My worry is:
1. exposing my site to undue attention seeing as how I fear the mod is unsecure and lack the knowlege to secure it.
2. exposing others sites to the same insecurity I have imbued my site with. As it stands, my mod has the com_registration component registering new e-mails upon new registrations. It does not work if an e-mail confirmation is involved, it does not work with any captcha releases and as of yet, I cannot make it work with community builder (which is my greatest wish).
3. I did not design this, I am using 2+ year old code that some dutch guys wrote on the joomla boards based upon an even older mod written for Mambo.
To further impress upon you how clueless I am in php, I have included some code before and after so you could tell where I inserted this code.
With these predicates, here is my code with my particulars replaced with yourdomain,yourcpanel, etc. This code is from register.php from com_register. The code I inserted has a comment in front of it. I am open to suggestions. I will not support it, I do not know how to fix it, back up your files before you play with this:
| Code: |
// use email address and name of first superadmin for use in email sent to user
$query = "SELECT name, email"
. "\n FROM #__users"
. "\n WHERE LOWER( usertype ) = 'superadministrator'"
. "\n OR LOWER( usertype ) = 'super administrator'"
;
$database->setQuery( $query );
$rows = $database->loadObjectList();
$row2 = $rows[0];
$adminName2 = $row2->name;
$adminEmail2 = $row2->email;
//Begin CPanel Mod
}
$content = ""; $cpanel_user = "mycpanel"; // Cpanel Username
$cpanel_pass = "cpanelpass"; // Cpanel Password
$domain = "mydomain"; // Website Domain (if your domain is http://www.yourdomain.com use yourdomain.com
$xskin = "x"; // Cpanel Skin (Cant Find It? Check the link to the left and only fill in the stars (usually only x) : <a href="http://www.domain.com:2082/frontend/****/" target="_blank">http://www.domain.com:2082/frontend/****/</a>«»)
$quota = "10"; // Quota in MEGS (how much diskspace does one get.
$smtpdomain = "mail.yourdomain.org"; // The Address Of The SMTP Server (smtp.domain.com, domain.com ect.)
$pop3domain = "mail.yourdomain.org"; // The Address Of The POP3 Server (pop3.domain.com, domain.com ect.)
// Don't Change Anything Below This Line
$file = fopen("http://$cpanel_user:$cpanel_pass@$domain:2082/frontend/$xskin/mail/doaddpop.html?email=$username&domain=$domain&password=$pwd"a=$quota", "r"«»);
if (!$file) {
$ok = FALSE;
$message = "Cannot Connect To The CPanel Server Files. Please Check The Config";
}
while (!feof ($file)) {
$line = fgets ($file, 1024);
if (ereg ("already exists!", $line, $out)) {
$ok = FALSE;
}
}
fclose($file);
if ($ok) {
$message = "SUCCESS!Your Account Is Setup!<BR />";
$message .= "User : $NewEmail@$domain<BR />";
$message .= "Pass : $pwd<BR />";
$message .= "POP3 : $pop3domain<BR />";
$message .= "SMTP : $smtpdomain<BR />";
$form_fields=array_keys($_POST);
$temp="\n";
while($field=array_pop($form_fields)){
$temp.=" $field : = $HTTP_POST_VARS[$field] \n";
}
mail($HTTP_POST_VARS['to'],"Free Email",$temp);
}
echo "$message";
// This is the end of the CPanel Mod
// Send email to user
mosMail($adminEmail2, $adminName2, $email, $subject, $message);
// Send notification to all administrators
$subject2 = sprintf (_SEND_SUB, $name, $mosConfig_sitename);
$message2 = sprintf (_ASEND_MSG, $adminName2, $mosConfig_sitename, $row->name, $email, $username);
$subject2 = html_entity_decode($subject2, ENT_QUOTES);
$message2 = html_entity_decode($message2, ENT_QUOTES);
// get email addresses of all admins and superadmins set to recieve system emails
$query = "SELECT email, sendEmail"
. "\n FROM #__users"
. "\n WHERE ( gid = 24 OR gid = 25 )"
. "\n AND sendEmail = 1"
. "\n AND block = 0"
;
$database->setQuery( $query );
$admins = $database->loadObjectList();
foreach ( $admins as $admin ) {
// send email to admin & super admin set to recieve system emails
mosMail($adminEmail2, $adminName2, $admin->email, $subject2, $message2);
}
|
Thanks,
tim.<br><br>Post edited by: tpintsch, at: 2007/07/29 03:34
Forums 
Favoured: 0
