add protection

action.php

@@ -22,6 +22,19 @@ class action {
         return true;
     }
 
+    public function adminBlock($ip) {
+        $dbAction = $this->db->prepare("INSERT IGNORE INTO blocklist (ip, count) VALUES (?, 4)");
+        $dbAction->bind_param('i',$ip);
+        $dbAction->execute();
+        return true;
+    }
+
+    public function deBlockList($ip) {
+        $dbAction = $this->db->prepare("DELETE FROM blocklist WHERE ip = ?");
+        $dbAction->bind_param('i',$ip);
+        return $dbAction->execute();
+    }
+
     public function getBlockedClients() {
         $list = array();
         $dbAction = $this->db->prepare("SELECT ip FROM blocklist WHERE count > 3 ORDER BY ip ASC");

admin.php

@@ -83,7 +83,21 @@ switch($action) {
             echo " fehler\n";
         };
         break;
-    case 'whitelist':
+    case 'blocklist':
+        if($act->adminBlock($ip)){
+            echo " blocklisted " . long2ip($ip) ."\n";
+        } else {
+            echo " fehler\n";
+        };
+        break;
+    case 'deblocklist':
+        if($act->deBlockList($ip)){
+            echo " deblocklisted " . long2ip($ip) ."\n";
+        } else {
+            echo " fehler\n";
+        };
+        break;
+        case 'whitelist':
         if($act->whiteList($ip)){
             echo " whitelisted " . long2ip($ip) ."\n";
         } else {
@@ -141,41 +155,41 @@ foreach($userlist as $user) {
     </td></form>
 </tr>
 </table>
-<h3>Blacklist</h3>
+<h3>Clientblocklist</h3>
 <table>
 <?php
-$blacklist = $act->getBlackList();
-foreach($blacklist as $blip) {
-    echo "<tr><td>" . long2ip($blip) . "</td><td><input type='button' id='deblacklist' value='remove' onclick='window.location.href=\"admin.php?token=" . $token . "&action=deblacklist&ip=" . long2ip($blip) . "\"'></td></tr>";
+$blocklist = $act->getBlockedClients();
+foreach($blocklist as $blip) {
+    echo "<tr><td>" . long2ip($blip) . "</td><td><input type='button' id='deblocklist' value='remove' onclick='window.location.href=\"admin.php?token=" . $token . "&action=deblocklist&ip=" . long2ip($blip) . "\"'></td></tr>";
 }
 ?>
 <tr>
     <form action="admin.php">
     <input type="hidden" id="token" name="token" value="<?php echo $token; ?>">
-    <input type="hidden" id="action" name="action" value="blacklist">
+    <input type="hidden" id="action" name="action" value="blocklist">
     <td>
         <input type='text' id='ip' name='ip'>
     </td><td>
-        <input type='submit' value='add to blacklist'>
+        <input type='submit' value='add to blocklist'>
     </form>
     </td></tr>
 </table>
-<h3>Clientblocklist</h3>
+<h3>Blacklist</h3>
 <table>
 <?php
-$blacklist = $act->getBlockedClients();
+$blacklist = $act->getBlackList();
 foreach($blacklist as $blip) {
-    echo "<tr><td>" . long2ip($blip) . "</td><td><input type='button' id='deblocklist' value='remove' onclick='window.location.href=\"admin.php?token=" . $token . "&action=deblocklist&ip=" . long2ip($blip) . "\"'></td></tr>";
+    echo "<tr><td>" . long2ip($blip) . "</td><td><input type='button' id='deblacklist' value='remove' onclick='window.location.href=\"admin.php?token=" . $token . "&action=deblacklist&ip=" . long2ip($blip) . "\"'></td></tr>";
 }
 ?>
 <tr>
     <form action="admin.php">
     <input type="hidden" id="token" name="token" value="<?php echo $token; ?>">
-    <input type="hidden" id="action" name="action" value="blocklist">
+    <input type="hidden" id="action" name="action" value="blacklist">
     <td>
         <input type='text' id='ip' name='ip'>
     </td><td>
-        <input type='submit' value='add to blocklist'>
+        <input type='submit' value='add to blacklist'>
     </form>
     </td></tr>
 </table>