Merge branch 'ticket/r15975-contact-spam' into develop

This commit is contained in:
Michael RICOIS 2018-02-06 11:19:36 +01:00
commit 11f40df725
3 changed files with 41 additions and 25 deletions

View File

@ -115,7 +115,8 @@ class Suspect extends ObjectModel
$domain_name = strtolower(substr(strrchr($email, '@'), 1));
// Exclusion de domains spé
$exclude_domains = array('qq.com','sina.com','tom.com','yahoo.cn','yahoo.com.cn','cntv.cn','sohu.com','vip.sohu.com','21cn.com');
$exclude_domains = array('qq.com','sina.com','tom.com','yahoo.cn','yahoo.com.cn',
'cntv.cn','sohu.com','vip.sohu.com','21cn.com', 'mail.ru', 'list.ru');
if (in_array($domain_name, $exclude_domains)) {
return true;
}

View File

@ -37,7 +37,7 @@ if ($cookie->isLogged()) {
if (Tools::isSubmit('submitMessage')) {
$alert_mode = false;
if(Module::isInstalled('ant_alerthack')) {
if (Module::isInstalled('ant_alerthack')) {
$alert_mode = true;
include_once dirname(__FILE__).'/../../modules/ant_alerthack/models/Suspect.php';
}
@ -51,6 +51,7 @@ if (Tools::isSubmit('submitMessage')) {
$fileAttachment['name'] = $_FILES['fileUpload']['name'];
$fileAttachment['mime'] = $_FILES['fileUpload']['type'];
}
$message = Tools::htmlentitiesUTF8(Tools::getValue('message'));
if (Tools::getValue('email2') != '') {
$this->errors[] = Tools::displayError('Invalid');
@ -58,46 +59,46 @@ if (Tools::isSubmit('submitMessage')) {
elseif (preg_match("/\p{Han}+/u", $message)) {
$this->errors[] = Tools::displayError('Invalid message');
}
elseif (!($from = trim(Tools::getValue('from'))) OR !Validate::isEmail($from)){
elseif (!($from = trim(Tools::getValue('from'))) OR !Validate::isEmail($from)) {
$errors[] = Tools::displayError('Invalid e-mail address');
}
elseif ($alert_mode && Suspect::isBannished($from)){
elseif ($alert_mode && Suspect::isBannished($from)) {
$errors[] = Tools::displayError('Message cannot be sent.');
}
elseif (!($message = nl2br2($message))){
$errors[] = Tools::displayError('Message cannot be blank');
}
elseif (!Validate::isCleanHtml($message)){
elseif (!Validate::isCleanHtml($message)) {
$errors[] = Tools::displayError('Invalid message');
}
elseif (!($id_contact = (int)(Tools::getValue('id_contact'))) OR !(Validate::isLoadedObject($contact = new Contact((int)($id_contact), (int)($cookie->id_lang))))){
elseif (!($id_contact = (int)(Tools::getValue('id_contact'))) OR !(Validate::isLoadedObject($contact = new Contact((int)($id_contact), (int)($cookie->id_lang))))) {
$errors[] = Tools::displayError('Please select a subject on the list.');
}
elseif (($id_contact = (int)(Tools::getValue('id_contact'))) && $id_contact == 9 && !Tools::getValue('id_reason')){
elseif (($id_contact = (int)(Tools::getValue('id_contact'))) && $id_contact == 9 && !Tools::getValue('id_reason')) {
$errors[] = Tools::displayError('Please select a reason on the list.');
}
elseif (($id_contact = (int)(Tools::getValue('id_contact'))) && ($id_contact == 9 || $id_contact == 1 || $id_contact == 2) && !Tools::getValue('id_order')){
elseif (($id_contact = (int)(Tools::getValue('id_contact'))) && ($id_contact == 9 || $id_contact == 1 || $id_contact == 2) && !Tools::getValue('id_order')) {
$errors[] = Tools::displayError('Please enter/choose an order ID');
}
elseif (($id_contact = (int)(Tools::getValue('id_contact'))) && $id_contact == 1 && !Tools::getValue('id_products')){
elseif (($id_contact = (int)(Tools::getValue('id_contact'))) && $id_contact == 1 && !Tools::getValue('id_products')) {
if((int)($cookie->id_customer)){
$errors[] = Tools::displayError('Please choose a product');
} else {
$errors[] = Tools::displayError('You have to be logged');
}
}
elseif (!empty($_FILES['fileUpload']['name']) AND $_FILES['fileUpload']['error'] != 0){
elseif (!empty($_FILES['fileUpload']['name']) AND $_FILES['fileUpload']['error'] != 0) {
$errors[] = Tools::displayError('An error occurred during the file upload');
}
elseif (!empty($_FILES['fileUpload']['name']) AND !in_array(substr($_FILES['fileUpload']['name'], -4), $extension) AND !in_array(substr($_FILES['fileUpload']['name'], -5), $extension)){
elseif (!empty($_FILES['fileUpload']['name']) AND !in_array(substr($_FILES['fileUpload']['name'], -4), $extension) AND !in_array(substr($_FILES['fileUpload']['name'], -5), $extension)) {
$errors[] = Tools::displayError('Bad file extension');
}
else
{
if ((int)($cookie->id_customer))
if ((int)($cookie->id_customer)){
$customer = new Customer((int)($cookie->id_customer));
else
{
}
else {
$customer = new Customer();
$customer->getByEmail($from);
}

View File

@ -41,7 +41,7 @@ class ContactController extends ContactControllerCore {
if (Tools::isSubmit('submitMessage'))
{
$alert_mode = false;
if(Module::isInstalled('ant_alerthack')) {
if (Module::isInstalled('ant_alerthack')) {
$alert_mode = true;
include_once dirname(__FILE__).'/../../modules/ant_alerthack/models/Suspect.php';
}
@ -55,6 +55,7 @@ class ContactController extends ContactControllerCore {
$fileAttachment['name'] = $_FILES['fileUpload']['name'];
$fileAttachment['mime'] = $_FILES['fileUpload']['type'];
}
$message = Tools::htmlentitiesUTF8(Tools::getValue('message'));
if (Tools::getValue('email2') != '') {
$this->errors[] = Tools::displayError('Invalid');
@ -62,33 +63,46 @@ class ContactController extends ContactControllerCore {
elseif (preg_match("/\p{Han}+/u", $message)) {
$this->errors[] = Tools::displayError('Invalid message');
}
elseif (!($from = trim(Tools::getValue('from'))) OR !Validate::isEmail($from)){
elseif (!($from = trim(Tools::getValue('from'))) OR !Validate::isEmail($from)) {
$this->errors[] = Tools::displayError('Invalid e-mail address');
}
elseif ($alert_mode AND Suspect::isBannished($from)){
elseif ($alert_mode && Suspect::isBannished($from)) {
$this->errors[] = Tools::displayError('Message cannot be sent.');
}
elseif (!($message = nl2br2($message))){
elseif (!($message = nl2br2($message))) {
$this->errors[] = Tools::displayError('Message cannot be blank');
}
elseif (!Validate::isCleanHtml($message)){
elseif (!Validate::isCleanHtml($message)) {
$this->errors[] = Tools::displayError('Invalid message');
}
elseif (!($id_contact = (int)(Tools::getValue('id_contact'))) OR !(Validate::isLoadedObject($contact = new Contact((int)($id_contact), (int)(self::$cookie->id_lang))))){
elseif (!($id_contact = (int)(Tools::getValue('id_contact'))) OR !(Validate::isLoadedObject($contact = new Contact((int)($id_contact), (int)(self::$cookie->id_lang))))) {
$this->errors[] = Tools::displayError('Please select a subject on the list.');
}
elseif (!empty($_FILES['fileUpload']['name']) AND $_FILES['fileUpload']['error'] != 0){
elseif (($id_contact = (int)(Tools::getValue('id_contact'))) && $id_contact == 9 && !Tools::getValue('id_reason')) {
$this->errors[] = Tools::displayError('Please select a reason on the list.');
}
elseif (($id_contact = (int)(Tools::getValue('id_contact'))) && ($id_contact == 9 || $id_contact == 1 || $id_contact == 2) && !Tools::getValue('id_order')) {
$this->errors[] = Tools::displayError('Please enter/choose an order ID');
}
elseif (($id_contact = (int)(Tools::getValue('id_contact'))) && $id_contact == 1 && !Tools::getValue('id_products')) {
if((int)(self::$cookie->id_customer)) {
$this->errors[] = Tools::displayError('Please choose a product');
} else {
$this->errors[] = Tools::displayError('You have to be logged');
}
}
elseif (!empty($_FILES['fileUpload']['name']) AND $_FILES['fileUpload']['error'] != 0) {
$this->errors[] = Tools::displayError('An error occurred during the file upload');
}
elseif (!empty($_FILES['fileUpload']['name']) AND !in_array(substr($_FILES['fileUpload']['name'], -4), $extension) AND !in_array(substr($_FILES['fileUpload']['name'], -5), $extension)){
elseif (!empty($_FILES['fileUpload']['name']) AND !in_array(substr($_FILES['fileUpload']['name'], -4), $extension) AND !in_array(substr($_FILES['fileUpload']['name'], -5), $extension)) {
$this->errors[] = Tools::displayError('Bad file extension');
}
else
{
if ((int)(self::$cookie->id_customer))
if ((int)(self::$cookie->id_customer)) {
$customer = new Customer((int)(self::$cookie->id_customer));
else
{
}
else {
$customer = new Customer();
$customer->getByEmail($from);
}