forked from npds/npds_dune
/
lnl.php
executable file
·145 lines (137 loc) · 6.71 KB
/
lnl.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
<?php
/************************************************************************/
/* DUNE by NPDS */
/* =========================== */
/* */
/* Based on PhpNuke 4.x source code */
/* */
/* NPDS Copyright (c) 2002-2021 by Philippe Brunier */
/* */
/* This program is free software. You can redistribute it and/or modify */
/* it under the terms of the GNU General Public License as published by */
/* the Free Software Foundation; either version 2 of the License. */
/************************************************************************/
if (!function_exists("Mysql_Connexion"))
include ("mainfile.php");
function SuserCheck($email) {
global $NPDS_Prefix, $stop;
include_once('functions.php');
$stop='';
if ((!$email) || ($email=='') || (!preg_match('#^[_\.0-9a-z-]+@[0-9a-z-\.]+\.+[a-z]{2,4}$#i',$email)))
$stop = translate("Erreur : Email invalide");
if (strrpos($email,' ') > 0)
$stop = translate("Erreur : une adresse Email ne peut pas contenir d'espaces");
if(checkdnsmail($email) === false)
$stop = translate("Erreur : DNS ou serveur de mail incorrect");
if (sql_num_rows(sql_query("SELECT email FROM ".$NPDS_Prefix."users WHERE email='$email'")) > 0)
$stop = translate("Erreur : adresse Email déjà utilisée");
if (sql_num_rows(sql_query("SELECT email FROM ".$NPDS_Prefix."lnl_outside_users WHERE email='$email'")) > 0) {
if (sql_num_rows(sql_query("SELECT email FROM ".$NPDS_Prefix."lnl_outside_users WHERE email='$email' AND status='NOK'")) >0)
sql_query("DELETE FROM ".$NPDS_Prefix."lnl_outside_users WHERE email='$email'");
else
$stop = translate("Erreur : adresse Email déjà utilisée");
}
return($stop);
}
function error_handler($ibid) {
echo '
<h2>'.translate("La lettre").'</h2>
<hr />
<p class="lead mb-2">'.translate("Merci d'entrer l'information en fonction des spécifications").'</p>
<div class="alert alert-danger">'.$ibid.'</div>
<a href="index.php" class="btn btn-outline-secondary">'.translate("Retour en arrière").'</a>';
}
function subscribe($var) {
if ($var!='') {
include("header.php");
echo '
<h2>'.translate("La lettre").'</h2>
<hr />
<p class="lead mb-2">'.translate("Gestion de vos abonnements").' : <strong>'.$var.'</strong></p>
<form action="lnl.php" method="POST">
'.Q_spambot().'
<input type="hidden" name="email" value="'.$var.'" />
<input type="hidden" name="op" value="subscribeOK" />
<input type="submit" class="btn btn-outline-primary me-2" value="'.translate("Valider").'" />
<a href="index.php" class="btn btn-outline-secondary">'.translate("Retour en arrière").'</a>
</form>';
include("footer.php");
} else
header("location: index.php");
}
function subscribe_ok($xemail) {
global $NPDS_Prefix, $stop;
include("header.php");
if ($xemail!='') {
SuserCheck($xemail);
if ($stop=='') {
$host_name=getip();
$timeX=strftime("%Y-%m-%d %H:%M:%S",time());
// Troll Control
list($troll) = sql_fetch_row(sql_query("SELECT COUNT(*) FROM ".$NPDS_Prefix."lnl_outside_users WHERE (host_name='$host_name') AND (to_days(now()) - to_days(date) < 3)"));
if ($troll < 6) {
sql_query("INSERT INTO ".$NPDS_Prefix."lnl_outside_users VALUES ('$xemail', '$host_name', '$timeX', 'OK')");
// Email validation + url to unsubscribe
global $sitename, $nuke_url;
$subject = html_entity_decode(translate("La lettre"),ENT_COMPAT | ENT_HTML401,cur_charset).' / '.$sitename;
$message = translate("Merci d'avoir consacré du temps pour vous enregistrer.").'<br /><br />'.translate("Pour supprimer votre abonnement à notre lettre, merci d'utiliser").' : <br />'.$nuke_url.'/lnl.php?op=unsubscribe&email='.$xemail.'<br /><br />';
include("signat.php");
send_email($xemail, $subject, $message, '', true, 'html');
echo translate("Merci d'avoir consacré du temps pour vous enregistrer.")."<br /><br />";
echo '<a href="index.php">'.translate("Retour en arrière").'</a>';
} else {
$stop=translate("Compte ou adresse IP désactivée. Cet émetteur a participé plus de x fois dans les dernières heures, merci de contacter le webmaster pour déblocage.")."<br />";
error_handler($stop);
}
} else
error_handler($stop);
} else
error_handler(translate("Cette donnée ne doit pas être vide.")."<br />");
include("footer.php");
}
function unsubscribe($xemail) {
global $NPDS_Prefix;
if ($xemail!='') {
if ((!$xemail) || ($xemail=='') || (!preg_match('#^[_\.0-9a-z-]+@[0-9a-z-\.]+\.+[a-z]{2,4}$#i',$xemail))) header("location: index.php");
if (strrpos($xemail,' ') > 0) header("location: index.php");
if (sql_num_rows(sql_query("SELECT email FROM ".$NPDS_Prefix."lnl_outside_users WHERE email='$xemail'")) > 0) {
$host_name=getip();
$timeX=strftime("%Y-%m-%d %H:%M:%S",time());
// Troll Control
list($troll) = sql_fetch_row(sql_query("SELECT COUNT(*) FROM ".$NPDS_Prefix."lnl_outside_users WHERE (host_name='$host_name') AND (to_days(now()) - to_days(date) < 3)"));
if ($troll < 6) {
sql_query("UPDATE ".$NPDS_Prefix."lnl_outside_users SET status='NOK' WHERE email='$xemail'");
include("header.php");
echo translate("Merci").'<br /><br />';
echo "<a href=\"index.php\" class=\"noir\">".translate("Retour en arrière")."</a>";
include("footer.php");
} else {
include("header.php");
$stop=translate("Compte ou adresse IP désactivée. Cet émetteur a participé plus de x fois dans les dernières heures, merci de contacter le webmaster pour déblocage.")."<br />";
error_handler($stop);
include("footer.php");
}
} else
redirect_url("index.php");
} else
redirect_url("index.php");
}
settype($op,'string');
switch ($op) {
case 'subscribe':
subscribe($email);
break;
case 'subscribeOK':
//anti_spambot
if (!R_spambot($asb_question, $asb_reponse,"")) {
Ecr_Log("security", "LNL Anti-Spam : email=".$email, "");
redirect_url("index.php");
die();
}
subscribe_ok($email);
break;
case 'unsubscribe':
unsubscribe($email);
break;
}
?>