function ban_ip($ip, $ip2) { global $static_ips; $filename = mnmpath . '/logs/bannedips.log'; if (is_writable($filename)) { if (!($handle = fopen($filename, 'a'))) { return "Cannot open file ({$filename})"; } if (!is_ip_approved($ip)) { if (!is_ip_banned($ip) && fwrite($handle, "{$ip}\n") === FALSE) { return "Cannot write to file ({$filename})"; } else { $static_ips[] = "{$ip}\n"; } } if ($ip2 && !is_ip_approved($ip2)) { if (!is_ip_banned($ip2) && fwrite($handle, "{$ip2}\n") === FALSE) { return "Cannot write to file ({$filename})"; } else { $static_ips[] = "{$ip2}\n"; } } fclose($handle); } else { return "The file {$filename} is not writable"; } return ''; }
function is_access_denied() { $dbr = Database::$content->query("SELECT name, list FROM " . Database::$db_settings['banlists_table'] . " WHERE name='ips' OR name='user_agents'"); while ($data = $dbr->fetch()) { if ($data['name'] == 'ips') { $ips = $data['list']; } if ($data['name'] == 'user_agents') { $user_agents = $data['list']; } } if (isset($ips) && trim($ips) != '') { $banned_ips = explode("\n", $ips); if (is_ip_banned($_SERVER['REMOTE_ADDR'], $banned_ips)) { return true; } } if (isset($user_agents) && trim($user_agents) != '') { $banned_user_agents = explode("\n", $user_agents); if (is_user_agent_banned($_SERVER['HTTP_USER_AGENT'], $banned_user_agents)) { return true; } } return false; }
if (!defined('IN_INDEX')) { exit; } if (isset($_SESSION[$settings['session_prefix'] . 'user_id']) && $_SESSION[$settings['session_prefix'] . 'user_type'] == 1) { if (isset($_POST['spam_protection_submit'])) { // banists: if (isset($_POST['banned_ips']) && trim($_POST['banned_ips']) != '') { $banned_ips_array = preg_split('/\\015\\012|\\015|\\012/', $_POST['banned_ips']); foreach ($banned_ips_array as $banned_ip) { if (trim($banned_ip) != '') { $banned_ips_array_checked[] = trim($banned_ip); } } natcasesort($banned_ips_array_checked); $banned_ips = implode("\n", $banned_ips_array_checked); if (is_ip_banned($_SERVER['REMOTE_ADDR'], $banned_ips_array_checked)) { $errors[] = 'error_own_ip_banned'; } } else { $banned_ips = ''; } if (isset($_POST['banned_user_agents']) && trim($_POST['banned_user_agents']) != '') { $banned_user_agents_array = preg_split('/\\015\\012|\\015|\\012/', $_POST['banned_user_agents']); foreach ($banned_user_agents_array as $banned_user_agent) { if (trim($banned_user_agent) != '') { $banned_user_agents_array_checked[] = trim($banned_user_agent); } } natcasesort($banned_user_agents_array_checked); $banned_user_agents = implode("\n", $banned_user_agents_array_checked); if (is_user_agent_banned($_SERVER['HTTP_USER_AGENT'], $banned_user_agents_array_checked)) {
function register_check_errors($username, $email, $password, $password2) { global $main_smarty; require_once mnminclude . 'check_behind_proxy.php'; $userip = check_ip_behind_proxy(); if (is_ip_banned($userip)) { $form_username_error[] = $main_smarty->get_config_vars('PLIGG_Visual_Register_Error_YourIpIsBanned'); $error = true; } if (!isset($username) || strlen($username) < 3) { // if no username was given or username is less than 3 characters $form_username_error[] = $main_smarty->get_config_vars('PLIGG_Visual_Register_Error_UserTooShort'); $error = true; } if (preg_match('/\\pL/u', 'a')) { // Check if PCRE was compiled with UTF-8 support if (!preg_match('/^[_\\-\\d\\p{L}\\p{M}]+$/iu', $username)) { // if username contains invalid characters $form_username_error[] = $main_smarty->get_config_vars('PLIGG_Visual_Register_Error_UserInvalid'); $error = true; } } else { if (!preg_match('/^[^~`@%&=\\/;:\\.,<>!"\\\'\\^\\.\\[\\]\\$\\(\\)\\|\\*\\+\\-\\?\\{\\}\\\\]+$/', $username)) { $form_username_error[] = $main_smarty->get_config_vars('PLIGG_Visual_Register_Error_UserInvalid'); $error = true; } } if (user_exists(trim($username))) { // if username already exists $form_username_error[] = $main_smarty->get_config_vars('PLIGG_Visual_Register_Error_UserExists'); $error = true; } if (!check_email(trim($email))) { // if email is not valid $form_email_error[] = $main_smarty->get_config_vars('PLIGG_Visual_Register_Error_BadEmail'); $error = true; } if (email_exists(trim($email))) { // if email already exists $form_email_error[] = $main_smarty->get_config_vars('PLIGG_Visual_Register_Error_EmailExists'); $error = true; } if (strlen($password) < 5) { // if password is less than 5 characters $form_password_error[] = $main_smarty->get_config_vars('PLIGG_Visual_Register_Error_FiveCharPass'); $error = true; } if ($password !== $password2) { // if both passwords do not match $form_password_error[] = $main_smarty->get_config_vars('PLIGG_Visual_Register_Error_NoPassMatch'); $error = true; } $vars = array('username' => $username, 'email' => $email, 'password' => $password); check_actions('register_check_errors', $vars); if ($vars['error'] == true) { $error = true; if ($vars['username_error']) { $form_username_error[] = $vars['username_error']; } if ($vars['email_error']) { $form_email_error[] = $vars['email_error']; } if ($vars['password_error']) { $form_password_error[] = $vars['password_error']; } } $main_smarty->assign('form_username_error', $form_username_error); $main_smarty->assign('form_email_error', $form_email_error); $main_smarty->assign('form_password_error', $form_password_error); return $error; }
trigger_error($com11, E_USER_WARNING); } $file = file(FNEWS_ROOT_PATH . 'news/news.' . $news_id . '.php'); array_shift($file); array_shift($file); foreach ($file as $value) { $comment = get_line_data('comments', $value); if ($comment_id == $comment['comment_id']) { $email = $comment['email'] == '' ? $ind141 : $comment['email']; $message = str_replace('&br;', "\n", $comment['message']); $no = '<span style="color:red; font-weight: bold">' . $ind144 . '</span>'; $yes = '<span style="color:green; font-weight: bold">' . $ind143 . '</span>'; $htmlcheck = !$htc ? $no : $yes; $bbcheck = !$bbc ? $no : $yes; $smilcheck = !$smilcom ? $no : $yes; $ban_text = is_ip_banned($comment['ip']) ? $ind396 : ''; $title = $ind134; echo <<<html <form action="?id=updatecomment&comment_id={$comment['comment_id']}&news_id={$news_id}" method="post" id="newsposting" onsubmit="submitonce(this);"> <table class="adminpanel"> \t<tr> \t\t<td>{$ind279}</td> \t\t<td>{$comment['author']}</td> \t\t<td rowspan="3"> \t\t\t{$ind121}<br /> \t\t\t- HTML {$ind122} {$htmlcheck}<br /> \t\t\t- BBCode {$ind122} {$bbcheck}<br /> \t\t\t- Smilies {$ind122} {$smilcheck} \t\t</td> \t</tr> \t<tr>
} } if (!headers_sent()) { header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT'); header('Cache-Control: no-cache, must-revalidate'); header('Pragma: no-cache'); } ob_start(); echo get_template('com_header.php', true); if (!$id) { echo $com10; echo get_template('com_footer.php', true); ob_end_flush(); return; } if (is_ip_banned(get_ip())) { echo $com3; echo get_template('com_header.php', true); ob_end_flush(); return; } if (!file_exists(FNEWS_ROOT_PATH . 'news/news.' . $id . '.php')) { echo $com11; echo get_template('com_footer.php', true); ob_end_flush(); return; } if (!$action) { $session_id = create_security_id(); $file = file(FNEWS_ROOT_PATH . 'news/news.' . $id . '.php'); array_shift($file);