From 868bc75baecb2e0a6abaf5329880e501516c2910 Mon Sep 17 00:00:00 2001 From: neptune Date: Thu, 26 Jan 2023 05:16:20 -0300 Subject: Chequeo duplicados de ban --- cgi/framework.py | 8 +++++--- cgi/manage.py | 9 ++++----- 2 files changed, 9 insertions(+), 8 deletions(-) diff --git a/cgi/framework.py b/cgi/framework.py index 796703e..3cfc94a 100644 --- a/cgi/framework.py +++ b/cgi/framework.py @@ -56,18 +56,20 @@ def cleanDir(path, ext=None): os.remove(os.path.join(path, f)) -def addressIsBanned(ip, board, blind_only=False): +def addressIsBanned(ip, board=None, blind_only=False): query = "SELECT * FROM `bans` WHERE INET6_ATON(%s) BETWEEN `ipstart` AND `ipend`" if blind_only: query += " AND `blind` = '1'" bans = FetchAll(query, (ip,)) for ban in bans: + if not board: + return ban if ban["boards"]: boards = str2boards(ban["boards"]) if not ban["boards"] or board in boards: if board not in Settings.EXCLUDE_GLOBAL_BANS: - return True - return False + return ban + return None def addressIsTor(ip): diff --git a/cgi/manage.py b/cgi/manage.py index d1de264..bf28768 100644 --- a/cgi/manage.py +++ b/cgi/manage.py @@ -711,13 +711,12 @@ def manage(self, path_split): if 'edit' in self.formdata: UpdateDb("DELETE FROM `bans` WHERE `id` = '" + _mysql.escape_string(self.formdata['edit']) + "' LIMIT 1") - """else: # TODO : Duplicate check - ban = FetchOne("SELECT `id` FROM `bans` WHERE `ip` = '" + _mysql.escape_string( - ip) + "' AND `boards` = '" + _mysql.escape_string(where) + "' LIMIT 1") + else: # Duplicate check + ban = addressIsBanned(ip) if ban: self.error(_('There is already an identical ban for this IP.') + '' + _('Edit') + '') - return""" + Settings.CGI_URL+'manage/ban/' + ip + '?edit=' + str(ban['id'])+'">' + _('Edit') + '') + return # Blind mode blind = self.formdata.get('blind', 0) -- cgit v1.2.1-18-gbd029