includes/sessions.php
changeset 338 c3f8982a961c
parent 318 eec2dfd2f0a3
child 343 7e6537fd4730
equal deleted inserted replaced
337:9e6311c59ad4 338:c3f8982a961c
  1366       if ( ENANO_DBLAYER == 'MYSQL' )
  1366       if ( ENANO_DBLAYER == 'MYSQL' )
  1367       {
  1367       {
  1368         $sql = "SELECT $col_reason, ban_value, ban_type, is_regex FROM " . table_prefix . "banlist WHERE \n"
  1368         $sql = "SELECT $col_reason, ban_value, ban_type, is_regex FROM " . table_prefix . "banlist WHERE \n"
  1369               . "    ( ban_type = " . BAN_IP    . " AND is_regex = 0 ) OR \n"
  1369               . "    ( ban_type = " . BAN_IP    . " AND is_regex = 0 ) OR \n"
  1370               . "    ( ban_type = " . BAN_IP    . " AND is_regex = 1 AND '{$_SERVER['REMOTE_ADDR']}' REGEXP ban_value ) OR \n"
  1370               . "    ( ban_type = " . BAN_IP    . " AND is_regex = 1 AND '{$_SERVER['REMOTE_ADDR']}' REGEXP ban_value ) OR \n"
  1371               . "    ( ban_type = " . BAN_USER  . " AND is_regex = 0 AND ban_value = '{$this->username}' ) OR \n"
  1371               . "    ( ban_type = " . BAN_USER  . " AND is_regex = 0 AND ban_value = '" . $db->escape($this->username) . "' ) OR \n"
  1372               . "    ( ban_type = " . BAN_USER  . " AND is_regex = 1 AND '{$this->username}' REGEXP ban_value ) OR \n"
  1372               . "    ( ban_type = " . BAN_USER  . " AND is_regex = 1 AND '" . $db->escape($this->username) . "' REGEXP ban_value ) OR \n"
  1373               . "    ( ban_type = " . BAN_EMAIL . " AND is_regex = 0 AND ban_value = '{$this->email}' ) OR \n"
  1373               . "    ( ban_type = " . BAN_EMAIL . " AND is_regex = 0 AND ban_value = '" . $db->escape($this->email) . "' ) OR \n"
  1374               . "    ( ban_type = " . BAN_EMAIL . " AND is_regex = 1 AND '{$this->email}' REGEXP ban_value ) \n"
  1374               . "    ( ban_type = " . BAN_EMAIL . " AND is_regex = 1 AND '" . $db->escape($this->email) . "' REGEXP ban_value ) \n"
  1375               . "  ORDER BY ban_type ASC;";
  1375               . "  ORDER BY ban_type ASC;";
  1376       }
  1376       }
  1377       else if ( ENANO_DBLAYER == 'PGSQL' )
  1377       else if ( ENANO_DBLAYER == 'PGSQL' )
  1378       {
  1378       {
  1379         $sql = "SELECT $col_reason, ban_value, ban_type, is_regex FROM " . table_prefix . "banlist WHERE \n"
  1379         $sql = "SELECT $col_reason, ban_value, ban_type, is_regex FROM " . table_prefix . "banlist WHERE \n"
  1380               . "    ( ban_type = " . BAN_IP    . " AND is_regex = 0 ) OR \n"
  1380               . "    ( ban_type = " . BAN_IP    . " AND is_regex = 0 ) OR \n"
  1381               . "    ( ban_type = " . BAN_IP    . " AND is_regex = 1 AND '{$_SERVER['REMOTE_ADDR']}' ~ ban_value ) OR \n"
  1381               . "    ( ban_type = " . BAN_IP    . " AND is_regex = 1 AND '{$_SERVER['REMOTE_ADDR']}' ~ ban_value ) OR \n"
  1382               . "    ( ban_type = " . BAN_USER  . " AND is_regex = 0 AND ban_value = '{$this->username}' ) OR \n"
  1382               . "    ( ban_type = " . BAN_USER  . " AND is_regex = 0 AND ban_value = '" . $db->escape($this->username) . "' ) OR \n"
  1383               . "    ( ban_type = " . BAN_USER  . " AND is_regex = 1 AND '{$this->username}' ~ ban_value ) OR \n"
  1383               . "    ( ban_type = " . BAN_USER  . " AND is_regex = 1 AND '" . $db->escape($this->username) . "' ~ ban_value ) OR \n"
  1384               . "    ( ban_type = " . BAN_EMAIL . " AND is_regex = 0 AND ban_value = '{$this->email}' ) OR \n"
  1384               . "    ( ban_type = " . BAN_EMAIL . " AND is_regex = 0 AND ban_value = '" . $db->escape($this->email) . "' ) OR \n"
  1385               . "    ( ban_type = " . BAN_EMAIL . " AND is_regex = 1 AND '{$this->email}' ~ ban_value ) \n"
  1385               . "    ( ban_type = " . BAN_EMAIL . " AND is_regex = 1 AND '" . $db->escape($this->email) . "' ~ ban_value ) \n"
  1386               . "  ORDER BY ban_type ASC;";
  1386               . "  ORDER BY ban_type ASC;";
  1387       }
  1387       }
  1388       $q = $this->sql($sql);
  1388       $q = $this->sql($sql);
  1389       if ( $db->numrows() > 0 )
  1389       if ( $db->numrows() > 0 )
  1390       {
  1390       {