Context Navigation

source: extensions/BanIP/admin.php @ 31974

Last change on this file since 31974 was 31746, checked in by ddtddt, 7 years ago
[extensions] - Ban IP - add table Ip list - datatables
File size: 7.6 KB

Line
1	<?php
2	// +-----------------------------------------------------------------------+
3	// \| Ban IP plugin for piwigo \|
4	// +-----------------------------------------------------------------------+
5	// \| Copyright(C) 2016-2017 ddtddt http://temmii.com/piwigo/ \|
6	// +-----------------------------------------------------------------------+
7	// \| This program is free software; you can redistribute it and/or modify \|
8	// \| it under the terms of the GNU General Public License as published by \|
9	// \| the Free Software Foundation \|
10	// \| \|
11	// \| This program is distributed in the hope that it will be useful, but \|
12	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
13	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
14	// \| General Public License for more details. \|
15	// \| \|
16	// \| You should have received a copy of the GNU General Public License \|
17	// \| along with this program; if not, write to the Free Software \|
18	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
19	// \| USA. \|
20	// +-----------------------------------------------------------------------+
21
22	if (!defined('PHPWG_ROOT_PATH'))
23	die('Hacking attempt!');
24	global $template, $conf, $user;
25	include_once(PHPWG_ROOT_PATH . 'admin/include/tabsheet.class.php');
26	load_language('plugin.lang', BANIP_PATH);
27	$my_base_url = PHPWG_ROOT_PATH.'admin.php?page=plugin-';
28
29	// +-----------------------------------------------------------------------+
30	// \| Check Access and exit when user status is not ok \|
31	// +-----------------------------------------------------------------------+
32	check_status(ACCESS_ADMINISTRATOR);
33
34	//-------------------------------------------------------- sections definitions
35	if (!isset($_GET['tab']))
36	$page['tab'] = 'banip';
37	else
38	$page['tab'] = $_GET['tab'];
39
40
41
42	$tabsheet = new tabsheet();
43	$tabsheet->add('banip', l10n('Ban IP'), BANIP_ADMIN . '-banip');
44	$tabsheet->select($page['tab']);
45	$tabsheet->assign();
46
47	switch ($page['tab']) {
48	case 'banip':
49	$admin_base_url = BANIP_ADMIN . '-banip';
50	$template->assign(
51	'ipbangest', array(
52	'U_DELETEALL' => $admin_base_url . '&deleteall',
53	));
54	$ipban = pwg_query("SELECT * FROM " . BANIP_TABLE . ";");
55
56	$template->func_combine_css(array('id'=>'dst','path'=>BANIP_PATH.'banip.css'));
57
58
59	if (pwg_db_num_rows($ipban)) {
60	while ($ipban2 = pwg_db_fetch_assoc($ipban)) {
61
62	$items = array(
63	'ID' => $ipban2['id'],
64	'IP' => $ipban2['ip'],
65	'U_DELETE' => $admin_base_url . '&delete=' . $ipban2['id'],
66	'U_EDIT' => $admin_base_url . '&edit=' . $ipban2['id'],
67	);
68
69	$template->append('ipban2', $items);
70	}
71	}
72
73	if (isset($_GET['delete'])) {
74
75	check_input_parameter('delete', $_GET, false, PATTERN_ID);
76	$query = 'DELETE FROM ' . BANIP_TABLE . ' WHERE id = ' . $_GET['delete'] . ';';
77	pwg_query($query);
78
79	$_SESSION['page_infos'] = array(l10n('IP ban deleted'));
80	redirect($admin_base_url);
81	}
82
83	if (isset($_GET['edit'])) {
84	check_input_parameter('edit', $_GET, false, PATTERN_ID);
85	$query = 'SELECT * FROM ' . BANIP_TABLE . ' WHERE id = \'' . $_GET['edit'] . '\';';
86	$result = pwg_query($query);
87	$row = pwg_db_fetch_assoc($result);
88	$template->assign(
89	'ipban_edit', array(
90	'ID' => $row['id'],
91	'IP' => $row['ip'],
92	));
93	}
94
95	if (isset($_GET['deleteall'])) {
96	$query = 'DELETE FROM ' . BANIP_TABLE . ';';
97	pwg_query($query);
98	redirect($admin_base_url);
99	}
100
101
102	//add ban
103	if (isset($_POST['submitipban'])) {
104	$template->assign(
105	'ipban_add', array(
106	'nada' => l10n('nada'),
107	));
108	$template->clear_assign(
109	'ipban_edit', array(
110	));
111	}
112
113	if (isset($_POST['submitaddipban'])) {
114	$plage= explode(".", $_POST['inserip']);
115	if(count($plage)!=4)
116	{
117	$_SESSION['page_errors'] = array(l10n('This isn\'t an IP'));
118	redirect($admin_base_url);
119	}
120	if($plage[3]=='*')
121	{
122	$query = 'SELECT COUNT(*) AS verif_exist FROM ' . BANIP_TABLE . ' WHERE ip = \'' . $_POST['inserip'] . '\';';
123	$result = pwg_query($query);
124	$exist=pwg_db_fetch_array($result);
125	if($exist['verif_exist']>0)
126	{
127	$_SESSION['page_errors'] = array(l10n('Range IP already banned'));
128	redirect($admin_base_url);
129	}
130	}
131	$ipaddinrange=$plage[0].".".$plage[1].".".$plage[2].".*";
132	$query = 'SELECT COUNT(*) AS verif_exist FROM ' . BANIP_TABLE . ' WHERE ip = \'' . $ipaddinrange . '\';';
133	$result = pwg_query($query);
134	$exist=pwg_db_fetch_array($result);
135	if($exist['verif_exist']>0)
136	{
137	$_SESSION['page_errors'] = array(l10n('IP is in a banned range'));
138	redirect($admin_base_url);
139	}
140	$query = 'SELECT COUNT(*) AS verif_exist FROM ' . BANIP_TABLE . ' WHERE ip = \'' . $_POST['inserip'] . '\';';
141	$result = pwg_query($query);
142	$exist=pwg_db_fetch_array($result);
143	if($exist['verif_exist']>0)
144	{
145	$_SESSION['page_errors'] = array(l10n('IP already banned'));
146	redirect($admin_base_url);
147	}
148	if($plage[3]=='*')
149	{
150	$oldip=$plage[0].".".$plage[1].".".$plage[2].".";
151	$query = 'DELETE FROM ' . BANIP_TABLE . ' WHERE ip LIKE "' . $oldip . '%";';
152	pwg_query($query);
153	$_SESSION['page_infos'] = array(l10n('Range IP ban insert'));
154	}
155	else
156	{
157	$_SESSION['page_infos'] = array(l10n('IP ban insert'));
158	}
159	$query = 'INSERT INTO ' . BANIP_TABLE .'(ip) VALUES ("' . $_POST['inserip'] . '");';
160	$result = pwg_query($query);
161	redirect($admin_base_url);
162	}
163
164	if (isset($_POST['submitaddipban2'])) {
165	$plage= explode(".", $_POST['inserip']);
166	if(count($plage)!=4)
167	{
168	$_SESSION['page_errors'] = array(l10n('This isn\'t an IP'));
169	redirect($admin_base_url);
170	}
171	if($plage[3]=='*')
172	{
173	$query = 'SELECT COUNT(*) AS verif_exist FROM ' . BANIP_TABLE . ' WHERE ip = \'' . $_POST['inserip'] . '\';';
174	$result = pwg_query($query);
175	$exist=pwg_db_fetch_array($result);
176	if($exist['verif_exist']>0)
177	{
178	$_SESSION['page_errors'] = array(l10n('Range IP already banned'));
179	redirect($admin_base_url);
180	}
181	}
182	$ipaddinrange=$plage[0].".".$plage[1].".".$plage[2].".*";
183	$query = 'SELECT COUNT(*) AS verif_exist FROM ' . BANIP_TABLE . ' WHERE ip = \'' . $ipaddinrange . '\';';
184	$result = pwg_query($query);
185	$exist=pwg_db_fetch_array($result);
186	if($exist['verif_exist']>0)
187	{
188	$_SESSION['page_errors'] = array(l10n('IP is in a banned range'));
189	redirect($admin_base_url);
190	}
191	$query = 'SELECT COUNT(*) AS verif_exist FROM ' . BANIP_TABLE . ' WHERE ip = \'' . $_POST['inserip'] . '\';';
192	$result = pwg_query($query);
193	$exist=pwg_db_fetch_array($result);
194	if($exist['verif_exist']>0)
195	{
196	$_SESSION['page_errors'] = array(l10n('IP already banned'));
197	redirect($admin_base_url);
198	}
199	if($plage[3]=='*')
200	{
201	$oldip=$plage[0].".".$plage[1].".".$plage[2].".";
202	$query = 'DELETE FROM ' . BANIP_TABLE . ' WHERE ip LIKE "' . $oldip . '%";';
203	pwg_query($query);
204	$_SESSION['page_infos'] = array(l10n('Range IP ban update'));
205	}
206	else
207	{
208	$_SESSION['page_infos'] = array(l10n('IP ban update'));
209	}
210	$query = 'UPDATE ' . BANIP_TABLE .' SET ip= "'.$_POST['inserip'].'" WHERE id = '.$_POST['invisibleID'].';';
211	$result = pwg_query($query);
212	redirect($admin_base_url);
213	}
214
215	break;
216	}
217
218
219	$template->set_filenames(array('plugin_admin_content' => dirname(__FILE__) . '/admin.tpl'));
220	$template->assign_var_from_handle('ADMIN_CONTENT', 'plugin_admin_content');
221	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: