[ Index ]

PHP Cross Reference of phpBB-3.3.0-deutsch

title

Body

[close]

/includes/acp/ -> acp_bots.php (source)

   1  <?php
   2  /**
   3  *
   4  * This file is part of the phpBB Forum Software package.
   5  *
   6  * @copyright (c) phpBB Limited <https://www.phpbb.com>
   7  * @license GNU General Public License, version 2 (GPL-2.0)
   8  *
   9  * For full copyright and license information, please see
  10  * the docs/CREDITS.txt file.
  11  *
  12  */
  13  
  14  /**
  15  * @ignore
  16  */
  17  if (!defined('IN_PHPBB'))
  18  {
  19      exit;
  20  }
  21  
  22  class acp_bots
  23  {
  24      var $u_action;
  25  
  26  	function main($id, $mode)
  27      {
  28          global $config, $db, $user, $template, $cache, $request, $phpbb_log;
  29          global $phpbb_root_path, $phpEx;
  30  
  31          $action = $request->variable('action', '');
  32          $submit = (isset($_POST['submit'])) ? true : false;
  33          $mark    = $request->variable('mark', array(0));
  34          $bot_id    = $request->variable('id', 0);
  35  
  36          if (isset($_POST['add']))
  37          {
  38              $action = 'add';
  39          }
  40  
  41          $error = array();
  42  
  43          $user->add_lang('acp/bots');
  44          $this->tpl_name = 'acp_bots';
  45          $this->page_title = 'ACP_BOTS';
  46          $form_key = 'acp_bots';
  47          add_form_key($form_key);
  48  
  49          if ($submit && !check_form_key($form_key))
  50          {
  51              $error[] = $user->lang['FORM_INVALID'];
  52          }
  53  
  54          // User wants to do something, how inconsiderate of them!
  55          switch ($action)
  56          {
  57              case 'activate':
  58                  if ($bot_id || count($mark))
  59                  {
  60                      $sql_id = ($bot_id) ? " = $bot_id" : ' IN (' . implode(', ', $mark) . ')';
  61  
  62                      $sql = 'UPDATE ' . BOTS_TABLE . "
  63                          SET bot_active = 1
  64                          WHERE bot_id $sql_id";
  65                      $db->sql_query($sql);
  66                  }
  67  
  68                  $cache->destroy('_bots');
  69              break;
  70  
  71              case 'deactivate':
  72                  if ($bot_id || count($mark))
  73                  {
  74                      $sql_id = ($bot_id) ? " = $bot_id" : ' IN (' . implode(', ', $mark) . ')';
  75  
  76                      $sql = 'UPDATE ' . BOTS_TABLE . "
  77                          SET bot_active = 0
  78                          WHERE bot_id $sql_id";
  79                      $db->sql_query($sql);
  80                  }
  81  
  82                  $cache->destroy('_bots');
  83              break;
  84  
  85              case 'delete':
  86                  if ($bot_id || count($mark))
  87                  {
  88                      if (confirm_box(true))
  89                      {
  90                          // We need to delete the relevant user, usergroup and bot entries ...
  91                          $sql_id = ($bot_id) ? " = $bot_id" : ' IN (' . implode(', ', $mark) . ')';
  92  
  93                          $sql = 'SELECT bot_name, user_id
  94                              FROM ' . BOTS_TABLE . "
  95                              WHERE bot_id $sql_id";
  96                          $result = $db->sql_query($sql);
  97  
  98                          $user_id_ary = $bot_name_ary = array();
  99                          while ($row = $db->sql_fetchrow($result))
 100                          {
 101                              $user_id_ary[] = (int) $row['user_id'];
 102                              $bot_name_ary[] = $row['bot_name'];
 103                          }
 104                          $db->sql_freeresult($result);
 105  
 106                          $db->sql_transaction('begin');
 107  
 108                          $sql = 'DELETE FROM ' . BOTS_TABLE . "
 109                              WHERE bot_id $sql_id";
 110                          $db->sql_query($sql);
 111  
 112                          if (count($user_id_ary))
 113                          {
 114                              $_tables = array(USERS_TABLE, USER_GROUP_TABLE);
 115                              foreach ($_tables as $table)
 116                              {
 117                                  $sql = "DELETE FROM $table
 118                                      WHERE " . $db->sql_in_set('user_id', $user_id_ary);
 119                                  $db->sql_query($sql);
 120                              }
 121                          }
 122  
 123                          $db->sql_transaction('commit');
 124  
 125                          $cache->destroy('_bots');
 126  
 127                          $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_BOT_DELETE', false, array(implode(', ', $bot_name_ary)));
 128                          trigger_error($user->lang['BOT_DELETED'] . adm_back_link($this->u_action));
 129                      }
 130                      else
 131                      {
 132                          confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
 133                              'mark'        => $mark,
 134                              'id'        => $bot_id,
 135                              'mode'        => $mode,
 136                              'action'    => $action))
 137                          );
 138                      }
 139                  }
 140              break;
 141  
 142              case 'edit':
 143              case 'add':
 144  
 145                  if (!function_exists('user_update_name'))
 146                  {
 147                      include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
 148                  }
 149  
 150                  $bot_row = array(
 151                      'bot_name'        => $request->variable('bot_name', '', true),
 152                      'bot_agent'        => $request->variable('bot_agent', ''),
 153                      'bot_ip'        => $request->variable('bot_ip', ''),
 154                      'bot_active'    => $request->variable('bot_active', true),
 155                      'bot_lang'        => $request->variable('bot_lang', $config['default_lang']),
 156                      'bot_style'        => $request->variable('bot_style' , $config['default_style']),
 157                  );
 158  
 159                  if ($submit)
 160                  {
 161                      if (!$bot_row['bot_agent'] && !$bot_row['bot_ip'])
 162                      {
 163                          $error[] = $user->lang['ERR_BOT_NO_MATCHES'];
 164                      }
 165  
 166                      if ($bot_row['bot_ip'] && !preg_match('#^[\d\.,:]+$#', $bot_row['bot_ip']))
 167                      {
 168                          if (!$ip_list = gethostbynamel($bot_row['bot_ip']))
 169                          {
 170                              $error[] = $user->lang['ERR_BOT_NO_IP'];
 171                          }
 172                          else
 173                          {
 174                              $bot_row['bot_ip'] = implode(',', $ip_list);
 175                          }
 176                      }
 177                      $bot_row['bot_ip'] = str_replace(' ', '', $bot_row['bot_ip']);
 178  
 179                      // Make sure the admin is not adding a bot with an user agent similar to his one
 180                      if ($bot_row['bot_agent'] && substr($user->data['session_browser'], 0, 149) === substr($bot_row['bot_agent'], 0, 149))
 181                      {
 182                          $error[] = $user->lang['ERR_BOT_AGENT_MATCHES_UA'];
 183                      }
 184  
 185                      $bot_name = false;
 186                      if ($bot_id)
 187                      {
 188                          $sql = 'SELECT u.username_clean
 189                              FROM ' . BOTS_TABLE . ' b, ' . USERS_TABLE . " u
 190                              WHERE b.bot_id = $bot_id
 191                                  AND u.user_id = b.user_id";
 192                          $result = $db->sql_query($sql);
 193                          $row = $db->sql_fetchrow($result);
 194                          $db->sql_freeresult($result);
 195  
 196                          if (!$bot_row)
 197                          {
 198                              $error[] = $user->lang['NO_BOT'];
 199                          }
 200                          else
 201                          {
 202                              $bot_name = $row['username_clean'];
 203                          }
 204                      }
 205                      if (!$this->validate_botname($bot_row['bot_name'], $bot_name))
 206                      {
 207                          $error[] = $user->lang['BOT_NAME_TAKEN'];
 208                      }
 209  
 210                      if (!count($error))
 211                      {
 212                          // New bot? Create a new user and group entry
 213                          if ($action == 'add')
 214                          {
 215                              $sql = 'SELECT group_id, group_colour
 216                                  FROM ' . GROUPS_TABLE . "
 217                                  WHERE group_name = 'BOTS'
 218                                      AND group_type = " . GROUP_SPECIAL;
 219                              $result = $db->sql_query($sql);
 220                              $group_row = $db->sql_fetchrow($result);
 221                              $db->sql_freeresult($result);
 222  
 223                              if (!$group_row)
 224                              {
 225                                  trigger_error($user->lang['NO_BOT_GROUP'] . adm_back_link($this->u_action . "&amp;id=$bot_id&amp;action=$action"), E_USER_WARNING);
 226                              }
 227  
 228                              $user_id = user_add(array(
 229                                  'user_type'                => (int) USER_IGNORE,
 230                                  'group_id'                => (int) $group_row['group_id'],
 231                                  'username'                => (string) $bot_row['bot_name'],
 232                                  'user_regdate'            => time(),
 233                                  'user_password'            => '',
 234                                  'user_colour'            => (string) $group_row['group_colour'],
 235                                  'user_email'            => '',
 236                                  'user_lang'                => (string) $bot_row['bot_lang'],
 237                                  'user_style'            => (int) $bot_row['bot_style'],
 238                                  'user_allow_massemail'    => 0,
 239                              ));
 240  
 241                              $sql = 'INSERT INTO ' . BOTS_TABLE . ' ' . $db->sql_build_array('INSERT', array(
 242                                  'user_id'        => (int) $user_id,
 243                                  'bot_name'        => (string) $bot_row['bot_name'],
 244                                  'bot_active'    => (int) $bot_row['bot_active'],
 245                                  'bot_agent'        => (string) $bot_row['bot_agent'],
 246                                  'bot_ip'        => (string) $bot_row['bot_ip'])
 247                              );
 248                              $db->sql_query($sql);
 249  
 250                              $log = 'ADDED';
 251                          }
 252                          else if ($bot_id)
 253                          {
 254                              $sql = 'SELECT user_id, bot_name
 255                                  FROM ' . BOTS_TABLE . "
 256                                  WHERE bot_id = $bot_id";
 257                              $result = $db->sql_query($sql);
 258                              $row = $db->sql_fetchrow($result);
 259                              $db->sql_freeresult($result);
 260  
 261                              if (!$row)
 262                              {
 263                                  trigger_error($user->lang['NO_BOT'] . adm_back_link($this->u_action . "&amp;id=$bot_id&amp;action=$action"), E_USER_WARNING);
 264                              }
 265  
 266                              $sql_ary = array(
 267                                  'user_style'    => (int) $bot_row['bot_style'],
 268                                  'user_lang'        => (string) $bot_row['bot_lang'],
 269                              );
 270  
 271                              if ($bot_row['bot_name'] !== $row['bot_name'])
 272                              {
 273                                  $sql_ary['username'] = (string) $bot_row['bot_name'];
 274                                  $sql_ary['username_clean'] = (string) utf8_clean_string($bot_row['bot_name']);
 275                              }
 276  
 277                              $sql = 'UPDATE ' . USERS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . " WHERE user_id = {$row['user_id']}";
 278                              $db->sql_query($sql);
 279  
 280                              $sql = 'UPDATE ' . BOTS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', array(
 281                                  'bot_name'        => (string) $bot_row['bot_name'],
 282                                  'bot_active'    => (int) $bot_row['bot_active'],
 283                                  'bot_agent'        => (string) $bot_row['bot_agent'],
 284                                  'bot_ip'        => (string) $bot_row['bot_ip'])
 285                              ) . " WHERE bot_id = $bot_id";
 286                              $db->sql_query($sql);
 287  
 288                              // Updated username?
 289                              if ($bot_row['bot_name'] !== $row['bot_name'])
 290                              {
 291                                  user_update_name($row['bot_name'], $bot_row['bot_name']);
 292                              }
 293  
 294                              $log = 'UPDATED';
 295                          }
 296  
 297                          $cache->destroy('_bots');
 298  
 299                          $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_BOT_' . $log, false, array($bot_row['bot_name']));
 300                          trigger_error($user->lang['BOT_' . $log] . adm_back_link($this->u_action));
 301  
 302                      }
 303                  }
 304                  else if ($bot_id)
 305                  {
 306                      $sql = 'SELECT b.*, u.user_lang, u.user_style
 307                          FROM ' . BOTS_TABLE . ' b, ' . USERS_TABLE . " u
 308                          WHERE b.bot_id = $bot_id
 309                              AND u.user_id = b.user_id";
 310                      $result = $db->sql_query($sql);
 311                      $bot_row = $db->sql_fetchrow($result);
 312                      $db->sql_freeresult($result);
 313  
 314                      if (!$bot_row)
 315                      {
 316                          trigger_error($user->lang['NO_BOT'] . adm_back_link($this->u_action . "&amp;id=$bot_id&amp;action=$action"), E_USER_WARNING);
 317                      }
 318  
 319                      $bot_row['bot_lang'] = $bot_row['user_lang'];
 320                      $bot_row['bot_style'] = $bot_row['user_style'];
 321                      unset($bot_row['user_lang'], $bot_row['user_style']);
 322                  }
 323  
 324                  $s_active_options = '';
 325                  $_options = array('0' => 'NO', '1' => 'YES');
 326                  foreach ($_options as $value => $lang)
 327                  {
 328                      $selected = ($bot_row['bot_active'] == $value) ? ' selected="selected"' : '';
 329                      $s_active_options .= '<option value="' . $value . '"' . $selected . '>' . $user->lang[$lang] . '</option>';
 330                  }
 331  
 332                  $style_select = style_select($bot_row['bot_style'], true);
 333                  $lang_select = language_select($bot_row['bot_lang']);
 334  
 335                  $l_title = ($action == 'edit') ? 'EDIT' : 'ADD';
 336  
 337                  $template->assign_vars(array(
 338                      'L_TITLE'        => $user->lang['BOT_' . $l_title],
 339                      'U_ACTION'        => $this->u_action . "&amp;id=$bot_id&amp;action=$action",
 340                      'U_BACK'        => $this->u_action,
 341                      'ERROR_MSG'        => (count($error)) ? implode('<br />', $error) : '',
 342  
 343                      'BOT_NAME'        => $bot_row['bot_name'],
 344                      'BOT_IP'        => $bot_row['bot_ip'],
 345                      'BOT_AGENT'        => $bot_row['bot_agent'],
 346  
 347                      'S_EDIT_BOT'        => true,
 348                      'S_ACTIVE_OPTIONS'    => $s_active_options,
 349                      'S_STYLE_OPTIONS'    => $style_select,
 350                      'S_LANG_OPTIONS'    => $lang_select,
 351                      'S_ERROR'            => (count($error)) ? true : false,
 352                      )
 353                  );
 354  
 355                  return;
 356  
 357              break;
 358          }
 359  
 360          if ($request->is_ajax() && ($action == 'activate' || $action == 'deactivate'))
 361          {
 362              $json_response = new \phpbb\json_response;
 363              $json_response->send(array(
 364                  'text'    => $user->lang['BOT_' . (($action == 'activate') ? 'DE' : '') . 'ACTIVATE'],
 365              ));
 366          }
 367  
 368          $s_options = '';
 369          $_options = array('activate' => 'BOT_ACTIVATE', 'deactivate' => 'BOT_DEACTIVATE', 'delete' => 'DELETE');
 370          foreach ($_options as $value => $lang)
 371          {
 372              $s_options .= '<option value="' . $value . '">' . $user->lang[$lang] . '</option>';
 373          }
 374  
 375          $template->assign_vars(array(
 376              'U_ACTION'        => $this->u_action,
 377              'S_BOT_OPTIONS'    => $s_options)
 378          );
 379  
 380          $sql = 'SELECT b.bot_id, b.bot_name, b.bot_active, u.user_lastvisit
 381              FROM ' . BOTS_TABLE . ' b, ' . USERS_TABLE . ' u
 382              WHERE u.user_id = b.user_id
 383              ORDER BY u.user_lastvisit DESC, b.bot_name ASC';
 384          $result = $db->sql_query($sql);
 385  
 386          while ($row = $db->sql_fetchrow($result))
 387          {
 388              $active_lang = (!$row['bot_active']) ? 'BOT_ACTIVATE' : 'BOT_DEACTIVATE';
 389              $active_value = (!$row['bot_active']) ? 'activate' : 'deactivate';
 390  
 391              $template->assign_block_vars('bots', array(
 392                  'BOT_NAME'        => $row['bot_name'],
 393                  'BOT_ID'        => $row['bot_id'],
 394                  'LAST_VISIT'    => ($row['user_lastvisit']) ? $user->format_date($row['user_lastvisit']) : $user->lang['BOT_NEVER'],
 395  
 396                  'U_ACTIVATE_DEACTIVATE'    => $this->u_action . "&amp;id={$row['bot_id']}&amp;action=$active_value",
 397                  'L_ACTIVATE_DEACTIVATE'    => $user->lang[$active_lang],
 398                  'U_EDIT'                => $this->u_action . "&amp;id={$row['bot_id']}&amp;action=edit",
 399                  'U_DELETE'                => $this->u_action . "&amp;id={$row['bot_id']}&amp;action=delete")
 400              );
 401          }
 402          $db->sql_freeresult($result);
 403      }
 404  
 405      /**
 406      * Validate bot name against username table
 407      */
 408  	function validate_botname($newname, $oldname = false)
 409      {
 410          global $db;
 411  
 412          if ($oldname && utf8_clean_string($newname) === $oldname)
 413          {
 414              return true;
 415          }
 416  
 417          // Admins might want to use names otherwise forbidden, thus we only check for duplicates.
 418          $sql = 'SELECT username
 419              FROM ' . USERS_TABLE . "
 420              WHERE username_clean = '" . $db->sql_escape(utf8_clean_string($newname)) . "'";
 421          $result = $db->sql_query($sql);
 422          $row = $db->sql_fetchrow($result);
 423          $db->sql_freeresult($result);
 424  
 425          return ($row) ? false : true;
 426      }
 427  }


Generated: Tue Apr 7 19:44:41 2020 Cross-referenced by PHPXref 0.7.1