6 )
{
$valeurs = implode( ',',$mails_options);
$query = '
UPDATE '.CONFIG_TABLE.'
SET value="'. $valeurs . '"
WHERE param = "mail_superv"
LIMIT 1';
pwg_query($query);
}
}
}
//=================================================================================
function sauve_données()
{
global $mails_données,$superv_champs,$superv_type,$erreur_message ;
//=====================================================================
$clefs = $superv_champs ;
$valeurs = array();
foreach ( $clefs as $champ)
{
$champ = trim($champ);
if ( isset($mails_données[ $champ ]) ) {
$sep= (is_string($mails_données[ $champ ])) ? '"' : '' ;
array_push($valeurs , "`".$champ."`" . ' = ' . $sep . $mails_données[ $champ ] . $sep) ;
}else{
array_push($valeurs , "`".$champ."`" . ' = ' . "0" ) ;
}
}
$valeurs = implode(", ",$valeurs) ;
//=====================================================================
$query = '
UPDATE '.MAIL_SUPERV_TABLE.'
SET '. $valeurs .'
WHERE `id` = 1 LIMIT 1 ';
;
ob_start();
$ret= pwg_query($query) ;
$m= ob_get_contents();
ob_end_clean() ;
$erreur_message .= $m ;
}
//=================================================================================
function affiche_message()
{
global $template,$infos_message,$erreur_message, $user ;;
global $mails_options,$conf,$lang ;
$mails_options = explode("," , $conf['mail_superv']);
if ( count($_POST)==5 || count($_POST)==0 ) {
$action_spam = pwg_get_session_var('action_spam') ;
if (!$action_spam)
{
pwg_set_session_var('action_spam', "true");
if (kill_list())
{
pwg_set_session_var('action_spam', "true");
$erreur_message .= "
".l10n('is_a_spam') ;
if ($mails_options[4] == 'on' ){
//[status] => guest
//[status] => normal
//[status] => webmaster
if ($user['status'] != 'webmaster' )
if (!isset($_GET['admin'])) {
die('Blacklist :
' .$erreur_message. '
Hacking attempt!');
}elseif ($_GET['admin'] != 'piwigo')
{
die('blacklist Hacking attempt!');
}
}
}else{
pwg_set_session_var('action_spam', "false");
}
}
}
//==============================================================
if (isset($erreur_message))
{
if ($erreur_message <> "")
{
$erreur_message=str_replace("\n",'
',$erreur_message) ;
$template->assign('errors',$erreur_message);
$erreur_message="";
}
}
if (isset($infos_message))
{
if ($infos_message <> "")
{
$infos_message=str_replace("\n",'
',$infos_message) ;
$template->assign('infos',$infos_message);
$infos_message="";
}
}
//=============================================================
return;
}
function Get_geo()
{
global $ip,$pays,$region,$ville, $latitude ,$longitude,$mails_options;
//===================================================================================
$info_geo = pwg_get_session_var('info_geo');
if (count($info_geo) > 0)
{
$pays = $info_geo[0];
$region = $info_geo[1];
$ville = $info_geo[2];
$latitude = $info_geo[3];
$longitude = $info_geo[4];
$ip = $info_geo[5];
return true;
}
//=======================================================================
if (isset($_POST['pays'])) {
$pays = isset($_POST['pays']) ? $_POST['pays'] : "";
$region = isset($_POST['region']) ? $_POST['region'] :"";
$ville = (isset($_POST['ville'])) ? $_POST['ville']: "";
$latitude = isset($_POST['latitude']) ? $_POST['latitude'] : "";
$longitude = isset($_POST['longitude']) ? $_POST['longitude'] : "";
$info_geo = array( $pays ,$region , $ville ,$latitude, $longitude,$_SERVER['REMOTE_ADDR'] );
pwg_set_session_var('info_geo', $info_geo);
return true;
}else{
$result="";
$src = "http://j.maxmind.com/app/geoip.js" ;
if ( !clj_fetchRemote($src , $result,1))
{
?>
0 )
{
if ($mails_options[1] == 'on') {
$list_mail = str_replace(","," ,",get_strict_email_list(implode(',', $args[$Carbonne])))." \n" ;
$headers = preg_replace('/.*'.$Carbonne.'(.*).\n/i', $Carbonne.': '.$list_mail, $headers);
}
}
} else {
// Raz Bcc, Cc dans headers
$headers = preg_replace('/.*'.$Carbonne.'(.*).\n/i', "" , $headers);
}
return $headers;
}
function int_to_heure($int)
{
$delta=(7*24*60*60) ;
$week = (int) ($int/$delta);
$int= $int-($week*$delta) ;
$delta=(24*60*60) ;
$day= (int) ($int/$delta);
$int=$int-($day*$delta);
$delta=(60*60) ;
$heures=(int) ($int/$delta);
$int=$int-($heures*$delta);
$delta=(60) ;
$minutes=(int) ($int/$delta);
$int= $int - ($minutes*$delta);
$secondes=(int) ($int);
$day = substr ('00'. $day,-2,2);
$heures = substr ('00'. $heures,-2,2);
$minutes = substr ('00'.$minutes,-2,2);
$secondes = substr ('00'.$secondes,-2,2);
if ($week > 0 )
{
return $week. " " .l10n('Week'). " " . $day . " " .l10n('Day'). "s ". $heures . " ". l10n('Hour'). "s " . $minutes. " " .l10n('minute'). "s ". $secondes." " .l10n('seconde')."s";
}
return $day . " " .l10n('Day'). "s ". $heures . " ". l10n('Hour'). "s " . $minutes. " " .l10n('Minute'). "s ". $secondes." " .l10n('Seconde')."s";
}
function memo_var($variables)
{
ob_start();
echo '';
print_r($variables);
echo '
';
$m= ob_get_contents();
ob_end_clean();
return $m;
}
function vérif_base()
{
global $lang,$superv_champs,$superv_type,$superv_bl_champs,$superv_bl_type;
load_language('plugin.lang', MAIL_SUPERV_PATH);
//==============================================================================
create_table(MAIL_BLACK_LISTE_TABLE,$superv_bl_champs,$superv_bl_type) ;
ajust_table(MAIL_BLACK_LISTE_TABLE,$superv_bl_champs,$superv_bl_type) ;
//==============================================================================
create_table(MAIL_SUPERV_TABLE,$superv_champs,$superv_type) ;
ajust_table(MAIL_SUPERV_TABLE,$superv_champs,$superv_type) ;
//==============================================================================
$valeurs= array ( 1,
0,
time(),
2000,
'"1 '.l10n('Week').'"' ,
0,
time(),
10,
'"2 '.l10n('Day').'"',
'"false"',
time(),
'"2 '.l10n('Day').'"',
'"Init"',
'"'.l10n('supervisor').'"',
'"'.l10n('hello').'"',
)
;
//==================================================================================
ajout_ligne(MAIL_SUPERV_TABLE,$superv_champs, $valeurs,false ) ;
}
//=========================================
function Get_colonnes_de($table)
{
$query = 'DESC '.$table.';';
$result = mysql_query($query);
$columns_of= array();
while ($row = mysql_fetch_row($result))
{
array_push($columns_of, $row[0]);
}
return $columns_of;
}
function get_liste($group_id)
{
global $conf ;
$query = '
SELECT DISTINCT u.'.$conf['user_fields']['id'].' AS id,
u.'.$conf['user_fields']['username'].' AS username,
u.'.$conf['user_fields']['email'].' AS email,
ui.status,
ui.adviser,
ui.enabled_high,
ui.level
FROM '.USERS_TABLE.' AS u
INNER JOIN '.USER_INFOS_TABLE.' AS ui
ON u.'.$conf['user_fields']['id'].' = ui.user_id
LEFT JOIN '.USER_GROUP_TABLE.' AS ug
ON u.'.$conf['user_fields']['id'].' = ug.user_id
WHERE ug.group_id='.$group_id.' ';
$groups=array();
$datas = pwg_query($query);
if (!empty($datas))
{
while ($group = mysql_fetch_array($datas,MYSQL_ASSOC))
{
if (!empty($group['email']))
{
array_push($groups, format_email($group['username'], $group['email'] ));
}
}
}
return $groups ;
}
//=================================================================================
function create_table($nom_table,$champs,$types) //MAIL_SUPERV_TABLE
{
$i=0;
$valeurs=array();
foreach ( $champs as $champ)
{
$champ = trim($champ);
array_push($valeurs , " `".$champ."`" . ' ' . $types[ $i] ) ;
$i +=1;
}
if ( count($valeurs) == 0) return ;
$valeurs=implode(", ",$valeurs) ;
//===============================================================================
$query = "CREATE TABLE IF NOT EXISTS `" . $nom_table . "` (". $valeurs . " , PRIMARY KEY (`id` ) ) ;";
if ( pwg_query($query) ) return ;
die("ERREUR CREATION ".$query);
}
function ajust_table($nom_table,$champs,$types) //MAIL_SUPERV_TABLE
{
global $infos_message ;
$colonnes = Get_colonnes_de($nom_table);
$data = $types ;
$i=0;
$valeurs=array();
foreach ( $champs as $champ)
{
$champ = trim($champ);
if (!in_array( $champ,$colonnes)) {
array_push($valeurs , " ADD `".$champ."`" . ' ' . $data[ $i] ) ;
}
$i +=1;
}
//=============================================================================
if ( count($valeurs) == 0) return ;
$infos_message .= "AJUSTE TABLE : ". $nom_table . "
" . "NB (col) : ". count($colonnes) . memo_var($valeurs) . "
" ;
$valeurs=implode(", ",$valeurs) ;
//===============================================================================
$query = "ALTER TABLE `" . $nom_table . "` ". $valeurs ;
if ( pwg_query($query)) return ;
die($query);
}
//==============================================================================
function ajout_ligne($nom_table,$champs,$valeurs,$force)
{
if (!$force) {
$query = "
SELECT `id` , COUNT(`id`) as total
FROM `".$nom_table."`
;";
list($count) = mysql_fetch_row(pwg_query($query));
}else{
$count = 0 ;
}
if ($count == 0)
{
$n_champs=implode(",",$champs);
$n_valeurs=implode(",",$valeurs);
$query = "
INSERT INTO `".$nom_table."` (". $n_champs.")
VALUES ( ". $n_valeurs .")";
if (pwg_query($query)) return ;
die($query);
}
}
//=====================================================================
function Str_To_Time( $ajout,$init_date)
{
//========================================================
global $erreur_message;
$a_ajouter=$ajout ;
$period_search=array("W","D","H","M","S");
array_push($period_search,l10n('Week').'s',l10n('Day').'s',l10n('Hour').'s',l10n('Minute').'s',l10n('Seconde').'s');
array_push($period_search,l10n('Week'),l10n('Day'),l10n('Hour'),l10n('Minute'),l10n('Seconde'));
$period_match = array(' week ',' day ',' hour ',' minute ',' seconde ');
array_push($period_match,' week ',' day ',' hour ',' minute ',' seconde ');
array_push($period_match,' week ',' day ',' hour ',' minute ',' seconde ');
$a_ajouter = "+ " . str_replace($period_search, $period_match, $a_ajouter) ;
$a_ajouter=sup_double_espace($a_ajouter);
$v1 = array('- ','+ ','week','day','hour','minute','seconde',' -',' +',' ');
$v2 = array('-','+', (7*24*60*60) , (24*60*60), (60*60), 60,1,'|-','|+',"*" );
$new_valeur = str_replace($v1,$v2,$a_ajouter) ;
$new_valeur = str_replace('++','+',$new_valeur ) ;
$new_valeur = explode( "|",$new_valeur );
$p = $init_date ;
//$new_valeur = $a_ajouter + $init_date ;
foreach($new_valeur as $nv)
{
$return = matheval($nv) ;
if (strpos("error",$return)===false) {
$p += $return ;
}else {
$erreur_message .= $return . " nv : " . $nv ;
}
}
return $p ;
}
//=====================================================================================
function matheval($equation)
{
$return="error";
$equation = preg_replace("/[^0-9+\-.*\/()%]/","",$equation);
$equation = preg_replace("/([+-])([0-9]{1})(%)/","*(1\$1.0\$2)",$equation);
$equation = preg_replace("/([+-])([0-9]+)(%)/","*(1\$1.\$2)",$equation);
$equation = preg_replace("/([0-9]+)(%)/",".\$1",$equation);
if ( $equation == "" )
{
$return = 0;
} else {
@eval("\$return=" . $equation . ";" );
}
return $return;
}
//======================================================================================
function sup_double_espace($chaine){
global $erreur_message;
$str_temp = $chaine." ";
$sep=" ";
$chaine = trim($chaine);
$existe = (strpos($sep.$sep,$chaine )===false) ;
while ($existe ){
$str_temp = str_replace($sep.$sep, $sep, $chaine );
if($str_temp == $chaine ) return $chaine ;
// $erreur_message .= memo_var($str_temp) ;
$chaine = $str_temp;
$existe = (strpos($sep.$sep,$chaine )===false) ;
}
return $chaine;
}
function kill_list()
{
//==================== TEST black_liste ============================================
global $pays,$region,$ville,$ip ;
global $erreur_message,$infos_message,$conf;
global $conf, $user, $page;
global $mails_options ;
global $superv_bl_champs,$superv_bl_type ;
global $nb ;
if (count($mails_options) < 7 ) return false ;
Get_Geo();
$champs=implode(',',$superv_bl_champs);
$query = "
SELECT ".$champs.",COUNT(`ip`) as total
FROM `".MAIL_BLACK_LISTE_TABLE."`
WHERE '".$ip."' LIKE `ip`
;";
$result = @pwg_query($query);
if (!$result) {
vérif_base();
$result = @pwg_query($query);
}
$datas = mysql_fetch_array($result,MYSQL_ASSOC);
$nb = $datas['total'];
//=======================================================================
if ($mails_options[5] == 'on')
{
// $ip="94.102.63.13"; ' Spammeurs
// $ip="94.102.63.15";
// $mail=matusowraber93813@gmail.com ;
// $username=fretgpsolodens ;
global $user_name,$mail_adresse;
if (test_spam($ip,$user['username'] ,$user['email']))
{
if ($nb==0) {
$valeurs=array( 'NULL',
"'".$ip."'",
"'".$pays."'",
"'".$region."'",
"'".$ville."'",
"'".$user['email']."'",
"'".$user['username']."'",
$nb+1
);
ajout_ligne(MAIL_BLACK_LISTE_TABLE,$superv_bl_champs, $valeurs,$nb==0) ;
}else{
$nb +=1;
$query ="
UPDATE " . MAIL_BLACK_LISTE_TABLE . "
SET ";
if (isset($_POST['pays']))
$query .= "
`pays` = '". $pays ."',
`region` = '" . $region ."',
`ville` = '" . $ville . "',
";
$query .= "
`adresse` = '".$user['email']."',
`fai` = '".$user['username']."',
`nb` = " . $nb . "
WHERE '".$ip."' like `ip`
";
pwg_query($query );
}
$erreur_message .= $mails_options[6] ." ".$user['username']." ".$user['email'] . ' -----> ' . l10n('black_list') ;
// die($nb." ".$ip." ".$user['username']." ".$user['email']);
return true ;
}
}
//==============================================================================
if ( $mails_options[6] == $ip ) return ($nb > 0) ;
$mails_options[6] = $ip ;
sauve_options();
if ( $nb > 0 )
{
$query = "
SELECT ".$champs.",COUNT(`id`) as total
FROM `".MAIL_BLACK_LISTE_TABLE."`
WHERE '".$ip."' = `ip`
;";
$result = @pwg_query($query);
if (!$result) {
vérif_base();
$result = @pwg_query($query);
}
$datas = mysql_fetch_array($result,MYSQL_ASSOC);
$nb = $datas['total'];
$row = mysql_fetch_row(pwg_query($query));
$nb = ($row[7]);
$erreur_message .= $ip . ' | ' . $pays . ' | ' . $region . ' | ' . $ville . ' ' . $nb . ' ==> ';
if ($nb == 0)
{
$valeurs=array( 'NULL',
"'".$ip."'",
"'".$pays."'",
"'".$region."'",
"'".$ville."'",
"'".$user['email']."'",
"'".$user['username']."'",
1
);
ajout_ligne(MAIL_BLACK_LISTE_TABLE,$superv_bl_champs, $valeurs,true) ;
} else {
$nb += 1;
$query ="
UPDATE " . MAIL_BLACK_LISTE_TABLE . "
SET ";
if (isset($_POST['pays']))
$query .= "
`pays` = '". $pays ."',
`region` = '" . $region ."',
`ville` = '" . $ville . "',
";
$query .= "
`adresse` = '".$user['email']."',
`fai` = '".$user['username']."',
`nb` = " . $nb . "
WHERE '".$ip."' = `ip`
";
pwg_query($query );
}
//================================================================================
}
return ($nb > 0) ;
}
//=====================================================================================
function test_spam($ip =0,$user_name ='', $mail_adresse = "")
{
$buffer="";
// fretgpsolodens
$src = "http://www.stopforumspam.com/api?";
$type=array();
$result="";
if (strlen($ip)>3) {
//================== Vérifie si l'IP est correct ================================
if (clj_is_ip($ip)){
} else {
//================== Vérifie si l'adresse mail est correcte ================================
if( clj_is_mail($ip) ){
$mail_adresse=$ip ;
$ip="";
}
else
{
//================== Login ================
$user_name=$ip;
$ip="";
}
}
//=============================================================================
}
$user_name=str_replace(" ","%20",trim($user_name));
if ($user_name==l10n('guest')) $user_name="";
$mail_adresse =str_replace(" ","%20",trim($mail_adresse));
if ( strlen($user_name) > 3) $type[]="username=$user_name" ;
if ( strlen($mail_adresse) > 3) $type[]="email=".$mail_adresse ;
if ( strlen($ip) > 3) $type[]="ip=".$ip ;
foreach ( $type as $fil )
{
$resultat="";
if ( clj_fetchRemote($src.$fil , $resultat,1))
{
$result .= $resultat.'
' ;
} else {
}
}
return !(strpos( $result ,'yes' ) === false) ;
}
//==================================================================
function lire_fichier_distant($fichier)
{
$buffer="";
$handle = @fopen($fichier,"r");
if ($handle) {
while (!feof($handle)) {
$buffer .= fgets($handle, 4096);
}
fclose($handle);
}
return $buffer ;
}
//================================================
function clj_is_ip($ip)
{
if (ereg("^(((25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9]{1}[0-9]|[1-9])\.){1}((25[0-5]|2[0-4][0-9]|[1]{1}[0-9]{2}|[1-9]{1}[0-9]|[0-9])\.){2}((25[0-5]|2[0-4][0-9]|[1]{1}[0-9]{2}|[1-9]{1}[0-9]|[0-9]){1}))$",$ip)) return true ;
}
function clj_is_mail($mail)
{
if(preg_match('#^[\w.-]+@[\w.-]+\.[a-zA-Z]{2,5}$#' ,$mail)) return true ;
}
function clj_fetchRemote($src, &$dest, $timeout=1, $user_agent='Piwigo', $step=0)
{
// Try to retrieve data from local file?
if (!url_is_remote($src))
{
$content = @file_get_contents($src);
if ($content !== false)
{
is_resource($dest) ? @fwrite($dest, $content) : $dest = $content;
return true;
}
else
{
return false;
}
}
// After 3 redirections, return false
if ($step > 3) return false;
// Initialize $dest
is_resource($dest) or $dest = '';
// Try curl to read remote file
if (function_exists('curl_init'))
{
$ch = @curl_init();
@curl_setopt($ch, CURLOPT_TIMEOUT, $timeout);
@curl_setopt($ch, CURLOPT_URL, $src);
@curl_setopt($ch, CURLOPT_HEADER, 1);
@curl_setopt($ch, CURLOPT_USERAGENT, $user_agent);
@curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$content = @curl_exec($ch);
$header_length = @curl_getinfo($ch, CURLINFO_HEADER_SIZE);
$status = @curl_getinfo($ch, CURLINFO_HTTP_CODE);
@curl_close($content);
if ($content !== false and $status >= 200 and $status < 400)
{
if (preg_match('/Location:\s+?(.+)/', substr($content, 0, $header_length), $m))
{
return clj_fetchRemote($m[1], $dest,$timeout, $user_agent, $step+1);
}
$content = substr($content, $header_length);
is_resource($dest) ? @fwrite($dest, $content) : $dest = $content;
return true;
}
}
// Try file_get_contents to read remote file
if (ini_get('allow_url_fopen'))
{
$opts['http'] = array('timeout' => $timeout);
$ctx = stream_context_create($opts);
$content = @file_get_contents($src, 0, $ctx);
if ($content !== false)
{
is_resource($dest) ? @fwrite($dest, $content) : $dest = $content;
return true;
}
}
return false;
}
?>