Revert "Added rate limiting per user (overrides site config)"
This commit is contained in:
parent
a3aa479f3d
commit
39c1b00908
|
@ -1,410 +0,0 @@
|
|||
<?php
|
||||
/* rslight NNTP<->HTTP Gateway
|
||||
* Version: 0.6.x
|
||||
* Download: https://news.novabbs.com/getrslight
|
||||
*
|
||||
* Based on Newsportal by Florian Amrhein
|
||||
*
|
||||
* E-Mail: retroguy@novabbs.com
|
||||
* Web: https://news.novabbs.com
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
||||
*/
|
||||
|
||||
@session_start();
|
||||
/*
|
||||
* Encode lines with 8bit-characters to quote-printable
|
||||
*
|
||||
* $line: the to be encoded line
|
||||
*
|
||||
* the function returns a sting containing the quoted-printable encoded
|
||||
* $line
|
||||
*/
|
||||
function encode_subject($line) {
|
||||
$newstring=mb_encode_mimeheader(quoted_printable_decode($line));
|
||||
return $newstring;
|
||||
}
|
||||
|
||||
if(!function_exists('quoted_printable_encode'))
|
||||
{
|
||||
function quoted_printable_encode($line) {
|
||||
global $www_charset;
|
||||
$qp_table=array(
|
||||
'=00', '=01', '=02', '=03', '=04', '=05',
|
||||
'=06', '=07', '=08', '=09', '=0A', '=0B',
|
||||
'=0C', '=0D', '=0E', '=0F', '=10', '=11',
|
||||
'=12', '=13', '=14', '=15', '=16', '=17',
|
||||
'=18', '=19', '=1A', '=1B', '=1C', '=1D',
|
||||
'=1E', '=1F', '_', '!', '"', '#',
|
||||
'$', '%', '&', "'", '(', ')',
|
||||
'*', '+', ',', '-', '.', '/',
|
||||
'0', '1', '2', '3', '4', '5',
|
||||
'6', '7', '8', '9', ':', ';',
|
||||
'<', '=3D', '>', '=3F', '@', 'A',
|
||||
'B', 'C', 'D', 'E', 'F', 'G',
|
||||
'H', 'I', 'J', 'K', 'L', 'M',
|
||||
'N', 'O', 'P', 'Q', 'R', 'S',
|
||||
'T', 'U', 'V', 'W', 'X', 'Y',
|
||||
'Z', '[', '\\', ']', '^', '=5F',
|
||||
'', 'a', 'b', 'c', 'd', 'e',
|
||||
'f', 'g', 'h', 'i', 'j', 'k',
|
||||
'l', 'm', 'n', 'o', 'p', 'q',
|
||||
'r', 's', 't', 'u', 'v', 'w',
|
||||
'x', 'y', 'z', '{', '|', '}',
|
||||
'~', '=7F', '=80', '=81', '=82', '=83',
|
||||
'=84', '=85', '=86', '=87', '=88', '=89',
|
||||
'=8A', '=8B', '=8C', '=8D', '=8E', '=8F',
|
||||
'=90', '=91', '=92', '=93', '=94', '=95',
|
||||
'=96', '=97', '=98', '=99', '=9A', '=9B',
|
||||
'=9C', '=9D', '=9E', '=9F', '=A0', '=A1',
|
||||
'=A2', '=A3', '=A4', '=A5', '=A6', '=A7',
|
||||
'=A8', '=A9', '=AA', '=AB', '=AC', '=AD',
|
||||
'=AE', '=AF', '=B0', '=B1', '=B2', '=B3',
|
||||
'=B4', '=B5', '=B6', '=B7', '=B8', '=B9',
|
||||
'=BA', '=BB', '=BC', '=BD', '=BE', '=BF',
|
||||
'=C0', '=C1', '=C2', '=C3', '=C4', '=C5',
|
||||
'=C6', '=C7', '=C8', '=C9', '=CA', '=CB',
|
||||
'=CC', '=CD', '=CE', '=CF', '=D0', '=D1',
|
||||
'=D2', '=D3', '=D4', '=D5', '=D6', '=D7',
|
||||
'=D8', '=D9', '=DA', '=DB', '=DC', '=DD',
|
||||
'=DE', '=DF', '=E0', '=E1', '=E2', '=E3',
|
||||
'=E4', '=E5', '=E6', '=E7', '=E8', '=E9',
|
||||
'=EA', '=EB', '=EC', '=ED', '=EE', '=EF',
|
||||
'=F0', '=F1', '=F2', '=F3', '=F4', '=F5',
|
||||
'=F6', '=F7', '=F8', '=F9', '=FA', '=FB',
|
||||
'=FC', '=FD', '=FE', '=FF');
|
||||
// are there "forbidden" characters in the string?
|
||||
for($i=0; $i<strlen($line) && ord($line[$i])<=127 ; $i++);
|
||||
if ($i<strlen($line)) { // yes, there are. So lets encode them!
|
||||
$from=$i;
|
||||
for($to=strlen($line)-1; ord($line[$to])<=127; $to--);
|
||||
// lets scan for the start and the end of the to be encoded _words_
|
||||
for(;$from>0 && $line[$from] != ' '; $from--);
|
||||
if($from>0) $from++;
|
||||
for(;$to<strlen($line) && $line[$to] != ' '; $to++);
|
||||
// split the string into the to be encoded middle and the rest
|
||||
$begin=substr($line,0,$from);
|
||||
$middle=substr($line,$from,$to-$from);
|
||||
$end=substr($line,$to);
|
||||
// ok, now lets encode $middle...
|
||||
$newmiddle="";
|
||||
for($i=0; $i<strlen($middle); $i++)
|
||||
$newmiddle .= $qp_table[ord($middle[$i])];
|
||||
// now we glue the parts together...
|
||||
$line=$begin.'=?'.$www_charset.'?Q?'.$newmiddle.'?='.$end;
|
||||
}
|
||||
return $line;
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
* generate a message-id for posting.
|
||||
* $identity: a string containing informations about the article, to
|
||||
* make a md5-hash out of it.
|
||||
*
|
||||
* returns: a complete message-id
|
||||
*/
|
||||
function generate_msgid($identity) {
|
||||
global $msgid_generate,$msgid_fqdn;
|
||||
switch($msgid_generate) {
|
||||
case "no":
|
||||
// no, we don't want to generate a message-id.
|
||||
return false;
|
||||
break;
|
||||
case "md5":
|
||||
return '<'.md5($identity).'$1@'.$msgid_fqdn.'>';
|
||||
break;
|
||||
default:
|
||||
return false;
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
function check_rate_limit($name,$set=0,$gettime=0) {
|
||||
global $CONFIG,$spooldir;
|
||||
$ratefile=$spooldir.'/'.strtolower($name).'-rate.dat';
|
||||
$postqty=0;
|
||||
$first=0;
|
||||
$newrate=array();
|
||||
if(is_file($ratefile)) {
|
||||
$ratedata='';
|
||||
$ratefp=fopen($ratefile,'r');
|
||||
while(!feof($ratefp)) {
|
||||
$ratedata.=fgets($ratefp,1000);
|
||||
}
|
||||
fclose($ratefp);
|
||||
$rate=unserialize($ratedata);
|
||||
sort($rate);
|
||||
foreach($rate as $ratepost) {
|
||||
if($ratepost > (time() - 3600)) {
|
||||
$postqty=$postqty+1;
|
||||
$newrate[]=$ratepost;
|
||||
if($first == 0) {
|
||||
$oldest = $ratepost;
|
||||
$first=1;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
$newrate[]=time();
|
||||
if($set) {
|
||||
$ratefp=fopen($ratefile,'w');
|
||||
fputs($ratefp,serialize($newrate));
|
||||
fclose($ratefp);
|
||||
$postqty=$postqty+1;
|
||||
}
|
||||
$rate_limit = get_user_config($name, 'rate_limit');
|
||||
if(($rate_limit !== FALSE) && ($rate_limit > 0)) {
|
||||
$CONFIG['rate_limit'] = $rate_limit;
|
||||
}
|
||||
$postsremaining = $CONFIG['rate_limit']-$postqty;
|
||||
if($gettime) {
|
||||
$wait=(3600-(time()-$oldest))/60;
|
||||
return($wait);
|
||||
} else {
|
||||
return($postsremaining);
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
* Post an article to a newsgroup
|
||||
*
|
||||
* $subject: The Subject of the article
|
||||
* $from: The authors name and email of the article
|
||||
* $newsgroups: The groups to post to
|
||||
* $ref: The references of the article
|
||||
* $body: The article itself
|
||||
*/
|
||||
function message_post($subject,$from,$newsgroups,$ref,$body,$encryptthis,$encryptto) {
|
||||
global $server,$port,$send_poster_host,$text_error,$CONFIG;
|
||||
global $www_charset,$spooldir;
|
||||
global $msgid_generate,$msgid_fqdn;
|
||||
flush();
|
||||
$msgid=generate_msgid($subject.",".$from.",".$newsgroups.",".$ref.",".$body);
|
||||
/*
|
||||
* SPAM CHECK
|
||||
*/
|
||||
if ((isset($CONFIG['spamassassin']) && ($CONFIG['spamassassin'] == true))) {
|
||||
$spam_result_array = check_spam($subject,$from,$newsgroups,$ref,$body,$msgid);
|
||||
$res = $spam_result_array['res'];
|
||||
$spamresult = $spam_result_array['spamresult'];
|
||||
$spamcheckerversion = $spam_result_array['spamcheckerversion'];
|
||||
$spamlevel = $spam_result_array['spamlevel'];
|
||||
$spam_fail = $spam_result_array['spam_fail'];
|
||||
}
|
||||
$ns=nntp_open($server,$port);
|
||||
if ($ns != false) {
|
||||
fputs($ns,"POST\r\n");
|
||||
$weg=line_read($ns);
|
||||
$t = explode(' ', $weg);
|
||||
if($t[0] != "340") {
|
||||
nntp_close($ns);
|
||||
return $weg;
|
||||
}
|
||||
fputs($ns,'Subject: '.encode_subject($subject)."\r\n");
|
||||
|
||||
// For Synchronet use
|
||||
if (isset($fromname) && (isset($CONFIG['synchronet']) && ($CONFIG['synchronet'] == true))) {
|
||||
// if ( isset($fromname) && isset($CONFIG['synchronet']) ) {
|
||||
fputs($ns,'To: '.$fromname."\r\n");
|
||||
$fromname="";
|
||||
}
|
||||
|
||||
// X-Rslight headers
|
||||
if ((isset($CONFIG['spamassassin']) && ($CONFIG['spamassassin'] == true))) {
|
||||
if(isset($res) && $spam_fail == 0) {
|
||||
fputs($ns,$spamcheckerversion."\r\n");
|
||||
if(strpos($spamlevel, '*') !== false)
|
||||
fputs($ns,$spamlevel."\r\n");
|
||||
if($res === 1) {
|
||||
fputs($ns,"X-Rslight-Original-Group: ".$newsgroups."\r\n");
|
||||
$newsgroups=$CONFIG['spamgroup'];
|
||||
}
|
||||
}
|
||||
}
|
||||
fputs($ns,'From: '.$from."\r\n");
|
||||
fputs($ns,'Newsgroups: '.$newsgroups."\r\n");
|
||||
$sitekey=password_hash($CONFIG['thissitekey'].$msgid, PASSWORD_DEFAULT);
|
||||
fputs($ns,'X-Rslight-Site: '.$sitekey."\r\n");
|
||||
if(isset($encryptthis)) {
|
||||
fputs($ns,'X-Rslight-To: '.$encryptto."\r\n");
|
||||
$CONFIG['postfooter']="";
|
||||
}
|
||||
fputs($ns,"Mime-Version: 1.0\r\n");
|
||||
fputs($ns,"Content-Type: text/plain; charset=".$www_charset."; format=flowed\r\n");
|
||||
fputs($ns,"Content-Transfer-Encoding: 8bit\r\n");
|
||||
fputs($ns,"User-Agent: Rocksolid Light (news.novabbs.com/getrslight)\r\n");
|
||||
if ($send_poster_host)
|
||||
@fputs($ns,'X-HTTP-Posting-Host: '.gethostbyaddr(getenv("REMOTE_ADDR"))."\r\n");
|
||||
if (($ref!=false) && (count($ref)>0)) {
|
||||
// strip references
|
||||
if(strlen(implode(" ",$ref))>900) {
|
||||
$ref_first=array_shift($ref);
|
||||
do {
|
||||
$ref=array_slice($ref,1);
|
||||
} while(strlen(implode(" ",$ref))>800);
|
||||
array_unshift($ref,$ref_first);
|
||||
}
|
||||
fputs($ns,'References: '.implode(" ",$ref)."\r\n");
|
||||
}
|
||||
if (isset($CONFIG['organization']))
|
||||
fputs($ns,'Organization: '.quoted_printable_encode($CONFIG['organization'])."\r\n");
|
||||
if ((isset($CONFIG['postfooter'])) && ($CONFIG['postfooter']!="")) {
|
||||
$body.="\n-- \n".$CONFIG['postfooter']."\n".$_SERVER['HTTP_HOST'];
|
||||
}
|
||||
fputs($ns,'Message-ID: '.$msgid."\r\n");
|
||||
$body=str_replace("\n.\r","\n..\r",$body);
|
||||
$body=str_replace("\r",'',$body);
|
||||
$body=stripSlashes($body);
|
||||
// Encrypt?
|
||||
if(isset($encryptthis)) {
|
||||
$encryptkey=get_user_config($encryptto, "encryptionkey");
|
||||
|
||||
$body=chunk_split(rslight_encrypt($body, $encryptkey));
|
||||
$body="-- RSLIGHT DAT START\n".$body."-- RSLIGHT DAT END\n";
|
||||
}
|
||||
$body=rtrim($body);
|
||||
fputs($ns,"\r\n".$body."\r\n.\r\n");
|
||||
$message=line_read($ns);
|
||||
nntp_close($ns);
|
||||
} else {
|
||||
$message=$text_error["post_failed"];
|
||||
}
|
||||
// let thread.php ignore the cache for this group, so this new
|
||||
// article will be visible instantly
|
||||
$groupsarr=explode(",",$newsgroups);
|
||||
foreach($groupsarr as $newsgroup) {
|
||||
$cachefile=$spooldir.'/'.$newsgroup.'-cache.txt';
|
||||
@unlink($cachefile);
|
||||
}
|
||||
return $message;
|
||||
}
|
||||
function message_post_with_attachment($subject,$from,$newsgroups,$ref,$body,$encryptthis,$encryptto) {
|
||||
global $server,$port,$send_poster_host,$CONFIG,$text_error;
|
||||
global $file_footer,$www_charset,$spooldir;
|
||||
global $msgid_generate,$msgid_fqdn;
|
||||
global $CONFIG;
|
||||
flush();
|
||||
$msgid=generate_msgid($subject.",".$from.",".$newsgroups.",".$ref.",".$body);
|
||||
/*
|
||||
* SPAM CHECK
|
||||
*/
|
||||
if (isset($CONFIG['spamassassin']) && ($CONFIG['spamassassin'] == true)) {
|
||||
$spam_result_array = check_spam($subject,$from,$newsgroups,$ref,$body,$msgid);
|
||||
$res = $spam_result_array['res'];
|
||||
$spamresult = $spam_result_array['spamresult'];
|
||||
$spamcheckerversion = $spam_result_array['spamcheckerversion'];
|
||||
$spamlevel = $spam_result_array['spamlevel'];
|
||||
}
|
||||
move_uploaded_file($_FILES["photo"]["tmp_name"], $spooldir."/upload/" . $_FILES["photo"]["name"]);
|
||||
$ns=nntp_open($server,$port);
|
||||
if ($ns != false) {
|
||||
fputs($ns,"POST\r\n");
|
||||
$weg=line_read($ns);
|
||||
fputs($ns,'Subject: '.encode_subject($subject)."\r\n");
|
||||
// X-Rslight headers
|
||||
if(isset($res)) {
|
||||
fputs($ns,$spamcheckerversion."\r\n");
|
||||
if(strpos($spamlevel, '*') !== false)
|
||||
fputs($ns,$spamlevel."\r\n");
|
||||
if($res === 1) {
|
||||
fputs($ns,"X-Rslight-Original-Group: ".$newsgroups."\r\n");
|
||||
$newsgroups=$CONFIG['spamgroup'];
|
||||
}
|
||||
}
|
||||
$sitekey=password_hash($CONFIG['thissitekey'].$msgid, PASSWORD_DEFAULT);
|
||||
fputs($ns,'X-Rslight-Site: '.$sitekey."\r\n");
|
||||
if(isset($encryptthis))
|
||||
fputs($ns,'X-Rslight-To: '.$encryptto."\r\n");
|
||||
fputs($ns,'From: '.$from."\r\n");
|
||||
fputs($ns,'Newsgroups: '.$newsgroups."\r\n");
|
||||
fputs($ns,"Mime-Version: 1.0\r\n");
|
||||
/*
|
||||
fputs($ns,"Content-Type: text/plain; charset=".$www_charset."; format=flowed\r\n");
|
||||
*/
|
||||
if ($send_poster_host)
|
||||
@fputs($ns,'X-HTTP-Posting-Host: '.gethostbyaddr(getenv("REMOTE_ADDR"))."\r\n");
|
||||
if (($ref!=false) && (count($ref)>0)) {
|
||||
// strip references
|
||||
if(strlen(implode(" ",$ref))>900) {
|
||||
$ref_first=array_shift($ref);
|
||||
do {
|
||||
$ref=array_slice($ref,1);
|
||||
} while(strlen(implode(" ",$ref))>800);
|
||||
array_unshift($ref,$ref_first);
|
||||
}
|
||||
fputs($ns,'References: '.implode(" ",$ref)."\r\n");
|
||||
}
|
||||
if (isset($CONFIG['organization']))
|
||||
fputs($ns,'Organization: '.quoted_printable_encode($CONFIG['organization'])."\r\n");
|
||||
if ((isset($file_footer)) && ($file_footer!="")) {
|
||||
$footerfile=fopen($file_footer,"r");
|
||||
$body.="\n".fread($footerfile,filesize($file_footer));
|
||||
fclose($footerfile);
|
||||
}
|
||||
$boundary=uniqid('', true);
|
||||
$body.="\r\n--------------".$boundary."\r\n";
|
||||
fputs($ns,'Message-ID: '.$msgid."\r\n");
|
||||
fputs($ns,'Content-Type: multipart/mixed;boundary="------------'.$boundary.'"');
|
||||
fputs($ns,"\r\n");
|
||||
$contenttype = shell_exec('file -b --mime-type '.$spooldir.'/upload/'.$_FILES[photo][name]);
|
||||
$contenttype = rtrim($contenttype);
|
||||
$b64file = shell_exec('uuencode -m '.$spooldir.'/upload/'.$_FILES['photo']['name'].' '.$_FILES['photo']['name'].' | grep -v \'begin-base64\|====\'');
|
||||
$body.='Content-Type: '.$contenttype.';';
|
||||
$body.="\r\n name=".$_FILES['photo']['name'];
|
||||
$body.="\r\nContent-Transfer-Encoding: base64";
|
||||
$body.="\r\nContent-Disposition: attachment;";
|
||||
$body.="\r\n filename=".$_FILES['photo']['name'];
|
||||
$body.="\r\n";
|
||||
$body.="\r\n".$b64file;
|
||||
$body.="\r\n--------------".$boundary."--\r\n";
|
||||
|
||||
// Headers end here
|
||||
|
||||
$body=str_replace("\n.\r","\n..\r",$body);
|
||||
$body=str_replace("\r",'',$body);
|
||||
$body=stripSlashes($body);
|
||||
|
||||
fputs($ns,"\r\nThis is a multi-part message in MIME format.\r\n");
|
||||
fputs($ns,"--------------".$boundary."\r\n");
|
||||
fputs($ns,"Content-Type: text/plain; charset=utf-8\r\n");
|
||||
fputs($ns,"Content-Transfer-Encoding: 7bit\r\n");
|
||||
// Encrypt?
|
||||
if(isset($encryptthis)) {
|
||||
$encryptkey=get_user_config($encryptto, "encryptionkey");
|
||||
|
||||
$body=chunk_split(rslight_encrypt($body, $encryptkey));
|
||||
$body="-- RSLIGHT DAT START\n".$body."-- RSLIGHT DAT END\n";
|
||||
}
|
||||
// Body sent here
|
||||
fputs($ns,"\r\n".$body."\r\n.\r\n");
|
||||
|
||||
$message=line_read($ns);
|
||||
nntp_close($ns);
|
||||
// clean up attachment file
|
||||
unlink($spooldir.'/upload/'.$_FILES["photo"]["name"]);
|
||||
} else {
|
||||
$message=$text_error["post_failed"];
|
||||
}
|
||||
// let thread.php ignore the cache for this group, so this new
|
||||
// article will be visible instantly
|
||||
$groupsarr=explode(",",$newsgroups);
|
||||
foreach($groupsarr as $newsgroup) {
|
||||
$cachefile=$spooldir.'/'.$newsgroup.'-cache.txt';
|
||||
@unlink($cachefile);
|
||||
}
|
||||
return $message;
|
||||
}
|
||||
?>
|
|
@ -179,10 +179,6 @@ if ($type=="post") {
|
|||
$nemail=$anonym_address;
|
||||
else
|
||||
$nemail=$email;
|
||||
$rate_limit = get_user_config($name, 'rate_limit');
|
||||
if(($rate_limit !== FALSE) && ($rate_limit > 0)) {
|
||||
$CONFIG['rate_limit'] = $rate_limit;
|
||||
}
|
||||
if($CONFIG['rate_limit'] == true && strcmp($name, $CONFIG['anonusername'])) {
|
||||
$postsremaining = check_rate_limit($name);
|
||||
if($postsremaining < 1) {
|
||||
|
|
Loading…
Reference in New Issue