From 8fc412f26aa1b6e580b8aa200db79608b19aeae9 Mon Sep 17 00:00:00 2001 From: Henry Sudhof Date: Wed, 3 Jun 2009 12:13:01 +0000 Subject: #44955 git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9529 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/functions_user.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'phpBB/includes/functions_user.php') diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index 027db39751..ee9867b1f1 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -2077,8 +2077,8 @@ function avatar_gallery($category, $avatar_select, $items_per_column, $block_var if (preg_match('#^[^&\'"<>]+\.(?:gif|png|jpe?g)$#i', $sub_file)) { $avatar_list[$file][$avatar_row_count][$avatar_col_count] = array( - 'file' => "$file/$sub_file", - 'filename' => $sub_file, + 'file' => rawurlencode ($file) . '/' . rawurlencode ($sub_file), + 'filename' => rawurlencode ($sub_file), 'name' => ucfirst(str_replace('_', ' ', preg_replace('#^(.*)\..*$#', '\1', $sub_file))), ); $avatar_col_count++; -- cgit v1.2.1 From a539fca62b10f53a5f5dadf07f9ab07340fdabf9 Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Sun, 7 Jun 2009 11:34:01 +0000 Subject: some corrections, only very minor things. git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9554 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/functions_user.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'phpBB/includes/functions_user.php') diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index ee9867b1f1..0345f039a3 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -2077,8 +2077,8 @@ function avatar_gallery($category, $avatar_select, $items_per_column, $block_var if (preg_match('#^[^&\'"<>]+\.(?:gif|png|jpe?g)$#i', $sub_file)) { $avatar_list[$file][$avatar_row_count][$avatar_col_count] = array( - 'file' => rawurlencode ($file) . '/' . rawurlencode ($sub_file), - 'filename' => rawurlencode ($sub_file), + 'file' => rawurlencode($file) . '/' . rawurlencode($sub_file), + 'filename' => rawurlencode($sub_file), 'name' => ucfirst(str_replace('_', ' ', preg_replace('#^(.*)\..*$#', '\1', $sub_file))), ); $avatar_col_count++; -- cgit v1.2.1 From 92b6e5400ea1024f3463866be70244eb1fe79a82 Mon Sep 17 00:00:00 2001 From: Andreas Fischer Date: Thu, 11 Jun 2009 13:12:04 +0000 Subject: Fix bug #45345 - Also remove data from friend/foe table when deleting user (patch by nickvergessen). Authorised by: acydburn git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9569 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/functions_user.php | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'phpBB/includes/functions_user.php') diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index 0345f039a3..48fb532d00 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -501,6 +501,12 @@ function user_delete($mode, $user_id, $post_username = false) $cache->destroy('sql', MODERATOR_CACHE_TABLE); + // Delete the user_id from the zebra table + $sql = 'DELETE FROM ' . ZEBRA_TABLE . ' + WHERE user_id = ' . $user_id . ' + OR zebra_id = ' . $user_id; + $db->sql_query($sql); + // Delete the user_id from the banlist $sql = 'DELETE FROM ' . BANLIST_TABLE . ' WHERE ban_userid = ' . $user_id; -- cgit v1.2.1 From 8c79920a55e2b803cc050ad662b7da73a08f6998 Mon Sep 17 00:00:00 2001 From: Andreas Fischer Date: Mon, 15 Jun 2009 11:19:19 +0000 Subject: Fix bug #45585 - Show error if hostname lookup doesn't return a valid IP address when banning. Authorised by: acydburn git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9594 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/functions_user.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'phpBB/includes/functions_user.php') diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index 48fb532d00..ab0122866c 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -910,7 +910,8 @@ function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reas } } } - else + + if (empty($banlist_ary)) { trigger_error('NO_IPS_DEFINED'); } -- cgit v1.2.1 From bfc8906a5ed4b99d0c592972b3267fe52d5da257 Mon Sep 17 00:00:00 2001 From: Ruslan Uzdenov Date: Tue, 16 Jun 2009 14:36:12 +0000 Subject: Fix bug #40245 - Attachments table is not being updated when deleting user and retaining his posts Authorised by: acydburn git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9599 