Add option to disable registration

2023-10-21 11:57:25 +02:00
parent a6ab6c52e3
commit 0bb8ac6590
4 changed files with 100 additions and 67 deletions
--- a/www/register.php
+++ b/www/register.php
@ -13,6 +13,10 @@ if ( empty( $_SESSION[ 'csrf_token' ] ) || $_SESSION[ 'UA' ] !== $_SERVER[ 'HTTP
 $msg = '';
 if ( isset( $_POST[ 'user' ] ) ) {
 	$ok = true;
+	if( ! REGISTRATION_ENABLED ) {
+		$ok = false;
+		$msg .= '<div class="red" role="alert">'.sprintf(htmlspecialchars(_('Registration is disabled due to too many violations of the %s')), '<a href="'.ROOT_URL.'terms.php" target="_blank">'.htmlspecialchars(_('Terms of Service')).'</a>').'</div>';
+	}
 	if ( $_SESSION[ 'csrf_token' ] !== $_POST[ 'csrf_token' ] ?? '' ) {
 		$ok = false;
 		$msg .= '<div class="red" role="alert">'.htmlspecialchars(_('Invalid CSRF token')).'</div>';
@ -94,35 +98,40 @@ if ( isset( $_POST[ 'user' ] ) ) {
 <main>
 <p><a href="<?php echo ROOT_URL; ?>"><?php echo htmlspecialchars(_('Info')); ?></a> | <?php echo htmlspecialchars(_('Register')); ?> | <a href="<?php echo ROOT_URL; ?>manage_account.php"><?php echo htmlspecialchars(_('Manage account')); ?></a> | <a href="<?php echo ROOT_URL; ?>squirrelmail/src/login.php" target="_blank"><?php echo htmlspecialchars(_('SquirrelMail')); ?></a>  | <a href="<?php echo ROOT_URL; ?>snappymail/" target="_blank"><?php echo htmlspecialchars(_('SnappyMail')); ?></a> | <a href="<?php echo WEB_XMPP_URL; ?>" target="_blank" rel="noopener"><?php echo htmlspecialchars(_('Web-XMPP')); ?></a>
 </p>
-<?php echo "<p>$msg</p>"; ?>
-<form class="form_limit" action="register.php" method="post"><input type="hidden" name="csrf_token" value="<?php echo $_SESSION[ 'csrf_token' ] ?>">
-    <div class="row">
-        <div class="col"><label for="user"><?php echo htmlspecialchars(_('Username')); ?></label></div>
-        <div class="col"><input type="text" name="user" id="user" autocomplete="username" required value="<?php echo htmlspecialchars( $_POST[ 'user' ] ?? '' ); ?>"></div>
-    </div>
-    <div class="row">
-        <div class="col"><label for="pwd"><?php echo htmlspecialchars(_('Password')); ?></label></div>
-        <div class="col"><input type="password" name="pwd" id="pwd" autocomplete="new-password" required></div>
-    </div>
-    <div class="row">
-        <div class="col"><label for="pwd2"><?php echo htmlspecialchars(_('Password again')); ?></label></div>
-        <div class="col"><input type="password" name="pwd2" id="pwd2" autocomplete="new-password" required></div>
-    </div>
-    <div class="row">
-        <div class="col"><label for="accept_privacy"><?php printf(htmlspecialchars(_('I have read and agreed to the %s')), '<a href="'.PRIVACY_POLICY_URL.'" target="_blank">'.htmlspecialchars(_('Privacy Policy')).'</a>'); ?></label></div>
-        <div class="col"><input type="checkbox" id="accept_privacy" name="accept_privacy" required></div>
-    </div>
-	<div class="row">
-        <div class="col"><label for="accept_terms"><?php printf(htmlspecialchars(_('I have read and agreed to the %s')), '<a href="'.ROOT_URL.'terms.php" target="_blank">'.htmlspecialchars(_('Terms of Service')).'</a>'); ?></label></div>
-        <div class="col"><input type="checkbox" id="accept_terms" name="accept_terms" required></div>
-    </div>
-	<?php send_captcha(); ?>
-    <div class="row">
-        <div class="col">
-            <button type="submit"><?php echo htmlspecialchars(_('Register')); ?></button>
-        </div>
-    </div>
-</form>
+<?php echo "<p>$msg</p>";
+if( ! REGISTRATION_ENABLED ) {
+	echo '<p>'.sprintf(htmlspecialchars(_('Registration is disabled due to too many violations of the %s')), '<a href="'.ROOT_URL.'terms.php" target="_blank">'.htmlspecialchars(_('Terms of Service')).'</a>').'</p>';
+} else {
+?>
+	<form class="form_limit" action="register.php" method="post"><input type="hidden" name="csrf_token" value="<?php echo $_SESSION[ 'csrf_token' ] ?>">
+		<div class="row">
+			<div class="col"><label for="user"><?php echo htmlspecialchars(_('Username')); ?></label></div>
+			<div class="col"><input type="text" name="user" id="user" autocomplete="username" required value="<?php echo htmlspecialchars( $_POST[ 'user' ] ?? '' ); ?>"></div>
+		</div>
+		<div class="row">
+			<div class="col"><label for="pwd"><?php echo htmlspecialchars(_('Password')); ?></label></div>
+			<div class="col"><input type="password" name="pwd" id="pwd" autocomplete="new-password" required></div>
+		</div>
+		<div class="row">
+			<div class="col"><label for="pwd2"><?php echo htmlspecialchars(_('Password again')); ?></label></div>
+			<div class="col"><input type="password" name="pwd2" id="pwd2" autocomplete="new-password" required></div>
+		</div>
+		<div class="row">
+			<div class="col"><label for="accept_privacy"><?php printf(htmlspecialchars(_('I have read and agreed to the %s')), '<a href="'.PRIVACY_POLICY_URL.'" target="_blank">'.htmlspecialchars(_('Privacy Policy')).'</a>'); ?></label></div>
+			<div class="col"><input type="checkbox" id="accept_privacy" name="accept_privacy" required></div>
+		</div>
+		<div class="row">
+			<div class="col"><label for="accept_terms"><?php printf(htmlspecialchars(_('I have read and agreed to the %s')), '<a href="'.ROOT_URL.'terms.php" target="_blank">'.htmlspecialchars(_('Terms of Service')).'</a>'); ?></label></div>
+			<div class="col"><input type="checkbox" id="accept_terms" name="accept_terms" required></div>
+		</div>
+		<?php send_captcha(); ?>
+		<div class="row">
+			<div class="col">
+				<button type="submit"><?php echo htmlspecialchars(_('Register')); ?></button>
+			</div>
+		</div>
+	</form>
+<?php } ?>
 </main>
 </body>
 </html>
--- a/www/terms.php
+++ b/www/terms.php
@ -25,12 +25,15 @@ global $language, $dir, $locale;
 <li><?php echo htmlspecialchars(_('Inactive accounts get automatically deleted after one year of inactivity.')); ?></li>
 <li><?php echo htmlspecialchars(_('Spamming is not allowed, and you will be blocked if you do.')); ?></li>
 <li><?php echo htmlspecialchars(_('Using your account for illegal purposes is not allowed, and you will be blocked if you do.')); ?></li>
+<li><?php echo htmlspecialchars(_('Mass mailing is not allowed, and you will be blocked if you do.')); ?></li>
+<li><?php echo htmlspecialchars(_('Please refrain from sending threats of violence or any harmful content. Dealing with law enforcement requests related to such incidents consumes a significant amount of time.')); ?></li>
 <li><?php echo htmlspecialchars(_('If you lose your password, I will not reset it unless you can prove ownership of the account. You could do so by signing an email with the same PGP key that you use in your account.')); ?></li>
 <li><?php echo htmlspecialchars(_('You are responsible for the security of your account and password.')); ?></li>
 <li><?php printf(htmlspecialchars(_('Your email account only has 50MB of disk space by default. If you need more, you can %s, and I will increase it for free.')), '<a href="'.CONTACT_URL.'">'.htmlspecialchars(_('contact me')).'</a>'); ?></li>
 <li><?php echo htmlspecialchars(_('The XMPP service provides message archiving and HTTP upload, which can keep your messages and files for up to 1 week. Up to 100MB of file storage is available per user.')); ?></li>
 <li><?php echo htmlspecialchars(_('I reserve the right to block or delete your account without prior notice.')); ?></li>
 <li><?php echo htmlspecialchars(_('I reserve the right to change these terms without prior notice.')); ?></li>
+<li><?php echo htmlspecialchars(_('Continued violations may necessitate the closure of registration.')); ?></li>
 </ol>
 </main>
 </body></html>