137 lines
5.3 KiB

<!DOCTYPE html>
This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License along with this program. If not, see <>.
<html lang="es">
<meta name="viewport" content="width=device-width">
<meta charset="UTF-8">
<meta name="description" content="Registrarse a la lista de correo de ~vern">
<link rel="preload" href="//">
<link rel="stylesheet" href="//">
<title>Lista de correo | ~vern</title>
<!--#include file="nav.php" -->
function sanitize($str) {
$str = trim($str);
$str = stripslashes($str);
$str = htmlspecialchars($str);
$str = str_replace("\r", '', $str);
return $str;
$err = $email = $code = $code_err = '';
$confirmed = false;
if (!empty($_GET['action'])) {
if (!empty($_GET['email'])) {
if (filter_var(sanitize($_GET['email']), FILTER_VALIDATE_EMAIL)) {
if (preg_match("/^" . preg_quote($_GET['email']) . "$/m", file_get_contents("/var/spool/list")) === 1) {
if ($_GET['action'] == "unsub")
$email = sanitize($_GET['email']);
else $err = "El correo ya está en la lista";
} else {
if ($_GET['action'] == "sub")
$email = sanitize($_GET['email']);
else $err = "El correo no está en la lista";
} else $err = "Correo inválido";
} else $err = "Se requiere un correo";
$filename = "/tmp/list-code-" . $email;
if (empty($err)) {
if (!empty($_GET['code'])) {
if (file_get_contents($filename) == $_GET['code']) {
if ($_GET['action'] == "sub") {
file_put_contents("/var/spool/list", $email . PHP_EOL, FILE_APPEND);
} else {
$contents = file_get_contents("/var/spool/list");
$contents = preg_replace("/^" . preg_quote($email) . "$/m", '', $contents);
$contents = preg_replace("/(^[\r\n]*|[\r\n]+)[\s\t]*[\r\n]+/", "\n", $contents);
file_put_contents("/var/spool/list", $contents);
$subject = ($_GET['action'] == "sub" ? "S" : "Des") . "ubscripción confirmada";
$headers = "From:\n";
$headers .= "MIME-Version: 1.0\n";
$headers .= "Content-type: text/plain\n";
$message = "Has sido " . ($_GET['action'] == "sub" ? "agregado a" : "removido de") . " la lista de correo de avisos de ~vern";
mail($email, $subject, $message, $headers);
$confirmed = true;
} else {
$code_err = 'Código incorrecto';
} else {
$code = substr(md5(rand()), 0, 8);
$handle = fopen($filename, "w+");
chmod($filename, 0600);
fwrite($handle, $code);
$subject = "Su código de confirmación";
$headers = "From:\n";
$headers .= "MIME-Version: 1.0\n";
$headers .= "Content-type: text/plain\n";
$message = "Su código de confirmación es $code. No lo compartas con nadie.\n\nSi no iniciaste este trámite, puedes ignorar este mensaje.";
mail($email, $subject, $message, $headers);
if ((($_GET['action'] != "sub" && $_GET['action'] != "unsub")) || (!empty($err) && empty($code_err))) {
<div class=h><h1 id=list>Lista de correo</h1> <a aria-hidden=true href=#list>#list</a></div>
<form method="get" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]) ?>">
<p>Correo <span class="red">* <?php echo $err; ?></span>
<input type="text" name="email"></p>
<select id="action" name="action">
<option value="sub">Subscribirse</option>
<option value="unsub">Desuscribirse</option>
<span><input type="submit" value="Submit" style="width:100px;height:40px;font-size:20px"></span>
} else if (!$confirmed) {
<div class=h><h1 id=confirm>Confirmar acción</h1> <a aria-hidden=true href=#confirm>#confirm</a></div>
<p>Un código de confirmación se envió a <?php echo htmlspecialchars($email); ?></p>
<form method="get" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]) ?>">
<input type="text" id="email" name="email" value="<?php echo htmlspecialchars($email); ?>" hidden>
<p>Código <span class="red">* <?php echo $code_err; ?></span>
<input type="text" name="code"></p>
<select id="action" name="action" hidden>
<option value="<?php echo htmlspecialchars($_GET['action']); ?>"></option>
<span><input type="submit" value="Confirm" style="width:100px;height:40px;font-size:20px"></span>
} else {
<meta http-equiv="refresh" content="5;url=/spa-AR/" />
<div class=h><h1 id=thanks>¡Confirmado!</h1> <a aria-hidden=true href=#thanks>#thanks</a></div>
<p>También recibiste un correo confirmando la acción.</p>
<p>Serás redirigido de vuelta a <a href=/spa-AR/>la página principal</a> en 5 segundos.</p>
<!--#include file="footer.cgi" -->