailkey_header = 0;
$mailkey_body = 0; $mailkey_body = 0;
foreach($raw_message as $line) { foreach ($raw_message as $line) {
if(trim($line) == '' && $is_header == 1) { if (trim($line) == '' && $is_header == 1) {
$is_header = 0; $is_header = 0;
continue; continue;
} }
if($is_header == 1) { if ($is_header == 1) {
$return_data['header'].=$line; $return_data['header'] .= $line;
if(strpos($line, 'From: ') !== false) { if (strpos($line, 'From: ') !== false) {
$from_line = explode("From: ", $line); $from_line = explode("From: ", $line);
$from = trim($from_line[1]); $from = trim($from_line[1]);
$return_data['from'] = $from; $return_data['from'] = $from;
} }
if(strpos($line, 'Subject: ') !== false) { if (strpos($line, 'Subject: ') !== false) {
$subject_line = explode("Subject: ", $line); $subject_line = explode("Subject: ", $line);
$subject = trim($subject_line[1]); $subject = trim($subject_line[1]);
if(strpos($subject, '@@RSL MAILKEY notice') !== false) { if (strpos($subject, '@@RSL MAILKEY notice') !== false) {
$return_data['type'] = 'mailkey'; $return_data['type'] = 'mailkey';
} else { } else {
if(strpos($subject, '@@RSL BBSMAIL notice') !== false) { if (strpos($subject, '@@RSL BBSMAIL notice') !== false) {
$return_data['type'] = 'bbsmail'; $return_data['type'] = 'bbsmail';
} else { } else {
return false; return false;
@ -398,133 +420,135 @@ function inspect_message($message, $filename) {
} }
$header[] = $line; $header[] = $line;
} else { } else {
$return_data['body'].=$line; $return_data['body'] .= $line;
if($return_data['type'] == 'mailkey') { if ($return_data['type'] == 'mailkey') {
if(strpos($line, '@@BEGIN MAILKEY HEADERS') !== false) { if (strpos($line, '@@BEGIN MAILKEY HEADERS') !== false) {
$mailkey_header = 1; $mailkey_header = 1;
} }
if($mailkey_header == 1) { if ($mailkey_header == 1) {
if(strpos($line, 'From: ') !== false) { if (strpos($line, 'From: ') !== false) {
$mailkey = explode("From: ", $line); $mailkey = explode("From: ", $line);
$return_data['mailkey_from'] = trim($mailkey[1]); $return_data['mailkey_from'] = trim($mailkey[1]);
} else { } else {
if(strpos($line, 'Version: ') !== false) { if (strpos($line, 'Version: ') !== false) {
$mailkey = explode("Version: ", $line); $mailkey = explode("Version: ", $line);
$return_data['mailkey_version'] = trim($mailkey[1]); $return_data['mailkey_version'] = trim($mailkey[1]);
} else { } else {
if(strpos($line, 'Notice-ID: ') !== false) { if (strpos($line, 'Notice-ID: ') !== false) {
$mailkey = explode("Notice-ID: ", $line); $mailkey = explode("Notice-ID: ", $line);
$return_data['mailkey_notice-id'] = trim($mailkey[1]); $return_data['mailkey_notice-id'] = trim($mailkey[1]);
} }
} }
} }
} }
if(strpos($line, '@@BEGIN MAILKEY BODY') !== false) { if (strpos($line, '@@BEGIN MAILKEY BODY') !== false) {
$mailkey_body = 1; $mailkey_body = 1;
$mailkey_header = 0; $mailkey_header = 0;
} }
if($mailkey_body == 1) { if ($mailkey_body == 1) {
if(strpos($line, 'Key: ') !== false) { if (strpos($line, 'Key: ') !== false) {
$mailkey = explode("Key: ", $line); $mailkey = explode("Key: ", $line);
$return_data['mailkey_key'] = trim($mailkey[1]); $return_data['mailkey_key'] = trim($mailkey[1]);
} else { } else {
if(strpos($line, 'Location: ') !== false) { if (strpos($line, 'Location: ') !== false) {
$mailkey = explode("Location: ", $line); $mailkey = explode("Location: ", $line);
$return_data['mailkey_location'] = trim($mailkey[1]); $return_data['mailkey_location'] = trim($mailkey[1]);
} else { } else {
if(strpos($line, 'Domain: ') !== false) { if (strpos($line, 'Domain: ') !== false) {
$mailkey = explode("Domain: ", $line); $mailkey = explode("Domain: ", $line);
$return_data['mailkey_domain'] = trim($mailkey[1]); $return_data['mailkey_domain'] = trim($mailkey[1]);
} }
} }
} }
} }
if(trim($line) == '.') { if (trim($line) == '.') {
$line = ' '; $line = ' ';
} }
} }
} }
} }
return($return_data); return ($return_data);
} }
function send_keys_to_group($res, $rslight_gpg) { function send_keys_to_group($res, $rslight_gpg)
{
global $spooldir, $config_name, $logfile, $mail_update_time, $CONFIG, $rslight_version; global $spooldir, $config_name, $logfile, $mail_update_time, $CONFIG, $rslight_version;
$cwd = getcwd(); $cwd = getcwd();
$keydir = preg_replace('/spoolnews/','pubkey/',$cwd); $keydir = preg_replace('/spoolnews/', 'pubkey/', $cwd);
$key_location = "/pubkey/server_pubkey.txt"; $key_location = "/pubkey/server_pubkey.txt";
$signing_key = trim(file_get_contents($keydir.'/server_fingerprint.txt')); $signing_key = trim(file_get_contents($keydir . '/server_fingerprint.txt'));
$fingerprint_clean = preg_replace('/\ /', '', $signing_key); $fingerprint_clean = preg_replace('/\ /', '', $signing_key);
if(gnupg_keyinfo($res, $fingerprint_clean) == false) { // We have no private key, abort. if (gnupg_keyinfo($res, $fingerprint_clean) == false) { // We have no private key, abort.
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Private Key not Found", FILE_APPEND); file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Private Key not Found", FILE_APPEND);
return false; return false;
} }
gnupg_addsignkey($res,$fingerprint_clean)."\n"; gnupg_addsignkey($res, $fingerprint_clean) . "\n";
$start="@@BEGIN MAILKEY HEADERS"; $start = "@@BEGIN MAILKEY HEADERS";
$begin="@@BEGIN MAILKEY BODY"; $begin = "@@BEGIN MAILKEY BODY";
$end="@@END MAILKEY BODY"; $end = "@@END MAILKEY BODY";
/* Get days since last sent for creating message-id /*
* (Don't allow posting more than once per day) * Get days since last sent for creating message-id
*/ * (Don't allow posting more than once per day)
*/
$date1 = date_create(date("Y-m-d", time() - $mail_update_time)); $date1 = date_create(date("Y-m-d", time() - $mail_update_time));
$date2 = date_create(date("Y-m-d", time())); $date2 = date_create(date("Y-m-d", time()));
$diff_days = date_diff($date1,$date2); $diff_days = date_diff($date1, $date2);
$outgoing_dir = $spooldir.'/'.$config_name.'/outgoing'; $outgoing_dir = $spooldir . '/' . $config_name . '/outgoing';
if(!is_dir($outgoing_dir)) { if (! is_dir($outgoing_dir)) {
mkdir($outgoing_dir, 0700, true); mkdir($outgoing_dir, 0700, true);
} }
$domain = $rslight_gpg['domain_name']; $domain = $rslight_gpg['domain_name'];
$organization = $CONFIG['organization']; $organization = $CONFIG['organization'];
$from = $rslight_gpg['from_email']; $from = $rslight_gpg['from_email'];
$contact = $rslight_gpg['contact']; $contact = $rslight_gpg['contact'];
$outgoing_file = tempnam($outgoing_dir, 'bbsmail-'); $outgoing_file = tempnam($outgoing_dir, 'bbsmail-');
$body=''; $body = '';
$body.="You may use this to import the public key for $domain.\n"; $body .= "You may use this to import the public key for $domain.\n";
$body.="This message is automatically generated by $from.\n"; $body .= "This message is automatically generated by $from.\n";
$body.="for inter-bbs mail exchange for Rocksolid Light.\n\n"; $body .= "for inter-bbs mail exchange for Rocksolid Light.\n\n";
$body.="This message was signed using the following key:\n"; $body .= "This message was signed using the following key:\n";
$body.="$signing_key\n\n"; $body .= "$signing_key\n\n";
$body.="The GPG key needed to verify the signature of messages\n"; $body .= "The GPG key needed to verify the signature of messages\n";
$body.="issued by $from is available at:\n"; $body .= "issued by $from is available at:\n";
$body.="$domain$key_location\n\n"; $body .= "$domain$key_location\n\n";
$body.="For information contact $contact.\n\n"; $body .= "For information contact $contact.\n\n";
$body.=$start."\n"; $body .= $start . "\n";
$body.=' Version: '.$rslight_version."\n"; $body .= ' Version: ' . $rslight_version . "\n";
$body.=' From: '.$from."\n"; $body .= ' From: ' . $from . "\n";
$hashtail = hash('crc32', $domain.$organization.$from.$rslight_gpg['nntp_group']); $hashtail = hash('crc32', $domain . $organization . $from . $rslight_gpg['nntp_group']);
$thishash = hash('crc32', $body.$diff_days->format("%a").$hashtail).hash('crc32', $signing_key); $thishash = hash('crc32', $body . $diff_days->format("%a") . $hashtail) . hash('crc32', $signing_key);
$body.=" Notice-ID: ".$thishash."\n"; $body .= " Notice-ID: " . $thishash . "\n";
$body.=$begin."\n"; $body .= $begin . "\n";
$body.=" Key: ".$signing_key."\n"; $body .= " Key: " . $signing_key . "\n";
$body.=" Location: ".$domain.$key_location."\n"; $body .= " Location: " . $domain . $key_location . "\n";
$body.=" Domain: ".$domain."\n"; $body .= " Domain: " . $domain . "\n";
$body.=$end."\n"; $body .= $end . "\n";
$header=''; $header = '';
$header.="From: $from\n"; $header .= "From: $from\n";
$header.="Newsgroups: ".$rslight_gpg['nntp_group']."\n"; $header .= "Newsgroups: " . $rslight_gpg['nntp_group'] . "\n";
$header.="Subject: @@RSL MAILKEY notice ".$thishash."\n"; $header .= "Subject: @@RSL MAILKEY notice " . $thishash . "\n";
$header.="Message-ID: <$thishash@$domain>\n"; $header .= "Message-ID: <$thishash@$domain>\n";
$header.="Content-Type: text/plain; charset=utf-8; format=flowed\n"; $header .= "Content-Type: text/plain; charset=utf-8; format=flowed\n";
$header.="Content-Transfer-Encoding: 8bit\n"; $header .= "Content-Transfer-Encoding: 8bit\n";
$header.="Organization: $organization\n\n"; $header .= "Organization: $organization\n\n";
$signed_body = gnupg_sign($res, $body); $signed_body = gnupg_sign($res, $body);
file_put_contents($outgoing_file, $header.$signed_body); file_put_contents($outgoing_file, $header . $signed_body);
echo "Posted <".$thishash."@".$domain.">\n\n"; echo "Posted <" . $thishash . "@" . $domain . ">\n\n";
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Mail Sent: <".$thishash."@".$domain.">", FILE_APPEND); file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Mail Sent: <" . $thishash . "@" . $domain . ">", FILE_APPEND);
return true; return true;
} }

221
Rocksolid_Light/rslight/scripts/nntp-ssl.php
View File

@ -1,18 +1,18 @@
<?php <?php
include "config.inc.php"; include "config.inc.php";
include ("$file_newsportal"); include ("$file_newsportal");
include $config_dir."/scripts/rslight-lib.php"; include $config_dir . "/scripts/rslight-lib.php";
if(file_exists($config_dir."/nntp.disable")) { if (file_exists($config_dir . "/nntp.disable")) {
clearstatcache(true, $config_dir."/nntp.disable"); clearstatcache(true, $config_dir . "/nntp.disable");
$parent_pid = file_get_contents($lockdir.'/rslight-nntp.lock', IGNORE_NEW_LINES); $parent_pid = file_get_contents($lockdir . '/rslight-nntp.lock', IGNORE_NEW_LINES);
posix_kill($parent_pid, SIGTERM); posix_kill($parent_pid, SIGTERM);
exit; exit();
} }
/** /**
* Listens for requests and forks on each connection * Listens for requests and forks on each connection
*/ */
$__server_listening = true; $__server_listening = true;
//error_reporting(E_ALL); // error_reporting(E_ALL);
set_time_limit(0); set_time_limit(0);
ob_implicit_flush(); ob_implicit_flush();
declare(ticks = 1); declare(ticks = 1);
@ -24,167 +24,154 @@
pcntl_signal(SIGINT, 'sig_handler'); pcntl_signal(SIGINT, 'sig_handler');
pcntl_signal(SIGCHLD, 'sig_handler'); pcntl_signal(SIGCHLD, 'sig_handler');
if(isset($CONFIG['enable_all_networks']) && $CONFIG['enable_all_networks'] == true) { if (isset($CONFIG['enable_all_networks']) && $CONFIG['enable_all_networks'] == true) {
$bind="0.0.0.0"; $bind = "0.0.0.0";
} else { } else {
$bind=$CONFIG['local_server']; $bind = $CONFIG['local_server'];
} }
server_loop($bind, $CONFIG['local_ssl_port']); server_loop($bind, $CONFIG['local_ssl_port']);
/** /**
* Change the identity to a non-priv user * Change the identity to a non-priv user
*/ */
function change_identity( $uid, $gid ) function change_identity($uid, $gid)
{ {
if( !posix_setgid( $gid ) ) if (! posix_setgid($gid)) {
{
print "Unable to setgid to " . $gid . "!\n"; print "Unable to setgid to " . $gid . "!\n";
exit; exit();
} }
if( !posix_setuid( $uid ) ) if (! posix_setuid($uid)) {
{
print "Unable to setuid to " . $uid . "!\n"; print "Unable to setuid to " . $uid . "!\n";
exit; exit();
} }
} }
/** /**
* Creates a server socket and listens for incoming client connections * Creates a server socket and listens for incoming client connections
* @param string $address The address to listen on *
* @param int $port The port to listen on * @param string $address
*/ * The address to listen on
* @param int $port
* The port to listen on
*/
function server_loop($address, $port) function server_loop($address, $port)
{ {
GLOBAL $__server_listening; GLOBAL $__server_listening;
GLOBAL GLOBAL $CONFIG, $logdir, $lockdir, $webserver_uid, $webserver_gid, $installed_path, $config_path, $groupconfig, $workpath, $path, $spooldir, $ssldir, $nntp_group, $auth_ok;
$CONFIG,$logdir,$lockdir,$webserver_uid,$webserver_gid,$installed_path, $logfile = $logdir . '/nntp.log';
$config_path,$groupconfig,$workpath,$path,$spooldir,$ssldir,$nntp_group,$auth_ok; $lockfile = $lockdir . '/rslight-nntp-ssl.lock';
$logfile=$logdir.'/nntp.log'; $pid = file_get_contents($lockfile);
$lockfile = $lockdir . '/rslight-nntp-ssl.lock'; if (posix_getsid($pid) === false || ! is_file($lockfile)) {
$pid = file_get_contents($lockfile); print "Starting Rocksolid Light NNTP Server...\n";
if (posix_getsid($pid) === false || !is_file($lockfile)) { file_put_contents($lockfile, getmypid()); // create lockfile
print "Starting Rocksolid Light NNTP Server...\n"; } else {
file_put_contents($lockfile, getmypid()); // create lockfile print "Rocksolid Light NNTP Server currently running\n";
} else { exit();
print "Rocksolid Light NNTP Server currently running\n"; }
exit;
}
$auth_ok = 0; $auth_ok = 0;
$user = ""; $user = "";
$pass = ""; $pass = "";
$pemfile = $ssldir.'/server.pem'; $pemfile = $ssldir . '/server.pem';
if(!is_file($pemfile)) { if (! is_file($pemfile)) {
create_node_ssl_cert($pemfile); create_node_ssl_cert($pemfile);
} }
$context = stream_context_create(); $context = stream_context_create();
stream_context_set_option($context, 'ssl', 'local_cert', $pemfile); stream_context_set_option($context, 'ssl', 'local_cert', $pemfile);
stream_context_set_option($context, 'ssl', 'allow_self_signed', true); stream_context_set_option($context, 'ssl', 'allow_self_signed', true);
stream_context_set_option($context, 'ssl', 'verify_peer', false); stream_context_set_option($context, 'ssl', 'verify_peer', false);
stream_context_set_option($context, 'ssl', 'verify_peer_name', false); stream_context_set_option($context, 'ssl', 'verify_peer_name', false);
stream_context_set_option($context, 'ssl', 'ciphers', 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384'); stream_context_set_option($context, 'ssl', 'ciphers', 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384');
$sock = stream_socket_server( $sock = stream_socket_server('tcp://' . $address . ':' . $port, $errno, $errstr, STREAM_SERVER_BIND | STREAM_SERVER_LISTEN, $context);
'tcp://'.$address.':'.$port, /* Change to non root user */
$errno, $uinfo = posix_getpwnam($CONFIG['webserver_user']);
$errstr, change_identity($uinfo["uid"], $uinfo["gid"]);
STREAM_SERVER_BIND|STREAM_SERVER_LISTEN, /* Everything below runs as $CONFIG['webserver_user'] */
$context
);
/* Change to non root user */
$uinfo=posix_getpwnam($CONFIG['webserver_user']);
change_identity($uinfo["uid"],$uinfo["gid"]);
/* Everything below runs as $CONFIG['webserver_user'] */
echo "waiting for clients to connect\n"; echo "waiting for clients to connect\n";
while ($__server_listening) while ($__server_listening) {
{
$connection = stream_socket_accept($sock); $connection = stream_socket_accept($sock);
if ($connection === false) if ($connection === false) {
{
usleep(100); usleep(100);
}elseif ($connection > 0) } elseif ($connection > 0) {
{
handle_client($sock, $connection); handle_client($sock, $connection);
}else } else {
{ echo "error: " . socket_strerror($connection);
echo "error: ".socket_strerror($connection); file_put_contents($logfile, "\n" . format_log_date() . " error: " . socket_strerror($connection), FILE_APPEND);
file_put_contents($logfile, "\n".format_log_date()." error: ".socket_strerror($connection), FILE_APPEND); die();
die;
} }
} }
} }
/** /**
* Signal handler * Signal handler
*/ */
function sig_handler($sig) function sig_handler($sig)
{ {
switch($sig) switch ($sig) {
{
case SIGTERM: case SIGTERM:
case SIGINT: case SIGINT:
exit(); exit();
break; break;
case SIGCHLD: case SIGCHLD:
pcntl_waitpid(-1, $status); pcntl_waitpid(- 1, $status);
break; break;
} }
} }
/** /**
* Handle a new client connection * Handle a new client connection
*/ */
function handle_client($ssock, $csock) function handle_client($ssock, $csock)
{ {
GLOBAL $__server_listening; GLOBAL $__server_listening;
$pid = pcntl_fork(); $pid = pcntl_fork();
if ($pid == -1) if ($pid == - 1) {
{
/* fork failed */ /* fork failed */
echo "fork failure!\n"; echo "fork failure!\n";
die; die();
}elseif ($pid == 0) } elseif ($pid == 0) {
{
/* child process */ /* child process */
$__server_listening = false; $__server_listening = false;
fclose($ssock); fclose($ssock);
interact($csock, true); interact($csock, true);
fclose($csock); fclose($csock);
}else } else {
{
fclose($csock); fclose($csock);
} }
} }
function create_certificate($pemfile) { function create_certificate($pemfile)
global $CONFIG; {
$certificateData = array( global $CONFIG;
"countryName" => "US", $certificateData = array(
"stateOrProvinceName" => "New York", "countryName" => "US",
"localityName" => "New York City", "stateOrProvinceName" => "New York",
"organizationName" => "Rocksolid", "localityName" => "New York City",
"organizationalUnitName" => "Rocksolid Light", "organizationName" => "Rocksolid",
"commonName" => $CONFIG['organization'], "organizationalUnitName" => "Rocksolid Light",
"emailAddress" => "rocksolid@example.com" "commonName" => $CONFIG['organization'],
); "emailAddress" => "rocksolid@example.com"
);
// Generate certificate
$privateKey = openssl_pkey_new();
$certificate = openssl_csr_new($certificateData, $privateKey);
$certificate = openssl_csr_sign($certificate, null, $privateKey, 365);
// Generate PEM file // Generate certificate
$pem_passphrase = null; // empty for no passphrase $privateKey = openssl_pkey_new();
$pem = array(); $certificate = openssl_csr_new($certificateData, $privateKey);
openssl_x509_export($certificate, $pem[0]); $certificate = openssl_csr_sign($certificate, null, $privateKey, 365);
openssl_pkey_export($privateKey, $pem[1], $pem_passphrase);
$pem = implode($pem);
// Save PEM file // Generate PEM file
file_put_contents($pemfile, $pem); $pem_passphrase = null; // empty for no passphrase
} $pem = array();
?> openssl_x509_export($certificate, $pem[0]);
openssl_pkey_export($privateKey, $pem[1], $pem_passphrase);
$pem = implode($pem);
// Save PEM file
file_put_contents($pemfile, $pem);
}
?>

149
Rocksolid_Light/rslight/scripts/nntp.php
View File

@ -1,18 +1,18 @@
<?php <?php
include "config.inc.php"; include "config.inc.php";
include ("$file_newsportal"); include ("$file_newsportal");
include $config_dir."/scripts/rslight-lib.php"; include $config_dir . "/scripts/rslight-lib.php";
if(file_exists($config_dir."/nntp.disable")) { if (file_exists($config_dir . "/nntp.disable")) {
clearstatcache(true, $config_dir."/nntp.disable"); clearstatcache(true, $config_dir . "/nntp.disable");
$parent_pid = file_get_contents($lockdir.'/rslight-nntp.lock', IGNORE_NEW_LINES); $parent_pid = file_get_contents($lockdir . '/rslight-nntp.lock', IGNORE_NEW_LINES);
posix_kill($parent_pid, SIGTERM); posix_kill($parent_pid, SIGTERM);
exit; exit();
} }
/** /**
* Listens for requests and forks on each connection * Listens for requests and forks on each connection
*/ */
$__server_listening = true; $__server_listening = true;
//error_reporting(E_ALL); // error_reporting(E_ALL);
set_time_limit(0); set_time_limit(0);
ob_implicit_flush(); ob_implicit_flush();
declare(ticks = 1); declare(ticks = 1);
@ -24,128 +24,115 @@
pcntl_signal(SIGINT, 'sig_handler'); pcntl_signal(SIGINT, 'sig_handler');
pcntl_signal(SIGCHLD, 'sig_handler'); pcntl_signal(SIGCHLD, 'sig_handler');
if(isset($CONFIG['enable_all_networks']) && $CONFIG['enable_all_networks'] == true) { if (isset($CONFIG['enable_all_networks']) && $CONFIG['enable_all_networks'] == true) {
$bind="0.0.0.0"; $bind = "0.0.0.0";
} else { } else {
$bind=$CONFIG['local_server']; $bind = $CONFIG['local_server'];
} }
server_loop($bind, $CONFIG['local_port']); server_loop($bind, $CONFIG['local_port']);
/** /**
* Change the identity to a non-priv user * Change the identity to a non-priv user
*/ */
function change_identity( $uid, $gid ) function change_identity($uid, $gid)
{ {
if( !posix_setgid( $gid ) ) if (! posix_setgid($gid)) {
{
print "Unable to setgid to " . $gid . "!\n"; print "Unable to setgid to " . $gid . "!\n";
exit; exit();
} }
if( !posix_setuid( $uid ) ) if (! posix_setuid($uid)) {
{
print "Unable to setuid to " . $uid . "!\n"; print "Unable to setuid to " . $uid . "!\n";
exit; exit();
} }
} }
/** /**
* Creates a server socket and listens for incoming client connections * Creates a server socket and listens for incoming client connections
* @param string $address The address to listen on *
* @param int $port The port to listen on * @param string $address
*/ * The address to listen on
* @param int $port
* The port to listen on
*/
function server_loop($address, $port) function server_loop($address, $port)
{ {
GLOBAL $__server_listening; GLOBAL $__server_listening;
GLOBAL GLOBAL $CONFIG, $logdir, $lockdir, $webserver_uid, $webserver_gid, $installed_path, $config_path, $groupconfig, $workpath, $path, $spooldir, $nntp_group, $auth_ok;
$CONFIG,$logdir,$lockdir,$webserver_uid,$webserver_gid,$installed_path, $logfile = $logdir . '/nntp.log';
$config_path,$groupconfig,$workpath,$path,$spooldir,$nntp_group,$auth_ok; $lockfile = $lockdir . '/rslight-nntp.lock';
$logfile=$logdir.'/nntp.log'; $pid = file_get_contents($lockfile);
$lockfile = $lockdir . '/rslight-nntp.lock'; if (posix_getsid($pid) === false || ! is_file($lockfile)) {
$pid = file_get_contents($lockfile); print "Starting Rocksolid Light NNTP Server...\n";
if (posix_getsid($pid) === false || !is_file($lockfile)) { file_put_contents($lockfile, getmypid()); // create lockfile
print "Starting Rocksolid Light NNTP Server...\n"; } else {
file_put_contents($lockfile, getmypid()); // create lockfile print "Rocksolid Light NNTP Server currently running\n";
} else { exit();
print "Rocksolid Light NNTP Server currently running\n"; }
exit;
}
$auth_ok = 0; $auth_ok = 0;
$user = ""; $user = "";
$pass = ""; $pass = "";
$sock = stream_socket_server( $sock = stream_socket_server('tcp://' . $address . ':' . $port, $errno, $errstr, STREAM_SERVER_BIND | STREAM_SERVER_LISTEN);
'tcp://'.$address.':'.$port, /* Change to non root user */
$errno, $uinfo = posix_getpwnam($CONFIG['webserver_user']);
$errstr, change_identity($uinfo["uid"], $uinfo["gid"]);
STREAM_SERVER_BIND|STREAM_SERVER_LISTEN /* Everything below runs as $CONFIG['webserver_user'] */
);
/* Change to non root user */
$uinfo=posix_getpwnam($CONFIG['webserver_user']);
change_identity($uinfo["uid"],$uinfo["gid"]);
/* Everything below runs as $CONFIG['webserver_user'] */
echo "waiting for clients to connect\n"; echo "waiting for clients to connect\n";
while ($__server_listening) while ($__server_listening) {
{
$connection = stream_socket_accept($sock); $connection = stream_socket_accept($sock);
if ($connection === false) if ($connection === false) {
{
usleep(100); usleep(100);
}elseif ($connection > 0) } elseif ($connection > 0) {
{
handle_client($sock, $connection); handle_client($sock, $connection);
}else } else {
{ echo "error: " . socket_strerror($connection);
echo "error: ".socket_strerror($connection); file_put_contents($logfile, "\n" . format_log_date() . " error: " . socket_strerror($connection), FILE_APPEND);
file_put_contents($logfile, "\n".format_log_date()." error: ".socket_strerror($connection), FILE_APPEND); die();
die;
} }
} }
} }
/** /**
* Signal handler * Signal handler
*/ */
function sig_handler($sig) function sig_handler($sig)
{ {
switch($sig) switch ($sig) {
{
case SIGTERM: case SIGTERM:
case SIGINT: case SIGINT:
exit(); exit();
break; break;
case SIGCHLD: case SIGCHLD:
pcntl_waitpid(-1, $status); pcntl_waitpid(- 1, $status);
break; break;
} }
} }
/** /**
* Handle a new client connection * Handle a new client connection
*/ */
function handle_client($ssock, $csock) function handle_client($ssock, $csock)
{ {
GLOBAL $__server_listening; GLOBAL $__server_listening;
$pid = pcntl_fork(); $pid = pcntl_fork();
if ($pid == -1) if ($pid == - 1) {
{
/* fork failed */ /* fork failed */
echo "fork failure!\n"; echo "fork failure!\n";
die; die();
}elseif ($pid == 0) } elseif ($pid == 0) {
{
/* child process */ /* child process */
$__server_listening = false; $__server_listening = false;
fclose($ssock); fclose($ssock);
interact($csock, false); interact($csock, false);
fclose($csock); fclose($csock);
}else } else {
{
fclose($csock); fclose($csock);
} }
} }
?> ?>

287
Rocksolid_Light/rslight/scripts/nocem.php
View File

@ -1,151 +1,160 @@
<?php <?php
include "config.inc.php";
include ("$file_newsportal");
include $config_dir . "/gpg.conf";
include "config.inc.php"; if (! isset($CONFIG['enable_nocem']) || $CONFIG['enable_nocem'] != true) {
include ("$file_newsportal"); exit();
include $config_dir."/gpg.conf"; }
if(!isset($CONFIG['enable_nocem']) || $CONFIG['enable_nocem'] != true) {
exit;
}
$lockfile = $lockdir . '/rslight-spoolnews.lock'; $lockfile = $lockdir . '/rslight-spoolnews.lock';
$pid = file_get_contents($lockfile); $pid = file_get_contents($lockfile);
if (posix_getsid($pid) === false || !is_file($lockfile)) { if (posix_getsid($pid) === false || ! is_file($lockfile)) {
print "Starting nocem...\n"; print "Starting nocem...\n";
file_put_contents($lockfile, getmypid()); // create lockfile file_put_contents($lockfile, getmypid()); // create lockfile
} else { } else {
print "nocem currently running\n"; print "nocem currently running\n";
exit; exit();
}
putenv("GNUPGHOME=".$rslight_gpg['gnupghome']);
$res = gnupg_init();
$webserver_group=$CONFIG['webserver_user'];
$logfile=$logdir.'/nocem.log';
@mkdir($spooldir."/nocem/processed",0755,'recursive');
@mkdir($spooldir."/nocem/failed",0755,'recursive');
$nocem_path=$spooldir."/nocem/";
$messages=scandir($nocem_path);
$begin="@@BEGIN NCM BODY";
$end="@@END NCM BODY";
foreach($messages as $message) {
$nocem_file=$nocem_path.$message;
if(!is_file($nocem_file)) {
continue;
}
$signed_text=file_get_contents($nocem_file);
if(verify_gpg_signature($res, $signed_text) == 1) {
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Good signature in: ".$message, FILE_APPEND);
echo "Good signature in: ".$message."\r\n";
} else {
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Bad signature in: ".$message, FILE_APPEND);
echo "Bad signature in: ".$message."\r\n";
rename($nocem_file, $nocem_path."failed/".$message);
continue;
}
$nocem_list=file($nocem_file, FILE_IGNORE_NEW_LINES);
$start=0;
foreach($nocem_list as $nocem_line) {
if(strpos($nocem_line, $begin) !== false) {
$start=1;
continue;
}
if(strpos($nocem_line, $end) !== false) {
break;
}
if((isset($nocem_line[0]) && $nocem_line[0] == '<') && $start == 1) {
$found = explode(' ', $nocem_line);
$msgid = $found[0];
foreach($found as $found_group) {
delete_message($msgid, $found_group);
}
}
}
rename($nocem_file, $nocem_path."processed/".$message);
}
unlink($lockfile);
exit;
function delete_message($messageid, $group) {
global $logfile,$config_dir,$spooldir, $CONFIG, $webserver_group;
/* Find section */
$menulist = file($config_dir."menu.conf", FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
foreach($menulist as $menu) {
if($menu[0] == '#') {
continue;
}
$menuitem=explode(':', $menu);
$glfp=fopen($config_dir.$menuitem[0]."/groups.txt", 'r');
$section="";
while($gl=fgets($glfp)) {
$group_name = preg_split("/( |\t)/", $gl, 2);
if(strtolower(trim($group)) == strtolower(trim($group_name[0]))) {
$config_name=$menuitem[0];
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." FOUND: ".$messageid." IN: ".$config_name.'/'.$group, FILE_APPEND);
break 2;
}
}
}
if($CONFIG['article_database'] == '1') {
$database = $spooldir.'/'.$group.'-articles.db3';
if(is_file($database)) {
$articles_dbh = article_db_open($database);
$articles_query = $articles_dbh->prepare('DELETE FROM articles WHERE msgid=:messageid');
$articles_query->execute(['messageid' => $messageid]);
$articles_dbh = null;
}
}
// Handle overview and history
$database = $spooldir.'/articles-overview.db3';
$dbh = overview_db_open($database);
$stmt_del = $dbh->prepare('DELETE FROM overview WHERE newsgroup=:newsgroup AND msgid=:msgid');
$query = $dbh->prepare('SELECT * FROM overview WHERE newsgroup=:newsgroup AND msgid=:msgid');
$query->execute([':newsgroup' => $group, ':msgid' => $messageid]);
$grouppath = preg_replace('/\./', '/', $group);
$status = "deleted";
$statusdate = time();
$statusreason = "nocem";
$statusnotes = null;
while($row = $query->fetch()) {
if(is_file($spooldir.'/articles/'.$grouppath.'/'.$row['number'])) {
unlink($spooldir.'/articles/'.$grouppath.'/'.$row['number']);
}
delete_message_from_overboard($config_name, $group, $messageid);
add_to_history($group, $row['number'], $row['msgid'], $status, $statusdate, $statusreason, $statusnotes);
thread_cache_removearticle($group, $row['number']);
}
$stmt_del->execute([':newsgroup' => $group, ':msgid' => $messageid]);
$dbh = null;
return;
} }
function delete_message_from_overboard($config_name, $group, $messageid) { putenv("GNUPGHOME=" . $rslight_gpg['gnupghome']);
GLOBAL $spooldir; $res = gnupg_init();
$cachefile=$spooldir."/".$config_name."-overboard.dat";
if(is_file($cachefile)) { $webserver_group = $CONFIG['webserver_user'];
$cached_overboard = unserialize(file_get_contents($cachefile)); $logfile = $logdir . '/nocem.log';
if($target = $cached_overboard['msgids'][$messageid]) { @mkdir($spooldir . "/nocem/processed", 0755, 'recursive');
unset($cached_overboard['threads'][$target['date']]); @mkdir($spooldir . "/nocem/failed", 0755, 'recursive');
unset($cached_overboard['msgids'][$messageid]);
unset($cached_overboard['threadlink'][$messageid]); $nocem_path = $spooldir . "/nocem/";
file_put_contents($cachefile, serialize($cached_overboard)); $messages = scandir($nocem_path);
$begin = "@@BEGIN NCM BODY";
$end = "@@END NCM BODY";
foreach ($messages as $message) {
$nocem_file = $nocem_path . $message;
if (! is_file($nocem_file)) {
continue;
} }
} $signed_text = file_get_contents($nocem_file);
$cachefile=$spooldir."/".$group."-overboard.dat"; if (verify_gpg_signature($res, $signed_text) == 1) {
if(is_file($cachefile)) { file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Good signature in: " . $message, FILE_APPEND);
$cached_overboard = unserialize(file_get_contents($cachefile)); echo "Good signature in: " . $message . "\r\n";
if($target = $cached_overboard['msgids'][$messageid]) { } else {
unset($cached_overboard['threads'][$target['date']]); file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Bad signature in: " . $message, FILE_APPEND);
unset($cached_overboard['msgids'][$messageid]); echo "Bad signature in: " . $message . "\r\n";
unset($cached_overboard['threadlink'][$messageid]); rename($nocem_file, $nocem_path . "failed/" . $message);
file_put_contents($cachefile, serialize($cached_overboard)); continue;
}
$nocem_list = file($nocem_file, FILE_IGNORE_NEW_LINES);
$start = 0;
foreach ($nocem_list as $nocem_line) {
if (strpos($nocem_line, $begin) !== false) {
$start = 1;
continue;
}
if (strpos($nocem_line, $end) !== false) {
break;
}
if ((isset($nocem_line[0]) && $nocem_line[0] == '<') && $start == 1) {
$found = explode(' ', $nocem_line);
$msgid = $found[0];
foreach ($found as $found_group) {
delete_message($msgid, $found_group);
}
}
}
rename($nocem_file, $nocem_path . "processed/" . $message);
}
unlink($lockfile);
exit();
function delete_message($messageid, $group)
{
global $logfile, $config_dir, $spooldir, $CONFIG, $webserver_group;
/* Find section */
$menulist = file($config_dir . "menu.conf", FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
foreach ($menulist as $menu) {
if ($menu[0] == '#') {
continue;
}
$menuitem = explode(':', $menu);
$glfp = fopen($config_dir . $menuitem[0] . "/groups.txt", 'r');
$section = "";
while ($gl = fgets($glfp)) {
$group_name = preg_split("/( |\t)/", $gl, 2);
if (strtolower(trim($group)) == strtolower(trim($group_name[0]))) {
$config_name = $menuitem[0];
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " FOUND: " . $messageid . " IN: " . $config_name . '/' . $group, FILE_APPEND);
break 2;
}
}
}
if ($CONFIG['article_database'] == '1') {
$database = $spooldir . '/' . $group . '-articles.db3';
if (is_file($database)) {
$articles_dbh = article_db_open($database);
$articles_query = $articles_dbh->prepare('DELETE FROM articles WHERE msgid=:messageid');
$articles_query->execute([
'messageid' => $messageid
]);
$articles_dbh = null;
}
}
// Handle overview and history
$database = $spooldir . '/articles-overview.db3';
$dbh = overview_db_open($database);
$stmt_del = $dbh->prepare('DELETE FROM overview WHERE newsgroup=:newsgroup AND msgid=:msgid');
$query = $dbh->prepare('SELECT * FROM overview WHERE newsgroup=:newsgroup AND msgid=:msgid');
$query->execute([
':newsgroup' => $group,
':msgid' => $messageid
]);
$grouppath = preg_replace('/\./', '/', $group);
$status = "deleted";
$statusdate = time();
$statusreason = "nocem";
$statusnotes = null;
while ($row = $query->fetch()) {
if (is_file($spooldir . '/articles/' . $grouppath . '/' . $row['number'])) {
unlink($spooldir . '/articles/' . $grouppath . '/' . $row['number']);
}
delete_message_from_overboard($config_name, $group, $messageid);
add_to_history($group, $row['number'], $row['msgid'], $status, $statusdate, $statusreason, $statusnotes);
thread_cache_removearticle($group, $row['number']);
}
$stmt_del->execute([
':newsgroup' => $group,
':msgid' => $messageid
]);
$dbh = null;
return;
}
function delete_message_from_overboard($config_name, $group, $messageid)
{
GLOBAL $spooldir;
$cachefile = $spooldir . "/" . $config_name . "-overboard.dat";
if (is_file($cachefile)) {
$cached_overboard = unserialize(file_get_contents($cachefile));
if ($target = $cached_overboard['msgids'][$messageid]) {
unset($cached_overboard['threads'][$target['date']]);
unset($cached_overboard['msgids'][$messageid]);
unset($cached_overboard['threadlink'][$messageid]);
file_put_contents($cachefile, serialize($cached_overboard));
}
}
$cachefile = $spooldir . "/" . $group . "-overboard.dat";
if (is_file($cachefile)) {
$cached_overboard = unserialize(file_get_contents($cachefile));
if ($target = $cached_overboard['msgids'][$messageid]) {
unset($cached_overboard['threads'][$target['date']]);
unset($cached_overboard['msgids'][$messageid]);
unset($cached_overboard['threadlink'][$messageid]);
file_put_contents($cachefile, serialize($cached_overboard));
}
} }
}
} }
?> ?>

