From 1474632aa06a3b7b9b5c30faf3f946d92262b46c Mon Sep 17 00:00:00 2001 From: Dries Buytaert Date: Tue, 7 Jun 2005 18:54:37 +0000 Subject: - Patch #24135 by Moshe: made it possible to ban visitors based on hostname/IP. Banning visitors can either be done from the 'access control' pages, or directly from the statistics pages. This feature is very convenient to block badly behaving crawlers. --- includes/bootstrap.inc | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) (limited to 'includes') diff --git a/includes/bootstrap.inc b/includes/bootstrap.inc index 482c6fa6e..e2e322269 100644 --- a/includes/bootstrap.inc +++ b/includes/bootstrap.inc @@ -779,6 +779,18 @@ function drupal_get_messages() { return $messages; } +/** + * Perform an access check for a given mask and rule type. Rules are usually created via admin/access/rules page. + * + */ +function drupal_deny($type, $mask) { + $allow = db_fetch_object(db_query("SELECT * FROM {access} WHERE status = 1 AND type = '%s' AND LOWER('%s') LIKE LOWER(mask)", $type, $mask)); + $deny = db_fetch_object(db_query("SELECT * FROM {access} WHERE status = 0 AND type = '%s' AND LOWER('%s') LIKE LOWER(mask)", $type, $mask)); + + return $deny && !$allow; +} + + // Start a page timer: timer_start('page'); @@ -787,6 +799,14 @@ $config = conf_init(); include_once "$config/settings.php"; include_once 'includes/database.inc'; + +// deny access to hosts which were banned. t() is not yet available. +if (drupal_deny('host', $_SERVER['REMOTE_ADDR'])) { + header('HTTP/1.0 403 Forbidden'); + print "Sorry, ". $_SERVER['REMOTE_ADDR']. " has been banned."; + exit(); +} + include_once 'includes/session.inc'; include_once 'includes/module.inc'; -- cgit v1.2.3