From 4c1935a6b6ec8d8cb95c6b5af3399927d30fbe66 Mon Sep 17 00:00:00 2001
From: Savetheinternet <savetheinternet@tinyboard.org>
Date: Wed, 27 Jul 2011 13:40:27 +1000
Subject: [PATCH] per-board bans

---
 inc/functions.php | 19 +++++++++++++------
 inc/mod.php       | 23 +++++++++++++++++++++++
 mod.php           | 42 +++++++++++++++++++++++++++++++++---------
 post.php          | 22 +++++++++-------------
 4 files changed, 78 insertions(+), 28 deletions(-)
diff --git a/inc/functions.php b/inc/functions.php
index 91b68bfc..c8d52160 100644
--- a/inc/functions.php
+++ b/inc/functions.php
@@ -400,7 +400,12 @@
 		
 		$body = '<div class="ban">
 		<h2>You are banned! ;_;</h2>
-		<p>You have been banned ' .
+		<p>You have been banned from ' .
+			(!isset($ban['uri']) ?
+				'all boards':
+				'<strong>' . sprintf($config['board_abbreviation'], $ban['uri']) . '</strong>'
+			) .
+			' ' .
 			($ban['reason'] ? 'for the following reason:' : 'for an unspecified reason.') .
 		'</p>' .
 			($ban['reason'] ?
@@ -464,7 +469,7 @@
 		));
 	}
 	
-	function checkBan() {
+	function checkBan($board = 0) {
 		global $config, $memcached;
 		
 		if(!isset($_SERVER['REMOTE_ADDR'])) {
@@ -474,17 +479,19 @@
 		
 		if($config['memcached']['enabled']) {
 			// Cached ban?
-			if($ban = $memcached->get("ban_${_SERVER['REMOTE_ADDR']}")) {
+			if($ban = $memcached->get("ban_${board}_${_SERVER['REMOTE_ADDR']}")) {
 				displayBan($ban);
 			}
 		}
 		
-		$query = prepare("SELECT * FROM `bans` WHERE `ip` = :ip ORDER BY `expires` IS NULL DESC, `expires` DESC, `expires` DESC LIMIT 1");
+		$query = prepare("SELECT `set`, `expires`, `reason`, `board`, `uri` FROM `bans` LEFT JOIN `boards` ON `boards`.`id` = `board` WHERE (`board` IS NULL OR `uri` = :board) AND `ip` = :ip ORDER BY `expires` IS NULL DESC, `expires` DESC, `expires` DESC LIMIT 1");
 		$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
+		$query->bindValue(':board', $board);
 		$query->execute() or error(db_error($query));
 		if($query->rowCount() < 1 && $config['ban_range']) {
-			$query = prepare("SELECT * FROM `bans` WHERE :ip REGEXP CONCAT('^', REPLACE(REPLACE(`ip`, '.', '\\.'), '*', '[0-9]*'), '$') ORDER BY `expires` IS NULL DESC, `expires` DESC LIMIT 1");
+			$query = prepare("SELECT `set`, `expires`, `reason`, `board`, `uri` FROM `bans` LEFT JOIN `boards` ON `boards`.`id` = `board` WHERE (`board` IS NULL OR `uri` = :board) AND :ip REGEXP CONCAT('^', REPLACE(REPLACE(`ip`, '.', '\\.'), '*', '[0-9]*'), '$') ORDER BY `expires` IS NULL DESC, `expires` DESC LIMIT 1");
 			$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
+			$query->bindValue(':board', $board);
 			$query->execute() or error(db_error($query));
 		}
 		
@@ -506,7 +513,7 @@
 			}
 			
 			if($config['memcached']['enabled'])
-				$memcached->set("ban_${_SERVER['REMOTE_ADDR']}", $ban, $ban['expires']);
+				$memcached->set("ban_${board}_${_SERVER['REMOTE_ADDR']}", $ban, $ban['expires']);
 			displayBan($ban);
 		}
 	}
diff --git a/inc/mod.php b/inc/mod.php
index 0887cd07..8691317b 100644
--- a/inc/mod.php
+++ b/inc/mod.php
@@ -174,6 +174,23 @@
 	
