1
|
|
|
<?php |
2
|
|
|
|
3
|
|
|
/** |
4
|
|
|
* This file contains all the functions used for the ban center. |
5
|
|
|
* |
6
|
|
|
* @todo refactor as controller-model |
7
|
|
|
* |
8
|
|
|
* Simple Machines Forum (SMF) |
9
|
|
|
* |
10
|
|
|
* @package SMF |
11
|
|
|
* @author Simple Machines https://www.simplemachines.org |
12
|
|
|
* @copyright 2022 Simple Machines and individual contributors |
13
|
|
|
* @license https://www.simplemachines.org/about/smf/license.php BSD |
14
|
|
|
* |
15
|
|
|
* @version 2.1.0 |
16
|
|
|
*/ |
17
|
|
|
|
18
|
|
|
if (!defined('SMF')) |
19
|
|
|
die('No direct access...'); |
20
|
|
|
|
21
|
|
|
/** |
22
|
|
|
* Ban center. The main entrance point for all ban center functions. |
23
|
|
|
* It is accesssed by ?action=admin;area=ban. |
24
|
|
|
* It choses a function based on the 'sa' parameter, like many others. |
25
|
|
|
* The default sub-action is BanList(). |
26
|
|
|
* It requires the ban_members permission. |
27
|
|
|
* It initializes the admin tabs. |
28
|
|
|
* |
29
|
|
|
* Uses ManageBans template. |
30
|
|
|
*/ |
31
|
|
|
function Ban() |
32
|
|
|
{ |
33
|
|
|
global $context, $txt, $scripturl; |
34
|
|
|
|
35
|
|
|
isAllowedTo('manage_bans'); |
36
|
|
|
|
37
|
|
|
loadTemplate('ManageBans'); |
38
|
|
|
|
39
|
|
|
$subActions = array( |
40
|
|
|
'add' => 'BanEdit', |
41
|
|
|
'browse' => 'BanBrowseTriggers', |
42
|
|
|
'edittrigger' => 'BanEditTrigger', |
43
|
|
|
'edit' => 'BanEdit', |
44
|
|
|
'list' => 'BanList', |
45
|
|
|
'log' => 'BanLog', |
46
|
|
|
); |
47
|
|
|
|
48
|
|
|
// Default the sub-action to 'view ban list'. |
49
|
|
|
$_REQUEST['sa'] = isset($_REQUEST['sa']) && isset($subActions[$_REQUEST['sa']]) ? $_REQUEST['sa'] : 'list'; |
50
|
|
|
|
51
|
|
|
$context['page_title'] = $txt['ban_title']; |
52
|
|
|
$context['sub_action'] = $_REQUEST['sa']; |
53
|
|
|
|
54
|
|
|
// Tabs for browsing the different ban functions. |
55
|
|
|
$context[$context['admin_menu_name']]['tab_data'] = array( |
56
|
|
|
'title' => $txt['ban_title'], |
57
|
|
|
'help' => 'ban_members', |
58
|
|
|
'description' => $txt['ban_description'], |
59
|
|
|
'tabs' => array( |
60
|
|
|
'list' => array( |
61
|
|
|
'description' => $txt['ban_description'], |
62
|
|
|
'href' => $scripturl . '?action=admin;area=ban;sa=list', |
63
|
|
|
'is_selected' => $_REQUEST['sa'] == 'list' || $_REQUEST['sa'] == 'edit' || $_REQUEST['sa'] == 'edittrigger', |
64
|
|
|
), |
65
|
|
|
'add' => array( |
66
|
|
|
'description' => $txt['ban_description'], |
67
|
|
|
'href' => $scripturl . '?action=admin;area=ban;sa=add', |
68
|
|
|
'is_selected' => $_REQUEST['sa'] == 'add', |
69
|
|
|
), |
70
|
|
|
'browse' => array( |
71
|
|
|
'description' => $txt['ban_trigger_browse_description'], |
72
|
|
|
'href' => $scripturl . '?action=admin;area=ban;sa=browse', |
73
|
|
|
'is_selected' => $_REQUEST['sa'] == 'browse', |
74
|
|
|
), |
75
|
|
|
'log' => array( |
76
|
|
|
'description' => $txt['ban_log_description'], |
77
|
|
|
'href' => $scripturl . '?action=admin;area=ban;sa=log', |
78
|
|
|
'is_selected' => $_REQUEST['sa'] == 'log', |
79
|
|
|
'is_last' => true, |
80
|
|
|
), |
81
|
|
|
), |
82
|
|
|
); |
83
|
|
|
|
84
|
|
|
call_integration_hook('integrate_manage_bans', array(&$subActions)); |
85
|
|
|
|
86
|
|
|
// Call the right function for this sub-action. |
87
|
|
|
call_helper($subActions[$_REQUEST['sa']]); |
88
|
|
|
} |
89
|
|
|
|
90
|
|
|
/** |
91
|
|
|
* Shows a list of bans currently set. |
92
|
|
|
* It is accessed by ?action=admin;area=ban;sa=list. |
93
|
|
|
* It removes expired bans. |
94
|
|
|
* It allows sorting on different criteria. |
95
|
|
|
* It also handles removal of selected ban items. |
96
|
|
|
* |
97
|
|
|
* Uses the main ManageBans template. |
98
|
|
|
*/ |
99
|
|
|
function BanList() |
100
|
|
|
{ |
101
|
|
|
global $txt, $context, $scripturl; |
102
|
|
|
global $user_info, $sourcedir, $modSettings; |
103
|
|
|
|
104
|
|
|
// User pressed the 'remove selection button'. |
105
|
|
|
if (!empty($_POST['removeBans']) && !empty($_POST['remove']) && is_array($_POST['remove'])) |
106
|
|
|
{ |
107
|
|
|
checkSession(); |
108
|
|
|
|
109
|
|
|
// Make sure every entry is a proper integer. |
110
|
|
|
array_map('intval', $_POST['remove']); |
111
|
|
|
|
112
|
|
|
// Unban them all! |
113
|
|
|
removeBanGroups($_POST['remove']); |
114
|
|
|
|
115
|
|
|
// No more caching this ban! |
116
|
|
|
updateSettings(array('banLastUpdated' => time())); |
117
|
|
|
|
118
|
|
|
// Some members might be unbanned now. Update the members table. |
119
|
|
|
updateBanMembers(); |
120
|
|
|
} |
121
|
|
|
|
122
|
|
|
// Create a date string so we don't overload them with date info. |
123
|
|
|
if (preg_match('~%[AaBbCcDdeGghjmuYy](?:[^%]*%[AaBbCcDdeGghjmuYy])*~', $user_info['time_format'], $matches) == 0 || empty($matches[0])) |
124
|
|
|
$context['ban_time_format'] = $user_info['time_format']; |
125
|
|
|
else |
126
|
|
|
$context['ban_time_format'] = $matches[0]; |
127
|
|
|
|
128
|
|
|
$listOptions = array( |
129
|
|
|
'id' => 'ban_list', |
130
|
|
|
'title' => $txt['ban_title'], |
131
|
|
|
'items_per_page' => $modSettings['defaultMaxListItems'], |
132
|
|
|
'base_href' => $scripturl . '?action=admin;area=ban;sa=list', |
133
|
|
|
'default_sort_col' => 'added', |
134
|
|
|
'default_sort_dir' => 'desc', |
135
|
|
|
'get_items' => array( |
136
|
|
|
'function' => 'list_getBans', |
137
|
|
|
), |
138
|
|
|
'get_count' => array( |
139
|
|
|
'function' => 'list_getNumBans', |
140
|
|
|
), |
141
|
|
|
'no_items_label' => $txt['ban_no_entries'], |
142
|
|
|
'columns' => array( |
143
|
|
|
'name' => array( |
144
|
|
|
'header' => array( |
145
|
|
|
'value' => $txt['ban_name'], |
146
|
|
|
), |
147
|
|
|
'data' => array( |
148
|
|
|
'db' => 'name', |
149
|
|
|
), |
150
|
|
|
'sort' => array( |
151
|
|
|
'default' => 'bg.name', |
152
|
|
|
'reverse' => 'bg.name DESC', |
153
|
|
|
), |
154
|
|
|
), |
155
|
|
|
'notes' => array( |
156
|
|
|
'header' => array( |
157
|
|
|
'value' => $txt['ban_notes'], |
158
|
|
|
), |
159
|
|
|
'data' => array( |
160
|
|
|
'db' => 'notes', |
161
|
|
|
'class' => 'smalltext', |
162
|
|
|
), |
163
|
|
|
'sort' => array( |
164
|
|
|
'default' => 'LENGTH(bg.notes) > 0 DESC, bg.notes', |
165
|
|
|
'reverse' => 'LENGTH(bg.notes) > 0, bg.notes DESC', |
166
|
|
|
), |
167
|
|
|
), |
168
|
|
|
'reason' => array( |
169
|
|
|
'header' => array( |
170
|
|
|
'value' => $txt['ban_reason'], |
171
|
|
|
), |
172
|
|
|
'data' => array( |
173
|
|
|
'db' => 'reason', |
174
|
|
|
'class' => 'smalltext', |
175
|
|
|
), |
176
|
|
|
'sort' => array( |
177
|
|
|
'default' => 'LENGTH(bg.reason) > 0 DESC, bg.reason', |
178
|
|
|
'reverse' => 'LENGTH(bg.reason) > 0, bg.reason DESC', |
179
|
|
|
), |
180
|
|
|
), |
181
|
|
|
'added' => array( |
182
|
|
|
'header' => array( |
183
|
|
|
'value' => $txt['ban_added'], |
184
|
|
|
), |
185
|
|
|
'data' => array( |
186
|
|
|
'function' => function($rowData) use ($context) |
187
|
|
|
{ |
188
|
|
|
return timeformat($rowData['ban_time'], empty($context['ban_time_format']) ? true : $context['ban_time_format']); |
189
|
|
|
}, |
190
|
|
|
), |
191
|
|
|
'sort' => array( |
192
|
|
|
'default' => 'bg.ban_time', |
193
|
|
|
'reverse' => 'bg.ban_time DESC', |
194
|
|
|
), |
195
|
|
|
), |
196
|
|
|
'expires' => array( |
197
|
|
|
'header' => array( |
198
|
|
|
'value' => $txt['ban_expires'], |
199
|
|
|
), |
200
|
|
|
'data' => array( |
201
|
|
|
'function' => function($rowData) use ($txt) |
202
|
|
|
{ |
203
|
|
|
// This ban never expires...whahaha. |
204
|
|
|
if ($rowData['expire_time'] === null) |
205
|
|
|
return $txt['never']; |
206
|
|
|
|
207
|
|
|
// This ban has already expired. |
208
|
|
|
elseif ($rowData['expire_time'] < time()) |
209
|
|
|
return sprintf('<span class="red">%1$s</span>', $txt['ban_expired']); |
210
|
|
|
|
211
|
|
|
// Still need to wait a few days for this ban to expire. |
212
|
|
|
else |
213
|
|
|
return sprintf('%1$d %2$s', ceil(($rowData['expire_time'] - time()) / (60 * 60 * 24)), $txt['ban_days']); |
214
|
|
|
}, |
215
|
|
|
), |
216
|
|
|
'sort' => array( |
217
|
|
|
'default' => 'COALESCE(bg.expire_time, 1=1) DESC, bg.expire_time DESC', |
218
|
|
|
'reverse' => 'COALESCE(bg.expire_time, 1=1), bg.expire_time', |
219
|
|
|
), |
220
|
|
|
), |
221
|
|
|
'num_triggers' => array( |
222
|
|
|
'header' => array( |
223
|
|
|
'value' => $txt['ban_triggers'], |
224
|
|
|
), |
225
|
|
|
'data' => array( |
226
|
|
|
'db' => 'num_triggers', |
227
|
|
|
), |
228
|
|
|
'sort' => array( |
229
|
|
|
'default' => 'num_triggers DESC', |
230
|
|
|
'reverse' => 'num_triggers', |
231
|
|
|
), |
232
|
|
|
), |
233
|
|
|
'actions' => array( |
234
|
|
|
'header' => array( |
235
|
|
|
'value' => $txt['ban_actions'], |
236
|
|
|
'class' => 'centercol', |
237
|
|
|
), |
238
|
|
|
'data' => array( |
239
|
|
|
'sprintf' => array( |
240
|
|
|
'format' => '<a href="' . $scripturl . '?action=admin;area=ban;sa=edit;bg=%1$d">' . $txt['modify'] . '</a>', |
241
|
|
|
'params' => array( |
242
|
|
|
'id_ban_group' => false, |
243
|
|
|
), |
244
|
|
|
), |
245
|
|
|
'class' => 'centercol', |
246
|
|
|
), |
247
|
|
|
), |
248
|
|
|
'check' => array( |
249
|
|
|
'header' => array( |
250
|
|
|
'value' => '<input type="checkbox" onclick="invertAll(this, this.form);">', |
251
|
|
|
'class' => 'centercol', |
252
|
|
|
), |
253
|
|
|
'data' => array( |
254
|
|
|
'sprintf' => array( |
255
|
|
|
'format' => '<input type="checkbox" name="remove[]" value="%1$d">', |
256
|
|
|
'params' => array( |
257
|
|
|
'id_ban_group' => false, |
258
|
|
|
), |
259
|
|
|
), |
260
|
|
|
'class' => 'centercol', |
261
|
|
|
), |
262
|
|
|
), |
263
|
|
|
), |
264
|
|
|
'form' => array( |
265
|
|
|
'href' => $scripturl . '?action=admin;area=ban;sa=list', |
266
|
|
|
), |
267
|
|
|
'additional_rows' => array( |
268
|
|
|
array( |
269
|
|
|
'position' => 'top_of_list', |
270
|
|
|
'value' => '<input type="submit" name="removeBans" value="' . $txt['ban_remove_selected'] . '" class="button">', |
271
|
|
|
), |
272
|
|
|
array( |
273
|
|
|
'position' => 'bottom_of_list', |
274
|
|
|
'value' => '<input type="submit" name="removeBans" value="' . $txt['ban_remove_selected'] . '" class="button">', |
275
|
|
|
), |
276
|
|
|
), |
277
|
|
|
'javascript' => ' |
278
|
|
|
var removeBans = $("input[name=\'removeBans\']"); |
279
|
|
|
|
280
|
|
|
removeBans.on( "click", function(e) { |
281
|
|
|
var removeItems = $("input[name=\'remove[]\']:checked").length; |
282
|
|
|
|
283
|
|
|
if (removeItems == 0) |
284
|
|
|
{ |
285
|
|
|
e.preventDefault(); |
286
|
|
|
return alert("' . $txt['select_item_check'] . '"); |
287
|
|
|
} |
288
|
|
|
|
289
|
|
|
|
290
|
|
|
return confirm("' . $txt['ban_remove_selected_confirm'] . '"); |
291
|
|
|
});', |
292
|
|
|
); |
293
|
|
|
|
294
|
|
|
require_once($sourcedir . '/Subs-List.php'); |
295
|
|
|
createList($listOptions); |
296
|
|
|
|
297
|
|
|
$context['sub_template'] = 'show_list'; |
298
|
|
|
$context['default_list'] = 'ban_list'; |
299
|
|
|
} |
300
|
|
|
|
301
|
|
|
/** |
302
|
|
|
* Get bans, what else? For the given options. |
303
|
|
|
* |
304
|
|
|
* @param int $start Which item to start with (for pagination purposes) |
305
|
|
|
* @param int $items_per_page How many items to show on each page |
306
|
|
|
* @param string $sort A string telling ORDER BY how to sort the results |
307
|
|
|
* @return array An array of information about the bans for the list |
308
|
|
|
*/ |
309
|
|
|
function list_getBans($start, $items_per_page, $sort) |
310
|
|
|
{ |
311
|
|
|
global $smcFunc; |
312
|
|
|
|
313
|
|
|
$request = $smcFunc['db_query']('', ' |
314
|
|
|
SELECT bg.id_ban_group, bg.name, bg.ban_time, bg.expire_time, bg.reason, bg.notes, COUNT(bi.id_ban) AS num_triggers |
315
|
|
|
FROM {db_prefix}ban_groups AS bg |
316
|
|
|
LEFT JOIN {db_prefix}ban_items AS bi ON (bi.id_ban_group = bg.id_ban_group) |
317
|
|
|
GROUP BY bg.id_ban_group, bg.name, bg.ban_time, bg.expire_time, bg.reason, bg.notes |
318
|
|
|
ORDER BY {raw:sort} |
319
|
|
|
LIMIT {int:offset}, {int:limit}', |
320
|
|
|
array( |
321
|
|
|
'sort' => $sort, |
322
|
|
|
'offset' => $start, |
323
|
|
|
'limit' => $items_per_page, |
324
|
|
|
) |
325
|
|
|
); |
326
|
|
|
$bans = array(); |
327
|
|
|
while ($row = $smcFunc['db_fetch_assoc']($request)) |
328
|
|
|
$bans[] = $row; |
329
|
|
|
|
330
|
|
|
$smcFunc['db_free_result']($request); |
331
|
|
|
|
332
|
|
|
return $bans; |
333
|
|
|
} |
334
|
|
|
|
335
|
|
|
/** |
336
|
|
|
* Get the total number of ban from the ban group table |
337
|
|
|
* |
338
|
|
|
* @return int The total number of bans |
339
|
|
|
*/ |
340
|
|
|
function list_getNumBans() |
341
|
|
|
{ |
342
|
|
|
global $smcFunc; |
343
|
|
|
|
344
|
|
|
$request = $smcFunc['db_query']('', ' |
345
|
|
|
SELECT COUNT(*) AS num_bans |
346
|
|
|
FROM {db_prefix}ban_groups', |
347
|
|
|
array( |
348
|
|
|
) |
349
|
|
|
); |
350
|
|
|
list ($numBans) = $smcFunc['db_fetch_row']($request); |
351
|
|
|
$smcFunc['db_free_result']($request); |
352
|
|
|
|
353
|
|
|
return $numBans; |
354
|
|
|
} |
355
|
|
|
|
356
|
|
|
/** |
357
|
|
|
* This function is behind the screen for adding new bans and modifying existing ones. |
358
|
|
|
* Adding new bans: |
359
|
|
|
* - is accessed by ?action=admin;area=ban;sa=add. |
360
|
|
|
* - uses the ban_edit sub template of the ManageBans template. |
361
|
|
|
* Modifying existing bans: |
362
|
|
|
* - is accessed by ?action=admin;area=ban;sa=edit;bg=x |
363
|
|
|
* - uses the ban_edit sub template of the ManageBans template. |
364
|
|
|
* - shows a list of ban triggers for the specified ban. |
365
|
|
|
*/ |
366
|
|
|
function BanEdit() |
367
|
|
|
{ |
368
|
|
|
global $txt, $modSettings, $context, $scripturl, $smcFunc, $sourcedir; |
369
|
|
|
|
370
|
|
|
if ((isset($_POST['add_ban']) || isset($_POST['modify_ban']) || isset($_POST['remove_selection'])) && empty($context['ban_errors'])) |
371
|
|
|
BanEdit2(); |
372
|
|
|
|
373
|
|
|
$ban_group_id = isset($context['ban']['id']) ? $context['ban']['id'] : (isset($_REQUEST['bg']) ? (int) $_REQUEST['bg'] : 0); |
374
|
|
|
|
375
|
|
|
// Template needs this to show errors using javascript |
376
|
|
|
loadLanguage('Errors'); |
377
|
|
|
createToken('admin-bet'); |
378
|
|
|
$context['form_url'] = $scripturl . '?action=admin;area=ban;sa=edit'; |
379
|
|
|
|
380
|
|
|
if (!empty($context['ban_errors'])) |
381
|
|
|
foreach ($context['ban_errors'] as $error) |
382
|
|
|
$context['error_messages'][$error] = $txt[$error]; |
383
|
|
|
|
384
|
|
|
else |
385
|
|
|
{ |
386
|
|
|
// If we're editing an existing ban, get it from the database. |
387
|
|
|
if (!empty($ban_group_id)) |
388
|
|
|
{ |
389
|
|
|
$context['ban_group_id'] = $ban_group_id; |
390
|
|
|
|
391
|
|
|
// We're going to want this for making our list. |
392
|
|
|
require_once($sourcedir . '/Subs-List.php'); |
393
|
|
|
|
394
|
|
|
$listOptions = array( |
395
|
|
|
'id' => 'ban_items', |
396
|
|
|
'base_href' => $scripturl . '?action=admin;area=ban;sa=edit;bg=' . $ban_group_id, |
397
|
|
|
'no_items_label' => $txt['ban_no_triggers'], |
398
|
|
|
'items_per_page' => $modSettings['defaultMaxListItems'], |
399
|
|
|
'get_items' => array( |
400
|
|
|
'function' => 'list_getBanItems', |
401
|
|
|
'params' => array( |
402
|
|
|
'ban_group_id' => $ban_group_id, |
403
|
|
|
), |
404
|
|
|
), |
405
|
|
|
'get_count' => array( |
406
|
|
|
'function' => 'list_getNumBanItems', |
407
|
|
|
'params' => array( |
408
|
|
|
'ban_group_id' => $ban_group_id, |
409
|
|
|
), |
410
|
|
|
), |
411
|
|
|
'columns' => array( |
412
|
|
|
'type' => array( |
413
|
|
|
'header' => array( |
414
|
|
|
'value' => $txt['ban_banned_entity'], |
415
|
|
|
'style' => 'width: 60%;text-align: left;', |
416
|
|
|
), |
417
|
|
|
'data' => array( |
418
|
|
|
'function' => function($ban_item) use ($txt) |
419
|
|
|
{ |
420
|
|
|
if (in_array($ban_item['type'], array('ip', 'hostname', 'email'))) |
421
|
|
|
return '<strong>' . $txt[$ban_item['type']] . ':</strong> ' . $ban_item[$ban_item['type']]; |
422
|
|
|
elseif ($ban_item['type'] == 'user') |
423
|
|
|
return '<strong>' . $txt['username'] . ':</strong> ' . $ban_item['user']['link']; |
424
|
|
|
else |
425
|
|
|
return '<strong>' . $txt['unknown'] . ':</strong> ' . $ban_item['no_bantype_selected']; |
426
|
|
|
}, |
427
|
|
|
'style' => 'text-align: left;', |
428
|
|
|
), |
429
|
|
|
), |
430
|
|
|
'hits' => array( |
431
|
|
|
'header' => array( |
432
|
|
|
'value' => $txt['ban_hits'], |
433
|
|
|
'style' => 'width: 15%; text-align: center;', |
434
|
|
|
), |
435
|
|
|
'data' => array( |
436
|
|
|
'db' => 'hits', |
437
|
|
|
'style' => 'text-align: center;', |
438
|
|
|
), |
439
|
|
|
), |
440
|
|
|
'id' => array( |
441
|
|
|
'header' => array( |
442
|
|
|
'value' => $txt['ban_actions'], |
443
|
|
|
'style' => 'width: 15%; text-align: center;', |
444
|
|
|
), |
445
|
|
|
'data' => array( |
446
|
|
|
'function' => function($ban_item) use ($txt, $context, $scripturl) |
447
|
|
|
{ |
448
|
|
|
return '<a href="' . $scripturl . '?action=admin;area=ban;sa=edittrigger;bg=' . $context['ban_group_id'] . ';bi=' . $ban_item['id'] . '">' . $txt['ban_edit_trigger'] . '</a>'; |
449
|
|
|
}, |
450
|
|
|
'style' => 'text-align: center;', |
451
|
|
|
), |
452
|
|
|
), |
453
|
|
|
'checkboxes' => array( |
454
|
|
|
'header' => array( |
455
|
|
|
'value' => '<input type="checkbox" onclick="invertAll(this, this.form, \'ban_items\');">', |
456
|
|
|
'style' => 'width: 5%; text-align: center;', |
457
|
|
|
), |
458
|
|
|
'data' => array( |
459
|
|
|
'sprintf' => array( |
460
|
|
|
'format' => '<input type="checkbox" name="ban_items[]" value="%1$d">', |
461
|
|
|
'params' => array( |
462
|
|
|
'id' => false, |
463
|
|
|
), |
464
|
|
|
), |
465
|
|
|
'style' => 'text-align: center;', |
466
|
|
|
), |
467
|
|
|
), |
468
|
|
|
), |
469
|
|
|
'form' => array( |
470
|
|
|
'href' => $scripturl . '?action=admin;area=ban;sa=edit;bg=' . $ban_group_id, |
471
|
|
|
), |
472
|
|
|
'additional_rows' => array( |
473
|
|
|
array( |
474
|
|
|
'position' => 'above_table_headers', |
475
|
|
|
'value' => ' |
476
|
|
|
<input type="submit" name="remove_selection" value="' . $txt['ban_remove_selected_triggers'] . '" class="button"> <a class="button" href="' . $scripturl . '?action=admin;area=ban;sa=edittrigger;bg=' . $ban_group_id . '">' . $txt['ban_add_trigger'] . '</a>', |
477
|
|
|
'style' => 'text-align: right;', |
478
|
|
|
), |
479
|
|
|
array( |
480
|
|
|
'position' => 'above_table_headers', |
481
|
|
|
'value' => ' |
482
|
|
|
<input type="hidden" name="bg" value="' . $ban_group_id . '"> |
483
|
|
|
<input type="hidden" name="' . $context['session_var'] . '" value="' . $context['session_id'] . '"> |
484
|
|
|
<input type="hidden" name="' . $context['admin-bet_token_var'] . '" value="' . $context['admin-bet_token'] . '">', |
485
|
|
|
), |
486
|
|
|
array( |
487
|
|
|
'position' => 'below_table_data', |
488
|
|
|
'value' => ' |
489
|
|
|
<input type="submit" name="remove_selection" value="' . $txt['ban_remove_selected_triggers'] . '" class="button"> <a class="button" href="' . $scripturl . '?action=admin;area=ban;sa=edittrigger;bg=' . $ban_group_id . '">' . $txt['ban_add_trigger'] . '</a>', |
490
|
|
|
'style' => 'text-align: right;', |
491
|
|
|
), |
492
|
|
|
array( |
493
|
|
|
'position' => 'below_table_data', |
494
|
|
|
'value' => ' |
495
|
|
|
<input type="hidden" name="bg" value="' . $ban_group_id . '"> |
496
|
|
|
<input type="hidden" name="' . $context['session_var'] . '" value="' . $context['session_id'] . '"> |
497
|
|
|
<input type="hidden" name="' . $context['admin-bet_token_var'] . '" value="' . $context['admin-bet_token'] . '">', |
498
|
|
|
), |
499
|
|
|
), |
500
|
|
|
'javascript' => ' |
501
|
|
|
var removeBans = $("input[name=\'remove_selection\']"); |
502
|
|
|
|
503
|
|
|
removeBans.on( "click", function(e) { |
504
|
|
|
var removeItems = $("input[name=\'ban_items[]\']:checked").length; |
505
|
|
|
|
506
|
|
|
if (removeItems == 0) |
507
|
|
|
{ |
508
|
|
|
e.preventDefault(); |
509
|
|
|
return alert("' . $txt['select_item_check'] . '"); |
510
|
|
|
} |
511
|
|
|
|
512
|
|
|
|
513
|
|
|
return confirm("' . $txt['ban_remove_selected_confirm'] . '"); |
514
|
|
|
});', |
515
|
|
|
); |
516
|
|
|
|
517
|
|
|
call_integration_hook('integrate_ban_edit_list', array(&$listOptions)); |
518
|
|
|
|
519
|
|
|
createList($listOptions); |
520
|
|
|
} |
521
|
|
|
// Not an existing one, then it's probably a new one. |
522
|
|
|
else |
523
|
|
|
{ |
524
|
|
|
$context['ban'] = array( |
525
|
|
|
'id' => 0, |
526
|
|
|
'name' => '', |
527
|
|
|
'expiration' => array( |
528
|
|
|
'status' => 'never', |
529
|
|
|
'days' => 0 |
530
|
|
|
), |
531
|
|
|
'reason' => '', |
532
|
|
|
'notes' => '', |
533
|
|
|
'ban_days' => 0, |
534
|
|
|
'cannot' => array( |
535
|
|
|
'access' => true, |
536
|
|
|
'post' => false, |
537
|
|
|
'register' => false, |
538
|
|
|
'login' => false, |
539
|
|
|
), |
540
|
|
|
'is_new' => true, |
541
|
|
|
); |
542
|
|
|
$context['ban_suggestions'] = array( |
543
|
|
|
'main_ip' => '', |
544
|
|
|
'hostname' => '', |
545
|
|
|
'email' => '', |
546
|
|
|
'member' => array( |
547
|
|
|
'id' => 0, |
548
|
|
|
), |
549
|
|
|
); |
550
|
|
|
|
551
|
|
|
// Overwrite some of the default form values if a user ID was given. |
552
|
|
|
if (!empty($_REQUEST['u'])) |
553
|
|
|
{ |
554
|
|
|
$request = $smcFunc['db_query']('', ' |
555
|
|
|
SELECT id_member, real_name, member_ip, email_address |
556
|
|
|
FROM {db_prefix}members |
557
|
|
|
WHERE id_member = {int:current_user} |
558
|
|
|
LIMIT 1', |
559
|
|
|
array( |
560
|
|
|
'current_user' => (int) $_REQUEST['u'], |
561
|
|
|
) |
562
|
|
|
); |
563
|
|
|
if ($smcFunc['db_num_rows']($request) > 0) |
564
|
|
|
{ |
565
|
|
|
list ($context['ban_suggestions']['member']['id'], $context['ban_suggestions']['member']['name'], $context['ban_suggestions']['main_ip'], $context['ban_suggestions']['email']) = $smcFunc['db_fetch_row']($request); |
566
|
|
|
$context['ban_suggestions']['main_ip'] = inet_dtop($context['ban_suggestions']['main_ip']); |
567
|
|
|
} |
568
|
|
|
$smcFunc['db_free_result']($request); |
569
|
|
|
|
570
|
|
|
if (!empty($context['ban_suggestions']['member']['id'])) |
571
|
|
|
{ |
572
|
|
|
$context['ban_suggestions']['href'] = $scripturl . '?action=profile;u=' . $context['ban_suggestions']['member']['id']; |
573
|
|
|
$context['ban_suggestions']['member']['link'] = '<a href="' . $context['ban_suggestions']['href'] . '">' . $context['ban_suggestions']['member']['name'] . '</a>'; |
574
|
|
|
|
575
|
|
|
// Default the ban name to the name of the banned member. |
576
|
|
|
$context['ban']['name'] = $context['ban_suggestions']['member']['name']; |
577
|
|
|
// @todo: there should be a better solution...used to lock the "Ban on Username" input when banning from profile |
578
|
|
|
$context['ban']['from_user'] = true; |
579
|
|
|
|
580
|
|
|
// Would be nice if we could also ban the hostname. |
581
|
|
|
if ((preg_match('/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/', $context['ban_suggestions']['main_ip']) == 1 || isValidIPv6($context['ban_suggestions']['main_ip'])) && empty($modSettings['disableHostnameLookup'])) |
582
|
|
|
$context['ban_suggestions']['hostname'] = host_from_ip($context['ban_suggestions']['main_ip']); |
583
|
|
|
|
584
|
|
|
$context['ban_suggestions']['other_ips'] = banLoadAdditionalIPs($context['ban_suggestions']['member']['id']); |
585
|
|
|
} |
586
|
|
|
} |
587
|
|
|
|
588
|
|
|
// We come from the mod center. |
589
|
|
|
elseif (isset($_GET['msg']) && !empty($_GET['msg'])) |
590
|
|
|
{ |
591
|
|
|
$request = $smcFunc['db_query']('', ' |
592
|
|
|
SELECT poster_name, poster_ip, poster_email |
593
|
|
|
FROM {db_prefix}messages |
594
|
|
|
WHERE id_msg = {int:message} |
595
|
|
|
LIMIT 1', |
596
|
|
|
array( |
597
|
|
|
'message' => (int) $_REQUEST['msg'], |
598
|
|
|
) |
599
|
|
|
); |
600
|
|
|
if ($smcFunc['db_num_rows']($request) > 0) |
601
|
|
|
{ |
602
|
|
|
list ($context['ban_suggestions']['member']['name'], $context['ban_suggestions']['main_ip'], $context['ban_suggestions']['email']) = $smcFunc['db_fetch_row']($request); |
603
|
|
|
$context['ban_suggestions']['main_ip'] = inet_dtop($context['ban_suggestions']['main_ip']); |
604
|
|
|
} |
605
|
|
|
$smcFunc['db_free_result']($request); |
606
|
|
|
|
607
|
|
|
// Can't hurt to ban base on the guest name... |
608
|
|
|
$context['ban']['name'] = $context['ban_suggestions']['member']['name']; |
609
|
|
|
$context['ban']['from_user'] = true; |
610
|
|
|
} |
611
|
|
|
|
612
|
|
|
call_integration_hook('integrate_ban_edit_new', array()); |
613
|
|
|
|
614
|
|
|
} |
615
|
|
|
} |
616
|
|
|
|
617
|
|
|
loadJavaScriptFile('suggest.js', array('minimize' => true), 'smf_suggest'); |
618
|
|
|
$context['sub_template'] = 'ban_edit'; |
619
|
|
|
|
620
|
|
|
} |
621
|
|
|
|
622
|
|
|
/** |
623
|
|
|
* Retrieves all the ban items belonging to a certain ban group |
624
|
|
|
* |
625
|
|
|
* @param int $start Which item to start with (for pagination purposes) |
626
|
|
|
* @param int $items_per_page How many items to show on each page |
627
|
|
|
* @param int $sort Not used here |
628
|
|
|
* @param int $ban_group_id The ID of the group to get the bans for |
629
|
|
|
* @return array An array with information about the returned ban items |
630
|
|
|
*/ |
631
|
|
|
function list_getBanItems($start = 0, $items_per_page = 0, $sort = 0, $ban_group_id = 0) |
632
|
|
|
{ |
633
|
|
|
global $context, $smcFunc, $scripturl; |
634
|
|
|
|
635
|
|
|
$ban_items = array(); |
636
|
|
|
$request = $smcFunc['db_query']('', ' |
637
|
|
|
SELECT |
638
|
|
|
bi.id_ban, bi.hostname, bi.email_address, bi.id_member, bi.hits, |
639
|
|
|
bi.ip_low, bi.ip_high, |
640
|
|
|
bg.id_ban_group, bg.name, bg.ban_time, bg.expire_time AS expire_time, bg.reason, bg.notes, bg.cannot_access, bg.cannot_register, bg.cannot_login, bg.cannot_post, |
641
|
|
|
COALESCE(mem.id_member, 0) AS id_member, mem.member_name, mem.real_name |
642
|
|
|
FROM {db_prefix}ban_groups AS bg |
643
|
|
|
LEFT JOIN {db_prefix}ban_items AS bi ON (bi.id_ban_group = bg.id_ban_group) |
644
|
|
|
LEFT JOIN {db_prefix}members AS mem ON (mem.id_member = bi.id_member) |
645
|
|
|
WHERE bg.id_ban_group = {int:current_ban} |
646
|
|
|
LIMIT {int:start}, {int:items_per_page}', |
647
|
|
|
array( |
648
|
|
|
'current_ban' => $ban_group_id, |
649
|
|
|
'start' => $start, |
650
|
|
|
'items_per_page' => $items_per_page, |
651
|
|
|
) |
652
|
|
|
); |
653
|
|
|
if ($smcFunc['db_num_rows']($request) == 0) |
654
|
|
|
fatal_lang_error('ban_not_found', false); |
655
|
|
|
|
656
|
|
|
while ($row = $smcFunc['db_fetch_assoc']($request)) |
657
|
|
|
{ |
658
|
|
|
if (!isset($context['ban'])) |
659
|
|
|
{ |
660
|
|
|
$context['ban'] = array( |
661
|
|
|
'id' => $row['id_ban_group'], |
662
|
|
|
'name' => $row['name'], |
663
|
|
|
'expiration' => array( |
664
|
|
|
'status' => $row['expire_time'] === null ? 'never' : ($row['expire_time'] < time() ? 'expired' : 'one_day'), |
665
|
|
|
'days' => $row['expire_time'] > time() ? ($row['expire_time'] - time() < 86400 ? 1 : ceil(($row['expire_time'] - time()) / 86400)) : 0 |
666
|
|
|
), |
667
|
|
|
'reason' => $row['reason'], |
668
|
|
|
'notes' => $row['notes'], |
669
|
|
|
'cannot' => array( |
670
|
|
|
'access' => !empty($row['cannot_access']), |
671
|
|
|
'post' => !empty($row['cannot_post']), |
672
|
|
|
'register' => !empty($row['cannot_register']), |
673
|
|
|
'login' => !empty($row['cannot_login']), |
674
|
|
|
), |
675
|
|
|
'is_new' => false, |
676
|
|
|
'hostname' => '', |
677
|
|
|
'email' => '', |
678
|
|
|
); |
679
|
|
|
} |
680
|
|
|
|
681
|
|
|
if (!empty($row['id_ban'])) |
682
|
|
|
{ |
683
|
|
|
$ban_items[$row['id_ban']] = array( |
684
|
|
|
'id' => $row['id_ban'], |
685
|
|
|
'hits' => $row['hits'], |
686
|
|
|
); |
687
|
|
|
if (!empty($row['ip_high'])) |
688
|
|
|
{ |
689
|
|
|
$ban_items[$row['id_ban']]['type'] = 'ip'; |
690
|
|
|
$ban_items[$row['id_ban']]['ip'] = range2ip($row['ip_low'], $row['ip_high']); |
691
|
|
|
} |
692
|
|
|
elseif (!empty($row['hostname'])) |
693
|
|
|
{ |
694
|
|
|
$ban_items[$row['id_ban']]['type'] = 'hostname'; |
695
|
|
|
$ban_items[$row['id_ban']]['hostname'] = str_replace('%', '*', $row['hostname']); |
696
|
|
|
} |
697
|
|
|
elseif (!empty($row['email_address'])) |
698
|
|
|
{ |
699
|
|
|
$ban_items[$row['id_ban']]['type'] = 'email'; |
700
|
|
|
$ban_items[$row['id_ban']]['email'] = str_replace('%', '*', $row['email_address']); |
701
|
|
|
} |
702
|
|
|
elseif (!empty($row['id_member'])) |
703
|
|
|
{ |
704
|
|
|
$ban_items[$row['id_ban']]['type'] = 'user'; |
705
|
|
|
$ban_items[$row['id_ban']]['user'] = array( |
706
|
|
|
'id' => $row['id_member'], |
707
|
|
|
'name' => $row['real_name'], |
708
|
|
|
'href' => $scripturl . '?action=profile;u=' . $row['id_member'], |
709
|
|
|
'link' => '<a href="' . $scripturl . '?action=profile;u=' . $row['id_member'] . '">' . $row['real_name'] . '</a>', |
710
|
|
|
); |
711
|
|
|
} |
712
|
|
|
// Invalid ban (member probably doesn't exist anymore). |
713
|
|
|
else |
714
|
|
|
{ |
715
|
|
|
unset($ban_items[$row['id_ban']]); |
716
|
|
|
removeBanTriggers($row['id_ban']); |
717
|
|
|
} |
718
|
|
|
} |
719
|
|
|
} |
720
|
|
|
$smcFunc['db_free_result']($request); |
721
|
|
|
|
722
|
|
|
call_integration_hook('integrate_ban_list', array(&$ban_items)); |
723
|
|
|
|
724
|
|
|
return $ban_items; |
725
|
|
|
} |
726
|
|
|
|
727
|
|
|
/** |
728
|
|
|
* Gets the number of ban items belonging to a certain ban group |
729
|
|
|
* |
730
|
|
|
* @return int The number of ban items |
731
|
|
|
*/ |
732
|
|
|
function list_getNumBanItems() |
733
|
|
|
{ |
734
|
|
|
global $smcFunc, $context; |
735
|
|
|
|
736
|
|
|
$ban_group_id = isset($context['ban_group_id']) ? $context['ban_group_id'] : 0; |
737
|
|
|
|
738
|
|
|
$request = $smcFunc['db_query']('', ' |
739
|
|
|
SELECT COUNT(bi.id_ban) |
740
|
|
|
FROM {db_prefix}ban_groups AS bg |
741
|
|
|
LEFT JOIN {db_prefix}ban_items AS bi ON (bi.id_ban_group = bg.id_ban_group) |
742
|
|
|
LEFT JOIN {db_prefix}members AS mem ON (mem.id_member = bi.id_member) |
743
|
|
|
WHERE bg.id_ban_group = {int:current_ban}', |
744
|
|
|
array( |
745
|
|
|
'current_ban' => $ban_group_id, |
746
|
|
|
) |
747
|
|
|
); |
748
|
|
|
list($banNumber) = $smcFunc['db_fetch_row']($request); |
749
|
|
|
$smcFunc['db_free_result']($request); |
750
|
|
|
|
751
|
|
|
return $banNumber; |
752
|
|
|
} |
753
|
|
|
|
754
|
|
|
/** |
755
|
|
|
* Finds additional IPs related to a certain user |
756
|
|
|
* |
757
|
|
|
* @param int $member_id The ID of the member to get additional IPs for |
758
|
|
|
* @return array An containing two arrays - ips_in_messages (IPs used in posts) and ips_in_errors (IPs used in error messages) |
759
|
|
|
*/ |
760
|
|
|
function banLoadAdditionalIPs($member_id) |
761
|
|
|
{ |
762
|
|
|
// Borrowing a few language strings from profile. |
763
|
|
|
loadLanguage('Profile'); |
764
|
|
|
|
765
|
|
|
$search_list = array(); |
766
|
|
|
call_integration_hook('integrate_load_addtional_ip_ban', array(&$search_list)); |
767
|
|
|
$search_list += array('ips_in_messages' => 'banLoadAdditionalIPsMember', 'ips_in_errors' => 'banLoadAdditionalIPsError'); |
768
|
|
|
|
769
|
|
|
$return = array(); |
770
|
|
|
foreach ($search_list as $key => $callable) |
771
|
|
|
if (is_callable($callable)) |
772
|
|
|
$return[$key] = call_user_func($callable, $member_id); |
773
|
|
|
|
774
|
|
|
return $return; |
775
|
|
|
} |
776
|
|
|
|
777
|
|
|
/** |
778
|
|
|
* Loads additional IPs used by a specific member |
779
|
|
|
* |
780
|
|
|
* @param int $member_id The ID of the member |
781
|
|
|
* @return array An array of IPs used in posts by this member |
782
|
|
|
*/ |
783
|
|
|
function banLoadAdditionalIPsMember($member_id) |
784
|
|
|
{ |
785
|
|
|
global $smcFunc; |
786
|
|
|
|
787
|
|
|
// Find some additional IP's used by this member. |
788
|
|
|
$message_ips = array(); |
789
|
|
|
$request = $smcFunc['db_query']('', ' |
790
|
|
|
SELECT DISTINCT poster_ip |
791
|
|
|
FROM {db_prefix}messages |
792
|
|
|
WHERE id_member = {int:current_user} |
793
|
|
|
AND poster_ip IS NOT NULL |
794
|
|
|
ORDER BY poster_ip', |
795
|
|
|
array( |
796
|
|
|
'current_user' => $member_id, |
797
|
|
|
) |
798
|
|
|
); |
799
|
|
|
while ($row = $smcFunc['db_fetch_assoc']($request)) |
800
|
|
|
$message_ips[] = inet_dtop($row['poster_ip']); |
801
|
|
|
|
802
|
|
|
$smcFunc['db_free_result']($request); |
803
|
|
|
|
804
|
|
|
return $message_ips; |
805
|
|
|
} |
806
|
|
|
|
807
|
|
|
/** |
808
|
|
|
* Loads additional IPs used by a member from the error log |
809
|
|
|
* |
810
|
|
|
* @param int $member_id The ID of the member |
811
|
|
|
* @return array An array of IPs associated with error messages generated by this user |
812
|
|
|
*/ |
813
|
|
|
function banLoadAdditionalIPsError($member_id) |
814
|
|
|
{ |
815
|
|
|
global $smcFunc; |
816
|
|
|
|
817
|
|
|
$error_ips = array(); |
818
|
|
|
$request = $smcFunc['db_query']('', ' |
819
|
|
|
SELECT DISTINCT ip |
820
|
|
|
FROM {db_prefix}log_errors |
821
|
|
|
WHERE id_member = {int:current_user} |
822
|
|
|
AND ip IS NOT NULL |
823
|
|
|
ORDER BY ip', |
824
|
|
|
array( |
825
|
|
|
'current_user' => $member_id, |
826
|
|
|
) |
827
|
|
|
); |
828
|
|
|
while ($row = $smcFunc['db_fetch_assoc']($request)) |
829
|
|
|
$error_ips[] = inet_dtop($row['ip']); |
830
|
|
|
|
831
|
|
|
$smcFunc['db_free_result']($request); |
832
|
|
|
|
833
|
|
|
return $error_ips; |
834
|
|
|
} |
835
|
|
|
|
836
|
|
|
/** |
837
|
|
|
* This function handles submitted forms that add, modify or remove ban triggers. |
838
|
|
|
*/ |
839
|
|
|
function banEdit2() |
840
|
|
|
{ |
841
|
|
|
global $smcFunc, $context; |
842
|
|
|
|
843
|
|
|
checkSession(); |
844
|
|
|
validateToken('admin-bet'); |
845
|
|
|
|
846
|
|
|
$context['ban_errors'] = array(); |
847
|
|
|
|
848
|
|
|
// Adding or editing a ban group |
849
|
|
|
if (isset($_POST['add_ban']) || isset($_POST['modify_ban'])) |
850
|
|
|
{ |
851
|
|
|
// Let's collect all the information we need |
852
|
|
|
$ban_info['id'] = isset($_REQUEST['bg']) ? (int) $_REQUEST['bg'] : 0; |
853
|
|
|
$ban_info['is_new'] = empty($ban_info['id']); |
854
|
|
|
$ban_info['expire_date'] = !empty($_POST['expire_date']) ? (int) $_POST['expire_date'] : 0; |
855
|
|
|
$ban_info['expiration'] = array( |
856
|
|
|
'status' => isset($_POST['expiration']) && in_array($_POST['expiration'], array('never', 'one_day', 'expired')) ? $_POST['expiration'] : 'never', |
857
|
|
|
'days' => $ban_info['expire_date'], |
858
|
|
|
); |
859
|
|
|
$ban_info['db_expiration'] = $ban_info['expiration']['status'] == 'never' ? 'NULL' : ($ban_info['expiration']['status'] == 'one_day' ? time() + 24 * 60 * 60 * $ban_info['expire_date'] : 0); |
860
|
|
|
$ban_info['full_ban'] = empty($_POST['full_ban']) ? 0 : 1; |
861
|
|
|
$ban_info['reason'] = !empty($_POST['reason']) ? $smcFunc['htmlspecialchars']($_POST['reason'], ENT_QUOTES) : ''; |
862
|
|
|
$ban_info['name'] = !empty($_POST['ban_name']) ? $smcFunc['htmlspecialchars']($_POST['ban_name'], ENT_QUOTES) : ''; |
863
|
|
|
$ban_info['notes'] = isset($_POST['notes']) ? $smcFunc['htmlspecialchars']($_POST['notes'], ENT_QUOTES) : ''; |
864
|
|
|
$ban_info['notes'] = str_replace(array("\r", "\n", ' '), array('', '<br>', ' '), $ban_info['notes']); |
865
|
|
|
$ban_info['cannot']['access'] = empty($ban_info['full_ban']) ? 0 : 1; |
866
|
|
|
$ban_info['cannot']['post'] = !empty($ban_info['full_ban']) || empty($_POST['cannot_post']) ? 0 : 1; |
867
|
|
|
$ban_info['cannot']['register'] = !empty($ban_info['full_ban']) || empty($_POST['cannot_register']) ? 0 : 1; |
868
|
|
|
$ban_info['cannot']['login'] = !empty($ban_info['full_ban']) || empty($_POST['cannot_login']) ? 0 : 1; |
869
|
|
|
|
870
|
|
|
call_integration_hook('integrate_edit_bans', array(&$ban_info, empty($_REQUEST['bg']))); |
871
|
|
|
|
872
|
|
|
// Adding a new ban group |
873
|
|
|
if (empty($_REQUEST['bg'])) |
874
|
|
|
$ban_group_id = insertBanGroup($ban_info); |
875
|
|
|
// Editing an existing ban group |
876
|
|
|
else |
877
|
|
|
$ban_group_id = updateBanGroup($ban_info); |
878
|
|
|
|
879
|
|
|
if (is_numeric($ban_group_id)) |
880
|
|
|
{ |
881
|
|
|
$ban_info['id'] = $ban_group_id; |
882
|
|
|
$ban_info['is_new'] = false; |
883
|
|
|
} |
884
|
|
|
|
885
|
|
|
$context['ban'] = $ban_info; |
886
|
|
|
} |
887
|
|
|
|
888
|
|
|
if (isset($_POST['ban_suggestions'])) |
889
|
|
|
// @TODO: is $_REQUEST['bi'] ever set? |
890
|
|
|
$saved_triggers = saveTriggers($_POST['ban_suggestions'], $ban_info['id'], isset($_REQUEST['u']) ? (int) $_REQUEST['u'] : 0, isset($_REQUEST['bi']) ? (int) $_REQUEST['bi'] : 0); |
891
|
|
|
|
892
|
|
|
// Something went wrong somewhere... Oh well, let's go back. |
893
|
|
|
if (!empty($context['ban_errors'])) |
894
|
|
|
{ |
895
|
|
|
$context['ban_suggestions'] = !empty($saved_triggers) ? $saved_triggers : array(); |
896
|
|
|
if (isset($_REQUEST['u'])) |
897
|
|
|
{ |
898
|
|
|
$context['ban']['from_user'] = true; |
899
|
|
|
$context['ban_suggestions'] = array_merge($context['ban_suggestions'], getMemberData((int) $_REQUEST['u'])); |
