mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-07-31 20:00:37 +02:00
Code Issues Releases Wiki Activity

Issue #600, Issue #823 - Now able to search an existing ban by full IP address in IP4 format. Ban files now regenerated after each change in admin area.

Browse Source
This commit is contained in:
Cameron
2015-03-09 20:19:06 -07:00
parent 7dbd07d5fe
commit b8bbbd3390
3 changed files with 88 additions and 76 deletions
Download Patch File Download Diff File Expand all files Collapse all files

53
e107_admin/banlist.php
View File

@@ -92,14 +92,12 @@ class banlist_ui extends e_admin_ui
protected $table = 'banlist'; protected $table = 'banlist';
protected $pid = 'banlist_id'; protected $pid = 'banlist_id';
protected $perPage = 10; protected $perPage = 10;
//FIXME banlist_ip should be data => 'str' - however, edit link will not contain a value for 'id' when this is the case.
//FIXME need to edit/display primary key value. ie. banlist_ip
protected $fields = array ( protected $fields = array (
'checkboxes' => array ( 'title' => '', 'type' => null, 'data' => null, 'width' => '5%', 'thclass' => 'center', 'forced' => '1', 'class' => 'center', 'toggle' => 'e-multiselect', ), 'checkboxes' => array ( 'title' => '', 'type' => null, 'data' => null, 'width' => '5%', 'thclass' => 'center', 'forced' => '1', 'class' => 'center', 'toggle' => 'e-multiselect', ),
'banlist_id' => array ( 'title' => LAN_ID, 'data' => 'int', 'width' => '5%', 'help' => '', 'readParms' => '', 'writeParms' => '', 'class' => 'left', 'thclass' => 'left', ), 'banlist_id' => array ( 'title' => LAN_ID, 'data' => 'int', 'width' => '5%', 'help' => '', 'readParms' => '', 'writeParms' => '', 'class' => 'left', 'thclass' => 'left', ),
'banlist_ip' => array ( 'title' => LAN_IP, 'type' => 'ip', 'data' => 'str', 'width' => '5%', 'help' => '', 'readParms' => '', 'writeParms' => '', 'class' => 'left', 'thclass' => 'left', ), 'banlist_ip' => array ( 'title' => LAN_IP, 'type' => 'ip', 'data' => 'str', 'width' => 'auto', 'help' => '', 'readParms' => '', 'writeParms' => '', 'class' => 'left', 'thclass' => 'left', ),
'banlist_bantype' => array ( 'title' => LAN_TYPE, 'type' => 'method', 'data' => 'str', 'width' => 'auto', 'filter'=>true, 'help' => '', 'readParms' => '', 'writeParms' => '', 'class' => 'center', 'thclass' => 'center', ), 'banlist_bantype' => array ( 'title' => LAN_TYPE, 'type' => 'method', 'data' => 'str', 'width' => 'auto', 'filter'=>true, 'help' => '', 'readParms' => '', 'writeParms' => '', 'class' => 'left', 'thclass' => 'left', ),
'banlist_datestamp' => array ( 'title' => LAN_DATESTAMP, 'type' => 'datestamp', 'data' => 'int', 'width' => 'auto', 'filter' => true, 'help' => '', 'readParms' => '', 'writeParms' => 'auto=1&hidden=1&readonly=1', 'class' => 'left', 'thclass' => 'left', ), 'banlist_datestamp' => array ( 'title' => LAN_DATESTAMP, 'type' => 'datestamp', 'data' => 'int', 'width' => 'auto', 'filter' => true, 'help' => '', 'readParms' => '', 'writeParms' => 'auto=1&hidden=1&readonly=1', 'class' => 'left', 'thclass' => 'left', ),
'banlist_banexpires' => array ( 'title' => 'Expires', 'type' => 'method', 'data' => 'int', 'inline'=>true, 'width' => 'auto', 'batch' => true, 'filter' => true, 'help' => '', 'readParms' => '', 'writeParms' => '', 'class' => 'left', 'thclass' => 'left', ), 'banlist_banexpires' => array ( 'title' => 'Expires', 'type' => 'method', 'data' => 'int', 'inline'=>true, 'width' => 'auto', 'batch' => true, 'filter' => true, 'help' => '', 'readParms' => '', 'writeParms' => '', 'class' => 'left', 'thclass' => 'left', ),
'banlist_admin' => array ( 'title' => 'Admin', 'type' => 'boolean', 'data' => 'int', 'width' => 'auto', 'help' => '', 'readParms' => '', 'writeParms' => '', 'class' => 'center', 'thclass' => 'center', ), 'banlist_admin' => array ( 'title' => 'Admin', 'type' => 'boolean', 'data' => 'int', 'width' => 'auto', 'help' => '', 'readParms' => '', 'writeParms' => '', 'class' => 'center', 'thclass' => 'center', ),
@@ -109,9 +107,7 @@ class banlist_ui extends e_admin_ui
); );
protected $fieldpref = array('checkboxes', 'banlist_ip', 'banlist_bantype', 'banlist_datestamp', 'banlist_banexpires', 'banlist_reason', 'banlist_notes', 'options'); protected $fieldpref = array('checkboxes', 'banlist_ip', 'banlist_bantype', 'banlist_datestamp', 'banlist_banexpires', 'banlist_reason', 'banlist_notes', 'options');
// protected $pref = array( // protected $pref = array(
// 'pref_type' => array('title'=> 'type', 'type'=>'text', 'data' => 'string', 'validate' => true), // 'pref_type' => array('title'=> 'type', 'type'=>'text', 'data' => 'string', 'validate' => true),
@@ -123,24 +119,28 @@ class banlist_ui extends e_admin_ui
// optional // optional
public function init() public function init()
{ {
if($_POST['something']) // example
{
//$this->processSomething();
}
if (isset($_POST['update_ban_prefs'])) // Update ban messages if (isset($_POST['update_ban_prefs'])) // Update ban messages
{ {
$this->timesPageSave(); $this->timesPageSave();
} }
} }
public function afterCreate($new_data, $old_data, $id)
{
e107::getIPHandler()->regenerateFiles();
}
public function afterUpdate($new_data, $old_data, $id)
{
e107::getIPHandler()->regenerateFiles();
}
public function afterDelete($deleted_data, $id, $deleted_check)
{
e107::getIPHandler()->regenerateFiles();
}
public function addPage() public function addPage()
{ {
//$ns = e107::getRender(); //$ns = e107::getRender();
@@ -350,13 +350,18 @@ class banlist_form_ui extends e_admin_form_ui
break; break;
case 'write': // Edit Page case 'write': // Edit Page
if(!empty($curVal))
{
$opts[$curVal] = e107::getParser()->toDate($curVal, 'short');
}
return $this->selectbox('banlist_banexpires',$opts, $curVal); return $this->selectbox('banlist_banexpires',$opts, $curVal);
// return $frm->text('banlist_banexpires',$curVal); // return $frm->text('banlist_banexpires',$curVal);
break; break;
case 'filter': case 'filter':
case 'batch': case 'batch':
return $array; return false;
break; break;
} }
} }
@@ -374,7 +379,7 @@ class banlist_form_ui extends e_admin_form_ui
if ($i == 0) if ($i == 0)
{ {
$words = $zero_text ? $zero_text : LAN_NEVER; $words = LAN_NEVER;
} }
elseif (($i % 24) == 0 && $i !== 24) elseif (($i % 24) == 0 && $i !== 24)
{ {

40
e107_handlers/admin_ui.php
View File

@@ -3644,27 +3644,22 @@ class e_admin_controller_ui extends e_admin_controller
default: // string usually. default: // string usually.
if($this->fields[$filterField]['type'] == 'method') // More flexible filtering. if($filterValue == '_ISEMPTY_')
{ {
if($filterValue == '_ISEMPTY_') $searchQry[] = $this->fields[$filterField]['__tableField']." = '' ";
{ }
$searchQry[] = $this->fields[$filterField]['__tableField']." = '' "; else
} {
else
if($this->fields[$filterField]['type'] == 'method') // More flexible filtering.
{ {
$searchQry[] = $this->fields[$filterField]['__tableField']." LIKE \"%".$tp->toDB($filterValue)."%\""; $searchQry[] = $this->fields[$filterField]['__tableField']." LIKE \"%".$tp->toDB($filterValue)."%\"";
} }
else
}
else
{
if($filterValue == '_ISEMPTY_')
{
$searchQry[] = $this->fields[$filterField]['__tableField']." = '' ";
}
else
{ {
$searchQry[] = $this->fields[$filterField]['__tableField']." = '".$tp->toDB($filterValue)."'"; $searchQry[] = $this->fields[$filterField]['__tableField']." = '".$tp->toDB($filterValue)."'";
} }
} }
@@ -3718,8 +3713,16 @@ class e_admin_controller_ui extends e_admin_controller
} }
continue; continue;
} }
if($var['type'] == 'ip')
{
$filter[] = $var['__tableField']." LIKE '%".e107::getIpHandler()->ipEncode($searchQuery)."%'";
// Continue below for BC check also.
}
$filter[] = $var['__tableField']." LIKE '%".$searchQuery."%'"; $filter[] = $var['__tableField']." LIKE '%".$searchQuery."%'";
if($isfilter) if($isfilter)
{ {
$filterFrom[] = $var['__tableField']; $filterFrom[] = $var['__tableField'];
@@ -3728,7 +3731,10 @@ class e_admin_controller_ui extends e_admin_controller
} }
} }
// e107::getMessage()->addInfo(print_a($filter,true)); if(E107_DEBUG_LEVEL == E107_DBG_SQLQUERIES)
{
// e107::getMessage()->addInfo(print_a($filter,true));
}
if($isfilter) if($isfilter)
{ {

71
e107_handlers/iphandler_class.php
View File

@@ -189,7 +189,7 @@ class eIPHandler
* @param int $reason - numeric reason code, usually in range -10..+10 * @param int $reason - numeric reason code, usually in range -10..+10
* @param string $message - additional text as required (length not checked, but should be less than 100 characters or so * @param string $message - additional text as required (length not checked, but should be less than 100 characters or so
* *
* @return none * @return void
*/ */
private function logBanItem($reason, $message) private function logBanItem($reason, $message)
{ {
@@ -489,14 +489,14 @@ class eIPHandler
} }
/** /**
* Encode an IPv4 address into IPv6 * Encode an IPv4 address into IPv6
* Similar functionality to ipEncode * Similar functionality to ipEncode
* *
* @return string - the 'ip4' bit of an IPv6 address (i.e. last 32 bits) * @param $ip
* @param bool $wildCards
* @param string $div
* @return string - the 'ip4' bit of an IPv6 address (i.e. last 32 bits)
*/ */
private function ip4Encode($ip, $wildCards = FALSE, $div = ':') private function ip4Encode($ip, $wildCards = FALSE, $div = ':')
{ {
@@ -574,10 +574,11 @@ class eIPHandler
} }
/** /**
* Given a potentially truncated IPV6 address as used in the ban list files, adds 'x' characters etc to create * Given a potentially truncated IPV6 address as used in the ban list files, adds 'x' characters etc to create
* a normalised IPV6 address as stored in the DB. Returned length is exactly 39 characters * a normalised IPV6 address as stored in the DB. Returned length is exactly 39 characters
* @param $address
* @return string
*/ */
public function ip6AddWildcards($address) public function ip6AddWildcards($address)
{ {
@@ -723,18 +724,18 @@ class eIPHandler
} }
/** /**
* Generate DB query for domain name-related checks * Generate DB query for domain name-related checks
* *
* If an email address is passed, discards the individual's name * If an email address is passed, discards the individual's name
* *
* @param string $email - an email address or domain name string * @param string $email - an email address or domain name string
* @param string $fieldname - if non-empty, each array entry is a comparison with this field * @param string $fieldName
* @return array|bool false if invalid domain name format
* false if invalid domain name format
* array of values to compare
* @internal param string $fieldname - if non-empty, each array entry is a comparison with this field
* *
* @return boolean|array
* false if invalid domain name format
* array of values to compare
*/ */
function makeDomainQuery($email, $fieldName = 'banlist_ip') function makeDomainQuery($email, $fieldName = 'banlist_ip')
{ {
@@ -821,7 +822,7 @@ class eIPHandler
if ($this->clearBan !== FALSE) if ($this->clearBan !== FALSE)
{ // Expired ban to clear - match exactly the address which triggered this action - could be a wildcard { // Expired ban to clear - match exactly the address which triggered this action - could be a wildcard
$clearAddress = $this->ip6AddWildcards($this->clearBan); $clearAddress = $this->ip6AddWildcards($this->clearBan);
if ($sql->db_Delete('banlist',"`banlist_ip`='{$clearAddress}'")) if ($sql->delete('banlist',"`banlist_ip`='{$clearAddress}'"))
{ {
$this->actionCount--; // One less item on list $this->actionCount--; // One less item on list
$this->logBanItem(0,'Ban cleared: '.$clearAddress); $this->logBanItem(0,'Ban cleared: '.$clearAddress);
@@ -876,10 +877,10 @@ class eIPHandler
$admin_log = e107::getAdminLog(); $admin_log = e107::getAdminLog();
//$admin_log->e_log_event(4,__FILE__."|".__FUNCTION__."@".__LINE__,"DBG","Check for Ban",$query,FALSE,LOG_TO_ROLLING); //$admin_log->e_log_event(4,__FILE__."|".__FUNCTION__."@".__LINE__,"DBG","Check for Ban",$query,FALSE,LOG_TO_ROLLING);
if ($sql->db_Select('banlist', '*', $query.' ORDER BY `banlist_bantype` DESC')) if ($sql->select('banlist', '*', $query.' ORDER BY `banlist_bantype` DESC'))
{ {
// Any whitelist entries will be first, because they are positive numbers - so we can answer based on the first DB record read // Any whitelist entries will be first, because they are positive numbers - so we can answer based on the first DB record read
$row = $sql->db_Fetch(); $row = $sql->fetch();
if ($row['banlist_bantype'] >= eIPHandler::BAN_TYPE_WHITELIST) if ($row['banlist_bantype'] >= eIPHandler::BAN_TYPE_WHITELIST)
{ {
//$admin_log->e_log_event(4,__FILE__."|".__FUNCTION__."@".__LINE__,"DBG","Whitelist hit",$query,FALSE,LOG_TO_ROLLING); //$admin_log->e_log_event(4,__FILE__."|".__FUNCTION__."@".__LINE__,"DBG","Whitelist hit",$query,FALSE,LOG_TO_ROLLING);
@@ -888,7 +889,7 @@ class eIPHandler
// Found banlist entry in table here // Found banlist entry in table here
if (($row['banlist_banexpires']>0) && ($row['banlist_banexpires']<time())) if (($row['banlist_banexpires']>0) && ($row['banlist_banexpires']<time()))
{ // Ban has expired - delete from DB { // Ban has expired - delete from DB
$sql->db_Delete('banlist', $query); $sql->delete('banlist', $query);
$this->regenerateFiles(); $this->regenerateFiles();
return TRUE; return TRUE;
} }
@@ -896,7 +897,7 @@ class eIPHandler
// User is banned hereafter - just need to sort out the details. // User is banned hereafter - just need to sort out the details.
if (vartrue($pref['ban_retrigger']) && vartrue($pref['ban_durations'][$row['banlist_bantype']])) if (vartrue($pref['ban_retrigger']) && vartrue($pref['ban_durations'][$row['banlist_bantype']]))
{ // May need to retrigger ban period { // May need to retrigger ban period
$sql->db_Update('banlist', "`banlist_banexpires`=".intval(time()+($pref['ban_durations'][$row['banlist_bantype']]*60*60)), "WHERE `banlist_ip`='{$row['banlist_ip']}'"); $sql->update('banlist', "`banlist_banexpires`=".intval(time()+($pref['ban_durations'][$row['banlist_bantype']]*60*60)), "WHERE `banlist_ip`='{$row['banlist_ip']}'");
$this->regenerateFiles(); $this->regenerateFiles();
//$admin_log->e_log_event(4,__FILE__."|".__FUNCTION__."@".__LINE__,"DBG","Retrigger Ban",$row['banlist_ip'],FALSE,LOG_TO_ROLLING); //$admin_log->e_log_event(4,__FILE__."|".__FUNCTION__."@".__LINE__,"DBG","Retrigger Ban",$row['banlist_ip'],FALSE,LOG_TO_ROLLING);
} }
@@ -961,7 +962,7 @@ class eIPHandler
return FALSE; return FALSE;
} }
// See if address already in the banlist // See if address already in the banlist
if ($sql->db_Select('banlist', '`banlist_bantype`', "`banlist_ip`='{$ban_ip}'")) if ($sql->select('banlist', '`banlist_bantype`', "`banlist_ip`='{$ban_ip}'"))
{ {
list($banType) = $sql->fetch(MYSQL_ASSOC); list($banType) = $sql->fetch(MYSQL_ASSOC);
@@ -1004,7 +1005,7 @@ class eIPHandler
/** /**
* Regenerate the text-based banlist files (called after a banlist table mod) * Regenerate the text-based banlist files (called after a banlist table mod)
*/ */
protected function regenerateFiles() public function regenerateFiles()
{ {
// Now regenerate the text files - so accesses of this IP address don't use the DB // Now regenerate the text files - so accesses of this IP address don't use the DB
$ipAdministrator = new banlistManager; $ipAdministrator = new banlistManager;
@@ -1120,12 +1121,12 @@ class eIPHandler
{ {
$ourDB = e107::getDb('olcheckDB'); // @todo is this OK, or should an existing one be used? $ourDB = e107::getDb('olcheckDB'); // @todo is this OK, or should an existing one be used?
$result = $ourDB->db_Select('online', '*', "`user_ip` = '{$ip}' OR `user_token` = '{$browser}'"); $result = $ourDB->select('online', '*', "`user_ip` = '{$ip}' OR `user_token` = '{$browser}'");
if ($result === FALSE) return FALSE; if ($result === FALSE) return FALSE;
$gotIP = FALSE; $gotIP = FALSE;
$gotBrowser = FALSE; $gotBrowser = FALSE;
$bestRow = FALSE; $bestRow = FALSE;
while (FALSE !== ($row = $ourDB->db_Fetch(MYSQL_ASSOC))) while (FALSE !== ($row = $ourDB->fetch(MYSQL_ASSOC)))
{ {
if ($row['user_token'] == $browser) if ($row['user_token'] == $browser)
{ {
@@ -1226,6 +1227,7 @@ class banlistManager
*/ */
public function writeBanListFiles($options = 'ip', $typeList = '') public function writeBanListFiles($options = 'ip', $typeList = '')
{ {
e107::getMessage()->addDebug("Writing new Banlist files.");
$sql = e107::getDb(); $sql = e107::getDb();
$ipManager = e107::getIPHandler(); $ipManager = e107::getIPHandler();
@@ -1310,15 +1312,14 @@ class banlistManager
} }
/** /**
* Trim wildcards from IP addresses * Trim wildcards from IP addresses
* *
* @param string $ip - IP address in any normal form * @param string $ip - IP address in any normal form
* *
* Note - this removes all characters after (and including) the first '*' or 'x' found. So an '*' or 'x' in the middle of a string may * Note - this removes all characters after (and including) the first '*' or 'x' found. So an '*' or 'x' in the middle of a string may
* cause unexpected results. * cause unexpected results.
* @return string
*/ */
private function trimWildcard($ip) private function trimWildcard($ip)
{ {
@@ -1545,9 +1546,9 @@ class banlistManager
foreach ($ipAction as $ipKey => $ipInfo) foreach ($ipAction as $ipKey => $ipInfo)
{ {
if ($ourDb->db_Select('banlist', '*', "`banlist_ip`='".$ipKey."'") === 1) if ($ourDb->select('banlist', '*', "`banlist_ip`='".$ipKey."'") === 1)
{ {
if ($row = $ourDb->db_Fetch()) if ($row = $ourDb->fetch())
{ {
// @todo check next line // @todo check next line
$writeDb->db_Update('banlist', $writeDb->db_Update('banlist',