diff options
Diffstat (limited to 'phpBB/includes/ucp')
| -rw-r--r-- | phpBB/includes/ucp/info/ucp_profile.php | 1 | ||||
| -rw-r--r-- | phpBB/includes/ucp/ucp_pm_options.php | 17 | ||||
| -rw-r--r-- | phpBB/includes/ucp/ucp_profile.php | 54 |
3 files changed, 70 insertions, 2 deletions
diff --git a/phpBB/includes/ucp/info/ucp_profile.php b/phpBB/includes/ucp/info/ucp_profile.php index 09c0318de9..968538a178 100644 --- a/phpBB/includes/ucp/info/ucp_profile.php +++ b/phpBB/includes/ucp/info/ucp_profile.php @@ -23,6 +23,7 @@ class ucp_profile_info 'signature' => array('title' => 'UCP_PROFILE_SIGNATURE', 'auth' => '', 'cat' => array('UCP_PROFILE')), 'avatar' => array('title' => 'UCP_PROFILE_AVATAR', 'auth' => 'cfg_allow_avatar && (cfg_allow_avatar_local || cfg_allow_avatar_remote || cfg_allow_avatar_upload || cfg_allow_avatar_remote_upload)', 'cat' => array('UCP_PROFILE')), 'reg_details' => array('title' => 'UCP_PROFILE_REG_DETAILS', 'auth' => '', 'cat' => array('UCP_PROFILE')), + 'autologin_keys'=> array('title' => 'UCP_PROFILE_AUTOLOGIN_KEYS', 'auth' => '', 'cat' => array('UCP_PROFILE')), ), ); } diff --git a/phpBB/includes/ucp/ucp_pm_options.php b/phpBB/includes/ucp/ucp_pm_options.php index bde5d1dfcf..bf7334b307 100644 --- a/phpBB/includes/ucp/ucp_pm_options.php +++ b/phpBB/includes/ucp/ucp_pm_options.php @@ -327,10 +327,23 @@ function message_options($id, $mode, $global_privmsgs_rules, $global_rule_condit trigger_error('RULE_ALREADY_DEFINED'); } + // Prevent users from flooding the rules table + $sql = 'SELECT COUNT(rule_id) AS num_rules + FROM ' . PRIVMSGS_RULES_TABLE . ' + WHERE user_id = ' . (int) $user->data['user_id']; + $result = $db->sql_query($sql); + $num_rules = (int) $db->sql_fetchfield('num_rules'); + $db->sql_freeresult($result); + + if ($num_rules >= 5000) + { + trigger_error('RULE_LIMIT_REACHED'); + } + $sql = 'INSERT INTO ' . PRIVMSGS_RULES_TABLE . ' ' . $db->sql_build_array('INSERT', $rule_ary); $db->sql_query($sql); - // Update users message rules + // Set the user_message_rules bit $sql = 'UPDATE ' . USERS_TABLE . ' SET user_message_rules = 1 WHERE user_id = ' . $user->data['user_id']; @@ -377,7 +390,7 @@ function message_options($id, $mode, $global_privmsgs_rules, $global_rule_condit $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); - // Update users message rules + // Unset the user_message_rules bit if (!$row) { $sql = 'UPDATE ' . USERS_TABLE . ' diff --git a/phpBB/includes/ucp/ucp_profile.php b/phpBB/includes/ucp/ucp_profile.php index 9d81503f0a..2ac82fb52f 100644 --- a/phpBB/includes/ucp/ucp_profile.php +++ b/phpBB/includes/ucp/ucp_profile.php @@ -618,6 +618,60 @@ class ucp_profile } break; + + case 'autologin_keys': + + add_form_key('ucp_autologin_keys'); + + if ($submit) + { + $keys = request_var('keys', array('')); + + if (!check_form_key('ucp_autologin_keys')) + { + $error[] = 'FORM_INVALID'; + } + + if (!sizeof($error)) + { + if (!empty($keys)) + { + $sql = 'DELETE FROM ' . SESSIONS_KEYS_TABLE . ' + WHERE user_id = ' . (int) $user->data['user_id'] . ' + AND ' . $db->sql_in_set('key_id', $keys) ; + + $db->sql_query($sql); + + meta_refresh(3, $this->u_action); + $message = $user->lang['AUTOLOGIN_SESSION_KEYS_DELETED'] . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $this->u_action . '">', '</a>'); + trigger_error($message); + } + } + + // Replace "error" strings with their real, localised form + $error = array_map(array($user, 'lang'), $error); + } + + $sql = 'SELECT key_id, last_ip, last_login + FROM ' . SESSIONS_KEYS_TABLE . ' + WHERE user_id = ' . (int) $user->data['user_id']; + + $result = $db->sql_query($sql); + + while ($row = $db->sql_fetchrow($result)) + { + $template->assign_block_vars('sessions', array( + 'errors' => $error, + + 'KEY' => $row['key_id'], + 'IP' => $row['last_ip'], + 'LOGIN_TIME' => $user->format_date($row['last_login']), + )); + } + + $db->sql_freeresult($result); + + break; } $template->assign_vars(array( |