diff --git a/Rocksolid_Light/common/register.php b/Rocksolid_Light/common/register.php index 473c89b..ea7ef22 100644 --- a/Rocksolid_Light/common/register.php +++ b/Rocksolid_Light/common/register.php @@ -1,170 +1,167 @@ "; - echo "More than one account may not be created in 30 days
"; - echo '
Return to Home Page'; -} else { - $captchaImage = '../tmp/captcha'.time().'.png'; - $captchacode = prepareCaptcha($captchaImage); - echo ''; - echo ''; - echo ''; - echo ''; - echo ''; - echo ''; - echo ''; - echo ''; - echo ''; - echo ''; - echo ''; - echo ''; - echo ''; - echo ''; - echo ''; - echo ''; - echo ''; - echo ''; - echo ''; - echo ''; - echo ''; - echo ''; - echo ''; - echo ''; - echo ''; - echo ''; - echo ''; - echo ''; - echo ''; - echo ''; - echo ''; - echo ''; - echo ''; - echo ''; - echo ''; - echo '
Register Username
Username:
Email:
Password:
Re-enter Password:
 
Change current password
'; - echo '
'; -} - echo ''; - echo ''; - exit(0); -} - -if(isset($_POST['command']) && $_POST['command'] == 'CreateNew') { - include $config_dir.'/synchronet.conf'; - $workpath = $config_dir."users/"; - $keypath = $config_dir."userconfig/"; - $username = $_POST['username']; - $password = $_POST['password']; - $user_email = $_POST['user_email']; - if(isset($_POST['code'])) { - $code = $_POST['code']; - } else { - $code = false; - } - $userFilename = $workpath.$username; - $keyFilename = $keypath.$username; - @mkdir($workpath.'new/'); - $verified = 0; - $no_verify=explode(' ', $CONFIG['no_verify']); - foreach($no_verify as $no) { - if (strlen($_SERVER['HTTP_HOST']) - strlen($no) === strrpos($_SERVER['HTTP_HOST'],$no)) { - $CONFIG['verify_email'] = false; +if (! isset($_POST['command'])) { + if (isset($_COOKIE["ts_limit"])) { + echo "It appears you already have an active account
"; + echo "More than one account may not be created in 30 days
"; + echo '
Return to Home Page'; + } else { + $captchaImage = '../tmp/captcha' . time() . '.png'; + $captchacode = prepareCaptcha($captchaImage); + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo '
Register Username
Username:
Email:
Password:
Re-enter Password:
 
Change current password
'; + echo '
'; } - } - - if($CONFIG['verify_email'] == true) { - $saved_code = file_get_contents(sys_get_temp_dir()."/".$username); - if((strcmp(trim($code), trim($saved_code))) !== 0) { - echo "Code does not match. Try again.
"; - echo '
'; - echo ' '; - echo ''; - echo ''; - echo ''; - echo ''; - echo ''; - echo ''; - echo '

Cancel and return to home page'; - exit(2); - } - $verified = 1; - } - if ($userFileHandle = @fopen($userFilename, 'w+')) - { + echo ''; + echo ''; + exit(0); +} + +if (isset($_POST['command']) && $_POST['command'] == 'CreateNew') { + include $config_dir . '/synchronet.conf'; + $workpath = $config_dir . "users/"; + $keypath = $config_dir . "userconfig/"; + $username = $_POST['username']; + $password = $_POST['password']; + $user_email = $_POST['user_email']; + if (isset($_POST['code'])) { + $code = $_POST['code']; + } else { + $code = false; + } + $userFilename = $workpath . $username; + $keyFilename = $keypath . $username; + @mkdir($workpath . 'new/'); + $verified = 0; + $no_verify = explode(' ', $CONFIG['no_verify']); + foreach ($no_verify as $no) { + if (strlen($_SERVER['HTTP_HOST']) - strlen($no) === strrpos($_SERVER['HTTP_HOST'], $no)) { + $CONFIG['verify_email'] = false; + } + } + + if ($CONFIG['verify_email'] == true) { + $saved_code = file_get_contents(sys_get_temp_dir() . "/" . $username); + if ((strcmp(trim($code), trim($saved_code))) !== 0) { + echo "Code does not match. Try again.
"; + echo ''; + echo ' '; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo '

Cancel and return to home page'; + exit(2); + } + $verified = 1; + } + if ($userFileHandle = @fopen($userFilename, 'w+')) { fwrite($userFileHandle, password_hash($password, PASSWORD_DEFAULT)); fclose($userFileHandle); chmod($userFilename, 0666); } -// Create synchronet account - if(isset($synch_create) && $synch_create == true) { + // Create synchronet account + if (isset($synch_create) && $synch_create == true) { putenv("SBBSCTRL=$synch_path/ctrl"); $result = shell_exec("$synch_path/exec/makeuser $username -P $password"); } $newkey = make_key($username); - if ($userFileHandle = @fopen($keyFilename, 'w+')) - { - fwrite($userFileHandle, 'encryptionkey:'.$newkey."\r\n"); - fwrite($userFileHandle, 'email:'.$user_email."\r\n"); - if($verified == 1) { - fwrite($userFileHandle, "email_verified:true\r\n"); + if ($userFileHandle = @fopen($keyFilename, 'w+')) { + fwrite($userFileHandle, 'encryptionkey:' . $newkey . "\r\n"); + fwrite($userFileHandle, 'email:' . $user_email . "\r\n"); + if ($verified == 1) { + fwrite($userFileHandle, "email_verified:true\r\n"); } fclose($userFileHandle); chmod($userFilename, 0666); } - if(file_exists(sys_get_temp_dir()."/".$username)) { - unlink(sys_get_temp_dir()."/".$username); + if (file_exists(sys_get_temp_dir() . "/" . $username)) { + unlink(sys_get_temp_dir() . "/" . $username); } - echo "User:".$username." Created\r\n"; - echo '
Back'; + echo "User:" . $username . " Created\r\n"; + echo '
Back'; - exit(0); + exit(0); } -if($CONFIG['verify_email'] == true) { - include($config_dir.'/phpmailer.inc.php'); - if(class_exists('PHPMailer')) { - $mail = new PHPMailer(); - } else { - $mail = new PHPMailer\PHPMailer\PHPMailer(); - } +if ($CONFIG['verify_email'] == true) { + include ($config_dir . '/phpmailer.inc.php'); + if (class_exists('PHPMailer')) { + $mail = new PHPMailer(); + } else { + $mail = new PHPMailer\PHPMailer\PHPMailer(); + } } # $hostname: '{POPaddress:port/pop3}INBOX' @@ -172,8 +169,8 @@ $hostname = '{mail.example.com:110/pop3}INBOX'; # $external: Using external POP auth? $external = 0; # $workpath: Where to cache users (must be writable by calling program) -$workpath = $config_dir."users/"; -$keypath = $config_dir."userconfig/"; +$workpath = $config_dir . "users/"; +$keypath = $config_dir . "userconfig/"; $ok = FALSE; $command = "Login"; @@ -187,122 +184,118 @@ echo '
'; $thisusername = $username; $username = strtolower($username); -$userFilename = $workpath.$username; -$keyFilename = $keypath.$username; +$userFilename = $workpath . $username; +$keyFilename = $keypath . $username; # Check all input if (empty($_POST['username'])) { - echo "Please enter a Username\r\n"; - echo ''; - echo ''; - echo ''; - exit(2); + echo "Please enter a Username\r\n"; + echo ''; + echo ''; + echo ''; + exit(2); } -if (strlen($clean_username) > 30) -{ - echo "The maximum username length is 30 characters. You entered ". $clean_username . " which is " . strlen($cleanusername) . " characters long.
"; +if (strlen($clean_username) > 30) { + echo "The maximum username length is 30 characters. You entered " . $clean_username . " which is " . strlen($cleanusername) . " characters long.
"; echo ''; - echo ''; - echo ''; + echo ''; + echo ''; echo ''; exit(2); } -if($clean_username != $_POST['username']) { - echo "The username entered contains disallowed characters.
"; - echo "Allowed characters:
letters, numbers, underscore, hypen, full stop

"; - echo ''; - echo ''; - echo ''; - echo ''; - exit(2); -} - -if(filter_var($user_email, FILTER_VALIDATE_EMAIL) == false) { - echo "Email address format appears incorrect\n"; - echo ''; - echo ''; - echo ''; - exit(2); - } - -if($CONFIG['verify_email']) { - $user_domain = explode('@', $user_email); - if((checkdnsrr($user_domain[1].'.', "MX") == false) && (checkdnsrr($user_domain[1].'.', "A") == false)) { - echo "Email domain appears to not exist\n"; +if ($clean_username != $_POST['username']) { + echo "The username entered contains disallowed characters.
"; + echo "Allowed characters:
letters, numbers, underscore, hypen, full stop

"; echo ''; - echo ''; - echo ''; - exit(2); - } + echo ''; + echo ''; + echo ''; + exit(2); } - + +if (filter_var($user_email, FILTER_VALIDATE_EMAIL) == false) { + echo "Email address format appears incorrect\n"; + echo ''; + echo ''; + echo ''; + exit(2); +} + +if ($CONFIG['verify_email']) { + $user_domain = explode('@', $user_email); + if ((checkdnsrr($user_domain[1] . '.', "MX") == false) && (checkdnsrr($user_domain[1] . '.', "A") == false)) { + echo "Email domain appears to not exist\n"; + echo ''; + echo ''; + echo ''; + exit(2); + } +} + if (($_POST['password'] !== $_POST['password2']) || $_POST['password'] == '') { - echo "Your passwords entered do not match\r\n"; - echo ''; - echo ''; - echo ''; - echo ''; - exit(2); + echo "Your passwords entered do not match\r\n"; + echo ''; + echo ''; + echo ''; + echo ''; + exit(2); } if (getExpressionResult($_POST['captchacode']) != $_POST['captcha']) { - echo "Incorrect captcha response\r\n"; - echo ''; - echo ''; - echo ''; - echo ''; - exit(2); + echo "Incorrect captcha response\r\n"; + echo ''; + echo ''; + echo ''; + echo ''; + exit(2); } /* Check for existing email address */ -$users = scandir($config_dir."/userconfig"); -foreach($users as $user) { - if(!is_file($config_dir."/userconfig/".$user)) { - continue; - } - if(strcmp(get_user_config($user, 'mail'), $user_email) == 0) { - echo "Email exists in database\r\n"; - echo ''; - echo ''; - echo ''; - exit(2); - } +$users = scandir($config_dir . "/userconfig"); +foreach ($users as $user) { + if (! is_file($config_dir . "/userconfig/" . $user)) { + continue; + } + if (strcmp(get_user_config($user, 'mail'), $user_email) == 0) { + echo "Email exists in database\r\n"; + echo ''; + echo ''; + echo ''; + exit(2); + } } # Check email address attempts to avoid abuse -if(file_exists($email_registry)) { - $tried_email = unserialize(file_get_contents($email_registry)); - if(isset($tried_email[$user_email])) { - echo "Email address already used\r\n"; - echo ''; - echo ''; - echo ''; - exit(2); - } +if (file_exists($email_registry)) { + $tried_email = unserialize(file_get_contents($email_registry)); + if (isset($tried_email[$user_email])) { + echo "Email address already used\r\n"; + echo ''; + echo ''; + echo ''; + exit(2); + } } -if (!preg_match("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z0-9]{2,3})$^",$user_email)) { - echo "Email must be in the form of an email address\r\n"; - echo '
Back'; - exit(2); +if (! preg_match("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z0-9]{2,3})$^", $user_email)) { + echo "Email must be in the form of an email address\r\n"; + echo '
Back'; + exit(2); } # Does user file already exist? -if (($userFileHandle = @fopen($userFilename, 'r')) || (get_config_value('aliases.conf', strtolower($thisusername)) !== false)) -{ - if ($command == "Create") - { - echo "User:".$thisusername." Already Exists\r\n"; - echo '
Back'; - exit(2); +if (($userFileHandle = @fopen($userFilename, 'r')) || (get_config_value('aliases.conf', strtolower($thisusername)) !== false)) { + if ($command == "Create") { + echo "User:" . $thisusername . " Already Exists\r\n"; + echo '
Back'; + exit(2); } $userFileInfo = fread($userFileHandle, filesize($userFilename)); fclose($userFileHandle); # User/Pass is correct - if (password_verify ( $password , $userFileInfo)) - { + if (password_verify($password, $userFileInfo)) { touch($userFilename); $ok = TRUE; } else { @@ -313,209 +306,205 @@ if (($userFileHandle = @fopen($userFilename, 'r')) || (get_config_value('aliases } # Ok to log in. User authenticated. -if ($ok) -{ - echo "User:".$thisusername."\r\n"; - exit(0); +if ($ok) { + echo "User:" . $thisusername . "\r\n"; + exit(0); } # Using external authentication -if ($external) -{ - $mbox = @imap_open ( $hostname , $username , $password ); - if ($mbox) - { +if ($external) { + $mbox = @imap_open($hostname, $username, $password); + if ($mbox) { $ok = TRUE; imap_close($mbox); } } # User is authenticated or to be created. Either way, create the file -if ($ok || ($command == "Create") ) -{ - echo 'Create account: '.$_POST['username'].'

'; - /* Generate email */ - # only check for no verification is the field has been populated - if (!empty($CONFIG['no_verify'])) - { - $no_verify=explode(' ', $CONFIG['no_verify']); - foreach($no_verify as $no) { - if (strlen($_SERVER['HTTP_HOST']) - strlen($no) === strrpos($_SERVER['HTTP_HOST'],$no)) { - $CONFIG['verify_email'] = false; - } - } - } - if($CONFIG['verify_email']) { - # Log email address attempts to avoid abuse - if(file_exists($email_registry)) { - $tried_email = unserialize(file_get_contents($email_registry)); - } - $tried_email[$user_email]['time'] = time(); - file_put_contents($email_registry, serialize($tried_email)); - - $mail->SMTPOptions = array( - 'ssl' => array( - 'verify_peer' => false, - 'verify_peer_name' => false, - 'allow_self_signed' => true - ) - ); +if ($ok || ($command == "Create")) { + echo 'Create account: ' . $_POST['username'] . '

'; + /* Generate email */ + # only check for no verification is the field has been populated + if (! empty($CONFIG['no_verify'])) { + $no_verify = explode(' ', $CONFIG['no_verify']); + foreach ($no_verify as $no) { + if (strlen($_SERVER['HTTP_HOST']) - strlen($no) === strrpos($_SERVER['HTTP_HOST'], $no)) { + $CONFIG['verify_email'] = false; + } + } + } + if ($CONFIG['verify_email']) { + # Log email address attempts to avoid abuse + if (file_exists($email_registry)) { + $tried_email = unserialize(file_get_contents($email_registry)); + } + $tried_email[$user_email]['time'] = time(); + file_put_contents($email_registry, serialize($tried_email)); - $mail->IsSMTP(); - #uncomment below to enable debugging - #$mail->SMTPDebug = 3; + $mail->SMTPOptions = array( + 'ssl' => array( + 'verify_peer' => false, + 'verify_peer_name' => false, + 'allow_self_signed' => true + ) + ); - $mail->CharSet = 'UTF-8'; - $mail->Host = $mailer['host']; - $mail->SMTPAuth = true; + $mail->IsSMTP(); + # uncomment below to enable debugging + # $mail->SMTPDebug = 3; - $mail->Port = $mailer['port']; - $mail->Username = $mailer['username']; - $mail->Password = $mailer['password'];; - $mail->SMTPSecure = 'tls'; - - $mail->setFrom($mail_user.'@'.$mail_domain, $mail_name); - $mail->addAddress($user_email); + $mail->CharSet = 'UTF-8'; + $mail->Host = $mailer['host']; + $mail->SMTPAuth = true; - $mail->Subject = "Confirmation code for ".$_SERVER['HTTP_HOST']; + $mail->Port = $mailer['port']; + $mail->Username = $mailer['username']; + $mail->Password = $mailer['password']; + ; + $mail->SMTPSecure = 'tls'; - foreach($mail_custom_header as $key => $value) { - $mail->addCustomHeader($key, $value); - } + $mail->setFrom($mail_user . '@' . $mail_domain, $mail_name); + $mail->addAddress($user_email); - $mycode = create_code($username); - $msg="A request to create an account on ".$_SERVER['HTTP_HOST']; - $msg.=" has been made using ".$user_email.".\n\n"; - $msg.="If you did not request this, please ignore and the request will fail.\n\n"; - $msg.="This is your account creation code: ".$mycode."\n\n"; - $msg.="Note: replies to this email address are checked daily."; - $mail->Body = wordwrap($msg,70); - - if (!$mail->send()) - { - echo 'The message could not be sent.'; - echo '

Error: ' . $mail->ErrorInfo; - } - else - { - echo 'An email has been sent to '.$user_email.'
'; - echo 'Please enter the code from the email below:
'; - } - } + $mail->Subject = "Confirmation code for " . $_SERVER['HTTP_HOST']; - echo ''; - if($CONFIG['verify_email'] == true) { - echo ' '; - } - echo ''; - echo ''; - echo ''; - echo ''; - echo ''; - echo ''; - echo '

Cancel and return to home page'; -} -else { + foreach ($mail_custom_header as $key => $value) { + $mail->addCustomHeader($key, $value); + } + + $mycode = create_code($username); + $msg = "A request to create an account on " . $_SERVER['HTTP_HOST']; + $msg .= " has been made using " . $user_email . ".\n\n"; + $msg .= "If you did not request this, please ignore and the request will fail.\n\n"; + $msg .= "This is your account creation code: " . $mycode . "\n\n"; + $msg .= "Note: replies to this email address are checked daily."; + $mail->Body = wordwrap($msg, 70); + + if (! $mail->send()) { + echo 'The message could not be sent.'; + echo '

Error: ' . $mail->ErrorInfo; + } else { + echo 'An email has been sent to ' . $user_email . '
'; + echo 'Please enter the code from the email below:
'; + } + } + + echo ''; + if ($CONFIG['verify_email'] == true) { + echo ' '; + } + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo '

Cancel and return to home page'; +} else { echo "Authentication Failed\r\n"; exit(1); } -function get_user_config($username,$request) { - global $config_dir; - $userconfigpath = $config_dir."userconfig/"; - $username = strtolower($username); - $userFilename = $userconfigpath.$username; +function get_user_config($username, $request) +{ + global $config_dir; + $userconfigpath = $config_dir . "userconfig/"; + $username = strtolower($username); + $userFilename = $userconfigpath . $username; - if ($userFileHandle = @fopen($userFilename, 'r')) - { - while (!feof($userFileHandle)) - { - $buffer = fgets($userFileHandle); - if(strpos($buffer, $request.':') !== FALSE) { - $userdataline=$buffer; + if ($userFileHandle = @fopen($userFilename, 'r')) { + while (! feof($userFileHandle)) { + $buffer = fgets($userFileHandle); + if (strpos($buffer, $request . ':') !== FALSE) { + $userdataline = $buffer; + fclose($userFileHandle); + $userdatafound = explode(':', $userdataline); + return trim($userdatafound[1]); + } + } fclose($userFileHandle); - $userdatafound = explode(':',$userdataline); - return trim($userdatafound[1]); - } + return FALSE; + } else { + return FALSE; } - fclose($userFileHandle); - return FALSE; - } else { - return FALSE; - } } -function make_key($username) { +function make_key($username) +{ $key = openssl_random_pseudo_bytes(44); return base64_encode($key); } -function create_code($username) { - $permitted_chars = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'; - $code = substr(str_shuffle($permitted_chars), 0, 16); - $userfile = sys_get_temp_dir()."/".$username; - file_put_contents($userfile, $code); - return $code; +function create_code($username) +{ + $permitted_chars = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'; + $code = substr(str_shuffle($permitted_chars), 0, 16); + $userfile = sys_get_temp_dir() . "/" . $username; + file_put_contents($userfile, $code); + return $code; } -function get_config_value($configfile,$request) { - global $config_dir; - - if ($configFileHandle = @fopen($config_dir.'/'.$configfile, 'r')) - { - while (!feof($configFileHandle)) - { - $buffer = fgets($configFileHandle); - if(strpos($buffer, $request.':') !== FALSE) { - $dataline=$buffer; - fclose($configFileHandle); - $datafound = explode(':',$dataline); - return $datafound[1]; - } - } - fclose($configFileHandle); - return FALSE; - } else { - return FALSE; - } -} +function get_config_value($configfile, $request) +{ + global $config_dir; - function generateImage($text, $file) { - $im = @imagecreate(74, 25) or die("Cannot Initialize new GD image stream"); - $background_color = imagecolorallocate($im, 200, 200, 200); - $text_color = imagecolorallocate($im, 0, 0, 0); - imagestring($im, 5, 5, 5, $text, $text_color); - imagepng($im, $file); - imagedestroy($im); - } - - function getIndex($alphabet, $letter) { - for($i=0; $i rand(0, 9), + "n1" => rand(0, 9), "n2" => rand(0, 9) ); - generateImage($expression->n1.' + '.$expression->n2.' =', $captchaImage); - + generateImage($expression->n1 . ' + ' . $expression->n2 . ' =', $captchaImage); + $usedAlphabet = rand(0, 9); - $code = $alphabet[$usedAlphabet]. - $alphabetsForNumbers[$usedAlphabet][$expression->n1]. - $alphabetsForNumbers[$usedAlphabet][$expression->n2]; - return($code); - } + $code = $alphabet[$usedAlphabet] . $alphabetsForNumbers[$usedAlphabet][$expression->n1] . $alphabetsForNumbers[$usedAlphabet][$expression->n2]; + return ($code); +} ?> diff --git a/Rocksolid_Light/rocksolid/article-flat.php b/Rocksolid_Light/rocksolid/article-flat.php index 2ab9c78..6ca31f4 100644 --- a/Rocksolid_Light/rocksolid/article-flat.php +++ b/Rocksolid_Light/rocksolid/article-flat.php @@ -61,8 +61,6 @@ if (strpos($id, '@') !== false) { if (isset($_REQUEST["first"])) $first = $_REQUEST["first"]; -$_SESSION['rsactive'] = true; - if (! isset($_SERVER['REQUEST_STRING'])) { $_SERVER['REQUEST_STRING'] = ''; } @@ -103,6 +101,11 @@ if (! $message) { $title .= ' - ' . $group . ' - ' . $subject; } include "head.inc"; + +if ($client_device != "bot") { + $_SESSION['rsactive'] = true; +} + echo '

'; echo '' . basename(getcwd()) . ' / '; echo '' . htmlspecialchars(group_display_name($group)) . ' / ' . $subject . '

