diff --git a/Rocksolid_Light/rocksolid/article-flat.php b/Rocksolid_Light/rocksolid/article-flat.php index db5b44d..a866db6 100644 --- a/Rocksolid_Light/rocksolid/article-flat.php +++ b/Rocksolid_Light/rocksolid/article-flat.php @@ -192,8 +192,8 @@ if ($message) { flush(); $message = message_read($subid, 0, $group); echo ' '; - message_show($group, $subid, 0, $message, $articleflat_chars_per_articles); - if ((! $CONFIG['readonly']) && ($message)) { + $is_blocked = message_show($group, $subid, 0, $message, $articleflat_chars_per_articles); + if (((! $CONFIG['readonly']) && ($message)) && $is_blocked != "blocked") { echo '
' . '' . '' . '' . '' . '
'; } } diff --git a/Rocksolid_Light/rocksolid/lib/message.inc.php b/Rocksolid_Light/rocksolid/lib/message.inc.php index f5c081c..651a5f3 100644 --- a/Rocksolid_Light/rocksolid/lib/message.inc.php +++ b/Rocksolid_Light/rocksolid/lib/message.inc.php @@ -545,9 +545,7 @@ function show_header_short($head, $group, $local_poster = false) onclick="CopyToClipboard('number . 'copy'; ?>');return false;" style="text-decoration: none" title="Copy article link to clipboard">copy link - newsgroups); $ngroups = explode("\t", $ngroups); @@ -568,12 +566,12 @@ function show_header_short($head, $group, $local_poster = false) echo ''; echo '
' . display_full_headers($head->number, $group, $head->name, $head->from) . '
'; } - if ($local_poster) { - echo " by: " . $displayname . " - " . $displaydate; + echo " by: " . $displayname . ""; } else { - echo " by: " . $displayname . " - " . $displaydate; + echo " by: " . $displayname . " "; } + echo '- ' . $displaydate; echo ''; if ((isset($attachment_show)) && ($attachment_show == true) && (isset($head->content_type[1]))) { @@ -761,7 +759,7 @@ function nl2p($string, $line_breaks = true, $xml = true) */ function message_show($group, $id, $attachment = 0, $article_data = false, $maxlen = false) { - global $file_article, $file_article_full, $OVERRIDES; + global $file_article, $file_article_full, $OVERRIDES, $spooldir; global $text_header, $text_article, $article_showthread, $file_attachment, $attachment_show; global $block_xnoarchive, $article_graphicquotes; global $CONFIG; @@ -777,6 +775,29 @@ function message_show($group, $id, $attachment = 0, $article_data = false, $maxl } $body = $article_data->body[$attachment]; if ($head) { + // User blocklist + if ($userdata = get_user_mail_auth_data($_COOKIE['mail_name'])) { + $userfile = $spooldir . '/' . strtolower($_COOKIE['mail_name']) . '-blocked_posters.dat'; + if (file_exists($userfile)) { + $blocked_user_config = unserialize(file_get_contents($userfile)); + } else { + $blocked_user_config = null; + } + } + $block = false; + foreach($blocked_user_config as $key => $value) { + $blockme = '/'.addslashes($key).'/'; + if (preg_match($blockme, $head->from)) { + $block = true; + break; + } + } + + if ($block == true) { + echo '

(message #' . $head->number . ' hidden by your blocklist)

