From 705cd2307fa468d1403bcb2fee3ee3499084ba9b Mon Sep 17 00:00:00 2001 From: Retro_Guy Date: Sun, 14 May 2023 19:41:08 -0700 Subject: [PATCH] More minor code cleanup. --- Rocksolid_Light/common/header.php | 3 ++ Rocksolid_Light/common/register.php | 49 ++++++++++++++++++------ Rocksolid_Light/rocksolid/newsportal.php | 5 ++- Rocksolid_Light/spoolnews/mail.php | 8 +++- Rocksolid_Light/spoolnews/user.php | 12 ++++-- 5 files changed, 60 insertions(+), 17 deletions(-) diff --git a/Rocksolid_Light/common/header.php b/Rocksolid_Light/common/header.php index 929e876..bd39657 100644 --- a/Rocksolid_Light/common/header.php +++ b/Rocksolid_Light/common/header.php @@ -132,6 +132,9 @@ foreach($menulist as $menu) { if($menuitem[1] == '0') { continue; } + if(!isset($frame['menu'])) { + $frame['menu'] = null; + } echo ''; echo '
'; echo ''; diff --git a/Rocksolid_Light/common/register.php b/Rocksolid_Light/common/register.php index 38cc898..49f7c32 100644 --- a/Rocksolid_Light/common/register.php +++ b/Rocksolid_Light/common/register.php @@ -2,13 +2,29 @@ include "config.inc.php"; include "alphabet.inc.php"; + +$title.=' - Register'; include "head.inc"; $keyfile = $spooldir.'/keys.dat'; $keys = unserialize(file_get_contents($keyfile)); $email_registry = $spooldir.'/email_registry.dat'; -unlink($_POST['captchaimage']); +if(!file_exists($config_dir.'/phpmailer.inc.php')) { + $CONFIG['verify_email'] = false; +} +if(isset($_POST['captchaimage']) && file_exists($_POST['captchaimage'])) { + unlink($_POST['captchaimage']); +} +if(!isset($_POST['username'])) { + $_POST['username'] = null; +} +if(!isset($_POST['key'])) { + $_POST['key'] = null; +} +if(!isset($_POST['user_email'])) { + $_POST['user_email'] = null; +} $username_allowed_chars = "a-zA-Z0-9_."; $clean_username = preg_replace("/[^$username_allowed_chars]/", "", $_POST['username']); @@ -77,7 +93,11 @@ if(isset($_POST['command']) && $_POST['command'] == 'CreateNew') { $username = $_POST['username']; $password = $_POST['password']; $user_email = $_POST['user_email']; - $code = $_POST['code']; + if(isset($_POST['code'])) { + $code = $_POST['code']; + } else { + $code = false; + } $userFilename = $workpath.$username; $keyFilename = $keypath.$username; @mkdir($workpath.'new/'); @@ -127,7 +147,9 @@ if(isset($_POST['command']) && $_POST['command'] == 'CreateNew') { fclose($userFileHandle); chmod($userFilename, 0666); } - unlink(sys_get_temp_dir()."/".$username); + if(file_exists(sys_get_temp_dir()."/".$username)) { + unlink(sys_get_temp_dir()."/".$username); + } echo "User:".$username." Created\r\n"; echo '
Back'; @@ -238,15 +260,16 @@ foreach($users as $user) { } # Check email address attempts to avoid abuse -$tried_email = unserialize(file_get_contents($email_registry)); -if(isset($tried_email[$user_email])) { - echo "Email address already used\r\n"; - echo ''; - echo ''; - echo ''; - exit(2); +if(file_exists($email_registry)) { + $tried_email = unserialize(file_get_contents($email_registry)); + if(isset($tried_email[$user_email])) { + echo "Email address already used\r\n"; + echo ''; + echo ''; + echo ''; + exit(2); + } } - if (!preg_match("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z0-9]{2,3})$^",$user_email)) { echo "Email must be in the form of an email address\r\n"; echo '
Back'; @@ -310,7 +333,9 @@ if ($ok || ($command == "Create") ) if($CONFIG['verify_email']) { # Log email address attempts to avoid abuse - $tried_email = unserialize(file_get_contents($email_registry)); + if(file_exists($email_registry)) { + $tried_email = unserialize(file_get_contents($email_registry)); + } $tried_email[$user_email]['time'] = time(); file_put_contents($email_registry, serialize($tried_email)); diff --git a/Rocksolid_Light/rocksolid/newsportal.php b/Rocksolid_Light/rocksolid/newsportal.php index 7d3e4fc..c2f7b13 100644 --- a/Rocksolid_Light/rocksolid/newsportal.php +++ b/Rocksolid_Light/rocksolid/newsportal.php @@ -1624,8 +1624,11 @@ function get_user_mail_auth_data($user) { $userdata = array("$user"); $user = strtolower($user); $pkey_config = get_user_config($user, "pkey"); + if(!isset($_COOKIE['pkey'])) { + $_COOKIE['pkey'] = null; + } $pkey_cookie = $_COOKIE['pkey']; - if($pkey_config == false || $pkey_cookie == false) { + if((!isset($_COOKIE['pkey'])) || $pkey_config == false || $pkey_cookie == false) { return false; } if($pkey_config == $pkey_cookie) { diff --git a/Rocksolid_Light/spoolnews/mail.php b/Rocksolid_Light/spoolnews/mail.php index 67ff173..f88de89 100644 --- a/Rocksolid_Light/spoolnews/mail.php +++ b/Rocksolid_Light/spoolnews/mail.php @@ -11,7 +11,7 @@ include "newsportal.php"; } if(!isset($_POST['command'])) { - $_POST['command'] = ''; + $_POST['command'] = null; } $keyfile = $spooldir.'/keys.dat'; $keys = unserialize(file_get_contents($keyfile)); @@ -25,6 +25,12 @@ $keys = unserialize(file_get_contents($keyfile)); $_POST['username'] = $_COOKIE['mail_name']; } $name = $_POST['username']; + if(!isset($_POST['password'])) { + $_POST['password'] = null; + } + if(!isset($_COOKIE['mail_auth'])) { + $_COOKIE['mail_auth'] = null; + } if((password_verify($_POST['username'].$keys[0].get_user_config($_POST['username'],'encryptionkey'), $_COOKIE['mail_auth'])) || (password_verify($_POST['username'].$keys[1].get_user_config($_POST['username'],'encryptionkey'), $_COOKIE['mail_auth']))) { $logged_in = true; } else { diff --git a/Rocksolid_Light/spoolnews/user.php b/Rocksolid_Light/spoolnews/user.php index 25fa16a..b102430 100644 --- a/Rocksolid_Light/spoolnews/user.php +++ b/Rocksolid_Light/spoolnews/user.php @@ -9,6 +9,9 @@ include "newsportal.php"; } else { $offset=$CONFIG['timezone']; } + if(!isset($_POST['command'])) { + $_POST['command'] = null; + } $keyfile = $spooldir.'/keys.dat'; $keys = unserialize(file_get_contents($keyfile)); @@ -38,6 +41,12 @@ include "head.inc"; $_POST['username'] = $_COOKIE['mail_name']; } $name = $_POST['username']; + if(!isset($_POST['password'])) { + $_POST['password'] = null; + } + if(!isset($_COOKIE['mail_auth'])) { + $_COOKIE['mail_auth'] = null; + } if(((get_user_mail_auth_data($_COOKIE['mail_name'])) && password_verify($_POST['username'].$keys[0].get_user_config($_POST['username'],'encryptionkey'), $_COOKIE['mail_auth'])) || (password_verify($_POST['username'].$keys[1].get_user_config($_POST['username'],'encryptionkey'), $_COOKIE['mail_auth']))) { $logged_in = true; } else { @@ -73,7 +82,6 @@ echo ''; echo ''; echo ''; echo ""; - echo ""; echo ''; echo ''; echo ''; @@ -82,8 +90,6 @@ echo '
'; echo ''; echo ''; echo ""; - echo ""; - echo ""; echo ''; echo ''; echo '';