diff options
| author | Andreas Fischer <bantu@phpbb.com> | 2010-07-10 21:22:16 +0200 |
|---|---|---|
| committer | Andreas Fischer <bantu@phpbb.com> | 2010-07-10 21:22:16 +0200 |
| commit | 0c2512bea2c6929d41d1b3fa3ca4b04919205af9 (patch) | |
| tree | 5723e41bc15e6bd8aeb8ebc38a59c66795d63ce6 /phpBB/includes | |
| parent | 6da582e8be50fa7211706625402215f6f87ed48b (diff) | |
| parent | ae967d16f1ad584d7e03b4466e6cc3d1d067dea6 (diff) | |
| download | forums-0c2512bea2c6929d41d1b3fa3ca4b04919205af9.tar forums-0c2512bea2c6929d41d1b3fa3ca4b04919205af9.tar.gz forums-0c2512bea2c6929d41d1b3fa3ca4b04919205af9.tar.bz2 forums-0c2512bea2c6929d41d1b3fa3ca4b04919205af9.tar.xz forums-0c2512bea2c6929d41d1b3fa3ca4b04919205af9.zip | |
Merge branch 'ticket/jellydoughnut/9650' into develop-olympus
* ticket/jellydoughnut/9650:
[ticket/9650] Do not allow banning the anonymous user by username
Diffstat (limited to 'phpBB/includes')
| -rw-r--r-- | phpBB/includes/acp/acp_users.php | 5 | ||||
| -rw-r--r-- | phpBB/includes/functions_user.php | 7 |
2 files changed, 9 insertions, 3 deletions
diff --git a/phpBB/includes/acp/acp_users.php b/phpBB/includes/acp/acp_users.php index 3a405da825..1f10893781 100644 --- a/phpBB/includes/acp/acp_users.php +++ b/phpBB/includes/acp/acp_users.php @@ -231,6 +231,11 @@ class acp_users trigger_error($user->lang['CANNOT_BAN_YOURSELF'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING); } + if ($user_id == ANONYMOUS) + { + trigger_error($user->lang['CANNOT_BAN_ANONYMOUS'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING); + } + if ($user_row['user_type'] == USER_FOUNDER) { trigger_error($user->lang['CANNOT_BAN_FOUNDER'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING); diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index bb99314ced..6f6d7526b7 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -837,14 +837,15 @@ function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reas FROM ' . USERS_TABLE . ' WHERE ' . $db->sql_in_set('username_clean', $sql_usernames); - // Do not allow banning yourself + // Do not allow banning yourself, the guest account, or founders. + $non_bannable = array($user->data['user_id'], ANONYMOUS); if (sizeof($founder)) { - $sql .= ' AND ' . $db->sql_in_set('user_id', array_merge(array_keys($founder), array($user->data['user_id'])), true); + $sql .= ' AND ' . $db->sql_in_set('user_id', array_merge(array_keys($founder), $non_bannable), true); } else { - $sql .= ' AND user_id <> ' . $user->data['user_id']; + $sql .= ' AND ' . $db->sql_in_set('user_id', $non_bannable, true); } $result = $db->sql_query($sql); |