biotorrents
/
Gazelle
forked from Oppaitime/Gazelle


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299
							<?php
#declare(strict_types=1);

/************************************************************************
||------------|| User IP history page ||---------------------------||

This page lists previous IPs a user has connected to the site with. It
gets called if $_GET['action'] == 'ips'.

It also requires $_GET['userid'] in order to get the data for the correct
user.

************************************************************************/

define('IPS_PER_PAGE', 25);

$UserID = $_GET['userid'];
if (!is_number($UserID)) {
    error(404);
}

$DB->query("
  SELECT
    um.Username,
    p.Level AS Class
  FROM users_main AS um
    LEFT JOIN permissions AS p ON p.ID = um.PermissionID
  WHERE um.ID = $UserID");
list($Username, $Class) = $DB->next_record();

if (!check_perms('users_view_ips', $Class)) {
    error(403);
}

$UsersOnly = isset($_GET['usersonly']) ? $_GET['usersonly'] : 0;

if (isset($_POST['ip'])) {
    $SearchIP = db_string(str_replace("*", "%", trim($_POST['ip'])));
    $SearchIPQuery = " AND h1.IP LIKE '$SearchIP' ";
} else {
    $SearchIPQuery = "";
}

View::show_header("IP address history for $Username");
?>
<script type="text/javascript">
  //<![CDATA[
  function ShowIPs(rowname) {
    $('tr[name="' + rowname + '"]').gtoggle();

  }

  function Ban(ip, id, elemID) {
    var notes = prompt("Enter notes for this ban");
    if (notes != null && notes.length > 0) {
      var xmlhttp;
      if (window.XMLHttpRequest) {
        xmlhttp = new XMLHttpRequest();
      } else {
        xmlhttp = new ActiveXObject("Microsoft.XMLHTTP");
      }
      xmlhttp.onreadystatechange = function() {
        if (xmlhttp.readyState == 4 && xmlhttp.status == 200) {
          document.getElementById(elemID).innerHTML = "<strong>[Banned]</strong>";
        }
      }
      xmlhttp.open("GET", "tools.php?action=quick_ban&perform=create&ip=" + ip + "&notes=" + notes, true);
      xmlhttp.send();
    }

  }
  /*
  function UnBan(ip, id, elemID) {
      var xmlhttp;
      if (window.XMLHttpRequest) {
        xmlhttp = new XMLHttpRequest();
      } else {
        xmlhttp = new ActiveXObject("Microsoft.XMLHTTP");
      }
      xmlhttp.onreadystatechange = function() {
        if (xmlhttp.readyState == 4 && xmlhttp.status == 200) {
          document.getElementById(elemID).innerHTML = "Ban";
          document.getElementById(elemID).onclick = function() { Ban(ip, id, elemID); return false; };
        }
      }
      xmlhttp.open("GET","tools.php?action=quick_ban&perform=delete&id=" + id + "&ip=" + ip, true);
      xmlhttp.send();
  }
  */
  //]]>
</script>
<?php
list($Page, $Limit) = Format::page_limit(IPS_PER_PAGE);

if ($UsersOnly == 1) {
    $RS = $DB->query("
    SELECT
      SQL_CALC_FOUND_ROWS
      h1.IP,
      h1.StartTime,
      h1.EndTime,
      GROUP_CONCAT(h2.UserID SEPARATOR '|'),
      GROUP_CONCAT(h2.StartTime SEPARATOR '|'),
      GROUP_CONCAT(IFNULL(h2.EndTime,0) SEPARATOR '|'),
      GROUP_CONCAT(um2.Username SEPARATOR '|'),
      GROUP_CONCAT(um2.Enabled SEPARATOR '|'),
      GROUP_CONCAT(ui2.Donor SEPARATOR '|'),
      GROUP_CONCAT(ui2.Warned SEPARATOR '|')
    FROM users_history_ips AS h1
      LEFT JOIN users_history_ips AS h2 ON h2.IP = h1.IP AND h2.UserID != $UserID
      LEFT JOIN users_main AS um2 ON um2.ID = h2.UserID
      LEFT JOIN users_info AS ui2 ON ui2.UserID = h2.UserID
    WHERE h1.UserID = '$UserID'
      AND h2.UserID > 0 $SearchIPQuery
    GROUP BY h1.IP, h1.StartTime
    ORDER BY h1.StartTime DESC
    LIMIT $Limit");
} else {
    $RS = $DB->query("
    SELECT
      SQL_CALC_FOUND_ROWS
      h1.IP,
      h1.StartTime,
      h1.EndTime,
      GROUP_CONCAT(h2.UserID SEPARATOR '|'),
      GROUP_CONCAT(h2.StartTime SEPARATOR '|'),
      GROUP_CONCAT(IFNULL(h2.EndTime,0) SEPARATOR '|'),
      GROUP_CONCAT(um2.Username SEPARATOR '|'),
      GROUP_CONCAT(um2.Enabled SEPARATOR '|'),
      GROUP_CONCAT(ui2.Donor SEPARATOR '|'),
      GROUP_CONCAT(ui2.Warned SEPARATOR '|')
    FROM users_history_ips AS h1
      LEFT JOIN users_history_ips AS h2 ON h2.IP = h1.IP AND h2.UserID != $UserID
      LEFT JOIN users_main AS um2 ON um2.ID = h2.UserID
      LEFT JOIN users_info AS ui2 ON ui2.UserID = h2.UserID
    WHERE h1.UserID = '$UserID' $SearchIPQuery
    GROUP BY h1.IP, h1.StartTime
    ORDER BY h1.StartTime DESC
    LIMIT $Limit");
}
$DB->query('SELECT FOUND_ROWS()');
list($NumResults) = $DB->next_record();
$DB->set_query_id($RS);

$Pages = Format::get_pages($Page, $NumResults, IPS_PER_PAGE, 9);

?>
<div>
  <div class="header">
    <h2>IP address history for <a
        href="user.php?id=<?=$UserID?>"><?=$Username?></a></h2>
    <div class="linkbox">
      <?php if ($UsersOnly) { ?>
      <a href="userhistory.php?action=ips&amp;userid=<?=$UserID?>"
        class="brackets">View all IP addresses</a>
      <?php } else { ?>
      <a href="userhistory.php?action=ips&amp;userid=<?=$UserID?>&amp;usersonly=1"
        class="brackets">View IP addresses with users</a>
      <?php } ?>
    </div>
    <?php if ($Pages) { ?>
    <div class="linkbox pager"><?=$Pages?>
    </div>
    <?php } ?>
  </div>
  <table>
    <tr class="colhead">
      <td>IP address search</td>
    </tr>

    <tr>
      <td>
        <form class="search_form" name="ip_log" method="post" action="">
          <input type="text" name="ip" />
          <input type="submit" value="Search" />
          Wildcard (*) search examples: 127.0.* or 1*2.0.*.1 or *.*.*.*
        </form>
      </td>
    </tr>
  </table>

  <table id="iphistory">
    <tr class="colhead">
      <td>IP address</td>
      <td>Started <a href="#"
          onclick="$('#iphistory td:nth-child(2), #iphistory td:nth-child(4)').ghide(); $('#iphistory td:nth-child(3), #iphistory td:nth-child(5)').gshow(); return false;"
          class="brackets">Toggle</a></td>
      <td class="hidden">Started <a href="#"
          onclick="$('#iphistory td:nth-child(2), #iphistory td:nth-child(4)').gshow(); $('#iphistory td:nth-child(3), #iphistory td:nth-child(5)').ghide(); return false;"
          class="brackets">Toggle</a></td>
      <td>Ended</td>
      <td class="hidden">Ended</td>
      <td>Elapsed</td>
    </tr>
    <?php
$counter = 0;
$IPs = [];
$Results = $DB->to_array();
$CanManageIPBans = check_perms('admin_manage_ipbans');

foreach ($Results as $Index => $Result) {
    list($IP, $StartTime, $EndTime, $UserIDs, $UserStartTimes, $UserEndTimes, $Usernames, $UsersEnabled, $UsersDonor, $UsersWarned) = $Result;

    $IP = apcu_exists('DBKEY') ? Crypto::decrypt($IP) : '[Encrypted]';

    $HasDupe = false;
    $UserIDs = explode('|', $UserIDs);
    if (!$EndTime) {
        $EndTime = sqltime();
    }
    if ($UserIDs[0] != 0) {
        $HasDupe = true;
        $UserStartTimes = explode('|', $UserStartTimes);
        $UserEndTimes = explode('|', $UserEndTimes);
        $Usernames = explode('|', $Usernames);
        $UsersEnabled = explode('|', $UsersEnabled);
        $UsersDonor = explode('|', $UsersDonor);
        $UsersWarned = explode('|', $UsersWarned);
    } ?>
    <tr class="row">
      <td>
        <?=$IP?>
        <?php
  if ($CanManageIPBans) {
      if (!isset($IPs[$IP])) {
          $sql = "
        SELECT ID, FromIP, ToIP
        FROM ip_bans
        WHERE '".Tools::ip_to_unsigned($IP)."' BETWEEN FromIP AND ToIP
        LIMIT 1";
          $DB->query($sql);

          if ($DB->has_results()) {
              $IPs[$IP] = true; ?>
        <strong>[Banned]</strong>
        <?php
          } else {
              $IPs[$IP] = false; ?>
        <a id="<?=$counter?>" href="#"
          onclick="Ban('<?=$IP?>', '', '<?=$counter?>'); this.onclick = null; return false;"
          class="brackets">Ban</a>
        <?php
          }
          $counter++;
      }
  } ?>
        <br />
        <?=Tools::get_host_by_ajax($IP)?>
        <?=($HasDupe ? '<a href="#" onclick="ShowIPs('.$Index.'); return false;">('.count($UserIDs).')</a>' : '(0)')?>
      </td>
      <td><?=time_diff($StartTime)?>
      </td>
      <td class="hidden"><?=$StartTime?>
      </td>
      <td><?=time_diff($EndTime)?>
      </td>
      <td class="hidden"><?=$EndTime?>
      </td>
      <td>
        <?//time_diff(strtotime($StartTime), strtotime($EndTime));?>
      </td>
    </tr>
    <?php
  if ($HasDupe) {
      $HideMe = (count($UserIDs) > 10);
      foreach ($UserIDs as $Key => $Val) {
          if (!$UserEndTimes[$Key]) {
              $UserEndTimes[$Key] = sqltime();
          } ?>
    <tr
      class="row<?=($HideMe ? ' hidden' : '')?>"
      name="<?=$Index?>">
      <td>&nbsp;&nbsp;&#187;&nbsp;<?=Users::format_username($Val, true, true, true)?>
      </td>
      <td><?=time_diff($UserStartTimes[$Key])?>
      </td>
      <td class="hidden"><?=$UserStartTimes[$Key]?>
      </td>
      <td><?=time_diff($UserEndTimes[$Key])?>
      </td>
      <td class="hidden"><?=$UserEndTimes[$Key]?>
      </td>
      <td>
        <?//time_diff(strtotime($UserStartTimes[$Key]), strtotime($UserEndTimes[$Key]));?>
      </td>
    </tr>
    <?php
      }
  }
}
?>
  </table>

  <div class="linkbox">
    <?=$Pages?>
  </div>
</div>

<?php View::show_footer();