2 files changed, 29 insertions, 12 deletions
diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php
index 8501175d5f..95a92d93af 100644
--- a/phpBB/includes/functions_user.php
+++ b/phpBB/includes/functions_user.php
@@ -659,7 +659,7 @@ function user_active_flip($mode, $user_id_ary, $reason = INACTIVE_MANUAL)
 */
 function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reason, $ban_give_reason = '')
 {
-	global $db, $user, $auth;
+	global $db, $user, $auth, $cache;
 
 	// Delete stale bans
 	$sql = 'DELETE FROM ' . BANLIST_TABLE . '
@@ -1043,10 +1043,14 @@ function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reas
 		add_log('admin', $log_entry . strtoupper($mode), $ban_reason, $ban_list_log);
 		add_log('mod', 0, 0, $log_entry . strtoupper($mode), $ban_reason, $ban_list_log);
 
+		$cache->destroy('sql', BANLIST_TABLE);
+
 		return true;
 	}
 
-	// There was nothing to ban/exclude
+	// There was nothing to ban/exclude. But destroying the cache because of the removal of stale bans.
+	$cache->destroy('sql', BANLIST_TABLE);
+
 	return false;
 }
 
@@ -1055,7 +1059,7 @@ function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reas
 */
 function user_unban($mode, $ban)
 {
-	global $db, $user, $auth;
+	global $db, $user, $auth, $cache;
 
 	// Delete stale bans
 	$sql = 'DELETE FROM ' . BANLIST_TABLE . '
@@ -1112,6 +1116,8 @@ function user_unban($mode, $ban)
 		add_log('mod', 0, 0, 'LOG_UNBAN_' . strtoupper($mode), $l_unban_list);
 	}
 
+	$cache->destroy('sql', BANLIST_TABLE);
+
 	return false;
 }
 
diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php
index 6ddc97fff8..7ca2cbcdd0 100644
--- a/phpBB/includes/session.php
+++ b/phpBB/includes/session.php
@@ -905,48 +905,59 @@ class session
 		}
 
 		$banned = false;
+		$cache_ttl = 3600;
+		$where_sql = array();
 
 		$sql = 'SELECT ban_ip, ban_userid, ban_email, ban_exclude, ban_give_reason, ban_end
 			FROM ' . BANLIST_TABLE . '
-			WHERE (ban_end >= ' . time() . ' OR ban_end = 0)';
+			WHERE ';
 
 		// Determine which entries to check, only return those
 		if ($user_email === false)
 		{
-			$sql .= " AND ban_email = ''";
+			$where_sql[] = "ban_email = ''";
 		}
 
 		if ($user_ips === false)
 		{
-			$sql .= " AND (ban_ip = '' OR ban_exclude = 1)";
+			$where_sql[] = "(ban_ip = '' OR ban_exclude = 1)";
 		}
 
 		if ($user_id === false)
 		{
-			$sql .= ' AND (ban_userid = 0 OR ban_exclude = 1)';
+			$where_sql[] = '(ban_userid = 0 OR ban_exclude = 1)';
 		}
 		else
 		{
-			$sql .= ' AND (ban_userid = ' . $user_id;
+			$cache_ttl = ($user_id == ANONYMOUS) ? 3600 : 0;
+			$_sql = '(ban_userid = ' . $user_id;
 
 			if ($user_email !== false)
 			{
-				$sql .= " OR ban_email <> ''";
+				$_sql .= " OR ban_email <> ''";
 			}
 
 			if ($user_ips !== false)
 			{
-				$sql .= " OR ban_ip <> ''";
+				$_sql .= " OR ban_ip <> ''";
 			}
 
-			$sql .= ')';
+			$_sql .= ')';
+
+			$where_sql[] = $_sql;
 		}
 
-		$result = $db->sql_query($sql);
+		$sql .= (sizeof($where_sql)) ? implode(' AND ', $where_sql) : '';
+		$result = $db->sql_query($sql, $cache_ttl);
 
 		$ban_triggered_by = 'user';
 		while ($row = $db->sql_fetchrow($result))
 		{
+			if ($row['ban_end'] && $row['ban_end'] < time())
+			{
+				continue;
+			}
+
 			$ip_banned = false;
 			if (!empty($row['ban_ip']))
 			{