$group = preg_replace('@[^A-Za-z0-9.-]@', '', $_GET['group']); } else { $group = false; } if (isset($_GET['article'])) { $article = (int) $_GET['article']; } else { error("No article specified"); } if (isset($_GET['part'])) { $part = $_GET['part']; } else { error("No part specified"); } try { $nntpClient = new \Web\News\Nntp(NNTP_HOST); $message = $nntpClient->readArticle($article, $group); if ($message === null) { error('No article found'); } $mail = fMailbox::parseMessage($message); } catch (Exception $e) { error($e->getMessage()); } if (!empty($mail['attachment'][$part])) { $attachment = $mail['attachment'][$part]; /* Do not rely on user-provided content-deposition header, generate own one to */ /* make the content downloadable, do NOT use inline, we can't trust the attachment*/ /* Downside of this approach: images should be downloaded before use */ /* this is safer though, and prevents doing evil things on php.net domain */ $contentdisposition = 'attachment';
<?php require 'common.php'; try { $nntpClient = new \Web\News\Nntp(NNTP_HOST); $groups = $nntpClient->listGroups(); } catch (Exception $e) { error($e->getMessage()); } head(); ?> <table border="0" cellpadding="6" cellspacing="0"> <tr> <td> <table class="stripped"> <tr> <th>name</th> <th>messages</th> <th>rss</th> <th>rdf</th> </tr> <?php foreach ($groups as $group => $details) { echo " <tr>\n"; echo " <td><a class=\"active{$details['status']}\" href=\"/{$group}\">{$group}</a></td>\n"; echo " <td align=\"right\">", $details['high'] - $details['low'] + 1, "</td>\n"; echo " <td>"; if ($details['status'] != 'n') { echo "<a href=\"group.php?group={$group}&format=rss\">rss</a>"; } echo "</td>\n";
} else { error("Missing group"); } if (isset($_GET['format'])) { $format = $_GET['format']; } else { // assume html $format = 'html'; } if (isset($_GET['i'])) { $i = (int) $_GET['i']; } else { $i = 0; } try { $nntpClient = new \Web\News\Nntp(NNTP_HOST); $overview = $nntpClient->getArticlesOverview($group, $i); } catch (Exception $e) { error($e->getMessage()); } $host = htmlspecialchars($_SERVER['HTTP_HOST'], ENT_QUOTES, "UTF-8"); switch ($format) { case 'rss': header("Content-type: text/xml"); echo '<?xml version="1.0" encoding="utf-8"?>' . "\n"; ?> <rss version="0.93"> <channel> <title><?php echo $host; ?>
require 'common.php'; /* Prevents the poor mail server from suffering if it receives a message with many references */ /* (References: <xxx> or In-Reply-To: <xxx>) */ define('REFERENCES_LIMIT', 20); if (isset($_GET['article'])) { $article = (int) $_GET['article']; } else { error("No article specified"); } if (isset($_GET['group'])) { $group = preg_replace('@[^A-Za-z0-9.-]@', '', $_GET['group']); } else { $group = false; } try { $nntpClient = new \Web\News\Nntp(NNTP_HOST); $message = $nntpClient->readArticle($article, $group); if ($message === null) { error('No article found'); } $mail = fMailbox::parseMessage($message); $rawReferences = []; if (!empty($mail['headers']['references'])) { $rawReferences = $mail['headers']['references']; } elseif (!empty($mail['headers']['in-reply-to'])) { $rawReferences = $mail['headers']['in-reply-to']; } $references = []; foreach ($rawReferences as $ref) { $matches = []; if (preg_match_all('/\\<(.*?)\\>/', $ref, $matches)) {