diff options
Diffstat (limited to 'phpBB/includes')
| -rw-r--r-- | phpBB/includes/constants.php | 8 | ||||
| -rw-r--r-- | phpBB/includes/functions.php | 65 | ||||
| -rw-r--r-- | phpBB/includes/functions_content.php | 11 | ||||
| -rw-r--r-- | phpBB/includes/functions_user.php | 26 | ||||
| -rw-r--r-- | phpBB/includes/ucp/ucp_pm_compose.php | 84 |
5 files changed, 110 insertions, 84 deletions
diff --git a/phpBB/includes/constants.php b/phpBB/includes/constants.php index a59b4a8add..66d2e4bd81 100644 --- a/phpBB/includes/constants.php +++ b/phpBB/includes/constants.php @@ -46,10 +46,10 @@ define('USER_INACTIVE', 1); define('USER_IGNORE', 2); define('USER_FOUNDER', 3); -define('INACTIVE_REGISTER', 1); -define('INACTIVE_PROFILE', 2); -define('INACTIVE_MANUAL', 3); -define('INACTIVE_REMIND', 4); +define('INACTIVE_REGISTER', 1); // Newly registered account +define('INACTIVE_PROFILE', 2); // Profile details changed +define('INACTIVE_MANUAL', 3); // Account deactivated by administrator +define('INACTIVE_REMIND', 4); // Forced user account reactivation // ACL define('ACL_NEVER', 0); diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 11cc36c294..786003a9ff 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -2326,8 +2326,9 @@ function reapply_sid($url) */ function build_url($strip_vars = false) { - global $config, $user, $phpEx, $phpbb_root_path; + global $config, $user, $phpbb_path_helper; + $php_ext = $phpbb_path_helper->get_php_ext(); $page = $user->page['page']; // We need to be cautious here. @@ -2340,71 +2341,23 @@ function build_url($strip_vars = false) if ($url_parts === false || empty($url_parts['scheme']) || empty($url_parts['host'])) { // Remove 'app.php/' from the page, when rewrite is enabled - if ($config['enable_mod_rewrite'] && strpos($page, 'app.' . $phpEx . '/') === 0) + if ($config['enable_mod_rewrite'] && strpos($page, 'app.' . $php_ext . '/') === 0) { - $page = substr($page, strlen('app.' . $phpEx . '/')); + $page = substr($page, strlen('app.' . $php_ext . '/')); } - $page = $phpbb_root_path . $page; + $page = $phpbb_path_helper->get_phpbb_root_path() . $page; } // Append SID $redirect = append_sid($page, false, false); - // Add delimiter if not there... - if (strpos($redirect, '?') === false) + if ($strip_vars !== false) { - $redirect .= '?'; + $redirect = $phpbb_path_helper->strip_url_params($redirect, $strip_vars, false); } - // Strip vars... - if ($strip_vars !== false && strpos($redirect, '?') !== false) - { - if (!is_array($strip_vars)) - { - $strip_vars = array($strip_vars); - } - - $query = $_query = array(); - - $args = substr($redirect, strpos($redirect, '?') + 1); - $args = ($args) ? explode('&', $args) : array(); - $redirect = substr($redirect, 0, strpos($redirect, '?')); - - foreach ($args as $argument) - { - $arguments = explode('=', $argument); - $key = $arguments[0]; - unset($arguments[0]); - - if ($key === '') - { - continue; - } - - $query[$key] = implode('=', $arguments); - } - - // Strip the vars off - foreach ($strip_vars as $strip) - { - if (isset($query[$strip])) - { - unset($query[$strip]); - } - } - - // Glue the remaining parts together... already urlencoded - foreach ($query as $key => $value) - { - $_query[] = $key . '=' . $value; - } - $query = implode('&', $_query); - - $redirect .= ($query) ? '?' . $query : ''; - } - - return str_replace('&', '&', $redirect); + return $redirect . ((strpos($redirect, '?') === false) ? '?' : ''); } /** @@ -4902,7 +4855,6 @@ function page_header($page_title = '', $display_online_list = false, $item_id = } } - $hidden_fields_for_jumpbox = phpbb_build_hidden_fields_for_query_params($request, array('f')); $notification_mark_hash = generate_link_hash('mark_all_notifications_read'); // The following assigns all _common_ variables that may be used at any point in a template. @@ -4919,7 +4871,6 @@ function page_header($page_title = '', $display_online_list = false, $item_id = 'LOGGED_IN_USER_LIST' => $online_userlist, 'RECORD_USERS' => $l_online_record, 'PRIVATE_MESSAGE_COUNT' => (!empty($user->data['user_unread_privmsg'])) ? $user->data['user_unread_privmsg'] : 0, - 'HIDDEN_FIELDS_FOR_JUMPBOX' => $hidden_fields_for_jumpbox, 'UNREAD_NOTIFICATIONS_COUNT' => ($notifications !== false) ? $notifications['unread_count'] : '', 'NOTIFICATIONS_COUNT' => ($notifications !== false) ? $notifications['unread_count'] : '', diff --git a/phpBB/includes/functions_content.php b/phpBB/includes/functions_content.php index bb94967606..d56f02dd09 100644 --- a/phpBB/includes/functions_content.php +++ b/phpBB/includes/functions_content.php @@ -110,7 +110,7 @@ function gen_sort_selects(&$limit_days, &$sort_by_text, &$sort_days, &$sort_key, */ function make_jumpbox($action, $forum_id = false, $select_all = false, $acl_list = false, $force_display = false) { - global $config, $auth, $template, $user, $db; + global $config, $auth, $template, $user, $db, $phpbb_path_helper; // We only return if the jumpbox is not forced to be displayed (in case it is needed for functionality) if (!$config['load_jumpbox'] && $force_display === false) @@ -196,10 +196,13 @@ function make_jumpbox($action, $forum_id = false, $select_all = false, $acl_list $db->sql_freeresult($result); unset($padding_store); + $url_parts = $phpbb_path_helper->get_url_parts($action); + $template->assign_vars(array( - 'S_DISPLAY_JUMPBOX' => $display_jumpbox, - 'S_JUMPBOX_ACTION' => $action) - ); + 'S_DISPLAY_JUMPBOX' => $display_jumpbox, + 'S_JUMPBOX_ACTION' => $action, + 'HIDDEN_FIELDS_FOR_JUMPBOX' => build_hidden_fields($url_parts['params']), + )); return; } diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index dcc0d727a1..0dd1708c55 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -3455,9 +3455,12 @@ function remove_newly_registered($user_id, $user_data = false) * * @param array $user_ids Array of users' ids to check for banning, * leave empty to get complete list of banned ids +* @param bool|int $ban_end Bool True to get users currently banned +* Bool False to only get permanently banned users +* Int Unix timestamp to get users banned until that time * @return array Array of banned users' ids if any, empty array otherwise */ -function phpbb_get_banned_user_ids($user_ids = array()) +function phpbb_get_banned_user_ids($user_ids = array(), $ban_end = true) { global $db; @@ -3469,9 +3472,26 @@ function phpbb_get_banned_user_ids($user_ids = array()) $sql = 'SELECT ban_userid FROM ' . BANLIST_TABLE . " WHERE $sql_user_ids - AND ban_exclude <> 1 - AND (ban_end > " . time() . ' + AND ban_exclude <> 1"; + + if ($ban_end === true) + { + // Banned currently + $sql .= " AND (ban_end > " . time() . ' + OR ban_end = 0)'; + } + else if ($ban_end === false) + { + // Permanently banned + $sql .= " AND ban_end = 0"; + } + else + { + // Banned until a specified time + $sql .= " AND (ban_end > " . (int) $ban_end . ' OR ban_end = 0)'; + } + $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { diff --git a/phpBB/includes/ucp/ucp_pm_compose.php b/phpBB/includes/ucp/ucp_pm_compose.php index e5a1c1b915..3219771c93 100644 --- a/phpBB/includes/ucp/ucp_pm_compose.php +++ b/phpBB/includes/ucp/ucp_pm_compose.php @@ -1226,29 +1226,81 @@ function handle_message_list_actions(&$address_list, &$error, $remove_u, $remove // Check for disallowed recipients if (!empty($address_list['u'])) { - // We need to check their PM status (do they want to receive PM's?) - // Only check if not a moderator or admin, since they are allowed to override this user setting - if (!$auth->acl_gets('a_', 'm_') && !$auth->acl_getf_global('m_')) + // Administrator deactivated users check and we need to check their + // PM status (do they want to receive PM's?) + // Only check PM status if not a moderator or admin, since they + // are allowed to override this user setting + $sql = 'SELECT user_id, user_allow_pm + FROM ' . USERS_TABLE . ' + WHERE ' . $db->sql_in_set('user_id', array_keys($address_list['u'])) . ' + AND (user_type = ' . USER_INACTIVE . ' + AND user_inactive_reason = ' . INACTIVE_MANUAL . ')'; + + $can_ignore_allow_pm = ($auth->acl_gets('a_', 'm_') || $auth->acl_getf_global('m_')); + if (!$can_ignore_allow_pm) { - $sql = 'SELECT user_id - FROM ' . USERS_TABLE . ' - WHERE ' . $db->sql_in_set('user_id', array_keys($address_list['u'])) . ' - AND user_allow_pm = 0'; - $result = $db->sql_query($sql); + $sql .= ' OR user_allow_pm = 0'; + } - $removed = false; - while ($row = $db->sql_fetchrow($result)) + $result = $db->sql_query($sql); + + $removed_no_pm = $removed_no_permission = false; + while ($row = $db->sql_fetchrow($result)) + { + if (!$can_ignore_allow_pm && !$row['user_allow_pm']) { - $removed = true; - unset($address_list['u'][$row['user_id']]); + $removed_no_pm = true; } - $db->sql_freeresult($result); + else + { + $removed_no_permission = true; + } + + unset($address_list['u'][$row['user_id']]); + } + $db->sql_freeresult($result); - // print a notice about users not being added who do not want to receive pms - if ($removed) + // print a notice about users not being added who do not want to receive pms + if ($removed_no_pm) + { + $error[] = $user->lang['PM_USERS_REMOVED_NO_PM']; + } + + // print a notice about users not being added who do not have permission to receive PMs + if ($removed_no_permission) + { + $error[] = $user->lang['PM_USERS_REMOVED_NO_PERMISSION']; + } + + if (!sizeof(array_keys($address_list['u']))) + { + return; + } + + // Check if users have permission to read PMs + $can_read = $auth->acl_get_list(array_keys($address_list['u']), 'u_readpm'); + $can_read = (empty($can_read) || !isset($can_read[0]['u_readpm'])) ? array() : $can_read[0]['u_readpm']; + $cannot_read_list = array_diff(array_keys($address_list['u']), $can_read); + if (!empty($cannot_read_list)) + { + foreach ($cannot_read_list as $cannot_read) { - $error[] = $user->lang['PM_USERS_REMOVED_NO_PM']; + unset($address_list['u'][$cannot_read]); } + + $error[] = $user->lang['PM_USERS_REMOVED_NO_PERMISSION']; + } + + // Check if users are banned + $banned_user_list = phpbb_get_banned_user_ids(array_keys($address_list['u']), false); + if (!empty($banned_user_list)) + { + foreach ($banned_user_list as $banned_user) + { + unset($address_list['u'][$banned_user]); + } + + $error[] = $user->lang['PM_USERS_REMOVED_NO_PERMISSION']; } } } |