466 lines
17 KiB
PHP
Executable File
466 lines
17 KiB
PHP
Executable File
<?php
|
|
/* rslight NNTP<->HTTP Gateway
|
|
* Download: https://news.novabbs.com/getrslight
|
|
*
|
|
* Based on Newsportal by Florian Amrhein
|
|
*
|
|
* E-Mail: retroguy@novabbs.com
|
|
* Web: https://news.novabbs.com
|
|
*
|
|
* This program is free software; you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License as published by
|
|
* the Free Software Foundation; either version 2 of the License, or
|
|
* (at your option) any later version.
|
|
*
|
|
* This program is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License
|
|
* along with this program; if not, write to the Free Software
|
|
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
|
*/
|
|
|
|
@session_start();
|
|
/*
|
|
* Encode lines with 8bit-characters to quote-printable
|
|
*
|
|
* $line: the to be encoded line
|
|
*
|
|
* the function returns a sting containing the quoted-printable encoded
|
|
* $line
|
|
*/
|
|
function encode_subject($line) {
|
|
$newstring=mb_encode_mimeheader(quoted_printable_decode($line));
|
|
return $newstring;
|
|
}
|
|
|
|
if(!function_exists('quoted_printable_encode'))
|
|
{
|
|
function quoted_printable_encode($line) {
|
|
global $www_charset;
|
|
$qp_table=array(
|
|
'=00', '=01', '=02', '=03', '=04', '=05',
|
|
'=06', '=07', '=08', '=09', '=0A', '=0B',
|
|
'=0C', '=0D', '=0E', '=0F', '=10', '=11',
|
|
'=12', '=13', '=14', '=15', '=16', '=17',
|
|
'=18', '=19', '=1A', '=1B', '=1C', '=1D',
|
|
'=1E', '=1F', '_', '!', '"', '#',
|
|
'$', '%', '&', "'", '(', ')',
|
|
'*', '+', ',', '-', '.', '/',
|
|
'0', '1', '2', '3', '4', '5',
|
|
'6', '7', '8', '9', ':', ';',
|
|
'<', '=3D', '>', '=3F', '@', 'A',
|
|
'B', 'C', 'D', 'E', 'F', 'G',
|
|
'H', 'I', 'J', 'K', 'L', 'M',
|
|
'N', 'O', 'P', 'Q', 'R', 'S',
|
|
'T', 'U', 'V', 'W', 'X', 'Y',
|
|
'Z', '[', '\\', ']', '^', '=5F',
|
|
'', 'a', 'b', 'c', 'd', 'e',
|
|
'f', 'g', 'h', 'i', 'j', 'k',
|
|
'l', 'm', 'n', 'o', 'p', 'q',
|
|
'r', 's', 't', 'u', 'v', 'w',
|
|
'x', 'y', 'z', '{', '|', '}',
|
|
'~', '=7F', '=80', '=81', '=82', '=83',
|
|
'=84', '=85', '=86', '=87', '=88', '=89',
|
|
'=8A', '=8B', '=8C', '=8D', '=8E', '=8F',
|
|
'=90', '=91', '=92', '=93', '=94', '=95',
|
|
'=96', '=97', '=98', '=99', '=9A', '=9B',
|
|
'=9C', '=9D', '=9E', '=9F', '=A0', '=A1',
|
|
'=A2', '=A3', '=A4', '=A5', '=A6', '=A7',
|
|
'=A8', '=A9', '=AA', '=AB', '=AC', '=AD',
|
|
'=AE', '=AF', '=B0', '=B1', '=B2', '=B3',
|
|
'=B4', '=B5', '=B6', '=B7', '=B8', '=B9',
|
|
'=BA', '=BB', '=BC', '=BD', '=BE', '=BF',
|
|
'=C0', '=C1', '=C2', '=C3', '=C4', '=C5',
|
|
'=C6', '=C7', '=C8', '=C9', '=CA', '=CB',
|
|
'=CC', '=CD', '=CE', '=CF', '=D0', '=D1',
|
|
'=D2', '=D3', '=D4', '=D5', '=D6', '=D7',
|
|
'=D8', '=D9', '=DA', '=DB', '=DC', '=DD',
|
|
'=DE', '=DF', '=E0', '=E1', '=E2', '=E3',
|
|
'=E4', '=E5', '=E6', '=E7', '=E8', '=E9',
|
|
'=EA', '=EB', '=EC', '=ED', '=EE', '=EF',
|
|
'=F0', '=F1', '=F2', '=F3', '=F4', '=F5',
|
|
'=F6', '=F7', '=F8', '=F9', '=FA', '=FB',
|
|
'=FC', '=FD', '=FE', '=FF');
|
|
// are there "forbidden" characters in the string?
|
|
for($i=0; $i<strlen($line) && ord($line[$i])<=127 ; $i++);
|
|
if ($i<strlen($line)) { // yes, there are. So lets encode them!
|
|
$from=$i;
|
|
for($to=strlen($line)-1; ord($line[$to])<=127; $to--);
|
|
// lets scan for the start and the end of the to be encoded _words_
|
|
for(;$from>0 && $line[$from] != ' '; $from--);
|
|
if($from>0) $from++;
|
|
for(;$to<strlen($line) && $line[$to] != ' '; $to++);
|
|
// split the string into the to be encoded middle and the rest
|
|
$begin=substr($line,0,$from);
|
|
$middle=substr($line,$from,$to-$from);
|
|
$end=substr($line,$to);
|
|
// ok, now lets encode $middle...
|
|
$newmiddle="";
|
|
for($i=0; $i<strlen($middle); $i++)
|
|
$newmiddle .= $qp_table[ord($middle[$i])];
|
|
// now we glue the parts together...
|
|
$line=$begin.'=?'.$www_charset.'?Q?'.$newmiddle.'?='.$end;
|
|
}
|
|
return $line;
|
|
}
|
|
}
|
|
|
|
/*
|
|
* generate a message-id for posting.
|
|
* $identity: a string containing informations about the article, to
|
|
* make a md5-hash out of it.
|
|
*
|
|
* returns: a complete message-id
|
|
*/
|
|
function generate_msgid($identity) {
|
|
global $CONFIG, $msgid_generate,$msgid_fqdn;
|
|
switch($msgid_generate) {
|
|
case "no":
|
|
// no, we don't want to generate a message-id.
|
|
return false;
|
|
break;
|
|
case "md5":
|
|
if($CONFIG['email_tail'][0] !== '@') {
|
|
$mymsgid = '@'.$CONFIG['email_tail'];
|
|
} else {
|
|
$mymsgid = $CONFIG['email_tail'];
|
|
}
|
|
return '<'.md5($identity).$mymsgid.'>';
|
|
break;
|
|
default:
|
|
return false;
|
|
break;
|
|
}
|
|
}
|
|
|
|
function check_rate_limit($name,$set=0,$gettime=0) {
|
|
global $CONFIG,$spooldir;
|
|
if(strcasecmp($name, $CONFIG['anonusername']) == 0) {
|
|
$name = session_id();
|
|
}
|
|
$ratefile=$spooldir.'/'.strtolower($name).'-rate.dat';
|
|
$postqty=0;
|
|
$first=0;
|
|
$newrate=array();
|
|
if(is_file($ratefile)) {
|
|
$ratedata='';
|
|
$ratefp=fopen($ratefile,'r');
|
|
while(!feof($ratefp)) {
|
|
$ratedata.=fgets($ratefp,1000);
|
|
}
|
|
fclose($ratefp);
|
|
$rate=unserialize($ratedata);
|
|
sort($rate);
|
|
foreach($rate as $ratepost) {
|
|
if($ratepost > (time() - 3600)) {
|
|
$postqty=$postqty+1;
|
|
$newrate[]=$ratepost;
|
|
if($first == 0) {
|
|
$oldest = $ratepost;
|
|
$first=1;
|
|
}
|
|
}
|
|
}
|
|
}
|
|
$newrate[]=time();
|
|
if($set) {
|
|
$ratefp=fopen($ratefile,'w');
|
|
fputs($ratefp,serialize($newrate));
|
|
fclose($ratefp);
|
|
$postqty=$postqty+1;
|
|
}
|
|
$rate_limit = get_user_config($name, 'rate_limit');
|
|
if(($rate_limit !== FALSE) && ($rate_limit > 0)) {
|
|
$CONFIG['rate_limit'] = $rate_limit;
|
|
}
|
|
$postsremaining = $CONFIG['rate_limit']-$postqty;
|
|
if($gettime) {
|
|
$wait=(3600-(time()-$oldest))/60;
|
|
return($wait);
|
|
} else {
|
|
return($postsremaining);
|
|
}
|
|
}
|
|
|
|
/*
|
|
* Post an article to a newsgroup
|
|
*
|
|
* $subject: The Subject of the article
|
|
* $from: The authors name and email of the article
|
|
* $newsgroups: The groups to post to
|
|
* $ref: The references of the article
|
|
* $body: The article itself
|
|
*/
|
|
function message_post($subject,$from,$newsgroups,$ref,$body,$encryptthis=null,$encryptto=null,$authname=null,$followupto=null) {
|
|
global $server,$port,$send_poster_host,$text_error,$CONFIG;
|
|
global $www_charset,$config_dir,$spooldir;
|
|
global $msgid_generate,$msgid_fqdn,$rslight_version;
|
|
flush();
|
|
$myconfig = false;
|
|
if(file_exists($config_dir.'/userconfig/'.$authname.'.config')) {
|
|
$userconfig = unserialize(file_get_contents($config_dir.'/userconfig/'.$authname.'.config'));
|
|
$myconfig = true;
|
|
}
|
|
if(isset($encryptthis)) {
|
|
$workpath = $config_dir."users/";
|
|
$username = trim(strtolower($encryptto));
|
|
$userFilename = $workpath.$username;
|
|
if((!is_file($userFilename)) || $encryptto == $CONFIG['anonusername']) {
|
|
$response = "Cannot encrypt to $encryptto. No such user";
|
|
return $response;
|
|
}
|
|
}
|
|
|
|
$msgid=generate_msgid($subject.",".$from.",".$newsgroups.",".$ref.",".$body);
|
|
/*
|
|
* SPAM CHECK
|
|
*/
|
|
if ((isset($CONFIG['spamassassin']) && ($CONFIG['spamassassin'] == true))) {
|
|
$spam_result_array = check_spam($subject,$from,$newsgroups,$ref,$body,$msgid);
|
|
$res = $spam_result_array['res'];
|
|
$spamresult = $spam_result_array['spamresult'];
|
|
$spamcheckerversion = $spam_result_array['spamcheckerversion'];
|
|
$spamlevel = $spam_result_array['spamlevel'];
|
|
$spam_fail = $spam_result_array['spam_fail'];
|
|
}
|
|
$ns=nntp_open($server,$port);
|
|
if ($ns != false) {
|
|
fputs($ns,"POST\r\n");
|
|
$weg=line_read($ns);
|
|
$t = explode(' ', $weg);
|
|
if($t[0] != "340") {
|
|
nntp_close($ns);
|
|
return $weg;
|
|
}
|
|
|
|
|
|
fputs($ns,'Subject: '.encode_subject($subject)."\r\n");
|
|
// For Synchronet use
|
|
if (isset($fromname) && (isset($CONFIG['synchronet']) && ($CONFIG['synchronet'] == true))) {
|
|
// if ( isset($fromname) && isset($CONFIG['synchronet']) ) {
|
|
fputs($ns,'To: '.$fromname."\r\n");
|
|
$fromname="";
|
|
}
|
|
|
|
// X-Rslight headers
|
|
if ((isset($CONFIG['spamassassin']) && ($CONFIG['spamassassin'] == true))) {
|
|
if(isset($res) && $spam_fail == 0) {
|
|
fputs($ns,$spamcheckerversion."\r\n");
|
|
if(strpos($spamlevel, '*') !== false)
|
|
fputs($ns,$spamlevel."\r\n");
|
|
if($res === 1) {
|
|
fputs($ns,"X-Rslight-Original-Group: ".$newsgroups."\r\n");
|
|
$newsgroups=$CONFIG['spamgroup'];
|
|
}
|
|
}
|
|
}
|
|
fputs($ns,'From: '.$from."\r\n");
|
|
if($followupto !== null) {
|
|
fputs($ns,'Followup-To: '.$followupto."\r\n");
|
|
}
|
|
fputs($ns,'Newsgroups: '.$newsgroups."\r\n");
|
|
$sitekey=password_hash($CONFIG['thissitekey'].$msgid, PASSWORD_DEFAULT);
|
|
fputs($ns,'X-Rslight-Site: '.$sitekey."\r\n");
|
|
fputs($ns,'X-Rslight-Posting-User: '.hash('sha1', $from.$_SERVER['HTTP_HOST'].$CONFIG['thissitekey'])."\r\n");
|
|
if(isset($encryptthis)) {
|
|
fputs($ns,'X-Rslight-To: '.$encryptto."\r\n");
|
|
$CONFIG['postfooter']="";
|
|
}
|
|
fputs($ns,"Mime-Version: 1.0\r\n");
|
|
fputs($ns,"Content-Type: text/plain; charset=".$www_charset."; format=flowed\r\n");
|
|
fputs($ns,"Content-Transfer-Encoding: 8bit\r\n");
|
|
fputs($ns,"User-Agent: Rocksolid Light ".$rslight_version."\r\n");
|
|
if ($send_poster_host)
|
|
@fputs($ns,'X-HTTP-Posting-Host: '.gethostbyaddr(getenv("REMOTE_ADDR"))."\r\n");
|
|
if (($ref!=false) && (count($ref)>0)) {
|
|
// strip references
|
|
if(strlen(implode(" ",$ref))>900) {
|
|
$ref_first=array_shift($ref);
|
|
do {
|
|
$ref=array_slice($ref,1);
|
|
} while(strlen(implode(" ",$ref))>800);
|
|
array_unshift($ref,$ref_first);
|
|
}
|
|
fputs($ns,'References: '.implode(" ",$ref)."\r\n");
|
|
}
|
|
if (isset($CONFIG['organization']))
|
|
fputs($ns,'Organization: '.quoted_printable_encode($CONFIG['organization'])."\r\n");
|
|
$body=trim($body);
|
|
if ($userconfig['signature'] !== '' && $myconfig) {
|
|
$body.="\n\n-- \n".$userconfig['signature'];
|
|
} else {
|
|
if ((isset($CONFIG['postfooter'])) && ($CONFIG['postfooter']!="")) {
|
|
$postfooter = preg_replace('/\{DOMAIN\}/', "\n".$_SERVER['HTTP_HOST'], $CONFIG['postfooter']);
|
|
$body.="\n\n-- \n".$postfooter;
|
|
}
|
|
}
|
|
fputs($ns,'Message-ID: '.$msgid."\r\n");
|
|
if ($userconfig['xface'] !== '' && $myconfig) {
|
|
fputs($ns,'X-Face: '.$userconfig['xface']."\r\n");
|
|
}
|
|
$body=str_replace("\n.\r","\n..\r",$body);
|
|
$body=str_replace("\r",'',$body);
|
|
$body=stripSlashes($body);
|
|
// Encrypt?
|
|
if(isset($encryptthis)) {
|
|
$encryptkey=get_user_config($encryptto, "encryptionkey");
|
|
|
|
$body=chunk_split(rslight_encrypt($body, $encryptkey));
|
|
$body="-- RSLIGHT DAT START\n".$body."-- RSLIGHT DAT END\n";
|
|
}
|
|
$body=rtrim($body);
|
|
fputs($ns,"\r\n".$body."\r\n.\r\n");
|
|
$message=line_read($ns);
|
|
nntp_close($ns);
|
|
} else {
|
|
$message=$text_error["post_failed"];
|
|
}
|
|
// let thread.php ignore the cache for this group, so this new
|
|
// article will be visible instantly
|
|
$groupsarr=explode(",",$newsgroups);
|
|
foreach($groupsarr as $newsgroup) {
|
|
$cachefile=$spooldir.'/'.$newsgroup.'-cache.txt';
|
|
@unlink($cachefile);
|
|
}
|
|
return $message;
|
|
}
|
|
function message_post_with_attachment($subject,$from,$newsgroups,$ref,$body,$encryptthis,$encryptto,$authname) {
|
|
global $server,$port,$send_poster_host,$CONFIG,$text_error;
|
|
global $config_dir,$www_charset,$spooldir;
|
|
global $msgid_generate,$msgid_fqdn;
|
|
global $CONFIG;
|
|
flush();
|
|
$myconfig = false;
|
|
if(file_exists($config_dir.'/userconfig/'.$authname.'.config')) {
|
|
$userconfig = unserialize(file_get_contents($config_dir.'/userconfig/'.$authname.'.config'));
|
|
$myconfig = true;
|
|
}
|
|
$msgid=generate_msgid($subject.",".$from.",".$newsgroups.",".$ref.",".$body);
|
|
/*
|
|
* SPAM CHECK
|
|
*/
|
|
if (isset($CONFIG['spamassassin']) && ($CONFIG['spamassassin'] == true)) {
|
|
$spam_result_array = check_spam($subject,$from,$newsgroups,$ref,$body,$msgid);
|
|
$res = $spam_result_array['res'];
|
|
$spamresult = $spam_result_array['spamresult'];
|
|
$spamcheckerversion = $spam_result_array['spamcheckerversion'];
|
|
$spamlevel = $spam_result_array['spamlevel'];
|
|
}
|
|
move_uploaded_file($_FILES["photo"]["tmp_name"], $spooldir."/upload/" . $_FILES["photo"]["name"]);
|
|
$ns=nntp_open($server,$port);
|
|
if ($ns != false) {
|
|
fputs($ns,"POST\r\n");
|
|
$weg=line_read($ns);
|
|
fputs($ns,'Subject: '.encode_subject($subject)."\r\n");
|
|
// X-Rslight headers
|
|
if(isset($res)) {
|
|
fputs($ns,$spamcheckerversion."\r\n");
|
|
if(strpos($spamlevel, '*') !== false)
|
|
fputs($ns,$spamlevel."\r\n");
|
|
if($res === 1) {
|
|
fputs($ns,"X-Rslight-Original-Group: ".$newsgroups."\r\n");
|
|
$newsgroups=$CONFIG['spamgroup'];
|
|
}
|
|
}
|
|
$sitekey=password_hash($CONFIG['thissitekey'].$msgid, PASSWORD_DEFAULT);
|
|
fputs($ns,'X-Rslight-Site: '.$sitekey."\r\n");
|
|
fputs($ns,'X-Rslight-Posting-User: '.hash('sha1', $from.$_SERVER['HTTP_HOST'].$CONFIG['thissitekey'])."\r\n");
|
|
if(isset($encryptthis))
|
|
fputs($ns,'X-Rslight-To: '.$encryptto."\r\n");
|
|
fputs($ns,'From: '.$from."\r\n");
|
|
fputs($ns,'Newsgroups: '.$newsgroups."\r\n");
|
|
fputs($ns,"Mime-Version: 1.0\r\n");
|
|
/*
|
|
fputs($ns,"Content-Type: text/plain; charset=".$www_charset."; format=flowed\r\n");
|
|
*/
|
|
if ($send_poster_host)
|
|
@fputs($ns,'X-HTTP-Posting-Host: '.gethostbyaddr(getenv("REMOTE_ADDR"))."\r\n");
|
|
if (($ref!=false) && (count($ref)>0)) {
|
|
// strip references
|
|
if(strlen(implode(" ",$ref))>900) {
|
|
$ref_first=array_shift($ref);
|
|
do {
|
|
$ref=array_slice($ref,1);
|
|
} while(strlen(implode(" ",$ref))>800);
|
|
array_unshift($ref,$ref_first);
|
|
}
|
|
fputs($ns,'References: '.implode(" ",$ref)."\r\n");
|
|
}
|
|
if (isset($CONFIG['organization']))
|
|
fputs($ns,'Organization: '.quoted_printable_encode($CONFIG['organization'])."\r\n");
|
|
if ($userconfig['signature'] !== '' && $myconfig) {
|
|
$body.="\n-- \n".$userconfig['signature'];
|
|
} else {
|
|
if ((isset($CONFIG['postfooter'])) && ($CONFIG['postfooter']!="")) {
|
|
$postfooter = preg_replace('/\{DOMAIN\}/', "\n".$_SERVER['HTTP_HOST'], $CONFIG['postfooter']);
|
|
$body.="\n-- \n".$postfooter;
|
|
}
|
|
}
|
|
/*
|
|
if ((isset($file_footer)) && ($file_footer!="")) {
|
|
$footerfile=fopen($file_footer,"r");
|
|
$body.="\n".fread($footerfile,filesize($file_footer));
|
|
fclose($footerfile);
|
|
}
|
|
*/
|
|
$boundary=uniqid('', true);
|
|
$body.="\r\n--------------".$boundary."\r\n";
|
|
fputs($ns,'Message-ID: '.$msgid."\r\n");
|
|
if ($userconfig['xface'] !== '' && $myconfig) {
|
|
fputs($ns,'X-Face: '.$userconfig['xface']."\r\n");
|
|
}
|
|
fputs($ns,'Content-Type: multipart/mixed;boundary="------------'.$boundary.'"');
|
|
fputs($ns,"\r\n");
|
|
$contenttype = shell_exec('file -b --mime-type '.$spooldir.'/upload/'.$_FILES['photo']['name']);
|
|
$contenttype = rtrim($contenttype);
|
|
$b64file = shell_exec('uuencode -m '.$spooldir.'/upload/'.$_FILES['photo']['name'].' '.$_FILES['photo']['name'].' | grep -v \'begin-base64\|====\'');
|
|
$body.='Content-Type: '.$contenttype.';';
|
|
$body.="\r\n name=".$_FILES['photo']['name'];
|
|
$body.="\r\nContent-Transfer-Encoding: base64";
|
|
$body.="\r\nContent-Disposition: attachment;";
|
|
$body.="\r\n filename=".$_FILES['photo']['name'];
|
|
$body.="\r\n";
|
|
$body.="\r\n".$b64file;
|
|
$body.="\r\n--------------".$boundary."--\r\n";
|
|
|
|
// Headers end here
|
|
|
|
$body=str_replace("\n.\r","\n..\r",$body);
|
|
$body=str_replace("\r",'',$body);
|
|
$body=stripSlashes($body);
|
|
|
|
fputs($ns,"\r\nThis is a multi-part message in MIME format.\r\n");
|
|
fputs($ns,"--------------".$boundary."\r\n");
|
|
fputs($ns,"Content-Type: text/plain; charset=utf-8\r\n");
|
|
fputs($ns,"Content-Transfer-Encoding: 7bit\r\n");
|
|
// Encrypt?
|
|
if(isset($encryptthis)) {
|
|
$encryptkey=get_user_config($encryptto, "encryptionkey");
|
|
|
|
$body=chunk_split(rslight_encrypt($body, $encryptkey));
|
|
$body="-- RSLIGHT DAT START\n".$body."-- RSLIGHT DAT END\n";
|
|
}
|
|
// Body sent here
|
|
fputs($ns,"\r\n".$body."\r\n.\r\n");
|
|
|
|
$message=line_read($ns);
|
|
nntp_close($ns);
|
|
// clean up attachment file
|
|
unlink($spooldir.'/upload/'.$_FILES["photo"]["name"]);
|
|
} else {
|
|
$message=$text_error["post_failed"];
|
|
}
|
|
// let thread.php ignore the cache for this group, so this new
|
|
// article will be visible instantly
|
|
$groupsarr=explode(",",$newsgroups);
|
|
foreach($groupsarr as $newsgroup) {
|
|
$cachefile=$spooldir.'/'.$newsgroup.'-cache.txt';
|
|
@unlink($cachefile);
|
|
}
|
|
return $message;
|
|
}
|
|
?>
|