diff options
| author | Andreas Fischer <bantu@phpbb.com> | 2012-06-21 10:31:08 +0200 |
|---|---|---|
| committer | Andreas Fischer <bantu@phpbb.com> | 2012-06-21 10:31:08 +0200 |
| commit | 85ea062a0536edc46ea1a8893201777f8137e41e (patch) | |
| tree | 8bde66da56f4a53396fb864ae71044b5347ffad8 /phpBB/includes/ucp/ucp_pm_options.php | |
| parent | ba21be88f54599ceb7e49317aa4eb553e59dd3b9 (diff) | |
| parent | 80180a6a20077aff293b3d3dd0ce8b0065c33f3b (diff) | |
| download | forums-85ea062a0536edc46ea1a8893201777f8137e41e.tar forums-85ea062a0536edc46ea1a8893201777f8137e41e.tar.gz forums-85ea062a0536edc46ea1a8893201777f8137e41e.tar.bz2 forums-85ea062a0536edc46ea1a8893201777f8137e41e.tar.xz forums-85ea062a0536edc46ea1a8893201777f8137e41e.zip | |
Merge branch 'develop-olympus' into develop
* develop-olympus:
[ticket/10935] Limit number of PM rules per user to 5000
Diffstat (limited to 'phpBB/includes/ucp/ucp_pm_options.php')
| -rw-r--r-- | phpBB/includes/ucp/ucp_pm_options.php | 17 |
1 files changed, 15 insertions, 2 deletions
diff --git a/phpBB/includes/ucp/ucp_pm_options.php b/phpBB/includes/ucp/ucp_pm_options.php index bde5d1dfcf..bf7334b307 100644 --- a/phpBB/includes/ucp/ucp_pm_options.php +++ b/phpBB/includes/ucp/ucp_pm_options.php @@ -327,10 +327,23 @@ function message_options($id, $mode, $global_privmsgs_rules, $global_rule_condit trigger_error('RULE_ALREADY_DEFINED'); } + // Prevent users from flooding the rules table + $sql = 'SELECT COUNT(rule_id) AS num_rules + FROM ' . PRIVMSGS_RULES_TABLE . ' + WHERE user_id = ' . (int) $user->data['user_id']; + $result = $db->sql_query($sql); + $num_rules = (int) $db->sql_fetchfield('num_rules'); + $db->sql_freeresult($result); + + if ($num_rules >= 5000) + { + trigger_error('RULE_LIMIT_REACHED'); + } + $sql = 'INSERT INTO ' . PRIVMSGS_RULES_TABLE . ' ' . $db->sql_build_array('INSERT', $rule_ary); $db->sql_query($sql); - // Update users message rules + // Set the user_message_rules bit $sql = 'UPDATE ' . USERS_TABLE . ' SET user_message_rules = 1 WHERE user_id = ' . $user->data['user_id']; @@ -377,7 +390,7 @@ function message_options($id, $mode, $global_privmsgs_rules, $global_rule_condit $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); - // Update users message rules + // Unset the user_message_rules bit if (!$row) { $sql = 'UPDATE ' . USERS_TABLE . ' |