***********************
** FILE NAME : abuse.php
** SYSTEM NAME : Gnucomo - Gnu Computer Monitoring
-** VERSION NUMBER : $Revision: 1.4 $
+** VERSION NUMBER : $Revision: 1.5 $
**
** DESCRIPTION : Abuse list page
**
/*****************************
$Log: abuse.php,v $
- Revision 1.4 2007-11-21 14:38:06 arjen
+ Revision 1.5 2007-12-10 16:29:59 arjen
+ When blocking a subnet, maintain the references to the log table from
+ all IP addresses in that subnet.
+
+ Revision 1.4 2007/11/21 14:38:06 arjen
The buttonbar at the top of each page is now a fixed 'div' element
instead of a framed page.
Contributed by Edwin Nadorp.
******************************/
-// RCSID = "$Id: abuse.php,v 1.4 2007-11-21 14:38:06 arjen Exp $";
+// RCSID = "$Id: abuse.php,v 1.5 2007-12-10 16:29:59 arjen Exp $";
ini_set('include_path', '.:./classes:../phpclasses');
{
if (!empty($_GET['oid']))
{
+ $ObjectId = $_GET['oid'];
+
$res = pg_exec($this->database, "SELECT objectname FROM object
WHERE objectid=CAST('" . $_GET['oid']."' AS BIGINT)");
$obj = pg_fetch_object($res, 0);
echo "<table>";
echo "<tr><th>IP address</th><th>Abuses</th><th>Status</th></tr>\n";
- for ($ip = 0; $ip < pg_numrows($res); $ip++)
+ for ($ip = 0; $ip < pg_num_rows($res); $ip++)
{
$abuse = pg_fetch_object($res, $ip);
echo "<tr><td>";
// Block an entire subnet and remove the addresses from the list
$Subnet = $_POST['subnet'];
- pg_exec($this->database, "DELETE FROM object_abuse WHERE objectid = '" . $_GET['oid']
+ pg_exec($this->database, "DELETE FROM object_abuse WHERE objectid = '$ObjectId"
. "' AND source << '$Subnet'");
- $abuse_points = 8;
- pg_exec($this->database, "INSERT INTO object_abuse VALUES ('" . $_GET['oid'] .
+ pg_exec($this->database, "UPDATE log_abuse set source='$Subnet'
+ WHERE objectid='$ObjectId' AND source << '$Subnet'");
+ $res = pg_exec($this->database, "SELECT logid FROM log_abuse
+ WHERE objectid='$ObjectId' AND source = '$Subnet'");
+ $abuse_points = pg_num_rows($res);
+ pg_exec($this->database, "INSERT INTO object_abuse VALUES ('$ObjectId" .
"', '$Subnet', '$abuse_points', 'dropped', NOW())");
}
for ($row = 0; $row < pg_numrows($res); $row++)
{
$log = pg_fetch_object($res, $row);
- //$log = pg_fetch_object(pg_exec($this->database, "SELECT rawdata FROM log WHERE logid=" . $logid->logid), 0);
echo "<tr><td>";
echo $log->object_timestamp;
echo "</td><td>";
}
else
{
- echo "<form method='post' action='abuse.php'>";
+ echo "<form method='post' action='abuse.php?oid=$ObjectId'>";
echo "Report <input type='submit' name='ACTION' value='Abuse'>";
echo " for IP address <input type='text' name='source'>";
echo " or <input type='submit' name='ACTION' value='Whitelist'>";
echo " with status <input type='text' name='status'>";
echo "</form>";
- echo "<form method='post' action='abuse.php'>";
+ echo "<form method='post' action='abuse.php?oid=$ObjectId'>";
echo "<input type='submit' name='ACTION' value='Investigate'>";
echo " or <input type='submit' name='ACTION' value='Block'>";
echo " this subnet: <input type='text' name='subnet'>";