1

Topic: bans

hi, im trying to make a ban page that views all the current bans but all i get is a white page (no errors) this is the code i have

<?php
define('PUN_ADMIN_CONSOLE', 1);

define('PUN_ROOT', './');
require PUN_ROOT.'include/common.php';
require PUN_ROOT.'include/common_admin.php';


if ($pun_user['g_id'] > PUN_MOD || ($pun_user['g_id'] == PUN_MOD && $pun_config['p_mod_ban_users'] == '0'))
    message($lang_common['No permission']);
?>

<h2 class="block2"><span>Existing bans</span></h2>
        <div class="box">
            <div class="fakeform">
<?php

$result = $db->query('SELECT id, username, ip, email, message, expire FROM '.$db->prefix.'bans ORDER BY id') or error('Unable to fetch ban list', __FILE__, __LINE__, $db->error());
if ($db->num_rows($result))
{
    while ($cur_ban = $db->fetch_assoc($result))
    {
        $expire = format_time($cur_ban['expire'], true);

?>
                <div class="inform">
                    <fieldset>
                        <legend>Ban expires: <?php echo $expire ?></legend>
                        <div class="infldset">
                            <table cellspacing="0">
<?php if ($cur_ban['username'] != ''): ?>                                
<tr>
                                    <th>Username</th>
                                    <td><?php echo pun_htmlspecialchars($cur_ban['username']) ?></td>
                              </tr>
<?php endif; ?><?php if ($cur_ban['email'] != ''): ?>                                <tr>
                                    <th>E-mail</th>
                                    <td><?php echo $cur_ban['email'] ?></td>
                                </tr>
<?php endif; ?><?php if ($cur_ban['ip'] != ''): ?>                                <tr>
                                    <th>IP/IP-ranges</th>
                                    <td><?php echo $cur_ban['ip'] ?></td>
                                </tr>
<?php endif; ?><?php if ($cur_ban['message'] != ''): ?>                                <tr>
                                    <th>Reason</th>
                                    <td><?php echo pun_htmlspecialchars($cur_ban['message']) ?></td>
                                </tr>
<?php endif; ?>                            </table>
                            </div>
                    </fieldset>
                </div>
<?php

    }
}
else
    echo "\t\t\t\t".'<p>No bans in list.</p>'."\n";

?>
            </div>
        </div>
    </div>
    <div class="clearer"></div>
</div>
<?php

require PUN_ROOT.'footer.php';
?>
*removed by Rickard*
^ 1337 php and mySQL sig
Like annoying people with visual basic? http://www.annoyingvb.com <-- the home for virus/spammers/trojans. ect source code!

Re: bans

the bans section of admin does that already, and btw your sig isn't very smart it gets my IP wrong

3

Re: bans

ip is rite, my sig isnt an image, but a php and mySQL script and it shows your ip with the $_SERVER['REMOTE_ADDR']; function in php, also, if i recall correctly, isnt that what punbb uses? anyway, back on topic, i want the public to be able to view the bans. i know atm with that code, only admins and mods can view it but thats just temp, ill remove it later

*removed by Rickard*
^ 1337 php and mySQL sig
Like annoying people with visual basic? http://www.annoyingvb.com <-- the home for virus/spammers/trojans. ect source code!

Re: bans

$_SERVER['REMOTE_ADDR']; appears wrong for anyone with a proxy (like my ISP) and punbb has a better way of finding your IP (e.g. it looks for X_FORWARDED_FOR i think)

anyway why don't you just edit the source for the admin_bans.php file? just do it bit by bit until you have what you want

5

Re: bans

ok, ill try now smile they majority of ppl dont use a proxy so theres usualy no problem

*removed by Rickard*
^ 1337 php and mySQL sig
Like annoying people with visual basic? http://www.annoyingvb.com <-- the home for virus/spammers/trojans. ect source code!

Re: bans

Connor: Except it's trivial for someone to spoof their IP that way smile

7

Re: bans

hmm why does the footer look wired and the table all spazzy? i know its says punbb 1.3 tongue i was messin bout tongue
heres my bans.php

<?php
/***********************************************************************

  Copyright (C) 2002-2005  Rickard Andersson (rickard@punbb.org)

  This file is part of PunBB.

  PunBB is free software; you can redistribute it and/or modify it
  under the terms of the GNU General Public License as published
  by the Free Software Foundation; either version 2 of the License,
  or (at your option) any later version.

  PunBB is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  GNU General Public License for more details.

  You should have received a copy of the GNU General Public License
  along with this program; if not, write to the Free Software
  Foundation, Inc., 59 Temple Place, Suite 330, Boston,
  MA  02111-1307  USA

************************************************************************/


// Tell header.php to use the admin template
define('PUN_ADMIN_CONSOLE', 1);

define('PUN_ROOT', './');
require PUN_ROOT.'include/common.php';
require PUN_ROOT.'include/common_admin.php';




$page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / Bans';
// Add/edit a ban (stage 1)
if (isset($_REQUEST['add_ban']) || isset($_GET['edit_ban']))
{
    if (isset($_GET['add_ban']) || isset($_POST['add_ban']))
    {
        // If the id of the user to ban was provided through GET (a link from profile.php)
        if (isset($_GET['add_ban']))
        {
            $add_ban = intval($_GET['add_ban']);
            if ($add_ban < 1)
                message($lang_common['Bad request']);

            $user_id = $add_ban;

            $result = $db->query('SELECT group_id, username, email FROM '.$db->prefix.'users WHERE id='.$user_id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
            if ($db->num_rows($result))
                list($group_id, $ban_user, $ban_email) = $db->fetch_row($result);
            else
                message('No user by that ID registered.');
        }
        else    // Otherwise the username is in POST
        {
            $ban_user = trim($_POST['new_ban_user']);

            if ($ban_user != '')
            {
                $result = $db->query('SELECT id, group_id, username, email FROM '.$db->prefix.'users WHERE username=\''.$db->escape($ban_user).'\'') or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
                if ($db->num_rows($result))
                    list($user_id, $group_id, $ban_user, $ban_email) = $db->fetch_row($result);
                else
                    message('No user by that username registered. If you want to add a ban not tied to a specific username just leave the username blank.');
            }
        }

        // Make sure we're not banning an admin
        if (isset($group_id) && $group_id == PUN_ADMIN)
            message('The user '.pun_htmlspecialchars($ban_user).' is an administrator and can\'t be banned. If you want to ban an administrator, you must first demote him/her to moderator or user.');

        // If we have a $user_id, we can try to find the last known IP of that user
        if (isset($user_id))
        {
            $result = $db->query('SELECT poster_ip FROM '.$db->prefix.'posts WHERE poster_id='.$user_id.' ORDER BY posted DESC LIMIT 1') or error('Unable to fetch post info', __FILE__, __LINE__, $db->error());
            $ban_ip = ($db->num_rows($result)) ? $db->result($result) : '';
        }

        $mode = 'add';
    }
    else    // We are editing a ban
    {
        $ban_id = intval($_GET['edit_ban']);
        if ($ban_id < 1)
            message($lang_common['Bad request']);

        $result = $db->query('SELECT username, ip, email, message, expire FROM '.$db->prefix.'bans WHERE id='.$ban_id) or error('Unable to fetch ban info', __FILE__, __LINE__, $db->error());
        if ($db->num_rows($result))
            list($ban_user, $ban_ip, $ban_email, $ban_message, $ban_expire) = $db->fetch_row($result);
        else
            message($lang_common['Bad request']);

        $ban_expire = ($ban_expire != '') ? date('Y-m-d', $ban_expire) : '';

        $mode = 'edit';
    }

    $page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / Admin / Bans';
    $focus_element = array('bans2', 'ban_user');
    require PUN_ROOT.'header.php';

    generate_admin_menu('bans');




    require PUN_ROOT.'footer.php';
}




require PUN_ROOT.'header.php';

//generate_admin_menu('bans');

?>


        <h2 class="block2"><span>Existing bans</span></h2>
        <div class="box">
            <div class="fakeform">
<?php

$result = $db->query('SELECT id, username, ip, email, message, expire FROM '.$db->prefix.'bans ORDER BY id') or error('Unable to fetch ban list', __FILE__, __LINE__, $db->error());
if ($db->num_rows($result))
{
    while ($cur_ban = $db->fetch_assoc($result))
    {
        $expire = format_time($cur_ban['expire'], true);

?>
                <div class="inform">
                    <fieldset>
                        <legend><?php echo pun_htmlspecialchars($cur_ban['username']) ?></legend>
                        <div class="infldset">
                            <table cellspacing="0">
<?php if ($cur_ban['username'] != ''): ?>                                
<tr>
                                    <th>Ban expires:</th>
                                    <td><?php echo $expire ?></td>
                              </tr>
<?php endif; ?><?php if ($cur_ban['message'] != ''): ?>                                <tr>
                                    <th>Reason</th>
                                    <td><?php echo pun_htmlspecialchars($cur_ban['message']) ?></td>
                                </tr>
<?php endif; ?>                            </table>
                            </div>
                    </fieldset>
                </div>
<?php

    }
}
else
    echo "\t\t\t\t".'<p>No bans in list.</p>'."\n";

?>
            </div>
        </div>
    </div>
    <div class="clearer"></div>
</div>
<?php

require PUN_ROOT.'footer.php';
*removed by Rickard*
^ 1337 php and mySQL sig
Like annoying people with visual basic? http://www.annoyingvb.com <-- the home for virus/spammers/trojans. ect source code!

Re: bans

// Tell header.php to use the admin template
define('PUN_ADMIN_CONSOLE', 1);

you probably need to remove that?

9

Re: bans

hmm, it seems whenever i remove generate_admin_menu('bans'); the footer mefs up

*removed by Rickard*
^ 1337 php and mySQL sig
Like annoying people with visual basic? http://www.annoyingvb.com <-- the home for virus/spammers/trojans. ect source code!

Re: bans

yes, read my last post,

and i'm not sure if we should allow you to have a link to that site in your signature...

11

Re: bans

educational purposes only, just to annoy some1 for a laugh smile everything includes source so you cant harm your OWN comp. If you harm some1 elses comp, well your dumb i try to make a patch for all the things i make in the site if it causes harn, like the internet kill, i have a patch for that. i kills the process, removes it from the registry and deletes the file smile

*removed by Rickard*
^ 1337 php and mySQL sig
Like annoying people with visual basic? http://www.annoyingvb.com <-- the home for virus/spammers/trojans. ect source code!

12 (edited by SpAZ 2005-06-12 12:26)

Re: bans

<?php
/***********************************************************************

  Copyright (C) 2002-2005  Rickard Andersson (rickard@punbb.org)

  This file is part of PunBB.

  PunBB is free software; you can redistribute it and/or modify it
  under the terms of the GNU General Public License as published
  by the Free Software Foundation; either version 2 of the License,
  or (at your option) any later version.

  PunBB is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  GNU General Public License for more details.

  You should have received a copy of the GNU General Public License
  along with this program; if not, write to the Free Software
  Foundation, Inc., 59 Temple Place, Suite 330, Boston,
  MA  02111-1307  USA

************************************************************************/


// Tell header.php to use the admin template

define('PUN_ROOT', './');
require PUN_ROOT.'include/common.php';






// Add/edit a ban (stage 1)
if (isset($_REQUEST['add_ban']) || isset($_GET['edit_ban']))
{
    if (isset($_GET['add_ban']) || isset($_POST['add_ban']))
    {
        // If the id of the user to ban was provided through GET (a link from profile.php)
        if (isset($_GET['add_ban']))
        {
            $add_ban = intval($_GET['add_ban']);
            if ($add_ban < 1)
                message($lang_common['Bad request']);

            $user_id = $add_ban;

            $result = $db->query('SELECT group_id, username, email FROM '.$db->prefix.'users WHERE id='.$user_id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
            if ($db->num_rows($result))
                list($group_id, $ban_user, $ban_email) = $db->fetch_row($result);
            else
                message('No user by that ID registered.');
        }
        else    // Otherwise the username is in POST
        {
            $ban_user = trim($_POST['new_ban_user']);

            if ($ban_user != '')
            {
                $result = $db->query('SELECT id, group_id, username, email FROM '.$db->prefix.'users WHERE username=\''.$db->escape($ban_user).'\'') or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
                if ($db->num_rows($result))
                    list($user_id, $group_id, $ban_user, $ban_email) = $db->fetch_row($result);
                else
                    message('No user by that username registered. If you want to add a ban not tied to a specific username just leave the username blank.');
            }
        }

        // Make sure we're not banning an admin
        if (isset($group_id) && $group_id == PUN_ADMIN)
            message('The user '.pun_htmlspecialchars($ban_user).' is an administrator and can\'t be banned. If you want to ban an administrator, you must first demote him/her to moderator or user.');

        // If we have a $user_id, we can try to find the last known IP of that user
        if (isset($user_id))
        {
            $result = $db->query('SELECT poster_ip FROM '.$db->prefix.'posts WHERE poster_id='.$user_id.' ORDER BY posted DESC LIMIT 1') or error('Unable to fetch post info', __FILE__, __LINE__, $db->error());
            $ban_ip = ($db->num_rows($result)) ? $db->result($result) : '';
        }

