Code Coverage |
||||||||||
Lines |
Functions and Methods |
Classes and Traits |
||||||||
| Total | |
100.00% |
76 / 76 |
|
100.00% |
10 / 10 |
CRAP | |
100.00% |
1 / 1 |
| base | |
100.00% |
76 / 76 |
|
100.00% |
10 / 10 |
22 | |
100.00% |
1 / 1 |
| __construct | |
100.00% |
5 / 5 |
|
100.00% |
1 / 1 |
1 | |||
| set_user | |
100.00% |
1 / 1 |
|
100.00% |
1 / 1 |
1 | |||
| after_ban | |
100.00% |
1 / 1 |
|
100.00% |
1 / 1 |
1 | |||
| after_unban | |
100.00% |
1 / 1 |
|
100.00% |
1 / 1 |
1 | |||
| check | |
100.00% |
1 / 1 |
|
100.00% |
1 / 1 |
1 | |||
| tidy | |
100.00% |
1 / 1 |
|
100.00% |
1 / 1 |
1 | |||
| get_banned_users | |
100.00% |
1 / 1 |
|
100.00% |
1 / 1 |
1 | |||
| get_ban_options | |
100.00% |
9 / 9 |
|
100.00% |
1 / 1 |
1 | |||
| get_excluded | |
100.00% |
14 / 14 |
|
100.00% |
1 / 1 |
4 | |||
| logout_affected_users | |
100.00% |
42 / 42 |
|
100.00% |
1 / 1 |
10 | |||
| 1 | <?php |
| 2 | /** |
| 3 | * |
| 4 | * This file is part of the phpBB Forum Software package. |
| 5 | * |
| 6 | * @copyright (c) phpBB Limited <https://www.phpbb.com> |
| 7 | * @license GNU General Public License, version 2 (GPL-2.0) |
| 8 | * |
| 9 | * For full copyright and license information, please see |
| 10 | * the docs/CREDITS.txt file. |
| 11 | * |
| 12 | */ |
| 13 | |
| 14 | namespace phpbb\ban\type; |
| 15 | |
| 16 | use phpbb\db\driver\driver_interface; |
| 17 | |
| 18 | abstract class base implements type_interface |
| 19 | { |
| 20 | /** @var driver_interface */ |
| 21 | protected $db; |
| 22 | |
| 23 | /** @var array */ |
| 24 | protected $excluded; |
| 25 | |
| 26 | /** @var string */ |
| 27 | protected $bans_table; |
| 28 | |
| 29 | /** @var string */ |
| 30 | protected $sessions_keys_table; |
| 31 | |
| 32 | /** @var string */ |
| 33 | protected $sessions_table; |
| 34 | |
| 35 | /** @var \phpbb\user */ |
| 36 | protected $user; |
| 37 | |
| 38 | /** @var string */ |
| 39 | protected $users_table; |
| 40 | |
| 41 | /** |
| 42 | * Creates a ban type. |
| 43 | * |
| 44 | * @param driver_interface $db A phpBB DBAL object |
| 45 | * @param string $bans_table The bans table |
| 46 | * @param string $users_table The users table |
| 47 | * @param string $sessions_table The sessions table |
| 48 | * @param string $sessions_keys_table The sessions keys table |
| 49 | */ |
| 50 | public function __construct(driver_interface $db, string $bans_table, string $users_table, string $sessions_table, string $sessions_keys_table) |
| 51 | { |
| 52 | $this->db = $db; |
| 53 | $this->bans_table = $bans_table; |
| 54 | $this->users_table = $users_table; |
| 55 | $this->sessions_table = $sessions_table; |
| 56 | $this->sessions_keys_table = $sessions_keys_table; |
| 57 | } |
| 58 | |
| 59 | /** |
| 60 | * {@inheritDoc} |
| 61 | */ |
| 62 | public function set_user(\phpbb\user $user): void |
| 63 | { |
| 64 | $this->user = $user; |
| 65 | } |
| 66 | |
| 67 | /** |
| 68 | * {@inheritDoc} |
| 69 | */ |
| 70 | public function after_ban(array $data): array |
| 71 | { |
| 72 | return $this->logout_affected_users($data['items']); |
| 73 | } |
| 74 | |
| 75 | /** |
| 76 | * {@inheritDoc} |
| 77 | */ |
| 78 | public function after_unban(array $data): array |
| 79 | { |
| 80 | return []; |
| 81 | } |
| 82 | |
| 83 | /** |
| 84 | * {@inheritDoc} |
| 85 | */ |
| 86 | public function check(array $ban_rows, array $user_data) |
| 87 | { |
| 88 | return false; |
| 89 | } |
| 90 | |
| 91 | /** |
| 92 | * {@inheritDoc} |
| 93 | */ |
| 94 | public function tidy(): void |
| 95 | { |
| 96 | } |
| 97 | |
| 98 | /** |
| 99 | * {@inheritDoc} |
| 100 | */ |
| 101 | public function get_banned_users(): array |
| 102 | { |
| 103 | return []; |
| 104 | } |
| 105 | |
| 106 | /** |
| 107 | * {@inheritDoc} |
| 108 | */ |
| 109 | public function get_ban_options(): array |
| 110 | { |
| 111 | $sql = 'SELECT * |
| 112 | FROM ' . $this->bans_table . ' |
| 113 | WHERE (ban_end >= ' . time() . " |
| 114 | OR ban_end = 0) |
| 115 | AND ban_mode = '{$this->db->sql_escape($this->get_type())}' |
| 116 | ORDER BY ban_item"; |
| 117 | $result = $this->db->sql_query($sql); |
| 118 | $rowset = $this->db->sql_fetchrowset($result); |
| 119 | $this->db->sql_freeresult($result); |
| 120 | |
| 121 | return $rowset; |
| 122 | } |
| 123 | |
| 124 | /** |
| 125 | * Queries users that are excluded from banning (like founders) |
| 126 | * from the database and saves them in $this->excluded array. |
| 127 | * Returns true on success and false on failure |
| 128 | * |
| 129 | * @return bool |
| 130 | */ |
| 131 | protected function get_excluded(): bool |
| 132 | { |
| 133 | $user_column = $this->get_user_column(); |
| 134 | if (empty($user_column)) |
| 135 | { |
| 136 | return false; |
| 137 | } |
| 138 | |
| 139 | $this->excluded = []; |
| 140 | |
| 141 | if (!empty($this->user)) |
| 142 | { |
| 143 | $this->excluded[$this->user->id()] = $this->user->data[$user_column]; |
| 144 | } |
| 145 | |
| 146 | $sql = "SELECT user_id, {$this->db->sql_escape($user_column)} |
| 147 | FROM {$this->users_table} |
| 148 | WHERE user_type = " . USER_FOUNDER; |
| 149 | $result = $this->db->sql_query($sql); |
| 150 | |
| 151 | while ($row = $this->db->sql_fetchrow($result)) |
| 152 | { |
| 153 | $this->excluded[(int) $row['user_id']] = $row[$user_column]; |
| 154 | } |
| 155 | $this->db->sql_freeresult($result); |
| 156 | |
| 157 | return true; |
| 158 | } |
| 159 | |
| 160 | /** |
| 161 | * Logs out all affected users in the given array. The values |
| 162 | * have to match the values of the column returned by get_user_column(). |
| 163 | * Returns all banned users. |
| 164 | * |
| 165 | * @param array $ban_items |
| 166 | * |
| 167 | * @return array Logged out users |
| 168 | */ |
| 169 | protected function logout_affected_users(array $ban_items): array |
| 170 | { |
| 171 | $user_column = $this->get_user_column(); |
| 172 | |
| 173 | if (empty($user_column)) |
| 174 | { |
| 175 | return []; |
| 176 | } |
| 177 | |
| 178 | if ($user_column !== 'user_id') |
| 179 | { |
| 180 | $ban_items_sql = []; |
| 181 | $ban_like_items = []; |
| 182 | foreach ($ban_items as $ban_item) |
| 183 | { |
| 184 | if (stripos($ban_item, '*') === false) |
| 185 | { |
| 186 | $ban_items_sql[] = $ban_item; |
| 187 | } |
| 188 | else |
| 189 | { |
| 190 | $ban_like_items[] = [$user_column, 'LIKE', str_replace('*', $this->db->get_any_char(), $ban_item)]; |
| 191 | } |
| 192 | } |
| 193 | |
| 194 | $sql_array = [ |
| 195 | 'SELECT' => 'user_id', |
| 196 | 'FROM' => [ |
| 197 | $this->users_table => '', |
| 198 | ], |
| 199 | 'WHERE' => ['AND', |
| 200 | [ |
| 201 | ['OR', |
| 202 | array_merge([ |
| 203 | [$user_column, 'IN', $ban_items_sql] |
| 204 | ], $ban_like_items), |
| 205 | ], |
| 206 | ['user_id', 'NOT_IN', array_map('intval', array_keys($this->excluded))], |
| 207 | ], |
| 208 | ], |
| 209 | ]; |
| 210 | $sql = $this->db->sql_build_query('SELECT', $sql_array); |
| 211 | $result = $this->db->sql_query($sql); |
| 212 | |
| 213 | $user_ids = []; |
| 214 | while ($row = $this->db->sql_fetchrow($result)) |
| 215 | { |
| 216 | $user_ids[] = (int) $row['user_id']; |
| 217 | } |
| 218 | $this->db->sql_freeresult($result); |
| 219 | } |
| 220 | else |
| 221 | { |
| 222 | $user_ids = array_map('intval', $ban_items); |
| 223 | } |
| 224 | |
| 225 | if (!empty($user_ids) && !empty($this->sessions_table)) |
| 226 | { |
| 227 | $sql = 'DELETE FROM ' . $this->sessions_table . ' |
| 228 | WHERE ' . $this->db->sql_in_set('session_user_id', $user_ids); |
| 229 | $this->db->sql_query($sql); |
| 230 | } |
| 231 | if (!empty($user_ids) && !empty($this->sessions_keys_table)) |
| 232 | { |
| 233 | $sql = 'DELETE FROM ' . $this->sessions_keys_table . ' |
| 234 | WHERE ' . $this->db->sql_in_set('user_id', $user_ids); |
| 235 | $this->db->sql_query($sql); |
| 236 | } |
| 237 | |
| 238 | return $user_ids; |
| 239 | } |
| 240 | } |