Forums

Unfortunately no one can be told what FluxBB is - you have to see it for yourself.

You are not logged in.

#1 2010-07-19 21:48:58

xSDMx
Member
Registered: 2008-06-24
Posts: 129

Bad Behavior Admin List

<?php
/***********************************************************************

  Copyright (C) 2002-2005  Smartys (smartys@punbb-hosting.com)

  This file is part of PunBB.

  PunBB is free software; you can redistribute it and/or modify it
  under the terms of the GNU General Public License as published
  by the Free Software Foundation; either version 2 of the License,
  or (at your option) any later version.

  PunBB is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  GNU General Public License for more details.

  You should have received a copy of the GNU General Public License
  along with this program; if not, write to the Free Software
  Foundation, Inc., 59 Temple Place, Suite 330, Boston,
  MA  02111-1307  USA

************************************************************************/

// Make sure no one attempts to run this script "directly"
if (!defined('PUN'))
    exit;

// Tell admin_loader.php that this is indeed a plugin and that it is loaded
define('PUN_PLUGIN_LOADED', 1);

// If the "Save" button was clicked
if (isset($_POST['save']))
{
    $form = array_map("trim", $_POST['form']);
    while (list($key, $input) = @each($form))
    {
        $db->query('UPDATE '.$db->prefix.'config SET conf_value='.$input.' WHERE conf_name=\'o_badbehavior_'.$db->escape($key).'\'') or error('Unable to update board config', __FILE__, __LINE__, $db->error());
    }
    
    // Regenerate the config cache
    require_once PUN_ROOT.'include/cache.php';
    generate_config_cache();
    
    redirect($_SERVER['REQUEST_URI'], 'Options updated. Redirecting...');
}
else
{
    // Display the admin navigation menu
    generate_admin_menu($plugin);

?>
    <div id="badbehaviorplugin" class="blockform">
        <h2><span>Bad Behavior Plugin</span></h2>
        <div class="box">
            <div class="inbox">
                <p>The Bad Behavior system helps protect your site from malicious bots (spammers, email harvesters, etc).</p>
                <p>For more information please visit the <a href="http://www.bad-behavior.ioerror.us/">Bad Behavior</a> homepage.</p>
                <p>If you find Bad Behavior valuable, please consider making a <a href="https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=error%40ioerror%2eus&item_name=Bad%20Behavior%20<?php echo BB2_VERSION; ?>%20%28From%20Admin%29&no_shipping=1&cn=Comments%20about%20Bad%20Behavior&tax=0&currency_code=USD&bn=PP%2dDonationsBF&charset=UTF%2d8">financial contribution</a> to further development of Bad Behavior.</p>
            </div>
        </div>
        <h2 class="block2"><span>Statistics:</span></h2>
        <div class="box">
            <div class="inbox">
                <p><?php echo bb2_insert_stats(true) ?></p>
            </div>
        </div>
        <h2 class="block2"><span>Settings</span></h2>
        <div class="box">
            <form id="example" method="post" action="<?php echo $_SERVER['REQUEST_URI'] ?>">
                <p class="submittop"><input type="submit" name="save" value="Save changes" /></p>
                <div class="inform">
                    <fieldset>
                        <legend>Change your settings and submit!</legend>
                        <div class="infldset">
                            <table class="aligntop" cellspacing="0">
                                <tr>
                                    <th scope="row">Display Statistics</th>
                                    <td>
                                        <input type="radio" name="form[display_stats]" value="1"<?php if ($pun_config['o_badbehavior_display_stats'] == '1') echo ' checked="checked"' ?> />&nbsp;<strong>Yes</strong>&nbsp;&nbsp;&nbsp;<input type="radio" name="form[display_stats]" value="0"<?php if ($pun_config['o_badbehavior_display_stats'] == '0') echo ' checked="checked"' ?> />&nbsp;<strong>No</strong>
                                        <span>Allows you to decide if statistics should be displayed publicly or not (you will also need to edit the code to include a call to bb2_insert_stats()). This setting does not affect the statistics seen above.</span>
                                    </td>
                                </tr>
                                <tr>
                                    <th scope="row">Verbose Logging</th>
                                    <td>
                                        <input type="radio" name="form[verbose]" value="1"<?php if ($pun_config['o_badbehavior_verbose'] == '1') echo ' checked="checked"' ?> />&nbsp;<strong>Yes</strong>&nbsp;&nbsp;&nbsp;<input type="radio" name="form[verbose]" value="0"<?php if ($pun_config['o_badbehavior_verbose'] == '0') echo ' checked="checked"' ?> />&nbsp;<strong>No</strong>
                                        <span>More verbose logging (logs data from all requests made).</span>
                                    </td>
                                </tr>
                                <tr>
                                    <th scope="row">Strict Mode</th>
                                    <td>
                                        <input type="radio" name="form[strict]" value="1"<?php if ($pun_config['o_badbehavior_strict'] == '1') echo ' checked="checked"' ?> />&nbsp;<strong>Yes</strong>&nbsp;&nbsp;&nbsp;<input type="radio" name="form[strict]" value="0"<?php if ($pun_config['o_badbehavior_strict'] == '0') echo ' checked="checked"' ?> />&nbsp;<strong>No</strong>
                                        <span>Strict checking (blocks more spam but may block some people)</span>
                                    </td>
                                </tr>
                            </table>
                        </div>
                    </fieldset>
            </form>
    <p>    
    <div class="inform">
        <fieldset>
            <legend>Block List</legend>
                <table class="aligntop" cellspacing="0">
            <tr>
                <th scope="col">ID</th>
                <th scope="col">Time</th>
                <th scope="col">IP</th>
                <th scope="col">User Agent</th>
            </tr>
        </fieldset>    
</div>
<?php


// Grab bb list
$result = $db->query('SELECT * FROM '.$db->prefix.'bad_behavior ORDER BY id DESC LIMIT 10') or error('Unable to fetch bad_behavior list', __FILE__, __LINE__, $db->error());
$num_bb = $db->num_rows($result);

if ($num_bb > 0)
{
    while ($bb_data = $db->fetch_assoc($result))
    {

            echo"\t\t\t\t".'<tr>'."\n";
            echo "\t\t\t\t\t".'<td>'.$bb_data['id'].'</td>'."\n";
            echo "\t\t\t\t\t".'<td>'.$bb_data['date'].'</td>'."\n";
            echo "\t\t\t\t\t".'<td>'.$bb_data['ip'].'</td>'."\n";
            echo "\t\t\t\t\t".'<td>'.$bb_data['user_agent'].'</td>'."\n";
    
            if ($pun_user['g_id'] <= PUN_MOD)
                echo"\t\t\t\t\t".'<td><a href="'.PUN_ROOT.'admin_users.php?show_users='.$user_data['current_ip'].'">'.$user_data['current_ip'].'</a></td>'."\n";

            echo"\t\t\t\t".'</tr>'."\n";

    }
}
else
{
    echo "\t\t\t\t".'<tr><td colspan="'.(($pun_user['g_id'] <= PUN_MOD) ? '4' : '3').'">'.$lang_online['No users'].'</td>'."\n\t\t\t\t".'</tr>'."\n";
}
?>
        
            </table>
        </div>
    </div>
</div>

<?php

}

// Note that the script just ends here. The footer will be included by admin_loader.php.

Quick and sloppy, but I put together a list within the admin plugin that queries the database and shows the ten most recent blocks. I hope someone finds this useful!

Last edited by xSDMx (2010-07-20 00:59:54)

Offline

#2 2010-07-20 10:16:55

Visman
Member
From: Siberia
Registered: 2010-07-10
Posts: 1,266
Website

Re: Bad Behavior Admin List

...SET conf_value='.$input.' WHERE...

It is unsafe?
Can be so:

...SET conf_value='.intval($input).' WHERE...

Offline

#3 2010-07-20 10:43:48

FSX
Former Developer
From: NL
Registered: 2008-05-09
Posts: 818
Website

Re: Bad Behavior Admin List

Use:

foreach ($form as $key => $input)

Instead of:

while (list($key, $input) = @each($form))

And also escape the input like this:

$db->escape($input)

SQL injections are not nice.

Offline

#4 2010-07-20 14:03:06

Smartys
Former Developer
Registered: 2008-04-27
Posts: 3,139
Website

Re: Bad Behavior Admin List

That's actually my mistake: it's in the Bad Behavior modification I wrote wink

Offline

#5 2010-07-20 14:12:59

Franz
Lead developer
From: Germany
Registered: 2008-05-13
Posts: 6,674
Website

Re: Bad Behavior Admin List

Great. So much for my review hmm

Last edited by Franz (2010-07-20 14:13:06)


fluxbb.de | develoPHP

"As code is more often read than written it's really important to write clean code."

Offline

#6 2010-07-21 00:32:53

Smartys
Former Developer
Registered: 2008-04-27
Posts: 3,139
Website

Re: Bad Behavior Admin List

If it makes you feel any better, I still can't believe that I wrote that code tongue

I'll be releasing a new version in the next day or so (no time tonight, unfortunately).

Offline

#7 2010-07-21 02:16:50

xSDMx
Member
Registered: 2008-06-24
Posts: 129

Re: Bad Behavior Admin List

This thread is sad

Offline

#8 2010-07-26 18:32:38

xSDMx
Member
Registered: 2008-06-24
Posts: 129

Re: Bad Behavior Admin List

So, did you release a new version?

Offline

#9 2010-07-26 19:42:55

quy
Administrator
From: California
Registered: 2008-05-09
Posts: 926

Re: Bad Behavior Admin List

Offline

Board footer

Powered by FluxBB