From f3f142a7a7b248b89b5bce017d87d42ffa3791c7 Sun, 12 Jun 2011 19:49:34 +0200 From: Bram Goffings Date: Sun, 12 Jun 2011 19:49:28 +0200 Subject: [PATCH] Ban as a module + doc cleanup diff --git a/includes/bootstrap.inc b/includes/bootstrap.inc index 17c8e83..c0ae771 100644 --- a/includes/bootstrap.inc +++ b/includes/bootstrap.inc @@ -1538,55 +1538,6 @@ } /** - * Check to see if an IP address has been blocked. - * - * Blocked IP addresses are stored in the database by default. However for - * performance reasons we allow an override in settings.php. This allows us - * to avoid querying the database at this critical stage of the bootstrap if - * an administrative interface for IP address blocking is not required. - * - * @param $ip - * IP address to check. - * @return bool - * TRUE if access is denied, FALSE if access is allowed. - */ -function drupal_is_denied($ip) { - // Because this function is called on every page request, we first check - // for an array of IP addresses in settings.php before querying the - // database. - $blocked_ips = variable_get('blocked_ips'); - $denied = FALSE; - if (isset($blocked_ips) && is_array($blocked_ips)) { - $denied = in_array($ip, $blocked_ips); - } - // Only check if database.inc is loaded already. If - // $conf['page_cache_without_database'] = TRUE; is set in settings.php, - // then the database won't be loaded here so the IPs in the database - // won't be denied. However the user asked explicitly not to use the - // database and also in this case it's quite likely that the user relies - // on higher performance solutions like a firewall. - elseif (class_exists('Database', FALSE)) { - $denied = (bool)db_query("SELECT 1 FROM {blocked_ips} WHERE ip = :ip", array(':ip' => $ip))->fetchField(); - } - return $denied; -} - -/** - * Handle denied users. - * - * @param $ip - * IP address to check. Prints a message and exits if access is denied. - */ -function drupal_block_denied($ip) { - // Deny access to blocked IP addresses - t() is not yet available. - if (drupal_is_denied($ip)) { - header($_SERVER['SERVER_PROTOCOL'] . ' 403 Forbidden'); - print 'Sorry, ' . check_plain(ip_address()) . ' has been banned.'; - exit(); - } -} - -/** * Returns a string of highly randomized bytes (over the full 8-bit range). * * This function is better than simply calling mt_rand() or any other built-in @@ -1948,7 +1899,6 @@ drupal_bootstrap(DRUPAL_BOOTSTRAP_VARIABLES, FALSE); $cache_enabled = variable_get('cache'); } - drupal_block_denied(ip_address()); // If there is no session cookie and cache is enabled (or forced), try // to serve a cached page. if (!isset($_COOKIE[session_name()]) && $cache_enabled) { diff --git a/modules/ban/ban.admin.inc b/modules/ban/ban.admin.inc new file mode 100644 index 0000000..138377b --- /dev/null +++ b/modules/ban/ban.admin.inc @@ -0,0 +1,119 @@ +ip, + l(t('delete'), "admin/config/people/ip-banning/delete/$ip->iid"), + ); + } + + $build['ban_ip_form'] = drupal_get_form('ban_ip_form', $default_ip); + + $build['ban_ip_banning_table'] = array( + '#theme' => 'table', + '#header' => $header, + '#rows' => $rows, + ); + + return $build; +} + +/** + * Defines the form for banning IP addresses. + * + * @see ban_ip_form_validate() + * @see ban_ip_form_submit() + * + * @ingroup forms + */ +function ban_ip_form($form, $form_state, $default_ip) { + $form['ip'] = array( + '#title' => t('IP address'), + '#type' => 'textfield', + '#size' => 48, + '#maxlength' => 40, + '#default_value' => $default_ip, + '#description' => t('Enter a valid IP address.'), + ); + $form['actions'] = array('#type' => 'actions'); + $form['actions']['submit'] = array( + '#type' => 'submit', + '#value' => t('Add'), + ); + $form['#submit'][] = 'ban_ip_form_submit'; + $form['#validate'][] = 'ban_ip_form_validate'; + return $form; +} + +/** + * Form validation handler for the ban ip form. + */ +function ban_ip_form_validate($form, &$form_state) { + $ip = trim($form_state['values']['ip']); + if (db_query("SELECT * FROM {banned_ips} WHERE ip = :ip", array(':ip' => $ip))->fetchField()) { + form_set_error('ip', t('This IP address is already banned.')); + } + elseif ($ip == ip_address()) { + form_set_error('ip', t('You may not block your own IP address.')); + } + elseif (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_RES_RANGE) == FALSE) { + form_set_error('ip', t('Enter a valid IP address.')); + } +} + +/** + * Form submit handler for the ban ip form. + */ +function ban_ip_form_submit($form, &$form_state) { + $ip = trim($form_state['values']['ip']); + db_insert('banned_ips') + ->fields(array('ip' => $ip)) + ->execute(); + drupal_set_message(t('The IP address %ip has been banned.', array('%ip' => $ip))); + $form_state['redirect'] = 'admin/config/people/ip-banning'; + return; +} + +/** + * IP deletion confirm page. + * + * @see ban_ip_delete_submit() + */ +function ban_ip_delete($form, &$form_state, $iid) { + $form['banned_ip'] = array( + '#type' => 'value', + '#value' => $iid, + ); + return confirm_form($form, t('Are you sure you want to delete %ip?', array('%ip' => $iid['ip'])), 'admin/config/people/ip-banning', t('This action cannot be undone.'), t('Delete'), t('Cancel')); +} + +/** + * Processes ban_ip_delete form submissions. + */ +function ban_ip_delete_submit($form, &$form_state) { + $banned_ip = $form_state['values']['banned_ip']; + db_delete('banned_ips') + ->condition('iid', $banned_ip['iid']) + ->execute(); + watchdog('user', 'Deleted %ip', array('%ip' => $banned_ip['ip'])); + drupal_set_message(t('The IP address %ip was deleted.', array('%ip' => $banned_ip['ip']))); + $form_state['redirect'] = 'admin/config/people/ip-banning'; +} + + diff --git a/modules/ban/ban.info b/modules/ban/ban.info new file mode 100644 index 0000000..24da3ed --- /dev/null +++ b/modules/ban/ban.info @@ -0,0 +1,7 @@ +name = Ban +description = Enables banning of IP addresses. +package = Core +version = VERSION +core = 8.x + +files[] = ban.test diff --git a/modules/ban/ban.install b/modules/ban/ban.install new file mode 100644 index 0000000..68c18d1 --- /dev/null +++ b/modules/ban/ban.install @@ -0,0 +1,37 @@ + 'Stores banned IP addresses.', + 'fields' => array( + 'iid' => array( + 'description' => 'Primary Key: unique ID for IP addresses.', + 'type' => 'serial', + 'unsigned' => TRUE, + 'not null' => TRUE, + ), + 'ip' => array( + 'description' => 'IP address', + 'type' => 'varchar', + 'length' => 40, + 'not null' => TRUE, + 'default' => '', + ), + ), + 'indexes' => array( + 'ip' => array('ip'), + ), + 'primary key' => array('iid'), + ); + + return $schema; +} diff --git a/modules/ban/ban.module b/modules/ban/ban.module new file mode 100644 index 0000000..deb0ee4 --- /dev/null +++ b/modules/ban/ban.module @@ -0,0 +1,146 @@ +' . t('IP addresses listed here are banned from your site. Banned addresses are completely forbidden from accessing the site and instead see a brief message explaining the situation.') . '

