kashire/lainchan
4
0
Fork 0
Code Issues 18 Pull Requests Releases Wiki Activity

per-board bans

Browse Source
This commit is contained in:
Savetheinternet 2011-07-27 13:40:27 +10:00
parent f33848a3ac
commit 4c1935a6b6
4 changed files with 78 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
inc/functions.php
View File

@ -400,7 +400,12 @@
$body = '<div class="ban"> $body = '<div class="ban">
<h2>You are banned! ;_;</h2> <h2>You are banned! ;_;</h2>
<p>You have been banned ' . <p>You have been banned from ' .
(!isset($ban['uri']) ?
'all boards':
'<strong>' . sprintf($config['board_abbreviation'], $ban['uri']) . '</strong>'
) .
' ' .
($ban['reason'] ? 'for the following reason:' : 'for an unspecified reason.') . ($ban['reason'] ? 'for the following reason:' : 'for an unspecified reason.') .
'</p>' . '</p>' .
($ban['reason'] ? ($ban['reason'] ?
@ -464,7 +469,7 @@
)); ));
} }
function checkBan() { function checkBan($board = 0) {
global $config, $memcached; global $config, $memcached;
if(!isset($_SERVER['REMOTE_ADDR'])) { if(!isset($_SERVER['REMOTE_ADDR'])) {
@ -474,17 +479,19 @@
if($config['memcached']['enabled']) { if($config['memcached']['enabled']) {
// Cached ban? // Cached ban?
if($ban = $memcached->get("ban_${_SERVER['REMOTE_ADDR']}")) { if($ban = $memcached->get("ban_${board}_${_SERVER['REMOTE_ADDR']}")) {
displayBan($ban); displayBan($ban);
} }
} }
$query = prepare("SELECT * FROM `bans` WHERE `ip` = :ip ORDER BY `expires` IS NULL DESC, `expires` DESC, `expires` DESC LIMIT 1"); $query = prepare("SELECT `set`, `expires`, `reason`, `board`, `uri` FROM `bans` LEFT JOIN `boards` ON `boards`.`id` = `board` WHERE (`board` IS NULL OR `uri` = :board) AND `ip` = :ip ORDER BY `expires` IS NULL DESC, `expires` DESC, `expires` DESC LIMIT 1");
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']); $query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
$query->bindValue(':board', $board);
$query->execute() or error(db_error($query)); $query->execute() or error(db_error($query));
if($query->rowCount() < 1 && $config['ban_range']) { if($query->rowCount() < 1 && $config['ban_range']) {
$query = prepare("SELECT * FROM `bans` WHERE :ip REGEXP CONCAT('^', REPLACE(REPLACE(`ip`, '.', '\\.'), '*', '[0-9]*'), '$') ORDER BY `expires` IS NULL DESC, `expires` DESC LIMIT 1"); $query = prepare("SELECT `set`, `expires`, `reason`, `board`, `uri` FROM `bans` LEFT JOIN `boards` ON `boards`.`id` = `board` WHERE (`board` IS NULL OR `uri` = :board) AND :ip REGEXP CONCAT('^', REPLACE(REPLACE(`ip`, '.', '\\.'), '*', '[0-9]*'), '$') ORDER BY `expires` IS NULL DESC, `expires` DESC LIMIT 1");
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']); $query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
$query->bindValue(':board', $board);
$query->execute() or error(db_error($query)); $query->execute() or error(db_error($query));
} }
@ -506,7 +513,7 @@
} }
if($config['memcached']['enabled']) if($config['memcached']['enabled'])
$memcached->set("ban_${_SERVER['REMOTE_ADDR']}", $ban, $ban['expires']); $memcached->set("ban_${board}_${_SERVER['REMOTE_ADDR']}", $ban, $ban['expires']);
displayBan($ban); displayBan($ban);
} }
} }

23
inc/mod.php
View File

@ -174,6 +174,23 @@
function form_newBan($ip=null, $reason='', $continue=false, $delete=false, $board=false, $allow_public = false) { function form_newBan($ip=null, $reason='', $continue=false, $delete=false, $board=false, $allow_public = false) {
global $config, $mod; global $config, $mod;
$boards = listBoards();
$__boards = '<li><input type="radio" name="board_id" id="board_*" value="-1"/> <label style="display:inline" for="board_*"><em>all boards</em></label></li>';
foreach($boards as &$_board) {
$__boards .= '<li>' .
'<input type="radio" name="board_id" id="board_' . $_board['uri'] . '" value="' . $_board['id'] . '">' .
'<label style="display:inline" for="board_' . $_board['uri'] . '"> ' .
($_board['uri'] == '*' ?
'<em>"*"</em>'
:
sprintf($config['board_abbreviation'], $_board['uri'])
) .
' - ' . $_board['title'] .
'</label>' .
'</li>';
}
return '<fieldset><legend>New ban</legend>' . return '<fieldset><legend>New ban</legend>' .
'<form action="?/ban" method="post">' . '<form action="?/ban" method="post">' .
($continue ? '<input type="hidden" name="continue" value="' . htmlentities($continue) . '" />' : '') . ($continue ? '<input type="hidden" name="continue" value="' . htmlentities($continue) . '" />' : '') .
@ -214,6 +231,12 @@
'<td><input type="text" name="length" id="length" size="20" maxlength="40" />' . '<td><input type="text" name="length" id="length" size="20" maxlength="40" />' .
' <span class="unimportant">(eg. "2d1h30m" or "2 days")</span></td>' . ' <span class="unimportant">(eg. "2d1h30m" or "2 days")</span></td>' .
'</tr>' . '</tr>' .
'<tr>' .
'<th>Board</th>' .
'<td><ul style="list-style:none;padding:2px 5px">' . $__boards . '</tl></td>' .
'</tr>' .
'<tr>' . '<tr>' .
'<td></td>' . '<td></td>' .
'<td><input name="new_ban" type="submit" value="New Ban" /></td>' . '<td><input name="new_ban" type="submit" value="New Ban" /></td>' .

42
mod.php
View File

@ -1040,7 +1040,7 @@
), listBoards()); ), listBoards());
foreach($boards as &$_board) { foreach($boards as &$_board) {
$__boards .= '<li>' . $__boards .= '<li>' .
'<input type="checkbox" name="board_' . $_board['uri'] . '" id="board_' . $_board['uri'] . '"' . '<input type="checkbox" name="board_' . $_board['uri'] . '" id="board_' . $_board['uri'] . '">' .
'<label style="display:inline" for="board_' . $_board['uri'] . '"> ' . '<label style="display:inline" for="board_' . $_board['uri'] . '"> ' .
($_board['uri'] == '*' ? ($_board['uri'] == '*' ?
'<em>"*"</em>' '<em>"*"</em>'
@ -1173,7 +1173,7 @@
$_mod['boards'] = explode(',', $_mod['boards']); $_mod['boards'] = explode(',', $_mod['boards']);
foreach($boards as &$_board) { foreach($boards as &$_board) {
$__boards .= '<li>' . $__boards .= '<li>' .
'<input type="checkbox" name="board_' . $_board['uri'] . '" id="board_' . $_board['uri'] . '"' . '<input type="checkbox" name="board_' . $_board['uri'] . '" id="board_' . $_board['uri'] . '">' .
(in_array($_board['uri'], $_mod['boards']) ? (in_array($_board['uri'], $_mod['boards']) ?
' checked="checked"' ' checked="checked"'
: '') . : '') .
@ -1440,19 +1440,19 @@
if($config['memcached']['enabled']) { if($config['memcached']['enabled']) {
// Remove cached ban // Remove cached ban
// TODO
$memcached->delete("ban_${m[1]}"); $memcached->delete("ban_${m[1]}");
} }
} }
} }
} }
if($mod['type'] >= $config['mod']['view_banexpired']) { if($mod['type'] >= $config['mod']['view_banexpired']) {
$query = prepare("SELECT * FROM `bans` INNER JOIN `mods` ON `mod` = `id` GROUP BY `ip` ORDER BY (`expires` IS NOT NULL AND `expires` < :time), `set` DESC"); $query = prepare("SELECT * FROM `bans` LEFT JOIN `boards` ON `boards`.`id` = `board` INNER JOIN `mods` ON `mod` = `mods`.`id` GROUP BY `ip` ORDER BY (`expires` IS NOT NULL AND `expires` < :time), `set` DESC");
$query->bindValue(':time', time(), PDO::PARAM_INT); $query->bindValue(':time', time(), PDO::PARAM_INT);
$query->execute() or error(db_error($query)); $query->execute() or error(db_error($query));
} else { } else {
// Filter out expired bans // Filter out expired bans
$query = prepare("SELECT * FROM `bans` INNER JOIN `mods` ON `mod` = `id` GROUP BY `ip` WHERE `expires` = 0 OR `expires` > :time ORDER BY `set` DESC"); $query = prepare("SELECT * FROM `bans` LEFT JOIN `boards` ON `boards`.`id` = `board` INNER JOIN `mods` ON `mod` = `mods`.`id` GROUP BY `ip` WHERE `expires` = 0 OR `expires` > :time ORDER BY `set` DESC");
$query->bindValue(':time', time(), PDO::PARAM_INT); $query->bindValue(':time', time(), PDO::PARAM_INT);
$query->execute() or error(db_error($query)); $query->execute() or error(db_error($query));
} }
@ -1461,7 +1461,7 @@
$body = '<p style="text-align:center" class="unimportant">(There are no active bans.)</p>'; $body = '<p style="text-align:center" class="unimportant">(There are no active bans.)</p>';
} else { } else {
$body = '<form action="" method="post">'; $body = '<form action="" method="post">';
$body .= '<table><tr><th>IP address</th><th>Reason</th><th>Set</th><th>Expires</th><th>Staff</th></tr>'; $body .= '<table><tr><th>IP address</th><th>Reason</th><th>Board</th><th>Set</th><th>Expires</th><th>Staff</th></tr>';
while($ban = $query->fetch()) { while($ban = $query->fetch()) {
$body .= $body .=
@ -1488,6 +1488,14 @@
// Reason // Reason
'<td>' . ($ban['reason'] ? $ban['reason'] : '<em>-</em>') . '</td>' . '<td>' . ($ban['reason'] ? $ban['reason'] : '<em>-</em>') . '</td>' .
'<td>' .
(isset($ban['uri']) ?
sprintf($config['board_abbreviation'], $ban['uri'])
:
'<em>all boards</em>'
) . '</td>' .
// Set // Set
'<td style="white-space: nowrap">' . date($config['post_date'], $ban['set']) . '</td>' . '<td style="white-space: nowrap">' . date($config['post_date'], $ban['set']) . '</td>' .
@ -1905,14 +1913,15 @@
if(isset($_POST['new_ban'])) { if(isset($_POST['new_ban'])) {
if( !isset($_POST['ip']) || if( !isset($_POST['ip']) ||
!isset($_POST['reason']) || !isset($_POST['reason']) ||
!isset($_POST['length']) !isset($_POST['length']) ||
!isset($_POST['board_id'])
) error($config['error']['missedafield']); ) error($config['error']['missedafield']);
// Check required fields // Check required fields
if(empty($_POST['ip'])) if(empty($_POST['ip']))
error(sprintf($config['error']['required'], 'IP address')); error(sprintf($config['error']['required'], 'IP address'));
$query = prepare("INSERT INTO `bans` VALUES (:ip, :mod, :set, :expires, :reason)"); $query = prepare("INSERT INTO `bans` VALUES (:ip, :mod, :set, :expires, :reason, :board)");
// 1yr2hrs30mins // 1yr2hrs30mins
// 1y2h30m // 1y2h30m
@ -1958,12 +1967,19 @@
$query->bindValue(':mod', $mod['id'], PDO::PARAM_INT); $query->bindValue(':mod', $mod['id'], PDO::PARAM_INT);
$query->bindValue(':set', time(), PDO::PARAM_INT); $query->bindValue(':set', time(), PDO::PARAM_INT);
if(isset($_POST['reason'])) { if(isset($_POST['reason'])) {
$query->bindValue(':reason', $_POST['reason'], PDO::PARAM_STR); $query->bindValue(':reason', $_POST['reason'], PDO::PARAM_STR);
} else { } else {
$query->bindValue(':reason', null, PDO::PARAM_NULL); $query->bindValue(':reason', null, PDO::PARAM_NULL);
} }
if($_POST['board_id'] < 0) {
$query->bindValue(':board', null, PDO::PARAM_NULL);
} else {
$query->bindValue(':board', (int)$_POST['board_id'], PDO::PARAM_INT);
}
// Record the action // Record the action
modLog('Created a ' . ($expire ? $expire . ' second' : 'permanent') . " ban for {$_POST['ip']} with " . (!empty($_POST['reason']) ? "reason \"{$_POST['reason']}\"" : 'no reason')); modLog('Created a ' . ($expire ? $expire . ' second' : 'permanent') . " ban for {$_POST['ip']} with " . (!empty($_POST['reason']) ? "reason \"{$_POST['reason']}\"" : 'no reason'));
@ -2189,7 +2205,7 @@
} }
if($mod['type'] >= $config['mod']['view_ban']) { if($mod['type'] >= $config['mod']['view_ban']) {
$query = prepare("SELECT * FROM `bans` INNER JOIN `mods` ON `mod` = `id` WHERE `ip` = :ip"); $query = prepare("SELECT * FROM `bans` LEFT JOIN `boards` ON `boards`.`id` = `board` INNER JOIN `mods` ON `mod` = `mods`.`id` WHERE `ip` = :ip");
$query->bindValue(':ip', $ip); $query->bindValue(':ip', $ip);
$query->execute() or error(db_error($query)); $query->execute() or error(db_error($query));
@ -2209,6 +2225,14 @@
// Reason // Reason
'<tr><th>Reason</th><td>' . $ban['reason'] . '</td></tr>' . '<tr><th>Reason</th><td>' . $ban['reason'] . '</td></tr>' .
// Board
'<tr><th>Board</th><td>' .
(isset($ban['uri']) ?
sprintf($config['board_abbreviation'], $ban['uri'])
:
'<em>all boards</em>'
) . '</td></tr>' .
// Set // Set
'<tr><th>Set</th><td>' . date($config['post_date'], $ban['set']) . '</td></tr>' . '<tr><th>Set</th><td>' . date($config['post_date'], $ban['set']) . '</td></tr>' .

22
post.php
View File

@ -36,17 +36,15 @@
} }
} }
// Check if banned
checkBan();
checkDNSBL(); checkDNSBL();
// Check if board exists // Check if board exists
if(!openBoard($_POST['board'])) if(!openBoard($_POST['board']))
error($config['error']['noboard']); error($config['error']['noboard']);
// Check if banned
checkBan($board['uri']);
if(empty($delete)) if(empty($delete))
error($config['error']['nodelete']); error($config['error']['nodelete']);
@ -96,17 +94,15 @@
} }
} }
// Check if banned
checkBan();
checkDNSBL(); checkDNSBL();
// Check if board exists // Check if board exists
if(!openBoard($_POST['board'])) if(!openBoard($_POST['board']))
error($config['error']['noboard']); error($config['error']['noboard']);
// Check if banned
checkBan($board['uri']);
if(empty($report)) if(empty($report))
error($config['error']['noreport']); error($config['error']['noreport']);
@ -174,15 +170,15 @@
if(time()-$user['appeared']<LURKTIME) error(ERROR_LURK); if(time()-$user['appeared']<LURKTIME) error(ERROR_LURK);
*/ */
// Check if banned
checkBan();
checkDNSBL(); checkDNSBL();
// Check if board exists // Check if board exists
if(!openBoard($post['board'])) if(!openBoard($post['board']))
error($config['error']['noboard']); error($config['error']['noboard']);
// Check if banned
checkBan($board['uri']);
// Check for CAPTCHA right after opening the board so the "return" link is in there // Check for CAPTCHA right after opening the board so the "return" link is in there
if($config['recaptcha']) { if($config['recaptcha']) {
if(!isset($_POST['recaptcha_challenge_field']) || !isset($_POST['recaptcha_response_field'])) if(!isset($_POST['recaptcha_challenge_field']) || !isset($_POST['recaptcha_response_field']))