0chan
/
instant-0chan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

User validation (manual with db at this point)

This commit is contained in:
0chan 2023-02-09 19:16:40 +06:00
parent 9dc40eb62a
commit 19e270b111
3 changed files with 30 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
UTIL/upgrade_to_staff_validation.sql Normal file
View File

@ -0,0 +1,2 @@
ALTER TABLE `staff`
ADD COLUMN `validated` INTEGER NOT NULL DEFAULT 0;

1
config.php
View File

@ -130,6 +130,7 @@ if (!$cache_loaded) {
} }
$cf['I0_DISABLE_APNG'] = false; // Disable APNG upload if you don't want anyone to abuse CSAM $cf['I0_DISABLE_APNG'] = false; // Disable APNG upload if you don't want anyone to abuse CSAM
$cf['I0_DISABLE_THREAD_LIMIT'] = false; //Do not delete old posts, essentially an anti-wipe feature $cf['I0_DISABLE_THREAD_LIMIT'] = false; //Do not delete old posts, essentially an anti-wipe feature
$cf['I0_20_STAFF_VALIDATION'] = false; //Set true if you want to prevent unvalidated users from creating 2.0 boards (run upgrade_to_staff_validation.sql)
// --------------------------------------- CSS styles --------------------------------------- // --------------------------------------- CSS styles ---------------------------------------

28
inc/classes/manage.class.php
View File

@ -223,15 +223,41 @@ class Manage {
if ($this->CurrentUserIsAdministrator()) { if ($this->CurrentUserIsAdministrator()) {
return true; return true;
} else { } else {
$results = $tc_db->GetAll("SELECT HIGH_PRIORITY `type` FROM `" . KU_DBPREFIX . "staff` WHERE `username` = '" . $_SESSION['manageusername'] . "' AND `password` = '" . $_SESSION['managepassword'] . "' LIMIT 1"); $results = $tc_db->GetAll("SELECT HIGH_PRIORITY `type`, `validated` FROM `" . KU_DBPREFIX . "staff` WHERE `username` = '" . $_SESSION['manageusername'] . "' AND `password` = '" . $_SESSION['managepassword'] . "' LIMIT 1");
foreach ($results as $line) { foreach ($results as $line) {
if ($line['type'] != 3) { if ($line['type'] != 3) {
exitWithErrorPage(_gettext('That page is for custom board owners only.')); exitWithErrorPage(_gettext('That page is for custom board owners only.'));
} }
if (I0_20_STAFF_VALIDATION && $line['validated'] != 1) {
exitWithErrorPage(_gettext('Only validated users are allowed to create 2.0 boards. Please wait or go whine to /0/ board'));
}
} }
} }
} }
function CurrentUserIsValidated()
{
global $tc_db, $tpl_page;
if ($_SESSION['manageusername'] == '' || $_SESSION['managepassword'] == '' || $_SESSION['token'] == '') {
$_SESSION['manageusername'] = '';
$_SESSION['managepassword'] = '';
$_SESSION['token'] = '';
return false;
}
$results = $tc_db->GetAll("SELECT HIGH_PRIORITY `validated` FROM `" . KU_DBPREFIX . "staff` WHERE `username` = '" . $_SESSION['manageusername'] . "' AND `password` = '" . $_SESSION['managepassword'] . "' LIMIT 1");
foreach ($results as $line) {
if ($line['type'] == 1) {
return true;
} else {
return false;
}
}
/* If the function reaches this point, something is fishy. Kill their session */
session_destroy();
exitWithErrorPage(_gettext('Invalid session, please log in again.'));
}
/* See if the user logged in is an admin */ /* See if the user logged in is an admin */
function CurrentUserIsAdministrator() { function CurrentUserIsAdministrator() {
global $tc_db, $tpl_page; global $tc_db, $tpl_page;