Главная Обзор Помощь
Вход
thurdata
/
blacklister
1
0
Ответвить 0
Файлы Задачи 0 Запросы на слияние 0 Вики
Ветка: master
Ветки Метки
blacklister
/
admin.php

admin.php 7.4 KB
Постоянная ссылка История Исходник

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231 
  1. <!DOCTYPE html>
    2. 

  2. <html>
    3. 

  3. <head>
    4. 

  4. <title>Blacklister Admin</title>
    5. 

  5. </head>
    6. 

  6. <body>
    7. 

  7. <div>
    8. 

  8. <?php
    9. 

  9. 

  10. require_once 'action.php';
    11. 

  11. require_once 'db.php';
    12. 

  12. require_once 'token.php';
    13. 

  13. require_once 'stats.php';
    14. 

  14. 

  15. if(!isset($_GET['token'])){
    16. 

  16.     echo "<form action='admin.php'><input type='text' size='35' id='token' name='token'><input type='submit' value='send token'></form></div></body></html>";
    17. 

  17.     exit;
    18. 

  18. }
    19. 

  19. if(isset($_GET['ip'])) {
    20. 

  20.     $ip = ip2long(substr(trim($_GET['ip']),0,15));
    21. 

  21. }
    22. 

  22. if(isset($_GET['token'])) {
    23. 

  23.     $token = substr(trim($_GET['token']),0,32);
    24. 

  24. }
    25. 

  25. if(isset($_GET['action'])) {
    26. 

  26.     $action = substr(trim($_GET['action']),0,12);
    27. 

  27. }
    28. 

  28. if(isset($_GET['userid'])) {
    29. 

  29.     $userid = substr(trim($_GET['userid']),0,32);
    30. 

  30. }
    31. 

  31. if(isset($_GET['role'])) {
    32. 

  32.     $role = substr(trim($_GET['role']),0,8);
    33. 

  33. }
    34. 

  34. if(isset($_GET['description'])) {
    35. 

  35.     $description = substr(trim($_GET['description']),0,40);
    36. 

  36. }
    37. 

  37. $clientIP = ip2long(substr(trim($_SERVER['REMOTE_ADDR']),0,15));
    38. 

  38. $stats = true;
    39. 

  39. 

  40. $tok = new token;
    41. 

  41. $act = new action;
    42. 

  42. 

  43. if($act->isBlocked($clientIP)) {
    44. 

  44.     http_response_code(403);
    45. 

  45.     exit;
    46. 

  46. }
    47. 

  47. 

  48. if (!$tok->isAdmin($token)) {
    49. 

  49.     $act->block($clientIP);
    50. 

  50.     echo "admin access denied</div></body></html>";
    51. 

  51.     exit;
    52. 

  52. }
    53. 

  53. if($stats == true) {
    54. 

  54.     (new stats)->log($clientIP,$ip,$action,$token);
    55. 

  55. }
    56. 

  56. switch($action) {
    57. 

  57.     case 'deluser':
    58. 

  58.         if($act->delUser($userid)){
    59. 

  59.             echo " user removed " . $userid ."\n";
    60. 

  60.         } else {
    61. 

  61.             echo " fehler\n";
    62. 

  62.         };
    63. 

  63.         break;
    64. 

  64.     case 'adduser':
    65. 

  65.         if($act->addUser($userid,$role,$description)){
    66. 

  66.             echo " user added, token:" . $userid . " role:" .$role . " description: " . $description . "\n";
    67. 

  67.         } else {
    68. 

  68.             echo " fehler\n";
    69. 

  69.         };
    70. 

  70.         break;
    71. 

  71.     case 'blacklist':
    72. 

  72.         if($act->blackList($ip)){
    73. 

  73.             echo " blacklisted " . long2ip($ip) ."\n";
    74. 

  74.         } else {
    75. 

  75.             echo " fehler\n";
    76. 

  76.         };
    77. 

  77.         break;
    78. 

  78.     case 'deblacklist':
    79. 

  79.         if($act->deBlackList($ip)){
    80. 

  80.             echo " deblacklisted " . long2ip($ip) ."\n";
    81. 

  81.         } else {
    82. 

  82.             echo " fehler\n";
    83. 

  83.         };
    84. 

  84.         break;
    85. 

  85.     case 'blocklist':
    86. 

  86.         if($act->adminBlock($ip)){
    87. 

  87.             echo " blocklisted " . long2ip($ip) ."\n";
    88. 

  88.         } else {
    89. 

  89.             echo " fehler\n";
    90. 

  90.         };
    91. 

  91.         break;
    92. 

  92.     case 'deblocklist':
    93. 

  93.         if($act->deBlockList($ip)){
    94. 

  94.             echo " deblocklisted " . long2ip($ip) ."\n";
    95. 

  95.         } else {
    96. 

  96.             echo " fehler\n";
    97. 

  97.         };
    98. 

  98.         break;
    99. 

  99.     case 'whitelist':
    100. 

  100.         if($act->whiteList($ip)){
    101. 

  101.             echo " whitelisted " . long2ip($ip) ."\n";
    102. 

  102.         } else {
    103. 

  103.             echo " fehler\n";
    104. 

  104.         };
    105. 

  105.         break;
    106. 

  106.     case 'dewhitelist':
    107. 

  107.         if($act->deWhiteList($ip)){
    108. 

  108.             echo " dewhitelisted " . long2ip($ip) ."\n";
    109. 

  109.         } else {
    110. 

  110.             echo " fehler\n";
    111. 

  111.         };
    112. 

  112.         break;
    113. 

  113.     case 'list':
    114. 

  114.         if($act->list($ip)){
    115. 

  115.             echo " listed " . long2ip($ip) ."\n";
    116. 

  116.         } else {
    117. 

  117.             echo " fehler\n";
    118. 

  118.         };
    119. 

  119.         break;
    120. 

  120.     case 'delist':
    121. 

  121.         if($act->adminDeList($ip)){
    122. 

  122.             echo " delisted " . long2ip($ip) ."\n";
    123. 

  123.         } else {
    124. 

  124.             echo " fehler\n";
    125. 

  125.         };
    126. 

  126.         break;
    127. 

  127. }
    128. 

  128. ?>
    129. 

  129. </div>
    130. 

  130. <h3>Clients</h3>
    131. 

  131. <table>
    132. 

  132. <tr><th>Token</th><th>Role</th><th>Description</th><th></th></tr>
    133. 

  133. <?php
    134. 

  134. $userlist = $act->getUser();
    135. 

  135. foreach($userlist as $user) {
    136. 

  136.     echo "<tr><td>" . $user[0] . "</td><td>" . $user[1] . "</td><td>" . $user[2] . "</td><td><input type='button' id='deluser' value='remove' onclick='window.location.href=\"admin.php?token=" . $token . "&action=deluser&userid=" . $user[0] . "\"'></td></tr>";
    137. 

  137. }
    138. 

  138. ?>
    139. 

  139. <tr>
    140. 

  140.     <form action="admin.php">
    141. 

  141.     <input type="hidden" id="token" name="token" value="<?php echo $token; ?>">
    142. 

  142.     <input type="hidden" id="action" name="action" value="adduser">
    143. 

  143.     <td>
    144. 

  144.         <input type='text' id='userid' name='userid' size='35' readonly value='<?php echo bin2hex(random_bytes(16)) ?>'>
    145. 

  145.         <input type='button' id='createtoken' value='refresh' onclick='window.location.href="admin.php?token=<?php echo $token; ?>"'>
    146. 

  146.     </td><td>
    147. 

  147.         <input type='radio' id='reporter' name='role' value='reporter'>Reporter
    148. 

  148.         <input type='radio' id='consumer' name='role' value='consumer'>Consumer
    149. 

  149.         <input type='radio' id='admin' name='role' value='admin'>Admin
    150. 

  150.     </td><td>
    151. 

  151.         <input type='text' id='description' name='description'>
    152. 

  152.     </td><td>
    153. 

  153.         <input type='submit' value='add user'>
    154. 

  154.     </td></form>
    155. 

  155. </tr>
    156. 

  156. </table>
    157. 

  157. <h3>Clientblocklist</h3>
    158. 

  158. Alle IP Adressen, die mehr als 5x unauthorisiert zugegriffen haben. 
    159. 

  159. <table>
    160. 

  160. <?php
    161. 

  161. $blocklist = $act->getBlockedClients();
    162. 

  162. foreach($blocklist as $blip) {
    163. 

  163.     echo "<tr><td>" . long2ip($blip) . "</td><td><input type='button' id='deblocklist' value='remove' onclick='window.location.href=\"admin.php?token=" . $token . "&action=deblocklist&ip=" . long2ip($blip) . "\"'></td></tr>";
    164. 

  164. }
    165. 

  165. ?>
    166. 

  166. <tr>
    167. 

  167.     <form action="admin.php">
    168. 

  168.     <input type="hidden" id="token" name="token" value="<?php echo $token; ?>">
    169. 

  169.     <input type="hidden" id="action" name="action" value="blocklist">
    170. 

  170.     <td>
    171. 

  171.         <input type='text' id='ip' name='ip'>
    172. 

  172.     </td><td>
    173. 

  173.         <input type='submit' value='add to blocklist'>
    174. 

  174.     </form>
    175. 

  175.     </td></tr>
    176. 

  176. </table>
    177. 

  177. <h3>Blacklist</h3>
    178. 

  178. Manuell eingepflegte IP Adressen. Werden zusammen mit den automatischen Einträgen als Banliste ausgeliefert.
    179. 

  179. <table>
    180. 

  180. <?php
    181. 

  181. $blacklist = $act->getBlackList();
    182. 

  182. foreach($blacklist as $blip) {
    183. 

  183.     echo "<tr><td>" . long2ip($blip) . "</td><td><input type='button' id='deblacklist' value='remove' onclick='window.location.href=\"admin.php?token=" . $token . "&action=deblacklist&ip=" . long2ip($blip) . "\"'></td></tr>";
    184. 

  184. }
    185. 

  185. ?>
    186. 

  186. <tr>
    187. 

  187.     <form action="admin.php">
    188. 

  188.     <input type="hidden" id="token" name="token" value="<?php echo $token; ?>">
    189. 

  189.     <input type="hidden" id="action" name="action" value="blacklist">
    190. 

  190.     <td>
    191. 

  191.         <input type='text' id='ip' name='ip'>
    192. 

  192.     </td><td>
    193. 

  193.         <input type='submit' value='add to blacklist'>
    194. 

  194.     </form>
    195. 

  195.     </td></tr>
    196. 

  196. </table>
    197. 

  197. <h3>Whitelist</h3>
    198. 

  198. Manuell eingepflegte IP-Adressen, welche nicht mehr in die automatische Liste eingetragen werden können.
    199. 

  199. <table border="0">
    200. 

  200. <?php
    201. 

  201. $whitelist = $act->getWhiteList();
    202. 

  202. foreach($whitelist as $wlip) {
    203. 

  203.     echo "<tr><td>" . long2ip($wlip) . "</td><td><input type='button' id='dewhitelist' value='remove' onclick='window.location.href=\"admin.php?token=" . $token . "&action=dewhitelist&ip=" . long2ip($wlip) . "\"'></td></tr>";
    204. 

  204. }
    205. 

  205. ?>
    206. 

  206. <tr>
    207. 

  207.     <form action="admin.php">
    208. 

  208.     <input type="hidden" id="token" name="token" value="<?php echo $token; ?>">
    209. 

  209.     <input type="hidden" id="action" name="action" value="whitelist">
    210. 

  210.     <td>
    211. 

  211.         <input type='text' id='ip' name='ip'>
    212. 

  212.     </td><td>
    213. 

  213.         <input type='submit' value='add to whitelist'>
    214. 

  214.     </form>
    215. 

  215.     </td></tr>
    216. 

  216. </table>
    217. 

  217. <h3>List</h3>
    218. 

  218. Automatisch generierte Liste über alle via Reporter gemeldeter IP-Adressen.
    219. 

  219. <table border="0">
    220. 

  220. <?php
    221. 

  221. $list = $act->getList();
    222. 

  222. foreach($list as $lip) {
    223. 

  223.     echo "<tr><td>" . long2ip($lip) . "</td>";
    224. 

  224.     echo "<td><input type='button' id='delist' value='remove' onclick='window.location.href=\"admin.php?token=" . $token . "&action=delist&ip=" . long2ip($lip) . "\"'></td>";
    225. 

  225.     echo "<td><input type='button' id='blacklist' value='blacklist' onclick='window.location.href=\"admin.php?token=" . $token . "&action=blacklist&ip=" . long2ip($lip) . "\"'></td>";
    226. 

  226.     echo "<td><input type='button' id='whitelist' value='whitelist' onclick='window.location.href=\"admin.php?token=" . $token . "&action=whitelist&ip=" . long2ip($lip) . "\"'></td></tr>";
    227. 

  227. }
    228. 

  228. ?>
    229. 

  229. </table>
    230. 

  230. </body>
    231. 

  231. </html>
    232.