token jirafeau

2022-02-12 22:50:10 +01:00 · 2022-02-12 22:50:10 +01:00 · 09bdc4998d
commit 09bdc4998d
parent 5ec61c7634
2 changed files with 327 additions and 99 deletions
--- a/src/Jirafeau/a.php
+++ b/src/Jirafeau/a.php
@ -18,43 +18,69 @@ require (JIRAFEAU_ROOT . 'lib/settings.php');
 require (JIRAFEAU_ROOT . 'lib/functions.php');
 require (JIRAFEAU_ROOT . 'lib/lang.php');
-define ('A_GET', 'g');
+define ('VAR_TOKENS', $cfg['var_root'] . 'tokens/');
-define ('A_HASH', 'h');
+define ('VAR_TRACKS', $cfg['var_root'] . 'tracks/');
-define ('A_SENDER', 's');
+
-define ('A_UPDATE', 'u');
+define ('TOKEN_USE_LIMIT', "-2 hours");
-define ('A_OPEN_TOKEN', 'o');
+define ('TOKEN_LOGIN_LIMIT', "-15 minutes");
-define ('E_BAD_SENDER_NAME', 'm&egrave;l incorrect : ');
+define ('TOKEN_LOGOUT_LIMIT', "-8 hours");
-define ('E_BAD_ARCHIVE_NAME', 'bad archive name format : ');
+
 define ('E_BAD_ARCHIVE_NAME', 'Bad archive name format');
 define ('E_CREATE_ZIP', "Impossible de cr&eacute;er l'archive.");
 define ('E_OPEN_ZIP', "Impossible d'ouvrir l'archive.");
 define ('M_BAD_KEY', "Mauvaise clef pour ");
 define ('M_BAD_SENDER_NAME', 'Votre m&egrave;l est incorrect');
 define ('M_BAD_TOKEN', "Vous n'utilisez pas le bon jeton (consultez votre messagerie).");
 define ('M_TOO_LONG_BEFORE_LOGGED', "Jeton de connexion trop ancien.");
 define ('M_TOO_LONG_LOGGED', "Temps de connexion d&eacute;pass&eacute;.");
 define ('M_EMAIL_CONTENT', "Bonjour,<br/><br/>Ceci est un message automatique, car vous venez de cliquer sur une demande de consultation de vos pi&egrave;ces jointes.<br/><br/>!!! Si vous n'&ecirc;tes pas &agrave; l'origine de cette demande, ne cliquez sur aucun lien de ce message. !!!<br/><br/>Le lien de connexion suivant est valable 15 minutes.<br/><a href=\"___LINK___\">___LINK___</a><br/><br/>Vous pouvez signaler des abus aupr&egrave;s de Kaz en faisant suivre ce message qui contient les traces de son &eacute;metteur (___IP___, ___DATE___).<br/><br/>Bonne navigation.<br/>.");
 define ('M_DOWNLOAD', "T&eacute;l&eacute;charger");
 define ('M_UPDATE', "Prolonger");
 define ('M_EMAIL_SUBJECT', "Lien de consultation des envoies de pi&egrave;ces jointes.");
 define ('M_FILE', " fichier.");
 define ('M_FILES', " fichiers.");
 define ('M_FILES_NOT_FOUND', " fichiers sont expir&eacute;s.");
 define ('M_FILES_RENAMED', " fichiers renomm&eacute;s.");
 define ('M_FILE_NOT_FOUND', " fichier est expir&eacute;.");
 define ('M_FILE_RENAMED', " fichier renomm&eacute;.");
 define ('M_INTRO_FORM', "Quelles sont les informations me concernant ?");
 define ('M_MEL', "votre m&egrave;l");
 define ('M_NO_FILENAME', 'SansNom');
 define ('M_NO_SENDER', 'kaz');
 define ('M_OLD_ATTACHEMENT_DIRNAME', "RappelHistorique");
-define ('M_INTRO_FORM', "O&ugrave; sont les derni&egrave;res pi&egrave;ces jointe que j'ai envoy&eacute; ?");
+define ('M_SEND', "Connexion");
 define ('M_LOGOUT', 'D&eacute;connexion');
 define ('M_LOGOUT_TOKEN', "Vous n'&ecirc;tes plus connect&eacute;.");
 define ('M_SEND_TOKEN', "Vous allez recevoir un lien d'acc&egrave;s temporaire &agrave; vos donn&eacute;es.");
 define ('A_ACTION', 'a');
 define ('A_GET', 'g');
 define ('A_HASH', 'h');
 define ('A_OPEN_TOKEN', 'o'); // ask send token
 define ('A_SENDER', 's');
 define ('A_TOKEN', 't');
 define ('A_UPDATE', 'u');
 define ('A_RECORD', 'r');
 define ('T_BAD_PASW', 'bad_psw');
 define ('T_CREATE', "create");
 define ('T_CRYPTED', 'crypted');
 define ('T_CRYPT_KEY', 'crypt_key');
 define ('T_ENTRIES', 'entries');
 define ('T_FILENAME', 'file_name');
 define ('T_HASH', 'hash');
 define ('T_LOGGED', "logged");
 define ('T_NEW', 'new');
 define ('T_NOT_FOUND', 'not_found');
 define ('T_OLD', 'old');
 define ('T_RENAME', 'rename');
 define ('T_SEND', 'send');
 define ('T_LOGOUT', 'lougout');
 define ('T_SENDER', 'sender');
 define ('T_TIMESTAMP', 'timestamp');
 define ('T_TOKEN', "token");
 define ('T_WARNING_FILENAME', "-Avertissement.txt");
 define ('T_ZIP_EXT', ".zip");
 /* Operations may take a long time.
 * Be sure PHP's safe mode is off.
 */
@ -85,7 +111,7 @@ function return_error ($msg) {
 * @param $link the link's name (hash)
 * @param $update_period the periode (i.e in : "month")
 */
-function jirafeau_update_link ($link_name, $link, $update_period) {
+function update_link ($link_name, $link, $update_period) {
    $time_max = $link ['time'];
    $time_up = time () + $update_period;
    $time_more = $time_up + JIRAFEAU_HOUR;
@ -140,13 +166,15 @@ function send_email($receiver, $receiver_name,  $subject, $body_string){
    $mail->SMTPAutoTLS = false;
    $mail->SMTPSecure  = "none";
    $mail->Port        = 25;
    $mail->charSet     = "UTF-8";
    $mail->ContentType = 'text/html';
    //Recipients (change this for every project)
    $mail->setFrom ('no-reply@kaz.local', '');
    $mail->addAddress ($receiver, $receiver_name);
    //Content
-    $mail->isHTML (false);
+    $mail->isHTML (true);
    $mail->Subject = $subject;
    $mail->Body    = $body_string;
@ -160,6 +188,89 @@ function send_email($receiver, $receiver_name,  $subject, $body_string){
    }
 }
 // ========================================
 function setTrack ($sender) {
    if (!$sender)
        return;
    if (!file_exists (VAR_TRACKS))
        mkdir (VAR_TRACKS, 0755);
    touch (VAR_TRACKS.$sender);
 }
 function rmTrack ($sender) {
    if (!$sender)
        return;
    if (file_exists (VAR_TRACKS.$sender))
        unlink (VAR_TRACKS.$sender);
 }
 function getTrack ($sender) {
    if (!$sender)
        return;
    return file_exists (VAR_TRACKS.$sender);
 }
 // ========================================
 function cleanToken () {
    if (!file_exists (VAR_TOKENS))
        mkdir (VAR_TOKENS, 0755);
    $d = dir (VAR_TOKENS);
    $oldest = strtotime (TOKEN_USE_LIMIT);
    foreach (glob (VAR_TOKENS."*") as $file) {
        if (filemtime ($file) <= $oldest)
            unlink ($file);
    }
 }
 function rmToken ($sender) {
    if (!$sender)
        return;
    if (file_exists (VAR_TOKENS.$sender))
        unlink (VAR_TOKENS.$sender);
 }
 function setToken ($sender) {
    if (!$sender)
        return;
    $token = md5 (rand ());
    if (file_put_contents (VAR_TOKENS.$sender, T_CREATE.": ".time ().NL.T_TOKEN.": ".$token.NL))
        return $token;
    return false;
 }
 function setLoggedToken ($sender, $token) {
    if (!$sender || !$token)
        return;
    file_put_contents (VAR_TOKENS.$sender, T_CREATE.": ".time ().NL.T_TOKEN.": ".$token.NL.T_LOGGED.": ok".NL);
 }
 function getTokenVar ($sender, $varName) {
    if (!$sender)
        return;
    if (!file_exists (VAR_TOKENS.$sender))
        return false;
    $content = file_get_contents (VAR_TOKENS.$sender);
    if (preg_match ("/\b".$varName.":\s*([^\s]+)\n/", $content, $matches))
        return $matches[1];
    return false;
 }
 function getToken ($sender) {
    return getTokenVar ($sender, T_TOKEN,);
 }
 function getCreateToken ($sender) {
    return getTokenVar ($sender, T_CREATE);
 }
 function getLoggedToken ($sender) {
    return getTokenVar ($sender, T_LOGGED);
 }
 function getTimeToken ($sender) {
    if (!$sender || !file_exists (VAR_TOKENS.$sender))
        return false;
    return filemtime (VAR_TOKENS.$sender);
 }
 // ========================================
 if ($do_update) {
    $update_period = JIRAFEAU_MONTH;
@ -194,8 +305,19 @@ if ($do_update) {
    $link = jirafeau_get_link ($link_name);
    if (count ($link) == 0)
        return_error (t ('FILE_404'));
-    $time = jirafeau_update_link ($link_name, $link, $update_period);
+    $time = update_link ($link_name, $link, $update_period);
    $content = '' . $time . NL;
    if (@preg_match ("/archive_content/", jirafeau_escape ($link ['file_name'])) &&
        jirafeau_escape ($link ['mime_type']) != "text/plain") {
        $archive_info = read_archive_info ($l);
        if (count ($archive_info)) {
            foreach ([T_OLD, T_NEW] as $cat)
                if (isset ($archive_info[$cat]))
                    foreach ($archive_info[$cat] as [$link_name, $crypt_key])
                        update_link ($link_name, jirafeau_get_link ($link_name), $update_period);
        }
    }
    header ('HTTP/1.0 200 OK');
    header ('Content-Length: ' . strlen ($content));
    header ('Content-Type: text/plain');
@ -203,15 +325,26 @@ if ($do_update) {
    exit;
 }
 $sender = '';
 $senderError = false;
 if (isset ($_REQUEST [A_SENDER]) && !empty ($_REQUEST [A_SENDER])) {
    if (!preg_match ("/^([a-z0-9\+_\-]+)(\.[a-z0-9\+_\-]+)*@([a-z0-9\-]+\.)+[a-z]{2,6}$/i", $_REQUEST [A_SENDER])) {
        $senderError=true;
        return;
    }
    cleanToken ();
    $sender = $_REQUEST [A_SENDER];
 }
 // ========================================
 if ($do_download) {
    // check archive exist
    $couple = explode ("~", $_REQUEST[A_GET], 2);
    if (count ($couple) == 0)
-        return_error (E_BAD_ARCHIVE_NAME.$_REQUEST [A_GET]);
+        return_error (E_BAD_ARCHIVE_NAME);
    $link_name = $couple [0];
    if (!$link_name || !preg_match ('/[0-9a-zA-Z_-]+$/', $link_name))
-        return_error (E_BAD_ARCHIVE_NAME.$_REQUEST [A_GET]);
+        return_error (E_BAD_ARCHIVE_NAME);
    $crypt_key = count ($couple) == 2 ? $couple [1] : "";
    $link = jirafeau_get_link ($link_name);
    if (count ($link) == 0)
@ -266,7 +399,7 @@ if ($do_download) {
    // build zip
    $dirname = (isset ($archive_info[T_SENDER]) && !empty ($archive_info[T_SENDER]))
-             ? $archive_info[T_SENDER] : M_NO_SENDER;
+             ? $archive_info[T_SENDER] : ($sender ? $sender : M_NO_SENDER);
    $dirname .= "-" . (isset ($archive_info[T_TIMESTAMP]) && !empty ($archive_info[T_TIMESTAMP]))
             ? $archive_info[T_TIMESTAMP] : date ("Ymd-His");
    $tmpFileName = tempnam (sys_get_temp_dir (), $dirname."-");
@ -346,35 +479,73 @@ if ($do_download) {
 }
 // ========================================
-// XXX form send
+if (isset ($_REQUEST [A_RECORD]) && !empty ($_REQUEST [A_RECORD])) {
-$content = "TODO send form".NL;
+    if (!preg_match ("/^([a-z0-9\+_\-]+)(\.[a-z0-9\+_\-]+)*@([a-z0-9\-]+\.)+[a-z]{2,6}$/i", $_REQUEST [A_RECORD]))
-
+        return_error (M_BAD_SENDER_NAME);
-$sender = '';
+    $content = getTrack ($_REQUEST [A_RECORD]).NL;
-if (isset ($_REQUEST [A_SENDER]) && !empty ($_REQUEST [A_SENDER])) {
+    header ('HTTP/1.0 200 OK');
-    $sender=$_REQUEST [A_SENDER];
+    header ('Content-Length: ' . strlen ($content));
-    if (!preg_match ("/^([a-z0-9\+_\-]+)(\.[a-z0-9\+_\-]+)*@([a-z0-9\-]+\.)+[a-z]{2,6}$/ix", $sender))
+    header ('Content-Type: text/plain');
-        return_error (E_BAD_SENDER_NAME.$sender);
+    echo $content;
-    $content = "${sender}".NL;
+    exit;
 }
-if (!$sender) {
+// ========================================
 // form
 $token = '';
 if (isset ($_REQUEST [A_TOKEN]) && !empty ($_REQUEST [A_TOKEN])) {
    if (!preg_match ("/^([0-9a-zA-Z_-]+)$/", $_REQUEST [A_TOKEN]))
        return false;
    $token = $_REQUEST [A_TOKEN];
 }
 $refToken = getToken ($sender);
 $url_base = $_SERVER['HTTP_X_FORWARDED_PROTO']."://".$_SERVER['HTTP_HOST'].$_SERVER['SCRIPT_NAME']."?";
 if (isset ($_REQUEST [A_ACTION]) && $_REQUEST [A_ACTION] == T_SEND && $sender) {
    $token = setToken ($sender);
    // XXX test token
    $url = $url_base.A_SENDER."=".$sender."&".A_TOKEN."=".$token;
    $result = send_email ($sender, "",  M_EMAIL_SUBJECT,
                          str_replace (["___LINK___", "___IP___", "___DATE___"],
                                       [$url, $_SERVER ['HTTP_X_REAL_IP'] , date ("Y-m-d H:i:s")], M_EMAIL_CONTENT));
    require (JIRAFEAU_ROOT . 'lib/template/header.php');
    echo M_SEND_TOKEN;
    require (JIRAFEAU_ROOT.'lib/template/footer.php');
    exit;
 }
 if (!($sender && $token && $token == $refToken &&
      (getLoggedToken ($sender) || (getTimeToken ($sender) >= strtotime (TOKEN_LOGIN_LIMIT))) &&
      (getCreateToken ($sender) >= strtotime (TOKEN_LOGOUT_LIMIT)))) {
    // XXX temps de connexion
    require (JIRAFEAU_ROOT . 'lib/template/header.php');
    echo M_INTRO_FORM;
    if ($senderError)
        echo "<p>".M_BAD_SENDER_NAME."</p>";
    else if (($token && !$refToken) || !getLoggedToken ($sender))
        echo "<p>".M_TOO_LONG_BEFORE_LOGGED."</p>";
    else if ($token && $token != $refToken)
        echo "<p>".M_BAD_TOKEN."</p>";
    else if (getCreateToken ($sender) < strtotime (TOKEN_LOGOUT_LIMIT))
        echo "<p>".M_TOO_LONG_LOGGED."</p>";
    ?>
    <Form method="post" class="form login">
                <fieldset>
    <table>
    <tr>
-    <td class = "label"><label for = "enter_password"><?php echo "votre m&egrave;l" . ':'; ?></label>
+    <td class="label"><label for="enter_password"><?php echo M_MEL . ' :'; ?></label>
    </td>
    </tr>
    <tr>
-    <td class = "field"><input type = "text" name = "s" id = "s" size = "40" />
+    <td class="field"><input type="text" name="<?php echo A_SENDER; ?>" size="40" value="<?php echo jirafeau_escape ($_REQUEST [A_SENDER]);?>"/>
    </td>
    </tr>
    <tr class="nav">
    <td class="nav next">
-    <input type = "submit" name = "key" value ="<?php echo t ('LOGIN'); ?>" />
+    <input type="hidden" name="<?php echo A_ACTION; ?>" value="<?php echo T_SEND; ?>" />
    <input type="submit" value="<?php echo M_SEND; ?>" />
    </td>
    </tr>
    </table>
@ -385,31 +556,29 @@ if (!$sender) {
    exit;
 }
-$open_service = '';
+if (!getLoggedToken ($sender))
-if (!isset ($_REQUEST [A_OPEN_TOKEN]) || empty ($_REQUEST [A_OPEN_TOKEN]))
+    setLoggedToken ($sender, $token);
-    $open_service=$_REQUEST [A_OPEN_TOKEN];
+else
-
+    touch (VAR_TOKENS.$sender);
 if (!isset ($open_service)) {
    // send e-mail
    //preg_match ("%^http.*//depot.([^/]+)/?$%i", $cfg ['web_root'], $matches);
    // $domain = $matches[1];
    // $to      = $sender;
    // $subject = 'Lien de consultation des envoies de pi&egrave;ces jointes';
    // $message = 'Bonjour !';
    // $headers =
    //          'From: no-reply@'.$domain.'' . "\r\n" .
    //          'X-Mailer: PHP/' . phpversion();
    // mail ($to, $subject, $message, $headers);
    $result = send_email ($sender, "",  "Lien de consultation des envoies de pi&egrave;ces jointes", "Bonjour!");
 // ========================================
 if (isset ($_REQUEST [A_ACTION]) && $_REQUEST [A_ACTION] == T_LOGOUT) {
    rmToken ($sender);
    require (JIRAFEAU_ROOT . 'lib/template/header.php');
-    echo M_SEND_TOKEN;
+    echo M_LOGOUT;
    require (JIRAFEAU_ROOT.'lib/template/footer.php');
    exit;
 }
-$found = [];
+if (isset ($_REQUEST [A_ACTION])) {
    if ($_REQUEST [A_ACTION] == A_RECORD."on")
        setTrack ($sender);
    else if ($_REQUEST [A_ACTION] == A_RECORD."off")
        rmTrack ($sender);
 }
 // list
 $archives = [];
 $stack = array (VAR_LINKS);
 while ( ($d = array_shift ($stack)) && $d != null) {
    $dir = scandir ($d);
@ -433,28 +602,85 @@ while ( ($d = array_shift ($stack)) && $d != null) {
            $archive_info = read_archive_info ($l);
            if ($sender != $archive_info [T_SENDER])
                continue;
-            if (isset ($archive_info [T_NEW]))
+            $archive_info ['link'] = $node;
-                foreach ($archive_info [T_NEW] as [$link_name, $crypt_key])
+            $archive_info ['time'] = $l ['time'];
-                    $found [$link_name] = $crypt_key;
+            $archive_info ['key'] = $l ['key'];
            $archives [] = $archive_info;
        }
    }
 }
-foreach ($found as $link_name => $crypt_key)
+require (JIRAFEAU_ROOT . 'lib/template/header.php');
-    $content .= $link_name . " - " . $crypt_key . NL;
+?>
-
+<script type="text/javascript">
-// XXX find
+            function ajaxUpdate (period, hash) {
-// add link : name / time / download / delete
+                var xhr = new XMLHttpRequest ();
-// sort by name ?
+                xhr.open ("POST", "<?php echo $_SERVER ['SCRIPT_NAME']; ?>", true);
-
+                xhr.setRequestHeader ("Content-Type", "application/x-www-form-urlencoded");
-// $tmpFileName = tempnam (sys_get_temp_dir (), $dirname."-");
+                xhr.onreadystatechange = function () {
-// $fd = fopen ($tmpFileName, "w");
+                    if (this.readyState === XMLHttpRequest.DONE && this.status === 200) {
-// if (!$fd)
+                        alert ("refarchez la page"); // XXX updage page
-//     return_error ("Unable to open tmp file!");
+                    }
-// fwrite ($fd, $content);
+                }
-// fclose ($fd);
+                   xhr.send ("<?php echo A_UPDATE; ?>="+period+"&<php ecgo A_HASH; ?>="+hash);
-
+            }
-header ('HTTP/1.0 200 OK');
+</script>
-header ('Content-Length: ' . strlen ($content));
+<?php
-header ('Content-Type: text/plain');
+if (getTrack ($sender))
-echo $content;
+    $onChecked=' checked="checked"';
 else
    $offChecked=' checked="checked"';
 echo
    '<form method="post">'.
