beenull/b1gMail
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

add dnsbl and reglock check for non logged in users

Browse source
This commit is contained in:
Sebijk 2023-02-01 21:00:34 +01:00
parent 3a69a69a50
commit 825591f52c
2 changed files with 52 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

51
src/index.php
View file

@ -702,6 +702,57 @@ else if($_REQUEST['action'] == 'checkAddressAvailability')
{ {
if(!isset($_GET['address'])) if(!isset($_GET['address']))
exit(); exit();
if (isset($_REQUEST['sid']) && RequestPrivileges(PRIVILEGES_USER, true)) {
// Do nothing
}
else if($bm_prefs['regenabled'] == 'yes' && ($bm_prefs['user_count_limit'] == 0 || BMUser::GetUserCount() < $bm_prefs['user_count_limit']))
{
// dnsbl check
$isInDNSBL = false;
if($row[0] == 0 && $bm_prefs['signup_dnsbl_enable'] == 'yes' && $bm_prefs['signup_dnsbl'] != '')
{
$reverseIP = implode('.', array_reverse(explode('.', $_SERVER['REMOTE_ADDR'])));
$dnsblLists = explode(':', $bm_prefs['signup_dnsbl']);
foreach($dnsblLists as $dnsblHostname)
{
if(strpos($dnsblHostname, '.') === false)
continue;
$lookup = $reverseIP . '.' . strtolower($dnsblHostname);
if(substr($lookup, -1) != '.')
$lookup .= '.';
if(@gethostbyname($lookup) != $lookup)
{
$isInDNSBL = true;
PutLog(sprintf('User IP <%s> is in DNSBL <%s>',
$_SERVER['REMOTE_ADDR'],
$dnsblHostname),
PRIO_DEBUG,
__FILE__,
__LINE__);
break;
}
}
}
if($row[0] != 0)
{
http_response_code(400);
exit();
}
else if($isInDNSBL && $bm_prefs['signup_dnsbl_action'] == 'block')
{
http_response_code(400);
exit();
}
}
else {
RequestPrivileges(PRIVILEGES_USER);
}
$address = EncodeEMail($_GET['address']); $address = EncodeEMail($_GET['address']);

2
src/templates/modern/js/common.js
View file

@ -687,7 +687,7 @@ function checkAddressAvailability()
var address = EBID('email_local').value + '@' + EBID('email_domain').value; var address = EBID('email_local').value + '@' + EBID('email_domain').value;
EBID('addressAvailabilityIndicator').innerHTML = '<i class="fa fa-spinner fa-pulse fa-fw"></i>'; EBID('addressAvailabilityIndicator').innerHTML = '<i class="fa fa-spinner fa-pulse fa-fw"></i>';
MakeXMLRequest('index.php?action=checkAddressAvailability&address=' + encodeURI(address), _checkAddressAvailability); MakeXMLRequest('index.php?action=checkAddressAvailability&address=' + encodeURI(address) + '&sid=' + currentSID, _checkAddressAvailability);
} }
function getTZOffset() function getTZOffset()