-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathsubmit.php
More file actions
125 lines (104 loc) · 4.05 KB
/
submit.php
File metadata and controls
125 lines (104 loc) · 4.05 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
<?php
// IMPORTANT!!! --> Don't forget to sanitize inputs!
// So mysql will actually report errors to me. o.O
//mysqli_report(MYSQLI_REPORT_ERROR);
// Included files
require_once( "functions/database.php" );
require_once( "functions/ip.php" );
require_once( "functions/user.php" );
require_once( "config.php" );
// Get POST data
function getPost($field)
{
if( isset($_POST[$field]) )
return $_POST[$field];
return "";
}
$in_userIGN = getPost("username");
$in_email = getPost("email");
$in_age = getPost("age");
$in_location = getPost("location");
$in_heardof = getPost("heardof");
$in_heardof_other = getPost("heardof_other");
$in_links = getPost("links");
$in_reasons = getPost("reasons");
$in_ipAddress = getPost("ipAddress");
$in_rules = getPost("rules");
if (array_sum($in_rules) != 429) {
$reason = "Your answer to the final question of the application, regarding the rules and FAQ, was incorrect. Please read the documents carefully and try your application again.";
require_once("response_refused.php");
}
// Truncate any data that is too long
$in_userIGN = substr($in_userIGN, 0, $maxDataAccepted);
$in_email = substr($in_email, 0, $maxDataAccepted);
$in_age = substr($in_age, 0, $maxDataAccepted);
$in_location = substr($in_location, 0, $maxDataAccepted);
$in_heardof = substr($in_heardof, 0, $maxDataAccepted);
$in_heardof_other = substr($in_heardof_other, 0, $maxDataAccepted);
$in_links = substr($in_links, 0, $maxDataAccepted);
$in_reasons = substr($in_reasons, 0, $maxDataAccepted);
// Connect to the database
$dbLink = DB_connect();
if( $dbLink === false ) {
$reason = "An error at our end has occurred. Please retry your application later.";
require_once( "response_refused.php" );
}
// Check that all fields were filled out
if( $in_userIGN == "" || $in_email == "" || $in_age == ""
|| $in_age == "" || $in_location == "" || $in_heardof == ""
|| $in_links == "" || $in_reasons == "" )
{
$reason = "Please fill out all of the application form.";
require_once( "response_refused.php" );
}
// Check for hacking attempt
else if( $in_ipAddress != getUserIp() ) {
logHack( $dbLink, getUserIp(), $in_userIGN );
$reason = "A hacking attempt has been detected and logged.";
require_once( "response_refused.php" );
}
// Check to make sure they can submit an application
else if( isMember($in_userIGN) ) {
$reason = "You are already a registered member.";
require_once( "response_refused.php" );
}
else if( isBanned($in_userIGN) ) {
$reason = "You cannot submit an application because you are banned from the server. Please email admin@minecartrapidtransit.net to appeal your ban.";
require_once( "response_refused.php" );
}
else if( isIPBanned($in_ipAddress) ) {
$reason = "Your IP address has been banned. Please email admin@minecartrapidtransit.net to appeal your ban.";
require_once( "response_refused.php" );
}
else if( isAlreadySubmitted($dbLink, $in_userIGN) ) {
$reason = "You have already submitted an application in the past 24 hours.";
require_once( "response_refused.php" );
}
else if( isAlreadySubmittedIp($dbLink, $in_ipAddress) >= $maxSubmissionsFromIP ) {
$reason = $maxSubmissionsFromIP ." applications have already been submitted from your IP address in the past 24 hours. Please wait before submitting your application.";
require_once( "response_refused.php" );
}
else if( isPermGuest($in_userIGN) ) {
$reason = "You have submitted too many rejected applications.";
require_once( "response_refused.php" );
}
// Okay, so everything seems to be okay.
else {
if( $in_heardof != "other" )
$in_heardof_other = "";
$ret = submitApplication( $dbLink, $in_userIGN, $in_email,
$in_age, $in_location, $in_heardof, $in_heardof_other,
$in_links, $in_reasons, $in_ipAddress,
detectTypicalProxy(), detectHttpProxy($in_ipAddress),
detectTorProxy($in_ipAddress, 80) | detectTorProxy($in_ipAddress, 25565)
);
if( $ret )
require_once( "response_submitted.php" );
else {
$reason = "An error at our end has occurred. Please retry your application later.";
require_once( "response_refused.php" );
}
}
// Disconnect from the database
DB_disconnect( $dbLink );
?>