includes/sessions.php
changeset 322 5f1cd51bf1be
parent 320 112debff64bd
child 326 ab66d6d1f1f4
child 338 915d399dfdbf
equal deleted inserted replaced
320:112debff64bd 322:5f1cd51bf1be
  1376       }
  1376       }
  1377       else if ( ENANO_DBLAYER == 'PGSQL' )
  1377       else if ( ENANO_DBLAYER == 'PGSQL' )
  1378       {
  1378       {
  1379         $sql = "SELECT $col_reason, ban_value, ban_type, is_regex FROM " . table_prefix . "banlist WHERE \n"
  1379         $sql = "SELECT $col_reason, ban_value, ban_type, is_regex FROM " . table_prefix . "banlist WHERE \n"
  1380               . "    ( ban_type = " . BAN_IP    . " AND is_regex = 0 ) OR \n"
  1380               . "    ( ban_type = " . BAN_IP    . " AND is_regex = 0 ) OR \n"
  1381               . "    ( ban_type = " . BAN_IP    . " AND is_regex = 1 AND '{$_SERVER['REMOTE_ADDR']}' LIKE ban_value ) OR \n"
  1381               . "    ( ban_type = " . BAN_IP    . " AND is_regex = 1 AND '{$_SERVER['REMOTE_ADDR']}' ~ ban_value ) OR \n"
  1382               . "    ( ban_type = " . BAN_USER  . " AND is_regex = 0 AND ban_value = '{$this->username}' ) OR \n"
  1382               . "    ( ban_type = " . BAN_USER  . " AND is_regex = 0 AND ban_value = '{$this->username}' ) OR \n"
  1383               . "    ( ban_type = " . BAN_USER  . " AND is_regex = 1 AND '{$this->username}' LIKE ban_value ) OR \n"
  1383               . "    ( ban_type = " . BAN_USER  . " AND is_regex = 1 AND '{$this->username}' ~ ban_value ) OR \n"
  1384               . "    ( ban_type = " . BAN_EMAIL . " AND is_regex = 0 AND ban_value = '{$this->email}' ) OR \n"
  1384               . "    ( ban_type = " . BAN_EMAIL . " AND is_regex = 0 AND ban_value = '{$this->email}' ) OR \n"
  1385               . "    ( ban_type = " . BAN_EMAIL . " AND is_regex = 1 AND '{$this->email}' LIKE ban_value ) \n"
  1385               . "    ( ban_type = " . BAN_EMAIL . " AND is_regex = 1 AND '{$this->email}' ~ ban_value ) \n"
  1386               . "  ORDER BY ban_type ASC;";
  1386               . "  ORDER BY ban_type ASC;";
  1387       }
  1387       }
  1388       $q = $this->sql($sql);
  1388       $q = $this->sql($sql);
  1389       if ( $db->numrows() > 0 )
  1389       if ( $db->numrows() > 0 )
  1390       {
  1390       {
  1424       }
  1424       }
  1425       else if ( ENANO_DBLAYER == 'PGSQL' )
  1425       else if ( ENANO_DBLAYER == 'PGSQL' )
  1426       {
  1426       {
  1427         $sql = "SELECT $col_reason, ban_value, ban_type, is_regex FROM " . table_prefix . "banlist WHERE
  1427         $sql = "SELECT $col_reason, ban_value, ban_type, is_regex FROM " . table_prefix . "banlist WHERE
  1428                   ( ban_type = " . BAN_IP    . " AND is_regex = 0 ) OR
  1428                   ( ban_type = " . BAN_IP    . " AND is_regex = 0 ) OR
  1429                   ( ban_type = " . BAN_IP    . " AND is_regex = 1 AND '{$_SERVER['REMOTE_ADDR']}' LIKE ban_value )
  1429                   ( ban_type = " . BAN_IP    . " AND is_regex = 1 AND '{$_SERVER['REMOTE_ADDR']}' ~ ban_value )
  1430                 ORDER BY ban_type ASC;";
  1430                 ORDER BY ban_type ASC;";
  1431       }
  1431       }
  1432       $q = $this->sql($sql);
  1432       $q = $this->sql($sql);
  1433       if ( $db->numrows() > 0 )
  1433       if ( $db->numrows() > 0 )
  1434       {
  1434       {
  2272         unset($this->perms[$i]);
  2272         unset($this->perms[$i]);
  2273       }
  2273       }
  2274     }
  2274     }
  2275     
  2275     
  2276     // PAGE group info
  2276     // PAGE group info
  2277     $pg_list = $paths->get_page_groups($paths->cpage['urlname_nons'], $paths->namespace);
  2277     $pg_list = $paths->get_page_groups($paths->page_id, $paths->namespace);
  2278     $pg_info = '';
  2278     $pg_info = '';
  2279     foreach ( $pg_list as $g_id )
  2279     foreach ( $pg_list as $g_id )
  2280     {
  2280     {
  2281       $pg_info .= ' ( page_id=\'' . $g_id . '\' AND namespace=\'__PageGroup\' ) OR';
  2281       $pg_info .= ' ( page_id=\'' . $g_id . '\' AND namespace=\'__PageGroup\' ) OR';
  2282     }
  2282     }
  2292         $q[] = '( target_type='.ACL_TYPE_GROUP.' AND target_id='.intval($g_id).' )';
  2292         $q[] = '( target_type='.ACL_TYPE_GROUP.' AND target_id='.intval($g_id).' )';
  2293       }
  2293       }
  2294     }
  2294     }
  2295     // The reason we're using an ORDER BY statement here is because ACL_TYPE_GROUP is less than ACL_TYPE_USER, causing the user's individual
  2295     // The reason we're using an ORDER BY statement here is because ACL_TYPE_GROUP is less than ACL_TYPE_USER, causing the user's individual
  2296     // permissions to override group permissions.
  2296     // permissions to override group permissions.
  2297     $bs .= implode(" OR\n    ", $q) . " )\n  AND (" . $pg_info . ' ( page_id=\''.$db->escape($paths->cpage['urlname_nons']).'\' AND namespace=\''.$db->escape($paths->namespace).'\' ) )     
  2297     $bs .= implode(" OR\n    ", $q) . " )\n  AND (" . $pg_info . ' ( page_id=\''.$db->escape($paths->page_id).'\' AND namespace=\''.$db->escape($paths->namespace).'\' ) )     
  2298       ORDER BY target_type ASC, page_id ASC, namespace ASC;';
  2298       ORDER BY target_type ASC, page_id ASC, namespace ASC;';
  2299     $q = $this->sql($bs);
  2299     $q = $this->sql($bs);
  2300     if ( $row = $db->fetchrow() )
  2300     if ( $row = $db->fetchrow() )
  2301     {
  2301     {
  2302       do {
  2302       do {