[31362] | 1 | <?php |
---|
| 2 | |
---|
| 3 | if (!defined('PHPWG_ROOT_PATH')) |
---|
| 4 | die('Hacking attempt!'); |
---|
| 5 | global $template, $conf, $user; |
---|
| 6 | include_once(PHPWG_ROOT_PATH . 'admin/include/tabsheet.class.php'); |
---|
| 7 | load_language('plugin.lang', ANTIASPI_PATH); |
---|
| 8 | $my_base_url = PHPWG_ROOT_PATH.'admin.php?page=plugin-'; //get_admin_plugin_menu_link(__FILE__); |
---|
| 9 | |
---|
| 10 | // +-----------------------------------------------------------------------+ |
---|
| 11 | // | Check Access and exit when user status is not ok | |
---|
| 12 | // +-----------------------------------------------------------------------+ |
---|
| 13 | check_status(ACCESS_ADMINISTRATOR); |
---|
| 14 | |
---|
| 15 | //-------------------------------------------------------- sections definitions |
---|
| 16 | if (!isset($_GET['tab'])) |
---|
| 17 | $page['tab'] = 'ipban'; |
---|
| 18 | else |
---|
| 19 | $page['tab'] = $_GET['tab']; |
---|
[31370] | 20 | $template->func_combine_css(array('id'=>'dst','path'=>ANTIASPI_PATH.'antiaspi.css')); |
---|
[31362] | 21 | |
---|
| 22 | |
---|
| 23 | $tabsheet = new tabsheet(); |
---|
| 24 | $tabsheet->add('ipban', l10n('IP ban'), ANTIASPI_ADMIN . '-ipban'); |
---|
[31370] | 25 | $tabsheet->add('ipconfig', l10n('Configuration '), ANTIASPI_ADMIN . '-ipconfig '); |
---|
[31362] | 26 | $tabsheet->select($page['tab']); |
---|
| 27 | $tabsheet->assign(); |
---|
| 28 | |
---|
| 29 | switch ($page['tab']) { |
---|
| 30 | case 'ipban': |
---|
[31370] | 31 | $template->assign( |
---|
| 32 | 'ipbangest', array( |
---|
[31372] | 33 | 'A' => 'a', |
---|
[31370] | 34 | )); |
---|
[31362] | 35 | $ipban = pwg_query("SELECT * FROM " . ANTIASPI_TABLE . ";"); |
---|
[31372] | 36 | $antiaspi = safe_unserialize($conf['antiaspi']); |
---|
[31367] | 37 | |
---|
[31362] | 38 | $admin_base_url = ANTIASPI_ADMIN . '-ipban'; |
---|
| 39 | if (pwg_db_num_rows($ipban)) { |
---|
| 40 | while ($ipban2 = pwg_db_fetch_assoc($ipban)) { |
---|
| 41 | |
---|
| 42 | $items = array( |
---|
| 43 | 'ID' => $ipban2['id'], |
---|
| 44 | 'IP' => $ipban2['ip'], |
---|
| 45 | 'DATE' => $ipban2['date'], |
---|
| 46 | 'U_DELETE' => $admin_base_url . '&delete=' . $ipban2['id'], |
---|
| 47 | 'U_EDIT' => $admin_base_url . '&edit=' . $ipban2['id'], |
---|
| 48 | ); |
---|
| 49 | |
---|
| 50 | $template->append('ipban2', $items); |
---|
| 51 | } |
---|
| 52 | } |
---|
| 53 | |
---|
| 54 | if (isset($_GET['delete'])) { |
---|
| 55 | |
---|
| 56 | check_input_parameter('delete', $_GET, false, PATTERN_ID); |
---|
| 57 | $query = 'DELETE FROM ' . ANTIASPI_TABLE . ' WHERE id = ' . $_GET['delete'] . ';'; |
---|
| 58 | pwg_query($query); |
---|
| 59 | |
---|
[31366] | 60 | $_SESSION['page_infos'] = array(l10n('IP ban deleted')); |
---|
[31362] | 61 | redirect($admin_base_url); |
---|
| 62 | } |
---|
[31371] | 63 | |
---|
| 64 | if (isset($_POST['submitdeleteall'])) { |
---|
| 65 | $query = 'DELETE FROM ' . ANTIASPI_TABLE . ';'; |
---|
| 66 | pwg_query($query); |
---|
[31362] | 67 | redirect($admin_base_url); |
---|
[31372] | 68 | } |
---|
| 69 | if (isset($_POST['submitdeletedeprecated'])) { |
---|
| 70 | $query = 'DELETE FROM ' . ANTIASPI_TABLE . ' WHERE date < ADDTIME(NOW(), "-' . $antiaspi['banned during'] . '");'; |
---|
| 71 | pwg_query($query); |
---|
| 72 | redirect($admin_base_url); |
---|
| 73 | } |
---|
[31362] | 74 | break; |
---|
[31370] | 75 | case 'ipconfig': |
---|
| 76 | global $conf, $template; |
---|
| 77 | $admin_base_url = ANTIASPI_ADMIN . '-ipconfig'; |
---|
| 78 | $antiaspi = safe_unserialize($conf['antiaspi']); |
---|
| 79 | /* |
---|
| 80 | $conf['antiaspi'] = array( |
---|
| 81 | 'diff' => '20 pages in 00:00:10' , // IP banned if 20 different pages viewed in 10 seconds |
---|
| 82 | 'same' => '15 pages in 00:00:30' , // IP banned if same 15 pages viewed in 30 seconds |
---|
| 83 | 'banned during' => '23:59:59' , // IP banned during hh:mm:ss |
---|
| 84 | 'only guest' => true , // If true, don't ban registered users |
---|
| 85 | 'only picture' => false , // If true, apply antiaspi only on picture page |
---|
| 86 | 'allowed ip' => array() // Autorized IP (robots for example) |
---|
| 87 | ); |
---|
| 88 | */ |
---|
| 89 | $diff = explode(" pages in ", $antiaspi['diff']); |
---|
| 90 | $tempsdiff= explode(":", $diff[1]); |
---|
| 91 | $tempsdiffsec=$tempsdiff[2]+($tempsdiff[1]*60)+($tempsdiff[0]*60*60); |
---|
| 92 | |
---|
| 93 | $same = explode(" pages in ", $antiaspi['same']); |
---|
| 94 | $tempssame= explode(":", $same[1]); |
---|
| 95 | $tempssamesec=$tempssame[2]+($tempssame[1]*60)+($tempssame[0]*60*60); |
---|
| 96 | |
---|
| 97 | $onlyguest = array( |
---|
[31372] | 98 | l10n('Yes'), |
---|
| 99 | l10n('No'), |
---|
[31370] | 100 | ); |
---|
| 101 | $onlyguestv = array( |
---|
| 102 | true, |
---|
| 103 | false, |
---|
| 104 | ); |
---|
| 105 | $onlypicture = array( |
---|
[31372] | 106 | l10n('Yes'), |
---|
| 107 | l10n('No'), |
---|
[31370] | 108 | ); |
---|
| 109 | $onlypicturev = array( |
---|
| 110 | true, |
---|
| 111 | false, |
---|
| 112 | ); |
---|
| 113 | $template->assign( |
---|
| 114 | 'ipconfiggest', array( |
---|
| 115 | 'DIFFA' => $diff[0], |
---|
| 116 | 'DIFFB' => $tempsdiffsec, |
---|
| 117 | 'SAMEA' => $same[0], |
---|
| 118 | 'SAMEB' => $tempssamesec, |
---|
| 119 | 'ONLYGUEST' => $onlyguest, |
---|
| 120 | 'ONLYGUESTV' => $onlyguestv, |
---|
| 121 | 'ONLYGUESTSELECT' => $antiaspi['only guest'], |
---|
| 122 | 'ONLYPICTURE' => $onlypicture, |
---|
| 123 | 'ONLYPICTUREV' => $onlypicturev, |
---|
| 124 | 'ONLYPICTURESELECT' => $antiaspi['only picture'], |
---|
| 125 | )); |
---|
| 126 | $i = 0; |
---|
| 127 | while ($i < count($antiaspi['allowed ip'])) { |
---|
| 128 | |
---|
| 129 | $items = array( |
---|
| 130 | 'IP' => $antiaspi['allowed ip'][$i], |
---|
| 131 | 'U_DELETE' => $admin_base_url . '&delete='.$i , |
---|
| 132 | ); |
---|
| 133 | |
---|
| 134 | $template->append('allowip', $items); |
---|
| 135 | $i++; |
---|
| 136 | } |
---|
| 137 | |
---|
| 138 | |
---|
| 139 | /*$time = '7000'; |
---|
| 140 | echo date('h:i:s', $time); |
---|
| 141 | */ |
---|
| 142 | |
---|
| 143 | if (isset($_POST['submitconfban'])) { |
---|
| 144 | /*$time = date('h:i:s', $_POST['insdiffb']); revoir fonction date HS ?*/ |
---|
| 145 | $antiaspi['diff']=$_POST['insdiffa'].' pages in '.date('00:i:s', ($_POST['insdiffb'])); |
---|
| 146 | $antiaspi['same']=$_POST['inssamea'].' pages in '.date('00:i:s', ($_POST['inssameb'])); |
---|
| 147 | $antiaspi['only guest']=$_POST['insonlyguest']; |
---|
| 148 | $antiaspi['only picture']=$_POST['insonlypicturet']; |
---|
| 149 | |
---|
| 150 | conf_update_param('antiaspi', $antiaspi); |
---|
| 151 | redirect($admin_base_url); |
---|
[31362] | 152 | } |
---|
[31370] | 153 | |
---|
| 154 | if (isset($_POST['submitaddipallowed'])) { |
---|
| 155 | $i = 0; |
---|
| 156 | while ($i < count($antiaspi['allowed ip'])) { |
---|
| 157 | if($_POST['insipallowed']==$antiaspi['allowed ip'][$i]) |
---|
| 158 | { |
---|
| 159 | $_SESSION['page_errors'] = array(l10n('IP already allowed')); |
---|
| 160 | redirect($admin_base_url); |
---|
| 161 | } |
---|
| 162 | $i++; |
---|
| 163 | }; |
---|
| 164 | |
---|
| 165 | $antiaspi['allowed ip'][]=$_POST['insipallowed']; |
---|
| 166 | conf_update_param('antiaspi', $antiaspi); |
---|
| 167 | redirect($admin_base_url); |
---|
| 168 | } |
---|
| 169 | |
---|
| 170 | if (isset($_GET['delete'])) { |
---|
| 171 | check_input_parameter('delete', $_GET, false, PATTERN_ID); |
---|
| 172 | unset($antiaspi['allowed ip'][($_GET['delete'])]); |
---|
| 173 | $antiaspi['allowed ip'] = array_values($antiaspi['allowed ip']); |
---|
| 174 | conf_update_param('antiaspi', $antiaspi); |
---|
| 175 | redirect($admin_base_url); |
---|
| 176 | } |
---|
| 177 | |
---|
| 178 | |
---|
| 179 | break; |
---|
| 180 | } |
---|
[31362] | 181 | |
---|
| 182 | |
---|
| 183 | $template->set_filenames(array('plugin_admin_content' => dirname(__FILE__) . '/admin.tpl')); |
---|
| 184 | $template->assign_var_from_handle('ADMIN_CONTENT', 'plugin_admin_content'); |
---|
| 185 | ?> |
---|