makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-28 06:08:52 +00:00
Code Issues Projects Releases Packages Wiki Activity

Updated for user_ban/unban function

Browse source 
git-svn-id: file:///svn/phpbb/trunk@4808 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Paul S. Owen 2004-02-08 00:26:44 +00:00
parent 3bdcc8e59c
commit 962e15a0e5
1 changed files with 56 additions and 368 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

424
phpBB/adm/admin_ban.php
View file

@ -1,23 +1,15 @@
<?php <?php
/*************************************************************************** // -------------------------------------------------------------
* admin_ban.php //
* ------------------- // $Id$
* begin : Tuesday, Jul 31, 2001 //
* copyright : (C) 2001 The phpBB Group // FILENAME : admin_ban.php
* email : support@phpbb.com // STARTED : Tue Jul 31, 2001
* // COPYRIGHT : © 2001,2003 phpBB Group
* $Id$ // WWW : http://www.phpbb.com/
* // LICENCE : GPL vs2.0 [ see /docs/COPYING ]
***************************************************************************/ //
// -------------------------------------------------------------
/***************************************************************************
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
***************************************************************************/
if (!empty($setmodules)) if (!empty($setmodules))
{ {
@ -46,327 +38,33 @@ if (!$auth->acl_get('a_ban'))
trigger_error($user->lang['NO_ADMIN']); trigger_error($user->lang['NO_ADMIN']);
} }
// Mode setting // Mode setting
$mode = (isset($_REQUEST['mode'])) ? $_REQUEST['mode'] : ''; $mode = request_var('mode', '');
$bansubmit = (isset($_POST['bansubmit'])) ? true : false;
$unbansubmit= (isset($_POST['unbansubmit'])) ? true : false;
// Set some vars
$current_time = time(); $current_time = time();
// Start program // Start program
if (isset($_REQUEST['bansubmit'])) if ($bansubmit)
{ {
// Grab the list of entries // Grab the list of entries
$ban = (!empty($_REQUEST['ban'])) ? $_REQUEST['ban'] : ''; $ban = request_var('ban', '');
$ban_list = array_unique(explode("\n", $ban)); $ban_len = request_var('banlength', 0);
$ban_list_log = implode(', ', $ban_list); $ban_len_other = request_var('banlengthother', '');
$ban_exclude = request_var('banexclude', 0);
$ban_reason = request_var('banreason', '');
user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reason);
$ban_exclude = (!empty($_POST['banexclude'])) ? 1 : 0;
$ban_reason = (isset($_POST['banreason'])) ? $_POST['banreason'] : '';
if (!empty($_POST['banlength']))
{
if ($_POST['banlength'] != -1 || empty($_POST['banlengthother']))
{
$ban_end = max($current_time, $current_time + (intval($_POST['banlength']) * 60));
}
else
{
$ban_other = explode('-', $_POST['banlengthother']);
$ban_end = max($current_time, gmmktime(0, 0, 0, $ban_other[1], $ban_other[2], $ban_other[0]));
}
}
else
{
$ban_end = 0;
}
$banlist = array();
switch ($mode)
{
case 'user':
$type = 'ban_userid';
if (in_array('*', $ban_list))
{
$banlist[] = '*';
}
else
{
$sql = 'SELECT user_id
FROM ' . USERS_TABLE . '
WHERE username IN (' . implode(', ', array_diff(preg_replace('#^[\s]*(.*?)[\s]*$#', "'\\1'", $ban_list), array("''"))) . ')';
$result = $db->sql_query($sql);
if ($row = $db->sql_fetchrow($result))
{
do
{
$banlist[] = $row['user_id'];
}
while ($row = $db->sql_fetchrow($result));
}
}
break;
case 'ip':
$type = 'ban_ip';
foreach ($ban_list as $ban_item)
{
if (preg_match('#^([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})[ ]*\-[ ]*([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})$#', trim($ban_item), $ip_range_explode))
{
// Don't ask about all this, just don't ask ... !
$ip_1_counter = $ip_range_explode[1];
$ip_1_end = $ip_range_explode[5];
while ($ip_1_counter <= $ip_1_end)
{
$ip_2_counter = ($ip_1_counter == $ip_range_explode[1]) ? $ip_range_explode[2] : 0;
$ip_2_end = ($ip_1_counter < $ip_1_end) ? 254 : $ip_range_explode[6];
if($ip_2_counter == 0 && $ip_2_end == 254)
{
$ip_2_counter = 256;
$ip_2_fragment = 256;
$banlist[] = "'$ip_1_counter.*'";
}
while ($ip_2_counter <= $ip_2_end)
{
$ip_3_counter = ($ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1]) ? $ip_range_explode[3] : 0;
$ip_3_end = ($ip_2_counter < $ip_2_end || $ip_1_counter < $ip_1_end) ? 254 : $ip_range_explode[7];
if ($ip_3_counter == 0 && $ip_3_end == 254)
{
$ip_3_counter = 256;
$ip_3_fragment = 256;
$banlist[] = "'$ip_1_counter.$ip_2_counter.*'";
}
while ($ip_3_counter <= $ip_3_end)
{
$ip_4_counter = ($ip_3_counter == $ip_range_explode[3] && $ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1]) ? $ip_range_explode[4] : 0;
$ip_4_end = ($ip_3_counter < $ip_3_end || $ip_2_counter < $ip_2_end) ? 254 : $ip_range_explode[8];
if ($ip_4_counter == 0 && $ip_4_end == 254)
{
$ip_4_counter = 256;
$ip_4_fragment = 256;
$banlist[] = "'$ip_1_counter.$ip_2_counter.$ip_3_counter.*'";
}
while ($ip_4_counter <= $ip_4_end)
{
$banlist[] = "'$ip_1_counter.$ip_2_counter.$ip_3_counter.$ip_4_counter'";
$ip_4_counter++;
}
$ip_3_counter++;
}
$ip_2_counter++;
}
$ip_1_counter++;
}
}
else if (preg_match('#^([\w\-_]\.?){2,}$#is', trim($ban_item)))
{
$ip_ary = gethostbynamel(trim($ban_item));
foreach ($ip_ary as $ip)
{
if (!empty($ip))
{
$banlist[] = "'" . $ip . "'";
}
}
}
else if (preg_match('#^([0-9]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})$#', trim($ban_item)) || preg_match('#^[a-f0-9:]+\*?$#i', trim($ban_item)))
{
$banlist[] = "'" . trim($ban_item) . "'";
}
else if (preg_match('#^\*$#', trim($ban_item)))
{
$banlist[] = "'*'";
}
}
break;
case 'email':
$type = 'ban_email';
foreach ($ban_list as $ban_item)
{
if (preg_match('#^.*?@*|(([a-z0-9\-]+\.)+([a-z]{2,3}))$#i', trim($ban_item)))
{
$banlist[] = "'" . trim($ban_item) . "'";
}
}
break;
}
$sql = "SELECT $type
FROM " . BANLIST_TABLE . "
WHERE $type <> ''
AND ban_exclude = $ban_exclude";
$result = $db->sql_query($sql);
if ($row = $db->sql_fetchrow($result))
{
$banlist_tmp = array();
do
{
switch ($mode)
{
case 'user':
$banlist_tmp[] = $row['ban_userid'];
break;
case 'ip':
$banlist_tmp[] = "'" . $row['ban_ip'] . "'";
break;
case 'email':
$banlist_tmp[] = "'" . $row['ban_email'] . "'";
break;
}
}
while ($row = $db->sql_fetchrow($result));
$banlist = array_unique(array_diff($banlist, $banlist_tmp));
unset($banlist_tmp);
}
if (sizeof($banlist))
{
$sql = '';
foreach ($banlist as $ban_entry)
{
switch (SQL_LAYER)
{
case 'mysql':
case 'mysql4':
$sql .= (($sql != '') ? ', ' : '') . "($ban_entry, $current_time, $ban_end, $ban_exclude, '$ban_reason')";
break;
case 'mssql':
case 'sqlite':
$sql .= (($sql != '') ? ' UNION ALL ' : '') . " SELECT $ban_entry, $current_time, $ban_end, $ban_exclude, '$ban_reason'";
break;
default:
$sql = 'INSERT INTO ' . BANLIST_TABLE . " ($type, ban_start, ban_end, ban_exclude, ban_reason)
VALUES ($ban_entry, $current_time, $ban_end, $ban_exclude, '$ban_reason')";
$db->sql_query($sql);
$sql = '';
}
}
if ($sql != '')
{
$sql = 'INSERT INTO ' . BANLIST_TABLE . " ($type, ban_start, ban_end, ban_exclude, ban_reason)
VALUES $sql";
$db->sql_query($sql);
}
if (!$ban_exclude)
{
$sql = '';
switch ($mode)
{
case 'user':
$sql = "WHERE session_user_id IN (" . implode(', ', $banlist) . ")";
break;
case 'ip':
$sql = "WHERE session_ip IN (" . implode(', ', $banlist) . ")";
break;
case 'email':
$sql = "SELECT user_id
FROM " . USERS_TABLE . "
WHERE user_email IN (" . implode(', ', $banlist) . ")";
$result = $db->sql_query($sql);
$sql = '';
if ($row = $db->sql_fetchrow($result))
{
do
{
$sql .= (($sql != '') ? ', ' : '') . $row['user_id'];
}
while ($row = $db->sql_fetchrow($result));
$sql = "WHERE session_user_id IN (" . str_replace('*', '%', $sql) . ")";
}
break;
}
if ($sql != '')
{
$sql = "DELETE FROM " . SESSIONS_TABLE . "
$sql";
$db->sql_query($sql);
}
}
// Update log
$log_entry = ($ban_exclude) ? 'LOG_BAN_EXCLUDE_' : 'LOG_BAN_';
add_log('admin', $log_entry . strtoupper($mode), $ban_reason, $ban_list_log);
}
trigger_error($user->lang['BAN_UPDATE_SUCESSFUL']); trigger_error($user->lang['BAN_UPDATE_SUCESSFUL']);
} }
else if (isset($_POST['unbansubmit'])) else if ($unbansubmit)
{ {
$unban_sql = implode(', ', array_map('intval', $_POST['unban'])); $ban = request_var('unban', '');
if ($unban_sql != '') user_unban($mode, $ban);
{
$l_unban_list = '';
// Grab details of bans for logging information later
switch ($mode)
{
case 'user':
$sql = "SELECT u.username AS unban_info
FROM " . USERS_TABLE . " u, " . BANLIST_TABLE . " b
WHERE b.ban_id IN ($unban_sql)
AND u.user_id = b.ban_userid";
break;
case 'email':
$sql = "SELECT ban_email AS unban_info
FROM " . BANLIST_TABLE . "
WHERE ban_id IN ($unban_sql)";
break;
case 'ip':
$sql = "SELECT ban_ip AS unban_info
FROM " . BANLIST_TABLE . "
WHERE ban_id IN ($unban_sql)";
break;
}
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
{
$l_unban_list .= (($l_unban_list != '') ? ', ' : '') . $row['unban_info'];
}
$sql = "DELETE FROM " . BANLIST_TABLE . "
WHERE ban_id IN ($unban_sql)";
$db->sql_query($sql);
add_log('admin', 'LOG_UNBAN_' . strtoupper($mode), $l_unban_list);
}
trigger_error($user->lang['BAN_UPDATE_SUCESSFUL']); trigger_error($user->lang['BAN_UPDATE_SUCESSFUL']);
} }
@ -375,13 +73,6 @@ else if (isset($_POST['unbansubmit']))
// Output relevant entry page // Output relevant entry page
// //
//
// Remove timed out bans
//
$sql = "DELETE FROM " . BANLIST_TABLE . "
WHERE ban_end < " . time() . "
AND ban_end <> 0";
$db->sql_query($sql);
// //
// Ban length options // Ban length options
@ -427,18 +118,17 @@ switch ($mode)
$l_ban_exclude_explain = $user->lang['BAN_USER_EXCLUDE_EXPLAIN']; $l_ban_exclude_explain = $user->lang['BAN_USER_EXCLUDE_EXPLAIN'];
$l_unban_title = $user->lang['UNBAN_USERNAME']; $l_unban_title = $user->lang['UNBAN_USERNAME'];
$l_unban_explain = $user->lang['UNBAN_USERNAME_EXPLAIN']; $l_unban_explain = $user->lang['UNBAN_USERNAME_EXPLAIN'];
$l_ban_cell = $user->lang['USERNAME']; $l_ban_cell = $user->lang['USERNAME'] . ': <br /><span class="gensmall">[ <a href="' . "../memberlist.$phpEx$SID&amp;mode=searchuser&amp;form=banning&amp;field=ban\" onclick=\"window.open('../memberlist.$phpEx$SID&amp;mode=searchuser&amp;form=banning&amp;field=ban', '_phpbbsearch', 'HEIGHT=500,resizable=yes,scrollbars=yes,WIDTH=740');return false;\">" . $user->lang['FIND_USERNAME'] .'</a> ]</span>';
$l_no_ban_cell = $user->lang['NO_BANNED_USERS']; $l_no_ban_cell = $user->lang['NO_BANNED_USERS'];
$s_submit_extra = '<input type="submit" name="usersubmit" value="' . $user->lang['LOOK_UP_USER'] . '" class="btnlite" onclick="window.open(\'../memberlist.' . $phpEx . $SID . '&amp;mode=searchuser&amp;field=ban\', \'_phpbbsearch\', \'HEIGHT=500,resizable=yes,scrollbars=yes,WIDTH=740\');return false;" />';
$sql = "SELECT b.*, u.user_id, u.username $sql = 'SELECT b.*, u.user_id, u.username
FROM " . BANLIST_TABLE . " b, " . USERS_TABLE . " u FROM ' . BANLIST_TABLE . ' b, ' . USERS_TABLE . ' u
WHERE (b.ban_end >= " . time() . " WHERE (b.ban_end >= ' . time() . '
OR b.ban_end = 0) OR b.ban_end = 0)
AND u.user_id = b.ban_userid AND u.user_id = b.ban_userid
AND b.ban_userid <> 0 AND b.ban_userid <> 0
AND u.user_id <> " . ANONYMOUS . " AND u.user_id <> ' . ANONYMOUS . '
ORDER BY u.user_id ASC"; ORDER BY u.user_id ASC';
break; break;
case 'ip': case 'ip':
@ -449,13 +139,12 @@ switch ($mode)
$l_ban_exclude_explain = $user->lang['BAN_IP_EXCLUDE_EXPLAIN']; $l_ban_exclude_explain = $user->lang['BAN_IP_EXCLUDE_EXPLAIN'];
$l_unban_title = $user->lang['UNBAN_IP']; $l_unban_title = $user->lang['UNBAN_IP'];
$l_unban_explain = $user->lang['UNBAN_IP_EXPLAIN']; $l_unban_explain = $user->lang['UNBAN_IP_EXPLAIN'];
$l_ban_cell = $user->lang['IP_HOSTNAME']; $l_ban_cell = $user->lang['IP_HOSTNAME'] . ':';
$l_no_ban_cell = $user->lang['NO_BANNED_IP']; $l_no_ban_cell = $user->lang['NO_BANNED_IP'];
$s_submit_extra = '';
$sql = "SELECT * $sql = 'SELECT *
FROM " . BANLIST_TABLE . " FROM ' . BANLIST_TABLE . '
WHERE (ban_end >= " . time() . " WHERE (ban_end >= ' . time() . "
OR ban_end = 0) OR ban_end = 0)
AND ban_ip <> ''"; AND ban_ip <> ''";
break; break;
@ -468,13 +157,12 @@ switch ($mode)
$l_ban_exclude_explain = $user->lang['BAN_EMAIL_EXCLUDE_EXPLAIN']; $l_ban_exclude_explain = $user->lang['BAN_EMAIL_EXCLUDE_EXPLAIN'];
$l_unban_title = $user->lang['UNBAN_EMAIL']; $l_unban_title = $user->lang['UNBAN_EMAIL'];
$l_unban_explain = $user->lang['UNBAN_EMAIL_EXPLAIN']; $l_unban_explain = $user->lang['UNBAN_EMAIL_EXPLAIN'];
$l_ban_cell = $user->lang['EMAIL_ADDRESS']; $l_ban_cell = $user->lang['EMAIL_ADDRESS'] . ':';
$l_no_ban_cell = $user->lang['NO_BANNED_EMAIL']; $l_no_ban_cell = $user->lang['NO_BANNED_EMAIL'];
$s_submit_extra = '';
$sql = "SELECT * $sql = 'SELECT *
FROM " . BANLIST_TABLE . " FROM ' . BANLIST_TABLE . '
WHERE (ban_end >= " . time() . " WHERE (ban_end >= ' . time() . "
OR ban_end = 0) OR ban_end = 0)
AND ban_email <> ''"; AND ban_email <> ''";
break; break;
@ -542,28 +230,28 @@ function display_details(option)
//--> //-->
</script> </script>
<form method="post" action="<?php echo "admin_ban.$phpEx$SID&amp;mode=$mode"; ?>"><table class="bg" width="80%" cellspacing="1" cellpadding="4" border="0" align="center"> <form name="banning" method="post" action="<?php echo "admin_ban.$phpEx$SID&amp;mode=$mode"; ?>"><table class="bg" width="80%" cellspacing="1" cellpadding="4" border="0" align="center">
<tr> <tr>
<th colspan="2"><?php echo $l_ban_title; ?></th> <th colspan="2"><?php echo $l_ban_title; ?></th>
</tr> </tr>
<tr> <tr>
<td class="row2" width="45%"><?php echo $l_ban_cell; ?>: </td> <td class="row1" width="45%"><?php echo $l_ban_cell; ?></td>
<td class="row1"><textarea cols="40" rows="3" name="ban"></textarea></td> <td class="row2"><textarea cols="40" rows="3" name="ban"></textarea></td>
</tr> </tr>
<tr> <tr>
<td class="row2" width="45%"><?php echo $user->lang['BAN_LENGTH']; ?>:</td> <td class="row1" width="45%"><?php echo $user->lang['BAN_LENGTH']; ?>:</td>
<td class="row1"><select name="banlength"><?php echo $ban_end_options; ?></select>&nbsp; <input class="post" type="text" name="banlengthother" maxlength="10" size="10" /></td> <td class="row2"><select name="banlength"><?php echo $ban_end_options; ?></select>&nbsp; <input class="post" type="text" name="banlengthother" maxlength="10" size="10" /></td>
</tr> </tr>
<tr> <tr>
<td class="row2" width="45%"><?php echo $user->lang['BAN_EXCLUDE']; ?>: <br /><span class="gensmall"><?php echo $l_ban_exclude_explain;;?></span></td> <td class="row1" width="45%"><?php echo $user->lang['BAN_EXCLUDE']; ?>: <br /><span class="gensmall"><?php echo $l_ban_exclude_explain;;?></span></td>
<td class="row1"><input type="radio" name="banexclude" value="1" /> <?php echo $user->lang['YES']; ?> &nbsp; <input type="radio" name="banexclude" value="0" checked="checked" /> <?php echo $user->lang['NO']; ?></td> <td class="row2"><input type="radio" name="banexclude" value="1" /> <?php echo $user->lang['YES']; ?> &nbsp; <input type="radio" name="banexclude" value="0" checked="checked" /> <?php echo $user->lang['NO']; ?></td>
</tr> </tr>
<tr> <tr>
<td class="row2" width="45%"><?php echo $user->lang['BAN_REASON']; ?>:</td> <td class="row1" width="45%"><?php echo $user->lang['BAN_REASON']; ?>:</td>
<td class="row1"><input class="post" type="text" name="banreason" maxlength="255" size="40" /></td> <td class="row2"><input class="post" type="text" name="banreason" maxlength="255" size="40" /></td>
</tr> </tr>
<tr> <tr>
<td class="cat" colspan="2" align="center"> <input type="submit" name="bansubmit" value="<?php echo $user->lang['SUBMIT']; ?>" class="btnmain" />&nbsp; <input type="reset" value="<?php echo $user->lang['RESET']; ?>" class="btnlite" />&nbsp; <?php echo $s_submit_extra; ?></td> <td class="cat" colspan="2" align="center"> <input type="submit" name="bansubmit" value="<?php echo $user->lang['SUBMIT']; ?>" class="btnmain" />&nbsp; <input type="reset" value="<?php echo $user->lang['RESET']; ?>" class="btnlite" />&nbsp;</td>
</tr> </tr>
</table> </table>
@ -582,16 +270,16 @@ function display_details(option)
?> ?>
<tr> <tr>
<td class="row2" width="45%"><?php echo $l_ban_cell; ?>: <br /></td> <td class="row1" width="45%"><?php echo $l_ban_cell; ?>: <br /></td>
<td class="row1"> <select name="unban[]" multiple="multiple" size="5" onchange="display_details(this.options[this.selectedIndex].value)"><?php echo $banned_options; ?></select></td> <td class="row2"> <select name="unban[]" multiple="multiple" size="5" onchange="display_details(this.options[this.selectedIndex].value)"><?php echo $banned_options; ?></select></td>
</tr> </tr>
<tr> <tr>
<td class="row2" width="45%"><?php echo $user->lang['BAN_REASON']; ?>:</td> <td class="row1" width="45%"><?php echo $user->lang['BAN_REASON']; ?>:</td>
<td class="row1"><input class="row1" style="border:0px" type="text" name="unbanreason" size="40" /></td> <td class="row2"><input class="row1" style="border:0px" type="text" name="unbanreason" size="40" /></td>
</tr> </tr>
<tr> <tr>
<td class="row2" width="45%"><?php echo $user->lang['BAN_LENGTH']; ?>:</td> <td class="row1" width="45%"><?php echo $user->lang['BAN_LENGTH']; ?>:</td>
<td class="row1"><input class="row1" style="border:0px" type="text" name="unbanlength" size="40" /></td> <td class="row2"><input class="row1" style="border:0px" type="text" name="unbanlength" size="40" /></td>
</tr> </tr>
<tr> <tr>
<td class="cat" colspan="2" align="center"><input type="submit" name="unbansubmit" value="<?php echo $user->lang['SUBMIT']; ?>" class="btnmain" />&nbsp; <input type="reset" value="<?php echo $user->lang['RESET']; ?>" class="btnlite" /></td> <td class="cat" colspan="2" align="center"><input type="submit" name="unbansubmit" value="<?php echo $user->lang['SUBMIT']; ?>" class="btnmain" />&nbsp; <input type="reset" value="<?php echo $user->lang['RESET']; ?>" class="btnlite" /></td>
@ -604,7 +292,7 @@ function display_details(option)
?> ?>
<tr> <tr>
<td class="row1" colspan="2" align="center"><?php echo $l_no_ban_cell; ?></td> <td class="row2" colspan="2" align="center"><?php echo $l_no_ban_cell; ?></td>
</tr> </tr>
<?php <?php