Skip to content

Commit 50feb60

Browse files
michieldmichield
committed
detect remote address to be IPv6 and record it
1 parent 19eafc2 commit 50feb60

File tree

1 file changed

+4
-3
lines changed

1 file changed

+4
-3
lines changed

public_html/lists/admin/index.php

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -301,6 +301,7 @@ function mb_strtolower($string)
301301
if (!empty($GLOBALS['require_login'])) {
302302
//bth 7.1.2015 to support x-forwarded-for
303303
$remoteAddr = getClientIP();
304+
$isIP4 = preg_match('/^([0-9]{1,3}\.){3}[0-9]{1,3}$/', $remoteAddr);
304305

305306
if ($GLOBALS['authenticationplugin']) {
306307
$GLOBALS['admin_auth'] = $GLOBALS['plugins'][$GLOBALS['authenticationplugin']];
@@ -340,13 +341,13 @@ function mb_strtolower($string)
340341

341342
if ($doLoginCheck) {
342343
# check if this is a new IP address
343-
$knownIP = Sql_Fetch_Row_Query(sprintf('select * from %s where remote_ip4 = "%s" and adminid = %d ',$GLOBALS['tables']['admin_login'],$remoteAddr,$loginresult[0]));
344+
$knownIP = Sql_Fetch_Row_Query(sprintf('select * from %s where remote_ip4 = "%s" or remote_ip6 = "%s" and adminid = %d ',$GLOBALS['tables']['admin_login'],$remoteAddr,$remoteAddr,$loginresult[0]));
344345
if (empty($knownIP[0])) {
345346
notifyNewIPLogin($loginresult[0]);
346347
}
347348
Sql_Query(sprintf('insert into %s (moment,adminid,remote_ip4,remote_ip6,sessionid,active)
348349
values(%d,%d,"%s","%s","%s",1)',
349-
$GLOBALS['tables']['admin_login'],time(),$loginresult[0],$remoteAddr,"",session_id()));
350+
$GLOBALS['tables']['admin_login'],time(),$loginresult[0],$isIP4 ? $remoteAddr: '',$isIP4 ? '' : $remoteAddr,session_id()));
350351
}
351352
}
352353
//If passwords are encrypted and a password recovery request was made, send mail to the admin of the given email address.
@@ -401,7 +402,7 @@ function mb_strtolower($string)
401402
} elseif ($_SESSION['adminloggedin'] && $_SESSION['logindetails']) {
402403
if ($doLoginCheck) {
403404
$active = Sql_Fetch_Row_Query(sprintf('select active from %s where adminid = %d and (remote_ip4 = "%s" or remote_ip6 = "%s") and sessionid = "%s"',
404-
$GLOBALS['tables']['admin_login'],$_SESSION['logindetails']['id'],$remoteAddr,"",session_id()));
405+
$GLOBALS['tables']['admin_login'],$_SESSION['logindetails']['id'],$remoteAddr,$remoteAddr,session_id()));
405406
} else {
406407
$active = array(1); ## pretend to be active
407408
}

0 commit comments

Comments
 (0)