[test_email]
from="Polytechnique.org" <support@polytechnique.org>
+[rewrite_email]
+from="Polytechnique.org" <support@polytechnique.org>
+
[carnet]
from="Carnet Polytechnicien <support_carnet@polytechnique.org>"
public $broken;
public $disabled;
public $rewrite;
+ public $allow_rewrite;
+ public $hash;
// Redirection bounces stats.
public $panne;
$this->uid = $uid;
$this->sufficient = true;
- list($this->email, $flags, $this->rewrite, $this->panne, $this->last, $this->panne_level) = $row;
+ list($this->email, $flags, $this->rewrite, $this->allow_rewrite, $this->hash, $this->panne, $this->last, $this->panne_level) = $row;
$this->display_email = $this->email;
$this->active = ($flags == 'active');
$this->broken = ($flags == 'panne');
}
XDB::execute('UPDATE emails SET rewrite={?} WHERE uid={?} AND email={?}', $rewrite, $this->uid, $this->email);
$this->rewrite = $rewrite;
+ if (!$this->allow_rewrite) {
+ global $globals;
+ if (empty($this->hash)) {
+ $this->hash = rand_url_id();
+ XDB::execute("UPDATE emails
+ SET hash = {?}
+ WHERE uid = {?} AND email = {?}", $this->hash, $this->uid, $this->email);
+ }
+ $res = XDB::query("SELECT IF(u.nom_usage = '', u.nom, u.nom_usage) AS nom, u.prenom, FIND_IN_SET('femme', u.flags) AS sex,
+ q.core_mail_fmt, a.alias AS forlife, a2.alias AS bestalias
+ FROM auth_user_md5 AS u
+ INNER JOIN auth_user_quick AS q ON (u.user_id = q.user_id)
+ INNER JOIN aliases AS a ON (a.id = u.user_id AND a.type = 'a_vie')
+ INNER JOIN aliases AS a2 ON (a2.id = u.user_id AND FIND_IN_SET('bestalias', a2.flags))
+ WHERE u.user_id = {?}", $this->uid);
+ list($nom, $prenom, $sexe, $fmt, $forlife, $bestalias) = $res->fetchOneRow();
+ $mail = new PlMailer('emails/rewrite-in.mail.tpl');
+ $mail->assign('mail', $this);
+ $mail->assign('nom', $nom);
+ $mail->assign('prenom', $prenom);
+ $mail->assign('sexe', $sexe);
+ $mail->assign('forlife', $forlife);
+ $mail->assign('baseurl', $globals->baseurl);
+ $mail->assign('to', $bestalias . '@' . $globals->mail->domain);
+ $mail->send($fmt == 'html');
+ }
return;
}
$this->bogo = new Bogo($_uid);
// Adds third-party email redirections.
- $res = XDB::iterRow("SELECT email, flags, rewrite, panne, last, panne_level
+ $res = XDB::iterRow("SELECT email, flags, rewrite, allow_rewrite, hash, panne, last, panne_level
FROM emails
WHERE uid = {?} AND flags != 'filter'", $_uid);
$this->emails = Array();
return SUCCESS;
}
}
- $this->emails[] = new EmailRedirection($this->uid, array($email, 'active', '', '0000-00-00', '0000-00-00', 0));
+ $this->emails[] = new EmailRedirection($this->uid, array($email, 'active', '', false, null, '0000-00-00', '0000-00-00', 0));
// security stuff
check_email($email, "Ajout d'une adresse surveillée aux redirections de " . $this->uid);
'emails/antispam/submit' => $this->make_hook('submit', AUTH_COOKIE),
'emails/test' => $this->make_hook('test', AUTH_COOKIE, 'user', NO_AUTH),
+ 'emails/rewrite/in' => $this->make_hook('rewrite_in', AUTH_PUBLIC),
+ 'emails/rewrite/out' => $this->make_hook('rewrite_out', AUTH_PUBLIC),
+
'emails/imap/in' => $this->make_hook('imap_in', AUTH_PUBLIC),
'admin/emails/duplicated' => $this->make_hook('duplicated', AUTH_MDP, 'admin'),
exit;
}
+ function handler_rewrite_in(&$page, $mail, $hash)
+ {
+ $page->changeTpl('emails/rewrite.tpl');
+ $page->assign('option', 'in');
+ if (empty($mail) || empty($hash)) {
+ return PL_NOT_FOUND;
+ }
+ $pos = strrpos($mail, '_');
+ if ($pos === false) {
+ return PL_NOT_FOUND;
+ }
+ $mail{$pos} = '@';
+ $res = XDB::query("SELECT COUNT(*)
+ FROM emails
+ WHERE email = {?} AND hash = {?}",
+ $mail, $hash);
+ $count = intval($res->fetchOneCell());
+ if ($count > 0) {
+ XDB::query("UPDATE emails
+ SET allow_rewrite = true, hash = NULL
+ WHERE email = {?} AND hash = {?}",
+ $mail, $hash);
+ $page->trigSuccess("Réécriture activée pour l'adresse " . $mail);
+ return;
+ }
+ return PL_NOT_FOUND;
+ }
+
+ function handler_rewrite_out(&$page, $mail, $hash)
+ {
+ $page->changeTpl('emails/rewrite.tpl');
+ $page->assign('option', 'out');
+ if (empty($mail) || empty($hash)) {
+ return PL_NOT_FOUND;
+ }
+ $pos = strrpos($mail, '_');
+ if ($pos === false) {
+ return PL_NOT_FOUND;
+ }
+ $mail{$pos} = '@';
+ $res = XDB::query("SELECT COUNT(*)
+ FROM emails
+ WHERE email = {?} AND hash = {?}",
+ $mail, $hash);
+ $count = intval($res->fetchOneCell());
+ if ($count > 0) {
+ global $globals;
+ $res = XDB::query("SELECT e.email, e.rewrite, a.alias
+ FROM emails AS e
+ INNER JOIN aliases AS a ON (a.id = e.uid AND a.type = 'a_vie')
+ WHERE e.email = {?} AND e.hash = {?}",
+ $mail, $hash);
+ XDB::query("UPDATE emails
+ SET allow_rewrite = false, hash = NULL
+ WHERE email = {?} AND hash = {?}",
+ $mail, $hash);
+ list($mail, $rewrite, $forlife) = $res->fetchOneRow();
+ $mail = new PlMailer();
+ $mail->setFrom("webmaster@" . $globals->mail->domain);
+ $mail->addTo("support@" . $globals->mail->domain);
+ $mail->setSubject("Tentative de détournement de correspondance via le rewrite");
+ $mail->setTxtBody("$forlife a tenté un rewrite de $mail vers $rewrite. Cette demande a été rejetée via le web");
+ $mail->send();
+ $page->trigWarning("Un mail d'alerte a été envoyé à l'équipe de " . $globals->core->sitename);
+ return;
+ }
+ return PL_NOT_FOUND;
+ }
+
function handler_imap_in(&$page, $hash = null, $login = null)
{
$page->changeTpl('emails/imap_register.tpl');
Ajax.update_html(null, 'emails/redirect/' + (checked ? '' : 'in') + 'active/' + email, redirectUpdate);
}
+ function rewriteUpdate(mail, allow, box)
+ {
+ return function() {
+ if (!allow) {
+ if (box.value != '') {
+ alert("Un mail de validation vient d'être envoyer sur " + mail
+ + ". La réécriture ne sera active que lorsque tu auras cliqué sur le lien indiqué dans ce mail.");
+ }
+ }
+ redirectUpdate();
+ };
+ }
+
{/literal}
//]]></script>
{test_email}
{if $e->active}checked="checked"{/if}
{if $smarty.foreach.redirect.total eq 1}disabled="disabled"{/if}
onchange="updateRedirect(this.checked, '{$e->email}')" /></td>
- <td>
+ <td style="text-align: left">
{if $e->has_rewrite()}
- <select onchange="Ajax.update_html(null,'emails/redirect/rewrite/{$e->email}/'+this.value, redirectUpdate)">
+ <select onchange="Ajax.update_html(null,'emails/redirect/rewrite/{$e->email}/'+this.value, rewriteUpdate('{$e->email}', {$e->allow_rewrite}, this))">
<option value=''>--- aucune ---</option>
{assign var=dom1 value=#globals.mail.domain#}
{assign var=dom2 value=#globals.mail.domain2#}
value='{$a.alias}@{#globals.mail.domain2#}'>{$a.alias}@{#globals.mail.domain2#}</option>
{/foreach}
</select>
+ {if $e->rewrite neq '' && !$e->allow_rewrite}{icon name="error" title="en attente de validation"}{/if}
{else}
<em>pas de réécriture</em>
{/if}
--- /dev/null
+{**************************************************************************}
+{* *}
+{* Copyright (C) 2003-2008 Polytechnique.org *}
+{* http://opensource.polytechnique.org/ *}
+{* *}
+{* This program is free software; you can redistribute it and/or modify *}
+{* it under the terms of the GNU General Public License as published by *}
+{* the Free Software Foundation; either version 2 of the License, or *}
+{* (at your option) any later version. *}
+{* *}
+{* This program is distributed in the hope that it will be useful, *}
+{* but WITHOUT ANY WARRANTY; without even the implied warranty of *}
+{* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *}
+{* GNU General Public License for more details. *}
+{* *}
+{* You should have received a copy of the GNU General Public License *}
+{* along with this program; if not, write to the Free Software *}
+{* Foundation, Inc., *}
+{* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *}
+{* *}
+{**************************************************************************}
+
+{config_load file="mails.conf" section="rewrite_email"}
+{if $mail_part eq 'head'}
+{from full=#from#}
+{to addr=$to}
+{subject text="Validation de la demande de réécriture pour l'adresse `$mail->email`"}
+{elseif $mail_part eq 'wiki'}
+{if $sexe}Chère{else}Cher{/if} {$prenom},
+
+Tu reçois cet email car une demande de réécriture vient d'être effectuée sur {#globals.core.sitename#} pour que les mails
+l'adresse {$mail->email} soit automatiquement réécrite en {$mail->rewrite}.
+
+Si tu es à l'origine de cette demande, clique sur le lien suivant pour activer la réécriture :
+* {$baseurl}/emails/rewrite/in/{$mail->email|replace:'@':'_'}/{$mail->hash}
+
+Si tu n'est pas à l'origine de cette demande, il peut s'agir d'une tentative de détournement de ta correspondance par un
+camarade mal intentionné. Dans ce cas, clique sur le lien suivant pour avertir l'équipe de {#globals.core.sitename#} :
+* {$baseurl}/emails/rewrite/out/{$mail->email|replace:'@':'_'}/{$mail->hash}
+
+Merci encore de la confiance que tu portes à nos services.
+
+-- \\
+Très Cordialement,\\
+L'Équipe de Polytechnique.org
+{/if}
+
+{* vim:set et sw=2 sts=2 sws=2: *}
--- /dev/null
+{**************************************************************************}
+{* *}
+{* Copyright (C) 2003-2008 Polytechnique.org *}
+{* http://opensource.polytechnique.org/ *}
+{* *}
+{* This program is free software; you can redistribute it and/or modify *}
+{* it under the terms of the GNU General Public License as published by *}
+{* the Free Software Foundation; either version 2 of the License, or *}
+{* (at your option) any later version. *}
+{* *}
+{* This program is distributed in the hope that it will be useful, *}
+{* but WITHOUT ANY WARRANTY; without even the implied warranty of *}
+{* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *}
+{* GNU General Public License for more details. *}
+{* *}
+{* You should have received a copy of the GNU General Public License *}
+{* along with this program; if not, write to the Free Software *}
+{* Foundation, Inc., *}
+{* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *}
+{* *}
+{**************************************************************************}
+
+{if $option eq 'in'}
+{else}
+{/if}
+
+{* vim:set et sw=2 sts=2 sws=2 enc=utf-8: *}
--- /dev/null
+# Rewrite protection
+
+alter table emails add column hash varchar(32) default NULL;
+alter table emails add column allow_rewrite boolean default false;
+update emails set allow_rewrite = true where rewrite != '' and flags != 'filter';
+
+
+# vim:set syntax=mysql:
projects / platal.git / commitdiff