- Patch #3962 by deekayen: improved error message when a blocked user attempts to login.
Dries Buytaert
parent
e550f84162
commit
4c77761efb
|
|
@ -781,9 +781,8 @@ function drupal_get_messages() {
|
|||
|
||||
/**
|
||||
* Perform an access check for a given mask and rule type. Rules are usually created via admin/access/rules page.
|
||||
*
|
||||
*/
|
||||
function drupal_deny($type, $mask) {
|
||||
function drupal_is_denied($type, $mask) {
|
||||
$allow = db_fetch_object(db_query("SELECT * FROM {access} WHERE status = 1 AND type = '%s' AND LOWER('%s') LIKE LOWER(mask)", $type, $mask));
|
||||
$deny = db_fetch_object(db_query("SELECT * FROM {access} WHERE status = 0 AND type = '%s' AND LOWER('%s') LIKE LOWER(mask)", $type, $mask));
|
||||
|
||||
|
|
@ -801,7 +800,7 @@ include_once "$config/settings.php";
|
|||
include_once 'includes/database.inc';
|
||||
|
||||
// deny access to hosts which were banned. t() is not yet available.
|
||||
if (drupal_deny('host', $_SERVER['REMOTE_ADDR'])) {
|
||||
if (drupal_is_denied('host', $_SERVER['REMOTE_ADDR'])) {
|
||||
header('HTTP/1.0 403 Forbidden');
|
||||
print "Sorry, ". $_SERVER['REMOTE_ADDR']. " has been banned.";
|
||||
exit();
|
||||
|
|
|
|||
|
|
@ -338,6 +338,18 @@ function user_access($string, $account = NULL) {
|
|||
return FALSE;
|
||||
}
|
||||
|
||||
/**
|
||||
* Checks for usernames blocked by user administration
|
||||
*
|
||||
* @return boolean true for blocked users, false for active
|
||||
*/
|
||||
function user_is_blocked($name) {
|
||||
$allow = db_fetch_object(db_query("SELECT * FROM {users} WHERE status = 1 AND name = LOWER('%s')", $name));
|
||||
$deny = db_fetch_object(db_query("SELECT * FROM {users} WHERE status = 0 AND name = LOWER('%s')", $name));
|
||||
|
||||
return $deny && !$allow;
|
||||
}
|
||||
|
||||
/**
|
||||
* Send an e-mail message.
|
||||
*/
|
||||
|
|
@ -798,8 +810,13 @@ function user_login($edit = array(), $msg = '') {
|
|||
drupal_goto('user');
|
||||
}
|
||||
|
||||
if (drupal_deny('user', $edit['name'])) {
|
||||
$error = t('The name %s has been denied access.', array('%s' => theme('placeholder', $edit['name'])));
|
||||
if (user_is_blocked($edit['name'])) {
|
||||
// blocked in user administration
|
||||
$error = t('The username %name has been blocked.', array('%name' => theme('placeholder', $edit['name'])));
|
||||
}
|
||||
else if (drupal_is_denied('user', $edit['name'])) {
|
||||
// denied by access controls
|
||||
$error = t('The name %name is a reserved username.', array('%name' => theme('placeholder', $edit['name'])));
|
||||
}
|
||||
else if ($edit['name'] && $edit['pass']) {
|
||||
|
||||
|
|
@ -1116,7 +1133,7 @@ function user_edit_validate($uid, &$edit) {
|
|||
else if (db_num_rows(db_query("SELECT uid FROM {users} WHERE uid != %d AND LOWER(name) = LOWER('%s')", $uid, $edit['name'])) > 0) {
|
||||
form_set_error('name', t('The name %name is already taken.', array('%name' => theme('placeholder', $edit['name']))));
|
||||
}
|
||||
else if (drupal_deny('user', $edit['name'])) {
|
||||
else if (drupal_is_denied('user', $edit['name'])) {
|
||||
form_set_error('name', t('The name %name has been denied access.', array('%name' => theme('placeholder', $edit['name']))));
|
||||
}
|
||||
|
||||
|
|
@ -1127,7 +1144,7 @@ function user_edit_validate($uid, &$edit) {
|
|||
else if (db_num_rows(db_query("SELECT uid FROM {users} WHERE uid != %d AND LOWER(mail) = LOWER('%s')", $uid, $edit['mail'])) > 0) {
|
||||
form_set_error('mail', t('The e-mail address %email is already taken.', array('%email' => theme('placeholder', $edit['mail']))));
|
||||
}
|
||||
else if (drupal_deny('mail', $edit['mail'])) {
|
||||
else if (drupal_is_denied('mail', $edit['mail'])) {
|
||||
form_set_error('mail', t('The e-mail address %email has been denied access.', array('%email' => theme('placeholder', $edit['mail']))));
|
||||
}
|
||||
|
||||
|
|
@ -1384,7 +1401,7 @@ function user_admin_access_check() {
|
|||
$edit = $_POST['edit'];
|
||||
|
||||
if ($op) {
|
||||
if (drupal_deny($edit['type'], $edit['test'])) {
|
||||
if (drupal_is_denied($edit['type'], $edit['test'])) {
|
||||
drupal_set_message(t('%test is not allowed.', array('%test' => theme('placeholder', $edit['test']))));
|
||||
}
|
||||
else {
|
||||
|
|
|
|||
|
|
@ -338,6 +338,18 @@ function user_access($string, $account = NULL) {
|
|||
return FALSE;
|
||||
}
|
||||
|
||||
/**
|
||||
* Checks for usernames blocked by user administration
|
||||
*
|
||||
* @return boolean true for blocked users, false for active
|
||||
*/
|
||||
function user_is_blocked($name) {
|
||||
$allow = db_fetch_object(db_query("SELECT * FROM {users} WHERE status = 1 AND name = LOWER('%s')", $name));
|
||||
$deny = db_fetch_object(db_query("SELECT * FROM {users} WHERE status = 0 AND name = LOWER('%s')", $name));
|
||||
|
||||
return $deny && !$allow;
|
||||
}
|
||||
|
||||
/**
|
||||
* Send an e-mail message.
|
||||
*/
|
||||
|
|
@ -798,8 +810,13 @@ function user_login($edit = array(), $msg = '') {
|
|||
drupal_goto('user');
|
||||
}
|
||||
|
||||
if (drupal_deny('user', $edit['name'])) {
|
||||
$error = t('The name %s has been denied access.', array('%s' => theme('placeholder', $edit['name'])));
|
||||
if (user_is_blocked($edit['name'])) {
|
||||
// blocked in user administration
|
||||
$error = t('The username %name has been blocked.', array('%name' => theme('placeholder', $edit['name'])));
|
||||
}
|
||||
else if (drupal_is_denied('user', $edit['name'])) {
|
||||
// denied by access controls
|
||||
$error = t('The name %name is a reserved username.', array('%name' => theme('placeholder', $edit['name'])));
|
||||
}
|
||||
else if ($edit['name'] && $edit['pass']) {
|
||||
|
||||
|
|
@ -1116,7 +1133,7 @@ function user_edit_validate($uid, &$edit) {
|
|||
else if (db_num_rows(db_query("SELECT uid FROM {users} WHERE uid != %d AND LOWER(name) = LOWER('%s')", $uid, $edit['name'])) > 0) {
|
||||
form_set_error('name', t('The name %name is already taken.', array('%name' => theme('placeholder', $edit['name']))));
|
||||
}
|
||||
else if (drupal_deny('user', $edit['name'])) {
|
||||
else if (drupal_is_denied('user', $edit['name'])) {
|
||||
form_set_error('name', t('The name %name has been denied access.', array('%name' => theme('placeholder', $edit['name']))));
|
||||
}
|
||||
|
||||
|
|
@ -1127,7 +1144,7 @@ function user_edit_validate($uid, &$edit) {
|
|||
else if (db_num_rows(db_query("SELECT uid FROM {users} WHERE uid != %d AND LOWER(mail) = LOWER('%s')", $uid, $edit['mail'])) > 0) {
|
||||
form_set_error('mail', t('The e-mail address %email is already taken.', array('%email' => theme('placeholder', $edit['mail']))));
|
||||
}
|
||||
else if (drupal_deny('mail', $edit['mail'])) {
|
||||
else if (drupal_is_denied('mail', $edit['mail'])) {
|
||||
form_set_error('mail', t('The e-mail address %email has been denied access.', array('%email' => theme('placeholder', $edit['mail']))));
|
||||
}
|
||||
|
||||
|
|
@ -1384,7 +1401,7 @@ function user_admin_access_check() {
|
|||
$edit = $_POST['edit'];
|
||||
|
||||
if ($op) {
|
||||
if (drupal_deny($edit['type'], $edit['test'])) {
|
||||
if (drupal_is_denied($edit['type'], $edit['test'])) {
|
||||
drupal_set_message(t('%test is not allowed.', array('%test' => theme('placeholder', $edit['test']))));
|
||||
}
|
||||
else {
|
||||
|
|
|
|||
Loading…
Reference in New Issue