Fix bug #495736

git-svn-id: file:///svn/phpbb/trunk@1665 89ea8834-ac86-4346-8a33-228a782c2dd0

phpBB/admin/admin_user_ban.php

@@ -257,7 +257,7 @@ if( isset($HTTP_POST_VARS['submit']) )
 		if( !$in_banlist )
 		{
 			$sql = "INSERT INTO " . BANLIST_TABLE . " (ban_email)
-				VALUES ('" . $email_list[$i] . "')";
+				VALUES ('" . str_replace("\'", "''", $email_list[$i]) . "')";
 			if( !$result = $db->sql_query($sql) )
 			{
 				message_die(GENERAL_ERROR, "Couldn't insert ban_email info into database", "", __LINE__, __FILE__, $sql);
@@ -277,9 +277,9 @@ if( isset($HTTP_POST_VARS['submit']) )
 			{
 				if($where_sql != "")
 				{
-					$where_sql .= " OR ";
+					$where_sql .= ", ";
 				}
-				$where_sql .= "ban_id = " . $user_list[$i];
+				$where_sql .= $user_list[$i];
 			}
 		}
 	}
@@ -294,9 +294,9 @@ if( isset($HTTP_POST_VARS['submit']) )
 			{
 				if($where_sql != "")
 				{
-					$where_sql .= " OR ";
+					$where_sql .= ", ";
 				}
-				$where_sql .= "ban_id = " . $ip_list[$i];
+				$where_sql .= $ip_list[$i];
 			}
 		}
 	}
@@ -311,9 +311,9 @@ if( isset($HTTP_POST_VARS['submit']) )
 			{
 				if($where_sql != "")
 				{
-					$where_sql .= " OR ";
+					$where_sql .= ", ";
 				}
-				$where_sql .= "ban_id = " . $email_list[$i];
+				$where_sql .= $email_list[$i];
 			}
 		}
 	}
@@ -321,7 +321,7 @@ if( isset($HTTP_POST_VARS['submit']) )
 	if( $where_sql != "" )
 	{
 		$sql = "DELETE FROM " . BANLIST_TABLE . "
-			WHERE $where_sql";
+			WHERE ban_id IN ($where_sql)";
 		if( !$result = $db->sql_query($sql) )
 		{
 			message_die(GENERAL_ERROR, "Couldn't delete ban info from database", "", __LINE__, __FILE__, $sql);
@@ -367,7 +367,6 @@ else
 		$select_userlist .= "<option value=\"" . $user_list[$i]['user_id'] . "\">" . $user_list[$i]['username'] . "</option>";
 		$userban_count++;
 	}
-	$select_size = ( $userban_count < 5 || $userban_c) ? 5 : 
 	$select_userlist = "<select name=\"ban_user[]\" multiple=\"multiple\" size=\"5\">" . $select_userlist . "</select>";
 
 	$template->assign_vars(array(