 	function form_newBan($ip=null, $reason='', $continue=false, $delete=false, $board=false, $allow_public = false) {
 		global $config, $mod;
+		
+		$boards = listBoards();
+		$__boards = '<li><input type="radio" name="board_id" id="board_*" value="-1"/> <label style="display:inline" for="board_*"><em>all boards</em></label></li>';
+		foreach($boards as &$_board) {
+			$__boards .= '<li>' .
+						'<input type="radio" name="board_id" id="board_' . $_board['uri'] . '" value="' . $_board['id'] . '">' .
+						'<label style="display:inline" for="board_' . $_board['uri'] . '"> ' .
+							($_board['uri'] == '*' ?
+								'<em>"*"</em>'
+							:
+								sprintf($config['board_abbreviation'], $_board['uri'])
+							) .
+							' - ' . $_board['title'] .
+						'</label>' .
+						'</li>';
+		}
+		
 		return '<fieldset><legend>New ban</legend>' . 
 					'<form action="?/ban" method="post">' . 
 						($continue ? '<input type="hidden" name="continue" value="' . htmlentities($continue) . '" />' : '') .
@@ -214,6 +231,12 @@
 							'<td><input type="text" name="length" id="length" size="20" maxlength="40" />' .
 							' <span class="unimportant">(eg. "2d1h30m" or "2 days")</span></td>' .
 						'</tr>' . 
+						
+						'<tr>' . 
+							'<th>Board</th>' .
+							'<td><ul style="list-style:none;padding:2px 5px">' . $__boards . '</tl></td>' .
+						'</tr>' . 
+						
 						'<tr>' . 
 							'<td></td>' . 
 							'<td><input name="new_ban" type="submit" value="New Ban" /></td>' . 
diff --git a/mod.php b/mod.php
index 91c27354..011eea76 100644
--- a/mod.php
+++ b/mod.php
@@ -1040,7 +1040,7 @@
 					), listBoards());
 				foreach($boards as &$_board) {
 					$__boards .= '<li>' .
-						'<input type="checkbox" name="board_' . $_board['uri'] . '" id="board_' . $_board['uri'] . '"' .
+						'<input type="checkbox" name="board_' . $_board['uri'] . '" id="board_' . $_board['uri'] . '">' .
 						'<label style="display:inline" for="board_' . $_board['uri'] . '"> ' .
 							($_board['uri'] == '*' ?
 								'<em>"*"</em>'
@@ -1173,7 +1173,7 @@
 				$_mod['boards'] = explode(',', $_mod['boards']);
 				foreach($boards as &$_board) {
 					$__boards .= '<li>' .
-						'<input type="checkbox" name="board_' . $_board['uri'] . '" id="board_' . $_board['uri'] . '"' .
+						'<input type="checkbox" name="board_' . $_board['uri'] . '" id="board_' . $_board['uri'] . '">' .
 							(in_array($_board['uri'], $_mod['boards']) ? 
 								' checked="checked"'
 							: '') .
@@ -1440,19 +1440,19 @@
 						
 						if($config['memcached']['enabled']) {
 							// Remove cached ban
+							// TODO
 							$memcached->delete("ban_${m[1]}");
 						}
 					}
 				}
 			}
-			
 			if($mod['type'] >= $config['mod']['view_banexpired']) {
-				$query = prepare("SELECT * FROM `bans` INNER JOIN `mods` ON `mod` = `id` GROUP BY `ip` ORDER BY (`expires` IS NOT NULL AND `expires` < :time), `set` DESC");
+				$query = prepare("SELECT * FROM `bans` LEFT JOIN `boards` ON `boards`.`id` = `board` INNER JOIN `mods` ON `mod` = `mods`.`id` GROUP BY `ip` ORDER BY (`expires` IS NOT NULL AND `expires` < :time), `set` DESC");
 				$query->bindValue(':time', time(), PDO::PARAM_INT);
 				$query->execute() or error(db_error($query));
 			} else {
 				// Filter out expired bans
-				$query = prepare("SELECT * FROM `bans` INNER JOIN `mods` ON `mod` = `id` GROUP BY `ip` WHERE `expires` = 0 OR `expires` > :time ORDER BY `set` DESC");
+				$query = prepare("SELECT * FROM `bans` LEFT JOIN `boards` ON `boards`.`id` = `board` INNER JOIN `mods` ON `mod` = `mods`.`id` GROUP BY `ip` WHERE `expires` = 0 OR `expires` > :time ORDER BY `set` DESC");
 				$query->bindValue(':time', time(), PDO::PARAM_INT);
 				$query->execute() or error(db_error($query));
 			}
@@ -1461,7 +1461,7 @@
 				$body = '<p style="text-align:center" class="unimportant">(There are no active bans.)</p>';
 			} else {
 				$body = '<form action="" method="post">';
-				$body .= '<table><tr><th>IP address</th><th>Reason</th><th>Set</th><th>Expires</th><th>Staff</th></tr>';
+				$body .= '<table><tr><th>IP address</th><th>Reason</th><th>Board</th><th>Set</th><th>Expires</th><th>Staff</th></tr>';
 				
 				while($ban = $query->fetch()) {
 					$body .=
@@ -1488,6 +1488,14 @@
 					// Reason
 					'<td>' . ($ban['reason'] ? $ban['reason'] : '<em>-</em>') . '</td>' .
 					
+					
+					'<td>' .
+					(isset($ban['uri']) ?
+						sprintf($config['board_abbreviation'], $ban['uri'])
+					:
+						'<em>all boards</em>'
+					) . '</td>' .
+					
 					// Set
 					'<td style="white-space: nowrap">' . date($config['post_date'], $ban['set']) . '</td>' .
 					
@@ -1905,14 +1913,15 @@
 			if(isset($_POST['new_ban'])) {
 				if(	!isset($_POST['ip']) ||
 					!isset($_POST['reason']) ||
-					!isset($_POST['length'])
+					!isset($_POST['length']) ||
+					!isset($_POST['board_id'])
 				)	error($config['error']['missedafield']);
 				
 				// Check required fields
 				if(empty($_POST['ip']))
 					error(sprintf($config['error']['required'], 'IP address'));
 				
-				$query = prepare("INSERT INTO `bans` VALUES (:ip, :mod, :set, :expires, :reason)");
+				$query = prepare("INSERT INTO `bans` VALUES (:ip, :mod, :set, :expires, :reason, :board)");
 				
 				// 1yr2hrs30mins
 				// 1y2h30m
@@ -1958,12 +1967,19 @@
 				$query->bindValue(':mod', $mod['id'], PDO::PARAM_INT);
 				$query->bindValue(':set', time(), PDO::PARAM_INT);
 				
+				
 				if(isset($_POST['reason'])) {
 					$query->bindValue(':reason', $_POST['reason'], PDO::PARAM_STR);
 				} else {
 					$query->bindValue(':reason', null, PDO::PARAM_NULL);
 				}
 				
+				if($_POST['board_id'] < 0) {
+					$query->bindValue(':board', null, PDO::PARAM_NULL);
+				} else {
+					$query->bindValue(':board', (int)$_POST['board_id'], PDO::PARAM_INT);
+				}
+				
 				// Record the action
 				modLog('Created a ' . ($expire ? $expire . ' second' : 'permanent') . " ban for {$_POST['ip']} with " . (!empty($_POST['reason']) ? "reason \"{$_POST['reason']}\"" : 'no reason'));
 				
@@ -2189,7 +2205,7 @@
 			}
 			
 			if($mod['type'] >= $config['mod']['view_ban']) {
-				$query = prepare("SELECT * FROM `bans` INNER JOIN `mods` ON `mod` = `id` WHERE `ip` = :ip");
+				$query = prepare("SELECT * FROM `bans` LEFT JOIN `boards` ON `boards`.`id` = `board` INNER JOIN `mods` ON `mod` = `mods`.`id` WHERE `ip` = :ip");
 				$query->bindValue(':ip', $ip);
 				$query->execute() or error(db_error($query));
 				
@@ -2209,6 +2225,14 @@
 						// Reason
 						'<tr><th>Reason</th><td>' . $ban['reason'] . '</td></tr>' .
 						
+						// Board
+						'<tr><th>Board</th><td>' .
+						(isset($ban['uri']) ?
+							sprintf($config['board_abbreviation'], $ban['uri'])
+						:
+							'<em>all boards</em>'
+						) . '</td></tr>' .
+						
 						// Set
 						'<tr><th>Set</th><td>' . date($config['post_date'], $ban['set']) . '</td></tr>' .
 						
diff --git a/post.php b/post.php
index 160dbf9c..345a622a 100644
--- a/post.php
+++ b/post.php
@@ -36,17 +36,15 @@
 			}
 		}
 		
-		
-		
-		// Check if banned
-		checkBan();
-		
 		checkDNSBL();
 			
 		// Check if board exists
 		if(!openBoard($_POST['board']))
 			error($config['error']['noboard']);
 		
+		// Check if banned
+		checkBan($board['uri']);
+		
 		if(empty($delete))
 			error($config['error']['nodelete']);
 			
@@ -96,17 +94,15 @@
 			}
 		}
 		
-		
-		
-		// Check if banned
-		checkBan();
-		
 		checkDNSBL();
 			
 		// Check if board exists
 		if(!openBoard($_POST['board']))
 			error($config['error']['noboard']);
 		
+		// Check if banned
+		checkBan($board['uri']);
+		
 		if(empty($report))
 			error($config['error']['noreport']);
 		
@@ -174,15 +170,15 @@
 		if(time()-$user['appeared']<LURKTIME) error(ERROR_LURK);
 		*/
 		
-		// Check if banned
-		checkBan();
-		
 		checkDNSBL();
 			
 		// Check if board exists
 		if(!openBoard($post['board']))
 			error($config['error']['noboard']);
 		
+		// Check if banned
+		checkBan($board['uri']);
+		
 		// Check for CAPTCHA right after opening the board so the "return" link is in there
 		if($config['recaptcha']) {
 			if(!isset($_POST['recaptcha_challenge_field']) || !isset($_POST['recaptcha_response_field']))

IP address	Reason	Board
' . ($ban['reason'] ? $ban['reason'] : '-') . '	' . + (isset($ban['uri']) ? + sprintf($config['board_abbreviation'], $ban['uri']) + : + 'all boards' + ) . '	' . date($config['post_date'], $ban['set']) . '
Reason	' . $ban['reason'] . '
Board	' . + (isset($ban['uri']) ? + sprintf($config['board_abbreviation'], $ban['uri']) + : + 'all boards' + ) . '
Set	' . date($config['post_date'], $ban['set']) . '