X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;f=include%2Fxorg.misc.inc.php;h=c0afbad47b24cdf98429addf2c1a2b6de365eaac;hb=9797734d81089ee75f6fa3e855d48b9a9bc5523a;hp=1dad772d0564cadc6f26ecfc2ee0d7bf4c308fb4;hpb=e76421d8190c87d81d42df45d662eeb7a5f7fd18;p=platal.git diff --git a/include/xorg.misc.inc.php b/include/xorg.misc.inc.php index 1dad772..c0afbad 100644 --- a/include/xorg.misc.inc.php +++ b/include/xorg.misc.inc.php @@ -1,6 +1,6 @@ $line) { - $linlen = strlen($line); - $newline = ""; - for($i = 0; $i < $linlen; $i++) { - $c = $line{$i}; - $dec = ord($c); - if ( ($dec == 32) && ($i == ($linlen - 1)) ) { - // convert space at eol only - $c = "=20"; - } elseif ( ($dec == 61) || ($dec < 32 ) || ($dec > 126) ) { - // always encode "\t", which is *not* required - $c = $escape.strtoupper(sprintf("%02x",$dec)); - } - if ( (strlen($newline) + strlen($c)) >= $line_max ) { // CRLF is not counted - $output .= $newline.$escape.$eol; - $newline = " "; - } - $newline .= $c; - } // end of for - $output .= $newline; - if ($j 126) ) { + // always encode "\t", which is *not* required + $c = $escape.strtoupper(sprintf("%02x",$dec)); + } + if ( (strlen($newline) + strlen($c)) >= $line_max ) { // CRLF is not counted + $output .= $newline.$escape.$eol; + $newline = " "; + } + $newline .= $c; + } // end of for + $output .= $newline; + if ($j 'e', 'è' => 'e', 'ë' => 'e', 'ê' => 'e', + 'á' => 'a', 'à' => 'a', 'ä' => 'a', 'â' => 'a', 'Ã¥' => 'a', 'ã' => 'a', + 'ï' => 'i', 'î' => 'i', 'ì' => 'i', 'í' => 'i', + 'ô' => 'o', 'ö' => 'o', 'ò' => 'o', 'ó' => 'o', 'õ' => 'o', 'ø' => 'o', + 'ú' => 'u', 'ù' => 'u', 'û' => 'u', 'ü' => 'u', + 'ç' => 'c', 'ñ' => 'n'); +$uc_convert = array('É' => 'E', 'È' => 'E', 'Ë' => 'E', 'Ê' => 'E', + 'Á' => 'A', 'À' => 'A', 'Ä' => 'A', 'Â' => 'A', 'Å' => 'A', 'Ã' => 'A', + 'Ï' => 'I', 'Î' => 'I', 'Ì' => 'I', 'Í' => 'I', + 'Ô' => 'O', 'Ö' => 'O', 'Ò' => 'O', 'Ó' => 'O', 'Õ' => 'O', 'Ø' => 'O', + 'Ú' => 'U', 'Ù' => 'U', 'Û' => 'U', 'Ü' => 'U', + 'Ç' => 'C', 'Ñ' => 'N'); + +function replace_accent($string) +{ + global $lc_convert, $uc_convert; + $string = strtr($string, $lc_convert); + return strtr($string, $uc_convert); +} + +/** creates a username from a first and last name + * + * @param $prenom the firstname + * @param $nom the last name + * + * return STRING the corresponding username + */ +function make_username($prenom,$nom) +{ + /* on traite le prenom */ + $prenomUS=replace_accent(trim($prenom)); + $prenomUS=stripslashes($prenomUS); + + /* on traite le nom */ + $nomUS=replace_accent(trim($nom)); + $nomUS=stripslashes($nomUS); + + // calcul du login + $username = strtolower($prenomUS.".".$nomUS); + $username = str_replace(" ","-",$username); + $username = str_replace("'","",$username); + return $username; } -/* Un soundex en français posté par Frédéric Bouchery - Voici une adaptation en PHP de la fonction soundex2 francisée de Frédéric BROUARD (http://sqlpro.developpez.com/Soundex/). - C'est une bonne démonstration de la force des expressions régulières compatible Perl. - trouvé sur http://expreg.com/voirsource.php?id=40&type=Chaines%20de%20caract%E8res */ +/* Un soundex en français posté par Frédéric Bouchery + Voici une adaptation en PHP de la fonction soundex2 francisée de Frédéric BROUARD (http://sqlpro.developpez.com/Soundex/). + C'est une bonne démonstration de la force des expressions régulières compatible Perl. +trouvé sur http://expreg.com/voirsource.php?id=40&type=Chaines%20de%20caract%E8res */ function soundex_fr($sIn) -{ - // Si il n'y a pas de mot, on sort immédiatement - if ( $sIn === '' ) return ' '; - // On met tout en minuscule - $sIn = strtoupper( $sIn ); - // On supprime les accents - $sIn = strtr( $sIn, 'ÂÄÀÇÈÉÊ˼ÎÏÔÖÙÛÜ', 'AAASEEEEEIIOOUUU' ); - // On supprime tout ce qui n'est pas une lettre - $sIn = preg_replace( '`[^A-Z]`', '', $sIn ); - // Si la chaîne ne fait qu'un seul caractère, on sort avec. - if ( strlen( $sIn ) === 1 ) return $sIn . ' '; - // on remplace les consonnances primaires - $convIn = array( 'GUI', 'GUE', 'GA', 'GO', 'GU', 'CA', 'CO', 'CU', 'Q', 'CC', 'CK' ); - $convOut = array( 'KI', 'KE', 'KA', 'KO', 'K', 'KA', 'KO', 'KU', 'K', 'K', 'K' ); - $sIn = str_replace( $convIn, $convOut, $sIn ); - // on remplace les voyelles sauf le Y et sauf la première par A - $sIn = preg_replace( '`(?>= 8; + } + return $v; +} + +/** Convert uint to ip (to build a human understandable ip) + */ +function uint_to_ip($uint) +{ + return sprintf('%d.%d.%d.%d', ($uint / 16777216) % 0xff, + ($uint / 65536) & 0xff, + ($uint / 256) & 0xff, + ($uint / 1.0) & 0xff); +} + + +/****************************************************************************** + * Security functions + *****************************************************************************/ + function check_ip($level) { if (empty($_SERVER['REMOTE_ADDR'])) { @@ -123,12 +269,12 @@ function check_ip($level) } $ips[] = $_SERVER['REMOTE_ADDR']; foreach ($ips as &$ip) { - $ip = "ip='$ip'"; + $ip = "ip = " . ip_to_uint($ip); } - $res = XDB::query('SELECT state - FROM ip_watch - WHERE ' . implode(' OR ', $ips) . ' - ORDER BY state DESC'); + $res = XDB::query('SELECT state + FROM ip_watch + WHERE ' . implode(' OR ', $ips) . ' + ORDER BY state DESC'); if ($res->numRows()) { $_SESSION['check_ip'] = $res->fetchOneCell(); } else { @@ -148,8 +294,8 @@ function check_ip($level) function check_email($email, $message) { $res = XDB::query("SELECT state, description - FROM emails_watch - WHERE state != 'safe' AND email = {?}", $email); + FROM emails_watch + WHERE state != 'safe' AND email = {?}", $email); if ($res->numRows()) { send_warning_mail($message); return true; @@ -157,26 +303,62 @@ function check_email($email, $message) return false; } +function check_account() +{ + return S::v('watch_account'); +} + function check_redirect($red = null) { require_once 'emails.inc.php'; if (is_null($red)) { $red = new Redirect(S::v('uid')); - } + } $_SESSION['no_redirect'] = !$red->other_active(''); $_SESSION['mx_failures'] = $red->get_broken_mx(); - } function send_warning_mail($title) { + global $globals; $mailer = new PlMailer(); - $mailer->setFrom("webmaster@polytechnique.org"); - $mailer->addTo("hotliners@staff.polytechnique.org"); + $mailer->setFrom("webmaster@" . $globals->mail->domain); + $mailer->addTo($globals->core->admin_email); $mailer->setSubject("[Plat/al Security Alert] $title"); $mailer->setTxtBody("Identifiants de session :\n" . var_export($_SESSION, true) . "\n\n" - ."Identifiants de connexion :\n" . var_export($_SERVER, true)); - $mailer->send(); + ."Identifiants de connexion :\n" . var_export($_SERVER, true)); + $mailer->send(); +} + + +/****************************************************************************** + * Dynamic configuration update/edition stuff + *****************************************************************************/ + +function update_NbIns() +{ + global $globals; + $res = XDB::query("SELECT COUNT(*) + FROM auth_user_md5 + WHERE perms IN ('admin','user') AND deces=0"); + $cnt = $res->fetchOneCell(); + $globals->change_dynamic_config(array('NbIns' => $cnt)); +} + +function update_NbValid() +{ + global $globals; + $res = XDB::query("SELECT COUNT(*) + FROM requests"); + $globals->change_dynamic_config(array('NbValid' => $res->fetchOneCell())); +} + +function update_NbNotifs() +{ + require_once 'notifs.inc.php'; + $n = select_notifs(false, S::i('uid'), S::v('watch_last'), false); + $_SESSION['notifs'] = $n->numRows(); } +// vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8: ?>