Initial commit

2014-05-31 16:22:09 +02:00
commit c25d541a7d
43 changed files with 1688 additions and 0 deletions
--- a/includes/.htaccess
+++ b/includes/.htaccess
@@ -0,0 +1,7 @@
+<Files ~ "^log">
+	Order allow,deny
+	Deny from all
+	Satisfy all
+</Files>
+
+
--- a/includes/config.php
+++ b/includes/config.php
@@ -0,0 +1,163 @@
+<?php
+
+//Buffers PHP messages
+ob_start();
+
+$sType = isset($_REQUEST['t'])?$_REQUEST['t']:'';
+$sSerial = isset($_GET['a'])?$_GET['a']:'';
+$sName = isset($_POST['name'])?$_POST['name']:'';
+$sEmail = isset($_POST['email'])?$_POST['email']:'';
+$sSubject = isset($_POST['subject'])?$_POST['subject']:'';
+$sMsg = isset($_POST['message'])?$_POST['message']:'';
+$sResult = '';
+
+$oCv = new cv();
+switch($sType)
+{
+	case 'javascript':
+		$sResult = $oCv->getJavascript();
+		break;
+	case 'pic':
+		$sResult = $oCv->getPic($sSerial);
+		break;
+	case 'mail':
+		$sResult = $oCv->sendEmail($sName, $sEmail, $sSubject, $sMsg);
+		break;
+}
+
+ob_end_clean();
+echo $sResult;
+
+class cv {
+	const LOG_FILE = 'log';
+	const PIC_PATH = '../images/pic.png';
+	const PUBLIC_KEY_LENGTH = 13;
+	const MAX_REQUEST_TIME = 10;
+	
+	private $iLoadTime;
+
+	public function __construct()
+	{
+		$this->setLoadTime();
+	}
+	
+	private function setLoadTime()
+	{
+		$this->iLoadTime = time();
+	}
+	
+	private function getLoadTime()
+	{
+		return $this->iLoadTime;
+	}
+	
+	public function getJavascript()
+	{
+		//Build picture key
+		$sPublicKey = uniqid();
+		$sSecretKey = $this->getLoadTime();
+		list($iWidth, $iHeight) = getimagesize(self::PIC_PATH);
+		file_put_contents(self::LOG_FILE, $sPublicKey.$sSecretKey."\n", FILE_APPEND);
+		
+		//Display javascript functions
+		$asResult = array();
+		$asResult[] = "var cConfigPage = '".$this->getAppPath().basename(__FILE__)."'";
+		$asResult[] = "var a = '$sPublicKey';";
+		$asResult[] = "var iPicWidth = $iWidth;";
+		$asResult[] = "var iPicHeight = $iHeight;";
+		$asResult[] = file_get_contents('../jquery/jquery.functions'.(file_exists('../jquery/jquery.functions.js')?'':'.min').'.js');
+		return implode("\n", $asResult);
+	}
+	
+	public function getPic($sSerial)
+	{
+		if($this->checkSerial($sSerial))
+		{
+			header('Content-Type: image/jpeg');
+			return file_get_contents(self::PIC_PATH);
+		}
+		else
+		{
+			header('HTTP/1.1 403 Forbidden');
+		}
+	}
+	
+	public function sendEmail($sName, $sEmail, $sSubject, $sMsg)
+	{
+		$sResult = '';
+		if($sName!='' && $sEmail!='' && $sSubject!='' && $sMsg!='')
+		{
+			//Message
+			$sHtmlMessage = 'From: '.$sName."<br />".
+							'Email: '.$sEmail."<br /><br />".
+							'Subject: '.$sSubject."<br />".
+							'Message: <br /><br />'.str_replace("\n", '<br />', $sMsg);
+			$sPlainMessage = strip_tags(str_replace('<br />', "\n", $sHtmlMessage));
+			
+			//Email
+			$iBoundary = uniqid("HTMLEMAIL");
+			$sHeaders = 'From: Contact CV <www-data@lutran.fr>'."\r\n".
+						'Reply-To: Contact CV <www-data@lutran.fr>'."\r\n".
+						'Cc: Julien Lutran <julien@lutran.fr>'."\r\n".
+						'MIME-Version: 1.0'."\r\n".
+						'Content-Type: multipart/alternative;'.
+						'boundary = '.$iBoundary."\r\n\r\n".
+						'MIME encoded Message'.
+						'--'.$iBoundary."\r\n".
+						'Content-Type: text/plain; charset=UTF-8'."\r\n".
+						'Content-Transfer-Encoding: base64'."\r\n\r\n".
+						chunk_split(base64_encode($sPlainMessage)).
+						'--'.$iBoundary."\r\n".
+						'Content-Type: text/html; charset=UTF-8'."\r\n".
+						'Content-Transfer-Encoding: base64'."\r\n\r\n".
+						chunk_split(base64_encode($sHtmlMessage));
+			
+			//Store in case email fails
+			@file_put_contents('log.html', '<br />----<br /><br />'.$sHtmlMessage, FILE_APPEND);
+			
+			//Send
+			if(mail('julien.lutran@gmail.com', 'julien.lutran.fr - Contact Me Message', '', $sHeaders))
+			{
+				$sResult = 'ok';
+			}
+			else
+			{
+				$sResult = 'An unknown error occured.';
+			}
+		}
+		else
+		{
+			$sResult = 'An error occured: Some fields were empty.';
+		}
+		return $sResult;
+	}
+	
+	private function checkSerial($sSerial)
+	{
+		$bResult = false;
+		if(strlen($sSerial)==self::PUBLIC_KEY_LENGTH && strpos($this->getAppPath(), $_SERVER['HTTP_REFERER'])===0)
+		{
+			$sFileContent = file_get_contents(self::LOG_FILE);
+			$asKeys = array_filter(explode("\n", $sFileContent));
+			foreach($asKeys as $sKey)
+			{
+				$iOffset = $this->getLoadTime() - substr($sKey, self::PUBLIC_KEY_LENGTH);
+				if($sSerial == substr($sKey, 0, self::PUBLIC_KEY_LENGTH) && $iOffset < self::MAX_REQUEST_TIME)
+				{
+					$bResult = true;
+					file_put_contents(self::LOG_FILE, str_replace($sKey."\n", '', $sFileContent));
+					break;
+				}
+			}
+		}
+		return $bResult;
+	}
+	
+	private static function getAppPath()
+	{
+		$sAppPath = 'http://'.str_replace(array('http://', 'https://'), '', $_SERVER['SERVER_NAME'].dirname($_SERVER['SCRIPT_NAME']));
+		$sAppPath = $sAppPath.(substr($sAppPath, -1)!='/'?'/':'');
+		return $sAppPath;
+	}
+}
+?>
--- a/includes/log
+++ b/includes/log
@@ -0,0 +1,17 @@
+5112b54426d521360180548
+5112b544a62b01360180548
+5112b544c791e1360180548
+5112b5453dbab1360180549
+5112b545a81b61360180549
+5112b54629ac21360180550
+51bc5dce60f101371299278
+51bc5de3e11031371299299
+51bc5e2ecff261371299374
+51bc5e42efa501371299394
+51bc5e5e00b251371299421
+51bc5e6cd2a3c1371299436
+51bc5e99bdc601371299481
+51bc5e9a0366e1371299482
+51bc5e9b24aa21371299483
+52508e576666a1381011031
+52a72476548fd1386685558