TildeClub/site
1
1
Fork 0
mirror of https://github.com/tildeclub/site.git synced 2026-01-23 21:40:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

signup improvements, user firewall block check.

Browse Source
This commit is contained in:
deepend
2025-09-29 20:08:34 +00:00
parent e3b2d04d0f
commit 7ba6e46df1
6 changed files with 304 additions and 167 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
signup/email/smtp.php
View File

@@ -424,8 +424,11 @@
public static function GetDNSRecord($domain, $types = array("MX", "A"), $nameservers = array("8.8.8.8", "8.8.4.4"), $cache = true)
{
// Check for a mail server based on a DNS lookup.
if (!class_exists("Net_DNS2_Resolver")) require_once str_replace("\\", "/", dirname(__FILE__)) . "/Net/DNS2.php";
if (!class_exists('Net_DNS2_Resolver')) {
// Composer autoloader should already be loaded above; this is a last-ditch attempt.
$autoload = dirname(__DIR__, 2) . '/vendor/autoload.php';
if (is_file($autoload)) { require $autoload; }
}
$resolver = new Net_DNS2_Resolver(array("nameservers" => $nameservers));
try
{

4
signup/index.php
View File

@@ -1,4 +1,8 @@
<?php
declare(strict_types=1);
require __DIR__ . '/vendor/autoload.php';
$title = "sign up for the tilde.club!";
include __DIR__."/../header.php";

80
signup/signup-handler.php
View File

@@ -1,6 +1,5 @@
<?php
$filepath = __FILE__;
# require __DIR__.'/../vendor/autoload.php';
require_once "email/smtp.php";
function getUserIpAddr() {
@@ -43,71 +42,22 @@ function is_ssh_pubkey($string): bool
return false;
}
function forbidden_name($name): bool
function forbidden_name(string $name): bool
{
$badnames = [
'0x0',
'abuse',
'admin',
'administrator',
'auth',
'autoconfig',
'bbj',
'broadcasthost',
'cloud',
'forum',
'ftp',
'git',
'gopher',
'hostmaster',
'imap',
'info',
'irc',
'is',
'isatap',
'it',
'localdomain',
'localhost',
'lounge',
'mail',
'mailer-daemon',
'marketing',
'marketting',
'mis',
'news',
'nobody',
'noc',
'noreply',
'pop',
'pop3',
'postmaster',
'retro',
'root',
'sales',
'security',
'smtp',
'ssladmin',
'ssladministrator',
'sslwebmaster',
'support',
'sysadmin',
'team',
'usenet',
'uucp',
'webmaster',
'wpad',
'www',
'znc',
$bad = [
'0x0','abuse','admin','administrator','auth','autoconfig','bbj','broadcasthost','cloud','forum','ftp',
'git','gopher','hostmaster','imap','info','irc','is','isatap','it','localdomain','localhost','lounge',
'mail','mailer-daemon','marketing','marketting','mis','news','nobody','noc','noreply','pop','pop3',
'postmaster','retro','root','sales','security','smtp','ssladmin','ssladministrator','sslwebmaster',
'support','sysadmin','team','usenet','uucp','webmaster','wpad','www','znc',
];
return in_array(
$name,
array_merge(
$badnames,
file("/var/signups_current", FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES),
file("/var/banned_names.txt", FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES)
)
);
$lists = [$bad];
foreach (['/var/signups_current','/var/banned_names.txt'] as $p) {
$t = @file($p, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
if (is_array($t)) { $lists[] = $t; } // ignore missing/unreadable files
}
return in_array($name, array_merge(...$lists), true);
}
function forbidden_email($email): bool
@@ -198,7 +148,9 @@ reason: {$_REQUEST["interest"]}
$makeuser
";
if (mail('root', 'new tilde.club signup', $msgbody)) {
$to = 'root@tilde.club';
$headers = "To: {$to}\r\nFrom: signup <signup@tilde.club>\r\n";
if (mail($to, 'new tilde.club signup', $msgbody, $headers)) {
echo '<div class="alert alert-success" role="alert">
email sent! we\'ll get back to you soon with login instructions! (timeframe for processing signups varies greatly) <a href="/">back to tilde.club home</a>
</div>';