added an option to limit message downloads

2025-11-04 06:02:28 +01:00 · 2015-07-28 21:56:50 +02:00
parent 19b9340868
commit 39468c3877
12 changed files with 39 additions and 1 deletions
--- a/webui/config.php
+++ b/webui/config.php
@@ -158,6 +158,7 @@ $config['RESTRICTED_AUDITOR'] = 0;

 $config['SHOW_ENVELOPE_JOURNAL'] = 0;
 $config['BULK_DOWNLOAD_FOR_USERS'] = 1;
+$config['MAX_DOWNLOAD_PER_HOUR'] = 0;

 $config['MAX_CGI_FROM_SUBJ_LEN'] = 34;
 $config['PAGE_LEN'] = 20;
--- a/webui/controller/message/download.php
+++ b/webui/controller/message/download.php
@@ -14,11 +14,14 @@ class ControllerMessageDownload extends Controller {

      $this->load->model('search/search');
      $this->load->model('search/message');
+      $this->load->model('audit/audit');

      $this->document->title = $this->data['text_message'];

      $this->data['id'] = @$this->request->get['id'];

+      if(!$this->model_audit_audit->can_download()) { die("you cannot download at the moment"); }
+
      if(!verify_piler_id($this->data['id'])) {
         AUDIT(ACTION_UNKNOWN, '', '', $this->data['id'], 'unknown id: ' . $this->data['id']);
         die("invalid id: " . $this->data['id']);
--- a/webui/controller/message/headers.php
+++ b/webui/controller/message/headers.php
@@ -14,7 +14,7 @@ class ControllerMessageHeaders extends Controller {

      $this->load->model('search/search');
      $this->load->model('search/message');
-
+      $this->load->model('audit/audit');
      $this->load->model('user/user');

      $this->document->title = $this->data['text_message'];
@@ -39,6 +39,8 @@ class ControllerMessageHeaders extends Controller {

      $this->data['message'] = $this->model_search_message->get_message_headers($this->data['piler_id']);

+      $this->data['can_download'] = $this->model_audit_audit->can_download();
+
      $this->render();
   }

--- a/webui/controller/message/journal.php
+++ b/webui/controller/message/journal.php
@@ -39,6 +39,8 @@ class ControllerMessageJournal extends Controller {

      $this->data['data'] = $this->model_search_message->get_message_journal($this->data['piler_id']);

+      $this->data['can_download'] = $this->model_audit_audit->can_download();
+
      $this->render();
   }

--- a/webui/controller/message/view.php
+++ b/webui/controller/message/view.php
@@ -80,6 +80,8 @@ class ControllerMessageView extends Controller {

      $this->data['images'] = array();

+      $this->data['can_download'] = $this->model_audit_audit->can_download();
+
      foreach($this->data['attachments'] as $a) {
         if(preg_match("/image/", $a['type'])) {
            $attachment = $this->model_search_message->get_attachment_by_id($a['id']);
--- a/webui/model/audit/audit.php
+++ b/webui/model/audit/audit.php
@@ -155,6 +155,22 @@ class ModelAuditAudit extends Model {
   }


+   public function can_download() {
+
+      if(MAX_DOWNLOAD_PER_HOUR <= 0 || Registry::get('auditor_user') == 1) { return 1; }
+
+      $session = Registry::get('session');
+
+      $email = $session->get("email");
+
+      $query = $this->db->query("SELECT COUNT(*) AS num FROM " . TABLE_AUDIT . " WHERE email=? AND ts > ? AND action=?", array($email, NOW-3600, ACTION_DOWNLOAD_MESSAGE));
+
+      if($query->row['num'] <= MAX_DOWNLOAD_PER_HOUR) { return 1; }
+
+      return 0;
+   }
+
+
 }

 ?>
--- a/webui/view/theme/default/templates/message/headers.tpl
+++ b/webui/view/theme/default/templates/message/headers.tpl
@@ -13,7 +13,9 @@
 <div class="messageheader">

 <p>
+<?php if($can_download == 1) { ?>
   <a class="messagelink" href="index.php?route=message/download&amp;id=<?php print $id; ?>"><i class="icon-cloud-download"></i>&nbsp;<?php print $text_download_message; ?></a> |
+<?php } ?>
 <?php if(SMARTHOST || ENABLE_IMAP_AUTH == 1) { if(Registry::get('auditor_user') == 1) { ?>
   <a class="messagelink" href="#" onclick="$('#restorebox').show();"><i class="icon-reply"></i>&nbsp;<?php print $text_restore_to_mailbox; ?></a> |
 <?php } else { ?>
--- a/webui/view/theme/default/templates/message/journal.tpl
+++ b/webui/view/theme/default/templates/message/journal.tpl
@@ -13,7 +13,9 @@
 <div class="messageheader">

 <p>
+<?php if($can_download == 1) { ?>
   <a class="messagelink" href="index.php?route=message/download&amp;id=<?php print $id; ?>"><i class="icon-cloud-download"></i>&nbsp;<?php print $text_download_message; ?></a> |
+<?php } ?>
 <?php if(SMARTHOST || ENABLE_IMAP_AUTH == 1) { if(Registry::get('auditor_user') == 1) { ?>
   <a class="messagelink" href="#" onclick="$('#restorebox').show();"><i class="icon-reply"></i>&nbsp;<?php print $text_restore_to_mailbox; ?></a> |
 <?php } else { ?>
--- a/webui/view/theme/default/templates/message/view.tpl
+++ b/webui/view/theme/default/templates/message/view.tpl
@@ -13,7 +13,9 @@
 <div class="messageheader">

    <p>
+    <?php if($can_download == 1) { ?>
       <a class="messagelink" href="index.php?route=message/download&amp;id=<?php print $id; ?>"><i class="icon-cloud-download"></i>&nbsp;<?php print $text_download_message; ?></a> |
+    <?php } ?>
    <?php if(SMARTHOST || ENABLE_IMAP_AUTH == 1) { if(Registry::get('auditor_user') == 1) { ?>
       <a class="messagelink" href="#" onclick="$('#restorebox').show();"><i class="icon-reply"></i>&nbsp;<?php print $text_restore_to_mailbox; ?></a> |
    <?php } else { ?>
--- a/webui/view/theme/mobile/templates/message/headers.tpl
+++ b/webui/view/theme/mobile/templates/message/headers.tpl
@@ -11,7 +11,9 @@
 </div>

 <p>
+<?php if($can_download == 1) { ?>
   <a class="messagelink" href="index.php?route=message/download&amp;id=<?php print $id; ?>"><i class="icon-download"></i>&nbsp;<?php print $text_download_message; ?></a> |
+<?php } ?>
 <?php if(SMARTHOST || ENABLE_IMAP_AUTH == 1) { if(Registry::get('auditor_user') == 1) { ?>
   <a class="messagelink" href="#" onclick="$('#restorebox').show();"><i class="icon-gift"></i>&nbsp;<?php print $text_restore_to_mailbox; ?></a> |
 <?php } else { ?>
--- a/webui/view/theme/mobile/templates/message/journal.tpl
+++ b/webui/view/theme/mobile/templates/message/journal.tpl
@@ -11,7 +11,9 @@
 </div>

 <p>
+<?php if($can_download == 1) { ?>
   <a class="messagelink" href="index.php?route=message/download&amp;id=<?php print $id; ?>"><i class="icon-download"></i>&nbsp;<?php print $text_download_message; ?></a> |
+<?php } ?>
 <?php if(SMARTHOST || ENABLE_IMAP_AUTH == 1) { if(Registry::get('auditor_user') == 1) { ?>
   <a class="messagelink" href="#" onclick="$('#restorebox').show();"><i class="icon-gift"></i>&nbsp;<?php print $text_restore_to_mailbox; ?></a> |
 <?php } else { ?>
--- a/webui/view/theme/mobile/templates/message/view.tpl
+++ b/webui/view/theme/mobile/templates/message/view.tpl
@@ -13,7 +13,9 @@
 <div class="messageheader">

    <p>
+    <?php if($can_download == 1) { ?>
       <a class="messagelink" href="index.php?route=message/download&amp;id=<?php print $id; ?>"><i class="icon-download"></i>&nbsp;<?php print $text_download_message; ?></a> |
+    <?php } ?>
    <?php if(SMARTHOST || ENABLE_IMAP_AUTH == 1) { if(Registry::get('auditor_user') == 1) { ?>
       <a class="messagelink" href="#" onclick="$('#restorebox').show();"><i class="icon-gift"></i>&nbsp;<?php print $text_restore_to_mailbox; ?></a> |
    <?php } else { ?>