From 271ca2ead36a3ff73aa386e09b5d18bc96cd6317 Mon Sep 17 00:00:00 2001
From: tomo <tomo@dialup.cafe>
Date: Sat, 1 Jul 2023 20:58:47 -0600
Subject: [PATCH] * upload.php now checks for user login instead of prompting
 for a login

---
 Rocksolid_Light/spoolnews/upload.php | 43 ++++++++++++++++++++--------
 1 file changed, 31 insertions(+), 12 deletions(-)

diff --git a/Rocksolid_Light/spoolnews/upload.php b/Rocksolid_Light/spoolnews/upload.php
index eac5559..553dfe0 100644
--- a/Rocksolid_Light/spoolnews/upload.php
+++ b/Rocksolid_Light/spoolnews/upload.php
@@ -1,4 +1,6 @@
 <?php
+session_start();
+
 include "config.inc.php";
 include "newsportal.php";
 
@@ -38,11 +40,26 @@ include "head.inc";
     echo '<td width=100%></td></tr></table>';
     echo '<hr>';
 
-if(isset($_FILES['photo'])) {
-   $_FILES['photo']['name'] = preg_replace('/[^a-zA-Z0-9\.]/', '_', $_FILES['photo']['name']);
 // Check auth here
-    if(isset($_POST['key']) && password_verify($CONFIG['thissitekey'].$_POST['username'], $_POST['key'])) {
-      if(check_bbs_auth($_POST['username'], $_POST['password'])) {
+
+  # this include checks if the user has already logged in
+  $keyfile = $spooldir.'/keys.dat';
+  $keys = unserialize(file_get_contents($keyfile));
+
+  $auth_expire = 14400;
+  $logged_in = false;
+  if(!isset($_POST['username'])) {
+    $_POST['username'] = $_COOKIE['mail_name'];
+  }
+  $name = $_POST['username'];
+  if(!isset($_POST['password'])) {
+      $_POST['password'] = null;
+  }
+  if(!isset($_COOKIE['mail_auth'])) {
+      $_COOKIE['mail_auth'] = null;
+  }
+  if(isset($_FILES['photo'])) {
+     $_FILES['photo']['name'] = preg_replace('/[^a-zA-Z0-9\.]/', '_', $_FILES['photo']['name']);
 	$userdir = $spooldir.'/upload/'.strtolower($_POST['username']);
 	$upload_to = $userdir.'/'.$_FILES['photo']['name'];
 	if(is_file($upload_to)) {
@@ -66,13 +83,14 @@ if(isset($_FILES['photo'])) {
          document.cookie = "files_name="+savename+"; path=/";
       </script>
 <?php
-      } else {
-	echo 'Authentication Failed';
-      }
-    echo '<br /><br />';
-    }
 }
 
+  if ((password_verify($_POST['username'].$keys[0].get_user_config($_POST['username'],'encryptionkey'), $_COOKIE['mail_auth'])) || (password_verify($_POST['username'].$keys[1].get_user_config($_POST['username'],'encryptionkey'), $_COOKIE['mail_auth']))) {
+    $logged_in = true;
+    } else {
+	echo 'Authentication Failed';
+    echo '<br /><br />';
+}
   echo '<table border="0" align="center" cellpadding="0" cellspacing="1">';
   echo '<form name="form1" method="post" action="upload.php" enctype="multipart/form-data">';
 
@@ -82,7 +100,9 @@ if(isset($_FILES['photo'])) {
   if(!isset($_POST['password'])) {
       $_POST['password'] = '';
   }
-if(!check_bbs_auth($_POST['username'], $_POST['password'])) {  
+
+#if (!check_bbs_auth($_POST['username'], $_POST['password'])) {
+if (!$logged_in) {
   echo '<tr><td><strong>Please Login to Upload<br /></strong></td></tr>';
   echo '<tr><td>Username:</td><td><input name="username" type="text" id="username" value="'.$name.'"></td></tr>';
   echo '<tr><td>Password:</td><td><input name="password" type="password" id="password"></td></tr>';
@@ -94,8 +114,7 @@ if(!check_bbs_auth($_POST['username'], $_POST['password'])) {
   echo '<input type="hidden" name="key" value="'.password_hash($CONFIG['thissitekey'].$name, PASSWORD_DEFAULT).'">';
   echo '<input type="hidden" name="username" value="'.$_POST['username'].'">';
   echo '<input type="hidden" name="password" value="'.$_POST['password'].'">';
-  echo '<tr><td><input type="file" name="photo" id="fileSelect" value="fileSelect" accept="image/*,audio/*,text/*,application/*"></td>
-';
+  echo '<tr><td><input type="file" name="photo" id="fileSelect" value="fileSelect" accept="image/*,audio/*,text/*,application/*"></td>';
   echo '<td>&nbsp;<input type="submit" name="Submit" value="Upload"></td>';
 }
 echo '</tr>';