Blame Identity/Webenv/phpBB/3.0.4/includes/acp/acp_bots.php

ef5584
ef5584
/**
ef5584
*
ef5584
* @package acp
ef5584
* @version $Id: acp_bots.php 8479 2008-03-29 00:22:48Z naderman $
ef5584
* @copyright (c) 2005 phpBB Group
ef5584
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
ef5584
*
ef5584
*/
ef5584
ef5584
/**
ef5584
* @ignore
ef5584
*/
ef5584
if (!defined('IN_PHPBB'))
ef5584
{
ef5584
	exit;
ef5584
}
ef5584
ef5584
/**
ef5584
* @package acp
ef5584
*/
ef5584
class acp_bots
ef5584
{
ef5584
	var $u_action;
ef5584
ef5584
	function main($id, $mode)
ef5584
	{
ef5584
		global $config, $db, $user, $auth, $template, $cache;
ef5584
		global $phpbb_root_path, $phpbb_admin_path, $phpEx, $table_prefix;
ef5584
ef5584
		$action = request_var('action', '');
ef5584
		$submit = (isset($_POST['submit'])) ? true : false;
ef5584
		$mark	= request_var('mark', array(0));
ef5584
		$bot_id	= request_var('id', 0);
ef5584
ef5584
		if (isset($_POST['add']))
ef5584
		{
ef5584
			$action = 'add';
ef5584
		}
ef5584
ef5584
		$error = array();
ef5584
ef5584
		$user->add_lang('acp/bots');
ef5584
		$this->tpl_name = 'acp_bots';
ef5584
		$this->page_title = 'ACP_BOTS';
ef5584
		$form_key = 'acp_bots';
ef5584
		add_form_key($form_key);
ef5584
ef5584
		if ($submit && !check_form_key($form_key))
ef5584
		{
ef5584
			$error[] = $user->lang['FORM_INVALID'];
ef5584
		}
ef5584
ef5584
		// User wants to do something, how inconsiderate of them!
ef5584
		switch ($action)
ef5584
		{
ef5584
			case 'activate':
ef5584
				if ($bot_id || sizeof($mark))
ef5584
				{
ef5584
					$sql_id = ($bot_id) ? " = $bot_id" : ' IN (' . implode(', ', $mark) . ')';
ef5584
ef5584
					$sql = 'UPDATE ' . BOTS_TABLE . "
ef5584
						SET bot_active = 1
ef5584
						WHERE bot_id $sql_id";
ef5584
					$db->sql_query($sql);
ef5584
				}
ef5584
ef5584
				$cache->destroy('_bots');
ef5584
			break;
ef5584
ef5584
			case 'deactivate':
ef5584
				if ($bot_id || sizeof($mark))
ef5584
				{
ef5584
					$sql_id = ($bot_id) ? " = $bot_id" : ' IN (' . implode(', ', $mark) . ')';
ef5584
ef5584
					$sql = 'UPDATE ' . BOTS_TABLE . "
ef5584
						SET bot_active = 0
ef5584
						WHERE bot_id $sql_id";
ef5584
					$db->sql_query($sql);
ef5584
				}
ef5584
ef5584
				$cache->destroy('_bots');
ef5584
			break;
ef5584
ef5584
			case 'delete':
ef5584
				if ($bot_id || sizeof($mark))
ef5584
				{
ef5584
					if (confirm_box(true))
ef5584
					{
ef5584
						// We need to delete the relevant user, usergroup and bot entries ...
ef5584
						$sql_id = ($bot_id) ? " = $bot_id" : ' IN (' . implode(', ', $mark) . ')';
ef5584
ef5584
						$sql = 'SELECT bot_name, user_id
ef5584
							FROM ' . BOTS_TABLE . "
ef5584
							WHERE bot_id $sql_id";
ef5584
						$result = $db->sql_query($sql);
ef5584
ef5584
						$user_id_ary = $bot_name_ary = array();
ef5584
						while ($row = $db->sql_fetchrow($result))
ef5584
						{
ef5584
							$user_id_ary[] = (int) $row['user_id'];
ef5584
							$bot_name_ary[] = $row['bot_name'];
ef5584
						}
ef5584
						$db->sql_freeresult($result);
ef5584
ef5584
						$db->sql_transaction('begin');
ef5584
ef5584
						$sql = 'DELETE FROM ' . BOTS_TABLE . "
ef5584
							WHERE bot_id $sql_id";
ef5584
						$db->sql_query($sql);
ef5584
ef5584
						if (sizeof($user_id_ary))
ef5584
						{
ef5584
							$_tables = array(USERS_TABLE, USER_GROUP_TABLE);
ef5584
							foreach ($_tables as $table)
ef5584
							{
ef5584
								$sql = "DELETE FROM $table
ef5584
									WHERE " . $db->sql_in_set('user_id', $user_id_ary);
ef5584
								$db->sql_query($sql);
ef5584
							}
ef5584
						}
ef5584
ef5584
						$db->sql_transaction('commit');
ef5584
ef5584
						$cache->destroy('_bots');
ef5584
ef5584
						add_log('admin', 'LOG_BOT_DELETE', implode(', ', $bot_name_ary));
ef5584
						trigger_error($user->lang['BOT_DELETED'] . adm_back_link($this->u_action));
ef5584
					}
ef5584
					else
ef5584
					{
ef5584
						confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
ef5584
							'mark'		=> $mark,
ef5584
							'id'		=> $bot_id,
ef5584
							'mode'		=> $mode,
ef5584
							'action'	=> $action))
ef5584
						);
ef5584
					}
ef5584
				}
ef5584
			break;
ef5584
ef5584
			case 'edit':
ef5584
			case 'add':
ef5584
				include_once($phpbb_root_path . 'includes/functions_user.' . $phpEx);
ef5584
ef5584
				$bot_row = array(
ef5584
					'bot_name'		=> utf8_normalize_nfc(request_var('bot_name', '', true)),
ef5584
					'bot_agent'		=> request_var('bot_agent', ''),
ef5584
					'bot_ip'		=> request_var('bot_ip', ''),
ef5584
					'bot_active'	=> request_var('bot_active', true),
ef5584
					'bot_lang'		=> request_var('bot_lang', $config['default_lang']),
ef5584
					'bot_style'		=> request_var('bot_style' , $config['default_style']),
ef5584
				);
ef5584
ef5584
				if ($submit)
ef5584
				{
ef5584
					if (!$bot_row['bot_agent'] && !$bot_row['bot_ip'])
ef5584
					{
ef5584
						$error[] = $user->lang['ERR_BOT_NO_MATCHES'];
ef5584
					}
ef5584
			
ef5584
					if ($bot_row['bot_ip'] && !preg_match('#^[\d\.,:]+$#', $bot_row['bot_ip']))
ef5584
					{
ef5584
						if (!$ip_list = gethostbynamel($bot_row['bot_ip']))
ef5584
						{
ef5584
							$error[] = $user->lang['ERR_BOT_NO_IP'];
ef5584
						}
ef5584
						else
ef5584
						{
ef5584
							$bot_row['bot_ip'] = implode(',', $ip_list);
ef5584
						}
ef5584
					}
ef5584
					$bot_row['bot_ip'] = str_replace(' ', '', $bot_row['bot_ip']);
ef5584
ef5584
					// Make sure the admin is not adding a bot with an user agent similar to his one
ef5584
					if ($bot_row['bot_agent'] && substr($user->data['session_browser'], 0, 149) === substr($bot_row['bot_agent'], 0, 149))
ef5584
					{
ef5584
						$error[] = $user->lang['ERR_BOT_AGENT_MATCHES_UA'];
ef5584
					}
ef5584
					
ef5584
					$bot_name = false;
ef5584
					if ($bot_id)
ef5584
					{
ef5584
						$sql = 'SELECT u.username_clean
ef5584
							FROM ' . BOTS_TABLE . ' b, ' . USERS_TABLE . " u
ef5584
							WHERE b.bot_id = $bot_id
ef5584
								AND u.user_id = b.user_id";
ef5584
						$result = $db->sql_query($sql);
ef5584
						$row = $db->sql_fetchrow($result);
ef5584
						$db->sql_freeresult($result);
ef5584
ef5584
						if (!$bot_row)
ef5584
						{
ef5584
							$error[] = $user->lang['NO_BOT'];
ef5584
						}
ef5584
						else
ef5584
						{
ef5584
							$bot_name = $row['username_clean'];
ef5584
						}
ef5584
					}
ef5584
					if (!$this->validate_botname($bot_row['bot_name'], $bot_name))
ef5584
					{
ef5584
						$error[] = $user->lang['BOT_NAME_TAKEN'];
ef5584
					}
ef5584
					
ef5584
					if (!sizeof($error))
ef5584
					{
ef5584
						// New bot? Create a new user and group entry
ef5584
						if ($action == 'add')
ef5584
						{
ef5584
							$sql = 'SELECT group_id, group_colour
ef5584
								FROM ' . GROUPS_TABLE . "
ef5584
								WHERE group_name = 'BOTS'
ef5584
									AND group_type = " . GROUP_SPECIAL;
ef5584
							$result = $db->sql_query($sql);
ef5584
							$group_row = $db->sql_fetchrow($result);
ef5584
							$db->sql_freeresult($result);
ef5584
ef5584
							if (!$group_row)
ef5584
							{
ef5584
								trigger_error($user->lang['NO_BOT_GROUP'] . adm_back_link($this->u_action . "&id=$bot_id&action=$action"), E_USER_WARNING);
ef5584
							}
ef5584
						
ef5584
ef5584
							$user_id = user_add(array(
ef5584
								'user_type'				=> (int) USER_IGNORE,
ef5584
								'group_id'				=> (int) $group_row['group_id'],
ef5584
								'username'				=> (string) $bot_row['bot_name'],
ef5584
								'user_regdate'			=> time(),
ef5584
								'user_password'			=> '',
ef5584
								'user_colour'			=> (string) $group_row['group_colour'],
ef5584
								'user_email'			=> '',
ef5584
								'user_lang'				=> (string) $bot_row['bot_lang'],
ef5584
								'user_style'			=> (int) $bot_row['bot_style'],
ef5584
								'user_allow_massemail'	=> 0,
ef5584
							));
ef5584
	
ef5584
							$sql = 'INSERT INTO ' . BOTS_TABLE . ' ' . $db->sql_build_array('INSERT', array(
ef5584
								'user_id'		=> (int) $user_id,
ef5584
								'bot_name'		=> (string) $bot_row['bot_name'],
ef5584
								'bot_active'	=> (int) $bot_row['bot_active'],
ef5584
								'bot_agent'		=> (string) $bot_row['bot_agent'],
ef5584
								'bot_ip'		=> (string) $bot_row['bot_ip'])
ef5584
							);
ef5584
							$db->sql_query($sql);
ef5584
	
ef5584
							$log = 'ADDED';
ef5584
						}
ef5584
						else if ($bot_id)
ef5584
						{
ef5584
							$sql = 'SELECT user_id, bot_name
ef5584
								FROM ' . BOTS_TABLE . "
ef5584
								WHERE bot_id = $bot_id";
ef5584
							$result = $db->sql_query($sql);
ef5584
							$row = $db->sql_fetchrow($result);
ef5584
							$db->sql_freeresult($result);
ef5584
ef5584
							if (!$row)
ef5584
							{
ef5584
								trigger_error($user->lang['NO_BOT'] . adm_back_link($this->u_action . "&id=$bot_id&action=$action"), E_USER_WARNING);
ef5584
							}
ef5584
ef5584
							$sql_ary = array(
ef5584
								'user_style'	=> (int) $bot_row['bot_style'],
ef5584
								'user_lang'		=> (string) $bot_row['bot_lang'],
ef5584
							);
ef5584
ef5584
							if ($bot_row['bot_name'] !== $row['bot_name'])
ef5584
							{
ef5584
								$sql_ary['username'] = (string) $bot_row['bot_name'];
ef5584
								$sql_ary['username_clean'] = (string) utf8_clean_string($bot_row['bot_name']);
ef5584
							}
ef5584
ef5584
							$sql = 'UPDATE ' . USERS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . " WHERE user_id = {$row['user_id']}";
ef5584
							$db->sql_query($sql);
ef5584
ef5584
							$sql = 'UPDATE ' . BOTS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', array(
ef5584
								'bot_name'		=> (string) $bot_row['bot_name'],
ef5584
								'bot_active'	=> (int) $bot_row['bot_active'],
ef5584
								'bot_agent'		=> (string) $bot_row['bot_agent'],
ef5584
								'bot_ip'		=> (string) $bot_row['bot_ip'])
ef5584
							) . " WHERE bot_id = $bot_id";
ef5584
							$db->sql_query($sql);
ef5584
ef5584
							// Updated username?
ef5584
							if ($bot_row['bot_name'] !== $row['bot_name'])
ef5584
							{
ef5584
								user_update_name($row['bot_name'], $bot_row['bot_name']);
ef5584
							}
ef5584
ef5584
							$log = 'UPDATED';
ef5584
						}
ef5584
						
ef5584
						$cache->destroy('_bots');
ef5584
						
ef5584
						add_log('admin', 'LOG_BOT_' . $log, $bot_row['bot_name']);
ef5584
						trigger_error($user->lang['BOT_' . $log] . adm_back_link($this->u_action));
ef5584
					
ef5584
					}
ef5584
				}
ef5584
				else if ($bot_id)
ef5584
				{
ef5584
					$sql = 'SELECT b.*, u.user_lang, u.user_style
ef5584
						FROM ' . BOTS_TABLE . ' b, ' . USERS_TABLE . " u
ef5584
						WHERE b.bot_id = $bot_id
ef5584
							AND u.user_id = b.user_id";
ef5584
					$result = $db->sql_query($sql);
ef5584
					$bot_row = $db->sql_fetchrow($result);
ef5584
					$db->sql_freeresult($result);
ef5584
ef5584
					if (!$bot_row)
ef5584
					{
ef5584
						trigger_error($user->lang['NO_BOT'] . adm_back_link($this->u_action . "&id=$bot_id&action=$action"), E_USER_WARNING);
ef5584
					}
ef5584
ef5584
					$bot_row['bot_lang'] = $bot_row['user_lang'];
ef5584
					$bot_row['bot_style'] = $bot_row['user_style'];
ef5584
					unset($bot_row['user_lang'], $bot_row['user_style']);
ef5584
				}
ef5584
ef5584
				$s_active_options = '';
ef5584
				$_options = array('0' => 'NO', '1' => 'YES');
ef5584
				foreach ($_options as $value => $lang)
ef5584
				{
ef5584
					$selected = ($bot_row['bot_active'] == $value) ? ' selected="selected"' : '';
ef5584
					$s_active_options .= '<option value="' . $value . '"' . $selected . '>' . $user->lang[$lang] . '</option>';
ef5584
				}
ef5584
ef5584
				$style_select = style_select($bot_row['bot_style'], true);
ef5584
				$lang_select = language_select($bot_row['bot_lang']);
ef5584
ef5584
				$l_title = ($action == 'edit') ? 'EDIT' : 'ADD';
ef5584
ef5584
				$template->assign_vars(array(
ef5584
					'L_TITLE'		=> $user->lang['BOT_' . $l_title],
ef5584
					'U_ACTION'		=> $this->u_action . "&id=$bot_id&action=$action",
ef5584
					'U_BACK'		=> $this->u_action,
ef5584
					'ERROR_MSG'		=> (sizeof($error)) ? implode('
', $error) : '',
ef5584
					
ef5584
					'BOT_NAME'		=> $bot_row['bot_name'],
ef5584
					'BOT_IP'		=> $bot_row['bot_ip'],
ef5584
					'BOT_AGENT'		=> $bot_row['bot_agent'],
ef5584
					
ef5584
					'S_EDIT_BOT'		=> true,
ef5584
					'S_ACTIVE_OPTIONS'	=> $s_active_options,
ef5584
					'S_STYLE_OPTIONS'	=> $style_select,
ef5584
					'S_LANG_OPTIONS'	=> $lang_select,
ef5584
					'S_ERROR'			=> (sizeof($error)) ? true : false,
ef5584
					)
ef5584
				);
ef5584
ef5584
				return;
ef5584
ef5584
			break;
ef5584
		}
ef5584
ef5584
		$s_options = '';
ef5584
		$_options = array('activate' => 'BOT_ACTIVATE', 'deactivate' => 'BOT_DEACTIVATE', 'delete' => 'DELETE');
ef5584
		foreach ($_options as $value => $lang)
ef5584
		{
ef5584
			$s_options .= '<option value="' . $value . '">' . $user->lang[$lang] . '</option>';
ef5584
		}
ef5584
ef5584
		$template->assign_vars(array(
ef5584
			'U_ACTION'		=> $this->u_action,
ef5584
			'S_BOT_OPTIONS'	=> $s_options)
ef5584
		);
ef5584
ef5584
		$sql = 'SELECT b.bot_id, b.bot_name, b.bot_active, u.user_lastvisit
ef5584
			FROM ' . BOTS_TABLE . ' b, ' . USERS_TABLE . ' u
ef5584
			WHERE u.user_id = b.user_id
ef5584
			ORDER BY u.user_lastvisit DESC, b.bot_name ASC';
ef5584
		$result = $db->sql_query($sql);
ef5584
ef5584
		while ($row = $db->sql_fetchrow($result))
ef5584
		{
ef5584
			$active_lang = (!$row['bot_active']) ? 'BOT_ACTIVATE' : 'BOT_DEACTIVATE';
ef5584
			$active_value = (!$row['bot_active']) ? 'activate' : 'deactivate';
ef5584
ef5584
			$template->assign_block_vars('bots', array(
ef5584
				'BOT_NAME'		=> $row['bot_name'],
ef5584
				'BOT_ID'		=> $row['bot_id'],
ef5584
				'LAST_VISIT'	=> ($row['user_lastvisit']) ? $user->format_date($row['user_lastvisit']) : $user->lang['BOT_NEVER'],
ef5584
ef5584
				'U_ACTIVATE_DEACTIVATE'	=> $this->u_action . "&id={$row['bot_id']}&action=$active_value",
ef5584
				'L_ACTIVATE_DEACTIVATE'	=> $user->lang[$active_lang],
ef5584
				'U_EDIT'				=> $this->u_action . "&id={$row['bot_id']}&action=edit",
ef5584
				'U_DELETE'				=> $this->u_action . "&id={$row['bot_id']}&action=delete")
ef5584
			);
ef5584
		}
ef5584
		$db->sql_freeresult($result);
ef5584
	}
ef5584
	
ef5584
	/**
ef5584
	* Validate bot name against username table
ef5584
	*/
ef5584
	function validate_botname($newname, $oldname = false)
ef5584
	{
ef5584
		global $db;
ef5584
ef5584
		if ($oldname && utf8_clean_string($newname) === $oldname)
ef5584
		{
ef5584
			return true;
ef5584
		}
ef5584
ef5584
		// Admins might want to use names otherwise forbidden, thus we only check for duplicates.
ef5584
		$sql = 'SELECT username
ef5584
			FROM ' . USERS_TABLE . "
ef5584
			WHERE username_clean = '" . $db->sql_escape(utf8_clean_string($newname)) . "'";
ef5584
		$result = $db->sql_query($sql);
ef5584
		$row = $db->sql_fetchrow($result);
ef5584
		$db->sql_freeresult($result);
ef5584
		
ef5584
		return ($row) ? false : true;
ef5584
	}
ef5584
}
ef5584
ef5584
?>