mirror of
				https://github.com/phpbb/phpbb.git
				synced 2025-10-26 21:21:32 +01:00 
			
		
		
		
	
		
			
				
	
	
		
			424 lines
		
	
	
		
			12 KiB
		
	
	
	
		
			PHP
		
	
	
	
	
	
			
		
		
	
	
			424 lines
		
	
	
		
			12 KiB
		
	
	
	
		
			PHP
		
	
	
	
	
	
| <?php
 | |
| /**
 | |
| *
 | |
| * This file is part of the phpBB Forum Software package.
 | |
| *
 | |
| * @copyright (c) phpBB Limited <https://www.phpbb.com>
 | |
| * @license GNU General Public License, version 2 (GPL-2.0)
 | |
| *
 | |
| * For full copyright and license information, please see
 | |
| * the docs/CREDITS.txt file.
 | |
| *
 | |
| */
 | |
| 
 | |
| /**
 | |
| * @ignore
 | |
| */
 | |
| if (!defined('IN_PHPBB'))
 | |
| {
 | |
| 	exit;
 | |
| }
 | |
| 
 | |
| class acp_bots
 | |
| {
 | |
| 	var $u_action;
 | |
| 
 | |
| 	function main($id, $mode)
 | |
| 	{
 | |
| 		global $config, $db, $user, $auth, $template, $cache, $request;
 | |
| 		global $phpbb_root_path, $phpbb_admin_path, $phpEx, $table_prefix;
 | |
| 
 | |
| 		$action = request_var('action', '');
 | |
| 		$submit = (isset($_POST['submit'])) ? true : false;
 | |
| 		$mark	= request_var('mark', array(0));
 | |
| 		$bot_id	= request_var('id', 0);
 | |
| 
 | |
| 		if (isset($_POST['add']))
 | |
| 		{
 | |
| 			$action = 'add';
 | |
| 		}
 | |
| 
 | |
| 		$error = array();
 | |
| 
 | |
| 		$user->add_lang('acp/bots');
 | |
| 		$this->tpl_name = 'acp_bots';
 | |
| 		$this->page_title = 'ACP_BOTS';
 | |
| 		$form_key = 'acp_bots';
 | |
| 		add_form_key($form_key);
 | |
| 
 | |
| 		if ($submit && !check_form_key($form_key))
 | |
| 		{
 | |
| 			$error[] = $user->lang['FORM_INVALID'];
 | |
| 		}
 | |
| 
 | |
| 		// User wants to do something, how inconsiderate of them!
 | |
| 		switch ($action)
 | |
| 		{
 | |
| 			case 'activate':
 | |
| 				if ($bot_id || sizeof($mark))
 | |
| 				{
 | |
| 					$sql_id = ($bot_id) ? " = $bot_id" : ' IN (' . implode(', ', $mark) . ')';
 | |
| 
 | |
| 					$sql = 'UPDATE ' . BOTS_TABLE . "
 | |
| 						SET bot_active = 1
 | |
| 						WHERE bot_id $sql_id";
 | |
| 					$db->sql_query($sql);
 | |
| 				}
 | |
| 
 | |
| 				$cache->destroy('_bots');
 | |
| 			break;
 | |
| 
 | |
| 			case 'deactivate':
 | |
| 				if ($bot_id || sizeof($mark))
 | |
| 				{
 | |
| 					$sql_id = ($bot_id) ? " = $bot_id" : ' IN (' . implode(', ', $mark) . ')';
 | |
| 
 | |
| 					$sql = 'UPDATE ' . BOTS_TABLE . "
 | |
| 						SET bot_active = 0
 | |
| 						WHERE bot_id $sql_id";
 | |
| 					$db->sql_query($sql);
 | |
| 				}
 | |
| 
 | |
| 				$cache->destroy('_bots');
 | |
| 			break;
 | |
| 
 | |
| 			case 'delete':
 | |
| 				if ($bot_id || sizeof($mark))
 | |
| 				{
 | |
| 					if (confirm_box(true))
 | |
| 					{
 | |
| 						// We need to delete the relevant user, usergroup and bot entries ...
 | |
| 						$sql_id = ($bot_id) ? " = $bot_id" : ' IN (' . implode(', ', $mark) . ')';
 | |
| 
 | |
| 						$sql = 'SELECT bot_name, user_id
 | |
| 							FROM ' . BOTS_TABLE . "
 | |
| 							WHERE bot_id $sql_id";
 | |
| 						$result = $db->sql_query($sql);
 | |
| 
 | |
| 						$user_id_ary = $bot_name_ary = array();
 | |
| 						while ($row = $db->sql_fetchrow($result))
 | |
| 						{
 | |
| 							$user_id_ary[] = (int) $row['user_id'];
 | |
| 							$bot_name_ary[] = $row['bot_name'];
 | |
| 						}
 | |
| 						$db->sql_freeresult($result);
 | |
| 
 | |
| 						$db->sql_transaction('begin');
 | |
| 
 | |
| 						$sql = 'DELETE FROM ' . BOTS_TABLE . "
 | |
| 							WHERE bot_id $sql_id";
 | |
| 						$db->sql_query($sql);
 | |
| 
 | |
| 						if (sizeof($user_id_ary))
 | |
| 						{
 | |
| 							$_tables = array(USERS_TABLE, USER_GROUP_TABLE);
 | |
| 							foreach ($_tables as $table)
 | |
| 							{
 | |
| 								$sql = "DELETE FROM $table
 | |
| 									WHERE " . $db->sql_in_set('user_id', $user_id_ary);
 | |
| 								$db->sql_query($sql);
 | |
| 							}
 | |
| 						}
 | |
| 
 | |
| 						$db->sql_transaction('commit');
 | |
| 
 | |
| 						$cache->destroy('_bots');
 | |
| 
 | |
| 						add_log('admin', 'LOG_BOT_DELETE', implode(', ', $bot_name_ary));
 | |
| 						trigger_error($user->lang['BOT_DELETED'] . adm_back_link($this->u_action));
 | |
| 					}
 | |
| 					else
 | |
| 					{
 | |
| 						confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
 | |
| 							'mark'		=> $mark,
 | |
| 							'id'		=> $bot_id,
 | |
| 							'mode'		=> $mode,
 | |
| 							'action'	=> $action))
 | |
| 						);
 | |
| 					}
 | |
| 				}
 | |
| 			break;
 | |
| 
 | |
| 			case 'edit':
 | |
| 			case 'add':
 | |
| 				include_once($phpbb_root_path . 'includes/functions_user.' . $phpEx);
 | |
| 
 | |
| 				$bot_row = array(
 | |
| 					'bot_name'		=> utf8_normalize_nfc(request_var('bot_name', '', true)),
 | |
| 					'bot_agent'		=> request_var('bot_agent', ''),
 | |
| 					'bot_ip'		=> request_var('bot_ip', ''),
 | |
| 					'bot_active'	=> request_var('bot_active', true),
 | |
| 					'bot_lang'		=> request_var('bot_lang', $config['default_lang']),
 | |
| 					'bot_style'		=> request_var('bot_style' , $config['default_style']),
 | |
| 				);
 | |
| 
 | |
| 				if ($submit)
 | |
| 				{
 | |
| 					if (!$bot_row['bot_agent'] && !$bot_row['bot_ip'])
 | |
| 					{
 | |
| 						$error[] = $user->lang['ERR_BOT_NO_MATCHES'];
 | |
| 					}
 | |
| 
 | |
| 					if ($bot_row['bot_ip'] && !preg_match('#^[\d\.,:]+$#', $bot_row['bot_ip']))
 | |
| 					{
 | |
| 						if (!$ip_list = gethostbynamel($bot_row['bot_ip']))
 | |
| 						{
 | |
| 							$error[] = $user->lang['ERR_BOT_NO_IP'];
 | |
| 						}
 | |
| 						else
 | |
| 						{
 | |
| 							$bot_row['bot_ip'] = implode(',', $ip_list);
 | |
| 						}
 | |
| 					}
 | |
| 					$bot_row['bot_ip'] = str_replace(' ', '', $bot_row['bot_ip']);
 | |
| 
 | |
| 					// Make sure the admin is not adding a bot with an user agent similar to his one
 | |
| 					if ($bot_row['bot_agent'] && substr($user->data['session_browser'], 0, 149) === substr($bot_row['bot_agent'], 0, 149))
 | |
| 					{
 | |
| 						$error[] = $user->lang['ERR_BOT_AGENT_MATCHES_UA'];
 | |
| 					}
 | |
| 
 | |
| 					$bot_name = false;
 | |
| 					if ($bot_id)
 | |
| 					{
 | |
| 						$sql = 'SELECT u.username_clean
 | |
| 							FROM ' . BOTS_TABLE . ' b, ' . USERS_TABLE . " u
 | |
