root / branches / phpBB-3_0_0 / phpBB / includes / acp / acp_bots.php
History | View | Annotate | Download (11.9 kB)
| 1 | <?php
|
|---|---|
| 2 | /**
|
| 3 | * |
| 4 | * @package acp |
| 5 | * @version $Id: acp_bots.php 8479 2008-03-29 00:22:48Z naderman $ |
| 6 | * @copyright (c) 2005 phpBB Group |
| 7 | * @license http://opensource.org/licenses/gpl-license.php GNU Public License |
| 8 | * |
| 9 | */ |
| 10 | |
| 11 | /**
|
| 12 | * @ignore |
| 13 | */ |
| 14 | if (!defined('IN_PHPBB')) |
| 15 | {
|
| 16 | exit;
|
| 17 | } |
| 18 | |
| 19 | /**
|
| 20 | * @package acp |
| 21 | */ |
| 22 | class acp_bots |
| 23 | {
|
| 24 | var $u_action; |
| 25 | |
| 26 | function main($id, $mode) |
| 27 | {
|
| 28 | global $config, $db, $user, $auth, $template, $cache; |
| 29 | global $phpbb_root_path, $phpbb_admin_path, $phpEx, $table_prefix; |
| 30 | |
| 31 | $action = request_var('action', ''); |
| 32 | $submit = (isset($_POST['submit'])) ? true : false; |
| 33 | $mark = request_var('mark', array(0)); |
| 34 | $bot_id = request_var('id', 0); |
| 35 | |
| 36 | if (isset($_POST['add'])) |
| 37 | {
|
| 38 | $action = 'add'; |
| 39 | } |
| 40 | |
| 41 | $error = array(); |
| 42 | |
| 43 | $user->add_lang('acp/bots'); |
| 44 | $this->tpl_name = 'acp_bots'; |
| 45 | $this->page_title = 'ACP_BOTS'; |
| 46 | $form_key = 'acp_bots'; |
| 47 | add_form_key($form_key);
|
| 48 | |
| 49 | if ($submit && !check_form_key($form_key)) |
| 50 | {
|
| 51 | $error[] = $user->lang['FORM_INVALID']; |
| 52 | } |
| 53 | |
| 54 | // User wants to do something, how inconsiderate of them!
|
| 55 | switch ($action) |
| 56 | {
|
| 57 | case 'activate': |
| 58 | if ($bot_id || sizeof($mark)) |
| 59 | {
|
| 60 | $sql_id = ($bot_id) ? " = $bot_id" : ' IN (' . implode(', ', $mark) . ')'; |
| 61 | |
| 62 | $sql = 'UPDATE ' . BOTS_TABLE . " |
| 63 | SET bot_active = 1 |
| 64 | WHERE bot_id $sql_id"; |
| 65 | $db->sql_query($sql); |
| 66 | } |
| 67 | |
| 68 | $cache->destroy('_bots'); |
| 69 | break;
|
| 70 | |
| 71 | case 'deactivate': |
| 72 | if ($bot_id || sizeof($mark)) |
| 73 | {
|
| 74 | $sql_id = ($bot_id) ? " = $bot_id" : ' IN (' . implode(', ', $mark) . ')'; |
| 75 | |
| 76 | $sql = 'UPDATE ' . BOTS_TABLE . " |
| 77 | SET bot_active = 0 |
| 78 | WHERE bot_id $sql_id"; |
| 79 | $db->sql_query($sql); |
| 80 | } |
| 81 | |
| 82 | $cache->destroy('_bots'); |
| 83 | break;
|
| 84 | |
| 85 | case 'delete': |
| 86 | if ($bot_id || sizeof($mark)) |
| 87 | {
|
| 88 | if (confirm_box(true)) |
| 89 | {
|
| 90 | // We need to delete the relevant user, usergroup and bot entries ...
|
| 91 | $sql_id = ($bot_id) ? " = $bot_id" : ' IN (' . implode(', ', $mark) . ')'; |
| 92 | |
| 93 | $sql = 'SELECT bot_name, user_id |
| 94 | FROM ' . BOTS_TABLE . " |
| 95 | WHERE bot_id $sql_id"; |
| 96 | $result = $db->sql_query($sql); |
| 97 | |
| 98 | $user_id_ary = $bot_name_ary = array(); |
| 99 | while ($row = $db->sql_fetchrow($result)) |
| 100 | {
|
| 101 | $user_id_ary[] = (int) $row['user_id']; |
| 102 | $bot_name_ary[] = $row['bot_name']; |
| 103 | } |
| 104 | $db->sql_freeresult($result); |
| 105 | |
| 106 | $db->sql_transaction('begin'); |
| 107 | |
| 108 | $sql = 'DELETE FROM ' . BOTS_TABLE . " |
| 109 | WHERE bot_id $sql_id"; |
| 110 | $db->sql_query($sql); |
| 111 | |
| 112 | if (sizeof($user_id_ary)) |
| 113 | {
|
| 114 | $_tables = array(USERS_TABLE, USER_GROUP_TABLE); |
| 115 | foreach ($_tables as $table) |
| 116 | {
|
| 117 | $sql = "DELETE FROM $table |
| 118 | WHERE " . $db->sql_in_set('user_id', $user_id_ary); |
| 119 | $db->sql_query($sql); |
| 120 | } |
| 121 | } |
| 122 | |
| 123 | $db->sql_transaction('commit'); |
| 124 | |
| 125 | $cache->destroy('_bots'); |
| 126 | |
| 127 | add_log('admin', 'LOG_BOT_DELETE', implode(', ', $bot_name_ary)); |
| 128 | trigger_error($user->lang['BOT_DELETED'] . adm_back_link($this->u_action)); |
| 129 | } |
| 130 | else
|
| 131 | {
|
| 132 | confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array( |
| 133 | 'mark' => $mark, |
| 134 | 'id' => $bot_id, |
| 135 | 'mode' => $mode, |
| 136 | 'action' => $action)) |
| 137 | ); |
| 138 | } |
| 139 | } |
| 140 | break;
|
| 141 | |
| 142 | case 'edit': |
| 143 | case 'add': |
| 144 | include_once($phpbb_root_path . 'includes/functions_user.' . $phpEx); |
| 145 | |
| 146 | $bot_row = array( |
| 147 | 'bot_name' => utf8_normalize_nfc(request_var('bot_name', '', true)), |
| 148 | 'bot_agent' => request_var('bot_agent', ''), |
| 149 | 'bot_ip' => request_var('bot_ip', ''), |
| 150 | 'bot_active' => request_var('bot_active', true), |
| 151 | 'bot_lang' => request_var('bot_lang', $config['default_lang']), |
| 152 | 'bot_style' => request_var('bot_style' , $config['default_style']), |
| 153 | ); |
| 154 | |
| 155 | if ($submit) |
| 156 | {
|
| 157 | if (!$bot_row['bot_agent'] && !$bot_row['bot_ip']) |
| 158 | {
|
| 159 | $error[] = $user->lang['ERR_BOT_NO_MATCHES']; |
| 160 | } |
| 161 | |
| 162 | if ($bot_row['bot_ip'] && !preg_match('#^[\d\.,:]+$#', $bot_row['bot_ip'])) |
| 163 | {
|
| 164 | if (!$ip_list = gethostbynamel($bot_row['bot_ip'])) |
| 165 | {
|
| 166 | $error[] = $user->lang['ERR_BOT_NO_IP']; |
| 167 | } |
| 168 | else
|
| 169 | {
|
| 170 | $bot_row['bot_ip'] = implode(',', $ip_list); |
| 171 | } |
| 172 | } |
| 173 | $bot_row['bot_ip'] = str_replace(' ', '', $bot_row['bot_ip']); |
| 174 | |
| 175 | // Make sure the admin is not adding a bot with an user agent similar to his one
|
| 176 | if ($bot_row['bot_agent'] && substr($user->data['session_browser'], 0, 149) === substr($bot_row['bot_agent'], 0, 149)) |
| 177 | {
|
| 178 | $error[] = $user->lang['ERR_BOT_AGENT_MATCHES_UA']; |
| 179 | } |
| 180 | |
| 181 | $bot_name = false; |
| 182 | if ($bot_id) |
| 183 | {
|
| 184 | $sql = 'SELECT u.username_clean |
| 185 | FROM ' . BOTS_TABLE . ' b, ' . USERS_TABLE . " u |
| 186 | WHERE b.bot_id = $bot_id |
| 187 | AND u.user_id = b.user_id";
|
| 188 | $result = $db->sql_query($sql); |
| 189 | $row = $db->sql_fetchrow($result); |
| 190 | $db->sql_freeresult($result); |
| 191 | |
