Merge branch 'develop' of git://github.com/phpbb/phpbb3 into feature/new-tz-handling

phpBB/includes/ucp/info/ucp_profile.php

@@ -23,6 +23,7 @@ class ucp_profile_info
 				'signature'		=> array('title' => 'UCP_PROFILE_SIGNATURE', 'auth' => '', 'cat' => array('UCP_PROFILE')),
 				'avatar'		=> array('title' => 'UCP_PROFILE_AVATAR', 'auth' => 'cfg_allow_avatar && (cfg_allow_avatar_local || cfg_allow_avatar_remote || cfg_allow_avatar_upload || cfg_allow_avatar_remote_upload)', 'cat' => array('UCP_PROFILE')),
 				'reg_details'	=> array('title' => 'UCP_PROFILE_REG_DETAILS', 'auth' => '', 'cat' => array('UCP_PROFILE')),
+				'autologin_keys'=> array('title' => 'UCP_PROFILE_AUTOLOGIN_KEYS', 'auth' => '', 'cat' => array('UCP_PROFILE')),
 			),
 		);
 	}

phpBB/includes/ucp/ucp_pm_options.php

@@ -327,10 +327,23 @@ function message_options($id, $mode, $global_privmsgs_rules, $global_rule_condit
 				trigger_error('RULE_ALREADY_DEFINED');
 			}
 
+			// Prevent users from flooding the rules table
+			$sql = 'SELECT COUNT(rule_id) AS num_rules
+				FROM ' . PRIVMSGS_RULES_TABLE . '
+				WHERE user_id = ' . (int) $user->data['user_id'];
+			$result = $db->sql_query($sql);
+			$num_rules = (int) $db->sql_fetchfield('num_rules');
+			$db->sql_freeresult($result);
+
+			if ($num_rules >= 5000)
+			{
+				trigger_error('RULE_LIMIT_REACHED');
+			}
+
 			$sql = 'INSERT INTO ' . PRIVMSGS_RULES_TABLE . ' ' . $db->sql_build_array('INSERT', $rule_ary);
 			$db->sql_query($sql);
 
-			// Update users message rules
+			// Set the user_message_rules bit
 			$sql = 'UPDATE ' . USERS_TABLE . '
 				SET user_message_rules = 1
 				WHERE user_id = ' . $user->data['user_id'];
@@ -377,7 +390,7 @@ function message_options($id, $mode, $global_privmsgs_rules, $global_rule_condit
 			$row = $db->sql_fetchrow($result);
 			$db->sql_freeresult($result);
 
-			// Update users message rules
+			// Unset the user_message_rules bit
 			if (!$row)
 			{
 				$sql = 'UPDATE ' . USERS_TABLE . '

phpBB/includes/ucp/ucp_profile.php

@@ -618,6 +618,60 @@ class ucp_profile
 				}
 
 			break;
+
+			case 'autologin_keys':
+
+				add_form_key('ucp_autologin_keys');
+
+				if ($submit)
+				{
+					$keys = request_var('keys', array(''));
+
+					if (!check_form_key('ucp_autologin_keys'))
+					{
+						$error[] = 'FORM_INVALID';
+					}
+
+					if (!sizeof($error))
+					{
+						if (!empty($keys))
+						{
+							$sql = 'DELETE FROM ' . SESSIONS_KEYS_TABLE . '
+								WHERE user_id = ' . (int) $user->data['user_id'] . '
+								AND ' . $db->sql_in_set('key_id', $keys) ;
+
+							$db->sql_query($sql);
+
+							meta_refresh(3, $this->u_action);
+							$message = $user->lang['AUTOLOGIN_SESSION_KEYS_DELETED'] . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $this->u_action . '">', '</a>');
+							trigger_error($message);
+						}
+					}
+
+					// Replace "error" strings with their real, localised form
+					$error = array_map(array($user, 'lang'), $error);
+				}
+
+				$sql = 'SELECT key_id, last_ip, last_login
+					FROM ' . SESSIONS_KEYS_TABLE . '
+					WHERE user_id = ' . (int) $user->data['user_id'];
+
+				$result = $db->sql_query($sql);
+
+				while ($row = $db->sql_fetchrow($result))
+				{
+					$template->assign_block_vars('sessions', array(
+						'errors' => $error,
+
+						'KEY' => $row['key_id'],
+						'IP' => $row['last_ip'],
+						'LOGIN_TIME' => $user->format_date($row['last_login']),
+					));
+				}
+
+				$db->sql_freeresult($result);
+
+			break;
 		}
 
 		$template->assign_vars(array(