(phpbb) banned users can login / change pages #22
Comments
abma
changed the title
|
Correct it doesn't, it only checks whether the user is active or not, and whether the user is in the proper group. We wouldn't be able to change it so banned users can't view the wiki, and it might be hard to check for banned emails/IPs, but we could probably make it check for banned users. |
|
The banned users table (banlist) can be checked by user ID (ban_userid - indexed as ban_user:ban_userid + ban_exclude), email (ban_email), or IP (ban_ip). Need to consider users.user_id, users.user_email, banlist.ban_userid, banlist.ban_email, and banlist.ban_ip in the SELECT, given $username in getCanonicalName(). $username will be IP for anonymous users. IP can be wildcarded in banlist.ban_ip, so a little more effort there. |
|
phpbb/session.php has a method check_ban, we should probably just use that method. |
idk how to check the banned state but it seems the plugin doesn't check ban state of a user in phpbb.
The text was updated successfully, but these errors were encountered: