mirror of
https://github.com/vichan-devel/vichan.git
synced 2024-11-28 01:10:51 +01:00
per-board bans
This commit is contained in:
parent
f33848a3ac
commit
4c1935a6b6
@ -400,7 +400,12 @@
|
||||
|
||||
$body = '<div class="ban">
|
||||
<h2>You are banned! ;_;</h2>
|
||||
<p>You have been banned ' .
|
||||
<p>You have been banned from ' .
|
||||
(!isset($ban['uri']) ?
|
||||
'all boards':
|
||||
'<strong>' . sprintf($config['board_abbreviation'], $ban['uri']) . '</strong>'
|
||||
) .
|
||||
' ' .
|
||||
($ban['reason'] ? 'for the following reason:' : 'for an unspecified reason.') .
|
||||
'</p>' .
|
||||
($ban['reason'] ?
|
||||
@ -464,7 +469,7 @@
|
||||
));
|
||||
}
|
||||
|
||||
function checkBan() {
|
||||
function checkBan($board = 0) {
|
||||
global $config, $memcached;
|
||||
|
||||
if(!isset($_SERVER['REMOTE_ADDR'])) {
|
||||
@ -474,17 +479,19 @@
|
||||
|
||||
if($config['memcached']['enabled']) {
|
||||
// Cached ban?
|
||||
if($ban = $memcached->get("ban_${_SERVER['REMOTE_ADDR']}")) {
|
||||
if($ban = $memcached->get("ban_${board}_${_SERVER['REMOTE_ADDR']}")) {
|
||||
displayBan($ban);
|
||||
}
|
||||
}
|
||||
|
||||
$query = prepare("SELECT * FROM `bans` WHERE `ip` = :ip ORDER BY `expires` IS NULL DESC, `expires` DESC, `expires` DESC LIMIT 1");
|
||||
$query = prepare("SELECT `set`, `expires`, `reason`, `board`, `uri` FROM `bans` LEFT JOIN `boards` ON `boards`.`id` = `board` WHERE (`board` IS NULL OR `uri` = :board) AND `ip` = :ip ORDER BY `expires` IS NULL DESC, `expires` DESC, `expires` DESC LIMIT 1");
|
||||
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
|
||||
$query->bindValue(':board', $board);
|
||||
$query->execute() or error(db_error($query));
|
||||
if($query->rowCount() < 1 && $config['ban_range']) {
|
||||
$query = prepare("SELECT * FROM `bans` WHERE :ip REGEXP CONCAT('^', REPLACE(REPLACE(`ip`, '.', '\\.'), '*', '[0-9]*'), '$') ORDER BY `expires` IS NULL DESC, `expires` DESC LIMIT 1");
|
||||
$query = prepare("SELECT `set`, `expires`, `reason`, `board`, `uri` FROM `bans` LEFT JOIN `boards` ON `boards`.`id` = `board` WHERE (`board` IS NULL OR `uri` = :board) AND :ip REGEXP CONCAT('^', REPLACE(REPLACE(`ip`, '.', '\\.'), '*', '[0-9]*'), '$') ORDER BY `expires` IS NULL DESC, `expires` DESC LIMIT 1");
|
||||
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
|
||||
$query->bindValue(':board', $board);
|
||||
$query->execute() or error(db_error($query));
|
||||
}
|
||||
|
||||
@ -506,7 +513,7 @@
|
||||
}
|
||||
|
||||
if($config['memcached']['enabled'])
|
||||
$memcached->set("ban_${_SERVER['REMOTE_ADDR']}", $ban, $ban['expires']);
|
||||
$memcached->set("ban_${board}_${_SERVER['REMOTE_ADDR']}", $ban, $ban['expires']);
|
||||
displayBan($ban);
|
||||
}
|
||||
}
|
||||
|
23
inc/mod.php
23
inc/mod.php
@ -174,6 +174,23 @@
|
||||
|
||||
function form_newBan($ip=null, $reason='', $continue=false, $delete=false, $board=false, $allow_public = false) {
|
||||
global $config, $mod;
|
||||
|
||||
$boards = listBoards();
|
||||
$__boards = '<li><input type="radio" name="board_id" id="board_*" value="-1"/> <label style="display:inline" for="board_*"><em>all boards</em></label></li>';
|
||||
foreach($boards as &$_board) {
|
||||
$__boards .= '<li>' .
|
||||
'<input type="radio" name="board_id" id="board_' . $_board['uri'] . '" value="' . $_board['id'] . '">' .
|
||||
'<label style="display:inline" for="board_' . $_board['uri'] . '"> ' .
|
||||
($_board['uri'] == '*' ?
|
||||
'<em>"*"</em>'
|
||||
:
|
||||
sprintf($config['board_abbreviation'], $_board['uri'])
|
||||
) .
|
||||
' - ' . $_board['title'] .
|
||||
'</label>' .
|
||||
'</li>';
|
||||
}
|
||||
|
||||
return '<fieldset><legend>New ban</legend>' .
|
||||
'<form action="?/ban" method="post">' .
|
||||
($continue ? '<input type="hidden" name="continue" value="' . htmlentities($continue) . '" />' : '') .
|
||||
@ -214,6 +231,12 @@
|
||||
'<td><input type="text" name="length" id="length" size="20" maxlength="40" />' .
|
||||
' <span class="unimportant">(eg. "2d1h30m" or "2 days")</span></td>' .
|
||||
'</tr>' .
|
||||
|
||||
'<tr>' .
|
||||
'<th>Board</th>' .
|
||||
'<td><ul style="list-style:none;padding:2px 5px">' . $__boards . '</tl></td>' .
|
||||
'</tr>' .
|
||||
|
||||
'<tr>' .
|
||||
'<td></td>' .
|
||||
'<td><input name="new_ban" type="submit" value="New Ban" /></td>' .
|
||||
|
42
mod.php
42
mod.php
@ -1040,7 +1040,7 @@
|
||||
), listBoards());
|
||||
foreach($boards as &$_board) {
|
||||
$__boards .= '<li>' .
|
||||
'<input type="checkbox" name="board_' . $_board['uri'] . '" id="board_' . $_board['uri'] . '"' .
|
||||
'<input type="checkbox" name="board_' . $_board['uri'] . '" id="board_' . $_board['uri'] . '">' .
|
||||
'<label style="display:inline" for="board_' . $_board['uri'] . '"> ' .
|
||||
($_board['uri'] == '*' ?
|
||||
'<em>"*"</em>'
|
||||
@ -1173,7 +1173,7 @@
|
||||
$_mod['boards'] = explode(',', $_mod['boards']);
|
||||
foreach($boards as &$_board) {
|
||||
$__boards .= '<li>' .
|
||||
'<input type="checkbox" name="board_' . $_board['uri'] . '" id="board_' . $_board['uri'] . '"' .
|
||||
'<input type="checkbox" name="board_' . $_board['uri'] . '" id="board_' . $_board['uri'] . '">' .
|
||||
(in_array($_board['uri'], $_mod['boards']) ?
|
||||
' checked="checked"'
|
||||
: '') .
|
||||
@ -1440,19 +1440,19 @@
|
||||
|
||||
if($config['memcached']['enabled']) {
|
||||
// Remove cached ban
|
||||
// TODO
|
||||
$memcached->delete("ban_${m[1]}");
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if($mod['type'] >= $config['mod']['view_banexpired']) {
|
||||
$query = prepare("SELECT * FROM `bans` INNER JOIN `mods` ON `mod` = `id` GROUP BY `ip` ORDER BY (`expires` IS NOT NULL AND `expires` < :time), `set` DESC");
|
||||
$query = prepare("SELECT * FROM `bans` LEFT JOIN `boards` ON `boards`.`id` = `board` INNER JOIN `mods` ON `mod` = `mods`.`id` GROUP BY `ip` ORDER BY (`expires` IS NOT NULL AND `expires` < :time), `set` DESC");
|
||||
$query->bindValue(':time', time(), PDO::PARAM_INT);
|
||||
$query->execute() or error(db_error($query));
|
||||
} else {
|
||||
// Filter out expired bans
|
||||
$query = prepare("SELECT * FROM `bans` INNER JOIN `mods` ON `mod` = `id` GROUP BY `ip` WHERE `expires` = 0 OR `expires` > :time ORDER BY `set` DESC");
|
||||
$query = prepare("SELECT * FROM `bans` LEFT JOIN `boards` ON `boards`.`id` = `board` INNER JOIN `mods` ON `mod` = `mods`.`id` GROUP BY `ip` WHERE `expires` = 0 OR `expires` > :time ORDER BY `set` DESC");
|
||||
$query->bindValue(':time', time(), PDO::PARAM_INT);
|
||||
$query->execute() or error(db_error($query));
|
||||
}
|
||||
@ -1461,7 +1461,7 @@
|
||||
$body = '<p style="text-align:center" class="unimportant">(There are no active bans.)</p>';
|
||||
} else {
|
||||
$body = '<form action="" method="post">';
|
||||
$body .= '<table><tr><th>IP address</th><th>Reason</th><th>Set</th><th>Expires</th><th>Staff</th></tr>';
|
||||
$body .= '<table><tr><th>IP address</th><th>Reason</th><th>Board</th><th>Set</th><th>Expires</th><th>Staff</th></tr>';
|
||||
|
||||
while($ban = $query->fetch()) {
|
||||
$body .=
|
||||
@ -1488,6 +1488,14 @@
|
||||
// Reason
|
||||
'<td>' . ($ban['reason'] ? $ban['reason'] : '<em>-</em>') . '</td>' .
|
||||
|
||||
|
||||
'<td>' .
|
||||
(isset($ban['uri']) ?
|
||||
sprintf($config['board_abbreviation'], $ban['uri'])
|
||||
:
|
||||
'<em>all boards</em>'
|
||||
) . '</td>' .
|
||||
|
||||
// Set
|
||||
'<td style="white-space: nowrap">' . date($config['post_date'], $ban['set']) . '</td>' .
|
||||
|
||||
@ -1905,14 +1913,15 @@
|
||||
if(isset($_POST['new_ban'])) {
|
||||
if( !isset($_POST['ip']) ||
|
||||
!isset($_POST['reason']) ||
|
||||
!isset($_POST['length'])
|
||||
!isset($_POST['length']) ||
|
||||
!isset($_POST['board_id'])
|
||||
) error($config['error']['missedafield']);
|
||||
|
||||
// Check required fields
|
||||
if(empty($_POST['ip']))
|
||||
error(sprintf($config['error']['required'], 'IP address'));
|
||||
|
||||
$query = prepare("INSERT INTO `bans` VALUES (:ip, :mod, :set, :expires, :reason)");
|
||||
$query = prepare("INSERT INTO `bans` VALUES (:ip, :mod, :set, :expires, :reason, :board)");
|
||||
|
||||
// 1yr2hrs30mins
|
||||
// 1y2h30m
|
||||
@ -1958,12 +1967,19 @@
|
||||
$query->bindValue(':mod', $mod['id'], PDO::PARAM_INT);
|
||||
$query->bindValue(':set', time(), PDO::PARAM_INT);
|
||||
|
||||
|
||||
if(isset($_POST['reason'])) {
|
||||
$query->bindValue(':reason', $_POST['reason'], PDO::PARAM_STR);
|
||||
} else {
|
||||
$query->bindValue(':reason', null, PDO::PARAM_NULL);
|
||||
}
|
||||
|
||||
if($_POST['board_id'] < 0) {
|
||||
$query->bindValue(':board', null, PDO::PARAM_NULL);
|
||||
} else {
|
||||
$query->bindValue(':board', (int)$_POST['board_id'], PDO::PARAM_INT);
|
||||
}
|
||||
|
||||
// Record the action
|
||||
modLog('Created a ' . ($expire ? $expire . ' second' : 'permanent') . " ban for {$_POST['ip']} with " . (!empty($_POST['reason']) ? "reason \"{$_POST['reason']}\"" : 'no reason'));
|
||||
|
||||
@ -2189,7 +2205,7 @@
|
||||
}
|
||||
|
||||
if($mod['type'] >= $config['mod']['view_ban']) {
|
||||
$query = prepare("SELECT * FROM `bans` INNER JOIN `mods` ON `mod` = `id` WHERE `ip` = :ip");
|
||||
$query = prepare("SELECT * FROM `bans` LEFT JOIN `boards` ON `boards`.`id` = `board` INNER JOIN `mods` ON `mod` = `mods`.`id` WHERE `ip` = :ip");
|
||||
$query->bindValue(':ip', $ip);
|
||||
$query->execute() or error(db_error($query));
|
||||
|
||||
@ -2209,6 +2225,14 @@
|
||||
// Reason
|
||||
'<tr><th>Reason</th><td>' . $ban['reason'] . '</td></tr>' .
|
||||
|
||||
// Board
|
||||
'<tr><th>Board</th><td>' .
|
||||
(isset($ban['uri']) ?
|
||||
sprintf($config['board_abbreviation'], $ban['uri'])
|
||||
:
|
||||
'<em>all boards</em>'
|
||||
) . '</td></tr>' .
|
||||
|
||||
// Set
|
||||
'<tr><th>Set</th><td>' . date($config['post_date'], $ban['set']) . '</td></tr>' .
|
||||
|
||||
|
22
post.php
22
post.php
@ -36,17 +36,15 @@
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
||||
// Check if banned
|
||||
checkBan();
|
||||
|
||||
checkDNSBL();
|
||||
|
||||
// Check if board exists
|
||||
if(!openBoard($_POST['board']))
|
||||
error($config['error']['noboard']);
|
||||
|
||||
// Check if banned
|
||||
checkBan($board['uri']);
|
||||
|
||||
if(empty($delete))
|
||||
error($config['error']['nodelete']);
|
||||
|
||||
@ -96,17 +94,15 @@
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
||||
// Check if banned
|
||||
checkBan();
|
||||
|
||||
checkDNSBL();
|
||||
|
||||
// Check if board exists
|
||||
if(!openBoard($_POST['board']))
|
||||
error($config['error']['noboard']);
|
||||
|
||||
// Check if banned
|
||||
checkBan($board['uri']);
|
||||
|
||||
if(empty($report))
|
||||
error($config['error']['noreport']);
|
||||
|
||||
@ -174,15 +170,15 @@
|
||||
if(time()-$user['appeared']<LURKTIME) error(ERROR_LURK);
|
||||
*/
|
||||
|
||||
// Check if banned
|
||||
checkBan();
|
||||
|
||||
checkDNSBL();
|
||||
|
||||
// Check if board exists
|
||||
if(!openBoard($post['board']))
|
||||
error($config['error']['noboard']);
|
||||
|
||||
// Check if banned
|
||||
checkBan($board['uri']);
|
||||
|
||||
// Check for CAPTCHA right after opening the board so the "return" link is in there
|
||||
if($config['recaptcha']) {
|
||||
if(!isset($_POST['recaptcha_challenge_field']) || !isset($_POST['recaptcha_response_field']))
|
||||
|
Loading…
Reference in New Issue
Block a user