PageRenderTime 46ms CodeModel.GetById 20ms RepoModel.GetById 0ms app.codeStats 0ms

/include/admin/banlist.php

https://bitbucket.org/webop/webop-forum
PHP | 244 lines | 198 code | 25 blank | 21 comment | 26 complexity | f0f32ed52e326ef956c74a39402ad918 MD5 | raw file
Possible License(s): LGPL-2.1
  1. <?php
  2. ////////////////////////////////////////////////////////////////////////////////
  3. // //
  4. // Copyright (C) 2010 Phorum Development Team //
  5. // http://www.phorum.org //
  6. // //
  7. // This program is free software. You can redistribute it and/or modify //
  8. // it under the terms of either the current Phorum License (viewable at //
  9. // phorum.org) or the Phorum License that was distributed with this file //
  10. // //
  11. // This program is distributed in the hope that it will be useful, //
  12. // but WITHOUT ANY WARRANTY, without even the implied warranty of //
  13. // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. //
  14. // //
  15. // You should have received a copy of the Phorum License //
  16. // along with this program. //
  17. ////////////////////////////////////////////////////////////////////////////////
  18. if(!defined("PHORUM_ADMIN")) return;
  19. $error="";
  20. $curr="NEW";
  21. $ban_types = array(PHORUM_BAD_IPS=>"IP Address/Hostname", PHORUM_BAD_NAMES=>"Name/User Name", PHORUM_BAD_EMAILS=>"Email Address", PHORUM_BAD_USERID=>"User-Id (registered User)", PHORUM_BAD_SPAM_WORDS=>"Illegal Words (SPAM)");
  22. $match_types = array("String", "PCRE");
  23. $forum_list=phorum_get_forum_info(2);
  24. $forum_list[0]="GLOBAL";
  25. if(count($_POST) && $_POST["string"]!=""){
  26. if($_POST["curr"]!="NEW"){
  27. $ret=phorum_db_mod_banlists($_POST['type'],$_POST['pcre'],$_POST['string'],$_POST['forum_id'],$_POST['comments'],$_POST['curr']);
  28. if(isset($PHORUM['cache_banlists']) && $PHORUM['cache_banlists']) {
  29. // we need to increase the version in that case to
  30. // invalidate them all in the cache.
  31. // TODO: I think I have to work out a way to make the same
  32. // work with vroots
  33. if($_POST['forum_id'] == 0) {
  34. $PHORUM['banlist_version'] = $PHORUM['banlist_version'] + 1;
  35. phorum_db_update_settings(array('banlist_version'=>$PHORUM['banlist_version']));
  36. } else {
  37. // remove the one for that forum
  38. phorum_cache_remove('banlist',$_POST['forum_id']);
  39. }
  40. }
  41. } else {
  42. $ret=phorum_db_mod_banlists($_POST['type'],$_POST['pcre'],$_POST['string'],$_POST['forum_id'],$_POST['comments'],0);
  43. }
  44. if(!$ret){
  45. $error="Database error while updating settings.";
  46. } else {
  47. phorum_admin_okmsg("Ban Item Updated");
  48. }
  49. }
  50. if(isset($_POST["curr"]) && isset($_POST["delete"]) && $_POST["confirm"]=="Yes"){
  51. phorum_db_del_banitem((int)$_POST['curr']);
  52. phorum_admin_okmsg("Ban Item Deleted");
  53. }
  54. if(isset($_GET["curr"])){
  55. $curr = (int)$_GET["curr"];
  56. }
  57. if($curr!="NEW"){
  58. extract(phorum_db_get_banitem($curr));
  59. $title="Edit Ban Item";
  60. $submit="Update";
  61. } else {
  62. $title="Add A Ban Item";
  63. $submit="Add";
  64. }
  65. settype($string, "string");
  66. settype($comments, "string");
  67. settype($type, "int");
  68. settype($pcre, "int");
  69. settype($forum_id,"int");
  70. if($error){
  71. phorum_admin_error($error);
  72. }
  73. if($_GET["curr"] && $_GET["delete"]){
  74. ?>
  75. <div class="PhorumInfoMessage">
  76. Are you sure you want to delete this entry?
  77. <form action="<?php echo phorum_admin_build_url('base'); ?>" method="post">
  78. <input type="hidden" name="phorum_admin_token" value="<?php echo $PHORUM['admin_token'];?>" />
  79. <input type="hidden" name="module" value="<?php echo $module; ?>" />
  80. <input type="hidden" name="curr" value="<?php echo htmlspecialchars($_GET['curr']) ?>" />
  81. <input type="hidden" name="delete" value="1" />
  82. <input type="submit" name="confirm" value="Yes" />&nbsp;<input type="submit" name="confirm" value="No" />
  83. </form>
  84. </div>
  85. <?php
  86. } else {
  87. include_once "./include/admin/PhorumInputForm.php";
  88. $frm = new PhorumInputForm ("", "post", $submit);
  89. $frm->hidden("module", "banlist");
  90. $frm->hidden("curr", "$curr");
  91. $frm->addbreak($title);
  92. if ($curr == "NEW") $frm->addmessage(
  93. "Ban items can be used to deny new user registrations and
  94. posting of (private) messages, based on various criteria.
  95. If a ban item applies to a user action, then this action
  96. will be fully blocked by Phorum. This can for example be used
  97. to block user registrations and postings from certain IP
  98. addresses or to prevent certain words from being used in
  99. forum messages.<br />
  100. <br />
  101. If you want to fully ban a user, then it's best to
  102. set \"Active\" to \"No\" for the user in the
  103. \"Edit Users\" interface."
  104. );
  105. $frm->addrow("String To Match", $frm->text_box("string", $string, 50));
  106. $row = $frm->addrow("Field To Match", $frm->select_tag("type", $ban_types, $type));
  107. $frm->addhelp($row, "Field To Match", "
  108. Below, you will find an overview of what
  109. ban items are used by what Phorum actions:<br/>
  110. <br/>
  111. <b>User registration</b>:<br/>
  112. \"Name/User Name\" checks the new username<br/>
  113. \"Email Address\" checks the new email address<br/>
  114. \"IP Address/Hostname\" checks the visitor's IP<br/>
  115. <br/>
  116. <b>Posting forum messages by anonymous users</b><br/>
  117. \"Name/User Name\" checks the author's name<br/>
  118. \"Email Address\" checks the author's email address<br/>
  119. \"Illegal Words (SPAM)\" checks the subject and body<br/>
  120. \"IP Address/Hostname\" checks the author's IP<br/>
  121. <br/>
  122. <b>Posting forum messages by registered users</b><br/>
  123. \"Name/User Name\" checks the author's username<br/>
  124. \"User-Id (registered User)\" checks the author's user id<br/>
  125. \"Email Address\" checks the author's email address<br/>
  126. \"IP Address/Hostname\" checks the author's IP<br/>
  127. \"Illegal Words (SPAM)\" checks the subject and body<br/>
  128. <br/>
  129. <b>Posting private messages</b><br/>
  130. \"Name/User Name\" checks the sender's username<br/>
  131. \"User-Id (registered User)\" checks the sender's user id<br/>
  132. \"Email Address\" checks the sender's email address<br/>
  133. \"IP Address/Hostname\" checks the sender's IP
  134. ");
  135. $row = $frm->addrow("Compare As", $frm->select_tag("pcre", $match_types, $pcre) . "<div style=\"font-size:x-small\">If using PCRE for comparison, \"String To Match\" should be a valid PCRE expression.<br/>See <a href=\"http://php.net/pcre\" target=\"_blank\">the PHP manual</a> for more information about PCRE.</div>");
  136. $frm->addhelp($row, "Compare As", "
  137. This setting can be used to specify the matching method
  138. that has to be used for the ban item. There are two options:<br/>
  139. <br/>
  140. <ul>
  141. <li><b>String</b><br/>
  142. The exact string from the \"String To Match\" field
  143. will be used for matching. Wildcards are not available
  144. for the String field type.<br/><br/></li>
  145. <li><b>PCRE</b><br/>
  146. The \"String To Match\" field will be treated as
  147. a <a href=\"http://www.php.net/pcre\">Perl Compatible
  148. Regular Expression</a>.</li>
  149. </ul>
  150. ");
  151. $frm->addrow("Valid for Forum", $frm->select_tag("forum_id", $forum_list, $forum_id));
  152. $row = $frm->addrow(
  153. 'Comments',
  154. $frm->textarea('comments', $comments, 50, 7)
  155. );
  156. $frm->addhelp($row, "Comments",
  157. "This field can be used to add some comments to the ban (why you
  158. created it, when you did this, when the ban can be deleted, etc.)
  159. These comments will only be shown on this page and are meant as
  160. a means for the administrator to do some bookkeeping."
  161. );
  162. $frm->show();
  163. if($curr=="NEW"){
  164. $PHORUM['banlists']=phorum_db_get_banlists(true);
  165. unset($PHORUM['banlists'][PHORUM_BAD_WORDS]);
  166. echo "<hr class=\"PhorumAdminHR\" />";
  167. if(count($PHORUM['banlists'])){
  168. echo "<table border=\"0\" cellspacing=\"1\" cellpadding=\"0\" class=\"PhorumAdminTable\" width=\"100%\">\n";
  169. echo "<tr>\n";
  170. echo " <td class=\"PhorumAdminTableHead\">String</td>\n";
  171. echo " <td class=\"PhorumAdminTableHead\">Field</td>\n";
  172. echo " <td class=\"PhorumAdminTableHead\">Compare Method</td>\n";
  173. echo " <td class=\"PhorumAdminTableHead\">Valid for Forum</td>\n";
  174. echo " <td class=\"PhorumAdminTableHead\">&nbsp;</td>\n";
  175. echo "</tr>\n";
  176. foreach($PHORUM["banlists"] as $type => $content){
  177. $t_last_string = '';
  178. foreach($content as $key => $item){
  179. $edit_url = phorum_admin_build_url(array('module=banlist','edit=1',"curr=$key"));
  180. $delete_url = phorum_admin_build_url(array('module=banlist','delete=1',"curr=$key"));
  181. $ta_class = "PhorumAdminTableRow".($ta_class == "PhorumAdminTableRow" ? "Alt" : "");
  182. echo "<tr>\n";
  183. echo " <td class=\"".$ta_class."\"".($item["string"] == $t_last_string ? " style=\"color:red;\"" : "").">".htmlspecialchars($item['string'])."</td>\n";
  184. echo " <td class=\"".$ta_class."\">".$ban_types[$type]."</td>\n";
  185. echo " <td class=\"".$ta_class."\">".$match_types[$item["pcre"]]."</td>\n";
  186. echo " <td class=\"".$ta_class."\">".$forum_list[$item["forum_id"]]."</td>\n";
  187. echo " <td class=\"".$ta_class."\"><a href=\"$edit_url\">Edit</a>&nbsp;&#149;&nbsp;<a href=\"$delete_url\">Delete</a></td>\n";
  188. echo "</tr>\n";
  189. $t_last_string = $item["string"];
  190. }
  191. }
  192. echo "</table>\n";
  193. } else {
  194. echo "No bans in list currently.";
  195. }
  196. }
  197. }
  198. ?>