/** * Главная страница сайта */ public function actionIndex() { // Вытаскиваем 10 последних банов $dependecy = new CDbCacheDependency('SELECT MAX(`bid`) FROM {{bans}}'); $bans = new CActiveDataProvider(Bans::model()->cache(300, $dependecy), array('criteria' => array('condition' => Yii::app()->config->auto_prune ? 'expired = 0' : null, 'order' => 'bid DESC', 'limit' => 10), 'pagination' => false)); $this->render('index', array('bans' => $bans, 'servers' => Serverinfo::model()->findAll())); }
public static function gen_json($settings) { ob_start(); Bans::stream_json(false, true, true, array()); $out = ob_get_contents(); ob_end_clean(); return $out; }
/** * Главная страница сайта */ public function actionIndex() { // Вытаскиваем 10 последних банов $dependecy = new CDbCacheDependency('SELECT MAX(`bid`) FROM {{bans}}'); $bans = new CActiveDataProvider(Bans::model()->cache(300, $dependecy), array('criteria' => array('condition' => Yii::app()->config->auto_prune ? 'expired = 0' : null, 'order' => 'bid DESC', 'limit' => 10), 'pagination' => false)); // Вытаскиваем 10 лучших игроков $dependecy = new CDbCacheDependency('SELECT MAX(`id`) FROM `bio_players`'); $players = new CActiveDataProvider(Players::model()->cache(300, $dependecy), array('criteria' => array('select' => '`id`, `nick`, ' . Players::sql_skill_formula() . ' AS `skill`', 'order' => '`skill` DESC, `id` ASC', 'condition' => 'last_seen > ' . (time() - 60 * 60 * 24 * 7), 'limit' => 10), 'pagination' => false)); $this->render('index', array('bans' => $bans, 'players' => $players, 'servers' => Serverinfo::model()->findAll())); }
<?php echo CHtml::dropDownList('Reasons', 'selfreason', Reasons::getList()); ?> </div> </div> <?php echo $form->textFieldRow($model, 'ban_reason', array('size' => 32, 'maxlength' => 32)); ?> <?php echo $form->error($model, 'ban_reason'); ?> <?php echo $form->dropDownListRow($model, 'ban_length', Bans::getBanLenght()); ?> </fieldset> <div class="form-actions"> <?php $this->widget('bootstrap.widgets.TbButton', array('buttonType' => 'submit', 'type' => 'primary', 'label' => $model->isNewRecord ? 'Создать' : 'Обновить')); ?> <?php echo CHtml::link('Отмена', Yii::app()->createUrl('/admin/index'), array('class' => 'btn btn-danger')); ?> </div> <?php $this->endWidget(); ?>
*/ /** * "You are banned" page * * Users will be redirected to this page when they are banned from posting to or * viewing the boards. * * @package kusaba */ /** * Require the configuration file, functions file, and bans class */ require 'config.php'; require KU_ROOTDIR . 'inc/functions.php'; require KU_ROOTDIR . 'inc/classes/bans.class.php'; $bans_class = new Bans(); if (isset($_POST['appealmessage']) && KU_APPEAL != '') { $results = $tc_db->GetAll("SELECT * FROM `" . KU_DBPREFIX . "banlist` WHERE `type` = '0' AND `ipmd5` = '" . md5($_SERVER['REMOTE_ADDR']) . "' AND `id` = " . $tc_db->qstr($_POST['banid']) . "LIMIT 1"); if (count($results) > 0) { foreach ($results as $line) { if ($line['appealat'] > 0 && $line['appealat'] < time()) { $tc_db->Execute("UPDATE `" . KU_DBPREFIX . "banlist` SET `appealat` = '-1' , appeal = " . $tc_db->qstr($_POST['appealmessage']) . " WHERE `id` = '" . $line['id'] . "'"); echo 'Your appeal has been sent and is pending review.'; } else { echo 'You may not appeal that ban at this time.'; } die; } } } $bans_class->BanCheck($_SERVER['REMOTE_ADDR'], '', true);
// We are already done, let's continue our heavy-lifting work in the background (if we run off FastCGI) if (function_exists('fastcgi_finish_request')) { @fastcgi_finish_request(); } buildIndex(); if ($post['op']) { rebuildThemes('post-thread', $board['uri']); } else { rebuildThemes('post', $board['uri']); } } elseif (isset($_POST['appeal'])) { if (!isset($_POST['ban_id'])) { error($config['error']['bot']); } $ban_id = (int) $_POST['ban_id']; $bans = Bans::find($_SERVER['REMOTE_ADDR']); foreach ($bans as $_ban) { if ($_ban['id'] == $ban_id) { $ban = $_ban; break; } } if (!isset($ban)) { error(_("That ban doesn't exist or is not for you.")); } if ($ban['expires'] && $ban['expires'] - $ban['created'] <= $config['ban_appeals_min_length']) { error(_("You cannot appeal a ban of this length.")); } $query = query("SELECT `denied` FROM ``ban_appeals`` WHERE `ban_id` = {$ban_id}") or error(db_error()); $ban_appeals = $query->fetchAll(PDO::FETCH_COLUMN); if (count($ban_appeals) >= $config['ban_appeals_max']) {
public function action() { global $board; switch ($this->action) { case 'reject': error(isset($this->message) ? $this->message : 'Posting throttled by filter.'); case 'ban': if (!isset($this->reason)) { error('The ban action requires a reason.'); } $this->expires = isset($this->expires) ? $this->expires : false; $this->reject = isset($this->reject) ? $this->reject : true; $this->all_boards = isset($this->all_boards) ? $this->all_boards : false; Bans::new_ban($_SERVER['REMOTE_ADDR'], $this->reason, $this->expires, $this->all_boards ? false : $board['uri'], -1); if ($this->reject) { if (isset($this->message)) { error($message); } checkBan($board['uri']); exit; } break; default: error('Unknown filter action: ' . $this->action); } }
function mod_ban_post($board, $delete, $post, $token = false) { global $config, $mod; if (!openBoard($board)) { error($config['error']['noboard']); } if (!hasPermission($config['mod']['delete'], $board)) { error($config['error']['noaccess']); } $security_token = make_secure_link_token($board . '/ban/' . $post); $query = prepare(sprintf('SELECT ' . ($config['ban_show_post'] ? '*' : '`ip`, `thread`') . ' FROM ``posts_%s`` WHERE `id` = :id', $board)); $query->bindValue(':id', $post); $query->execute() or error(db_error($query)); if (!($_post = $query->fetch(PDO::FETCH_ASSOC))) { error($config['error']['404']); } $thread = $_post['thread']; $ip = $_post['ip']; if (isset($_POST['new_ban'], $_POST['reason'], $_POST['length'], $_POST['board'])) { require_once 'inc/mod/ban.php'; if (isset($_POST['ip'])) { $ip = $_POST['ip']; } Bans::new_ban($_POST['ip'], $_POST['reason'], $_POST['length'], $_POST['board'] == '*' ? false : $_POST['board'], false, $config['ban_show_post'] ? $_post : false); if (isset($_POST['public_message'], $_POST['message'])) { // public ban message $length_english = Bans::parse_time($_POST['length']) ? 'for ' . until(Bans::parse_time($_POST['length'])) : 'permanently'; $_POST['message'] = preg_replace('/[\\r\\n]/', '', $_POST['message']); $_POST['message'] = str_replace('%length%', $length_english, $_POST['message']); $_POST['message'] = str_replace('%LENGTH%', strtoupper($length_english), $_POST['message']); $query = prepare(sprintf('UPDATE ``posts_%s`` SET `body_nomarkup` = CONCAT(`body_nomarkup`, :body_nomarkup) WHERE `id` = :id', $board)); $query->bindValue(':id', $post); $query->bindValue(':body_nomarkup', sprintf("\n<tinyboard ban message>%s</tinyboard>", utf8tohtml($_POST['message']))); $query->execute() or error(db_error($query)); rebuildPost($post); modLog("Attached a public ban message to post #{$post}: " . utf8tohtml($_POST['message'])); buildThread($thread ? $thread : $post); buildIndex(); } elseif (isset($_POST['delete']) && (int) $_POST['delete']) { // Delete post deletePost($post); modLog("Deleted post #{$post}"); // Rebuild board buildIndex(); // Rebuild themes rebuildThemes('post-delete', $board); } header('Location: ?/' . sprintf($config['board_path'], $board) . $config['file_index'], true, $config['redirect_http']); } $args = array('ip' => $ip, 'hide_ip' => !hasPermission($config['mod']['show_ip'], $board), 'post' => $post, 'board' => $board, 'delete' => (bool) $delete, 'boards' => listBoards(), 'token' => $security_token); mod_page(_('New ban'), 'mod/ban_form.html', $args); }
query("ALTER TABLE ``bans`` ADD INDEX `seen` (`seen`)") or error(db_error()); case 'v0.9.6-dev-17': query("ALTER TABLE ``ip_notes``\n\t\t\t\tDROP INDEX `ip`,\n\t\t\t\tADD INDEX `ip_lookup` (`ip`, `time`)") or error(db_error()); case 'v0.9.6-dev-18': query("CREATE TABLE IF NOT EXISTS ``flood`` (\n\t\t\t\t `id` int(11) unsigned NOT NULL AUTO_INCREMENT,\n\t\t\t\t `ip` varchar(39) NOT NULL,\n\t\t\t\t `board` varchar(58) CHARACTER SET utf8 NOT NULL,\n\t\t\t\t `time` int(11) NOT NULL,\n\t\t\t\t `posthash` char(32) NOT NULL,\n\t\t\t\t `filehash` char(32) DEFAULT NULL,\n\t\t\t\t `isreply` tinyint(1) NOT NULL,\n\t\t\t\t PRIMARY KEY (`id`),\n\t\t\t\t KEY `ip` (`ip`),\n\t\t\t\t KEY `posthash` (`posthash`),\n\t\t\t\t KEY `filehash` (`filehash`),\n\t\t\t\t KEY `time` (`time`)\n\t\t\t\t) ENGINE=MyISAM DEFAULT CHARSET=ascii COLLATE=ascii_bin AUTO_INCREMENT=1 ;") or error(db_error()); case 'v0.9.6-dev-19': query("UPDATE ``mods`` SET `type` = 10 WHERE `type` = 0") or error(db_error()); query("UPDATE ``mods`` SET `type` = 20 WHERE `type` = 1") or error(db_error()); query("UPDATE ``mods`` SET `type` = 30 WHERE `type` = 2") or error(db_error()); query("ALTER TABLE ``mods`` CHANGE `type` `type` smallint(1) NOT NULL") or error(db_error()); case 'v0.9.6-dev-20': __query("CREATE TABLE IF NOT EXISTS `bans_new_temp` (\n\t\t\t\t`id` int(10) unsigned NOT NULL AUTO_INCREMENT,\n\t\t\t\t`ipstart` varbinary(16) NOT NULL,\n\t\t\t\t`ipend` varbinary(16) DEFAULT NULL,\n\t\t\t\t`created` int(10) unsigned NOT NULL,\n\t\t\t\t`expires` int(10) unsigned DEFAULT NULL,\n\t\t\t\t`board` varchar(58) DEFAULT NULL,\n\t\t\t\t`creator` int(10) NOT NULL,\n\t\t\t\t`reason` text,\n\t\t\t\t`seen` tinyint(1) NOT NULL,\n\t\t\t\t`post` blob,\n\t\t\t\tPRIMARY KEY (`id`),\n\t\t\t\tKEY `expires` (`expires`),\n\t\t\t\tKEY `ipstart` (`ipstart`,`ipend`)\n\t\t\t\t) ENGINE=MyISAM DEFAULT CHARSET=utf8mb4 AUTO_INCREMENT=1") or error(db_error()); $listquery = query("SELECT * FROM ``bans`` ORDER BY `id`") or error(db_error()); while ($ban = $listquery->fetch(PDO::FETCH_ASSOC)) { $query = prepare("INSERT INTO ``bans_new_temp`` VALUES \n\t\t\t\t\t(NULL, :ipstart, :ipend, :created, :expires, :board, :creator, :reason, :seen, NULL)"); $range = Bans::parse_range($ban['ip']); if ($range === false) { // Invalid retard ban; just skip it. continue; } $query->bindValue(':ipstart', $range[0]); if ($range[1] !== false && $range[1] != $range[0]) { $query->bindValue(':ipend', $range[1]); } else { $query->bindValue(':ipend', null, PDO::PARAM_NULL); } $query->bindValue(':created', $ban['set']); if ($ban['expires']) { $query->bindValue(':expires', $ban['expires']); } else { $query->bindValue(':expires', null, PDO::PARAM_NULL);
/** *Главная страница серверов */ public function actionIndex() { $model = new Serverinfo('search'); $model->unsetAttributes(); if (isset($_GET['Serverinfo'])) { $model->attributes = $_GET['Serverinfo']; } $allbans = Bans::model()->cache(600)->count(); $activebans = Bans::model()->cache(600)->count('((ban_created+(ban_length*60)) > :time OR ban_length = 0) AND `expired` = 0', array(':time' => time())); $permbans = Bans::model()->cache(600)->count('ban_length = 0'); $this->render('index', array('servers' => Serverinfo::model()->cache(600)->findAll(array('order' => '`hostname` ASC')), 'info' => array('bancount' => $allbans, 'actbans' => $activebans, 'permbans' => $permbans, 'tempbans' => $activebans - $permbans, 'admins' => Amxadmins::model()->cache(600)->count(), 'serversCount' => Serverinfo::model()->cache(600)->count()))); }
/** * Загрузка модели по ID * @param integer ID бана */ public function loadModel($id) { $model = Bans::model()->findByPk($id); if ($model === null) { throw new CHttpException(404, 'The requested page does not exist.'); } return $model; }
<div class="form-group"> <label class="control-label col-lg-2" for="Reasons"></label> <div class="col-lg-10"> <?php echo CHtml::dropDownList('Reasons', 'selfreason', Reasons::getList(), array('class' => 'form-control')); ?> </div> </div> <?php echo $form->textFieldControlGroup($model, 'ban_reason', array('size' => 32, 'maxlength' => 32)); ?> <?php echo $form->dropDownListControlGroup($model, 'ban_length', Bans::getBanLenght()); ?> </fieldset> <div class="form-group"> <div class="col-lg-offset-2"> <button class="btn btn-primary" type="submit">Сохранить</button> <a href="<?php echo $this->createUrl('/admin/index'); ?> " class="btn btn-danger">Отмена</a> </div> </div> <?php $this->endWidget(); ?>
*/ // }}} // {{{ Fake email field check if (isset($_POST['email']) && !empty($_POST['email'])) { exitWithErrorPage('Spam bot detected'); } // Start the session session_start(); // Require the configuration file, functions file, board and post class, bans class, and posting class require 'config.php'; require KU_ROOTDIR . 'inc/functions.php'; require KU_ROOTDIR . 'inc/classes/board-post.class.php'; require KU_ROOTDIR . 'inc/classes/bans.class.php'; require KU_ROOTDIR . 'inc/classes/posting.class.php'; require KU_ROOTDIR . 'inc/classes/parse.class.php'; $bans_class = new Bans(); $parse_class = new Parse(); $posting_class = new Posting(); // {{{ Module loading modules_load_all(); // }}} // {{{ GET/POST board send check // In some cases, the board value is sent through post, others get if (isset($_POST['board']) || isset($_GET['board'])) { $_POST['board'] = isset($_GET['board']) ? $_GET['board'] : $_POST['board']; } // }}} // If the script was called using a board name: if (isset($_POST['board'])) { $board_name = $tc_db->GetOne("SELECT `name` FROM `" . KU_DBPREFIX . "boards` WHERE `name` = " . $tc_db->qstr($_POST['board']) . ""); if (!empty($board_name)) {
require_once "includes/settings.class.php"; $settings = new settings(); /** * Loop through all settings and define them. * Now we can access the settings anywhere we have a init.php included. */ $run = mysql_query("SELECT * FROM settingsitems"); while ($row = mysql_fetch_assoc($run)) { define($row['code'], $row['value']); } require_once "includes/plugins.php"; require_once "includes/auth.php"; require_once "includes/bans.php"; $plugin = new Plugins(); $auth = new auth(); $bans = new Bans(); $f = glob("plugins/*.php"); foreach ($f as $a) { require_once $a; } if ($_GET['a'] == "registerSerial") { if ($bans->isBanned($_SERVER['REMOTE_ADDR'])) { die("You are currently banned from accessing this panel due to too many failed attempts. Try again soon."); } ?> <script language="javascript" type="text/javascript" src="js/jquery.min.js"></script> <link rel="stylesheet" type="text/css" href="css/960.css"> <link rel="stylesheet" type="text/css" href="css/reset.css"> <link rel="stylesheet" type="text/css" href="css/widgets.css" /> <link rel="stylesheet" type="text/css" href="css/misc.css" /> <div class="container_12">
protected function beforeValidate() { if ($this->isNewRecord) { if (!filter_var($this->player_ip, FILTER_VALIDATE_IP, array('flags' => FILTER_FLAG_IPV4))) { return $this->addError($this->player_ip, 'Неверно введен IP'); } if ($this->player_ip && Bans::model()->count('`player_ip` = :ip AND (`ban_length` = 0 OR `ban_created` + (`ban_length` * 60) >= UNIX_TIMESTAMP())', array(':ip' => $this->player_ip))) { return $this->addError($this->player_ip, 'Этот IP уже забанен'); } if ($this->player_id && Bans::model()->count('`player_id` = :id AND (`ban_length` = 0 OR `ban_created` + (`ban_length` * 60) >= UNIX_TIMESTAMP())', array(':id' => $this->player_id))) { return $this->addError($this->player_id, 'Этот STEAMID уже забанен'); } } return parent::beforeValidate(); }
/** * Главная страница админцентра * @throws CHttpException */ public function actionIndex() { // Если гость, выдаем эксепшн if (Yii::app()->user->isGuest) { throw new CHttpException(403, 'У Вас недостаточно прав'); } $this->render('index', array('sysinfo' => array('bancount' => Bans::model()->cache(300)->count(), 'activebans' => Bans::model()->cache(300)->count(), 'filescount' => Files::model()->cache(300)->count(), 'commentscount' => Comments::model()->cache(300)->count()))); }
function proxyban() { global $tpl_page; $this->AdministratorsOnly(); $tpl_page .= '<h2>' . _gettext('Ban proxy list') . '</h2><br />'; if (isset($_FILES['imagefile'])) { $bans_class = new Bans(); $ips = 0; $successful = 0; $proxies = file($_FILES['imagefile']['tmp_name']); foreach ($proxies as $proxy) { if (preg_match('/.[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+.*/', $proxy)) { $proxy = trim($proxy); $ips++; if ($bans_class->BanUser(preg_replace('/:.*/', '', $proxy), 'SERVER', 1, 0, '', 'IP from proxylist automatically banned', '', 0, 0, 1, true)) { $successful++; } } } management_addlogentry(sprintf(_gettext('Banned %d IP addresses using an IP address list.'), $successful), 8); $tpl_page .= $successful . ' of ' . $ips . ' IP addresses banned.'; } else { $tpl_page .= '<form id="postform" action="' . KU_CGIPATH . '/manage_page.php?action=proxyban" method="post" enctype="multipart/form-data"> ' . _gettext('Proxy list') . '<input type="file" name="imagefile" size="35" accesskey="f" /><br /> <input type="submit" value="' . _gettext('Submit') . '" /> <br />' . _gettext('The proxy list is assumed to be in plaintext *.*.*.*:port or *.*.*.* format, one IP per line.') . '<br /><br /><hr />'; } }
function checkBan($board = false) { global $config; if (!isset($_SERVER['REMOTE_ADDR'])) { // Server misconfiguration return; } if (event('check-ban', $board)) { return true; } $bans = Bans::find($_SERVER['REMOTE_ADDR'], $board, $config['show_modname']); foreach ($bans as &$ban) { if ($ban['expires'] && $ban['expires'] < time()) { Bans::delete($ban['id']); if ($config['require_ban_view'] && !$ban['seen']) { if (!isset($_POST['json_response'])) { displayBan($ban); } else { header('Content-Type: text/json'); die(json_encode(array('error' => true, 'banned' => true))); } } } else { if (!isset($_POST['json_response'])) { displayBan($ban); } else { header('Content-Type: text/json'); die(json_encode(array('error' => true, 'banned' => true))); } } } // I'm not sure where else to put this. It doesn't really matter where; it just needs to be called every // now and then to keep the ban list tidy. if ($config['cache']['enabled'] && ($last_time_purged = cache::get('purged_bans_last'))) { if (time() - $last_time_purged < $config['purge_bans']) { return; } } //Bans::purge(); if ($config['cache']['enabled']) { cache::set('purged_bans_last', time()); } }
public function action() { global $board; $this->add_note = isset($this->add_note) ? $this->add_note : false; if ($this->add_note) { $query = prepare('INSERT INTO ``ip_notes`` VALUES (NULL, :ip, :mod, :time, :body)'); $query->bindValue(':ip', $_SERVER['REMOTE_ADDR']); $query->bindValue(':mod', -1); $query->bindValue(':time', time()); $query->bindValue(':body', "Autoban message: " . $this->post['body']); $query->execute() or error(db_error($query)); } if (isset($this->action)) { switch ($this->action) { case 'reject': error(isset($this->message) ? $this->message : 'Posting throttled by filter.'); case 'ban': if (!isset($this->reason)) { error('The ban action requires a reason.'); } $this->expires = isset($this->expires) ? $this->expires : false; $this->reject = isset($this->reject) ? $this->reject : true; $this->all_boards = isset($this->all_boards) ? $this->all_boards : false; Bans::new_ban($_SERVER['REMOTE_ADDR'], $this->reason, $this->expires, $this->all_boards ? false : $board['uri'], -1); if ($this->reject) { if (isset($this->message)) { error($message); } checkBan($board['uri']); exit; } break; default: error('Unknown filter action: ' . $this->action); } } }
/** * Главная страница админцентра * @throws CHttpException */ public function actionIndex() { // Если гость, выдаем эксепшн if (Yii::app()->user->isGuest) { throw new CHttpException(403, 'У Вас недостаточно прав'); } // Только главный админ имеет право входить в аминцентр if (Yii::app()->user->id != '1') { throw new CHttpException(403, 'У Вас недостаточно прав'); } $this->render('index', array('sysinfo' => array('bancount' => History::model()->cache(300)->count(), 'activebans' => Bans::model()->cache(300)->count(), 'filescount' => Files::model()->cache(300)->count(), 'commentscount' => Comments::model()->cache(300)->count()))); }
* @license http://creativecommons.org/licenses/by-nc-sa/4.0/deed.ru «Attribution-NonCommercial-ShareAlike» */ $form = $this->beginWidget('bootstrap.widgets.TbActiveForm', array('id' => 'reasons-form', 'enableAjaxValidation' => TRUE)); ?> <p class="note">Поля, отмеченные <span class="required">*</span> обязательны к заполнению.</p> <?php echo $form->errorSummary($model); ?> <?php echo $form->textFieldRow($model, 'reason', array('class' => 'span5', 'maxlength' => 100)); ?> <!--?php echo $form->textFieldRow($model,'static_bantime',array('class'=>'span5')); ?--> <?php echo $form->dropDownListRow($model, 'static_bantime', Bans::getBanLenght(), array('class' => 'span5')); ?> <div class="form-actions"> <?php $this->widget('bootstrap.widgets.TbButton', array('buttonType' => 'submit', 'type' => 'primary', 'label' => $model->isNewRecord ? 'Создать' : 'Сохранить')); ?> <?php echo CHtml::link('Отмена', Yii::app()->createUrl('/admin/reasons'), array('class' => 'btn btn-danger')); ?> </div> <?php $this->endWidget();