diff --git a/index.php b/index.php
index 695427c..03f57da 100644
--- a/index.php
+++ b/index.php
@@ -1,13 +1,14 @@
select(['email'])->from('email')->where(null, ['token' => $email])->query();
+ $filtered_email = $stats->select(['email'])->from('emails')->where(null, ['token' => $email, 'confirmed' => 1])->query();
if (empty($filtered_email)) {
echo sprintf('loadScript("//%s/js/alertify.min.js",function() { alertify.alert("Invalid token"); });', $_SERVER['HTTP_HOST']);
// TODO log for fail2ban
exit;
- } else {
- $filtered_email = current($filtered_email);
}
+
+ $filtered_email = current($filtered_email);
+ $doc = new DOMDocument();
$content = '';
- $f = $xpath != '' ? @DomDocument::loadHTMLFile($url) : false;
- if ($f) {
- $xp = new DomXPath($f);
- $content = $xp->query($xpath) != false ? $f->saveXML($xp->query($xpath)->item(0)) : '';
+ $f = $xpath !== '' ? @$doc->loadHTMLFile($url) : false;
+ if ($f !== false) {
+ $xp = new DomXPath($doc);
+ $content = $xp->query($xpath) !== false ? $doc->saveXML($xp->query($xpath)->item(0)) : '';
}
$body = "\n" . $title;
@@ -73,10 +75,11 @@ if (isset($_GET['v'])) {
if (!empty($config['bcc'])) {
$mail->addBCC($config['bcc']);
}
- if ($xpath == '')
+ if ($xpath === '') {
$mail->Body = $body;
- else
+ } else {
$mail->Body = '
' . nl2br($body) . '
';
+ }
if ($mail->send()) {
echo sprintf('loadScript("//%s/js/alertify.min.js",function() { alertify.alert("Email Sent."); });', $_SERVER['HTTP_HOST']);
} else {
@@ -101,20 +104,62 @@ if (isset($_GET['v'])) {
} else if (isset($_POST['email'])) {
$filtered_email = filter_var($_POST['email'], FILTER_VALIDATE_EMAIL);
if ($filtered_email !== false) {
- $token = bin2hex(random_bytes(72));
- //ADDING STATS
- include "XMLSQL.php";
- $stats = new XMLSQL('emails.xml');
- $stats->insert(array('ip' => getenv('REMOTE_ADDR'), 'date' => date('d/m/Y'), 'token' => $token, 'email' => $_POST['email']))->into('emails')->query();
- if ($_POST['html'] == 'on') { // bookmarklet pour l'envoi en HTML
- $include = 'Bookmark by email';
- } else { // bookmarklet pour l'envoi normal
- $include = "Bookmark by email";
+ try {
+ $token = bin2hex(random_bytes(72));
+ //ADDING STATS
+ include 'XMLSQL.php';
+ $stats = new XMLSQL('emails.xml');
+ $stats->insert(['ip' => getenv('REMOTE_ADDR'), 'date' => date('d/m/Y'), 'token' => $token, 'email' => $_POST['email'], 'confirmed' => 0])->into('emails')->query();
+ $body = "\nHi,";
+ $body .= "\nSomeone registered this email on our service.";
+ $body .= "\n";
+ $body .= "\nIf it's you, please click this link to confirm.';
+ $body .= "\nElse, please ignore this mail.";
+ $body .= "\nRegards,";
+ $body .= "\n\nShikiryu";
+ $body .= "\n\nAny complain or advise? http://shikiryu.com/contact/";
+ include 'phpmailer.php';
+
+ $mail = new PHPMailer(true);
+ $mail->setFrom($config['from_email'], $config['from_name']);
+ $mail->Subject = 'Please confirm your address';
+ $mail->Body = $body;
+ $mail->addAddress($filtered_email);
+ if (!empty($config['bcc'])) {
+ $mail->addBCC($config['bcc']);
+ }
+ if ($mail->send()) {
+ if (isset($_POST['html']) && $_POST['html'] === 'on') { // bookmarklet pour l'envoi en HTML
+ $include = 'Bookmark by email';
+ } else { // bookmarklet pour l'envoi normal
+ $include = "Bookmark by email";
+ }
+ } else {
+ $include = 'Can\'t send mail.';
+ }
+ } catch (Exception $e) {
+ $include = 'An error occured ('.$e->getMessage().')';
}
} else {
$include = 'Invalid email. Please go back
';
}
include 'template.php';
+} elseif (isset($_GET['confirm'])) {
+ include 'XMLSQL.php';
+ $stats = new XMLSQL(__DIR__.'/emails.xml');
+ $filtered_email = $stats->select()->from('emails')->where(null, ['token' => $_GET['t'], 'confirmed' => 0])->query();
+ if (empty($filtered_email)) {
+ $filtered_email = $stats->select(['email'])->from('emails')->where(null, ['token' => $_GET['t'], 'confirmed' => 1])->query();
+ if (!empty($filtered_email)) {
+ $include = 'Your email has already been confirmed.';
+ } else {
+ $include = 'Your token is inexistant.';
+ }
+ } else {
+ $stats->update('emails')->set(['confirmed' => '1'])->where($filtered_email[0]['attributes']['id'])->query();
+ $include = 'Your email has been confirmed. Enjoy!';
+ }
+ include 'template.php';
} else {
$include = '