/** * */ public function putMod(Request $request, Board $board, $post) { // Validate the request parameters. if (!($post = $this->validatePost($board, $post)) instanceof Post) { // If the response isn't a Post, it's a redirect or error. // Return the message. return $post; } // Take trailing arguments, // compare them against a list of real actions, // intersect the liss to find the true commands. $actions = ["delete", "ban", "all", "global"]; $argList = func_get_args(); $modActions = array_intersect($actions, array_splice($argList, 2)); sort($modActions); $ban = in_array("ban", $modActions); $delete = in_array("delete", $modActions); $all = in_array("all", $modActions); $global = in_array("global", $modActions); if (!$ban) { return abort(404); } $validator = Validator::make(Input::all(), ['raw_ip' => 'required|boolean', 'ban_ip' => 'required_if:raw_ip,true|ip', 'ban_ip_range' => 'required|between:0,128', 'justification' => 'max:255', 'expires_days' => 'required|integer|min:0|max:' . $this->option('banMaxLength'), 'expires_hours' => 'required|integer|min:0|max:23', 'expires_minutes' => 'required|integer|min:0|max:59']); if (!$validator->passes()) { return redirect()->back()->withInput(Input::all())->withErrors($validator->errors()); } $banLengthStr = []; $expiresDays = Input::get('expires_days'); $expiresHours = Input::get('expires_hours'); $expiresMinutes = Input::get('expires_minutes'); if ($expiresDays > 0) { $banLengthStr[] = "{$expiresDays}d"; } if ($expiresHours > 0) { $banLengthStr[] = "{$expiresHours}h"; } if ($expiresMinutes > 0) { $banLengthStr[] = "{$expiresMinutes}m"; } if ($expiresDays == 0 && $expiresHours == 0 && $expiresMinutes == 0) { $banLengthStr[] = "Ø"; } $banLengthStr = implode($banLengthStr, " "); // If we're banning without the ability to view IP addresses, we will get our address directly from the post in human-readable format. $banIpAddr = $this->user->canViewRawIP() ? Input::get('ban_ip') : $post->getAuthorIpAsString(); // The CIDR is passed from our post parameters. By default, it is 32/128 for IPv4/IPv6 respectively. $banCidr = Input::get('ban_ip_range'); // This generates a range from start to finish. I.E. 192.168.1.3/22 becomes [192.168.0.0, 192.168.3.255]. // If we just pass the CDIR into the construct, we get 192.168.1.3-129.168.3.255 for some reason. $banCidrRange = CIDR::cidr_to_range("{$banIpAddr}/{$banCidr}"); // We then pass this range into the construct method. $banIp = new CIDR($banCidrRange[0], $banCidrRange[1]); $ban = new Ban(); $ban->ban_ip_start = inet_pton($banIp->getStart()); $ban->ban_ip_end = inet_pton($banIp->getEnd()); $ban->seen = false; $ban->created_at = $ban->freshTimestamp(); $ban->updated_at = clone $ban->created_at; $ban->expires_at = clone $ban->created_at; $ban->expires_at->addDays($expiresDays); $ban->expires_at->addHours($expiresHours); $ban->expires_at->addMinutes($expiresMinutes); $ban->mod_id = $this->user->user_id; $ban->post_id = $post->post_id; $ban->ban_reason_id = null; $ban->justification = Input::get('justification'); if ($global) { if ($ban && !$this->user->canBanGlobally() || $delete && !$this->user->canDeleteGlobally()) { return abort(403); } if ($ban) { $ban->board_uri = null; $ban->save(); } $this->log('log.post.ban.global', $post, ["board_id" => $post->board_id, "board_uri" => $post->board_uri, "ip" => $post->getAuthorIpAsString(), "justification" => $ban->justification, "time" => $banLengthStr]); if ($delete) { $posts = Post::ipBinary($banIp); $this->log('log.post.ban.delete', $post, ["board_id" => $post->board_id, "board_uri" => $post->board_uri, "posts" => $posts->count()]); $posts->delete(); return redirect($board->board_uri); } } else { if ($ban && !$board->canBan($this->user) || $delete && !$board->canDelete($this->user)) { return abort(403); } if ($ban) { $ban->board_uri = $post->board_uri; $ban->save(); } $this->log('log.post.ban.local', $post, ["board_id" => $post->board_id, "board_uri" => $post->board_uri, "ip" => $post->getAuthorIpAsString(), "justification" => $ban->justification, "time" => $banLengthStr]); if ($delete) { if ($all) { $posts = Post::ipBinary($banIp)->where('board_uri', $board->board_uri); $this->log('log.post.ban.delete', $post, ["board_id" => $post->board_id, "board_uri" => $post->board_uri, "posts" => $posts->count()]); $posts->delete(); return redirect($board->board_uri); } else { $this->log('log.post.ban.delete', $post, ["board_id" => $post->board_id, "board_uri" => $post->board_uri, "posts" => 1]); $post->delete(); if ($post->reply_to) { return redirect("{$post->board_uri}/thread/{$post->op->board_id}"); } else { return redirect($board->board_uri); } } } } Event::fire(new PostWasBanned($post)); Event::fire(new PostWasModerated($post, $this->user)); if ($post->reply_to) { return redirect("{$post->board_uri}/thread/{$post->op->board_id}#{$post->board_id}"); } else { return redirect("{$post->board_uri}/thread/{$post->board_id}"); } }
/** * Returns a human-readable IP address based on user permissions. * This will obfuscate it if we do not have permission to view raw IPs. * * @param string|CIDR $ip Normal IP string or a CIDR support object. * @return string Either $ip or an ip_less version. */ public function getTextForIP($ip) { if ($this->canViewRawIP()) { return (string) $ip; } if ($ip instanceof CIDR && $ip->getStart() != $ip->getEnd()) { return ip_less($ip->getStart()) . "/" . $ip->getPrefix(); } return ip_less($ip); }
/** * Generates a snapshot in the database for the previous hour. * * @param \Carbon\Carbon $carbon A timestamp within the 0-60 minute block that is to be snapshotted. * @return array of new \App\Stats */ public function createStatsSnapshot(\Carbon\Carbon $carbon) { $carbonStart = $carbon->minute(0)->second(0); $carbonEnd = clone $carbonStart; $carbonEnd = $carbonEnd->addHour()->minute(0)->second(0)->subSecond(); $posts = $this->posts()->withTrashed()->where('created_at', '>=', $carbonStart)->where('created_at', '<=', $carbonEnd)->select('post_id', 'author_ip', 'reply_to')->get(); if ($posts->count() === 0) { return []; } // Unique IPs. $authorsUnique = []; // Unique Post IDs. $postsUnique = []; // Unique \16 ranges. $rangesUnique = []; // Unique Thread Post IDs. $threadsUnique = []; foreach ($posts as $post) { $postsUnique[$post->post_id] = true; if (is_null($post->reply_to)) { $threadsUnique[$post->post_id] = false; } if (!is_null($post->author_ip)) { $ip = inet_ntop($post->author_ip); if (!isset($authorsUnique[$ip])) { $authorsUnique[$ip] = true; $range = new CIDR("{$ip}/16"); $rangesUnique[$range->getStart()] = true; } } } // Save uniques $statsRows = []; $uniques = ['authors' => array_keys($authorsUnique), 'posts' => array_keys($postsUnique), 'ranges' => array_keys($rangesUnique), 'threads' => array_keys($threadsUnique)]; foreach ($uniques as $statsKey => $uniqueValues) { $statsBits = []; foreach ($uniqueValues as $uniqueValue) { $statsBits[] = ['unique' => $uniqueValue]; } $statsRow = $this->stats()->updateOrCreate(['stats_time' => $carbonStart, 'stats_type' => $statsKey], ['counter' => count($statsBits)]); if (!$statsRow->exists) { $statsRow->save(); } $statsRow->uniques()->createMany($statsBits); $statsRows[] = $statsRow; } return $statsRows; }