function ban_ip($ip, $ip2)
{
global $static_ips;
$filename = mnmpath . '/logs/bannedips.log';
if (is_writable($filename)) {
if (!($handle = fopen($filename, 'a'))) {
return "Cannot open file ({$filename})";
}
if (!is_ip_approved($ip)) {
if (!is_ip_banned($ip) && fwrite($handle, "{$ip}\n") === FALSE) {
return "Cannot write to file ({$filename})";
} else {
$static_ips[] = "{$ip}\n";
}
}
if ($ip2 && !is_ip_approved($ip2)) {
if (!is_ip_banned($ip2) && fwrite($handle, "{$ip2}\n") === FALSE) {
return "Cannot write to file ({$filename})";
} else {
$static_ips[] = "{$ip2}\n";
}
}
fclose($handle);
} else {
return "The file {$filename} is not writable";
}
return '';
}
function is_access_denied()
{
$dbr = Database::$content->query("SELECT name, list FROM " . Database::$db_settings['banlists_table'] . " WHERE name='ips' OR name='user_agents'");
while ($data = $dbr->fetch()) {
if ($data['name'] == 'ips') {
$ips = $data['list'];
}
if ($data['name'] == 'user_agents') {
$user_agents = $data['list'];
}
}
if (isset($ips) && trim($ips) != '') {
$banned_ips = explode("\n", $ips);
if (is_ip_banned($_SERVER['REMOTE_ADDR'], $banned_ips)) {
return true;
}
}
if (isset($user_agents) && trim($user_agents) != '') {
$banned_user_agents = explode("\n", $user_agents);
if (is_user_agent_banned($_SERVER['HTTP_USER_AGENT'], $banned_user_agents)) {
return true;
}
}
return false;
}
if (!defined('IN_INDEX')) {
exit;
}
if (isset($_SESSION[$settings['session_prefix'] . 'user_id']) && $_SESSION[$settings['session_prefix'] . 'user_type'] == 1) {
if (isset($_POST['spam_protection_submit'])) {
// banists:
if (isset($_POST['banned_ips']) && trim($_POST['banned_ips']) != '') {
$banned_ips_array = preg_split('/\\015\\012|\\015|\\012/', $_POST['banned_ips']);
foreach ($banned_ips_array as $banned_ip) {
if (trim($banned_ip) != '') {
$banned_ips_array_checked[] = trim($banned_ip);
}
}
natcasesort($banned_ips_array_checked);
$banned_ips = implode("\n", $banned_ips_array_checked);
if (is_ip_banned($_SERVER['REMOTE_ADDR'], $banned_ips_array_checked)) {
$errors[] = 'error_own_ip_banned';
}
} else {
$banned_ips = '';
}
if (isset($_POST['banned_user_agents']) && trim($_POST['banned_user_agents']) != '') {
$banned_user_agents_array = preg_split('/\\015\\012|\\015|\\012/', $_POST['banned_user_agents']);
foreach ($banned_user_agents_array as $banned_user_agent) {
if (trim($banned_user_agent) != '') {
$banned_user_agents_array_checked[] = trim($banned_user_agent);
}
}
natcasesort($banned_user_agents_array_checked);
$banned_user_agents = implode("\n", $banned_user_agents_array_checked);
if (is_user_agent_banned($_SERVER['HTTP_USER_AGENT'], $banned_user_agents_array_checked)) {
function register_check_errors($username, $email, $password, $password2)
{
global $main_smarty;
require_once mnminclude . 'check_behind_proxy.php';
$userip = check_ip_behind_proxy();
if (is_ip_banned($userip)) {
$form_username_error[] = $main_smarty->get_config_vars('PLIGG_Visual_Register_Error_YourIpIsBanned');
$error = true;
}
if (!isset($username) || strlen($username) < 3) {
// if no username was given or username is less than 3 characters
$form_username_error[] = $main_smarty->get_config_vars('PLIGG_Visual_Register_Error_UserTooShort');
$error = true;
}
if (preg_match('/\\pL/u', 'a')) {
// Check if PCRE was compiled with UTF-8 support
if (!preg_match('/^[_\\-\\d\\p{L}\\p{M}]+$/iu', $username)) {
// if username contains invalid characters
$form_username_error[] = $main_smarty->get_config_vars('PLIGG_Visual_Register_Error_UserInvalid');
$error = true;
}
} else {
if (!preg_match('/^[^~`@%&=\\/;:\\.,<>!"\\\'\\^\\.\\[\\]\\$\\(\\)\\|\\*\\+\\-\\?\\{\\}\\\\]+$/', $username)) {
$form_username_error[] = $main_smarty->get_config_vars('PLIGG_Visual_Register_Error_UserInvalid');
$error = true;
}
}
if (user_exists(trim($username))) {
// if username already exists
$form_username_error[] = $main_smarty->get_config_vars('PLIGG_Visual_Register_Error_UserExists');
$error = true;
}
if (!check_email(trim($email))) {
// if email is not valid
$form_email_error[] = $main_smarty->get_config_vars('PLIGG_Visual_Register_Error_BadEmail');
$error = true;
}
if (email_exists(trim($email))) {
// if email already exists
$form_email_error[] = $main_smarty->get_config_vars('PLIGG_Visual_Register_Error_EmailExists');
$error = true;
}
if (strlen($password) < 5) {
// if password is less than 5 characters
$form_password_error[] = $main_smarty->get_config_vars('PLIGG_Visual_Register_Error_FiveCharPass');
$error = true;
}
if ($password !== $password2) {
// if both passwords do not match
$form_password_error[] = $main_smarty->get_config_vars('PLIGG_Visual_Register_Error_NoPassMatch');
$error = true;
}
$vars = array('username' => $username, 'email' => $email, 'password' => $password);
check_actions('register_check_errors', $vars);
if ($vars['error'] == true) {
$error = true;
if ($vars['username_error']) {
$form_username_error[] = $vars['username_error'];
}
if ($vars['email_error']) {
$form_email_error[] = $vars['email_error'];
}
if ($vars['password_error']) {
$form_password_error[] = $vars['password_error'];
}
}
$main_smarty->assign('form_username_error', $form_username_error);
$main_smarty->assign('form_email_error', $form_email_error);
$main_smarty->assign('form_password_error', $form_password_error);
return $error;
}
trigger_error($com11, E_USER_WARNING);
}
$file = file(FNEWS_ROOT_PATH . 'news/news.' . $news_id . '.php');
array_shift($file);
array_shift($file);
foreach ($file as $value) {
$comment = get_line_data('comments', $value);
if ($comment_id == $comment['comment_id']) {
$email = $comment['email'] == '' ? $ind141 : $comment['email'];
$message = str_replace('&br;', "\n", $comment['message']);
$no = '<span style="color:red; font-weight: bold">' . $ind144 . '</span>';
$yes = '<span style="color:green; font-weight: bold">' . $ind143 . '</span>';
$htmlcheck = !$htc ? $no : $yes;
$bbcheck = !$bbc ? $no : $yes;
$smilcheck = !$smilcom ? $no : $yes;
$ban_text = is_ip_banned($comment['ip']) ? $ind396 : '';
$title = $ind134;
echo <<<html
<form action="?id=updatecomment&comment_id={$comment['comment_id']}&news_id={$news_id}" method="post" id="newsposting" onsubmit="submitonce(this);">
<table class="adminpanel">
\t<tr>
\t\t<td>{$ind279}</td>
\t\t<td>{$comment['author']}</td>
\t\t<td rowspan="3">
\t\t\t{$ind121}<br />
\t\t\t- HTML {$ind122} {$htmlcheck}<br />
\t\t\t- BBCode {$ind122} {$bbcheck}<br />
\t\t\t- Smilies {$ind122} {$smilcheck}
\t\t</td>
\t</tr>
\t<tr>
}
}
if (!headers_sent()) {
header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
header('Cache-Control: no-cache, must-revalidate');
header('Pragma: no-cache');
}
ob_start();
echo get_template('com_header.php', true);
if (!$id) {
echo $com10;
echo get_template('com_footer.php', true);
ob_end_flush();
return;
}
if (is_ip_banned(get_ip())) {
echo $com3;
echo get_template('com_header.php', true);
ob_end_flush();
return;
}
if (!file_exists(FNEWS_ROOT_PATH . 'news/news.' . $id . '.php')) {
echo $com11;
echo get_template('com_footer.php', true);
ob_end_flush();
return;
}
if (!$action) {
$session_id = create_security_id();
$file = file(FNEWS_ROOT_PATH . 'news/news.' . $id . '.php');
array_shift($file);
