Heim >Backend-Entwicklung >PHP-Tutorial >如何限制访问者的ip(PHPBB的代码)_PHP

如何限制访问者的ip(PHPBB的代码)_PHP

WBOY
WBOYOriginal
2016-06-01 12:38:37905Durchsuche

phpBB


如何限制访问者的ip(PHPBB的代码) Code:   /***************************************************************************
* admin_user_ban.php
* -------------------
* begin : Tuesday, Jul 31, 2001
* copyright : (C) 2001 The phpBB Group
* email : [email]support@phpbb.com[/email]
*
* $Id: admin_user_ban.php,v 1.21.2.2 2002/05/12 15:57:45 psotfx Exp $
*
*
***************************************************************************/

/***************************************************************************
* This file is part of the phpBB2 port to Nuke 6.0 (c) copyright 2002
* by Tom Nitzschner ([email]tom@toms-home.com[/email])
* [url]http://bbtonuke.sourceforge.net[/url] (or [url]http://www.toms-home.com)[/url]
*
* As always, make a backup before messing with anything. All code
* release by me is considered sample code only. It may be fully
* functual, but you use it at your own risk, if you break it,
* you get to fix it too. No waranty is given or implied.
*
* Please post all questions/request about this port on [url]http://bbtonuke.sourceforge.net[/url] first,
* then on my site. All original header code and copyright messages will be maintained
* to give credit where credit is due. If you modify this, the only requirement is
* that you also maintain all original copyright messages. All my work is released
* under the GNU GENERAL PUBLIC LICENSE. Please see the README for more information.
*
***************************************************************************/

/***************************************************************************
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
***************************************************************************/

define('IN_PHPBB', 1);

if ( !empty($setmodules) )
{
$filename = basename(__FILE__);
$module['Users']['Ban_Management'] = $filename;

return;
}

//
// Load default header
//
$phpbb_root_path = './../';
require($phpbb_root_path . 'extension.inc');
require('./pagestart.' . $phpEx);

//
// Start program
//
if ( isset($HTTP_POST_VARS['submit']) )
{
$user_bansql = ';
$email_bansql = ';
$ip_bansql = ';

$user_list = array();
if ( !empty($HTTP_POST_VARS['username']) )
{
$this_userdata = get_userdata($HTTP_POST_VARS['username']);
if( !$this_userdata )
{
message_die(GENERAL_MESSAGE, $lang['No_user_id_specified'] );
}

$user_list[] = $this_userdata['user_id'];
}

$ip_list = array();
if ( isset($HTTP_POST_VARS['ban_ip']) )
{
$ip_list_temp = explode(',', $HTTP_POST_VARS['ban_ip']);

for($i = 0; $i {
if ( preg_match('/^([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})[ ]*\-[ ]*([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})$/', trim($ip_list_temp[$i]), $ip_range_explode) )
{
//
// Don't ask about all this, just don't ask ... !为什么
//
$ip_1_counter = $ip_range_explode[1];
$ip_1_end = $ip_range_explode[5];

while ( $ip_1_counter {
$ip_2_counter = ( $ip_1_counter == $ip_range_explode[1] ) ? $ip_range_explode[2] : 0;
$ip_2_end = ( $ip_1_counter
if ( $ip_2_counter == 0 && $ip_2_end == 254 )
{
$ip_2_counter = 255;
$ip_2_fragment = 255;

$ip_list[] = encode_ip("$ip_1_counter.255.255.255");
}

while ( $ip_2_counter {
$ip_3_counter = ( $ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1] ) ? $ip_range_explode[3] : 0;
$ip_3_end = ( $ip_2_counter $ip_1_counter
if ( $ip_3_counter == 0 && $ip_3_end == 254 )
{
$ip_3_counter = 255;
$ip_3_fragment = 255;

$ip_list[] = encode_ip("$ip_1_counter.$ip_2_counter.255.255");
}

while ( $ip_3_counter {
$ip_4_counter = ( $ip_3_counter == $ip_range_explode[3] && $ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1] ) ? $ip_range_explode[4] : 0;
$ip_4_end = ( $ip_3_counter $ip_2_counter
if ( $ip_4_counter == 0 && $ip_4_end == 254 )
{
$ip_4_counter = 255;
$ip_4_fragment = 255;

$ip_list[] = encode_ip("$ip_1_counter.$ip_2_counter.$ip_3_counter.255");
}

while ( $ip_4_counter {
$ip_list[] = encode_ip("$ip_1_counter.$ip_2_counter.$ip_3_counter.$ip_4_counter");
$ip_4_counter++;
}
$ip_3_counter++;
}
$ip_2_counter++;
}
$ip_1_counter++;
}
}
else if ( preg_match('/^([\w\-_]\.?){2,}$/is', trim($ip_list_temp[$i])) )
{
$ip = gethostbynamel(trim($ip_list_temp[$i]));

for($j = 0; $j {
if ( !empty($ip[$j]) )
{
$ip_list[] = encode_ip($ip[$j]);
}
}
}
else if ( preg_match('/^([0-9]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})$/', trim($ip_list_temp[$i])) )
{
$ip_list[] = encode_ip(str_replace('*', '255', trim($ip_list_temp[$i])));
}
}
}

$email_list = array();
if ( isset($HTTP_POST_VARS['ban_email']) )
{
$email_list_temp = explode(',', $HTTP_POST_VARS['ban_email']);

for($i = 0; $i {
//
// This ereg match is based on one by [email]php@unreelpro.com[/email]
// contained in the annotated php manual at php.com (ereg
// section)
//
if ( eregi('^(([[:alnum:]\*]+([-_.][[:alnum:]\*]+)*\.?)|(\*))@([[:alnum:]]+([-_]?[[:alnum:]]+)*\.){1,3}([[:alnum:]]{2,6})$', trim($email_list_temp[$i])) )
{
$email_list[] = trim($email_list_temp[$i]);
}
}
}

$sql = "SELECT *
FROM " . BANLIST_TABLE;
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Couldn't obtain banlist information", "", __LINE__, __FILE__, $sql);
}

$current_banlist = $db->sql_fetchrowset($result);
$db->sql_freeresult($result);

$kill_session_sql = ';
for($i = 0; $i {
$in_banlist = false;
for($j = 0; $j {
if ( $user_list[$i] == $current_banlist[$j]['ban_userid'] )
{
$in_banlist = true;
}
}

if ( !$in_banlist )
{
$kill_session_sql .= ( ( $kill_session_sql != ' ) ? ' OR ' : ' ) . "session_user_id = " . $user_list[$i];

$sql = "INSERT INTO " . BANLIST_TABLE . " (ban_userid)
VALUES (" . $user_list[$i] . ")";
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't insert ban_userid info into database", "", __LINE__, __FILE__, $sql);
}
}
}

for($i = 0; $i {
$in_banlist = false;
for($j = 0; $j {
if ( $ip_list[$i] == $current_banlist[$j]['ban_ip'] )
{
$in_banlist = true;
}
}

if ( !$in_banlist )
{
if ( preg_match('/(ff\.)|(\.ff)/is', chunk_split($ip_list[$i], 2, '.')) )
{
$kill_ip_sql = "session_ip LIKE '" . str_replace('.', ', preg_replace('/(ff\.)|(\.ff)/is', '%', chunk_split($ip_list[$i], 2, "."))) . "'";
}
else
{
$kill_ip_sql = "session_ip = '" . $ip_list[$i] . "'";
}

$kill_session_sql .= ( ( $kill_session_sql != ' ) ? ' OR ' : ' ) . $kill_ip_sql;

$sql = "INSERT INTO " . BANLIST_TABLE . " (ban_ip)
VALUES ('" . $ip_list[$i] . "')";
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't insert ban_ip info into database", "", __LINE__, __FILE__, $sql);
}
}
}

//
// Now we'll delete all entries from the session table with any of the banned
// user or IP info just entered into the ban table ... this will force a session
// initialisation resulting in an instant ban
//
if ( $kill_session_sql != ' )
{
$sql = "DELETE FROM " . SESSIONS_TABLE . "
WHERE $kill_session_sql";
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't delete banned sessions from database", "", __LINE__, __FILE__, $sql);
}
}

for($i = 0; $i {
$in_banlist = false;
for($j = 0; $j {
if ( $email_list[$i] == $current_banlist[$j]['ban_email'] )
{
$in_banlist = true;
}
}

if ( !$in_banlist )
{
$sql = "INSERT INTO " . BANLIST_TABLE . " (ban_email)
VALUES ('" . str_replace("'", "'", $email_list[$i]) . "')";
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't insert ban_email info into database", "", __LINE__, __FILE__, $sql);
}
}
}

$where_sql = ';

if ( isset($HTTP_POST_VARS['unban_user']) )
{
$user_list = $HTTP_POST_VARS['unban_user'];

for($i = 0; $i {
if ( $user_list[$i] != -1 )
{
$where_sql .= ( ( $where_sql != ' ) ? ', ' : ' ) . $user_list[$i];
}
}
}

if ( isset($HTTP_POST_VARS['unban_ip']) )
{
$ip_list = $HTTP_POST_VARS['unban_ip'];

for($i = 0; $i {
if ( $ip_list[$i] != -1 )
{
$where_sql .= ( ( $where_sql != ' ) ? ', ' : ' ) . $ip_list[$i];
}
}
}

if ( isset($HTTP_POST_VARS['unban_email']) )
{
$email_list = $HTTP_POST_VARS['unban_email'];

for($i = 0; $i {
if ( $email_list[$i] != -1 )
{
$where_sql .= ( ( $where_sql != ' ) ? ', ' : ' ) . $email_list[$i];
}
}
}

if ( $where_sql != ' )
{
$sql = "DELETE FROM " . BANLIST_TABLE . "
WHERE ban_id IN ($where_sql)";
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't delete ban info from database", "", __LINE__, __FILE__, $sql);
}
}

$message = $lang['Ban_update_sucessful'] . '

' . sprintf($lang['Click_return_banadmin'], '', '') . '

' . sprintf($lang['Click_return_admin_index'], '', '');

message_die(GENERAL_MESSAGE, $message);

}
else
{
$template->set_filenames(array(
'body' => 'admin/user_ban_body.tpl')
);

$template->assign_vars(array(
'L_BAN_TITLE' => $lang['Ban_control'],
'L_BAN_EXPLAIN' => $lang['Ban_explain'],
'L_BAN_EXPLAIN_WARN' => $lang['Ban_explain_warn'],
'L_IP_OR_HOSTNAME' => $lang['IP_hostname'],
'L_EMAIL_ADDRESS' => $lang['Email_address'],
'L_SUBMIT' => $lang['Submit'],
'L_RESET' => $lang['Reset'],

'S_BANLIST_ACTION' => append_sid("admin_user_ban.$phpEx"))
);

$template->assign_vars(array(
'L_BAN_USER' => $lang['Ban_username'],
'L_BAN_USER_EXPLAIN' => $lang['Ban_username_explain'],
'L_BAN_IP' => $lang['Ban_IP'],
'L_BAN_IP_EXPLAIN' => $lang['Ban_IP_explain'],
'L_BAN_EMAIL' => $lang['Ban_email'],
'L_BAN_EMAIL_EXPLAIN' => $lang['Ban_email_explain'])
);

$userban_count = 0;
$ipban_count = 0;
$emailban_count = 0;

$sql = "SELECT b.ban_id, u.user_id, u.username
FROM " . BANLIST_TABLE . " b, " . USERS_TABLE . " u
WHERE u.user_id = b.ban_userid
AND b.ban_userid 0
AND u.user_id " . ANONYMOUS . "
ORDER BY u.user_id ASC";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not select current user_id ban list', ', __LINE__, __FILE__, $sql);
}

$user_list = $db->sql_fetchrowset($result);
$db->sql_freeresult($result);

$select_userlist = ';
for($i = 0; $i {
$select_userlist .= '';
$userban_count++;
}

if( $select_userlist == ' )
{
$select_userlist = '';
}

$select_userlist = '';

$sql = "SELECT ban_id, ban_ip, ban_email
FROM " . BANLIST_TABLE;
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not select current ip ban list', ', __LINE__, __FILE__, $sql);
}

$banlist = $db->sql_fetchrowset($result);
$db->sql_freeresult($result);

$select_iplist = ';
$select_emaillist = ';

for($i = 0; $i {
$ban_id = $banlist[$i]['ban_id'];

if ( !empty($banlist[$i]['ban_ip']) )
{
$ban_ip = str_replace('255', '*', decode_ip($banlist[$i]['ban_ip']));
$select_iplist .= '';
$ipban_count++;
}
else if ( !empty($banlist[$i]['ban_email']) )
{
$ban_email = $banlist[$i]['ban_email'];
$select_emaillist .= '';
$emailban_count++;
}
}

if ( $select_iplist == ' )
{
$select_iplist = '';
}

if ( $select_emaillist == ' )
{
$select_emaillist = '';
}

$select_iplist = '';
$select_emaillist = '';

$template->assign_vars(array(
'L_UNBAN_USER' => $lang['Unban_username'],
'L_UNBAN_USER_EXPLAIN' => $lang['Unban_username_explain'],
'L_UNBAN_IP' => $lang['Unban_IP'],
'L_UNBAN_IP_EXPLAIN' => $lang['Unban_IP_explain'],
'L_UNBAN_EMAIL' => $lang['Unban_email'],
'L_UNBAN_EMAIL_EXPLAIN' => $lang['Unban_email_explain'],
'L_USERNAME' => $lang['Username'],
'L_LOOK_UP' => $lang['Look_up_User'],
'L_FIND_USERNAME' => $lang['Find_username'],

'U_SEARCH_USER' => append_sid("search.$phpEx?mode=searchuser&popup=1&menu=1"),
'S_UNBAN_USERLIST_SELECT' => $select_userlist,
'S_UNBAN_IPLIST_SELECT' => $select_iplist,
'S_UNBAN_EMAILLIST_SELECT' => $select_emaillist,
'S_BAN_ACTION' => append_sid("admin_user_ban.$phpEx"))
);
}

$template->pparse('body');

include('./page_footer_admin.'.$phpEx);

?>
Stellungnahme:
Der Inhalt dieses Artikels wird freiwillig von Internetnutzern beigesteuert und das Urheberrecht liegt beim ursprünglichen Autor. Diese Website übernimmt keine entsprechende rechtliche Verantwortung. Wenn Sie Inhalte finden, bei denen der Verdacht eines Plagiats oder einer Rechtsverletzung besteht, wenden Sie sich bitte an admin@php.cn
Vorheriger Artikel:模拟xcopy的函数_PHPNächster Artikel:生成缩略图_PHP