From 9f44dfc9bb55055f3cdb09f881200adc4261a8d0 Mon Sep 17 00:00:00 2001 From: lub Date: Sun, 3 Aug 2025 10:31:53 +0200 Subject: [PATCH] only register if admin was notified --- index.php | 74 ++++++++++++++++++++++++++++--------------------------- 1 file changed, 38 insertions(+), 36 deletions(-) diff --git a/index.php b/index.php index 612613c..5feb802 100644 --- a/index.php +++ b/index.php @@ -18,8 +18,10 @@ if (isset($_GET['secret']) && $_GET['secret'] === REGISTRATION_PASSWORD) { $response = curl_exec($ch); if (curl_error($ch) || curl_getinfo($ch, CURLINFO_HTTP_CODE) !== 200) { echo 'Error retrieving nonce. Please try again later.'; - } else { - $nonce = json_decode($response)->nonce; + exit; + } + + $nonce = json_decode($response)->nonce; ?>
@@ -36,10 +38,28 @@ if (isset($_GET['secret']) && $_GET['secret'] === REGISTRATION_PASSWORD) {
$decoded_response->user_id.' just registered', + 'msgtype' => 'm.text' + ])); + curl_setopt($ch, CURLOPT_HTTPHEADER, [ + 'authorization: Bearer '.ACCESS_TOKEN, + 'content-type: application/json' + ]); + curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); + $response = curl_exec($ch); + if ($curl_error($ch) || curl_getinfo($ch, CURLINFO_HTTP_CODE) !== 200) { + echo 'Registration for "'.$username.'" unsuccessful. Please try again later.'; + exit; + } + $content = [ 'nonce' => $_POST['nonce'], 'username' => $username, @@ -58,16 +78,14 @@ if (isset($_GET['secret']) && $_GET['secret'] === REGISTRATION_PASSWORD) { curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $response = curl_exec($ch); if (curl_error($ch) || curl_getinfo($ch, CURLINFO_HTTP_CODE) !== 200) { + echo 'Registration for "'.$username.'" unsuccessful. Please try again later.'; + exit; + } + + $decoded_response = json_decode($response); ?> -Registration for "" unsuccessful. Please try again later. - - - -Registration successful. To start using it please install a Matrix client like Element
+Registration successful. To start using your new account please install a Matrix client like Element

Server: imninja.net
Username:
@@ -81,31 +99,15 @@ Also consider using a password manager.
access_token - ]); - curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); - curl_exec($ch); - - # send admin message - $ch = curl_init(); - curl_setopt($ch, CURLOPT_URL, SYNAPSE_URL.'/_matrix/client/v3/rooms/'.ROOM_ID.'/send/m.room.message/'.filter_var($_POST['nonce'], FILTER_SANITIZE_FULL_SPECIAL_CHARS)); - curl_setopt($ch, CURLOPT_PUT, true); - curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode([ - 'body' => $decoded_response->user_id.' just registered', - 'msgtype' => 'm.text' - ])); - curl_setopt($ch, CURLOPT_HTTPHEADER, [ - 'authorization: Bearer '.ACCESS_TOKEN, - 'content-type: application/json' - ]); - curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); - curl_exec($ch); - } + # logout out of session that exists after registering + $ch = curl_init(); + curl_setopt($ch, CURLOPT_URL, SYNAPSE_URL.'/_matrix/client/v3/logout'); + curl_setopt($ch, CURLOPT_POST, true); + curl_setopt($ch, CURLOPT_HTTPHEADER, [ + 'authorization: Bearer '.$decoded_response->access_token + ]); + curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); + curl_exec($ch); } else { echo 'Invalid URL'; }