[1] | 1 | <?php |
---|
| 2 | |
---|
[3] | 3 | /** |
---|
| 4 | * Copyright (C) 2008-2011 FluxBB |
---|
| 5 | * based on code by Rickard Andersson copyright (C) 2002-2008 PunBB |
---|
| 6 | * License: http://www.gnu.org/licenses/gpl.html GPL version 2 or higher |
---|
| 7 | */ |
---|
[1] | 8 | |
---|
| 9 | // Tell header.php to use the admin template |
---|
| 10 | define('PUN_ADMIN_CONSOLE', 1); |
---|
| 11 | |
---|
[3] | 12 | define('PUN_ROOT', dirname(__FILE__).'/'); |
---|
[1] | 13 | require PUN_ROOT.'include/common.php'; |
---|
| 14 | require PUN_ROOT.'include/common_admin.php'; |
---|
| 15 | |
---|
| 16 | |
---|
[3] | 17 | if ($pun_user['g_id'] != PUN_ADMIN && ($pun_user['g_moderator'] != '1' || $pun_user['g_mod_ban_users'] == '0')) |
---|
[1] | 18 | message($lang_common['No permission']); |
---|
| 19 | |
---|
[3] | 20 | // Load the admin_bans.php language file |
---|
| 21 | require PUN_ROOT.'lang/'.$admin_language.'/admin_bans.php'; |
---|
[1] | 22 | |
---|
| 23 | // Add/edit a ban (stage 1) |
---|
| 24 | if (isset($_REQUEST['add_ban']) || isset($_GET['edit_ban'])) |
---|
| 25 | { |
---|
| 26 | if (isset($_GET['add_ban']) || isset($_POST['add_ban'])) |
---|
| 27 | { |
---|
[3] | 28 | // If the ID of the user to ban was provided through GET (a link from profile.php) |
---|
[1] | 29 | if (isset($_GET['add_ban'])) |
---|
| 30 | { |
---|
[3] | 31 | $user_id = intval($_GET['add_ban']); |
---|
| 32 | if ($user_id < 2) |
---|
[1] | 33 | message($lang_common['Bad request']); |
---|
| 34 | |
---|
[3] | 35 | $result = $db->query('SELECT group_id, username, email FROM '.$db->prefix.'users WHERE id='.$user_id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error()); |
---|
[1] | 36 | if ($db->num_rows($result)) |
---|
| 37 | list($group_id, $ban_user, $ban_email) = $db->fetch_row($result); |
---|
| 38 | else |
---|
[3] | 39 | message($lang_admin_bans['No user ID message']); |
---|
[1] | 40 | } |
---|
[3] | 41 | else // Otherwise the username is in POST |
---|
[1] | 42 | { |
---|
[3] | 43 | $ban_user = pun_trim($_POST['new_ban_user']); |
---|
[1] | 44 | |
---|
| 45 | if ($ban_user != '') |
---|
| 46 | { |
---|
[3] | 47 | $result = $db->query('SELECT id, group_id, username, email FROM '.$db->prefix.'users WHERE username=\''.$db->escape($ban_user).'\' AND id>1') or error('Unable to fetch user info', __FILE__, __LINE__, $db->error()); |
---|
[1] | 48 | if ($db->num_rows($result)) |
---|
| 49 | list($user_id, $group_id, $ban_user, $ban_email) = $db->fetch_row($result); |
---|
| 50 | else |
---|
[3] | 51 | message($lang_admin_bans['No user message']); |
---|
[1] | 52 | } |
---|
| 53 | } |
---|
| 54 | |
---|
[3] | 55 | // Make sure we're not banning an admin or moderator |
---|
| 56 | if (isset($group_id)) |
---|
| 57 | { |
---|
| 58 | if ($group_id == PUN_ADMIN) |
---|
| 59 | message(sprintf($lang_admin_bans['User is admin message'], pun_htmlspecialchars($ban_user))); |
---|
[1] | 60 | |
---|
[3] | 61 | $result = $db->query('SELECT g_moderator FROM '.$db->prefix.'groups WHERE g_id='.$group_id) or error('Unable to fetch group info', __FILE__, __LINE__, $db->error()); |
---|
| 62 | $is_moderator_group = $db->result($result); |
---|
| 63 | |
---|
| 64 | if ($is_moderator_group) |
---|
| 65 | message(sprintf($lang_admin_bans['User is mod message'], pun_htmlspecialchars($ban_user))); |
---|
| 66 | } |
---|
| 67 | |
---|
[1] | 68 | // If we have a $user_id, we can try to find the last known IP of that user |
---|
| 69 | if (isset($user_id)) |
---|
| 70 | { |
---|
[3] | 71 | $result = $db->query('SELECT poster_ip FROM '.$db->prefix.'posts WHERE poster_id='.$user_id.' ORDER BY posted DESC LIMIT 1') or error('Unable to fetch post info', __FILE__, __LINE__, $db->error()); |
---|
