aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/includes/functions_user.php
diff options
context:
space:
mode:
authorJoas Schilling <nickvergessen@gmx.de>2009-07-14 20:40:45 +0000
committerJoas Schilling <nickvergessen@gmx.de>2009-07-14 20:40:45 +0000
commit33033ad12555377a9b50cfbeb72b683ddd56b893 (patch)
treeb26c765b423ac7e4a0c9c0314a7a6b81254a27c2 /phpBB/includes/functions_user.php
parente3866c939d78b925844cd61d6ad567988f24e42d (diff)
downloadforums-33033ad12555377a9b50cfbeb72b683ddd56b893.tar
forums-33033ad12555377a9b50cfbeb72b683ddd56b893.tar.gz
forums-33033ad12555377a9b50cfbeb72b683ddd56b893.tar.bz2
forums-33033ad12555377a9b50cfbeb72b683ddd56b893.tar.xz
forums-33033ad12555377a9b50cfbeb72b683ddd56b893.zip
Fix Bug #45675 - Do not allow setting group as default group for pending user
Authorised by: AcydBurn git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9759 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/includes/functions_user.php')
-rw-r--r--phpBB/includes/functions_user.php26
1 files changed, 25 insertions, 1 deletions
diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php
index 4ea094e451..c69c27c9d7 100644
--- a/phpBB/includes/functions_user.php
+++ b/phpBB/includes/functions_user.php
@@ -3109,6 +3109,27 @@ function group_user_attributes($action, $group_id, $user_id_ary = false, $userna
break;
case 'default':
+ // We only set default group for approved members of the group
+ $sql = 'SELECT user_id
+ FROM ' . USER_GROUP_TABLE . "
+ WHERE group_id = $group_id
+ AND user_pending = 0
+ AND " . $db->sql_in_set('user_id', $user_id_ary);
+ $result = $db->sql_query($sql);
+
+ $user_id_ary = $username_ary = array();
+ while ($row = $db->sql_fetchrow($result))
+ {
+ $user_id_ary[] = $row['user_id'];
+ }
+ $db->sql_freeresult($result);
+
+ $result = user_get_id_name($user_id_ary, $username_ary);
+ if (!sizeof($user_id_ary) || $result !== false)
+ {
+ return 'NO_USERS';
+ }
+
$sql = 'SELECT user_id, group_id FROM ' . USERS_TABLE . '
WHERE ' . $db->sql_in_set('user_id', $user_id_ary, false, true);
$result = $db->sql_query($sql);
@@ -3197,7 +3218,7 @@ function group_validate_groupname($group_id, $group_name)
*/
function group_set_user_default($group_id, $user_id_ary, $group_attributes = false, $update_listing = false)
{
- global $db;
+ global $cache, $db;
if (empty($user_id_ary))
{
@@ -3297,6 +3318,9 @@ function group_set_user_default($group_id, $user_id_ary, $group_attributes = fal
{
group_update_listings($group_id);
}
+
+ // Because some tables/caches use usercolour-specific data we need to purge this here.
+ $cache->destroy('sql', MODERATOR_CACHE_TABLE);
}
/**
generated by cgit v1.2.1 (git 2.21.0) at 2025-08-21 10:18:44 +0000