summaryrefslogtreecommitdiff
path: root/stamp/report.php
blob: b3a8392e80b871529266d1c78689b57243c23969 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
<? /*
    LibreSSL - CAcert web application
    Copyright (C) 2004-2008  CAcert Inc.

    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation; version 2 of the License.

    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with this program; if not, write to the Free Software
    Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
*/
	$arr = explode("//", mysqli_real_escape_string($_SESSION['mconn'], trim($_SESSION['_stamp']['ref'])), 2);
	$arr = explode("/", $arr['1'], 2);
	$ref = $arr['0'];

	$refer = mysqli_real_escape_string($_SESSION['mconn'], strip_tags(trim($_SESSION['_stamp']['ref'])));
	$name = clean('name');
	$email = clean('email');
	$comment = clean('comment');
	$reason = clean('reason');
	$process = clean('process');

	if($process != "" && ($_POST['pagehash'] != $_SESSION['_stamp']['pagehash'] || $_SESSION['_stamp']['pagehash'] == ""))
	{
		$errmsg = "Your report seemed to be posted is a suspicious manner, please try to re-submit it, or contact support for further help.";
		$process = "";
	}

	if($process != "" && ($name == "" || $email == "" || $comment == "" || $reason == ""))
	{
		$errmsg = "You must supply your name, a valid email address and comment.";
		$process = "";
	}

	if($process != "")
	{
		$checkemail = checkEmail($email);
		if($checkemail != "OK")
		{
			$errmsg = $checkemail;
			$process = "";
		}
	} else {
		$_SESSION['_stamp']['pagehash'] = $pagehash = md5(date("U").$ref);
	}

	if($process != "")
	{
		$IP = mysqli_real_escape_string($_SESSION['mconn'], trim($_SERVER['REMOTE_ADDR']));
		$iplong = ip2long($IP);
		mysqli_query($_SESSION['mconn'], "insert into `abusereports` set `when`=NOW(), `IP`='$iplong', `url`='$refer', `name`='$name', `email`='$email',
				`comment`='$comment', `reason`='$reason'");
		$id = mysqli_insert_id($_SESSION['mconn']);

		$body  = "New Abuse Report has been lodged via the the Stamp Interface:\n\n";
		$body .= "Reported ID: $id\n";
		$body .= "Reported IP: $IP\n";
		$body .= "From: $name <$email>\n";
		$body .= "URL: $refer\n";
		$body .= "Reason: $reason\n";
		$body .= "Comment: $comment\n";

		sendmail("cacert-abuse@lists.cacert.org", "[CAcert.org] Abuse Report.", $body, "website@cacert.org", "", "", "CAcert Website");
	}

?><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>CAcert.org Abuse Report!</title>
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body>
 <div id="pagecell1">
  <div id="pageName"><br>
    <h2><a href="http<? if($_SERVER['HTTPS']=="on") { echo "s"; } ?>://www.cacert.org">
	<img src="http<? if($_SERVER['HTTPS']=="on") { echo "s"; } ?>://www.cacert.org/images/cacert3.png" border="0" alt="CAcert.org logo"></a></h2>
<? if($_SERVER['HTTPS']!="on") { ?>
<div id="googlead"><br><script type="text/javascript"><!--
google_ad_client = "pub-0959373285729680";
google_alternate_color = "ffffff";
google_ad_width = 234;
google_ad_height = 60;
google_ad_format = "234x60_as";
google_ad_type = "text";
google_ad_channel = "";
//--></script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script></div>
<? } ?>
  </div>
  <div id="content">
    <div class="story">
      <h3>Report abuse for <?=$ref?></h3>
<? if($process == "") { ?>
<? if($errmsg != "") { ?><p style="color:red"><?=$errmsg?></p><? } else { ?><br /><? } ?>
      <form method="post" action="report.php">
	<label for="refer">URL: </label><input type="text" name="refer" value="<?=$refer?>" readonly="1" /><br />
	<label for="name">Name: </label><input type="text" name="name" value="<?=$name?>" /><br />
	<label for="email">Email: </label><input type="text" name="email" value="<?=$email?>" /><br />
	<label for="reason">Reason: </label><select name="reason">
		<option value='invalid'<? if($reason == "invalid") { echo " selected"; } ?>>Invalid Domain</option>
		<option value='phishing'<? if($reason == "phishing") { echo " selected"; } ?>>Phishing Site</option>
		<option value='spam'<? if($reason == "spam") { echo " selected"; } ?>>Spam</option>
		<option value='other'<? if($reason == "other") { echo " selected"; } ?>>Other</option>
		</select><br />
	<label for="comment">Comment/Other: </label><input type="text" name="comment" value="<?=$comment?>" /><br /><br />
	<label for="sub">&nbsp;</label><input type="submit" name="process" value="Report Site"><br />
	<input type="hidden" name="pagehash" value="<?=$pagehash?>">
      </form>
<? } else { ?>
      <p>We thank you for your attention to detail, your report has been accepted and we will tend to your report as soon as humanly possible.</p>
<? } ?>
    </div>
   </div>
</body>
</html>