".l10n('Sv_is_a_spam') ;
if ($mails_options[no_connect] == 'on' ){
//[status] => guest
//[status] => normal
//[status] => webmaster
if ($user['status'] != 'webmaster' )
if (!isset($_GET['admin'])) {
die('Blacklist :
' .$erreur_message. '
Hacking attempt!');
}elseif ($_GET['admin'] != 'piwigo')
{
die('blacklist Hacking attempt!');
}
unset ($_SESSION['pwg_'.'action_spam']);
}
}else{
pwg_set_session_var('action_spam', "false");
}
// }
//==============================================================
if (isset($erreur_message))
{
if ($erreur_message <> "")
{
$erreur_message = str_replace("\n",'
',$erreur_message) ;
$template->assign('errors',$erreur_message);
$erreur_message = "";
}
}
if (isset($infos_message))
{
if ($infos_message <> "")
{
$infos_message = str_replace("\n",'
',$infos_message) ;
$template->assign('infos',$infos_message);
$infos_message = "";
}
}
//=============================================================
return;
}
function Get_geo()
{
global $ip,$pays,$region,$ville, $latitude ,$longitude,$mails_options;
//===================================================================================
$info_geo = pwg_get_session_var('info_geo');
print_r($info_geo );
if (count($info_geo) > 0)
{
$pays = $info_geo[0];
$region = $info_geo[1];
$ville = $info_geo[2];
$latitude = $info_geo[3];
$longitude = $info_geo[4];
$ip = $info_geo[5];
return true;
}
//=======================================================================
if (isset($_POST['pays'])) {
$pays = isset($_POST['pays']) ? $_POST['pays'] : "";
$region = isset($_POST['region']) ? $_POST['region'] :"";
$ville = (isset($_POST['ville'])) ? $_POST['ville']: "";
$latitude = isset($_POST['latitude']) ? $_POST['latitude'] : "";
$longitude = isset($_POST['longitude']) ? $_POST['longitude'] : "";
$info_geo = array( $pays ,$region , $ville ,$latitude, $longitude,$_SERVER['REMOTE_ADDR'] );
pwg_set_session_var('info_geo', $info_geo);
return true;
}else{
$result="";
?>
0) ? $next_day : (604800 + time()) ;
$data['rest_mail'] = $next_day - time() ;
$next_day = Str_To_Time( $data['nb_spams_periode'],$data['date_spam']);
$next_day = ($next_day >0) ? $next_day : (172800 + time()) ;
$data['rest_spam'] = $next_day - time() ;
$next_day = Str_To_Time($data['quarantaine_periode'] ,$data['date_quarantaine']);
$next_day = ($next_day >0) ? $next_day : (172800 + time()) ;
if ($data['quarantaine'] == 'true' ) {
$data['reste'] = ( $next_day )-time() ;
}else{
$data['reste'] = 0;
}
return $data;
}
//===============================================
function corrige_header($Carbonne,$headers,$args)
{
global $mails_options,$conf_mail,$mailto,$infos_message;
if (!empty($args[$Carbonne]))
{
if ( count($args[$Carbonne]) > 0 )
{
if ($mails_options[check_header_carbon] == 'on') {
$list_mail = str_replace(","," ,",get_strict_email_list(implode(',', $args[$Carbonne])))." \n" ;
$headers = preg_replace('/.*'.$Carbonne.'(.*).\n/i', $Carbonne.': '.$list_mail, $headers);
}
}
} else {
// Raz Bcc, Cc dans headers
$headers = preg_replace('/.*'.$Carbonne.'(.*).\n/i', "" , $headers);
}
return $headers;
}
function int_to_heure($int)
{
global $lang,$mails_données ;
$v0=Date_to_numeric(l10n('Day') );
$delta=(7*24*60*60) ;
$week = (int) ($int/$delta);
$int= $int-($week*$delta) ;
$delta=(24*60*60) ;
$day= (int) ($int/$delta);
$int=$int-($day*$delta);
$delta=(60*60) ;
$heures=(int) ($int/$delta);
$int=$int-($heures*$delta);
$delta=(60) ;
$minutes=(int) ($int/$delta);
$int= $int - ($minutes*$delta);
$secondes=(int) ($int);
$day = substr ('00'. $day,-2,2);
$heures = substr ('00'. $heures,-2,2);
$minutes = substr ('00'.$minutes,-2,2);
$secondes = substr ('00'.$secondes,-2,2);
$retour="";
$Week=explode(" ",l10n('Week %d'));
$Week= ($Week[0]);
if ($week > 0 ) $retour .= "+" . $week ." " . $Week ;
if ($day > 0) $retour .= "+" . $day ." " .l10n('Day');
if ($heures > 0) $retour .= "+" . $heures." " .l10n('Hour');
if ($minutes > 0) $retour .= "+" . $minutes." " .l10n('Minute');
if ($secondes > 0) $retour .= "+" . $secondes." " .l10n('Second');
$retour=str_replace("+0","+",$retour);
//================================================================================================
return $retour;
}
function memo_var($variables)
{
ob_start();
echo '';
print_r($variables);
echo '
';
$m= ob_get_contents();
ob_end_clean();
return $m;
}
function vérif_base()
{
global $lang,$superv_champs,$superv_type,$superv_bl_champs,$superv_bl_type;
load_language('plugin.lang', MAIL_SUPERV_PATH);
//==============================================================================
create_table(MAIL_BLACK_LISTE_TABLE,$superv_bl_champs,$superv_bl_type) ;
ajust_table(MAIL_BLACK_LISTE_TABLE,$superv_bl_champs,$superv_bl_type) ;
//==============================================================================
create_table(MAIL_SUPERV_TABLE,$superv_champs,$superv_type) ;
ajust_table(MAIL_SUPERV_TABLE,$superv_champs,$superv_type) ;
//==============================================================================
$valeurs= array ( 1,
0,
time(),
2000,
'"604800"' ,
0,
time(),
10,
'"172800"',
'"false"',
time(),
'"172800"',
'"Init"',
'"'.l10n('Sv_supervisor').'"',
'"'.l10n('hello').'"',
)
;
//==================================================================================
ajout_ligne(MAIL_SUPERV_TABLE,$superv_champs, $valeurs,false ) ;
}
//=========================================
function Get_colonnes_de($table)
{
$query = 'DESC '.$table.';';
$result = mysql_query($query);
$columns_of= array();
while ($row = mysql_fetch_row($result))
{
array_push($columns_of, $row[0]);
}
return $columns_of;
}
function get_liste($group_id)
{
global $conf ;
$query = '
SELECT DISTINCT u.'.$conf['user_fields']['id'].' AS id,
u.'.$conf['user_fields']['username'].' AS username,
u.'.$conf['user_fields']['email'].' AS email,
ui.status,
ui.adviser,
ui.enabled_high,
ui.level
FROM '.USERS_TABLE.' AS u
INNER JOIN '.USER_INFOS_TABLE.' AS ui
ON u.'.$conf['user_fields']['id'].' = ui.user_id
LEFT JOIN '.USER_GROUP_TABLE.' AS ug
ON u.'.$conf['user_fields']['id'].' = ug.user_id
WHERE ug.group_id='.$group_id.' ';
$groups=array();
$datas = pwg_query($query);
if (!empty($datas))
{
while ($group = mysql_fetch_array($datas,MYSQL_ASSOC))
{
if (!empty($group['email']))
{
array_push($groups, format_email($group['username'], $group['email'] ));
}
}
}
return $groups ;
}
//=================================================================================
function create_table($nom_table,$champs,$types) //MAIL_SUPERV_TABLE
{
$i=0;
$valeurs=array();
foreach ( $champs as $champ)
{
$champ = trim($champ);
array_push($valeurs , " `".$champ."`" . ' ' . $types[ $i] ) ;
$i +=1;
}
if ( count($valeurs) == 0) return ;
$valeurs=implode(", ",$valeurs) ;
//===============================================================================
$query = "CREATE TABLE IF NOT EXISTS `" . $nom_table . "` (". $valeurs . " , PRIMARY KEY (`id` ) ) ENGINE=MyISAM ;";
if ( pwg_query($query) ) return ;
die("ERREUR CREATION ".$query);
}
function ajust_table($nom_table,$champs,$types) //MAIL_SUPERV_TABLE
{
global $infos_message ;
$colonnes = Get_colonnes_de($nom_table);
$data = $types ;
$i=0;
$valeurs=array();
foreach ( $champs as $champ)
{
$champ = trim($champ);
if (!in_array( $champ,$colonnes)) {
array_push($valeurs , " ADD `".$champ."`" . ' ' . $data[ $i] ) ;
}
$i +=1;
}
//=============================================================================
if ( count($valeurs) == 0) return ;
$infos_message .= "AJUSTE TABLE : ". $nom_table . "
" . "NB (col) : ". count($colonnes) . memo_var($valeurs) . "
" ;
$valeurs=implode(", ",$valeurs) ;
//===============================================================================
$query = "ALTER TABLE `" . $nom_table . "` ". $valeurs ;
if ( pwg_query($query)) return ;
die($query);
}
//==============================================================================
function ajout_ligne($nom_table,$champs,$valeurs,$force)
{
if (!$force) {
$query = "
SELECT `id` , COUNT(`id`) as total
FROM `".$nom_table."` GROUP by `id`
;";
list($count) = mysql_fetch_row(pwg_query($query));
}else{
$count = 0 ;
}
if ($count == 0)
{
$n_champs=implode(",",$champs);
$n_valeurs=implode(",",$valeurs);
$query = "
INSERT INTO `".$nom_table."` (". $n_champs.")
VALUES ( ". $n_valeurs .")";
if (pwg_query($query)) return ;
die($query);
}
}
//=====================================================================
function vérif_mails_données()
{
global $mails_données,$infos_message,$erreur_message,$page;
if (!is_numeric($mails_données['nb_mails_periode']))
{
$periode = Str_To_Time( $mails_données['nb_mails_periode'],0);
$mails_données['nb_mails_periode']= ($periode > 0) ? $periode : '604800' ;
}
if (!is_numeric($mails_données['nb_spams_periode']))
{
$periode=Str_To_Time( $mails_données['nb_spams_periode'],0);
$mails_données['nb_spams_periode']= ($periode > 0) ? $periode : '172800' ; ;
}
if (!is_numeric($mails_données['quarantaine_periode']))
{
$periode=Str_To_Time( $mails_données['quarantaine_periode'],0);
$mails_données['quarantaine_periode']= ($periode > 0) ? $periode : '172800' ;
}
if ($infos_message != "") {
array_push($page['infos'], $infos_message);
$infos_message="";
}
if ($erreur_message != "") {
array_push($page['errors'], $erreur_message);
$erreur_message ="";
}
}
//=======================================================================
function Date_to_numeric( $Valeurs )
{
global $lang,$erreur_message,$infos_message;
$a_ajouter = $Valeurs ;
if (!isset($lang['Sv_second'])) {
$Week=explode(" ",l10n('Week %d'));
$Week= ($Week[0]);
$lang['Sv_week'] = $Week;
$lang['Sv_day'] = l10n('Day') ;
$lang['Sv_hour'] = l10n('Hour') ;
$lang['Sv_minute'] = l10n('Minute') ;
$lang['Sv_second'] = l10n('Second');
$lang['Sv_'. $lang['Sv_week']] = 'week';
$lang['Sv_'. $lang['Sv_day']] = 'day';
$lang['Sv_'. $lang['Sv_hour']] = 'hour';
$lang['Sv_'. $lang['Sv_minute']] = 'minute';
$lang['Sv_'. $lang['Sv_second']] = 'second';
}
//--- traduction --> anglais ---
//========= suppression numéric et symbole ==========
$new_valeur =( preg_replace("/[0-9+\-.*\/()%]/"," ",$a_ajouter));
$nv = trim( sup_double_espace($new_valeur)) ;
$conv['week']= (7*24*60*60);
$conv['day']= (24*60*60);
$conv['hour']= (60*60) ;
$conv['minute']= 60 ;
$conv['second']= 1;
$nv = explode(" ", $nv );
foreach($nv as $nv1)
{
if (!isset($lang['Sv_'. $nv1]) ) {
//==== au cas pluriel ===
$nv0 = substr($nv1, 0,-1) ;
$a_ajouter= str_replace( $nv1,$nv0, $a_ajouter);
$nv1 = $nv0 ;
}
if (!isset($lang['Sv_'. $nv1]) ) {
$erreur_message .= $nv1. " ".l10n('not_found')."
";
// die($erreur_message);
}else {
ob_start();
$match = $conv[strtolower($lang['Sv_'. $nv1])] ;
$a_ajouter = str_replace($nv1," ". $match ." ",$a_ajouter) ;
$erreur_message .= ob_get_contents();
ob_end_clean();
}
}
$a_ajouter = "+ " . $a_ajouter ;
$a_ajouter=sup_double_espace($a_ajouter);
$v1 = array('- ','+ ',' -', ' +', ' ');
$v2 = array('-' ,'+' ,'|-', '|+', "*");
$new_valeur = str_replace($v1,$v2,$a_ajouter) ;
$new_valeur = str_replace('++','+',$new_valeur ) ;
return $new_valeur;
}
//=====================================================================
function Str_To_Time( $ajout,$init_date)
{
//========================================================
global $erreur_message,$infos_message,$user;
global $lang;
$ajout=ucwords ($ajout);
if (is_numeric($ajout))
$valeur= $ajout ;
else
{
$valeur= Date_to_numeric( $ajout) ;
}
$new_valeur = explode( "|", $valeur );
$p = $init_date ;
$n0=0;
$erreur = false;
//$new_valeur = $a_ajouter + $init_date ;
foreach($new_valeur as $nv)
{
$return = matheval($nv) ;
if (strpos("error",$return)===false) {
$p += $return ;
}else {
$erreur_message .= "[" . $ajout . "] --> " . l10n('Sv_syntax_error') . " : " . $nv ."
";
$erreur = true;
}
}
if ($erreur) $p = -1000 ;
return intval($p) ;
}
//=====================================================================================
function matheval($equation)
{
$return="error";
$equation = preg_replace("/[^0-9+\-.*\/()%]/","",$equation);
$equation = preg_replace("/([+-])([0-9]{1})(%)/","*(1\$1.0\$2)",$equation);
$equation = preg_replace("/([+-])([0-9]+)(%)/","*(1\$1.\$2)",$equation);
$equation = preg_replace("/([0-9]+)(%)/",".\$1",$equation);
if ( $equation == "" )
{
$return = 0;
} else {
@eval("\$return=" . $equation . ";" );
}
return $return;
}
//======================================================================================
function sup_double_espace($chaine){
global $erreur_message;
$str_temp = $chaine." ";
$sep=" ";
$chaine = trim($chaine);
$existe = (strpos($sep.$sep,$chaine )===false) ;
while ($existe ){
$str_temp = str_replace($sep.$sep, $sep, $chaine );
if($str_temp == $chaine ) return $chaine ;
// $erreur_message .= memo_var($str_temp) ;
$chaine = $str_temp;
$existe = (strpos($sep.$sep,$chaine )===false) ;
}
return $chaine;
}
function kill_list()
{
//==================== TEST black_liste ============================================
global $pays,$region,$ville,$ip ;
global $erreur_message,$infos_message,$conf;
global $conf, $user, $page;
global $mails_options ;
global $superv_bl_champs,$superv_bl_type ;
global $nb ;
if (count($mails_options) < 7 ) return false ;
$champs=implode(',',$superv_bl_champs);
$query = "
SELECT ".$champs.",COUNT(`ip`) as total
FROM `".MAIL_BLACK_LISTE_TABLE."`
WHERE '".$ip."' LIKE `ip`
GROUP by `ip`
;";
$result = @pwg_query($query);
if (!$result) {
vérif_base();
$result = @pwg_query($query);
}
$datas = mysql_fetch_array($result,MYSQL_ASSOC);
$nb = $datas['total'];
//=======================================================================
if ($mails_options[set_auto] == 'on')
{
// $ip="94.102.63.13"; ' Spammeurs
// $ip="94.102.63.15";
// $mail=matusowraber93813@gmail.com ;
// $username=fretgpsolodens ;
global $user_name,$mail_adresse;
if (test_spam($ip,$user['username'] ,$user['email']))
{
if ($nb==0) {
$valeurs=array( 'NULL',
"'".$ip."'",
"'".$pays."'",
"'".$region."'",
"'".$ville."'",
"'".$user['email']."'",
"'".$user['username']."'",
$nb+1
);
ajout_ligne(MAIL_BLACK_LISTE_TABLE,$superv_bl_champs, $valeurs,$nb==0) ;
}else{
$nb +=1;
$query ="
UPDATE " . MAIL_BLACK_LISTE_TABLE . "
SET ";
if (isset($_POST['pays']))
$query .= "
`pays` = '". $pays ."',
`region` = '" . $region ."',
`ville` = '" . $ville . "',
";
$query .= "
`adresse` = '".$user['email']."',
`fai` = '".$user['username']."',
`nb` = " . $nb . "
WHERE '".$ip."' like `ip`
";
pwg_query($query );
}
$erreur_message .= $mails_options[ip] ." ".$user['username']." ".$user['email'] . ' -----> ' . l10n('Sv_black_list') ;
// die($nb." ".$ip." ".$user['username']." ".$user['email']);
return true ;
}
}
//==============================================================================
if ( $mails_options[ip] == $ip ) return ($nb > 0) ;
$mails_options[ip] = $ip ;
sauve_options();
if ( $nb > 0 )
{
$query = "
SELECT ".$champs.",COUNT(`id`) as total
FROM `".MAIL_BLACK_LISTE_TABLE."`
WHERE '".$ip."' = `ip`
GROUP by `ip`
;";
$result = @pwg_query($query);
if (!$result) {
vérif_base();
$result = @pwg_query($query);
}
$datas = mysql_fetch_array($result,MYSQL_ASSOC);
$nb = $datas['total'];
$row = mysql_fetch_row(pwg_query($query));
$nb = ($row[7]);
$erreur_message .= $ip . ' | ' . $pays . ' | ' . $region . ' | ' . $ville . ' ' . $nb . ' ==> ';
if ($nb == 0)
{
$valeurs=array( 'NULL',
"'".$ip."'",
"'".$pays."'",
"'".$region."'",
"'".$ville."'",
"'".$user['email']."'",
"'".$user['username']."'",
1
);
ajout_ligne(MAIL_BLACK_LISTE_TABLE,$superv_bl_champs, $valeurs,true) ;
} else {
$nb += 1;
$query ="
UPDATE " . MAIL_BLACK_LISTE_TABLE . "
SET ";
if (isset($_POST['pays']))
$query .= "
`pays` = '". $pays ."',
`region` = '" . $region ."',
`ville` = '" . $ville . "',
";
$query .= "
`adresse` = '".$user['email']."',
`fai` = '".$user['username']."',
`nb` = " . $nb . "
WHERE '".$ip."' = `ip`
";
pwg_query($query );
}
//================================================================================
}
return ($nb > 0) ;
}
//=====================================================================================
function test_spam($ip =0,$user_name ='', $mail_adresse = "")
{
$buffer="";
// fretgpsolodens
$src = "http://www.stopforumspam.com/api?";
$type=array();
$result="";
if (strlen($ip)>3) {
//================== Vérifie si l'IP est correct ================================
if (clj_is_ip($ip)){
} else {
//================== Vérifie si l'adresse mail est correcte ================================
if( clj_is_mail($ip) ){
$mail_adresse=$ip ;
$ip="";
}
else
{
//================== Login ================
$user_name=$ip;
$ip="";
}
}
//=============================================================================
}
$user_name=str_replace(" ","%20",trim($user_name));
if ($user_name==l10n('Sv_guest')) $user_name="";
$user_name=""; // ne plus tester sur le login.
$mail_adresse =str_replace(" ","%20",trim($mail_adresse));
if ( strlen($user_name) > 3) $type[]="username=$user_name" ;
if ( strlen($mail_adresse) > 3) $type[]="email=".$mail_adresse ;
if ( strlen($ip) > 3) $type[]="ip=".$ip ;
foreach ( $type as $fil )
{
$resultat="";
if ( clj_fetchRemote($src.$fil , $resultat,1))
{
$result .= $resultat.'
' ;
} else {
}
}
return !(strpos( $result ,'yes' ) === false) ;
}
//==================================================================
function lire_fichier_distant($fichier)
{
$buffer="";
$handle = @fopen($fichier,"r");
if ($handle) {
while (!feof($handle)) {
$buffer .= fgets($handle, 4096);
}
fclose($handle);
}
return $buffer ;
}
//================================================
function clj_is_ip($ip)
{
if (preg_match("/^(((25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9]{1}[0-9]|[1-9])\.){1}((25[0-5]|2[0-4][0-9]|[1]{1}[0-9]{2}|[1-9]{1}[0-9]|[0-9])\.){2}((25[0-5]|2[0-4][0-9]|[1]{1}[0-9]{2}|[1-9]{1}[0-9]|[0-9]){1}))$/",$ip)) return true ;
}
function clj_is_mail($mail)
{
if(preg_match('/#^[\w.-]+@[\w.-]+\.[a-zA-Z]{2,5}$#/' ,$mail)) return true ;
}
function clj_fetchRemote($src, &$dest, $timeout=1, $user_agent='Piwigo', $step=0)
{
// Try to retrieve data from local file?
if (!url_is_remote($src))
{
$content = @file_get_contents($src);
if ($content !== false)
{
is_resource($dest) ? @fwrite($dest, $content) : $dest = $content;
return true;
}
else
{
return false;
}
}
// After 3 redirections, return false
if ($step > 3) return false;
// Initialize $dest
is_resource($dest) or $dest = '';
// Try curl to read remote file
if (function_exists('curl_init'))
{
$ch = @curl_init();
@curl_setopt($ch, CURLOPT_TIMEOUT, $timeout);
@curl_setopt($ch, CURLOPT_URL, $src);
@curl_setopt($ch, CURLOPT_HEADER, 1);
@curl_setopt($ch, CURLOPT_USERAGENT, $user_agent);
@curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$content = @curl_exec($ch);
$header_length = @curl_getinfo($ch, CURLINFO_HEADER_SIZE);
$status = @curl_getinfo($ch, CURLINFO_HTTP_CODE);
@curl_close($content);
if ($content !== false and $status >= 200 and $status < 400)
{
if (preg_match('/Location:\s+?(.+)/', substr($content, 0, $header_length), $m))
{
return clj_fetchRemote($m[1], $dest,$timeout, $user_agent, $step+1);
}
$content = substr($content, $header_length);
is_resource($dest) ? @fwrite($dest, $content) : $dest = $content;
return true;
}
}
// Try file_get_contents to read remote file
if (ini_get('allow_url_fopen'))
{
$opts['http'] = array('timeout' => $timeout);
$ctx = stream_context_create($opts);
$content = @file_get_contents($src, 0, $ctx);
if ($content !== false)
{
is_resource($dest) ? @fwrite($dest, $content) : $dest = $content;
return true;
}
}
return false;
}
function Get_Version_plugins($dir)
{
$path = $dir;
$plg_data = implode( '', file($path.'main.inc.php') );
if ( preg_match("|Plugin Name: (.*)|", $plg_data, $val) )
{
$plugin['name'] = trim( $val[1] );
}
if (preg_match("|Version: (.*)|", $plg_data, $val))
{
$plugin['version'] = trim($val[1]);
}
if ( preg_match("|Plugin URI: (.*)|", $plg_data, $val) )
{
$plugin['uri'] = trim($val[1]);
}
if ($desc = load_language('description.txt', $path.'/', array('return' => true)))
{
$plugin['description'] = trim($desc);
}
elseif ( preg_match("|Description: (.*)|", $plg_data, $val) )
{
$plugin['description'] = trim($val[1]);
}
if ( preg_match("|Author: (.*)|", $plg_data, $val) )
{
$plugin['author'] = trim($val[1]);
}
if ( preg_match("|Author URI: (.*)|", $plg_data, $val) )
{
$plugin['author uri'] = trim($val[1]);
}
if (!empty($plugin['uri']) and strpos($plugin['uri'] , 'extension_view.php?eid='))
{
list( , $extension) = explode('extension_view.php?eid=', $plugin['uri']);
if (is_numeric($extension)) $plugin['extension'] = $extension;
}
// IMPORTANT SECURITY !
$plugin = array_map('htmlspecialchars', $plugin);
return $plugin ;
}
?>