leftypol/inc/mod/ban.php

<?php

/*
 *  Copyright (c) 2010-2013 Tinyboard Development Group
 */

if (realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {
	// You cannot request this file directly.
	exit;
}

function parse_time($str) {
	if (empty($str))
		return false;
	
	if (($time = @strtotime($str)) !== false)
		return $time;
	
	if (!preg_match('/^((\d+)\s?ye?a?r?s?)?\s?+((\d+)\s?mon?t?h?s?)?\s?+((\d+)\s?we?e?k?s?)?\s?+((\d+)\s?da?y?s?)?((\d+)\s?ho?u?r?s?)?\s?+((\d+)\s?mi?n?u?t?e?s?)?\s?+((\d+)\s?se?c?o?n?d?s?)?$/', $str, $matches))
		return false;
	
	$expire = 0;
	
	if (isset($matches[2])) {
		// Years
		$expire += $matches[2]*60*60*24*365;
	}
	if (isset($matches[4])) {
		// Months
		$expire += $matches[4]*60*60*24*30;
	}
	if (isset($matches[6])) {
		// Weeks
		$expire += $matches[6]*60*60*24*7;
	}
	if (isset($matches[8])) {
		// Days
		$expire += $matches[8]*60*60*24;
	}
	if (isset($matches[10])) {
		// Hours
		$expire += $matches[10]*60*60;
	}
	if (isset($matches[12])) {
		// Minutes
		$expire += $matches[12]*60;
	}
	if (isset($matches[14])) {
		// Seconds
		$expire += $matches[14];
	}
	
	return time() + $expire;
}

function ban($mask, $reason, $length, $board) {
	global $mod, $pdo;
	
	$query = prepare("INSERT INTO ``bans`` VALUES (NULL, :ip, :mod, :time, :expires, :reason, :board, 0)");
	$query->bindValue(':ip', $mask);
	$query->bindValue(':mod', $mod['id']);
	$query->bindValue(':time', time());
	if ($reason !== '') {
		$reason = escape_markup_modifiers($reason);
		markup($reason);
		$query->bindValue(':reason', $reason);
	} else
		$query->bindValue(':reason', null, PDO::PARAM_NULL);
	
	if ($length > 0)
		$query->bindValue(':expires', $length);
	else
		$query->bindValue(':expires', null, PDO::PARAM_NULL);
	
	if ($board)
		$query->bindValue(':board', $board);
	else
		$query->bindValue(':board', null, PDO::PARAM_NULL);
	
	$query->execute() or error(db_error($query));
	
	modLog('Created a new ' .
		($length > 0 ? preg_replace('/^(\d+) (\w+?)s?$/', '$1-$2', until($length)) : 'permanent') .
		' ban on ' .
		($board ? '/' . $board . '/' : 'all boards') .
		' for ' .
		(filter_var($mask, FILTER_VALIDATE_IP) !== false ? "<a href=\"?/IP/$mask\">$mask</a>" : utf8tohtml($mask)) .
		' (<small>#' . $pdo->lastInsertId() . '</small>)' .
		' with ' . ($reason ? 'reason: ' . utf8tohtml($reason) . '' : 'no reason'));
}

function unban($id) {
	$query = prepare("SELECT `ip` FROM ``bans`` WHERE `id` = :id");
	$query->bindValue(':id', $id);
	$query->execute() or error(db_error($query));
	$mask = $query->fetchColumn();
		
	$query = prepare("DELETE FROM ``bans`` WHERE `id` = :id");
	$query->bindValue(':id', $id);
	$query->execute() or error(db_error($query));
	
	if ($mask)
		modLog("Removed ban #{$id} for " . (filter_var($mask, FILTER_VALIDATE_IP) !== false ? "<a href=\"?/IP/$mask\">$mask</a>" : utf8tohtml($mask)));
}
View IP adress page, ban form. 2012-04-12 23:29:08 +00:00			`<?php`

			`/*`
Copyright and license update for 2013. 2013-01-20 10:23:46 +00:00			`* Copyright (c) 2010-2013 Tinyboard Development Group`
View IP adress page, ban form. 2012-04-12 23:29:08 +00:00			`*/`

			`if (realpath($_SERVER['SCRIPT_FILENAME']) == str_replace('\\', '/', __FILE__)) {`
			`// You cannot request this file directly.`
			`exit;`
			`}`

			`function parse_time($str) {`
view bans / unban 2012-04-12 23:47:27 +00:00			`if (empty($str))`
View IP adress page, ban form. 2012-04-12 23:29:08 +00:00			`return false;`

			`if (($time = @strtotime($str)) !== false)`
			`return $time;`

various improvements 2012-04-16 06:40:24 +00:00			`if (!preg_match('/^((\d+)\s?ye?a?r?s?)?\s?+((\d+)\s?mon?t?h?s?)?\s?+((\d+)\s?we?e?k?s?)?\s?+((\d+)\s?da?y?s?)?((\d+)\s?ho?u?r?s?)?\s?+((\d+)\s?mi?n?u?t?e?s?)?\s?+((\d+)\s?se?c?o?n?d?s?)?$/', $str, $matches))`
View IP adress page, ban form. 2012-04-12 23:29:08 +00:00			`return false;`

various improvements 2012-04-16 06:40:24 +00:00			`$expire = 0;`

			`if (isset($matches[2])) {`
View IP adress page, ban form. 2012-04-12 23:29:08 +00:00			`// Years`
various improvements 2012-04-16 06:40:24 +00:00			`$expire += $matches[2]606024365;`
View IP adress page, ban form. 2012-04-12 23:29:08 +00:00			`}`
various improvements 2012-04-16 06:40:24 +00:00			`if (isset($matches[4])) {`
View IP adress page, ban form. 2012-04-12 23:29:08 +00:00			`// Months`
various improvements 2012-04-16 06:40:24 +00:00			`$expire += $matches[4]60602430;`
View IP adress page, ban form. 2012-04-12 23:29:08 +00:00			`}`
various improvements 2012-04-16 06:40:24 +00:00			`if (isset($matches[6])) {`
View IP adress page, ban form. 2012-04-12 23:29:08 +00:00			`// Weeks`
various improvements 2012-04-16 06:40:24 +00:00			`$expire += $matches[6]6060247;`
View IP adress page, ban form. 2012-04-12 23:29:08 +00:00			`}`
various improvements 2012-04-16 06:40:24 +00:00			`if (isset($matches[8])) {`
View IP adress page, ban form. 2012-04-12 23:29:08 +00:00			`// Days`
various improvements 2012-04-16 06:40:24 +00:00			`$expire += $matches[8]6060*24;`
View IP adress page, ban form. 2012-04-12 23:29:08 +00:00			`}`
various improvements 2012-04-16 06:40:24 +00:00			`if (isset($matches[10])) {`
View IP adress page, ban form. 2012-04-12 23:29:08 +00:00			`// Hours`
various improvements 2012-04-16 06:40:24 +00:00			`$expire += $matches[10]6060;`
View IP adress page, ban form. 2012-04-12 23:29:08 +00:00			`}`
various improvements 2012-04-16 06:40:24 +00:00			`if (isset($matches[12])) {`
View IP adress page, ban form. 2012-04-12 23:29:08 +00:00			`// Minutes`
various improvements 2012-04-16 06:40:24 +00:00			`$expire += $matches[12]*60;`
View IP adress page, ban form. 2012-04-12 23:29:08 +00:00			`}`
various improvements 2012-04-16 06:40:24 +00:00			`if (isset($matches[14])) {`
View IP adress page, ban form. 2012-04-12 23:29:08 +00:00			`// Seconds`
various improvements 2012-04-16 06:40:24 +00:00			`$expire += $matches[14];`
View IP adress page, ban form. 2012-04-12 23:29:08 +00:00			`}`

various improvements 2012-04-16 06:40:24 +00:00			`return time() + $expire;`
View IP adress page, ban form. 2012-04-12 23:29:08 +00:00			`}`

			`function ban($mask, $reason, $length, $board) {`
various improvements 2012-04-16 06:40:24 +00:00			`global $mod, $pdo;`
View IP adress page, ban form. 2012-04-12 23:29:08 +00:00
Add optional database table prefix (issue #118; see issue comments for details) 2013-08-01 02:14:26 +00:00			$query = prepare("INSERT INTO ``bans`` VALUES (NULL, :ip, :mod, :time, :expires, :reason, :board, 0)");
View IP adress page, ban form. 2012-04-12 23:29:08 +00:00			`$query->bindValue(':ip', $mask);`
			`$query->bindValue(':mod', $mod['id']);`
view bans / unban 2012-04-12 23:47:27 +00:00			`$query->bindValue(':time', time());`
			`if ($reason !== '') {`
markup modifiers: there was a plan for adding markup to ban reasons, but assignment was missing; escape markup there too 2013-08-01 00:33:27 +00:00			`$reason = escape_markup_modifiers($reason);`
fix previous commit; markup is called via reference 2013-08-01 00:41:56 +00:00			`markup($reason);`
View IP adress page, ban form. 2012-04-12 23:29:08 +00:00			`$query->bindValue(':reason', $reason);`
view bans / unban 2012-04-12 23:47:27 +00:00			`} else`
View IP adress page, ban form. 2012-04-12 23:29:08 +00:00			`$query->bindValue(':reason', null, PDO::PARAM_NULL);`

			`if ($length > 0)`
view bans / unban 2012-04-12 23:47:27 +00:00			`$query->bindValue(':expires', $length);`
View IP adress page, ban form. 2012-04-12 23:29:08 +00:00			`else`
			`$query->bindValue(':expires', null, PDO::PARAM_NULL);`

			`if ($board)`
			`$query->bindValue(':board', $board);`
			`else`
			`$query->bindValue(':board', null, PDO::PARAM_NULL);`

			`$query->execute() or error(db_error($query));`
various improvements 2012-04-16 06:40:24 +00:00
more information in modlog for bans 2012-05-07 14:42:17 +00:00			`modLog('Created a new ' .`
			`($length > 0 ? preg_replace('/^(\d+) (\w+?)s?$/', '$1-$2', until($length)) : 'permanent') .`
Mod log in ?/IP (ie. ban history) 2013-03-16 07:27:24 +00:00			`' ban on ' .`
			`($board ? '/' . $board . '/' : 'all boards') .`
			`' for ' .`
more information in modlog for bans 2012-05-07 14:42:17 +00:00			`(filter_var($mask, FILTER_VALIDATE_IP) !== false ? "<a href=\"?/IP/$mask\">$mask</a>" : utf8tohtml($mask)) .`
Mod log in ?/IP (ie. ban history) 2013-03-16 07:27:24 +00:00			`' (<small>#' . $pdo->lastInsertId() . '</small>)' .`
more information in modlog for bans 2012-05-07 14:42:17 +00:00			`' with ' . ($reason ? 'reason: ' . utf8tohtml($reason) . '' : 'no reason'));`
View IP adress page, ban form. 2012-04-12 23:29:08 +00:00			`}`
view bans / unban 2012-04-12 23:47:27 +00:00
Mod log in ?/IP (ie. ban history) 2013-03-16 07:27:24 +00:00			`function unban($id) {`
Add optional database table prefix (issue #118; see issue comments for details) 2013-08-01 02:14:26 +00:00			$query = prepare("SELECT `ip` FROM ``bans`` WHERE `id` = :id");
Mod log in ?/IP (ie. ban history) 2013-03-16 07:27:24 +00:00			`$query->bindValue(':id', $id);`
			`$query->execute() or error(db_error($query));`
			`$mask = $query->fetchColumn();`

Add optional database table prefix (issue #118; see issue comments for details) 2013-08-01 02:14:26 +00:00			$query = prepare("DELETE FROM ``bans`` WHERE `id` = :id");
view bans / unban 2012-04-12 23:47:27 +00:00			`$query->bindValue(':id', $id);`
			`$query->execute() or error(db_error($query));`
various improvements 2012-04-16 06:40:24 +00:00
Mod log in ?/IP (ie. ban history) 2013-03-16 07:27:24 +00:00			`if ($mask)`
			`modLog("Removed ban #{$id} for " . (filter_var($mask, FILTER_VALIDATE_IP) !== false ? "<a href=\"?/IP/$mask\">$mask</a>" : utf8tohtml($mask)));`
view bans / unban 2012-04-12 23:47:27 +00:00			`}`