Mirror/Gazelle
1
0
Fork 0
mirror of https://github.com/WhatCD/Gazelle.git synced 2025-01-31 02:21:36 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Empty commit

Browse Source
This commit is contained in:
Git 2013-02-06 08:00:17 +00:00
parent 7748742c9f
commit b1324098d8
10 changed files with 79 additions and 78 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
classes/class_tools.php
View File

@ -6,22 +6,25 @@ class Tools {
* @param string $IP * @param string $IP
*/ */
public static function site_ban_ip($IP) { public static function site_ban_ip($IP) {
global $DB, $Cache; global $DB, $Cache, $Debug;
$IPNum = Tools::ip_to_unsigned($IP); $A = substr($IP, 0, strcspn($IP, '.'));
$IPBans = $Cache->get_value('ip_bans'); $IPNum = Tools::ip_to_unsigned($IP);
if (!is_array($IPBans)) { $IPBans = $Cache->get_value('ip_bans_'.$A);
$DB->query("SELECT ID, FromIP, ToIP FROM ip_bans"); if (!is_array($IPBans)) {
$IPBans = $DB->to_array(0, MYSQLI_NUM); $SQL = sprintf("SELECT ID, FromIP, ToIP FROM ip_bans WHERE FromIP BETWEEN %d << 24 AND (%d << 24) - 1", $A, $A+1);
$Cache->cache_value('ip_bans', $IPBans, 0); $DB->query($SQL);
} $IPBans = $DB->to_array(0, MYSQLI_NUM);
foreach ($IPBans as $Index => $IPBan) { $Cache->cache_value('ip_bans_'.$A, $IPBans, 0);
list ($ID, $FromIP, $ToIP) = $IPBan; }
if ($IPNum >= $FromIP && $IPNum <= $ToIP) { $Debug->log_var($IPBans, 'IP bans for class '.$A);
return true; foreach ($IPBans as $Index => $IPBan) {
} list ($ID, $FromIP, $ToIP) = $IPBan;
} if ($IPNum >= $FromIP && $IPNum <= $ToIP) {
return true;
}
}
return false; return false;
} }
/** /**

4
gazelle.sql
View File

@ -420,7 +420,6 @@ CREATE TABLE `ip_bans` (
`Reason` varchar(255) DEFAULT NULL, `Reason` varchar(255) DEFAULT NULL,
PRIMARY KEY (`ID`), PRIMARY KEY (`ID`),
UNIQUE KEY `FromIP_2` (`FromIP`,`ToIP`), UNIQUE KEY `FromIP_2` (`FromIP`,`ToIP`),
KEY `FromIP` (`FromIP`,`ToIP`),
KEY `ToIP` (`ToIP`) KEY `ToIP` (`ToIP`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1; ) ENGINE=InnoDB DEFAULT CHARSET=latin1;
@ -1575,7 +1574,8 @@ CREATE TABLE `wiki_revisions` (
`Title` varchar(100) DEFAULT NULL, `Title` varchar(100) DEFAULT NULL,
`Body` mediumtext, `Body` mediumtext,
`Date` datetime DEFAULT NULL, `Date` datetime DEFAULT NULL,
`Author` int(10) DEFAULT NULL `Author` int(10) DEFAULT NULL,
KEY `ID_Revision` (`ID`,`Revision`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8; ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
CREATE TABLE `wiki_torrents` ( CREATE TABLE `wiki_torrents` (

5
sections/login/index.php
View File

@ -172,7 +172,7 @@
// Function to log a user's login attempt // Function to log a user's login attempt
function log_attempt($UserID) { function log_attempt($UserID) {
global $DB, $AttemptID, $Attempts, $Bans, $BannedUntil, $Time; global $DB, $Cache, $AttemptID, $Attempts, $Bans, $BannedUntil, $Time;
if($AttemptID) { // User has attempted to log in recently if($AttemptID) { // User has attempted to log in recently
$Attempts++; $Attempts++;
if ($Attempts>5) { // Only 6 allowed login attempts, ban user's IP if ($Attempts>5) { // Only 6 allowed login attempts, ban user's IP
@ -200,7 +200,8 @@ function log_attempt($UserID) {
$DB->query("INSERT INTO ip_bans $DB->query("INSERT INTO ip_bans
(FromIP, ToIP, Reason) VALUES (FromIP, ToIP, Reason) VALUES
('$IP','$IP', 'Automated ban per >60 failed login attempts')"); ('$IP','$IP', 'Automated ban per >60 failed login attempts')");
$Cache->delete_value('ip_bans'); $A = substr($_SERVER['REMOTE_ADDR'], 0, strcspn($_SERVER['REMOTE_ADDR'], '.'));
$Cache->delete_value('ip_bans_'.$A);
} }
} }
} else { } else {

2
sections/tools/data/upscale_pool.php
View File

@ -47,7 +47,7 @@
<td>Down</td> <td>Down</td>
<td>Ratio</td> <td>Ratio</td>
<td>Required Ratio</td> <td>Required Ratio</td>
<td>Defecit</td> <td>Deficit</td>
<td>Gamble</td> <td>Gamble</td>
<td>Registered</td> <td>Registered</td>
<td>Remaining</td> <td>Remaining</td>

2
sections/tools/data/user_flow.php
View File

@ -104,7 +104,7 @@
<div class="thin"> <div class="thin">
<? if(!isset($_GET['page'])) { ?> <? if(!isset($_GET['page'])) { ?>
<div class="box pad"> <div class="box pad">
<img src="http://chart.apis.google.com/chart?cht=lc&chs=820x160&chco=000D99,99000D&chg=0,-1,1,1&chxt=y,x&chxs=0,h&chxl=1:|<?=implode('|',$Labels)?>&chxr=0,0,<?=$Max?>&chd=t:<?=implode(',',$InFlow)?>|<?=implode(',',$OutFlow)?>&chls=2,4,0&chdl=New+Registrations|Disabled+Users&amp;chf=bg,s,FFFFFF00" /> <img src="http://chart.apis.google.com/chart?cht=lc&amp;chs=820x160&amp;chco=000D99,99000D&amp;chg=0,-1,1,1&amp;chxt=y,x&amp;chxs=0,h&amp;chxl=1:|<?=implode('|',$Labels)?>&amp;chxr=0,0,<?=$Max?>&amp;chd=t:<?=implode(',',$InFlow)?>|<?=implode(',',$OutFlow)?>&amp;chls=2,4,0&amp;chdl=New+Registrations|Disabled+Users&amp;chf=bg,s,FFFFFF00" alt="User Flow vs. Time" />
</div> </div>
<? } ?> <? } ?>
<div class="linkbox"> <div class="linkbox">

32
sections/tools/managers/eb.php
View File

@ -40,10 +40,9 @@
<td colspan="4">Add Email or Domain to Blacklist</td> <td colspan="4">Add Email or Domain to Blacklist</td>
</tr> </tr>
<tr class="rowa"> <tr class="rowa">
<form class="add_form" name="email_blacklist" action="tools.php" <form class="add_form" name="email_blacklist" action="tools.php" method="post">
method="post"> <input type="hidden" name="action" value="eb_alter" />
<input type="hidden" name="action" value="eb_alter" /> <input <input type="hidden" name="auth" value="<?=$LoggedUser['AuthKey']?>" />
type="hidden" name="auth" value="<?=$LoggedUser['AuthKey']?>" />
<td><input type="text" name="email" size="30" /></td> <td><input type="text" name="email" size="30" /></td>
<td colspan="2"><input type="text" name="comment" size="60" /></td> <td colspan="2"><input type="text" name="comment" size="60" /></td>
<td><input type="submit" value="Create" /></td> <td><input type="submit" value="Create" /></td>
@ -53,19 +52,20 @@
foreach ($Results as $Result) { foreach ($Results as $Result) {
?> ?>
<tr> <tr>
<form class="manage_form" name="email_blacklist" action="tools.php" <form class="manage_form" name="email_blacklist" action="tools.php" method="post">
method="post"> <td>
<td><input type="hidden" name="action" value="eb_alter" /> <input <input type="hidden" name="action" value="eb_alter" />
type="hidden" name="auth" value="<?=$LoggedUser['AuthKey']?>" /> <input <input type="hidden" name="auth" value="<?=$LoggedUser['AuthKey']?>" />
type="hidden" name="id" value="<?=$Result['ID']?>" /> <input <input type="hidden" name="id" value="<?=$Result['ID']?>" />
type="text" name="email" value="<?=display_str($Result['Email'])?>" <input type="text" name="email" value="<?=display_str($Result['Email'])?>" size="30" />
size="30" /></td> </td>
<td><input type="text" name="comment" <td><input type="text" name="comment" value="<?=display_str($Result['Comment'])?>" size="60" /></td>
value="<?=display_str($Result['Comment'])?>" size="60" /></td>
<td><?=Users::format_username($Result ['UserID'], false, false, false)?><br /><?=time_diff($Result ['Time'], 1)?></td> <td><?=Users::format_username($Result ['UserID'], false, false, false)?><br /><?=time_diff($Result ['Time'], 1)?></td>
<td><input type="submit" name="submit" value="Edit" /> <input <td>
type="submit" name="submit" value="Delete" /></td> <input type="submit" name="submit" value="Edit" />
<input type="submit" name="submit" value="Delete" />
</td>
</form> </form>
</tr> </tr>
<? }?> <? }?>

13
sections/tools/managers/permissions_list.php
View File

@ -1,8 +1,7 @@
<? <?
View::show_header('Manage Permissions'); View::show_header('Manage Permissions');
?> ?>
<script type="text/javascript" language="javascript"> <script type="text/javascript">//<![CDATA[
//<![CDATA[
function confirmDelete(id) { function confirmDelete(id) {
if (confirm("Are you sure you want to remove this permission class?")) { if (confirm("Are you sure you want to remove this permission class?")) {
location.href="tools.php?action=permissions&removeid="+id; location.href="tools.php?action=permissions&removeid="+id;
@ -15,14 +14,14 @@ function confirmDelete(id) {
<div class="header"> <div class="header">
<div class="linkbox"> <div class="linkbox">
[<a href="tools.php?action=permissions&amp;id=new">Create a new permission set</a>] [<a href="tools.php?action=permissions&amp;id=new">Create a new permission set</a>]
[<a href="tools.php">Back to Tools</a>] [<a href="tools.php">Back to tools</a>]
</div> </div>
</div> </div>
<? <?
$DB->query("SELECT p.ID,p.Name,p.Level,p.Secondary,COUNT(u.ID)+COUNT(DISTINCT l.UserID) $DB->query("SELECT p.ID,p.Name,p.Level,p.Secondary,COUNT(u.ID)+COUNT(DISTINCT l.UserID)
FROM permissions AS p FROM permissions AS p
LEFT JOIN users_main AS u ON u.PermissionID=p.ID LEFT JOIN users_main AS u ON u.PermissionID=p.ID
LEFT JOIN users_levels AS l ON l.PermissionID=p.ID LEFT JOIN users_levels AS l ON l.PermissionID=p.ID
GROUP BY p.ID ORDER BY p.Secondary ASC, p.Level ASC"); GROUP BY p.ID ORDER BY p.Secondary ASC, p.Level ASC");
if($DB->record_count()) { if($DB->record_count()) {
?> ?>

36
sections/tools/managers/tag_aliases.php
View File

@ -4,45 +4,45 @@
View::show_header('Tag Aliases'); View::show_header('Tag Aliases');
$orderby = ($_GET['order']) == "badtags" ? "BadTag" : "AliasTag"; $orderby = ($_GET['order']) == "badtags" ? "BadTag" : "AliasTag";
if (isset($_POST['newalias'])) { if (isset($_POST['newalias'])) {
$badtag = mysql_escape_string($_POST['badtag']); $badtag = mysql_escape_string($_POST['badtag']);
$aliastag = mysql_escape_string($_POST['aliastag']); $aliastag = mysql_escape_string($_POST['aliastag']);
$DB -> query("INSERT INTO tag_aliases (BadTag, AliasTag) VALUES ('$badtag', '$aliastag')"); $DB -> query("INSERT INTO tag_aliases (BadTag, AliasTag) VALUES ('$badtag', '$aliastag')");
} }
if (isset($_POST['changealias'])) { if (isset($_POST['changealias'])) {
$aliasid = $_POST['aliasid']; $aliasid = $_POST['aliasid'];
$badtag = mysql_escape_string($_POST['badtag']); $badtag = mysql_escape_string($_POST['badtag']);
$aliastag = mysql_escape_string($_POST['aliastag']); $aliastag = mysql_escape_string($_POST['aliastag']);
if ($_POST['save']) { if ($_POST['save']) {
$DB -> query("UPDATE tag_aliases SET BadTag = '$badtag', AliasTag = '$aliastag' WHERE ID = '$aliasid' "); $DB -> query("UPDATE tag_aliases SET BadTag = '$badtag', AliasTag = '$aliastag' WHERE ID = '$aliasid' ");
} }
if ($_POST['delete']) { if ($_POST['delete']) {
$DB -> query("DELETE FROM tag_aliases WHERE ID = '$aliasid'"); $DB -> query("DELETE FROM tag_aliases WHERE ID = '$aliasid'");
} }
} }
?> ?>
<div class="header"> <div class="header">
<h2>Tag Aliases</h2> <h2>Tag Aliases</h2>
<div class="linkbox"> <div class="linkbox">
[<a href="tools.php?action=tag_aliases&amp;order=goodtags">Sort by Good Tags</a>] [<a href="tools.php?action=tag_aliases&amp;order=goodtags">Sort by good tags</a>]
[<a href="tools.php?action=tag_aliases&amp;order=badtags">Sort by Bad Tags</a>] [<a href="tools.php?action=tag_aliases&amp;order=badtags">Sort by bad tags</a>]
</div> </div>
</div> </div>
<table width="100%"> <table width="100%">
<tr class="colhead"> <tr class="colhead">
<td>Tag</td> <td>Tag</td>
<td>Renamed From</td> <td>Renamed from</td>
<td>Submit</td> <td>Submit</td>
</tr> </tr>
<tr/> <tr/>
<tr> <tr>
<form class="add_form" name="aliases" action="" method="post"> <form class="add_form" name="aliases" method="post" action="">
<input type="hidden" name="newalias" value="1" /> <input type="hidden" name="newalias" value="1" />
<td> <td>
<input type="text" name="aliastag" /> <input type="text" name="aliastag" />