'; + return "blocked"; + } + if (($block_xnoarchive) && (isset($head->xnoarchive)) && ($head->xnoarchive == "yes")) { echo $text_article["block-xnoarchive"]; } else if (($head->content_type[$attachment] == "text/plain") && ($attachment == 0)) { diff --git a/Rocksolid_Light/rocksolid/newsportal.php b/Rocksolid_Light/rocksolid/newsportal.php index 24d3f17..4aaa4db 100644 --- a/Rocksolid_Light/rocksolid/newsportal.php +++ b/Rocksolid_Light/rocksolid/newsportal.php @@ -1416,7 +1416,11 @@ function create_name_link($name, $data = null) if ((strpos($name, '...@') !== false && (isset($CONFIG['hide_email']) && $CONFIG['hide_email'] == true)) && ! $data) { $return = '' . substr(htmlspecialchars($name), 0, 20) . ''; } else { - $return = '' . substr(htmlspecialchars($name), 0, 20) . ''; + if (isset($_COOKIE['mail_name'])) { + $return = '' . substr(htmlspecialchars($name), 0, 20) . ''; + } else { + $return = '' . substr(htmlspecialchars($name), 0, 20) . ''; + } } return ($return); } diff --git a/Rocksolid_Light/rocksolid/search.php b/Rocksolid_Light/rocksolid/search.php index 004247e..df8934c 100644 --- a/Rocksolid_Light/rocksolid/search.php +++ b/Rocksolid_Light/rocksolid/search.php @@ -51,7 +51,6 @@ if ((! isset($_POST['key']) || ! password_verify($CONFIG['thissitekey'], $_POST[ echo ''; echo 'Searching ' . $searching . ''; echo ''; - echo ''; echo ''; if (! isset($_REQUEST['data'])) { echo 'Search Terms: '; @@ -63,7 +62,7 @@ if ((! isset($_POST['key']) || ! password_verify($CONFIG['thissitekey'], $_POST[ } else { echo ''; } - echo ''; + echo ''; if (isset($_GET['searchpoint']) && $_GET['searchpoint'] == 'Poster') { if ($CONFIG['article_database'] == '1') { echo 'Body '; @@ -89,9 +88,39 @@ if ((! isset($_POST['key']) || ! password_verify($CONFIG['thissitekey'], $_POST[ if (isset($_GET['data'])) { echo ''; } - echo ''; + echo ''; echo ''; - echo ''; + echo ''; + + // Block poster + if (isset($_COOKIE['mail_name'])) { + if (isset($_REQUEST['data'])) { + echo '
'; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + if (isset($_GET['data'])) { + echo ''; + } + echo ''; + echo ''; + // Password confirmation + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo '
Hide posts by ' . $_GET['terms'] . '
'; + echo '
Enter your password: '; + echo '
'; + } + } + // END Block poster + exit(0); } @@ -120,6 +149,40 @@ $groupconfig = $config_path . "/groups.txt"; $title .= ' - search results for: ' . $_POST['terms']; include "head.inc"; +// Handle Block poster +if (isset($_POST['block_poster'])) { + if ((password_verify($_POST['username'] . $keys[0] . get_user_config($_POST['username'], 'encryptionkey'), $_COOKIE['mail_auth'])) || (password_verify($_POST['username'] . $keys[1] . get_user_config($_POST['username'], 'encryptionkey'), $_COOKIE['mail_auth']))) { + $logged_in = true; + } else { + if (check_bbs_auth($_POST['username'], $_POST['password'])) { + if ($ip_pass) { + $_SESSION['pass'] = true; + } + $authkey = password_hash($_POST['username'] . $keys[0] . get_user_config($_POST['username'], 'encryptionkey'), PASSWORD_DEFAULT); + $pkey = hash('crc32', get_user_config($_POST['username'], 'encryptionkey')); + set_user_config(strtolower($_POST['username']), "pkey", $pkey); + $logged_in = true; + } + } + if ($logged_in == true) { + if ($userdata = get_user_mail_auth_data($_COOKIE['mail_name'])) { + $blockfile = $spooldir . '/' . strtolower($_COOKIE['mail_name']) . '-blocked_posters.dat'; + if (file_exists($blockfile)) { + $blocked_user_config = unserialize(file_get_contents($blockfile)); + } else { + $blocked_user_config = array(); + } + $blocked_user_config[base64_decode(urldecode($_REQUEST['data']))] = $_POST['block_poster']; + file_put_contents($blockfile, serialize($blocked_user_config)); + } + echo "
'".$_POST['block_poster']."' successfully added to your blocklist"; + echo '
You may edit your blocklist on your Configuration Page
'; + } else { + echo '
Password Incorrect.
Click Back to try again
'; + } + exit(0); +} + ob_start(); if (isset($search_group)) { echo '

'; diff --git a/Rocksolid_Light/spoolnews/user.php b/Rocksolid_Light/spoolnews/user.php index 671c09d..1e4a61d 100644 --- a/Rocksolid_Light/spoolnews/user.php +++ b/Rocksolid_Light/spoolnews/user.php @@ -80,7 +80,6 @@ if (! isset($_COOKIE['mail_auth'])) { $_COOKIE['mail_auth'] = null; } if ((password_verify($_POST['username'] . $keys[0] . get_user_config($_POST['username'], 'encryptionkey'), $_COOKIE['mail_auth'])) || (password_verify($_POST['username'] . $keys[1] . get_user_config($_POST['username'], 'encryptionkey'), $_COOKIE['mail_auth']))) { - // if (((get_user_mail_auth_data($_COOKIE['mail_name'])) && password_verify($_POST['username'] . $keys[0] . get_user_config($_POST['username'], 'encryptionkey'), $_COOKIE['mail_auth'])) || (password_verify($_POST['username'] . $keys[1] . get_user_config($_POST['username'], 'encryptionkey'), $_COOKIE['mail_auth']))) { $logged_in = true; } else { if (check_bbs_auth($_POST['username'], $_POST['password'])) { @@ -109,7 +108,7 @@ if ((password_verify($_POST['username'] . $keys[0] . get_user_config($_POST['use } } -if (isset($_POST['command']) && $_POST['command'] == 'Configuration') { +if (isset($_REQUEST['command']) && $_REQUEST['command'] == 'Configuration') { echo '

'; echo 'Configuration / '; echo htmlspecialchars($_POST['username']) . '

'; @@ -311,10 +310,31 @@ if (isset($_POST['command']) && $_POST['command'] == 'SaveConfig') { $newsubs[$sub] = $userdata[$sub]; } file_put_contents($spooldir . '/' . $user . '-articleviews.dat', serialize($newsubs)); + + // Block posters + $blockfile = $spooldir . '/' . strtolower($_COOKIE['mail_name']) . '-blocked_posters.dat'; + if (file_exists($blockfile)) { + $blocked_saved_config = unserialize(file_get_contents($blockfile)); + } else { + $blocked_saved_config = null; + } + $block = preg_split("/\r\n|\n|\r/", $_POST['blocked_users_config']); + foreach ($block as $blocked_user) { + foreach($blocked_saved_config as $key => $value) { + if($key == $blocked_user) { + $newblocks[$key] = $value; + break; + } + } + } + file_put_contents($blockfile, serialize($newblocks)); + // End Block posters + $userdata = unserialize(file_get_contents($userfile)); if ($userdata) { ksort($userdata); } + // Save new password if ((trim($_POST['password']) != '') && ($_POST['password'] == $_POST['password2'])) { $userFilename = $config_dir . '/users/' . strtolower($user); @@ -355,7 +375,7 @@ if ($OVERRIDES['disable_change_name'] != true) { } } sort($themes); -if (isset($_POST['command']) && $_POST['command'] == 'Configuration') { +if (isset($_REQUEST['command']) && $_REQUEST['command'] == 'Configuration') { // Use modifications from retry configuration if ($_POST['retry'] == "retry") { $display_name = $_POST['display_name']; @@ -365,6 +385,7 @@ if (isset($_POST['command']) && $_POST['command'] == 'Configuration') { $user_config['hide_unsub'] = $_POST['hide_unsub']; $user_config['subscribed'] = $_POST['subscribed']; $user_config['theme'] = $_POST['theme']; + $user_config['blocked_users_config'] = $_POST['blocked_users_config']; } // Show Config echo '

'; @@ -437,7 +458,6 @@ if (isset($_POST['command']) && $_POST['command'] == 'Configuration') { echo '

Subscribed groups:

'; echo ''; echo ''; + echo ''; + + // Blocklist + if ($userdata = get_user_mail_auth_data($_COOKIE['mail_name'])) { + $blockfile = $spooldir . '/' . strtolower($_COOKIE['mail_name']) . '-blocked_posters.dat'; + if (file_exists($blockfile)) { + $blocked_users_config = unserialize(file_get_contents($blockfile)); + } else { + $blocked_users_config = null; + } + } + echo '

Blocklist:

(you may only remove from this list)'; + echo ''; + echo ''; // User Display Name echo ''; @@ -503,6 +545,7 @@ function retry_configuration($message) echo ""; echo ""; echo ""; + echo ""; echo ''; echo ''; exit();