Mail Spam Protect

VERSION

@@ -1,4 +1,4 @@
 latest
-1.1.8
-1.1
+1.2.0
+1.2
 1

core/Mail.php

@@ -17,13 +17,20 @@
  */
 class Mail {
 
+	/**
+	 * The system uses some type of spam protection.
+	 * One can not send too many mails to one address.
+	 */
+	const LAST_TIMES = 3; // check times of last x mails to this address
+	const LAST_SECONDS = 3600; // allow LAST_TIMES mails in last y seconds
+
 	private static $templates = array(
 		'mailAdminNotif',
 		'mailNewPollNotif',
 		'mailPollSubm'
 	);
 
-	private $type, $template, $mailHeader;
+	private $type, $template, $mailHeader, $maillog;
 
 	/**
 	 * Creates the Mail (also using a HTML Template)
@@ -35,6 +42,8 @@ public function __construct( string $mailType ){
 		}
 		$this->template = new Template( $this->type );
 
+		$this->maillog = new JSONReader('mail');
+
 		$this->setUpMailMeta();
 	}
 
@@ -74,9 +83,26 @@ private function setUpMailMeta(){
 	/**
 	 * Sends the created Mail 
 	 * @param $to The destination mail address
+	 * @param $force Force to send the mail (also if many mail send to this address in the last time)
 	 */
-	public function sendMail(string $to){
-		mail(
+	public function sendMail(string $to, bool $force = false){
+		if( $this->maillog->isValue( [$to] ) && !$force ){
+			$lastx = array_slice( $this->maillog->getValue( [$to] ), -self::LAST_TIMES);
+			if(
+				count($lastx) == self::LAST_TIMES && $lastx[0] + self::LAST_SECONDS > time()
+			){
+				return false;
+			}
+		}
+
+		if( $this->maillog->isValue( [$to] ) ){
+			$this->maillog->setValue( [$to, null], time() );
+		}
+		else {
+			$this->maillog->setValue( [$to], array(time()) );
+		}
+
+		return mail(
 			$to,
 			LanguageManager::getTranslation($this->type),
 			$this->template->getOutputString(),

core/PollCreator.php

@@ -208,7 +208,7 @@ private function sendNewPollMail() {
 		$m->setContent('POLLLINK', URL::generateLink('poll', $this->data['code']['poll'], '' ));
 		$m->setContent('POLLID', $this->data['code']['poll'] );
 
-		$m->sendMail( $to );
+		$m->sendMail( $to, true );
 	}
 }
 

core/SubmissionQuery.php

@@ -78,12 +78,20 @@ private function checkForPost(){
 							}
 						}
 					}
+					$this->mailsend = true;
 					if( !empty($mailsubs) ){ // found entry?
-						$this->doMail( $mailsubs, $email );
+						if( !$this->doMail( $mailsubs, $email ) ){
+							$this->mailsend = false;
+
+							$alert = new Template( 'alert' );
+							$this->template->includeTemplate($alert);
+							$alert->setContent( 'ALERTMESSAGE', LanguageManager::getTranslation('MailTimeout') );
+
+							return;
+						}
 					}
 					usleep(random_int(200000,800000)); // prevent timing attacks
-
-					$this->mailsend = true;
+
 					return;
 				}
 			}
@@ -117,7 +125,7 @@ private function doMail( array $d, string $email ){
 		}
 		$m->setMultipleContent( "Items", $items );
 
-		$m->sendMail($email);
+		return $m->sendMail($email);
 	}
 
 	/**

core/Utilities.php

@@ -16,7 +16,7 @@ class Utilities {
 	/**
 	 * The system's Version
 	 */
-	const SYS_VERSION = 'v1.1.8';
+	const SYS_VERSION = 'v1.2.0';
 
 	/**
 	 * Possible chars for:

data/translation_de.json

@@ -25,5 +25,6 @@
     "mailNewPollNotif": "Neue Umfrage erstellt",
     "FillAdditionals": "Bitte alle Felder füllen, nicht als optional gekennzeichnete Felder sind Pflichtfelder.",
     "InvalMail": "Die eingegebene E-Mail-Adresse erfüllt nicht die Anforderungen!",
-    "mailPollSubm": "Liste meiner Eintraege"
+    "mailPollSubm": "Liste meiner Eintraege",
+    "MailTimeout": "Mailversand an die Adresse fehlgeschlagen, da zu viele Mails an diese Adresse geschickt wurden. Versuchen Sie es später erneut."
 }

data/translation_en.json

@@ -25,5 +25,6 @@
     "mailNewPollNotif": "A new Poll was created",
     "FillAdditionals": "Please fill in all values, fields not marked as optional are required.",
     "InvalMail": "The given E-Mail-Address does not fullfil the requirements!",
-    "mailPollSubm": "List of my entries"
+    "mailPollSubm": "List of my entries",
+    "MailTimeout": "Error while sending mail, because too many mails have been send to this address. Please try again later."
 }