' . $hesklang['banemail'] . '

' . $hesklang['sm_title'] . '

' . $hesklang['email_templates'] . '
' . $hesklang['statuses'] . '

123.0.0.0
123.0.0.1 - 123.0.0.53
123.0.0.0/24
123.0.*.*

= " . intval($hesk_settings['attempt_limit']) . " AND `last_attempt` > (NOW() - INTERVAL " . intval($hesk_settings['attempt_banmin']) . " MINUTE)"); $num = hesk_dbNumRows($res); echo '

' . $hesklang['iptemp'] . '

'; if ($num > 0) { ?> '; if ($can_unban) { echo ' '; } echo ''; } // End while ?>


' . $ban['ip'] . '	' . $ban['minutes'] . '

' . $hesklang['no_banips'] . '

'; } // Get banned ips from database $res = hesk_dbQuery('SELECT * FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'banned_ips` ORDER BY `ip_from` ASC'); $num = hesk_dbNumRows($res); echo '

' . $hesklang['ipperm'] . '

'; if ($num < 1) { echo '

' . $hesklang['no_banips'] . '

'; } else { // List of staff if (!isset($admins)) { $admins = array(); $res2 = hesk_dbQuery("SELECT `id`,`name` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users`"); while ($row = hesk_dbFetchAssoc($res2)) { $admins[$row['id']] = $row['name']; } } ?> '; if ($can_unban) { echo ' '; } echo ''; } // End while ?>


' . $ban['ip_display'] . '	' . (($ban['ip_to'] == $ban['ip_from']) ? long2ip($ban['ip_to']) : long2ip($ban['ip_from']) . ' - ' . long2ip($ban['ip_to'])) . '	' . (isset($admins[$ban['banned_by']]) ? $admins[$ban['banned_by']] : $hesklang['e_udel']) . '	' . $ban['dt'] . '

= 0 && $matches[4] <= 32) { list($ip_from, $ip_to) = hesk_cidr_to_range($ip); } // Not a valid input else { hesk_process_messages($hesklang['validbanip'], 'banned_ips.php'); } // Make sure we have valid ranges if ($ip_from < 0) { $ip_from += 4294967296; } elseif ($ip_from > 4294967296) { $ip_from = 4294967296; } if ($ip_to < 0) { $ip_to += 4294967296; } elseif ($ip_to > 4294967296) { $ip_to = 4294967296; } // Make sure $ip_to is not lower that $ip_from if ($ip_to < $ip_from) { $tmp = $ip_to; $ip_to = $ip_from; $ip_from = $tmp; } // Is this IP address already banned? $res = hesk_dbQuery("SELECT `id` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "banned_ips` WHERE {$ip_from} BETWEEN `ip_from` AND `ip_to` AND {$ip_to} BETWEEN `ip_from` AND `ip_to` LIMIT 1"); if (hesk_dbNumRows($res) == 1) { $_SESSION['ban_ip']['id'] = hesk_dbResult($res); $hesklang['ipbanexists'] = ($ip_to == $ip_from) ? sprintf($hesklang['ipbanexists'], long2ip($ip_to)) : sprintf($hesklang['iprbanexists'], long2ip($ip_from) . ' - ' . long2ip($ip_to)); hesk_process_messages($hesklang['ipbanexists'], 'banned_ips.php', 'NOTICE'); } // Delete any duplicate banned IP or ranges that are within the new banned range hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "banned_ips` WHERE `ip_from` >= {$ip_from} AND `ip_to` <= {$ip_to}"); // Delete temporary bans from logins table if ($ip_to == $ip_from) { hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "logins` WHERE `ip`='" . hesk_dbEscape($ip_display) . "' LIMIT 1"); } // Redirect either to banned ips or ticket page from now on $redirect_to = ($trackingID = hesk_cleanID()) ? 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . mt_rand(10000, 99999) : 'banned_ips.php'; // Insert the ip address into database hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "banned_ips` (`ip_from`,`ip_to`,`ip_display`,`banned_by`) VALUES ({$ip_from}, {$ip_to},'" . hesk_dbEscape($ip_display) . "','" . intval($_SESSION['id']) . "')"); // Remember ip that got banned $_SESSION['ban_ip']['id'] = hesk_dbInsertID(); // Generate success message $hesklang['ip_banned'] = ($ip_to == $ip_from) ? sprintf($hesklang['ip_banned'], long2ip($ip_to)) : sprintf($hesklang['ip_rbanned'], long2ip($ip_from) . ' - ' . long2ip($ip_to)); // Show success hesk_process_messages(sprintf($hesklang['ip_banned'], $ip), $redirect_to, 'SUCCESS'); } // End ban_ip() function unban_temp_ip() { global $hesk_settings, $hesklang; // A security check hesk_token_check(); // Get the ip $ip = preg_replace('/[^0-9\.\-\/\*]/', '', hesk_REQUEST('ip')); // Delete from bans hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "logins` WHERE `ip`='" . hesk_dbEscape($ip) . "' LIMIT 1"); // Show success hesk_process_messages($hesklang['ip_tempun'], 'banned_ips.php', 'SUCCESS'); } // End unban_temp_ip() function unban_ip() { global $hesk_settings, $hesklang; // A security check hesk_token_check(); // Delete from bans hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "banned_ips` WHERE `id`=" . intval(hesk_GET('id')) . " LIMIT 1"); // Redirect either to banned ips or ticket page from now on $redirect_to = ($trackingID = hesk_cleanID()) ? 'admin_ticket.php?track=' . $trackingID . '&Refresh=' . mt_rand(10000, 99999) : 'banned_ips.php'; // Show success hesk_process_messages($hesklang['ip_unbanned'], $redirect_to, 'SUCCESS'); } // End unban_ip() function hesk_cidr_to_range($cidr) { $range = array(); $cidr = explode('/', $cidr); $range[0] = (ip2long($cidr[0])) & ((-1 << (32 - (int)$cidr[1]))); $range[1] = (ip2long($cidr[0])) + pow(2, (32 - (int)$cidr[1])) - 1; return $range; } // END hesk_cidr_to_range() ?>