vern
/
website
4
5
Fork 5
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Remove chance of reading mastodon-pass before mode is changed 

Signed-off-by: Alex "The Cobra" Widulski <cobra@vern.cc>
This commit is contained in:
Skylar "The Cobra" Widulski 2022-06-29 10:33:17 -04:00
parent b7166d08e3
commit 3951c63c45
Signed by: cobra
GPG Key ID: 4FD8F812083FF6F9
1 changed files with 8 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
register.php
View File

@ -157,18 +157,19 @@
$message .= ".\nJoin reason:\n$reason\n\n\nTo accept this request, run this command as root:\n/root/bin/accept $username\nTo deny this request, run this command as root:\n/root/bin/deny $username\n";
$contents = "#!/usr/bin/env -S bash -e\n\n# This is the registration script for $username \n# This script was automatically generated by http://" . $_SERVER['HTTP_HOST'] . htmlspecialchars($_SERVER['PHP_SELF']). "\n\n";
$contents .= "~/bin/mktuser " . escapeshellarg($username) . ' ' . escapeshellarg($password0) . " <<< " . escapeshellarg($_POST['ssh']) . "\n\n";
if ($use_matrix) $contents .= "~/bin/mkmuser " . escapeshellarg($username) . ' ' . escapeshellarg($password0) . "\n";
$contents .= '~/bin/mktuser ' . escapeshellarg($username) . ' ' . escapeshellarg($password0) . " <<< " . escapeshellarg($_POST['ssh']) . "\n\n";
if ($use_matrix) $contents .= '~/bin/mkmuser ' . escapeshellarg($username) . ' ' . escapeshellarg($password0) . "\n";
if ($use_fedi) {
$pass_file = '/home/' . $username . '/mastodon-pass';
$contents .= "~/bin/mkfuser " . escapeshellarg($username) . ' ' . escapeshellarg($email) . ' | tee /sshfs' . escapeshellarg($pass_file) . "\n";
$contents .= 'ssh 192.168.122.30 chown ' . escapeshellarg($username . ':' . $username) . ' ' . escapeshellarg($pass_file) . "\n";
$contents .= 'touch /sshfs' . $pass_file;
$contents .= 'chmod 600 /sshfs' . $pass_file . "\n";
$contents .= 'ssh 192.168.122.30 chown ' . escapeshellarg($username . ':' . $username) . ' ' . escapeshellarg($pass_file) . "\n";
$contents .= '~/bin/mkfuser ' . escapeshellarg($username) . ' ' . escapeshellarg($email) . ' | tee /sshfs' . escapeshellarg($pass_file) . "\n";
unset($pass_file);
}
if ($use_git) $contents .= "~/bin/mkguser " . escapeshellarg($username) . ' ' . escapeshellarg($password0) . ' ' . escapeshellarg($email) . "\n";
if ($use_jitsi) $contents .= "~/bin/mkxuser " . escapeshellarg($username) . ' ' . escapeshellarg($password0) . " jitsi.vern.cc\n";
if ($use_xmpp) $contents .= "~/bin/mkxuser " . escapeshellarg($username) . ' ' . escapeshellarg($password0) . " vern.cc\n";
if ($use_git) $contents .= '~/bin/mkguser ' . escapeshellarg($username) . ' ' . escapeshellarg($password0) . ' ' . escapeshellarg($email) . "\n";
if ($use_jitsi) $contents .= '~/bin/mkxuser ' . escapeshellarg($username) . ' ' . escapeshellarg($password0) . " jitsi.vern.cc\n";
if ($use_xmpp) $contents .= '~/bin/mkxuser ' . escapeshellarg($username) . ' ' . escapeshellarg($password0) . " vern.cc\n";
$contents .= "s-nail -vr 'register@vern.cc' -c cobra@vern.cc -c neopenk@vern.cc -c aryak@vern.cc -s 'Your ~vern account has been created' -M text/plain " . escapeshellarg($email) . " < <(printf 'Hello %s,\\nYour membership request on ~vern has been accepted.\\nYou can now SSH into vern.cc using the public key(s) that you supplied to ~vern.\\nIf you signed up for Mastodon, a randomly generated password for the account will be in ~/mastodon-pass\\n\\nThank you for being a part of ~vern!' " . escapeshellarg($username) . ")\n";
$contents .= "rm -f $0\n";
$contents .= "exit\n\n\n";