wp-ban.php

Revision 52840, 8.7 kB (checked in by GamerZ, 2 days ago)
Works For WordPress 2.6

Line
1	<?php
2	/*
3	Plugin Name: WP-Ban
4	Plugin URI: http://lesterchan.net/portfolio/programming/php/
5	Description: Ban users by IP, IP Range, host name, user agent and referer url from visiting your WordPress's blog. It will display a custom ban message when the banned IP, IP range, host name, user agent or referer url tries to visit you blog. You can also exclude certain IPs from being banned. There will be statistics recordered on how many times they attemp to visit your blog. It allows wildcard matching too.
6	Version: 1.31
7	Author: Lester 'GaMerZ' Chan
8	Author URI: http://lesterchan.net
9	*/
10
11
12	/*
13	Copyright 2008 Lester Chan (email : lesterchan@gmail.com)
14
15	This program is free software; you can redistribute it and/or modify
16	it under the terms of the GNU General Public License as published by
17	the Free Software Foundation; either version 2 of the License, or
18	(at your option) any later version.
19
20	This program is distributed in the hope that it will be useful,
21	but WITHOUT ANY WARRANTY; without even the implied warranty of
22	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
23	GNU General Public License for more details.
24
25	You should have received a copy of the GNU General Public License
26	along with this program; if not, write to the Free Software
27	Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
28	*/
29
30
31	### Use WordPress 2.6 Constants
32	if (!defined('WP_CONTENT_DIR')) {
33	define( 'WP_CONTENT_DIR', ABSPATH.'wp-content');
34	}
35	if (!defined('WP_CONTENT_URL')) {
36	define('WP_CONTENT_URL', get_option('siteurl').'/wp-content');
37	}
38	if (!defined('WP_PLUGIN_DIR')) {
39	define('WP_PLUGIN_DIR', WP_CONTENT_DIR.'/plugins');
40	}
41	if (!defined('WP_PLUGIN_URL')) {
42	define('WP_PLUGIN_URL', WP_CONTENT_URL.'/plugins');
43	}
44
45
46	### Create Text Domain For Translation
47	add_action('init', 'ban_textdomain');
48	function ban_textdomain() {
49	if (!function_exists('wp_print_styles')) {
50	load_plugin_textdomain('wp-ban', 'wp-content/plugins/wp-ban');
51	} else {
52	load_plugin_textdomain('wp-ban', false, 'wp-ban');
53	}
54	}
55
56
57	### Function: Ban Menu
58	add_action('admin_menu', 'ban_menu');
59	function ban_menu() {
60	if (function_exists('add_management_page')) {
61	add_management_page(__('Ban', 'wp-ban'), __('Ban', 'wp-ban'), 'manage_options', 'wp-ban/ban-options.php');
62	}
63	}
64
65
66	### Function: Get IP Address
67	if(!function_exists('get_IP')) {
68	function get_IP() {
69	if(!empty($_SERVER['HTTP_CLIENT_IP'])) {
70	$ip_address = $_SERVER['HTTP_CLIENT_IP'];
71	} else if(!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
72	$ip_address = $_SERVER['HTTP_X_FORWARDED_FOR'];
73	} else if(!empty($_SERVER['REMOTE_ADDR'])) {
74	$ip_address = $_SERVER['REMOTE_ADDR'];
75	} else {
76	$ip_address = '';
77	}
78	if(strpos($ip_address, ',') !== false) {
79	$ip_address = explode(',', $ip_address);
80	$ip_address = $ip_address[0];
81	}
82	return $ip_address;
83	}
84	}
85
86
87	### Function: Print Out Banned Message
88	function print_banned_message() {
89	// Credits To Joe (Ttech) - http://blog.fileville.net/
90	$banned_stats = get_option('banned_stats');
91	$banned_stats['count'] = intval($banned_stats['count']) + 1;
92	$banned_stats['users'][get_IP()] = intval($banned_stats['users'][get_IP()]) + 1;
93	update_option('banned_stats', $banned_stats);
94	$banned_message = stripslashes(get_option('banned_message'));
95	$banned_message = str_replace("%SITE_NAME%", get_option('blogname'), $banned_message);
96	$banned_message = str_replace("%SITE_URL%", get_option('siteurl'), $banned_message);
97	$banned_message = str_replace("%USER_ATTEMPTS_COUNT%", number_format_i18n($banned_stats['users'][get_IP()]), $banned_message);
98	$banned_message = str_replace("%USER_IP%", get_IP(), $banned_message);
99	$banned_message = str_replace("%USER_HOSTNAME%", @gethostbyaddr(get_IP()), $banned_message);
100	$banned_message = str_replace("%TOTAL_ATTEMPTS_COUNT%", number_format_i18n($banned_stats['count']), $banned_message);
101	echo $banned_message;
102	exit();
103	}
104
105
106	### Function: Process Banning
107	function process_ban($banarray, $against) {
108	if(!empty($banarray) && !empty($against)) {
109	foreach($banarray as $cban) {
110	$regexp = str_replace ('.', '\\.', $cban);
111	$regexp = str_replace ('*', '.+', $regexp);
112	if(ereg("^$regexp$", $against)) {
113	print_banned_message();
114	}
115	}
116	}
117	return;
118	}
119
120
121	### Function: Process Banned IP Range
122	function process_ban_ip_range($banned_ips_range) {
123	if(!empty($banned_ips_range)) {
124	foreach($banned_ips_range as $banned_ip_range) {
125	$range = explode('-', $banned_ip_range);
126	$range_start = trim($range[0]);
127	$range_end = trim($range[1]);
128	if(check_ip_within_range(get_IP(), $range_start, $range_end)) {
129	print_banned_message();
130	break;
131	}
132	}
133	}
134	}
135
136
137	### Function: Banned
138	add_action('init', 'banned');
139	function banned() {
140	$banned_ips = get_option('banned_ips');
141	$banned_ips_range = get_option('banned_ips_range');
142	$banned_hosts = get_option('banned_hosts');
143	$banned_referers = get_option('banned_referers');
144	$banned_user_agents = get_option('banned_user_agents');
145	$banned_exclude_ips = get_option('banned_exclude_ips');
146	$is_excluded = false;
147	if(!empty($banned_exclude_ips)) {
148	foreach($banned_exclude_ips as $banned_exclude_ip) {
149	if(get_IP() == $banned_exclude_ip) {
150	$is_excluded = true;
151	break;
152	}
153	}
154	}
155	if(!$is_excluded) {
156	process_ban($banned_ips, get_IP());
157	process_ban_ip_range($banned_ips_range);
158	process_ban($banned_hosts, @gethostbyaddr(get_IP()));
159	process_ban($banned_referers, $_SERVER['HTTP_REFERER']);
160	process_ban($banned_user_agents, $_SERVER['HTTP_USER_AGENT']);
161	}
162	}
163
164
165	### Function: Check Whether Or Not The IP Address Belongs To Admin
166	function is_admin_ip($check) {
167	$admin_ip = get_IP();
168	$regexp = str_replace ('.', '\\.', $check);
169	$regexp = str_replace ('*', '.+', $regexp);
170	if(ereg("^$regexp$", $admin_ip)) {
171	return true;
172	}
173	return false;
174	}
175
176
177	### Function: Check Whether IP Within A Given IP Range
178	function check_ip_within_range($ip, $range_start, $range_end) {
179	$range_start = ip2long($range_start);
180	$range_end = ip2long($range_end);
181	$ip = ip2long($ip);
182	if($ip !== false && $ip >= $range_start && $ip <= $range_end) {
183	return true;
184	}
185	return false;
186	}
187
188
189	### Function: Check Whether Or Not The Hostname Belongs To Admin
190	function is_admin_hostname($check) {
191	$admin_hostname = @gethostbyaddr(get_IP());
192	$regexp = str_replace ('.', '\\.', $check);
193	$regexp = str_replace ('*', '.+', $regexp);
194	if(ereg("^$regexp$", $admin_hostname)) {
195	return true;
196	}
197	return false;
198	}
199
200
201	### Function: Check Whether Or Not The Referer Belongs To This Site
202	function is_admin_referer($check) {
203	$regexp = str_replace ('.', '\\.', $check);
204	$regexp = str_replace ('*', '.+', $regexp);
205	$url_patterns = array(get_option('siteurl'), get_option('home'), get_option('siteurl').'/', get_option('home').'/', get_option('siteurl').'/ ', get_option('home').'/ ', $_SERVER['HTTP_REFERER']);
206	foreach($url_patterns as $url) {
207	if(ereg("^$regexp$", $url)) {
208	return true;
209	}
210	}
211	return false;
212	}
213
214
215	### Function: Check Whether Or Not The User Agent Is Used by Admin
216	function is_admin_user_agent($check) {
217	$regexp = str_replace ('.', '\\.', $check);
218	$regexp = str_replace ('*', '.+', $regexp);
219	return ereg("^$regexp$", $_SERVER['HTTP_USER_AGENT']);
220	}
221
222
223	### Function: Create Ban Options
224	add_action('activate_wp-ban/wp-ban.php', 'ban_init');
225	function ban_init() {
226	global $wpdb;
227	$banned_ips = array();
228	$banned_ips_range = array();
229	$banned_hosts = array();
230	$banned_referers = array();
231	$banned_exclude_ips = array();
232	$banned_stats = array('users' => array(), 'count' => 0);
233	add_option('banned_ips', $banned_ips, 'Banned IPs');
234	add_option('banned_hosts', $banned_hosts, 'Banned Hosts');
235	add_option('banned_stats', $banned_stats, 'WP-Ban Stats');
236	add_option('banned_message', '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">'."\n".
237	'<html xmlns="http://www.w3.org/1999/xhtml">'."\n".
238	'<head>'."\n".
239	'<meta http-equiv="Content-Type" content="text/html; charset='.get_option('blog_charset').'" />'."\n".
240	'<title>%SITE_NAME% - %SITE_URL%</title>'."\n".
241	'</head>'."\n".
242	'<body>'."\n".
243	'<p style="text-align: center; font-weight: bold;">'.__('You Are Banned.', 'wp-ban').'</p>'."\n".
244	'</body>'."\n".
245	'</html>', 'Banned Message');
246	// Database Upgrade For WP-Ban 1.11
247	add_option('banned_referers', $banned_referers, 'Banned Referers');
248	add_option('banned_exclude_ips', $banned_exclude_ips, 'Banned Exclude IP');
249	add_option('banned_ips_range', $banned_ips_range, 'Banned IP Range');
250	// Database Upgrade For WP-Ban 1.30
251	add_option('banned_user_agents', $banned_user_agents, 'Banned User Agents');
252	}
253	?>

Note: See TracBrowser for help on using the browser.

root/wp-ban/trunk/wp-ban.php

Download in other formats: