More minor code cleanup.
This commit is contained in:
Retro_Guy
parent
a8c373ba12
commit
705cd2307f
|
|
@ -132,6 +132,9 @@ foreach($menulist as $menu) {
|
||||||
if($menuitem[1] == '0') {
|
if($menuitem[1] == '0') {
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
if(!isset($frame['menu'])) {
|
||||||
|
$frame['menu'] = null;
|
||||||
|
}
|
||||||
echo '<td>';
|
echo '<td>';
|
||||||
echo '<form target="'.$frame['menu'].'" action="'.$rootdir.$menuitem[0].'">';
|
echo '<form target="'.$frame['menu'].'" action="'.$rootdir.$menuitem[0].'">';
|
||||||
echo '<button class="np_header_button_link" type="submit">'.$menuitem[0].'</button>';
|
echo '<button class="np_header_button_link" type="submit">'.$menuitem[0].'</button>';
|
||||||
|
|
|
||||||
|
|
@ -2,13 +2,29 @@
|
||||||
|
|
||||||
include "config.inc.php";
|
include "config.inc.php";
|
||||||
include "alphabet.inc.php";
|
include "alphabet.inc.php";
|
||||||
|
|
||||||
|
$title.=' - Register';
|
||||||
include "head.inc";
|
include "head.inc";
|
||||||
|
|
||||||
$keyfile = $spooldir.'/keys.dat';
|
$keyfile = $spooldir.'/keys.dat';
|
||||||
$keys = unserialize(file_get_contents($keyfile));
|
$keys = unserialize(file_get_contents($keyfile));
|
||||||
$email_registry = $spooldir.'/email_registry.dat';
|
$email_registry = $spooldir.'/email_registry.dat';
|
||||||
unlink($_POST['captchaimage']);
|
|
||||||
|
|
||||||
|
if(!file_exists($config_dir.'/phpmailer.inc.php')) {
|
||||||
|
$CONFIG['verify_email'] = false;
|
||||||
|
}
|
||||||
|
if(isset($_POST['captchaimage']) && file_exists($_POST['captchaimage'])) {
|
||||||
|
unlink($_POST['captchaimage']);
|
||||||
|
}
|
||||||
|
if(!isset($_POST['username'])) {
|
||||||
|
$_POST['username'] = null;
|
||||||
|
}
|
||||||
|
if(!isset($_POST['key'])) {
|
||||||
|
$_POST['key'] = null;
|
||||||
|
}
|
||||||
|
if(!isset($_POST['user_email'])) {
|
||||||
|
$_POST['user_email'] = null;
|
||||||
|
}
|
||||||
$username_allowed_chars = "a-zA-Z0-9_.";
|
$username_allowed_chars = "a-zA-Z0-9_.";
|
||||||
$clean_username = preg_replace("/[^$username_allowed_chars]/", "", $_POST['username']);
|
$clean_username = preg_replace("/[^$username_allowed_chars]/", "", $_POST['username']);
|
||||||
|
|
||||||
|
|
@ -77,7 +93,11 @@ if(isset($_POST['command']) && $_POST['command'] == 'CreateNew') {
|
||||||
$username = $_POST['username'];
|
$username = $_POST['username'];
|
||||||
$password = $_POST['password'];
|
$password = $_POST['password'];
|
||||||
$user_email = $_POST['user_email'];
|
$user_email = $_POST['user_email'];
|
||||||
$code = $_POST['code'];
|
if(isset($_POST['code'])) {
|
||||||
|
$code = $_POST['code'];
|
||||||
|
} else {
|
||||||
|
$code = false;
|
||||||
|
}
|
||||||
$userFilename = $workpath.$username;
|
$userFilename = $workpath.$username;
|
||||||
$keyFilename = $keypath.$username;
|
$keyFilename = $keypath.$username;
|
||||||
@mkdir($workpath.'new/');
|
@mkdir($workpath.'new/');
|
||||||
|
|
@ -127,7 +147,9 @@ if(isset($_POST['command']) && $_POST['command'] == 'CreateNew') {
|
||||||
fclose($userFileHandle);
|
fclose($userFileHandle);
|
||||||
chmod($userFilename, 0666);
|
chmod($userFilename, 0666);
|
||||||
}
|
}
|
||||||
unlink(sys_get_temp_dir()."/".$username);
|
if(file_exists(sys_get_temp_dir()."/".$username)) {
|
||||||
|
unlink(sys_get_temp_dir()."/".$username);
|
||||||
|
}
|
||||||
echo "User:".$username." Created\r\n";
|
echo "User:".$username." Created\r\n";
|
||||||
echo '<br /><a href="'.$CONFIG['default_content'].'">Back</a>';
|
echo '<br /><a href="'.$CONFIG['default_content'].'">Back</a>';
|
||||||
|
|
||||||
|
|
@ -238,15 +260,16 @@ foreach($users as $user) {
|
||||||
}
|
}
|
||||||
|
|
||||||
# Check email address attempts to avoid abuse
|
# Check email address attempts to avoid abuse
|
||||||
$tried_email = unserialize(file_get_contents($email_registry));
|
if(file_exists($email_registry)) {
|
||||||
if(isset($tried_email[$user_email])) {
|
$tried_email = unserialize(file_get_contents($email_registry));
|
||||||
echo "Email address already used\r\n";
|
if(isset($tried_email[$user_email])) {
|
||||||
echo '<form name="return1" method="post" action="register.php">';
|
echo "Email address already used\r\n";
|
||||||
echo '<input name="username" type="hidden" id="username" value="'.$username.'" readonly="readonly">';
|
echo '<form name="return1" method="post" action="register.php">';
|
||||||
echo '<input type="submit" name="Submit" value="Back"></td>';
|
echo '<input name="username" type="hidden" id="username" value="'.$username.'" readonly="readonly">';
|
||||||
exit(2);
|
echo '<input type="submit" name="Submit" value="Back"></td>';
|
||||||
|
exit(2);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!preg_match("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z0-9]{2,3})$^",$user_email)) {
|
if (!preg_match("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z0-9]{2,3})$^",$user_email)) {
|
||||||
echo "Email must be in the form of an email address\r\n";
|
echo "Email must be in the form of an email address\r\n";
|
||||||
echo '<br /><a href="register.php">Back</a>';
|
echo '<br /><a href="register.php">Back</a>';
|
||||||
|
|
@ -310,7 +333,9 @@ if ($ok || ($command == "Create") )
|
||||||
if($CONFIG['verify_email']) {
|
if($CONFIG['verify_email']) {
|
||||||
|
|
||||||
# Log email address attempts to avoid abuse
|
# Log email address attempts to avoid abuse
|
||||||
$tried_email = unserialize(file_get_contents($email_registry));
|
if(file_exists($email_registry)) {
|
||||||
|
$tried_email = unserialize(file_get_contents($email_registry));
|
||||||
|
}
|
||||||
$tried_email[$user_email]['time'] = time();
|
$tried_email[$user_email]['time'] = time();
|
||||||
file_put_contents($email_registry, serialize($tried_email));
|
file_put_contents($email_registry, serialize($tried_email));
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1624,8 +1624,11 @@ function get_user_mail_auth_data($user) {
|
||||||
$userdata = array("$user");
|
$userdata = array("$user");
|
||||||
$user = strtolower($user);
|
$user = strtolower($user);
|
||||||
$pkey_config = get_user_config($user, "pkey");
|
$pkey_config = get_user_config($user, "pkey");
|
||||||
|
if(!isset($_COOKIE['pkey'])) {
|
||||||
|
$_COOKIE['pkey'] = null;
|
||||||
|
}
|
||||||
$pkey_cookie = $_COOKIE['pkey'];
|
$pkey_cookie = $_COOKIE['pkey'];
|
||||||
if($pkey_config == false || $pkey_cookie == false) {
|
if((!isset($_COOKIE['pkey'])) || $pkey_config == false || $pkey_cookie == false) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
if($pkey_config == $pkey_cookie) {
|
if($pkey_config == $pkey_cookie) {
|
||||||
|
|
|
||||||
|
|
@ -11,7 +11,7 @@ include "newsportal.php";
|
||||||
}
|
}
|
||||||
|
|
||||||
if(!isset($_POST['command'])) {
|
if(!isset($_POST['command'])) {
|
||||||
$_POST['command'] = '';
|
$_POST['command'] = null;
|
||||||
}
|
}
|
||||||
$keyfile = $spooldir.'/keys.dat';
|
$keyfile = $spooldir.'/keys.dat';
|
||||||
$keys = unserialize(file_get_contents($keyfile));
|
$keys = unserialize(file_get_contents($keyfile));
|
||||||
|
|
@ -25,6 +25,12 @@ $keys = unserialize(file_get_contents($keyfile));
|
||||||
$_POST['username'] = $_COOKIE['mail_name'];
|
$_POST['username'] = $_COOKIE['mail_name'];
|
||||||
}
|
}
|
||||||
$name = $_POST['username'];
|
$name = $_POST['username'];
|
||||||
|
if(!isset($_POST['password'])) {
|
||||||
|
$_POST['password'] = null;
|
||||||
|
}
|
||||||
|
if(!isset($_COOKIE['mail_auth'])) {
|
||||||
|
$_COOKIE['mail_auth'] = null;
|
||||||
|
}
|
||||||
if((password_verify($_POST['username'].$keys[0].get_user_config($_POST['username'],'encryptionkey'), $_COOKIE['mail_auth'])) || (password_verify($_POST['username'].$keys[1].get_user_config($_POST['username'],'encryptionkey'), $_COOKIE['mail_auth']))) {
|
if((password_verify($_POST['username'].$keys[0].get_user_config($_POST['username'],'encryptionkey'), $_COOKIE['mail_auth'])) || (password_verify($_POST['username'].$keys[1].get_user_config($_POST['username'],'encryptionkey'), $_COOKIE['mail_auth']))) {
|
||||||
$logged_in = true;
|
$logged_in = true;
|
||||||
} else {
|
} else {
|
||||||
|
|
|
||||||
|
|
@ -9,6 +9,9 @@ include "newsportal.php";
|
||||||
} else {
|
} else {
|
||||||
$offset=$CONFIG['timezone'];
|
$offset=$CONFIG['timezone'];
|
||||||
}
|
}
|
||||||
|
if(!isset($_POST['command'])) {
|
||||||
|
$_POST['command'] = null;
|
||||||
|
}
|
||||||
|
|
||||||
$keyfile = $spooldir.'/keys.dat';
|
$keyfile = $spooldir.'/keys.dat';
|
||||||
$keys = unserialize(file_get_contents($keyfile));
|
$keys = unserialize(file_get_contents($keyfile));
|
||||||
|
|
@ -38,6 +41,12 @@ include "head.inc";
|
||||||
$_POST['username'] = $_COOKIE['mail_name'];
|
$_POST['username'] = $_COOKIE['mail_name'];
|
||||||
}
|
}
|
||||||
$name = $_POST['username'];
|
$name = $_POST['username'];
|
||||||
|
if(!isset($_POST['password'])) {
|
||||||
|
$_POST['password'] = null;
|
||||||
|
}
|
||||||
|
if(!isset($_COOKIE['mail_auth'])) {
|
||||||
|
$_COOKIE['mail_auth'] = null;
|
||||||
|
}
|
||||||
if(((get_user_mail_auth_data($_COOKIE['mail_name'])) && password_verify($_POST['username'].$keys[0].get_user_config($_POST['username'],'encryptionkey'), $_COOKIE['mail_auth'])) || (password_verify($_POST['username'].$keys[1].get_user_config($_POST['username'],'encryptionkey'), $_COOKIE['mail_auth']))) {
|
if(((get_user_mail_auth_data($_COOKIE['mail_name'])) && password_verify($_POST['username'].$keys[0].get_user_config($_POST['username'],'encryptionkey'), $_COOKIE['mail_auth'])) || (password_verify($_POST['username'].$keys[1].get_user_config($_POST['username'],'encryptionkey'), $_COOKIE['mail_auth']))) {
|
||||||
$logged_in = true;
|
$logged_in = true;
|
||||||
} else {
|
} else {
|
||||||
|
|
@ -73,7 +82,6 @@ echo '<table cellpadding="0" cellspacing="0" class="np_buttonbar"><tr>';
|
||||||
echo '<form target="'.$frame['content'].'" method="post" action="mail.php">';
|
echo '<form target="'.$frame['content'].'" method="post" action="mail.php">';
|
||||||
echo '<input name="command" type="hidden" id="command" value="Mail" readonly="readonly">';
|
echo '<input name="command" type="hidden" id="command" value="Mail" readonly="readonly">';
|
||||||
echo "<input type='hidden' name='username' value='".$_POST['username']."' />";
|
echo "<input type='hidden' name='username' value='".$_POST['username']."' />";
|
||||||
echo "<input type='hidden' name='password' value='".$_POST['password']."' />";
|
|
||||||
echo '<button class="np_button_link" type="submit">Mail</button>';
|
echo '<button class="np_button_link" type="submit">Mail</button>';
|
||||||
echo '</form>';
|
echo '</form>';
|
||||||
echo '</td>';
|
echo '</td>';
|
||||||
|
|
@ -82,8 +90,6 @@ echo '<table cellpadding="0" cellspacing="0" class="np_buttonbar"><tr>';
|
||||||
echo '<form target="'.$frame['content'].'" method="post" action="user.php">';
|
echo '<form target="'.$frame['content'].'" method="post" action="user.php">';
|
||||||
echo '<input name="command" type="hidden" id="command" value="Logout" readonly="readonly">';
|
echo '<input name="command" type="hidden" id="command" value="Logout" readonly="readonly">';
|
||||||
echo "<input type='hidden' name='username' value='".$_POST['username']."' />";
|
echo "<input type='hidden' name='username' value='".$_POST['username']."' />";
|
||||||
echo "<input type='hidden' name='password' value='".$_POST['password']."' />";
|
|
||||||
echo "<input type='hidden' name='id' value='".$_POST['id']."' />";
|
|
||||||
echo '<button class="np_button_link" type="submit">Logout</button>';
|
echo '<button class="np_button_link" type="submit">Logout</button>';
|
||||||
echo '</form>';
|
echo '</form>';
|
||||||
echo '</td>';
|
echo '</td>';
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue