1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/emailpoubelle_ynh.git synced 2024-09-03 18:26:29 +02:00

Pas très loin de la fin de la 1.0

This commit is contained in:
David 2013-11-19 16:51:59 +01:00
parent 231a965813
commit 47c6d2410d
6 changed files with 114 additions and 26 deletions

1
.gitignore vendored
View file

@ -4,3 +4,4 @@ virtual.db
checkupdate
conf.php
test*
var/database.sdb

48
CHANGELOG.md Normal file
View file

@ -0,0 +1,48 @@
## 1.1 (future)
- support postfix-mysql (not plain text virtual file)
- admin panel page with statistic
- add second table in database (for domain/checkupdate/intervale cron)
- send email for advertisement action ?
## 1.0 (2013-10-02)
Features:
- add database with PDO (remove plain text)
support mysql, sqlite, postgresql...
- add multi-domain support
- add memory email (with cookies)
- add life for alias (optional)
- add comment for alias (optional)
- add template for example
- add javascript in form (noscript compatible)
- add cron for expir life email
- add maintenance mode
- add basic form anti-spam
- add disable/enable alias function
- pass UTF-8 encode
## 0.3 (2013-08-08) (without database)
- add blacklist.txt regex
- add function "alias list"
- add shell statistique script
- add readme
## 0.2 (2012-08-05)
Features:
- add aliasdeny.txt regex
- migrate to Net_DNS2
- check email exist with DNS (check MX)
Bugfixes:
- fixe http://forge.zici.fr/p/emailpoubelle-php/issues/4/
## 0.1b (2012-03-20)
- start project

View file

@ -1,6 +1,8 @@
#!/usr/bin/php
<?php
include('./conf.php');
include('../conf.php');
# pour migrer du plain-text vers la base de donnée
// Connect DB
try {
@ -15,7 +17,7 @@ try {
}
// postmap command
function UpdateVirtualDB() {
function UpdateVirtualDB_migrateTo10() {
global $dbco;
try {
$selectcmd = $dbco->prepare("SELECT alias, email
@ -39,7 +41,7 @@ function UpdateVirtualDB() {
// add new alias
function AjouterAlias($status, $alias,$email, $life, $comment) {
function AjouterAlias_migrateTo10($status, $alias,$email, $life, $comment) {
global $dbco;
$dateCreat=date('Y-m-d H:i:s', 0);
$dateExpir=NULL;
@ -67,12 +69,12 @@ while (!feof($handle)) {
$bufferExplode = explode(' ', $buffer);
if (!preg_match('/^(#|$|;)/', $buffer)) {
echo $bufferExplode[0].' -> '.$bufferExplode[1]."\n";
AjouterAlias(5, trim($bufferExplode[0]), trim($bufferExplode[1]), null, null);
AjouterAlias_migrateTo10(5, trim($bufferExplode[0]), trim($bufferExplode[1]), null, null);
}
}
}
fclose($handle);
UpdateVirtualDB();
UpdateVirtualDB_migrateTo10();
?>

