if($PHORUM['registration_control']) { //$PHORUM['DATA']['PROFILE']['email_temp']="email_address@bogus.com|bla"; if (!empty($PHORUM['DATA']['PROFILE']['email_temp'])) { list($PHORUM['DATA']['PROFILE']['email_temp_part'],$bogus)=explode("|",$PHORUM['DATA']['PROFILE']['email_temp']); } } if ( count( $_POST ) ) { if ( empty( $_POST["email"] ) ) { $error = $PHORUM["DATA"]["LANG"]["ErrRequired"]; } elseif (!phorum_valid_email( $_POST["email"])) { $error = $PHORUM["DATA"]["LANG"]["ErrEmail"]; } elseif ($PHORUM['user']['email'] != $_POST["email"] && phorum_user_check_email($_POST["email"])) { $error = $PHORUM["DATA"]["LANG"]["ErrEmailExists"]; } elseif (!phorum_check_ban_lists($_POST["email"], PHORUM_BAD_EMAILS)) { $error = $PHORUM["DATA"]["LANG"]["ErrBannedEmail"]; } elseif (isset($PHORUM['DATA']['PROFILE']['email_temp_part']) && !empty($_POST['email_verify_code']) && $PHORUM['DATA']['PROFILE']['email_temp_part']."|".$_POST['email_verify_code'] != $PHORUM['DATA']['PROFILE']['email_temp']) { $error = $PHORUM['DATA']['LANG']['ErrWrongMailcode']; } else { // flip this due to db vs. UI wording. $_POST["hide_email"] = ( isset($_POST["hide_email"]) ) ? 0 : 1; $_POST['moderation_email'] = ( isset($_POST['moderation_email']) && phorum_user_moderate_allowed(PHORUM_MODERATE_ALLOWED_ANYWHERE) ) ? 1 : 0; // Remember this for the template. if (isset($PHORUM['DATA']['PROFILE']['email_temp_part'])) { $email_temp_part = $PHORUM['DATA']['PROFILE']['email_temp_part']; } // do we need to send a confirmation-mail?
/** * This function can perform multiple banlist checks at once and will * automatically generate an appropriate error message when a banlist * match is found. * @param bans - an array of bans to check. Each element in this array is an * array itself with two elements: the value to check and the * type of banlist to check against. One special case: * if the type if PHORUM_BAD_IPS, the value may be NULL. * In that case the IP/hostname of the client will be checked. * @return - An error message in case a banlist match was found or NULL * if no match was found. */ function phorum_check_bans($bans) { $PHORUM = $GLOBALS["PHORUM"]; // A mapping from bantype -> error message to return on match. $phorum_bantype2error = array(PHORUM_BAD_NAMES => "ErrBannedName", PHORUM_BAD_EMAILS => "ErrBannedEmail", PHORUM_BAD_USERID => "ErrBannedUser", PHORUM_BAD_IPS => "ErrBannedIP", PHORUM_BAD_SPAM_WORDS => "ErrBannedContent"); // These language strings are set dynamically, so the language // tool won't recognize them automatically. Therefore they are // mentioned here. // $PHORUM["DATA"]["LANG"]["ErrBannedName"] // $PHORUM["DATA"]["LANG"]["ErrBannedEmail"] // $PHORUM["DATA"]["LANG"]["ErrBannedUser"] // $PHORUM["DATA"]["LANG"]["ErrBannedIP"] // $PHORUM["DATA"]["LANG"]["ErrBannedContent"] $cache_key = $PHORUM['forum_id']; // Load the ban lists. if (!isset($GLOBALS["PHORUM"]["banlists"])) { if (!empty($PHORUM['cache_banlists']) && !empty($PHORUM['banlist_version'])) { $GLOBALS["PHORUM"]["banlists"] = phorum_cache_get('banlist', $cache_key, $PHORUM['banlist_version']); if (!is_array($GLOBALS["PHORUM"]["banlists"]) || !count($GLOBALS["PHORUM"]["banlists"])) { unset($GLOBALS["PHORUM"]["banlists"]); } } // not found or no caching enabled if (!isset($GLOBALS["PHORUM"]["banlists"])) { $GLOBALS["PHORUM"]["banlists"] = phorum_db_get_banlists(); if (isset($GLOBALS["PHORUM"]["banlists"]) && isset($PHORUM['cache_banlists']) && $PHORUM['cache_banlists']) { if (!isset($PHORUM['banlist_version'])) { $PHORUM['banlist_version'] = 1; phorum_db_update_settings(array('banlist_version' => 1)); } phorum_cache_put('banlist', $cache_key, $GLOBALS["PHORUM"]["banlists"], 7200, $PHORUM['banlist_version']); } } } if (!isset($GLOBALS['PHORUM']['banlists'])) { return NULL; } // Run the checks. for (;;) { // An array for adding ban checks on the fly. $add_bans = array(); foreach ($bans as $ban) { // Checking IP/hostname, but no value set? Then add the IP-address // and hostname (if DNS lookups are enabled) to the end of the checking // queue and continue with the next check. if ($ban[1] == PHORUM_BAD_IPS && $ban[0] == NULL) { $add_bans[] = array($_SERVER["REMOTE_ADDR"], PHORUM_BAD_IPS); if ($PHORUM["dns_lookup"]) { $resolved = @gethostbyaddr($_SERVER["REMOTE_ADDR"]); if (!empty($resolved) && $resolved != $_SERVER["REMOTE_ADDR"]) { $add_bans[] = array($resolved, PHORUM_BAD_IPS); } } continue; } // Do a single banlist check. Return an error if we find a match. if (!phorum_check_ban_lists($ban[0], $ban[1])) { $msg = $PHORUM["DATA"]["LANG"][$phorum_bantype2error[$ban[1]]]; // Replace %name% with the blocked string. $msg = str_replace('%name%', htmlspecialchars($ban[0]), $msg); return $msg; } } // Bans added on the fly? Then restart the loop. if (count($add_bans) == 0) { break; } else { $bans = $add_bans; } } return NULL; }