[MOD Request] Allow only users from database

feodor

Hi,

I just installed OSTicket.. Looks nice!

Is there a possibility to allow only email addresses stored in a mySQL table?

And reject all others?

Or to keep a list manually up to date with allowed users?

That would be awesome, I hope you can help!

Regards,

Andy

Corey

You can reverse the ban system for this.

Change the isbanned() function to this:

File: /include/class.banlist.php

function isbanned($email) {

return db_num_rows(db_query('SELECT `id` FROM '.BANLIST_TABLE.' WHERE `email` = '.db_input($email)))?false;

}

Change the "add" case to this:

File: /scp/admin.php

case 'add':

if(!$_POST || !Validator:($_POST))

{	$errors = 'Please enter a valid email.';
} elseif(!BanList:($_POST)) {
	$errors = 'Email already approved.';
} else {
	if(BanList:($_POST,$thisuser->getName()))
	{
		$msg = 'Email added to approved list.';
	} else {
		$errors = 'Unable to add email to banlist. Try again';
	}

}

feodor

Hi,

thanks a lot, I will try that.

Will this only apply to tickets created on the website? Or also to tickets sent directly via email?

Our issue is that we can easily protect the website with a password protection, but more important are emails sent directly. We would like to open tickets only for registered users and ignore the rest :)

Regards,

Andreas

feodor

what exactly does this line

if(BanList:($_POST,$thisuser->getName()))

{

$msg = 'Email added to approved list.';

i don't know php yet

feodor

Looks as if people will automatically be added to approved list? Or what's the purpose?

feodor

little bit of a oneman show here :-) it's ok, I got it..

And thanks again, it's working..

Now the only thing is to change icon and name of banlist to whitelist.