1
0
mirror of https://github.com/vichan-devel/vichan.git synced 2024-11-24 07:30:10 +01:00

per-board bans

This commit is contained in:
Savetheinternet 2011-07-27 13:40:27 +10:00
parent f33848a3ac
commit 4c1935a6b6
4 changed files with 78 additions and 28 deletions

View File

@ -400,7 +400,12 @@
$body = '<div class="ban">
<h2>You are banned! ;_;</h2>
<p>You have been banned ' .
<p>You have been banned from ' .
(!isset($ban['uri']) ?
'all boards':
'<strong>' . sprintf($config['board_abbreviation'], $ban['uri']) . '</strong>'
) .
' ' .
($ban['reason'] ? 'for the following reason:' : 'for an unspecified reason.') .
'</p>' .
($ban['reason'] ?
@ -464,7 +469,7 @@
));
}
function checkBan() {
function checkBan($board = 0) {
global $config, $memcached;
if(!isset($_SERVER['REMOTE_ADDR'])) {
@ -474,17 +479,19 @@
if($config['memcached']['enabled']) {
// Cached ban?
if($ban = $memcached->get("ban_${_SERVER['REMOTE_ADDR']}")) {
if($ban = $memcached->get("ban_${board}_${_SERVER['REMOTE_ADDR']}")) {
displayBan($ban);
}
}
$query = prepare("SELECT * FROM `bans` WHERE `ip` = :ip ORDER BY `expires` IS NULL DESC, `expires` DESC, `expires` DESC LIMIT 1");
$query = prepare("SELECT `set`, `expires`, `reason`, `board`, `uri` FROM `bans` LEFT JOIN `boards` ON `boards`.`id` = `board` WHERE (`board` IS NULL OR `uri` = :board) AND `ip` = :ip ORDER BY `expires` IS NULL DESC, `expires` DESC, `expires` DESC LIMIT 1");
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
$query->bindValue(':board', $board);
$query->execute() or error(db_error($query));
if($query->rowCount() < 1 && $config['ban_range']) {
$query = prepare("SELECT * FROM `bans` WHERE :ip REGEXP CONCAT('^', REPLACE(REPLACE(`ip`, '.', '\\.'), '*', '[0-9]*'), '$') ORDER BY `expires` IS NULL DESC, `expires` DESC LIMIT 1");
$query = prepare("SELECT `set`, `expires`, `reason`, `board`, `uri` FROM `bans` LEFT JOIN `boards` ON `boards`.`id` = `board` WHERE (`board` IS NULL OR `uri` = :board) AND :ip REGEXP CONCAT('^', REPLACE(REPLACE(`ip`, '.', '\\.'), '*', '[0-9]*'), '$') ORDER BY `expires` IS NULL DESC, `expires` DESC LIMIT 1");
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
$query->bindValue(':board', $board);
$query->execute() or error(db_error($query));
}
@ -506,7 +513,7 @@
}
if($config['memcached']['enabled'])
$memcached->set("ban_${_SERVER['REMOTE_ADDR']}", $ban, $ban['expires']);
$memcached->set("ban_${board}_${_SERVER['REMOTE_ADDR']}", $ban, $ban['expires']);
displayBan($ban);
}
}

View File

@ -174,6 +174,23 @@
function form_newBan($ip=null, $reason='', $continue=false, $delete=false, $board=false, $allow_public = false) {
global $config, $mod;
$boards = listBoards();
$__boards = '<li><input type="radio" name="board_id" id="board_*" value="-1"/> <label style="display:inline" for="board_*"><em>all boards</em></label></li>';
foreach($boards as &$_board) {
$__boards .= '<li>' .
'<input type="radio" name="board_id" id="board_' . $_board['uri'] . '" value="' . $_board['id'] . '">' .
'<label style="display:inline" for="board_' . $_board['uri'] . '"> ' .
($_board['uri'] == '*' ?
'<em>"*"</em>'
:
sprintf($config['board_abbreviation'], $_board['uri'])
) .
' - ' . $_board['title'] .
'</label>' .
'</li>';
}
return '<fieldset><legend>New ban</legend>' .
'<form action="?/ban" method="post">' .
($continue ? '<input type="hidden" name="continue" value="' . htmlentities($continue) . '" />' : '') .
@ -214,6 +231,12 @@
'<td><input type="text" name="length" id="length" size="20" maxlength="40" />' .
' <span class="unimportant">(eg. "2d1h30m" or "2 days")</span></td>' .
'</tr>' .
'<tr>' .
'<th>Board</th>' .
'<td><ul style="list-style:none;padding:2px 5px">' . $__boards . '</tl></td>' .
'</tr>' .
'<tr>' .
'<td></td>' .
'<td><input name="new_ban" type="submit" value="New Ban" /></td>' .

42
mod.php
View File

@ -1040,7 +1040,7 @@
), listBoards());
foreach($boards as &$_board) {
$__boards .= '<li>' .
'<input type="checkbox" name="board_' . $_board['uri'] . '" id="board_' . $_board['uri'] . '"' .
'<input type="checkbox" name="board_' . $_board['uri'] . '" id="board_' . $_board['uri'] . '">' .
'<label style="display:inline" for="board_' . $_board['uri'] . '"> ' .
($_board['uri'] == '*' ?
'<em>"*"</em>'
@ -1173,7 +1173,7 @@
$_mod['boards'] = explode(',', $_mod['boards']);
foreach($boards as &$_board) {
$__boards .= '<li>' .
'<input type="checkbox" name="board_' . $_board['uri'] . '" id="board_' . $_board['uri'] . '"' .
'<input type="checkbox" name="board_' . $_board['uri'] . '" id="board_' . $_board['uri'] . '">' .
(in_array($_board['uri'], $_mod['boards']) ?
' checked="checked"'
: '') .
@ -1440,19 +1440,19 @@
if($config['memcached']['enabled']) {
// Remove cached ban
// TODO
$memcached->delete("ban_${m[1]}");
}
}
}
}
if($mod['type'] >= $config['mod']['view_banexpired']) {
$query = prepare("SELECT * FROM `bans` INNER JOIN `mods` ON `mod` = `id` GROUP BY `ip` ORDER BY (`expires` IS NOT NULL AND `expires` < :time), `set` DESC");
$query = prepare("SELECT * FROM `bans` LEFT JOIN `boards` ON `boards`.`id` = `board` INNER JOIN `mods` ON `mod` = `mods`.`id` GROUP BY `ip` ORDER BY (`expires` IS NOT NULL AND `expires` < :time), `set` DESC");
$query->bindValue(':time', time(), PDO::PARAM_INT);
$query->execute() or error(db_error($query));
} else {
// Filter out expired bans
$query = prepare("SELECT * FROM `bans` INNER JOIN `mods` ON `mod` = `id` GROUP BY `ip` WHERE `expires` = 0 OR `expires` > :time ORDER BY `set` DESC");
$query = prepare("SELECT * FROM `bans` LEFT JOIN `boards` ON `boards`.`id` = `board` INNER JOIN `mods` ON `mod` = `mods`.`id` GROUP BY `ip` WHERE `expires` = 0 OR `expires` > :time ORDER BY `set` DESC");
$query->bindValue(':time', time(), PDO::PARAM_INT);
$query->execute() or error(db_error($query));
}
@ -1461,7 +1461,7 @@
$body = '<p style="text-align:center" class="unimportant">(There are no active bans.)</p>';
} else {
$body = '<form action="" method="post">';
$body .= '<table><tr><th>IP address</th><th>Reason</th><th>Set</th><th>Expires</th><th>Staff</th></tr>';
$body .= '<table><tr><th>IP address</th><th>Reason</th><th>Board</th><th>Set</th><th>Expires</th><th>Staff</th></tr>';
while($ban = $query->fetch()) {
$body .=
@ -1488,6 +1488,14 @@
// Reason
'<td>' . ($ban['reason'] ? $ban['reason'] : '<em>-</em>') . '</td>' .
'<td>' .
(isset($ban['uri']) ?
sprintf($config['board_abbreviation'], $ban['uri'])
:
'<em>all boards</em>'
) . '</td>' .
// Set
'<td style="white-space: nowrap">' . date($config['post_date'], $ban['set']) . '</td>' .
@ -1905,14 +1913,15 @@
if(isset($_POST['new_ban'])) {
if( !isset($_POST['ip']) ||
!isset($_POST['reason']) ||
!isset($_POST['length'])
!isset($_POST['length']) ||
!isset($_POST['board_id'])
) error($config['error']['missedafield']);
// Check required fields
if(empty($_POST['ip']))
error(sprintf($config['error']['required'], 'IP address'));
$query = prepare("INSERT INTO `bans` VALUES (:ip, :mod, :set, :expires, :reason)");
$query = prepare("INSERT INTO `bans` VALUES (:ip, :mod, :set, :expires, :reason, :board)");
// 1yr2hrs30mins
// 1y2h30m
@ -1958,12 +1967,19 @@
$query->bindValue(':mod', $mod['id'], PDO::PARAM_INT);
$query->bindValue(':set', time(), PDO::PARAM_INT);
if(isset($_POST['reason'])) {
$query->bindValue(':reason', $_POST['reason'], PDO::PARAM_STR);
} else {
$query->bindValue(':reason', null, PDO::PARAM_NULL);
}
if($_POST['board_id'] < 0) {
$query->bindValue(':board', null, PDO::PARAM_NULL);
} else {
$query->bindValue(':board', (int)$_POST['board_id'], PDO::PARAM_INT);
}
// Record the action
modLog('Created a ' . ($expire ? $expire . ' second' : 'permanent') . " ban for {$_POST['ip']} with " . (!empty($_POST['reason']) ? "reason \"{$_POST['reason']}\"" : 'no reason'));
@ -2189,7 +2205,7 @@
}
if($mod['type'] >= $config['mod']['view_ban']) {
$query = prepare("SELECT * FROM `bans` INNER JOIN `mods` ON `mod` = `id` WHERE `ip` = :ip");
$query = prepare("SELECT * FROM `bans` LEFT JOIN `boards` ON `boards`.`id` = `board` INNER JOIN `mods` ON `mod` = `mods`.`id` WHERE `ip` = :ip");
$query->bindValue(':ip', $ip);
$query->execute() or error(db_error($query));
@ -2209,6 +2225,14 @@
// Reason
'<tr><th>Reason</th><td>' . $ban['reason'] . '</td></tr>' .
// Board
'<tr><th>Board</th><td>' .
(isset($ban['uri']) ?
sprintf($config['board_abbreviation'], $ban['uri'])
:
'<em>all boards</em>'
) . '</td></tr>' .
// Set
'<tr><th>Set</th><td>' . date($config['post_date'], $ban['set']) . '</td></tr>' .

View File

@ -36,17 +36,15 @@
}
}
// Check if banned
checkBan();
checkDNSBL();
// Check if board exists
if(!openBoard($_POST['board']))
error($config['error']['noboard']);
// Check if banned
checkBan($board['uri']);
if(empty($delete))
error($config['error']['nodelete']);
@ -96,17 +94,15 @@
}
}
// Check if banned
checkBan();
checkDNSBL();
// Check if board exists
if(!openBoard($_POST['board']))
error($config['error']['noboard']);
// Check if banned
checkBan($board['uri']);
if(empty($report))
error($config['error']['noreport']);
@ -174,15 +170,15 @@
if(time()-$user['appeared']<LURKTIME) error(ERROR_LURK);
*/
// Check if banned
checkBan();
checkDNSBL();
// Check if board exists
if(!openBoard($post['board']))
error($config['error']['noboard']);
// Check if banned
checkBan($board['uri']);
// Check for CAPTCHA right after opening the board so the "return" link is in there
if($config['recaptcha']) {
if(!isset($_POST['recaptcha_challenge_field']) || !isset($_POST['recaptcha_response_field']))