2120
Rocksolid_Light/rslight/scripts/rslight-lib.php
View File

File diff suppressed because it is too large Load Diff

201
Rocksolid_Light/rslight/scripts/rss-feeds.php
View File

@ -1,104 +1,107 @@
#!/usr/local/bin/php #!/usr/local/bin/php
<?php <?php
chdir('../rocksolid/'); chdir('../rocksolid/');
include "config.inc.php"; include "config.inc.php";
include "newsportal.php"; include "newsportal.php";
$maxlen = 500; $maxlen = 500;
$rssdir = $config_dir.'/rss/'; $rssdir = $config_dir . '/rss/';
$rssfiles = array(); $rssfiles = array();
if(isset($argv[1])) { if (isset($argv[1])) {
$rssfiles[0] = $argv[1]; $rssfiles[0] = $argv[1];
} else { } else {
$rssfiles = array_diff(scandir($rssdir), array('..', '.')); $rssfiles = array_diff(scandir($rssdir), array(
} '..',
foreach($rssfiles as $rssfile) { '.'
if(!is_file($config_dir.'/rss/'.$rssfile)) { ));
continue; }
} foreach ($rssfiles as $rssfile) {
$body = ''; if (! is_file($config_dir . '/rss/' . $rssfile)) {
unset($RSS); continue;
$RSS = get_rss_config($config_dir.'/rss/'.$rssfile); }
if($RSS['enable'] !== '1') { $body = '';
continue; unset($RSS);
} $RSS = get_rss_config($config_dir . '/rss/' . $rssfile);
if(filemtime($spooldir.'/'.$rssfile.'-rss-timer') + $RSS['timer'] > time()) { if ($RSS['enable'] !== '1') {
if(!is_file($rssdir.'/debug')) { continue;
continue; }
} if (filemtime($spooldir . '/' . $rssfile . '-rss-timer') + $RSS['timer'] > time()) {
} if (! is_file($rssdir . '/debug')) {
$xmlData = file_get_contents($RSS['url']); continue;
$xml = simplexml_load_string($xmlData, 'SimpleXMLElement', LIBXML_NOCDATA); }
if($RSS['root'] != '') { }
$xmlstart = $xml->{$RSS['root']}; $xmlData = file_get_contents($RSS['url']);
} else { $xml = simplexml_load_string($xmlData, 'SimpleXMLElement', LIBXML_NOCDATA);
$xmlstart = $xml; if ($RSS['root'] != '') {
} $xmlstart = $xml->{$RSS['root']};
foreach($xmlstart->{$RSS['item']} as $item) } else {
{ $xmlstart = $xml;
if(trim($item->{$RSS['link']}) == '') { }
$item->{$RSS['link']} = $item->{$RSS['link']}[href]; foreach ($xmlstart->{$RSS['item']} as $item) {
} else { if (trim($item->{$RSS['link']}) == '') {
$item->{$RSS['link']} = $item->{$RSS['link']}; $item->{$RSS['link']} = $item->{$RSS['link']}[href];
} } else {
$body.=$item->{$RSS['title']}."\n"; $item->{$RSS['link']} = $item->{$RSS['link']};
if(isset($RSS['urlprefix']) && ($RSS['urlprefix'] !== '')) { }
$url = $RSS['urlprefix'].$item->{$RSS['link']}; $body .= $item->{$RSS['title']} . "\n";
} else { if (isset($RSS['urlprefix']) && ($RSS['urlprefix'] !== '')) {
$url = $item->{$RSS['link']}; $url = $RSS['urlprefix'] . $item->{$RSS['link']};
} } else {
if(isset($RSS['urlprefixalt']) && ($RSS['urlprefixalt'] !== '')) { $url = $item->{$RSS['link']};
$urlalt = $RSS['urlprefixalt'].$item->{$RSS['link']}; }
} else { if (isset($RSS['urlprefixalt']) && ($RSS['urlprefixalt'] !== '')) {
$urlalt = ''; $urlalt = $RSS['urlprefixalt'] . $item->{$RSS['link']};
} } else {
if(substr($url,0,4) !== "http") { $urlalt = '';
$urlprefix = explode('/', $RSS['url']); }
$url = $urlprefix[0].'/'.$urlprefix[1].'/'.$urlprefix[2].$item->{$RSS['link']}; if (substr($url, 0, 4) !== "http") {
} $urlprefix = explode('/', $RSS['url']);
$body.=$url."\n"; $url = $urlprefix[0] . '/' . $urlprefix[1] . '/' . $urlprefix[2] . $item->{$RSS['link']};
if($urlalt !== '') { }
$body.=$urlalt."\n"; $body .= $url . "\n";
} if ($urlalt !== '') {
if(isset($RSS['date_namespaceuri']) && ($RSS['date_namespaceuri'] !== '')) { $body .= $urlalt . "\n";
$dc_date = $item->children($RSS['date_namespaceuri']); }
$body.=date("F j, Y, g:i A", strtotime($dc_date)); if (isset($RSS['date_namespaceuri']) && ($RSS['date_namespaceuri'] !== '')) {
} else { $dc_date = $item->children($RSS['date_namespaceuri']);
$body.=date("F j, Y, g:i A", strtotime($item->{$RSS['date']})); $body .= date("F j, Y, g:i A", strtotime($dc_date));
} } else {
$body.="\n"; $body .= date("F j, Y, g:i A", strtotime($item->{$RSS['date']}));
if(strlen($item->{$RSS['content']}) > $maxlen) { }
$content=substr(trim(strip_tags($item->{$RSS['content']})),0,$maxlen); $body .= "\n";
$dots = '...'; if (strlen($item->{$RSS['content']}) > $maxlen) {
} else { $content = substr(trim(strip_tags($item->{$RSS['content']})), 0, $maxlen);
$content=trim(strip_tags($item->{$RSS['content']})); $dots = '...';
$dots = ''; } else {
} $content = trim(strip_tags($item->{$RSS['content']}));
$content = preg_replace('#\R+#', "\n", $content); $dots = '';
$body.=$content.$dots; }
$body.="\n--------------------\n"; $content = preg_replace('#\R+#', "\n", $content);
} $body .= $content . $dots;
if(strpos($RSS['postfrom'], '@') === false) { $body .= "\n--------------------\n";
$RSS['postfrom'] = $RSS['postfrom'].$CONFIG['email_tail']; }
} if (strpos($RSS['postfrom'], '@') === false) {
if(isset($RSS['followupto']) && ($RSS['followupto'] !== '')) { $RSS['postfrom'] = $RSS['postfrom'] . $CONFIG['email_tail'];
$followupto = $RSS['followupto']; }
} else { if (isset($RSS['followupto']) && ($RSS['followupto'] !== '')) {
$followupto = null; $followupto = $RSS['followupto'];
} } else {
$body = strip_tags($body); $followupto = null;
}
$body = strip_tags($body);
if(is_file($rssdir.'/debug')) { if (is_file($rssdir . '/debug')) {
print_r($xml); print_r($xml);
echo $body; echo $body;
} else { } else {
echo message_post($RSS['message_subject'], $RSS['postfrom'], $RSS['newsgroup'], null, $body, null, null, null, $followupto)."\n"; echo message_post($RSS['message_subject'], $RSS['postfrom'], $RSS['newsgroup'], null, $body, null, null, null, $followupto) . "\n";
touch($spooldir.'/'.$rssfile.'-rss-timer'); touch($spooldir . '/' . $rssfile . '-rss-timer');
} }
} }
function get_rss_config($rssfile) { function get_rss_config($rssfile)
$RSS = include($rssfile); {
return($RSS); $RSS = include ($rssfile);
} return ($RSS);
}
?> ?>

131
Rocksolid_Light/rslight/scripts/send.php
View File

@ -1,25 +1,25 @@
<?php <?php
/* spoolnews NNTP news spool creator /*
* Download: https://news.novabbs.com/getrslight * spoolnews NNTP news spool creator
* Download: https://news.novabbs.com/getrslight
* *
* E-Mail: retroguy@novabbs.com * E-Mail: retroguy@novabbs.com
* Web: https://news.novabbs.com * Web: https://news.novabbs.com
* *
* This program is free software; you can redistribute it and/or modify * This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* This program is distributed in the hope that it will be useful, * This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of * but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details. * GNU General Public License for more details.
* *
* You should have received a copy of the GNU General Public License * You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software * along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/ */
set_time_limit(900); set_time_limit(900);
include "config.inc.php"; include "config.inc.php";
@ -28,23 +28,23 @@ include ("$file_newsportal");
if ($CONFIG['remote_server'] == '') { if ($CONFIG['remote_server'] == '') {
exit(); exit();
} }
$logfile=$logdir.'/spoolnews.log'; $logfile = $logdir . '/spoolnews.log';
@mkdir($spooldir."/".$config_name,0755,'recursive'); @mkdir($spooldir . "/" . $config_name, 0755, 'recursive');
$lockfile = $lockdir . '/rslight-send.lock'; $lockfile = $lockdir . '/rslight-send.lock';
$pid = file_get_contents($lockfile); $pid = file_get_contents($lockfile);
if (posix_getsid($pid) === false || !is_file($lockfile)) { if (posix_getsid($pid) === false || ! is_file($lockfile)) {
print "Starting Send...\n"; print "Starting Send...\n";
file_put_contents($lockfile, getmypid()); // create lockfile file_put_contents($lockfile, getmypid()); // create lockfile
} else { } else {
print "Send currently running\n"; print "Send currently running\n";
exit; exit();
} }
$ns=nntp2_open($CONFIG['remote_server'], $CONFIG['remote_port']); $ns = nntp2_open($CONFIG['remote_server'], $CONFIG['remote_port']);
if($ns == false) { if ($ns == false) {
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Failed to connect to ".$CONFIG['remote_server'].":".$CONFIG['remote_port'], FILE_APPEND); file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Failed to connect to " . $CONFIG['remote_server'] . ":" . $CONFIG['remote_port'], FILE_APPEND);
exit(); exit();
} }
echo "\nPosting articles\r\n"; echo "\nPosting articles\r\n";
post_articles($ns, $spooldir); post_articles($ns, $spooldir);
@ -52,45 +52,46 @@ nntp_close($ns);
unlink($lockfile); unlink($lockfile);
echo "\nSend Done\r\n"; echo "\nSend Done\r\n";
function post_articles($ns, $spooldir) { function post_articles($ns, $spooldir)
global $logfile,$config_name; {
if(!is_dir($spooldir."/".$config_name."/outgoing/")) { global $logfile, $config_name;
return "No messages to send\r\n"; if (! is_dir($spooldir . "/" . $config_name . "/outgoing/")) {
} return "No messages to send\r\n";
$outgoing_dir = $spooldir."/".$config_name."/outgoing/";
$messages = scandir($outgoing_dir);
foreach($messages as $message) {
if(!is_file($outgoing_dir.$message)) {
continue;
} }
echo "Sending: ".$outgoing_dir.$message."\r\n"; $outgoing_dir = $spooldir . "/" . $config_name . "/outgoing/";
fputs($ns, "MODE READER\r\n"); $messages = scandir($outgoing_dir);
$response = line_read($ns); foreach ($messages as $message) {
if (strcmp(substr($response,0,3),"200") != 0) { if (! is_file($outgoing_dir . $message)) {
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Unexpected response to MODE command: ".$response, FILE_APPEND); continue;
return $response; }
echo "Sending: " . $outgoing_dir . $message . "\r\n";
fputs($ns, "MODE READER\r\n");
$response = line_read($ns);
if (strcmp(substr($response, 0, 3), "200") != 0) {
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Unexpected response to MODE command: " . $response, FILE_APPEND);
return $response;
}
fputs($ns, "POST\r\n");
$response = line_read($ns);
if (strcmp(substr($response, 0, 3), "340") != 0) {
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Unexpected response to POST command: " . $response, FILE_APPEND);
return $response;
}
$message_fp = fopen($outgoing_dir . $message, "rb");
while (($msgline = fgets($message_fp, 4096)) !== false) {
fputs($ns, $msgline);
}
fputs($ns, ".\r\n");
fclose($message_fp);
$response = line_read($ns);
if (strcmp(substr($response, 0, 3), "240") == 0) {
unlink($outgoing_dir . $message);
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Posted: " . $message . ": " . $response, FILE_APPEND);
} else {
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Failed to POST: " . $message . ": " . $response, FILE_APPEND);
continue;
}
} }
fputs($ns, "POST\r\n"); return "Messages sent\r\n";
$response = line_read($ns);
if (strcmp(substr($response,0,3),"340") != 0) {
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Unexpected response to POST command: ".$response, FILE_APPEND);
return $response;
}
$message_fp = fopen($outgoing_dir.$message, "rb");
while (($msgline = fgets($message_fp, 4096)) !== false) {
fputs($ns, $msgline);
}
fputs($ns, ".\r\n");
fclose($message_fp);
$response = line_read($ns);
if (strcmp(substr($response,0,3),"240") == 0) {
unlink($outgoing_dir.$message);
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Posted: ".$message.": ".$response, FILE_APPEND);
} else {
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Failed to POST: ".$message.": ".$response, FILE_APPEND);
continue;
}
}
return "Messages sent\r\n";
} }
?> ?>

37
Rocksolid_Light/rslight/scripts/setup.inc.php
View File

@ -1,12 +1,13 @@
<html> <html>
<head> <head>
<meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta name="viewport" content="width=device-width, initial-scale=1.0">
<META HTTP-EQUIV="Content-type" CONTENT="text/html; charset=<?=$www_charset?>"> <META HTTP-EQUIV="Content-type"
CONTENT="text/html; charset=<?=$www_charset?>">
<?php <?php
if (file_exists('../common/mods/style.css')) { if (file_exists('../common/mods/style.css')) {
echo '<link rel="stylesheet" type="text/css" href="../common/mods/style.css">'; echo '<link rel="stylesheet" type="text/css" href="../common/mods/style.css">';
} else { } else {
echo '<link rel="stylesheet" type="text/css" href="../common/style.css">'; echo '<link rel="stylesheet" type="text/css" href="../common/style.css">';
} }
?> ?>
</head> </head>
@ -14,30 +15,30 @@ if (file_exists('../common/mods/style.css')) {
<?php <?php
include "config.inc.php"; include "config.inc.php";
include $config_dir.'/admin.inc.php'; include $config_dir . '/admin.inc.php';
$configdata = include($config_dir.'/scripts/setuphelper.php'); $configdata = include ($config_dir . '/scripts/setuphelper.php');
$configfile=$config_dir.'rslight.inc.php'; $configfile = $config_dir . 'rslight.inc.php';
echo 'Main Configuration'; echo 'Main Configuration';
echo '<table width=100% border="1" align="center" cellpadding="0" cellspacing="1">'; echo '<table width=100% border="1" align="center" cellpadding="0" cellspacing="1">';
echo '<form name="config" method="post" action="setup.php">'; echo '<form name="config" method="post" action="setup.php">';
$pass = 'pass'; $pass = 'pass';
foreach($CONFIG as $key=>$item) { foreach ($CONFIG as $key => $item) {
if($key == 'configure') { if ($key == 'configure') {
continue; continue;
}
$guide=$configdata[$key];
echo '<tr><td>'.$guide.':&nbsp;&nbsp;</td><td>';
if(strpos($key, $pass)) {
echo '<input name="'.$key.'" type="password" id="'.$key.'" value="'.htmlspecialchars($item).'" size="50"><br />';
} else {
echo '<input name="'.$key.'" type="text" id="'.$key.'" value="'.htmlspecialchars($item).'" size="50"><br />';
} }
echo '</td></tr>'; $guide = $configdata[$key];
echo '<tr><td>' . $guide . ':&nbsp;&nbsp;</td><td>';
if (strpos($key, $pass)) {
echo '<input name="' . $key . '" type="password" id="' . $key . '" value="' . htmlspecialchars($item) . '" size="50"><br />';
} else {
echo '<input name="' . $key . '" type="text" id="' . $key . '" value="' . htmlspecialchars($item) . '" size="50"><br />';
}
echo '</td></tr>';
} }
echo '</table>'; echo '</table>';
echo '<input type="hidden" name="configkey" value="'.$admin['key'].'">'; echo '<input type="hidden" name="configkey" value="' . $admin['key'] . '">';
echo '<input type="submit" name="configure" value="Save Configuration">'; echo '<input type="submit" name="configure" value="Save Configuration">';
echo '</form>'; echo '</form>';
?> ?>

877
Rocksolid_Light/rslight/scripts/spoolnews.php
View File

@ -1,75 +1,75 @@
<?php <?php
/* spoolnews NNTP news spool creator /*
* Download: https://news.novabbs.com/getrslight * spoolnews NNTP news spool creator
* Download: https://news.novabbs.com/getrslight
* *
* E-Mail: retroguy@novabbs.com * E-Mail: retroguy@novabbs.com
* Web: https://news.novabbs.com * Web: https://news.novabbs.com
* *
* This program is free software; you can redistribute it and/or modify * This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* This program is distributed in the hope that it will be useful, * This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of * but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details. * GNU General Public License for more details.
* *
* You should have received a copy of the GNU General Public License * You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software * along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/ */
include "config.inc.php"; include "config.inc.php";
include ("$file_newsportal"); include ("$file_newsportal");
include $config_dir.'/gpg.conf'; include $config_dir . '/gpg.conf';
if ($CONFIG['remote_server'] != '') { if ($CONFIG['remote_server'] != '') {
$remote_groupfile=$spooldir."/".$config_name."/".$CONFIG['remote_server'].":".$CONFIG['remote_port'].".txt"; $remote_groupfile = $spooldir . "/" . $config_name . "/" . $CONFIG['remote_server'] . ":" . $CONFIG['remote_port'] . ".txt";
} }
$file_groups=$config_path."groups.txt"; $file_groups = $config_path . "groups.txt";
$local_groupfile=$spooldir."/".$config_name."/local_groups.txt"; $local_groupfile = $spooldir . "/" . $config_name . "/local_groups.txt";
$logfile=$logdir.'/spoolnews.log'; $logfile = $logdir . '/spoolnews.log';
# END MAIN CONFIGURATION # END MAIN CONFIGURATION
@mkdir($spooldir."/".$config_name,0755,'recursive'); @mkdir($spooldir . "/" . $config_name, 0755, 'recursive');
if(!isset($maxarticles_per_run)) { if (! isset($maxarticles_per_run)) {
$maxarticles_per_run = 100; $maxarticles_per_run = 100;
} }
if(!isset($maxfirstrequest)) { if (! isset($maxfirstrequest)) {
$maxfirstrequest = 100; $maxfirstrequest = 100;
} }
if(!isset($CONFIG['enable_nntp']) || $CONFIG['enable_nntp'] != true) { if (! isset($CONFIG['enable_nntp']) || $CONFIG['enable_nntp'] != true) {
$maxfirstrequest = $maxarticles; $maxfirstrequest = $maxarticles;
$maxarticles_per_run = $maxfetch; $maxarticles_per_run = $maxfetch;
} }
$workpath=$spooldir."/"; $workpath = $spooldir . "/";
$path=$workpath."articles/"; $path = $workpath . "articles/";
$lockfile = $lockdir . '/'.$config_name.'-spoolnews.lock'; $lockfile = $lockdir . '/' . $config_name . '-spoolnews.lock';
$pid = file_get_contents($lockfile); $pid = file_get_contents($lockfile);
if (posix_getsid($pid) === false || !is_file($lockfile)) { if (posix_getsid($pid) === false || ! is_file($lockfile)) {
print "Starting Spoolnews...\n"; print "Starting Spoolnews...\n";
file_put_contents($lockfile, getmypid()); // create lockfile file_put_contents($lockfile, getmypid()); // create lockfile
} else { } else {
print "Spoolnews currently running\n"; print "Spoolnews currently running\n";
exit; exit();
} }
$sem = $spooldir."/".$config_name.".reload"; $sem = $spooldir . "/" . $config_name . ".reload";
if(is_file($sem)) { if (is_file($sem)) {
unlink($remote_groupfile); unlink($remote_groupfile);
unlink($sem); unlink($sem);
$maxfirstrequest = 20; $maxfirstrequest = 20;
} }
if(filemtime($spooldir.'/'.$config_name.'-thread-timer')+600 < time()) { if (filemtime($spooldir . '/' . $config_name . '-thread-timer') + 600 < time()) {
$timer=true; $timer = true;
touch($spooldir.'/'.$config_name.'-thread-timer'); touch($spooldir . '/' . $config_name . '-thread-timer');
} else { } else {
$timer=false; $timer = false;
} }
# Check for groups file, create if necessary # Check for groups file, create if necessary
// only do remote server groups if necessary // only do remote server groups if necessary
@ -78,411 +78,434 @@ if ($CONFIG['remote_server'] != '') {
} }
create_spool_groups($file_groups, $local_groupfile); create_spool_groups($file_groups, $local_groupfile);
# Iterate through groups # Iterate through groups
$enable_rslight=0; $enable_rslight = 0;
# Refresh group list # Refresh group list
$menulist = file($config_dir."menu.conf", FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES); $menulist = file($config_dir . "menu.conf", FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
foreach($menulist as $menu) { foreach ($menulist as $menu) {
if(($menu[0] == '#') || (trim($menu) == "")) { if (($menu[0] == '#') || (trim($menu) == "")) {
continue;
}
$menuitem = explode(':', $menu);
if(($menuitem[0] == $config_name) && ($menuitem[1] == '1')) {
groups_read($server,$port,1,true); // 'true' forces a refresh of the group list
$enable_rslight = 1;
echo "\nLoaded groups";
}
}
# Clean outgoing directory for LOCAL sections
if($CONFIG['remote_server'] == '') {
$outgoing_dir = $spooldir."/".$config_name."/outgoing/";
$files = scandir($outgoing_dir);
foreach($files as $file) {
$file_name = $outgoing_dir.$file;
if(is_file($file_name) && (filemtime($file_name) < (time()-3600))) {
unlink($file_name);
}
}
}
if ($CONFIG['remote_server'] != '')
{
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." remote_server: ".$CONFIG['remote_server'], FILE_APPEND);
$ns=nntp2_open($CONFIG['remote_server'], $CONFIG['remote_port']);
$ns2=nntp_open();
if(!$ns) {
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Failed to connect to ".$CONFIG['remote_server'].":".$CONFIG['remote_port'], FILE_APPEND);
exit();
}
$grouplist = file($config_dir.'/'.$config_name.'/groups.txt', FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
foreach($grouplist as $findgroup) {
if($findgroup[0] == ":") {
continue; continue;
} }
$name = preg_split("/( |\t)/", $findgroup, 2); $menuitem = explode(':', $menu);
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Retrieving articles for: ".$name[0]."...", FILE_APPEND); if (($menuitem[0] == $config_name) && ($menuitem[1] == '1')) {
echo "\nRetrieving articles for: ".$name[0]."..."; groups_read($server, $port, 1, true); // 'true' forces a refresh of the group list
get_articles($ns, $name[0]); $enable_rslight = 1;
echo "\nLoaded groups";
if($enable_rslight == 1) {
if($timer) {
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Updating threads for: ".$name[0]."...", FILE_APPEND);
thread_load_newsserver($ns2,$name[0],0);
}
} }
}
nntp_close($ns2);
nntp_close($ns);
} }
#expire_overview(); # Clean outgoing directory for LOCAL sections
if ($CONFIG['remote_server'] == '') {
$outgoing_dir = $spooldir . "/" . $config_name . "/outgoing/";
$files = scandir($outgoing_dir);
foreach ($files as $file) {
$file_name = $outgoing_dir . $file;
if (is_file($file_name) && (filemtime($file_name) < (time() - 3600))) {
unlink($file_name);
}
}
}
if ($CONFIG['remote_server'] != '') {
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " remote_server: " . $CONFIG['remote_server'], FILE_APPEND);
$ns = nntp2_open($CONFIG['remote_server'], $CONFIG['remote_port']);
$ns2 = nntp_open();
if (! $ns) {
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Failed to connect to " . $CONFIG['remote_server'] . ":" . $CONFIG['remote_port'], FILE_APPEND);
exit();
}
$grouplist = file($config_dir . '/' . $config_name . '/groups.txt', FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
foreach ($grouplist as $findgroup) {
if ($findgroup[0] == ":") {
continue;
}
$name = preg_split("/( |\t)/", $findgroup, 2);
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Retrieving articles for: " . $name[0] . "...", FILE_APPEND);
echo "\nRetrieving articles for: " . $name[0] . "...";
get_articles($ns, $name[0]);
if ($enable_rslight == 1) {
if ($timer) {
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Updating threads for: " . $name[0] . "...", FILE_APPEND);
thread_load_newsserver($ns2, $name[0], 0);
}
}
}
nntp_close($ns2);
nntp_close($ns);
}
# expire_overview();
unlink($lockfile); unlink($lockfile);
echo "\nSpoolnews Done\n"; echo "\nSpoolnews Done\n";
function get_articles($ns, $group) { function get_articles($ns, $group)
global $enable_rslight, $rslight_gpg, $spooldir, $CONFIG, $user_ban_file, $maxarticles_per_run, $maxfirstrequest, $workpath, $path, $remote_groupfile, $local_groupfile, $local, $logdir, $config_name, $logfile; {
global $enable_rslight, $rslight_gpg, $spooldir, $CONFIG, $user_ban_file, $maxarticles_per_run, $maxfirstrequest, $workpath, $path, $remote_groupfile, $local_groupfile, $local, $logdir, $config_name, $logfile;
if($ns == false) { if ($ns == false) {
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Lost connection to ".$CONFIG['remote_server'].":".$CONFIG['remote_port'], FILE_APPEND); file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Lost connection to " . $CONFIG['remote_server'] . ":" . $CONFIG['remote_port'], FILE_APPEND);
exit(); exit();
}
$grouppath = $path.preg_replace('/\./', '/', $group);
$banned_names = file($user_ban_file, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
$nocem_check="@@NCM";
$bbsmail_check="@@RSL";
# Check if group exists. Open it if it does
fputs($ns, "group ".$group."\r\n");
$response = line_read($ns);
if (strcmp(substr($response,0,3),"211") != 0) {
echo "\n".$response;
return(1);
}
# Get config
$grouplist = file($remote_groupfile, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
foreach($grouplist as $findgroup) {
$name = explode(':', $findgroup);
if (strcmp($name[0], $group) == 0) {
if (is_numeric(trim($name[1]))) {
$article = $name[1] + 1;
} else {
$article = 1;
}
break;
}
}
if(isset($CONFIG['enable_nntp']) && $CONFIG['enable_nntp'] == true) {
// Get list of article numbers to find what number is next
$ok_article = get_article_list($group);
sort($ok_article);
$local = $ok_article[key(array_slice($ok_article, -1, 1, true))];
if(!is_numeric($local)) {
$local = 0;
}
$local = $local + 1;
if($local < 1) {
$local = 1;
}
while(is_deleted_post($group, $local)) {
$local++;
}
}
# Split group response line to get last article number
$detail = explode(" ", $response);
if (!isset($article)) {
$article = $detail[2];
}
if($article < $detail[3] - $maxfirstrequest) {
$article = $detail[3] - $maxfirstrequest;
}
if($article < $detail[2]) {
$article = $detail[2];
}
// Articles Database
if($CONFIG['article_database'] == '1') {
$article_dbh = article_db_open($spooldir.'/'.$group.'-articles.db3');
$article_sql = 'INSERT OR IGNORE INTO articles(newsgroup, number, msgid, date, name, subject, article, search_snippet) VALUES(?,?,?,?,?,?,?,?)';
$article_stmt = $article_dbh->prepare($article_sql);
}
// Create list of message-ids
$database = $spooldir.'/articles-overview.db3';
$table = 'overview';
$dbh = overview_db_open($database, $table);
$stmt = $dbh->prepare("SELECT * FROM $table WHERE newsgroup=:newsgroup");
$stmt->bindParam(':newsgroup', $nntp_group);
$stmt->execute();
while($row = $stmt->fetch()) {
$msgids[$row['msgid']] = true;
break;
}
$dbh = null;
// Overview database
$database = $spooldir.'/articles-overview.db3';
$table = 'overview';
$dbh = overview_db_open($database, $table);
$sql = 'INSERT OR IGNORE INTO overview(newsgroup, number, msgid, date, datestring, name, subject, refs, bytes, lines, xref) VALUES(?,?,?,?,?,?,?,?,?,?,?)';
$stmt = $dbh->prepare($sql);
// Get overview from server
$server_overview = array();
$re = false;
if(($detail[3] - $article) > $maxarticles_per_run) {
$getlast = $article + $maxarticles_per_run;
} else {
$getlast = $detail[3];
}
fputs($ns, "xover ".$article."-".$getlast."\r\n");
$response=line_read($ns); // and once more
if ((substr($response,0,3) != "224")) {
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Cannot get overview from ".$CONFIG['remote_server']." for ".$group, FILE_APPEND);
return false;
}
while(trim($response = line_read($ns)) !== '.') {
$ov = preg_split("/\t/", $response);
$server_msgids[$ov[0]] = $ov[4];
}
# Pull articles and save them in our spool
@mkdir($grouppath,0755,'recursive');
$i=0;
while ($article <= $detail[3]) {
if(!is_numeric($article)) {
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." DEBUG This should show server group:article number: ".$CONFIG['remote_server']." ".$group.":".$article, FILE_APPEND);
break;;
}
if($CONFIG['enable_nntp'] != true){
$local = $article;
}
if($msgids[$server_msgids[$article]] == true) {
echo "\nDuplicate Message-ID for: ".$group.":".$article;
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Duplicate Message-ID for: ".$group.":".$article, FILE_APPEND);
$article++;
continue;
}
fputs($ns, "article ".$article."\r\n");
$response = line_read($ns);
if (strcmp(substr($response,0,3),"220") != 0) {
echo "\n".$response;
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Unexpected response to ARTICLE command: ".$response, FILE_APPEND);
$article++;
continue;
}
$articleHandle = $grouppath."/".$local;
$response = line_read($ns);
$lines=0;
$bytes=0;
$ref=0;
$banned=0;
$is_header=1;
$body="";
while(strcmp($response,".") != 0)
{
$bytes = $bytes + mb_strlen($response, '8bit');
if(trim($response) == "" || $lines > 0) {
$is_header=0;
$lines++;
}
if($is_header == 1) {
$response = str_replace("\t", " ", $response);
// Find article date
if(stripos($response, "Date: ") === 0) {
$finddate=explode(': ', $response, 2);
$article_date = strtotime($finddate[1]);
}
// Get overview data
if(stripos($response, "Message-ID: ") === 0) {
$mid=explode(': ', $response, 2);
$ref=0;
}
if(stripos($response, "From: ") === 0) {
$from=explode(': ', $response, 2);
if(isset($CONFIG['enable_nntp']) && $CONFIG['enable_nntp'] == true) {
foreach($banned_names as $banned_name) {
if(stripos($from[1], $banned_name) !== false) {
$banned = 1;
}
}
}
$ref=0;
}
if(stripos($response, "Subject: ") === 0) {
$subject=explode('Subject: ', $response, 2);
$ref=0;
}
if(stripos($response, "Newsgroups: ") === 0) {
$response=str_ireplace($group,$group,$response);
$ref=0;
}
if(stripos($response, "Xref: ") === 0) {
if(isset($CONFIG['enable_nntp']) && $CONFIG['enable_nntp'] == true) {
$response="Xref: ".$CONFIG['pathhost']." ".$group.":".$local;
}
$xref=$response;
$ref=0;
}
if(stripos($response, "Content-Type: ") === 0) {
preg_match('/.*charset=.*/', $response, $te);
$content_type = explode("Content-Type: text/plain; charset=", $te[0]);
}
if(stripos($response, "References: ") === 0) {
$this_references=explode('References: ', $response);
$references = $this_references[1];
$ref=1;
}
if((stripos($response, ':') === false) && (strpos($response, '>'))) {
if($ref == 1) {
$references=$references.$response;
}
}
} else {
$body.=$response."\n";
}
file_put_contents($articleHandle, $response."\n", FILE_APPEND);
// Check here for broken $ns connection before continuing
$response=fgets($ns,1200);
if($response == false) {
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Lost connection to ".$CONFIG['remote_server'].":".$CONFIG['remote_port']." retrieving article ".$article, FILE_APPEND);
unlink($grouppath."/".$local);
break;
// continue;
}
$response=str_replace("\n","",str_replace("\r","",$response));
}
file_put_contents($articleHandle, $response."\n", FILE_APPEND);
$lines=$lines-1;
$bytes = $bytes + ($lines * 2);
// Don't spool article if $banned=1
if($banned == 1) {
unlink($grouppath."/".$local);
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Skipping: ".$CONFIG['remote_server']." ".$group.":".$article." user: ".$from[1]." is banned", FILE_APPEND);
$article++;
} else {
if((strpos($CONFIG['nocem_groups'], $group) !== false) && ($CONFIG['enable_nocem'] == true)) {
if(strpos($subject[1], $nocem_check) !== false) {
$nocem_file = tempnam($spooldir."/nocem", "nocem-".$group."-");
copy($grouppath."/".$local, $nocem_file);
}
}
if((strpos($rslight_gpg['nntp_group'], $group) !== false) && ($rslight_gpg['enable'] == '1')) {
if(strpos($subject[1], $bbsmail_check) !== false) {
$bbsmail_file = preg_replace('/@@RSL /', '', $subject[1]);
$bbsmail_filename = $spooldir."/bbsmail/in/bbsmail-".$bbsmail_file;
copy($grouppath."/".$local, $bbsmail_filename);
}
}
// Overview
$stmt->execute([$group, $local, $mid[1], $article_date, $finddate[1], $from[1], $subject[1], $references, $bytes, $lines, $xref]);
$references="";
if($CONFIG['article_database'] == '1') {
$this_article = file_get_contents($grouppath."/".$local);
// CREATE SEARCH SNIPPET
$this_snippet = get_search_snippet($body, $content_type[1]);
$article_stmt->execute([$group, $local, $mid[1], $article_date, $from[1], $subject[1], $this_article, $this_snippet]);
unlink($grouppath."/".$local);
} else {
if($article_date > time())
$article_date = time();
touch($grouppath."/".$local, $article_date);
}
echo "\nRetrieved: ".$group." ".$article;
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Wrote to spool: ".$CONFIG['remote_server']." ".$group.":".$article, FILE_APPEND);
$i++;
$article++;
$local++;
if($i > $maxarticles_per_run) {
break;
}
} }
}
$article--;
// $local--;
// Update title
if(!is_file($workpath.$group."-title")) {
fputs($ns, "XGTITLE ".$group."\r\n");
$response = line_read($ns);
if (strcmp(substr($response,0,3),"282") == 0) {
$titlefile = $workpath.$group."-title";
$response = line_read($ns);
while(strcmp($response,".") != 0)
{
file_put_contents($titlefile, $response);
$response = line_read($ns);
}
}
}
# Save config
$grouplist = file($remote_groupfile, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
$saveconfig = fopen($remote_groupfile, 'w+');
foreach($grouplist as $savegroup) {
$name = explode(':', $savegroup);
if (strcmp($name[0], $group) == 0) {
fputs($saveconfig, $group.":".$article."\n");
} else {
fputs($saveconfig, $savegroup."\n");
}
}
fclose($saveconfig);
$grouplist = file($local_groupfile, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
$saveconfig = fopen($local_groupfile, 'w+');
foreach($grouplist as $savegroup) {
$name = explode(':', $savegroup);
if (strcmp($name[0], $group) == 0) {
fputs($saveconfig, $group.":".$local."\n");
} else {
fputs($saveconfig, $savegroup."\n");
}
}
fclose($saveconfig);
if($CONFIG['article_database'] == '1') {
$article_dbh = null;
}
$dbh = null;
}
function create_spool_groups($in_groups, $out_groups) { $grouppath = $path . preg_replace('/\./', '/', $group);
$grouplist = file($in_groups, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES); $banned_names = file($user_ban_file, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
$groupout = fopen($out_groups, "a+");
foreach($grouplist as $group) { $nocem_check = "@@NCM";
if($group[0] == ":") { $bbsmail_check = "@@RSL";
continue;
# Check if group exists. Open it if it does
fputs($ns, "group " . $group . "\r\n");
$response = line_read($ns);
if (strcmp(substr($response, 0, 3), "211") != 0) {
echo "\n" . $response;
return (1);
} }
$thisgroup = preg_split("/( |\t)/", $group, 2);
fseek($groupout, 0); # Get config
$found=0; $grouplist = file($remote_groupfile, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
while (($buffer = fgets($groupout)) !== false) { foreach ($grouplist as $findgroup) {
if (stripos($buffer, $thisgroup[0]) !== false) { $name = explode(':', $findgroup);
$found = 1; if (strcmp($name[0], $group) == 0) {
if (is_numeric(trim($name[1]))) {
$article = $name[1] + 1;
} else {
$article = 1;
}
break;
}
}
if (isset($CONFIG['enable_nntp']) && $CONFIG['enable_nntp'] == true) {
// Get list of article numbers to find what number is next
$ok_article = get_article_list($group);
sort($ok_article);
$local = $ok_article[key(array_slice($ok_article, - 1, 1, true))];
if (! is_numeric($local)) {
$local = 0;
}
$local = $local + 1;
if ($local < 1) {
$local = 1;
}
while (is_deleted_post($group, $local)) {
$local ++;
}
}
# Split group response line to get last article number
$detail = explode(" ", $response);
if (! isset($article)) {
$article = $detail[2];
}
if ($article < $detail[3] - $maxfirstrequest) {
$article = $detail[3] - $maxfirstrequest;
}
if ($article < $detail[2]) {
$article = $detail[2];
}
// Articles Database
if ($CONFIG['article_database'] == '1') {
$article_dbh = article_db_open($spooldir . '/' . $group . '-articles.db3');
$article_sql = 'INSERT OR IGNORE INTO articles(newsgroup, number, msgid, date, name, subject, article, search_snippet) VALUES(?,?,?,?,?,?,?,?)';
$article_stmt = $article_dbh->prepare($article_sql);
}
// Create list of message-ids
$database = $spooldir . '/articles-overview.db3';
$table = 'overview';
$dbh = overview_db_open($database, $table);
$stmt = $dbh->prepare("SELECT * FROM $table WHERE newsgroup=:newsgroup");
$stmt->bindParam(':newsgroup', $nntp_group);
$stmt->execute();
while ($row = $stmt->fetch()) {
$msgids[$row['msgid']] = true;
break; break;
}
} }
if($found == 0) { $dbh = null;
fwrite($groupout, $thisgroup[0]."\r\n");
continue; // Overview database
$database = $spooldir . '/articles-overview.db3';
$table = 'overview';
$dbh = overview_db_open($database, $table);
$sql = 'INSERT OR IGNORE INTO overview(newsgroup, number, msgid, date, datestring, name, subject, refs, bytes, lines, xref) VALUES(?,?,?,?,?,?,?,?,?,?,?)';
$stmt = $dbh->prepare($sql);
// Get overview from server
$server_overview = array();
$re = false;
if (($detail[3] - $article) > $maxarticles_per_run) {
$getlast = $article + $maxarticles_per_run;
} else {
$getlast = $detail[3];
} }
} fputs($ns, "xover " . $article . "-" . $getlast . "\r\n");
fclose($groupout); $response = line_read($ns); // and once more
return; if ((substr($response, 0, 3) != "224")) {
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Cannot get overview from " . $CONFIG['remote_server'] . " for " . $group, FILE_APPEND);
return false;
}
while (trim($response = line_read($ns)) !== '.') {
$ov = preg_split("/\t/", $response);
$server_msgids[$ov[0]] = $ov[4];
}
# Pull articles and save them in our spool
@mkdir($grouppath, 0755, 'recursive');
$i = 0;
while ($article <= $detail[3]) {
if (! is_numeric($article)) {
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " DEBUG This should show server group:article number: " . $CONFIG['remote_server'] . " " . $group . ":" . $article, FILE_APPEND);
break;
;
}
if ($CONFIG['enable_nntp'] != true) {
$local = $article;
}
if ($msgids[$server_msgids[$article]] == true) {
echo "\nDuplicate Message-ID for: " . $group . ":" . $article;
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Duplicate Message-ID for: " . $group . ":" . $article, FILE_APPEND);
$article ++;
continue;
}
fputs($ns, "article " . $article . "\r\n");
$response = line_read($ns);
if (strcmp(substr($response, 0, 3), "220") != 0) {
echo "\n" . $response;
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Unexpected response to ARTICLE command: " . $response, FILE_APPEND);
$article ++;
continue;
}
$articleHandle = $grouppath . "/" . $local;
$response = line_read($ns);
$lines = 0;
$bytes = 0;
$ref = 0;
$banned = 0;
$is_header = 1;
$body = "";
while (strcmp($response, ".") != 0) {
$bytes = $bytes + mb_strlen($response, '8bit');
if (trim($response) == "" || $lines > 0) {
$is_header = 0;
$lines ++;
}
if ($is_header == 1) {
$response = str_replace("\t", " ", $response);
// Find article date
if (stripos($response, "Date: ") === 0) {
$finddate = explode(': ', $response, 2);
$article_date = strtotime($finddate[1]);
}
// Get overview data
if (stripos($response, "Message-ID: ") === 0) {
$mid = explode(': ', $response, 2);
$ref = 0;
}
if (stripos($response, "From: ") === 0) {
$from = explode(': ', $response, 2);
if (isset($CONFIG['enable_nntp']) && $CONFIG['enable_nntp'] == true) {
foreach ($banned_names as $banned_name) {
if (stripos($from[1], $banned_name) !== false) {
$banned = 1;
}
}
}
$ref = 0;
}
if (stripos($response, "Subject: ") === 0) {
$subject = explode('Subject: ', $response, 2);
$ref = 0;
}
if (stripos($response, "Newsgroups: ") === 0) {
$response = str_ireplace($group, $group, $response);
$ref = 0;
}
if (stripos($response, "Xref: ") === 0) {
if (isset($CONFIG['enable_nntp']) && $CONFIG['enable_nntp'] == true) {
$response = "Xref: " . $CONFIG['pathhost'] . " " . $group . ":" . $local;
}
$xref = $response;
$ref = 0;
}
if (stripos($response, "Content-Type: ") === 0) {
preg_match('/.*charset=.*/', $response, $te);
$content_type = explode("Content-Type: text/plain; charset=", $te[0]);
}
if (stripos($response, "References: ") === 0) {
$this_references = explode('References: ', $response);
$references = $this_references[1];
$ref = 1;
}
if ((stripos($response, ':') === false) && (strpos($response, '>'))) {
if ($ref == 1) {
$references = $references . $response;
}
}
} else {
$body .= $response . "\n";
}
file_put_contents($articleHandle, $response . "\n", FILE_APPEND);
// Check here for broken $ns connection before continuing
$response = fgets($ns, 1200);
if ($response == false) {
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Lost connection to " . $CONFIG['remote_server'] . ":" . $CONFIG['remote_port'] . " retrieving article " . $article, FILE_APPEND);
unlink($grouppath . "/" . $local);
break;
// continue;
}
$response = str_replace("\n", "", str_replace("\r", "", $response));
}
file_put_contents($articleHandle, $response . "\n", FILE_APPEND);
$lines = $lines - 1;
$bytes = $bytes + ($lines * 2);
// Don't spool article if $banned=1
if ($banned == 1) {
unlink($grouppath . "/" . $local);
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Skipping: " . $CONFIG['remote_server'] . " " . $group . ":" . $article . " user: " . $from[1] . " is banned", FILE_APPEND);
$article ++;
} else {
if ((strpos($CONFIG['nocem_groups'], $group) !== false) && ($CONFIG['enable_nocem'] == true)) {
if (strpos($subject[1], $nocem_check) !== false) {
$nocem_file = tempnam($spooldir . "/nocem", "nocem-" . $group . "-");
copy($grouppath . "/" . $local, $nocem_file);
}
}
if ((strpos($rslight_gpg['nntp_group'], $group) !== false) && ($rslight_gpg['enable'] == '1')) {
if (strpos($subject[1], $bbsmail_check) !== false) {
$bbsmail_file = preg_replace('/@@RSL /', '', $subject[1]);
$bbsmail_filename = $spooldir . "/bbsmail/in/bbsmail-" . $bbsmail_file;
copy($grouppath . "/" . $local, $bbsmail_filename);
}
}
// Overview
$stmt->execute([
$group,
$local,
$mid[1],
$article_date,
$finddate[1],
$from[1],
$subject[1],
$references,
$bytes,
$lines,
$xref
]);
$references = "";
if ($CONFIG['article_database'] == '1') {
$this_article = file_get_contents($grouppath . "/" . $local);
// CREATE SEARCH SNIPPET
$this_snippet = get_search_snippet($body, $content_type[1]);
$article_stmt->execute([
$group,
$local,
$mid[1],
$article_date,
$from[1],
$subject[1],
$this_article,
$this_snippet
]);
unlink($grouppath . "/" . $local);
} else {
if ($article_date > time())
$article_date = time();
touch($grouppath . "/" . $local, $article_date);
}
echo "\nRetrieved: " . $group . " " . $article;
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Wrote to spool: " . $CONFIG['remote_server'] . " " . $group . ":" . $article, FILE_APPEND);
$i ++;
$article ++;
$local ++;
if ($i > $maxarticles_per_run) {
break;
}
}
}
$article --;
// $local--;
// Update title
if (! is_file($workpath . $group . "-title")) {
fputs($ns, "XGTITLE " . $group . "\r\n");
$response = line_read($ns);
if (strcmp(substr($response, 0, 3), "282") == 0) {
$titlefile = $workpath . $group . "-title";
$response = line_read($ns);
while (strcmp($response, ".") != 0) {
file_put_contents($titlefile, $response);
$response = line_read($ns);
}
}
}
# Save config
$grouplist = file($remote_groupfile, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
$saveconfig = fopen($remote_groupfile, 'w+');
foreach ($grouplist as $savegroup) {
$name = explode(':', $savegroup);
if (strcmp($name[0], $group) == 0) {
fputs($saveconfig, $group . ":" . $article . "\n");
} else {
fputs($saveconfig, $savegroup . "\n");
}
}
fclose($saveconfig);
$grouplist = file($local_groupfile, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
$saveconfig = fopen($local_groupfile, 'w+');
foreach ($grouplist as $savegroup) {
$name = explode(':', $savegroup);
if (strcmp($name[0], $group) == 0) {
fputs($saveconfig, $group . ":" . $local . "\n");
} else {
fputs($saveconfig, $savegroup . "\n");
}
}
fclose($saveconfig);
if ($CONFIG['article_database'] == '1') {
$article_dbh = null;
}
$dbh = null;
} }
function get_article_list($thisgroup) { function create_spool_groups($in_groups, $out_groups)
{
$grouplist = file($in_groups, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
$groupout = fopen($out_groups, "a+");
foreach ($grouplist as $group) {
if ($group[0] == ":") {
continue;
}
$thisgroup = preg_split("/( |\t)/", $group, 2);
fseek($groupout, 0);
$found = 0;
while (($buffer = fgets($groupout)) !== false) {
if (stripos($buffer, $thisgroup[0]) !== false) {
$found = 1;
break;
}
}
if ($found == 0) {
fwrite($groupout, $thisgroup[0] . "\r\n");
continue;
}
}
fclose($groupout);
return;
}
function get_article_list($thisgroup)
{
global $spooldir; global $spooldir;
$database = $spooldir."/articles-overview.db3"; $database = $spooldir . "/articles-overview.db3";
$table = 'overview'; $table = 'overview';
$dbh = overview_db_open($database, $table); $dbh = overview_db_open($database, $table);
$stmt = $dbh->prepare("SELECT * FROM $table WHERE newsgroup=:thisgroup ORDER BY number"); $stmt = $dbh->prepare("SELECT * FROM $table WHERE newsgroup=:thisgroup ORDER BY number");
$stmt->execute(['thisgroup' => $thisgroup]); $stmt->execute([
$ok_article=array(); 'thisgroup' => $thisgroup
while($found = $stmt->fetch()) { ]);
$ok_article = array();
while ($found = $stmt->fetch()) {
$ok_article[] = $found['number']; $ok_article[] = $found['number'];
} }
$dbh = null; $dbh = null;
return(array_unique($ok_article)); return (array_unique($ok_article));
} }
?> ?>

204
Rocksolid_Light/spoolnews/files.php
View File

@ -1,134 +1,134 @@
<?php <?php
include "config.inc.php"; include "config.inc.php";
include "newsportal.php"; include "newsportal.php";
$logfile=$logdir.'/files.log'; $logfile = $logdir . '/files.log';
if(isset($_COOKIE['tzo'])) { if (isset($_COOKIE['tzo'])) {
$offset=$_COOKIE['tzo']; $offset = $_COOKIE['tzo'];
} else { } else {
$offset=$CONFIG['timezone']; $offset = $CONFIG['timezone'];
} }
if((isset($_REQUEST['command']) && $_REQUEST['command'] == 'Show') && password_verify($CONFIG['thissitekey'], $_REQUEST['key'])) { if ((isset($_REQUEST['command']) && $_REQUEST['command'] == 'Show') && password_verify($CONFIG['thissitekey'], $_REQUEST['key'])) {
$getfilename = $spooldir.'/upload/'.$_REQUEST['showfile']; $getfilename = $spooldir . '/upload/' . $_REQUEST['showfile'];
$getfh = fopen($getfilename, "rb"); $getfh = fopen($getfilename, "rb");
$getfile = fread($getfh, filesize($getfilename)); $getfile = fread($getfh, filesize($getfilename));
fclose($getfh); fclose($getfh);
header('Content-type: '.$_REQUEST['contenttype']); header('Content-type: ' . $_REQUEST['contenttype']);
header('Content-disposition: filename="'.$_REQUEST['showfilename'].'"'); header('Content-disposition: filename="' . $_REQUEST['showfilename'] . '"');
file_put_contents($logfile, "\n".format_log_date()." Requesting: ".$_REQUEST['showfile'], FILE_APPEND); file_put_contents($logfile, "\n" . format_log_date() . " Requesting: " . $_REQUEST['showfile'], FILE_APPEND);
echo $getfile; echo $getfile;
exit(0); exit(0);
} }
$title.=' - Browse files'; $title .= ' - Browse files';
include "head.inc"; include "head.inc";
echo '<h1 class="np_thread_headline">'; echo '<h1 class="np_thread_headline">';
echo '<a href="../spoolnews/files.php" target='.$frame['menu'].'>files</a> / '; echo '<a href="../spoolnews/files.php" target=' . $frame['menu'] . '>files</a> / ';
echo htmlspecialchars($_COOKIE['mail_name']).'</h1>'; echo htmlspecialchars($_COOKIE['mail_name']) . '</h1>';
echo '<table cellpadding="0" cellspacing="0" class="np_buttonbar"><tr>'; echo '<table cellpadding="0" cellspacing="0" class="np_buttonbar"><tr>';
// Browse button // Browse button
echo '<td>'; echo '<td>';
echo '<form target="'.$frame['content'].'" method="post" action="files.php">'; echo '<form target="' . $frame['content'] . '" method="post" action="files.php">';
echo '<input name="command" type="hidden" id="command" value="Browse" readonly="readonly">'; echo '<input name="command" type="hidden" id="command" value="Browse" readonly="readonly">';
echo '<button class="np_button_link" type="submit">Browse</button>'; echo '<button class="np_button_link" type="submit">Browse</button>';
echo '</form>'; echo '</form>';
echo '</td>'; echo '</td>';
// Upload button // Upload button
echo '<td>'; echo '<td>';
echo '<form target="'.$frame['content'].'" method="post" action="upload.php">'; echo '<form target="' . $frame['content'] . '" method="post" action="upload.php">';
echo '<input name="command" type="hidden" id="command" value="Upload" readonly="readonly">'; echo '<input name="command" type="hidden" id="command" value="Upload" readonly="readonly">';
echo '<button class="np_button_link" type="submit">Upload</button>'; echo '<button class="np_button_link" type="submit">Upload</button>';
echo '</form>'; echo '</form>';
echo '</td>'; echo '</td>';
echo '<td width=100%></td></tr></table>'; echo '<td width=100%></td></tr></table>';
echo '<hr>'; echo '<hr>';
$directory = $spooldir.'/upload/'; $directory = $spooldir . '/upload/';
$users = array(); $users = array();
if(is_dir($directory)) { if (is_dir($directory)) {
if($user_dir = opendir($directory)) { if ($user_dir = opendir($directory)) {
while(($user_list = readdir($user_dir)) !== false) { while (($user_list = readdir($user_dir)) !== false) {
if($user_list == '.' || $user_list == '..') { if ($user_list == '.' || $user_list == '..') {
continue; continue;
}
$users[] = $user_list;
} }
$users[] = $user_list; closedir($user_dir);
}
closedir($user_dir);
} }
} }
sort($users); sort($users);
$found = 0; $found = 0;
if(count($users) > 0) { if (count($users) > 0) {
echo "<strong><small>Select a user directory to browse:</small></strong>"; echo "<strong><small>Select a user directory to browse:</small></strong>";
echo '<form name="browse" method="post" action="files.php" enctype="multipart/form-data">'; echo '<form name="browse" method="post" action="files.php" enctype="multipart/form-data">';
echo '<input name="command" type="hidden" id="command" value="Browse" readonly="readonly">'; echo '<input name="command" type="hidden" id="command" value="Browse" readonly="readonly">';
echo '<input type="hidden" name="key" value="'.password_hash($CONFIG['thissitekey'], PASSWORD_DEFAULT).'">'; echo '<input type="hidden" name="key" value="' . password_hash($CONFIG['thissitekey'], PASSWORD_DEFAULT) . '">';
echo '<select name="listbox">'; echo '<select name="listbox">';
foreach($users as $user) { foreach ($users as $user) {
$num = count(scandir($spooldir.'/upload/'.$user.'/')) - 2; $num = count(scandir($spooldir . '/upload/' . $user . '/')) - 2;
if($user == $_POST['listbox']) { if ($user == $_POST['listbox']) {
echo '<option value="'.$user.'" selected="selected">'.$user.' ('.$num.' files)</option>'; echo '<option value="' . $user . '" selected="selected">' . $user . ' (' . $num . ' files)</option>';
$found = 1; $found = 1;
} else { } else {
echo '<option value="'.$user.'">'.$user.' ('.$num.' files)</option>'; echo '<option value="' . $user . '">' . $user . ' (' . $num . ' files)</option>';
} }
} }
echo '</select>'; echo '</select>';
echo '<input type="submit" name="Submit" value="Browse">'; echo '<input type="submit" name="Submit" value="Browse">';
echo '</form>'; echo '</form>';
} }
if($found == 1 && password_verify($CONFIG['thissitekey'], $_REQUEST['key'])) { if ($found == 1 && password_verify($CONFIG['thissitekey'], $_REQUEST['key'])) {
display_user_files($_POST['listbox'], $offset); display_user_files($_POST['listbox'], $offset);
} }
function display_user_files($user, $offset) { function display_user_files($user, $offset)
global $CONFIG, $spooldir, $text_header; {
$directory = $spooldir.'/upload/'.$user.'/'; global $CONFIG, $spooldir, $text_header;
if(is_dir($directory)) { $directory = $spooldir . '/upload/' . $user . '/';
$files = scandir($directory); if (is_dir($directory)) {
} $files = scandir($directory);
natcasesort($files);
echo '<table cellspacing="0" class="np_thread_table">';
echo '<tr class="np_thread_head"><td class="np_thread_head">Filename</td><td>File Type</td><td>Date</td></tr>';
$i=0;
foreach($files as $file) {
if($file == '.' || $file == '..') {
continue;
} }
$lineclass="np_thread_line".(($i%2)+1); natcasesort($files);
$thisfile = $spooldir.'/upload/'.$user.'/'.$file; echo '<table cellspacing="0" class="np_thread_table">';
// Use local timezone if possible echo '<tr class="np_thread_head"><td class="np_thread_head">Filename</td><td>File Type</td><td>Date</td></tr>';
$ts = new DateTime(date("D, j M Y H:i T", filectime($thisfile)), new DateTimeZone('UTC')); $i = 0;
$ts->add(DateInterval::createFromDateString($offset.' minutes')); foreach ($files as $file) {
if ($file == '.' || $file == '..') {
if($offset != 0) { continue;
$newdate = $ts->format('j M Y'); }
} else { $lineclass = "np_thread_line" . (($i % 2) + 1);
$newdate = $ts->format('j M Y T'); $thisfile = $spooldir . '/upload/' . $user . '/' . $file;
// Use local timezone if possible
$ts = new DateTime(date("D, j M Y H:i T", filectime($thisfile)), new DateTimeZone('UTC'));
$ts->add(DateInterval::createFromDateString($offset . ' minutes'));
if ($offset != 0) {
$newdate = $ts->format('j M Y');
} else {
$newdate = $ts->format('j M Y T');
}
unset($ts);
echo '<tr class="' . $lineclass . '">';
$mime = mime_content_type($thisfile);
// Link
echo '<td class="' . $lineclass . '">';
echo '<form action="files.php" method="post" target="rslight_view">';
echo '<button class="np_filename_button_link" type="submit">' . $file . '</button>';
echo '<input type="hidden" name="showfile" value="' . $user . '/' . $file . '"/>';
echo '<input type="hidden" name="showfilename" value="' . $file . '"/>';
echo '<input type="hidden" name="key" value="' . password_hash($CONFIG['thissitekey'], PASSWORD_DEFAULT) . '">';
echo '<input type="hidden" name="contenttype" value="' . $mime . '">';
echo '<input name="command" type="hidden" id="command" value="Show" readonly="readonly">';
echo '</form>';
echo '</td>';
echo '<td class="' . $lineclass . '"><span class="np_thread_line_text">' . $mime . '</span></td>';
echo '<td class="' . $lineclass . '"><span class="np_thread_line_text">' . $newdate . '</span></td>';
echo '</tr>';
$i ++;
} }
unset($ts); echo '</table>';
echo '<tr class="'.$lineclass.'">';
$mime = mime_content_type($thisfile);
// Link
echo '<td class="'.$lineclass.'">';
echo '<form action="files.php" method="post" target="rslight_view">';
echo '<button class="np_filename_button_link" type="submit">'.$file.'</button>';
echo '<input type="hidden" name="showfile" value="'.$user.'/'.$file.'"/>';
echo '<input type="hidden" name="showfilename" value="'.$file.'"/>';
echo '<input type="hidden" name="key" value="'.password_hash($CONFIG['thissitekey'], PASSWORD_DEFAULT).'">';
echo '<input type="hidden" name="contenttype" value="'.$mime.'">';
echo '<input name="command" type="hidden" id="command" value="Show" readonly="readonly">';
echo '</form>';
echo '</td>';
echo '<td class="'.$lineclass.'"><span class="np_thread_line_text">'.$mime.'</span></td>';
echo '<td class="'.$lineclass.'"><span class="np_thread_line_text">'.$newdate.'</span></td>';
echo '</tr>';
$i++;
}
echo '</table>';
} }
?> ?>

886
Rocksolid_Light/spoolnews/mail.php
View File

@ -3,43 +3,43 @@ session_start();
include "config.inc.php"; include "config.inc.php";
include "newsportal.php"; include "newsportal.php";
include $config_dir."/gpg.conf"; include $config_dir . "/gpg.conf";
if(isset($_COOKIE['tzo'])) { if (isset($_COOKIE['tzo'])) {
$offset=$_COOKIE['tzo']; $offset = $_COOKIE['tzo'];
} else { } else {
$offset=$CONFIG['timezone']; $offset = $CONFIG['timezone'];
} }
if(!isset($_POST['command'])) { if (! isset($_POST['command'])) {
$_POST['command'] = null; $_POST['command'] = null;
} }
$logfile = $logdir.'/mail.log'; $logfile = $logdir . '/mail.log';
$keyfile = $spooldir.'/keys.dat'; $keyfile = $spooldir . '/keys.dat';
$keys = unserialize(file_get_contents($keyfile)); $keys = unserialize(file_get_contents($keyfile));
// How long should cookie allow user to stay logged in? // How long should cookie allow user to stay logged in?
// 14400 = 4 hours // 14400 = 4 hours
$auth_expire = 14400; $auth_expire = 14400;
$logged_in = false; $logged_in = false;
if(!isset($_POST['username'])) { if (! isset($_POST['username'])) {
$_POST['username'] = $_COOKIE['mail_name']; $_POST['username'] = $_COOKIE['mail_name'];
} }
$name = $_POST['username']; $name = $_POST['username'];
if(!isset($_POST['password'])) { if (! isset($_POST['password'])) {
$_POST['password'] = null; $_POST['password'] = null;
} }
if(!isset($_COOKIE['mail_auth'])) { if (! isset($_COOKIE['mail_auth'])) {
$_COOKIE['mail_auth'] = null; $_COOKIE['mail_auth'] = null;
} }
if((password_verify($_POST['username'].$keys[0].get_user_config($_POST['username'],'encryptionkey'), $_COOKIE['mail_auth'])) || (password_verify($_POST['username'].$keys[1].get_user_config($_POST['username'],'encryptionkey'), $_COOKIE['mail_auth']))) { if ((password_verify($_POST['username'] . $keys[0] . get_user_config($_POST['username'], 'encryptionkey'), $_COOKIE['mail_auth'])) || (password_verify($_POST['username'] . $keys[1] . get_user_config($_POST['username'], 'encryptionkey'), $_COOKIE['mail_auth']))) {
$logged_in = true; $logged_in = true;
} else { } else {
if(check_bbs_auth($_POST['username'], $_POST['password'])) { if (check_bbs_auth($_POST['username'], $_POST['password'])) {
$authkey = password_hash($_POST['username'].$keys[0].get_user_config($_POST['username'],'encryptionkey'), PASSWORD_DEFAULT); $authkey = password_hash($_POST['username'] . $keys[0] . get_user_config($_POST['username'], 'encryptionkey'), PASSWORD_DEFAULT);
?> ?>
<script type="text/javascript"> <script type="text/javascript">
if (navigator.cookieEnabled) if (navigator.cookieEnabled)
var authcookie = "<?php echo $authkey; ?>"; var authcookie = "<?php echo $authkey; ?>";
var savename = "<?php echo stripslashes($name); ?>"; var savename = "<?php echo stripslashes($name); ?>";
@ -49,421 +49,455 @@ include $config_dir."/gpg.conf";
document.cookie = "mail_name="+savename+"; max-age="+name_expire+"; path=/"; document.cookie = "mail_name="+savename+"; max-age="+name_expire+"; path=/";
</script> </script>
<?php <?php
$logged_in = true; $logged_in = true;
} }
} }
$title.=' - Mail'; $title .= ' - Mail';
include "head.inc"; include "head.inc";
echo '<h1 class="np_thread_headline">'; echo '<h1 class="np_thread_headline">';
echo '<a href="mail.php" target='.$frame['menu'].'>mail</a> / '; echo '<a href="mail.php" target=' . $frame['menu'] . '>mail</a> / ';
echo htmlspecialchars($_POST['username']).'</h1>'; echo htmlspecialchars($_POST['username']) . '</h1>';
echo '<table cellpadding="0" cellspacing="0" class="np_buttonbar"><tr>'; echo '<table cellpadding="0" cellspacing="0" class="np_buttonbar"><tr>';
// New Message button // New Message button
if($_POST['command'] !== 'Send') { if ($_POST['command'] !== 'Send') {
echo '<td>'; echo '<td>';
echo '<form target="'.$frame['content'].'" method="post" action="mail.php">'; echo '<form target="' . $frame['content'] . '" method="post" action="mail.php">';
echo '<input name="command" type="hidden" id="command" value="Send" readonly="readonly">'; echo '<input name="command" type="hidden" id="command" value="Send" readonly="readonly">';
echo "<input type='hidden' name='username' value='".$_POST['username']."' />"; echo "<input type='hidden' name='username' value='" . $_POST['username'] . "' />";
echo '<button class="np_button_link" type="submit">New Message</button>'; echo '<button class="np_button_link" type="submit">New Message</button>';
echo '</form>'; echo '</form>';
echo '</td>'; echo '</td>';
}
// Delete Message button
if(isset($_POST['command']) && $_POST['command'] == 'Message') {
echo '<td>';
echo '<form target="'.$frame['content'].'" method="post" action="mail.php">';
echo '<input name="command" type="hidden" id="command" value="Delete" readonly="readonly">';
echo "<input type='hidden' name='username' value='".$_POST['username']."' />";
echo "<input type='hidden' name='id' value='".$_POST['id']."' />";
echo '<button class="np_button_link" type="submit">Delete This Message</button>';
echo '</form>';
echo '</td>';
}
echo '<td width=100%></td></tr></table>';
if(isset($_POST['username'])) {
$name = $_POST['username'];
// Save name in cookie
if ($setcookies==true) {
setcookie("mail_name",stripslashes($name),time()+(3600*24*90),"/");
}
} else {
if ($setcookies) {
if ((isset($_COOKIE["mail_name"])) && (!isset($name))) {
$name=$_COOKIE["mail_name"];
} else {
$name = '';
}
}
} }
if($logged_in !== true) { // Delete Message button
echo '<table border="0" align="center" cellpadding="0" cellspacing="1">'; if (isset($_POST['command']) && $_POST['command'] == 'Message') {
echo '<form name="form1" method="post" action="user.php" enctype="multipart/form-data">'; echo '<td>';
//echo '<form name="form1" method="post" action="mail.php" enctype="multipart/form-data">'; echo '<form target="' . $frame['content'] . '" method="post" action="mail.php">';
echo '<tr><td><strong>Please Login<br /></strong></td></tr>'; echo '<input name="command" type="hidden" id="command" value="Delete" readonly="readonly">';
echo '<tr><td>Username:</td><td><input name="username" type="text" id="username" value="'.$name.'"></td></tr>'; echo "<input type='hidden' name='username' value='" . $_POST['username'] . "' />";
echo '<tr><td>Password:</td><td><input name="password" type="password" id="password"></td></tr>'; echo "<input type='hidden' name='id' value='" . $_POST['id'] . "' />";
echo '<td><input name="command" type="hidden" id="command" value="Login" readonly="readonly"></td>'; echo '<button class="np_button_link" type="submit">Delete This Message</button>';
echo '<input type="hidden" name="key" value="'.password_hash($CONFIG['thissitekey'].$name, PASSWORD_DEFAULT).'">'; echo '</form>';
echo '<td>&nbsp;</td>'; echo '</td>';
echo '<td><input type="submit" name="Submit" value="Login"></td>'; }
echo '</tr>'; echo '<td width=100%></td></tr></table>';
echo '</form>';
echo '</table>';
exit(0);
}
$user = strtolower($_POST['username']); if (isset($_POST['username'])) {
$name = $_POST['username'];
if(isset($_POST['command']) && $_POST['command'] == 'Delete') { // Save name in cookie
$database = $spooldir.'/mail.db3'; if ($setcookies == true) {
$dbh = mail_db_open($database); setcookie("mail_name", stripslashes($name), time() + (3600 * 24 * 90), "/");
$query = $dbh->prepare('SELECT * FROM messages where id=:id');
$query->execute(['id' => $_POST['id']]);
while (($row = $query->fetch()) !== false) {
if(($row['mail_from'] != $user) && ($row['rcpt_to'] != $user)) {
continue;
}
$istrue = 'true';
if($row['mail_from'] == $user) {
$sql_update = $dbh->prepare('UPDATE messages SET from_hide=:from_hide WHERE id=:row_id');
$sql_update->execute(array(':from_hide' => $istrue, ':row_id' => $row['id']));
}
if($row['rcpt_to'] == $user) {
$sql_update = $dbh->prepare('UPDATE messages SET to_hide=:to_hide WHERE id=:row_id');
$sql_update->execute(array(':to_hide' => $istrue, ':row_id' => $row['id']));
}
} }
$dbh = null; } else {
} if ($setcookies) {
if ((isset($_COOKIE["mail_name"])) && (! isset($name))) {
if(isset($_POST['command']) && $_POST['command'] == 'Message') { $name = $_COOKIE["mail_name"];
$database = $spooldir.'/mail.db3'; } else {
$dbh = mail_db_open($database); $name = '';
$query = $dbh->prepare('SELECT * FROM messages where id=:id');
$query->execute(['id' => $_POST['id']]);
while (($row = $query->fetch()) !== false) {
$ts = new DateTime(date("D, j M Y H:i T", $row["date"]), new DateTimeZone('UTC'));
$ts->add(DateInterval::createFromDateString($offset.' minutes'));
if($offset != 0) {
$newdate = $ts->format('D, j M Y H:i');
} else {
$newdate = $ts->format('D, j M Y H:i T');
}
unset($ts);
if(($row['mail_from'] != $user) && ($row['rcpt_to'] != $user)) {
continue;
}
$body = rtrim($row['message']).'<br /><br />';
echo '<div class="np_article_header">';
echo '<b>Subject:</b> '.$row['subject'].'<br />';
echo '<b>From:</b> '.$row['mail_from'].'<br />';
echo '<b>To:</b> '.$row['rcpt_to'].'<br />';
echo '<b>Date:</b> '.$newdate.'<br />';
echo '</div>';
echo '<div class="np_article_body">';
echo $body;
echo '<form action="mail.php" method="post">';
echo '<button class="np_button_link" type="submit">Reply</button>';
echo "<input type='hidden' name='id' value='".$row['id']."' />";
echo "<input type='hidden' name='username' value='".$_POST['username']."' />";
echo '<input name="command" type="hidden" id="command" value="Send" readonly="readonly">';
echo '</form>';
echo '</div>';
if($row['mail_from'] == $user) {
$sql_update = $dbh->prepare('UPDATE messages SET mail_viewed=? WHERE msgid=?');
$sql_update->execute(array('true', $row['msgid']));
}
if($row['rcpt_to'] == $user) {
$sql_update = $dbh->prepare('UPDATE messages SET rcpt_viewed=? WHERE msgid=?');
$sql_update->execute(array('true', $row['msgid']));
}
}
$dbh = null;
}
if (isset($_POST['sendMessage'])) {
if (isset($_POST['to']) && $_POST['to'] != '' && isset($_POST['from']) && $_POST['from'] != '' && isset($_POST['message']) && $_POST['message'] != '') {
if(($to = get_config_value('aliases.conf', strtolower($_POST['to']))) == false) {
$to = strtolower($_POST['to']);
}
$userlist = scandir($config_dir.'/users/');
$found = 0;
foreach($userlist as $user) {
if(trim($to) == trim($user)) {
$found = 1;
}
}
// Check if target is remote. If user enters @ our own domain, strip it (it's local)
$remote_target = 0;
if(strpos($to, '@') !== false) {
$info = preg_split('/@/', $to, 2);
if($info[1] == $rslight_gpg['domain_name']) { // domain is our domain
$to = $info[0];
foreach($userlist as $user) {
if(($to = get_config_value('aliases.conf', strtolower($info[0]))) == false) {
$to = strtolower($info[0]);
}
if(trim($to) == trim($user)) {
$found = 1;
}
}
} else { // domain is remote
$found = 1;
$remote_target = 1;
}
}
if($found == 0) {
echo 'User not found: '.$to;
} else {
$database = $spooldir.'/mail.db3';
$dbh = mail_db_open($database);
$from = $_POST['from'];
$subject = $_POST['subject'];
$message = $_POST['message'];
$date = time();
$message = $_POST['message'];
$msgid = '<'.md5(strtolower($to).strtolower($from).strtolower($subject).strtolower($message)).'>';
$sql = 'INSERT OR IGNORE INTO messages(msgid, mail_from, rcpt_to, rcpt_target, date, subject, message, from_hide, to_hide, mail_viewed, rcpt_viewed) VALUES(?,?,?,?,?,?,?,?,?,?,?)';
$stmt = $dbh->prepare($sql);
// For possible future use ($target is currently unused)
$target = "local";
$mail_viewed = "true";
$rcpt_viewed = null;
// $remote_target is handled here
if($q = $stmt->execute([$msgid, $from, $to, $target, $date, $subject, $message, null, null, $mail_viewed, $rcpt_viewed])) {
if($remote_target == 1) {
$remote_result = send_external_mail($from, $to, $date, $subject, $message);
if($remote_result == true) {
$return_val = "Message sent.";
} else {
$return_val = "Failed to Send. No Key for Destination";
}
}
$return_val = "Message sent.";
} else {
$return_val = "Failed to Send. Database Error";
}
// Act on return values for response to user
echo $return_val;
$dbh = null;
$user = $from;
}
}
} }
if(isset($_POST['command']) && $_POST['command'] == 'Send') {
if(isset($_POST['id'])) {
$database = $spooldir.'/mail.db3';
$dbh = mail_db_open($database);
$query = $dbh->prepare('SELECT * FROM messages where id=:id');
$query->execute(['id' => $_POST['id']]);
while (($row = $query->fetch()) !== false) {
$mail_to = $row['mail_from'];
if(strpos($row['subject'], 'Re: ') !== 0) {
$subject = 'Re: '.$row['subject'];
} else {
$subject = $row['subject'];
}
$body=explode("\n",$row['message']);
$message = $row['mail_from']." wrote:\n\n";
foreach($body as $line) {
if(trim($line) !== '') {
$line = '>'.$line;
}
$message.=$line;
}
}
$dbh = null;
}
echo '<h3>Send Message:</h3>';
echo "<form action='mail.php' method='POST'>";
echo '<table><tbody><tr>';
echo "<td>To: </td><td><input type='text' name='to' value='".$mail_to."'/></td>";
echo '</tr><tr>';
echo "<td>Subject: </td><td><input type='text' name='subject' value='".$subject."'/></td>";
echo '</tr><tr>';
echo "<td></td><td><textarea class='postbody' id='message' name='message'>$message</textarea></td>";
echo '</tr><tr>';
echo "<input type='hidden' name='from' value='".$user."' />";
echo "<input type='hidden' name='username' value='".$_POST['username']."' />";
echo "<td></td><td><input type='submit' value='Send Mail' name='sendMessage' /></td>";
echo '</tr></tbody></table></form>';
}
// Show My Messages
$database = $spooldir.'/mail.db3';
$dbh = mail_db_open($database);
echo '<hr><h1 class="np_thread_headline">My Messages:</h1>';
echo '<table cellspacing="0" width="100%" class="np_results_table">';
$query = $dbh->prepare('SELECT * FROM messages WHERE mail_from=:mail_from OR rcpt_to=:mail_from ORDER BY date DESC');
$query->execute(['mail_from' => $user]);
echo '<tr class="np_thread_head"><td class="np_thread_head">Subject</td><td class="np_thread_head">From</td><td class="np_thread_head">To</td><td class="np_thread_head">Date</td></tr>';
$i=1;
while (($row = $query->fetch()) !== false) {
if(($row['mail_from'] == $user) && ($row['from_hide'] == 'true')) {
continue;
}
if(($row['rcpt_to'] == $user) && ($row['to_hide'] == 'true')) {
continue;
}
if(($i % 2) != 0){
echo '<tr class="np_result_line1"><td class="np_result_line1" style="word-wrap:break-word";>';
} else {
echo '<tr class="np_result_line2"><td class="np_result_line2" style="word-wrap:break-word";>';
}
$button_link = 'np_mail_button_link';;
if(($row['mail_from'] == $user) && ($row['mail_viewed'] == 'true')) {
$button_link = 'np_mail_button_read';
} elseif(($row['rcpt_to'] == $user) && ($row['rcpt_viewed'] == 'true')) {
$button_link = 'np_mail_button_read';
} }
// Use local timezone if possible }
$ts = new DateTime(date("D, j M Y H:i T", $row["date"]), new DateTimeZone('UTC')); if ($logged_in !== true) {
$ts->add(DateInterval::createFromDateString($offset.' minutes')); echo '<table border="0" align="center" cellpadding="0" cellspacing="1">';
echo '<form name="form1" method="post" action="user.php" enctype="multipart/form-data">';
if($offset != 0) { // echo '<form name="form1" method="post" action="mail.php" enctype="multipart/form-data">';
$newdate = $ts->format('D, j M Y H:i'); echo '<tr><td><strong>Please Login<br /></strong></td></tr>';
echo '<tr><td>Username:</td><td><input name="username" type="text" id="username" value="' . $name . '"></td></tr>';
echo '<tr><td>Password:</td><td><input name="password" type="password" id="password"></td></tr>';
echo '<td><input name="command" type="hidden" id="command" value="Login" readonly="readonly"></td>';
echo '<input type="hidden" name="key" value="' . password_hash($CONFIG['thissitekey'] . $name, PASSWORD_DEFAULT) . '">';
echo '<td>&nbsp;</td>';
echo '<td><input type="submit" name="Submit" value="Login"></td>';
echo '</tr>';
echo '</form>';
echo '</table>';
exit(0);
}
$user = strtolower($_POST['username']);
if (isset($_POST['command']) && $_POST['command'] == 'Delete') {
$database = $spooldir . '/mail.db3';
$dbh = mail_db_open($database);
$query = $dbh->prepare('SELECT * FROM messages where id=:id');
$query->execute([
'id' => $_POST['id']
]);
while (($row = $query->fetch()) !== false) {
if (($row['mail_from'] != $user) && ($row['rcpt_to'] != $user)) {
continue;
}
$istrue = 'true';
if ($row['mail_from'] == $user) {
$sql_update = $dbh->prepare('UPDATE messages SET from_hide=:from_hide WHERE id=:row_id');
$sql_update->execute(array(
':from_hide' => $istrue,
':row_id' => $row['id']
));
}
if ($row['rcpt_to'] == $user) {
$sql_update = $dbh->prepare('UPDATE messages SET to_hide=:to_hide WHERE id=:row_id');
$sql_update->execute(array(
':to_hide' => $istrue,
':row_id' => $row['id']
));
}
}
$dbh = null;
}
if (isset($_POST['command']) && $_POST['command'] == 'Message') {
$database = $spooldir . '/mail.db3';
$dbh = mail_db_open($database);
$query = $dbh->prepare('SELECT * FROM messages where id=:id');
$query->execute([
'id' => $_POST['id']
]);
while (($row = $query->fetch()) !== false) {
$ts = new DateTime(date("D, j M Y H:i T", $row["date"]), new DateTimeZone('UTC'));
$ts->add(DateInterval::createFromDateString($offset . ' minutes'));
if ($offset != 0) {
$newdate = $ts->format('D, j M Y H:i');
} else {
$newdate = $ts->format('D, j M Y H:i T');
}
unset($ts);
if (($row['mail_from'] != $user) && ($row['rcpt_to'] != $user)) {
continue;
}
$body = rtrim($row['message']) . '<br /><br />';
echo '<div class="np_article_header">';
echo '<b>Subject:</b> ' . $row['subject'] . '<br />';
echo '<b>From:</b> ' . $row['mail_from'] . '<br />';
echo '<b>To:</b> ' . $row['rcpt_to'] . '<br />';
echo '<b>Date:</b> ' . $newdate . '<br />';
echo '</div>';
echo '<div class="np_article_body">';
echo $body;
echo '<form action="mail.php" method="post">';
echo '<button class="np_button_link" type="submit">Reply</button>';
echo "<input type='hidden' name='id' value='" . $row['id'] . "' />";
echo "<input type='hidden' name='username' value='" . $_POST['username'] . "' />";
echo '<input name="command" type="hidden" id="command" value="Send" readonly="readonly">';
echo '</form>';
echo '</div>';
if ($row['mail_from'] == $user) {
$sql_update = $dbh->prepare('UPDATE messages SET mail_viewed=? WHERE msgid=?');
$sql_update->execute(array(
'true',
$row['msgid']
));
}
if ($row['rcpt_to'] == $user) {
$sql_update = $dbh->prepare('UPDATE messages SET rcpt_viewed=? WHERE msgid=?');
$sql_update->execute(array(
'true',
$row['msgid']
));
}
}
$dbh = null;
}
if (isset($_POST['sendMessage'])) {
if (isset($_POST['to']) && $_POST['to'] != '' && isset($_POST['from']) && $_POST['from'] != '' && isset($_POST['message']) && $_POST['message'] != '') {
if (($to = get_config_value('aliases.conf', strtolower($_POST['to']))) == false) {
$to = strtolower($_POST['to']);
}
$userlist = scandir($config_dir . '/users/');
$found = 0;
foreach ($userlist as $user) {
if (trim($to) == trim($user)) {
$found = 1;
}
}
// Check if target is remote. If user enters @ our own domain, strip it (it's local)
$remote_target = 0;
if (strpos($to, '@') !== false) {
$info = preg_split('/@/', $to, 2);
if ($info[1] == $rslight_gpg['domain_name']) { // domain is our domain
$to = $info[0];
foreach ($userlist as $user) {
if (($to = get_config_value('aliases.conf', strtolower($info[0]))) == false) {
$to = strtolower($info[0]);
}
if (trim($to) == trim($user)) {
$found = 1;
}
}
} else { // domain is remote
$found = 1;
$remote_target = 1;
}
}
if ($found == 0) {
echo 'User not found: ' . $to;
} else {
$database = $spooldir . '/mail.db3';
$dbh = mail_db_open($database);
$from = $_POST['from'];
$subject = $_POST['subject'];
$message = $_POST['message'];
$date = time();
$message = $_POST['message'];
$msgid = '<' . md5(strtolower($to) . strtolower($from) . strtolower($subject) . strtolower($message)) . '>';
$sql = 'INSERT OR IGNORE INTO messages(msgid, mail_from, rcpt_to, rcpt_target, date, subject, message, from_hide, to_hide, mail_viewed, rcpt_viewed) VALUES(?,?,?,?,?,?,?,?,?,?,?)';
$stmt = $dbh->prepare($sql);
// For possible future use ($target is currently unused)
$target = "local";
$mail_viewed = "true";
$rcpt_viewed = null;
// $remote_target is handled here
if ($q = $stmt->execute([
$msgid,
$from,
$to,
$target,
$date,
$subject,
$message,
null,
null,
$mail_viewed,
$rcpt_viewed
])) {
if ($remote_target == 1) {
$remote_result = send_external_mail($from, $to, $date, $subject, $message);
if ($remote_result == true) {
$return_val = "Message sent.";
} else {
$return_val = "Failed to Send. No Key for Destination";
}
}
$return_val = "Message sent.";
} else {
$return_val = "Failed to Send. Database Error";
}
// Act on return values for response to user
echo $return_val;
$dbh = null;
$user = $from;
}
}
}
if (isset($_POST['command']) && $_POST['command'] == 'Send') {
if (isset($_POST['id'])) {
$database = $spooldir . '/mail.db3';
$dbh = mail_db_open($database);
$query = $dbh->prepare('SELECT * FROM messages where id=:id');
$query->execute([
'id' => $_POST['id']
]);
while (($row = $query->fetch()) !== false) {
$mail_to = $row['mail_from'];
if (strpos($row['subject'], 'Re: ') !== 0) {
$subject = 'Re: ' . $row['subject'];
} else {
$subject = $row['subject'];
}
$body = explode("\n", $row['message']);
$message = $row['mail_from'] . " wrote:\n\n";
foreach ($body as $line) {
if (trim($line) !== '') {
$line = '>' . $line;
}
$message .= $line;
}
}
$dbh = null;
}
echo '<h3>Send Message:</h3>';
echo "<form action='mail.php' method='POST'>";
echo '<table><tbody><tr>';
echo "<td>To: </td><td><input type='text' name='to' value='" . $mail_to . "'/></td>";
echo '</tr><tr>';
echo "<td>Subject: </td><td><input type='text' name='subject' value='" . $subject . "'/></td>";
echo '</tr><tr>';
echo "<td></td><td><textarea class='postbody' id='message' name='message'>$message</textarea></td>";
echo '</tr><tr>';
echo "<input type='hidden' name='from' value='" . $user . "' />";
echo "<input type='hidden' name='username' value='" . $_POST['username'] . "' />";
echo "<td></td><td><input type='submit' value='Send Mail' name='sendMessage' /></td>";
echo '</tr></tbody></table></form>';
}
// Show My Messages
$database = $spooldir . '/mail.db3';
$dbh = mail_db_open($database);
echo '<hr><h1 class="np_thread_headline">My Messages:</h1>';
echo '<table cellspacing="0" width="100%" class="np_results_table">';
$query = $dbh->prepare('SELECT * FROM messages WHERE mail_from=:mail_from OR rcpt_to=:mail_from ORDER BY date DESC');
$query->execute([
'mail_from' => $user
]);
echo '<tr class="np_thread_head"><td class="np_thread_head">Subject</td><td class="np_thread_head">From</td><td class="np_thread_head">To</td><td class="np_thread_head">Date</td></tr>';
$i = 1;
while (($row = $query->fetch()) !== false) {
if (($row['mail_from'] == $user) && ($row['from_hide'] == 'true')) {
continue;
}
if (($row['rcpt_to'] == $user) && ($row['to_hide'] == 'true')) {
continue;
}
if (($i % 2) != 0) {
echo '<tr class="np_result_line1"><td class="np_result_line1" style="word-wrap:break-word";>';
} else { } else {
$newdate = $ts->format('D, j M Y H:i T'); echo '<tr class="np_result_line2"><td class="np_result_line2" style="word-wrap:break-word";>';
}
$button_link = 'np_mail_button_link';
;
if (($row['mail_from'] == $user) && ($row['mail_viewed'] == 'true')) {
$button_link = 'np_mail_button_read';
} elseif (($row['rcpt_to'] == $user) && ($row['rcpt_viewed'] == 'true')) {
$button_link = 'np_mail_button_read';
}
// Use local timezone if possible
$ts = new DateTime(date("D, j M Y H:i T", $row["date"]), new DateTimeZone('UTC'));
$ts->add(DateInterval::createFromDateString($offset . ' minutes'));
if ($offset != 0) {
$newdate = $ts->format('D, j M Y H:i');
} else {
$newdate = $ts->format('D, j M Y H:i T');
} }
unset($ts); unset($ts);
echo '<form action="mail.php" method="post">'; echo '<form action="mail.php" method="post">';
echo '<button class="'.$button_link.'" type="submit">'.$row["subject"].'</button>'; echo '<button class="' . $button_link . '" type="submit">' . $row["subject"] . '</button>';
echo "<input type='hidden' name='id' value='".$row['id']."' />"; echo "<input type='hidden' name='id' value='" . $row['id'] . "' />";
echo "<input type='hidden' name='username' value='".$_POST['username']."' />"; echo "<input type='hidden' name='username' value='" . $_POST['username'] . "' />";
echo '<input name="command" type="hidden" id="command" value="Message" readonly="readonly">'; echo '<input name="command" type="hidden" id="command" value="Message" readonly="readonly">';
echo '</form>'; echo '</form>';
echo '</td><td>'.$row["mail_from"].'</td><td>'.$row["rcpt_to"].'</td><td>'.$newdate.'</td></tr>'; echo '</td><td>' . $row["mail_from"] . '</td><td>' . $row["rcpt_to"] . '</td><td>' . $newdate . '</td></tr>';
$i++; $i ++;
} }
echo '</tbody></table><br />'; echo '</tbody></table><br />';
include "tail.inc"; include "tail.inc";
function send_external_mail($sender, $recipient, $date, $subject, $message) {
global $rslight_gpg, $config_name, $spooldir, $rslight_version;
putenv("GNUPGHOME=".$rslight_gpg['gnupghome']);
$res = gnupg_init();
// Get target domain (then get key if necessary)
$info = preg_split('/@/', $recipient, 2);
$target['domain'] = $info[1];
if(gnupg_keyinfo($res, "rslight@".$target['domain']) == false) { // We don't have the key
$retrieve = retrieve_key($res, $target['domain']);
if($retrieve == false) { // We can't get the key
return false;
}
}
$cwd = getcwd();
$keydir = preg_replace('/spoolnews/','pubkey/',$cwd);
$key_location = "/pubkey/server_pubkey.txt";
$signing_key = trim(file_get_contents($keydir.'/server_fingerprint.txt'));
$fingerprint_clean = preg_replace('/\ /', '', $signing_key);
gnupg_addsignkey($res,$fingerprint_clean);
gnupg_adddecryptkey($res,$fingerprint_clean, '');
$keyinfo = gnupg_keyinfo($res, "rslight@".$target['domain']);
$target['fingerprint'] = $keyinfo[0]['subkeys'][0]['fingerprint'];
$encrypt_to_key = $target['fingerprint'];
gnupg_addencryptkey($res,$encrypt_to_key);
$mydate = gmdate("D, d M Y H:i:s \U\T\C",$date);
$outgoing_dir = $spooldir.'/'.$config_name.'/outgoing';
if(!is_dir($outgoing_dir)) {
mkdir($outgoing_dir, 0700, true);
}
$domain = $rslight_gpg['domain_name'];
$organization = $CONFIG['organization'];
$from = $rslight_gpg['from_email'];
$contact = $rslight_gpg['contact'];
$outgoing_file = tempnam($outgoing_dir, 'bbsmail-');
$start="@@BEGIN BBSMAIL HEADERS";
$begin="@@BEGIN BBSMAIL BODY";
$end="@@END BBSMAIL BODY";
$body='';
$body.="You may use this to import MAIL for $domain.\n\n";
$body.="This message was signed using the following key:\n";
$body.="$signing_key\n\n";
$body.="The GPG key needed to verify the signature of messages\n";
$body.="issued by $from is available at:\n";
$body.="$domain$key_location\n\n";
$body.="For information contact $contact.\n\n";
$body.=$start."\n";
$body.=' Version: '.$rslight_version."\n";
$body.=' From: '.$from."\n";
$hashtail = hash('crc32', $domain.$organization.$sender.$rslight_gpg['nntp_group']);
$thishash = hash('crc32', $message.$hashtail).hash('crc32', $signing_key);
$body.=" Notice-ID: ".$thishash."\n";
$body.=" Key: ".$signing_key."\n";
$body.=" Location: ".$domain.$key_location."\n";
$body.=" Domain: ".$domain."\n";
$body.=$begin."\n";
$body.=" Sender: ".$sender."\n";
$body.=" Recipient: ".$recipient."\n";
$body.=" Date: ".$mydate."\n";
$body.=" Subject: ".$subject."\n";
$body.=" Body: ".$message."\n";
$body.=$end."\n";
$header='';
$header.="From: $from\n";
$header.="Newsgroups: ".$rslight_gpg['nntp_group']."\n";
$header.="Subject: @@RSL BBSMAIL notice ".$thishash."\n";
$header.="Date: ".$mydate."\n";
$header.="Message-ID: <$thishash@$domain>\n";
$header.="Content-Type: text/plain; charset=utf-8; format=flowed\n";
$header.="Content-Transfer-Encoding: 8bit\n";
$header.="Organization: $organization\n\n";
$encrypted_text = gnupg_encryptsign($res, $body);
file_put_contents($outgoing_file, $header.$encrypted_text);
return true;
}
function retrieve_key($res, $domain) {
global $config_name, $logfile;
// Let's try to get the key
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." No KEY for posting. Trying to retrieve for ".$domain, FILE_APPEND);
$location = "http://".$domain.'/pubkey/server_pubkey.txt'; function send_external_mail($sender, $recipient, $date, $subject, $message)
$import = gnupg_import($res, file_get_contents($location)); {
if(isset($import['fingerprint'])) { global $rslight_gpg, $config_name, $spooldir, $rslight_version;
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." IMPORTED: ".$import['fingerprint'], FILE_APPEND); putenv("GNUPGHOME=" . $rslight_gpg['gnupghome']);
$res = gnupg_init();
// Verify that domain in IMPORTED KEY matches exactly: "Location" and "Domain" in MAILKEY message
// If it DOES NOT, then DELETE the new key immediately // Get target domain (then get key if necessary)
$keyinfo = gnupg_keyinfo($res, $import['fingerprint']); $info = preg_split('/@/', $recipient, 2);
$imported_domain = preg_replace('/rslight@/', '', $keyinfo[0]['uids'][0]['uid']); $target['domain'] = $info[1];
if(($imported_domain == $domain)) { if (gnupg_keyinfo($res, "rslight@" . $target['domain']) == false) { // We don't have the key
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Domain Match: ".$imported_domain, FILE_APPEND); $retrieve = retrieve_key($res, $target['domain']);
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." New PGP Key added for: ".$imported_domain." Domain: ".$imported_domain." Fingerprint: ".$import['fingerprint'], FILE_APPEND); if ($retrieve == false) { // We can't get the key
send_admin_message('admin', 'admin', 'New PGP Key added for: '.$imported_domain, 'Domain: '.$imported_domain."\nFingerprint: ".$import['fingerprint']."\n");
return true;
} else {
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Domain MIS-MATCH: ".$imported_domain." DELETING...", FILE_APPEND);
if(gnupg_deletekey($res, $import['fingerprint'])) {
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." SUCCESS Deleting ".$import['fingerprint'], FILE_APPEND);
} else {
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." WARNING!: FAILED to Delete ".$import['fingerprint'], FILE_APPEND);
}
return false;
}
} else {
file_put_contents($logfile, "\n".format_log_date()." ".$config_name." Failed to import key from ".$location, FILE_APPEND);
return false; return false;
} }
}
$cwd = getcwd();
$keydir = preg_replace('/spoolnews/', 'pubkey/', $cwd);
$key_location = "/pubkey/server_pubkey.txt";
$signing_key = trim(file_get_contents($keydir . '/server_fingerprint.txt'));
$fingerprint_clean = preg_replace('/\ /', '', $signing_key);
gnupg_addsignkey($res, $fingerprint_clean);
gnupg_adddecryptkey($res, $fingerprint_clean, '');
$keyinfo = gnupg_keyinfo($res, "rslight@" . $target['domain']);
$target['fingerprint'] = $keyinfo[0]['subkeys'][0]['fingerprint'];
$encrypt_to_key = $target['fingerprint'];
gnupg_addencryptkey($res, $encrypt_to_key);
$mydate = gmdate("D, d M Y H:i:s \U\T\C", $date);
$outgoing_dir = $spooldir . '/' . $config_name . '/outgoing';
if (! is_dir($outgoing_dir)) {
mkdir($outgoing_dir, 0700, true);
}
$domain = $rslight_gpg['domain_name'];
$organization = $CONFIG['organization'];
$from = $rslight_gpg['from_email'];
$contact = $rslight_gpg['contact'];
$outgoing_file = tempnam($outgoing_dir, 'bbsmail-');
$start = "@@BEGIN BBSMAIL HEADERS";
$begin = "@@BEGIN BBSMAIL BODY";
$end = "@@END BBSMAIL BODY";
$body = '';
$body .= "You may use this to import MAIL for $domain.\n\n";
$body .= "This message was signed using the following key:\n";
$body .= "$signing_key\n\n";
$body .= "The GPG key needed to verify the signature of messages\n";
$body .= "issued by $from is available at:\n";
$body .= "$domain$key_location\n\n";
$body .= "For information contact $contact.\n\n";
$body .= $start . "\n";
$body .= ' Version: ' . $rslight_version . "\n";
$body .= ' From: ' . $from . "\n";
$hashtail = hash('crc32', $domain . $organization . $sender . $rslight_gpg['nntp_group']);
$thishash = hash('crc32', $message . $hashtail) . hash('crc32', $signing_key);
$body .= " Notice-ID: " . $thishash . "\n";
$body .= " Key: " . $signing_key . "\n";
$body .= " Location: " . $domain . $key_location . "\n";
$body .= " Domain: " . $domain . "\n";
$body .= $begin . "\n";
$body .= " Sender: " . $sender . "\n";
$body .= " Recipient: " . $recipient . "\n";
$body .= " Date: " . $mydate . "\n";
$body .= " Subject: " . $subject . "\n";
$body .= " Body: " . $message . "\n";
$body .= $end . "\n";
$header = '';
$header .= "From: $from\n";
$header .= "Newsgroups: " . $rslight_gpg['nntp_group'] . "\n";
$header .= "Subject: @@RSL BBSMAIL notice " . $thishash . "\n";
$header .= "Date: " . $mydate . "\n";
$header .= "Message-ID: <$thishash@$domain>\n";
$header .= "Content-Type: text/plain; charset=utf-8; format=flowed\n";
$header .= "Content-Transfer-Encoding: 8bit\n";
$header .= "Organization: $organization\n\n";
$encrypted_text = gnupg_encryptsign($res, $body);
file_put_contents($outgoing_file, $header . $encrypted_text);
return true;
}
function retrieve_key($res, $domain)
{
global $config_name, $logfile;
// Let's try to get the key
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " No KEY for posting. Trying to retrieve for " . $domain, FILE_APPEND);
$location = "http://" . $domain . '/pubkey/server_pubkey.txt';
$import = gnupg_import($res, file_get_contents($location));
if (isset($import['fingerprint'])) {
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " IMPORTED: " . $import['fingerprint'], FILE_APPEND);
// Verify that domain in IMPORTED KEY matches exactly: "Location" and "Domain" in MAILKEY message
// If it DOES NOT, then DELETE the new key immediately
$keyinfo = gnupg_keyinfo($res, $import['fingerprint']);
$imported_domain = preg_replace('/rslight@/', '', $keyinfo[0]['uids'][0]['uid']);
if (($imported_domain == $domain)) {
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Domain Match: " . $imported_domain, FILE_APPEND);
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " New PGP Key added for: " . $imported_domain . " Domain: " . $imported_domain . " Fingerprint: " . $import['fingerprint'], FILE_APPEND);
send_admin_message('admin', 'admin', 'New PGP Key added for: ' . $imported_domain, 'Domain: ' . $imported_domain . "\nFingerprint: " . $import['fingerprint'] . "\n");
return true;
} else {
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Domain MIS-MATCH: " . $imported_domain . " DELETING...", FILE_APPEND);
if (gnupg_deletekey($res, $import['fingerprint'])) {
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " SUCCESS Deleting " . $import['fingerprint'], FILE_APPEND);
} else {
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " WARNING!: FAILED to Delete " . $import['fingerprint'], FILE_APPEND);
}
return false;
}
} else {
file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " Failed to import key from " . $location, FILE_APPEND);
return false; return false;
} }
return false;
}

150
Rocksolid_Light/spoolnews/upload.php
View File

@ -2,111 +2,111 @@
include "config.inc.php"; include "config.inc.php";
include "newsportal.php"; include "newsportal.php";
$logfile=$logdir.'/files.log'; $logfile = $logdir . '/files.log';
$keyfile = $spooldir.'/keys.dat'; $keyfile = $spooldir . '/keys.dat';
$keys = unserialize(file_get_contents($keyfile)); $keys = unserialize(file_get_contents($keyfile));
$name = ''; $name = '';
$logged_in = false; $logged_in = false;
if(!isset($_POST['username'])) { if (! isset($_POST['username'])) {
$_POST['username'] = $_COOKIE['mail_name']; $_POST['username'] = $_COOKIE['mail_name'];
} }
$name = $_POST['username']; $name = $_POST['username'];
if(!isset($_POST['password'])) { if (! isset($_POST['password'])) {
$_POST['password'] = null; $_POST['password'] = null;
} }
if(!isset($_COOKIE['mail_auth'])) { if (! isset($_COOKIE['mail_auth'])) {
$_COOKIE['mail_auth'] = null; $_COOKIE['mail_auth'] = null;
} }
if((password_verify($_POST['username'].$keys[0].get_user_config($_POST['username'],'encryptionkey'), $_COOKIE['mail_auth'])) || (password_verify($_POST['username'].$keys[1].get_user_config($_POST['username'],'encryptionkey'), $_COOKIE['mail_auth']))) { if ((password_verify($_POST['username'] . $keys[0] . get_user_config($_POST['username'], 'encryptionkey'), $_COOKIE['mail_auth'])) || (password_verify($_POST['username'] . $keys[1] . get_user_config($_POST['username'], 'encryptionkey'), $_COOKIE['mail_auth']))) {
$logged_in = true; $logged_in = true;
} }
$title.=' - Upload file'; $title .= ' - Upload file';
include "head.inc"; include "head.inc";
echo '<h1 class="np_thread_headline">'; echo '<h1 class="np_thread_headline">';
echo '<a href="../spoolnews/files.php" target='.$frame['menu'].'>files</a> / '; echo '<a href="../spoolnews/files.php" target=' . $frame['menu'] . '>files</a> / ';
echo htmlspecialchars($_COOKIE['mail_name']).'</h1>'; echo htmlspecialchars($_COOKIE['mail_name']) . '</h1>';
echo '<table cellpadding="0" cellspacing="0" class="np_buttonbar"><tr>'; echo '<table cellpadding="0" cellspacing="0" class="np_buttonbar"><tr>';
echo '<table cellpadding="0" cellspacing="0" class="np_buttonbar"><tr>'; echo '<table cellpadding="0" cellspacing="0" class="np_buttonbar"><tr>';
// Browse button // Browse button
echo '<td>'; echo '<td>';
echo '<form target="'.$frame['content'].'" method="post" action="files.php">'; echo '<form target="' . $frame['content'] . '" method="post" action="files.php">';
echo '<input name="command" type="hidden" id="command" value="Browse" readonly="readonly">'; echo '<input name="command" type="hidden" id="command" value="Browse" readonly="readonly">';
echo '<button class="np_button_link" type="submit">Browse</button>'; echo '<button class="np_button_link" type="submit">Browse</button>';
echo '</form>'; echo '</form>';
echo '</td>'; echo '</td>';
// Upload button // Upload button
echo '<td>'; echo '<td>';
echo '<form target="'.$frame['content'].'" method="post" action="upload.php">'; echo '<form target="' . $frame['content'] . '" method="post" action="upload.php">';
echo '<input name="command" type="hidden" id="command" value="Upload" readonly="readonly">'; echo '<input name="command" type="hidden" id="command" value="Upload" readonly="readonly">';
echo '<button class="np_button_link" type="submit">Upload</button>'; echo '<button class="np_button_link" type="submit">Upload</button>';
echo '</form>'; echo '</form>';
echo '</td>'; echo '</td>';
echo '<td width=100%></td></tr></table>'; echo '<td width=100%></td></tr></table>';
echo '<hr>'; echo '<hr>';
if(isset($_FILES['photo'])) { if (isset($_FILES['photo'])) {
$_FILES['photo']['name'] = preg_replace('/[^a-zA-Z0-9\.]/', '_', $_FILES['photo']['name']); $_FILES['photo']['name'] = preg_replace('/[^a-zA-Z0-9\.]/', '_', $_FILES['photo']['name']);
// Check auth here // Check auth here
if(isset($_POST['key']) && password_verify($CONFIG['thissitekey'].$_POST['username'], $_POST['key'])) { if (isset($_POST['key']) && password_verify($CONFIG['thissitekey'] . $_POST['username'], $_POST['key'])) {
if(check_bbs_auth($_POST['username'], $_POST['password'])) { if (check_bbs_auth($_POST['username'], $_POST['password'])) {
$userdir = $spooldir.'/upload/'.strtolower($_POST['username']); $userdir = $spooldir . '/upload/' . strtolower($_POST['username']);
$upload_to = $userdir.'/'.$_FILES['photo']['name']; $upload_to = $userdir . '/' . $_FILES['photo']['name'];
if(is_file($upload_to)) { if (is_file($upload_to)) {
echo $_FILES['photo']['name'].' already exists in your folder'; echo $_FILES['photo']['name'] . ' already exists in your folder';
} else { } else {
if(!is_dir($userdir)) { if (! is_dir($userdir)) {
mkdir($userdir); mkdir($userdir);
} }
$success = move_uploaded_file($_FILES['photo']['tmp_name'], $upload_to); $success = move_uploaded_file($_FILES['photo']['tmp_name'], $upload_to);
if ($success) { if ($success) {
file_put_contents($logfile, "\n".format_log_date()." Saved: ".strtolower($_POST['username'])."/".$_FILES['photo']['name'], FILE_APPEND); file_put_contents($logfile, "\n" . format_log_date() . " Saved: " . strtolower($_POST['username']) . "/" . $_FILES['photo']['name'], FILE_APPEND);
echo 'Saved '.$_FILES['photo']['name'].' to your files folder'; echo 'Saved ' . $_FILES['photo']['name'] . ' to your files folder';
} else { } else {
echo 'There was an error saving '.$_FILES['photo']['name']; echo 'There was an error saving ' . $_FILES['photo']['name'];
} }
} }
?> ?>
<script type="text/javascript"> <script type="text/javascript">
if (navigator.cookieEnabled) if (navigator.cookieEnabled)
var savename = "<?php echo stripslashes($name); ?>"; var savename = "<?php echo stripslashes($name); ?>";
document.cookie = "mail_name="+savename+"; path=/"; document.cookie = "mail_name="+savename+"; path=/";
</script> </script>
<?php <?php
} else { } else {
echo 'Authentication Failed'; echo 'Authentication Failed';
} }
echo '<br /><br />'; echo '<br /><br />';
} }
} }
echo '<table border="0" align="center" cellpadding="0" cellspacing="1">'; echo '<table border="0" align="center" cellpadding="0" cellspacing="1">';
echo '<form name="form1" method="post" action="user.php" enctype="multipart/form-data">'; echo '<form name="form1" method="post" action="user.php" enctype="multipart/form-data">';
//echo '<form name="form1" method="post" action="upload.php" enctype="multipart/form-data">'; // echo '<form name="form1" method="post" action="upload.php" enctype="multipart/form-data">';
if(!isset($_POST['username'])) { if (! isset($_POST['username'])) {
$_POST['username'] = ''; $_POST['username'] = '';
} }
if(!isset($_POST['password'])) { if (! isset($_POST['password'])) {
$_POST['password'] = ''; $_POST['password'] = '';
} }
if(!$logged_in && !check_bbs_auth($_POST['username'], $_POST['password'])) { if (! $logged_in && ! check_bbs_auth($_POST['username'], $_POST['password'])) {
echo '<tr><td><strong>Please Login to Upload<br /></strong></td></tr>'; echo '<tr><td><strong>Please Login to Upload<br /></strong></td></tr>';
echo '<tr><td>Username:</td><td><input name="username" type="text" id="username" value="'.$name.'"></td></tr>'; echo '<tr><td>Username:</td><td><input name="username" type="text" id="username" value="' . $name . '"></td></tr>';
echo '<tr><td>Password:</td><td><input name="password" type="password" id="password"></td></tr>'; echo '<tr><td>Password:</td><td><input name="password" type="password" id="password"></td></tr>';
echo '<td><input name="command" type="hidden" id="command" value="Upload" readonly="readonly"></td>'; echo '<td><input name="command" type="hidden" id="command" value="Upload" readonly="readonly"></td>';
echo '<td><input type="submit" name="Submit" value="Login"></td>'; echo '<td><input type="submit" name="Submit" value="Login"></td>';
} else { } else {
echo '<tr><td><strong>Logged in as '.$_POST['username'].'<br />(max size=2MB)</strong></td></tr>'; echo '<tr><td><strong>Logged in as ' . $_POST['username'] . '<br />(max size=2MB)</strong></td></tr>';
echo '<td><input name="command" type="hidden" id="command" value="Upload" readonly="readonly"></td>'; echo '<td><input name="command" type="hidden" id="command" value="Upload" readonly="readonly"></td>';
echo '<input type="hidden" name="key" value="'.password_hash($CONFIG['thissitekey'].$name, PASSWORD_DEFAULT).'">'; echo '<input type="hidden" name="key" value="' . password_hash($CONFIG['thissitekey'] . $name, PASSWORD_DEFAULT) . '">';
echo '<input type="hidden" name="username" value="'.$_POST['username'].'">'; echo '<input type="hidden" name="username" value="' . $_POST['username'] . '">';
echo '<input type="hidden" name="password" value="'.$_POST['password'].'">'; echo '<input type="hidden" name="password" value="' . $_POST['password'] . '">';
echo '<tr><td><input type="file" name="photo" id="fileSelect" value="fileSelect" accept="image/*,audio/*,text/*,application/*"></td> echo '<tr><td><input type="file" name="photo" id="fileSelect" value="fileSelect" accept="image/*,audio/*,text/*,application/*"></td>
'; ';
echo '<td>&nbsp;<input type="submit" name="Submit" value="Upload"></td>'; echo '<td>&nbsp;<input type="submit" name="Submit" value="Upload"></td>';
} }
echo '</tr>'; echo '</tr>';
echo '</form>'; echo '</form>';

