diff options
-rw-r--r-- | web/lib/acctfuncs.inc.php | 35 |
1 files changed, 34 insertions, 1 deletions
diff --git a/web/lib/acctfuncs.inc.php b/web/lib/acctfuncs.inc.php index 21cc6c21..aa4c70b9 100644 --- a/web/lib/acctfuncs.inc.php +++ b/web/lib/acctfuncs.inc.php @@ -93,6 +93,15 @@ function process_account_form($UTYPE,$TYPE,$A,$U="",$T="",$S="",$E="", # error check and process request for a new/modified account global $SUPPORTED_LANGS, $AUR_LOCATION; + $error = ''; + + if (is_ipbanned()) { + $error = __('Account registration has been disabled ' . + 'for your IP address, probably due ' . + 'to sustained spam attacks. Sorry for the ' . + 'inconvenience.'); + } + $dbh = DB::connect(); if(isset($_COOKIE['AURSID'])) { @@ -102,7 +111,6 @@ function process_account_form($UTYPE,$TYPE,$A,$U="",$T="",$S="",$E="", $editor_user = null; } - $error = ""; if (empty($E) || empty($U)) { $error = __("Missing a required field."); } @@ -400,6 +408,13 @@ function try_login() { $userID = null; if ( isset($_REQUEST['user']) || isset($_REQUEST['passwd']) ) { + if (is_ipbanned()) { + $login_error = __('The login form is currently disabled ' . + 'for your IP address, probably due ' . + 'to sustained spam attacks. Sorry for the ' . + 'inconvenience.'); + return array('SID' => '', 'error' => $login_error); + } $dbh = DB::connect(); $userID = valid_user($_REQUEST['user']); @@ -480,6 +495,24 @@ function try_login() { } /** + * Determine if the user is using a banned IP address + * + * @return bool True if IP address is banned, otherwise false + */ +function is_ipbanned() { + $dbh = DB::connect(); + + $q = "SELECT * FROM Bans WHERE IPAddress = " . $dbh->quote(ip2long($_SERVER['REMOTE_ADDR'])); + $result = $dbh->query($q); + + if ($result->fetchColumn()) { + return true; + } else { + return false; + } +} + +/** * Validate a username against a collection of rules * * The username must be longer or equal to USERNAME_MIN_LEN. It must be shorter |