disabled password reset for banned users, fixes #677

Signed-off-by: Christoph Burchert (Chb) <derchb@froxlor.org>
2011-04-16 13:32:11 +02:00
parent f36643851f
commit 213e959568
3 changed files with 17 additions and 1 deletions
--- a/index.php
+++ b/index.php
@@ -258,6 +258,9 @@ if($action == 'login')
 				$cmail = isset($_GET['customermail']) ? $_GET['customermail'] : 'unknown';
 				$message = str_replace('%s', $cmail, $lng['error']['errorsendingmail']);
 				break;
+			case 5:
+				$message = $lng['error']['user_banned'];
+				break;
 		}

 		$update_in_progress = '';
@@ -280,7 +283,7 @@ if($action == 'forgotpwd')
 	{
 		$loginname = validate($_POST['loginname'], 'loginname');
 		$email = validateEmail($_POST['loginemail'], 'email');
-		$sql = "SELECT `adminid`, `customerid`, `firstname`, `name`, `company`, `email`, `loginname`, `def_language` FROM `" . TABLE_PANEL_CUSTOMERS . "`
+		$sql = "SELECT `adminid`, `customerid`, `firstname`, `name`, `company`, `email`, `loginname`, `def_language`, `deactivated` FROM `" . TABLE_PANEL_CUSTOMERS . "`
 				WHERE `loginname`='" . $db->escape($loginname) . "'
 				AND `email`='" . $db->escape($email) . "'";
 		$result = $db->query($sql);
@@ -305,6 +308,13 @@ if($action == 'forgotpwd')
 		if($result !== null)
 		{
 			$user = $db->fetch_array($result);
+			
+			/* Check whether user is banned */
+			if($user['deactivated'])
+			{
+				$message = $lng['pwdreminder']['notallowed'];
+				redirectTo('index.php', Array('showmessage' => '5'), true);
+			}

 			if(($adminchecked && $settings['panel']['allow_preset_admin'] == '1')
 			|| $adminchecked == false)
--- a/lng/english.lng.php
+++ b/lng/english.lng.php
@@ -1574,3 +1574,6 @@ $lng['success']['rebuildingconfigs'] = 'Successfully inserted tasks for rebuild
 $lng['panel']['variable'] = 'Variable';
 $lng['panel']['description'] = 'Description';
 $lng['emails']['back_to_overview'] = 'Back to overview';
+
+// ADDED IN FROXLOR 0.9.20
+$lng['error']['user_banned'] = 'Your account has been banned. Please contact your administrator for further information.';
--- a/lng/german.lng.php
+++ b/lng/german.lng.php
@@ -1556,3 +1556,6 @@ $lng['success']['rebuildingconfigs'] = 'Task f&uuml;r das Neuerstellen der Konfi
 $lng['panel']['variable'] = 'Variable';
 $lng['panel']['description'] = 'Beschreibung';
 $lng['emails']['back_to_overview'] = 'Zur&uuml;ck zur &Uuml;bersicht';
+
+// ADDED IN FROXLOR 0.9.20
+$lng['error']['user_banned'] = 'Ihr Benutzerkonto wurde gesperrt. Bitte kontaktieren Sie Ihren Administrator f&uuml;r weitere Informationen.';