TildeClub/site
1
1
Fork 0
mirror of https://github.com/tildeclub/site.git synced 2026-01-23 21:40:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

basic signup and wiki

Browse Source
This commit is contained in:
root
2019-09-14 14:29:05 -04:00
parent 1e5a430d3a
commit 6ef1fbf131
15 changed files with 12589 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9861
signup/email/Net/DNS2.php Normal file
View File

File diff suppressed because it is too large Load Diff

210
signup/email/ipaddr.php Normal file
View File

@@ -0,0 +1,210 @@
<?php
// CubicleSoft PHP IP Address functions.
// (C) 2013 CubicleSoft. All Rights Reserved.
class IPAddr
{
static function NormalizeIP($ipaddr)
{
$ipv4addr = "";
$ipv6addr = "";
// Generate IPv6 address.
$ipaddr = strtolower(trim($ipaddr));
if (strpos($ipaddr, ":") === false) $ipaddr = "::ffff:" . $ipaddr;
$ipaddr = explode(":", $ipaddr);
if (count($ipaddr) < 3) $ipaddr = array("", "", "0");
$ipaddr2 = array();
$foundpos = false;
foreach ($ipaddr as $num => $segment)
{
$segment = trim($segment);
if ($segment != "") $ipaddr2[] = $segment;
else if ($foundpos === false && count($ipaddr) > $num + 1 && $ipaddr[$num + 1] != "")
{
$foundpos = count($ipaddr2);
$ipaddr2[] = "0000";
}
}
// Convert ::ffff:123.123.123.123 format.
if (strpos($ipaddr2[count($ipaddr2) - 1], ".") !== false)
{
$x = count($ipaddr2) - 1;
if ($ipaddr2[count($ipaddr2) - 2] != "ffff") $ipaddr2[$x] = "0";
else
{
$ipaddr = explode(".", $ipaddr2[$x]);
if (count($ipaddr) != 4) $ipaddr2[$x] = "0";
else
{
$ipaddr2[$x] = str_pad(strtolower(dechex($ipaddr[0])), 2, "0", STR_PAD_LEFT) . str_pad(strtolower(dechex($ipaddr[1])), 2, "0", STR_PAD_LEFT);
$ipaddr2[] = str_pad(strtolower(dechex($ipaddr[2])), 2, "0", STR_PAD_LEFT) . str_pad(strtolower(dechex($ipaddr[3])), 2, "0", STR_PAD_LEFT);
}
}
}
$ipaddr = array_slice($ipaddr2, 0, 8);
if ($foundpos !== false && count($ipaddr) < 8) array_splice($ipaddr, $foundpos, 0, array_fill(0, 8 - count($ipaddr), "0000"));
foreach ($ipaddr as $num => $segment)
{
$ipaddr[$num] = substr(str_pad(strtolower(dechex(hexdec($segment))), 4, "0", STR_PAD_LEFT), -4);
}
$ipv6addr = implode(":", $ipaddr);
// Extract IPv4 address.
if (substr($ipv6addr, 0, 30) == "0000:0000:0000:0000:0000:ffff:") $ipv4addr = hexdec(substr($ipv6addr, 30, 2)) . "." . hexdec(substr($ipv6addr, 32, 2)) . "." . hexdec(substr($ipv6addr, 35, 2)) . "." . hexdec(substr($ipv6addr, 37, 2));
// Make a short IPv6 address.
$shortipv6 = $ipv6addr;
$pattern = "0000:0000:0000:0000:0000:0000:0000";
do
{
$shortipv6 = str_replace($pattern, ":", $shortipv6);
$pattern = substr($pattern, 5);
} while (strlen($shortipv6) == 39 && $pattern != "");
$shortipv6 = explode(":", $shortipv6);
foreach ($shortipv6 as $num => $segment)
{
if ($segment != "") $shortipv6[$num] = strtolower(dechex(hexdec($segment)));
}
$shortipv6 = implode(":", $shortipv6);
return array("ipv6" => $ipv6addr, "shortipv6" => $shortipv6, "ipv4" => $ipv4addr);
}
static function GetRemoteIP($proxies = array())
{
$ipaddr = self::NormalizeIP(isset($_SERVER["REMOTE_ADDR"]) ? $_SERVER["REMOTE_ADDR"] : "127.0.0.1");
// Check for trusted proxies. Stop at first untrusted IP in the chain.
if (isset($proxies[$ipaddr["ipv6"]]) || ($ipaddr["ipv4"] != "" && isset($proxies[$ipaddr["ipv4"]])))
