inc/filter/active_filter.php svneol=native#text/plain
inc/filter/admins_filter.php svneol=native#text/plain
inc/filter/beg_filter.php svneol=native#text/plain
+inc/filter/blacklist_filter.php svneol=native#text/plain
inc/filter/bonus_filter.php svneol=native#text/plain
inc/filter/booking_filter.php svneol=native#text/plain
inc/filter/cache_filter.php svneol=native#text/plain
./inc/extensions/sponsor/mode-setup.php:43:// @TODO Remove double tabs
./inc/extensions/sql_patches/mode-update.php:43:// @TODO Remove double-tabs
./inc/extensions/user/mode-update.php:43:// @TODO Remove double tabs
+./inc/filter/blacklist_filter.php:63: // @TODO Insert log entry
./inc/filter/bonus_filter.php:56: // @TODO This query isn't right, it will only update if the user was for a longer time away!
./inc/filter/cache_filter.php:94: // @TODO This should be rewritten not to load the cache file for just checking if it is there for save removal.
./inc/filter/forced_filter.php:73: // @TODO This part is unfinished
./inc/header.php:66:// @TODO Find a way to not use direct module comparison
./inc/install-functions.php:446: // @TODO Comparing with DEFAULT_MAIN_TITLE doesn't work
./inc/install-functions.php:97: // @TODO DEACTIVATED: changeDataInLocalConfigurationFile('OUTPUT-MODE', "setConfigEntry('OUTPUT_MODE', '", "');", postRequestElement('omode'), 0);
-./inc/language/de.php:1161: // @TODO Rewrite these two constants
-./inc/language/de.php:1177: // @TODO Rewrite these three constants
+./inc/language/de.php:1162: // @TODO Rewrite these two constants
+./inc/language/de.php:1178: // @TODO Rewrite these three constants
./inc/language/de.php:46: // @TODO Please sort these language elements
./inc/language/de.php:749:// @TODO Are these constants longer used?
./inc/language-functions.php:254: // @TODO These are all valid languages, again hard-coded
addCreateTableSql('blacklist', "
`id` BIGINT(20) UNSIGNED NOT NULL AUTO_INCREMENT,
`data` VARCHAR(255) NOT NULL DEFAULT '',
-`type` VARCHAR(20) NOT NULL DEFAULT 'INVALID',
`pool_id` BIGINT(20) UNSIGNED NULL DEFAULT NULL,
+`provider` VARCHAR(255) NOT NULL DEFAULT 'BLACKLIST',
+`type` VARCHAR(20) NOT NULL DEFAULT 'INVALID',
`added` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
PRIMARY KEY (`id`),
+INDEX (`provider`),
+INDEX (`type`),
INDEX (`pool_id`)",
'Generic blacklist');
// Add admin menu
- addAdminMenuSql('setup','config_blacklist','Sperrlisten','Einstellungen zu den Sperrlisten.',8);
- addAdminMenuSql('misc','list_blacklist','Sperrlisten...','Zeigt gesperrte Email-Adressen und/oder URLs an.',3);
+ addAdminMenuSql('setup', 'config_blacklist', 'Sperrlisten', 'Einstellungen zu den Sperrlisten.', 8);
+ addAdminMenuSql('misc', 'list_blacklist', 'Sperrlisten...', 'Zeigt gesperrte Email-Adressen und/oder URLs an.', 3);
// Add configuration
- addConfigAddSql('url_blacklist', "ENUM('Y','N') NOT NULL DEFAULT 'Y'");
addConfigAddSql('email_blacklist', "ENUM('Y','N') NOT NULL DEFAULT 'Y'");
+ addConfigAddSql('url_blacklist', "ENUM('Y','N') NOT NULL DEFAULT 'Y'");
+
+ // Register filters
+ registerFilter(__FILE__, __LINE__, 'pre_user_registration', 'CHECK_EMAIL_BLACKLISTED', FALSE, TRUE, isExtensionDryRun());
+ registerFilter(__FILE__, __LINE__, 'pre_update_user_data', 'CHECK_EMAIL_BLACKLISTED', FALSE, TRUE, isExtensionDryRun());
+ registerFilter(__FILE__, __LINE__, 'post_email_blacklisted', 'LOG_EMAIL_BLACKLISTED', FALSE, TRUE, isExtensionDryRun());
break;
case 'remove': // Do stuff when removing extension
// Remove menu
addExtensionSql("DELETE LOW_PRIORITY FROM `{?_MYSQL_PREFIX?}_admin_menu` WHERE `what` IN('config_blacklist', 'list_blacklist') LIMIT 1");
+
+ // Unregister filters
+ unregisterFilter(__FILE__, __LINE__, 'pre_user_registration', 'CHECK_EMAIL_BLACKLISTED', TRUE, isExtensionDryRun());
+ unregisterFilter(__FILE__, __LINE__, 'pre_update_user_data', 'CHECK_EMAIL_BLACKLISTED', TRUE, isExtensionDryRun());
+ unregisterFilter(__FILE__, __LINE__, 'post_email_blacklisted', 'LOG_EMAIL_BLACKLISTED', FALSE, TRUE, isExtensionDryRun());
break;
case 'activate': // Do stuff when admin activates this extension
--- /dev/null
+<?php
+/************************************************************************
+ * Mailer v0.2.1-FINAL Start: 01/21/2013 *
+ * =================== Last change: 01/21/2013 *
+ * *
+ * -------------------------------------------------------------------- *
+ * File : blacklist_filter.php *
+ * -------------------------------------------------------------------- *
+ * Short description : Filters for ext-blacklist *
+ * -------------------------------------------------------------------- *
+ * Kurzbeschreibung : Filter fuer ext-blacklist *
+ * -------------------------------------------------------------------- *
+ * $Revision:: $ *
+ * $Date:: $ *
+ * $Tag:: 0.2.1-FINAL $ *
+ * $Author:: $ *
+ * -------------------------------------------------------------------- *
+ * Copyright (c) 2003 - 2009 by Roland Haeder *
+ * Copyright (c) 2009 - 2012 by Mailer Developer Team *
+ * For more information visit: http://mxchange.org *
+ * *
+ * This program is free software; you can redistribute it and/or modify *
+ * it under the terms of the GNU General Public License as published by *
+ * the Free Software Foundation; either version 2 of the License, or *
+ * (at your option) any later version. *
+ * *
+ * This program is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
+ * GNU General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU General Public License *
+ * along with this program; if not, write to the Free Software *
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, *
+ * MA 02110-1301 USA *
+ ************************************************************************/
+
+// Some security stuff...
+if (!defined('__SECURITY')) {
+ die();
+} // END - if
+
+// Filter to check if email address is blacklisted
+function FILTER_CHECK_EMAIL_BLACKLISTED ($filterData) {
+ // Is the email address blacklisted?
+ if (($filterData['init_done'] === TRUE) && (isEmailBlacklistEnabled()) && (isEmailBlacklisted($filterData['post_data']['email']))) {
+ // Then abort here
+ $filterData['init_done'] = FALSE;
+
+ // Run filter chain for successful detection (don't rely on other fields than 'email') here
+ runFilterChain('post_email_blacklisted', $filterData);
+ } // END - if
+
+ // Return filtered data
+ return $filterData;
+}
+
+// Filter for logging blacklisted email addresses, is being called from above filter
+function FILTER_LOG_EMAIL_BLACKLISTED ($filerData) {
+ // Make sure, that required data is there
+ assert((isset($filterData['init_done'])) && (isset($filterData['post_data']['email'])));
+
+ // @TODO Insert log entry
+
+ // Return filtered data
+ return $filterData;
+}
+
+// [EOF]
+?>
'UNKNOWN_ERROR_CODE' => "Unbekannter Fehlercode <span class=\"data\">0x{%%pipe,getHexErrorCode=%s%%}</span> erkannt.",
'LOADER_SECURITY_HASH_MISMATCH' => "Der Sicherheitshash für den Dereferrer stimmt nicht mit der URL überein.",
'URL_IS_BLACKLISTED' => "URL ist gesperrt.",
+ 'MEMBER_EMAIL_BLACKLISTED' => "Ihre Email-Adresse darf bei uns nicht verwendet werden. Bitte setzen Sie sich mit uns in Verbindung.",
'DATA_IS_HIDDEN' => "Daten sind verdeckt.",
'ADMIN_BOOKING_PACKAGE_ID' => "Buchungspaket",
'ADMIN_BOOKING_PACKAGE_LINK' => "Zum Paket ...",
die();
} // END - if
-// Inserts a given email (pattern) in blacklist if not found
-function insertEmailInBlacklist ($email, $id) {
- // Is this feature turned on and is the URL not there?
- if (!isEmailBlacklistEnabled()) {
- // Not enabled, then please don't call this function
- reportBug(__FUNCTION__, __LINE__, 'URL blacklisting is disabled, email=' . $email . ',id=' . $id);
- } elseif (!isEmailBlacklisted($email)) {
- // Did not find a record so we can add it... :)
- SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_blacklist` (`data`, `pool_id`, `type`) VALUES ('%s', %s, 'EMAIL')",
- array(
- $email,
- $id
- ), __FUNCTION__, __LINE__);
- } // END - if
-}
-
-// Checks whether given email is blacklisted
-function isEmailBlacklisted ($email) {
+// Checks whether given data is blacklisted
+function isGenericBlacklisted ($type, $data) {
// Mark it as not listed by default
$listed = FALSE;
// Is black-listing enbaled?
- if (!isEmailBlacklistEnabled()) {
+ if (!isGenericBlacklistEnabled($type)) {
// No, then all emails are not in this list
return FALSE;
- } elseif (!isset($GLOBALS['blacklist_data']['email'][$email])) {
+ } elseif (!isset($GLOBALS['blacklist_data'][$type][$data])) {
// Check black-list for given email
- $result = SQL_QUERY_ESC("SELECT UNIX_TIMESTAMP(`added`) AS `added` FROM `{?_MYSQL_PREFIX?}_blacklist` WHERE '%s' REGEXP `data` AND `type`='EMAIL' LIMIT 1",
- array($email), __FUNCTION__, __LINE__);
+ $result = SQL_QUERY_ESC("SELECT
+ `id`,
+ `data`,
+ `pool_id`,
+ `provider`,
+ `type`,
+ UNIX_TIMESTAMP(`added`) AS `added`
+FROM
+ `{?_MYSQL_PREFIX?}_blacklist`
+WHERE
+ '%s' REGEXP `data` AND
+ `type`='%s'
+LIMIT 1",
+ array(
+ $data,
+ strtoupper($type)
+ ), __FUNCTION__, __LINE__);
// Is there an entry?
if (SQL_NUMROWS($result) == 1) {
// Jupp, we got one listed
- $GLOBALS['blacklist_data']['email'][$email] = SQL_FETCHARRAY($result);
+ $GLOBALS['blacklist_data'][$type][$data] = SQL_FETCHARRAY($result);
// Mark it as listed
$listed = TRUE;
return $listed;
}
+// Inserts a given email (pattern) in blacklist if not found
+function insertEmailInBlacklist ($email, $provider = 'BLACKLIST') {
+ // Call inner function
+ insertGenericInBlacklist ('email', $email, NULL, $provider);
+}
+
+// Inserts a given URL in blacklist if not found
+function insertUrlInBlacklist ($url, $poolId, $provider = 'BLACKLIST') {
+ // Call inner function
+ insertGenericInBlacklist ('url', $url, $poolId, $provider);
+}
+
// Inserts a given URL in blacklist if not found
-function insertUrlInBlacklist ($url, $id) {
+function insertGenericInBlacklist ($type, $data, $poolId = NULL, $provider = 'BLACKLIST') {
// Is this feature turned on and is the URL not there?
- if (!isUrlBlacklistEnabled()) {
+ if (!isGenericBlacklistEnabled($type)) {
// Not enabled, then please don't call this function
- reportBug(__FUNCTION__, __LINE__, 'URL blacklisting is disabled, url=' . $url . ',id=' . $id);
- } elseif (!isUrlBlacklisted($url)) {
+ reportBug(__FUNCTION__, __LINE__, 'Blacklisting of type ' . $type . ' is disabled, data=' . $data . ',poolId=' . convertZeroToNull($poolId));
+ } elseif (!isUrlBlacklisted($data)) {
// Did not find a record so we can add it... :)
- SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_blacklist` (`data`, `pool_id`, `type`) VALUES ('%s', %s, 'URL')",
- array(
- $url,
- $id
- ), __FUNCTION__, __LINE__);
+ SQL_QUERY_ESC("INSERT INTO
+ `{?_MYSQL_PREFIX?}_blacklist`
+(
+ `data`,
+ `pool_id`,
+ `provider`,
+ `type`
+) VALUES (
+ '%s',
+ %s,
+ '%s',
+ '%s'
+)",
+ array(
+ $data,
+ convertZeroToNull($poolId),
+ $provider,
+ strtoupper($type)
+ ), __FUNCTION__, __LINE__);
} // END - if
}
+// Checks whether given email is blacklisted
+function isEmailBlacklisted ($email) {
+ // Call inner function
+ return isGenericBlacklisted('email', $email);
+}
+
// Checks whether given URL is blacklisted
function isUrlBlacklisted ($url) {
- // Mark it as not listed by default
- $listed = FALSE;
-
- // Is black-listing enbaled?
- if (!isUrlBlacklistEnabled()) {
- // No, then all URLs are not in this list
- return FALSE;
- } elseif (!isset($GLOBALS['blacklist_data']['url'][$url])) {
- // Check black-list for given URL
- $result = SQL_QUERY_ESC("SELECT UNIX_TIMESTAMP(`added`) AS `added`, `pool_id` FROM `{?_MYSQL_PREFIX?}_blacklist` WHERE `data`='%s' AND `type`='URL' LIMIT 1",
- array($url), __FUNCTION__, __LINE__);
-
- // Is there an entry?
- if (SQL_NUMROWS($result) == 1) {
- // Jupp, we got one listed
- $GLOBALS['blacklist_data']['url'][$url] = SQL_FETCHARRAY($result);
-
- // Mark it as listed
- $listed = TRUE;
- } // END - if
-
- // Free result
- SQL_FREERESULT($result);
- } else {
- // Is found in cache -> black-listed
- $listed = TRUE;
- }
-
- // Return result
- return $listed;
+ // Call inner function
+ return isGenericBlacklisted('url', $email);
}
// ----------------------------------------------------------------------------
// Configuration wrapper functions
// ----------------------------------------------------------------------------
+// Generic wrapper
+function isGenericBlacklistEnabled ($type) {
+ // Is there cache?
+ if (!isset($GLOBALS[__FUNCTION__])) {
+ // Determine it
+ $GLOBALS[__FUNCTION__] = (getConfig($type . '_blacklist') == 'Y');
+ } // END - if
+
+ // Return cache
+ return $GLOBALS[__FUNCTION__];
+}
+
// Wrapper to check if url_blacklist is enabled
function isUrlBlacklistEnabled () {
// Is there cache?
// Init filter data
$filterData = array(
// Initialization not done by default
- 'init_done' => FALSE
+ 'init_done' => FALSE,
+ 'post_data' => postRequestArray(),
);
// Init extra SQL data
addPointsThroughReferralSystem(
// Subject
'register_welcome',
- // New user's id
+ // User's id number
$filterData['register_insert_id'],
- // Points
+ // Points to add
getPointsRegister(),
// Referral id (or NULL if none set)
convertZeroToNull(postRequestElement('refid'))
// Write catgories
if (ifPostContainsSelections('cat')) {
+ // Init SQL
+ $sql = 'INSERT INTO `{?_MYSQL_PREFIX?}_user_cats` (`userid`, `cat_id`) VALUES';
+
// Write all entries
foreach (postRequestElement('cat') as $categoryId => $joined) {
// "Join" this group?
if ($joined == 'Y') {
// Insert category entry
- SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_user_cats` (`userid`, `cat_id`) VALUES (%s, %s)",
- array(
- $filterData['register_insert_id'],
- bigintval($categoryId)
- ), __FUNCTION__, __LINE__);
+ $sql .= ' (' . $filterData['register_insert_id'] . ', ' . bigintval($categoryId) . '),';
} // END - if
} // END - foreach
+
+ // Run SQL without last commata
+ SQL_QUERY(substr($sql, 0, -1), __FUNCTION__, __LINE__);
} // END - if
// Registration phase is done here, so for tester accounts we end here
// Is ZIP code set?
if (isPostRequestElementSet('zip')) {
// Prepare data array for the email template
- // Start with the gender...
$content = array(
'hash' => $GLOBALS['register_confirm_hash'],
'userid' => $filterData['register_insert_id'],
// Did the user changed the password?
if ($hash != $content['password']) {
+ // Yes
$AND = ",`password`='" . $hash . "'";
$mode = 'password';
} // END - if
- // Or did he changed his password?
+ // Or did he changed his email address?
if (postRequestElement('email') != $content['email']) {
- // Jupp
+ // Yes, but is it maybe blacklisted?
+ $filterData = array(
+ 'init_done' => TRUE
+ 'post_data' => postRequestArray()
+ );
+ $filterData = runFilterChain('pre_update_user_data', $filterData);
+
+ // Is it blacklisted?
+ if ($filterData['init_done'] === FALSE) {
+ // Blacklisted email address found
+ displayMessage('{--MEMBER_EMAIL_BLACKLISTED--}');
+ return;
+ } // END - if
+
if ($mode == 'normal') {
$mode = 'email';
} else {
projects / mailer.git / commitdiff