How to restrict the visitor's IP (phpBB code) _php

Source: Internet
Author: User
Keywords code limitations how If lang sql ip_li
Tags ereg ip ban
PhpBB


How to restrict the visitor's IP (phpBB code): /***************************************************************************
* admin_user_ban.php
* -------------------
* Begin:tuesday, Jul 31, 2001
* Copyright: (C) 2001 the PhpBB Group
* Email: [Email]support@phpbb.com[/email]
*
* $Id: admin_user_ban.php,v 1.21.2.2 2002/05/12 15:57:45 psotfx EXP $
*
*
***************************************************************************/

/***************************************************************************
* This file was part of the phpBB2 port to Nuke 6.0 (c) Copyright 2002
* by Tom Nitzschner ([Email]tom@toms-home.com[/email])
* [Url]http://bbtonuke.sourceforge.net[/url] (or [url]http://www.toms-home.com) [/url]
*
* As always, make a backup before messing with anything. All code
* Release by me was considered sample code only. It May fully
* Functual, but the use of it at your own risk, if you break it,
* You get to fix it too. No Waranty is given or implied.
*
* Please post any questions/request about this port on [Url]http://bbtonuke.sourceforge.net[/url] First,
* Then on my site. All original header code and copyright messages'll be maintained
* To give credits where is due. If you modify this, the-requirement is
* That's also maintain all original copyright messages. All my work is released
* Under the GNU general public LICENSE. Please see the README for more information.
*
***************************************************************************/

/***************************************************************************
*
* This program was free software; You can redistribute it and/or modify
* It under the terms of the GNU general public License as published by
* The free software Foundation; Either version 2 of the License, or
* (at your option) any later version.
*
***************************************************************************/

Define (' In_phpbb ', 1);

if (!empty ($setmodules))
{
$filename = basename (__file__);
$module [' Users '] [' ban_management '] = $filename;

Return
}

//
Load Default Header
//
$phpbb _root_path = './. /';
Require ($phpbb _root_path. ' Extension.inc ');
Require ('./pagestart. $phpEx);

//
Start Program
//
if (isset ($HTTP _post_vars[' submit '))
{
$user _bansql = ';
$email _bansql = ';
$ip _bansql = ';

$user _list = Array ();
if (!empty ($HTTP _post_vars[' username '))
{
$this _userdata = get_userdata ($HTTP _post_vars[' username ');
if (! $this _userdata)
{
Message_die (General_message, $lang [' no_user_id_specified ']);
}

$user _list[] = $this _userdata[' user_id ');
}

$ip _list = Array ();
if (isset ($HTTP _post_vars[' ban_ip '))
{
$ip _list_temp = Explode (', ', $HTTP _post_vars[' ban_ip ']);

for ($i = 0; $i < count ($ip _list_temp); $i + +)
{
if (Preg_match ('/^ ([0-9]{1,3}) \. ( [0-9] {1,3}) \. ([0-9]{1,3}) \. ([0-9]{1,3}) []*\-[]* ([0-9]{1,3}) \. ([0-9]{1,3}) \. ([0-9]{1,3}) \. ([0-9]{1,3}) $/', Trim ($ip _list_temp[$i]), $ip _range_explode))
{
//
Don ' t ask about all this, just don ' t ask ...! Why
//
$ip _1_counter = $ip _range_explode[1];
$ip _1_end = $ip _range_explode[5];

while ($ip _1_counter <= $ip _1_end)
{
$ip _2_counter = ($ip _1_counter = = $ip _range_explode[1])? $ip _range_explode[2]: 0;
$ip _2_end = ($ip _1_counter < $ip _1_end)? 254: $ip _range_explode[6];

if ($ip _2_counter = = 0 && $ip _2_end = = 254)
{
$ip _2_counter = 255;
$ip _2_fragment = 255;

$ip _list[] = encode_ip ("$ip _1_counter.255.255.255");
}

while ($ip _2_counter <= $ip _2_end)
{
$ip _3_counter = ($ip _2_counter = = $ip _range_explode[2] && $ip _1_counter = = $ip _range_explode[1])? $ip _range_explode[3]: 0;
$ip _3_end = ($ip _2_counter < $ip _2_end
$ip _1_counter < $ip _1_end)? 254: $ip _range_explode[7];

if ($ip _3_counter = = 0 && $ip _3_end = = 254)
{
$ip _3_counter = 255;
$ip _3_fragment = 255;

