? ban.diff ? files ? phpinfo.php ? replace.php ? simpletest ? upload.module.patch_1.txt ? modules/policy ? sites/me.drboot ? sites/me.drhead ? sites/mwpb-2.local.drhead Index: includes/bootstrap.inc =================================================================== RCS file: /cvs/drupal/drupal/includes/bootstrap.inc,v retrieving revision 1.50 diff -F^f -u -r1.50 bootstrap.inc --- includes/bootstrap.inc 21 May 2005 11:33:03 -0000 1.50 +++ includes/bootstrap.inc 2 Jun 2005 05:53:19 -0000 @@ -793,4 +793,11 @@ function drupal_get_messages() { // Initialize configuration variables, using values from conf.php if available. $conf = variable_init(isset($conf) ? $conf : array()); +// deny access to hosts which were blocked via statistics admin page. t() is not yet available. +if (in_array($_SERVER["REMOTE_ADDR"], variable_get('blocked_hosts', array()))) { + header('HTTP/1.0 403 Forbidden'); + print "Sorry, ". $_SERVER['REMOTE_ADDR']. " has been blocked for excessive activity."; + exit(); +} + ?> Index: modules/statistics.module =================================================================== RCS file: /cvs/drupal/drupal/modules/statistics.module,v retrieving revision 1.194 diff -F^f -u -r1.194 statistics.module --- modules/statistics.module 31 May 2005 21:14:26 -0000 1.194 +++ modules/statistics.module 2 Jun 2005 05:53:20 -0000 @@ -47,6 +47,8 @@ function statistics_help($section) { return t('

This page shows you the most recent hits.

'); case 'admin/logs/referrers': return t('

This page shows you all external referrers. These are links pointing to your web site from outside your web site.

'); + case 'admin/logs/visitors': + return t('

When you ban a visitor, you prevent his IP address from accessing your site. Unlike blocking a user, banning a visitor works even for anonymous users. The most common use for this is to block bots/web crawlers that are consuming too many resources.

'); } } @@ -116,7 +118,13 @@ function statistics_menu($may_cache) { 'weight' => 1); $items[] = array('path' => 'admin/logs/visitors', 'title' => t('top visitors'), 'callback' => 'statistics_top_visitors', 'access' => $access, - 'weight' => 2); + 'weight' => 2, 'type' => MENU_NORMAL_ITEM); + $items[] = array('path' => 'admin/logs/visitors/list', 'title' => t('top visitors'), + 'callback' => 'statistics_top_visitors', 'access' => $access, + 'weight' => 2, 'type' => MENU_DEFAULT_LOCAL_TASK); + $items[] = array('path' => 'admin/logs/visitors/ban', 'title' => t('ban list'), + 'callback' => 'statistics_ban', 'access' => $access, + 'weight' => 5, 'type' => MENU_LOCAL_TASK); $items[] = array('path' => 'admin/logs/referrers', 'title' => t('referrers'), 'callback' => 'statistics_top_referrers', 'access' => $access); $items[] = array('path' => 'admin/logs/access', 'title' => t('details'), @@ -281,6 +289,7 @@ function statistics_top_visitors() { array('data' => t('Hits'), 'field' => 'hits', 'sort' => 'desc'), array('data' => t('Visitor'), 'field' => 'u.name'), array('data' => t('Total page generation time'), 'field' => 'total'), + array('data' => t('Operations')) ); $sql = "SELECT COUNT(a.uid) AS hits, a.uid, u.name, a.hostname, SUM(a.timer) AS total FROM {accesslog} a LEFT JOIN {users} u ON a.uid = u.uid GROUP BY a.hostname". tablesort_sql($header); @@ -288,11 +297,11 @@ function statistics_top_visitors() { $result = pager_query($sql, 30, 0, $sql_cnt); while ($account = db_fetch_object($result)) { - $rows[] = array($account->hits, ($account->uid ? format_name($account) : $account->hostname), format_interval(round($account->total / 1000))); + $rows[] = array($account->hits, ($account->uid ? format_name($account) : $account->hostname), format_interval(round($account->total / 1000)), l(t('ban'), "admin/logs/visitors/ban/$account->hostname")); } if ($pager = theme('pager', NULL, 30, 0, tablesort_pager())) { - $rows[] = array(array('data' => $pager, 'colspan' => '3')); + $rows[] = array(array('data' => $pager, 'colspan' => '4')); } drupal_set_title(t('Top visitors in the past %interval', array('%interval' => format_interval(variable_get('statistics_flush_accesslog_timer', 259200))))); @@ -389,6 +398,53 @@ function statistics_title_list($dbfield, } /** + * Ban a host from the site. + * + * @param $hostname + * an IP address + * + */ +function statistics_ban($hostname = NULL, $op = 'ban') { + if ($hostname = check_plain($hostname)) { + if ($edit = $_POST['edit']) { + $list = variable_get('banned_hosts', array()); + if ($op == 'ban') { + $list[$hostname] = time(); + drupal_set_message(t('%host added to ban list.', array('%host' => $hostname))); + } + else { + unset($list[$hostname]); + drupal_set_message(t('%host removed from ban list.', array('%host' => $hostname))); + } + variable_set('banned_hosts', $list); + } + else { + $output = theme('confirm', + t('Are you sure you want to %op the hostname %name ?', array('%name' => theme('placeholder', $hostname), '%op' => theme('placeholder', $op))), + 'admin/logs/visitors', + $op == 'ban' ? t('you may unban this host at any time using this page.') : '', + $op == 'ban' ? t('Ban') : t('Unban'), + t('Cancel') + ); + } + } + $output .= statistics_ban_list(); + return $output; +} + +function statistics_ban_list() { + $header = array(t('Host'), t('Ban date'), t('Operations')); + $list = variable_get('banned_hosts', array()); + foreach ($list as $host => $time) { + $rows[] = array($host, format_interval(time()-$time), l(t('unban'), "admin/logs/visitors/ban/$host/unban")); + } + if (!$rows) { + $rows[] = array(array('data' => t('no banned hosts'), 'colspan' => 3)); + } + return theme('table', $header, $rows); +} + +/** * Retrieves a node's "view statistics". * * @param $nid