From 88c825e34adb660b141e0448e504c9bf4276da59 Mon Sep 17 00:00:00 2001 From: doktornotor Date: Fri, 4 Sep 2015 12:59:57 +0200 Subject: spamd - code style cleanup and multiple fixes - Code style and indentation fixes - Use shell_exec() instead of backticks - Don't add the same email address to spamtrap twice (?!) - XHTML fixes --- config/spamd/spamd_db.php | 321 +++++++++++++++++++++++----------------------- 1 file changed, 161 insertions(+), 160 deletions(-) diff --git a/config/spamd/spamd_db.php b/config/spamd/spamd_db.php index 3fe439ef..90215e6f 100644 --- a/config/spamd/spamd_db.php +++ b/config/spamd/spamd_db.php @@ -1,9 +1,9 @@ ","",$srcip); - $srcip = str_replace(" ","",$srcip); - // Make input safe + } + $srcip = str_replace("<", "", $srcip); + $srcip = str_replace(">", "", $srcip); + $srcip = str_replace(" ", "", $srcip); + // make input safe $srcip = escapeshellarg($srcip); /* execute spamdb command */ - if($action == "whitelist") { + if ($action == "whitelist") { exec("/usr/local/sbin/spamdb -d {$srcip} -T"); exec("/usr/local/sbin/spamdb -d {$srcip} -t"); delete_from_blacklist($srcip); mwexec("/sbin/pfctl -q -t blacklist -T replace -f /var/db/blacklist.txt"); exec("echo spamdb -a {$srcip} > /tmp/tmp"); exec("/usr/local/sbin/spamdb -a {$srcip}"); - } else if($action == "delete") { + } elseif ($action == "delete") { exec("/usr/local/sbin/spamdb -d {$srcip}"); exec("/usr/local/sbin/spamdb -d {$srcip} -T"); exec("/usr/local/sbin/spamdb -d {$srcip} -t"); delete_from_blacklist($srcip); mwexec("/sbin/pfctl -q -t spamd -T delete $srcip"); mwexec("/sbin/pfctl -q -t blacklist -T replace -f /var/db/blacklist.txt"); - } else if($action == "trapped") { + } elseif ($action == "trapped") { exec("/usr/local/sbin/spamdb -d {$srcip}"); exec("/usr/local/sbin/spamdb -d {$srcip}"); exec("/usr/local/sbin/spamdb -d -t {$srcip}"); exec("/usr/local/sbin/spamdb -a -t {$srcip}"); - } else if($action == "spamtrap") { + } elseif ($action == "spamtrap") { exec("/usr/local/sbin/spamdb -a -T {$spamtrapemailarg}"); } /* signal a reload for real time effect. */ - mwexec("killall -HUP spamlogd"); + mwexec("/usr/bin/killall -HUP spamlogd"); exit; } -/* spam trap e-mail address */ -if($spamtrapemail <> "") { - exec("spamdb -T -a {$spamtrapemailarg}"); - mwexec("killall -HUP spamlogd"); - $savemsg = htmlentities($spamtrapemail) . " added to spam trap database."; -} - -if($_GET['getstatus'] <> "") { - $status = exec("/usr/local/sbin/spamdb | grep " . escapeshellarg($_GET['getstatus'])); - if(stristr($status, "WHITE") == true) { +if ($_GET['getstatus'] != "") { + $status = exec("/usr/local/sbin/spamdb | /usr/bin/grep " . escapeshellarg($_GET['getstatus'])); + if (stristr($status, "WHITE") == true) { echo "WHITE"; - } else if(stristr($status, "TRAPPED") == true) { + } elseif (stristr($status, "TRAPPED") == true) { echo "TRAPPED"; - } else if(stristr($status, "GREY") == true) { + } elseif (stristr($status, "GREY") == true) { echo "GREY"; - } else if(stristr($status, "SPAMTRAP") == true) { + } elseif (stristr($status, "SPAMTRAP") == true) { echo "SPAMTRAP"; } else { echo "NOT FOUND"; @@ -122,35 +119,38 @@ if($_GET['getstatus'] <> "") { } /* spam trap e-mail address */ -if($_GET['spamtrapemail'] <> "") { - $status = exec("spamdb -T -a {$spamtrapemailarg}"); - mwexec("killall -HUP spamlogd"); - if($status) +if ($spamtrapemail != "") { + $status = exec("/usr/local/sbin/spamdb -T -a {$spamtrapemailarg}"); + mwexec("/usr/bin/killall -HUP spamlogd"); + if ($status) { echo $status; - else - echo htmlentities($_POST['spamtrapemail']) . " added to spam trap database."; + } else { + echo htmlentities($spamtrapemail) . " added to spam trap database."; + } exit; } /* whitelist e-mail address */ -if($_GET['whitelist'] <> "") { - $spamtrapemail = escapeshellarg($_GET['spamtrapemail']); - $status = exec("spamdb -a {$spamtrapemail}"); - mwexec("killall -HUP spamlogd"); - if($status) +if ($_GET['whitelist'] != "") { + $status = exec("/usr/local/sbin/spamdb -a {$spamtrapemail}"); + mwexec("/usr/bin/killall -HUP spamlogd"); + if ($status) { echo $status; - else - echo htmlentities($_POST['spamtrapemail']) . " added to whitelist database."; + } else { + echo htmlentities($spamtrapemail) . " added to whitelist database."; + } exit; } function delete_from_blacklist($srcip) { $blacklist = explode("\n", file_get_contents("/var/db/blacklist.txt")); $fd = fopen("/var/db/blacklist.txt", "w"); - foreach($blacklist as $bl) { - if($bl <> "") - if(!stristr($bl, $srcip)) + foreach ($blacklist as $bl) { + if ($bl != "") { + if (!stristr($bl, $srcip)) { fwrite($fd, "{$bl}\n"); + } + } } fclose($fd); mwexec("/sbin/pfctl -q -t spamd -T delete {$srcip}"); @@ -161,9 +161,11 @@ function delete_from_whitelist($srcip) { $whitelist = explode("\n", file_get_contents("/var/db/whitelist.txt")); $fd = fopen("/var/db/whitelist.txt", "w"); foreach($whitelist as $wl) { - if($wl <> "") - if(!stristr($wl, $srcip)) + if ($wl != "") { + if (!stristr($wl, $srcip)) { fwrite($fd, "{$wl}\n"); + } + } } fclose($fd); mwexec("/sbin/pfctl -q -t spamd -T delete $srcip"); @@ -173,23 +175,25 @@ function delete_from_whitelist($srcip) { $pgtitle = "SpamD: Database"; include("head.inc"); -if(file_exists("/var/db/whitelist.txt")) - $whitelist_items = `cat /var/db/whitelist.txt | wc -l`; -else +if (file_exists("/var/db/whitelist.txt")) { + $whitelist_items = shell_exec("/bin/cat /var/db/whitelist.txt | /usr/bin/wc -l"); +} else { $whitelist_items = 0; +} -if(file_exists("/var/db/blacklist.txt")) - $blacklist_items = `cat /var/db/blacklist.txt | wc -l`; -else +if (file_exists("/var/db/blacklist.txt")) { + $blacklist_items = shell_exec("/bin/cat /var/db/blacklist.txt | /usr/bin/wc -l"); +} else { $blacklist_items = 0; +} // Get an overall count of the database -$spamdb_items = `/usr/local/sbin/spamdb | wc -l`; +$spamdb_items = shell_exec("/usr/local/sbin/spamdb | /usr/bin/wc -l"); // Get blacklist and whitelist count from database -$spamdb_white = `/usr/local/sbin/spamdb | grep WHITE | wc -l`; -$spamdb_black = `/usr/local/sbin/spamdb | grep BLACK | wc -l`; -$spamdb_grey = `/usr/local/sbin/spamdb | grep GREY | wc -l`; +$spamdb_white = shell_exec("/usr/local/sbin/spamdb | /usr/bin/grep WHITE | /usr/bin/wc -l"); +$spamdb_black = shell_exec("/usr/local/sbin/spamdb | /usr/bin/grep BLACK | /usr/bin/wc -l"); +$spamdb_grey = shell_exec("/usr/local/sbin/spamdb | /usr/bin/grep GREY | /usr/bin/wc -l"); // Now count the user contributed whitelist and blacklist count $whitelist_items = $whitelist_items + $spamdb_white; @@ -198,22 +202,20 @@ $blacklist_items = $blacklist_items + $spamdb_black; ?> - -

-
- -

+
- - - +
+
-
+
- +
+ } +?> + +
- - - - - - - -
Filter by test:  Inverse filter (NOT):>
Limit:
 
* Add spam trap E-mail address:

- - - + + + + + +
Filter by test:  Inverse filter (NOT): />
Limit:
 
* Add spam trap E-mail address:
+
- + @@ -322,68 +321,65 @@ if (typeof getURL == 'undefined') { " . date("H:i:s", $dt); + return date("Y-m-d", $dt) . "
" . date("H:i:s", $dt); } - if($filter) { - if($not) { + if ($filter) { + if ($not) { $fd = fopen("/tmp/spamdb", "w"); - $cmd = "/usr/local/sbin/spamdb | grep -v " . escapeshellarg($filter) . " | tail -n {$limit}"; + $cmd = "/usr/local/sbin/spamdb | /usr/bin/grep -v " . escapeshellarg($filter) . " | /usr/bin/tail -n {$limit}"; fwrite($fd, $cmd); fclose($fd); exec($cmd, $pkgdb); - if(file_exists("/var/db/blacklist.txt")) { - $cmd = "cat /var/db/blacklist.txt | grep -v \"" . escapeshellarg($filter) . "\" "; + if (file_exists("/var/db/blacklist.txt")) { + $cmd = "/bin/cat /var/db/blacklist.txt | /usr/bin/grep -v \"" . escapeshellarg($filter) . "\" "; exec($cmd, $pkgdba); foreach($pkgdba as $pkg) { $pkgdb[] = "TRAPPED|{$pkg}|1149324397"; } } } else { - $cmd = "/usr/local/sbin/spamdb | grep " . escapeshellarg($filter) . " | tail -n {$limit}"; + $cmd = "/usr/local/sbin/spamdb | /usr/bin/grep " . escapeshellarg($filter) . " | /usr/bin/tail -n {$limit}"; exec($cmd, $pkgdb); - if(file_exists("/var/db/blacklist.txt")) { - $cmd = "cat /var/db/blacklist.txt | grep " . escapeshellarg($filter); + if (file_exists("/var/db/blacklist.txt")) { + $cmd = "/bin/cat /var/db/blacklist.txt | /usr/bin/grep " . escapeshellarg($filter); exec($cmd, $pkgdba); - foreach($pkgdba as $pkg) { + foreach ($pkgdba as $pkg) { $pkgdb[] = "TRAPPED|{$pkg}|1149324397"; } echo ""; } } } else { - exec("/usr/local/sbin/spamdb | tail -n {$limit}", $pkgdb); + exec("/usr/local/sbin/spamdb | /usr/bin/tail -n {$limit}", $pkgdb); } $rows = 0; $lastseenip = ""; $srcip = "|"; - foreach($pkgdb as $pkgdb_row) { + foreach ($pkgdb as $pkgdb_row) { - if($rows > $limit) + if($rows > $limit) { break; + } $dontdisplay = false; - if(!$pkgdb_row) + if (!$pkgdb_row) { continue; + } $pkgdb_split = explode("|", $pkgdb_row); /* - - For TRAPPED entries the format is: - + For TRAPPED entries the format is: type|ip|expire - where type will be TRAPPED, IP will be the IP address blacklisted due to - hitting a spamtrap, and expire will be when the IP is due to be removed - from the blacklist. - - For GREY entries, the format is: + where type will be TRAPPED, IP will be the IP address blacklisted due to + hitting a spamtrap, and expire will be when the IP is due to be removed + from the blacklist. + For GREY entries, the format is: type|source IP|helo|from|to|first|pass|expire|block|pass - For WHITE entries, the format is: - + For WHITE entries, the format is: type|source IP|||first|pass|expire|block|pass - */ switch($pkgdb_split[0]) { case "SPAMTRAP": @@ -427,8 +423,9 @@ function formatspamddatetime($dt) { $attempts = htmlentities($pkgdb_split[8]); break; } - if($srcip == "" and $fromaddress == "" and $toaddress == "") + if ($srcip == "" and $fromaddress == "" and $toaddress == "") { continue; + } echo ""; echo ""; echo ""; @@ -438,40 +435,44 @@ function formatspamddatetime($dt) { echo ""; echo ""; echo ""; - echo ""; $rows++; - } -?>
Type IP From
{$recordtype}{$srcip}" . $pass . "" . $expire . "{$attempts}"; - $rowtext = "\"Add "; - $rowtext .= "\"Blacklist\" "; - $rowtext .= "\"Delete\""; - $rowtext .= "\"Spamtrap\" "; - + echo ""; + $rowtext = "\"Add "; + $rowtext .= "\"Blacklist\" "; + $rowtext .= "\"Delete\""; + $rowtext .= "\"Spamtrap\" "; echo $rowtext; - echo "
-
-

" . $rows . " rows returned."; ?> -

- * NOTE: adding an e-mail address to the spamtrap automatically traps any server trying to send e-mail to this address. -

+
+

" . $rows . " rows returned.

"; ?> +

+ * NOTE: adding an e-mail address to the spamtrap automatically traps any server trying to send e-mail to this address. +

+
- - +

-
-Note: Clicking on the action icons will invoke a AJAX query and the page will not refresh. Click refresh in you're browser if you wish to view the changes in status. -
-

Database totals:

- "; - echo "{$blacklist_items} total items in the blacklist.
"; - echo "{$spamdb_grey} total items in the greylist.
"; - echo "{$spamdb_items} total items in the SpamDB.
"; - ?> +
+Note: Clicking on the action icons will invoke a AJAX query and the page will not refresh. Click refresh in your browser if you wish to view the changes in status. +
+

+ Database totals:

+ + "; + echo "{$blacklist_items} total items in the blacklist.
"; + echo "{$spamdb_grey} total items in the greylist.
"; + echo "{$spamdb_items} total items in the SpamDB.
"; + ?> +
+

-- cgit v1.2.3