MercurialGeeklog / file revision
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | raw | help
plugins/spamx/EditIP.Admin.class.php
author Dirk Haun <dirk@haun-online.de>
Thu, 29 Oct 2009 13:00:11 +0100
branchHEAD
changeset 7397 c27e9026f22a
parent 6838 cb1ba8d99085
child 8352 fc233fa7fa1d
permissions -rw-r--r--
Fixed inclusion protection 
     1 <?php

     2 

     3 /**

     4 * File: EditIP.Admin.class.php

     5 * This is the Edit IPBlacklist Module for the Geeklog Spam-X plugin

     6 *

     7 * Copyright (C) 2004-2009 by the following authors:

     8 * Author   Tom Willett     tomw AT pigstye DOT net

     9 *          Dirk Haun       dirk AT haun-online DOT de

    10 *

    11 * Licensed under GNU General Public License

    12 *

    13 * @package Spam-X

    14 * @subpackage Modules

    15 */

    16 

    17 if (strpos(strtolower($_SERVER['PHP_SELF']), 'editip.admin.class.php') !== false) {

    18     die('This file can not be used on its own!');

    19 }

    20 

    21 /**

    22 * Include Abstract Base Class

    23 */

    24 require_once $_CONF['path'] . 'plugins/spamx/BaseAdmin.class.php';

    25 

    26 /**

    27 * IP Black List Editor

    28 *

    29 * @package Spam-X

    30 *

    31 */

    32 class EditIP extends BaseAdmin {

    33     /**

    34      * Constructor

    35      */

    36     function display()

    37     {

    38         global $_CONF, $_TABLES, $LANG_SX00;

    39 

    40         $action = '';

    41         if (isset($_GET['action'])) {

    42             $action = $_GET['action'];

    43         } elseif (isset($_POST['paction'])) {

    44             $action = $_POST['paction'];

    45         }

    46 

    47         $entry = '';

    48         if (isset($_GET['entry'])) {

    49             $entry = COM_stripslashes($_GET['entry']);

    50         } elseif (isset($_POST['pentry'])) {

    51             $entry = COM_stripslashes($_POST['pentry']);

    52         }

    53 

    54         if (($action == 'delete') && SEC_checkToken()) {

    55             $entry = addslashes($entry);

    56             DB_delete($_TABLES['spamx'], array('name', 'value'),

    57                                          array('IP', $entry));

    58         } elseif (($action == $LANG_SX00['addentry']) && SEC_checkToken()) {

    59             if (!empty($entry)) {

    60                 $entry = str_replace(' ', '', $entry);

    61                 $entry = addslashes($entry);

    62                 $result = DB_query("INSERT INTO {$_TABLES['spamx']} VALUES ('IP', '$entry')");

    63             }

    64         }

    65 

    66         $token = SEC_createToken();

    67         $display = '<hr' . XHTML . '>' . LB . '<p><b>';

    68         $display .= $LANG_SX00['ipblack'];

    69         $display .= '</b></p>' . LB . '<ul>' . LB;

    70         $result = DB_query("SELECT value FROM {$_TABLES['spamx']} WHERE name = 'IP'");

    71         $nrows = DB_numRows($result);

    72         for ($i = 0; $i < $nrows; $i++) {

    73             list($e) = DB_fetchArray($result);

    74             $display .= '<li>'. COM_createLink(htmlspecialchars($e),

    75                 $_CONF['site_admin_url']

    76                 . '/plugins/spamx/index.php?command=EditIP&amp;action=delete&amp;entry=' . urlencode($e) . '&amp;' . CSRF_TOKEN . '=' . $token) . '</li>' . LB;

    77         }

    78         $display .= '</ul>' . LB . '<p>' . $LANG_SX00['e1'] . '</p>' . LB;

    79         $display .= '<p>' . $LANG_SX00['e2'] . '</p>' . LB;

    80         $display .= '<form method="post" action="' . $_CONF['site_admin_url']

    81                  . '/plugins/spamx/index.php?command=EditIP">' . LB;

    82         $display .= '<div><input type="text" size="31" name="pentry"' . XHTML

    83                  . '>&nbsp;&nbsp;&nbsp;';

    84         $display .= '<input type="submit" name="paction" value="'

    85                  . $LANG_SX00['addentry'] . '"' . XHTML . '>' . LB;

    86         $display .= '<input type="hidden" name="' . CSRF_TOKEN

    87                  . "\" value=\"{$token}\"" . XHTML . '>' . LB;

    88         $display .= '</div></form>' . LB;

    89 

    90         return $display;

    91     }

    92 

    93     function link()

    94     {

    95         return 'Edit IP Blacklist';

    96     }

    97 }

    98 

    99 ?>
Geeklog