From 99c9b16cc1685e81f78786aac22278191517a047 Mon Sep 17 00:00:00 2001 From: Philipp Dunkel Date: Sat, 26 Dec 2009 18:32:59 +0000 Subject: [PATCH] Seperated Spam from Javascript/Cookie Handling to narrow down problems --- www/index.php | 22 ++++++++++++++++++---- 1 file changed, 18 insertions(+), 4 deletions(-) diff --git a/www/index.php b/www/index.php index e10fcf4..73ba399 100644 --- a/www/index.php +++ b/www/index.php @@ -565,21 +565,35 @@ $message = stripslashes($_REQUEST['message']); $secrethash = $_REQUEST['secrethash2']; - if($_SESSION['_config']['secrethash'] != $secrethash || $secrethash == "" || $_SESSION['_config']['secrethash'] == "" || - strstr($subject, "botmetka") || strstr($subject, "servermetka") || strstr($who,"\n") || strstr($email,"\n") || strstr($subject,"\n") ) + if($_SESSION['_config']['secrethash'] != $secrethash || $secrethash == "" || $_SESSION['_config']['secrethash'] == "") { $id = $oldid; $process = ""; - $_SESSION['_config']['errmsg'] = _("This seems like potential spam, or you have cookies or Javascript disabled, cannot continue."); + $_SESSION['_config']['errmsg'] = _("This seems like you have cookies or Javascript disabled, cannot continue."); $oldid = 0; $message = "From: $who\nEmail: $email\nSubject: $subject\n\nMessage:\n".$message; sendmail("support@cacert.org", "[CAcert.org] Possible SPAM", $message, $email, "", "", "CAcert Support"); //echo "Alert! Alert! Alert! SPAM SPAM SPAM!!!


"; //if($_SESSION['_config']['secrethash'] != $secrethash) echo "Hash does not match: $secrethash vs. ".$_SESSION['_config']['secrethash']."\n"; - echo "This seems like potential spam, or you have cookies or Javascript disabled, cannot continue."; + echo _("This seems like you have cookies or Javascript disabled, cannot continue."); die; } + if(strstr($subject, "botmetka") || strstr($subject, "servermetka") || strstr($who,"\n") || strstr($email,"\n") || strstr($subject,"\n") ) + { + $id = $oldid; + $process = ""; + $_SESSION['_config']['errmsg'] = _("This seems like potential spam, cannot continue."); + $oldid = 0; + + $message = "From: $who\nEmail: $email\nSubject: $subject\n\nMessage:\n".$message; + sendmail("support@cacert.org", "[CAcert.org] Possible SPAM", $message, $email, "", "", "CAcert Support"); + //echo "Alert! Alert! Alert! SPAM SPAM SPAM!!!


"; + //if($_SESSION['_config']['secrethash'] != $secrethash) echo "Hash does not match: $secrethash vs. ".$_SESSION['_config']['secrethash']."\n"; + echo _("This seems like potential spam, cannot continue."); + die; + } + if(trim($who) == "" || trim($email) == "" || trim($subject) == "" || trim($message) == "") {