{
$xforward = (isset($_SERVER["HTTP_X_FORWARDED_FOR"]) ? explode(",", $_SERVER["HTTP_X_FORWARDED_FOR"]) : array());
$clientip = (isset($_SERVER["HTTP_CLIENT_IP"]) ? explode(",", $_SERVER["HTTP_CLIENT_IP"]) : array());
do
{
$found = false;
if (isset($proxies[$ipaddr["ipv6"]])) $header = $proxies[$ipaddr["ipv6"]];
else $header = $proxies[$ipaddr["ipv4"]];
$header = strtolower($header);
if ($header == "xforward" && count($xforward) > 0)
{
$ipaddr = self::NormalizeIP(array_pop($xforward));
$found = true;
}
else if ($header == "clientip" && count($clientip) > 0)
{
$ipaddr = self::NormalizeIP(array_pop($clientip));
$found = true;
}
} while ($found && (isset($proxies[$ipaddr["ipv6"]]) || ($ipaddr["ipv4"] != "" && isset($proxies[$ipaddr["ipv4"]]))));
}
return $ipaddr;
}
static function IsMatch($pattern, $ipaddr)
{
if (is_string($ipaddr)) $ipaddr = self::NormalizeIP($ipaddr);
if (strpos($pattern, ":") !== false)
{
// Pattern is IPv6.
$pattern = explode(":", strtolower($pattern));
$ipaddr = explode(":", $ipaddr["ipv6"]);
if (count($pattern) != 8 || count($ipaddr) != 8) return false;
foreach ($pattern as $num => $segment)
{
$found = false;
$pieces = explode(",", $segment);
foreach ($pieces as $piece)
{
$piece = trim($piece);
$piece = explode(".", $piece);
if (count($piece) == 1)
{
$piece = $piece[0];
if ($piece == "*") $found = true;
else if (strpos($piece, "-") !== false)
{
$range = explode("-", $piece);
$range[0] = hexdec($range[0]);
$range[1] = hexdec($range[1]);
$val = hexdec($ipaddr[$num]);
if ($range[0] > $range[1]) $range[0] = $range[1];
if ($val >= $range[0] && $val <= $range[1]) $found = true;
}
else if ($piece === $ipaddr[$num]) $found = true;
}
else if (count($piece) == 2)
{
// Special IPv4-like notation.
$found2 = false;
$found3 = false;
$val = hexdec(substr($ipaddr[$num], 0, 2));
$val2 = hexdec(substr($ipaddr[$num], 2, 2));
if ($piece[0] == "*") $found2 = true;
else if (strpos($piece[0], "-") !== false)
{
$range = explode("-", $piece[0]);
if ($range[0] > $range[1]) $range[0] = $range[1];
if ($val >= $range[0] && $val <= $range[1]) $found2 = true;
}
else if ($piece[0] == $val) $found2 = true;
if ($piece[1] == "*") $found3 = true;
else if (strpos($piece[1], "-") !== false)
{
$range = explode("-", $piece[1]);
if ($range[0] > $range[1]) $range[0] = $range[1];
if ($val >= $range[0] && $val <= $range[1]) $found3 = true;
}
else if ($piece[1] == $val2) $found3 = true;
if ($found2 && $found3) $found = true;
}
if ($found) break;
}
if (!$found) return false;
}
}
else
{
// Pattern is IPv4.
$pattern = explode(".", strtolower($pattern));
$ipaddr = explode(".", $ipaddr["ipv4"]);
if (count($pattern) != 4 || count($ipaddr) != 4) return false;
foreach ($pattern as $num => $segment)
{
$found = false;
$pieces = explode(",", $segment);
foreach ($pieces as $piece)
{
$piece = trim($piece);
if ($piece == "*") $found = true;
else if (strpos($piece, "-") !== false)
{
$range = explode("-", $piece);
if ($range[0] > $range[1]) $range[0] = $range[1];
if ($ipaddr[$num] >= $range[0] && $ipaddr[$num] <= $range[1]) $found = true;
}
else if ($piece == $ipaddr[$num]) $found = true;
if ($found) break;
}
if (!$found) return false;
}
}
return true;
}
}
?>

1519
signup/email/smtp.php Normal file
View File

File diff suppressed because it is too large Load Diff

208
signup/email/utf8.php Normal file
View File

@@ -0,0 +1,208 @@
<?php
// CubicleSoft PHP UTF8 (Unicode) functions.
// (C) 2014 CubicleSoft. All Rights Reserved.
class UTF8
{
// Removes invalid characters from the data string.
// http://www.w3.org/International/questions/qa-forms-utf-8
public static function MakeValid($data)
{
$result = "";
$x = 0;
$y = strlen($data);
while ($x < $y)
{
$tempchr = ord($data[$x]);
if ($y - $x > 1) $tempchr2 = ord($data[$x + 1]);
else $tempchr2 = 0x00;
if ($y - $x > 2) $tempchr3 = ord($data[$x + 2]);
else $tempchr3 = 0x00;
if ($y - $x > 3) $tempchr4 = ord($data[$x + 3]);
else $tempchr4 = 0x00;
if ($tempchr == 0x09 || $tempchr == 0x0A || $tempchr == 0x0D || ($tempchr >= 0x20 && $tempchr <= 0x7E))
{
// ASCII minus control and special characters.
$result .= chr($tempchr);
$x++;
}
else if (($tempchr >= 0xC2 && $tempchr <= 0xDF) && ($tempchr2 >= 0x80 && $tempchr2 <= 0xBF))
{
// Non-overlong (2 bytes).
$result .= chr($tempchr);
$result .= chr($tempchr2);
$x += 2;
}
else if ($tempchr == 0xE0 && ($tempchr2 >= 0xA0 && $tempchr2 <= 0xBF) && ($tempchr3 >= 0x80 && $tempchr3 <= 0xBF))
{
// Non-overlong (3 bytes).
$result .= chr($tempchr);
$result .= chr($tempchr2);
$result .= chr($tempchr3);
$x += 3;
}
else if ((($tempchr >= 0xE1 && $tempchr <= 0xEC) || $tempchr == 0xEE || $tempchr == 0xEF) && ($tempchr2 >= 0x80 && $tempchr2 <= 0xBF) && ($tempchr3 >= 0x80 && $tempchr3 <= 0xBF))
{
// Normal/straight (3 bytes).
$result .= chr($tempchr);
$result .= chr($tempchr2);
$result .= chr($tempchr3);
$x += 3;
}
else if ($tempchr == 0xED && ($tempchr2 >= 0x80 && $tempchr2 <= 0x9F) && ($tempchr3 >= 0x80 && $tempchr3 <= 0xBF))
{
// Non-surrogates (3 bytes).
$result .= chr($tempchr);
$result .= chr($tempchr2);
$result .= chr($tempchr3);
$x += 3;
}
else if ($tempchr == 0xF0 && ($tempchr2 >= 0x90 && $tempchr2 <= 0xBF) && ($tempchr3 >= 0x80 && $tempchr3 <= 0xBF) && ($tempchr4 >= 0x80 && $tempchr4 <= 0xBF))
{
// Planes 1-3 (4 bytes).
$result .= chr($tempchr);
$result .= chr($tempchr2);
$result .= chr($tempchr3);
$result .= chr($tempchr4);
$x += 4;
}
else if (($tempchr >= 0xF1 && $tempchr <= 0xF3) && ($tempchr2 >= 0x80 && $tempchr2 <= 0xBF) && ($tempchr3 >= 0x80 && $tempchr3 <= 0xBF) && ($tempchr4 >= 0x80 && $tempchr4 <= 0xBF))
{
// Planes 4-15 (4 bytes).
$result .= chr($tempchr);
$result .= chr($tempchr2);
$result .= chr($tempchr3);
$result .= chr($tempchr4);
$x += 4;
}
else if ($tempchr == 0xF4 && ($tempchr2 >= 0x80 && $tempchr2 <= 0x8F) && ($tempchr3 >= 0x80 && $tempchr3 <= 0xBF) && ($tempchr4 >= 0x80 && $tempchr4 <= 0xBF))
{
// Plane 16 (4 bytes).
$result .= chr($tempchr);
$result .= chr($tempchr2);
$result .= chr($tempchr3);
$result .= chr($tempchr4);
$x += 4;
}
else $x++;
}
return $result;
}
public static function IsValid($data)
{
$x = 0;
$y = strlen($data);
while ($x < $y)
{
$tempchr = ord($data[$x]);
if ($y - $x > 1) $tempchr2 = ord($data[$x + 1]);
else $tempchr2 = 0x00;
if ($y - $x > 2) $tempchr3 = ord($data[$x + 2]);
else $tempchr3 = 0x00;
if ($y - $x > 3) $tempchr4 = ord($data[$x + 3]);
else $tempchr4 = 0x00;
if ($tempchr == 0x09 || $tempchr == 0x0A || $tempchr == 0x0D || ($tempchr >= 0x20 && $tempchr <= 0x7E)) $x++;
else if (($tempchr >= 0xC2 && $tempchr <= 0xDF) && ($tempchr2 >= 0x80 && $tempchr2 <= 0xBF)) $x += 2;
else if ($tempchr == 0xE0 && ($tempchr2 >= 0xA0 && $tempchr2 <= 0xBF) && ($tempchr3 >= 0x80 && $tempchr3 <= 0xBF)) $x += 3;
else if ((($tempchr >= 0xE1 && $tempchr <= 0xEC) || $tempchr == 0xEE || $tempchr == 0xEF) && ($tempchr2 >= 0x80 && $tempchr2 <= 0xBF) && ($tempchr3 >= 0x80 && $tempchr3 <= 0xBF)) $x += 3;
else if ($tempchr == 0xED && ($tempchr2 >= 0x80 && $tempchr2 <= 0x9F) && ($tempchr3 >= 0x80 && $tempchr3 <= 0xBF)) $x += 3;
