diff options
| author | Joas Schilling <nickvergessen@gmx.de> | 2012-06-12 14:38:13 +0200 |
|---|---|---|
| committer | Joas Schilling <nickvergessen@gmx.de> | 2012-06-20 14:29:48 +0200 |
| commit | 80fafdeb1a6eca735a60ef50dbc973dfd066eb22 (patch) | |
| tree | 2da022eb2897279515962ea4b2dd23eb5faf6a4d | |
| parent | 19a47dfbbc4265e33c14d6679b5693d80120db4b (diff) | |
| download | forums-80fafdeb1a6eca735a60ef50dbc973dfd066eb22.tar forums-80fafdeb1a6eca735a60ef50dbc973dfd066eb22.tar.gz forums-80fafdeb1a6eca735a60ef50dbc973dfd066eb22.tar.bz2 forums-80fafdeb1a6eca735a60ef50dbc973dfd066eb22.tar.xz forums-80fafdeb1a6eca735a60ef50dbc973dfd066eb22.zip | |
[ticket/10935] Limit number of PM rules per user to 5000
PHPBB3-10935
| -rw-r--r-- | phpBB/includes/ucp/ucp_pm_options.php | 17 | ||||
| -rw-r--r-- | phpBB/language/en/ucp.php | 1 |
2 files changed, 16 insertions, 2 deletions
diff --git a/phpBB/includes/ucp/ucp_pm_options.php b/phpBB/includes/ucp/ucp_pm_options.php index 58c2d087c8..efa390ed87 100644 --- a/phpBB/includes/ucp/ucp_pm_options.php +++ b/phpBB/includes/ucp/ucp_pm_options.php @@ -328,10 +328,23 @@ function message_options($id, $mode, $global_privmsgs_rules, $global_rule_condit trigger_error('RULE_ALREADY_DEFINED'); } + // Prevent users from flooding the rules table + $sql = 'SELECT COUNT(rule_id) AS num_rules + FROM ' . PRIVMSGS_RULES_TABLE . ' + WHERE user_id = ' . (int) $user->data['user_id']; + $result = $db->sql_query($sql); + $num_rules = (int) $db->sql_fetchfield('num_rules'); + $db->sql_freeresult($result); + + if ($num_rules >= 5000) + { + trigger_error('RULE_LIMIT_REACHED'); + } + $sql = 'INSERT INTO ' . PRIVMSGS_RULES_TABLE . ' ' . $db->sql_build_array('INSERT', $rule_ary); $db->sql_query($sql); - // Update users message rules + // Set the user_message_rules bit $sql = 'UPDATE ' . USERS_TABLE . ' SET user_message_rules = 1 WHERE user_id = ' . $user->data['user_id']; @@ -378,7 +391,7 @@ function message_options($id, $mode, $global_privmsgs_rules, $global_rule_condit $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); - // Update users message rules + // Unset the user_message_rules bit if (!$row) { $sql = 'UPDATE ' . USERS_TABLE . ' diff --git a/phpBB/language/en/ucp.php b/phpBB/language/en/ucp.php index 7df26e040f..94d9a5171e 100644 --- a/phpBB/language/en/ucp.php +++ b/phpBB/language/en/ucp.php @@ -388,6 +388,7 @@ $lang = array_merge($lang, array( 'RULE_ADDED' => 'Rule successfully added.', 'RULE_ALREADY_DEFINED' => 'This rule was defined previously.', 'RULE_DELETED' => 'Rule successfully removed.', + 'RULE_LIMIT_REACHED' => 'You cannot add more PM rules. You have reached the maximum number of rules.', 'RULE_NOT_DEFINED' => 'Rule not correctly specified.', 'RULE_REMOVED_MESSAGE' => 'One private message had been removed due to private message filters.', 'RULE_REMOVED_MESSAGES' => '%d private messages were removed due to private message filters.', |