vb.org Archive - View Single Post

dodgy · #87 05-30-2003, 01:28 AM

I've done some minor changes in procpost.php so that you can post messages from any e-mail account by using user name and password in subject line like this:

[thread-123-user-password]

reason for that is to be able to send posts from mobile phones, airplanes etc.

not sure about security holes yet

PHP Code:


			
  /* Get needed data from headers */

    if (preg_match('#\[post-([0-9]+)-([a-z0-9]+)-([a-z0-9]+)\]#i', $headers['subject'], $subjectparts)) {

        $postid = intval($subjectparts[1]);

    } else {

        preg_match('#\[thread-([0-9]+)-([a-z0-9]+)-([a-z0-9]+)\]#i', $headers['subject'], $subjectparts);

        $threadid = intval($subjectparts[1]);

    }

    preg_match('#([-.a-z0-9_]+@[-.a-z0-9_)]*)#i', $headers['from'], $emailparts);



    /* Move data to new variables */

    $email = $emailparts[1];

  $emailuser = $subjectparts[2];

    $emailcode = $subjectparts[3];

    $title = str_replace('[thread-'.$threadid.'-'.$emailuser.'-'.$emailcode.']', '', str_replace('[post-'.$postid.'-'.$emailuser.'-'.$emailcode.']', '', $headers['subject']));

    $message = trim(str_replace('[thread-'.$threadid.'-'.$emailuser.'-'.$emailcode.']', '', str_replace('[post-'.$postid.'-'.$emailuser.'-'.$emailcode.']', '', $d_message['text'][0])));



    /* Get the user info by the email */

    $bbuserinfo = $DB_site->query_first("

        SELECT user.*, userfield.field'.$_config['fieldid'].'

        FROM user

        LEFT JOIN userfield USING (userid)

        WHERE username = '$emailuser'

    ");



    /* And make sure it's not a phoney */

    if (!$bbuserinfo) {

        mailerror('Invalid user: user name does not exist.');

        continue;

    } elseif (empty($bbuserinfo['field'.$_config['fieldid']])) {

        mailerror('No email password: you did not specify an email password in your profile, and cannot post through email.');

        continue;

    } elseif ($bbuserinfo['field'.$_config['fieldid']] != $emailcode) {

        mailerror('Invalid email password: the email password you specifed does not match the one in the database.');

        continue;

    }

obviously you will have to edit templates and insert $emailuser where ever it needs to. ($emailuser is user name)

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.01112 seconds Memory Usage 1,795KB Queries Executed 11 (?)
More Information
Template Usage: (1)SHOWTHREAD_SHOWPOST (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (1)bbcode_php (1)footer (1)gobutton (1)header (1)headinclude (6)option (1)post_thanks_box (1)post_thanks_button (1)post_thanks_javascript (1)post_thanks_navbar_search (1)post_thanks_postbit_info (1)postbit (1)postbit_onlinestatus (1)postbit_wrapper (1)spacer_close (1)spacer_open Phrase Groups Available: global postbit reputationlevel showthread	Included Files: ./showpost.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/functions_bigthree.php ./includes/class_postbit.php ./includes/class_bbcode.php ./includes/functions_reputation.php ./includes/functions_post_thanks.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_postinfo_query fetch_postinfo fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete showpost_start bbcode_fetch_tags bbcode_create postbit_factory showpost_post postbit_display_start post_thanks_function_post_thanks_off_start post_thanks_function_post_thanks_off_end post_thanks_function_fetch_thanks_start post_thanks_function_fetch_thanks_end post_thanks_function_thanked_already_start post_thanks_function_thanked_already_end fetch_musername postbit_imicons bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete postbit_display_complete post_thanks_function_can_thank_this_post_start showpost_complete
Messages: