如何限制访问者的ip(PHPBB的代码)
2023-06-13 09:13:43 时间
如何限制访问者的ip(PHPBB的代码)
Code:
<?php
/***************************************************************************
*admin_user_ban.php
*-------------------
*begin:Tuesday,Jul31,2001
*copyright:(C)2001ThephpBBGroup
*email:[email]support@phpbb.com[/email]
*
*$Id:admin_user_ban.php,v1.21.2.22002/05/1215:57:45psotfxExp$
*
*
***************************************************************************/
/***************************************************************************
*ThisfileispartofthephpBB2porttoNuke6.0(c)copyright2002
*byTomNitzschner([email]tom@toms-home.com[/email])
*[url]http://bbtonuke.sourceforge.net[/url](or[url]http://www.toms-home.com)[/url]
*
*Asalways,makeabackupbeforemessingwithanything.Allcode
*releasebymeisconsideredsamplecodeonly.Itmaybefully
*functual,butyouuseitatyourownrisk,ifyoubreakit,
*yougettofixittoo.Nowarantyisgivenorimplied.
*
*Pleasepostallquestions/requestaboutthisporton[url]http://bbtonuke.sourceforge.net[/url]first,
*thenonmysite.Alloriginalheadercodeandcopyrightmessageswillbemaintained
*togivecreditwherecreditisdue.Ifyoumodifythis,theonlyrequirementis
*thatyoualsomaintainalloriginalcopyrightmessages.Allmyworkisreleased
*undertheGNUGENERALPUBLICLICENSE.PleaseseetheREADMEformoreinformation.
*
***************************************************************************/
/***************************************************************************
*
*Thisprogramisfreesoftware;youcanredistributeitand/ormodify
*itunderthetermsoftheGNUGeneralPublicLicenseaspublishedby
*theFreeSoftwareFoundation;eitherversion2oftheLicense,or
*(atyouroption)anylaterversion.
*
***************************************************************************/
define("IN_PHPBB",1);
if(!empty($setmodules))
{
$filename=basename(__FILE__);
$module["Users"]["Ban_Management"]=$filename;
return;
}
//
//Loaddefaultheader
//
$phpbb_root_path="./../";
require($phpbb_root_path."extension.inc");
require("./pagestart.".$phpEx);
//
//Startprogram
//
if(isset($HTTP_POST_VARS["submit"]))
{
$user_bansql="";
$email_bansql="";
$ip_bansql="";
$user_list=array();
if(!empty($HTTP_POST_VARS["username"]))
{
$this_userdata=get_userdata($HTTP_POST_VARS["username"]);
if(!$this_userdata)
{
message_die(GENERAL_MESSAGE,$lang["No_user_id_specified"]);
}
$user_list[]=$this_userdata["user_id"];
}
$ip_list=array();
if(isset($HTTP_POST_VARS["ban_ip"]))
{
$ip_list_temp=explode(",",$HTTP_POST_VARS["ban_ip"]);
for($i=0;$i<count($ip_list_temp);$i++)
{
if(preg_match("/^([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})[]*\-[]*([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})$/",trim($ip_list_temp[$i]),$ip_range_explode))
{
//
//Don"taskaboutallthis,justdon"task...!为什么
//
$ip_1_counter=$ip_range_explode[1];
$ip_1_end=$ip_range_explode[5];
while($ip_1_counter<=$ip_1_end)
{
$ip_2_counter=($ip_1_counter==$ip_range_explode[1])?$ip_range_explode[2]:0;
$ip_2_end=($ip_1_counter<$ip_1_end)?254:$ip_range_explode[6];
if($ip_2_counter==0&&$ip_2_end==254)
{
$ip_2_counter=255;
$ip_2_fragment=255;
$ip_list[]=encode_ip("$ip_1_counter.255.255.255");
}
while($ip_2_counter<=$ip_2_end)
{
$ip_3_counter=($ip_2_counter==$ip_range_explode[2]&&$ip_1_counter==$ip_range_explode[1])?$ip_range_explode[3]:0;
$ip_3_end=($ip_2_counter<$ip_2_end
$ip_1_counter<$ip_1_end)?254:$ip_range_explode[7];
if($ip_3_counter==0&&$ip_3_end==254)
{
$ip_3_counter=255;
$ip_3_fragment=255;
$ip_list[]=encode_ip("$ip_1_counter.$ip_2_counter.255.255");
}
while($ip_3_counter<=$ip_3_end)
{
$ip_4_counter=($ip_3_counter==$ip_range_explode[3]&&$ip_2_counter==$ip_range_explode[2]&&$ip_1_counter==$ip_range_explode[1])?$ip_range_explode[4]:0;
$ip_4_end=($ip_3_counter<$ip_3_end
$ip_2_counter<$ip_2_end)?254:$ip_range_explode[8];
if($ip_4_counter==0&&$ip_4_end==254)
{
$ip_4_counter=255;
$ip_4_fragment=255;
$ip_list[]=encode_ip("$ip_1_counter.$ip_2_counter.$ip_3_counter.255");
}
while($ip_4_counter<=$ip_4_end)
{
$ip_list[]=encode_ip("$ip_1_counter.$ip_2_counter.$ip_3_counter.$ip_4_counter");
$ip_4_counter++;
}
$ip_3_counter++;
}
$ip_2_counter++;
}
$ip_1_counter++;
}
}
elseif(preg_match("/^([\w\-_]\.?){2,}$/is",trim($ip_list_temp[$i])))
{
$ip=gethostbynamel(trim($ip_list_temp[$i]));
for($j=0;$j<count($ip);$j++)
{
if(!empty($ip[$j]))
{
$ip_list[]=encode_ip($ip[$j]);
}
}
}
elseif(preg_match("/^([0-9]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})$/",trim($ip_list_temp[$i])))
{
$ip_list[]=encode_ip(str_replace("*","255",trim($ip_list_temp[$i])));
}
}
}
$email_list=array();
if(isset($HTTP_POST_VARS["ban_email"]))
{
$email_list_temp=explode(",",$HTTP_POST_VARS["ban_email"]);
for($i=0;$i<count($email_list_temp);$i++)
{
//
//Thiseregmatchisbasedononeby[email]php@unreelpro.com[/email]
//containedintheannotatedphpmanualatphp.com(ereg
//section)
//
if(eregi("^(([[:alnum:]\*]+([-_.][[:alnum:]\*]+)*\.?)|(\*))@([[:alnum:]]+([-_]?[[:alnum:]]+)*\.){1,3}([[:alnum:]]{2,6})$",trim($email_list_temp[$i])))
{
$email_list[]=trim($email_list_temp[$i]);
}
}
}
$sql="SELECT*
FROM".BANLIST_TABLE;
if(!($result=$db->sql_query($sql)))
{
message_die(GENERAL_ERROR,"Couldn"tobtainbanlistinformation","",__LINE__,__FILE__,$sql);
}
$current_banlist=$db->sql_fetchrowset($result);
$db->sql_freeresult($result);
$kill_session_sql="";
for($i=0;$i<count($user_list);$i++)
{
$in_banlist=false;
for($j=0;$j<count($current_banlist);$j++)
{
if($user_list[$i]==$current_banlist[$j]["ban_userid"])
{
$in_banlist=true;
}
}
if(!$in_banlist)
{
$kill_session_sql.=(($kill_session_sql!="")?"OR":"")."session_user_id=".$user_list[$i];
$sql="INSERTINTO".BANLIST_TABLE."(ban_userid)
VALUES(".$user_list[$i].")";
if(!$db->sql_query($sql))
{
message_die(GENERAL_ERROR,"Couldn"tinsertban_useridinfointodatabase","",__LINE__,__FILE__,$sql);
}
}
}
for($i=0;$i<count($ip_list);$i++)
{
$in_banlist=false;
for($j=0;$j<count($current_banlist);$j++)
{
if($ip_list[$i]==$current_banlist[$j]["ban_ip"])
{
$in_banlist=true;
}
}
if(!$in_banlist)
{
if(preg_match("/(ff\.)|(\.ff)/is",chunk_split($ip_list[$i],2,".")))
{
$kill_ip_sql="session_ipLIKE"".str_replace(".","",preg_replace("/(ff\.)|(\.ff)/is","%",chunk_split($ip_list[$i],2,"."))).""";
}
else
{
$kill_ip_sql="session_ip="".$ip_list[$i].""";
}
$kill_session_sql.=(($kill_session_sql!="")?"OR":"").$kill_ip_sql;
$sql="INSERTINTO".BANLIST_TABLE."(ban_ip)
VALUES("".$ip_list[$i]."")";
if(!$db->sql_query($sql))
{
message_die(GENERAL_ERROR,"Couldn"tinsertban_ipinfointodatabase","",__LINE__,__FILE__,$sql);
}
}
}
//
//Nowwe"lldeleteallentriesfromthesessiontablewithanyofthebanned
//userorIPinfojustenteredintothebantable...thiswillforceasession
//initialisationresultinginaninstantban
//
if($kill_session_sql!="")
{
$sql="DELETEFROM".SESSIONS_TABLE."
WHERE$kill_session_sql";
if(!$db->sql_query($sql))
{
message_die(GENERAL_ERROR,"Couldn"tdeletebannedsessionsfromdatabase","",__LINE__,__FILE__,$sql);
}
}
for($i=0;$i<count($email_list);$i++)
{
$in_banlist=false;
for($j=0;$j<count($current_banlist);$j++)
{
if($email_list[$i]==$current_banlist[$j]["ban_email"])
{
$in_banlist=true;
}
}
if(!$in_banlist)
{
$sql="INSERTINTO".BANLIST_TABLE."(ban_email)
VALUES("".str_replace(""","""",$email_list[$i])."")";
if(!$db->sql_query($sql))
{
message_die(GENERAL_ERROR,"Couldn"tinsertban_emailinfointodatabase","",__LINE__,__FILE__,$sql);
}
}
}
$where_sql="";
if(isset($HTTP_POST_VARS["unban_user"]))
{
$user_list=$HTTP_POST_VARS["unban_user"];
for($i=0;$i<count($user_list);$i++)
{
if($user_list[$i]!=-1)
{
$where_sql.=(($where_sql!="")?",":"").$user_list[$i];
}
}
}
if(isset($HTTP_POST_VARS["unban_ip"]))
{
$ip_list=$HTTP_POST_VARS["unban_ip"];
for($i=0;$i<count($ip_list);$i++)
{
if($ip_list[$i]!=-1)
{
$where_sql.=(($where_sql!="")?",":"").$ip_list[$i];
}
}
}
if(isset($HTTP_POST_VARS["unban_email"]))
{
$email_list=$HTTP_POST_VARS["unban_email"];
for($i=0;$i<count($email_list);$i++)
{
if($email_list[$i]!=-1)
{
$where_sql.=(($where_sql!="")?",":"").$email_list[$i];
}
}
}
if($where_sql!="")
{
$sql="DELETEFROM".BANLIST_TABLE."
WHEREban_idIN($where_sql)";
if(!$db->sql_query($sql))
{
message_die(GENERAL_ERROR,"Couldn"tdeletebaninfofromdatabase","",__LINE__,__FILE__,$sql);
}
}
$message=$lang["Ban_update_sucessful"]."<br/><br/>".sprintf($lang["Click_return_banadmin"],"<ahref="".append_sid("admin_user_ban.$phpEx")."">","</a>")."<br/><br/>".sprintf($lang["Click_return_admin_index"],"<ahref="".append_sid("index.$phpEx?pane=right")."">","</a>");
message_die(GENERAL_MESSAGE,$message);
}
else
{
$template->set_filenames(array(
"body"=>"admin/user_ban_body.tpl")
);
$template->assign_vars(array(
"L_BAN_TITLE"=>$lang["Ban_control"],
"L_BAN_EXPLAIN"=>$lang["Ban_explain"],
"L_BAN_EXPLAIN_WARN"=>$lang["Ban_explain_warn"],
"L_IP_OR_HOSTNAME"=>$lang["IP_hostname"],
"L_EMAIL_ADDRESS"=>$lang["Email_address"],
"L_SUBMIT"=>$lang["Submit"],
"L_RESET"=>$lang["Reset"],
"S_BANLIST_ACTION"=>append_sid("admin_user_ban.$phpEx"))
);
$template->assign_vars(array(
"L_BAN_USER"=>$lang["Ban_username"],
"L_BAN_USER_EXPLAIN"=>$lang["Ban_username_explain"],
"L_BAN_IP"=>$lang["Ban_IP"],
"L_BAN_IP_EXPLAIN"=>$lang["Ban_IP_explain"],
"L_BAN_EMAIL"=>$lang["Ban_email"],
"L_BAN_EMAIL_EXPLAIN"=>$lang["Ban_email_explain"])
);
$userban_count=0;
$ipban_count=0;
$emailban_count=0;
$sql="SELECTb.ban_id,u.user_id,u.username
FROM".BANLIST_TABLE."b,".USERS_TABLE."u
WHEREu.user_id=b.ban_userid
ANDb.ban_userid<>0
ANDu.user_id<>".ANONYMOUS."
ORDERBYu.user_idASC";
if(!($result=$db->sql_query($sql)))
{
message_die(GENERAL_ERROR,"Couldnotselectcurrentuser_idbanlist","",__LINE__,__FILE__,$sql);
}
$user_list=$db->sql_fetchrowset($result);
$db->sql_freeresult($result);
$select_userlist="";
for($i=0;$i<count($user_list);$i++)
{
$select_userlist.="<optionvalue="".$user_list[$i]["ban_id"]."">".$user_list[$i]["username"]."</option>";
$userban_count++;
}
if($select_userlist=="")
{
$select_userlist="<optionvalue="-1">".$lang["No_banned_users"]."</option>";
}
$select_userlist="<selectname="unban_user[]"multiple="multiple"size="5">".$select_userlist."</select>";
$sql="SELECTban_id,ban_ip,ban_email
FROM".BANLIST_TABLE;
if(!($result=$db->sql_query($sql)))
{
message_die(GENERAL_ERROR,"Couldnotselectcurrentipbanlist","",__LINE__,__FILE__,$sql);
}
$banlist=$db->sql_fetchrowset($result);
$db->sql_freeresult($result);
$select_iplist="";
$select_emaillist="";
for($i=0;$i<count($banlist);$i++)
{
$ban_id=$banlist[$i]["ban_id"];
if(!empty($banlist[$i]["ban_ip"]))
{
$ban_ip=str_replace("255","*",decode_ip($banlist[$i]["ban_ip"]));
$select_iplist.="<optionvalue="".$ban_id."">".$ban_ip."</option>";
$ipban_count++;
}
elseif(!empty($banlist[$i]["ban_email"]))
{
$ban_email=$banlist[$i]["ban_email"];
$select_emaillist.="<optionvalue="".$ban_id."">".$ban_email."</option>";
$emailban_count++;
}
}
if($select_iplist=="")
{
$select_iplist="<optionvalue="-1">".$lang["No_banned_ip"]."</option>";
}
if($select_emaillist=="")
{
$select_emaillist="<optionvalue="-1">".$lang["No_banned_email"]."</option>";
}
$select_iplist="<selectname="unban_ip[]"multiple="multiple"size="5">".$select_iplist."</select>";
$select_emaillist="<selectname="unban_email[]"multiple="multiple"size="5">".$select_emaillist."</select>";
$template->assign_vars(array(
"L_UNBAN_USER"=>$lang["Unban_username"],
"L_UNBAN_USER_EXPLAIN"=>$lang["Unban_username_explain"],
"L_UNBAN_IP"=>$lang["Unban_IP"],
"L_UNBAN_IP_EXPLAIN"=>$lang["Unban_IP_explain"],
"L_UNBAN_EMAIL"=>$lang["Unban_email"],
"L_UNBAN_EMAIL_EXPLAIN"=>$lang["Unban_email_explain"],
"L_USERNAME"=>$lang["Username"],
"L_LOOK_UP"=>$lang["Look_up_User"],
"L_FIND_USERNAME"=>$lang["Find_username"],
"U_SEARCH_USER"=>append_sid("search.$phpEx?mode=searchuser&popup=1&menu=1"),
"S_UNBAN_USERLIST_SELECT"=>$select_userlist,
"S_UNBAN_IPLIST_SELECT"=>$select_iplist,
"S_UNBAN_EMAILLIST_SELECT"=>$select_emaillist,
"S_BAN_ACTION"=>append_sid("admin_user_ban.$phpEx"))
);
}
$template->pparse("body");
include("./page_footer_admin.".$phpEx);
?>
/***************************************************************************
*admin_user_ban.php
*-------------------
*begin:Tuesday,Jul31,2001
*copyright:(C)2001ThephpBBGroup
*email:[email]support@phpbb.com[/email]
*
*$Id:admin_user_ban.php,v1.21.2.22002/05/1215:57:45psotfxExp$
*
*
***************************************************************************/
/***************************************************************************
*ThisfileispartofthephpBB2porttoNuke6.0(c)copyright2002
*byTomNitzschner([email]tom@toms-home.com[/email])
*[url]http://bbtonuke.sourceforge.net[/url](or[url]http://www.toms-home.com)[/url]
*
*Asalways,makeabackupbeforemessingwithanything.Allcode
*releasebymeisconsideredsamplecodeonly.Itmaybefully
*functual,butyouuseitatyourownrisk,ifyoubreakit,
*yougettofixittoo.Nowarantyisgivenorimplied.
*
*Pleasepostallquestions/requestaboutthisporton[url]http://bbtonuke.sourceforge.net[/url]first,
*thenonmysite.Alloriginalheadercodeandcopyrightmessageswillbemaintained
*togivecreditwherecreditisdue.Ifyoumodifythis,theonlyrequirementis
*thatyoualsomaintainalloriginalcopyrightmessages.Allmyworkisreleased
*undertheGNUGENERALPUBLICLICENSE.PleaseseetheREADMEformoreinformation.
*
***************************************************************************/
/***************************************************************************
*
*Thisprogramisfreesoftware;youcanredistributeitand/ormodify
*itunderthetermsoftheGNUGeneralPublicLicenseaspublishedby
*theFreeSoftwareFoundation;eitherversion2oftheLicense,or
*(atyouroption)anylaterversion.
*
***************************************************************************/
define("IN_PHPBB",1);
if(!empty($setmodules))
{
$filename=basename(__FILE__);
$module["Users"]["Ban_Management"]=$filename;
return;
}
//
//Loaddefaultheader
//
$phpbb_root_path="./../";
require($phpbb_root_path."extension.inc");
require("./pagestart.".$phpEx);
//
//Startprogram
//
if(isset($HTTP_POST_VARS["submit"]))
{
$user_bansql="";
$email_bansql="";
$ip_bansql="";
$user_list=array();
if(!empty($HTTP_POST_VARS["username"]))
{
$this_userdata=get_userdata($HTTP_POST_VARS["username"]);
if(!$this_userdata)
{
message_die(GENERAL_MESSAGE,$lang["No_user_id_specified"]);
}
$user_list[]=$this_userdata["user_id"];
}
$ip_list=array();
if(isset($HTTP_POST_VARS["ban_ip"]))
{
$ip_list_temp=explode(",",$HTTP_POST_VARS["ban_ip"]);
for($i=0;$i<count($ip_list_temp);$i++)
{
if(preg_match("/^([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})[]*\-[]*([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})$/",trim($ip_list_temp[$i]),$ip_range_explode))
{
//
//Don"taskaboutallthis,justdon"task...!为什么
//
$ip_1_counter=$ip_range_explode[1];
$ip_1_end=$ip_range_explode[5];
while($ip_1_counter<=$ip_1_end)
{
$ip_2_counter=($ip_1_counter==$ip_range_explode[1])?$ip_range_explode[2]:0;
$ip_2_end=($ip_1_counter<$ip_1_end)?254:$ip_range_explode[6];
if($ip_2_counter==0&&$ip_2_end==254)
{
$ip_2_counter=255;
$ip_2_fragment=255;
$ip_list[]=encode_ip("$ip_1_counter.255.255.255");
}
while($ip_2_counter<=$ip_2_end)
{
$ip_3_counter=($ip_2_counter==$ip_range_explode[2]&&$ip_1_counter==$ip_range_explode[1])?$ip_range_explode[3]:0;
$ip_3_end=($ip_2_counter<$ip_2_end
$ip_1_counter<$ip_1_end)?254:$ip_range_explode[7];
if($ip_3_counter==0&&$ip_3_end==254)
{
$ip_3_counter=255;
$ip_3_fragment=255;
$ip_list[]=encode_ip("$ip_1_counter.$ip_2_counter.255.255");
}
while($ip_3_counter<=$ip_3_end)
{
$ip_4_counter=($ip_3_counter==$ip_range_explode[3]&&$ip_2_counter==$ip_range_explode[2]&&$ip_1_counter==$ip_range_explode[1])?$ip_range_explode[4]:0;
$ip_4_end=($ip_3_counter<$ip_3_end
$ip_2_counter<$ip_2_end)?254:$ip_range_explode[8];
if($ip_4_counter==0&&$ip_4_end==254)
{
$ip_4_counter=255;
$ip_4_fragment=255;
$ip_list[]=encode_ip("$ip_1_counter.$ip_2_counter.$ip_3_counter.255");
}
while($ip_4_counter<=$ip_4_end)
{
$ip_list[]=encode_ip("$ip_1_counter.$ip_2_counter.$ip_3_counter.$ip_4_counter");
$ip_4_counter++;
}
$ip_3_counter++;
}
$ip_2_counter++;
}
$ip_1_counter++;
}
}
elseif(preg_match("/^([\w\-_]\.?){2,}$/is",trim($ip_list_temp[$i])))
{
$ip=gethostbynamel(trim($ip_list_temp[$i]));
for($j=0;$j<count($ip);$j++)
{
if(!empty($ip[$j]))
{
$ip_list[]=encode_ip($ip[$j]);
}
}
}
elseif(preg_match("/^([0-9]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})$/",trim($ip_list_temp[$i])))
{
$ip_list[]=encode_ip(str_replace("*","255",trim($ip_list_temp[$i])));
}
}
}
$email_list=array();
if(isset($HTTP_POST_VARS["ban_email"]))
{
$email_list_temp=explode(",",$HTTP_POST_VARS["ban_email"]);
for($i=0;$i<count($email_list_temp);$i++)
{
//
//Thiseregmatchisbasedononeby[email]php@unreelpro.com[/email]
//containedintheannotatedphpmanualatphp.com(ereg
//section)
//
if(eregi("^(([[:alnum:]\*]+([-_.][[:alnum:]\*]+)*\.?)|(\*))@([[:alnum:]]+([-_]?[[:alnum:]]+)*\.){1,3}([[:alnum:]]{2,6})$",trim($email_list_temp[$i])))
{
$email_list[]=trim($email_list_temp[$i]);
}
}
}
$sql="SELECT*
FROM".BANLIST_TABLE;
if(!($result=$db->sql_query($sql)))
{
message_die(GENERAL_ERROR,"Couldn"tobtainbanlistinformation","",__LINE__,__FILE__,$sql);
}
$current_banlist=$db->sql_fetchrowset($result);
$db->sql_freeresult($result);
$kill_session_sql="";
for($i=0;$i<count($user_list);$i++)
{
$in_banlist=false;
for($j=0;$j<count($current_banlist);$j++)
{
if($user_list[$i]==$current_banlist[$j]["ban_userid"])
{
$in_banlist=true;
}
}
if(!$in_banlist)
{
$kill_session_sql.=(($kill_session_sql!="")?"OR":"")."session_user_id=".$user_list[$i];
$sql="INSERTINTO".BANLIST_TABLE."(ban_userid)
VALUES(".$user_list[$i].")";
if(!$db->sql_query($sql))
{
message_die(GENERAL_ERROR,"Couldn"tinsertban_useridinfointodatabase","",__LINE__,__FILE__,$sql);
}
}
}
for($i=0;$i<count($ip_list);$i++)
{
$in_banlist=false;
for($j=0;$j<count($current_banlist);$j++)
{
if($ip_list[$i]==$current_banlist[$j]["ban_ip"])
{
$in_banlist=true;
}
}
if(!$in_banlist)
{
if(preg_match("/(ff\.)|(\.ff)/is",chunk_split($ip_list[$i],2,".")))
{
$kill_ip_sql="session_ipLIKE"".str_replace(".","",preg_replace("/(ff\.)|(\.ff)/is","%",chunk_split($ip_list[$i],2,"."))).""";
}
else
{
$kill_ip_sql="session_ip="".$ip_list[$i].""";
}
$kill_session_sql.=(($kill_session_sql!="")?"OR":"").$kill_ip_sql;
$sql="INSERTINTO".BANLIST_TABLE."(ban_ip)
VALUES("".$ip_list[$i]."")";
if(!$db->sql_query($sql))
{
message_die(GENERAL_ERROR,"Couldn"tinsertban_ipinfointodatabase","",__LINE__,__FILE__,$sql);
}
}
}
//
//Nowwe"lldeleteallentriesfromthesessiontablewithanyofthebanned
//userorIPinfojustenteredintothebantable...thiswillforceasession
//initialisationresultinginaninstantban
//
if($kill_session_sql!="")
{
$sql="DELETEFROM".SESSIONS_TABLE."
WHERE$kill_session_sql";
if(!$db->sql_query($sql))
{
message_die(GENERAL_ERROR,"Couldn"tdeletebannedsessionsfromdatabase","",__LINE__,__FILE__,$sql);
}
}
for($i=0;$i<count($email_list);$i++)
{
$in_banlist=false;
for($j=0;$j<count($current_banlist);$j++)
{
if($email_list[$i]==$current_banlist[$j]["ban_email"])
{
$in_banlist=true;
}
}
if(!$in_banlist)
{
$sql="INSERTINTO".BANLIST_TABLE."(ban_email)
VALUES("".str_replace(""","""",$email_list[$i])."")";
if(!$db->sql_query($sql))
{
message_die(GENERAL_ERROR,"Couldn"tinsertban_emailinfointodatabase","",__LINE__,__FILE__,$sql);
}
}
}
$where_sql="";
if(isset($HTTP_POST_VARS["unban_user"]))
{
$user_list=$HTTP_POST_VARS["unban_user"];
for($i=0;$i<count($user_list);$i++)
{
if($user_list[$i]!=-1)
{
$where_sql.=(($where_sql!="")?",":"").$user_list[$i];
}
}
}
if(isset($HTTP_POST_VARS["unban_ip"]))
{
$ip_list=$HTTP_POST_VARS["unban_ip"];
for($i=0;$i<count($ip_list);$i++)
{
if($ip_list[$i]!=-1)
{
$where_sql.=(($where_sql!="")?",":"").$ip_list[$i];
}
}
}
if(isset($HTTP_POST_VARS["unban_email"]))
{
$email_list=$HTTP_POST_VARS["unban_email"];
for($i=0;$i<count($email_list);$i++)
{
if($email_list[$i]!=-1)
{
$where_sql.=(($where_sql!="")?",":"").$email_list[$i];
}
}
}
if($where_sql!="")
{
$sql="DELETEFROM".BANLIST_TABLE."
WHEREban_idIN($where_sql)";
if(!$db->sql_query($sql))
{
message_die(GENERAL_ERROR,"Couldn"tdeletebaninfofromdatabase","",__LINE__,__FILE__,$sql);
}
}
$message=$lang["Ban_update_sucessful"]."<br/><br/>".sprintf($lang["Click_return_banadmin"],"<ahref="".append_sid("admin_user_ban.$phpEx")."">","</a>")."<br/><br/>".sprintf($lang["Click_return_admin_index"],"<ahref="".append_sid("index.$phpEx?pane=right")."">","</a>");
message_die(GENERAL_MESSAGE,$message);
}
else
{
$template->set_filenames(array(
"body"=>"admin/user_ban_body.tpl")
);
$template->assign_vars(array(
"L_BAN_TITLE"=>$lang["Ban_control"],
"L_BAN_EXPLAIN"=>$lang["Ban_explain"],
"L_BAN_EXPLAIN_WARN"=>$lang["Ban_explain_warn"],
"L_IP_OR_HOSTNAME"=>$lang["IP_hostname"],
"L_EMAIL_ADDRESS"=>$lang["Email_address"],
"L_SUBMIT"=>$lang["Submit"],
"L_RESET"=>$lang["Reset"],
"S_BANLIST_ACTION"=>append_sid("admin_user_ban.$phpEx"))
);
$template->assign_vars(array(
"L_BAN_USER"=>$lang["Ban_username"],
"L_BAN_USER_EXPLAIN"=>$lang["Ban_username_explain"],
"L_BAN_IP"=>$lang["Ban_IP"],
"L_BAN_IP_EXPLAIN"=>$lang["Ban_IP_explain"],
"L_BAN_EMAIL"=>$lang["Ban_email"],
"L_BAN_EMAIL_EXPLAIN"=>$lang["Ban_email_explain"])
);
$userban_count=0;
$ipban_count=0;
$emailban_count=0;
$sql="SELECTb.ban_id,u.user_id,u.username
FROM".BANLIST_TABLE."b,".USERS_TABLE."u
WHEREu.user_id=b.ban_userid
ANDb.ban_userid<>0
ANDu.user_id<>".ANONYMOUS."
ORDERBYu.user_idASC";
if(!($result=$db->sql_query($sql)))
{
message_die(GENERAL_ERROR,"Couldnotselectcurrentuser_idbanlist","",__LINE__,__FILE__,$sql);
}
$user_list=$db->sql_fetchrowset($result);
$db->sql_freeresult($result);
$select_userlist="";
for($i=0;$i<count($user_list);$i++)
{
$select_userlist.="<optionvalue="".$user_list[$i]["ban_id"]."">".$user_list[$i]["username"]."</option>";
$userban_count++;
}
if($select_userlist=="")
{
$select_userlist="<optionvalue="-1">".$lang["No_banned_users"]."</option>";
}
$select_userlist="<selectname="unban_user[]"multiple="multiple"size="5">".$select_userlist."</select>";
$sql="SELECTban_id,ban_ip,ban_email
FROM".BANLIST_TABLE;
if(!($result=$db->sql_query($sql)))
{
message_die(GENERAL_ERROR,"Couldnotselectcurrentipbanlist","",__LINE__,__FILE__,$sql);
}
$banlist=$db->sql_fetchrowset($result);
$db->sql_freeresult($result);
$select_iplist="";
$select_emaillist="";
for($i=0;$i<count($banlist);$i++)
{
$ban_id=$banlist[$i]["ban_id"];
if(!empty($banlist[$i]["ban_ip"]))
{
$ban_ip=str_replace("255","*",decode_ip($banlist[$i]["ban_ip"]));
$select_iplist.="<optionvalue="".$ban_id."">".$ban_ip."</option>";
$ipban_count++;
}
elseif(!empty($banlist[$i]["ban_email"]))
{
$ban_email=$banlist[$i]["ban_email"];
$select_emaillist.="<optionvalue="".$ban_id."">".$ban_email."</option>";
$emailban_count++;
}
}
if($select_iplist=="")
{
$select_iplist="<optionvalue="-1">".$lang["No_banned_ip"]."</option>";
}
if($select_emaillist=="")
{
$select_emaillist="<optionvalue="-1">".$lang["No_banned_email"]."</option>";
}
$select_iplist="<selectname="unban_ip[]"multiple="multiple"size="5">".$select_iplist."</select>";
$select_emaillist="<selectname="unban_email[]"multiple="multiple"size="5">".$select_emaillist."</select>";
$template->assign_vars(array(
"L_UNBAN_USER"=>$lang["Unban_username"],
"L_UNBAN_USER_EXPLAIN"=>$lang["Unban_username_explain"],
"L_UNBAN_IP"=>$lang["Unban_IP"],
"L_UNBAN_IP_EXPLAIN"=>$lang["Unban_IP_explain"],
"L_UNBAN_EMAIL"=>$lang["Unban_email"],
"L_UNBAN_EMAIL_EXPLAIN"=>$lang["Unban_email_explain"],
"L_USERNAME"=>$lang["Username"],
"L_LOOK_UP"=>$lang["Look_up_User"],
"L_FIND_USERNAME"=>$lang["Find_username"],
"U_SEARCH_USER"=>append_sid("search.$phpEx?mode=searchuser&popup=1&menu=1"),
"S_UNBAN_USERLIST_SELECT"=>$select_userlist,
"S_UNBAN_IPLIST_SELECT"=>$select_iplist,
"S_UNBAN_EMAILLIST_SELECT"=>$select_emaillist,
"S_BAN_ACTION"=>append_sid("admin_user_ban.$phpEx"))
);
}
$template->pparse("body");
include("./page_footer_admin.".$phpEx);
?>
相关文章
- 如何防止其它站点扫描IP导致源ip暴露方法
- Java获取本机外网IP的代码详解编程语言
- Linux本机 IP查询:快速轻松搞定(linux本机ip查询)
- Linux:统计IP的奇妙之旅(linux统计ip)
- 访问Linux如何阻止IP访问(linux阻止ip)
- Linux 如何伪造 IP?(linux伪造ip)
- 「Linux」网络设置指南:如何进行「域名绑定 IP」操作(linux域名绑定ip)
- 如何更改Linux IP配置?(linux配置ip)
- 如何查看和修改 Linux 主机名和 IP 地址(linux主机名ip)
- Linux系统如何更改IP设置(linux系统更改ip)
- 禁止IP访问Linux系统:安全保护的关键解决方案(linux禁止ip访问)
- 如何使用 MySQL 查询数据库 IP?(mysql查询数据库ip)
- Linux 如何快速转换 IP 地址?(linux转换ip地址)
- mongodb绑定IP实现服务隔离(mongodb 绑定ip)
- 如何在Linux系统中查看出口IP(linux查看出口ip)
- Linux防火墙下保护:拒绝IP访问(linux 拒绝ip访问)
- Linux无法显示IP的原因和解决办法(linux不显示ip)
- 转发Linux下如何利用IP转发实现网络路由(linux如何编写ip)
- 如何更改redis的连接IP(更改redis的连接ip)
- 如何改变Redis服务器IP以获得更稳定的访问(如何更改redis ip)
- 怎么办如何解决MySQL无法连接IP问题(mysql不能连接到ip)
- 如何用Redis限制客户端IP访问控制(redis限制客户端ip)
- 限制IP登录,全面提升Redis安全性(redis 限制ip登录)
- 使用Redis实现两个IP之间的连接(redis连接两个ip)
- Oracle IP 连接问题症结出在何处(oracle ip连不上)
- 重要Redis如何设置访问IP(redis访问ip设置)