lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Limit member subscription on public page by ip adress

Browse Source
This commit is contained in:
Faustin 2022-11-24 14:26:50 +01:00
parent 9a028c9137
commit 6e4eeb8b3c
2 changed files with 31 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
htdocs/adherents/class/adherent.class.php
View File

@ -605,7 +605,7 @@ class Adherent extends CommonObject
// Insert member
$sql = "INSERT INTO ".MAIN_DB_PREFIX."adherent";
$sql .= " (ref, datec,login,fk_user_author,fk_user_mod,fk_user_valid,morphy,fk_adherent_type,entity,import_key)";
$sql .= " (ref, datec,login,fk_user_author,fk_user_mod,fk_user_valid,morphy,fk_adherent_type,entity,import_key, ip)";
$sql .= " VALUES (";
$sql .= " '(PROV)'";
$sql .= ", '".$this->db->idate($this->datec)."'";
@ -615,6 +615,7 @@ class Adherent extends CommonObject
$sql .= ", ".((int) $this->typeid);
$sql .= ", ".$conf->entity;
$sql .= ", ".(!empty($this->import_key) ? "'".$this->db->escape($this->import_key)."'" : "null");
$sql .= ", ".(!empty($this->ip) ? "'".$this->db->escape($this->ip)."'" : "null");
$sql .= ")";
dol_syslog(get_class($this)."::create", LOG_DEBUG);

29
htdocs/public/members/new.php
View File

@ -284,12 +284,41 @@ if (empty($reshook) && $action == 'add') {
$adh->morphy = getDolGlobalString("MEMBER_NEWFORM_FORCEMORPHY", GETPOST('morphy'));
$adh->birth = $birthday;
$adh->ip = getUserRemoteIP();
$nb_post_max = getDolGlobalInt("MAIN_SECURITY_MAX_POST_ON_PUBLIC_PAGES_BY_IP_ADDRESS", 1000);
// Calculate nb of post for IP
$nb_post_ip = 0;
if ($nb_post_max > 0) { // Calculate only if there is a limit to check
$sql = "SELECT COUNT(ref) as nb_adh";
$sql .= " FROM ".MAIN_DB_PREFIX."adherent";
$sql .= " WHERE ip = '".$db->escape($adh->ip)."'";
$resql = $db->query($sql);
if ($resql) {
$num = $db->num_rows($resql);
$i = 0;
while ($i < $num) {
$i++;
$obj = $db->fetch_object($resql);
$nb_post_ip = $obj->nb_adh;
}
}
}
// Fill array 'array_options' with data from add form
$extrafields->fetch_name_optionals_label($adh->table_element);
$ret = $extrafields->setOptionalsFromPost(null, $adh);
if ($ret < 0) {
$error++;
$errmsg .= $adh->error;
}
if ($nb_post_max > 0 && $nb_post_ip >= $nb_post_max) {
$error++;
$errmsg .= $langs->trans("AlreadyTooMuchPostOnThisIPAdress");
array_push($adh->errors, $langs->trans("AlreadyTooMuchPostOnThisIPAdress"));
}
if (!$error) {