-
-
Notifications
You must be signed in to change notification settings - Fork 16
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
(phpbb) banned users can login / change pages #22
Comments
Correct it doesn't, it only checks whether the user is active or not, and whether the user is in the proper group. We wouldn't be able to change it so banned users can't view the wiki, and it might be hard to check for banned emails/IPs, but we could probably make it check for banned users. |
The banned users table (banlist) can be checked by user ID (ban_userid - indexed as ban_user:ban_userid + ban_exclude), email (ban_email), or IP (ban_ip). Need to consider users.user_id, users.user_email, banlist.ban_userid, banlist.ban_email, and banlist.ban_ip in the SELECT, given $username in getCanonicalName(). $username will be IP for anonymous users. IP can be wildcarded in banlist.ban_ip, so a little more effort there. |
phpbb/session.php has a method check_ban, we should probably just use that method. |
idk how to check the banned state but it seems the plugin doesn't check ban state of a user in phpbb.
The text was updated successfully, but these errors were encountered: