From 7c14ced8ca4c81801b9f1c108461fc9a52aa10cc Mon Sep 17 00:00:00 2001
From: Bart van Bragt <bartvb@users.sourceforge.net>
Date: Sun, 23 Oct 2005 14:16:44 +0000
Subject: [PATCH] Banning of emails wasn't checked correctly during
 registration

git-svn-id: file:///svn/phpbb/trunk@5277 89ea8834-ac86-4346-8a33-228a782c2dd0
---
 phpBB/includes/functions_user.php | 34 ++++++++++++++++++++++++++++---
 1 file changed, 31 insertions(+), 3 deletions(-)

diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php
index 5cdfd9c1df..0d39bf233e 100644
--- a/phpBB/includes/functions_user.php
+++ b/phpBB/includes/functions_user.php
@@ -905,15 +905,43 @@ function validate_email($email)
 		FROM ' . BANLIST_TABLE;
 	$result = $db->sql_query($sql);
 
-	while ($row = $db->sql_fetchrow($result))
+	// TODO: This is a duplication of code from session->check_ban()
+	$sql = 'SELECT ban_ip, ban_userid, ban_email, ban_exclude, ban_give_reason, ban_end
+		FROM ' . BANLIST_TABLE . '
+		WHERE ban_end >= ' . time() . '
+			OR ban_end = 0';
+	$result = $db->sql_query($sql);
+
+	if ($row = $db->sql_fetchrow($result))
 	{
-		if (preg_match('#^' . str_replace('*', '.*?', $row['ban_email']) . '$#i', $email))
+		do
 		{
-			return 'EMAIL_BANNED';
+			if (!empty($row['ban_email']) && preg_match('#^' . str_replace('*', '.*?', $row['ban_email']) . '$#i', $email))
+			{
+				if (!empty($row['ban_exclude']))
+				{
+					$banned = false;
+					break;
+				}
+				else
+				{
+					$banned = true;
+					$ban_row = $row;
+					// Don't break. Check if there is an exclude rule for this user
+				}
+			}
 		}
+		while ($row = $db->sql_fetchrow($result));
 	}
 	$db->sql_freeresult($result);
 
+	if ($banned == true)
+	{
+		return 'EMAIL_BANNED';
+	}
+
+	$db->sql_freeresult($result);
+
 	if (!$config['allow_emailreuse'])
 	{
 		$sql = 'SELECT user_email_hash