1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
|
<?php
$module = array("help" => "ban_help",
"admin" => "ban_admin");
include_once "includes/ban.inc";
function ban_help() {
?>
<P>The ban module keeps a list of bans in four categories:</P>
<UL>
<LI>Email bans: this type of ban specifies which email addresses will be rejected when registering new users. Can be used to prevent users from using a free email account (e.g. userid@hotmail.com).</LI>
<LI>Profanity bans: <I>under construction</I></LI>
<LI>Hostname bans: this type of ban allows you to block certain hostnames from access to your site or from registering as a new user.</LI>
<LI>Username bans: this ban will block certain usernames from registration. Typical examples include <I>admin</I>, <I>anonymous</I>, <I>root</I>, <I>webmaster</I>, etc.</LI>
</UL>
<P>The ban module allows you to use a flexible wild-card ban system. This means you can block all email addresses from a certain domain name, block every username starting with "guest", etc. To do this, use the following wild-card characters:</P>
<UL>
<LI> % : matches any number of characters, including zero characters.</LI>
<LI> _ : matches exactly one character.</LI>
</UL>
<P><U>Examples:</U></P>
<UL>
<LI>Email address bans <CODE>%@hotmail.com</CODE>, <CODE>%@altavista.%</CODE>, <CODE>%@usa.net</CODE>, etc. Used to prevent users from using free email accounts, which might be used to cause trouble.</LI>
<LI>Username bans <CODE>root</CODE>, <CODE>webmaster</CODE>, <CODE>admin%</CODE>, etc. Used to prevent administrator impersonators.</LI>
</UL>
<?php
}
function ban_admin_new($mask, $category, $reason) {
ban_add($mask, $category, $reason, &$message);
$output .= "$message\n";
print $output;
}
function ban_display($category = "") {
global $type2index;
$category = $category ? $category : 1;
$result = db_query("SELECT * FROM bans WHERE type = $category ORDER BY mask");
$output .= "<TABLE BORDER=\"1\" CELLPADDING=\"2\" CELLSPACING=\"2\">\n";
$output .= " <TR>\n";
$output .= " <TH COLSPAN=\"3\">\n";
$output .= " <FORM ACTION=\"admin.php?mod=ban\" METHOD=\"post\">\n";
$output .= " <SELECT NAME=\"category\">\n";
for (reset($type2index); $cur = current($type2index); next($type2index)) {
$output .= " <OPTION VALUE=\"$cur\"". ($cur == $category ? " SELECTED" : "") .">Bans by ". key($type2index) ."</OPTION>\n";
}
$output .= " </SELECT>\n";
$output .= " <INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"Update\">\n";
$output .= " </FORM>\n";
$output .= " </TH>\n";
$output .= " </TR>\n";
$output .= " <TR><TH>mask</TH><TH>reason</TH><TH>operations</TH></TR>\n";
while ($ban = db_fetch_object($result)) {
$output .= " <TR><TD>$ban->mask</TD><TD>$ban->reason</TD><TD ALIGN=\"center\"><A HREF=\"admin.php?mod=ban&op=delete&category=$category&id=$ban->id\">delete</A></TD></TR>\n";
}
$output .= " <TR><TD COLSPAN=\"3\"><SMALL>%: matches any number of characters, even zero characters.<BR>_: matches exactly one character.</SMALL></TD></TR>\n";
$output .= "</TABLE>\n";
print $output;
}
function ban_admin_add() {
global $type2index;
$output .= "<H3>Add new ban:</H3>\n";
$output .= "<FORM ACTION=\"admin.php?mod=ban\" METHOD=\"post\">\n";
$output .= "<B>Banmask:</B><BR>\n";
$output .= "<INPUT TYPE=\"text\" NAME=\"mask\" SIZE=\"35\"><P>\n";
$output .= "<B>Type:</B><BR>\n";
for (reset($type2index); $cur = current($type2index); next($type2index)) $options .= "<OPTION VALUE=\"$cur\"". ($cur == $category ? " SELECTED" : "") .">". key($type2index) ."</OPTION>\n";
$output .= "<SELECT NAME=\"category\"\">$options</SELECT><P>\n";
$output .= "<B>Reason:</B><BR>\n";
$output .= "<TEXTAREA NAME=\"reason\" COLS=\"50\" ROWS=\"5\"></TEXTAREA><P>\n";
$output .= "<INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"Add ban\"><BR>\n";
$output .= "</FORM>\n";
print $output;
}
function ban_check($mask, $category) {
$ban = ban_match($mask, $category);
$output .= "". ($ban ? "Matched ban '<B>$ban->mask</B>' with reason: <I>$ban->reason</I>.<P>\n" : "No matching bans for '$mask'.<P>\n") ."";
print $output;
}
function ban_admin_check() {
global $type2index;
$output .= "<H3>Ban check:</H3>\n";
$output .= "<FORM ACTION=\"admin.php?mod=ban\" METHOD=\"post\">\n";
$output .= "<B>Banmask:</B><BR>\n";
$output .= "<INPUT TYPE=\"text\" NAME=\"mask\" SIZE=\"35\"><P>\n";
$output .= "<B>Type:</B><BR>\n";
for (reset($type2index); $cur = current($type2index); next($type2index)) $options .= "<OPTION VALUE=\"$cur\"". ($cur == $category ? " SELECTED" : "") .">". key($type2index) ."</OPTION>\n";
$output .= "<SELECT NAME=\"category\"\">$options</SELECT><P>\n";
$output .= "<INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"Check ban\"><BR>\n";
$output .= "</FORM>\n";
print $output;
}
function ban_admin() {
global $op, $id, $mask, $category, $reason;
print "<SMALL><A HREF=\"admin.php?mod=ban&op=add\">add ban</A> | <A HREF=\"admin.php?mod=ban&op=check\">check ban</A> | <A HREF=\"admin.php?mod=ban\">overview</A> | <A HREF=\"admin.php?mod=ban&op=help\">help</A></SMALL><HR>\n";
switch ($op) {
case "Add ban":
ban_admin_new(check_input($mask), check_input($category), check_input($reason));
ban_display(check_input($category));
break;
case "Check ban":
ban_check(check_input($mask), check_input($category));
break;
case "add":
ban_admin_add();
break;
case "help":
ban_help();
break;
case "check":
ban_admin_check();
break;
case "delete":
ban_delete(check_input($id));
default:
ban_display(check_input($category));
}
}
?>
|
