mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-06-06 19:06:39 +02:00
Code Issues Releases Wiki Activity

Issue #3707 update() query issue in checkBan() method.

Browse Source
This commit is contained in:
Cameron 2019-03-02 08:17:01 -08:00
parent 4beaffd103
commit 64bab92d68
1 changed files with 24 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
e107_handlers/iphandler_class.php
View File

@ -937,7 +937,7 @@ class eIPHandler
* @param boolean $do_return - if TRUE, returns regardless without displaying anything. if FALSE, for a banned user displays any message and exits * @param boolean $do_return - if TRUE, returns regardless without displaying anything. if FALSE, for a banned user displays any message and exits
* @return boolean TRUE for OK, FALSE for banned. * @return boolean TRUE for OK, FALSE for banned.
*/ */
public function checkBan($query, $show_error = TRUE, $do_return = FALSE) public function checkBan($query, $show_error = true, $do_return = false)
{ {
$sql = e107::getDb(); $sql = e107::getDb();
$pref = e107::getPref(); $pref = e107::getPref();
@ -949,23 +949,32 @@ class eIPHandler
{ {
// Any whitelist entries will be first, because they are positive numbers - so we can answer based on the first DB record read // Any whitelist entries will be first, because they are positive numbers - so we can answer based on the first DB record read
$row = $sql->fetch(); $row = $sql->fetch();
if ($row['banlist_bantype'] >= eIPHandler::BAN_TYPE_WHITELIST) if($row['banlist_bantype'] >= eIPHandler::BAN_TYPE_WHITELIST)
{ {
//$admin_log->e_log_event(4,__FILE__."|".__FUNCTION__."@".__LINE__,"DBG","Whitelist hit",$query,FALSE,LOG_TO_ROLLING); //$admin_log->e_log_event(4,__FILE__."|".__FUNCTION__."@".__LINE__,"DBG","Whitelist hit",$query,FALSE,LOG_TO_ROLLING);
return TRUE; // Whitelisted entry return true; // Whitelisted entry
} }
// Found banlist entry in table here // Found banlist entry in table here
if (($row['banlist_banexpires']>0) && ($row['banlist_banexpires']<time())) if(($row['banlist_banexpires'] > 0) && ($row['banlist_banexpires'] < time()))
{ // Ban has expired - delete from DB { // Ban has expired - delete from DB
$sql->delete('banlist', $query); $sql->delete('banlist', $query);
$this->regenerateFiles(); $this->regenerateFiles();
return TRUE;
return true;
} }
// User is banned hereafter - just need to sort out the details. // User is banned hereafter - just need to sort out the details.
if (vartrue($pref['ban_retrigger']) && vartrue($pref['ban_durations'][$row['banlist_bantype']])) // May need to retrigger ban period
{ // May need to retrigger ban period if (!empty($pref['ban_retrigger']) && !empty($pref['ban_durations'][$row['banlist_bantype']]))
$sql->update('banlist', "`banlist_banexpires`=".intval(time()+($pref['ban_durations'][$row['banlist_bantype']]*60*60)), "WHERE `banlist_ip`='{$row['banlist_ip']}'"); {
$dur = (int) $pref['ban_durations'][$row['banlist_bantype']];
$updateQry = array(
'banlist_banexpires' => (time() + ($dur * 60 * 60)),
'WHERE' => "banlist_ip ='".$row['banlist_ip']."'"
);
$sql->update('banlist', $updateQry);
$this->regenerateFiles(); $this->regenerateFiles();
//$admin_log->e_log_event(4,__FILE__."|".__FUNCTION__."@".__LINE__,"DBG","Retrigger Ban",$row['banlist_ip'],FALSE,LOG_TO_ROLLING); //$admin_log->e_log_event(4,__FILE__."|".__FUNCTION__."@".__LINE__,"DBG","Retrigger Ban",$row['banlist_ip'],FALSE,LOG_TO_ROLLING);
} }
@ -974,13 +983,15 @@ class eIPHandler
{ {
header('HTTP/1.1 403 Forbidden', true); header('HTTP/1.1 403 Forbidden', true);
} }
if (isset($pref['ban_messages'])) // May want to display a message
{ // May want to display a message if (!empty($pref['ban_messages']))
{
// Ban still current here // Ban still current here
if($do_return) if($do_return)
{ {
return FALSE; return false;
} }
echo $tp->toHTML(varset($pref['ban_messages'][$row['banlist_bantype']])); // Show message if one set echo $tp->toHTML(varset($pref['ban_messages'][$row['banlist_bantype']])); // Show message if one set
} }
//$admin_log->e_log_event(4, __FILE__."|".__FUNCTION__."@".__LINE__, 'BAN_03', 'LAN_AUDIT_LOG_003', $query, FALSE, LOG_TO_ROLLING); //$admin_log->e_log_event(4, __FILE__."|".__FUNCTION__."@".__LINE__, 'BAN_03', 'LAN_AUDIT_LOG_003', $query, FALSE, LOG_TO_ROLLING);
@ -996,6 +1007,7 @@ class eIPHandler
{ {
return false; return false;
} }
exit(); exit();
} }
@ -1007,7 +1019,7 @@ class eIPHandler
//$admin_log->e_log_event(4,__FILE__."|".__FUNCTION__."@".__LINE__,"DBG","No ban found",$query,FALSE,LOG_TO_ROLLING); //$admin_log->e_log_event(4,__FILE__."|".__FUNCTION__."@".__LINE__,"DBG","No ban found",$query,FALSE,LOG_TO_ROLLING);
return TRUE; // Email address OK return true; // Email address OK
} }