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/functions_user.php | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'phpBB/includes/functions_user.php') diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index ab0122866c..144b323959 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -421,6 +421,11 @@ function user_delete($mode, $user_id, $post_username = false) WHERE topic_last_poster_id = $user_id"; $db->sql_query($sql); + $sql = 'UPDATE ' . ATTACHMENTS_TABLE . ' + SET poster_id = ' . ANONYMOUS . " + WHERE poster_id = $user_id"; + $db->sql_query($sql); + // Since we change every post by this author, we need to count this amount towards the anonymous user // Update the post count for the anonymous user -- cgit v1.2.1 From 3b181245b206e383ba603bb23105a91b494181ed Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Wed, 17 Jun 2009 09:10:48 +0000 Subject: Change bug #21825 - Banning/unbanning users now generates an entry in their user notes Authorised by: acydburn git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9602 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/functions_user.php | 22 +++++++++++++++++++--- 1 file changed, 19 insertions(+), 3 deletions(-) (limited to 'phpBB/includes/functions_user.php') diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index 144b323959..962733aa6a 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -1072,9 +1072,16 @@ function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reas // Update log $log_entry = ($ban_exclude) ? 'LOG_BAN_EXCLUDE_' : 'LOG_BAN_'; - // Add to moderator and admin log + // Add to moderator log, admin log and user notes add_log('admin', $log_entry . strtoupper($mode), $ban_reason, $ban_list_log); add_log('mod', 0, 0, $log_entry . strtoupper($mode), $ban_reason, $ban_list_log); + if ($mode == 'user') + { + foreach ($banlist_ary as $user_id) + { + add_log('user', $user_id, $log_entry . strtoupper($mode), $ban_reason, $ban_list_log); + } + } $cache->destroy('sql', BANLIST_TABLE); @@ -1113,7 +1120,7 @@ function user_unban($mode, $ban) switch ($mode) { case 'user': - $sql = 'SELECT u.username AS unban_info + $sql = 'SELECT u.username AS unban_info, u.user_id FROM ' . USERS_TABLE . ' u, ' . BANLIST_TABLE . ' b WHERE ' . $db->sql_in_set('b.ban_id', $unban_sql) . ' AND u.user_id = b.ban_userid'; @@ -1134,9 +1141,11 @@ function user_unban($mode, $ban) $result = $db->sql_query($sql); $l_unban_list = ''; + $user_ids_ary = array(); while ($row = $db->sql_fetchrow($result)) { $l_unban_list .= (($l_unban_list != '') ? ', ' : '') . $row['unban_info']; + $user_ids_ary[] = $row['user_id']; } $db->sql_freeresult($result); @@ -1144,9 +1153,16 @@ function user_unban($mode, $ban) WHERE ' . $db->sql_in_set('ban_id', $unban_sql); $db->sql_query($sql); - // Add to moderator and admin log + // Add to moderator log, admin log and user notes add_log('admin', 'LOG_UNBAN_' . strtoupper($mode), $l_unban_list); add_log('mod', 0, 0, 'LOG_UNBAN_' . strtoupper($mode), $l_unban_list); + if ($mode == 'user') + { + foreach ($user_ids_ary as $user_id) + { + add_log('user', $user_id, 'LOG_UNBAN_' . strtoupper($mode), $l_unban_list); + } + } } $cache->destroy('sql', BANLIST_TABLE); -- cgit v1.2.1 From 737812dc448967179a2d286243bdb9ac8c41371f Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Wed, 17 Jun 2009 15:38:08 +0000 Subject: fix r9602 Authorised by: acydburn git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9611 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/functions_user.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'phpBB/includes/functions_user.php') diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index 962733aa6a..f8827154c9 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -1145,7 +1145,10 @@ function user_unban($mode, $ban) while ($row = $db->sql_fetchrow($result)) { $l_unban_list .= (($l_unban_list != '') ? ', ' : '') . $row['unban_info']; - $user_ids_ary[] = $row['user_id']; + if ($mode == 'user') + { + $user_ids_ary[] = $row['user_id']; + } } $db->sql_freeresult($result); -- cgit v1.2.1 From d7d96223e7bae7cd60b13c6e7896d95838c3633c Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Fri, 19 Jun 2009 09:51:50 +0000 Subject: - Display coloured usernames in ACP groups management screens - Changed behaviour of group_create() function to support specifying additional group columns - New groups option to excempt group leaders from group permissions git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9625 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/functions_user.php | 76 ++++++++++++++++++++++----------------- 1 file changed, 43 insertions(+), 33 deletions(-) (limited to 'phpBB/includes/functions_user.php') diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index f8827154c9..5e8108eb64 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -2396,24 +2396,9 @@ function group_create(&$group_id, $type, $name, $desc, $group_attributes, $allow global $phpbb_root_path, $config, $db, $user, $file_upload; $error = array(); - $attribute_ary = array( - 'group_colour' => 'string', - 'group_rank' => 'int', - 'group_avatar' => 'string', - 'group_avatar_type' => 'int', - 'group_avatar_width' => 'int', - 'group_avatar_height' => 'int', - - 'group_receive_pm' => 'int', - 'group_legend' => 'int', - 'group_message_limit' => 'int', - 'group_max_recipients' => 'int', - - 'group_founder_manage' => 'int', - ); - // Those are group-only attributes - $group_only_ary = array('group_receive_pm', 'group_legend', 'group_message_limit', 'group_max_recipients', 'group_founder_manage'); + // Attributes which also affect the users table + $user_attribute_ary = array('group_colour', 'group_rank', 'group_avatar', 'group_avatar_type', 'group_avatar_width', 'group_avatar_height'); // Check data. Limit group name length. if (!utf8_strlen($name) || utf8_strlen($name) > 60) @@ -2451,14 +2436,8 @@ function group_create(&$group_id, $type, $name, $desc, $group_attributes, $allow if (sizeof($group_attributes)) { - foreach ($attribute_ary as $attribute => $_type) - { - if (isset($group_attributes[$attribute])) - { - settype($group_attributes[$attribute], $_type); - $sql_ary[$attribute] = $group_attributes[$attribute]; - } - } + // Merge them with $sql_ary to properly update the group + $sql_ary = array_merge($sql_ary, $group_attributes); } // Setting the log message before we set the group id (if group gets added) @@ -2483,6 +2462,7 @@ function group_create(&$group_id, $type, $name, $desc, $group_attributes, $allow { remove_default_avatar($group_id, $user_ary); } + if (isset($sql_ary['group_rank']) && !$sql_ary['group_rank']) { remove_default_rank($group_id, $user_ary); @@ -2498,6 +2478,32 @@ function group_create(&$group_id, $type, $name, $desc, $group_attributes, $allow SET group_name = '" . $db->sql_escape($sql_ary['group_name']) . "' WHERE group_id = $group_id"; $db->sql_query($sql); + + // One special case is the group skip auth setting. If this was changed we need to purge permissions for this group + if (isset($group_attributes['group_skip_auth'])) + { + // Get users within this group... + $sql = 'SELECT user_id + FROM ' . USER_GROUP_TABLE . ' + WHERE group_id = ' . $group_id . ' + AND user_pending = 0'; + $result = $db->sql_query($sql); + + $user_id_ary = array(); + while ($row = $db->sql_fetchrow($result)) + { + $user_id_ary[] = $row['user_id']; + } + $db->sql_freeresult($result); + + if (!empty($user_id_ary)) + { + global $auth; + + // Clear permissions cache of relevant users + $auth->acl_clear_prefetch($user_id_ary); + } + } } else { @@ -2508,6 +2514,7 @@ function group_create(&$group_id, $type, $name, $desc, $group_attributes, $allow if (!$group_id) { $group_id = $db->sql_nextid(); + if (isset($sql_ary['group_avatar_type']) && $sql_ary['group_avatar_type'] == AVATAR_UPLOAD) { group_correct_avatar($group_id, $sql_ary['group_avatar']); @@ -2518,18 +2525,21 @@ function group_create(&$group_id, $type, $name, $desc, $group_attributes, $allow $sql_ary = array(); if (sizeof($group_attributes)) { - foreach ($attribute_ary as $attribute => $_type) + // Go through the user attributes array, check if a group attribute matches it and then set it. ;) + foreach ($user_attribute_ary as $attribute) { - if (isset($group_attributes[$attribute]) && !in_array($attribute, $group_only_ary)) + if (!isset($group_attributes[$attribute])) { - // If we are about to set an avatar, we will not overwrite user avatars if no group avatar is set... - if (strpos($attribute, 'group_avatar') === 0 && !$group_attributes[$attribute]) - { - continue; - } + continue; + } - $sql_ary[$attribute] = $group_attributes[$attribute]; + // If we are about to set an avatar, we will not overwrite user avatars if no group avatar is set... + if (strpos($attribute, 'group_avatar') === 0 && !$group_attributes[$attribute]) + { + continue; } + + $sql_ary[$attribute] = $group_attributes[$attribute]; } } -- cgit v1.2.1 From 433de350c0fa2e1e09c23e6f5f29f118222d2df8 Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Sat, 20 Jun 2009 18:45:16 +0000 Subject: - [Feature] New "Newly Registered Users" group for assigning permissions to newly registered users. They will be removed from this group once they reach a defineable amount of posts. - [Feature] Ability to define if the "Newly Registered Users" group will be assigned as the default group to newly registered users. As a coincidence also Bug #46535 got fixed. Additionally the error message displayed with trigger_error() if accessing the private message tab in the ucp is now displayed inline in addition to a slightly different message for newly registered users to let them know that access permissions may be lifted over time. git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9636 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/functions_user.php | 36 +++++++++++++++++++++++++++++++++--- 1 file changed, 33 insertions(+), 3 deletions(-) (limited to 'phpBB/includes/functions_user.php') diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index 5e8108eb64..17534376de 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -188,6 +188,8 @@ function user_add($user_row, $cp_data = false) 'user_regdate' => time(), 'user_passchg' => time(), 'user_options' => 895, + // We do not set the new flag here - registration scripts need to specify it + 'user_new' => 0, 'user_inactive_reason' => 0, 'user_inactive_time' => 0, @@ -275,6 +277,31 @@ function user_add($user_row, $cp_data = false) // Now make it the users default group... group_set_user_default($user_row['group_id'], array($user_id), false); + // Add to newly registered users group if user_new is 1 + if ($config['new_member_post_limit'] && $sql_ary['user_new']) + { + $sql = 'SELECT group_id + FROM ' . GROUPS_TABLE . " + WHERE group_name = 'NEWLY_REGISTERED' + AND group_type = " . GROUP_SPECIAL; + $result = $db->sql_query($sql); + $add_group_id = (int) $db->sql_fetchfield('group_id'); + $db->sql_freeresult($result); + + if ($add_group_id) + { + // Add user to "newly registered users" group and set to default group if admin specified so. + if ($config['new_member_group_default']) + { + group_user_add($add_group_id, $user_id, false, false, true); + } + else + { + group_user_add($add_group_id, $user_id); + } + } + } + // set the newest user and adjust the user count if the user is a normal user and no activation mail is sent if ($user_row['user_type'] == USER_NORMAL) { @@ -2867,7 +2894,7 @@ function group_user_del($group_id, $user_id_ary = false, $username_ary = false, { if (isset($sql_where_ary[$gid]) && sizeof($sql_where_ary[$gid])) { - remove_default_rank($gid, $sql_where_ary[$gid]); + remove_default_rank($group_id, $sql_where_ary[$gid]); remove_default_avatar($group_id, $sql_where_ary[$gid]); group_set_user_default($gid, $sql_where_ary[$gid], $default_data_ary); } @@ -2889,7 +2916,10 @@ function group_user_del($group_id, $user_id_ary = false, $username_ary = false, $log = 'LOG_GROUP_REMOVE'; - add_log('admin', $log, $group_name, implode(', ', $username_ary)); + if ($group_name) + { + add_log('admin', $log, $group_name, implode(', ', $username_ary)); + } group_update_listings($group_id); @@ -3283,7 +3313,7 @@ function get_group_name($group_id) $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); - if (!$row) + if (!$row || ($row['group_type'] == GROUP_SPECIAL && empty($user->lang))) { return ''; } -- cgit v1.2.1 From 794e122cfa01539e912786455da59e25d459a56f Mon Sep 17 00:00:00 2001 From: Henry Sudhof Date: Sun, 21 Jun 2009 14:31:00 +0000 Subject: add quicktool to remove users from the newly registered special group. git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9646 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/functions_user.php | 73 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 73 insertions(+) (limited to 'phpBB/includes/functions_user.php') diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index 17534376de..bb54a14262 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -3456,4 +3456,77 @@ function group_update_listings($group_id) } } + + +/** +* Funtion to make a user leave the NEWLY_REGISTERED system group. +* @access public +* @param $user_id The id of the user to remove from the group +*/ +function remove_newly_registered($user_id, $user_data = false) +{ + global $db; + + if ($user_data === false) + { + $sql = 'SELECT * + FROM ' . USERS_TABLE . ' + WHERE user_id = ' . $user_id; + $result = $db->sql_query($sql); + $user_row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); + + if (!$user_row) + { + return false; + } + else + { + $user_data = $user_row; + } + } + + if (empty($user_data['user_new'])) + { + return false; + } + + $sql = 'SELECT group_id + FROM ' . GROUPS_TABLE . " + WHERE group_name = 'NEWLY_REGISTERED' + AND group_type = " . GROUP_SPECIAL; + $result = $db->sql_query($sql); + $group_id = (int) $db->sql_fetchfield('group_id'); + $db->sql_freeresult($result); + + if (!$group_id) + { + return false; + } + + // We need to call group_user_del here, because this function makes sure everything is correctly changed. + // A downside for a call within the session handler is that the language is not set up yet - so no log entry + group_user_del($group_id, $user_id); + + // Set user_new to 0 to let this not be triggered again + $sql = 'UPDATE ' . USERS_TABLE . ' + SET user_new = 0 + WHERE user_id = ' . $user_id; + $db->sql_query($sql); + + // The new users group was the users default group? + if ($user_data['group_id'] == $group_id) + { + // Which group is now the users default one? + $sql = 'SELECT group_id + FROM ' . USERS_TABLE . ' + WHERE user_id = ' . $user_id; + $result = $db->sql_query($sql); + $user_data['group_id'] = $db->sql_fetchfield('group_id'); + $db->sql_freeresult($result); + } + + return $user_data['group_id']; +} + ?> \ No newline at end of file -- cgit v1.2.1 From adaeec1ec9f7cd55522a5c4d0bf0538dbc0c6f99 Mon Sep 17 00:00:00 2001 From: Ruslan Uzdenov Date: Sat, 27 Jun 2009 08:36:40 +0000 Subject: Fixed Bug #45115 - Signature parsing flags are not stored in DB Authorised by: AcydBurn git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9696 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/functions_user.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/includes/functions_user.php') diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index bb54a14262..4ea094e451 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -187,7 +187,7 @@ function user_add($user_row, $cp_data = false) 'user_ip' => '', 'user_regdate' => time(), 'user_passchg' => time(), - 'user_options' => 895, + 'user_options' => 230271, // We do not set the new flag here - registration scripts need to specify it 'user_new' => 0, -- cgit v1.2.1 From 33033ad12555377a9b50cfbeb72b683ddd56b893 Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Tue, 14 Jul 2009 20:40:45 +0000 Subject: Fix Bug #45675 - Do not allow setting group as default group for pending user Authorised by: AcydBurn git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9759 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/functions_user.php | 26 +++++++++++++++++++++++++- 1 file changed, 25 insertions(+), 1 deletion(-) (limited to 'phpBB/includes/functions_user.php') diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index 4ea094e451..c69c27c9d7 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -3109,6 +3109,27 @@ function group_user_attributes($action, $group_id, $user_id_ary = false, $userna break; case 'default': + // We only set default group for approved members of the group + $sql = 'SELECT user_id + FROM ' . USER_GROUP_TABLE . " + WHERE group_id = $group_id + AND user_pending = 0 + AND " . $db->sql_in_set('user_id', $user_id_ary); + $result = $db->sql_query($sql); + + $user_id_ary = $username_ary = array(); + while ($row = $db->sql_fetchrow($result)) + { + $user_id_ary[] = $row['user_id']; + } + $db->sql_freeresult($result); + + $result = user_get_id_name($user_id_ary, $username_ary); + if (!sizeof($user_id_ary) || $result !== false) + { + return 'NO_USERS'; + } + $sql = 'SELECT user_id, group_id FROM ' . USERS_TABLE . ' WHERE ' . $db->sql_in_set('user_id', $user_id_ary, false, true); $result = $db->sql_query($sql); @@ -3197,7 +3218,7 @@ function group_validate_groupname($group_id, $group_name) */ function group_set_user_default($group_id, $user_id_ary, $group_attributes = false, $update_listing = false) { - global $db; + global $cache, $db; if (empty($user_id_ary)) { @@ -3297,6 +3318,9 @@ function group_set_user_default($group_id, $user_id_ary, $group_attributes = fal { group_update_listings($group_id); } + + // Because some tables/caches use usercolour-specific data we need to purge this here. + $cache->destroy('sql', MODERATOR_CACHE_TABLE); } /** -- cgit v1.2.1 From 224aa404f6c8f0014a0dc48b9776ff431b8d4f48 Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Fri, 24 Jul 2009 08:49:51 +0000 Subject: Fix bug #47825 - Banning an already banned user states to be successful, but has no effect - Patch by Pyramide Authorised by: AcydBurn git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9840 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/functions_user.php | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) (limited to 'phpBB/includes/functions_user.php') diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index c69c27c9d7..e8584239ad 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -1016,7 +1016,17 @@ function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reas } while ($row = $db->sql_fetchrow($result)); - $banlist_ary = array_unique(array_diff($banlist_ary, $banlist_ary_tmp)); + $banlist_ary_tmp = array_intersect($banlist_ary, $banlist_ary_tmp); + + if (sizeof($banlist_ary_tmp)) + { + // One or more entities are already banned/excluded, delete the existing bans, so they can be re-inserted with the given new length + $sql = 'DELETE FROM ' . BANLIST_TABLE . ' + WHERE ' . $db->sql_in_set($type, $banlist_ary_tmp) . ' + AND ban_exclude = ' . (int) $ban_exclude; + $db->sql_query($sql); + } + unset($banlist_ary_tmp); } $db->sql_freeresult($result); -- cgit v1.2.1 From 6510aef869e455ae6748e4719cb6cb187264f4bb Mon Sep 17 00:00:00 2001 From: Ruslan Uzdenov Date: Tue, 28 Jul 2009 11:47:32 +0000 Subject: Fix bug #48345 - Adding users to group - default rank does not changing correctly Authorised by: AcydBurn git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9879 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/functions_user.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/includes/functions_user.php') diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index e8584239ad..324be2b1ed 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -2780,7 +2780,7 @@ function group_user_add($group_id, $user_id_ary = false, $username_ary = false, if ($default) { - group_set_user_default($group_id, $user_id_ary, $group_attributes); + group_user_attributes('default', $group_id, $user_id_ary, false, $group_name, $group_attributes); } $db->sql_transaction('commit'); -- cgit v1.2.1 From 530f4963cbc12e0f47f20c13c70587a60d3ad37c Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Sat, 1 Aug 2009 11:43:39 +0000 Subject: Fix Bug #37585 - Correctly log action when users request to join a group Authorised by: AcydBurn git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9903 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/functions_user.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/includes/functions_user.php') diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index 324be2b1ed..ca6aae2540 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -2793,7 +2793,7 @@ function group_user_add($group_id, $user_id_ary = false, $username_ary = false, $group_name = get_group_name($group_id); } - $log = ($leader) ? 'LOG_MODS_ADDED' : 'LOG_USERS_ADDED'; + $log = ($leader) ? 'LOG_MODS_ADDED' : (($pending) ? 'LOG_USERS_PENDING' : 'LOG_USERS_ADDED'); add_log('admin', $log, $group_name, implode(', ', $username_ary)); -- cgit v1.2.1 From 300f6868afc4ee53d97d289f85a0383b88ba377e Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Mon, 17 Aug 2009 13:21:44 +0000 Subject: i am very very sorry for this hackish approach... (ability to skip add_log calls) git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@10003 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/functions_user.php | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) (limited to 'phpBB/includes/functions_user.php') diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index ca6aae2540..c562ac666f 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -290,6 +290,9 @@ function user_add($user_row, $cp_data = false) if ($add_group_id) { + // Because these actions only fill the log unneccessarily we skip the add_log() entry with a little hack. :/ + $GLOBALS['skip_add_log'] = true; + // Add user to "newly registered users" group and set to default group if admin specified so. if ($config['new_member_group_default']) { @@ -299,6 +302,8 @@ function user_add($user_row, $cp_data = false) { group_user_add($add_group_id, $user_id); } + + unset($GLOBALS['skip_add_log']); } } @@ -3519,12 +3524,12 @@ function remove_newly_registered($user_id, $user_data = false) $user_data = $user_row; } } - + if (empty($user_data['user_new'])) { return false; } - + $sql = 'SELECT group_id FROM ' . GROUPS_TABLE . " WHERE group_name = 'NEWLY_REGISTERED' -- cgit v1.2.1 From 17f40511bf4df9dd46cd13cbd2c7802c49575783 Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Tue, 25 Aug 2009 09:07:26 +0000 Subject: Make sure only logs for existing users are displayed and user-specific logs removed on user deletion. (Bug #49855) git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@10053 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/functions_user.php | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 'phpBB/includes/functions_user.php') diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index c562ac666f..cb3306745e 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -538,6 +538,17 @@ function user_delete($mode, $user_id, $post_username = false) $cache->destroy('sql', MODERATOR_CACHE_TABLE); + // Delete user log entries about this user + $sql = 'DELETE FROM ' . LOG_TABLE . ' + WHERE reportee_id = ' . $user_id; + $db->sql_query($sql); + + // Change user_id to anonymous for this users triggered events + $sql = 'UPDATE ' . LOG_TABLE . ' + SET user_id = ' . ANONYMOUS . ' + WHERE user_id = ' . $user_id; + $db->sql_query($sql); + // Delete the user_id from the zebra table $sql = 'DELETE FROM ' . ZEBRA_TABLE . ' WHERE user_id = ' . $user_id . ' -- cgit v1.2.1 From c52f05b3329c9c79ecbc3184bd65cdbe4644ebcd Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Fri, 28 Aug 2009 09:26:43 +0000 Subject: Fix Bug #49195 - Queries on un-indexed column user_email Added function to generate email-hash. Authorised by: AcydBurn git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@10060 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/functions_user.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'phpBB/includes/functions_user.php') diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index cb3306745e..11b134cd85 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -171,7 +171,7 @@ function user_add($user_row, $cp_data = false) 'user_password' => (isset($user_row['user_password'])) ? $user_row['user_password'] : '', 'user_pass_convert' => 0, 'user_email' => strtolower($user_row['user_email']), - 'user_email_hash' => crc32(strtolower($user_row['user_email'])) . strlen($user_row['user_email']), + 'user_email_hash' => phpbb_email_hash($user_row['user_email']), 'group_id' => $user_row['group_id'], 'user_type' => $user_row['user_type'], ); @@ -1727,7 +1727,7 @@ function validate_email($email, $allowed_email = false) { $sql = 'SELECT user_email_hash FROM ' . USERS_TABLE . " - WHERE user_email_hash = " . (crc32($email) . strlen($email)); + WHERE user_email_hash = " . $db->sql_escape(phpbb_email_hash($email)); $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); -- cgit v1.2.1 From c35cdff24195ed38ae6df98a59c27324a5c72d1c Mon Sep 17 00:00:00 2001 From: Andreas Fischer Date: Fri, 4 Sep 2009 12:04:30 +0000 Subject: Also update newest user data if someone is creating a founder with user_add(). git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@10099 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/functions_user.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/includes/functions_user.php') diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index 11b134cd85..7255d138ab 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -308,7 +308,7 @@ function user_add($user_row, $cp_data = false) } // set the newest user and adjust the user count if the user is a normal user and no activation mail is sent - if ($user_row['user_type'] == USER_NORMAL) + if ($user_row['user_type'] == USER_NORMAL || $user_row['user_type'] == USER_FOUNDER) { set_config('newest_user_id', $user_id, true); set_config('newest_username', $user_row['username'], true); -- cgit v1.2.1