From d1d0642f915932c698252e4db97faa24dc6c7e4b Mon Sep 17 00:00:00 2001 From: Michael RICOIS Date: Fri, 9 Mar 2018 17:54:36 +0100 Subject: [PATCH 1/4] Add a better way to correct email - to test --- modules/invite/invite-program.php | 116 ++++++++++++++++++++++-- override/controllers/AuthController.php | 113 +++++++++++++++++++++-- 2 files changed, 212 insertions(+), 17 deletions(-) diff --git a/modules/invite/invite-program.php b/modules/invite/invite-program.php index 1f92fd7a..c7d3e7d9 100644 --- a/modules/invite/invite-program.php +++ b/modules/invite/invite-program.php @@ -83,15 +83,113 @@ if($canSendInvitations) { $friendsFirstName = Tools::getValue('friendsFirstName'); $mails_exists = array(); foreach ($friendsEmail AS $key => $friendEmail) { - $friendEmail = strval($friendEmail); - $friendEmail = trim($friendEmail); - /** @Override Antadis - mail fixing */ - $friendEmail = str_replace(array('@hotmil.','@htmail.','@hotmal.','@hotml.','@hotmai.'),'@hotmail.',$friendEmail); - $friendEmail = str_replace(array('@gmal.','@gail.','@gml.','@gmai.','@gmil.'),'@gmail.',$friendEmail); - $friendEmail = str_replace('@gmailcom','@gmail.com',$friendEmail); - $friendEmail = str_replace('@hotmailcom','@hotmail.com',$friendEmail); - $friendEmail = str_replace('@hotmailfr','@hotmail.fr',$friendEmail); - /** @End Override Antadis - mail fixing */ + $friendEmail = $emailOri = strtolower(trim(strval($friendEmail))); + + // Prepare Check email + $domains = array( + /* Default domains included */ + "aol.com", "att.net", "comcast.net", "facebook.com", "gmail.com", "gmx.com", "googlemail.com", + "google.com", "hotmail.com", "hotmail.co.uk", "mac.com", "me.com", "mail.com", "msn.com", + "live.com", "sbcglobal.net", "verizon.net", "yahoo.com", "yahoo.co.uk", + + /* Other global domains */ + "email.com", "fastmail.fm", "games.com" /* AOL */, "gmx.net", "hush.com", "hushmail.com", "icloud.com", + "iname.com", "inbox.com", "lavabit.com", "love.com" /* AOL */, "outlook.com", "pobox.com", "protonmail.com", + "rocketmail.com" /* Yahoo */, "safe-mail.net", "wow.com" /* AOL */, "ygm.com" /* AOL */, + "ymail.com" /* Yahoo */, "zoho.com", "yandex.com", + + /* United States ISP domains */ + "bellsouth.net", "charter.net", "cox.net", "earthlink.net", "juno.com", + + /* British ISP domains */ + "btinternet.com", "virginmedia.com", "blueyonder.co.uk", "freeserve.co.uk", "live.co.uk", + "ntlworld.com", "o2.co.uk", "orange.net", "sky.com", "talktalk.co.uk", "tiscali.co.uk", + "virgin.net", "wanadoo.co.uk", "bt.com", + + /* Domains used in Asia */ + "sina.com", "qq.com", "naver.com", "hanmail.net", "daum.net", "nate.com", "yahoo.co.jp", "yahoo.co.kr", "yahoo.co.id", "yahoo.co.in", "yahoo.com.sg", "yahoo.com.ph", + + /* French ISP domains */ + "hotmail.fr", "live.fr", "laposte.net", "yahoo.fr", "wanadoo.fr", "orange.fr", "gmx.fr", "sfr.fr", "neuf.fr", "free.fr", + + /* German ISP domains */ + "gmx.de", "hotmail.de", "live.de", "online.de", "t-online.de" /* T-Mobile */, "web.de", "yahoo.de", + + /* Italian ISP domains */ + "libero.it", "virgilio.it", "hotmail.it", "aol.it", "tiscali.it", "alice.it", "live.it", "yahoo.it", "email.it", "tin.it", "poste.it", "teletu.it", + + /* Russian ISP domains */ + "mail.ru", "rambler.ru", "yandex.ru", "ya.ru", "list.ru", + + /* Belgian ISP domains */ + "hotmail.be", "live.be", "skynet.be", "voo.be", "tvcablenet.be", "telenet.be", + + /* Argentinian ISP domains */ + "hotmail.com.ar", "live.com.ar", "yahoo.com.ar", "fibertel.com.ar", "speedy.com.ar", "arnet.com.ar", + + /* Domains used in Mexico */ + "yahoo.com.mx", "live.com.mx", "hotmail.es", "hotmail.com.mx", "prodigy.net.mx", + + /* Domains used in Brazil */ + "yahoo.com.br", "hotmail.com.br", "outlook.com.br", "uol.com.br", "bol.com.br", "terra.com.br", "ig.com.br", "itelefonica.com.br", "r7.com", "zipmail.com.br", "globo.com", "globomail.com", "oi.com.br" + ); + + // Real association + $replaceSLD = array( + '@hotmil.' => '@hotmail.', + '@htmail.' => '@hotmail.', + '@hotmal.' => '@hotmail.', + '@hotml.' => '@hotmail.', + '@hotmai.' => '@hotmail.', + '@gmal.' => '@gmail.', + '@gail.' => '@gmail.', + '@gml.' => '@gmail.', + '@gmai.' => '@gmail.', + '@gmil.' => '@gmail.', + ); + + $replaceGlobal = array( + '@gmailcom' => '@gmail.com', + '@hotmailcom' => '@hotmail.com', + '@hotmailfr' => '@hotmail.fr', + ); + // Real use case replacement + $friendEmail = strtr($friendEmail, $replaceGlobal); + + // Check TLD + $atPos = strpos($friendEmail, '@'); + $pointPos = strpos($friendEmail, '.', $atPos); + $tld = substr($friendEmail, $pointPos + 1); + $sld = substr($friendEmail, $atPos + 1, strlen($friendEmail) - ($atPos+1) - (strlen($tld)+1) ); + if (empty($tld)) { + $this->errors[] = Tools::displayError('Invalid email'); + $_POST['email'] = ''; + } + if (empty($this->errors)) { + // If you have a complete list of TLD, check it ! + } + + // Check SLD + if (empty($this->errors)) { + // Real use case replacement + $friendEmail = strtr($friendEmail, $replaceSLD); + // Levenhstein remplacement + if (count($domains) > 0 && $friendEmail == $emailOri) { + foreach ($domains as $d) { + $dpPos = strpos($d, '.'); + $realDomain = substr($d, 0, $dpPos); + $lev = levenshtein($sld, $realDomain); + if ($lev == O) { + break; + } + elseif ($lev == 1 && $tld == substr($d, $dpPos+1)) { + $friendEmail = str_replace('@'.$sld.'.', '@'.$realDomain.'.', $friendEmail); + break; + } + } + } + } + if($askName) { $friendLastName = strval($friendsLastName[$key]); $friendFirstName = strval($friendsFirstName[$key]); diff --git a/override/controllers/AuthController.php b/override/controllers/AuthController.php index 2fffa775..14090287 100755 --- a/override/controllers/AuthController.php +++ b/override/controllers/AuthController.php @@ -114,15 +114,112 @@ class AuthController extends AuthControllerCore if (Tools::getValue('guest_email') !== false) { $email = Tools::getValue('guest_email'); } - $email = strtolower(trim($email)); + $email = $emailOri = strtolower(trim($email)); - /** @Override Antadis - mail fixing */ - $email = str_replace(array('@hotmil.','@htmail.','@hotmal.','@hotml.','@hotmai.'),'@hotmail.', $email); - $email = str_replace(array('@gmal.','@gail.','@gml.','@gmai.','@gmil.'),'@gmail.', $email); - $email = str_replace('@gmailcom','@gmail.com', $email); - $email = str_replace('@hotmailcom','@hotmail.com', $email); - $email = str_replace('@hotmailfr','@hotmail.fr', $email); - /** @End Override Antadis - mail fixing */ + // Prepare Check email + $domains = array( + /* Default domains included */ + "aol.com", "att.net", "comcast.net", "facebook.com", "gmail.com", "gmx.com", "googlemail.com", + "google.com", "hotmail.com", "hotmail.co.uk", "mac.com", "me.com", "mail.com", "msn.com", + "live.com", "sbcglobal.net", "verizon.net", "yahoo.com", "yahoo.co.uk", + + /* Other global domains */ + "email.com", "fastmail.fm", "games.com" /* AOL */, "gmx.net", "hush.com", "hushmail.com", "icloud.com", + "iname.com", "inbox.com", "lavabit.com", "love.com" /* AOL */, "outlook.com", "pobox.com", "protonmail.com", + "rocketmail.com" /* Yahoo */, "safe-mail.net", "wow.com" /* AOL */, "ygm.com" /* AOL */, + "ymail.com" /* Yahoo */, "zoho.com", "yandex.com", + + /* United States ISP domains */ + "bellsouth.net", "charter.net", "cox.net", "earthlink.net", "juno.com", + + /* British ISP domains */ + "btinternet.com", "virginmedia.com", "blueyonder.co.uk", "freeserve.co.uk", "live.co.uk", + "ntlworld.com", "o2.co.uk", "orange.net", "sky.com", "talktalk.co.uk", "tiscali.co.uk", + "virgin.net", "wanadoo.co.uk", "bt.com", + + /* Domains used in Asia */ + "sina.com", "qq.com", "naver.com", "hanmail.net", "daum.net", "nate.com", "yahoo.co.jp", "yahoo.co.kr", "yahoo.co.id", "yahoo.co.in", "yahoo.com.sg", "yahoo.com.ph", + + /* French ISP domains */ + "hotmail.fr", "live.fr", "laposte.net", "yahoo.fr", "wanadoo.fr", "orange.fr", "gmx.fr", "sfr.fr", "neuf.fr", "free.fr", + + /* German ISP domains */ + "gmx.de", "hotmail.de", "live.de", "online.de", "t-online.de" /* T-Mobile */, "web.de", "yahoo.de", + + /* Italian ISP domains */ + "libero.it", "virgilio.it", "hotmail.it", "aol.it", "tiscali.it", "alice.it", "live.it", "yahoo.it", "email.it", "tin.it", "poste.it", "teletu.it", + + /* Russian ISP domains */ + "mail.ru", "rambler.ru", "yandex.ru", "ya.ru", "list.ru", + + /* Belgian ISP domains */ + "hotmail.be", "live.be", "skynet.be", "voo.be", "tvcablenet.be", "telenet.be", + + /* Argentinian ISP domains */ + "hotmail.com.ar", "live.com.ar", "yahoo.com.ar", "fibertel.com.ar", "speedy.com.ar", "arnet.com.ar", + + /* Domains used in Mexico */ + "yahoo.com.mx", "live.com.mx", "hotmail.es", "hotmail.com.mx", "prodigy.net.mx", + + /* Domains used in Brazil */ + "yahoo.com.br", "hotmail.com.br", "outlook.com.br", "uol.com.br", "bol.com.br", "terra.com.br", "ig.com.br", "itelefonica.com.br", "r7.com", "zipmail.com.br", "globo.com", "globomail.com", "oi.com.br" + ); + + // Real association + $replaceSLD = array( + '@hotmil.' => '@hotmail.', + '@htmail.' => '@hotmail.', + '@hotmal.' => '@hotmail.', + '@hotml.' => '@hotmail.', + '@hotmai.' => '@hotmail.', + '@gmal.' => '@gmail.', + '@gail.' => '@gmail.', + '@gml.' => '@gmail.', + '@gmai.' => '@gmail.', + '@gmil.' => '@gmail.', + ); + + $replaceGlobal = array( + '@gmailcom' => '@gmail.com', + '@hotmailcom' => '@hotmail.com', + '@hotmailfr' => '@hotmail.fr', + ); + // Real use case replacement + $email = strtr($email, $replaceGlobal); + + // Check TLD + $atPos = strpos($email, '@'); + $pointPos = strpos($email, '.', $atPos); + $tld = substr($email, $pointPos + 1); + $sld = substr($email, $atPos + 1, strlen($email) - ($atPos+1) - (strlen($tld)+1) ); + if (empty($tld)) { + $this->errors[] = Tools::displayError('Invalid email'); + $_POST['email'] = ''; + } + if (empty($this->errors)) { + // If you have a complete list of TLD, check it ! + } + + // Check SLD + if (empty($this->errors)) { + // Real use case replacement + $email = strtr($email, $replaceSLD); + // Levenhstein remplacement + if (count($domains) > 0 && $email == $emailOri) { + foreach ($domains as $d) { + $dpPos = strpos($d, '.'); + $realDomain = substr($d, 0, $dpPos); + $lev = levenshtein($sld, $realDomain); + if ($lev == O) { + break; + } + elseif ($lev == 1 && $tld == substr($d, $dpPos+1)) { + $email = str_replace('@'.$sld.'.', '@'.$realDomain.'.', $email); + break; + } + } + } + } /* Preparing customer */ $customer = new Customer(); From 1920a84634c95eb392e1138c42f57aaf7c91b770 Mon Sep 17 00:00:00 2001 From: Michael RICOIS Date: Mon, 12 Mar 2018 11:52:00 +0100 Subject: [PATCH 2/4] Add rules --- modules/invite/invite-program.php | 30 +++++++++++++------------ override/controllers/AuthController.php | 30 +++++++++++++------------ 2 files changed, 32 insertions(+), 28 deletions(-) diff --git a/modules/invite/invite-program.php b/modules/invite/invite-program.php index c7d3e7d9..677df232 100644 --- a/modules/invite/invite-program.php +++ b/modules/invite/invite-program.php @@ -136,22 +136,24 @@ if($canSendInvitations) { // Real association $replaceSLD = array( - '@hotmil.' => '@hotmail.', - '@htmail.' => '@hotmail.', - '@hotmal.' => '@hotmail.', - '@hotml.' => '@hotmail.', - '@hotmai.' => '@hotmail.', - '@gmal.' => '@gmail.', - '@gail.' => '@gmail.', - '@gml.' => '@gmail.', - '@gmai.' => '@gmail.', - '@gmil.' => '@gmail.', + '@hotmil.' => '@hotmail.', + '@htmail.' => '@hotmail.', + '@hotmal.' => '@hotmail.', + '@hotml.' => '@hotmail.', + '@hotmai.' => '@hotmail.', + '@gmal.' => '@gmail.', + '@gail.' => '@gmail.', + '@gml.' => '@gmail.', + '@gmai.' => '@gmail.', + '@gmil.' => '@gmail.', ); $replaceGlobal = array( - '@gmailcom' => '@gmail.com', - '@hotmailcom' => '@hotmail.com', - '@hotmailfr' => '@hotmail.fr', + '@gmailcom' => '@gmail.com', + '@hotmailcom' => '@hotmail.com', + '@hotmailfr' => '@hotmail.fr', + '@yahoocom' => '@yahoo.com', + '@yahoofr' => '@yahoo.fr', ); // Real use case replacement $friendEmail = strtr($friendEmail, $replaceGlobal); @@ -163,7 +165,7 @@ if($canSendInvitations) { $sld = substr($friendEmail, $atPos + 1, strlen($friendEmail) - ($atPos+1) - (strlen($tld)+1) ); if (empty($tld)) { $this->errors[] = Tools::displayError('Invalid email'); - $_POST['email'] = ''; + $_POST['friendsEmail'] = ''; } if (empty($this->errors)) { // If you have a complete list of TLD, check it ! diff --git a/override/controllers/AuthController.php b/override/controllers/AuthController.php index 14090287..6ff86597 100755 --- a/override/controllers/AuthController.php +++ b/override/controllers/AuthController.php @@ -167,22 +167,24 @@ class AuthController extends AuthControllerCore // Real association $replaceSLD = array( - '@hotmil.' => '@hotmail.', - '@htmail.' => '@hotmail.', - '@hotmal.' => '@hotmail.', - '@hotml.' => '@hotmail.', - '@hotmai.' => '@hotmail.', - '@gmal.' => '@gmail.', - '@gail.' => '@gmail.', - '@gml.' => '@gmail.', - '@gmai.' => '@gmail.', - '@gmil.' => '@gmail.', + '@hotmil.' => '@hotmail.', + '@htmail.' => '@hotmail.', + '@hotmal.' => '@hotmail.', + '@hotml.' => '@hotmail.', + '@hotmai.' => '@hotmail.', + '@gmal.' => '@gmail.', + '@gail.' => '@gmail.', + '@gml.' => '@gmail.', + '@gmai.' => '@gmail.', + '@gmil.' => '@gmail.', ); $replaceGlobal = array( - '@gmailcom' => '@gmail.com', - '@hotmailcom' => '@hotmail.com', - '@hotmailfr' => '@hotmail.fr', + '@gmailcom' => '@gmail.com', + '@hotmailcom' => '@hotmail.com', + '@hotmailfr' => '@hotmail.fr', + '@yahoocom' => '@yahoo.com', + '@yahoofr' => '@yahoo.fr', ); // Real use case replacement $email = strtr($email, $replaceGlobal); @@ -220,7 +222,7 @@ class AuthController extends AuthControllerCore } } } - +echo $email; exit; /* Preparing customer */ $customer = new Customer(); $lastnameAddress = $_POST['lastname']; From eea2e769d16539e86dfe4f2e23e0fcb442e0950c Mon Sep 17 00:00:00 2001 From: Michael RICOIS Date: Wed, 14 Mar 2018 11:17:26 +0100 Subject: [PATCH 3/4] Remove break point --- override/controllers/AuthController.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/override/controllers/AuthController.php b/override/controllers/AuthController.php index 6ff86597..ae1af20c 100755 --- a/override/controllers/AuthController.php +++ b/override/controllers/AuthController.php @@ -222,7 +222,7 @@ class AuthController extends AuthControllerCore } } } -echo $email; exit; + /* Preparing customer */ $customer = new Customer(); $lastnameAddress = $_POST['lastname']; From a4625499c0af2498b9484e29a2b3c31ed480058f Mon Sep 17 00:00:00 2001 From: Michael RICOIS Date: Thu, 15 Mar 2018 11:21:41 +0100 Subject: [PATCH 4/4] Override email value --- override/controllers/AuthController.php | 19 ++++++++++++++----- 1 file changed, 14 insertions(+), 5 deletions(-) diff --git a/override/controllers/AuthController.php b/override/controllers/AuthController.php index ae1af20c..e3fce904 100755 --- a/override/controllers/AuthController.php +++ b/override/controllers/AuthController.php @@ -239,14 +239,16 @@ class AuthController extends AuthControllerCore $_POST['firstname'] = $firstnameAddress; if (!sizeof($this->errors)) { - if(Customer::customerExists($email)) { + if (Customer::customerExists($email)) { $this->errors[] = Tools::displayError('An account is already registered with this e-mail, please fill in the password or request a new one.'); } - if(Tools::isSubmit('newsletter')) { + + if (Tools::isSubmit('newsletter')) { $customer->ip_registration_newsletter = pSQL(Tools::getRemoteAddr()); $customer->newsletter_date_add = pSQL(date('Y-m-d H:i:s')); } + $customer->email = $_POST['email'] = $email; $customer->birthday = (empty($_POST['years'])? '': (int)($_POST['years']).'-'.(int)($_POST['months']).'-'.(int)($_POST['days'])); if (!sizeof($this->errors)) { @@ -257,13 +259,20 @@ class AuthController extends AuthControllerCore } else { $customer->is_guest = 0; } + if (!$customer->add()) { $this->errors[] = Tools::displayError('An error occurred while creating your account.'); } else { - if(!$customer->is_guest) { + if (!$customer->is_guest) { if(!Mail::Send((int)(self::$cookie->id_lang), 'account', Mail::l('Welcome!'), - array('{firstname}' => $customer->firstname, '{lastname}' => $customer->lastname, '{email}' => $customer->email, '{passwd}' => Tools::getValue('passwd')), $customer->email, $customer->firstname.' '.$customer->lastname)) - $this->errors[] = Tools::displayError('Cannot send email'); + array( + '{firstname}' => $customer->firstname, + '{lastname}' => $customer->lastname, + '{email}' => $customer->email, + '{passwd}' => Tools::getValue('passwd') + ), $customer->email, $customer->firstname.' '.$customer->lastname)) { + $this->errors[] = Tools::displayError('Cannot send email'); + } } global $site_version_front;