Ban handling improvements - most checking done before DB opened (much faster if user is banned).

Fix some bugs in ban admin pages. Separate handler for IP- and ban-related functions (moves them out of e107_class)
2025-08-05 22:27:34 +02:00 · 2011-12-28 10:01:25 +00:00
parent db9b9c1a57
commit 389705683e
10 changed files with 1891 additions and 239 deletions
--- a/class2.php
+++ b/class2.php
@@ -223,6 +223,9 @@ $e107_paths = compact('ADMIN_DIRECTORY', 'FILES_DIRECTORY', 'IMAGES_DIRECTORY',
 $sql_info = compact('mySQLserver', 'mySQLuser', 'mySQLpassword', 'mySQLdefaultdb', 'mySQLprefix');
 $e107 = e107::getInstance()->initCore($e107_paths, realpath(dirname(__FILE__)), $sql_info, varset($E107_CONFIG, array()));

+e107::getSingleton('eIPHandler');			// This auto-handles bans etc
+
+
 ### NEW Register Autoload - do it asap
 if(!function_exists('spl_autoload_register'))
 {
@@ -777,8 +780,8 @@ if (!class_exists('e107table', false))
 $ns = e107::getRender(); //TODO - find & replace $ns, $e107->ns

 // EONE-134 - bad e_module could destroy e107 instance
-$e107 = e107::getInstance();
-$e107->ban();
+$e107 = e107::getInstance();		// Is this needed now?
+e107::getIPHandler()->ban();

 if(varset($pref['force_userupdate']) && USER && !isset($_E107['no_forceuserupdate']))
 {
--- a/e107_admin/banlist.php
+++ b/e107_admin/banlist.php
@@ -2,7 +2,7 @@
 /*
 * e107 website system
 *
- * Copyright (C) 2008-2010 e107 Inc (e107.org)
+ * Copyright (C) 2008-2012 e107 Inc (e107.org)
 * Released under the terms and conditions of the
 * GNU General Public License (http://www.gnu.org/licenses/gpl.txt)
 *
@@ -21,70 +21,105 @@
 *	@version 	$Id$;
 */

-define('BAN_TIME_FORMAT', "%d-%m-%Y %H:%M");
-define('BAN_REASON_COUNT', 7); // Update as more ban reasons added (max 10 supported)
+
+require_once('../class2.php');
+/*
+@todo should this be here?
+if(count($_POST) && !varset($_POST['e-token']))
+{
+	die('Access denied - bl');
+}
+*/


-define('BAN_TYPE_MANUAL', 1); 			// Manually entered bans
-define('BAN_TYPE_IMPORTED', 5); 		// Imported bans
-define('BAN_TYPE_TEMPORARY', 9); 		// Used during CSV import
-
-
-define('BAN_TYPE_WHITELIST', 100); 		// Entry for whitelist
-
-
-require_once ('../class2.php');
-if(!getperms('4'))
+if (!getperms('4'))
 {
 	header('location:'.e_BASE.'index.php');
 	exit();
 }

+
+
+require_once(e_HANDLER.'iphandler_class.php');		// This is probably already loaded in class2.php
+
 include_lan(e_LANGUAGEDIR.e_LANGUAGE.'/admin/lan_'.e_PAGE);

 $e_sub_cat = 'banlist';
-require_once ('auth.php');
-require_once (e_HANDLER.'form_handler.php');
+require_once('auth.php');
+require_once(e_HANDLER.'form_handler.php');
 $frm = new e_form(true);

+
 require_once(e_HANDLER.'message_handler.php');
 $emessage = &eMessage::getInstance();

+$pref = e107::getPref();
+
+// Set a default to avoid issues with legacy systems
+if (!isset($pref['ban_date_format'])) $pref['ban_date_format'] = '%H:%M %d-%m-%y';
+
+$ipAdministrator = new banlistManager;
+
+// Character options for import & export
+$separator_char = array(1 => ',', 2 => '|');
+$quote_char = array(1 => '(none)', 2 => "'", 3 => '"');
+
+
 $action = 'list';
-if(e_QUERY)
+if (e_QUERY)
 {
 	$tmp = explode('-', e_QUERY);		// Use '-' instead of '.' to avoid confusion with IP addresses
 	$action = $tmp[0];
 	$sub_action = varset($tmp[1], '');
-	if($sub_action)
-		$sub_action = preg_replace('/[^\w@\.:]*/', '', urldecode($sub_action));
+	if ($sub_action) $sub_action = preg_replace('/[^\w*@\.:]*/', '', urldecode($sub_action));
 	$id = intval(varset($tmp[2], 0));
 	unset($tmp);
 }

-$images_path = e_IMAGE_ABS.'admin_images/';


-
-if(isset($_POST['update_ban_prefs']))
+if (isset($_POST['update_ban_prefs']))		// Update ban messages
 {
-	for($i = 0; $i < BAN_REASON_COUNT; $i ++)
+	$changed = FALSE;
+
+	foreach ($ipAdministrator->getValidReasonList() as $bt)
 	{
-		$pref['ban_messages'][$i] = $tp->toDB(varset($_POST['ban_text_'.($i+1)], ''));
-		$pref['ban_durations'][$i] = intval(varset($_POST['ban_time_'.($i+1)], 0));
+		$i = abs($bt) + 1;		// Forces a single-digit positive number for part of field name
+		$t1 = $tp->toDB(varset($_POST['ban_text_'.($i)],''));
+		$t2 = intval(varset($_POST['ban_time_'.($i)],0));
+		if ($pref['ban_messages'][$bt] != $t1)
+		{
+			$pref['ban_messages'][$bt] = $t1;
+			$changed = TRUE;
 		}
+		if ($pref['ban_durations'][$bt] != $t2)
+		{
+			$pref['ban_durations'][$bt] = $t2;
+			$changed = TRUE;
+		}
+	}
+	if ($changed)
+	{
+	// @todo write actual prefs changes to log file (different methods for prefs?)
 		save_prefs();
-	banlist_adminlog('08', "");
+		/*****************************************
+			Write messages and times to disc file
+		 *****************************************/
+		$ipAdministrator->writeBanMessageFile();
+		banlist_adminlog('08','');
 		//$ns->tablerender(BANLAN_9, "<div style='text-align:center'>".BANLAN_33.'</div>');
 		$emessage->add(BANLAN_33, E_MESSAGE_SUCCESS);
+	}
 }


-if(isset($_POST['ban_ip']))
+
+$writeBanFile = FALSE;
+if (isset($_POST['ban_ip']))
 {
 	$_POST['ban_ip'] = trim($_POST['ban_ip']);
-	$new_ban_ip = preg_replace('/[^\w@\.\*]*/', '', urldecode($_POST['ban_ip']));
-	if($new_ban_ip != $_POST['ban_ip'])
+	$new_ban_ip = preg_replace('/[^\w*@\.:]*/', '', urldecode($_POST['ban_ip']));
+	if ($new_ban_ip != $_POST['ban_ip'])
 	{
 		$message = BANLAN_27.' '.$new_ban_ip;
 		//$ns->tablerender(BANLAN_9, $message);
@@ -92,100 +127,114 @@ if(isset($_POST['ban_ip']))
 		$_POST['ban_ip'] = $new_ban_ip;
 	}

-	if(isset($_POST['entry_intent']) && (isset($_POST['add_ban']) || isset($_POST['update_ban'])) && $_POST['ban_ip'] != "" && strpos($_POST['ban_ip'], ' ') === false)
+	if (isset($_POST['entry_intent']) && (isset($_POST['add_ban']) || isset($_POST['update_ban'])) && $_POST['ban_ip'] != "" && strpos($_POST['ban_ip'], ' ') === false)
 	{
 		/*	$_POST['entry_intent'] says why we're here:
 				'edit' 	- Editing blacklist
 				'add'	- Adding to blacklist
 				'whedit' - Editing whitelist
 				'whadd'	- Adding to whitelist
-*/
-		if($e107->whatIsThis($new_ban_ip) == 'ip')
+		*/
+		if(e107::getIPHandler()->whatIsThis($new_ban_ip) == 'ip')
 		{
-			$new_ban_ip = $e107->IPencode($new_ban_ip); // Normalise numeric IP addresses
+			$new_ban_ip = e107::getIPHandler()->IPencode($new_ban_ip, TRUE); // Normalise numeric IP addresses (allow wildcards)
 		}
 		$new_vals = array('banlist_ip' => $new_ban_ip);
-		if(isset($_POST['add_ban']))
+		if (isset($_POST['add_ban']))
 		{
 			$new_vals['banlist_datestamp'] = time();
-			if($_POST['entry_intent'] == 'add')
-				$new_vals['banlist_bantype'] = BAN_TYPE_MANUAL; // Manual ban
-			if($_POST['entry_intent'] == 'whadd')
-				$new_vals['banlist_bantype'] = BAN_TYPE_WHITELIST;
+			if ($_POST['entry_intent'] == 'add') $new_vals['banlist_bantype'] = eIPHandler::BAN_TYPE_MANUAL;		// Manual ban
+			if ($_POST['entry_intent'] == 'whadd') $new_vals['banlist_bantype'] = eIPHandler::BAN_TYPE_WHITELIST;
 		}
 		$new_vals['banlist_admin'] = ADMINID;
-		if(varsettrue($_POST['ban_reason']))
-			$new_vals['banlist_reason'] = $tp->toDB($_POST['ban_reason']);
+		$new_vals['banlist_reason'] = $tp->toDB(varset($_POST['ban_reason'], ''));
 		$new_vals['banlist_notes'] = $tp->toDB($_POST['ban_notes']);
-		if(isset($_POST['ban_time']) && is_numeric($_POST['ban_time']) && ($_POST['entry_intent'] == 'edit' || $_POST['entry_intent'] == 'add'))
+		if (isset($_POST['ban_time']) && is_numeric($_POST['ban_time']) && (($_POST['entry_intent']== 'edit') || ($_POST['entry_intent'] == 'add')))
 		{
 			$bt = intval($_POST['ban_time']);
-			$new_vals['banlist_banexpires'] = $bt ? time() + ($bt * 60 * 60) : 0;
+			$new_vals['banlist_banexpires'] = $bt ? time() + ($bt*60*60) : 0;
 		}
-		if(isset($_POST['add_ban']))
+		if (isset($_POST['add_ban']))
 		{  // Insert new value - can just pass an array
-			admin_update($sql->db_Insert("banlist", $new_vals), 'insert', false, false, false);
-			if($_POST['entry_intent'] == 'add')
+			admin_update($sql->db_Insert('banlist', $new_vals), 'insert');
+			if ($_POST['entry_intent'] == 'add')
 			{
-				banlist_adminlog('01', $new_vals['banlist_ip']);
+				banlist_adminlog('01', $new_vals['banlist_ip']);		// Write to banlist
 			}
 			else
 			{
-				banlist_adminlog('04', $new_vals['banlist_ip']);
+				banlist_adminlog('04', $new_vals['banlist_ip']);		// Write to whitelist
 			}
 		}
 		else
 		{  // Update existing value
 			$qry = '';
 			$spacer = '';
-			foreach($new_vals as $k => $v)
+			foreach ($new_vals as $k => $v)
 			{
 				$qry .= $spacer."`{$k}`='$v'";
 				$spacer = ', ';
 			}
-			admin_update($sql->db_Update("banlist", $qry." WHERE banlist_ip='".$_POST['old_ip']."'"), 'update', false, false, false);
-			if($_POST['entry_intent'] == 'edit')
+			admin_update($sql->db_Update('banlist', $qry." WHERE banlist_ip='".$_POST['old_ip']."'"));
+			if ($_POST['entry_intent'] == 'edit')
 			{
-				banlist_adminlog("09", $new_vals['banlist_ip']);
+				banlist_adminlog('09',$new_vals['banlist_ip']);
 			}
 			else
 			{
-				banlist_adminlog("10", $new_vals['banlist_ip']);
+				banlist_adminlog('10',$new_vals['banlist_ip']);
 			}
 		}
 		unset($ban_ip);
+		$writeBanFile = TRUE;
 	}
 }



 // Remove a ban
-if(($action == "remove" || $action == "whremove") && varsettrue($_POST['ban_secure']))
-//if ($action == "remove")
+if (($action == 'remove' || $action == 'whremove') && isset($_POST['ban_secure'])) 
 {
-	$sql->db_Delete("generic", "gen_type='failed_login' AND gen_ip='{$sub_action}'");
-	admin_update($sql->db_Delete("banlist", "banlist_ip='{$sub_action}'"), 'delete', false, false, false);
-	if($action == "remove")
+	$sql->db_Delete('generic', "gen_type='failed_login' AND gen_ip='{$sub_action}'");
+	admin_update($sql->db_Delete('banlist', "banlist_ip='{$sub_action}'"), 'delete');
+	if ($action == "remove")
 	{
 		$action = 'list';
-		banlist_adminlog("02", $sub_action);
+		banlist_adminlog('02', $sub_action);
 	}
 	else
 	{
 		$action = 'white';
-		banlist_adminlog("05", $sub_action);
+		banlist_adminlog('05', $sub_action);
 	}
+	$writeBanFile = TRUE;
 }



 // Update the ban expiry time/date - timed from now (only done on banlist)
-if($action == 'newtime')
+if ($action == 'newtime')
 {
-	$end_time = $id ? time() + ($id * 60 * 60) : 0;
-	admin_update($sql->db_Update("banlist", "banlist_banexpires='".intval($end_time)."' WHERE banlist_ip='".$sub_action."'"), 'update', false, false, false);
+	$end_time = $id ? time() + ($id*60*60) : 0;
+	admin_update($sql->db_Update('banlist', 'banlist_banexpires='.intval($end_time)." WHERE banlist_ip='".$sub_action."'"));
 	banlist_adminlog('03', $sub_action);
 	$action = 'list';
+	$writeBanFile = TRUE;
+}
+
+
+if ($writeBanFile)
+{
+/************************************************
+		update list of banned IPs
+*************************************************/
+	$ipAdministrator->writeBanListFiles('ip,htaccess');
+	if (!$ipAdministrator->doesMessageFileExist())
+	{
+		$ipAdministrator->writeBanMessageFile();		// Message file must exist - may not on fresh site
+		banlist_adminlog('08','');
+		$emessage->add(BANLAN_33, E_MESSAGE_SUCCESS);
+	}
 }


@@ -194,7 +243,7 @@ if($action == 'newtime')
 *	@todo - eliminate extract();
 */
 // Edit modes - get existing entry
-if($action == 'edit' || $action == 'whedit')
+if ($action == 'edit' || $action == 'whedit')
 {
 	$sql->db_Select('banlist', '*', "banlist_ip='{$sub_action}'");
 	$row = $sql->db_Fetch();
@@ -203,7 +252,7 @@ if($action == 'edit' || $action == 'whedit')
 else
 {
 	unset($banlist_ip, $banlist_reason);
-	if(e_QUERY && ($action == 'add' || $action == 'whadd') && strpos($_SERVER["HTTP_REFERER"], "userinfo"))
+	if (e_QUERY && ($action == 'add' || $action == 'whadd') && strpos($_SERVER["HTTP_REFERER"], "userinfo"))
 	{
 		$banlist_ip = $sub_action;
 	}
@@ -211,6 +260,9 @@ else



+/**
+ *	Create dropdown with options for ban time - uses internal fixed list of reasonable values
+ */
 function ban_time_dropdown($click_js = '', $zero_text = BANLAN_21, $curval = -1, $drop_name = 'ban_time')
 {
 	global $frm;
@@ -218,13 +270,13 @@ function ban_time_dropdown($click_js = '', $zero_text = BANLAN_21, $curval = -1,

 	$ret = $frm->select_open($drop_name, array('other' => $click_js, 'id' => false));
 	$ret .= $frm->option('&nbsp;', '');
-	foreach($intervals as $i)
+	foreach ($intervals as $i)
 	{
-		if($i == 0)
+		if ($i == 0)
 		{
 			$words = $zero_text ? $zero_text : BANLAN_21;
 		}
-		elseif(($i % 24) == 0)
+		elseif (($i % 24) == 0)
 		{
 			$words = floor($i / 24).' '.BANLAN_23;
 		}
@@ -240,16 +292,16 @@ function ban_time_dropdown($click_js = '', $zero_text = BANLAN_21, $curval = -1,



-// Character options for import & export
-$separator_char = array(1 => ',', 2 => '|');
-$quote_char = array(1 => '(none)', 2 => "'", 3 => '"');

+/**
+ *	Create generic dropdown from array of data
+ */
 function select_box($name, $data, $curval = FALSE)
 {
 	global $frm;

 	$ret = $frm->select_open($name, array('class' => 'tbox', 'id' => false));
-	foreach($data as $k => $v)
+	foreach ($data as $k => $v)
 	{
 		$ret .= $frm->option($v, $k, ($curval !== FALSE) && ($curval == $k));
 	}
@@ -258,14 +310,17 @@ function select_box($name, $data, $curval = FALSE)
 }


-// Drop-down box for access counts
+
+/**
+ *	Create dropdown with options for access counts before ban - uses internal fixed list of reasonable values
+ */
 function drop_box($box_name, $curval)
 {
 	global $frm;

 	$opts = array(50, 100, 150, 200, 250, 300, 400, 500);
 	$ret = $frm->select_open($box_name, array('class' => 'tbox'));
-	foreach($opts as $o)
+	foreach ($opts as $o)
 	{
 		$ret .= $frm->option($o, $o, ($curval == $o));
 	}
@@ -278,25 +333,95 @@ function drop_box($box_name, $curval)
 $text = '';


-switch($action)
+switch ($action)
 {
-	case 'options':
-		if(!getperms("0"))
+	case 'banlog' :
+		if(!getperms('0')) exit;
+		if (isset($_POST['delete_ban_log']))
+		{
+			$message = ($ipAdministrator->deleteLogFile() ? BANLAN_89 : BANLAN_90);
+			e107::getRender()->tablerender(BANLAN_88, "<div style='text-align:center; font-weight:bold'>".$message."</div>");
+		}
+		$from = 0;
+		$amount = 20;		// Number per page - could make configurable later if required
+		if ($sub_action) $from = intval($sub_action);
+
+// @todo format form the 0.8 way
+		$text = "<div style='text-align:center'>
+		<form method='post' action='".e_SELF."?banlog-".$from."'>
+		<table style='".ADMIN_WIDTH."' class='fborder'>
+		<colgroup>
+			<col style='width:20%; vertical-align:top;' />
+			<col style='width:30%; vertical-align:top;' />
+			<col style='width:30%; vertical-align:top;' />
+			<col style='width:30%; vertical-align:top;' />
+		</colgroup>";
+
+		// Get entries
+		$banLogEntries = $ipAdministrator->getLogEntries($from, $amount, $num_entry);
+		if (count($banLogEntries) == 0)
+		{
+		  $text .= "<tbody><tr><td colspan='4'>".BANLAN_82."</td></tr>";
+		  $num_entry = 0;
+		}
+		else
+		{
+			$text .= "<thead><tr><td class='fcaption'>".BANLAN_83."</td><td class='fcaption'>".BANLAN_84."</td>
+				<td class='fcaption'>".BANLAN_7."</td><td class='fcaption'>".BANLAN_85."</td></tr></thead><tbody>";
+			foreach ($banLogEntries as $ban)
+			{
+				$row = $ipAdministrator->splitLogEntry($ban);
+				$text .= "
+					<tr>
+					<td class='forumheader3'>".strftime($pref['ban_date_format'], $row['banDate'])."</td>
+					<td class='forumheader3'>".e107::getIPHandler()->ipDecode($row['banIP'])."</td>
+					<td class='forumheader3'>".$ipAdministrator->getBanTypeString($row['banReason'], FALSE)."</td>
+					<td class='forumheader3'>".$row['banNotes']."</td>
+					</tr>";
+			}  // End while
+
+			// Next-Previous. ==========================
+			if ($num_entry > $amount) 
+			{
+				$parms = "{$num_entry},{$amount},{$from},".e_SELF."?".$action.'-[FROM]';
+				$text .= "<tr><td colspan='5' style='text-align:center'><br />".$tp->parseTemplate("{NEXTPREV={$parms}}".'<br /><br /></td></tr>');
+			}
+			$text .= "<tr><td colspan='4' style='text-align:center'>
+						<input class='button' type='submit' name='delete_ban_log' value='".BANLAN_88."' />
+						<input type='hidden' name='e-token' value='".e_TOKEN."' />
+					</td>
+					  </tr>";
+		}
+		$text .= "</tbody></table></form></div>";
+
+		if (count($banLogEntries))
+		{
+			$text .= "&nbsp;&nbsp;&nbsp;".str_replace('--NUM--', $num_entry, BANLAN_87);
+		}
+		
+		e107::getRender()->tablerender("<div style='text-align:center'>".BANLAN_86.'</div>', $text);
+		break;
+
+
+	case 'options' :
+		if (!getperms('0'))
 			exit();
-		if(isset($_POST['update_ban_options']))
+		if (isset($_POST['update_ban_options']))
 		{
 			$pref['enable_rdns'] = intval($_POST['ban_rdns_on_access']);
 			$pref['enable_rdns_on_ban'] = intval($_POST['ban_rdns_on_ban']);
 			$pref['ban_max_online_access'] = intval($_POST['ban_access_guest']).','.intval($_POST['ban_access_member']);
 			$pref['ban_retrigger'] = intval($_POST['ban_retrigger']);
-			save_prefs();
+			$pref['ban_date_format'] = $tp->toDB($_POST['ban_date_format']);
+			save_prefs();						// @todo FIXME log detail of changes. Right prefs to use?
 			$emessage->add(LAN_SETSAVED, E_MESSAGE_SUCCESS);
 		}

-		if(isset($_POST['remove_expired_bans']))
+		if (isset($_POST['remove_expired_bans']))
 		{
-			//FIXME - proper messages
-			admin_update($sql->db_Delete('banlist', "`banlist_bantype` < ".BAN_TYPE_WHITELIST." AND `banlist_banexpires` > 0 AND `banlist_banexpires` < ".time()), 'delete', false, false, false);
+			$result = $sql->db_Delete('banlist',"`banlist_bantype` < ".eIPHandler::BAN_TYPE_WHITELIST." AND `banlist_banexpires` > 0 AND `banlist_banexpires` < ".time());
+			banlist_adminlog('12', $result);
+			$emessage->add(str_replace('--NUM--', $result, BANLAN_48), E_MESSAGE_SUCCESS);
 		}

 		list($ban_access_guest, $ban_access_member) = explode(',', varset($pref['ban_max_online_access'], '100,200'));
@@ -346,10 +471,19 @@ switch($action)
 									</div>
 								</td>
 							</tr>
+
+							<tr>
+							  <td class='label'>".BANLAN_91."</td>
+							  <td class='control'>
+							  ".$frm->text('ban_date_format', varset($pref['ban_date_format'], '%H:%M %d-%m-%y'), 40)."
+							  <div class='field-help'>".BANLAN_92."</div>
+							  </td>
+							</tr>
 						</tbody>
 					</table>
 					<div class='buttons-bar center'>
 						".$frm->admin_button('update_ban_options', LAN_UPDATE, 'update')."
+						<input type='hidden' name='e-token' value='".e_TOKEN."' />
 					</div>
 				</fieldset>
 				<fieldset id='core-banlist-options-ban'>
@@ -364,6 +498,7 @@ switch($action)
 								<td class='label'>".BANLAN_75."</td>
 								<td class='control'>
 									".$frm->admin_button('remove_expired_bans', BANLAN_76, 'delete')."
+									<input type='hidden' name='e-token' value='".e_TOKEN."' />
 								</td>
 							</tr>
 						</tbody>
@@ -371,20 +506,26 @@ switch($action)
 				</fieldset>
 			</form>
 		";
-		$e107->ns->tablerender(BANLAN_72, $emessage->render().$text);
+		e107::getRender()->tablerender(BANLAN_72, $emessage->render().$text);
 		break;

-	case 'times':
-		if(!getperms("0"))
+	case 'times' :
+		if (!getperms('0'))
 			exit();
 		$text = '';
-		if((!isset($pref['ban_messages'])) || !is_array($pref['ban_messages']))
+		if ((!isset($pref['ban_messages'])) || !is_array($pref['ban_messages']))
 		{
-			$pref['ban_messages'] = array_fill(0, BAN_REASON_COUNT - 1, '');
+			foreach ($ipAdministrator->getValidReasonList() as $bt)
+			{
+				$pref['ban_messages'][$bt] = '';
 			}
-		if((!isset($pref['ban_durations'])) || !is_array($pref['ban_durations']))
+		}
+		if ((!isset($pref['ban_durations'])) || !is_array($pref['ban_durations']))
 		{
-			$pref['ban_durations'] = array_fill(0, BAN_REASON_COUNT - 1, 0);
+			foreach ($ipAdministrator->getValidReasonList() as $bt)
+			{
+				$pref['ban_durations'][$bt] = 0;
+			}
 		}

 		$text .= "
@@ -406,18 +547,19 @@ switch($action)
 						</thead>
 						<tbody>
 		";
-		for($i = 0; $i < BAN_REASON_COUNT; $i ++)
+		foreach ($ipAdministrator->getValidReasonList() as $bt)
 		{
+			$i = abs($bt) + 1;		// Forces a single-digit positive number
 			$text .= "
 					<tr>
 						<td>
-										<strong>".constant('BANLAN_10'.$i)."</strong>
-										<div class='field-help'>".constant('BANLAN_11'.$i)."</div>
+							<strong>".$ipAdministrator->getBanTypeString($bt, FALSE)."</strong>
+							<div class='field-help'>".$ipAdministrator->getBanTypeString($bt, TRUE)."</div>
 						</td>
 						<td class='center'>
-										".$frm->textarea('ban_text_'.($i+1), $pref['ban_messages'][$i], 4, 15)."
+							".$frm->textarea('ban_text_'.($i), $pref['ban_messages'][$bt], 4, 15)."
 						</td>
-									<td class='center'>".ban_time_dropdown('', BANLAN_32, $pref['ban_durations'][$i], 'ban_time_'.($i+1))."</td>
+						<td class='center'>".ban_time_dropdown('', BANLAN_32, $pref['ban_durations'][$bt], 'ban_time_'.($i))."</td>
 					</tr>
 				";
 		}
@@ -426,21 +568,23 @@ switch($action)
 					</table>
 					<div class='buttons-bar center'>
 						".$frm->admin_button('update_ban_prefs', LAN_UPDATE, 'update')."
+						<input type='hidden' name='e-token' value='".e_TOKEN."' />
 					</div>
 				</fieldset>
 			</form>
 			";

-		$e107->ns->tablerender(BANLAN_77, $emessage->render().$text);
+		e107::getRender()->tablerender(BANLAN_77, $emessage->render().$text);
 		break;

-	case 'edit':		// Edit an existing ban
-	case 'add':			// Add a new ban
-	case 'whedit':		// Edit existing whitelist entry
-	case 'whadd':		// Add a new whitelist entry
+	case 'edit' :		// Edit an existing ban
+	case 'add' :		// Add a new ban
+	case 'whedit' :		// Edit existing whitelist entry
+	case 'whadd' :		// Add a new whitelist entry
 		if (!isset($banlist_reason)) $banlist_reason = '';
 		if (!isset($banlist_ip)) $banlist_ip = '';
 		if (!isset($banlist_notes)) $banlist_notes = '';
+
 		$page_title = array('edit' => BANLAN_60, 'add' => BANLAN_9, 'whedit' => BANLAN_59, 'whadd' => BANLAN_58);
 		$rdns_warn = varsettrue($pref['enable_rdns']) ? '' : '<div class="field-help error">'.BANLAN_12.'</div>';
 		$next = ($action == 'whedit' || $action == 'whadd') ? '?white' : '?list';
@@ -459,18 +603,18 @@ switch($action)
 								<td class='label'>
 									".BANLAN_5.":
 									<div class='label-note'>
-										".BANLAN_13."<a href='".e_ADMIN_ABS."users.php'><img src='".$images_path."users_16.png' alt='' /></a>
+										".BANLAN_13."<a href='".e_ADMIN_ABS."users.php'><img src='".e_IMAGE_ABS.'admin_images/'."users_16.png' alt='' /></a>
 									</div>
 								</td>
 								<td class='control'>
 									<input type='hidden' name='entry_intent' value='{$action}' />
-									".$frm->text('ban_ip', $e107->ipDecode($banlist_ip), 200)."
+									".$frm->text('ban_ip', e107::getIPHandler()->ipDecode($banlist_ip), 200)."
 									{$rdns_warn}
 								</td>
 							</tr>
 		";

-		if(($action == 'add') || ($action == 'whadd') || ($banlist_bantype <= 1) || ($banlist_bantype >= BAN_TYPE_WHITELIST))
+		if (($action == 'add') || ($action == 'whadd') || ($banlist_bantype <= 1) || ($banlist_bantype >= eIPHandler::BAN_TYPE_WHITELIST))
 		{ // Its a manual or unknown entry - only allow edit of reason on those
 			$text .= "
 							<tr>
@@ -481,7 +625,7 @@ switch($action)
 							</tr>
 			";
 		}
-		elseif($action == 'edit')
+		elseif ($action == 'edit')
 		{
 			$text .= "
 							<tr>
@@ -491,12 +635,12 @@ switch($action)
 			";
 		}

-		if($action == 'edit')
+		if ($action == 'edit')
 		{
 			$text .= "
 							<tr>
 								<td class='label'>".BANLAN_28.": </td>
-								<td class='control'>".constant('BANLAN_10'.$banlist_bantype)." - ".constant('BANLAN_11'.$banlist_bantype)."</td>
+								<td class='control'>".$ipAdministrator->getBanTypeString($banlist_bantype, FALSE)." - ".$ipAdministrator->getBanTypeString($banlist_bantype, TRUE)."</td>
 							</tr>
 			";
 		}
@@ -510,9 +654,9 @@ switch($action)
 							</tr>
 		";

-		if($action == 'edit' || $action == 'add')
+		if ($action == 'edit' || $action == 'add')
 		{
-			$inhelp = (($action == 'edit') ? '<div class="field-help">'.BANLAN_26.($banlist_banexpires ? strftime(BAN_TIME_FORMAT, $banlist_banexpires) : BANLAN_21).'</div>' : '');
+			$inhelp = (($action == 'edit') ? '<div class="field-help">'.BANLAN_26.($banlist_banexpires ? strftime($pref['ban_date_format'], $banlist_banexpires) : BANLAN_21).'</div>' : '');

 			$text .= "
 							<tr>
@@ -525,6 +669,7 @@ switch($action)
 		$text .= "
 						</tbody>
 					</table>
+					<input type='hidden' name='e-token' value='".e_TOKEN."' />
 					<div class='buttons-bar center'>

 		";
@@ -532,13 +677,13 @@ switch($action)
 		/* FORM NOTE EXAMPLE - not needed here as this note is added as label-note (see below)
 		$text .= "
 			<div class='form-note'>
-				".BANLAN_13."<a href='".e_ADMIN_ABS."users.php'><img src='".$images_path."users_16.png' alt='' /></a>
+				".BANLAN_13."<a href='".e_ADMIN_ABS."users.php'><img src='".e_IMAGE_ABS.'admin_images/'."users_16.png' alt='' /></a>
 			</div>

 		";
 		*/

-		if($action == 'edit' || $action == 'whedit')
+		if ($action == 'edit' || $action == 'whedit')
 		{
 			$text .= "<input type='hidden' name='old_ip' value='{$banlist_ip}' />
 				".$frm->admin_button('update_ban', LAN_UPDATE, 'update');
@@ -553,17 +698,17 @@ switch($action)
 			</form>
 		";

-		$e107->ns->tablerender($page_title[$action], $emessage->render().$text);
+		e107::getRender()->tablerender($page_title[$action], $emessage->render().$text);
 		break;		// End of 'Add' and 'Edit'


-	case 'transfer':
+	case 'transfer' :
 		$message = '';
 		$error = false;
-		if(isset($_POST['ban_import']))
+		if (isset($_POST['ban_import']))
 		{ // Got a file to import
-			require_once (e_HANDLER.'upload_handler.php');
-			if(($files = process_uploaded_files(e_UPLOAD, FALSE, array('overwrite' => TRUE, 'max_file_count' => 1, 'file_mask' => 'csv'))) === FALSE)
+			require_once(e_HANDLER.'upload_handler.php');
+			if (($files = process_uploaded_files(e_UPLOAD, FALSE, array('overwrite' => TRUE, 'max_file_count' => 1, 'file_mask' => 'csv'))) === FALSE)
 			{ // Invalid file
 				$error = true;
 				$message = BANLAN_47;
@@ -577,8 +722,12 @@ switch($action)
 			}
 			if(!$error)
 			{ // Got a file of some sort
-				$message = process_csv(e_UPLOAD.$files[0]['name'], intval(varset($_POST['ban_over_import'], 0)), intval(varset($_POST['ban_over_expiry'], 0)), $separator_char[intval(varset($_POST['ban_separator'], 1))], $quote_char[intval(varset($_POST['ban_quote'], 3))]);
-				banlist_adminlog("07", 'File: '.e_UPLOAD.$files[0]['name'].'<br />'.$message);
+				$message = process_csv(e_UPLOAD.$files[0]['name'],
+										intval(varset($_POST['ban_over_import'], 0)),
+										intval(varset($_POST['ban_over_expiry'], 0)),
+										$separator_char[intval(varset($_POST['ban_separator'], 1))],
+										$quote_char[intval(varset($_POST['ban_quote'], 3))]);
+				banlist_adminlog('07', 'File: '.e_UPLOAD.$files[0]['name'].'<br />'.$message);
 			}

 		}
@@ -601,13 +750,13 @@ switch($action)
 			";


-		for($i = 0; $i < BAN_REASON_COUNT; $i ++)
+		foreach ($ipAdministrator->getValidReasonList() as $i)
 		{
 			$text .= "
 							<tr>
 							<td colspan='3'>
-										".$frm->checkbox("ban_types[{$i}]", $i).$frm->label(constant('BANLAN_10'.$i), "ban_types[{$i}]", $i)."
-										<span class='field-help'>(".constant('BANLAN_11'.$i).")</span>
+								".$frm->checkbox("ban_types[{$i}]", $i).$frm->label($ipAdministrator->getBanTypeString($i, FALSE), "ban_types[{$i}]", $i)."
+								<span class='field-help'>(".$ipAdministrator->getBanTypeString($i, TRUE).")</span>
 							</td></tr>
 			";
 		}
@@ -621,6 +770,7 @@ switch($action)
 						</tbody>
 					</table>
 					<div class='buttons-bar center'>".$frm->admin_button('ban_export', BANLAN_39, 'export', BANLAN_39)."</div>
+						<input type='hidden' name='e-token' value='".e_TOKEN."' />
 				</fieldset>
 			</form>
 		";
@@ -661,6 +811,7 @@ switch($action)
 					</table>
 								<div class='buttons-bar center'>
 								".$frm->admin_button('ban_import', BANLAN_45, 'import')."
+								<input type='hidden' name='e-token' value='".e_TOKEN."' />
 								</div>


@@ -668,21 +819,23 @@ switch($action)
 			</form>
 		";

-		$e107->ns->tablerender(BANLAN_35, $emessage->render().$text);
-		break;
+		e107::getRender()->tablerender(BANLAN_35, $emessage->render().$text);
+		break;		// End case 'transfer'

-	case 'list':
-	case 'white':
-	default:
-		if(($action != 'list') && ($action != 'white'))
+	case 'list' :
+	case 'white' :
+	default :
+		if (($action != 'list') && ($action != 'white'))
 			$action = 'list';

 		$edit_action = ($action == 'list' ? 'edit' : 'whedit');
 		$del_action = ($action == 'list' ? 'remove' : 'whremove');
 		$col_widths = array('list' => array(10, 5, 35, 30, 10, 10), 'white' => array(15, 40, 35, 10));
-		$col_titles = array('list' => array(BANLAN_17, BANLAN_20, BANLAN_10, BANLAN_19, BANLAN_18, LAN_OPTIONS), 'white' => array(BANLAN_55, BANLAN_56, BANLAN_19, LAN_OPTIONS));
+		$col_titles = array('list' => array(BANLAN_17, BANLAN_20, BANLAN_10, BANLAN_19, BANLAN_18, LAN_OPTIONS),
+							'white' => array(BANLAN_55, BANLAN_56, BANLAN_19, LAN_OPTIONS));
 		$no_values = array('list' => BANLAN_2, 'white' => BANLAN_54);
-		$col_defs = array('list' => array('banlist_datestamp' => 0, 'banlist_bantype' => 0, 'ip_reason' => BANLAN_7, 'banlist_notes' => 0, 'banlist_banexpires' => 0, 'ban_options' => 0), 'white' => array('banlist_datestamp' => 0, 'ip_reason' => BANLAN_57, 'banlist_notes' => 0, 'ban_options' => 0));
+		$col_defs = array('list' => array('banlist_datestamp' => 0, 'banlist_bantype' => 0, 'ip_reason' => BANLAN_7, 'banlist_notes' => 0, 'banlist_banexpires' => 0, 'ban_options' => 0),
+						'white' => array('banlist_datestamp' => 0, 'ip_reason' => BANLAN_57, 'banlist_notes' => 0, 'ban_options' => 0));

 		$text = "
 			<form method='post' action='".e_SELF.'?'.$action."' id='core-banlist-form'>
@@ -691,7 +844,8 @@ switch($action)
 					".$frm->hidden("ban_secure", "1")."
 		";

-		$filter = ($action == 'white') ? 'banlist_bantype='.BAN_TYPE_WHITELIST : 'banlist_bantype!='.BAN_TYPE_WHITELIST;
+		$filter = ($action == 'white') ? 'banlist_bantype='.eIPHandler::BAN_TYPE_WHITELIST : 'banlist_bantype!='.eIPHandler::BAN_TYPE_WHITELIST;
+

 		if(!$ban_total = $sql->db_Select("banlist", "*", $filter." ORDER BY banlist_ip"))
 		{
@@ -725,8 +879,8 @@ switch($action)
 						<tbody>";
 			while($row = $sql->db_Fetch())
 			{
-				extract($row);//FIXME - kill extract()
-				$banlist_reason = str_replace("LAN_LOGIN_18", BANLAN_11, $banlist_reason);
+				//extract($row);//FIXME - kill extract()
+				$row['banlist_reason'] = str_replace('LAN_LOGIN_18', BANLAN_11, $row['banlist_reason']);
 				$text .= "<tr>";
 				foreach($col_defs[$action] as $cd => $fv)
 				{
@@ -734,22 +888,22 @@ switch($action)
 					switch($cd)
 					{
 						case 'banlist_datestamp':
-							$val = ($banlist_datestamp ? strftime(BAN_TIME_FORMAT, $banlist_datestamp) : BANLAN_22);
+							$val = ($row['banlist_datestamp'] ? strftime($pref['ban_date_format'], $row['banlist_datestamp']) : BANLAN_22);
 							break;
 						case 'banlist_bantype':
-							$val = "<div class='nowrap' title='".constant('BANLAN_11'.$banlist_bantype)."'>".constant('BANLAN_10'.$banlist_bantype)." <a href='#' title='".constant('BANLAN_11'.$banlist_bantype)."' onclick='return false;'><img class='action info S16' src='".e_IMAGE_ABS."admin_images/info_16.png' alt='' /></a></div>";
+							$val = "<div class='nowrap' title='".$ipAdministrator->getBanTypeString($row['banlist_bantype'], TRUE)."'>".$ipAdministrator->getBanTypeString($row['banlist_bantype'], FALSE)." <a href='#' title='".$ipAdministrator->getBanTypeString($row['banlist_bantype'], TRUE)."' onclick='return false;'><img class='action info S16' src='".e_IMAGE_ABS."admin_images/info_16.png' alt='' /></a></div>";
 							break;
 						case 'ip_reason':
-							$val = $e107->ipDecode($banlist_ip)."<br />".$fv.": ".$banlist_reason;
+							$val = e107::getIPHandler()->ipDecode($row['banlist_ip'])."<br />".$fv.": ".$row['banlist_reason'];
 							break;
 						case 'banlist_banexpires':
-							$val = ($banlist_banexpires ? strftime(BAN_TIME_FORMAT, $banlist_banexpires).(($banlist_banexpires < time()) ? ' ('.BANLAN_34.')' : '') : BANLAN_21)."<br />".ban_time_dropdown("onchange=\"e107Helper.urlJump('".e_SELF."?newtime-{$banlist_ip}-'+this.value)\"");
+							$val = ($row['banlist_banexpires'] ? strftime($pref['ban_date_format'], $row['banlist_banexpires']).(($row['banlist_banexpires'] < time()) ? ' ('.BANLAN_34.')' : '') : BANLAN_21)."<br />".ban_time_dropdown("onchange=\"e107Helper.urlJump('".e_SELF."?newtime-{$row['banlist_ip']}-'+this.value)\"");
 							break;
 						case 'ban_options':
 							$row_class = ' class="center"';
 							$val = "
-							<a class='action edit' href='".e_SELF."?{$edit_action}-{$banlist_ip}'>".ADMIN_EDIT_ICON."</a>
-<input class='action delete no-confirm' name='delete_ban_entry' value='".e_SELF."?{$del_action}-{$banlist_ip}' type='image' src='".ADMIN_DELETE_ICON_PATH."' alt='".LAN_DELETE."' title='".$tp->toJS(LAN_CONFIRMDEL." [".$e107->ipDecode($banlist_ip)."]")."' />";
+							<a class='action edit' href='".e_SELF."?{$edit_action}-{$row['banlist_ip']}'>".ADMIN_EDIT_ICON."</a>
+<input class='action delete no-confirm' name='delete_ban_entry' value='".e_SELF."?{$del_action}-{$row['banlist_ip']}' type='image' src='".ADMIN_DELETE_ICON_PATH."' alt='".LAN_DELETE."' title='".$tp->toJS(LAN_CONFIRMDEL." [".e107::getIPHandler()->ipDecode($row['banlist_ip'])."]")."' />";
 							break;
 						case 'banlist_notes':
 						default:
@@ -784,7 +938,7 @@ switch($action)
 			</form>
 		";

-		$e107->ns->tablerender(($action == 'list' ? BANLAN_3 : BANLAN_61), $emessage->render().$text);
+		e107::getRender()->tablerender(($action == 'list' ? BANLAN_3 : BANLAN_61), $emessage->render().$text);
 		// End of case 'list' and the default case
 }		// End switch ($action)

@@ -819,7 +973,7 @@ function banlist_adminmenu()
 	$var['transfer']['link'] = e_SELF.'?transfer';
 	$var['transfer']['perm'] = '4';

-	if(getperms('0'))
+	if (getperms('0'))
 	{
 		$var['times']['text'] = BANLAN_15;
 		$var['times']['link'] = e_SELF.'?times';
@@ -828,6 +982,10 @@ function banlist_adminmenu()
 		$var['options']['text'] = LAN_OPTIONS;
 		$var['options']['link'] = e_SELF.'?options';
 		$var['options']['perm'] = '0';
+
+		$var['banlog']['text'] = BANLAN_81;
+		$var['banlog']['link'] = e_SELF.'?banlog';
+		$var['banlog']['perm'] = '0';
 	}
 	e_admin_menu(BANLAN_16, $action, $var);
 }
@@ -837,7 +995,7 @@ function banlist_adminmenu()
 // Parse the date string used by the import/export - YYYYMMDD_HHMMSS
 function parse_date($instr)
 {
-	if(strlen($instr) != 15)
+	if (strlen($instr) != 15)
 		return 0;
 	return mktime(substr($instr, 9, 2), substr($instr, 11, 2), substr($instr, 13, 2), substr($instr, 4, 2), substr($instr, 6, 2), substr($instr, 0, 4));
 }
@@ -848,30 +1006,33 @@ function parse_date($instr)
 // Return a message
 function process_csv($filename, $override_imports, $override_expiry, $separator = ',', $quote = '"')
 {
-	global $sql, $pref, $e107, $emessage;
+	$sql = e107::getDb();
+	$pref['ban_durations'] = e107::getPref('ban_durations');		// @todo - check this
+	$emessage = &eMessage::getInstance();
+	
 	//  echo "Read CSV: {$filename} separator: {$separator}, quote: {$quote}  override imports: {$override_imports}  override expiry: {$override_expiry}<br />";
 	// Renumber imported bans
-	if($override_imports)
-		$sql->db_Update('banlist', "`banlist_bantype`=".BAN_TYPE_TEMPORARY." WHERE `banlist_bantype` = ".BAN_TYPE_IMPORTED);
+	if ($override_imports)
+		$sql->db_Update('banlist', "`banlist_bantype`=".eIPHandler::BAN_TYPE_TEMPORARY." WHERE `banlist_bantype` = ".eIPHandler::BAN_TYPE_IMPORTED);
 	$temp = file($filename);
 	$line_num = 0;
-	foreach($temp as $line)
+	foreach ($temp as $line)
 	{ // Process one entry
 		$line = trim($line);
-		$line_num ++;
-		if($line)
+		$line_num++;
+		if ($line)
 		{
 			$fields = explode($separator, $line);
 			$field_num = 0;
-			$field_list = array('banlist_bantype' => BAN_TYPE_IMPORTED);
-			foreach($fields as $f)
+			$field_list = array('banlist_bantype' => eIPHandler::BAN_TYPE_IMPORTED);
+			foreach ($fields as $f)
 			{
 				$f = trim($f);
-				if(substr($f, 0, 1) == $quote)
+				if (substr($f, 0, 1) == $quote)
 				{
-					if(substr($f, - 1, 1) == $quote)
+					if (substr($f, -1, 1) == $quote)
 					{ // Strip quotes
-						$f = substr($f, 1, - 1); // Strip off the quotes
+						$f = substr($f, 1, -1);		// Strip off the quotes
 					}
 					else
 					{
@@ -880,39 +1041,39 @@ function process_csv($filename, $override_imports, $override_expiry, $separator
 					}
 				}
 				// Now handle the field
-				$field_num ++;
-				switch($field_num)
+				$field_num++;
+				switch ($field_num)
 				{
-					case 1: // IP address
-						$field_list['banlist_ip'] = $e107->ipEncode($f);
+					case 1 :	// IP address
+						$field_list['banlist_ip'] = e107::getIPHandler()->ipEncode($f);
 						break;
-					case 2: // Original date of ban
+					case 2 :	// Original date of ban
 						$field_list['banlist_datestamp'] = parse_date($f);
 						break;
-					case 3: // Expiry of ban - depends on $override_expiry
-						if($override_expiry)
+					case 3 :	// Expiry of ban - depends on $override_expiry
+						if ($override_expiry)
 						{
 							$field_list['banlist_banexpires'] = parse_date($f);
 						}
 						else
 						{ // Use default ban time from now
-							$field_list['banlist_banexpires'] = $pref['ban_durations'][BAN_TYPE_IMPORTED] ? time() + (60 * 60 * $pref['ban_durations'][BAN_TYPE_IMPORTED]) : 0;
+							$field_list['banlist_banexpires'] = $pref['ban_durations'][eIPHandler::BAN_TYPE_IMPORTED] ? time() + (60*60*$pref['ban_durations'][eIPHandler::BAN_TYPE_IMPORTED]) : 0;
 						}
 						break;
-					case 4: // Original ban type - we always ignore this and force to 'imported'
+					case 4 :	// Original ban type - we always ignore this and force to 'imported'
 						break;
-					case 5: // Ban reason originally generated by E107
+					case 5 :	// Ban reason originally generated by E107
 						$field_list['banlist_reason'] = $f;
 						break;
-					case 6: // Any user notes added
+					case 6 :	// Any user notes added
 						$field_list['banlist_notes'] = $f;
 						break;
-					default: // Just ignore any others
+					default :	// Just ignore any others
 				}
 			}
 			$qry = "REPLACE INTO `#banlist` (".implode(',', array_keys($field_list)).") values ('".implode("', '", $field_list)."')";
 			//	  echo count($field_list)." elements, query: ".$qry."<br />";
-			if(!$sql->db_Select_gen($qry))
+			if (!$sql->db_Select_gen($qry))
 			{
 				$emessage->add(BANLAN_50.$line_num, E_MESSAGE_ERROR);
 				return BANLAN_50.$line_num;
@@ -920,8 +1081,8 @@ function process_csv($filename, $override_imports, $override_expiry, $separator
 		}
 	}
 	// Success here - may need to delete old imported bans
-	if($override_imports)
-		$sql->db_Delete('banlist', "`banlist_bantype` = ".BAN_TYPE_TEMPORARY);
+	if ($override_imports)
+		$sql->db_Delete('banlist', "`banlist_bantype` = ".eIPHandler::BAN_TYPE_TEMPORARY);
 	@unlink($filename);		// Delete file once done
 	$emessage->add(str_replace('--NUM--', $line_num, BANLAN_51).$filename, E_MESSAGE_SUCCESS);
 	return str_replace('--NUM--', $line_num, BANLAN_51).$filename;
@@ -939,7 +1100,6 @@ function process_csv($filename, $override_imports, $override_expiry, $separator
 */
 function banlist_adminlog($msg_num = '00', $woffle = '')
 {
-	//  if (!varset($pref['admin_log_log']['admin_banlist'],0)) return;
 	e107::getAdminLog()->log_event('BANLIST_'.$msg_num, $woffle, E_LOG_INFORMATIVE, '');
 }

--- a/e107_admin/sql/core_sql.php
+++ b/e107_admin/sql/core_sql.php
@@ -73,7 +73,7 @@ CREATE TABLE audit_log (

 CREATE TABLE banlist (
  banlist_ip varchar(100) NOT NULL default '',
-  banlist_bantype tinyint(3) unsigned NOT NULL default '0',
+  banlist_bantype tinyint(3) signed NOT NULL default '0',
  banlist_datestamp int(10) unsigned NOT NULL default '0',
  banlist_banexpires int(10) unsigned NOT NULL default '0',
  banlist_admin smallint(5) unsigned NOT NULL default '0',
--- a/e107_core/xml/default_install.xml
+++ b/e107_core/xml/default_install.xml
@@ -17,6 +17,7 @@
 		<core name="auth_method"></core>
 		<core name="autoban">1</core>
 		<core name="autologinpostsignup">1</core>
+		<core name="ban_date_format">%H:%M %d-%m-%y</core>
 		<core name="ban_max_online_access">100,200</core>
 		<core name="ban_retrigger">0</core>
 		<core name="cachestatus"></core>
--- a/e107_handlers/e107_class.php
+++ b/e107_handlers/e107_class.php
@@ -200,6 +200,7 @@ class e107
 		'user_class'					 => '{e_HANDLER}userclass_class.php',
 		'userlogin'					 	 => '{e_HANDLER}login.php',
 		'xmlClass'						 => '{e_HANDLER}xml_class.php',
+		'eIPHandler'					 => '{e_HANDLER}iphandler_class.php',
 		
 	);

@@ -224,7 +225,7 @@ class e107
 	 * Constructor
 	 *
 	 * Use {@link getInstance()}, direct instantiating
-	 * is not possible for signleton objects
+	 * is not possible for singleton objects
 	 *
 	 * @return void
 	 */
@@ -668,7 +669,6 @@ class e107
 		//singleton object found - overload not possible
 		if(self::getRegistry($id))
 		{
-
 			return self::getRegistry($id);
 		}

@@ -914,7 +914,7 @@ class e107
 	 */
 	public static function getParser()
 	{
-		return self::getSingleton('e_parse', e_HANDLER.'e_parse_class.php'); //WARNING - don't change this - inifinite loop!!!
+		return self::getSingleton('e_parse', e_HANDLER.'e_parse_class.php'); //WARNING - don't change this - infinite loop!!!
 	}

 	/**
@@ -1155,6 +1155,16 @@ class e107
 		return self::getSingleton('language', true);
 	}

+	/**
+	 * Retrieve IP/ban handler singleton object
+	 *
+	 * @return language
+	 */
+	public static function getIPHandler()
+	{
+		return self::getSingleton('eIPHandler', true);
+	}
+
 	/**
 	 * Retrieve Xml handler singleton or new instance object
 	 * @param mixed $singleton false - new instance, true - singleton from default registry location, 'string' - registry path
@@ -2558,6 +2568,7 @@ class e107
 	 * FIXME - create eBanHelper, move it there
 	 * @return void
 	 */
+	 /* No longer required - moved to eIPHelper class
 	public function ban()
 	{
 		$sql = e107::getDb();
@@ -2603,7 +2614,7 @@ class e107
 				$this->check_ban($match);
 			}
 		}
-	}
+	} */

 	/**
 	 * Check the banlist table. $query is used to determine the match.
@@ -2618,6 +2629,7 @@ class e107
 	 * @param boolean $do_return
 	 * @return boolean
 	 */
+	 /* No longer required - moved to eIPHelper class
 	public function check_ban($query, $show_error = TRUE, $do_return = FALSE)
 	{
 		$sql = e107::getDb();
@@ -2665,7 +2677,7 @@ class e107
 		}
 		//$admin_log->e_log_event(4,__FILE__."|".__FUNCTION__."@".__LINE__,"DBG","No ban found",$query,FALSE,LOG_TO_ROLLING);
 		return TRUE; // Email address OK
-	}
+	} */


 	/**
@@ -2684,6 +2696,9 @@ class e107
 	 */
 	public function add_ban($bantype, $ban_message = '', $ban_ip = '', $ban_user = 0, $ban_notes = '')
 	{
+		return e107::getIPHandler()->add_ban($bantype, $ban_message, $ban_ip, $ban_user, $ban_notes);
+		
+		/*
 		global $sql, $pref, $e107, $admin_log;
 		$sql = e107::getDb();
 		$pref = e107::getPref();
@@ -2697,7 +2712,9 @@ class e107
 		{
 			$ban_ip = $this->getip();
 		}
-		$ban_ip = preg_replace('/[^\w@\.]*/', '', urldecode($ban_ip)); // Make sure no special characters
+		*/
+		//$ban_ip = preg_replace('/[^\w@\.]*/', '', urldecode($ban_ip)); // Make sure no special characters
+		/*
 		if(!$ban_ip)
 		{
 			return FALSE;
@@ -2714,17 +2731,19 @@ class e107
 		}
 		// Add using an array - handles DB changes better
 		$sql->db_Insert('banlist', array('banlist_ip' => $ban_ip , 'banlist_bantype' => $bantype , 'banlist_datestamp' => time() , 'banlist_banexpires' => (varsettrue($pref['ban_durations'][$bantype]) ? time()+($pref['ban_durations'][$bantype]*60*60) : 0) , 'banlist_admin' => $ban_user , 'banlist_reason' => $ban_message , 'banlist_notes' => $ban_notes));
-		return TRUE;
+		return TRUE;  */
 	}

 	/**
 	 * Get the current user's IP address
 	 * returns the address in internal 'normalised' IPV6 format - so most code should continue to work provided the DB Field is big enougn
-	 * FIXME - move to eHelper
+	 * FIXME - call ipHandler directly
 	 * @return string
 	 */
 	public function getip()
 	{
+		return e107::getIPHandler()->getIP(FALSE);
+		/*
 		if(!$this->_ip_cache)
 		{
 			$ip=$_SERVER['REMOTE_ADDR'];
@@ -2750,16 +2769,18 @@ class e107
 			$this->_ip_cache = $this->ipEncode($ip); // Normalise for storage
 		}
 		return $this->_ip_cache;
+		*/
 	}

 	/**
 	 * Encode an IP address to internal representation. Returns string if successful; FALSE on error
 	 * Default separates fields with ':'; set $div='' to produce a 32-char packed hex string
-	 * FIXME - move to eHelper
+	 * FIXME - moved to ipHandler - check for calls elsewhere
 	 * @param string $ip
 	 * @param string $div divider
 	 * @return string encoded IP
 	 */
+	 /*
 	public function ipEncode($ip, $div = ':')
 	{
 		$ret = '';
@@ -2802,20 +2823,23 @@ class e107
 			return str_repeat('0000'.$div, 5).'ffff'.$div.$temp;
 		}
 		return FALSE; // Unknown
-	}
+	} */

 	/**
 	 * Takes an encoded IP address - returns a displayable one
 	 * Set $IP4Legacy TRUE to display 'old' (IPv4) addresses in the familiar dotted format,
 	 * FALSE to display in standard IPV6 format
 	 * Should handle most things that can be thrown at it.
-	 * FIXME - move to eHelper
+	 * FIXME - moved to ipHandler - check for calls elsewhere
 	 * @param string $ip encoded IP
 	 * @param boolean $IP4Legacy
 	 * @return string decoded IP
 	 */
-	public function ipDecode($ip, $IP4Legacy = TRUE)
+
+	public function ipdecode($ip, $IP4Legacy = TRUE)
 	{
+		return e107::getIPHandler()->ipDecode($ip, $IP4Legacy);
+		/*
 		if (strstr($ip,'.'))
 		{
 			if ($IP4Legacy) return $ip;			// Assume its unencoded IPV4
@@ -2872,17 +2896,21 @@ class e107
 			$ret = implode('.',$z);
 		}

-		return $ret;
+		return $ret; */
 	}

 	/**
 	 * Given a string which may be IP address, email address etc, tries to work out what it is
-	 * FIXME - move to eHelper
+	 * Movet to eIPHandler class
+	 * FIXME - moved to ipHandler - check for calls elsewhere
 	 * @param string $string
 	 * @return string ip|email|url|ftp|unknown
 	 */
+	 /*
 	public function whatIsThis($string)
 	{
+		//return e107::getIPHandler()->whatIsThis($string);
+		
 		if (strstr($string,'@')) return 'email';		// Email address
 		if (strstr($string,'http://')) return 'url';
 		if (strstr($string,'ftp://')) return 'ftp';
@@ -2892,14 +2920,16 @@ class e107
 			return 'ip';
 		}
 		return 'unknown';
-	}
+	} */

 	/**
 	 * Retrieve & cache host name
 	 *
 	 * @param string $ip_address
 	 * @return string host name
+	 * FIXME - moved to ipHandler - check for calls elsewhere
 	 */
+	 /*
 	public function get_host_name($ip_address)
 	{
 		if(!$this->_host_name_cache[$ip_address])
@@ -2907,7 +2937,7 @@ class e107
 			$this->_host_name_cache[$ip_address] = gethostbyaddr($ip_address);
 		}
 		return $this->_host_name_cache[$ip_address];
-	}
+	} */

 	/**
 	 * MOVED TO eHelper::parseMemorySize()
@@ -3181,6 +3211,10 @@ class e107
 				$ret = e107::getOnline();
 			break;

+			case 'eIPHandler':
+				$ret = e107::getIPHandler();
+				break;
+				
 			case 'user_class':
 				$ret = e107::getUserClass();
 			break;
--- a/e107_handlers/iphandler_class.php
+++ b/e107_handlers/iphandler_class.php
--- a/e107_handlers/login.php
+++ b/e107_handlers/login.php
@@ -54,7 +54,7 @@ class userlogin
 	public function __construct()
 	{
 		$this->e107 = e107::getInstance();
-		$this->userIP = $this->e107->getip();
+		$this->userIP = e107::getIPHandler()->getIP();
 		$this->userMethods = e107::getUserSession();
 	}

@@ -92,7 +92,8 @@ class userlogin
 		}

 //	    $this->e107->admin_log->e_log_event(4,__FILE__."|".__FUNCTION__."@".__LINE__,"DBG","User login",'IP: '.$fip,FALSE,LOG_TO_ROLLING);
-		$this->e107->check_ban("banlist_ip='{$this->userIP}' ",FALSE);			// This will exit if a ban is in force
+//		$this->e107->check_ban("banlist_ip='{$this->userIP}' ",FALSE);			// This will exit if a ban is in force
+		e107::getIPHandler()->checkBan("banlist_ip='{$this->userIP}' ",FALSE);			// This will exit if a ban is in force

 		$forceLogin = ($autologin == 'signup');
 		$autologin = intval($autologin);		// Will decode to zero if forced login
@@ -227,7 +228,7 @@ class userlogin
 		/* restrict more than one person logging in using same us/pw */
 		if($pref['disallowMultiLogin'])
 		{
-			if($this->e107->sql -> db_Select("online", "online_ip", "online_user_id='".$user_id.".".$user_name."'"))
+			if($this->e107->sql->db_Select("online", "online_ip", "online_user_id='".$user_id.".".$user_name."'"))
 			{
 				return $this->invalidLogin($username,LOGIN_MULTIPLE,$user_id);
 			}
@@ -342,7 +343,7 @@ class userlogin
 		}

 		// User is in DB here
-		$this->userData = $this->e107->sql -> db_Fetch(MYSQL_ASSOC);		// Get user info
+		$this->userData = $this->e107->sql->db_Fetch(MYSQL_ASSOC);		// Get user info
 		$this->userData['user_perms'] = trim($this->userData['user_perms']);
 		$this->lookEmail = $this->lookEmail && ($username == $this->userData['user_email']);		// Know whether login name or email address used now
 		
@@ -510,11 +511,11 @@ class userlogin
 		{		// See if ban required (formerly the checkibr() function)
 			if($pref['autoban'] == 1 || $pref['autoban'] == 3)
 			{ // Flood + Login or Login Only.
-				$fails = $this->e107->sql -> db_Count("generic", "(*)", "WHERE gen_ip='{$this->userIP}' AND gen_type='failed_login' ");
+				$fails = $this->e107->sql->db_Count("generic", "(*)", "WHERE gen_ip='{$this->userIP}' AND gen_type='failed_login' ");
 				if($fails > 10)
 				{
 					$this->e107->add_ban(4,LAN_LOGIN_18,$this->userIP,1);
-					$this->e107->sql -> db_Insert("generic", "0, 'auto_banned', '".time()."', 0, '{$this->userIP}', '{$extra_text}', '".LAN_LOGIN_20.": ".$this->e107->tp -> toDB($username).", ".LAN_LOGIN_17.": ".md5($ouserpass)."' ");
+					$this->e107->sql->db_Insert("generic", "0, 'auto_banned', '".time()."', 0, '{$this->userIP}', '{$extra_text}', '".LAN_LOGIN_20.": ".$this->e107->tp -> toDB($username).", ".LAN_LOGIN_17.": ".md5($ouserpass)."' ");
 				}
 			}
 		}
--- a/e107_languages/English/admin/lan_banlist.php
+++ b/e107_languages/English/admin/lan_banlist.php
@@ -10,17 +10,17 @@
 +----------------------------------------------------------------------------+
 */
 // define("BANLAN_1", "Ban removed.");
-define("BANLAN_2", 'No bans in list.');
-define("BANLAN_3", "Existing Bans");
+define('BANLAN_2', 'No bans in list.');
+define('BANLAN_3', 'Existing Bans');
 // define("BANLAN_4", "Remove ban");
-define("BANLAN_5", "Enter IP, email address, or host");
-define("BANLAN_7", "Reason");
-define("BANLAN_8", "Ban Address");
-define("BANLAN_9", "Ban users from site by email, IP or host address");
-define("BANLAN_10", "IP / Email / Reason");
-define("BANLAN_11", "Auto-ban: More than 10 failed login attempts");
-define("BANLAN_12", "Note: Reverse DNS is currently disabled; it must be enabled to allow banning by host.  Banning by IP and email address will still function normally.");
-define("BANLAN_13", "Note: To ban a user by user name, go to the users admin page: ");
+define('BANLAN_5', 'Enter IP, email address, or host');
+define('BANLAN_7', 'Reason');
+define('BANLAN_8', 'Ban Address');
+define('BANLAN_9', 'Ban users from site by email, IP or host address');
+define('BANLAN_10', 'IP / Email / Reason');
+define('BANLAN_11', 'Auto-ban: More than 10 failed login attempts');
+define('BANLAN_12', 'Note: Reverse DNS is currently disabled; it must be enabled to allow banning by host.  Banning by IP and email address will still function normally.');
+define('BANLAN_13', 'Note: To ban a user by user name, go to the users admin page: ');
 define('BANLAN_14','Ban List');
 define('BANLAN_15','Messages/Ban Periods');
 define('BANLAN_16','Banning');
@@ -36,7 +36,7 @@ define('BANLAN_25','Add to Banlist');
 define('BANLAN_26','Currently ');
 define('BANLAN_27','Invalid characters in IP address stripped - now:');
 define('BANLAN_28','Ban type');
-define('BANLAN_29','Message to show');
+define('BANLAN_29','Message to show to banned user');
 define('BANLAN_30','Ban duration');
 define('BANLAN_31','(Use an empty message if you wish the user to get a blank screen)');
 define('BANLAN_32','Indefinite');
@@ -55,7 +55,7 @@ define('BANLAN_44','Use expiry date/time from import');
 define('BANLAN_45','Import');
 define('BANLAN_46','Import File:');
 define('BANLAN_47','File upload error');
-//define('BANLAN_48','Error importing file');
+define('BANLAN_48','Deleted --NUM-- expired ban list entries');
 define('BANLAN_49','CSV import: Unbalanced quotes in line ');
 define('BANLAN_50','CSV import: Error writing banlist record at line ');
 define('BANLAN_51','CSV import: Success, --NUM-- lines imported from file ');
@@ -88,6 +88,19 @@ define('BANLAN_77','Messages/Ban Periods');
 // define('BANLAN_78','Hit count exceeded (--HITS-- requests within allotted time)');
 define('BANLAN_79','CSV Export format:');
 define('BANLAN_80','CSV Import format:');
+define('BANLAN_81','Ban Action Log');
+define('BANLAN_82', 'No entries in Ban Action Log');
+define('BANLAN_83', 'Date/Time');
+define('BANLAN_84', 'IP Address');
+define('BANLAN_85', 'Additional information');
+define('BANLAN_86', 'Ban-related events');
+define('BANLAN_87', 'Total --NUM-- entries in list');
+define('BANLAN_88', 'Empty Ban Action Log');
+define('BANLAN_89', 'Log File Deleted');
+define('BANLAN_90', 'Error deleting log file');
+define('BANLAN_91', 'Date/time format for ban log');
+define('BANLAN_92', 'See the strftime function page at php.net');
+define('BANLAN_93', '');

 // Ban types - block reserved 100-109
 define('BANLAN_100', 'Unknown');
@@ -113,6 +126,6 @@ define('BANLAN_117', 'Spare reason');
 define('BANLAN_118', 'Spare reason');
 define('BANLAN_119', 'Indicates an import error - previously imported bans');

-define('BANLAN_120', 'Unknown');
+define('BANLAN_120', 'Whitelist entry');

 ?>
--- a/e107_languages/English/admin/lan_log_messages.php
+++ b/e107_languages/English/admin/lan_log_messages.php
@@ -88,6 +88,7 @@ define('LAN_AL_BANLIST_08','Banlist options updated');
 define('LAN_AL_BANLIST_09','Banlist entry edited');
 define('LAN_AL_BANLIST_10','Whitelist entry edited');
 define('LAN_AL_BANLIST_11','Whitelist hit for ban entry');
+define('LAN_AL_BANLIST_12','Expired bans cleared');


 // Comment-related events
--- a/e107_languages/English/lan_userclass.php
+++ b/e107_languages/English/lan_userclass.php
@@ -9,19 +9,19 @@
 |     $Author$
 +----------------------------------------------------------------------------+
 */
-define("UC_LAN_0", "Everyone (public)");
-define("UC_LAN_1", "Guests");
-define("UC_LAN_2", "No One (inactive)");
-define("UC_LAN_3", "Members");
-define("UC_LAN_4", "Read Only");
-define("UC_LAN_5", "Admin");
-define("UC_LAN_6", "Main Admin");
+define('UC_LAN_0', 'Everyone (public)');
+define('UC_LAN_1', 'Guests');
+define('UC_LAN_2', 'No One (inactive)');
+define('UC_LAN_3', 'Members');
+define('UC_LAN_4', 'Read Only');
+define('UC_LAN_5', 'Admin');
+define('UC_LAN_6', 'Main Admin');
 define('UC_LAN_7', 'Forum Moderators');
 define('UC_LAN_8','Admins and Mods');
 define('UC_LAN_9','New Users');
 define('UC_LAN_10', 'Search Bots');
-define('UC_LAN_INVERT', "Not --CLASS--");
-define('UC_LAN_INVERTLABEL', "Everyone but..");
+define('UC_LAN_INVERT', 'Not --CLASS--');
+define('UC_LAN_INVERTLABEL', 'Everyone but..');


 ?>