query('DELETE FROM ip_bans WHERE ID='.$_POST['id']); $Cache->delete_value('ip_bans_'.$IPA); } else { //Edit & Create, Shared Validation $Val->SetFields('start', '1','regex','You must include the starting IP address.',array('regex'=>'/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}/i')); $Val->SetFields('end', '1','regex','You must include the ending IP address.',array('regex'=>'/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}/i')); $Val->SetFields('notes', '1','string','You must include the reason for the ban.'); $Err=$Val->ValidateForm($_POST); // Validate the form if ($Err) { error($Err); } $Notes = db_string($_POST['notes']); $Start = Tools::ip_to_unsigned($_POST['start']); //Sanitized by Validation regex $End = Tools::ip_to_unsigned($_POST['end']); //See above if ($_POST['submit'] == 'Edit') { //Edit if (empty($_POST['id']) || !is_number($_POST['id'])) { error(404); } $DB->query(" UPDATE ip_bans SET FromIP=$Start, ToIP='$End', Reason='$Notes' WHERE ID='".$_POST['id']."'"); } else { //Create $DB->query(" INSERT INTO ip_bans (FromIP, ToIP, Reason) VALUES ('$Start','$End', '$Notes')"); } $Cache->delete_value('ip_bans_'.$IPA); } } define('BANS_PER_PAGE', '20'); list($Page, $Limit) = Format::page_limit(BANS_PER_PAGE); $sql = " SELECT SQL_CALC_FOUND_ROWS ID, FromIP, ToIP, Reason FROM ip_bans AS i "; if (!empty($_REQUEST['notes'])) { $sql .= "WHERE Reason LIKE '%".db_string($_REQUEST['notes'])."%' "; } if (!empty($_REQUEST['ip']) && preg_match('/\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}/', $_REQUEST['ip'])) { if (!empty($_REQUEST['notes'])) { $sql .= "AND '".Tools::ip_to_unsigned($_REQUEST['ip'])."' BETWEEN FromIP AND ToIP "; } else { $sql .= "WHERE '".Tools::ip_to_unsigned($_REQUEST['ip'])."' BETWEEN FromIP AND ToIP "; } } $sql .= "ORDER BY FromIP ASC"; $sql .= " LIMIT ".$Limit; $Bans = $DB->query($sql); $DB->query('SELECT FOUND_ROWS()'); list($Results) = $DB->next_record(); $PageLinks = Format::get_pages($Page, $Results, BANS_PER_PAGE, 11); View::show_header('IP Address Bans'); $DB->set_query_id($Bans); ?>
Range | Notes | Submit | |