'; @@ -117,6 +120,10 @@ if ($message) { // load thread-data and get IDs of the actual subthread $thread = thread_load($group); $subthread = thread_getsubthreadids($message->header->id, $thread); + if (! $subthread) { + echo '
Group is rebuilding... Please try again later
'; + exit(); + } if ($thread_articles == false) { sort($subthread); } diff --git a/Rocksolid_Light/rocksolid/head.inc b/Rocksolid_Light/rocksolid/head.inc index e1a2009..18b3d57 100644 --- a/Rocksolid_Light/rocksolid/head.inc +++ b/Rocksolid_Light/rocksolid/head.inc @@ -1,20 +1,50 @@ '; -echo ''.htmlspecialchars($title).''; +echo '' . htmlspecialchars($title) . ''; echo ''; echo ''; include "config.inc.php"; -if(file_exists($config_dir.'/googleanalytics.conf')) { - include $config_dir.'/googleanalytics.conf'; +// Try to get browser info to use for extra formatting of page +$ua = strtolower($_SERVER["HTTP_USER_AGENT"]); +$devices = array( + "bot", + "spider", + "mobile", + "lynx", + "w3m", + "links", + "ipad", + "tablet" +); +$client_device = "desktop"; +foreach ($devices as $device) { + if (strpos($ua, $device) !== false) { + $client_device = $device; + break; + } +} +if($client_device == "spider") { + $client_device = "bot"; +} +// Log client device if enabled by semaphore +if (file_exists($config_dir . '/devicelog.enable')) { + $client_ip = getenv("REMOTE_ADDR"); + $logfile = $logdir . '/device.log'; + file_put_contents($logfile, "\n" . date('M d H:i:s') . " " . $config_name . " Client: " . $client_ip . " browser: " . $client_device, FILE_APPEND); + file_put_contents($logfile, "\nFull UA: ".$ua, FILE_APPEND); } -if(isset($frames_on) && $frames_on === false) { - if (file_exists('../common/mods/header.php')) { - include "../common/mods/header.php"; - } else { - include "../common/header.php"; - } +if (file_exists($config_dir . '/googleanalytics.conf')) { + include $config_dir . '/googleanalytics.conf'; +} + +if (isset($frames_on) && $frames_on === false) { + if (file_exists('../common/mods/header.php')) { + include "../common/mods/header.php"; + } else { + include "../common/header.php"; + } } echo '
'; echo ''; \ No newline at end of file diff --git a/Rocksolid_Light/rocksolid/lib/message.inc.php b/Rocksolid_Light/rocksolid/lib/message.inc.php index e1189e7..6462190 100644 --- a/Rocksolid_Light/rocksolid/lib/message.inc.php +++ b/Rocksolid_Light/rocksolid/lib/message.inc.php @@ -1,352 +1,352 @@ HTTP Gateway - * Download: https://news.novabbs.com/getrslight + +/* + * rslight NNTP<->HTTP Gateway + * Download: https://news.novabbs.com/getrslight * - * Based on Newsportal by Florian Amrhein + * Based on Newsportal by Florian Amrhein * - * E-Mail: retroguy@novabbs.com - * Web: https://news.novabbs.com + * E-Mail: retroguy@novabbs.com + * Web: https://news.novabbs.com * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ - -function message_parse($rawmessage) { - global $attachment_delete_alternative,$attachment_uudecode,$www_charset; - global $iconv_enable; - // Read the header of the message: - $count_rawmessage=count($rawmessage); - $message = new messageType; - $rawheader=array(); - $i=0; - while ($rawmessage[$i] != "") { - $rawheader[]=$rawmessage[$i]; - $i++; - } - // Parse the Header: - $message->header=parse_header($rawheader); - // Now we know if the message is a mime-multipart message: - $content_type=explode("/",$message->header->content_type[0]); - if ($content_type[0]=="multipart") { - $message->header->content_type=array(); - // We have multible bodies, so we split the message into its parts - $boundary="--".$message->header->content_type_boundary; - // lets find the first part - while($rawmessage[$i] != $boundary) - $i++; - $i++; - $part=array(); - while($i<=$count_rawmessage) { - if (($rawmessage[$i]==$boundary) || ($i==$count_rawmessage-1) || - ($rawmessage[$i]==$boundary.'--')) { - $partmessage=message_parse($part); - // merge the content-types of the message with those of the part - for ($o=0; $oheader->content_type); $o++) { - $message->header->content_type[]= - $partmessage->header->content_type[$o]; - $message->header->content_type_charset[]= - $partmessage->header->content_type_charset[$o]; - $message->header->content_type_name[]= - $partmessage->header->content_type_name[$o]; - $message->header->content_type_format[]= - $partmessage->header->content_type_format[$o]; - $message->body[]=$partmessage->body[$o]; +function message_parse($rawmessage) +{ + global $attachment_delete_alternative, $attachment_uudecode, $www_charset; + global $iconv_enable; + // Read the header of the message: + $count_rawmessage = count($rawmessage); + $message = new messageType(); + $rawheader = array(); + $i = 0; + while ($rawmessage[$i] != "") { + $rawheader[] = $rawmessage[$i]; + $i ++; + } + // Parse the Header: + $message->header = parse_header($rawheader); + // Now we know if the message is a mime-multipart message: + $content_type = explode("/", $message->header->content_type[0]); + if ($content_type[0] == "multipart") { + $message->header->content_type = array(); + // We have multible bodies, so we split the message into its parts + $boundary = "--" . $message->header->content_type_boundary; + // lets find the first part + while ($rawmessage[$i] != $boundary) + $i ++; + $i ++; + $part = array(); + while ($i <= $count_rawmessage) { + if (($rawmessage[$i] == $boundary) || ($i == $count_rawmessage - 1) || ($rawmessage[$i] == $boundary . '--')) { + $partmessage = message_parse($part); + // merge the content-types of the message with those of the part + for ($o = 0; $o < count($partmessage->header->content_type); $o ++) { + $message->header->content_type[] = $partmessage->header->content_type[$o]; + $message->header->content_type_charset[] = $partmessage->header->content_type_charset[$o]; + $message->header->content_type_name[] = $partmessage->header->content_type_name[$o]; + $message->header->content_type_format[] = $partmessage->header->content_type_format[$o]; + $message->body[] = $partmessage->body[$o]; + } + $part = array(); + } else { + if ($i < $count_rawmessage) + $part[] = $rawmessage[$i]; + } + if ($rawmessage[$i] == $boundary . '--') + break; + $i ++; } - $part=array(); - } else { - if ($i<$count_rawmessage) - $part[]=$rawmessage[$i]; - } - if ($rawmessage[$i]==$boundary.'--') break; - $i++; - } - // Is this a multipart/alternative multipart-message? Do we have to - // delete all non plain/text parts? - if (($attachment_delete_alternative) && - ($content_type[1]=="alternative")) { - $plaintext=false; - for ($o=0; $oheader->content_type); $o++) { - if ($message->header->content_type[$o]=="text/plain") - $plaintext=true; // we found at least one text/plain - } - if ($plaintext) { // now we can delete the other parts - for ($o=0; $oheader->content_type); $o++) { - if ($message->header->content_type[$o]!="text/plain") { - unset($message->header->content_type[$o]); - unset($message->header->content_type_name[$o]); - unset($message->header->content_type_charset[$o]); - unset($message->header->content_type_format[$o]); - unset($message->body[$o]); - } + // Is this a multipart/alternative multipart-message? Do we have to + // delete all non plain/text parts? + if (($attachment_delete_alternative) && ($content_type[1] == "alternative")) { + $plaintext = false; + for ($o = 0; $o < count($message->header->content_type); $o ++) { + if ($message->header->content_type[$o] == "text/plain") + $plaintext = true; // we found at least one text/plain + } + if ($plaintext) { // now we can delete the other parts + for ($o = 0; $o < count($message->header->content_type); $o ++) { + if ($message->header->content_type[$o] != "text/plain") { + unset($message->header->content_type[$o]); + unset($message->header->content_type_name[$o]); + unset($message->header->content_type_charset[$o]); + unset($message->header->content_type_format[$o]); + unset($message->body[$o]); + } + } + } } - } - } - } else { - // No mime-attachments in the message: - $body=""; - $uueatt=0; // as default we have no uuencoded attachments -// Handle inline attachments - for($i++;$i<$count_rawmessage; $i++) { - // do we have an inlay uuencoded file? - if ((strtolower(substr($rawmessage[$i],0,10))!="begin 644 ") || - ($attachment_uudecode==false)) { - $body.=$rawmessage[$i]."\n"; - // yes, it seems, we have! - } else { - $real=explode("begin 644 ", $rawmessage[$i]); - if(trim($real[1]) != "") { - $old_i=$i; - $uue_infoline_raw=$rawmessage[$i]; - $uue_infoline=explode(" ",$uue_infoline_raw); - $uue_data=""; - $i++; - $no_end=0; - while($rawmessage[$i]!="end") { - if (strlen(trim($rawmessage[$i])) > 2) - $uue_data.=$rawmessage[$i]."\n"; - $i++; - if($i > $count_rawmessage) { - $no_end=1; - break; - } - } - // now write the data in an attachment - if($no_end != 1) { - $uueatt++; - $message->body[$uueatt]=uudecode($uue_data); - $message->header->content_type_name[$uueatt]=""; - for ($o=2; $oheader->content_type_name[$uueatt].=$uue_infoline[$o]; - $message->header->content_type[$uueatt]= - get_mimetype_by_string($message->body[$uueatt]); - } - } else { - $body.=$rawmessage[$i]."\n"; - } - } - } -// Do not enable if supporting inline atachments -// if ($message->header->content_type[0]=="text/plain") { + } else { + // No mime-attachments in the message: + $body = ""; + $uueatt = 0; // as default we have no uuencoded attachments + // Handle inline attachments + for ($i ++; $i < $count_rawmessage; $i ++) { + // do we have an inlay uuencoded file? + if ((strtolower(substr($rawmessage[$i], 0, 10)) != "begin 644 ") || ($attachment_uudecode == false)) { + $body .= $rawmessage[$i] . "\n"; + // yes, it seems, we have! + } else { + $real = explode("begin 644 ", $rawmessage[$i]); + if (trim($real[1]) != "") { + $old_i = $i; + $uue_infoline_raw = $rawmessage[$i]; + $uue_infoline = explode(" ", $uue_infoline_raw); + $uue_data = ""; + $i ++; + $no_end = 0; + while ($rawmessage[$i] != "end") { + if (strlen(trim($rawmessage[$i])) > 2) + $uue_data .= $rawmessage[$i] . "\n"; + $i ++; + if ($i > $count_rawmessage) { + $no_end = 1; + break; + } + } + // now write the data in an attachment + if ($no_end != 1) { + $uueatt ++; + $message->body[$uueatt] = uudecode($uue_data); + $message->header->content_type_name[$uueatt] = ""; + for ($o = 2; $o < count($uue_infoline); $o ++) + $message->header->content_type_name[$uueatt] .= $uue_infoline[$o]; + $message->header->content_type[$uueatt] = get_mimetype_by_string($message->body[$uueatt]); + } + } else { + $body .= $rawmessage[$i] . "\n"; + } + } + } + // Do not enable if supporting inline atachments + // if ($message->header->content_type[0]=="text/plain") { - $body=decode_body($body,$message->header->content_transfer_encoding); - if(isset($message->header->content_type_charset)) { - $body=recode_charset($body, - $message->header->content_type_charset[0], - $www_charset); - } - if ($body=="") $body=" "; -// } - $message->body[0]=$body; - } - if (!isset($message->header->content_type_charset)) - $message->header->content_type_charset=array($www_charset); - if (!isset($message->header->content_type_name)) - $message->header->content_type_name=array("unnamed"); - if (!isset($message->header->content_type_format)) - $message->header->content_type_format=array("fixed"); - for ($o=0; $obody); $o++) { - if (!isset($message->header->content_type_charset[$o])) - $message->header->content_type_charset[$o]=$www_charset; - if (!isset($message->header->content_type_name[$o])) - $message->header->content_type_name[$o]="unnamed"; - if (!isset($message->header->content_type_format[$o])) - $message->header->content_type_format[$o]="fixed"; - } - return $message; + $body = decode_body($body, $message->header->content_transfer_encoding); + if (isset($message->header->content_type_charset)) { + $body = recode_charset($body, $message->header->content_type_charset[0], $www_charset); + } + if ($body == "") + $body = " "; + // } + $message->body[0] = $body; + } + if (! isset($message->header->content_type_charset)) + $message->header->content_type_charset = array( + $www_charset + ); + if (! isset($message->header->content_type_name)) + $message->header->content_type_name = array( + "unnamed" + ); + if (! isset($message->header->content_type_format)) + $message->header->content_type_format = array( + "fixed" + ); + for ($o = 0; $o < count($message->body); $o ++) { + if (! isset($message->header->content_type_charset[$o])) + $message->header->content_type_charset[$o] = $www_charset; + if (! isset($message->header->content_type_name[$o])) + $message->header->content_type_name[$o] = "unnamed"; + if (! isset($message->header->content_type_format[$o])) + $message->header->content_type_format[$o] = "fixed"; + } + return $message; } - /* * read an article from the newsserver or the spool-directory * * $id: the Message-ID of an article * $bodynum: the number of the attachment: - * -1: return only the header without any bodies or attachments. - * 0: the body - * 1: the first attachment... + * -1: return only the header without any bodies or attachments. + * 0: the body + * 1: the first attachment... * * The function returns an article as an messageType or false if the article * doesn't exists on the newsserver or doesn't contain the given * attachment. */ -function message_read($id,$bodynum=0,$group="") { - global $CONFIG,$config_name,$cache_articles,$spooldir,$spoolpath,$logdir,$text_error,$ns; - $logfile = $logdir.'/newsportal.log'; - if (!testGroup($group)) { - echo $text_error["read_access_denied"]; - return; - } - if(!is_numeric($id)) { - return false; - } - $message = new messageType; - if ((isset($cache_articles)) && ($cache_articles == true)) { - // Try to load a cached article - if ((preg_match('/^[0-9]+$/',$id)) && ($group != '')) - $filename=$group.'_'.$id; - else - $filename=base64_encode($id); - $cachefilename_header=$spooldir."/".$filename.'.header'; - $cachefilename_body=$spooldir."/".$filename.'.body'; - if (file_exists($cachefilename_header)) { - $cachefile=fopen($cachefilename_header,"r"); - $message->header=unserialize(fread($cachefile,filesize($cachefilename_header))); - fclose($cachefile); - } else { - unset($message->header); +function message_read($id, $bodynum = 0, $group = "") +{ + global $CONFIG, $config_name, $cache_articles, $spooldir, $spoolpath, $logdir, $text_error, $ns; + $logfile = $logdir . '/newsportal.log'; + if (! testGroup($group)) { + echo $text_error["read_access_denied"]; + return; } - // Is a non-existing attachment of an article requested? - if ((isset($message->header)) && - ($bodynum!= -1) && - (!isset($message->header->content_type[$bodynum]))) - return false; - if ((file_exists($cachefilename_body.$bodynum)) && - ($bodynum != -1)) { - $cachefile=fopen($cachefilename_body.$bodynum,"r"); - $message->body[$bodynum]= - fread($cachefile,filesize($cachefilename_body.$bodynum)); - fclose($cachefile); + if (! is_numeric($id)) { + return false; } - } - if ((!isset($message->header)) || - ((!isset($message->body[$bodynum])) && - ($bodynum != -1))) { -// Pull article from spool if exists, else from server - if(trim($group) == '') { - return false; - } - unset($rawmessage); - if($CONFIG['article_database'] == '1') { - $rawmessage = np_get_db_article($id, $group, 1); - } else { - $articlepath = $spoolpath.preg_replace('/\./', '/', $group)."/".$id; - if (file_exists($articlepath)) { - $rawmessage_fh = fopen($articlepath, "r"); - $rawmessage=array(); - $line=rtrim(fgets($rawmessage_fh), PHP_EOL); - while(!feof($rawmessage_fh)) { - if(strcmp($line,".") == 0) { - break; - } - $rawmessage[]=$line; - $line=rtrim(fgets($rawmessage_fh), PHP_EOL); - } - fclose($rawmessage_fh); - } - } - if(!isset($rawmessage) || $rawmessage === FALSE) { - file_put_contents($logfile, "\n".format_log_date()." ".$config_name." DEBUG: Requesting: ".$group.":".$id." from server", FILE_APPEND); - if (!isset($ns)) { - $ns=nntp_open(); - } - if ($group != "") { - fputs($ns,"GROUP ".$group."\r\n"); - $line=line_read($ns); - } - fputs($ns,'ARTICLE '.$id."\r\n"); - $line=line_read($ns); - if (substr($line,0,3) != "220") { - // requested article doesn't exist on the newsserver. Now we - // should check, if the thread stored in the spool-directory - // also doesnt't contain that article... - thread_cache_removearticle($group,$id); - return false; - } - $rawmessage=array(); - $line=line_read($ns); - while(strcmp($line,".") != 0) { - $rawmessage[]=$line; - $line=line_read($ns); - } - } - $message=message_parse($rawmessage); - if (preg_match('/^[0-9]+$/',$id)) $message->header->number=$id; - // write header, body and attachments to the cache + $message = new messageType(); if ((isset($cache_articles)) && ($cache_articles == true)) { - $cachefile=fopen($cachefilename_header,"w"); - if ($cachefile) { - fputs($cachefile,serialize($message->header)); - } - fclose($cachefile); - for ($i=0; $iheader->content_type); $i++) { - if (isset($message->body[$i])) { - $cachefile=fopen($cachefilename_body.$i,"w"); - fwrite($cachefile,$message->body[$i]); - fclose($cachefile); + // Try to load a cached article + if ((preg_match('/^[0-9]+$/', $id)) && ($group != '')) + $filename = $group . '_' . $id; + else + $filename = base64_encode($id); + $cachefilename_header = $spooldir . "/" . $filename . '.header'; + $cachefilename_body = $spooldir . "/" . $filename . '.body'; + if (file_exists($cachefilename_header)) { + $cachefile = fopen($cachefilename_header, "r"); + $message->header = unserialize(fread($cachefile, filesize($cachefilename_header))); + fclose($cachefile); + } else { + unset($message->header); + } + // Is a non-existing attachment of an article requested? + if ((isset($message->header)) && ($bodynum != - 1) && (! isset($message->header->content_type[$bodynum]))) + return false; + if ((file_exists($cachefilename_body . $bodynum)) && ($bodynum != - 1)) { + $cachefile = fopen($cachefilename_body . $bodynum, "r"); + $message->body[$bodynum] = fread($cachefile, filesize($cachefilename_body . $bodynum)); + fclose($cachefile); } - } } - } - return $message; + if ((! isset($message->header)) || ((! isset($message->body[$bodynum])) && ($bodynum != - 1))) { + // Pull article from spool if exists, else from server + if (trim($group) == '') { + return false; + } + unset($rawmessage); + if ($CONFIG['article_database'] == '1') { + $rawmessage = np_get_db_article($id, $group, 1); + } else { + $articlepath = $spoolpath . preg_replace('/\./', '/', $group) . "/" . $id; + if (file_exists($articlepath)) { + $rawmessage_fh = fopen($articlepath, "r"); + $rawmessage = array(); + $line = rtrim(fgets($rawmessage_fh), PHP_EOL); + while (! feof($rawmessage_fh)) { + if (strcmp($line, ".") == 0) { + break; + } + $rawmessage[] = $line; + $line = rtrim(fgets($rawmessage_fh), PHP_EOL); + } + fclose($rawmessage_fh); + } + } + if (! isset($rawmessage) || $rawmessage === FALSE) { + file_put_contents($logfile, "\n" . format_log_date() . " " . $config_name . " DEBUG: Requesting: " . $group . ":" . $id . " from server", FILE_APPEND); + if (! isset($ns)) { + $ns = nntp_open(); + } + if ($group != "") { + fputs($ns, "GROUP " . $group . "\r\n"); + $line = line_read($ns); + } + fputs($ns, 'ARTICLE ' . $id . "\r\n"); + $line = line_read($ns); + if (substr($line, 0, 3) != "220") { + // requested article doesn't exist on the newsserver. Now we + // should check, if the thread stored in the spool-directory + // also doesnt't contain that article... + thread_cache_removearticle($group, $id); + return false; + } + $rawmessage = array(); + $line = line_read($ns); + while (strcmp($line, ".") != 0) { + $rawmessage[] = $line; + $line = line_read($ns); + } + } + $message = message_parse($rawmessage); + if (preg_match('/^[0-9]+$/', $id)) + $message->header->number = $id; + // write header, body and attachments to the cache + if ((isset($cache_articles)) && ($cache_articles == true)) { + $cachefile = fopen($cachefilename_header, "w"); + if ($cachefile) { + fputs($cachefile, serialize($message->header)); + } + fclose($cachefile); + for ($i = 0; $i < count($message->header->content_type); $i ++) { + if (isset($message->body[$i])) { + $cachefile = fopen($cachefilename_body . $i, "w"); + fwrite($cachefile, $message->body[$i]); + fclose($cachefile); + } + } + } + } + return $message; } -function textwrap($text, $wrap=80, $break="\n",$maxlen=false){ - $len = strlen($text); - if ($len > $wrap) { - $h = ''; // massaged text - $lastWhite = 0; // position of last whitespace char - $lastChar = 0; // position of last char - $lastBreak = 0; // position of last break - // while there is text to process - while ($lastChar < $len && (($maxlen==false) || (strlen($h)<$maxlen))) { - $char = substr($text, $lastChar, 1); // get the next character - // if we are beyond the wrap boundry and there is a place to break - if (($lastChar - $lastBreak > $wrap) && ($lastWhite > $lastBreak)) { - $h .= substr($text, $lastBreak, ($lastWhite - $lastBreak)) . $break; - $lastChar = $lastWhite + 1; - $lastBreak = $lastChar; - } - // You may wish to include other characters as valid whitespace... - if ($char == ' ' || $char == chr(13) || $char == chr(10)) { - $lastWhite = $lastChar; // note the position of the last whitespace - } - $lastChar = $lastChar + 1; // advance the last character position by one +function textwrap($text, $wrap = 80, $break = "\n", $maxlen = false) +{ + $len = strlen($text); + if ($len > $wrap) { + $h = ''; // massaged text + $lastWhite = 0; // position of last whitespace char + $lastChar = 0; // position of last char + $lastBreak = 0; // position of last break + // while there is text to process + while ($lastChar < $len && (($maxlen == false) || (strlen($h) < $maxlen))) { + $char = substr($text, $lastChar, 1); // get the next character + // if we are beyond the wrap boundry and there is a place to break + if (($lastChar - $lastBreak > $wrap) && ($lastWhite > $lastBreak)) { + $h .= substr($text, $lastBreak, ($lastWhite - $lastBreak)) . $break; + $lastChar = $lastWhite + 1; + $lastBreak = $lastChar; + } + // You may wish to include other characters as valid whitespace... + if ($char == ' ' || $char == chr(13) || $char == chr(10)) { + $lastWhite = $lastChar; // note the position of the last whitespace + } + $lastChar = $lastChar + 1; // advance the last character position by one + } + $h .= substr($text, $lastBreak); // build line + } else { + $h = $text; // in this case everything can fit on one line } - $h .= substr($text, $lastBreak); // build line - } else { - $h = $text; // in this case everything can fit on one line - } - return $h; + return $h; } + /* * Displays a (Sub)-Thread. Is used in article.php * - * $id: Message-ID (not number!) of an article in the thread + * $id: Message-ID (not number!) of an article in the thread * $group: name of the newsgroup */ -function message_thread($id,$group,$thread,$highlightids=false) { - $current=$id; - // set the highlightid, if not set - if(!$highlightids) - $highlightids=array($current); - flush(); - // find the first article in the subthread of $id - while(isset($thread[$id]->references)) { - foreach($thread[$id]->references as $reference) { - if((trim($reference)!='') && (isset($thread[$reference]))) { - $id=$reference; - continue 2; - } +function message_thread($id, $group, $thread, $highlightids = false) +{ + $current = $id; + // set the highlightid, if not set + if (! $highlightids) + $highlightids = array( + $current + ); + flush(); + // find the first article in the subthread of $id + while (isset($thread[$id]->references)) { + foreach ($thread[$id]->references as $reference) { + if ((trim($reference) != '') && (isset($thread[$reference]))) { + $id = $reference; + continue 2; + } + } + break; } - break; - } - $liste=array(); - $liste[]=$id; - $tmp=0; - thread_show_head(0); - echo thread_show_recursive($thread,$liste,1,"",$group,0,100,$tmp,$highlightids,0); - thread_show_tail(); + $liste = array(); + $liste[] = $id; + $tmp = 0; + thread_show_head(0); + echo thread_show_recursive($thread, $liste, 1, "", $group, 0, 100, $tmp, $highlightids, 0); + thread_show_tail(); } /* @@ -354,260 +354,272 @@ function message_thread($id,$group,$thread,$highlightids=false) { * * $head: the header of the message as an headerType * $group: the name of the newsgroup, is needed for the links to post.php3 - * and the header. + * and the header. */ -function show_header($head,$group,$local_poster=false) { - global $article_show,$text_header,$file_article,$attachment_show; - global $file_attachment,$anonym_address,$CONFIG; - if(isset($_COOKIE['tzo'])) { - $offset=$_COOKIE['tzo']; - } else { - $offset=intval($CONFIG['timezone']); - } - echo '
'; - if ($article_show["Subject"]) echo $text_header["subject"].htmlspecialchars($head->subject)."
"; - if ($article_show["From"]) { - echo $text_header["from"]; - if($head->from==$anonym_address) { - // this is the anonymous address, so only show the name - echo htmlspecialchars($head->name); +function show_header($head, $group, $local_poster = false) +{ + global $article_show, $text_header, $file_article, $attachment_show; + global $file_attachment, $anonym_address, $CONFIG; + if (isset($_COOKIE['tzo'])) { + $offset = $_COOKIE['tzo']; } else { - if($article_show["From_link"]) - echo ''; - if(isset($article_show["From_rewrite"])) - echo preg_replace('/{$article_show["From_rewrite"][0]}/', - $article_show["From_rewrite"][1], - htmlspecialchars($head->from)); - $before_at = explode('@', $head->from); - $namelen = strlen($before_at[0]); - if ($namelen > 3) { - $endname = $namelen - 3; - if($endname > 8) - $endname = 8; - if($endname < 3) - $endname++; - if($endname < 3) - $endname++; - } else { - $endname = $namelen; - } - if($article_show["From_link"]) - echo ''; - echo ''; - if ($local_poster) { - echo ''; - } - if ($head->name != "") { - echo create_name_link($head->name, $head->from); - } else { - if(isset($CONFIG['hide_email']) && $CONFIG['hide_email'] == true) { - echo truncate_email($head->from); - } else { - echo htmlspecialchars($head->from); - } - } - if ($local_poster) { - echo ''; - } - echo ''; + $offset = intval($CONFIG['timezone']); } - echo "
"; - } - if ($article_show["Newsgroups"]) - echo $text_header["newsgroups"].htmlspecialchars(str_replace(',',', ',$head->newsgroups))."
\n"; - if (isset($head->followup) && ($article_show["Followup"]) && ($head->followup != "")) - echo $text_header["followup"].htmlspecialchars($head->followup)."
\n"; - if ((isset($head->organization)) && ($article_show["Organization"]) && - ($head->organization != "")) - echo $text_header["organization"]. - html_parse(htmlspecialchars($head->organization))."
\n"; + echo '
'; + if ($article_show["Subject"]) + echo $text_header["subject"] . htmlspecialchars($head->subject) . "
"; + if ($article_show["From"]) { + echo $text_header["from"]; + if ($head->from == $anonym_address) { + // this is the anonymous address, so only show the name + echo htmlspecialchars($head->name); + } else { + if ($article_show["From_link"]) + echo ''; + if (isset($article_show["From_rewrite"])) + echo preg_replace('/{$article_show["From_rewrite"][0]}/', $article_show["From_rewrite"][1], htmlspecialchars($head->from)); + $before_at = explode('@', $head->from); + $namelen = strlen($before_at[0]); + if ($namelen > 3) { + $endname = $namelen - 3; + if ($endname > 8) + $endname = 8; + if ($endname < 3) + $endname ++; + if ($endname < 3) + $endname ++; + } else { + $endname = $namelen; + } + if ($article_show["From_link"]) + echo ''; + echo ''; + if ($local_poster) { + echo ''; + } + if ($head->name != "") { + echo create_name_link($head->name, $head->from); + } else { + if (isset($CONFIG['hide_email']) && $CONFIG['hide_email'] == true) { + echo truncate_email($head->from); + } else { + echo htmlspecialchars($head->from); + } + } + if ($local_poster) { + echo ''; + } + echo ''; + } + echo "
"; + } + if ($article_show["Newsgroups"]) + echo $text_header["newsgroups"] . htmlspecialchars(str_replace(',', ', ', $head->newsgroups)) . "
\n"; + if (isset($head->followup) && ($article_show["Followup"]) && ($head->followup != "")) + echo $text_header["followup"] . htmlspecialchars($head->followup) . "
\n"; + if ((isset($head->organization)) && ($article_show["Organization"]) && ($head->organization != "")) + echo $text_header["organization"] . html_parse(htmlspecialchars($head->organization)) . "
\n"; if ($article_show["Date"]) { - $ts = new DateTime(date($text_header["date_format"], $head->date), new DateTimeZone('UTC')); - $ts->add(DateInterval::createFromDateString($offset.' minutes')); - if($offset != 0) { - echo $text_header["date"].$ts->format('D, j M Y H:i')."
\n"; - } else { - echo $text_header["date"].$ts->format($text_header["date_format"])."
\n"; - } - unset($ts); + $ts = new DateTime(date($text_header["date_format"], $head->date), new DateTimeZone('UTC')); + $ts->add(DateInterval::createFromDateString($offset . ' minutes')); + if ($offset != 0) { + echo $text_header["date"] . $ts->format('D, j M Y H:i') . "
\n"; + } else { + echo $text_header["date"] . $ts->format($text_header["date_format"]) . "
\n"; + } + unset($ts); } -// echo $text_header["date"].date($text_header["date_format"],$head->date)."
\n"; - if ($article_show["Message-ID"]) { - echo ' '.$text_header["message-id"].htmlspecialchars($head->id)."
\n"; - } - if (($article_show["References"]) && (isset($head->references[0]))) { - echo $text_header["references"]; - for ($i=0; $i<=count($head->references)-1; $i++) { - $ref=$head->references[$i]; - echo ' '.''.($i+1).''; + // echo $text_header["date"].date($text_header["date_format"],$head->date)."
\n"; + if ($article_show["Message-ID"]) { + echo ' ' . $text_header["message-id"] . htmlspecialchars($head->id) . "
\n"; } - echo "
"; - } - if (isset($head->user_agent)) { - if ((isset($article_show["User-Agent"])) && - ($article_show["User-Agent"])) { - echo $text_header["user-agent"].htmlspecialchars($head->user_agent)."
\n"; - } else { - echo "\n"; + if (($article_show["References"]) && (isset($head->references[0]))) { + echo $text_header["references"]; + for ($i = 0; $i <= count($head->references) - 1; $i ++) { + $ref = $head->references[$i]; + echo ' ' . '' . ($i + 1) . ''; + } + echo "
"; } - } - if ((isset($attachment_show)) && ($attachment_show==true) && - (isset($head->content_type[1]))) { - echo $text_header["attachments"]; - for ($i=1; $icontent_type); $i++) { - if(!strcmp($head->content_type[$i],"text/html")) { - $contype = "HTML Version"; - } else { - $contype = $head->content_type_name[$i]; - } - echo ''. - $contype.' ('. - $head->content_type[$i].')'; - if ($icontent_type)-1) echo ', '; + if (isset($head->user_agent)) { + if ((isset($article_show["User-Agent"])) && ($article_show["User-Agent"])) { + echo $text_header["user-agent"] . htmlspecialchars($head->user_agent) . "
\n"; + } else { + echo "\n"; + } + } + if ((isset($attachment_show)) && ($attachment_show == true) && (isset($head->content_type[1]))) { + echo $text_header["attachments"]; + for ($i = 1; $i < count($head->content_type); $i ++) { + if (! strcmp($head->content_type[$i], "text/html")) { + $contype = "HTML Version"; + } else { + $contype = $head->content_type_name[$i]; + } + echo '' . $contype . ' (' . $head->content_type[$i] . ')'; + if ($i < count($head->content_type) - 1) + echo ', '; + } + } + if ($article_show["trigger_headers"]) { + echo '
'; + echo ''; + echo '
' . display_full_headers($head->number, $group, $head->name, $head->from) . '
'; + echo ' View all headers' . "
\n"; + echo '
'; } - } - if ($article_show["trigger_headers"]) { - echo '
'; - echo ''; - echo '
'.display_full_headers($head->number,$group,$head->name,$head->from).'
'; - echo ' View all headers'."
\n"; echo '
'; - } - echo '
'; } -function display_full_headers($article,$group,$name,$from,$getface=false) { - global $spoolpath, $CONFIG; - if($CONFIG['article_database'] == '1') { - $message = np_get_db_article($article, $group, 1); - } else { - $thisgroup = $spoolpath."/".preg_replace('/\./', '/', $group); - if(!file_exists($group."/".$article)) { - // Return something useful - } - $message=file($thisgroup."/".$article, FILE_IGNORE_NEW_LINES); - } - if(isset($sendface)) { - unlink($sendface); - } - $isface = 0; - $return = ''; - foreach($message as $line) { - if(trim($line) == '') { - break; - } - if((strpos($line, ': ') === false) && $isface) { - $sendface.=$line; - continue; - } - if((stripos($line, 'X-Face: ') === 0) && $getface) { - $face = explode(': ', $line); - $sendface=$face[1]; - $isface = 1; - continue; - } - if(stripos($line, ': ') !== false) { - $isface = 0; - } - if(stripos($line, 'Xref: ') === 0) { - continue; - } - if(stripos($line, 'From: ') === 0) { - $return.='From: '; - if(isset($CONFIG['hide_email']) && $CONFIG['hide_email'] == true) { - $return.=truncate_email($from); - } else { - $return.=htmlspecialchars($from); - } - if ($name != "") { - $return.=' ('.htmlspecialchars($name).')'; - } - $return.='
'; - continue; - } - $return.=mb_decode_mimeheader(htmlspecialchars($line)).'
'; - } - if($getface) { - if(isset($sendface)) { - return($sendface); +function display_full_headers($article, $group, $name, $from, $getface = false) +{ + global $spoolpath, $CONFIG; + if ($CONFIG['article_database'] == '1') { + $message = np_get_db_article($article, $group, 1); } else { - return FALSE; + $thisgroup = $spoolpath . "/" . preg_replace('/\./', '/', $group); + if (! file_exists($group . "/" . $article)) { + // Return something useful + } + $message = file($thisgroup . "/" . $article, FILE_IGNORE_NEW_LINES); } - } - return($return); + if (isset($sendface)) { + unlink($sendface); + } + $isface = 0; + $return = ''; + foreach ($message as $line) { + if (trim($line) == '') { + break; + } + if ((strpos($line, ': ') === false) && $isface) { + $sendface .= $line; + continue; + } + if ((stripos($line, 'X-Face: ') === 0) && $getface) { + $face = explode(': ', $line); + $sendface = $face[1]; + $isface = 1; + continue; + } + if (stripos($line, ': ') !== false) { + $isface = 0; + } + if (stripos($line, 'Xref: ') === 0) { + continue; + } + if (stripos($line, 'From: ') === 0) { + $return .= 'From: '; + if (isset($CONFIG['hide_email']) && $CONFIG['hide_email'] == true) { + $return .= truncate_email($from); + } else { + $return .= htmlspecialchars($from); + } + if ($name != "") { + $return .= ' (' . htmlspecialchars($name) . ')'; + } + $return .= '
'; + continue; + } + $return .= mb_decode_mimeheader(htmlspecialchars($line)) . '
'; + } + if ($getface) { + if (isset($sendface)) { + return ($sendface); + } else { + return FALSE; + } + } + return ($return); } + /* * decodes a body. Splits the content of $body into an array of several * lines, respecting the special decoding issues of format=flowed * articles. Each returned line consists of two fields: text and * the quote depth (depth) */ -function decode_textbody($body,$format="fixed") { - $tmp = new \stdClass(); - $body=explode("\n",$body); - $nbody=array(); - $depth=0; - $paragraph=""; // empty paragraph - $lastline=""; - for($i=0; $i') { - $ndepth++; - } else { - if((@$body[$i][$j]!=' ') || (@$body[$i][$j-1]==' ') || ($j==0)) { - break; +function decode_textbody($body, $format = "fixed") +{ + $tmp = new \stdClass(); + $body = explode("\n", $body); + $nbody = array(); + $depth = 0; + $paragraph = ""; // empty paragraph + $lastline = ""; + for ($i = 0; $i < count($body) + 1; $i ++) { + // calculate the quote depth of the actual line + $ndepth = 0; + $tdepth = 0; + for ($j = 0; $j <= strlen(@$body[$i]); $j ++) { + $tdepth = $j; + if (@$body[$i][$j] == '>') { + $ndepth ++; + } else { + if ((@$body[$i][$j] != ' ') || (@$body[$i][$j - 1] == ' ') || ($j == 0)) { + break; + } + } } - } + // generate a new paragraph? + if (($i > 0) && (($ndepth != $depth) || $format != "flowed" || (@$paragraph[strlen($paragraph) - 1] != ' ')) || ($i == count($body))) { + $tmp->text = $paragraph; + $tmp->depth = $depth; + $paragraph = ""; + if (phpversion() >= 5) + $nbody[] = clone ($tmp); + else + $nbody[] = $tmp; + } + if (@$body[$i] == "-- " && $format == "flowed") + $body[$i] = "--"; + $paragraph .= substr(@$body[$i], $tdepth); + $depth = $ndepth; } - // generate a new paragraph? - if(($i>0) && (($ndepth!=$depth) || $format!="flowed" || - (@$paragraph[strlen($paragraph)-1]!=' ')) || ($i==count($body))) { - $tmp->text=$paragraph; - $tmp->depth=$depth; - $paragraph=""; - if(phpversion()>=5) - $nbody[]=clone($tmp); - else - $nbody[]=$tmp; - } - if(@$body[$i]=="-- " && $format=="flowed") $body[$i]="--"; - $paragraph.=substr(@$body[$i],$tdepth); - $depth=$ndepth; - } - return $nbody; + return $nbody; } /* * replaces multiple spaces in texts by  es and convert special-chars * to their entities */ -function text2html($text) { -// These features have been replaced by css +function text2html($text) +{ + // These features have been replaced by css return $text; } -function nl2p($string, $line_breaks = true, $xml = true) { - - $string = str_replace(array('

', '

', '
', '
'), '', $string); - +function nl2p($string, $line_breaks = true, $xml = true) +{ + $string = str_replace(array( + '

', + '

', + '
', + '
' + ), '', $string); + // It is conceivable that people might still want single line-breaks // without breaking into a new paragraph. if ($line_breaks == true) - return '

'.preg_replace(array("/([\n]{2,})/i", "/([^>])\n([^<])/i"), array("

\n

", '$1$2'), trim($string)).'

'; - else - return '

'.preg_replace( - array("/([\n]{2,})/i", "/([\r\n]{3,})/i","/([^>])\n([^<])/i"), - array("

\n

", "

\n

", '$1$2'), - - trim($string)).'

'; + return '

' . preg_replace(array( + "/([\n]{2,})/i", + "/([^>])\n([^<])/i" + ), array( + "

\n

", + '$1$2' + ), trim($string)) . '

'; + else + return '

' . preg_replace(array( + "/([\n]{2,})/i", + "/([\r\n]{3,})/i", + "/([^>])\n([^<])/i" + ), array( + "

\n

", + "

\n

", + '$1$2' + ), + trim($string)) . '

'; } /* @@ -616,250 +628,222 @@ function nl2p($string, $line_breaks = true, $xml = true) { * $group: The name of the newsgroup * $id: the ID of the article inside the group or the message-id * $attachment: The number of the attachment of the article. - * 0 means the normal textbody. + * 0 means the normal textbody. */ -function message_show($group,$id,$attachment=0,$article_data=false,$maxlen=false) { - global $file_article,$file_article_full; - global $text_header,$text_article,$article_showthread,$file_attachment,$attachment_show; - global $block_xnoarchive,$article_graphicquotes; - global $CONFIG; - if ($article_data == false) - $article_data=message_read($id,$attachment,$group); - $head=$article_data->header; - $local_poster=false; - if(!isset($head->rslight_site)) { - $head->rslight_site = ''; - } - if(password_verify($CONFIG['thissitekey'].$head->id, $head->rslight_site)) { - $local_poster=true; - } - $body=$article_data->body[$attachment]; - if ($head) { - if (($block_xnoarchive) && (isset($head->xnoarchive)) && - ($head->xnoarchive=="yes")) { - echo $text_article["block-xnoarchive"]; - } else - if (($head->content_type[$attachment]=="text/plain") && - ($attachment==0)) { - show_header($head,$group,$local_poster); -// X-Face - if ($face = display_full_headers($head->number,$group,$head->name,$head->from,true)) { - $pngfile = '../tmp/face-'.hash('ripemd160', $face); - if(file_exists($pngfile)) { - echo ''; - } else { - $facefile = tempnam('../tmp', 'face-'); - file_put_contents($facefile, $face); - $xbmfile = $facefile.'.xbm'; - $uncompface = 'uncompface -X '.$facefile.' '.$xbmfile; - shell_exec($uncompface); - if (($xbm = imagecreatefromxbm($xbmfile)) !== false) { - imagepng($xbm, $pngfile); - imagedestroy($xbm); - echo ''; - } - unlink($facefile); - unlink($xbmfile); +function message_show($group, $id, $attachment = 0, $article_data = false, $maxlen = false) +{ + global $file_article, $file_article_full; + global $text_header, $text_article, $article_showthread, $file_attachment, $attachment_show; + global $block_xnoarchive, $article_graphicquotes; + global $CONFIG; + if ($article_data == false) + $article_data = message_read($id, $attachment, $group); + $head = $article_data->header; + $local_poster = false; + if (! isset($head->rslight_site)) { + $head->rslight_site = ''; } - } + if (password_verify($CONFIG['thissitekey'] . $head->id, $head->rslight_site)) { + $local_poster = true; + } + $body = $article_data->body[$attachment]; + if ($head) { + if (($block_xnoarchive) && (isset($head->xnoarchive)) && ($head->xnoarchive == "yes")) { + echo $text_article["block-xnoarchive"]; + } else if (($head->content_type[$attachment] == "text/plain") && ($attachment == 0)) { + show_header($head, $group, $local_poster); + // X-Face + if ($face = display_full_headers($head->number, $group, $head->name, $head->from, true)) { + $pngfile = '../tmp/face-' . hash('ripemd160', $face); + if (file_exists($pngfile)) { + echo ''; + } else { + $facefile = tempnam('../tmp', 'face-'); + file_put_contents($facefile, $face); + $xbmfile = $facefile . '.xbm'; + $uncompface = 'uncompface -X ' . $facefile . ' ' . $xbmfile; + shell_exec($uncompface); + if (($xbm = imagecreatefromxbm($xbmfile)) !== false) { + imagepng($xbm, $pngfile); + imagedestroy($xbm); + echo ''; + } + unlink($facefile); + unlink($xbmfile); + } + } -//RSLIGHT Encryption - $encrypted=false; - if((isset($article_data->header->rslight_to)) && (password_verify($CONFIG['thissitekey'].$head->id, $head->rslight_site))) { - echo 'This is an encrypted message for '.$article_data->header->rslight_to.' '; - echo ''; - echo '

Enter Password:  '; - echo ''; - echo '

'; - echo ''; - $encrypted=true; - } - if($encrypted === false) { - $body = nl2p(htmlspecialchars($body)); - $body=decode_textbody($body, - $article_data->header->content_type_format[$attachment]); - } -/* FIXME - if((isset($article_data->header->rslight_to)) && !(password_verify($CONFIG['thissitekey'].$head->id, $head->rslight_site))) { - echo "rslight encrypted message."; - $body=""; - } -*/ - $depth=0; - if (isset($CONFIG['synchronet']) && ($CONFIG['synchronet'] == true)) { - echo '
'; - } else { - echo '
'; - } - $currentlen=0; // needed if $maxlen is set - for ($i=0; $i<=count($body) && - (($currentlen<$maxlen) || ($maxlen==false)); $i++) { - // HTMLized Quotings instead of boring > ? - if($article_graphicquotes) { - // HTMLized Quotings - for($j=$depth; $j<@$body[$i]->depth; $j++) - echo '
'; - for($j=@$body[$i]->depth; $j<$depth; $j++) - echo '
'; - $t = @$body[$i]->text; - echo display_links_in_body($t); - $currentlen+=strlen($t); - echo "\n"; - $depth=@$body[$i]->depth; + // RSLIGHT Encryption + $encrypted = false; + if ((isset($article_data->header->rslight_to)) && (password_verify($CONFIG['thissitekey'] . $head->id, $head->rslight_site))) { + echo 'This is an encrypted message for ' . $article_data->header->rslight_to . ' '; + echo '
'; + echo '

Enter Password:  '; + echo ''; + echo '

'; + echo '
'; + $encrypted = true; + } + if ($encrypted === false) { + $body = nl2p(htmlspecialchars($body)); + $body = decode_textbody($body, $article_data->header->content_type_format[$attachment]); + } + /* + * FIXME + * if((isset($article_data->header->rslight_to)) && !(password_verify($CONFIG['thissitekey'].$head->id, $head->rslight_site))) { + * echo "rslight encrypted message."; + * $body=""; + * } + */ + $depth = 0; + if (isset($CONFIG['synchronet']) && ($CONFIG['synchronet'] == true)) { + echo '
'; + } else { + echo '
'; + } + $currentlen = 0; // needed if $maxlen is set + for ($i = 0; $i <= count($body) && (($currentlen < $maxlen) || ($maxlen == false)); $i ++) { + // HTMLized Quotings instead of boring > ? + if ($article_graphicquotes) { + // HTMLized Quotings + for ($j = $depth; $j < @$body[$i]->depth; $j ++) + echo '
'; + for ($j = @$body[$i]->depth; $j < $depth; $j ++) + echo '
'; + $t = @$body[$i]->text; + echo display_links_in_body($t); + $currentlen += strlen($t); + echo "\n"; + $depth = @$body[$i]->depth; + } else { + // Boring old Quotings with > + if ($body[$i]->depth == 0) { + if (trim($body[$i]->text) == '') + $t = "
\n"; + else + $t = @$body[$i]->text; + } else { + $t = '' . str_repeat('>', $body[$i]->depth) . ' ' . html_parse(text2html(textwrap($body[$i]->text, 72 - $body[$i]->depth, "\n" . str_repeat('>', $body[$i]->depth) . ' '))) . "
\n"; + } + echo $t; + $currentlen += strlen($t); + } + } + if ($maxlen != false && $currentlen >= $maxlen) { + echo '
' . $text_article["full_article"] . ''; + } + // If attachment is image embed into article + if ((isset($attachment_show)) && ($attachment_show == true) && (isset($head->content_type[1]))) { + echo $text_header["attachments"]; + for ($i = 1; $i < count($head->content_type); $i ++) { + if (! strcmp($head->content_type[$i], "text/html")) { + $contype = "HTML Version"; + } else { + $contype = $head->content_type_name[$i]; + } + $type = explode('/', $head->content_type[$i]); + if (trim($type[0]) == "image") { + echo '' . '' . $contype . ' '; + } else { + echo '' . $contype . ' (' . $head->content_type[$i] . ')'; + } + if ($i < count($head->content_type) - 1) + echo ', '; + } + } + echo '
'; } else { - // Boring old Quotings with > - if($body[$i]->depth==0) { - if(trim($body[$i]->text)=='') - $t="
\n"; - else - $t = @$body[$i]->text; - } else { - $t=''.str_repeat('>',$body[$i]->depth).' '. - html_parse(text2html( - textwrap($body[$i]->text,72-$body[$i]->depth, - "\n".str_repeat('>',$body[$i]->depth).' '))). - "
\n"; - } - echo $t; - $currentlen+=strlen($t); + echo $body; } - } - if($maxlen!=false && $currentlen>=$maxlen) { - echo '
'.$text_article["full_article"].''; - } -// If attachment is image embed into article -if ((isset($attachment_show)) && ($attachment_show==true) && - (isset($head->content_type[1]))) { - echo $text_header["attachments"]; - for ($i=1; $icontent_type); $i++) { - if(!strcmp($head->content_type[$i],"text/html")) { - $contype = "HTML Version"; - } else { - $contype = $head->content_type_name[$i]; - } - $type=explode('/', $head->content_type[$i]); - if(trim($type[0]) == "image") { - echo ''. - ''.$contype.' '; - } else { - echo ''. - $contype.' ('. - $head->content_type[$i].')'; - } - if ($icontent_type)-1) echo ', '; } - } - echo '
'; - } else { - echo $body; - } - } - echo '
'; + echo '
'; } -function message_decrypt($key,$group,$id,$attachment=0,$article_data=false,$maxlen=false) { - global $file_article,$file_article_full; - global $text_header,$text_article,$article_showthread; - global $block_xnoarchive,$article_graphicquotes; - if ($article_data == false) - $article_data=message_read($id,$attachment,$group); - $head=$article_data->header; - $body=$article_data->body[$attachment]; - if ($head) { - if (($block_xnoarchive) && (isset($head->xnoarchive)) && - ($head->xnoarchive=="yes")) { - echo $text_article["block-xnoarchive"]; - } else - if (($head->content_type[$attachment]=="text/plain") && - ($attachment==0)) { - show_header($head,$group); -//RSLIGHT Decrypt here - $body=str_replace("-- RSLIGHT DAT START\n","",$body); - $body=str_replace("\n-- RSLIGHT DAT END","",$body); - $body=rslight_decrypt($body,$key); - $body=decode_textbody($body, - $article_data->header->content_type_format[$attachment]); - $depth=0; - echo '
'; - echo "(Copy text below to quote in reply)

"; - $currentlen=0; // needed if $maxlen is set - for ($i=0; $i<=count($body) && - (($currentlen<$maxlen) || ($maxlen==false)); $i++) { - // HTMLized Quotings instead of boring > ? - if($article_graphicquotes) { - // HTMLized Quotings - for($j=$depth; $j<$body[$i]->depth; $j++) - echo '
'; - for($j=$body[$i]->depth; $j<$depth; $j++) - echo '
'; - $t=html_parse(text2html($body[$i]->text)).'
'; - echo $t; - $currentlen+=strlen($t); - echo "\n"; - $depth=$body[$i]->depth; +function message_decrypt($key, $group, $id, $attachment = 0, $article_data = false, $maxlen = false) +{ + global $file_article, $file_article_full; + global $text_header, $text_article, $article_showthread; + global $block_xnoarchive, $article_graphicquotes; + if ($article_data == false) + $article_data = message_read($id, $attachment, $group); + $head = $article_data->header; + $body = $article_data->body[$attachment]; + if ($head) { + if (($block_xnoarchive) && (isset($head->xnoarchive)) && ($head->xnoarchive == "yes")) { + echo $text_article["block-xnoarchive"]; + } else if (($head->content_type[$attachment] == "text/plain") && ($attachment == 0)) { + show_header($head, $group); + // RSLIGHT Decrypt here + $body = str_replace("-- RSLIGHT DAT START\n", "", $body); + $body = str_replace("\n-- RSLIGHT DAT END", "", $body); + $body = rslight_decrypt($body, $key); + $body = decode_textbody($body, $article_data->header->content_type_format[$attachment]); + $depth = 0; + echo '
'; + echo "(Copy text below to quote in reply)

"; + $currentlen = 0; // needed if $maxlen is set + for ($i = 0; $i <= count($body) && (($currentlen < $maxlen) || ($maxlen == false)); $i ++) { + // HTMLized Quotings instead of boring > ? + if ($article_graphicquotes) { + // HTMLized Quotings + for ($j = $depth; $j < $body[$i]->depth; $j ++) + echo '
'; + for ($j = $body[$i]->depth; $j < $depth; $j ++) + echo '
'; + $t = html_parse(text2html($body[$i]->text)) . '
'; + echo $t; + $currentlen += strlen($t); + echo "\n"; + $depth = $body[$i]->depth; + } else { + // Boring old Quotings with > + if ($body[$i]->depth == 0) { + if (trim($body[$i]->text) == '') + $t = "
\n"; + else + $t = html_parse(text2html($body[$i]->text)) . "
\n"; + } else { + $t = '' . str_repeat('>', $body[$i]->depth) . ' ' . html_parse(text2html(textwrap($body[$i]->text, 72 - $body[$i]->depth, "\n" . str_repeat('>', $body[$i]->depth) . ' '))) . "
\n"; + } + echo $t; + $currentlen += strlen($t); + } + } + echo '
'; + if ($maxlen != false && $currentlen >= $maxlen) { + echo '
' . $text_article["full_article"] . ''; + } } else { - // Boring old Quotings with > - if($body[$i]->depth==0) { - if(trim($body[$i]->text)=='') - $t="
\n"; - else - $t=html_parse(text2html($body[$i]->text))."
\n"; - } else { - $t=''.str_repeat('>',$body[$i]->depth).' '. - html_parse(text2html( - textwrap($body[$i]->text,72-$body[$i]->depth, - "\n".str_repeat('>',$body[$i]->depth).' '))). - "
\n"; - } - echo $t; - $currentlen+=strlen($t); + echo $body; } - } - echo '
'; - if($maxlen!=false && $currentlen>=$maxlen) { - echo '
'.$text_article["full_article"].''; - } - } else { - echo $body; } - } } + /* * Shows the little menu on article-flat.php where you can select the * different pages with the articles on it */ -function articleflat_pageselect($group,$id,$article_count,$first) { - global $articleflat_articles_per_page,$file_article,$file_framethread,$name; - global $text_thread,$thread_show; - $pages=ceil($article_count / $articleflat_articles_per_page); - $return=""; - if ($article_count > $articleflat_articles_per_page) - $return.= $text_thread["pages"]; - for ($i = 0; $i < $pages; $i++) { - if ($first != $i*$articleflat_articles_per_page+1) - $return.= ''; - else - $return.= ''; - $return.= $i+1; - if ($i == $pages-1) { - // $return.= $article_count; - } - if ($first != $i*$articleflat_articles_per_page+1) - $return.= ''; - else - $return.= ''; +function articleflat_pageselect($group, $id, $article_count, $first) +{ + global $articleflat_articles_per_page, $file_article, $file_framethread, $name; + global $text_thread, $thread_show; + $pages = ceil($article_count / $articleflat_articles_per_page); + $return = ""; + if ($article_count > $articleflat_articles_per_page) + $return .= $text_thread["pages"]; + for ($i = 0; $i < $pages; $i ++) { + if ($first != $i * $articleflat_articles_per_page + 1) + $return .= ''; + else + $return .= ''; + $return .= $i + 1; + if ($i == $pages - 1) { + // $return.= $article_count; + } + if ($first != $i * $articleflat_articles_per_page + 1) + $return .= ''; + else + $return .= ''; } - return $return; + return $return; } diff --git a/Rocksolid_Light/rocksolid/newsportal.php b/Rocksolid_Light/rocksolid/newsportal.php index c0466fe..d69edb3 100644 --- a/Rocksolid_Light/rocksolid/newsportal.php +++ b/Rocksolid_Light/rocksolid/newsportal.php @@ -1715,6 +1715,23 @@ function get_config_value($configfile, $request) } } +function disable_page_by_user_agent($client_device, $useragent, $script = "Page") +{ + global $logdir, $config_name, $count_bots; + if ($client_device == $useragent) { + $logfile = $logdir . '/device.log'; + file_put_contents($logfile, "\n" . date('M d H:i:s') . " " . $config_name . " " . $script . " disabled for '" . $useragent . "' Exiting...", FILE_APPEND); + if ($client_device == "bot") { + if (isset($_SESSION['rsactive'])) { + unset($_SESSION['rsactive']); + } + } + return true; + } else { + return false; + } +} + function throttle_hits() { global $CONFIG, $logdir; diff --git a/Rocksolid_Light/rocksolid/post.php b/Rocksolid_Light/rocksolid/post.php index 71fb2f9..341d6bb 100644 --- a/Rocksolid_Light/rocksolid/post.php +++ b/Rocksolid_Light/rocksolid/post.php @@ -55,6 +55,13 @@ if ((isset($post_port)) && ($post_port != "")) include $file_newsportal; include "head.inc"; + +if (disable_page_by_user_agent($client_device, "bot", "Post")) { + echo "
Page Disabled
"; + include "tail.inc"; + exit(); +} + global $synchro_user, $synchro_pass; // check to which groups the user is allowed to post to $thisgroup = _rawurldecode($_REQUEST['group']); diff --git a/Rocksolid_Light/rocksolid/search.php b/Rocksolid_Light/rocksolid/search.php index d6f3fff..ae14191 100644 --- a/Rocksolid_Light/rocksolid/search.php +++ b/Rocksolid_Light/rocksolid/search.php @@ -20,6 +20,12 @@ if (isset($_REQUEST['data']) && $_REQUEST['data'] == '') { if ((! isset($_POST['key']) || ! password_verify($CONFIG['thissitekey'], $_POST['key'])) || ((strlen(trim($_REQUEST['terms'])) < 2) && ! $_REQUEST['data'])) { include "head.inc"; + if (disable_page_by_user_agent($client_device, "bot", "Search")) { + echo "
Page Disabled
"; + include "tail.inc"; + exit(); + } + echo '

'; echo '' . basename(getcwd()) . ' / '; echo 'search

'; diff --git a/Rocksolid_Light/rslight/scripts/cron.php b/Rocksolid_Light/rslight/scripts/cron.php old mode 100755 new mode 100644 index 8bd570b..c65f2ad --- a/Rocksolid_Light/rslight/scripts/cron.php +++ b/Rocksolid_Light/rslight/scripts/cron.php @@ -1,187 +1,193 @@ /dev/null 2>&1"); - if(is_numeric($CONFIG['local_ssl_port'])) { - exec($CONFIG['php_exec']." ".$config_dir."/scripts/nntp-ssl.php > /dev/null 2>&1"); + exec($CONFIG['php_exec'] . " " . $config_dir . "/scripts/nntp.php > /dev/null 2>&1"); + if (is_numeric($CONFIG['local_ssl_port'])) { + exec($CONFIG['php_exec'] . " " . $config_dir . "/scripts/nntp-ssl.php > /dev/null 2>&1"); } - } +} # Generate user count file (must be root) - exec($CONFIG['php_exec']." ".$config_dir."/scripts/count_users.php"); - echo "Updated user count\n"; +exec($CONFIG['php_exec'] . " " . $config_dir . "/scripts/count_users.php"); +echo "Updated user count\n"; - $uinfo=posix_getpwnam($CONFIG['webserver_user']); - $cwd = getcwd(); - $webtmp = preg_replace('/spoolnews/','tmp/',$cwd); - $keydir = preg_replace('/spoolnews/','pubkey/',$cwd); - - @mkdir($webtmp,0755,'recursive'); - @chown($webtmp, $uinfo["uid"]); - @chgrp($webtmp, $uinfo["gid"]); - @mkdir($keydir,0755,'recursive'); - @chown($keydir, $uinfo["uid"]); - @chgrp($keydir, $uinfo["gid"]); - @mkdir($ssldir,0755); - @chown($ssldir, $uinfo["uid"]); - @chgrp($ssldir, $uinfo["gid"]); +$uinfo = posix_getpwnam($CONFIG['webserver_user']); +$cwd = getcwd(); +$webtmp = preg_replace('/spoolnews/', 'tmp/', $cwd); +$keydir = preg_replace('/spoolnews/', 'pubkey/', $cwd); - $pemfile = $ssldir.'/server.pem'; - create_node_ssl_cert($pemfile); +@mkdir($webtmp, 0755, 'recursive'); +@chown($webtmp, $uinfo["uid"]); +@chgrp($webtmp, $uinfo["gid"]); +@mkdir($keydir, 0755, 'recursive'); +@chown($keydir, $uinfo["uid"]); +@chgrp($keydir, $uinfo["gid"]); +@mkdir($ssldir, 0755); +@chown($ssldir, $uinfo["uid"]); +@chgrp($ssldir, $uinfo["gid"]); - $overview = $spooldir.'/articles-overview.db3'; - touch($overview); - @chown($overview, $uinfo["uid"]); - @chgrp($overview, $uinfo["gid"]); - - if($rslight_gpg['enable'] == '1') { +$pemfile = $ssldir . '/server.pem'; +create_node_ssl_cert($pemfile); + +$overview = $spooldir . '/articles-overview.db3'; +touch($overview); +@chown($overview, $uinfo["uid"]); +@chgrp($overview, $uinfo["gid"]); + +if ($rslight_gpg['enable'] == '1') { $gnupg = $rslight_gpg['gnupghome']; - if(!is_dir($gnupg)) { - mkdir($gnupg, 0700); - chown($gnupg, $uinfo["uid"]); - chgrp($gnupg, $uinfo["gid"]); + if (! is_dir($gnupg)) { + mkdir($gnupg, 0700); + chown($gnupg, $uinfo["uid"]); + chgrp($gnupg, $uinfo["gid"]); } - } +} /* Change to non root user */ - change_identity($uinfo["uid"],$uinfo["gid"]); +change_identity($uinfo["uid"], $uinfo["gid"]); /* Everything below runs as $CONFIG['webserver_user'] */ - @mkdir($logdir,0755,'recursive'); - @mkdir($lockdir,0755,'recursive'); +@mkdir($logdir, 0755, 'recursive'); +@mkdir($lockdir, 0755, 'recursive'); -if(isset($CONFIG['enable_nocem']) && $CONFIG['enable_nocem'] == true) { - @mkdir($spooldir."nocem",0755,'recursive'); - exec($CONFIG['php_exec']." ".$config_dir."/scripts/nocem.php"); +if (isset($CONFIG['enable_nocem']) && $CONFIG['enable_nocem'] == true) { + @mkdir($spooldir . "nocem", 0755, 'recursive'); + exec($CONFIG['php_exec'] . " " . $config_dir . "/scripts/nocem.php"); } // Set up server gpg keys -if($rslight_gpg['enable'] == '1') { - if(!is_file($keydir.'/server_pubkey.txt')) { - $domain = 'rslight@'.$rslight_gpg['domain_name']; - $pubkey = $keydir.'/server_pubkey.txt'; - $fingerprint = $keydir.'/server_fingerprint.txt'; - $create_gpg_keys = $config_dir.'/scripts/create_gpg_keys.sh "'.$gnupg.'" "'.$pubkey.'" "'.$fingerprint.'" "'.$domain.'"'; - exec($create_gpg_keys); - } - exec($CONFIG['php_exec']." ".$config_dir."/scripts/interBBS_mail.php"); +if ($rslight_gpg['enable'] == '1') { + if (! is_file($keydir . '/server_pubkey.txt')) { + $domain = 'rslight@' . $rslight_gpg['domain_name']; + $pubkey = $keydir . '/server_pubkey.txt'; + $fingerprint = $keydir . '/server_fingerprint.txt'; + $create_gpg_keys = $config_dir . '/scripts/create_gpg_keys.sh "' . $gnupg . '" "' . $pubkey . '" "' . $fingerprint . '" "' . $domain . '"'; + exec($create_gpg_keys); + } + exec($CONFIG['php_exec'] . " " . $config_dir . "/scripts/interBBS_mail.php"); } reset($menulist); -foreach($menulist as $menu) { - if(($menu[0] == '#') || (trim($menu) == "")) { - continue; - } - $menuitem=explode(':', $menu); - chdir("../".$menuitem[0]); - if($CONFIG['remote_server'] !== '') { -# Send articles - echo "Sending articles\n"; - echo exec($CONFIG['php_exec']." ".$config_dir."/scripts/send.php"); -# Refresh spool - if(isset($spoolnews) && ($spoolnews == true)) { - exec($CONFIG['php_exec']." ".$config_dir."/scripts/spoolnews.php"); - echo "Refreshed spoolnews\n"; - } - } -# Expire articles - exec($CONFIG['php_exec']." ".$config_dir."/scripts/expire.php"); - echo "Expired articles\n"; +foreach ($menulist as $menu) { + if (($menu[0] == '#') || (trim($menu) == "")) { + continue; + } + $menuitem = explode(':', $menu); + chdir("../" . $menuitem[0]); + if ($CONFIG['remote_server'] !== '') { + # Send articles + echo "Sending articles\n"; + echo exec($CONFIG['php_exec'] . " " . $config_dir . "/scripts/send.php"); + # Refresh spool + if (isset($spoolnews) && ($spoolnews == true)) { + exec($CONFIG['php_exec'] . " " . $config_dir . "/scripts/spoolnews.php"); + echo "Refreshed spoolnews\n"; + } + } + # Expire articles + exec($CONFIG['php_exec'] . " " . $config_dir . "/scripts/expire.php"); + echo "Expired articles\n"; } # Run RSS Feeds - exec($CONFIG['php_exec']." ".$config_dir."/scripts/rss-feeds.php"); - echo "RSS Feeds updated\n"; +exec($CONFIG['php_exec'] . " " . $config_dir . "/scripts/rss-feeds.php"); +echo "RSS Feeds updated\n"; # Rotate log files - log_rotate(); - echo "Log files rotated\n"; +log_rotate(); +echo "Log files rotated\n"; # Rotate keys - rotate_keys(); - echo "Keys rotated\n"; +rotate_keys(); +echo "Keys rotated\n"; -function log_rotate() { - global $logdir; - $rotate = filemtime($logdir.'/rotate'); - if((time() - $rotate) > 86400) { - $log_files=scandir($logdir); - foreach($log_files as $logfile) { - if(substr($logfile, -4) != '.log' ) { - continue; - } - $logfile=$logdir.'/'.$logfile; - @unlink($logfile.'.5'); - @rename($logfile.'.4', $logfile.'.5'); - @rename($logfile.'.3', $logfile.'.4'); - @rename($logfile.'.2', $logfile.'.3'); - @rename($logfile.'.1', $logfile.'.2'); - @rename($logfile, $logfile.'.1'); - echo 'Rotated: '.$logfile."\n"; +function log_rotate() +{ + global $logdir; + $rotate = filemtime($logdir . '/rotate'); + if ((time() - $rotate) > 86400) { + $log_files = scandir($logdir); + foreach ($log_files as $logfile) { + if (substr($logfile, - 4) != '.log') { + continue; + } + $logfile = $logdir . '/' . $logfile; + @unlink($logfile . '.5'); + @rename($logfile . '.4', $logfile . '.5'); + @rename($logfile . '.3', $logfile . '.4'); + @rename($logfile . '.2', $logfile . '.3'); + @rename($logfile . '.1', $logfile . '.2'); + @rename($logfile, $logfile . '.1'); + echo 'Rotated: ' . $logfile . "\n"; + } + unlink($logdir . '/rotate'); + touch($logdir . '/rotate'); } - unlink($logdir.'/rotate'); - touch($logdir.'/rotate'); - } } -function rotate_keys() { - global $spooldir; - $keyfile = $spooldir.'/keys.dat'; - $newkeys = array(); - if(filemtime($keyfile)+14400 > time()) { - return; - } else { - $new = true; - if(is_file($keyfile)) { - $keys = unserialize(file_get_contents($keyfile)); - $new = false; - } - if($new !== true) { - $newkeys[0] = base64_encode(openssl_random_pseudo_bytes(44)); - $newkeys[1] = $keys[0]; +function rotate_keys() +{ + global $spooldir; + $keyfile = $spooldir . '/keys.dat'; + $newkeys = array(); + if (filemtime($keyfile) + 14400 > time()) { + return; } else { - $newkeys[0] = base64_encode(openssl_random_pseudo_bytes(44)); - $newkeys[1] = base64_encode(openssl_random_pseudo_bytes(44)); + $new = true; + if (is_file($keyfile)) { + $keys = unserialize(file_get_contents($keyfile)); + $new = false; + } + if ($new !== true) { + $newkeys[0] = base64_encode(openssl_random_pseudo_bytes(44)); + $newkeys[1] = $keys[0]; + } else { + $newkeys[0] = base64_encode(openssl_random_pseudo_bytes(44)); + $newkeys[1] = base64_encode(openssl_random_pseudo_bytes(44)); + } } - } - file_put_contents($keyfile, serialize($newkeys)); - touch($keyfile); + file_put_contents($keyfile, serialize($newkeys)); + touch($keyfile); } -function change_identity( $uid, $gid ) - { - if( !posix_setgid( $gid ) ) - { - print "Unable to setgid to " . $gid . "!\n"; - exit; - } - - if( !posix_setuid( $uid ) ) - { - print "Unable to setuid to " . $uid . "!\n"; - exit; - } +function change_identity($uid, $gid) +{ + if (! posix_setgid($gid)) { + print "Unable to setgid to " . $gid . "!\n"; + exit(); } + + if (! posix_setuid($uid)) { + print "Unable to setuid to " . $uid . "!\n"; + exit(); + } +} ?> diff --git a/Rocksolid_Light/spoolnews/files.php b/Rocksolid_Light/spoolnews/files.php index a4c89ee..22c7df3 100644 --- a/Rocksolid_Light/spoolnews/files.php +++ b/Rocksolid_Light/spoolnews/files.php @@ -24,6 +24,13 @@ if ((isset($_REQUEST['command']) && $_REQUEST['command'] == 'Show') && password_ } $title .= ' - Browse files'; include "head.inc"; + +if (disable_page_by_user_agent($client_device, "bot", "Files")) { + echo "
Page Disabled
"; + include "tail.inc"; + exit(); +} + echo '

'; echo 'files / '; echo htmlspecialchars($_COOKIE['mail_name']) . '

'; diff --git a/Rocksolid_Light/spoolnews/mail.php b/Rocksolid_Light/spoolnews/mail.php index e5d6efc..2d5f633 100644 --- a/Rocksolid_Light/spoolnews/mail.php +++ b/Rocksolid_Light/spoolnews/mail.php @@ -55,6 +55,12 @@ if ((password_verify($_POST['username'] . $keys[0] . get_user_config($_POST['use $title .= ' - Mail'; include "head.inc"; +if (disable_page_by_user_agent($client_device, "bot", "Mail")) { + echo "
Page Disabled
"; + include "tail.inc"; + exit(); +} + echo '

'; echo 'mail / '; @@ -323,57 +329,64 @@ if (isset($_POST['command']) && $_POST['command'] == 'Send') { echo ""; echo ''; } -// Show My Messages -$database = $spooldir . '/mail.db3'; -$dbh = mail_db_open($database); -echo '

My Messages:

'; -echo ''; -$query = $dbh->prepare('SELECT * FROM messages WHERE mail_from=:mail_from OR rcpt_to=:mail_from ORDER BY date DESC'); -$query->execute([ - 'mail_from' => $user -]); -echo ''; -$i = 1; -while (($row = $query->fetch()) !== false) { - if (($row['mail_from'] == $user) && ($row['from_hide'] == 'true')) { - continue; - } - if (($row['rcpt_to'] == $user) && ($row['to_hide'] == 'true')) { - continue; - } - if (($i % 2) != 0) { - echo '
SubjectFromToDate
'; - } else { - echo '
'; - } - $button_link = 'np_mail_button_link'; - ; - if (($row['mail_from'] == $user) && ($row['mail_viewed'] == 'true')) { - $button_link = 'np_mail_button_read'; - } elseif (($row['rcpt_to'] == $user) && ($row['rcpt_viewed'] == 'true')) { - $button_link = 'np_mail_button_read'; - } - // Use local timezone if possible - $ts = new DateTime(date("D, j M Y H:i T", $row["date"]), new DateTimeZone('UTC')); - $ts->add(DateInterval::createFromDateString($offset . ' minutes')); - if ($offset != 0) { - $newdate = $ts->format('D, j M Y H:i'); - } else { - $newdate = $ts->format('D, j M Y H:i T'); +view_mailbox($user); + +// Show My Messages +function view_mailbox($user) +{ + global $spooldir, $offset; + $database = $spooldir . '/mail.db3'; + $dbh = mail_db_open($database); + echo '

My Messages:

'; + echo ''; + $query = $dbh->prepare('SELECT * FROM messages WHERE mail_from=:mail_from OR rcpt_to=:mail_from ORDER BY date DESC'); + $query->execute([ + 'mail_from' => $user + ]); + echo ''; + $i = 1; + while (($row = $query->fetch()) !== false) { + if (($row['mail_from'] == $user) && ($row['from_hide'] == 'true')) { + continue; + } + if (($row['rcpt_to'] == $user) && ($row['to_hide'] == 'true')) { + continue; + } + if (($i % 2) != 0) { + echo ''; + $i ++; } - unset($ts); - echo ''; - echo ''; - echo ""; - echo ""; - echo ''; - echo ''; - echo ''; - $i ++; + echo '
SubjectFromToDate
'; + } else { + echo '
'; + } + $button_link = 'np_mail_button_link'; + ; + if (($row['mail_from'] == $user) && ($row['mail_viewed'] == 'true')) { + $button_link = 'np_mail_button_read'; + } elseif (($row['rcpt_to'] == $user) && ($row['rcpt_viewed'] == 'true')) { + $button_link = 'np_mail_button_read'; + } + // Use local timezone if possible + $ts = new DateTime(date("D, j M Y H:i T", $row["date"]), new DateTimeZone('UTC')); + $ts->add(DateInterval::createFromDateString($offset . ' minutes')); + + if ($offset != 0) { + $newdate = $ts->format('D, j M Y H:i'); + } else { + $newdate = $ts->format('D, j M Y H:i T'); + } + unset($ts); + echo '
'; + echo ''; + echo ""; + echo ""; + echo ''; + echo '
'; + echo '		' . $row["mail_from"] . '' . $row["rcpt_to"] . '' . $newdate . '
' . $row["mail_from"] . '' . $row["rcpt_to"] . '' . $newdate . '

'; + include "tail.inc"; } -echo '

'; -include "tail.inc"; function send_external_mail($sender, $recipient, $date, $subject, $message) { diff --git a/Rocksolid_Light/spoolnews/user.php b/Rocksolid_Light/spoolnews/user.php index ab2a84d..57b6dae 100644 --- a/Rocksolid_Light/spoolnews/user.php +++ b/Rocksolid_Light/spoolnews/user.php @@ -1,8 +1,8 @@ Page Disabled
"; + include "tail.inc"; + exit(); +} + // How long should cookie allow user to stay logged in? // 14400 = 4 hours $auth_expire = 14400; @@ -76,6 +82,7 @@ if (((get_user_mail_auth_data($_COOKIE['mail_name'])) && password_verify($_POST[ echo 'Login failed.'; } } + if (isset($_POST['command']) && $_POST['command'] == 'Configuration') { echo '

'; echo 'Configuration / ';