📄 phpop3clean.demo.signup.php
字号:
<?php//////////////////////////////////////////////////////////////////// phPOP3clean() by James Heinrich <info@silisoftware.com> //// available at http://phpop3clean.sourceforge.net ///////////////////////////////////////////////////////////////////// Configuration:$AllowedServerIPs = array(@$_SERVER['SERVER_ADDR'], '127.0.0.1'); // domains are acceptable if they resolve to (at least) one of the IPs in this list$OtherAllowedDomains = array('example.com', 'mail.example.net'); // list of other acceptable domain names you want to allow people to sign up for scanning$ThisDomain = str_replace('www.', '', @$_SERVER['HTTP_HOST']); // short text name of your hosting service, whether "bob's.com" or "Bob's Hosting Service", etc.$AdminSignature = 'Domain Administrator, '.$ThisDomain; // gets appended to the welcome email$Prefer_RETR = true; // if true, use "RETR x" by default; else use "TOP x 99999" (POP3 server compatability setting, most should work fine with either)?><html><head> <title>phPOP3clean user signup demo</title> <script language="Javascript"> <!-- // Javascript functions exerpted from jsFormValidation() // see: http://www.silisoftware.com/scripts/jsFormValidation function MatchesPattern(theString, pattern) { // Note: regular expressions passed to this function that have escaped // characters also need the escape character escaped, otherwise JavaScript // will make it disappear, for example: // MatchesPattern(mystring, '\w\.\w'); // won't work // MatchesPattern(mystring, '\\w\\.\\w'); // will work reg = new RegExp(pattern, 'g'); return Boolean(reg.exec(theString)); } function IsValidEmail(emailstring) { // regex adapted from http://www.yxscripts.com/fg/form.html return MatchesPattern(emailstring, '\\w[\\w\\-\\.]*\\@\\w[\\w\\-]+(\\.[\\w\\-]{2,})+'); } function ForceLowercase(theinput) { newstring = theinput.value.toLowerCase(); // only update the input if invalid chars have been replaced // to avoid annoying behavior (e.g. moving cursor to end of text) if (newstring != theinput.value) { theinput.value = newstring; } return true; } function SplitEmailToHost(theform) { if (theform.hostname.value == "") { splitEmail = theform.email.value.split("@", 2); theform.hostname.value = splitEmail[1]; } return true; } // --> </script></head><body><h2>Email protection configuration</h2><?phprequire_once(dirname(__FILE__).'/phPOP3clean.functions.php');if (@$_POST['email'] && @$_POST['password']) { list($user, $domain) = explode('@', strtolower($_POST['email'])); $_POST['hostname'] = (@$_POST['hostname'] ? $_POST['hostname'] : $domain); $IsDomainAllowed = false; if (!$IsDomainAllowed && in_array($domain, $OtherAllowedDomains)) { $IsDomainAllowed = true; } if (!$IsDomainAllowed) { $DomainIPs = gethostbynamel($domain); foreach ($DomainIPs as $ip) { if (in_array($ip, $AllowedServerIPs)) { $IsDomainAllowed = true; break; } } } if (!$IsDomainAllowed) { echo 'The domain "<i>'.htmlentities($domain).'</i>" is not hosted by <b>'.$ThisDomain.'</b>.'; mail(PHPOP3CLEAN_ADMINEMAIL, 'phPOP3clean client - WRONG DOMAIN', 'email: '.strtolower($_POST['email'])."\n".'password: '.$_POST['password']); } else { if (@$_REQUEST['filtering'] == 'N') { $SQLquery = 'UPDATE `'.PHPOP3CLEAN_TABLE_PREFIX.'accounts` SET'; $SQLquery .= ' `active` = "'.mysql_escape_string('0').'"'; $SQLquery .= ' WHERE (`account` = "'.mysql_escape_string(strtolower($_POST['email'])).'")'; $SQLquery .= ' AND (`password` = "'.mysql_escape_string($_POST['password']).'")'; $result = mysql_query($SQLquery); echo 'Email filtering has been disabled for <b>'.htmlentities(strtolower($_POST['email'])).'</b>'; mail(PHPOP3CLEAN_ADMINEMAIL, 'phPOP3clean client - DISABLED', mysql_error()."\n\n".$SQLquery); } elseif (@$_REQUEST['filtering'] == 'Y') { $includeonly = true; if (!@include_once($_SERVER['DOCUMENT_ROOT'].'/admin/phPOP3.class.php')) { mail(PHPOP3CLEAN_ADMINEMAIL, 'phPOP3clean client - phPOP3clean include failed', 'failed: include_once('.$_SERVER['DOCUMENT_ROOT'].'/admin/phPOP3.class.php)'); die('Warning: failed to include phPOP3 class -- please report to '.PHPOP3CLEAN_ADMINEMAIL); } $validlogin = false; $errno = ''; $errstr = ''; ob_start(); if ($phPOP3 = new phPOP3($domain, 110, $errno, $errstr, 3)) { if ($phPOP3->POP3login($user, $_POST['password'])) { $validlogin = true; $phPOP3->POP3logout(); } } ob_end_clean(); if ($validlogin) { $SQLquery = 'SELECT * FROM `'.PHPOP3CLEAN_TABLE_PREFIX.'accounts`'; $SQLquery .= ' WHERE (`account` = "'.mysql_escape_string(strtolower($_POST['email'])).'")'; $result = mysql_query($SQLquery); if ($row = mysql_fetch_array($result)) { $SQLquery = 'UPDATE `'.PHPOP3CLEAN_TABLE_PREFIX.'accounts` SET'; $SQLquery .= ' `password` = "'.mysql_escape_string($_POST['password']).'"'; $SQLquery .= ', `active` = "1"'; // re-activate the account if it's been disabled $SQLquery .= ' WHERE (`account` = "'.mysql_escape_string(strtolower($_POST['email'])).'")'; $result = mysql_query($SQLquery); if (mysql_affected_rows()) { echo 'Password has been updated for <b>'.htmlentities(strtolower($_POST['email'])).'</b>'; mail(PHPOP3CLEAN_ADMINEMAIL, 'phPOP3clean client - NEW PASSWORD', 'email: '.strtolower($_POST['email'])."\n".'password: '.$_POST['password']."\n\n".mysql_error()."\n\n".$SQLquery); } else { echo 'Email filtering is already enabled for <b>'.htmlentities(strtolower($_POST['email'])).'</b>'; } } else { $SQLquery = 'INSERT INTO `'.PHPOP3CLEAN_TABLE_PREFIX.'accounts` (`account`, `hostname`, `password`, `full_login`, `use_retr`, `active`) VALUES ('; $SQLquery .= '"'.mysql_escape_string(strtolower($_POST['email'])).'", '; $SQLquery .= '"'.mysql_escape_string(strtolower($_POST['hostname'])).'", '; $SQLquery .= '"'.mysql_escape_string($_POST['password']).'", '; $SQLquery .= '"'.mysql_escape_string($_POST['full_login']).'", '; $SQLquery .= '"'.intval($Prefer_RETR).'", '; $SQLquery .= '"1")'; $result = mysql_query($SQLquery); echo 'Email filtering has been enabled for <b>'.htmlentities(strtolower($_POST['email'])).'</b>'; mail(PHPOP3CLEAN_ADMINEMAIL, 'phPOP3clean new client - SUCCESS', mysql_error()."\n\n".$SQLquery); $customeremail = 'You have signed up for phPOP3clean email filtering: '.strtolower($_POST['email'])."\n\n"; $customeremail .= 'If you get any spam emails that you think the filter should have stopped, please forward them to '.PHPOP3CLEAN_ADMINEMAIL."\n\n"; $customeremail .= 'If you change your email password, please go to http://'.$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF'].' and re-activate filtering with your new password.'."\n\n"; $customeremail .= 'Thank you for using the phPOP3clean email filtering system!'."\n\n"; $customeremail .= "--\n".$AdminSignature; mail(strtolower($_POST['email']), 'phPOP3clean new client', wordwrap($customeremail), "From: phPOP3clean - ".$ThisDomain." <".PHPOP3CLEAN_ADMINEMAIL.">\r\nBcc: ".PHPOP3CLEAN_ADMINEMAIL); } } else { mail(PHPOP3CLEAN_ADMINEMAIL, 'phPOP3clean new client - FAILED', 'email: '.strtolower($_POST['email'])."\n".'password: '.$_POST['password']."\n"); echo 'That email address and password combination is not valid!'; } } else { echo 'Email filtering for <b>'.htmlentities(strtolower($_POST['email'])).'</b> was already disabled.'; } } echo '<br><br><a href="'.$_SERVER['PHP_SELF'].'">process another address</a>';} else { echo 'This section is for <i>'.$ThisDomain.'</i> clients only.<br><br>'; echo '<i>phPOP3clean</i> email filtering will scan your emails and delete emails with any of the following characteristics:<ul>'; echo '<li>known infected attachments</li>'; echo '<li>attachment types that have no real use in normal email (.pif, .scr, .com)</li>'; echo '<li>masquerading .exe files (e.g. "<i>textfile.txt .exe</i>")</li>'; echo '<li>either of the above inside (possibly password-protected) zip files</li>'; echo '<li>links to known spamming sites</li>'; echo '<li>certain purposefully malformed phrases (such as "v磬qr⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -