From e97b9e5c80ec83acacc57f757c7ed3eaefce94bc Mon Sep 17 00:00:00 2001
From: Retro_Guy <retro.guy@rocksolidbbs.com>
Date: Sun, 17 Nov 2024 06:53:39 -0700
Subject: [PATCH] Add ability to restrict new users to lower posting limits for
 a period of time.

---
 Rocksolid_Light/common/register.php           | 21 ++++++++++---
 Rocksolid_Light/rocksolid/newsportal.php      |  3 ++
 Rocksolid_Light/rocksolid/post.php            | 30 ++++++++++++++-----
 .../rslight/overrides.inc.php.dist            |  9 ++++++
 4 files changed, 52 insertions(+), 11 deletions(-)

diff --git a/Rocksolid_Light/common/register.php b/Rocksolid_Light/common/register.php
index 012b392..b4930ed 100644
--- a/Rocksolid_Light/common/register.php
+++ b/Rocksolid_Light/common/register.php
@@ -91,7 +91,7 @@ if (!isset($_POST['command'])) {
         echo '<td><input type="submit" name="Submit" value="Create"></td>';
         echo '<td></td></tr>';
         echo '</table></form>';
- 
+
         // RESET Password 
         echo '<form name="resetpw" method="post" action="register.php">';
         echo '<table class="register_table_forgot_password_button">';
@@ -581,7 +581,7 @@ function create_account($username, $password, $user_email)
             $mail = new PHPMailer\PHPMailer\PHPMailer();
         }
     }
-    
+
     echo '<center>';
     echo 'Create account: ' . $_POST['username'] . '<br><br >';
     /* Generate email */
@@ -670,7 +670,7 @@ function create_account($username, $password, $user_email)
 
 function create_new($username, $password, $user_email)
 {
-    global $config_dir, $CONFIG, $keys, $workpath, $keypath, $logfile;
+    global $config_dir, $CONFIG, $OVERRIDES, $keys, $workpath, $keypath, $logfile;
     include $config_dir . '/synchronet.conf';
     if (isset($_POST['code'])) {
         $code = $_POST['code'];
@@ -725,6 +725,14 @@ function create_new($username, $password, $user_email)
         if ($verified == 1) {
             fwrite($userFileHandle, "email_verified:true\r\n");
         }
+
+        // Save creation date and restrict rate_limit for new users if configured
+        fwrite($userFileHandle, 'created:' . time() . "\r\n");
+        fwrite($userFileHandle, "new_account:true\r\n");
+        if (isset($OVERRIDES['new_users_rate_limit']) && $OVERRIDES['new_users_rate_limit'] > 0) {
+            fwrite($userFileHandle, 'rate_limit:' . $OVERRIDES['new_users_rate_limit'] . "\r\n");
+        }
+
         fclose($userFileHandle);
         chmod($userFilename, 0666);
     }
@@ -732,7 +740,12 @@ function create_new($username, $password, $user_email)
         unlink(sys_get_temp_dir() . "/" . $username);
     }
     echo '<center>';
-    echo "User:" . $username . " Created\r\n";
+    echo "User: " . $username . " Created<br>";
+    if (isset($OVERRIDES['new_account_life'])) {
+        echo "<br>Account Posting Limit per Hour<br>";
+        echo " will be limited for the first<br>";
+        echo $OVERRIDES['new_account_life'] . ' hour(s) after account creation<br>';
+    }
     echo '<br ><a href="' . $CONFIG['default_content'] . '">Back</a>';
     echo '</center>';
 }
diff --git a/Rocksolid_Light/rocksolid/newsportal.php b/Rocksolid_Light/rocksolid/newsportal.php
index 4f3eb0c..eda1342 100644
--- a/Rocksolid_Light/rocksolid/newsportal.php
+++ b/Rocksolid_Light/rocksolid/newsportal.php
@@ -1569,6 +1569,7 @@ function check_encryption_groups($request)
     }
 }
 
+// Sets a user's config value. $newval = false removes the setting entirely
 function set_user_config($username, $request, $newval)
 {
     global $config_dir;
@@ -1581,7 +1582,9 @@ function set_user_config($username, $request, $newval)
     $found = 0;
     foreach ($userData as $data) {
         if (strpos($data, $request . ':') !== FALSE) {
+            if($newval !== false) {
             fputs($userFileHandle, $request . ':' . $newval . "\r\n");
+            }
             $found = 1;
         } else {
             fputs($userFileHandle, $data . "\r\n");
diff --git a/Rocksolid_Light/rocksolid/post.php b/Rocksolid_Light/rocksolid/post.php
index f6ad9e7..cdafcf1 100644
--- a/Rocksolid_Light/rocksolid/post.php
+++ b/Rocksolid_Light/rocksolid/post.php
@@ -305,16 +305,31 @@ if ($type == "post") {
                 $nemail = $anonym_address;
             else
                 $nemail = $email;
+
+            // Does user have their own rate limit?
+            $new_user_notice = '';
             $rate_limit = get_user_config($name, 'rate_limit');
             if (($rate_limit !== FALSE) && ($rate_limit > 0)) {
-                $CONFIG['rate_limit'] = $rate_limit;
+                $is_new = get_user_config($name, 'new_account');
+                if ($is_new == true) {
+                    $create_date = get_user_config($name, 'created');
+                    if (isset($OVERRIDES['new_account_life']) && $create_date > (time() - ($OVERRIDES['new_account_life'] * 3600))) {  // Account is new
+                        $CONFIG['rate_limit'] = $rate_limit;
+                        $new_user_notice = '<br><br>(posting is limited for ' . $OVERRIDES['new_account_life'] . ' hour(s) after account creation)<br>';
+                    } else {
+                        set_user_config($name, 'new_account', false);
+                        set_user_config($name, 'rate_limit', false);
+                    }
+                }
             }
+
             if ($CONFIG['rate_limit'] == true) {
                 $postsremaining = check_rate_limit($name);
                 if ($postsremaining < 1) {
                     $wait = check_rate_limit($name, 0, 1);
                     echo 'You have reached the limit of ' . $CONFIG['rate_limit'] . ' posts per hour.<br />Please wait ' . round($wait) . ' minutes before posting again.';
-                    echo '<p><a href="' . $file_thread . '?group=' . urlencode($returngroup) . '">' . $text_post["button_back"] . '</a> ' . $text_post["button_back2"] . ' ' . group_display_name($returngroup) . '</p>';
+                    echo $new_user_notice;
+                    echo '<br><p><a href="' . $file_thread . '?group=' . urlencode($returngroup) . '">' . $text_post["button_back"] . '</a> ' . $text_post["button_back2"] . ' ' . group_display_name($returngroup) . '</p>';
                     return;
                 }
             }
@@ -322,10 +337,10 @@ if ($type == "post") {
             // Wrap long lines in message body
             $body = wrap_post($body);
 
-            if(!isset($_POST['encryptthis'])) {
+            if (!isset($_POST['encryptthis'])) {
                 $_POST['encryptthis'] = null;
             }
-            if(!isset($_POST['encrypto'])) {
+            if (!isset($_POST['encrypto'])) {
                 $_POST['encrypto'] = null;
             }
 
@@ -353,10 +368,11 @@ if ($type == "post") {
                     echo 'You have ' . $postsremaining . ' posts remaining of ' . $CONFIG['rate_limit'] . ' posts per hour.<br />';
                     if ($postsremaining < 1) {
                         $wait = check_rate_limit($name, 0, 1);
-                        echo 'Please wait ' . round($wait) . ' minutes before posting again.<br />';
+                        echo 'Please wait ' . round($wait) . ' minutes before posting again.<br>';
+                        echo $new_user_notice;
                     }
                 }
-                echo '<p><a href="' . $file_thread . '?group=' . urlencode($returngroup) . '">Back</a></p>';
+                echo '<br><p><a href="' . $file_thread . '?group=' . urlencode($returngroup) . '">Back</a></p>';
             } else {
                 // article not accepted by the newsserver
                 $type = "retry";
@@ -671,7 +687,7 @@ if ($show == 1) {
         if (! in_array($config_name, $OVERRIDES['disable_attach'])) {
             echo '&nbsp;';
             echo '<input type="file" name="photo" id="fileSelect" accept="image/*,audio/*,text/*,application/pdf">';
-          //  echo '<input type="file" name="photo" id="fileSelect" value="fileSelect" accept="image/*,audio/*,text/*,application/pdf">';
+            //  echo '<input type="file" name="photo" id="fileSelect" value="fileSelect" accept="image/*,audio/*,text/*,application/pdf">';
             echo '</td></tr>';
         }
         if ($post_captcha) {
diff --git a/Rocksolid_Light/rslight/overrides.inc.php.dist b/Rocksolid_Light/rslight/overrides.inc.php.dist
index 9ffc1ce..7343520 100644
--- a/Rocksolid_Light/rslight/overrides.inc.php.dist
+++ b/Rocksolid_Light/rslight/overrides.inc.php.dist
@@ -44,6 +44,15 @@ return [
     // Must be 'show' or 'hide'  
     'hide_unsub' => 'hide',
 
+    // Restrict 'NEW' users to this many posts per hour after
+    // account is created. After that, limit will be lifted.
+    // Comment out '//' to disable
+    'new_users_rate_limit' => 2,
+
+    // Number of hours to consider an account as 'NEW'
+    // Comment out '//' to disable
+    'new_account_life' => 2,
+
     // Show thread tree above articles in thread view
     // Default is false
     'show_thread_tree' => false,