novabbs
/
rocksolid-light
2
0
Fork 1
Code Issues 14 Pull Requests Releases Wiki Activity

Add user blocking in message display (article-flat.php).

This commit is contained in:
Retro_Guy 2024-04-05 05:41:44 -07:00
parent 6b99f5ca47
commit 2f448e6e00
5 changed files with 148 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
Rocksolid_Light/rocksolid/article-flat.php
View File

@ -192,8 +192,8 @@ if ($message) {
flush();
$message = message_read($subid, 0, $group);
echo '<a name="' . $subid . '"> </a>';
message_show($group, $subid, 0, $message, $articleflat_chars_per_articles);
if ((! $CONFIG['readonly']) && ($message)) {
$is_blocked = message_show($group, $subid, 0, $message, $articleflat_chars_per_articles);
if (((! $CONFIG['readonly']) && ($message)) && $is_blocked != "blocked") {
echo '<form action="' . $file_post . '">' . '<input type="hidden" name="id" value="' . urlencode($subid) . '">' . '<input type="hidden" name="type" value="reply">' . '<input type="hidden" name="group" value="' . urlencode($group) . '">' . '<input type="submit" value="' . $text_article["button_answer"] . '">' . '</form>';
}
}

33
Rocksolid_Light/rocksolid/lib/message.inc.php
View File

@ -545,9 +545,7 @@ function show_header_short($head, $group, $local_poster = false)
onclick="CopyToClipboard('<?php echo $head->number . 'copy'; ?>');return false;"
style="text-decoration: none" title="Copy article link to clipboard"><i>copy
link</i></a>
<?php
echo '&nbsp;&nbsp;Newsgroups: ';
$ngroups = preg_replace("/\,|\ /", "\t", $head->newsgroups);
$ngroups = explode("\t", $ngroups);
@ -568,12 +566,12 @@ function show_header_short($head, $group, $local_poster = false)
echo '<input type="checkbox" class="np_header_button_checkbox" id="trigger_headers" title="Show headers" />';
echo '<div class="display_headers_on">' . display_full_headers($head->number, $group, $head->name, $head->from) . '</div>';
}
if ($local_poster) {
echo "&nbsp;by: <i>" . $displayname . "</i> - " . $displaydate;
echo "&nbsp;by: <i>" . $displayname . "</i>";
} else {
echo "&nbsp;by: " . $displayname . " - " . $displaydate;
echo "&nbsp;by: " . $displayname . " ";
}
echo '- ' . $displaydate;
echo '</div>';
if ((isset($attachment_show)) && ($attachment_show == true) && (isset($head->content_type[1]))) {
@ -761,7 +759,7 @@ function nl2p($string, $line_breaks = true, $xml = true)
*/
function message_show($group, $id, $attachment = 0, $article_data = false, $maxlen = false)
{
global $file_article, $file_article_full, $OVERRIDES;
global $file_article, $file_article_full, $OVERRIDES, $spooldir;
global $text_header, $text_article, $article_showthread, $file_attachment, $attachment_show;
global $block_xnoarchive, $article_graphicquotes;
global $CONFIG;
@ -777,6 +775,29 @@ function message_show($group, $id, $attachment = 0, $article_data = false, $maxl
}
$body = $article_data->body[$attachment];
if ($head) {
// User blocklist
if ($userdata = get_user_mail_auth_data($_COOKIE['mail_name'])) {
$userfile = $spooldir . '/' . strtolower($_COOKIE['mail_name']) . '-blocked_posters.dat';
if (file_exists($userfile)) {
$blocked_user_config = unserialize(file_get_contents($userfile));
} else {
$blocked_user_config = null;
}
}
$block = false;
foreach($blocked_user_config as $key => $value) {
$blockme = '/'.addslashes($key).'/';
if (preg_match($blockme, $head->from)) {
$block = true;
break;
}
}
if ($block == true) {
echo '<hr><p class=np_ob_posted_date>(message #' . $head->number . ' hidden by your blocklist)</p><hr>';
return "blocked";
}
if (($block_xnoarchive) && (isset($head->xnoarchive)) && ($head->xnoarchive == "yes")) {
echo $text_article["block-xnoarchive"];
} else if (($head->content_type[$attachment] == "text/plain") && ($attachment == 0)) {

6
Rocksolid_Light/rocksolid/newsportal.php
View File

@ -1416,7 +1416,11 @@ function create_name_link($name, $data = null)
if ((strpos($name, '...@') !== false && (isset($CONFIG['hide_email']) && $CONFIG['hide_email'] == true)) && ! $data) {
$return = '<span class="visited">' . substr(htmlspecialchars($name), 0, 20) . '</span>';
} else {
$return = '<a href="search.php?command=search&searchpoint=Poster&terms=' . $name . '&data=' . $data . '" title="Search by user"><span class="visited">' . substr(htmlspecialchars($name), 0, 20) . '</span></a>';
if (isset($_COOKIE['mail_name'])) {
$return = '<a href="search.php?command=search&searchpoint=Poster&terms=' . $name . '&data=' . $data . '" title="Search or Block by user"><span class="visited">' . substr(htmlspecialchars($name), 0, 20) . '</span></a>';
} else {
$return = '<a href="search.php?command=search&searchpoint=Poster&terms=' . $name . '&data=' . $data . '" title="Search by user"><span class="visited">' . substr(htmlspecialchars($name), 0, 20) . '</span></a>';
}
}
return ($return);
}

71
Rocksolid_Light/rocksolid/search.php
View File

@ -51,7 +51,6 @@ if ((! isset($_POST['key']) || ! password_verify($CONFIG['thissitekey'], $_POST[
echo '<tr>';
echo '<td colspan="3">Searching <strong>' . $searching . '</strong></td>';
echo '</tr>';
echo '<tr></tr>';
echo '<tr>';
if (! isset($_REQUEST['data'])) {
echo '<td>Search Terms:&nbsp';
@ -63,7 +62,7 @@ if ((! isset($_POST['key']) || ! password_verify($CONFIG['thissitekey'], $_POST[
} else {
echo '<input name="terms" type="text" id="terms"></td>';
}
echo '</tr><tr></tr><tr><td>';
echo '</tr><tr><td>';
if (isset($_GET['searchpoint']) && $_GET['searchpoint'] == 'Poster') {
if ($CONFIG['article_database'] == '1') {
echo '<input type="radio" name="searchpoint" value="body"/>Body&nbsp;';
@ -89,9 +88,39 @@ if ((! isset($_POST['key']) || ! password_verify($CONFIG['thissitekey'], $_POST[
if (isset($_GET['data'])) {
echo '<input type="hidden" name="data" value="' . $_GET['data'] . '">';
}
echo '</tr><tr></tr><tr>';
echo '</tr><tr>';
echo '<td><input type="submit" name="Submit" value="Search"></td>';
echo '</tr><tr><td><td></td><td></td></table></td></form></tr></table></body></html>';
echo '</tr></table></td></form></tr></table>';
// Block poster
if (isset($_COOKIE['mail_name'])) {
if (isset($_REQUEST['data'])) {
echo '<br><table width=100% border="0" align="center" cellpadding="0" cellspacing="1">';
echo '<tr>';
echo '<td colspan="3">Hide posts by <strong>' . $_GET['terms'] . '</strong></td>';
echo '</tr>';
echo '<tr>';
echo '<form name="blockform" method="post" action="search.php">';
echo '<td>';
echo '<td><input name="command" type="hidden" id="command" value="Search" readonly="readonly"></td>';
echo '<input type="hidden" name="key" value="' . password_hash($CONFIG['thissitekey'], PASSWORD_DEFAULT) . '">';
if (isset($_GET['data'])) {
echo '<input type="hidden" name="data" value="' . $_GET['data'] . '">';
}
echo '<input type="hidden" name="username" value="' . $_COOKIE['mail_name'] . '">';
echo '</tr>';
// Password confirmation
echo '<tr>';
echo '<td style="word-wrap:break-word";>Enter your password: ';
echo '<input name="password" type="password" id="password" maxlength="40"></td>';
echo '<input name="block_poster" type="hidden" id="block_poster" value="' . $_GET['terms'] . '"></td>';
echo '</tr>';
echo '<td><input type="submit" name="Submit" value="Add poster to my block list"></td>';
echo '</tr></table></td></form>';
}
}
// END Block poster
exit(0);
}
@ -120,6 +149,40 @@ $groupconfig = $config_path . "/groups.txt";
$title .= ' - search results for: ' . $_POST['terms'];
include "head.inc";
// Handle Block poster
if (isset($_POST['block_poster'])) {
if ((password_verify($_POST['username'] . $keys[0] . get_user_config($_POST['username'], 'encryptionkey'), $_COOKIE['mail_auth'])) || (password_verify($_POST['username'] . $keys[1] . get_user_config($_POST['username'], 'encryptionkey'), $_COOKIE['mail_auth']))) {
$logged_in = true;
} else {
if (check_bbs_auth($_POST['username'], $_POST['password'])) {
if ($ip_pass) {
$_SESSION['pass'] = true;
}
$authkey = password_hash($_POST['username'] . $keys[0] . get_user_config($_POST['username'], 'encryptionkey'), PASSWORD_DEFAULT);
$pkey = hash('crc32', get_user_config($_POST['username'], 'encryptionkey'));
set_user_config(strtolower($_POST['username']), "pkey", $pkey);
$logged_in = true;
}
}
if ($logged_in == true) {
if ($userdata = get_user_mail_auth_data($_COOKIE['mail_name'])) {
$blockfile = $spooldir . '/' . strtolower($_COOKIE['mail_name']) . '-blocked_posters.dat';
if (file_exists($blockfile)) {
$blocked_user_config = unserialize(file_get_contents($blockfile));
} else {
$blocked_user_config = array();
}
$blocked_user_config[base64_decode(urldecode($_REQUEST['data']))] = $_POST['block_poster'];
file_put_contents($blockfile, serialize($blocked_user_config));
}
echo "<center><b>'".$_POST['block_poster']."'</b> successfully added to your blocklist";
echo '<br>You may edit your blocklist on your <a href="/spoolnews/user.php?command=Configuration">Configuration Page</a></center>';
} else {
echo '<center>Password Incorrect.<br>Click Back to try again</center>';
}
exit(0);
}
ob_start();
if (isset($search_group)) {
echo '<h1 class="np_thread_headline">';

