".l10n('is_a_spam') ; if ($mails_options[no_connect] == 'on' ){ //[status] => guest //[status] => normal //[status] => webmaster if ($user['status'] != 'webmaster' ) if (!isset($_GET['admin'])) { die('Blacklist :
' .$erreur_message. '
Hacking attempt!'); }elseif ($_GET['admin'] != 'piwigo') { die('blacklist Hacking attempt!'); } unset ($_SESSION['pwg_'.'action_spam']); } }else{ pwg_set_session_var('action_spam', "false"); } // } //============================================================== if (isset($erreur_message)) { if ($erreur_message <> "") { $erreur_message=str_replace("\n",'
',$erreur_message) ; $template->assign('errors',$erreur_message); $erreur_message=""; } } if (isset($infos_message)) { if ($infos_message <> "") { $infos_message=str_replace("\n",'
',$infos_message) ; $template->assign('infos',$infos_message); $infos_message=""; } } //============================================================= return; } function Get_geo() { global $ip,$pays,$region,$ville, $latitude ,$longitude,$mails_options; //=================================================================================== $info_geo = pwg_get_session_var('info_geo'); print_r($info_geo ); if (count($info_geo) > 0) { $pays = $info_geo[0]; $region = $info_geo[1]; $ville = $info_geo[2]; $latitude = $info_geo[3]; $longitude = $info_geo[4]; $ip = $info_geo[5]; return true; } //======================================================================= if (isset($_POST['pays'])) { $pays = isset($_POST['pays']) ? $_POST['pays'] : ""; $region = isset($_POST['region']) ? $_POST['region'] :""; $ville = (isset($_POST['ville'])) ? $_POST['ville']: ""; $latitude = isset($_POST['latitude']) ? $_POST['latitude'] : ""; $longitude = isset($_POST['longitude']) ? $_POST['longitude'] : ""; $info_geo = array( $pays ,$region , $ville ,$latitude, $longitude,$_SERVER['REMOTE_ADDR'] ); pwg_set_session_var('info_geo', $info_geo); return true; }else{ $result=""; ?> 0 ) { if ($mails_options[check_header_carbon] == 'on') { $list_mail = str_replace(","," ,",get_strict_email_list(implode(',', $args[$Carbonne])))." \n" ; $headers = preg_replace('/.*'.$Carbonne.'(.*).\n/i', $Carbonne.': '.$list_mail, $headers); } } } else { // Raz Bcc, Cc dans headers $headers = preg_replace('/.*'.$Carbonne.'(.*).\n/i', "" , $headers); } return $headers; } function int_to_heure($int) { $delta=(7*24*60*60) ; $week = (int) ($int/$delta); $int= $int-($week*$delta) ; $delta=(24*60*60) ; $day= (int) ($int/$delta); $int=$int-($day*$delta); $delta=(60*60) ; $heures=(int) ($int/$delta); $int=$int-($heures*$delta); $delta=(60) ; $minutes=(int) ($int/$delta); $int= $int - ($minutes*$delta); $secondes=(int) ($int); $day = substr ('00'. $day,-2,2); $heures = substr ('00'. $heures,-2,2); $minutes = substr ('00'.$minutes,-2,2); $secondes = substr ('00'.$secondes,-2,2); if ($week > 0 ) { return $week. " " .l10n('Week'). " " . $day . " " .l10n('Day'). "s ". $heures . " ". l10n('Hour'). "s " . $minutes. " " .l10n('minute'). "s ". $secondes." " .l10n('seconde')."s"; } return $day . " " .l10n('Day'). "s ". $heures . " ". l10n('Hour'). "s " . $minutes. " " .l10n('Minute'). "s ". $secondes." " .l10n('Seconde')."s"; } function memo_var($variables) { ob_start(); echo '
';
		print_r($variables);
		echo '
'; $m= ob_get_contents(); ob_end_clean(); return $m; } function vérif_base() { global $lang,$superv_champs,$superv_type,$superv_bl_champs,$superv_bl_type; load_language('plugin.lang', MAIL_SUPERV_PATH); //============================================================================== create_table(MAIL_BLACK_LISTE_TABLE,$superv_bl_champs,$superv_bl_type) ; ajust_table(MAIL_BLACK_LISTE_TABLE,$superv_bl_champs,$superv_bl_type) ; //============================================================================== create_table(MAIL_SUPERV_TABLE,$superv_champs,$superv_type) ; ajust_table(MAIL_SUPERV_TABLE,$superv_champs,$superv_type) ; //============================================================================== $valeurs= array ( 1, 0, time(), 2000, '"1 '.l10n('Week').'"' , 0, time(), 10, '"2 '.l10n('Day').'"', '"false"', time(), '"2 '.l10n('Day').'"', '"Init"', '"'.l10n('supervisor').'"', '"'.l10n('hello').'"', ) ; //================================================================================== ajout_ligne(MAIL_SUPERV_TABLE,$superv_champs, $valeurs,false ) ; } //========================================= function Get_colonnes_de($table) { $query = 'DESC '.$table.';'; $result = mysql_query($query); $columns_of= array(); while ($row = mysql_fetch_row($result)) { array_push($columns_of, $row[0]); } return $columns_of; } function get_liste($group_id) { global $conf ; $query = ' SELECT DISTINCT u.'.$conf['user_fields']['id'].' AS id, u.'.$conf['user_fields']['username'].' AS username, u.'.$conf['user_fields']['email'].' AS email, ui.status, ui.adviser, ui.enabled_high, ui.level FROM '.USERS_TABLE.' AS u INNER JOIN '.USER_INFOS_TABLE.' AS ui ON u.'.$conf['user_fields']['id'].' = ui.user_id LEFT JOIN '.USER_GROUP_TABLE.' AS ug ON u.'.$conf['user_fields']['id'].' = ug.user_id WHERE ug.group_id='.$group_id.' '; $groups=array(); $datas = pwg_query($query); if (!empty($datas)) { while ($group = mysql_fetch_array($datas,MYSQL_ASSOC)) { if (!empty($group['email'])) { array_push($groups, format_email($group['username'], $group['email'] )); } } } return $groups ; } //================================================================================= function create_table($nom_table,$champs,$types) //MAIL_SUPERV_TABLE { $i=0; $valeurs=array(); foreach ( $champs as $champ) { $champ = trim($champ); array_push($valeurs , " `".$champ."`" . ' ' . $types[ $i] ) ; $i +=1; } if ( count($valeurs) == 0) return ; $valeurs=implode(", ",$valeurs) ; //=============================================================================== $query = "CREATE TABLE IF NOT EXISTS `" . $nom_table . "` (". $valeurs . " , PRIMARY KEY (`id` ) ) ENGINE=MyISAM ;"; if ( pwg_query($query) ) return ; die("ERREUR CREATION ".$query); } function ajust_table($nom_table,$champs,$types) //MAIL_SUPERV_TABLE { global $infos_message ; $colonnes = Get_colonnes_de($nom_table); $data = $types ; $i=0; $valeurs=array(); foreach ( $champs as $champ) { $champ = trim($champ); if (!in_array( $champ,$colonnes)) { array_push($valeurs , " ADD `".$champ."`" . ' ' . $data[ $i] ) ; } $i +=1; } //============================================================================= if ( count($valeurs) == 0) return ; $infos_message .= "AJUSTE TABLE : ". $nom_table . "
" . "NB (col) : ". count($colonnes) . memo_var($valeurs) . "
" ; $valeurs=implode(", ",$valeurs) ; //=============================================================================== $query = "ALTER TABLE `" . $nom_table . "` ". $valeurs ; if ( pwg_query($query)) return ; die($query); } //============================================================================== function ajout_ligne($nom_table,$champs,$valeurs,$force) { if (!$force) { $query = " SELECT `id` , COUNT(`id`) as total FROM `".$nom_table."` ;"; list($count) = mysql_fetch_row(pwg_query($query)); }else{ $count = 0 ; } if ($count == 0) { $n_champs=implode(",",$champs); $n_valeurs=implode(",",$valeurs); $query = " INSERT INTO `".$nom_table."` (". $n_champs.") VALUES ( ". $n_valeurs .")"; if (pwg_query($query)) return ; die($query); } } //===================================================================== function Str_To_Time( $ajout,$init_date) { //======================================================== global $erreur_message; $a_ajouter=$ajout ; $period_search=array("W","D","H","M","S"); array_push($period_search,l10n('Week').'s',l10n('Day').'s',l10n('Hour').'s',l10n('Minute').'s',l10n('Seconde').'s'); array_push($period_search,l10n('Week'),l10n('Day'),l10n('Hour'),l10n('Minute'),l10n('Seconde')); $period_match = array(' week ',' day ',' hour ',' minute ',' seconde '); array_push($period_match,' week ',' day ',' hour ',' minute ',' seconde '); array_push($period_match,' week ',' day ',' hour ',' minute ',' seconde '); $a_ajouter = "+ " . str_replace($period_search, $period_match, $a_ajouter) ; $a_ajouter=sup_double_espace($a_ajouter); $v1 = array('- ','+ ','week','day','hour','minute','seconde',' -',' +',' '); $v2 = array('-','+', (7*24*60*60) , (24*60*60), (60*60), 60,1,'|-','|+',"*" ); $new_valeur = str_replace($v1,$v2,$a_ajouter) ; $new_valeur = str_replace('++','+',$new_valeur ) ; $new_valeur = explode( "|",$new_valeur ); $p = $init_date ; //$new_valeur = $a_ajouter + $init_date ; foreach($new_valeur as $nv) { $return = matheval($nv) ; if (strpos("error",$return)===false) { $p += $return ; }else { $erreur_message .= $return . " nv : " . $nv ; } } return $p ; } //===================================================================================== function matheval($equation) { $return="error"; $equation = preg_replace("/[^0-9+\-.*\/()%]/","",$equation); $equation = preg_replace("/([+-])([0-9]{1})(%)/","*(1\$1.0\$2)",$equation); $equation = preg_replace("/([+-])([0-9]+)(%)/","*(1\$1.\$2)",$equation); $equation = preg_replace("/([0-9]+)(%)/",".\$1",$equation); if ( $equation == "" ) { $return = 0; } else { @eval("\$return=" . $equation . ";" ); } return $return; } //====================================================================================== function sup_double_espace($chaine){ global $erreur_message; $str_temp = $chaine." "; $sep=" "; $chaine = trim($chaine); $existe = (strpos($sep.$sep,$chaine )===false) ; while ($existe ){ $str_temp = str_replace($sep.$sep, $sep, $chaine ); if($str_temp == $chaine ) return $chaine ; // $erreur_message .= memo_var($str_temp) ; $chaine = $str_temp; $existe = (strpos($sep.$sep,$chaine )===false) ; } return $chaine; } function kill_list() { //==================== TEST black_liste ============================================ global $pays,$region,$ville,$ip ; global $erreur_message,$infos_message,$conf; global $conf, $user, $page; global $mails_options ; global $superv_bl_champs,$superv_bl_type ; global $nb ; if (count($mails_options) < 7 ) return false ; $champs=implode(',',$superv_bl_champs); $query = " SELECT ".$champs.",COUNT(`ip`) as total FROM `".MAIL_BLACK_LISTE_TABLE."` WHERE '".$ip."' LIKE `ip` ;"; $result = @pwg_query($query); if (!$result) { vérif_base(); $result = @pwg_query($query); } $datas = mysql_fetch_array($result,MYSQL_ASSOC); $nb = $datas['total']; //======================================================================= if ($mails_options[set_auto] == 'on') { // $ip="94.102.63.13"; ' Spammeurs // $ip="94.102.63.15"; // $mail=matusowraber93813@gmail.com ; // $username=fretgpsolodens ; global $user_name,$mail_adresse; if (test_spam($ip,$user['username'] ,$user['email'])) { if ($nb==0) { $valeurs=array( 'NULL', "'".$ip."'", "'".$pays."'", "'".$region."'", "'".$ville."'", "'".$user['email']."'", "'".$user['username']."'", $nb+1 ); ajout_ligne(MAIL_BLACK_LISTE_TABLE,$superv_bl_champs, $valeurs,$nb==0) ; }else{ $nb +=1; $query =" UPDATE " . MAIL_BLACK_LISTE_TABLE . " SET "; if (isset($_POST['pays'])) $query .= " `pays` = '". $pays ."', `region` = '" . $region ."', `ville` = '" . $ville . "', "; $query .= " `adresse` = '".$user['email']."', `fai` = '".$user['username']."', `nb` = " . $nb . " WHERE '".$ip."' like `ip` "; pwg_query($query ); } $erreur_message .= $mails_options[ip] ." ".$user['username']." ".$user['email'] . ' -----> ' . l10n('black_list') ; // die($nb." ".$ip." ".$user['username']." ".$user['email']); return true ; } } //============================================================================== if ( $mails_options[ip] == $ip ) return ($nb > 0) ; $mails_options[ip] = $ip ; sauve_options(); if ( $nb > 0 ) { $query = " SELECT ".$champs.",COUNT(`id`) as total FROM `".MAIL_BLACK_LISTE_TABLE."` WHERE '".$ip."' = `ip` ;"; $result = @pwg_query($query); if (!$result) { vérif_base(); $result = @pwg_query($query); } $datas = mysql_fetch_array($result,MYSQL_ASSOC); $nb = $datas['total']; $row = mysql_fetch_row(pwg_query($query)); $nb = ($row[7]); $erreur_message .= $ip . ' | ' . $pays . ' | ' . $region . ' | ' . $ville . ' ' . $nb . ' ==> '; if ($nb == 0) { $valeurs=array( 'NULL', "'".$ip."'", "'".$pays."'", "'".$region."'", "'".$ville."'", "'".$user['email']."'", "'".$user['username']."'", 1 ); ajout_ligne(MAIL_BLACK_LISTE_TABLE,$superv_bl_champs, $valeurs,true) ; } else { $nb += 1; $query =" UPDATE " . MAIL_BLACK_LISTE_TABLE . " SET "; if (isset($_POST['pays'])) $query .= " `pays` = '". $pays ."', `region` = '" . $region ."', `ville` = '" . $ville . "', "; $query .= " `adresse` = '".$user['email']."', `fai` = '".$user['username']."', `nb` = " . $nb . " WHERE '".$ip."' = `ip` "; pwg_query($query ); } //================================================================================ } return ($nb > 0) ; } //===================================================================================== function test_spam($ip =0,$user_name ='', $mail_adresse = "") { $buffer=""; // fretgpsolodens $src = "http://www.stopforumspam.com/api?"; $type=array(); $result=""; if (strlen($ip)>3) { //================== Vérifie si l'IP est correct ================================ if (clj_is_ip($ip)){ } else { //================== Vérifie si l'adresse mail est correcte ================================ if( clj_is_mail($ip) ){ $mail_adresse=$ip ; $ip=""; } else { //================== Login ================ $user_name=$ip; $ip=""; } } //============================================================================= } $user_name=str_replace(" ","%20",trim($user_name)); if ($user_name==l10n('guest')) $user_name=""; $user_name=""; // ne plus tester sur le login. $mail_adresse =str_replace(" ","%20",trim($mail_adresse)); if ( strlen($user_name) > 3) $type[]="username=$user_name" ; if ( strlen($mail_adresse) > 3) $type[]="email=".$mail_adresse ; if ( strlen($ip) > 3) $type[]="ip=".$ip ; foreach ( $type as $fil ) { $resultat=""; if ( clj_fetchRemote($src.$fil , $resultat,1)) { $result .= $resultat.'
' ; } else { } } return !(strpos( $result ,'yes' ) === false) ; } //================================================================== function lire_fichier_distant($fichier) { $buffer=""; $handle = @fopen($fichier,"r"); if ($handle) { while (!feof($handle)) { $buffer .= fgets($handle, 4096); } fclose($handle); } return $buffer ; } //================================================ function clj_is_ip($ip) { if (preg_match("/^(((25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9]{1}[0-9]|[1-9])\.){1}((25[0-5]|2[0-4][0-9]|[1]{1}[0-9]{2}|[1-9]{1}[0-9]|[0-9])\.){2}((25[0-5]|2[0-4][0-9]|[1]{1}[0-9]{2}|[1-9]{1}[0-9]|[0-9]){1}))$/",$ip)) return true ; } function clj_is_mail($mail) { if(preg_match('/#^[\w.-]+@[\w.-]+\.[a-zA-Z]{2,5}$#/' ,$mail)) return true ; } function clj_fetchRemote($src, &$dest, $timeout=1, $user_agent='Piwigo', $step=0) { // Try to retrieve data from local file? if (!url_is_remote($src)) { $content = @file_get_contents($src); if ($content !== false) { is_resource($dest) ? @fwrite($dest, $content) : $dest = $content; return true; } else { return false; } } // After 3 redirections, return false if ($step > 3) return false; // Initialize $dest is_resource($dest) or $dest = ''; // Try curl to read remote file if (function_exists('curl_init')) { $ch = @curl_init(); @curl_setopt($ch, CURLOPT_TIMEOUT, $timeout); @curl_setopt($ch, CURLOPT_URL, $src); @curl_setopt($ch, CURLOPT_HEADER, 1); @curl_setopt($ch, CURLOPT_USERAGENT, $user_agent); @curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); $content = @curl_exec($ch); $header_length = @curl_getinfo($ch, CURLINFO_HEADER_SIZE); $status = @curl_getinfo($ch, CURLINFO_HTTP_CODE); @curl_close($content); if ($content !== false and $status >= 200 and $status < 400) { if (preg_match('/Location:\s+?(.+)/', substr($content, 0, $header_length), $m)) { return clj_fetchRemote($m[1], $dest,$timeout, $user_agent, $step+1); } $content = substr($content, $header_length); is_resource($dest) ? @fwrite($dest, $content) : $dest = $content; return true; } } // Try file_get_contents to read remote file if (ini_get('allow_url_fopen')) { $opts['http'] = array('timeout' => $timeout); $ctx = stream_context_create($opts); $content = @file_get_contents($src, 0, $ctx); if ($content !== false) { is_resource($dest) ? @fwrite($dest, $content) : $dest = $content; return true; } } return false; } ?>