From 1b25026ed20940540e87f52bcfebcf41277bcb8f Mon Sep 17 00:00:00 2001
From: David
Date: Mon, 19 Mar 2018 00:34:33 +0100
Subject: [PATCH] =?UTF-8?q?#5=20v1.4=20Interface=20admin=20avec=20stats,?=
=?UTF-8?q?=20top=20user,=20possibilit=C3=A9=20de=20nettoyer,=20blackliste?=
=?UTF-8?q?r...?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
.gitignore | 1 +
CHANGELOG.md | 15 ++--
conf-dist.php | 9 +++
emailPoubelle.php | 7 +-
emailPoubelleAdmin.php | 173 +++++++++++++++++++++++++++++++++++++++++
lib/blk.png | Bin 0 -> 944 bytes
lib/ep_function.php | 29 +++++++
lib/status0.png | Bin 0 -> 360 bytes
lib/status3.png | Bin 0 -> 358 bytes
lib/status5.png | Bin 0 -> 355 bytes
lib/sup.png | Bin 0 -> 311 bytes
11 files changed, 223 insertions(+), 11 deletions(-)
create mode 100644 emailPoubelleAdmin.php
create mode 100644 lib/blk.png
create mode 100644 lib/status0.png
create mode 100644 lib/status3.png
create mode 100644 lib/status5.png
create mode 100755 lib/sup.png
diff --git a/.gitignore b/.gitignore
index 719f2d8..e13ab03 100644
--- a/.gitignore
+++ b/.gitignore
@@ -6,3 +6,4 @@ conf.php
test*
var/database*
var/.htaccess
+devToProd.sh
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 7151262..6be31c9 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,11 +1,16 @@
-## 1.1 (future)
+## 2 (future)
- support postfix-mysql (not plain text virtual file)
- - admin panel page with statistic
- - limit nb alias / email
- javascript checkupgrade in admin page
- - add second table in database (for domain/checkupdate/intervale cron)
- - send email for advertisement action ?
+
+## 1.4 (2018-03-19)
+
+ - Interface admin avec stats, top user, possibilité de nettoyer, blacklister...
+
+## 1.2 (2018-03-19)
+
+ - Ne pas permettre la création d'un alias depuis un alias
+ - Limiter le nombre d'alias possible
## 1.0.1 (2014-01-06)
diff --git a/conf-dist.php b/conf-dist.php
index 8bf7807..9ecf496 100644
--- a/conf-dist.php
+++ b/conf-dist.php
@@ -87,4 +87,13 @@ define('MAINTENANCE_MODE', false);
// No maintenance for this ip (admin ip)
define('MAINTENANCE_IP', '10.0.0.1');
+
+// Usage de password-hash https://php.net/manual/fr/function.password-hash.php
+// Vous pouvez crtyper le mot de passe en ligne avec les outils :
+// http://www.passwordtool.hu/php5-password-hash-generator
+// https://php-password-hash-online-tool.herokuapp.com/password_hash (PASSWORD_DEFAULT, no auto-generated, no cost 10)
+// Mot de passe par défaut "admin" :
+define('ADMIN_PASSWORD', '$2y$10$BncfiLy8VEYtkLVIlL5Ar.TVPY9Q3KbllJrdHNuSU5WCRnKafWM5K');
+
+
?>
diff --git a/emailPoubelle.php b/emailPoubelle.php
index 8de3060..9208da3 100644
--- a/emailPoubelle.php
+++ b/emailPoubelle.php
@@ -10,16 +10,11 @@
// Depend : Postifx (postmap command) php-pdo
//-----------------------------------------------------------
-// @todo
-// form ergonomie
-// sqlite
-// disable time
-
//////////////////
// Init & check
//////////////////
-define('VERSION', '1.0');
+define('VERSION', '1.4');
if (DEBUG) {
error_reporting(E_ALL);
diff --git a/emailPoubelleAdmin.php b/emailPoubelleAdmin.php
new file mode 100644
index 0000000..394e55f
--- /dev/null
+++ b/emailPoubelleAdmin.php
@@ -0,0 +1,173 @@
+Erreur : Mot de passe incorrect';
+}
+if (empty($_SESSION['adminPasswordHash']) || $auth == false) {
+ echo '';
+}
+
+// Test connexion, si c'est ok :
+if ($auth==true) {
+ // Connect DB
+ try {
+ if (preg_match('/^sqlite/', DB)) {
+ $dbco = new PDO(DB);
+ } else {
+ $dbco = new PDO(DB, DBUSER, DBPASS);
+ }
+ $dbco->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
+ } catch ( PDOException $e ) {
+ die('Connexion à la base '.$e->getMessage());
+ }
+ if (isset($_POST['action'])) {
+ if ($_POST['action'] == 'DeleteEmail' && isset($_POST['email'])) {
+ DeleteEmail($_POST['email']);
+ }
+ if ($_POST['action'] == 'AddBlacklistEmail' && isset($_POST['email'])) {
+ AddBlacklistEmail($_POST['email']);
+ }
+ if ($_POST['action'] == 'DeleteAlias' && isset($_POST['id']) && isset($_POST['alias'])) {
+ DeleteAlias($_POST['id'], $_POST['alias']);
+ }
+ if ($_POST['action'] == 'DisableAlias' && isset($_POST['id']) && isset($_POST['alias'])) {
+ DisableAlias($_POST['id'], $_POST['alias'], $_POST['email']);
+ }
+ }
+ ?>
+
+ Statistique :
';
+ echo '';
+ echo '- Total alias : '.$dbco->query("SELECT COUNT(*) FROM ".DBTABLEPREFIX."alias")->fetchColumn().'
';
+ echo '- Alias actif : '.$dbco->query("SELECT COUNT(*) FROM ".DBTABLEPREFIX."alias WHERE status = 5")->fetchColumn().'
';
+ echo '- Alias suspendu : '.$dbco->query("SELECT COUNT(*) FROM ".DBTABLEPREFIX."alias WHERE status = 3")->fetchColumn().'
';
+ echo '- Alias non vérifié : '.$dbco->query("SELECT COUNT(*) FROM ".DBTABLEPREFIX."alias WHERE status = 0")->fetchColumn().'
';
+ //echo '- Email différent : '.$dbco->query("SELECT DISTINCT count(email) FROM ".DBTABLEPREFIX."alias WHERE status = 5")->fetchColumn().'
';
+ echo '
';
+
+ echo 'User info
';
+ echo '';
+ if (isset($_POST['email'])) {
+ $requestUtilisateur = $dbco->query("SELECT * FROM ".DBTABLEPREFIX."alias WHERE email='".$_POST['email']."' ORDER BY dateCreat DESC")->fetchAll() ;
+ echo 'Utilisateur '.$_POST['email'].' : ';
+ if (count($requestUtilisateur) != 0) {
+ echo '
';
+ if (!BlacklistEmail($_POST['email'])) {
+ echo '
';
+ }
+ } else {
+ echo 'N\'existe pas !';
+ }
+ echo '
';
+ echo '';
+ if (count($requestUtilisateur) != 0) {
+ echo '';
+ echo '
+ Status |
+ Alias |
+ DateCreat |
+ DateExpir |
+ Comment |
+
';
+ foreach ($requestUtilisateur as $utilisateur) {
+ echo '
+ !['.$utilisateur['status'].']('.URLINC.'/status'.$utilisateur['status'].'.png) |
+ '.$utilisateur['alias'].'
+
+ ';
+ if ($utilisateur['status'] == 5) {
+ echo ' ';
+ }
+ echo ' |
+ '.$utilisateur['dateCreat'].' |
+ '.$utilisateur['dateExpir'].' |
+ '.$utilisateur['comment'].' |
+
';
+ }
+ echo '
';
+ }
+ }
+
+ echo 'Top user
';
+ $recordActifs = $dbco->query("SELECT email, count(alias) calias FROM ".DBTABLEPREFIX."alias WHERE status=5 GROUP BY email ORDER BY calias DESC LIMIT 40")->fetchAll();
+ echo '';
+ echo '
+ Email |
+ Nombre d\'alias |
+ Action |
+
';
+ foreach ($recordActifs as $recordActif) {
+ echo '
+ ';
+ if (BlacklistEmail($recordActif['email'])) {
+ echo ' ';
+ }
+ echo $recordActif['email'].' |
+ '.$recordActif['calias'].' |
+
+
+ ';
+ if (!BlacklistEmail($recordActif['email'])) {
+ echo ' ';
+ }
+ echo '
+ |
+
';
+ }
+ echo '
';
+
+}
+
+
+
+?>
diff --git a/lib/blk.png b/lib/blk.png
new file mode 100644
index 0000000000000000000000000000000000000000..d0eac5fb5e16a4260517e66587d1cedbb0c4bd38
GIT binary patch
literal 944
zcmV;h15f;kP)$9PBS#x~bY9FrAd5P``EXbTa6;m0<{9AoQJDon;_5m|s3
zO*9x~%0~hT1foWxW=5j~enFHEAxi)w@|79F*np5J5!RNzE$@1tUVltGn8x$>-sjwN
z&vULw1Z&?B$z%k8z=IG%K?nu_Fl%7e9V*mtq-ui&@-92JlQJwth%vn|N
zC}i(VfEj674glnR+K*qlPQtW`v<)>=FgmXUrS1|jZ}Kz%;Ev8SYEi{(*?V(PMr?Wg
z8vvjxeA$#S@-{g~-5`h4q=Ld@>gpG|8dLJO4J^r(dx0`tVYMmX1c2Bozh7fr7XZNV
z#B?N+x#F#c=Y?;AAAf{rp>oTIvilm;!Z{E^C{aFs1FWQzzwhueGlbO-M3&Wu0DwGW
zw^3d}G;Lzp#PuW%R%H{{J!l*ab1`|wzS+lNEfJ_$sLAXRT~}Hb4HGHo5TYLdk^r=y
z&+kBC&R2ZCdk0OQGB?ej3n0bPUbWaEoSAnt1@&95?s$YpFbndPS5t;F
zMY=(xXPKmDnIsKGcBi75MjYt*N(H
zcmRM?#~wb6cxy8Nz+4;fg&V7zh8|A*rRSFR2NskAfZE)Q|3o~rWI)l!TONznzOXNH
zc&jZQYOq@sGk5X9HWvV>P!s+aiMG}Ok|TQ!Gguq6s%8i2^+p2#)Xw$)>i-Mv$5Z%W
SBszBh0000lastInsertId();
}
+// delete email
+function DeleteEmail($email) {
+ global $dbco;
+ if ($dbco->query("SELECT COUNT(*) FROM ".DBTABLEPREFIX."alias WHERE email = '".$email."'")->fetchColumn() != 0) {
+ try {
+ $deletecmd = $dbco->prepare("DELETE FROM ".DBTABLEPREFIX."alias WHERE email = :email");
+ $deletecmd->bindParam('email', $email, PDO::PARAM_STR);
+ $deletecmd->execute();
+ echo 'l\'email '.$email.' a bien été supprimé avec tout ces alias.
';
+ } catch ( PDOException $e ) {
+ echo "DB error : ", $e->getMessage();
+ die();
+ }
+ } else {
+ echo 'Erreur : email '.$email.' n\'a pas été supprimé.
';
+ }
+ UpdateVirtualDB();
+}
+
+function AddBlacklistEmail($email) {
+ $contenu = '/^'.$email.'$/';
+ $fichier = fopen(BLACKLIST, 'a');
+ fwrite($fichier, $contenu."\n");
+ fclose($fichier);
+ echo 'La mention '.$contenu.' a été ajouté au fichier de blackliste '.BLACKLIST.'
';
+}
// delete alias
function DeleteAlias($id, $alias_full) {
global $dbco;
diff --git a/lib/status0.png b/lib/status0.png
new file mode 100644
index 0000000000000000000000000000000000000000..12d374f2d24dd6de43a0de002cf6de1ed18cb518
GIT binary patch
literal 360
zcmeAS@N?(olHy`uVBq!ia0vp^0wB!61|;P_|4#%`Y)RhkEbHUgGKN%KnI1h)6S#WBR<^wP@?T;4D&@tXrwC>)z^*npb
z_rL#h?~L?6$z*#~_R4w5+{GCS4~SYta_sdwpm09Cpy_HC^ZbIA%Q`Lp%pFAH6CUzk
z&lfD3(|RF)D%V}XBL=;)Yw9gKZ0CpH^>n?Hplo?#oo1V=j{1R`X7M?Pe3*L7=Qgwa
z$XHP8K9ONNFGKkb|Aw=(9x>h3X^G?BBp|mj`tUEsb%~2YUK}ZXFaFV(ufWXYRN;bK
z5l8H<8AyKL^T4QXS$kmJW1U+|uVm*GYuGX7zq1yfTq&^u7yt~Ou6{1-oD!MbHUgGKN%KnI1h)-AQuU&N!Q0TL#i(`nz>9v>Fda(wI9Q`;y{9~J^
z*z7>TBPlZs{1;qRX=7|YsPco0%~aFPQQ`xyOYgFc9Vf*H
z=WH^6ecq~j@6Tl3+Usjh)rfwU;9e{JMm@6ds(8TE$}Zg{8Sab2Z60!1dxqK6FtU7P
zO#5w7cTCZ&dP11V9ccxzn6(KTuV=W{`(;17b}T6LS@Fi^r)>|eOGLb
z59Keo9&r6&GS7`%4vXVQtrbpo8OvN3x!<1ps_t9@v%2Y#*E{}YPF3G1_AY_xaN-r-
xY1<2DrW`%JAUW!QiJQ}FvE`m&C4b8IGTtn=sH$AHYa!7444$rjF6*2UngA!EirN4G
literal 0
HcmV?d00001
diff --git a/lib/status5.png b/lib/status5.png
new file mode 100644
index 0000000000000000000000000000000000000000..4cb5f4bcc13e54002c8487a66cd62ac2353a484a
GIT binary patch
literal 355
zcmeAS@N?(olHy`uVBq!ia0vp^0wB!61|;P_|4#%`Y)RhkEbHUgGKN%KnI1h)-A7wfSBxQ0RlFi(`nz>9v;)y$=V79Q_!touc*b
zt<($g7tfXy7ruO_#j(!mE^D|t^SY+lkt*Hsj$Ds4N_uB2giToV=u^<82|~>CKHe$+
zcjx!LT3J)6^Xj!&N7M8(F?b@
v^v&LIs#13Wi&Ua~bHdXd+PD6N|78;TX?y#6i5Jei0#Y0$L4LviA%Njt^WI31l&6bhNX4zB1b1cz#v=#L9XQ1BeB*}A
z%q#-T*4)b4(o?t>F*0#zoIb=Q$oTmtkhx|Ks|wRYkOCL`0G3nf>>LU!8g&ecZvf@i
zF{v>LIB*y*Py(9O5Wuep(t6;`5vIViTuKZ~9gTA(-x+M+aA06$eNbb-z@e}}OvNsM
m(}BTo!EZ5z1_KrbCLV@_U2LV?JKcpq4)=8Rb6Mw<&;$Tia9maZ
literal 0
HcmV?d00001