diff -r a7e537c0b549 -r 300f673fbbdc htdocs/auth/iplogs.php --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/htdocs/auth/iplogs.php Thu Dec 04 19:40:27 2008 -0500 @@ -0,0 +1,189 @@ +user_logged_in ) + { + // error out + $paths->main_page(); + die('Not authorized'); + } + $db->close(); + // unload Enano, we don't need it anymore + unset($db, $session, $paths, $template, $plugins); +} + +function parse_wildcard($str) +{ + $append = isset($_POST['match_whole']) ? '' : '%'; + return $append . mysql_real_escape_string(strtr(str_replace(array('%', '_'), array('\%', '\_'), $str), '*?', '%_')) . $append; +} + +function basenick($nick) +{ + if ( preg_match('/^`/', $nick) ) + { + $nick = substr($nick, 1); + } + return preg_replace('/(`|\|)(.+?)$/', '', $nick); +} + +function dbdie() +{ + die('MySQL query error: ' . mysql_error()); +} + +function tableize_mysql_result($result) +{ + $col_strings = array( + 'nick' => 'Nickname', + 'basenick' => 'Basenick', + 'ip' => 'IP', + 'hostname' => 'Hostname', + 'time' => 'Last join', + 'channel' => 'Channel' + ); + if ( mysql_num_rows($result) < 1 ) + { + echo '

No results.

'; + return true; + } + $row = @mysql_fetch_assoc($result); + echo ''; + foreach ( $row as $col => $_ ) + { + echo ""; + } + echo ''; + do + { + echo ""; + foreach ( $row as $col => $val ) + { + if ( $col == 'nick' ) + echo ""; + else if ( $col == 'ip' ) + echo ""; + else if ( $col == 'time' ) + echo ""; + else + echo ""; + } + echo ""; + } + while ( $row = mysql_fetch_assoc($result) ); + echo '
{$col_strings[$col]}
$val$val" . date('r', intval($val)) . "$val
'; + return true; +} + +require('../../stats-fe.php'); +require('../../timezone.php'); + +echo '

' . $nick . ' IP logs

'; + +if ( isset($_POST['submit']) ) +{ + $query = 'SELECT nick, basenick, ip, hostname, channel, time FROM ip_log'; + $where = 'WHERE'; + if ( !empty($_POST['nick']) ) + { + $query .= " $where ( nick LIKE '" . parse_wildcard($_POST['nick']) . "'"; + $query .= " OR basenick LIKE '" . parse_wildcard($_POST['nick']) . "' )"; + $where = 'OR'; + } + if ( !empty($_POST['ip']) ) + { + $query .= " $where ip LIKE '" . parse_wildcard($_POST['ip']) . "'"; + $where = 'OR'; + } + if ( !empty($_POST['host']) ) + { + $query .= " $where hostname LIKE '" . parse_wildcard($_POST['host']) . "'"; + $where = 'OR'; + } + if ( !empty($_POST['channel']) && $_POST['channel'] != '#' ) + { + $query .= " $where channel LIKE '" . parse_wildcard($_POST['channel']) . "'"; + $where = 'OR'; + } + + $query .= ';'; + + if ( $result = eb_mysql_query($query) ) + { + $num_results = mysql_num_rows($result); + $str = ( $num_results == 1 ) ? "1 result" : "$num_results results"; + tableize_mysql_result($result); + } +} + +if ( isset($_GET['query_user']) ) +{ + $nick =& $_GET['query_user']; + echo '

' . htmlspecialchars($nick) . '

'; + echo '

Basenick: ' . htmlspecialchars(basenick($nick)) . '

'; + + echo '

IP addresses this user has been seen from

'; + $nick = mysql_real_escape_string($nick); + $basenick = mysql_real_escape_string(basenick($nick)); + $q = eb_mysql_query("SELECT DISTINCT ip, hostname FROM ip_log WHERE nick = '$nick' OR basenick = '$basenick';"); + if ( !$q ) + dbdie(); + tableize_mysql_result($q); + + echo '

Channels this user has been seen in

'; + $q = eb_mysql_query("SELECT DISTINCT nick, channel, time FROM ip_log WHERE nick = '$nick' OR basenick = '$basenick';"); + if ( !$q ) + dbdie(); + tableize_mysql_result($q); +} + +if ( isset($_GET['query_ip']) ) +{ + $ip =& $_GET['query_ip']; + echo '

' . htmlspecialchars($ip) . '

'; + $ip = mysql_real_escape_string($ip); + + echo '

Users seen from this IP address

'; + $q = eb_mysql_query("SELECT DISTINCT nick, channel, time FROM ip_log WHERE ip = '$ip';"); + if ( !$q ) + dbdie(); + tableize_mysql_result($q); +} + +// FORM +?> +
+

Search database

+

Enter data in one or more fields. You can use an asterisk (*) anywhere to match multiple characters or a question mark (?) to match a single character.

+ + + + + + + + + + + + + + + + + + + + + + + +
Nickname
IP address
Hostname
Channel
+ +
+ +
+