457 lines
15 KiB
457 lines
15 KiB
/* rslight NNTP<->HTTP Gateway
* Download: https://news.novabbs.com/getrslight
* Based on Newsportal by Florian Amrhein
* E-Mail: retroguy@novabbs.com
* Web: https://news.novabbs.com
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* GNU General Public License for more details.
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
include "config.inc.php";
$CONFIG = include($config_file);
if (!isset($group)) $group=$newsgroups;
include "auth.inc";
include "lib/captcha/captcha.php";
// Save name in cookies
if (($setcookies==true) && (isset($abspeichern)) && ($abspeichern=="ja")) {
if ((isset($post_server)) && ($post_server!=""))
if ((isset($post_port)) && ($post_port!=""))
include $file_newsportal;
$findsection = get_section_by_group($_REQUEST["group"]);
if(trim($findsection) !== $config_name) {
$newurl = preg_replace("|/$config_name/|", "/$findsection/", $_SERVER['REQUEST_URI']);
header("Location: $newurl");
include "head.inc";
global $synchro_user,$synchro_pass;
// check to which groups the user is allowed to post to
if($testgroup) {
} else {
echo '<h1 class="np_thread_headline">';
echo '<a href="'.$file_index.'" target='.$frame['menu'].'>'.basename(getcwd()).'</a> / ';
echo '<a href="'.$file_thread.'?group='.rawurlencode($thisgroup).'" target='.$frame["content"].'>'.htmlspecialchars(group_display_name($thisgroup)).'</a>';
if(isset($type) && $type == 'post') {
echo ' / '.$subject.'</h1>';
} else {
echo '</h1>';
echo '<table cellpadding="0" cellspacing="0" width="100%" class="np_buttonbar"><tr>';
// View Latest button
if (isset($overboard) && ($overboard == true)) {
echo '<td>';
echo '<form action="overboard.php">';
echo '<input type="hidden" name="thisgroup" value="'._rawurlencode($thisgroup).'"/>';
echo '<button class="np_button_link" type="submit">'.$text_thread["button_latest"].'</button>';
echo '</form>';
echo '</td>';
if (!$CONFIG['readonly'] &&
(!function_exists("npreg_group_has_write_access") ||
// New Thread button
echo '<td>';
echo '<form action="'.$file_post.'">';
echo '<input type="hidden" name="group" value="'.urlencode($thisgroup).'"/>';
echo '<button class="np_button_link" type="submit">'.$text_thread["button_write"].'</button>';
echo '</form>';
echo '</td>';
// Pages
echo '<td class="np_pages" width="100%" align="right">';
echo articleflat_pageselect($thisgroup,$id,count($subthread),$first);
echo '</td></tr></table>';
// has the user write-rights on the newsgroups?
if((function_exists("npreg_group_has_read_access") &&
!npreg_group_has_read_access($newsgroups)) ||
(function_exists("npreg_group_has_write_access") &&
!npreg_group_has_write_access($newsgroups))) {
die("access denied");
// Load name from cookies
if ($setcookies) {
if ((isset($_COOKIE["cookie_name"])) && (!isset($name)))
// if ((isset($_COOKIE["cookie_email"])) && (!isset($email)))
// $email=$_COOKIE["cookie_email"];
// Load name and email from the registration system, if available
if(function_exists("npreg_get_name")) {
if(function_exists("npreg_get_email")) {
if(!strcmp($name, $CONFIG['anonusername']) && (isset($CONFIG['anonuser']))) {
$userpass = $CONFIG['anonuserpass'];
} else {
$userpass = $email;
$get_email = get_user_config($name,$request);
if($get_email === FALSE) {
} else {
if (isset($CONFIG['synchronet']) && ($CONFIG['synchronet'] == true)) {
if((!isset($references)) || ($references=="")) {
if (!isset($type)) {
if ($type=="new") {
// Is there a new article to post to the newsserver?
if ($type=="post") {
if (!$CONFIG['synchronet']) {
if (check_bbs_auth(trim($name), $userpass) == FALSE) {
// error handling
if (trim($body)=="") {
if ((trim($email)=="") && (!isset($anonym_address))) {
if (($email) && (!validate_email(trim($email)))) {
if (trim($name)=="") {
if (trim($subject)=="") {
// captcha-check
if(($post_captcha) && (captcha::check()==false)) {
if ($type=="post") {
if (!$CONFIG['readonly']) {
// post article to the newsserver
$references_array=explode(" ",$references);
if(($email=="") && (isset($anonym_address)))
$rate_limit = get_user_config($name, 'rate_limit');
if(($rate_limit !== FALSE) && ($rate_limit > 0)) {
$CONFIG['rate_limit'] = $rate_limit;
if($CONFIG['rate_limit'] == true) {
$postsremaining = check_rate_limit($name);
if($postsremaining < 1) {
$wait = check_rate_limit($name,0,1);
echo 'You have reached the limit of '.$CONFIG['rate_limit'].' posts per hour.<br />Please wait '.round($wait).' minutes before posting again.';
echo '<p><a href="'.$file_thread.'?group='.urlencode($returngroup[0]).'">'.$text_post["button_back"].'</a> '.$text_post["button_back2"].' '.group_display_name($returngroup[0]).'</p>';
if(isset($_FILES["photo"]) && $_FILES["photo"]["error"] == 0) {
$_FILES[photo][name] = preg_replace('/[^a-zA-Z0-9\.]/', '_', $_FILES[photo][name]);
// There is an attachment to handle
$nemail." (".quoted_printable_encode($name).")",
} else {
$nemail." (".quoted_printable_encode($name).")",
// Article sent without errors, or duplicate?
if ((substr($message,0,3)=="240") ||
(substr($message,0,7)=="441 435")) {
echo '<h1 class="np_post_headline"><'.$text_post["message_posted"].'></h1>';
echo '<p>'.$text_post["message_posted2"].'</p>';
// This returns to multiple groups if crossposting, which does not work. FIXME
// Try to return to just the first group in the list
if(isset($CONFIG['auto_return']) && ($CONFIG['auto_return'] == true)) {
echo '<meta http-equiv="refresh" content="0;url='.$file_thread.'?group='.urlencode($returngroup[0]).'"';
if($CONFIG['rate_limit'] == true) {
$postsremaining = check_rate_limit($name,1);
echo 'You have '.$postsremaining.' posts remaining of '.$CONFIG['rate_limit'].' posts per hour.<br />';
if($postsremaining < 1) {
$wait = check_rate_limit($name,0,1);
echo 'Please wait '.round($wait).' minutes before posting again.<br />';
// echo '<p><a href="'.$file_thread.'?group='.urlencode($returngroup[0]).'">'.$text_post["button_back"].'</a> '.$text_post["button_back2"].' '.group_display_name($returngroup[0]).'</p>';
if(isset($_REQUEST['returngroup']) && $_REQUEST['returngroup'] !== '') {
echo '<p><a href="'.$file_thread.'?group='.$_REQUEST['returngroup'].'">Your post will appear in '.group_display_name($_REQUEST['returngroup']).'</a></p>';
} else {
echo '<p><a href="'.$_SESSION['return_page'].'">Back to Previous Page</a></p>';
} else {
// article not accepted by the newsserver
} else {
echo $text_post["error_readonly"];
// A reply of an other article.
if ($type=="reply") {
if ($head->name != "") {
} else {
// For Synchronet use
for ($i=0; $i<=count($body)-1; $i++) {
if((isset($cutsignature)) && ($cutsignature==true) &&
($body[$i]=='-- '))
if (trim($body[$i])!="") {
$bodyzeile.="> ".$body[$i]."\n";
} else {
if (isset($head->followup) && ($head->followup != "")) {
} else {
if($testgroup) {
} else {
$subject="Re: ".$subject;
// Cut off old parts of a subject
// for example: 'foo (was: bar)' becomes 'foo'.
$subject=preg_replace('/(\(wa[sr]: .*\))$/i','',$subject);
if (isset($head->references[0])) {
for ($i=0; $i<=count($head->references)-1; $i++) {
$references .= $head->references[$i]." ";
$references .= $head->id;
if ($type=="retry") {
if ($show==1) {
if ($newsgroups == "") {
echo $text_post["followup_not_allowed"];
echo " ".$newsgroups;
} else {
// show post form
echo '<h1 class="np_post_headline">'.$text_post["group_head"].group_display_name($newsgroups)
if (isset($error)) echo "<p>$error</p>"; ?>
<form action="<?php echo $file_post?>" method="post" name="postform" enctype="multipart/form-data">
<div class="np_post_header">
<tr><td align="right"><b><?php echo $text_header["subject"] ?></b></td>
<td><input class="post" type="text" name="<?php echo md5($fieldencrypt."subject")?>" value="<?php
echo htmlspecialchars($subject);?>" size="40" maxlength="80"></td></tr>
<tr><td align="right"><b><?php echo $text_post["name"]?></b></td>
<td align="left">
if ( !isset($name) && $CONFIG['anonuser'])
$name = $CONFIG['anonusername'];
if($form_noname===true) {
echo htmlspecialchars($name);
} else {
echo '<input class="post" type="text" name="'.md5($fieldencrypt."name").'"';
if (isset($name)) echo 'value="'.
echo 'size="40" maxlength="40">';
echo ' or "'.$CONFIG['anonusername'].'" with no password';
<tr><td align="right"><b><?php echo $text_post["password"]?></b></td>
<td align="left">
echo '<input class="post" type="password" name="'.md5($fieldencrypt."email").'"';
// if (isset($email)) echo 'value="'.htmlspecialchars(stripslashes($email)).'"';
echo 'size="40" maxlength="40">';
// May we post encrypted messages to this group?
if(check_encryption_groups($newsgroups)) { ?>
<tr><td align="left">
<input type="checkbox" name="encryptthis" value="encrypt">
<b>Encrypt to:</b>
<td><input type="text" name="encryptto" value="<?php echo $fromname;?>"></td>
<div class="np_post_body">
<tr><td><b><?php echo $text_post["message"];?></b><br>
<textarea class="postbody" id="postbody" name="<?php echo md5($fieldencrypt."body")?>" wrap="soft"><?php
if ((isset($bodyzeile)) && ($post_autoquote))
echo htmlspecialchars($bodyzeile);
echo htmlspecialchars($body);
<?php if(!$post_autoquote) { ?>
<input type="hidden" id="hidebody" value="<?php
if (isset($bodyzeile)) echo htmlspecialchars(stripslashes($bodyzeile)); ?>">
<script language="JavaScript">
function quoten() {
<?php } ?>
<input type="submit" value="<?php echo $text_post["button_post"];?>">
<?php if ($setcookies==true) { ?>
<input tabindex="100" type="Button" name="quote" value="<?php echo $text_post["quote"]?>" onclick="quoten(); this.style.visibility= 'hidden';">
<input type="checkbox" name="abspeichern" value="ja" checked>
<?php echo $text_post["remember"];?>
<?php } ?>
<input type="file" name="photo" id="fileSelect" value="fileSelect" accept="image/*,audio/*,text/*,application/pdf">
<?php if($post_captcha) {
echo '<tr><td>';
echo captcha::form($text_post["captchainfo1"],$text_post["captchainfo2"]);
echo '</td></tr>';
} ?>
<input type="hidden" name="type" value="post">
<input type="hidden" name="newsgroups" value="<?php echo htmlspecialchars($newsgroups); ?>">
<input type="hidden" name="references" value="<?php echo htmlentities($references); ?>">
<input type="hidden" name="group" value="<?php echo htmlspecialchars($newsgroups); ?>">
<input type="hidden" name="returngroup" value="<?php echo htmlspecialchars($head->followup); ?>">
<input type="hidden" name="fielddecrypt" value="<?php echo htmlspecialchars($fieldencrypt);?>">
<?php } } ?>