diff options
| author | joey <joey@0fa5a96a-9a0e-0410-b3b2-a0fd24251071> | 2006-10-28 00:35:33 +0000 |
|---|---|---|
| committer | joey <joey@0fa5a96a-9a0e-0410-b3b2-a0fd24251071> | 2006-10-28 00:35:33 +0000 |
| commit | b6509c74a96ee5b16c774c5365f5ab6e542d180b (patch) | |
| tree | 7c189fa7bb53d31a1381d25e79e84fa9d022e38d /IkiWiki/CGI.pm | |
| parent | ed463de21f4229a2e25083c623d8f8b8bab6138f (diff) | |
| download | ikiwiki-b6509c74a96ee5b16c774c5365f5ab6e542d180b.tar ikiwiki-b6509c74a96ee5b16c774c5365f5ab6e542d180b.tar.gz | |
* Add basic spam fighting tool for admins: An admin's prefs page now allows
editing a list of banned users who are not allowed to log in.
Diffstat (limited to 'IkiWiki/CGI.pm')
| -rw-r--r-- | IkiWiki/CGI.pm | 18 |
1 files changed, 17 insertions, 1 deletions
diff --git a/IkiWiki/CGI.pm b/IkiWiki/CGI.pm index fe89e2758..fcf5e0dd8 100644 --- a/IkiWiki/CGI.pm +++ b/IkiWiki/CGI.pm @@ -314,9 +314,11 @@ sub cgi_prefs ($$) { #{{{ comment => "(".htmllink("", "", "PageSpec", 1).")"); $form->field(name => "locked_pages", size => 50, comment => "(".htmllink("", "", "PageSpec", 1).")"); + $form->field(name => "banned_users", size => 50); if (! is_admin($user_name)) { $form->field(name => "locked_pages", type => "hidden"); + $form->field(name => "banned_users", type => "hidden"); } if ($config{httpauth}) { @@ -331,6 +333,10 @@ sub cgi_prefs ($$) { #{{{ value => userinfo_get($user_name, "subscriptions")); $form->field(name => "locked_pages", force => 1, value => userinfo_get($user_name, "locked_pages")); + if (is_admin($user_name)) { + $form->field(name => "banned_users", force => 1, + value => join(" ", get_banned_users())); + } } decode_form_utf8($form); @@ -350,6 +356,10 @@ sub cgi_prefs ($$) { #{{{ userinfo_set($user_name, $field, $form->field($field)) || error("failed to set $field"); } } + if (is_admin($user_name)) { + set_banned_users(grep { ! is_admin($_) } + split(' ', $form->field("banned_users"))); + } $form->text("Preferences saved."); } @@ -671,7 +681,7 @@ sub cgi () { #{{{ } else { $session->param("name", $q->remote_user()); - if (!userinfo_get($session->param("name"),"regdate")) { + if (! userinfo_get($session->param("name"), "regdate")) { userinfo_setall($session->param("name"), { email => "", password => "", @@ -680,6 +690,12 @@ sub cgi () { #{{{ } } } + + if (userinfo_get($session->param("name"), "banned")) { + print $q->header(-status => "403 Forbidden"); + print "You are banned."; + exit; + } if ($do eq 'create' || $do eq 'edit') { cgi_editpage($q, $session); |