Ulysses Stuff > Releases
ERS - EMail Reporting System
MrPresident:
E-Mail Reporting System
This simple script allows your users to send reports right from the server to your e-mail.
Configuration:
browse to the ERS/lua/autorun/server/configuration.lua and change the following to your specifications.
group_restrictions - This is a table of groups that are allowed to use the script. (I didn't make it ULX compliant in this regard to make it universally compatible with other servers not running ULX)
report_emails - This is a table of e-mail addresses the reports will be sent to.
report_cooldown - This is the amount of time in minutes a player has to wait between sending reports.
php_location - This is the location you have uploaded the php mail handler file (included). This will be an URL path.
Installation:
1. Extract the ERS folder into your addons folder.
2. Upload the included report.php file to your web server. Don't forget to change the path to your report.php file in the config lua file.
3. Don't forget to edit the configuration.lua file. (see above)
4. Restart your server and enjoy!
Commands:
Console:
report - opens the reporting window
Chat:
!report - opens the reporting window
Media:
Security:
+ The server sends the http post command to the web script.
+ The server injects a predefined pass-phrase into the post command that the webserver will hash out using crc32.
+ Assuming the CRCs match, the server will send the mail, otherwise it will error out.
+ This will keep outside sources from using this script to send mail but will not affect the use of the ERS script to send mail.
Changelog:
v1.3
+ Removed the Hashing requirement which will hopefully fix the issue between different versions of PHP. It didn't really add any security to the script and was just something that CH wanted me to add before they'd let me post the script there.
v1.2
+ Moved even more stuff serverside. The client no longer is privy to any information about what's going on behind the scenes.
v1.1
+ Moved the http.Post to serverside and included a crc32 hash challenge in order to send mail from the server.
v1.0
+ Release
Notes:
If you do not have access to your own webserver and would like to run this script, I am willing to run the php portion of the script for people for a small fee. If you are interested in this, contact me on steam or PM here and we can work something out.
Fanney:
Usefule addon as always, but i have some concerns at the Security side.
As the Client send's the HTTP- Post it's possible for the Client to sniff for the URL where the File is located, also addiontal data using wireshark or decrypting the lua cache.
If someone wants he can send as much emails to everyone using your Server and therefore possible get your server marked as "spam server".
My sugesstion - edit it because it's in that state not good for a public server.
It would be nice if you could move the http.Post things to the Serverside and add some kind of "authentication" key to the report.php to be sure no one abuses this.
So, bascially that the Server needs to answer with some auth key or smth like.
MrPresident:
Yeah, I considered that. I just didn't think gmod players would go through the trouble of doing that.
I am in the process of moving the http.Post to the server side.
I'll look into adding some kind of authentication, but I'm not sure how much I can do without making it overly complicated, which is what I was trying to avoid.
MrPresident:
Version 1.1
--------------
+ Moved all http commands to the server side lua.
+ Added in a CRC32 hash password that the server sends the web script in order to authenticate.
+ The web script will only send mail if the CRC32 hashs match.
Stickly Man!:
Lookin' good, Mr. P! 8)
Navigation
[0] Message Index
[#] Next page
Go to full version