From c8f30550af861b95a1f475069ad8d10960a613b2 Mon Sep 17 00:00:00 2001 From: Michael Foster Date: Tue, 16 Jul 2013 06:33:37 -0400 Subject: [PATCH] $config['require_ban_view']: Force users to view the "You are banned" page at least once before letting a ban disappear naturally. --- inc/config.php | 3 +++ inc/functions.php | 18 ++++++++++++++---- inc/mod/ban.php | 2 +- install.php | 4 +++- install.sql | 1 + templates/banned.html | 16 +++++++++++++--- 6 files changed, 35 insertions(+), 9 deletions(-) diff --git a/inc/config.php b/inc/config.php index ed4a31f1..b7f6d220 100644 --- a/inc/config.php +++ b/inc/config.php @@ -366,6 +366,9 @@ // When true, a blank password will be used for files (not usable for deletion). $config['field_disable_password'] = false; + // Require users to see the ban page at least once for a ban even if it has since expired? + $config['require_ban_view'] = false; + /* * ==================== * Markup settings diff --git a/inc/functions.php b/inc/functions.php index 4b0e56d8..8d6e0a2d 100644 --- a/inc/functions.php +++ b/inc/functions.php @@ -579,6 +579,12 @@ function ago($timestamp) { function displayBan($ban) { global $config; + if (!$ban['seen']) { + $query = prepare("UPDATE `bans` SET `seen` = 1 WHERE `id` = :id"); + $query->bindValue(':id', $ban['id'], PDO::PARAM_INT); + $query->execute() or error(db_error($query)); + } + $ban['ip'] = $_SERVER['REMOTE_ADDR']; // Show banned page and exit @@ -605,12 +611,12 @@ function checkBan($board = 0) { if (event('check-ban', $board)) return true; - $query = prepare("SELECT `set`, `expires`, `reason`, `board`, `bans`.`id` FROM `bans` WHERE (`board` IS NULL OR `board` = :board) AND `ip` = :ip ORDER BY `expires` IS NULL DESC, `expires` DESC, `expires` DESC LIMIT 1"); + $query = prepare("SELECT `set`, `expires`, `reason`, `board`, `seen`, `bans`.`id` FROM `bans` WHERE (`board` IS NULL OR `board` = :board) AND `ip` = :ip ORDER BY `expires` IS NULL DESC, `expires` DESC, `expires` DESC LIMIT 1"); $query->bindValue(':ip', $_SERVER['REMOTE_ADDR']); $query->bindValue(':board', $board); $query->execute() or error(db_error($query)); if ($query->rowCount() < 1 && $config['ban_range']) { - $query = prepare("SELECT `set`, `expires`, `reason`, `board`, `bans`.`id` FROM `bans` WHERE (`board` IS NULL OR `board` = :board) AND :ip LIKE REPLACE(REPLACE(`ip`, '%', '!%'), '*', '%') ESCAPE '!' ORDER BY `expires` IS NULL DESC, `expires` DESC LIMIT 1"); + $query = prepare("SELECT `set`, `expires`, `reason`, `board`, `seen`, `bans`.`id` FROM `bans` WHERE (`board` IS NULL OR `board` = :board) AND :ip LIKE REPLACE(REPLACE(`ip`, '%', '!%'), '*', '%') ESCAPE '!' ORDER BY `expires` IS NULL DESC, `expires` DESC LIMIT 1"); $query->bindValue(':ip', $_SERVER['REMOTE_ADDR']); $query->bindValue(':board', $board); $query->execute() or error(db_error($query)); @@ -618,7 +624,7 @@ function checkBan($board = 0) { if ($query->rowCount() < 1 && $config['ban_cidr'] && !isIPv6()) { // my most insane SQL query yet - $query = prepare("SELECT `set`, `expires`, `reason`, `board`, `bans`.`id` FROM `bans` WHERE (`board` IS NULL OR `board` = :board) + $query = prepare("SELECT `set`, `expires`, `reason`, `board`, `seen`, `bans`.`id` FROM `bans` WHERE (`board` IS NULL OR `board` = :board) AND ( `ip` REGEXP '^(\[0-9]+\.\[0-9]+\.\[0-9]+\.\[0-9]+\)\/(\[0-9]+)$' AND @@ -635,10 +641,14 @@ function checkBan($board = 0) { if ($ban = $query->fetch()) { if ($ban['expires'] && $ban['expires'] < time()) { // Ban expired - $query = prepare("DELETE FROM `bans` WHERE `id` = :id LIMIT 1"); + $query = prepare("DELETE FROM `bans` WHERE `id` = :id"); $query->bindValue(':id', $ban['id'], PDO::PARAM_INT); $query->execute() or error(db_error($query)); + if ($config['require_ban_view'] && !$ban['seen']) { + displayBan($ban); + } + return; } diff --git a/inc/mod/ban.php b/inc/mod/ban.php index 30234157..cfc2636f 100644 --- a/inc/mod/ban.php +++ b/inc/mod/ban.php @@ -56,7 +56,7 @@ function parse_time($str) { function ban($mask, $reason, $length, $board) { global $mod, $pdo; - $query = prepare("INSERT INTO `bans` VALUES (NULL, :ip, :mod, :time, :expires, :reason, :board)"); + $query = prepare("INSERT INTO `bans` VALUES (NULL, :ip, :mod, :time, :expires, :reason, :board, 0)"); $query->bindValue(':ip', $mask); $query->bindValue(':mod', $mod['id']); $query->bindValue(':time', time()); diff --git a/install.php b/install.php index 1447c723..71d1c910 100644 --- a/install.php +++ b/install.php @@ -1,7 +1,7 @@ -

{% trans %}You are banned! ;_;{% endtrans %}

+ {% if ban.expires and time() >= ban.expires %} +

{% trans %}You were banned! ;_;{% endtrans %}

+ {% else %} +

{% trans %}You are banned! ;_;{% endtrans %}

+ {% endif %}

- {% trans %}You have been banned from{% endtrans %} + {% if ban.expires and time() >= ban.expires %} + {% trans %}You were banned from{% endtrans %} + {% else %} + {% trans %}You have been banned from{% endtrans %} + {% endif %} {% if ban.board %} {{ config.board_abbreviation|sprintf(ban.board) }} {% else %} @@ -23,7 +31,9 @@

{% trans %}Your ban was filed on{% endtrans %} {{ ban.set|date(config.ban_date) }} {% trans %}and{% endtrans %} - {% if ban.expires %} + {% if ban.expires and time() >= ban.expires %} + {% trans %} has since expired. Refresh the page to continue.{% endtrans %} + {% elseif ban.expires %} {% trans %}expires{% endtrans %} {{ ban.expires|until }} {% trans %}from now, which is on{% endtrans %} {{ ban.expires|date(config.ban_date) }}