Advertisement:

View Issue Details Jump to Notes ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0004310SMF 2.0Generalpublic2010-05-28 06:012010-05-31 09:14
ReporterChas Large 
PrioritynormalSeverityminorReproducibilityalways
StatusresolvedResolutionfixed 
PlatformOSOS Version
Summary0004310: Duplicate BANS can be added.
DescriptionSee: http://www.simplemachines.org/community/index.php?topic=380905.0 [^]

Have tested on two forums.

Identical bans can be added multiple times with identical content (IP address for example).
TagsNo tags attached.
Attached Files

- Relationships

-  Notes
(0011996)
ѕησω (Team Member)
2010-05-28 06:08

Confirmed, however no multiple usernames or e-mail addresses, otherwise i get an error about them all ready being banned.
(0011997)
Nao/Gilles (Viewer)
2010-05-28 07:44

Would an IP check be really useful?
Let's say you ban 123.123.*.*
Then you come back and ban 123.*.*.*... Should SMF go ahead and delete the 123.123.*.* ban trigger? What if the trigger for 123.*.*.* is removed afterwards? I'm sure there are things like that to account for...
(0012001)
groundup (SMF Friend)
2010-05-28 17:53

I guess if the IPs are identical, they shouldn't be added twice. If there are differences, then it should. I could see myself going up a level if something continues to happen until I ban too many people. Then I will back off and keep those lower levels and then slowly remove the bans as I see it isn't a problem anymore.
(0012003)
Ensiferous (Beta Tester)
2010-05-28 19:32

Does this add a significant performance degradation, though? Or is the concern that if a user is unbanned there might be a duplicate left thus keeping the user banned?
(0012004)
groundup (SMF Friend)
2010-05-29 11:44

I don't think it would be any different in performance.
(0012015)
Nao/Gilles (Viewer)
2010-05-31 05:24

I'm working on debugging that one...
I'm nearly finished, but I just found this in the changelog while dealing with function ip2range:

(This is from 2007!)
 ! For no logical reason there was an ip2range function within upgrade.php. (upgrade.php) [Bug 1127]

However, if you have a look at upgrade_1.0.sql, there's a call to ip2range, and ManageBans.php is not included in upgrade.php, so I *guess* this could turn into a messy script crash when trying to upgrade... *Or* that section of the SQL script should be removed as well because it's never used. What do you guys think?
(0012017)
Nao/Gilles (Viewer)
2010-05-31 09:14

! Added checkExistingTriggerIP() function to test whether an IP address is already in the ban trigger list. (ManageBans.php) (rev 9942)
& Added language entry for that feature. Also fixed a typo and a missing sprintf in $txt['ban_name_exists']. (Errors language) (rev 9942)
MantisBT 1.2.8 (Modified)[^] Copyright © 2000 - 2010 Mantis Group