From 9ee645583e17b2f068dc19ed8fd6d83d2d7eaf45 Mon Sep 17 00:00:00 2001
From: e107steved <steved@e107.org>
Date: Sun, 13 Jan 2008 10:51:42 +0000
Subject: [PATCH] More mods to banlist area - feature complete (for now)

---
 e107_admin/banlist.php                       | 115 ++++++-
 e107_admin/prefs.php                         |  12 +-
 e107_handlers/e107_class.php                 |  74 +++--
 e107_handlers/online_class.php               | 314 +++++++++----------
 e107_languages/English/admin/lan_banlist.php |  24 +-
 e107_languages/English/admin/lan_prefs.php   |   8 +-
 6 files changed, 338 insertions(+), 209 deletions(-)

diff --git a/e107_admin/banlist.php b/e107_admin/banlist.php
index 9e7f4ab11..94fa02a5a 100644
--- a/e107_admin/banlist.php
+++ b/e107_admin/banlist.php
@@ -11,8 +11,8 @@
 |     GNU General Public License (http://gnu.org).
 |
 |     $Source: /cvs_backup/e107_0.8/e107_admin/banlist.php,v $
-|     $Revision: 1.7 $
-|     $Date: 2007-12-26 13:21:34 $
+|     $Revision: 1.8 $
+|     $Date: 2008-01-13 10:51:34 $
 |     $Author: e107steved $
 +----------------------------------------------------------------------------+
 */
@@ -235,11 +235,114 @@ function select_box($name, $data, $curval = FALSE)
 
 $text = "";
 
+// Drop-down box for access counts
+function drop_box($box_name,$curval)
+{
+  $opts = array(50,100,150,200,250,300,400,500);
+  $ret = "<select class='tbox' name={$box_name}>\n";
+  foreach ($opts as $o)
+  {
+    $sel = ($curval == $o) ? " selected='selected'" : '';
+	$ret .= "<option value='{$o}'{$sel}>{$o}</option>\n";
+  }
+  $ret .= "</select>\n";
+  return $ret;
+}
+
 
 switch ($action)
 {
-
   case 'options' :
+	if(!getperms("0")) exit;
+	if (isset($_POST['update_ban_options']))
+	{
+	  $pref['enable_rdns'] = intval($_POST['ban_rdns_on_access']);
+	  $pref['enable_rdns_on_ban'] = intval($_POST['ban_rdns_on_ban']);
+	  $pref['ban_max_online_access'] = intval($_POST['ban_access_guest']).','.intval($_POST['ban_access_member']);
+	  $pref['ban_retrigger'] = intval($_POST['ban_retrigger']);
+	  save_prefs();
+	}
+
+	if (isset($_POST['remove_expired_bans']))
+	{
+	  $sql->db_Delete('banlist',"`banlist_bantype` < ".BAN_TYPE_WHITELIST." AND `banlist_banexpires` > 0 AND `banlist_banexpires` < ".time());
+	}
+
+	list($ban_access_guest,$ban_access_member) = explode(',',varset($pref['ban_max_online_access'],'100,200'));
+	$ban_access_member = max($ban_access_guest,$ban_access_member);
+	$text = "<div style='text-align:center'>
+		<form method='post' action='".e_SELF."?options'>
+		<table style='".ADMIN_WIDTH."' class='fborder'>
+		<colgroup>
+		<col style='width:40%' />
+		<col style='width:20%' />
+		<col style='width:40%' />
+		</colgroup>
+
+		<tr>
+		  <td class='forumheader3'>".BANLAN_63."</td>
+		  <td class='forumheader3'>
+		  <input type='checkbox' name='ban_rdns_on_access' value='1'".($pref['enable_rdns'] == 1 ? " checked='checked'" : '')." />
+		  </td>
+		  <td class='forumheader3'><span style='smalltext'>".BANLAN_65."</span></td>
+		</tr>
+
+		<tr>
+		  <td class='forumheader3'>".BANLAN_64."</td>
+		  <td class='forumheader3'>
+		  <input type='checkbox' name='ban_rdns_on_ban' value='1'".($pref['enable_rdns_on_ban'] == 1 ? " checked='checked'" : '')." />
+		  </td>
+		  <td class='forumheader3'><span style='smalltext'>".BANLAN_66."</span></td>
+		</tr>
+
+		<tr>
+		  <td class='forumheader3'>".BANLAN_67."</td>
+		  <td class='forumheader3'>".drop_box('ban_access_guest',$ban_access_guest).BANLAN_70.'<br />'.
+		  drop_box('ban_access_member',$ban_access_member).BANLAN_69."
+		  </td>
+		  <td class='forumheader3'>".BANLAN_68."</td>
+		</tr>
+
+		<tr>
+		  <td class='forumheader3'>".BANLAN_71."</td>
+		  <td class='forumheader3'>
+		  <input type='checkbox' name='ban_retrigger' value='1'".($pref['ban_retrigger'] == 1 ? " checked='checked'" : '')." />
+		  </td>
+		  <td class='forumheader3'><span style='smalltext'>".BANLAN_73."</span></td>
+		</tr>
+
+		";
+
+	$text .= "<tr><td class='forumheader3' colspan='3' style='text-align:center'>
+				<input class='button' type='submit' name='update_ban_options' value='".LAN_UPDATE."' /></td>
+			  </tr>
+			</table>\n
+	</form>
+	</div><br />";
+	$ns->tablerender(BANLAN_72, $text);
+
+
+	$text = "<div style='text-align:center'>
+		<form method='post' action='".e_SELF."?options'>
+		<table style='".ADMIN_WIDTH."' class='fborder'>
+		<colgroup>
+		<col style='width:75%' />
+		<col style='width:25%' />
+		</colgroup>
+
+		<tr>
+		  <td class='forumheader3'>".BANLAN_75."</td>
+		  <td class='forumheader3'>
+			<input class='button' type='submit' name='remove_expired_bans' value='".BANLAN_76."' /></td>
+		</tr>
+	</table>\n
+	</form>
+	</div><br />";
+	$ns->tablerender(BANLAN_74, $text);
+	break;
+
+  case 'times' :
+	if(!getperms("0")) exit;
 	  if ((!isset($pref['ban_messages'])) || !is_array($pref['ban_messages']))
 	  {
 	    $pref['ban_messages'] = array_fill(0,BAN_REASON_COUNT-1,'');
@@ -541,7 +644,11 @@ function banlist_adminmenu()
 
 	if(getperms("0"))
 	{
-	  $var['options']['text'] = BANLAN_15;
+	  $var['times']['text'] = BANLAN_15;
+	  $var['times']['link'] = e_SELF."?times";
+   	  $var['times']['perm'] = "0";
+
+	  $var['options']['text'] = BANLAN_62;
 	  $var['options']['link'] = e_SELF."?options";
    	  $var['options']['perm'] = "0";
     }
diff --git a/e107_admin/prefs.php b/e107_admin/prefs.php
index 4a8a4d084..e1d0d570a 100644
--- a/e107_admin/prefs.php
+++ b/e107_admin/prefs.php
@@ -11,8 +11,8 @@
 |     GNU General Public License (http://gnu.org).
 |
 |     $Source: /cvs_backup/e107_0.8/e107_admin/prefs.php,v $
-|     $Revision: 1.9 $
-|     $Date: 2008-01-06 21:16:16 $
+|     $Revision: 1.10 $
+|     $Date: 2008-01-13 10:51:34 $
 |     $Author: e107steved $
 +----------------------------------------------------------------------------+
 */
@@ -878,14 +878,6 @@ $text .= "<div id='security' style='display:none; text-align:center'>
 	$text .="</select></td>
 	</tr>
 
-	<tr>
-	<td style='width:50%' class='forumheader3'>".PRFLAN_170."<br /><span class='smalltext'>".PRFLAN_171."</span></td>
-	<td style='width:50%; text-align:right' class='forumheader3'>
-	<input type='radio' name='enable_rdns' value='1'".(varsettrue($pref['enable_rdns']) ? " checked='checked'" : "")." /> ".PRFLAN_112."&nbsp;&nbsp;
-	<input type='radio' name='enable_rdns' value='0'".(!varsettrue($pref['enable_rdns']) ? " checked='checked'" : "")." /> ".PRFLAN_113."
