TildeClub/site
TildeClub
/
site
mirror of https://github.com/tildeclub/site.git
1
1
Fork 1
Code Issues Packages Projects Releases Wiki Activity

signup improvements, user firewall block check.

This commit is contained in:
deepend 2025-09-29 20:08:34 +00:00
parent e3b2d04d0f
commit 7ba6e46df1
6 changed files with 304 additions and 167 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
.gitignore vendored
View File

@ -13,3 +13,8 @@ icons/
stats/ stats/
cache/ cache/
polls/polls.db polls/polls.db
robots.txt
share/
polls/
botanygarden/
robots.txt

20
polls/db.php
View File

@ -65,17 +65,17 @@ try {
// Create a default admin user with a hashed password // Create a default admin user with a hashed password
// NOTE: In production, you should not hardcode these credentials. // NOTE: In production, you should not hardcode these credentials.
// Instead, store them outside of your code or set them up once. // Instead, store them outside of your code or set them up once.
$adminUsername = 'admin'; // $adminUsername = 'admin';
$adminPlainPassword = 'password'; // Change this in production // $adminPlainPassword = 'password'; // Change this in production
$adminHashedPassword = password_hash($adminPlainPassword, PASSWORD_DEFAULT); // $adminHashedPassword = password_hash($adminPlainPassword, PASSWORD_DEFAULT);
$insertUser = $db->prepare(" // $insertUser = $db->prepare("
INSERT INTO users (username, password) // INSERT INTO users (username, password)
VALUES (:username, :password) // VALUES (:username, :password)
"); // ");
$insertUser->bindValue(':username', $adminUsername, PDO::PARAM_STR); // $insertUser->bindValue(':username', $adminUsername, PDO::PARAM_STR);
$insertUser->bindValue(':password', $adminHashedPassword, PDO::PARAM_STR); // $insertUser->bindValue(':password', $adminHashedPassword, PDO::PARAM_STR);
$insertUser->execute(); // $insertUser->execute();
} }
// Optionally, you can return $db or leave it globally accessible // Optionally, you can return $db or leave it globally accessible

301
robots.txt
View File

@ -1,91 +1,264 @@
User-Agent: MojeekBot user-agent:AwarioRssBot
Allow: /~xwindows/ disallow:/~bayang/
User-Agent: Qwantify user-agent:YouBot
Allow: /~xwindows/ disallow:/~bayang/
disallow:/~jbd/
User-Agent: Wibybot user-agent:PerplexityBot
Allow: /~xwindows/ disallow:/~bayang/
disallow:/~jbd/
User-Agent: search.marginalia.nu user-agent:ImagesiftBot
Allow: /~xwindows/ disallow:/~bayang/
disallow:/~jbd/
User-Agent: SearchMySiteBot user-agent:search.marginalia.nu
Allow: /~xwindows/ allow:/~xwindows/
User-Agent: Duckduckbot user-agent:Dataprovider
Allow: /~xwindows/ disallow:/~xwindows/
User-Agent: ia_archiver user-agent:ChatGPT-User
Allow: /~xwindows/ disallow:/~bayang/
disallow:/~jbd/
User-Agent: Googlebot user-agent:Barkrowler
Allow: /~xwindows/$ disallow:/~xwindows/
Allow: /~xwindows/index.html$
Disallow: /~xwindows/
User-Agent: bingbot user-agent:peer39_crawler
Allow: /~xwindows/$ disallow:/~bayang/
Allow: /~xwindows/index.html$
Disallow: /~xwindows/
User-Agent: YandexBot user-agent:ia_archiver
Allow: /~xwindows/$ allow:/~xwindows/
Allow: /~xwindows/index.html$
Disallow: /~xwindows/
User-Agent: YandexFavicons user-agent:GTPBot
Disallow: /~xwindows/ disallow:/~miccaman/
User-Agent: MegaIndex.ru user-agent:magpie-crawler
Disallow: /~xwindows/ disallow:/~bayang/
User-Agent: Amazonbot user-agent:Qwantify
Disallow: /~xwindows/ allow:/~xwindows/
User-Agent: Linespider user-agent:GPTBot
Disallow: /~xwindows/ disallow:/~bayang/
disallow:/~jbd/
User-Agent: Bytespider user-agent:ClaudeBot
Disallow: /~xwindows/ disallow:/~bayang/
disallow:/~jbd/
User-Agent: CCBot user-agent:YandexFavicons
Disallow: /~xwindows/ disallow:/~xwindows/
User-Agent: Neevabot user-agent:peer39_crawler/1.0
Disallow: /~xwindows/ disallow:/~bayang/
User-Agent: PetalBot user-agent:Linespider
Disallow: /~xwindows/ disallow:/~xwindows/
User-Agent: SemrushBot user-agent:Applebot
Disallow: /~xwindows/ disallow:/~bayang/
disallow:/~jbd/
User-Agent: AhrefsBot user-agent:SearchMySiteBot
Disallow: /~xwindows/ allow:/~xwindows/
User-Agent: DataForSeoBot user-agent:Duckduckbot
Disallow: /~xwindows/ allow:/~xwindows/
User-Agent: dotbot user-agent:AwarioSmartBot
Disallow: /~xwindows/ disallow:/~bayang/
User-Agent: Barkrowler user-agent:PetalBot
Disallow: /~xwindows/ disallow:/~xwindows/
User-Agent: MJ12bot user-agent:Yandex
Disallow: /~xwindows/ disallow:/~gareppa/
User-Agent: BuiltWith user-agent:Twitterbot
Disallow: /~xwindows/ disallow:/~bayang/
User-Agent: webprosbot user-agent:bingbot
Disallow: /~xwindows/ allow:/~xwindows/$
allow:/~xwindows/index.html$
disallow:/~xwindows/
User-Agent: Dataprovider user-agent:FacebookBot
Disallow: /~xwindows/ disallow:/~bayang/
disallow:/~jbd/
user-agent:SemrushBot
disallow:/~xwindows/
user-agent:MJ12bot
disallow:/~xwindows/
user-agent:Amazonbot
disallow:/~bayang/
disallow:/~jbd/
disallow:/~xwindows/
user-agent:Neevabot
disallow:/~xwindows/
user-agent:Googlebot-image
disallow:/~harvettfox96/
user-agent:Wibybot
allow:/~xwindows/
user-agent:DataForSeoBot
disallow:/~bayang/
disallow:/~xwindows/
user-agent:Omgili
disallow:/~jbd/
user-agent:Googlebot
disallow:/~gareppa/
allow:/~xwindows/$
allow:/~xwindows/index.html$
disallow:/~xwindows/
user-agent:MegaIndex.ru
disallow:/~xwindows/
user-agent:Bingbot
disallow:/~gareppa/
user-agent:omgili
disallow:/~bayang/
user-agent:AdsBot-Google
disallow:/~bayang/
user-agent:Bytespider
disallow:/~bayang/
disallow:/~jbd/
disallow:/~xwindows/
user-agent:webprosbot
disallow:/~xwindows/
user-agent:Diffbot
disallow:/~jbd/
user-agent:dotbot
disallow:/~xwindows/
user-agent:cohere-ai
disallow:/~bayang/
user-agent:Google-Extended
disallow:/~bayang/
disallow:/~jbd/
user-agent:Omgilibot
disallow:/~jbd/
disallow:/~jbd/
user-agent:Claude-Web
disallow:/~bayang/
disallow:/~jbd/
user-agent:anthropic-ai
disallow:/~bayang/
disallow:/~jbd/
user-agent:MojeekBot
allow:/~xwindows/
user-agent:BuiltWith
disallow:/~xwindows/
user-agent:YandexBot
allow:/~xwindows/$
allow:/~xwindows/index.html$
disallow:/~xwindows/
user-agent:CCBot
disallow:/~bayang/
disallow:/~xwindows/
user-agent:AhrefsBot
disallow:/~xwindows/
user-agent:omgilibot
disallow:/~bayang/
user-agent:*
disallow:/~alf/
disallow:/~almaren/log/
disallow:/~almaren/md/
disallow:/~andre4ik3/
disallow:/~ant/
allow:/~atamblingpoder/
allow:/~bayang/
disallow:/~bazz/.github/
disallow:/~bazz/.phan/
disallow:/~bazz/assets/
disallow:/~bazz/backup/
disallow:/~bazz/bin/
disallow:/~bazz/cache/
disallow:/~bazz/logs/
disallow:/~bazz/system/
disallow:/~bazz/tests/
disallow:/~bazz/tmp/
disallow:/~bazz/user/
disallow:/~bazz/vendor/
disallow:/~bazz/webserver-configs/
allow:/~bazz/user/pages/
allow:/~bazz/user/themes/
allow:/~bazz/user/images/
allow:/~bazz/
allow:/~bazz*.css$
allow:/~bazz*.js$
allow:/~bazz/system/*.js$
allow:/~cfw/
allow:/~claytron/
disallow:/~cosmiceye/
disallow:/~dbcohn/
disallow:/~dikiaap/
disallow:/~dmi3/
disallow:/~endling/
disallow:/~fenris/
disallow:/~fiveoverfour/
allow:/~fran/
disallow:/~freespeech/
disallow:/~gareppa/
disallow:/~harvettfox96/c/
disallow:/~hj/
allow:/~hnp/# from a pending header
disallow:/~indoneziva/
allow:/~jamiemichelle/
disallow:/~jbgoldberg/
disallow:/~jozi/
allow:/~jpurnell/
allow:/~levin/
allow:/~levin/
disallow:/~meskin/
allow:/~mjk/
disallow:/~mlot/
allow:/~mrkumar/
allow:/~mydeardiary/
allow:/~numbermumbler/
disallow:/~pb/
disallow:/~silver/wp-admin/
allow:/~skk/
disallow:/~somecarbon/
allow:/~speleo/
allow:/~srw/
disallow:/~surfingreg/
allow:/~talhah/
disallow:/~tivrusky/
disallow:/~turbo/test
disallow:/~uslesshumans.txt
allow:/~ve3zsh/
disallow:/~ve3zsh/api
allow:/~xwindows/$
allow:/~xwindows/index.html$
disallow:/~xwindows/
disallow:/~zihtt/
User-Agent: *
Allow: /~xwindows/$
Allow: /~xwindows/index.html$
Disallow: /~xwindows/

