novabbs
/
rocksolid-light
3
0
Fork 1
Code Issues 26 Pull Requests Releases Wiki Activity

Auto save posted attachments to user's file directory.

This commit is contained in:
Retro_Guy 2023-09-09 05:52:18 -07:00
parent ae47019faf
commit 91705fdb1f
2 changed files with 551 additions and 331 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

862
Rocksolid_Light/rocksolid/lib/post.inc.php Executable file → Normal file
View File

@ -1,28 +1,29 @@
<?php
/* rslight NNTP<->HTTP Gateway
* Download: https://news.novabbs.com/getrslight
/*
* rslight NNTP<->HTTP Gateway
* Download: https://news.novabbs.com/getrslight
*
* Based on Newsportal by Florian Amrhein
* Based on Newsportal by Florian Amrhein
*
* E-Mail: retroguy@novabbs.com
* Web: https://news.novabbs.com
* E-Mail: retroguy@novabbs.com
* Web: https://news.novabbs.com
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
@session_start();
/*
* Encode lines with 8bit-characters to quote-printable
*
@ -31,158 +32,377 @@
* the function returns a sting containing the quoted-printable encoded
* $line
*/
function encode_subject($line) {
$newstring=mb_encode_mimeheader(quoted_printable_decode($line));
return $newstring;
function encode_subject($line)
{
$newstring = mb_encode_mimeheader(quoted_printable_decode($line));
return $newstring;
}
if(!function_exists('quoted_printable_encode'))
{
function quoted_printable_encode($line) {
global $www_charset;
$qp_table=array(
'=00', '=01', '=02', '=03', '=04', '=05',
'=06', '=07', '=08', '=09', '=0A', '=0B',
'=0C', '=0D', '=0E', '=0F', '=10', '=11',
'=12', '=13', '=14', '=15', '=16', '=17',
'=18', '=19', '=1A', '=1B', '=1C', '=1D',
'=1E', '=1F', '_', '!', '"', '#',
'$', '%', '&', "'", '(', ')',
'*', '+', ',', '-', '.', '/',
'0', '1', '2', '3', '4', '5',
'6', '7', '8', '9', ':', ';',
'<', '=3D', '>', '=3F', '@', 'A',
'B', 'C', 'D', 'E', 'F', 'G',
'H', 'I', 'J', 'K', 'L', 'M',
'N', 'O', 'P', 'Q', 'R', 'S',
'T', 'U', 'V', 'W', 'X', 'Y',
'Z', '[', '\\', ']', '^', '=5F',
'', 'a', 'b', 'c', 'd', 'e',
'f', 'g', 'h', 'i', 'j', 'k',
'l', 'm', 'n', 'o', 'p', 'q',
'r', 's', 't', 'u', 'v', 'w',
'x', 'y', 'z', '{', '|', '}',
'~', '=7F', '=80', '=81', '=82', '=83',
'=84', '=85', '=86', '=87', '=88', '=89',
'=8A', '=8B', '=8C', '=8D', '=8E', '=8F',
'=90', '=91', '=92', '=93', '=94', '=95',
'=96', '=97', '=98', '=99', '=9A', '=9B',
'=9C', '=9D', '=9E', '=9F', '=A0', '=A1',
'=A2', '=A3', '=A4', '=A5', '=A6', '=A7',
'=A8', '=A9', '=AA', '=AB', '=AC', '=AD',
'=AE', '=AF', '=B0', '=B1', '=B2', '=B3',
'=B4', '=B5', '=B6', '=B7', '=B8', '=B9',
'=BA', '=BB', '=BC', '=BD', '=BE', '=BF',
'=C0', '=C1', '=C2', '=C3', '=C4', '=C5',
'=C6', '=C7', '=C8', '=C9', '=CA', '=CB',
'=CC', '=CD', '=CE', '=CF', '=D0', '=D1',
'=D2', '=D3', '=D4', '=D5', '=D6', '=D7',
'=D8', '=D9', '=DA', '=DB', '=DC', '=DD',
'=DE', '=DF', '=E0', '=E1', '=E2', '=E3',
'=E4', '=E5', '=E6', '=E7', '=E8', '=E9',
'=EA', '=EB', '=EC', '=ED', '=EE', '=EF',
'=F0', '=F1', '=F2', '=F3', '=F4', '=F5',
'=F6', '=F7', '=F8', '=F9', '=FA', '=FB',
'=FC', '=FD', '=FE', '=FF');
// are there "forbidden" characters in the string?
for($i=0; $i<strlen($line) && ord($line[$i])<=127 ; $i++);
if ($i<strlen($line)) { // yes, there are. So lets encode them!