900
|
|
|
} |
901
|
|
|
|
902
|
|
|
// Not strictly necessary, but it's nice |
903
|
|
|
if (!empty($context['ban_suggestions']['member']['id'])) |
904
|
|
|
$context['ban_suggestions']['other_ips'] = banLoadAdditionalIPs($context['ban_suggestions']['member']['id']); |
905
|
|
|
return BanEdit(); |
906
|
|
|
} |
907
|
|
|
$context['ban_suggestions']['saved_triggers'] = !empty($saved_triggers) ? $saved_triggers : array(); |
908
|
|
|
|
909
|
|
|
if (isset($_POST['ban_items'])) |
910
|
|
|
{ |
911
|
|
|
$ban_group_id = isset($_REQUEST['bg']) ? (int) $_REQUEST['bg'] : 0; |
912
|
|
|
array_map('intval', $_POST['ban_items']); |
913
|
|
|
|
914
|
|
|
removeBanTriggers($_POST['ban_items'], $ban_group_id); |
915
|
|
|
} |
916
|
|
|
|
917
|
|
|
call_integration_hook('integrate_edit_bans_post', array()); |
918
|
|
|
|
919
|
|
|
// Register the last modified date. |
920
|
|
|
updateSettings(array('banLastUpdated' => time())); |
921
|
|
|
|
922
|
|
|
// Update the member table to represent the new ban situation. |
923
|
|
|
updateBanMembers(); |
924
|
|
|
redirectexit('action=admin;area=ban;sa=edit;bg=' . $ban_group_id); |
925
|
|
|
} |
926
|
|
|
|
927
|
|
|
/** |
928
|
|
|
* Saves one or more ban triggers into a ban item: according to the suggestions |
929
|
|
|
* checks the $_POST variable to verify if the trigger is present |
930
|
|
|
* |
931
|
|
|
* @param array $suggestions An array of suggestedtriggers (IP, email, etc.) |
932
|
|
|
* @param int $ban_group The ID of the group we're saving bans for |
933
|
|
|
* @param int $member The ID of the member associated with this ban (if applicable) |
934
|
|
|
* @param int $ban_id The ID of the ban (0 if this is a new ban) |
935
|
|
|
* |
936
|
|
|
* @return array|bool An array with the triggers if there were errors or false on success |
937
|
|
|
*/ |
938
|
|
|
function saveTriggers(array $suggestions, $ban_group, $member = 0, $ban_id = 0) |
939
|
|
|
{ |
940
|
|
|
global $context; |
941
|
|
|
|
942
|
|
|
$triggers = array( |
943
|
|
|
'main_ip' => '', |
944
|
|
|
'hostname' => '', |
945
|
|
|
'email' => '', |
946
|
|
|
'member' => array( |
947
|
|
|
'id' => $member, |
948
|
|
|
) |
949
|
|
|
); |
950
|
|
|
|
951
|
|
|
foreach ($suggestions as $key => $value) |
952
|
|
|
{ |
953
|
|
|
if (is_array($value)) |
954
|
|
|
$triggers[$key] = $value; |
955
|
|
|
else |
956
|
|
|
$triggers[$value] = !empty($_POST[$value]) ? $_POST[$value] : ''; |
957
|
|
|
} |
958
|
|
|
|
959
|
|
|
$ban_triggers = validateTriggers($triggers); |
960
|
|
|
|
961
|
|
|
call_integration_hook('integrate_save_triggers', array(&$ban_triggers, &$ban_group)); |
962
|
|
|
|
963
|
|
|
// Time to save! |
964
|
|
|
if (!empty($ban_triggers['ban_triggers']) && empty($context['ban_errors'])) |
965
|
|
|
{ |
966
|
|
|
if (empty($ban_id)) |
967
|
|
|
addTriggers($ban_group, $ban_triggers['ban_triggers'], $ban_triggers['log_info']); |
968
|
|
|
else |
969
|
|
|
updateTriggers($ban_id, $ban_group, array_shift($ban_triggers['ban_triggers']), $ban_triggers['log_info']); |
970
|
|
|
} |
971
|
|
|
if (!empty($context['ban_errors'])) |
972
|
|
|
return $triggers; |
973
|
|
|
else |
974
|
|
|
return false; |
975
|
|
|
} |
976
|
|
|
|
977
|
|
|
/** |
978
|
|
|
* This function removes a bunch of triggers based on ids |
979
|
|
|
* Doesn't clean the inputs |
980
|
|
|
* |
981
|
|
|
* @param array $items_ids The items to remove |
982
|
|
|
* @param bool|int $group_id The ID of the group these triggers are associated with or false if deleting them from all groups |
983
|
|
|
* @return bool Always returns true |
984
|
|
|
*/ |
985
|
|
|
function removeBanTriggers($items_ids = array(), $group_id = false) |
986
|
|
|
{ |
987
|
|
|
global $smcFunc, $scripturl; |
988
|
|
|
|
989
|
|
|
if ($group_id !== false) |
990
|
|
|
$group_id = (int) $group_id; |
991
|
|
|
|
992
|
|
|
if (empty($group_id) && empty($items_ids)) |
993
|
|
|
return false; |
994
|
|
|
|
995
|
|
|
if (!is_array($items_ids)) |
996
|
|
|
$items_ids = array($items_ids); |
997
|
|
|
|
998
|
|
|
$log_info = array(); |
999
|
|
|
$ban_items = array(); |
1000
|
|
|
|
1001
|
|
|
call_integration_hook('integrate_remove_triggers', array(&$items_ids, $group_id)); |
1002
|
|
|
|
1003
|
|
|
// First order of business: Load up the info so we can log this... |
1004
|
|
|
$request = $smcFunc['db_query']('', ' |
1005
|
|
|
SELECT |
1006
|
|
|
bi.id_ban, bi.hostname, bi.email_address, bi.id_member, bi.hits, |
1007
|
|
|
bi.ip_low, bi.ip_high, |
1008
|
|
|
COALESCE(mem.id_member, 0) AS id_member, mem.member_name, mem.real_name |
1009
|
|
|
FROM {db_prefix}ban_items AS bi |
1010
|
|
|
LEFT JOIN {db_prefix}members AS mem ON (mem.id_member = bi.id_member) |
1011
|
|
|
WHERE bi.id_ban IN ({array_int:ban_list})', |
1012
|
|
|
array( |
1013
|
|
|
'ban_list' => $items_ids, |
1014
|
|
|
) |
1015
|
|
|
); |
1016
|
|
|
|
1017
|
|
|
// Get all the info for the log |
1018
|
|
|
while ($row = $smcFunc['db_fetch_assoc']($request)) |
1019
|
|
|
{ |
1020
|
|
|
if (!empty($row['id_ban'])) |
1021
|
|
|
{ |
1022
|
|
|
$ban_items[$row['id_ban']] = array( |
1023
|
|
|
'id' => $row['id_ban'], |
1024
|
|
|
); |
1025
|
|
|
if (!empty($row['ip_high'])) |
1026
|
|
|
{ |
1027
|
|
|
$ban_items[$row['id_ban']]['type'] = 'ip'; |
1028
|
|
|
$ban_items[$row['id_ban']]['ip'] = range2ip($row['ip_low'], $row['ip_high']); |
1029
|
|
|
|
1030
|
|
|
$is_range = (strpos($ban_items[$row['id_ban']]['ip'], '-') !== false || strpos($ban_items[$row['id_ban']]['ip'], '*') !== false); |
1031
|
|
|
|
1032
|
|
|
$log_info[] = array( |
1033
|
|
|
'bantype' => ($is_range ? 'ip_range' : 'main_ip'), |
1034
|
|
|
'value' => $ban_items[$row['id_ban']]['ip'], |
1035
|
|
|
); |
1036
|
|
|
} |
1037
|
|
|
elseif (!empty($row['hostname'])) |
1038
|
|
|
{ |
1039
|
|
|
$ban_items[$row['id_ban']]['type'] = 'hostname'; |
1040
|
|
|
$ban_items[$row['id_ban']]['hostname'] = str_replace('%', '*', $row['hostname']); |
1041
|
|
|
$log_info[] = array( |
1042
|
|
|
'bantype' => 'hostname', |
1043
|
|
|
'value' => $row['hostname'], |
1044
|
|
|
); |
1045
|
|
|
} |
1046
|
|
|
elseif (!empty($row['email_address'])) |
1047
|
|
|
{ |
1048
|
|
|
$ban_items[$row['id_ban']]['type'] = 'email'; |
1049
|
|
|
$ban_items[$row['id_ban']]['email'] = str_replace('%', '*', $row['email_address']); |
1050
|
|
|
$log_info[] = array( |
1051
|
|
|
'bantype' => 'email', |
1052
|
|
|
'value' => $ban_items[$row['id_ban']]['email'], |
1053
|
|
|
); |
1054
|
|
|
} |
1055
|
|
|
elseif (!empty($row['id_member'])) |
1056
|
|
|
{ |
1057
|
|
|
$ban_items[$row['id_ban']]['type'] = 'user'; |
1058
|
|
|
$ban_items[$row['id_ban']]['user'] = array( |
1059
|
|
|
'id' => $row['id_member'], |
1060
|
|
|
'name' => $row['real_name'], |
1061
|
|
|
'href' => $scripturl . '?action=profile;u=' . $row['id_member'], |
1062
|
|
|
'link' => '<a href="' . $scripturl . '?action=profile;u=' . $row['id_member'] . '">' . $row['real_name'] . '</a>', |
1063
|
|
|
); |
1064
|
|
|
$log_info[] = array( |
1065
|
|
|
'bantype' => 'user', |
1066
|
|
|
'value' => $row['id_member'], |
1067
|
|
|
); |
1068
|
|
|
} |
1069
|
|
|
} |
1070
|
|
|
} |
1071
|
|
|
|
1072
|
|
|
// Log this! |
1073
|
|
|
logTriggersUpdates($log_info, false, true); |
1074
|
|
|
|
1075
|
|
|
$smcFunc['db_free_result']($request); |
1076
|
|
|
|
1077
|
|
|
if ($group_id !== false) |
1078
|
|
|
{ |
1079
|
|
|
$smcFunc['db_query']('', ' |
1080
|
|
|
DELETE FROM {db_prefix}ban_items |
1081
|
|
|
WHERE id_ban IN ({array_int:ban_list}) |
1082
|
|
|
AND id_ban_group = {int:ban_group}', |
1083
|
|
|
array( |
1084
|
|
|
'ban_list' => $items_ids, |
1085
|
|
|
'ban_group' => $group_id, |
1086
|
|
|
) |
1087
|
|
|
); |
1088
|
|
|
} |
1089
|
|
|
elseif (!empty($items_ids)) |
1090
|
|
|
{ |
1091
|
|
|
$smcFunc['db_query']('', ' |
1092
|
|
|
DELETE FROM {db_prefix}ban_items |
1093
|
|
|
WHERE id_ban IN ({array_int:ban_list})', |
1094
|
|
|
array( |
1095
|
|
|
'ban_list' => $items_ids, |
1096
|
|
|
) |
1097
|
|
|
); |
1098
|
|
|
} |
1099
|
|
|
|
1100
|
|
|
return true; |
1101
|
|
|
} |
1102
|
|
|
|
1103
|
|
|
/** |
1104
|
|
|
* This function removes a bunch of ban groups based on ids |
1105
|
|
|
* Doesn't clean the inputs |
1106
|
|
|
* |
1107
|
|
|
* @param int[] $group_ids The IDs of the groups to remove |
1108
|
|
|
* @return bool Returns true if successful or false if $group_ids is empty |
1109
|
|
|
*/ |
1110
|
|
|
function removeBanGroups($group_ids) |
1111
|
|
|
{ |
1112
|
|
|
global $smcFunc; |
1113
|
|
|
|
1114
|
|
|
if (!is_array($group_ids)) |
1115
|
|
|
$group_ids = array($group_ids); |
1116
|
|
|
|
1117
|
|
|
$group_ids = array_unique($group_ids); |
1118
|
|
|
|
1119
|
|
|
if (empty($group_ids)) |
1120
|
|
|
return false; |
1121
|
|
|
|
1122
|
|
|
$smcFunc['db_query']('', ' |
1123
|
|
|
DELETE FROM {db_prefix}ban_groups |
1124
|
|
|
WHERE id_ban_group IN ({array_int:ban_list})', |
1125
|
|
|
array( |
1126
|
|
|
'ban_list' => $group_ids, |
1127
|
|
|
) |
1128
|
|
|
); |
1129
|
|
|
|
1130
|
|
|
// Remove all ban triggers for these bans groups |
1131
|
|
|
$request = $smcFunc['db_query']('', ' |
1132
|
|
|
SELECT id_ban |
1133
|
|
|
FROM {db_prefix}ban_items |
1134
|
|
|
WHERE id_ban_group IN ({array_int:ban_list})', |
1135
|
|
|
array( |
1136
|
|
|
'ban_list' => $group_ids, |
1137
|
|
|
) |
1138
|
|
|
); |
1139
|
|
|
|
1140
|
|
|
$id_ban_triggers = array(); |
1141
|
|
|
while ($row = $smcFunc['db_fetch_assoc']($request)) |
1142
|
|
|
{ |
1143
|
|
|
$id_ban_triggers[] = $row['id_ban']; |
1144
|
|
|
} |
1145
|
|
|
$smcFunc['db_free_result']($request); |
1146
|
|
|
|
1147
|
|
|
removeBanTriggers($id_ban_triggers); |
1148
|
|
|
|
1149
|
|
|
return true; |
1150
|
|
|
} |
1151
|
|
|
|
1152
|
|
|
/** |
1153
|
|
|
* Removes logs - by default truncate the table |
1154
|
|
|
* Doesn't clean the inputs |
1155
|
|
|
* |
1156
|
|
|
* @param array $ids Empty array to clear the ban log or the IDs of the log entries to remove |
1157
|
|
|
* @return bool Returns true if successful or false if $ids is invalid |
1158
|
|
|
*/ |
1159
|
|
|
function removeBanLogs($ids = array()) |
1160
|
|
|
{ |
1161
|
|
|
global $smcFunc; |
1162
|
|
|
|
1163
|
|
|
if (empty($ids)) |
1164
|
|
|
$smcFunc['db_query']('truncate_table', ' |
1165
|
|
|
TRUNCATE {db_prefix}log_banned', |
1166
|
|
|
array( |
1167
|
|
|
) |
1168
|
|
|
); |
1169
|
|
|
else |
1170
|
|
|
{ |
1171
|
|
|
if (!is_array($ids)) |
1172
|
|
|
$ids = array($ids); |
1173
|
|
|
|
1174
|
|
|
$ids = array_unique($ids); |
1175
|
|
|
|
1176
|
|
|
if (empty($ids)) |
1177
|
|
|
return false; |
1178
|
|
|
|
1179
|
|
|
$smcFunc['db_query']('', ' |
1180
|
|
|
DELETE FROM {db_prefix}log_banned |
1181
|
|
|
WHERE id_ban_log IN ({array_int:ban_list})', |
1182
|
|
|
array( |
1183
|
|
|
'ban_list' => $ids, |
1184
|
|
|
) |
1185
|
|
|
); |
1186
|
|
|
} |
1187
|
|
|
|
1188
|
|
|
return true; |
1189
|
|
|
} |
1190
|
|
|
|
1191
|
|
|
/** |
1192
|
|
|
* This function validates the ban triggers |
1193
|
|
|
* |
1194
|
|
|
* Errors in $context['ban_errors'] |
1195
|
|
|
* |
1196
|
|
|
* @param array $triggers The triggers to validate |
1197
|
|
|
* @return array An array of riggers and log info ready to be used |
1198
|
|
|
*/ |
1199
|
|
|
function validateTriggers(&$triggers) |
1200
|
|
|
{ |
1201
|
|
|
global $context, $smcFunc; |
1202
|
|
|
|
1203
|
|
|
if (empty($triggers)) |
1204
|
|
|
$context['ban_errors'][] = 'ban_empty_triggers'; |
1205
|
|
|
|
1206
|
|
|
$ban_triggers = array(); |
1207
|
|
|
$log_info = array(); |
1208
|
|
|
|
1209
|
|
|
foreach ($triggers as $key => $value) |
1210
|
|
|
{ |
1211
|
|
|
if (!empty($value)) |
1212
|
|
|
{ |
1213
|
|
|
if ($key == 'member') |
1214
|
|
|
continue; |
1215
|
|
|
|
1216
|
|
|
if ($key == 'main_ip') |
1217
|
|
|
{ |
1218
|
|
|
$value = trim($value); |
1219
|
|
|
$ip_parts = ip2range($value); |
1220
|
|
|
if (!checkExistingTriggerIP($ip_parts, $value)) |
1221
|
|
|
$context['ban_errors'][] = 'invalid_ip'; |
1222
|
|
|
else |
1223
|
|
|
{ |
1224
|
|
|
$ban_triggers['main_ip'] = array( |
1225
|
|
|
'ip_low' => $ip_parts['low'], |
1226
|
|
|
'ip_high' => $ip_parts['high'] |
1227
|
|
|
); |
1228
|
|
|
} |
1229
|
|
|
} |
1230
|
|
|
elseif ($key == 'hostname') |
1231
|
|
|
{ |
1232
|
|
|
if (preg_match('/[^\w.\-*]/', $value) == 1) |
1233
|
|
|
$context['ban_errors'][] = 'invalid_hostname'; |
1234
|
|
|
else |
1235
|
|
|
{ |
1236
|
|
|
// Replace the * wildcard by a MySQL wildcard %. |
1237
|
|
|
$value = substr(str_replace('*', '%', $value), 0, 255); |
1238
|
|
|
|
1239
|
|
|
$ban_triggers['hostname']['hostname'] = $value; |
1240
|
|
|
} |
1241
|
|
|
} |
1242
|
|
|
elseif ($key == 'email') |
1243
|
|
|
{ |
1244
|
|
|
if (preg_match('/[^\w.\-\+*@]/', $value) == 1) |
1245
|
|
|
$context['ban_errors'][] = 'invalid_email'; |
1246
|
|
|
|
1247
|
|
|
// Check the user is not banning an admin. |
1248
|
|
|
$request = $smcFunc['db_query']('', ' |
1249
|
|
|
SELECT id_member |
1250
|
|
|
FROM {db_prefix}members |
1251
|
|
|
WHERE (id_group = {int:admin_group} OR FIND_IN_SET({int:admin_group}, additional_groups) != 0) |
1252
|
|
|
AND email_address LIKE {string:email} |
1253
|
|
|
LIMIT 1', |
1254
|
|
|
array( |
1255
|
|
|
'admin_group' => 1, |
1256
|
|
|
'email' => $value, |
1257
|
|
|
) |
1258
|
|
|
); |
1259
|
|
|
if ($smcFunc['db_num_rows']($request) != 0) |
1260
|
|
|
$context['ban_errors'][] = 'no_ban_admin'; |
1261
|
|
|
$smcFunc['db_free_result']($request); |
1262
|
|
|
|
1263
|
|
|
$value = substr(strtolower(str_replace('*', '%', $value)), 0, 255); |
1264
|
|
|
|
1265
|
|
|
$ban_triggers['email']['email_address'] = $value; |
1266
|
|
|
} |
1267
|
|
|
elseif ($key == 'user') |
1268
|
|
|
{ |
1269
|
|
|
$user = preg_replace('~&#(\d{4,5}|[2-9]\d{2,4}|1[2-9]\d);~', '&#$1;', $smcFunc['htmlspecialchars']($value, ENT_QUOTES)); |
1270
|
|
|
|
1271
|
|
|
$request = $smcFunc['db_query']('', ' |
1272
|
|
|
SELECT id_member, (id_group = {int:admin_group} OR FIND_IN_SET({int:admin_group}, additional_groups) != 0) AS isAdmin |
1273
|
|
|
FROM {db_prefix}members |
1274
|
|
|
WHERE member_name = {string:username} OR real_name = {string:username} |
1275
|
|
|
LIMIT 1', |
1276
|
|
|
array( |
1277
|
|
|
'admin_group' => 1, |
1278
|
|
|
'username' => $user, |
1279
|
|
|
) |
1280
|
|
|
); |
1281
|
|
|
if ($smcFunc['db_num_rows']($request) == 0) |
1282
|
|
|
$context['ban_errors'][] = 'invalid_username'; |
1283
|
|
|
list ($value, $isAdmin) = $smcFunc['db_fetch_row']($request); |
1284
|
|
|
$smcFunc['db_free_result']($request); |
1285
|
|
|
|
1286
|
|
|
if ($isAdmin && strtolower($isAdmin) != 'f') |
1287
|
|
|
{ |
1288
|
|
|
unset($value); |
1289
|
|
|
$context['ban_errors'][] = 'no_ban_admin'; |
1290
|
|
|
} |
1291
|
|
|
else |
1292
|
|
|
$ban_triggers['user']['id_member'] = $value; |
1293
|
|
|
} |
1294
|
|
|
elseif (in_array($key, array('ips_in_messages', 'ips_in_errors'))) |
1295
|
|
|
{ |
1296
|
|
|
// Special case, those two are arrays themselves |
1297
|
|
|
$values = array_unique($value); |
1298
|
|
|
// Don't add the main IP again. |
1299
|
|
|
if (isset($triggers['main_ip'])) |
1300
|
|
|
$values = array_diff($values, array($triggers['main_ip'])); |
1301
|
|
|
unset($value); |
1302
|
|
|
foreach ($values as $val) |
1303
|
|
|
{ |
1304
|
|
|
$val = trim($val); |
1305
|
|
|
$ip_parts = ip2range($val); |
1306
|
|
|
if (!checkExistingTriggerIP($ip_parts, $val)) |
1307
|
|
|
$context['ban_errors'][] = 'invalid_ip'; |
1308
|
|
|
else |
1309
|
|
|
{ |
1310
|
|
|
$ban_triggers[$key][] = array( |
1311
|
|
|
'ip_low' => $ip_parts['low'], |
1312
|
|
|
'ip_high' => $ip_parts['high'], |
1313
|
|
|
); |
1314
|
|
|
|
1315
|
|
|
$log_info[] = array( |
1316
|
|
|
'value' => $val, |
1317
|
|
|
'bantype' => 'ip_range', |
1318
|
|
|
); |
1319
|
|
|
} |
1320
|
|
|
} |
1321
|
|
|
} |
1322
|
|
|
else |
1323
|
|
|
$context['ban_errors'][] = 'no_bantype_selected'; |
1324
|
|
|
|
1325
|
|
|
if (isset($value) && !is_array($value)) |
1326
|
|
|
$log_info[] = array( |
1327
|
|
|
'value' => $value, |
1328
|
|
|
'bantype' => $key, |
1329
|
|
|
); |
1330
|
|
|
} |
1331
|
|
|
} |
1332
|
|
|
return array('ban_triggers' => $ban_triggers, 'log_info' => $log_info); |
1333
|
|
|
} |
1334
|
|
|
|
1335
|
|
|
/** |
1336
|
|
|
* This function actually inserts the ban triggers into the database |
1337
|
|
|
* |
1338
|
|
|
* Errors in $context['ban_errors'] |
1339
|
|
|
* |
1340
|
|
|
* @param int $group_id The ID of the group to add the triggers to (0 to create a new one) |
1341
|
|
|
* @param array $triggers The triggers to add |
1342
|
|
|
* @param array $logs The log data |
1343
|
|
|
* @return bool Whether or not the action was successful |
1344
|
|
|
*/ |
1345
|
|
|
function addTriggers($group_id = 0, $triggers = array(), $logs = array()) |
1346
|
|
|
{ |
1347
|
|
|
global $smcFunc, $context; |
1348
|
|
|
|
1349
|
|
|
if (empty($group_id)) |
1350
|
|
|
$context['ban_errors'][] = 'ban_id_empty'; |
1351
|
|
|
|
1352
|
|
|
// Preset all values that are required. |
1353
|
|
|
$values = array( |
1354
|
|
|
'id_ban_group' => $group_id, |
1355
|
|
|
'hostname' => '', |
1356
|
|
|
'email_address' => '', |
1357
|
|
|
'id_member' => 0, |
1358
|
|
|
'ip_low' => 'null', |
1359
|
|
|
'ip_high' => 'null', |
1360
|
|
|
); |
1361
|
|
|
|
1362
|
|
|
$insertKeys = array( |
1363
|
|
|
'id_ban_group' => 'int', |
1364
|
|
|
'hostname' => 'string', |
1365
|
|
|
'email_address' => 'string', |
1366
|
|
|
'id_member' => 'int', |
1367
|
|
|
'ip_low' => 'inet', |
1368
|
|
|
'ip_high' => 'inet', |
1369
|
|
|
); |
1370
|
|
|
|
1371
|
|
|
$insertTriggers = array(); |
1372
|
|
|
foreach ($triggers as $key => $trigger) |
1373
|
|
|
{ |
1374
|
|
|
// Exceptions, exceptions, exceptions...always exceptions... :P |
1375
|
|
|
if (in_array($key, array('ips_in_messages', 'ips_in_errors'))) |
1376
|
|
|
foreach ($trigger as $real_trigger) |
1377
|
|
|
$insertTriggers[] = array_merge($values, $real_trigger); |
1378
|
|
|
else |
1379
|
|
|
$insertTriggers[] = array_merge($values, $trigger); |
1380
|
|
|
} |
1381
|
|
|
|
1382
|
|
|
if (empty($insertTriggers)) |
1383
|
|
|
$context['ban_errors'][] = 'ban_no_triggers'; |
1384
|
|
|
|
1385
|
|
|
if (!empty($context['ban_errors'])) |
1386
|
|
|
return false; |
1387
|
|
|
|
1388
|
|
|
$smcFunc['db_insert']('', |
1389
|
|
|
'{db_prefix}ban_items', |
1390
|
|
|
$insertKeys, |
1391
|
|
|
$insertTriggers, |
1392
|
|
|
array('id_ban') |
1393
|
|
|
); |
1394
|
|
|
|
1395
|
|
|
logTriggersUpdates($logs, true); |
1396
|
|
|
|
1397
|
|
|
return true; |
1398
|
|
|
} |
1399
|
|
|
|
1400
|
|
|
/** |
1401
|
|
|
* This function updates an existing ban trigger into the database |
1402
|
|
|
* |
1403
|
|
|
* Errors in $context['ban_errors'] |
1404
|
|
|
* |
1405
|
|
|
* @param int $ban_item The ID of the ban item |
1406
|
|
|
* @param int $group_id The ID of the ban group |
1407
|
|
|
* @param array $trigger An array of triggers |
1408
|
|
|
* @param array $logs An array of log info |
1409
|
|
|
*/ |
1410
|
|
|
function updateTriggers($ban_item = 0, $group_id = 0, $trigger = array(), $logs = array()) |
1411
|
|
|
{ |
1412
|
|
|
global $smcFunc, $context; |
1413
|
|
|
|
1414
|
|
|
if (empty($ban_item)) |
1415
|
|
|
$context['ban_errors'][] = 'ban_ban_item_empty'; |
1416
|
|
|
if (empty($group_id)) |
1417
|
|
|
$context['ban_errors'][] = 'ban_id_empty'; |
1418
|
|
|
if (empty($trigger)) |
1419
|
|
|
$context['ban_errors'][] = 'ban_no_triggers'; |
1420
|
|
|
|
1421
|
|
|
if (!empty($context['ban_errors'])) |
1422
|
|
|
return; |
1423
|
|
|
|
1424
|
|
|
// Preset all values that are required. |
1425
|
|
|
$values = array( |
1426
|
|
|
'id_ban_group' => $group_id, |
1427
|
|
|
'hostname' => '', |
1428
|
|
|
'email_address' => '', |
1429
|
|
|
'id_member' => 0, |
1430
|
|
|
'ip_low' => 'null', |
1431
|
|
|
'ip_high' => 'null', |
1432
|
|
|
); |
1433
|
|
|
|
1434
|
|
|
$trigger = array_merge($values, $trigger); |
1435
|
|
|
|
1436
|
|
|
$smcFunc['db_query']('', ' |
1437
|
|
|
UPDATE {db_prefix}ban_items |
1438
|
|
|
SET |
1439
|
|
|
hostname = {string:hostname}, email_address = {string:email_address}, id_member = {int:id_member}, |
1440
|
|
|
ip_low = {inet:ip_low}, ip_high = {inet:ip_high} |
1441
|
|
|
WHERE id_ban = {int:ban_item} |
1442
|
|
|
AND id_ban_group = {int:id_ban_group}', |
1443
|
|
|
array_merge($trigger, array( |
1444
|
|
|
'id_ban_group' => $group_id, |
1445
|
|
|
'ban_item' => $ban_item, |
1446
|
|
|
)) |
1447
|
|
|
); |
1448
|
|
|
|
1449
|
|
|
logTriggersUpdates($logs, false); |
1450
|
|
|
} |
1451
|
|
|
|
1452
|
|
|
/** |
1453
|
|
|
* A small function to unify logging of triggers (updates and new) |
1454
|
|
|
* |
1455
|
|
|
* @param array $logs an array of logs, each log contains the following keys: |
1456
|
|
|
* - bantype: a known type of ban (ip_range, hostname, email, user, main_ip) |
1457
|
|
|
* - value: the value of the bantype (e.g. the IP or the email address banned) |
1458
|
|
|
* @param bool $new Whether the trigger is new or an update of an existing one |
1459
|
|
|
* @param bool $removal Whether the trigger is being deleted |
1460
|
|
|
*/ |
1461
|
|
|
function logTriggersUpdates($logs, $new = true, $removal = false) |
1462
|
|
|
{ |
1463
|
|
|
if (empty($logs)) |
1464
|
|
|
return; |
1465
|
|
|
|
1466
|
|
|
$log_name_map = array( |
1467
|
|
|
'main_ip' => 'ip_range', |
1468
|
|
|
'hostname' => 'hostname', |
1469
|
|
|
'email' => 'email', |
1470
|
|
|
'user' => 'member', |
1471
|
|
|
'ip_range' => 'ip_range', |
1472
|
|
|
); |
1473
|
|
|
|
1474
|
|
|
// Log the addion of the ban entries into the moderation log. |
1475
|
|
|
foreach ($logs as $log) |
1476
|
|
|
logAction('ban' . ($removal == true ? 'remove' : ''), array( |
1477
|
|
|
$log_name_map[$log['bantype']] => $log['value'], |
1478
|
|
|
'new' => empty($new) ? 0 : 1, |
1479
|
|
|
'remove' => empty($removal) ? 0 : 1, |
1480
|
|
|
'type' => $log['bantype'], |
1481
|
|
|
)); |
1482
|
|
|
} |
1483
|
|
|
|
1484
|
|
|
/** |
1485
|
|
|
* Updates an existing ban group |
1486
|
|
|
* |
1487
|
|
|
* Errors in $context['ban_errors'] |
1488
|
|
|
* |
1489
|
|
|
* @param array $ban_info An array of info about the ban group. Should have name and may also have an id. |
1490
|
|
|
* @return int The ban group's ID |
1491
|
|
|
*/ |
1492
|
|
|
function updateBanGroup($ban_info = array()) |
1493
|
|
|
{ |
1494
|
|
|
global $smcFunc, $context; |
1495
|
|
|
|
1496
|
|
|
if (empty($ban_info['name'])) |
1497
|
|
|
$context['ban_errors'][] = 'ban_name_empty'; |
1498
|
|
|
if (empty($ban_info['id'])) |
1499
|
|
|
$context['ban_errors'][] = 'ban_id_empty'; |
1500
|
|
|
if (empty($ban_info['cannot']['access']) && empty($ban_info['cannot']['register']) && empty($ban_info['cannot']['post']) && empty($ban_info['cannot']['login'])) |
1501
|
|
|
$context['ban_errors'][] = 'ban_unknown_restriction_type'; |
1502
|
|
|
|
1503
|
|
|
if (!empty($ban_info['id'])) |
1504
|
|
|
{ |
1505
|
|
|
// Verify the ban group exists. |
1506
|
|
|
$request = $smcFunc['db_query']('', ' |
1507
|
|
|
SELECT id_ban_group |
1508
|
|
|
FROM {db_prefix}ban_groups |
1509
|
|
|
WHERE id_ban_group = {int:ban_group} |
1510
|
|
|
LIMIT 1', |
1511
|
|
|
array( |
1512
|
|
|
'ban_group' => $ban_info['id'] |
1513
|
|
|
) |
1514
|
|
|
); |
1515
|
|
|
|
1516
|
|
|
if ($smcFunc['db_num_rows']($request) == 0) |
1517
|
|
|
$context['ban_errors'][] = 'ban_not_found'; |
1518
|
|
|
$smcFunc['db_free_result']($request); |
1519
|
|
|
} |
1520
|
|
|
|
1521
|
|
|
if (!empty($ban_info['name'])) |
1522
|
|
|
{ |
1523
|
|
|
// Make sure the name does not already exist (Of course, if it exists in the ban group we are editing, proceed.) |
1524
|
|
|
$request = $smcFunc['db_query']('', ' |
1525
|
|
|
SELECT id_ban_group |
1526
|
|
|
FROM {db_prefix}ban_groups |
1527
|
|
|
WHERE name = {string:new_ban_name} |
1528
|
|
|
AND id_ban_group != {int:ban_group} |
1529
|
|
|
LIMIT 1', |
1530
|
|
|
array( |
1531
|
|
|
'ban_group' => empty($ban_info['id']) ? 0 : $ban_info['id'], |
1532
|
|
|
'new_ban_name' => $ban_info['name'], |
1533
|
|
|
) |
1534
|
|
|
); |
1535
|
|
|
if ($smcFunc['db_num_rows']($request) != 0) |
1536
|
|
|
$context['ban_errors'][] = 'ban_name_exists'; |
1537
|
|
|
$smcFunc['db_free_result']($request); |
1538
|
|
|
} |
1539
|
|
|
|
1540
|
|
|
if (!empty($context['ban_errors'])) |
1541
|
|
|
return $ban_info['id']; |
1542
|
|
|
|
1543
|
|
|
$smcFunc['db_query']('', ' |
1544
|
|
|
UPDATE {db_prefix}ban_groups |
1545
|
|
|
SET |
1546
|
|
|
name = {string:ban_name}, |
1547
|
|
|
reason = {string:reason}, |
1548
|
|
|
notes = {string:notes}, |
1549
|
|
|
expire_time = {raw:expiration}, |
1550
|
|
|
cannot_access = {int:cannot_access}, |
1551
|
|
|
cannot_post = {int:cannot_post}, |
1552
|
|
|
cannot_register = {int:cannot_register}, |
1553
|
|
|
cannot_login = {int:cannot_login} |
1554
|
|
|
WHERE id_ban_group = {int:id_ban_group}', |
1555
|
|
|
array( |
1556
|
|
|
'expiration' => $ban_info['db_expiration'], |
1557
|
|
|
'cannot_access' => $ban_info['cannot']['access'], |
1558
|
|
|
'cannot_post' => $ban_info['cannot']['post'], |
1559
|
|
|
'cannot_register' => $ban_info['cannot']['register'], |
1560
|
|
|
'cannot_login' => $ban_info['cannot']['login'], |
1561
|
|
|
'id_ban_group' => $ban_info['id'], |
1562
|
|
|
'ban_name' => $ban_info['name'], |
1563
|
|
|
'reason' => $ban_info['reason'], |
1564
|
|
|
'notes' => $ban_info['notes'], |
1565
|
|
|
) |
1566
|
|
|
); |
1567
|
|
|
|
1568
|
|
|
return $ban_info['id']; |
1569
|
|
|
} |
1570
|
|
|
|
1571
|
|
|
/** |
1572
|
|
|
* Creates a new ban group |
1573
|
|
|
* If the group is successfully created the ID is returned |
1574
|
|
|
* On error the error code is returned or false |
1575
|
|
|
* |
1576
|
|
|
* Errors in $context['ban_errors'] |
1577
|
|
|
* |
1578
|
|
|
* @param array $ban_info An array containing 'name', which is the name of the ban group |
1579
|
|
|
* @return int The ban group's ID |
1580
|
|
|
*/ |
1581
|
|
|
function insertBanGroup($ban_info = array()) |
1582
|
|
|
{ |
1583
|
|
|
global $smcFunc, $context; |
1584
|
|
|
|
1585
|
|
|
if (empty($ban_info['name'])) |
1586
|
|
|
$context['ban_errors'][] = 'ban_name_empty'; |
1587
|
|
|
if (empty($ban_info['cannot']['access']) && empty($ban_info['cannot']['register']) && empty($ban_info['cannot']['post']) && empty($ban_info['cannot']['login'])) |
1588
|
|
|
$context['ban_errors'][] = 'ban_unknown_restriction_type'; |
1589
|
|
|
|
1590
|
|
|
if (!empty($ban_info['name'])) |
1591
|
|
|
{ |
1592
|
|
|
// Check whether a ban with this name already exists. |
1593
|
|
|
$request = $smcFunc['db_query']('', ' |
1594
|
|
|
SELECT id_ban_group |
1595
|
|
|
FROM {db_prefix}ban_groups |
1596
|
|
|
WHERE name = {string:new_ban_name}' . ' |
1597
|
|
|
LIMIT 1', |
1598
|
|
|
array( |
1599
|
|
|
'new_ban_name' => $ban_info['name'], |
1600
|
|
|
) |
1601
|
|
|
); |
1602
|
|
|
|
1603
|
|
|
if ($smcFunc['db_num_rows']($request) == 1) |
1604
|
|
|
$context['ban_errors'][] = 'ban_name_exists'; |
1605
|
|
|
$smcFunc['db_free_result']($request); |
1606
|
|
|
} |
1607
|
|
|
|
1608
|
|
|
if (!empty($context['ban_errors'])) |
1609
|
|
|
return; |
1610
|
|
|
|
1611
|
|
|
// Yes yes, we're ready to add now. |
1612
|
|
|
$ban_info['id'] = $smcFunc['db_insert']('', |
1613
|
|
|
'{db_prefix}ban_groups', |
1614
|
|
|
array( |
1615
|
|
|
'name' => 'string-20', 'ban_time' => 'int', 'expire_time' => 'raw', 'cannot_access' => 'int', 'cannot_register' => 'int', |
1616
|
|
|
'cannot_post' => 'int', 'cannot_login' => 'int', 'reason' => 'string-255', 'notes' => 'string-65534', |
1617
|
|
|
), |
1618
|
|
|
array( |
1619
|
|
|
$ban_info['name'], time(), $ban_info['db_expiration'], $ban_info['cannot']['access'], $ban_info['cannot']['register'], |
1620
|
|
|
$ban_info['cannot']['post'], $ban_info['cannot']['login'], $ban_info['reason'], $ban_info['notes'], |
1621
|
|
|
), |
1622
|
|
|
array('id_ban_group'), |
1623
|
|
|
1 |
1624
|
|
|
); |
1625
|
|
|
|
1626
|
|
|
if (empty($ban_info['id'])) |
1627
|
|
|
$context['ban_errors'][] = 'impossible_insert_new_bangroup'; |
1628
|
|
|
|
1629
|
|
|
return $ban_info['id']; |
1630
|
|
|
} |
1631
|
|
|
|
1632
|
|
|
/** |
1633
|
|
|
* This function handles the ins and outs of the screen for adding new ban |
1634
|
|
|
* triggers or modifying existing ones. |
1635
|
|
|
* Adding new ban triggers: |
1636
|
|
|
* - is accessed by ?action=admin;area=ban;sa=edittrigger;bg=x |
1637
|
|
|
* - uses the ban_edit_trigger sub template of ManageBans. |
1638
|
|
|
* Editing existing ban triggers: |
1639
|
|
|
* - is accessed by ?action=admin;area=ban;sa=edittrigger;bg=x;bi=y |
1640
|
|
|
* - uses the ban_edit_trigger sub template of ManageBans. |
1641
|
|
|
*/ |
1642
|
|
|
function BanEditTrigger() |
1643
|
|
|
{ |
1644
|
|
|
global $context, $smcFunc, $scripturl; |
1645
|
|
|
|
1646
|
|
|
$context['sub_template'] = 'ban_edit_trigger'; |
1647
|
|
|
$context['form_url'] = $scripturl . '?action=admin;area=ban;sa=edittrigger'; |
1648
|
|
|
|
1649
|
|
|
$ban_group = isset($_REQUEST['bg']) ? (int) $_REQUEST['bg'] : 0; |
1650
|
|
|
$ban_id = isset($_REQUEST['bi']) ? (int) $_REQUEST['bi'] : 0; |
1651
|
|
|
|
1652
|
|
|
if (empty($ban_group)) |
1653
|
|
|
fatal_lang_error('ban_not_found', false); |
1654
|
|
|
|
1655
|
|
|
if (isset($_POST['add_new_trigger']) && !empty($_POST['ban_suggestions'])) |
1656
|
|
|
{ |
1657
|
|
|
saveTriggers($_POST['ban_suggestions'], $ban_group, 0, $ban_id); |
1658
|
|
|
redirectexit('action=admin;area=ban;sa=edit' . (!empty($ban_group) ? ';bg=' . $ban_group : '')); |
1659
|
|
|
} |
1660
|
|
|
elseif (isset($_POST['edit_trigger']) && !empty($_POST['ban_suggestions'])) |
1661
|
|
|
{ |
1662
|
|
|
saveTriggers($_POST['ban_suggestions'], $ban_group, 0, $ban_id); |
1663
|
|
|
|
1664
|
|
|
redirectexit('action=admin;area=ban;sa=edit' . (!empty($ban_group) ? ';bg=' . $ban_group : '')); |
1665
|
|
|
} |
1666
|
|
|
elseif (isset($_POST['edit_trigger'])) |
1667
|
|
|
{ |
1668
|
|
|
removeBanTriggers($ban_id); |
1669
|
|
|
redirectexit('action=admin;area=ban;sa=edit' . (!empty($ban_group) ? ';bg=' . $ban_group : '')); |
1670
|
|
|
} |
1671
|
|
|
|
1672
|
|
|
loadJavaScriptFile('suggest.js', array('minimize' => true), 'smf_suggest'); |
1673
|
|
|
|
1674
|
|
|
if (empty($ban_id)) |
1675
|
|
|
{ |
1676
|
|
|
$context['ban_trigger'] = array( |
1677
|
|
|
'id' => 0, |
1678
|
|
|
'group' => $ban_group, |
1679
|
|
|
'ip' => array( |
1680
|
|
|
'value' => '', |
1681
|
|
|
'selected' => true, |
1682
|
|
|
), |
1683
|
|
|
'hostname' => array( |
1684
|
|
|
'selected' => false, |
1685
|
|
|
'value' => '', |
1686
|
|
|
), |
1687
|
|
|
'email' => array( |
1688
|
|
|
'value' => '', |
1689
|
|
|
'selected' => false, |
1690
|
|
|
), |
1691
|
|
|
'banneduser' => array( |
1692
|
|
|
'value' => '', |
1693
|
|
|
'selected' => false, |
1694
|
|
|
), |
1695
|
|
|
'is_new' => true, |
1696
|
|
|
); |
1697
|
|
|
} |
1698
|
|
|
else |
1699
|
|
|
{ |
1700
|
|
|
$request = $smcFunc['db_query']('', ' |
1701
|
|
|
SELECT |
1702
|
|
|
bi.id_ban, bi.id_ban_group, bi.hostname, bi.email_address, bi.id_member, |
1703
|
|
|
bi.ip_low, bi.ip_high, |
1704
|
|
|
mem.member_name, mem.real_name |
1705
|
|
|
FROM {db_prefix}ban_items AS bi |
1706
|
|
|
LEFT JOIN {db_prefix}members AS mem ON (mem.id_member = bi.id_member) |
1707
|
|
|
WHERE bi.id_ban = {int:ban_item} |
1708
|
|
|
AND bi.id_ban_group = {int:ban_group} |
1709
|
|
|
LIMIT 1', |
1710
|
|
|
array( |
1711
|
|
|
'ban_item' => $ban_id, |
1712
|
|
|
'ban_group' => $ban_group, |
1713
|
|
|
) |
1714
|
|
|
); |
1715
|
|
|
if ($smcFunc['db_num_rows']($request) == 0) |
1716
|
|
|
fatal_lang_error('ban_not_found', false); |
1717
|
|
|
$row = $smcFunc['db_fetch_assoc']($request); |
1718
|
|
|
$smcFunc['db_free_result']($request); |
1719
|
|
|
|
1720
|
|
|
$context['ban_trigger'] = array( |
1721
|
|
|
'id' => $row['id_ban'], |
1722
|
|
|
'group' => $row['id_ban_group'], |
1723
|
|
|
'ip' => array( |
1724
|
|
|
'value' => empty($row['ip_low']) ? '' : range2ip($row['ip_low'], $row['ip_high']), |
1725
|
|
|
'selected' => !empty($row['ip_low']), |
1726
|
|
|
), |
1727
|
|
|
'hostname' => array( |
1728
|
|
|
'value' => str_replace('%', '*', $row['hostname']), |
1729
|
|
|
'selected' => !empty($row['hostname']), |
1730
|
|
|
), |
1731
|
|
|
'email' => array( |
1732
|
|
|
'value' => str_replace('%', '*', $row['email_address']), |
1733
|
|
|
'selected' => !empty($row['email_address']) |
1734
|
|
|
), |
1735
|
|
|
'banneduser' => array( |
1736
|
|
|
'value' => $row['member_name'], |
1737
|
|
|
'selected' => !empty($row['member_name']) |
1738
|
|
|
), |
1739
|
|
|
'is_new' => false, |
1740
|
|
|
); |
1741
|
|
|
} |
1742
|
|
|
|
1743
|
|
|
createToken('admin-bet'); |
1744
|
|
|
} |
1745
|
|
|
|
1746
|
|
|
/** |
1747
|
|
|
* This handles the screen for showing the banned entities |
1748
|
|
|
* It is accessed by ?action=admin;area=ban;sa=browse |
1749
|
|
|
* It uses sub-tabs for browsing by IP, hostname, email or username. |
1750
|
|
|
* |
1751
|
|
|
* Uses a standard list (@see createList()) |
1752
|
|
|
*/ |
1753
|
|
|
function BanBrowseTriggers() |
1754
|
|
|
{ |
1755
|
|
|
global $modSettings, $context, $scripturl, $smcFunc, $txt; |
1756
|
|
|
global $sourcedir, $settings; |
1757
|
|
|
|
1758
|
|
|
if (!empty($_POST['remove_triggers']) && !empty($_POST['remove']) && is_array($_POST['remove'])) |
1759
|
|
|
{ |
1760
|
|
|
checkSession(); |
1761
|
|
|
|
1762
|
|
|
removeBanTriggers($_POST['remove']); |
1763
|
|
|
|
1764
|
|
|
// Rehabilitate some members. |
1765
|
|
|
if ($_REQUEST['entity'] == 'member') |
1766
|
|
|
updateBanMembers(); |
1767
|
|
|
|
1768
|
|
|
// Make sure the ban cache is refreshed. |
1769
|
|
|
updateSettings(array('banLastUpdated' => time())); |
1770
|
|
|
} |
1771
|
|
|
|
1772
|
|
|
$context['selected_entity'] = isset($_REQUEST['entity']) && in_array($_REQUEST['entity'], array('ip', 'hostname', 'email', 'member')) ? $_REQUEST['entity'] : 'ip'; |
1773
|
|
|
|
1774
|
|
|
$listOptions = array( |
1775
|
|
|
'id' => 'ban_trigger_list', |
1776
|
|
|
'title' => $txt['ban_trigger_browse'], |
1777
|
|
|
'items_per_page' => $modSettings['defaultMaxListItems'], |
1778
|
|
|
'base_href' => $scripturl . '?action=admin;area=ban;sa=browse;entity=' . $context['selected_entity'], |
1779
|
|
|
'default_sort_col' => 'banned_entity', |
1780
|
|
|
'no_items_label' => $txt['ban_no_triggers'], |
1781
|
|
|
'get_items' => array( |
1782
|
|
|
'function' => 'list_getBanTriggers', |
1783
|
|
|
'params' => array( |
1784
|
|
|
$context['selected_entity'], |
1785
|
|
|
), |
1786
|
|
|
), |
1787
|
|
|
'get_count' => array( |
1788
|
|
|
'function' => 'list_getNumBanTriggers', |
1789
|
|
|
'params' => array( |
1790
|
|
|
$context['selected_entity'], |
1791
|
|
|
), |
1792
|
|
|
), |
1793
|
|
|
'columns' => array( |
1794
|
|
|
'banned_entity' => array( |
1795
|
|
|
'header' => array( |
1796
|
|
|
'value' => $txt['ban_banned_entity'], |
1797
|
|
|
), |
1798
|
|
|
), |
1799
|
|
|
'ban_name' => array( |
1800
|
|
|
'header' => array( |
1801
|
|
|
'value' => $txt['ban_name'], |
1802
|
|
|
), |
1803
|
|
|
'data' => array( |
1804
|
|
|
'sprintf' => array( |
1805
|
|
|
'format' => '<a href="' . $scripturl . '?action=admin;area=ban;sa=edit;bg=%1$d">%2$s</a>', |
1806
|
|
|
'params' => array( |
1807
|
|
|
'id_ban_group' => false, |
1808
|
|
|
'name' => false, |
1809
|
|
|
), |
1810
|
|
|
), |
1811
|
|
|
), |
1812
|
|
|
'sort' => array( |
1813
|
|
|
'default' => 'bg.name', |
1814
|
|
|
'reverse' => 'bg.name DESC', |
1815
|
|
|
), |
1816
|
|
|
), |
1817
|
|
|
'hits' => array( |
1818
|
|
|
'header' => array( |
1819
|
|
|
'value' => $txt['ban_hits'], |
1820
|
|
|
), |
1821
|
|
|
'data' => array( |
1822
|
|
|
'db' => 'hits', |
1823
|
|
|
), |
1824
|
|
|
'sort' => array( |
1825
|
|
|
'default' => 'bi.hits DESC', |
1826
|
|
|
'reverse' => 'bi.hits', |
1827
|
|
|
), |
1828
|
|
|
), |
1829
|
|
|
'check' => array( |
1830
|
|
|
'header' => array( |
1831
|
|
|
'value' => '<input type="checkbox" onclick="invertAll(this, this.form);">', |
1832
|
|
|
'class' => 'centercol', |
1833
|
|
|
), |
1834
|
|
|
'data' => array( |
1835
|
|
|
'sprintf' => array( |
1836
|
|
|
'format' => '<input type="checkbox" name="remove[]" value="%1$d">', |
1837
|
|
|
'params' => array( |
1838
|
|
|
'id_ban' => false, |
1839
|
|
|
), |
1840
|
|
|
), |
1841
|
|
|
'class' => 'centercol', |
1842
|
|
|
), |
1843
|
|
|
), |
1844
|
|
|
), |
1845
|
|
|
'form' => array( |
1846
|
|
|
'href' => $scripturl . '?action=admin;area=ban;sa=browse;entity=' . $context['selected_entity'], |
1847
|
|
|
'include_start' => true, |
1848
|
|
|
'include_sort' => true, |
1849
|
|
|
), |
1850
|
|
|
'additional_rows' => array( |
1851
|
|
|
array( |
1852
|
|
|
'position' => 'above_column_headers', |
1853
|
|
|
'value' => '<a href="' . $scripturl . '?action=admin;area=ban;sa=browse;entity=ip">' . ($context['selected_entity'] == 'ip' ? '<img src="' . $settings['images_url'] . '/selected.png" alt=">"> ' : '') . $txt['ip'] . '</a> | <a href="' . $scripturl . '?action=admin;area=ban;sa=browse;entity=hostname">' . ($context['selected_entity'] == 'hostname' ? '<img src="' . $settings['images_url'] . '/selected.png" alt=">"> ' : '') . $txt['hostname'] . '</a> | <a href="' . $scripturl . '?action=admin;area=ban;sa=browse;entity=email">' . ($context['selected_entity'] == 'email' ? '<img src="' . $settings['images_url'] . '/selected.png" alt=">"> ' : '') . $txt['email'] . '</a> | <a href="' . $scripturl . '?action=admin;area=ban;sa=browse;entity=member">' . ($context['selected_entity'] == 'member' ? '<img src="' . $settings['images_url'] . '/selected.png" alt=">"> ' : '') . $txt['username'] . '</a>', |
1854
|
|
|
), |
1855
|
|
|
array( |
1856
|
|
|
'position' => 'bottom_of_list', |
1857
|
|
|
'value' => '<input type="submit" name="remove_triggers" value="' . $txt['ban_remove_selected_triggers'] . '" data-confirm="' . $txt['ban_remove_selected_triggers_confirm'] . '" class="button you_sure">', |
1858
|
|
|
), |
1859
|
|
|
), |
1860
|
|
|
); |
1861
|
|
|
|
1862
|
|
|
// Specific data for the first column depending on the selected entity. |
1863
|
|
|
if ($context['selected_entity'] === 'ip') |
1864
|
|
|
{ |
1865
|
|
|
$listOptions['columns']['banned_entity']['data'] = array( |
1866
|
|
|
'function' => function($rowData) |
1867
|
|
|
{ |
1868
|
|
|
return range2ip( |
1869
|
|
|
$rowData['ip_low'] |
1870
|
|
|
, |
1871
|
|
|
$rowData['ip_high'] |
1872
|
|
|
); |
1873
|
|
|
}, |
1874
|
|
|
); |
1875
|
|
|
$listOptions['columns']['banned_entity']['sort'] = array( |
1876
|
|
|
'default' => 'bi.ip_low, bi.ip_high, bi.ip_low', |
1877
|
|
|
'reverse' => 'bi.ip_low DESC, bi.ip_high DESC', |
1878
|
|
|
); |
1879
|
|
|
} |
1880
|
|
|
elseif ($context['selected_entity'] === 'hostname') |
1881
|
|
|
{ |
1882
|
|
|
$listOptions['columns']['banned_entity']['data'] = array( |
1883
|
|
|
'function' => function($rowData) use ($smcFunc) |
1884
|
|
|
{ |
1885
|
|
|
return strtr($smcFunc['htmlspecialchars']($rowData['hostname']), array('%' => '*')); |
1886
|
|
|
}, |
1887
|
|
|
); |
1888
|
|
|
$listOptions['columns']['banned_entity']['sort'] = array( |
1889
|
|
|
'default' => 'bi.hostname', |
1890
|
|
|
'reverse' => 'bi.hostname DESC', |
1891
|
|
|
); |
1892
|
|
|
} |
1893
|
|
|
elseif ($context['selected_entity'] === 'email') |
1894
|
|
|
{ |
1895
|
|
|
$listOptions['columns']['banned_entity']['data'] = array( |
1896
|
|
|
'function' => function($rowData) use ($smcFunc) |
1897
|
|
|
{ |
1898
|
|
|
return strtr($smcFunc['htmlspecialchars']($rowData['email_address']), array('%' => '*')); |
1899
|
|
|
}, |
1900
|
|
|
); |
1901
|
|
|
$listOptions['columns']['banned_entity']['sort'] = array( |
1902
|
|
|
'default' => 'bi.email_address', |
1903
|
|
|
'reverse' => 'bi.email_address DESC', |
1904
|
|
|
); |
1905
|
|
|
} |
1906
|
|
|
elseif ($context['selected_entity'] === 'member') |
1907
|
|
|
{ |
1908
|
|
|
$listOptions['columns']['banned_entity']['data'] = array( |
1909
|
|
|
'sprintf' => array( |
1910
|
|
|
'format' => '<a href="' . $scripturl . '?action=profile;u=%1$d">%2$s</a>', |
1911
|
|
|
'params' => array( |
1912
|
|
|
'id_member' => false, |
1913
|
|
|
'real_name' => false, |
1914
|
|
|
), |
1915
|
|
|
), |
1916
|
|
|
); |
1917
|
|
|
$listOptions['columns']['banned_entity']['sort'] = array( |
1918
|
|
|
'default' => 'mem.real_name', |
1919
|
|
|
'reverse' => 'mem.real_name DESC', |
1920
|
|
|
); |
1921
|
|
|
} |
1922
|
|
|
|
1923
|
|
|
// Create the list. |
1924
|
|
|
require_once($sourcedir . '/Subs-List.php'); |
1925
|
|
|
createList($listOptions); |
1926
|
|
|
|
1927
|
|
|
// The list is the only thing to show, so make it the default sub template. |
1928
|
|
|
$context['sub_template'] = 'show_list'; |
1929
|
|
|
$context['default_list'] = 'ban_trigger_list'; |
1930
|
|
|
} |
1931
|
|
|
|
1932
|
|
|
/** |
1933
|
|
|
* Get ban triggers for the given parameters. Callback from $listOptions['get_items'] in BanBrowseTriggers() |
1934
|
|
|
* |
1935
|
|
|
* @param int $start The item to start with (for pagination purposes) |
1936
|
|
|
* @param int $items_per_page How many items to show on each page |
1937
|
|
|
* @param string $sort A string telling ORDER BY how to sort the results |
1938
|
|
|
* @param string $trigger_type The trigger type - can be 'ip', 'hostname' or 'email' |
1939
|
|
|
* @return array An array of ban trigger info for the list |
1940
|
|
|
*/ |
1941
|
|
|
function list_getBanTriggers($start, $items_per_page, $sort, $trigger_type) |
1942
|
|
|
{ |
1943
|
|
|
global $smcFunc; |
1944
|
|
|
|
1945
|
|
|
$where = array( |
1946
|
|
|
'ip' => 'bi.ip_low is not null', |
1947
|
|
|
'hostname' => 'bi.hostname != {string:blank_string}', |
1948
|
|
|
'email' => 'bi.email_address != {string:blank_string}', |
1949
|
|
|
); |
1950
|
|
|
|
1951
|
|
|
$request = $smcFunc['db_query']('', ' |
1952
|
|
|
SELECT |
1953
|
|
|
bi.id_ban, bi.ip_low, bi.ip_high, bi.hostname, bi.email_address, bi.hits, |
1954
|
|
|
bg.id_ban_group, bg.name' . ($trigger_type === 'member' ? ', |
1955
|
|
|
mem.id_member, mem.real_name' : '') . ' |
1956
|
|
|
FROM {db_prefix}ban_items AS bi |
1957
|
|
|
INNER JOIN {db_prefix}ban_groups AS bg ON (bg.id_ban_group = bi.id_ban_group)' . ($trigger_type === 'member' ? ' |
1958
|
|
|
INNER JOIN {db_prefix}members AS mem ON (mem.id_member = bi.id_member)' : ' |
1959
|
|
|
WHERE ' . $where[$trigger_type]) . ' |
1960
|
|
|
ORDER BY {raw:sort} |
1961
|
|
|
LIMIT {int:start}, {int:max}', |
1962
|
|
|
array( |
1963
|
|
|
'blank_string' => '', |
1964
|
|
|
'sort' => $sort, |
1965
|
|
|
'start' => $start, |
1966
|
|
|
'max' => $items_per_page, |
1967
|
|
|
) |
1968
|
|
|
); |
1969
|
|
|
$ban_triggers = array(); |
1970
|
|
|
while ($row = $smcFunc['db_fetch_assoc']($request)) |
1971
|
|
|
$ban_triggers[] = $row; |
1972
|
|
|
$smcFunc['db_free_result']($request); |
1973
|
|
|
|
1974
|
|
|
return $ban_triggers; |
1975
|
|
|
} |
1976
|
|
|
|
1977
|
|
|
/** |
1978
|
|
|
* This returns the total number of ban triggers of the given type. Callback for $listOptions['get_count'] in BanBrowseTriggers(). |
1979
|
|
|
* |
1980
|
|
|
* @param string $trigger_type The trigger type. Can be 'ip', 'hostname' or 'email' |
1981
|
|
|
* @return int The number of triggers of the specified type |
1982
|
|
|
*/ |
1983
|
|
|
function list_getNumBanTriggers($trigger_type) |
1984
|
|
|
{ |
1985
|
|
|
global $smcFunc; |
1986
|
|
|
|
1987
|
|
|
$where = array( |
1988
|
|
|
'ip' => 'bi.ip_low is not null', |
1989
|
|
|
'hostname' => 'bi.hostname != {string:blank_string}', |
1990
|
|
|
'email' => 'bi.email_address != {string:blank_string}', |
1991
|
|
|
); |
1992
|
|
|
|
1993
|
|
|
$request = $smcFunc['db_query']('', ' |
1994
|
|
|
SELECT COUNT(*) |
1995
|
|
|
FROM {db_prefix}ban_items AS bi' . ($trigger_type === 'member' ? ' |
1996
|
|
|
INNER JOIN {db_prefix}members AS mem ON (mem.id_member = bi.id_member)' : ' |
1997
|
|
|
WHERE ' . $where[$trigger_type]), |
1998
|
|
|
array( |
1999
|
|
|
'blank_string' => '', |
2000
|
|
|
) |
2001
|
|
|
); |
2002
|
|
|
list ($num_triggers) = $smcFunc['db_fetch_row']($request); |
2003
|
|
|
$smcFunc['db_free_result']($request); |
2004
|
|
|
|
2005
|
|
|
return $num_triggers; |
2006
|
|
|
} |
2007
|
|
|
|
2008
|
|
|
/** |
2009
|
|
|
* This handles the listing of ban log entries, and allows their deletion. |
2010
|
|
|
* Shows a list of logged access attempts by banned users. |
2011
|
|
|
* It is accessed by ?action=admin;area=ban;sa=log. |
2012
|
|
|
* How it works: |
2013
|
|
|
* - allows sorting of several columns. |
2014
|
|
|
* - also handles deletion of (a selection of) log entries. |
2015
|
|
|
*/ |
2016
|
|
|
function BanLog() |
2017
|
|
|
{ |
2018
|
|
|
global $scripturl, $context, $sourcedir, $txt, $modSettings; |
2019
|
|
|
|
2020
|
|
|
// Delete one or more entries. |
2021
|
|
|
if (!empty($_POST['removeAll']) || (!empty($_POST['removeSelected']) && !empty($_POST['remove']))) |
2022
|
|
|
{ |
2023
|
|
|
checkSession(); |
2024
|
|
|
validateToken('admin-bl'); |
2025
|
|
|
|
2026
|
|
|
// 'Delete all entries' button was pressed. |
2027
|
|
|
if (!empty($_POST['removeAll'])) |
2028
|
|
|
removeBanLogs(); |
2029
|
|
|
// 'Delete selection' button was pressed. |
2030
|
|
|
else |
2031
|
|
|
{ |
2032
|
|
|
array_map('intval', $_POST['remove']); |
2033
|
|
|
removeBanLogs($_POST['remove']); |
2034
|
|
|
} |
2035
|
|
|
} |
2036
|
|
|
|
2037
|
|
|
$listOptions = array( |
2038
|
|
|
'id' => 'ban_log', |
2039
|
|
|
'title' => $txt['ban_log'], |
2040
|
|
|
'items_per_page' => $modSettings['defaultMaxListItems'], |
2041
|
|
|
'base_href' => $context['admin_area'] == 'ban' ? $scripturl . '?action=admin;area=ban;sa=log' : $scripturl . '?action=admin;area=logs;sa=banlog', |
2042
|
|
|
'default_sort_col' => 'date', |
2043
|
|
|
'get_items' => array( |
2044
|
|
|
'function' => 'list_getBanLogEntries', |
2045
|
|
|
), |
2046
|
|
|
'get_count' => array( |
2047
|
|
|
'function' => 'list_getNumBanLogEntries', |
2048
|
|
|
), |
2049
|
|
|
'no_items_label' => $txt['ban_log_no_entries'], |
2050
|
|
|
'columns' => array( |
2051
|
|
|
'ip' => array( |
2052
|
|
|
'header' => array( |
2053
|
|
|
'value' => $txt['ban_log_ip'], |
2054
|
|
|
), |
2055
|
|
|
'data' => array( |
2056
|
|
|
'sprintf' => array( |
2057
|
|
|
'format' => '<a href="' . $scripturl . '?action=trackip;searchip=%1$s">%1$s</a>', |
2058
|
|
|
'params' => array( |
2059
|
|
|
'ip' => false, |
2060
|
|
|
), |
2061
|
|
|
), |
2062
|
|
|
), |
2063
|
|
|
'sort' => array( |
2064
|
|
|
'default' => 'lb.ip', |
2065
|
|
|
'reverse' => 'lb.ip DESC', |
2066
|
|
|
), |
2067
|
|
|
), |
2068
|
|
|
'email' => array( |
2069
|
|
|
'header' => array( |
2070
|
|
|
'value' => $txt['ban_log_email'], |
2071
|
|
|
), |
2072
|
|
|
'data' => array( |
2073
|
|
|
'db_htmlsafe' => 'email', |
2074
|
|
|
), |
2075
|
|
|
'sort' => array( |
2076
|
|
|
'default' => 'lb.email = \'\', lb.email', |
2077
|
|
|
'reverse' => 'lb.email != \'\', lb.email DESC', |
2078
|
|
|
), |
2079
|
|
|
), |
2080
|
|
|
'member' => array( |
2081
|
|
|
'header' => array( |
2082
|
|
|
'value' => $txt['ban_log_member'], |
2083
|
|
|
), |
2084
|
|
|
'data' => array( |
2085
|
|
|
'sprintf' => array( |
2086
|
|
|
'format' => '<a href="' . $scripturl . '?action=profile;u=%1$d">%2$s</a>', |
2087
|
|
|
'params' => array( |
2088
|
|
|
'id_member' => false, |
2089
|
|
|
'real_name' => false, |
2090
|
|
|
), |
2091
|
|
|
), |
2092
|
|
|
), |
2093
|
|
|
'sort' => array( |
2094
|
|
|
'default' => 'COALESCE(mem.real_name, 1=1), mem.real_name', |
2095
|
|
|
'reverse' => 'COALESCE(mem.real_name, 1=1) DESC, mem.real_name DESC', |
2096
|
|
|
), |
2097
|
|
|
), |
2098
|
|
|
'date' => array( |
2099
|
|
|
'header' => array( |
2100
|
|
|
'value' => $txt['ban_log_date'], |
2101
|
|
|
), |
2102
|
|
|
'data' => array( |
2103
|
|
|
'function' => function($rowData) |
2104
|
|
|
{ |
2105
|
|
|
return timeformat($rowData['log_time']); |
2106
|
|
|
}, |
2107
|
|
|
), |
2108
|
|
|
'sort' => array( |
2109
|
|
|
'default' => 'lb.log_time DESC', |
2110
|
|
|
'reverse' => 'lb.log_time', |
2111
|
|
|
), |
2112
|
|
|
), |
2113
|
|
|
'check' => array( |
2114
|
|
|
'header' => array( |
2115
|
|
|
'value' => '<input type="checkbox" onclick="invertAll(this, this.form);">', |
2116
|
|
|
'class' => 'centercol', |
2117
|
|
|
), |
2118
|
|
|
'data' => array( |
2119
|
|
|
'sprintf' => array( |
2120
|
|
|
'format' => '<input type="checkbox" name="remove[]" value="%1$d">', |
2121
|
|
|
'params' => array( |
2122
|
|
|
'id_ban_log' => false, |
2123
|
|
|
), |
2124
|
|
|
), |
2125
|
|
|
'class' => 'centercol', |
2126
|
|
|
), |
2127
|
|
|
), |
2128
|
|
|
), |
2129
|
|
|
'form' => array( |
2130
|
|
|
'href' => $context['admin_area'] == 'ban' ? $scripturl . '?action=admin;area=ban;sa=log' : $scripturl . '?action=admin;area=logs;sa=banlog', |
2131
|
|
|
'include_start' => true, |
2132
|
|
|
'include_sort' => true, |
2133
|
|
|
'token' => 'admin-bl', |
2134
|
|
|
), |
2135
|
|
|
'additional_rows' => array( |
2136
|
|
|
array( |
2137
|
|
|
'position' => 'after_title', |
2138
|
|
|
'value' => ' |
2139
|
|
|
<input type="submit" name="removeSelected" value="' . $txt['ban_log_remove_selected'] . '" data-confirm="' . $txt['ban_log_remove_selected_confirm'] . '" class="button you_sure"> |
2140
|
|
|
<input type="submit" name="removeAll" value="' . $txt['ban_log_remove_all'] . '" data-confirm="' . $txt['ban_log_remove_all_confirm'] . '" class="button you_sure">', |
2141
|
|
|
), |
2142
|
|
|
array( |
2143
|
|
|
'position' => 'bottom_of_list', |
2144
|
|
|
'value' => ' |
2145
|
|
|
<input type="submit" name="removeSelected" value="' . $txt['ban_log_remove_selected'] . '" data-confirm="' . $txt['ban_log_remove_selected_confirm'] . '" class="button you_sure"> |
2146
|
|
|
<input type="submit" name="removeAll" value="' . $txt['ban_log_remove_all'] . '" data-confirm="' . $txt['ban_log_remove_all_confirm'] . '" class="button you_sure">', |
2147
|
|
|
), |
2148
|
|
|
), |
2149
|
|
|
); |
2150
|
|
|
|
2151
|
|
|
createToken('admin-bl'); |
2152
|
|
|
|
2153
|
|
|
require_once($sourcedir . '/Subs-List.php'); |
2154
|
|
|
createList($listOptions); |
2155
|
|
|
|
2156
|
|
|
$context['page_title'] = $txt['ban_log']; |
2157
|
|
|
$context['sub_template'] = 'show_list'; |
2158
|
|
|
$context['default_list'] = 'ban_log'; |
2159
|
|
|
} |
2160
|
|
|
|
2161
|
|
|
/** |
2162
|
|
|
* Load a list of ban log entries from the database. |
2163
|
|
|
* (no permissions check). Callback for $listOptions['get_items'] in BanLog() |
2164
|
|
|
* |
2165
|
|
|
* @param int $start The item to start with (for pagination purposes) |
2166
|
|
|
* @param int $items_per_page How many items to show on each page |
2167
|
|
|
* @param string $sort A string telling ORDER BY how to sort the results |
2168
|
|
|
* @return array An array of info about the ban log entries for the list. |
2169
|
|
|
*/ |
2170
|
|
|
function list_getBanLogEntries($start, $items_per_page, $sort) |
2171
|
|
|
{ |
2172
|
|
|
global $smcFunc; |
2173
|
|
|
|
2174
|
|
|
$dash = '-'; |
2175
|
|
|
|
2176
|
|
|
$request = $smcFunc['db_query']('', ' |
2177
|
|
|
SELECT lb.id_ban_log, lb.id_member, lb.ip AS ip, COALESCE(lb.email, {string:dash}) AS email, lb.log_time, COALESCE(mem.real_name, {string:blank_string}) AS real_name |
2178
|
|
|
FROM {db_prefix}log_banned AS lb |
2179
|
|
|
LEFT JOIN {db_prefix}members AS mem ON (mem.id_member = lb.id_member) |
2180
|
|
|
ORDER BY {raw:sort} |
2181
|
|
|
LIMIT {int:start}, {int:items}', |
2182
|
|
|
array( |
2183
|
|
|
'blank_string' => '', |
2184
|
|
|
'dash' => $dash, |
2185
|
|
|
'sort' => $sort, |
2186
|
|
|
'start' => $start, |
2187
|
|
|
'items' => $items_per_page, |
2188
|
|
|
) |
2189
|
|
|
); |
2190
|
|
|
$log_entries = array(); |
2191
|
|
|
while ($row = $smcFunc['db_fetch_assoc']($request)) |
2192
|
|
|
{ |
2193
|
|
|
$row['ip'] = $row['ip'] === null ? $dash : inet_dtop($row['ip']); |
2194
|
|
|
$log_entries[] = $row; |
2195
|
|
|
} |
2196
|
|
|
$smcFunc['db_free_result']($request); |
2197
|
|
|
|
2198
|
|
|
return $log_entries; |
2199
|
|
|
} |
2200
|
|
|
|
2201
|
|
|
/** |
2202
|
|
|
* This returns the total count of ban log entries. Callback for $listOptions['get_count'] in BanLog(). |
2203
|
|
|
* |
2204
|
|
|
* @return int The total number of ban log entries. |
2205
|
|
|
*/ |
2206
|
|
|
function list_getNumBanLogEntries() |
2207
|
|
|
{ |
2208
|
|
|
global $smcFunc; |
2209
|
|
|
|
2210
|
|
|
$request = $smcFunc['db_query']('', ' |
2211
|
|
|
SELECT COUNT(*) |
2212
|
|
|
FROM {db_prefix}log_banned AS lb', |
2213
|
|
|
array( |
2214
|
|
|
) |
2215
|
|
|
); |
2216
|
|
|
list ($num_entries) = $smcFunc['db_fetch_row']($request); |
2217
|
|
|
$smcFunc['db_free_result']($request); |
2218
|
|
|
|
2219
|
|
|
return $num_entries; |
2220
|
|
|
} |
2221
|
|
|
|
2222
|
|
|
/** |
2223
|
|
|
* Convert a range of given IP number into a single string. |
2224
|
|
|
* It's practically the reverse function of ip2range(). |
2225
|
|
|
* |
2226
|
|
|
* @example |
2227
|
|
|
* range2ip(array(10, 10, 10, 0), array(10, 10, 20, 255)) returns '10.10.10-20.* |
2228
|
|
|
* |
2229
|
|
|
* @param array $low The low end of the range in IPv4 format |
2230
|
|
|
* @param array $high The high end of the range in IPv4 format |
2231
|
|
|
* @return string A string indicating the range |
2232
|
|
|
*/ |
2233
|
|
|
function range2ip($low, $high) |
2234
|
|
|
{ |
2235
|
|
|
$low = inet_dtop($low); |
|
|
|
|
2236
|
|
|
$high = inet_dtop($high); |
2237
|
|
|
|
2238
|
|
|
if ($low == '255.255.255.255') return 'unknown'; |
2239
|
|
|
if ($low == $high) |
2240
|
|
|
return $low; |
2241
|
|
|
else |
2242
|
|
|
return $low . '-' . $high; |
2243
|
|
|
} |
2244
|
|
|
|
2245
|
|
|
/** |
2246
|
|
|
* Checks whether a given IP range already exists in the trigger list. |
2247
|
|
|
* If yes, it returns an error message. Otherwise, it returns an array |
2248
|
|
|
* optimized for the database. |
2249
|
|
|
* |
2250
|
|
|
* @param array $ip_array An array of IP trigger data |
2251
|
|
|
* @param string $fullip The full IP |
2252
|
|
|
* @return boolean|array False if the trigger array is invalid or the passed array if the value doesn't exist in the database |
2253
|
|
|
*/ |
2254
|
|
|
function checkExistingTriggerIP($ip_array, $fullip = '') |
2255
|
|
|
{ |
2256
|
|
|
global $smcFunc, $scripturl; |
2257
|
|
|
|
2258
|
|
|
$values = array( |
2259
|
|
|
'ip_low' => $ip_array['low'], |
2260
|
|
|
'ip_high' => $ip_array['high'] |
2261
|
|
|
); |
2262
|
|
|
|
2263
|
|
|
$request = $smcFunc['db_query']('', ' |
2264
|
|
|
SELECT bg.id_ban_group, bg.name |
2265
|
|
|
FROM {db_prefix}ban_groups AS bg |
2266
|
|
|
INNER JOIN {db_prefix}ban_items AS bi ON |
2267
|
|
|
(bi.id_ban_group = bg.id_ban_group) |
2268
|
|
|
AND ip_low = {inet:ip_low} AND ip_high = {inet:ip_high} |
2269
|
|
|
LIMIT 1', |
2270
|
|
|
$values |
2271
|
|
|
); |
2272
|
|
|
if ($smcFunc['db_num_rows']($request) != 0) |
2273
|
|
|
{ |
2274
|
|
|
list ($error_id_ban, $error_ban_name) = $smcFunc['db_fetch_row']($request); |
2275
|
|
|
fatal_lang_error('ban_trigger_already_exists', false, array( |
2276
|
|
|
$fullip, |
2277
|
|
|
'<a href="' . $scripturl . '?action=admin;area=ban;sa=edit;bg=' . $error_id_ban . '">' . $error_ban_name . '</a>', |
2278
|
|
|
)); |
2279
|
|
|
} |
2280
|
|
|
$smcFunc['db_free_result']($request); |
2281
|
|
|
|
2282
|
|
|
return $values; |
2283
|
|
|
} |
2284
|
|
|
|
2285
|
|
|
/** |
2286
|
|
|
* As it says... this tries to review the list of banned members, to match new bans. |
2287
|
|
|
* Note: is_activated >= 10: a member is banned. |
2288
|
|
|
*/ |
2289
|
|
|
function updateBanMembers() |
2290
|
|
|
{ |
2291
|
|
|
global $smcFunc; |
2292
|
|
|
|
2293
|
|
|
$updates = array(); |
2294
|
|
|
$allMembers = array(); |
2295
|
|
|
$newMembers = array(); |
2296
|
|
|
|
2297
|
|
|
// Start by getting all active bans - it's quicker doing this in parts... |
2298
|
|
|
$request = $smcFunc['db_query']('', ' |
2299
|
|
|
SELECT bi.id_member, bi.email_address |
2300
|
|
|
FROM {db_prefix}ban_items AS bi |
2301
|
|
|
INNER JOIN {db_prefix}ban_groups AS bg ON (bg.id_ban_group = bi.id_ban_group) |
2302
|
|
|
WHERE (bi.id_member > {int:no_member} OR bi.email_address != {string:blank_string}) |
2303
|
|
|
AND bg.cannot_access = {int:cannot_access_on} |
2304
|
|
|
AND (bg.expire_time IS NULL OR bg.expire_time > {int:current_time})', |
2305
|
|
|
array( |
2306
|
|
|
'no_member' => 0, |
2307
|
|
|
'cannot_access_on' => 1, |
2308
|
|
|
'current_time' => time(), |
2309
|
|
|
'blank_string' => '', |
2310
|
|
|
) |
2311
|
|
|
); |
2312
|
|
|
$memberIDs = array(); |
2313
|
|
|
$memberEmails = array(); |
2314
|
|
|
$memberEmailWild = array(); |
2315
|
|
|
while ($row = $smcFunc['db_fetch_assoc']($request)) |
2316
|
|
|
{ |
2317
|
|
|
if ($row['id_member']) |
2318
|
|
|
$memberIDs[$row['id_member']] = $row['id_member']; |
2319
|
|
|
if ($row['email_address']) |
2320
|
|
|
{ |
2321
|
|
|
// Does it have a wildcard - if so we can't do a IN on it. |
2322
|
|
|
if (strpos($row['email_address'], '%') !== false) |
2323
|
|
|
$memberEmailWild[$row['email_address']] = $row['email_address']; |
2324
|
|
|
else |
2325
|
|
|
$memberEmails[$row['email_address']] = $row['email_address']; |
2326
|
|
|
} |
2327
|
|
|
} |
2328
|
|
|
$smcFunc['db_free_result']($request); |
2329
|
|
|
|
2330
|
|
|
// Build up the query. |
2331
|
|
|
$queryPart = array(); |
2332
|
|
|
$queryValues = array(); |
2333
|
|
|
if (!empty($memberIDs)) |
2334
|
|
|
{ |
2335
|
|
|
$queryPart[] = 'mem.id_member IN ({array_string:member_ids})'; |
2336
|
|
|
$queryValues['member_ids'] = $memberIDs; |
2337
|
|
|
} |
2338
|
|
|
if (!empty($memberEmails)) |
2339
|
|
|
{ |
2340
|
|
|
$queryPart[] = 'mem.email_address IN ({array_string:member_emails})'; |
2341
|
|
|
$queryValues['member_emails'] = $memberEmails; |
2342
|
|
|
} |
2343
|
|
|
$count = 0; |
2344
|
|
|
foreach ($memberEmailWild as $email) |
2345
|
|
|
{ |
2346
|
|
|
$queryPart[] = 'mem.email_address LIKE {string:wild_' . $count . '}'; |
2347
|
|
|
$queryValues['wild_' . $count++] = $email; |
2348
|
|
|
} |
2349
|
|
|
|
2350
|
|
|
// Find all banned members. |
2351
|
|
|
if (!empty($queryPart)) |
2352
|
|
|
{ |
2353
|
|
|
$request = $smcFunc['db_query']('', ' |
2354
|
|
|
SELECT mem.id_member, mem.is_activated |
2355
|
|
|
FROM {db_prefix}members AS mem |
2356
|
|
|
WHERE ' . implode(' OR ', $queryPart), |
2357
|
|
|
$queryValues |
2358
|
|
|
); |
2359
|
|
|
while ($row = $smcFunc['db_fetch_assoc']($request)) |
2360
|
|
|
{ |
2361
|
|
|
if (!in_array($row['id_member'], $allMembers)) |
2362
|
|
|
{ |
2363
|
|
|
$allMembers[] = $row['id_member']; |
2364
|
|
|
// Do they need an update? |
2365
|
|
|
if ($row['is_activated'] < 10) |
2366
|
|
|
{ |
2367
|
|
|
$updates[($row['is_activated'] + 10)][] = $row['id_member']; |
2368
|
|
|
$newMembers[] = $row['id_member']; |
2369
|
|
|
} |
2370
|
|
|
} |
2371
|
|
|
} |
2372
|
|
|
$smcFunc['db_free_result']($request); |
2373
|
|
|
} |
2374
|
|
|
|
2375
|
|
|
// We welcome our new members in the realm of the banned. |
2376
|
|
|
if (!empty($newMembers)) |
2377
|
|
|
$smcFunc['db_query']('', ' |
2378
|
|
|
DELETE FROM {db_prefix}log_online |
2379
|
|
|
WHERE id_member IN ({array_int:new_banned_members})', |
2380
|
|
|
array( |
2381
|
|
|
'new_banned_members' => $newMembers, |
2382
|
|
|
) |
2383
|
|
|
); |
2384
|
|
|
|
2385
|
|
|
// Find members that are wrongfully marked as banned. |
2386
|
|
|
$request = $smcFunc['db_query']('', ' |
2387
|
|
|
SELECT mem.id_member, mem.is_activated - 10 AS new_value |
2388
|
|
|
FROM {db_prefix}members AS mem |
2389
|
|
|
LEFT JOIN {db_prefix}ban_items AS bi ON (bi.id_member = mem.id_member OR mem.email_address LIKE bi.email_address) |
2390
|
|
|
LEFT JOIN {db_prefix}ban_groups AS bg ON (bg.id_ban_group = bi.id_ban_group AND bg.cannot_access = {int:cannot_access_activated} AND (bg.expire_time IS NULL OR bg.expire_time > {int:current_time})) |
2391
|
|
|
WHERE (bi.id_ban IS NULL OR bg.id_ban_group IS NULL) |
2392
|
|
|
AND mem.is_activated >= {int:ban_flag}', |
2393
|
|
|
array( |
2394
|
|
|
'cannot_access_activated' => 1, |
2395
|
|
|
'current_time' => time(), |
2396
|
|
|
'ban_flag' => 10, |
2397
|
|
|
) |
2398
|
|
|
); |
2399
|
|
|
while ($row = $smcFunc['db_fetch_assoc']($request)) |
2400
|
|
|
{ |
2401
|
|
|
// Don't do this twice! |
2402
|
|
|
if (!in_array($row['id_member'], $allMembers)) |
2403
|
|
|
{ |
2404
|
|
|
$updates[$row['new_value']][] = $row['id_member']; |
2405
|
|
|
$allMembers[] = $row['id_member']; |
2406
|
|
|
} |
2407
|
|
|
} |
2408
|
|
|
$smcFunc['db_free_result']($request); |
2409
|
|
|
|
2410
|
|
|
if (!empty($updates)) |
2411
|
|
|
foreach ($updates as $newStatus => $members) |
2412
|
|
|
updateMemberData($members, array('is_activated' => $newStatus)); |
2413
|
|
|
|
2414
|
|
|
// Update the latest member and our total members as banning may change them. |
2415
|
|
|
updateStats('member'); |
2416
|
|
|
} |
2417
|
|
|
|
2418
|
|
|
/** |
2419
|
|
|
* Gets basic member data for the ban |
2420
|
|
|
* |
2421
|
|
|
* @param int $id The ID of the member to get data for |
2422
|
|
|
* @return array An aray containing the ID, name, main IP and email address of the specified user |
2423
|
|
|
*/ |
2424
|
|
|
function getMemberData($id) |
2425
|
|
|
{ |
2426
|
|
|
global $smcFunc; |
2427
|
|
|
|
2428
|
|
|
$suggestions = array(); |
2429
|
|
|
$request = $smcFunc['db_query']('', ' |
2430
|
|
|
SELECT id_member, real_name, member_ip, email_address |
2431
|
|
|
FROM {db_prefix}members |
2432
|
|
|
WHERE id_member = {int:current_user} |
2433
|
|
|
LIMIT 1', |
2434
|
|
|
array( |
2435
|
|
|
'current_user' => $id, |
2436
|
|
|
) |
2437
|
|
|
); |
2438
|
|
|
if ($smcFunc['db_num_rows']($request) > 0) |
2439
|
|
|
{ |
2440
|
|
|
list ($suggestions['member']['id'], $suggestions['member']['name'], $suggestions['main_ip'], $suggestions['email']) = $smcFunc['db_fetch_row']($request); |
2441
|
|
|
$suggestions['main_ip'] = inet_dtop($suggestions['main_ip']); |
2442
|
|
|
} |
2443
|
|
|
$smcFunc['db_free_result']($request); |
2444
|
|
|
|
2445
|
|
|
return $suggestions; |
2446
|
|
|
} |
2447
|
|
|
|
2448
|
|
|
?> |