From ae54c205916a5ca2f303ef79e9788389bc33f212 Mon Sep 17 00:00:00 2001
From: Steven Mondji-Lerider <squidly@nnx.com>
Date: Thu, 12 Apr 2012 14:06:47 +0000
Subject: [PATCH] =?UTF-8?q?Bugfix=20divers=20et=20vari=C3=A9?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .gitattributes                             |  2 +
 bureau/admin/js/alternc.js                 | 29 +++++----
 bureau/admin/mail_alias_create.inc.php     |  8 +--
 bureau/admin/mail_list.php                 |  6 +-
 bureau/admin/mail_redirection_edit.inc.php |  6 +-
 bureau/class/lang_env.php                  |  2 +-
 bureau/class/m_mysql.php                   |  2 +-
 install/mysql.sql                          |  3 +-
 src/cron_users.sh                          | 24 ++++++++
 src/cron_users_doit.sh                     | 69 ++++++++++++++++++++++
 tests/make_mail_dataset.sh                 |  2 +-
 11 files changed, 126 insertions(+), 27 deletions(-)
 create mode 100755 src/cron_users.sh
 create mode 100755 src/cron_users_doit.sh

diff --git a/.gitattributes b/.gitattributes
index 1b37a279..e4c10b4f 100644
--- a/.gitattributes
+++ b/.gitattributes
@@ -484,6 +484,8 @@ src/alternc-check -text
 src/alternc-dboptimize -text
 src/alternc-passwd -text
 src/alternc_reload -text
+src/cron_users.sh -text
+src/cron_users_doit.sh -text
 src/du.pl -text
 src/export_account.php -text
 src/fixperms.sh -text
diff --git a/bureau/admin/js/alternc.js b/bureau/admin/js/alternc.js
index 1d14e5b5..9f15d751 100644
--- a/bureau/admin/js/alternc.js
+++ b/bureau/admin/js/alternc.js
@@ -157,18 +157,19 @@ function swap(s,shm) {
     }
 }
 
-
-function is_valid_mail(id_elem) {
-  //var reg = /^([A-Za-z0-9_\-\.])+\@([A-Za-z0-9_\-\.])+\.([A-Za-z]{2,4})$/;
-  //FIXME mail documentation doesn't expect a maximum length of the mail address : http://tools.ietf.org/html/rfc2822#section-3.4.1
-  var reg = /^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$/i; 
-var rgxp = /^[a-z0-9\!\#\$\%\&\'\*+/=?^_`{|}~-]{1,}((\.[a-z0-9\!\#\$\%\&\'\*+/=?^_`{|}~-]{1,13})?)+@(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9\-]*[a-z0-9])?$/
+/**
+* Function check_form_mail_validity
+* is used to check if a given mail is a valid RFC 2822 mail adress and set the according image onto the page.
+* @param : id_elem , id of the mail input box we are checking
+*/
+function check_mail_form_validity(id_elem) {
   var mail = document.getElementById('rcp-'+id_elem).value;
+  var mail_element = document.getElementById('rcp-'+id_elem);
   var src = "";
   var alt = "";
 
   if (mail != "" ) {
-    if(rgxp.test(mail) == false) {
+    if(is_valid_mail(mail_element.value) != true ){
       src = "images/check_no.png";
       alt = "KO";
     } else {
@@ -181,13 +182,15 @@ var rgxp = /^[a-z0-9\!\#\$\%\&\'\*+/=?^_`{|}~-]{1,}((\.[a-z0-9\!\#\$\%\&\'\*+/=?
   document.getElementById('valid-rcp-'+id_elem).alt = alt;
 }
 
-
-function is_valid_mail2() {
-  var reg = /^[A-Z0-9._%+-]+$/i; 
-  var arg = document.getElementById('mail_arg').value;
-var rgxp = /^[a-z0-9!#$%&'*+/=?^_`{|}~-]+((\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)?)+?$/
+/*
+* Function :is_valid_mail
+* @param : interger arg, an RFC 2822 mail adress
+* @return : true if arg really is formed like described in RFC 2822, else false
+*/
+function is_valid_mail(arg) {
+  //FIXME mail documentation doesn't expect a maximum length of the mail address : http://tools.ietf.org/html/rfc2822#section-3.4.1
+  var rgxp = /^[a-z0-9\!\#\$\%\&\'\*+/=?^_`{|}~-]{1,}((\.[a-z0-9\!\#\$\%\&\'\*+/=?^_`{|}~-]{1,13})?)+@(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9\-]*[a-z0-9])?$/
     if(rgxp.test(arg) == false) {
-	alert(arg+" : incorect");
 	return false;
     } else {
 	return true;
diff --git a/bureau/admin/mail_alias_create.inc.php b/bureau/admin/mail_alias_create.inc.php
index 9b3bf0d8..01286418 100644
--- a/bureau/admin/mail_alias_create.inc.php
+++ b/bureau/admin/mail_alias_create.inc.php
@@ -42,17 +42,17 @@ if (isset($error) && $error) {
 
 $dom_list = $mail->enum_domains;
 ?>
-<form action="mail_alias_doedit.php" method="post" name="mail_create" id="main" onsubmit="return is_valid_mail2()">
+<form action="mail_alias_doedit.php" method="post" name="mail_create" id="main" onsubmit="return is_valid_mail(document.getElementById('mail_arg').value+document.getElementById('dom_id').options[document.getElementById('dom_id').selectedIndex].text);">
 <table>
 <tr> 
     <td> 
-      <input type="text" class="int" name="alias" id="mail_arg" value="" size="20" maxlength="255" /> 
+      <input type="text" class="inb" name="mail_arg" id="mail_arg" value="" size="20" maxlength="255"  /> 
     </td> 
-    <td>@<select name="dom_id" id="dom_id" ><?php foreach($dom_list as $key => $val){ ?><option value="<?php echo urlencode($val['id']) ?>"><?php echo $val["domaine"] ?> </option><?php } ?> </select><td>
+    <td><select name="dom_id" id="dom_id" ><?php foreach($dom_list as $key => $val){ ?><option value="<?php echo urlencode($val['id']) ?>"><?php echo "@".$val["domaine"] ?> </option><?php } ?> </select><td>
     <td><input type="submit" class="inb" name="submit" value="<?php __("Create this alias"); ?>" /></td>
 </table>
 <input type="hidden" class="inb" name="mail_id" value="<?php echo $mail_id ; ?>" />
-<input type="hidden" class="inb" name="address_full" value="<?php echo $details["address_full"] ; ?>" />
+<input type="hidden" class="inb" name="address_full" id="address_full" value="<?php echo $details["address_full"] ; ?>" />
 
 
 </form>
diff --git a/bureau/admin/mail_list.php b/bureau/admin/mail_list.php
index a89e008c..4c3c5fdc 100644
--- a/bureau/admin/mail_list.php
+++ b/bureau/admin/mail_list.php
@@ -58,10 +58,11 @@ if (isset($error)) {
 //Mail creation.
 if ($quota->cancreate("mail")) { ?>
 <h3><?php __("Create a new mail account");?></h3>
-	<form method="post" action="mail_doadd.php" id="main" name="mail_create" onsubmit="return is_valid_mail2()">
+	<form method="post" action="mail_doadd.php" id="main" name="mail_create" onsubmit="return is_valid_mail(document.getElementById('mail_arg').value+"@"+document.getElementById('domain') )">
 		<input type="text" class="int" name="mail_arg" value="" size="20" id="mail_arg" maxlength="32" /><span id="emaildom" class="int" > <?php echo "@".$domain; ?></span>
 		<input type="hidden" name="domain_id"  value="<?php echo $domain_id;?>" />
-		<input type="hidden" name="domain"  value="<?php echo $domain;?>" />
+		<input type="hidden" name="domain" id="domain"  value="<?php echo $domain;?>" />
+		<input type="hidden" name="arg" id="arg"  value="<?php echo $domain;?>" />
 		<input type="submit" name="submit" class="inb" value="<?php __("Create"); ?>" />
 	</form>
 <?php 
@@ -99,5 +100,4 @@ while (list($key,$val)=each($mails_list)){
 ?>
 
 </table>
-
 <?php include_once("foot.php"); ?>
diff --git a/bureau/admin/mail_redirection_edit.inc.php b/bureau/admin/mail_redirection_edit.inc.php
index 509a023c..47d2fe2f 100644
--- a/bureau/admin/mail_redirection_edit.inc.php
+++ b/bureau/admin/mail_redirection_edit.inc.php
@@ -46,7 +46,7 @@ for ($ii=0;$ii <= count($lst_rcp)+10; $ii++) {
   <tr>
     <td>
       <input type="text" class="int" name="rcp[<?php echo $ii?>]" id="rcp-<?php echo $ii?>" value="<?php 
-	if (isset($lst_rcp[$ii])){ ehe($lst_rcp[$ii]);} ?>" size="20" maxlength="255" onKeyUp="javascript:is_valid_mail(<?php echo $ii; ?>);" />
+	if (isset($lst_rcp[$ii])){ ehe($lst_rcp[$ii]);} ?>" size="20" maxlength="255" onKeyUp="javascript:check_mail_form_validity(<?php echo $ii; ?>);" />
     </td>
     <td><img id="valid-rcp-<?php echo $ii?>" alt="" src="" ></td>
     <td><a href="#" onclick="javascript:delete_one_recipients(<?php echo $ii?>);" ><?php __("Delete");?></a></td>
@@ -70,7 +70,7 @@ for ($ii=0;$ii <= count($lst_rcp)+10; $ii++) {
 
 function delete_one_recipients(idelem) {
   document.getElementById('rcp-'+idelem).value='';
-  is_valid_mail(idelem);
+  check_mail_form_validity(idelem);
 }
 
 function delete_all_recipients() {
@@ -85,7 +85,7 @@ function delete_all_recipients() {
 
 
 <?php for ($ii=0;$ii <= count($lst_rcp)+10; $ii++) { ?>
-is_valid_mail(<?php echo $ii;?>);
+check_mail_form_validity(<?php echo $ii;?>);
 <?php } // for ?>
 
 
diff --git a/bureau/class/lang_env.php b/bureau/class/lang_env.php
index 10b4c243..4106236d 100644
--- a/bureau/class/lang_env.php
+++ b/bureau/class/lang_env.php
@@ -69,7 +69,7 @@ textdomain("alternc");
 if (_("") && preg_match("#charset=([A-Za-z0-9\.-]*)#",_(""),$mat)) {
   $charset=$mat[1];
  }
-if (!$charset) $charset="UTF-8";
+if (! isset($charset) || !$charset) $charset="UTF-8";
 bind_textdomain_codeset("alternc","$charset");
 
 ?>
diff --git a/bureau/class/m_mysql.php b/bureau/class/m_mysql.php
index 465f166f..28de83fc 100644
--- a/bureau/class/m_mysql.php
+++ b/bureau/class/m_mysql.php
@@ -347,7 +347,7 @@ class m_mysql {
 
     // Update all the "pass" fields for this user : 
     $db->query("UPDATE db SET pass='$password' WHERE uid='$cuid';");
-    $this->dbus->query("SET PASSWORD FOR '$login'@'$this->dbus->client' = PASSWORD('$password')");
+    $this->dbus->query("SET PASSWORD FOR ".$login."@".$this->dbus->client." = PASSWORD(".$password.");");
     return true;
   }
 
diff --git a/install/mysql.sql b/install/mysql.sql
index 4c6012d5..5fbee2c8 100644
--- a/install/mysql.sql
+++ b/install/mysql.sql
@@ -245,6 +245,7 @@ CREATE TABLE `address` (
   `expire_date` datetime DEFAULT NULL, -- Expiration date, used for temporary addresses.
   `update_date` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, -- Update date, for technical usage only.
   PRIMARY KEY (`id`),
+  UNIQUE INDEX `domain_id_idx` (`domain_id`),
   UNIQUE KEY `address` (`address`)
 ) COMMENT = 'This is the main address table. It represents an address as in RFC2822';
 
@@ -275,7 +276,7 @@ CREATE TABLE `recipient` (
   `recipients` text NOT NULL, -- Recipients
   `update_date` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, -- Update date, for technical usage only.
   PRIMARY KEY (`id`),
-  UNIQUE KEY `address_id` (`address_id`)
+  UNIQUE KEY `key_id` (`id`,`address_id`)
 ) COMMENT = 'Table containing other recipients (aliases) for an address.';
 
 --
diff --git a/src/cron_users.sh b/src/cron_users.sh
new file mode 100755
index 00000000..d609da1d
--- /dev/null
+++ b/src/cron_users.sh
@@ -0,0 +1,24 @@
+#!/bin/bash
+
+# FIXME relecture + commentaires
+
+for CONFIG_FILE in \
+      /etc/alternc/local.sh \
+      /usr/lib/alternc/functions.sh 
+  do
+    if [ ! -r "$CONFIG_FILE" ]; then
+        echo "Can't access $CONFIG_FILE."
+        exit 1
+    fi
+    . "$CONFIG_FILE"
+done
+
+max_process=2
+
+tasks () {
+$MYSQL_DO "select id, url, email, schedule, UNIX_TIMESTAMP(), user, password as now from cron c where next_execution <= now();" | while read id url email schedule now user password ; do
+  echo $id $url $email $schedule $now \"$user\" \"$password\" 
+done
+}
+
+tasks | xargs -n 7 -P $max_process --no-run-if-empty /usr/lib/alternc/cron_users_doit.sh 
diff --git a/src/cron_users_doit.sh b/src/cron_users_doit.sh
new file mode 100755
index 00000000..1b71dd79
--- /dev/null
+++ b/src/cron_users_doit.sh
@@ -0,0 +1,69 @@
+#!/bin/bash
+
+# FIXME relecture + commentaires
+
+id=$1
+url=$2
+email=$3
+schedule=$4
+now=$5
+user=$6
+password=$7
+
+timeout=5
+
+for CONFIG_FILE in \
+      /etc/alternc/local.sh \
+      /usr/lib/alternc/functions.sh 
+  do
+    if [ ! -r "$CONFIG_FILE" ]; then
+        echo "Can't access $CONFIG_FILE."
+        exit 1
+    fi
+    . "$CONFIG_FILE"
+done
+
+if [ "x$url" == "x" ] ; then
+  echo Missing arguments
+  exit 0
+fi
+
+urldecode() {
+  arg="$1"
+  i="0"
+(
+  while [ "$i" -lt ${#arg} ]; do
+    c0=${arg:$i:1}
+    if [ "x$c0" = "x%" ]; then
+      c1=${arg:$((i+1)):1}
+      c2=${arg:$((i+2)):1}
+      printf "\x$c1$c2"
+      i=$((i+3))
+    else
+      echo -n "$c0"
+      i=$((i+1))
+    fi
+  done
+) | sed -e 's/"/\\"/g' -e 's/\!/\\\!/g'
+}
+
+params=""
+if [ ! "x$user" == "x" -a ! "x$password" == "x" ]; then
+  params="--http-user=\"$(urldecode $user)\" --http-password=\"$(urldecode $password)\""
+fi
+
+echo wget -O - $params "$(urldecode $url)" --timeout=$timeout
+# FIXME envoie de mail pour le "rapport d'execution"
+
+# On calcule l'heure de la prochaine execution idéale
+((interval=$schedule * 60))
+((next=$(( $(( $now / $interval)) + 1 )) * $interval ))
+
+# On check pour pas avoir d'injection SQL
+if [[ ! "$id" =~ ^[0-9]+$ || ! "$next" =~ ^[0-9]+$ ]] ; then
+  echo "Id +$id+ or time +$next+ is incorrect."
+  return 2
+fi
+
+$MYSQL_DO "update cron set next_execution = FROM_UNIXTIME($next) where id = $id;"
+
diff --git a/tests/make_mail_dataset.sh b/tests/make_mail_dataset.sh
index bb075fa5..ede72d69 100755
--- a/tests/make_mail_dataset.sh
+++ b/tests/make_mail_dataset.sh
@@ -7,7 +7,7 @@
 #     make_mail_dataset.sh > dataset.sql
 
 # Domaine sur lequel porte le jeu de données.
-DOMAIN="test.com"
+DOMAIN="test22.com"
 
 # Identifiant du domaine.
 DOMAIN_ID=2000