7
signup/email/smtp.php
View File

@ -424,8 +424,11 @@
public static function GetDNSRecord($domain, $types = array("MX", "A"), $nameservers = array("8.8.8.8", "8.8.4.4"), $cache = true) public static function GetDNSRecord($domain, $types = array("MX", "A"), $nameservers = array("8.8.8.8", "8.8.4.4"), $cache = true)
{ {
// Check for a mail server based on a DNS lookup. // Check for a mail server based on a DNS lookup.
if (!class_exists("Net_DNS2_Resolver")) require_once str_replace("\\", "/", dirname(__FILE__)) . "/Net/DNS2.php"; if (!class_exists('Net_DNS2_Resolver')) {
// Composer autoloader should already be loaded above; this is a last-ditch attempt.
$autoload = dirname(__DIR__, 2) . '/vendor/autoload.php';
if (is_file($autoload)) { require $autoload; }
}
$resolver = new Net_DNS2_Resolver(array("nameservers" => $nameservers)); $resolver = new Net_DNS2_Resolver(array("nameservers" => $nameservers));
try try
{ {

4
signup/index.php
View File

@ -1,4 +1,8 @@
<?php <?php
declare(strict_types=1);
require __DIR__ . '/vendor/autoload.php';
$title = "sign up for the tilde.club!"; $title = "sign up for the tilde.club!";
include __DIR__."/../header.php"; include __DIR__."/../header.php";

80
signup/signup-handler.php
View File

@ -1,6 +1,5 @@
<?php <?php
$filepath = __FILE__; $filepath = __FILE__;
# require __DIR__.'/../vendor/autoload.php';
require_once "email/smtp.php"; require_once "email/smtp.php";
function getUserIpAddr() { function getUserIpAddr() {
@ -43,71 +42,22 @@ function is_ssh_pubkey($string): bool
return false; return false;
} }
function forbidden_name($name): bool function forbidden_name(string $name): bool
{ {
$badnames = [ $bad = [
'0x0', '0x0','abuse','admin','administrator','auth','autoconfig','bbj','broadcasthost','cloud','forum','ftp',
'abuse', 'git','gopher','hostmaster','imap','info','irc','is','isatap','it','localdomain','localhost','lounge',
'admin', 'mail','mailer-daemon','marketing','marketting','mis','news','nobody','noc','noreply','pop','pop3',
'administrator', 'postmaster','retro','root','sales','security','smtp','ssladmin','ssladministrator','sslwebmaster',
'auth', 'support','sysadmin','team','usenet','uucp','webmaster','wpad','www','znc',
'autoconfig',
'bbj',
'broadcasthost',
'cloud',
'forum',
'ftp',
'git',
'gopher',
'hostmaster',
'imap',
'info',
'irc',
'is',
'isatap',
'it',
'localdomain',
'localhost',
'lounge',
'mail',
'mailer-daemon',
'marketing',
'marketting',
'mis',
'news',
'nobody',
'noc',
'noreply',
'pop',
'pop3',
'postmaster',
'retro',
'root',
'sales',
'security',
'smtp',
'ssladmin',
'ssladministrator',
'sslwebmaster',
'support',
'sysadmin',
'team',
'usenet',
'uucp',
'webmaster',
'wpad',
'www',
'znc',
]; ];
return in_array( $lists = [$bad];
$name, foreach (['/var/signups_current','/var/banned_names.txt'] as $p) {
array_merge( $t = @file($p, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
$badnames, if (is_array($t)) { $lists[] = $t; } // ignore missing/unreadable files
file("/var/signups_current", FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES), }
file("/var/banned_names.txt", FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES) return in_array($name, array_merge(...$lists), true);
)
);
} }
function forbidden_email($email): bool function forbidden_email($email): bool
@ -198,7 +148,9 @@ reason: {$_REQUEST["interest"]}
$makeuser $makeuser
"; ";
if (mail('root', 'new tilde.club signup', $msgbody)) { $to = 'root@tilde.club';
$headers = "To: {$to}\r\nFrom: signup <signup@tilde.club>\r\n";
if (mail($to, 'new tilde.club signup', $msgbody, $headers)) {
echo '<div class="alert alert-success" role="alert"> echo '<div class="alert alert-success" role="alert">
email sent! we\'ll get back to you soon with login instructions! (timeframe for processing signups varies greatly) <a href="/">back to tilde.club home</a> email sent! we\'ll get back to you soon with login instructions! (timeframe for processing signups varies greatly) <a href="/">back to tilde.club home</a>
</div>'; </div>';