Advertisement:
Anonymous Login
12-05-2016 07:51 PM

View Issue Details Jump to Notes ]
IDProjectCategoryView StatusLast Update
0004310SMF 2.0Generalpublic2010-05-31 09:14
ReporterChas Large 
PrioritynormalSeverityminorReproducibilityalways
StatusresolvedResolutionfixed 
Summary0004310: Duplicate BANS can be added.
DescriptionSee: http://www.simplemachines.org/community/index.php?topic=380905.0

Have tested on two forums.

Identical bans can be added multiple times with identical content (IP address for example).
TagsNo tags attached.
Attached Files

-Relationships
+Relationships

-Notes

bugnote:0011996

ѕησω (SMF Friend)

Confirmed, however no multiple usernames or e-mail addresses, otherwise i get an error about them all ready being banned.

bugnote:0011997

Nao/Gilles (Viewer)

Would an IP check be really useful?
Let's say you ban 123.123.*.*
Then you come back and ban 123.*.*.*... Should SMF go ahead and delete the 123.123.*.* ban trigger? What if the trigger for 123.*.*.* is removed afterwards? I'm sure there are things like that to account for...

bugnote:0012001

groundup (SMF Friend)

I guess if the IPs are identical, they shouldn't be added twice. If there are differences, then it should. I could see myself going up a level if something continues to happen until I ban too many people. Then I will back off and keep those lower levels and then slowly remove the bans as I see it isn't a problem anymore.

bugnote:0012003

Ensiferous (Viewer)

Does this add a significant performance degradation, though? Or is the concern that if a user is unbanned there might be a duplicate left thus keeping the user banned?

bugnote:0012004

groundup (SMF Friend)

I don't think it would be any different in performance.

bugnote:0012015

Nao/Gilles (Viewer)

I'm working on debugging that one...
I'm nearly finished, but I just found this in the changelog while dealing with function ip2range:

(This is from 2007!)
 ! For no logical reason there was an ip2range function within upgrade.php. (upgrade.php) [Bug 1127]

However, if you have a look at upgrade_1.0.sql, there's a call to ip2range, and ManageBans.php is not included in upgrade.php, so I *guess* this could turn into a messy script crash when trying to upgrade... *Or* that section of the SQL script should be removed as well because it's never used. What do you guys think?

bugnote:0012017

Nao/Gilles (Viewer)

! Added checkExistingTriggerIP() function to test whether an IP address is already in the ban trigger list. (ManageBans.php) (rev 9942)
& Added language entry for that feature. Also fixed a typo and a missing sprintf in $txt['ban_name_exists']. (Errors language) (rev 9942)
+Notes
MantisBT (Modified for SMF Intergration)[^] Copyright © 2000 - 2010 Mantis Group