novabbs
/
rocksolid-light
3
0
Fork 1
Code Issues 22 Pull Requests Releases Wiki Activity

Combine user login for mail, files and user.

This commit is contained in:
Retro_Guy 2023-07-09 13:10:59 -07:00
parent ef0e873844
commit eae7143228
3 changed files with 31 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
Rocksolid_Light/spoolnews/mail.php
View File

@ -99,7 +99,8 @@ if(isset($_POST['username'])) {
} }
if($logged_in !== true) { if($logged_in !== true) {
echo '<table border="0" align="center" cellpadding="0" cellspacing="1">'; echo '<table border="0" align="center" cellpadding="0" cellspacing="1">';
echo '<form name="form1" method="post" action="mail.php" enctype="multipart/form-data">'; echo '<form name="form1" method="post" action="user.php" enctype="multipart/form-data">';
//echo '<form name="form1" method="post" action="mail.php" enctype="multipart/form-data">';
echo '<tr><td><strong>Please Login<br /></strong></td></tr>'; echo '<tr><td><strong>Please Login<br /></strong></td></tr>';
echo '<tr><td>Username:</td><td><input name="username" type="text" id="username" value="'.$name.'"></td></tr>'; echo '<tr><td>Username:</td><td><input name="username" type="text" id="username" value="'.$name.'"></td></tr>';
echo '<tr><td>Password:</td><td><input name="password" type="password" id="password"></td></tr>'; echo '<tr><td>Password:</td><td><input name="password" type="password" id="password"></td></tr>';

36
Rocksolid_Light/spoolnews/upload.php
View File

@ -4,18 +4,24 @@ include "newsportal.php";
$logfile=$logdir.'/files.log'; $logfile=$logdir.'/files.log';
unset($name); $keyfile = $spooldir.'/keys.dat';
if(isset($_POST['username']) && $_POST['username'] !== '') { $keys = unserialize(file_get_contents($keyfile));
$name = $_POST['username'];
} else { $name = '';
if ($setcookies) {
if (isset($_COOKIE['files_name'])) { $logged_in = false;
$name=$_COOKIE['files_name']; if(!isset($_POST['username'])) {
} $_POST['username'] = $_COOKIE['mail_name'];
}
} }
if(!isset($name)) { $name = $_POST['username'];
$name = ''; if(!isset($_POST['password'])) {
$_POST['password'] = null;
}
if(!isset($_COOKIE['mail_auth'])) {
$_COOKIE['mail_auth'] = null;
}
if((password_verify($_POST['username'].$keys[0].get_user_config($_POST['username'],'encryptionkey'), $_COOKIE['mail_auth'])) || (password_verify($_POST['username'].$keys[1].get_user_config($_POST['username'],'encryptionkey'), $_COOKIE['mail_auth']))) {
$logged_in = true;
} }
$title.=' - Upload file'; $title.=' - Upload file';
@ -37,7 +43,6 @@ include "head.inc";
echo '</td>'; echo '</td>';
echo '<td width=100%></td></tr></table>'; echo '<td width=100%></td></tr></table>';
echo '<hr>'; echo '<hr>';
if(isset($_FILES['photo'])) { if(isset($_FILES['photo'])) {
$_FILES['photo']['name'] = preg_replace('/[^a-zA-Z0-9\.]/', '_', $_FILES['photo']['name']); $_FILES['photo']['name'] = preg_replace('/[^a-zA-Z0-9\.]/', '_', $_FILES['photo']['name']);
// Check auth here // Check auth here
@ -63,7 +68,7 @@ if(isset($_FILES['photo'])) {
<script type="text/javascript"> <script type="text/javascript">
if (navigator.cookieEnabled) if (navigator.cookieEnabled)
var savename = "<?php echo stripslashes($name); ?>"; var savename = "<?php echo stripslashes($name); ?>";
document.cookie = "files_name="+savename+"; path=/"; document.cookie = "mail_name="+savename+"; path=/";
</script> </script>
<?php <?php
} else { } else {
@ -74,7 +79,8 @@ if(isset($_FILES['photo'])) {
} }
echo '<table border="0" align="center" cellpadding="0" cellspacing="1">'; echo '<table border="0" align="center" cellpadding="0" cellspacing="1">';
echo '<form name="form1" method="post" action="upload.php" enctype="multipart/form-data">'; echo '<form name="form1" method="post" action="user.php" enctype="multipart/form-data">';
//echo '<form name="form1" method="post" action="upload.php" enctype="multipart/form-data">';
if(!isset($_POST['username'])) { if(!isset($_POST['username'])) {
$_POST['username'] = ''; $_POST['username'] = '';
@ -82,7 +88,7 @@ if(isset($_FILES['photo'])) {
if(!isset($_POST['password'])) { if(!isset($_POST['password'])) {
$_POST['password'] = ''; $_POST['password'] = '';
} }
if(!check_bbs_auth($_POST['username'], $_POST['password'])) { if(!$logged_in && !check_bbs_auth($_POST['username'], $_POST['password'])) {
echo '<tr><td><strong>Please Login to Upload<br /></strong></td></tr>'; echo '<tr><td><strong>Please Login to Upload<br /></strong></td></tr>';
echo '<tr><td>Username:</td><td><input name="username" type="text" id="username" value="'.$name.'"></td></tr>'; echo '<tr><td>Username:</td><td><input name="username" type="text" id="username" value="'.$name.'"></td></tr>';
echo '<tr><td>Password:</td><td><input name="password" type="password" id="password"></td></tr>'; echo '<tr><td>Password:</td><td><input name="password" type="password" id="password"></td></tr>';

8
Rocksolid_Light/spoolnews/user.php
View File

@ -89,6 +89,14 @@ echo '<table cellpadding="0" cellspacing="0" class="np_buttonbar"><tr>';
echo '<button class="np_button_link" type="submit">Mail</button>'; echo '<button class="np_button_link" type="submit">Mail</button>';
echo '</form>'; echo '</form>';
echo '</td>'; echo '</td>';
// Files button
echo '<td>';
echo '<form target="'.$frame['content'].'" method="post" action="files.php">';
echo '<input name="command" type="hidden" id="command" value="Files" readonly="readonly">';
echo "<input type='hidden' name='username' value='".$_POST['username']."' />";
echo '<button class="np_button_link" type="submit">Files</button>';
echo '</form>';
echo '</td>';
// Logout button // Logout button
echo '<td>'; echo '<td>';
echo '<form target="'.$frame['content'].'" method="post" action="user.php">'; echo '<form target="'.$frame['content'].'" method="post" action="user.php">';