        $mode = 'add';
    }
    else    // We are editing a ban
    {
        $ban_id = intval($_GET['edit_ban']);
        if ($ban_id < 1)
            message($lang_common['Bad request']);

        $result = $db->query('SELECT username, ip, email, message, expire FROM '.$db->prefix.'bans WHERE id='.$ban_id) or error('Unable to fetch ban info', __FILE__, __LINE__, $db->error());
        if ($db->num_rows($result))
            list($ban_user, $ban_ip, $ban_email, $ban_message, $ban_expire) = $db->fetch_row($result);
        else
            message($lang_common['Bad request']);

        $ban_expire = ($ban_expire != '') ? date('Y-m-d', $ban_expire) : '';

        $mode = 'edit';
    }

    $page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / Admin / Bans';
    $focus_element = array('bans2', 'ban_user');
    require PUN_ROOT.'header.php';

    


?>
    <div class="blockform">
        <h2> </h2>
        <div class="box">
            <form id="bans2" method="post" action="admin_bans.php">
              <div class="inform">
                <input type="hidden" name="mode" value="<?php echo $mode ?>" />
<?php if ($mode == 'edit'): ?>                <input type="hidden" name="ban_id" value="<?php echo $ban_id ?>" />
<?php endif; ?>    
<span>
<?php if ($ban_user != '' && isset($user_id)) echo ' Click <a href="admin_users.php?ip_stats='.$user_id.'">here</a> to see IP statistics for this user.' ?>
</span><fieldset>
                        <legend></legend>
                        </fieldset>
                </div>
                </form>
        </div>
    </div>
    <div class="clearer"></div>
</div>
<?php

    //require PUN_ROOT.'footer.php';
}


// Add/edit a ban (stage 2)
else if (isset($_POST['add_edit_ban']))
{
    confirm_referrer('admin_bans.php');

    $ban_user = trim($_POST['ban_user']);
    $ban_ip = trim($_POST['ban_ip']);
    $ban_email = strtolower(trim($_POST['ban_email']));
    $ban_message = trim($_POST['ban_message']);
    $ban_expire = trim($_POST['ban_expire']);

    if ($ban_user == '' && $ban_ip == '' && $ban_email == '')
        message('You must enter either a username, an IP address or an e-mail address (at least).');

    // Validate IP/IP range (it's overkill, I know)
    if ($ban_ip != '')
    {
        $ban_ip = preg_replace('/[\s]{2,}/', ' ', $ban_ip);
        $addresses = explode(' ', $ban_ip);
        $addresses = array_map('trim', $addresses);

        for ($i = 0; $i < count($addresses); ++$i)
        {
            $octets = explode('.', $addresses[$i]);

            for ($c = 0; $c < count($octets); ++$c)
            {
                $octets[$c] = (strlen($octets[$c]) > 1) ? ltrim($octets[$c], "0") : $octets[$c];

                if ($c > 3 || preg_match('/[^0-9]/', $octets[$c]) || intval($octets[$c]) > 255)
                    message('You entered an invalid IP/IP-range.');
            }

            $cur_address = implode('.', $octets);
            $addresses[$i] = $cur_address;
        }

        $ban_ip = implode(' ', $addresses);
    }

    require PUN_ROOT.'include/email.php';
    if ($ban_email != '' && !is_valid_email($ban_email))
    {
        if (!preg_match('/^[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,4})$/', $ban_email))
            message('The e-mail address (e.g. user@domain.com) or partial e-mail address domain (e.g. domain.com) you entered is invalid.');
    }

    if ($ban_expire != '' && $ban_expire != 'Never')
    {
        $ban_expire = strtotime($ban_expire);

        if ($ban_expire == -1 || $ban_expire <= time())
            message('You entered an invalid expire date. The format should be YYYY-MM-DD and the date must be at least one day in the future.');
    }
    else
        $ban_expire = 'NULL';

    $ban_user = ($ban_user != '') ? '\''.$db->escape($ban_user).'\'' : 'NULL';
    $ban_ip = ($ban_ip != '') ? '\''.$db->escape($ban_ip).'\'' : 'NULL';
    $ban_email = ($ban_email != '') ? '\''.$db->escape($ban_email).'\'' : 'NULL';
    $ban_message = ($ban_message != '') ? '\''.$db->escape($ban_message).'\'' : 'NULL';

    if ($_POST['mode'] == 'add')
        $db->query('INSERT INTO '.$db->prefix.'bans (username, ip, email, message, expire) VALUES('.$ban_user.', '.$ban_ip.', '.$ban_email.', '.$ban_message.', '.$ban_expire.')') or error('Unable to add ban', __FILE__, __LINE__, $db->error());
    else
        $db->query('UPDATE '.$db->prefix.'bans SET username='.$ban_user.', ip='.$ban_ip.', email='.$ban_email.', message='.$ban_message.', expire='.$ban_expire.' WHERE id='.$_POST['ban_id']) or error('Unable to update ban', __FILE__, __LINE__, $db->error());

    // Regenerate the bans cache
    require_once PUN_ROOT.'include/cache.php';
    generate_bans_cache();

    redirect('admin_bans.php', 'Ban '.(($_POST['mode'] == 'edit') ? 'edited' : 'added').'. Redirecting …');
}


// Remove a ban
else if (isset($_GET['del_ban']))
{
    confirm_referrer('admin_bans.php');

    $ban_id = intval($_GET['del_ban']);
    if ($ban_id < 1)
        message($lang_common['Bad request']);

    $db->query('DELETE FROM '.$db->prefix.'bans WHERE id='.$ban_id) or error('Unable to delete ban', __FILE__, __LINE__, $db->error());

    // Regenerate the bans cache
    require_once PUN_ROOT.'include/cache.php';
    generate_bans_cache();

    redirect('admin_bans.php', 'Ban removed. Redirecting …');
}


$page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / Admin / Bans';
$focus_element = array('bans', 'new_ban_user');
require PUN_ROOT.'header.php';



?>
    <div class="blockform">
        <h2> </h2>
        <div class="box">
            <div class="fakeform">
<?php

$result = $db->query('SELECT id, username, ip, email, message, expire FROM '.$db->prefix.'bans ORDER BY id') or error('Unable to fetch ban list', __FILE__, __LINE__, $db->error());
if ($db->num_rows($result))
{
    while ($cur_ban = $db->fetch_assoc($result))
    {
        $expire = format_time($cur_ban['expire'], true);

?>
                <div class="inform">
                    <fieldset>
                        <legend>Ban expires: <?php echo $expire ?></legend>
                        <div class="infldset">
                            <table cellspacing="0">
<?php if ($cur_ban['username'] != ''): ?>                                
<tr>
                                    <th>Username</th>
                                    <td><?php echo pun_htmlspecialchars($cur_ban['username']) ?></td>
                              </tr>
<?php endif; ?><?php if ($cur_ban['email'] != ''): ?>                                <tr>
                                    <th>E-mail</th>
                                    <td><?php echo $cur_ban['email'] ?></td>
                                </tr>
<?php endif; ?><?php if ($cur_ban['ip'] != ''): ?>                                <tr>
                                    <th>IP/IP-ranges</th>
                                    <td><?php echo $cur_ban['ip'] ?></td>
                                </tr>
<?php endif; ?><?php if ($cur_ban['message'] != ''): ?>                                <tr>
                                    <th>Reason</th>
                                    <td><?php echo pun_htmlspecialchars($cur_ban['message']) ?></td>
                                </tr>
<?php endif; ?>                            </table>
                            </div>
                    </fieldset>
                </div>
<?php

    }
}
else
    echo "\t\t\t\t".'<p>No bans in list.</p>'."\n";

?>
            </div>
        </div>
    </div>
    <div class="clearer"></div>
</div>
<?php

require PUN_ROOT.'footer.php';

I have removed it. http://annoyingvb.com/forums/bans.php still spazzy
Edit: removed

if ($pun_user['g_id'] > PUN_MOD || ($pun_user['g_id'] == PUN_MOD && $pun_config['p_mod_ban_users'] == '0'))
    message($lang_common['No permission']);
*removed by Rickard*
^ 1337 php and mySQL sig
Like annoying people with visual basic? http://www.annoyingvb.com <-- the home for virus/spammers/trojans. ect source code!

Re: bans

SpaZ: I'm sorry, but that signature image was just a bit too annoying.

"Programming is like sex: one mistake and you have to support it for the rest of your life."

14

Re: bans

why?

*removed by Rickard*
^ 1337 php and mySQL sig
Like annoying people with visual basic? http://www.annoyingvb.com <-- the home for virus/spammers/trojans. ect source code!

Re: bans

Because it was huge.

"Programming is like sex: one mistake and you have to support it for the rest of your life."

Re: bans

Maybe ½ that size or smaller would be better. smile

Re: bans

scotty yours is getting on for the same size tongue

18 (edited by scottywz 2005-06-17 23:06)

Re: bans

At least ¾ of it isn't blank as it was before. smile