diff options
| author | Nils Adermann <naderman@naderman.de> | 2010-03-02 01:05:37 +0100 |
|---|---|---|
| committer | Nils Adermann <naderman@naderman.de> | 2010-03-02 01:05:37 +0100 |
| commit | aa4495b8ad0cf90c2b3f655441ccfee49701282d (patch) | |
| tree | e70cd18c1f03e6a0219bd0fbe41d896b350e974e /phpBB/includes/session.php | |
| parent | 8a3c323933cbdadd302ed49b5769f90c3f622cdc (diff) | |
| parent | 0aef1e57a73ef4c7086cf24ed154e8d5bbbac679 (diff) | |
| download | forums-aa4495b8ad0cf90c2b3f655441ccfee49701282d.tar forums-aa4495b8ad0cf90c2b3f655441ccfee49701282d.tar.gz forums-aa4495b8ad0cf90c2b3f655441ccfee49701282d.tar.bz2 forums-aa4495b8ad0cf90c2b3f655441ccfee49701282d.tar.xz forums-aa4495b8ad0cf90c2b3f655441ccfee49701282d.zip | |
Merge commit 'release-3.0-RC8'
Diffstat (limited to 'phpBB/includes/session.php')
| -rw-r--r-- | phpBB/includes/session.php | 35 |
1 files changed, 25 insertions, 10 deletions
diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index 6ddc97fff8..6149063dea 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -905,48 +905,59 @@ class session } $banned = false; + $cache_ttl = 3600; + $where_sql = array(); $sql = 'SELECT ban_ip, ban_userid, ban_email, ban_exclude, ban_give_reason, ban_end FROM ' . BANLIST_TABLE . ' - WHERE (ban_end >= ' . time() . ' OR ban_end = 0)'; + WHERE '; // Determine which entries to check, only return those if ($user_email === false) { - $sql .= " AND ban_email = ''"; + $where_sql[] = "ban_email = ''"; } if ($user_ips === false) { - $sql .= " AND (ban_ip = '' OR ban_exclude = 1)"; + $where_sql[] = "(ban_ip = '' OR ban_exclude = 1)"; } if ($user_id === false) { - $sql .= ' AND (ban_userid = 0 OR ban_exclude = 1)'; + $where_sql[] = '(ban_userid = 0 OR ban_exclude = 1)'; } else { - $sql .= ' AND (ban_userid = ' . $user_id; + $cache_ttl = ($user_id == ANONYMOUS) ? 3600 : 0; + $_sql = '(ban_userid = ' . $user_id; if ($user_email !== false) { - $sql .= " OR ban_email <> ''"; + $_sql .= " OR ban_email <> ''"; } if ($user_ips !== false) { - $sql .= " OR ban_ip <> ''"; + $_sql .= " OR ban_ip <> ''"; } - $sql .= ')'; + $_sql .= ')'; + + $where_sql[] = $_sql; } - $result = $db->sql_query($sql); + $sql .= (sizeof($where_sql)) ? implode(' AND ', $where_sql) : ''; + $result = $db->sql_query($sql, $cache_ttl); $ban_triggered_by = 'user'; while ($row = $db->sql_fetchrow($result)) { + if ($row['ban_end'] && $row['ban_end'] < time()) + { + continue; + } + $ip_banned = false; if (!empty($row['ban_ip'])) { @@ -1007,7 +1018,8 @@ class session // If the session is empty we need to create a valid one... if (empty($this->session_id)) { - $this->session_create(ANONYMOUS); + // This seems to be no longer needed? - #14971 +// $this->session_create(ANONYMOUS); } // Initiate environment ... since it won't be set at this stage @@ -1052,6 +1064,9 @@ class session $message .= ($ban_row['ban_give_reason']) ? '<br /><br />' . sprintf($this->lang['BOARD_BAN_REASON'], $ban_row['ban_give_reason']) : ''; $message .= '<br /><br /><em>' . $this->lang['BAN_TRIGGERED_BY_' . strtoupper($ban_triggered_by)] . '</em>'; + // To circumvent session_begin returning a valid value and the check_ban() not called on second page view, we kill the session again + $this->session_kill(false); + trigger_error($message); } |