$ip) { $v = ip_to_uint($ip); if (is_null($v)) { unset($ips[$key]); } else { $ips[$key] = '(ip & mask) = (' . $v . '& mask)'; } } $res = XDB::query('SELECT state, description FROM ip_watch WHERE ' . implode(' OR ', $ips) . ' ORDER BY state DESC'); if ($res->numRows()) { $state = $res->fetchOneAssoc(); $_SESSION['check_ip'] = $state['state']; $_SESSION['check_ip_desc'] = $state['description']; } else { $_SESSION['check_ip'] = 'safe'; } } $test = array(); switch ($level) { case 'unsafe': $test[] = 'unsafe'; case 'dangerous': $test[] = 'dangerous'; case 'ban': $test[] = 'ban'; break; default: return false; } return in_array($_SESSION['check_ip'], $test); } function check_email($email, $message) { $res = XDB::fetchOneCell('SELECT COUNT(*) FROM email_watch WHERE state != \'safe\' AND email = {?}', $email); if ($res) { send_warning_mail($message); return true; } return false; } function check_account() { if (S::user()) { return S::user()->watch; } return false; } function check_redirect($red = null) { require_once 'emails.inc.php'; if (is_null($red)) { $user = S::user(); $red = new Redirect($user); } if ($red->get_uid() == S::v('uid')) { $_SESSION['no_redirect'] = !$red->other_active(''); $_SESSION['mx_failures'] = $red->get_broken_mx(); } } function send_warning_mail($title, $body = '') { global $globals; $mailer = new PlMailer(); $mailer->setFrom("webmaster@" . $globals->mail->domain); $mailer->addTo($globals->core->admin_email); $mailer->setSubject("[Plat/al Security Alert] $title"); // Note: we can't do $session = var_export($_SESSION, true) as var_export // doesn't handle circular dependency correctly. ob_start(); var_dump($_SESSION); $session = ob_get_clean(); $mailer->setTxtBody($body . "Identifiants de session :\n" . $session . "\n\n" ."Identifiants de connexion :\n" . var_export($_SERVER, true)); $mailer->send(); } function kill_sessions() { assert(S::admin()); shell_exec('sudo -u root ' . dirname(dirname(__FILE__)) . '/bin/kill_sessions.sh'); } // vim:set et sw=4 sts=4 sws=4 foldmethod=marker fenc=utf-8: ?>