450
Rocksolid_Light/spoolnews/user.php
View File

@ -4,62 +4,62 @@ session_start();
include "config.inc.php"; include "config.inc.php";
include "newsportal.php"; include "newsportal.php";
if(isset($_COOKIE['tzo'])) { if (isset($_COOKIE['tzo'])) {
$offset=$_COOKIE['tzo']; $offset = $_COOKIE['tzo'];
} else { } else {
$offset=$CONFIG['timezone']; $offset = $CONFIG['timezone'];
}
if(!isset($_POST['command'])) {
$_POST['command'] = null;
}
$keyfile = $spooldir.'/keys.dat';
$keys = unserialize(file_get_contents($keyfile));
if($_POST['command'] == 'Logout') {
unset($_COOKIE['mail_name']);
setcookie('mail_name', null, -1, '/');
unset($_COOKIE['mail_auth']);
setcookie('mail_auth', null, -1, '/');
unset($_COOKIE['cookie_name']);
setcookie('cookie_name', null, -1, '/');
unset($_COOKIE['pkey']);
setcookie('pkey', null, -1, '/');
unset($_SESSION['theme']);
unset($_POST['username']);
include "head.inc";
echo "<center>";
echo "<hr><p>You have been logged out</p>";
echo '</center>';
echo '<br />';
include "tail.inc";
exit(0);
} }
$title.=' - User Configuration'; if (! isset($_POST['command'])) {
$_POST['command'] = null;
}
$keyfile = $spooldir . '/keys.dat';
$keys = unserialize(file_get_contents($keyfile));
if ($_POST['command'] == 'Logout') {
unset($_COOKIE['mail_name']);
setcookie('mail_name', null, - 1, '/');
unset($_COOKIE['mail_auth']);
setcookie('mail_auth', null, - 1, '/');
unset($_COOKIE['cookie_name']);
setcookie('cookie_name', null, - 1, '/');
unset($_COOKIE['pkey']);
setcookie('pkey', null, - 1, '/');
unset($_SESSION['theme']);
unset($_POST['username']);
include "head.inc";
echo "<center>";
echo "<hr><p>You have been logged out</p>";
echo '</center>';
echo '<br />';
include "tail.inc";
exit(0);
}
$title .= ' - User Configuration';
include "head.inc"; include "head.inc";
// How long should cookie allow user to stay logged in? // How long should cookie allow user to stay logged in?
// 14400 = 4 hours // 14400 = 4 hours
$auth_expire = 14400; $auth_expire = 14400;
$logged_in = false; $logged_in = false;
if(!isset($_POST['username'])) { if (! isset($_POST['username'])) {
$_POST['username'] = $_COOKIE['mail_name']; $_POST['username'] = $_COOKIE['mail_name'];
} }
$name = $_POST['username']; $name = $_POST['username'];
if(!isset($_POST['password'])) { if (! isset($_POST['password'])) {
$_POST['password'] = null; $_POST['password'] = null;
} }
if(!isset($_COOKIE['mail_auth'])) { if (! isset($_COOKIE['mail_auth'])) {
$_COOKIE['mail_auth'] = null; $_COOKIE['mail_auth'] = null;
} }
if(((get_user_mail_auth_data($_COOKIE['mail_name'])) && password_verify($_POST['username'].$keys[0].get_user_config($_POST['username'],'encryptionkey'), $_COOKIE['mail_auth'])) || (password_verify($_POST['username'].$keys[1].get_user_config($_POST['username'],'encryptionkey'), $_COOKIE['mail_auth']))) { if (((get_user_mail_auth_data($_COOKIE['mail_name'])) && password_verify($_POST['username'] . $keys[0] . get_user_config($_POST['username'], 'encryptionkey'), $_COOKIE['mail_auth'])) || (password_verify($_POST['username'] . $keys[1] . get_user_config($_POST['username'], 'encryptionkey'), $_COOKIE['mail_auth']))) {
$logged_in = true; $logged_in = true;
} else { } else {
if(check_bbs_auth($_POST['username'], $_POST['password'])) { if (check_bbs_auth($_POST['username'], $_POST['password'])) {
$authkey = password_hash($_POST['username'].$keys[0].get_user_config($_POST['username'],'encryptionkey'), PASSWORD_DEFAULT); $authkey = password_hash($_POST['username'] . $keys[0] . get_user_config($_POST['username'], 'encryptionkey'), PASSWORD_DEFAULT);
$pkey = hash('crc32', get_user_config($_POST['username'],'encryptionkey')); $pkey = hash('crc32', get_user_config($_POST['username'], 'encryptionkey'));
set_user_config(strtolower($_POST['username']), "pkey", $pkey); set_user_config(strtolower($_POST['username']), "pkey", $pkey);
?> ?>
<script type="text/javascript"> <script type="text/javascript">
if (navigator.cookieEnabled) if (navigator.cookieEnabled)
var authcookie = "<?php echo $authkey; ?>"; var authcookie = "<?php echo $authkey; ?>";
var savename = "<?php echo stripslashes($name); ?>"; var savename = "<?php echo stripslashes($name); ?>";
@ -71,199 +71,197 @@ include "head.inc";
document.cookie = "pkey="+pkey+"; max-age="+name_expire+"; path=/"; document.cookie = "pkey="+pkey+"; max-age="+name_expire+"; path=/";
</script> </script>
<?php <?php
$logged_in = true; $logged_in = true;
} else {
echo 'Login failed.';
} }
else }
{ if (isset($_POST['command']) && $_POST['command'] == 'Configuration') {
echo 'Login failed.';
}
}
if(isset($_POST['command']) && $_POST['command'] == 'Configuration') {
echo '<h1 class="np_thread_headline">'; echo '<h1 class="np_thread_headline">';
echo '<a href="user.php" target='.$frame['menu'].'>Configuration</a> / '; echo '<a href="user.php" target=' . $frame['menu'] . '>Configuration</a> / ';
echo htmlspecialchars($_POST['username']).'</h1>'; echo htmlspecialchars($_POST['username']) . '</h1>';
} else { } else {
echo '<h1 class="np_thread_headline">'; echo '<h1 class="np_thread_headline">';
echo '<a href="user.php" target='.$frame['menu'].'>user login</a> / '; echo '<a href="user.php" target=' . $frame['menu'] . '>user login</a> / ';
echo htmlspecialchars($_POST['username']).'</h1>'; echo htmlspecialchars($_POST['username']) . '</h1>';
} }
echo '<table cellpadding="0" cellspacing="0" class="np_buttonbar"><tr>'; echo '<table cellpadding="0" cellspacing="0" class="np_buttonbar"><tr>';
// Mail button // Mail button
if($logged_in == true) { if ($logged_in == true) {
echo '<td>'; echo '<td>';
echo '<form target="'.$frame['content'].'" method="post" action="mail.php">'; echo '<form target="' . $frame['content'] . '" method="post" action="mail.php">';
echo '<input name="command" type="hidden" id="command" value="Mail" readonly="readonly">'; echo '<input name="command" type="hidden" id="command" value="Mail" readonly="readonly">';
echo "<input type='hidden' name='username' value='".$_POST['username']."' />"; echo "<input type='hidden' name='username' value='" . $_POST['username'] . "' />";
echo '<button class="np_button_link" type="submit">Mail</button>'; echo '<button class="np_button_link" type="submit">Mail</button>';
echo '</form>'; echo '</form>';
echo '</td>'; echo '</td>';
// Files button // Files button
echo '<td>'; echo '<td>';
echo '<form target="'.$frame['content'].'" method="post" action="files.php">'; echo '<form target="' . $frame['content'] . '" method="post" action="files.php">';
echo '<input name="command" type="hidden" id="command" value="Files" readonly="readonly">'; echo '<input name="command" type="hidden" id="command" value="Files" readonly="readonly">';
echo "<input type='hidden' name='username' value='".$_POST['username']."' />"; echo "<input type='hidden' name='username' value='" . $_POST['username'] . "' />";
echo '<button class="np_button_link" type="submit">Files</button>'; echo '<button class="np_button_link" type="submit">Files</button>';
echo '</form>'; echo '</form>';
echo '</td>'; echo '</td>';
// Configuration button // Configuration button
echo '<td>'; echo '<td>';
echo '<form target="'.$frame['content'].'" method="post" action="user.php">'; echo '<form target="' . $frame['content'] . '" method="post" action="user.php">';
echo '<input name="command" type="hidden" id="command" value="Configuration" readonly="readonly">'; echo '<input name="command" type="hidden" id="command" value="Configuration" readonly="readonly">';
echo "<input type='hidden' name='username' value='".$_POST['username']."' />"; echo "<input type='hidden' name='username' value='" . $_POST['username'] . "' />";
echo '<button class="np_button_link" type="submit">Configuration</button>'; echo '<button class="np_button_link" type="submit">Configuration</button>';
echo '</form>'; echo '</form>';
echo '</td>'; echo '</td>';
// Logout button // Logout button
echo '<td>'; echo '<td>';
echo '<form target="'.$frame['content'].'" method="post" action="user.php">'; echo '<form target="' . $frame['content'] . '" method="post" action="user.php">';
echo '<input name="command" type="hidden" id="command" value="Logout" readonly="readonly">'; echo '<input name="command" type="hidden" id="command" value="Logout" readonly="readonly">';
echo "<input type='hidden' name='username' value='".$_POST['username']."' />"; echo "<input type='hidden' name='username' value='" . $_POST['username'] . "' />";
echo '<button class="np_button_link" type="submit">Logout</button>'; echo '<button class="np_button_link" type="submit">Logout</button>';
echo '</form>'; echo '</form>';
echo '</td>'; echo '</td>';
}
echo '<td width=100%></td></tr></table>';
if(isset($_POST['username'])) {
$name = $_POST['username'];
// Save name in cookie
if ($setcookies==true) {
setcookie("mail_name",stripslashes($name),time()+(3600*24*90));
}
} else {
if ($setcookies) {
if ((isset($_COOKIE["mail_name"])) && (!isset($name))) {
$name=$_COOKIE["mail_name"];
} else {
$name = '';
}
}
} }
if($logged_in !== true) { echo '<td width=100%></td></tr></table>';
echo '<table border="0" align="center" cellpadding="0" cellspacing="1">';
echo '<form name="form1" method="post" action="user.php" enctype="multipart/form-data">';
echo '<tr><td><strong>Please Login<br /></strong></td></tr>';
echo '<tr><td>Username:</td><td><input name="username" type="text" id="username" value="'.$name.'"></td></tr>';
echo '<tr><td>Password:</td><td><input name="password" type="password" id="password"></td></tr>';
echo '<td><input name="command" type="hidden" id="command" value="Login" readonly="readonly"></td>';
echo '<input type="hidden" name="key" value="'.password_hash($CONFIG['thissitekey'].$name, PASSWORD_DEFAULT).'">';
echo '<td>&nbsp;</td>';
echo '<td><input type="submit" name="Submit" value="Login"></td>';
echo '</tr>';
echo '</form>';
echo '</table>';
exit(0);
}
$user = strtolower($_POST['username']); if (isset($_POST['username'])) {
$_SESSION['username'] = $user; $name = $_POST['username'];
unset($user_config); // Save name in cookie
$userfile=$spooldir.'/'.$user.'-articleviews.dat'; if ($setcookies == true) {
if(is_file($userfile)) { setcookie("mail_name", stripslashes($name), time() + (3600 * 24 * 90));
$userdata = unserialize(file_get_contents($userfile));
}
// Show Logged-In Message
if($_POST['command'] != 'Configuration' && $_POST['command'] != 'SaveConfig') {
echo "<center>";
echo "<hr><p>You are logged in as ".$_POST['username']."</p>";
echo '</center>';
}
// Apply Config
if(isset($_POST['command']) && $_POST['command'] == 'SaveConfig') {
$user_config['signature'] = $_POST['signature'];
$user_config['xface'] = $_POST['xface'];
$user_config['timezone'] = $_POST['timezone'];
$user_config['theme'] = $_POST['listbox'];
file_put_contents($config_dir.'/userconfig/'.$user.'.config', serialize($user_config));
$_SESSION['theme'] = $user_config['theme'];
$mysubs = explode("\n", $_POST['subscribed']);
foreach($mysubs as $sub) {
if(trim($sub) == '') {
continue;
}
$sub = trim($sub);
if(!isset($userdata[$sub])) {
$userdata[$sub] = 0;
}
$newsubs[$sub] = $userdata[$sub];
}
file_put_contents($spooldir.'/'.$user.'-articleviews.dat', serialize($newsubs));
$userdata = unserialize(file_get_contents($userfile));
if($userdata) {
ksort($userdata);
} }
echo 'Configuration Saved for '.$_POST['username']; } else {
} else { if ($setcookies) {
$user_config = unserialize(file_get_contents($config_dir.'/userconfig/'.$user.'.config')); if ((isset($_COOKIE["mail_name"])) && (! isset($name))) {
} $name = $_COOKIE["mail_name"];
// Get themes } else {
$themedir = $rootdir.'/common/themes'; $name = '';
if(is_dir($themedir)) {
if($theme_list = opendir($themedir)) {
while(($theme_dir = readdir($theme_list)) !== false) {
if($theme_dir == '.' || $theme_dir == '..') {
continue;
} }
$themes[] = $theme_dir;
}
closedir($theme_list);
} }
} }
sort($themes); if ($logged_in !== true) {
if(isset($_POST['command']) && $_POST['command'] == 'Configuration') { echo '<table border="0" align="center" cellpadding="0" cellspacing="1">';
// Show Config echo '<form name="form1" method="post" action="user.php" enctype="multipart/form-data">';
echo '<tr><td><strong>Please Login<br /></strong></td></tr>';
echo '<tr><td>Username:</td><td><input name="username" type="text" id="username" value="' . $name . '"></td></tr>';
echo '<tr><td>Password:</td><td><input name="password" type="password" id="password"></td></tr>';
echo '<td><input name="command" type="hidden" id="command" value="Login" readonly="readonly"></td>';
echo '<input type="hidden" name="key" value="' . password_hash($CONFIG['thissitekey'] . $name, PASSWORD_DEFAULT) . '">';
echo '<td>&nbsp;</td>';
echo '<td><input type="submit" name="Submit" value="Login"></td>';
echo '</tr>';
echo '</form>';
echo '</table>';
exit(0);
}
$user = strtolower($_POST['username']);
$_SESSION['username'] = $user;
unset($user_config);
$userfile = $spooldir . '/' . $user . '-articleviews.dat';
if (is_file($userfile)) {
$userdata = unserialize(file_get_contents($userfile));
}
// Show Logged-In Message
if ($_POST['command'] != 'Configuration' && $_POST['command'] != 'SaveConfig') {
echo "<center>";
echo "<hr><p>You are logged in as " . $_POST['username'] . "</p>";
echo '</center>';
}
// Apply Config
if (isset($_POST['command']) && $_POST['command'] == 'SaveConfig') {
$user_config['signature'] = $_POST['signature'];
$user_config['xface'] = $_POST['xface'];
$user_config['timezone'] = $_POST['timezone'];
$user_config['theme'] = $_POST['listbox'];
file_put_contents($config_dir . '/userconfig/' . $user . '.config', serialize($user_config));
$_SESSION['theme'] = $user_config['theme'];
$mysubs = explode("\n", $_POST['subscribed']);
foreach ($mysubs as $sub) {
if (trim($sub) == '') {
continue;
}
$sub = trim($sub);
if (! isset($userdata[$sub])) {
$userdata[$sub] = 0;
}
$newsubs[$sub] = $userdata[$sub];
}
file_put_contents($spooldir . '/' . $user . '-articleviews.dat', serialize($newsubs));
$userdata = unserialize(file_get_contents($userfile));
if ($userdata) {
ksort($userdata);
}
echo 'Configuration Saved for ' . $_POST['username'];
} else {
$user_config = unserialize(file_get_contents($config_dir . '/userconfig/' . $user . '.config'));
}
// Get themes
$themedir = $rootdir . '/common/themes';
if (is_dir($themedir)) {
if ($theme_list = opendir($themedir)) {
while (($theme_dir = readdir($theme_list)) !== false) {
if ($theme_dir == '.' || $theme_dir == '..') {
continue;
}
$themes[] = $theme_dir;
}
closedir($theme_list);
}
}
sort($themes);
if (isset($_POST['command']) && $_POST['command'] == 'Configuration') {
// Show Config
echo '<hr><h1 class="np_thread_headline">Configuration:</h1>'; echo '<hr><h1 class="np_thread_headline">Configuration:</h1>';
echo '<table cellspacing="0" width="100%" class="np_results_table">'; echo '<table cellspacing="0" width="100%" class="np_results_table">';
echo '<tr class="np_thread_head"><td class="np_thread_head">Settings for '.$_POST['username'].' (leave blank for none):</td></tr>'; echo '<tr class="np_thread_head"><td class="np_thread_head">Settings for ' . $_POST['username'] . ' (leave blank for none):</td></tr>';
echo '<form method="post" action="user.php">'; echo '<form method="post" action="user.php">';
echo '<tr class="np_result_line1">'; echo '<tr class="np_result_line1">';
// Signature // Signature
echo '<td class="np_result_line1" style="word-wrap:break-word";>Signature:</td>'; echo '<td class="np_result_line1" style="word-wrap:break-word";>Signature:</td>';
echo '</tr><tr><td class="np_result_line1" style="word-wrap:break-word";><textarea class="configuration" id="signature" name="signature" rows="6" cols="70">'.$user_config['signature']; echo '</tr><tr><td class="np_result_line1" style="word-wrap:break-word";><textarea class="configuration" id="signature" name="signature" rows="6" cols="70">' . $user_config['signature'];
echo '</textarea></td>'; echo '</textarea></td>';
echo '</tr>'; echo '</tr>';
// X-Face // X-Face
echo '<td class="np_result_line1" style="word-wrap:break-word";>X-Face:</td>'; echo '<td class="np_result_line1" style="word-wrap:break-word";>X-Face:</td>';
echo '</tr><tr><td class="np_result_line1" style="word-wrap:break-word";><textarea class="configuration" id="xface" name="xface" rows="4" cols="80">'.$user_config['xface']; echo '</tr><tr><td class="np_result_line1" style="word-wrap:break-word";><textarea class="configuration" id="xface" name="xface" rows="4" cols="80">' . $user_config['xface'];
echo '</textarea></td>'; echo '</textarea></td>';
echo '</tr>'; echo '</tr>';
// Theme // Theme
echo '<td class="np_result_line1" style="word-wrap:break-word";>Theme: ('.$user_config['theme'].')</td>'; echo '<td class="np_result_line1" style="word-wrap:break-word";>Theme: (' . $user_config['theme'] . ')</td>';
echo '</tr><tr><td class="np_result_line1" style="word-wrap:break-word">'; echo '</tr><tr><td class="np_result_line1" style="word-wrap:break-word">';
echo '<select name="listbox" class="theme_listbox" size="10">'; echo '<select name="listbox" class="theme_listbox" size="10">';
foreach ($themes as $theme) { foreach ($themes as $theme) {
if($theme == $user_config['theme']) { if ($theme == $user_config['theme']) {
echo '<option value="'.$theme.'" selected="selected">'.$theme.'</option>'; echo '<option value="' . $theme . '" selected="selected">' . $theme . '</option>';
} else { } else {
echo '<option value="'.$theme.'">'.$theme.'</option>'; echo '<option value="' . $theme . '">' . $theme . '</option>';
}
}
echo '</select>';
echo '</td>';
echo '</tr>';
// Subscriptions
echo '<td class="np_result_line1" style="word-wrap:break-word";>Subscribed:</td>';
echo '</tr><tr><td class="np_result_line1" style="word-wrap:break-word";><textarea class="configuration" id="subscribed" name="subscribed" rows="10" cols="40">';
foreach($userdata as $key => $value) {
echo $key."\n";
} }
echo '</textarea></td>'; }
echo '</tr>'; echo '</select>';
/* echo '</td>';
// Timezone echo '</tr>';
echo '<td class="np_result_line1" style="word-wrap:break-word";>Timezone offset (+/- hours from UTC):</td>'; // Subscriptions
echo '</tr><tr><td class="np_result_line1" style="word-wrap:break-word";><input type="text" name="timezone" value="'.$user_config[timezone].'"></td>'; echo '<td class="np_result_line1" style="word-wrap:break-word";>Subscribed:</td>';
echo '</tr>'; echo '</tr><tr><td class="np_result_line1" style="word-wrap:break-word";><textarea class="configuration" id="subscribed" name="subscribed" rows="10" cols="40">';
*/ foreach ($userdata as $key => $value) {
echo '<td class="np_result_line2" style="word-wrap:break-word";>'; echo $key . "\n";
echo '<button class="np_button_link" type="submit">Save Configuration</button>'; }
echo '<a href="'.$_SERVER['PHP_SELF'].'">Cancel</a>'; echo '</textarea></td>';
echo '</td></tr>'; echo '</tr>';
echo '<input name="command" type="hidden" id="command" value="SaveConfig" readonly="readonly">'; /*
* // Timezone
* echo '<td class="np_result_line1" style="word-wrap:break-word";>Timezone offset (+/- hours from UTC):</td>';
* echo '</tr><tr><td class="np_result_line1" style="word-wrap:break-word";><input type="text" name="timezone" value="'.$user_config[timezone].'"></td>';
* echo '</tr>';
*/
echo '<td class="np_result_line2" style="word-wrap:break-word";>';
echo '<button class="np_button_link" type="submit">Save Configuration</button>';
echo '<a href="' . $_SERVER['PHP_SELF'] . '">Cancel</a>';
echo '</td></tr>';
echo '<input name="command" type="hidden" id="command" value="SaveConfig" readonly="readonly">';
echo '</form>'; echo '</form>';
echo '</tbody></table><br />'; echo '</tbody></table><br />';
} else { } else {
echo '<br />'; echo '<br />';
} }
include "tail.inc"; include "tail.inc";
?> ?>