mirror of
				https://github.com/phpbb/phpbb.git
				synced 2025-10-25 13:46:50 +02:00 
			
		
		
		
	[ticket/8323] Correct PM notification settings (only notify those who can receive them)
Also correcting the way it was setup for users to be able to receive PMs (do not allow administrators/moderators to send to banned, inactive, or non-standard users, that just doesn't make sense) PHPBB3-8323
This commit is contained in:
		| @@ -1828,7 +1828,7 @@ function pm_notification($mode, $author, $recipients, $subject, $message, $msg_i | |||||||
| 		return; | 		return; | ||||||
| 	} | 	} | ||||||
|  |  | ||||||
| 	// Get permanently banned users (do not allow sending to these users) | 	// Get permanently banned users (do not notify these users) | ||||||
| 	if (!function_exists('phpbb_get_banned_user_ids')) | 	if (!function_exists('phpbb_get_banned_user_ids')) | ||||||
| 	{ | 	{ | ||||||
| 		include($phpbb_root_path . 'includes/functions_user.' . $phpEx); | 		include($phpbb_root_path . 'includes/functions_user.' . $phpEx); | ||||||
| @@ -1836,12 +1836,18 @@ function pm_notification($mode, $author, $recipients, $subject, $message, $msg_i | |||||||
| 	$banned_users = phpbb_get_banned_user_ids(array_keys($recipients), false); | 	$banned_users = phpbb_get_banned_user_ids(array_keys($recipients), false); | ||||||
| 	$recipients = array_diff(array_keys($recipients), $banned_users); | 	$recipients = array_diff(array_keys($recipients), $banned_users); | ||||||
|  |  | ||||||
|  | 	// Get the list of users who can read PMs (only notify those who can read PMs) | ||||||
|  | 	$can_read = $auth->acl_get_list($recipients, 'u_readpm'); | ||||||
|  | 	$can_read = (empty($can_read) || !isset($can_read[0]['u_readpm'])) ? array() : $can_read[0]['u_readpm']; | ||||||
|  | 	$recipients = array_intersect($recipients, $can_read); | ||||||
|  |  | ||||||
| 	if (!sizeof($recipients)) | 	if (!sizeof($recipients)) | ||||||
| 	{ | 	{ | ||||||
| 		return; | 		return; | ||||||
| 	} | 	} | ||||||
|  |  | ||||||
| 	$sql = 'SELECT user_id, username, user_email, user_lang, user_notify_pm, user_notify_type, user_jabber | 	// Get the list of users who want to receive notifications, are "normal" and not deactivated, and have a non-blank email address | ||||||
|  | 	$sql = 'SELECT user_id, username, user_type, user_email, user_lang, user_notify_pm, user_notify_type, user_jabber | ||||||
| 		FROM ' . USERS_TABLE . ' | 		FROM ' . USERS_TABLE . ' | ||||||
| 		WHERE ' . $db->sql_in_set('user_id', $recipients); | 		WHERE ' . $db->sql_in_set('user_id', $recipients); | ||||||
| 	$result = $db->sql_query($sql); | 	$result = $db->sql_query($sql); | ||||||
| @@ -1849,7 +1855,7 @@ function pm_notification($mode, $author, $recipients, $subject, $message, $msg_i | |||||||
| 	$msg_list_ary = array(); | 	$msg_list_ary = array(); | ||||||
| 	while ($row = $db->sql_fetchrow($result)) | 	while ($row = $db->sql_fetchrow($result)) | ||||||
| 	{ | 	{ | ||||||
| 		if ($row['user_notify_pm'] == 1 && trim($row['user_email'])) | 		if ($row['user_notify_pm'] == 1 && $row['user_type'] != USER_IGNORE && $row['user_type'] != USER_INACTIVE && trim($row['user_email'])) | ||||||
| 		{ | 		{ | ||||||
| 			$msg_list_ary[] = array( | 			$msg_list_ary[] = array( | ||||||
| 				'method'	=> $row['user_notify_type'], | 				'method'	=> $row['user_notify_type'], | ||||||
|   | |||||||
| @@ -1247,14 +1247,9 @@ function handle_message_list_actions(&$address_list, &$error, $remove_u, $remove | |||||||
| 		} | 		} | ||||||
|  |  | ||||||
| 		// Check if users have permission to read PMs | 		// Check if users have permission to read PMs | ||||||
| 		// Only check if not a moderator or admin, since they are allowed to override this user setting | 		$can_read = $auth->acl_get_list(array_keys($address_list['u']), 'u_readpm'); | ||||||
| 		if (!$auth->acl_gets('a_', 'm_') && !$auth->acl_getf_global('m_')) |  | ||||||
| 		{ |  | ||||||
| 			$can_read = $auth->acl_get_list(false, 'u_readpm'); |  | ||||||
| 		$can_read = (empty($can_read) || !isset($can_read[0]['u_readpm'])) ? array() : $can_read[0]['u_readpm']; | 		$can_read = (empty($can_read) || !isset($can_read[0]['u_readpm'])) ? array() : $can_read[0]['u_readpm']; | ||||||
|  |  | ||||||
| 		$cannot_read_list = array_diff(array_keys($address_list['u']), $can_read); | 		$cannot_read_list = array_diff(array_keys($address_list['u']), $can_read); | ||||||
|  |  | ||||||
| 		if (!empty($cannot_read_list)) | 		if (!empty($cannot_read_list)) | ||||||
| 		{ | 		{ | ||||||
| 			foreach ($cannot_read_list as $cannot_read) | 			foreach ($cannot_read_list as $cannot_read) | ||||||
| @@ -1264,14 +1259,9 @@ function handle_message_list_actions(&$address_list, &$error, $remove_u, $remove | |||||||
|  |  | ||||||
| 			$error[] = $user->lang['PM_USERS_REMOVED_NO_PERMISSION']; | 			$error[] = $user->lang['PM_USERS_REMOVED_NO_PERMISSION']; | ||||||
| 		} | 		} | ||||||
| 		} |  | ||||||
|  |  | ||||||
| 		// Check if users are banned | 		// Check if users are banned | ||||||
| 		// Only check if not a moderator or admin, since they are allowed to override this user setting |  | ||||||
| 		if (!$auth->acl_gets('a_', 'm_') && !$auth->acl_getf_global('m_')) |  | ||||||
| 		{ |  | ||||||
| 		$banned_user_list = phpbb_get_banned_user_ids(array_keys($address_list['u']), false); | 		$banned_user_list = phpbb_get_banned_user_ids(array_keys($address_list['u']), false); | ||||||
|  |  | ||||||
| 		if (!empty($banned_user_list)) | 		if (!empty($banned_user_list)) | ||||||
| 		{ | 		{ | ||||||
| 			foreach ($banned_user_list as $banned_user) | 			foreach ($banned_user_list as $banned_user) | ||||||
| @@ -1282,7 +1272,6 @@ function handle_message_list_actions(&$address_list, &$error, $remove_u, $remove | |||||||
| 			$error[] = $user->lang['PM_USERS_REMOVED_BANNED']; | 			$error[] = $user->lang['PM_USERS_REMOVED_BANNED']; | ||||||
| 		} | 		} | ||||||
| 	} | 	} | ||||||
| 	} |  | ||||||
| } | } | ||||||
|  |  | ||||||
| /** | /** | ||||||
|   | |||||||
| @@ -1696,7 +1696,13 @@ function show_profile($data, $user_notes_enabled = false, $warn_user_enabled = f | |||||||
| 	} | 	} | ||||||
|  |  | ||||||
| 	// Can this user receive a Private Message? | 	// Can this user receive a Private Message? | ||||||
| 	$can_receive_pm = ($data['user_type'] <> USER_IGNORE && $data['user_type'] <> USER_INACTIVE && (($auth->acl_gets('a_', 'm_') || $auth->acl_getf_global('m_')) || ($data['user_allow_pm'] && sizeof($auth->acl_get_list($user_id, 'u_readpm')) && !sizeof(phpbb_get_banned_user_ids($user_id, false))))) ? true : false; | 	$can_receive_pm = ( | ||||||
|  | 		$data['user_type'] != USER_IGNORE && // They must be a "normal" user | ||||||
|  | 		$data['user_type'] != USER_INACTIVE && // They must not be deactivated by the administrator | ||||||
|  | 		sizeof($auth->acl_get_list($user_id, 'u_readpm')) && // They must be able to read PMs | ||||||
|  | 		!sizeof(phpbb_get_banned_user_ids($user_id, false)) && // They must not be permanently banned | ||||||
|  | 		(($auth->acl_gets('a_', 'm_') || $auth->acl_getf_global('m_')) || $data['user_allow_pm']) // They must allow users to contact via PM | ||||||
|  | 	) ? true : false; | ||||||
|  |  | ||||||
| 	// Dump it out to the template | 	// Dump it out to the template | ||||||
| 	return array( | 	return array( | ||||||
|   | |||||||
| @@ -1322,7 +1322,7 @@ $can_receive_pm_list = $auth->acl_get_list(array_keys($user_cache), 'u_readpm'); | |||||||
| $can_receive_pm_list = (empty($can_receive_pm_list) || !isset($can_receive_pm_list[0]['u_readpm'])) ? array() : $can_receive_pm_list[0]['u_readpm']; | $can_receive_pm_list = (empty($can_receive_pm_list) || !isset($can_receive_pm_list[0]['u_readpm'])) ? array() : $can_receive_pm_list[0]['u_readpm']; | ||||||
|  |  | ||||||
| // Get the list of permanently banned users | // Get the list of permanently banned users | ||||||
| $banned_users = phpbb_get_banned_user_ids(array_keys($user_cache), false); | $permanently_banned_users = phpbb_get_banned_user_ids(array_keys($user_cache), false); | ||||||
|  |  | ||||||
| $i_total = sizeof($rowset) - 1; | $i_total = sizeof($rowset) - 1; | ||||||
| $prev_post_id = ''; | $prev_post_id = ''; | ||||||
| @@ -1497,7 +1497,13 @@ for ($i = 0, $end = sizeof($post_list); $i < $end; ++$i) | |||||||
| 	))); | 	))); | ||||||
|  |  | ||||||
| 	// Can this user receive a Private Message? | 	// Can this user receive a Private Message? | ||||||
| 	$can_receive_pm = ($user_cache[$poster_id]['user_type'] <> USER_INACTIVE && (($auth->acl_gets('a_', 'm_') || $auth->acl_getf_global('m_')) || ($user_cache[$poster_id]['allow_pm'] && in_array($poster_id, $can_receive_pm_list) && !in_array($poster_id, $banned_users)))) ? true : false; | 	$can_receive_pm = ( | ||||||
|  | 		$user_cache[$poster_id]['user_type'] != USER_IGNORE && // They must be a "normal" user | ||||||
|  | 		$user_cache[$poster_id]['user_type'] != USER_INACTIVE && // They must not be deactivated by the administrator | ||||||
|  | 		in_array($poster_id, $can_receive_pm_list) && // They must be able to read PMs | ||||||
|  | 		!in_array($poster_id, $permanently_banned_users) && // They must not be permanently banned | ||||||
|  | 		(($auth->acl_gets('a_', 'm_') || $auth->acl_getf_global('m_')) || $data['user_allow_pm']) // They must allow users to contact via PM | ||||||
|  | 	) ? true : false; | ||||||
|  |  | ||||||
| 	// | 	// | ||||||
| 	$postrow = array( | 	$postrow = array( | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user