Ip Restriction

[Nocturnal222]

Restrict supermoderators from searching IPs of the SuperAdmin / Administrator

PHP Code:

// ############################# start do ips #########################
if ($_REQUEST['do'] == 'doips')
{
    if (function_exists('set_time_limit') AND !SAFEMODE)
    {
        @set_time_limit(0);
    }

    $vbulletin->input->clean_array_gpc('r', array(
        'depth'     => TYPE_INT,
        'username'  => TYPE_STR,
        'ipaddress' => TYPE_NOHTML,
    ));

    if (($vbulletin->GPC['username'] OR $vbulletin->GPC['userid'] OR $vbulletin->GPC['ipaddress']) AND $_POST['do'] != 'doips')
    {
        // we're doing a search of some type, that's not submitted via post,
        // so we need to verify the CP sessionhash
        verify_cp_sessionhash();
    }

    if (empty($vbulletin->GPC['depth']))
    {
        $vbulletin->GPC['depth'] = 1;
    }

    if ($vbulletin->GPC['username'])
    {
        $getuserid = $db->query_first("
            SELECT userid
            FROM " . TABLE_PREFIX . "user
            WHERE username = '" . $db->escape_string(htmlspecialchars_uni($vbulletin->GPC['username'])) . "'
        ");
        $userid = intval($getuserid['userid']);

        $userinfo = fetch_userinfo($userid);
        if (!$userinfo)
        {
            print_stop_message('invalid_user_specified');
        }
    }
    else if ($vbulletin->GPC['userid'])
    {
        $userid = $vbulletin->GPC['userid'];
        $userinfo = fetch_userinfo($userid);
        if (!$userinfo)
        {
            print_stop_message('invalid_user_specified');
        }
        $vbulletin->GPC['username'] = unhtmlspecialchars($userinfo['username']);
    }
    else
    {
        $userid = 0;
    }

    if ($vbulletin->GPC['ipaddress'] OR $userid)
    {
        if ($vbulletin->GPC['ipaddress'])
        {
            print_form_header('', '');
            print_table_header(construct_phrase($vbphrase['ip_address_search_for_ip_address_x'], $vbulletin->GPC['ipaddress']));
            $hostname = @gethostbyaddr($vbulletin->GPC['ipaddress']);
            if (!$hostname OR $hostname == $vbulletin->GPC['ipaddress'])
            {
                $hostname = $vbphrase['could_not_resolve_hostname'];
            }
            print_description_row("<div style=\"margin-" . vB_Template_Runtime::fetchStyleVar('left') . ":20px\"><a href=\"usertools.php?" . $vbulletin->session->vars['sessionurl'] . "do=gethost&amp;ip=" . $vbulletin->GPC['ipaddress'] . "\">" . $vbulletin->GPC['ipaddress'] . "</a> : <b>$hostname</b></div>");

            $results = construct_ip_usage_table($vbulletin->GPC['ipaddress'], 0, $vbulletin->GPC['depth']);
            print_description_row($vbphrase['post_ip_addresses'], false, 2, 'thead');
            print_description_row($results ? $results : $vbphrase['no_matches_found']);

            $results = construct_ip_register_table($vbulletin->GPC['ipaddress'], 0, $vbulletin->GPC['depth']);
            print_description_row($vbphrase['registration_ip_addresses'], false, 2, 'thead');
            print_description_row($results ? $results : $vbphrase['no_matches_found']);

            print_table_footer();
        }

        if ($userid)
        {
            print_form_header('', '');
            print_table_header(construct_phrase($vbphrase['ip_address_search_for_user_x'], htmlspecialchars_uni($vbulletin->GPC['username'])));
            print_label_row($vbphrase['registration_ip_address'], ($userinfo['ipaddress'] ? $userinfo['ipaddress'] : $vbphrase['n_a']));

            $results = construct_user_ip_table($userid, 0, $vbulletin->GPC['depth']);
            print_description_row($vbphrase['post_ip_addresses'], false, 2, 'thead');
            print_description_row($results ? $results : $vbphrase['no_matches_found']);

            if ($userinfo['ipaddress'])
            {
                $results = construct_ip_register_table($userinfo['ipaddress'], $userid, $vbulletin->GPC['depth']);
            }
            else
            {
                $results = '';
            }
            print_description_row($vbphrase['registration_ip_addresses'], false, 2, 'thead');
            print_description_row($results ? $results : $vbphrase['no_matches_found']);

            print_table_footer();
        }
    }

    print_form_header('usertools', 'doips');
    print_table_header($vbphrase['search_ip_addresses']);
    print_input_row($vbphrase['find_users_by_ip_address'], 'ipaddress', $vbulletin->GPC['ipaddress'], 0);
    print_input_row($vbphrase['find_ip_addresses_for_user'], 'username', $vbulletin->GPC['username']);
    print_select_row($vbphrase['depth_to_search'], 'depth', array(1 => 1, 2 => 2), $vbulletin->GPC['depth']);
    print_submit_row($vbphrase['find']);
} 


how can i add a code where if they search user under admin group, they cannot do depth 2 search or view more users on the ip address / restrict ip search of admins

[borbole]

Try this:

PHP Code:

if ($_REQUEST['do'] == 'doips' AND $vbulletin->userinfo['usergroupid'] == 5)
{
 print_stop_message('no_permission_ips');
} 


This will prevent Super Moderators from using the Search Ip option at the Mod CP. 5 is the default if for the Super Moderators, if you are using a custom id for that group, you should replace 5 with that custom id.

[Nocturnal222]

Quote:

Originally Posted by borbole

Try this:

PHP Code:

if ($_REQUEST['do'] == 'doips' AND $vbulletin->userinfo['usergroupid'] == 5)
{
 print_stop_message('no_permission_ips');
} 


This will prevent Super Moderators from using the Search Ip option at the Mod CP. 5 is the default if for the Super Moderators, if you are using a custom id for that group, you should replace 5 with that custom id.

thank you sir.
how about, they can do ips but if they will search ip of usergroupid 6 they will get a message as print_stop_message('no_permission_ips');


thank you