Changeset 3 for branches/rsr.v5.1.dev/web/punbb/admin_bans.php
- Timestamp:
- Nov 14, 2011, 11:17:15 PM (12 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/rsr.v5.1.dev/web/punbb/admin_bans.php
r1 r3 1 1 <?php 2 /*********************************************************************** 3 4 Copyright (C) 2002-2005 Rickard Andersson (rickard@punbb.org) 5 6 This file is part of PunBB. 7 8 PunBB is free software; you can redistribute it and/or modify it 9 under the terms of the GNU General Public License as published 10 by the Free Software Foundation; either version 2 of the License, 11 or (at your option) any later version. 12 13 PunBB is distributed in the hope that it will be useful, but 14 WITHOUT ANY WARRANTY; without even the implied warranty of 15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 GNU General Public License for more details. 17 18 You should have received a copy of the GNU General Public License 19 along with this program; if not, write to the Free Software 20 Foundation, Inc., 59 Temple Place, Suite 330, Boston, 21 MA 02111-1307 USA 22 23 ************************************************************************/ 24 2 3 /** 4 * Copyright (C) 2008-2011 FluxBB 5 * based on code by Rickard Andersson copyright (C) 2002-2008 PunBB 6 * License: http://www.gnu.org/licenses/gpl.html GPL version 2 or higher 7 */ 25 8 26 9 // Tell header.php to use the admin template 27 10 define('PUN_ADMIN_CONSOLE', 1); 28 11 29 define('PUN_ROOT', './');12 define('PUN_ROOT', dirname(__FILE__).'/'); 30 13 require PUN_ROOT.'include/common.php'; 31 14 require PUN_ROOT.'include/common_admin.php'; 32 15 33 16 34 if ($pun_user['g_id'] > PUN_MOD || ($pun_user['g_id'] == PUN_MOD && $pun_config['p_mod_ban_users'] == '0'))17 if ($pun_user['g_id'] != PUN_ADMIN && ($pun_user['g_moderator'] != '1' || $pun_user['g_mod_ban_users'] == '0')) 35 18 message($lang_common['No permission']); 36 19 20 // Load the admin_bans.php language file 21 require PUN_ROOT.'lang/'.$admin_language.'/admin_bans.php'; 37 22 38 23 // Add/edit a ban (stage 1) … … 41 26 if (isset($_GET['add_ban']) || isset($_POST['add_ban'])) 42 27 { 43 // If the idof the user to ban was provided through GET (a link from profile.php)28 // If the ID of the user to ban was provided through GET (a link from profile.php) 44 29 if (isset($_GET['add_ban'])) 45 30 { 46 $ add_ban= intval($_GET['add_ban']);47 if ($ add_ban< 2)31 $user_id = intval($_GET['add_ban']); 32 if ($user_id < 2) 48 33 message($lang_common['Bad request']); 49 34 50 $user_id = $add_ban; 51 52 $result = $db->query('SELECT group_id, username, email FROM '.$db->prefix.'users WHERE id='.$user_id) or error('Impossible de retrouver les informations utilisateur', __FILE__, __LINE__, $db->error()); 35 $result = $db->query('SELECT group_id, username, email FROM '.$db->prefix.'users WHERE id='.$user_id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error()); 53 36 if ($db->num_rows($result)) 54 37 list($group_id, $ban_user, $ban_email) = $db->fetch_row($result); 55 38 else 56 message( 'Aucun utilisateur enregistré sous cet identifiant (ID).');57 } 58 else 59 { 60 $ban_user = trim($_POST['new_ban_user']);39 message($lang_admin_bans['No user ID message']); 40 } 41 else // Otherwise the username is in POST 42 { 43 $ban_user = pun_trim($_POST['new_ban_user']); 61 44 62 45 if ($ban_user != '') 63 46 { 64 $result = $db->query('SELECT id, group_id, username, email FROM '.$db->prefix.'users WHERE username=\''.$db->escape($ban_user).'\' AND id>1') or error(' Impossible de retrouver les informations utilisateur', __FILE__, __LINE__, $db->error());47 $result = $db->query('SELECT id, group_id, username, email FROM '.$db->prefix.'users WHERE username=\''.$db->escape($ban_user).'\' AND id>1') or error('Unable to fetch user info', __FILE__, __LINE__, $db->error()); 65 48 if ($db->num_rows($result)) 66 49 list($user_id, $group_id, $ban_user, $ban_email) = $db->fetch_row($result); 67 50 else 68 message( 'Aucun utilisateur enregistré sous ce nom d\'utilisateur. Si vous souhaitez ajouter un bannissement qui ne soit pas lié à un nom d\'utilisateur particulier, laissez la case vide.');51 message($lang_admin_bans['No user message']); 69 52 } 70 53 } 71 54 72 // Make sure we're not banning an admin 73 if (isset($group_id) && $group_id == PUN_ADMIN) 74 message('L\'utilisateur '.pun_htmlspecialchars($ban_user).' est un administrateur, il ne peut être bannis. Si vous souhaitez bannir un administrateur, vous devez d\'abord le rétrograder soit modérateur soit utilisateur.'); 55 // Make sure we're not banning an admin or moderator 56 if (isset($group_id)) 57 { 58 if ($group_id == PUN_ADMIN) 59 message(sprintf($lang_admin_bans['User is admin message'], pun_htmlspecialchars($ban_user))); 60 61 $result = $db->query('SELECT g_moderator FROM '.$db->prefix.'groups WHERE g_id='.$group_id) or error('Unable to fetch group info', __FILE__, __LINE__, $db->error()); 62 $is_moderator_group = $db->result($result); 63 64 if ($is_moderator_group) 65 message(sprintf($lang_admin_bans['User is mod message'], pun_htmlspecialchars($ban_user))); 66 } 75 67 76 68 // If we have a $user_id, we can try to find the last known IP of that user 77 69 if (isset($user_id)) 78 70 { 79 $result = $db->query('SELECT poster_ip FROM '.$db->prefix.'posts WHERE poster_id='.$user_id.' ORDER BY posted DESC LIMIT 1') or error(' Impossible de retrouver les informations des messages', __FILE__, __LINE__, $db->error());71 $result = $db->query('SELECT poster_ip FROM '.$db->prefix.'posts WHERE poster_id='.$user_id.' ORDER BY posted DESC LIMIT 1') or error('Unable to fetch post info', __FILE__, __LINE__, $db->error()); 80 72 $ban_ip = ($db->num_rows($result)) ? $db->result($result) : ''; 73 74 if ($ban_ip == '') 75 { 76 $result = $db->query('SELECT registration_ip FROM '.$db->prefix.'users WHERE id='.$user_id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error()); 77 $ban_ip = ($db->num_rows($result)) ? $db->result($result) : ''; 78 } 81 79 } 82 80 83 81 $mode = 'add'; 84 82 } 85 else 83 else // We are editing a ban 86 84 { 87 85 $ban_id = intval($_GET['edit_ban']); … … 89 87 message($lang_common['Bad request']); 90 88 91 $result = $db->query('SELECT username, ip, email, message, expire FROM '.$db->prefix.'bans WHERE id='.$ban_id) or error(' Impossible de retrouver les informations de bannissement', __FILE__, __LINE__, $db->error());89 $result = $db->query('SELECT username, ip, email, message, expire FROM '.$db->prefix.'bans WHERE id='.$ban_id) or error('Unable to fetch ban info', __FILE__, __LINE__, $db->error()); 92 90 if ($db->num_rows($result)) 93 91 list($ban_user, $ban_ip, $ban_email, $ban_message, $ban_expire) = $db->fetch_row($result); … … 95 93 message($lang_common['Bad request']); 96 94 97 $ban_expire = ($ban_expire != '') ? date('Y-m-d', $ban_expire) : ''; 95 $diff = ($pun_user['timezone'] + $pun_user['dst']) * 3600; 96 $ban_expire = ($ban_expire != '') ? gmdate('Y-m-d', $ban_expire + $diff) : ''; 98 97 99 98 $mode = 'edit'; 100 99 } 101 100 102 $page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / Admin / Bannissements';101 $page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_admin_common['Admin'], $lang_admin_common['Bans']); 103 102 $focus_element = array('bans2', 'ban_user'); 103 define('PUN_ACTIVE_PAGE', 'admin'); 104 104 require PUN_ROOT.'header.php'; 105 105 106 106 generate_admin_menu('bans'); 107 108 107 109 108 ?> 110 109 <div class="blockform"> 111 <h2><span> Réglages de bannissement avancés</span></h2>110 <h2><span><?php echo $lang_admin_bans['Ban advanced head'] ?></span></h2> 112 111 <div class="box"> 113 112 <form id="bans2" method="post" action="admin_bans.php"> … … 116 115 <?php if ($mode == 'edit'): ?> <input type="hidden" name="ban_id" value="<?php echo $ban_id ?>" /> 117 116 <?php endif; ?> <fieldset> 118 <legend> Bannissement supplémentaire avec <acronym title="Internet Protocol" lang="en">IP</acronym> est adresse e-mail</legend>117 <legend><?php echo $lang_admin_bans['Ban advanced subhead'] ?></legend> 119 118 <div class="infldset"> 120 119 <table class="aligntop" cellspacing="0"> 121 120 <tr> 122 <th scope="row"> Nom d'utilisateur</th>121 <th scope="row"><?php echo $lang_admin_bans['Username label'] ?></th> 123 122 <td> 124 123 <input type="text" name="ban_user" size="25" maxlength="25" value="<?php if (isset($ban_user)) echo pun_htmlspecialchars($ban_user); ?>" tabindex="1" /> 125 <span> Le nom d'utilisateur à bannir.</span>126 </td> 127 </tr> 128 <tr> 129 <th scope="row"> Adresses <acronym title="Internet Protocol" lang="en">IP</acronym></th>124 <span><?php echo $lang_admin_bans['Username help'] ?></span> 125 </td> 126 </tr> 127 <tr> 128 <th scope="row"><?php echo $lang_admin_bans['IP label'] ?></th> 130 129 <td> 131 130 <input type="text" name="ban_ip" size="45" maxlength="255" value="<?php if (isset($ban_ip)) echo $ban_ip; ?>" tabindex="2" /> 132 <span> Une adresse <acronym title="Internet Protocol" lang="en">IP</acronym> ou une plage d'adresses <acronym title="Internet Protocol" lang="en">IP</acronym> que vous souhaitez bannir (<abbr title="exemple">ex.</abbr> 150.11.110.1 ou 150.11.110). Séparez les adresses par des espaces. Si une adresse <acronym title="Internet Protocol" lang="en">IP</acronym> apparaît déjà , il s'agit de la derniÚre adresse IP connue de l'utilisateur dans la base de données.<?php if ($ban_user != '' && isset($user_id)) echo ' <a href="admin_users.php?ip_stats='.$user_id.'">Cliquez ici</a> pour voir les statistiques <acronym title="Internet Protocol" lang="en">IP</acronym> de cet utilisateur.'?></span>133 </td> 134 </tr> 135 <tr> 136 <th scope="row"> E-mail/domaine</th>137 <td> 138 <input type="text" name="ban_email" size="40" maxlength=" 50" value="<?php if (isset($ban_email)) echo strtolower($ban_email); ?>" tabindex="3" />139 <span> L'adresse e-mail ou le domaine e-mail que vous souhaitez bannir (<abbr title="exemple">ex.</abbr> utilisateur@domaine.com ou domaine.com). Pour plus d'informations, voir "Autoriser les adresses e-mail bannies" à la page des Permissions.</span>131 <span><?php echo $lang_admin_bans['IP help'] ?><?php if ($ban_user != '' && isset($user_id)) printf(' '.$lang_admin_bans['IP help link'], '<a href="admin_users.php?ip_stats='.$user_id.'">'.$lang_admin_common['here'].'</a>') ?></span> 132 </td> 133 </tr> 134 <tr> 135 <th scope="row"><?php echo $lang_admin_bans['E-mail label'] ?></th> 136 <td> 137 <input type="text" name="ban_email" size="40" maxlength="80" value="<?php if (isset($ban_email)) echo $ban_email; ?>" tabindex="3" /> 138 <span><?php echo $lang_admin_bans['E-mail help'] ?></span> 140 139 </td> 141 140 </tr> 142 141 </table> 143 <p class="topspace"><strong class="warntext"> Vous devez êtres trÚs vigilant lorsque vous bannissez une plage d'<acronym title="Internet Protocol" lang="en">IP</acronym> car il y a fort probablement plusieurs utilisateurs qui correspondent à la même <acronym title="Internet Protocol" lang="en">IP</acronym> partielle.</strong></p>142 <p class="topspace"><strong class="warntext"><?php echo $lang_admin_bans['Ban IP range info'] ?></strong></p> 144 143 </div> 145 144 </fieldset> … … 147 146 <div class="inform"> 148 147 <fieldset> 149 <legend> Message et échéance d'interdiction</legend>148 <legend><?php echo $lang_admin_bans['Message expiry subhead'] ?></legend> 150 149 <div class="infldset"> 151 150 <table class="aligntop" cellspacing="0"> 152 151 <tr> 153 <th scope="row"> Message d'interdiction</th>152 <th scope="row"><?php echo $lang_admin_bans['Ban message label'] ?></th> 154 153 <td> 155 154 <input type="text" name="ban_message" size="50" maxlength="255" value="<?php if (isset($ban_message)) echo pun_htmlspecialchars($ban_message); ?>" tabindex="4" /> 156 <span> Le message qui sera affiché à l'utilisateur banni lorsqu'il visitera les forums.</span>157 </td> 158 </tr> 159 <tr> 160 <th scope="row"> Ãchéance d'interdiction</th>155 <span><?php echo $lang_admin_bans['Ban message help'] ?></span> 156 </td> 157 </tr> 158 <tr> 159 <th scope="row"><?php echo $lang_admin_bans['Expire date label'] ?></th> 161 160 <td> 162 161 <input type="text" name="ban_expire" size="17" maxlength="10" value="<?php if (isset($ban_expire)) echo $ban_expire; ?>" tabindex="5" /> 163 <span> La date à laquelle ce bannissement sera automatiquement supprimé (format: AAAA-MM-JJ). Pour supprimer manuellement, laissez ce champ vide.</span>162 <span><?php echo $lang_admin_bans['Expire date help'] ?></span> 164 163 </td> 165 164 </tr> … … 168 167 </fieldset> 169 168 </div> 170 <p class="submitend"><input type="submit" name="add_edit_ban" value=" Enregistrer" tabindex="6" /></p>169 <p class="submitend"><input type="submit" name="add_edit_ban" value="<?php echo $lang_admin_common['Save'] ?>" tabindex="6" /></p> 171 170 </form> 172 171 </div> … … 179 178 } 180 179 181 182 180 // Add/edit a ban (stage 2) 183 181 else if (isset($_POST['add_edit_ban'])) … … 185 183 confirm_referrer('admin_bans.php'); 186 184 187 $ban_user = trim($_POST['ban_user']);185 $ban_user = pun_trim($_POST['ban_user']); 188 186 $ban_ip = trim($_POST['ban_ip']); 189 187 $ban_email = strtolower(trim($_POST['ban_email'])); 190 $ban_message = trim($_POST['ban_message']);188 $ban_message = pun_trim($_POST['ban_message']); 191 189 $ban_expire = trim($_POST['ban_expire']); 192 190 193 191 if ($ban_user == '' && $ban_ip == '' && $ban_email == '') 194 message('Vous devez saisir au moins soit un nom d\'utilisateur, soit une adresse <acronym title="Internet Protocol" lang="en">IP</acronym> ou une adresse e-mail.'); 192 message($lang_admin_bans['Must enter message']); 193 else if (strtolower($ban_user) == 'guest') 194 message($lang_admin_bans['Cannot ban guest message']); 195 196 // Make sure we're not banning an admin or moderator 197 if (!empty($ban_user)) 198 { 199 $result = $db->query('SELECT group_id FROM '.$db->prefix.'users WHERE username=\''.$db->escape($ban_user).'\' AND id>1') or error('Unable to fetch user info', __FILE__, __LINE__, $db->error()); 200 if ($db->num_rows($result)) 201 { 202 $group_id = $db->result($result); 203 204 if ($group_id == PUN_ADMIN) 205 message(sprintf($lang_admin_bans['User is admin message'], pun_htmlspecialchars($ban_user))); 206 207 $result = $db->query('SELECT g_moderator FROM '.$db->prefix.'groups WHERE g_id='.$group_id) or error('Unable to fetch group info', __FILE__, __LINE__, $db->error()); 208 $is_moderator_group = $db->result($result); 209 210 if ($is_moderator_group) 211 message(sprintf($lang_admin_bans['User is mod message'], pun_htmlspecialchars($ban_user))); 212 } 213 } 195 214 196 215 // Validate IP/IP range (it's overkill, I know) 197 216 if ($ban_ip != '') 198 217 { 199 $ban_ip = preg_replace(' /[\s]{2,}/', ' ', $ban_ip);218 $ban_ip = preg_replace('%\s{2,}%S', ' ', $ban_ip); 200 219 $addresses = explode(' ', $ban_ip); 201 $addresses = array_map(' trim', $addresses);220 $addresses = array_map('pun_trim', $addresses); 202 221 203 222 for ($i = 0; $i < count($addresses); ++$i) 204 223 { 205 $octets = explode('.', $addresses[$i]); 206 207 for ($c = 0; $c < count($octets); ++$c) 224 if (strpos($addresses[$i], ':') !== false) 208 225 { 209 $octets[$c] = (strlen($octets[$c]) > 1) ? ltrim($octets[$c], "0") : $octets[$c]; 210 211 if ($c > 3 || preg_match('/[^0-9]/', $octets[$c]) || intval($octets[$c]) > 255) 212 message('Vous avez saisi une <acronym title="Internet Protocol" lang="en">IP</acronym>/plage d\'<acronym title="Internet Protocol" lang="en">IP</acronym> incorrecte.'); 226 $octets = explode(':', $addresses[$i]); 227 228 for ($c = 0; $c < count($octets); ++$c) 229 { 230 $octets[$c] = ltrim($octets[$c], "0"); 231 232 if ($c > 7 || (!empty($octets[$c]) && !ctype_xdigit($octets[$c])) || intval($octets[$c], 16) > 65535) 233 message($lang_admin_bans['Invalid IP message']); 234 } 235 236 $cur_address = implode(':', $octets); 237 $addresses[$i] = $cur_address; 213 238 } 214 215 $cur_address = implode('.', $octets); 216 $addresses[$i] = $cur_address; 239 else 240 { 241 $octets = explode('.', $addresses[$i]); 242 243 for ($c = 0; $c < count($octets); ++$c) 244 { 245 $octets[$c] = (strlen($octets[$c]) > 1) ? ltrim($octets[$c], "0") : $octets[$c]; 246 247 if ($c > 3 || preg_match('%[^0-9]%', $octets[$c]) || intval($octets[$c]) > 255) 248 message($lang_admin_bans['Invalid IP message']); 249 } 250 251 $cur_address = implode('.', $octets); 252 $addresses[$i] = $cur_address; 253 } 217 254 } 218 255 … … 223 260 if ($ban_email != '' && !is_valid_email($ban_email)) 224 261 { 225 if (!preg_match(' /^[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,4})$/', $ban_email))226 message( 'L\'adresse e-mail (<abbr title="exemple">ex.</abbr> utilisateur@domaine.com) ou le domaine d\'adresse e-mail (<abbr title="exemple">ex.</abbr> domaine.com) que vous avez saisi est incorrect.');262 if (!preg_match('%^[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,4})$%', $ban_email)) 263 message($lang_admin_bans['Invalid e-mail message']); 227 264 } 228 265 229 266 if ($ban_expire != '' && $ban_expire != 'Never') 230 267 { 231 $ban_expire = strtotime($ban_expire); 232 233 if ($ban_expire == -1 || $ban_expire <= time()) 234 message('Vous avez saisi une date d\'échéance incorrecte. Le format doit être AAAA-MM-JJ et la date doit-être d\'au moins un jour dans le futur.'); 268 $ban_expire = strtotime($ban_expire.' GMT'); 269 270 if ($ban_expire == -1 || !$ban_expire) 271 message($lang_admin_bans['Invalid date message'].' '.$lang_admin_bans['Invalid date reasons']); 272 273 $diff = ($pun_user['timezone'] + $pun_user['dst']) * 3600; 274 $ban_expire -= $diff; 275 276 if ($ban_expire <= time()) 277 message($lang_admin_bans['Invalid date message'].' '.$lang_admin_bans['Invalid date reasons']); 235 278 } 236 279 else … … 243 286 244 287 if ($_POST['mode'] == 'add') 245 $db->query('INSERT INTO '.$db->prefix.'bans (username, ip, email, message, expire ) VALUES('.$ban_user.', '.$ban_ip.', '.$ban_email.', '.$ban_message.', '.$ban_expire.')') or error('Impossible d\'ajouter le bannissement', __FILE__, __LINE__, $db->error());288 $db->query('INSERT INTO '.$db->prefix.'bans (username, ip, email, message, expire, ban_creator) VALUES('.$ban_user.', '.$ban_ip.', '.$ban_email.', '.$ban_message.', '.$ban_expire.', '.$pun_user['id'].')') or error('Unable to add ban', __FILE__, __LINE__, $db->error()); 246 289 else 247 $db->query('UPDATE '.$db->prefix.'bans SET username='.$ban_user.', ip='.$ban_ip.', email='.$ban_email.', message='.$ban_message.', expire='.$ban_expire.' WHERE id='.intval($_POST['ban_id'])) or error(' Impossible de modifier le bannissement', __FILE__, __LINE__, $db->error());290 $db->query('UPDATE '.$db->prefix.'bans SET username='.$ban_user.', ip='.$ban_ip.', email='.$ban_email.', message='.$ban_message.', expire='.$ban_expire.' WHERE id='.intval($_POST['ban_id'])) or error('Unable to update ban', __FILE__, __LINE__, $db->error()); 248 291 249 292 // Regenerate the bans cache 250 require_once PUN_ROOT.'include/cache.php'; 293 if (!defined('FORUM_CACHE_FUNCTIONS_LOADED')) 294 require PUN_ROOT.'include/cache.php'; 295 251 296 generate_bans_cache(); 252 297 253 redirect('admin_bans.php', 'Bannissement '.(($_POST['mode'] == 'edit') ? 'modifié' : 'ajouté').'. Redirection ...'); 298 if ($_POST['mode'] == 'edit') 299 redirect('admin_bans.php', $lang_admin_bans['Ban edited redirect']); 300 else 301 redirect('admin_bans.php', $lang_admin_bans['Ban added redirect']); 254 302 } 255 256 303 257 304 // Remove a ban … … 264 311 message($lang_common['Bad request']); 265 312 266 $db->query('DELETE FROM '.$db->prefix.'bans WHERE id='.$ban_id) or error(' Impossible de supprimer le bannissement', __FILE__, __LINE__, $db->error());313 $db->query('DELETE FROM '.$db->prefix.'bans WHERE id='.$ban_id) or error('Unable to delete ban', __FILE__, __LINE__, $db->error()); 267 314 268 315 // Regenerate the bans cache 269 require_once PUN_ROOT.'include/cache.php'; 316 if (!defined('FORUM_CACHE_FUNCTIONS_LOADED')) 317 require PUN_ROOT.'include/cache.php'; 318 270 319 generate_bans_cache(); 271 320 272 redirect('admin_bans.php', 'Bannissement supprimé. Redirection ...');321 redirect('admin_bans.php', $lang_admin_bans['Ban removed redirect']); 273 322 } 274 323 275 276 $page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / Admin / Bannissement'; 324 // Find bans 325 else if (isset($_GET['find_ban'])) 326 { 327 $form = isset($_GET['form']) ? $_GET['form'] : array(); 328 329 // trim() all elements in $form 330 $form = array_map('pun_trim', $form); 331 $conditions = $query_str = array(); 332 333 $expire_after = isset($_GET['expire_after']) ? trim($_GET['expire_after']) : ''; 334 $expire_before = isset($_GET['expire_before']) ? trim($_GET['expire_before']) : ''; 335 $order_by = isset($_GET['order_by']) && in_array($_GET['order_by'], array('username', 'ip', 'email', 'expire')) ? 'b.'.$_GET['order_by'] : 'b.username'; 336 $direction = isset($_GET['direction']) && $_GET['direction'] == 'DESC' ? 'DESC' : 'ASC'; 337 338 $query_str[] = 'order_by='.$order_by; 339 $query_str[] = 'direction='.$direction; 340 341 // Try to convert date/time to timestamps 342 if ($expire_after != '') 343 { 344 $query_str[] = 'expire_after='.$expire_after; 345 346 $expire_after = strtotime($expire_after); 347 if ($expire_after === false || $expire_after == -1) 348 message($lang_admin_bans['Invalid date message']); 349 350 $conditions[] = 'b.expire>'.$expire_after; 351 } 352 if ($expire_before != '') 353 { 354 $query_str[] = 'expire_before='.$expire_before; 355 356 $expire_before = strtotime($expire_before); 357 if ($expire_before === false || $expire_before == -1) 358 message($lang_admin_bans['Invalid date message']); 359 360 $conditions[] = 'b.expire<'.$expire_before; 361 } 362 363 $like_command = ($db_type == 'pgsql') ? 'ILIKE' : 'LIKE'; 364 foreach ($form as $key => $input) 365 { 366 if ($input != '' && in_array($key, array('username', 'ip', 'email', 'message'))) 367 { 368 $conditions[] = 'b.'.$db->escape($key).' '.$like_command.' \''.$db->escape(str_replace('*', '%', $input)).'\''; 369 $query_str[] = 'form%5B'.$key.'%5D='.urlencode($input); 370 } 371 } 372 373 // Fetch ban count 374 $result = $db->query('SELECT COUNT(id) FROM '.$db->prefix.'bans as b WHERE b.id>0'.(!empty($conditions) ? ' AND '.implode(' AND ', $conditions) : '')) or error('Unable to fetch ban list', __FILE__, __LINE__, $db->error()); 375 $num_bans = $db->result($result); 376 377 // Determine the ban offset (based on $_GET['p']) 378 $num_pages = ceil($num_bans / 50); 379 380 $p = (!isset($_GET['p']) || $_GET['p'] <= 1 || $_GET['p'] > $num_pages) ? 1 : intval($_GET['p']); 381 $start_from = 50 * ($p - 1); 382 383 // Generate paging links 384 $paging_links = '<span class="pages-label">'.$lang_common['Pages'].' </span>'.paginate($num_pages, $p, 'admin_bans.php?find_ban=&'.implode('&', $query_str)); 385 386 $page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_admin_common['Admin'], $lang_admin_common['Bans'], $lang_admin_bans['Results head']); 387 define('PUN_ACTIVE_PAGE', 'admin'); 388 require PUN_ROOT.'header.php'; 389 390 ?> 391 <div class="linkst"> 392 <div class="inbox crumbsplus"> 393 <ul class="crumbs"> 394 <li><a href="admin_index.php"><?php echo $lang_admin_common['Admin'].' '.$lang_admin_common['Index'] ?></a></li> 395 <li><span>» </span><a href="admin_bans.php"><?php echo $lang_admin_common['Bans'] ?></a></li> 396 <li><span>» </span><strong><?php echo $lang_admin_bans['Results head'] ?></strong></li> 397 </ul> 398 <div class="pagepost"> 399 <p class="pagelink"><?php echo $paging_links ?></p> 400 </div> 401 <div class="clearer"></div> 402 </div> 403 </div> 404 405 406 <div id="bans1" class="blocktable"> 407 <h2><span><?php echo $lang_admin_bans['Results head'] ?></span></h2> 408 <div class="box"> 409 <div class="inbox"> 410 <table cellspacing="0"> 411 <thead> 412 <tr> 413 <th class="tcl" scope="col"><?php echo $lang_admin_bans['Results username head'] ?></th> 414 <th class="tc2" scope="col"><?php echo $lang_admin_bans['Results e-mail head'] ?></th> 415 <th class="tc3" scope="col"><?php echo $lang_admin_bans['Results IP address head'] ?></th> 416 <th class="tc4" scope="col"><?php echo $lang_admin_bans['Results expire head'] ?></th> 417 <th class="tc5" scope="col"><?php echo $lang_admin_bans['Results message head'] ?></th> 418 <th class="tc6" scope="col"><?php echo $lang_admin_bans['Results banned by head'] ?></th> 419 <th class="tcr" scope="col"><?php echo $lang_admin_bans['Results actions head'] ?></th> 420 </tr> 421 </thead> 422 <tbody> 423 <?php 424 425 $result = $db->query('SELECT b.id, b.username, b.ip, b.email, b.message, b.expire, b.ban_creator, u.username AS ban_creator_username FROM '.$db->prefix.'bans AS b LEFT JOIN '.$db->prefix.'users AS u ON b.ban_creator=u.id WHERE b.id>0'.(!empty($conditions) ? ' AND '.implode(' AND ', $conditions) : '').' ORDER BY '.$db->escape($order_by).' '.$db->escape($direction).' LIMIT '.$start_from.', 50') or error('Unable to fetch ban list', __FILE__, __LINE__, $db->error()); 426 if ($db->num_rows($result)) 427 { 428 while ($ban_data = $db->fetch_assoc($result)) 429 { 430 431 $actions = '<a href="admin_bans.php?edit_ban='.$ban_data['id'].'">'.$lang_admin_common['Edit'].'</a> | <a href="admin_bans.php?del_ban='.$ban_data['id'].'">'.$lang_admin_common['Remove'].'</a>'; 432 $expire = format_time($ban_data['expire'], true); 433 434 ?> 435 <tr> 436 <td class="tcl"><?php echo ($ban_data['username'] != '') ? pun_htmlspecialchars($ban_data['username']) : ' ' ?></td> 437 <td class="tc2"><?php echo ($ban_data['email'] != '') ? $ban_data['email'] : ' ' ?></td> 438 <td class="tc3"><?php echo ($ban_data['ip'] != '') ? $ban_data['ip'] : ' ' ?></td> 439 <td class="tc4"><?php echo $expire ?></td> 440 <td class="tc5"><?php echo ($ban_data['message'] != '') ? pun_htmlspecialchars($ban_data['message']) : ' ' ?></td> 441 <td class="tc6"><?php echo ($ban_data['ban_creator_username'] != '') ? '<a href="profile.php?id='.$ban_data['ban_creator'].'">'.pun_htmlspecialchars($ban_data['ban_creator_username']).'</a>' : $lang_admin_bans['Unknown'] ?></td> 442 <td class="tcr"><?php echo $actions ?></td> 443 </tr> 444 <?php 445 446 } 447 } 448 else 449 echo "\t\t\t\t".'<tr><td class="tcl" colspan="7">'.$lang_admin_bans['No match'].'</td></tr>'."\n"; 450 451 ?> 452 </tbody> 453 </table> 454 </div> 455 </div> 456 </div> 457 458 <div class="linksb"> 459 <div class="inbox crumbsplus"> 460 <div class="pagepost"> 461 <p class="pagelink"><?php echo $paging_links ?></p> 462 </div> 463 <ul class="crumbs"> 464 <li><a href="admin_index.php"><?php echo $lang_admin_common['Admin'].' '.$lang_admin_common['Index'] ?></a></li> 465 <li><span>» </span><a href="admin_bans.php"><?php echo $lang_admin_common['Bans'] ?></a></li> 466 <li><span>» </span><strong><?php echo $lang_admin_bans['Results head'] ?></strong></li> 467 </ul> 468 <div class="clearer"></div> 469 </div> 470 </div> 471 <?php 472 473 require PUN_ROOT.'footer.php'; 474 } 475 476 $page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_admin_common['Admin'], $lang_admin_common['Bans']); 277 477 $focus_element = array('bans', 'new_ban_user'); 478 define('PUN_ACTIVE_PAGE', 'admin'); 278 479 require PUN_ROOT.'header.php'; 279 480 … … 282 483 ?> 283 484 <div class="blockform"> 284 <h2><span> Nouveau bannissement</span></h2>485 <h2><span><?php echo $lang_admin_bans['New ban head'] ?></span></h2> 285 486 <div class="box"> 286 487 <form id="bans" method="post" action="admin_bans.php?action=more"> 287 488 <div class="inform"> 288 489 <fieldset> 289 <legend> Ajouter un bannissement</legend>490 <legend><?php echo $lang_admin_bans['Add ban subhead'] ?></legend> 290 491 <div class="infldset"> 291 492 <table class="aligntop" cellspacing="0"> 292 493 <tr> 293 <th scope="row"> Nom d'utilisateur<div><input type="submit" name="add_ban" value=" Ajouter" tabindex="2" /></div></th>494 <th scope="row"><?php echo $lang_admin_bans['Username label'] ?><div><input type="submit" name="add_ban" value="<?php echo $lang_admin_common['Add'] ?>" tabindex="2" /></div></th> 294 495 <td> 295 496 <input type="text" name="new_ban_user" size="25" maxlength="25" tabindex="1" /> 296 <span> Le nom d'utilisateur à bannir (insensible à la casse). La page suivante vous permettra d'entrer une adresse <acronym title="Internet Protocol" lang="en">IP</acronym> et/ou une adresse e-mail de votre choix. Si vous souhaitez bannir une adresse <acronym title="Internet Protocol" lang="en">IP</acronym>, une plage d'adresses <acronym title="Internet Protocol" lang="en">IP</acronym> ou une adresse e-mail, laissez simplement ce champ vide.</span>497 <span><?php echo $lang_admin_bans['Username advanced help'] ?></span> 297 498 </td> 298 499 </tr> … … 304 505 </div> 305 506 306 <h2 class="block2"><span> Bannissements actuels</span></h2>507 <h2 class="block2"><span><?php echo $lang_admin_bans['Ban search head'] ?></span></h2> 307 508 <div class="box"> 308 <div class="fakeform"> 309 <?php 310 311 $result = $db->query('SELECT id, username, ip, email, message, expire FROM '.$db->prefix.'bans ORDER BY id') or error('Impossible de retrouver la liste des bannissements', __FILE__, __LINE__, $db->error()); 312 if ($db->num_rows($result)) 313 { 314 while ($cur_ban = $db->fetch_assoc($result)) 315 { 316 $expire = format_time($cur_ban['expire'], true); 317 318 ?> 509 <form id="find_band" method="get" action="admin_bans.php"> 510 <p class="submittop"><input type="submit" name="find_ban" value="<?php echo $lang_admin_bans['Submit search'] ?>" tabindex="3" /></p> 319 511 <div class="inform"> 320 512 <fieldset> 321 <legend> Date d'échéance : <?php echo $expire?></legend>513 <legend><?php echo $lang_admin_bans['Ban search subhead'] ?></legend> 322 514 <div class="infldset"> 323 <table cellspacing="0"> 324 <?php if ($cur_ban['username'] != ''): ?> <tr> 325 <th>Nom d'utilisateur</th> 326 <td><?php echo pun_htmlspecialchars($cur_ban['username']) ?></td> 327 </tr> 328 <?php endif; ?><?php if ($cur_ban['email'] != ''): ?> <tr> 329 <th>E-mail</th> 330 <td><?php echo $cur_ban['email'] ?></td> 331 </tr> 332 <?php endif; ?><?php if ($cur_ban['ip'] != ''): ?> <tr> 333 <th><acronym title="Internet Protocol" lang="en">IP</acronym>/plage d'<acronym title="Internet Protocol" lang="en">IP</acronym></th> 334 <td><?php echo $cur_ban['ip'] ?></td> 335 </tr> 336 <?php endif; ?><?php if ($cur_ban['message'] != ''): ?> <tr> 337 <th>Motif</th> 338 <td><?php echo pun_htmlspecialchars($cur_ban['message']) ?></td> 339 </tr> 340 <?php endif; ?> </table> 341 <p class="linkactions"><a href="admin_bans.php?edit_ban=<?php echo $cur_ban['id'] ?>">Modifier</a> - <a href="admin_bans.php?del_ban=<?php echo $cur_ban['id'] ?>">Supprimer</a></p> 515 <p><?php echo $lang_admin_bans['Ban search info'] ?></p> 516 <table class="aligntop" cellspacing="0"> 517 <tr> 518 <th scope="row"><?php echo $lang_admin_bans['Username label'] ?></th> 519 <td><input type="text" name="form[username]" size="25" maxlength="25" tabindex="4" /></td> 520 </tr> 521 <tr> 522 <th scope="row"><?php echo $lang_admin_bans['IP label'] ?></th> 523 <td><input type="text" name="form[ip]" size="30" maxlength="255" tabindex="5" /></td> 524 </tr> 525 <tr> 526 <th scope="row"><?php echo $lang_admin_bans['E-mail label'] ?></th> 527 <td><input type="text" name="form[email]" size="30" maxlength="80" tabindex="6" /></td> 528 </tr> 529 <tr> 530 <th scope="row"><?php echo $lang_admin_bans['Message label'] ?></th> 531 <td><input type="text" name="form[message]" size="30" maxlength="255" tabindex="7" /></td> 532 </tr> 533 <tr> 534 <th scope="row"><?php echo $lang_admin_bans['Expire after label'] ?></th> 535 <td><input type="text" name="expire_after" size="10" maxlength="10" tabindex="8" /> 536 <span><?php echo $lang_admin_bans['Date help'] ?></span></td> 537 </tr> 538 <tr> 539 <th scope="row"><?php echo $lang_admin_bans['Expire before label'] ?></th> 540 <td><input type="text" name="expire_before" size="10" maxlength="10" tabindex="9" /> 541 <span><?php echo $lang_admin_bans['Date help'] ?></span></td> 542 </tr> 543 <tr> 544 <th scope="row"><?php echo $lang_admin_bans['Order by label'] ?></th> 545 <td> 546 <select name="order_by" tabindex="10"> 547 <option value="username" selected="selected"><?php echo $lang_admin_bans['Order by username'] ?></option> 548 <option value="ip"><?php echo $lang_admin_bans['Order by ip'] ?></option> 549 <option value="email"><?php echo $lang_admin_bans['Order by e-mail'] ?></option> 550 <option value="expire"><?php echo $lang_admin_bans['Order by expire'] ?></option> 551 </select>   <select name="direction" tabindex="11"> 552 <option value="ASC" selected="selected"><?php echo $lang_admin_bans['Ascending'] ?></option> 553 <option value="DESC"><?php echo $lang_admin_bans['Descending'] ?></option> 554 </select> 555 </td> 556 </tr> 557 </table> 342 558 </div> 343 559 </fieldset> 344 560 </div> 345 <?php 346 347 } 348 } 349 else 350 echo "\t\t\t\t".'<p>Aucun bannissement à lister.</p>'."\n"; 351 352 ?> 353 </div> 561 <p class="submitend"><input type="submit" name="find_ban" value="<?php echo $lang_admin_bans['Submit search'] ?>" tabindex="12" /></p> 562 </form> 354 563 </div> 355 564 </div>
Note: See TracChangeset
for help on using the changeset viewer.