/drupal/sites/all/modules/civicrm/packages/IDS/Log/Email.php
PHP | 402 lines | 167 code | 43 blank | 192 comment | 21 complexity | 55b0a030d9069a0aa5fc7f58aeba6953 MD5 | raw file
- <?php
- /**
- * PHPIDS
- *
- * Requirements: PHP5, SimpleXML
- *
- * Copyright (c) 2008 PHPIDS group (http://php-ids.org)
- *
- * PHPIDS is free software; you can redistribute it and/or modify
- * it under the terms of the GNU Lesser General Public License as published by
- * the Free Software Foundation, version 3 of the License, or
- * (at your option) any later version.
- *
- * PHPIDS is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with PHPIDS. If not, see <http://www.gnu.org/licenses/>.
- *
- * PHP version 5.1.6+
- *
- * @category Security
- * @package PHPIDS
- * @author Mario Heiderich <mario.heiderich@gmail.com>
- * @author Christian Matthies <ch0012@gmail.com>
- * @author Lars Strojny <lars@strojny.net>
- * @license http://www.gnu.org/licenses/lgpl.html LGPL
- * @link http://php-ids.org/
- */
- require_once 'IDS/Log/Interface.php';
- /**
- * Email logging wrapper
- *
- * The Email wrapper is designed to send reports via email. It implements the
- * singleton pattern.
- *
- * @category Security
- * @package PHPIDS
- * @author Christian Matthies <ch0012@gmail.com>
- * @author Mario Heiderich <mario.heiderich@gmail.com>
- * @author Lars Strojny <lars@strojny.net>
- * @copyright 2007-2009 The PHPIDS Group
- * @license http://www.gnu.org/licenses/lgpl.html LGPL
- * @version Release: $Id:Email.php 517 2007-09-15 15:04:13Z mario $
- * @link http://php-ids.org/
- */
- class IDS_Log_Email implements IDS_Log_Interface
- {
- /**
- * Recipient container
- *
- * @var array
- */
- protected $recipients = array();
- /**
- * Mail subject
- *
- * @var string
- */
- protected $subject = null;
- /**
- * Additional mail headers
- *
- * @var string
- */
- protected $headers = null;
- /**
- * Safemode switch
- *
- * Using this switch it is possible to enable safemode, which is a spam
- * protection based on the alert frequency.
- *
- * @var boolean
- */
- protected $safemode = true;
- /**
- * Urlencode for result strings
- *
- * This switch is true by default. Setting it to false removes
- * the 'better safe than sorry' urlencoding for the result string in
- * the report mails. Enhances readability but maybe XSSes email clients.
- *
- * @var boolean
- */
- protected $urlencode = true;
- /**
- * Send rate
- *
- * If safemode is enabled, this property defines how often reports will be
- * sent out. Default value is 15, which means that a mail will be sent on
- * condition that the last email has not been sent earlier than 15 seconds ago.
- *
- * @var integer
- */
- protected $allowed_rate = 15;
- /**
- * PHPIDS temp directory
- *
- * When safemod is enabled, a path to a temp directory is needed to
- * store some information. Default is IDS/tmp/
- *
- * @var string
- */
- protected $tmp_path = 'IDS/tmp/';
- /**
- * File prefix for tmp files
- *
- * @var string
- */
- protected $file_prefix = 'PHPIDS_Log_Email_';
- /**
- * Holds current remote address
- *
- * @var string
- */
- protected $ip = 'local/unknown';
- /**
- * Instance container
- *
- * @var array
- */
- protected static $instance = array();
- /**
- * Constructor
- *
- * @param mixed $config IDS_Init instance | array
- *
- * @return void
- */
- protected function __construct($config)
- {
- if ($config instanceof IDS_Init) {
- $this->recipients = $config->config['Logging']['recipients'];
- $this->subject = $config->config['Logging']['subject'];
- $this->headers = $config->config['Logging']['header'];
- $this->envelope = $config->config['Logging']['envelope'];
- $this->safemode = $config->config['Logging']['safemode'];
- $this->urlencode = $config->config['Logging']['urlencode'];
- $this->allowed_rate = $config->config['Logging']['allowed_rate'];
- $this->tmp_path = $config->getBasePath()
- . $config->config['General']['tmp_path'];
- } elseif (is_array($config)) {
- $this->recipients[] = $config['recipients'];
- $this->subject = $config['subject'];
- $this->additionalHeaders = $config['header'];
- }
- // determine correct IP address and concat them if necessary
- $this->ip = $_SERVER['REMOTE_ADDR'] .
- (isset($_SERVER['HTTP_X_FORWARDED_FOR']) ?
- ' (' . $_SERVER['HTTP_X_FORWARDED_FOR'] . ')' : '');
- }
- /**
- * Returns an instance of this class
- *
- * This method allows the passed argument to be either an instance of
- * IDS_Init or an array.
