From da8f2e95e11e05860fa5f8ac03706c70eac6bc3a Mon Sep 17 00:00:00 2001
From: deepend-tildeclub <58404188+deepend-tildeclub@users.noreply.github.com>
Date: Fri, 5 Jan 2024 11:28:41 -0700
Subject: [PATCH] Update signup-handler.php
---
signup/signup-handler.php | 159 +++++++++++++++++++++++++++++---------
1 file changed, 124 insertions(+), 35 deletions(-)
diff --git a/signup/signup-handler.php b/signup/signup-handler.php
index 2c23190..7323bdd 100644
--- a/signup/signup-handler.php
+++ b/signup/signup-handler.php
@@ -1,20 +1,59 @@
please fill in your desired username";
+ $message .= "fill in your desired username\n";
+ else {
+ if (strlen($name) < 2)
+ $message .= "username is too short (2 character min)\n";
- if (strlen($name) > 32)
- $message .= "username too long (32 character max)";
+ if (strlen($name) > 32)
+ $message .= "username too long (32 character max)\n";
- if (!preg_match('/^[a-z][a-z0-9]{1,31}$/', $name))
- $message .= "username contains invalid characters (lowercase ascii only, must start with a letter)";
+ if (strlen($name) > 1 && !preg_match('/^[a-z][a-z0-9]{1,31}$/', $name))
+ $message .= "username contains invalid characters (lowercase only, must start with a letter).\n";
- if ($_REQUEST["sshkey"] == "" || mb_substr($_REQUEST["sshkey"], 0, 4) !== "ssh-")
- $message .= 'ssh key required: please create one and submit the public key. '
- . 'see our ssh wiki or '
- . 'hop on irc and ask for help';
-
- if ($_REQUEST["interest"] == "")
- $message .= "please explain why you're interested so we can make sure you're a real human being";
-
- if (posix_getpwnam($name) || forbidden_name($name))
- $message .= "sorry, the username $name is unavailable";
+ if (posix_getpwnam($name) || forbidden_name($name))
+ $message .= "sorry, the username $name is unavailable\n";
+ }
// Check the e-mail address.
$email = trim($_REQUEST["email"]);
@@ -97,13 +161,35 @@ if (isset($_REQUEST["username"]) && isset($_REQUEST["email"])) {
$message .= "invalid email address: " . htmlspecialchars($result["error"]) . "";
elseif ($result["email"] != $email)
$message .= "invalid email address. did you mean: " . htmlspecialchars($result["email"]) . "";
+
+ elseif ($name != "" && forbidden_email($email)) {
+ $message .= "your email is banned!
";
+ add_ban_info($name, $email);
+ }
+ }
+
+ if ($_REQUEST["interest"] == "")
+ $message .= "please explain why you're interested so we can make sure you're a real human being";
+
+ $sshkey = trim($_REQUEST["sshkey"]);
+ if ($sshkey == "" || !is_ssh_pubkey($sshkey))
+ $message .= 'ssh key required: please create one and submit the public key. '
+ . 'see our ssh wiki or '
+ . 'hop on irc and ask for help';
+ else {
+ if ($name != "" && $email != "") {
+ if (forbidden_sshkey($sshkey)) {
+ $message .= "your sshkey is banned!\n";
+ add_ban_info($name, $email);
+ }
+ }
}
// no validation errors
- if ($message == "") {
- $sshkey = trim($_REQUEST["sshkey"]);
- $makeuser = "makeuser {$_REQUEST["username"]} {$_REQUEST["email"]} \"{$sshkey}\"";
+ if ($message == "") {
+ $makeuser = "makeuser {$_REQUEST["username"]} {$_REQUEST["email"]} \"$sshkey\"";
+
$msgbody = "
username: {$_REQUEST["username"]}
email: {$_REQUEST["email"]}
@@ -112,25 +198,28 @@ reason: {$_REQUEST["interest"]}
$makeuser
";
- if (mail('root', 'new tilde.club signup', $msgbody)) {
+ if (mail('sudoers', 'new tilde.club signup', $msgbody)) {
echo '
- email sent! we\'ll get back to you soon (usually within a day) with login instructions! be sure to check your spam folder as we\'ve had several reports of being marked as spam!
back to tilde.club home
-
- something went wrong... please send an email to
root@tilde.club with details of what happened
-
- please correct the following errors:
+ notice:
-
-