1 <?php
2 
3 $hashirc = isset($_REQUEST['hashirc']) ? $_REQUEST['hashirc'] : NULL;
4 $hashbnc = isset($_REQUEST['hashbnc']) ? $_REQUEST['hashbnc'] : NULL;
5 $hashshell = isset($_REQUEST['hashshell']) ? $_REQUEST['hashshell'] : NULL;
6 $hashsmtp = isset($_REQUEST['hashsmtp']) ? $_REQUEST['hashsmtp'] : NULL;
7 $lines = file('botnow.conf');
8 
9 foreach ($lines as $i => $line) {
10 	if (preg_match('/^\#/', $line, $matches)) {
11 	} elseif (preg_match('/^\s*$/', $line, $matches)) {
12 	} elseif (preg_match('/^([^=\s]+)\s*=\s*(.*)$/', $line, $matches)) {
13 		$key = $matches[1];
14 		$val = $matches[2];
15 		$conf{$key} = $val;
16 	}
17 }
18 
19 $wordslist = file('words');
20 $wordslen = sizeof($wordslist);
21 for ($n = 0; $n < 5; $n++) {
22         $i = rand(0, $wordslen-1);
23 	$words[] = substr($wordslist[$i],0,-1); // remove newline
24 }
25 $passphrase = implode(" ", $words);
26 $passphrase = ucwords($passphrase);
27 $fpr{"passphrase"} = $passphrase;
28 $fpr{"remoteaddr"} = $_SERVER['REMOTE_ADDR'];
29 $fpr{"httpxforwarded"} = $_SERVER['HTTP_X_FORWARDED_FOR'];
30 $fpr{"time"} = date("Y-m-d H:i:s");
31 if (isset($hashirc)) {
32 	$fpr{"hashirc"} = $hashirc;
33 } elseif (isset($hashbnc)) {
34 	$fpr{"hashbnc"} = $hashbnc;
35 } elseif (isset($hashshell)) {
36 	$fpr{"hashshell"} = $hashshell;
37 } elseif (isset($hashsmtp)) {
38 	$fpr{"hashsmtp"} = $hashsmtp;
39 }
40 
41 foreach (getallheaders() as $key => $value) {
42 	if ($key == "User-Agent") {
43 		$key = "useragent";
44 	} elseif ($key == "Upgrade-Insecure-Requests") {
45 		$key = "upgradeinsecure";
46 	} elseif ($key == "Host") {
47 		$key = "host";
48 	} elseif ($key == "Dnt") {
49 		$key = "dnt";
50 	} elseif ($key == "Connection") {
51 		$key = "connection";
52 	} elseif ($key == "Cache-Control") {
53 		$key = "cachecontrol";
54 	} elseif ($key == "Accept-Language") {
55 		$key = "acceptlanguage";
56 	} elseif ($key == "Accept-Encoding") {
57 		$key = "acceptencoding";
58 	} elseif ($key == "Accept") {
59 		$key = "accept";
60 	} elseif ($key == "Cookie") {
61 		$key = "cookie";
62 	}
63 	$fpr{$key} = $value;
64 }
65 
66 setcookie("ircnow[hashirc]", $hashirc, time()+86400*30, '/', 'ircnow.org', true);
67 setcookie("ircnow[hashbnc]", $hashbnc, time()+86400*30, '/', 'ircnow.org', true);
68 setcookie("ircnow[hashshell]", $hashshell, time()+86400*30, '/', 'ircnow.org', true);
69 setcookie("ircnow[hashsmtp]", $hashsmtp, time()+86400*30, '/', 'ircnow.org', true);
70 
71 class wwwdb extends SQLite3 {
72 	function __construct() {
73 		$this->open('/botnow/botnow.db');
74 	}
75 }
76 $wwwdb = new wwwdb();
77 if(!$wwwdb) {
78 	echo $wwwdb->lastErrorMsg();
79 } else {
80 	foreach ($fpr as $key => $value) {
81 		$keys[] = $key;
82 		$values[] = $value;
83 	}
84 	$keystr = '"'.implode('","', $keys).'"';
85 	$valstr = '"'.implode('","', $values).'"';
86 	$sql =<<<EOF
87 INSERT INTO www ($keystr)
88 VALUES ($valstr);
89 EOF;
90 	if (!$wwwdb->exec($sql)) {
91 		echo $db->lastErrorMsg();
92 	}
93 $clients = array("AdiIRC", "Adium", "AndroIRC", "Atomic", "Colloquy", "Hexchat", "HydraIRC", "IRCForAndroid", "IRCCloud", "IceChat", "ircEX", "irssi", "Igloo", "KVIrc", "KiwiIRC", "Limechat", "Mibbit", "mIRC", "nettalk", "Pidgin", "qwebirc", "Quassel", "RevolutionIRC", "SimpleIRC", "Smuxi", "Textual", "Thunderbird", "TurboIRC", "Weechat", "Yaaic", "XChat");
94 $sql =<<<EOF
95 SELECT * from irc where hashid = "$hashirc";
96 EOF;
97 	$ret = $wwwdb->query($sql);
98 	while($row = $ret->fetchArray(SQLITE3_ASSOC)) {
99 		echo "Don't worry I got called";
100 		$ircid = $row['id'];
101 		$ctcpversion = $row['ctcpversion'];
102 		$hostmask = $row['hostmask'];
103 		foreach ($clients as $i => $value) {
104 			if (preg_match("/$value/i", $ctcpversion, $matches)) {
105 				$client = $value;
106 			}
107 		}
108 		if (!isset($client)) {
109 			if (preg_match('/!~?uid\d+/i', $hostmask, $matches)) {
110 				$client = "IRCCloud";
111 			} elseif(preg_match('/!~?quassel/i', $hostmask, $matches)) {
112 				$client = "Quassel";
113 			} elseif(preg_match('/!~?IceChat/i', $hostmask, $matches)) {
114 				$client = "IceChat";
115 			} elseif(preg_match('/Purple\s+IRC/i', $ctcpversion, $matches)) {
116 				$client = "Pidgin";
117 			} elseif(preg_match('/X-Chat/i', $ctcpversion, $matches)) {
118 				$client = "XChat";
119 			} elseif(preg_match('/Kiwi\s+IRC/i', $ctcpversion, $matches)) {
120 				$client = "KiwiIRC";
121 			} elseif(preg_match('/Android\s+IRC/i', $ctcpversion, $matches)) {
122 				$client = "AndroIRC";
123 			} elseif(preg_match('/IRC\s+for\s+Android/i', $ctcpversion, $matches)) {
124 				$client = "IRCForAndroid";
125 			} elseif(preg_match('/Revolution\s+IRC/i', $ctcpversion, $matches)) {
126 				$client = "RevolutionIRC";
127 			} elseif(preg_match('/Yet\s+another\s+Android\s+IRC\s+client/i', $ctcpversion, $matches)) {
128 				$client = "Yaaic";
129 			} else {
130 				$client = "Bouncer";
131 			}
132 		}
133 		
134 	}
135 $sql =<<<EOF
136 SELECT * from bnc where ircid = "$ircid";
137 EOF;
138 	$ret = $wwwdb->query($sql);
139 	while($row = $ret->fetchArray(SQLITE3_ASSOC)) {
140 		$username = $row['username'];
141 	}
142 	$wwwdb->close();
143 }
144 function myURLEncode($string) {
145     $replace = array('%20', '%21', '%2A', '%27', '%28', '%29', '%3B', '%3A', '%40', '%26', '%3D', '%2B', '%24', '%2C', '%2F', '%3F', '%23', '%5B', '%5D');
146     $search = array(' ', '!', '*', "'", "(", ")", ";", ":", "@", "&", "=", "+", "$", ",", "/", "?", "#", "[", "]");
147     return str_replace($search, $replace, $string);
148 }
149 $hostname = $conf{"hostname"};
150 ?>
151 
152 <!DOCTYPE html>
153 <html lang="en">
154 <head>
155 	<meta charset="utf-8">
156 	<meta name="viewport" content="width=device-width, initial-scale=1">
157 	<meta name="robots" content="index, follow"/>
158 	<title>IRCNow -- Verify Account</title>  
159 <style>
160 body {
161 	width: 80%;
162 	margin: 5rem auto;
163 	text-align: center;
164 	font-family: "Tahoma", "Verdana", "Arial";
165 }
166 </style>
167 <script>
168 console.log(Intl.DateTimeFormat().resolvedOptions().timeZone);
169 var offset = new Date().getTimezoneOffset();
170 console.log(offset);
171 console.log(new Date().toString());
172 console.log(window.screen.width);
173 console.log(window.screen.height);
174 //console.log(screen.availWidth);
175 //console.log(screen.availHeight);
176 console.log(screen.colorDepth);
177 </script>
178 </head>
179 
180 <body>
181 <p>Please email <a href="mailto:<?php echo $conf{"mailfrom"}."?subject=".myURLEncode("IRCNow Verify: $passphrase")."&body=".myURLEncode("IRCNow Verify: $passphrase") ?>"><?php echo $conf{"mailfrom"} ?></a> with the following passphrase:</p>
182 
183 <p>IRCNow Verify: <?php echo $passphrase ?></p>
184 
185 <p><a href="https://wiki.ircnow.org/index.php?n=Bouncer.<?php echo $client ?>">Click here for <?php echo $client ?> connection instructions.</a></p>
186 
187 <p>To change your password, login to <a href="<?php echo "https://bnc.$hostname/" ?>"><?php echo "https://bnc.$hostname/" ?></a>, fill in the password field, then click on the "Save and Return" button.</p>
188 
189 <p>Or, you can change the password from your IRC client. Once you have logged in, type:</p>
190 
191 <code>/msg *controlpanel set password <?php echo $username ?> newpassword</code>
192 
193 </body>
194 </html>