| 							WHERE b.bot_id = $bot_id
 | |
| 								AND u.user_id = b.user_id";
 | |
| 						$result = $db->sql_query($sql);
 | |
| 						$row = $db->sql_fetchrow($result);
 | |
| 						$db->sql_freeresult($result);
 | |
| 
 | |
| 						if (!$bot_row)
 | |
| 						{
 | |
| 							$error[] = $user->lang['NO_BOT'];
 | |
| 						}
 | |
| 						else
 | |
| 						{
 | |
| 							$bot_name = $row['username_clean'];
 | |
| 						}
 | |
| 					}
 | |
| 					if (!$this->validate_botname($bot_row['bot_name'], $bot_name))
 | |
| 					{
 | |
| 						$error[] = $user->lang['BOT_NAME_TAKEN'];
 | |
| 					}
 | |
| 
 | |
| 					if (!sizeof($error))
 | |
| 					{
 | |
| 						// New bot? Create a new user and group entry
 | |
| 						if ($action == 'add')
 | |
| 						{
 | |
| 							$sql = 'SELECT group_id, group_colour
 | |
| 								FROM ' . GROUPS_TABLE . "
 | |
| 								WHERE group_name = 'BOTS'
 | |
| 									AND group_type = " . GROUP_SPECIAL;
 | |
| 							$result = $db->sql_query($sql);
 | |
| 							$group_row = $db->sql_fetchrow($result);
 | |
| 							$db->sql_freeresult($result);
 | |
| 
 | |
| 							if (!$group_row)
 | |
| 							{
 | |
| 								trigger_error($user->lang['NO_BOT_GROUP'] . adm_back_link($this->u_action . "&id=$bot_id&action=$action"), E_USER_WARNING);
 | |
| 							}
 | |
| 
 | |
| 							$user_id = user_add(array(
 | |
| 								'user_type'				=> (int) USER_IGNORE,
 | |
| 								'group_id'				=> (int) $group_row['group_id'],
 | |
| 								'username'				=> (string) $bot_row['bot_name'],
 | |
| 								'user_regdate'			=> time(),
 | |
| 								'user_password'			=> '',
 | |
| 								'user_colour'			=> (string) $group_row['group_colour'],
 | |
| 								'user_email'			=> '',
 | |
| 								'user_lang'				=> (string) $bot_row['bot_lang'],
 | |
| 								'user_style'			=> (int) $bot_row['bot_style'],
 | |
| 								'user_allow_massemail'	=> 0,
 | |
| 							));
 | |
| 
 | |
| 							$sql = 'INSERT INTO ' . BOTS_TABLE . ' ' . $db->sql_build_array('INSERT', array(
 | |
| 								'user_id'		=> (int) $user_id,
 | |
| 								'bot_name'		=> (string) $bot_row['bot_name'],
 | |
| 								'bot_active'	=> (int) $bot_row['bot_active'],
 | |
| 								'bot_agent'		=> (string) $bot_row['bot_agent'],
 | |
| 								'bot_ip'		=> (string) $bot_row['bot_ip'])
 | |
| 							);
 | |
| 							$db->sql_query($sql);
 | |
| 
 | |
| 							$log = 'ADDED';
 | |
| 						}
 | |
| 						else if ($bot_id)
 | |
| 						{
 | |
| 							$sql = 'SELECT user_id, bot_name
 | |
| 								FROM ' . BOTS_TABLE . "
 | |
| 								WHERE bot_id = $bot_id";
 | |
| 							$result = $db->sql_query($sql);
 | |
| 							$row = $db->sql_fetchrow($result);
 | |
| 							$db->sql_freeresult($result);
 | |
| 
 | |
| 							if (!$row)
 | |
| 							{
 | |
| 								trigger_error($user->lang['NO_BOT'] . adm_back_link($this->u_action . "&id=$bot_id&action=$action"), E_USER_WARNING);
 | |
| 							}
 | |
| 
 | |
| 							$sql_ary = array(
 | |
| 								'user_style'	=> (int) $bot_row['bot_style'],
 | |
| 								'user_lang'		=> (string) $bot_row['bot_lang'],
 | |
| 							);
 | |
| 
 | |