else if ($tempchr == 0xF0 && ($tempchr2 >= 0x90 && $tempchr2 <= 0xBF) && ($tempchr3 >= 0x80 && $tempchr3 <= 0xBF) && ($tempchr4 >= 0x80 && $tempchr4 <= 0xBF)) $x += 4;
else if (($tempchr >= 0xF1 && $tempchr <= 0xF3) && ($tempchr2 >= 0x80 && $tempchr2 <= 0xBF) && ($tempchr3 >= 0x80 && $tempchr3 <= 0xBF) && ($tempchr4 >= 0x80 && $tempchr4 <= 0xBF)) $x += 4;
else if ($tempchr == 0xF4 && ($tempchr2 >= 0x80 && $tempchr2 <= 0x8F) && ($tempchr3 >= 0x80 && $tempchr3 <= 0xBF) && ($tempchr4 >= 0x80 && $tempchr4 <= 0xBF)) $x += 4;
else return false;
}
return true;
}
// Locates the next UTF8 character in a UTF8 string.
// Set Pos and Size to 0 to start at the beginning.
// Returns false at the end of the string or bad UTF8 character. Otherwise, returns true.
public static function NextChrPos(&$data, $datalen, &$pos, &$size)
{
$pos += $size;
$size = 0;
$x = $pos;
$y = $datalen;
if ($x >= $y) return false;
$tempchr = ord($data[$x]);
if ($y - $x > 1) $tempchr2 = ord($data[$x + 1]);
else $tempchr2 = 0x00;
if ($y - $x > 2) $tempchr3 = ord($data[$x + 2]);
else $tempchr3 = 0x00;
if ($y - $x > 3) $tempchr4 = ord($data[$x + 3]);
else $tempchr4 = 0x00;
if ($tempchr == 0x09 || $tempchr == 0x0A || $tempchr == 0x0D || ($tempchr >= 0x20 && $tempchr <= 0x7E)) $size = 1;
else if (($tempchr >= 0xC2 && $tempchr <= 0xDF) && ($tempchr2 >= 0x80 && $tempchr2 <= 0xBF)) $size = 2;
else if ($tempchr == 0xE0 && ($tempchr2 >= 0xA0 && $tempchr2 <= 0xBF) && ($tempchr3 >= 0x80 && $tempchr3 <= 0xBF)) $size = 3;
else if ((($tempchr >= 0xE1 && $tempchr <= 0xEC) || $tempchr == 0xEE || $tempchr == 0xEF) && ($tempchr2 >= 0x80 && $tempchr2 <= 0xBF) && ($tempchr3 >= 0x80 && $tempchr3 <= 0xBF)) $size = 3;
else if ($tempchr == 0xED && ($tempchr2 >= 0x80 && $tempchr2 <= 0x9F) && ($tempchr3 >= 0x80 && $tempchr3 <= 0xBF)) $size = 3;
else if ($tempchr == 0xF0 && ($tempchr2 >= 0x90 && $tempchr2 <= 0xBF) && ($tempchr3 >= 0x80 && $tempchr3 <= 0xBF) && ($tempchr4 >= 0x80 && $tempchr4 <= 0xBF)) $size = 4;
else if (($tempchr >= 0xF1 && $tempchr <= 0xF3) && ($tempchr2 >= 0x80 && $tempchr2 <= 0xBF) && ($tempchr3 >= 0x80 && $tempchr3 <= 0xBF) && ($tempchr4 >= 0x80 && $tempchr4 <= 0xBF)) $size = 4;
else if ($tempchr == 0xF4 && ($tempchr2 >= 0x80 && $tempchr2 <= 0x8F) && ($tempchr3 >= 0x80 && $tempchr3 <= 0xBF) && ($tempchr4 >= 0x80 && $tempchr4 <= 0xBF)) $size = 4;
else return false;
return true;
}
// Determines if a UTF8 string can also be viewed as ASCII.
public static function IsASCII($data)
{
$pos = 0;
$size = 0;
$y = strlen($data);
while (self::NextChrPos($data, $y, $pos, $size) && $size == 1) {}
if ($pos < $y || $size > 1) return false;
return true;
}
// Returns the number of characters in a UTF8 string.
public static function strlen($data)
{
$num = 0;
$pos = 0;
$size = 0;
$y = strlen($data);
while (self::NextChrPos($data, $y, $pos, $size)) $num++;
return $num;
}
// Converts a UTF8 string to ASCII and drops bad UTF8 and non-ASCII characters in the process.
public static function ConvertToASCII($data)
{
$result = "";
$pos = 0;
$size = 0;
$y = strlen($data);
while ($pos < $y)
{
if (self::NextChrPos($data, $y, $pos, $size) && $size == 1) $result .= $data[$pos];
else if (!$size) $size = 1;
}
return $result;
}
// Converts UTF8 characters in a string to HTML entities.
public static function ConvertToHTML($data)
{
return preg_replace_callback('/([\xC0-\xF7]{1,1}[\x80-\xBF]+)/', 'UTF8::ConvertToHTML__Callback', $data);
}
private static function ConvertToHTML__Callback($data)
{
$data = $data[1];
$num = 0;
$data = str_split(strrev(chr((ord(substr($data, 0, 1)) % 252 % 248 % 240 % 224 % 192) + 128) . substr($data, 1)));
foreach ($data as $k => $v) $num += (ord($v) % 128) * pow(64, $k);
return "&#" . $num . ";";
}
}
?>

53
signup/index.php
View File

@@ -1,2 +1,53 @@
<?php
echo "hi";
$title = "sign up for the tilde.club!";
include __DIR__."/../header.php";
?>
<h1>devmode!! please do not use yet!!</h1>
<h1>sign up to join tilde.club</h1>
<p>we're excited you're here! let's get you signed up!</p>
<p>fill out this form and we'll get back to you with account info</p>
<table>
<tr>
<td>
<form method="post">
<?php include 'signup-handler.php'; ?>
<div>
<p>your desired username (numbers and lowercase letters only, no spaces)</p>
<input class="form-control" name="username" value="<?=$_REQUEST["username"] ?? ""?>" type="text" required>
</div>
<div>
<p>email to contact you with account info</p>
<input class="form-control" name="email" value="<?=$_REQUEST["email"] ?? ""?>" type="text" required>
</div>
<div>
<p>what interests you about tilde.club? we want to make sure you're a real human being :)</p>
<textarea class="form-control" name="interest" id="" cols="30" rows="10"><?=$_REQUEST["interest"] ?? ""?></textarea>
</div>
<div>
<p>SSH public key</p>
<textarea required class="form-control" name="sshkey" id="" cols="30" rows="10"><?=$_REQUEST["sshkey"] ?? ""?></textarea>
<p>if you don't have a key, don't worry! <a href="https://tilde.club/wiki/ssh.html">check out our guide to ssh keys</a> and make sure that you only put your pubkey here</p>
</div>
<p>
<em>signing up implies that you agree to abide by the rule of NO DRAMA</em>
<br>
no drama. be respectful. have fun. we're all trying, and we're all in this together :)
</p>
<button class="btn btn-primary" type="submit">submit</button>
</form>
</td>
</tr>
</table>
<?php include __DIR__."/../footer.php";

128
signup/signup-handler.php Normal file
View File

@@ -0,0 +1,128 @@
<?php
require_once "email/smtp.php";
function forbidden_name($name) {
return in_array($name, [
'0x0',
'abuse',
'admin',
'administrator',
'auth',
'autoconfig',
'bbj',
'broadcasthost',
'cloud',
'forum',
'ftp',
'git',
'gopher',
'hostmaster',
'imap',
'info',
'irc',
'is',
'isatap',
'it',
'localdomain',
'localhost',
'lounge',
'mail',
'mailer-daemon',
'marketing',
'marketting',
'mis',
'news',
'nobody',
'noc',
'noreply',
'pop',
'pop3',
'postmaster',
'retro',
'root',
'sales',
'security',
'smtp',
'ssladmin',
'ssladministrator',
'sslwebmaster',
'support',
'sysadmin',
'team',
'usenet',
'uucp',
'webmaster',
'wpad',
'www',
'znc',
]);
}
$message = "";
if (isset($_REQUEST["username"]) && isset($_REQUEST["email"])) {
// Check the name.
$name = trim($_REQUEST["username"]);
if ($name == "")
$message .= "<li>please fill in your desired username</li>";
if (strlen($name) > 32)
$message .= "<li>username too long (32 character max)</li>";
if (!preg_match('/^[a-z][a-z0-9]{2,31}$/', $name))
$message .= "<li>username contains invalid characters (lowercase only, must start with a letter)</li>";
if ($_REQUEST["sshkey"] == "" || mb_substr($_REQUEST["sshkey"], 0, 4) !== "ssh-")
$message .= '<li>ssh key required: please create one and submit the public key. '
. 'see our <a href="https://tilde.club/wiki/ssh.html">ssh wiki</a> or '
. 'hop on <a href="https://web.tilde.chat/?join=club">irc</a> and ask for help</li>';
if ($_REQUEST["interest"] == "")
$message .= "<li>please explain why you're interested so we can make sure you're a real human being</li>";
if (posix_getpwnam($name) || forbidden_name($name))
$message .= "<li>sorry, the username $name is unavailable</li>";
// Check the e-mail address.
$email = trim($_REQUEST["email"]);
if ($email == "")
$message .= "<li>please fill in your email address</li>";
else {
$result = SMTP::MakeValidEmailAddress($_REQUEST["email"]);
if (!$result["success"])
$message .= "<li>invalid email address: " . htmlspecialchars($result["error"]) . "</li>";
elseif ($result["email"] != $email)
$message .= "<li>invalid email address. did you mean: " . htmlspecialchars($result["email"]) . "</li>";
}
// no validation errors
if ($message == "") {
$msgbody = "
username: {$_REQUEST["username"]}
email: {$_REQUEST["email"]}
reason: {$_REQUEST["interest"]}
makeuser {$_REQUEST["username"]} {$_REQUEST["email"]} \"{$_REQUEST["sshkey"]}\"
";
if (mail('root', 'new tilde.club signup', $msgbody)) {
echo '<div class="alert alert-success" role="alert">
email sent! we\'ll get back to you soon (usually within a day) with login instructions! <a href="/">back to tilde.club home</a>
</div>';
} else {
echo '<div class="alert alert-danger" role="alert">
something went wrong... please send an email to <a href="mailto:root@tilde.club">root@tilde.club</a> with details of what happened
</div>';
}
} else {
?>
<div class="alert alert-warning" role="alert">
<strong>please correct the following errors: </strong>
<?=$message?>
</div>
<?php
}
}
?>