2019-10-12 18:17:09 +00:00
|
|
|
<?php
|
2020-01-16 01:36:11 +00:00
|
|
|
|
|
|
|
function getUserIpAddr() {
|
|
|
|
if(!empty($_SERVER['HTTP_CLIENT_IP'])) {
|
2020-01-15 22:17:00 +00:00
|
|
|
//ip from share internet
|
|
|
|
$ip = $_SERVER['HTTP_CLIENT_IP'];
|
2020-01-16 01:36:11 +00:00
|
|
|
} elseif(!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
|
2020-01-15 22:17:00 +00:00
|
|
|
//ip pass from proxy
|
|
|
|
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
|
2020-01-16 01:36:11 +00:00
|
|
|
} else {
|
2020-01-15 22:17:00 +00:00
|
|
|
$ip = $_SERVER['REMOTE_ADDR'];
|
|
|
|
}
|
|
|
|
return $ip;
|
|
|
|
}
|
|
|
|
|
2020-02-01 23:00:24 +00:00
|
|
|
function add_ban_info($name, $email) {
|
2020-02-01 19:12:11 +00:00
|
|
|
$user_ip = getUserIpAddr();
|
|
|
|
$user_info = "$name - $email - $user_ip";
|
|
|
|
file_put_contents("/var/signups_banned", $user_info.PHP_EOL, FILE_APPEND);
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2019-10-12 18:17:09 +00:00
|
|
|
function forbidden_name($name) {
|
2020-01-17 09:53:10 +00:00
|
|
|
return in_array(
|
|
|
|
$name,
|
|
|
|
array_merge(
|
|
|
|
file("/var/signups_forbidden", FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES),
|
|
|
|
file("/var/signups_current", FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES),
|
|
|
|
file("/var/banned_names.txt", FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES)
|
|
|
|
)
|
|
|
|
);
|
2019-10-12 18:17:09 +00:00
|
|
|
}
|
|
|
|
|
2020-01-15 22:17:00 +00:00
|
|
|
function forbidden_email($email) {
|
2020-01-16 13:26:40 +00:00
|
|
|
$femail = file("/var/banned_emails.txt", FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
|
2020-01-15 22:17:00 +00:00
|
|
|
return in_array($email, $femail);
|
|
|
|
}
|
|
|
|
|
2020-02-01 19:12:11 +00:00
|
|
|
function forbidden_sshkey($sshkey) {
|
|
|
|
$fsshkey = file("/var/banned_sshkeys.txt", FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
|
2020-02-02 09:11:33 +00:00
|
|
|
foreach ($fsshkey as $line_num => $line) {
|
|
|
|
$fsk_line = explode(' ',trim($line));
|
|
|
|
$fsk[] = $fsk_line[1];
|
|
|
|
}
|
|
|
|
|
|
|
|
$sk = explode(' ',trim($sshkey));
|
|
|
|
|
|
|
|
return in_array($sk[1], $fsk);
|
2020-02-01 19:12:11 +00:00
|
|
|
}
|
|
|
|
|
2020-01-16 01:00:26 +00:00
|
|
|
|
2019-10-12 18:17:09 +00:00
|
|
|
$message = '';
|
|
|
|
if (isset($_REQUEST["username"]) && isset($_REQUEST["email"])) {
|
|
|
|
|
|
|
|
$email = $_REQUEST["email"];
|
|
|
|
$mailTo = 'hostmaster@envs.net';
|
|
|
|
$mailFrom = "$email";
|
|
|
|
$mailSubject = 'Signup User Space - envs.net';
|
|
|
|
|
|
|
|
$headers[] = 'MIME-Version: 1.0';
|
|
|
|
$headers[] = 'Content-type: text/plain; charset=utf-8';
|
|
|
|
$headers[] = "From: $mailFrom";
|
|
|
|
//$headers[] = "Cc: $mailFrom";
|
|
|
|
|
2020-02-02 11:03:39 +00:00
|
|
|
|
2019-10-12 18:17:09 +00:00
|
|
|
$name = trim($_REQUEST["username"]);
|
|
|
|
if ($name == "")
|
|
|
|
$message .= "<li>fill in your desired username</li>\n";
|
2020-02-02 11:03:39 +00:00
|
|
|
else {
|
|
|
|
if (strlen($name) < 2)
|
|
|
|
$message .= "<li>username is too short (2 character min)</li>\n";
|
2019-10-12 18:17:09 +00:00
|
|
|
|
2020-02-02 11:03:39 +00:00
|
|
|
if (strlen($name) > 32)
|
|
|
|
$message .= "<li>username too long (32 character max)</li>\n";
|
2019-10-12 18:17:09 +00:00
|
|
|
|
2020-02-02 11:03:39 +00:00
|
|
|
if (strlen($name) > 1 && !preg_match('/^[a-z][a-z0-9]{1,31}$/', $name))
|
|
|
|
$message .= "<li>username contains invalid characters (lowercase only, must start with a letter).</li>\n";
|
2019-10-12 18:17:09 +00:00
|
|
|
|
2020-02-02 11:03:39 +00:00
|
|
|
if (posix_getpwnam($name) || forbidden_name($name))
|
|
|
|
$message .= "<li>sorry, the username $name is unavailable</li>\n";
|
|
|
|
}
|
2019-10-12 18:17:09 +00:00
|
|
|
|
|
|
|
|
2020-01-17 09:53:10 +00:00
|
|
|
$email = trim($_REQUEST["email"]);
|
2020-01-17 10:32:09 +00:00
|
|
|
$emailconfirm = trim($_REQUEST["emailconfirm"]);
|
2019-10-12 18:17:09 +00:00
|
|
|
if ($email == "")
|
|
|
|
$message .= "<li>fill in your email address</li>\n";
|
2020-01-17 09:53:10 +00:00
|
|
|
else {
|
2020-01-17 10:32:09 +00:00
|
|
|
if ($email != $emailconfirm)
|
2020-01-17 10:45:25 +00:00
|
|
|
$message .= "<li>email does not match</li>\n";
|
2020-01-17 10:32:09 +00:00
|
|
|
elseif (!filter_var($email, FILTER_VALIDATE_EMAIL))
|
|
|
|
$message .= "<li>invalid email format</li>\n";
|
2019-10-12 18:17:09 +00:00
|
|
|
|
2020-01-17 09:53:10 +00:00
|
|
|
elseif ($name != "" && forbidden_email($email)) {
|
|
|
|
$message .= "<li>your email is banned!</li>\n";
|
2020-02-01 23:00:24 +00:00
|
|
|
add_ban_info($name, $email);
|
2020-01-16 01:47:41 +00:00
|
|
|
}
|
2020-01-16 01:00:26 +00:00
|
|
|
}
|
|
|
|
|
2020-02-02 11:03:39 +00:00
|
|
|
|
2020-01-17 09:53:10 +00:00
|
|
|
if ($_REQUEST["interest"] == "")
|
2020-01-16 01:00:26 +00:00
|
|
|
$message .= "<li>explain why youre interested so we can make sure youre a real human being</li>\n";
|
|
|
|
|
2020-02-02 11:03:39 +00:00
|
|
|
|
2020-02-01 19:12:11 +00:00
|
|
|
$sshkey = trim($_REQUEST["sshkey"]);
|
|
|
|
if ($sshkey == "" || substr($sshkey, 0, 4) !== "ssh-")
|
2020-03-29 21:46:12 +00:00
|
|
|
$message .= "<li>ssh key required: please submit the public key.</li>\n";
|
2020-02-01 19:12:11 +00:00
|
|
|
else {
|
2020-02-02 10:51:16 +00:00
|
|
|
if ($name != "" && $email != "") {
|
|
|
|
if (forbidden_sshkey($sshkey)) {
|
|
|
|
$message .= "<li>your sshkey is banned!</li>\n";
|
|
|
|
add_ban_info($name, $email);
|
|
|
|
}
|
2020-02-01 19:12:11 +00:00
|
|
|
}
|
|
|
|
}
|
2020-01-16 01:00:26 +00:00
|
|
|
|
2020-02-02 11:03:39 +00:00
|
|
|
|
2021-08-11 07:42:43 +00:00
|
|
|
if ($_REQUEST["c_age"] == "")
|
|
|
|
$message .= "<li>you must be at least 16 years old to use this service.</li>\n";
|
|
|
|
|
2020-01-17 23:44:22 +00:00
|
|
|
if ($_REQUEST["iagree"] == "")
|
|
|
|
$message .= "<li>you need to agree to our terms.</li>\n";
|
|
|
|
|
2019-10-12 18:17:09 +00:00
|
|
|
// no validation errors
|
|
|
|
if ($message == "") {
|
|
|
|
|
|
|
|
$makeuser = "/usr/local/bin/envs_user_manage add {$_REQUEST["username"]} {$_REQUEST["email"]} \"{$sshkey}\"";
|
|
|
|
|
|
|
|
$msgbody = "
|
|
|
|
username: {$_REQUEST["username"]}
|
|
|
|
email: {$_REQUEST["email"]}
|
|
|
|
reason:
|
2020-01-17 09:53:10 +00:00
|
|
|
{$_REQUEST["interest"]}
|
2019-10-12 18:17:09 +00:00
|
|
|
|
|
|
|
$makeuser
|
|
|
|
";
|
|
|
|
$mailSent = @mail($mailTo, $mailSubject, $msgbody, implode("\r\n", $headers));
|
|
|
|
|
|
|
|
if($mailSent == TRUE) {
|
2020-01-16 19:20:35 +00:00
|
|
|
// temp. add to forbidden to prevent double signups (cleanup after user creation)
|
|
|
|
file_put_contents("/var/signups_current", $name.PHP_EOL, FILE_APPEND);
|
|
|
|
// save signup
|
2020-01-16 16:55:06 +00:00
|
|
|
file_put_contents("/var/signups", $makeuser.PHP_EOL, FILE_APPEND);
|
2019-10-12 18:17:09 +00:00
|
|
|
|
2020-01-16 16:55:06 +00:00
|
|
|
echo '<pre class="alert">
|
2021-01-13 16:47:18 +00:00
|
|
|
Sent your message <big><em>successfully</em></big>!
|
2019-10-12 18:17:09 +00:00
|
|
|
Please allow up to 24 hours for a response with login instructions!</pre>';
|
|
|
|
|
|
|
|
} else {
|
2020-01-16 16:55:06 +00:00
|
|
|
echo '<pre class="alert">
|
2019-10-12 18:17:09 +00:00
|
|
|
something went wrong... :(
|
|
|
|
please send an email to <a href="mailto:hostmaster@envs.net">hostmaster@envs.net</a> with details of what happened.</pre>';
|
|
|
|
}
|
|
|
|
|
|
|
|
} else {
|
|
|
|
?>
|
2020-01-19 18:09:23 +00:00
|
|
|
<div class="alert">
|
2020-01-16 02:14:03 +00:00
|
|
|
<h3><i class="fa fa-exclamation-triangle fa-fw" aria-hidden="true"></i> notice:</h3>
|
2020-01-23 12:42:42 +00:00
|
|
|
<p></p>
|
2020-01-19 20:10:18 +00:00
|
|
|
<ul>
|
|
|
|
<?=$message?>
|
2019-10-12 18:17:09 +00:00
|
|
|
</ul>
|
2020-01-19 18:09:23 +00:00
|
|
|
</div>
|
2019-10-12 18:17:09 +00:00
|
|
|
<?php
|
|
|
|
}
|
|
|
|
}
|
|
|
|
?>
|