diff --git a/account.php b/account.php
index b3851e6cbb3b4eedc2302078a42d1b6981e83c49..e155f316eaffde85c61446f62509c449c85e290a 100644
--- a/account.php
+++ b/account.php
@@ -27,16 +27,16 @@ function account_session_start($userid, $passwd) {
if ($user->id) {
session_start();
session_register("user");
- watchdog(1, "session opened for user `$user->userid'");
+ watchdog("message", "session opened for user `$user->userid'");
}
else {
- watchdog(2, "failed login for user `$userid'");
+ watchdog("warning", "failed login for user `$userid'");
}
}
function account_session_close() {
global $user;
- watchdog(1, "session closed for user `$user->userid'");
+ watchdog("message", "session closed for user `$user->userid'");
session_unset();
session_destroy();
unset($user);
@@ -281,7 +281,7 @@ function account_register_enter($user = "", $error = "") {
}
function account_register_submit($new) {
- global $theme, $mail, $sitename, $siteurl;
+ global $theme, $mail, $site_name, $site_url;
if ($rval = account_validate($new)) {
account_register_enter($new, "$rval");
@@ -293,12 +293,12 @@ function account_register_submit($new) {
user_save($new);
- $link = $siteurl ."account.php?op=confirm&name=$new[userid]&hash=$new[hash]";
- $message = "$new[userid],\n\n\nsomeone signed up for a user account on $sitename and supplied this email address as their contact. If it wasn't you, don't get your panties in a knot and simply ignore this mail.\n\nIf this was you, you have to activate your account first before you can login. You can do so simply by visiting the URL below:\n\n $link\n\nVisiting this URL will automatically activate your account. Once activated you can login using the following information:\n\n username: $new[userid]\n password: $new[passwd]\n\n\n-- $sitename crew\n";
+ $link = $site_url ."account.php?op=confirm&name=$new[userid]&hash=$new[hash]";
+ $message = "$new[userid],\n\n\nsomeone signed up for a user account on $site_name and supplied this email address as their contact. If it wasn't you, don't get your panties in a knot and simply ignore this mail.\n\nIf this was you, you have to activate your account first before you can login. You can do so simply by visiting the URL below:\n\n $link\n\nVisiting this URL will automatically activate your account. Once activated you can login using the following information:\n\n username: $new[userid]\n password: $new[passwd]\n\n\n-- $site_name crew\n";
- mail($new[real_email], "Account details for $sitename", $message, "From: noreply@$sitename");
+ mail($new[real_email], "Account details for $site_name", $message, "From: noreply@$site_url");
- watchdog(1, "new user `$new[userid]' <$new[real_email]>");
+ watchdog("message", "new user `$new[userid]' <$new[real_email]>");
$theme->header();
$theme->box("Account details", "Congratulations! Your member account has been sucessfully created and further instructions on how to activate your account have been sent to your e-mail address.");
@@ -316,21 +316,21 @@ function account_register_confirm($name, $hash) {
if ($account->hash == $hash) {
db_query("UPDATE users SET status = 2, hash = '' WHERE userid = '$name'");
$output .= "Your account has been sucessfully confirmed. You can click <A HREF=\"account.php?op=login\">here</A> to login.\n";
- watchdog(1, "$name: account confirmation sucessful");
+ watchdog("message", "$name: account confirmation sucessful");
}
else {
$output .= "Confirmation failed: invalid confirmation hash.\n";
- watchdog(3, "$name: invalid confirmation hash");
+ watchdog("error", "$name: invalid confirmation hash");
}
}
else {
$output .= "Confirmation failed: your account has already been confirmed. You can click <A HREF=\"account.php?op=login\">here</A> to login.\n";
- watchdog(3, "$name: attempt to re-confirm account");
+ watchdog("error", "$name: attempt to re-confirm account");
}
}
else {
$output .= "Confirmation failed: no such account found.<BR>";
- watchdog(3, "$name: attempt to confirm non-existing account");
+ watchdog("error", "$name: attempt to confirm non-existing account");
}
$theme->header();
@@ -370,6 +370,12 @@ function account_comments() {
$theme->footer();
}
+### Security check:
+if (strstr($name, " ") || strstr($hash, " ")) {
+ watchdog("error", "account: attempt to provide malicious input through URI");
+ exit();
+}
+
switch ($op) {
case "Login":
account_session_start($userid, $passwd);
diff --git a/admin.php b/admin.php
index 105d9645a391d82b3d9e72db5146d49adb6c9f04..0cf8bbf88715fe103d7155dd22d30a700b9517f4 100644
--- a/admin.php
+++ b/admin.php
@@ -1,7 +1,7 @@
<?
- // TEMPORARY SOLUTION:
- if ($user->id > 4) exit;
+// TEMPORARY SOLUTION:
+if (!$user->id || $user->id > 4) exit();
/*
* Account administration:
@@ -115,7 +115,7 @@ function account_view($name) {
* Watchdog administration:
*/
function watchdog_display($order = "date") {
- $colors = array("#FFFFFF", "#FFFFFF", "#90EE90", "#CD5C5C");
+ $colors = array("#D8BFD8", "#6495ED", "#6A5ADF", "#FFFFFF", "#FFA500", "#FF3C3C");
$fields = array("date" => "id DESC", "username" => "user", "location" => "location", "message" => "message DESC", "level" => "level DESC");
### Perform query:
@@ -288,7 +288,7 @@ function comment_edit($id) {
function comment_save($id, $subject, $comment) {
db_query("UPDATE comments SET subject = '". check_input($subject) ."', comment = '". check_input($comment) ."' WHERE cid = $id");
- watchdog(1, "modified comment `$subject'.");
+ watchdog("message", "modified comment `$subject'.");
}
function comment_display($order = "date") {
@@ -391,7 +391,7 @@ function diary_edit($id) {
function diary_save($id, $text) {
db_query("UPDATE diaries SET text = '". check_input($text) ."' WHERE id = $id");
- watchdog(1, "modified diary entry #$id.");
+ watchdog("message", "modified diary entry #$id.");
}
function diary_display($order = "date") {
@@ -516,7 +516,7 @@ function story_edit($id) {
function story_save($id, $subject, $abstract, $updates, $article, $category, $status) {
db_query("UPDATE stories SET subject = '". check_input($subject) ."', abstract = '". check_input($abstract) ."', updates = '". check_input($updates) ."', article = '". check_input($article) ."', category = '". check_input($category) ."', status = '$status' WHERE id = $id");
- watchdog(1, "modified story `$subject'.");
+ watchdog("message", "modified story `$subject'.");
}
function story_display($order = "date") {
@@ -562,7 +562,7 @@ function story_display($order = "date") {
function info_display() {
include "includes/config.inc";
- $output .= "sitename: $sitename<BR>\n";
+ $output .= "sitename: $site_name<BR>\n";
$output .= "e-mail address: $contact_email<BR>\n";
$output .= "send e-mail notifications: $notify<BR>\n";
$output .= "allowed HTML tags: <I>". htmlspecialchars($allowed_html) ."</I><BR>\n";
@@ -570,7 +570,7 @@ function info_display() {
$output .= "submission post threshold: $submission_post_threshold<BR>\n";
$output .= "submission dump threshold: $submission_dump_threshold<BR>\n";
- admin_box("$sitename settings", $output);
+ admin_box("$site_name settings", $output);
}
include "includes/config.inc";
diff --git a/diary.php b/diary.php
index d3745990ecab1c8d57612c8747b17197afe310dd..47b870e3ad67f5b1109bc559334dc29512f110ee 100644
--- a/diary.php
+++ b/diary.php
@@ -32,7 +32,7 @@ function diary_entry($timestamp, $text, $id = 0) {
if ($id) {
$output .= "<DL>\n";
$output .= " <DT><B>". date("l, F jS", $timestamp) .":</B> </DT>\n";
- $output .= " <DD><P>[ <A HREF=\"diary.php?op=edit&id=$id\">edit</A> ]</P><P>". check_output($text) ."</P></DD>\n";
+ $output .= " <DD><P>[ <A HREF=\"diary.php?op=edit&id=$id\">edit</A> ]</P><P>". check_output($text, 1) ."</P></DD>\n";
$output .= "</DL>\n";
}
else {
@@ -144,16 +144,21 @@ function diary_submit($text, $id = 0) {
global $user, $theme;
if ($id) {
+ watchdog("message", "old diary entry updated");
db_query("UPDATE diaries SET text = '". check_input($text) ."' WHERE id = $id");
- watchdog(1, "old diary entry updated");
}
else {
+ watchdog("diary", "new diary entry added");
db_query("INSERT INTO diaries (author, text, timestamp) VALUES ('$user->id', '". check_input($text) ."', '". time() ."')");
- watchdog(1, "new diary entry added");
}
header("Location: diary.php?op=view&name=$user->userid");
}
+### Security check:
+if (strstr($id, " ") || strstr($name, " ")) {
+ watchdog("error", "diary: attempt to provide malicious input through URI");
+ exit();
+}
switch($op) {
case "add":
@@ -177,4 +182,4 @@ function diary_submit($text, $id = 0) {
diary_overview();
}
-?>
\ No newline at end of file
+?>
diff --git a/discussion.php b/discussion.php
index 53476a27ea386e9c32644be9310a86657acab8a2..6501874e0aa9f43c50d9659aba0d4c323bad7070 100644
--- a/discussion.php
+++ b/discussion.php
@@ -255,20 +255,23 @@ function comment_post($pid, $sid, $subject, $comment) {
$duplicate = db_result(db_query("SELECT COUNT(*) FROM comments WHERE pid = '$pid' AND sid = '$sid' AND subject = '". check_input($subject) ."' AND comment = '". check_input($comment) ."'"), 0);
if ($fake != 1) {
- watchdog(3, "attemp to insert fake comment");
+ watchdog("error", "discussion: attempt to insert fake comment");
$theme->box("fake comment", "fake comment: $fake");
}
elseif ($duplicate != 0) {
- watchdog(3, "attemp to insert duplicate comment");
+ watchdog("error", "discussion: attempt to insert duplicate comment");
$theme->box("duplicate comment", "duplicate comment: $duplicate");
}
else {
### Validate subject:
$subject = ($subject) ? $subject : substr($comment, 0, 29);
- ### Add comment to database:
- db_insert("INSERT INTO comments (pid, sid, author, subject, comment, hostname, timestamp) VALUES ($pid, $sid, '$user->id', '". check_input($subject) ."', '". check_input($comment) ."', '". getenv("REMOTE_ADDR") ."', '". time() ."')");
+ ### Add watchdog entry:
+ watchdog("comment", "added new comment with subject '$subject'");
+ ### Add comment to database:
+ db_query("INSERT INTO comments (pid, sid, author, subject, comment, hostname, timestamp) VALUES ($pid, $sid, '$user->id', '". check_input($subject) ."', '". check_input($comment) ."', '". getenv("REMOTE_ADDR") ."', '". time() ."')");
+
### Compose header:
header("Location: discussion.php?id=$sid");
}
@@ -277,6 +280,12 @@ function comment_post($pid, $sid, $subject, $comment) {
include "includes/theme.inc";
include "includes/comment.inc";
+### Security check:
+if (strstr($id, " ") || strstr($pid, " ") || strstr($sid, " ") || strstr($mode, " ") || strstr($order, " ") || strstr($threshold, " ")) {
+ watchdog("error", "discussion: attempt to provide malicious input through URI");
+ exit();
+}
+
switch($op) {
case "Preview comment":
$theme->header();
diff --git a/error.php b/error.php
index 2ae17e4e8b1855bf13a4a83a15ada763baa5dc64..df888452c7c5c182e462411d2617fc1cf74a7ea2 100644
--- a/error.php
+++ b/error.php
@@ -31,7 +31,7 @@
include "includes/database.inc";
include "includes/watchdog.inc";
- watchdog(3, "message: `$message' - requested url: $REDIRECT_URL - referring url: $HTTP_REFERER");
+ watchdog("error", "message: `$message' - requested url: $REDIRECT_URL - referring url: $HTTP_REFERER");
?>
<B>Processed output:</B><BR>
diff --git a/faq.php b/faq.php
index 28367e9caf70add47f01601751222327c229682e..24aba17d4aa100da235d25bdd7f0e3646e83129b 100644
--- a/faq.php
+++ b/faq.php
@@ -1,4 +1,5 @@
<?
+
include "includes/theme.inc";
$output = "
@@ -12,14 +13,14 @@
<P><B>User</B> n.<BR>1. Someone doing `real work' with the computer, using it as a means rather than an end. Someone who pays to use a computer. 2. A programmer who will believe anything you tell him. One who asks silly questions. [GLS observes: This is slightly unfair. It is true that users ask questions (of necessity). Sometimes they are thoughtful or deep. Very often they are annoying or downright stupid, apparently because the user failed to think for two seconds or look in the documentation before bothering the maintainer.] 3. Someone who uses a program from the outside, however skillfully, without getting into the internals of the program. One who reports bugs instead of just going ahead and fixing them.</P>
</DD>
- <DT><B>What is $sitename all about?</B></DT>
- <DD>$sitename is a news and discussion forum. It is a <I>tool</I>. And as a tool, it aims to create an environment to make discussions possible. $sitename is not an organization, but a non-profit hobby project instead.<P>People log in to the site, read the news, select one or more items and start to discuss and post their reactions. $sitename is a community site that relies solely on reader-contributed content.<P>First off, we strive towards discussion rather then to deliver news on its own: discussion can really make a story considerably better as user comments frequently `upstage' the story itself.<P>Secondly, we aim towards a high quality of content and content posters by using and experimenting with several techniques and systems such as trust metrics, scoring, moderation and collaborative filtering.<P></DD>
+ <DT><B>What is $site_name all about?</B></DT>
+ <DD>$site_name is a news and discussion forum. It is a <I>tool</I>. And as a tool, it aims to create an environment to make discussions possible. $site_name is not an organization, but a non-profit hobby project instead.<P>People log in to the site, read the news, select one or more items and start to discuss and post their reactions. $site_name is a community site that relies solely on reader-contributed content.<P>First off, we strive towards discussion rather then to deliver news on its own: discussion can really make a story considerably better as user comments frequently `upstage' the story itself.<P>Secondly, we aim towards a high quality of content and content posters by using and experimenting with several techniques and systems such as trust metrics, scoring, moderation and collaborative filtering.<P></DD>
- <DT><B>Isn't $sitename similar to slashdot.org and kuro5hin.org?</B></DT>
- <DD>To some extend, yes. Credit where credit is due: we borrowed many ideas (like the interface and moderation) from <A HREF=\"http://slashdot.org/\">slashdot.org</A> and <A HREF=\"http://kuro5hin.org/\">kuro5hin.org</A> because they have many good ideas about discussion forums. We do not use their code or any permutation thereof as $sitename has been written entirely from scratch. Our goal was to create a similar base initially, and to go from there and to transform $sitename into something different by adding new and unique features.<P></DD>
+ <DT><B>Isn't $site_name similar to slashdot.org and kuro5hin.org?</B></DT>
+ <DD>To some extend, yes. Credit where credit is due: we borrowed many ideas (like the interface and moderation) from <A HREF=\"http://slashdot.org/\">slashdot.org</A> and <A HREF=\"http://kuro5hin.org/\">kuro5hin.org</A> because they have many good ideas about discussion forums. We do not use their code or any permutation thereof as $site_name has been written entirely from scratch. Our goal was to create a similar base initially, and to go from there and to transform $site_name into something different by adding new and unique features.<P></DD>
<DT><B><A NAME=\"moderation\">Why moderatiom, trust metrics and collaborative filtering?</A></B></DT>
- <DD>To help individuals and communities address the challenges of information overload.<P>As each new piece of information competes for attention, people quickly tend to become overwhelmed and seek assistance in identifying the most interesting, worthwhile, valuable or enteraining items. Not to mention the fact, reader-contributed content and other levels of interactivity tend to become chaotic, bloated and disreputable.<P>Therefore, we decided to develop a public system powered by a community that aims to bring quality content to everyone's attention and to filter out all junk: to <I>sort the wheat from the chaff</I>. The output should be something clean and homogenized featuring quality content, and should slide down the gullet far more easily. Another objective is to provide a customized service according to public and individual preferences, whether expressed or inferred.<P>Yes, you are right. It all sounds a bit idealistic, not to mention hypothetical. However, don't get this wrong: this isn't a new concept, various such systems exist nowadays (like <A HREF=\"http://slashdot.org/\">slashdot.org</A> or <A HREF=\"http://www.kuro5hin.org/\">kuro5hin.org</A>). We just happen to want our own system.<P>Last but not least we, the $sitename team, don't want the responsibility to manually review each post and to select the ones worthy. Systematic editing by individual editors is nice and dandy, if you get paid for it or if you have some time to kill. Afterall, we are not writers, critics nor reviewers for that matter; we are programmers, designers and technicians.<P></DD>
+ <DD>To help individuals and communities address the challenges of information overload.<P>As each new piece of information competes for attention, people quickly tend to become overwhelmed and seek assistance in identifying the most interesting, worthwhile, valuable or enteraining items. Not to mention the fact, reader-contributed content and other levels of interactivity tend to become chaotic, bloated and disreputable.<P>Therefore, we decided to develop a public system powered by a community that aims to bring quality content to everyone's attention and to filter out all junk: to <I>sort the wheat from the chaff</I>. The output should be something clean and homogenized featuring quality content, and should slide down the gullet far more easily. Another objective is to provide a customized service according to public and individual preferences, whether expressed or inferred.<P>Yes, you are right. It all sounds a bit idealistic, not to mention hypothetical. However, don't get this wrong: this isn't a new concept, various such systems exist nowadays (like <A HREF=\"http://slashdot.org/\">slashdot.org</A> or <A HREF=\"http://www.kuro5hin.org/\">kuro5hin.org</A>). We just happen to want our own system.<P>Last but not least we, the $site_name team, don't want the responsibility to manually review each post and to select the ones worthy. Systematic editing by individual editors is nice and dandy, if you get paid for it or if you have some time to kill. Afterall, we are not writers, critics nor reviewers for that matter; we are programmers, designers and technicians.<P></DD>
<DT><B>How does submission moderation work?</B></DT>
<DD>Anyone who happens by, and has some news or some thoughts they'd like to share, can submit new content for consideration. After someone has submitted something, their story is added to a queue. All registered users can access this list of pending stories, that is, stories that have been submitted, but do not yet appear on the public front page. Those registered users can vote whether they think the story should be posted or not. When enough people vote to post a story, the story is pushed over the threshold and up it goes on the public page. On the other hand, when too many people voted to drop a story, the story will get trashed.<P></DD>
@@ -28,7 +29,7 @@
<DD>If you create an account and log in, you will be able to moderate comments. This lets you assign a score to a comment on how good you think the comment was or how visible you think it should be. When more then one person rates a comment, the overall rating is just a simple average of all ratings. Comments with a high ratings are more visible then comments with a lower rating. Like that, comments that gain the approbation of participants will gradually move up through statistical effects and pointless comments will sink into oblivion.<P>Hence, the purpose of comment moderation is two-fold: <UL><LI>To bring the really good comments to everyone's attention.</LI><LI>To hide or get get rid of spam, flamebait and trolls.</LI></UL>In the latter, comment moderation provides a technical solution to a social problem.<P></DD>
<DT><B>Why would I want to create a user account?</B></DT>
- <DD>No $sitename participant can use his own name or handle to post comments until they sign up and submit their e-mail address. Those who do not may participate as `$anonymous', but they will suffer numerous disadvantages, not the least that their posts begin at a lower score.<P>In contrast, those with a user account can use their own name or handle and are granted various priveleges: the most important is probably the ability to moderate new submissions and to rate comments. Also, registered users can tune the site to their personal needs. For instance: they can select one of the available themes to alter the look-and-feel of the site or they can fine-tune the values of various settings to their likings.<P></DD>
+ <DD>No $site_name participant can use his own name or handle to post comments until they sign up and submit their e-mail address. Those who do not may participate as `$anonymous', but they will suffer numerous disadvantages, not the least that their posts begin at a lower score.<P>In contrast, those with a user account can use their own name or handle and are granted various priveleges: the most important is probably the ability to moderate new submissions and to rate comments. Also, registered users can tune the site to their personal needs. For instance: they can select one of the available themes to alter the look-and-feel of the site or they can fine-tune the values of various settings to their likings.<P></DD>
<DT><B>I forgot my password, what do I do?</B></DT>
<DD>--- under construction ---<P></DD>
@@ -64,13 +65,13 @@
</DD>
<DT><B>What is your disclaimer?</B></DT>
- <DD>All messages made available (including any discussion goups and bulletin boards) and any opinions, advice, statements or other information contained in any messages posted or transmitted by any third party are the responsibility of the author of that message and not of $sitename. The fact that a particular message is posted on or transmitted using this website does not mean that $sitename has endorsed that message in any way or verified the accuracy, completeness or usefulness of any message.<P>Furthermore, all persons who use $sitename are advised not to use them for solicitations or any other commercial purposes. We make no representation regarding the merchantability or fitness for any particular purpose of any message posted by any third party. Users are encouraged to seek the advice of their appropriate professional advisors, when evaluating the information contained in any message. $sitename is not responsible for any defamatory, offensive or illegal conduct of any user.<P></DD>
+ <DD>All messages made available (including any discussion goups and bulletin boards) and any opinions, advice, statements or other information contained in any messages posted or transmitted by any third party are the responsibility of the author of that message and not of $site_name. The fact that a particular message is posted on or transmitted using this website does not mean that $site_name has endorsed that message in any way or verified the accuracy, completeness or usefulness of any message.<P>Furthermore, all persons who use $site_name are advised not to use them for solicitations or any other commercial purposes. We make no representation regarding the merchantability or fitness for any particular purpose of any message posted by any third party. Users are encouraged to seek the advice of their appropriate professional advisors, when evaluating the information contained in any message. $site_name is not responsible for any defamatory, offensive or illegal conduct of any user.<P></DD>
<DT><B>What are your terms and conditions?</B></DT>
<DD>
- This website includes threaded discussion groups and discussion forums which allow feedback to $sitename and real-time interaction between the persons who use this service. The responsibility for any opinions, advice, statements or other information contained in any messages posted or transmitted by any third party on this website resides solely with the author.<P>
+ This website includes threaded discussion groups and discussion forums which allow feedback to $site_name and real-time interaction between the persons who use this service. The responsibility for any opinions, advice, statements or other information contained in any messages posted or transmitted by any third party on this website resides solely with the author.<P>
<U>1. When using the discussion forums, you may NOT:</U><UL><LI>Keep any other person from using and enjoying the discussion forums.</LI><LI>Post or transmit any messages (or content in general) that would constitute or encourage conduct that would constitute a criminal offense, give rise to civil liability or otherwise violate any local, state, national or international law, including any threatening, abusive libelous, defamatory, obscene, vulgar, pornographic, profane or indecent messages of any kind.</LI><LI>Post or transmit any information, software or other materials which violate or infringe upon the rights of others, including their privacy or publicity rights, or which is protected by copyright, trademark or other proprietary rights, without first obtaining permission from the person who owns or holds that right.</LI><LI>Use the discussion forum in any way for solicitations or other commercial purposes.</LI></UL><P>
- <U>2. $sitename's right to monitor the discussion forums:</U><BR>You understand that $sitename has no obligation to monitor the discussion forum. However $sitename reserves the right at all times to edit, refuse to post or to remove any information or materials, in whole or in part, that in $sitename's sole discretion are objectionable or in violation of these terms and conditions and to disclose any information necessary to satisfy or governmental request.<P>
+ <U>2. $site_name's right to monitor the discussion forums:</U><BR>You understand that $site_name has no obligation to monitor the discussion forum. However $site_name reserves the right at all times to edit, refuse to post or to remove any information or materials, in whole or in part, that in $site_name's sole discretion are objectionable or in violation of these terms and conditions and to disclose any information necessary to satisfy or governmental request.<P>
</DD>
</DL>";
@@ -78,4 +79,4 @@
$theme->box("Frequently Asked Questions", $output);
$theme->footer();
-?>
\ No newline at end of file
+?>
diff --git a/includes/admin.inc b/includes/admin.inc
index 08c8642c4ddf12c0a34e6e5f996d669a327939e2..2d13c7c17890fd12db2dd5582ccbe4de8bdae61a 100644
--- a/includes/admin.inc
+++ b/includes/admin.inc
@@ -8,12 +8,12 @@ function admin_icon($name) {
}
function admin_header() {
- global $sitename, $section;
+ global $site_name, $section;
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML>
- <HEAD><TITLE><? echo $sitename; ?> administration center</TITLE></HEAD>
+ <HEAD><TITLE><? echo $site_name; ?> administration center</TITLE></HEAD>
<STYLE>
body { font-family: helvetica, arial; }
h1 { font-size: 14pt; font-weight: bold; color: #006699; }
@@ -24,7 +24,7 @@ function admin_header() {
</STYLE>
<BODY BGCOLOR="#FFFFFF" LINK="#006699" VLINK="#004499" ALINK="#FF0000">
<TABLE BORDER="0" CELLPADDING="0" CELLSPACING="2" WIDTH="780">
- <TR><TD COLSPAN="10"><H1><? echo "$sitename"; ?> administration center</H1></TD></TR>
+ <TR><TD COLSPAN="10"><H1><? echo "$site_name"; ?> administration center</H1></TD></TR>
<TR><TD BGCOLOR="#000000" COLSPAN="10" WIDTH="100%"><IMG SRC="images/pixel.gif" WIDTH="1" HEIGHT="1" ALT=""></TD></TR>
<TR>
<?
@@ -67,4 +67,4 @@ function admin_footer() {
<?
}
-?>
\ No newline at end of file
+?>
diff --git a/includes/ban.inc b/includes/ban.inc
index 1d9fa095ed7201e7d7eebb9136817e088cecbaec..8a40459451c99c9183f13b0e0fd79805e690fd30 100644
--- a/includes/ban.inc
+++ b/includes/ban.inc
@@ -31,7 +31,7 @@ function ban_add($mask, $category, $reason, $message = "") {
$message = "Added new ban with mask `$mask'.<P>\n";
### Add log entry:
- watchdog(1, "added new ban `$mask' to category `". $index2type[$category] ."' with reason `$reason'.");
+ watchdog("message", "added new ban `$mask' to category `". $index2type[$category] ."' with reason `$reason'.");
}
}
@@ -45,7 +45,7 @@ function ban_delete($id) {
$result = db_query("DELETE FROM bans WHERE id = $id");
### Deleted log entry:
- watchdog(1, "removed ban `$ban->mask' from category `". $index2type[$ban->type] ."'.");
+ watchdog("message", "removed ban `$ban->mask' from category `". $index2type[$ban->type] ."'.");
}
}
diff --git a/includes/config.inc b/includes/config.inc
index 15b1c719aa78afdeebb7b3fcbc73a242f99dfa7e..80ee2dc74b60fa199becad38ac296a477102589c 100644
--- a/includes/config.inc
+++ b/includes/config.inc
@@ -1,45 +1,33 @@
<?
#
-# MySQL settings:
+# Database settings:
#
-### http://www.drop.org/:
-#$dbhost = "zind.net";
-#$dbuname = "droporg";
-#$dbpass = "DropIes";
-#$dbname = "droporg";
+### host: "http://www.drop.org/":
+#$db_host = "zind.net";
+#$db_uname = "droporg";
+#$db_pass = "DropIes";
+#$db_name = "droporg";
-### http://beta.drop.org/:
-$dbhost = "zind.net";
-$dbuname = "dries";
-$dbpass = "Abc123";
-$dbname = "dries";
+### host: "http://beta.drop.org/":
+#$db_host = "zind.net";
+#$db_uname = "dries";
+#$db_pass = "Abc123";
+#$db_name = "dries";
-### http://dione/:
-#$dbhost = "";
-#$dbuname = "dries";
-#$dbpass = "oakley";
-#$dbname = "dries";
+### host: "http://localhost/":
+$db_host = "";
+$db_uname = "dries";
+$db_pass = "oakley";
+$db_name = "dries";
#
-# Name of the site
+# Administrative information
#
-$sitename = "drop.org";
-$siteurl = "http://www.drop.org/";
-
-#
-# Contact information:
-# The contact information will be used to send out automated mails
-# to users, account holders or visitors.
-$contact_email = "droppies@drop.org";
-
-#
-# Notify:
-# Set to '1' to receive an e-mail when news has been submitted
-# through submit.php
-#
-$notify = 0;
+$site_name = "drop.org";
+$site_url = "http://www.drop.org/";
+$site_email = "droppies@drop.org";
#
# Notify information:
@@ -55,13 +43,13 @@
# Comment meta reasons:
#
$comment_votes = array("none" => "none",
- "-1" => "- 1",
- "0" => "+ 0",
- "+1" => "+ 1",
- "+2" => "+ 2",
- "+3" => "+ 3",
- "+4" => "+ 4",
- "+5" => "+ 5");
+ "-1" => "- 1",
+ "0" => "+ 0",
+ "+1" => "+ 1",
+ "+2" => "+ 2",
+ "+3" => "+ 3",
+ "+4" => "+ 4",
+ "+5" => "+ 5");
#
# Categories:
@@ -94,10 +82,10 @@
# the first theme listed in the associative array `$themes' will
# automatically become the default theme.
#
-$themes = array("Marvin" => array(
+$themes = array("Marvin" => array(
"themes/marvin/marvin.theme",
"classic theme, white, basic design with a fresh look"),
- "Zaphod" => array(
+ "Zaphod" => array(
"themes/zaphod/zaphod.theme",
"classis theme, yellow, structured, advanced navigation"),
"UnConeD" => array(
@@ -117,8 +105,30 @@
#
# Submission moderation thresholds:
-#
+# registered users can vote whether they think the story should
+# be posted or not. When enough people vote to post a story, the
+# story is pushed over the threshold and up it goes on the public
+# page. On the other hand, when too many people voted to drop a
+# story, the story will get trashed.
$submission_post_threshold = "3";
$submission_dump_threshold = "-2";
+#
+# Submission rate:
+#
+$submission_rate = array("comment" => "60", // 60 seconds = 1 minute
+ "diary" => "300", // 300 seconds = 5 minutes
+ "story" => "300"); // 300 seconds = 5 minutes
+#
+# Submission size:
+# the maximum length in characters a submission (story, diary,
+# comment) is allowed to be.
+#
+$submission_size = 6000;
+
+#
+# Watchdog history:
+#
+$watchdog_history = 604800; // 604800 seconds = 1 week
+
?>
diff --git a/includes/database.inc b/includes/database.inc
index 843cb270af95856e5949e741b75fee09f47a8b5f..6a81b003abc8275984804eaaedd1a00e1e45ee4b 100644
--- a/includes/database.inc
+++ b/includes/database.inc
@@ -8,28 +8,21 @@
*/
function db_connect() {
- global $dbhost, $dbuname, $dbpass, $dbname;
- mysql_pconnect($dbhost, $dbuname, $dbpass) or die(mysql_Error());
- mysql_select_db($dbname) or die ("Unable to select database");
+ global $db_host, $db_uname, $db_pass, $db_name;
+ mysql_pconnect($db_host, $db_uname, $db_pass) or die(mysql_Error());
+ mysql_select_db($db_name) or die ("Unable to select database");
// NOTE: we are using a persistent connection!
}
-function db_insert($query, $debug = false) {
- // NOTE:
- // add spam- and/or flood-checks
-
- db_query($query, $debug);
-}
-
function db_query($query, $debug = false) {
- ### perform query:
+ // perform query:
$qid = mysql_query($query);
- ### debug output (if required):
- if ($debug || empty($qid)) print "<PRE>query: ". htmlspecialchars($query) ."<BR>error message: ". mysql_error() ."</PRE>";
- if (empty($qid)) watchdog(3, "error: ". mysql_error() ."<BR>query: ". htmlspecialchars($query) ."");
+ // debug output (if required):
+ if ($debug) print "<PRE>query: ". htmlspecialchars($query) ."<BR>error message: ". mysql_error() ."</PRE>";
+ if (!$qid) watchdog("error", "database: ". mysql_error() ."<BR>query: ". htmlspecialchars($query) ."");
- ### return result from query:
+ // return result from query:
return $qid;
}
@@ -58,4 +51,4 @@ function db_result($qid, $field) {
#
db_connect();
-?>
\ No newline at end of file
+?>
diff --git a/includes/function.inc b/includes/function.inc
index 0215955d076b16e2cd3dddede32acdc2094cc008..3c3cd3afed5265d948ccdbf2b9f710b424c4ef2f 100644
--- a/includes/function.inc
+++ b/includes/function.inc
@@ -23,8 +23,8 @@ function check_field($message) {
}
function check_input($message) {
- global $allowed_html;
- return strip_tags(addslashes($message), $allowed_html);
+ global $allowed_html, $submission_size;
+ return strip_tags(addslashes(substr($message, 0, $submission_size)), $allowed_html);
}
function check_output($message, $nl2br = 0) {
diff --git a/includes/submission.inc b/includes/submission.inc
index 23f608f7d70c45da1bc313fbfb2268af4a6a4bf7..297bb0294df70663d929014c0dd407ebdfcb4e57 100644
--- a/includes/submission.inc
+++ b/includes/submission.inc
@@ -28,14 +28,14 @@ function submission_vote($id, $vote, $comment) {
if ($submission = db_fetch_object($result)) {
if ($submission->score >= $submission_post_threshold) {
db_query("UPDATE stories SET status = 2, timestamp = '". time() ."' WHERE id = $id");
- watchdog(1, "posted story `$submission->subject'");
+ watchdog("message", "posted story `$submission->subject'");
}
if ($submission->score <= $submission_dump_threshold) {
db_query("UPDATE stories SET status = 0, timestamp = '". time() ."' WHERE id = $id");
- watchdog(1, "dumped story `$submission->subject'");
+ watchdog("message", "dumped story `$submission->subject'");
}
}
}
}
-?>
\ No newline at end of file
+?>
diff --git a/includes/user.inc b/includes/user.inc
index 62e5547bedb102444c8d0b7981224d95aec623f3..0db5821210c306df043580e6e2581fb5d26957f7 100644
--- a/includes/user.inc
+++ b/includes/user.inc
@@ -1,9 +1,5 @@
<?
-$permissions = array("Administrator" => 0x00000001,
- "User manager" => 0x00000002,
- "News manager" => 0x00000004);
-
class User {
function User($userid, $passwd = "") {
$result = db_query("SELECT * FROM users WHERE LOWER(userid) = LOWER('$userid') && passwd = PASSWORD('$passwd') && STATUS = 2");
diff --git a/includes/watchdog.inc b/includes/watchdog.inc
index efc4b461893bf6a37f80ee370f8f07d2423d8eb4..78e481fd9d41b31b672912f2d9637baf54408748 100644
--- a/includes/watchdog.inc
+++ b/includes/watchdog.inc
@@ -1,15 +1,30 @@
<?
+$watchdog = array("comment" => array("0", $submission_rate["comment"]),
+ "diary" => array("1", $submission_rate["diary"]),
+ "story" => array("2", $submission_rate["story"]),
+ "message" => array("3", "0"),
+ "warning" => array("4", "0"),
+ "error" => array("5", "0"));
-function watchdog($level, $message) {
- global $user;
+function watchdog($id, $message) {
+ global $user, $watchdog, $watchdog_history;
- ### Perform query to add new log entry:
- db_query("INSERT INTO watchdog (level, timestamp, user, message, location, hostname) VALUES ($level, '". time() ."', '". addslashes($user->id) ."', '". addslashes($message) ."', '". getenv("SCRIPT_NAME") ."', '". getenv("REMOTE_ADDR") ."')");
+ if ($watchdog[$id][1]) {
+ if ($log = db_fetch_object(db_query("SELECT * FROM watchdog WHERE hostname = '". getenv("REMOTE_ADDR") ."' AND level = '". $watchdog[$id][0] ."'"))) {
+ if (time() - $log->timestamp < $watchdog[$id][1]) {
+ watchdog("warning", "'". getenv("REMOTE_ADDR") ."' exceeded '$id' submission rate");
+ // header("Location: error.php");
+ }
+ }
+ }
+
+ // Perform query to add new watchdog entry:
+ db_query("INSERT INTO watchdog (level, timestamp, user, message, location, hostname) VALUES ('". $watchdog[$id][0] ."', '". time() ."', '". check_input($user->id) ."', '". check_input($message) ."', '". check_input(getenv("REQUEST_URI")) ."', '". check_input(getenv("REMOTE_ADDR")) ."')");
- ### Periodically remove old log entries:
+ // Periodically remove old watchdog entries:
if (time() % 20 == 0) {
- $timestamp = time() - 1209600; // 2 weeks
+ $timestamp = time() - $watchdog_history;
db_query("DELETE FROM watchdog WHERE timestamp < $timestamp");
}
}
diff --git a/index.php b/index.php
index 1790d8ab077c6696b2fedd94f3025e8abb23ac12..041fd7ef5b67304d9c78c31b993261e2e8aec479 100644
--- a/index.php
+++ b/index.php
@@ -2,6 +2,12 @@
include "includes/theme.inc";
+### Security check:
+if (strstr($number, " ") || strstr($date, " ")) {
+ watchdog("error", "main page: attempt to provide malicious input through URI");
+ exit();
+}
+
### Initialize/pre-process variables:
$number = ($user->stories) ? $user->stories : 10;
$date = ($date) ? $date : time();
diff --git a/search.php b/search.php
index 1ea6defc157304537eb15436cb593d2541678110..d11331684a651271eb79eec43c09442c4bc7448f 100644
--- a/search.php
+++ b/search.php
@@ -4,7 +4,7 @@
$theme->header();
- $terms = stripslashes($terms);
+ $terms = check_input($terms);
$output .= "<TABLE WIDTH=\"100%\" BORDER=\"0\">\n";
$output .= " <TR VALIGN=\"center\">\n";
diff --git a/submission.php b/submission.php
index cff39dc6ca52fe4f5717b364738ebc6752fec451..ad1767ed07c959f554eae847b1cfd6599f84e370 100644
--- a/submission.php
+++ b/submission.php
@@ -1,4 +1,5 @@
<?
+
include "includes/submission.inc";
include "includes/theme.inc";
@@ -57,6 +58,12 @@ function submission_displayItem($id) {
$theme->footer();
}
+### Security check:
+if (strstr($id, " ")) {
+ watchdog("error", "submission: attempt to provide malicious input through URI");
+ exit();
+}
+
if ($user->id) {
switch($op) {
case "view":
@@ -72,4 +79,4 @@ function submission_displayItem($id) {
}
}
-?>
\ No newline at end of file
+?>
diff --git a/submit.php b/submit.php
index 121e9385f3111c3a8641f0ccd9e528952bfd8d40..2d8309cdcf147de7572e0cf386435697fbd2e48f 100644
--- a/submit.php
+++ b/submit.php
@@ -113,7 +113,8 @@ function submit_preview($subject, $abstract, $article, $category) {
}
else {
$output .= "<P>\n";
- $output .= " <INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"Preview submission\"> <INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"Submit submission\">\n";
+ $output .= " <INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"Preview submission\">\n";
+ $output .= " <INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"Submit submission\">\n";
$output .= "</P>\n";
}
@@ -128,22 +129,16 @@ function submit_preview($subject, $abstract, $article, $category) {
function submit_submit($subject, $abstract, $article, $category) {
global $user, $theme;
+ ### Add log entry:
+ watchdog("story", "added new story with subject `$subject'");
+
### Add submission to SQL table:
- db_insert("INSERT INTO stories (author, subject, abstract, article, category, timestamp) VALUES ('$user->id', '". check_input($subject) ."', '". check_input($abstract) ."', '". check_input($article) ."', '". check_input($category) ."', '". time() ."')");
+ db_query("INSERT INTO stories (author, subject, abstract, article, category, timestamp) VALUES ('$user->id', '". check_input($subject) ."', '". check_input($abstract) ."', '". check_input($article) ."', '". check_input($category) ."', '". time() ."')");
### Display confirmation message:
$theme->header();
- $theme->box("Thanks for your submission.", "Thanks for your submission. The submission moderators in our basement will frown at it, poke at it, and vote for it!");
+ $theme->box("Thank you for your submission.", "Thank you for your submission. The submission moderators in our basement will frown at it, poke at it, and vote for it!");
$theme->footer();
-
- ### Send e-mail notification (if enabled):
- if ($notify) {
- $message = "New submission:\n\nsubject...: $subject\nauthor....: $user->userid <$user->real_email>\ncategory..: $category\nabstract..:\n$abstract\n\narticle...:\n$article";
- mail($notify_email, "$notify_subject $subject", $message, "From: $notify_from\nX-Mailer: PHP/" . phpversion());
- }
-
- ### Add log entry:
- watchdog(1, "added new submission with subject `$subject'.");
}
include "includes/theme.inc";
diff --git a/themes/marvin/marvin.theme b/themes/marvin/marvin.theme
index 916aab3828c67de3157310071c0ac649973aa8fe..c2e3631e4499f35c2653dfdc4722ff2761430ca6 100644
--- a/themes/marvin/marvin.theme
+++ b/themes/marvin/marvin.theme
@@ -20,12 +20,12 @@ class Theme {
# Syntax.......: header($title);
# Description..: a function to draw the page header.
function header($title) {
- global $sitename;
+ global $site_name;
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
<HTML>
<HEAD>
- <TITLE><? print $sitename; ?></TITLE>
+ <TITLE><? print $site_name; ?></TITLE>
<META NAME="description" CONTENT="drop.org">
<META NAME="keywords" CONTENT="drop, weblog, portal, community, news, article, announcements, stories, story, computer, science, space, hype, cult, geek, nerd, foo, bar">
</HEAD>
@@ -189,7 +189,7 @@ function comment($comment, $link, $thread = "") {
### Moderation:
print " <TD ALIGN=\"right\" ROWSPAN=\"3\" VALIGN=\"middle\" WIDTH=\"15%\">\n";
- display_comment_moderation($comment->cid, $comment->poster, $comment->score, $comment->votes);
+ display_comment_moderation($comment->cid, $comment->userid, $comment->score, $comment->votes);
print " </TD>\n";
print " </TR>\n";
diff --git a/themes/unconed/unconed.theme b/themes/unconed/unconed.theme
index 2d6029b5725a376a61e5b7dd74c5e2aa61a5a4e5..201a8c0a093c7165fa8cfc945a81893c99cfdf21 100644
--- a/themes/unconed/unconed.theme
+++ b/themes/unconed/unconed.theme
@@ -31,12 +31,12 @@ class Theme {
# Syntax.......: header($title);
# Description..: a function to draw the page header.
function header($title) {
- global $sitename;
+ global $site_name;
srand((double)microtime()*1000000);
?>
<HTML>
<HEAD>
- <TITLE><? echo $sitename; ?></TITLE>
+ <TITLE><? echo $site_name; ?></TITLE>
<META NAME="description" CONTENT="drop.org">
<META NAME="keywords" CONTENT="drop, weblog, portal, community, news, article, announcements, stories, story, computer, science, space, hype, cult, geek, nerd, foo, bar">
</HEAD>
@@ -220,9 +220,7 @@ function commentControl($sid, $title, $threshold, $mode, $order) {
function comment($comment, $link, $thread = "") {
print "<A NAME=\"$comment->cid\"></A>\n";
- $timestamp = format_date($timestamp);
-
- print "\n<!-- Comment: \"$subject\" by $poster -->\n";
+ print "\n<!-- Comment: \"$comment->subject\" by $comment->userid -->\n";
?>
<TABLE BORDER="0" CELLPADDING="0" CELLSPACING="0" BGCOLOR="<? echo $this->brcolor1; ?>" WIDTH="100%">
@@ -243,7 +241,7 @@ function comment($comment, $link, $thread = "") {
### Moderation:
echo " <TD ALIGN=\"right\" ROWSPAN=\"3\" VALIGN=\"middle\" WIDTH=\"15%\">";
- display_comment_moderation($comment->cid, $comment->poster, $comment->score, $comment->votes);
+ display_comment_moderation($comment->cid, $comment->userid, $comment->score, $comment->votes);
echo " </TD>";
echo " </TR>";