[1] | 72 | $ban_ip = ($db->num_rows($result)) ? $db->result($result) : ''; |
---|
[3] | 73 | |
---|
| 74 | if ($ban_ip == '') |
---|
| 75 | { |
---|
| 76 | $result = $db->query('SELECT registration_ip FROM '.$db->prefix.'users WHERE id='.$user_id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error()); |
---|
| 77 | $ban_ip = ($db->num_rows($result)) ? $db->result($result) : ''; |
---|
| 78 | } |
---|
[1] | 79 | } |
---|
| 80 | |
---|
| 81 | $mode = 'add'; |
---|
| 82 | } |
---|
[3] | 83 | else // We are editing a ban |
---|
[1] | 84 | { |
---|
| 85 | $ban_id = intval($_GET['edit_ban']); |
---|
| 86 | if ($ban_id < 1) |
---|
| 87 | message($lang_common['Bad request']); |
---|
| 88 | |
---|
[3] | 89 | $result = $db->query('SELECT username, ip, email, message, expire FROM '.$db->prefix.'bans WHERE id='.$ban_id) or error('Unable to fetch ban info', __FILE__, __LINE__, $db->error()); |
---|
[1] | 90 | if ($db->num_rows($result)) |
---|
| 91 | list($ban_user, $ban_ip, $ban_email, $ban_message, $ban_expire) = $db->fetch_row($result); |
---|
| 92 | else |
---|
| 93 | message($lang_common['Bad request']); |
---|
| 94 | |
---|
[3] | 95 | $diff = ($pun_user['timezone'] + $pun_user['dst']) * 3600; |
---|
| 96 | $ban_expire = ($ban_expire != '') ? gmdate('Y-m-d', $ban_expire + $diff) : ''; |
---|
[1] | 97 | |
---|
| 98 | $mode = 'edit'; |
---|
| 99 | } |
---|
| 100 | |
---|
[3] | 101 | $page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_admin_common['Admin'], $lang_admin_common['Bans']); |
---|
[1] | 102 | $focus_element = array('bans2', 'ban_user'); |
---|
[3] | 103 | define('PUN_ACTIVE_PAGE', 'admin'); |
---|
[1] | 104 | require PUN_ROOT.'header.php'; |
---|
| 105 | |
---|
| 106 | generate_admin_menu('bans'); |
---|
| 107 | |
---|
| 108 | ?> |
---|
| 109 | <div class="blockform"> |
---|
[3] | 110 | <h2><span><?php echo $lang_admin_bans['Ban advanced head'] ?></span></h2> |
---|
[1] | 111 | <div class="box"> |
---|
| 112 | <form id="bans2" method="post" action="admin_bans.php"> |
---|
| 113 | <div class="inform"> |
---|
| 114 | <input type="hidden" name="mode" value="<?php echo $mode ?>" /> |
---|
| 115 | <?php if ($mode == 'edit'): ?> <input type="hidden" name="ban_id" value="<?php echo $ban_id ?>" /> |
---|
| 116 | <?php endif; ?> <fieldset> |
---|
[3] | 117 | <legend><?php echo $lang_admin_bans['Ban advanced subhead'] ?></legend> |
---|
[1] | 118 | <div class="infldset"> |
---|
| 119 | <table class="aligntop" cellspacing="0"> |
---|
| 120 | <tr> |
---|
[3] | 121 | <th scope="row"><?php echo $lang_admin_bans['Username label'] ?></th> |
---|
[1] | 122 | <td> |
---|
| 123 | <input type="text" name="ban_user" size="25" maxlength="25" value="<?php if (isset($ban_user)) echo pun_htmlspecialchars($ban_user); ?>" tabindex="1" /> |
---|
[3] | 124 | <span><?php echo $lang_admin_bans['Username help'] ?></span> |
---|
[1] | 125 | </td> |
---|
| 126 | </tr> |
---|
| 127 | <tr> |
---|
[3] | 128 | <th scope="row"><?php echo $lang_admin_bans['IP label'] ?></th> |
---|
[1] | 129 | <td> |
---|
| 130 | <input type="text" name="ban_ip" size="45" maxlength="255" value="<?php if (isset($ban_ip)) echo $ban_ip; ?>" tabindex="2" /> |
---|
[3] | 131 | <span><?php echo $lang_admin_bans['IP help'] ?><?php if ($ban_user != '' && isset($user_id)) printf(' '.$lang_admin_bans['IP help link'], '<a href="admin_users.php?ip_stats='.$user_id.'">'.$lang_admin_common['here'].'</a>') ?></span> |
---|
[1] | 132 | </td> |
---|
| 133 | </tr> |
---|
| 134 | <tr> |
---|
[3] | 135 | <th scope="row"><?php echo $lang_admin_bans['E-mail label'] ?></th> |
---|
[1] | 136 | <td> |
---|
[3] | 137 | <input type="text" name="ban_email" size="40" maxlength="80" value="<?php if (isset($ban_email)) echo $ban_email; ?>" tabindex="3" /> |
---|
| 138 | <span><?php echo $lang_admin_bans['E-mail help'] ?></span> |
---|
[1] | 139 | </td> |
---|
| 140 | </tr> |
---|
| 141 | </table> |
---|
[3] | 142 | <p class="topspace"><strong class="warntext"><?php echo $lang_admin_bans['Ban IP range info'] ?></strong></p> |
---|
[1] | 143 | </div> |
---|
| 144 | </fieldset> |
---|
| 145 | </div> |
---|
| 146 | <div class="inform"> |
---|
| 147 | <fieldset> |
---|
[3] | 148 | <legend><?php echo $lang_admin_bans['Message expiry subhead'] ?></legend> |
---|
[1] | 149 | <div class="infldset"> |
---|
| 150 | <table class="aligntop" cellspacing="0"> |
---|
| 151 | <tr> |
---|
[3] | 152 | <th scope="row"><?php echo $lang_admin_bans['Ban message label'] ?></th> |
---|
[1] | 153 | <td> |
---|
| 154 | <input type="text" name="ban_message" size="50" maxlength="255" value="<?php if (isset($ban_message)) echo pun_htmlspecialchars($ban_message); ?>" tabindex="4" /> |
---|
[3] | 155 | <span><?php echo $lang_admin_bans['Ban message help'] ?></span> |
---|
[1] | 156 | </td> |
---|
| 157 | </tr> |
---|
| 158 | <tr> |
---|
[3] | 159 | <th scope="row"><?php echo $lang_admin_bans['Expire date label'] ?></th> |
---|
[1] | 160 | <td> |
---|
| 161 | <input type="text" name="ban_expire" size="17" maxlength="10" value="<?php if (isset($ban_expire)) echo $ban_expire; ?>" tabindex="5" /> |
---|
[3] | 162 | <span><?php echo $lang_admin_bans['Expire date help'] ?></span> |
---|
[1] | 163 | </td> |
---|
| 164 | </tr> |
---|
| 165 | </table> |
---|
| 166 | </div> |
---|
| 167 | </fieldset> |
---|
| 168 | </div> |
---|
[3] | 169 | <p class="submitend"><input type="submit" name="add_edit_ban" value="<?php echo $lang_admin_common['Save'] ?>" tabindex="6" /></p> |
---|
[1] | 170 | </form> |
---|
| 171 | </div> |
---|
| 172 | </div> |
---|
| 173 | <div class="clearer"></div> |
---|
| 174 | </div> |
---|
| 175 | <?php |
---|
| 176 | |
---|
| 177 | require PUN_ROOT.'footer.php'; |
---|
| 178 | } |
---|
| 179 | |
---|
| 180 | // Add/edit a ban (stage 2) |
---|
| 181 | else if (isset($_POST['add_edit_ban'])) |
---|
| 182 | { |
---|
| 183 | confirm_referrer('admin_bans.php'); |
---|
| 184 | |
---|
[3] | 185 | $ban_user = pun_trim($_POST['ban_user']); |
---|
[1] | 186 | $ban_ip = trim($_POST['ban_ip']); |
---|
| 187 | $ban_email = strtolower(trim($_POST['ban_email'])); |
---|
[3] | 188 | $ban_message = pun_trim($_POST['ban_message']); |
---|
[1] | 189 | $ban_expire = trim($_POST['ban_expire']); |
---|
| 190 | |
---|
| 191 | if ($ban_user == '' && $ban_ip == '' && $ban_email == '') |
---|
[3] | 192 | message($lang_admin_bans['Must enter message']); |
---|
| 193 | else if (strtolower($ban_user) == 'guest') |
---|
| 194 | message($lang_admin_bans['Cannot ban guest message']); |
---|
[1] | 195 | |
---|
[3] | 196 | // Make sure we're not banning an admin or moderator |
---|
| 197 | if (!empty($ban_user)) |
---|
| 198 | { |
---|
| 199 | $result = $db->query('SELECT group_id FROM '.$db->prefix.'users WHERE username=\''.$db->escape($ban_user).'\' AND id>1') or error('Unable to fetch user info', __FILE__, __LINE__, $db->error()); |
---|
| 200 | if ($db->num_rows($result)) |
---|
| 201 | { |
---|
| 202 | $group_id = $db->result($result); |
---|
| 203 | |
---|
| 204 | if ($group_id == PUN_ADMIN) |
---|
| 205 | message(sprintf($lang_admin_bans['User is admin message'], pun_htmlspecialchars($ban_user))); |
---|
| 206 | |
---|
| 207 | $result = $db->query('SELECT g_moderator FROM '.$db->prefix.'groups WHERE g_id='.$group_id) or error('Unable to fetch group info', __FILE__, __LINE__, $db->error()); |
---|
| 208 | $is_moderator_group = $db->result($result); |
---|
| 209 | |
---|
| 210 | if ($is_moderator_group) |
---|
| 211 | message(sprintf($lang_admin_bans['User is mod message'], pun_htmlspecialchars($ban_user))); |
---|
| 212 | } |
---|
| 213 | } |
---|
| 214 | |
---|
[1] | 215 | // Validate IP/IP range (it's overkill, I know) |
---|
| 216 | if ($ban_ip != '') |
---|
| 217 | { |
---|
[3] | 218 | $ban_ip = preg_replace('%\s{2,}%S', ' ', $ban_ip); |
---|
[1] | 219 | $addresses = explode(' ', $ban_ip); |
---|
[3] | 220 | $addresses = array_map('pun_trim', $addresses); |
---|
[1] | 221 | |
---|
| 222 | for ($i = 0; $i < count($addresses); ++$i) |
---|
| 223 | { |
---|
[3] | 224 | if (strpos($addresses[$i], ':') !== false) |
---|
| 225 | { |
---|
| 226 | $octets = explode(':', $addresses[$i]); |
---|
[1] | 227 | |
---|
[3] | 228 | for ($c = 0; $c < count($octets); ++$c) |
---|
| 229 | { |
---|
| 230 | $octets[$c] = ltrim($octets[$c], "0"); |
---|
| 231 | |
---|
| 232 | if ($c > 7 || (!empty($octets[$c]) && !ctype_xdigit($octets[$c])) || intval($octets[$c], 16) > 65535) |
---|
| 233 | message($lang_admin_bans['Invalid IP message']); |
---|
| 234 | } |
---|
| 235 | |
---|
| 236 | $cur_address = implode(':', $octets); |
---|
| 237 | $addresses[$i] = $cur_address; |
---|
| 238 | } |
---|
| 239 | else |
---|
[1] | 240 | { |
---|
[3] | 241 | $octets = explode('.', $addresses[$i]); |
---|
[1] | 242 | |
---|
[3] | 243 | for ($c = 0; $c < count($octets); ++$c) |
---|
| 244 | { |
---|
| 245 | $octets[$c] = (strlen($octets[$c]) > 1) ? ltrim($octets[$c], "0") : $octets[$c]; |
---|
| 246 | |
---|
| 247 | if ($c > 3 || preg_match('%[^0-9]%', $octets[$c]) || intval($octets[$c]) > 255) |
---|
| 248 | message($lang_admin_bans['Invalid IP message']); |
---|
| 249 | } |
---|
| 250 | |
---|
| 251 | $cur_address = implode('.', $octets); |
---|
| 252 | $addresses[$i] = $cur_address; |
---|
[1] | 253 | } |
---|
| 254 | } |
---|
| 255 | |
---|
| 256 | $ban_ip = implode(' ', $addresses); |
---|
| 257 | } |
---|
| 258 | |
---|
| 259 | require PUN_ROOT.'include/email.php'; |
---|
| 260 | if ($ban_email != '' && !is_valid_email($ban_email)) |
---|
| 261 | { |
---|
[3] | 262 | if (!preg_match('%^[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,4})$%', $ban_email)) |
---|
| 263 | message($lang_admin_bans['Invalid e-mail message']); |
---|
[1] | 264 | } |
---|
| 265 | |
---|
| 266 | if ($ban_expire != '' && $ban_expire != 'Never') |
---|
| 267 | { |
---|
[3] | 268 | $ban_expire = strtotime($ban_expire.' GMT'); |
---|
[1] | 269 | |
---|
[3] | 270 | if ($ban_expire == -1 || !$ban_expire) |
---|
| 271 | message($lang_admin_bans['Invalid date message'].' '.$lang_admin_bans['Invalid date reasons']); |
---|
| 272 | |
---|
| 273 | $diff = ($pun_user['timezone'] + $pun_user['dst']) * 3600; |
---|
| 274 | $ban_expire -= $diff; |
---|
| 275 | |
---|
| 276 | if ($ban_expire <= time()) |
---|
| 277 | message($lang_admin_bans['Invalid date message'].' '.$lang_admin_bans['Invalid date reasons']); |
---|
[1] | 278 | } |
---|
| 279 | else |
---|
| 280 | $ban_expire = 'NULL'; |
---|
| 281 | |
---|
| 282 | $ban_user = ($ban_user != '') ? '\''.$db->escape($ban_user).'\'' : 'NULL'; |
---|
| 283 | $ban_ip = ($ban_ip != '') ? '\''.$db->escape($ban_ip).'\'' : 'NULL'; |
---|
| 284 | $ban_email = ($ban_email != '') ? '\''.$db->escape($ban_email).'\'' : 'NULL'; |
---|
| 285 | $ban_message = ($ban_message != '') ? '\''.$db->escape($ban_message).'\'' : 'NULL'; |
---|
| 286 | |
---|
| 287 | if ($_POST['mode'] == 'add') |
---|
[3] | 288 | $db->query('INSERT INTO '.$db->prefix.'bans (username, ip, email, message, expire, ban_creator) VALUES('.$ban_user.', '.$ban_ip.', '.$ban_email.', '.$ban_message.', '.$ban_expire.', '.$pun_user['id'].')') or error('Unable to add ban', __FILE__, __LINE__, $db->error()); |
---|
[1] | 289 | else |
---|
[3] | 290 | $db->query('UPDATE '.$db->prefix.'bans SET username='.$ban_user.', ip='.$ban_ip.', email='.$ban_email.', message='.$ban_message.', expire='.$ban_expire.' WHERE id='.intval($_POST['ban_id'])) or error('Unable to update ban', __FILE__, __LINE__, $db->error()); |
---|
[1] | 291 | |
---|
| 292 | // Regenerate the bans cache |
---|
[3] | 293 | if (!defined('FORUM_CACHE_FUNCTIONS_LOADED')) |
---|
| 294 | require PUN_ROOT.'include/cache.php'; |
---|
| 295 | |
---|
[1] | 296 | generate_bans_cache(); |
---|
| 297 | |
---|
[3] | 298 | if ($_POST['mode'] == 'edit') |
---|
| 299 | redirect('admin_bans.php', $lang_admin_bans['Ban edited redirect']); |
---|
| 300 | else |
---|
| 301 | redirect('admin_bans.php', $lang_admin_bans['Ban added redirect']); |
---|
[1] | 302 | } |
---|
| 303 | |
---|
| 304 | // Remove a ban |
---|
| 305 | else if (isset($_GET['del_ban'])) |
---|
| 306 | { |
---|
| 307 | confirm_referrer('admin_bans.php'); |
---|
| 308 | |
---|
| 309 | $ban_id = intval($_GET['del_ban']); |
---|
| 310 | if ($ban_id < 1) |
---|
| 311 | message($lang_common['Bad request']); |
---|
| 312 | |
---|
[3] | 313 | $db->query('DELETE FROM '.$db->prefix.'bans WHERE id='.$ban_id) or error('Unable to delete ban', __FILE__, __LINE__, $db->error()); |
---|
[1] | 314 | |
---|
| 315 | // Regenerate the bans cache |
---|
[3] | 316 | if (!defined('FORUM_CACHE_FUNCTIONS_LOADED')) |
---|
| 317 | require PUN_ROOT.'include/cache.php'; |
---|
| 318 | |
---|
[1] | 319 | generate_bans_cache(); |
---|
| 320 | |
---|
[3] | 321 | redirect('admin_bans.php', $lang_admin_bans['Ban removed redirect']); |
---|
[1] | 322 | } |
---|
| 323 | |
---|
[3] | 324 | // Find bans |
---|
| 325 | else if (isset($_GET['find_ban'])) |
---|
| 326 | { |
---|
| 327 | $form = isset($_GET['form']) ? $_GET['form'] : array(); |
---|
[1] | 328 | |
---|
[3] | 329 | // trim() all elements in $form |
---|
| 330 | $form = array_map('pun_trim', $form); |
---|
| 331 | $conditions = $query_str = array(); |
---|
| 332 | |
---|
| 333 | $expire_after = isset($_GET['expire_after']) ? trim($_GET['expire_after']) : ''; |
---|
| 334 | $expire_before = isset($_GET['expire_before']) ? trim($_GET['expire_before']) : ''; |
---|
| 335 | $order_by = isset($_GET['order_by']) && in_array($_GET['order_by'], array('username', 'ip', 'email', 'expire')) ? 'b.'.$_GET['order_by'] : 'b.username'; |
---|
| 336 | $direction = isset($_GET['direction']) && $_GET['direction'] == 'DESC' ? 'DESC' : 'ASC'; |
---|
| 337 | |
---|
| 338 | $query_str[] = 'order_by='.$order_by; |
---|
| 339 | $query_str[] = 'direction='.$direction; |
---|
| 340 | |
---|
| 341 | // Try to convert date/time to timestamps |
---|
| 342 | if ($expire_after != '') |
---|
| 343 | { |
---|
| 344 | $query_str[] = 'expire_after='.$expire_after; |
---|
| 345 | |
---|
| 346 | $expire_after = strtotime($expire_after); |
---|
| 347 | if ($expire_after === false || $expire_after == -1) |
---|
| 348 | message($lang_admin_bans['Invalid date message']); |
---|
| 349 | |
---|
| 350 | $conditions[] = 'b.expire>'.$expire_after; |
---|
| 351 | } |
---|
| 352 | if ($expire_before != '') |
---|
| 353 | { |
---|
| 354 | $query_str[] = 'expire_before='.$expire_before; |
---|
| 355 | |
---|
| 356 | $expire_before = strtotime($expire_before); |
---|
| 357 | if ($expire_before === false || $expire_before == -1) |
---|
| 358 | message($lang_admin_bans['Invalid date message']); |
---|
| 359 | |
---|
| 360 | $conditions[] = 'b.expire<'.$expire_before; |
---|
| 361 | } |
---|
| 362 | |
---|
| 363 | $like_command = ($db_type == 'pgsql') ? 'ILIKE' : 'LIKE'; |
---|
| 364 | foreach ($form as $key => $input) |
---|
| 365 | { |
---|
| 366 | if ($input != '' && in_array($key, array('username', 'ip', 'email', 'message'))) |
---|
| 367 | { |
---|
| 368 | $conditions[] = 'b.'.$db->escape($key).' '.$like_command.' \''.$db->escape(str_replace('*', '%', $input)).'\''; |
