Permalink
Browse files

- Allow blacklisting and whitelisting of e-mail addresses used for ne…

…w user accounts

- Added hash to the registration form to prevent CRSF
- Added password confirmation to registration form
- Update jQuery to 1.4.4

Signed-off-by: Marcus Campbell <marcus.campbell@gmail.com>
  • Loading branch information...
1 parent c7f63c8 commit a52e94e7d37efbd5356bb8a5b65f577e8500aed5 @scronide committed Dec 18, 2010
Showing with 331 additions and 223 deletions.
  1. +52 −32 config.inc.php.example
  2. +0 −154 includes/jquery-1.4.2.min.js
  3. +167 −0 includes/jquery-1.4.4.min.js
  4. +62 −24 register.php
  5. +32 −0 services/userservice.php
  6. +17 −12 templates/register.tpl.php
  7. +1 −1 templates/top.inc.php
@@ -3,7 +3,6 @@
# SCUTTLE: Online social bookmarks manager
######################################################################
# Copyright (c) 2005 - 2010 Scuttle project
-# http://sourceforge.net/projects/scuttle/
# http://scuttle.org/
#
# This module is to configure the main options for your site
@@ -33,13 +32,25 @@ $dbpass = 'password';
$dbname = 'scuttle';
######################################################################
+# Basic Configuration
+######################################################################
+# sitename: The name of this site
+# locale: The locale used - de_DE, dk_DK, en_GB, es_ES, fr_FR, hi_IN,
+# it_IT, ja_JP, lt_LT, nl_NL, pt_BR, sk_SK, zh_CN, zh_TW
+# adminemail: Contact address for the site administrator. Used as the from:
+# address in password retrieval e-mails.
+######################################################################
+
+$sitename = 'Scuttle';
+$locale = 'en_GB';
+$adminemail = 'admin@example.org';
+
+######################################################################
# You have finished configuring the database!
# ONLY EDIT THE INFORMATION BELOW IF YOU KNOW WHAT YOU ARE DOING.
######################################################################
# System Configuration
#
-# sitename: The name of this site.
-# locale: The locale used.
# top_include: The header file.
# bottom_include: The footer file.
# shortdate: The format of short dates.
@@ -66,8 +77,6 @@ $dbname = 'scuttle';
# root : Set to NULL to autodetect the root url of the website
# cookieprefix : The prefix to use for the cookies on the site
# tableprefix : The table prefix used for this installation
-# adminemail : Contact address for the site administrator. Used
-# as the FROM address in password retrieval e-mails.
# cleanurls : true - Use mod_rewrite to hide PHP extensions
# : false - Don't hide extensions [Default]
#
@@ -83,37 +92,48 @@ $dbname = 'scuttle';
# filetypes : An array of bookmark extensions that Scuttle should
# add system tags for.
# reservedusers : An array of usernames that cannot be registered
+# url_blacklist : Array of regex patterns. User is banned and existing
+# bookmarks are hidden if a match is found.
+# email_whitelist : Array of regex patterns. Used to whitelist addresses that
+# may otherwise match the blacklist.
+# email_blacklist : Array of regex patterns. Registration is blocked if a
+# match is found.
######################################################################
-$sitename = 'Scuttle';
-$locale = 'en_GB';
-$top_include = 'top.inc.php';
-$bottom_include = 'bottom.inc.php';
-$shortdate = 'd-m-Y';
-$longdate = 'j F Y';
-$nofollow = true;
-$defaultPerPage = 10;
-$defaultRecentDays = 14;
-$defaultOrderBy = 'date_desc';
-$TEMPLATES_DIR = dirname(__FILE__) .'/templates/';
-$root = NULL;
-$cookieprefix = 'SCUTTLE';
-$tableprefix = 'sc_';
-$adminemail = 'admin@example.org';
-$cleanurls = false;
+$top_include = 'top.inc.php';
+$bottom_include = 'bottom.inc.php';
+$shortdate = 'd-m-Y';
+$longdate = 'j F Y';
+$nofollow = true;
+$defaultPerPage = 10;
+$defaultRecentDays = 14;
+$defaultOrderBy = 'date_desc';
+$TEMPLATES_DIR = dirname(__FILE__) .'/templates/';
+$root = NULL;
+$cookieprefix = 'SCUTTLE';
+$tableprefix = 'sc_';
+$adminemail = 'admin@example.org';
+$cleanurls = false;
+
+$usecache = false;
+$dir_cache = dirname(__FILE__) .'/cache/';
+
+$useredir = false;
+$url_redir = 'http://www.google.com/url?sa=D&q=';
-$usecache = false;
-$dir_cache = dirname(__FILE__) .'/cache/';
+$filetypes = array(
+ 'audio' => array('mp3', 'ogg', 'wav'),
+ 'document' => array('doc', 'odt', 'pdf'),
+ 'image' => array('gif', 'jpeg', 'jpg', 'png'),
+ 'video' => array('avi', 'mov', 'mp4', 'mpeg', 'mpg', 'wmv')
+ );
-$useredir = false;
-$url_redir = 'http://www.google.com/url?sa=D&q=';
+$reservedusers = array('all', 'watchlist');
-$filetypes = array(
- 'audio' => array('mp3', 'ogg', 'wav'),
- 'document' => array('doc', 'odt', 'pdf'),
- 'image' => array('gif', 'jpeg', 'jpg', 'png'),
- 'video' => array('avi', 'mov', 'mp4', 'mpeg', 'mpg', 'wmv')
- );
-$reservedusers = array('all', 'watchlist');
+$email_whitelist = NULL;
+$email_blacklist = array(
+ '/(.*-){2,}/',
+ '/mailinator\.com/i'
+ );
include_once 'debug.inc.php';
Oops, something went wrong.

0 comments on commit a52e94e

Please sign in to comment.