./inc/extensions/sponsor/mode-setup.php:43:// @TODO Remove double tabs from all lines
./inc/extensions/sql_patches/mode-update.php:43:// @TODO Remove double tabs from all lines
./inc/extensions/user/mode-update.php:43:// @TODO Remove double tabs from all lines
-./inc/filter/blacklist_filter.php:63: // @TODO Insert log entry
+./inc/filter/blacklist_filter.php:82: // @TODO Insert log entry
+./inc/filter/blacklist_filter.php:93: // @TODO Insert log entry
./inc/filter/bonus_filter.php:56: // @TODO This query isn't right, it will only update if the user was for a longer time away!
./inc/filter/cache_filter.php:94: // @TODO This should be rewritten not to load the cache file for just checking if it is there for save removal.
./inc/filter/forced_filter.php:73: // @TODO This part is unfinished
./inc/header.php:66:// @TODO Find a way to not use direct module comparison
./inc/install-functions.php:446: // @TODO Comparing with DEFAULT_MAIN_TITLE doesn't work
./inc/install-functions.php:97: // @TODO DEACTIVATED: changeDataInLocalConfigurationFile('OUTPUT-MODE', "setConfigEntry('OUTPUT_MODE', '", "');", postRequestElement('omode'), 0);
-./inc/language/de.php:1161: // @TODO Rewrite these two constants
-./inc/language/de.php:1177: // @TODO Rewrite these three constants
+./inc/language/de.php:1162: // @TODO Rewrite these two constants
+./inc/language/de.php:1178: // @TODO Rewrite these three constants
./inc/language/de.php:46: // @TODO Please sort these language elements
./inc/language/de.php:748:// @TODO Are these constants longer used?
./inc/language-functions.php:254: // @TODO These are all valid languages, again hard-coded
// Add configuration
addConfigAddSql('email_blacklist', "ENUM('Y','N') NOT NULL DEFAULT 'Y'");
+ addConfigAddSql('ip_blacklist', "ENUM('Y','N') NOT NULL DEFAULT 'Y'");
addConfigAddSql('url_blacklist', "ENUM('Y','N') NOT NULL DEFAULT 'Y'");
// Register filters
registerFilter(__FILE__, __LINE__, 'pre_user_registration' , 'CHECK_EMAIL_BLACKLISTED', FALSE, TRUE, isExtensionDryRun());
+ registerFilter(__FILE__, __LINE__, 'pre_user_registration' , 'CHECK_IP_BLACKLISTED' , FALSE, TRUE, isExtensionDryRun());
registerFilter(__FILE__, __LINE__, 'pre_update_user_data' , 'CHECK_EMAIL_BLACKLISTED', FALSE, TRUE, isExtensionDryRun());
registerFilter(__FILE__, __LINE__, 'post_email_blacklisted', 'LOG_EMAIL_BLACKLISTED' , FALSE, TRUE, isExtensionDryRun());
+ registerFilter(__FILE__, __LINE__, 'post_ip_blacklisted' , 'LOG_IP_BLACKLISTED' , FALSE, TRUE, isExtensionDryRun());
break;
case 'remove': // Do stuff when removing extension
// Unregister filters
unregisterFilter(__FILE__, __LINE__, 'pre_user_registration' , 'CHECK_EMAIL_BLACKLISTED', TRUE, isExtensionDryRun());
+ unregisterFilter(__FILE__, __LINE__, 'pre_user_registration' , 'CHECK_IP_BLACKLISTED' , TRUE, isExtensionDryRun());
unregisterFilter(__FILE__, __LINE__, 'pre_update_user_data' , 'CHECK_EMAIL_BLACKLISTED', TRUE, isExtensionDryRun());
unregisterFilter(__FILE__, __LINE__, 'post_email_blacklisted', 'LOG_EMAIL_BLACKLISTED' , TRUE, isExtensionDryRun());
+ unregisterFilter(__FILE__, __LINE__, 'post_ip_blacklisted' , 'LOG_IP_BLACKLISTED' , TRUE, isExtensionDryRun());
break;
case 'activate': // Do stuff when admin activates this extension
// Is the email address blacklisted?
if (($filterData['init_done'] === TRUE) && (isEmailBlacklistEnabled()) && (isEmailBlacklisted($filterData['post_data']['email']))) {
// Then abort here
- $filterData['init_done'] = FALSE;
+ $filterData['init_done'] = FALSE;
+ $filterData['blacklisted'] = 'email';
+ $filterData['message'] = '{--EMAIL_IS_BLACKLISTED--}';
// Run filter chain for successful detection (don't rely on other fields than 'email') here
runFilterChain('post_email_blacklisted', $filterData);
return $filterData;
}
+// Filter to check if IP address is blacklisted
+function FILTER_CHECK_IP_BLACKLISTED ($filterData) {
+ // Is the IP address blacklisted?
+ if (($filterData['init_done'] === TRUE) && (isEmailBlacklistEnabled()) && (isIpBlacklisted(determineRealRemoteAddress()))) {
+ // Then abort here
+ $filterData['init_done'] = FALSE;
+ $filterData['blacklisted'] = 'ip';
+ $filterData['message'] = '{--IP_IS_BLACKLISTED--}';
+
+ // Run filter chain for successful detection (don't rely on other fields than 'IP') here
+ runFilterChain('post_ip_blacklisted', $filterData);
+ } // END - if
+
+ // Return filtered data
+ return $filterData;
+}
+
// Filter for logging blacklisted email addresses, is being called from above filter
function FILTER_LOG_EMAIL_BLACKLISTED ($filerData) {
// Make sure, that required data is there
- assert((isset($filterData['init_done'])) && (isset($filterData['post_data']['email'])));
+ assert((isset($filterData['init_done'])) && ($filterData['blacklisted'] == 'email'));
+
+ // @TODO Insert log entry
+
+ // Return filtered data
+ return $filterData;
+}
+
+// Filter for logging blacklisted IP addresses, is being called from above filter
+function FILTER_LOG_IP_BLACKLISTED ($filerData) {
+ // Make sure, that required data is there
+ assert((isset($filterData['init_done'])) && ($filterData['blacklisted'] == 'ip'));
// @TODO Insert log entry
'ADMIN_CONFIG_BLACKLIST_TITLE' => "Konfiguration von Sperrlisten",
'ADMIN_CONFIG_BLACKLIST_LEGEND' => "Sperrlisten aktvieren:",
'ADMIN_CONFIG_EMAIL_BLACKLIST_ENABLED' => "Sperrliste für Email-Adressen aktivieren?",
+ 'ADMIN_CONFIG_IP_BLACKLIST_ENABLED' => "Sperrliste für IP-Adressen aktivieren?",
'ADMIN_CONFIG_URL_BLACKLIST_ENABLED' => "Sperrliste für gebuchte URLs aktivieren?",
'ADMIN_CONFIG_BLACKLIST_NOTICE' => "<strong>Hinweise:</strong> Die Sperrliste für Email-Adressen gilt sowohl für die Mitgliedsanmeldung als auch wenn das Mitglied seine Daten ändert. Ist die vom Mitglied eingegebene Email-Adresse gesperrt, wird diese nicht angenommen. Die URL-Sperrliste gilt für alle Erweiterungen (Besuchertausch, Mailbuchung, Forced-Buchungen usw.).",
));
'UNKNOWN_ERROR_CODE' => "Unbekannter Fehlercode <span class=\"data\">0x{%%pipe,getHexErrorCode=%s%%}</span> erkannt.",
'LOADER_SECURITY_HASH_MISMATCH' => "Der Sicherheitshash für den Dereferrer stimmt nicht mit der URL überein.",
'URL_IS_BLACKLISTED' => "URL ist gesperrt.",
- 'MEMBER_EMAIL_BLACKLISTED' => "Ihre Email-Adresse darf bei uns nicht verwendet werden. Bitte setzen Sie sich mit uns in Verbindung.",
+ 'EMAIL_IS_BLACKLISTED' => "Ihre Email-Adresse darf bei uns nicht verwendet werden. Bitte setzen Sie sich mit uns in Verbindung.",
+ 'IP_IS_BLACKLISTED' => "Die von Ihnen derzeit verwendete IP-Adresse ist bei uns gesperrt. Bitte setzen Sie sich mit uns in Verbindung.",
'DATA_IS_HIDDEN' => "Daten sind verdeckt.",
'ADMIN_BOOKING_PACKAGE_ID' => "Buchungspaket",
'ADMIN_BOOKING_PACKAGE_LINK' => "Zum Paket ...",
'MEMBER_PROFILE_LAST_CHANGE' => "Letzte Änderung",
'MEMBER_PROFILE_UPDATED' => "Ihre Profildaten wurden aktualisiert.",
'MEMBER_EMAIL_IS_ALREADY_REGISTERED' => "Die Email-Adresse wird bereits von einem anderen Account verwendet.",
+ 'PRE_UPDATE_USER_DATA_FAILED' => "Überprüfung Ihrer Mitgliedsdaten vor Aktualisierung fehlgeschlagen. Bitte setzen Sie sich mit uns in Verbindung.",
));
// [EOF]
die();
} // END - if
+// Checks whether given email is blacklisted
+function isEmailBlacklisted ($email) {
+ // Call inner function
+ return isGenericBlacklisted('email', $email);
+}
+
+// Checks whether given IP is blacklisted
+function isIpBlacklisted ($ip) {
+ // Call inner function
+ return isGenericBlacklisted('ip', $ip);
+}
+
+// Checks whether given URL is blacklisted
+function isUrlBlacklisted ($url) {
+ // Call inner function
+ return isGenericBlacklisted('url', $email);
+}
+
// Checks whether given data is blacklisted
function isGenericBlacklisted ($type, $data) {
// Mark it as not listed by default
// Inserts a given email (pattern) in blacklist if not found
function insertEmailInBlacklist ($email, $provider = 'BLACKLIST') {
// Call inner function
- insertGenericInBlacklist ('email', $email, NULL, $provider);
+ return insertGenericInBlacklist ('email', $email, NULL, $provider);
}
-// Inserts a given URL in blacklist if not found
+// Inserts a given IP (pattern) in blacklist if not found
+function insertIpInBlacklist ($ip, $provider = 'BLACKLIST') {
+ // Call inner function
+ return insertGenericInBlacklist ('ip', $ip, NULL, $provider);
+}
+
+// Inserts a given URL (pattern) in blacklist if not found
function insertUrlInBlacklist ($url, $poolId, $provider = 'BLACKLIST') {
// Call inner function
- insertGenericInBlacklist ('url', $url, $poolId, $provider);
+ return insertGenericInBlacklist ('url', $url, $poolId, $provider);
}
// Inserts a given URL in blacklist if not found
strtoupper($type)
), __FUNCTION__, __LINE__);
} // END - if
-}
-// Checks whether given email is blacklisted
-function isEmailBlacklisted ($email) {
- // Call inner function
- return isGenericBlacklisted('email', $email);
-}
-
-// Checks whether given URL is blacklisted
-function isUrlBlacklisted ($url) {
- // Call inner function
- return isGenericBlacklisted('url', $email);
+ // Return insert id for debugging/reporting pursposes
+ return SQL_INSERT_ID();
}
// ----------------------------------------------------------------------------
return $GLOBALS[__FUNCTION__];
}
+// Wrapper to check if ip_blacklist is enabled
+function isIpBlacklistEnabled () {
+ // Is there cache?
+ if (!isset($GLOBALS[__FUNCTION__])) {
+ // Determine it
+ $GLOBALS[__FUNCTION__] = (getConfig('ip_blacklist') == 'Y');
+ } // END - if
+
+ // Return cache
+ return $GLOBALS[__FUNCTION__];
+}
+
// [EOF]
?>
reportBug(__FUNCTION__, __LINE__, 'Tried to register a user account without ext-user installed.');
} // END - if
+ // Init extra SQL data
+ initExtraRegistrationSql();
+
// Init filter data
$filterData = array(
// Initialization not done by default
- 'init_done' => FALSE,
- 'post_data' => postRequestArray(),
+ 'init_done' => FALSE,
+ 'post_data' => postRequestArray(),
+ 'blacklisted' => '',
+ 'message' => '{--PRE_USER_REGISTRATION_FAILED--}',
);
- // Init extra SQL data
- initExtraRegistrationSql();
-
// Run the pre-registration chain
$filterData = runFilterChain('pre_user_registration', $filterData);
// Did the initialization work?
if ($filterData['init_done'] === FALSE) {
// Something bad happened!
- displayMessage('{--PRE_USER_REGISTRATION_FAILED--}');
+ displayMessage($filterData['message']);
// Stop here
return FALSE;
if (postRequestElement('email') != $content['email']) {
// Yes, but is it maybe blacklisted?
$filterData = array(
- 'init_done' => TRUE,
- 'post_data' => postRequestArray()
+ 'init_done' => TRUE,
+ 'post_data' => postRequestArray(),
+ 'blacklisted' => '',
+ 'message' => '{--PRE_UPDATE_USER_DATA_FAILED--}',
);
$filterData = runFilterChain('pre_update_user_data', $filterData);
// Is it blacklisted?
if ($filterData['init_done'] === FALSE) {
- // Blacklisted email address found
- displayMessage('{--MEMBER_EMAIL_BLACKLISTED--}');
+ // Found something blacklisted
+ displayMessage($filterData['message']);
return;
} // END - if
</div>
</div>
+ <div>
+ <label class="admin_label" for="ip_blacklist">{--ADMIN_CONFIG_IP_BLACKLIST_ENABLED--}</label>
+ <div align="center">
+ {%template,ConfigurationYesNoSelectionBox=ip_blacklist%}
+ </div>
+ </div>
+
<div>
<label class="admin_label" for="url_blacklist">{--ADMIN_CONFIG_URL_BLACKLIST_ENABLED--}</label>
<div align="center">
projects / mailer.git / commitdiff