thurdata
/
blacklister


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204
							<!DOCTYPE html>
<html>
<head>
<title>Blacklister Admin</title>
</head>
<body>
<div>
<?php
error_reporting(E_ALL);

require_once 'action.php';
require_once 'db.php';
require_once 'token.php';
require_once 'stats.php';

if(!isset($_GET['token'])){
    echo "<form action='admin.php'><input type='text' size='35' id='token' name='token'><input type='submit' value='send token'></form></div></body></html>";
    exit;
}
if(isset($_GET['ip'])) {
    $ip = ip2long(substr(trim($_GET['ip']),0,15));
}
if(isset($_GET['token'])) {
    $token = substr(trim($_GET['token']),0,32);
}
if(isset($_GET['action'])) {
    $action = substr(trim($_GET['action']),0,12);
}
if(isset($_GET['userid'])) {
    $userid = substr(trim($_GET['userid']),0,32);
}
if(isset($_GET['role'])) {
    $role = substr(trim($_GET['role']),0,8);
}
if(isset($_GET['description'])) {
    $description = substr(trim($_GET['description']),0,40);
}
$clientIP = substr(trim($_SERVER['REMOTE_ADDR']),0,15);
$stats = true;

$tok = new token;
$act = new action;

if($act->isBlocked(ip2long($clientIP))) {
    http_response_code(403);
    exit;
}

if (!$tok->isAdmin($token)) {
    echo "admin access denied</div></body></html>";
    exit;
}
if($stats == true) {
    (new stats)->log($ip,$action,$token);
}
switch($action) {
    case 'deluser':
        if($act->delUser($userid)){
            echo " user removed " . $userid ."\n";
        } else {
            echo " fehler\n";
        };
        break;
    case 'adduser':
        if($act->addUser($userid,$role,$description)){
            echo " user added, token:" . $userid . " role:" .$role . " description: " . $description . "\n";
        } else {
            echo " fehler\n";
        };
        break;
    case 'blacklist':
        if($act->blackList($ip)){
            echo " blacklisted " . long2ip($ip) ."\n";
        } else {
            echo " fehler\n";
        };
        break;
    case 'deblacklist':
        if($act->deBlackList($ip)){
            echo " deblacklisted " . long2ip($ip) ."\n";
        } else {
            echo " fehler\n";
        };
        break;
    case 'whitelist':
        if($act->whiteList($ip)){
            echo " whitelisted " . long2ip($ip) ."\n";
        } else {
            echo " fehler\n";
        };
        break;
    case 'dewhitelist':
        if($act->deWhiteList($ip)){
            echo " dewhitelisted " . long2ip($ip) ."\n";
        } else {
            echo " fehler\n";
        };
        break;
    case 'list':
        if($act->list($ip)){
            echo " listed " . long2ip($ip) ."\n";
        } else {
            echo " fehler\n";
        };
        break;
    case 'delist':
        if($act->adminDeList($ip)){
            echo " delisted " . long2ip($ip) ."\n";
        } else {
            echo " fehler\n";
        };
        break;
}
?>
</div>
<h3>Clients</h3>
<table>
<tr><th>Token</th><th>Role</th><th>Description</th><th></th></tr>
<?php
$userlist = $act->getUser();
foreach($userlist as $user) {
    echo "<tr><td>" . $user[0] . "</td><td>" . $user[1] . "</td><td>" . $user[2] . "</td><td><input type='button' id='deluser' value='remove' onclick='window.location.href=\"admin.php?token=" . $token . "&action=deluser&userid=" . $user[0] . "\"'></td></tr>";
}
?>
<tr>
    <form action="admin.php">
    <input type="hidden" id="token" name="token" value="<?php echo $token; ?>">
    <input type="hidden" id="action" name="action" value="adduser">
    <td>
        <input type='text' id='userid' name='userid' size='35' readonly value='<?php echo bin2hex(random_bytes(16)) ?>'>
        <input type='button' id='createtoken' value='refresh' onclick='window.location.href="admin.php?token=<?php echo $token; ?>"'>
    </td><td>
        <input type='radio' id='reporter' name='role' value='reporter'>Reporter
        <input type='radio' id='consumer' name='role' value='consumer'>Consumer
        <input type='radio' id='admin' name='role' value='admin'>Admin
    </td><td>
        <input type='text' id='description' name='description'>
    </td><td>
        <input type='submit' value='add user'>
    </td></form>
</tr>
</table>
<h3>Blacklist</h3>
<table>
<?php
$blacklist = $act->getBlackList();
foreach($blacklist as $blip) {
    echo "<tr><td>" . long2ip($blip) . "</td><td><input type='button' id='deblacklist' value='remove' onclick='window.location.href=\"admin.php?token=" . $token . "&action=deblacklist&ip=" . long2ip($blip) . "\"'></td></tr>";
}
?>
<tr>
    <form action="admin.php">
    <input type="hidden" id="token" name="token" value="<?php echo $token; ?>">
    <input type="hidden" id="action" name="action" value="blacklist">
    <td>
        <input type='text' id='ip' name='ip'>
    </td><td>
        <input type='submit' value='add to blacklist'>
    </form>
    </td></tr>
</table>
<h3>Whitelist</h3>
<table border="0">
<?php
$whitelist = $act->getWhiteList();
foreach($whitelist as $wlip) {
    echo "<tr><td>" . long2ip($wlip) . "</td><td><input type='button' id='dewhitelist' value='remove' onclick='window.location.href=\"admin.php?token=" . $token . "&action=dewhitelist&ip=" . long2ip($wlip) . "\"'></td></tr>";
}
?>
<tr>
    <form action="admin.php">
    <input type="hidden" id="token" name="token" value="<?php echo $token; ?>">
    <input type="hidden" id="action" name="action" value="whitelist">
    <td>
        <input type='text' id='ip' name='ip'>
    </td><td>
        <input type='submit' value='add to whitelist'>
    </form>
    </td></tr>
</table>
<h3>List</h3>
<table border="0">
<?php
$list = $act->getList();
foreach($list as $lip) {
    echo "<tr><td>" . long2ip($lip) . "</td>";
    echo "<td><input type='button' id='delist' value='remove' onclick='window.location.href=\"admin.php?token=" . $token . "&action=delist&ip=" . long2ip($lip) . "\"'></td>";
    echo "<td><input type='button' id='blacklist' value='blacklist' onclick='window.location.href=\"admin.php?token=" . $token . "&action=blacklist&ip=" . long2ip($lip) . "\"'></td>";
    echo "<td><input type='button' id='whitelist' value='whitelist' onclick='window.location.href=\"admin.php?token=" . $token . "&action=whitelist&ip=" . long2ip($lip) . "\"'></td></tr>";
}
?>
<tr>
    <form action="admin.php">
    <input type="hidden" id="token" name="token" value="<?php echo $token; ?>">
    <input type="hidden" id="action" name="action" value="list">
    <td>
        <input type='text' id='ip' name='ip'>
    </td><td>
        <input type='submit' value='add to list'>
    </form>
    </td></tr>
</table>
</body>
</html>