51
Rocksolid_Light/spoolnews/user.php
View File

@ -80,7 +80,6 @@ if (! isset($_COOKIE['mail_auth'])) {
$_COOKIE['mail_auth'] = null;
}
if ((password_verify($_POST['username'] . $keys[0] . get_user_config($_POST['username'], 'encryptionkey'), $_COOKIE['mail_auth'])) || (password_verify($_POST['username'] . $keys[1] . get_user_config($_POST['username'], 'encryptionkey'), $_COOKIE['mail_auth']))) {
// if (((get_user_mail_auth_data($_COOKIE['mail_name'])) && password_verify($_POST['username'] . $keys[0] . get_user_config($_POST['username'], 'encryptionkey'), $_COOKIE['mail_auth'])) || (password_verify($_POST['username'] . $keys[1] . get_user_config($_POST['username'], 'encryptionkey'), $_COOKIE['mail_auth']))) {
$logged_in = true;
} else {
if (check_bbs_auth($_POST['username'], $_POST['password'])) {
@ -109,7 +108,7 @@ if ((password_verify($_POST['username'] . $keys[0] . get_user_config($_POST['use
}
}
if (isset($_POST['command']) && $_POST['command'] == 'Configuration') {
if (isset($_REQUEST['command']) && $_REQUEST['command'] == 'Configuration') {
echo '<h1 class="np_thread_headline">';
echo '<a href="user.php" target=' . $frame['menu'] . '>Configuration</a> / ';
echo htmlspecialchars($_POST['username']) . '</h1>';
@ -311,10 +310,31 @@ if (isset($_POST['command']) && $_POST['command'] == 'SaveConfig') {
$newsubs[$sub] = $userdata[$sub];
}
file_put_contents($spooldir . '/' . $user . '-articleviews.dat', serialize($newsubs));
// Block posters
$blockfile = $spooldir . '/' . strtolower($_COOKIE['mail_name']) . '-blocked_posters.dat';
if (file_exists($blockfile)) {
$blocked_saved_config = unserialize(file_get_contents($blockfile));
} else {
$blocked_saved_config = null;
}
$block = preg_split("/\r\n|\n|\r/", $_POST['blocked_users_config']);
foreach ($block as $blocked_user) {
foreach($blocked_saved_config as $key => $value) {
if($key == $blocked_user) {
$newblocks[$key] = $value;
break;
}
}
}
file_put_contents($blockfile, serialize($newblocks));
// End Block posters
$userdata = unserialize(file_get_contents($userfile));
if ($userdata) {
ksort($userdata);
}
// Save new password
if ((trim($_POST['password']) != '') && ($_POST['password'] == $_POST['password2'])) {
$userFilename = $config_dir . '/users/' . strtolower($user);
@ -355,7 +375,7 @@ if ($OVERRIDES['disable_change_name'] != true) {
}
}
sort($themes);
if (isset($_POST['command']) && $_POST['command'] == 'Configuration') {
if (isset($_REQUEST['command']) && $_REQUEST['command'] == 'Configuration') {
// Use modifications from retry configuration
if ($_POST['retry'] == "retry") {
$display_name = $_POST['display_name'];
@ -365,6 +385,7 @@ if (isset($_POST['command']) && $_POST['command'] == 'Configuration') {
$user_config['hide_unsub'] = $_POST['hide_unsub'];
$user_config['subscribed'] = $_POST['subscribed'];
$user_config['theme'] = $_POST['theme'];
$user_config['blocked_users_config'] = $_POST['blocked_users_config'];
}
// Show Config
echo '<hr><h1 class="np_thread_headline"></h1>';
@ -437,7 +458,6 @@ if (isset($_POST['command']) && $_POST['command'] == 'Configuration') {
echo '<td class="np_result_line1" style="word-wrap:break-word";><h3>Subscribed groups:</h3></td>';
echo '</tr><tr><td class="np_result_line1" style="word-wrap:break-word";><textarea class="configuration" id="subscribed" name="subscribed" rows="10" cols="40">';
// print_r($user_config['subscribed']);
if (isset($user_config['subscribed'])) {
$userdata = $user_config['subscribed'];
@ -452,6 +472,28 @@ if (isset($_POST['command']) && $_POST['command'] == 'Configuration') {
}
echo '</textarea></td>';
echo '</tr>';
echo '</td></tr>';
// Blocklist
if ($userdata = get_user_mail_auth_data($_COOKIE['mail_name'])) {
$blockfile = $spooldir . '/' . strtolower($_COOKIE['mail_name']) . '-blocked_posters.dat';
if (file_exists($blockfile)) {
$blocked_users_config = unserialize(file_get_contents($blockfile));
} else {
$blocked_users_config = null;
}
}
echo '<td class="np_result_line1" style="word-wrap:break-word";><h3>Blocklist:</h3> (you may only remove from this list)</td>';
echo '</tr><tr><td class="np_result_line1" style="word-wrap:break-word";><textarea class="configuration" id="blocked_users_config" name="blocked_users_config" rows="10" cols="40">';
if (isset($blocked_users_config)) {
$blockdata = $user_config['blocked_users_config'];
foreach ($blocked_users_config as $key => $value) {
echo $key . "\n";
// echo $value . "\n";
}
}
echo '</textarea></td>';
echo '</tr>';
// User Display Name
echo '<tr>';
@ -503,6 +545,7 @@ function retry_configuration($message)
echo "<input type='hidden' name='hide_unsub' value='" . $_POST['hide_unsub'] . "' />";
echo "<input type='hidden' name='subscribed' value='" . $_POST['subscribed'] . "' />";
echo "<input type='hidden' name='theme' value='" . $_POST['theme'] . "' />";
echo "<input type='hidden' name='blocked_users_config' value'" . $_POST['blocked_users_config'] . "' />";
echo '<button class="np_button_link" type="submit">Return to Configuration</button>';
echo '</center>';
exit();