1 | <?php |
---|
2 | |
---|
3 | if (!defined('PHPWG_ROOT_PATH')) |
---|
4 | die('Hacking attempt!'); |
---|
5 | global $template, $conf, $user; |
---|
6 | include_once(PHPWG_ROOT_PATH . 'admin/include/tabsheet.class.php'); |
---|
7 | load_language('plugin.lang', ANTIASPI_PATH); |
---|
8 | $my_base_url = PHPWG_ROOT_PATH.'admin.php?page=plugin-'; //get_admin_plugin_menu_link(__FILE__); |
---|
9 | |
---|
10 | // +-----------------------------------------------------------------------+ |
---|
11 | // | Check Access and exit when user status is not ok | |
---|
12 | // +-----------------------------------------------------------------------+ |
---|
13 | check_status(ACCESS_ADMINISTRATOR); |
---|
14 | |
---|
15 | //-------------------------------------------------------- sections definitions |
---|
16 | if (!isset($_GET['tab'])) |
---|
17 | $page['tab'] = 'ipban'; |
---|
18 | else |
---|
19 | $page['tab'] = $_GET['tab']; |
---|
20 | $template->func_combine_css(array('id'=>'dst','path'=>ANTIASPI_PATH.'antiaspi.css')); |
---|
21 | |
---|
22 | |
---|
23 | $tabsheet = new tabsheet(); |
---|
24 | $tabsheet->add('ipban', l10n('IP ban'), ANTIASPI_ADMIN . '-ipban'); |
---|
25 | $tabsheet->add('ipconfig', l10n('Configuration '), ANTIASPI_ADMIN . '-ipconfig '); |
---|
26 | $tabsheet->select($page['tab']); |
---|
27 | $tabsheet->assign(); |
---|
28 | |
---|
29 | switch ($page['tab']) { |
---|
30 | case 'ipban': |
---|
31 | $template->assign( |
---|
32 | 'ipbangest', array( |
---|
33 | 'A' => 'a' |
---|
34 | )); |
---|
35 | $ipban = pwg_query("SELECT * FROM " . ANTIASPI_TABLE . ";"); |
---|
36 | |
---|
37 | $template->func_combine_css(array('id'=>'dst','path'=>ANTIASPI_PATH.'antiaspi.css')); |
---|
38 | |
---|
39 | $admin_base_url = ANTIASPI_ADMIN . '-ipban'; |
---|
40 | if (pwg_db_num_rows($ipban)) { |
---|
41 | while ($ipban2 = pwg_db_fetch_assoc($ipban)) { |
---|
42 | |
---|
43 | $items = array( |
---|
44 | 'ID' => $ipban2['id'], |
---|
45 | 'IP' => $ipban2['ip'], |
---|
46 | 'DATE' => $ipban2['date'], |
---|
47 | 'U_DELETE' => $admin_base_url . '&delete=' . $ipban2['id'], |
---|
48 | 'U_EDIT' => $admin_base_url . '&edit=' . $ipban2['id'], |
---|
49 | ); |
---|
50 | |
---|
51 | $template->append('ipban2', $items); |
---|
52 | } |
---|
53 | } |
---|
54 | |
---|
55 | if (isset($_GET['delete'])) { |
---|
56 | |
---|
57 | check_input_parameter('delete', $_GET, false, PATTERN_ID); |
---|
58 | $query = 'DELETE FROM ' . ANTIASPI_TABLE . ' WHERE id = ' . $_GET['delete'] . ';'; |
---|
59 | pwg_query($query); |
---|
60 | |
---|
61 | $_SESSION['page_infos'] = array(l10n('IP ban deleted')); |
---|
62 | redirect($admin_base_url); |
---|
63 | } |
---|
64 | |
---|
65 | if (isset($_GET['edit'])) { |
---|
66 | check_input_parameter('edit', $_GET, false, PATTERN_ID); |
---|
67 | $query = 'SELECT * FROM ' . ANTIASPI_TABLE . ' WHERE id = \'' . $_GET['edit'] . '\';'; |
---|
68 | $result = pwg_query($query); |
---|
69 | $row = pwg_db_fetch_assoc($result); |
---|
70 | $template->assign( |
---|
71 | 'ipban_edit', array( |
---|
72 | 'ID' => $row['id'], |
---|
73 | 'IP' => $row['ip'], |
---|
74 | 'DATE' => $row['date'], |
---|
75 | )); |
---|
76 | } |
---|
77 | |
---|
78 | if (isset($_POST['submitaddipban2'])) { |
---|
79 | $query = 'UPDATE ' . ANTIASPI_TABLE .' SET ip= "'.$_POST['inserip'].'" , date = "'.$_POST['inserdate'].'" WHERE id = '.$_POST['invisibleID'].';'; |
---|
80 | $result = pwg_query($query); |
---|
81 | $_SESSION['page_infos'] = array(l10n('Ip ban update')); |
---|
82 | redirect($admin_base_url); |
---|
83 | } |
---|
84 | |
---|
85 | //add ban |
---|
86 | if (isset($_POST['submitipban'])) { |
---|
87 | $template->assign( |
---|
88 | 'ipban_add', array( |
---|
89 | 'nada' => l10n('nada'), |
---|
90 | )); |
---|
91 | $template->clear_assign( |
---|
92 | 'ipban_edit', array( |
---|
93 | )); |
---|
94 | } |
---|
95 | |
---|
96 | if (isset($_POST['submitaddipban'])) { |
---|
97 | $query = 'INSERT INTO ' . ANTIASPI_TABLE .'(ip,date) VALUES ("' . $_POST['inserip'] . '","' . $_POST['inserdate'].'");'; |
---|
98 | $result = pwg_query($query); |
---|
99 | $_SESSION['page_infos'] = array(l10n('Ip ban insert')); |
---|
100 | redirect($admin_base_url); |
---|
101 | } |
---|
102 | |
---|
103 | |
---|
104 | break; |
---|
105 | case 'ipconfig': |
---|
106 | global $conf, $template; |
---|
107 | $admin_base_url = ANTIASPI_ADMIN . '-ipconfig'; |
---|
108 | $antiaspi = safe_unserialize($conf['antiaspi']); |
---|
109 | /* |
---|
110 | $conf['antiaspi'] = array( |
---|
111 | 'diff' => '20 pages in 00:00:10' , // IP banned if 20 different pages viewed in 10 seconds |
---|
112 | 'same' => '15 pages in 00:00:30' , // IP banned if same 15 pages viewed in 30 seconds |
---|
113 | 'banned during' => '23:59:59' , // IP banned during hh:mm:ss |
---|
114 | 'only guest' => true , // If true, don't ban registered users |
---|
115 | 'only picture' => false , // If true, apply antiaspi only on picture page |
---|
116 | 'allowed ip' => array() // Autorized IP (robots for example) |
---|
117 | ); |
---|
118 | */ |
---|
119 | $diff = explode(" pages in ", $antiaspi['diff']); |
---|
120 | $tempsdiff= explode(":", $diff[1]); |
---|
121 | $tempsdiffsec=$tempsdiff[2]+($tempsdiff[1]*60)+($tempsdiff[0]*60*60); |
---|
122 | |
---|
123 | $same = explode(" pages in ", $antiaspi['same']); |
---|
124 | $tempssame= explode(":", $same[1]); |
---|
125 | $tempssamesec=$tempssame[2]+($tempssame[1]*60)+($tempssame[0]*60*60); |
---|
126 | |
---|
127 | $onlyguest = array( |
---|
128 | l10n('yes'), |
---|
129 | l10n('no'), |
---|
130 | ); |
---|
131 | $onlyguestv = array( |
---|
132 | true, |
---|
133 | false, |
---|
134 | ); |
---|
135 | $onlypicture = array( |
---|
136 | l10n('yes'), |
---|
137 | l10n('no'), |
---|
138 | ); |
---|
139 | $onlypicturev = array( |
---|
140 | true, |
---|
141 | false, |
---|
142 | ); |
---|
143 | $template->assign( |
---|
144 | 'ipconfiggest', array( |
---|
145 | 'DIFFA' => $diff[0], |
---|
146 | 'DIFFB' => $tempsdiffsec, |
---|
147 | 'SAMEA' => $same[0], |
---|
148 | 'SAMEB' => $tempssamesec, |
---|
149 | 'ONLYGUEST' => $onlyguest, |
---|
150 | 'ONLYGUESTV' => $onlyguestv, |
---|
151 | 'ONLYGUESTSELECT' => $antiaspi['only guest'], |
---|
152 | 'ONLYPICTURE' => $onlypicture, |
---|
153 | 'ONLYPICTUREV' => $onlypicturev, |
---|
154 | 'ONLYPICTURESELECT' => $antiaspi['only picture'], |
---|
155 | )); |
---|
156 | $i = 0; |
---|
157 | while ($i < count($antiaspi['allowed ip'])) { |
---|
158 | |
---|
159 | $items = array( |
---|
160 | 'IP' => $antiaspi['allowed ip'][$i], |
---|
161 | 'U_DELETE' => $admin_base_url . '&delete='.$i , |
---|
162 | ); |
---|
163 | |
---|
164 | $template->append('allowip', $items); |
---|
165 | $i++; |
---|
166 | } |
---|
167 | |
---|
168 | |
---|
169 | /*$time = '7000'; |
---|
170 | echo date('h:i:s', $time); |
---|
171 | */ |
---|
172 | |
---|
173 | if (isset($_POST['submitconfban'])) { |
---|
174 | /*$time = date('h:i:s', $_POST['insdiffb']); revoir fonction date HS ?*/ |
---|
175 | $antiaspi['diff']=$_POST['insdiffa'].' pages in '.date('00:i:s', ($_POST['insdiffb'])); |
---|
176 | $antiaspi['same']=$_POST['inssamea'].' pages in '.date('00:i:s', ($_POST['inssameb'])); |
---|
177 | $antiaspi['only guest']=$_POST['insonlyguest']; |
---|
178 | $antiaspi['only picture']=$_POST['insonlypicturet']; |
---|
179 | |
---|
180 | conf_update_param('antiaspi', $antiaspi); |
---|
181 | redirect($admin_base_url); |
---|
182 | } |
---|
183 | |
---|
184 | if (isset($_POST['submitaddipallowed'])) { |
---|
185 | $i = 0; |
---|
186 | while ($i < count($antiaspi['allowed ip'])) { |
---|
187 | if($_POST['insipallowed']==$antiaspi['allowed ip'][$i]) |
---|
188 | { |
---|
189 | $_SESSION['page_errors'] = array(l10n('IP already allowed')); |
---|
190 | redirect($admin_base_url); |
---|
191 | } |
---|
192 | $i++; |
---|
193 | }; |
---|
194 | |
---|
195 | $antiaspi['allowed ip'][]=$_POST['insipallowed']; |
---|
196 | conf_update_param('antiaspi', $antiaspi); |
---|
197 | redirect($admin_base_url); |
---|
198 | } |
---|
199 | |
---|
200 | if (isset($_GET['delete'])) { |
---|
201 | check_input_parameter('delete', $_GET, false, PATTERN_ID); |
---|
202 | unset($antiaspi['allowed ip'][($_GET['delete'])]); |
---|
203 | $antiaspi['allowed ip'] = array_values($antiaspi['allowed ip']); |
---|
204 | conf_update_param('antiaspi', $antiaspi); |
---|
205 | redirect($admin_base_url); |
---|
206 | } |
---|
207 | |
---|
208 | |
---|
209 | break; |
---|
210 | } |
---|
211 | |
---|
212 | |
---|
213 | $template->set_filenames(array('plugin_admin_content' => dirname(__FILE__) . '/admin.tpl')); |
---|
214 | $template->assign_var_from_handle('ADMIN_CONTENT', 'plugin_admin_content'); |
---|
215 | ?> |
---|