Ban handling improvements - most checking done before DB opened (much faster if user is banned).

Fix some bugs in ban admin pages. Separate handler for IP- and ban-related functions (moves them out of e107_class)
2025-08-05 06:07:32 +02:00 · 2011-12-28 10:01:25 +00:00
parent db9b9c1a57
commit 389705683e
10 changed files with 1891 additions and 239 deletions
--- a/class2.php
+++ b/class2.php
@@ -223,6 +223,9 @@ $e107_paths = compact('ADMIN_DIRECTORY', 'FILES_DIRECTORY', 'IMAGES_DIRECTORY',
 $sql_info = compact('mySQLserver', 'mySQLuser', 'mySQLpassword', 'mySQLdefaultdb', 'mySQLprefix');
 $e107 = e107::getInstance()->initCore($e107_paths, realpath(dirname(__FILE__)), $sql_info, varset($E107_CONFIG, array()));
 e107::getSingleton('eIPHandler');			// This auto-handles bans etc
 ### NEW Register Autoload - do it asap
 if(!function_exists('spl_autoload_register'))
 {
@@ -777,8 +780,8 @@ if (!class_exists('e107table', false))
 $ns = e107::getRender(); //TODO - find & replace $ns, $e107->ns
 // EONE-134 - bad e_module could destroy e107 instance
-$e107 = e107::getInstance();
+$e107 = e107::getInstance();		// Is this needed now?
-$e107->ban();
+e107::getIPHandler()->ban();
 if(varset($pref['force_userupdate']) && USER && !isset($_E107['no_forceuserupdate']))
 {
--- a/e107_admin/banlist.php
+++ b/e107_admin/banlist.php
@@ -2,7 +2,7 @@
 /*
 * e107 website system
 *
- * Copyright (C) 2008-2010 e107 Inc (e107.org)
+ * Copyright (C) 2008-2012 e107 Inc (e107.org)
 * Released under the terms and conditions of the
 * GNU General Public License (http://www.gnu.org/licenses/gpl.txt)
 *
@@ -21,70 +21,105 @@
 *	@version 	$Id$;
 */
-define('BAN_TIME_FORMAT', "%d-%m-%Y %H:%M");
+
-define('BAN_REASON_COUNT', 7); // Update as more ban reasons added (max 10 supported)
+require_once('../class2.php');
 /*
@todo should this be here?
 if(count($_POST) && !varset($_POST['e-token']))
 {
 	die('Access denied - bl');
 }
 */
-define('BAN_TYPE_MANUAL', 1); 			// Manually entered bans
+if (!getperms('4'))
 define('BAN_TYPE_IMPORTED', 5); 		// Imported bans
 define('BAN_TYPE_TEMPORARY', 9); 		// Used during CSV import
 define('BAN_TYPE_WHITELIST', 100); 		// Entry for whitelist
 require_once ('../class2.php');
 if(!getperms('4'))
 {
 	header('location:'.e_BASE.'index.php');
 	exit();
 }
 require_once(e_HANDLER.'iphandler_class.php');		// This is probably already loaded in class2.php
 include_lan(e_LANGUAGEDIR.e_LANGUAGE.'/admin/lan_'.e_PAGE);
 $e_sub_cat = 'banlist';
-require_once ('auth.php');
+require_once('auth.php');
-require_once (e_HANDLER.'form_handler.php');
+require_once(e_HANDLER.'form_handler.php');
 $frm = new e_form(true);
 require_once(e_HANDLER.'message_handler.php');
 $emessage = &eMessage::getInstance();
 $pref = e107::getPref();
 // Set a default to avoid issues with legacy systems
 if (!isset($pref['ban_date_format'])) $pref['ban_date_format'] = '%H:%M %d-%m-%y';
 $ipAdministrator = new banlistManager;
 // Character options for import & export
 $separator_char = array(1 => ',', 2 => '|');
 $quote_char = array(1 => '(none)', 2 => "'", 3 => '"');
 $action = 'list';
-if(e_QUERY)
+if (e_QUERY)
 {
-	$tmp = explode('-', e_QUERY); // Use '-' instead of '.' to avoid confusion with IP addresses
+	$tmp = explode('-', e_QUERY);		// Use '-' instead of '.' to avoid confusion with IP addresses
 	$action = $tmp[0];
 	$sub_action = varset($tmp[1], '');
-	if($sub_action)
+	if ($sub_action) $sub_action = preg_replace('/[^\w*@\.:]*/', '', urldecode($sub_action));
 		$sub_action = preg_replace('/[^\w@\.:]*/', '', urldecode($sub_action));
 	$id = intval(varset($tmp[2], 0));
 	unset($tmp);
 }
 $images_path = e_IMAGE_ABS.'admin_images/';
-
+if (isset($_POST['update_ban_prefs']))		// Update ban messages
 if(isset($_POST['update_ban_prefs']))
 {
-	for($i = 0; $i < BAN_REASON_COUNT; $i ++)
+	$changed = FALSE;
 	foreach ($ipAdministrator->getValidReasonList() as $bt)
 	{
-		$pref['ban_messages'][$i] = $tp->toDB(varset($_POST['ban_text_'.($i+1)], ''));
+		$i = abs($bt) + 1;		// Forces a single-digit positive number for part of field name
-		$pref['ban_durations'][$i] = intval(varset($_POST['ban_time_'.($i+1)], 0));
+		$t1 = $tp->toDB(varset($_POST['ban_text_'.($i)],''));
 		$t2 = intval(varset($_POST['ban_time_'.($i)],0));
 		if ($pref['ban_messages'][$bt] != $t1)
 		{
 			$pref['ban_messages'][$bt] = $t1;
 			$changed = TRUE;
 		}
 		if ($pref['ban_durations'][$bt] != $t2)
 		{
 			$pref['ban_durations'][$bt] = $t2;
 			$changed = TRUE;
 		}
 	}
 	if ($changed)
 	{
 	// @todo write actual prefs changes to log file (different methods for prefs?)
 		save_prefs();
 		/*****************************************
 			Write messages and times to disc file
 		 *****************************************/
 		$ipAdministrator->writeBanMessageFile();
 		banlist_adminlog('08','');
 		//$ns->tablerender(BANLAN_9, "<div style='text-align:center'>".BANLAN_33.'</div>');
 		$emessage->add(BANLAN_33, E_MESSAGE_SUCCESS);
 	}
 	save_prefs();
 	banlist_adminlog('08', "");
 	//$ns->tablerender(BANLAN_9, "<div style='text-align:center'>".BANLAN_33.'</div>');
 	$emessage->add(BANLAN_33, E_MESSAGE_SUCCESS);
 }
-if(isset($_POST['ban_ip']))
+
 $writeBanFile = FALSE;
 if (isset($_POST['ban_ip']))
 {
 	$_POST['ban_ip'] = trim($_POST['ban_ip']);
-	$new_ban_ip = preg_replace('/[^\w@\.\*]*/', '', urldecode($_POST['ban_ip']));
+	$new_ban_ip = preg_replace('/[^\w*@\.:]*/', '', urldecode($_POST['ban_ip']));
-	if($new_ban_ip != $_POST['ban_ip'])
+	if ($new_ban_ip != $_POST['ban_ip'])
 	{
 		$message = BANLAN_27.' '.$new_ban_ip;
 		//$ns->tablerender(BANLAN_9, $message);
@@ -92,100 +127,114 @@ if(isset($_POST['ban_ip']))
 		$_POST['ban_ip'] = $new_ban_ip;
 	}
-	if(isset($_POST['entry_intent']) && (isset($_POST['add_ban']) || isset($_POST['update_ban'])) && $_POST['ban_ip'] != "" && strpos($_POST['ban_ip'], ' ') === false)
+	if (isset($_POST['entry_intent']) && (isset($_POST['add_ban']) || isset($_POST['update_ban'])) && $_POST['ban_ip'] != "" && strpos($_POST['ban_ip'], ' ') === false)
 	{
 		/*	$_POST['entry_intent'] says why we're here:
-		'edit' 	- Editing blacklist
+				'edit' 	- Editing blacklist
-		'add'	- Adding to blacklist
+				'add'	- Adding to blacklist
-		'whedit' - Editing whitelist
+				'whedit' - Editing whitelist
-		'whadd'	- Adding to whitelist
+				'whadd'	- Adding to whitelist
-*/
+		*/
-		if($e107->whatIsThis($new_ban_ip) == 'ip')
+		if(e107::getIPHandler()->whatIsThis($new_ban_ip) == 'ip')
 		{
-			$new_ban_ip = $e107->IPencode($new_ban_ip); // Normalise numeric IP addresses
+			$new_ban_ip = e107::getIPHandler()->IPencode($new_ban_ip, TRUE); // Normalise numeric IP addresses (allow wildcards)
 		}
 		$new_vals = array('banlist_ip' => $new_ban_ip);
-		if(isset($_POST['add_ban']))
+		if (isset($_POST['add_ban']))
 		{
 			$new_vals['banlist_datestamp'] = time();
-			if($_POST['entry_intent'] == 'add')
+			if ($_POST['entry_intent'] == 'add') $new_vals['banlist_bantype'] = eIPHandler::BAN_TYPE_MANUAL;		// Manual ban
-				$new_vals['banlist_bantype'] = BAN_TYPE_MANUAL; // Manual ban
+			if ($_POST['entry_intent'] == 'whadd') $new_vals['banlist_bantype'] = eIPHandler::BAN_TYPE_WHITELIST;
 			if($_POST['entry_intent'] == 'whadd')
 				$new_vals['banlist_bantype'] = BAN_TYPE_WHITELIST;
 		}
 		$new_vals['banlist_admin'] = ADMINID;
-		if(varsettrue($_POST['ban_reason']))
+		$new_vals['banlist_reason'] = $tp->toDB(varset($_POST['ban_reason'], ''));
 			$new_vals['banlist_reason'] = $tp->toDB($_POST['ban_reason']);
 		$new_vals['banlist_notes'] = $tp->toDB($_POST['ban_notes']);
-		if(isset($_POST['ban_time']) && is_numeric($_POST['ban_time']) && ($_POST['entry_intent'] == 'edit' || $_POST['entry_intent'] == 'add'))
+		if (isset($_POST['ban_time']) && is_numeric($_POST['ban_time']) && (($_POST['entry_intent']== 'edit') || ($_POST['entry_intent'] == 'add')))
 		{
 			$bt = intval($_POST['ban_time']);
-			$new_vals['banlist_banexpires'] = $bt ? time() + ($bt * 60 * 60) : 0;
+			$new_vals['banlist_banexpires'] = $bt ? time() + ($bt*60*60) : 0;
 		}
-		if(isset($_POST['add_ban']))
+		if (isset($_POST['add_ban']))
-		{ // Insert new value - can just pass an array
+		{  // Insert new value - can just pass an array
-			admin_update($sql->db_Insert("banlist", $new_vals), 'insert', false, false, false);
+			admin_update($sql->db_Insert('banlist', $new_vals), 'insert');
-			if($_POST['entry_intent'] == 'add')
+			if ($_POST['entry_intent'] == 'add')
 			{
-				banlist_adminlog('01', $new_vals['banlist_ip']);
+				banlist_adminlog('01', $new_vals['banlist_ip']);		// Write to banlist
 			}
 			else
 			{
-				banlist_adminlog('04', $new_vals['banlist_ip']);
+				banlist_adminlog('04', $new_vals['banlist_ip']);		// Write to whitelist
 			}
 		}
 		else
-		{ // Update existing value
+		{  // Update existing value
 			$qry = '';
 			$spacer = '';
-			foreach($new_vals as $k => $v)
+			foreach ($new_vals as $k => $v)
 			{
 				$qry .= $spacer."`{$k}`='$v'";
 				$spacer = ', ';
 			}
-			admin_update($sql->db_Update("banlist", $qry." WHERE banlist_ip='".$_POST['old_ip']."'"), 'update', false, false, false);
+			admin_update($sql->db_Update('banlist', $qry." WHERE banlist_ip='".$_POST['old_ip']."'"));
-			if($_POST['entry_intent'] == 'edit')
+			if ($_POST['entry_intent'] == 'edit')
 			{
-				banlist_adminlog("09", $new_vals['banlist_ip']);
+				banlist_adminlog('09',$new_vals['banlist_ip']);
 			}
 			else
 			{
-				banlist_adminlog("10", $new_vals['banlist_ip']);
+				banlist_adminlog('10',$new_vals['banlist_ip']);
 			}
 		}
 		unset($ban_ip);
 		$writeBanFile = TRUE;
 	}
 }
 // Remove a ban
-if(($action == "remove" || $action == "whremove") && varsettrue($_POST['ban_secure']))
+if (($action == 'remove' || $action == 'whremove') && isset($_POST['ban_secure'])) 
 //if ($action == "remove")
 {
-	$sql->db_Delete("generic", "gen_type='failed_login' AND gen_ip='{$sub_action}'");
+	$sql->db_Delete('generic', "gen_type='failed_login' AND gen_ip='{$sub_action}'");
-	admin_update($sql->db_Delete("banlist", "banlist_ip='{$sub_action}'"), 'delete', false, false, false);
+	admin_update($sql->db_Delete('banlist', "banlist_ip='{$sub_action}'"), 'delete');
-	if($action == "remove")
+	if ($action == "remove")
 	{
 		$action = 'list';
-		banlist_adminlog("02", $sub_action);
+		banlist_adminlog('02', $sub_action);
 	}
 	else
 	{
 		$action = 'white';
-		banlist_adminlog("05", $sub_action);
+		banlist_adminlog('05', $sub_action);
 	}
 	$writeBanFile = TRUE;
 }
 // Update the ban expiry time/date - timed from now (only done on banlist)
-if($action == 'newtime')
+if ($action == 'newtime')
 {
-	$end_time = $id ? time() + ($id * 60 * 60) : 0;
+	$end_time = $id ? time() + ($id*60*60) : 0;
-	admin_update($sql->db_Update("banlist", "banlist_banexpires='".intval($end_time)."' WHERE banlist_ip='".$sub_action."'"), 'update', false, false, false);
+	admin_update($sql->db_Update('banlist', 'banlist_banexpires='.intval($end_time)." WHERE banlist_ip='".$sub_action."'"));
 	banlist_adminlog('03', $sub_action);
 	$action = 'list';
 	$writeBanFile = TRUE;
 }
 if ($writeBanFile)
 {
 /************************************************
 		update list of banned IPs
 *************************************************/
 	$ipAdministrator->writeBanListFiles('ip,htaccess');
 	if (!$ipAdministrator->doesMessageFileExist())
 	{
 		$ipAdministrator->writeBanMessageFile();		// Message file must exist - may not on fresh site
 		banlist_adminlog('08','');
 		$emessage->add(BANLAN_33, E_MESSAGE_SUCCESS);
 	}
 }
@@ -194,7 +243,7 @@ if($action == 'newtime')
 *	@todo - eliminate extract();
 */
 // Edit modes - get existing entry
-if($action == 'edit' || $action == 'whedit')
+if ($action == 'edit' || $action == 'whedit')
 {
 	$sql->db_Select('banlist', '*', "banlist_ip='{$sub_action}'");
 	$row = $sql->db_Fetch();
@@ -203,7 +252,7 @@ if($action == 'edit' || $action == 'whedit')
 else
 {
 	unset($banlist_ip, $banlist_reason);
-	if(e_QUERY && ($action == 'add' || $action == 'whadd') && strpos($_SERVER["HTTP_REFERER"], "userinfo"))
+	if (e_QUERY && ($action == 'add' || $action == 'whadd') && strpos($_SERVER["HTTP_REFERER"], "userinfo"))
 	{
 		$banlist_ip = $sub_action;
 	}
@@ -211,6 +260,9 @@ else
 /**
 *	Create dropdown with options for ban time - uses internal fixed list of reasonable values
 */
 function ban_time_dropdown($click_js = '', $zero_text = BANLAN_21, $curval = -1, $drop_name = 'ban_time')
 {
 	global $frm;
@@ -218,13 +270,13 @@ function ban_time_dropdown($click_js = '', $zero_text = BANLAN_21, $curval = -1,
 	$ret = $frm->select_open($drop_name, array('other' => $click_js, 'id' => false));
 	$ret .= $frm->option('&nbsp;', '');
-	foreach($intervals as $i)
+	foreach ($intervals as $i)
 	{
-		if($i == 0)
+		if ($i == 0)
 		{
 			$words = $zero_text ? $zero_text : BANLAN_21;
 		}
-		elseif(($i % 24) == 0)
+		elseif (($i % 24) == 0)
 		{
 			$words = floor($i / 24).' '.BANLAN_23;
 		}
@@ -240,16 +292,16 @@ function ban_time_dropdown($click_js = '', $zero_text = BANLAN_21, $curval = -1,
 // Character options for import & export
 $separator_char = array(1 => ',', 2 => '|');
 $quote_char = array(1 => '(none)', 2 => "'", 3 => '"');
 /**
 *	Create generic dropdown from array of data
 */
 function select_box($name, $data, $curval = FALSE)
 {
 	global $frm;
 	$ret = $frm->select_open($name, array('class' => 'tbox', 'id' => false));
-	foreach($data as $k => $v)
+	foreach ($data as $k => $v)
 	{
 		$ret .= $frm->option($v, $k, ($curval !== FALSE) && ($curval == $k));
 	}
@@ -258,14 +310,17 @@ function select_box($name, $data, $curval = FALSE)
 }
-// Drop-down box for access counts
+
 /**
 *	Create dropdown with options for access counts before ban - uses internal fixed list of reasonable values
 */
 function drop_box($box_name, $curval)
 {
 	global $frm;
 	$opts = array(50, 100, 150, 200, 250, 300, 400, 500);
 	$ret = $frm->select_open($box_name, array('class' => 'tbox'));
-	foreach($opts as $o)
+	foreach ($opts as $o)
 	{
 		$ret .= $frm->option($o, $o, ($curval == $o));
 	}
@@ -278,25 +333,95 @@ function drop_box($box_name, $curval)
 $text = '';
-switch($action)
+switch ($action)
 {
-	case 'options':
+	case 'banlog' :
-		if(!getperms("0"))
+		if(!getperms('0')) exit;
 		if (isset($_POST['delete_ban_log']))
 		{
 			$message = ($ipAdministrator->deleteLogFile() ? BANLAN_89 : BANLAN_90);
 			e107::getRender()->tablerender(BANLAN_88, "<div style='text-align:center; font-weight:bold'>".$message."</div>");
 		}
 		$from = 0;
 		$amount = 20;		// Number per page - could make configurable later if required
 		if ($sub_action) $from = intval($sub_action);
 // @todo format form the 0.8 way
 		$text = "<div style='text-align:center'>
 		<form method='post' action='".e_SELF."?banlog-".$from."'>
 		<table style='".ADMIN_WIDTH."' class='fborder'>
 		<colgroup>
 			<col style='width:20%; vertical-align:top;' />
 			<col style='width:30%; vertical-align:top;' />
 			<col style='width:30%; vertical-align:top;' />
 			<col style='width:30%; vertical-align:top;' />
 		</colgroup>";
 		// Get entries
 		$banLogEntries = $ipAdministrator->getLogEntries($from, $amount, $num_entry);
 		if (count($banLogEntries) == 0)
 		{
 		  $text .= "<tbody><tr><td colspan='4'>".BANLAN_82."</td></tr>";
 		  $num_entry = 0;
 		}
 		else
 		{
 			$text .= "<thead><tr><td class='fcaption'>".BANLAN_83."</td><td class='fcaption'>".BANLAN_84."</td>
 				<td class='fcaption'>".BANLAN_7."</td><td class='fcaption'>".BANLAN_85."</td></tr></thead><tbody>";
 			foreach ($banLogEntries as $ban)
 			{
 				$row = $ipAdministrator->splitLogEntry($ban);
 				$text .= "
 					<tr>
 					<td class='forumheader3'>".strftime($pref['ban_date_format'], $row['banDate'])."</td>
 					<td class='forumheader3'>".e107::getIPHandler()->ipDecode($row['banIP'])."</td>
 					<td class='forumheader3'>".$ipAdministrator->getBanTypeString($row['banReason'], FALSE)."</td>
 					<td class='forumheader3'>".$row['banNotes']."</td>
 					</tr>";
 			}  // End while
 			// Next-Previous. ==========================
 			if ($num_entry > $amount) 
 			{
 				$parms = "{$num_entry},{$amount},{$from},".e_SELF."?".$action.'-[FROM]';
 				$text .= "<tr><td colspan='5' style='text-align:center'><br />".$tp->parseTemplate("{NEXTPREV={$parms}}".'<br /><br /></td></tr>');
 			}
 			$text .= "<tr><td colspan='4' style='text-align:center'>
 						<input class='button' type='submit' name='delete_ban_log' value='".BANLAN_88."' />
 						<input type='hidden' name='e-token' value='".e_TOKEN."' />
 					</td>
 					  </tr>";
 		}
 		$text .= "</tbody></table></form></div>";
 		if (count($banLogEntries))
 		{
 			$text .= "&nbsp;&nbsp;&nbsp;".str_replace('--NUM--', $num_entry, BANLAN_87);
 		}
 		e107::getRender()->tablerender("<div style='text-align:center'>".BANLAN_86.'</div>', $text);
 		break;
 	case 'options' :
 		if (!getperms('0'))
 			exit();
-		if(isset($_POST['update_ban_options']))
+		if (isset($_POST['update_ban_options']))
 		{
 			$pref['enable_rdns'] = intval($_POST['ban_rdns_on_access']);
 			$pref['enable_rdns_on_ban'] = intval($_POST['ban_rdns_on_ban']);
 			$pref['ban_max_online_access'] = intval($_POST['ban_access_guest']).','.intval($_POST['ban_access_member']);
 			$pref['ban_retrigger'] = intval($_POST['ban_retrigger']);
-			save_prefs();
+			$pref['ban_date_format'] = $tp->toDB($_POST['ban_date_format']);
 			save_prefs();						// @todo FIXME log detail of changes. Right prefs to use?
 			$emessage->add(LAN_SETSAVED, E_MESSAGE_SUCCESS);
 		}
-		if(isset($_POST['remove_expired_bans']))
+		if (isset($_POST['remove_expired_bans']))
 		{
-			//FIXME - proper messages
+			$result = $sql->db_Delete('banlist',"`banlist_bantype` < ".eIPHandler::BAN_TYPE_WHITELIST." AND `banlist_banexpires` > 0 AND `banlist_banexpires` < ".time());
-			admin_update($sql->db_Delete('banlist', "`banlist_bantype` < ".BAN_TYPE_WHITELIST." AND `banlist_banexpires` > 0 AND `banlist_banexpires` < ".time()), 'delete', false, false, false);
+			banlist_adminlog('12', $result);
 			$emessage->add(str_replace('--NUM--', $result, BANLAN_48), E_MESSAGE_SUCCESS);
 		}
 		list($ban_access_guest, $ban_access_member) = explode(',', varset($pref['ban_max_online_access'], '100,200'));
@@ -346,10 +471,19 @@ switch($action)
 									</div>
 								</td>
 							</tr>
 							<tr>
 							  <td class='label'>".BANLAN_91."</td>
 							  <td class='control'>
 							  ".$frm->text('ban_date_format', varset($pref['ban_date_format'], '%H:%M %d-%m-%y'), 40)."
 							  <div class='field-help'>".BANLAN_92."</div>
 							  </td>
 							</tr>
 						</tbody>
 					</table>
 					<div class='buttons-bar center'>
 						".$frm->admin_button('update_ban_options', LAN_UPDATE, 'update')."
 						<input type='hidden' name='e-token' value='".e_TOKEN."' />
 					</div>
 				</fieldset>
 				<fieldset id='core-banlist-options-ban'>
@@ -364,6 +498,7 @@ switch($action)
 								<td class='label'>".BANLAN_75."</td>
 								<td class='control'>
 									".$frm->admin_button('remove_expired_bans', BANLAN_76, 'delete')."
 									<input type='hidden' name='e-token' value='".e_TOKEN."' />
 								</td>
 							</tr>
 						</tbody>
@@ -371,20 +506,26 @@ switch($action)
 				</fieldset>
 			</form>
 		";
-		$e107->ns->tablerender(BANLAN_72, $emessage->render().$text);
+		e107::getRender()->tablerender(BANLAN_72, $emessage->render().$text);
 		break;
-	case 'times':
+	case 'times' :
-		if(!getperms("0"))
+		if (!getperms('0'))
 			exit();
 		$text = '';
-		if((!isset($pref['ban_messages'])) || !is_array($pref['ban_messages']))
+		if ((!isset($pref['ban_messages'])) || !is_array($pref['ban_messages']))
 		{
-			$pref['ban_messages'] = array_fill(0, BAN_REASON_COUNT - 1, '');
+			foreach ($ipAdministrator->getValidReasonList() as $bt)
 			{
 				$pref['ban_messages'][$bt] = '';
 			}
 		}
-		if((!isset($pref['ban_durations'])) || !is_array($pref['ban_durations']))
+		if ((!isset($pref['ban_durations'])) || !is_array($pref['ban_durations']))
 		{
-			$pref['ban_durations'] = array_fill(0, BAN_REASON_COUNT - 1, 0);
+			foreach ($ipAdministrator->getValidReasonList() as $bt)
 			{
 				$pref['ban_durations'][$bt] = 0;
 			}
 		}
 		$text .= "
@@ -406,19 +547,20 @@ switch($action)
 						</thead>
 						<tbody>
 		";
-		for($i = 0; $i < BAN_REASON_COUNT; $i ++)
+		foreach ($ipAdministrator->getValidReasonList() as $bt)
 		{
 			$i = abs($bt) + 1;		// Forces a single-digit positive number
 			$text .= "
-								<tr>
+					<tr>
-									<td>
+						<td>
-										<strong>".constant('BANLAN_10'.$i)."</strong>
+							<strong>".$ipAdministrator->getBanTypeString($bt, FALSE)."</strong>
-										<div class='field-help'>".constant('BANLAN_11'.$i)."</div>
+							<div class='field-help'>".$ipAdministrator->getBanTypeString($bt, TRUE)."</div>
-									</td>
+						</td>
-									<td class='center'>
+						<td class='center'>
-										".$frm->textarea('ban_text_'.($i+1), $pref['ban_messages'][$i], 4, 15)."
+							".$frm->textarea('ban_text_'.($i), $pref['ban_messages'][$bt], 4, 15)."
-									</td>
+						</td>
-									<td class='center'>".ban_time_dropdown('', BANLAN_32, $pref['ban_durations'][$i], 'ban_time_'.($i+1))."</td>
+						<td class='center'>".ban_time_dropdown('', BANLAN_32, $pref['ban_durations'][$bt], 'ban_time_'.($i))."</td>
-								</tr>
+					</tr>
 				";
 		}
 		$text .= "
@@ -426,21 +568,23 @@ switch($action)
 					</table>
 					<div class='buttons-bar center'>
 						".$frm->admin_button('update_ban_prefs', LAN_UPDATE, 'update')."
 						<input type='hidden' name='e-token' value='".e_TOKEN."' />
 					</div>
 				</fieldset>
 			</form>
 			";
-		$e107->ns->tablerender(BANLAN_77, $emessage->render().$text);
+		e107::getRender()->tablerender(BANLAN_77, $emessage->render().$text);
 		break;
-	case 'edit':		// Edit an existing ban
+	case 'edit' :		// Edit an existing ban
-	case 'add':			// Add a new ban
+	case 'add' :		// Add a new ban
-	case 'whedit':		// Edit existing whitelist entry
+	case 'whedit' :		// Edit existing whitelist entry
-	case 'whadd':		// Add a new whitelist entry
+	case 'whadd' :		// Add a new whitelist entry
 		if (!isset($banlist_reason)) $banlist_reason = '';
 		if (!isset($banlist_ip)) $banlist_ip = '';
 		if (!isset($banlist_notes)) $banlist_notes = '';
 		$page_title = array('edit' => BANLAN_60, 'add' => BANLAN_9, 'whedit' => BANLAN_59, 'whadd' => BANLAN_58);
 		$rdns_warn = varsettrue($pref['enable_rdns']) ? '' : '<div class="field-help error">'.BANLAN_12.'</div>';
 		$next = ($action == 'whedit' || $action == 'whadd') ? '?white' : '?list';
@@ -459,18 +603,18 @@ switch($action)
 								<td class='label'>
 									".BANLAN_5.":
 									<div class='label-note'>
-										".BANLAN_13."<a href='".e_ADMIN_ABS."users.php'><img src='".$images_path."users_16.png' alt='' /></a>
+										".BANLAN_13."<a href='".e_ADMIN_ABS."users.php'><img src='".e_IMAGE_ABS.'admin_images/'."users_16.png' alt='' /></a>
 									</div>
 								</td>
 								<td class='control'>
 									<input type='hidden' name='entry_intent' value='{$action}' />
-									".$frm->text('ban_ip', $e107->ipDecode($banlist_ip), 200)."
+									".$frm->text('ban_ip', e107::getIPHandler()->ipDecode($banlist_ip), 200)."
 									{$rdns_warn}
 								</td>
 							</tr>
 		";
-		if(($action == 'add') || ($action == 'whadd') || ($banlist_bantype <= 1) || ($banlist_bantype >= BAN_TYPE_WHITELIST))
+		if (($action == 'add') || ($action == 'whadd') || ($banlist_bantype <= 1) || ($banlist_bantype >= eIPHandler::BAN_TYPE_WHITELIST))
 		{ // Its a manual or unknown entry - only allow edit of reason on those
 			$text .= "
 							<tr>
@@ -481,7 +625,7 @@ switch($action)
 							</tr>
 			";
 		}
-		elseif($action == 'edit')
+		elseif ($action == 'edit')
 		{
 			$text .= "
 							<tr>
@@ -491,12 +635,12 @@ switch($action)
 			";
 		}
-		if($action == 'edit')
+		if ($action == 'edit')
 		{
 			$text .= "
 							<tr>
 								<td class='label'>".BANLAN_28.": </td>
-								<td class='control'>".constant('BANLAN_10'.$banlist_bantype)." - ".constant('BANLAN_11'.$banlist_bantype)."</td>
+								<td class='control'>".$ipAdministrator->getBanTypeString($banlist_bantype, FALSE)." - ".$ipAdministrator->getBanTypeString($banlist_bantype, TRUE)."</td>
 							</tr>
 			";
 		}
@@ -510,9 +654,9 @@ switch($action)
 							</tr>
 		";
-		if($action == 'edit' || $action == 'add')
+		if ($action == 'edit' || $action == 'add')
 		{
-			$inhelp = (($action == 'edit') ? '<div class="field-help">'.BANLAN_26.($banlist_banexpires ? strftime(BAN_TIME_FORMAT, $banlist_banexpires) : BANLAN_21).'</div>' : '');
+			$inhelp = (($action == 'edit') ? '<div class="field-help">'.BANLAN_26.($banlist_banexpires ? strftime($pref['ban_date_format'], $banlist_banexpires) : BANLAN_21).'</div>' : '');
 			$text .= "
 							<tr>
@@ -525,6 +669,7 @@ switch($action)
 		$text .= "
 						</tbody>
 					</table>
 					<input type='hidden' name='e-token' value='".e_TOKEN."' />
 					<div class='buttons-bar center'>
 		";
@@ -532,13 +677,13 @@ switch($action)
 		/* FORM NOTE EXAMPLE - not needed here as this note is added as label-note (see below)
 		$text .= "
 			<div class='form-note'>
-				".BANLAN_13."<a href='".e_ADMIN_ABS."users.php'><img src='".$images_path."users_16.png' alt='' /></a>
+				".BANLAN_13."<a href='".e_ADMIN_ABS."users.php'><img src='".e_IMAGE_ABS.'admin_images/'."users_16.png' alt='' /></a>
 			</div>
 		";
 		*/
-		if($action == 'edit' || $action == 'whedit')
+		if ($action == 'edit' || $action == 'whedit')
 		{
 			$text .= "<input type='hidden' name='old_ip' value='{$banlist_ip}' />
 				".$frm->admin_button('update_ban', LAN_UPDATE, 'update');
@@ -553,17 +698,17 @@ switch($action)
 			</form>
 		";
-		$e107->ns->tablerender($page_title[$action], $emessage->render().$text);
+		e107::getRender()->tablerender($page_title[$action], $emessage->render().$text);
-		break; // End of 'Add' and 'Edit'
+		break;		// End of 'Add' and 'Edit'
-	case 'transfer':
+	case 'transfer' :
 		$message = '';
 		$error = false;
-		if(isset($_POST['ban_import']))
+		if (isset($_POST['ban_import']))
 		{ // Got a file to import
-			require_once (e_HANDLER.'upload_handler.php');
+			require_once(e_HANDLER.'upload_handler.php');
-			if(($files = process_uploaded_files(e_UPLOAD, FALSE, array('overwrite' => TRUE, 'max_file_count' => 1, 'file_mask' => 'csv'))) === FALSE)
+			if (($files = process_uploaded_files(e_UPLOAD, FALSE, array('overwrite' => TRUE, 'max_file_count' => 1, 'file_mask' => 'csv'))) === FALSE)
 			{ // Invalid file
 				$error = true;
 				$message = BANLAN_47;
@@ -577,8 +722,12 @@ switch($action)
 			}
 			if(!$error)
 			{ // Got a file of some sort
-				$message = process_csv(e_UPLOAD.$files[0]['name'], intval(varset($_POST['ban_over_import'], 0)), intval(varset($_POST['ban_over_expiry'], 0)), $separator_char[intval(varset($_POST['ban_separator'], 1))], $quote_char[intval(varset($_POST['ban_quote'], 3))]);
+				$message = process_csv(e_UPLOAD.$files[0]['name'],
-				banlist_adminlog("07", 'File: '.e_UPLOAD.$files[0]['name'].'<br />'.$message);
+										intval(varset($_POST['ban_over_import'], 0)),
 										intval(varset($_POST['ban_over_expiry'], 0)),
 										$separator_char[intval(varset($_POST['ban_separator'], 1))],
 										$quote_char[intval(varset($_POST['ban_quote'], 3))]);
 				banlist_adminlog('07', 'File: '.e_UPLOAD.$files[0]['name'].'<br />'.$message);
 			}
 		}
@@ -601,14 +750,14 @@ switch($action)
 			";
-		for($i = 0; $i < BAN_REASON_COUNT; $i ++)
+		foreach ($ipAdministrator->getValidReasonList() as $i)
 		{
 			$text .= "
-									<tr>
+							<tr>
-									<td colspan='3'>
+							<td colspan='3'>
-										".$frm->checkbox("ban_types[{$i}]", $i).$frm->label(constant('BANLAN_10'.$i), "ban_types[{$i}]", $i)."
+								".$frm->checkbox("ban_types[{$i}]", $i).$frm->label($ipAdministrator->getBanTypeString($i, FALSE), "ban_types[{$i}]", $i)."
-										<span class='field-help'>(".constant('BANLAN_11'.$i).")</span>
+								<span class='field-help'>(".$ipAdministrator->getBanTypeString($i, TRUE).")</span>
-									</td></tr>
+							</td></tr>
 			";
 		}
@@ -621,6 +770,7 @@ switch($action)
 						</tbody>
 					</table>
 					<div class='buttons-bar center'>".$frm->admin_button('ban_export', BANLAN_39, 'export', BANLAN_39)."</div>
 						<input type='hidden' name='e-token' value='".e_TOKEN."' />
 				</fieldset>
 			</form>
 		";
@@ -661,6 +811,7 @@ switch($action)
 					</table>
 								<div class='buttons-bar center'>
 								".$frm->admin_button('ban_import', BANLAN_45, 'import')."
 								<input type='hidden' name='e-token' value='".e_TOKEN."' />
 								</div>
@@ -668,21 +819,23 @@ switch($action)
 			</form>
 		";
-		$e107->ns->tablerender(BANLAN_35, $emessage->render().$text);
+		e107::getRender()->tablerender(BANLAN_35, $emessage->render().$text);
-		break;
+		break;		// End case 'transfer'
-	case 'list':
+	case 'list' :
-	case 'white':
+	case 'white' :
-	default:
+	default :
-		if(($action != 'list') && ($action != 'white'))
+		if (($action != 'list') && ($action != 'white'))
 			$action = 'list';
 		$edit_action = ($action == 'list' ? 'edit' : 'whedit');
 		$del_action = ($action == 'list' ? 'remove' : 'whremove');
 		$col_widths = array('list' => array(10, 5, 35, 30, 10, 10), 'white' => array(15, 40, 35, 10));
-		$col_titles = array('list' => array(BANLAN_17, BANLAN_20, BANLAN_10, BANLAN_19, BANLAN_18, LAN_OPTIONS), 'white' => array(BANLAN_55, BANLAN_56, BANLAN_19, LAN_OPTIONS));
+		$col_titles = array('list' => array(BANLAN_17, BANLAN_20, BANLAN_10, BANLAN_19, BANLAN_18, LAN_OPTIONS),
 							'white' => array(BANLAN_55, BANLAN_56, BANLAN_19, LAN_OPTIONS));
 		$no_values = array('list' => BANLAN_2, 'white' => BANLAN_54);
-		$col_defs = array('list' => array('banlist_datestamp' => 0, 'banlist_bantype' => 0, 'ip_reason' => BANLAN_7, 'banlist_notes' => 0, 'banlist_banexpires' => 0, 'ban_options' => 0), 'white' => array('banlist_datestamp' => 0, 'ip_reason' => BANLAN_57, 'banlist_notes' => 0, 'ban_options' => 0));
+		$col_defs = array('list' => array('banlist_datestamp' => 0, 'banlist_bantype' => 0, 'ip_reason' => BANLAN_7, 'banlist_notes' => 0, 'banlist_banexpires' => 0, 'ban_options' => 0),
 						'white' => array('banlist_datestamp' => 0, 'ip_reason' => BANLAN_57, 'banlist_notes' => 0, 'ban_options' => 0));
 		$text = "
 			<form method='post' action='".e_SELF.'?'.$action."' id='core-banlist-form'>
@@ -691,7 +844,8 @@ switch($action)
 					".$frm->hidden("ban_secure", "1")."
 		";
-		$filter = ($action == 'white') ? 'banlist_bantype='.BAN_TYPE_WHITELIST : 'banlist_bantype!='.BAN_TYPE_WHITELIST;
+		$filter = ($action == 'white') ? 'banlist_bantype='.eIPHandler::BAN_TYPE_WHITELIST : 'banlist_bantype!='.eIPHandler::BAN_TYPE_WHITELIST;
 		if(!$ban_total = $sql->db_Select("banlist", "*", $filter." ORDER BY banlist_ip"))
 		{
@@ -725,8 +879,8 @@ switch($action)
 						<tbody>";
 			while($row = $sql->db_Fetch())
 			{
-				extract($row);//FIXME - kill extract()
+				//extract($row);//FIXME - kill extract()
-				$banlist_reason = str_replace("LAN_LOGIN_18", BANLAN_11, $banlist_reason);
+				$row['banlist_reason'] = str_replace('LAN_LOGIN_18', BANLAN_11, $row['banlist_reason']);
 				$text .= "<tr>";
 				foreach($col_defs[$action] as $cd => $fv)
 				{
@@ -734,22 +888,22 @@ switch($action)
 					switch($cd)
 					{
 						case 'banlist_datestamp':
-							$val = ($banlist_datestamp ? strftime(BAN_TIME_FORMAT, $banlist_datestamp) : BANLAN_22);
+							$val = ($row['banlist_datestamp'] ? strftime($pref['ban_date_format'], $row['banlist_datestamp']) : BANLAN_22);
 							break;
 						case 'banlist_bantype':
-							$val = "<div class='nowrap' title='".constant('BANLAN_11'.$banlist_bantype)."'>".constant('BANLAN_10'.$banlist_bantype)." <a href='#' title='".constant('BANLAN_11'.$banlist_bantype)."' onclick='return false;'><img class='action info S16' src='".e_IMAGE_ABS."admin_images/info_16.png' alt='' /></a></div>";
+							$val = "<div class='nowrap' title='".$ipAdministrator->getBanTypeString($row['banlist_bantype'], TRUE)."'>".$ipAdministrator->getBanTypeString($row['banlist_bantype'], FALSE)." <a href='#' title='".$ipAdministrator->getBanTypeString($row['banlist_bantype'], TRUE)."' onclick='return false;'><img class='action info S16' src='".e_IMAGE_ABS."admin_images/info_16.png' alt='' /></a></div>";
 							break;
 						case 'ip_reason':
-							$val = $e107->ipDecode($banlist_ip)."<br />".$fv.": ".$banlist_reason;
+							$val = e107::getIPHandler()->ipDecode($row['banlist_ip'])."<br />".$fv.": ".$row['banlist_reason'];
 							break;
 						case 'banlist_banexpires':
-							$val = ($banlist_banexpires ? strftime(BAN_TIME_FORMAT, $banlist_banexpires).(($banlist_banexpires < time()) ? ' ('.BANLAN_34.')' : '') : BANLAN_21)."<br />".ban_time_dropdown("onchange=\"e107Helper.urlJump('".e_SELF."?newtime-{$banlist_ip}-'+this.value)\"");
+							$val = ($row['banlist_banexpires'] ? strftime($pref['ban_date_format'], $row['banlist_banexpires']).(($row['banlist_banexpires'] < time()) ? ' ('.BANLAN_34.')' : '') : BANLAN_21)."<br />".ban_time_dropdown("onchange=\"e107Helper.urlJump('".e_SELF."?newtime-{$row['banlist_ip']}-'+this.value)\"");
 							break;
 						case 'ban_options':
 							$row_class = ' class="center"';
 							$val = "
-							<a class='action edit' href='".e_SELF."?{$edit_action}-{$banlist_ip}'>".ADMIN_EDIT_ICON."</a>
+							<a class='action edit' href='".e_SELF."?{$edit_action}-{$row['banlist_ip']}'>".ADMIN_EDIT_ICON."</a>
-<input class='action delete no-confirm' name='delete_ban_entry' value='".e_SELF."?{$del_action}-{$banlist_ip}' type='image' src='".ADMIN_DELETE_ICON_PATH."' alt='".LAN_DELETE."' title='".$tp->toJS(LAN_CONFIRMDEL." [".$e107->ipDecode($banlist_ip)."]")."' />";
+<input class='action delete no-confirm' name='delete_ban_entry' value='".e_SELF."?{$del_action}-{$row['banlist_ip']}' type='image' src='".ADMIN_DELETE_ICON_PATH."' alt='".LAN_DELETE."' title='".$tp->toJS(LAN_CONFIRMDEL." [".e107::getIPHandler()->ipDecode($row['banlist_ip'])."]")."' />";
 							break;
 						case 'banlist_notes':
 						default:
@@ -784,9 +938,9 @@ switch($action)
 			</form>
 		";
-		$e107->ns->tablerender(($action == 'list' ? BANLAN_3 : BANLAN_61), $emessage->render().$text);
+		e107::getRender()->tablerender(($action == 'list' ? BANLAN_3 : BANLAN_61), $emessage->render().$text);
-	// End of case 'list' and the default case
+		// End of case 'list' and the default case
-} // End switch ($action)
+}		// End switch ($action)
 require_once(e_ADMIN.'footer.php');
@@ -799,19 +953,19 @@ function banlist_adminmenu()
 {
 	$action = (e_QUERY) ? e_QUERY : 'list';
-	$var['list']['text'] = BANLAN_14; // List existing bans
+	$var['list']['text'] = BANLAN_14;		// List existing bans
 	$var['list']['link'] = e_SELF.'?list';
 	$var['list']['perm'] = '4';
-	$var['add']['text'] = BANLAN_25; // Add a new ban
+	$var['add']['text'] = BANLAN_25;		// Add a new ban
 	$var['add']['link'] = e_SELF.'?add';
 	$var['add']['perm'] = '4';
-	$var['white']['text'] = BANLAN_52; // List existing whitelist entries
+	$var['white']['text'] = BANLAN_52;		// List existing whitelist entries
 	$var['white']['link'] = e_SELF.'?white';
 	$var['white']['perm'] = '4';
-	$var['whadd']['text'] = BANLAN_53; // Add a new whitelist entry
+	$var['whadd']['text'] = BANLAN_53;		// Add a new whitelist entry
 	$var['whadd']['link'] = e_SELF.'?whadd';
 	$var['whadd']['perm'] = '4';
@@ -819,7 +973,7 @@ function banlist_adminmenu()
 	$var['transfer']['link'] = e_SELF.'?transfer';
 	$var['transfer']['perm'] = '4';
-	if(getperms('0'))
+	if (getperms('0'))
 	{
 		$var['times']['text'] = BANLAN_15;
 		$var['times']['link'] = e_SELF.'?times';
@@ -828,6 +982,10 @@ function banlist_adminmenu()
 		$var['options']['text'] = LAN_OPTIONS;
 		$var['options']['link'] = e_SELF.'?options';
 		$var['options']['perm'] = '0';
 		$var['banlog']['text'] = BANLAN_81;
 		$var['banlog']['link'] = e_SELF.'?banlog';
 		$var['banlog']['perm'] = '0';
 	}
 	e_admin_menu(BANLAN_16, $action, $var);
 }
@@ -837,7 +995,7 @@ function banlist_adminmenu()
 // Parse the date string used by the import/export - YYYYMMDD_HHMMSS
 function parse_date($instr)
 {
-	if(strlen($instr) != 15)
+	if (strlen($instr) != 15)
 		return 0;
 	return mktime(substr($instr, 9, 2), substr($instr, 11, 2), substr($instr, 13, 2), substr($instr, 4, 2), substr($instr, 6, 2), substr($instr, 0, 4));
 }
@@ -848,30 +1006,33 @@ function parse_date($instr)
 // Return a message
 function process_csv($filename, $override_imports, $override_expiry, $separator = ',', $quote = '"')
 {
-	global $sql, $pref, $e107, $emessage;
+	$sql = e107::getDb();
 	$pref['ban_durations'] = e107::getPref('ban_durations');		// @todo - check this
 	$emessage = &eMessage::getInstance();
 	//  echo "Read CSV: {$filename} separator: {$separator}, quote: {$quote}  override imports: {$override_imports}  override expiry: {$override_expiry}<br />";
 	// Renumber imported bans
-	if($override_imports)
+	if ($override_imports)
-		$sql->db_Update('banlist', "`banlist_bantype`=".BAN_TYPE_TEMPORARY." WHERE `banlist_bantype` = ".BAN_TYPE_IMPORTED);
+		$sql->db_Update('banlist', "`banlist_bantype`=".eIPHandler::BAN_TYPE_TEMPORARY." WHERE `banlist_bantype` = ".eIPHandler::BAN_TYPE_IMPORTED);
 	$temp = file($filename);
 	$line_num = 0;
-	foreach($temp as $line)
+	foreach ($temp as $line)
 	{ // Process one entry
 		$line = trim($line);
-		$line_num ++;
+		$line_num++;
-		if($line)
+		if ($line)
 		{
 			$fields = explode($separator, $line);
 			$field_num = 0;
-			$field_list = array('banlist_bantype' => BAN_TYPE_IMPORTED);
+			$field_list = array('banlist_bantype' => eIPHandler::BAN_TYPE_IMPORTED);
-			foreach($fields as $f)
+			foreach ($fields as $f)
 			{
 				$f = trim($f);
-				if(substr($f, 0, 1) == $quote)
+				if (substr($f, 0, 1) == $quote)
 				{
-					if(substr($f, - 1, 1) == $quote)
+					if (substr($f, -1, 1) == $quote)
 					{ // Strip quotes
-						$f = substr($f, 1, - 1); // Strip off the quotes
+						$f = substr($f, 1, -1);		// Strip off the quotes
 					}
 					else
 					{
@@ -880,39 +1041,39 @@ function process_csv($filename, $override_imports, $override_expiry, $separator
 					}
 				}
 				// Now handle the field
-				$field_num ++;
+				$field_num++;
-				switch($field_num)
+				switch ($field_num)
 				{
-					case 1: // IP address
+					case 1 :	// IP address
-						$field_list['banlist_ip'] = $e107->ipEncode($f);
+						$field_list['banlist_ip'] = e107::getIPHandler()->ipEncode($f);
 						break;
-					case 2: // Original date of ban
+					case 2 :	// Original date of ban
 						$field_list['banlist_datestamp'] = parse_date($f);
 						break;
-					case 3: // Expiry of ban - depends on $override_expiry
+					case 3 :	// Expiry of ban - depends on $override_expiry
-						if($override_expiry)
+						if ($override_expiry)
 						{
 							$field_list['banlist_banexpires'] = parse_date($f);
 						}
 						else
 						{ // Use default ban time from now
-							$field_list['banlist_banexpires'] = $pref['ban_durations'][BAN_TYPE_IMPORTED] ? time() + (60 * 60 * $pref['ban_durations'][BAN_TYPE_IMPORTED]) : 0;
+							$field_list['banlist_banexpires'] = $pref['ban_durations'][eIPHandler::BAN_TYPE_IMPORTED] ? time() + (60*60*$pref['ban_durations'][eIPHandler::BAN_TYPE_IMPORTED]) : 0;
 						}
 						break;
-					case 4: // Original ban type - we always ignore this and force to 'imported'
+					case 4 :	// Original ban type - we always ignore this and force to 'imported'
 						break;
-					case 5: // Ban reason originally generated by E107
+					case 5 :	// Ban reason originally generated by E107
 						$field_list['banlist_reason'] = $f;
 						break;
-					case 6: // Any user notes added
+					case 6 :	// Any user notes added
 						$field_list['banlist_notes'] = $f;
 						break;
-					default: // Just ignore any others
+					default :	// Just ignore any others
 				}
 			}
 			$qry = "REPLACE INTO `#banlist` (".implode(',', array_keys($field_list)).") values ('".implode("', '", $field_list)."')";
 			//	  echo count($field_list)." elements, query: ".$qry."<br />";
-			if(!$sql->db_Select_gen($qry))
+			if (!$sql->db_Select_gen($qry))
 			{
 				$emessage->add(BANLAN_50.$line_num, E_MESSAGE_ERROR);
 				return BANLAN_50.$line_num;
@@ -920,9 +1081,9 @@ function process_csv($filename, $override_imports, $override_expiry, $separator
 		}
 	}
 	// Success here - may need to delete old imported bans
-	if($override_imports)
+	if ($override_imports)
-		$sql->db_Delete('banlist', "`banlist_bantype` = ".BAN_TYPE_TEMPORARY);
+		$sql->db_Delete('banlist', "`banlist_bantype` = ".eIPHandler::BAN_TYPE_TEMPORARY);
-	@unlink($filename); // Delete file once done
+	@unlink($filename);		// Delete file once done
 	$emessage->add(str_replace('--NUM--', $line_num, BANLAN_51).$filename, E_MESSAGE_SUCCESS);
 	return str_replace('--NUM--', $line_num, BANLAN_51).$filename;
 }
@@ -939,7 +1100,6 @@ function process_csv($filename, $override_imports, $override_expiry, $separator
 */
 function banlist_adminlog($msg_num = '00', $woffle = '')
 {
 	//  if (!varset($pref['admin_log_log']['admin_banlist'],0)) return;
 	e107::getAdminLog()->log_event('BANLIST_'.$msg_num, $woffle, E_LOG_INFORMATIVE, '');
 }
--- a/e107_admin/sql/core_sql.php
+++ b/e107_admin/sql/core_sql.php
@@ -73,7 +73,7 @@ CREATE TABLE audit_log (
 CREATE TABLE banlist (
  banlist_ip varchar(100) NOT NULL default '',
-  banlist_bantype tinyint(3) unsigned NOT NULL default '0',
+  banlist_bantype tinyint(3) signed NOT NULL default '0',
  banlist_datestamp int(10) unsigned NOT NULL default '0',
  banlist_banexpires int(10) unsigned NOT NULL default '0',
  banlist_admin smallint(5) unsigned NOT NULL default '0',
--- a/e107_core/xml/default_install.xml
+++ b/e107_core/xml/default_install.xml
@@ -17,6 +17,7 @@
 		<core name="auth_method"></core>
 		<core name="autoban">1</core>
 		<core name="autologinpostsignup">1</core>
 		<core name="ban_date_format">%H:%M %d-%m-%y</core>
 		<core name="ban_max_online_access">100,200</core>
 		<core name="ban_retrigger">0</core>
 		<core name="cachestatus"></core>
--- a/e107_handlers/e107_class.php
+++ b/e107_handlers/e107_class.php
@@ -200,6 +200,7 @@ class e107
 		'user_class'					 => '{e_HANDLER}userclass_class.php',
 		'userlogin'					 	 => '{e_HANDLER}login.php',
 		'xmlClass'						 => '{e_HANDLER}xml_class.php',
 		'eIPHandler'					 => '{e_HANDLER}iphandler_class.php',
 	);
@@ -224,7 +225,7 @@ class e107
 	 * Constructor
 	 *
 	 * Use {@link getInstance()}, direct instantiating
-	 * is not possible for signleton objects
+	 * is not possible for singleton objects
 	 *
 	 * @return void
 	 */
@@ -668,7 +669,6 @@ class e107
 		//singleton object found - overload not possible
 		if(self::getRegistry($id))
 		{
 			return self::getRegistry($id);
 		}
@@ -914,7 +914,7 @@ class e107
 	 */
 	public static function getParser()
 	{
-		return self::getSingleton('e_parse', e_HANDLER.'e_parse_class.php'); //WARNING - don't change this - inifinite loop!!!
+		return self::getSingleton('e_parse', e_HANDLER.'e_parse_class.php'); //WARNING - don't change this - infinite loop!!!
 	}
 	/**
@@ -1155,6 +1155,16 @@ class e107
 		return self::getSingleton('language', true);
 	}
 	/**
 	 * Retrieve IP/ban handler singleton object
 	 *
 	 * @return language
 	 */
 	public static function getIPHandler()
 	{
 		return self::getSingleton('eIPHandler', true);
 	}
 	/**
 	 * Retrieve Xml handler singleton or new instance object
 	 * @param mixed $singleton false - new instance, true - singleton from default registry location, 'string' - registry path
@@ -2558,6 +2568,7 @@ class e107
 	 * FIXME - create eBanHelper, move it there
 	 * @return void
 	 */
 	 /* No longer required - moved to eIPHelper class
 	public function ban()
 	{
 		$sql = e107::getDb();
@@ -2603,7 +2614,7 @@ class e107
 				$this->check_ban($match);
 			}
 		}
-	}
+	} */
 	/**
 	 * Check the banlist table. $query is used to determine the match.
@@ -2618,6 +2629,7 @@ class e107
 	 * @param boolean $do_return
 	 * @return boolean
 	 */
 	 /* No longer required - moved to eIPHelper class
 	public function check_ban($query, $show_error = TRUE, $do_return = FALSE)
 	{
 		$sql = e107::getDb();
@@ -2665,7 +2677,7 @@ class e107
 		}
 		//$admin_log->e_log_event(4,__FILE__."|".__FUNCTION__."@".__LINE__,"DBG","No ban found",$query,FALSE,LOG_TO_ROLLING);
 		return TRUE; // Email address OK
-	}
+	} */
 	/**
@@ -2684,6 +2696,9 @@ class e107
 	 */
 	public function add_ban($bantype, $ban_message = '', $ban_ip = '', $ban_user = 0, $ban_notes = '')
 	{
 		return e107::getIPHandler()->add_ban($bantype, $ban_message, $ban_ip, $ban_user, $ban_notes);
 		/*
 		global $sql, $pref, $e107, $admin_log;
 		$sql = e107::getDb();
 		$pref = e107::getPref();
@@ -2697,7 +2712,9 @@ class e107
 		{
 			$ban_ip = $this->getip();
 		}
-		$ban_ip = preg_replace('/[^\w@\.]*/', '', urldecode($ban_ip)); // Make sure no special characters
+		*/
 		//$ban_ip = preg_replace('/[^\w@\.]*/', '', urldecode($ban_ip)); // Make sure no special characters
 		/*
 		if(!$ban_ip)
 		{
 			return FALSE;
@@ -2714,17 +2731,19 @@ class e107
 		}
 		// Add using an array - handles DB changes better
 		$sql->db_Insert('banlist', array('banlist_ip' => $ban_ip , 'banlist_bantype' => $bantype , 'banlist_datestamp' => time() , 'banlist_banexpires' => (varsettrue($pref['ban_durations'][$bantype]) ? time()+($pref['ban_durations'][$bantype]*60*60) : 0) , 'banlist_admin' => $ban_user , 'banlist_reason' => $ban_message , 'banlist_notes' => $ban_notes));
-		return TRUE;
+		return TRUE;  */
 	}
 	/**
 	 * Get the current user's IP address
 	 * returns the address in internal 'normalised' IPV6 format - so most code should continue to work provided the DB Field is big enougn
-	 * FIXME - move to eHelper
+	 * FIXME - call ipHandler directly
 	 * @return string
 	 */
 	public function getip()
 	{
 		return e107::getIPHandler()->getIP(FALSE);
 		/*
 		if(!$this->_ip_cache)
 		{
 			$ip=$_SERVER['REMOTE_ADDR'];
@@ -2750,16 +2769,18 @@ class e107
 			$this->_ip_cache = $this->ipEncode($ip); // Normalise for storage
 		}
 		return $this->_ip_cache;
 		*/
 	}
 	/**
 	 * Encode an IP address to internal representation. Returns string if successful; FALSE on error
 	 * Default separates fields with ':'; set $div='' to produce a 32-char packed hex string
-	 * FIXME - move to eHelper
+	 * FIXME - moved to ipHandler - check for calls elsewhere
 	 * @param string $ip
 	 * @param string $div divider
 	 * @return string encoded IP
 	 */
 	 /*
 	public function ipEncode($ip, $div = ':')
 	{
 		$ret = '';
@@ -2802,20 +2823,23 @@ class e107
 			return str_repeat('0000'.$div, 5).'ffff'.$div.$temp;
 		}
 		return FALSE; // Unknown
-	}
+	} */
 	/**
 	 * Takes an encoded IP address - returns a displayable one
 	 * Set $IP4Legacy TRUE to display 'old' (IPv4) addresses in the familiar dotted format,
 	 * FALSE to display in standard IPV6 format
 	 * Should handle most things that can be thrown at it.
-	 * FIXME - move to eHelper
+	 * FIXME - moved to ipHandler - check for calls elsewhere
 	 * @param string $ip encoded IP
 	 * @param boolean $IP4Legacy
 	 * @return string decoded IP
 	 */
-	public function ipDecode($ip, $IP4Legacy = TRUE)
+
 	public function ipdecode($ip, $IP4Legacy = TRUE)
 	{
 		return e107::getIPHandler()->ipDecode($ip, $IP4Legacy);
 		/*
 		if (strstr($ip,'.'))
 		{
 			if ($IP4Legacy) return $ip;			// Assume its unencoded IPV4
@@ -2872,17 +2896,21 @@ class e107
 			$ret = implode('.',$z);
 		}
-		return $ret;
+		return $ret; */
 	}
 	/**
 	 * Given a string which may be IP address, email address etc, tries to work out what it is
-	 * FIXME - move to eHelper
+	 * Movet to eIPHandler class
 	 * FIXME - moved to ipHandler - check for calls elsewhere
 	 * @param string $string
 	 * @return string ip|email|url|ftp|unknown
 	 */
 	 /*
 	public function whatIsThis($string)
 	{
 		//return e107::getIPHandler()->whatIsThis($string);
 		if (strstr($string,'@')) return 'email';		// Email address
 		if (strstr($string,'http://')) return 'url';
 		if (strstr($string,'ftp://')) return 'ftp';
@@ -2892,14 +2920,16 @@ class e107
 			return 'ip';
 		}
 		return 'unknown';
-	}
+	} */
 	/**
 	 * Retrieve & cache host name
 	 *
 	 * @param string $ip_address
 	 * @return string host name
 	 * FIXME - moved to ipHandler - check for calls elsewhere
 	 */
 	 /*
 	public function get_host_name($ip_address)
 	{
 		if(!$this->_host_name_cache[$ip_address])
@@ -2907,7 +2937,7 @@ class e107
 			$this->_host_name_cache[$ip_address] = gethostbyaddr($ip_address);
 		}
 		return $this->_host_name_cache[$ip_address];
-	}
+	} */
 	/**
 	 * MOVED TO eHelper::parseMemorySize()
@@ -3181,6 +3211,10 @@ class e107
 				$ret = e107::getOnline();
 			break;
 			case 'eIPHandler':
 				$ret = e107::getIPHandler();
 				break;
 			case 'user_class':
 				$ret = e107::getUserClass();
 			break;
--- a/e107_handlers/iphandler_class.php
+++ b/e107_handlers/iphandler_class.php
--- a/e107_handlers/login.php
+++ b/e107_handlers/login.php
@@ -54,7 +54,7 @@ class userlogin
 	public function __construct()
 	{
 		$this->e107 = e107::getInstance();
-		$this->userIP = $this->e107->getip();
+		$this->userIP = e107::getIPHandler()->getIP();
 		$this->userMethods = e107::getUserSession();
 	}
@@ -92,7 +92,8 @@ class userlogin
 		}
 //	    $this->e107->admin_log->e_log_event(4,__FILE__."|".__FUNCTION__."@".__LINE__,"DBG","User login",'IP: '.$fip,FALSE,LOG_TO_ROLLING);
-		$this->e107->check_ban("banlist_ip='{$this->userIP}' ",FALSE);			// This will exit if a ban is in force
+//		$this->e107->check_ban("banlist_ip='{$this->userIP}' ",FALSE);			// This will exit if a ban is in force
 		e107::getIPHandler()->checkBan("banlist_ip='{$this->userIP}' ",FALSE);			// This will exit if a ban is in force
 		$forceLogin = ($autologin == 'signup');
 		$autologin = intval($autologin);		// Will decode to zero if forced login
@@ -227,7 +228,7 @@ class userlogin
 		/* restrict more than one person logging in using same us/pw */
 		if($pref['disallowMultiLogin'])
 		{
-			if($this->e107->sql -> db_Select("online", "online_ip", "online_user_id='".$user_id.".".$user_name."'"))
+			if($this->e107->sql->db_Select("online", "online_ip", "online_user_id='".$user_id.".".$user_name."'"))
 			{
 				return $this->invalidLogin($username,LOGIN_MULTIPLE,$user_id);
 			}
@@ -342,7 +343,7 @@ class userlogin
 		}
 		// User is in DB here
-		$this->userData = $this->e107->sql -> db_Fetch(MYSQL_ASSOC);		// Get user info
+		$this->userData = $this->e107->sql->db_Fetch(MYSQL_ASSOC);		// Get user info
 		$this->userData['user_perms'] = trim($this->userData['user_perms']);
 		$this->lookEmail = $this->lookEmail && ($username == $this->userData['user_email']);		// Know whether login name or email address used now
@@ -510,11 +511,11 @@ class userlogin
 		{		// See if ban required (formerly the checkibr() function)
 			if($pref['autoban'] == 1 || $pref['autoban'] == 3)
 			{ // Flood + Login or Login Only.
-				$fails = $this->e107->sql -> db_Count("generic", "(*)", "WHERE gen_ip='{$this->userIP}' AND gen_type='failed_login' ");
+				$fails = $this->e107->sql->db_Count("generic", "(*)", "WHERE gen_ip='{$this->userIP}' AND gen_type='failed_login' ");
 				if($fails > 10)
 				{
 					$this->e107->add_ban(4,LAN_LOGIN_18,$this->userIP,1);
-					$this->e107->sql -> db_Insert("generic", "0, 'auto_banned', '".time()."', 0, '{$this->userIP}', '{$extra_text}', '".LAN_LOGIN_20.": ".$this->e107->tp -> toDB($username).", ".LAN_LOGIN_17.": ".md5($ouserpass)."' ");
+					$this->e107->sql->db_Insert("generic", "0, 'auto_banned', '".time()."', 0, '{$this->userIP}', '{$extra_text}', '".LAN_LOGIN_20.": ".$this->e107->tp -> toDB($username).", ".LAN_LOGIN_17.": ".md5($ouserpass)."' ");
 				}
 			}
 		}
--- a/e107_languages/English/admin/lan_banlist.php
+++ b/e107_languages/English/admin/lan_banlist.php
@@ -10,17 +10,17 @@
 +----------------------------------------------------------------------------+
 */
 // define("BANLAN_1", "Ban removed.");
-define("BANLAN_2", 'No bans in list.');
+define('BANLAN_2', 'No bans in list.');
-define("BANLAN_3", "Existing Bans");
+define('BANLAN_3', 'Existing Bans');
 // define("BANLAN_4", "Remove ban");
-define("BANLAN_5", "Enter IP, email address, or host");
+define('BANLAN_5', 'Enter IP, email address, or host');
-define("BANLAN_7", "Reason");
+define('BANLAN_7', 'Reason');
-define("BANLAN_8", "Ban Address");
+define('BANLAN_8', 'Ban Address');
-define("BANLAN_9", "Ban users from site by email, IP or host address");
+define('BANLAN_9', 'Ban users from site by email, IP or host address');
-define("BANLAN_10", "IP / Email / Reason");
+define('BANLAN_10', 'IP / Email / Reason');
-define("BANLAN_11", "Auto-ban: More than 10 failed login attempts");
+define('BANLAN_11', 'Auto-ban: More than 10 failed login attempts');
-define("BANLAN_12", "Note: Reverse DNS is currently disabled; it must be enabled to allow banning by host.  Banning by IP and email address will still function normally.");
+define('BANLAN_12', 'Note: Reverse DNS is currently disabled; it must be enabled to allow banning by host.  Banning by IP and email address will still function normally.');
-define("BANLAN_13", "Note: To ban a user by user name, go to the users admin page: ");
+define('BANLAN_13', 'Note: To ban a user by user name, go to the users admin page: ');
 define('BANLAN_14','Ban List');
 define('BANLAN_15','Messages/Ban Periods');
 define('BANLAN_16','Banning');
@@ -36,7 +36,7 @@ define('BANLAN_25','Add to Banlist');
 define('BANLAN_26','Currently ');
 define('BANLAN_27','Invalid characters in IP address stripped - now:');
 define('BANLAN_28','Ban type');
-define('BANLAN_29','Message to show');
+define('BANLAN_29','Message to show to banned user');
 define('BANLAN_30','Ban duration');
 define('BANLAN_31','(Use an empty message if you wish the user to get a blank screen)');
 define('BANLAN_32','Indefinite');
@@ -55,7 +55,7 @@ define('BANLAN_44','Use expiry date/time from import');
 define('BANLAN_45','Import');
 define('BANLAN_46','Import File:');
 define('BANLAN_47','File upload error');
-//define('BANLAN_48','Error importing file');
+define('BANLAN_48','Deleted --NUM-- expired ban list entries');
 define('BANLAN_49','CSV import: Unbalanced quotes in line ');
 define('BANLAN_50','CSV import: Error writing banlist record at line ');
 define('BANLAN_51','CSV import: Success, --NUM-- lines imported from file ');
@@ -88,6 +88,19 @@ define('BANLAN_77','Messages/Ban Periods');
 // define('BANLAN_78','Hit count exceeded (--HITS-- requests within allotted time)');
 define('BANLAN_79','CSV Export format:');
 define('BANLAN_80','CSV Import format:');
 define('BANLAN_81','Ban Action Log');
 define('BANLAN_82', 'No entries in Ban Action Log');
 define('BANLAN_83', 'Date/Time');
 define('BANLAN_84', 'IP Address');
 define('BANLAN_85', 'Additional information');
 define('BANLAN_86', 'Ban-related events');
 define('BANLAN_87', 'Total --NUM-- entries in list');
 define('BANLAN_88', 'Empty Ban Action Log');
 define('BANLAN_89', 'Log File Deleted');
 define('BANLAN_90', 'Error deleting log file');
 define('BANLAN_91', 'Date/time format for ban log');
 define('BANLAN_92', 'See the strftime function page at php.net');
 define('BANLAN_93', '');
 // Ban types - block reserved 100-109
 define('BANLAN_100', 'Unknown');
@@ -113,6 +126,6 @@ define('BANLAN_117', 'Spare reason');
 define('BANLAN_118', 'Spare reason');
 define('BANLAN_119', 'Indicates an import error - previously imported bans');
-define('BANLAN_120', 'Unknown');
+define('BANLAN_120', 'Whitelist entry');
 ?>
--- a/e107_languages/English/admin/lan_log_messages.php
+++ b/e107_languages/English/admin/lan_log_messages.php
@@ -88,6 +88,7 @@ define('LAN_AL_BANLIST_08','Banlist options updated');
 define('LAN_AL_BANLIST_09','Banlist entry edited');
 define('LAN_AL_BANLIST_10','Whitelist entry edited');
 define('LAN_AL_BANLIST_11','Whitelist hit for ban entry');
 define('LAN_AL_BANLIST_12','Expired bans cleared');
 // Comment-related events
--- a/e107_languages/English/lan_userclass.php
+++ b/e107_languages/English/lan_userclass.php
@@ -9,19 +9,19 @@
 |     $Author$
 +----------------------------------------------------------------------------+
 */
-define("UC_LAN_0", "Everyone (public)");
+define('UC_LAN_0', 'Everyone (public)');
-define("UC_LAN_1", "Guests");
+define('UC_LAN_1', 'Guests');
-define("UC_LAN_2", "No One (inactive)");
+define('UC_LAN_2', 'No One (inactive)');
-define("UC_LAN_3", "Members");
+define('UC_LAN_3', 'Members');
-define("UC_LAN_4", "Read Only");
+define('UC_LAN_4', 'Read Only');
-define("UC_LAN_5", "Admin");
+define('UC_LAN_5', 'Admin');
-define("UC_LAN_6", "Main Admin");
+define('UC_LAN_6', 'Main Admin');
 define('UC_LAN_7', 'Forum Moderators');
 define('UC_LAN_8','Admins and Mods');
 define('UC_LAN_9','New Users');
 define('UC_LAN_10', 'Search Bots');
-define('UC_LAN_INVERT', "Not --CLASS--");
+define('UC_LAN_INVERT', 'Not --CLASS--');
-define('UC_LAN_INVERTLABEL', "Everyone but..");
+define('UC_LAN_INVERTLABEL', 'Everyone but..');
 ?>