Location: PHPKode > projects > raSMP > rasmp/admin/ban.php
<?php

/*******************************************************************

 Name		: raSMP 2.0
 Copyright	: 2002, Adam Alkins
 Website	: http://www.rasmp.com
 email		: hide@address.com

 $Id: ban.php,v 1.22 2003/03/16 21:45:16 rasadam Exp $: 

*******************************************************************/

/*******************************************************************

This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program; if not, write to the 
Free Software Foundation Inc., 59 Temple Place, Suite 330,
Boston, MA  02111-1307  USA

*******************************************************************/

/*

Manage Bans

*/

define('RASMP',true);
define('RASMP_ADMIN',true);
define('SCRIPT_PATH','../');
include SCRIPT_PATH.'common/extension.inc';
include SCRIPT_PATH.'common/admin_common.'.FILE_EXT;

// Check authentication
check_auth('ban');

function do_header($title)
{
  	display_header($title);
	display_menu();
	display_body();
}

function display_menu()
{
?>

<table width="98%" border="0" cellspacing="0" cellpadding="0" align="center">
  <tr>
    <td bgcolor="#0066CC">
      <div align="center"><a class="menulink" href="<?php echo attach_sid("ban.".FILE_EXT."?mode=add"); ?>">Add</a> | <a class="menulink" href="<?php echo attach_sid("ban.".FILE_EXT."?mode=delete"); ?>">Delete</a> | <a class="menulink" href="<?php echo attach_sid("ban.".FILE_EXT."?mode=edit"); ?>">Edit</a> | <a class="menulink" href="<?php echo attach_sid("ban.".FILE_EXT."?mode=viewlog"); ?>">View logs</a> | <a class="menulink" href="<?php echo attach_sid("ban.".FILE_EXT."?mode=index"); ?>">Index</a></div>
    </td>
  </tr>
</table>

<?php

}

switch($_GET['mode'])
{
	case 'add':
		if(!isset($_POST['doadd']))
		{
			do_header("Admin Panel >> Ban Management >> Add");
?>
<div align="center"> 
  <form name="form1" id="form1" method="post" action="<?php echo attach_sid("ban.".FILE_EXT."?mode=add"); ?>">
    <blockquote>
      <p align="left">Enter the IP address and Comments for this ban.</p>
      <p align="left">Note for IP: If the ip is an IPv4 address (e.g. 255.255.255.0), 
        please enter it in the IPv4 style (like the example). If IPv6, Enter in 
        short form (Remove the zeros at the beginning of a block). You can use wildcards for IPv4 address, like 
        255.255.255.* will ban all IPs from 255.255.255.0 - 255.255.255.0 (Range banning in IPv6 addresses are not supported at this time)</p>
      <p align="left">The Comment will appear as the ban message the person receives. 
        You can use it to specificy the reason for the Ban to let the person know.</p>
    </blockquote>
    <p>IP Address: 
      <input name="ip" type="text" size="15" maxlength="255" value="<?php echo $_GET['ip']; ?>" />
    </p>
    <p>Comment: 
      <input name="comment" type="text" size="50" maxlength="255" value="<?php echo stripslashes($_GET['comment']); ?>" />
    </p>
    <p>
      <input type="submit" name="doadd" value="Ban IP" />
    </p>
  </form>
</div>
<?php
			display_footer();
		}
		else
		{
			// if a value isn't set
			if(!isset($_POST['ip'])||!isset($_POST['comment']))
			{
				redirect_page('Missing a field value',attach_sid("ban.".FILE_EXT."?mode=add&ip=".$_POST['ip']."&comment=".$_POST['comment']));
			}
			
			$_POST['comment'] = addslashes(htmlentities($_POST['comment']));
			unset($ip);
			$ip = $_POST['ip'];
			
			if(strstr($_POST['ip'],":")&&strstr($_POST['ip'],"*"))
			{
				redirect_page('IPv6 Addresses do not support wildcards as yet',attach_sid("ban.".FILE_EXT."?mode=add&ip=".$ip."&comment=".$_POST['comment']));
			}
			
			if($_POST['ip']=='*')
			{
				redirect_page('You cannot do a pure wildcard ban!',attach_sid("ban.".FILE_EXT."?mode=add&ip=".$ip."&comment=".$_POST['comment']));
			}
						
			unset($ipv6);
			
			//
			// Validating the IP and determining whether its IPv6 or IPv4
			// A lot of redundancies, but ah well, the job is done
			//
			if(is_ipv4($_POST['ip']))
			{
				$_POST['ip'] = format_ipv4($_POST['ip']);
				
				if(!validate_ipv4($_POST['ip']))
				{
					redirect_page('IPv4 address is Invalid',attach_sid("ban.".FILE_EXT."?mode=add&ip=".$ip."&comment=".$_POST['comment']));
				}
				else
				{
					$_POST['ip'] = validate_ipv4($_POST['ip']);
					$_POST['ip'] = format_ipv6($_POST['ip']);					
					$ipv6 = 0;
				}
			}
			else
			{
				if(!strstr($_POST['ip'],":"))
				{
					redirect_page('IP address is not Invalid',attach_sid("ban.".FILE_EXT."?mode=add&ip=".$ip."&comment=".$_POST['comment']));
				}
				
				if(!validate_ipv6($_POST['ip']))
				{
					redirect_page('IPv6 address is not Invalid',attach_sid("ban.".FILE_EXT."?mode=add&ip=".$ip."&comment=".$_POST['comment']));
				}
				
				$ipv6 = 1;
			}
			
			if(ip_exists($_POST['ip']))
			{
				redirect_page('IP is already banned!',attach_sid("ban.".FILE_EXT."?mode=add&ip=".$ip."&comment=".$_POST['comment']));
			}
			
			$query = "INSERT INTO ".BANS_TABLE." (ip, ipv6, comment) VALUES('".$_POST['ip']."',$ipv6,'".$_POST['comment']."')";
			db_query($query,'Could not insert new Ban');
			
			redirect_page('Ban Successfully Added',attach_sid("ban.".FILE_EXT."?mode=index"));										
		}
	case 'delete':
		if(db_rowcount(BANS_TABLE)==0)
		{
			redirect_page('There are no Bans to Delete.',attach_sid("ban.".FILE_EXT."?mode=index"));
		}
		// if the ban id wasn't passed in either the url or form
		if(!isset($_POST['ban_id'])&&!isset($_GET['ban_id']))
		{
			// get ban list
			$query = "SELECT ban_id,ip FROM ".BANS_TABLE." ORDER BY ip ASC";
			$result = db_query($query,'Could not select list of bans');
		
			$ban_data = db_fetchrows($result);
			$numrows = db_numrows($result);
			
			do_header("Admin Panel >> Ban Management >> Delete");	
?>
<div align="center">
  <form name="form1" id="form1" method="post" action="<?php echo attach_sid("ban.".FILE_EXT."?mode=delete"); ?>">
    <p>Select an IP from the list to remove the ban.</p>
    <p>IP Address: 
      <select name="ban_id">
<?php
			for($i=0;$i<$numrows;$i++)
			{
				if(is_ipv4($ban_data[$i]['ip']))
				{
					$ban_data[$i]['ip'] = format_ipv4($ban_data[$i]['ip']);
					$ban_data[$i]['ip'] = clean_ip($ban_data[$i]['ip']);
				}
				
				echo '<option value="'.$ban_data[$i]['ban_id'].'">'.$ban_data[$i]['ip'].'</option>';
			}
?>
      </select>
    </p>
    <p>
      <input type="submit" name="Submit" value="Remove Ban" />
    </p>
  </form>
</div>
<?php		
			display_footer();
		}
		else
		{
			unset($ban_id);
			if(isset($_GET['ban_id']))
			{
				$ban_id = intval($_GET['ban_id']);
			}
			else
			{
				$ban_id = intval($_POST['ban_id']);
			}
			
			// see if ban exists
			$query = "SELECT ban_id FROM ". BANS_TABLE ." WHERE ban_id = $ban_id";
			if(db_numrows('',$query,'Could not check to see if Ban exists')==0)
			{
				redirect_page('Ban does not exist',attach_sid("ban.".FILE_EXT."?mode=delete"));
			}
			
			// perform deletes (bans table and ban_attempts)
			$query = "DELETE FROM ". BANS_TABLE ." WHERE ban_id = $ban_id";
			db_query($query,'Could not delete ban record');
			
			$query = "DELETE FROM ". BAN_ATTEMPTS_TABLE ." WHERE ban_id = $ban_id";
			db_query($query,'Could not delete ban attempts records');
			
			redirect_page('Ban Successfully Removed',attach_sid("ban.".FILE_EXT."?mode=index"));							
		}
		break;
	case 'edit':
		if(db_rowcount(BANS_TABLE)==0)
		{
			redirect_page('There are no Bans to Edit.',attach_sid("ban.".FILE_EXT."?mode=index"));
		}
		if(!isset($_POST['doedit'])&&(!isset($_GET['ban_id'])&&!isset($_POST['ban_id'])))
		{
			// get ban list
			$query = "SELECT ban_id,ip FROM ".BANS_TABLE." ORDER BY ip ASC";
			$result = db_query($query,'Could not select list of bans');
		
			$ban_data = db_fetchrows($result);
			$numrows = db_numrows($result);
			
			do_header("Admin Panel >> Ban Management >> Edit");	
?>
<div align="center">
  <form name="form1" id="form1" method="post" action="<?php echo attach_sid("ban.".FILE_EXT."?mode=edit"); ?>">
    <p>Select an IP from the list to modify the ban.</p>
    <p>IP Address: 
      <select name="ban_id">
<?php
			for($i=0;$i<$numrows;$i++)
			{
				if(is_ipv4($ban_data[$i]['ip']))
				{
					$ban_data[$i]['ip'] = format_ipv4($ban_data[$i]['ip']);
					$ban_data[$i]['ip'] = clean_ip($ban_data[$i]['ip']);
				}
				
				echo '<option value="'.$ban_data[$i]['ban_id'].'">'.$ban_data[$i]['ip'].'</option>';
			}
?>
      </select>
    </p>
    <p>
      <input type="submit" name="Submit" value="Modify Ban" />
    </p>
  </form>
</div>
<?php		
			display_footer();
		}
		else if(!isset($_POST['doedit']))
		{		
			unset($ban_id);
			if(isset($_GET['ban_id']))
			{
				$ban_id = intval($_GET['ban_id']);
			}
			else
			{
				$ban_id = intval($_POST['ban_id']);
			}
			
			// see if ban exists
			$query = "SELECT ban_id,ip,comment FROM ". BANS_TABLE ." WHERE ban_id = $ban_id";
			$result = db_query($query,'Could not check to see if Ban exists');
			
			if(db_numrows($result)==0)
			{
				redirect_page('Ban does not exist',attach_sid("ban.".FILE_EXT."?mode=edit"));
			}
			
			$ban_data = db_fetchassoc($result);
			
			unset($ip);
			unset($comment);
			
			if(isset($_GET['ip']))
			{
				$ip = $_GET['ip'];
			}
			else
			{
				$ip = $ban_data['ip'];
				if(is_ipv4($ip))
				{
					$ip = format_ipv4($ip);
					$ip = clean_ip($ip);
				}
			}
			
			if(isset($_GET['comment']))
			{
				$comment = stripslashes(urldecode($_GET['comment']));
			}
			else
			{
				$comment = stripslashes($ban_data['comment']);
			}
								
			do_header("Admin Panel >> Ban Management >> Edit");
?>
<div align="center"> 
  <form name="form1" id="form1" method="post" action="<?php echo attach_sid("ban.".FILE_EXT."?mode=edit"); ?>">
    <blockquote>
      <p align="left">Modify the IP address and Comments for this ban.</p>
      <p align="left">Note for IP: If the ip is an IPv4 address (e.g. 255.255.255.0), 
        please enter it in the IPv4 style (like the example). If IPv6, Enter in 
        short form (Remove the zeros at the beginning of a block). You can use wildcards for IPv4 address, like 
        255.255.255.* will ban all IPs from 255.255.255.0 - 255.255.255.0 (Range banning in IPv6 addresses are not supported at this time)</p>
      <p align="left">The Comment will appear as the ban message the person receives. 
        You can use it to specificy the reason for the Ban to let the person know.</p>
    </blockquote>
    <p>IP Address: 
      <input name="ip" type="text" size="15" maxlength="255" value="<?php echo $ip; ?>" />
    </p>
    <p>Comment: 
      <input name="comment" type="text" size="50" maxlength="255" value="<?php echo $comment; ?>" />
    </p>
    <p>
	  <input type="hidden" name="ban_id" value="<?php echo $ban_id; ?>" />
      <input type="submit" name="doedit" value="Save Changes" />
    </p>
  </form>
</div>
<?php
			display_footer();
		}
		else
		{
			if(!isset($_POST['ban_id']))
			{
				redirect_page('No Ban to Edit',attach_sid("ban.".FILE_EXT."?mode=edit"));
			}
			
			$_POST['ban_id'] = intval($_POST['ban_id']);
						
			// see if ban exists
			$query = "SELECT ban_id,ip FROM ". BANS_TABLE ." WHERE ban_id = ".$_POST['ban_id'];
			$result = db_query($query,'Could not check to see if Ban exists');
			
			if(db_numrows($result)==0)
			{
				redirect_page('Ban does not exist',attach_sid("ban.".FILE_EXT."?mode=edit"));
			}
			
			$ban_data = db_fetchassoc($result);
			
			// if a value isn't set
			if(!isset($_POST['ip'])||!isset($_POST['comment']))
			{
				redirect_page('Missing a field value',attach_sid("ban.".FILE_EXT."?mode=edit&ban_id=".$_POST['ban_id']."&ip=".$_POST['ip']."&comment=".urlencode($_POST['comment'])));
			}
			
			unset($ip);
			$ip = $_POST['ip'];
			
			if(strstr($_POST['ip'],":")&&strstr($_POST['ip'],"*"))
			{
				redirect_page('IPv6 Addresses do not support wildcards as yet',attach_sid("ban.".FILE_EXT."?mode=edit&ban_id=".$_POST['ban_id']."&ip=".$ip."&comment=".urlencode($_POST['comment'])));
			}
			
			if($_POST['ip']=='*')
			{
				redirect_page('You cannot do a pure wildcard ban!',attach_sid("ban.".FILE_EXT."?mode=edit&ip=".$ip."&comment=".urlencode($_POST['comment'])));
			}
						
			unset($ipv6);
			
			//
			// Validating the IP and determining whether its IPv6 or IPv4
			// A lot of redundancies, but ah well, the job is done
			//
			if(is_ipv4($_POST['ip']))
			{
				$_POST['ip'] = format_ipv4($_POST['ip']);
				
				if(!validate_ipv4($_POST['ip']))
				{
					redirect_page('IPv4 address is Invalid',attach_sid("ban.".FILE_EXT."?mode=edit&ban_id=".$_POST['ban_id']."&ip=".$ip."&comment=".urlencode($_POST['comment'])));
				}
				else
				{
					$_POST['ip'] = validate_ipv4($_POST['ip']);
					$_POST['ip'] = format_ipv6($_POST['ip']);					
					$ipv6 = 0;
				}
			}
			else
			{
				if(!strstr($_POST['ip'],":"))
				{
					redirect_page('IP address is not Invalid',attach_sid("ban.".FILE_EXT."?mode=edit&ban_id=".$_POST['ban_id']."&ip=".$ip."&comment=".urlencode($_POST['comment'])));
				}
				
				if(!validate_ipv6($_POST['ip']))
				{
					redirect_page('IPv6 address is not Invalid',attach_sid("ban.".FILE_EXT."?mode=edit&ban_id=".$_POST['ban_id']."&ip=".$ip."&comment=".urlencode($_POST['comment'])));
				}
				
				$ipv6 = 1;
			}
			
			if(ip_exists($_POST['ip'])&&$_POST['ip']!=$ban_data['ip'])
			{
				redirect_page('IP is already banned!',attach_sid("ban.".FILE_EXT."?mode=edit&ban_id=".$_POST['ban_id']."&ip=".$ip."&comment=".urlencode($_POST['comment'])));
			}

			$_POST['comment'] = addslashes(htmlentities($_POST['comment']));			

			$query = "UPDATE ".BANS_TABLE." SET ip = '".$_POST['ip']."', ipv6 = $ipv6, comment = '".$_POST['comment']."' WHERE ban_id = ".$_POST['ban_id'];
			db_query($query,'Could not update Ban');
			
			redirect_page('Ban Successfully Edited',attach_sid("ban.".FILE_EXT."?mode=index"));										
		}
	case 'viewlog':
		if(db_rowcount(BAN_ATTEMPTS_TABLE)==0)
		{
			redirect_page('There are no Ban Attempts in the Log.',attach_sid("ban.".FILE_EXT."?mode=index"));
		}
		
		if(!isset($_GET['ban_id'])&&!isset($_POST['ban_id']))
		{
			// get ban list
			$query = "SELECT ban_id,ip FROM ".BANS_TABLE." ORDER BY ip ASC";
			$result = db_query($query,'Could not select list of bans');
	
			$ban_data = db_fetchrows($result);
			$numrows = db_numrows($result);
		
			do_header("Admin Panel >> Ban Management >> View Logs");	
?>
<div align="center">
  <form name="form1" id="form1" method="post" action="<?php echo attach_sid("ban.".FILE_EXT."?mode=viewlog"); ?>">
    <p>Select an IP from the list to view Logs for.</p>
    <p>IP Address: 
      <select name="ban_id">
<?php
			for($i=0;$i<$numrows;$i++)
			{
				if(is_ipv4($ban_data[$i]['ip']))
				{
					$ban_data[$i]['ip'] = format_ipv4($ban_data[$i]['ip']);
					$ban_data[$i]['ip'] = clean_ip($ban_data[$i]['ip']);
				}
			
				echo '<option value="'.$ban_data[$i]['ban_id'].'">'.$ban_data[$i]['ip'].'</option>';
			}
?>
      </select>
    </p>
    <p>
      <input type="submit" name="Submit" value="View Logs" />
    </p>
  </form>
</div>
<?php		
			display_footer();
		}
		else
		{
			unset($ban_id);
			if(isset($_GET['ban_id']))
			{
				$ban_id = intval($_GET['ban_id']);
			}
			else
			{
				$ban_id = intval($_POST['ban_id']);
			}
			
			// see if ban exists
			$query = "SELECT ip FROM ". BANS_TABLE ." WHERE ban_id = $ban_id";
			$result = db_query($query,'Could not check to see if Ban exists');
			
			if(db_numrows($result)==0)
			{
				redirect_page('Ban does not exist',attach_sid("ban.".FILE_EXT."?mode=viewlog"));
			}
			
			$ban_data = db_fetchassoc($result);
			
			if(is_ipv4($ban_data[$i]['ip']))
			{
				$ban_data['ip'] = format_ipv4($ban_data['ip']);
				$ban_data['ip'] = clean_ip($ban_data['ip']);
			}
			
			$query = "SELECT ip,date,page_id FROM ".BAN_ATTEMPTS_TABLE." WHERE ban_id = $ban_id ORDER BY date ASC";
			$result = db_query($query,'Could not fetch ban attempts information');
			
			$numrows = db_numrows($result);
			
			if($numrows == 0)
			{
				redirect_page('No Attempts for this Ban',attach_sid("ban.".FILE_EXT."?mode=viewlog"));
			}
			
			$attempt_rows = db_fetchrows($result);
			
			for($i=0;$i < $numrows;$i++)
			{
				if(is_ipv4($attempt_rows[$i]['ip']))
				{
					$attempt_rows[$i]['ip'] = format_ipv4($attempt_rows[$i]['ip']);
					$attempt_rows[$i]['ip'] = clean_ip($attempt_rows[$i]['ip']);
				}								
				
				$attempt_rows[$i]['comment'] = stripslashes($attempt_rows[$i]['comment']);
				$attempt_rows[$i]['date'] = date("r",$attempt_rows[$i]['date']);
				
				if(!isset($pages[$attempt_rows[$i]['page_id']]))
				{
					$query = "SELECT p.page_name, c.cat_pname FROM ".PAGES_TABLE." AS p, ".CATEGORIES_TABLE." as c WHERE p.page_id = ".$attempt_rows[$i]['page_id']." AND p.cat_id = c.cat_id";
					$result = db_query($query,'Could not select page and category data');
					
					if(db_numrows($result)==0)
					{
						$pages[$attempt_rows[$i]['page_id']]['page_name'] = 'Deleted';
						$pages[$attempt_rows[$i]['page_id']]['cat_pname'] = '-';
					}
					else
					{
						$row_data = db_fetchassoc($result);

						$pages[$attempt_rows[$i]['page_id']]['page_name'] = stripslashes($row_data['page_name']);
						$pages[$attempt_rows[$i]['page_id']]['cat_pname'] = stripslashes($row_data['cat_pname']);
					}
				}
			}
			
			do_header("Admin Panel >> Ban Management >> View Logs");			
?>
<p align="center">Banned Address: <b><?php echo $ban_data['ip']; ?></b></p>
<table width="90%" border="1" cellspacing="0" cellpadding="0" align="center" bordercolor="#A8B9FF">
  <tr align="center"> 
    <td align="center" valign="middle" bgcolor="0066CC"> 
      <div align="center"><b><font size="3" color="#FFFFFF">Date</font></b></div>
    </td>
    <td align="center" valign="middle" bgcolor="0066CC"> 
      <div align="center"><font size="3" color="#FFFFFF"><b>IP Address</b></font></div>
    </td>
    <td bgcolor="0066CC"> 
      <div align="center"><font size="3" color="#FFFFFF"><b>Category</b></font></div>
    </td>
    <td bgcolor="0066CC"> 
      <div align="center"><font size="3" color="#FFFFFF"><b>Page</b></font></div>
    </td>
  </tr>
<?php
			for($i=0;$i<$numrows;$i++)
			{
?>
  <tr>
    <td width="250"> 
      <div align="center"><font size="3" face="Times New Roman, Times, serif"><?php echo $attempt_rows[$i]['date']; ?></font></div>
    </td>
    <td align="center"> 
      <div align="center"><font size="3" face="Times New Roman, Times, serif"><?php echo $attempt_rows[$i]['ip']; ?></font></div>
    </td>
    <td align="center"> 
      <div align="center"><font size="3" face="Times New Roman, Times, serif"><?php echo $pages[$attempt_rows[$i]['page_id']]['page_name']; ?></font></div>
    </td>
    <td align="center"> 
      <div align="center"><font size="3" face="Times New Roman, Times, serif"><?php echo $pages[$attempt_rows[$i]['page_id']]['cat_pname']; ?></font></div>
    </td>
  </tr>
<?php
			}
?>
</table>
<br />
<?php
			display_footer();	
		}		
	case 'index':
	default:
		// get ban list
		$query = "SELECT ban_id,ip,comment FROM ".BANS_TABLE." ORDER BY ip ASC";
		$result = db_query($query,'Could not select list of bans');
		
		$ban_data = db_fetchrows($result);
		$numrows = db_numrows($result);
		
		do_header("Admin Panel >> Ban Management");
?>
<p align="center">Welcome to the Ban Management Module. You can see a list of Bans and view attempt logs on this screen. Links to Adding, Deleting and Editing Bans are also provided.</p>
<table width="90%" border="1" cellspacing="0" cellpadding="0" align="center" bordercolor="#A8B9FF">
  <tr align="center"> 
    <td bgcolor="0066CC" width="200"> 
      <div align="center"><b><font size="3" color="#FFFFFF">IP Address</font></b></div>
    </td>
    <td bgcolor="0066CC"> 
      <div align="center"><font size="3" color="#FFFFFF"><b>Comment</b></font></div>
    </td>
    <td bgcolor="0066CC" width="100" align="center"><div align="center"><font size="3" color="#FFFFFF"><b>Attempts</b></font></div></td>
    <td bgcolor="0066CC" width="50" align="center">&nbsp;</td>
	<td bgcolor="0066CC" width="50" align="center">&nbsp;</td>
  </tr>
<?php
		for($i=0;$i<$numrows;$i++)
		{
			if(is_ipv4($ban_data[$i]['ip']))
			{
				$ban_data[$i]['ip'] = format_ipv4($ban_data[$i]['ip']);
				$ban_data[$i]['ip'] = clean_ip($ban_data[$i]['ip']);
			}
?>
  <tr>
    <td width="200"> 
      <div align="center"><font size="3" face="Times New Roman, Times, serif"><?php echo $ban_data[$i]['ip']; ?></font></div>
    </td>
    <td align="center"> 
      <div align="center"><font size="3" face="Times New Roman, Times, serif"><?php echo stripslashes($ban_data[$i]['comment']); ?></font></div>
    </td>
    <td align="center"> 
      <div align="center"><font size="3" face="Times New Roman, Times, serif">
<?php
			$query = "SELECT COUNT(*) as numrows FROM ".BAN_ATTEMPTS_TABLE." WHERE ban_id = ".$ban_data[$i]['ban_id'];
			$row_data = db_fetchassoc('',$query,'Could not count rows in Ban Attempts table');
			
			if($row_data['numrows']>0)
			{
				echo '<a href="'.attach_sid("ban.".FILE_EXT."?mode=viewlog&ban_id=".$ban_data[$i]['ban_id']).'">'.$row_data['numrows'].'</a>';
			}
			else
			{
				echo $row_data['numrows'];
			}	
?>
	</font></div>
    </td>
    <td align="center"> 
      <div align="center"><font size="3" face="Times New Roman, Times, serif"><?php echo "<a href=\"".attach_sid("ban.".FILE_EXT."?mode=delete&ban_id=".$ban_data[$i]['ban_id'])."\">Delete</a>"; ?></font></div>
    </td>
    <td align="center"> 
      <div align="center"><font size="3" face="Times New Roman, Times, serif"><?php echo "<a href=\"".attach_sid("ban.".FILE_EXT."?mode=edit&ban_id=".$ban_data[$i]['ban_id'])."\">Edit</a>"; ?></font></div>
    </td>
  </tr>
<?php
		}
?>
</table>
<br />
<p aligh="center"><a href="<?php echo attach_sid("ban.".FILE_EXT."?mode=add"); ?>">Add a New Ban</a></p>
<?php
		display_footer();	
}

?>
Return current item: raSMP