diff options
| author | Paul S. Owen <psotfx@users.sourceforge.net> | 2002-07-26 16:31:50 +0000 |
|---|---|---|
| committer | Paul S. Owen <psotfx@users.sourceforge.net> | 2002-07-26 16:31:50 +0000 |
| commit | 46bfc70d6d4aa2370658a80d5ad792f4ee7a5e43 (patch) | |
| tree | 2cc3df16cf77c23518f439b4c55176c4d6c93a79 /phpBB/admin/admin_ban.php | |
| parent | 30bb2a839753fdf09457d7287b8ae97d399d2101 (diff) | |
| download | forums-46bfc70d6d4aa2370658a80d5ad792f4ee7a5e43.tar forums-46bfc70d6d4aa2370658a80d5ad792f4ee7a5e43.tar.gz forums-46bfc70d6d4aa2370658a80d5ad792f4ee7a5e43.tar.bz2 forums-46bfc70d6d4aa2370658a80d5ad792f4ee7a5e43.tar.xz forums-46bfc70d6d4aa2370658a80d5ad792f4ee7a5e43.zip | |
Various updates, banning, etc.
git-svn-id: file:///svn/phpbb/trunk@2745 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/admin/admin_ban.php')
| -rw-r--r-- | phpBB/admin/admin_ban.php | 804 |
1 files changed, 463 insertions, 341 deletions
diff --git a/phpBB/admin/admin_ban.php b/phpBB/admin/admin_ban.php index cd95248d54..cced9a1d1a 100644 --- a/phpBB/admin/admin_ban.php +++ b/phpBB/admin/admin_ban.php @@ -44,7 +44,7 @@ require($phpbb_root_path . 'extension.inc'); require('pagestart.' . $phpEx); // -// +// Do we have ban permissions? // if ( !$acl->get_acl_admin('ban') ) { @@ -52,441 +52,563 @@ if ( !$acl->get_acl_admin('ban') ) } // -// Start program +// Mode setting // -if( isset($HTTP_POST_VARS['submit']) ) +if ( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) ) +{ + $mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode']; +} +else { - $user_bansql = ''; - $email_bansql = ''; - $ip_bansql = ''; + $mode = ''; +} - $user_list = array(); - if( isset($HTTP_POST_VARS['ban_user']) ) - { - $user_list_temp = $HTTP_POST_VARS['ban_user']; +$current_time = time(); - for($i = 0; $i < count($user_list_temp); $i++) - { - $user_list[] = trim($user_list_temp[$i]); - } - } +// +// Start program +// +if ( isset($HTTP_POST_VARS['bansubmit']) ) +{ + $ban_end = ( isset($HTTP_POST_VARS['banlength']) ) ? $current_time + ( intval($HTTP_POST_VARS['banlength']) * 60 ) : 0; + $ban_reason = ( isset($HTTP_POST_VARS['banreason']) ) ? $HTTP_POST_VARS['banreason'] : ''; + $ban_list = array_unique(explode("\n", $HTTP_POST_VARS['ban'])); + + $banlist = array(); - $ip_list = array(); - if( isset($HTTP_POST_VARS['ban_ip']) ) + switch ( $mode ) { - $ip_list_temp = explode(',', $HTTP_POST_VARS['ban_ip']); + case 'user': + $type = 'ban_userid'; - for($i = 0; $i < count($ip_list_temp); $i++) - { - if( preg_match('/^([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})[ ]*\-[ ]*([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})$/', trim($ip_list_temp[$i]), $ip_range_explode) ) + $banlist_tmp = array(); + for($i = 0; $i < count($ban_list); $i++) { - // - // Don't ask about all this, just don't ask ... ! - // - $ip_1_counter = $ip_range_explode[1]; - $ip_1_end = $ip_range_explode[5]; + if ( trim($ban_list[$i]) != '' ) + { + $banlist_tmp[] = '\'' . trim($ban_list[$i]) . '\''; + } + } + + $sql = "SELECT user_id + FROM " . USERS_TABLE . " + WHERE username IN (" . implode(', ', $banlist_tmp) . ")"; + $result = $db->sql_query($sql); - while($ip_1_counter <= $ip_1_end) + if ( $row = $db->sql_fetchrow($result) ) + { + do { - $ip_2_counter = ($ip_1_counter == $ip_range_explode[1]) ? $ip_range_explode[2] : 0; - $ip_2_end = ($ip_1_counter < $ip_1_end) ? 254 : $ip_range_explode[6]; + $banlist[] = $row['user_id']; + } + while ( $row = $db->sql_fetchrow($result) ); + } + unset($banlist_tmp); + break; - if($ip_2_counter == 0 && $ip_2_end == 254) - { - $ip_2_counter = 256; - $ip_2_fragment = 256; + case 'ip': + $type = 'ban_ip'; - $ip_list[] = "$ip_1_counter.256.256.256"; - } + for($i = 0; $i < count($ban_list); $i++) + { + if ( preg_match('/^([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})[ ]*\-[ ]*([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})$/', trim($ban_list[$i]), $ip_range_explode) ) + { + // + // Don't ask about all this, just don't ask ... ! + // + $ip_1_counter = $ip_range_explode[1]; + $ip_1_end = $ip_range_explode[5]; - while($ip_2_counter <= $ip_2_end) + while ( $ip_1_counter <= $ip_1_end ) { - $ip_3_counter = ($ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1]) ? $ip_range_explode[3] : 0; - $ip_3_end = ($ip_2_counter < $ip_2_end || $ip_1_counter < $ip_1_end) ? 254 : $ip_range_explode[7]; + $ip_2_counter = ( $ip_1_counter == $ip_range_explode[1] ) ? $ip_range_explode[2] : 0; + $ip_2_end = ($ip_1_counter < $ip_1_end) ? 254 : $ip_range_explode[6]; - if($ip_3_counter == 0 && $ip_3_end == 254 ) + if( $ip_2_counter == 0 && $ip_2_end == 254 ) { - $ip_3_counter = 256; - $ip_3_fragment = 256; + $ip_2_counter = 256; + $ip_2_fragment = 256; - $ip_list[] = "$ip_1_counter.$ip_2_counter.256.256"; + $banlist[] = "'$ip_1_counter.'"; } - while($ip_3_counter <= $ip_3_end) + while ( $ip_2_counter <= $ip_2_end ) { - $ip_4_counter = ($ip_3_counter == $ip_range_explode[3] && $ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1]) ? $ip_range_explode[4] : 0; - $ip_4_end = ($ip_3_counter < $ip_3_end || $ip_2_counter < $ip_2_end) ? 254 : $ip_range_explode[8]; + $ip_3_counter = ( $ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1] ) ? $ip_range_explode[3] : 0; + $ip_3_end = ($ip_2_counter < $ip_2_end || $ip_1_counter < $ip_1_end) ? 254 : $ip_range_explode[7]; - if($ip_4_counter == 0 && $ip_4_end == 254) + if ( $ip_3_counter == 0 && $ip_3_end == 254 ) { - $ip_4_counter = 256; - $ip_4_fragment = 256; + $ip_3_counter = 256; + $ip_3_fragment = 256; - $ip_list[] = "$ip_1_counter.$ip_2_counter.$ip_3_counter.256"; + $banlist[] = "'$ip_1_counter.$ip_2_counter.'"; } - while($ip_4_counter <= $ip_4_end) + while ( $ip_3_counter <= $ip_3_end ) { - $ip_list[] = "$ip_1_counter.$ip_2_counter.$ip_3_counter.$ip_4_counter"; - $ip_4_counter++; + $ip_4_counter = ( $ip_3_counter == $ip_range_explode[3] && $ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1] ) ? $ip_range_explode[4] : 0; + $ip_4_end = ($ip_3_counter < $ip_3_end || $ip_2_counter < $ip_2_end) ? 254 : $ip_range_explode[8]; + + if ( $ip_4_counter == 0 && $ip_4_end == 254 ) + { + $ip_4_counter = 256; + $ip_4_fragment = 256; + + $banlist[] = "'$ip_1_counter.$ip_2_counter.$ip_3_counter.'"; + } + + while ( $ip_4_counter <= $ip_4_end ) + { + $banlist[] = "'$ip_1_counter.$ip_2_counter.$ip_3_counter.$ip_4_counter'"; + $ip_4_counter++; + } + $ip_3_counter++; } - $ip_3_counter++; + $ip_2_counter++; } - $ip_2_counter++; + $ip_1_counter++; } - $ip_1_counter++; } - } - else if( preg_match('/^([\w\-_]\.?){2,}$/is', trim($ip_list_temp[$i])) ) - { - $ip = gethostbynamel(trim($ip_list_temp[$i])); - - for($j = 0; $j < count($ip); $j++) + else if ( preg_match('/^([\w\-_]\.?){2,}$/is', trim($ban_list[$i])) ) { - if( !empty($ip[$j]) ) + $ip = gethostbynamel(trim($ban_list[$i])); + + for($j = 0; $j < count($ip); $j++) { - $ip_list[] = $ip[$j]; + if ( !empty($ip[$j]) ) + { + $banlist[] = '\'' . $ip[$j] . '\''; + } } } + else if ( preg_match('/^([0-9]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})$/', trim($ban_list[$i])) ) + { + $banlist[] = '\'' . str_replace('*', '', trim($ban_list[$i])) . '\''; + } } - else if( preg_match('/^([0-9]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})$/', trim($ip_list_temp[$i])) ) - { - $ip_list[] = str_replace('*', '256', trim($ip_list_temp[$i])); - } - } - } + break; - $email_list = array(); - if(isset($HTTP_POST_VARS['ban_email'])) - { - $email_list_temp = explode(',', $HTTP_POST_VARS['ban_email']); + case 'email': + $type = 'ban_email'; - for($i = 0; $i < count($email_list_temp); $i++) - { - // - // This ereg match is based on one by php@unreelpro.com - // contained in the annotated php manual at php.com (ereg - // section) - // - if( eregi('^(([[:alnum:]\*]+([-_.][[:alnum:]\*]+)*\.?)