diff --git a/public/manage/index.php b/public/manage/index.php index 2fa46a18..a5cd54d8 100644 --- a/public/manage/index.php +++ b/public/manage/index.php @@ -101,38 +101,36 @@ switch ($_GET['v'] ?? null) { $notices = []; - while (!empty($_POST)) { + if (!empty($_POST)) { if (!csrf_verify('ip_blacklist', $_POST['csrf'] ?? '')) { $notices[] = 'Verification failed.'; - break; - } + } else { + header(csrf_http_header('ip_blacklist')); - header(csrf_http_header('ip_blacklist')); + if (!empty($_POST['blacklist']['remove']) && is_array($_POST['blacklist']['remove'])) { + foreach ($_POST['blacklist']['remove'] as $cidr) { + if (!ip_blacklist_remove($cidr)) { + $notices[] = sprintf('Failed to remove "%s" from the blacklist.', $cidr); + } + } + } - if (!empty($_POST['blacklist']['remove']) && is_array($_POST['blacklist']['remove'])) { - foreach ($_POST['blacklist']['remove'] as $cidr) { - if (!ip_blacklist_remove($cidr)) { - $notices[] = sprintf('Failed to remove "%s" from the blacklist.', $cidr); + if (!empty($_POST['blacklist']['add']) && is_string($_POST['blacklist']['add'])) { + $cidrs = explode("\n", $_POST['blacklist']['add']); + + foreach ($cidrs as $cidr) { + $cidr = trim($cidr); + + if (empty($cidr)) { + continue; + } + + if (!ip_blacklist_add($cidr)) { + $notices[] = sprintf('Failed to add "%s" to the blacklist.', $cidr); + } } } } - - if (!empty($_POST['blacklist']['add']) && is_string($_POST['blacklist']['add'])) { - $cidrs = explode("\n", $_POST['blacklist']['add']); - - foreach ($cidrs as $cidr) { - $cidr = trim($cidr); - - if (empty($cidr)) { - continue; - } - - if (!ip_blacklist_add($cidr)) { - $notices[] = sprintf('Failed to add "%s" to the blacklist.', $cidr); - } - } - } - break; } echo tpl_render('manage.general.blacklist', [