forked from vern/website
136 lines
5.1 KiB
PHP
136 lines
5.1 KiB
PHP
<!DOCTYPE html>
|
|
<!--
|
|
This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
|
|
|
|
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.
|
|
|
|
You should have received a copy of the GNU Affero General Public License along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|
-->
|
|
<html lang="en">
|
|
<head>
|
|
<meta name="viewport" content="width=device-width">
|
|
<meta charset="UTF-8">
|
|
<meta name="description" content="Sign up to the ~vern mailing list">
|
|
<link rel="stylesheet" href="//gcdn.vern.cc/vernsite/style.css">
|
|
<title>Mailing List | ~vern</title>
|
|
</head>
|
|
<body>
|
|
<!--#include file="nav.php" -->
|
|
|
|
<?php
|
|
function sanitize($str) {
|
|
$str = trim($str);
|
|
$str = stripslashes($str);
|
|
$str = htmlspecialchars($str);
|
|
$str = str_replace("\r", '', $str);
|
|
return $str;
|
|
}
|
|
$err = $email = $code = $code_err = '';
|
|
$confirmed = false;
|
|
if (!empty($_GET['action'])) {
|
|
if (!empty($_GET['email'])) {
|
|
if (filter_var(sanitize($_GET['email']), FILTER_VALIDATE_EMAIL)) {
|
|
if (preg_match("/^" . preg_quote($_GET['email']) . "$/m", file_get_contents("/var/spool/list")) === 1) {
|
|
if ($_GET['action'] == "unsub")
|
|
$email = sanitize($_GET['email']);
|
|
else $err = "E-mail already in list";
|
|
} else {
|
|
if ($_GET['action'] == "sub")
|
|
$email = sanitize($_GET['email']);
|
|
else $err = "E-mail not in list";
|
|
}
|
|
} else $err = "Invalid E-mail";
|
|
} else $err = "E-mail is required";
|
|
}
|
|
|
|
$filename = "/tmp/list-code-" . $email;
|
|
|
|
if (empty($err)) {
|
|
if (!empty($_GET['code'])) {
|
|
if (file_get_contents($filename) == $_GET['code']) {
|
|
if ($_GET['action'] == "sub") {
|
|
file_put_contents("/var/spool/list", $email . PHP_EOL, FILE_APPEND);
|
|
} else {
|
|
$contents = file_get_contents("/var/spool/list");
|
|
$contents = preg_replace("/^" . preg_quote($email) . "$/m", '', $contents);
|
|
$contents = preg_replace("/(^[\r\n]*|[\r\n]+)[\s\t]*[\r\n]+/", "\n", $contents);
|
|
file_put_contents("/var/spool/list", $contents);
|
|
}
|
|
unlink($filename);
|
|
|
|
$subject = ($_GET['action'] == "sub" ? "S" : "Uns") . "ubscription confirmed";
|
|
$headers = "From: announcements@vern.cc\n";
|
|
$headers .= "MIME-Version: 1.0\n";
|
|
$headers .= "Content-type: text/plain\n";
|
|
$message = "You have been " . ($_GET['action'] == "sub" ? "added to" : "removed from") . " the ~vern announcement mailing list";
|
|
|
|
mail($email, $subject, $message, $headers);
|
|
$confirmed = true;
|
|
} else {
|
|
$code_err = 'Incorrect code';
|
|
}
|
|
} else {
|
|
$code = substr(md5(rand()), 0, 8);
|
|
$handle = fopen($filename, "w+");
|
|
chmod($filename, 0600);
|
|
fwrite($handle, $code);
|
|
fclose($handle);
|
|
|
|
$subject = "Your confirmation code";
|
|
$headers = "From: announcements@vern.cc\n";
|
|
$headers .= "MIME-Version: 1.0\n";
|
|
$headers .= "Content-type: text/plain\n";
|
|
$message = "Your confirmation code is $code. Do not share it with anyone.\n\nIf you did not initiate this, you can safely ignore this message.";
|
|
|
|
mail($email, $subject, $message, $headers);
|
|
}
|
|
}
|
|
|
|
if ((($_GET['action'] != "sub" && $_GET['action'] != "unsub")) || (!empty($err) && empty($code_err))) {
|
|
|
|
?>
|
|
<div class=h><h1 id=list>Mailing List</h1> <a aria-hidden=true href=#list>#list</a></div>
|
|
<form method="get" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]) ?>">
|
|
<p>E-mail <span class="red">* <?php echo $err; ?></span>
|
|
<input type="text" name="email"></p>
|
|
|
|
<select id="action" name="action">
|
|
<option value="sub">Subscribe</option>
|
|
<option value="unsub">Unsubscribe</option>
|
|
</select><br>
|
|
|
|
<br>
|
|
<span><input type="submit" value="Submit" style="width:100px;height:40px;font-size:20px"></span>
|
|
</form><br>
|
|
<?php
|
|
} else if (!$confirmed) {
|
|
?>
|
|
<div class=h><h1 id=confirm>Confirm Action</h1> <a aria-hidden=true href=#confirm>#confirm</a></div>
|
|
<p>A confirmation code was sent to <?php echo htmlspecialchars($email); ?></p>
|
|
<form method="get" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]) ?>">
|
|
<input type="text" id="email" name="email" value="<?php echo htmlspecialchars($email); ?>" hidden>
|
|
|
|
<p>Code <span class="red">* <?php echo $code_err; ?></span>
|
|
<input type="text" name="code"></p>
|
|
|
|
<select id="action" name="action" hidden>
|
|
<option value="<?php echo htmlspecialchars($_GET['action']); ?>"></option>
|
|
</select>
|
|
|
|
<br>
|
|
<span><input type="submit" value="Confirm" style="width:100px;height:40px;font-size:20px"></span>
|
|
</form><br>
|
|
<?php
|
|
} else {
|
|
?>
|
|
<meta http-equiv="refresh" content="5;url=/en/" />
|
|
<div class=h><h1 id=thanks>Confirmed</h1> <a aria-hidden=true href=#thanks>#thanks</a></div>
|
|
<p>You have received an e-mail confirming the action as well.</p>
|
|
<p>You will be redirected back <a href=/en/>home</a> in 5 seconds.</p>
|
|
<?php
|
|
}
|
|
?>
|
|
<!--#include file="footer.cgi" -->
|
|
</body>
|
|
</html>
|