From b4aa39ca2def14eb1f6521eeb9e6f0a76b3720f5 Mon Sep 17 00:00:00 2001
From: Savetheinternet <savetheinternet@n0v4.com>
Date: Thu, 31 Mar 2011 00:12:36 +1100
Subject: [PATCH] IP range bans

---
 inc/config.php    |  4 ++++
 inc/functions.php |  7 ++++++-
 mod.php           | 12 ++++++++----
 3 files changed, 18 insertions(+), 5 deletions(-)

diff --git a/inc/config.php b/inc/config.php
index c1f8dbc5..13370614 100644
--- a/inc/config.php
+++ b/inc/config.php
@@ -462,6 +462,10 @@
 	// Characters used to generate a random password (with Javascript)
 	$config['genpassword_chars'] = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()_+';
 	
+	// Enable IP range bans (eg. "127.*.0.1", "127.0.0.*", and "12*.0.0.1" all match "127.0.0.1").
+	// A little more load on the database
+	$config['ban_range']	= true;
+	
 	// Custom stylesheets available. The prefix for each stylesheet URI is defined below.
 	$config['stylesheets'] = Array(
 		// Stylesheet name => URI
diff --git a/inc/functions.php b/inc/functions.php
index 4ee5b4ae..e2a2454b 100644
--- a/inc/functions.php
+++ b/inc/functions.php
@@ -195,9 +195,14 @@
 			return;
 		}
 		
-		$query = prepare("SELECT * FROM `bans` WHERE `ip` = :ip LIMIT 1");
+		$query = prepare("SELECT * FROM `bans` WHERE `ip` = :ip ORDER BY `expires` IS NULL DESC, `expires` DESC, `expires` DESC LIMIT 1");
 		$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
 		$query->execute() or error(db_error($query));
+		if($query->rowCount() < 1 && $config['ban_range']) {
+			$query = prepare("SELECT * FROM `bans` WHERE :ip REGEXP CONCAT('^', REPLACE(REPLACE(`ip`, '.', '\\.'), '*', '[0-9]*'), '$') ORDER BY `expires` IS NULL DESC, `expires` DESC LIMIT 1");
+			$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
+			$query->execute() or error(db_error($query));
+		}
 		
 		if($ban = $query->fetch()) {
 			if($ban['expires'] && $ban['expires'] < time()) {
diff --git a/mod.php b/mod.php
index 9b649524..8808e896 100644
--- a/mod.php
+++ b/mod.php
@@ -945,7 +945,7 @@
 			}
 			
 			if($query->rowCount() < 1) {
-				$body = '(There are no active bans.)';
+				$body = '<p style="text-align:center" class="unimportant">(There are no active bans.)</p>';
 			} else {
 				$body = '<form action="" method="post">';
 				$body .= '<table><tr><th>IP address</th><th>Reason</th><th>Set</th><th>Expires</th><th>Staff</th></tr>';
@@ -964,9 +964,13 @@
 					'<input type="checkbox" name="ban_' . $ban['ip'] . '" id="ban_' . $ban['ip'] . '" /> ' .
 					
 					// IP address
-					'<a href="?/IP/' .
-						$ban['ip'] .
-					'">'. $ban['ip'] . '</a></td>' .
+					(preg_match('/^(\d+\.\d+\.\d+\.\d+|' . $config['ipv6_regex'] . ')$/', $ban['ip']) ?
+						'<a href="?/IP/' .
+							$ban['ip'] .
+						'">'. $ban['ip'] . '</a>'
+					: $ban['ip']) .
+					
+					'</td>' .
 					
 					// Reason
 					'<td>' . ($ban['reason'] ? $ban['reason'] : '<em>-</em>') . '</td>' .