mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-07-30 21:40:43 +02:00
Code Issues Releases Wiki Activity

Merge branch 'ticket/jellydoughnut/9650' into develop-olympus

Browse Source 
* ticket/jellydoughnut/9650:
  [ticket/9650] Do not allow banning the anonymous user by username
This commit is contained in:
Andreas Fischer
2010-07-10 21:22:16 +02:00
parent 6da582e8be ae967d16f1
commit 0c2512bea2
3 changed files with 10 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
phpBB/includes/acp/acp_users.php
View File

@@ -231,6 +231,11 @@ class acp_users
trigger_error($user->lang['CANNOT_BAN_YOURSELF'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
}
if ($user_id == ANONYMOUS)
{
trigger_error($user->lang['CANNOT_BAN_ANONYMOUS'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
}
if ($user_row['user_type'] == USER_FOUNDER)
{
trigger_error($user->lang['CANNOT_BAN_FOUNDER'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);

7
phpBB/includes/functions_user.php
View File

@@ -837,14 +837,15 @@ function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reas
FROM ' . USERS_TABLE . '
WHERE ' . $db->sql_in_set('username_clean', $sql_usernames);
// Do not allow banning yourself
// Do not allow banning yourself, the guest account, or founders.
$non_bannable = array($user->data['user_id'], ANONYMOUS);
if (sizeof($founder))
{
$sql .= ' AND ' . $db->sql_in_set('user_id', array_merge(array_keys($founder), array($user->data['user_id'])), true);
$sql .= ' AND ' . $db->sql_in_set('user_id', array_merge(array_keys($founder), $non_bannable), true);
}
else
{
$sql .= ' AND user_id <> ' . $user->data['user_id'];
$sql .= ' AND ' . $db->sql_in_set('user_id', $non_bannable, true);
}
$result = $db->sql_query($sql);