Add option to disable registration

2024-11-21 15:10:25 +00:00 · 2023-10-21 11:57:25 +02:00 · 2023-10-21 11:57:25 +02:00 · 0bb8ac6590
commit 0bb8ac6590
parent a6ab6c52e3
4 changed files with 100 additions and 67 deletions
--- a/common_config.php
+++ b/common_config.php
@ -26,6 +26,7 @@ const DBHOST_PROSODY = 'localhost'; // Database host
 const DBUSER_PROSODY = 'prosody'; // Database user
 const DBPASS_PROSODY = 'YOUR_PASSWORD'; // Database password
 const DBNAME_PROSODY = 'prosody'; // Database
+const REGISTRATION_ENABLED = true; // Whether registration is enabled

 const LANGUAGES = [
 	'cs' => ['name' => 'čeština', 'locale' => 'cs_CZ', 'flag' => '🇨🇿', 'show_in_menu' => true, 'dir' => 'ltr'],
--- a/locale/mail-hosting.pot
+++ b/locale/mail-hosting.pot
@ -8,7 +8,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: PACKAGE VERSION\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2023-10-08 21:46+0200\n"
+"POT-Creation-Date: 2023-10-21 11:56+0200\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@ -34,26 +34,26 @@ msgstr ""
 msgid "File found in mail directory location: \"%s\". Consider deleting it."
 msgstr ""

-#: common_config.php:91 setup.php:20 setup.php:23 cron.php:11
+#: common_config.php:93 setup.php:20 setup.php:23 cron.php:11
 msgid "No Connection to MySQL database!"
 msgstr ""

-#: common_config.php:140
+#: common_config.php:142
 msgid "Copy:"
 msgstr ""

-#: common_config.php:259
+#: common_config.php:261
 #, php-format
 msgid ""
 "Oops, the email \"%s\" doesn' look like a valid email address and thus "
 "wasn't added to the forwarding list."
 msgstr ""

-#: common_config.php:285
+#: common_config.php:287
 msgid "You are not allowed to manage this domain."
 msgstr ""

-#: common_config.php:296
+#: common_config.php:298
 msgid "Invalid email address."
 msgstr ""

@ -90,32 +90,32 @@ msgstr ""
 msgid "Terms of Service for E-Mail and XMPP accounts"
 msgstr ""

-#: www/terms.php:22 www/register.php:95 www/index.php:22
+#: www/terms.php:22 www/register.php:99 www/index.php:22
 #: www/manage_account.php:237
 msgid "Info"
 msgstr ""

-#: www/terms.php:22 www/register.php:95 www/register.php:122 www/index.php:22
+#: www/terms.php:22 www/register.php:99 www/register.php:130 www/index.php:22
 #: www/manage_account.php:241
 msgid "Register"
 msgstr ""

-#: www/terms.php:22 www/register.php:95 www/index.php:22
+#: www/terms.php:22 www/register.php:99 www/index.php:22
 #: www/manage_account.php:247
 msgid "Manage account"
 msgstr ""

-#: www/terms.php:22 www/register.php:95 www/index.php:22 www/index.php:27
+#: www/terms.php:22 www/register.php:99 www/index.php:22 www/index.php:27
 #: www/manage_account.php:248
 msgid "SquirrelMail"
 msgstr ""

-#: www/terms.php:22 www/register.php:95 www/index.php:22 www/index.php:27
+#: www/terms.php:22 www/register.php:99 www/index.php:22 www/index.php:27
 #: www/manage_account.php:248
 msgid "SnappyMail"
 msgstr ""

-#: www/terms.php:22 www/register.php:95 www/index.php:22
+#: www/terms.php:22 www/register.php:99 www/index.php:22
 #: www/manage_account.php:248
 msgid "Web-XMPP"
 msgstr ""
@ -140,118 +140,138 @@ msgid ""
 msgstr ""

 #: www/terms.php:28
+msgid "Mass mailing is not allowed, and you will be blocked if you do."
+msgstr ""
+
+#: www/terms.php:29
+msgid ""
+"Please refrain from sending threats of violence or any harmful content. "
+"Dealing with law enforcement requests related to such incidents consumes a "
+"significant amount of time."
+msgstr ""
+
+#: www/terms.php:30
 msgid ""
 "If you lose your password, I will not reset it unless you can prove "
 "ownership of the account. You could do so by signing an email with the same "
 "PGP key that you use in your account."
 msgstr ""

-#: www/terms.php:29
+#: www/terms.php:31
 msgid "You are responsible for the security of your account and password."
 msgstr ""

-#: www/terms.php:30
+#: www/terms.php:32
 #, php-format
 msgid ""
 "Your email account only has 50MB of disk space by default. If you need more, "
 "you can %s, and I will increase it for free."
 msgstr ""

-#: www/terms.php:30 www/index.php:25
+#: www/terms.php:32 www/index.php:25
 msgid "contact me"
 msgstr ""

-#: www/terms.php:31
+#: www/terms.php:33
 msgid ""
 "The XMPP service provides message archiving and HTTP upload, which can keep "
 "your messages and files for up to 1 week. Up to 100MB of file storage is "
 "available per user."
 msgstr ""

-#: www/terms.php:32
+#: www/terms.php:34
 msgid ""
 "I reserve the right to block or delete your account without prior notice."
 msgstr ""

-#: www/terms.php:33
+#: www/terms.php:35
 msgid "I reserve the right to change these terms without prior notice."
 msgstr ""

-#: www/register.php:18
+#: www/terms.php:36
+msgid "Continued violations may necessitate the closure of registration."
+msgstr ""
+
+#: www/register.php:18 www/register.php:103
+#, php-format
+msgid "Registration is disabled due to too many violations of the %s"
+msgstr ""
+
+#: www/register.php:18 www/register.php:103 www/register.php:124
+msgid "Terms of Service"
+msgstr ""
+
+#: www/register.php:22
 msgid "Invalid CSRF token"
 msgstr ""

-#: www/register.php:22 www/manage_account.php:43
+#: www/register.php:26 www/manage_account.php:43
 msgid "Invalid captcha"
 msgstr ""

-#: www/register.php:27
+#: www/register.php:31
 msgid "Invalid username. It may not contain a +, ', \" or /."
 msgstr ""

-#: www/register.php:33 www/manage_account.php:100 www/admin.php:175
+#: www/register.php:37 www/manage_account.php:100 www/admin.php:175
 #: www/admin.php:343
 msgid "Passwords empty or don't match"
 msgstr ""

-#: www/register.php:44
+#: www/register.php:48
 msgid "The domain you specified is not allowed"
 msgstr ""

-#: www/register.php:49
+#: www/register.php:53
 msgid "The email address you specified is not valid"
 msgstr ""

-#: www/register.php:52
+#: www/register.php:56
 msgid "The username you specified is reserved"
 msgstr ""

-#: www/register.php:62 www/admin.php:311
+#: www/register.php:66 www/admin.php:311
 msgid "Sorry, this user already exists"
 msgstr ""

-#: www/register.php:70 www/admin.php:333
+#: www/register.php:74 www/admin.php:333
 msgid "Successfully created new mailbox!"
 msgstr ""

-#: www/register.php:78 www/register.php:87 www/register.php:91
+#: www/register.php:82 www/register.php:91 www/register.php:95
 msgid "E-Mail and XMPP - Register"
 msgstr ""

-#: www/register.php:82 www/register.php:88 www/register.php:91
+#: www/register.php:86 www/register.php:92 www/register.php:95
 msgid ""
 "Register for a free and anonymous E-Mail address and an XMPP/Jabber account"
 msgstr ""

-#: www/register.php:100 www/manage_account.php:255 www/admin.php:407
+#: www/register.php:108 www/manage_account.php:255 www/admin.php:407
 #: www/admin.php:580 www/admin.php:907 www/admin.php:936
 msgid "Username"
 msgstr ""

-#: www/register.php:104 www/manage_account.php:260 www/manage_account.php:323
+#: www/register.php:112 www/manage_account.php:260 www/manage_account.php:323
 #: www/admin.php:411 www/admin.php:501 www/admin.php:584 www/admin.php:940
 #: www/admin.php:1025
 msgid "Password"
 msgstr ""

-#: www/register.php:108 www/manage_account.php:328 www/admin.php:506
+#: www/register.php:116 www/manage_account.php:328 www/admin.php:506
 #: www/admin.php:589 www/admin.php:944 www/admin.php:1030
 msgid "Password again"
 msgstr ""

-#: www/register.php:112 www/register.php:116
+#: www/register.php:120 www/register.php:124
 #, php-format
 msgid "I have read and agreed to the %s"
 msgstr ""

-#: www/register.php:112
+#: www/register.php:120
 msgid "Privacy Policy"
 msgstr ""

-#: www/register.php:116
-msgid "Terms of Service"
-msgstr ""
-
 #: www/index.php:6 www/index.php:15 www/index.php:19
 msgid "E-Mail and XMPP"
 msgstr ""
--- a/www/register.php
+++ b/www/register.php
@ -13,6 +13,10 @@ if ( empty( $_SESSION[ 'csrf_token' ] ) || $_SESSION[ 'UA' ] !== $_SERVER[ 'HTTP
 $msg = '';
 if ( isset( $_POST[ 'user' ] ) ) {
 	$ok = true;
+	if( ! REGISTRATION_ENABLED ) {
+		$ok = false;
+		$msg .= '<div class="red" role="alert">'.sprintf(htmlspecialchars(_('Registration is disabled due to too many violations of the %s')), '<a href="'.ROOT_URL.'terms.php" target="_blank">'.htmlspecialchars(_('Terms of Service')).'</a>').'</div>';
+	}
 	if ( $_SESSION[ 'csrf_token' ] !== $_POST[ 'csrf_token' ] ?? '' ) {
 		$ok = false;
 		$msg .= '<div class="red" role="alert">'.htmlspecialchars(_('Invalid CSRF token')).'</div>';
@ -94,35 +98,40 @@ if ( isset( $_POST[ 'user' ] ) ) {
 <main>
 <p><a href="<?php echo ROOT_URL; ?>"><?php echo htmlspecialchars(_('Info')); ?></a> | <?php echo htmlspecialchars(_('Register')); ?> | <a href="<?php echo ROOT_URL; ?>manage_account.php"><?php echo htmlspecialchars(_('Manage account')); ?></a> | <a href="<?php echo ROOT_URL; ?>squirrelmail/src/login.php" target="_blank"><?php echo htmlspecialchars(_('SquirrelMail')); ?></a>  | <a href="<?php echo ROOT_URL; ?>snappymail/" target="_blank"><?php echo htmlspecialchars(_('SnappyMail')); ?></a> | <a href="<?php echo WEB_XMPP_URL; ?>" target="_blank" rel="noopener"><?php echo htmlspecialchars(_('Web-XMPP')); ?></a>
 </p>
-<?php echo "<p>$msg</p>"; ?>
-<form class="form_limit" action="register.php" method="post"><input type="hidden" name="csrf_token" value="<?php echo $_SESSION[ 'csrf_token' ] ?>">
-    <div class="row">
-        <div class="col"><label for="user"><?php echo htmlspecialchars(_('Username')); ?></label></div>
-        <div class="col"><input type="text" name="user" id="user" autocomplete="username" required value="<?php echo htmlspecialchars( $_POST[ 'user' ] ?? '' ); ?>"></div>
-    </div>
-    <div class="row">
-        <div class="col"><label for="pwd"><?php echo htmlspecialchars(_('Password')); ?></label></div>
-        <div class="col"><input type="password" name="pwd" id="pwd" autocomplete="new-password" required></div>
-    </div>
-    <div class="row">
-        <div class="col"><label for="pwd2"><?php echo htmlspecialchars(_('Password again')); ?></label></div>
-        <div class="col"><input type="password" name="pwd2" id="pwd2" autocomplete="new-password" required></div>
-    </div>
-    <div class="row">
-        <div class="col"><label for="accept_privacy"><?php printf(htmlspecialchars(_('I have read and agreed to the %s')), '<a href="'.PRIVACY_POLICY_URL.'" target="_blank">'.htmlspecialchars(_('Privacy Policy')).'</a>'); ?></label></div>
-        <div class="col"><input type="checkbox" id="accept_privacy" name="accept_privacy" required></div>
-    </div>
-	<div class="row">
-        <div class="col"><label for="accept_terms"><?php printf(htmlspecialchars(_('I have read and agreed to the %s')), '<a href="'.ROOT_URL.'terms.php" target="_blank">'.htmlspecialchars(_('Terms of Service')).'</a>'); ?></label></div>
-        <div class="col"><input type="checkbox" id="accept_terms" name="accept_terms" required></div>
-    </div>
-	<?php send_captcha(); ?>
-    <div class="row">
-        <div class="col">
-            <button type="submit"><?php echo htmlspecialchars(_('Register')); ?></button>
-        </div>
-    </div>
-</form>
+<?php echo "<p>$msg</p>";
+if( ! REGISTRATION_ENABLED ) {
+	echo '<p>'.sprintf(htmlspecialchars(_('Registration is disabled due to too many violations of the %s')), '<a href="'.ROOT_URL.'terms.php" target="_blank">'.htmlspecialchars(_('Terms of Service')).'</a>').'</p>';
+} else {
+?>
+	<form class="form_limit" action="register.php" method="post"><input type="hidden" name="csrf_token" value="<?php echo $_SESSION[ 'csrf_token' ] ?>">
+		<div class="row">
+			<div class="col"><label for="user"><?php echo htmlspecialchars(_('Username')); ?></label></div>
+			<div class="col"><input type="text" name="user" id="user" autocomplete="username" required value="<?php echo htmlspecialchars( $_POST[ 'user' ] ?? '' ); ?>"></div>
+		</div>
+		<div class="row">
+			<div class="col"><label for="pwd"><?php echo htmlspecialchars(_('Password')); ?></label></div>
+			<div class="col"><input type="password" name="pwd" id="pwd" autocomplete="new-password" required></div>
+		</div>
+		<div class="row">
+			<div class="col"><label for="pwd2"><?php echo htmlspecialchars(_('Password again')); ?></label></div>
+			<div class="col"><input type="password" name="pwd2" id="pwd2" autocomplete="new-password" required></div>
+		</div>
+		<div class="row">
+			<div class="col"><label for="accept_privacy"><?php printf(htmlspecialchars(_('I have read and agreed to the %s')), '<a href="'.PRIVACY_POLICY_URL.'" target="_blank">'.htmlspecialchars(_('Privacy Policy')).'</a>'); ?></label></div>
+			<div class="col"><input type="checkbox" id="accept_privacy" name="accept_privacy" required></div>
+		</div>
+		<div class="row">
+			<div class="col"><label for="accept_terms"><?php printf(htmlspecialchars(_('I have read and agreed to the %s')), '<a href="'.ROOT_URL.'terms.php" target="_blank">'.htmlspecialchars(_('Terms of Service')).'</a>'); ?></label></div>
+			<div class="col"><input type="checkbox" id="accept_terms" name="accept_terms" required></div>
+		</div>
+		<?php send_captcha(); ?>
+		<div class="row">
+			<div class="col">
+				<button type="submit"><?php echo htmlspecialchars(_('Register')); ?></button>
+			</div>
+		</div>
+	</form>
+<?php } ?>
 </main>
 </body>
 </html>
--- a/www/terms.php
+++ b/www/terms.php
@ -25,12 +25,15 @@ global $language, $dir, $locale;
 <li><?php echo htmlspecialchars(_('Inactive accounts get automatically deleted after one year of inactivity.')); ?></li>
 <li><?php echo htmlspecialchars(_('Spamming is not allowed, and you will be blocked if you do.')); ?></li>
 <li><?php echo htmlspecialchars(_('Using your account for illegal purposes is not allowed, and you will be blocked if you do.')); ?></li>
+<li><?php echo htmlspecialchars(_('Mass mailing is not allowed, and you will be blocked if you do.')); ?></li>
+<li><?php echo htmlspecialchars(_('Please refrain from sending threats of violence or any harmful content. Dealing with law enforcement requests related to such incidents consumes a significant amount of time.')); ?></li>
 <li><?php echo htmlspecialchars(_('If you lose your password, I will not reset it unless you can prove ownership of the account. You could do so by signing an email with the same PGP key that you use in your account.')); ?></li>
 <li><?php echo htmlspecialchars(_('You are responsible for the security of your account and password.')); ?></li>
 <li><?php printf(htmlspecialchars(_('Your email account only has 50MB of disk space by default. If you need more, you can %s, and I will increase it for free.')), '<a href="'.CONTACT_URL.'">'.htmlspecialchars(_('contact me')).'</a>'); ?></li>
 <li><?php echo htmlspecialchars(_('The XMPP service provides message archiving and HTTP upload, which can keep your messages and files for up to 1 week. Up to 100MB of file storage is available per user.')); ?></li>
 <li><?php echo htmlspecialchars(_('I reserve the right to block or delete your account without prior notice.')); ?></li>
 <li><?php echo htmlspecialchars(_('I reserve the right to change these terms without prior notice.')); ?></li>
+<li><?php echo htmlspecialchars(_('Continued violations may necessitate the closure of registration.')); ?></li>
 </ol>
 </main>
 </body></html>