LnBlog PHP Cross Reference Blogging Systems

Source: /plugins/ipban.php - 199 lines - 7311 bytes - Summary - Text - Print

   1  <?php 
   2  
   3  # Plugin: IPBan

   4  # Bans certain IP addresses from posting comments or trackbacks.

   5  #

   6  # This plugin works by merging two lists of IP addresses.  Both of these 

   7  # files have the same name (which is configurable as an option for the 

   8  # plugin), but one is located in the root of the blog and the other is in

   9  # the LnBlog userdata folder.  The file format is one IP address per line.

  10  # When the plugin runs, it reads both of these files (if they exist) and

  11  # merges their contents.  It then rejects attempts to post comments or 

  12  # trackbacks from any of the IP addresses in this list.

  13  #

  14  # Note that the IP addresses are actually interpreted as Perl-Compatible

  15  # Regular Expressions.  This means that you can use regular expression syntax

  16  # to ban ranges of IP addresses with a single entry.  One example might be to

  17  # ban a subnet with an entry like this

  18  # | 12.34.56.*

  19  #

  20  # There are two ways to add IP addresses to the ban list.  One is through 

  21  # links in the footers of comments and trackbacks.  Clicking these links will

  22  # add the exact IP address of the comment/trackback to the ban list.

  23  # The other method is by directly editing the files using the sidebar links.

  24  # This is the method required if you want to ban ranges of IP addresses.

  25  
  26  class IPBan extends Plugin {
  27      
  28  	function IPBan() {
  29          $this->plugin_desc = _("Allows you to ban IP addresses from adding comments or trackbacks.");
  30          $this->plugin_version = "0.2.4";
  31          $this->addOption("ban_list", _("File to store list of banned IPs."),
  32              "ip_ban.txt", "text");
  33          $this->addOption("admin_local", _("Show per-blog ban link when administrator"), false, "checkbox");
  34          $this->addOption("ban_del", _("Ban link both bans IP and deletes"), true, "checkbox");
  35          $this->getConfig();
  36          
  37          # Call banIP() here so that it will get called on pages that never output, 

  38          # e.g. when you do a JavaScript confirmation on a "delete and ban", which 

  39          # redirects instead of outputing the page.    

  40          $this->banIP($this);
  41      }
  42  
  43      # Write the ban list to disk.

  44  
  45  	function updateList($add_list, $do_global=false) {
  46          global $SYSTEM;
  47          $blog = NewBlog();
  48          $usr = NewUser();
  49          if ( $blog->isBlog() && $SYSTEM->canModify($blog, $usr) && !$do_global) {
  50              $file = $blog->home_path.PATH_DELIM.$this->ban_list;
  51          } elseif ( $usr->checkLogin() && $usr->isAdministrator() ) {
  52              $file = USER_DATA_PATH.PATH_DELIM.$this->ban_list;
  53          } else {
  54              return false;
  55          }
  56          if (file_exists($file)) $list = file($file);
  57          else $list = array();
  58          $list = array_merge($list, $add_list);
  59          $list = array_unique($list);
  60          sort($list);
  61          $content = '';
  62          foreach ($list as $ip) {
  63              if ($content != '') $content .= "\n";
  64              $content .= trim($ip);
  65          }
  66          $ret = write_file($file, $content);
  67      }
  68  
  69  	function addBanLink(&$cmt) {
  70          global $SYSTEM;
  71          $blog = NewBlog();
  72          $usr = NewUser();
  73          if ($SYSTEM->canModify($blog, $usr) && $usr->checkLogin()) {
  74              $cb_link = 
  75                  spf_("IP: %s", $cmt->ip);
  76              if ($this->ban_del) {
  77                  $cb_link_loc =
  78                      ' (<a href="'.make_uri($cmt->uri("delete"), array('banip'=>$cmt->ip)).'" '.
  79                      'onclick="this.href = this.href + \'&amp;conf=yes\'; return window.confirm(\''.
  80                      spf_("Delete %s and ban IP address %s from submitting comments or trackbacks to this blog?", $cmt->getAnchor(), $cmt->ip).
  81                      '\');">'._("Delete &amp; Ban IP").'</a>) ';
  82                  $cb_link_glob = ' (<a href="'.
  83                      make_uri($cmt->uri("delete"),array('banip'=>$cmt->ip, 'global'=>'yes')).'" '.
  84                      'onclick="this.href = this.href + \'&amp;conf=yes\'; return window.confirm(\''.
  85                      spf_("Delete %s and ban IP address %s from submitting comments or trackbacks to this entire site?", $cmt->getAnchor(), $cmt->ip).
  86                      '\');">'._("Delete &amp; Ban Globally").'</a>)';
  87              } else {
  88                  $cb_link_loc =
  89                      ' (<a href="'.make_uri(false, array('banip'=>$cmt->ip)).'" '.
  90                      'onclick="return window.confirm(\''.
  91                      spf_("Ban IP address %s from submitting comments or trackbacks to this blog?", $cmt->ip).
  92                      '\');">'._("Ban IP").'</a>) ';
  93                  $cb_link_glob = ' (<a href="'.
  94                      make_uri(false,array('banip'=>$cmt->ip, 'global'=>'yes')).
  95                      'onclick="return window.confirm(\''.
  96                      spf_("Ban IP address %s from submitting comments or trackbacks to this entire site?",     $cmt->ip).
  97                      '\');">'._("Global Ban").'</a>)';
  98              }
  99  
 100              if ($this->checkBan($cmt->ip) || $cmt->ip == GET('banip')) {
 101                  $cb_link .= _(" (Banned)");
 102              } elseif ($usr->checkLogin() && $usr->isAdministrator()) {
 103                  if ($this->admin_local) {
 104                      $cb_link .= $cb_link_loc.$cb_link_glob;
 105                  } else {
 106                      $cb_link .= $cb_link_glob;
 107                  }
 108              } else {
 109                  $cb_link .= $cb_link_loc;
 110              }
 111              
 112              $cmt->control_bar[] = $cb_link;
 113          }
 114      }
 115  
 116      # Ban an IP based on a query string.

