working microcrud for ipbans
This commit is contained in:
parent
1edc4a37bf
commit
a9993b47a8
5 changed files with 46 additions and 37 deletions
18
composer.lock
generated
18
composer.lock
generated
|
@ -388,12 +388,12 @@
|
||||||
"source": {
|
"source": {
|
||||||
"type": "git",
|
"type": "git",
|
||||||
"url": "https://github.com/shish/microcrud.git",
|
"url": "https://github.com/shish/microcrud.git",
|
||||||
"reference": "415ef0d7cf54177783cceaf031e5b7a0e9b7aa11"
|
"reference": "8c468bf36554ae1d3cc24ddc4059ebac2e965ef1"
|
||||||
},
|
},
|
||||||
"dist": {
|
"dist": {
|
||||||
"type": "zip",
|
"type": "zip",
|
||||||
"url": "https://api.github.com/repos/shish/microcrud/zipball/415ef0d7cf54177783cceaf031e5b7a0e9b7aa11",
|
"url": "https://api.github.com/repos/shish/microcrud/zipball/8c468bf36554ae1d3cc24ddc4059ebac2e965ef1",
|
||||||
"reference": "415ef0d7cf54177783cceaf031e5b7a0e9b7aa11",
|
"reference": "8c468bf36554ae1d3cc24ddc4059ebac2e965ef1",
|
||||||
"shasum": ""
|
"shasum": ""
|
||||||
},
|
},
|
||||||
"require": {
|
"require": {
|
||||||
|
@ -429,7 +429,7 @@
|
||||||
"crud",
|
"crud",
|
||||||
"generator"
|
"generator"
|
||||||
],
|
],
|
||||||
"time": "2019-11-25T22:50:43+00:00"
|
"time": "2019-11-27T19:39:01+00:00"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "shish/microhtml",
|
"name": "shish/microhtml",
|
||||||
|
@ -1853,12 +1853,12 @@
|
||||||
"source": {
|
"source": {
|
||||||
"type": "git",
|
"type": "git",
|
||||||
"url": "https://github.com/symfony/polyfill-ctype.git",
|
"url": "https://github.com/symfony/polyfill-ctype.git",
|
||||||
"reference": "550ebaac289296ce228a706d0867afc34687e3f4"
|
"reference": "f8f0b461be3385e56d6de3dbb5a0df24c0c275e3"
|
||||||
},
|
},
|
||||||
"dist": {
|
"dist": {
|
||||||
"type": "zip",
|
"type": "zip",
|
||||||
"url": "https://api.github.com/repos/symfony/polyfill-ctype/zipball/550ebaac289296ce228a706d0867afc34687e3f4",
|
"url": "https://api.github.com/repos/symfony/polyfill-ctype/zipball/f8f0b461be3385e56d6de3dbb5a0df24c0c275e3",
|
||||||
"reference": "550ebaac289296ce228a706d0867afc34687e3f4",
|
"reference": "f8f0b461be3385e56d6de3dbb5a0df24c0c275e3",
|
||||||
"shasum": ""
|
"shasum": ""
|
||||||
},
|
},
|
||||||
"require": {
|
"require": {
|
||||||
|
@ -1870,7 +1870,7 @@
|
||||||
"type": "library",
|
"type": "library",
|
||||||
"extra": {
|
"extra": {
|
||||||
"branch-alias": {
|
"branch-alias": {
|
||||||
"dev-master": "1.12-dev"
|
"dev-master": "1.13-dev"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"autoload": {
|
"autoload": {
|
||||||
|
@ -1903,7 +1903,7 @@
|
||||||
"polyfill",
|
"polyfill",
|
||||||
"portable"
|
"portable"
|
||||||
],
|
],
|
||||||
"time": "2019-08-06T08:03:45+00:00"
|
"time": "2019-11-27T13:56:44+00:00"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "theseer/tokenizer",
|
"name": "theseer/tokenizer",
|
||||||
|
|
|
@ -728,6 +728,8 @@ function validate_input(array $inputs): array
|
||||||
$outputs[$key] = (int)$value;
|
$outputs[$key] = (int)$value;
|
||||||
} elseif (in_array('bool', $flags)) {
|
} elseif (in_array('bool', $flags)) {
|
||||||
$outputs[$key] = bool_escape($value);
|
$outputs[$key] = bool_escape($value);
|
||||||
|
} elseif (in_array('date', $flags)) {
|
||||||
|
$outputs[$key] = date("Y-m-d H:i:s", strtotime(trim($value)));
|
||||||
} elseif (in_array('string', $flags)) {
|
} elseif (in_array('string', $flags)) {
|
||||||
if (in_array('trim', $flags)) {
|
if (in_array('trim', $flags)) {
|
||||||
$value = trim($value);
|
$value = trim($value);
|
||||||
|
|
|
@ -242,5 +242,12 @@ class User
|
||||||
public function check_auth_token(): bool
|
public function check_auth_token(): bool
|
||||||
{
|
{
|
||||||
return (isset($_POST["auth_token"]) && $_POST["auth_token"] == $this->get_auth_token());
|
return (isset($_POST["auth_token"]) && $_POST["auth_token"] == $this->get_auth_token());
|
||||||
|
}
|
||||||
|
|
||||||
|
public function ensure_authed(): void
|
||||||
|
{
|
||||||
|
if(!$this->check_auth_token()) {
|
||||||
|
die("Invalid auth token");
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -639,7 +639,7 @@ function show_ip(string $ip, string $ban_reason): string
|
||||||
global $user;
|
global $user;
|
||||||
$u_reason = url_escape($ban_reason);
|
$u_reason = url_escape($ban_reason);
|
||||||
$u_end = url_escape("+1 week");
|
$u_end = url_escape("+1 week");
|
||||||
$ban = $user->can(Permissions::BAN_IP) ? ", <a href='".make_link("ip_ban/list", "ip=$ip&reason=$u_reason&end=$u_end#add")."'>Ban</a>" : "";
|
$ban = $user->can(Permissions::BAN_IP) ? ", <a href='".make_link("ip_ban/list", "c_ip=$ip&c_reason=$u_reason&c_expires=$u_end#create")."'>Ban</a>" : "";
|
||||||
$ip = $user->can(Permissions::VIEW_IP) ? $ip.$ban : "";
|
$ip = $user->can(Permissions::VIEW_IP) ? $ip.$ban : "";
|
||||||
return $ip;
|
return $ip;
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,5 +1,6 @@
|
||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
use MicroCRUD\InetColumn;
|
||||||
use MicroCRUD\StringColumn;
|
use MicroCRUD\StringColumn;
|
||||||
use MicroCRUD\DateColumn;
|
use MicroCRUD\DateColumn;
|
||||||
use MicroCRUD\TextColumn;
|
use MicroCRUD\TextColumn;
|
||||||
|
@ -14,13 +15,15 @@ class IPBanTable extends Table
|
||||||
|
|
||||||
$this->table = "bans";
|
$this->table = "bans";
|
||||||
$this->base_query = "
|
$this->base_query = "
|
||||||
SELECT bans.*, users.name AS banner
|
SELECT * FROM (
|
||||||
FROM bans JOIN users ON banner_id=users.id
|
SELECT bans.*, users.name AS banner
|
||||||
|
FROM bans JOIN users ON banner_id=users.id
|
||||||
|
) AS tbl1
|
||||||
";
|
";
|
||||||
|
|
||||||
$this->size = 10;
|
$this->size = 10;
|
||||||
$this->columns = [
|
$this->columns = [
|
||||||
new StringColumn("ip", "IP"),
|
new InetColumn("ip", "IP"),
|
||||||
new EnumColumn("mode", "Mode", ["Block"=>"block", "Firewall"=>"firewall"]),
|
new EnumColumn("mode", "Mode", ["Block"=>"block", "Firewall"=>"firewall"]),
|
||||||
new TextColumn("reason", "Reason"),
|
new TextColumn("reason", "Reason"),
|
||||||
new StringColumn("banner", "Banner"),
|
new StringColumn("banner", "Banner"),
|
||||||
|
@ -31,8 +34,10 @@ class IPBanTable extends Table
|
||||||
$this->flags = [
|
$this->flags = [
|
||||||
"all" => ["((expires > CURRENT_TIMESTAMP) OR (expires IS NULL))", null],
|
"all" => ["((expires > CURRENT_TIMESTAMP) OR (expires IS NULL))", null],
|
||||||
];
|
];
|
||||||
$this->create_url = "/ip_ban/create";
|
$this->create_url = make_link("ip_ban/create");
|
||||||
$this->delete_url = "/ip_ban/remove";
|
$this->delete_url = make_link("ip_ban/delete");
|
||||||
|
|
||||||
|
$this->table_attrs = ["class" => "sortable zebra"];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -83,30 +88,25 @@ class IPBan extends Extension
|
||||||
public function onPageRequest(PageRequestEvent $event)
|
public function onPageRequest(PageRequestEvent $event)
|
||||||
{
|
{
|
||||||
if ($event->page_matches("ip_ban")) {
|
if ($event->page_matches("ip_ban")) {
|
||||||
global $database, $page, $user;
|
global $database, $page, $user;
|
||||||
if ($user->can(Permissions::BAN_IP)) {
|
if ($user->can(Permissions::BAN_IP)) {
|
||||||
if ($event->get_arg(0) == "create" && $user->check_auth_token()) {
|
if ($event->get_arg(0) == "create") {
|
||||||
if (isset($_POST['c_ip']) && isset($_POST['c_reason']) && isset($_POST['c_expires'])) {
|
$user->ensure_authed();
|
||||||
if (empty($_POST['c_expires'])) {
|
$input = validate_input(["c_ip"=>"string", "c_reason"=>"string", "c_expires"=>"optional,date"]);
|
||||||
$end = null;
|
send_event(new AddIPBanEvent($input['c_ip'], $input['c_reason'], $input['c_expires']));
|
||||||
} else {
|
flash_message("Ban for {$input['c_ip']} added");
|
||||||
$end = date("Y-m-d H:i:s", strtotime(trim($_POST['c_expires'])));
|
$page->set_mode(PageMode::REDIRECT);
|
||||||
}
|
$page->set_redirect(make_link("ip_ban/list"));
|
||||||
send_event(new AddIPBanEvent($_POST['c_ip'], $_POST['c_reason'], $end));
|
} elseif ($event->get_arg(0) == "delete") {
|
||||||
|
$user->ensure_authed();
|
||||||
flash_message("Ban for {$_POST['c_ip']} added");
|
$input = validate_input(["d_id"=>"int"]);
|
||||||
$page->set_mode(PageMode::REDIRECT);
|
send_event(new RemoveIPBanEvent($input['d_id']));
|
||||||
$page->set_redirect(make_link("ip_ban/list"));
|
flash_message("Ban removed");
|
||||||
}
|
$page->set_mode(PageMode::REDIRECT);
|
||||||
} elseif ($event->get_arg(0) == "delete" && $user->check_auth_token()) {
|
$page->set_redirect(make_link("ip_ban/list"));
|
||||||
if (isset($_POST['d_id'])) {
|
|
||||||
send_event(new RemoveIPBanEvent($_POST['d_id']));
|
|
||||||
|
|
||||||
flash_message("Ban removed");
|
|
||||||
$page->set_mode(PageMode::REDIRECT);
|
|
||||||
$page->set_redirect(make_link("ip_ban/list"));
|
|
||||||
}
|
|
||||||
} elseif ($event->get_arg(0) == "list") {
|
} elseif ($event->get_arg(0) == "list") {
|
||||||
|
$_GET['c_banner'] = $user->name;
|
||||||
|
$_GET['c_added'] = date('Y-m-d');
|
||||||
$t = new IPBanTable($database->raw_db(), $user->get_auth_token());
|
$t = new IPBanTable($database->raw_db(), $user->get_auth_token());
|
||||||
$table = $t->table($t->query());
|
$table = $t->table($t->query());
|
||||||
$this->theme->display_bans($page, $table, $t->paginator());
|
$this->theme->display_bans($page, $table, $t->paginator());
|
||||||
|
|
Reference in a new issue