Welcome 微信登录
编程资源 图片资源库 蚂蚁家优选

首页 / 网页编程 / PHP / 如何限制访问者的ip(PHPBB的代码)


如何限制访问者的ip(PHPBB的代码)Code: <?php
/***************************************************************************
* admin_user_ban.php
* -------------------
* begin : Tuesday, Jul 31, 2001
* copyright : (C) 2001 The phpBB Group
* email : [email]support@phpbb.com[/email]
*
* $Id: admin_user_ban.php,v 1.21.2.2 2002/05/12 15:57:45 psotfx Exp $
*
*
***************************************************************************/

/***************************************************************************
* This file is part of the phpBB2 port to Nuke 6.0 (c) copyright 2002
* by Tom Nitzschner ([email]tom@toms-home.com[/email])
* [url]http://bbtonuke.sourceforge.net[/url] (or [url]http://www.toms-home.com)[/url]
*
* As always, make a backup before messing with anything. All code
* release by me is considered sample code only. It may be fully
* functual, but you use it at your own risk, if you break it,
* you get to fix it too. No waranty is given or implied.
*
* Please post all questions/request about this port on [url]http://bbtonuke.sourceforge.net[/url] first,
* then on my site. All original header code and copyright messages will be maintained
* to give credit where credit is due. If you modify this, the only requirement is
* that you also maintain all original copyright messages. All my work is released
* under the GNU GENERAL PUBLIC LICENSE. Please see the README for more information.
*
***************************************************************************/

/***************************************************************************
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
***************************************************************************/

define("IN_PHPBB", 1);

if ( !empty($setmodules) )
{
$filename = basename(__FILE__);
$module["Users"]["Ban_Management"] = $filename;

return;
}

//
// Load default header
//
$phpbb_root_path = "./../";
require($phpbb_root_path . "extension.inc");
require("./pagestart." . $phpEx);

//
// Start program
//
if ( isset($HTTP_POST_VARS["submit"]) )
{
$user_bansql = "";
$email_bansql = "";
$ip_bansql = "";

$user_list = array();
if ( !empty($HTTP_POST_VARS["username"]) )
{
$this_userdata = get_userdata($HTTP_POST_VARS["username"]);
if( !$this_userdata )
{
message_die(GENERAL_MESSAGE, $lang["No_user_id_specified"] );
}

$user_list[] = $this_userdata["user_id"];
}

$ip_list = array();
if ( isset($HTTP_POST_VARS["ban_ip"]) )
{
$ip_list_temp = explode(",", $HTTP_POST_VARS["ban_ip"]);

for($i = 0; $i < count($ip_list_temp); $i++)
{
if ( preg_match("/^([0-9]{1,3}).([0-9]{1,3}).([0-9]{1,3}).([0-9]{1,3})[ ]*-[ ]*([0-9]{1,3}).([0-9]{1,3}).([0-9]{1,3}).([0-9]{1,3})$/", trim($ip_list_temp[$i]), $ip_range_explode) )
{
//
// Don"t ask about all this, just don"t ask ... !为什么
//
$ip_1_counter = $ip_range_explode[1];
$ip_1_end = $ip_range_explode[5];

while ( $ip_1_counter <= $ip_1_end )
{
$ip_2_counter = ( $ip_1_counter == $ip_range_explode[1] ) ? $ip_range_explode[2] : 0;
$ip_2_end = ( $ip_1_counter < $ip_1_end ) ? 254 : $ip_range_explode[6];

if ( $ip_2_counter == 0 && $ip_2_end == 254 )
{
$ip_2_counter = 255;
$ip_2_fragment = 255;

$ip_list[] = encode_ip("$ip_1_counter.255.255.255");
}

while ( $ip_2_counter <= $ip_2_end )
{
$ip_3_counter = ( $ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1] ) ? $ip_range_explode[3] : 0;
$ip_3_end = ( $ip_2_counter < $ip_2_end
$ip_1_counter < $ip_1_end ) ? 254 : $ip_range_explode[7];

if ( $ip_3_counter == 0 && $ip_3_end == 254 )
{
$ip_3_counter = 255;
$ip_3_fragment = 255;

$ip_list[] = encode_ip("$ip_1_counter.$ip_2_counter.255.255");
}

while ( $ip_3_counter <= $ip_3_end )
{
$ip_4_counter = ( $ip_3_counter == $ip_range_explode[3] && $ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1] ) ? $ip_range_explode[4] : 0;
$ip_4_end = ( $ip_3_counter < $ip_3_end
$ip_2_counter < $ip_2_end ) ? 254 : $ip_range_explode[8];

if ( $ip_4_counter == 0 && $ip_4_end == 254 )
{
$ip_4_counter = 255;
$ip_4_fragment = 255;

$ip_list[] = encode_ip("$ip_1_counter.$ip_2_counter.$ip_3_counter.255");
}

while ( $ip_4_counter <= $ip_4_end )
{
$ip_list[] = encode_ip("$ip_1_counter.$ip_2_counter.$ip_3_counter.$ip_4_counter");
$ip_4_counter++;
}
$ip_3_counter++;
}
$ip_2_counter++;
}
$ip_1_counter++;
}
}
else if ( preg_match("/^([w-_].?){2,}$/is", trim($ip_list_temp[$i])) )
{
$ip = gethostbynamel(trim($ip_list_temp[$i]));

for($j = 0; $j < count($ip); $j++)
{
if ( !empty($ip[$j]) )
{
$ip_list[] = encode_ip($ip[$j]);
}
}
}
else if ( preg_match("/^([0-9]{1,3}).([0-9*]{1,3}).([0-9*]{1,3}).([0-9*]{1,3})$/", trim($ip_list_temp[$i])) )
{
$ip_list[] = encode_ip(str_replace("*", "255", trim($ip_list_temp[$i])));
}
}
}

$email_list = array();
if ( isset($HTTP_POST_VARS["ban_email"]) )
{
$email_list_temp = explode(",", $HTTP_POST_VARS["ban_email"]);

for($i = 0; $i < count($email_list_temp); $i++)
{
//
// This ereg match is based on one by [email]php@unreelpro.com[/email]
// contained in the annotated php manual at php.com (ereg
// section)
//
if ( eregi("^(([[:alnum:]*]+([-_.][[:alnum:]*]+)*.?)|(*))@([[:alnum:]]+([-_]?[[:alnum:]]+)*.){1,3}([[:alnum:]]{2,6})$", trim($email_list_temp[$i])) )
{
$email_list[] = trim($email_list_temp[$i]);
}
}
}

$sql = "SELECT *
FROM " . BANLIST_TABLE;
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Couldn"t obtain banlist information", "", __LINE__, __FILE__, $sql);
}

$current_banlist = $db->sql_fetchrowset($result);
$db->sql_freeresult($result);

$kill_session_sql = "";
for($i = 0; $i < count($user_list); $i++)
{
$in_banlist = false;
for($j = 0; $j < count($current_banlist); $j++)
{
if ( $user_list[$i] == $current_banlist[$j]["ban_userid"] )
{
$in_banlist = true;
}
}

if ( !$in_banlist )
{
$kill_session_sql .= ( ( $kill_session_sql != "" ) ? " OR " : "" ) . "session_user_id = " . $user_list[$i];

$sql = "INSERT INTO " . BANLIST_TABLE . " (ban_userid)
VALUES (" . $user_list[$i] . ")";
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn"t insert ban_userid info into database", "", __LINE__, __FILE__, $sql);
}
}
}

for($i = 0; $i < count($ip_list); $i++)
{
$in_banlist = false;
for($j = 0; $j < count($current_banlist); $j++)
{
if ( $ip_list[$i] == $current_banlist[$j]["ban_ip"] )
{
$in_banlist = true;
}
}

if ( !$in_banlist )
{
if ( preg_match("/(ff.)|(.ff)/is", chunk_split($ip_list[$i], 2, ".")) )
{
$kill_ip_sql = "session_ip LIKE "" . str_replace(".", "", preg_replace("/(ff.)|(.ff)/is", "%", chunk_split($ip_list[$i], 2, "."))) . """;
}
else
{
$kill_ip_sql = "session_ip = "" . $ip_list[$i] . """;
}

$kill_session_sql .= ( ( $kill_session_sql != "" ) ? " OR " : "" ) . $kill_ip_sql;

$sql = "INSERT INTO " . BANLIST_TABLE . " (ban_ip)
VALUES ("" . $ip_list[$i] . "")";
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn"t insert ban_ip info into database", "", __LINE__, __FILE__, $sql);
}
}
}

//
// Now we"ll delete all entries from the session table with any of the banned
// user or IP info just entered into the ban table ... this will force a session
// initialisation resulting in an instant ban
//
if ( $kill_session_sql != "" )
{
$sql = "DELETE FROM " . SESSIONS_TABLE . "
WHERE $kill_session_sql";
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn"t delete banned sessions from database", "", __LINE__, __FILE__, $sql);
}
}

for($i = 0; $i < count($email_list); $i++)
{
$in_banlist = false;
for($j = 0; $j < count($current_banlist); $j++)
{
if ( $email_list[$i] == $current_banlist[$j]["ban_email"] )
{
$in_banlist = true;
}
}

if ( !$in_banlist )
{
$sql = "INSERT INTO " . BANLIST_TABLE . " (ban_email)
VALUES ("" . str_replace(""", """", $email_list[$i]) . "")";
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn"t insert ban_email info into database", "", __LINE__, __FILE__, $sql);
}
}
}

$where_sql = "";

if ( isset($HTTP_POST_VARS["unban_user"]) )
{
$user_list = $HTTP_POST_VARS["unban_user"];

for($i = 0; $i < count($user_list); $i++)
{
if ( $user_list[$i] != -1 )
{
$where_sql .= ( ( $where_sql != "" ) ? ", " : "" ) . $user_list[$i];
}
}
}

if ( isset($HTTP_POST_VARS["unban_ip"]) )
{
$ip_list = $HTTP_POST_VARS["unban_ip"];

for($i = 0; $i < count($ip_list); $i++)
{
if ( $ip_list[$i] != -1 )
{
$where_sql .= ( ( $where_sql != "" ) ? ", " : "" ) . $ip_list[$i];
}
}
}

if ( isset($HTTP_POST_VARS["unban_email"]) )
{
$email_list = $HTTP_POST_VARS["unban_email"];

for($i = 0; $i < count($email_list); $i++)
{
if ( $email_list[$i] != -1 )
{
$where_sql .= ( ( $where_sql != "" ) ? ", " : "" ) . $email_list[$i];
}
}
}

if ( $where_sql != "" )
{
$sql = "DELETE FROM " . BANLIST_TABLE . "
WHERE ban_id IN ($where_sql)";
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn"t delete ban info from database", "", __LINE__, __FILE__, $sql);
}
}

$message = $lang["Ban_update_sucessful"] . "<br /><br />" . sprintf($lang["Click_return_banadmin"], "<a href="" . append_sid("admin_user_ban.$phpEx") . "">", "</a>") . "<br /><br />" . sprintf($lang["Click_return_admin_index"], "<a href="" . append_sid("index.$phpEx?pane=right") . "">", "</a>");

message_die(GENERAL_MESSAGE, $message);

}
else
{
$template->set_filenames(array(
"body" => "admin/user_ban_body.tpl")
);

$template->assign_vars(array(
"L_BAN_TITLE" => $lang["Ban_control"],
"L_BAN_EXPLAIN" => $lang["Ban_explain"],
"L_BAN_EXPLAIN_WARN" => $lang["Ban_explain_warn"],
"L_IP_OR_HOSTNAME" => $lang["IP_hostname"],
"L_EMAIL_ADDRESS" => $lang["Email_address"],
"L_SUBMIT" => $lang["Submit"],
"L_RESET" => $lang["Reset"],

"S_BANLIST_ACTION" => append_sid("admin_user_ban.$phpEx"))
);

$template->assign_vars(array(
"L_BAN_USER" => $lang["Ban_username"],
"L_BAN_USER_EXPLAIN" => $lang["Ban_username_explain"],
"L_BAN_IP" => $lang["Ban_IP"],
"L_BAN_IP_EXPLAIN" => $lang["Ban_IP_explain"],
"L_BAN_EMAIL" => $lang["Ban_email"],
"L_BAN_EMAIL_EXPLAIN" => $lang["Ban_email_explain"])
);

$userban_count = 0;
$ipban_count = 0;
$emailban_count = 0;

$sql = "SELECT b.ban_id, u.user_id, u.username
FROM " . BANLIST_TABLE . " b, " . USERS_TABLE . " u
WHERE u.user_id = b.ban_userid
AND b.ban_userid <> 0
AND u.user_id <> " . ANONYMOUS . "
ORDER BY u.user_id ASC";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Could not select current user_id ban list", "", __LINE__, __FILE__, $sql);
}

$user_list = $db->sql_fetchrowset($result);
$db->sql_freeresult($result);

$select_userlist = "";
for($i = 0; $i < count($user_list); $i++)
{
$select_userlist .= "<option value="" . $user_list[$i]["ban_id"] . "">" . $user_list[$i]["username"] . "</option>";
$userban_count++;
}

if( $select_userlist == "" )
{
$select_userlist = "<option value="-1">" . $lang["No_banned_users"] . "</option>";
}

$select_userlist = "<select name="unban_user[]" multiple="multiple" size="5">" . $select_userlist . "</select>";

$sql = "SELECT ban_id, ban_ip, ban_email
FROM " . BANLIST_TABLE;
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Could not select current ip ban list", "", __LINE__, __FILE__, $sql);
}

$banlist = $db->sql_fetchrowset($result);
$db->sql_freeresult($result);

$select_iplist = "";
$select_emaillist = "";

for($i = 0; $i < count($banlist); $i++)
{
$ban_id = $banlist[$i]["ban_id"];

if ( !empty($banlist[$i]["ban_ip"]) )
{
$ban_ip = str_replace("255", "*", decode_ip($banlist[$i]["ban_ip"]));
$select_iplist .= "<option value="" . $ban_id . "">" . $ban_ip . "</option>";
$ipban_count++;
}
else if ( !empty($banlist[$i]["ban_email"]) )
{
$ban_email = $banlist[$i]["ban_email"];
$select_emaillist .= "<option value="" . $ban_id . "">" . $ban_email . "</option>";
$emailban_count++;
}
}

if ( $select_iplist == "" )
{
$select_iplist = "<option value="-1">" . $lang["No_banned_ip"] . "</option>";
}

if ( $select_emaillist == "" )
{
$select_emaillist = "<option value="-1">" . $lang["No_banned_email"] . "</option>";
}

$select_iplist = "<select name="unban_ip[]" multiple="multiple" size="5">" . $select_iplist . "</select>";
$select_emaillist = "<select name="unban_email[]" multiple="multiple" size="5">" . $select_emaillist . "</select>";

$template->assign_vars(array(
"L_UNBAN_USER" => $lang["Unban_username"],
"L_UNBAN_USER_EXPLAIN" => $lang["Unban_username_explain"],
"L_UNBAN_IP" => $lang["Unban_IP"],
"L_UNBAN_IP_EXPLAIN" => $lang["Unban_IP_explain"],
"L_UNBAN_EMAIL" => $lang["Unban_email"],
"L_UNBAN_EMAIL_EXPLAIN" => $lang["Unban_email_explain"],
"L_USERNAME" => $lang["Username"],
"L_LOOK_UP" => $lang["Look_up_User"],
"L_FIND_USERNAME" => $lang["Find_username"],

"U_SEARCH_USER" => append_sid("search.$phpEx?mode=searchuser&popup=1&menu=1"),
"S_UNBAN_USERLIST_SELECT" => $select_userlist,
"S_UNBAN_IPLIST_SELECT" => $select_iplist,
"S_UNBAN_EMAILLIST_SELECT" => $select_emaillist,
"S_BAN_ACTION" => append_sid("admin_user_ban.$phpEx"))
);
}

$template->pparse("body");

include("./page_footer_admin.".$phpEx);

?>
版权所有©石家庄振强科技有限公司2024 冀ICP备08103738号-5 网站地图