$ip _list[] = encode_ip ("$ip _1_counter. $ip _2_counter.255.255");
}

while ($ip _3_counter <= $ip _3_end)
{
$ip _4_counter = ($ip _3_counter = = $ip _range_explode[3] && $ip _2_counter = = $ip _range_explode[2] && $ip _1 _counter = = $ip _range_explode[1])? $ip _range_explode[4]: 0;
$ip _4_end = ($ip _3_counter < $ip _3_end
$ip _2_counter < $ip _2_end)? 254: $ip _range_explode[8];

if ($ip _4_counter = = 0 && $ip _4_end = = 254)
{
$ip _4_counter = 255;
$ip _4_fragment = 255;

$ip _list[] = encode_ip ("$ip _1_counter. $ip _2_counter. $ip _3_counter.255");
}

while ($ip _4_counter <= $ip _4_end)
{
$ip _list[] = encode_ip ("$ip _1_counter. $ip _2_counter. $ip _3_counter. $ip _4_counter");
$ip _4_counter++;
}
$ip _3_counter++;
}
$ip _2_counter++;
}
$ip _1_counter++;
}
}
else if (Preg_match ('/^ ([\w\-_]\.?) {2,}$/is ', trim ($ip _list_temp[$i])))
{
$ip = Gethostbynamel (Trim ($ip _list_temp[$i]);

for ($j = 0; $j < count ($ip); $j + +)
{
if (!empty ($ip [$j]))
{
$ip _list[] = encode_ip ($ip [$j]);
}
}
}
else if (Preg_match ('/^ ([0-9]{1,3}) \. ( [0-9\*] {1,3}) \. ([0-9\*]{1,3}) \. ([0-9\*]{1,3}) $/', Trim ($ip _list_temp[$i])))
{
$ip _list[] = encode_ip (Str_replace (' * ', ' 255 ', trim ($ip _list_temp[$i]));
}
}
}

$email _list = Array ();
if (isset ($HTTP _post_vars[' Ban_email '))
{
$email _list_temp = Explode (', ', $HTTP _post_vars[' Ban_email ']);

for ($i = 0; $i < count ($email _list_temp); $i + +)
{
//
This Ereg match was based on one by [Email]php@unreelpro.com[/email]
Contained in the annotated PHP manual at php.com (ereg
Section
//
if (eregi (' ^ [: alnum:]\*]+ ([-_.] [[: alnum:]\*]+] *\.?) | (\*)) @ ([[: alnum:]]+ ([-_]?[ [: Alnum:]] +)*\.) {1,3} ([[: alnum:]]{2,6}) $ ', Trim ($email _list_temp[$i])))
{
$email _list[] = Trim ($email _list_temp[$i]);
}
}
}

$sql = "SELECT *
From ". banlist_table;
if (! ( $result = $db->sql_query ($sql)))
{
Message_die (General_error, "couldn ' t obtain banlist information", "", __line__, __file__, $sql);
}

$current _banlist = $db->sql_fetchrowset ($result);
$db->sql_freeresult ($result);

$kill _session_sql = ';
for ($i = 0; $i < count ($user _list); $i + +)
{
$in _banlist = false;
for ($j = 0; $j < count ($current _banlist); $j + +)
{
if ($user _list[$i] = = $current _banlist[$j] [' Ban_userid '])
{
$in _banlist = true;
}
}

if (! $in _banlist)
{
$kill _session_sql = ($kill _session_sql! = ')? ' OR ': '). "session_user_id =". $user _list[$i];

$sql = "INSERT into". Banlist_table. "(Ban_userid)
VALUES (". $user _list[$i]. ")";
if (! $db->sql_query ($sql))
{
Message_die (General_error, "couldn ' t insert ban_userid info into Database", "", __line__, __file__, $sql);
}
}
}

for ($i = 0; $i < count ($ip _list); $i + +)
{
$in _banlist = false;
for ($j = 0; $j < count ($current _banlist); $j + +)
{
if ($ip _list[$i] = = $current _banlist[$j] [' ban_ip '])
{
$in _banlist = true;
}
}

if (! $in _banlist)
{
if (Preg_match ('/(ff\.) | (\.FF)/is ', Chunk_split ($ip _list[$i], 2, '. ')) )
{
$kill _ip_sql = "session_ip like '". Str_replace ('. ', ', Preg_replace ('/(ff\.) | (\.FF)/is ', '% ', chunk_split ($ip _list[$i], 2, "."))) . "'";
}
Else
{
$kill _ip_sql = "session_ip = '". $ip _list[$i]. "'";
}

$kill _session_sql = ($kill _session_sql! = ')? ' OR ': '). $kill _ip_sql;

$sql = "INSERT into". Banlist_table. "(BAN_IP)
VALUES (' ". $ip _list[$i]. "')";
if (! $db->sql_query ($sql))
{
Message_die (General_error, "couldn ' t insert ban_ip info into Database", "", __line__, __file__, $sql);
}
}
}

//
Now we'll delete all entries from the session table with any of the banned
User or IP info just entered into the ban table ... this would force a session
Initialisation resulting in an instant ban
//
if ($kill _session_sql! = ')
{
$sql = "DELETE from". Sessions_table. "
WHERE $kill _session_sql ";
if (! $db->sql_query ($sql))
{
Message_die (General_error, "couldn ' t delete banned sessions from database", "", __line__, __file__, $sql);
}
}

for ($i = 0; $i < count ($email _list); $i + +)
{
$in _banlist = false;
for ($j = 0; $j < count ($current _banlist); $j + +)
{
if ($email _list[$i] = = $current _banlist[$j] [' Ban_email '])
{
$in _banlist = true;
}
}

if (! $in _banlist)
{
$sql = "INSERT into". Banlist_table. "(Ban_email)
VALUES (' ". Str_replace ("'", "'", $email _list[$i]). "')";
if (! $db->sql_query ($sql))
{
Message_die (General_error, "couldn ' t insert ban_email info into Database", "", __line__, __file__, $sql);
}
}
}

$where _sql = ';

if (isset ($HTTP _post_vars[' Unban_user '))
{
$user _list = $HTTP _post_vars[' Unban_user ');

for ($i = 0; $i < count ($user _list); $i + +)
{
if ($user _list[$i]! =-1)
{
$where _sql = ($where _sql! = ')? ', ' : ' ) . $user _list[$i];
}
}
}

if (isset ($HTTP _post_vars[' unban_ip '))
{
$ip _list = $HTTP _post_vars[' unban_ip ');

for ($i = 0; $i < count ($ip _list); $i + +)
{
if ($ip _list[$i]! =-1)
{
$where _sql = ($where _sql! = ')? ', ' : ' ) . $ip _list[$i];
}
}
}

if (isset ($HTTP _post_vars[' Unban_email '))
{
$email _list = $HTTP _post_vars[' unban_email ');

for ($i = 0; $i < count ($email _list); $i + +)
{
if ($email _list[$i]! =-1)
{
$where _sql = ($where _sql! = ')? ', ' : ' ) . $email _list[$i];
}
}
}

if ($where _sql! = ')
{
$sql = "DELETE from". Banlist_table. "
WHERE ban_id in ($where _sql) ";
if (! $db->sql_query ($sql))
{
Message_die (General_error, "couldn ' t delete ban info from database", "", __line__, __file__, $sql);
}
}

$message = $lang [' ban_update_sucessful ']. '

' . sprintf ($lang [' click_return_banadmin '], ', '). '

' . sprintf ($lang [' Click_return_admin_index '], ', ');

Message_die (General_message, $message);

}
Else
{
$template->set_filenames (Array (
' Body ' = ' admin/user_ban_body.tpl ')
);

$template->assign_vars (Array (
' L_ban_title ' = $lang [' Ban_control '],
' L_ban_explain ' = $lang [' Ban_explain '],
' L_ban_explain_warn ' = $lang [' Ban_explain_warn '],
' L_ip_or_hostname ' = $lang [' Ip_hostname '],
' L_email_address ' = $lang [' email_address '],
' L_submit ' = $lang [' SUBMIT '],
' L_reset ' = $lang [' RESET '],

' S_banlist_action ' = Append_sid ("Admin_user_ban. $phpEx"))
);

$template->assign_vars (Array (
' L_ban_user ' = $lang [' Ban_username '],
' L_ban_user_explain ' = $lang [' Ban_username_explain '],
' L_ban_ip ' = $lang [' Ban_ip '],
' L_ban_ip_explain ' = $lang [' Ban_ip_explain '],
' L_ban_email ' = $lang [' Ban_email '],
' L_ban_email_explain ' = $lang [' Ban_email_explain '])
);

$userban _count = 0;
$ipban _count = 0;
$emailban _count = 0;

$sql = "Select b.ban_id, u.user_id, U.username
From ". Banlist_table. "B,". Users_table. "U
WHERE u.user_id = B.ban_userid
and B.ban_userid <> 0
and u.user_id <>. " ANONYMOUS. "
ORDER by u.user_id ASC ";
if (! ( $result = $db->sql_query ($sql)))
{
Message_die (General_error, ' Could not a Select current user_id ban list ', ' __line__, __file__, $sql);
}

$user _list = $db->sql_fetchrowset ($result);
$db->sql_freeresult ($result);

$select _userlist = ';
for ($i = 0; $i < count ($user _list); $i + +)
{
$select _userlist. = ' ' . $user _list[$i] [' username ']. '';
$userban _count++;
}

if ($select _userlist = = ')
{
$select _userlist = ' ' . $lang [' No_banned_users ']. '';
}

$select _userlist = ' ' . $select _userlist. '';

$sql = "Select ban_id, Ban_ip, Ban_email
From ". banlist_table;
if (! ( $result = $db->sql_query ($sql)))
{
Message_die (General_error, ' Could not select Current IP Ban list ', ', __line__, __file__, $sql);
}

$banlist = $db->sql_fetchrowset ($result);
$db->sql_freeresult ($result);

$select _iplist = ';
$select _emaillist = ';

for ($i = 0; $i < count ($banlist); $i + +)
{
$ban _id = $banlist [$i] [' ban_id '];

if (!empty ($banlist [$i] [' ban_ip ']))
{
$ban _ip = str_replace (' 255 ', ' * ', decode_ip ($banlist [$i] [' ban_ip ']));
$select _iplist. = ' ' . $ban _ip. '';
$ipban _count++;
}
else if (!empty ($banlist [$i] [' Ban_email ']))
{
$ban _email = $banlist [$i] [' ban_email '];
$select _emaillist. = ' ' . $ban _email. '';
$emailban _count++;
}
}

if ($select _iplist = = ')
{
$select _iplist = ' ' . $lang [' No_banned_ip ']. '';
}

if ($select _emaillist = = ')
{
$select _emaillist = ' ' . $lang [' No_banned_email ']. '';
}

$select _iplist = ' ' . $select _iplist. '';
$select _emaillist = ' ' . $select _emaillist. '';

$template->assign_vars (Array (
' L_unban_user ' = $lang [' Unban_username '],
' L_unban_user_explain ' = $lang [' Unban_username_explain '],
' L_unban_ip ' = $lang [' Unban_ip '],
' L_unban_ip_explain ' = $lang [' Unban_ip_explain '],
' L_unban_email ' = $lang [' Unban_email '],
' L_unban_email_explain ' = $lang [' Unban_email_explain '],
' L_username ' = $lang [' USERNAME '],
' L_look_up ' = $lang [' Look_up_user '],
' L_find_username ' = $lang [' Find_username '],

' U_search_user ' and Append_sid ("SEARCH $phpEx? mode=searchuser&popup=1&menu=1"),
' S_unban_userlist_select ' = $select _userlist,
' S_unban_iplist_select ' = $select _iplist,
' S_unban_emaillist_select ' = $select _emaillist,
' S_ban_action ' = Append_sid ("Admin_user_ban. $phpEx"))
);
}

$template->pparse (' body ');

Include ('./page_footer_admin. '). $PHPEX);

?>
  • Contact Us

    The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

    If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

    A Free Trial That Lets You Build Big!

    Start building with 50+ products and up to 12 months usage for Elastic Compute Service

    • Sales Support

      1 on 1 presale consultation

    • After-Sales Support

      24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.