chris3471 wrote: So what happens if you ban someone and then they delete their cookies?
Asked and answered
chris3471 wrote: So what happens if you ban someone and then they delete their cookies?
Code: Select all
//Set the ban_cookie, time it for 1 year. The time restarts every time the user comes here
if ($banned_ip) setcookie($board_config['cookie_name'].'_banned_ip',$banned_ip, time()+365*24*3600);
if ($banned_id) setcookie($board_config['cookie_name'].'_banned_id',$banned_id, time()+365*24*3600);
Sassy wrote: Hi,
Do you think you can show me how to install your mod while I have Temp Banned mod install as well.
http://phpbbmodders.com/mods/tempban/tempban_1.1.1.txt
By the way, this is a cool mod as well.
Code: Select all
//START MOD Ban_cookie
//Give banned users a cookie and check that too, in addition to the existing checks.
//Once the cookie is in place: if it matches the database, the user is banned,
//even if the user gets another IP or is not logged in so the user ID is unknown.
//Get cookie ban settings.
$ban_cookie = '';
$banned_id = isset($HTTP_COOKIE_VARS[$board_config['cookie_name'].'_banned_id']) ? $HTTP_COOKIE_VARS[$board_config['cookie_name'].'_banned_id'] : '';
$banned_ip = isset($HTTP_COOKIE_VARS[$board_config['cookie_name'].'_banned_ip']) ? $HTTP_COOKIE_VARS[$board_config['cookie_name'].'_banned_ip'] : '';
//Yes, cookie ban settings were there. See if they match the database.
//If not, delete cookie.
if ($banned_ip || $banned_id)
{
$sql = "SELECT *
FROM " . BANLIST_TABLE . "
WHERE ";
$sql .= ($banned_ip) ? " ban_ip = '" . $banned_ip . "'" : '';
$sql .= ($banned_id) ? ($banned_ip ? ' OR ' : '') . ' ban_userid = ' . $banned_id : '';
if ( !($result = $db->sql_query($sql)) )
{
message_die(CRITICAL_ERROR, 'Could not obtain ban information', '', __LINE__, __FILE__, $sql);
}
if ( $ban_info = $db->sql_fetchrow($result) )
{
$ban_cookie = ( $ban_info['ban_ip'] || $ban_info['ban_userid'] && ((isset ($ban_info['ban_expire_time']) && $ban_info['ban_expire_time'] >= time ()) || !isset ($ban_info['ban_expire_time'])) );
}
//There was a cookie but no match in the database, so the ban is lifted:
//delete the cookie by setting the expiry time 1 hour ago
if (! $ban_cookie)
{
if ($banned_ip) setcookie($board_config['cookie_name'].'_banned_ip',$banned_ip, time()-3600);
if ($banned_id) setcookie($board_config['cookie_name'].'_banned_id',$banned_id, time()-3600);
}
}
//Have $ban_cookie, if not empty, the user is banned via a cookie.
//If empty, then there was no cookie, or there was no LONGER a database match so the cookie was deleted
//Check if there is database ban info - this is roughly the original ban code
$ban_database = '';
$sql = "SELECT *
FROM " . BANLIST_TABLE . "
WHERE ban_ip IN ('" . $user_ip_parts[1] . $user_ip_parts[2] . $user_ip_parts[3] . $user_ip_parts[4] . "', '" . $user_ip_parts[1] . $user_ip_parts[2] . $user_ip_parts[3] . "ff', '" . $user_ip_parts[1] . $user_ip_parts[2] . "ffff', '" . $user_ip_parts[1] . "ffffff')
OR ban_userid = $user_id";
if ( $user_id != ANONYMOUS )
{
$sql .= " OR ban_email LIKE '" . str_replace("\'", "''", $userdata['user_email']) . "'
OR ban_email LIKE '" . substr(str_replace("\'", "''", $userdata['user_email']), strpos(str_replace("\'", "''", $userdata['user_email']), "@")) . "'";
}
if ( !($result = $db->sql_query($sql)) )
{
message_die(CRITICAL_ERROR, 'Could not obtain ban information', '', __LINE__, __FILE__, $sql);
}
if ( $ban_info = $db->sql_fetchrow($result) )
{
$ban_database = ( $ban_info['ban_ip'] || $ban_info['ban_userid'] || $ban_info['ban_email'] && ((isset ($ban_info['ban_expire_time']) && $ban_info['ban_expire_time'] >= time ()) || !isset ($ban_info['ban_expire_time'])) );
//Fill these variables from database if not filled from cookie yet
if (! $banned_ip) $banned_ip = $ban_info['ban_ip'];
if (! $banned_id) $banned_id = $ban_info['ban_userid'];
}
//User is banned in some way?
if ($ban_cookie || $ban_database)
{
//Set the ban_cookie, time it for 1 year. The time restarts every time the user comes here
if ($banned_ip) setcookie($board_config['cookie_name'].'_banned_ip',$banned_ip, time()+365*24*3600);
if ($banned_id) setcookie($board_config['cookie_name'].'_banned_id',$banned_id, time()+365*24*3600);
//Close the forum to this person
if ($ban_info['ban_pub_reason_mode'] == '0' || !isset ($ban_info['ban_pub_reason_mode'])) {
$reason = 'You_been_banned';
} else if ($ban_info['ban_pub_reason_mode'] == '1') {
$reason = str_replace ("\n", '<br />', stripslashes ($ban_info['ban_priv_reason']));
} else if ($ban_info['ban_pub_reason_mode'] == '2') {
$reason = str_replace ("\n", '<br />', stripslashes ($ban_info['ban_pub_reason']));
}
message_die(CRITICAL_MESSAGE, $reason);
}
//END MOD Ban_cookie