falon /
RBL
@@ -1,11 +1,14 @@ |
||
| 1 | 1 | <?php |
| 2 | -if (in_array($user,array_keys(array_filter($adm)))) $extopt = '<option value="MONTH">MONTHS</option><option value="YEAR">YEARS</option>'; |
|
| 3 | -else $extopt = NULL; |
|
| 2 | +if (in_array($user,array_keys(array_filter($adm)))) { |
|
| 3 | + $extopt = '<option value="MONTH">MONTHS</option><option value="YEAR">YEARS</option>'; |
|
| 4 | +} else { |
|
| 5 | + $extopt = NULL; |
|
| 6 | +} |
|
| 4 | 7 | |
| 5 | 8 | if ( $tables["$typedesc"]['milter'] ) { |
| 6 | - if ( checkMilterConf($tables["$typedesc"]) ) |
|
| 7 | - print '<p>This is a milter table. Please, first add your item as usual. Then you will be able to customize the milter settings.</p>'; |
|
| 8 | - else { |
|
| 9 | + if ( checkMilterConf($tables["$typedesc"]) ) { |
|
| 10 | + print '<p>This is a milter table. Please, first add your item as usual. Then you will be able to customize the milter settings.</p>'; |
|
| 11 | + } else { |
|
| 9 | 12 | $err = "Error in config about <$typedesc>. Check at your config.php."; |
| 10 | 13 | syslog (LOG_EMERG, $err); |
| 11 | 14 | printf ('<p>%s</p>', htmlspecialchars($err) ); |
@@ -9,19 +9,26 @@ |
||
| 9 | 9 | <td colspan="<?php echo $cl; ?>" style="text-align: center"> |
| 10 | 10 | <?php |
| 11 | 11 | openlog($tag, LOG_PID, $fac); |
| 12 | -if (empty($_POST['reason'])) die ("Specify a reason, please!</td>"); |
|
| 13 | -if (preg_match( '/[^\x20-\x7f]/', $_POST['reason'])) |
|
| 12 | +if (empty($_POST['reason'])) { |
|
| 13 | + die ("Specify a reason, please!</td>"); |
|
| 14 | +} |
|
| 15 | +if (preg_match( '/[^\x20-\x7f]/', $_POST['reason'])) { |
|
| 14 | 16 | exit('ERROR: <'.htmlentities($_POST['reason'],ENT_COMPAT | ENT_HTML401, 'ISO-8859-1').'> contains NON ASCII chars.</td>'); |
| 17 | +} |
|
| 15 | 18 | $user = username(); |
| 16 | 19 | |
| 17 | -if ( ($mysqli = myConnect($dbhost, $userdb, $pwd, $db, $dbport, $tables, $typedesc, $user)) === FALSE ) |
|
| 20 | +if ( ($mysqli = myConnect($dbhost, $userdb, $pwd, $db, $dbport, $tables, $typedesc, $user)) === FALSE ) { |
|
| 18 | 21 | exit ($user.': Connect Error (' . $mysqli->connect_errno . ') '. $mysqli->connect_error); |
| 22 | +} |
|
| 19 | 23 | |
| 20 | -if (isFull($mysqli,$typedesc,$tables)) die("ERROR in relist: ".htmlspecialchars("$typedesc has reached maximum value of ".$tables["$typedesc"]['limit'].' listed items.') ); |
|
| 21 | -if (relist ($mysqli,username(),$_POST['value'],$type,$table,$_POST['unit'],$_POST['quantity'],$_POST['reason'])) |
|
| 24 | +if (isFull($mysqli,$typedesc,$tables)) { |
|
| 25 | + die("ERROR in relist: ".htmlspecialchars("$typedesc has reached maximum value of ".$tables["$typedesc"]['limit'].' listed items.') ); |
|
| 26 | +} |
|
| 27 | +if (relist ($mysqli,username(),$_POST['value'],$type,$table,$_POST['unit'],$_POST['quantity'],$_POST['reason'])) { |
|
| 22 | 28 | print 'OK '.$_POST["type"].' <'.$_POST['value'].'> relisted for '.$_POST['quantity'].$_POST['unit']; |
| 23 | -else |
|
| 29 | +} else { |
|
| 24 | 30 | print 'ERROR in relist; check log'; |
| 31 | +} |
|
| 25 | 32 | $mysqli->close(); |
| 26 | 33 | closelog(); |
| 27 | 34 | print '</td>'; |
@@ -5,32 +5,39 @@ discard block |
||
| 5 | 5 | $net = new \dautkom\ipv4\IPv4(); |
| 6 | 6 | |
| 7 | 7 | $_ = $_POST['genere']; |
| 8 | -if ( ($tables["$_"]['field']=='email') AND ($_POST['Value']!='ALL') ) |
|
| 8 | +if ( ($tables["$_"]['field']=='email') AND ($_POST['Value']!='ALL') ) { |
|
| 9 | 9 | if (!(filter_var($_POST['Value'], FILTER_VALIDATE_EMAIL))) |
| 10 | 10 | exit ('<pre><'.$_POST['Value'].'> is NOT a valid email address.</pre>'); |
| 11 | +} |
|
| 11 | 12 | |
| 12 | -if ( ($tables["$_"]['field']=='domain') AND ($_POST['Value']!='ALL') ) |
|
| 13 | +if ( ($tables["$_"]['field']=='domain') AND ($_POST['Value']!='ALL') ) { |
|
| 13 | 14 | if (!(filter_var(gethostbyname($_POST['Value']), FILTER_VALIDATE_IP))) |
| 14 | 15 | exit ('<pre><'.$_POST['Value'].'> is NOT a valid domain.</pre>'); |
| 16 | +} |
|
| 15 | 17 | |
| 16 | -if ( ($tables["$_"]['field']=='ip') AND ($_POST['Value']!='ALL') ) |
|
| 18 | +if ( ($tables["$_"]['field']=='ip') AND ($_POST['Value']!='ALL') ) { |
|
| 17 | 19 | if (!(filter_var($_POST['Value'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4))) |
| 18 | 20 | exit ('<pre><'.$_POST['Value'].'> is NOT a valid IP address.</pre>'); |
| 21 | +} |
|
| 19 | 22 | |
| 20 | 23 | if ( ($tables["$_"]['field']=='network') AND ($_POST['Value']!='ALL') ) { |
| 21 | 24 | $value = explode('/',$_POST['Value']); |
| 22 | - if (count($value) != 2) |
|
| 23 | - exit ('<pre><'.$_POST['Value'].'> is NOT a valid Network/Netmask pair.</pre>'); |
|
| 24 | - if (!$net->address($value[0])->mask($value[1])->isValid(1)) |
|
| 25 | - exit ('<pre><'.$_POST['Value'].'> is NOT a valid Network/Netmask.</pre>'); |
|
| 25 | + if (count($value) != 2) { |
|
| 26 | + exit ('<pre><'.$_POST['Value'].'> is NOT a valid Network/Netmask pair.</pre>'); |
|
| 27 | + } |
|
| 28 | + if (!$net->address($value[0])->mask($value[1])->isValid(1)) { |
|
| 29 | + exit ('<pre><'.$_POST['Value'].'> is NOT a valid Network/Netmask.</pre>'); |
|
| 30 | + } |
|
| 26 | 31 | $_POST['Value'] = $value[0].'/'.$net->mask($value[1])->convertTo('dec'); |
| 27 | 32 | } |
| 28 | 33 | |
| 29 | 34 | if ( ($tables["$_"]['field']=='username') AND ($_POST['Value']!='ALL') ) { |
| 30 | - if ( preg_match( '/[^\x20-\x7f]/', $_POST['Value']) ) |
|
| 31 | - exit('<pre><'.$_POST['Value'].'> contains NON ASCII chars.</pre>'); |
|
| 32 | - if ( preg_match( '/[$~=#*+%,{}()\/\\<>;:\"`\[\]&?\s]/', $_POST['Value']) ) |
|
| 33 | - exit('<pre><'.$_POST['Value'].'> contains invalid ASCII chars.</pre>'); |
|
| 35 | + if ( preg_match( '/[^\x20-\x7f]/', $_POST['Value']) ) { |
|
| 36 | + exit('<pre><'.$_POST['Value'].'> contains NON ASCII chars.</pre>'); |
|
| 37 | + } |
|
| 38 | + if ( preg_match( '/[$~=#*+%,{}()\/\\<>;:\"`\[\]&?\s]/', $_POST['Value']) ) { |
|
| 39 | + exit('<pre><'.$_POST['Value'].'> contains invalid ASCII chars.</pre>'); |
|
| 40 | + } |
|
| 34 | 41 | switch ( $_POST['Value'] ) { |
| 35 | 42 | case 'anonymous': |
| 36 | 43 | case 'anybody': |
@@ -41,18 +48,23 @@ discard block |
||
| 41 | 48 | } |
| 42 | 49 | |
| 43 | 50 | if (empty($_GET)) { |
| 44 | - if ($tables["$_"]['milter']) print "<p><i>$_</i> is a miltermap of ".$tables["$_"]['field'].'.</p>'; |
|
| 45 | - else { |
|
| 46 | - if ($tables["$_"]['bl']) print "<p><i>$_</i> is a blocklist of ".$tables["$_"]['field'].'.</p>'; |
|
| 47 | - else print "<p><i>$_</i> is a whitelist of ".$tables["$_"]['field'].'.</p>'; |
|
| 51 | + if ($tables["$_"]['milter']) { |
|
| 52 | + print "<p><i>$_</i> is a miltermap of ".$tables["$_"]['field'].'.</p>'; |
|
| 53 | + } else { |
|
| 54 | + if ($tables["$_"]['bl']) { |
|
| 55 | + print "<p><i>$_</i> is a blocklist of ".$tables["$_"]['field'].'.</p>'; |
|
| 56 | + } else { |
|
| 57 | + print "<p><i>$_</i> is a whitelist of ".$tables["$_"]['field'].'.</p>'; |
|
| 58 | + } |
|
| 48 | 59 | } |
| 49 | 60 | } |
| 50 | 61 | |
| 51 | 62 | openlog($tag, LOG_PID, $fac); |
| 52 | 63 | $user = username(); |
| 53 | 64 | |
| 54 | -if ( ($mysqli = myConnect($dbhost, $userdb, $pwd, $db, $dbport, $tables, $_, $user)) === FALSE ) |
|
| 65 | +if ( ($mysqli = myConnect($dbhost, $userdb, $pwd, $db, $dbport, $tables, $_, $user)) === FALSE ) { |
|
| 55 | 66 | exit ('Connect Error (' . $mysqli->connect_errno . ') '. $mysqli->connect_error); |
| 67 | +} |
|
| 56 | 68 | |
| 57 | 69 | rlookup($mysqli,username(),$admins,$_POST['Value'],$_POST['genere'],$tables); |
| 58 | 70 | $mysqli->close(); |
@@ -6,20 +6,27 @@ |
||
| 6 | 6 | $table = ($tables["$typedesc"]['milter']) ? milterTable($type) : $tables["$typedesc"]['name']; |
| 7 | 7 | |
| 8 | 8 | openlog($tag, LOG_PID, $fac); |
| 9 | -if (empty($_POST['reason'])) die ("<p>Please, specify a reason!</p>"); |
|
| 10 | -if (preg_match( '/[^\x20-\x7f]/', $_POST['reason'])) |
|
| 9 | +if (empty($_POST['reason'])) { |
|
| 10 | + die ("<p>Please, specify a reason!</p>"); |
|
| 11 | +} |
|
| 12 | +if (preg_match( '/[^\x20-\x7f]/', $_POST['reason'])) { |
|
| 11 | 13 | exit('<p>ERROR: <'.htmlentities($_POST['reason'],ENT_COMPAT | ENT_HTML401, 'ISO-8859-1').'> contains NON ASCII chars.</p>'); |
| 14 | +} |
|
| 12 | 15 | $user = username(); |
| 13 | 16 | $err = NULL; |
| 14 | 17 | |
| 15 | -if ( ($mysqli = myConnect($dbhost, $userdb, $pwd, $db, $dbport, $tables, $typedesc, $user)) === FALSE ) |
|
| 18 | +if ( ($mysqli = myConnect($dbhost, $userdb, $pwd, $db, $dbport, $tables, $typedesc, $user)) === FALSE ) { |
|
| 16 | 19 | exit ($user.': Connect Error (' . $mysqli->connect_errno . ') '. $mysqli->connect_error); |
| 20 | +} |
|
| 17 | 21 | |
| 18 | -if (addtolist ($mysqli,$user,$_POST['value'],$tables["$typedesc"],$_POST['unit'],$_POST['quantity'],$_POST['reason'],$err)) |
|
| 22 | +if (addtolist ($mysqli,$user,$_POST['value'],$tables["$typedesc"],$_POST['unit'],$_POST['quantity'],$_POST['reason'],$err)) { |
|
| 19 | 23 | print 'OK '.$_POST["type"].' <'.$_POST['value'].'> first time listed for '.$_POST['quantity'].$_POST['unit'].'.'; |
| 20 | -else |
|
| 24 | +} else { |
|
| 21 | 25 | print 'List operation ERROR; check log.'; |
| 22 | -if (!is_null($err) ) print htmlentities(' Error: ' . $err); |
|
| 26 | +} |
|
| 27 | +if (!is_null($err) ) { |
|
| 28 | + print htmlentities(' Error: ' . $err); |
|
| 29 | +} |
|
| 23 | 30 | $mysqli->close(); |
| 24 | 31 | closelog(); |
| 25 | 32 | ?> |
@@ -9,12 +9,14 @@ |
||
| 9 | 9 | openlog($tag, LOG_PID, $fac); |
| 10 | 10 | $user = username(); |
| 11 | 11 | |
| 12 | -if ( ($mysqli = myConnect($dbhost, $userdb, $pwd, $db, $dbport, $tables, $typedesc, $user)) === FALSE ) |
|
| 12 | +if ( ($mysqli = myConnect($dbhost, $userdb, $pwd, $db, $dbport, $tables, $typedesc, $user)) === FALSE ) { |
|
| 13 | 13 | exit ($user.': Connect Error (' . $mysqli->connect_errno . ') '. $mysqli->connect_error); |
| 14 | -if (remove ($mysqli,$user,$_POST['value'],$type,$table)) |
|
| 14 | +} |
|
| 15 | +if (remove ($mysqli,$user,$_POST['value'],$type,$table)) { |
|
| 15 | 16 | print 'OK '.$typedesc.' <'.$_POST['value'].'> permanently REMOVED!'; |
| 16 | -else |
|
| 17 | +} else { |
|
| 17 | 18 | print 'Delete operation ERROR on '.$typedesc.' <'.$_POST['value'].'>; check log.'; |
| 19 | +} |
|
| 18 | 20 | print '</td>'; |
| 19 | 21 | $mysqli->close(); |
| 20 | 22 | closelog(); |
@@ -1,7 +1,10 @@ |
||
| 1 | 1 | <?php |
| 2 | 2 | $adm = unserialize($_POST["adm"]); |
| 3 | -if (in_array($_POST["user"],array_keys(array_filter($adm)))) $extopt = '<option value="MONTH">MONTHS</option><option value="YEAR">YEARS</option>'; |
|
| 4 | -else $extopt = NULL; |
|
| 3 | +if (in_array($_POST["user"],array_keys(array_filter($adm)))) { |
|
| 4 | + $extopt = '<option value="MONTH">MONTHS</option><option value="YEAR">YEARS</option>'; |
|
| 5 | +} else { |
|
| 6 | + $extopt = NULL; |
|
| 7 | +} |
|
| 5 | 8 | |
| 6 | 9 | require_once('config.php'); |
| 7 | 10 | $typedesc=$_POST['type']; |
@@ -11,13 +11,15 @@ |
||
| 11 | 11 | openlog($tag, LOG_PID, $fac); |
| 12 | 12 | $user = username(); |
| 13 | 13 | |
| 14 | -if ( ($mysqli = myConnect($dbhost, $userdb, $pwd, $db, $dbport, $tables, $typedesc, $user)) === FALSE ) |
|
| 14 | +if ( ($mysqli = myConnect($dbhost, $userdb, $pwd, $db, $dbport, $tables, $typedesc, $user)) === FALSE ) { |
|
| 15 | 15 | exit ($user.': Connect Error (' . $mysqli->connect_errno . ') '. $mysqli->connect_error); |
| 16 | +} |
|
| 16 | 17 | |
| 17 | -if (changestatus($mysqli,username(),$_POST['value'],'0',$type,$table)) |
|
| 18 | +if (changestatus($mysqli,username(),$_POST['value'],'0',$type,$table)) { |
|
| 18 | 19 | print 'OK '.$_POST["type"].' <'.$_POST['value'].'> delisted.'; |
| 19 | -else |
|
| 20 | +} else { |
|
| 20 | 21 | print 'ERROR in delist <'.$_POST['value'].'>; check log'; |
| 22 | +} |
|
| 21 | 23 | print '</td>'; |
| 22 | 24 | $mysqli->close(); |
| 23 | 25 | closelog(); |
@@ -141,17 +141,19 @@ discard block |
||
| 141 | 141 | $thisVal = $data[1]; |
| 142 | 142 | unset($data[1]); |
| 143 | 143 | $data = array_values($data); |
| 144 | - if ( !in_array($thisVal,array_keys($tolist)) ) |
|
| 145 | - $tolist["$thisVal"] = $data; |
|
| 146 | - else if ($data[3]>$tolist[$thisVal][3]) |
|
| 147 | - $tolist["$thisVal"] = $data; |
|
| 148 | -} |
|
| 144 | + if ( !in_array($thisVal,array_keys($tolist)) ) { |
|
| 145 | + $tolist["$thisVal"] = $data; |
|
| 146 | + } else if ($data[3]>$tolist[$thisVal][3]) { |
|
| 147 | + $tolist["$thisVal"] = $data; |
|
| 148 | + } |
|
| 149 | + } |
|
| 149 | 150 | |
| 150 | 151 | /* Make MYSQL connection */ |
| 151 | 152 | |
| 152 | 153 | $mysqli = myConnect($host, $userdb, $pwd, $db, $dbport, $tables, $typedesc, $user); |
| 153 | -if ( $mysqli === FALSE ) |
|
| 154 | +if ( $mysqli === FALSE ) { |
|
| 154 | 155 | exit (254); |
| 156 | +} |
|
| 155 | 157 | |
| 156 | 158 | foreach ( array_keys($tolist) as $value) { |
| 157 | 159 | $quantity = $conf['quantity']; |
@@ -168,17 +170,18 @@ discard block |
||
| 168 | 170 | $recip = emailToNotify($domainNotify_file,$domain); |
| 169 | 171 | $subject = sprintf('%s <%s> is now blocked because exceedes limits on outgoing emails', |
| 170 | 172 | $tables["$typedesc"]['field'], $value); |
| 171 | - if (!empty($recip)) |
|
| 172 | - if ( sendEmailWarn($tplfile,'[email protected]',$recip, |
|
| 173 | + if (!empty($recip)) { |
|
| 174 | + if ( sendEmailWarn($tplfile,'[email protected]',$recip, |
|
| 173 | 175 | $subject,$value,"$quantity $unit",$reason) ) |
| 174 | 176 | syslog(LOG_INFO, "$user: \"$recip\" was notified about the \"$value\" abuse."); |
| 177 | + } |
|
| 178 | + } else { |
|
| 179 | + syslog(LOG_ERR,"$user: <$domain> contains the '@' char. Notification cannot be sent."); |
|
| 175 | 180 | } |
| 176 | - else syslog(LOG_ERR,"$user: <$domain> contains the '@' char. Notification cannot be sent."); |
|
| 177 | 181 | } |
| 178 | 182 | } |
| 179 | 183 | } |
| 180 | - } |
|
| 181 | - else { |
|
| 184 | + } else { |
|
| 182 | 185 | $reason .= " But it has NOT been listed because it doesn't apply to the trigger condition."; |
| 183 | 186 | syslog (LOG_INFO, "$user: ".$reason); |
| 184 | 187 | } |
@@ -14,12 +14,14 @@ |
||
| 14 | 14 | require_once('function.php'); |
| 15 | 15 | |
| 16 | 16 | checkSSL(); |
| 17 | -if ( $require_auth ) |
|
| 17 | +if ( $require_auth ) { |
|
| 18 | 18 | if ( username() == 'unknown' ) exit ("<p>You MUST configure your server to use authentication.</p>"); |
| 19 | +} |
|
| 19 | 20 | |
| 20 | 21 | |
| 21 | -if ( $imapListActive ) |
|
| 22 | +if ( $imapListActive ) { |
|
| 22 | 23 | print ' <p style="text-align: right"><a href="/spamreport" target="_new">SPAM Learn Observer</a></p>'; |
| 24 | +} |
|
| 23 | 25 | |
| 24 | 26 | print <<<END |
| 25 | 27 | <form name="check" action="result.php" onSubmit="xmlhttpPost('result.php', 'check', 'Risultato', '<img src=\'/include/pleasewait.gif\'>'); return false;" enctype="text/plain" method="post" target="_self"> |