    '<input type="hidden" name="'.A_SENDER.'" value="'.$sender.'"/>'.
    '<input type="hidden" name="'.A_TOKEN.'" value="'.$token.'"/>'.
    '<input type="radio" name="'.A_ACTION.'" value="'.A_RECORD.'on" '.$onChecked.'>oui'.
    '<input type="radio" name="'.A_ACTION.'" value="'.A_RECORD.'off" '.$offChecked.'>non'.
    '<input type="submit" value="'."valider".'" />'.
    '</form>'.
    '<form method="post">'.
    '<input type="hidden" name="'.A_ACTION.'" value="'.T_LOGOUT.'" />'.
    '<input type="hidden" name="'.A_SENDER.'" value="'.$sender.'"/>'.
    '<input type="hidden" name="'.A_TOKEN.'" value="'.$token.'"/>'.
    '<input type="submit" value="'.M_LOGOUT.'" />'.
    '</form>';
 if ($archives) {
    echo
    //        '<fieldset><legend>archives</legend>'.
    '<table width="100%" ><tr><th></th><th>'.t('ACTION').'</th></tr>';
    foreach ($archives as $archive_info) {
        echo '<tr><td><strong>'.$archive_info [T_TIMESTAMP].'</strong>';
        echo '<br/>=> '. ($archive_info ['time'] == -1 ? '∞' : jirafeau_get_datetimefield ($archive_info ['time'])).'<ul>';
        foreach ([T_NEW, T_OLD] as $cat) {
            $li_style = $cat == T_NEW ? "font-weight: bold;" : "font-style: italic;";
            if (isset ($archive_info [$cat]))
                foreach ($archive_info [$cat] as [$link_name, $crypt_key]) {
                    $link = jirafeau_get_link ($link_name);
                    if (count ($link) == 0)
                        continue;
                    echo
                        '<li style="'.$li_style.'">'.jirafeau_escape ($link ['file_name']).
                        ' ('.jirafeau_escape ($link ['mime_type']).
                        ' '.jirafeau_human_size($l['file_size']).
                        ')</li>';
                }
        }
        $dl_val = $archive_info ['link']."~".$archive_info ['key'];
        echo
            '</ul></td><td style="text-align:center;">'.
            '<form method="post">'.
            '<input type="hidden" name="'.A_GET.'" value="'.$dl_val.'"/>' .
            '<input type="submit" value="'.M_DOWNLOAD.'" />' .
            '</form>' .
            '<form method="post" onSubmit="return false;">' .
            '<input type="submit" value="'.M_UPDATE.'" onClick="ajaxUpdate (\'month\', \''.$archive_info ['link'].'\');"/>' .
            '</form>'.
            '</td></tr>';
    }
    echo '</table>';//</fieldset>';
 } else
    echo "Il n'y a aucune information vous concernant.";
 require (JIRAFEAU_ROOT.'lib/template/footer.php');
 exit;
 ?>
--- a/src/bash/filter.sh
+++ b/src/bash/filter.sh
@ -75,7 +75,8 @@ LOG_FIC "--------------- debut de programme -------------------"
 mkdir -p "${MAILS}" || { LOG_FIC "impossible de creer ce dossier"; exit "${EX_UNAVAILABLE}"; }
 MAIL_SOURCE=$(echo $@ | awk 'BEGIN{FS=" "} {print $2}')
 DATE_TEMPS=$(date "+%Y-%m-%d-%H:%M:%S")
-REP_PIECE_JOINTE=$(echo "${MAILS}/${DATE_TEMPS}_${MAIL_SOURCE}_$$")
+REP_PIECE_JOINTE="${MAILS}/${DATE_TEMPS}_${MAIL_SOURCE}_$$"
 TRACK=$(curl "${JIRAFEAU_URL}/a.php?r=${MAIL_SOURCE}" 2>/dev/null)
 cd "${INSPECT_DIR}" || { echo "${INSPECT_DIR} does not exist"; exit "${EX_TEMPFAIL}"; }
 # lien renvoyé par le téléverssement
@ -97,10 +98,9 @@ mkdir -p "${REP_PIECE_JOINTE}/"
 >"${ARCHIVE_CONTENT}"
 # Etape de rafraichissement des anciens fichiers inclus
-cat > "${ARCHIVE_CONTENT}" <<EOF
+echo "time: ${DATE_TEMPS}" > "${ARCHIVE_CONTENT}"
-src: ${MAIL_SOURCE}
+[ -n "${TRACK}" ] && echo "src: ${MAIL_SOURCE}" >> "${ARCHIVE_CONTENT}"
-time: ${DATE_TEMPS}
+
 EOF
 LOG_FIC "${SHRINK_CMD} -u \"${INSPECT_DIR}/in.$$\" 2>> \"${FIC_LOG}\" > \"${OLD_LINKS}\""
 "${SHRINK_CMD}" -u "${INSPECT_DIR}/in.$$" 2>> "${FIC_LOG}" > "${OLD_LINKS}"
@ -155,11 +155,13 @@ LOG_FIC "${SHRINK_CMD} -s ${MAX_KEEP_IN_MAIL} -d ${REP_PIECE_JOINTE} ${INSPECT_D
 	rm -f "${ATTACH_TMP_FILE}"
    done
    # Création de l'archive
-    if [ "$(wc -l < "${ARCHIVE_CONTENT}")" -ge 4 ]; then
+    NB_ATTCH=$(grep -e "^old: " -e "^new1: " "${ARCHIVE_CONTENT}" | wc -l)
    if [ -n "${TRACK}" ] || [ "${nb}" -gt 1 ]; then
 	PASSWORD=$(apg -n 1 -m 12)
 	PASSWORD_MD5=$(echo -n ${PASSWORD} | ${MD5_CMD} | cut -d \  -f 1)
 	LOG_FIC " - \"${JIRAFEAU_CMD}\" -f \"${JIRAFEAU_LOCAL}\" -s \"${MAX_UPLOAD_SIZE}\" -c \"text/plain\" -n \"archive_content\" send \"${ARCHIVE_CONTENT}\" \"${PASSWORD}\" 2>> \"${FIC_LOG}\" > \"${ONE_LINK}\""
 	"${JIRAFEAU_CMD}" -f "${JIRAFEAU_LOCAL}" -s "${MAX_UPLOAD_SIZE}" -c "text/plain" -n "archive_content" send "${ARCHIVE_CONTENT}" "${PASSWORD}" 2>> "${FIC_LOG}" > "${ONE_LINK}"
 	if  [ "${nb}" -gt 1 ]; then
 	    cat "${ONE_LINK}"  | {
 		read JIR_TOKEN
 		read JIR_CODE
@ -170,15 +172,15 @@ LOG_FIC "${SHRINK_CMD} -s ${MAX_KEEP_IN_MAIL} -d ${REP_PIECE_JOINTE} ${INSPECT_D
 			echo "arch: bad"
 			;;
 		    * )
-		    LOG_FIC " - ajoute de l'archive ${JIRAFEAU_URL}/a.php?g=${JIR_TOKEN}~${PASSWORD_MD5}"
+			LOG_FIC " - ajoute de l'archive ${JIRAFEAU_URL}/a.php?g=${JIR_TOKEN}~${PASSWORD_MD5}&s=${MAIL_SOURCE}"
-		    echo "arch: ${JIRAFEAU_URL}/a.php?g=${JIR_TOKEN}~${PASSWORD_MD5}"
+			echo "arch: ${JIRAFEAU_URL}/a.php?g=${JIR_TOKEN}~${PASSWORD_MD5}&s=${MAIL_SOURCE}"
 			;;
 		esac
-	}
+	    } else
    else
 	    LOG_FIC " - pas d'archive (moins de 2 PJ)"
 	    echo "arch: none"
 	fi
    fi
    # Etape de substitution
    LOG_FIC "${SHRINK_CMD} -s \"${MAX_KEEP_IN_MAIL}\" \"${INSPECT_DIR}/in.$$\" \"${INSPECT_DIR}/in.$$.altered\" 2>> \"${FIC_LOG}\""
 } | "${SHRINK_CMD}" -s "${MAX_KEEP_IN_MAIL}" "${INSPECT_DIR}/in.$$" "${INSPECT_DIR}/in.$$.altered" 2>> "${FIC_LOG}"