Add fix for spam

This commit is contained in:
Michael RICOIS 2018-02-06 10:48:30 +01:00
parent a12ab8132a
commit 3768576288
3 changed files with 41 additions and 25 deletions

View File

@ -115,7 +115,8 @@ class Suspect extends ObjectModel
$domain_name = strtolower(substr(strrchr($email, '@'), 1)); $domain_name = strtolower(substr(strrchr($email, '@'), 1));
// Exclusion de domains spé // Exclusion de domains spé
$exclude_domains = array('qq.com','sina.com','tom.com','yahoo.cn','yahoo.com.cn','cntv.cn','sohu.com','vip.sohu.com','21cn.com'); $exclude_domains = array('qq.com','sina.com','tom.com','yahoo.cn','yahoo.com.cn',
'cntv.cn','sohu.com','vip.sohu.com','21cn.com', 'mail.ru', 'list.ru');
if (in_array($domain_name, $exclude_domains)) { if (in_array($domain_name, $exclude_domains)) {
return true; return true;
} }

View File

@ -37,7 +37,7 @@ if ($cookie->isLogged()) {
if (Tools::isSubmit('submitMessage')) { if (Tools::isSubmit('submitMessage')) {
$alert_mode = false; $alert_mode = false;
if(Module::isInstalled('ant_alerthack')) { if (Module::isInstalled('ant_alerthack')) {
$alert_mode = true; $alert_mode = true;
include_once dirname(__FILE__).'/../../modules/ant_alerthack/models/Suspect.php'; include_once dirname(__FILE__).'/../../modules/ant_alerthack/models/Suspect.php';
} }
@ -51,6 +51,7 @@ if (Tools::isSubmit('submitMessage')) {
$fileAttachment['name'] = $_FILES['fileUpload']['name']; $fileAttachment['name'] = $_FILES['fileUpload']['name'];
$fileAttachment['mime'] = $_FILES['fileUpload']['type']; $fileAttachment['mime'] = $_FILES['fileUpload']['type'];
} }
$message = Tools::htmlentitiesUTF8(Tools::getValue('message')); $message = Tools::htmlentitiesUTF8(Tools::getValue('message'));
if (Tools::getValue('email2') != '') { if (Tools::getValue('email2') != '') {
$this->errors[] = Tools::displayError('Invalid'); $this->errors[] = Tools::displayError('Invalid');
@ -58,46 +59,46 @@ if (Tools::isSubmit('submitMessage')) {
elseif (preg_match("/\p{Han}+/u", $message)) { elseif (preg_match("/\p{Han}+/u", $message)) {
$this->errors[] = Tools::displayError('Invalid message'); $this->errors[] = Tools::displayError('Invalid message');
} }
elseif (!($from = trim(Tools::getValue('from'))) OR !Validate::isEmail($from)){ elseif (!($from = trim(Tools::getValue('from'))) OR !Validate::isEmail($from)) {
$errors[] = Tools::displayError('Invalid e-mail address'); $errors[] = Tools::displayError('Invalid e-mail address');
} }
elseif ($alert_mode && Suspect::isBannished($from)){ elseif ($alert_mode && Suspect::isBannished($from)) {
$errors[] = Tools::displayError('Message cannot be sent.'); $errors[] = Tools::displayError('Message cannot be sent.');
} }
elseif (!($message = nl2br2($message))){ elseif (!($message = nl2br2($message))){
$errors[] = Tools::displayError('Message cannot be blank'); $errors[] = Tools::displayError('Message cannot be blank');
} }
elseif (!Validate::isCleanHtml($message)){ elseif (!Validate::isCleanHtml($message)) {
$errors[] = Tools::displayError('Invalid message'); $errors[] = Tools::displayError('Invalid message');
} }
elseif (!($id_contact = (int)(Tools::getValue('id_contact'))) OR !(Validate::isLoadedObject($contact = new Contact((int)($id_contact), (int)($cookie->id_lang))))){ elseif (!($id_contact = (int)(Tools::getValue('id_contact'))) OR !(Validate::isLoadedObject($contact = new Contact((int)($id_contact), (int)($cookie->id_lang))))) {
$errors[] = Tools::displayError('Please select a subject on the list.'); $errors[] = Tools::displayError('Please select a subject on the list.');
} }
elseif (($id_contact = (int)(Tools::getValue('id_contact'))) && $id_contact == 9 && !Tools::getValue('id_reason')){ elseif (($id_contact = (int)(Tools::getValue('id_contact'))) && $id_contact == 9 && !Tools::getValue('id_reason')) {
$errors[] = Tools::displayError('Please select a reason on the list.'); $errors[] = Tools::displayError('Please select a reason on the list.');
} }
elseif (($id_contact = (int)(Tools::getValue('id_contact'))) && ($id_contact == 9 || $id_contact == 1 || $id_contact == 2) && !Tools::getValue('id_order')){ elseif (($id_contact = (int)(Tools::getValue('id_contact'))) && ($id_contact == 9 || $id_contact == 1 || $id_contact == 2) && !Tools::getValue('id_order')) {
$errors[] = Tools::displayError('Please enter/choose an order ID'); $errors[] = Tools::displayError('Please enter/choose an order ID');
} }
elseif (($id_contact = (int)(Tools::getValue('id_contact'))) && $id_contact == 1 && !Tools::getValue('id_products')){ elseif (($id_contact = (int)(Tools::getValue('id_contact'))) && $id_contact == 1 && !Tools::getValue('id_products')) {
if((int)($cookie->id_customer)){ if((int)($cookie->id_customer)){
$errors[] = Tools::displayError('Please choose a product'); $errors[] = Tools::displayError('Please choose a product');
} else { } else {
$errors[] = Tools::displayError('You have to be logged'); $errors[] = Tools::displayError('You have to be logged');
} }
} }
elseif (!empty($_FILES['fileUpload']['name']) AND $_FILES['fileUpload']['error'] != 0){ elseif (!empty($_FILES['fileUpload']['name']) AND $_FILES['fileUpload']['error'] != 0) {
$errors[] = Tools::displayError('An error occurred during the file upload'); $errors[] = Tools::displayError('An error occurred during the file upload');
} }
elseif (!empty($_FILES['fileUpload']['name']) AND !in_array(substr($_FILES['fileUpload']['name'], -4), $extension) AND !in_array(substr($_FILES['fileUpload']['name'], -5), $extension)){ elseif (!empty($_FILES['fileUpload']['name']) AND !in_array(substr($_FILES['fileUpload']['name'], -4), $extension) AND !in_array(substr($_FILES['fileUpload']['name'], -5), $extension)) {
$errors[] = Tools::displayError('Bad file extension'); $errors[] = Tools::displayError('Bad file extension');
} }
else else
{ {
if ((int)($cookie->id_customer)) if ((int)($cookie->id_customer)){
$customer = new Customer((int)($cookie->id_customer)); $customer = new Customer((int)($cookie->id_customer));
else }
{ else {
$customer = new Customer(); $customer = new Customer();
$customer->getByEmail($from); $customer->getByEmail($from);
} }

View File

@ -41,7 +41,7 @@ class ContactController extends ContactControllerCore {
if (Tools::isSubmit('submitMessage')) if (Tools::isSubmit('submitMessage'))
{ {
$alert_mode = false; $alert_mode = false;
if(Module::isInstalled('ant_alerthack')) { if (Module::isInstalled('ant_alerthack')) {
$alert_mode = true; $alert_mode = true;
include_once dirname(__FILE__).'/../../modules/ant_alerthack/models/Suspect.php'; include_once dirname(__FILE__).'/../../modules/ant_alerthack/models/Suspect.php';
} }
@ -55,6 +55,7 @@ class ContactController extends ContactControllerCore {
$fileAttachment['name'] = $_FILES['fileUpload']['name']; $fileAttachment['name'] = $_FILES['fileUpload']['name'];
$fileAttachment['mime'] = $_FILES['fileUpload']['type']; $fileAttachment['mime'] = $_FILES['fileUpload']['type'];
} }
$message = Tools::htmlentitiesUTF8(Tools::getValue('message')); $message = Tools::htmlentitiesUTF8(Tools::getValue('message'));
if (Tools::getValue('email2') != '') { if (Tools::getValue('email2') != '') {
$this->errors[] = Tools::displayError('Invalid'); $this->errors[] = Tools::displayError('Invalid');
@ -62,33 +63,46 @@ class ContactController extends ContactControllerCore {
elseif (preg_match("/\p{Han}+/u", $message)) { elseif (preg_match("/\p{Han}+/u", $message)) {
$this->errors[] = Tools::displayError('Invalid message'); $this->errors[] = Tools::displayError('Invalid message');
} }
elseif (!($from = trim(Tools::getValue('from'))) OR !Validate::isEmail($from)){ elseif (!($from = trim(Tools::getValue('from'))) OR !Validate::isEmail($from)) {
$this->errors[] = Tools::displayError('Invalid e-mail address'); $this->errors[] = Tools::displayError('Invalid e-mail address');
} }
elseif ($alert_mode AND Suspect::isBannished($from)){ elseif ($alert_mode && Suspect::isBannished($from)) {
$this->errors[] = Tools::displayError('Message cannot be sent.'); $this->errors[] = Tools::displayError('Message cannot be sent.');
} }
elseif (!($message = nl2br2($message))){ elseif (!($message = nl2br2($message))) {
$this->errors[] = Tools::displayError('Message cannot be blank'); $this->errors[] = Tools::displayError('Message cannot be blank');
} }
elseif (!Validate::isCleanHtml($message)){ elseif (!Validate::isCleanHtml($message)) {
$this->errors[] = Tools::displayError('Invalid message'); $this->errors[] = Tools::displayError('Invalid message');
} }
elseif (!($id_contact = (int)(Tools::getValue('id_contact'))) OR !(Validate::isLoadedObject($contact = new Contact((int)($id_contact), (int)(self::$cookie->id_lang))))){ elseif (!($id_contact = (int)(Tools::getValue('id_contact'))) OR !(Validate::isLoadedObject($contact = new Contact((int)($id_contact), (int)(self::$cookie->id_lang))))) {
$this->errors[] = Tools::displayError('Please select a subject on the list.'); $this->errors[] = Tools::displayError('Please select a subject on the list.');
} }
elseif (!empty($_FILES['fileUpload']['name']) AND $_FILES['fileUpload']['error'] != 0){ elseif (($id_contact = (int)(Tools::getValue('id_contact'))) && $id_contact == 9 && !Tools::getValue('id_reason')) {
$this->errors[] = Tools::displayError('Please select a reason on the list.');
}
elseif (($id_contact = (int)(Tools::getValue('id_contact'))) && ($id_contact == 9 || $id_contact == 1 || $id_contact == 2) && !Tools::getValue('id_order')) {
$this->errors[] = Tools::displayError('Please enter/choose an order ID');
}
elseif (($id_contact = (int)(Tools::getValue('id_contact'))) && $id_contact == 1 && !Tools::getValue('id_products')) {
if((int)(self::$cookie->id_customer)) {
$this->errors[] = Tools::displayError('Please choose a product');
} else {
$this->errors[] = Tools::displayError('You have to be logged');
}
}
elseif (!empty($_FILES['fileUpload']['name']) AND $_FILES['fileUpload']['error'] != 0) {
$this->errors[] = Tools::displayError('An error occurred during the file upload'); $this->errors[] = Tools::displayError('An error occurred during the file upload');
} }
elseif (!empty($_FILES['fileUpload']['name']) AND !in_array(substr($_FILES['fileUpload']['name'], -4), $extension) AND !in_array(substr($_FILES['fileUpload']['name'], -5), $extension)){ elseif (!empty($_FILES['fileUpload']['name']) AND !in_array(substr($_FILES['fileUpload']['name'], -4), $extension) AND !in_array(substr($_FILES['fileUpload']['name'], -5), $extension)) {
$this->errors[] = Tools::displayError('Bad file extension'); $this->errors[] = Tools::displayError('Bad file extension');
} }
else else
{ {
if ((int)(self::$cookie->id_customer)) if ((int)(self::$cookie->id_customer)) {
$customer = new Customer((int)(self::$cookie->id_customer)); $customer = new Customer((int)(self::$cookie->id_customer));
else }
{ else {
$customer = new Customer(); $customer = new Customer();
$customer->getByEmail($from); $customer->getByEmail($from);
} }