Add source IP to ban_appeals table

inc/mod/pages.php

@@ -1066,7 +1066,7 @@ function mod_ban_appeals() {
         return;
     }
 
-    $query = query("SELECT *, ``ban_appeals``.`id` AS `id` FROM ``ban_appeals``
+    $query = query("SELECT *, ``ban_appeals``.`id` AS `id`, ``ban_appeals``.`source_ip` AS `source_ip` FROM ``ban_appeals``
         LEFT JOIN ``bans`` ON `ban_id` = ``bans``.`id`
         LEFT JOIN ``mods`` ON ``bans``.`creator` = ``mods``.`id`
         WHERE `denied` != 1 ORDER BY `time`") or error(db_error());

install.sql

@@ -290,6 +290,7 @@ CREATE TABLE IF NOT EXISTS `flood` (
 CREATE TABLE IF NOT EXISTS `ban_appeals` (
   `id` int(10) unsigned NOT NULL AUTO_INCREMENT,
   `ban_id` int(10) unsigned NOT NULL,
+  `source_ip` varbinary(16) DEFAULT NULL,
   `time` int(10) unsigned NOT NULL,
   `message` text NOT NULL,
   `denied` tinyint(1) NOT NULL,

post.php

@@ -170,10 +170,11 @@ function db_insert_report($ip, $board, $post_id, $reason)
  * @param string $appeal_message Appeal message.
  * @return void
  */
-function db_insert_ban_appeal($ban_id, $appeal_message)
+function db_insert_ban_appeal($ban_id, $source_ip, $appeal_message)
 {
-    $query = prepare("INSERT INTO ``ban_appeals`` VALUES (NULL, :ban_id, :time, :message, 0)");
+    $query = prepare("INSERT INTO ``ban_appeals`` VALUES (NULL, :ban_id, :source_ip, :time, :message, 0)");
     $query->bindValue(':ban_id', $ban_id, PDO::PARAM_INT);
+    $query->bindValue(':source_ip', $source_ip);
     $query->bindValue(':time', time(), PDO::PARAM_INT);
     $query->bindValue(':message', $appeal_message);
     $query->execute() or error(db_error($query));
@@ -1659,7 +1660,8 @@ function handle_appeal()
     // Doubles as sanitization against SQL injection.
     $ban_id = (int) $_POST['ban_id'];
 
-    $bans = Bans::find($_SERVER['REMOTE_ADDR']);
+    $source_ip = $_SERVER['REMOTE_ADDR'];
+    $bans = Bans::find($source_ip);
     foreach ($bans as $_ban) {
         if ($_ban['id'] == $ban_id) {
             $ban = $_ban;
@@ -1693,7 +1695,7 @@ function handle_appeal()
 
     // Sanitize away eventual Cross Site Scripting funkyness.
     $appeal_msg = htmlspecialchars($_POST['appeal']);
-    db_insert_ban_appeal($ban_id, $appeal_msg);
+    db_insert_ban_appeal($ban_id, $source_ip, $appeal_msg);
 
     displayBan($ban);
 }