diff options
Diffstat (limited to 'phpBB')
| -rw-r--r-- | phpBB/includes/acp/acp_board.php | 3 | ||||
| -rw-r--r-- | phpBB/includes/constants.php | 1 | ||||
| -rw-r--r-- | phpBB/install/schemas/schema_data.sql | 1 | ||||
| -rw-r--r-- | phpBB/language/en/acp/board.php | 6 | ||||
| -rw-r--r-- | phpBB/posting.php | 48 | ||||
| -rw-r--r-- | phpBB/styles/subSilver/template/posting_body.html | 19 |
6 files changed, 74 insertions, 4 deletions
diff --git a/phpBB/includes/acp/acp_board.php b/phpBB/includes/acp/acp_board.php index 1f36d7fda9..4c002357bd 100644 --- a/phpBB/includes/acp/acp_board.php +++ b/phpBB/includes/acp/acp_board.php @@ -77,7 +77,7 @@ class acp_board 'legend3' => 'REGISTRATION', 'require_activation'=> array('lang' => 'ACC_ACTIVATION', 'type' => 'custom', 'method' => 'select_acc_activation', 'explain' => true), - 'enable_confirm' => array('lang' => 'VISUAL_CONFIRM', 'type' => 'radio:yes_no', 'explain' => true), + 'enable_confirm' => array('lang' => 'VISUAL_CONFIRM_REG', 'type' => 'radio:yes_no', 'explain' => true), 'max_reg_attempts' => array('lang' => 'REG_LIMIT', 'type' => 'text:4:4', 'explain' => true), 'min_name_chars' => array('lang' => 'USERNAME_LENGTH', 'type' => 'custom', 'method' => 'username_length', 'explain' => true), 'min_pass_chars' => array('lang' => 'PASSWORD_LENGTH', 'type' => 'custom', 'method' => 'password_length', 'explain' => true), @@ -102,6 +102,7 @@ class acp_board 'max_quote_depth' => array('lang' => 'QUOTE_DEPTH_LIMIT', 'type' => 'text:4:4', 'explain' => true), 'max_post_img_width' => array('lang' => 'MAX_POST_IMG_WIDTH', 'type' => 'text:5:4', 'explain' => true), 'max_post_img_height' => array('lang' => 'MAX_POST_IMG_HEIGHT', 'type' => 'text:5:4', 'explain' => true), + 'enable_post_confirm'=> array('lang' => 'VISUAL_CONFIRM_POST', 'type' => 'radio:yes_no', 'explain' => true), 'legend5' => 'MODERATION', 'warnings_expire_days' => array('lang' => 'WARNINGS_EXPIRE', 'type' => 'text:3:4', 'explain' => true) diff --git a/phpBB/includes/constants.php b/phpBB/includes/constants.php index ea8e908fa5..27f47d8bbb 100644 --- a/phpBB/includes/constants.php +++ b/phpBB/includes/constants.php @@ -104,6 +104,7 @@ define('PHYSICAL_LINK', 2); // Confirm types define('CONFIRM_REG', 1); define('CONFIRM_LOGIN', 2); +define('CONFIRM_POST', 3); // Categories - Attachments define('ATTACHMENT_CATEGORY_NONE', 0); diff --git a/phpBB/install/schemas/schema_data.sql b/phpBB/install/schemas/schema_data.sql index f014809b3a..2a78875da9 100644 --- a/phpBB/install/schemas/schema_data.sql +++ b/phpBB/install/schemas/schema_data.sql @@ -78,6 +78,7 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('email_function_nam INSERT INTO phpbb_config (config_name, config_value) VALUES ('email_package_size', '50'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('email_pm', '1'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('enable_confirm', '0'); +INSERT INTO phpbb_config (config_name, config_value) VALUES ('enable_post_confirm', '0'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('enable_pm_icons', '1'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('flood_interval', '15'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('force_server_vars', '0'); diff --git a/phpBB/language/en/acp/board.php b/phpBB/language/en/acp/board.php index c074a05e88..59e4edbfe9 100644 --- a/phpBB/language/en/acp/board.php +++ b/phpBB/language/en/acp/board.php @@ -245,8 +245,10 @@ $lang = array_merge($lang, array( 'ALLOW_AUTOLOGIN_EXPLAIN' => 'Determines whether users can autologin when they visit the board.', 'AUTOLOGIN_LENGTH' => 'Persistent login key expiry days', 'AUTOLOGIN_LENGTH_EXPLAIN' => 'Number of days after which persistent login keys are removed or zero to disable.', - 'VISUAL_CONFIRM' => 'Enable visual confirmation', - 'VISUAL_CONFIRM_EXPLAIN' => 'Requires new users enter a random code matching an image to help prevent mass registrations.', + 'VISUAL_CONFIRM_REG' => 'Enable visual confirmation', + 'VISUAL_CONFIRM_REG_EXPLAIN'=> 'Requires new users to enter a random code matching an image to help prevent mass registrations.', + 'VISUAL_CONFIRM_POST' => 'Enable visual confirmation', + 'VISUAL_CONFIRM_POST_EXPLAIN'=> 'Requires anonymous users to enter a random code matching an image to help prevent mass postings.', 'LOGIN_LIMIT' => 'Login attempts', 'LOGIN_LIMIT_EXPLAIN' => 'Number of failed logins users can make before being locked out that session', 'REG_LIMIT' => 'Registration attempts', diff --git a/phpBB/posting.php b/phpBB/posting.php index 83217eab81..a77bd50426 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -46,7 +46,6 @@ $mode = ($delete && !$preview && !$refresh && $submit) ? 'delete' : request_var $error = array(); $current_time = time(); - // Was cancel pressed? If so then redirect to the appropriate page if ($cancel || ($current_time - $lastclick < 2 && $submit)) { @@ -669,6 +668,26 @@ if ($submit || $preview || $refresh) } } + if ($config['enable_post_confirm'] && !$user->data['is_registered'] && ($mode == 'post' || $mode == 'reply')) + { + $confirm_id = request_var('confirm_id', ''); + $confirm_code = request_var('confirm_code', ''); + + $sql = 'SELECT code + FROM ' . CONFIRM_TABLE . " + WHERE confirm_id = '" . $db->sql_escape($confirm_id) . "' + AND session_id = '" . $db->sql_escape($user->session_id) . "' + AND confirm_type = " . CONFIRM_POST; + $result = $db->sql_query($sql); + $confirm_row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); + + if ($confirm_row['code'] !== $confirm_code) + { + $error[] = $user->lang['CONFIRM_CODE_WRONG']; + } + } + // Parse subject if (!$subject && ($mode == 'post' || ($mode == 'edit' && $topic_first_post_id == $post_id))) { @@ -1064,6 +1083,33 @@ generate_forum_nav($forum_data); // Build Forum Rules generate_forum_rules($forum_data); +if ($config['enable_post_confirm'] && !$user->data['is_registered'] && ($mode == 'post' || $mode == 'reply')) +{ + // Show confirm image + $sql = 'DELETE FROM ' . CONFIRM_TABLE . " + WHERE session_id = '" . $db->sql_escape($user->session_id) . "' + AND confirm_type = " . CONFIRM_POST; + $db->sql_query($sql); + + // Generate code + $code = gen_rand_string(mt_rand(5, 8)); + $confirm_id = md5(unique_id(0, $user->ip)); + + $sql = 'INSERT INTO ' . CONFIRM_TABLE . ' ' . $db->sql_build_array('INSERT', array( + 'confirm_id' => (string) $confirm_id, + 'session_id' => (string) $user->session_id, + 'confirm_type' => (int) CONFIRM_POST, + 'code' => (string) $code) + ); + $db->sql_query($sql); + + $template->assign_vars(array( + 'S_CONFIRM_CODE' => true, + 'CONFIRM_ID' => $confirm_id, + 'CONFIRM_IMAGE' => '<img src="' . $phpbb_root_path . 'ucp.' . $phpEx . $SID . '&mode=confirm&id=' . $confirm_id . '&type=' . CONFIRM_POST . '" alt="" title="" />' + )); +} + $s_hidden_fields = ($mode == 'reply' || $mode == 'quote') ? '<input type="hidden" name="topic_cur_post_id" value="' . $topic_last_post_id . '" />' : ''; $s_hidden_fields .= '<input type="hidden" name="lastclick" value="' . $current_time . '" />'; $s_hidden_fields .= ($draft_id || isset($_REQUEST['draft_loaded'])) ? '<input type="hidden" name="draft_loaded" value="' . ((isset($_REQUEST['draft_loaded'])) ? intval($_REQUEST['draft_loaded']) : $draft_id) . '" />' : ''; diff --git a/phpBB/styles/subSilver/template/posting_body.html b/phpBB/styles/subSilver/template/posting_body.html index 8a4026a8df..73fba36590 100644 --- a/phpBB/styles/subSilver/template/posting_body.html +++ b/phpBB/styles/subSilver/template/posting_body.html @@ -369,6 +369,25 @@ function checkForm() </tr> <!-- ENDIF --> + <!-- IF S_CONFIRM_CODE --> + <tr> + <th colspan="2" height="28" valign="middle">{L_POST_CONFIRMATION}</th> + </tr> + <tr> + <td class="row3" colspan="2"><span class="gensmall">{L_POST_CONFIRM_EXPLAIN}</span></td> + </tr> + <tr> + <td class="row1" colspan="2" align="center"> + <input type="hidden" name="confirm_id" value="{CONFIRM_ID}" /> + {CONFIRM_IMAGE} + </td> + </tr> + <tr> + <td class="row1"><b class="genmed">{L_CONFIRM_CODE}: </b><br /><span class="gensmall">{L_CONFIRM_CODE_EXPLAIN}</span></td> + <td class="row2"><input class="post" type="text" name="confirm_code" size="8" maxlength="8" /></td> + </tr> + <!-- ENDIF --> + <!-- IF S_SHOW_ATTACH_BOX or S_SHOW_POLL_BOX --> <tr> <td class="cat" colspan="2" align="center"> |