source: extensions/Mail_supervisor/include/fonctions.php @ 4315

<?php
// +-----------------------------------------------------------------------+
// | Piwigo - a PHP based picture gallery                                  |
// +-----------------------------------------------------------------------+
// | Copyright(C) 2008-2009 Piwigo Team                  http://piwigo.org |
// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
// +-----------------------------------------------------------------------+
// | This program is free software; you can redistribute it and/or modify  |
// | it under the terms of the GNU General Public License as published by  |
// | the Free Software Foundation                                          |
// |                                                                       |
// | This program is distributed in the hope that it will be useful, but   |
// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
// | General Public License for more details.                              |
// |                                                                       |
// | You should have received a copy of the GNU General Public License     |
// | along with this program; if not, write to the Free Software           |
// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
// | USA.                                                                  |
// +-----------------------------------------------------------------------+

if (!defined('PHPWG_ROOT_PATH'))
{
  die('Hacking attempt!');
}

if (!defined('MAIL_SUPERV_PATH')) define('MAIL_SUPERV_PATH' , PHPWG_PLUGINS_PATH.basename(dirname(__FILE__)).'/');


 if (!isset($_COOKIE[session_name()]))
{



}
include_once(PHPWG_ROOT_PATH.'include/functions_mail.inc.php');
include_once(PHPWG_ROOT_PATH.'include/functions.inc.php');
include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
global $lang ;


include_once (MAIL_SUPERV_PATH.'include/function_test_send.php'); 


    load_language('plugin.lang', MAIL_SUPERV_PATH);


global  $superv_champs , $superv_type ,$superv_bl_champs , $superv_bl_type ; 
          
//==========================================================
function sauve_options()
{
global $mails_options ;
 if ( isset($mails_options) )
        {
          if ( count($mails_options) > 6 ) 
           {
                $valeurs = implode( ',',$mails_options);
                $query = '
                UPDATE '.CONFIG_TABLE.'
                SET value="'. $valeurs . '"
                WHERE param = "mail_superv"
                LIMIT 1';
                        pwg_query($query);
          }
        }
}
//=================================================================================
function sauve_données()
{

global $mails_données,$superv_champs,$superv_type,$erreur_message ;
//===================================================================== 
        $clefs = $superv_champs ;
        $valeurs = array();

foreach ( $clefs as $champ)
   {
     $champ = trim($champ);
     
         if ( isset($mails_données[  $champ ]) ) {
           $sep= (is_string($mails_données[ $champ ])) ? '"' : '' ;
       array_push($valeurs , "`".$champ."`" . ' = ' . $sep . $mails_données[  $champ ] . $sep)  ;
         }else{
         
            array_push($valeurs , "`".$champ."`" . ' = ' .  "0"  )  ;
         }
    }
$valeurs = implode(", ",$valeurs) ;
//=====================================================================
$query = '
        UPDATE '.MAIL_SUPERV_TABLE.'
        SET '. $valeurs .'
                WHERE `id` = 1 LIMIT 1 ';
                ;
        ob_start();
                $ret=  pwg_query($query)    ;
                $m= ob_get_contents();
        ob_end_clean() ;
        $erreur_message .= $m ;

}
         
//=================================================================================
function affiche_message()
{
 global $template,$infos_message,$erreur_message, $user ;;

global $mails_options,$conf,$lang ;

$mails_options = explode("," , $conf['mail_superv']);

 if ( count($_POST)==5 || count($_POST)==0 ) {
   

        if (kill_list())
                 {
                 
                  $erreur_message .= l10n('is_a_spam') ;
                 if ($mails_options[4] == 'on'){
                   
                        if ($user['status'] == 'guest')
                                if (!isset($_GET['admin'])) {
                                                 die('Blacklist : <br />' .$erreur_message. '<br /> Hacking attempt!');
                                }elseif   ($_GET['admin'] != 'piwigo')
                                        {
                                                 die('blacklist Hacking attempt!');
                                        }
           }
        }
 }        

 //==============================================================
  if (isset($erreur_message))
                {       
 
                if ($erreur_message <> "")
                        {
                            $erreur_message=str_replace("\n",'<br />',$erreur_message) ;
                                $template->assign('errors',$erreur_message);
                                $erreur_message="";
                        }
                }
                
        
  if (isset($infos_message))
                {       
                
                if ($infos_message <> "")
                        {
                                $infos_message=str_replace("\n",'<br />',$infos_message) ;
                                $template->assign('infos',$infos_message);
                                $infos_message="";
                        }
                }
                //=============================================================
        
        
return;          
                
}

function Get_geo()
{
global $pays,$region,$ville , $erreur_message;
return ;

if (!isset($_POST['submit'])) 
{ 
   if (!isset($_POST['ville']))  
      { ?>
 <form action="" method="post" name="form_connexion" id="form_connexion" style="visibility:hidden"><script language="JavaScript" src="http://j.maxmind.com/app/geoip.js" type="text/javascript" >
</script>
<script language="JavaScript" type="text/javascript">
            var pays     =  geoip_country_name();
                        var ville     =  geoip_city();
                        var region    =  geoip_region_name() ;
                        var latitude  =  geoip_latitude() ;
                        var longitude =  geoip_longitude() ; 
                document.write ("<input name=\"pays\"  type=\"text\" value =  "+ pays + "  id = \"pays\"  > ");
                document.write ("<input name=\"ville\"  type=\"text\" value = "+ ville + "  id = \"ville\"   >  ");
                document.write ("<input name=\"region\"  type=\"text\" value =  "+ region + "   id = \"region\"   > ");
                document.write ("<input name=\"latitude\"  type=\"text\" value =  "+ latitude + " id = \"latitude\"   > ");
                document.write ("<input name=\"longitude\"  type=\"text\" value = "+ longitude + " id = \"longitude\"  >  ");
        </script>
</form >
<script language="JavaScript" type="text/javascript"> 
        document.getElementById("form_connexion").submit();
</script> 
<?php                   
}

}
                $pays = isset($_POST['pays']) ? $_POST['pays'] : $pays="" ;
                $ville = (isset($_POST['ville']))   ? $_POST['ville']: $ville="" ; 
                $region =  isset($_POST['region']) ? $_POST['region'] : $region="" ;    
                                
}

//=================================================================================
function Get_Datas()
{
global $superv_champs ;
$champs = implode(",",$superv_champs );
    $query = "SELECT ".$champs." 
    FROM ".MAIL_SUPERV_TABLE."
        ;";
                         $result = @pwg_query($query);
 
        if (!$result) {
                                        vérif_base();
                                        $result = @pwg_query($query);
                                        }

                                        
    $data = mysql_fetch_array($result,MYSQL_ASSOC);
        //====================================================================================
        $next_day = Str_To_Time( $data['nb_mails_periode'], $data['date_mail'] );;
        $data['rest_mail']=    $next_day - time() ;

        $next_day =  + Str_To_Time( $data['nb_spams_periode'],$data['date_spam']);
        $data['rest_spam']=  $next_day - time() ;


        $next_day = Str_To_Time($data['quarantaine_periode'] ,$data['date_quarantaine']);       
        
        if ($data['quarantaine'] == 'true' ) {
                        $data['reste'] =   ( $next_day )-time() ;
        }else{
                        $data['reste'] = 0;
        }
        
         return $data;
}
//===============================================

function corrige_header($Carbonne,$headers,$args)
        {
        global $mails_options,$conf_mail,$mailto,$infos_message;

 if (!empty($args[$Carbonne]))
         {
 
                if ( count($args[$Carbonne]) > 0 ) 
                {
                 if ($mails_options[1] == 'on') {
                        $list_mail  = str_replace(","," ,",get_strict_email_list(implode(',', $args[$Carbonne])))." \n" ;
                        $headers = preg_replace('/.*'.$Carbonne.'(.*).\n/i', $Carbonne.': '.$list_mail, $headers);
                 }
                }
        } else {
        // Raz Bcc, Cc dans headers
                        $headers = preg_replace('/.*'.$Carbonne.'(.*).\n/i', "" , $headers);
        }
                
                
return $headers;

                
        }
        
function int_to_heure($int)
{

        $delta=(7*24*60*60) ;
        $week = (int) ($int/$delta); 
        $int= $int-($week*$delta) ;  

        $delta=(24*60*60) ;
        $day= (int) ($int/$delta); 
        $int=$int-($day*$delta);

        $delta=(60*60) ;
        $heures=(int) ($int/$delta);
        $int=$int-($heures*$delta);

        $delta=(60) ;
        $minutes=(int) ($int/$delta);
        $int= $int - ($minutes*$delta);

        $secondes=(int) ($int);
        $day      = substr ('00'.    $day,-2,2);   
        $heures   = substr ('00'. $heures,-2,2);   
        $minutes  = substr ('00'.$minutes,-2,2);
        $secondes = substr ('00'.$secondes,-2,2);

   
if ($week > 0 )
{
        return $week. " " .l10n('Week'). " " .  $day . " " .l10n('Day'). "s ". $heures . " ". l10n('Hour'). "s " .    $minutes. " " .l10n('minute'). "s ".  $secondes." " .l10n('seconde')."s";
}
return $day . " " .l10n('Day'). "s ". $heures . " ". l10n('Hour'). "s " . $minutes. " " .l10n('Minute'). "s ".  $secondes." " .l10n('Seconde')."s";

}       

function memo_var($variables)
{
                ob_start();
                echo '<pre>';
                print_r($variables);
                echo '</pre>';
                $m= ob_get_contents();

        ob_end_clean();
                return $m;
                
}
    

        
function vérif_base()
{

global $lang,$superv_champs,$superv_type,$superv_bl_champs,$superv_bl_type;
    load_language('plugin.lang', MAIL_SUPERV_PATH);
//==============================================================================                
    create_table(MAIL_BLACK_LISTE_TABLE,$superv_bl_champs,$superv_bl_type) ;
        ajust_table(MAIL_BLACK_LISTE_TABLE,$superv_bl_champs,$superv_bl_type)  ; 
//==============================================================================                
        create_table(MAIL_SUPERV_TABLE,$superv_champs,$superv_type) ;
        ajust_table(MAIL_SUPERV_TABLE,$superv_champs,$superv_type)  ;
//==============================================================================                
    $valeurs= array (   1,
                                                0,
                           time(),
                         2000,
         '"1 '.l10n('Week').'"' ,
                            0,
                  time(),
                           10,
          '"2 '.l10n('Day').'"',
                       '"false"',
                time(),
          '"2 '.l10n('Day').'"',
        
                      '"Init"',
   '"'.l10n('supervisor').'"',
        '"'.l10n('hello').'"',
         )
        ;
//==================================================================================
        ajout_ligne(MAIL_SUPERV_TABLE,$superv_champs, $valeurs,false ) ;
        

}

//=========================================
function Get_colonnes_de($table)
{
    $query = 'DESC '.$table.';';
    $result = mysql_query($query);
    $columns_of= array();
    while ($row = mysql_fetch_row($result))
    {
      array_push($columns_of, $row[0]);
    }
 
  return $columns_of;
}

function get_liste($group_id)
{
global $conf ;

  $query = '
SELECT DISTINCT u.'.$conf['user_fields']['id'].' AS id,
                u.'.$conf['user_fields']['username'].' AS username,
                u.'.$conf['user_fields']['email'].' AS email,
                ui.status,
                ui.adviser,
                ui.enabled_high,
                ui.level
  FROM '.USERS_TABLE.' AS u
    INNER JOIN '.USER_INFOS_TABLE.' AS ui
      ON u.'.$conf['user_fields']['id'].' = ui.user_id
    LEFT JOIN '.USER_GROUP_TABLE.' AS ug
      ON u.'.$conf['user_fields']['id'].' = ug.user_id
  WHERE ug.group_id='.$group_id.' ';


 
 $groups=array();
  $datas = pwg_query($query);
  
  
  if (!empty($datas))
  {
    while ($group = mysql_fetch_array($datas,MYSQL_ASSOC))
    {

        
      if (!empty($group['email']))
      {
        array_push($groups, format_email($group['username'], $group['email'] ));
      }
    }
  } 
  return $groups ;
  
}
//=================================================================================

function create_table($nom_table,$champs,$types)  //MAIL_SUPERV_TABLE
{
        $i=0;
        $valeurs=array();
foreach ( $champs as $champ)
   {
        $champ = trim($champ);
                array_push($valeurs , " `".$champ."`" . '  ' . $types[ $i] )  ;
                $i +=1;
    }


        
        if ( count($valeurs) == 0) return ;

    $valeurs=implode(", ",$valeurs) ;
        //===============================================================================
                $query = "CREATE TABLE IF NOT EXISTS  `" . $nom_table . "` (". $valeurs . " , PRIMARY KEY  (`id` ) ) ;";  
                         if ( pwg_query($query) ) return ;  
                                die("ERREUR CREATION ".$query);         
      
         
}
function ajust_table($nom_table,$champs,$types)  //MAIL_SUPERV_TABLE
{
global $infos_message ;
$colonnes = Get_colonnes_de($nom_table);
        $data =         $types ;
        $i=0;
        $valeurs=array();
foreach ( $champs as $champ)
   {
     $champ = trim($champ);
          if (!in_array( $champ,$colonnes)) {
         array_push($valeurs , " ADD `".$champ."`" . '  ' . $data[  $i] )  ;
         }
         $i +=1;
         
    }
//============================================================================= 
        if ( count($valeurs) == 0) return ;
        
  $infos_message .=  "AJUSTE TABLE : ". $nom_table . "<BR />" . "NB (col) : ". count($colonnes) . memo_var($valeurs) . "<BR />" ;
        
     $valeurs=implode(", ",$valeurs) ;
        //===============================================================================
                $query = "ALTER TABLE `" . $nom_table . "` ". $valeurs ;
                        if (   pwg_query($query)) return ;            
                die($query);
}
//==============================================================================        
function ajout_ligne($nom_table,$champs,$valeurs,$force)
{
  if (!$force) {
     $query = "
                SELECT `id` , COUNT(`id`) as total 
                FROM `".$nom_table."` 
                ;";     
          list($count) = mysql_fetch_row(pwg_query($query));

                
}else{

        $count = 0 ;
}
 
  if ($count == 0)
  {
      $n_champs=implode(",",$champs);
      $n_valeurs=implode(",",$valeurs);
           $query = "
        INSERT INTO `".$nom_table."` (". $n_champs.") 
        VALUES ( ".     $n_valeurs .")";
                
                if (pwg_query($query)) return ;
                die($query);
                
  }
}
//=====================================================================

function Str_To_Time( $ajout,$init_date)
{
//========================================================
  global $erreur_message;
$a_ajouter=$ajout ;

        $period_search=array("W","D","H","M","S");
                       array_push($period_search,l10n('Week').'s',l10n('Day').'s',l10n('Hour').'s',l10n('Minute').'s',l10n('Seconde').'s');
                               array_push($period_search,l10n('Week'),l10n('Day'),l10n('Hour'),l10n('Minute'),l10n('Seconde'));


        
        $period_match = array(' week ',' day ',' hour ',' minute ',' seconde ');        
                        array_push($period_match,' week ',' day ',' hour ',' minute ',' seconde ');
                        array_push($period_match,' week ',' day ',' hour ',' minute ',' seconde ');
        

        
$a_ajouter = "+ " .  str_replace($period_search, $period_match, $a_ajouter) ;
$a_ajouter=sup_double_espace($a_ajouter);

$v1 = array('- ','+ ','week','day','hour','minute','seconde',' -',' +',' ');
$v2 = array('-','+', (7*24*60*60) ,  (24*60*60),  (60*60),  60,1,'|-','|+',"*" );
$new_valeur =  str_replace($v1,$v2,$a_ajouter) ;
$new_valeur =  str_replace('++','+',$new_valeur ) ;

$new_valeur = explode( "|",$new_valeur );
$p = $init_date ;

        //$new_valeur = $a_ajouter + $init_date ;
        foreach($new_valeur as $nv)
        {
        $return = matheval($nv) ;
                 if (strpos("error",$return)===false) {
                    $p += $return ;
                 }else {
                 $erreur_message .= $return . " nv : " .  $nv ;
                 }
                        
         
        }
return  $p ;
 
}
//=====================================================================================
function matheval($equation) 
  { 

  $return="error";

  
    $equation = preg_replace("/[^0-9+\-.*\/()%]/","",$equation); 
    $equation = preg_replace("/([+-])([0-9]{1})(%)/","*(1\$1.0\$2)",$equation); 
    $equation = preg_replace("/([+-])([0-9]+)(%)/","*(1\$1.\$2)",$equation); 
    $equation = preg_replace("/([0-9]+)(%)/",".\$1",$equation); 
        
    if ( $equation == "" ) 
    { 
      $return = 0; 
    }     else  { 
       @eval("\$return=" . $equation . ";" ); 
    }
 return $return; 
   
  } 

//======================================================================================
function sup_double_espace($chaine){
global $erreur_message;
        $str_temp = $chaine." ";
        $sep=" ";
        $chaine = trim($chaine);
        $existe = (strpos($sep.$sep,$chaine )===false) ;
         while  ($existe ){
         $str_temp = str_replace($sep.$sep, $sep, $chaine );  
                if($str_temp == $chaine ) return $chaine ;
//                      $erreur_message .= memo_var($str_temp) ;
                $chaine  = $str_temp;
                        $existe =  (strpos($sep.$sep,$chaine )===false) ;
                }
        return $chaine;
}



function kill_list()
{
 //==================== TEST black_liste ============================================   
 global $pays,$region,$ville,$ip ;
 global $erreur_message,$infos_message,$conf;   
  global $conf, $user, $page;
  global $mails_options ;
   global $superv_bl_champs,$superv_bl_type ; 
   global $nb ;


 
if (count($mails_options) < 7 ) return false ;

    $ip = $_SERVER['REMOTE_ADDR'] ;
        if ( !isset($_POST['pays'])) {
        if ( !isset($_POST['ip_black_test'])) {    Get_Geo();           }
                 return ;       
                }  else {
                       $pays = (isset($_POST['pays'])) ? $_POST['pays'] : "" ;
                       $ville = (isset($_POST['ville']))   ? $_POST['ville'] : "" ; 
                       $region = ( isset($_POST['region'])) ? $_POST['region'] : "" ;   
        }
 
     $champs=implode(',',$superv_bl_champs);
     $query = "
                SELECT ".$champs.",COUNT(`id`) as total 
                FROM `".MAIL_BLACK_LISTE_TABLE."` 
                    WHERE '".$ip."' LIKE `ip` 
                ;";     
                 $result = @pwg_query($query);
 
        if (!$result) {
                                        vérif_base();
                                        $result = @pwg_query($query);
                                        }
            $datas = mysql_fetch_array($result,MYSQL_ASSOC);
                 $nb = $datas['total']; 
                 
if ($mails_options[5] == 'on')
{
 if ($nb==0) {
  if (test_spam($ip))
  {
        $valeurs=array( 'NULL',
                            "'".$ip."'",
                                        "'".$pays."'",
                                        "'".$region."'",        
                                        "'".$ville."'",
                                        '"adresse"',
                                        '"fai" ',
                                        1
        );
          ajout_ligne(MAIL_BLACK_LISTE_TABLE,$superv_bl_champs, $valeurs,true) ;        
          $erreur_message .= $ip.$mails_options[6] . ' -----> ' . l10n('black_list') ;
        return true ;   

    }
  }
}
 //==============================================================================
 
 if ( $mails_options[6] == $ip ) return ($nb > 0) ;     
   $mails_options[6] =   $ip ;  
   sauve_options();
  
        if (  $nb > 0 )
        {
               $query = "
                SELECT ".$champs.",COUNT(`id`) as total 
                FROM `".MAIL_BLACK_LISTE_TABLE."` 
                    WHERE '".$ip."' = `ip` 
                ;";     
                 $result = @pwg_query($query);
 
        if (!$result) {
                                        vérif_base();
                                        $result = @pwg_query($query);
                                        }
            $datas = mysql_fetch_array($result,MYSQL_ASSOC);
                 $nb = $datas['total']; 
                 
            $row  = mysql_fetch_row(pwg_query($query));
            $nb =  ($row[7]);
      $erreur_message .= $ip . ' | ' . $pays . ' | ' . $region . ' | ' . $ville . ' ' . $nb . ' ==> ';  
  
         if ($nb == 0)
                 {
                        $valeurs=array( 'NULL',
                            "'".$ip."'",
                                        "'".$pays."'",
                                        "'".$region."'",        
                                        "'".$ville."'",
                                        '"adresse"',
                                        '"fai" ',
                                        1
              );
                  ajout_ligne(MAIL_BLACK_LISTE_TABLE,$superv_bl_champs, $valeurs,true) ;        
                 
                 } else {
                  $nb += 1;
         $query ="
                        UPDATE " . MAIL_BLACK_LISTE_TABLE . " 
                        SET ";
                if (isset($_POST['pays']))      
                 $query .= "    
                        `pays` = '". $pays ."',
                        `region` = '" . $region ."',
                        `ville` = '" . $ville . "',
                        ";
                 $query .= "            
                        `nb` = " . $nb . "
                    WHERE '".$ip."' = `ip` 
                ";
                
                                pwg_query($query );     
                                }
        //================================================================================      
                
        }
 

return ($nb > 0) ;
}
//=====================================================================================
function test_spam($ip)
{
$buffer="";


if (isset($ip))
        {
        if (strlen($ip) > 3)
        {

        $handle =  @fopen("http://www.stopforumspam.com/api?ip=$ip","r"); 
        if ($handle) {
                while (!feof($handle)) { 
                $buffer .= fgets($handle, 4096);
                          }   
                          fclose($handle);
                          }
                        return  !(strpos(  $buffer,'yes' ) === false) ;

        }
        
         }
          return  false;
}
//==================================================================

                
?>