How to restrict the visitor's IP (phpBB code)

How to restrict the visitor's IP (phpBB code) _php

Last Update:2016-06-01 Source: Internet

Author: User

Keywords code limitations how If lang sql ip_li

Tags ereg ip ban

Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞

PhpBB

How to restrict the visitor's IP (phpBB code): /***************************************************************************
* admin_user_ban.php
* -------------------
* Begin:tuesday, Jul 31, 2001
* Copyright: (C) 2001 the PhpBB Group
* Email: [Email]support@phpbb.com[/email]
*
* $Id: admin_user_ban.php,v 1.21.2.2 2002/05/12 15:57:45 psotfx EXP $
*
*
***************************************************************************/

/***************************************************************************
* This file was part of the phpBB2 port to Nuke 6.0 (c) Copyright 2002
* by Tom Nitzschner ([Email]tom@toms-home.com[/email])
* [Url]http://bbtonuke.sourceforge.net[/url] (or [url]http://www.toms-home.com) [/url]
*
* As always, make a backup before messing with anything. All code
* Release by me was considered sample code only. It May fully
* Functual, but the use of it at your own risk, if you break it,
* You get to fix it too. No Waranty is given or implied.
*
* Please post any questions/request about this port on [Url]http://bbtonuke.sourceforge.net[/url] First,
* Then on my site. All original header code and copyright messages'll be maintained
* To give credits where is due. If you modify this, the-requirement is
* That's also maintain all original copyright messages. All my work is released
* Under the GNU general public LICENSE. Please see the README for more information.
*
***************************************************************************/

/***************************************************************************
*
* This program was free software; You can redistribute it and/or modify
* It under the terms of the GNU general public License as published by
* The free software Foundation; Either version 2 of the License, or
* (at your option) any later version.
*
***************************************************************************/

Define (' In_phpbb ', 1);

if (!empty ($setmodules))
{
$filename = basename (__file__);
$module [' Users '] [' ban_management '] = $filename;

Return
}

//
Load Default Header
//
$phpbb _root_path = './. /';
Require ($phpbb _root_path. ' Extension.inc ');
Require ('./pagestart. $phpEx);

//
Start Program
//
if (isset ($HTTP _post_vars[' submit '))
{
$user _bansql = ';
$email _bansql = ';
$ip _bansql = ';

$user _list = Array ();
if (!empty ($HTTP _post_vars[' username '))
{
$this _userdata = get_userdata ($HTTP _post_vars[' username ');
if (! $this _userdata)
{
Message_die (General_message, $lang [' no_user_id_specified ']);
}

$user _list[] = $this _userdata[' user_id ');
}

$ip _list = Array ();
if (isset ($HTTP _post_vars[' ban_ip '))
{
$ip _list_temp = Explode (', ', $HTTP _post_vars[' ban_ip ']);

for ($i = 0; $i < count ($ip _list_temp); $i + +)
{
if (Preg_match ('/^ ([0-9]{1,3}) \. ( [0-9] {1,3}) \. ([0-9]{1,3}) \. ([0-9]{1,3}) []*\-[]* ([0-9]{1,3}) \. ([0-9]{1,3}) \. ([0-9]{1,3}) \. ([0-9]{1,3}) $/', Trim ($ip _list_temp[$i]), $ip _range_explode))
{
//
Don ' t ask about all this, just don ' t ask ...! Why
//
$ip _1_counter = $ip _range_explode[1];
$ip _1_end = $ip _range_explode[5];

while ($ip _1_counter <= $ip _1_end)
{
$ip _2_counter = ($ip _1_counter = = $ip _range_explode[1])? $ip _range_explode[2]: 0;
$ip _2_end = ($ip _1_counter < $ip _1_end)? 254: $ip _range_explode[6];

if ($ip _2_counter = = 0 && $ip _2_end = = 254)
{
$ip _2_counter = 255;
$ip _2_fragment = 255;

