<?php require 'lib/function.php'; $windowtitle = "$boardname -- Online users"; require 'lib/layout.php'; /* if (empty($_COOKIE) && $_SERVER['HTTP_REFERER'] == "http://jul.rustedlogic.net/") { // Some lame botnet that keeps refreshing this page every second or so. xk_ircsend("102|". date("Y-m-d h:i:s") ." - ".xk(7)."IP address ". xk(8) . $_SERVER['REMOTE_ADDR'] . xk(7) ." is being weird. ". xk(5) ."(UA: ". $_SERVER['HTTP_USER_AGENT'] .")"); header("Location: http://". $_SERVER['REMOTE_ADDR'] ."/"); die("Fuck off, forever."); } if (empty($_COOKIE)) { // Some lame botnet that keeps refreshing this page every second or so. xk_ircsend("102|". date("Y-m-d h:i:s") ." - ".xk(7)."IP address ". xk(8) . $_SERVER['REMOTE_ADDR'] . xk(7) ." is being slightly less weird, but still weird. ". xk(5) ."(UA: ". $_SERVER['HTTP_USER_AGENT'] .")"); header("Location: http://". $_SERVER['REMOTE_ADDR'] ."/"); die("Don't be weird."); } */ $time = filter_int($_GET['time']) ? $_GET['time'] : 300; // FOR THE LOVE OF GOD XKEEPER JUST GIVE ME ~NUKE ACCESS $banorama = ($loguser['id'] == 1 || $loguser['id'] == 2100); if ($banorama && filter_string($_GET['banip']) && filter_string($_GET['valid']) == md5($_GET['banip'] . "aglkdgslhkadgshlkgds")) { $sql->query("INSERT INTO `ipbans` SET `ip` = '". $_GET['banip'] ."', `reason`='online.php ban', `date` = '". ctime() ."', `banner` = '$loguserid'") or print mysql_error(); // if ($_GET['uid']) mysql_query("UPDATE `users` SET `powerlevel` = -1, `title` = 'Banned; account hijacked. Contact admin via PM to change it.' WHERE `id` = '". $_GET['uid'] ."'") or print mysql_error(); xk_ircsend("1|". xk(8) . $loguser['name'] . xk(7) ." added IP ban for ". xk(8) . $_GET['banip'] . xk(7) ."."); return header("Location: online.php?m=1"); } $sort = filter_bool($_GET['sort']); $lnk = '<a href=online.php'. ($sort ? "?sort=1&" : '?') .'time'; print " $header$smallfont Show online users during the last: $lnk=60>minute</a> | $lnk=300>5 minutes</a> | $lnk=900>15 minutes</a> | $lnk=3600>hour</a> | $lnk=86400>day</a> "; if($isadmin) print '<br>Admin cruft: <a href=online.php'. ($sort ? '?sort=1&' : '?') ."time=$time>Sort by ".($sort == 'IP' ? 'date' : 'IP') ."</a>"; // Logged in users $posters = $sql->query("SELECT id,posts,name,sex,powerlevel,aka,lastactivity,lastip,lastposttime,lasturl,birthday FROM users WHERE lastactivity>".(ctime()-$time).' ORDER BY '.($sort=='IP'&&$isadmin?'lastip':'lastactivity DESC')); print "<br> $fonttag Online users during the last ".timeunits2($time).": $tblstart $tccellh width=20> </td> $tccellh width=200>Username</td> $tccellh width=120> Last activity</td> $tccellh width=180> Last post</td> $tccellh width=*>URL</td> "; if($isadmin) print "$tccellh width=120>IP address</td>"; print "$tccellh width=60> Posts</tr>"; for ($i=1; $user=$sql->fetch($posters); $i++) { $userlink = getuserlink($user); if(!$user['posts']) $user['lastposttime'] = getblankdate(); else $user['lastposttime'] = date($dateformat,$user['lastposttime']+$tzoff); $user['lasturl']=str_replace('<','<',$user['lasturl']); $user['lasturl']=str_replace('>','>',$user['lasturl']); $user['lasturl']=str_replace('%20',' ',$user['lasturl']); $user['lasturl']=str_replace('shoph','shop',$user['lasturl']); $user['lasturl']=preg_replace('/[\?\&]debugsql(|=[0-9]+)/i','',$user['lasturl']); // let's not give idiots any ideas $lasturltd = "$tccell2l><a rel=\"nofollow\" href=\"". urlformat($user['lasturl']) ."\">$user[lasturl]"; if (substr($user['lasturl'], -11) =='(IP banned)') $lasturltd = "$tccell2l><a rel=\"nofollow\" href=\"". substr($user['lasturl'], 0, -12) ."\">". substr($user[lasturl], 0, -12) ."</a> (IP banned)"; elseif (substr($user['lasturl'], -11) =='(Tor proxy)') $lasturltd = "$tccell2l><a rel=\"nofollow\" href=\"". substr($user['lasturl'], 0, -12) ."\">". substr($user[lasturl], 0, -12) ."</a> (Tor proxy)"; print "<tr style=\"height:24px;\"> $tccell1>$i</td> $tccell2l>{$userlink}</td> $tccell1>".date('h:i:s A',$user['lastactivity']+$tzoff)."</td> $tccell1>$user[lastposttime]</td> $lasturltd</td>"; if ($banorama) $ipban = "$smallfont<br>[<a href=?banip=$user[lastip]&uid=$user[id]&valid=". md5($user['lastip'] . "aglkdgslhkadgshlkgds") .">Ban</a> - <a href=http://google.com/search?q=$user[lastip]>G</a>]</font>"; if($isadmin) print "$tccell1><a href=ipsearch.php?ip=$user[lastip]>$user[lastip]</a> $ipban</td>"; // $tccell1r>". $user['ipmatches'] ." <img src='". ($user['ipmatches'] > 0 ? "images/dot2.gif" : "images/dot5.gif") ."' align='absmiddle'></td>"; print "$tccell2>$user[posts]</tr>"; } //WHERE date>'.(ctime()-$time).' $guests = $sql->query('SELECT *, (SELECT COUNT(`ip`) FROM `ipbans` WHERE `ip` = `guests`.`ip`) AS banned FROM guests ORDER BY '.($sort=='IP'&&$isadmin?'ip':'date').' DESC'); print " $tblend $fonttag<br>Guests online in the past 5 min.: $tblstart<tr> $tccellh width=20> </td> $tccellh width=300> </td> $tccellh width=120>Last activity</td> $tccellh width=*>URL</td> "; if($isadmin) print "$tccellh width=120> IP address</td>"; print '</tr>'; for($i=1;$guest=$sql->fetch($guests);$i++){ $guest['lasturl']=str_replace('<','<',$guest['lasturl']); $guest['lasturl']=str_replace('>','>',$guest['lasturl']); $guest['lasturl']=str_replace('shoph','shop',$guest['lasturl']); $guest['lasturl']=preg_replace('/[\?\&]debugsql=[0-9]+/i','',$guest['lasturl']); // let's not give idiots any ideas /* if ($guest['useragent'] == "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9.0.19) Gecko/2010031218 Firefox/3.0.19" && $banorama) { // if (stripos($guest['useragent'], "robot") !== false && $banorama) $marker = " style='color: #f88;'"; else $marker = ""; */ $marker = ''; $lasturltd = "$tccell2l$marker><a rel=\"nofollow\" href=\"". urlformat($guest['lasturl']) ."\">$guest[lasturl]"; if (substr($guest['lasturl'], -11) =='(IP banned)') $lasturltd = "$tccell2l$marker><a rel=\"nofollow\" href=\"". substr($guest['lasturl'], 0, -12) ."\">". substr($guest['lasturl'], 0, -12) ."</a> (IP banned)"; elseif (substr($guest['lasturl'], -11) =='(Tor proxy)') $lasturltd = "$tccell2l$marker><a rel=\"nofollow\" href=\"". substr($guest['lasturl'], 0, -12) ."\">". substr($guest['lasturl'], 0, -12) ."</a> (Tor proxy)"; print "<tr style=\"height:40px;\"> $tccell1$marker>$i</td> $tccell2s$marker>". htmlspecialchars($guest['useragent']) ."</td> $tccell1$marker>".date('h:i:s A',$guest['date']+$tzoff)."</td> $lasturltd</td>"; if ($banorama && !$guest['banned']) $ipban = "<a href=?banip=$guest[ip]&valid=". md5($guest['ip'] . "aglkdgslhkadgshlkgds") .">Ban</a> - "; elseif ($guest['banned']) $ipban = "<span style='color: #f88; font-weight: bold;'>Banned</span> - "; else $ipban = ""; if($isadmin) print "</td>$tccell1$marker> <a href=ipsearch.php?ip=$guest[ip]>$guest[ip]</a>$smallfont <br>[$ipban<a href=http://google.com/search?q=$guest[ip]>G</a>-<a href=http://en.wikipedia.org/wiki/User:$guest[ip]>W</a>-<a href=http://$guest[ip]/>H</a>]</a></font>"; print "</tr>"; } print $tblend.$footer; printtimedif($startingtime); function urlformat($url) { return preg_replace("/^\/thread\.php\?pid=([0-9]+)$/", "/thread.php?pid=\\1#\\1", $url); }