|(\*))@([[:alnum:]]+([-_]?[[:alnum:]]+)*\.){1,3}([[:alnum:]]{2,6})$', trim($email_list_temp[$i])) ) + for($i = 0; $i < count($ban_list); $i++) { - $email_list[] = trim($email_list_temp[$i]); + // + // This ereg match is based on one by php@unreelpro.com + // contained in the annotated php manual at php.com (ereg + // section) + // + if ( eregi('^(([[:alnum:]\*]+([-_.][[:alnum:]\*]+)*\.?)|(\*))@([[:alnum:]]+([-_]?[[:alnum:]]+)*\.){1,3}([[:alnum:]]{2,6})$', trim($ban_list[$i])) ) + { + $banlist[] = '\'' . trim($ban_list[$i]) . '\''; + } } - } + break; } - $sql = "SELECT * + $sql = "SELECT ban_userid, ban_ip, ban_email FROM " . BANLIST_TABLE; - if( !$result = $db->sql_query($sql) ) - { - message_die(GENERAL_ERROR, "Couldn't obtain banlist information", "", __LINE__, __FILE__, $sql); - } + $result = $db->sql_query($sql); - $current_banlist = $db->sql_fetchrowset($result); - - $kill_session_sql = ''; - for($i = 0; $i < count($user_list); $i++) + if ( $row = $db->sql_fetchrow($result) ) { - $in_banlist = false; - for($j = 0; $j < count($current_banlist); $j++) + $banlist_tmp = array(); + do { - if($user_list[$i] == $current_banlist[$j]['ban_userid']) + switch ( $mode ) { - $in_banlist = true; - } - } - - if(!$in_banlist) - { - $kill_session_sql .= ( ($kill_session_sql != '') ? ' OR ' : '' ) . "session_user_id = " . $user_list[$i]; + case 'user': + $banlist_tmp[] = $row['ban_userid']; + break; - $sql = "INSERT INTO " . BANLIST_TABLE . " (ban_userid) - VALUES (" . $user_list[$i] . ")"; - if( !$result = $db->sql_query($sql) ) - { - message_die(GENERAL_ERROR, "Couldn't insert ban_userid info into database", "", __LINE__, __FILE__, $sql); - } - } - } + case 'ip': + $banlist_tmp[] = '\'' . $row['ban_ip'] . '\''; + break; - for($i = 0; $i < count($ip_list); $i++) - { - $in_banlist = false; - for($j = 0; $j < count($current_banlist); $j++) - { - if($ip_list[$i] == $current_banlist[$j]['ban_ip']) - { - $in_banlist = true; + case 'email': + $banlist_tmp[] = '\'' . $row['ban_email'] . '\''; + break; } } + while ( $row = $db->sql_fetchrow($result) ); - if ( !$in_banlist ) - { - $kill_ip_sql = ( preg_match('/256/s') ) ? "session_ip LIKE '" . preg_replace('/(256)/s', '%', $ip_list[$i]) . "'" : "session_ip = '" . $ip_list[$i] . "'"; - - $kill_session_sql .= ( ($kill_session_sql != '') ? ' OR ' : '' ) . $kill_ip_sql; - - $sql = "INSERT INTO " . BANLIST_TABLE . " (ban_ip) - VALUES ('" . $ip_list[$i] . "')"; - if( !$result = $db->sql_query($sql) ) - { - message_die(GENERAL_ERROR, "Couldn't insert ban_ip info into database", "", __LINE__, __FILE__, $sql); - } - } + $banlist = array_unique(array_diff($banlist, $banlist_tmp)); + unset($banlist_tmp); } - // - // Now we'll delete all entries from the - // session table with any of the banned - // user or IP info just entered into the - // ban table ... this will force a session - // initialisation resulting in an instant - // ban - // - if( $kill_session_sql != "" ) - { - $sql = "DELETE FROM " . SESSIONS_TABLE . " - WHERE $kill_session_sql"; - if( !$result = $db->sql_query($sql) ) - { - message_die(GENERAL_ERROR, "Couldn't delete banned sessions from database", "", __LINE__, __FILE__, $sql); - } - } + $current_time = time(); - for($i = 0; $i < count($email_list); $i++) + if ( sizeof($banlist) ) { - $in_banlist = false; - for($j = 0; $j < count($current_banlist); $j++) - { - if( $email_list[$i] == $current_banlist[$j]['ban_email'] ) - { - $in_banlist = true; - } - } - - if( !$in_banlist ) + for($i = 0; $i < count($banlist); $i++) { - $sql = "INSERT INTO " . BANLIST_TABLE . " (ban_email) - VALUES ('" . str_replace("\'", "''", $email_list[$i]) . "')"; - if( !$result = $db->sql_query($sql) ) - { - message_die(GENERAL_ERROR, "Couldn't insert ban_email info into database", "", __LINE__, __FILE__, $sql); - } + $sql = "INSERT INTO " . BANLIST_TABLE . " ($type, ban_start, ban_end, ban_reason) + VALUES (" . $banlist[$i] . ", $current_time, $ban_end, '$ban_reason')"; + $db->sql_query($sql); } - } - $where_sql = ""; - - if(isset($HTTP_POST_VARS['unban_user'])) - { - $user_list = $HTTP_POST_VARS['unban_user']; - - for($i = 0; $i < count($user_list); $i++) + $sql = ''; + switch ( $mode ) { - if($user_list[$i] != -1) - { - if($where_sql != "") + case 'user': + $sql = "WHERE session_user_id IN (" . implode(', ', $banlist) . ")"; + break; + + case 'ip': + $sql = "WHERE session_ip IN (" . implode(', ', $banlist) . ")"; + break; + + case 'email': + $sql = "SELECT user_id + FROM " . USERS_TABLE . " + WHERE user_email IN (" . implode(', ', $banlist) . ")"; + $result = $db->sql_query($sql); + + $sql = ''; + if ( $row = $db->sql_fetchrow($result) ) { - $where_sql .= ", "; - } - $where_sql .= $user_list[$i]; - } - } - } - - if( isset($HTTP_POST_VARS['unban_ip']) ) - { - $ip_list = $HTTP_POST_VARS['unban_ip']; + do + { + $sql .= ( ( $sql != '' ) ? ', ' : '' ) . $row['user_id']; + } + while ( $row = $db->sql_fetchrow($result) ); - for($i = 0; $i < count($ip_list); $i++) - { - if($ip_list[$i] != -1) - { - if($where_sql != "") - { - $where_sql .= ", "; + $sql = "WHERE session_user_id IN (" . str_replace('*', '%', $sql) . ")"; } - $where_sql .= $ip_list[$i]; - } + break; } - } - if( isset($HTTP_POST_VARS['unban_email']) ) - { - $email_list = $HTTP_POST_VARS['unban_email']; - - for($i = 0; $i < count($email_list); $i++) + if ( $sql != '' ) { - if($email_list[$i] != -1) - { - if($where_sql != "") - { - $where_sql .= ", "; - } - $where_sql .= $email_list[$i]; - } + $sql = "DELETE FROM " . SESSIONS_TABLE . " + $sql"; + $db->sql_query($sql); } - } - if( $where_sql != "" ) - { - $sql = "DELETE FROM " . BANLIST_TABLE . " - WHERE ban_id IN ($where_sql)"; - if( !$result = $db->sql_query($sql) ) - { - message_die(GENERAL_ERROR, "Couldn't delete ban info from database", "", __LINE__, __FILE__, $sql); - } + // + // Update log + // + add_admin_log('log_ban_' . $mode, str_replace('\'', '', implode(', ', $banlist)), $ban_reason); } - $message = $lang['Ban_update_sucessful'] . "<br /><br />" . sprintf($lang['Click_return_banadmin'], "<a href=\"" . append_sid("admin_user_ban.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>"); - - message_die(GENERAL_MESSAGE, $message); + $message = $lang['Ban_update_sucessful'] . '<br /><br />' . sprintf($lang['Click_return_banadmin'], '<a href="' . "admin_ban.$phpEx$SID&mode=$mode" . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . "index.$phpEx$SID&pane=right" . '">', '</a>'); + message_die(MESSAGE, $message); } -else +else if ( isset($HTTP_POST_VARS['unbansubmit']) ) { - $template->set_filenames(array( - 'body' => 'admin/user_ban_body.tpl') - ); - - $template->assign_vars(array( - 'L_BAN_TITLE' => $lang['Ban_control'], - 'L_BAN_EXPLAIN' => $lang['Ban_explain'], - 'L_BAN_EXPLAIN_WARN' => $lang['Ban_explain_warn'], - 'L_IP_OR_HOSTNAME' => $lang['IP_hostname'], - 'L_EMAIL_ADDRESS' => $lang['Email_address'], - 'L_SUBMIT' => $lang['Submit'], - 'L_RESET' => $lang['Reset'], - - 'S_BANLIST_ACTION' => append_sid("admin_user_ban.$phpEx")) - ); - - $userban_count = 0; - - $sql = "SELECT user_id, username - FROM " . USERS_TABLE . " - WHERE user_id <> " . ANONYMOUS . " - ORDER BY username ASC"; - if ( !($result = $db->sql_query($sql)) ) + $unban_sql = ''; + for($i = 0; $i < count($HTTP_POST_VARS['unban']); $i++ ) { - message_die(GENERAL_ERROR, 'Could not select current user_id ban list', '', __LINE__, __FILE__, $sql); + $unban_sql .= ( ( $unban_sql != '' ) ? ', ' : '' ) . intval($HTTP_POST_VARS['unban'][$i]); } - $user_list = $db->sql_fetchrowset($result); - $db->sql_freeresult($result); - - $select_userlist = ''; - for($i = 0; $i < count($user_list); $i++) + if ( $unban_sql != '' ) { - $select_userlist .= '<option value="' . $user_list[$i]['user_id'] . '">' . $user_list[$i]['username'] . '</option>'; - $userban_count++; - } - $select_userlist = '<select name="ban_user[]" multiple="multiple" size="5">' . $select_userlist . '</select>'; - - $template->assign_vars(array( - 'L_BAN_USER' => $lang['Ban_username'], - 'L_BAN_USER_EXPLAIN' => $lang['Ban_username_explain'], - 'L_BAN_IP' => $lang['Ban_IP'], - 'L_BAN_IP_EXPLAIN' => $lang['Ban_IP_explain'], - 'L_BAN_EMAIL' => $lang['Ban_email'], - 'L_BAN_EMAIL_EXPLAIN' => $lang['Ban_email_explain'], - - 'S_BAN_USERLIST_SELECT' => $select_userlist) - ); - - $userban_count = 0; - $ipban_count = 0; - $emailban_count = 0; - - $sql = "SELECT b.ban_id, u.user_id, u.username - FROM " . BANLIST_TABLE . " b, " . USERS_TABLE . " u - WHERE u.user_id = b.ban_userid - AND b.ban_userid <> 0 - AND u.user_id <> " . ANONYMOUS . " - ORDER BY u.user_id ASC"; - if ( !($result = $db->sql_query($sql)) ) - { - message_die(GENERAL_ERROR, 'Could not select current user_id ban list', '', __LINE__, __FILE__, $sql); + $sql = "DELETE FROM " . BANLIST_TABLE . " + WHERE ban_id IN ($unban_sql)"; + $db->sql_query($sql); + + add_admin_log('log_unban_' . $mode, sizeof($HTTP_POST_VARS['unban'])); } - $user_list = $db->sql_fetchrowset($result); - $db->sql_freeresult($result); + $message = $lang['Ban_update_sucessful'] . '<br /><br />' . sprintf($lang['Click_return_banadmin'], '<a href="' . "admin_ban.$phpEx$SID&mode=$mode" . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . "index.$phpEx$SID&pane=right" . '">', '</a>'); + message_die(MESSAGE, $message); +} - $select_userlist = ''; - for($i = 0; $i < count($user_list); $i++) - { - $select_userlist .= '<option value="' . $user_list[$i]['ban_id'] . '">' . $user_list[$i]['username'] . '</option>'; - $userban_count++; - } +// +// Output relevant entry page +// - if( $select_userlist == '' ) - { - $select_userlist = '<option value="-1">' . $lang['No_banned_users'] . '</option>'; - } +// +// Remove timed out bans +// +$sql = "DELETE FROM " . BANLIST_TABLE . " + WHERE ban_end < " . time() . " + AND ban_end <> 0"; +$db->sql_query($sql); - $select_userlist = '<select name="unban_user[]" multiple="multiple" size="5">' . $select_userlist . '</select>'; +// +// Ban length options +// +$ban_end_text = array(0 => $lang['Permanent'], 30 => $lang['30_Mins'], 60 => $lang['1_Hour'], 360 => $lang['6_Hours'], 1440 => $lang['1_Day'], 10080 => $lang['7_Days'], 20160 => $lang['2_Weeks'], 40320 => $lang['1_Month']); - $sql = "SELECT ban_id, ban_ip, ban_email - FROM " . BANLIST_TABLE; - if ( !($result = $db->sql_query($sql)) ) - { - message_die(GENERAL_ERROR, 'Could not select current ip ban list', '', __LINE__, __FILE__, $sql); - } +$ban_end_options = ''; +foreach ( $ban_end_text as $length => $text ) +{ + $ban_end_options .= '<option value="' . $length . '">' . $text . '</option>'; +} + +// +// Title +// +switch ( $mode ) +{ + case 'user': + $l_title = $lang['Ban_users']; + break; + case 'email': + $l_title = $lang['Ban_emails']; + break; + case 'ip': + $l_title = $lang['Ban_ips']; + break; +} + +// +// Output page +// +page_header($l_title); - $banlist = $db->sql_fetchrowset($result); - $db->sql_freeresult($result); +?> - $select_iplist = ''; - $select_emaillist = ''; +<p><?php echo $lang['Ban_explain']; ?></p> - for($i = 0; $i < count($banlist); $i++) - { - $ban_id = $banlist[$i]['ban_id']; +<?php - if ( !empty($banlist[$i]['ban_ip']) ) +switch ( $mode ) +{ + case 'user': + $sql = "SELECT b.*, u.user_id, u.username + FROM " . BANLIST_TABLE . " b, " . USERS_TABLE . " u + WHERE ( b.ban_end >= " . time() . " + OR b.ban_end = 0 ) + AND u.user_id = b.ban_userid + AND b.ban_userid <> 0 + AND u.user_id <> " . ANONYMOUS . " + ORDER BY u.user_id ASC"; + $result = $db->sql_query($sql); + + $banned_options = ''; + $banned_length = ''; + $banned_options = ''; + if ( $row = $db->sql_fetchrow($result) ) { - $ban_ip = str_replace('256', '*', $banlist[$i]['ban_ip']); - $select_iplist .= '<option value="' . $ban_id . '">' . $ban_ip . '</option>'; - $ipban_count++; + do + { + $banned_options .= '<option value="' . $row['ban_id'] . '">' . $row['username'] . '</option>'; + $banned_length .= ( ( $banned_length != '' ) ? ', ' : '' ) . '\'' . ( $ban_end_text[(($row['ban_end'] - $row['ban_start']) / 60)] ) . '\''; + $banned_reasons .= ( ( $banned_reasons != '' ) ? ', ' : '' ) . '\'' . addslashes($row['ban_reason']) . '\''; + } + while ( $row = $db->sql_fetchrow($result) ); } - else if ( !empty($banlist[$i]['ban_email']) ) + $db->sql_freeresult($result); + +?> + +<script language="Javascript" type="text/javascript"> +<!-- + var ban_length = new Array(<?php echo $banned_length; ?>); + var ban_reasons = new Array(<?php echo $banned_reasons; ?>); +//--> +</script> + +<h1><?php echo $lang['Ban_users']; ?></h1> + +<p><?php echo $lang['Ban_username_explain']; ?></p> + +<form method="post" action="<?php echo "admin_ban.$phpEx$SID&mode=$mode"; ?>"><table class="bg" width="80%" cellspacing="1" cellpadding="4" border="0" align="center"> + <tr> + <th colspan="2"><?php echo $lang['Ban_users']; ?></th> + </tr> + <tr> + <td class="row1" width="45%"><?php echo $lang['Username']; ?>: </td> + <td class="row1"><textarea cols="40" rows="3" name="ban"></textarea></td> + </tr> + <tr> + <td class="row2" width="45%"><?php echo $lang['Ban_length']; ?>:</td> + <td class="row2"><select name="banlength"><?php echo $ban_end_options; ?></select></td> + </tr> + <tr> + <td class="row2" width="45%"><?php echo $lang['Ban_reason']; ?>:</td> + <td class="row2"><input type="text" name="banreason" maxlength="255" size="40" /></td> + </tr> + <tr> + <td class="cat" colspan="2" align="center"> <input type="submit" name="bansubmit" value="<?php echo $lang['Submit']; ?>" class="mainoption" /> <input type="reset" value="<?php echo $lang['Reset']; ?>" class="liteoption" /> <input type="submit" name="usersubmit" value="<?php echo $lang['Find_username']; ?>" class="liteoption" onClick="window.open('<?php echo "../search.$phpEx$SID&mode=searchuser"; ?>', '_phpbbsearch', 'HEIGHT=250,resizable=yes,WIDTH=400');return false;" /></td> + </tr> +</table> + +<h1><?php echo $lang['Unban_username']; ?></h1> + +<p><?php echo $lang['Unban_username_explain']; ?></p> + +<table class="bg" width="80%" cellspacing="1" cellpadding="4" border="0" align="center"> + <tr> + <th colspan="2"><?php echo $lang['Unban_username']; ?></th> + </tr> + <tr> + <td class="row1" width="45%"><?php echo $lang['Username']; ?>: </td> + <td class="row1"><?php if ( $banned_options != '' ) { ?><select name="unban[]" multiple="multiple" size="5"><?php echo $banned_options; ?></select><?php } else { echo $lang['No_banned_users']; } ?></td> + </tr> + <tr> + <td class="cat" colspan="2" align="center"><input type="submit" name="unbansubmit" value="<?php echo $lang['Submit']; ?>" class="mainoption" /></td> + </tr> +<?php + break; + + case 'ip': + + $sql = "SELECT * + FROM " . BANLIST_TABLE . " + WHERE ( ban_end >= " . time() . " + OR ban_end = 0 ) + AND ban_ip <> ''"; + $result = $db->sql_query($sql); + + $banned_reasons = ''; + $banned_length = ''; + $banned_options = ''; + if ( $row = $db->sql_fetchrow($result) ) { - $ban_email = $banlist[$i]['ban_email']; - $select_emaillist .= '<option value="' . $ban_id . '">' . $ban_email . '</option>'; - $emailban_count++; + do + { + $banned_options .= '<option value="' . $row['ban_id'] . '">' . $row['ban_ip'] . '</option>'; + $banned_length .= ( ( $banned_length != '' ) ? ', ' : '' ) . '\'' . ( $ban_end_text[(($row['ban_end'] - $row['ban_start']) / 60)] ) . '\''; + $banned_reasons .= ( ( $banned_reasons != '' ) ? ', ' : '' ) . '\'' . addslashes($row['ban_reason']) . '\''; + } + while ( $row = $db->sql_fetchrow($result) ); } - } + $db->sql_freeresult($result); + +?> + +<script language="Javascript" type="text/javascript"> +<!-- + var ban_length = new Array(<?php echo $banned_length; ?>); + var ban_reasons = new Array(<?php echo $banned_reasons; ?>); +//--> +</script> + +<h1><?php echo $lang['Ban_ips']; ?></h1> + +<p><?php echo $lang['Ban_IP_explain']; ?></p> + +<form method="post" name="ban" action="<?php echo "admin_ban.$phpEx$SID&mode=$mode"; ?>"><table class="bg" width="80%" cellspacing="1" cellpadding="4" border="0" align="center"> + <tr> + <th colspan="2"><?php echo $lang['Ban_ips']; ?></th> + </tr> + <tr> + <td class="row1" width="45%"><?php echo $lang['IP_hostname']; ?>: </td> + <td class="row1"><textarea cols="40" rows="3" name="ban"></textarea></td> + </tr> + <tr> + <td class="row2" width="45%"><?php echo $lang['Ban_length']; ?>:</td> + <td class="row2"><select name="banlength"><?php echo $ban_end_options; ?></select></td> + </tr> + <tr> + <td class="row2" width="45%"><?php echo $lang['Ban_reason']; ?>:</td> + <td class="row2"><input type="text" name="banreason" maxlength="255" size="40" /></td> + </tr> + <tr> + <td class="cat" colspan="2" align="center"> <input type="submit" name="bansubmit" value="<?php echo $lang['Submit']; ?>" class="mainoption" /> <input type="reset" value="<?php echo $lang['Reset']; ?>" class="liteoption" /></td> + </tr> +</table> + +<h1><?php echo $lang['Unban_IP']; ?></h1> + +<p><?php echo $lang['Unban_IP_explain']; ?></p> + +<table class="bg" width="80%" cellspacing="1" cellpadding="4" border="0" align="center"> + <tr> + <th colspan="2"><?php echo $lang['Unban_IP']; ?></th> + </tr> + <tr> + <td class="row1" width="45%"><?php echo $lang['IP_hostname']; ?>: <br /></td> + <td class="row1"> <?php if ( $banned_options != '' ) { ?><select name="unban[]" multiple="multiple" size="5"><?php echo $banned_options; ?></select><?php } else { echo $lang['No_banned_ip']; } ?></td> + </tr> + <tr> + <td class="cat" colspan="2" align="center"><input type="submit" name="unbansubmit" value="<?php echo $lang['Submit']; ?>" class="mainoption" /></td> + </tr> +<?php - if ( $select_iplist == '' ) - { - $select_iplist = '<option value="-1">' . $lang['No_banned_ip'] . '</option>'; - } + break; - if ( $select_emaillist == '' ) - { - $select_emaillist = '<option value="-1">' . $lang['No_banned_email'] . '</option>'; - } + case 'email': - $select_iplist = '<select name="unban_ip[]" multiple="multiple" size="5">' . $select_iplist . '</select>'; - $select_emaillist = '<select name="unban_email[]" multiple="multiple" size="5">' . $select_emaillist . '</select>'; - - $template->assign_vars(array( - 'L_UNBAN_USER' => $lang['Unban_username'], - 'L_UNBAN_USER_EXPLAIN' => $lang['Unban_username_explain'], - 'L_UNBAN_IP' => $lang['Unban_IP'], - 'L_UNBAN_IP_EXPLAIN' => $lang['Unban_IP_explain'], - 'L_UNBAN_EMAIL' => $lang['Unban_email'], - 'L_UNBAN_EMAIL_EXPLAIN' => $lang['Unban_email_explain'], - - 'S_UNBAN_USERLIST_SELECT' => $select_userlist, - 'S_UNBAN_IPLIST_SELECT' => $select_iplist, - 'S_UNBAN_EMAILLIST_SELECT' => $select_emaillist, - 'S_BAN_ACTION' => append_sid("admin_user_ban.$phpEx")) - ); + $sql = "SELECT * + FROM " . BANLIST_TABLE . " + WHERE ( ban_end >= " . time() . " + OR ban_end = 0 ) + AND ban_email <> ''"; + $result = $db->sql_query($sql); + + $banned_options = ''; + $banned_length = ''; + $banned_options = ''; + if ( $row = $db->sql_fetchrow($result) ) + { + do + { + $banned_options .= '<option value="' . $row['ban_id'] . '">' . $row['ban_email'] . '</option>'; + $banned_length .= ( ( $banned_length != '' ) ? ', ' : '' ) . '\'' . ( $ban_end_text[(($row['ban_end'] - $row['ban_start']) / 60)] ) . '\''; + $banned_reasons .= ( ( $banned_reasons != '' ) ? ', ' : '' ) . '\'' . addslashes($row['ban_reason']) . '\''; + } + while ( $row = $db->sql_fetchrow($result) ); + } + $db->sql_freeresult($result); + +?> + +<h1><?php echo $lang['Ban_emails']; ?></h1> + +<p><?php echo $lang['Ban_email_explain']; ?></p> + +<script language="Javascript" type="text/javascript"> +<!-- + var ban_length = new Array(<?php echo $banned_length; ?>); + var ban_reasons = new Array(<?php echo $banned_reasons; ?>); +//--> +</script> + +<form method="post" action="<?php echo "admin_ban.$phpEx$SID&mode=$mode"; ?>"><table class="bg" width="80%" cellspacing="1" cellpadding="4" border="0" align="center"> + <tr> + <th colspan="2"><?php echo $lang['Ban_emails']; ?></th> + </tr> + <tr> + <td class="row1" width="45%"><?php echo $lang['Email_address']; ?>: </td> + <td class="row1"><textarea cols="40" rows="3" name="ban"></textarea></td> + </tr> + <tr> + <td class="row2" width="45%"><?php echo $lang['Ban_length']; ?>:</td> + <td class="row2"><select name="banlength"><?php echo $ban_end_options; ?></select></td> + </tr> + <tr> + <td class="row2" width="45%"><?php echo $lang['Ban_reason']; ?>:</td> + <td class="row2"><input type="text" name="banreason" maxlength="255" size="40" /></td> + </tr> + <tr> + <td class="cat" colspan="2" align="center"> <input type="submit" name="bansubmit" value="<?php echo $lang['Submit']; ?>" class="mainoption" /> <input type="reset" value="<?php echo $lang['Reset']; ?>" class="liteoption" /></td> + </tr> +</table> + +<h1><?php echo $lang['Unban_email']; ?></h1> + +<p><?php echo $lang['Unban_email_explain']; ?></p> + +<table class="bg" width="80%" cellspacing="1" cellpadding="4" border="0" align="center"> + <tr> + <th colspan="2"><?php echo $lang['Unban_IP']; ?></th> + </tr> + <tr> + <td class="row1" width="45%"><?php echo $lang['Email_address']; ?>: <br /></td> + <td class="row1"> <?php if ( $banned_options != '' ) { ?><select name="unban[]" multiple="multiple" size="5"><?php echo $banned_options; ?></select><?php } else { echo $lang['No_banned_email']; } ?></td> + </tr> + <tr> + <td class="cat" colspan="2" align="center"><input type="submit" name="unbansubmit" value="<?php echo $lang['Submit']; ?>" class="mainoption" /></td> + </tr> +<?php + + break; } -$template->pparse('body'); +?> +</table></form> + +<br clear="all" /> + +<?php -include('page_footer_admin.'.$phpEx); +page_footer(); ?>
\ No newline at end of file |