X-Git-Url: http://git.treefish.org/fex.git/blobdiff_plain/e60096926213ce02293a261254ff065cae44c1c8..e5c93609849bda051fff54b5d5265af5608c6c69:/cgi-bin/fur diff --git a/cgi-bin/fur b/cgi-bin/fur index 94f6a1e..ffccca6 100755 --- a/cgi-bin/fur +++ b/cgi-bin/fur @@ -46,6 +46,14 @@ unless (@local_domains or @local_rdomains) { ); } +unless (@local_hosts and ipin($ra,@local_hosts) or + @local_rhosts and ipin($ra,@local_rhosts)) { + html_error($error, + "Registrations from your host ($ra) are not allowed.", + "Contact $ENV{SERVER_ADMIN} for details." + ); +} + # look for CGI parameters our %PARAM; &parse_parameters; @@ -81,9 +89,9 @@ if ($confirm) { } # if (-f "$user/@") { http_die("$user is already activated") } open $user,'>',"$user/@" or http_die("open $user/@ - $!\n"); - print {$user} $id,"\n"; + print {$user} $id,"\n"; close $user or http_die("close $user/@ - $!\n"); - + http_header("200 OK"); print html_header($head); my $url = "$ENV{PROTO}://$ENV{HTTP_HOST}/fup/" . b64("from=$user&id=$id"); @@ -96,11 +104,11 @@ if ($confirm) { '

' 'or you can use:' '

' - ' + '
' ' ' ' ' ' ' - '
URL:$ENV{PROTO}://$ENV{HTTP_HOST}/fup/
Sender:$user
auth-ID:$id
+ '' '' )); furlog("confirm: account $user created"); @@ -117,7 +125,7 @@ unless ($user or $exuser or $demouser) { ' accept-charset="UTF-8"' ' enctype="multipart/form-data">' )); - + if (@local_domains and @local_hosts and ipin($ra,@local_hosts)) { $reg = $ra; if (grep(/\*/,@local_domains)) { @@ -143,8 +151,8 @@ unless ($user or $exuser or $demouser) { )); } } - - if (@local_rdomains and @local_rhosts and + + if (@local_rdomains and @local_rhosts and (not @registration_hosts or ipin($ra,@registration_hosts))) { print "

or

\n" if $reg; $reg = $ra; @@ -154,7 +162,7 @@ unless ($user or $exuser or $demouser) { '

' )); } - + if (@demo) { print "

or

\n" if $reg; $reg = $ra; @@ -166,7 +174,7 @@ unless ($user or $exuser or $demouser) { '

' )); } - + if ($reg) { pq(qq( '

' @@ -237,7 +245,7 @@ if ($exuser) { $mydomains .= "|$mdomain" if $mdomain; $user .= '@'.$domain if $domain and $user !~ /@/; # $user .= '@'.$mdomain if $mdomain and $user !~ /@/; - + unless (@local_hosts and ipin($ra,@local_hosts)) { html_error($error, "Registrations from your host ($ra) are not allowed.", @@ -267,7 +275,7 @@ if (-f "$user/@") { $error, "you are already registered". " (I have lost my auth-ID)" - ); + ); } unless (-d $user) { @@ -288,7 +296,7 @@ if ($exuser) { print {$rf} "\@LOCAL_RHOSTS\n"; close $rf; if (open $user,'>',"$user/.auto") { - print {$user} "fur:external\n"; + print {$user} "fur:external\n"; close $user; } } elsif ($demouser) { @@ -298,13 +306,13 @@ if ($exuser) { printf {$quota} "sender:%d\n",$demo[0]; close $quota; if (open $user,'>',"$user/.auto") { - print {$user} "fur:demo\n"; + print {$user} "fur:demo\n"; close $user; } open $demouser,'>',"$demouser/.demo" and close $demouser; } else { if (open $user,'>',"$user/.auto") { - print {$user} "fur:internal\n"; + print {$user} "fur:internal\n"; close $user; } } @@ -313,7 +321,7 @@ $id = randstring(6); if ("@local_domains" eq "*") { open $id,'>',"$user/@" or http_die("open $user/@ - $!\n"); - print {$id} $id,"\n"; + print {$id} $id,"\n"; close $id or http_die("close $user/@ - $!\n"); http_header("200 OK"); print html_header($head); @@ -333,7 +341,7 @@ if ("@local_domains" eq "*") { # from fexsend if ($verify eq 'no') { open $id,'>',"$user/@" or http_die("open $user/@ - $!\n"); - print {$id} $id,"\n"; + print {$id} $id,"\n"; close $id or http_die("close $user/@ - $!\n"); http_header("200 OK",'Content-Type: text/plain'); print "$ENV{PROTO}://$ENV{HTTP_HOST}/fup?from=$user&ID=$id\n"; @@ -383,7 +391,7 @@ close $mail or http_die("cannot send mail - $!\n"); http_header("200 OK"); print html_header($head); print "confirmation e-mail has been sent to $user\n"; -print "\n"; +print "\n"; furlog("confirmation request mailed to $user"); exit; @@ -391,12 +399,12 @@ exit; # standard log sub furlog { my $msg = "@_"; - + $msg =~ s/\n/ /g; $msg =~ s/\s+$//; $msg = sprintf "%s [%s_%s] %s %s\n", isodate(time),$$,$ENV{REQUESTCOUNT},$fra,$msg; - + writelog($log,$msg); }