| 							if ($bot_row['bot_name'] !== $row['bot_name'])
 | |
| 							{
 | |
| 								$sql_ary['username'] = (string) $bot_row['bot_name'];
 | |
| 								$sql_ary['username_clean'] = (string) utf8_clean_string($bot_row['bot_name']);
 | |
| 							}
 | |
| 
 | |
| 							$sql = 'UPDATE ' . USERS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . " WHERE user_id = {$row['user_id']}";
 | |
| 							$db->sql_query($sql);
 | |
| 
 | |
| 							$sql = 'UPDATE ' . BOTS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', array(
 | |
| 								'bot_name'		=> (string) $bot_row['bot_name'],
 | |
| 								'bot_active'	=> (int) $bot_row['bot_active'],
 | |
| 								'bot_agent'		=> (string) $bot_row['bot_agent'],
 | |
| 								'bot_ip'		=> (string) $bot_row['bot_ip'])
 | |
| 							) . " WHERE bot_id = $bot_id";
 | |
| 							$db->sql_query($sql);
 | |
| 
 | |
| 							// Updated username?
 | |
| 							if ($bot_row['bot_name'] !== $row['bot_name'])
 | |
| 							{
 | |
| 								user_update_name($row['bot_name'], $bot_row['bot_name']);
 | |
| 							}
 | |
| 
 | |
| 							$log = 'UPDATED';
 | |
| 						}
 | |
| 
 | |
| 						$cache->destroy('_bots');
 | |
| 
 | |
| 						add_log('admin', 'LOG_BOT_' . $log, $bot_row['bot_name']);
 | |
| 						trigger_error($user->lang['BOT_' . $log] . adm_back_link($this->u_action));
 | |
| 
 | |
| 					}
 | |
| 				}
 | |
| 				else if ($bot_id)
 | |
| 				{
 | |
| 					$sql = 'SELECT b.*, u.user_lang, u.user_style
 | |
| 						FROM ' . BOTS_TABLE . ' b, ' . USERS_TABLE . " u
 | |
| 						WHERE b.bot_id = $bot_id
 | |
| 							AND u.user_id = b.user_id";
 | |
| 					$result = $db->sql_query($sql);
 | |
| 					$bot_row = $db->sql_fetchrow($result);
 | |
| 					$db->sql_freeresult($result);
 | |
| 
 | |
| 					if (!$bot_row)
 | |
| 					{
 | |
| 						trigger_error($user->lang['NO_BOT'] . adm_back_link($this->u_action . "&id=$bot_id&action=$action"), E_USER_WARNING);
 | |
| 					}
 | |
| 
 | |
| 					$bot_row['bot_lang'] = $bot_row['user_lang'];
 | |
| 					$bot_row['bot_style'] = $bot_row['user_style'];
 | |
| 					unset($bot_row['user_lang'], $bot_row['user_style']);
 | |
| 				}
 | |
| 
 | |
| 				$s_active_options = '';
 | |
| 				$_options = array('0' => 'NO', '1' => 'YES');
 | |
| 				foreach ($_options as $value => $lang)
 | |
| 				{
 | |
| 					$selected = ($bot_row['bot_active'] == $value) ? ' selected="selected"' : '';
 | |
| 					$s_active_options .= '<option value="' . $value . '"' . $selected . '>' . $user->lang[$lang] . '</option>';
 | |
| 				}
 | |
| 
 | |
| 				$style_select = style_select($bot_row['bot_style'], true);
 | |
| 				$lang_select = language_select($bot_row['bot_lang']);
 | |
| 
 | |
| 				$l_title = ($action == 'edit') ? 'EDIT' : 'ADD';
 | |
| 
 | |
| 				$template->assign_vars(array(
 | |
| 					'L_TITLE'		=> $user->lang['BOT_' . $l_title],
 | |
| 					'U_ACTION'		=> $this->u_action . "&id=$bot_id&action=$action",
 | |
| 					'U_BACK'		=> $this->u_action,
 | |
| 					'ERROR_MSG'		=> (sizeof($error)) ? implode('<br />', $error) : '',
 | |
| 
 | |
| 					'BOT_NAME'		=> $bot_row['bot_name'],
 | |
| 					'BOT_IP'		=> $bot_row['bot_ip'],
 | |
| 					'BOT_AGENT'		=> $bot_row['bot_agent'],
 | |
| 
 | |
| 					'S_EDIT_BOT'		=> true,
 | |
| 					'S_ACTIVE_OPTIONS'	=> $s_active_options,
 | |
| 					'S_STYLE_OPTIONS'	=> $style_select,
 | |
| 					'S_LANG_OPTIONS'	=> $lang_select,
 | |
| 					'S_ERROR'			=> (sizeof($error)) ? true : false,
 | |
| 					)
 | |
| 				);
 | |
| 
 | |
| 				return;
 | |
| 
 | |
| 			break;
 | |
| 		}
 | |
| 
 | |
| 		if ($request->is_ajax() && ($action == 'activate' || $action == 'deactivate'))
 | |
| 		{
 | |
| 			$json_response = new \phpbb\json_response;
 | |
| 			$json_response->send(array(
 | |
| 				'text'	=> $user->lang['BOT_' . (($action == 'activate') ? 'DE' : '') . 'ACTIVATE'],
 | |
| 			));
 | |
| 		}
 | |
| 
 | |
| 		$s_options = '';
 | |
| 		$_options = array('activate' => 'BOT_ACTIVATE', 'deactivate' => 'BOT_DEACTIVATE', 'delete' => 'DELETE');
 | |
| 		foreach ($_options as $value => $lang)
 | |
| 		{
 | |
| 			$s_options .= '<option value="' . $value . '">' . $user->lang[$lang] . '</option>';
 | |
| 		}
 | |
| 
 | |
| 		$template->assign_vars(array(
 | |
| 			'U_ACTION'		=> $this->u_action,
 | |
| 			'S_BOT_OPTIONS'	=> $s_options)
 | |
| 		);
 | |
| 
 | |
| 		$sql = 'SELECT b.bot_id, b.bot_name, b.bot_active, u.user_lastvisit
 | |
| 			FROM ' . BOTS_TABLE . ' b, ' . USERS_TABLE . ' u
 | |
| 			WHERE u.user_id = b.user_id
 | |
| 			ORDER BY u.user_lastvisit DESC, b.bot_name ASC';
 | |
| 		$result = $db->sql_query($sql);
 | |
| 
 | |
| 		while ($row = $db->sql_fetchrow($result))
 | |
| 		{
 | |
| 			$active_lang = (!$row['bot_active']) ? 'BOT_ACTIVATE' : 'BOT_DEACTIVATE';
 | |
| 			$active_value = (!$row['bot_active']) ? 'activate' : 'deactivate';
 | |
| 
 | |
| 			$template->assign_block_vars('bots', array(
 | |
| 				'BOT_NAME'		=> $row['bot_name'],
 | |
| 				'BOT_ID'		=> $row['bot_id'],
 | |
| 				'LAST_VISIT'	=> ($row['user_lastvisit']) ? $user->format_date($row['user_lastvisit']) : $user->lang['BOT_NEVER'],
 | |
| 
 | |
| 				'U_ACTIVATE_DEACTIVATE'	=> $this->u_action . "&id={$row['bot_id']}&action=$active_value",
 | |
| 				'L_ACTIVATE_DEACTIVATE'	=> $user->lang[$active_lang],
 | |
| 				'U_EDIT'				=> $this->u_action . "&id={$row['bot_id']}&action=edit",
 | |
| 				'U_DELETE'				=> $this->u_action . "&id={$row['bot_id']}&action=delete")
 | |
| 			);
 | |
| 		}
 | |
| 		$db->sql_freeresult($result);
 | |
| 	}
 | |
| 
 | |
| 	/**
 | |
| 	* Validate bot name against username table
 | |
| 	*/
 | |
| 	function validate_botname($newname, $oldname = false)
 | |
| 	{
 | |
| 		global $db;
 | |
| 
 | |
| 		if ($oldname && utf8_clean_string($newname) === $oldname)
 | |
| 		{
 | |
| 			return true;
 | |
| 		}
 | |
| 
 | |
| 		// Admins might want to use names otherwise forbidden, thus we only check for duplicates.
 | |
| 		$sql = 'SELECT username
 | |
| 			FROM ' . USERS_TABLE . "
 | |
| 			WHERE username_clean = '" . $db->sql_escape(utf8_clean_string($newname)) . "'";
 | |
| 		$result = $db->sql_query($sql);
 | |
| 		$row = $db->sql_fetchrow($result);
 | |
| 		$db->sql_freeresult($result);
 | |
| 
 | |
| 		return ($row) ? false : true;
 | |
| 	}
 | |
| }
 |