DAProgs/ipban199
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

2603.0 - First effort...

Browse Source
This commit is contained in:
DAProgs
2026-03-16 02:27:59 -04:00
parent c1b2c187e4
commit baed29d0fa
27 changed files with 2300 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
.gitignore vendored Normal file
View File

@@ -0,0 +1,4 @@
#Password files
config.php
conn.php

161
add_ip_bulk_frm.php Normal file
View File

@@ -0,0 +1,161 @@
<?php
//SECURE PAGE
session_start();
if (!isset( $_SESSION['user_id'] ) ) {
// Redirect them to the login page
header("Location: login.php");
}
?>
<?php
include('header.php');
?>
<script type="text/javascript">
//validate form
<!--
function verificare(form)
{
if(form.listtype.value == "") {
alert ("Please select one of the following actions: Blacklist or Whitelist");
form.button2.focus();
return false;
}
if(form.bulk.value == "") {
alert ("Please write a row for the IP entry");
form.bulk.focus();
return false;
}
}
-->
</script>
<script>
$(document).ready(function(){
var date_input=$('input[name="date"]'); //our date input has the name "date"
var container=$('.bootstrap-iso form').length>0 ? $('.bootstrap-iso form').parent() : "body";
var options={
format: 'yyyy-mm-dd',
container: container,
todayHighlight: true,
autoclose: true,
};
date_input.datepicker(options);
})
<script>
$(document).ready(function(){
var date_input=$('input[name="date2"]'); //our date input has the name "date"
var container=$('.bootstrap-iso form').length>0 ? $('.bootstrap-iso form').parent() : "body";
var options={
format: 'yyyy-mm-dd',
container: container,
todayHighlight: true,
autoclose: true,
};
date_input.datepicker(options);
})
</script>
<?php
include('topmenu.php');
include('conn.php');
include('functions.php');
?>
<?php
/*IP
adddate
enddate
type
reason
*/
?>
<div style="padding-left:20px">
<h2>Add IP to Blacklist / Whitelist in Bulk</h2>
<form name="ip" action="add_ip_bulk_save.php" method="POST" class="form-horizontal" onSubmit="return verificare(this);">
<div class="form-group">
<div class="row line10">
<div class="col-sm-2"></div>
<!--<div class="col-sm-10">
<p style='font-style: italic; color: #0084B4;'>* Enter date in the following format:<br>
ip value,type,enddate,reason<br>
e.g.: <b>195.54.99.53/24,1,20221125065600,Manual Add by Didier</b></p>
</div>-->
</div>
<div class="row line10">
<div class="col-sm-2"></div>
<div class="form-check form-check-inline col-sm-8">
<label class="form-check-label" for="button2" style="margin-right:20px">
<input class="form-check-input" type="radio" name="listtype" id="button2" value="b">
Blacklist
</label>
<label class="form-check-label" for="button3">
<input class="form-check-input" type="radio" name="listtype" id="button3" value="w">
Whitelist
</label>
</div>
<div class="form-check form-check-inline col-sm-2"></div>
</div>
<div class="row line10">
<label class="col-sm-2 control-label">Block IP for: </label>
<div class="col-sm-2">
Years<input name="years" type="text" placeholder="Blocked for Years" class="form-control">
</div>
<div class="col-sm-2">
Months<input name="months" type="text" placeholder="Blocked for Months" class="form-control">
</div>
<div class="col-sm-2">
Days<input name="days" type="text" placeholder="Blocked for Days" class="form-control">
</div>
<div class="col-sm-2">
&nbsp <label for="chkb" class="form-control">Permanent -> <input id="chkb" name="perm" type="checkbox" checked> ?</label>
</div>
</div>
<br>
<div class="row line10">
<label class="col-sm-2 control-label">Reason: </label>
<div class="col-sm-8"><input name="reason" type="text" placeholder="Enter Reason" class="form-control" ></div>
</div>
<br>
<div class="row line10">
<label class="col-sm-2 control-label">Type: </label>
<div class="col-sm-8">
<select class="form-control" name="type">
<?php
$sql_type="SELECT type,label FROM type WHERE status='1' ORDER BY type";
$sql_rez=mysqli_query($con,$sql_type);
while($row_type=mysqli_fetch_array($sql_rez)){
echo "<option value='".$row_type['type']."'>".$row_type['label']."</option>";
}
?>
</select>
<br>
</div>
</div>
<div class="row line10">
<label class="col-sm-2 control-label">Multiple IPs </label>
<div class="col-sm-8"><textarea name="bulk" placeholder="Enter IPs one per line" class="form-control" rows="10"></textarea>
</div>
</div>
<br>
<div class="row line10">
<div class="col-sm-2"></div>
<div class="col-sm-8">
<input type="submit" value="Save" class="btn btn-primary">
<input type="button" value="Cancel" class="btn btn-warning" onclick='window.location.href="<?php echo"add_ip_frm.php?"; ?>"'>
</div>
</div>
</div>
</form>
</div>
<?php
include('footer.php');
?>

140
add_ip_bulk_save.php Normal file
View File

@@ -0,0 +1,140 @@
<?php
session_start();
date_default_timezone_set("America/Montreal");
$_SESSION['rezult_msg']="";
$_SESSION['ret_link']="";
include('conn.php');
include('functions.php');
$now=date('YmdHis');
//DATA
//ip $ip
//adddate $adddate
//enddate $enddate
//reason $reason
//type $type
$insert_adddate=$now;
if(!empty($_POST['years'])&&isset($_POST['years'])){
$years=$_POST['years'];
}
else{
$years=0;
}
if(!empty($_POST['months'])&&isset($_POST['months'])){
$months=$_POST['months'];
}
else{
$months=0;
}
if(!empty($_POST['days'])&&isset($_POST['days'])){
$days=$_POST['days'];
}
else{
$days=0;
}
$enddate=$insert_adddate;
$enddate=add_days($enddate,$days);
$enddate=add_months($enddate,$months);
$enddate=add_years($enddate,$years);
if(!empty($_POST['perm'])&&isset($_POST['perm'])){
if($_POST['perm']=='on'){
$enddate='99999999999999';
}
}
if(!empty($_POST['reason'])&&isset($_POST['reason'])){
$reason=trim(addslashes($_POST['reason']));
}
else{
$reason="";
}
if(!empty($_POST['type'])&&isset($_POST['type'])||($_POST['type']==0)){
$type=$_POST['type'];
}
else{
$type="";
}
if(!empty($_POST['bulk'])&&isset($_POST['bulk'])){
$bulk=trim($_POST['bulk']);
}
else{
$bulk="";
}
if(!empty($_POST['listtype'])&&isset($_POST['listtype'])){
$tbl=$_POST['listtype'];
if($tbl=='b'){
$table_name="blacklist";
$list=0;
}
elseif($tbl=='w'){
$table_name="whitelist";
$list=1;
}
}
else{
$tbl="";
$table_name="";
}
if($tbl<>"" && $bulk<>""){
$bulk_array=explode("\r\n",$bulk);
$bulk_array=array_filter($bulk_array, 'trim');
$no_of_rows=count($bulk_array);
$dupes = 0;
$nodupes = 0;
for($i=0;$i<$no_of_rows;$i++){
$columns=explode(",",$bulk_array[$i]);
//print_r($columns);
$ip=$columns[0];
//verify if ip has /value
if(strpos($ip,"/")==false){
$ip=$ip."/32";
}
$sql_ins="INSERT INTO $table_name (ip,type,adddate,enddate,reason) VALUES ('$ip','$type','$now','$enddate','$reason')";
//echo $sql_ins;
//echo "<br>";
if(!mysqli_query($con,$sql_ins)){
// Ignore the error if it is a duplicate entry, just continue.
if(substr_compare(mysqli_error($con),"Duplicate",0,9,FALSE) !== 0) {
$_SESSION['rezult_msg']="There was an error while recording the row ".$i." in the database. Please try again.<br>".mysqli_error($con);
$_SESSION['ret_link']="add_ip_bulk_frm.php";
header("location:error.php?var=2");
return false;
}
else {
$dupes++;
}
}
else {
$nodupes++;
}
if($i==($no_of_rows-1)){
$sql_last_upd="UPDATE info SET last=$now WHERE list='$list'";
$rez_last_upd=mysqli_query($con,$sql_last_upd);
$_SESSION['rezult_msg']=" OK! ( " . $nodupes . " ) records were successfully added to the " . $table_name . " database. Ignored ( " . $dupes . " ) duplicates in ( " . $no_of_rows . " ) lines.";
$link="add_ip_bulk_frm.php";
header("location:$link?var=1");
return false;
}
}
}
else{
$_SESSION['rezult_msg']="There is insuficient information to be able to add records to the database. Please try again.<br>".mysqli_error($con);
$_SESSION['ret_link']="add_ip_bulk_frm.php";
header("location:error.php?var=2");
return false;
}
?>

133
add_ip_frm.php Normal file
View File

@@ -0,0 +1,133 @@
<?php
//SECURE PAGE
$PageLevel = 3;
//Do not edit below
session_start();
if (!isset( $_SESSION['user_id'] ) ) {
// Redirect them to the login page
header("Location: login.php");
}
$PageAccess=false;
if ($_SESSION['user']->level >= $PageLevel) {
$PageAccess=true;
}
?>
<?php
include('header.php');
if(!empty($_GET['tbl'])&&isset($_GET['tbl'])){
$tbl=$_GET['tbl'];
if($tbl=='b'){
$table_name='blacklist';
$page_title='Add IP to Blacklist';
}
elseif ($tbl=='w'){
$table_name='whitelist';
$page_title='Add IP to Whitelist';
}
}
else{
$tbl="";
}
?>
<script type="text/javascript">
//validate form
<!--
function verificare(form)
{
if(form.ip.value == "") {
alert ("Please write a value for the IP");
form.ip.focus();
return false;
}
if(form.type.value == -1) {
alert ("Please select a type for your entry");
form.type.focus();
return false;
}
}
-->
</script>
<?php
include('topmenu.php');
include('conn.php');
include('functions.php');
?>
<?php
if (!$PageAccess) {
?>
<div style="padding-left:20px">
<h2>You do not have sufficient rights to access this page.</h2>
</div>
<?php
die();
}
?>
<div style="padding-left:20px">
<h2><?php echo $page_title?></h2>
<form name="ip" action="add_ip_save.php" method="POST" class="form-horizontal" onSubmit="return verificare(this);">
<div class="form-group">
<div class="row line10">
<label class="col-sm-2 control-label">IP: </label>
<input type="hidden" name="tbl" value="<?php echo $table_name;?>">
<div class="col-sm-8"><input name="ip" type="text" placeholder="Enter IP" class="form-control">
</div>
</div>
<br>
<div class="row line10">
<label class="col-sm-2 control-label">Block IP for: </label>
<div class="col-sm-2">
Years<input name="years" type="text" placeholder="Blocked for Years" class="form-control">
</div>
<div class="col-sm-2">
Months<input name="months" type="text" placeholder="Blocked for Months" class="form-control">
</div>
<div class="col-sm-2">
Days<input name="days" type="text" placeholder="Blocked for Days" class="form-control">
</div>
<div class="col-sm-2">
&nbsp <label for="chkb" class="form-control">Permanent -> <input id="chkb" name="perm" type="checkbox" checked> ?</label>
</div>
</div>
<br>
<div class="row line10">
<label class="col-sm-2 control-label">Reason: </label>
<div class="col-sm-8"><input name="reason" type="text" placeholder="Enter Reason" class="form-control" ></div>
</div>
<br>
<div class="row line10">
<label class="col-sm-2 control-label">Type: </label>
<div class="col-sm-8">
<select class="form-control" name="type">
<?php
$sql_type="SELECT type,label FROM type WHERE status='1' ORDER BY type";
$sql_rez=mysqli_query($con,$sql_type);
while($row_type=mysqli_fetch_array($sql_rez)){
echo "<option value='".$row_type['type']."'>".$row_type['label']."</option>";
}
?>
</select>
<br>
</div>
</div>
<div class="row line10">
<div class="col-sm-2"></div>
<div class="col-sm-8">
<input type="submit" value="Save" class="btn btn-primary">
<input type="button" value="Cancel" class="btn btn-warning" onclick='window.location.href="<?php echo"add_ip_frm.php?"; ?>"'>
</div>
</div>
</div>
</form>
</div>
<?php
include('footer.php');
?>

120
add_ip_save.php Normal file
View File

@@ -0,0 +1,120 @@
<?php
session_start();
date_default_timezone_set("America/Montreal");
$_SESSION['rezult_msg']="";
$_SESSION['ret_link']="";
include('conn.php');
include('functions.php');
$now=date('YmdHis');
//DATA
//ip $ip
//adddate $adddate
//adddate_time $adddate_time
//years $years
//months $months
//days $days
//reason $reason
//type $type
if(!empty($_POST['ip'])&&isset($_POST['ip'])){
$ip=$_POST['ip'];
//verify if ip has /value
if(strpos($ip,"/")==false){
$ip=$ip."/32";
}
}
else{
$ip="";
}
if(!empty($_POST['tbl'])&&isset($_POST['tbl'])){
$table_name=$_POST['tbl'];
}
else{
$table_name="";
}
if($table_name=='blacklist'){
$list=0;
$tbl='b';
}
elseif($table_name=='whitelist'){
$list=1;
$tbl='w';
}
else{
$list="";
$tbl='';
}
$insert_adddate=$now;
if(!empty($_POST['years'])&&isset($_POST['years'])){
$years=$_POST['years'];
}
else{
$years=0;
}
if(!empty($_POST['months'])&&isset($_POST['months'])){
$months=$_POST['months'];
}
else{
$months=0;
}
if(!empty($_POST['days'])&&isset($_POST['days'])){
$days=$_POST['days'];
}
else{
$days=0;
}
$enddate=$insert_adddate;
$enddate=add_days($enddate,$days);
$enddate=add_months($enddate,$months);
$enddate=add_years($enddate,$years);
if(!empty($_POST['perm'])&&isset($_POST['perm'])){
if($_POST['perm']=='on'){
$enddate='99999999999999';
}
}
if(!empty($_POST['reason'])&&isset($_POST['reason'])){
$reason=trim(addslashes($_POST['reason']));
}
else{
$reason="";
}
if(!empty($_POST['type'])&&isset($_POST['type'])||($_POST['type']==0)){
$type=$_POST['type'];
}
else{
$type="";
}
$sql_ins="INSERT INTO $table_name (ip,type,adddate,enddate,reason) VALUES ('$ip','$type','$insert_adddate','$enddate','$reason')";
$sql_last_upd="UPDATE info SET last=$now WHERE list='$list'";
//echo $sql_ins;
//exit;
if(mysqli_query($con,$sql_ins)){
$rez_last_upd=mysqli_query($con,$sql_last_upd);
$_SESSION['rezult_msg']="IP successfully added to the database.";
$link="add_ip_frm.php";
echo $_SESSION['rezult_msg'];
header("location:$link?var=1&tbl=$tbl");
return false;
}
else{
$_SESSION['rezult_msg']="The value was not added to the database. Please try again.<br>".mysqli_error($con);
$_SESSION['ret_link']="add_ip_frm.php";
header("location:error.php?var=2&tbl=$tbl");
return false;
}
?>

174
add_type_frm.php Normal file
View File

@@ -0,0 +1,174 @@
<?php
//SECURE PAGE
session_start();
if (!isset( $_SESSION['user_id'] ) ) {
// Redirect them to the login page
header("Location: login.php");
}
?>
<?php
include('header.php');
?>
<script type="text/javascript">
//validate form
<!--
function verificare(form)
{
if(form.listtype.value == "") {
alert ("Please select one of the following actions: Blacklist or Whitelist");
form.button2.focus();
return false;
}
if(form.bulk.value == "") {
alert ("Please write a row for the IP entry");
form.bulk.focus();
return false;
}
}
-->
</script>
<?php
include('topmenu.php');
include('conn.php');
include('functions.php');
?>
<?php
//echo $_POST['edit'];
if(isset($_GET['tp']) && ($_GET['tp']<>'-1')){
$old_type=$_GET['tp'];
$sql_find_type="SELECT * FROM type WHERE type='$old_type'";
$rez_find_type=mysqli_query($con,$sql_find_type);
if(mysqli_num_rows($rez_find_type)==1){
//echo "here";
$rd_t=mysqli_fetch_array($rez_find_type);
$lbl=$rd_t['label'];
$stat=$rd_t['status'];
if($stat==1){
$status_sel_a="checked";
$status_sel_i="";
}
else{
$status_sel_a="";
$status_sel_i="checked";
}
}
else{
$type="";
$lbl="";
$stat="";
$status_sel_a="";
$status_sel_i="";
}
$update="yes";
}
else{
//echo "here 2";
$old_type="";
$lbl="";
$stat="";
$status_sel_a="";
$status_sel_i="";
$update="no";
}
?>
<div style="padding-left:20px">
<h2>Add /Edit Type of entry</h2>
<br>
<form name="ip" action="add_type_save.php" method="POST" class="form-horizontal" onSubmit="return verificare(this);">
<div class="form-group">
<div class="row line10">
<div class="col-sm-2">
<input type="hidden" name="action" value="<?php echo $update;?>">
<input type="hidden" name="old_type" value="<?php echo $old_type;?>">
</div>
<div class="form-check form-check-inline col-sm-8">
<label class="form-check-label" for="button2" style="margin-right:20px">
<input class="form-check-input" type="radio" name="status" id="button2" value="a" <?php echo "$status_sel_a";?> >
Active
</label>
<label class="form-check-label" for="button3">
<input class="form-check-input" type="radio" name="status" id="button3" value="i" <?php echo "$status_sel_i";?>>
Inactive
</label>
</div>
</div>
<div class="row line10">
<label class="col-sm-2 control-label">Type
</label>
<div class="col-sm-8">
<input name="type" type="text" placeholder="Enter numeric value for Type" class="form-control" value="<?php echo $old_type;?>"><br>
</div>
</div>
<div class="row line10">
<label class="col-sm-2 control-label">Label </label>
<div class="col-sm-8"><input name="label" type="text" placeholder="Enter label for Type - e.g. Manual entry" class="form-control" value="<?php echo $lbl;?>"><br>
</div>
</div>
<div class="row line10">
<div class="col-sm-2"></div>
<div class="col-sm-8">
<input type="submit" value="Save" class="btn btn-primary" name='save'>
<input type="button" value="Cancel" class="btn btn-warning" onclick='window.location.href="<?php echo"add_type_frm.php?"; ?>"'>
</div>
</div>
</div>
</form>
<?php
//display existing values in type table
$sql_type="SELECT * FROM type ORDER BY type ASC";
$rez_type=mysqli_query($con,$sql_type);
if(mysqli_num_rows($rez_type)>0){
echo "<div class='row line10'>
<div class='col-sm-2'>
</div>
<div class='col-sm-8'>
<div style='text-align:center'>";
echo "<div style='display:inline-block; width:100%'>";
echo "<form method='post'><table class='table table-condensed table-striped table-hover' style='text-align:left'>";
echo "<tr>
<th>Type</th>
<th>Label</th>
<th>Status</th>
<th>Edit</th>
</tr>";
while($rd_tp=mysqli_fetch_array($rez_type)){
echo "<tr>";
$tp=$rd_tp['type'];
echo "<td>".$rd_tp['type']."</td>";
echo "<td>".$rd_tp['label']."</td>";
if($rd_tp['status']==1){
echo "<td>Active</td>";
}
else{
echo "<td>Inactive</td>";
}
echo "<td><form><button type='button' class='btn btn-secondary btn-sm' onclick='window.location.href=\"add_type_frm.php?tp=$tp\";'><i class='fa fa-edit'></i></button></td>";
echo "</tr>";
}
echo "</form></table>";
echo "</div>
</div>";
}
?>
</div>
<?php
include('footer.php');
?>

83
add_type_save.php Normal file
View File

@@ -0,0 +1,83 @@
<?php
session_start();
date_default_timezone_set("America/Montreal");
$_SESSION['rezult_msg']="";
$_SESSION['ret_link']="";
include('conn.php');
//DATA
//ip $ip
//adddate $adddate
//enddate $enddate
//reason $reason
//type $type
if(!empty($_POST['old_type'])&&isset($_POST['old_type'])){
$old_type=trim($_POST['old_type']);
}
else{
$old_type="";
}
if(!empty($_POST['type'])&&isset($_POST['type'])){
$type=trim($_POST['type']);
}
else{
$type="";
}
if(!empty($_POST['label'])&&isset($_POST['label'])){
$label=trim(addslashes($_POST['label']));
}
else{
$label="";
}
if(!empty($_POST['status'])&&isset($_POST['status'])){
if($_POST['status']=='a'){
$status=1;
}
elseif($_POST['status']=='i'){
$status=0;
}
}
else{
$status="";
}
if(!empty($_POST['action'])&&isset($_POST['action'])){
$action=$_POST['action'];
}
else{
$action="";
}
if($action=="yes"){
$sql_action="UPDATE type SET type='$type', label='$label', status='$status' WHERE type='$old_type'";
}
elseif($action=="no"){
$sql_action="INSERT INTO type (type,label,status) VALUES ('$type','$label','$status')";
}
else{
$_SESSION['rezult_msg']="There is insuficient information to be able to add records to the database. Please try again.<br>".mysqli_error($con);
$_SESSION['ret_link']="add_type_frm.php";
header("location:error.php?var=2");
return false;
}
if(mysqli_query($con,$sql_action)){
$_SESSION['rezult_msg']="Type successfully added/updated to the database.";
$link="add_type_frm.php";
echo $_SESSION['rezult_msg'];
header("location:$link?var=1");
return false;
}
else{
$_SESSION['rezult_msg']="The value was not added/updated to the database. Please try again.<br>".mysqli_error($con);
$_SESSION['ret_link']="add_type_frm.php";
header("location:error.php?var=2");
return false;
}
?>

193
blacklist.php Normal file
View File

@@ -0,0 +1,193 @@
<?php
// https://www.daprogs.com/api/ipban199/blacklist.php?a=add&ip=192.168.2.0/24&type=1&date=20191025120000&reason=Hello%20There2
// https://www.daprogs.com/api/ipban199/blacklist.php?a=rem&ip=192.168.2.0/24
include('conn.php');
/*
if ((!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') || $_SERVER['SERVER_PORT'] == 443) {
//return true;
$ht=true;
}
else {
echo "Service only available via https!";
die();
}
*/
$SQL2 ="SELECT info.last FROM info WHERE info.list = 0";
$result2 = mysqli_query($con,$SQL2);
$UpdateDate2 = mysqli_fetch_array($result2);
$UpdateDate = $UpdateDate2['last'];
$dStamp = date_create_from_format ( 'YmdHis' , $UpdateDate );
$fStamp = $dStamp->format('D, d M Y H:i:s T');
$lMod = "Last-Modified: " . $fStamp;
header($lMod);
if($_SERVER['REQUEST_METHOD']=='HEAD') {
$con->close();
echo("Something to make php quit and return head..");
}
$dPart = date("YmdHis");
if(!isset($_GET["a"]))
{
$action = "display";
}
if(isset($_GET["a"]))
{
$action = strtolower($_GET["a"]);
}
if ($action == "display") {
//echo "; Expires: Sun, 29 Sep 2019 05:01:00 GMT";
//echo "\r\n";
$SQL ="SELECT blacklist.ip, blacklist.adddate, blacklist.reason FROM blacklist WHERE blacklist.adddate < ".$dPart." AND blacklist.enddate > ".$dPart." ORDER BY blacklist.ip ASC";
$result = mysqli_query($con,$SQL);
$num_rows = mysqli_num_rows($result);
header("Content-Type: text/plain");
echo "; https://www.home.daprogs.net/api/ipban199/blacklist.php";
echo "\r\n";
// echo "; DAProgs BlackList ".date("Y/m/d")." - (c) 2019 DAProgs.com";
echo "; DAProgs BlackList - (c) 2019 DAProgs.com";
echo "\r\n";
echo "; Last-Modified: ".$fStamp;
// echo "; Last-Modified: ".substr($UpdateDate,0,4)."/".substr($UpdateDate,4,2)."/".substr($UpdateDate,6,2)." ".substr($UpdateDate,8,2).":".substr($UpdateDate,10,2).":".substr($UpdateDate,12,2)." EST.";
echo "\r\n";
echo "; Blacklist contains ".$num_rows." elements.";
echo "\r\n";
while($row = mysqli_fetch_array($result))
{
echo $row['ip']." ; ".$row['reason']." - ".substr($row['adddate'],0,4)."/".substr($row['adddate'],4,2)."/".substr($row['adddate'],6,2)."";
echo "\r\n";
//echo $row['ip'];
//echo "\r\n";
}
mysqli_close($con);
//echo "";
//echo "\r\n";
}
elseif ($action == "add") {
if(!isset($_GET["ip"]))
{
die("Missing parameters 1.");
}
$ip = strtolower($_GET["ip"]);
if(!isset($_GET["type"]))
{
die("Missing parameters 2.");
}
$type = $_GET["type"];
if(!isset($_GET["date"]))
{
die("Missing parameters 3.");
}
$enddate = $_GET["date"];
if(!isset($_GET["reason"]))
{
die("Missing parameters 4.");
}
$reason = urldecode($_GET["reason"]);
$SQL ="INSERT INTO blacklist (ip, type, adddate, enddate, reason) VALUES ('".$ip."', ".$type.", ".$dPart.", ".$enddate.", '".$reason."')";
if ($con->query($SQL) === TRUE) {
$SQL = "UPDATE info SET last=".$dPart." WHERE list=0;";
$con->query($SQL);
echo "SUCCESS";
} else {
$SQL = "UPDATE blacklist SET enddate=".$enddate.", type=".$type.", reason='".$reason."' WHERE ip='".$ip."';";
if ($con->query($SQL) === TRUE) {
$SQL = "UPDATE info SET last=".$dPart." WHERE list=0;";
$con->query($SQL);
echo "SUCCESS UPDATE";
} else {
echo "Error: " . $SQL . "<br>" . $con->error;
}
}
$con->close();
}
elseif ($action == "log") {
//'50.238.150.110 [1C28] 09:12:06 Authentication [IMAP] - Result=1 User=miniservice@theautomaster.com Method=4
//'0 1 2 3 4 5 6 7 8
// time
// ip
// type
// sf
// account
if(!isset($_GET["ip"]))
{
die("Missing parameters 1.");
}
$ip = strtolower($_GET["ip"]);
if(!isset($_GET["date"]))
{
die("Missing parameters 2.");
}
$datetime = $_GET["date"];
if(!isset($_GET["sf"]))
{
die("Missing parameters 3.");
}
$sf = $_GET["sf"];
if(!isset($_GET["type"]))
{
die("Missing parameters 4.");
}
$logtype = $_GET["type"];
if(!isset($_GET["account"]))
{
die("Missing parameters 5.");
}
$account = urldecode($_GET["account"]);
$SQL ="INSERT INTO iplog (time, ip, type, sf, account) VALUES ('".$datetime."', '".$ip."', '".$logtype."', ".$sf.", '".$account."')";
if ($con->query($SQL) === TRUE) {
echo "SUCCESS";
} else {
echo "Error: " . $SQL . "<br>" . $con->error;
}
$con->close();
}
elseif ($action == "rem") {
if(!isset($_GET["ip"]))
{
die("Missing parameters 1.");
}
$ip = strtolower($_GET["ip"]);
$SQL ="DELETE FROM blacklist WHERE blacklist.ip = '".$ip."';";
if ($con->query($SQL) === TRUE) {
$SQL = "UPDATE info SET last=".$dPart." WHERE list=0;";
$con->query($SQL);
echo "SUCCESS";
} else {
echo "Error: " . $SQL . "<br>" . $con->error;
}
$con->close();
}
?>

58
delete.php Normal file
View File

@@ -0,0 +1,58 @@
<?php
session_start();
$_SESSION['rezult_msg']="";
$_SESSION['ret_link']="";
include('conn.php');
$now=date('YmdHis');
//DATA
//ip
if(!empty($_GET['ip'])&&isset($_GET['ip'])){
$ip=$_GET['ip'];
}
else{
$ip="";
}
if(!empty($_GET['tbl'])&&isset($_GET['tbl'])){
$tbl=$_GET['tbl'];
if($tbl=='b'){
$table_name='blacklist';
$list=0;
}
elseif ($tbl=='w'){
$table_name='whitelist';
$list=1;
}
}
else{
$tbl="";
}
if($tbl<>"" && $ip<>""){
$sql_del="DELETE FROM $table_name WHERE ip='$ip'";
$sql_last_upd="UPDATE info SET last=$now WHERE list='$list'";
if(mysqli_query($con,$sql_del)){
$_SESSION['rezult_msg']="IP successfully deleted in the database.";
$rez_last_upd=mysqli_query($con,$sql_last_upd);
echo $_SESSION['rezult_msg'];
$link="index.php?var=1";
header("location:$link");
return false;
}
else{
$_SESSION['rezult_msg']="The value was not deleted from the database. Please try again.<br>".mysqli_error($con);
$_SESSION['ret_link']="index.php";
header("location:error.php?var=2");
return false;
}
}
else{
$_SESSION['rezult_msg']="There are not enough parameters to erase the value from the database.";
$_SESSION['ret_link']="index.php";
header("location:error.php?var=2");
return false;
}
?>

130
edit_ip_frm.php Normal file
View File

@@ -0,0 +1,130 @@
<?php
include('header.php');
if(!empty($_GET['ip'])&&isset($_GET['ip'])){
$ip=$_GET['ip'];
}
else{
$ip="";
}
if(!empty($_GET['tbl'])&&isset($_GET['tbl'])){
$tbl=$_GET['tbl'];
if($tbl=='b'){
$table_name='blacklist';
}
elseif ($tbl=='w'){
$table_name='whitelist';
}
}
else{
$tbl="";
}
?>
<script type="text/javascript">
//validate form
<!--
function verificare(form)
{
if(form.ip.value == "") {
alert ("Please write a value for the IP");
form.ip.focus();
return false;
}
}
-->
</script>
<?php
include('topmenu.php');
include('conn.php');
include('functions.php');
$sql_all="SELECT * FROM $table_name WHERE ip='$ip'";
$rez_all=mysqli_query($con,$sql_all);
$rd_ip=mysqli_fetch_array($rez_all);
$adddate=$rd_ip['adddate'];
$display_adddate=print_datetime($adddate);
$enddate=$rd_ip['enddate'];
$display_enddate=print_datetime($enddate);
$reason=$rd_ip['reason'];
$type=$rd_ip['type'];
?>
<?php
/*IP
adddate
enddate
type
reason
*/
?>
<h2>Edit IP Info in <b><?php echo $table_name?></b> - <span style='color:#5A3FBA'><?php echo $ip; ?></span></h2>
<form name="ip" action="edit_ip_save.php" method="POST" class="form-horizontal" onSubmit="return verificare(this);">
<div class="form-group">
<div class="row line10">
<label class="col-sm-2 control-label">IP: </label>
<div class="col-sm-8"><input name="ip" type="text" placeholder="Enter IP" class="form-control" value="<?php echo $ip;?>">
<?php
echo "<input name='tbl' type='hidden' value='$table_name'>";
echo "<input name='old_ip' type='hidden' value='$ip'>";
?>
</div>
</div>
<br>
<div class="row line10">
<label class="col-sm-2 control-label">Add Date: </label>
<div class="col-sm-8"><input name="adddate" type="text" placeholder="Select Add Date" class="form-control" value="<?php echo $display_adddate;?>"></div>
</div>
<br>
<div class="row line10">
<label class="col-sm-2 control-label">End Date: </label>
<div class="col-sm-8"><input name="enddate" type="text" placeholder="Select End Date" class="form-control" value="<?php echo $display_enddate;?>"></div>
</div>
<br>
<div class="row line10">
<label class="col-sm-2 control-label">Reason: </label>
<div class="col-sm-8"><input name="reason" type="text" placeholder="Enter Reason" class="form-control" value="<?php echo $reason;?>"></div>
</div>
<br>
<div class="row line10">
<label class="col-sm-2 control-label">Type: </label>
<div class="col-sm-8">
<select class="form-control" name="type">
<option value="-1">- Search by Type -</option>
<?php
$sql_type="SELECT type,label FROM type WHERE status='1' ORDER BY type";
$sql_rez=mysqli_query($con,$sql_type);
while($row_type=mysqli_fetch_array($sql_rez)){
if($row_type['type']==$type){
echo "<option value='".$row_type['type']."' selected>".$row_type['label']."</option>";
}
else{
echo "<option value='".$row_type['type']."'>".$row_type['label']."</option>";
}
}
?>
</select>
<br>
</div>
</div>
<div class="row line10">
<div class="col-sm-2"></div>
<div class="col-sm-8">
<input type="submit" value="Save" class="btn btn-primary">
<input type="button" value="Cancel" class="btn btn-warning" onclick='window.location.href="<?php echo"index.php"; ?>"'>
</div>
</div>
</div>
</form>
<?php
include('footer.php');
?>

96
edit_ip_save.php Normal file
View File

@@ -0,0 +1,96 @@
<?php
session_start();
date_default_timezone_set("America/Montreal");
$_SESSION['rezult_msg']="";
$_SESSION['ret_link']="";
include('conn.php');
include('functions.php');
$now=date('YmdHis');
//DATA
//ip $ip
//adddate $adddate
//enddate $enddate
//reason $reason
//type $type
if(!empty($_POST['old_ip'])&&isset($_POST['old_ip'])){
$old_ip=$_POST['old_ip'];
}
else{
$old_ip="";
}
if(!empty($_POST['ip'])&&isset($_POST['ip'])){
$ip=$_POST['ip'];
}
else{
$ip="";
}
if(!empty($_POST['tbl'])&&isset($_POST['tbl'])){
$table_name=$_POST['tbl'];
}
else{
$table_name="";
}
if($table_name=='blacklist'){
$list=1;
}
elseif($table_name=='whitelist'){
$list=0;
}
else{
$list="";
}
if(!empty($_POST['adddate'])&&isset($_POST['adddate'])){
$adddate=$_POST['adddate'];
$update_adddate=datetodigits($adddate);
}
else{
$update_adddate="00000000000000";
}
if(!empty($_POST['enddate'])&&isset($_POST['enddate'])){
$enddate=$_POST['enddate'];
$update_enddate=datetodigits($enddate);
}
else{
$update_enddate="00000000000000";
}
if(!empty($_POST['reason'])&&isset($_POST['reason'])){
$reason=trim(addslashes($_POST['reason']));
}
else{
$reason="";
}
if(!empty($_POST['type'])&&isset($_POST['type'])||($_POST['type']==0)){
$type=$_POST['type'];
}
else{
$type="-1";
}
$sql_upd="UPDATE $table_name
SET ip='$ip', adddate='$update_adddate', enddate='$update_enddate', reason='$reason', type='$type'
WHERE ip='$old_ip'";
$sql_last_upd="UPDATE info SET last=$now WHERE list='$list'";
if(mysqli_query($con,$sql_upd)){
$rez_last_upd=mysqli_query($con,$sql_last_upd);
$_SESSION['rezult_msg']="IP successfully updated in the database.";
$link="index.php";
echo $_SESSION['rezult_msg'];
header("location:$link?var=1");
return false;
}
else{
$_SESSION['rezult_msg']="The value was not updated in the database. Please try again.<br>".mysqli_error($con);
$_SESSION['ret_link']="search_db.php?";
header("location:error.php?var=2");
return false;
}
?>

11
error.php Normal file
View File

@@ -0,0 +1,11 @@
<?php
include('header.php');
include('topmenu.php');
?>
<h2>Error</h2>
<p><a href="<?php echo $_SESSION['ret_link']?>">Return</a></p>
</div>
<?php
include('footer.php');
?>

38
export.php Normal file
View File

@@ -0,0 +1,38 @@
<?php
// output headers so that the file is downloaded rather than displayed
include('conn.php');
date_default_timezone_set("America/Montreal");
$datetime=date('Ymdhis');
header('Content-Type: text/csv; charset=utf-8');
if (isset($_POST['sql_find_b'])&&!empty($_POST['sql_find_b'])){
$sql_find=$_POST['sql_find_b'];
header("Content-Disposition: attachment; filename=ipban_blacklist_".$datetime.".csv");
}
elseif (isset($_POST['sql_find_w'])&&!empty($_POST['sql_find_w'])){
$sql_find=$_POST['sql_find_w'];
header("Content-Disposition: attachment; filename=ipban_whitelist_".$datetime.".csv");
}
else{
$_SESSION['ret_link']="index.php";
$_SESSION['rezult_msg']="There aren't any values available to export.";
header("location:index.php?var=2");
return false;
}
//echo $sql_find;
//exit;
// create a file pointer connected to the output stream
$output = fopen('php://output', 'w');
// output the column headings
fputcsv($output, array('IP','Type','Add Date','End Date','Reason','Type-Label'));
// fetch the data
$sql_rez = mysqli_query($con,$sql_find);
// loop over the rows, outputting them
while ($row = mysqli_fetch_assoc($sql_rez)) fputcsv($output, $row);
?>

2
footer.php Normal file
View File

@@ -0,0 +1,2 @@
</body>
</html>

60
functions.php Normal file
View File

@@ -0,0 +1,60 @@
<?php
function print_datetime($datestring){
$display_datetime=substr($datestring,0,4)."/".substr($datestring,4,2)."/".substr($datestring,6,2)." ".substr($datestring,8,2).":".substr($datestring,10,2).":".substr($datestring,12,2);
return $display_datetime;
}
function extract_date($datestring){
$dateonly=substr($datestring,0,4)."/".substr($datestring,4,2)."/".substr($datestring,6,2);
return $dateonly;
}
function datedigits($datestring){
$datedig=substr($datestring,0,8);
return $datedig;
}
function extract_time($datestring){
$timeonly=substr($datestring,8,2).":".substr($datestring,10,2).":".substr($datestring,12,2);
return $timeonly;
}
function timedigits($datestring){
$timedig=substr($datestring,8,14);
return $timedig;
}
function add_days($datestring,$no_of_days){
$datedig=datedigits($datestring);
$timedig=timedigits($datestring);
$newdate=date('Ymd',strtotime($datedig.' + '.$no_of_days.' days')).$timedig;
return $newdate;
}
function add_months($datestring,$no_of_month){
$datedig=datedigits($datestring);
$timedig=timedigits($datestring);
$newdate=date('Ymd',strtotime($datedig.' + '.$no_of_month.' month')).$timedig;
return $newdate;
}
function add_years($datestring,$no_of_yrs){
$datedig=datedigits($datestring);
$timedig=timedigits($datestring);
$newdate=date('Ymd',strtotime($datedig.' + '.$no_of_yrs.' year')).$timedig;
return $newdate;
}
function datetodigits($formdate){
$alldigits=array("0","1","2","3","4","5","6","7","8","9");
$length=strlen($formdate);
$digitdate="";
for($i=0;$i<$length;$i++){
$digit=substr($formdate,$i,1);
if (in_array($digit,$alldigits)){
$digitdate=$digitdate.$digit;
}
}
return $digitdate;
}
?>

36
header.php Normal file
View File

@@ -0,0 +1,36 @@
<?php
session_start();
if ((!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') || $_SERVER['SERVER_PORT'] == 443) {
//return true;
$ht=true;
}
/*
else {
echo "Service only available via https!";
die();
}
*/
if(!isset($_SESSION['rezult_msg'])||($_SESSION['rezult_msg']==null)){
$_SESSION['rezult_msg']="";
}
date_default_timezone_set("America/Montreal");
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>DAProgs.net IP whitelist/backlist</title>
<!-- Latest compiled and minified CSS -->
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css">
<!-- jQuery library -->
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script>
<!-- Latest compiled JavaScript -->
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js"></script>
<!-- Bootstrap Date-Picker Plugin -->
<script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/bootstrap-datepicker/1.4.1/js/bootstrap-datepicker.min.js"></script>
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/bootstrap-datepicker/1.4.1/css/bootstrap-datepicker3.css"/>
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css">
<link rel="stylesheet" type="text/css" href="stil.css">
<meta name="viewport" content="width=device-width, initial-scale=1">

BIN
img/bg.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 78 KiB

BIN
img/bg_txt.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 81 KiB

178
index.php Normal file
View File

@@ -0,0 +1,178 @@
<?php
session_start();
if (!isset( $_SESSION['user_id'] ) ) {
// Redirect them to the login page
header("Location: login.php");
}
?>
<?php
include('header.php');
?>
<script>
$(document).ready(function(){
var date_input=$('input[name="date"]'); //our date input has the name "date"
var container=$('.bootstrap-iso form').length>0 ? $('.bootstrap-iso form').parent() : "body";
var options={
format: 'yyyy-mm-dd',
container: container,
todayHighlight: true,
autoclose: true,
};
date_input.datepicker(options);
})
</script>
<?php
include('topmenu.php');
include('conn.php');
include('functions.php');
?>
<div class="container" style="width:100%; padding-left:20px; padding-right:20px">
<h2>Find IP records</h2>
<form name="search_form" action="search_db.php" method="POST">
<div class="form-group">
<div class="row line10">
<div class="form-check form-check-inline col-sm-2">
</div>
<div class="form-check form-check-inline col-sm-3">
<label class="form-check-label" for="button1">
<input class="form-check-input" type="radio" name="listtype" id="button1" value="a" checked>
All
</label>
</div>
<div class="form-check form-check-inline col-sm-3">
<label class="form-check-label" for="button2">
<input class="form-check-input" type="radio" name="listtype" id="button2" value="b">
Blacklist
</label>
</div>
<div class="form-check form-check-inline col-sm-3">
<label class="form-check-label" for="button3">
<input class="form-check-input" type="radio" name="listtype" id="button3" value="w">
Whitelist
</label>
</div>
</div>
<div class="row line10">
<div class="col-sm-2">
</div>
<div class="col-sm-10">
<input name="IP" type="text" placeholder="Search by IP" class="form-control"><br>
</div>
</div>
<div class="row line10">
<div class="col-sm-2">
</div>
<div class="col-sm-10">
<select class="form-control" name="type">
<option value='-1' selected>- Search by Type -</option>
<?php
$sql_type="SELECT type,label FROM type WHERE status='1' ORDER BY type";
$sql_rez=mysqli_query($con,$sql_type);
while($row_type=mysqli_fetch_array($sql_rez)){
echo "<option value='".$row_type['type']."'>".$row_type['label']."</option>";
}
?>
</select>
<br>
</div>
</div>
<div class="row line10">
<div class="col-sm-2">
</div>
<div class="col-sm-10">
<input name="date" id='date' type="text" placeholder="Search by Date" class="form-control"><br>
</div>
</div>
<div class="row line10">
<div class="col-sm-2">
</div>
<div class="col-sm-10">
<button type="submit" class="btn btn-primary" style="width:100%"><i class="fa fa-search"></i> Search</button>
</div>
</div>
</form>
<div class="row line10">
<div class="col-sm-10" style="margin-top:20px">
<h3>Last 20 Entries</h3>
</div>
</div>
<div class="row line10">
<div class="col-sm-2">
</div>
<div class="col-sm-5">
<label> Whitelist</label>
<?php
$sql_w="SELECT ip,reason,enddate FROM whitelist ORDER BY adddate DESC LIMIT 20";
$rez_w=mysqli_query($con,$sql_w);
echo "<div style='text-align:center'>";
echo "<div style='display:inline-block; width:95%'>";
echo "<table class='table table-condensed table-striped table-hover' style='text-align:left'>";
echo "<tr>
<th>IP</th>
<th>End Date</th>
<th>Reason</th>
</tr>";
while($rd_w=mysqli_fetch_array($rez_w)){
echo "<tr>";
if($rd_w['enddate']=='99999999999999') {
$enddate='<B>Permanent</B>';
}
else
{
$enddate=print_datetime($rd_w['enddate']);
}
echo "<td>".$rd_w['ip']."</td>";
echo "<td>".$enddate."</td>";
echo "<td>".$rd_w['reason']."</td>";
echo "</tr>";
}
echo "</table>";
echo "</div>";
echo "</div>";
?>
</div>
<div class="col-sm-5">
<label> Blacklist</label>
<?php
$sql_b="SELECT ip,reason,enddate FROM blacklist ORDER BY adddate DESC LIMIT 20";
$rez_b=mysqli_query($con,$sql_b);
echo "<div style='text-align:center'>";
echo "<div style='display:inline-block; width:95%'>";
echo "<table class='table table-condensed table-striped table-hover' style='text-align:left'>";
echo "<tr>
<th>IP</th>
<th>End Date</th>
<th>Reason</th>
</tr>";
while($rd_b=mysqli_fetch_array($rez_b)){
echo "<tr>";
if($rd_b['enddate']=='99999999999999') {
$enddate_b='<B>Permanent</B>';
}
else
{
$enddate_b=print_datetime($rd_b['enddate']);
}
echo "<td>".$rd_b['ip']."</td>";
echo "<td>".$enddate_b."</td>";
echo "<td>".$rd_b['reason']."</td>";
echo "</tr>";
}
echo "</table>";
echo "</div>";
echo "</div>";
?>
</div>
</div>
</div>
<?php
include('footer.php');
?>

46
last_info.php Normal file
View File

@@ -0,0 +1,46 @@
<?php
include('header.php');
include('topmenu.php');
include('conn.php');
include('functions.php');
//https://www.color-hex.com/color-palette/67437
?>
<div class="container" style="width:100%; padding-left:20px; padding-right:20px">
<h2>Info - Last Entries for Blacklist and Whitelist</h2>
<div class='row line10'>
<div class='col-sm-2'>
</div>
<div class='col-sm-8'>
<div style='text-align:center'>
<div style='display:inline-block; width:100%'>
<table class='table table-condensed table-striped table-hover' style='text-align:left'>
<tr>
<th>Table</th>
<th>Edit Date</th>
</tr>
<?php
$sql_i="SELECT * FROM info ORDER BY list ASC";
$sql_rez=mysqli_query($con,$sql_i);
while($row_i=mysqli_fetch_array($sql_rez)){
echo "<tr>";
if($row_i['list']==1){
echo "<td>Whitelist</td>";
}
else{
echo "<td>Blacklist</td>";
}
$datetime=print_datetime($row_i['last']);
echo "<td>$datetime</td>";
echo "</tr>";
}
?>
</table>
</div>
</div>
</div>
</div>
</div>
<?php
include('footer.php');
?>

80
login.php Normal file
View File

@@ -0,0 +1,80 @@
<?php
session_start();
include('sfunctions.php');
include('conn.php');
if ( ! empty( $_POST ) ) {
if ( isset( $_POST['username'] ) && isset( $_POST['password'] ) ) {
$stmt = $con->prepare("SELECT * FROM users WHERE username = ?");
$stmt->bind_param('s', $_POST['username']);
$stmt->execute();
$result = $stmt->get_result();
$user = $result->fetch_object();
if ( password_verify( $_POST['password'], $user->password ) ) {
$_SESSION['user_id'] = $user->ID;
$_SESSION['user'] = $user;
$_SESSION['logged'] = true;
header("Location: index.php");
die();
}
}
}
include('header.php');
session_destroy();
?>
<script>
function verificare(form)
{
if(form.user.value == "") {
alert ("Please write your username");
form.user.focus();
return false;
}
if(form.pass.value == "") {
alert ("Please write your password");
form.pass.focus();
return false;
}
}
</script>
<?php
include('topmenu.php');
include('conn.php');
include('functions.php');
?>
<div class="container" style="width:100%; padding-left:20px;">
<h2>Login</h2>
<form name="login" action="" method="POST" class="form-horizontal" onSubmit="return verificare(this);">
<div class="form-group">
<div class="row line10">
<label class="col-sm-2 control-label">Username: </label>
<div class="col-sm-8">
<input name="username" type="text" placeholder="Type your username" class="form-control"><br>
</div>
</div>
<div class="row line10">
<label class="col-sm-2 control-label">Password: </label>
<div class="col-sm-8">
<input name="password" type="password" placeholder="Type your password" class="form-control"><br>
</div>
</div>
<div class="row line10">
<div class="col-sm-2">
</div>
<div class="col-sm-8">
<button type="submit" class="btn btn-primary" style="width:100%"> Login <i class="fa fa-sign-in"></i></button>
</div>
</div>
</form>
</div>
<?php
include('footer.php');
?>

263
search_db.php Normal file
View File

@@ -0,0 +1,263 @@
<?php
include('header.php');
?>
<!-- makes table row clickable-->
<script>
jQuery(document).ready(function($) {
$(".clickable-row").click(function() {
window.location = $(this).data("href");
});
});
</script>
<script type="text/javascript">
//delete confirmation
<!--
function del(ip,tbl){
var answer=confirm("Are you sure you want to delete this IP?");
var ipf=ip;
var tbl=tbl;
if(answer){
window.location.href="delete.php?ip="+ipf+"&tbl="+tbl;
}
}
-->
</script>
<?php
include('topmenu.php');
include('functions.php');
date_default_timezone_set("America/Montreal");
$_SESSION['rezult_msg']="";
$_SESSION['ret_link']="";
echo "<div class='container' style='padding-left:20px; width:100%'>";
include('conn.php');
if(!empty($_POST['listtype'])&&isset($_POST['listtype'])){
$listtype=$_POST['listtype'];
switch($listtype){
case 'a':
$caption="Blacklist and Whitelist";
break;
case 'b':
$caption="Blacklist";
break;
case 'w':
$caption="Whitelist";
break;
}
}
else{
$listtype="a";
$caption="Blacklist and Whitelist";
}
if(!empty($_POST['IP'])&&isset($_POST['IP'])){
$ip=trim($_POST['IP']);
$ip_srch=$ip;
}
else{
$ip="";
$ip_srch="";
}
if(isset($_POST['type'])&&($_POST['type'])<>'-1'){
$type=$_POST['type'];
$sql_type="SELECT label FROM type WHERE type=$type";
$rez_type=mysqli_query($con,$sql_type);
$rd_tp=mysqli_fetch_array($rez_type);
$displaytype=$rd_tp['label'];
}
else{
$type="-1";
$displaytype="";
}
if(!empty($_POST['date'])&&isset($_POST['date'])){
$dateform=$_POST['date'];
$date=datetodigits($_POST['date']).'000000';
}
else{
$dateform="0000-00-00";
$date="00000000000000";
}
if($ip<>"" && $date=="00000000000000" && $type=="-1"){
$condition= "WHERE ip LIKE '%$ip%'";
}
elseif($ip=="" && $date<>"00000000000000" && $type=="-1"){
$condition= "WHERE adddate>=$date";
}
elseif($ip=="" && $date=="00000000000000" && $type<>"-1"){
$condition= "WHERE type.type=$type";
}
elseif($ip<>"" && $date<>"00000000000000" && $type=="-1"){
$condition= "WHERE ip LIKE '%$ip%' AND adddate>=$date";
}
elseif($ip<>"" && $date<>"00000000000000" && $type<>"-1"){
$condition= "WHERE ip LIKE '%$ip%' AND adddate>=$date AND type.type=$type";
}
elseif($ip<>"" && $date=="00000000000000" && $type<>"-1"){
$condition= "WHERE ip LIKE '%$ip%' AND type.type=$type";
}
elseif($ip=="" && $date<>"00000000000000" && $type<>"-1"){
$condition= "WHERE adddate>=$date AND type.type=$type";
}
elseif($ip=="" && $date=="00000000000000" && $type=="-1"){
$condition= "";
}
switch($listtype){
case 'a':
$sql_find_w="SELECT whitelist.*, type.label FROM whitelist
LEFT OUTER JOIN type ON whitelist.type=type.type
$condition ORDER BY ip ASC";
$rez_find_w=mysqli_query($con,$sql_find_w);
$sql_find_b="SELECT blacklist.*, type.label FROM blacklist
LEFT OUTER JOIN type ON blacklist.type=type.type
$condition ORDER BY ip ASC";
$rez_find_b=mysqli_query($con,$sql_find_b);
break;
case 'b':
$sql_find_w="";
$rez_find_w="";
$sql_find_b="SELECT blacklist.*, type.label FROM blacklist
LEFT OUTER JOIN type ON blacklist.type=type.type
$condition ORDER BY ip ASC";
$rez_find_b=mysqli_query($con,$sql_find_b);
break;
case 'w':
$sql_find_w="SELECT whitelist.*, type.label FROM whitelist
LEFT OUTER JOIN type ON whitelist.type=type.type
$condition ORDER BY ip ASC";
$rez_find_w=mysqli_query($con,$sql_find_w);
$sql_find_b="";
$rez_find_b="";
break;
}
/*echo $ip;
echo $sql_find_b;
echo "<br>";
echo $sql_find_w;
exit;*/
if($sql_find_b<>""){
if(mysqli_num_rows($rez_find_b)==0 && mysqli_num_rows($rez_find_w)==0){
$_SESSION['rezult_msg']="<span style='font-style:italic'>There aren't any Blacklist results for IP - <b>$ip_srch</b>, Type - <b>$displaytype</b>, Date - <b>$dateform</b> in the database. Please try again.</span><br>".mysqli_error($con);
$link="index.php?var=2";
header("location:$link");
return false;
}
elseif(mysqli_num_rows($rez_find_b)==0 && mysqli_num_rows($rez_find_w)<>0){
echo "<span style='font-style:italic'>There aren't any Blacklist results for IP - <b>$ip_srch</b>, Type - <b>$displaytype</b>, Date - <b>$dateform</b> in the database. Please try again.</span><br>".mysqli_error($con);
goto Whitelist_lbl;
}
else{
//search results
$title="Blacklist Results";
echo "<h2>$title</h2>";
$sqltoexport=trim($sql_find_b);
//echo "<p style='font-style: italic; color: #0084B4'>* click table row to edit</p>";
echo"<form name='b' action='export.php' method='POST'><button type='submit' class='btn' onclick='window.location.href=\"export.php\";'> Export CSV <i class='fa fa-download'></i> </button>
<input type='hidden' name='sql_find_b' value=\"$sqltoexport\">
</form><br>";
echo "<div style='text-align:center'>";
echo "<div style='display:inline-block; width:95%'>";
echo "<table class='table table-condensed table-striped table-hover' style='text-align:left'>";
echo "<tr>
<th>IP</th>
<th>Add Date</th>
<th>End Date</th>
<th>Type</th>
<th>Reason</th>
<th>Edit</th>
<th style='text-align:center'>Delete</th>
</tr>";
while($rd_bl=mysqli_fetch_array($rez_find_b)){
echo "<tr>";
$adddate=print_datetime($rd_bl['adddate']);
$enddate=print_datetime($rd_bl['enddate']);
$ip=$rd_bl['ip'];
echo "<td>".$rd_bl['ip']."</td>";
echo "<td>".$adddate."</td>";
echo "<td>".$enddate."</td>";
echo "<td>".$rd_bl['type']." - ".$rd_bl['label']."</td>";
echo "<td>".$rd_bl['reason']."</td>";
echo "<td><button class='btn btn-secondary btn-sm' onclick='window.location.href=\"edit_ip_frm.php?ip=$ip&tbl=b\";'><i class='fa fa-edit'></i></button></td>";
echo "<td align='center'><button class='btn btn-danger btn-sm' onclick=\"del('".$ip."','b');\"><i class='fa fa-trash'></i></button></td>";
echo "</tr>";
}
echo "</table>";
echo "</div>";
echo "</div>";
}
}
if($sql_find_w<>""){
if(mysqli_num_rows($rez_find_w)==0 && mysqli_num_rows($rez_find_b)==0){
$_SESSION['rezult_msg']="<span style='font-style:italic'>There aren't any Whitelist results for IP - <b>$ip_srch</b>, Type - <b>$displaytype</b>, Date - <b>$dateform</b> in the database. Please try again.</span><br>".mysqli_error($con);
$link="index.php?var=2";
header("location:$link");
return false;
}
elseif(mysqli_num_rows($rez_find_w)==0 && mysqli_num_rows($rez_find_b)<>0){
echo "<span style='font-style:italic'>There aren't any Whitelist results for IP - <b>$ip_srch</b>, Type - <b>$displaytype</b>, Date - <b>$dateform</b> in the database. Please try again.</span><br>".mysqli_error($con);
}
else{
Whitelist_lbl:
//search results
$title="Whitelist Results";
echo "<h2>$title</h2>";
$sqltoexportw=trim($sql_find_w);
//echo "<p style='font-style: italic; color: #0084B4'>* click table row to edit</p>";
echo"<form name='w' action='export.php' method='POST'><button type='submit' class='btn' onclick='window.location.href=\"export.php\";'> Export CSV <i class='fa fa-download'></i> </button>
<input type='hidden' name='sql_find_w' value=\"$sqltoexportw\">
</form><br>";
echo "<div style='text-align:center'>";
echo "<div style='display:inline-block; width:95%'>";
echo "<table class='table table-condensed table-striped table-hover' style='text-align:left'>";
echo "<tr>
<th>IP</th>
<th>Add Date</th>
<th>End Date</th>
<th>Type</th>
<th>Reason</th>
<th>Edit</th>
<th style='text-align:center'>Delete</th>
</tr>";
while($rd_wl=mysqli_fetch_array($rez_find_w)){
$ip=$rd_wl['ip'];
echo "<tr>";
$adddatew=print_datetime($rd_wl['adddate']);
$enddatew=print_datetime($rd_wl['enddate']);
echo "<td>".$rd_wl['ip']."</td>";
echo "<td>".$adddatew."</td>";
echo "<td>".$enddatew."</td>";
echo "<td>".$rd_wl['type']." - ".$rd_wl['label']."</td>";
echo "<td>".$rd_wl['reason']."</td>";
echo "<td><button class='btn btn-secondary btn-sm' onclick='window.location.href=\"edit_ip_frm.php?ip=$ip&tbl=w\";'><i class='fa fa-edit'></i></button></td>";
echo "<td align='center'><button class='btn btn-danger btn-sm' onclick=\"del('".$ip."','w');\"><i class='fa fa-trash'></i></button></td>";
echo "</tr>";
}
echo "</table>";
echo "</div>";
echo "</div>";
}
}
echo "</div>";
?>

9
sfunctions.php Normal file
View File

@@ -0,0 +1,9 @@
<?php
function print2_datetime($datestring){
$display_datetime=substr($datestring,0,4)."/".substr($datestring,4,2)."/".substr($datestring,6,2)." ".substr($datestring,8,2).":".substr($datestring,10,2).":".substr($datestring,12,2);
return $display_datetime;
}
?>

71
stil.css Normal file
View File

@@ -0,0 +1,71 @@
html {
height: 100%;
}
body {
min-height: 100%;
position:relative;
}
.bg_pic{
background-image: url('img/bg_txt.jpg'), url('img/bg.jpg');
background-repeat: no-repeat , repeat-x;
position:0px top, 1024px top ;
height:194px;
}
.bg_footer{
width:100%;
height:40px;
background-image: url('img/footer.jpg');
background-repeat: repeat-x;
position:left,bottom;
margin-left:100px;
}
.navclr{
background-color: #267488;
}
.navbar-default .navbar-nav > li > a {
color: #FFF;
}
.navbar-default .navbar-nav > li > a:hover,
.navbar-default .navbar-nav > li > a:focus {
color: #267488;
background-color:#FFF;
}
.navbar-default .navbar-nav > .active > a,
.navbar-default .navbar-nav > .active > a:hover,
.navbar-default .navbar-nav > .active > a:focus {
color: #FFF;
background-color: #267488;
}
.navbar-default .navbar-nav > .open > a,
.navbar-default .navbar-nav > .open > a:hover,
.navbar-default .navbar-nav > .open > a:focus {
color: #FFF;
background-color: #267488;
}
a.linkblue:link {
color: #267488;
}
a.linkblue:visited {
color: #267488;
}
a.linkblue:hover {
color: #267488;
}
a.linkblue:active {
color: #FFFFFF;
}
.bg_footer{
width:100%;
height:40px;
background-image: url('img/footer.jpg');
background-repeat: repeat-x;
position:left,bottom;
margin-left:100px;
}
.padding{
padding-top: 3px;
padding-bottom: 3px;
}

7
test.php Normal file
View File

@@ -0,0 +1,7 @@
<?php
phpinfo();
//echo ("A");
echo password_hash("Jdr002s", PASSWORD_DEFAULT);
//echo ("B");
?>

65
topmenu.php Normal file
View File

@@ -0,0 +1,65 @@
</head>
<body>
<div class="container" style="width:100%; padding: 1px">
<!--<div class="bg_repeat" style="height:200px;width:100%">-->
<div class="bg_pic">
</div>
<!--</div>-->
<nav class="navbar navbar-default navclr" style="margin-top:0px;border:0px">
<div class="container-fluid ">
<div class="navbar-header">
<a class="navbar-brand" href="index.php" style="color:#ffffff">DAProgs</a>
</div>
<ul class="nav navbar-nav" id='menu2'>
<li><a href="index.php">Search</a></li>
<li><a href="add_ip_frm.php?tbl=b">Blacklist IP</a></li>
<li><a href="add_ip_frm.php?tbl=w">Whitelist IP</a></li>
<li><a href="add_ip_bulk_frm.php">Add IP in Bulk</a></li>
<li><a href="add_type_frm.php">Add Type</a></li>
<li><a href="last_info.php">Last Edit</a></li>
</ul>
<ul class="nav navbar-nav navbar-right">
<li style="float:right"><a href="login.php">Logout</a></li>
<?php
if (isset( $_SESSION['logged'] ) ) {
?>
<li style="float:right"><a href="account.php">Account</a></li>
<?php
}
?>
</ul>
</div>
</nav>
</div>
<div class="container" style="width: 100%">
<!-- Display result messages if available-->
<div>
<?php
if($_SESSION['rezult_msg']!==null&&!empty($_SESSION['rezult_msg'])){
if(isset($_GET['var'])&&!empty($_GET['var'])){
if($_GET['var']==1){
$cls="background-color:#5BBA5D;color:#FFFFFF;";
}
else{
$cls="background-color:#E8AF53;color:#FFFFFF;";
}
}
else{
$cls="";
}
echo "<p style='$cls'>".$_SESSION['rezult_msg']."</p>";
$_SESSION['rezult_msg']="";
}
else{
$_SESSION['rezult_msg']="";
}
?>
</div>
</div>
<!-- End Display result message-->

142
whitelist.php Normal file
View File

@@ -0,0 +1,142 @@
<?php
// http://www.daprogs.com/api/ipban/whitelist.php?a=add&ip=192.168.2.0/24&type=1&date=20191025120000&reason=Hello%20There2
// http://www.daprogs.com/api/ipban/whitelist.php?a=rem&ip=192.168.2.0/24
include('conn.php');
/*
if ((!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') || $_SERVER['SERVER_PORT'] == 443) {
//return true;
$ht=true;
}
else {
echo "Service only available via https!";
die();
}
*/
$SQL2 ="SELECT info.last FROM info WHERE info.list = 1";
$result2 = mysqli_query($con,$SQL2);
$UpdateDate2 = mysqli_fetch_array($result2);
$UpdateDate = $UpdateDate2['last'];
$dStamp = date_create_from_format ( 'YmdHis' , $UpdateDate );
$fStamp = $dStamp->format('D, d M Y H:i:s T');
$lMod = "Last-Modified: " . $fStamp;
header($lMod);
if($_SERVER['REQUEST_METHOD']=='HEAD') {
$con->close();
echo("Something to make php quit and return head..");
}
$dPart = date("YmdHis");
if(!isset($_GET["a"]))
{
$action = "display";
}
if(isset($_GET["a"]))
{
$action = strtolower($_GET["a"]);
}
if ($action == "display") {
$SQL ="SELECT whitelist.ip, whitelist.reason FROM whitelist WHERE whitelist.adddate < ".$dPart." AND whitelist.enddate > ".$dPart." ORDER BY whitelist.ip ASC";
$result = mysqli_query($con,$SQL);
$num_rows = mysqli_num_rows($result);
// $SQL2 ="SELECT info.last FROM info WHERE info.list = 1";
// $result2 = mysqli_query($con,$SQL2);
// $UpdateDate2 = mysqli_fetch_array($result2);
// $UpdateDate = $UpdateDate2['last'];
header("Content-Type: text/plain");
echo "; https://www.daprogs.com/ipbansw/whitelist.php";
echo "\n";
// echo "; DAProgs WhiteList ".date("Y/m/d")." - (c) 2019 DAProgs.com";
echo "; DAProgs WhiteList - (c) 2019 DAProgs.com";
echo "\n";
echo "; Last-Modified: ".$fStamp;
// echo "; Last-Modified: ".substr($UpdateDate,0,4)."/".substr($UpdateDate,4,2)."/".substr($UpdateDate,6,2)." ".substr($UpdateDate,8,2).":".substr($UpdateDate,10,2).":".substr($UpdateDate,12,2)." EST.";
echo "\n";
echo "; WhiteList contains ".$num_rows." elements.";
//echo "\n";
while($row = mysqli_fetch_array($result))
{
echo "\n";
echo $row['ip']." ; ".$row['reason'];
}
mysqli_close($con);
//echo "";
//echo "\r\n";
}
elseif ($action == "add") {
if(!isset($_GET["ip"]))
{
die("Missing parameters 1.");
}
$ip = strtolower($_GET["ip"]);
if(!isset($_GET["type"]))
{
die("Missing parameters 2.");
}
$type = $_GET["type"];
if(!isset($_GET["date"]))
{
die("Missing parameters 3.");
}
$enddate = $_GET["date"];
if(!isset($_GET["reason"]))
{
die("Missing parameters 4.");
}
$reason = urldecode($_GET["reason"]);
$SQL ="INSERT INTO whitelist (ip, type, adddate, enddate, reason) VALUES ('".$ip."', ".$type.", ".$dPart.", ".$enddate.", '".$reason."');";
if ($con->query($SQL) === TRUE) {
$SQL = "UPDATE info SET last=".$dPart." WHERE list=1;";
$con->query($SQL);
echo "SUCCESS";
} else {
$SQL = "UPDATE whitelist SET enddate=".$enddate.", type=".$type.", reason='".$reason."' WHERE ip='".$ip."';";
if ($con->query($SQL) === TRUE) {
$SQL = "UPDATE info SET last=".$dPart." WHERE list=1;";
$con->query($SQL);
echo "SUCCESS UPDATE";
} else {
echo "Error: " . $SQL . "<br>" . $con->error;
}
}
$con->close();
}
elseif ($action == "rem") {
if(!isset($_GET["ip"]))
{
die("Missing parameters 1.");
}
$ip = strtolower($_GET["ip"]);
$SQL ="DELETE FROM whitelist WHERE whitelist.ip = '".$ip."';";
if ($con->query($SQL) === TRUE) {
$SQL = "UPDATE info SET last=".$dPart." WHERE list=1;";
$con->query($SQL);
echo "SUCCESS";
} else {
echo "Error: " . $SQL . "<br>" . $con->error;
}
$con->close();
}
?>