| 192 | if (!$bot_row) |
| 193 | {
|
| 194 | $error[] = $user->lang['NO_BOT']; |
| 195 | } |
| 196 | else
|
| 197 | {
|
| 198 | $bot_name = $row['username_clean']; |
| 199 | } |
| 200 | } |
| 201 | if (!$this->validate_botname($bot_row['bot_name'], $bot_name)) |
| 202 | {
|
| 203 | $error[] = $user->lang['BOT_NAME_TAKEN']; |
| 204 | } |
| 205 | |
| 206 | if (!sizeof($error)) |
| 207 | {
|
| 208 | // New bot? Create a new user and group entry
|
| 209 | if ($action == 'add') |
| 210 | {
|
| 211 | $sql = 'SELECT group_id, group_colour |
| 212 | FROM ' . GROUPS_TABLE . " |
| 213 | WHERE group_name = 'BOTS' |
| 214 | AND group_type = " . GROUP_SPECIAL; |
| 215 | $result = $db->sql_query($sql); |
| 216 | $group_row = $db->sql_fetchrow($result); |
| 217 | $db->sql_freeresult($result); |
| 218 | |
| 219 | if (!$group_row) |
| 220 | {
|
| 221 | trigger_error($user->lang['NO_BOT_GROUP'] . adm_back_link($this->u_action . "&id=$bot_id&action=$action"), E_USER_WARNING); |
| 222 | } |
| 223 | |
| 224 | |
| 225 | $user_id = user_add(array( |
| 226 | 'user_type' => (int) USER_IGNORE, |
| 227 | 'group_id' => (int) $group_row['group_id'], |
| 228 | 'username' => (string) $bot_row['bot_name'], |
| 229 | 'user_regdate' => time(), |
| 230 | 'user_password' => '', |
| 231 | 'user_colour' => (string) $group_row['group_colour'], |
| 232 | 'user_email' => '', |
| 233 | 'user_lang' => (string) $bot_row['bot_lang'], |
| 234 | 'user_style' => (int) $bot_row['bot_style'], |
| 235 | 'user_allow_massemail' => 0, |
| 236 | )); |
| 237 | |
| 238 | $sql = 'INSERT INTO ' . BOTS_TABLE . ' ' . $db->sql_build_array('INSERT', array( |
| 239 | 'user_id' => (int) $user_id, |
| 240 | 'bot_name' => (string) $bot_row['bot_name'], |
| 241 | 'bot_active' => (int) $bot_row['bot_active'], |
| 242 | 'bot_agent' => (string) $bot_row['bot_agent'], |
| 243 | 'bot_ip' => (string) $bot_row['bot_ip']) |
| 244 | ); |
| 245 | $db->sql_query($sql); |
| 246 | |
| 247 | $log = 'ADDED'; |
| 248 | } |
| 249 | else if ($bot_id) |
| 250 | {
|
| 251 | $sql = 'SELECT user_id, bot_name |
| 252 | FROM ' . BOTS_TABLE . " |
| 253 | WHERE bot_id = $bot_id"; |
| 254 | $result = $db->sql_query($sql); |
| 255 | $row = $db->sql_fetchrow($result); |
| 256 | $db->sql_freeresult($result); |
| 257 | |
| 258 | if (!$row) |
| 259 | {
|
| 260 | trigger_error($user->lang['NO_BOT'] . adm_back_link($this->u_action . "&id=$bot_id&action=$action"), E_USER_WARNING); |
| 261 | } |
| 262 | |
| 263 | $sql_ary = array( |
| 264 | 'user_style' => (int) $bot_row['bot_style'], |
| 265 | 'user_lang' => (string) $bot_row['bot_lang'], |
| 266 | ); |
| 267 | |
| 268 | if ($bot_row['bot_name'] !== $row['bot_name']) |
| 269 | {
|
| 270 | $sql_ary['username'] = (string) $bot_row['bot_name']; |
| 271 | $sql_ary['username_clean'] = (string) utf8_clean_string($bot_row['bot_name']); |
| 272 | } |
| 273 | |
| 274 | $sql = 'UPDATE ' . USERS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . " WHERE user_id = {$row['user_id']}"; |
| 275 | $db->sql_query($sql); |
| 276 | |
| 277 | $sql = 'UPDATE ' . BOTS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', array( |
| 278 | 'bot_name' => (string) $bot_row['bot_name'], |
| 279 | 'bot_active' => (int) $bot_row['bot_active'], |
| 280 | 'bot_agent' => (string) $bot_row['bot_agent'], |
| 281 | 'bot_ip' => (string) $bot_row['bot_ip']) |
| 282 | ) . " WHERE bot_id = $bot_id";
|
| 283 | $db->sql_query($sql); |
| 284 | |
| 285 | // Updated username?
