More minor code cleanup.
This commit is contained in:
Retro_Guy
parent
a8c373ba12
commit
705cd2307f
|
|
@ -132,6 +132,9 @@ foreach($menulist as $menu) {
|
|||
if($menuitem[1] == '0') {
|
||||
continue;
|
||||
}
|
||||
if(!isset($frame['menu'])) {
|
||||
$frame['menu'] = null;
|
||||
}
|
||||
echo '<td>';
|
||||
echo '<form target="'.$frame['menu'].'" action="'.$rootdir.$menuitem[0].'">';
|
||||
echo '<button class="np_header_button_link" type="submit">'.$menuitem[0].'</button>';
|
||||
|
|
|
|||
|
|
@ -2,13 +2,29 @@
|
|||
|
||||
include "config.inc.php";
|
||||
include "alphabet.inc.php";
|
||||
|
||||
$title.=' - Register';
|
||||
include "head.inc";
|
||||
|
||||
$keyfile = $spooldir.'/keys.dat';
|
||||
$keys = unserialize(file_get_contents($keyfile));
|
||||
$email_registry = $spooldir.'/email_registry.dat';
|
||||
unlink($_POST['captchaimage']);
|
||||
|
||||
if(!file_exists($config_dir.'/phpmailer.inc.php')) {
|
||||
$CONFIG['verify_email'] = false;
|
||||
}
|
||||
if(isset($_POST['captchaimage']) && file_exists($_POST['captchaimage'])) {
|
||||
unlink($_POST['captchaimage']);
|
||||
}
|
||||
if(!isset($_POST['username'])) {
|
||||
$_POST['username'] = null;
|
||||
}
|
||||
if(!isset($_POST['key'])) {
|
||||
$_POST['key'] = null;
|
||||
}
|
||||
if(!isset($_POST['user_email'])) {
|
||||
$_POST['user_email'] = null;
|
||||
}
|
||||
$username_allowed_chars = "a-zA-Z0-9_.";
|
||||
$clean_username = preg_replace("/[^$username_allowed_chars]/", "", $_POST['username']);
|
||||
|
||||
|
|
@ -77,7 +93,11 @@ if(isset($_POST['command']) && $_POST['command'] == 'CreateNew') {
|
|||
$username = $_POST['username'];
|
||||
$password = $_POST['password'];
|
||||
$user_email = $_POST['user_email'];
|
||||
$code = $_POST['code'];
|
||||
if(isset($_POST['code'])) {
|
||||
$code = $_POST['code'];
|
||||
} else {
|
||||
$code = false;
|
||||
}
|
||||
$userFilename = $workpath.$username;
|
||||
$keyFilename = $keypath.$username;
|
||||
@mkdir($workpath.'new/');
|
||||
|
|
@ -127,7 +147,9 @@ if(isset($_POST['command']) && $_POST['command'] == 'CreateNew') {
|
|||
fclose($userFileHandle);
|
||||
chmod($userFilename, 0666);
|
||||
}
|
||||
unlink(sys_get_temp_dir()."/".$username);
|
||||
if(file_exists(sys_get_temp_dir()."/".$username)) {
|
||||
unlink(sys_get_temp_dir()."/".$username);
|
||||
}
|
||||
echo "User:".$username." Created\r\n";
|
||||
echo '<br /><a href="'.$CONFIG['default_content'].'">Back</a>';
|
||||
|
||||
|
|
@ -238,15 +260,16 @@ foreach($users as $user) {
|
|||
}
|
||||
|
||||
# Check email address attempts to avoid abuse
|
||||
$tried_email = unserialize(file_get_contents($email_registry));
|
||||
if(isset($tried_email[$user_email])) {
|
||||
echo "Email address already used\r\n";
|
||||
echo '<form name="return1" method="post" action="register.php">';
|
||||
echo '<input name="username" type="hidden" id="username" value="'.$username.'" readonly="readonly">';
|
||||
echo '<input type="submit" name="Submit" value="Back"></td>';
|
||||
exit(2);
|
||||
if(file_exists($email_registry)) {
|
||||
$tried_email = unserialize(file_get_contents($email_registry));
|
||||
if(isset($tried_email[$user_email])) {
|
||||
echo "Email address already used\r\n";
|
||||
echo '<form name="return1" method="post" action="register.php">';
|
||||
echo '<input name="username" type="hidden" id="username" value="'.$username.'" readonly="readonly">';
|
||||
echo '<input type="submit" name="Submit" value="Back"></td>';
|
||||
exit(2);
|
||||
}
|
||||
}
|
||||
|
||||
if (!preg_match("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z0-9]{2,3})$^",$user_email)) {
|
||||
echo "Email must be in the form of an email address\r\n";
|
||||
echo '<br /><a href="register.php">Back</a>';
|
||||
|
|
@ -310,7 +333,9 @@ if ($ok || ($command == "Create") )
|
|||
if($CONFIG['verify_email']) {
|
||||
|
||||
# Log email address attempts to avoid abuse
|
||||
$tried_email = unserialize(file_get_contents($email_registry));
|
||||
if(file_exists($email_registry)) {
|
||||
$tried_email = unserialize(file_get_contents($email_registry));
|
||||
}
|
||||
$tried_email[$user_email]['time'] = time();
|
||||
file_put_contents($email_registry, serialize($tried_email));
|
||||
|
||||
|
|
|
|||
|
|
@ -1624,8 +1624,11 @@ function get_user_mail_auth_data($user) {
|
|||
$userdata = array("$user");
|
||||
$user = strtolower($user);
|
||||
$pkey_config = get_user_config($user, "pkey");
|
||||
if(!isset($_COOKIE['pkey'])) {
|
||||
$_COOKIE['pkey'] = null;
|
||||
}
|
||||
$pkey_cookie = $_COOKIE['pkey'];
|
||||
if($pkey_config == false || $pkey_cookie == false) {
|
||||
if((!isset($_COOKIE['pkey'])) || $pkey_config == false || $pkey_cookie == false) {
|
||||
return false;
|
||||
}
|
||||
if($pkey_config == $pkey_cookie) {
|
||||
|
|
|
|||
|
|
@ -11,7 +11,7 @@ include "newsportal.php";
|
|||
}
|
||||
|
||||
if(!isset($_POST['command'])) {
|
||||
$_POST['command'] = '';
|
||||
$_POST['command'] = null;
|
||||
}
|
||||
$keyfile = $spooldir.'/keys.dat';
|
||||
$keys = unserialize(file_get_contents($keyfile));
|
||||
|
|
@ -25,6 +25,12 @@ $keys = unserialize(file_get_contents($keyfile));
|
|||
$_POST['username'] = $_COOKIE['mail_name'];
|
||||
}
|
||||
$name = $_POST['username'];
|
||||
if(!isset($_POST['password'])) {
|
||||
$_POST['password'] = null;
|
||||
}
|
||||
if(!isset($_COOKIE['mail_auth'])) {
|
||||
$_COOKIE['mail_auth'] = null;
|
||||
}
|
||||
if((password_verify($_POST['username'].$keys[0].get_user_config($_POST['username'],'encryptionkey'), $_COOKIE['mail_auth'])) || (password_verify($_POST['username'].$keys[1].get_user_config($_POST['username'],'encryptionkey'), $_COOKIE['mail_auth']))) {
|
||||
$logged_in = true;
|
||||
} else {
|
||||
|
|
|
|||
|
|
@ -9,6 +9,9 @@ include "newsportal.php";
|
|||
} else {
|
||||
$offset=$CONFIG['timezone'];
|
||||
}
|
||||
if(!isset($_POST['command'])) {
|
||||
$_POST['command'] = null;
|
||||
}
|
||||
|
||||
$keyfile = $spooldir.'/keys.dat';
|
||||
$keys = unserialize(file_get_contents($keyfile));
|
||||
|
|
@ -38,6 +41,12 @@ include "head.inc";
|
|||
$_POST['username'] = $_COOKIE['mail_name'];
|
||||
}
|
||||
$name = $_POST['username'];
|
||||
if(!isset($_POST['password'])) {
|
||||
$_POST['password'] = null;
|
||||
}
|
||||
if(!isset($_COOKIE['mail_auth'])) {
|
||||
$_COOKIE['mail_auth'] = null;
|
||||
}
|
||||
if(((get_user_mail_auth_data($_COOKIE['mail_name'])) && password_verify($_POST['username'].$keys[0].get_user_config($_POST['username'],'encryptionkey'), $_COOKIE['mail_auth'])) || (password_verify($_POST['username'].$keys[1].get_user_config($_POST['username'],'encryptionkey'), $_COOKIE['mail_auth']))) {
|
||||
$logged_in = true;
|
||||
} else {
|
||||
|
|
@ -73,7 +82,6 @@ echo '<table cellpadding="0" cellspacing="0" class="np_buttonbar"><tr>';
|
|||
echo '<form target="'.$frame['content'].'" method="post" action="mail.php">';
|
||||
echo '<input name="command" type="hidden" id="command" value="Mail" readonly="readonly">';
|
||||
echo "<input type='hidden' name='username' value='".$_POST['username']."' />";
|
||||
echo "<input type='hidden' name='password' value='".$_POST['password']."' />";
|
||||
echo '<button class="np_button_link" type="submit">Mail</button>';
|
||||
echo '</form>';
|
||||
echo '</td>';
|
||||
|
|
@ -82,8 +90,6 @@ echo '<table cellpadding="0" cellspacing="0" class="np_buttonbar"><tr>';
|
|||
echo '<form target="'.$frame['content'].'" method="post" action="user.php">';
|
||||
echo '<input name="command" type="hidden" id="command" value="Logout" readonly="readonly">';
|
||||
echo "<input type='hidden' name='username' value='".$_POST['username']."' />";
|
||||
echo "<input type='hidden' name='password' value='".$_POST['password']."' />";
|
||||
echo "<input type='hidden' name='id' value='".$_POST['id']."' />";
|
||||
echo '<button class="np_button_link" type="submit">Logout</button>';
|
||||
echo '</form>';
|
||||
echo '</td>';
|
||||
|
|
|
|||
Loading…
Reference in New Issue