projects / platal.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Improves Banana profile form behavious and use FlagSet to store the flags.
[platal.git] / include / xorg.misc.inc.php
1 <?php
2 /***************************************************************************
3 * Copyright (C) 2003-2008 Polytechnique.org *
4 * http://opensource.polytechnique.org/ *
5 * *
6 * This program is free software; you can redistribute it and/or modify *
7 * it under the terms of the GNU General Public License as published by *
8 * the Free Software Foundation; either version 2 of the License, or *
9 * (at your option) any later version. *
10 * *
11 * This program is distributed in the hope that it will be useful, *
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
14 * GNU General Public License for more details. *
15 * *
16 * You should have received a copy of the GNU General Public License *
17 * along with this program; if not, write to the Free Software *
18 * Foundation, Inc., *
19 * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
20 ***************************************************************************/
21
22 function quoted_printable_encode($input, $line_max = 76)
23 {
24 $lines = preg_split("/(?:\r\n|\r|\n)/", $input);
25 $eol = "\n";
26 $linebreak = "=0D=0A=\n ";
27 $escape = "=";
28 $output = "";
29
30 foreach ($lines as $j => $line) {
31 $linlen = strlen($line);
32 $newline = "";
33 for($i = 0; $i < $linlen; $i++) {
34 $c = $line{$i};
35 $dec = ord($c);
36 if ( ($dec == 32) && ($i == ($linlen - 1)) ) {
37 // convert space at eol only
38 $c = "=20";
39 } elseif ( ($dec == 61) || ($dec < 32 ) || ($dec > 126) ) {
40 // always encode "\t", which is *not* required
41 $c = $escape.strtoupper(sprintf("%02x",$dec));
42 }
43 if ( (strlen($newline) + strlen($c)) >= $line_max ) { // CRLF is not counted
44 $output .= $newline.$escape.$eol;
45 $newline = " ";
46 }
47 $newline .= $c;
48 } // end of for
49 $output .= $newline;
50 if ($j<count($lines)-1) $output .= $linebreak;
51 }
52 return trim($output);
53 }
54
55 /** vérifie si une adresse email convient comme adresse de redirection
56 * @param $email l'adresse email a verifier
57 * @return BOOL
58 */
59 function isvalid_email_redirection($email)
60 {
61 return isvalid_email($email) &&
62 !preg_match("/@(polytechnique\.(org|edu)|melix\.(org|net)|m4x\.org)$/", $email);
63 }
64
65 /** genere une chaine aleatoire de 22 caracteres ou moins
66 * @param $len longueur souhaitée, 22 par défaut
67 * @return la chaine aleatoire qui contient les caractères [A-Za-z0-9+/]
68 */
69 function rand_token($len = 22)
70 {
71 $len = max(2, $len);
72 $len = min(50, $len);
73 $fp = fopen('/dev/urandom', 'r');
74 // $len * 2 is certainly an overkill,
75 // but HEY, reading 40 bytes from /dev/urandom is not that slow !
76 $token = fread($fp, $len * 2);
77 fclose($fp);
78 $token = base64_encode($token);
79 $token = preg_replace("![Il10O+/]!", "", $token);
80 $token = substr($token,0,$len);
81 return $token;
82 }
83
84 /** genere une chaine aleatoire convenable pour une url
85 * @param $len longueur souhaitée, 22 par défaut
86 * @return la chaine aleatoire
87 */
88 function rand_url_id($len = 22)
89 {
90 return rand_token($len);
91 }
92
93
94 /** genere une chaine aleatoire convenable pour un mot de passe
95 * @return la chaine aleatoire
96 */
97 function rand_pass()
98 {
99 return rand_token(8);
100 }
101
102 /** Remove accent from a string and replace them by the nearest letter
103 */
104 global $lc_convert, $uc_convert;
105 $lc_convert = array('é' => 'e', 'è' => 'e', 'ë' => 'e', 'ê' => 'e',
106 'á' => 'a', 'à' => 'a', 'ä' => 'a', 'â' => 'a', 'å' => 'a', 'ã' => 'a',
107 'ï' => 'i', 'î' => 'i', 'ì' => 'i', 'í' => 'i',
108 'ô' => 'o', 'ö' => 'o', 'ò' => 'o', 'ó' => 'o', 'õ' => 'o', 'ø' => 'o',
109 'ú' => 'u', 'ù' => 'u', 'û' => 'u', 'ü' => 'u',
110 'ç' => 'c', 'ñ' => 'n');
111 $uc_convert = array('É' => 'E', 'È' => 'E', 'Ë' => 'E', 'Ê' => 'E',
112 'Á' => 'A', 'À' => 'A', 'Ä' => 'A', 'Â' => 'A', 'Å' => 'A', 'Ã' => 'A',
113 'Ï' => 'I', 'Î' => 'I', 'Ì' => 'I', 'Í' => 'I',
114 'Ô' => 'O', 'Ö' => 'O', 'Ò' => 'O', 'Ó' => 'O', 'Õ' => 'O', 'Ø' => 'O',
115 'Ú' => 'U', 'Ù' => 'U', 'Û' => 'U', 'Ü' => 'U',
116 'Ç' => 'C', 'Ñ' => 'N');
117
118 function replace_accent($string)
119 {
120 global $lc_convert, $uc_convert;
121 $string = strtr($string, $lc_convert);
122 return strtr($string, $uc_convert);
123 }
124
125 /** creates a username from a first and last name
126 *
127 * @param $prenom the firstname
128 * @param $nom the last name
129 *
130 * return STRING the corresponding username
131 */
132 function make_username($prenom,$nom)
133 {
134 /* on traite le prenom */
135 $prenomUS=replace_accent(trim($prenom));
136 $prenomUS=stripslashes($prenomUS);
137
138 /* on traite le nom */
139 $nomUS=replace_accent(trim($nom));
140 $nomUS=stripslashes($nomUS);
141
142 // calcul du login
143 $username = strtolower($prenomUS.".".$nomUS);
144 $username = str_replace(" ","-",$username);
145 $username = str_replace("'","",$username);
146 return $username;
147 }
148
149 /* Un soundex en français posté par Frédéric Bouchery
150 Voici une adaptation en PHP de la fonction soundex2 francisée de Frédéric BROUARD (http://sqlpro.developpez.com/Soundex/).
151 C'est une bonne démonstration de la force des expressions régulières compatible Perl.
152 trouvé sur http://expreg.com/voirsource.php?id=40&type=Chaines%20de%20caract%E8res */
153 function soundex_fr($sIn)
154 {
155 static $convVIn, $convVOut, $convGuIn, $convGuOut, $accents;
156 if (!isset($convGuIn)) {
157 global $uc_convert, $lc_convert;
158 $convGuIn = array( 'GUI', 'GUE', 'GA', 'GO', 'GU', 'SCI', 'SCE', 'SC', 'CA', 'CO',
159 'CU', 'QU', 'Q', 'CC', 'CK', 'G', 'ST', 'PH');
160 $convGuOut = array( 'KI', 'KE', 'KA', 'KO', 'K', 'SI', 'SE', 'SK', 'KA', 'KO',
161 'KU', 'K', 'K', 'K', 'K', 'J', 'T', 'F');
162 $convVIn = array( '/E?(AU)/', '/([EA])?[UI]([NM])([^EAIOUY]|$)/', '/[AE]O?[NM]([^AEIOUY]|$)/',
163 '/[EA][IY]([NM]?[^NM]|$)/', '/(^|[^OEUIA])(OEU|OE|EU)([^OEUIA]|$)/', '/OI/',
164 '/(ILLE?|I)/', '/O(U|W)/', '/O[NM]($|[^EAOUIY])/', '/(SC|S|C)H/',
165 '/([^AEIOUY1])[^AEIOUYLKTPNR]([UAO])([^AEIOUY])/', '/([^AEIOUY]|^)([AUO])[^AEIOUYLKTP]([^AEIOUY1])/', '/^KN/',
166 '/^PF/', '/C([^AEIOUY]|$)/',
167 '/C/', '/Z$/', '/(?<!^)Z+/', '/ER$/', '/H/', '/W/');
168 $convVOut = array( 'O', '1\3', 'A\1',
169 'E\1', '\1E\3', 'O',
170 'Y', 'U', 'O\1', '9',
171 '\1\2\3', '\1\2\3', 'N',
172 'F', 'K\1',
173 'S', 'SE', 'S', 'E', '', 'V');
174 $accents = $uc_convert + $lc_convert;
175 $accents['Ç'] = 'S';
176 $accents['¿'] = 'E';
177 }
178 // Si il n'y a pas de mot, on sort immédiatement
179 if ( $sIn === '' ) return ' ';
180 // On supprime les accents
181 $sIn = strtr( $sIn, $accents);
182 // On met tout en minuscule
183 $sIn = strtoupper( $sIn );
184 // On supprime tout ce qui n'est pas une lettre
185 $sIn = preg_replace( '`[^A-Z]`', '', $sIn );
186 // Si la chaîne ne fait qu'un seul caractère, on sort avec.
187 if ( strlen( $sIn ) === 1 ) return $sIn . ' ';
188 // on remplace les consonnances primaires
189 $sIn = str_replace( $convGuIn, $convGuOut, $sIn );
190 // on supprime les lettres répétitives
191 $sIn = preg_replace( '`(.)\1`', '$1', $sIn );
192 // on réinterprète les voyelles
193 $sIn = preg_replace( $convVIn, $convVOut, $sIn);
194 // on supprime les terminaisons T, D, S, X (et le L qui précède si existe)
195 $sIn = preg_replace( '`L?[TDX]S?$`', '', $sIn );
196 // on supprime les E, A et Y qui ne sont pas en première position
197 $sIn = preg_replace( '`(?!^)Y([^AEOU]|$)`', '\1', $sIn);
198 $sIn = preg_replace( '`(?!^)[EA]`', '', $sIn);
199 return substr( $sIn . ' ', 0, 4);
200 }
201
202 /** met les majuscules au debut de chaque atome du prénom
203 * @param $prenom le prénom à formater
204 * return STRING le prénom avec les majuscules
205 */
206 function make_firstname_case($prenom)
207 {
208 $prenom = strtolower($prenom);
209 $pieces = explode('-',$prenom);
210
211 foreach ($pieces as $piece) {
212 $subpieces = explode("'",$piece);
213 $usubpieces="";
214 foreach ($subpieces as $subpiece)
215 $usubpieces[] = ucwords($subpiece);
216 $upieces[] = implode("'",$usubpieces);
217 }
218 return implode('-',$upieces);
219 }
220
221
222 function make_forlife($prenom, $nom, $promo)
223 {
224 $prenomUS = replace_accent(trim($prenom));
225 $nomUS = replace_accent(trim($nom));
226
227 $forlife = strtolower($prenomUS.".".$nomUS.".".$promo);
228 $forlife = str_replace(" ","-",$forlife);
229 $forlife = str_replace("'","",$forlife);
230 return $forlife;
231 }
232
233 /** Convert ip to uint (to store it in a database)
234 */
235 function ip_to_uint($ip)
236 {
237 $part = explode('.', $ip);
238 if (count($part) != 4) {
239 return null;
240 }
241 $v = 0;
242 $fact = 0x1000000;
243 for ($i = 0 ; $i < 4 ; ++$i) {
244 $v += $fact * $part[$i];
245 $fact >>= 8;
246 }
247 return $v;
248 }
249
250 /** Convert uint to ip (to build a human understandable ip)
251 */
252 function uint_to_ip($uint)
253 {
254 return long2ip($uint);
255 }
256
257
258 /******************************************************************************
259 * Security functions
260 *****************************************************************************/
261
262 function check_ip($level)
263 {
264 if (empty($_SERVER['REMOTE_ADDR'])) {
265 return false;
266 }
267 if (empty($_SESSION['check_ip'])) {
268 $ips = array();
269 if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
270 $ips = explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']);
271 }
272 $ips[] = $_SERVER['REMOTE_ADDR'];
273 foreach ($ips as &$ip) {
274 $ip = '(ip & mask) = (' . ip_to_uint($ip) . '& mask)';
275 }
276 $res = XDB::query('SELECT state, description
277 FROM ip_watch
278 WHERE ' . implode(' OR ', $ips) . '
279 ORDER BY state DESC');
280 if ($res->numRows()) {
281 $state = $res->fetchOneAssoc();
282 $_SESSION['check_ip'] = $state['state'];
283 $_SESSION['check_ip_desc'] = $state['description'];
284 } else {
285 $_SESSION['check_ip'] = 'safe';
286 }
287 }
288 $test = array();
289 switch ($level) {
290 case 'unsafe': $test[] = 'unsafe';
291 case 'dangerous': $test[] = 'dangerous';
292 case 'ban': $test[] = 'ban'; break;
293 default: return false;
294 }
295 return in_array($_SESSION['check_ip'], $test);
296 }
297
298 function check_email($email, $message)
299 {
300 $res = XDB::query("SELECT state, description
301 FROM emails_watch
302 WHERE state != 'safe' AND email = {?}", $email);
303 if ($res->numRows()) {
304 send_warning_mail($message);
305 return true;
306 }
307 return false;
308 }
309
310 function check_account()
311 {
312 return S::v('watch_account');
313 }
314
315 function check_redirect($red = null)
316 {
317 require_once 'emails.inc.php';
318 if (is_null($red)) {
319 $red = new Redirect(S::v('uid'));
320 }
321 if ($red->get_uid() == S::v('uid')) {
322 $_SESSION['no_redirect'] = !$red->other_active('');
323 $_SESSION['mx_failures'] = $red->get_broken_mx();
324 }
325 }
326
327 function send_warning_mail($title)
328 {
329 global $globals;
330 $mailer = new PlMailer();
331 $mailer->setFrom("webmaster@" . $globals->mail->domain);
332 $mailer->addTo($globals->core->admin_email);
333 $mailer->setSubject("[Plat/al Security Alert] $title");
334 $mailer->setTxtBody("Identifiants de session :\n" . var_export($_SESSION, true) . "\n\n"
335 ."Identifiants de connexion :\n" . var_export($_SERVER, true));
336 $mailer->send();
337 }
338
339 function kill_sessions()
340 {
341 assert(S::has_perms());
342 shell_exec('sudo -u root ' . dirname(dirname(__FILE__)) . '/bin/kill_sessions.sh');
343 }
344
345
346 /******************************************************************************
347 * Dynamic configuration update/edition stuff
348 *****************************************************************************/
349
350 function update_NbIns()
351 {
352 global $globals;
353 $res = XDB::query("SELECT COUNT(*)
354 FROM auth_user_md5
355 WHERE perms IN ('admin','user') AND deces=0");
356 $cnt = $res->fetchOneCell();
357 $globals->change_dynamic_config(array('NbIns' => $cnt));
358 }
359
360 function update_NbValid()
361 {
362 global $globals;
363 $res = XDB::query("SELECT COUNT(*)
364 FROM requests");
365 $globals->change_dynamic_config(array('NbValid' => $res->fetchOneCell()));
366 }
367
368 function update_NbNotifs()
369 {
370 require_once 'notifs.inc.php';
371 $n = select_notifs(false, S::i('uid'), S::v('watch_last'), false);
372 $_SESSION['notifs'] = $n->numRows();
373 }
374
375 // vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
376 ?>
plat/al