|
1 <?php |
|
2 |
|
3 // auth if possible |
|
4 if ( file_exists('./includes/common.php') ) |
|
5 { |
|
6 require('includes/common.php'); |
|
7 if ( !$session->user_logged_in ) |
|
8 { |
|
9 // error out |
|
10 $paths->main_page(); |
|
11 die('Not authorized'); |
|
12 } |
|
13 $db->close(); |
|
14 // unload Enano, we don't need it anymore |
|
15 unset($db, $session, $paths, $template, $plugins); |
|
16 } |
|
17 |
|
18 function parse_wildcard($str) |
|
19 { |
|
20 $append = isset($_POST['match_whole']) ? '' : '%'; |
|
21 return $append . mysql_real_escape_string(strtr(str_replace(array('%', '_'), array('\%', '\_'), $str), '*?', '%_')) . $append; |
|
22 } |
|
23 |
|
24 function basenick($nick) |
|
25 { |
|
26 if ( preg_match('/^`/', $nick) ) |
|
27 { |
|
28 $nick = substr($nick, 1); |
|
29 } |
|
30 return preg_replace('/(`|\|)(.+?)$/', '', $nick); |
|
31 } |
|
32 |
|
33 function dbdie() |
|
34 { |
|
35 die('MySQL query error: ' . mysql_error()); |
|
36 } |
|
37 |
|
38 function tableize_mysql_result($result) |
|
39 { |
|
40 $col_strings = array( |
|
41 'nick' => 'Nickname', |
|
42 'basenick' => 'Basenick', |
|
43 'ip' => 'IP', |
|
44 'hostname' => 'Hostname', |
|
45 'time' => 'Last join', |
|
46 'channel' => 'Channel' |
|
47 ); |
|
48 if ( mysql_num_rows($result) < 1 ) |
|
49 { |
|
50 echo '<p>No results.</p>'; |
|
51 return true; |
|
52 } |
|
53 $row = @mysql_fetch_assoc($result); |
|
54 echo '<table border="1" cellpadding="3"><tr>'; |
|
55 foreach ( $row as $col => $_ ) |
|
56 { |
|
57 echo "<th>{$col_strings[$col]}</th>"; |
|
58 } |
|
59 echo '</tr>'; |
|
60 do |
|
61 { |
|
62 echo "<tr>"; |
|
63 foreach ( $row as $col => $val ) |
|
64 { |
|
65 if ( $col == 'nick' ) |
|
66 echo "<td><a href=\"iplogs.php?query_user=" . urlencode($val) . "\">$val</a></td>"; |
|
67 else if ( $col == 'ip' ) |
|
68 echo "<td><a href=\"iplogs.php?query_ip=" . urlencode($val) . "\">$val</a></td>"; |
|
69 else if ( $col == 'time' ) |
|
70 echo "<td>" . date('r', intval($val)) . "</td>"; |
|
71 else |
|
72 echo "<td>$val</td>"; |
|
73 } |
|
74 echo "</tr>"; |
|
75 } |
|
76 while ( $row = mysql_fetch_assoc($result) ); |
|
77 echo '</table>'; |
|
78 return true; |
|
79 } |
|
80 |
|
81 require('../../stats-fe.php'); |
|
82 require('../../timezone.php'); |
|
83 |
|
84 echo '<h2>' . $nick . ' IP logs</h2>'; |
|
85 |
|
86 if ( isset($_POST['submit']) ) |
|
87 { |
|
88 $query = 'SELECT nick, basenick, ip, hostname, channel, time FROM ip_log'; |
|
89 $where = 'WHERE'; |
|
90 if ( !empty($_POST['nick']) ) |
|
91 { |
|
92 $query .= " $where ( nick LIKE '" . parse_wildcard($_POST['nick']) . "'"; |
|
93 $query .= " OR basenick LIKE '" . parse_wildcard($_POST['nick']) . "' )"; |
|
94 $where = 'OR'; |
|
95 } |
|
96 if ( !empty($_POST['ip']) ) |
|
97 { |
|
98 $query .= " $where ip LIKE '" . parse_wildcard($_POST['ip']) . "'"; |
|
99 $where = 'OR'; |
|
100 } |
|
101 if ( !empty($_POST['host']) ) |
|
102 { |
|
103 $query .= " $where hostname LIKE '" . parse_wildcard($_POST['host']) . "'"; |
|
104 $where = 'OR'; |
|
105 } |
|
106 if ( !empty($_POST['channel']) && $_POST['channel'] != '#' ) |
|
107 { |
|
108 $query .= " $where channel LIKE '" . parse_wildcard($_POST['channel']) . "'"; |
|
109 $where = 'OR'; |
|
110 } |
|
111 |
|
112 $query .= ';'; |
|
113 |
|
114 if ( $result = eb_mysql_query($query) ) |
|
115 { |
|
116 $num_results = mysql_num_rows($result); |
|
117 $str = ( $num_results == 1 ) ? "1 result" : "$num_results results"; |
|
118 tableize_mysql_result($result); |
|
119 } |
|
120 } |
|
121 |
|
122 if ( isset($_GET['query_user']) ) |
|
123 { |
|
124 $nick =& $_GET['query_user']; |
|
125 echo '<h3>' . htmlspecialchars($nick) . '</h3>'; |
|
126 echo '<p>Basenick: ' . htmlspecialchars(basenick($nick)) . '</p>'; |
|
127 |
|
128 echo '<h4>IP addresses this user has been seen from</h4>'; |
|
129 $nick = mysql_real_escape_string($nick); |
|
130 $basenick = mysql_real_escape_string(basenick($nick)); |
|
131 $q = eb_mysql_query("SELECT DISTINCT ip, hostname FROM ip_log WHERE nick = '$nick' OR basenick = '$basenick';"); |
|
132 if ( !$q ) |
|
133 dbdie(); |
|
134 tableize_mysql_result($q); |
|
135 |
|
136 echo '<h4>Channels this user has been seen in</h4>'; |
|
137 $q = eb_mysql_query("SELECT DISTINCT nick, channel, time FROM ip_log WHERE nick = '$nick' OR basenick = '$basenick';"); |
|
138 if ( !$q ) |
|
139 dbdie(); |
|
140 tableize_mysql_result($q); |
|
141 } |
|
142 |
|
143 if ( isset($_GET['query_ip']) ) |
|
144 { |
|
145 $ip =& $_GET['query_ip']; |
|
146 echo '<h3>' . htmlspecialchars($ip) . '</h3>'; |
|
147 $ip = mysql_real_escape_string($ip); |
|
148 |
|
149 echo '<h4>Users seen from this IP address</h4>'; |
|
150 $q = eb_mysql_query("SELECT DISTINCT nick, channel, time FROM ip_log WHERE ip = '$ip';"); |
|
151 if ( !$q ) |
|
152 dbdie(); |
|
153 tableize_mysql_result($q); |
|
154 } |
|
155 |
|
156 // FORM |
|
157 ?> |
|
158 <form action="iplogs.php" method="post"> |
|
159 <h3>Search database</h3> |
|
160 <p><small>Enter data in one or more fields. You can use an asterisk (*) anywhere to match multiple characters or a question mark (?) to match a single character.</small></p> |
|
161 <table border="0"> |
|
162 <tr> |
|
163 <td>Nickname</td> |
|
164 <td><input type="text" name="nick" size="30" /></td> |
|
165 </tr> |
|
166 <tr> |
|
167 <td>IP address</td> |
|
168 <td><input type="text" name="ip" size="30" /></td> |
|
169 </tr> |
|
170 <tr> |
|
171 <td>Hostname</td> |
|
172 <td><input type="text" name="host" size="30" /></td> |
|
173 </tr> |
|
174 <tr> |
|
175 <td>Channel</td> |
|
176 <td><input type="host" name="channel" size="30" value="#" /></td> |
|
177 </tr> |
|
178 <tr> |
|
179 <td colspan="2"> |
|
180 <label><input type="checkbox" name="match_whole" /> Exact matches</label> |
|
181 </td> |
|
182 </tr> |
|
183 <tr> |
|
184 <td colspan="2" style="text-align: center;"> |
|
185 <input type="submit" name="submit" /> |
|
186 </td> |
|
187 </tr> |
|
188 </table> |
|
189 </form> |