diff options
| author | Andreas Fischer <bantu@phpbb.com> | 2012-06-21 10:30:41 +0200 |
|---|---|---|
| committer | Andreas Fischer <bantu@phpbb.com> | 2012-06-21 10:30:41 +0200 |
| commit | f1414386d7c22b7f3a9a978e902e67526bea029e (patch) | |
| tree | 023617caf9f310fa40b0a7ff2b9ca1a763f26aa2 /phpBB | |
| parent | 155c93d71a84fc9e47287070260623bb1fb6168f (diff) | |
| parent | 80fafdeb1a6eca735a60ef50dbc973dfd066eb22 (diff) | |
| download | forums-f1414386d7c22b7f3a9a978e902e67526bea029e.tar forums-f1414386d7c22b7f3a9a978e902e67526bea029e.tar.gz forums-f1414386d7c22b7f3a9a978e902e67526bea029e.tar.bz2 forums-f1414386d7c22b7f3a9a978e902e67526bea029e.tar.xz forums-f1414386d7c22b7f3a9a978e902e67526bea029e.zip | |
Merge remote-tracking branch 'nickvergessen/ticket/10935' into prep-release-3.0.11
* nickvergessen/ticket/10935:
[ticket/10935] Limit number of PM rules per user to 5000
Diffstat (limited to 'phpBB')
| -rw-r--r-- | phpBB/includes/ucp/ucp_pm_options.php | 17 | ||||
| -rw-r--r-- | phpBB/language/en/ucp.php | 1 |
2 files changed, 16 insertions, 2 deletions
diff --git a/phpBB/includes/ucp/ucp_pm_options.php b/phpBB/includes/ucp/ucp_pm_options.php index 58c2d087c8..efa390ed87 100644 --- a/phpBB/includes/ucp/ucp_pm_options.php +++ b/phpBB/includes/ucp/ucp_pm_options.php @@ -328,10 +328,23 @@ function message_options($id, $mode, $global_privmsgs_rules, $global_rule_condit trigger_error('RULE_ALREADY_DEFINED'); } + // Prevent users from flooding the rules table + $sql = 'SELECT COUNT(rule_id) AS num_rules + FROM ' . PRIVMSGS_RULES_TABLE . ' + WHERE user_id = ' . (int) $user->data['user_id']; + $result = $db->sql_query($sql); + $num_rules = (int) $db->sql_fetchfield('num_rules'); + $db->sql_freeresult($result); + + if ($num_rules >= 5000) + { + trigger_error('RULE_LIMIT_REACHED'); + } + $sql = 'INSERT INTO ' . PRIVMSGS_RULES_TABLE . ' ' . $db->sql_build_array('INSERT', $rule_ary); $db->sql_query($sql); - // Update users message rules + // Set the user_message_rules bit $sql = 'UPDATE ' . USERS_TABLE . ' SET user_message_rules = 1 WHERE user_id = ' . $user->data['user_id']; @@ -378,7 +391,7 @@ function message_options($id, $mode, $global_privmsgs_rules, $global_rule_condit $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); - // Update users message rules + // Unset the user_message_rules bit if (!$row) { $sql = 'UPDATE ' . USERS_TABLE . ' diff --git a/phpBB/language/en/ucp.php b/phpBB/language/en/ucp.php index 7df26e040f..94d9a5171e 100644 --- a/phpBB/language/en/ucp.php +++ b/phpBB/language/en/ucp.php @@ -388,6 +388,7 @@ $lang = array_merge($lang, array( 'RULE_ADDED' => 'Rule successfully added.', 'RULE_ALREADY_DEFINED' => 'This rule was defined previously.', 'RULE_DELETED' => 'Rule successfully removed.', + 'RULE_LIMIT_REACHED' => 'You cannot add more PM rules. You have reached the maximum number of rules.', 'RULE_NOT_DEFINED' => 'Rule not correctly specified.', 'RULE_REMOVED_MESSAGE' => 'One private message had been removed due to private message filters.', 'RULE_REMOVED_MESSAGES' => '%d private messages were removed due to private message filters.', |