ban.php
1 <?php 2 /* options: 3 name_edit: make Name field editable 4 host_edit: make Host field editable 5 name,host,reverse,xff = string: load values explicitly 6 load_reporter = numeric-ip: load reporter 7 load_ban_request = id: load ban request values 8 load_post = postno: use 'board' value and no to fetch info 9 public_reason = string: load public reason with string 10 private_reason = string: load private reason with string 11 length = string: load days with number 12 scope = local|global|zonly: load scope 13 postban = delpost|delfile|delall: load postban action 14 15 board = ''|string : name of local board 16 17 hide_postbans: hide post-ban action list 18 19 action = url of form action 20 21 */ 22 23 /* 24 Unban in ... 25 Ban Duration [x Use] 0v/0v/0v (D/W/M) 26 */ 27 function head() { 28 ?><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> 29 <html><head><title>Ban form</title> 30 <meta http-equiv="Content-type" content="text/html;charset=utf-8"> 31 <style type="text/css"> 32 body { 33 background: #ffe; 34 font-family: Verdana; 35 font-size: 10px; 36 color: #000000; 37 padding: 15px 10px; 38 margin: 0; 39 } 40 table { 41 border: 0px #606060 solid; 42 border-spacing: 0px; 43 padding: 5px; 44 border-collapse:collapse; 45 } 46 td,th { 47 font-family: Verdana; 48 font-size: 10px; 49 color: #000000; 50 border: 1px #606060 solid; 51 border-spacing: 0px; 52 border-collapse:collapse; 53 padding-top:2px; 54 padding-bottom:2px; 55 } 56 th { background: #fca; } 57 58 .redbg { background: #ffe0e0; } 59 60 input,select,.fakebutton { 61 font-family: Verdana; 62 font-size: 9pt; 63 color: #000000; 64 background-color: #F8F8F8; 65 border: 1px solid #808080; 66 vertical-align: middle; 67 } 68 select { vertical-align:top; } 69 option,optgroup { 70 font-family: Verdana; 71 font-size: 9pt; 72 } 73 74 td,th,body,input { font-family: Verdana,Tahoma,sans-serif; font-size: 12px; } 75 td,th { padding: 2px 2px; } 76 th { text-align: left; font-weight: normal; } 77 .title { background: #800; color: white; font-weight: bold; } 78 </style> 79 <script type="text/javascript"> 80 function resizeToContent() { 81 // resize inner height to fit content 82 resizeTo(410, 400); // only way to know outer size for sure 83 var innerHeight = (window.innerHeight)?window.innerHeight:document.documentElement.clientHeight; 84 var outerHeight = 400; 85 var docHeight = document.body.clientHeight; 86 if(document.documentElement.clientHeight < docHeight) // e.g. opera? 87 docHeight = document.documentElement.clientHeight; 88 //alert(outerHeight); 89 //alert(innerHeight); 90 //alert(docHeight); 91 resizeTo(410, docHeight + (outerHeight - innerHeight)); 92 } 93 function toggle(name){var visible=((document.all)?"block":"table-row"); var a=document.getElementById(name); a.style.display = ((a.style.display!=visible)?visible:"none");} 94 95 96 //window.onload = resizeToContent; 97 98 function callInOpener(code) { 99 if(window.opener && !window.opener.closed) { 100 window.opener.setTimeout(code, 0); 101 } 102 } 103 </script> 104 </head><body> 105 <? 106 } 107 108 function fancydie($err) { 109 head(); 110 $err = "<h3><font color='#FF0000'>$err</font></h3>"; 111 $err .= "<br><a href='javascript:history.go(-1)'>Back</a></body></html>"; 112 die($err); // ok, not very fancy yet 113 } 114 115 function format_host($dec_ip,$reverse='') { 116 if(!$reverse) 117 $reverse = gethostbyaddr($dec_ip); 118 if($reverse && $reverse != $dec_ip) { 119 $reverse = htmlspecialchars($reverse); 120 return "$reverse ($dec_ip)"; 121 } 122 else return "$dec_ip"; 123 } 124 125 function format_name($name) { 126 $name = strip_tags($name); 127 $name = strtr($name, '!', '#'); 128 $name = htmlspecialchars($name); 129 return $name; 130 } 131 132 133 134 function ban_history($dec_ip) { 135 $query = mysql_global_call("SELECT COUNT(*) as total,COUNT(active||NULL) as active FROM banned_users WHERE host='%s'", $dec_ip); 136 $row = mysql_fetch_assoc($query); 137 if(!$row) 138 return ''; 139 if($row['total'] == 0) 140 return ''; 141 if($row['active'] == 0) 142 $linkdesc = sprintf("{$row['total']} past ban%s for this IP.", ($row['total']>1)?'s':'' ); 143 else if($row['active'] == $row['total']) 144 $linkdesc = sprintf("{$row['active']} ban%s already active for this IP.", ($row['active']>1)?'s':''); 145 else { 146 $row['total'] -= $row['active']; 147 $linkdesc = sprintf("{$row['total']} past ban%s and {$row['active']} ban%s already active for this IP.", ($row['total']>1)?'s':'' , ($row['active']>1)?'s':''); 148 } 149 $dec_ip = urlencode($dec_ip); 150 return "<a href=\"http://team.4chan.org/bans.php?admin=hist&ip=$dec_ip\" target=\"_blank\">$linkdesc</a>"; 151 } 152 153 function other_ban_requests($than,$dec_ip) { 154 $query = mysql_global_call("SELECT COUNT(*) as total from ban_requests WHERE id!=%d AND host='%s'", $than, $dec_ip); 155 $row = mysql_fetch_assoc($query); 156 if(!$row) 157 return 0; 158 return $row['total']; 159 } 160 161 function get_xff($board,$tim) { 162 $query = mysql_global_call("SELECT xff from xff where tim='%s' AND board='%s'", $board, $tim); 163 $row = mysql_fetch_assoc($query); 164 if(!$row) 165 return ''; 166 return format_host($row['host']); 167 } 168 169 function form_ban($o) { 170 head(); 171 if($o['load_reporter']) { 172 $query = mysql_global_call("SELECT ip FROM reports where ip=%d LIMIT 1",$o['load_reporter']); 173 if(!($row=mysql_fetch_assoc($query))) 174 fancydie("No reports found with specified IP."); 175 $form['load_name'] = 'load_reporter'; 176 $form['load_value'] = $o['load_reporter']; 177 $form['name'] = 'Anonymous'; 178 $form['host'] = format_host(long2ip($row['ip'])); 179 $form['xff'] = ''; 180 $form['banhist'] = ban_history(long2ip($row['ip'])); 181 $form['board'] = ''; 182 $form['title'] = "Banning reporter " . long2ip($row['ip']); 183 $o['hide_postbans'] = 1; 184 $form['id'] = (int)$o['load_reporter']; 185 } 186 else if($o['load_ban_request']) { 187 $query = mysql_global_call("SELECT * FROM ban_requests where id=%d", $o['load_ban_request']); 188 if(!($row=mysql_fetch_assoc($query))) 189 fancydie("Specified ban request does not exist."); 190 $form['load_name'] = 'load_ban_request'; 191 $form['load_value'] = $o['load_ban_request']; 192 $post = unserialize($row['spost']); 193 $form['name'] = format_name($post['name']); 194 $form['host'] = format_host($post['host'],$post['reverse']); 195 $form['xff'] = htmlspecialchars($post['xff']); 196 $form['banhist'] = ban_history($post['host']); 197 $form['board'] = $row['board']; 198 $form['title'] = htmlspecialchars("Filling {$row['janitor']}'s ban request for /{$row['board']}/{$post['no']}"); 199 //$form['public_reason'] = htmlspecialchars($row['reason']); 200 //$form['private_reason'] = htmlspecialchars("requested by {$row['janitor']}"); 201 $form['other_ban_reqs'] = other_ban_requests($o['load_ban_request'], $post['host']); 202 $o['hide_postbans'] = 1; 203 $form['id'] = (int)$o['load_ban_request']; 204 } 205 else if($o['load_post']) { 206 207 } 208 else if($GLOBALS['my_access']['manual_ban']) { 209 $o['name_edit'] = $o['host_edit'] = /*$o['bannedby_edit'] =*/ true; 210 $form['load_name'] = 'manual'; 211 $form['load_value'] = 'yes'; 212 } 213 214 // overrides 215 if(isset($_COOKIE['4chan_bpubr'])) 216 $form['public_reason'] = htmlspecialchars($_COOKIE['4chan_bpubr']); 217 if(isset($_COOKIE['4chan_bprvr'])) 218 $form['private_reason'] = htmlspecialchars($_COOKIE['4chan_bprvr']); 219 if(isset($_COOKIE['4chan_blen'])) { 220 $clen = (int)$_COOKIE['4chan_blen']; 221 if($clen==0) 222 $form['warn'] = 1; 223 else if($clen==-1) 224 $form['indef'] = 1; 225 else 226 $form['length'] = $clen; 227 $form['remember'] = 1; 228 } 229 230 if($o['public_reason']) 231 $form['public_reason'] = htmlspecialchars($o['public_reason']); 232 if($o['private_reason']) 233 $form['private_reason'] = htmlspecialchars($o['private_reason']); 234 if($o['length']) 235 $form['length'] = htmlspecialchars($o['length']); 236 237 $form['modname'] = htmlspecialchars($_COOKIE['4chan_auser']); 238 239 ?> 240 <form name="banform" method="POST"> 241 <input type="hidden" name="<?=$form['load_name']?>" value="<?=$form['load_value']?>"> 242 <table border=0 cellspacing=0 cellpadding=0> 243 <tr><td colspan=2 align=center class="title"> 244 <a href="javascript:toggle('more');resizeToContent();" style="position:absolute;width:13px;height:13px;border:1px solid white;left:11px;color:white;text-decoration:none;font-size:11px;">▼</a></div> 245 <?=$form['title']?></td></tr> 246 <tr id="more" style="display:none"><th>More:</th> 247 <td>[<input type=checkbox name=remember value="1" <?= $form['remember']?'CHECKED':'' ?>> Remember ban reason and length]</td> 248 </tr> 249 <tr> <th>Name:</th> 250 <td><input type="text" name="name" value="<?=$form['name']?>" size=40 <?= $o['name_edit']?'':'DISABLED' ?>></td> 251 </tr> 252 <tr> <th>Host:</th> 253 <td><input type="text" name="host" value="<?=$form['host']?>" size=40 <?= $o['host_edit']?'':'DISABLED' ?>></td> 254 </tr> 255 <? if($form['xff']) { ?> 256 <tr> <th>Proxy For:</th> 257 <td><input type="text" name="xff" value="<?=$form['xff']?>" size=40 <?= $o['host_edit']?'':'DISABLED' ?> title="This is possibly the user's real IP, but only the above IP will be banned."></td> 258 </tr> 259 <? } ?> 260 <? if($form['banhist']) { ?> 261 <tr> <th>Ban History:</th> 262 <td><?= $form['banhist'] ?></td> 263 </tr> 264 <? } ?> 265 <tr> <th>Public Ban Reason:</th> 266 <td><textarea name="public_reason" cols=30 rows=2 title="This is the message that the user will see on the banned page."><?=$form['public_reason']?></textarea></td> 267 </tr> 268 <tr> <th>Private Info:</th> 269 <td><input type="text" name="private_reason" value="<?=$form['private_reason']?>" size=40 title="Additional info that will be not be shown to the user."></td> 270 </tr> 271 <tr> <th>Unban in:</th> 272 <td><input type="text" name="length" value="<?=$form['length']?>" size=3> days [<input type=checkbox name=warn value="1" title="Ban for 0 days" <?= $form['warn']?'CHECKED':'' ?>> Warn] [<input type=checkbox name=indefinite value="1" title="Ban forever" <?= $form['indef']?'CHECKED':'' ?>> Permanent]</td> 273 </tr> 274 <tr> <th>Banned by:</th> 275 <td><input type="text" name="modname" value="<?=$form['modname']?>" size=40 <?= $o['bannedby_edit']?'':'DISABLED' ?>></td> 276 </tr> 277 <tr> <th>Ban options:</th> 278 <td><select name="scope" style="float:left;"> 279 <? 280 if($form['board']) { 281 ?><option value="local" <?= ($o['scope']=='local')?'SELECTED':'' ?>>Ban from /<?=$form['board']?>/</option><? 282 } 283 ?><option value="global" <?= ($o['scope']=='global')?'SELECTED':'' ?>>Global ban</option><? 284 ?><option value="zonly" <?= ($o['scope']=='zonly')?'SELECTED':'' ?>>Banish to /z/</option><? 285 ?> 286 </select> 287 <? if(!$o['hide_postbans']) { ?> 288 <span title="Display USER WAS BANNED... message" style="float:left;margin-left:5px">[<input type=checkbox name=banmsg value="1">msg]</span> 289 <? } ?> 290 <input type="submit" value="Ban" style="float:right;"> 291 </td> 292 </tr> 293 <? 294 if(!$o['hide_postbans'] || $form['other_ban_reqs']) { 295 ?> 296 <tr> <th>Post-ban actions:</th> 297 <td> 298 <? if(!$o['hide_postbans']) { ?> 299 <select name="postban"> 300 <option value="" <?= ($o['postban']=='')?'SELECTED':'' ?>>None</option> 301 <option value="delpost" <?= ($o['postban']=='delpost')?'SELECTED':'' ?>>Delete post</option> 302 <option value="delfile" <?= ($o['postban']=='delfile')?'SELECTED':'' ?>>Delete file only</option> 303 <option value="delall" <?= ($o['postban']=='delall')?'SELECTED':'' ?>>Delete all by IP</option> 304 </select> 305 <? } ?> 306 <? if($form['other_ban_reqs']) { ?> 307 [<input type=checkbox name=clearbanreqs value=1 title="Clear ban reqs"> Clear <?= $form['other_ban_reqs'] ?> other ban request<?= ($form['other_ban_reqs']>1)?'s':'' ?> for this IP] 308 <? } ?> 309 </td> 310 </tr> 311 <? 312 } 313 ?> 314 </table> 315 </form> 316 <? if($form['id']) { ?> 317 <script> 318 window.onunload = function() { 319 callInOpener("banCancel(<?=$form['id']?>)"); 320 } 321 document.forms.banform.onsubmit = function() { window.onunload = function(){}; }; 322 </script> 323 <? } ?> 324 </body></html> 325 <? 326 return; 327 }