// We are already done, let's continue our heavy-lifting work in the background (if we run off FastCGI) if (function_exists('fastcgi_finish_request')) { @fastcgi_finish_request(); } buildIndex(); if ($post['op']) { rebuildThemes('post-thread', $board['uri']); } else { rebuildThemes('post', $board['uri']); } } elseif (isset($_POST['appeal'])) { if (!isset($_POST['ban_id'])) { error($config['error']['bot']); } $ban_id = (int) $_POST['ban_id']; $bans = Bans::find($_SERVER['REMOTE_ADDR']); foreach ($bans as $_ban) { if ($_ban['id'] == $ban_id) { $ban = $_ban; break; } } if (!isset($ban)) { error(_("That ban doesn't exist or is not for you.")); } if ($ban['expires'] && $ban['expires'] - $ban['created'] <= $config['ban_appeals_min_length']) { error(_("You cannot appeal a ban of this length.")); } $query = query("SELECT `denied` FROM ``ban_appeals`` WHERE `ban_id` = {$ban_id}") or error(db_error()); $ban_appeals = $query->fetchAll(PDO::FETCH_COLUMN); if (count($ban_appeals) >= $config['ban_appeals_max']) {
function checkBan($board = false) { global $config; if (!isset($_SERVER['REMOTE_ADDR'])) { // Server misconfiguration return; } if (event('check-ban', $board)) { return true; } $bans = Bans::find($_SERVER['REMOTE_ADDR'], $board, $config['show_modname']); foreach ($bans as &$ban) { if ($ban['expires'] && $ban['expires'] < time()) { Bans::delete($ban['id']); if ($config['require_ban_view'] && !$ban['seen']) { if (!isset($_POST['json_response'])) { displayBan($ban); } else { header('Content-Type: text/json'); die(json_encode(array('error' => true, 'banned' => true))); } } } else { if (!isset($_POST['json_response'])) { displayBan($ban); } else { header('Content-Type: text/json'); die(json_encode(array('error' => true, 'banned' => true))); } } } // I'm not sure where else to put this. It doesn't really matter where; it just needs to be called every // now and then to keep the ban list tidy. if ($config['cache']['enabled'] && ($last_time_purged = cache::get('purged_bans_last'))) { if (time() - $last_time_purged < $config['purge_bans']) { return; } } //Bans::purge(); if ($config['cache']['enabled']) { cache::set('purged_bans_last', time()); } }
function mod_page_ip($ip) { global $config, $mod; if (filter_var($ip, FILTER_VALIDATE_IP) === false) { error("Invalid IP address."); } if (isset($_POST['ban_id'], $_POST['unban'])) { if (!hasPermission($config['mod']['unban'])) { error($config['error']['noaccess']); } Bans::delete($_POST['ban_id'], true); header('Location: ?/IP/' . $ip . '#bans', true, $config['redirect_http']); return; } if (isset($_POST['note'])) { if (!hasPermission($config['mod']['create_notes'])) { error($config['error']['noaccess']); } $_POST['note'] = escape_markup_modifiers($_POST['note']); markup($_POST['note']); $query = prepare('INSERT INTO ``ip_notes`` VALUES (NULL, :ip, :mod, :time, :body)'); $query->bindValue(':ip', $ip); $query->bindValue(':mod', $mod['id']); $query->bindValue(':time', time()); $query->bindValue(':body', $_POST['note']); $query->execute() or error(db_error($query)); modLog("Added a note for <a href=\"?/IP/{$ip}\">{$ip}</a>"); header('Location: ?/IP/' . $ip . '#notes', true, $config['redirect_http']); return; } $args = array(); $args['ip'] = $ip; $args['posts'] = array(); if ($config['mod']['dns_lookup']) { $args['hostname'] = rDNS($ip); } $boards = listBoards(); foreach ($boards as $board) { openBoard($board['uri']); if (!hasPermission($config['mod']['show_ip'], $board['uri'])) { continue; } $query = prepare(sprintf('SELECT * FROM ``posts_%s`` WHERE `ip` = :ip ORDER BY `sticky` DESC, `id` DESC LIMIT :limit', $board['uri'])); $query->bindValue(':ip', $ip); $query->bindValue(':limit', $config['mod']['ip_recentposts'], PDO::PARAM_INT); $query->execute() or error(db_error($query)); while ($post = $query->fetch(PDO::FETCH_ASSOC)) { if (!$post['thread']) { $po = new Thread($post, '?/', $mod, false); } else { $po = new Post($post, '?/', $mod); } if (!isset($args['posts'][$board['uri']])) { $args['posts'][$board['uri']] = array('board' => $board, 'posts' => array()); } $args['posts'][$board['uri']]['posts'][] = $po->build(true); } } $args['boards'] = $boards; $args['token'] = make_secure_link_token('ban'); if (hasPermission($config['mod']['view_ban'])) { $args['bans'] = Bans::find($ip, false, true); } if (hasPermission($config['mod']['view_notes'])) { $query = prepare("SELECT ``ip_notes``.*, `username` FROM ``ip_notes`` LEFT JOIN ``mods`` ON `mod` = ``mods``.`id` WHERE `ip` = :ip ORDER BY `time` DESC"); $query->bindValue(':ip', $ip); $query->execute() or error(db_error($query)); $args['notes'] = $query->fetchAll(PDO::FETCH_ASSOC); } if (hasPermission($config['mod']['modlog_ip'])) { $query = prepare("SELECT `username`, `mod`, `ip`, `board`, `time`, `text` FROM ``modlogs`` LEFT JOIN ``mods`` ON `mod` = ``mods``.`id` WHERE `text` LIKE :search ORDER BY `time` DESC LIMIT 50"); $query->bindValue(':search', '%' . $ip . '%'); $query->execute() or error(db_error($query)); $args['logs'] = $query->fetchAll(PDO::FETCH_ASSOC); } else { $args['logs'] = array(); } $args['security_token'] = make_secure_link_token('IP/' . $ip); mod_page(sprintf('%s: %s', _('IP'), $ip), 'mod/view_ip.html', $args, $args['hostname']); }