$from=$i;
for($to=strlen($line)-1; ord($line[$to])<=127; $to--);
// lets scan for the start and the end of the to be encoded _words_
for(;$from>0 && $line[$from] != ' '; $from--);
if($from>0) $from++;
for(;$to<strlen($line) && $line[$to] != ' '; $to++);
// split the string into the to be encoded middle and the rest
$begin=substr($line,0,$from);
$middle=substr($line,$from,$to-$from);
$end=substr($line,$to);
// ok, now lets encode $middle...
$newmiddle="";
for($i=0; $i<strlen($middle); $i++)
$newmiddle .= $qp_table[ord($middle[$i])];
// now we glue the parts together...
$line=$begin.'=?'.$www_charset.'?Q?'.$newmiddle.'?='.$end;
}
return $line;
}
if (! function_exists('quoted_printable_encode')) {
function quoted_printable_encode($line)
{
global $www_charset;
$qp_table = array(
'=00',
'=01',
'=02',
'=03',
'=04',
'=05',
'=06',
'=07',
'=08',
'=09',
'=0A',
'=0B',
'=0C',
'=0D',
'=0E',
'=0F',
'=10',
'=11',
'=12',
'=13',
'=14',
'=15',
'=16',
'=17',
'=18',
'=19',
'=1A',
'=1B',
'=1C',
'=1D',
'=1E',
'=1F',
'_',
'!',
'"',
'#',
'$',
'%',
'&',
"'",
'(',
')',
'*',
'+',
',',
'-',
'.',
'/',
'0',
'1',
'2',
'3',
'4',
'5',
'6',
'7',
'8',
'9',
':',
';',
'<',
'=3D',
'>',
'=3F',
'@',
'A',
'B',
'C',
'D',
'E',
'F',
'G',
'H',
'I',
'J',
'K',
'L',
'M',
'N',
'O',
'P',
'Q',
'R',
'S',
'T',
'U',
'V',
'W',
'X',
'Y',
'Z',
'[',
'\\',
']',
'^',
'=5F',
'',
'a',
'b',
'c',
'd',
'e',
'f',
'g',
'h',
'i',
'j',
'k',
'l',
'm',
'n',
'o',
'p',
'q',
'r',
's',
't',
'u',
'v',
'w',
'x',
'y',
'z',
'{',
'|',
'}',
'~',
'=7F',
'=80',
'=81',
'=82',
'=83',
'=84',
'=85',
'=86',
'=87',
'=88',
'=89',
'=8A',
'=8B',
'=8C',
'=8D',
'=8E',
'=8F',
'=90',
'=91',
'=92',
'=93',
'=94',
'=95',
'=96',
'=97',
'=98',
'=99',
'=9A',
'=9B',
'=9C',
'=9D',
'=9E',
'=9F',
'=A0',
'=A1',
'=A2',
'=A3',
'=A4',
'=A5',
'=A6',
'=A7',
'=A8',
'=A9',
'=AA',
'=AB',
'=AC',
'=AD',
'=AE',
'=AF',
'=B0',
'=B1',
'=B2',
'=B3',
'=B4',
'=B5',
'=B6',
'=B7',
'=B8',
'=B9',
'=BA',
'=BB',
'=BC',
'=BD',
'=BE',
'=BF',
'=C0',
'=C1',
'=C2',
'=C3',
'=C4',
'=C5',
'=C6',
'=C7',
'=C8',
'=C9',
'=CA',
'=CB',
'=CC',
'=CD',
'=CE',
'=CF',
'=D0',
'=D1',
'=D2',
'=D3',
'=D4',
'=D5',
'=D6',
'=D7',
'=D8',
'=D9',
'=DA',
'=DB',
'=DC',
'=DD',
'=DE',
'=DF',
'=E0',
'=E1',
'=E2',
'=E3',
'=E4',
'=E5',
'=E6',
'=E7',
'=E8',
'=E9',
'=EA',
'=EB',
'=EC',
'=ED',
'=EE',
'=EF',
'=F0',
'=F1',
'=F2',
'=F3',
'=F4',
'=F5',
'=F6',
'=F7',
'=F8',
'=F9',
'=FA',
'=FB',
'=FC',
'=FD',
'=FE',
'=FF'
);
// are there "forbidden" characters in the string?
for ($i = 0; $i < strlen($line) && ord($line[$i]) <= 127; $i ++);
if ($i < strlen($line)) { // yes, there are. So lets encode them!
$from = $i;
for ($to = strlen($line) - 1; ord($line[$to]) <= 127; $to --);
// lets scan for the start and the end of the to be encoded _words_
for (; $from > 0 && $line[$from] != ' '; $from --);
if ($from > 0)
$from ++;
for (; $to < strlen($line) && $line[$to] != ' '; $to ++);
// split the string into the to be encoded middle and the rest
$begin = substr($line, 0, $from);
$middle = substr($line, $from, $to - $from);
$end = substr($line, $to);
// ok, now lets encode $middle...
$newmiddle = "";
for ($i = 0; $i < strlen($middle); $i ++)
$newmiddle .= $qp_table[ord($middle[$i])];
// now we glue the parts together...
$line = $begin . '=?' . $www_charset . '?Q?' . $newmiddle . '?=' . $end;
}
return $line;
}
}
/*
* generate a message-id for posting.
* $identity: a string containing informations about the article, to
* make a md5-hash out of it.
* make a md5-hash out of it.
*
* returns: a complete message-id
*/
function generate_msgid($identity) {
global $CONFIG, $msgid_generate,$msgid_fqdn;
switch($msgid_generate) {
case "no":
// no, we don't want to generate a message-id.
return false;
break;
case "md5":
if($CONFIG['email_tail'][0] !== '@') {
$mymsgid = '@'.$CONFIG['email_tail'];
} else {
$mymsgid = $CONFIG['email_tail'];
}
return '<'.md5($identity).$mymsgid.'>';
break;
default:
return false;
break;
}
function generate_msgid($identity)
{
global $CONFIG, $msgid_generate, $msgid_fqdn;
switch ($msgid_generate) {
case "no":
// no, we don't want to generate a message-id.
return false;
break;
case "md5":
if ($CONFIG['email_tail'][0] !== '@') {
$mymsgid = '@' . $CONFIG['email_tail'];
} else {
$mymsgid = $CONFIG['email_tail'];
}
return '<' . md5($identity) . $mymsgid . '>';
break;
default:
return false;
break;
}
}
function check_rate_limit($name,$set=0,$gettime=0) {
global $CONFIG,$spooldir;
if(strcasecmp($name, $CONFIG['anonusername']) == 0) {
$name = session_id();
}
$ratefile=$spooldir.'/'.strtolower($name).'-rate.dat';
$postqty=0;
$first=0;
$newrate=array();
if(is_file($ratefile)) {
$ratedata='';
$ratefp=fopen($ratefile,'r');
while(!feof($ratefp)) {
$ratedata.=fgets($ratefp,1000);
}
fclose($ratefp);
$rate=unserialize($ratedata);
sort($rate);
foreach($rate as $ratepost) {
if($ratepost > (time() - 3600)) {
$postqty=$postqty+1;
$newrate[]=$ratepost;
if($first == 0) {
$oldest = $ratepost;
$first=1;
}
function check_rate_limit($name, $set = 0, $gettime = 0)
{
global $CONFIG, $spooldir;
if (strcasecmp($name, $CONFIG['anonusername']) == 0) {
$name = session_id();
}
$ratefile = $spooldir . '/' . strtolower($name) . '-rate.dat';
$postqty = 0;
$first = 0;
$newrate = array();
if (is_file($ratefile)) {
$ratedata = '';
$ratefp = fopen($ratefile, 'r');
while (! feof($ratefp)) {
$ratedata .= fgets($ratefp, 1000);
}
fclose($ratefp);
$rate = unserialize($ratedata);
sort($rate);
foreach ($rate as $ratepost) {
if ($ratepost > (time() - 3600)) {
$postqty = $postqty + 1;
$newrate[] = $ratepost;
if ($first == 0) {
$oldest = $ratepost;
$first = 1;
}
}
}
$newrate[]=time();
if($set) {
$ratefp=fopen($ratefile,'w');
fputs($ratefp,serialize($newrate));
fclose($ratefp);
$postqty=$postqty+1;
}
$rate_limit = get_user_config($name, 'rate_limit');
if(($rate_limit !== FALSE) && ($rate_limit > 0)) {
$CONFIG['rate_limit'] = $rate_limit;
}
$postsremaining = $CONFIG['rate_limit']-$postqty;
if($gettime) {
$wait=(3600-(time()-$oldest))/60;
return($wait);
} else {
return($postsremaining);
}
}
}
$newrate[] = time();
if ($set) {
$ratefp = fopen($ratefile, 'w');
fputs($ratefp, serialize($newrate));
fclose($ratefp);
$postqty = $postqty + 1;
}
$rate_limit = get_user_config($name, 'rate_limit');
if (($rate_limit !== FALSE) && ($rate_limit > 0)) {
$CONFIG['rate_limit'] = $rate_limit;
}
$postsremaining = $CONFIG['rate_limit'] - $postqty;
if ($gettime) {
$wait = (3600 - (time() - $oldest)) / 60;
return ($wait);
} else {
return ($postsremaining);
}
}
/*
@ -194,176 +414,182 @@ function check_rate_limit($name,$set=0,$gettime=0) {
* $ref: The references of the article
* $body: The article itself
*/
function message_post($subject,$from,$newsgroups,$ref,$body,$encryptthis=null,$encryptto=null,$authname=null,$followupto=null,$do_attach=null) {
global $server,$port,$send_poster_host,$text_error,$CONFIG;
global $www_charset,$config_dir,$spooldir;
global $msgid_generate,$msgid_fqdn,$rslight_version;
flush();
$attachment_temp_dir = $spooldir."/tmp/";
if(!is_dir($attachment_temp_dir)) {
mkdir($attachment_temp_dir);
}
$myconfig = false;
if(file_exists($config_dir.'/userconfig/'.$authname.'.config')) {
$userconfig = unserialize(file_get_contents($config_dir.'/userconfig/'.$authname.'.config'));
$myconfig = true;
}
if(isset($encryptthis)) {
$workpath = $config_dir."users/";
$username = trim(strtolower($encryptto));
$userFilename = $workpath.$username;
if((!is_file($userFilename)) || $encryptto == $CONFIG['anonusername']) {
$response = "Cannot encrypt to $encryptto. No such user";
return $response;
function message_post($subject, $from, $newsgroups, $ref, $body, $encryptthis = null, $encryptto = null, $authname = null, $followupto = null, $do_attach = null)
{
global $server, $port, $send_poster_host, $text_error, $CONFIG;
global $www_charset, $config_dir, $spooldir;
global $msgid_generate, $msgid_fqdn, $rslight_version;
flush();
$attachment_temp_dir = $spooldir . "/tmp/";
if (! is_dir($attachment_temp_dir)) {
mkdir($attachment_temp_dir);
}
}
$msgid=generate_msgid($subject.",".$from.",".$newsgroups.",".$ref.",".$body);
