bug 1131: Updated Policies based on new versions send by Policy Officer
[cacert-devel.git] / stamp / report.php
1 <? /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2008 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18 $arr = explode("//", mysql_real_escape_string(trim($_SESSION['_stamp']['ref'])), 2);
19 $arr = explode("/", $arr['1'], 2);
20 $ref = $arr['0'];
21
22 $refer = mysql_real_escape_string(strip_tags(trim($_SESSION['_stamp']['ref'])));
23 $name = clean('name');
24 $email = clean('email');
25 $comment = clean('comment');
26 $reason = clean('reason');
27 $process = clean('process');
28
29 if($process != "" && ($_POST['pagehash'] != $_SESSION['_stamp']['pagehash'] || $_SESSION['_stamp']['pagehash'] == ""))
30 {
31 $errmsg = "Your report seemed to be posted is a suspicious manner, please try to re-submit it, or contact support for further help.";
32 $process = "";
33 }
34
35 if($process != "" && ($name == "" || $email == "" || $comment == "" || $reason == ""))
36 {
37 $errmsg = "You must supply your name, a valid email address and comment.";
38 $process = "";
39 }
40
41 if($process != "")
42 {
43 $checkemail = checkEmail($email);
44 if($checkemail != "OK")
45 {
46 $errmsg = $checkemail;
47 $process = "";
48 }
49 } else {
50 $_SESSION['_stamp']['pagehash'] = $pagehash = md5(date("U").$ref);
51 }
52
53 if($process != "")
54 {
55 $IP = mysql_real_escape_string(trim($_SERVER['REMOTE_ADDR']));
56 $iplong = ip2long($IP);
57 mysql_query("insert into `abusereports` set `when`=NOW(), `IP`='$iplong', `url`='$refer', `name`='$name', `email`='$email',
58 `comment`='$comment', `reason`='$reason'");
59 $id = mysql_insert_id();
60
61 $body = "New Abuse Report has been lodged via the the Stamp Interface:\n\n";
62 $body .= "Reported ID: $id\n";
63 $body .= "Reported IP: $IP\n";
64 $body .= "From: $name <$email>\n";
65 $body .= "URL: $refer\n";
66 $body .= "Reason: $reason\n";
67 $body .= "Comment: $comment\n";
68
69 sendmail("cacert-abuse@lists.cacert.org", "[CAcert.org] Abuse Report.", $body, "website@cacert.org", "", "", "CAcert Website");
70 }
71
72 ?><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
73 <html>
74 <head>
75 <title>CAcert.org Abuse Report!</title>
76 <link rel="stylesheet" href="style.css" type="text/css">
77 </head>
78 <body>
79 <div id="pagecell1">
80 <div id="pageName"><br>
81 <h2><a href="http<? if($_SERVER['HTTPS']=="on") { echo "s"; } ?>://www.cacert.org">
82 <img src="http<? if($_SERVER['HTTPS']=="on") { echo "s"; } ?>://www.cacert.org/images/cacert3.png" border="0" alt="CAcert.org logo"></a></h2>
83 <? if($_SERVER['HTTPS']!="on") { ?>
84 <div id="googlead"><br><script type="text/javascript"><!--
85 google_ad_client = "pub-0959373285729680";
86 google_alternate_color = "ffffff";
87 google_ad_width = 234;
88 google_ad_height = 60;
89 google_ad_format = "234x60_as";
90 google_ad_type = "text";
91 google_ad_channel = "";
92 //--></script>
93 <script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script></div>
94 <? } ?>
95 </div>
96 <div id="content">
97 <div class="story">
98 <h3>Report abuse for <?=$ref?></h3>
99 <? if($process == "") { ?>
100 <? if($errmsg != "") { ?><p style="color:red"><?=$errmsg?></p><? } else { ?><br /><? } ?>
101 <form method="post" action="report.php">
102 <label for="refer">URL: </label><input type="text" name="refer" value="<?=$refer?>" readonly="1" /><br />
103 <label for="name">Name: </label><input type="text" name="name" value="<?=$name?>" /><br />
104 <label for="email">Email: </label><input type="text" name="email" value="<?=$email?>" /><br />
105 <label for="reason">Reason: </label><select name="reason">
106 <option value='invalid'<? if($reason == "invalid") { echo " selected"; } ?>>Invalid Domain</option>
107 <option value='phishing'<? if($reason == "phishing") { echo " selected"; } ?>>Phishing Site</option>
108 <option value='spam'<? if($reason == "spam") { echo " selected"; } ?>>Spam</option>
109 <option value='other'<? if($reason == "other") { echo " selected"; } ?>>Other</option>
110 </select><br />
111 <label for="comment">Comment/Other: </label><input type="text" name="comment" value="<?=$comment?>" /><br /><br />
112 <label for="sub">&nbsp;</label><input type="submit" name="process" value="Report Site"><br />
113 <input type="hidden" name="pagehash" value="<?=$pagehash?>">
114 </form>
115 <? } else { ?>
116 <p>We thank you for your attention to detail, your report has been accepted and we will tend to your report as soon as humanly possible.</p>
117 <? } ?>
118 </div>
119 </div>
120 </body>
121 </html>