mirror of
https://github.com/phpbb/phpbb.git
synced 2025-05-06 23:55:26 +02:00
Enable exclusion from bans for users, IP's or email addresses
git-svn-id: file:///svn/phpbb/trunk@3267 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Paul S. Owen
parent
493a689b1e
commit
82b23fdf67
@ -21,7 +21,7 @@
|
|||||||
|
|
||||||
define('IN_PHPBB', 1);
|
define('IN_PHPBB', 1);
|
||||||
|
|
||||||
if(!empty($setmodules))
|
if (!empty($setmodules))
|
||||||
{
|
{
|
||||||
if (!$auth->acl_get('a_ban'))
|
if (!$auth->acl_get('a_ban'))
|
||||||
{
|
{
|
||||||
@ -66,6 +66,7 @@ if (isset($_POST['bansubmit']) || isset($_GET['bansubmit']))
|
|||||||
$ban_list = array_unique(explode("\n", $ban));
|
$ban_list = array_unique(explode("\n", $ban));
|
||||||
$ban_list_log = implode(', ', $ban_list);
|
$ban_list_log = implode(', ', $ban_list);
|
||||||
|
|
||||||
|
$ban_exclude = (!empty($_POST['banexclude'])) ? 1 : 0;
|
||||||
$ban_reason = (isset($_POST['banreason'])) ? $_POST['banreason'] : '';
|
$ban_reason = (isset($_POST['banreason'])) ? $_POST['banreason'] : '';
|
||||||
|
|
||||||
if (!empty($_POST['banlength']))
|
if (!empty($_POST['banlength']))
|
||||||
@ -216,7 +217,8 @@ if (isset($_POST['bansubmit']) || isset($_GET['bansubmit']))
|
|||||||
|
|
||||||
$sql = "SELECT $type
|
$sql = "SELECT $type
|
||||||
FROM " . BANLIST_TABLE . "
|
FROM " . BANLIST_TABLE . "
|
||||||
WHERE $type <> ''";
|
WHERE $type <> ''
|
||||||
|
AND ban_exclude = $ban_exclude";
|
||||||
$result = $db->sql_query($sql);
|
$result = $db->sql_query($sql);
|
||||||
|
|
||||||
if ($row = $db->sql_fetchrow($result))
|
if ($row = $db->sql_fetchrow($result))
|
||||||
@ -249,57 +251,58 @@ if (isset($_POST['bansubmit']) || isset($_GET['bansubmit']))
|
|||||||
{
|
{
|
||||||
for($i = 0; $i < count($banlist); $i++)
|
for($i = 0; $i < count($banlist); $i++)
|
||||||
{
|
{
|
||||||
$sql = "INSERT INTO " . BANLIST_TABLE . " ($type, ban_start, ban_end, ban_reason)
|
$sql = "INSERT INTO " . BANLIST_TABLE . " ($type, ban_start, ban_end, ban_exclude, ban_reason)
|
||||||
VALUES (" . $banlist[$i] . ", $current_time, $ban_end, '$ban_reason')";
|
VALUES (" . $banlist[$i] . ", $current_time, $ban_end, $ban_exclude, '$ban_reason')";
|
||||||
$db->sql_query($sql);
|
$db->sql_query($sql);
|
||||||
}
|
}
|
||||||
|
|
||||||
$sql = '';
|
if (!$ban_exclude)
|
||||||
switch ($mode)
|
|
||||||
{
|
{
|
||||||
case 'user':
|
$sql = '';
|
||||||
$sql = "WHERE session_user_id IN (" . implode(', ', $banlist) . ")";
|
switch ($mode)
|
||||||
break;
|
{
|
||||||
|
case 'user':
|
||||||
|
$sql = "WHERE session_user_id IN (" . implode(', ', $banlist) . ")";
|
||||||
|
break;
|
||||||
|
|
||||||
case 'ip':
|
case 'ip':
|
||||||
$sql = "WHERE session_ip IN (" . implode(', ', $banlist) . ")";
|
$sql = "WHERE session_ip IN (" . implode(', ', $banlist) . ")";
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case 'email':
|
case 'email':
|
||||||
$sql = "SELECT user_id
|
$sql = "SELECT user_id
|
||||||
FROM " . USERS_TABLE . "
|
FROM " . USERS_TABLE . "
|
||||||
WHERE user_email IN (" . implode(', ', $banlist) . ")";
|
WHERE user_email IN (" . implode(', ', $banlist) . ")";
|
||||||
$result = $db->sql_query($sql);
|
$result = $db->sql_query($sql);
|
||||||
|
|
||||||
$sql = '';
|
$sql = '';
|
||||||
if ($row = $db->sql_fetchrow($result))
|
if ($row = $db->sql_fetchrow($result))
|
||||||
{
|
|
||||||
do
|
|
||||||
{
|
{
|
||||||
$sql .= (($sql != '') ? ', ' : '') . $row['user_id'];
|
do
|
||||||
|
{
|
||||||
|
$sql .= (($sql != '') ? ', ' : '') . $row['user_id'];
|
||||||
|
}
|
||||||
|
while ($row = $db->sql_fetchrow($result));
|
||||||
|
|
||||||
|
$sql = "WHERE session_user_id IN (" . str_replace('*', '%', $sql) . ")";
|
||||||
}
|
}
|
||||||
while ($row = $db->sql_fetchrow($result));
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
$sql = "WHERE session_user_id IN (" . str_replace('*', '%', $sql) . ")";
|
if ($sql != '')
|
||||||
}
|
{
|
||||||
break;
|
$sql = "DELETE FROM " . SESSIONS_TABLE . "
|
||||||
|
$sql";
|
||||||
|
$db->sql_query($sql);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($sql != '')
|
|
||||||
{
|
|
||||||
$sql = "DELETE FROM " . SESSIONS_TABLE . "
|
|
||||||
$sql";
|
|
||||||
$db->sql_query($sql);
|
|
||||||
}
|
|
||||||
|
|
||||||
//
|
|
||||||
// Update log
|
// Update log
|
||||||
//
|
$log_entry = ($ban_exclude) ? 'LOG_BAN_EXCLUDE_' : 'log_ban_';
|
||||||
add_admin_log('log_ban_' . $mode, $ban_reason, $ban_list_log);
|
add_admin_log($log_entry . $mode, $ban_reason, $ban_list_log);
|
||||||
}
|
}
|
||||||
|
|
||||||
$message = $user->lang['Ban_update_sucessful'] . '<br /><br />' . sprintf($user->lang['Click_return_banadmin'], '<a href="' . "admin_ban.$phpEx$SID&mode=$mode" . '">', '</a>') . '<br /><br />' . sprintf($user->lang['Click_return_admin_index'], '<a href="' . "index.$phpEx$SID&pane=right" . '">', '</a>');
|
trigger_error($user->lang['Ban_update_sucessful']);
|
||||||
message_die(MESSAGE, $message);
|
|
||||||
|
|
||||||
}
|
}
|
||||||
else if (isset($_POST['unbansubmit']))
|
else if (isset($_POST['unbansubmit']))
|
||||||
@ -319,7 +322,7 @@ else if (isset($_POST['unbansubmit']))
|
|||||||
add_admin_log('log_unban_' . $mode, sizeof($_POST['unban']));
|
add_admin_log('log_unban_' . $mode, sizeof($_POST['unban']));
|
||||||
}
|
}
|
||||||
|
|
||||||
message_die(MESSAGE, $user->lang['Ban_update_sucessful']);
|
trigger_error($user->lang['Ban_update_sucessful']);
|
||||||
}
|
}
|
||||||
|
|
||||||
//
|
//
|
||||||
@ -392,7 +395,8 @@ switch ($mode)
|
|||||||
{
|
{
|
||||||
do
|
do
|
||||||
{
|
{
|
||||||
$banned_options .= '<option value="' . $row['ban_id'] . '">' . $row['username'] . '</option>';
|
|
||||||
|
$banned_options .= '<option' . (($row['ban_exclude']) ? ' style="color:red"' : '') . ' value="' . $row['ban_id'] . '">' . $row['username'] . '</option>';
|
||||||
$banned_length .= (($banned_length != '') ? ', ' : '') . '\'' . ($ban_end_text[(($row['ban_end'] - $row['ban_start']) / 60)]) . '\'';
|
$banned_length .= (($banned_length != '') ? ', ' : '') . '\'' . ($ban_end_text[(($row['ban_end'] - $row['ban_start']) / 60)]) . '\'';
|
||||||
$banned_reasons .= (($banned_reasons != '') ? ', ' : '') . '\'' . addslashes($row['ban_reason']) . '\'';
|
$banned_reasons .= (($banned_reasons != '') ? ', ' : '') . '\'' . addslashes($row['ban_reason']) . '\'';
|
||||||
}
|
}
|
||||||
@ -402,9 +406,10 @@ switch ($mode)
|
|||||||
|
|
||||||
$l_ban_title = $user->lang['Ban_users'];
|
$l_ban_title = $user->lang['Ban_users'];
|
||||||
$l_ban_explain = $user->lang['Ban_username_explain'];
|
$l_ban_explain = $user->lang['Ban_username_explain'];
|
||||||
|
$l_ban_exclude_explain = $user->lang['BAN_USER_EXCLUDE_EXPLAIN'];
|
||||||
$l_unban_title = $user->lang['Unban_username'];
|
$l_unban_title = $user->lang['Unban_username'];
|
||||||
$l_unban_explain = $user->lang['Unban_username_explain'];
|
$l_unban_explain = $user->lang['Unban_username_explain'];
|
||||||
$l_ban_cell = $user->lang['Username'];
|
$l_ban_cell = $user->lang['USERNAME'];
|
||||||
$l_no_ban_cell = $user->lang['No_banned_users'];
|
$l_no_ban_cell = $user->lang['No_banned_users'];
|
||||||
$s_submit_extra = '<input type="submit" name="usersubmit" value="' . $user->lang['Find_username'] . '" class="liteoption" onClick="window.open(\'../memberlist.' . $phpEx . $SID . '&mode=searchuser&field=ban\', \'_phpbbsearch\', \'HEIGHT=500,resizable=yes,scrollbars=yes,WIDTH=740\');return false;" />';
|
$s_submit_extra = '<input type="submit" name="usersubmit" value="' . $user->lang['Find_username'] . '" class="liteoption" onClick="window.open(\'../memberlist.' . $phpEx . $SID . '&mode=searchuser&field=ban\', \'_phpbbsearch\', \'HEIGHT=500,resizable=yes,scrollbars=yes,WIDTH=740\');return false;" />';
|
||||||
|
|
||||||
@ -436,6 +441,7 @@ switch ($mode)
|
|||||||
|
|
||||||
$l_ban_title = $user->lang['Ban_ips'];
|
$l_ban_title = $user->lang['Ban_ips'];
|
||||||
$l_ban_explain = $user->lang['Ban_IP_explain'];
|
$l_ban_explain = $user->lang['Ban_IP_explain'];
|
||||||
|
$l_ban_exclude_explain = $user->lang['BAN_IP_EXCLUDE_EXPLAIN'];
|
||||||
$l_unban_title = $user->lang['Unban_IP'];
|
$l_unban_title = $user->lang['Unban_IP'];
|
||||||
$l_unban_explain = $user->lang['Unban_IP_explain'];
|
$l_unban_explain = $user->lang['Unban_IP_explain'];
|
||||||
$l_ban_cell = $user->lang['IP_hostname'];
|
$l_ban_cell = $user->lang['IP_hostname'];
|
||||||
@ -470,6 +476,7 @@ switch ($mode)
|
|||||||
|
|
||||||
$l_ban_title = $user->lang['Ban_emails'];
|
$l_ban_title = $user->lang['Ban_emails'];
|
||||||
$l_ban_explain = $user->lang['Ban_email_explain'];
|
$l_ban_explain = $user->lang['Ban_email_explain'];
|
||||||
|
$l_ban_exclude_explain = $user->lang['BAN_EMAIL_EXCLUDE_EXPLAIN'];
|
||||||
$l_unban_title = $user->lang['Unban_email'];
|
$l_unban_title = $user->lang['Unban_email'];
|
||||||
$l_unban_explain = $user->lang['Unban_email_explain'];
|
$l_unban_explain = $user->lang['Unban_email_explain'];
|
||||||
$l_ban_cell = $user->lang['Email_address'];
|
$l_ban_cell = $user->lang['Email_address'];
|
||||||
@ -497,16 +504,20 @@ switch ($mode)
|
|||||||
<th colspan="2"><?php echo $l_ban_title; ?></th>
|
<th colspan="2"><?php echo $l_ban_title; ?></th>
|
||||||
</tr>
|
</tr>
|
||||||
<tr>
|
<tr>
|
||||||
<td class="row1" width="45%"><?php echo $l_ban_cell; ?>: </td>
|
<td class="row2" width="45%"><?php echo $l_ban_cell; ?>: </td>
|
||||||
<td class="row1"><textarea cols="40" rows="3" name="ban"></textarea></td>
|
<td class="row1"><textarea cols="40" rows="3" name="ban"></textarea></td>
|
||||||
</tr>
|
</tr>
|
||||||
<tr>
|
<tr>
|
||||||
<td class="row2" width="45%"><?php echo $user->lang['Ban_length']; ?>:</td>
|
<td class="row2" width="45%"><?php echo $user->lang['Ban_length']; ?>:</td>
|
||||||
<td class="row2"><select name="banlength"><?php echo $ban_end_options; ?></select> <input type="text" name="banlengthother" maxlength="10" size="10" /></td>
|
<td class="row1"><select name="banlength"><?php echo $ban_end_options; ?></select> <input type="text" name="banlengthother" maxlength="10" size="10" /></td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td class="row2" width="45%"><?php echo $user->lang['BAN_EXCLUDE']; ?>: <br /><span class="gensmall"><?php echo $l_ban_exclude_explain;;?></span></td>
|
||||||
|
<td class="row1"><input type="radio" name="banexclude" value="1" /> <?php echo $user->lang['YES']; ?> <input type="radio" name="banexclude" value="0" checked="checked" /> <?php echo $user->lang['NO']; ?></td>
|
||||||
</tr>
|
</tr>
|
||||||
<tr>
|
<tr>
|
||||||
<td class="row2" width="45%"><?php echo $user->lang['Ban_reason']; ?>:</td>
|
<td class="row2" width="45%"><?php echo $user->lang['Ban_reason']; ?>:</td>
|
||||||
<td class="row2"><input type="text" name="banreason" maxlength="255" size="40" /></td>
|
<td class="row1"><input type="text" name="banreason" maxlength="255" size="40" /></td>
|
||||||
</tr>
|
</tr>
|
||||||
<tr>
|
<tr>
|
||||||
<td class="cat" colspan="2" align="center"> <input type="submit" name="bansubmit" value="<?php echo $user->lang['SUBMIT']; ?>" class="mainoption" /> <input type="reset" value="<?php echo $user->lang['Reset']; ?>" class="liteoption" /> <?php echo $s_submit_extra; ?></td>
|
<td class="cat" colspan="2" align="center"> <input type="submit" name="bansubmit" value="<?php echo $user->lang['SUBMIT']; ?>" class="mainoption" /> <input type="reset" value="<?php echo $user->lang['Reset']; ?>" class="liteoption" /> <?php echo $s_submit_extra; ?></td>
|
||||||
|
|||||||
@ -171,7 +171,10 @@ class session
|
|||||||
$this->data['user_id'] = $user_id = ANONYMOUS;
|
$this->data['user_id'] = $user_id = ANONYMOUS;
|
||||||
}
|
}
|
||||||
|
|
||||||
$sql = "SELECT ban_ip, ban_userid, ban_email
|
// Is user banned? Are they excempt?
|
||||||
|
$banned = false;
|
||||||
|
|
||||||
|
$sql = "SELECT ban_ip, ban_userid, ban_email, ban_exclude
|
||||||
FROM " . BANLIST_TABLE . "
|
FROM " . BANLIST_TABLE . "
|
||||||
WHERE ban_end >= $current_time
|
WHERE ban_end >= $current_time
|
||||||
OR ban_end = 0";
|
OR ban_end = 0";
|
||||||
@ -179,16 +182,30 @@ class session
|
|||||||
|
|
||||||
while ($row = $db->sql_fetchrow($result))
|
while ($row = $db->sql_fetchrow($result))
|
||||||
{
|
{
|
||||||
if (( $row['user_id'] == $this->data['user_id'] ||
|
if ((
|
||||||
|
($row['user_id'] == $this->data['user_id']) ||
|
||||||
($row['ban_ip'] && preg_match('#^' . str_replace('*', '.*?', $row['ban_ip']) . '$#i', $this->ip)) ||
|
($row['ban_ip'] && preg_match('#^' . str_replace('*', '.*?', $row['ban_ip']) . '$#i', $this->ip)) ||
|
||||||
($row['ban_email'] && preg_match('#^' . str_replace('*', '.*?', $row['ban_email']) . '$#i', $this->data['user_email'])))
|
($row['ban_email'] && preg_match('#^' . str_replace('*', '.*?', $row['ban_email']) . '$#i', $this->data['user_email'])))
|
||||||
&& !$this->data['user_founder'])
|
&& !$this->data['user_founder'])
|
||||||
{
|
{
|
||||||
trigger_error('You_been_banned');
|
if (!empty($row['ban_exclude']))
|
||||||
|
{
|
||||||
|
$banned = false;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
$banned = true;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
$db->sql_freeresult($result);
|
$db->sql_freeresult($result);
|
||||||
|
|
||||||
|
if ($banned)
|
||||||
|
{
|
||||||
|
trigger_error('You_been_banned');
|
||||||
|
}
|
||||||
|
|
||||||
// Is there an existing session? If so, grab last visit time from that
|
// Is there an existing session? If so, grab last visit time from that
|
||||||
$this->data['session_last_visit'] = ($this->data['session_time']) ? $this->data['session_time'] : (($this->data['user_lastvisit']) ? $this->data['user_lastvisit'] : time());
|
$this->data['session_last_visit'] = ($this->data['session_time']) ? $this->data['session_time'] : (($this->data['user_lastvisit']) ? $this->data['user_lastvisit'] : time());
|
||||||
|
|
||||||
|
|||||||
@ -73,10 +73,9 @@ CREATE TABLE phpbb_banlist (
|
|||||||
ban_email varchar(50),
|
ban_email varchar(50),
|
||||||
ban_start int(11),
|
ban_start int(11),
|
||||||
ban_end int(11),
|
ban_end int(11),
|
||||||
|
ban_exclude tinyint(1) DEFAULT '0' NOT NULL,
|
||||||
ban_reason varchar(255),
|
ban_reason varchar(255),
|
||||||
PRIMARY KEY (ban_id),
|
PRIMARY KEY (ban_id)
|
||||||
KEY ban_ip_user_id (ban_ip, ban_userid),
|
|
||||||
KEY ban_email (ban_email)
|
|
||||||
);
|
);
|
||||||
|
|
||||||
|
|
||||||
@ -95,7 +94,7 @@ CREATE TABLE phpbb_config (
|
|||||||
|
|
||||||
# --------------------------------------------------------
|
# --------------------------------------------------------
|
||||||
#
|
#
|
||||||
# Table structure for table 'phpbb_disallow' <- combine with banlist
|
# Table structure for table 'phpbb_disallow'
|
||||||
#
|
#
|
||||||
CREATE TABLE phpbb_disallow (
|
CREATE TABLE phpbb_disallow (
|
||||||
disallow_id mediumint(8) UNSIGNED NOT NULL auto_increment,
|
disallow_id mediumint(8) UNSIGNED NOT NULL auto_increment,
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user