欢迎来到福编程网,本站提供各种互联网专业知识!

如何限制访问者的ip(PHPBB的代码)

发布时间:2006-10-09 作者: 来源:转载
如何限制访问者的ip(PHPBB的代码)Code:

如何限制访问者的ip(PHPBB的代码) Code:

/***************************************************************************

* admin_user_ban.php

* -------------------

* begin : Tuesday, Jul 31, 2001

* copyright : (C) 2001 The phpBB Group

* email : [email]support@phpbb.com[/email]

*

* $Id: admin_user_ban.php,v 1.21.2.2 2002/05/12 15:57:45 psotfx Exp $

*

*

***************************************************************************/

/***************************************************************************

* This file is part of the phpBB2 port to Nuke 6.0 (c) copyright 2002

* by Tom Nitzschner ([email]tom@toms-home.com[/email])

* [url]http://bbtonuke.sourceforge.net[/url] (or [url]http://www.toms-home.com)[/url]

*

* As always, make a backup before messing with anything. All code

* release by me is considered sample code only. It may be fully

* functual, but you use it at your own risk, if you break it,

* you get to fix it too. No waranty is given or implied.

*

* Please post all questions/request about this port on [url]http://bbtonuke.sourceforge.net[/url] first,

* then on my site. All original header code and copyright messages will be maintained

* to give credit where credit is due. If you modify this, the only requirement is

* that you also maintain all original copyright messages. All my work is released

* under the GNU GENERAL PUBLIC LICENSE. Please see the README for more information.

*

***************************************************************************/

/***************************************************************************

*

* This program is free software; you can redistribute it and/or modify

* it under the terms of the GNU General Public License as published by

* the Free Software Foundation; either version 2 of the License, or

* (at your option) any later version.

*

***************************************************************************/

define('IN_PHPBB', 1);

if ( !empty($setmodules) )

{

$filename = basename(__FILE__);

$module['Users']['Ban_Management'] = $filename;

return;

}

//

// Load default header

//

$phpbb_root_path = './../';

require($phpbb_root_path . 'extension.inc');

require('./pagestart.' . $phpEx);

//

// Start program

//

if ( isset($HTTP_POST_VARS['submit']) )

{

$user_bansql = '';

$email_bansql = '';

$ip_bansql = '';

$user_list = array();

if ( !empty($HTTP_POST_VARS['username']) )

{

$this_userdata = get_userdata($HTTP_POST_VARS['username']);

if( !$this_userdata )

{

message_die(GENERAL_MESSAGE, $lang['No_user_id_specified'] );

}

$user_list[] = $this_userdata['user_id'];

}

$ip_list = array();

if ( isset($HTTP_POST_VARS['ban_ip']) )

{

$ip_list_temp = explode(',', $HTTP_POST_VARS['ban_ip']);

for($i = 0; $i < count($ip_list_temp); $i++)

{

if ( preg_match('/^([0-9]{1,3}).([0-9]{1,3}).([0-9]{1,3}).([0-9]{1,3})[ ]*-[ ]*([0-9]{1,3}).([0-9]{1,3}).([0-9]{1,3}).([0-9]{1,3})$/', trim($ip_list_temp[$i]), $ip_range_explode) )

{

//

// Don't ask about all this, just don't ask ... !为什么

//

$ip_1_counter = $ip_range_explode[1];

$ip_1_end = $ip_range_explode[5];

while ( $ip_1_counter <= $ip_1_end )

{

$ip_2_counter = ( $ip_1_counter == $ip_range_explode[1] ) ? $ip_range_explode[2] : 0;

$ip_2_end = ( $ip_1_counter < $ip_1_end ) ? 254 : $ip_range_explode[6];

if ( $ip_2_counter == 0 && $ip_2_end == 254 )

{

$ip_2_counter = 255;

$ip_2_fragment = 255;

$ip_list[] = encode_ip("$ip_1_counter.255.255.255");

}

while ( $ip_2_counter <= $ip_2_end )

{

$ip_3_counter = ( $ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1] ) ? $ip_range_explode[3] : 0;

$ip_3_end = ( $ip_2_counter < $ip_2_end

$ip_1_counter < $ip_1_end ) ? 254 : $ip_range_explode[7];

if ( $ip_3_counter == 0 && $ip_3_end == 254 )

{

$ip_3_counter = 255;

$ip_3_fragment = 255;

$ip_list[] = encode_ip("$ip_1_counter.$ip_2_counter.255.255");

}

while ( $ip_3_counter <= $ip_3_end )

{

$ip_4_counter = ( $ip_3_counter == $ip_range_explode[3] && $ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1] ) ? $ip_range_explode[4] : 0;

$ip_4_end = ( $ip_3_counter < $ip_3_end

$ip_2_counter < $ip_2_end ) ? 254 : $ip_range_explode[8];

if ( $ip_4_counter == 0 && $ip_4_end == 254 )

{

$ip_4_counter = 255;

$ip_4_fragment = 255;

$ip_list[] = encode_ip("$ip_1_counter.$ip_2_counter.$ip_3_counter.255");

}

while ( $ip_4_counter <= $ip_4_end )

{

$ip_list[] = encode_ip("$ip_1_counter.$ip_2_counter.$ip_3_counter.$ip_4_counter");

$ip_4_counter++;

}

$ip_3_counter++;

}

$ip_2_counter++;

}

$ip_1_counter++;

}

}

else if ( preg_match('/^([w-_].?){2,}$/is', trim($ip_list_temp[$i])) )

{

$ip = gethostbynamel(trim($ip_list_temp[$i]));

for($j = 0; $j < count($ip); $j++)

{

if ( !empty($ip[$j]) )

{

$ip_list[] = encode_ip($ip[$j]);

}

}

}

else if ( preg_match('/^([0-9]{1,3}).([0-9*]{1,3}).([0-9*]{1,3}).([0-9*]{1,3})$/', trim($ip_list_temp[$i])) )

{

$ip_list[] = encode_ip(str_replace('*', '255', trim($ip_list_temp[$i])));

}

}

}

$email_list = array();

if ( isset($HTTP_POST_VARS['ban_email']) )

{

$email_list_temp = explode(',', $HTTP_POST_VARS['ban_email']);

for($i = 0; $i < count($email_list_temp); $i++)

{

//

// This ereg match is based on one by [email]php@unreelpro.com[/email]

// contained in the annotated php manual at php.com (ereg

// section)

//

if ( eregi('^(([[:alnum:]*]+([-_.][[:alnum:]*]+)*.?)|(*))@([[:alnum:]]+([-_]?[[:alnum:]]+)*.){1,3}([[:alnum:]]{2,6})$', trim($email_list_temp[$i])) )

{

$email_list[] = trim($email_list_temp[$i]);

}

}

}

$sql = "SELECT *

FROM " . BANLIST_TABLE;

if ( !($result = $db->sql_query($sql)) )

{

message_die(GENERAL_ERROR, "Couldn't obtain banlist information", "", __LINE__, __FILE__, $sql);

}

$current_banlist = $db->sql_fetchrowset($result);

$db->sql_freeresult($result);

$kill_session_sql = '';

for($i = 0; $i < count($user_list); $i++)

{

$in_banlist = false;

for($j = 0; $j < count($current_banlist); $j++)

{

if ( $user_list[$i] == $current_banlist[$j]['ban_userid'] )

{

$in_banlist = true;

}

}

if ( !$in_banlist )

{

$kill_session_sql .= ( ( $kill_session_sql != '' ) ? ' OR ' : '' ) . "session_user_id = " . $user_list[$i];

$sql = "INSERT INTO " . BANLIST_TABLE . " (ban_userid)

VALUES (" . $user_list[$i] . ")";

if ( !$db->sql_query($sql) )

{

message_die(GENERAL_ERROR, "Couldn't insert ban_userid info into database", "", __LINE__, __FILE__, $sql);

}

}

}

for($i = 0; $i < count($ip_list); $i++)

{

$in_banlist = false;

for($j = 0; $j < count($current_banlist); $j++)

{

if ( $ip_list[$i] == $current_banlist[$j]['ban_ip'] )

{

$in_banlist = true;

}

}

if ( !$in_banlist )

{

if ( preg_match('/(ff.)|(.ff)/is', chunk_split($ip_list[$i], 2, '.')) )

{

$kill_ip_sql = "session_ip LIKE '" . str_replace('.', '', preg_replace('/(ff.)|(.ff)/is', '%', chunk_split($ip_list[$i], 2, "."))) . "'";

}

else

{

$kill_ip_sql = "session_ip = '" . $ip_list[$i] . "'";

}

$kill_session_sql .= ( ( $kill_session_sql != '' ) ? ' OR ' : '' ) . $kill_ip_sql;

$sql = "INSERT INTO " . BANLIST_TABLE . " (ban_ip)

VALUES ('" . $ip_list[$i] . "')";

if ( !$db->sql_query($sql) )

{

message_die(GENERAL_ERROR, "Couldn't insert ban_ip info into database", "", __LINE__, __FILE__, $sql);

}

}

}

//

// Now we'll delete all entries from the session table with any of the banned

// user or IP info just entered into the ban table ... this will force a session

// initialisation resulting in an instant ban

//

if ( $kill_session_sql != '' )

{

$sql = "DELETE FROM " . SESSIONS_TABLE . "

WHERE $kill_session_sql";

if ( !$db->sql_query($sql) )

{

message_die(GENERAL_ERROR, "Couldn't delete banned sessions from database", "", __LINE__, __FILE__, $sql);

}

}

for($i = 0; $i < count($email_list); $i++)

{

$in_banlist = false;

for($j = 0; $j < count($current_banlist); $j++)

{

if ( $email_list[$i] == $current_banlist[$j]['ban_email'] )

{

$in_banlist = true;

}

}

if ( !$in_banlist )

{

$sql = "INSERT INTO " . BANLIST_TABLE . " (ban_email)

VALUES ('" . str_replace("'", "''", $email_list[$i]) . "')";

if ( !$db->sql_query($sql) )

{

message_die(GENERAL_ERROR, "Couldn't insert ban_email info into database", "", __LINE__, __FILE__, $sql);

}

}

}

$where_sql = '';

if ( isset($HTTP_POST_VARS['unban_user']) )

{

$user_list = $HTTP_POST_VARS['unban_user'];

for($i = 0; $i < count($user_list); $i++)

{

if ( $user_list[$i] != -1 )

{

$where_sql .= ( ( $where_sql != '' ) ? ', ' : '' ) . $user_list[$i];

}

}

}

if ( isset($HTTP_POST_VARS['unban_ip']) )

{

$ip_list = $HTTP_POST_VARS['unban_ip'];

for($i = 0; $i < count($ip_list); $i++)

{

if ( $ip_list[$i] != -1 )

{

$where_sql .= ( ( $where_sql != '' ) ? ', ' : '' ) . $ip_list[$i];

}

}

}

if ( isset($HTTP_POST_VARS['unban_email']) )

{

$email_list = $HTTP_POST_VARS['unban_email'];

for($i = 0; $i < count($email_list); $i++)

{

if ( $email_list[$i] != -1 )

{

$where_sql .= ( ( $where_sql != '' ) ? ', ' : '' ) . $email_list[$i];

}

}

}

if ( $where_sql != '' )

{

$sql = "DELETE FROM " . BANLIST_TABLE . "

WHERE ban_id IN ($where_sql)";

if ( !$db->sql_query($sql) )

{

message_die(GENERAL_ERROR, "Couldn't delete ban info from database", "", __LINE__, __FILE__, $sql);

}

}

$message = $lang['Ban_update_sucessful'] . '

' . sprintf($lang['Click_return_banadmin'], '', '') . '

' . sprintf($lang['Click_return_admin_index'], '', '');

message_die(GENERAL_MESSAGE, $message);

}

else

{

$template->set_filenames(array(

'body' => 'admin/user_ban_body.tpl')

);

$template->assign_vars(array(

'L_BAN_TITLE' => $lang['Ban_control'],

'L_BAN_EXPLAIN' => $lang['Ban_explain'],

'L_BAN_EXPLAIN_WARN' => $lang['Ban_explain_warn'],

'L_IP_OR_HOSTNAME' => $lang['IP_hostname'],

'L_EMAIL_ADDRESS' => $lang['Email_address'],

'L_SUBMIT' => $lang['Submit'],

'L_RESET' => $lang['Reset'],

'S_BANLIST_ACTION' => append_sid("admin_user_ban.$phpEx"))

);

$template->assign_vars(array(

'L_BAN_USER' => $lang['Ban_username'],

'L_BAN_USER_EXPLAIN' => $lang['Ban_username_explain'],

'L_BAN_IP' => $lang['Ban_IP'],

'L_BAN_IP_EXPLAIN' => $lang['Ban_IP_explain'],

'L_BAN_EMAIL' => $lang['Ban_email'],

'L_BAN_EMAIL_EXPLAIN' => $lang['Ban_email_explain'])

);

$userban_count = 0;

$ipban_count = 0;

$emailban_count = 0;

$sql = "SELECT b.ban_id, u.user_id, u.username

FROM " . BANLIST_TABLE . " b, " . USERS_TABLE . " u

WHERE u.user_id = b.ban_userid

AND b.ban_userid <> 0

AND u.user_id <> " . ANONYMOUS . "

ORDER BY u.user_id ASC";

if ( !($result = $db->sql_query($sql)) )

{

message_die(GENERAL_ERROR, 'Could not select current user_id ban list', '', __LINE__, __FILE__, $sql);

}

$user_list = $db->sql_fetchrowset($result);

$db->sql_freeresult($result);

$select_userlist = '';

for($i = 0; $i < count($user_list); $i++)

{

$select_userlist .= '';

$userban_count++;

}

if( $select_userlist == '' )

{

$select_userlist = '';

}

$select_userlist = '<select name="unban_user[]" multiple="multiple" size="5">' . $select_userlist . '';

$sql = "SELECT ban_id, ban_ip, ban_email

FROM " . BANLIST_TABLE;

if ( !($result = $db->sql_query($sql)) )

{

message_die(GENERAL_ERROR, 'Could not select current ip ban list', '', __LINE__, __FILE__, $sql);

}

$banlist = $db->sql_fetchrowset($result);

$db->sql_freeresult($result);

$select_iplist = '';

$select_emaillist = '';

for($i = 0; $i < count($banlist); $i++)

{

$ban_id = $banlist[$i]['ban_id'];

if ( !empty($banlist[$i]['ban_ip']) )

{

$ban_ip = str_replace('255', '*', decode_ip($banlist[$i]['ban_ip']));

$select_iplist .= '';

$ipban_count++;

}

else if ( !empty($banlist[$i]['ban_email']) )

{

$ban_email = $banlist[$i]['ban_email'];

$select_emaillist .= '';

$emailban_count++;

}

}

if ( $select_iplist == '' )

{

$select_iplist = '';

}

if ( $select_emaillist == '' )

{

$select_emaillist = '';

}

$select_iplist = '<select name="unban_ip[]" multiple="multiple" size="5">' . $select_iplist . '';

$select_emaillist = '<select name="unban_email[]" multiple="multiple" size="5">' . $select_emaillist . '';

$template->assign_vars(array(

'L_UNBAN_USER' => $lang['Unban_username'],

'L_UNBAN_USER_EXPLAIN' => $lang['Unban_username_explain'],

'L_UNBAN_IP' => $lang['Unban_IP'],

'L_UNBAN_IP_EXPLAIN' => $lang['Unban_IP_explain'],

'L_UNBAN_EMAIL' => $lang['Unban_email'],

'L_UNBAN_EMAIL_EXPLAIN' => $lang['Unban_email_explain'],

'L_USERNAME' => $lang['Username'],

'L_LOOK_UP' => $lang['Look_up_User'],

'L_FIND_USERNAME' => $lang['Find_username'],

'U_SEARCH_USER' => append_sid("search.$phpEx?mode=searchuser&popup=1&menu=1"),

'S_UNBAN_USERLIST_SELECT' => $select_userlist,

'S_UNBAN_IPLIST_SELECT' => $select_iplist,

'S_UNBAN_EMAILLIST_SELECT' => $select_emaillist,

'S_BAN_ACTION' => append_sid("admin_user_ban.$phpEx"))

);

}

$template->pparse('body');

include('./page_footer_admin.'.$phpEx);

?>

相关推荐