 117  
 118  	function banIP(&$param) {
 119          global $SYSTEM;
 120          if (isset($_GET["banip"])) {
 121              $blog = NewBlog();
 122              $usr = NewUser();
 123              if ($SYSTEM->canModify($blog, $usr) && $usr->checkLogin()) {
 124                  $ip = trim($_GET["banip"]);
 125                  $global = isset($_GET["global"]);
 126                  $this->updateList(array($ip), $global);
 127                  #$param->redirect(make_uri());

 128              }
 129          }
 130      }
 131  
 132  	function checkBan($check_ip) {
 133          $blog = NewBlog();
 134          $local_list = array();
 135          $global_list = array();
 136          if ( $blog->isBlog() && 
 137               file_exists($blog->home_path.PATH_DELIM.$this->ban_list)) {
 138              $local_list = file($blog->home_path.PATH_DELIM.$this->ban_list);
 139          }
 140          if (file_exists(USER_DATA_PATH.PATH_DELIM.$this->ban_list)) { 
 141              $global_list = file(USER_DATA_PATH.PATH_DELIM.$this->ban_list);
 142          }
 143          $banned_ips = array_merge($global_list, $local_list);
 144          $ban_post = false;
 145          foreach ($banned_ips as $item) {
 146              if (preg_match("/^".trim($item)."$/", trim($check_ip))) {
 147                  $ban_post = true;
 148                  break;
 149              }
 150          }
 151          return $ban_post;
 152      }
 153  
 154      # Sets the comment data to an empty string so that it cannot be added.

 155  	function clearData(&$cmt) {
 156          if ($this->checkBan(trim($cmt->ip))) {
 157              $cmt->data = '';
 158              $cmt->subject = '';
 159              $cmt->email = '';
 160              $cmt->homepage = '';
 161              $cmt->name = '';
 162          }
 163      }
 164  
 165      # Sets the trackback URL to an empty string so that it cannot be added.

 166  	function clearTBData(&$tb) {
 167          if ($this->checkBan(trim($tb->ip))) {
 168              $tb->url = false;
 169              $tb->data = '';
 170              $tb->title = '';
 171              $tb->blog = '';
 172          }
 173      }
 174  
 175  	function sidebarLink($param) {
 176          global $PLUGIN_MANAGER;
 177          $blg = NewBlog();
 178          $usr = NewUser();
 179          $banfile = $PLUGIN_MANAGER->plugin_config->value("ipban", 
 180                                           "ban_list", "ip_ban.txt");
 181          echo '<li><a href="'.$blg->uri('editfile', "file=$banfile").'">'.
 182              _("Blog IP blacklist").'</a></li>';
 183          if ($usr->isAdministrator()) {
 184              echo '<li><a href="'.
 185                  make_uri(INSTALL_ROOT_URL.'pages/editfile.php',
 186                           array('file'=>'userdata/'.$banfile)).
 187                  '">'._("Global IP blacklist").'</a></li>';
 188          }
 189      }
 190  
 191  }
 192  
 193  $ban = new IPBan();
 194  $ban->registerEventHandler("blogcomment", "OnOutput", "addBanLink");
 195  $ban->registerEventHandler("blogcomment", "OnInsert", "clearData");
 196  $ban->registerEventHandler("trackback", "OnOutput", "addBanLink");
 197  $ban->registerEventHandler("trackback", "POSTRetreived", "clearTBData");
 198  $ban->registerEventHandler("loginops", "PluginOutput", "sidebarLink");
 199  $ban->registerEventHandler("page", "OnOutput", "banIP");

title

Description

title

Description

title

Description

title

title

Body