From c908cb71fb4dc5e29dac4142fd49513d9bb2722a Mon Sep 17 00:00:00 2001
From: Retro_Guy <retro.guy@rocksolidbbs.com>
Date: Wed, 17 Jul 2024 06:33:48 -0700
Subject: [PATCH] Add function to handle cookie creation at login.

---
 Rocksolid_Light/rocksolid/newsportal.php | 151 +++++++++++++----------
 1 file changed, 86 insertions(+), 65 deletions(-)

diff --git a/Rocksolid_Light/rocksolid/newsportal.php b/Rocksolid_Light/rocksolid/newsportal.php
index c33211d..46d7039 100644
--- a/Rocksolid_Light/rocksolid/newsportal.php
+++ b/Rocksolid_Light/rocksolid/newsportal.php
@@ -199,12 +199,12 @@ function validate_email($address)
 {
     global $validate_email;
     $return = true;
-    if (($validate_email >= 1) && ($return == true))
-/* Need to clean up this regex to work properly with preg_match
-    $return = (preg_match('^[-!#$%&\'*+\\./0-9=?A-Z^_A-z{|}~]+'.'@'.
-               '[-!#$%&\'*+\\/0-9=?A-Z^_A-z{|}~]+\.'.
-               '[-!#$%&\'*+\\./0-9=?A-Z^_A-z{|}~]+$',$address));
-*/
+    if (($validate_email >= 1) && ($return == true))
+/* Need to clean up this regex to work properly with preg_match
+    $return = (preg_match('^[-!#$%&\'*+\\./0-9=?A-Z^_A-z{|}~]+'.'@'.
+               '[-!#$%&\'*+\\/0-9=?A-Z^_A-z{|}~]+\.'.
+               '[-!#$%&\'*+\\./0-9=?A-Z^_A-z{|}~]+$',$address));
+*/
     $return = 1;
     if (($validate_email >= 2) && ($return == true)) {
         $addressarray = address_decode($address, "garantiertungueltig");
@@ -1279,6 +1279,27 @@ function group_display_name($gname)
     return $gname;
 }
 
+function set_user_logged_in_cookies($name, $keys) {
+    $name = trim($name);
+            $auth_expire = 14400;
+            $authkey = password_hash($name . $keys[0] . get_user_config($name, 'encryptionkey'), PASSWORD_DEFAULT);
+            $pkey = hash('crc32', get_user_config($name, 'encryptionkey'));
+            set_user_config(strtolower($name), "pkey", $pkey);
+?>
+<script type="text/javascript">
+   if (navigator.cookieEnabled)
+     var authcookie = "<?php echo $authkey; ?>";
+     var savename = "<?php echo stripslashes($name); ?>";
+ var auth_expire = "<?php echo $auth_expire; ?>";
+ var name_expire = "7776000";
+ var pkey = "<?php echo $pkey; ?>";
+     document.cookie = "mail_auth="+authcookie+"; max-age="+auth_expire+"; path=/";
+     document.cookie = "mail_name="+savename+"; max-age="+name_expire+"; path=/";
+     document.cookie = "pkey="+pkey+"; max-age="+name_expire+"; path=/";
+  </script>
+<?php
+}
+
 function check_bbs_auth($username, $password)
 {
     global $config_dir, $spooldir, $CONFIG;
@@ -1735,18 +1756,18 @@ function mail_db_open($database, $table = 'messages')
         echo 'Connection failed: ' . $e->getMessage();
         exit();
     }
-    $dbh->exec("CREATE TABLE IF NOT EXISTS messages(
-     id INTEGER PRIMARY KEY,
-     msgid TEXT UNIQUE,
-     mail_from TEXT,
-     mail_viewed TEXT,
-     rcpt_to TEXT,
-     rcpt_viewed TEXT,
-     rcpt_target TEXT,
-     date TEXT,
-     subject TEXT,
-     message TEXT,
-     from_hide TEXT,
+    $dbh->exec("CREATE TABLE IF NOT EXISTS messages(
+     id INTEGER PRIMARY KEY,
+     msgid TEXT UNIQUE,
+     mail_from TEXT,
+     mail_viewed TEXT,
+     rcpt_to TEXT,
+     rcpt_viewed TEXT,
+     rcpt_target TEXT,
+     date TEXT,
+     subject TEXT,
+     message TEXT,
+     from_hide TEXT,
      to_hide TEXT)");
     return ($dbh);
 }
@@ -1768,9 +1789,9 @@ function threads_db_open($database, $table = "threads")
         echo 'Connection failed: ' . $e->getMessage();
         exit();
     }
-    $dbh->exec("CREATE TABLE IF NOT EXISTS threads(
-			id INTEGER PRIMARY KEY,
-			headers TEXT,
+    $dbh->exec("CREATE TABLE IF NOT EXISTS threads(
+			id INTEGER PRIMARY KEY,
+			headers TEXT,
             unique (headers))");
     return ($dbh);
 }
@@ -1783,16 +1804,16 @@ function history_db_open($database, $table = 'history')
         echo 'Connection failed: ' . $e->getMessage();
         exit();
     }
-    $dbh->exec("CREATE TABLE IF NOT EXISTS history(
-            id INTEGER PRIMARY KEY,
-            newsgroup TEXT,
-			number TEXT,
-			msgid TEXT,
-			status TEXT,
-			statusdate TEXT,
-			statusreason TEXT,
-			statusnotes TEXT,		
-			unique (newsgroup, msgid),
+    $dbh->exec("CREATE TABLE IF NOT EXISTS history(
+            id INTEGER PRIMARY KEY,
+            newsgroup TEXT,
+			number TEXT,
+			msgid TEXT,
+			status TEXT,
+			statusdate TEXT,
+			statusreason TEXT,
+			statusnotes TEXT,		
+			unique (newsgroup, msgid),
 			unique (newsgroup, number))");
     $stmt = $dbh->query('CREATE INDEX IF NOT EXISTS id_status on ' . $table . '(status)');
     $stmt->execute();
@@ -1815,20 +1836,20 @@ function overview_db_open($database, $table = 'overview')
         echo 'Connection failed: ' . $e->getMessage();
         exit();
     }
-    $dbh->exec("CREATE TABLE IF NOT EXISTS overview(
-     id INTEGER PRIMARY KEY,
-     newsgroup TEXT,
-     number TEXT,
-     msgid TEXT,
-     date TEXT,
-     datestring TEXT,
-     name TEXT,
-     subject TEXT,
-     refs TEXT,
-     bytes TEXT,
-     lines TEXT,
-     xref TEXT,
-     unique (newsgroup, msgid),
+    $dbh->exec("CREATE TABLE IF NOT EXISTS overview(
+     id INTEGER PRIMARY KEY,
+     newsgroup TEXT,
+     number TEXT,
+     msgid TEXT,
+     date TEXT,
+     datestring TEXT,
+     name TEXT,
+     subject TEXT,
+     refs TEXT,
+     bytes TEXT,
+     lines TEXT,
+     xref TEXT,
+     unique (newsgroup, msgid),
      unique (newsgroup, number))");
     $stmt = $dbh->query('CREATE INDEX IF NOT EXISTS id_date on ' . $table . '(date)');
     $stmt->execute();
@@ -1863,15 +1884,15 @@ function article_db_open($database, $table = 'articles')
         echo 'Connection failed: ' . $e->getMessage();
         exit();
     }
-    $dbh->exec("CREATE TABLE IF NOT EXISTS articles(
-     id INTEGER PRIMARY KEY,
-     newsgroup TEXT,
-     number TEXT UNIQUE,
-     msgid TEXT UNIQUE,
-     date TEXT,
-     name TEXT,
-     subject TEXT,
-     search_snippet TEXT,
+    $dbh->exec("CREATE TABLE IF NOT EXISTS articles(
+     id INTEGER PRIMARY KEY,
+     newsgroup TEXT,
+     number TEXT UNIQUE,
+     msgid TEXT UNIQUE,
+     date TEXT,
+     name TEXT,
+     subject TEXT,
+     search_snippet TEXT,
      article TEXT)");
 
     $stmt = $dbh->query('CREATE INDEX IF NOT EXISTS db_number on ' . $table . '(number)');
@@ -1883,19 +1904,19 @@ function article_db_open($database, $table = 'articles')
     $stmt = $dbh->query('CREATE INDEX IF NOT EXISTS db_name on ' . $table . '(name)');
     $stmt->execute();
 
-    $dbh->exec("CREATE VIRTUAL TABLE IF NOT EXISTS search_fts USING fts5(
-     newsgroup,
-     number,
-     msgid,
-     date,
-     name,
-     subject,
+    $dbh->exec("CREATE VIRTUAL TABLE IF NOT EXISTS search_fts USING fts5(
+     newsgroup,
+     number,
+     msgid,
+     date,
+     name,
+     subject,
      search_snippet)");
-    $dbh->exec("CREATE TRIGGER IF NOT EXISTS after_articles_insert AFTER INSERT ON $table BEGIN
-	INSERT INTO search_fts(newsgroup, number, msgid, date, name, subject, search_snippet) VALUES(new.newsgroup, new.number, new.msgid, new.date, new.name, new.subject, new.search_snippet);
+    $dbh->exec("CREATE TRIGGER IF NOT EXISTS after_articles_insert AFTER INSERT ON $table BEGIN
+	INSERT INTO search_fts(newsgroup, number, msgid, date, name, subject, search_snippet) VALUES(new.newsgroup, new.number, new.msgid, new.date, new.name, new.subject, new.search_snippet);
 	END;");
-    $dbh->exec("CREATE TRIGGER IF NOT EXISTS after_articles_delete AFTER DELETE ON $table BEGIN
-	DELETE FROM search_fts WHERE msgid = old.msgid;
+    $dbh->exec("CREATE TRIGGER IF NOT EXISTS after_articles_delete AFTER DELETE ON $table BEGIN
+	DELETE FROM search_fts WHERE msgid = old.msgid;
 	END;");
     return ($dbh);
 }