update V2

This commit is contained in:
François 2022-02-14 17:07:18 +01:00
parent 09bdc4998d
commit 7190cf3113
2 changed files with 332 additions and 136 deletions

View File

@ -18,8 +18,8 @@ require (JIRAFEAU_ROOT . 'lib/settings.php');
require (JIRAFEAU_ROOT . 'lib/functions.php'); require (JIRAFEAU_ROOT . 'lib/functions.php');
require (JIRAFEAU_ROOT . 'lib/lang.php'); require (JIRAFEAU_ROOT . 'lib/lang.php');
define ('VAR_TOKENS', $cfg['var_root'] . 'tokens/'); define ('VAR_TOKENS', $cfg ['var_root'].'tokens/');
define ('VAR_TRACKS', $cfg['var_root'] . 'tracks/'); define ('VAR_TRACKS', $cfg ['var_root'].'tracks/');
define ('TOKEN_USE_LIMIT', "-2 hours"); define ('TOKEN_USE_LIMIT', "-2 hours");
define ('TOKEN_LOGIN_LIMIT', "-15 minutes"); define ('TOKEN_LOGIN_LIMIT', "-15 minutes");
@ -46,21 +46,22 @@ define ('M_FILE_RENAMED', " fichier renommé.");
define ('M_INTRO_FORM', "Quelles sont les informations me concernant ?"); define ('M_INTRO_FORM', "Quelles sont les informations me concernant ?");
define ('M_MEL', "votre mèl"); define ('M_MEL', "votre mèl");
define ('M_NO_FILENAME', 'SansNom'); define ('M_NO_FILENAME', 'SansNom');
define ('M_NO_SENDER', 'kaz'); define ('M_NO_SENDER', 'kaz-');
define ('M_OLD_ATTACHEMENT_DIRNAME', "RappelHistorique"); define ('M_OLD_ATTACHEMENT_DIRNAME', "RappelHistorique");
define ('M_SEND', "Connexion"); define ('M_SEND', "Connexion");
define ('M_LOGOUT', 'Déconnexion'); define ('M_LOGOUT', 'Déconnexion');
define ('M_LOGOUT_TOKEN', "Vous n'êtes plus connecté."); define ('M_LOGOUT_TOKEN', "Vous n'êtes plus connecté.");
define ('M_SEND_TOKEN', "Vous allez recevoir un lien d'accès temporaire à vos données."); define ('M_SEND_TOKEN', "Vous allez recevoir un lien d'accès temporaire à vos données.");
define ('A_ACTION', 'a'); define ('A_ACTION', 'a'); // action : T_SEND, T_LOGOUT, A_RECORD+(on|off)
define ('A_GET', 'g'); define ('A_GET', 'g'); // get archive
define ('A_HASH', 'h'); define ('A_HASH', 'h'); // file to update or delete
define ('A_OPEN_TOKEN', 'o'); // ask send token define ('A_OPEN_TOKEN', 'o'); // ask token
define ('A_SENDER', 's'); define ('A_SENDER', 's'); // session sender
define ('A_TOKEN', 't'); define ('A_TOKEN', 't'); // session token
define ('A_UPDATE', 'u'); define ('A_UPDATE', 'u'); // update perriod for file or archive
define ('A_RECORD', 'r'); define ('A_RECORD', 'r'); // get track status
define ('A_DELETE', 'd'); // delete file ou archive + (sender+token)
define ('T_BAD_PASW', 'bad_psw'); define ('T_BAD_PASW', 'bad_psw');
define ('T_CREATE', "create"); define ('T_CREATE', "create");
define ('T_CRYPTED', 'crypted'); define ('T_CRYPTED', 'crypted');
@ -80,6 +81,8 @@ define ('T_TIMESTAMP', 'timestamp');
define ('T_TOKEN', "token"); define ('T_TOKEN', "token");
define ('T_WARNING_FILENAME', "-Avertissement.txt"); define ('T_WARNING_FILENAME', "-Avertissement.txt");
define ('T_ZIP_EXT', ".zip"); define ('T_ZIP_EXT', ".zip");
define ('T_ARCHIVE_TITLE', "archive_content");
define ('T_ARCHIVE_MIME', "text/kaz_email_archive");
/* Operations may take a long time. /* Operations may take a long time.
* Be sure PHP's safe mode is off. * Be sure PHP's safe mode is off.
@ -89,12 +92,12 @@ define ('T_ZIP_EXT', ".zip");
@error_reporting (0); @error_reporting (0);
$do_update = false; $do_update = false;
if (isset ($_REQUEST[A_UPDATE]) && !empty ($_REQUEST[A_UPDATE])) { if (isset ($_REQUEST [A_UPDATE]) && !empty ($_REQUEST [A_UPDATE])) {
$do_update = true; $do_update = true;
} }
$do_download = false; $do_download = false;
if (isset ($_REQUEST[A_GET]) && !empty ($_REQUEST[A_GET])) { if (isset ($_REQUEST [A_GET]) && !empty ($_REQUEST [A_GET])) {
$do_download = true; $do_download = true;
} }
@ -106,6 +109,29 @@ function return_error ($msg) {
exit; exit;
} }
// ========================================
function isKazArchive ($link) {
return
@preg_match ("/".T_ARCHIVE_TITLE."/", jirafeau_escape ($link ['file_name'])) &&
jirafeau_escape ($link ['mime_type']) == T_ARCHIVE_MIME;
}
// ========================================
function getTimeFile ($link) {
$p = s2p ($link ['hash']);
return filemtime (VAR_FILES . $p . $link ['hash']);
}
function timeStamp2time ($timeStamp) {
if (preg_match ("/^(\d{4})-(\d{2})-(\d{2})[ :-](\d{2}):(\d{2}):(\d{2})/i", $timeStamp, $matches))
// XXX bug GMT+1
return mktime ($matches [4]-1, $matches [5], $matches [6], $matches [2], $matches [3], $matches [1]-2000);
return false;
}
function valideTime ($t1, $t2) {
return abs ($t1 - $t2) < 60; // XXX delay
}
// ======================================== // ========================================
/** Update link /** Update link
* @param $link the link's name (hash) * @param $link the link's name (hash)
@ -134,20 +160,20 @@ function update_link ($link_name, $link, $update_period) {
function read_archive_info ($link) { function read_archive_info ($link) {
$p = s2p ($link ['hash']); $p = s2p ($link ['hash']);
// read archive info // read archive info
$result=[]; $result = [];
foreach (file (VAR_FILES . $p . $link ['hash']) as $line) { foreach (file (VAR_FILES . $p . $link ['hash']) as $line) {
switch (true) { switch (true) {
case preg_match ("/^\s*src:\s*(([a-z0-9\+_\-]+)(\.[a-z0-9\+_\-]+)*@([a-z0-9\-]+\.)+[a-z]{2,6})\s*$/i", $line, $matches): case preg_match ("/^\s*src:\s*(([a-z0-9\+_\-]+)(\.[a-z0-9\+_\-]+)*@([a-z0-9\-]+\.)+[a-z]{2,6})\s*$/i", $line, $matches):
$result[T_SENDER] = $matches[1]; $result [T_SENDER] = $matches [1];
break; break;
case preg_match ("/^\s*time:\s*(\d{4}([:-]\d{2}){5})\s*$/i", $line, $matches): case preg_match ("/^\s*time:\s*(\d{4}([:-]\d{2}){5})\s*$/i", $line, $matches):
$result[T_TIMESTAMP] = $matches[1]; $result [T_TIMESTAMP] = $matches [1];
break; break;
case preg_match ("/^\s*old:\s*([0-9a-zA-Z_-]+)\s+([0-9a-zA-Z_-]+)\s*$/", $line, $matches): case preg_match ("/^\s*old:\s*([0-9a-zA-Z_-]+)\s+([0-9a-zA-Z_-]+)\s*$/", $line, $matches):
$result[T_OLD][] = [$matches[1], $matches[2]]; $result [T_OLD][] = [$matches [1], $matches [2]];
break; break;
case preg_match ("/^\s*new:\s*([0-9a-zA-Z_-]+)\s+([0-9a-zA-Z_-]+)\s*$/", $line, $matches): case preg_match ("/^\s*new:\s*([0-9a-zA-Z_-]+)\s+([0-9a-zA-Z_-]+)\s*$/", $line, $matches):
$result[T_NEW][] = [$matches[1], $matches[2]]; $result [T_NEW][] = [$matches [1], $matches [2]];
break; break;
default: default:
break; break;
@ -157,7 +183,7 @@ function read_archive_info ($link) {
} }
// ======================================== // ========================================
function send_email($receiver, $receiver_name, $subject, $body_string){ function send_email ($receiver, $receiver_name, $subject, $body_string){
// SERVER SETTINGS // SERVER SETTINGS
$mail = new PHPMailer (true); $mail = new PHPMailer (true);
$mail->isSMTP (); $mail->isSMTP ();
@ -249,7 +275,7 @@ function getTokenVar ($sender, $varName) {
return false; return false;
$content = file_get_contents (VAR_TOKENS.$sender); $content = file_get_contents (VAR_TOKENS.$sender);
if (preg_match ("/\b".$varName.":\s*([^\s]+)\n/", $content, $matches)) if (preg_match ("/\b".$varName.":\s*([^\s]+)\n/", $content, $matches))
return $matches[1]; return $matches [1];
return false; return false;
} }
@ -274,7 +300,7 @@ function getTimeToken ($sender) {
// ======================================== // ========================================
if ($do_update) { if ($do_update) {
$update_period = JIRAFEAU_MONTH; $update_period = JIRAFEAU_MONTH;
switch ($_REQUEST[A_UPDATE]) { switch ($_REQUEST [A_UPDATE]) {
case 'minute': case 'minute':
$update_period = JIRAFEAU_MINUTE; $update_period = JIRAFEAU_MINUTE;
break; break;
@ -299,7 +325,7 @@ if ($do_update) {
default: default:
return_error (t ('ERR_OCC') . ' (update_period)'); return_error (t ('ERR_OCC') . ' (update_period)');
} }
$link_name = $_REQUEST[A_HASH]; $link_name = $_REQUEST [A_HASH];
if (!preg_match ('/[0-9a-zA-Z_-]+$/', $link_name)) if (!preg_match ('/[0-9a-zA-Z_-]+$/', $link_name))
return_error (t ('FILE_404')); return_error (t ('FILE_404'));
$link = jirafeau_get_link ($link_name); $link = jirafeau_get_link ($link_name);
@ -308,13 +334,12 @@ if ($do_update) {
$time = update_link ($link_name, $link, $update_period); $time = update_link ($link_name, $link, $update_period);
$content = '' . $time . NL; $content = '' . $time . NL;
if (@preg_match ("/archive_content/", jirafeau_escape ($link ['file_name'])) && if (isKazArchive ($link)) {
jirafeau_escape ($link ['mime_type']) != "text/plain") {
$archive_info = read_archive_info ($l); $archive_info = read_archive_info ($l);
if (count ($archive_info)) { if (count ($archive_info)) {
foreach ([T_OLD, T_NEW] as $cat) foreach ([T_OLD, T_NEW] as $cat)
if (isset ($archive_info[$cat])) if (isset ($archive_info [$cat]))
foreach ($archive_info[$cat] as [$link_name, $crypt_key]) foreach ($archive_info [$cat] as [$link_name, $crypt_key])
update_link ($link_name, jirafeau_get_link ($link_name), $update_period); update_link ($link_name, jirafeau_get_link ($link_name), $update_period);
} }
} }
@ -339,7 +364,7 @@ if (isset ($_REQUEST [A_SENDER]) && !empty ($_REQUEST [A_SENDER])) {
// ======================================== // ========================================
if ($do_download) { if ($do_download) {
// check archive exist // check archive exist
$couple = explode ("~", $_REQUEST[A_GET], 2); $couple = explode ("~", $_REQUEST [A_GET], 2);
if (count ($couple) == 0) if (count ($couple) == 0)
return_error (E_BAD_ARCHIVE_NAME); return_error (E_BAD_ARCHIVE_NAME);
$link_name = $couple [0]; $link_name = $couple [0];
@ -360,23 +385,23 @@ if ($do_download) {
$modif = false; $modif = false;
$single_name = []; $single_name = [];
foreach ([T_OLD, T_NEW] as $cat) foreach ([T_OLD, T_NEW] as $cat)
if (isset ($archive_info[$cat])) if (isset ($archive_info [$cat]))
foreach ($archive_info[$cat] as [$link_name, $crypt_key]) { foreach ($archive_info [$cat] as [$link_name, $crypt_key]) {
$link = jirafeau_get_link ($link_name); $link = jirafeau_get_link ($link_name);
if (count ($link) == 0) { if (count ($link) == 0) {
if (isset ($archive_content[T_NOT_FOUND])) if (isset ($archive_content [T_NOT_FOUND]))
++$archive_content[T_NOT_FOUND]; ++$archive_content [T_NOT_FOUND];
else else
$archive_content[T_NOT_FOUND] = 1; $archive_content [T_NOT_FOUND] = 1;
$modif = true; $modif = true;
continue; continue;
} }
$key = $link ['key']; $key = $link ['key'];
if ($key && (empty ($crypt_key) || $key != $crypt_key)) { if ($key && (empty ($crypt_key) || $key != $crypt_key)) {
if (isset ($archive_content[T_BAD_PASW])) if (isset ($archive_content [T_BAD_PASW]))
++$archive_content[T_BAD_PASW]; ++$archive_content [T_BAD_PASW];
else else
$archive_content[T_BAD_PASW] = 1; $archive_content [T_BAD_PASW] = 1;
$modif = true; $modif = true;
continue; continue;
} }
@ -385,23 +410,22 @@ if ($do_download) {
for ($i = 0; $i < 10000; ++$i) { for ($i = 0; $i < 10000; ++$i) {
$dst_name = sprintf ("%s-%2d", $src_name, $i); $dst_name = sprintf ("%s-%2d", $src_name, $i);
if (!in_array ($dst_name, $single_name)) { if (!in_array ($dst_name, $single_name)) {
if (isset ($archive_content[T_RENAME])) if (isset ($archive_content [T_RENAME]))
++$archive_content[T_RENAME]; ++$archive_content [T_RENAME];
else else
$archive_content[T_RENAME] = 1; $archive_content [T_RENAME] = 1;
$modif = true; $modif = true;
break; break;
} }
} }
$single_name [] = $dst_name; $single_name [] = $dst_name;
$archive_content[$cat][T_ENTRIES][] = [T_HASH => $link ['hash'], T_FILENAME => $dst_name, T_CRYPT_KEY => $crypt_key, T_CRYPTED => $link['crypted']]; $archive_content [$cat][T_ENTRIES][] = [T_HASH => $link ['hash'], T_FILENAME => $dst_name, T_CRYPT_KEY => $crypt_key, T_CRYPTED => $link ['crypted']];
} }
// build zip // build zip
$dirname = (isset ($archive_info[T_SENDER]) && !empty ($archive_info[T_SENDER])) $dirname = M_NO_SENDER.(isset ($archive_info [T_TIMESTAMP]) && !empty ($archive_info [T_TIMESTAMP])) ?
? $archive_info[T_SENDER] : ($sender ? $sender : M_NO_SENDER); $archive_info [T_TIMESTAMP] : date ("Y-m-d-H:i:s");
$dirname .= "-" . (isset ($archive_info[T_TIMESTAMP]) && !empty ($archive_info[T_TIMESTAMP])) $dirname = str_replace (":", "_", $dirname);
? $archive_info[T_TIMESTAMP] : date ("Ymd-His");
$tmpFileName = tempnam (sys_get_temp_dir (), $dirname."-"); $tmpFileName = tempnam (sys_get_temp_dir (), $dirname."-");
$zip = new ZipArchive; $zip = new ZipArchive;
if (!$zip) if (!$zip)
@ -412,12 +436,12 @@ if ($do_download) {
// create info XXX // create info XXX
if ($modif) { if ($modif) {
$info = ''; $info = '';
if (isset ($archive_info[T_NOT_FOUND])) if (isset ($archive_info [T_NOT_FOUND]))
$info .= $archive_info[T_NOT_FOUND]. ($archive_info[T_NOT_FOUND] ? M_FILE_NOT_FOUND : M_FILES_NOT_FOUND).NL; $info .= $archive_info [T_NOT_FOUND]. ($archive_info [T_NOT_FOUND] ? M_FILE_NOT_FOUND : M_FILES_NOT_FOUND).NL;
if (isset ($archive_info[T_BAD_PASW])) if (isset ($archive_info [T_BAD_PASW]))
$info .= M_BAD_KEY. $archive_info[T_BAD_PASW]. ($archive_info[T_BAD_PASW] ? M_FILE : M_FILES).NL; $info .= M_BAD_KEY. $archive_info [T_BAD_PASW]. ($archive_info [T_BAD_PASW] ? M_FILE : M_FILES).NL;
if (isset ($archive_info[$cat][T_RENAME])) if (isset ($archive_info [$cat][T_RENAME]))
$info .= $archive_info[$cat][T_RENAME]. ($archive_info[$cat][T_RENAME] ? M_FILE_RENAMED : M_FILES_RENAMED).NL; $info .= $archive_info [$cat][T_RENAME]. ($archive_info [$cat][T_RENAME] ? M_FILE_RENAMED : M_FILES_RENAMED).NL;
$zip->addFromString ($dirname.T_WARNING_FILENAME, $info); $zip->addFromString ($dirname.T_WARNING_FILENAME, $info);
} }
foreach ([T_OLD, T_NEW] as $cat) foreach ([T_OLD, T_NEW] as $cat)
@ -500,11 +524,11 @@ if (isset ($_REQUEST [A_TOKEN]) && !empty ($_REQUEST [A_TOKEN])) {
} }
$refToken = getToken ($sender); $refToken = getToken ($sender);
$url_base = $_SERVER['HTTP_X_FORWARDED_PROTO']."://".$_SERVER['HTTP_HOST'].$_SERVER['SCRIPT_NAME']."?"; $url_base = $_SERVER ['HTTP_X_FORWARDED_PROTO']."://".$_SERVER ['HTTP_HOST'];
if (isset ($_REQUEST [A_ACTION]) && $_REQUEST [A_ACTION] == T_SEND && $sender) { if (isset ($_REQUEST [A_ACTION]) && $_REQUEST [A_ACTION] == T_SEND && $sender) {
$token = setToken ($sender); $token = setToken ($sender);
// XXX test token // XXX test token
$url = $url_base.A_SENDER."=".$sender."&".A_TOKEN."=".$token; $url = $url_base.$_SERVER ['SCRIPT_NAME']."?".A_SENDER."=".$sender."&".A_TOKEN."=".$token;
$result = send_email ($sender, "", M_EMAIL_SUBJECT, $result = send_email ($sender, "", M_EMAIL_SUBJECT,
str_replace (["___LINK___", "___IP___", "___DATE___"], str_replace (["___LINK___", "___IP___", "___DATE___"],
[$url, $_SERVER ['HTTP_X_REAL_IP'] , date ("Y-m-d H:i:s")], M_EMAIL_CONTENT)); [$url, $_SERVER ['HTTP_X_REAL_IP'] , date ("Y-m-d H:i:s")], M_EMAIL_CONTENT));
@ -515,7 +539,7 @@ if (isset ($_REQUEST [A_ACTION]) && $_REQUEST [A_ACTION] == T_SEND && $sender) {
exit; exit;
} }
if (!($sender && $token && $token == $refToken && if (! ($sender && $token && $token == $refToken &&
(getLoggedToken ($sender) || (getTimeToken ($sender) >= strtotime (TOKEN_LOGIN_LIMIT))) && (getLoggedToken ($sender) || (getTimeToken ($sender) >= strtotime (TOKEN_LOGIN_LIMIT))) &&
(getCreateToken ($sender) >= strtotime (TOKEN_LOGOUT_LIMIT)))) { (getCreateToken ($sender) >= strtotime (TOKEN_LOGOUT_LIMIT)))) {
// XXX temps de connexion // XXX temps de connexion
@ -561,20 +585,141 @@ if (!getLoggedToken ($sender))
else else
touch (VAR_TOKENS.$sender); touch (VAR_TOKENS.$sender);
function setFake ($sender, $link_name) {
// XXX
}
function deleteAction ($link_name) {
global $sender, $token, $message, $doLogout;
$link = jirafeau_get_link ($link_name);
//$message .= "<pre>".print_r ($link, 1)."</pre>";
if (!count ($link))
return;
if (isKazArchive ($link)) {
$dir_name = $link_name;
$dir_link = $link;
$dirTime = getTimeFile ($link);
$archive_info = read_archive_info ($dir_link);
if (count ($archive_info) && isset ($archive_info [T_TIMESTAMP]) && !empty ($archive_info [T_TIMESTAMP])) {
$timeStamp = timeStamp2time ($archive_info [T_TIMESTAMP]);
if (!valideTime ($timeStamp, $dirTime)) {
setFake ($sender, $dir_name);
$message .= "PB1 : ".$archive_info [T_TIMESTAMP]." ".$timeStamp." / ".$dirTime."<br/>";
// XXX $doLogout = true;
return;
}
foreach ($archive_info [T_NEW] as [$file_name, $crypt_key]) {
$file_link = jirafeau_get_link ($file_name);
if (count ($file_link) == 0)
continue;
$fileTime = getTimeFile ($file_link);
if (!valideTime ($dirTime, $fileTime)) {
setFake ($sender, $dir_name);
$message .= "PB2 : ".$archive_info [T_TIMESTAMP]." ".$timeStamp." / ".$dirTime." / ".$fileTime."<br/>";
// XXX $doLogout = true;
return;
}
}
foreach ($archive_info [T_NEW] as [$file_name, $crypt_key]) {
$file_link = jirafeau_get_link ($file_name);
if (count ($file_link) == 0)
continue;
jirafeau_delete_link ($file_link);
}
jirafeau_delete_link ($dir_link);
} else {
setFake ($sender, $dir_name);
$message .= "PB3 : ".$archive_info [T_TIMESTAMP]."<br/>";
// XXX $doLogout = true;
}
} else {
$file_name = $link_name;
$file_link = $link;
$fileTime = getTimeFile ($file_link);
$stack = array (VAR_LINKS);
while (($d = array_shift ($stack)) && $d != null) {
$dir = scandir ($d);
foreach ($dir as $dir_name) {
if (strcmp ($dir_name, '.') == 0 || strcmp ($dir_name, '..') == 0 ||
preg_match ('/\.tmp/i', "$dir_name")) {
continue;
}
if (is_dir ($d . $dir_name)) {
/* Push new found directory. */
$stack [] = $d . $dir_name . '/';
continue;
}
/* Read link informations. */
$dir_link = jirafeau_get_link ($dir_name);
$dirTime = getTimeFile ($dir_link);
if (!count ($dir_link))
continue;
if (!isKazArchive ($dir_link))
continue;
$archive_info = read_archive_info ($dir_link);
foreach ($archive_info [T_NEW] as [$new_name, $crypt_key]) {
if ($file_name == $new_name) {
if ($sender == $archive_info [T_SENDER]) {
if (valideTime ($dirTime, $fileTime))
jirafeau_delete_link ($file_link);
else {
setFake ($sender, $dir_name);
$message .= "<pre>".print_r ($archive_info, 1)."</pre>";
$message .= "PB4 : ".$archive_info [T_TIMESTAMP]." ".$timeStamp." / ".$dirTime." / ".$fileTime."<br/>";
// XXX $dologout = true;
}
break;
}
if (valideTime ($dirTime, $fileTime)) {
setFake ($sender, $dir_name);
$message .= "<pre>".print_r ($archive_info, 1)."</pre>";
$message .= "PB5 : ".$archive_info [T_TIMESTAMP]." ".$timeStamp." / ".$dirTime." / ".$fileTime."<br/>";
// XXX $doLogout = true;
} else {
setFake ($archive_info [T_SENDER], $dir_name);
$message .= "<pre>".print_r ($archive_info, 1)."</pre>";
$message .= "PB6 : ".$archive_info [T_TIMESTAMP]." ".$timeStamp." / ".$dirTime." / ".$fileTime."<br/>";
}
break;
}
}
}
}
}
}
// ======================================== // ========================================
if (isset ($_REQUEST [A_ACTION]) && $_REQUEST [A_ACTION] == T_LOGOUT) { // sender OK, token OK
// ========================================
// delete
$doLogout = '';
$message = '';
if (isset ($_REQUEST [A_DELETE])) {
if (!preg_match ('/[0-9a-zA-Z_-]+$/', $_REQUEST [A_DELETE]))
return_error (t ('FILE_404'));
deleteAction ($_REQUEST [A_DELETE]);
}
// logout
if ($doLogout || (isset ($_REQUEST [A_ACTION]) && $_REQUEST [A_ACTION] == T_LOGOUT)) {
rmToken ($sender); rmToken ($sender);
require (JIRAFEAU_ROOT . 'lib/template/header.php'); require (JIRAFEAU_ROOT . 'lib/template/header.php');
if ($message)
echo $message;
echo M_LOGOUT; echo M_LOGOUT;
require (JIRAFEAU_ROOT.'lib/template/footer.php'); require (JIRAFEAU_ROOT.'lib/template/footer.php');
exit; exit;
} }
// change track
if (isset ($_REQUEST [A_ACTION])) { if (isset ($_REQUEST [A_ACTION])) {
if ($_REQUEST [A_ACTION] == A_RECORD."on") if ($_REQUEST [A_ACTION] == A_RECORD."on")
setTrack ($sender); setTrack ($sender);
else if ($_REQUEST [A_ACTION] == A_RECORD."off") else if ($_REQUEST [A_ACTION] == A_RECORD."off")
rmTrack ($sender); rmTrack ($sender);
$message = "<p>Votre suivi &agrave; &eacute;t&eacute; chang&eacute;.</p>";
} }
// list // list
@ -582,74 +727,123 @@ $archives = [];
$stack = array (VAR_LINKS); $stack = array (VAR_LINKS);
while ( ($d = array_shift ($stack)) && $d != null) { while ( ($d = array_shift ($stack)) && $d != null) {
$dir = scandir ($d); $dir = scandir ($d);
foreach ($dir as $node) { foreach ($dir as $dir_name) {
if (strcmp ($node, '.') == 0 || strcmp ($node, '..') == 0 || if (strcmp ($dir_name, '.') == 0 || strcmp ($dir_name, '..') == 0 ||
preg_match ('/\.tmp/i', "$node")) { preg_match ('/\.tmp/i', "$dir_name")) {
continue; continue;
} }
if (is_dir ($d . $node)) { if (is_dir ($d . $dir_name)) {
/* Push new found directory. */ /* Push new found directory. */
$stack[] = $d . $node . '/'; $stack [] = $d . $dir_name . '/';
} elseif (is_file ($d . $node)) { continue;
}
/* Read link informations. */ /* Read link informations. */
$l = jirafeau_get_link ($node); $l = jirafeau_get_link ($dir_name);
if (!count ($l)) { if (!count ($l))
continue; continue;
} if (!isKazArchive ($l))
if (!@preg_match ("/archive_content/", jirafeau_escape ($l ['file_name'])) || jirafeau_escape ($l ['mime_type']) != "text/plain") {
continue; continue;
}
$archive_info = read_archive_info ($l); $archive_info = read_archive_info ($l);
if ($sender != $archive_info [T_SENDER]) if ($sender != $archive_info [T_SENDER])
continue; continue;
$archive_info ['link'] = $node; $archive_info ['link'] = $dir_name;
$archive_info ['time'] = $l ['time']; $archive_info ['time'] = $l ['time'];
$archive_info ['key'] = $l ['key']; $archive_info ['key'] = $l ['key'];
$archives [] = $archive_info; $archives [] = $archive_info;
} }
}
} }
require (JIRAFEAU_ROOT . 'lib/template/header.php'); require (JIRAFEAU_ROOT . 'lib/template/header.php');
echo "<p>Page actualis&eacute;e &agrave; ".date ("H:i:s d/m/Y")."</p>";
if ($message)
echo $message;
echo '<script type="text/javascript">';
?> ?>
<script type="text/javascript"> function getURI (uri, params) {
function ajaxUpdate (period, hash) { var form = document.createElement ('form');
form.setAttribute ('method', 'post');
form.setAttribute ('action', "<?php echo $url_base; ?>"+uri);
var hiddenField = document.createElement ('input');
for (var key in params) {
if (params.hasOwnProperty (key)) {
var hiddenField = document.createElement ('input');
hiddenField.setAttribute ('type', 'hidden');
hiddenField.setAttribute ('name', key);
hiddenField.setAttribute ('value', params [key]);
form.appendChild (hiddenField);
}
document.body.appendChild (form);
form.submit ();
}
}
function getKazArchive (l, k) {
getURI ("<?php echo $_SERVER ['SCRIPT_NAME']; ?>", {<?php echo A_GET; ?>:l+'~'+k});
}
function getKazFile (l, k) {
window.location.href = "<?php echo $url_base; ?>/f.php?h="+l+"&k="+k;
}
function showLink (l, k) {
alert ("<?php echo $url_base;?>/f.php?h="+l+"&k="+k);
}
function ajaxUpdate (period, hash) {
var xhr = new XMLHttpRequest (); var xhr = new XMLHttpRequest ();
xhr.open ("POST", "<?php echo $_SERVER ['SCRIPT_NAME']; ?>", true); xhr.open ("POST", "<?php echo $_SERVER ['SCRIPT_NAME']; ?>", true);
xhr.setRequestHeader ("Content-Type", "application/x-www-form-urlencoded"); xhr.setRequestHeader ("Content-Type", "application/x-www-form-urlencoded");
xhr.onreadystatechange = function () { xhr.onreadystatechange = function () {
if (this.readyState === XMLHttpRequest.DONE && this.status === 200) { if (this.readyState === XMLHttpRequest.DONE && this.status === 200) {
alert ("refarchez la page"); // XXX updage page alert ("rechargez la page"); // XXX updage page
} }
} }
xhr.send ("<?php echo A_UPDATE; ?>="+period+"&<php ecgo A_HASH; ?>="+hash); xhr.send ("<?php echo A_UPDATE; ?>="+period+"&<php ecgo A_HASH; ?>="+hash);
} }
function rmArchive (f) {
if (!confirm ("Les suppressions sont definitives. Voulez-vous continuer ?"))
return;
getURI ("<?php echo $_SERVER ['SCRIPT_NAME']; ?>", {<?php echo A_DELETE; ?>: f, <?php echo A_SENDER.": '".$sender."', ".A_TOKEN.": '".$token."'"; ?>});
}
</script> </script>
<style type="text/css"><!-- a {text-decoration: none;}
div.frame {border: 1px; border-style: solid; padding: 1em;}
[data-tooltip]:before {position : absolute; content : attr(data-tooltip); opacity : 0; background: yellow; padding: 10px; marging: 1em; transform: translate(10px, 10px);}
[data-tooltip]:hover:before {opacity : 1;}
[data-tooltip]:not([data-tooltip-persistent]):before {pointer-events: none;}
--></style>
<?php <?php
$onChecked=$offChecked='';
if (getTrack ($sender)) if (getTrack ($sender))
$onChecked=' checked="checked"'; $onChecked=' checked="checked"';
else else
$offChecked=' checked="checked"'; $offChecked=' checked="checked"';
echo echo
'<form method="post">'. '<form method="post">'.
"je veux que Kaz suive tous mes futurs envoie : ".
'<input type="hidden" name="'.A_SENDER.'" value="'.$sender.'"/>'. '<input type="hidden" name="'.A_SENDER.'" value="'.$sender.'"/>'.
'<input type="hidden" name="'.A_TOKEN.'" value="'.$token.'"/>'. '<input type="hidden" name="'.A_TOKEN.'" value="'.$token.'"/>'.
'<input type="radio" name="'.A_ACTION.'" value="'.A_RECORD.'on" '.$onChecked.'>oui'. '<input type="radio" name="'.A_ACTION.'" value="'.A_RECORD.'on" '.$onChecked.'>oui '.
'<input type="radio" name="'.A_ACTION.'" value="'.A_RECORD.'off" '.$offChecked.'>non'. '<input type="radio" name="'.A_ACTION.'" value="'.A_RECORD.'off" '.$offChecked.'>non '.
'<input type="submit" value="'."valider".'" />'. '<button type="submit">'."valider".'</button>'.
'</form>'. '</form>'.
'<form method="post">'. '<form method="post">'.
'<input type="hidden" name="'.A_ACTION.'" value="'.T_LOGOUT.'" />'. '<input type="hidden" name="'.A_ACTION.'" value="'.T_LOGOUT.'" />'.
'<input type="hidden" name="'.A_SENDER.'" value="'.$sender.'"/>'. '<input type="hidden" name="'.A_SENDER.'" value="'.$sender.'"/>'.
'<input type="hidden" name="'.A_TOKEN.'" value="'.$token.'"/>'. '<input type="hidden" name="'.A_TOKEN.'" value="'.$token.'"/>'.
'<input type="submit" value="'.M_LOGOUT.'" />'. '<button type="submit">'.M_LOGOUT.'</button>'.
'</form>'; '</form>';
if ($archives) { if ($archives) {
echo
// '<fieldset><legend>archives</legend>'.
'<table width="100%" ><tr><th></th><th>'.t('ACTION').'</th></tr>';
foreach ($archives as $archive_info) { foreach ($archives as $archive_info) {
echo '<tr><td><strong>'.$archive_info [T_TIMESTAMP].'</strong>'; echo
'<div class="frame" width="100%" >';
$la = $archive_info ['link'];
$ka = $archive_info ['key'];
echo
'<a data-tooltip="voir" href="javascript:getKazArchive (\''.$la.'\', \''.$ka.'\');"> &#128065; </a>'.
'<a data-tooltip="voir le lien" href="javascript:showLink (\''.$la.'\', \''.$ka.'\');"> &#128279; </a>'.
'<a data-tooltip="> 1 semaine" href="javascript:showLink (\''.$la.'\', \''.$ka.'\');"> &#128349; </a>'.
'<a data-tooltip="> 1 mois" href="javascript:showLink (\''.$la.'\', \''.$ka.'\');"> &#128350; </a>'.
'<a data-tooltip="> 1 trimestre" href="javascript:showLink (\''.$la.'\', \''.$ka.'\');"> &#128351; </a>'.
'<strong>'.$archive_info [T_TIMESTAMP].'</strong>'.
'<a data-tooltip="supprimer tous" href="javascript:rmArchive (\''.$la.'\', \''.$ka.'\', \'all\');"> &#9760; </a>';
echo '<br/>=> '. ($archive_info ['time'] == -1 ? '∞' : jirafeau_get_datetimefield ($archive_info ['time'])).'<ul>'; echo '<br/>=> '. ($archive_info ['time'] == -1 ? '∞' : jirafeau_get_datetimefield ($archive_info ['time'])).'<ul>';
foreach ([T_NEW, T_OLD] as $cat) { foreach ([T_NEW, T_OLD] as $cat) {
$li_style = $cat == T_NEW ? "font-weight: bold;" : "font-style: italic;"; $li_style = $cat == T_NEW ? "font-weight: bold;" : "font-style: italic;";
@ -658,26 +852,25 @@ if ($archives) {
$link = jirafeau_get_link ($link_name); $link = jirafeau_get_link ($link_name);
if (count ($link) == 0) if (count ($link) == 0)
continue; continue;
$lf = $link_name;
$kf = $link ['key'];
echo echo
'<li style="'.$li_style.'">'.jirafeau_escape ($link ['file_name']). '<li style="'.$li_style.'">'.
'<a data-tooltip="voir" href="javascript:getKazFile (\''.$lf.'\', \''.$kf.'\');"> &#128065; </a>'.
'<a data-tooltip="voir le lien" href="javascript:showLink (\''.$lf.'\', \''.$kf.'\');"> &#128279; </a>'.
'<a data-tooltip="> 1 semaine" href="javascript:showLink (\''.$lf.'\', \''.$kf.'\');"> &#128349; </a>'.
'<a data-tooltip="> 1 mois" href="javascript:showLink (\''.$lf.'\', \''.$kf.'\');"> &#128350; </a>'.
'<a data-tooltip="> 1 trimestre" href="javascript:showLink (\''.$lf.'\', \''.$kf.'\');"> &#128351; </a>'.
jirafeau_escape ($link ['file_name']).
' ('.jirafeau_escape ($link ['mime_type']). ' ('.jirafeau_escape ($link ['mime_type']).
' '.jirafeau_human_size($l['file_size']). ' '.jirafeau_human_size ($link ['file_size']).')';
')</li>'; if ($cat == T_NEW)
echo '<a data-tooltip="supprimer" href="javascript:rmArchive (\''.$la.'\', \''.$ka.'\', \''.$lf.'\');"> &#9760; </a>';
echo'</li>';
} }
} }
$dl_val = $archive_info ['link']."~".$archive_info ['key']; echo '</div>';
echo
'</ul></td><td style="text-align:center;">'.
'<form method="post">'.
'<input type="hidden" name="'.A_GET.'" value="'.$dl_val.'"/>' .
'<input type="submit" value="'.M_DOWNLOAD.'" />' .
'</form>' .
'<form method="post" onSubmit="return false;">' .
'<input type="submit" value="'.M_UPDATE.'" onClick="ajaxUpdate (\'month\', \''.$archive_info ['link'].'\');"/>' .
'</form>'.
'</td></tr>';
} }
echo '</table>';//</fieldset>';
} else } else
echo "Il n'y a aucune information vous concernant."; echo "Il n'y a aucune information vous concernant.";

View File

@ -61,11 +61,13 @@ JIRAFEAU_TIME=month
MD5_CMD=/usr/bin/md5sum MD5_CMD=/usr/bin/md5sum
DISCLAMER_CMD=altermime DISCLAMER_CMD=altermime
MAX_FINAL_SIZE=204800 # 200ki MAX_FINAL_SIZE=204800 # 200ki
ARCHIVE_TITLE="archive_content"
ARCHIVE_MIME="text/kaz_email_archive"
#################### FONCTIONS ############################################ #################### FONCTIONS ############################################
#--------------------- Fichier de LOG ------------------- #--------------------- Fichier de LOG -------------------
LOG_FIC() { LOG_FIC() {
echo "$(date +%d-%m-%Y-%H-%M-%S) : $*" >> "${FIC_LOG}" echo -e "$(date +%d-%m-%Y-%H-%M-%S) : $*" >> "${FIC_LOG}"
} }
#################### MAIN ################################################# #################### MAIN #################################################
@ -76,7 +78,7 @@ mkdir -p "${MAILS}" || { LOG_FIC "impossible de creer ce dossier"; exit "${EX_UN
MAIL_SOURCE=$(echo $@ | awk 'BEGIN{FS=" "} {print $2}') MAIL_SOURCE=$(echo $@ | awk 'BEGIN{FS=" "} {print $2}')
DATE_TEMPS=$(date "+%Y-%m-%d-%H:%M:%S") DATE_TEMPS=$(date "+%Y-%m-%d-%H:%M:%S")
REP_PIECE_JOINTE="${MAILS}/${DATE_TEMPS}_${MAIL_SOURCE}_$$" REP_PIECE_JOINTE="${MAILS}/${DATE_TEMPS}_${MAIL_SOURCE}_$$"
TRACK=$(curl "${JIRAFEAU_URL}/a.php?r=${MAIL_SOURCE}" 2>/dev/null) TRACK=$(curl "${JIRAFEAU_LOCAL}/a.php?r=${MAIL_SOURCE}" 2>/dev/null)
cd "${INSPECT_DIR}" || { echo "${INSPECT_DIR} does not exist"; exit "${EX_TEMPFAIL}"; } cd "${INSPECT_DIR}" || { echo "${INSPECT_DIR} does not exist"; exit "${EX_TEMPFAIL}"; }
# lien renvoyé par le téléverssement # lien renvoyé par le téléverssement
@ -155,13 +157,14 @@ LOG_FIC "${SHRINK_CMD} -s ${MAX_KEEP_IN_MAIL} -d ${REP_PIECE_JOINTE} ${INSPECT_D
rm -f "${ATTACH_TMP_FILE}" rm -f "${ATTACH_TMP_FILE}"
done done
# Création de l'archive # Création de l'archive
NB_ATTCH=$(grep -e "^old: " -e "^new1: " "${ARCHIVE_CONTENT}" | wc -l) NB_ATTACH=$(grep -e "^old: " -e "^new: " "${ARCHIVE_CONTENT}" | wc -l)
if [ -n "${TRACK}" ] || [ "${nb}" -gt 1 ]; then if [ -n "${TRACK}" ] || [ "${NB_ATTACH}" -gt 1 ]; then
PASSWORD=$(apg -n 1 -m 12) PASSWORD=$(apg -n 1 -m 12)
PASSWORD_MD5=$(echo -n ${PASSWORD} | ${MD5_CMD} | cut -d \ -f 1) PASSWORD_MD5=$(echo -n ${PASSWORD} | ${MD5_CMD} | cut -d \ -f 1)
LOG_FIC " - \"${JIRAFEAU_CMD}\" -f \"${JIRAFEAU_LOCAL}\" -s \"${MAX_UPLOAD_SIZE}\" -c \"text/plain\" -n \"archive_content\" send \"${ARCHIVE_CONTENT}\" \"${PASSWORD}\" 2>> \"${FIC_LOG}\" > \"${ONE_LINK}\"" LOG_FIC " - \"${JIRAFEAU_CMD}\" -f \"${JIRAFEAU_LOCAL}\" -s \"${MAX_UPLOAD_SIZE}\" -c \"${ARCHIVE_MIME}\" -n \"${ARCHIVE_TITLE}\" send \"${ARCHIVE_CONTENT}\" \"${PASSWORD}\" 2>> \"${FIC_LOG}\" > \"${ONE_LINK}\""
"${JIRAFEAU_CMD}" -f "${JIRAFEAU_LOCAL}" -s "${MAX_UPLOAD_SIZE}" -c "text/plain" -n "archive_content" send "${ARCHIVE_CONTENT}" "${PASSWORD}" 2>> "${FIC_LOG}" > "${ONE_LINK}" "${JIRAFEAU_CMD}" -f "${JIRAFEAU_LOCAL}" -s "${MAX_UPLOAD_SIZE}" -c "${ARCHIVE_MIME}" -n "${ARCHIVE_TITLE}" send "${ARCHIVE_CONTENT}" "${PASSWORD}" 2>> "${FIC_LOG}" > "${ONE_LINK}"
if [ "${nb}" -gt 1 ]; then fi
if [ "${NB_ATTACH}" -gt 1 ]; then
cat "${ONE_LINK}" | { cat "${ONE_LINK}" | {
read JIR_TOKEN read JIR_TOKEN
read JIR_CODE read JIR_CODE
@ -172,15 +175,15 @@ LOG_FIC "${SHRINK_CMD} -s ${MAX_KEEP_IN_MAIL} -d ${REP_PIECE_JOINTE} ${INSPECT_D
echo "arch: bad" echo "arch: bad"
;; ;;
* ) * )
LOG_FIC " - ajoute de l'archive ${JIRAFEAU_URL}/a.php?g=${JIR_TOKEN}~${PASSWORD_MD5}&s=${MAIL_SOURCE}" LOG_FIC " - ajoute de l'archive ${JIRAFEAU_URL}/a.php?g=${JIR_TOKEN}~${PASSWORD_MD5}"
echo "arch: ${JIRAFEAU_URL}/a.php?g=${JIR_TOKEN}~${PASSWORD_MD5}&s=${MAIL_SOURCE}" echo "arch: ${JIRAFEAU_URL}/a.php?g=${JIR_TOKEN}~${PASSWORD_MD5}"
;; ;;
esac esac
} else }
else
LOG_FIC " - pas d'archive (moins de 2 PJ)" LOG_FIC " - pas d'archive (moins de 2 PJ)"
echo "arch: none" echo "arch: none"
fi fi
fi
# Etape de substitution # Etape de substitution
LOG_FIC "${SHRINK_CMD} -s \"${MAX_KEEP_IN_MAIL}\" \"${INSPECT_DIR}/in.$$\" \"${INSPECT_DIR}/in.$$.altered\" 2>> \"${FIC_LOG}\"" LOG_FIC "${SHRINK_CMD} -s \"${MAX_KEEP_IN_MAIL}\" \"${INSPECT_DIR}/in.$$\" \"${INSPECT_DIR}/in.$$.altered\" 2>> \"${FIC_LOG}\""
} | "${SHRINK_CMD}" -s "${MAX_KEEP_IN_MAIL}" "${INSPECT_DIR}/in.$$" "${INSPECT_DIR}/in.$$.altered" 2>> "${FIC_LOG}" } | "${SHRINK_CMD}" -s "${MAX_KEEP_IN_MAIL}" "${INSPECT_DIR}/in.$$" "${INSPECT_DIR}/in.$$.altered" 2>> "${FIC_LOG}"