- *
- * @param mixed $config IDS_Init | array
- * @param string $classname the class name to use
- *
- * @return object $this
- */
- public static function getInstance($config, $classname = 'IDS_Log_Email')
- {
- if (!self::$instance) {
- self::$instance = new $classname($config);
- }
- return self::$instance;
- }
- /**
- * Permitting to clone this object
- *
- * For the sake of correctness of a singleton pattern, this is necessary
- *
- * @return void
- */
- private function __clone()
- {
- }
- /**
- * Detects spam attempts
- *
- * To avoid mail spam through this logging class this function is used
- * to detect such attempts based on the alert frequency.
- *
- * @return boolean
- */
- protected function isSpamAttempt()
- {
- /*
- * loop through all files in the tmp directory and
- * delete garbage files
- */
- $dir = $this->tmp_path;
- $numPrefixChars = strlen($this->file_prefix);
- $files = scandir($dir);
- foreach ($files as $file) {
- if (is_file($dir . $file)) {
- if (substr($file, 0, $numPrefixChars) == $this->file_prefix) {
- $lastModified = filemtime($dir . $file);
- if ((
- time() - $lastModified) > 3600) {
- unlink($dir . $file);
- }
- }
- }
- }
- /*
- * end deleting garbage files
- */
- $remoteAddr = $this->ip;
- $userAgent = $_SERVER['HTTP_USER_AGENT'];
- $filename = $this->file_prefix . md5($remoteAddr.$userAgent) . '.tmp';
- $file = $dir . DIRECTORY_SEPARATOR . $filename;
- if (!file_exists($file)) {
- $handle = fopen($file, 'w');
- fwrite($handle, time());
- fclose($handle);
- return false;
- }
- $lastAttack = file_get_contents($file);
- $difference = time() - $lastAttack;
- if ($difference > $this->allowed_rate) {
- unlink($file);
- } else {
- return true;
- }
- return false;
- }
- /**
- * Prepares data
- *
- * Converts given data into a format that can be read in an email.
- * You might edit this method to your requirements.
- *
- * @param mixed $data the report data
- *
- * @return string
- */
- protected function prepareData($data)
- {
- $format = "The following attack has been detected by PHPIDS\n\n";
- $format .= "IP: %s \n";
- $format .= "Date: %s \n";
- $format .= "Impact: %d \n";
- $format .= "Affected tags: %s \n";
- $attackedParameters = '';
- foreach ($data as $event) {
- $attackedParameters .= $event->getName() . '=' .
- ((!isset($this->urlencode) ||$this->urlencode)
- ? urlencode($event->getValue())
- : $event->getValue()) . ", ";
- }
- $format .= "Affected parameters: %s \n";
- $format .= "Request URI: %s \n";
- $format .= "Origin: %s \n";
- return sprintf($format,
- $this->ip,
- date('c'),
- $data->getImpact(),
- join(' ', $data->getTags()),
- trim($attackedParameters),
- urlencode($_SERVER['REQUEST_URI']),
- $_SERVER['SERVER_ADDR']);
- }
- /**
- * Sends the report to registered recipients
- *
- * @param object $data IDS_Report instance
- *
- * @throws Exception if data is no string
- * @return boolean
- */
- public function execute(IDS_Report $data)
- {
- if ($this->safemode) {
- if ($this->isSpamAttempt()) {
- return false;
- }
- }
- /*
- * In case the data has been modified before it might
- * be necessary to convert it to string since it's pretty
- * senseless to send array or object via e-mail
- */
- $data = $this->prepareData($data);
- if (is_string($data)) {
- $data = trim($data);
- // if headers are passed as array, we need to make a string of it
- if (is_array($this->headers)) {
- $headers = "";
- foreach ($this->headers as $header) {
- $headers .= $header . "\r\n";
- }
- } else {
- $headers = $this->headers;
- }
- if (!empty($this->recipients)) {
- if (is_array($this->recipients)) {
- foreach ($this->recipients as $address) {
- $this->send(
- $address,
- $data,
- $headers,
- $this->envelope
- );
- }
- } else {
- $this->send(
- $this->recipients,
- $data,
- $headers,
- $this->envelope
- );
- }
- }
- } else {
- throw new Exception(
- 'Please make sure that data returned by
- IDS_Log_Email::prepareData() is a string.'
- );
- }
- return true;
- }
- /**
- * Sends an email
- *
- * @param string $address email address
- * @param string $data the report data
- * @param string $headers the mail headers
- * @param string $envelope the optional envelope string
- *
- * @return boolean
- */
- protected function send($address, $data, $headers, $envelope = null)
- {
- if (!$envelope || strpos(ini_get('sendmail_path'),' -f') !== false) {
- return mail($address,
- $this->subject,
- $data,
- $headers);
- } else {
- return mail($address,
- $this->subject,
- $data,
- $headers,
- '-f' . $envelope);
- }
- }
- }
- /**
- * Local variables:
- * tab-width: 4
- * c-basic-offset: 4
- * End:
- * vim600: sw=4 ts=4 expandtab
- */