Added Ban Plugin support to Comment Manager

Added Ban plugin support to Comment Manager Feature #742. If User banned then name will be in red. Fix for banning ips of comment submissions. Fix for if Spam-X plugin disabled or not installed.
Geeklog-Core · Nov 14, 2017 · 127aeb1 · 127aeb1
1 parent e5eaa7b
commit 127aeb1
Show file tree

Hide file tree

Showing 5 changed files with 119 additions and 23 deletions.
diff --git a/language/english.php b/language/english.php
@@ -253,10 +253,11 @@
     101 => 'Existing Comments',
     102 => 'Bulk Action',
     103 => 'Ban this user',
-    104 => 'Ban this IP address with the Spamx plugin',
+    104 => 'Ban this IP address with the Spam-X plugin',
     105 => 'IP Address',
-    106 => 'Perform bulk action on comments and comment submissions including approval, deleting, and banning of user or IP address.  <span style="color: red;">IP addresses in red are the ones banned by the Spam-X plugin.</span>',
-    'record_edit' => 'Record user and time of edit?'
+    106 => 'Perform bulk action on comments and comment submissions including approval and deleting. You can also bulk ban users and IP addresses. <span style="color: red;">IP addresses in red</span> are the ones banned by the Spam-X plugin (banned from submissions only) and/or Ban plugin (banned from visiting site).  <span style="color: red;">User names in red</span> are users that have been banned.',
+    'record_edit' => 'Record user and time of edit?',
+    'ban_plugin_ban_ip' => 'Ban this IP address with the Ban plugin'
 );
 
 ###############################################################################
@@ -1541,7 +1542,8 @@
     141 => 'Failed to delete a comment.',
     142 => 'Approved comment(s).',
     143 => 'Banned user(s).',
-    144 => 'Banned IP addresses with the Spamx plugin.',
+    144 => 'Banned IP addresses with the Spam-X plugin.',
+    145 => 'Banned IP addresses with the Ban plugin.',
     150 => 'Successfully deleted all the files and directories used during the installation.',
     151 => 'Failed to delete some files and directories used during the installation.  Please remove them manually.',
     152 => 'All the files and directories used during the installation are left as they are.  It is dangerous to keep them on the server, so please don\'t forget to remove them manually.',

diff --git a/language/english_utf-8.php b/language/english_utf-8.php
@@ -253,10 +253,11 @@
     101 => 'Existing Comments',
     102 => 'Bulk Action',
     103 => 'Ban this user',
-    104 => 'Ban this IP address with the Spamx plugin',
+    104 => 'Ban this IP address with the Spam-X plugin',
     105 => 'IP Address',
-    106 => 'Perform bulk action on comments and comment submissions including approval, deleting, and banning of user or IP address.  <span style="color: red;">IP addresses in red are the ones banned by the Spam-X plugin.</span>',
-    'record_edit' => 'Record user and time of edit?'
+    106 => 'Perform bulk action on comments and comment submissions including approval and deleting. You can also bulk ban users and IP addresses. <span style="color: red;">IP addresses in red</span> are the ones banned by the Spam-X plugin (banned from submissions only) and/or Ban plugin (banned from visiting site).  <span style="color: red;">User names in red</span> are users that have been banned.',
+    'record_edit'       => 'Record user and time of edit?',
+    'ban_plugin_ban_ip' => 'Ban this IP address with the Ban plugin'
 );
 
 ###############################################################################
@@ -1541,7 +1542,8 @@
     141 => 'Failed to delete a comment.',
     142 => 'Approved comment(s).',
     143 => 'Banned user(s).',
-    144 => 'Banned IP addresses with the Spamx plugin.',
+    144 => 'Banned IP addresses with the Spam-X plugin.',
+    145 => 'Banned IP addresses with the Ban plugin.',
     150 => 'Successfully deleted all the files and directories used during the installation.',
     151 => 'Failed to delete some files and directories used during the installation.  Please remove them manually.',
     152 => 'All the files and directories used during the installation are left as they are.  It is dangerous to keep them on the server, so please don\'t forget to remove them manually.',

diff --git a/language/japanese_utf-8.php b/language/japanese_utf-8.php
@@ -263,8 +263,9 @@
     103 => 'このユーザーを禁止する',
     104 => 'このIPアドレスをSpamxプラグインで禁止する',
     105 => 'IPアドレス',
-    106 => 'ユーザーやIPアドレスの一括承認・削除・禁止を含めて、コメントに対するアクションを一括して行います。<span style="color: red;">赤字のIPアドレスはSpam-Xプラグインで禁止されているIPです。</span>',
-    'record_edit' => '編集者と編集時刻を記録する'
+    106 => 'Perform bulk action on comments and comment submissions including approval and deleting. You can also bulk ban users and IP addresses. <span style="color: red;">IP addresses in red</span> are the ones banned by the Spam-X plugin (banned from submissions only) and/or Ban plugin (banned from visiting site).  <span style="color: red;">User names in red</span> are users that have been banned.',
+    'record_edit' => '編集者と編集時刻を記録する',
+    'ban_plugin_ban_ip' => 'Ban this IP address with the Ban plugin'
 );
 
 ###############################################################################
@@ -1542,7 +1543,8 @@
     141 => 'コメントを削除できませんでした。',
     142 => 'コメントを承認しました。',
     143 => 'ユーザーを禁止しました。',
-    144 => 'IPアドレスをSpamxプラグインで禁止しました。',
+    144 => 'IPアドレスをSpam-Xプラグインで禁止しました。',
+    145 => 'Banned IP addresses with the Ban plugin.',
     150 => 'インストール時に使用したすべてのファイルとディレクトリを削除しました。',
     151 => 'インストール時に使用したファイルとディレクトリを削除しようとしましたが、一部を削除できませんでした。お手数ですが、手動で削除してください。',
     152 => 'インストール時に使用したすべてのファイルとディレクトリはそのまま残っています。このまま残しておくのは危険なので、お手数ですが、手動で削除してください。',

diff --git a/logs/error.log b/logs/error.log
@@ -1 +1,9 @@
 *** dummy entry ***
+Tue Nov 14 11:54:01 2017 - 192.168.1.224 - COM_redirect failed to redirect to "http://192.168.1.200/index.php?msg=8".  Headers were already sent at line 0 of "".  
+Tue Nov 14 11:54:07 2017 - 192.168.1.224 - COM_redirect failed to redirect to "http://192.168.1.200/admin/plugins.php".  Headers were already sent at line 0 of "".  
+Tue Nov 14 11:54:16 2017 - 192.168.1.224 - COM_redirect failed to redirect to "http://192.168.1.200/admin/plugins.php".  Headers were already sent at line 0 of "".  
+Tue Nov 14 11:54:48 2017 - 192.168.1.224 - COM_redirect failed to redirect to "http://192.168.1.200/admin/plugins.php".  Headers were already sent at line 0 of "".  
+Tue Nov 14 11:55:34 2017 - 192.168.1.224 - COM_redirect failed to redirect to "http://192.168.1.200/admin/plugins.php".  Headers were already sent at line 0 of "".  
+Tue Nov 14 11:55:36 2017 - 192.168.1.224 - COM_redirect failed to redirect to "http://192.168.1.200/admin/plugins.php".  Headers were already sent at line 0 of "".  
+Tue Nov 14 11:55:39 2017 - 192.168.1.224 - COM_redirect failed to redirect to "http://192.168.1.200/admin/plugins.php".  Headers were already sent at line 0 of "".  
+Tue Nov 14 11:55:42 2017 - 192.168.1.224 - COM_redirect failed to redirect to "http://192.168.1.200/admin/plugins.php".  Headers were already sent at line 0 of "".  
diff --git a/public_html/admin/comment.php b/public_html/admin/comment.php
@@ -92,7 +92,7 @@ function getCommentIds($suffix)
  */
 function ADMIN_getListField_comments($fieldName, $fieldValue, $A, $iconArray, $suffix)
 {
-    global $_CONF, $LANG01, $LANG_STATIC, $LANG_POLLS;
+    global $_CONF, $LANG01, $LANG_STATIC, $LANG_POLLS, $_PLUGINS, $_TABLES;
     static $encoding = null;
 
     if ($encoding === null) {
@@ -162,19 +162,29 @@ function ADMIN_getListField_comments($fieldName, $fieldValue, $A, $iconArray, $s
             $fieldValue = htmlspecialchars($fieldValue, ENT_QUOTES, $encoding);
 
             if ($userId > 1) {
-                $fieldValue = '<a href="' . $_CONF['site_url']
-                    . '/users.php?mode=profile&amp;uid=' . $userId . '">' . $fieldValue . '</a>';
+                // Check if user disabled
+                if (DB_getItem($_TABLES['users'], 'status', "uid = $userId") == USER_ACCOUNT_DISABLED) {
+                    $fieldValue = '<a href="' . $_CONF['site_url']
+                        . '/users.php?mode=profile&amp;uid=' . $userId . '"><span style="color: red;">' . $fieldValue . '</span></a>';                    
+                } else {
+                    $fieldValue = '<a href="' . $_CONF['site_url']
+                        . '/users.php?mode=profile&amp;uid=' . $userId . '">' . $fieldValue . '</a>';
+                }
             }
 
             break;
 
         case 'ipaddress':
             $forDisplay = htmlspecialchars($fieldValue, ENT_QUOTES, $encoding);
 
-            if (SPAMX_isIPBanned($fieldValue)) {
+            if (in_array('spamx', $_PLUGINS) && SPAMX_isIPBanned($fieldValue)) {
                 $fieldValue = '<span style="color: red;">' . $forDisplay . '</span>';
             } else {
-                $fieldValue = $forDisplay;
+                if (function_exists('BAN_for_plugins_ban_found') && BAN_for_plugins_ban_found($fieldValue)) {
+                    $fieldValue = '<span style="color: red;">' . $forDisplay . '</span>';
+                } else {
+                    $fieldValue = $forDisplay;
+                }
             }
 
             break;
@@ -319,8 +329,12 @@ function ADMIN_buildCommentList($suffix, $tableName, $securityToken)
         . '<option value="bulk_ban_user">' . $LANG03[103] . '</option>' . LB;
 
     if (in_array('spamx', $_PLUGINS)) {
-        $actionSelector .= '<option value="bulk_ban_ip_address">' . $LANG03[104] . '</option>' . LB;
+        $actionSelector .= '<option value="bulk_spamx_ban_ip_address">' . $LANG03[104] . '</option>' . LB;
     }
+
+    if (function_exists('BAN_for_plugins_check_access') AND BAN_for_plugins_check_access()) {
+        $actionSelector .= '<option value="bulk_ban_ip_address">' . $LANG03['ban_plugin_ban_ip'] . '</option>' . LB;
+    }    
 
     $actionSelector .= '</select>' . LB
         . '<input type="submit" name="submit" id="bulk_action_submit' . $suffix . '" value="'
@@ -490,22 +504,29 @@ function banUsers($suffix)
  *
  * @param  string $suffix
  */
-function banIpAddresses($suffix)
+function banIpAddresses_spamx($suffix)
 {
     global $_CONF, $_PLUGINS, $_TABLES, $_USER;
 
     if (SEC_checkToken()) {
         if (!in_array('spamx', $_PLUGINS)) {
-            COM_errorLog(__FUNCTION__ . ': Spamx plugin is not installed or disabled.');
+            COM_errorLog(__FUNCTION__ . ': Spam-X plugin is not installed or disabled.');
             COM_redirect($_CONF['site_admin_url'] . '/index.php');
         }
-
+        
         $getCommentIds = getCommentIds($suffix);
-
+        
         if (count($getCommentIds) > 0) {
-            $sql = "SELECT DISTINCT ipaddress FROM {$_TABLES['comments']} "
+            if ($suffix === SUFFIX_COMMENTS) {
+                $table = $_TABLES['comments'];
+            } else {
+                $table = $_TABLES['commentsubmissions'];
+            }        
+
+            $sql = "SELECT DISTINCT ipaddress FROM $table "
                 . "WHERE (ipaddress NOT LIKE '192.168.%') AND (ipaddress <> '::1') AND "
                 . " (cid IN (" . implode(',', $getCommentIds) . "))";
+
             $result = DB_query($sql);
 
             if (!DB_error()) {
@@ -526,6 +547,63 @@ function banIpAddresses($suffix)
     }
 }
 
+/**
+ * Ban IP Addresses being selected with the Ban plugin
+ *
+ * @param  string $suffix
+ */
+function banIpAddresses_ban($suffix)
+{
+    global $_CONF, $_PLUGINS, $_TABLES, $_USER;
+
+    if (SEC_checkToken()) {
+        if (!in_array('ban', $_PLUGINS)) {
+            COM_errorLog(__FUNCTION__ . ': Ban plugin is not installed or disabled.');
+            COM_redirect($_CONF['site_admin_url'] . '/index.php');
+        }        
+
+        if (!(function_exists('BAN_for_plugins_check_access') AND BAN_for_plugins_check_access())) {
+            COM_errorLog(__FUNCTION__ . ': This version of the Ban plugin doesn\'t support this function or the user doesn\'t have Ban Admin access.');
+            COM_redirect($_CONF['site_admin_url'] . '/index.php');
+        }         
+
+        $getCommentIds = getCommentIds($suffix);
+
+        if (count($getCommentIds) > 0) {
+            if ($suffix === SUFFIX_COMMENTS) {
+                $table = $_TABLES['comments'];
+            } else {
+                $table = $_TABLES['commentsubmissions'];
+            }        
+
+            $sql = "SELECT DISTINCT ipaddress FROM $table "
+                . "WHERE (ipaddress NOT LIKE '192.168.%') AND (ipaddress <> '::1') AND "
+                . " (cid IN (" . implode(',', $getCommentIds) . "))";
+
+            $sql = "SELECT DISTINCT ipaddress FROM $table "
+                . "WHERE  "
+                . " (cid IN (" . implode(',', $getCommentIds) . "))";
+
+            $result = DB_query($sql);
+
+            if (!DB_error()) {
+                while (($A = DB_fetchArray($result, false)) !== false) {
+                    if (!BAN_for_plugins_ban_found($A['ipaddress'])) {
+                        BAN_for_plugins_ban_ip($A['ipaddress'], '', true, 'Banned via Comment Manager');
+                    }
+                }
+
+            }
+
+            //COM_redirect($_CONF['site_admin_url'] . '/comment.php?msg=145');
+        }
+    } else {
+        COM_accessLog("User {$_USER['username']} tried to ban IP addresses and failed CSRF checks.");
+        COM_redirect($_CONF['site_admin_url'] . '/index.php');
+    }
+}
+
+
 // MAIN
 $list = \Geeklog\Input::fPost('list', '');
 
@@ -552,8 +630,12 @@ function banIpAddresses($suffix)
         banUsers($suffix);
         break;
 
+    case 'bulk_spamx_ban_ip_address':
+        banIpAddresses_spamx($suffix);
+        break;
+
     case 'bulk_ban_ip_address':
-        banIpAddresses($suffix);
+        banIpAddresses_ban($suffix);
         break;
 
     default: