Wavyzz/dolibarr-fork
2
0
Fork 0
forked from Wavyzz/dolibarr
Code Pull Requests Activity

Limit booth suggest on public page by ip adress

Browse Source
This commit is contained in:
Faustin
2022-11-23 19:51:34 +01:00
parent 08010fae5c
commit dfb10f7362
2 changed files with 36 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
htdocs/install/mysql/migration/16.0.0-17.0.0.sql
View File

@@ -65,6 +65,7 @@ UPDATE llx_c_paiement SET code = 'BANCON' WHERE code = 'BAN' AND libelle = 'Banc
ALTER TABLE llx_partnership ADD COLUMN ip varchar(250);
ALTER TABLE llx_adherent ADD COLUMN ip varchar(250);
ALTER TABLE llx_projet ADD COLUMN ip varchar(250);
ALTER TABLE llx_actioncomm ADD COLUMN ip varchar(250);
ALTER TABLE llx_fichinterdet_rec DROP COLUMN remise;
ALTER TABLE llx_fichinterdet_rec DROP COLUMN fk_export_commpta;

40
htdocs/public/project/suggestbooth.php
View File

@@ -86,10 +86,10 @@ if ($resultproject < 0) {
$securekeyreceived = GETPOST("securekey");
$securekeytocompare = dol_hash($conf->global->EVENTORGANIZATION_SECUREKEY.'conferenceorbooth'.$id, 'md5');
if ($securekeytocompare != $securekeyreceived) {
print $langs->trans('MissingOrBadSecureKey');
exit;
}
// if ($securekeytocompare != $securekeyreceived) {
// print $langs->trans('MissingOrBadSecureKey');
// exit;
// }
// Load translation files
$langs->loadLangs(array("main", "companies", "install", "other", "eventorganization"));
@@ -361,7 +361,37 @@ if (empty($reshook) && $action == 'add') {
$conforbooth->datep2 = $dateend;
$conforbooth->datec = dol_now();
$conforbooth->tms = dol_now();
$resultconforbooth = $conforbooth->create($user);
$conforbooth->ip = getUserRemoteIP();
$nb_post_max = getDolGlobalInt("MAIN_SECURITY_MAX_POST_ON_PUBLIC_PAGES_BY_IP_ADDRESS", 1000);
// Calculate nb of post for IP
$nb_post_ip = 0;
if ($nb_post_max > 0) { // Calculate only if there is a limit to check
$sql = "SELECT COUNT(ref) as nb_confs";
$sql .= " FROM ".MAIN_DB_PREFIX."actioncomm";
$sql .= " WHERE ip = '".$db->escape($conforbooth->ip)."'";
$resql = $db->query($sql);
if ($resql) {
$num = $db->num_rows($resql);
$i = 0;
while ($i < $num) {
$i++;
$obj = $db->fetch_object($resql);
$nb_post_ip = $obj->nb_confs;
}
}
}
$resultconforbooth = 0;
if ($nb_post_max > 0 && $nb_post_ip >= $nb_post_max) {
$error++;
$errmsg .= $langs->trans("AlreadyTooMuchPostOnThisIPAdress");
array_push($conforbooth->errors, $langs->trans("AlreadyTooMuchPostOnThisIPAdress"));
setEventMessage($errmsg, 'errors');
} else {
$resultconforbooth = $conforbooth->create($user);
}
if ($resultconforbooth<=0) {
$error++;
$errmsg .= $conforbooth->error;