<?php
// +-----------------------------------------------------------------------+
// | Piwigo - a PHP based picture gallery                                  |
// +-----------------------------------------------------------------------+
// | Copyright(C) 2008-2009 Piwigo Team                  http://piwigo.org |
// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
// +-----------------------------------------------------------------------+
// | This program is free software; you can redistribute it and/or modify  |
// | it under the terms of the GNU General Public License as published by  |
// | the Free Software Foundation                                          |
// |                                                                       |
// | This program is distributed in the hope that it will be useful, but   |
// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
// | General Public License for more details.                              |
// |                                                                       |
// | You should have received a copy of the GNU General Public License     |
// | along with this program; if not, write to the Free Software           |
// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
// | USA.                                                                  |
// +-----------------------------------------------------------------------+

if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!');
if (!defined('MAIL_SUPERV_PATH')) define('MAIL_SUPERV_PATH' , PHPWG_PLUGINS_PATH.basename(dirname(__FILE__)).'/');

global 	$superv_champs , $superv_type ,$superv_bl_champs , $superv_bl_type ; 
// if (!isset($_COOKIE[session_name()])){}

global $lang ;
global $template ;
//===============================================
function corrige_header($Carbonne,$headers,$args,$cl_list_mail)
	{
	global $mails_options,$conf_mail,$mailto,$infos_message;

 if (!empty($args[$Carbonne]))
	 {
 	 	if ( count($args[$Carbonne]) > 0 ) 
		{
		        if ($mails_options['check_header_carbon'] == 'on') {
				        $cl_list_mail  =  str_replace(","," , ",get_strict_email_list(implode(',', $args[$Carbonne])))." \n"  ;
				        $headers = preg_replace('/.*'.$Carbonne.'(.*).\n/i', $Carbonne.': '.$cl_list_mail, $headers);
		 	        }
		}
        
	} else {
	     // Raz Bcc, Cc dans headers
	 		$headers = preg_replace('/.*'.$Carbonne.'(.*).\n/i', "" , $headers);
	}
		
		$headers  = str_replace("\n.", "\n..",$headers );
        $ret->headers = $headers ;
        $ret->list_mail = $cl_list_mail ;
        return $ret;

		
	}
	
function int_to_heure($int)
{
global $lang,$mails_donnees ;

$v0=Date_to_numeric(l10n('Day') );



	$delta=(7*24*60*60) ;
	$week = (int) ($int/$delta); 
	$int= $int-($week*$delta) ;  

	$delta=(24*60*60) ;
	$day= (int) ($int/$delta); 
	$int=$int-($day*$delta);

	$delta=(60*60) ;
	$heures=(int) ($int/$delta);
	$int=$int-($heures*$delta);

	$delta=(60) ;
	$minutes=(int) ($int/$delta);
	$int= $int - ($minutes*$delta);

	$secondes=(int) ($int);
	$day      = substr ('00'.    $day,-2,2);   
	$heures   = substr ('00'. $heures,-2,2);   
	$minutes  = substr ('00'.$minutes,-2,2);
	$secondes = substr ('00'.$secondes,-2,2);
	
$retour="";
$Week=explode(" ",l10n('Week %d'));
$Week= ($Week[0]);

if ($week > 0 ) $retour .= "+" . $week ." " . $Week ;
if ($day  > 0) $retour .= "+" . $day ." " .l10n('Day');
if ($heures > 0) $retour .= "+" . $heures." " .l10n('Hour');
if ($minutes > 0) $retour .= "+" . $minutes." " .l10n('Minute');
if ($secondes > 0) $retour .= "+" . $secondes." " .l10n('Second');
$retour=str_replace("+0","+",$retour);
//================================================================================================   
return $retour;
}	  

	
function verif_base(){
  global $lang,$superv_champs,$superv_type,$superv_bl_champs,$superv_bl_type;
  load_language('plugin.lang', MAIL_SUPERV_PATH);
  //==============================================================================		
  create_table(MAIL_BLACK_LISTE_TABLE,$superv_bl_champs,$superv_bl_type) ;
  ajust_table(MAIL_BLACK_LISTE_TABLE,$superv_bl_champs,$superv_bl_type)  ; 
  //==============================================================================		
  create_table(mail_superv_TABLE,$superv_champs,$superv_type) ;
  ajust_table(mail_superv_TABLE,$superv_champs,$superv_type)  ;
  //==============================================================================		
    $valeurs= array (	1,
						          0,
			           time(),
	                 2000,
	          '"604800"' ,
	                    0,
	               time(),
	                   10,
	           '"172800"',
	            '"false"',
	               time(),
	           '"172800"',
	             '"Init"',
   '"'.l10n('Sv_supervisor').'"',
	'"'.l10n('hello').'"',
	 );
	ajout_ligne(mail_superv_TABLE,$superv_champs, $valeurs,false ) ;
}
//=================================================================================


//=========================================
function Get_colonnes_de($table)
{
    $query = 'DESC '.$table.';';
    $result = mysql_query($query);
    $columns_of= array();
    while ($row = mysql_fetch_row($result))
    {
      array_push($columns_of, $row[0]);
    }
 
  return $columns_of;
}

function get_liste($group_id)
{
global $conf ;
  $query = '
SELECT DISTINCT u.'.$conf['user_fields']['id'].' AS id,
                u.'.$conf['user_fields']['username'].' AS username,
                u.'.$conf['user_fields']['email'].' AS email,
                ui.status,
                ui.enabled_high,
                ui.level
  FROM '.USERS_TABLE.' AS u
    INNER JOIN '.USER_INFOS_TABLE.' AS ui
      ON u.'.$conf['user_fields']['id'].' = ui.user_id
    LEFT JOIN '.USER_GROUP_TABLE.' AS ug
      ON u.'.$conf['user_fields']['id'].' = ug.user_id
  WHERE ug.group_id='.$group_id.' '; 
 $groups=array();
  $datas = pwg_query($query); 
  
  if (!empty($datas)) {
    while ($group = mysql_fetch_array($datas,MYSQL_ASSOC))
    {	
      if (!empty($group['email']))
      {     	array_push($groups, format_email($group['username'], $group['email'] ));
      }
    }
  } 
  return $groups ;
  
}
//=================================================================================

function create_table($nom_table,$champs,$types)  //mail_superv_TABLE
{
	$i=0;
 	$valeurs=array();
  foreach ( $champs as $champ) {
      $champ = trim($champ);
      array_push($valeurs , " `".$champ."`" . '  ' . $types[ $i] )  ;
      $i +=1;
    }


	
	if ( count($valeurs) == 0) return ;

    $valeurs=implode(", ",$valeurs) ;
	//===============================================================================
		$query = "CREATE TABLE IF NOT EXISTS  `" . $nom_table . "` (". $valeurs . " , PRIMARY KEY  (`id` ) ) ENGINE=MyISAM  ;";   
			 if ( pwg_query($query) ) return ;  
				die("ERREUR CREATION ".$query);  	
      
	 
}
function ajust_table($nom_table,$champs,$types)  //mail_superv_TABLE
{
global $infos_message ;
$colonnes = Get_colonnes_de($nom_table);
	$data = 	$types ;
	$i=0;
 	$valeurs=array();
foreach ( $champs as $champ)
   {
     $champ = trim($champ);
	  if (!in_array( $champ,$colonnes)) {
         array_push($valeurs , " ADD `".$champ."`" . '  ' . $data[  $i] )  ;
	 }
	 $i +=1;
	 
    }
//=============================================================================	
	if ( count($valeurs) == 0) return ;
	
  $infos_message .=  "AJUSTE TABLE : ". $nom_table . "<br />" . "NB (col) : ". count($colonnes) . mail_supervisor::Memo_Var($valeurs) . "<br />" ;
	
     $valeurs=implode(", ",$valeurs) ;
	//===============================================================================
		$query = "ALTER TABLE `" . $nom_table . "` ". $valeurs ;
			if (   pwg_query($query)) return ;            
		die($query);
}
//==============================================================================	
function ajout_ligne($nom_table,$champs,$valeurs,$force)
{
  if (!$force) {
     $query = "
    		SELECT `id` , COUNT(`id`) as total 
    		FROM `".$nom_table."` GROUP by  `id`
  		;";	
	  list($count) = mysql_fetch_row(pwg_query($query));

		
}else{

    	$count = 0 ;
}
 
  if ($count == 0)
  {
      $n_champs=implode(",",$champs);
      $n_valeurs=implode(",",$valeurs);
	   $query = "
    	INSERT INTO `".$nom_table."` (". $n_champs.") 
        VALUES ( ".	$n_valeurs .")";
		
		if (pwg_query($query)) return ;
		die($query);
		
  }
}
//=====================================================================
function verif_mails_donnees()
{
global $mails_donnees,$infos_message,$erreur_message,$page;

if (!is_numeric($mails_donnees['nb_mails_periode'])){
  $periode = Str_To_Time( $mails_donnees['nb_mails_periode'],0);
  $mails_donnees['nb_mails_periode']= ($periode > 0) ? $periode : '604800' ;
 }
if (!is_numeric($mails_donnees['nb_spams_periode'])){
  $periode=Str_To_Time( $mails_donnees['nb_spams_periode'],0);
  $mails_donnees['nb_spams_periode']= ($periode > 0) ? $periode : '172800' ; ;
 }
if (!is_numeric($mails_donnees['quarantaine_periode'])){
  $periode=Str_To_Time( $mails_donnees['quarantaine_periode'],0);
  $mails_donnees['quarantaine_periode']= ($periode > 0) ? $periode : '172800' ; 
 }
    if  ($infos_message != "")  {
        array_push($page['infos'],  $infos_message);
        $infos_message="";
    }		 
    if  ($erreur_message != "")  {
        array_push($page['errors'], $erreur_message);
        $erreur_message ="";
    }	
		 
}
//=======================================================================
function Date_to_numeric( $Valeurs )
{
global $lang,$erreur_message,$infos_message;

$a_ajouter = $Valeurs ;


if (!isset($lang['Sv_second'])) {
$Week=explode(" ",l10n('Week %d'));
$Week= ($Week[0]);

$lang['Sv_week'] = $Week;
$lang['Sv_day'] =   l10n('Day')  ;
$lang['Sv_hour'] =   l10n('Hour')  ;
$lang['Sv_minute'] =   l10n('Minute') ;
$lang['Sv_second'] =   l10n('Second');

$lang['Sv_'. $lang['Sv_week']] = 'week';
$lang['Sv_'. $lang['Sv_day']] = 'day';
$lang['Sv_'. $lang['Sv_hour']] = 'hour';
$lang['Sv_'. $lang['Sv_minute']] = 'minute';
$lang['Sv_'. $lang['Sv_second']] = 'second';

} 
//--- traduction --> anglais --- 

 //========= suppression numeric et symbole ==========
$new_valeur =( preg_replace("/[0-9+\-.*\/()%]/"," ",$a_ajouter)); 
$nv =  trim( sup_double_espace($new_valeur)) ;
 
 
 
 	$conv['week']= (7*24*60*60);
	$conv['day']= (24*60*60);
	$conv['hour']=  (60*60) ;
	$conv['minute']=  60 ;
	$conv['second']= 1;

  $nv = explode(" ", $nv );
  
  foreach($nv as $nv1)
  {
  if (!isset($lang['Sv_'. $nv1]) ) {
  //==== au cas pluriel ===
  
   $nv0 =  substr($nv1, 0,-1) ;   
  $a_ajouter= str_replace( $nv1,$nv0,   $a_ajouter);
  $nv1 = $nv0 ; 
    
  }
  
  if (!isset($lang['Sv_'. $nv1]) ) {
    $erreur_message .= $nv1. " ".l10n('not_found')."<br />";  
	//  die($erreur_message);
	  
  }else {
    ob_start();  
         $match = $conv[strtolower($lang['Sv_'. $nv1])] ;
         $a_ajouter = str_replace($nv1," ". $match  ." ",$a_ajouter) ;
 	  	 $erreur_message .= ob_get_contents();
    ob_end_clean();
	}	
	  
  }

$a_ajouter = "+ " .   $a_ajouter ;
$a_ajouter=sup_double_espace($a_ajouter);
$v1 = array('- ','+ ',' -', ' +', ' ');
$v2 = array('-' ,'+' ,'|-', '|+', "*");

$new_valeur =  str_replace($v1,$v2,$a_ajouter) ;
$new_valeur =  str_replace('++','+',$new_valeur ) ;
			
return   $new_valeur;
}
//=====================================================================
function Str_To_Time( $ajout,$init_date)
{
//========================================================
  global $erreur_message,$infos_message,$user;
  global $lang;
  
  $ajout=ucwords ($ajout);
  
  
if (is_numeric($ajout))
 $valeur=   $ajout ;
else
{
 $valeur= Date_to_numeric( $ajout) ;
 
 }
 
$new_valeur = explode( "|", $valeur );

$p = $init_date ;
$n0=0;
$erreur = false;

	//$new_valeur = $a_ajouter + $init_date ;
	foreach($new_valeur as $nv)
	{
	$return = matheval($nv) ;
		 if (strpos("error",$return)===false) {
		    $p += $return ;
		 }else {
		    $erreur_message .=   "[" . $ajout . "] --> " . l10n('Sv_syntax_error') . " : " .  $nv ."<br />";
			$erreur = true;
		 }
			
	 
	}
	if ($erreur) $p = -1000 ;
return    intval($p) ;
 
}
//=====================================================================================
function matheval($equation) 
  { 

  $return="error";

  
    $equation = preg_replace("/[^0-9+\-.*\/()%]/","",$equation); 
    $equation = preg_replace("/([+-])([0-9]{1})(%)/","*(1\$1.0\$2)",$equation); 
    $equation = preg_replace("/([+-])([0-9]+)(%)/","*(1\$1.\$2)",$equation); 
    $equation = preg_replace("/([0-9]+)(%)/",".\$1",$equation); 
	
    if ( $equation == "" ) 
    { 
      $return = 0; 
    }     else  { 
       @eval("\$return=" . $equation . ";" ); 
    }
 return $return; 
   
  } 

//======================================================================================
function sup_double_espace($chaine){
global $erreur_message;
	$str_temp = $chaine." ";
	$sep=" ";
	$chaine = trim($chaine);
    if ($chaine=="") return ;
	$existe = (strpos($sep.$sep,$chaine )===false) ;
	 while  ($existe ){
    	 $str_temp = str_replace($sep.$sep, $sep, $chaine );  
    		if($str_temp == $chaine ) return $chaine ;
//			$erreur_message .= mail_supervisor::Memo_Var($str_temp) ;
    		$chaine  = $str_temp;
			$existe =  (strpos($sep.$sep,$chaine )===false) ;
  		}
	return $chaine;
}
//==================== TEST black_liste ============================================	
function kill_list() {
  global $pays,$region,$ville,$ip ;
  global $erreur_message,$infos_message,$conf;	
  global $conf, $user, $page;
  global $mails_options ;
  global $superv_bl_champs,$superv_bl_type ; 
  global $nb ; 
  if (!isset($ip)) {
    if (getenv("HTTP_CLIENT_IP"))   {
      $ip=getenv("HTTP_CLIENT_IP");
    }else{
      $ip=getenv("REMOTE_ADDR");
    }
  }
  $champs=implode(',',$superv_bl_champs);
   $query = "SELECT ".$champs.",COUNT(`ip`) as total 
  FROM `".MAIL_BLACK_LISTE_TABLE."` 
		WHERE '".$ip."' LIKE `ip` 
		GROUP by `ip` 
  ;";	
	$result = @pwg_query($query);
	 if (!$result) {
			verif_base();
	 		$result = @pwg_query($query);
			}
	  $datas = mysql_fetch_array($result,MYSQL_ASSOC);
  	$nb = $datas['total']|0; 
    //=======================================================================	
    if ($mails_options['set_auto'] == 'on') {  
      global $user_name,$mail_adresse;

       if (isset($nb) && $nb>0) {
       //if (test_spam($ip,$user['username'] ,$user['email']))  // ne plus tester automatiquement . 
            if ($nb==0) {
  	          $valeurs=array( 'NULL',
		           "'".$ip."'",
					        "'".$pays."'",
					        "'".$region."'",	
					        "'".$ville."'",
					        "'".$user['email']."'",
					        "'".$user['username']."'",	
					        $nb+1
	            );
 	          ajout_ligne(MAIL_BLACK_LISTE_TABLE,$superv_bl_champs, $valeurs,$nb==0) ;	
	        }else{	
            mail_supervisor::Get_geo();    
            $nb +=1;	
		         $query ="UPDATE " . MAIL_BLACK_LISTE_TABLE . " SET ";
		         if (isset($_POST['pays']))	
		         $query .= "`pays` = '". $pays ."',
			        `region` = '" . $region ."',
			        `ville` = '" . $ville . "',			
			        ";			
		         $query .= "`adresse` = '".$user['email']."',		
			        `fai` = '".$user['username']."',		
			        `nb` = " . $nb . "
		         WHERE '".$ip."' like `ip` ";		
				       pwg_query($query );	
	        }
 	     $erreur_message .= $pays . $ip ." <br />User Name :".$user['username']."<br />User Mail :".$user['email'] . ' -----> ' . l10n('Sv_black_liste') ;
       // die($nb." ".$ip." ".$user['username']." ".$user['email']);  
 
       return true ;	
      }  
    }
 //==============================================================================

 if ( $mails_options['ip'] == $ip ) return ($nb > 0) ;	 
   $ip0= $mails_options['ip'] ;
   $mails_options['ip'] = $ip ;  
   mail_supervisor::sauve_options();  
 	if (  $nb > 0 )
	{
	       $query = "
    		SELECT ".$champs.",COUNT(`id`) as total 
    		FROM `".MAIL_BLACK_LISTE_TABLE."` 
		    WHERE '".$ip."' = `ip` 
			GROUP by `ip` 
  		;";	
		 $result = @pwg_query($query);
 
	if (!$result) {
					verif_base();
	 				$result = @pwg_query($query);
					}
	    $datas = mysql_fetch_array($result,MYSQL_ASSOC);
		 $nb = $datas['total']; 
		 
	    $row  = mysql_fetch_row(pwg_query($query));
	    $nb =  ($row[7]);
        $erreur_message .= $ip0 . ' | ' .$ip . ' | ' . $pays . ' | ' . $region . ' | ' . $ville . ' ' . $nb . ' ==> ';	
  
  	 if ($nb == 0)
		 {
		   	$valeurs=array( 'NULL',
		            "'".$ip."'",
					"'".$pays."'",
					"'".$region."'",	
					"'".$ville."'",
					"'".$user['email']."'",		
			  "'".$user['username']."'",		
					1
	      );
		  ajout_ligne(MAIL_BLACK_LISTE_TABLE,$superv_bl_champs, $valeurs,true) ;	
		 
		 } else {
		  $nb += 1;
	 $query ="
			UPDATE " . MAIL_BLACK_LISTE_TABLE . " 
			SET ";
		if (isset($_POST['pays']))	
		 $query .= "	
			`pays` = '". $pays ."',
			`region` = '" . $region ."',
			`ville` = '" . $ville . "',
			";
		 $query .= "	
		    `adresse` = '".$user['email']."',
			`fai` = '".$user['username']."',			
			`nb` = " . $nb . "
		    WHERE '".$ip."' = `ip` 
        	";
		
				pwg_query($query );	
				}
	}
 return ($nb > 0) ;
}
//=====================================================================================
function test_spam($ip =0,$user_name ='', $mail_adresse = "")
{
 $buffer="";
 global $page,$infos_message;
 $src =  "http://www.stopforumspam.com/api?";
 $type=array();
 $result="";
 $ip= sup_double_espace($ip);
 if (strlen($ip)>3) { 
   //==================  Verifie si l'IP est correct  ================================
   if (clj_is_ip($ip)){     
     
   } else {  
   //==================  Verifie si l'adresse mail est correcte  ================================ 
         if( clj_is_mail($ip) ){  
	 		 $mail_adresse=$ip ;
	         $ip="";
	    }
	    else
	    {
   //==================  Login  ================ 
	      $user_name=$ip;
	      $ip="";
	    }
   }    
   //=============================================================================
 }

 $user_name=str_replace(" ","%20",trim($user_name));
 if ($user_name==l10n('Sv_guest')) $user_name="";
 $user_name="";  // ne plus tester sur le login.
 $mail_adresse =str_replace(" ","%20",trim($mail_adresse));
 if ( strlen($user_name) > 3)  	  $type[]="username=$user_name" ;
 if ( strlen($mail_adresse) > 3)   $type[]="email=".$mail_adresse ;
 if ( strlen($ip) > 3)   $type[]="ip=".$ip ; 
 foreach  ( $type as $fil ) {    
  $resultat="";
  if (  clj_fetchRemote($src.$fil , $resultat,1))
   $result .= $resultat.'<br />'  ; 		  
 }

 return !(strpos(  $result ,'yes' ) === false) ;
  
}
//==================================================================
function lire_fichier_distant($fichier)
{
 $buffer="";
	$handle =  @fopen($fichier,"r"); 
	if ($handle) {
   		       while (!feof($handle)) { 
        	       $buffer .= fgets($handle, 4096);
			          }   
			           fclose($handle);
			        }
				 
	return  $buffer ;

}
//================================================
function clj_is_ip($ip)
{
if (preg_match("/^(((25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9]{1}[0-9]|[1-9])\.){1}((25[0-5]|2[0-4][0-9]|[1]{1}[0-9]{2}|[1-9]{1}[0-9]|[0-9])\.){2}((25[0-5]|2[0-4][0-9]|[1]{1}[0-9]{2}|[1-9]{1}[0-9]|[0-9]){1}))$/",$ip))    return true ;
		 
}

function clj_is_mail($mail)
{     

 if(preg_match('/^[\w.-]+@[\w.-]+\.[a-zA-Z]{2,5}$/' ,$mail)) return true ;	
  if(preg_match('/#^[\w.-]+@[\w.-]+\.[a-zA-Z]{2,5}$#/' ,$mail)) return true ;	
}	   

 
function clj_fetchRemote($src, &$dest, $timeout=1, $user_agent='Piwigo', $step=0)
{
  // Try to retrieve data from local file?
 // http://www.stopforumspam.com/api?ip=95.211.1.39

  if ($src=="") return ;
 
  if (!url_is_remote($src))
  {
  
    $content = @file_get_contents($src);
    if ($content !== false)
    {
      is_resource($dest) ? @fwrite($dest, $content) : $dest = $content;
      return true;
    }
    else
    {
      return false;
    }
  }
 
  // After 3 redirections, return false
  if ($step > 3) return false;

  // Initialize $dest
  is_resource($dest) or $dest = '';

  // Try curl to read remote file
  if (function_exists('curl_init'))
  {
    $ch = @curl_init();
    @curl_setopt($ch, CURLOPT_TIMEOUT, $timeout);
    @curl_setopt($ch, CURLOPT_URL, $src);
    @curl_setopt($ch, CURLOPT_HEADER, 1);
    @curl_setopt($ch, CURLOPT_USERAGENT, $user_agent);
    @curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    $content = @curl_exec($ch);
    $header_length = @curl_getinfo($ch, CURLINFO_HEADER_SIZE);
    $status = @curl_getinfo($ch, CURLINFO_HTTP_CODE);
    @curl_close($content);
    if ($content !== false and $status >= 200 and $status < 400)
    {
      if (preg_match('/Location:\s+?(.+)/', substr($content, 0, $header_length), $m))
      {
        return clj_fetchRemote($m[1], $dest,$timeout, $user_agent, $step+1);
      }
      $content = substr($content, $header_length);
      is_resource($dest) ? @fwrite($dest, $content) : $dest = $content;
      return true;
    }
  }

  // Try file_get_contents to read remote file
  if (ini_get('allow_url_fopen'))
  {

    $opts['http'] = array('timeout' => $timeout);
    $ctx = stream_context_create($opts);
    $content = @file_get_contents($src, 0, $ctx);
    if ($content !== false)
    {
      is_resource($dest) ? @fwrite($dest, $content) : $dest = $content;
      return true;
    }
  }

  return false;
}


?>