makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-28 14:18:52 +00:00
Code Issues Projects Releases Packages Wiki Activity

Fix Bug #45675 - Do not allow setting group as default group for pending user

Browse source 
Authorised by: AcydBurn


git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9759 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Joas Schilling 2009-07-14 20:40:45 +00:00
parent e3866c939d
commit 33033ad125
4 changed files with 53 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
phpBB/adm/style/acp_users.html
View file

@ -135,8 +135,8 @@
<!-- ELSE --> <!-- ELSE -->
<!-- IF group.S_ROW_COUNT is even --><tr class="row1"><!-- ELSE --><tr class="row2"><!-- ENDIF --> <!-- IF group.S_ROW_COUNT is even --><tr class="row1"><!-- ELSE --><tr class="row2"><!-- ENDIF -->
<td><a href="{group.U_EDIT_GROUP}">{group.GROUP_NAME}</a></td> <td><a href="{group.U_EDIT_GROUP}">{group.GROUP_NAME}</a></td>
<td><!-- IF group.S_NO_DEFAULT --><a href="{group.U_DEFAULT}">{L_GROUP_DEFAULT}</a><!-- ELSE --><strong>{L_GROUP_DEFAULT}</strong><!-- ENDIF --></td> <td><!-- IF group.S_IS_MEMBER --><!-- IF group.S_NO_DEFAULT --><a href="{group.U_DEFAULT}">{L_GROUP_DEFAULT}</a><!-- ELSE --><strong>{L_GROUP_DEFAULT}</strong><!-- ENDIF --><!-- ELSEIF not group.S_IS_MEMBER and group.U_APPROVE --><a href="{group.U_APPROVE}">{L_GROUP_APPROVE}</a><!-- ELSE -->&nbsp;<!-- ENDIF --></td>
<td><!-- IF not group.S_SPECIAL_GROUP --><a href="{group.U_DEMOTE_PROMOTE}">{group.L_DEMOTE_PROMOTE}</a><!-- ELSE -->&nbsp;<!-- ENDIF --></td> <td><!-- IF group.S_IS_MEMBER and not group.S_SPECIAL_GROUP --><a href="{group.U_DEMOTE_PROMOTE}">{group.L_DEMOTE_PROMOTE}</a><!-- ELSE -->&nbsp;<!-- ENDIF --></td>
<td><a href="{group.U_DELETE}">{L_GROUP_DELETE}</a></td> <td><a href="{group.U_DELETE}">{L_GROUP_DELETE}</a></td>
</tr> </tr>
<!-- ENDIF --> <!-- ENDIF -->

1
phpBB/docs/CHANGELOG.html
View file

@ -156,6 +156,7 @@
<li>[Fix] Smilies and images not viewed in topic-print view (Bug #47265 - Patch by nickvergessen)</li> <li>[Fix] Smilies and images not viewed in topic-print view (Bug #47265 - Patch by nickvergessen)</li>
<li>[Fix] Force full date for PMs print-view (Patch by nickvergessen)</li> <li>[Fix] Force full date for PMs print-view (Patch by nickvergessen)</li>
<li>[Fix] Fix &quot;Always show a scrollbar for short pages&quot; for IE8 and Firefox 3.5 (Bug #47865 - Patch by stokerpiller)</li> <li>[Fix] Fix &quot;Always show a scrollbar for short pages&quot; for IE8 and Firefox 3.5 (Bug #47865 - Patch by stokerpiller)</li>
<li>[Fix] Do not allow setting group as default group for pending user (Bug #45675 - Patch by nickvergessen)</li>
<li>[Change] Change the data format of the default file ACM to be more secure from tampering and have better performance.</li> <li>[Change] Change the data format of the default file ACM to be more secure from tampering and have better performance.</li>
<li>[Change] Add index on log_time to the log table to prevent slowdown on boards with many log entries. (Bug #44665 - Patch by bantu)</li> <li>[Change] Add index on log_time to the log table to prevent slowdown on boards with many log entries. (Bug #44665 - Patch by bantu)</li>
<li>[Change] Template engine now permits to a limited extent variable includes.</li> <li>[Change] Template engine now permits to a limited extent variable includes.</li>

25
phpBB/includes/acp/acp_users.php
View file

@ -2017,6 +2017,29 @@ class acp_users
} }
break; break;
case 'approve':
if (confirm_box(true))
{
if (!$group_id)
{
trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
}
group_user_attributes($action, $group_id, $user_id);
}
else
{
confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
'u' => $user_id,
'i' => $id,
'mode' => $mode,
'action' => $action,
'g' => $group_id))
);
}
break;
} }
// Add user to group? // Add user to group?
@ -2109,10 +2132,12 @@ class acp_users
'U_DEFAULT' => $this->u_action . "&amp;action=default&amp;u=$user_id&amp;g=" . $data['group_id'], 'U_DEFAULT' => $this->u_action . "&amp;action=default&amp;u=$user_id&amp;g=" . $data['group_id'],
'U_DEMOTE_PROMOTE' => $this->u_action . '&amp;action=' . (($data['group_leader']) ? 'demote' : 'promote') . "&amp;u=$user_id&amp;g=" . $data['group_id'], 'U_DEMOTE_PROMOTE' => $this->u_action . '&amp;action=' . (($data['group_leader']) ? 'demote' : 'promote') . "&amp;u=$user_id&amp;g=" . $data['group_id'],
'U_DELETE' => $this->u_action . "&amp;action=delete&amp;u=$user_id&amp;g=" . $data['group_id'], 'U_DELETE' => $this->u_action . "&amp;action=delete&amp;u=$user_id&amp;g=" . $data['group_id'],
'U_APPROVE' => ($group_type == 'pending') ? $this->u_action . "&amp;action=approve&amp;u=$user_id&amp;g=" . $data['group_id'] : '',
'GROUP_NAME' => ($group_type == 'special') ? $user->lang['G_' . $data['group_name']] : $data['group_name'], 'GROUP_NAME' => ($group_type == 'special') ? $user->lang['G_' . $data['group_name']] : $data['group_name'],
'L_DEMOTE_PROMOTE' => ($data['group_leader']) ? $user->lang['GROUP_DEMOTE'] : $user->lang['GROUP_PROMOTE'], 'L_DEMOTE_PROMOTE' => ($data['group_leader']) ? $user->lang['GROUP_DEMOTE'] : $user->lang['GROUP_PROMOTE'],
'S_IS_MEMBER' => ($group_type != 'pending') ? true : false,
'S_NO_DEFAULT' => ($user_row['group_id'] != $data['group_id']) ? true : false, 'S_NO_DEFAULT' => ($user_row['group_id'] != $data['group_id']) ? true : false,
'S_SPECIAL_GROUP' => ($group_type == 'special') ? true : false, 'S_SPECIAL_GROUP' => ($group_type == 'special') ? true : false,
) )

26
phpBB/includes/functions_user.php
View file

@ -3109,6 +3109,27 @@ function group_user_attributes($action, $group_id, $user_id_ary = false, $userna
break; break;
case 'default': case 'default':
// We only set default group for approved members of the group
$sql = 'SELECT user_id
FROM ' . USER_GROUP_TABLE . "
WHERE group_id = $group_id
AND user_pending = 0
AND " . $db->sql_in_set('user_id', $user_id_ary);
$result = $db->sql_query($sql);
$user_id_ary = $username_ary = array();
while ($row = $db->sql_fetchrow($result))
{
$user_id_ary[] = $row['user_id'];
}
$db->sql_freeresult($result);
$result = user_get_id_name($user_id_ary, $username_ary);
if (!sizeof($user_id_ary) || $result !== false)
{
return 'NO_USERS';
}
$sql = 'SELECT user_id, group_id FROM ' . USERS_TABLE . ' $sql = 'SELECT user_id, group_id FROM ' . USERS_TABLE . '
WHERE ' . $db->sql_in_set('user_id', $user_id_ary, false, true); WHERE ' . $db->sql_in_set('user_id', $user_id_ary, false, true);
$result = $db->sql_query($sql); $result = $db->sql_query($sql);
@ -3197,7 +3218,7 @@ function group_validate_groupname($group_id, $group_name)
*/ */
function group_set_user_default($group_id, $user_id_ary, $group_attributes = false, $update_listing = false) function group_set_user_default($group_id, $user_id_ary, $group_attributes = false, $update_listing = false)
{ {
global $db; global $cache, $db;
if (empty($user_id_ary)) if (empty($user_id_ary))
{ {
@ -3297,6 +3318,9 @@ function group_set_user_default($group_id, $user_id_ary, $group_attributes = fal
{ {
group_update_listings($group_id); group_update_listings($group_id);
} }
// Because some tables/caches use usercolour-specific data we need to purge this here.
$cache->destroy('sql', MODERATOR_CACHE_TABLE);
} }
/** /**