[platal.git] / include / xorg.misc.inc.php

<?php
/***************************************************************************
 *  Copyright (C) 2003-2007 Polytechnique.org                              *
 *  http://opensource.polytechnique.org/                                   *
 *                                                                         *
 *  This program is free software; you can redistribute it and/or modify   *
 *  it under the terms of the GNU General Public License as published by   *
 *  the Free Software Foundation; either version 2 of the License, or      *
 *  (at your option) any later version.                                    *
 *                                                                         *
 *  This program is distributed in the hope that it will be useful,        *
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of         *
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the          *
 *  GNU General Public License for more details.                           *
 *                                                                         *
 *  You should have received a copy of the GNU General Public License      *
 *  along with this program; if not, write to the Free Software            *
 *  Foundation, Inc.,                                                      *
 *  59 Temple Place, Suite 330, Boston, MA  02111-1307  USA                *
 ***************************************************************************/

function quoted_printable_encode($input, $line_max = 76) {
    $lines = preg_split("/(?:\r\n|\r|\n)/", $input);
    $eol = "\n";
    $linebreak = "=0D=0A=\n    ";
    $escape = "=";
    $output = "";

    foreach ($lines as $j => $line) {
	$linlen = strlen($line);
	$newline = "";
	for($i = 0; $i < $linlen; $i++) {
	    $c = $line{$i};
	    $dec = ord($c);
	    if ( ($dec == 32) && ($i == ($linlen - 1)) ) {
		// convert space at eol only
		$c = "=20";
	    } elseif ( ($dec == 61) || ($dec < 32 ) || ($dec > 126) ) {
		// always encode "\t", which is *not* required
		$c = $escape.strtoupper(sprintf("%02x",$dec));
	    }
	    if ( (strlen($newline) + strlen($c)) >= $line_max ) { // CRLF is not counted
		$output .= $newline.$escape.$eol;
		$newline = "    ";
	    }
	    $newline .= $c;
	} // end of for
	$output .= $newline;
	if ($j<count($lines)-1) $output .= $linebreak;
    }
    return trim($output);
}

/** v�rifie si une adresse email convient comme adresse de redirection 
 * @param $email l'adresse email a verifier
 * @return BOOL
 */
function isvalid_email_redirection($email) {
    return isvalid_email($email) && 
	!preg_match("/@(polytechnique\.(org|edu)|melix\.(org|net)|m4x\.org)$/", $email);
}

/* Un soundex en fran�ais post� par Fr�d�ric Bouchery
   Voici une adaptation en PHP de la fonction soundex2 francis�e de Fr�d�ric BROUARD (http://sqlpro.developpez.com/Soundex/).
   C'est une bonne d�monstration de la force des expressions r�guli�res compatible Perl.
   trouv� sur http://expreg.com/voirsource.php?id=40&type=Chaines%20de%20caract%E8res */
function soundex_fr($sIn)
{ 
    // Si il n'y a pas de mot, on sort imm�diatement 
    if ( $sIn === '' ) return '    '; 
    // On met tout en minuscule 
    $sIn = strtoupper( $sIn ); 
    // On supprime les accents 
    $sIn = strtr( $sIn, '\ 0�����˼�������', 'AAASEEEEEIIOOUUU' ); 
    // On supprime tout ce qui n'est pas une lettre 
    $sIn = preg_replace( '`[^A-Z]`', '', $sIn ); 
    // Si la cha�ne ne fait qu'un seul caract�re, on sort avec. 
    if ( strlen( $sIn ) === 1 ) return $sIn . '   '; 
    // on remplace les consonnances primaires 
    $convIn = array( 'GUI', 'GUE', 'GA', 'GO', 'GU', 'CA', 'CO', 'CU', 'Q', 'CC', 'CK' ); 
    $convOut = array( 'KI', 'KE', 'KA', 'KO', 'K', 'KA', 'KO', 'KU', 'K', 'K', 'K' ); 
    $sIn = str_replace( $convIn, $convOut, $sIn ); 
    // on remplace les voyelles sauf le Y et sauf la premi�re par A 
    $sIn = preg_replace( '`(?<!^)[EIOU]`', 'A', $sIn ); 
    // on remplace les pr�fixes puis on conserve la premi�re lettre 
    // et on fait les remplacements compl�mentaires 
    $convIn = array( '`^KN`', '`^(PH|PF)`', '`^MAC`', '`^SCH`', '`^ASA`', '`(?<!^)KN`', '`(?<!^)(PH|PF)`', '`(?<!^)MAC`', '`(?<!^)SCH`', '`(?<!^)ASA`' ); 
    $convOut = array( 'NN', 'FF', 'MCC', 'SSS', 'AZA', 'NN', 'FF', 'MCC', 'SSS', 'AZA' ); 
    $sIn = preg_replace( $convIn, $convOut, $sIn ); 
    // suppression des H sauf CH ou SH 
    $sIn = preg_replace( '`(?<![CS])H`', '', $sIn ); 
    // suppression des Y sauf pr�c�d�s d'un A 
    $sIn = preg_replace( '`(?<!A)Y`', '', $sIn ); 
    // on supprime les terminaisons A, T, D, S 
    $sIn = preg_replace( '`[ATDS]$`', '', $sIn ); 
    // suppression de tous les A sauf en t�te 
    $sIn = preg_replace( '`(?!^)A`', '', $sIn ); 
    // on supprime les lettres r�p�titives 
    $sIn = preg_replace( '`(.)\1`', '$1', $sIn ); 
    // on ne retient que 4 caract�res ou on compl�te avec des blancs 
    return substr( $sIn . '    ', 0, 4); 
}

function make_forlife($prenom,$nom,$promo) {
    $prenomUS = replace_accent(trim($prenom));
    $nomUS    = replace_accent(trim($nom));

    $forlife = strtolower($prenomUS.".".$nomUS.".".$promo);
    $forlife = str_replace(" ","-",$forlife);
    $forlife = str_replace("'","",$forlife);
    return $forlife;
}

function check_ip($level)
{
    if (empty($_SERVER['REMOTE_ADDR'])) {
        return false;
    }
    if (empty($_SESSION['check_ip'])) {
        $ips = array();
        if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
            $ips = explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']);
        }
        $ips[] = $_SERVER['REMOTE_ADDR'];
        foreach ($ips as &$ip) {
            $ip = "ip='$ip'";
        }
        $res = XDB::query('SELECT state
                             FROM ip_watch
                            WHERE ' . implode(' OR ', $ips) . '
                         ORDER BY state DESC');
        if ($res->numRows()) {
            $_SESSION['check_ip'] = $res->fetchOneCell();
        } else {
            $_SESSION['check_ip'] = 'safe';
        }
    }
    $test = array();
    switch ($level) {
      case 'unsafe': $test[] = 'unsafe';
      case 'dangerous': $test[] = 'dangerous';
      case 'ban': $test[] = 'ban'; break;
      default: return false;
    }
    return in_array($_SESSION['check_ip'], $test);
}

function check_email($email, $message)
{
    $res = XDB::query("SELECT state, description
                         FROM emails_watch
                        WHERE state != 'safe' AND email = {?}", $email);
    if ($res->numRows()) {
        send_warning_mail($message);
        return true;
    }
    return false;
}

function check_redirect($red = null)
{
    require_once 'emails.inc.php';
    if (is_null($red)) {
        $red = new Redirect(S::v('uid'));
    }    
    $_SESSION['no_redirect'] = !$red->other_active('');
    $_SESSION['mx_failures'] = $red->get_broken_mx();
    
}

function send_warning_mail($title)
{
    $mailer = new PlMailer();
    $mailer->setFrom("webmaster@polytechnique.org");
    $mailer->addTo("hotliners@staff.polytechnique.org");
    $mailer->setSubject("[Plat/al Security Alert] $title");
    $mailer->setTxtBody("Identifiants de session :\n" . var_export($_SESSION, true) . "\n\n"
                       ."Identifiants de connexion :\n" . var_export($_SERVER, true));
    $mailer->send(); 
}

?>
Commit	Line	Data
0337d704	1	<?php
0337d704	2	/***************************************************************************
5ddeb07c	3	* Copyright (C) 2003-2007 Polytechnique.org *
0337d704	4	* http://opensource.polytechnique.org/ *
	5	* *
	6	* This program is free software; you can redistribute it and/or modify *
	7	* it under the terms of the GNU General Public License as published by *
	8	* the Free Software Foundation; either version 2 of the License, or *
	9	* (at your option) any later version. *
	10	* *
	11	* This program is distributed in the hope that it will be useful, *
	12	* but WITHOUT ANY WARRANTY; without even the implied warranty of *
	13	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
	14	* GNU General Public License for more details. *
	15	* *
	16	* You should have received a copy of the GNU General Public License *
	17	* along with this program; if not, write to the Free Software *
	18	* Foundation, Inc., *
	19	* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
	20	***************************************************************************/
	21
	22	function quoted_printable_encode($input, $line_max = 76) {
	23	$lines = preg_split("/(?:\r\n\|\r\|\n)/", $input);
	24	$eol = "\n";
	25	$linebreak = "=0D=0A=\n ";
	26	$escape = "=";
	27	$output = "";
	28
	29	foreach ($lines as $j => $line) {
	30	$linlen = strlen($line);
	31	$newline = "";
	32	for($i = 0; $i < $linlen; $i++) {
	33	$c = $line{$i};
	34	$dec = ord($c);
	35	if ( ($dec == 32) && ($i == ($linlen - 1)) ) {
	36	// convert space at eol only
	37	$c = "=20";
	38	} elseif ( ($dec == 61) \|\| ($dec < 32 ) \|\| ($dec > 126) ) {
	39	// always encode "\t", which is not required
	40	$c = $escape.strtoupper(sprintf("%02x",$dec));
	41	}
	42	if ( (strlen($newline) + strlen($c)) >= $line_max ) { // CRLF is not counted
	43	$output .= $newline.$escape.$eol;
	44	$newline = " ";
	45	}
	46	$newline .= $c;
	47	} // end of for
	48	$output .= $newline;
	49	if ($j<count($lines)-1) $output .= $linebreak;
	50	}
	51	return trim($output);
	52	}
	53
	54	/** v�rifie si une adresse email convient comme adresse de redirection
	55	* @param $email l'adresse email a verifier
	56	* @return BOOL
	57	*/
	58	function isvalid_email_redirection($email) {
	59	return isvalid_email($email) &&
	60	!preg_match("/@(polytechnique\.(org\|edu)\|melix\.(org\|net)\|m4x\.org)$/", $email);
	61	}
	62
	63	/* Un soundex en fran�ais post� par Fr�d�ric Bouchery
	64	Voici une adaptation en PHP de la fonction soundex2 francis�e de Fr�d�ric BROUARD (http://sqlpro.developpez.com/Soundex/).
	65	C'est une bonne d�monstration de la force des expressions r�guli�res compatible Perl.
	66	trouv� sur http://expreg.com/voirsource.php?id=40&type=Chaines%20de%20caract%E8res */
	67	function soundex_fr($sIn)
68	{
69	// Si il n'y a pas de mot, on sort imm�diatement
70	if ( $sIn === '' ) return ' ';
71	// On met tout en minuscule
72	$sIn = strtoupper( $sIn );
73	// On supprime les accents
74	$sIn = strtr( $sIn, '\ 0��˼��', 'AAASEEEEEIIOOUUU' );
75	// On supprime tout ce qui n'est pas une lettre
76	$sIn = preg_replace( '`[^A-Z]`', '', $sIn );
77	// Si la cha�ne ne fait qu'un seul caract�re, on sort avec.
78	if ( strlen( $sIn ) === 1 ) return $sIn . ' ';
79	// on remplace les consonnances primaires
80	$convIn = array( 'GUI', 'GUE', 'GA', 'GO', 'GU', 'CA', 'CO', 'CU', 'Q', 'CC', 'CK' );
81	$convOut = array( 'KI', 'KE', 'KA', 'KO', 'K', 'KA', 'KO', 'KU', 'K', 'K', 'K' );
82	$sIn = str_replace( $convIn, $convOut, $sIn );
83	// on remplace les voyelles sauf le Y et sauf la premi�re par A
84	$sIn = preg_replace( '`(?<!^)[EIOU]`', 'A', $sIn );
85	// on remplace les pr�fixes puis on conserve la premi�re lettre
86	// et on fait les remplacements compl�mentaires
87	$convIn = array( '`^KN`', '`^(PH\|PF)`', '`^MAC`', '`^SCH`', '`^ASA`', '`(?<!^)KN`', '`(?<!^)(PH\|PF)`', '`(?<!^)MAC`', '`(?<!^)SCH`', '`(?<!^)ASA`' );
88	$convOut = array( 'NN', 'FF', 'MCC', 'SSS', 'AZA', 'NN', 'FF', 'MCC', 'SSS', 'AZA' );
89	$sIn = preg_replace( $convIn, $convOut, $sIn );
90	// suppression des H sauf CH ou SH
91	$sIn = preg_replace( '`(?<![CS])H`', '', $sIn );
92	// suppression des Y sauf pr�c�d�s d'un A
93	$sIn = preg_replace( '`(?<!A)Y`', '', $sIn );
94	// on supprime les terminaisons A, T, D, S
95	$sIn = preg_replace( '`[ATDS]$`', '', $sIn );
96	// suppression de tous les A sauf en t�te
97	$sIn = preg_replace( '`(?!^)A`', '', $sIn );
98	// on supprime les lettres r�p�titives
99	$sIn = preg_replace( '`(.)\1`', '$1', $sIn );
100	// on ne retient que 4 caract�res ou on compl�te avec des blancs
101	return substr( $sIn . ' ', 0, 4);
102	}
103
104	function make_forlife($prenom,$nom,$promo) {
105	$prenomUS = replace_accent(trim($prenom));
106	$nomUS = replace_accent(trim($nom));
107
108	$forlife = strtolower($prenomUS.".".$nomUS.".".$promo);
109	$forlife = str_replace(" ","-",$forlife);
110	$forlife = str_replace("'","",$forlife);
111	return $forlife;
112	}
5480a216	113
5480a216	114	function check_ip($level)
a2446af5	115	{
a2446af5	116	if (empty($_SERVER['REMOTE_ADDR'])) {
e76421d8	117	return false;
8f61b4d5	118	}
8f61b4d5	119	if (empty($_SESSION['check_ip'])) {
e76421d8	120	$ips = array();
	121	if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
	122	$ips = explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']);
	123	}
	124	$ips[] = $_SERVER['REMOTE_ADDR'];
	125	foreach ($ips as &$ip) {
	126	$ip = "ip='$ip'";
	127	}
	128	$res = XDB::query('SELECT state
	129	FROM ip_watch
	130	WHERE ' . implode(' OR ', $ips) . '
	131	ORDER BY state DESC');
8f61b4d5	132	if ($res->numRows()) {
	133	$_SESSION['check_ip'] = $res->fetchOneCell();
	134	} else {
	135	$_SESSION['check_ip'] = 'safe';
	136	}
	137	}
5480a216	138	$test = array();
5480a216	139	switch ($level) {
8f61b4d5	140	case 'unsafe': $test[] = 'unsafe';
	141	case 'dangerous': $test[] = 'dangerous';
	142	case 'ban': $test[] = 'ban'; break;
5480a216	143	default: return false;
5480a216	144	}
8f61b4d5	145	return in_array($_SESSION['check_ip'], $test);
5480a216	146	}
5480a216	147
0d693e2f	148	function check_email($email, $message)
	149	{
	150	$res = XDB::query("SELECT state, description
	151	FROM emails_watch
	152	WHERE state != 'safe' AND email = {?}", $email);
	153	if ($res->numRows()) {
	154	send_warning_mail($message);
	155	return true;
	156	}
	157	return false;
	158	}
	159
ccdbc270	160	function check_redirect($red = null)
	161	{
	162	require_once 'emails.inc.php';
	163	if (is_null($red)) {
	164	$red = new Redirect(S::v('uid'));
	165	}
	166	$_SESSION['no_redirect'] = !$red->other_active('');
	167	$_SESSION['mx_failures'] = $red->get_broken_mx();
	168
	169	}
	170
5480a216	171	function send_warning_mail($title)
	172	{
	173	$mailer = new PlMailer();
	174	$mailer->setFrom("webmaster@polytechnique.org");
dbede442	175	$mailer->addTo("hotliners@staff.polytechnique.org");
2efe5355	176	$mailer->setSubject("[Plat/al Security Alert] $title");
5480a216	177	$mailer->setTxtBody("Identifiants de session :\n" . var_export($_SESSION, true) . "\n\n"
	178	."Identifiants de connexion :\n" . var_export($_SERVER, true));
	179	$mailer->send();
	180	}
	181
0337d704	182	?>