From 82b23fdf67e3e94759c28a99cd6b05d70409873f Mon Sep 17 00:00:00 2001
From: "Paul S. Owen" <psotfx@users.sourceforge.net>
Date: Tue, 7 Jan 2003 18:39:24 +0000
Subject: [PATCH] Enable exclusion from bans for users, IP's or email addresses

git-svn-id: file:///svn/phpbb/trunk@3267 89ea8834-ac86-4346-8a33-228a782c2dd0
---
 phpBB/admin/admin_ban.php              | 99 ++++++++++++++------------
 phpBB/includes/session.php             | 23 +++++-
 phpBB/install/schemas/mysql_schema.sql |  7 +-
 3 files changed, 78 insertions(+), 51 deletions(-)

diff --git a/phpBB/admin/admin_ban.php b/phpBB/admin/admin_ban.php
index 8f3cb6abf1..82e3979a8a 100644
--- a/phpBB/admin/admin_ban.php
+++ b/phpBB/admin/admin_ban.php
@@ -21,7 +21,7 @@
 
 define('IN_PHPBB', 1);
 
-if(!empty($setmodules))
+if (!empty($setmodules))
 {
 	if (!$auth->acl_get('a_ban'))
 	{
@@ -66,6 +66,7 @@ if (isset($_POST['bansubmit']) || isset($_GET['bansubmit']))
 	$ban_list = array_unique(explode("\n", $ban));
 	$ban_list_log = implode(', ', $ban_list);
 
+	$ban_exclude = (!empty($_POST['banexclude'])) ? 1 : 0;
 	$ban_reason = (isset($_POST['banreason'])) ? $_POST['banreason'] : '';
 
 	if (!empty($_POST['banlength']))
@@ -216,7 +217,8 @@ if (isset($_POST['bansubmit']) || isset($_GET['bansubmit']))
 
 	$sql = "SELECT $type
 		FROM " . BANLIST_TABLE . "
-		WHERE $type <> ''";
+		WHERE $type <> '' 
+			AND ban_exclude = $ban_exclude";
 	$result = $db->sql_query($sql);
 
 	if ($row = $db->sql_fetchrow($result))
@@ -249,57 +251,58 @@ if (isset($_POST['bansubmit']) || isset($_GET['bansubmit']))
 	{
 		for($i = 0; $i < count($banlist); $i++)
 		{
-			$sql = "INSERT INTO " . BANLIST_TABLE . " ($type, ban_start, ban_end, ban_reason)
-				VALUES (" . $banlist[$i] . ", $current_time, $ban_end, '$ban_reason')";
+			$sql = "INSERT INTO " . BANLIST_TABLE . " ($type, ban_start, ban_end, ban_exclude, ban_reason)
+				VALUES (" . $banlist[$i] . ", $current_time, $ban_end, $ban_exclude, '$ban_reason')";
 			$db->sql_query($sql);
 		}
 
-		$sql = '';
-		switch ($mode)
+		if (!$ban_exclude)
 		{
-			case 'user':
-				$sql = "WHERE session_user_id IN (" . implode(', ', $banlist) . ")";
-				break;
+			$sql = '';
+			switch ($mode)
+			{
+				case 'user':
+					$sql = "WHERE session_user_id IN (" . implode(', ', $banlist) . ")";
+					break;
 
-			case 'ip':
-				$sql = "WHERE session_ip IN (" . implode(', ', $banlist) . ")";
-				break;
+				case 'ip':
+					$sql = "WHERE session_ip IN (" . implode(', ', $banlist) . ")";
+					break;
 
-			case 'email':
-				$sql = "SELECT user_id
-					FROM " . USERS_TABLE . "
-					WHERE user_email IN (" . implode(', ', $banlist) . ")";
-				$result = $db->sql_query($sql);
+				case 'email':
+					$sql = "SELECT user_id
+						FROM " . USERS_TABLE . "
+						WHERE user_email IN (" . implode(', ', $banlist) . ")";
+					$result = $db->sql_query($sql);
 
-				$sql = '';
-				if ($row = $db->sql_fetchrow($result))
-				{
-					do
+					$sql = '';
+					if ($row = $db->sql_fetchrow($result))
 					{
-						$sql .= (($sql != '') ? ', ' : '') . $row['user_id'];
+						do
+						{
+							$sql .= (($sql != '') ? ', ' : '') . $row['user_id'];
+						}
+						while ($row = $db->sql_fetchrow($result));
+
+						$sql = "WHERE session_user_id IN (" . str_replace('*', '%', $sql) . ")";
 					}
-					while ($row = $db->sql_fetchrow($result));
+					break;
+			}
 
-					$sql = "WHERE session_user_id IN (" . str_replace('*', '%', $sql) . ")";
-				}
-				break;
+			if ($sql != '')
+			{
+				$sql = "DELETE FROM " . SESSIONS_TABLE . "
+					$sql";
+				$db->sql_query($sql);
+			}
 		}
 
-		if ($sql != '')
-		{
-			$sql = "DELETE FROM " . SESSIONS_TABLE . "
-				$sql";
-			$db->sql_query($sql);
-		}
-
-		//
 		// Update log
-		//
-		add_admin_log('log_ban_' . $mode, $ban_reason, $ban_list_log);
+		$log_entry = ($ban_exclude) ? 'LOG_BAN_EXCLUDE_' : 'log_ban_';
+		add_admin_log($log_entry . $mode, $ban_reason, $ban_list_log);
 	}
 
-	$message = $user->lang['Ban_update_sucessful'] . '<br /><br />' . sprintf($user->lang['Click_return_banadmin'], '<a href="' . "admin_ban.$phpEx$SID&amp;mode=$mode" . '">', '</a>') . '<br /><br />' . sprintf($user->lang['Click_return_admin_index'], '<a href="' . "index.$phpEx$SID&amp;pane=right" . '">', '</a>');
-	message_die(MESSAGE, $message);
+	trigger_error($user->lang['Ban_update_sucessful']);
 
 }
 else if (isset($_POST['unbansubmit']))
@@ -319,7 +322,7 @@ else if (isset($_POST['unbansubmit']))
 		add_admin_log('log_unban_' . $mode, sizeof($_POST['unban']));
 	}
 
-	message_die(MESSAGE, $user->lang['Ban_update_sucessful']);
+	trigger_error($user->lang['Ban_update_sucessful']);
 }
 
 //
@@ -392,7 +395,8 @@ switch ($mode)
 		{
 			do
 			{
-				$banned_options .= '<option value="' . $row['ban_id'] . '">' . $row['username'] . '</option>';
+
+				$banned_options .=  '<option' . (($row['ban_exclude']) ? ' style="color:red"' : '') . ' value="' . $row['ban_id'] . '">' . $row['username'] . '</option>';
 				$banned_length .= (($banned_length != '') ? ', ' : '') . '\'' . ($ban_end_text[(($row['ban_end'] - $row['ban_start']) / 60)]) . '\'';
 				$banned_reasons .= (($banned_reasons != '') ? ', ' : '') . '\'' . addslashes($row['ban_reason']) . '\'';
 			}
@@ -402,9 +406,10 @@ switch ($mode)
 
 		$l_ban_title = $user->lang['Ban_users'];
 		$l_ban_explain = $user->lang['Ban_username_explain'];
+		$l_ban_exclude_explain = $user->lang['BAN_USER_EXCLUDE_EXPLAIN'];
 		$l_unban_title = $user->lang['Unban_username'];
 		$l_unban_explain = $user->lang['Unban_username_explain'];
-		$l_ban_cell = $user->lang['Username'];
+		$l_ban_cell = $user->lang['USERNAME'];
 		$l_no_ban_cell = $user->lang['No_banned_users'];
 		$s_submit_extra = '<input type="submit" name="usersubmit" value="' . $user->lang['Find_username'] . '" class="liteoption" onClick="window.open(\'../memberlist.' . $phpEx . $SID . '&amp;mode=searchuser&amp;field=ban\', \'_phpbbsearch\', \'HEIGHT=500,resizable=yes,scrollbars=yes,WIDTH=740\');return false;" />';
 
@@ -436,6 +441,7 @@ switch ($mode)
 
 		$l_ban_title = $user->lang['Ban_ips'];
 		$l_ban_explain = $user->lang['Ban_IP_explain'];
+		$l_ban_exclude_explain = $user->lang['BAN_IP_EXCLUDE_EXPLAIN'];
 		$l_unban_title = $user->lang['Unban_IP'];
 		$l_unban_explain = $user->lang['Unban_IP_explain'];
 		$l_ban_cell = $user->lang['IP_hostname'];
@@ -470,6 +476,7 @@ switch ($mode)
 
 		$l_ban_title = $user->lang['Ban_emails'];
 		$l_ban_explain = $user->lang['Ban_email_explain'];
+		$l_ban_exclude_explain = $user->lang['BAN_EMAIL_EXCLUDE_EXPLAIN'];
 		$l_unban_title = $user->lang['Unban_email'];
 		$l_unban_explain = $user->lang['Unban_email_explain'];
 		$l_ban_cell = $user->lang['Email_address'];
@@ -497,16 +504,20 @@ switch ($mode)
 		<th colspan="2"><?php echo $l_ban_title; ?></th>
 	</tr>
 	<tr>
-		<td class="row1" width="45%"><?php echo $l_ban_cell; ?>: </td>
+		<td class="row2" width="45%"><?php echo $l_ban_cell; ?>: </td>
 		<td class="row1"><textarea cols="40" rows="3" name="ban"></textarea></td>
 	</tr>
 	<tr>
 		<td class="row2" width="45%"><?php echo $user->lang['Ban_length']; ?>:</td>
-		<td class="row2"><select name="banlength"><?php echo $ban_end_options; ?></select>&nbsp; <input type="text" name="banlengthother" maxlength="10" size="10" /></td>
+		<td class="row1"><select name="banlength"><?php echo $ban_end_options; ?></select>&nbsp; <input type="text" name="banlengthother" maxlength="10" size="10" /></td>
+	</tr>
+	<tr>
+		<td class="row2" width="45%"><?php echo $user->lang['BAN_EXCLUDE']; ?>: <br /><span class="gensmall"><?php echo $l_ban_exclude_explain;;?></span></td>
+		<td class="row1"><input type="radio" name="banexclude" value="1" /> <?php echo $user->lang['YES']; ?> &nbsp; <input type="radio" name="banexclude" value="0" checked="checked" /> <?php echo $user->lang['NO']; ?></td>
 	</tr>
 	<tr>
 		<td class="row2" width="45%"><?php echo $user->lang['Ban_reason']; ?>:</td>
-		<td class="row2"><input type="text" name="banreason" maxlength="255" size="40" /></td>
+		<td class="row1"><input type="text" name="banreason" maxlength="255" size="40" /></td>
 	</tr>
 	<tr>
 		<td class="cat" colspan="2" align="center"> <input type="submit" name="bansubmit" value="<?php echo $user->lang['SUBMIT']; ?>" class="mainoption" />&nbsp; <input type="reset" value="<?php echo $user->lang['Reset']; ?>" class="liteoption" />&nbsp; <?php echo $s_submit_extra; ?></td>
diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php
index 7def737c02..ce066cfd1f 100644
--- a/phpBB/includes/session.php
+++ b/phpBB/includes/session.php
@@ -171,7 +171,10 @@ class session
 			$this->data['user_id'] = $user_id = ANONYMOUS;
 		}
 
-		$sql = "SELECT ban_ip, ban_userid, ban_email
+		// Is user banned? Are they excempt?
+		$banned = false;
+
+		$sql = "SELECT ban_ip, ban_userid, ban_email, ban_exclude  
 			FROM " . BANLIST_TABLE . "
 			WHERE ban_end >= $current_time
 				OR ban_end = 0";
@@ -179,16 +182,30 @@ class session
 
 		while ($row = $db->sql_fetchrow($result))
 		{
-			if (( $row['user_id'] == $this->data['user_id'] ||
+			if ((
+				($row['user_id'] == $this->data['user_id']) ||
 				($row['ban_ip'] && preg_match('#^' . str_replace('*', '.*?', $row['ban_ip']) . '$#i', $this->ip)) ||
 				($row['ban_email'] && preg_match('#^' . str_replace('*', '.*?', $row['ban_email']) . '$#i', $this->data['user_email'])))
 				&& !$this->data['user_founder'])
 			{
-				trigger_error('You_been_banned');
+				if (!empty($row['ban_exclude']))
+				{
+					$banned = false;
+					break;
+				}
+				else
+				{
+					$banned = true; 
+				}
 			}
 		}
 		$db->sql_freeresult($result);
 
+		if ($banned)
+		{
+			trigger_error('You_been_banned');
+		}
+
 		// Is there an existing session? If so, grab last visit time from that
 		$this->data['session_last_visit'] = ($this->data['session_time']) ? $this->data['session_time'] : (($this->data['user_lastvisit']) ? $this->data['user_lastvisit'] : time());
 
diff --git a/phpBB/install/schemas/mysql_schema.sql b/phpBB/install/schemas/mysql_schema.sql
index 26b756b2db..3602843d05 100644
--- a/phpBB/install/schemas/mysql_schema.sql
+++ b/phpBB/install/schemas/mysql_schema.sql
@@ -73,10 +73,9 @@ CREATE TABLE phpbb_banlist (
    ban_email varchar(50),
    ban_start int(11),
    ban_end int(11),
+   ban_exclude tinyint(1) DEFAULT '0' NOT NULL, 
    ban_reason varchar(255),
-   PRIMARY KEY (ban_id),
-   KEY ban_ip_user_id (ban_ip, ban_userid),
-   KEY ban_email (ban_email)
+   PRIMARY KEY (ban_id)
 );
 
 
@@ -95,7 +94,7 @@ CREATE TABLE phpbb_config (
 
 # --------------------------------------------------------
 #
-# Table structure for table 'phpbb_disallow' <- combine with banlist
+# Table structure for table 'phpbb_disallow'
 #
 CREATE TABLE phpbb_disallow (
    disallow_id mediumint(8) UNSIGNED NOT NULL auto_increment,