#i51 - #i63 - #i64

git-svn-id: file:///svn/phpbb/trunk@8095 89ea8834-ac86-4346-8a33-228a782c2dd0
2025-06-28 22:28:51 +00:00 · 2007-09-21 15:05:04 +00:00 · 2007-09-21 15:05:04 +00:00 · 7be10f7bf5
commit 7be10f7bf5
parent 69d29e9282
4 changed files with 25 additions and 30 deletions
--- a/phpBB/includes/acp/acp_users.php
+++ b/phpBB/includes/acp/acp_users.php
@ -47,13 +47,7 @@ class acp_users
 			$user_ip = request_var('user_ip', '');
 			$domain = gethostbyaddr($user_ip);
-			$ipwhois = '';
+			$ipwhois = user_ipwhois($user_ip);
 			if ($ipwhois = user_ipwhois($user_ip))
 			{
 				$ipwhois = preg_replace('#(\s)([\w\-\._\+]+@[\w\-\.]+)(\s)#', '\1<a href="mailto:\2">\2</a>\3', $ipwhois);
 				$ipwhois = preg_replace('#(\s)(http:/{2}[^\s]*)(\s)#', '\1<a href="\2">\2</a>\3', $ipwhois);
 			}
 			$template->assign_vars(array(
 				'MESSAGE_TITLE'		=> sprintf($user->lang['IP_WHOIS_FOR'], $domain),
--- a/phpBB/includes/functions_user.php
+++ b/phpBB/includes/functions_user.php
@ -1112,6 +1112,13 @@ function user_ipwhois($ip)
 {
 	$ipwhois = '';
 	// Check IP
 	// Only supporting IPv4 at the moment...
 	if (empty($ip) || !preg_match(get_preg_expression('ipv4'), $ip))
 	{
 		return '';
 	}
 	$match = array(
 		'#RIPE\.NET#is'				=> 'whois.ripe.net',
 		'#whois\.apnic\.net#is'		=> 'whois.apnic.net',
@ -1147,7 +1154,10 @@ function user_ipwhois($ip)
 		}
 	}
-	return $ipwhois;
+	$ipwhois = htmlspecialchars($ipwhois);
 	// Magic URL ;)
 	return trim(make_clickable($ipwhois, false, ''));
 }
 /**
--- a/phpBB/includes/mcp/mcp_post.php
+++ b/phpBB/includes/mcp/mcp_post.php
@ -36,20 +36,18 @@ function mcp_post_details($id, $mode, $action)
 	{
 		case 'whois':
 			if ($auth->acl_get('m_info', $post_info['forum_id']))
 			{
 				$ip = request_var('ip', '');
 				include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
 			$whois = user_ipwhois($ip);
 			$whois = preg_replace('#(\s)([\w\-\._\+]+@[\w\-\.]+)(\s)#', '\1<a href="mailto:\2">\2</a>\3', $whois);
 			$whois = preg_replace('#(\s)(ht{2}p:/{2}\S*)(\s)#', '\1<a href="\2">\2</a>\3', $whois);
 				$template->assign_vars(array(
 					'RETURN_POST'	=> sprintf($user->lang['RETURN_POST'], '<a href="' . append_sid("{$phpbb_root_path}mcp.$phpEx", "i=$id&amp;mode=$mode&amp;p=$post_id") . '">', '</a>'),
 					'U_RETURN_POST'	=> append_sid("{$phpbb_root_path}mcp.$phpEx", "i=$id&amp;mode=$mode&amp;p=$post_id"),
 					'L_RETURN_POST'	=> sprintf($user->lang['RETURN_POST'], '', ''),
-				'WHOIS'			=> trim($whois))
+					'WHOIS'			=> user_ipwhois($ip),
-			);
+				));
 			}
 			// We're done with the whois page so return
 			return;
--- a/phpBB/viewonline.php
+++ b/phpBB/viewonline.php
@ -52,7 +52,7 @@ if (!isset($sort_key_text[$sort_key]))
 $order_by = $sort_key_sql[$sort_key] . ' ' . (($sort_dir == 'a') ? 'ASC' : 'DESC');
 // Whois requested
-if ($mode == 'whois')
+if ($mode == 'whois' && $auth->acl_get('a_') && $session_id)
 {
 	include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
@ -64,14 +64,7 @@ if ($mode == 'whois')
 	if ($row = $db->sql_fetchrow($result))
 	{
-		$whois = user_ipwhois($row['session_ip']);
+		$template->assign_var('WHOIS', user_ipwhois($row['session_ip']));
 		$whois = preg_replace('#(\s)([\w\-\._\+]+@[\w\-\.]+)(\s)#', '\1<a href="mailto:\2">\2</a>\3', $whois);
 		$whois = preg_replace('#(\s)(http:/{2}[^\s]*)(\s)#', '\1<a href="\2">\2</a>\3', $whois);
 		$template->assign_vars(array(
 			'WHOIS'	=> trim($whois))
 		);
 	}
 	$db->sql_freeresult($result);