Commit 70db022a authored by Lukas Fleischer's avatar Lukas Fleischer
Browse files

Store banned IP addresses as plain text

Inspired by commit 32c8d0c3

 (Store last login address as plain text,
2016-03-13).

Signed-off-by: Lukas Fleischer's avatarLukas Fleischer <lfleischer@archlinux.org>
parent f8916d7e
......@@ -376,7 +376,7 @@ CREATE TABLE IF NOT EXISTS TU_Votes (
-- Malicious user banning
--
CREATE TABLE Bans (
IPAddress INTEGER UNSIGNED NOT NULL DEFAULT 0,
IPAddress VARCHAR(45) NULL DEFAULT NULL,
BanTS TIMESTAMP NOT NULL,
PRIMARY KEY (IPAddress)
) ENGINE = InnoDB;
......@@ -11,3 +11,10 @@ ALTER TABLE Users
ADD COLUMN LastSSHLogin BIGINT UNSIGNED NOT NULL DEFAULT 0,
ADD COLUMN LastSSHLoginIPAddress VARCHAR(45) NULL DEFAULT NULL;
---
3. Convert the IPAddress column of the Bans table to VARCHAR(45). If the table
contains any active bans, convert them accordingly:
----
ALTER TABLE Bans MODIFY IPAddress VARCHAR(45) NULL DEFAULT NULL;
----
......@@ -621,7 +621,7 @@ function try_login() {
function is_ipbanned() {
$dbh = DB::connect();
$q = "SELECT * FROM Bans WHERE IPAddress = " . $dbh->quote(ip2long($_SERVER['REMOTE_ADDR']));
$q = "SELECT * FROM Bans WHERE IPAddress = " . $dbh->quote($_SERVER['REMOTE_ADDR']);
$result = $dbh->query($q);
return ($result->fetchColumn() ? true : false);
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment