diff options
| author | Nils Adermann <naderman@naderman.de> | 2014-05-02 15:54:10 +0200 |
|---|---|---|
| committer | Nils Adermann <naderman@naderman.de> | 2014-05-02 15:54:10 +0200 |
| commit | 97e651a4917778bd4294073d254c8735b7b1f4df (patch) | |
| tree | 6fb005f38a35a2ebd2388300df5f79312deb4865 /phpBB/includes/ucp | |
| parent | d52c2d1b5caf1382d178e55eff311ceddf4b392f (diff) | |
| parent | d14aed0819f2314ab0da1787aa7228025a6a024c (diff) | |
| download | forums-97e651a4917778bd4294073d254c8735b7b1f4df.tar forums-97e651a4917778bd4294073d254c8735b7b1f4df.tar.gz forums-97e651a4917778bd4294073d254c8735b7b1f4df.tar.bz2 forums-97e651a4917778bd4294073d254c8735b7b1f4df.tar.xz forums-97e651a4917778bd4294073d254c8735b7b1f4df.zip | |
Merge remote-tracking branch 'github-exreaction/ticket/8323' into develop-ascraeus
* github-exreaction/ticket/8323:
[ticket/8323] Cache auth request
[ticket/8323] Combine into a single query
[ticket/8323] Comments on phpbb_get_banned_user_ids input for test
[ticket/8323] More readability in test case
[ticket/8323] Comments
[ticket/8323] dataProvider for the test; better test data
[ticket/8323] Comments
[ticket/8323] Unit test for phpbb_get_banned_user_ids
[ticket/8323] Comments for inactive reasons in constants.php
[ticket/8323] Only disable administrative deactivated accounts from receiving PMs
[ticket/8323] Allow temporarily banned users to receive PMs, but not a notification
[ticket/8323] Correct PM notification settings (only notify those who can receive them)
[ticket/8323] Cleanup viewtopic code (not sure how this mess happened)
[ticket/8323] Allow sending PMs to temporarily banned users
[ticket/8323] Do not allow sending PMs to Inactive users
[ticket/8323] Hide the Send PM link if users cannot receive the PM
[ticket/8323] Correcting the comment
[ticket/8323] Do not allow sending of Private Messages to users who are banned
[ticket/8323] Remove code used for testing
[ticket/8323] Do not allow sending of Private Messages to users who do not have permission to read private messages
Conflicts:
phpBB/language/en/ucp.php
Diffstat (limited to 'phpBB/includes/ucp')
| -rw-r--r-- | phpBB/includes/ucp/ucp_pm_compose.php | 84 |
1 files changed, 68 insertions, 16 deletions
diff --git a/phpBB/includes/ucp/ucp_pm_compose.php b/phpBB/includes/ucp/ucp_pm_compose.php index e5a1c1b915..3219771c93 100644 --- a/phpBB/includes/ucp/ucp_pm_compose.php +++ b/phpBB/includes/ucp/ucp_pm_compose.php @@ -1226,29 +1226,81 @@ function handle_message_list_actions(&$address_list, &$error, $remove_u, $remove // Check for disallowed recipients if (!empty($address_list['u'])) { - // We need to check their PM status (do they want to receive PM's?) - // Only check if not a moderator or admin, since they are allowed to override this user setting - if (!$auth->acl_gets('a_', 'm_') && !$auth->acl_getf_global('m_')) + // Administrator deactivated users check and we need to check their + // PM status (do they want to receive PM's?) + // Only check PM status if not a moderator or admin, since they + // are allowed to override this user setting + $sql = 'SELECT user_id, user_allow_pm + FROM ' . USERS_TABLE . ' + WHERE ' . $db->sql_in_set('user_id', array_keys($address_list['u'])) . ' + AND (user_type = ' . USER_INACTIVE . ' + AND user_inactive_reason = ' . INACTIVE_MANUAL . ')'; + + $can_ignore_allow_pm = ($auth->acl_gets('a_', 'm_') || $auth->acl_getf_global('m_')); + if (!$can_ignore_allow_pm) { - $sql = 'SELECT user_id - FROM ' . USERS_TABLE . ' - WHERE ' . $db->sql_in_set('user_id', array_keys($address_list['u'])) . ' - AND user_allow_pm = 0'; - $result = $db->sql_query($sql); + $sql .= ' OR user_allow_pm = 0'; + } - $removed = false; - while ($row = $db->sql_fetchrow($result)) + $result = $db->sql_query($sql); + + $removed_no_pm = $removed_no_permission = false; + while ($row = $db->sql_fetchrow($result)) + { + if (!$can_ignore_allow_pm && !$row['user_allow_pm']) { - $removed = true; - unset($address_list['u'][$row['user_id']]); + $removed_no_pm = true; } - $db->sql_freeresult($result); + else + { + $removed_no_permission = true; + } + + unset($address_list['u'][$row['user_id']]); + } + $db->sql_freeresult($result); - // print a notice about users not being added who do not want to receive pms - if ($removed) + // print a notice about users not being added who do not want to receive pms + if ($removed_no_pm) + { + $error[] = $user->lang['PM_USERS_REMOVED_NO_PM']; + } + + // print a notice about users not being added who do not have permission to receive PMs + if ($removed_no_permission) + { + $error[] = $user->lang['PM_USERS_REMOVED_NO_PERMISSION']; + } + + if (!sizeof(array_keys($address_list['u']))) + { + return; + } + + // Check if users have permission to read PMs + $can_read = $auth->acl_get_list(array_keys($address_list['u']), 'u_readpm'); + $can_read = (empty($can_read) || !isset($can_read[0]['u_readpm'])) ? array() : $can_read[0]['u_readpm']; + $cannot_read_list = array_diff(array_keys($address_list['u']), $can_read); + if (!empty($cannot_read_list)) + { + foreach ($cannot_read_list as $cannot_read) { - $error[] = $user->lang['PM_USERS_REMOVED_NO_PM']; + unset($address_list['u'][$cannot_read]); } + + $error[] = $user->lang['PM_USERS_REMOVED_NO_PERMISSION']; + } + + // Check if users are banned + $banned_user_list = phpbb_get_banned_user_ids(array_keys($address_list['u']), false); + if (!empty($banned_user_list)) + { + foreach ($banned_user_list as $banned_user) + { + unset($address_list['u'][$banned_user]); + } + + $error[] = $user->lang['PM_USERS_REMOVED_NO_PERMISSION']; } } } |