-	</td>
-	</tr>
-
 	<tr>
 	<td style='width:50%' class='forumheader3'>".PRFLAN_139.":</td>
 	<td style='width:50%; text-align:right' class='forumheader3'>
diff --git a/e107_handlers/e107_class.php b/e107_handlers/e107_class.php
index 02160830a..97afb767f 100644
--- a/e107_handlers/e107_class.php
+++ b/e107_handlers/e107_class.php
@@ -11,8 +11,8 @@
 |     GNU General Public License (http://gnu.org).
 |
 |     $Source: /cvs_backup/e107_0.8/e107_handlers/e107_class.php,v $
-|     $Revision: 1.12 $
-|     $Date: 2007-12-26 13:21:34 $
+|     $Revision: 1.13 $
+|     $Date: 2008-01-13 10:51:34 $
 |     $Author: e107steved $
 +----------------------------------------------------------------------------+
 */
@@ -169,32 +169,30 @@ class e107{
 	 * Check if current user is banned
 	 *
 	 */
-	function ban() {
-		global $sql, $e107, $tp, $pref;
-		$ban_count = $sql->db_Count("banlist");
-		if($ban_count)
+	function ban() 
+	{
+	  global $sql, $e107, $tp, $pref;
+	  $ban_count = $sql->db_Count("banlist");
+	  if($ban_count)
+	  {
+		$ip = $this->getip();
+		$tmp = explode(".",$ip);
+		$wildcard =  $tmp[0].".".$tmp[1].".".$tmp[2].".*";
+		$wildcard2 = $tmp[0].".".$tmp[1].".*.*";
+
+		$bhost = "";
+		if(varsettrue($pref['enable_rdns']))
 		{
-			$ip = $this->getip();
-			$tmp = explode(".",$ip);
-			$wildcard =  $tmp[0].".".$tmp[1].".".$tmp[2].".*";
-			$wildcard2 = $tmp[0].".".$tmp[1].".*.*";
-
-			if(varsettrue($pref['enable_rdns']))
-			{
-				$tmp = $e107->get_host_name(getenv('REMOTE_ADDR'));
-				preg_match("/[\w]+\.[\w]+$/si", $tmp, $match);
-				$bhost = (isset($match[0]) ? " OR banlist_ip='".$tp -> toDB($match[0], true)."'" : "");
-			}
-			else
-			{
-				$bhost = "";
-			}
-
-			if ($ip != '127.0.0.1')
-			{
-			  check_ban("banlist_ip='".$tp -> toDB($_SERVER['REMOTE_ADDR'], true)."' OR banlist_ip='".USEREMAIL."' OR banlist_ip='{$ip}' OR banlist_ip='{$wildcard}' OR banlist_ip='{$wildcard2}' {$bhost}");
-			}
+		  $tmp = $e107->get_host_name(getenv('REMOTE_ADDR'));
+		  preg_match("/[\w]+\.[\w]+$/si", $tmp, $match);
+		  $bhost = (isset($match[0]) ? " OR banlist_ip='".$tp -> toDB($match[0], true)."'" : "");
 		}
+
+		if ($ip != '127.0.0.1')
+		{
+		  check_ban("banlist_ip='".$tp -> toDB($_SERVER['REMOTE_ADDR'], true)."' OR banlist_ip='".USEREMAIL."' OR banlist_ip='{$ip}' OR banlist_ip='{$wildcard}' OR banlist_ip='{$wildcard2}' {$bhost}");
+		}
+	  }
 	}
 
 
@@ -216,15 +214,25 @@ class e107{
 //	    $admin_log->e_log_event(4,__FILE__."|".__FUNCTION__."@".__LINE__,"DBG","Whitelist hit",$query,FALSE,LOG_TO_ROLLING);
 		  return TRUE;
 		}
+		
+		// Found banlist entry in table here
+		if (($row['banlist_banexpires'] > 0) && ($row['banlist_banexpires'] < time()))
+		{	// Ban has expired - delete from DB
+		  $sql->db_Delete('banlist', $query);
+		  return TRUE;
+		}
+
+		if (varsettrue($pref['ban_retrigger']) && varsettrue($pref['ban_durations'][$row['banlist_bantype']]))
+		{	// May need to retrigger ban period
+		  $sql->db_UpdateArray('banlist',
+			"`banlist_banexpires`=".intval(time() + ($pref['ban_durations'][$row['banlist_bantype']]*60*60)),
+			"WHERE `banlist_ip`='{$row['banlist_ip']}'");
+//	    $admin_log->e_log_event(4,__FILE__."|".__FUNCTION__."@".__LINE__,"DBG","Retrigger Ban",$row['banlist_ip'],FALSE,LOG_TO_ROLLING);
+		}
 //	    $admin_log->e_log_event(4,__FILE__."|".__FUNCTION__."@".__LINE__,"DBG","Active Ban",$query,FALSE,LOG_TO_ROLLING);
 		if ($show_error) header("HTTP/1.1 403 Forbidden", true);
 		if (isset($pref['ban_messages']))
 		{  // May want to display a message
-		  if (($row['banlist_banexpires'] > 0) && ($row['banlist_banexpires'] < time()))
-		  {	// Ban has expired - delete from DB
-			$sql->db_Delete('banlist', $query);
-			return TRUE;
-		  }
 		  // Ban still current here
 		  if ($do_return) return FALSE;
 		  echo $tp->toHTML(varsettrue($pref['ban_messages'][$row['banlist_bantype']]));		// Show message if one set
@@ -253,6 +261,10 @@ class e107{
 	    $admin_log->e_log_event(4,__FILE__."|".__FUNCTION__."@".__LINE__,"BANLIST_11",'AL_BAN_LAN_11',$ban_ip,FALSE,LOG_TO_ROLLING);
 		return FALSE;
 	  }
+	  if (varsettrue($pref['enable_rdns_on_ban']))
+	  {
+		$ban_message .= 'Host: '.$e107->get_host_name(getenv('REMOTE_ADDR'));
+	  }
 	  // Add using an array - handles DB changes better
 	  $sql->db_Insert('banlist',array('banlist_ip' => $ban_ip, 'banlist_bantype' => $bantype, 'banlist_datestamp' => time(),
 		'banlist_banexpires' => (varsettrue($pref['ban_durations'][$bantype]) ? time() + ($pref['ban_durations'][$bantype]*60*60) : 0),
diff --git a/e107_handlers/online_class.php b/e107_handlers/online_class.php
index 0136dfe1f..c60acbfdd 100755
--- a/e107_handlers/online_class.php
+++ b/e107_handlers/online_class.php
@@ -1,157 +1,157 @@
-<?php
-/*
-+ ----------------------------------------------------------------------------+
-|     e107 website system
-|
-|    	Steve Dunstan 2001-2002
-|     http://e107.org
-|     jalist@e107.org
-|
-|     Released under the terms and conditions of the
-|     GNU General Public License (http://gnu.org).
-|
-|     $Source: /cvs_backup/e107_0.8/e107_handlers/online_class.php,v $
-|     $Revision: 1.1 $
-|     $Date: 2008-01-06 22:16:37 $
-|     $Author: mcfly_e107 $
-+----------------------------------------------------------------------------+
-*/
-
-class e_online 
-{
-	function online($online_tracking = false, $flood_control = false) 
-	{
-		global $sql, $pref, $e107, $e_event, $tp, $online_timeout, $online_warncount, $online_bancount;
-		global $members_online, $total_online, $member_list, $listuserson;
-
-		if($online_tracking == true || $flood_control == true)
-		{
-			if(!isset($online_timeout)) {
-				$online_timeout = 300;
-			}
-			if(!isset($online_warncount)) {
-				$online_warncount = 90;
-			}
-			if(!isset($online_bancount)) {
-				$online_bancount = 100;
-			}
-			$page = (strpos(e_SELF, "forum_") !== FALSE) ? e_SELF.".".e_QUERY : e_SELF;
-			$page = (strpos(e_SELF, "comment") !== FALSE) ? e_SELF.".".e_QUERY : $page;
-			$page = (strpos(e_SELF, "content") !== FALSE) ? e_SELF.".".e_QUERY : $page;
-			$page = $tp -> toDB($page, true);
-
-			$ip = $e107->getip();
-			$udata = (USER === true ? USERID.".".USERNAME : "0");
-
-			if (USER)
-			{
-				// Find record that matches IP or visitor, or matches user info
-				if ($sql->db_Select("online", "*", "(`online_ip` = '{$ip}' AND `online_user_id` = '0') OR `online_user_id` = '{$udata}'")) 
-				{
-					$row = $sql->db_Fetch();
-
-					if ($row['online_user_id'] == $udata) {
-						//Matching user record
-						if ($row['online_timestamp'] < (time() - $online_timeout)) {
-							//It has been at least 'timeout' seconds since this user has connected
-							//Update user record with timestamp, current IP, current page and set pagecount to 1
-							$query = "online_timestamp='".time()."', online_ip='{$ip}', online_location='{$page}', online_pagecount=1 WHERE online_user_id='{$row['online_user_id']}' LIMIT 1";
-						} else {
-							if (!ADMIN) {
-								$row['online_pagecount'] ++;
-							}
-							// Update user record with current IP, current page and increment pagecount
-							$query = "online_ip='{$ip}', `online_location` = '{$page}', `online_pagecount` = '".intval($row['online_pagecount'])."' WHERE `online_user_id` = '{$row['online_user_id']}' LIMIT 1";
-						}
-					} else {
-						//Found matching visitor record (ip only) for this user
-						if ($row['online_timestamp'] < (time() - $online_timeout)) {
-							// It has been at least 'timeout' seconds since this user has connected
-							// Update record with timestamp, current IP, current page and set pagecount to 1
-							$query = "`online_timestamp` = '".time()."', `online_user_id` = '{$udata}', `online_location` = '{$page}', `online_pagecount` = 1 WHERE `online_ip` = '{$ip}' AND `online_user_id` = '0' LIMIT 1";
-						} else {
-							if (!ADMIN) {
-								$row['online_pagecount'] ++;
-							}
-							//Update record with current IP, current page and increment pagecount
-							$query = "`online_user_id` = '{$udata}', `online_location` = '{$page}', `online_pagecount` = ".intval($row['online_pagecount'])." WHERE `online_ip` = '{$ip}' AND `online_user_id` = '0' LIMIT 1";
-						}
-					}
-					$sql->db_Update("online", $query);
-				} 
-				else 
-				{
-					$sql->db_Insert("online", " '".time()."', '0', '{$udata}', '{$ip}', '{$page}', 1, 0");
-				}
-				}
-			else
-			{
-				//Current page request is from a visitor
-				if ($sql->db_Select("online", "*", "`online_ip` = '{$ip}' AND `online_user_id` = '0'")) {
-					$row = $sql->db_Fetch();
-
-					if ($row['online_timestamp'] < (time() - $online_timeout)) //It has been at least 'timeout' seconds since this ip has connected
-					{
-						//Update record with timestamp, current page, and set pagecount to 1
-						$query = "`online_timestamp` = '".time()."', `online_location` = '{$page}', `online_pagecount` = 1 WHERE `online_ip` = '{$ip}' AND `online_user_id` = '0' LIMIT 1";
-					} else {
-						//Update record with current page and increment pagecount
-						$row['online_pagecount'] ++;
-						//   echo "here {$online_pagecount}";
-						$query="`online_location` = '{$page}', `online_pagecount` = {$row['online_pagecount']} WHERE `online_ip` = '{$ip}' AND `online_user_id` = '0' LIMIT 1";
-					}
-					$sql->db_Update("online", $query);
-				} else {
-					$sql->db_Insert("online", " '".time()."', '0', '0', '{$ip}', '{$page}', 1, 0");
-				}
-			}
-
-		if (ADMIN || ($pref['autoban'] != 1 && $pref['autoban'] != 2) || (!isset($row['online_pagecount']))) // Auto-Ban is switched off. (0 or 3)
-			{
-				$row['online_pagecount'] = 1;
-			}
-
-			if ($row['online_pagecount'] > $online_bancount && ($row['online_ip'] != "127.0.0.1")) 
-			{
-//				$sql->db_Insert("banlist", "'{$ip}', '0', 'Hit count exceeded ({$row['online_pagecount']} requests within allotted time)' ");
-			  if ($e107->add_ban(2,"Hit count exceeded ({$row['online_pagecount']} requests within allotted time)",$ip,0))
-			  {
-				$e_event->trigger("flood", $ip);
-				exit;
-			}
-			}
-			if ($row['online_pagecount'] >= $online_warncount && $row['online_ip'] != "127.0.0.1") 
-			{
-				echo "<div style='text-align:center; font: 11px verdana, tahoma, arial, helvetica, sans-serif;'><b>".LAN_WARNING."</b><br /><br />".CORE_LAN6."<br /></div>";
-				exit;
-			}
-
-			$sql->db_Delete("online", "`online_timestamp` < ".(time() - $online_timeout));
-
-			$total_online = $sql->db_Count("online");
-			if ($members_online = $sql->db_Select("online", "*", "online_user_id != '0' ")) {
-				$member_list = '';
-				$listuserson = array();
-				while ($row = $sql->db_Fetch()) {
-					$vals = explode(".", $row['online_user_id'], 2);
-					$member_list .= "<a href='".e_BASE."user.php?id.{$vals[0]}'>{$vals[1]}</a> ";
-					$listuserson[$row['online_user_id']] = $row['online_location'];
-				}
-			}
-			define("TOTAL_ONLINE", $total_online);
-			define("MEMBERS_ONLINE", $members_online);
-			define("GUESTS_ONLINE", $total_online - $members_online);
-			define("ON_PAGE", $sql->db_Count("online", "(*)", "WHERE `online_location` = '{$page}' "));
-			define("MEMBER_LIST", $member_list);
-		}
-		else
-		{
-			define("e_TRACKING_DISABLED", true);
-			define("TOTAL_ONLINE", "");
-			define("MEMBERS_ONLINE", "");
-			define("GUESTS_ONLINE", "");
-			define("ON_PAGE", "");
-			define("MEMBER_LIST", ""); //
-		}
-	}
-}
+<?php
+/*
++ ----------------------------------------------------------------------------+
+|     e107 website system
+|
+|    	Steve Dunstan 2001-2002
+|     http://e107.org
+|     jalist@e107.org
+|
+|     Released under the terms and conditions of the
+|     GNU General Public License (http://gnu.org).
+|
+|     $Source: /cvs_backup/e107_0.8/e107_handlers/online_class.php,v $
+|     $Revision: 1.2 $
+|     $Date: 2008-01-13 10:51:34 $
+|     $Author: e107steved $
++----------------------------------------------------------------------------+
+*/
+
+class e_online 
+{
+	function online($online_tracking = false, $flood_control = false) 
+	{
+	  global $sql, $pref, $e107, $e_event, $tp, $online_timeout, $online_warncount, $online_bancount;
+	  global $members_online, $total_online, $member_list, $listuserson;
+
+	  if($online_tracking == true || $flood_control == true)
+	  {
+		if(!isset($online_timeout)) $online_timeout = 300;
+		if(!isset($online_bancount)) 
+		{
+		  list($ban_access_guest,$ban_access_member) = explode(',',varset($pref['ban_max_online_access'],'100,200'));
+		  $online_bancount = max($ban_access_guest,50);					// Safety net for incorrect values
+		  if (USER)
+		  {
+			$online_bancount = max($online_bancount,$ban_access_member);
+		  }
+		}
+		$online_warncount = $online_bancount * 0.9;		// Set warning threshold at 90% of ban threshold
+		$page = (strpos(e_SELF, "forum_") !== FALSE) ? e_SELF.".".e_QUERY : e_SELF;
+		$page = (strpos(e_SELF, "comment") !== FALSE) ? e_SELF.".".e_QUERY : $page;
+		$page = (strpos(e_SELF, "content") !== FALSE) ? e_SELF.".".e_QUERY : $page;
+		$page = $tp -> toDB($page, true);
+		$ip = $e107->getip();
+		$udata = (USER === true ? USERID.".".USERNAME : "0");
+		if (USER)
+		{
+				// Find record that matches IP or visitor, or matches user info
+				if ($sql->db_Select("online", "*", "(`online_ip` = '{$ip}' AND `online_user_id` = '0') OR `online_user_id` = '{$udata}'")) 
+				{
+					$row = $sql->db_Fetch();
+
+					if ($row['online_user_id'] == $udata) {
+						//Matching user record
+						if ($row['online_timestamp'] < (time() - $online_timeout)) {
+							//It has been at least 'timeout' seconds since this user has connected
+							//Update user record with timestamp, current IP, current page and set pagecount to 1
+							$query = "online_timestamp='".time()."', online_ip='{$ip}', online_location='{$page}', online_pagecount=1 WHERE online_user_id='{$row['online_user_id']}' LIMIT 1";
+						} else {
+							if (!ADMIN) {
+								$row['online_pagecount'] ++;
+							}
+							// Update user record with current IP, current page and increment pagecount
+							$query = "online_ip='{$ip}', `online_location` = '{$page}', `online_pagecount` = '".intval($row['online_pagecount'])."' WHERE `online_user_id` = '{$row['online_user_id']}' LIMIT 1";
+						}
+					} else {
+						//Found matching visitor record (ip only) for this user
+						if ($row['online_timestamp'] < (time() - $online_timeout)) {
+							// It has been at least 'timeout' seconds since this user has connected
+							// Update record with timestamp, current IP, current page and set pagecount to 1
+							$query = "`online_timestamp` = '".time()."', `online_user_id` = '{$udata}', `online_location` = '{$page}', `online_pagecount` = 1 WHERE `online_ip` = '{$ip}' AND `online_user_id` = '0' LIMIT 1";
+						} else {
+							if (!ADMIN) {
+								$row['online_pagecount'] ++;
+							}
+							//Update record with current IP, current page and increment pagecount
+							$query = "`online_user_id` = '{$udata}', `online_location` = '{$page}', `online_pagecount` = ".intval($row['online_pagecount'])." WHERE `online_ip` = '{$ip}' AND `online_user_id` = '0' LIMIT 1";
+						}
+					}
+					$sql->db_Update("online", $query);
+				} 
+				else 
+				{
+					$sql->db_Insert("online", " '".time()."', '0', '{$udata}', '{$ip}', '{$page}', 1, 0");
+				}
+		}
+		else
+		{
+				//Current page request is from a visitor
+				if ($sql->db_Select("online", "*", "`online_ip` = '{$ip}' AND `online_user_id` = '0'")) {
+					$row = $sql->db_Fetch();
+
+					if ($row['online_timestamp'] < (time() - $online_timeout)) //It has been at least 'timeout' seconds since this ip has connected
+					{
+						//Update record with timestamp, current page, and set pagecount to 1
+						$query = "`online_timestamp` = '".time()."', `online_location` = '{$page}', `online_pagecount` = 1 WHERE `online_ip` = '{$ip}' AND `online_user_id` = '0' LIMIT 1";
+					} else {
+						//Update record with current page and increment pagecount
+						$row['online_pagecount'] ++;
+						//   echo "here {$online_pagecount}";
+						$query="`online_location` = '{$page}', `online_pagecount` = {$row['online_pagecount']} WHERE `online_ip` = '{$ip}' AND `online_user_id` = '0' LIMIT 1";
+					}
+					$sql->db_Update("online", $query);
+				} else {
+					$sql->db_Insert("online", " '".time()."', '0', '0', '{$ip}', '{$page}', 1, 0");
+				}
+		}
+
+		if (ADMIN || ($pref['autoban'] != 1 && $pref['autoban'] != 2) || (!isset($row['online_pagecount']))) // Auto-Ban is switched off. (0 or 3)
+		{
+		  $row['online_pagecount'] = 1;
+		}
+
+			if ($row['online_pagecount'] > $online_bancount && ($row['online_ip'] != "127.0.0.1")) 
+			{
+//				$sql->db_Insert("banlist", "'{$ip}', '0', 'Hit count exceeded ({$row['online_pagecount']} requests within allotted time)' ");
+			  if ($e107->add_ban(2,"Hit count exceeded ({$row['online_pagecount']} requests within allotted time)",$ip,0))
+			  {
+				$e_event->trigger("flood", $ip);
+				exit;
+			}
+			}
+			if ($row['online_pagecount'] >= $online_warncount && $row['online_ip'] != "127.0.0.1") 
+			{
+				echo "<div style='text-align:center; font: 11px verdana, tahoma, arial, helvetica, sans-serif;'><b>".LAN_WARNING."</b><br /><br />".CORE_LAN6."<br /></div>";
+				exit;
+			}
+
+			$sql->db_Delete("online", "`online_timestamp` < ".(time() - $online_timeout));
+
+			$total_online = $sql->db_Count("online");
+			if ($members_online = $sql->db_Select("online", "*", "online_user_id != '0' ")) {
+				$member_list = '';
+				$listuserson = array();
+				while ($row = $sql->db_Fetch()) {
+					$vals = explode(".", $row['online_user_id'], 2);
+					$member_list .= "<a href='".e_BASE."user.php?id.{$vals[0]}'>{$vals[1]}</a> ";
+					$listuserson[$row['online_user_id']] = $row['online_location'];
+				}
+			}
+			define("TOTAL_ONLINE", $total_online);
+			define("MEMBERS_ONLINE", $members_online);
+			define("GUESTS_ONLINE", $total_online - $members_online);
+			define("ON_PAGE", $sql->db_Count("online", "(*)", "WHERE `online_location` = '{$page}' "));
+			define("MEMBER_LIST", $member_list);
+		}
+		else
+		{
+			define("e_TRACKING_DISABLED", true);
+			define("TOTAL_ONLINE", "");
+			define("MEMBERS_ONLINE", "");
+			define("GUESTS_ONLINE", "");
+			define("ON_PAGE", "");
+			define("MEMBER_LIST", ""); //
+		}
+	}
+}
diff --git a/e107_languages/English/admin/lan_banlist.php b/e107_languages/English/admin/lan_banlist.php
index 61eb0bc8a..56e90a4ec 100644
--- a/e107_languages/English/admin/lan_banlist.php
+++ b/e107_languages/English/admin/lan_banlist.php
@@ -4,8 +4,8 @@
 |     e107 website system - Language File.
 |
 |     $Source: /cvs_backup/e107_0.8/e107_languages/English/admin/lan_banlist.php,v $
-|     $Revision: 1.6 $
-|     $Date: 2007-12-26 13:21:34 $
+|     $Revision: 1.7 $
+|     $Date: 2008-01-13 10:51:42 $
 |     $Author: e107steved $
 +----------------------------------------------------------------------------+
 */
@@ -69,7 +69,25 @@ define('BANLAN_58','Add users to the whitelist');
 define('BANLAN_59','Edit existing whitelist entry');
 define('BANLAN_60','Edit existing banlist entry');
 define('BANLAN_61','Existing Whitelist entries');
-define('BANLAN_62','');
+define('BANLAN_62','Options');
+define('BANLAN_63','Use reverse DNS to allow host banning');
+define('BANLAN_64','Reverse DNS accesses when adding ban');
+define('BANLAN_65','Turning this option on will allow you to ban users by hostname, rather then just IP or email address.  <br />NOTE: This may affect pageload times on some hosts, or if a server isn\'t responding');
+define('BANLAN_66','When a ban occurs, this option adds the domain of the banned address to the reason');
+define('BANLAN_67','Set maximum access rate');
+define('BANLAN_68','This determines the maximum number of site accesses in a 5-minute period');
+define('BANLAN_69','for members');
+define('BANLAN_70','for guests');
+define('BANLAN_71','Retrigger ban period');
+define('BANLAN_72','Ban Options');
+define('BANLAN_73','This will restart the ban period if a banned user accesses the site');
+define('BANLAN_74','Banlist Maintenance');
+define('BANLAN_75','Remove expired bans from list');
+define('BANLAN_76','Execute');
+define('BANLAN_77','');
+define('BANLAN_78','');
+define('BANLAN_79','');
+define('BANLAN_80','');
 
 // Ban types - block reserved 100-109 
 define('BANLAN_100', 'Unknown');
diff --git a/e107_languages/English/admin/lan_prefs.php b/e107_languages/English/admin/lan_prefs.php
index 34ae6afa6..e5fb33109 100644
--- a/e107_languages/English/admin/lan_prefs.php
+++ b/e107_languages/English/admin/lan_prefs.php
@@ -12,8 +12,8 @@
 |     GNU General Public License (http://gnu.org).
 |
 |     $Source: /cvs_backup/e107_0.8/e107_languages/English/admin/lan_prefs.php,v $
-|     $Revision: 1.10 $
-|     $Date: 2008-01-06 21:16:30 $
+|     $Revision: 1.11 $
+|     $Date: 2008-01-13 10:51:42 $
 |     $Author: e107steved $
 +----------------------------------------------------------------------------+
 */
@@ -184,8 +184,8 @@ define("PRFLAN_167", "Make entering an email address optional"); // subject to c
 define("PRFLAN_168", "Site Contact Person(s)");
 define("PRFLAN_169", "If the chosen group contains more than one person, the user will be asked to select a person from the group.");
 
-define("PRFLAN_170", "Use reverse DNS to allow host banning");
-define("PRFLAN_171", "Turning this option on will allow you to ban users by hostname, rather then just IP or email address.  <br />NOTE: This may affect pageload times on some hosts");
+//define("PRFLAN_170", "Use reverse DNS to allow host banning");
+//define("PRFLAN_171", "Turning this option on will allow you to ban users by hostname, rather then just IP or email address.  <br />NOTE: This may affect pageload times on some hosts");
 define("PRFLAN_172", "Login Name maximum length (10..100)");
 define("PRFLAN_173", "Check at SourceForge for E107 updates once/day");