Ban handling improvements - most checking done before DB opened (much faster if user is banned).

Fix some bugs in ban admin pages.
Separate handler for IP- and ban-related functions (moves them out of e107_class)

class2.php

@@ -223,6 +223,9 @@ $e107_paths = compact('ADMIN_DIRECTORY', 'FILES_DIRECTORY', 'IMAGES_DIRECTORY',
 $sql_info = compact('mySQLserver', 'mySQLuser', 'mySQLpassword', 'mySQLdefaultdb', 'mySQLprefix');
 $e107 = e107::getInstance()->initCore($e107_paths, realpath(dirname(__FILE__)), $sql_info, varset($E107_CONFIG, array()));
 
+e107::getSingleton('eIPHandler');			// This auto-handles bans etc
+
+
 ### NEW Register Autoload - do it asap
 if(!function_exists('spl_autoload_register'))
 {
@@ -777,8 +780,8 @@ if (!class_exists('e107table', false))
 $ns = e107::getRender(); //TODO - find & replace $ns, $e107->ns
 
 // EONE-134 - bad e_module could destroy e107 instance
-$e107 = e107::getInstance();
-$e107->ban();
+$e107 = e107::getInstance();		// Is this needed now?
+e107::getIPHandler()->ban();
 
 if(varset($pref['force_userupdate']) && USER && !isset($_E107['no_forceuserupdate']))
 {

e107_admin/sql/core_sql.php

@@ -73,7 +73,7 @@ CREATE TABLE audit_log (
 
 CREATE TABLE banlist (
   banlist_ip varchar(100) NOT NULL default '',
-  banlist_bantype tinyint(3) unsigned NOT NULL default '0',
+  banlist_bantype tinyint(3) signed NOT NULL default '0',
   banlist_datestamp int(10) unsigned NOT NULL default '0',
   banlist_banexpires int(10) unsigned NOT NULL default '0',
   banlist_admin smallint(5) unsigned NOT NULL default '0',

e107_core/xml/default_install.xml

@@ -17,6 +17,7 @@
 		<core name="auth_method"></core>
 		<core name="autoban">1</core>
 		<core name="autologinpostsignup">1</core>
+		<core name="ban_date_format">%H:%M %d-%m-%y</core>
 		<core name="ban_max_online_access">100,200</core>
 		<core name="ban_retrigger">0</core>
 		<core name="cachestatus"></core>

e107_handlers/e107_class.php

@@ -200,6 +200,7 @@ class e107
 		'user_class'					 => '{e_HANDLER}userclass_class.php',
 		'userlogin'					 	 => '{e_HANDLER}login.php',
 		'xmlClass'						 => '{e_HANDLER}xml_class.php',
+		'eIPHandler'					 => '{e_HANDLER}iphandler_class.php',
 		
 	);
 
@@ -224,7 +225,7 @@ class e107
 	 * Constructor
 	 *
 	 * Use {@link getInstance()}, direct instantiating
-	 * is not possible for signleton objects
+	 * is not possible for singleton objects
 	 *
 	 * @return void
 	 */
@@ -668,7 +669,6 @@ class e107
 		//singleton object found - overload not possible
 		if(self::getRegistry($id))
 		{
-
 			return self::getRegistry($id);
 		}
 
@@ -914,7 +914,7 @@ class e107
 	 */
 	public static function getParser()
 	{
-		return self::getSingleton('e_parse', e_HANDLER.'e_parse_class.php'); //WARNING - don't change this - inifinite loop!!!
+		return self::getSingleton('e_parse', e_HANDLER.'e_parse_class.php'); //WARNING - don't change this - infinite loop!!!
 	}
 
 	/**
@@ -1155,6 +1155,16 @@ class e107
 		return self::getSingleton('language', true);
 	}
 
+	/**
+	 * Retrieve IP/ban handler singleton object
+	 *
+	 * @return language
+	 */
+	public static function getIPHandler()
+	{
+		return self::getSingleton('eIPHandler', true);
+	}
+
 	/**
 	 * Retrieve Xml handler singleton or new instance object
 	 * @param mixed $singleton false - new instance, true - singleton from default registry location, 'string' - registry path
@@ -2558,6 +2568,7 @@ class e107
 	 * FIXME - create eBanHelper, move it there
 	 * @return void
 	 */
+	 /* No longer required - moved to eIPHelper class
 	public function ban()
 	{
 		$sql = e107::getDb();
@@ -2603,7 +2614,7 @@ class e107
 				$this->check_ban($match);
 			}
 		}
-	}
+	} */
 
 	/**
 	 * Check the banlist table. $query is used to determine the match.
@@ -2618,6 +2629,7 @@ class e107
 	 * @param boolean $do_return
 	 * @return boolean
 	 */
+	 /* No longer required - moved to eIPHelper class
 	public function check_ban($query, $show_error = TRUE, $do_return = FALSE)
 	{
 		$sql = e107::getDb();
@@ -2665,7 +2677,7 @@ class e107
 		}
 		//$admin_log->e_log_event(4,__FILE__."|".__FUNCTION__."@".__LINE__,"DBG","No ban found",$query,FALSE,LOG_TO_ROLLING);
 		return TRUE; // Email address OK
-	}
+	} */
 
 
 	/**
@@ -2684,6 +2696,9 @@ class e107
 	 */
 	public function add_ban($bantype, $ban_message = '', $ban_ip = '', $ban_user = 0, $ban_notes = '')
 	{
+		return e107::getIPHandler()->add_ban($bantype, $ban_message, $ban_ip, $ban_user, $ban_notes);
+		
+		/*
 		global $sql, $pref, $e107, $admin_log;
 		$sql = e107::getDb();
 		$pref = e107::getPref();
@@ -2697,7 +2712,9 @@ class e107
 		{
 			$ban_ip = $this->getip();
 		}
-		$ban_ip = preg_replace('/[^\w@\.]*/', '', urldecode($ban_ip)); // Make sure no special characters
+		*/
+		//$ban_ip = preg_replace('/[^\w@\.]*/', '', urldecode($ban_ip)); // Make sure no special characters
+		/*
 		if(!$ban_ip)
 		{
 			return FALSE;
@@ -2714,17 +2731,19 @@ class e107
 		}
 		// Add using an array - handles DB changes better
 		$sql->db_Insert('banlist', array('banlist_ip' => $ban_ip , 'banlist_bantype' => $bantype , 'banlist_datestamp' => time() , 'banlist_banexpires' => (varsettrue($pref['ban_durations'][$bantype]) ? time()+($pref['ban_durations'][$bantype]*60*60) : 0) , 'banlist_admin' => $ban_user , 'banlist_reason' => $ban_message , 'banlist_notes' => $ban_notes));
-		return TRUE;
+		return TRUE;  */
 	}
 
 	/**
 	 * Get the current user's IP address
 	 * returns the address in internal 'normalised' IPV6 format - so most code should continue to work provided the DB Field is big enougn
-	 * FIXME - move to eHelper
+	 * FIXME - call ipHandler directly
 	 * @return string
 	 */
 	public function getip()
 	{
+		return e107::getIPHandler()->getIP(FALSE);
+		/*
 		if(!$this->_ip_cache)
 		{
 			$ip=$_SERVER['REMOTE_ADDR'];
@@ -2750,16 +2769,18 @@ class e107
 			$this->_ip_cache = $this->ipEncode($ip); // Normalise for storage
 		}
 		return $this->_ip_cache;
+		*/
 	}
 
 	/**
 	 * Encode an IP address to internal representation. Returns string if successful; FALSE on error
 	 * Default separates fields with ':'; set $div='' to produce a 32-char packed hex string
-	 * FIXME - move to eHelper
+	 * FIXME - moved to ipHandler - check for calls elsewhere
 	 * @param string $ip
 	 * @param string $div divider
 	 * @return string encoded IP
 	 */
+	 /*
 	public function ipEncode($ip, $div = ':')
 	{
 		$ret = '';
@@ -2802,20 +2823,23 @@ class e107
 			return str_repeat('0000'.$div, 5).'ffff'.$div.$temp;
 		}
 		return FALSE; // Unknown
-	}
+	} */
 
 	/**
 	 * Takes an encoded IP address - returns a displayable one
 	 * Set $IP4Legacy TRUE to display 'old' (IPv4) addresses in the familiar dotted format,
 	 * FALSE to display in standard IPV6 format
 	 * Should handle most things that can be thrown at it.
-	 * FIXME - move to eHelper
+	 * FIXME - moved to ipHandler - check for calls elsewhere
 	 * @param string $ip encoded IP
 	 * @param boolean $IP4Legacy
 	 * @return string decoded IP
 	 */
-	public function ipDecode($ip, $IP4Legacy = TRUE)
+
+	public function ipdecode($ip, $IP4Legacy = TRUE)
 	{
+		return e107::getIPHandler()->ipDecode($ip, $IP4Legacy);
+		/*
 		if (strstr($ip,'.'))
 		{
 			if ($IP4Legacy) return $ip;			// Assume its unencoded IPV4
@@ -2872,17 +2896,21 @@ class e107
 			$ret = implode('.',$z);
 		}
 
-		return $ret;
+		return $ret; */
 	}
 
 	/**
 	 * Given a string which may be IP address, email address etc, tries to work out what it is
-	 * FIXME - move to eHelper
+	 * Movet to eIPHandler class
+	 * FIXME - moved to ipHandler - check for calls elsewhere
 	 * @param string $string
 	 * @return string ip|email|url|ftp|unknown
 	 */
+	 /*
 	public function whatIsThis($string)
 	{
+		//return e107::getIPHandler()->whatIsThis($string);
+		
 		if (strstr($string,'@')) return 'email';		// Email address
 		if (strstr($string,'http://')) return 'url';
 		if (strstr($string,'ftp://')) return 'ftp';
@@ -2892,14 +2920,16 @@ class e107
 			return 'ip';
 		}
 		return 'unknown';
-	}
+	} */
 
 	/**
 	 * Retrieve & cache host name
 	 *
 	 * @param string $ip_address
 	 * @return string host name
+	 * FIXME - moved to ipHandler - check for calls elsewhere
 	 */
+	 /*
 	public function get_host_name($ip_address)
 	{
 		if(!$this->_host_name_cache[$ip_address])
@@ -2907,7 +2937,7 @@ class e107
 			$this->_host_name_cache[$ip_address] = gethostbyaddr($ip_address);
 		}
 		return $this->_host_name_cache[$ip_address];
-	}
+	} */
 
 	/**
 	 * MOVED TO eHelper::parseMemorySize()
@@ -3181,6 +3211,10 @@ class e107
 				$ret = e107::getOnline();
 			break;
 
+			case 'eIPHandler':
+				$ret = e107::getIPHandler();
+				break;
+				
 			case 'user_class':
 				$ret = e107::getUserClass();
 			break;

e107_handlers/login.php

@@ -54,7 +54,7 @@ class userlogin
 	public function __construct()
 	{
 		$this->e107 = e107::getInstance();
-		$this->userIP = $this->e107->getip();
+		$this->userIP = e107::getIPHandler()->getIP();
 		$this->userMethods = e107::getUserSession();
 	}
 
@@ -92,7 +92,8 @@ class userlogin
 		}
 
 //	    $this->e107->admin_log->e_log_event(4,__FILE__."|".__FUNCTION__."@".__LINE__,"DBG","User login",'IP: '.$fip,FALSE,LOG_TO_ROLLING);
-		$this->e107->check_ban("banlist_ip='{$this->userIP}' ",FALSE);			// This will exit if a ban is in force
+//		$this->e107->check_ban("banlist_ip='{$this->userIP}' ",FALSE);			// This will exit if a ban is in force
+		e107::getIPHandler()->checkBan("banlist_ip='{$this->userIP}' ",FALSE);			// This will exit if a ban is in force
 
 		$forceLogin = ($autologin == 'signup');
 		$autologin = intval($autologin);		// Will decode to zero if forced login
@@ -227,7 +228,7 @@ class userlogin
 		/* restrict more than one person logging in using same us/pw */
 		if($pref['disallowMultiLogin'])
 		{
-			if($this->e107->sql -> db_Select("online", "online_ip", "online_user_id='".$user_id.".".$user_name."'"))
+			if($this->e107->sql->db_Select("online", "online_ip", "online_user_id='".$user_id.".".$user_name."'"))
 			{
 				return $this->invalidLogin($username,LOGIN_MULTIPLE,$user_id);
 			}
@@ -342,7 +343,7 @@ class userlogin
 		}
 
 		// User is in DB here
-		$this->userData = $this->e107->sql -> db_Fetch(MYSQL_ASSOC);		// Get user info
+		$this->userData = $this->e107->sql->db_Fetch(MYSQL_ASSOC);		// Get user info
 		$this->userData['user_perms'] = trim($this->userData['user_perms']);
 		$this->lookEmail = $this->lookEmail && ($username == $this->userData['user_email']);		// Know whether login name or email address used now
 		
@@ -510,11 +511,11 @@ class userlogin
 		{		// See if ban required (formerly the checkibr() function)
 			if($pref['autoban'] == 1 || $pref['autoban'] == 3)
 			{ // Flood + Login or Login Only.
-				$fails = $this->e107->sql -> db_Count("generic", "(*)", "WHERE gen_ip='{$this->userIP}' AND gen_type='failed_login' ");
+				$fails = $this->e107->sql->db_Count("generic", "(*)", "WHERE gen_ip='{$this->userIP}' AND gen_type='failed_login' ");
 				if($fails > 10)
 				{
 					$this->e107->add_ban(4,LAN_LOGIN_18,$this->userIP,1);
-					$this->e107->sql -> db_Insert("generic", "0, 'auto_banned', '".time()."', 0, '{$this->userIP}', '{$extra_text}', '".LAN_LOGIN_20.": ".$this->e107->tp -> toDB($username).", ".LAN_LOGIN_17.": ".md5($ouserpass)."' ");
+					$this->e107->sql->db_Insert("generic", "0, 'auto_banned', '".time()."', 0, '{$this->userIP}', '{$extra_text}', '".LAN_LOGIN_20.": ".$this->e107->tp -> toDB($username).", ".LAN_LOGIN_17.": ".md5($ouserpass)."' ");
 				}
 			}
 		}

e107_languages/English/admin/lan_banlist.php

@@ -10,17 +10,17 @@
 +----------------------------------------------------------------------------+
 */
 // define("BANLAN_1", "Ban removed.");
-define("BANLAN_2", 'No bans in list.');
-define("BANLAN_3", "Existing Bans");
+define('BANLAN_2', 'No bans in list.');
+define('BANLAN_3', 'Existing Bans');
 // define("BANLAN_4", "Remove ban");
-define("BANLAN_5", "Enter IP, email address, or host");
-define("BANLAN_7", "Reason");
-define("BANLAN_8", "Ban Address");
-define("BANLAN_9", "Ban users from site by email, IP or host address");
-define("BANLAN_10", "IP / Email / Reason");
-define("BANLAN_11", "Auto-ban: More than 10 failed login attempts");
-define("BANLAN_12", "Note: Reverse DNS is currently disabled; it must be enabled to allow banning by host.  Banning by IP and email address will still function normally.");
-define("BANLAN_13", "Note: To ban a user by user name, go to the users admin page: ");
+define('BANLAN_5', 'Enter IP, email address, or host');
+define('BANLAN_7', 'Reason');
+define('BANLAN_8', 'Ban Address');
+define('BANLAN_9', 'Ban users from site by email, IP or host address');
+define('BANLAN_10', 'IP / Email / Reason');
+define('BANLAN_11', 'Auto-ban: More than 10 failed login attempts');
+define('BANLAN_12', 'Note: Reverse DNS is currently disabled; it must be enabled to allow banning by host.  Banning by IP and email address will still function normally.');
+define('BANLAN_13', 'Note: To ban a user by user name, go to the users admin page: ');
 define('BANLAN_14','Ban List');
 define('BANLAN_15','Messages/Ban Periods');
 define('BANLAN_16','Banning');
@@ -36,7 +36,7 @@ define('BANLAN_25','Add to Banlist');
 define('BANLAN_26','Currently ');
 define('BANLAN_27','Invalid characters in IP address stripped - now:');
 define('BANLAN_28','Ban type');
-define('BANLAN_29','Message to show');
+define('BANLAN_29','Message to show to banned user');
 define('BANLAN_30','Ban duration');
 define('BANLAN_31','(Use an empty message if you wish the user to get a blank screen)');
 define('BANLAN_32','Indefinite');
@@ -55,7 +55,7 @@ define('BANLAN_44','Use expiry date/time from import');
 define('BANLAN_45','Import');
 define('BANLAN_46','Import File:');
 define('BANLAN_47','File upload error');
-//define('BANLAN_48','Error importing file');
+define('BANLAN_48','Deleted --NUM-- expired ban list entries');
 define('BANLAN_49','CSV import: Unbalanced quotes in line ');
 define('BANLAN_50','CSV import: Error writing banlist record at line ');
 define('BANLAN_51','CSV import: Success, --NUM-- lines imported from file ');
@@ -88,6 +88,19 @@ define('BANLAN_77','Messages/Ban Periods');
 // define('BANLAN_78','Hit count exceeded (--HITS-- requests within allotted time)');
 define('BANLAN_79','CSV Export format:');
 define('BANLAN_80','CSV Import format:');
+define('BANLAN_81','Ban Action Log');
+define('BANLAN_82', 'No entries in Ban Action Log');
+define('BANLAN_83', 'Date/Time');
+define('BANLAN_84', 'IP Address');
+define('BANLAN_85', 'Additional information');
+define('BANLAN_86', 'Ban-related events');
+define('BANLAN_87', 'Total --NUM-- entries in list');
+define('BANLAN_88', 'Empty Ban Action Log');
+define('BANLAN_89', 'Log File Deleted');
+define('BANLAN_90', 'Error deleting log file');
+define('BANLAN_91', 'Date/time format for ban log');
+define('BANLAN_92', 'See the strftime function page at php.net');
+define('BANLAN_93', '');
 
 // Ban types - block reserved 100-109
 define('BANLAN_100', 'Unknown');
@@ -113,6 +126,6 @@ define('BANLAN_117', 'Spare reason');
 define('BANLAN_118', 'Spare reason');
 define('BANLAN_119', 'Indicates an import error - previously imported bans');
 
-define('BANLAN_120', 'Unknown');
+define('BANLAN_120', 'Whitelist entry');
 
 ?>

e107_languages/English/admin/lan_log_messages.php

@@ -88,6 +88,7 @@ define('LAN_AL_BANLIST_08','Banlist options updated');
 define('LAN_AL_BANLIST_09','Banlist entry edited');
 define('LAN_AL_BANLIST_10','Whitelist entry edited');
 define('LAN_AL_BANLIST_11','Whitelist hit for ban entry');
+define('LAN_AL_BANLIST_12','Expired bans cleared');
 
 
 // Comment-related events

e107_languages/English/lan_userclass.php

@@ -9,19 +9,19 @@
 |     $Author$
 +----------------------------------------------------------------------------+
 */
-define("UC_LAN_0", "Everyone (public)");
-define("UC_LAN_1", "Guests");
-define("UC_LAN_2", "No One (inactive)");
-define("UC_LAN_3", "Members");
-define("UC_LAN_4", "Read Only");
-define("UC_LAN_5", "Admin");
-define("UC_LAN_6", "Main Admin");
+define('UC_LAN_0', 'Everyone (public)');
+define('UC_LAN_1', 'Guests');
+define('UC_LAN_2', 'No One (inactive)');
+define('UC_LAN_3', 'Members');
+define('UC_LAN_4', 'Read Only');
+define('UC_LAN_5', 'Admin');
+define('UC_LAN_6', 'Main Admin');
 define('UC_LAN_7', 'Forum Moderators');
 define('UC_LAN_8','Admins and Mods');
 define('UC_LAN_9','New Users');
 define('UC_LAN_10', 'Search Bots');
-define('UC_LAN_INVERT', "Not --CLASS--");
-define('UC_LAN_INVERTLABEL', "Everyone but..");
+define('UC_LAN_INVERT', 'Not --CLASS--');
+define('UC_LAN_INVERTLABEL', 'Everyone but..');
 
 
 ?>