mirror of
https://github.com/phpbb/phpbb.git
synced 2025-08-11 03:04:09 +02:00
Merge remote-tracking branch 'github-exreaction/ticket/8323' into develop-ascraeus
* github-exreaction/ticket/8323: [ticket/8323] Cache auth request [ticket/8323] Combine into a single query [ticket/8323] Comments on phpbb_get_banned_user_ids input for test [ticket/8323] More readability in test case [ticket/8323] Comments [ticket/8323] dataProvider for the test; better test data [ticket/8323] Comments [ticket/8323] Unit test for phpbb_get_banned_user_ids [ticket/8323] Comments for inactive reasons in constants.php [ticket/8323] Only disable administrative deactivated accounts from receiving PMs [ticket/8323] Allow temporarily banned users to receive PMs, but not a notification [ticket/8323] Correct PM notification settings (only notify those who can receive them) [ticket/8323] Cleanup viewtopic code (not sure how this mess happened) [ticket/8323] Allow sending PMs to temporarily banned users [ticket/8323] Do not allow sending PMs to Inactive users [ticket/8323] Hide the Send PM link if users cannot receive the PM [ticket/8323] Correcting the comment [ticket/8323] Do not allow sending of Private Messages to users who are banned [ticket/8323] Remove code used for testing [ticket/8323] Do not allow sending of Private Messages to users who do not have permission to read private messages Conflicts: phpBB/language/en/ucp.php
This commit is contained in:
Nils Adermann
@@ -46,10 +46,10 @@ define('USER_INACTIVE', 1);
|
||||
define('USER_IGNORE', 2);
|
||||
define('USER_FOUNDER', 3);
|
||||
|
||||
define('INACTIVE_REGISTER', 1);
|
||||
define('INACTIVE_PROFILE', 2);
|
||||
define('INACTIVE_MANUAL', 3);
|
||||
define('INACTIVE_REMIND', 4);
|
||||
define('INACTIVE_REGISTER', 1); // Newly registered account
|
||||
define('INACTIVE_PROFILE', 2); // Profile details changed
|
||||
define('INACTIVE_MANUAL', 3); // Account deactivated by administrator
|
||||
define('INACTIVE_REMIND', 4); // Forced user account reactivation
|
||||
|
||||
// ACL
|
||||
define('ACL_NEVER', 0);
|
||||
|
||||
@@ -3455,9 +3455,12 @@ function remove_newly_registered($user_id, $user_data = false)
|
||||
*
|
||||
* @param array $user_ids Array of users' ids to check for banning,
|
||||
* leave empty to get complete list of banned ids
|
||||
* @param bool|int $ban_end Bool True to get users currently banned
|
||||
* Bool False to only get permanently banned users
|
||||
* Int Unix timestamp to get users banned until that time
|
||||
* @return array Array of banned users' ids if any, empty array otherwise
|
||||
*/
|
||||
function phpbb_get_banned_user_ids($user_ids = array())
|
||||
function phpbb_get_banned_user_ids($user_ids = array(), $ban_end = true)
|
||||
{
|
||||
global $db;
|
||||
|
||||
@@ -3469,9 +3472,26 @@ function phpbb_get_banned_user_ids($user_ids = array())
|
||||
$sql = 'SELECT ban_userid
|
||||
FROM ' . BANLIST_TABLE . "
|
||||
WHERE $sql_user_ids
|
||||
AND ban_exclude <> 1
|
||||
AND (ban_end > " . time() . '
|
||||
AND ban_exclude <> 1";
|
||||
|
||||
if ($ban_end === true)
|
||||
{
|
||||
// Banned currently
|
||||
$sql .= " AND (ban_end > " . time() . '
|
||||
OR ban_end = 0)';
|
||||
}
|
||||
else if ($ban_end === false)
|
||||
{
|
||||
// Permanently banned
|
||||
$sql .= " AND ban_end = 0";
|
||||
}
|
||||
else
|
||||
{
|
||||
// Banned until a specified time
|
||||
$sql .= " AND (ban_end > " . (int) $ban_end . '
|
||||
OR ban_end = 0)';
|
||||
}
|
||||
|
||||
$result = $db->sql_query($sql);
|
||||
while ($row = $db->sql_fetchrow($result))
|
||||
{
|
||||
|
||||
@@ -1226,29 +1226,81 @@ function handle_message_list_actions(&$address_list, &$error, $remove_u, $remove
|
||||
// Check for disallowed recipients
|
||||
if (!empty($address_list['u']))
|
||||
{
|
||||
// We need to check their PM status (do they want to receive PM's?)
|
||||
// Only check if not a moderator or admin, since they are allowed to override this user setting
|
||||
if (!$auth->acl_gets('a_', 'm_') && !$auth->acl_getf_global('m_'))
|
||||
// Administrator deactivated users check and we need to check their
|
||||
// PM status (do they want to receive PM's?)
|
||||
// Only check PM status if not a moderator or admin, since they
|
||||
// are allowed to override this user setting
|
||||
$sql = 'SELECT user_id, user_allow_pm
|
||||
FROM ' . USERS_TABLE . '
|
||||
WHERE ' . $db->sql_in_set('user_id', array_keys($address_list['u'])) . '
|
||||
AND (user_type = ' . USER_INACTIVE . '
|
||||
AND user_inactive_reason = ' . INACTIVE_MANUAL . ')';
|
||||
|
||||
$can_ignore_allow_pm = ($auth->acl_gets('a_', 'm_') || $auth->acl_getf_global('m_'));
|
||||
if (!$can_ignore_allow_pm)
|
||||
{
|
||||
$sql = 'SELECT user_id
|
||||
FROM ' . USERS_TABLE . '
|
||||
WHERE ' . $db->sql_in_set('user_id', array_keys($address_list['u'])) . '
|
||||
AND user_allow_pm = 0';
|
||||
$result = $db->sql_query($sql);
|
||||
$sql .= ' OR user_allow_pm = 0';
|
||||
}
|
||||
|
||||
$removed = false;
|
||||
while ($row = $db->sql_fetchrow($result))
|
||||
{
|
||||
$removed = true;
|
||||
unset($address_list['u'][$row['user_id']]);
|
||||
}
|
||||
$db->sql_freeresult($result);
|
||||
$result = $db->sql_query($sql);
|
||||
|
||||
// print a notice about users not being added who do not want to receive pms
|
||||
if ($removed)
|
||||
$removed_no_pm = $removed_no_permission = false;
|
||||
while ($row = $db->sql_fetchrow($result))
|
||||
{
|
||||
if (!$can_ignore_allow_pm && !$row['user_allow_pm'])
|
||||
{
|
||||
$error[] = $user->lang['PM_USERS_REMOVED_NO_PM'];
|
||||
$removed_no_pm = true;
|
||||
}
|
||||
else
|
||||
{
|
||||
$removed_no_permission = true;
|
||||
}
|
||||
|
||||
unset($address_list['u'][$row['user_id']]);
|
||||
}
|
||||
$db->sql_freeresult($result);
|
||||
|
||||
// print a notice about users not being added who do not want to receive pms
|
||||
if ($removed_no_pm)
|
||||
{
|
||||
$error[] = $user->lang['PM_USERS_REMOVED_NO_PM'];
|
||||
}
|
||||
|
||||
// print a notice about users not being added who do not have permission to receive PMs
|
||||
if ($removed_no_permission)
|
||||
{
|
||||
$error[] = $user->lang['PM_USERS_REMOVED_NO_PERMISSION'];
|
||||
}
|
||||
|
||||
if (!sizeof(array_keys($address_list['u'])))
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
||||
// Check if users have permission to read PMs
|
||||
$can_read = $auth->acl_get_list(array_keys($address_list['u']), 'u_readpm');
|
||||
$can_read = (empty($can_read) || !isset($can_read[0]['u_readpm'])) ? array() : $can_read[0]['u_readpm'];
|
||||
$cannot_read_list = array_diff(array_keys($address_list['u']), $can_read);
|
||||
if (!empty($cannot_read_list))
|
||||
{
|
||||
foreach ($cannot_read_list as $cannot_read)
|
||||
{
|
||||
unset($address_list['u'][$cannot_read]);
|
||||
}
|
||||
|
||||
$error[] = $user->lang['PM_USERS_REMOVED_NO_PERMISSION'];
|
||||
}
|
||||
|
||||
// Check if users are banned
|
||||
$banned_user_list = phpbb_get_banned_user_ids(array_keys($address_list['u']), false);
|
||||
if (!empty($banned_user_list))
|
||||
{
|
||||
foreach ($banned_user_list as $banned_user)
|
||||
{
|
||||
unset($address_list['u'][$banned_user]);
|
||||
}
|
||||
|
||||
$error[] = $user->lang['PM_USERS_REMOVED_NO_PERMISSION'];
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user