mirror of
https://github.com/phpbb/phpbb.git
synced 2025-06-28 14:18:52 +00:00
Fix Bug #45675 - Do not allow setting group as default group for pending user
Authorised by: AcydBurn git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9759 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Joas Schilling
parent
e3866c939d
commit
33033ad125
4 changed files with 53 additions and 3 deletions
|
|
@ -135,8 +135,8 @@
|
|||
<!-- ELSE -->
|
||||
<!-- IF group.S_ROW_COUNT is even --><tr class="row1"><!-- ELSE --><tr class="row2"><!-- ENDIF -->
|
||||
<td><a href="{group.U_EDIT_GROUP}">{group.GROUP_NAME}</a></td>
|
||||
<td><!-- IF group.S_NO_DEFAULT --><a href="{group.U_DEFAULT}">{L_GROUP_DEFAULT}</a><!-- ELSE --><strong>{L_GROUP_DEFAULT}</strong><!-- ENDIF --></td>
|
||||
<td><!-- IF not group.S_SPECIAL_GROUP --><a href="{group.U_DEMOTE_PROMOTE}">{group.L_DEMOTE_PROMOTE}</a><!-- ELSE --> <!-- ENDIF --></td>
|
||||
<td><!-- IF group.S_IS_MEMBER --><!-- IF group.S_NO_DEFAULT --><a href="{group.U_DEFAULT}">{L_GROUP_DEFAULT}</a><!-- ELSE --><strong>{L_GROUP_DEFAULT}</strong><!-- ENDIF --><!-- ELSEIF not group.S_IS_MEMBER and group.U_APPROVE --><a href="{group.U_APPROVE}">{L_GROUP_APPROVE}</a><!-- ELSE --> <!-- ENDIF --></td>
|
||||
<td><!-- IF group.S_IS_MEMBER and not group.S_SPECIAL_GROUP --><a href="{group.U_DEMOTE_PROMOTE}">{group.L_DEMOTE_PROMOTE}</a><!-- ELSE --> <!-- ENDIF --></td>
|
||||
<td><a href="{group.U_DELETE}">{L_GROUP_DELETE}</a></td>
|
||||
</tr>
|
||||
<!-- ENDIF -->
|
||||
|
|
|
|||
|
|
@ -156,6 +156,7 @@
|
|||
<li>[Fix] Smilies and images not viewed in topic-print view (Bug #47265 - Patch by nickvergessen)</li>
|
||||
<li>[Fix] Force full date for PMs print-view (Patch by nickvergessen)</li>
|
||||
<li>[Fix] Fix "Always show a scrollbar for short pages" for IE8 and Firefox 3.5 (Bug #47865 - Patch by stokerpiller)</li>
|
||||
<li>[Fix] Do not allow setting group as default group for pending user (Bug #45675 - Patch by nickvergessen)</li>
|
||||
<li>[Change] Change the data format of the default file ACM to be more secure from tampering and have better performance.</li>
|
||||
<li>[Change] Add index on log_time to the log table to prevent slowdown on boards with many log entries. (Bug #44665 - Patch by bantu)</li>
|
||||
<li>[Change] Template engine now permits to a limited extent variable includes.</li>
|
||||
|
|
|
|||
|
|
@ -2017,6 +2017,29 @@ class acp_users
|
|||
}
|
||||
|
||||
break;
|
||||
|
||||
case 'approve':
|
||||
|
||||
if (confirm_box(true))
|
||||
{
|
||||
if (!$group_id)
|
||||
{
|
||||
trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
|
||||
}
|
||||
group_user_attributes($action, $group_id, $user_id);
|
||||
}
|
||||
else
|
||||
{
|
||||
confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
|
||||
'u' => $user_id,
|
||||
'i' => $id,
|
||||
'mode' => $mode,
|
||||
'action' => $action,
|
||||
'g' => $group_id))
|
||||
);
|
||||
}
|
||||
|
||||
break;
|
||||
}
|
||||
|
||||
// Add user to group?
|
||||
|
|
@ -2109,10 +2132,12 @@ class acp_users
|
|||
'U_DEFAULT' => $this->u_action . "&action=default&u=$user_id&g=" . $data['group_id'],
|
||||
'U_DEMOTE_PROMOTE' => $this->u_action . '&action=' . (($data['group_leader']) ? 'demote' : 'promote') . "&u=$user_id&g=" . $data['group_id'],
|
||||
'U_DELETE' => $this->u_action . "&action=delete&u=$user_id&g=" . $data['group_id'],
|
||||
'U_APPROVE' => ($group_type == 'pending') ? $this->u_action . "&action=approve&u=$user_id&g=" . $data['group_id'] : '',
|
||||
|
||||
'GROUP_NAME' => ($group_type == 'special') ? $user->lang['G_' . $data['group_name']] : $data['group_name'],
|
||||
'L_DEMOTE_PROMOTE' => ($data['group_leader']) ? $user->lang['GROUP_DEMOTE'] : $user->lang['GROUP_PROMOTE'],
|
||||
|
||||
'S_IS_MEMBER' => ($group_type != 'pending') ? true : false,
|
||||
'S_NO_DEFAULT' => ($user_row['group_id'] != $data['group_id']) ? true : false,
|
||||
'S_SPECIAL_GROUP' => ($group_type == 'special') ? true : false,
|
||||
)
|
||||
|
|
|
|||
|
|
@ -3109,6 +3109,27 @@ function group_user_attributes($action, $group_id, $user_id_ary = false, $userna
|
|||
break;
|
||||
|
||||
case 'default':
|
||||
// We only set default group for approved members of the group
|
||||
$sql = 'SELECT user_id
|
||||
FROM ' . USER_GROUP_TABLE . "
|
||||
WHERE group_id = $group_id
|
||||
AND user_pending = 0
|
||||
AND " . $db->sql_in_set('user_id', $user_id_ary);
|
||||
$result = $db->sql_query($sql);
|
||||
|
||||
$user_id_ary = $username_ary = array();
|
||||
while ($row = $db->sql_fetchrow($result))
|
||||
{
|
||||
$user_id_ary[] = $row['user_id'];
|
||||
}
|
||||
$db->sql_freeresult($result);
|
||||
|
||||
$result = user_get_id_name($user_id_ary, $username_ary);
|
||||
if (!sizeof($user_id_ary) || $result !== false)
|
||||
{
|
||||
return 'NO_USERS';
|
||||
}
|
||||
|
||||
$sql = 'SELECT user_id, group_id FROM ' . USERS_TABLE . '
|
||||
WHERE ' . $db->sql_in_set('user_id', $user_id_ary, false, true);
|
||||
$result = $db->sql_query($sql);
|
||||
|
|
@ -3197,7 +3218,7 @@ function group_validate_groupname($group_id, $group_name)
|
|||
*/
|
||||
function group_set_user_default($group_id, $user_id_ary, $group_attributes = false, $update_listing = false)
|
||||
{
|
||||
global $db;
|
||||
global $cache, $db;
|
||||
|
||||
if (empty($user_id_ary))
|
||||
{
|
||||
|
|
@ -3297,6 +3318,9 @@ function group_set_user_default($group_id, $user_id_ary, $group_attributes = fal
|
|||
{
|
||||
group_update_listings($group_id);
|
||||
}
|
||||
|
||||
// Because some tables/caches use usercolour-specific data we need to purge this here.
|
||||
$cache->destroy('sql', MODERATOR_CACHE_TABLE);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue