-
Notifications
You must be signed in to change notification settings - Fork 8
/
banipv4.php
76 lines (66 loc) · 3.91 KB
/
banipv4.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
<?php
require "include/bittorrent.php";
dbconn();
loggedinorreturn();
if (get_user_class() < UC_ADMINISTRATOR)
stderr("Sorry", "Access denied.");
$type_ = array('ip' => "封禁单个ip", 'building' => "封禁全楼", 'school' => "封禁全校");
$remove = (int)$_GET['remove'];
if (is_valid_id($remove)) {
sql_query("DELETE FROM bans WHERE id=" . mysql_real_escape_string($remove)) or sqlerr();
write_log("Ban " . htmlspecialchars($remove) . " was removed by $CURUSER[id] ($CURUSER[username])", 'mod');
}
if ($_SERVER["REQUEST_METHOD"] == "POST" && get_user_class() >= UC_ADMINISTRATOR) {
$first = trim($_POST["first"]);
$last = trim($_POST["last"]);
$comment = trim($_POST["comment"]);
$days = 0;
if ($_POST["fast"] == "never") $until = sqlesc('0000-00-00 00:00:00');
else {
if ($_POST["fast"]) $days = $_POST["fast"];
if ($_POST["week"]) $days += 7 * $_POST["week"];
if ($_POST["days"]) $days += $_POST["days"];
if ($days) $until = sqlesc(date("Y-m-d H:i:s", time() + 86400 * $days));
}
if (!$first || !$last || !$comment)
stderr("Error", "数据丢失!");
$firstlong = ip2long($first);
$lastlong = ip2long($last);
if (!$firstlong || !$lastlong)
stderr("Error", "IP地址格式不正确!");
if ($firstlong > $lastlong)
stderr("Error", "起始IP不应该大于终止IP!");
$comment = sqlesc($comment);
$added = sqlesc(date("Y-m-d H:i:s"));
sql_query("INSERT INTO bans (added, addedby, first, last, comment, until) VALUES($added, " . mysql_real_escape_string($CURUSER['id']) . ", $firstlong, $lastlong, $comment, $until )") or sqlerr(__FILE__, __LINE__);
header("Location: $_SERVER[REQUEST_URI]");
die;
}
//ob_start("ob_gzhandler");
$res = sql_query("SELECT * FROM bans ORDER BY added DESC") or sqlerr();
stdhead("IP地址封禁");
print("<h1>已封禁列表</h1>\n");
if (mysql_num_rows($res) == 0)
print("<p align=center><b>列表为空!</b></p>\n");
else {
print("<table border=1 cellspacing=0 cellpadding=5>\n");
print("<tr><td class=colhead>添加时间</td><td class=colhead align=left>起始IP</td><td class=colhead align=left>终止IP</td><td class=colhead align=left>预计解封时间</td>" .
"<td class=colhead align=left>操作人</td><td class=colhead align=left>备注</td><td class=colhead>移除</td></tr>\n");
while ($arr = mysql_fetch_assoc($res)) {
print("<tr><td>" . gettime($arr['added']) . "</td><td align=left>" . long2ip($arr['first']) . "</td><td align=left>" . long2ip($arr['last']) . "</td><td align=left>" . ($arr['until'] == '0000-00-00 00:00:00' ? "手动解除封禁" : gettime($arr['until'])) . "</td><td align=left>" . get_username($arr['addedby']) .
"</td><td align=left>$arr[comment]</td><td><a href=banipv4.php?remove=$arr[id]>移除</a></td></tr>\n");
}
print("</table>\n");
}
if (get_user_class() >= UC_ADMINISTRATOR) {
print("<h1>添加新条目</h1>\n");
print("<table border=1 cellspacing=0 cellpadding=5>\n");
print("<form method=post action=banipv4.php>\n");
print("<tr><td class=rowhead>起始IP:</td><td><input type=text name=first size=40></td></tr>\n");
print("<tr><td class=rowhead>终止IP:</td><td><input type=text name=last size=40></td></tr>\n");
print("<tr><td class=rowhead>封禁时间</td><td><select name=\"fast\"> <option value=\"never\" selected=\"selected\">不限时</option><option value=\"1\" > 1 天</option><option value=\"7\" > 1 周</option><option value=\"14\"> 2 周</option><option value=\"28\"> 4 周</option><option value=\"56\"> 8 周</option></select>+<input type=text name=week size=2>周+<input type=text name=days size=2>日</td></tr>\n");
print("<tr><td class=rowhead>备注信息</td><td><input type=text name=comment size=40></td></tr>\n");
print("<tr><td colspan=2 align=center><input type=submit value='确认' class=btn></td></tr>\n");
print("</form>\n</table>\n");
}
stdfoot();