Commit 32c8d0c3 authored by Lukas Fleischer's avatar Lukas Fleischer
Browse files

Store last login address as plain text



Directly store the information contained in $_SERVER['REMOTE_ADDR']
instead of using ip2long() which does not support IPv6 addresses. Note
that the LastLoginIPAddress field is designed to be used by the
administrator on rare occasions only (e.g. to fight spam) and is not
displayed anywhere.

Fixes FS#48557.

Signed-off-by: Lukas Fleischer's avatarLukas Fleischer <lfleischer@archlinux.org>
parent 761952d4
......@@ -35,7 +35,7 @@ CREATE TABLE Users (
IRCNick VARCHAR(32) NOT NULL DEFAULT '',
PGPKey VARCHAR(40) NULL DEFAULT NULL,
LastLogin BIGINT UNSIGNED NOT NULL DEFAULT 0,
LastLoginIPAddress INTEGER UNSIGNED NOT NULL DEFAULT 0,
LastLoginIPAddress VARCHAR(40) NULL DEFAULT NULL,
InactivityTS BIGINT UNSIGNED NOT NULL DEFAULT 0,
RegistrationTS TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
CommentNotify TINYINT(1) NOT NULL DEFAULT 1,
......
1. Convert the LastLoginIPAddress column to VARCHAR(40):
----
ALTER TABLE Users MODIFY LastLoginIPAddress VARCHAR(40) NULL DEFAULT NULL;
----
......@@ -554,8 +554,8 @@ function try_login() {
}
$q = "UPDATE Users SET LastLogin = UNIX_TIMESTAMP(), ";
$q.= "LastLoginIPAddress = " . $dbh->quote(ip2long($_SERVER['REMOTE_ADDR'])) . " ";
$q.= "WHERE ID = '$userID'";
$q.= "LastLoginIPAddress = " . $dbh->quote($_SERVER['REMOTE_ADDR']) . " ";
$q.= "WHERE ID = $userID";
$dbh->exec($q);
/* Set the SID cookie. */
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment