vern
/
website
4
4
Fork 4
Code Issues Pull Requests Packages Projects Releases Wiki Activity
website/register.php

202 lines
7.7 KiB
PHP
Raw Blame History

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<link rel="stylesheet" href="/style.css">
<title>~vern registration</title>
</head>
<body>
<!--#include file="nav" -->
<?php
function sanitize($str) {
$str = trim($str);
$str = stripslashes($str);
$str = htmlspecialchars($str);
return $str;
}
$success = false;
$username = $passowrd0 = $password1 = $email = $ssh = $reason =
$username_err = $password0_err = $password1_err = $email_err = $ssh_err = $reason_err = '';
$username_re = '/^[a-z_][a-z0-9_]{0,30}$/';
if ($_SERVER['REQUEST_METHOD'] == "POST") {
if (!empty($_POST['username'])) {
if (preg_match($username_re, $_POST['username']) === 1) {
$ret = 0;
exec("bash -c 'id " . $_POST['username'] . " &> /dev/null; printf %d $?'", $blank, $ret);
if ($ret == 0) {
if (!file_exists("/var/tmp/register/" . sanitize($_POST['username'])))
$username = sanitize($_POST['username']);
else $username_err = "A request for the username " . $_POST['username'] . " exists already. Try again later or choose a different username.";
}
else $username_err = "Username is already in use";
unset($ret);
} else {
$username_err = "Invalid username. Username must be a valid GNU/Linux username (match $username_re)";
}
} else {
$username_err = "Username is required";
}
if (!empty($_POST['password0'] || !empty($_POST['password1']))) {
if ($_POST['password1'] === $_POST['password0']) {
$password0 = $_POST['password0'];
$password1 = $_POST['password1'];
} else {
$password0_err = $password1_err = "Passwords do not match";
}
} else {
$password0_err = $password1_err = "Password is required";
}
if (!empty($_POST['email'])) {
if (filter_var(sanitize($_POST['email']), FILTER_VALIDATE_EMAIL)) {
$email = sanitize($_POST['email']);
} else {
$email_err = "Invalid E-mail";
}
} else {
$email_err = "E-mail is required";
}
if (!empty($_POST['ssh'])) {
$ret = shell_exec("bash -c 'ssh-keygen -lf - <<< " . escapeshellarg($_POST['ssh']) . " &> /dev/null ; printf %d $?'");
if ($ret == 0) {
$ssh = $_POST['ssh'];
} else {
$ssh_err = "Not a valid SSH public key";
}
unset($ret);
} else {
$ssh_err = "Public key is required";
}
if (!empty($_POST['joinreason'])) {
$reason = $_POST['joinreason'];
} else {
$reason_err = "Join reason is required";
}
if (empty($username_err . $password0_err . $password1_err . $email_err . $ssh_err . $reason_err))
$success = true;
}
if (!$success) {
?>
<h1>Sign Up</h1>
<span class="red">* Required field</span>
<form method="post" action="<?php htmlspecialchars($_SERVER["PHP_SELF"]); ?>">
<p>Username:
<input type="text" name="username">
<span class="red">* <?php echo $username_err; ?></span></p>
<p>Password:
<input type="password" name="password0">
<span class="red">* <?php echo $password0_err; ?></span></p>
<p>Password:
<input type="password" name="password1">
<span class="red">* <?php echo $password1_err; ?></span></p>
<p>E-mail <span class="red">* <?php echo $email_err; ?></span>
<input type="text" name="email"></p>
<p>SSH public keys (newline separated) <span class="red">* <?php echo $ssh_err; ?></span><br>
<textarea name="ssh" rows="3" cols="50"></textarea></p>
<p>Why do you want to join? <span class="red">* <?php echo $reason_err; ?></span><br>
<textarea name="joinreason" rows="8" cols="50"></textarea></p>
<p>What services do you want? (You can always request an account on one later)</p>
<input type="checkbox" id="pubnix" name="pubnix" value="Pubnix" disabled checked>
<label for="pubnix">Pubnix and E-mail</label><br>
<input type="checkbox" id="matrix" name="matrix" value="Matrix" checked>
<label for="matrix">Matrix</label><br>
<input type="checkbox" id="fedi" name="fedi" value="Mastodon" checked>
<label for="fedi">Fediverse (Mastodon)</label><br>
<input type="checkbox" id="git" name="git" value="Gitea" checked>
<label for="gitea">Gitea</label><br>
<input type="checkbox" id="jitsi" name="jitsi" value="Jitsi" checked>
<label for="jitsi">Jitsi</label><br>
<input type="checkbox" id="xmpp" name="xmpp" value="XMPP" checked>
<label for="xmpp">XMPP/Jabber</label><br>
<!-- <input type="checkbox" id="nextcloud" name="nextcloud" value="Nextcloud">
<label for="nextcloud">Nextcloud</label><br> -->
<br>
<span><input type="submit" value="Submit" style="width:100px;height:40px;font-size:20px"></span>
</form><br>
<p><b>By signing up, you agree to the ~vern <a href=/rules>rules</a> and <a href=/privpol>privacy policy</a>. Thanks for using ~vern.</b></p>
<?php
} else {
?>
<meta http-equiv="refresh" content="3;url=https://vern.cc/" />
<h1>Thank you for signing up.</h1>
<p>An admin will review your request, and an e-mail will be sent if your registration is successful.</p>
<p>You will be redirected back <a href=/>home</a> in 3 seconds.</p>
<?php
if (isset($_POST['matrix'])) $use_matrix = true;
if (isset($_POST['fedi'])) $use_fedi = true;
if (isset($_POST['git'])) $use_git = true;
if (isset($_POST['jitsi'])) $use_jitsi = true;
if (isset($_POST['xmpp'])) $use_xmpp = true;
if (isset($_POST['nextcloud'])) $use_nextcloud = true;
$to = "root@vern.cc";
$subject = "New registration request from $username <$email>";
$message = "Hello Administrators,\nSomeone has requested a membership. Please view the details below and decide if it is worth approving.\n\nSSH keys:\n$ssh\n\nRequested username: $username\nRequested services: Tilde";
if ($use_matrix) $message .= ", Matrix";
if ($use_fedi) $message .= ", Mastodon";
if ($use_git) $message .= ", Gitea";
if ($use_jitsi) $message .= ", Jitsi";
if ($use_xmpp) $message .= ", XMPP";
if ($use_nextcloud) $message .= ", Nextcloud";
$message .= ".\nJoin reason:\n$reason\n\n\nTo accept this request, run this command as root:\n/root/bin/accept $username\nTo deny this request, run this command as root:\n/root/bin/deny $username\n";
$contents = "#!/usr/bin/env -S bash -e\n\n# This is registration script for $username \n# This script was automatically generated by https://vern.cc" . htmlspecialchars($_SERVER['PHP_SELF']). "\n";
$contents .= "\n~/bin/mktuser " . escapeshellarg($username) . ' ' . escapeshellarg($password0) . " <<< " . escapeshellarg($_POST['ssh']) . "\n\n";
if ($use_matrix) $contents .= "~/bin/mkmuser " . escapeshellarg($username) . ' ' . escapeshellarg($password0) . "\n";
if ($use_fedi) $contents .= "~/bin/mkfuser " . escapeshellarg($username) . ' ' . escapeshellarg($email) . "\n";
if ($use_git) $contents .= "~/bin/mkguser " . escapeshellarg($username) . ' ' . escapeshellarg($password0) . ' ' . escapeshellarg($email) . "\n";
if ($use_jitsi) $contents .= "~/bin/mkxuser " . escapeshellarg($username) . ' ' . escapeshellarg($password0) . " jitsi.vern.cc\n";
if ($use_xmpp) $contents .= "~/bin/mkxuser " . escapeshellarg($username) . ' ' . escapeshellarg($password0) . " vern.cc\n";
// if ($use_nextcloud) $contents .= "~/bin/mknuser " . escapeshellarg($username) . "\n";
$contents .= "rm -f $0\n";
$filename = "/var/tmp/register/" . $username;
$handle = fopen($filename, "w+");
chmod($filename, 0600);
unset($filename);
fwrite($handle, $contents);
fclose($handle);
$from = "www-data@vern.cc";
$headers = "From: " . $from . "\n";
$headers .= "MIME-Version: 1.0\n";
$headers .= "Content-type: text/plain\n";
$headers .= "Cc: Aleksandar <cobra@vern.cc>\n";
$headers .= "Cc: Arya <aryak@vern.cc>\n";
$headers .= "Cc: Neo <neopenk@vern.cc>\n";
mail($to, $subject, $message, $headers);
}
?>
<!--#include file="footer" -->
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink