Commit ba5007f3 authored by Bastien Durel's avatar Bastien Durel
Browse files

record date and IP of report sender, cleanup reports, return error on duplicate key

parent 4a0a76e9
......@@ -6,6 +6,10 @@ if ($_SERVER['REQUEST_METHOD'] == 'GET') {
}
if ($_SERVER['REQUEST_METHOD'] != 'POST') die("unknown method");
define('MAX_REPORT_BY_ORG', 100000);
define('MAX_REPORT_BY_NET', 100000);
define('MAX_REPORT_ALL', 5000000);
include_once 'vendor/autoload.php';
include_once 'pdo.config.php'; // get $db object
......@@ -14,8 +18,39 @@ $data = json_decode(file_get_contents('php://input'));
$validator = new JsonSchema\Validator;
$validator->validate($data, (object)['$ref' => 'file://' . realpath('schema.json')]);
$ip = $_SERVER['REMOTE_ADDR'];
$in_addr = inet_pton($ip);
if (strlen($in_addr) == 16) {
// keep /56
$z = str_repeat(chr(0), 9);
$in_addr = substr_replace($in_addr, $z, 7, 9);
}
elseif (strlen($in_addr) == 4) {
// keep /24
$z = chr(0);
$in_addr[3] = $z;
}
$net = inet_ntop($in_addr);
function cleanup($db, $sql_count, $sql_count_r, $sql_delete, $max, $data) {
$stmt_c = $db->prepare($sql_count_r);
$stmt_c->bindParam(':data', $data);
$stmt_c->execute();
$count = $stmt_c->fetchObject();
if ($count->cnt > $max) {
$stmt_c_r = $db->prepare($sql_count_r);
$stmt_c_r->bindParam(':data', $data);
$stmt_c_r->execute();
$count = $stmt_c_r->fetchObject();
$del_sql = $sql_delete . ceil(((int)($count->cnt)) / 10);
$stmt_c_d = $db->prepare($del_sql);
$stmt_c_d->bindParam(':data', $data);
$stmt_c_d->execute();
}
}
if ($validator->isValid()) {
$stmt = $db->prepare("INSERT INTO `report` (`organization_name`, `start_datetime`, `end_datetime`, `contact_info`, `report_id`) VALUES (:n, :sd, :ed, :c, :i);");
$stmt = $db->prepare("INSERT INTO `report` (`organization_name`, `start_datetime`, `end_datetime`, `contact_info`, `report_id`, `reporting_net`, `reporting_ip`, `reporting_date`) VALUES (:n, :sd, :ed, :c, :i, :net, :ip, NOW());");
$stmt_policy = $db->prepare("INSERT INTO `policy` (`organization_name`, `report_id`, `policy_type`, `policy_string`, `policy_domain`, `mx_host`, `total_successful_session`, `total_failure_session`) VALUES (:n, :i, :t, :s, :d, :mx, :tss, :tsf)");
$stmt_detail = $db->prepare("INSERT INTO `failure_detail` (`policy_id`, `result_type`, `sending_mta_ip`, `receiving_mx_hostname`, `receiving_mx_helo`, `receiving_ip`, `failed_session_count`, `additional_information`, `failure_reason_code`) VALUES (:pid, :t, :sip, :rmx, :rh, :rip, :fs, :add, :c)");
......@@ -25,7 +60,14 @@ if ($validator->isValid()) {
$stmt->bindParam(':ed', $data->{'date-range'}->{'end-datetime'});
$stmt->bindParam(':c', $data->{'contact-info'});
$stmt->bindParam(':i', $data->{'report-id'});
$stmt->execute();
$stmt->bindParam(':net', $net);
$stmt->bindParam(':ip', $ip);
if (!$stmt->execute()) {
$info = $stmt->errorInfo();
header('HTTP/1.1 409 Conflict');
header('Content-Type: text/plain');
die ("${info[2]}\n");
}
$stmt_policy->bindParam(':n', $data->{'organization-name'});
$stmt_policy->bindParam(':i', $data->{'report-id'});
......@@ -53,6 +95,26 @@ if ($validator->isValid()) {
}
}
cleanup(
$db,
'select count(1) cnt from report r, policy p, failure_detail fd where r.organization_name = :data and p.organization_name = r.organization_name and p.report_id = r.report_id and fd.policy_id = p.id',
'select count(1) cnt from report r where r.organization_name = :data',
'delete from report where organization_name = :data order by start_datetime asc limit ',
MAX_REPORT_BY_ORG, $data->{'organization-name'});
cleanup(
$db,
'select count(1) cnt from report r, policy p, failure_detail fd where r.report_net = :data and p.organization_name = r.organization_name and p.report_id = r.report_id and fd.policy_id = p.id',
'select count(1) cnt from report r where r.report_net = :data',
'delete from report where report_net = :data order by start_datetime asc limit ',
MAX_REPORT_BY_NET, $net);
cleanup(
$db,
'select count(1) cnt from failure_detail where :data = 1',
'select count(1) cnt from report where :data = 1',
'delete from report order by start_datetime asc limit ',
MAX_REPORT_ALL, 1);
$db->exec('delete from report where start_datetime < DATE_SUB(NOW(),INTERVAL 1 YEAR)');
$db->commit();
} else {
echo "JSON does not validate. Violations:\n";
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment