diff --git a/inc/config.php b/inc/config.php index cdeffea9..d6b10f0e 100644 --- a/inc/config.php +++ b/inc/config.php @@ -718,6 +718,10 @@ // A little more load on the database $config['ban_range'] = true; + // Enable CDIR netmask bans (eg. "10.0.0.0/8" for 10.0.0.0.0 - 10.255.255.255). Useful for stopping persistent spammers. + // Again, a little more database load. + $config['ban_cidr'] = true; + // Do a DNS lookup on IP addresses to get their hostname on the IP summary page $config['mod']['dns_lookup'] = true; // Show ban form on the IP summary page diff --git a/inc/functions.php b/inc/functions.php index 74e94ea6..7934a53a 100644 --- a/inc/functions.php +++ b/inc/functions.php @@ -537,8 +537,7 @@ if(!isset($_SERVER['REMOTE_ADDR'])) { // Server misconfiguration return; - } - + } $query = prepare("SELECT `set`, `expires`, `reason`, `board`, `uri`, `bans`.`id` FROM `bans` LEFT JOIN `boards` ON `boards`.`id` = `board` WHERE (`board` IS NULL OR `uri` = :board) AND `ip` = :ip ORDER BY `expires` IS NULL DESC, `expires` DESC, `expires` DESC LIMIT 1"); $query->bindValue(':ip', $_SERVER['REMOTE_ADDR']); @@ -550,6 +549,21 @@ $query->bindValue(':board', $board); $query->execute() or error(db_error($query)); } + if($query->rowCount() < 1 && $config['ban_cidr']) { + // my most insane SQL query yet + $query = prepare("SELECT `set`, `expires`, `reason`, `board`, `uri`, `bans`.`id` FROM `bans` LEFT JOIN `boards` ON `boards`.`id` = `board` WHERE (`board` IS NULL OR `uri` = :board) + AND ( + `ip` REGEXP '^(\[0-9]+\.\[0-9]+\.\[0-9]+\.\[0-9]+\)\/(\[0-9]+)$' + AND + :ip >= INET_ATON(SUBSTRING_INDEX(`ip`, '/', 1)) + AND + :ip < INET_ATON(SUBSTRING_INDEX(`ip`, '/', 1)) + POW(2, 32 - SUBSTRING_INDEX(`ip`, '/', -1)) + ) + ORDER BY `expires` IS NULL DESC, `expires` DESC LIMIT 1"); + $query->bindValue(':ip', ip2long($_SERVER['REMOTE_ADDR'])); + $query->bindValue(':board', $board); + $query->execute() or error(db_error($query)); + } if($ban = $query->fetch()) { if($ban['expires'] && $ban['expires'] < time()) {