1 | <?php |
---|
2 | |
---|
3 | /* Whois online Configuration, Radar and cleaning */ |
---|
4 | |
---|
5 | /* |
---|
6 | TODO list: |
---|
7 | - User comments
(Delete all comments or partial delete) |
---|
8 | - Bots identification (for exclusion maybe a sharing feature with antiaspi to lock user/IP) |
---|
9 | - hits level (to suggest a new bot) |
---|
10 | - IPV6 Support |
---|
11 | - Map |
---|
12 | */ |
---|
13 | |
---|
14 | if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!'); |
---|
15 | if (!defined('IN_ADMIN') or !IN_ADMIN) die('Hacking attempt!'); |
---|
16 | global $conf, $conf_whois, $lang; |
---|
17 | $conf['show_gt'] = true; |
---|
18 | load_language('plugin.lang', WHOIS_ONLINE_PATH); |
---|
19 | |
---|
20 | pwg_debug('*********** Whois configuration ***********'); |
---|
21 | |
---|
22 | if (!isset($conf_whois['Active'])) $conf_whois = whois_online_conf(); |
---|
23 | $errors = array(); |
---|
24 | $infos = array(); |
---|
25 | |
---|
26 | // Get Current data |
---|
27 | $conf['Whois Online Update'] = false; |
---|
28 | whois_online_management(); |
---|
29 | |
---|
30 | $template->set_filenames(array( |
---|
31 | 'plugin_admin_content' => dirname(__FILE__) . '/config.tpl', |
---|
32 | 'double_select' => 'double_select.tpl' |
---|
33 | )); |
---|
34 | |
---|
35 | // Tabsheets |
---|
36 | include_once(PHPWG_ROOT_PATH.'admin/include/tabsheet.class.php'); |
---|
37 | $_url = get_admin_plugin_menu_link(__FILE__); |
---|
38 | if (!isset($_GET['tab'])) $page['tab'] = 'config'; |
---|
39 | else $page['tab'] = $_GET['tab']; |
---|
40 | |
---|
41 | $tabsheet = new tabsheet(); |
---|
42 | $tabsheet->add('config', l10n('config'), $_url.'&tab=config'); |
---|
43 | $tabsheet->add('monitor', l10n('Monitor'), $_url.'&tab=monitor'); |
---|
44 | $tabsheet->add('report', l10n('Report'), $_url.'&tab=report'); |
---|
45 | $tabsheet->select($page['tab']); |
---|
46 | $tabsheet->assign(); |
---|
47 | $template->assign('page', $page['tab']); |
---|
48 | |
---|
49 | $sub = ( isset($_POST['submit']) ) ? true : false; |
---|
50 | |
---|
51 | // Check input on config |
---|
52 | if ($sub and isset($_POST['from']) and $_POST['from']=='config') { |
---|
53 | if (!is_numeric($_POST['Level']) or $_POST['Level'] < 10 or $_POST['Level'] > 200) |
---|
54 | array_push($errors, l10n('Error range: '). l10n('Delete level [10-200] (ratio between obsolete and active)')); |
---|
55 | if (!is_numeric($_POST['Limit']) or $_POST['Limit'] < 10 or $_POST['Limit'] > 200) |
---|
56 | array_push($errors, l10n('Error range: '). l10n('Obsolete limit [20-100] (obsolete data count)')); |
---|
57 | if (!is_numeric($_POST['Radar_limit']) or $_POST['Radar_limit'] < 10 or $_POST['Radar_limit'] > 200) |
---|
58 | array_push($errors, l10n('Error range: '). l10n('Radar_limit [10-200] (Users with image cluetips on radar page)')); |
---|
59 | if (!is_numeric($_POST['Webmaster_management']) or $_POST['Webmaster_management'] > 2) |
---|
60 | array_push($errors, l10n('User follow up error')); |
---|
61 | if (!is_numeric($_POST['Administrator_management']) or $_POST['Administrator_management'] > 2) |
---|
62 | array_push($errors, l10n('User follow up error')); |
---|
63 | $conf_whois = array_merge($conf_whois, Array( |
---|
64 | 'Active' => ($_POST['Active']==1) ? true:false, |
---|
65 | 'Delete level' => $_POST['Level'], |
---|
66 | 'Obsolete limit' => $_POST['Limit'], |
---|
67 | 'Radar limit' => $_POST['Radar_limit'], |
---|
68 | 'Webmasters' => (int) $_POST['Webmaster_management'], |
---|
69 | 'Administrators' => (int) $_POST['Administrator_management'], |
---|
70 | 'Add to Plugins menu' => ($_POST['Plugins_menu']==1) ? true:false, |
---|
71 | 'Add icon to History' => ($_POST['History_icon']==1) ? true:false, |
---|
72 | 'Keep data' => ($_POST['Keep_data']==1) ? true:false, |
---|
73 | 'Default display' => ($_POST['Display']==1) ? true:false, |
---|
74 | 'Version' => WHOIS_ONLINE_VER, |
---|
75 | )); |
---|
76 | } |
---|
77 | |
---|
78 | // Submit and Advisor => Thanks |
---|
79 | if ( $sub and is_adviser() ) |
---|
80 | array_push($infos, l10n('You are Adviser and you are not authorized to change this configuration.')); |
---|
81 | |
---|
82 | // Submit and not Advisor => Update Config table |
---|
83 | if ( $sub and count($errors) == 0 and $_POST['from']=='config' and !is_adviser()) { |
---|
84 | if ( $conf['Whois Online'] != serialize($conf_whois) ) { |
---|
85 | $conf['Whois Online'] = serialize($conf_whois); |
---|
86 | pwg_query('REPLACE INTO ' . CONFIG_TABLE . " (param,value,comment) |
---|
87 | VALUES ('Whois Online','". $conf['Whois Online'] ."','Whois Online configuration');"); |
---|
88 | array_push($infos, l10n('Configuration has been saved.')); |
---|
89 | } |
---|
90 | } |
---|
91 | |
---|
92 | // Switch users on right side (=> Temporary) |
---|
93 | if ( isset($_POST['falsify']) and !is_adviser() |
---|
94 | and count($errors) == 0 and $_POST['from']=='monitor' |
---|
95 | and isset($_POST['cat_true']) and count($_POST['cat_true']) > 0) { |
---|
96 | pwg_query('UPDATE '.WHOIS_ONLINE_TABLE.' |
---|
97 | SET `permanent` = \'false\' |
---|
98 | WHERE `session_id` IN ("'.implode('","', $_POST['cat_true']).'");'); |
---|
99 | } |
---|
100 | // Switch users on left side (Permanent <=) |
---|
101 | if ( isset($_POST['trueify']) and !is_adviser() |
---|
102 | and count($errors) == 0 and $_POST['from']=='monitor' |
---|
103 | and isset($_POST['cat_false']) and count($_POST['cat_false']) > 0) { |
---|
104 | pwg_query('UPDATE '.WHOIS_ONLINE_TABLE.' |
---|
105 | SET `permanent` = \'true\' |
---|
106 | WHERE `session_id` IN ("'.implode('","', $_POST['cat_false']).'");'); |
---|
107 | } |
---|
108 | // Delete users from > 24 h temporary list |
---|
109 | if ( isset($_POST['prs_delete']) and !is_adviser() |
---|
110 | and count($errors) == 0 and $_POST['from']=='monitor' |
---|
111 | and isset($_POST['prs_remove']) and count($_POST['prs_remove']) > 0) { |
---|
112 | pwg_query('DELETE FROM '.WHOIS_ONLINE_TABLE.' |
---|
113 | WHERE `permanent` = \'false\' |
---|
114 | AND `session_id` IN ("'.implode('","', $_POST['prs_remove']).'");'); |
---|
115 | } |
---|
116 | // Compress it! |
---|
117 | if ( isset($_GET['check']) and !is_adviser() ) { |
---|
118 | pwg_query('DELETE FROM ' . WHOIS_ONLINE_TABLE . ' WHERE `last_access` < ' . (time() - (3*24*60*60)) . ' |
---|
119 | AND `permanent` = \'false\' AND `IP` <> \'global\';'); |
---|
120 | pwg_query('CHECK TABLE '.WHOIS_ONLINE_TABLE); |
---|
121 | pwg_query('OPTIMIZE TABLE '.WHOIS_ONLINE_TABLE); |
---|
122 | } |
---|
123 | // The whois_online table summary |
---|
124 | if (isset($_GET['tab']) and $_GET['tab']=='monitor') { |
---|
125 | $whois_status = mysql_fetch_assoc(pwg_query('SHOW TABLE STATUS LIKE "' . WHOIS_ONLINE_TABLE .'%" ;')); |
---|
126 | $whois_status['table'] = WHOIS_ONLINE_TABLE; |
---|
127 | $whois_status['size'] = ($whois_status['Data_length'] + $whois_status['Index_length']) . ' bytes'; |
---|
128 | if ($whois_status['size'] > 1024) $whois_status['size'] = round($whois_status['size'] / 1024, 1) . ' Kb'; |
---|
129 | if ($whois_status['size'] > 1024) $whois_status['size'] = round($whois_status['size'] / 1024, 1) . ' Mb'; |
---|
130 | $whois_status['spacef'] = $whois_status['Data_free'] . ' bytes'; |
---|
131 | if ($whois_status['spacef'] > 1024) $whois_status['spacef'] = round($whois_status['spacef'] / 1024, 1) . ' Kb'; |
---|
132 | if ($whois_status['spacef'] > 1024) $whois_status['spacef'] = round($whois_status['spacef'] / 1024, 1) . ' Mb'; |
---|
133 | $whois_status['Rows']--; |
---|
134 | $whois_status['url'] = get_admin_plugin_menu_link(WHOIS_ONLINE_PATH.'config.php'); |
---|
135 | $template->assign( array( 'WO_status' => $whois_status, )); |
---|
136 | } |
---|
137 | |
---|
138 | // The Radar page |
---|
139 | if (isset($_GET['tab']) and $_GET['tab']=='monitor') { |
---|
140 | $query_true = 'SELECT `session_id`, `username` |
---|
141 | FROM '.WHOIS_ONLINE_TABLE.' |
---|
142 | WHERE `permanent` = \'true\' |
---|
143 | AND `user_id`<> ' . $conf['guest_id'] . ' AND `IP` <> \'global\';'; |
---|
144 | $result = pwg_query($query_true); |
---|
145 | $tpl = array(); |
---|
146 | if (!empty($result)) |
---|
147 | { |
---|
148 | while ($row = mysql_fetch_assoc($result)) |
---|
149 | { |
---|
150 | $tpl[$row['session_id']] = $row['username']; |
---|
151 | } |
---|
152 | } |
---|
153 | $template->assign( 'category_option_true', $tpl); |
---|
154 | $template->assign( 'category_option_true_selected', array()); |
---|
155 | |
---|
156 | $query_false = 'SELECT `session_id`, `username`, `last_access` |
---|
157 | FROM '.WHOIS_ONLINE_TABLE.' |
---|
158 | WHERE `permanent` = \'false\' |
---|
159 | AND `user_id`<> ' . $conf['guest_id'] . ' AND `IP` <> \'global\';'; |
---|
160 | $result = pwg_query($query_false); |
---|
161 | $tpl = array(); |
---|
162 | $del = array(); |
---|
163 | $six_ago = time()-360; // 6 minutes ago |
---|
164 | if (!empty($result)) |
---|
165 | { |
---|
166 | while ($row = mysql_fetch_assoc($result)) |
---|
167 | { |
---|
168 | $tpl[$row['session_id']] = $row['username']; |
---|
169 | if ($row['last_access'] < $six_ago) $del[$row['session_id']] = $row['username']; |
---|
170 | } |
---|
171 | } |
---|
172 | $template->assign( 'category_option_false', $tpl); |
---|
173 | $template->assign( 'category_option_false_selected', array()); |
---|
174 | $template->assign( 'present_remove', $del); |
---|
175 | $template->assign( 'present_remove_selected', array()); |
---|
176 | } |
---|
177 | |
---|
178 | // Send data |
---|
179 | $template->assign(Array( |
---|
180 | 'Whois_version' => WHOIS_ONLINE_VER, |
---|
181 | 'Whois_path' => WHOIS_ONLINE_PATH, |
---|
182 | 'F_ACTION' => '', |
---|
183 | 'L_CAT_OPTIONS_TRUE' => l10n('Permanent users (3 months min)'), |
---|
184 | 'L_CAT_OPTIONS_FALSE' => l10n('Temporary users (around 72 hours)'), |
---|
185 | )); |
---|
186 | $template->assign_var_from_handle('DOUBLE_SELECT', 'double_select'); |
---|
187 | |
---|
188 | if (count($errors) != 0) $template->assign('errors', $errors); |
---|
189 | if (count($infos) != 0) $template->assign('infos', $infos); |
---|
190 | if (isset($_GET['tab']) and $_GET['tab']=='report') { |
---|
191 | // Once for all, prepare the stupid History search ... (even if History search will recreate it) |
---|
192 | if (!isset($conf_whois['Search id']) or $conf_whois['Search id'] == 0) { |
---|
193 | pwg_query('INSERT INTO '.SEARCH_TABLE.' (rules) |
---|
194 | VALUES (\''. |
---|
195 | 'a:1:{s:6:"fields";a:5:{s:10:"date-after";s:10:"2009-09-09";s:11:"date-before";s:10:"2009-09-09";s:5:"types";a:4:{i:0;s:4:"none";i:1;s:7:"picture";i:2;s:4:"high";i:3;s:5:"other";}s:4:"user";s:2:"-1";s:17:"display_thumbnail";s:26:"display_thumbnail_hoverbox";}}' |
---|
196 | .'\');'); |
---|
197 | $conf_whois['Search id'] = mysql_insert_id(); |
---|
198 | $conf['Whois Online'] = serialize($conf_whois); |
---|
199 | pwg_query('REPLACE INTO ' . CONFIG_TABLE . " (param,value,comment) |
---|
200 | VALUES ('Whois Online','". $conf['Whois Online'] ."','Whois Online configuration');"); |
---|
201 | } |
---|
202 | // Get and Set to current date the stupid History search. |
---|
203 | list($serialized_rules) = mysql_fetch_row(pwg_query('SELECT rules FROM '.SEARCH_TABLE.' |
---|
204 | WHERE id = '.$conf_whois['Search id'].';')); |
---|
205 | $page['search'] = unserialize($serialized_rules); |
---|
206 | $today = date('Y-m-d'); |
---|
207 | $page['search']['fields']['date-after'] = $today; |
---|
208 | $page['search']['fields']['date-before'] = $today; |
---|
209 | pwg_query('REPLACE INTO '.SEARCH_TABLE.' (id, rules) |
---|
210 | VALUES (' . $conf_whois['Search id'] . ', \''. serialize($page['search']) .'\');'); |
---|
211 | // Most members ever online was |
---|
212 | if (!isset($conf_whois['Users']['count']) or $conf_whois['Users']['count'] == 0) { |
---|
213 | $count = mysql_fetch_assoc(pwg_query('SELECT MAX(`'. $conf['user_fields']['id'] .'`) AS `ctr` FROM ' . USERS_TABLE)); |
---|
214 | $conf_whois['Users']['count'] = $count['ctr']; |
---|
215 | } |
---|
216 | //$conf_whois['Users']['Date'] = date('Y-m-d H:i',$conf_whois['Users']['When']); |
---|
217 | $template->assign(array( |
---|
218 | 'Members' => $conf_whois['Users'], |
---|
219 | 'Whois_url' => WHOIS_ONLINE_PATH, |
---|
220 | )); |
---|
221 | // Include reload.php for first request (Filtering is an intrusive jQuery) |
---|
222 | include_once(WHOIS_ONLINE_PATH.'reload.php'); |
---|
223 | } |
---|
224 | |
---|
225 | pwg_debug('*********** Whois configuration ended ***********'); |
---|
226 | |
---|
227 | $template->assign('Option', array( |
---|
228 | 'Active' => ($conf_whois['Active']) ? 1 : 0, |
---|
229 | 'Level' => $conf_whois['Delete level'], |
---|
230 | 'Limit' => $conf_whois['Obsolete limit'], |
---|
231 | 'Radar_limit' => $conf_whois['Radar limit'], |
---|
232 | 'Webmasters' => $conf_whois['Webmasters'], |
---|
233 | 'Administrators' => $conf_whois['Administrators'], |
---|
234 | 'Plugins_menu' => ($conf_whois['Add to Plugins menu']) ? 1 : 0, |
---|
235 | 'History_icon' => ($conf_whois['Add icon to History']) ? 1 : 0, |
---|
236 | 'Keep_data' => ($conf_whois['Keep data']) ? 1 : 0, |
---|
237 | 'Display' => ($conf_whois['Default display']) ? 1 : 0, |
---|
238 | ) ); |
---|
239 | $template->assign_var_from_handle('ADMIN_CONTENT', 'plugin_admin_content'); |
---|
240 | |
---|
241 | ?> |
---|