Author: Nikita Popov (nikic) Date: 2021-04-06T21:56:33+02:00 Commit: https://github.com/php/web-master/commit/7847f7575b3fb9562465ab3fdc57b57e96e079e4 Raw diff: https://github.com/php/web-master/commit/7847f7575b3fb9562465ab3fdc57b57e96e079e4.diff
Remove challenge-response.php This references a table that doesn't exist, and is generally broken. Changed paths: D manage/challenge-response.php M manage/users.php Diff: diff --git a/manage/challenge-response.php b/manage/challenge-response.php deleted file mode 100644 index f571e97..0000000 --- a/manage/challenge-response.php +++ /dev/null @@ -1,97 +0,0 @@ -<?php # $Id$ - -/* Show the list of people caught up in the CR system - * for the current user. */ - -require_once 'login.inc'; -require_once 'functions.inc'; -require_once 'email-validation.inc'; - -head("challenge response anti-spam thingamy"); - -db_connect(); - -if (isset($_POST['confirm_them']) && isset($_POST['confirm']) && is_array($_POST['confirm'])) { - foreach ($_POST['confirm'] as $address) { - db_query_safe("insert into accounts.confirmed (email, ts) values (?, NOW())", [$address]); - } -} - -// TODO: Where does $user come from here? -$res = db_query_safe( - "select distinct sender from phpmasterdb.users left join accounts.quarantine on users.email = rcpt " . - "where username=? and not isnull(id)", [$user]); - -$inmates = []; -while ($row = mysql_fetch_row($res)) { - $inmates[] = $row[0]; -} - -function sort_by_domain($a, $b) -{ - list($al, $ad) = explode('@', $a, 2); - list($bl, $bd) = explode('@', $b, 2); - - $x = strcmp($ad, $bd); - if ($x) - return $x; - - return strcmp($al, $bl); -} - -usort($inmates, 'sort_by_domain'); - -?> - -<h1>Addresses in quarantine for <?php echo hsc($user); ?>@php.net</h1> - -<form method="post" action="<?php echo hsc($_SERVER['PHP_SELF']); ?>"> - -<table> - <tr> - <td> </td> - <td>Sender</td> - <td>Domain</td> - </tr> - -<?php -$i = 0; -foreach ($inmates as $prisoner) { - list($localpart, $domain) = explode('@', $prisoner, 2); - $bgcolor = ($i & 1) ? '#eeeeee' : '#ffffff'; -?> -<tr bgcolor="<?php echo $bgcolor; ?>"> - <td><input type="checkbox" name="confirm[]" value="<?php echo hsc($prisoner) ?>"/></td> - <td align="right"><?php echo hsc($localpart) ?></td> - <td align="left">@ <?php echo hsc($domain) ?></td> -</tr> -<?php -} -?> -</table> - -<p> -If you see an address listed here that you are 100% sure is a legitimate -sender, you may tick the appropriate box and confirm them. Quarantine is -processed every 15 minutes; once you have confirmed an address, be prepared to -wait that long before the mail is delivered. -</p> - -<input type="submit" name="confirm_them" value="Confirm Ticked Senders"/> - -</form> - -<?php -$res = db_query_safe( - "select count(id) from phpmasterdb.users left join accounts.quarantine on users.email = rcpt " . - " where username=?", [$user]); - -$n = 0; -if (mysql_num_rows($res) > 0) { - $n = mysql_result($res, 0); -} - -echo "You have <b>$n</b> messages in quarantine<br>"; - -foot(); -?> diff --git a/manage/users.php b/manage/users.php index 435ce6a..cc2f432 100644 --- a/manage/users.php +++ b/manage/users.php @@ -221,10 +221,6 @@ function csrf_validate(&$mydata, $name) { <tr> <th>Use Challenge/Response spam protection?</th> <td><input type="checkbox" name="in[spamprotect]"<?php echo $userdata['spamprotect'] ? " checked" : "";?> /> - <?php if ($userdata['username'] == $_SESSION["username"]) { ?> - <br/> - <a href="challenge-response.php">Show people on my quarantine list</a> - <?php } ?> </td> </tr> <tr> -- PHP Webmaster List Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php