Daniel\'s Hosting

PDO::ERRMODE_WARNING, PDO::ATTR_PERSISTENT=>PERSISTENT]); }catch(PDOException $e){ die('No Connection to MySQL database!'); } header('Content-Type: text/html; charset=UTF-8'); session_start(); if(!empty($_SESSION['hosting_username'])){ header('Location: home.php'); exit; } echo ''; echo 'Daniel\'s Hosting - Register'; echo ''; echo ''; echo ''; echo '

Info | Register | Login | List of hosted sites

'; if($_SERVER['REQUEST_METHOD']==='POST'){ $ok=true; $onion=''; $public=0; $php=0; $autoindex=0; $hash=''; $priv_key=''; if(empty($_POST['pass'])){ echo '

Error, password empty.

'; $ok=false; }elseif(empty($_POST['passconfirm']) || $_POST['pass']!==$_POST['passconfirm']){ echo '

Error, password confirmation does not match.

'; $ok=false; } if(empty($_POST['username'])){ echo '

Error, username empty.

'; $ok=false; }elseif(preg_match('/[^a-z0-9\-_\.]/', $_POST['username'])){ echo '

Error, username may only contain characters that are in the rage of a-z (lower case) - . _ and 0-9.

'; $ok=false; }elseif(strlen($_POST['username'])>50){ echo '

Error, username may not be longer than 50 characters.

'; $ok=false; }else{ $stmt=$db->prepare('SELECT null FROM users WHERE username=?;'); $stmt->execute([$_POST['username']]); if($stmt->fetch(PDO::FETCH_NUM)){ echo '

Error, this username is already registered.

'; $ok=false; } } if(CAPTCHA){ if(!isset($_REQUEST['challenge'])){ echo '

Error: Wrong Captcha

'; $ok=false; }else{ $stmt=$db->prepare('SELECT code FROM captcha WHERE id=?;'); $stmt->execute([$_REQUEST['challenge']]); $stmt->bindColumn(1, $code); if(!$stmt->fetch(PDO::FETCH_BOUND)){ echo '

Error: Captcha expired

'; $ok=false; }else{ $time=time(); $stmt=$db->prepare('DELETE FROM captcha WHERE id=? OR timeexecute([$_REQUEST['challenge'], $time-3600]); if($_REQUEST['captcha']!==$code){ if(strrev($_REQUEST['captcha'])!==$code){ echo '

Error: Wrong captcha

'; $ok=false; } } } } } $check=$db->prepare('SELECT null FROM users WHERE onion=?;'); if(isset($_REQUEST['private_key']) && !empty(trim($_REQUEST['private_key']))){ $priv_key=trim($_REQUEST['private_key']); if(($pkey=openssl_pkey_get_private($priv_key))!==false){ $details=openssl_pkey_get_details($pkey); if($details['bits']!==1024){ echo '

Error, private key not of bitsize 1024.

'; $ok=false; }else{ $onion=get_onion($pkey); $check->execute([$onion]); if($check->fetch(PDO::FETCH_NUM)){ echo '

Error onion already exists.

'; $ok=false; } } openssl_pkey_free($pkey); }else{ echo '

Error, private key invalid.

'; $ok=false; } }else{ do{ $pkey=openssl_pkey_new(['private_key_bits'=>1024, 'private_key_type'=>OPENSSL_KEYTYPE_RSA]); openssl_pkey_export($pkey, $priv_key); $onion=get_onion($pkey); openssl_pkey_free($pkey); $check->execute([$onion]); }while($check->fetch(PDO::FETCH_NUM)); } if($ok){ if(isset($_POST['public']) && $_POST['public']==1){ $public=1; } if(isset($_POST['php']) && in_array($_POST['php'], [1, 2])){ $php=$_POST['php']; } if(isset($_POST['autoindex']) && $_POST['autoindex']==1){ $autoindex=1; } $priv_key=trim(str_replace("\r", '', $priv_key)); $hash=password_hash($_POST['pass'], PASSWORD_DEFAULT); } $check=$db->prepare('SELECT null FROM users WHERE dateadded>?;'); $check->execute([time()-60]); if($check->fetch(PDO::FETCH_NUM)){ echo '

To prevent abuse a site can only be registered every 60 seconds, but one has already been registered within the last 60 seconds. Please try again.

'; $ok=false; }elseif($ok){ $stmt=$db->prepare('INSERT INTO users (username, password, onion, private_key, dateadded, public, php, autoindex) VALUES (?, ?, ?, ?, ?, ?, ?, ?);'); $stmt->execute([$_POST['username'], $hash, $onion, $priv_key, time(), $public, $php, $autoindex]); $create_user=$db->prepare("CREATE USER '$onion.onion'@'localhost' IDENTIFIED BY ?;"); $create_user->execute([$_POST['pass']]); $db->exec("CREATE DATABASE IF NOT EXISTS `$onion`;"); $db->exec("GRANT ALL PRIVILEGES ON `$onion`.* TO '$onion.onion'@'localhost';"); $db->exec('FLUSH PRIVILEGES;'); $stmt=$db->prepare('INSERT INTO new_account (onion, password) VALUES (?, ?);'); $stmt->execute([$onion, get_system_hash($_POST['pass'])]); $title="A new hidden service $onion has been created"; $msg="A new hidden service http://$onion.onion has been created"; $headers="From: www-data \r\nContent-Type: text/plain; charset=UTF-8\r\n"; mail('daniel@tt3j2x4k5ycaa5zt.onion', $title, $msg, $headers); echo "

Your onion domain $onion.onion has successfully been created. Please wait up to one minute until the changes have been processed. You can then login here.

"; } } echo '

'; echo ''; echo ''; echo ''; if(CAPTCHA){ send_captcha(); } if($_SERVER['REQUEST_METHOD']!=='POST' || (isset($_POST['public']) && $_POST['public']==1)){ $public=' checked'; }else{ $public=''; } if(isset($_POST['autoindex']) && $_POST['public']==1){ $autoindex=' checked'; }else{ $autoindex=''; } $nophp=''; $php70=''; $php71=''; if(isset($_POST['php']) && $_POST['php']==0){ $nophp=' selected'; }elseif(isset($_POST['php']) && $_POST['php']==2){ $php71=' selected'; }else{ $php70=' selected'; } echo ''; echo ''; echo ''; echo ''; echo ''; echo '

Username
Password
Confirm password
PHP version
Publish site on list of hosted sites
Enable autoindex (listing of files)
Custom private key (optional)	'; if(isset($_REQUEST['private_key'])){ echo htmlspecialchars($_REQUEST['private_key']); } echo '

'; echo '';