diff --git a/phpBB/admin/admin_ban.php b/phpBB/admin/admin_ban.php index cd95248d54..cced9a1d1a 100644 --- a/phpBB/admin/admin_ban.php +++ b/phpBB/admin/admin_ban.php @@ -44,7 +44,7 @@ require($phpbb_root_path . 'extension.inc'); require('pagestart.' . $phpEx); // -// +// Do we have ban permissions? // if ( !$acl->get_acl_admin('ban') ) { @@ -52,441 +52,563 @@ if ( !$acl->get_acl_admin('ban') ) } // -// Start program +// Mode setting // -if( isset($HTTP_POST_VARS['submit']) ) +if ( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) ) { - $user_bansql = ''; - $email_bansql = ''; - $ip_bansql = ''; - - $user_list = array(); - if( isset($HTTP_POST_VARS['ban_user']) ) - { - $user_list_temp = $HTTP_POST_VARS['ban_user']; - - for($i = 0; $i < count($user_list_temp); $i++) - { - $user_list[] = trim($user_list_temp[$i]); - } - } - - $ip_list = array(); - if( isset($HTTP_POST_VARS['ban_ip']) ) - { - $ip_list_temp = explode(',', $HTTP_POST_VARS['ban_ip']); - - for($i = 0; $i < count($ip_list_temp); $i++) - { - if( preg_match('/^([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})[ ]*\-[ ]*([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})$/', trim($ip_list_temp[$i]), $ip_range_explode) ) - { - // - // Don't ask about all this, just don't ask ... ! - // - $ip_1_counter = $ip_range_explode[1]; - $ip_1_end = $ip_range_explode[5]; - - while($ip_1_counter <= $ip_1_end) - { - $ip_2_counter = ($ip_1_counter == $ip_range_explode[1]) ? $ip_range_explode[2] : 0; - $ip_2_end = ($ip_1_counter < $ip_1_end) ? 254 : $ip_range_explode[6]; - - if($ip_2_counter == 0 && $ip_2_end == 254) - { - $ip_2_counter = 256; - $ip_2_fragment = 256; - - $ip_list[] = "$ip_1_counter.256.256.256"; - } - - while($ip_2_counter <= $ip_2_end) - { - $ip_3_counter = ($ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1]) ? $ip_range_explode[3] : 0; - $ip_3_end = ($ip_2_counter < $ip_2_end || $ip_1_counter < $ip_1_end) ? 254 : $ip_range_explode[7]; - - if($ip_3_counter == 0 && $ip_3_end == 254 ) - { - $ip_3_counter = 256; - $ip_3_fragment = 256; - - $ip_list[] = "$ip_1_counter.$ip_2_counter.256.256"; - } - - while($ip_3_counter <= $ip_3_end) - { - $ip_4_counter = ($ip_3_counter == $ip_range_explode[3] && $ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1]) ? $ip_range_explode[4] : 0; - $ip_4_end = ($ip_3_counter < $ip_3_end || $ip_2_counter < $ip_2_end) ? 254 : $ip_range_explode[8]; - - if($ip_4_counter == 0 && $ip_4_end == 254) - { - $ip_4_counter = 256; - $ip_4_fragment = 256; - - $ip_list[] = "$ip_1_counter.$ip_2_counter.$ip_3_counter.256"; - } - - while($ip_4_counter <= $ip_4_end) - { - $ip_list[] = "$ip_1_counter.$ip_2_counter.$ip_3_counter.$ip_4_counter"; - $ip_4_counter++; - } - $ip_3_counter++; - } - $ip_2_counter++; - } - $ip_1_counter++; - } - } - else if( preg_match('/^([\w\-_]\.?){2,}$/is', trim($ip_list_temp[$i])) ) - { - $ip = gethostbynamel(trim($ip_list_temp[$i])); - - for($j = 0; $j < count($ip); $j++) - { - if( !empty($ip[$j]) ) - { - $ip_list[] = $ip[$j]; - } - } - } - else if( preg_match('/^([0-9]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})$/', trim($ip_list_temp[$i])) ) - { - $ip_list[] = str_replace('*', '256', trim($ip_list_temp[$i])); - } - } - } - - $email_list = array(); - if(isset($HTTP_POST_VARS['ban_email'])) - { - $email_list_temp = explode(',', $HTTP_POST_VARS['ban_email']); - - for($i = 0; $i < count($email_list_temp); $i++) - { - // - // This ereg match is based on one by php@unreelpro.com - // contained in the annotated php manual at php.com (ereg - // section) - // - if( eregi('^(([[:alnum:]\*]+([-_.][[:alnum:]\*]+)*\.?)|(\*))@([[:alnum:]]+([-_]?[[:alnum:]]+)*\.){1,3}([[:alnum:]]{2,6})$', trim($email_list_temp[$i])) ) - { - $email_list[] = trim($email_list_temp[$i]); - } - } - } - - $sql = "SELECT * - FROM " . BANLIST_TABLE; - if( !$result = $db->sql_query($sql) ) - { - message_die(GENERAL_ERROR, "Couldn't obtain banlist information", "", __LINE__, __FILE__, $sql); - } - - $current_banlist = $db->sql_fetchrowset($result); - - $kill_session_sql = ''; - for($i = 0; $i < count($user_list); $i++) - { - $in_banlist = false; - for($j = 0; $j < count($current_banlist); $j++) - { - if($user_list[$i] == $current_banlist[$j]['ban_userid']) - { - $in_banlist = true; - } - } - - if(!$in_banlist) - { - $kill_session_sql .= ( ($kill_session_sql != '') ? ' OR ' : '' ) . "session_user_id = " . $user_list[$i]; - - $sql = "INSERT INTO " . BANLIST_TABLE . " (ban_userid) - VALUES (" . $user_list[$i] . ")"; - if( !$result = $db->sql_query($sql) ) - { - message_die(GENERAL_ERROR, "Couldn't insert ban_userid info into database", "", __LINE__, __FILE__, $sql); - } - } - } - - for($i = 0; $i < count($ip_list); $i++) - { - $in_banlist = false; - for($j = 0; $j < count($current_banlist); $j++) - { - if($ip_list[$i] == $current_banlist[$j]['ban_ip']) - { - $in_banlist = true; - } - } - - if ( !$in_banlist ) - { - $kill_ip_sql = ( preg_match('/256/s') ) ? "session_ip LIKE '" . preg_replace('/(256)/s', '%', $ip_list[$i]) . "'" : "session_ip = '" . $ip_list[$i] . "'"; - - $kill_session_sql .= ( ($kill_session_sql != '') ? ' OR ' : '' ) . $kill_ip_sql; - - $sql = "INSERT INTO " . BANLIST_TABLE . " (ban_ip) - VALUES ('" . $ip_list[$i] . "')"; - if( !$result = $db->sql_query($sql) ) - { - message_die(GENERAL_ERROR, "Couldn't insert ban_ip info into database", "", __LINE__, __FILE__, $sql); - } - } - } - - // - // Now we'll delete all entries from the - // session table with any of the banned - // user or IP info just entered into the - // ban table ... this will force a session - // initialisation resulting in an instant - // ban - // - if( $kill_session_sql != "" ) - { - $sql = "DELETE FROM " . SESSIONS_TABLE . " - WHERE $kill_session_sql"; - if( !$result = $db->sql_query($sql) ) - { - message_die(GENERAL_ERROR, "Couldn't delete banned sessions from database", "", __LINE__, __FILE__, $sql); - } - } - - for($i = 0; $i < count($email_list); $i++) - { - $in_banlist = false; - for($j = 0; $j < count($current_banlist); $j++) - { - if( $email_list[$i] == $current_banlist[$j]['ban_email'] ) - { - $in_banlist = true; - } - } - - if( !$in_banlist ) - { - $sql = "INSERT INTO " . BANLIST_TABLE . " (ban_email) - VALUES ('" . str_replace("\'", "''", $email_list[$i]) . "')"; - if( !$result = $db->sql_query($sql) ) - { - message_die(GENERAL_ERROR, "Couldn't insert ban_email info into database", "", __LINE__, __FILE__, $sql); - } - } - } - - $where_sql = ""; - - if(isset($HTTP_POST_VARS['unban_user'])) - { - $user_list = $HTTP_POST_VARS['unban_user']; - - for($i = 0; $i < count($user_list); $i++) - { - if($user_list[$i] != -1) - { - if($where_sql != "") - { - $where_sql .= ", "; - } - $where_sql .= $user_list[$i]; - } - } - } - - if( isset($HTTP_POST_VARS['unban_ip']) ) - { - $ip_list = $HTTP_POST_VARS['unban_ip']; - - for($i = 0; $i < count($ip_list); $i++) - { - if($ip_list[$i] != -1) - { - if($where_sql != "") - { - $where_sql .= ", "; - } - $where_sql .= $ip_list[$i]; - } - } - } - - if( isset($HTTP_POST_VARS['unban_email']) ) - { - $email_list = $HTTP_POST_VARS['unban_email']; - - for($i = 0; $i < count($email_list); $i++) - { - if($email_list[$i] != -1) - { - if($where_sql != "") - { - $where_sql .= ", "; - } - $where_sql .= $email_list[$i]; - } - } - } - - if( $where_sql != "" ) - { - $sql = "DELETE FROM " . BANLIST_TABLE . " - WHERE ban_id IN ($where_sql)"; - if( !$result = $db->sql_query($sql) ) - { - message_die(GENERAL_ERROR, "Couldn't delete ban info from database", "", __LINE__, __FILE__, $sql); - } - } - - $message = $lang['Ban_update_sucessful'] . "

" . sprintf($lang['Click_return_banadmin'], "", "") . "

" . sprintf($lang['Click_return_admin_index'], "", ""); - - message_die(GENERAL_MESSAGE, $message); - + $mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode']; } else { - $template->set_filenames(array( - 'body' => 'admin/user_ban_body.tpl') - ); - - $template->assign_vars(array( - 'L_BAN_TITLE' => $lang['Ban_control'], - 'L_BAN_EXPLAIN' => $lang['Ban_explain'], - 'L_BAN_EXPLAIN_WARN' => $lang['Ban_explain_warn'], - 'L_IP_OR_HOSTNAME' => $lang['IP_hostname'], - 'L_EMAIL_ADDRESS' => $lang['Email_address'], - 'L_SUBMIT' => $lang['Submit'], - 'L_RESET' => $lang['Reset'], - - 'S_BANLIST_ACTION' => append_sid("admin_user_ban.$phpEx")) - ); - - $userban_count = 0; - - $sql = "SELECT user_id, username - FROM " . USERS_TABLE . " - WHERE user_id <> " . ANONYMOUS . " - ORDER BY username ASC"; - if ( !($result = $db->sql_query($sql)) ) - { - message_die(GENERAL_ERROR, 'Could not select current user_id ban list', '', __LINE__, __FILE__, $sql); - } - - $user_list = $db->sql_fetchrowset($result); - $db->sql_freeresult($result); - - $select_userlist = ''; - for($i = 0; $i < count($user_list); $i++) - { - $select_userlist .= ''; - $userban_count++; - } - $select_userlist = ''; - - $template->assign_vars(array( - 'L_BAN_USER' => $lang['Ban_username'], - 'L_BAN_USER_EXPLAIN' => $lang['Ban_username_explain'], - 'L_BAN_IP' => $lang['Ban_IP'], - 'L_BAN_IP_EXPLAIN' => $lang['Ban_IP_explain'], - 'L_BAN_EMAIL' => $lang['Ban_email'], - 'L_BAN_EMAIL_EXPLAIN' => $lang['Ban_email_explain'], - - 'S_BAN_USERLIST_SELECT' => $select_userlist) - ); - - $userban_count = 0; - $ipban_count = 0; - $emailban_count = 0; - - $sql = "SELECT b.ban_id, u.user_id, u.username - FROM " . BANLIST_TABLE . " b, " . USERS_TABLE . " u - WHERE u.user_id = b.ban_userid - AND b.ban_userid <> 0 - AND u.user_id <> " . ANONYMOUS . " - ORDER BY u.user_id ASC"; - if ( !($result = $db->sql_query($sql)) ) - { - message_die(GENERAL_ERROR, 'Could not select current user_id ban list', '', __LINE__, __FILE__, $sql); - } - - $user_list = $db->sql_fetchrowset($result); - $db->sql_freeresult($result); - - $select_userlist = ''; - for($i = 0; $i < count($user_list); $i++) - { - $select_userlist .= ''; - $userban_count++; - } - - if( $select_userlist == '' ) - { - $select_userlist = ''; - } - - $select_userlist = ''; - - $sql = "SELECT ban_id, ban_ip, ban_email - FROM " . BANLIST_TABLE; - if ( !($result = $db->sql_query($sql)) ) - { - message_die(GENERAL_ERROR, 'Could not select current ip ban list', '', __LINE__, __FILE__, $sql); - } - - $banlist = $db->sql_fetchrowset($result); - $db->sql_freeresult($result); - - $select_iplist = ''; - $select_emaillist = ''; - - for($i = 0; $i < count($banlist); $i++) - { - $ban_id = $banlist[$i]['ban_id']; - - if ( !empty($banlist[$i]['ban_ip']) ) - { - $ban_ip = str_replace('256', '*', $banlist[$i]['ban_ip']); - $select_iplist .= ''; - $ipban_count++; - } - else if ( !empty($banlist[$i]['ban_email']) ) - { - $ban_email = $banlist[$i]['ban_email']; - $select_emaillist .= ''; - $emailban_count++; - } - } - - if ( $select_iplist == '' ) - { - $select_iplist = ''; - } - - if ( $select_emaillist == '' ) - { - $select_emaillist = ''; - } - - $select_iplist = ''; - $select_emaillist = ''; - - $template->assign_vars(array( - 'L_UNBAN_USER' => $lang['Unban_username'], - 'L_UNBAN_USER_EXPLAIN' => $lang['Unban_username_explain'], - 'L_UNBAN_IP' => $lang['Unban_IP'], - 'L_UNBAN_IP_EXPLAIN' => $lang['Unban_IP_explain'], - 'L_UNBAN_EMAIL' => $lang['Unban_email'], - 'L_UNBAN_EMAIL_EXPLAIN' => $lang['Unban_email_explain'], - - 'S_UNBAN_USERLIST_SELECT' => $select_userlist, - 'S_UNBAN_IPLIST_SELECT' => $select_iplist, - 'S_UNBAN_EMAILLIST_SELECT' => $select_emaillist, - 'S_BAN_ACTION' => append_sid("admin_user_ban.$phpEx")) - ); + $mode = ''; } -$template->pparse('body'); +$current_time = time(); -include('page_footer_admin.'.$phpEx); +// +// Start program +// +if ( isset($HTTP_POST_VARS['bansubmit']) ) +{ + $ban_end = ( isset($HTTP_POST_VARS['banlength']) ) ? $current_time + ( intval($HTTP_POST_VARS['banlength']) * 60 ) : 0; + $ban_reason = ( isset($HTTP_POST_VARS['banreason']) ) ? $HTTP_POST_VARS['banreason'] : ''; + $ban_list = array_unique(explode("\n", $HTTP_POST_VARS['ban'])); + + $banlist = array(); + + switch ( $mode ) + { + case 'user': + $type = 'ban_userid'; + + $banlist_tmp = array(); + for($i = 0; $i < count($ban_list); $i++) + { + if ( trim($ban_list[$i]) != '' ) + { + $banlist_tmp[] = '\'' . trim($ban_list[$i]) . '\''; + } + } + + $sql = "SELECT user_id + FROM " . USERS_TABLE . " + WHERE username IN (" . implode(', ', $banlist_tmp) . ")"; + $result = $db->sql_query($sql); + + if ( $row = $db->sql_fetchrow($result) ) + { + do + { + $banlist[] = $row['user_id']; + } + while ( $row = $db->sql_fetchrow($result) ); + } + unset($banlist_tmp); + break; + + case 'ip': + $type = 'ban_ip'; + + for($i = 0; $i < count($ban_list); $i++) + { + if ( preg_match('/^([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})[ ]*\-[ ]*([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})$/', trim($ban_list[$i]), $ip_range_explode) ) + { + // + // Don't ask about all this, just don't ask ... ! + // + $ip_1_counter = $ip_range_explode[1]; + $ip_1_end = $ip_range_explode[5]; + + while ( $ip_1_counter <= $ip_1_end ) + { + $ip_2_counter = ( $ip_1_counter == $ip_range_explode[1] ) ? $ip_range_explode[2] : 0; + $ip_2_end = ($ip_1_counter < $ip_1_end) ? 254 : $ip_range_explode[6]; + + if( $ip_2_counter == 0 && $ip_2_end == 254 ) + { + $ip_2_counter = 256; + $ip_2_fragment = 256; + + $banlist[] = "'$ip_1_counter.'"; + } + + while ( $ip_2_counter <= $ip_2_end ) + { + $ip_3_counter = ( $ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1] ) ? $ip_range_explode[3] : 0; + $ip_3_end = ($ip_2_counter < $ip_2_end || $ip_1_counter < $ip_1_end) ? 254 : $ip_range_explode[7]; + + if ( $ip_3_counter == 0 && $ip_3_end == 254 ) + { + $ip_3_counter = 256; + $ip_3_fragment = 256; + + $banlist[] = "'$ip_1_counter.$ip_2_counter.'"; + } + + while ( $ip_3_counter <= $ip_3_end ) + { + $ip_4_counter = ( $ip_3_counter == $ip_range_explode[3] && $ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1] ) ? $ip_range_explode[4] : 0; + $ip_4_end = ($ip_3_counter < $ip_3_end || $ip_2_counter < $ip_2_end) ? 254 : $ip_range_explode[8]; + + if ( $ip_4_counter == 0 && $ip_4_end == 254 ) + { + $ip_4_counter = 256; + $ip_4_fragment = 256; + + $banlist[] = "'$ip_1_counter.$ip_2_counter.$ip_3_counter.'"; + } + + while ( $ip_4_counter <= $ip_4_end ) + { + $banlist[] = "'$ip_1_counter.$ip_2_counter.$ip_3_counter.$ip_4_counter'"; + $ip_4_counter++; + } + $ip_3_counter++; + } + $ip_2_counter++; + } + $ip_1_counter++; + } + } + else if ( preg_match('/^([\w\-_]\.?){2,}$/is', trim($ban_list[$i])) ) + { + $ip = gethostbynamel(trim($ban_list[$i])); + + for($j = 0; $j < count($ip); $j++) + { + if ( !empty($ip[$j]) ) + { + $banlist[] = '\'' . $ip[$j] . '\''; + } + } + } + else if ( preg_match('/^([0-9]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})$/', trim($ban_list[$i])) ) + { + $banlist[] = '\'' . str_replace('*', '', trim($ban_list[$i])) . '\''; + } + } + break; + + case 'email': + $type = 'ban_email'; + + for($i = 0; $i < count($ban_list); $i++) + { + // + // This ereg match is based on one by php@unreelpro.com + // contained in the annotated php manual at php.com (ereg + // section) + // + if ( eregi('^(([[:alnum:]\*]+([-_.][[:alnum:]\*]+)*\.?)|(\*))@([[:alnum:]]+([-_]?[[:alnum:]]+)*\.){1,3}([[:alnum:]]{2,6})$', trim($ban_list[$i])) ) + { + $banlist[] = '\'' . trim($ban_list[$i]) . '\''; + } + } + break; + } + + $sql = "SELECT ban_userid, ban_ip, ban_email + FROM " . BANLIST_TABLE; + $result = $db->sql_query($sql); + + if ( $row = $db->sql_fetchrow($result) ) + { + $banlist_tmp = array(); + do + { + switch ( $mode ) + { + case 'user': + $banlist_tmp[] = $row['ban_userid']; + break; + + case 'ip': + $banlist_tmp[] = '\'' . $row['ban_ip'] . '\''; + break; + + case 'email': + $banlist_tmp[] = '\'' . $row['ban_email'] . '\''; + break; + } + } + while ( $row = $db->sql_fetchrow($result) ); + + $banlist = array_unique(array_diff($banlist, $banlist_tmp)); + unset($banlist_tmp); + } + + $current_time = time(); + + if ( sizeof($banlist) ) + { + for($i = 0; $i < count($banlist); $i++) + { + $sql = "INSERT INTO " . BANLIST_TABLE . " ($type, ban_start, ban_end, ban_reason) + VALUES (" . $banlist[$i] . ", $current_time, $ban_end, '$ban_reason')"; + $db->sql_query($sql); + } + + $sql = ''; + switch ( $mode ) + { + case 'user': + $sql = "WHERE session_user_id IN (" . implode(', ', $banlist) . ")"; + break; + + case 'ip': + $sql = "WHERE session_ip IN (" . implode(', ', $banlist) . ")"; + break; + + case 'email': + $sql = "SELECT user_id + FROM " . USERS_TABLE . " + WHERE user_email IN (" . implode(', ', $banlist) . ")"; + $result = $db->sql_query($sql); + + $sql = ''; + if ( $row = $db->sql_fetchrow($result) ) + { + do + { + $sql .= ( ( $sql != '' ) ? ', ' : '' ) . $row['user_id']; + } + while ( $row = $db->sql_fetchrow($result) ); + + $sql = "WHERE session_user_id IN (" . str_replace('*', '%', $sql) . ")"; + } + break; + } + + if ( $sql != '' ) + { + $sql = "DELETE FROM " . SESSIONS_TABLE . " + $sql"; + $db->sql_query($sql); + } + + // + // Update log + // + add_admin_log('log_ban_' . $mode, str_replace('\'', '', implode(', ', $banlist)), $ban_reason); + } + + $message = $lang['Ban_update_sucessful'] . '

' . sprintf($lang['Click_return_banadmin'], '', '') . '

' . sprintf($lang['Click_return_admin_index'], '', ''); + message_die(MESSAGE, $message); + +} +else if ( isset($HTTP_POST_VARS['unbansubmit']) ) +{ + $unban_sql = ''; + for($i = 0; $i < count($HTTP_POST_VARS['unban']); $i++ ) + { + $unban_sql .= ( ( $unban_sql != '' ) ? ', ' : '' ) . intval($HTTP_POST_VARS['unban'][$i]); + } + + if ( $unban_sql != '' ) + { + $sql = "DELETE FROM " . BANLIST_TABLE . " + WHERE ban_id IN ($unban_sql)"; + $db->sql_query($sql); + + add_admin_log('log_unban_' . $mode, sizeof($HTTP_POST_VARS['unban'])); + } + + $message = $lang['Ban_update_sucessful'] . '

' . sprintf($lang['Click_return_banadmin'], '', '') . '

' . sprintf($lang['Click_return_admin_index'], '', ''); + message_die(MESSAGE, $message); +} + +// +// Output relevant entry page +// + +// +// Remove timed out bans +// +$sql = "DELETE FROM " . BANLIST_TABLE . " + WHERE ban_end < " . time() . " + AND ban_end <> 0"; +$db->sql_query($sql); + +// +// Ban length options +// +$ban_end_text = array(0 => $lang['Permanent'], 30 => $lang['30_Mins'], 60 => $lang['1_Hour'], 360 => $lang['6_Hours'], 1440 => $lang['1_Day'], 10080 => $lang['7_Days'], 20160 => $lang['2_Weeks'], 40320 => $lang['1_Month']); + +$ban_end_options = ''; +foreach ( $ban_end_text as $length => $text ) +{ + $ban_end_options .= ''; +} + +// +// Title +// +switch ( $mode ) +{ + case 'user': + $l_title = $lang['Ban_users']; + break; + case 'email': + $l_title = $lang['Ban_emails']; + break; + case 'ip': + $l_title = $lang['Ban_ips']; + break; +} + +// +// Output page +// +page_header($l_title); + +?> + +

+ += " . time() . " + OR b.ban_end = 0 ) + AND u.user_id = b.ban_userid + AND b.ban_userid <> 0 + AND u.user_id <> " . ANONYMOUS . " + ORDER BY u.user_id ASC"; + $result = $db->sql_query($sql); + + $banned_options = ''; + $banned_length = ''; + $banned_options = ''; + if ( $row = $db->sql_fetchrow($result) ) + { + do + { + $banned_options .= ''; + $banned_length .= ( ( $banned_length != '' ) ? ', ' : '' ) . '\'' . ( $ban_end_text[(($row['ban_end'] - $row['ban_start']) / 60)] ) . '\''; + $banned_reasons .= ( ( $banned_reasons != '' ) ? ', ' : '' ) . '\'' . addslashes($row['ban_reason']) . '\''; + } + while ( $row = $db->sql_fetchrow($result) ); + } + $db->sql_freeresult($result); + +?> + + + +

+ +

+ +
"> + + + + + + + + + + + + + + + + + + +
:
:
:
    ', '_phpbbsearch', 'HEIGHT=250,resizable=yes,WIDTH=400');return false;" />
+ +

+ +

+ + + + + + + + + + + + += " . time() . " + OR ban_end = 0 ) + AND ban_ip <> ''"; + $result = $db->sql_query($sql); + + $banned_reasons = ''; + $banned_length = ''; + $banned_options = ''; + if ( $row = $db->sql_fetchrow($result) ) + { + do + { + $banned_options .= ''; + $banned_length .= ( ( $banned_length != '' ) ? ', ' : '' ) . '\'' . ( $ban_end_text[(($row['ban_end'] - $row['ban_start']) / 60)] ) . '\''; + $banned_reasons .= ( ( $banned_reasons != '' ) ? ', ' : '' ) . '\'' . addslashes($row['ban_reason']) . '\''; + } + while ( $row = $db->sql_fetchrow($result) ); + } + $db->sql_freeresult($result); + +?> + + + +

+ +

+ +">
:
+ + + + + + + + + + + + + + + + + + +
:
:
:
 
+ +

+ +

+ + + + + + + + + + + + += " . time() . " + OR ban_end = 0 ) + AND ban_email <> ''"; + $result = $db->sql_query($sql); + + $banned_options = ''; + $banned_length = ''; + $banned_options = ''; + if ( $row = $db->sql_fetchrow($result) ) + { + do + { + $banned_options .= ''; + $banned_length .= ( ( $banned_length != '' ) ? ', ' : '' ) . '\'' . ( $ban_end_text[(($row['ban_end'] - $row['ban_start']) / 60)] ) . '\''; + $banned_reasons .= ( ( $banned_reasons != '' ) ? ', ' : '' ) . '\'' . addslashes($row['ban_reason']) . '\''; + } + while ( $row = $db->sql_fetchrow($result) ); + } + $db->sql_freeresult($result); + +?> + +

+ +

+ + + +">
:
+ + + + + + + + + + + + + + + + + + +
:
:
:
 
+ +

+ +

+ + + + + + + + + + + + + +
:
+ +
+ + \ No newline at end of file diff --git a/phpBB/admin/admin_board.php b/phpBB/admin/admin_board.php index 3dfb10e25a..9d2bb7ede2 100644 --- a/phpBB/admin/admin_board.php +++ b/phpBB/admin/admin_board.php @@ -27,11 +27,10 @@ if ( !empty($setmodules) ) } $file = basename(__FILE__); - $module['General']['Avatar_Setup'] = "$file$SID&mode=avatars"; - $module['General']['Basic_Config'] = "$file$SID&mode=basic"; - $module['General']['Cookie_Parameters'] = "$file$SID&mode=cookies"; - $module['General']['Default_Settings'] = "$file$SID&mode=gendefs"; - $module['Users']['Default_Settings'] = "$file$SID&mode=userdefs"; + $module['General']['Avatars'] = "$file$SID&mode=avatars"; + $module['General']['Cookies'] = "$file$SID&mode=cookies"; + $module['General']['Defaults'] = "$file$SID&mode=gendefs"; + $module['Users']['Defaults'] = "$file$SID&mode=userdefs"; return; } diff --git a/phpBB/admin/admin_email.php b/phpBB/admin/admin_email.php index 2609351569..6c99d61fe1 100644 --- a/phpBB/admin/admin_email.php +++ b/phpBB/admin/admin_email.php @@ -27,7 +27,7 @@ if ( !empty($setmodules) ) } $filename = basename(__FILE__); - $module['Users']['Mass_Email'] = $filename . $SID; + $module['General']['Mass_Email'] = $filename . $SID; return; } diff --git a/phpBB/admin/admin_permissions.php b/phpBB/admin/admin_permissions.php index 0c90f8aa34..565a77e037 100644 --- a/phpBB/admin/admin_permissions.php +++ b/phpBB/admin/admin_permissions.php @@ -128,31 +128,59 @@ if ( !empty($forum_id) || $mode == 'administrators' ) ?> -
"> +"> + + + + + + + + + +

[ ]
 
-

+
- + + + + + + + + + + +

[ ]
 
-

[ ]

+
-

+ + + + + + + + + + +

[ ]
 
- +
-

[ ]

- -

- - - -

[ ]

- -

- - - -

[ ]

+ + + + + + + + + + +

[ ]
 
Setting Users + + + + +   + + + +   + + + +
+ + + + - - + + +
Setting Groups
   
 
+ sql_query($sql); + + add_admin_log('log_admin_clear'); } +// +// +// if ( isset($HTTP_POST_VARS['sort']) ) { if ( !empty($HTTP_POST_VARS['sort_days']) ) diff --git a/phpBB/admin/index.php b/phpBB/admin/index.php index 74d3ad829a..2a72ea8c6f 100644 --- a/phpBB/admin/index.php +++ b/phpBB/admin/index.php @@ -414,6 +414,7 @@ elseif ( isset($HTTP_GET_VARS['pane']) && $HTTP_GET_VARS['pane'] == 'right' ) $sql = "SELECT user_id, username, user_regdate FROM " . USERS_TABLE . " WHERE user_active = 0 + AND user_id <> " . ANONYMOUS . " ORDER BY user_regdate ASC"; $result = $db->sql_query($sql); diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index 9234afee73..63cfaad4ed 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -193,7 +193,7 @@ class session { $sql = "SELECT ban_ip, ban_userid, ban_email FROM " . BANLIST_TABLE . " - WHERE ( ban_start + ban_length <= $current_time + WHERE ( ban_end >= $current_time OR ban_length = 0 ) AND ban_ip IN ( '" . $user_ip_parts[0] . ".', diff --git a/phpBB/install/schemas/mysql_schema.sql b/phpBB/install/schemas/mysql_schema.sql index 5276a06e67..0717e371bf 100644 --- a/phpBB/install/schemas/mysql_schema.sql +++ b/phpBB/install/schemas/mysql_schema.sql @@ -77,7 +77,7 @@ CREATE TABLE phpbb_banlist ( ban_ip varchar(40) NOT NULL, ban_email varchar(50), ban_start int(11), - ban_length int(11), + ban_end int(11), PRIMARY KEY (ban_id), KEY ban_ip_user_id (ban_ip, ban_userid) ); diff --git a/phpBB/language/lang_english/lang_admin.php b/phpBB/language/lang_english/lang_admin.php index 67e394bfbe..81bdea6e48 100644 --- a/phpBB/language/lang_english/lang_admin.php +++ b/phpBB/language/lang_english/lang_admin.php @@ -39,13 +39,15 @@ $lang['Styles'] = 'Styles Admin'; $lang['Configuration'] = 'Configuration'; $lang['Permissions'] = 'Permissions'; -$lang['Manage'] = 'Management'; +$lang['Manage'] = 'Manage'; $lang['Disallow'] = 'Disallow names'; $lang['Prune'] = 'Pruning'; $lang['Mass_Email'] = 'Mass Email'; $lang['Ranks'] = 'Ranks'; $lang['Smilies'] = 'Smilies'; -$lang['Ban_Management'] = 'Ban Control'; +$lang['Ban_users'] = 'Ban Usernames'; +$lang['Ban_emails'] = 'Ban Emails'; +$lang['Ban_ips'] = 'Ban IPs'; $lang['Word_Censor'] = 'Word Censors'; $lang['Export'] = 'Export'; $lang['Create_new'] = 'Create'; @@ -83,6 +85,16 @@ $lang['log_disallow_delete'] = 'Deleted disallowed username'; $lang['log_prune'] = 'Pruned forum %s'; +$lang['log_admin_clear'] = 'Cleared admin log'; + +$lang['log_ban_user'] = 'Banned username : %s [ %s ]'; +$lang['log_ban_ip'] = 'Banned ip : %s [ %s ]'; +$lang['log_ban_email'] = 'Banned email : %s [ %s ]'; +$lang['log_unban_user'] = 'Unbanned username [ %s total ]'; +$lang['log_unban_ip'] = 'Unbanned ip [ %s total ]'; +$lang['log_unban_email'] = 'Unbanned email [ %s total ]'; + + // // View log // @@ -274,31 +286,27 @@ $lang['Click_return_forumauth'] = 'Click %sHere%s to return to Forum Permissions // // Banning // -$lang['Ban_control'] = 'Ban Control'; -$lang['Ban_explain'] = 'Here you can control the banning of users. You can achieve this by banning either or both of a specific user or an individual or range of IP addresses or hostnames. These methods prevent a user from even reaching the index page of your board. To prevent a user from registering under a different username you can also specify a banned email address. Please note that banning an email address alone will not prevent that user from being able to logon or post to your board, you should use one of the first two methods to achieve this.'; -$lang['Ban_explain_warn'] = 'Please note that entering a range of IP addresses results in all the addresses between the start and end being added to the banlist. Attempts will be made to minimise the number of addresses added to the database by introducing wildcards automatically where appropriate. If you really must enter a range try to keep it small or better yet state specific addresses.'; +$lang['Ban_explain'] = 'Here you can control the banning of users. You can achieve this by banning either or both of a specific user or an individual or range of IP addresses or hostnames. These methods prevent a user reaching any part of the board. You can give a short (255 character) reason for the ban if you wish. This will be displayed in the admin log.'; -$lang['Select_username'] = 'Select a Username'; -$lang['Select_ip'] = 'Select an IP'; -$lang['Select_email'] = 'Select an Email address'; +$lang['Ban_length'] = 'Length of ban'; +$lang['Permanent'] = 'Permanent'; +$lang['30_Mins'] = '30 Minutes'; +$lang['1_Hour'] = '1 Hour'; +$lang['6_Hours'] = '6 Hours'; +$lang['Ban_reason'] = 'Reason for ban'; -$lang['Ban_username'] = 'Ban one or more specific users'; -$lang['Ban_username_explain'] = 'You can ban multiple users in one go using the appropriate combination of mouse and keyboard for your computer and browser'; +$lang['Ban_username_explain'] = 'You can ban multiple users in one go just enter each name on a new line'; +$lang['Unban_username'] = 'Un-ban usernames'; +$lang['Unban_username_explain'] = 'You can unban multiple users in one go using the appropriate combination of mouse and keyboard for your computer and browser'; -$lang['Ban_IP'] = 'Ban one or more IP addresses or hostnames'; $lang['IP_hostname'] = 'IP addresses or hostnames'; -$lang['Ban_IP_explain'] = 'To specify several different IP\'s or hostnames separate them with commas. To specify a range of IP addresses separate the start and end with a hyphen (-), to specify a wildcard use *'; +$lang['Ban_IP_explain'] = 'To specify several different IP\'s or hostnames enter each on a new line. To specify a range of IP addresses separate the start and end with a hyphen (-), to specify a wildcard use *'; +$lang['Unban_IP'] = 'Un-ban IPs'; +$lang['Unban_IP_explain'] = 'You can unban multiple IP addresses in one go using the appropriate combination of mouse and keyboard for your computer and browser'; $lang['Ban_email'] = 'Ban one or more email addresses'; $lang['Ban_email_explain'] = 'To specify more than one email address separate them with commas. To specify a wildcard username use *, for example *@hotmail.com'; - -$lang['Unban_username'] = 'Un-ban one more specific users'; -$lang['Unban_username_explain'] = 'You can unban multiple users in one go using the appropriate combination of mouse and keyboard for your computer and browser'; - -$lang['Unban_IP'] = 'Un-ban one or more IP addresses'; -$lang['Unban_IP_explain'] = 'You can unban multiple IP addresses in one go using the appropriate combination of mouse and keyboard for your computer and browser'; - -$lang['Unban_email'] = 'Un-ban one or more email addresses'; +$lang['Unban_email'] = 'Un-ban Emails'; $lang['Unban_email_explain'] = 'You can unban multiple email addresses in one go using the appropriate combination of mouse and keyboard for your computer and browser'; $lang['No_banned_users'] = 'No banned usernames';