Merge branch 'master' of ngxez/Gazelle into master

.gitignore

@@ -0,0 +1,2 @@
+classes/config.php
+.DS_Store

classes/config.template

@@ -76,7 +76,11 @@ define('BLOCK_OPERA_MINI',  false); //Set to true to block Opera Mini proxy
 define('DONOR_INVITES',     2);
 
 // Features
-define('FEATURE_EMAIL_REENABLE', true);
+define('FEATURE_EMAIL_REENABLE',     true);
+define('FEATURE_SEND_EMAIL',         true);  //Attempt to send email from the site
+define('FEATURE_IRC',                true);  //Attempt to send messages to IRC
+define('FEATURE_ENFORCE_LOCATIONS',  true);  //Require users to verify login from unknown devices
+define('FEATURE_SET_ENC_KEY_PUBLIC', false); //Allow the site encryption key to be set without an account
 
 // User class IDs needed for automatic promotions. Found in the 'permissions' table
 // Name of class  Class ID (NOT level)

classes/misc.class.php

@@ -17,7 +17,10 @@ class Misc {
     $Headers .= 'X-Mailer: Project Gazelle'."\r\n";
     $Headers .= 'Message-Id: <'.Users::make_secret().'@'.SITE_DOMAIN.">\r\n";
     $Headers .= 'X-Priority: 3'."\r\n";
-    mail($To, $Subject, $Body, $Headers, "-f $From@".SITE_DOMAIN);
+    // check if email is enabled
+    if (FEATURE_SEND_EMAIL) {
+      mail($To, $Subject, $Body, $Headers, "-f $From@".SITE_DOMAIN);
+    }
   }
 
 

classes/util.php

@@ -133,6 +133,11 @@ function display_str($Str) {
  * @param string $Raw An IRC protocol snippet to send.
  */
 function send_irc($Raw) {
+  // check if IRC is enabled
+  if (!FEATURE_IRC) {
+    return;
+  }
+
   $IRCSocket = fsockopen(SOCKET_LISTEN_ADDRESS, SOCKET_LISTEN_PORT);
   $Raw = str_replace(array("\n", "\r"), '', $Raw);
   fwrite($IRCSocket, $Raw);

sections/login/index.php

@@ -274,7 +274,8 @@ else {
                   $DB->query("SELECT ASN FROM geoip_asn WHERE StartIP<=INET6_ATON('$_SERVER[REMOTE_ADDR]') AND EndIP>=INET6_ATON('$_SERVER[REMOTE_ADDR]')");
                   list($CurrentASN) = $DB->next_record();
 
-                  if (!in_array($CurrentASN, $PastASNs)) {
+                  // if FEATURE_ENFORCE_LOCATIONS is enabled, require users to confirm new logins
+                  if (!in_array($CurrentASN, $PastASNs) && FEATURE_ENFORCE_LOCATIONS) {
                     // Never logged in from this location before
                     if ($Cache->get_value('new_location_'.$UserID.'_'.$CurrentASN) !== true) {
                       $DB->query("

sections/tools/index.php

@@ -10,7 +10,10 @@ if (isset($argv[1])) {
   $_REQUEST['action'] = $argv[1];
 } else {
   if (empty($_REQUEST['action']) || ($_REQUEST['action'] != 'public_sandbox' && $_REQUEST['action'] != 'ocelot')) {
-    enforce_login();
+    // if set, do not enforce login so we can set the encryption key w/o an account
+    if (!FEATURE_SET_ENC_KEY_PUBLIC) {
+      enforce_login();
+    }
   }
 }
 

sections/tools/misc/database_key.php

@@ -1,10 +1,16 @@
 <?
-if (!check_perms('site_debug')) {
-    error(403);
+// if set, do not enforce login so we can set the encryption key w/o an account
+if (!FEATURE_SET_ENC_KEY_PUBLIC) {
+  if (!check_perms('site_debug')) {
+      error(403);
+  }
 }
 
 if (isset($_POST['dbkey'])) {
-  authorize();
+  // if set, do not enforce login so we can set the encryption key w/o an account
+  if (!FEATURE_SET_ENC_KEY_PUBLIC) {
+    authorize();
+  }
   apc_store('DBKEY', hash('sha512', $_POST['dbkey']));
 }