View file

@ -65,15 +65,26 @@ try {
}
// Create DB if not exists
try {
// status : 0=not verified - 3=disable - 5=active
$create = $dbco->query("CREATE TABLE IF NOT EXISTS ".DBTABLEPREFIX."alias (
id INTEGER PRIMARY KEY AUTO_INCREMENT,
status INTEGER(1) NOT NULL,
alias CHAR(150) NOT NULL UNIQUE,
email CHAR(150) NOT NULL,
dateCreat DATETIME NOT NULL,
dateExpir DATETIME,
comment TEXT);");
// status : 0=not verified - 3=disable - 5=active
if (preg_match('/^sqlite/', DB)) {
$create = $dbco->query("CREATE TABLE IF NOT EXISTS ".DBTABLEPREFIX."alias (
id INTEGER PRIMARY KEY,
status INTEGER(1) NOT NULL,
alias CHAR(150) NOT NULL UNIQUE,
email CHAR(150) NOT NULL,
dateCreat DATETIME NOT NULL,
dateExpir DATETIME,
comment TEXT);");
} else {
$create = $dbco->query("CREATE TABLE IF NOT EXISTS ".DBTABLEPREFIX."alias (
id INTEGER PRIMARY KEY AUTO_INCREMENT,
status INTEGER(1) NOT NULL,
alias CHAR(150) NOT NULL UNIQUE,
email CHAR(150) NOT NULL,
dateCreat DATETIME NOT NULL,
dateExpir DATETIME,
comment TEXT);");
}
} catch ( PDOException $e ) {
echo '<div class="highlight-1">Erreur à l\'initialisation des tables. Merci de contacter l\'administrateur ';
if (DEBUG) { $e->getMessage(); }
@ -85,12 +96,11 @@ $create = $dbco->query("CREATE TABLE IF NOT EXISTS ".DBTABLEPREFIX."alias (
// Start program
//////////////////
// get process act
// get process "act" (action)
$action = isset($_GET['act']) ? $_GET['act'] : '';
switch ($action) {
case "validemail" :
$get_value = urlUnGen($_GET['value']);
echo $dbco->query("SELECT COUNT(*) FROM ".DBTABLEPREFIX."alias WHERE id = '".$get_value['id']."' AND status = 0")->fetchColumn();
if ($dbco->query("SELECT COUNT(*) FROM ".DBTABLEPREFIX."alias WHERE id = '".$get_value['id']."' AND status = 0")->fetchColumn() != 0) {
UpdateStatusAlias($get_value['id'], $get_value['alias_full'], 5);
echo '<div class="highlight-3">Votre email poubelle <b>'.$get_value['alias_full'].'</b> est maintenant actif</div>';
@ -123,7 +133,7 @@ switch ($action) {
if (isset($_POST['username']) && $_POST['username'] != '') { // minimal anti-spam
echo 'Hello you';
} else if (isset($_POST['list'])) {
$email=strtolower($_POST['email']);
$email=strtolower(StripCleanToHtml($_POST['email']));
if (! filter_var($email, FILTER_VALIDATE_EMAIL)) {
echo '<div class="highlight-1">Erreur : Adresse email incorrect</div>';
} else if (! VerifMXemail($email)) {
@ -134,11 +144,11 @@ if (isset($_POST['username']) && $_POST['username'] != '') { // minimal anti-spa
echo '<div class="highlight-1">Erreur : aucun email actif connu</div>';
}
} else if (isset($_POST['email']) && isset($_POST['alias'])) {
$alias=strtolower($_POST['alias']);
$email=strtolower($_POST['email']);
$domain=$_POST['domain'];
$alias=strtolower(StripCleanToHtml($_POST['alias']));
$email=strtolower(StripCleanToHtml($_POST['email']));
$domain=StripCleanToHtml($_POST['domain']);
$life=$_POST['life'];
$comment=$_POST['comment'];
$comment=StripCleanToHtml($_POST['comment']);
$alias_full=$alias.'@'.$domain;
// Check form
if (! filter_var($email, FILTER_VALIDATE_EMAIL)) {
@ -167,8 +177,9 @@ if (isset($_POST['username']) && $_POST['username'] != '') { // minimal anti-spa
$message= $alias_full.' => '.$email."\n";
$message= "Cliquer sur le lien ci-dessous pour confirmer : \n";
$message.= "\t * ".urlGen('validemail',$lastId,$alias_full)."\n";
$message.= "\n";
$message.= "Pour supprimer cet email poubelle vous pouvez vous rendre sur le lien ci-dessou : \n";
$message.= "\t * ".urlGen('del',$lastId,$alias_full)."\n";
$message.= "\t * ".urlGen('delete',$lastId,$alias_full)."\n";
$message.= "\n";
$message.= "Après confirmation, vous pourez suspendre temporairement cet email poubelle vous pouvez vous rendre sur le lien ci-dessou : \n";
$message.= "\t * ".urlGen('disable',$lastId,$alias_full)."\n";
@ -182,7 +193,7 @@ if (isset($_POST['username']) && $_POST['username'] != '') { // minimal anti-spa
$message= "Confirmation de la création de votre redirection email poubelle : ";
$message= $alias_full.' => '.$email."\n";
$message= "Cliquer sur le lien ci-dessous pour confirmer la suppression : \n";
$message.= "\t * ".urlGen('del',$id,$alias_full)."\n\n";
$message.= "\t * ".urlGen('delete',$id,$alias_full)."\n\n";
$message.= "Sinon pour suspendre temporairement cet email poubelle vous pouvez vous rendre sur le lien ci-dessou : \n";
$message.= "\t * ".urlGen('disable',$id,$alias_full)."\n";
SendEmail($email,'Suppression de l\'alias '.$alias,$message);
@ -200,7 +211,7 @@ if (isset($_POST['username']) && $_POST['username'] != '') { // minimal anti-spa
// memory email
if (isset($_POST['memory'])) {
setcookie ("email", $email, time() + 31536000);
setcookie ("email", StripCleanToHtml($email), time() + 31536000);
} else if (isset($_COOKIE['email'])) {
unset($_COOKIE['email']);
}
@ -364,3 +375,15 @@ if (!CRON) { LifeExpire(); }
echo CheckUpdate();
} // end maintenance mod
?>
<link href="http://cdn.wijmo.com/themes/rocket/jquery-wijmo.css" rel="stylesheet" type="text/css" />
<link href="http://cdn.wijmo.com/jquery.wijmo-open.1.1.5.css" rel="stylesheet" type="text/css" />
<link href="http://cdn.wijmo.com/jquery.wijmo-complete.1.1.5.css" rel="stylesheet" type="text/css" />
<script src="http://ajax.aspnetcdn.com/ajax/jquery/jquery-1.5.1.min.js" type="text/javascript"></script>
<script src="http://ajax.aspnetcdn.com/ajax/jquery.ui/1.8.11/jquery-ui.min.js" type="text/javascript"></script>
<script src="http://cdn.wijmo.com/external/jquery.bgiframe-2.1.3-pre.js" type="text/javascript"></script>
<script src="http://cdn.wijmo.com/external/jquery.glob.min.js" type="text/javascript"></script>
<script src="http://cdn.wijmo.com/external/jquery.mousewheel.min.js" type="text/javascript"></script>
<script src="http://cdn.wijmo.com/external/raphael-min.js" type="text/javascript"></script>
<script src="http://cdn.wijmo.com/jquery.wijmo-open.1.1.5.min.js" type="text/javascript"></script>
<script src="http://cdn.wijmo.com/jquery.wijmo-complete.1.1.5.min.js" type="text/javascript"></script>

View file

@ -1,2 +0,0 @@
<?php
?>

View file

@ -278,6 +278,22 @@ function urlUnGen($get_value) {
return $return;
}
// Source http://css-tricks.com/serious-form-security/
function StripCleanToHtml($s){
// Restores the added slashes (ie.: " I\'m John " for security in output, and escapes them in htmlentities(ie.: &quot; etc.)
// Also strips any <html> tags it may encouter
// Use: Anything that shouldn't contain html (pretty much everything that is not a textarea)
return htmlentities(trim(strip_tags(stripslashes($s))), ENT_NOQUOTES, "UTF-8");
}
function CleanToHtml($s){
// Restores the added slashes (ie.: " I\'m John " for security in output, and escapes them in htmlentities(ie.: &quot; etc.)
// It preserves any <html> tags in that they are encoded aswell (like &lt;html&gt;)
// As an extra security, if people would try to inject tags that would become tags after stripping away bad characters,
// we do still strip tags but only after htmlentities, so any genuine code examples will stay
// Use: For input fields that may contain html, like a textarea
return strip_tags(htmlentities(trim(stripslashes($s))), ENT_NOQUOTES, "UTF-8");
}
//////////////////
// Admin function
//////////////////