$ip _list[] = encode_ip ("$ip _1_counter.255.255.255");
}

while ($ip _2_counter <= $ip _2_end)
{
$ip _3_counter = ($ip _2_counter = = $ip _range_explode[2] && $ip _1_counter = = $ip _range_explode[1])? $ip _range_explode[3]: 0;
$ip _3_end = ($ip _2_counter < $ip _2_end
$ip _1_counter < $ip _1_end)? 254: $ip _range_explode[7];

if ($ip _3_counter = = 0 && $ip _3_end = = 254)
{
$ip _3_counter = 255;
$ip _3_fragment = 255;

$ip _list[] = encode_ip ("$ip _1_counter. $ip _2_counter.255.255");
}

while ($ip _3_counter <= $ip _3_end)
{
$ip _4_counter = ($ip _3_counter = = $ip _range_explode[3] && $ip _2_counter = = $ip _range_explode[2] && $ip _1 _counter = = $ip _range_explode[1])? $ip _range_explode[4]: 0;
$ip _4_end = ($ip _3_counter < $ip _3_end
$ip _2_counter < $ip _2_end)? 254: $ip _range_explode[8];

if ($ip _4_counter = = 0 && $ip _4_end = = 254)
{
$ip _4_counter = 255;
$ip _4_fragment = 255;

$ip _list[] = encode_ip ("$ip _1_counter. $ip _2_counter. $ip _3_counter.255");
}

while ($ip _4_counter <= $ip _4_end)
{
$ip _list[] = encode_ip ("$ip _1_counter. $ip _2_counter. $ip _3_counter. $ip _4_counter");
$ip _4_counter++;
}
$ip _3_counter++;
}
$ip _2_counter++;
}
$ip _1_counter++;
}
}
else if (Preg_match ('/^ ([\w\-_]\.?) {2,}$/is ', trim ($ip _list_temp[$i])))
{
$ip = Gethostbynamel (Trim ($ip _list_temp[$i]);

for ($j = 0; $j < count ($ip); $j + +)
{
if (!empty ($ip [$j]))
{
$ip _list[] = encode_ip ($ip [$j]);
}
}
}
else if (Preg_match ('/^ ([0-9]{1,3}) \. ( [0-9\*] {1,3}) \. ([0-9\*]{1,3}) \. ([0-9\*]{1,3}) $/', Trim ($ip _list_temp[$i])))
{
$ip _list[] = encode_ip (Str_replace (' * ', ' 255 ', trim ($ip _list_temp[$i]));
}
}
}

$email _list = Array ();
if (isset ($HTTP _post_vars[' Ban_email '))
{
$email _list_temp = Explode (', ', $HTTP _post_vars[' Ban_email ']);

for ($i = 0; $i < count ($email _list_temp); $i + +)
{
//
This Ereg match was based on one by [Email]php@unreelpro.com[/email]
Contained in the annotated PHP manual at php.com (ereg
Section
//
if (eregi (' ^ [: alnum:]\*]+ ([-_.] [[: alnum:]\*]+] *\.?) | (\*)) @ ([[: alnum:]]+ ([-_]?[ [: Alnum:]] +)*\.) {1,3} ([[: alnum:]]{2,6}) $ ', Trim ($email _list_temp[$i])))
{
$email _list[] = Trim ($email _list_temp[$i]);
}
}
}

$sql = "SELECT *
From ". banlist_table;
if (! ( $result = $db->sql_query ($sql)))
{
Message_die (General_error, "couldn ' t obtain banlist information", "", __line__, __file__, $sql);
}

$current _banlist = $db->sql_fetchrowset ($result);
$db->sql_freeresult ($result);

$kill _session_sql = ';
for ($i = 0; $i < count ($user _list); $i + +)
{
$in _banlist = false;
for ($j = 0; $j < count ($current _banlist); $j + +)
{
if ($user _list[$i] = = $current _banlist[$j] [' Ban_userid '])
{
$in _banlist = true;
}
}

if (! $in _banlist)
{
$kill _session_sql = ($kill _session_sql! = ')? ' OR ': '). "session_user_id =". $user _list[$i];

$sql = "INSERT into". Banlist_table. "(Ban_userid)
VALUES (". $user _list[$i]. ")";
if (! $db->sql_query ($sql))
{
Message_die (General_error, "couldn ' t insert ban_userid info into Database", "", __line__, __file__, $sql);
}
}
}

for ($i = 0; $i < count ($ip _list); $i + +)
{
$in _banlist = false;
for ($j = 0; $j < count ($current _banlist); $j + +)
{
if ($ip _list[$i] = = $current _banlist[$j] [' ban_ip '])
{
$in _banlist = true;
}
}

if (! $in _banlist)
{
if (Preg_match ('/(ff\.) | (\.FF)/is ', Chunk_split ($ip _list[$i], 2, '. ')) )
{
$kill _ip_sql = "session_ip like '". Str_replace ('. ', ', Preg_replace ('/(ff\.) | (\.FF)/is ', '% ', chunk_split ($ip _list[$i], 2, "."))) . "'";
}
Else
{
$kill _ip_sql = "session_ip = '". $ip _list[$i]. "'";
}

$kill _session_sql = ($kill _session_sql! = ')? ' OR ': '). $kill _ip_sql;

$sql = "INSERT into". Banlist_table. "(BAN_IP)
VALUES (' ". $ip _list[$i]. "')";
if (! $db->sql_query ($sql))
{
Message_die (General_error, "couldn ' t insert ban_ip info into Database", "", __line__, __file__, $sql);
}
}
}

//
Now we'll delete all entries from the session table with any of the banned
User or IP info just entered into the ban table ... this would force a session
Initialisation resulting in an instant ban
//
if ($kill _session_sql! = ')
{
$sql = "DELETE from". Sessions_table. "
WHERE $kill _session_sql ";
if (! $db->sql_query ($sql))
{
Message_die (General_error, "couldn ' t delete banned sessions from database", "", __line__, __file__, $sql);
}
}

for ($i = 0; $i < count ($email _list); $i + +)
{
$in _banlist = false;
for ($j = 0; $j < count ($current _banlist); $j + +)
{
if ($email _list[$i] = = $current _banlist[$j] [' Ban_email '])
{
$in _banlist = true;
}
}

if (! $in _banlist)
{
$sql = "INSERT into". Banlist_table. "(Ban_email)
VALUES (' ". Str_replace ("'", "'", $email _list[$i]). "')";
if (! $db->sql_query ($sql))
{
Message_die (General_error, "couldn ' t insert ban_email info into Database", "", __line__, __file__, $sql);
}
}
}

$where _sql = ';

if (isset ($HTTP _post_vars[' Unban_user '))
{
$user _list = $HTTP _post_vars[' Unban_user ');

for ($i = 0; $i < count ($user _list); $i + +)
{
if ($user _list[$i]! =-1)
{
$where _sql = ($where _sql! = ')? ', ' : ' ) . $user _list[$i];
}
}
}

if (isset ($HTTP _post_vars[' unban_ip '))
{
$ip _list = $HTTP _post_vars[' unban_ip ');

for ($i = 0; $i < count ($ip _list); $i + +)
{
if ($ip _list[$i]! =-1)
{
$where _sql = ($where _sql! = ')? ', ' : ' ) . $ip _list[$i];
}
}
}

if (isset ($HTTP _post_vars[' Unban_email '))
{
$email _list = $HTTP _post_vars[' unban_email ');

for ($i = 0; $i < count ($email _list); $i + +)
{
if ($email _list[$i]! =-1)
{
$where _sql = ($where _sql! = ')? ', ' : ' ) . $email _list[$i];
}
}
}

if ($where _sql! = ')
{
$sql = "DELETE from". Banlist_table. "
WHERE ban_id in ($where _sql) ";
if (! $db->sql_query ($sql))
{
Message_die (General_error, "couldn ' t delete ban info from database", "", __line__, __file__, $sql);
}
}

$message = $lang [' ban_update_sucessful ']. '

' . sprintf ($lang [' click_return_banadmin '], ', '). '

' . sprintf ($lang [' Click_return_admin_index '], ', ');

Message_die (General_message, $message);

}
Else
{
$template->set_filenames (Array (
' Body ' = ' admin/user_ban_body.tpl ')
);

$template->assign_vars (Array (
' L_ban_title ' = $lang [' Ban_control '],
' L_ban_explain ' = $lang [' Ban_explain '],
' L_ban_explain_warn ' = $lang [' Ban_explain_warn '],
' L_ip_or_hostname ' = $lang [' Ip_hostname '],
' L_email_address ' = $lang [' email_address '],
' L_submit ' = $lang [' SUBMIT '],
' L_reset ' = $lang [' RESET '],

' S_banlist_action ' = Append_sid ("Admin_user_ban. $phpEx"))
);

$template->assign_vars (Array (
' L_ban_user ' = $lang [' Ban_username '],
' L_ban_user_explain ' = $lang [' Ban_username_explain '],
' L_ban_ip ' = $lang [' Ban_ip '],
' L_ban_ip_explain ' = $lang [' Ban_ip_explain '],
' L_ban_email ' = $lang [' Ban_email '],
' L_ban_email_explain ' = $lang [' Ban_email_explain '])
);

$userban _count = 0;
$ipban _count = 0;
$emailban _count = 0;

$sql = "Select b.ban_id, u.user_id, U.username
From ". Banlist_table. "B,". Users_table. "U
WHERE u.user_id = B.ban_userid
and B.ban_userid <> 0
and u.user_id <>. " ANONYMOUS. "
ORDER by u.user_id ASC ";
if (! ( $result = $db->sql_query ($sql)))
{
Message_die (General_error, ' Could not a Select current user_id ban list ', ' __line__, __file__, $sql);
}

$user _list = $db->sql_fetchrowset ($result);
$db->sql_freeresult ($result);

$select _userlist = ';
for ($i = 0; $i < count ($user _list); $i + +)
{
$select _userlist. = ' ' . $user _list[$i] [' username ']. '';
$userban _count++;
}

if ($select _userlist = = ')
{
$select _userlist = ' ' . $lang [' No_banned_users ']. '';
}

$select _userlist = ' ' . $select _userlist. '';

$sql = "Select ban_id, Ban_ip, Ban_email
From ". banlist_table;
if (! ( $result = $db->sql_query ($sql)))
{
Message_die (General_error, ' Could not select Current IP Ban list ', ', __line__, __file__, $sql);
}

$banlist = $db->sql_fetchrowset ($result);
$db->sql_freeresult ($result);

$select _iplist = ';
$select _emaillist = ';

for ($i = 0; $i < count ($banlist); $i + +)
{
$ban _id = $banlist [$i] [' ban_id '];

if (!empty ($banlist [$i] [' ban_ip ']))
{
$ban _ip = str_replace (' 255 ', ' * ', decode_ip ($banlist [$i] [' ban_ip ']));
$select _iplist. = ' ' . $ban _ip. '';
$ipban _count++;
}
else if (!empty ($banlist [$i] [' Ban_email ']))
{
$ban _email = $banlist [$i] [' ban_email '];
$select _emaillist. = ' ' . $ban _email. '';
$emailban _count++;
}
}

if ($select _iplist = = ')
{
$select _iplist = ' ' . $lang [' No_banned_ip ']. '';
}

if ($select _emaillist = = ')
{
$select _emaillist = ' ' . $lang [' No_banned_email ']. '';
}

$select _iplist = ' ' . $select _iplist. '';
$select _emaillist = ' ' . $select _emaillist. '';

$template->assign_vars (Array (
' L_unban_user ' = $lang [' Unban_username '],
' L_unban_user_explain ' = $lang [' Unban_username_explain '],
' L_unban_ip ' = $lang [' Unban_ip '],
' L_unban_ip_explain ' = $lang [' Unban_ip_explain '],
' L_unban_email ' = $lang [' Unban_email '],
' L_unban_email_explain ' = $lang [' Unban_email_explain '],
' L_username ' = $lang [' USERNAME '],
' L_look_up ' = $lang [' Look_up_user '],
' L_find_username ' = $lang [' Find_username '],

' U_search_user ' and Append_sid ("SEARCH $phpEx? mode=searchuser&popup=1&menu=1"),
' S_unban_userlist_select ' = $select _userlist,
' S_unban_iplist_select ' = $select _iplist,
' S_unban_emaillist_select ' = $select _emaillist,
' S_ban_action ' = Append_sid ("Admin_user_ban. $phpEx"))
);
}

$template->pparse (' body ');

Include ('./page_footer_admin. '). $PHPEX);

?>



This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More