aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/includes
diff options
context:
space:
mode:
Diffstat (limited to 'phpBB/includes')
-rw-r--r--phpBB/includes/acp/acp_users.php2
-rw-r--r--phpBB/includes/functions_module.php24
-rw-r--r--phpBB/includes/functions_posting.php46
-rw-r--r--phpBB/includes/functions_privmsgs.php17
-rw-r--r--phpBB/includes/functions_user.php33
-rw-r--r--phpBB/includes/startup.php3
6 files changed, 80 insertions, 45 deletions
diff --git a/phpBB/includes/acp/acp_users.php b/phpBB/includes/acp/acp_users.php
index 97f4b1b5fd..cf6716c322 100644
--- a/phpBB/includes/acp/acp_users.php
+++ b/phpBB/includes/acp/acp_users.php
@@ -128,7 +128,7 @@ class acp_users
$dropdown_modes = array();
while ($row = $db->sql_fetchrow($result))
{
- if (!$this->p_master->module_auth($row['module_auth']))
+ if (!$this->p_master->module_auth_self($row['module_auth']))
{
continue;
}
diff --git a/phpBB/includes/functions_module.php b/phpBB/includes/functions_module.php
index db7defdc48..ad76be9f2f 100644
--- a/phpBB/includes/functions_module.php
+++ b/phpBB/includes/functions_module.php
@@ -128,7 +128,7 @@ class p_master
foreach ($this->module_cache['modules'] as $key => $row)
{
// Not allowed to view module?
- if (!$this->module_auth($row['module_auth']))
+ if (!$this->module_auth_self($row['module_auth']))
{
unset($this->module_cache['modules'][$key]);
continue;
@@ -315,9 +315,23 @@ class p_master
}
/**
- * Check module authorisation
+ * Check module authorisation.
+ *
+ * This is a non-static version that uses $this->acl_forum_id
+ * for the forum id.
+ */
+ function module_auth_self($module_auth)
+ {
+ return self::module_auth($module_auth, $this->acl_forum_id);
+ }
+
+ /**
+ * Check module authorisation.
+ *
+ * This is a static version, it must be given $forum_id.
+ * See also module_auth_self.
*/
- function module_auth($module_auth, $forum_id = false)
+ static function module_auth($module_auth, $forum_id)
{
global $auth, $config;
global $request;
@@ -362,11 +376,9 @@ class p_master
$module_auth = implode(' ', $tokens);
- // Make sure $id seperation is working fine
+ // Make sure $id separation is working fine
$module_auth = str_replace(' , ', ',', $module_auth);
- $forum_id = ($forum_id === false) ? $this->acl_forum_id : $forum_id;
-
$is_auth = false;
eval('$is_auth = (int) (' . preg_replace(array('#acl_([a-z0-9_]+)(,\$id)?#', '#\$id#', '#aclf_([a-z0-9_]+)#', '#cfg_([a-z0-9_]+)#', '#request_([a-zA-Z0-9_]+)#'), array('(int) $auth->acl_get(\'\\1\'\\2)', '(int) $forum_id', '(int) $auth->acl_getf_global(\'\\1\')', '(int) $config[\'\\1\']', '$request->variable(\'\\1\', false)'), $module_auth) . ');');
diff --git a/phpBB/includes/functions_posting.php b/phpBB/includes/functions_posting.php
index 4e4ce5bca7..b3816baedd 100644
--- a/phpBB/includes/functions_posting.php
+++ b/phpBB/includes/functions_posting.php
@@ -1180,36 +1180,32 @@ function user_notification($mode, $subject, $topic_title, $forum_name, $forum_id
$topic_title = ($topic_notification) ? $topic_title : $subject;
$topic_title = censor_text($topic_title);
- // Get banned User ID's
- $sql = 'SELECT ban_userid
- FROM ' . BANLIST_TABLE . '
- WHERE ban_userid <> 0
- AND ban_exclude <> 1';
- $result = $db->sql_query($sql);
-
- $sql_ignore_users = ANONYMOUS . ', ' . $user->data['user_id'];
- while ($row = $db->sql_fetchrow($result))
+ // Exclude guests, current user and banned users from notifications
+ if (!function_exists('phpbb_get_banned_user_ids'))
{
- $sql_ignore_users .= ', ' . (int) $row['ban_userid'];
+ include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
}
- $db->sql_freeresult($result);
+ $sql_ignore_users = phpbb_get_banned_user_ids();
+ $sql_ignore_users[ANONYMOUS] = ANONYMOUS;
+ $sql_ignore_users[$user->data['user_id']] = $user->data['user_id'];
$notify_rows = array();
// -- get forum_userids || topic_userids
$sql = 'SELECT u.user_id, u.username, u.user_email, u.user_lang, u.user_notify_type, u.user_jabber
FROM ' . (($topic_notification) ? TOPICS_WATCH_TABLE : FORUMS_WATCH_TABLE) . ' w, ' . USERS_TABLE . ' u
- WHERE w.' . (($topic_notification) ? 'topic_id' : 'forum_id') . ' = ' . (($topic_notification) ? $topic_id : $forum_id) . "
- AND w.user_id NOT IN ($sql_ignore_users)
- AND w.notify_status = " . NOTIFY_YES . '
+ WHERE w.' . (($topic_notification) ? 'topic_id' : 'forum_id') . ' = ' . (($topic_notification) ? $topic_id : $forum_id) . '
+ AND ' . $db->sql_in_set('w.user_id', $sql_ignore_users, true) . '
+ AND w.notify_status = ' . NOTIFY_YES . '
AND u.user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ')
AND u.user_id = w.user_id';
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
{
- $notify_rows[$row['user_id']] = array(
- 'user_id' => $row['user_id'],
+ $notify_user_id = (int) $row['user_id'];
+ $notify_rows[$notify_user_id] = array(
+ 'user_id' => $notify_user_id,
'username' => $row['username'],
'user_email' => $row['user_email'],
'user_jabber' => $row['user_jabber'],
@@ -1219,30 +1215,29 @@ function user_notification($mode, $subject, $topic_title, $forum_name, $forum_id
'method' => $row['user_notify_type'],
'allowed' => false
);
+
+ // Add users who have been already notified to ignore list
+ $sql_ignore_users[$notify_user_id] = $notify_user_id;
}
$db->sql_freeresult($result);
// forum notification is sent to those not already receiving topic notifications
if ($topic_notification)
{
- if (sizeof($notify_rows))
- {
- $sql_ignore_users .= ', ' . implode(', ', array_keys($notify_rows));
- }
-
$sql = 'SELECT u.user_id, u.username, u.user_email, u.user_lang, u.user_notify_type, u.user_jabber
FROM ' . FORUMS_WATCH_TABLE . ' fw, ' . USERS_TABLE . " u
WHERE fw.forum_id = $forum_id
- AND fw.user_id NOT IN ($sql_ignore_users)
- AND fw.notify_status = " . NOTIFY_YES . '
+ AND " . $db->sql_in_set('fw.user_id', $sql_ignore_users, true) . '
+ AND fw.notify_status = ' . NOTIFY_YES . '
AND u.user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ')
AND u.user_id = fw.user_id';
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
{
- $notify_rows[$row['user_id']] = array(
- 'user_id' => $row['user_id'],
+ $notify_user_id = (int) $row['user_id'];
+ $notify_rows[$notify_user_id] = array(
+ 'user_id' => $notify_user_id,
'username' => $row['username'],
'user_email' => $row['user_email'],
'user_jabber' => $row['user_jabber'],
@@ -1273,7 +1268,6 @@ function user_notification($mode, $subject, $topic_title, $forum_name, $forum_id
}
}
-
// Now, we have to do a little step before really sending, we need to distinguish our users a little bit. ;)
$msg_users = $delete_ids = $update_notification = array();
foreach ($notify_rows as $user_id => $row)
diff --git a/phpBB/includes/functions_privmsgs.php b/phpBB/includes/functions_privmsgs.php
index 91e453b8e0..a6fb87536a 100644
--- a/phpBB/includes/functions_privmsgs.php
+++ b/phpBB/includes/functions_privmsgs.php
@@ -1666,6 +1666,7 @@ function pm_notification($mode, $author, $recipients, $subject, $message, $msg_i
$subject = censor_text($subject);
+ // Exclude guests, current user and banned users from notifications
unset($recipients[ANONYMOUS], $recipients[$user->data['user_id']]);
if (!sizeof($recipients))
@@ -1673,18 +1674,12 @@ function pm_notification($mode, $author, $recipients, $subject, $message, $msg_i
return;
}
- // Get banned User ID's
- $sql = 'SELECT ban_userid
- FROM ' . BANLIST_TABLE . '
- WHERE ' . $db->sql_in_set('ban_userid', array_map('intval', array_keys($recipients))) . '
- AND ban_exclude = 0';
- $result = $db->sql_query($sql);
-
- while ($row = $db->sql_fetchrow($result))
+ if (!function_exists('phpbb_get_banned_user_ids'))
{
- unset($recipients[$row['ban_userid']]);
+ include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
}
- $db->sql_freeresult($result);
+ $banned_users = phpbb_get_banned_user_ids(array_keys($recipients));
+ $recipients = array_diff(array_keys($recipients), $banned_users);
if (!sizeof($recipients))
{
@@ -1693,7 +1688,7 @@ function pm_notification($mode, $author, $recipients, $subject, $message, $msg_i
$sql = 'SELECT user_id, username, user_email, user_lang, user_notify_pm, user_notify_type, user_jabber
FROM ' . USERS_TABLE . '
- WHERE ' . $db->sql_in_set('user_id', array_map('intval', array_keys($recipients)));
+ WHERE ' . $db->sql_in_set('user_id', $recipients);
$result = $db->sql_query($sql);
$msg_list_ary = array();
diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php
index 509e1a953c..18452c27e9 100644
--- a/phpBB/includes/functions_user.php
+++ b/phpBB/includes/functions_user.php
@@ -3691,3 +3691,36 @@ function remove_newly_registered($user_id, $user_data = false)
return $user_data['group_id'];
}
+
+/**
+* Gets user ids of currently banned registered users.
+*
+* @param array $user_ids Array of users' ids to check for banning,
+* leave empty to get complete list of banned ids
+* @return array Array of banned users' ids if any, empty array otherwise
+*/
+function phpbb_get_banned_user_ids($user_ids = array())
+{
+ global $db;
+
+ $sql_user_ids = (!empty($user_ids)) ? $db->sql_in_set('ban_userid', $user_ids) : 'ban_userid <> 0';
+
+ // Get banned User ID's
+ // Ignore stale bans which were not wiped yet
+ $banned_ids_list = array();
+ $sql = 'SELECT ban_userid
+ FROM ' . BANLIST_TABLE . "
+ WHERE $sql_user_ids
+ AND ban_exclude <> 1
+ AND (ban_end > " . time() . '
+ OR ban_end = 0)';
+ $result = $db->sql_query($sql);
+ while ($row = $db->sql_fetchrow($result))
+ {
+ $user_id = (int) $row['ban_userid'];
+ $banned_ids_list[$user_id] = $user_id;
+ }
+ $db->sql_freeresult($result);
+
+ return $banned_ids_list;
+}
diff --git a/phpBB/includes/startup.php b/phpBB/includes/startup.php
index 2100fbd97e..fc45cd882b 100644
--- a/phpBB/includes/startup.php
+++ b/phpBB/includes/startup.php
@@ -19,7 +19,8 @@ if (!defined('E_DEPRECATED'))
{
define('E_DEPRECATED', 8192);
}
-error_reporting(E_ALL & ~E_NOTICE & ~E_DEPRECATED);
+$level = E_ALL & ~E_NOTICE & ~E_DEPRECATED;
+error_reporting($level);
/*
* Remove variables created by register_globals from the global scope