// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Pipecode. If not, see <http://www.gnu.org/licenses/>.
//
include "mail.php";
if (http_post()) {
$to = http_post_string("to", array("len" => 250, "valid" => "[a-z][A-Z][0-9]-_.<>@+ "));
$subject = http_post_string("subject", array("len" => 250, "valid" => "[ALL]"));
$body = http_post_string("body", array("len" => 64000, "valid" => "[ALL]"));
$in_reply_to = http_post_string("in_reply_to", array("required" => false, "len" => 250, "valid" => "[a-z][A-Z][0-9]-_.@+-"));
send_web_mail($to, $subject, $body, $in_reply_to);
header("Location: /mail/");
die;
}
$to = http_get_string("to", array("required" => false, "len" => 250, "valid" => "[a-z][A-Z][0-9]-_.<>@+ "));
$mid = http_get_int("mid", array("required" => false));
if ($mid > 0) {
$message = db_get_rec("mail", $mid);
$in_reply_to = $message["message_id"];
$to = $message["mail_from"];
$subject = $message["subject"];
if (substr($subject, 0, 4) != "Re: ") {
$subject = "Re: {$subject}";
}
} else {
$in_reply_to = "";
$subject = "";
}
print_header("Mail", array("Inbox"), array("inbox"), array("/mail/"));
writeln('<form method="post">');
//
// Pipecode is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Pipecode is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Pipecode. If not, see <http://www.gnu.org/licenses/>.
//
include "mail.php";
$verify = http_get_string("verify", array("required" => false, "len" => 64, "valid" => "[0-9]abcdef"));
if (strlen($verify) != 0 && strlen($verify) != 64) {
die("invalid verify hash");
}
if ($verify != "") {
$email_challenge = db_get_rec("email_challenge", array("challenge" => $verify));
$zid = strtolower($email_challenge["username"]) . "@{$site_name}";
if (!is_local_user($zid)) {
die("no such user [{$zid}]");
}
$user_conf = db_get_conf("user_conf", $zid);
}
if (http_post()) {
if ($verify != "") {
$password_1 = http_post_string("password_1", array("len" => 64, "valid" => "[KEYBOARD]"));
$password_2 = http_post_string("password_2", array("len" => 64, "valid" => "[KEYBOARD]"));
global $protocol;
$date = date("Y-m-d H:i", $time);
if ($zid == "") {
$by = "Anonymous Coward";
} else {
$by = "<a href=\"" . user_page_link($zid) . "\">{$zid}</a>";
}
writeln("<article>");
writeln("\t<h1><a href=\"{$link}\">{$title}</a></h1>");
writeln("\t<h2>{$protocol}://{$server_name}{$link}</h2>");
writeln("\t<h3>by {$by} on {$date}</h3>");
writeln("\t<p>{$body}</p>");
writeln("</article>");
}
$needle = http_get_string("needle", array("required" => false, "valid" => "[a-z][A-Z][0-9]_+-=%|./? "));
$haystack = http_get_string("haystack", array("required" => false, "len" => 20, "valid" => "[a-z]"));
if ($needle != "") {
$needle = str_replace("+", " ", $needle);
$needle = str_replace("%2B", "+", $needle);
if ($haystack == "comments") {
$sql = "select * , match (subject, comment) against (? in boolean mode) as relevance from comment where match (subject, comment) against (? in boolean mode) order by relevance";
} else {
if ($haystack == "stories") {
$sql = "select * , match (title, story) against (? in boolean mode) as relevance from story where match (title, story) against (? in boolean mode) order by relevance";
} else {
if ($haystack == "pipe") {
$sql = "select * , match (title, story) against (? in boolean mode) as relevance from pipe where match (title, story) against (? in boolean mode) order by relevance";
} else {
if ($haystack == "polls") {
$sql = "select * , match (question) against (? in boolean mode) as relevance from poll_question where match (question) against (? in boolean mode) order by relevance";
} else {
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Pipecode is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Pipecode. If not, see <http://www.gnu.org/licenses/>.
//
if (http_post()) {
$username = http_post_string("username", array("len" => 20, "valid" => "[a-z][A-Z][0-9]"));
$password = http_post_string("password", array("len" => 64, "valid" => "[KEYBOARD]"));
$referer = http_get_string("referer", array("required" => false, "len" => 200, "valid" => "[a-z][A-Z][0-9].+-_/?&#=;~"));
$zid = strtolower($username) . "@{$server_name}";
$user_conf = db_get_conf("user_conf", $zid);
if ($user_conf["password"] != crypt_sha256($password . $user_conf["salt"])) {
die("wrong password");
}
$expire = time() + $auth_expire;
$cookie = "expire={$expire}&zid={$zid}";
$cookie .= "&hash=" . crypt_sha256($auth_key . $cookie);
setcookie("auth", $cookie, time() + $auth_expire, "/", ".{$server_name}");
if ($referer != "") {
header("Location: {$referer}");
} else {
header("Location: ./");
}
}