Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | Automatically disapprove pending moderation requests when deleting a user. This makes it easier to deal with spam-robots. |
|---|---|
| Downloads: | Tarball | ZIP archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA3-256: |
0211e8c45c76e7196298d4cbd9c58f21 |
| User & Date: | drh 2019-05-17 11:52:13.692 |
Context
|
2019-05-17
| ||
| 12:04 | Fix the openssl-1.1.1b build procedures. ... (check-in: 00328177 user: drh tags: trunk) | |
| 11:52 | Automatically disapprove pending moderation requests when deleting a user. This makes it easier to deal with spam-robots. ... (check-in: 0211e8c4 user: drh tags: trunk) | |
| 09:41 | Added missing nonce to script tags in the bootstrap skin, one of which caused the submenus to not be properly displayed. ... (check-in: 6b47b08e user: stephan tags: trunk) | |
| 07:27 | When deleting a user via /setup_uedit, also disapprove any pending-moderation entries for users which are no longer in the user table. This is programmatically simpler than only removing entries for the removed user but (potential corner case) would also disapprove pending modreq entries if a user account is renamed while moderation of their content is pending. ... (Closed-Leaf check-in: b14cf3bc user: stephan tags: moderate-disapprove-on-user-delete) | |
Changes
Changes to src/moderate.c.
| ︙ | ︙ | |||
187 188 189 190 191 192 193 |
);
db_prepare(&q, "%s", blob_sql_text(&sql));
www_print_timeline(&q, 0, 0, 0, 0, 0);
db_finalize(&q);
}
style_footer();
}
| > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 |
);
db_prepare(&q, "%s", blob_sql_text(&sql));
www_print_timeline(&q, 0, 0, 0, 0, 0);
db_finalize(&q);
}
style_footer();
}
/*
** Disapproves any entries in the modreq table which belong to any
** user whose name is no longer found in the user table. This is only
** intended to be called after user deletion via /setup_uedit.
**
** To figure out whether a name exists it cross-references
** coalesce(event.euser, event.user) with user.login, limiting the
** selection to event entries where objid matches an entry in the
** modreq table.
**
** This is a no-op if called without g.perm.Admin permissions or if
** moderation_table_exists() returns false.
*/
void moderation_disapprove_for_missing_users(){
Stmt q;
if( !g.perm.Admin || !moderation_table_exists() ){
return;
}
db_begin_transaction();
db_prepare(&q,
"SELECT objid FROM event WHERE objid IN "
"(SELECT objid FROM modreq) "
"AND coalesce(euser,user) NOT IN "
"(SELECT login FROM user)"
);
while( db_step(&q)==SQLITE_ROW ){
int const objid = db_column_int(&q, 0);
moderation_disapprove(objid);
}
db_finalize(&q);
db_end_transaction(0);
}
|
Changes to src/setupuser.c.
| ︙ | ︙ | |||
295 296 297 298 299 300 301 302 303 304 305 306 307 308 |
/* Check for requests to delete the user */
if( P("delete") && cgi_csrf_safe(1) ){
int n;
if( P("verifydelete") ){
/* Verified delete user request */
db_multi_exec("DELETE FROM user WHERE uid=%d", uid);
admin_log("Deleted user [%s] (uid %d).",
PD("login","???")/*safe-for-%s*/, uid);
cgi_redirect(cgi_referer("setup_ulist"));
return;
}
n = db_int(0, "SELECT count(*) FROM event"
" WHERE user=%Q AND objid NOT IN private",
| > | 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 |
/* Check for requests to delete the user */
if( P("delete") && cgi_csrf_safe(1) ){
int n;
if( P("verifydelete") ){
/* Verified delete user request */
db_multi_exec("DELETE FROM user WHERE uid=%d", uid);
moderation_disapprove_for_missing_users();
admin_log("Deleted user [%s] (uid %d).",
PD("login","???")/*safe-for-%s*/, uid);
cgi_redirect(cgi_referer("setup_ulist"));
return;
}
n = db_int(0, "SELECT count(*) FROM event"
" WHERE user=%Q AND objid NOT IN private",
|
| ︙ | ︙ |