|
| 286 | if ($bot_row['bot_name'] !== $row['bot_name']) |
| 287 | {
|
| 288 | user_update_name($row['bot_name'], $bot_row['bot_name']); |
| 289 | } |
| 290 | |
| 291 | $log = 'UPDATED'; |
| 292 | } |
| 293 | |
| 294 | $cache->destroy('_bots'); |
| 295 | |
| 296 | add_log('admin', 'LOG_BOT_' . $log, $bot_row['bot_name']); |
| 297 | trigger_error($user->lang['BOT_' . $log] . adm_back_link($this->u_action)); |
| 298 | |
| 299 | } |
| 300 | } |
| 301 | else if ($bot_id) |
| 302 | {
|
| 303 | $sql = 'SELECT b.*, u.user_lang, u.user_style |
| 304 | FROM ' . BOTS_TABLE . ' b, ' . USERS_TABLE . " u |
| 305 | WHERE b.bot_id = $bot_id |
| 306 | AND u.user_id = b.user_id";
|
| 307 | $result = $db->sql_query($sql); |
| 308 | $bot_row = $db->sql_fetchrow($result); |
| 309 | $db->sql_freeresult($result); |
| 310 | |
| 311 | if (!$bot_row) |
| 312 | {
|
| 313 | trigger_error($user->lang['NO_BOT'] . adm_back_link($this->u_action . "&id=$bot_id&action=$action"), E_USER_WARNING); |
| 314 | } |
| 315 | |
| 316 | $bot_row['bot_lang'] = $bot_row['user_lang']; |
| 317 | $bot_row['bot_style'] = $bot_row['user_style']; |
| 318 | unset($bot_row['user_lang'], $bot_row['user_style']); |
| 319 | } |
| 320 | |
| 321 | $s_active_options = ''; |
| 322 | $_options = array('0' => 'NO', '1' => 'YES'); |
| 323 | foreach ($_options as $value => $lang) |
| 324 | {
|
| 325 | $selected = ($bot_row['bot_active'] == $value) ? ' selected="selected"' : ''; |
| 326 | $s_active_options .= '<option value="' . $value . '"' . $selected . '>' . $user->lang[$lang] . '</option>'; |
| 327 | } |
| 328 | |
| 329 | $style_select = style_select($bot_row['bot_style'], true); |
| 330 | $lang_select = language_select($bot_row['bot_lang']); |
| 331 | |
| 332 | $l_title = ($action == 'edit') ? 'EDIT' : 'ADD'; |
| 333 | |
| 334 | $template->assign_vars(array( |
| 335 | 'L_TITLE' => $user->lang['BOT_' . $l_title], |
| 336 | 'U_ACTION' => $this->u_action . "&id=$bot_id&action=$action", |
| 337 | 'U_BACK' => $this->u_action, |
| 338 | 'ERROR_MSG' => (sizeof($error)) ? implode('<br />', $error) : '', |
| 339 | |
| 340 | 'BOT_NAME' => $bot_row['bot_name'], |
| 341 | 'BOT_IP' => $bot_row['bot_ip'], |
| 342 | 'BOT_AGENT' => $bot_row['bot_agent'], |
| 343 | |
| 344 | 'S_EDIT_BOT' => true, |
| 345 | 'S_ACTIVE_OPTIONS' => $s_active_options, |
| 346 | 'S_STYLE_OPTIONS' => $style_select, |
| 347 | 'S_LANG_OPTIONS' => $lang_select, |
| 348 | 'S_ERROR' => (sizeof($error)) ? true : false, |
| 349 | ) |
| 350 | ); |
| 351 | |
| 352 | return;
|
| 353 | |
| 354 | break;
|
| 355 | } |
| 356 | |
| 357 | $s_options = ''; |
| 358 | $_options = array('activate' => 'BOT_ACTIVATE', 'deactivate' => 'BOT_DEACTIVATE', 'delete' => 'DELETE'); |
| 359 | foreach ($_options as $value => $lang) |
| 360 | {
|
| 361 | $s_options .= '<option value="' . $value . '">' . $user->lang[$lang] . '</option>'; |
| 362 | } |
| 363 | |
| 364 | $template->assign_vars(array( |
| 365 | 'U_ACTION' => $this->u_action, |
| 366 | 'S_BOT_OPTIONS' => $s_options) |
| 367 | ); |
| 368 | |
| 369 | $sql = 'SELECT b.bot_id, b.bot_name, b.bot_active, u.user_lastvisit |
| 370 | FROM ' . BOTS_TABLE . ' b, ' . USERS_TABLE . ' u |
| 371 | WHERE u.user_id = b.user_id |
| 372 | ORDER BY u.user_lastvisit DESC, b.bot_name ASC';
|
| 373 | $result = $db->sql_query($sql); |
| 374 | |
| 375 | while ($row = $db->sql_fetchrow($result)) |
| 376 | {
|
| 377 | $active_lang = (!$row['bot_active']) ? 'BOT_ACTIVATE' : 'BOT_DEACTIVATE'; |
| 378 | $active_value = (!$row['bot_active']) ? 'activate' : 'deactivate'; |
| 379 | |
| 380 | $template->assign_block_vars('bots', array( |
| 381 | 'BOT_NAME' => $row['bot_name'], |
| 382 | 'BOT_ID' => $row['bot_id'], |
| 383 | 'LAST_VISIT' => ($row['user_lastvisit']) ? $user->format_date($row['user_lastvisit']) : $user->lang['BOT_NEVER'], |
| 384 | |
| 385 | 'U_ACTIVATE_DEACTIVATE' => $this->u_action . "&id={$row['bot_id']}&action=$active_value", |
| 386 | 'L_ACTIVATE_DEACTIVATE' => $user->lang[$active_lang], |
| 387 | 'U_EDIT' => $this->u_action . "&id={$row['bot_id']}&action=edit", |
| 388 | 'U_DELETE' => $this->u_action . "&id={$row['bot_id']}&action=delete") |
| 389 | ); |
| 390 | } |
| 391 | $db->sql_freeresult($result); |
| 392 | } |
| 393 | |
| 394 | /**
|
| 395 | * Validate bot name against username table |
| 396 | */ |
| 397 | function validate_botname($newname, $oldname = false) |
| 398 | {
|
| 399 | global $db; |
| 400 | |
| 401 | if ($oldname && utf8_clean_string($newname) === $oldname) |
| 402 | {
|
| 403 | return true; |
| 404 | } |
| 405 | |
| 406 | // Admins might want to use names otherwise forbidden, thus we only check for duplicates.
|
| 407 | $sql = 'SELECT username |
| 408 | FROM ' . USERS_TABLE . " |
| 409 | WHERE username_clean = '" . $db->sql_escape(utf8_clean_string($newname)) . "'"; |
| 410 | $result = $db->sql_query($sql); |
| 411 | $row = $db->sql_fetchrow($result); |
| 412 | $db->sql_freeresult($result); |
| 413 | |
| 414 | return ($row) ? false : true; |
| 415 | } |
| 416 | } |
| 417 | |
| 418 | ?> |