diff --git a/app/Config/Schema/schema.php b/app/Config/Schema/schema.php index 6f9d9448..64b4b15c 100755 --- a/app/Config/Schema/schema.php +++ b/app/Config/Schema/schema.php @@ -28,6 +28,7 @@ class AppSchema extends CakeSchema 'id' => ['type' => 'integer', 'null' => false, 'default' => null, 'length' => 20, 'unsigned' => false, 'key' => 'primary'], 'user_id' => ['type' => 'integer', 'null' => false, 'default' => null, 'length' => 20, 'unsigned' => false], 'reason' => ['type' => 'text', 'null' => false, 'default' => null, 'collate' => 'latin1_swedish_ci', 'charset' => 'latin1'], + 'ip' => ['type' => 'string', 'null' => false, 'default' => null, 'length' => 50, 'collate' => 'latin1_swedish_ci', 'charset' => 'latin1'], 'indexes' => [ 'PRIMARY' => ['column' => 'id', 'unique' => 1] ], diff --git a/app/Controller/AppController.php b/app/Controller/AppController.php index 2c3f8a35..86d037a9 100755 --- a/app/Controller/AppController.php +++ b/app/Controller/AppController.php @@ -56,14 +56,25 @@ public function beforeFilter() $LoginCondition = $this->here != "/login" || !$this->EyPlugin->isInstalled('phpierre.signinup'); - $this->loadModel("Maintenance"); - if ($this->params['controller'] != "user" and $this->params['controller'] != "maintenance" and !$this->Permissions->can("BYPASS_MAINTENANCE") and $maintenance = $this->Maintenance->checkMaintenance($this->here, $this->Util) and $LoginCondition) { - $this->redirect([ - 'controller' => 'maintenance', - 'action' => $maintenance['url'], - 'plugin' => false, - 'admin' => false - ]); + if ($this->params['controller'] != "user" and $LoginCondition) { + if ($this->isIPBan($this->Util->getIP()) and $this->params['controller'] != "ban" and !$this->Permissions->can("BYPASS_BAN")) { + $this->redirect([ + 'controller' => 'ban', + 'action' => 'ip', + 'plugin' => false, + 'admin' => false + ]); + } + + $this->loadModel("Maintenance"); + if ($this->params['controller'] != "maintenance" and !$this->Permissions->can("BYPASS_MAINTENANCE") and $maintenance = $this->Maintenance->checkMaintenance($this->here, $this->Util)) { + $this->redirect([ + 'controller' => 'maintenance', + 'action' => $maintenance['url'], + 'plugin' => false, + 'admin' => false + ]); + } } // Plugin disabled @@ -671,4 +682,16 @@ public function sendJSON($data) $this->autoRender = false; return $this->response->body(json_encode($data)); } + + public function isIPBan($ip) { + $this->loadModel("Ban"); + $ipIsBan = $this->Ban->find('first', ['conditions' => ['ip' => $ip]]); + + if (isset($ipIsBan["Ban"])) { + $this->isBanned = $ipIsBan["Ban"]["reason"]; + return $this->isBanned; + } else { + return false; + } + } } diff --git a/app/Controller/BanController.php b/app/Controller/BanController.php index 3b474ac5..1b611285 100644 --- a/app/Controller/BanController.php +++ b/app/Controller/BanController.php @@ -10,6 +10,14 @@ function index() { $this->set('reason', $this->User->isBanned()); } + function ip() { + if (!$this->isIPBan($this->Util->getIP())) + $this->redirect("/"); + + $this->set('title_for_layout', $this->Lang->get("BAN__BAN")); + $this->set('reason', $this->isBanned); + } + function admin_index() { if (!$this->isConnected || !$this->Permissions->can("MANAGE_BAN")) @@ -42,15 +50,22 @@ function admin_add() if (empty($this->request->data("reason"))) return $this->response->body(json_encode(['statut' => false, 'msg' => $this->Lang->get('ERROR__FILL_ALL_FIELDS')])); + $this->loadModel("User"); foreach ($this->request->data as $key => $v) { - if ($v != "on" || $key == "name") + if ($v != "on" || $key == "name" || strpos($key, "-ip")) continue; $this->Ban->create(); $this->Ban->set([ - "user_id" => $key, - "reason" => $this->request->data("reason") + "user_id" => $key, + "reason" => $this->request->data("reason") ]); + + if ($this->request->data($key . "-ip") == "on") + $this->Ban->set([ + "ip" => $this->User->find("first", ["conditions" => ['id' => $key]])['User']['ip'] + ]); + $this->Ban->save(); } @@ -93,7 +108,7 @@ public function admin_get_users_not_ban() $this->modelClass = 'User'; $this->DataTable->initialize($this); $this->paginate = [ - 'fields' => ['User.id', 'User.pseudo', 'User.rank'], + 'fields' => ['User.id', 'User.pseudo', 'User.rank', 'User.ip'], ]; $this->DataTable->mDataProp = true; $response = $this->DataTable->getResponse(); @@ -113,11 +128,14 @@ public function admin_get_users_not_ban() $rank_name = (isset($available_ranks[$value['User']['rank']])) ? $available_ranks[$value['User']['rank']]['name'] : $available_ranks[0]['name']; $rank = '' . $rank_name . ''; $checkbox = ""; + $banIpCheckbox = ""; $data[] = [ 'User' => [ 'pseudo' => $username, 'ban' => $checkbox, - 'rank' => $rank + 'banIp' => $banIpCheckbox, + 'rank' => $rank, + 'ip' => $value['User']['ip'] ] ]; } diff --git a/app/View/Ban/admin_add.ctp b/app/View/Ban/admin_add.ctp index a54b57cc..bb52cfc6 100644 --- a/app/View/Ban/admin_add.ctp +++ b/app/View/Ban/admin_add.ctp @@ -15,6 +15,8 @@