/** * Delete Comment * * @return void */ public function delete_comment() { if (!ee()->cp->allowed_group('can_delete_all_comments') && !ee()->cp->allowed_group('can_delete_own_comments')) { show_error(lang('unauthorized_access')); } $comment_id = ee()->input->post('comment_ids'); if ($comment_id == FALSE) { show_error(lang('unauthorized_access')); } if (!preg_match("/^[0-9]+\$/", str_replace('|', '', $comment_id))) { show_error(lang('unauthorized_access')); } ee()->db->where_in('comment_id', explode('|', $comment_id)); $count = ee()->db->count_all_results('comments'); if ($count == 0) { show_error(lang('unauthorized_access')); } ee()->cp->get_installed_modules(); $blacklist_installed = isset(ee()->cp->installed_modules['blacklist']) ? TRUE : FALSE; ee()->db->select('channel_titles.author_id, channel_titles.entry_id, channel_titles.channel_id, channel_titles.comment_total, comments.ip_address'); ee()->db->from(array('channel_titles', 'comments')); ee()->db->where('channel_titles.entry_id = ' . ee()->db->dbprefix('comments.entry_id')); ee()->db->where_in('comments.comment_id', explode('|', $comment_id)); $query = ee()->db->get(); if ($query->num_rows() == 0) { show_error(lang('unauthorized_access')); } $entry_ids = array(); $author_ids = array(); $channel_ids = array(); $bad_ips = array(); foreach ($query->result_array() as $row) { $entry_ids[] = $row['entry_id']; $author_ids[] = $row['author_id']; $channel_ids[] = $row['channel_id']; $bad_ips[] = $row['ip_address']; } $entry_ids = array_unique($entry_ids); $author_ids = array_unique($author_ids); $channel_ids = array_unique($channel_ids); $ips['ip'] = array_unique($bad_ips); unset($bad_ips); if (!ee()->cp->allowed_group('can_delete_all_comments')) { foreach ($query->result_array() as $row) { if ($row['author_id'] != ee()->session->userdata('member_id')) { show_error(lang('unauthorized_access')); } } } // If blacklist was checked- blacklist! if ($blacklist_installed && ee()->input->post('add_to_blacklist') == 'y') { include_once PATH_MOD . 'blacklist/mcp.blacklist.php'; $bl = new Blacklist_mcp(); // Write to htaccess? $write_htacces = ee()->session->userdata('group_id') == '1' && ee()->config->item('htaccess_path') != '' ? TRUE : FALSE; $blacklisted = $bl->update_blacklist($ips, $write_htacces, 'bool'); } $comment_ids = explode('|', $comment_id); // ------------------------------------------- // 'delete_comment_additional' hook. // - Add additional processing on comment delete // ee()->extensions->call('delete_comment_additional', $comment_ids); if (ee()->extensions->end_script === TRUE) { return; } // // ------------------------------------------- ee()->db->where_in('comment_id', $comment_ids); ee()->db->delete('comments'); $this->update_stats($entry_ids, $channel_ids, $author_ids); ee()->functions->clear_caching('all'); ee()->session->set_flashdata('message_success', lang('comment_deleted')); ee()->functions->redirect($this->base_url); }
/** * Blacklist Throttled IPs * * @access public * @return mixed */ function blacklist_throttled_ips() { if (!$this->cp->allowed_group('can_access_tools', 'can_access_logs')) { show_error(lang('unauthorized_access')); } if ($this->config->item('enable_throttling') == 'n') { show_error(lang('throttling_disabled')); } $max_page_loads = 10; $lockout_time = 30; if (is_numeric($this->config->item('max_page_loads'))) { $max_page_loads = $this->config->item('max_page_loads'); } if (is_numeric($this->config->item('lockout_time'))) { $lockout_time = $this->config->item('lockout_time'); } $throttled = $this->tools_model->get_throttle_log($max_page_loads, $lockout_time); $ips = array(); foreach ($throttled->result() as $row) { $ips[] = $row->ip_address; } $this->tools_model->blacklist_ips($ips); $this->lang->loadfile('blacklist'); // The blacklist module takes care of the htaccess if ($this->session->userdata['group_id'] == 1 && $this->config->item('htaccess_path') !== FALSE && file_exists($this->config->item('htaccess_path')) && is_writable($this->config->item('htaccess_path'))) { if (!class_exists('Blacklist')) { require PATH_MOD . 'blacklist/mcp.blacklist.php'; } $MOD = new Blacklist_mcp(); $_POST['htaccess_path'] = $this->config->item('htaccess_path'); $MOD->write_htaccess(FALSE); } $this->session->set_flashdata('message_success', lang('blacklist_updated')); $this->functions->redirect(BASE . AMP . 'C=tools_logs' . AMP . 'M=view_throttle_log'); }