---|
| 369 | $query_str[] = 'form%5B'.$key.'%5D='.urlencode($input); |
---|
| 370 | } |
---|
| 371 | } |
---|
| 372 | |
---|
| 373 | // Fetch ban count |
---|
| 374 | $result = $db->query('SELECT COUNT(id) FROM '.$db->prefix.'bans as b WHERE b.id>0'.(!empty($conditions) ? ' AND '.implode(' AND ', $conditions) : '')) or error('Unable to fetch ban list', __FILE__, __LINE__, $db->error()); |
---|
| 375 | $num_bans = $db->result($result); |
---|
| 376 | |
---|
| 377 | // Determine the ban offset (based on $_GET['p']) |
---|
| 378 | $num_pages = ceil($num_bans / 50); |
---|
| 379 | |
---|
| 380 | $p = (!isset($_GET['p']) || $_GET['p'] <= 1 || $_GET['p'] > $num_pages) ? 1 : intval($_GET['p']); |
---|
| 381 | $start_from = 50 * ($p - 1); |
---|
| 382 | |
---|
| 383 | // Generate paging links |
---|
| 384 | $paging_links = '<span class="pages-label">'.$lang_common['Pages'].' </span>'.paginate($num_pages, $p, 'admin_bans.php?find_ban=&'.implode('&', $query_str)); |
---|
| 385 | |
---|
| 386 | $page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_admin_common['Admin'], $lang_admin_common['Bans'], $lang_admin_bans['Results head']); |
---|
| 387 | define('PUN_ACTIVE_PAGE', 'admin'); |
---|
| 388 | require PUN_ROOT.'header.php'; |
---|
| 389 | |
---|
| 390 | ?> |
---|
| 391 | <div class="linkst"> |
---|
| 392 | <div class="inbox crumbsplus"> |
---|
| 393 | <ul class="crumbs"> |
---|
| 394 | <li><a href="admin_index.php"><?php echo $lang_admin_common['Admin'].' '.$lang_admin_common['Index'] ?></a></li> |
---|
| 395 | <li><span>» </span><a href="admin_bans.php"><?php echo $lang_admin_common['Bans'] ?></a></li> |
---|
| 396 | <li><span>» </span><strong><?php echo $lang_admin_bans['Results head'] ?></strong></li> |
---|
| 397 | </ul> |
---|
| 398 | <div class="pagepost"> |
---|
| 399 | <p class="pagelink"><?php echo $paging_links ?></p> |
---|
| 400 | </div> |
---|
| 401 | <div class="clearer"></div> |
---|
| 402 | </div> |
---|
| 403 | </div> |
---|
| 404 | |
---|
| 405 | |
---|
| 406 | <div id="bans1" class="blocktable"> |
---|
| 407 | <h2><span><?php echo $lang_admin_bans['Results head'] ?></span></h2> |
---|
| 408 | <div class="box"> |
---|
| 409 | <div class="inbox"> |
---|
| 410 | <table cellspacing="0"> |
---|
| 411 | <thead> |
---|
| 412 | <tr> |
---|
| 413 | <th class="tcl" scope="col"><?php echo $lang_admin_bans['Results username head'] ?></th> |
---|
| 414 | <th class="tc2" scope="col"><?php echo $lang_admin_bans['Results e-mail head'] ?></th> |
---|
| 415 | <th class="tc3" scope="col"><?php echo $lang_admin_bans['Results IP address head'] ?></th> |
---|
| 416 | <th class="tc4" scope="col"><?php echo $lang_admin_bans['Results expire head'] ?></th> |
---|
| 417 | <th class="tc5" scope="col"><?php echo $lang_admin_bans['Results message head'] ?></th> |
---|
| 418 | <th class="tc6" scope="col"><?php echo $lang_admin_bans['Results banned by head'] ?></th> |
---|
| 419 | <th class="tcr" scope="col"><?php echo $lang_admin_bans['Results actions head'] ?></th> |
---|
| 420 | </tr> |
---|
| 421 | </thead> |
---|
| 422 | <tbody> |
---|
| 423 | <?php |
---|
| 424 | |
---|
| 425 | $result = $db->query('SELECT b.id, b.username, b.ip, b.email, b.message, b.expire, b.ban_creator, u.username AS ban_creator_username FROM '.$db->prefix.'bans AS b LEFT JOIN '.$db->prefix.'users AS u ON b.ban_creator=u.id WHERE b.id>0'.(!empty($conditions) ? ' AND '.implode(' AND ', $conditions) : '').' ORDER BY '.$db->escape($order_by).' '.$db->escape($direction).' LIMIT '.$start_from.', 50') or error('Unable to fetch ban list', __FILE__, __LINE__, $db->error()); |
---|
| 426 | if ($db->num_rows($result)) |
---|
| 427 | { |
---|
| 428 | while ($ban_data = $db->fetch_assoc($result)) |
---|
| 429 | { |
---|
| 430 | |
---|
| 431 | $actions = '<a href="admin_bans.php?edit_ban='.$ban_data['id'].'">'.$lang_admin_common['Edit'].'</a> | <a href="admin_bans.php?del_ban='.$ban_data['id'].'">'.$lang_admin_common['Remove'].'</a>'; |
---|
| 432 | $expire = format_time($ban_data['expire'], true); |
---|
| 433 | |
---|
| 434 | ?> |
---|
| 435 | <tr> |
---|
| 436 | <td class="tcl"><?php echo ($ban_data['username'] != '') ? pun_htmlspecialchars($ban_data['username']) : ' ' ?></td> |
---|
| 437 | <td class="tc2"><?php echo ($ban_data['email'] != '') ? $ban_data['email'] : ' ' ?></td> |
---|
| 438 | <td class="tc3"><?php echo ($ban_data['ip'] != '') ? $ban_data['ip'] : ' ' ?></td> |
---|
| 439 | <td class="tc4"><?php echo $expire ?></td> |
---|
| 440 | <td class="tc5"><?php echo ($ban_data['message'] != '') ? pun_htmlspecialchars($ban_data['message']) : ' ' ?></td> |
---|
| 441 | <td class="tc6"><?php echo ($ban_data['ban_creator_username'] != '') ? '<a href="profile.php?id='.$ban_data['ban_creator'].'">'.pun_htmlspecialchars($ban_data['ban_creator_username']).'</a>' : $lang_admin_bans['Unknown'] ?></td> |
---|
| 442 | <td class="tcr"><?php echo $actions ?></td> |
---|
| 443 | </tr> |
---|
| 444 | <?php |
---|
| 445 | |
---|
| 446 | } |
---|
| 447 | } |
---|
| 448 | else |
---|
| 449 | echo "\t\t\t\t".'<tr><td class="tcl" colspan="7">'.$lang_admin_bans['No match'].'</td></tr>'."\n"; |
---|
| 450 | |
---|
| 451 | ?> |
---|
| 452 | </tbody> |
---|
| 453 | </table> |
---|
| 454 | </div> |
---|
| 455 | </div> |
---|
| 456 | </div> |
---|
| 457 | |
---|
| 458 | <div class="linksb"> |
---|
| 459 | <div class="inbox crumbsplus"> |
---|
| 460 | <div class="pagepost"> |
---|
| 461 | <p class="pagelink"><?php echo $paging_links ?></p> |
---|
| 462 | </div> |
---|
| 463 | <ul class="crumbs"> |
---|
| 464 | <li><a href="admin_index.php"><?php echo $lang_admin_common['Admin'].' '.$lang_admin_common['Index'] ?></a></li> |
---|
| 465 | <li><span>» </span><a href="admin_bans.php"><?php echo $lang_admin_common['Bans'] ?></a></li> |
---|
| 466 | <li><span>» </span><strong><?php echo $lang_admin_bans['Results head'] ?></strong></li> |
---|
| 467 | </ul> |
---|
| 468 | <div class="clearer"></div> |
---|
| 469 | </div> |
---|
| 470 | </div> |
---|
| 471 | <?php |
---|
| 472 | |
---|
| 473 | require PUN_ROOT.'footer.php'; |
---|
| 474 | } |
---|
| 475 | |
---|
| 476 | $page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_admin_common['Admin'], $lang_admin_common['Bans']); |
---|
[1] | 477 | $focus_element = array('bans', 'new_ban_user'); |
---|
[3] | 478 | define('PUN_ACTIVE_PAGE', 'admin'); |
---|
[1] | 479 | require PUN_ROOT.'header.php'; |
---|
| 480 | |
---|
| 481 | generate_admin_menu('bans'); |
---|
| 482 | |
---|
| 483 | ?> |
---|
| 484 | <div class="blockform"> |
---|
[3] | 485 | <h2><span><?php echo $lang_admin_bans['New ban head'] ?></span></h2> |
---|
[1] | 486 | <div class="box"> |
---|
| 487 | <form id="bans" method="post" action="admin_bans.php?action=more"> |
---|
| 488 | <div class="inform"> |
---|
| 489 | <fieldset> |
---|
[3] | 490 | <legend><?php echo $lang_admin_bans['Add ban subhead'] ?></legend> |
---|
[1] | 491 | <div class="infldset"> |
---|
| 492 | <table class="aligntop" cellspacing="0"> |
---|
| 493 | <tr> |
---|
[3] | 494 | <th scope="row"><?php echo $lang_admin_bans['Username label'] ?><div><input type="submit" name="add_ban" value="<?php echo $lang_admin_common['Add'] ?>" tabindex="2" /></div></th> |
---|
[1] | 495 | <td> |
---|
| 496 | <input type="text" name="new_ban_user" size="25" maxlength="25" tabindex="1" /> |
---|
[3] | 497 | <span><?php echo $lang_admin_bans['Username advanced help'] ?></span> |
---|
[1] | 498 | </td> |
---|
| 499 | </tr> |
---|
| 500 | </table> |
---|
| 501 | </div> |
---|
| 502 | </fieldset> |
---|
| 503 | </div> |
---|
| 504 | </form> |
---|
| 505 | </div> |
---|
| 506 | |
---|
[3] | 507 | <h2 class="block2"><span><?php echo $lang_admin_bans['Ban search head'] ?></span></h2> |
---|
[1] | 508 | <div class="box"> |
---|
[3] | 509 | <form id="find_band" method="get" action="admin_bans.php"> |
---|
| 510 | <p class="submittop"><input type="submit" name="find_ban" value="<?php echo $lang_admin_bans['Submit search'] ?>" tabindex="3" /></p> |
---|
[1] | 511 | <div class="inform"> |
---|
| 512 | <fieldset> |
---|
[3] | 513 | <legend><?php echo $lang_admin_bans['Ban search subhead'] ?></legend> |
---|
[1] | 514 | <div class="infldset"> |
---|
[3] | 515 | <p><?php echo $lang_admin_bans['Ban search info'] ?></p> |
---|
| 516 | <table class="aligntop" cellspacing="0"> |
---|
| 517 | <tr> |
---|
| 518 | <th scope="row"><?php echo $lang_admin_bans['Username label'] ?></th> |
---|
| 519 | <td><input type="text" name="form[username]" size="25" maxlength="25" tabindex="4" /></td> |
---|
[1] | 520 | </tr> |
---|
[3] | 521 | <tr> |
---|
| 522 | <th scope="row"><?php echo $lang_admin_bans['IP label'] ?></th> |
---|
| 523 | <td><input type="text" name="form[ip]" size="30" maxlength="255" tabindex="5" /></td> |
---|
[1] | 524 | </tr> |
---|
[3] | 525 | <tr> |
---|
| 526 | <th scope="row"><?php echo $lang_admin_bans['E-mail label'] ?></th> |
---|
| 527 | <td><input type="text" name="form[email]" size="30" maxlength="80" tabindex="6" /></td> |
---|
[1] | 528 | </tr> |
---|
[3] | 529 | <tr> |
---|
| 530 | <th scope="row"><?php echo $lang_admin_bans['Message label'] ?></th> |
---|
| 531 | <td><input type="text" name="form[message]" size="30" maxlength="255" tabindex="7" /></td> |
---|
[1] | 532 | </tr> |
---|
[3] | 533 | <tr> |
---|
| 534 | <th scope="row"><?php echo $lang_admin_bans['Expire after label'] ?></th> |
---|
| 535 | <td><input type="text" name="expire_after" size="10" maxlength="10" tabindex="8" /> |
---|
| 536 | <span><?php echo $lang_admin_bans['Date help'] ?></span></td> |
---|
| 537 | </tr> |
---|
| 538 | <tr> |
---|
| 539 | <th scope="row"><?php echo $lang_admin_bans['Expire before label'] ?></th> |
---|
| 540 | <td><input type="text" name="expire_before" size="10" maxlength="10" tabindex="9" /> |
---|
| 541 | <span><?php echo $lang_admin_bans['Date help'] ?></span></td> |
---|
| 542 | </tr> |
---|
| 543 | <tr> |
---|
| 544 | <th scope="row"><?php echo $lang_admin_bans['Order by label'] ?></th> |
---|
| 545 | <td> |
---|
| 546 | <select name="order_by" tabindex="10"> |
---|
| 547 | <option value="username" selected="selected"><?php echo $lang_admin_bans['Order by username'] ?></option> |
---|
| 548 | <option value="ip"><?php echo $lang_admin_bans['Order by ip'] ?></option> |
---|
| 549 | <option value="email"><?php echo $lang_admin_bans['Order by e-mail'] ?></option> |
---|
| 550 | <option value="expire"><?php echo $lang_admin_bans['Order by expire'] ?></option> |
---|
| 551 | </select>   <select name="direction" tabindex="11"> |
---|
| 552 | <option value="ASC" selected="selected"><?php echo $lang_admin_bans['Ascending'] ?></option> |
---|
| 553 | <option value="DESC"><?php echo $lang_admin_bans['Descending'] ?></option> |
---|
| 554 | </select> |
---|
| 555 | </td> |
---|
| 556 | </tr> |
---|
| 557 | </table> |
---|
[1] | 558 | </div> |
---|
| 559 | </fieldset> |
---|
| 560 | </div> |
---|
[3] | 561 | <p class="submitend"><input type="submit" name="find_ban" value="<?php echo $lang_admin_bans['Submit search'] ?>" tabindex="12" /></p> |
---|
| 562 | </form> |
---|
[1] | 563 | </div> |
---|
| 564 | </div> |
---|
| 565 | <div class="clearer"></div> |
---|
| 566 | </div> |
---|
| 567 | <?php |
---|
| 568 | |
---|
| 569 | require PUN_ROOT.'footer.php'; |
---|