'; + } +} + +/** + * Implements hook_permission(). + */ +function ban_permission() { + return array( + 'ban IP addresses' => array( + 'title' => t('Ban IP addresses'), + ), + ); +} + +/** + * Implements hook_menu(). + */ +function ban_menu() { + $items = array(); + $items['admin/config/people/ban'] = array( + 'title' => 'IP address bans', + 'description' => 'Manage banned IP addresses.', + 'page callback' => 'ban_page', + 'access arguments' => array('ban IP addresses'), + 'file' => 'ban.admin.inc', + 'weight' => 10, + ); + $items['admin/config/people/ban/delete/%ban_ip'] = array( + 'title' => 'Delete IP address', + 'page callback' => 'drupal_get_form', + 'page arguments' => array('ban_ip_delete', 5), + 'access arguments' => array('ban IP addresses'), + 'file' => 'ban.admin.inc', + ); + + return $items; +} + +/** + * Implements hook_boot(). + */ +function ban_boot() { + ban_block_denied(ip_address()); +} + +/** + * Checks to see if an IP address has been blocked. + * + * Blocked IP addresses are stored in the database by default. However for + * performance reasons we allow an override in variables. + * + * @param $ip + * IP address to check. + * + * @return bool + * TRUE if access is denied, FALSE if access is allowed. + */ +function ban_is_denied($ip) { + // Because this function is called on every page request, we first check + // for an array of IP addresses in settings.php before querying the + // database. + $blocked_ips = variable_get('blocked_ips'); + $denied = FALSE; + if (isset($blocked_ips) && is_array($blocked_ips)) { + $denied = in_array($ip, $blocked_ips); + } + // Only check if database.inc is loaded already. If + // $conf['page_cache_without_database'] = TRUE; is set in settings.php, + // then the database won't be loaded here so the IPs in the database + // won't be denied. However the user asked explicitly not to use the + // database and also in this case it's quite likely that the user relies + // on higher performance solutions like a firewall. + else { + $denied = (bool)db_query("SELECT 1 FROM {banned_ips} WHERE ip = :ip", array(':ip' => $ip))->fetchField(); + } + return $denied; +} + +/** + * Handles denied users. + * + * @param $ip + * IP address to check. Prints a message and exits if access is denied. + */ +function ban_block_denied($ip) { + // Deny access to blocked IP addresses - t() is not yet available. + if (ban_is_denied($ip)) { + header($_SERVER['SERVER_PROTOCOL'] . ' 403 Forbidden'); + print 'Sorry, ' . check_plain(ip_address()) . ' has been banned.'; + exit(); + } +} + +/** + * Retrieves a banned IP address from the database. + * + * @param $iid integer + * The ID of the banned IP address to retrieve. + * + * @return + * The banned IP address from the database as an array. + */ +function ban_ip_load($iid) { + return db_query("SELECT * FROM {banned_ips} WHERE iid = :iid", array(':iid' => $iid))->fetchAssoc(); +} + +/** + * Implements hook_action_info(). + */ +function ban_action_info() { + return array( + 'ban_ip_action' => array( + 'type' => 'user', + 'label' => t('Ban IP address of current user'), + 'configurable' => FALSE, + 'triggers' => array('any'), + ), + ); +} + +/** + * Bans the current user's IP address. + * + * @ingroup actions + */ +function ban_ip_action() { + $ip = ip_address(); + db_insert('blocked_ips') + ->fields(array('ip' => $ip)) + ->execute(); + watchdog('action', 'Banned IP address %ip', array('%ip' => $ip)); +} diff --git a/modules/ban/ban.test b/modules/ban/ban.test new file mode 100644 index 0000000..b211e75 --- /dev/null +++ b/modules/ban/ban.test @@ -0,0 +1,83 @@ + 'IP address banning', + 'description' => 'Test IP address banning.', + 'group' => 'Ban' + ); + } + + /** + * Implements setUp(). + */ + function setUp() { + parent::setUp('ban'); + } + + /** + * Test a variety of user input to confirm correct validation and saving of data. + */ + function testIPAddressValidation() { + // Create user. + $this->banning_user = $this->drupalCreateUser(array('ban IP addresses')); + $this->drupalLogin($this->banning_user); + $this->drupalGet('admin/config/people/ban'); + + // Block a valid IP address. + $edit = array(); + $edit['ip'] = '192.168.1.1'; + $this->drupalPost('admin/config/people/ban', $edit, t('Add')); + $ip = db_query("SELECT iid from {banned_ips} WHERE ip = :ip", array(':ip' => $edit['ip']))->fetchField(); + $this->assertTrue($ip, t('IP address found in database.')); + $this->assertRaw(t('The IP address %ip has been banned.', array('%ip' => $edit['ip'])), t('IP address was blocked.')); + + // Try to block an IP address that's already banned. + $edit = array(); + $edit['ip'] = '192.168.1.1'; + $this->drupalPost('admin/config/people/ban', $edit, t('Add')); + $this->assertText(t('This IP address is already banned.')); + + // Try to block a reserved IP address. + $edit = array(); + $edit['ip'] = '255.255.255.255'; + $this->drupalPost('admin/config/people/ban', $edit, t('Add')); + $this->assertText(t('Enter a valid IP address.')); + + // Try to block a reserved IP address. + $edit = array(); + $edit['ip'] = 'test.example.com'; + $this->drupalPost('admin/config/people/ban', $edit, t('Add')); + $this->assertText(t('Enter a valid IP address.')); + + // Submit an empty form. + $edit = array(); + $edit['ip'] = ''; + $this->drupalPost('admin/config/people/ban', $edit, t('Add')); + $this->assertText(t('Enter a valid IP address.')); + + // Pass an IP address as a URL parameter and submit it. + $submit_ip = '1.2.3.4'; + $this->drupalPost('admin/config/people/ban/' . $submit_ip, NULL, t('Add')); + $ip = db_query("SELECT iid from {banned_ips} WHERE ip = :ip", array(':ip' => $submit_ip))->fetchField(); + $this->assertTrue($ip, t('IP address found in database')); + $this->assertRaw(t('The IP address %ip has been banned.', array('%ip' => $submit_ip)), t('IP address was blocked.')); + + // Submit your own IP address. This fails, although it works when testing manually. + // TODO: on some systems this test fails due to a bug or inconsistency in cURL. + // $edit = array(); + // $edit['ip'] = ip_address(); + // $this->drupalPost('admin/config/people/ban', $edit, t('Save')); + // $this->assertText(t('You may not block your own IP address.')); + } +} diff --git a/modules/statistics/statistics.admin.inc b/modules/statistics/statistics.admin.inc index 6606b8b..a5f2c3e 100644 --- a/modules/statistics/statistics.admin.inc +++ b/modules/statistics/statistics.admin.inc @@ -101,7 +101,7 @@ array('data' => user_access('block IP addresses') ? t('Operations') : '', 'colspan' => 2), ); $query = db_select('accesslog', 'a', array('target' => 'slave'))->extend('PagerDefault')->extend('TableSort'); - $query->leftJoin('blocked_ips', 'bl', 'a.hostname = bl.ip'); + $query->leftJoin('banned_ips', 'b', 'a.hostname = b.ip'); $query->leftJoin('users', 'u', 'a.uid = u.uid'); $query->addExpression('COUNT(a.uid)', 'hits'); @@ -109,11 +109,11 @@ $query ->fields('a', array('uid', 'hostname')) ->fields('u', array('name')) - ->fields('bl', array('iid')) + ->fields('b', array('iid')) ->groupBy('a.hostname') ->groupBy('a.uid') ->groupBy('u.name') - ->groupBy('bl.iid') + ->groupBy('b.iid') ->limit(30) ->orderByHeader($header); @@ -127,8 +127,8 @@ $rows = array(); $destination = drupal_get_destination(); foreach ($result as $account) { - $ban_link = $account->iid ? l(t('unblock IP address'), "admin/config/people/ip-blocking/delete/$account->iid", array('query' => $destination)) : l(t('block IP address'), "admin/config/people/ip-blocking/$account->hostname", array('query' => $destination)); - $rows[] = array($account->hits, ($account->uid ? theme('username', array('account' => $account)) : $account->hostname), format_interval(round($account->total / 1000)), (user_access('block IP addresses') && !$account->uid) ? $ban_link : ''); + $ban_link = $account->iid ? l(t('unban IP address'), "admin/config/people/ban/delete/$account->iid", array('query' => $destination)) : l(t('ban IP address'), "admin/config/people/ban/$account->hostname", array('query' => $destination)); + $rows[] = array($account->hits, ($account->uid ? theme('username', array('account' => $account)) : $account->hostname), format_interval(round($account->total / 1000)), (user_access('ban IP addresses') && !$account->uid) ? $ban_link : ''); } drupal_set_title(t('Top visitors in the past %interval', array('%interval' => format_interval(variable_get('statistics_flush_accesslog_timer', 259200)))), PASS_THROUGH); diff --git a/modules/statistics/statistics.info b/modules/statistics/statistics.info index e7add60..07722f2 100644 --- a/modules/statistics/statistics.info +++ b/modules/statistics/statistics.info @@ -5,3 +5,4 @@ core = 8.x files[] = statistics.test configure = admin/config/system/statistics +dependencies[] = ban diff --git a/modules/statistics/statistics.test b/modules/statistics/statistics.test index 126828f..7e87d6b 100644 --- a/modules/statistics/statistics.test +++ b/modules/statistics/statistics.test @@ -18,7 +18,7 @@ 'access administration pages', 'access site reports', 'access statistics', - 'block IP addresses', + 'ban IP addresses', 'administer blocks', 'administer statistics', 'administer users', @@ -215,8 +215,8 @@ class StatisticsBlockVisitorsTestCase extends StatisticsTestCase { public static function getInfo() { return array( - 'name' => 'Top visitor blocking', - 'description' => 'Tests blocking of IP addresses via the top visitors report.', + 'name' => 'Top visitor banning', + 'description' => 'Tests banning of IP addresses via the top visitors report.', 'group' => 'Statistics' ); } @@ -233,28 +233,28 @@ $this->drupalLogin($this->blocking_user); $this->drupalGet('admin/reports/visitors'); $this->assertText($test_ip_address, t('IP address found.')); - $this->assertText(t('block IP address'), t('Block IP link displayed')); + $this->assertText(t('ban IP address'), t('Ban IP link displayed')); // Block the IP address. - $this->clickLink('block IP address'); - $this->assertText(t('IP address blocking'), t('IP blocking page displayed.')); + $this->clickLink('ban IP address'); + $this->assertText(t('IP address bans'), t('IP banning page displayed.')); $edit = array(); $edit['ip'] = $test_ip_address; - $this->drupalPost('admin/config/people/ip-blocking', $edit, t('Add')); - $ip = db_query("SELECT iid from {blocked_ips} WHERE ip = :ip", array(':ip' => $edit['ip']))->fetchField(); + $this->drupalPost('admin/config/people/ban', $edit, t('Add')); + $ip = db_query("SELECT iid from {banned_ips} WHERE ip = :ip", array(':ip' => $edit['ip']))->fetchField(); $this->assertNotEqual($ip, FALSE, t('IP address found in database')); - $this->assertRaw(t('The IP address %ip has been blocked.', array('%ip' => $edit['ip'])), t('IP address was blocked.')); + $this->assertRaw(t('The IP address %ip has been banned.', array('%ip' => $edit['ip'])), t('IP address was banned.')); // Verify that the block/unblock link on the top visitors page has been // altered. $this->drupalGet('admin/reports/visitors'); - $this->assertText(t('unblock IP address'), t('Unblock IP address link displayed')); + $this->assertText(t('unban IP address'), t('Unban IP address link displayed')); // Unblock the IP address. - $this->clickLink('unblock IP address'); + $this->clickLink('unban IP address'); $this->assertRaw(t('Are you sure you want to delete %ip?', array('%ip' => $test_ip_address)), t('IP address deletion confirmation found.')); $edit = array(); - $this->drupalPost('admin/config/people/ip-blocking/delete/1', NULL, t('Delete')); + $this->drupalPost('admin/config/people/ban/delete/1', NULL, t('Delete')); $this->assertRaw(t('The IP address %ip was deleted.', array('%ip' => $test_ip_address)), t('IP address deleted.')); } } diff --git a/modules/system/system.admin.inc b/modules/system/system.admin.inc index 9e7d69d..f938104 100644 --- a/modules/system/system.admin.inc +++ b/modules/system/system.admin.inc @@ -1338,110 +1338,6 @@ } /** - * Menu callback. Display blocked IP addresses. - * - * @param $default_ip - * Optional IP address to be passed on to drupal_get_form() for - * use as the default value of the IP address form field. - */ -function system_ip_blocking($default_ip = '') { - $rows = array(); - $header = array(t('Blocked IP addresses'), t('Operations')); - $result = db_query('SELECT * FROM {blocked_ips}'); - foreach ($result as $ip) { - $rows[] = array( - $ip->ip, - l(t('delete'), "admin/config/people/ip-blocking/delete/$ip->iid"), - ); - } - - $build['system_ip_blocking_form'] = drupal_get_form('system_ip_blocking_form', $default_ip); - - $build['system_ip_blocking_table'] = array( - '#theme' => 'table', - '#header' => $header, - '#rows' => $rows, - ); - - return $build; -} - -/** - * Define the form for blocking IP addresses. - * - * @ingroup forms - * @see system_ip_blocking_form_validate() - * @see system_ip_blocking_form_submit() - */ -function system_ip_blocking_form($form, $form_state, $default_ip) { - $form['ip'] = array( - '#title' => t('IP address'), - '#type' => 'textfield', - '#size' => 48, - '#maxlength' => 40, - '#default_value' => $default_ip, - '#description' => t('Enter a valid IP address.'), - ); - $form['actions'] = array('#type' => 'actions'); - $form['actions']['submit'] = array( - '#type' => 'submit', - '#value' => t('Add'), - ); - $form['#submit'][] = 'system_ip_blocking_form_submit'; - $form['#validate'][] = 'system_ip_blocking_form_validate'; - return $form; -} - -function system_ip_blocking_form_validate($form, &$form_state) { - $ip = trim($form_state['values']['ip']); - if (db_query("SELECT * FROM {blocked_ips} WHERE ip = :ip", array(':ip' => $ip))->fetchField()) { - form_set_error('ip', t('This IP address is already blocked.')); - } - elseif ($ip == ip_address()) { - form_set_error('ip', t('You may not block your own IP address.')); - } - elseif (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_RES_RANGE) == FALSE) { - form_set_error('ip', t('Enter a valid IP address.')); - } -} - -function system_ip_blocking_form_submit($form, &$form_state) { - $ip = trim($form_state['values']['ip']); - db_insert('blocked_ips') - ->fields(array('ip' => $ip)) - ->execute(); - drupal_set_message(t('The IP address %ip has been blocked.', array('%ip' => $ip))); - $form_state['redirect'] = 'admin/config/people/ip-blocking'; - return; -} - -/** - * IP deletion confirm page. - * - * @see system_ip_blocking_delete_submit() - */ -function system_ip_blocking_delete($form, &$form_state, $iid) { - $form['blocked_ip'] = array( - '#type' => 'value', - '#value' => $iid, - ); - return confirm_form($form, t('Are you sure you want to delete %ip?', array('%ip' => $iid['ip'])), 'admin/config/people/ip-blocking', t('This action cannot be undone.'), t('Delete'), t('Cancel')); -} - -/** - * Process system_ip_blocking_delete form submissions. - */ -function system_ip_blocking_delete_submit($form, &$form_state) { - $blocked_ip = $form_state['values']['blocked_ip']; - db_delete('blocked_ips') - ->condition('iid', $blocked_ip['iid']) - ->execute(); - watchdog('user', 'Deleted %ip', array('%ip' => $blocked_ip['ip'])); - drupal_set_message(t('The IP address %ip was deleted.', array('%ip' => $blocked_ip['ip']))); - $form_state['redirect'] = 'admin/config/people/ip-blocking'; -} - -/** * Form builder; The general site information form. * * @ingroup forms diff --git a/modules/system/system.install b/modules/system/system.install index 6d80c43..ab9ab3b 100644 --- a/modules/system/system.install +++ b/modules/system/system.install @@ -615,29 +615,6 @@ ), ); - $schema['blocked_ips'] = array( - 'description' => 'Stores blocked IP addresses.', - 'fields' => array( - 'iid' => array( - 'description' => 'Primary Key: unique ID for IP addresses.', - 'type' => 'serial', - 'unsigned' => TRUE, - 'not null' => TRUE, - ), - 'ip' => array( - 'description' => 'IP address', - 'type' => 'varchar', - 'length' => 40, - 'not null' => TRUE, - 'default' => '', - ), - ), - 'indexes' => array( - 'blocked_ip' => array('ip'), - ), - 'primary key' => array('iid'), - ); - $schema['cache'] = array( 'description' => 'Generic cache table for caching things not separated out into their own tables. Contributed modules may also use this to store cached items.', 'fields' => array( diff --git a/modules/system/system.module b/modules/system/system.module index 3ebc657..50f9de6 100644 --- a/modules/system/system.module +++ b/modules/system/system.module @@ -134,8 +134,6 @@ return $output; case 'admin/config/system/actions/configure': return t('An advanced action offers additional configuration options which may be filled out below. Changing the Description field is recommended, in order to better identify the precise action taking place. This description will be displayed in modules such as the Trigger module when assigning actions to system events, so it is best if it is as descriptive as possible (for example, "Send e-mail to Moderation Team" rather than simply "Send e-mail").'); - case 'admin/config/people/ip-blocking': - return '

' . t('IP addresses listed here are blocked from your site. Blocked addresses are completely forbidden from accessing the site and instead see a brief message explaining the situation.') . '

'; case 'admin/reports/status': return '

' . t("Here you can find a short overview of your site's parameters as well as any problems detected with your installation. It may be useful to copy and paste this information into support requests filed on drupal.org's support forums and project issue queues.") . '

'; } @@ -235,9 +233,6 @@ ), 'access site reports' => array( 'title' => t('View site reports'), - ), - 'block IP addresses' => array( - 'title' => t('Block IP addresses'), ), ); } @@ -686,23 +681,6 @@ 'description' => 'Administer settings.', 'page callback' => 'system_admin_config_page', 'access arguments' => array('access administration pages'), - 'file' => 'system.admin.inc', - ); - - // IP address blocking. - $items['admin/config/people/ip-blocking'] = array( - 'title' => 'IP address blocking', - 'description' => 'Manage blocked IP addresses.', - 'page callback' => 'system_ip_blocking', - 'access arguments' => array('block IP addresses'), - 'file' => 'system.admin.inc', - 'weight' => 10, - ); - $items['admin/config/people/ip-blocking/delete/%blocked_ip'] = array( - 'title' => 'Delete IP address', - 'page callback' => 'drupal_get_form', - 'page arguments' => array('system_ip_blocking_delete', 5), - 'access arguments' => array('block IP addresses'), 'file' => 'system.admin.inc', ); @@ -1667,19 +1645,6 @@ } return $wrappers; -} - -/** - * Retrieve a blocked IP address from the database. - * - * @param $iid integer - * The ID of the blocked IP address to retrieve. - * - * @return - * The blocked IP address from the database as an array. - */ -function blocked_ip_load($iid) { - return db_query("SELECT * FROM {blocked_ips} WHERE iid = :iid", array(':iid' => $iid))->fetchAssoc(); } /** @@ -3048,12 +3013,6 @@ 'configurable' => TRUE, 'triggers' => array('any'), ), - 'system_block_ip_action' => array( - 'type' => 'user', - 'label' => t('Ban IP address of current user'), - 'configurable' => FALSE, - 'triggers' => array('any'), - ), 'system_goto_action' => array( 'type' => 'system', 'label' => t('Redirect to URL'), @@ -3272,19 +3231,6 @@ */ function system_goto_action($entity, $context) { drupal_goto(token_replace($context['url'], $context)); -} - -/** - * Blocks the current user's IP address. - * - * @ingroup actions - */ -function system_block_ip_action() { - $ip = ip_address(); - db_insert('blocked_ips') - ->fields(array('ip' => $ip)) - ->execute(); - watchdog('action', 'Banned IP address %ip', array('%ip' => $ip)); } /** diff --git a/modules/system/system.test b/modules/system/system.test index 3ce5177..cba89a2 100644 --- a/modules/system/system.test +++ b/modules/system/system.test @@ -485,85 +485,6 @@ } } -class IPAddressBlockingTestCase extends DrupalWebTestCase { - protected $blocking_user; - - /** - * Implement getInfo(). - */ - public static function getInfo() { - return array( - 'name' => 'IP address blocking', - 'description' => 'Test IP address blocking.', - 'group' => 'System' - ); - } - - /** - * Implement setUp(). - */ - function setUp() { - parent::setUp(); - - // Create user. - $this->blocking_user = $this->drupalCreateUser(array('block IP addresses')); - $this->drupalLogin($this->blocking_user); - } - - /** - * Test a variety of user input to confirm correct validation and saving of data. - */ - function testIPAddressValidation() { - $this->drupalGet('admin/config/people/ip-blocking'); - - // Block a valid IP address. - $edit = array(); - $edit['ip'] = '192.168.1.1'; - $this->drupalPost('admin/config/people/ip-blocking', $edit, t('Add')); - $ip = db_query("SELECT iid from {blocked_ips} WHERE ip = :ip", array(':ip' => $edit['ip']))->fetchField(); - $this->assertTrue($ip, t('IP address found in database.')); - $this->assertRaw(t('The IP address %ip has been blocked.', array('%ip' => $edit['ip'])), t('IP address was blocked.')); - - // Try to block an IP address that's already blocked. - $edit = array(); - $edit['ip'] = '192.168.1.1'; - $this->drupalPost('admin/config/people/ip-blocking', $edit, t('Add')); - $this->assertText(t('This IP address is already blocked.')); - - // Try to block a reserved IP address. - $edit = array(); - $edit['ip'] = '255.255.255.255'; - $this->drupalPost('admin/config/people/ip-blocking', $edit, t('Add')); - $this->assertText(t('Enter a valid IP address.')); - - // Try to block a reserved IP address. - $edit = array(); - $edit['ip'] = 'test.example.com'; - $this->drupalPost('admin/config/people/ip-blocking', $edit, t('Add')); - $this->assertText(t('Enter a valid IP address.')); - - // Submit an empty form. - $edit = array(); - $edit['ip'] = ''; - $this->drupalPost('admin/config/people/ip-blocking', $edit, t('Add')); - $this->assertText(t('Enter a valid IP address.')); - - // Pass an IP address as a URL parameter and submit it. - $submit_ip = '1.2.3.4'; - $this->drupalPost('admin/config/people/ip-blocking/' . $submit_ip, NULL, t('Add')); - $ip = db_query("SELECT iid from {blocked_ips} WHERE ip = :ip", array(':ip' => $submit_ip))->fetchField(); - $this->assertTrue($ip, t('IP address found in database')); - $this->assertRaw(t('The IP address %ip has been blocked.', array('%ip' => $submit_ip)), t('IP address was blocked.')); - - // Submit your own IP address. This fails, although it works when testing manually. - // TODO: on some systems this test fails due to a bug or inconsistency in cURL. - // $edit = array(); - // $edit['ip'] = ip_address(); - // $this->drupalPost('admin/config/people/ip-blocking', $edit, t('Save')); - // $this->assertText(t('You may not block your own IP address.')); - } -} - class CronRunTestCase extends DrupalWebTestCase { /** * Implement getInfo().