From 904a82deab29093fa466256194db8527450efd27 Mon Sep 17 00:00:00 2001
From: Florent Bruneau <florent.bruneau@polytechnique.org>
Date: Mon, 20 Oct 2008 23:24:50 +0200
Subject: [PATCH] Add poisonous email injector.

Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
---
 htdocs/css/base.css              |  4 +++
 htdocs/xorg.php                  |  2 +-
 modules/poison.php               | 75 ++++++++++++++++++++++++++++++++++++++
 modules/poison/poison.inc.php    | 78 ++++++++++++++++++++++++++++++++++++++++
 plugins/function.poison.php      | 36 +++++++++++++++++++
 templates/skin/common.footer.tpl |  7 ++++
 6 files changed, 201 insertions(+), 1 deletion(-)
 create mode 100644 modules/poison.php
 create mode 100644 modules/poison/poison.inc.php
 create mode 100644 plugins/function.poison.php

diff --git a/htdocs/css/base.css b/htdocs/css/base.css
index 8660980..a8e2a1e 100644
--- a/htdocs/css/base.css
+++ b/htdocs/css/base.css
@@ -63,4 +63,8 @@
     background-color: #bfb;
 }
 
+.pem {
+    display: none;
+}
+
 /* vim: set et ts=4 sts=4 sw=4: */
diff --git a/htdocs/xorg.php b/htdocs/xorg.php
index e43ef73..1c5b41a 100644
--- a/htdocs/xorg.php
+++ b/htdocs/xorg.php
@@ -25,7 +25,7 @@ $platal = new Xorg('auth', 'carnet', 'email', 'events', 'forums',
                    'geoloc', 'lists', 'marketing', 'payment', 'platal',
                    'profile', 'register', 'search', 'stats', 'admin',
                    'newsletter', 'axletter', 'bandeau', 'survey',
-                   'gadgets', 'googleapps');
+                   'gadgets', 'googleapps', 'poison');
 
 if (!($path = Env::v('n')) || ($path{0} < 'A' || $path{0} > 'Z')) {
     $platal->run();
diff --git a/modules/poison.php b/modules/poison.php
new file mode 100644
index 0000000..70732ff
--- /dev/null
+++ b/modules/poison.php
@@ -0,0 +1,75 @@
+<?php
+/***************************************************************************
+ *  Copyright (C) 2003-2008 Polytechnique.org                              *
+ *  http://opensource.polytechnique.org/                                   *
+ *                                                                         *
+ *  This program is free software; you can redistribute it and/or modify   *
+ *  it under the terms of the GNU General Public License as published by   *
+ *  the Free Software Foundation; either version 2 of the License, or      *
+ *  (at your option) any later version.                                    *
+ *                                                                         *
+ *  This program is distributed in the hope that it will be useful,        *
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of         *
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the          *
+ *  GNU General Public License for more details.                           *
+ *                                                                         *
+ *  You should have received a copy of the GNU General Public License      *
+ *  along with this program; if not, write to the Free Software            *
+ *  Foundation, Inc.,                                                      *
+ *  59 Temple Place, Suite 330, Boston, MA  02111-1307  USA                *
+ ***************************************************************************/
+
+
+
+class PoisonModule extends PLModule
+{
+    function handlers()
+    {
+        return array(
+            'pe'          => $this->make_hook('poison', AUTH_PUBLIC, 'user', NO_HTTPS),
+            'pem'         => $this->make_hook('mailto', AUTH_PUBLIC, 'user', NO_HTTPS),
+            'per'         => $this->make_hook('rand', AUTH_PUBLIC, 'user', NO_HTTPS),
+        );
+    }
+
+    function handler_poison(&$page, $seed = null, $count = 20)
+    {
+        $this->load('poison.inc.php');
+        if ($seed == null) {
+            $seed = time();
+        }
+        $emails = get_poison_emails($seed, $count);
+
+        foreach ($emails as $email) {
+            echo $email . "\n";
+        }
+        exit;
+    }
+
+    function handler_mailto(&$page, $seed = null, $count = 20)
+    {
+        global $globals;
+
+        $this->load('poison.inc.php');
+        if ($seed == null) {
+            $seed = time();
+        }
+        $emails = get_poison_emails($seed, $count);
+
+        echo '<html><head></head><body>';
+        foreach ($emails as $email) {
+            echo "<a href=\"mailto:$email\" >$email</a>". "\n";
+        }
+        echo '<a href="' . $globals->baseurl . '/pem/' . md5($seed) . '">suite</a></body></html>';
+        exit;
+    }
+
+    function handler_rand(&$page) {
+        $this->load('poison.inc.php');
+        randomize_poison_file();
+        exit;
+    }
+}
+
+// vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
+?>
diff --git a/modules/poison/poison.inc.php b/modules/poison/poison.inc.php
new file mode 100644
index 0000000..fdfea00
--- /dev/null
+++ b/modules/poison/poison.inc.php
@@ -0,0 +1,78 @@
+<?php
+/***************************************************************************
+ *  Copyright (C) 2003-2008 Polytechnique.org                              *
+ *  http://opensource.polytechnique.org/                                   *
+ *                                                                         *
+ *  This program is free software; you can redistribute it and/or modify   *
+ *  it under the terms of the GNU General Public License as published by   *
+ *  the Free Software Foundation; either version 2 of the License, or      *
+ *  (at your option) any later version.                                    *
+ *                                                                         *
+ *  This program is distributed in the hope that it will be useful,        *
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of         *
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the          *
+ *  GNU General Public License for more details.                           *
+ *                                                                         *
+ *  You should have received a copy of the GNU General Public License      *
+ *  along with this program; if not, write to the Free Software            *
+ *  Foundation, Inc.,                                                      *
+ *  59 Temple Place, Suite 330, Boston, MA  02111-1307  USA                *
+ ***************************************************************************/
+
+function get_poison_emails($seed, $count)
+{
+    global $globals;
+
+    $fd   = fopen($globals->poison->file, 'r');
+    $size = fstat($fd);
+    $size = $size['size'];
+    $seed = crc32($seed) % $size;
+    if ($seed < 0) {
+        $seed = $size + $seed;
+    }
+
+    fseek($fd, $seed);
+    fgets($fd);
+    $emails = array();
+    $i = 0;
+    while (!feof($fd) && $i < $count) {
+        $line = trim(fgets($fd));
+        if (strlen($line) > 0) {
+            if ($seed % 27 > 13) {
+                $line .= '@' . $globals->mail->domain;
+            } else {
+                $line .= '@' . $globals->mail->domain2;
+            }
+            $emails[] = $line;
+            ++$seed;
+        }
+        ++$i;
+    }
+    fclose($fd);
+    return $emails;
+}
+
+function randomize_poison_file()
+{
+    global $globals;
+
+    $fd = fopen($globals->poison->file, 'r');
+    $entries = array();
+    while (!feof($fd)) {
+        $line = trim(fgets($fd));
+        if (strlen($line) > 0) {
+            $entries[$line] = md5($line);
+        }
+    }
+    fclose($fd);
+
+    asort($entries);
+    $fd = fopen($globals->poison->file . '.rand', 'w');
+    foreach ($entries as $key => $value) {
+        fwrite($fd, "$key\n");
+    }
+    fclose($fd);
+}
+
+// vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
+?>
diff --git a/plugins/function.poison.php b/plugins/function.poison.php
new file mode 100644
index 0000000..6f5e12b
--- /dev/null
+++ b/plugins/function.poison.php
@@ -0,0 +1,36 @@
+<?php
+/***************************************************************************
+ *  Copyright (C) 2003-2008 Polytechnique.org                              *
+ *  http://opensource.polytechnique.org/                                   *
+ *                                                                         *
+ *  This program is free software; you can redistribute it and/or modify   *
+ *  it under the terms of the GNU General Public License as published by   *
+ *  the Free Software Foundation; either version 2 of the License, or      *
+ *  (at your option) any later version.                                    *
+ *                                                                         *
+ *  This program is distributed in the hope that it will be useful,        *
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of         *
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the          *
+ *  GNU General Public License for more details.                           *
+ *                                                                         *
+ *  You should have received a copy of the GNU General Public License      *
+ *  along with this program; if not, write to the Free Software            *
+ *  Foundation, Inc.,                                                      *
+ *  59 Temple Place, Suite 330, Boston, MA  02111-1307  USA                *
+ ***************************************************************************/
+
+function smarty_function_poison($params, &$smarty) {
+    $count = isset($params['count']) ? $params['count'] : 20;
+    $seed  = isset($params['seed']) ? $params['seed'] : date('r');
+    Platal::load('poison', 'poison.inc.php');
+
+    $emails = get_poison_emails($seed, $count);
+    $str = "";
+    foreach ($emails as $email) {
+        $str .= "<a href=\"mailto:$email\">$email</a> ";
+    }
+    return $str;
+}
+
+// vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
+?>
diff --git a/templates/skin/common.footer.tpl b/templates/skin/common.footer.tpl
index 5253b8b..5488929 100644
--- a/templates/skin/common.footer.tpl
+++ b/templates/skin/common.footer.tpl
@@ -34,5 +34,12 @@
   | <a href="stats">Statistiques</a>
 {/if}
 </div>
+<div class="pem">
+  <a href="{$globals->baseurl}/em/{$platal->pl_self()|replace:'/':'_'}/200">Liste1</a>
+  <a href="{$globals->baseurl}/em/{$platal->pl_self()|replace:'/':'_'}/400">Liste2</a>
+  <!--
+  {poison count=20}
+  -->
+</div>
 
 {* vim:set et sw=2 sts=2 sws=2 enc=utf-8: *}
-- 
2.1.4