/*
* SPAM CHECK
*/
if ((isset($CONFIG['spamassassin']) && ($CONFIG['spamassassin'] == true))) {
$spam_result_array = check_spam($subject,$from,$newsgroups,$ref,$body,$msgid);
$res = $spam_result_array['res'];
$spamresult = $spam_result_array['spamresult'];
$spamcheckerversion = $spam_result_array['spamcheckerversion'];
$spamlevel = $spam_result_array['spamlevel'];
$spam_fail = $spam_result_array['spam_fail'];
}
if($do_attach) {
move_uploaded_file($_FILES["photo"]["tmp_name"], $attachment_temp_dir . $_FILES["photo"]["name"]);
}
$ns=nntp_open($server,$port);
if ($ns != false) {
fputs($ns,"POST\r\n");
$weg=line_read($ns);
$t = explode(' ', $weg);
if($t[0] != "340") {
nntp_close($ns);
return $weg;
$myconfig = false;
if (file_exists($config_dir . '/userconfig/' . $authname . '.config')) {
$userconfig = unserialize(file_get_contents($config_dir . '/userconfig/' . $authname . '.config'));
$myconfig = true;
}
if (isset($encryptthis)) {
$workpath = $config_dir . "users/";
$username = trim(strtolower($encryptto));
$userFilename = $workpath . $username;
if ((! is_file($userFilename)) || $encryptto == $CONFIG['anonusername']) {
$response = "Cannot encrypt to $encryptto. No such user";
return $response;
}
}
fputs($ns,'Subject: '.encode_subject($subject)."\r\n");
// For Synchronet use
if (isset($fromname) && (isset($CONFIG['synchronet']) && ($CONFIG['synchronet'] == true))) {
// if ( isset($fromname) && isset($CONFIG['synchronet']) ) {
fputs($ns,'To: '.$fromname."\r\n");
$fromname="";
}
// X-Rslight headers
$msgid = generate_msgid($subject . "," . $from . "," . $newsgroups . "," . $ref . "," . $body);
/*
* SPAM CHECK
*/
if ((isset($CONFIG['spamassassin']) && ($CONFIG['spamassassin'] == true))) {
if(isset($res) && $spam_fail == 0) {
fputs($ns,$spamcheckerversion."\r\n");
if(strpos($spamlevel, '*') !== false)
fputs($ns,$spamlevel."\r\n");
if($res === 1) {
fputs($ns,"X-Rslight-Original-Group: ".$newsgroups."\r\n");
$newsgroups=$CONFIG['spamgroup'];
}
}
}
fputs($ns,'From: '.$from."\r\n");
if($followupto !== null) {
fputs($ns,'Followup-To: '.$followupto."\r\n");
$spam_result_array = check_spam($subject, $from, $newsgroups, $ref, $body, $msgid);
$res = $spam_result_array['res'];
$spamresult = $spam_result_array['spamresult'];
$spamcheckerversion = $spam_result_array['spamcheckerversion'];
$spamlevel = $spam_result_array['spamlevel'];
$spam_fail = $spam_result_array['spam_fail'];
}
fputs($ns,'Newsgroups: '.$newsgroups."\r\n");
$sitekey=password_hash($CONFIG['thissitekey'].$msgid, PASSWORD_DEFAULT);
fputs($ns,'X-Rslight-Site: '.$sitekey."\r\n");
fputs($ns,'X-Rslight-Posting-User: '.hash('sha1', $from.$_SERVER['HTTP_HOST'].$CONFIG['thissitekey'])."\r\n");
if(isset($encryptthis)) {
fputs($ns,'X-Rslight-To: '.$encryptto."\r\n");
$CONFIG['postfooter']="";
if ($do_attach) {
move_uploaded_file($_FILES["photo"]["tmp_name"], $attachment_temp_dir . $_FILES["photo"]["name"]);
if ($authname != null) {
if (! is_dir($spooldir . '/upload/' . $authname)) {
mkdir($spooldir . '/upload/' . $authname);
}
copy($attachment_temp_dir . $_FILES["photo"]["name"], $spooldir . '/upload/' . $authname . '/' . $_FILES["photo"]["name"]);
}
}
fputs($ns,"Mime-Version: 1.0\r\n");
if($do_attach == null) {
fputs($ns,"Content-Type: text/plain; charset=".$www_charset."; format=flowed\r\n");
fputs($ns,"Content-Transfer-Encoding: 8bit\r\n");
}
fputs($ns,"User-Agent: Rocksolid Light ".$rslight_version."\r\n");
if ($send_poster_host)
@fputs($ns,'X-HTTP-Posting-Host: '.gethostbyaddr(getenv("REMOTE_ADDR"))."\r\n");
if (($ref!=false) && (count($ref)>0)) {
// strip references
if(strlen(implode(" ",$ref))>900) {
$ref_first=array_shift($ref);
do {
$ref=array_slice($ref,1);
} while(strlen(implode(" ",$ref))>800);
array_unshift($ref,$ref_first);
}
fputs($ns,'References: '.implode(" ",$ref)."\r\n");
}
if (isset($CONFIG['organization']))
fputs($ns,'Organization: '.quoted_printable_encode($CONFIG['organization'])."\r\n");
$body=trim($body);
if ($userconfig['signature'] !== '' && $myconfig) {
$body.="\n\n-- \n".$userconfig['signature'];
} else {
if ((isset($CONFIG['postfooter'])) && ($CONFIG['postfooter']!="")) {
$postfooter = preg_replace('/\{DOMAIN\}/', "\n".$_SERVER['HTTP_HOST'], $CONFIG['postfooter']);
$body.="\n\n-- \n".$postfooter;
}
}
if($do_attach) {
$boundary=uniqid('', true);
$body.="\r\n--------------".$boundary."\r\n";
}
fputs($ns,'Message-ID: '.$msgid."\r\n");
if ($userconfig['xface'] !== '' && $myconfig) {
fputs($ns,'X-Face: '.$userconfig['xface']."\r\n");
}
if($do_attach) {
fputs($ns,'Content-Type: multipart/mixed;boundary="------------'.$boundary.'"');
fputs($ns,"\r\n");
$contenttype = shell_exec('file -b --mime-type '.$attachment_temp_dir.$_FILES['photo']['name']);
$contenttype = rtrim($contenttype);
$b64file = shell_exec('uuencode -m '.$attachment_temp_dir.$_FILES['photo']['name'].' '.$_FILES['photo']['name'].' | grep -v \'begin-base64\|====\'');
$body.='Content-Type: '.$contenttype.';';
$body.="\r\n name=".$_FILES['photo']['name'];
$body.="\r\nContent-Transfer-Encoding: base64";
$body.="\r\nContent-Disposition: attachment;";
$body.="\r\n filename=".$_FILES['photo']['name'];
$body.="\r\n";
$body.="\r\n".$b64file;
$body.="\r\n--------------".$boundary."--\r\n";
}
// Headers end here
$body=str_replace("\n.\r","\n..\r",$body);
$body=str_replace("\r",'',$body);
$body=stripSlashes($body);
if($do_attach) {
fputs($ns,"\r\nThis is a multi-part message in MIME format.\r\n");
fputs($ns,"--------------".$boundary."\r\n");
fputs($ns,"Content-Type: text/plain; charset=utf-8\r\n");
fputs($ns,"Content-Transfer-Encoding: 7bit\r\n");
}
// Encrypt?
if(isset($encryptthis)) {
$encryptkey=get_user_config($encryptto, "encryptionkey");
$ns = nntp_open($server, $port);
if ($ns != false) {
fputs($ns, "POST\r\n");
$weg = line_read($ns);
$t = explode(' ', $weg);
if ($t[0] != "340") {
nntp_close($ns);
return $weg;
}
$body=chunk_split(rslight_encrypt($body, $encryptkey));
$body="-- RSLIGHT DAT START\n".$body."-- RSLIGHT DAT END\n";
}
$body=rtrim($body);
fputs($ns,"\r\n".$body."\r\n.\r\n");
$message=line_read($ns);
nntp_close($ns);
if($do_attach) {
// clean up attachment file
unlink($attachment_temp_dir.$_FILES["photo"]["name"]);
fputs($ns, 'Subject: ' . encode_subject($subject) . "\r\n");
// For Synchronet use
if (isset($fromname) && (isset($CONFIG['synchronet']) && ($CONFIG['synchronet'] == true))) {
// if ( isset($fromname) && isset($CONFIG['synchronet']) ) {
fputs($ns, 'To: ' . $fromname . "\r\n");
$fromname = "";
}
// X-Rslight headers
if ((isset($CONFIG['spamassassin']) && ($CONFIG['spamassassin'] == true))) {
if (isset($res) && $spam_fail == 0) {
fputs($ns, $spamcheckerversion . "\r\n");
if (strpos($spamlevel, '*') !== false)
fputs($ns, $spamlevel . "\r\n");
if ($res === 1) {
fputs($ns, "X-Rslight-Original-Group: " . $newsgroups . "\r\n");
$newsgroups = $CONFIG['spamgroup'];
}
}
}
fputs($ns, 'From: ' . $from . "\r\n");
if ($followupto !== null) {
fputs($ns, 'Followup-To: ' . $followupto . "\r\n");
}
fputs($ns, 'Newsgroups: ' . $newsgroups . "\r\n");
$sitekey = password_hash($CONFIG['thissitekey'] . $msgid, PASSWORD_DEFAULT);
fputs($ns, 'X-Rslight-Site: ' . $sitekey . "\r\n");
fputs($ns, 'X-Rslight-Posting-User: ' . hash('sha1', $from . $_SERVER['HTTP_HOST'] . $CONFIG['thissitekey']) . "\r\n");
if (isset($encryptthis)) {
fputs($ns, 'X-Rslight-To: ' . $encryptto . "\r\n");
$CONFIG['postfooter'] = "";
}
fputs($ns, "Mime-Version: 1.0\r\n");
if ($do_attach == null) {
fputs($ns, "Content-Type: text/plain; charset=" . $www_charset . "; format=flowed\r\n");
fputs($ns, "Content-Transfer-Encoding: 8bit\r\n");
}
fputs($ns, "User-Agent: Rocksolid Light " . $rslight_version . "\r\n");
if ($send_poster_host)
@fputs($ns, 'X-HTTP-Posting-Host: ' . gethostbyaddr(getenv("REMOTE_ADDR")) . "\r\n");
if (($ref != false) && (count($ref) > 0)) {
// strip references
if (strlen(implode(" ", $ref)) > 900) {
$ref_first = array_shift($ref);
do {
$ref = array_slice($ref, 1);
} while (strlen(implode(" ", $ref)) > 800);
array_unshift($ref, $ref_first);
}
fputs($ns, 'References: ' . implode(" ", $ref) . "\r\n");
}
if (isset($CONFIG['organization']))
fputs($ns, 'Organization: ' . quoted_printable_encode($CONFIG['organization']) . "\r\n");
$body = trim($body);
if ($userconfig['signature'] !== '' && $myconfig) {
$body .= "\n\n-- \n" . $userconfig['signature'];
} else {
if ((isset($CONFIG['postfooter'])) && ($CONFIG['postfooter'] != "")) {
$postfooter = preg_replace('/\{DOMAIN\}/', "\n" . $_SERVER['HTTP_HOST'], $CONFIG['postfooter']);
$body .= "\n\n-- \n" . $postfooter;
}
}
if ($do_attach) {
$boundary = uniqid('', true);
$body .= "\r\n--------------" . $boundary . "\r\n";
}
fputs($ns, 'Message-ID: ' . $msgid . "\r\n");
if ($userconfig['xface'] !== '' && $myconfig) {
fputs($ns, 'X-Face: ' . $userconfig['xface'] . "\r\n");
}
if ($do_attach) {
fputs($ns, 'Content-Type: multipart/mixed;boundary="------------' . $boundary . '"');
fputs($ns, "\r\n");
$contenttype = shell_exec('file -b --mime-type ' . $attachment_temp_dir . $_FILES['photo']['name']);
$contenttype = rtrim($contenttype);
$b64file = shell_exec('uuencode -m ' . $attachment_temp_dir . $_FILES['photo']['name'] . ' ' . $_FILES['photo']['name'] . ' | grep -v \'begin-base64\|====\'');
$body .= 'Content-Type: ' . $contenttype . ';';
$body .= "\r\n name=" . $_FILES['photo']['name'];
$body .= "\r\nContent-Transfer-Encoding: base64";
$body .= "\r\nContent-Disposition: attachment;";
$body .= "\r\n filename=" . $_FILES['photo']['name'];
$body .= "\r\n";
$body .= "\r\n" . $b64file;
$body .= "\r\n--------------" . $boundary . "--\r\n";
}
// Headers end here
$body = str_replace("\n.\r", "\n..\r", $body);
$body = str_replace("\r", '', $body);
$body = stripSlashes($body);
if ($do_attach) {
fputs($ns, "\r\nThis is a multi-part message in MIME format.\r\n");
fputs($ns, "--------------" . $boundary . "\r\n");
fputs($ns, "Content-Type: text/plain; charset=utf-8\r\n");
fputs($ns, "Content-Transfer-Encoding: 7bit\r\n");
}
// Encrypt?
if (isset($encryptthis)) {
$encryptkey = get_user_config($encryptto, "encryptionkey");
$body = chunk_split(rslight_encrypt($body, $encryptkey));
$body = "-- RSLIGHT DAT START\n" . $body . "-- RSLIGHT DAT END\n";
}
$body = rtrim($body);
fputs($ns, "\r\n" . $body . "\r\n.\r\n");
$message = line_read($ns);
nntp_close($ns);
if ($do_attach) {
// clean up attachment file
unlink($attachment_temp_dir . $_FILES["photo"]["name"]);
}
} else {
$message = $text_error["post_failed"];
}
} else {
$message=$text_error["post_failed"];
}
// let thread.php ignore the cache for this group, so this new
// article will be visible instantly
$groupsarr=explode(",",$newsgroups);
foreach($groupsarr as $newsgroup) {
$cachefile=$spooldir.'/'.$newsgroup.'-cache.txt';
@unlink($cachefile);
}
return $message;
// let thread.php ignore the cache for this group, so this new
// article will be visible instantly
$groupsarr = explode(",", $newsgroups);
foreach ($groupsarr as $newsgroup) {
$cachefile = $spooldir . '/' . $newsgroup . '-cache.txt';
@unlink($cachefile);
}
return $message;
}
?>

20
Rocksolid_Light/rocksolid/post.php
View File

@ -37,13 +37,9 @@ $CONFIG = include ($config_file);
@$abspeichern = $_REQUEST["abspeichern"];
@$references = $_REQUEST["references"];
@$id = $_REQUEST["id"];
if (! isset($group))
if (! isset($group) && isset($newsgroups)) {
$group = $newsgroups;
include "auth.inc";
if ($post_captcha)
include "lib/captcha/captcha.php";
}
// Save name in cookies
if (($setcookies == true) && (isset($abspeichern)) && ($abspeichern == "ja")) {
setcookie("cookie_name", stripslashes($name), time() + (3600 * 24 * 90), "/");
@ -327,8 +323,8 @@ if ($show == 1) {
name="<?php echo md5($fieldencrypt."subject")?>"
value="<?php
echo htmlspecialchars($subject);
?>" size="40"
maxlength="80"></td>
?>"
size="40" maxlength="80"></td>
</tr>
<tr>
<td align="right"><b><?php echo $text_post["name"]?></b></td>
@ -336,7 +332,7 @@ if ($show == 1) {
<?php
if (! isset($name) && $CONFIG['anonuser'])
$name = $CONFIG['anonusername'];
if ($form_noname === true) {
if (isset($form_noname) && $form_noname === true) {
echo htmlspecialchars($name);
} else {
echo '<input class="post" type="text" name="' . md5($fieldencrypt . "name") . '"';
@ -398,9 +394,7 @@ if ($show == 1) {
value="<?php
if (isset($bodyzeile))
echo htmlspecialchars(stripslashes($bodyzeile));
?>">
<script language="JavaScript">
?>"> <script language="JavaScript">
<!--
function quoten() {
document.getElementById("postbody").value=document.getElementById("hidebody").value;
@ -426,7 +420,7 @@ function quoten() {
<?php
if ($post_captcha) {
if ($post_captcha) {
echo '<tr><td>';
echo captcha::form($text_post["captchainfo1"], $text_post["captchainfo2"]);
echo '</td></tr>';