vern
/
website
4
4
Fork 4
Code Issues Pull Requests Packages Projects Releases Wiki Activity
website/register.php

222 lines
10 KiB
PHP
Raw Blame History

<!DOCTYPE html>
<html lang="en">
<head>
<meta name="viewport" content="width=device-width">
<meta charset="UTF-8">
<link rel="stylesheet" href="/style.css">
<title>Registration | ~vern</title>
</head>
<body>
<!--#include file="nav.html" -->
<p><b>Please Note that Email is not included by default anymore due to OVH's restrictive email policies. Please contact an <a href=/admins>admin</a> to get access </b></p>
<p><b>If you can/do not want to share your email for ~vern registration, please contact an <a href=/admins>admin</a> so we can create one for you without one</b></p>
<?php
function sanitize($str) {
$str = trim($str);
$str = stripslashes($str);
$str = htmlspecialchars($str);
$str = str_replace("\r", '', $str);
return $str;
}
$success = false;
$username = $passowrd0 = $password1 = $email = $ssh = $reason =
$username_err = $password0_err = $password1_err = $email_err = $ssh_err = $reason_err = '';
$username_re = '/^[a-z_][a-z0-9_]{0,30}$/';
if ($_SERVER['REQUEST_METHOD'] == "POST") {
if (!empty($_POST['username'])) {
if (preg_match($username_re, $_POST['username']) === 1) {
if (!file_exists('/vm/' . $_POST['username'])) {
if (!file_exists("/var/tmp/register/" . sanitize($_POST['username'])))
$username = sanitize($_POST['username']);
else $username_err = "A request for the username " . $_POST['username'] . " exists already. Try again later or choose a different username.";
}
else $username_err = "Username is already in use";
} else {
$username_err = "Invalid username. Username must be a valid GNU/Linux username (match $username_re)";
}
} else {
$username_err = "Username is required";
}
if (!empty($_POST['password0'] || !empty($_POST['password1']))) {
if ($_POST['password1'] === $_POST['password0']) {
$password0 = $_POST['password0'];
$password1 = $_POST['password1'];
} else {
$password0_err = $password1_err = "Passwords do not match";
}
} else {
$password0_err = $password1_err = "Password is required";
}
if (!empty($_POST['email'])) {
if (filter_var(sanitize($_POST['email']), FILTER_VALIDATE_EMAIL)) {
$email = sanitize($_POST['email']);
} else {
$email_err = "Invalid E-mail";
}
} else {
$email_err = "E-mail is required";
}
if (!empty($_POST['ssh'])) {
$ret = shell_exec("bash -c \"ssh-keygen -lf - <<< " . escapeshellarg($_POST['ssh']) . " &> /dev/null ; printf %d $?\"");
if ($ret == 0) {
$ssh = $_POST['ssh'];
} else {
$ssh_err = "Not a valid SSH public key";
}
unset($ret);
} else {
$ssh_err = "Public key is required";
}
if (!empty($_POST['joinreason'])) {
$reason = $_POST['joinreason'];
} else {
$reason_err = "Join reason is required";
}
if (empty($username_err . $password0_err . $password1_err . $email_err . $ssh_err . $reason_err))
$success = true;
}
if (!$success) {
?>
<div class=h><h1 id=signup>Sign Up</h1> <a aria-hidden=true href=#signup>#signup</a></div>
<span class="red">* Required field</span>
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>">
<p>Username:
<input type="text" name="username">
<span class="red">* <?php echo $username_err; ?></span></p>
<p>Password:
<input type="password" name="password0">
<span class="red">* <?php echo $password0_err; ?></span></p>
<p>Password:
<input type="password" name="password1">
<span class="red">* <?php echo $password1_err; ?></span></p>
<p>E-mail (We need one so we can contact you) <span class="red">* <?php echo $email_err; ?></span>
<input type="text" name="email"></p>
<p>SSH public keys (newline separated) <span class="red">* <?php echo $ssh_err; ?></span><br>
<textarea name="ssh" rows="3" cols="50"></textarea></p>
<p>Why do you want to join? <span class="red">* <?php echo $reason_err; ?></span><br>
<textarea name="joinreason" rows="8" cols="50"></textarea></p>
<p>What services do you want? (You can always request an account on one later)</p>
<input type="checkbox" id="pubnix" name="pubnix" value="Pubnix" disabled checked>
<label for="pubnix">Pubnix (Includes E-Mail)</label><br>
<input type="checkbox" id="matrix" name="matrix" value="Matrix" checked>
<label for="matrix">Matrix</label><br>
<input type="checkbox" id="fedi" name="fedi" value="Mastodon" checked>
<label for="fedi">Fediverse (Mastodon)</label><br>
<input type="checkbox" id="git" name="git" value="Gitea" checked>
<label for="git">Gitea</label><br>
<input type="checkbox" id="nextcloud" name="nextcloud" value="Nextcloud" checked>
<label for="nextcloud">Nextcloud</label><br>
<input type="checkbox" id="jitsi" name="jitsi" value="Jitsi" checked>
<label for="jitsi">Jitsi</label><br>
<input type="checkbox" id="xmpp" name="xmpp" value="XMPP" checked>
<label for="xmpp">XMPP/Jabber</label><br>
<input type="checkbox" id="xmppo" name="xmppo" value="XMPP Onion">
<label for="xmppo">XMPP/Jabber Onion (Don't check if you don't know what it is)</label><br>
<input type="checkbox" id="xmppi" name="xmppi" value="XMPP I2P">
<label for="xmppi">XMPP/Jabber I2P (Don't check if you don't know what it is)</label><br>
<br>
<span><input type="submit" value="Submit" style="width:100px;height:40px;font-size:20px"></span>
</form><br>
<p><b>By signing up, you agree to the ~vern <a href=/rules>rules</a> and <a href=/privpol>privacy policy</a>. Thanks for using ~vern.</b></p>
<p>THE SERVICE IS PROVIDED ON AN “AS IS” AND “AS AVAILABLE” BASIS, AND WE DO NOT GUARANTEE THAT THE SERVICE WILL BE AVAILABLE AT ALL TIMES, NOR THE ACCURACY OF THE SERVICE OR ANY MATERIAL PROVIDED BY THE SERVICE OR ON THE ~VERN WEBSITE. YOU ARE SOLELY RESPONSIBLE FOR YOUR USE OF THE SERVICE.</p>
<?php
} else {
?>
<meta http-equiv="refresh" content="5;url=http://<?php echo htmlspecialchars($_SERVER['HTTP_HOST']); ?>" />
<div class=h><h1 id=thanks>Thank you for signing up.</h1> <a aria-hidden=true href=#thanks>#thanks</a></div>
<p>An admin will review your request, and an e-mail will be sent if your registration is successful.</p>
<p>You will be redirected back <a href=/>home</a> in 5 seconds.</p>
<?php
if (isset($_POST['matrix'])) $use_matrix = true;
if (isset($_POST['fedi'])) $use_fedi = true;
if (isset($_POST['git'])) $use_git = true;
if (isset($_POST['nextcloud'])) $use_nc = true;
if (isset($_POST['jitsi'])) $use_jitsi = true;
if (isset($_POST['xmpp'])) $use_xmpp = true;
if (isset($_POST['xmppo'])) $use_xmppo = true;
if (isset($_POST['xmppi'])) $use_xmppi = true;
$to = "root@vern.cc";
$subject = "New registration request from $username <$email>";
$message = "Hello Administrators,\nSomeone has requested a membership. Please view the details below and decide if it is worth approving.\n\nSSH keys:\n$ssh\n\nRequested username: $username\nRequested services: Tilde";
if ($use_matrix) $message .= ", Matrix";
if ($use_fedi) $message .= ", Mastodon";
if ($use_git) $message .= ", Gitea";
if ($use_nc) $message .= ", Nextcloud";
if ($use_jitsi) $message .= ", Jitsi";
if ($use_xmpp) $message .= ", XMPP";
if ($use_xmppo) $message .= ", XMPP Onion";
if ($use_xmppi) $message .= ", XMPP I2P";
$message .= ".\nJoin reason:\n$reason\n\n\nTo accept this request, run this command as root:\n/root/bin/accept $username\nTo deny this request, run this command as root:\n/root/bin/deny $username\n";
$contents = "#!/usr/bin/env -S bash -e\n\n# This is the registration script for $username \n# This script was automatically generated by http://" . $_SERVER['HTTP_HOST'] . htmlspecialchars($_SERVER['PHP_SELF']). "\n\n";
$contents .= '~/bin/mktuser ' . escapeshellarg($username) . ' ' . escapeshellarg($password0) . " <<< " . escapeshellarg($_POST['ssh']) . "\n\n";
if ($use_matrix) $contents .= '~/bin/mkmuser ' . escapeshellarg($username) . ' ' . escapeshellarg($password0) . "\n";
if ($use_fedi) {
$pass_file = '/home/' . $username . '/mastodon-pass';
$contents .= 'touch /sshfs' . $pass_file . "\n";
$contents .= 'chmod 600 /sshfs' . $pass_file . "\n";
$contents .= 'ssh 192.168.122.30 chown ' . escapeshellarg($username . ':' . $username) . ' ' . escapeshellarg($pass_file) . "\n";
$contents .= '~/bin/mkfuser ' . escapeshellarg($username) . ' ' . escapeshellarg($email) . ' | tee /sshfs' . escapeshellarg($pass_file) . "\n";
unset($pass_file);
}
if ($use_git) $contents .= '~/bin/mkguser ' . escapeshellarg($username) . ' ' . escapeshellarg($password0) . ' ' . escapeshellarg($email) . "\n";
if ($use_nc) $contents .= '~/bin/mknuser ' . escapeshellarg($username) . ' ' . escapeshellarg($password0) . "\n";
if ($use_jitsi) $contents .= '~/bin/mkxuser ' . escapeshellarg($username) . ' ' . escapeshellarg($password0) . " jitsi.vern.cc\n";
if ($use_xmpp) $contents .= '~/bin/mkxuser ' . escapeshellarg($username) . ' ' . escapeshellarg($password0) . " vern.cc\n";
if ($use_xmppo) $contents .= '~/bin/mkxuser ' . escapeshellarg($username) . ' ' . escapeshellarg($password0) . " vernccvbvyi5qhfzyqengccj7lkove6bjot2xhh5kajhwvidqafczrad.onion\n";
if ($use_xmppi) $contents .= '~/bin/mkxuser ' . escapeshellarg($username) . ' ' . escapeshellarg($password0) . " verncceu2kgz54wi7r5jatgmx2mqtsh3knxhiy4m5shescuqtqfa.b32.i2p\n";
$contents .= "s-nail -vr 'register@vern.cc' -c cobra@vern.cc -c neopenk@vern.cc -c aryak@vern.cc -s 'Your ~vern account has been created' -M text/plain " . escapeshellarg($email) . " < <(printf 'Hello %s,\\nYour membership request on ~vern has been accepted.\\nYou can now SSH into vern.cc using the public key(s) that you supplied to ~vern.\\nIf you signed up for Mastodon, a randomly generated password for the account will be in ~/mastodon-pass\\n\\nThank you for being a part of ~vern!' " . escapeshellarg($username) . ")\n";
$contents .= "rm -f $0\n";
$contents .= "exit\n\n\n";
$contents .= $reason . "\n";
$filename = "/var/tmp/register/" . $username;
$handle = fopen($filename, "w+");
chmod($filename, 0600);
unset($filename);
fwrite($handle, $contents);
fclose($handle);
$from = "register@vern.cc";
$headers = "From: " . $from . "\n";
$headers .= "MIME-Version: 1.0\n";
$headers .= "Content-type: text/plain\n";
$headers .= "Cc: Skylar <cobra@vern.cc>\n";
$headers .= "Cc: Arya <aryak@vern.cc>\n";
$headers .= "Cc: Neo <neopenk@vern.cc>\n";
mail($to, $subject, $message, $headers);
}
?>
<!--#include file="footer.html" -->
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink