[BETA] MOD Ban_cookie: Ban users with a cookie

A place for MOD Authors to post and receive feedback on MODs still in development. No MODs within this forum should be used within a live environment! No new topics are allowed in this forum.
Forum rules
READ: phpBB.com Board-Wide Rules and Regulations

IMPORTANT: MOD Development Forum rules

On February 1, 2009 this forum will be set to read only as part of retiring of phpBB2.
User avatar
jvini
Registered User
Posts: 300
Joined: Tue Sep 24, 2002 11:20 pm
Contact:

Post by jvini »

Merlin Sythove wrote:
jvini wrote:
Merlin Sythove wrote:My guess with a blank page is that you are missing a brace somewhere resulting in no more code being executed on that page, i.e. a blank page.

Still having problems....I tried it on a testvanilla phpBB 2.0.18, still not working. The board is here.. Some kind of parse error at the start of the mod. Here's sessions.php. Any ideas?


Give me the exact error message, that is more helpful.

Blank page with this on it:
Parse error: syntax error, unexpected T_STRING in /home2/cardhang/public_html/phpBB2/includes/sessions.php on line 134


Thanks.
Merlin Sythove
Registered User
Posts: 2339
Joined: Tue Mar 16, 2004 7:42 am

Post by Merlin Sythove »

This is MY code around line 134 of sessions.php, check if your code looks similar, IF SO, make sure it is exactly the same:

Code: Select all

		$sql = 'SELECT *
			FROM ' . USERS_TABLE . '
			WHERE user_id = ' . (int) $user_id;
		if (!($result = $db->sql_query($sql)))
		{
			message_die(CRITICAL_ERROR, 'Error doing DB query userdata row fetch', '', __LINE__, __FILE__, $sql);
		}
You probably missed a quote or semi-colon.
User avatar
jvini
Registered User
Posts: 300
Joined: Tue Sep 24, 2002 11:20 pm
Contact:

Post by jvini »

Merlin Sythove wrote: This is MY code around line 134 of sessions.php, check if your code looks similar, IF SO, make sure it is exactly the same:

Code: Select all

		$sql = 'SELECT *
			FROM ' . USERS_TABLE . '
			WHERE user_id = ' . (int) $user_id;
		if (!($result = $db->sql_query($sql)))
		{
			message_die(CRITICAL_ERROR, 'Error doing DB query userdata row fetch', '', __LINE__, __FILE__, $sql);
		}
You probably missed a quote or semi-colon.

Ok, I realized that I was actually running 2.0.15 on that test board (it was an old one). So I upgraded up to 2.0.18, but I'm still getting an error, this time just on a different line:
Parse error: syntax error, unexpected T_STRING in /home2/cardhang/public_html/phpBB2/includes/sessions.php on line 150


Which is the start of the mod...any ideas?

Thanks!
Merlin Sythove
Registered User
Posts: 2339
Joined: Tue Mar 16, 2004 7:42 am

Post by Merlin Sythove »

Yes, exactly the same idea as I said above: in order to evaluate a parse error, I need the code around that line in YOUR board. I gave you my code, but if you don't use that to verify your own, you have to give me something else to work with.
User avatar
jvini
Registered User
Posts: 300
Joined: Tue Sep 24, 2002 11:20 pm
Contact:

Post by jvini »

Merlin Sythove wrote: Yes, exactly the same idea as I said above: in order to evaluate a parse error, I need the code around that line in YOUR board. I gave you my code, but if you don't use that to verify your own, you have to give me something else to work with.

Sorry, here are the lines around 150 (140-160).

Code: Select all

		$userdata = $db->sql_fetchrow($result);
		$db->sql_freeresult($result);
	}

	//
	// Initial ban check against user id, IP and email address
	//
	preg_match('/(..)(..)(..)(..)/', $user_ip, $user_ip_parts);


  //START MOD Ban_cookie 
  //Give banned users a cookie and check that too, in addition to the existing checks. 
  //Once the cookie is in place: if it matches the database, the user is banned, 
  //even if the user gets another IP or is not logged in so the user ID is unknown. 

  //Get cookie ban settings. 
  $ban_cookie = ''; 
  $banned_id = isset($HTTP_COOKIE_VARS[$board_config['cookie_name'].'_banned_id']) ? $HTTP_COOKIE_VARS[$board_config['cookie_name'].'_banned_id'] : ''; 
  $banned_ip = isset($HTTP_COOKIE_VARS[$board_config['cookie_name'].'_banned_ip']) ? $HTTP_COOKIE_VARS[$board_config['cookie_name'].'_banned_ip'] : ''; 
  
  //Yes, cookie ban settings were there. See if they match the database. 
  //If not, delete cookie. 
  if ($banned_ip || $banned_id)
Let me know if you see anything...thanks.
User avatar
tomharrybill
Registered User
Posts: 35
Joined: Sat May 21, 2005 11:29 pm

Post by tomharrybill »

What if they delete their cookies?
Merlin Sythove
Registered User
Posts: 2339
Joined: Tue Mar 16, 2004 7:42 am

Post by Merlin Sythove »

No, sorry, your code looks fine to me.
Merlin Sythove
Registered User
Posts: 2339
Joined: Tue Mar 16, 2004 7:42 am

Post by Merlin Sythove »

tomharrybill wrote: What if they delete their cookies?


Answered:
http://www.phpbb.com/phpBB/viewtopic.ph ... 27#1832627
User avatar
jvini
Registered User
Posts: 300
Joined: Tue Sep 24, 2002 11:20 pm
Contact:

Post by jvini »

Merlin Sythove wrote: No, sorry, your code looks fine to me.

Hmmm...weird. Do you happen to have a vanilla sessions.php with this mod installed, and you're sure it works? Just wondering...if you do, can you just PM me the code so I can check it out. Thanks.

This is a little weird. :?
Merlin Sythove
Registered User
Posts: 2339
Joined: Tue Mar 16, 2004 7:42 am

Post by Merlin Sythove »

This is my code block:

Original:

Code: Select all

	// Initial ban check against user id, IP and email address
	//
	preg_match('/(..)(..)(..)(..)/', $user_ip, $user_ip_parts);
New code after that:

Code: Select all

  //START MOD Ban_cookie
  //Give banned users a cookie and check that too, in addition to the existing checks.
  //Once the cookie is in place: if it matches the database, the user is banned,
  //even if the user gets another IP or is not logged in so the user ID is unknown.

  //Get cookie ban settings.
  $ban_cookie = '';
  $banned_id = isset($HTTP_COOKIE_VARS[$board_config['cookie_name'].'_bn_id']) ? $HTTP_COOKIE_VARS[$board_config['cookie_name'].'_bn_id'] : '';
  $banned_ip = isset($HTTP_COOKIE_VARS[$board_config['cookie_name'].'_bn_ip']) ? $HTTP_COOKIE_VARS[$board_config['cookie_name'].'_bn_ip'] : '';
  
  //Yes, cookie ban settings were there. See if they match the database. 
  //If not, delete cookie.
  if ($banned_ip || $banned_id)
  {
    $sql = "SELECT *
    	FROM " . BANLIST_TABLE . "
  		WHERE ";
      $sql .= ($banned_ip) ? " ban_ip = '" . $banned_ip . "'" : '';
      $sql .= ($banned_id) ? ($banned_ip ? ' OR ' : '') . ' ban_userid = ' . $banned_id : '';
  	if ( !($result = $db->sql_query($sql)) )
  	{
  		message_die(CRITICAL_ERROR, 'Could not obtain ban information', '', __LINE__, __FILE__, $sql);
  	}
  	if ( $ban_info = $db->sql_fetchrow($result) )	  
    {
      $ban_cookie =  ( $ban_info['ban_ip'] || $ban_info['ban_userid']);
  	}
    //There was a cookie but no match in the database, so the ban is lifted: 
    //delete the cookie by setting the expiry time 1 hour ago	
    if (! $ban_cookie) 
    {
      if ($banned_ip) setcookie($board_config['cookie_name'].'_bn_ip',$banned_ip, time()-3600);
      if ($banned_id) setcookie($board_config['cookie_name'].'_bn_id',$banned_id, time()-3600);
  	}
  }	
  //Have $ban_cookie, if not empty, the user is banned via a cookie. 
  //If empty, then there was no cookie, or there was no LONGER a database match so the cookie was deleted

  //Check if there is database ban info - this is roughly the original ban code
  $ban_database = '';
	$sql = "SELECT *
		FROM " . BANLIST_TABLE . "
		WHERE ban_ip IN ('" . $user_ip_parts[1] . $user_ip_parts[2] . $user_ip_parts[3] . $user_ip_parts[4] . "', '" . $user_ip_parts[1] . $user_ip_parts[2] . $user_ip_parts[3] . "ff', '" . $user_ip_parts[1] . $user_ip_parts[2] . "ffff', '" . $user_ip_parts[1] . "ffffff')
			OR ban_userid = $user_id";
	if ( $user_id != ANONYMOUS )
	{
		$sql .= " OR ban_email LIKE '" . str_replace("\'", "''", $userdata['user_email']) . "'
			OR ban_email LIKE '" . substr(str_replace("\'", "''", $userdata['user_email']), strpos(str_replace("\'", "''", $userdata['user_email']), "@")) . "'";
	}
	if ( !($result = $db->sql_query($sql)) )
	{
		message_die(CRITICAL_ERROR, 'Could not obtain ban information', '', __LINE__, __FILE__, $sql);
	}
	if ( $ban_info = $db->sql_fetchrow($result) )	  
  {
    $ban_database = ( $ban_info['ban_ip'] || $ban_info['ban_userid'] || $ban_info['ban_email'] );
    //Fill these variables from database if not filled from cookie yet
    if (! $banned_ip) $banned_ip = $ban_info['ban_ip'];
    if (! $banned_id) $banned_id = $ban_info['ban_userid']; 	
  }
  
  //User is banned in some way?
  if ($ban_cookie || $ban_database)
  {
    //Set the ban_cookie, time it for 1 year. The time restarts every time the user comes here
    if ($banned_ip) setcookie($board_config['cookie_name'].'_bn_ip',$banned_ip, time()+365*24*3600);
    if ($banned_id) setcookie($board_config['cookie_name'].'_bn_id',$banned_id, time()+365*24*3600);
    //Close the forum to this person
    message_die(CRITICAL_MESSAGE, 'You_been_banned');
  }
  //END MOD Ban_cookie
Continue with original code:

Code: Select all

 	//
	// Create or update the session
	//
	$sql = "UPDATE " . SESSIONS_TABLE . "
Please note that I changed the cookie names (slightly less obvious).
Merlin Sythove
Registered User
Posts: 2339
Joined: Tue Mar 16, 2004 7:42 am

Post by Merlin Sythove »

And no, I don't have a working phpBB board with just this mod installed, sorry.
User avatar
badboy4ever
Registered User
Posts: 177
Joined: Sat Jun 11, 2005 2:38 pm
Location: UK

Post by badboy4ever »

Wait Ive seen loads of people saying It dont work I have phpbb 2.0.18 will it work?

Image
User avatar
jvini
Registered User
Posts: 300
Joined: Tue Sep 24, 2002 11:20 pm
Contact:

Post by jvini »

Merlin Sythove, I never updated this...I still was unable to get it to work, same errors on vanilla phpBB 2.0.18. Thanks for your time and patience though, very much appreciated.

^To answer the user above, I personally wasn't able to get it to work under 2.0.18. My understanding is that others could though, so don't know.
Merlin Sythove
Registered User
Posts: 2339
Joined: Tue Mar 16, 2004 7:42 am

Post by Merlin Sythove »

badboy4ever wrote: Wait Ive seen loads of people saying It dont work I have phpbb 2.0.18 will it work?


It works fine on my own board which is 2.0.18 of course.
And since you only have to replace 1 block of code, it is soooooo easy to try.
Merlin Sythove
Registered User
Posts: 2339
Joined: Tue Mar 16, 2004 7:42 am

Post by Merlin Sythove »

jvini wrote: Merlin Sythove, I never updated this...I still was unable to get it to work, same errors on vanilla phpBB 2.0.18.


Please send me your sessions.php.
Post Reply

Return to “[2.0.x] MODs in Development”