22
sections/tools/misc/quick_ban.php
View File

@ -3,21 +3,21 @@
if(!check_perms('admin_manage_ipbans')) { error(403); } if(!check_perms('admin_manage_ipbans')) { error(403); }
if(isset($_GET['perform'])) { if(isset($_GET['perform'])) {
if($_GET['perform'] == 'delete') { if($_GET['perform'] == 'delete') {
if(!is_number($_GET['id']) || $_GET['id'] == ''){ error(0); } if(!is_number($_GET['id']) || $_GET['id'] == ''){ error(0); }
$DB->query('DELETE FROM ip_bans WHERE ID='.$_GET['id']); $DB->query('DELETE FROM ip_bans WHERE ID='.$_GET['id']);
$Bans = $Cache->delete_value('ip_bans'); $Bans = $Cache->delete_value('ip_bans');
} }
elseif($_GET['perform'] == 'create') { elseif($_GET['perform'] == 'create') {
$Notes = db_string($_GET['notes']); $Notes = db_string($_GET['notes']);
$IP = Tools::ip_to_unsigned($_GET['ip']); //Sanitized by Validation regex $IP = Tools::ip_to_unsigned($_GET['ip']); //Sanitized by Validation regex
$DB->query("INSERT INTO ip_bans $DB->query("INSERT INTO ip_bans
(FromIP, ToIP, Reason) VALUES (FromIP, ToIP, Reason) VALUES
('$IP','$IP', '$Notes')"); ('$IP','$IP', '$Notes')");
$ID = $DB->inserted_id(); $ID = $DB->inserted_id();
$Bans = $Cache->get_value('ip_bans'); $Bans = $Cache->get_value('ip_bans');
$Bans[$ID] = array($ID, $Start, $End); $Bans[$ID] = array($ID, $Start, $End);
$Cache->cache_value('ip_bans', $Bans, 0); $Cache->cache_value('ip_bans', $Bans, 0);
} }
} }

8
static/functions/collage.js
View File

@ -24,11 +24,9 @@ function CollageSubscribe(collageid) {
ajax.get("userhistory.php?action=collage_subscribe&collageid=" + collageid + "&auth=" + authkey, function() { ajax.get("userhistory.php?action=collage_subscribe&collageid=" + collageid + "&auth=" + authkey, function() {
var subscribeLink = $("#subscribelink" + collageid).raw(); var subscribeLink = $("#subscribelink" + collageid).raw();
if(subscribeLink) { if(subscribeLink) {
if(subscribeLink.firstChild.nodeValue.substr(1,1) == 'U') { subscribeLink.firstChild.nodeValue = subscribeLink.firstChild.nodeValue.charAt(0) == 'U'
subscribeLink.firstChild.nodeValue = "[Subscribe]"; ? "Subscribe"
} else { : "Unsubscribe";
subscribeLink.firstChild.nodeValue = "[Unsubscribe]";
}
} }
}); });
} }