CIDR netmask bans

inc/config.php

@@ -718,6 +718,10 @@
 	// A little more load on the database
 	$config['ban_range']	= true;
 	
+	// Enable CDIR netmask bans (eg. "10.0.0.0/8" for 10.0.0.0.0 - 10.255.255.255). Useful for stopping persistent spammers.
+	// Again, a little more database load.
+	$config['ban_cidr']		= true;
+	
 	// Do a DNS lookup on IP addresses to get their hostname on the IP summary page
 	$config['mod']['dns_lookup'] = true;
 	// Show ban form on the IP summary page

inc/functions.php

@@ -537,8 +537,7 @@
 		if(!isset($_SERVER['REMOTE_ADDR'])) {
 			// Server misconfiguration
 			return;
-		}
-		
+		}		
 		
 		$query = prepare("SELECT `set`, `expires`, `reason`, `board`, `uri`, `bans`.`id` FROM `bans` LEFT JOIN `boards` ON `boards`.`id` = `board` WHERE (`board` IS NULL OR `uri` = :board) AND `ip` = :ip ORDER BY `expires` IS NULL DESC, `expires` DESC, `expires` DESC LIMIT 1");
 		$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
@@ -550,6 +549,21 @@
 			$query->bindValue(':board', $board);
 			$query->execute() or error(db_error($query));
 		}
+		if($query->rowCount() < 1 && $config['ban_cidr']) {
+			// my most insane SQL query yet
+			$query = prepare("SELECT `set`, `expires`, `reason`, `board`, `uri`, `bans`.`id` FROM `bans` LEFT JOIN `boards` ON `boards`.`id` = `board` WHERE (`board` IS NULL OR `uri` = :board)
+				AND (					
+					`ip` REGEXP '^(\[0-9]+\.\[0-9]+\.\[0-9]+\.\[0-9]+\)\/(\[0-9]+)$'
+						AND
+					:ip >= INET_ATON(SUBSTRING_INDEX(`ip`, '/', 1))
+						AND
+					:ip < INET_ATON(SUBSTRING_INDEX(`ip`, '/', 1)) + POW(2, 32 - SUBSTRING_INDEX(`ip`, '/', -1))
+				)
+				ORDER BY `expires` IS NULL DESC, `expires` DESC LIMIT 1");
+			$query->bindValue(':ip', ip2long($_SERVER['REMOTE_ADDR']));
+			$query->bindValue(':board', $board);
+			$query->execute() or error(db_error($query));
+		}
 		
 		if($ban = $query->fetch()) {
 			if($ban['expires'] && $ban['expires'] < time()) {