From 71090cbdd8698f8db63ef900a2fcda75c4fb92ef Mon Sep 17 00:00:00 2001 From: hystepik Date: Mon, 28 Nov 2022 14:57:51 +0100 Subject: [PATCH] test to do --- htdocs/langs/fr_FR/admin.lang | 2 +- htdocs/public/eventorganization/attendee_new.php | 5 ++++- htdocs/public/members/new.php | 5 ++++- htdocs/public/opensurvey/studs.php | 9 +++++++-- htdocs/public/partnership/new.php | 5 ++++- htdocs/public/project/new.php | 5 ++++- htdocs/public/project/suggestbooth.php | 5 +++++ htdocs/public/project/suggestconference.php | 1 + 8 files changed, 30 insertions(+), 7 deletions(-) diff --git a/htdocs/langs/fr_FR/admin.lang b/htdocs/langs/fr_FR/admin.lang index df358b0bfd1..79a266df816 100644 --- a/htdocs/langs/fr_FR/admin.lang +++ b/htdocs/langs/fr_FR/admin.lang @@ -2315,7 +2315,7 @@ UseOauth=Utiliser un token OAUTH Images=Images Posts=publications MaxNumberOfImagesInGetPost=Nombre maximum d'images autorisées dans un champ HTML soumis dans un formulaire -MaxNumberOfPostOnPublicPagesByIP=Nombre maximum de publications sur des pages publiques avec une adresse IP +MaxNumberOfPostOnPublicPagesByIP=Nombre maximum de publications par mois sur des pages publiques avec une adresse IP CIDLookupURL=Le module apporte une URL qui peut être utilisée par un outil externe pour obtenir le nom d'un tiers ou d'un contact à partir de son numéro de téléphone. L'URL à utiliser est : ScriptIsEmpty=Le script est manquant ShowHideTheNRequests=Afficher/Cacher les %s requête(s) SQL. diff --git a/htdocs/public/eventorganization/attendee_new.php b/htdocs/public/eventorganization/attendee_new.php index 21901753692..5d35d71822d 100644 --- a/htdocs/public/eventorganization/attendee_new.php +++ b/htdocs/public/eventorganization/attendee_new.php @@ -56,6 +56,7 @@ require_once DOL_DOCUMENT_ROOT.'/compta/facture/class/facture.class.php'; require_once DOL_DOCUMENT_ROOT.'/compta/facture/class/paymentterm.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php'; require_once DOL_DOCUMENT_ROOT.'/contact/class/contact.class.php'; +require_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php'; global $dolibarr_main_url_root; @@ -285,13 +286,15 @@ if (empty($reshook) && $action == 'add' && (!empty($conference->id) && $conferen $confattendee->ip = getUserRemoteIP(); $nb_post_max = getDolGlobalInt("MAIN_SECURITY_MAX_POST_ON_PUBLIC_PAGES_BY_IP_ADDRESS", 1000); - + $now = dol_now(); + $minmonthpost = dol_time_plus_duree($now, -1, "m"); // Calculate nb of post for IP $nb_post_ip = 0; if ($nb_post_max > 0) { // Calculate only if there is a limit to check $sql = "SELECT COUNT(ref) as nb_attendee"; $sql .= " FROM ".MAIN_DB_PREFIX."eventorganization_conferenceorboothattendee"; $sql .= " WHERE ip = '".$db->escape($confattendee->ip)."'"; + $sql .= " AND date_creation > '".$db->idate($minmonthpost)."'"; $resql = $db->query($sql); if ($resql) { $num = $db->num_rows($resql); diff --git a/htdocs/public/members/new.php b/htdocs/public/members/new.php index 2e38de0251e..4523a86b063 100644 --- a/htdocs/public/members/new.php +++ b/htdocs/public/members/new.php @@ -73,6 +73,7 @@ require_once DOL_DOCUMENT_ROOT.'/adherents/class/adherent_type.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/extrafields.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/cunits.class.php'; +require_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php'; // Init vars $errmsg = ''; @@ -287,13 +288,15 @@ if (empty($reshook) && $action == 'add') { $adh->ip = getUserRemoteIP(); $nb_post_max = getDolGlobalInt("MAIN_SECURITY_MAX_POST_ON_PUBLIC_PAGES_BY_IP_ADDRESS", 1000); - + $now = dol_now(); + $minmonthpost = dol_time_plus_duree($now, -1, "m"); // Calculate nb of post for IP $nb_post_ip = 0; if ($nb_post_max > 0) { // Calculate only if there is a limit to check $sql = "SELECT COUNT(ref) as nb_adh"; $sql .= " FROM ".MAIN_DB_PREFIX."adherent"; $sql .= " WHERE ip = '".$db->escape($adh->ip)."'"; + $sql .= " AND datec > '".$db->idate($minmonthpost)."'"; $resql = $db->query($sql); if ($resql) { $num = $db->num_rows($resql); diff --git a/htdocs/public/opensurvey/studs.php b/htdocs/public/opensurvey/studs.php index 900483bbbfa..30ed4cc8bbb 100644 --- a/htdocs/public/opensurvey/studs.php +++ b/htdocs/public/opensurvey/studs.php @@ -41,6 +41,7 @@ require_once DOL_DOCUMENT_ROOT."/core/lib/admin.lib.php"; require_once DOL_DOCUMENT_ROOT."/core/lib/files.lib.php"; require_once DOL_DOCUMENT_ROOT."/opensurvey/class/opensurveysondage.class.php"; require_once DOL_DOCUMENT_ROOT."/opensurvey/lib/opensurvey.lib.php"; +require_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php'; // Init vars @@ -99,13 +100,15 @@ if (GETPOST('ajoutcomment', 'alpha')) { $user_ip = getUserRemoteIP(); $nb_post_max = getDolGlobalInt("MAIN_SECURITY_MAX_POST_ON_PUBLIC_PAGES_BY_IP_ADDRESS", 1000); - + $now = dol_now(); + $minmonthpost = dol_time_plus_duree($now, -1, "m"); // Calculate nb of post for IP $nb_post_ip = 0; if ($nb_post_max > 0) { // Calculate only if there is a limit to check $sql = "SELECT COUNT(id_comment) as nb_comments"; $sql .= " FROM ".MAIN_DB_PREFIX."opensurvey_comments"; $sql .= " WHERE ip = '".$db->escape($user_ip)."'"; + //$sql .= " AND date_creation > '".$db->idate($minmonthpost)."'"; $resql = $db->query($sql); if ($resql) { $num = $db->num_rows($resql); @@ -153,13 +156,15 @@ if (GETPOST("boutonp") || GETPOST("boutonp.x") || GETPOST("boutonp_x")) { // bo $user_ip = getUserRemoteIP(); $nb_post_max = getDolGlobalInt("MAIN_SECURITY_MAX_POST_ON_PUBLIC_PAGES_BY_IP_ADDRESS", 1000); - + $now = dol_now(); + $minmonthpost = dol_time_plus_duree($now, -1, "m"); // Calculate nb of post for IP $nb_post_ip = 0; if ($nb_post_max > 0) { // Calculate only if there is a limit to check $sql = "SELECT COUNT(id_users) as nb_records"; $sql .= " FROM ".MAIN_DB_PREFIX."opensurvey_user_studs"; $sql .= " WHERE ip = '".$db->escape($user_ip)."'"; + //$sql .= " AND date_creation > '".$db->idate($minmonthpost)."'"; $resql = $db->query($sql); if ($resql) { $num = $db->num_rows($resql); diff --git a/htdocs/public/partnership/new.php b/htdocs/public/partnership/new.php index 3420806608a..322e2601e53 100644 --- a/htdocs/public/partnership/new.php +++ b/htdocs/public/partnership/new.php @@ -59,6 +59,7 @@ require_once DOL_DOCUMENT_ROOT.'/partnership/class/partnership.class.php'; require_once DOL_DOCUMENT_ROOT.'/partnership/class/partnership_type.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/extrafields.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php'; +require_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php'; // Init vars $errmsg = ''; @@ -226,13 +227,15 @@ if (empty($reshook) && $action == 'add') { $partnership->ip = getUserRemoteIP(); $nb_post_max = getDolGlobalInt("MAIN_SECURITY_MAX_POST_ON_PUBLIC_PAGES_BY_IP_ADDRESS", 1000); - + $now = dol_now(); + $minmonthpost = dol_time_plus_duree($now, -1, "m"); // Calculate nb of post for IP $nb_post_ip = 0; if ($nb_post_max > 0) { // Calculate only if there is a limit to check $sql = "SELECT COUNT(ref) as nb_partnerships"; $sql .= " FROM ".MAIN_DB_PREFIX."partnership"; $sql .= " WHERE ip = '".$db->escape($partnership->ip)."'"; + $sql .= " AND date_creation > '".$db->idate($minmonthpost)."'"; $resql = $db->query($sql); if ($resql) { $num = $db->num_rows($resql); diff --git a/htdocs/public/project/new.php b/htdocs/public/project/new.php index 46209d76a24..11815a2a0e2 100644 --- a/htdocs/public/project/new.php +++ b/htdocs/public/project/new.php @@ -57,6 +57,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/json.lib.php'; require_once DOL_DOCUMENT_ROOT.'/projet/class/project.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/extrafields.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php'; +require_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php'; // Init vars $errmsg = ''; @@ -298,12 +299,14 @@ if (empty($reshook) && $action == 'add') { $proj->ip = getUserRemoteIP(); $nb_post_max = getDolGlobalInt("MAIN_SECURITY_MAX_POST_ON_PUBLIC_PAGES_BY_IP_ADDRESS", 1000); - // Calculate nb of post for IP + $now = dol_now(); + $minmonthpost = dol_time_plus_duree($now, -1, "m"); $nb_post_ip = 0; if ($nb_post_max > 0) { // Calculate only if there is a limit to check $sql = "SELECT COUNT(rowid) as nb_projets"; $sql .= " FROM ".MAIN_DB_PREFIX."projet"; $sql .= " WHERE ip = '".$db->escape($proj->ip)."'"; + $sql .= " AND datec > '".$db->idate($minmonthpost)."'"; $resql = $db->query($sql); if ($resql) { $num = $db->num_rows($resql); diff --git a/htdocs/public/project/suggestbooth.php b/htdocs/public/project/suggestbooth.php index 7c97a1da346..8f9705d0b92 100644 --- a/htdocs/public/project/suggestbooth.php +++ b/htdocs/public/project/suggestbooth.php @@ -56,6 +56,7 @@ require_once DOL_DOCUMENT_ROOT.'/categories/class/categorie.class.php'; require_once DOL_DOCUMENT_ROOT.'/compta/facture/class/facture.class.php'; require_once DOL_DOCUMENT_ROOT.'/compta/facture/class/paymentterm.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php'; +require_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php'; global $dolibarr_main_url_root; @@ -362,7 +363,10 @@ if (empty($reshook) && $action == 'add') { $conforbooth->datec = dol_now(); $conforbooth->tms = dol_now(); $conforbooth->ip = getUserRemoteIP(); + $nb_post_max = getDolGlobalInt("MAIN_SECURITY_MAX_POST_ON_PUBLIC_PAGES_BY_IP_ADDRESS", 1000); + $now = dol_now(); + $minmonthpost = dol_time_plus_duree($now, -1, "m"); // Calculate nb of post for IP $nb_post_ip = 0; @@ -370,6 +374,7 @@ if (empty($reshook) && $action == 'add') { $sql = "SELECT COUNT(ref) as nb_confs"; $sql .= " FROM ".MAIN_DB_PREFIX."actioncomm"; $sql .= " WHERE ip = '".$db->escape($conforbooth->ip)."'"; + $sql .= " AND datec > '".$db->idate($minmonthpost)."'"; $resql = $db->query($sql); if ($resql) { $num = $db->num_rows($resql); diff --git a/htdocs/public/project/suggestconference.php b/htdocs/public/project/suggestconference.php index e0f135d3f56..f68ec3352d4 100644 --- a/htdocs/public/project/suggestconference.php +++ b/htdocs/public/project/suggestconference.php @@ -361,6 +361,7 @@ if (empty($reshook) && $action == 'add') { $conforbooth->firstname = $contact->firstname; $conforbooth->lastname = $contact->lastname; $conforbooth->ip = getUserRemoteIP(); + $nb_post_max = getDolGlobalInt("MAIN_SECURITY_MAX_POST_ON_PUBLIC_PAGES_BY_IP_ADDRESS", 1000); $now = dol_now(); $minmonthpost = dol_time_plus_duree($now, -1, "m");